@checkstack/ai-backend 0.1.3 → 0.1.5

package/src/chat/model-schema.test.ts

@@ -0,0 +1,264 @@
+import { describe, expect, test } from "bun:test";
+import { tool as aiTool, asSchema } from "ai";
+import { z } from "zod";
+import {
+  dateSafeModelSchema,
+  coerceDateValues,
+  collectDateOffsetIssues,
+  schemaContainsDate,
+  toModelSchema,
+} from "./model-schema";
+
+describe("schemaContainsDate", () => {
+  test("detects dates in object / array / optional / coerce positions", () => {
+    expect(schemaContainsDate(z.object({ at: z.date() }))).toBe(true);
+    expect(schemaContainsDate(z.object({ at: z.date().optional() }))).toBe(true);
+    expect(schemaContainsDate(z.object({ at: z.coerce.date() }))).toBe(true);
+    expect(schemaContainsDate(z.object({ seen: z.array(z.date()) }))).toBe(true);
+    expect(
+      schemaContainsDate(z.object({ d: z.date() }).refine(() => true)),
+    ).toBe(true);
+  });
+
+  test("returns false when there is no date", () => {
+    expect(
+      schemaContainsDate(z.object({ name: z.string(), n: z.number() })),
+    ).toBe(false);
+  });
+});
+
+describe("coerceDateValues", () => {
+  test("coerces ISO strings to Date only at date positions", () => {
+    const schema = z.object({ at: z.date(), name: z.string() });
+    const out = coerceDateValues(
+      { at: "2026-01-02T03:04:05.000Z", name: "2026-01-02T03:04:05.000Z" },
+      schema,
+    ) as { at: unknown; name: unknown };
+    expect(out.at).toBeInstanceOf(Date);
+    // A string field that merely looks like a date is left a string.
+    expect(out.name).toBe("2026-01-02T03:04:05.000Z");
+  });
+
+  test("recurses arrays and optionals", () => {
+    const schema = z.object({
+      seen: z.array(z.date()),
+      at: z.date().optional(),
+    });
+    const out = coerceDateValues(
+      { seen: ["2026-01-02T00:00:00.000Z"], at: undefined },
+      schema,
+    ) as { seen: unknown[]; at: unknown };
+    expect(out.seen[0]).toBeInstanceOf(Date);
+    expect(out.at).toBeUndefined();
+  });
+});
+
+describe("dateSafeModelSchema", () => {
+  // The core regression: the AI SDK would throw "Date cannot be represented in
+  // JSON Schema" building the model-facing schema for these inputs.
+  test("produces a date-time string schema without throwing", async () => {
+    const schema = dateSafeModelSchema(
+      z.object({ id: z.string(), createdAt: z.date() }),
+    );
+    const js = (await schema.jsonSchema) as {
+      properties: Record<string, Record<string, unknown>>;
+      additionalProperties?: unknown;
+    };
+    expect(js.properties.createdAt?.type).toBe("string");
+    expect(js.properties.createdAt?.format).toBe("date-time");
+    // The model is told the offset contract right on the field.
+    expect(String(js.properties.createdAt?.description)).toContain(
+      "explicit timezone offset",
+    );
+    // Strict-provider friendly (matches the SDK's own zod adapter).
+    expect(js.additionalProperties).toBe(false);
+  });
+
+  test("validator coerces the model's ISO string into a Date", async () => {
+    const schema = dateSafeModelSchema(z.object({ at: z.date() }));
+    const result = await schema.validate?.({ at: "2026-01-02T03:04:05.000Z" });
+    expect(result?.success).toBe(true);
+    if (result?.success) {
+      expect((result.value as { at: Date }).at).toBeInstanceOf(Date);
+    }
+  });
+
+  test("validator preserves the original schema's refinement", async () => {
+    const schema = dateSafeModelSchema(
+      z
+        .object({ startAt: z.coerce.date(), endAt: z.coerce.date() })
+        .refine((v) => v.endAt > v.startAt, { message: "endAt after startAt" }),
+    );
+    const bad = await schema.validate?.({
+      startAt: "2026-01-02T00:00:00.000Z",
+      endAt: "2026-01-01T00:00:00.000Z",
+    });
+    expect(bad?.success).toBe(false);
+  });
+});
+
+describe("date format matrix (the wire contract)", () => {
+  // Run every case through BOTH a raw `z.date()` (which exercises OUR coercion)
+  // and a `z.coerce.date()` (whose own `new Date()` coercion is lenient and
+  // MUST still be gated). A model can emit any of these shapes; the contract is:
+  // only an RFC 3339 date-time WITH an explicit offset is accepted, and it maps
+  // to the one unambiguous instant. Zone-less, date-only, numeric and garbage
+  // values are rejected so the model self-repairs instead of us guessing a zone.
+  const schemas = {
+    "z.date()": z.object({ at: z.date() }),
+    "z.coerce.date()": z.object({ at: z.coerce.date() }),
+  };
+
+  // Offset-bearing inputs and the single UTC instant they must resolve to.
+  // Deterministic regardless of the machine's local timezone (each carries Z or
+  // an explicit offset), so the exact ISO is safe to assert in CI.
+  const accepted: Array<[input: string, iso: string]> = [
+    ["2026-07-01T22:00:00.000Z", "2026-07-01T22:00:00.000Z"],
+    ["2026-07-01T22:00:00Z", "2026-07-01T22:00:00.000Z"],
+    ["2026-07-01T22:00Z", "2026-07-01T22:00:00.000Z"], // no seconds
+    ["2026-07-01T22:00:00.123Z", "2026-07-01T22:00:00.123Z"], // sub-seconds
+    ["2026-07-01T22:00:00+00:00", "2026-07-01T22:00:00.000Z"],
+    ["2026-07-01T22:00:00+02:00", "2026-07-01T20:00:00.000Z"],
+    ["2026-07-01T22:00:00-05:00", "2026-07-02T03:00:00.000Z"],
+    ["2026-07-01T22:00:00+0200", "2026-07-01T20:00:00.000Z"], // offset w/o colon
+  ];
+
+  // Rejected: zone-less (would be interpreted server-local), date-only (drops
+  // the time), non-ISO human forms, and outright garbage.
+  const rejected = [
+    "2026-07-01T22:00:00", // no offset
+    "2026-07-01 22:00:00", // space + no offset
+    "2026-07-01", // date only
+    "2026/07/01", // slashes
+    "July 1, 2026", // human
+    "Wed, 01 Jul 2026 22:00:00 GMT", // RFC 1123 (no offset designator we accept)
+    "2026-13-01T00:00:00Z", // matches the offset shape but is not a real date
+    "not a date",
+    "",
+    "tomorrow",
+  ];
+
+  for (const [label, schema] of Object.entries(schemas)) {
+    for (const [input, iso] of accepted) {
+      test(`${label}: accepts "${input}" -> ${iso}`, async () => {
+        const result = await dateSafeModelSchema(schema).validate?.({
+          at: input,
+        });
+        expect(result?.success).toBe(true);
+        if (result?.success) {
+          const at = (result.value as { at: Date }).at;
+          expect(at).toBeInstanceOf(Date);
+          expect(at.toISOString()).toBe(iso);
+        }
+      });
+    }
+
+    for (const input of rejected) {
+      test(`${label}: rejects ${JSON.stringify(input)}`, async () => {
+        const result = await dateSafeModelSchema(schema).validate?.({
+          at: input,
+        });
+        expect(result?.success).toBe(false);
+      });
+    }
+
+    test(`${label}: rejects a bare epoch number`, async () => {
+      const result = await dateSafeModelSchema(schema).validate?.({
+        at: 1782000000000,
+      });
+      expect(result?.success).toBe(false);
+    });
+  }
+
+  test("rejection message names the field and the offset requirement", () => {
+    const issues = collectDateOffsetIssues(
+      { startAt: "2026-07-01T22:00:00" },
+      z.object({ startAt: z.date() }),
+    );
+    expect(issues).toHaveLength(1);
+    expect(issues[0]).toContain("startAt");
+    expect(issues[0]).toContain("explicit timezone offset");
+  });
+
+  test("a regex-shaped but impossible date reports an invalid-date message", () => {
+    const issues = collectDateOffsetIssues(
+      { at: "2026-13-01T00:00:00Z" },
+      z.object({ at: z.date() }),
+    );
+    expect(issues[0]).toContain("not a valid calendar date-time");
+  });
+
+  test("nested arrays and optionals are gated too", () => {
+    const schema = z.object({
+      windows: z.array(z.object({ at: z.date() })),
+      maybe: z.date().optional(),
+    });
+    const issues = collectDateOffsetIssues(
+      { windows: [{ at: "2026-07-01" }], maybe: "2026-07-01T00:00:00" },
+      schema,
+    );
+    expect(issues).toHaveLength(2);
+    expect(issues.some((m) => m.includes("windows[0].at"))).toBe(true);
+    expect(issues.some((m) => m.includes("maybe"))).toBe(true);
+  });
+
+  test("an absent optional date is not flagged", () => {
+    expect(
+      collectDateOffsetIssues({}, z.object({ at: z.date().optional() })),
+    ).toEqual([]);
+  });
+});
+
+describe("toModelSchema (the single boundary entry)", () => {
+  test("returns the raw Zod schema when there is no date", () => {
+    const schema = z.object({ q: z.string() });
+    expect(toModelSchema(schema)).toBe(schema);
+  });
+
+  test("returns a date-safe Schema when a date is present", () => {
+    const schema = z.object({ at: z.date() });
+    expect(toModelSchema(schema)).not.toBe(schema);
+  });
+
+  // The full inbound round-trip exactly as the AI SDK runtime drives it: the
+  // model emits an object with an ISO date STRING, the tool's inputSchema
+  // validates it, and `execute` is called with the validated value. We assert
+  // `execute` receives a real `Date` - i.e. the model can create date-bearing
+  // objects and they are parsed back to Date in our backend. Uses a raw
+  // `z.date()` (not coerce.date) so this proves OUR coercion, not Zod's.
+  //
+  // The input string is the EXACT shape a real model emits, captured from a
+  // live deepseek-v4-flash maintenance-window creation: ISO 8601 with a `Z`
+  // offset and NO milliseconds (`...T22:00:00Z`, not `...T22:00:00.000Z`). The
+  // less-precise form is what providers actually return, so the test asserts
+  // `new Date()` normalizes it to a real Date with the milliseconds filled in.
+  test("model's ISO date object (no millis) is parsed to a real Date for execute", async () => {
+    const schema = z.object({ startAt: z.date(), label: z.string() });
+    let received: { startAt: unknown; label: unknown } | undefined;
+    const t = aiTool({
+      inputSchema: toModelSchema(schema) as never,
+      execute: async (input: unknown) => {
+        received = input as { startAt: unknown; label: unknown };
+        return { ok: true };
+      },
+    });
+
+    const validated = await asSchema(t.inputSchema).validate?.({
+      startAt: "2026-07-01T22:00:00Z",
+      label: "window",
+    });
+    expect(validated?.success).toBe(true);
+    if (validated?.success) {
+      await t.execute?.(validated.value, {
+        toolCallId: "call-1",
+        messages: [],
+      });
+    }
+
+    expect(received?.startAt).toBeInstanceOf(Date);
+    expect((received?.startAt as Date).toISOString()).toBe(
+      "2026-07-01T22:00:00.000Z",
+    );
+    expect(received?.label).toBe("window");
+  });
+});

package/src/chat/model-schema.ts

@@ -0,0 +1,334 @@
+import { jsonSchema, type Schema } from "ai";
+import { z } from "zod";
+
+/** The slice of a JSON Schema node this module reads/writes. */
+interface JsonSchemaNode {
+  type?: unknown;
+  properties?: Record<string, JsonSchemaNode>;
+  items?: JsonSchemaNode | JsonSchemaNode[];
+  additionalProperties?: unknown;
+}
+
+/**
+ * An RFC 3339 / ISO 8601 date-time WITH an explicit timezone designator (`Z` or
+ * `±HH:MM` / `±HHMM`). Seconds (and sub-seconds) are optional; the offset is
+ * NOT. We require the offset because the only alternative - feeding a zone-less
+ * string to `new Date()` - interprets it in the RUNTIME's local zone, so the
+ * same model string would resolve to different instants on pods in different
+ * timezones (this platform runs N pods sharing one DB). Date-only strings
+ * (`2026-07-01`) are likewise rejected: they silently mean UTC midnight and
+ * throw away the time the operator asked for. The model is told the reference
+ * timezone in the system prompt, so it can always produce an offset.
+ */
+const RFC3339_WITH_OFFSET =
+  /^\d{4}-\d{2}-\d{2}[Tt]\d{2}:\d{2}(:\d{2}(\.\d+)?)?([Zz]|[+-]\d{2}:?\d{2})$/;
+
+/** Model-facing hint stamped on every date field's JSON Schema description. */
+const DATE_FIELD_HINT =
+  "RFC 3339 date-time WITH an explicit timezone offset, e.g. " +
+  '"2026-07-01T22:00:00Z" or "2026-07-01T22:00:00+02:00". ' +
+  "Zone-less and date-only values are rejected.";
+
+/**
+ * The single model-boundary date handler. The AI SDK builds the model-facing
+ * JSON Schema from a raw Zod schema via Zod v4's `toJSONSchema()` with the
+ * default `unrepresentable: "throw"`, which throws "Date cannot be represented
+ * in JSON Schema" for `z.date()` AND `z.coerce.date()`. A single date field in
+ * any tool input or `generateObject` output would therefore crash the model
+ * call (for the chat, before the model is even invoked).
+ *
+ * For date-bearing schemas we hand the SDK a ready-made schema (so it never
+ * runs the throwing converter) plus our own validator:
+ *  - the model-facing schema renders dates as `{ type: "string", format:
+ *    "date-time" }` (their wire shape) - matching the SDK's own options
+ *    (draft-7 / input) so non-date parts are byte-identical to before;
+ *  - the validator coerces the ISO strings the model emits back into real
+ *    `Date`s before parsing with the ORIGINAL schema, so refinements and the
+ *    downstream RPC client (which expects `Date`s) keep working.
+ *
+ * Apply this at EVERY model-schema boundary (gated by {@link schemaContainsDate})
+ * so individual tool / agent definitions never have to special-case dates - the
+ * thing that would otherwise regress one tool at a time. Non-date schemas are
+ * left as raw Zod so the SDK handles them exactly as it always has.
+ */
+export function dateSafeModelSchema(input: z.ZodTypeAny): Schema<unknown> {
+  // Cast: bridges Zod's own JSONSchema type to the node shape this module
+  // mutates. It is the same JSON Schema object, just a narrower view.
+  const modelSchema = z.toJSONSchema(input, {
+    target: "draft-7",
+    io: "input",
+    unrepresentable: "any",
+    override: (ctx) => {
+      if (ctx.zodSchema instanceof z.ZodDate) {
+        ctx.jsonSchema.type = "string";
+        ctx.jsonSchema.format = "date-time";
+        // Tell the model the exact contract right on the field, so it emits an
+        // offset the first time instead of learning via a rejected tool call.
+        ctx.jsonSchema.description = ctx.jsonSchema.description
+          ? `${ctx.jsonSchema.description} ${DATE_FIELD_HINT}`
+          : DATE_FIELD_HINT;
+      }
+    },
+  }) as JsonSchemaNode;
+  lockAdditionalProperties(modelSchema);
+
+  // Cast: the SDK's `jsonSchema()` wants its JSONSchema7 type; the value above
+  // is exactly that JSON Schema object (just typed as our narrower view).
+  return jsonSchema<unknown>(modelSchema as Parameters<typeof jsonSchema>[0], {
+    validate: (value) => {
+      // Enforce the offset contract BEFORE parsing. This must run for
+      // `z.coerce.date()` too: Zod's own coercion is `new Date()`, which would
+      // happily accept a zone-less string and interpret it server-local - the
+      // exact ambiguity we reject. A plain Error (not a ZodError) carries the
+      // most readable message back to the model for self-repair.
+      const violations = collectDateOffsetIssues(value, input);
+      if (violations.length > 0) {
+        return { success: false, error: new Error(violations.join(" ")) };
+      }
+      const result = input.safeParse(coerceDateValues(value, input));
+      return result.success
+        ? { success: true, value: result.data }
+        : { success: false, error: result.error };
+    },
+  });
+}
+
+/**
+ * The ONE entry point for handing a Zod schema to the model. Date-bearing
+ * schemas get the date-safe + coercing treatment ({@link dateSafeModelSchema});
+ * everything else passes through as raw Zod so the SDK handles it natively.
+ *
+ * Call this at EVERY model-schema boundary (chat tool inputs, agent-runner tool
+ * inputs, `generateObject` output) so the gate can never be wired into some
+ * branches and forgotten in others.
+ */
+export function toModelSchema(
+  input: z.ZodTypeAny,
+): Schema<unknown> | z.ZodTypeAny {
+  return schemaContainsDate(input) ? dateSafeModelSchema(input) : input;
+}
+
+/**
+ * Does any node of this schema declare a `Date`? Only such inputs need the
+ * special handling above; everything else stays on the SDK's native path.
+ */
+export function schemaContainsDate(schema: z.ZodTypeAny): boolean {
+  if (schema instanceof z.ZodDate) return true;
+  if (schema instanceof z.ZodOptional || schema instanceof z.ZodNullable) {
+    return schemaContainsDate(schema.unwrap() as z.ZodTypeAny);
+  }
+  if (schema instanceof z.ZodDefault) {
+    return schemaContainsDate(schema.def.innerType as z.ZodTypeAny);
+  }
+  if (schema instanceof z.ZodArray) {
+    return schemaContainsDate(
+      (schema as z.ZodArray<z.ZodTypeAny>).element,
+    );
+  }
+  if (schema instanceof z.ZodUnion) {
+    return (schema.options as z.ZodTypeAny[]).some((option) =>
+      schemaContainsDate(option),
+    );
+  }
+  if (schema instanceof z.ZodRecord) {
+    return schemaContainsDate(schema.valueType as z.ZodTypeAny);
+  }
+  if ("shape" in schema) {
+    const shape = (schema as z.ZodObject<z.ZodRawShape>).shape;
+    return Object.values(shape).some((field) =>
+      schemaContainsDate(field as z.ZodTypeAny),
+    );
+  }
+  return false;
+}
+
+/**
+ * Convert the ISO date strings the model sends into `Date`s at the positions
+ * the schema declares as dates. Schema-guided (never touches a plain string
+ * field) and value-level (the original schema still validates), so refinements,
+ * metadata and unrecognized shapes are preserved untouched.
+ */
+export function coerceDateValues(
+  value: unknown,
+  schema: z.ZodTypeAny,
+): unknown {
+  if (schema instanceof z.ZodOptional || schema instanceof z.ZodNullable) {
+    return value === null || value === undefined
+      ? value
+      : coerceDateValues(value, schema.unwrap() as z.ZodTypeAny);
+  }
+  if (schema instanceof z.ZodDefault) {
+    return value === undefined
+      ? value
+      : coerceDateValues(value, schema.def.innerType as z.ZodTypeAny);
+  }
+  if (schema instanceof z.ZodDate) {
+    // Only convert strings that carry an explicit offset, so the resulting
+    // instant is unambiguous regardless of the pod's local timezone. Anything
+    // else is left as-is and is rejected upstream by collectDateOffsetIssues
+    // (this branch never silently local-interprets a zone-less string).
+    return typeof value === "string" && RFC3339_WITH_OFFSET.test(value)
+      ? new Date(value)
+      : value;
+  }
+  if (schema instanceof z.ZodArray) {
+    if (!Array.isArray(value)) return value;
+    const element = (schema as z.ZodArray<z.ZodTypeAny>).element;
+    return value.map((item) => coerceDateValues(item, element));
+  }
+  if (schema instanceof z.ZodUnion) {
+    // Coerce against the first option that declares a date; unions of
+    // non-overlapping shapes are rare at model boundaries but cheap to support.
+    const dateOption = (schema.options as z.ZodTypeAny[]).find((option) =>
+      schemaContainsDate(option),
+    );
+    return dateOption ? coerceDateValues(value, dateOption) : value;
+  }
+  if (schema instanceof z.ZodRecord) {
+    if (typeof value !== "object" || value === null || Array.isArray(value)) {
+      return value;
+    }
+    const valueType = schema.valueType as z.ZodTypeAny;
+    return Object.fromEntries(
+      Object.entries(value as Record<string, unknown>).map(([key, item]) => [
+        key,
+        coerceDateValues(item, valueType),
+      ]),
+    );
+  }
+  if ("shape" in schema) {
+    if (typeof value !== "object" || value === null || Array.isArray(value)) {
+      return value;
+    }
+    const shape = (schema as z.ZodObject<z.ZodRawShape>).shape;
+    const out: Record<string, unknown> = {
+      ...(value as Record<string, unknown>),
+    };
+    for (const [key, fieldSchema] of Object.entries(shape)) {
+      if (key in out) {
+        out[key] = coerceDateValues(out[key], fieldSchema as z.ZodTypeAny);
+      }
+    }
+    return out;
+  }
+  return value;
+}
+
+/**
+ * Walk a value against its schema and report every date position whose value is
+ * NOT an RFC 3339 date-time with an explicit timezone offset (zone-less,
+ * date-only, a bare number, or otherwise unparseable). Mirrors
+ * {@link coerceDateValues}' traversal so the gate covers exactly the positions
+ * the schema declares as dates. Returns one human-readable sentence per
+ * violation (consumed by the model for self-repair); an empty array means the
+ * value is offset-clean. `undefined`/`null` at optional positions are skipped -
+ * a genuinely missing required date is left to the schema's own parse to report.
+ */
+export function collectDateOffsetIssues(
+  value: unknown,
+  schema: z.ZodTypeAny,
+  path: string = "",
+): string[] {
+  if (schema instanceof z.ZodOptional || schema instanceof z.ZodNullable) {
+    return value === null || value === undefined
+      ? []
+      : collectDateOffsetIssues(value, schema.unwrap() as z.ZodTypeAny, path);
+  }
+  if (schema instanceof z.ZodDefault) {
+    return value === undefined
+      ? []
+      : collectDateOffsetIssues(
+          value,
+          schema.def.innerType as z.ZodTypeAny,
+          path,
+        );
+  }
+  if (schema instanceof z.ZodDate) {
+    if (value === undefined || value === null) return [];
+    const where = path ? `\`${path}\`` : "the date value";
+    if (typeof value !== "string") {
+      return [
+        `${where} must be a ${DATE_FIELD_HINT} (got a ${typeof value}).`,
+      ];
+    }
+    if (!RFC3339_WITH_OFFSET.test(value)) {
+      return [`${where} must be a ${DATE_FIELD_HINT} (got "${value}").`];
+    }
+    if (Number.isNaN(new Date(value).getTime())) {
+      return [`${where} is not a valid calendar date-time (got "${value}").`];
+    }
+    return [];
+  }
+  if (schema instanceof z.ZodArray) {
+    if (!Array.isArray(value)) return [];
+    const element = (schema as z.ZodArray<z.ZodTypeAny>).element;
+    return value.flatMap((item, i) =>
+      collectDateOffsetIssues(item, element, `${path}[${i}]`),
+    );
+  }
+  if (schema instanceof z.ZodUnion) {
+    const dateOption = (schema.options as z.ZodTypeAny[]).find((option) =>
+      schemaContainsDate(option),
+    );
+    return dateOption ? collectDateOffsetIssues(value, dateOption, path) : [];
+  }
+  if (schema instanceof z.ZodRecord) {
+    if (typeof value !== "object" || value === null || Array.isArray(value)) {
+      return [];
+    }
+    const valueType = schema.valueType as z.ZodTypeAny;
+    return Object.entries(value as Record<string, unknown>).flatMap(
+      ([key, item]) =>
+        collectDateOffsetIssues(
+          item,
+          valueType,
+          path ? `${path}.${key}` : key,
+        ),
+    );
+  }
+  if ("shape" in schema) {
+    if (typeof value !== "object" || value === null || Array.isArray(value)) {
+      return [];
+    }
+    const shape = (schema as z.ZodObject<z.ZodRawShape>).shape;
+    const record = value as Record<string, unknown>;
+    return Object.entries(shape).flatMap(([key, fieldSchema]) =>
+      key in record
+        ? collectDateOffsetIssues(
+            record[key],
+            fieldSchema as z.ZodTypeAny,
+            path ? `${path}.${key}` : key,
+          )
+        : [],
+    );
+  }
+  return [];
+}
+
+/**
+ * Stamp `additionalProperties: false` on every fixed-property object node,
+ * mirroring what the SDK's zod adapter does so strict providers (e.g. OpenAI)
+ * accept the schema. Records already carry an `additionalProperties` schema, so
+ * they are left untouched.
+ */
+function lockAdditionalProperties(node: JsonSchemaNode): void {
+  if (typeof node !== "object" || node === null) return;
+  if (node.properties && node.additionalProperties === undefined) {
+    node.additionalProperties = false;
+  }
+  if (node.properties) {
+    for (const child of Object.values(node.properties)) {
+      if (typeof child === "object") lockAdditionalProperties(child);
+    }
+  }
+  if (node.items && typeof node.items === "object") {
+    const items = node.items;
+    if (Array.isArray(items)) {
+      for (const item of items) {
+        if (typeof item === "object") lockAdditionalProperties(item);
+      }
+    } else {
+      lockAdditionalProperties(items);
+    }
+  }
+}

package/src/chat/sdk-tools.ts

@@ -3,6 +3,7 @@ import type { AuthUser } from "@checkstack/backend-api";
 import type { AiPermissionMode, AiFieldDiff } from "@checkstack/ai-common";
 import type { RegisteredAiTool } from "../tool-registry";
 import { decideToolDisposition } from "./permission-mode.logic";
+import { toModelSchema } from "./model-schema";
 
 /**
  * Result a mutate/destructive tool's `execute` returns to the model in APPROVE
@@ -134,45 +135,41 @@ export function buildAgentSdkTools({
   for (const t of tools) {
     const disposition = decideToolDisposition({ effect: t.effect, mode });
 
-    if (disposition === "auto-run") {
-      sdkTools[t.name] = aiTool({
-        description: t.description,
-        inputSchema: t.input,
-        execute: async (input: unknown) => {
-          await callbacks.enforceBudget(principal);
-          return callbacks.runRead({ principal, tool: t, input });
-        },
-      });
-      continue;
-    }
+    // Single model-boundary date handling (see toModelSchema): a raw z.date() /
+    // z.coerce.date() input would otherwise make the SDK's Zod->JSON-Schema
+    // conversion throw "Date cannot be represented...", crashing the turn.
+    const inputSchema = toModelSchema(t.input);
 
-    if (disposition === "auto-apply") {
-      // AUTO mode + mutate: apply immediately server-side. Same propose/apply
-      // service (same authz re-check + audit) as a human apply - never weaker.
-      sdkTools[t.name] = aiTool({
-        description: `${t.description} (auto-applied immediately in this conversation's auto mode)`,
-        inputSchema: t.input,
-        execute: async (
-          input: unknown,
-        ): Promise<AutoAppliedResult | DuplicateToolCallResult> => {
-          await callbacks.enforceBudget(principal);
-          return callbacks.autoApply({ principal, tool: t, input });
-        },
-      });
-      continue;
-    }
+    // Disposition decides ONLY the description note + which callback runs; the
+    // tool is constructed in ONE place below so the schema/budget wiring can
+    // never drift between branches (the bug this consolidation removes).
+    const variant: { note: string; run: (input: unknown) => Promise<unknown> } =
+      disposition === "auto-run"
+        ? {
+            note: "",
+            run: (input) => callbacks.runRead({ principal, tool: t, input }),
+          }
+        : disposition === "auto-apply"
+          ? {
+              // AUTO mode + mutate: apply immediately server-side under the SAME
+              // propose/apply service (authz re-check + audit) as a human apply.
+              note: " (auto-applied immediately in this conversation's auto mode)",
+              run: (input) =>
+                callbacks.autoApply({ principal, tool: t, input }),
+            }
+          : {
+              // propose: mutate-in-APPROVE or ANY destructive tool. Returns a
+              // confirm card; nothing commits until the human applies.
+              note: " (requires human confirmation before it takes effect)",
+              run: (input) => callbacks.propose({ principal, tool: t, input }),
+            };
 
-    // disposition === "propose": mutate-in-APPROVE or ANY destructive tool. The
-    // returned confirm card is what the chat UI renders; nothing is committed
-    // until the human applies.
     sdkTools[t.name] = aiTool({
-      description: `${t.description} (requires human confirmation before it takes effect)`,
-      inputSchema: t.input,
-      execute: async (
-        input: unknown,
-      ): Promise<ConfirmCardResult | DuplicateToolCallResult> => {
+      description: `${t.description}${variant.note}`,
+      inputSchema,
+      execute: async (input: unknown) => {
         await callbacks.enforceBudget(principal);
-        return callbacks.propose({ principal, tool: t, input });
+        return variant.run(input);
       },
     });
   }