@geminilight/mindos 0.5.11 → 0.5.13

package/README.md

@@ -156,8 +156,8 @@ Or skip the wizard and edit `~/.mindos/config.json` manually (see Config Referen
 ```json
 {
   "mindRoot": "~/MindOS",
-  "port": 3000,
-  "mcpPort": 8787,
+  "port": 3456,
+  "mcpPort": 8781,
   "authToken": "",
   "webPassword": "",
   "startMode": "daemon",
@@ -182,8 +182,8 @@ Or skip the wizard and edit `~/.mindos/config.json` manually (see Config Referen
 | Field | Default | Description |
 | :--- | :--- | :--- |
 | `mindRoot` | `~/MindOS` | **Required**. Absolute path to the knowledge base root. |
-| `port` | `3000` | Optional. Web app port. |
-| `mcpPort` | `8787` | Optional. MCP server port. |
+| `port` | `3456` | Optional. Web app port. |
+| `mcpPort` | `8781` | Optional. MCP server port. |
 | `authToken` | — | Optional. Protects App `/api/*` and MCP `/mcp` with bearer token auth. For Agent / MCP clients. Recommended when exposed to a network. |
 | `webPassword` | — | Optional. Protects the web UI with a login page. For browser access. Independent from `authToken`. |
 | `startMode` | `start` | Start mode: `daemon` (background service, auto-starts on boot), `start` (foreground), or `dev`. |
@@ -257,15 +257,15 @@ mindos mcp install -g -y
 Use `http` transport — MindOS must be running (`mindos start`) on the remote machine:
 
 ```bash
-mindos mcp install--transport http --url http://<server-ip>:8787/mcp --token your-token -g
+mindos mcp install--transport http --url http://<server-ip>:8781/mcp --token your-token -g
 ```
 
 > [!NOTE]
-> For remote access, ensure port `8787` is open in your firewall/security-group.
+> For remote access, ensure port `8781` is open in your firewall/security-group.
 
 > Add `-g` to install globally — MCP config is shared across all projects instead of the current directory only.
 
-> The MCP port defaults to `8787`. To use a different port, run `mindos onboard` and set `mcpPort`.
+> The MCP port defaults to `8781`. To use a different port, run `mindos onboard` and set `mcpPort`.
 
 <details>
 <summary>Manual config (JSON snippets)</summary>
@@ -291,7 +291,7 @@ mindos mcp install--transport http --url http://<server-ip>:8787/mcp --token you
 {
   "mcpServers": {
     "mindos": {
-      "url": "http://localhost:8787/mcp",
+      "url": "http://localhost:8781/mcp",
       "headers": { "Authorization": "Bearer your-token" }
     }
   }
@@ -304,7 +304,7 @@ mindos mcp install--transport http --url http://<server-ip>:8787/mcp --token you
 {
   "mcpServers": {
     "mindos": {
-      "url": "http://<server-ip>:8787/mcp",
+      "url": "http://<server-ip>:8781/mcp",
       "headers": { "Authorization": "Bearer your-token" }
     }
   }

package/README_zh.md

@@ -158,8 +158,8 @@ mindos onboard --install-daemon
 ```json
 {
   "mindRoot": "~/MindOS",
-  "port": 3000,
-  "mcpPort": 8787,
+  "port": 3456,
+  "mcpPort": 8781,
   "authToken": "",
   "webPassword": "",
   "startMode": "daemon",
@@ -184,8 +184,8 @@ mindos onboard --install-daemon
 | 字段 | 默认值 | 说明 |
 | :--- | :--- | :--- |
 | `mindRoot` | `~/MindOS` | **必填**。知识库根目录的绝对路径 |
-| `port` | `3000` | 可选。Web 服务端口 |
-| `mcpPort` | `8787` | 可选。MCP 服务端口 |
+| `port` | `3456` | 可选。Web 服务端口 |
+| `mcpPort` | `8781` | 可选。MCP 服务端口 |
 | `authToken` | — | 可选。保护 App `/api/*` 和 MCP `/mcp` 的 Bearer Token 认证。供 Agent / MCP 客户端使用，暴露到网络时建议设置 |
 | `webPassword` | — | 可选。为 Web UI 添加登录密码保护。供浏览器访问，与 `authToken` 相互独立 |
 | `startMode` | `start` | 启动模式：`daemon`（后台服务，开机自启）、`start`（前台）或 `dev` |
@@ -259,15 +259,15 @@ mindos mcp install -g -y
 使用 `http` transport — 远程机器上需先运行 `mindos start`：
 
 ```bash
-mindos mcp install --transport http --url http://<服务器IP>:8787/mcp --token your-token -g
+mindos mcp install --transport http --url http://<服务器IP>:8781/mcp --token your-token -g
 ```
 
 > [!NOTE]
-> 远程访问时，请确保端口 `8787` 已在防火墙/安全组中放行。
+> 远程访问时，请确保端口 `8781` 已在防火墙/安全组中放行。
 
 > 加 `-g` 表示全局安装 — MCP 配置写入用户级配置文件，所有项目共享，而非仅当前目录。
 
-> MCP 端口默认为 `8787`。如需修改，运行 `mindos onboard` 设置 `mcpPort`。
+> MCP 端口默认为 `8781`。如需修改，运行 `mindos onboard` 设置 `mcpPort`。
 
 <details>
 <summary>手动配置（JSON 片段）</summary>
@@ -293,7 +293,7 @@ mindos mcp install --transport http --url http://<服务器IP>:8787/mcp --token
 {
   "mcpServers": {
     "mindos": {
-      "url": "http://localhost:8787/mcp",
+      "url": "http://localhost:8781/mcp",
       "headers": { "Authorization": "Bearer your-token" }
     }
   }
@@ -306,7 +306,7 @@ mindos mcp install --transport http --url http://<服务器IP>:8787/mcp --token
 {
   "mcpServers": {
     "mindos": {
-      "url": "http://<服务器IP>:8787/mcp",
+      "url": "http://<服务器IP>:8781/mcp",
       "headers": { "Authorization": "Bearer your-token" }
     }
   }

package/app/README.md

@@ -20,7 +20,7 @@ MIND_ROOT=~/MindOS ANTHROPIC_API_KEY=sk-ant-... npm run dev
 # Or copy .env.local.example to app/.env.local and fill in values
 ```
 
-Open [http://localhost:3000](http://localhost:3000).
+Open [http://localhost:3456](http://localhost:3456).
 
 ## Features
 
@@ -47,7 +47,7 @@ Copy `.env.local.example` to `.env.local`:
 | Variable | Default | Description |
 |----------|---------|-------------|
 | `MIND_ROOT` | `./my-mind` | Path to your knowledge base directory |
-| `MINDOS_WEB_PORT` | `3000` | Dev/production server port |
+| `MINDOS_WEB_PORT` | `3456` | Dev/production server port |
 | `AI_PROVIDER` | `anthropic` | `anthropic` or `openai` |
 | `ANTHROPIC_API_KEY` | — | Required when `AI_PROVIDER=anthropic` |
 | `ANTHROPIC_MODEL` | `claude-sonnet-4-6` | Anthropic model ID |

package/app/app/api/ask/route.ts

@@ -4,7 +4,88 @@ import { NextRequest, NextResponse } from 'next/server';
 import fs from 'fs';
 import path from 'path';
 import { getFileContent, getMindRoot } from '@/lib/fs';
-import { getModel, knowledgeBaseTools, truncate, AGENT_SYSTEM_PROMPT } from '@/lib/agent';
+import { getModel, knowledgeBaseTools, truncate, AGENT_SYSTEM_PROMPT, estimateTokens, estimateStringTokens, getContextLimit, needsCompact, truncateToolOutputs, compactMessages, hardPrune } from '@/lib/agent';
+import { effectiveAiConfig, readSettings } from '@/lib/settings';
+import type { Message as FrontendMessage, ToolCallPart as FrontendToolCallPart } from '@/lib/types';
+
+/**
+ * Convert frontend Message[] (with parts containing tool calls + results)
+ * into AI SDK ModelMessage[] that streamText expects.
+ *
+ * Frontend format:
+ *   { role: 'assistant', content: '...', parts: [TextPart, ToolCallPart(with output/state)] }
+ *
+ * AI SDK format:
+ *   { role: 'assistant', content: [TextPart, ToolCallPart(no output)] }
+ *   { role: 'tool', content: [ToolResultPart] }  // one per completed tool call
+ */
+function convertToModelMessages(messages: FrontendMessage[]): ModelMessage[] {
+  const result: ModelMessage[] = [];
+
+  for (const msg of messages) {
+    if (msg.role === 'user') {
+      result.push({ role: 'user', content: msg.content });
+      continue;
+    }
+
+    // Skip error placeholder messages from frontend
+    if (msg.content.startsWith('__error__')) continue;
+
+    // Assistant message
+    if (!msg.parts || msg.parts.length === 0) {
+      // Plain text assistant message — no tool calls
+      if (msg.content) {
+        result.push({ role: 'assistant', content: msg.content });
+      }
+      continue;
+    }
+
+    // Build assistant message content array (text parts + tool call parts)
+    const assistantContent: Array<
+      { type: 'text'; text: string } |
+      { type: 'tool-call'; toolCallId: string; toolName: string; input: unknown }
+    > = [];
+    const completedToolCalls: FrontendToolCallPart[] = [];
+
+    for (const part of msg.parts) {
+      if (part.type === 'text') {
+        if (part.text) {
+          assistantContent.push({ type: 'text', text: part.text });
+        }
+      } else if (part.type === 'tool-call') {
+        assistantContent.push({
+          type: 'tool-call',
+          toolCallId: part.toolCallId,
+          toolName: part.toolName,
+          input: part.input,
+        });
+        if (part.state === 'done' || part.state === 'error') {
+          completedToolCalls.push(part);
+        }
+      }
+      // 'reasoning' parts are display-only; not sent back to model
+    }
+
+    if (assistantContent.length > 0) {
+      result.push({ role: 'assistant', content: assistantContent });
+    }
+
+    // Add tool result messages for completed tool calls
+    if (completedToolCalls.length > 0) {
+      result.push({
+        role: 'tool',
+        content: completedToolCalls.map(tc => ({
+          type: 'tool-result' as const,
+          toolCallId: tc.toolCallId,
+          toolName: tc.toolName,
+          output: { type: 'text' as const, value: tc.output ?? '' },
+        })),
+      });
+    }
+  }
+
+  return result;
+}
 
 function readKnowledgeFile(filePath: string): { ok: boolean; content: string; error?: string } {
   try {
@@ -33,7 +114,7 @@ function dirnameOf(filePath?: string): string | null {
 
 export async function POST(req: NextRequest) {
   let body: {
-    messages: ModelMessage[];
+    messages: FrontendMessage[];
     currentFile?: string;
     attachedFiles?: string[];
     uploadedFiles?: Array<{ name: string; content: string }>;
@@ -45,8 +126,19 @@ export async function POST(req: NextRequest) {
     return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 });
   }
 
-  const { messages, currentFile, attachedFiles, uploadedFiles, maxSteps } = body;
-  const stepLimit = Number.isFinite(maxSteps) ? Math.min(30, Math.max(1, Number(maxSteps))) : 20;
+  const { messages, currentFile, attachedFiles, uploadedFiles } = body;
+
+  // Read agent config from settings
+  // NOTE: readSettings() is also called inside getModel() → effectiveAiConfig().
+  // Acceptable duplication — both are sync fs reads with identical results.
+  const serverSettings = readSettings();
+  const agentConfig = serverSettings.agent ?? {};
+  const stepLimit = Number.isFinite(body.maxSteps)
+    ? Math.min(30, Math.max(1, Number(body.maxSteps)))
+    : Math.min(30, Math.max(1, agentConfig.maxSteps ?? 20));
+  const enableThinking = agentConfig.enableThinking ?? false;
+  const thinkingBudget = agentConfig.thinkingBudget ?? 5000;
+  const contextStrategy = agentConfig.contextStrategy ?? 'auto';
 
   // Auto-load skill + bootstrap context for each request.
   const skillPath = path.resolve(process.cwd(), 'data/skills/mindos/SKILL.md');
@@ -64,19 +156,21 @@ export async function POST(req: NextRequest) {
     target_config_md: targetDir ? readKnowledgeFile(`${targetDir}/CONFIG.md`) : null,
   };
 
-  const initStatus = [
-    `skill.mindos: ${skill.ok ? 'ok' : `failed (${skill.error})`} [${skillPath}]`,
-    `bootstrap.instruction: ${bootstrap.instruction.ok ? 'ok' : `failed (${bootstrap.instruction.error})`}`,
-    `bootstrap.index: ${bootstrap.index.ok ? 'ok' : `failed (${bootstrap.index.error})`}`,
-    `bootstrap.config_json: ${bootstrap.config_json.ok ? 'ok' : `failed (${bootstrap.config_json.error})`}`,
-    `bootstrap.config_md: ${bootstrap.config_md.ok ? 'ok' : `failed (${bootstrap.config_md.error})`}`,
-    `bootstrap.target_dir: ${targetDir ?? '(none)'}`,
-    `bootstrap.target_readme: ${bootstrap.target_readme ? (bootstrap.target_readme.ok ? 'ok' : `failed (${bootstrap.target_readme.error})`) : 'skipped'}`,
-    `bootstrap.target_instruction: ${bootstrap.target_instruction ? (bootstrap.target_instruction.ok ? 'ok' : `failed (${bootstrap.target_instruction.error})`) : 'skipped'}`,
-    `bootstrap.target_config_json: ${bootstrap.target_config_json ? (bootstrap.target_config_json.ok ? 'ok' : `failed (${bootstrap.target_config_json.error})`) : 'skipped'}`,
-    `bootstrap.target_config_md: ${bootstrap.target_config_md ? (bootstrap.target_config_md.ok ? 'ok' : `failed (${bootstrap.target_config_md.error})`) : 'skipped'}`,
-    `bootstrap.mind_root: ${getMindRoot()}`,
-  ].join('\n');
+  // Only report failures — when everything loads fine, a single summary line suffices.
+  const initFailures: string[] = [];
+  if (!skill.ok) initFailures.push(`skill.mindos: failed (${skill.error})`);
+  if (!bootstrap.instruction.ok) initFailures.push(`bootstrap.instruction: failed (${bootstrap.instruction.error})`);
+  if (!bootstrap.index.ok) initFailures.push(`bootstrap.index: failed (${bootstrap.index.error})`);
+  if (!bootstrap.config_json.ok) initFailures.push(`bootstrap.config_json: failed (${bootstrap.config_json.error})`);
+  if (!bootstrap.config_md.ok) initFailures.push(`bootstrap.config_md: failed (${bootstrap.config_md.error})`);
+  if (bootstrap.target_readme && !bootstrap.target_readme.ok) initFailures.push(`bootstrap.target_readme: failed (${bootstrap.target_readme.error})`);
+  if (bootstrap.target_instruction && !bootstrap.target_instruction.ok) initFailures.push(`bootstrap.target_instruction: failed (${bootstrap.target_instruction.error})`);
+  if (bootstrap.target_config_json && !bootstrap.target_config_json.ok) initFailures.push(`bootstrap.target_config_json: failed (${bootstrap.target_config_json.error})`);
+  if (bootstrap.target_config_md && !bootstrap.target_config_md.ok) initFailures.push(`bootstrap.target_config_md: failed (${bootstrap.target_config_md.error})`);
+
+  const initStatus = initFailures.length === 0
+    ? `All initialization contexts loaded successfully. mind_root=${getMindRoot()}${targetDir ? `, target_dir=${targetDir}` : ''}`
+    : `Initialization issues:\n${initFailures.join('\n')}\nmind_root=${getMindRoot()}${targetDir ? `, target_dir=${targetDir}` : ''}`;
 
   const initContextBlocks: string[] = [];
   if (skill.ok) initContextBlocks.push(`## mindos_skill_md\n\n${skill.content}`);
@@ -148,18 +242,96 @@ export async function POST(req: NextRequest) {
 
   try {
     const model = getModel();
+    const cfg = effectiveAiConfig();
+    const modelName = cfg.provider === 'openai' ? cfg.openaiModel : cfg.anthropicModel;
+    let modelMessages = convertToModelMessages(messages);
+
+    // Phase 3: Context management pipeline
+    // 1. Truncate tool outputs in historical messages
+    modelMessages = truncateToolOutputs(modelMessages);
+
+    const preTokens = estimateTokens(modelMessages);
+    const sysTokens = estimateStringTokens(systemPrompt);
+    const ctxLimit = getContextLimit(modelName);
+    console.log(`[ask] Context: ~${preTokens + sysTokens} tokens (messages=${preTokens}, system=${sysTokens}), limit=${ctxLimit}`);
+
+    // 2. Compact if >70% context limit (skip if user disabled)
+    if (contextStrategy === 'auto' && needsCompact(modelMessages, systemPrompt, modelName)) {
+      console.log('[ask] Context >70% limit, compacting...');
+      const result = await compactMessages(modelMessages, model);
+      modelMessages = result.messages;
+      if (result.compacted) {
+        const postTokens = estimateTokens(modelMessages);
+        console.log(`[ask] After compact: ~${postTokens + sysTokens} tokens`);
+      } else {
+        console.log('[ask] Compact skipped (too few messages), hard prune will handle overflow if needed');
+      }
+    }
+
+    // 3. Hard prune if still >90% context limit
+    modelMessages = hardPrune(modelMessages, systemPrompt, modelName);
+
+    // Phase 2: Step monitoring + loop detection
+    const stepHistory: Array<{ tool: string; input: string }> = [];
+    let loopDetected = false;
+    let loopCooldown = 0; // skip detection for N steps after warning
+
     const result = streamText({
       model,
       system: systemPrompt,
-      messages,
+      messages: modelMessages,
       tools: knowledgeBaseTools,
       stopWhen: stepCountIs(stepLimit),
+      ...(enableThinking && cfg.provider === 'anthropic' ? {
+        providerOptions: {
+          anthropic: {
+            thinking: { type: 'enabled', budgetTokens: thinkingBudget },
+          },
+        },
+      } : {}),
+
+      onStepFinish: ({ toolCalls, usage }) => {
+        if (toolCalls) {
+          for (const tc of toolCalls) {
+            stepHistory.push({ tool: tc.toolName, input: JSON.stringify(tc.input) });
+          }
+        }
+        // Loop detection: same tool + same args 3 times in a row
+        // Skip detection during cooldown to avoid repeated warnings
+        if (loopCooldown > 0) {
+          loopCooldown--;
+        } else if (stepHistory.length >= 3) {
+          const last3 = stepHistory.slice(-3);
+          if (last3.every(s => s.tool === last3[0].tool && s.input === last3[0].input)) {
+            loopDetected = true;
+          }
+        }
+        console.log(`[ask] Step ${stepHistory.length}/${stepLimit}, tokens=${usage?.totalTokens ?? '?'}`);
+      },
+
+      prepareStep: ({ messages: stepMessages }) => {
+        if (loopDetected) {
+          loopDetected = false;
+          loopCooldown = 3; // suppress re-detection for 3 steps
+          return {
+            messages: [
+              ...stepMessages,
+              {
+                role: 'user' as const,
+                content: '[SYSTEM WARNING] You have called the same tool with identical arguments 3 times in a row. This appears to be a loop. Try a completely different approach or ask the user for clarification.',
+              },
+            ],
+          };
+        }
+        return {}; // no modification
+      },
+
       onError: ({ error }) => {
         console.error('[ask] Stream error:', error);
       },
     });
 
-    return result.toTextStreamResponse();
+    return result.toUIMessageStreamResponse();
   } catch (err) {
     console.error('[ask] Failed to initialize model:', err);
     return NextResponse.json(

package/app/app/api/mcp/install/route.ts

@@ -21,7 +21,7 @@ function buildEntry(transport: string, url?: string, token?: string) {
   if (transport === 'stdio') {
     return { type: 'stdio', command: 'mindos', args: ['mcp'], env: { MCP_TRANSPORT: 'stdio' } };
   }
-  const entry: Record<string, unknown> = { url: url || 'http://localhost:8787/mcp' };
+  const entry: Record<string, unknown> = { url: url || 'http://localhost:8781/mcp' };
   if (token) entry.headers = { Authorization: `Bearer ${token}` };
   return entry;
 }

package/app/app/api/mcp/status/route.ts

@@ -5,29 +5,24 @@ import { readSettings } from '@/lib/settings';
 export async function GET() {
   try {
     const settings = readSettings();
-    const port = settings.mcpPort ?? 8787;
-    const endpoint = `http://127.0.0.1:${port}/mcp`;
+    const port = settings.mcpPort ?? 8781;
+    const baseUrl = `http://127.0.0.1:${port}`;
+    const endpoint = `${baseUrl}/mcp`;
     const authConfigured = !!settings.authToken;
 
-    // Check if MCP server is running
     let running = false;
-    let toolCount = 0;
+
     try {
+      // Use the health endpoint — avoids MCP handshake complexity
+      const healthUrl = `${baseUrl}/api/health`;
       const controller = new AbortController();
       const timeout = setTimeout(() => controller.abort(), 2000);
-      const res = await fetch(endpoint, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'tools/list', params: {} }),
-        signal: controller.signal,
-      });
+      const res = await fetch(healthUrl, { signal: controller.signal, cache: 'no-store' });
       clearTimeout(timeout);
+
       if (res.ok) {
-        running = true;
-        try {
-          const data = await res.json();
-          if (data?.result?.tools) toolCount = data.result.tools.length;
-        } catch { /* non-JSON response — still running */ }
+        const data = await res.json() as { ok?: boolean; service?: string };
+        running = data.ok === true && data.service === 'mindos';
       }
     } catch {
       // Connection refused or timeout — not running
@@ -38,7 +33,7 @@ export async function GET() {
       transport: 'http',
       endpoint,
       port,
-      toolCount,
+      toolCount: running ? 20 : 0,
       authConfigured,
     });
   } catch (err) {

package/app/app/api/settings/route.ts

@@ -48,7 +48,8 @@ export async function GET() {
     mindRoot: settings.mindRoot,
     webPassword: settings.webPassword ? '***set***' : '',
     authToken: maskToken(settings.authToken),
-    mcpPort: settings.mcpPort ?? 8787,
+    mcpPort: settings.mcpPort ?? 8781,
+    agent: settings.agent ?? {},
     envOverrides: {
       AI_PROVIDER:       !!process.env.AI_PROVIDER,
       ANTHROPIC_API_KEY: !!process.env.ANTHROPIC_API_KEY,
@@ -110,6 +111,7 @@ export async function POST(req: NextRequest) {
         },
       },
       mindRoot: body.mindRoot ?? current.mindRoot,
+      agent: body.agent ?? current.agent,
       webPassword: resolvedWebPassword,
       authToken: resolvedAuthToken,
       port: typeof body.port === 'number' ? body.port : current.port,

package/app/app/api/setup/route.ts

@@ -20,8 +20,8 @@ export async function GET() {
       mindRoot: defaultMindRoot,
       homeDir: home,
       platform: process.platform,
-      port: s.port ?? 3000,
-      mcpPort: s.mcpPort ?? 8787,
+      port: s.port ?? 3456,
+      mcpPort: s.mcpPort ?? 8781,
       authToken: s.authToken ?? '',
       webPassword: s.webPassword ?? '',
       provider: s.ai.provider,
@@ -58,8 +58,8 @@ export async function POST(req: NextRequest) {
     const resolvedRoot = expandHome(mindRoot.trim());
 
     // Validate ports
-    const webPort = typeof port === 'number' ? port : 3000;
-    const mcpPortNum = typeof mcpPort === 'number' ? mcpPort : 8787;
+    const webPort = typeof port === 'number' ? port : 3456;
+    const mcpPortNum = typeof mcpPort === 'number' ? mcpPort : 8781;
     if (webPort < 1024 || webPort > 65535) {
       return NextResponse.json({ error: `Invalid web port: ${webPort}` }, { status: 400 });
     }
@@ -78,7 +78,7 @@ export async function POST(req: NextRequest) {
 
     // Read current running port for portChanged detection
     const current = readSettings();
-    const currentPort = current.port ?? 3000;
+    const currentPort = current.port ?? 3456;
 
     // Use the same resolved values that will actually be written to config
     const resolvedAuthToken   = authToken   ?? current.authToken   ?? '';
@@ -87,8 +87,8 @@ export async function POST(req: NextRequest) {
     // Re-onboard only needs restart if port/path/auth/password actually changed.
     const isFirstTime = current.setupPending === true || !current.mindRoot;
     const needsRestart = isFirstTime || (
-      webPort              !== (current.port      ?? 3000) ||
-      mcpPortNum           !== (current.mcpPort   ?? 8787) ||
+      webPort              !== (current.port      ?? 3456) ||
+      mcpPortNum           !== (current.mcpPort   ?? 8781) ||
       resolvedRoot         !== (current.mindRoot  || '')    ||
       resolvedAuthToken    !== (current.authToken   ?? '') ||
       resolvedWebPassword  !== (current.webPassword ?? '')

package/app/app/api/sync/route.ts

@@ -37,6 +37,22 @@ function isGitRepo(dir: string) {
   return existsSync(join(dir, '.git'));
 }
 
+/** Resolve path to bin/cli.js at runtime. */
+function getCliPath() {
+  return resolve(process.cwd(), '..', 'bin', 'cli' + '.js');
+}
+
+/** Run CLI command via execFile — avoids shell injection by passing args as array */
+function runCli(args: string[], timeoutMs = 30000): Promise<void> {
+  const cliPath = getCliPath();
+  return new Promise((res, rej) => {
+    execFile(process.execPath, [cliPath, ...args], { timeout: timeoutMs }, (err, _stdout, stderr) => {
+      if (err) rej(new Error(stderr?.trim() || err.message));
+      else res();
+    });
+  });
+}
+
 export async function GET() {
   const config = loadConfig();
   const syncConfig = config.sync || {};
@@ -99,16 +115,9 @@ export async function POST(req: NextRequest) {
 
         // Call CLI's sync init — pass clean remote + token separately (never embed token in URL)
         try {
-          const cliPath = resolve(process.cwd(), '..', 'bin', 'cli.js');
           const args = ['sync', 'init', '--non-interactive', '--remote', remote, '--branch', branch];
           if (body.token) args.push('--token', body.token);
-
-          await new Promise<void>((res, rej) => {
-            execFile('node', [cliPath, ...args], { timeout: 30000 }, (err, stdout, stderr) => {
-              if (err) rej(new Error(stderr?.trim() || err.message));
-              else res();
-            });
-          });
+          await runCli(args, 30000);
           return NextResponse.json({ success: true, message: 'Sync initialized' });
         } catch (err: unknown) {
           const errMsg = err instanceof Error ? err.message : String(err);
@@ -122,13 +131,7 @@ export async function POST(req: NextRequest) {
         }
         // Delegate to CLI for unified conflict handling
         try {
-          const cliPath = resolve(process.cwd(), '..', 'bin', 'cli.js');
-          await new Promise<void>((res, rej) => {
-            execFile('node', [cliPath, 'sync', 'now'], { timeout: 60000 }, (err, stdout, stderr) => {
-              if (err) rej(new Error(stderr?.trim() || err.message));
-              else res();
-            });
-          });
+          await runCli(['sync', 'now'], 60000);
           return NextResponse.json({ ok: true });
         } catch (err: unknown) {
           const errMsg = err instanceof Error ? err.message : String(err);