@geometra/mcp 1.42.0 → 1.43.0

package/dist/__tests__/ats-integration.test.js

@@ -71,6 +71,9 @@ vi.mock('../session.js', () => ({
     prewarmProxy: mockState.prewarmProxy,
     disconnect: vi.fn(),
     getSession: vi.fn(() => mockState.session),
+    resolveSession: vi.fn((id) => ({ kind: 'ok', session: mockState.session, ...(id ? { id } : {}) })),
+    listSessions: vi.fn(() => [{ id: 's1', url: 'https://jobs.example.com/application' }]),
+    getDefaultSessionId: vi.fn(() => 's1'),
     sendClick: mockState.sendClick,
     sendType: mockState.sendType,
     sendKey: mockState.sendKey,
@@ -78,6 +81,7 @@ vi.mock('../session.js', () => ({
     sendFieldText: mockState.sendFieldText,
     sendFieldChoice: mockState.sendFieldChoice,
     sendFillFields: mockState.sendFillFields,
+    sendFillOtp: vi.fn(async () => ({ status: 'updated', timeoutMs: 5000, result: { cellCount: 6, filledCount: 6 } })),
     sendListboxPick: mockState.sendListboxPick,
     sendSelectOption: mockState.sendSelectOption,
     sendSetChecked: mockState.sendSetChecked,

package/dist/__tests__/server-batch-results.test.js

@@ -67,6 +67,9 @@ vi.mock('../session.js', () => ({
     prewarmProxy: mockState.prewarmProxy,
     disconnect: vi.fn(),
     getSession: vi.fn(() => mockState.session),
+    resolveSession: vi.fn((id) => ({ kind: 'ok', session: mockState.session, ...(id ? { id } : {}) })),
+    listSessions: vi.fn(() => [{ id: 's1', url: 'https://jobs.example.com/application' }]),
+    getDefaultSessionId: vi.fn(() => 's1'),
     sendClick: mockState.sendClick,
     sendType: mockState.sendType,
     sendKey: mockState.sendKey,
@@ -74,6 +77,7 @@ vi.mock('../session.js', () => ({
     sendFieldText: mockState.sendFieldText,
     sendFieldChoice: mockState.sendFieldChoice,
     sendFillFields: mockState.sendFillFields,
+    sendFillOtp: vi.fn(async () => ({ status: 'updated', timeoutMs: 5000, result: { cellCount: 6, filledCount: 6 } })),
     sendListboxPick: mockState.sendListboxPick,
     sendSelectOption: mockState.sendSelectOption,
     sendSetChecked: mockState.sendSetChecked,

package/dist/__tests__/session-isolation.test.js

@@ -28,7 +28,7 @@
  */
 import { afterEach, beforeAll, describe, expect, it } from 'vitest';
 import http from 'node:http';
-import { buildA11yTree, connectThroughProxy, disconnect } from '../session.js';
+import { buildA11yTree, connectThroughProxy, disconnect, getDefaultSessionId, resolveSession, } from '../session.js';
 const PAGE_HTML = `<!doctype html>
 <html>
   <head><title>isolation-fixture</title></head>
@@ -190,4 +190,119 @@ describe('connectThroughProxy({ isolated: true })', () => {
         expect(sessionA.id).toBe(sessionB.id);
         disconnect({ sessionId: sessionA.id, closeProxy: true });
     }, 30_000);
+    // ── Bug #1 regression: parallel isolated sessions must never share a
+    // default pointer, and tool-call resolution must refuse to implicitly
+    // route to an isolated session when no sessionId is passed.
+    it('three parallel isolated sessions stay strictly independent — no shared default, strict id routing', async () => {
+        // Spawn three isolated sessions in parallel, each pinned to a
+        // different local URL. Each session gets its own Chromium instance
+        // (isolated: true forces a fresh proxy every time), and each tool
+        // call in real usage would address its session by the returned id.
+        const [sessionA, sessionB, sessionC] = await Promise.all([
+            connectThroughProxy({
+                pageUrl: `${baseUrl}/page-a`,
+                headless: true,
+                isolated: true,
+            }),
+            connectThroughProxy({
+                pageUrl: `${baseUrl}/page-b`,
+                headless: true,
+                isolated: true,
+            }),
+            connectThroughProxy({
+                pageUrl: `${baseUrl}/page-a`,
+                headless: true,
+                isolated: true,
+            }),
+        ]);
+        try {
+            // Invariant 1: every isolated session is flagged, and all three got
+            // distinct session ids (no collision).
+            expect(sessionA.isolated).toBe(true);
+            expect(sessionB.isolated).toBe(true);
+            expect(sessionC.isolated).toBe(true);
+            expect(new Set([sessionA.id, sessionB.id, sessionC.id]).size).toBe(3);
+            // Invariant 2: the implicit default-session pointer must not be set
+            // to any of these isolated sessions. This is the contamination fix —
+            // before v1.43, `connect()` unconditionally set defaultSessionId to
+            // whichever session most recently finished connecting, so parallel
+            // workers without an explicit sessionId would race onto each
+            // other's browsers.
+            const implicitDefault = getDefaultSessionId();
+            expect(implicitDefault).toBeNull();
+            // Invariant 3: resolveSession() with no id must refuse to pick any
+            // of these isolated sessions. Callers that omit sessionId get an
+            // ambiguous error and are forced to pass an explicit id.
+            const ambiguous = resolveSession();
+            expect(ambiguous.kind).toBe('ambiguous');
+            if (ambiguous.kind === 'ambiguous') {
+                expect(ambiguous.activeIds).toEqual(expect.arrayContaining([sessionA.id, sessionB.id, sessionC.id]));
+                expect(ambiguous.isolatedIds).toEqual(expect.arrayContaining([sessionA.id, sessionB.id, sessionC.id]));
+            }
+            // Invariant 4: explicit id routing must return exactly the
+            // requested session — never a peer — even under parallel load.
+            const lookupA = resolveSession(sessionA.id);
+            const lookupB = resolveSession(sessionB.id);
+            const lookupC = resolveSession(sessionC.id);
+            expect(lookupA.kind).toBe('ok');
+            expect(lookupB.kind).toBe('ok');
+            expect(lookupC.kind).toBe('ok');
+            if (lookupA.kind === 'ok')
+                expect(lookupA.session).toBe(sessionA);
+            if (lookupB.kind === 'ok')
+                expect(lookupB.session).toBe(sessionB);
+            if (lookupC.kind === 'ok')
+                expect(lookupC.session).toBe(sessionC);
+            // Invariant 5: each session's page still reads its own per-URL
+            // marker. This is the end-to-end "different browsers" check —
+            // even though they share the same MCP server process, the
+            // underlying Chromium / localStorage is distinct per session.
+            const [markerA, markerB, markerC] = await Promise.all([
+                waitForMarkerText(sessionA, 'marker-from-'),
+                waitForMarkerText(sessionB, 'marker-from-'),
+                waitForMarkerText(sessionC, 'marker-from-'),
+            ]);
+            expect(markerA).toBe('marker-from-/page-a');
+            expect(markerB).toBe('marker-from-/page-b');
+            expect(markerC).toBe('marker-from-/page-a');
+            // Invariant 6: looking up a session id that no longer exists must
+            // return `not_found` with the full active-id list, NEVER silently
+            // fall back to the default. This is the v1.42-era contamination
+            // vector: workers were seeing their tool calls routed to whatever
+            // the "most recent" session happened to be.
+            disconnect({ sessionId: sessionB.id, closeProxy: true });
+            const afterDisconnect = resolveSession(sessionB.id);
+            expect(afterDisconnect.kind).toBe('not_found');
+            if (afterDisconnect.kind === 'not_found') {
+                expect(afterDisconnect.id).toBe(sessionB.id);
+            }
+            // And the implicit default is STILL null — disconnecting one
+            // isolated session doesn't promote the next one to default.
+            expect(getDefaultSessionId()).toBeNull();
+        }
+        finally {
+            disconnect({ sessionId: sessionA.id, closeProxy: true });
+            disconnect({ sessionId: sessionC.id, closeProxy: true });
+        }
+    }, 60_000);
+    it('a single non-isolated session DOES become the implicit default (back-compat)', async () => {
+        // Single pooled session — the default-fallback behavior is retained
+        // for callers that don't pass sessionId and aren't running in
+        // parallel. This preserves every existing single-worker script.
+        const session = await connectThroughProxy({
+            pageUrl: `${baseUrl}/page-a`,
+            headless: true,
+        });
+        try {
+            expect(session.isolated).toBeFalsy();
+            expect(getDefaultSessionId()).toBe(session.id);
+            const resolved = resolveSession();
+            expect(resolved.kind).toBe('ok');
+            if (resolved.kind === 'ok')
+                expect(resolved.session.id).toBe(session.id);
+        }
+        finally {
+            disconnect({ sessionId: session.id, closeProxy: true });
+        }
+    }, 30_000);
 });

package/dist/__tests__/session-model.test.js

@@ -422,6 +422,80 @@ describe('buildFormSchemas', () => {
             },
         });
     });
+    // Bug #3 regression (v1.43): a React Select / Headless UI / Radix
+    // autocomplete combobox renders as a plain <input role="textbox"> in the
+    // accessibility tree. The extractor tags it with meta.isAutocompleteCombobox
+    // when its ancestry matches the autocomplete-wrapper fingerprint
+    // (see isAutocompleteComboboxAncestry in packages/proxy/src/extractor.ts,
+    // which mirrors isAutocompleteCombobox in packages/proxy/src/dom-actions.ts).
+    // The form-schema classifier MUST re-tag that field as choice/listbox so
+    // fill_form routes it through pick_listbox_option — otherwise Greenhouse
+    // Remix Country pickers (and every other React Select) get fed through
+    // the plain text-fill path, the controlled form state never commits, and
+    // Submit fails with "This field is required" while the field looks filled.
+    it('re-classifies autocomplete-combobox-wrapped textboxes as choice/listbox', () => {
+        const tree = node('group', undefined, { x: 0, y: 0, width: 900, height: 700 }, {
+            children: [
+                node('form', 'Address', { x: 20, y: 20, width: 760, height: 480 }, {
+                    path: [0],
+                    children: [
+                        // A plain text field — should stay classified as `text`.
+                        node('textbox', 'Postal code', { x: 40, y: 60, width: 200, height: 36 }, {
+                            path: [0, 0],
+                            state: { required: true },
+                            meta: { controlTag: 'input', inputType: 'text' },
+                        }),
+                        // The React Select Country picker: role=textbox but the
+                        // extractor flagged its ancestry as autocomplete-combobox. The
+                        // classifier must re-tag this as choice/listbox.
+                        node('textbox', 'Country', { x: 40, y: 120, width: 320, height: 36 }, {
+                            path: [0, 1],
+                            state: { required: true, invalid: true },
+                            meta: {
+                                controlTag: 'input',
+                                isAutocompleteCombobox: true,
+                            },
+                        }),
+                        // A real native <combobox> wrapping a <select> — should stay
+                        // classified as choice/select (NOT listbox) because the
+                        // controlTag is 'select' and no autocomplete flag is set.
+                        node('combobox', 'State / Region', { x: 40, y: 180, width: 320, height: 36 }, {
+                            path: [0, 2],
+                            state: { required: true },
+                            value: 'California',
+                            meta: { controlTag: 'select' },
+                        }),
+                    ],
+                }),
+            ],
+        });
+        const schemas = buildFormSchemas(tree);
+        expect(schemas).toHaveLength(1);
+        const fields = schemas[0]?.fields ?? [];
+        expect(fields).toHaveLength(3);
+        expect(fields[0]).toMatchObject({
+            kind: 'text',
+            label: 'Postal code',
+            required: true,
+        });
+        // Critical assertion: the Country textbox comes out as a listbox
+        // choice so fill_form will use pick_listbox_option.
+        expect(fields[1]).toMatchObject({
+            kind: 'choice',
+            choiceType: 'listbox',
+            label: 'Country',
+            required: true,
+            invalid: true,
+        });
+        // Back-compat: native <select> still classified as choice/select.
+        expect(fields[2]).toMatchObject({
+            kind: 'choice',
+            choiceType: 'select',
+            label: 'State / Region',
+            required: true,
+            value: 'California',
+        });
+    });
 });
 describe('buildFormRequiredSnapshot', () => {
     it('keeps offscreen required fields with bounds, visibility, and scroll hints', () => {

package/dist/server.js

@@ -3,7 +3,7 @@ import { performance } from 'node:perf_hooks';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { z } from 'zod';
 import { formatConnectFailureMessage, isHttpUrl, normalizeConnectTarget } from './connect-utils.js';
-import { connect, connectThroughProxy, disconnect, getSession, listSessions, getDefaultSessionId, prewarmProxy, sendClick, sendFillFields, sendType, sendKey, sendFileUpload, sendFieldText, sendFieldChoice, sendListboxPick, sendSelectOption, sendSetChecked, sendWheel, sendScreenshot, sendPdfGenerate, buildA11yTree, buildCompactUiIndex, buildFormRequiredSnapshot, buildPageModel, buildFormSchemas, expandPageSection, buildUiDelta, hasUiDelta, nodeIdForPath, nodeContextForNode, parseSectionId, findNodeByPath, summarizeCompactIndex, summarizePageModel, summarizeUiDelta, waitForUiCondition, } from './session.js';
+import { connect, connectThroughProxy, disconnect, resolveSession, listSessions, getDefaultSessionId, prewarmProxy, sendClick, sendFillFields, sendFillOtp, sendType, sendKey, sendFileUpload, sendFieldText, sendFieldChoice, sendListboxPick, sendSelectOption, sendSetChecked, sendWheel, sendScreenshot, sendPdfGenerate, buildA11yTree, buildCompactUiIndex, buildFormRequiredSnapshot, buildPageModel, buildFormSchemas, expandPageSection, buildUiDelta, hasUiDelta, nodeIdForPath, nodeContextForNode, parseSectionId, findNodeByPath, summarizeCompactIndex, summarizePageModel, summarizeUiDelta, waitForUiCondition, } from './session.js';
 function checkedStateInput() {
     return z
         .union([z.boolean(), z.literal('mixed')])
@@ -476,9 +476,10 @@ This is the Geometra equivalent of Playwright's locator — but instant, structu
 Unknown parameter names are rejected (strict schema). To wait until visible text goes away (e.g. a parsing banner), use geometra_wait_for with that substring in text and present: false — there is no textGone field.`,
         inputSchema: geometraQueryInputSchema,
     }, async ({ id, role, name, text, contextText, promptText, sectionText, itemText, value, checked, disabled, focused, selected, expanded, invalid, required, busy, maxResults, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const a11y = await sessionA11yWhenReady(session);
         if (!a11y)
             return err('No UI tree available');
@@ -533,9 +534,10 @@ Use this when geometra_page_model tells you the page shape, but you want one dir
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ name, role, sectionText, promptText, itemText, maxResults, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const a11y = await sessionA11yWhenReady(session);
         if (!a11y)
             return err('No UI tree available');
@@ -568,9 +570,10 @@ Use this when geometra_page_model tells you the page shape, but you want one dir
 The filter matches the same fields as geometra_query (strict schema — unknown keys error). Set \`present: false\` to wait until **no** node matches — for example Ashby/Lever-style “Parsing your resume” or any “Parsing…” banner: \`{ "text": "Parsing", "present": false }\` (tune the substring to the site). Do not use a textGone parameter; use \`text\` + \`present: false\`, or \`geometra_wait_for_resume_parse\` for the usual post-upload parsing banner.`,
         inputSchema: geometraWaitForInputSchema,
     }, async ({ id, role, name, text, contextText, promptText, sectionText, itemText, value, checked, disabled, focused, selected, expanded, invalid, required, busy, present, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const filterProbe = {
             id,
             role,
@@ -620,9 +623,10 @@ The filter matches the same fields as geometra_query (strict schema — unknown
 Equivalent to \`geometra_wait_for\` with \`present: false\` and \`text\` set to a banner substring. Default \`text\` is \`Parsing\` (tune per site). Strict schema (unknown keys rejected).`,
         inputSchema: geometraWaitForResumeParseInputSchema,
     }, async ({ text, timeoutMs, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const filter = { text };
         const waited = await waitForSemanticCondition(session, {
             filter,
@@ -647,9 +651,10 @@ Captures the current URL, then polls until the URL changes and a stable UI tree
         expectedUrl: z.string().optional().describe('Optional URL substring to match — keeps waiting if the URL changes to something else (e.g. intermediate redirects)'),
         sessionId: sessionIdInput,
     }, async ({ timeoutMs, expectedUrl, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const beforeA11y = sessionA11y(session);
         const beforeUrl = beforeA11y?.meta?.pageUrl ?? session.url;
         const startedAt = performance.now();
@@ -719,9 +724,10 @@ Use \`kind: "text"\` for textboxes / textareas, \`"choice"\` for selects / combo
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ fields, stopOnError, failOnInvalid, includeSteps, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const resolvedFields = resolveFillFieldInputs(session, fields);
         if (!resolvedFields.ok)
             return err(resolvedFields.error);
@@ -1262,9 +1268,10 @@ Use this first on normal HTML pages when you want to understand the page shape w
             .describe('Attach a base64 PNG viewport screenshot. Requires @geometra/proxy. Use when geometry alone is ambiguous (icon-only buttons, visual styling cues).'),
         sessionId: sessionIdInput,
     }, async ({ maxPrimaryActions, maxSectionsPerKind, includeScreenshot, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const a11y = await sessionA11yWhenReady(session);
         if (!a11y)
             return err('No UI tree available');
@@ -1341,9 +1348,10 @@ Use this after geometra_page_model when you know which form/dialog/list/landmark
         includeBounds: z.boolean().optional().default(false).describe('Include bounds for fields/actions/headings/items'),
         sessionId: sessionIdInput,
     }, async ({ id, maxHeadings, maxFields, fieldOffset, onlyRequiredFields, onlyInvalidFields, maxActions, actionOffset, maxLists, listOffset, maxItems, itemOffset, maxTextPreview, includeBounds, sessionId, }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const a11y = await sessionA11yWhenReady(session);
         if (!a11y)
             return err('No UI tree available');
@@ -1383,9 +1391,10 @@ This is the preferred approach for scrolling — no need to guess pixel offsets
             .describe('Per-scroll wait timeout (default 2500ms)'),
         sessionId: sessionIdInput,
     }, async ({ id, role, name, text, contextText, promptText, sectionText, itemText, value, checked, disabled, focused, selected, expanded, invalid, required, busy, index, fullyVisible, maxSteps, timeoutMs, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const filter = {
             id,
             role,
@@ -1451,9 +1460,10 @@ After clicking, returns a compact semantic delta when possible (dialogs/forms/li
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ x, y, id, role, name, text, contextText, promptText, sectionText, itemText, value, checked, disabled, focused, selected, expanded, invalid, required, busy, index, fullyVisible, maxRevealSteps, revealTimeoutMs, waitFor, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         const resolved = await resolveClickLocation(session, {
             x,
@@ -1547,9 +1557,10 @@ Each character is sent as a key event through the geometry protocol. Returns a c
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ text, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         const wait = await sendType(session, text, timeoutMs);
         const summary = postActionSummary(session, before, wait, detail);
@@ -1575,9 +1586,10 @@ Each character is sent as a key event through the geometry protocol. Returns a c
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ key, shift, ctrl, meta, alt, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         const wait = await sendKey(session, key, { shift, ctrl, meta, alt }, timeoutMs);
         const summary = postActionSummary(session, before, wait, detail);
@@ -1586,6 +1598,46 @@ Each character is sent as a key event through the geometry protocol. Returns a c
             ...waitStatusPayload(wait),
         }, detail));
     });
+    // ── fill OTP / verification-code box group ─────────────────────
+    server.tool('geometra_fill_otp', `Fill a multi-cell OTP / verification-code input group (e.g. Greenhouse's 8-box security code, generic 6-digit 2FA widgets, Auth0 / Clerk per-char inputs). Auto-detects a row of sibling <input maxlength="1"> elements at adjacent x-coordinates and types each character through a real keyboard event cycle so React's per-cell onKeyDown handler can auto-advance focus.
+
+Use this when geometra_fill_fields / geometra_fill_form fail on a 6-digit code field because the cells share accessibility bounds and the whole string gets written into cell 0 (which has maxlength=1 and silently truncates). This primitive is also auto-invoked by geometra_fill_fields and geometra_fill_form when a labeled field matches a verification-code / security-code / OTP pattern AND the underlying DOM is a cell group — you should only need to call it directly when the label doesn't match the auto-detection heuristic.
+
+Detection is fully generic (no site branding). It refuses to run if the detected group's cell count is smaller than the typed value length, and it post-verifies every cell's value so you get an honest error instead of a silent "success" that leaves boxes empty.`, {
+        value: z.string().min(1).max(32).describe('The code to type (e.g. "12345678" for an 8-digit security code)'),
+        fieldLabel: z.string().optional().describe('Optional label to scope the OTP search (e.g. "Security code", "Verification code"). When omitted, scans the whole document for any qualifying cell group.'),
+        perCharDelayMs: z.number().int().min(0).max(500).optional().describe('Optional per-character typing delay in milliseconds (default 30). Raise this if the widget needs longer to run its onKeyDown auto-advance.'),
+        timeoutMs: z
+            .number()
+            .int()
+            .min(500)
+            .max(60_000)
+            .optional()
+            .describe('Optional action wait timeout'),
+        detail: detailInput(),
+        sessionId: sessionIdInput,
+    }, async ({ value, fieldLabel, perCharDelayMs, timeoutMs, detail, sessionId }) => {
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
+        const before = sessionA11y(session);
+        try {
+            const wait = await sendFillOtp(session, value, { fieldLabel, perCharDelayMs }, timeoutMs);
+            const summary = postActionSummary(session, before, wait, detail);
+            const result = wait.result;
+            return ok(detailText(`Filled OTP code (${value.length} chars).\n${summary}`, {
+                ...compactTextValue(value),
+                ...(fieldLabel ? { fieldLabel } : {}),
+                ...(result?.cellCount !== undefined ? { cellCount: result.cellCount } : {}),
+                ...(result?.filledCount !== undefined ? { filledCount: result.filledCount } : {}),
+                ...waitStatusPayload(wait),
+            }, detail));
+        }
+        catch (e) {
+            return err(e.message);
+        }
+    });
     // ── upload files (proxy) ───────────────────────────────────────
     server.tool('geometra_upload_files', `Attach local files to a file input. Requires \`@geometra/proxy\` (paths exist on the proxy host).
 
@@ -1613,9 +1665,10 @@ Strategies: **auto** (default) tries chooser click if x,y given, else a labeled
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ paths, x, y, fieldLabel, exact, strategy, dropX, dropY, contextText: _contextText, sectionText: _sectionText, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         try {
             const wait = await sendFileUpload(session, paths, {
@@ -1659,9 +1712,10 @@ Pass \`fieldLabel\` to open a labeled dropdown semantically instead of relying o
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ label, exact, openX, openY, fieldLabel, contextText, sectionText, query, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         try {
             const wait = await sendListboxPick(session, label, {
@@ -1709,9 +1763,10 @@ Custom React/Vue dropdowns are not supported here — use \`geometra_pick_listbo
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ x, y, value, label, index, contextText: _contextText, sectionText: _sectionText, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         if (value === undefined && label === undefined && index === undefined) {
             return err('Provide at least one of value, label, or index');
         }
@@ -1750,9 +1805,10 @@ Prefer this over raw coordinate clicks for custom forms that keep the real input
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ label, checked, exact, controlType, contextText: _contextText, sectionText: _sectionText, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         try {
             const wait = await sendSetChecked(session, label, { checked, exact, controlType }, timeoutMs);
@@ -1784,9 +1840,10 @@ Prefer this over raw coordinate clicks for custom forms that keep the real input
         detail: detailInput(),
         sessionId: sessionIdInput,
     }, async ({ deltaY, deltaX, x, y, timeoutMs, detail, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const before = sessionA11y(session);
         try {
             const wait = await sendWheel(session, deltaY, { deltaX, x, y }, timeoutMs);
@@ -1815,9 +1872,10 @@ Use this for dropdowns, location pickers, or any scrollable list where items are
         scrollDelta: z.number().optional().default(300).describe('Vertical scroll delta per step (default 300)'),
         sessionId: sessionIdInput,
     }, async ({ listId, role, scrollX, scrollY, maxItems, maxScrollSteps, scrollDelta, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const itemRole = role ?? 'listitem';
         const collected = new Map();
         const cx = scrollX ?? 400;
@@ -1891,9 +1949,10 @@ JSON is minified in compact view to save tokens. For a summary-first overview, u
             .describe('Attach a base64 PNG viewport screenshot. Requires @geometra/proxy.'),
         sessionId: sessionIdInput,
     }, async ({ view, maxNodes, formId, maxFields, includeOptions, includeScreenshot, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         const a11y = await sessionA11yWhenReady(session);
         if (!a11y)
             return err('No UI tree available');
@@ -1927,10 +1986,15 @@ JSON is minified in compact view to save tokens. For a summary-first overview, u
     // ── layout ───────────────────────────────────────────────────
     server.tool('geometra_layout', `Get the raw computed layout geometry — the exact {x, y, width, height} for every node in the UI tree. This is the lowest-level view, useful for pixel-precise assertions in tests.
 
-For a token-efficient semantic view, use geometra_snapshot (default compact). For the complete nested tree, geometra_snapshot with view=full.`, {}, async () => {
-        const session = getSession();
-        if (!session?.layout)
-            return err('Not connected. Call geometra_connect first.');
+For a token-efficient semantic view, use geometra_snapshot (default compact). For the complete nested tree, geometra_snapshot with view=full.`, {
+        sessionId: sessionIdInput,
+    }, async ({ sessionId }) => {
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
+        if (!session.layout)
+            return err('No layout available yet. Wait for the next frame or call geometra_page_model.');
         return ok(JSON.stringify(session.layout, null, 2));
     });
     // ── workflow state ───────────────────────────────────────────
@@ -1940,9 +2004,10 @@ Use this after navigating to a new page in a multi-step flow (e.g. job applicati
         clear: z.boolean().optional().default(false).describe('Reset the workflow state'),
         sessionId: sessionIdInput,
     }, async ({ clear, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         if (clear) {
             session.workflowState = undefined;
             return ok(JSON.stringify({ cleared: true }));
@@ -2005,9 +2070,10 @@ Returns \`{ pdf, pageUrl }\` where \`pdf\` is the base64-encoded PDF bytes.`, {
             .describe('Include background graphics and colors.'),
         sessionId: sessionIdInput,
     }, async ({ html, format, landscape, margin, printBackground, sessionId }) => {
-        const session = getSession(sessionId);
-        if (!session)
-            return err('Not connected. Call geometra_connect first.');
+        const sessionResult = resolveToolSession(sessionId);
+        if ('error' in sessionResult)
+            return sessionResult.error;
+        const session = sessionResult.session;
         try {
             const wait = await sendPdfGenerate(session, {
                 html: html ?? undefined,
@@ -2241,10 +2307,24 @@ function pageModelResponsePayload(session, options) {
 }
 async function ensureToolSession(target, missingConnectionMessage = 'Not connected. Call geometra_connect first.') {
     if (!target.url && !target.pageUrl) {
-        const session = getSession(target.sessionId);
-        if (!session)
-            return { ok: false, error: missingConnectionMessage };
-        return { ok: true, session, autoConnected: false };
+        const resolved = resolveSession(target.sessionId);
+        if (resolved.kind === 'ok') {
+            return { ok: true, session: resolved.session, autoConnected: false };
+        }
+        if (resolved.kind === 'not_found') {
+            return {
+                ok: false,
+                error: `session_not_found: no active session with id "${resolved.id}". Active sessions: ${resolved.activeIds.join(', ') || '(none)'}.`,
+            };
+        }
+        if (resolved.kind === 'ambiguous') {
+            const isolatedSuffix = resolved.isolatedIds.length > 0 ? ` (isolated: ${resolved.isolatedIds.join(', ')})` : '';
+            return {
+                ok: false,
+                error: `multiple_active_sessions_provide_id: ${resolved.activeIds.length} active sessions — ${resolved.activeIds.join(', ')}${isolatedSuffix}. Pass sessionId explicitly.`,
+            };
+        }
+        return { ok: false, error: missingConnectionMessage };
     }
     const normalized = normalizeConnectTarget({ url: target.url, pageUrl: target.pageUrl });
     if (!normalized.ok)
@@ -3616,6 +3696,41 @@ async function captureScreenshotBase64(session) {
 function err(text) {
     return { content: [{ type: 'text', text }], isError: true };
 }
+/**
+ * Resolve a tool call's target session with strict routing. Returns either
+ * a `Session` or a tool error response that the caller should propagate
+ * verbatim. This is the server-side entry point for the Bug #1 fix — every
+ * tool that used to do `const session = getSession(sessionId); if (!session)
+ * return err('Not connected...')` should use this helper instead so that
+ * ambiguous / not-found / none conditions get distinct, honest errors
+ * instead of silently routing onto a stale default or a peer worker's
+ * isolated session. The typical call site is:
+ *
+ *     const sessionResult = resolveToolSession(sessionId)
+ *     if ('error' in sessionResult) return sessionResult.error
+ *     const session = sessionResult.session
+ */
+function resolveToolSession(sessionId) {
+    const result = resolveSession(sessionId);
+    switch (result.kind) {
+        case 'ok':
+            return { session: result.session };
+        case 'none':
+            return { error: err('Not connected. Call geometra_connect first.') };
+        case 'not_found':
+            return {
+                error: err(`session_not_found: no active session with id "${result.id}". Active sessions: ${result.activeIds.length > 0 ? result.activeIds.join(', ') : '(none)'}. Call geometra_connect again to start a new session — the MCP server never silently routes an explicit sessionId onto a different session.`),
+            };
+        case 'ambiguous': {
+            const isolatedSuffix = result.isolatedIds.length > 0
+                ? ` (isolated: ${result.isolatedIds.join(', ')})`
+                : '';
+            return {
+                error: err(`multiple_active_sessions_provide_id: ${result.activeIds.length} active sessions — ${result.activeIds.join(', ')}${isolatedSuffix}. Pass sessionId explicitly; the implicit-default fallback is disabled while multiple sessions or any isolated session is active to prevent cross-contamination under parallel-worker load.`),
+            };
+        }
+    }
+}
 function hasNodeFilter(filter) {
     return Object.values(filter).some(value => value !== undefined);
 }

package/dist/session.d.ts

@@ -33,6 +33,19 @@ export interface A11yNode {
         inputPattern?: string;
         inputType?: string;
         autocomplete?: string;
+        /**
+         * True when the extractor detected that this `<input>` (or role=textbox)
+         * lives inside an autocomplete / searchable combobox wrapper — React
+         * Select, Radix Select, Headless UI combobox, Ant Select, cmdk, etc.
+         * Set from the extractor's `isAutocompleteComboboxAncestry` detector,
+         * which mirrors `isAutocompleteCombobox` in `dom-actions.ts`. The
+         * form-schema classifier reads this to re-tag the field as
+         * `choice` / `listbox` instead of `text`, so `fill_form` routes through
+         * `pick_listbox_option` (which does the click + Enter-commit dance that
+         * plain text-fill cannot do for a controlled React Select state).
+         * See Bug #3 in the v1.43 release notes.
+         */
+        isAutocompleteCombobox?: boolean;
     };
     bounds: {
         x: number;
@@ -513,6 +526,40 @@ export declare function connectThroughProxy(options: {
     isolated?: boolean;
 }): Promise<Session>;
 export declare function getSession(id?: string): Session | null;
+/**
+ * Tool-side session resolution with strict routing semantics.
+ *
+ * - If `id` is passed, return exactly that session or `session_not_found`.
+ *   Never fall back to the default — explicit ids mean the caller is tracking
+ *   its own session and silently rerouting to some other session is worse
+ *   than an honest failure.
+ * - If no `id` is passed, resolve to the default session IF AND ONLY IF
+ *   there is exactly one active session AND it is not isolated. Otherwise
+ *   return `ambiguous_default` so the caller is forced to provide an
+ *   explicit sessionId.
+ *
+ * This is the Bug #1 session-contamination fix: tool calls that omit
+ * `sessionId` under parallel-worker load used to get routed to "most recent
+ * session", which was whatever parallel peer last called `geometra_connect`.
+ * That made cross-worker browser stomping inevitable. Forcing an explicit
+ * `sessionId` once >1 session is active (or whenever an isolated session is
+ * active) makes that class of bug structurally impossible.
+ */
+export type ResolveSessionResult = {
+    kind: 'ok';
+    session: Session;
+} | {
+    kind: 'not_found';
+    id: string;
+    activeIds: string[];
+} | {
+    kind: 'ambiguous';
+    activeIds: string[];
+    isolatedIds: string[];
+} | {
+    kind: 'none';
+};
+export declare function resolveSession(id?: string): ResolveSessionResult;
 export declare function listSessions(): Array<{
     id: string;
     url: string;
@@ -571,6 +618,16 @@ export declare function sendFieldChoice(session: Session, fieldLabel: string, va
 }, timeoutMs?: number): Promise<UpdateWaitResult>;
 /** Fill several semantic form fields in one proxy-side batch. */
 export declare function sendFillFields(session: Session, fields: ProxyFillField[], timeoutMs?: number): Promise<UpdateWaitResult>;
+/**
+ * Fill an OTP / verification-code input group by typing char-by-char into
+ * the leftmost cell. See `fillOtp` in `packages/proxy/src/dom-actions.ts`
+ * for the detection and typing strategy. Bug #2 (v1.43) release notes
+ * cover the Greenhouse 8-box widget that made this primitive necessary.
+ */
+export declare function sendFillOtp(session: Session, value: string, opts?: {
+    fieldLabel?: string;
+    perCharDelayMs?: number;
+}, timeoutMs?: number): Promise<UpdateWaitResult>;
 /** ARIA `role=option` listbox (e.g. React Select). Optional click opens the list. */
 export declare function sendListboxPick(session: Session, label: string, opts?: {
     exact?: boolean;

package/dist/session.js

@@ -192,11 +192,36 @@ function rememberReusableProxyPageUrl(session) {
     touchReusableProxy(entry);
 }
 function promoteDefaultSession() {
-    if (activeSessions.size > 0) {
-        defaultSessionId = Array.from(activeSessions.keys()).pop();
+    // Never promote an isolated session to be the implicit default. The whole
+    // point of `isolated: true` is that parallel workers should only address
+    // their session by its explicit id — falling back to "most recent" picks
+    // a random peer's browser and is exactly the contamination vector that
+    // made v1.42 apply marathons blow up. Walk the active sessions from newest
+    // to oldest and pick the newest non-isolated one; if none exist, the
+    // default goes null and `getSession(undefined)` will surface an
+    // `ambiguous_default` or `no_session` error instead of silently handing
+    // out a random isolated session.
+    const ids = Array.from(activeSessions.keys());
+    for (let i = ids.length - 1; i >= 0; i--) {
+        const id = ids[i];
+        const session = activeSessions.get(id);
+        if (session && !session.isolated) {
+            defaultSessionId = id;
+            return;
+        }
     }
-    else {
-        defaultSessionId = null;
+    defaultSessionId = null;
+}
+/**
+ * Clear `defaultSessionId` if it currently points at the given session id.
+ * Used after tagging a fresh session as isolated — `connect()` set the
+ * default pointer before the isolation flag was applied, and we need to
+ * retract that assignment so this session is only addressable by its
+ * explicit id.
+ */
+function retractDefaultIfPointsTo(sessionId) {
+    if (defaultSessionId === sessionId) {
+        promoteDefaultSession();
     }
 }
 function shutdownSession(id, opts) {
@@ -486,6 +511,12 @@ async function startFreshProxySession(options) {
         session.proxyReusable = !options.isolated;
         if (options.isolated) {
             session.isolated = true;
+            // connect() already set defaultSessionId to this session. Retract
+            // that assignment so the isolated session is only addressable by its
+            // explicit id — the implicit-default fallback is the contamination
+            // vector we're fixing, and an isolated session must never be the
+            // implicit target of a tool call that omits sessionId.
+            retractDefaultIfPointsTo(session.id);
         }
         else {
             setReusableProxy({ runtime }, wsUrl, {
@@ -544,6 +575,9 @@ async function startFreshProxySession(options) {
             session.proxyReusable = !options.isolated;
             if (options.isolated) {
                 session.isolated = true;
+                // See the embedded-runtime path above — an isolated session must
+                // not be the implicit default. Retract the pointer set by connect().
+                retractDefaultIfPointsTo(session.id);
             }
             else {
                 setReusableProxy({ child }, wsUrl, {
@@ -785,6 +819,35 @@ export function getSession(id) {
         return activeSessions.get(defaultSessionId) ?? null;
     return null;
 }
+export function resolveSession(id) {
+    if (id) {
+        const found = activeSessions.get(id);
+        if (found)
+            return { kind: 'ok', session: found };
+        return {
+            kind: 'not_found',
+            id,
+            activeIds: Array.from(activeSessions.keys()),
+        };
+    }
+    const active = Array.from(activeSessions.values());
+    if (active.length === 0)
+        return { kind: 'none' };
+    const isolatedIds = active.filter(s => s.isolated).map(s => s.id);
+    // Strict routing: if there is more than one active session, OR any active
+    // session is isolated (even if it's the only one), require an explicit id.
+    // The "only one isolated session" case still demands an explicit id
+    // because the point of isolation is that the caller tracks its own session
+    // and other tools must never implicitly attach to it.
+    if (active.length > 1 || isolatedIds.length > 0) {
+        return {
+            kind: 'ambiguous',
+            activeIds: active.map(s => s.id),
+            isolatedIds,
+        };
+    }
+    return { kind: 'ok', session: active[0] };
+}
 export function listSessions() {
     return Array.from(activeSessions.values()).map(s => ({ id: s.id, url: s.url }));
 }
@@ -987,6 +1050,25 @@ export function sendFieldChoice(session, fieldLabel, value, opts, timeoutMs = LI
 export function sendFillFields(session, fields, timeoutMs = estimateFillBatchTimeout(fields)) {
     return sendAndWaitForUpdate(session, { type: 'fillFields', fields }, timeoutMs);
 }
+/**
+ * Fill an OTP / verification-code input group by typing char-by-char into
+ * the leftmost cell. See `fillOtp` in `packages/proxy/src/dom-actions.ts`
+ * for the detection and typing strategy. Bug #2 (v1.43) release notes
+ * cover the Greenhouse 8-box widget that made this primitive necessary.
+ */
+export function sendFillOtp(session, value, opts, timeoutMs) {
+    const payload = {
+        type: 'fillOtp',
+        value,
+    };
+    if (opts?.fieldLabel)
+        payload.fieldLabel = opts.fieldLabel;
+    if (opts?.perCharDelayMs !== undefined)
+        payload.perCharDelayMs = opts.perCharDelayMs;
+    // Budget: base 3s + 150ms/char to cover the per-cell delay plus verify.
+    const budget = timeoutMs ?? Math.max(3_000, 3_000 + value.length * 150);
+    return sendAndWaitForUpdate(session, payload, budget);
+}
 /** ARIA `role=option` listbox (e.g. React Select). Optional click opens the list. */
 export function sendListboxPick(session, label, opts, timeoutMs = LISTBOX_UPDATE_TIMEOUT_MS) {
     const payload = { type: 'listboxPick', label };
@@ -1785,17 +1867,35 @@ function simpleSchemaField(root, node) {
     const label = fieldLabel(node) ?? sanitizeInlineName(node.name, 80) ?? context?.prompt;
     if (!label)
         return null;
-    const choiceType = node.role === 'combobox'
-        ? node.meta?.controlTag === 'select'
-            ? 'select'
-            : 'listbox'
+    // Bug #3 (v1.43): if this node LOOKS like a plain textbox but its
+    // ancestry fingerprints an autocomplete / searchable combobox wrapper
+    // (React Select, Radix Select, Headless UI combobox, Ant Select, cmdk),
+    // re-tag it as a listbox choice field. Without this, a React Select
+    // Country picker in a Greenhouse Remix form gets classified as `text`,
+    // fill_form routes through sendFieldText, and the controlled form
+    // state never actually commits — Greenhouse's validator then says
+    // "Country is required" and clears the value on submit-attempt scroll.
+    // The autocomplete-combobox signal is set by the extractor's
+    // isAutocompleteComboboxAncestry detector, which mirrors the
+    // isAutocompleteCombobox helper used by pickListboxOption in
+    // dom-actions.ts (v1.42 fix). Keeping the two detectors aligned is how
+    // we guarantee that fill_form's classification matches what
+    // pick_listbox_option can actually commit.
+    const extractorSaysTextbox = node.role === 'textbox' && node.meta?.isAutocompleteCombobox === true;
+    const classifiedRole = extractorSaysTextbox ? 'combobox' : node.role;
+    const classifiedChoiceType = classifiedRole === 'combobox'
+        ? // Native <select> stays on choiceType 'select'; any wrapper pattern
+            // routes through 'listbox' so pick_listbox_option handles it.
+            node.meta?.controlTag === 'select' && node.meta?.isAutocompleteCombobox !== true
+                ? 'select'
+                : 'listbox'
         : undefined;
     const format = buildFieldFormat(node);
     return {
         id: formFieldIdForPath(node.path),
-        kind: node.role === 'combobox' ? 'choice' : 'text',
+        kind: classifiedRole === 'combobox' ? 'choice' : 'text',
         label,
-        ...(choiceType ? { choiceType } : {}),
+        ...(classifiedChoiceType ? { choiceType: classifiedChoiceType } : {}),
         ...(node.state?.required ? { required: true } : {}),
         ...(node.state?.invalid ? { invalid: true } : {}),
         ...compactSchemaValue(node.value, 72),
@@ -2713,6 +2813,8 @@ function walkNode(element, layout, path) {
         meta.inputType = semantic.inputType;
     if (typeof semantic?.autocomplete === 'string')
         meta.autocomplete = semantic.autocomplete;
+    if (semantic?.isAutocompleteCombobox === true)
+        meta.isAutocompleteCombobox = true;
     const children = [];
     const elementChildren = element.children;
     const layoutChildren = layout.children;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@geometra/mcp",
-  "version": "1.42.0",
+  "version": "1.43.0",
   "description": "MCP server for Geometra — interact with running Geometra apps via the geometry protocol, no browser needed",
   "license": "MIT",
   "type": "module",