@hydra-acp/cli 0.1.61 → 0.1.63

package/dist/index.js

@@ -1,5 +1,5 @@
 // src/daemon/server.ts
-import * as fs16 from "fs";
+import * as fs18 from "fs";
 import * as fsp7 from "fs/promises";
 import Fastify from "fastify";
 import websocketPlugin from "@fastify/websocket";
@@ -26,6 +26,19 @@ import { z } from "zod";
 import * as path from "path";
 import * as os from "os";
 var ROOT_ENV = "HYDRA_ACP_HOME";
+function shortenHomePath(p) {
+  const home = os.homedir();
+  if (!home) {
+    return p;
+  }
+  if (p === home) {
+    return "~";
+  }
+  if (p.startsWith(home + "/")) {
+    return "~" + p.slice(home.length);
+  }
+  return p;
+}
 function hydraHome() {
   const override = process.env[ROOT_ENV];
   if (override && override.length > 0) {
@@ -82,12 +95,35 @@ var paths = {
   sessionDir: (id) => path.join(hydraHome(), "sessions", id),
   sessionFile: (id) => path.join(hydraHome(), "sessions", id, "meta.json"),
   historyFile: (id) => path.join(hydraHome(), "sessions", id, "history.jsonl"),
+  // Content-addressed store for heavy tool payload (diff bodies, stdout)
+  // externalized out of history.jsonl. One file per unique blob, named by
+  // its sha256, so repeated identical content (e.g. an agent re-emitting
+  // the same full-file diff on every status tick) dedupes to one file.
+  toolsDir: (id) => path.join(hydraHome(), "sessions", id, "tools"),
+  toolBlobFile: (id, hash) => path.join(hydraHome(), "sessions", id, "tools", hash),
   // Persisted prompt queue for a session. ndjson, one record per
   // entry. Survives daemon restarts so queued prompts get a chance to
   // run rather than being silently lost. Entries are removed BEFORE
   // the agent invocation (see Session.drainQueue) so a crash mid-
   // generation doesn't double-run on restart.
   queueFile: (id) => path.join(hydraHome(), "sessions", id, "queue.ndjson"),
+  // Tombstones for sessions that were deleted locally but might still
+  // be reported by an agent's session/list at the next periodic sync.
+  // One file per (agentId, upstreamSessionId); existence is the source
+  // of truth, contents are a small JSON blob for diagnostics and the
+  // "agent advanced past our snapshot → resurrect" decision. Hidden
+  // under sessions/ because SessionStore.read() filters non-conforming
+  // dir names (the leading dot fails SESSION_ID_PATTERN) so the
+  // directory cohabits safely with real session directories.
+  tombstonesDir: () => path.join(hydraHome(), "sessions", ".tombstones"),
+  tombstoneAgentDir: (agentId) => path.join(hydraHome(), "sessions", ".tombstones", encodeURIComponent(agentId)),
+  tombstoneFile: (agentId, upstreamSessionId) => path.join(
+    hydraHome(),
+    "sessions",
+    ".tombstones",
+    encodeURIComponent(agentId),
+    encodeURIComponent(upstreamSessionId)
+  ),
   extensionsDir: () => path.join(hydraHome(), "extensions"),
   extensionLogFile: (name) => path.join(hydraHome(), "extensions", `${name}.log`),
   extensionPidFile: (name) => path.join(hydraHome(), "extensions", `${name}.pid`),
@@ -267,7 +303,27 @@ var DaemonConfig = z.object({
 });
 var RegistryConfig = z.object({
   url: z.string().url().default(REGISTRY_URL_DEFAULT),
-  ttlHours: z.number().positive().default(24)
+  ttlHours: z.number().positive().default(24),
+  // When true, the daemon never re-fetches the registry over the network:
+  // it serves whatever is in the on-disk cache (~/.hydra-acp/registry.json)
+  // indefinitely, ignoring ttlHours. An escape hatch for when a bad registry
+  // push breaks an agent — pin to the last-known-good cache until upstream
+  // is fixed. `hydra registry refresh` still forces a one-off fetch.
+  pinned: z.boolean().default(false)
+});
+var LocalAgentConfig = z.object({
+  name: z.string().optional(),
+  description: z.string().optional(),
+  // Optional: defaults to the agent id (the config.agents key), mirroring
+  // how extensions default their command to the extension name. Set it
+  // when the executable differs from the id, or to point at an absolute
+  // path / wrapper script.
+  command: z.string().optional(),
+  args: z.array(z.string()).optional(),
+  env: z.record(z.string()).optional()
+});
+var AgentOverrideConfig = z.object({
+  packageSpec: z.string().optional()
 });
 var TuiConfig = z.object({
   // Minimum interval (ms) between full-screen repaints driven by content
@@ -313,6 +369,29 @@ var TuiConfig = z.object({
   // suppress them — the TUI hotkey ^T toggles this at runtime without
   // persisting back to config.
   showThoughts: z.boolean().default(true),
+  // How the terminal renders East-Asian "Ambiguous" width glyphs (em-dash
+  // —, smart quotes “ ”, ellipsis …, middle-dot ·). Most modern terminals
+  // draw them 1 col wide ("narrow"); CJK-locale / legacy setups draw them 2
+  // cols wide ("wide"). Defaults to "wide": counting ambiguous glyphs as 2
+  // cols never overflows the right margin (the worst case is wrapping a
+  // column early on narrow terminals, which is benign), whereas "narrow"
+  // bleeds past the margin on wide terminals. The thought gutter uses an
+  // ASCII marker, so this no longer affects marker alignment either way.
+  ambiguousWidth: z.enum(["narrow", "wide"]).default("wide"),
+  // How the TUI receives tool payload on attach/replay.
+  //   "references" — the lean path (default): the daemon ships blob refs and
+  //                  the TUI fetches a diff/output body on demand when
+  //                  expanded, cutting replay size on tool-heavy sessions.
+  //                  Collapsed rows never fetch (they show a size hint), and
+  //                  old inline sessions/live turns are unaffected (no refs).
+  //   "inline"     — full content up front (the pre-externalization shape).
+  toolContent: z.enum(["inline", "references"]).default("references"),
+  // Unchanged context lines shown around each change in an expanded Edited
+  // diff. Some agents (e.g. pi) report edits as full-file old/new text via
+  // ACP "diff" content blocks; without hunking a 1-line edit would render
+  // the entire file. This bounds the context so only the changed region (±N
+  // lines) shows, with runs of unchanged lines collapsed to a marker.
+  diffContextLines: z.number().int().min(0).default(3),
   // Cap on entries kept in the cross-session global prompt-history file
   // (~/.hydra-acp/prompt-history). This is the ^P / ^R recall list
   // shared across all sessions; it's append-only on disk, so long-lived
@@ -385,7 +464,18 @@ var TransformerBody = z.object({
 });
 var HydraConfig = z.object({
   daemon: DaemonConfig.default({}),
-  registry: RegistryConfig.default({ url: REGISTRY_URL_DEFAULT, ttlHours: 24 }),
+  registry: RegistryConfig.default({
+    url: REGISTRY_URL_DEFAULT,
+    ttlHours: 24,
+    pinned: false
+  }),
+  // User-defined agents that bypass the network registry. Keyed by agent
+  // id; each is spawned via its `command`/`args` directly. Shadow registry
+  // agents of the same id.
+  agents: z.record(z.string(), LocalAgentConfig).default({}),
+  // Per-agent pin overrides applied to registry agents (e.g. force a
+  // specific npm version of opencode). Keyed by agent id.
+  agentOverrides: z.record(z.string(), AgentOverrideConfig).default({}),
   defaultAgent: z.string().default("opencode"),
   // Optional per-agent default model id. When a brand-new agent process
   // is spawned (session/new path), hydra issues session/set_model with
@@ -417,6 +507,12 @@ var HydraConfig = z.object({
   // a literal string ("~", "~/dev", "$HOME/work") so the config file is
   // portable across machines; expanded via expandHome at use time.
   defaultCwd: z.string().default("~"),
+  // Gzip externalized tool-content blobs at rest (tools/<sha256>.gz).
+  // Default true — text diffs/output compress ~3.5x and decompression is
+  // lazy (only on diff expand in references mode). Set false to write plain
+  // blobs instead, as an escape hatch if gzip CPU is ever a problem; reads
+  // transparently handle both, so flipping it only affects new writes.
+  compressToolContent: z.boolean().default(true),
   // Cap on cold sessions shown in CLI `sessions` listing and the TUI
   // picker. Live sessions are always included; cold are sorted by
   // recency and truncated to this count. `--all` overrides in the CLI.
@@ -438,6 +534,9 @@ var HydraConfig = z.object({
     progressIndicator: true,
     defaultEnterAction: "amend",
     showThoughts: true,
+    ambiguousWidth: "wide",
+    toolContent: "references",
+    diffContextLines: 3,
     promptHistoryMaxEntries: 2e3,
     maxToolItems: 5,
     maxPlanItems: 5,
@@ -516,13 +615,113 @@ function expandHome(p) {
   return p;
 }
 
+// src/core/tool-store.ts
+import * as fs4 from "fs/promises";
+import { createHash } from "crypto";
+import { gzip as gzipCb, gunzip as gunzipCb } from "zlib";
+import { promisify } from "util";
+var gzip = promisify(gzipCb);
+var gunzip = promisify(gunzipCb);
+var SESSION_ID_PATTERN = /^[A-Za-z0-9_-]+$/;
+var HASH_PATTERN = /^[a-f0-9]{64}$/;
+var compressBlobs = true;
+function setToolBlobCompression(enabled) {
+  compressBlobs = enabled;
+}
+function safe(sessionId, hash) {
+  if (!SESSION_ID_PATTERN.test(sessionId)) {
+    return false;
+  }
+  return hash === void 0 || HASH_PATTERN.test(hash);
+}
+function gzPath(sessionId, hash) {
+  return `${paths.toolBlobFile(sessionId, hash)}.gz`;
+}
+async function putToolBlob(sessionId, text) {
+  if (!safe(sessionId)) {
+    return null;
+  }
+  const hash = createHash("sha256").update(text, "utf8").digest("hex");
+  const gzFile = gzPath(sessionId, hash);
+  const plainFile = paths.toolBlobFile(sessionId, hash);
+  for (const existing of [gzFile, plainFile]) {
+    try {
+      await fs4.access(existing);
+      return hash;
+    } catch {
+    }
+  }
+  await fs4.mkdir(paths.toolsDir(sessionId), { recursive: true });
+  const file = compressBlobs ? gzFile : plainFile;
+  const data = compressBlobs ? await gzip(Buffer.from(text, "utf8")) : Buffer.from(text, "utf8");
+  await fs4.writeFile(file, data, { mode: 384, flag: "wx" }).catch(async (err) => {
+    if (err.code !== "EEXIST") {
+      throw err;
+    }
+  });
+  return hash;
+}
+async function getToolBlob(sessionId, hash) {
+  if (!safe(sessionId, hash)) {
+    return null;
+  }
+  try {
+    const buf = await fs4.readFile(gzPath(sessionId, hash));
+    return (await gunzip(buf)).toString("utf8");
+  } catch {
+  }
+  try {
+    return await fs4.readFile(paths.toolBlobFile(sessionId, hash), "utf8");
+  } catch {
+    return null;
+  }
+}
+async function readToolBlobGz(sessionId, hash) {
+  if (!safe(sessionId, hash)) {
+    return null;
+  }
+  try {
+    return await fs4.readFile(gzPath(sessionId, hash));
+  } catch {
+  }
+  try {
+    const plain = await fs4.readFile(paths.toolBlobFile(sessionId, hash));
+    return await gzip(plain);
+  } catch {
+    return null;
+  }
+}
+async function writeToolBlobGz(sessionId, hash, gzBytes) {
+  if (!safe(sessionId, hash)) {
+    return;
+  }
+  const file = gzPath(sessionId, hash);
+  try {
+    await fs4.access(file);
+    return;
+  } catch {
+  }
+  await fs4.mkdir(paths.toolsDir(sessionId), { recursive: true });
+  await fs4.writeFile(file, gzBytes, { mode: 384, flag: "wx" }).catch((err) => {
+    if (err.code !== "EEXIST") {
+      throw err;
+    }
+  });
+}
+async function deleteToolBlobs(sessionId) {
+  if (!SESSION_ID_PATTERN.test(sessionId)) {
+    return;
+  }
+  await fs4.rm(paths.toolsDir(sessionId), { recursive: true, force: true }).catch(() => void 0);
+}
+
 // src/core/registry.ts
-import * as fs5 from "fs/promises";
+import * as fs6 from "fs/promises";
 import * as path4 from "path";
 import { z as z2 } from "zod";
 
 // src/core/binary-install.ts
-import * as fs4 from "fs";
+import * as fs5 from "fs";
 import * as fsp from "fs/promises";
 import * as path2 from "path";
 import { spawn } from "child_process";
@@ -655,7 +854,7 @@ async function downloadTo(args) {
     );
   }
   const total = Number(response.headers.get("content-length") ?? "0");
-  const out = fs4.createWriteStream(dest);
+  const out = fs5.createWriteStream(dest);
   const nodeStream = Readable.fromWeb(response.body);
   safeEmit(args.onProgress, {
     phase: "download_start",
@@ -1062,10 +1261,16 @@ var UvxDistribution = z2.object({
   args: z2.array(z2.string()).optional(),
   env: z2.record(z2.string()).optional()
 });
+var ExecDistribution = z2.object({
+  command: z2.string(),
+  args: z2.array(z2.string()).optional(),
+  env: z2.record(z2.string()).optional()
+});
 var Distribution = z2.object({
   npx: NpxDistribution.optional(),
   binary: BinaryDistribution.optional(),
-  uvx: UvxDistribution.optional()
+  uvx: UvxDistribution.optional(),
+  exec: ExecDistribution.optional()
 });
 var RegistryAgent = z2.object({
   id: z2.string(),
@@ -1093,11 +1298,11 @@ var Registry = class {
   options;
   cache;
   async load() {
-    if (this.cache && this.isFresh(this.cache.fetchedAt)) {
+    if (this.cache && (this.isPinned() || this.isFresh(this.cache.fetchedAt))) {
       return this.cache.data;
     }
     const onDisk = await this.readDiskCache();
-    if (onDisk && this.isFresh(onDisk.fetchedAt)) {
+    if (onDisk && (this.isPinned() || this.isFresh(onDisk.fetchedAt))) {
       this.cache = onDisk;
       return onDisk.data;
     }
@@ -1128,12 +1333,57 @@ var Registry = class {
     return this.cache?.fetchedAt;
   }
   async getAgent(id) {
+    const local = this.localAgents().find((a) => a.id === id);
+    if (local) {
+      return local;
+    }
     const doc = await this.load();
     const exact = doc.agents.find((a) => a.id === id);
     if (exact) {
-      return exact;
+      return this.applyOverride(exact);
+    }
+    const byBasename = doc.agents.find((a) => npxPackageBasename(a) === id);
+    return byBasename ? this.applyOverride(byBasename) : void 0;
+  }
+  // Synthesize RegistryAgent entries from config.agents. These carry an
+  // `exec` distribution and a fixed "local" version key (no install dir).
+  localAgents() {
+    return Object.entries(this.config.agents ?? {}).map(([id, def]) => ({
+      id,
+      name: def.name ?? id,
+      description: def.description,
+      version: "local",
+      distribution: {
+        exec: {
+          // Default the command to the agent id (like extensions default
+          // theirs to the extension name) — resolved off PATH at spawn.
+          command: def.command ?? id,
+          args: def.args,
+          env: def.env
+        }
+      }
+    }));
+  }
+  // Apply a config.agentOverrides[id] pin to a registry agent: swap the
+  // npx package spec and key the install dir on the pinned version so it
+  // never collides with the floating "current" install. No-op when the
+  // agent has no override or isn't npx-distributed.
+  applyOverride(agent) {
+    const override = this.config.agentOverrides?.[agent.id];
+    if (!override?.packageSpec || !agent.distribution.npx) {
+      return agent;
     }
-    return doc.agents.find((a) => npxPackageBasename(a) === id);
+    return {
+      ...agent,
+      version: versionKeyFromSpec(override.packageSpec),
+      distribution: {
+        ...agent.distribution,
+        npx: { ...agent.distribution.npx, package: override.packageSpec }
+      }
+    };
+  }
+  isPinned() {
+    return this.config.registry?.pinned === true;
   }
   isFresh(fetchedAt) {
     const ageMs = Date.now() - fetchedAt;
@@ -1175,6 +1425,12 @@ var Registry = class {
     });
   }
 };
+function versionKeyFromSpec(spec) {
+  const lastAt = spec.lastIndexOf("@");
+  const version = lastAt > 0 ? spec.slice(lastAt + 1) : "";
+  const sanitized = version.replace(/[^a-zA-Z0-9._-]/g, "_");
+  return sanitized.length > 0 ? `pin-${sanitized}` : "pinned";
+}
 function npxPackageBasename(agent) {
   const pkg = agent.distribution.npx?.package;
   if (!pkg) {
@@ -1185,12 +1441,45 @@ function npxPackageBasename(agent) {
   const atIdx = afterSlash.lastIndexOf("@");
   return atIdx <= 0 ? afterSlash : afterSlash.slice(0, atIdx);
 }
+async function listAgents(registry) {
+  const local = typeof registry.localAgents === "function" ? registry.localAgents() : [];
+  let doc;
+  try {
+    doc = await registry.load();
+  } catch (err) {
+    if (local.length === 0) {
+      throw err;
+    }
+    doc = { version: "local-only", agents: [] };
+  }
+  const localIds = new Set(local.map((a) => a.id));
+  const merged = [...local, ...doc.agents.filter((a) => !localIds.has(a.id))];
+  const agents = await Promise.all(
+    merged.map(async (a) => ({
+      id: a.id,
+      name: a.name,
+      version: a.version,
+      description: a.description,
+      distributions: Object.keys(a.distribution),
+      installed: await agentInstallState(a),
+      source: localIds.has(a.id) ? "local" : "registry"
+    }))
+  );
+  return {
+    version: doc.version,
+    fetchedAt: registry.lastFetchedAt(),
+    agents
+  };
+}
 async function agentInstallState(agent) {
   const platformKey = currentPlatformKey();
   if (!platformKey) {
     return "no";
   }
   const version = agent.version ?? "current";
+  if (agent.distribution.exec) {
+    return "yes";
+  }
   if (agent.distribution.binary) {
     const target = pickBinaryTarget(agent.distribution.binary, platformKey);
     if (target?.cmd) {
@@ -1219,7 +1508,7 @@ async function agentInstallState(agent) {
 }
 async function fileExists3(p) {
   try {
-    await fs5.access(p);
+    await fs6.access(p);
     return true;
   } catch {
     return false;
@@ -1287,12 +1576,22 @@ async function planSpawn(agent, callerArgs = [], options = {}) {
       version
     };
   }
+  if (agent.distribution.exec) {
+    const exec = agent.distribution.exec;
+    const tail = callerArgs.length > 0 ? callerArgs : exec.args ?? [];
+    return {
+      command: exec.command,
+      args: tail,
+      env: exec.env ?? {},
+      version
+    };
+  }
   throw new Error(`Agent ${agent.id} has no usable distribution method.`);
 }
 
 // src/core/agent-instance.ts
 import { spawn as spawn3 } from "child_process";
-import * as fs6 from "fs";
+import * as fs7 from "fs";
 import * as path5 from "path";
 
 // src/acp/types.ts
@@ -1344,8 +1643,8 @@ var HistoryPolicy = z3.enum([
 ]);
 var SessionNewParams = z3.object({
   cwd: z3.string(),
-  agentId: z3.string().optional(),
-  mcpServers: z3.array(z3.unknown()).optional()
+  mcpServers: z3.array(z3.unknown()).optional(),
+  _meta: z3.record(z3.unknown()).optional()
 });
 var SessionResumeHints = z3.object({
   upstreamSessionId: z3.string(),
@@ -1373,23 +1672,10 @@ var SessionAttachParams = z3.object({
     name: z3.string(),
     version: z3.string().optional()
   }).optional(),
-  // When true, the connection observes the session but cannot mutate
-  // it: state-changing methods (session/prompt, session/cancel,
-  // session/set_model, etc.) are rejected with -32011, and attaching
-  // to a cold session does not resurrect or spawn an agent — just
-  // streams history from disk. Used by the TUI's view-only mode.
-  readonly: z3.boolean().optional(),
-  // Debug-only replay pacing. When "drip", the daemon skips chunk
-  // coalescing and re-emits each recorded session/update individually,
-  // spacing them by their original recordedAt deltas (scaled by
-  // dripSpeed, with a per-gap cap) so a session's streaming render can
-  // be reproduced at its real granularity for flicker investigation.
-  // Omitted/"instant" preserves the normal coalesced, as-fast-as-possible
-  // replay.
-  replayMode: z3.enum(["instant", "drip"]).optional(),
-  // Multiplier applied to original inter-entry gaps in drip mode. >1
-  // compresses time (faster), <1 stretches it. Defaults to 1.
-  dripSpeed: z3.number().positive().optional(),
+  // Hydra-specific attach options (readonly, replayMode, dripSpeed) are
+  // NOT top-level — they ride under `_meta["hydra-acp"]` (read via
+  // extractHydraMeta) so session/attach carries only RFD #533's own
+  // fields at the top level.
   _meta: z3.record(z3.unknown()).optional()
 });
 var HYDRA_META_KEY = "hydra-acp";
@@ -1412,8 +1698,26 @@ function extractHydraMeta(meta) {
   if (typeof obj.cwd === "string") {
     out.cwd = obj.cwd;
   }
-  if (typeof obj.name === "string") {
-    out.name = obj.name;
+  if (typeof obj.clientId === "string") {
+    out.clientId = obj.clientId;
+  }
+  if (typeof obj.readonly === "boolean") {
+    out.readonly = obj.readonly;
+  }
+  if (obj.replayMode === "instant" || obj.replayMode === "drip") {
+    out.replayMode = obj.replayMode;
+  }
+  if (typeof obj.dripSpeed === "number" && obj.dripSpeed > 0) {
+    out.dripSpeed = obj.dripSpeed;
+  }
+  if (obj.toolContent === "inline" || obj.toolContent === "references") {
+    out.toolContent = obj.toolContent;
+  }
+  if (obj.detachStatus === "detached") {
+    out.detachStatus = obj.detachStatus;
+  }
+  if (typeof obj.title === "string") {
+    out.title = obj.title;
   }
   if (Array.isArray(obj.agentArgs) && obj.agentArgs.every((a) => typeof a === "string")) {
     out.agentArgs = obj.agentArgs;
@@ -1465,14 +1769,22 @@ function extractHydraMeta(meta) {
       out.availableCommands = cmds;
     }
   }
-  if (typeof obj.promptQueueing === "boolean") {
-    out.promptQueueing = obj.promptQueueing;
+  if (obj.prompt && typeof obj.prompt === "object" && !Array.isArray(obj.prompt)) {
+    const p = obj.prompt;
+    const caps = {};
+    if (typeof p.queueing === "boolean") caps.queueing = p.queueing;
+    if (typeof p.cancelling === "boolean") caps.cancelling = p.cancelling;
+    if (typeof p.updating === "boolean") caps.updating = p.updating;
+    if (typeof p.amending === "boolean") caps.amending = p.amending;
+    if (typeof p.pipelining === "boolean") caps.pipelining = p.pipelining;
+    out.prompt = caps;
   }
-  if (typeof obj.promptCancelling === "boolean") {
-    out.promptCancelling = obj.promptCancelling;
-  }
-  if (typeof obj.promptUpdating === "boolean") {
-    out.promptUpdating = obj.promptUpdating;
+  if (obj.agents && typeof obj.agents === "object" && !Array.isArray(obj.agents)) {
+    const a = obj.agents;
+    const caps = {};
+    if (typeof a.list === "boolean") caps.list = a.list;
+    if (typeof a.installProgress === "boolean") caps.installProgress = a.installProgress;
+    out.agents = caps;
   }
   if (typeof obj.mcpStdin === "boolean") {
     out.mcpStdin = obj.mcpStdin;
@@ -1483,12 +1795,6 @@ function extractHydraMeta(meta) {
   if (typeof obj.ancillary === "boolean") {
     out.ancillary = obj.ancillary;
   }
-  if (typeof obj.promptAmending === "boolean") {
-    out.promptAmending = obj.promptAmending;
-  }
-  if (typeof obj.promptPipelining === "boolean") {
-    out.promptPipelining = obj.promptPipelining;
-  }
   if (Array.isArray(obj.queue)) {
     const entries = [];
     for (const raw of obj.queue) {
@@ -1561,6 +1867,43 @@ function extractHydraMeta(meta) {
       out.availableModels = models;
     }
   }
+  if (obj.status === "live" || obj.status === "cold") {
+    out.status = obj.status;
+  }
+  if (typeof obj.busy === "boolean") {
+    out.busy = obj.busy;
+  }
+  if (typeof obj.awaitingInput === "boolean") {
+    out.awaitingInput = obj.awaitingInput;
+  }
+  if (typeof obj.attachedClients === "number") {
+    out.attachedClients = obj.attachedClients;
+  }
+  if (typeof obj.importedFromMachine === "string") {
+    out.importedFromMachine = obj.importedFromMachine;
+  }
+  if (typeof obj.importedFromUpstreamSessionId === "string") {
+    out.importedFromUpstreamSessionId = obj.importedFromUpstreamSessionId;
+  }
+  if (typeof obj.parentSessionId === "string") {
+    out.parentSessionId = obj.parentSessionId;
+  }
+  if (typeof obj.forkedFromSessionId === "string") {
+    out.forkedFromSessionId = obj.forkedFromSessionId;
+  }
+  if (typeof obj.forkedFromMessageId === "string") {
+    out.forkedFromMessageId = obj.forkedFromMessageId;
+  }
+  if (obj.originatingClient && typeof obj.originatingClient === "object" && !Array.isArray(obj.originatingClient) && typeof obj.originatingClient.name === "string") {
+    const oc = obj.originatingClient;
+    out.originatingClient = {
+      name: oc.name,
+      ...typeof oc.version === "string" ? { version: oc.version } : {}
+    };
+  }
+  if (obj.agentCapabilities !== void 0) {
+    out.agentCapabilities = obj.agentCapabilities;
+  }
   return out;
 }
 function mergeMeta(passthrough, ours) {
@@ -1598,7 +1941,7 @@ var SessionListEntry = z3.object({
   importedFromUpstreamSessionId: z3.string().optional(),
   // Set when this session was spawned as a child by a transformer.
   parentSessionId: z3.string().optional(),
-  // Local-fork breadcrumbs set by hydra-acp/fork_session. Distinct from
+  // Local-fork breadcrumbs set by hydra-acp/session/fork. Distinct from
   // the imported* family above: a fork is a local branch off another
   // local session, an import is a cross-machine takeover.
   forkedFromSessionId: z3.string().optional(),
@@ -1636,36 +1979,89 @@ var SessionListResult = z3.object({
   sessions: z3.array(SessionListEntryWire),
   nextCursor: z3.string().optional()
 });
-function sessionListEntryToWire(entry) {
-  const hydraMeta = {
+function buildHydraSessionMeta(entry, extras) {
+  const meta = {
     attachedClients: entry.attachedClients,
     status: entry.status,
     busy: entry.busy,
     awaitingInput: entry.awaitingInput
   };
+  if (entry.cwd !== void 0) {
+    meta.cwd = entry.cwd;
+  }
+  if (entry.title !== void 0) {
+    meta.title = entry.title;
+  }
   if (entry.agentId !== void 0) {
-    hydraMeta.agentId = entry.agentId;
+    meta.agentId = entry.agentId;
   }
   if (entry.upstreamSessionId !== void 0) {
-    hydraMeta.upstreamSessionId = entry.upstreamSessionId;
+    meta.upstreamSessionId = entry.upstreamSessionId;
   }
   if (entry.currentModel !== void 0) {
-    hydraMeta.currentModel = entry.currentModel;
+    meta.currentModel = entry.currentModel;
   }
   if (entry.currentUsage !== void 0) {
-    hydraMeta.currentUsage = entry.currentUsage;
+    meta.currentUsage = entry.currentUsage;
   }
   if (entry.importedFromMachine !== void 0) {
-    hydraMeta.importedFromMachine = entry.importedFromMachine;
+    meta.importedFromMachine = entry.importedFromMachine;
   }
   if (entry.importedFromUpstreamSessionId !== void 0) {
-    hydraMeta.importedFromUpstreamSessionId = entry.importedFromUpstreamSessionId;
+    meta.importedFromUpstreamSessionId = entry.importedFromUpstreamSessionId;
+  }
+  if (entry.parentSessionId !== void 0) {
+    meta.parentSessionId = entry.parentSessionId;
+  }
+  if (entry.forkedFromSessionId !== void 0) {
+    meta.forkedFromSessionId = entry.forkedFromSessionId;
+  }
+  if (entry.forkedFromMessageId !== void 0) {
+    meta.forkedFromMessageId = entry.forkedFromMessageId;
+  }
+  if (entry.originatingClient !== void 0) {
+    meta.originatingClient = entry.originatingClient;
+  }
+  if (entry.interactive !== void 0) {
+    meta.interactive = entry.interactive;
+  }
+  if (extras) {
+    if (extras.clientId !== void 0) {
+      meta.clientId = extras.clientId;
+    }
+    if (extras.currentMode !== void 0) {
+      meta.currentMode = extras.currentMode;
+    }
+    if (extras.agentArgs !== void 0 && extras.agentArgs.length > 0) {
+      meta.agentArgs = extras.agentArgs;
+    }
+    if (extras.availableCommands !== void 0 && extras.availableCommands.length > 0) {
+      meta.availableCommands = extras.availableCommands;
+    }
+    if (extras.availableModes !== void 0 && extras.availableModes.length > 0) {
+      meta.availableModes = extras.availableModes;
+    }
+    if (extras.availableModels !== void 0 && extras.availableModels.length > 0) {
+      meta.availableModels = extras.availableModels;
+    }
+    if (extras.turnStartedAt !== void 0) {
+      meta.turnStartedAt = extras.turnStartedAt;
+    }
+    if (extras.agentCapabilities !== void 0) {
+      meta.agentCapabilities = extras.agentCapabilities;
+    }
+    if (extras.queue !== void 0 && extras.queue.length > 0) {
+      meta.queue = extras.queue;
+    }
   }
+  return meta;
+}
+function sessionListEntryToWire(entry) {
   const wire = {
     sessionId: entry.sessionId,
     cwd: entry.cwd,
     updatedAt: entry.updatedAt,
-    _meta: mergeMeta(entry._meta, hydraMeta)
+    _meta: mergeMeta(entry._meta, buildHydraSessionMeta(entry))
   };
   if (entry.title !== void 0) {
     wire.title = entry.title;
@@ -1753,65 +2149,6 @@ var PromptAmendedParams = z3.object({
   originator: PromptOriginatorSchema,
   amendedAt: z3.number()
 });
-var StreamOpenParams = z3.object({
-  sessionId: z3.string(),
-  // 'memory' keeps the ring in RAM only — needed for the eventual MCP
-  // tool surface. 'file' adds a temp file projection that the agent can
-  // consume with shell tools (tail -f / head / grep) when MCP isn't
-  // available. The temp file's path is returned in the response.
-  mode: z3.enum(["memory", "file"]).optional(),
-  // Ring capacity in bytes. Server clamps to a reasonable minimum and
-  // its configured max; omitted falls back to the daemon default.
-  capacityBytes: z3.number().int().positive().optional(),
-  // File mode only. Soft cap in bytes; after this many bytes are
-  // written to the file, further appends still land in the ring but
-  // stop being mirrored to disk. The daemon emits one stream_truncated
-  // session/update notification when the cap is first hit.
-  fileCapBytes: z3.number().int().positive().optional()
-});
-var StreamOpenResult = z3.object({
-  // Only present when mode === "file".
-  filePath: z3.string().optional(),
-  capacityBytes: z3.number().int().positive(),
-  fileCapBytes: z3.number().int().positive().optional()
-});
-var StreamWriteParams = z3.object({
-  sessionId: z3.string(),
-  // Base64-encoded bytes. UTF-8 stdin gets re-encoded on the wire; the
-  // ring is byte-exact so binary streams (audio, framed protocols) work
-  // identically.
-  chunk: z3.string(),
-  // True on the final write. Pending long-poll reads / waits return with
-  // eof:true once this is observed.
-  eof: z3.boolean().optional()
-});
-var StreamWriteResult = z3.object({
-  // Absolute writeCursor after this append landed.
-  writeCursor: z3.number().int().nonnegative()
-});
-var StreamReadParams = z3.object({
-  sessionId: z3.string(),
-  cursor: z3.number().int().nonnegative(),
-  // Cap on bytes returned. Server enforces a hard ceiling (STREAM_READ_MAX_BYTES,
-  // currently 64 KiB) even when the caller asks for more.
-  maxBytes: z3.number().int().positive().optional(),
-  // Long-poll timeout in ms. 0 / omitted returns immediately with
-  // whatever's available (possibly empty). Server cap 60s.
-  waitMs: z3.number().int().nonnegative().optional()
-});
-var StreamReadResult = z3.object({
-  // Base64-encoded bytes. Empty string when nothing new is available
-  // and either waitMs was 0 or the long-poll expired without data.
-  bytes: z3.string(),
-  nextCursor: z3.number().int().nonnegative(),
-  // Set when `cursor` pointed before the oldest still-resident byte —
-  // value is the count of bytes that were evicted between the caller's
-  // cursor and what we still have.
-  gap: z3.number().int().nonnegative().optional(),
-  // True when the producer has closed AND there are no more bytes
-  // after nextCursor.
-  eof: z3.boolean().optional()
-});
 var AgentInstallProgressParams = z3.object({
   agentId: z3.string(),
   version: z3.string(),
@@ -1828,7 +2165,7 @@ var AgentInstallProgressParams = z3.object({
   totalBytes: z3.number().optional(),
   packageSpec: z3.string().optional()
 });
-var AGENT_INSTALL_PROGRESS_METHOD = "hydra-acp/agent_install_progress";
+var AGENT_INSTALL_PROGRESS_METHOD = "hydra-acp/agents/install_progress";
 
 // src/acp/framing.ts
 function ndjsonStreamFromStdio(stdout, stdin) {
@@ -1931,6 +2268,13 @@ var JsonRpcConnection = class _JsonRpcConnection {
   pending = /* @__PURE__ */ new Map();
   closed = false;
   closeHandlers = [];
+  // Observers for error frames that arrive with no matching pending
+  // request — e.g. an agent replying with an error to a notification
+  // (which carries no id, so it can't be correlated the normal way).
+  // session/cancel is the canonical case: an agent that doesn't support
+  // it (current opencode) emits a MethodNotFound/UnsupportedOperation
+  // error frame we'd otherwise silently drop. See handleResponse.
+  orphanErrorHandlers = [];
   onRequest(method, handler) {
     this.requestHandlers.set(method, handler);
   }
@@ -1966,6 +2310,10 @@ var JsonRpcConnection = class _JsonRpcConnection {
   onClose(handler) {
     this.closeHandlers.push(handler);
   }
+  // Subscribe to error frames that can't be matched to a pending request.
+  onOrphanError(handler) {
+    this.orphanErrorHandlers.push(handler);
+  }
   async request(method, params) {
     return this.requestWithId(method, params).response;
   }
@@ -2022,6 +2370,8 @@ var JsonRpcConnection = class _JsonRpcConnection {
       }
     } else if ("id" in message) {
       this.handleResponse(message);
+    } else if ("error" in message) {
+      this.handleResponse(message);
     }
   }
   async handleRequest(req) {
@@ -2069,6 +2419,18 @@ var JsonRpcConnection = class _JsonRpcConnection {
   handleResponse(res) {
     const pending = this.pending.get(res.id);
     if (!pending) {
+      if (res.error) {
+        for (const handler of this.orphanErrorHandlers) {
+          try {
+            handler({
+              code: res.error.code,
+              message: res.error.message,
+              data: res.error.data
+            });
+          } catch {
+          }
+        }
+      }
       return;
     }
     this.pending.delete(res.id);
@@ -2244,8 +2606,8 @@ stderr: ${tail}` : reason;
 function openAgentLog(agentId) {
   try {
     const logPath = paths.agentLogFile(agentId);
-    fs6.mkdirSync(path5.dirname(logPath), { recursive: true });
-    const stream = fs6.createWriteStream(logPath, { flags: "a" });
+    fs7.mkdirSync(path5.dirname(logPath), { recursive: true });
+    const stream = fs7.createWriteStream(logPath, { flags: "a" });
     stream.on("error", () => void 0);
     return stream;
   } catch {
@@ -2254,7 +2616,7 @@ function openAgentLog(agentId) {
 }
 
 // src/core/session-manager.ts
-import * as fs13 from "fs/promises";
+import * as fs15 from "fs/promises";
 import * as os2 from "os";
 import * as path9 from "path";
 import { customAlphabet as customAlphabet3 } from "nanoid";
@@ -2298,8 +2660,8 @@ var SessionStreamBuffer = class {
   fileCapReached = false;
   onFileCapReached;
   logWriteError;
-  // Single-flight chain for file appends so concurrent stream_write
-  // calls don't interleave their writes.
+  // Single-flight chain for file appends so concurrent stdin writes
+  // don't interleave their file writes.
   fileWriteChain = Promise.resolve();
   constructor(opts = {}) {
     this.maxCapacityBytes = opts.capacityBytes ?? DEFAULT_CAPACITY_BYTES;
@@ -2728,6 +3090,30 @@ var HYDRA_COMMANDS = [
 ];
 var VERB_INDEX = new Map(HYDRA_COMMANDS.map((c) => [c.verb, c]));
 
+// src/core/model-resolve.ts
+function trailingSegment(modelId) {
+  const slash = modelId.lastIndexOf("/");
+  const tail = slash === -1 ? modelId : modelId.slice(slash + 1);
+  return tail.toLowerCase();
+}
+function resolveModelId(requested, advertised) {
+  if (advertised.length === 0) {
+    return { kind: "none", requested };
+  }
+  if (advertised.some((m) => m.modelId === requested)) {
+    return { kind: "exact", modelId: requested };
+  }
+  const wantKey = trailingSegment(requested);
+  const candidates = advertised.map((m) => m.modelId).filter((id) => trailingSegment(id) === wantKey);
+  if (candidates.length === 1) {
+    return { kind: "resolved", modelId: candidates[0], requested };
+  }
+  if (candidates.length > 1) {
+    return { kind: "ambiguous", requested, candidates };
+  }
+  return { kind: "unknown", requested };
+}
+
 // src/core/coalesce-replay.ts
 function coalesceReplay(entries) {
   if (entries.length === 0) {
@@ -2735,6 +3121,7 @@ function coalesceReplay(entries) {
   }
   const lastToolUpdateIndex = /* @__PURE__ */ new Map();
   const mergedToolContent = /* @__PURE__ */ new Map();
+  const carriedRawInput = /* @__PURE__ */ new Map();
   for (let i = 0; i < entries.length; i++) {
     const entry = entries[i];
     if (entry === void 0) {
@@ -2749,6 +3136,9 @@ function coalesceReplay(entries) {
       continue;
     }
     lastToolUpdateIndex.set(id, i);
+    if (upd.rawInput && typeof upd.rawInput === "object" && !Array.isArray(upd.rawInput) && Object.keys(upd.rawInput).length > 0) {
+      carriedRawInput.set(id, upd.rawInput);
+    }
     if (Array.isArray(upd.content) && upd.content.length > 0) {
       const buf = mergedToolContent.get(id);
       if (buf) {
@@ -2788,11 +3178,11 @@ function coalesceReplay(entries) {
       if (id !== void 0 && lastToolUpdateIndex.get(id) !== i) {
         continue;
       }
-      if (id !== void 0 && mergedToolContent.has(id)) {
-        out.push(withReplacedContent(entry, mergedToolContent.get(id) ?? []));
-      } else {
-        out.push(entry);
+      let emitted = id !== void 0 && mergedToolContent.has(id) ? withReplacedContent(entry, mergedToolContent.get(id) ?? []) : entry;
+      if (id !== void 0 && carriedRawInput.has(id) && !hasRawInput(emitted)) {
+        emitted = withRawInput(emitted, carriedRawInput.get(id));
       }
+      out.push(emitted);
       continue;
     }
     if (kind === "plan") {
@@ -2863,24 +3253,40 @@ function withReplacedContent(entry, content) {
     }
   };
 }
+function hasRawInput(entry) {
+  const update = readUpdate(entry);
+  const ri = update?.rawInput;
+  return !!ri && typeof ri === "object" && !Array.isArray(ri) && Object.keys(ri).length > 0;
+}
+function withRawInput(entry, rawInput) {
+  const params = entry.params ?? {};
+  const update = params.update ?? {};
+  return {
+    ...entry,
+    params: {
+      ...params,
+      update: { ...update, rawInput }
+    }
+  };
+}
 
 // src/core/queue-store.ts
-import * as fs7 from "fs/promises";
+import * as fs8 from "fs/promises";
 async function rewriteQueue(sessionId, entries) {
   const file = paths.queueFile(sessionId);
   if (entries.length === 0) {
-    await fs7.unlink(file).catch(() => void 0);
+    await fs8.unlink(file).catch(() => void 0);
     return;
   }
-  await fs7.mkdir(paths.sessionDir(sessionId), { recursive: true });
+  await fs8.mkdir(paths.sessionDir(sessionId), { recursive: true });
   const body = entries.map((e) => JSON.stringify(e)).join("\n") + "\n";
-  await fs7.writeFile(file, body, "utf8");
+  await fs8.writeFile(file, body, "utf8");
 }
 async function loadQueue(sessionId) {
   const file = paths.queueFile(sessionId);
   let text;
   try {
-    text = await fs7.readFile(file, "utf8");
+    text = await fs8.readFile(file, "utf8");
   } catch (err) {
     if (err.code === "ENOENT") {
       return [];
@@ -2902,7 +3308,7 @@ async function loadQueue(sessionId) {
 }
 async function deleteQueue(sessionId) {
   const file = paths.queueFile(sessionId);
-  await fs7.unlink(file).catch(() => void 0);
+  await fs8.unlink(file).catch(() => void 0);
 }
 
 // src/core/session.ts
@@ -2920,7 +3326,7 @@ function stripHydraSessionPrefix(id) {
 var DEFAULT_HISTORY_MAX_ENTRIES = 1e3;
 var TRANSFORMER_CLAIM_TIMEOUT_MS = 5 * 60 * 1e3;
 var RECENTLY_TERMINAL_LIMIT = 64;
-var Session = class {
+var Session = class _Session {
   sessionId;
   cwd;
   // agent / agentId / upstreamSessionId are mutable so /hydra agent can
@@ -2994,6 +3400,16 @@ var Session = class {
   // endpoint uses this to tail a live session's conversation stream
   // without participating in turns or prompts.
   broadcastHandlers = [];
+  // Epoch ms of the most recent session/cancel we sent to the agent.
+  // Used to attribute an id-less error frame from the agent to a cancel
+  // (see wireAgent's orphan-error observer). Window kept short so an
+  // unrelated later error isn't mislabeled.
+  lastCancelAt = 0;
+  static CANCEL_ERROR_WINDOW_MS = 2e3;
+  // Set by forceCancel() so the in-flight turn's agent-kill rejection is
+  // reported to the originator as a clean "cancelled" stopReason instead of
+  // a raw "connection closed" error.
+  forceCancelling = false;
   // True once we've observed our first session/prompt; gates the
   // first-prompt-seeded title so subsequent prompts don't churn it.
   // Also read by SessionManager's onClose hook to decide whether to
@@ -3069,6 +3485,7 @@ var Session = class {
   agentCommandsHandlers = [];
   agentModesHandlers = [];
   agentModelsHandlers = [];
+  availableAgentsFn;
   modelHandlers = [];
   modeHandlers = [];
   interactiveHandlers = [];
@@ -3141,6 +3558,7 @@ var Session = class {
     this.idleTimeoutMs = init.idleTimeoutMs ?? 0;
     this.idleEventTimeoutMs = init.idleEventTimeoutMs ?? 3e4;
     this.spawnReplacementAgent = init.spawnReplacementAgent;
+    this.availableAgentsFn = init.availableAgents;
     this.listSessions = init.listSessions;
     this.logger = init.logger;
     this.transformChain = init.transformChain ?? [];
@@ -3218,6 +3636,11 @@ var Session = class {
     agent.connection.onRequest("session/request_permission", async (params) => {
       return this.handlePermissionRequest(params);
     });
+    if (typeof agent.connection.onOrphanError === "function") {
+      agent.connection.onOrphanError((error) => {
+        this.handleOrphanError(error);
+      });
+    }
     agent.onExit(() => {
       if (this.agent !== agent) {
         return;
@@ -3225,6 +3648,31 @@ var Session = class {
       this.markClosed({ deleteRecord: false });
     });
   }
+  // An error frame arrived from the agent that couldn't be matched to a
+  // pending request. The canonical case is a reply to our id-less
+  // session/cancel notification: agents that don't support cancellation
+  // (current opencode) answer with MethodNotFound (-32601) or an
+  // UnsupportedOperation error. If one lands within the cancel window,
+  // surface it to attached clients so the TUI can tell the user the
+  // cancel didn't take rather than silently dropping it.
+  handleOrphanError(error) {
+    const sinceCancel = Date.now() - this.lastCancelAt;
+    if (this.lastCancelAt === 0 || sinceCancel > _Session.CANCEL_ERROR_WINDOW_MS) {
+      this.logger?.warn(
+        `agent ${this.agentId} sent uncorrelated error frame code=${error.code} message=${error.message}`
+      );
+      return;
+    }
+    this.lastCancelAt = 0;
+    this.logger?.warn(
+      `agent ${this.agentId} rejected session/cancel code=${error.code} message=${error.message}`
+    );
+    this.broadcastQueueNotification("hydra-acp/cancel_failed", {
+      sessionId: this.sessionId,
+      code: error.code,
+      message: error.message
+    });
+  }
   // Runs the response-side transformer chain, then the snapshot interceptors,
   // then recordAndBroadcast. All state mutation happens after the chain exits.
   // See forwardRequest for originatedBy / startIdx semantics.
@@ -3242,7 +3690,7 @@ var Session = class {
       const token = `t_${generateChainToken()}`;
       let result;
       try {
-        result = await t.connection.request("transformer/message", {
+        result = await t.connection.request("hydra-acp/transformer/message", {
           token,
           phase: "response",
           method: "session/update",
@@ -3268,7 +3716,7 @@ var Session = class {
           const timer = setTimeout(() => {
             if (this.pendingClaims.delete(token)) {
               this.broadcastQueueNotification(
-                "hydra-acp/transformer_abandoned_request",
+                "hydra-acp/transformer/abandoned_request",
                 { sessionId: this.sessionId, token, transformerName: t.name }
               );
               void this.runResponseChain(
@@ -3315,7 +3763,10 @@ var Session = class {
       return;
     }
     if (this.maybeApplyAgentConfigOption(envelope)) {
-      this.recordAndBroadcast("session/update", envelope);
+      this.recordAndBroadcast(
+        "session/update",
+        this.mergeAgentOptionIntoEnvelope(envelope)
+      );
       return;
     }
     if (this.maybeApplyAgentUsage(rawParams)) {
@@ -3373,11 +3824,11 @@ var Session = class {
   // Read the persisted history from disk. Returns [] if no history
   // file exists (fresh session, never prompted). Used by attach() and
   // the HTTP /history endpoint.
-  async getHistorySnapshot() {
+  async getHistorySnapshot(tools = "inline") {
     if (!this.historyStore) {
       return [];
     }
-    return this.historyStore.load(this.sessionId).catch(() => []);
+    return this.historyStore.load(this.sessionId, { tools }).catch(() => []);
   }
   // Subscribe to recordable broadcast entries — fires once per entry
   // that lands in history (so snapshot-shaped session_info/model/mode/
@@ -3427,7 +3878,7 @@ var Session = class {
   }
   async loadReplay(historyPolicy, opts) {
     const maybeCoalesce = (entries) => opts.raw ? entries : coalesceReplay(entries);
-    const raw = await this.getHistorySnapshot();
+    const raw = await this.getHistorySnapshot(opts.toolContent ?? "inline");
     const state = this.buildStateSnapshotReplay();
     if (historyPolicy === "after_message") {
       const cutoff = opts.afterMessageId ? findMessageIdIndex(raw, opts.afterMessageId) : -1;
@@ -3650,7 +4101,7 @@ var Session = class {
   // prompt_received a single, useful meaning ("the agent is now taking
   // a turn on this prompt"), which is how attached clients (notably
   // agent-shell) consume it. The accept-time signal that peers can use
-  // for queue chip rendering is hydra-acp/prompt_queue_added instead.
+  // for queue chip rendering is hydra-acp/prompt_queue/added instead.
   broadcastPromptReceived(entry) {
     const sentBy = { clientId: entry.originator.clientId };
     if (entry.originator.name) {
@@ -3741,7 +4192,7 @@ var Session = class {
       this.recentlyTerminal.delete(oldest);
     }
   }
-  // Fire hydra-acp/prompt_amended for the M1→M2 linkage. The amendment's
+  // Fire hydra-acp/prompt/amended for the M1→M2 linkage. The amendment's
   // current content is read live from the queue entry so any update_prompt
   // calls during the amend window are reflected. Best-effort: if M2 has
   // already been cancelled out of the queue by the time we get here, we
@@ -3761,7 +4212,7 @@ var Session = class {
       amendedAt: Date.now()
     };
     this.broadcastQueueNotification(
-      "hydra-acp/prompt_amended",
+      "hydra-acp/prompt/amended",
       params
     );
   }
@@ -3804,17 +4255,17 @@ var Session = class {
         "hydra-acp": { amending: options.amending }
       };
     }
-    this.broadcastQueueNotification("hydra-acp/prompt_queue_added", params);
+    this.broadcastQueueNotification("hydra-acp/prompt_queue/added", params);
   }
   broadcastQueueUpdated(messageId, prompt) {
-    this.broadcastQueueNotification("hydra-acp/prompt_queue_updated", {
+    this.broadcastQueueNotification("hydra-acp/prompt_queue/updated", {
       sessionId: this.sessionId,
       messageId,
       prompt
     });
   }
   broadcastQueueRemoved(messageId, reason) {
-    this.broadcastQueueNotification("hydra-acp/prompt_queue_removed", {
+    this.broadcastQueueNotification("hydra-acp/prompt_queue/removed", {
       sessionId: this.sessionId,
       messageId,
       reason
@@ -4095,6 +4546,7 @@ var Session = class {
         JsonRpcErrorCodes.SessionNotFound
       );
     }
+    this.lastCancelAt = Date.now();
     await this.agent.connection.notify("session/cancel", {
       sessionId: this.upstreamSessionId
     });
@@ -4110,7 +4562,7 @@ var Session = class {
       this.transformChain.push(ref);
     }
     if (ref.intercepts.has("lifecycle:session.opened")) {
-      void ref.connection.notify("transformer/session_event", {
+      void ref.connection.notify("hydra-acp/transformer/session_event", {
         event: "session.opened",
         sessionId: this.sessionId
       }).catch(() => void 0);
@@ -4134,7 +4586,7 @@ var Session = class {
       const token = `t_${generateChainToken()}`;
       let result;
       try {
-        result = await t.connection.request("transformer/message", {
+        result = await t.connection.request("hydra-acp/transformer/message", {
           token,
           phase: "request",
           method,
@@ -4160,7 +4612,7 @@ var Session = class {
           const timer = setTimeout(() => {
             if (this.pendingClaims.delete(token)) {
               this.broadcastQueueNotification(
-                "hydra-acp/transformer_abandoned_request",
+                "hydra-acp/transformer/abandoned_request",
                 { sessionId: this.sessionId, token, transformerName: t.name }
               );
               void this.forwardRequest(
@@ -4202,7 +4654,7 @@ var Session = class {
     claim.resolve(result);
     return true;
   }
-  // Called by the WS handler on hydra-acp/keep_alive.
+  // Called by the WS handler on hydra-acp/connection/keep_alive.
   // Resets the abandonment timer for an outstanding processing claim.
   keepAliveClaim(token, estimatedRemainingMs) {
     const claim = this.pendingClaims.get(token);
@@ -4214,7 +4666,7 @@ var Session = class {
     const timer = setTimeout(() => {
       if (this.pendingClaims.delete(token)) {
         this.broadcastQueueNotification(
-          "hydra-acp/transformer_abandoned_request",
+          "hydra-acp/transformer/abandoned_request",
           { sessionId: this.sessionId, token, transformerName: claim.transformerName }
         );
         if (claim.side === "response") {
@@ -4379,18 +4831,20 @@ var Session = class {
       } catch {
       }
     }
+    this.broadcastConfigOptions();
     return true;
   }
-  // Apply an opencode-style config_option_update. opencode emits this
-  // (not the spec-shaped current_model_update / available_models_update)
-  // to carry both the current model and the list of available models.
-  // The payload is `configOptions: [{ id: "model", currentValue, options:
-  // [{ value, name }] }, ...]`. We harvest only the entry whose id is
-  // "model" — other ids ("mode", "effort", etc.) are opencode-internal
-  // and not consumed by hydra. Returns true when we recognized and
-  // handled the notification so the wireAgent loop can stop trying
-  // further extractors (the broadcast still fires; clients that grok
-  // config_option_update render it directly).
+  // Apply an agent-emitted config_option_update. claude-acp and opencode
+  // emit this (not the spec-shaped current_model_update /
+  // available_modes_update) to carry the current value AND option list for
+  // model and mode. The payload is `configOptions: [{ id, currentValue,
+  // options: [{ value, name }] }, ...]`. We harvest the "model" and "mode"
+  // entries — other ids (e.g. "effort") are agent-internal and ignored.
+  // Harvesting the mode list here is what populates availableModes for
+  // agents that never send available_modes_update (so the TUI's Shift+Tab
+  // cycle has something to cycle through). Returns true when recognized so
+  // the wireAgent loop stops trying further extractors (the original frame
+  // still broadcasts; config-options-aware clients render it directly).
   maybeApplyAgentConfigOption(params) {
     const obj = params ?? {};
     const update = obj.update ?? {};
@@ -4406,24 +4860,37 @@ var Session = class {
         continue;
       }
       const opt = raw;
-      if (opt.id !== "model") {
-        continue;
-      }
-      const models = parseModelsList(opt.options);
-      if (models.length > 0) {
-        this.setAgentAdvertisedModels(models);
-      }
-      const cv = opt.currentValue;
-      if (typeof cv === "string") {
-        const trimmed = cv.trim();
-        if (trimmed && trimmed !== this.currentModel) {
-          this.logger?.info(
-            `live config_option_update(model): sessionId=${this.sessionId} ${JSON.stringify(this.currentModel)} \u2192 ${JSON.stringify(trimmed)}`
-          );
-          this.applyModelChange(trimmed);
+      if (opt.id === "model") {
+        const models = parseModelsList(opt.options);
+        if (models.length > 0) {
+          this.setAgentAdvertisedModels(models);
+        }
+        const cv = opt.currentValue;
+        if (typeof cv === "string") {
+          const trimmed = cv.trim();
+          if (trimmed && trimmed !== this.currentModel) {
+            this.logger?.info(
+              `live config_option_update(model): sessionId=${this.sessionId} ${JSON.stringify(this.currentModel)} \u2192 ${JSON.stringify(trimmed)}`
+            );
+            this.applyModelChange(trimmed);
+          }
+        }
+      } else if (opt.id === "mode") {
+        const modes = parseModesList(opt.options);
+        if (modes.length > 0) {
+          this.setAgentAdvertisedModes(modes);
+        }
+        const cv = opt.currentValue;
+        if (typeof cv === "string") {
+          const trimmed = cv.trim();
+          if (trimmed && trimmed !== this.currentMode) {
+            this.logger?.info(
+              `live config_option_update(mode): sessionId=${this.sessionId} ${JSON.stringify(this.currentMode)} \u2192 ${JSON.stringify(trimmed)}`
+            );
+            this.applyModeChange(trimmed);
+          }
         }
       }
-      break;
     }
     return true;
   }
@@ -4451,6 +4918,7 @@ var Session = class {
       } catch {
       }
     }
+    this.broadcastConfigOptions();
     return true;
   }
   // usage_update carries any subset of {used, size, cost.amount,
@@ -4661,6 +5129,7 @@ var Session = class {
       sessionId: this.upstreamSessionId,
       update
     });
+    this.broadcastConfigOptions();
   }
   // Apply a mode change initiated by a client request (session/set_mode)
   // when the agent doesn't emit a current_mode_update notification on its
@@ -4697,6 +5166,115 @@ var Session = class {
       sessionId: this.upstreamSessionId,
       update
     });
+    this.broadcastConfigOptions();
+  }
+  // Assemble the spec-shaped configOptions snapshot for this session.
+  // Order reflects the agent's preferred prominence: model and mode (the
+  // dimensions users toggle constantly) first, then the hydra-native
+  // `agent` selector. model/mode are included only when hydra actually
+  // knows that dimension for the connected agent; `agent` is always
+  // present since hydra owns the swap concept regardless of the backend.
+  buildConfigOptions() {
+    const out = [];
+    if (this.agentAdvertisedModels.length > 0) {
+      const options = this.agentAdvertisedModels.map(
+        (m) => ({
+          value: m.modelId,
+          name: m.name ?? m.modelId,
+          ...m.description !== void 0 ? { description: m.description } : {}
+        })
+      );
+      const currentValue = this.currentModel && options.some((o) => o.value === this.currentModel) ? this.currentModel : options[0].value;
+      out.push({
+        id: "model",
+        name: "Model",
+        category: "model",
+        type: "select",
+        currentValue,
+        options
+      });
+    }
+    if (this.agentAdvertisedModes.length > 0) {
+      const options = this.agentAdvertisedModes.map(
+        (m) => ({
+          value: m.id,
+          name: m.name ?? m.id,
+          ...m.description !== void 0 ? { description: m.description } : {}
+        })
+      );
+      const currentValue = this.currentMode && options.some((o) => o.value === this.currentMode) ? this.currentMode : options[0].value;
+      out.push({
+        id: "mode",
+        name: "Session Mode",
+        category: "mode",
+        type: "select",
+        currentValue,
+        options
+      });
+    }
+    const agents = this.availableAgentsFn?.() ?? [];
+    const agentOptions = agents.map((a) => ({
+      value: a.id,
+      name: a.name ?? a.id,
+      ...a.description !== void 0 ? { description: a.description } : {}
+    }));
+    if (!agentOptions.some((o) => o.value === this.agentId)) {
+      agentOptions.unshift({ value: this.agentId, name: this.agentId });
+    }
+    out.push({
+      id: "agent",
+      name: "Agent",
+      category: "_hydra_agent",
+      type: "select",
+      currentValue: this.agentId,
+      options: agentOptions
+    });
+    return out;
+  }
+  // Broadcast a config_option_update carrying the full snapshot. Fired
+  // alongside the legacy current_mode_update / current_model_update and on
+  // agent swaps so config-options-aware clients stay in sync via the
+  // spec mechanism. config_option_update is a STATE_UPDATE_KIND, so this
+  // broadcasts live but is not recorded to history.
+  broadcastConfigOptions() {
+    this.recordAndBroadcast("session/update", {
+      sessionId: this.upstreamSessionId,
+      update: {
+        sessionUpdate: "config_option_update",
+        configOptions: this.buildConfigOptions()
+      }
+    });
+  }
+  // Return a shallow clone of an agent-emitted config_option_update
+  // envelope with the hydra-native `agent` option appended to its
+  // configOptions (unless the agent already advertised one). Preserves
+  // the agent's own options (mode/model/effort/…) and their order; the
+  // `agent` selector rides last, matching its lower prominence. The
+  // original envelope is not mutated.
+  mergeAgentOptionIntoEnvelope(envelope) {
+    if (!envelope || typeof envelope !== "object") {
+      return envelope;
+    }
+    const env = envelope;
+    if (!env.update || typeof env.update !== "object") {
+      return envelope;
+    }
+    const update = env.update;
+    const list = Array.isArray(update.configOptions) ? [...update.configOptions] : [];
+    const hasAgent = list.some(
+      (o) => o && typeof o === "object" && o.id === "agent"
+    );
+    if (hasAgent) {
+      return envelope;
+    }
+    const agentOption = this.buildConfigOptions().find((o) => o.id === "agent");
+    if (!agentOption) {
+      return envelope;
+    }
+    return {
+      ...env,
+      update: { ...update, configOptions: [...list, agentOption] }
+    };
   }
   onUsageChange(handler) {
     this.usageHandlers.push(handler);
@@ -4832,7 +5410,7 @@ var Session = class {
   // "/hydra <name> <verb> [args]" — name matches a registered extension
   // or transformer. We split the remainder into verb + args, validate the
   // verb against what the process advertised, and forward as a
-  // hydra-acp/extension_command request on the process's WS connection.
+  // hydra-acp/commands/invoke request on the process's WS connection.
   // The reply's text (if any) is broadcast as a synthetic
   // agent_message_chunk so it appears in the conversation alongside the
   // user's invocation.
@@ -4861,7 +5439,7 @@ var Session = class {
       }
       let reply;
       try {
-        reply = await entry.connection.request("hydra-acp/extension_command", {
+        reply = await entry.connection.request("hydra-acp/commands/invoke", {
           sessionId: this.sessionId,
           verb,
           args
@@ -4969,6 +5547,27 @@ ${text}
           sessionUpdate: "agent_message_chunk",
           content: { type: "text", text: `
 ${body}
+` },
+          _meta: { "hydra-acp": { synthetic: true } }
+        }
+      });
+      return { stopReason: "end_turn" };
+    }
+    const resolution = resolveModelId(arg, this.agentAdvertisedModels);
+    let modelId = arg;
+    if (resolution.kind === "resolved") {
+      modelId = resolution.modelId;
+    } else if (resolution.kind === "ambiguous" || resolution.kind === "unknown") {
+      const known = this.agentAdvertisedModels.map((m) => m.modelId).join("\n  ");
+      const reason = resolution.kind === "ambiguous" ? `"${arg}" matches multiple models: ${resolution.candidates.join(", ")}` : `"${arg}" is not an available model`;
+      this.recordAndBroadcast("session/update", {
+        sessionId: this.upstreamSessionId,
+        update: {
+          sessionUpdate: "agent_message_chunk",
+          content: { type: "text", text: `
+${reason}.
+Available models:
+  ${known}
 ` },
           _meta: { "hydra-acp": { synthetic: true } }
         }
@@ -4977,7 +5576,7 @@ ${body}
     }
     await this.forwardRequest("session/set_model", {
       sessionId: this.sessionId,
-      modelId: arg
+      modelId
     });
     return { stopReason: "end_turn" };
   }
@@ -5074,6 +5673,14 @@ ${body}
   // record. Spawns the new agent first so a failure leaves the old one
   // intact; then injects a synthesized transcript so the new agent has
   // context for the next turn.
+  // Public entry for swapping the underlying agent from a client request
+  // (session/set_config_option with configId "agent"), the protocol twin
+  // of the `/hydra agent` text command. Delegates to the same swap
+  // machinery so both paths share validation, transcript replay, and the
+  // config_option_update broadcast.
+  setAgent(newAgentId) {
+    return this.runAgentCommand(newAgentId);
+  }
   runAgentCommand(newAgentId) {
     if (!newAgentId) {
       throw withCode(
@@ -5112,12 +5719,10 @@ ${body}
       this.agentCapabilities = fresh.agentCapabilities;
       this.agentAdvertisedCommands = [];
       this.broadcastMergedCommands();
-      if (this.agentAdvertisedModels.length > 0) {
-        this.setAgentAdvertisedModels([]);
-      }
-      if (this.agentAdvertisedModes.length > 0) {
-        this.setAgentAdvertisedModes([]);
-      }
+      this.currentModel = fresh.initialModel;
+      this.currentMode = fresh.initialMode;
+      this.setAgentAdvertisedModels(fresh.initialModels ?? []);
+      this.setAgentAdvertisedModes(fresh.initialModes ?? []);
       await oldAgent.kill().catch(() => void 0);
       if (transcript) {
         await this.runInternalPrompt(transcript).catch(() => void 0);
@@ -5141,7 +5746,7 @@ ${body}
   // down any in-flight request as a side effect. The record is kept
   // (deleteRecord:false) so the session goes cold and can be resurrected.
   // Returns end_turn so the prompt() caller's response resolves normally,
-  // but every attached client has already received hydra-acp/session_closed
+  // but every attached client has already received hydra-acp/session/closed
   // by the time this returns.
   async runKillCommand() {
     await this.close({ deleteRecord: false });
@@ -5159,45 +5764,71 @@ ${body}
         JsonRpcErrorCodes.InternalError
       );
     }
-    const spawnAgent = this.spawnReplacementAgent;
-    const agentId = this.agentId;
     return this.enqueuePrompt(async () => {
-      const transcript = await this.buildSwitchTranscript(agentId);
-      const fresh = await spawnAgent({
-        agentId,
-        cwd: this.cwd,
-        agentArgs: this.agentArgs
-      });
-      this.accumulateAndResetCost();
-      this.wireAgent(fresh.agent);
-      const oldAgent = this.agent;
-      this.agent = fresh.agent;
-      this.upstreamSessionId = fresh.upstreamSessionId;
-      this.agentMeta = fresh.agentMeta;
-      this.agentCapabilities = fresh.agentCapabilities;
-      this.agentAdvertisedCommands = [];
-      this.broadcastMergedCommands();
-      if (this.agentAdvertisedModels.length > 0) {
-        this.setAgentAdvertisedModels([]);
-      }
-      if (this.agentAdvertisedModes.length > 0) {
-        this.setAgentAdvertisedModes([]);
-      }
-      await oldAgent.kill().catch(() => void 0);
-      if (transcript) {
-        await this.runInternalPrompt(transcript).catch(() => void 0);
-      }
-      this.broadcastAgentSwitch(agentId, agentId);
-      const info = { agentId, upstreamSessionId: this.upstreamSessionId };
-      for (const handler of this.agentChangeHandlers) {
-        try {
-          handler(info);
-        } catch {
-        }
-      }
+      await this.respawnAgent();
       return { stopReason: "end_turn" };
     });
   }
+  // Last-resort cancellation. When an agent ignores session/cancel (current
+  // opencode returns UnsupportedOperation and keeps generating), the only
+  // way to actually stop the turn is to tear the subprocess down. Rather
+  // than respawn + replay the transcript (slow, and renders as an agent
+  // "switch"), we close the session keeping its record: agent.kill() aborts
+  // the in-flight turn, and the next prompt auto-resurrects via session/load
+  // (cheap — the agent restores its own context). The forceCancelling flag
+  // makes runQueueEntry render the aborted turn as "cancelled" rather than a
+  // raw connection error. Runs OUTSIDE the prompt queue so a wedged turn
+  // can't block it.
+  async forceCancel() {
+    if (this.closed || this.closing) {
+      throw withCode(
+        new Error("session is closing"),
+        JsonRpcErrorCodes.SessionClosing
+      );
+    }
+    this.lastCancelAt = 0;
+    this.forceCancelling = true;
+    await this.close({ deleteRecord: false });
+    return { stopReason: "cancelled" };
+  }
+  // Shared kill-and-respawn used by /hydra restart (queued) and forceCancel
+  // (immediate). Spawns a fresh agent, swaps it in, kills the old one, and
+  // re-seeds the conversation transcript so the new process has context.
+  async respawnAgent() {
+    const spawnAgent = this.spawnReplacementAgent;
+    const agentId = this.agentId;
+    const transcript = await this.buildSwitchTranscript(agentId);
+    const fresh = await spawnAgent({
+      agentId,
+      cwd: this.cwd,
+      agentArgs: this.agentArgs
+    });
+    this.accumulateAndResetCost();
+    this.wireAgent(fresh.agent);
+    const oldAgent = this.agent;
+    this.agent = fresh.agent;
+    this.upstreamSessionId = fresh.upstreamSessionId;
+    this.agentMeta = fresh.agentMeta;
+    this.agentCapabilities = fresh.agentCapabilities;
+    this.agentAdvertisedCommands = [];
+    this.broadcastMergedCommands();
+    this.currentModel = fresh.initialModel;
+    this.currentMode = fresh.initialMode;
+    this.setAgentAdvertisedModels(fresh.initialModels ?? []);
+    this.setAgentAdvertisedModes(fresh.initialModes ?? []);
+    await oldAgent.kill().catch(() => void 0);
+    if (transcript) {
+      await this.runInternalPrompt(transcript).catch(() => void 0);
+    }
+    this.broadcastAgentSwitch(agentId, agentId);
+    const info = { agentId, upstreamSessionId: this.upstreamSessionId };
+    for (const handler of this.agentChangeHandlers) {
+      try {
+        handler(info);
+      } catch {
+      }
+    }
+  }
   // Walk the persisted history and produce a labeled transcript suitable
   // for handing to a fresh agent. Includes user prompts, agent replies,
   // and tool-call outcomes; skips hydra-synthesized markers (so multi-hop
@@ -5298,15 +5929,13 @@ ${body}
       return void 0;
     });
   }
-  // Tell every attached client (a) the agent identity has changed
-  // (session_info_update carrying agentId inside _meta["hydra-acp"] —
+  // Tell every attached client the agent identity has changed via
+  // session_info_update carrying agentId inside _meta["hydra-acp"] —
   // the ACP schema for session_info_update is just title/updatedAt/_meta,
   // so non-hydra clients harmlessly ignore the extension; hydra-aware
-  // ones read it and relabel) and (b) drop a visible banner into the
-  // transcript so users see the switch rather than just suddenly getting
-  // answers from a different agent. Both updates carry synthetic=true
-  // so a future /hydra agent's transcript builder filters them out.
-  broadcastAgentSwitch(oldAgentId, newAgentId) {
+  // ones read it and relabel. synthetic=true so a future /hydra agent's
+  // transcript builder filters it out.
+  broadcastAgentSwitch(_oldAgentId, newAgentId) {
     this.recordAndBroadcast("session/update", {
       sessionId: this.sessionId,
       update: {
@@ -5314,19 +5943,7 @@ ${body}
         _meta: { "hydra-acp": { synthetic: true, agentId: newAgentId } }
       }
     });
-    this.recordAndBroadcast("session/update", {
-      sessionId: this.sessionId,
-      update: {
-        sessionUpdate: "agent_message_chunk",
-        content: {
-          type: "text",
-          text: `
-_(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
-`
-        },
-        _meta: { "hydra-acp": { synthetic: true } }
-      }
-    });
+    this.broadcastConfigOptions();
   }
   // stdin-stream lifecycle. Cat --stream calls openStream() once after
   // session/new, then forwards stdin chunks via streamWrite(). The agent
@@ -5457,7 +6074,7 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
   requireStreamBuffer() {
     if (this.streamBuffer === void 0) {
       const err = new Error(
-        `session ${this.sessionId} has no stream buffer; call hydra-acp/stream_open first`
+        `session ${this.sessionId} has no stream buffer; POST /v1/sessions/:id/stdin/open first`
       );
       err.code = JsonRpcErrorCodes.StreamNotEnabled;
       throw err;
@@ -5500,7 +6117,7 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
     const sessionId = this.sessionId;
     this.queueWriteChain = this.queueWriteChain.catch(() => void 0).then(() => deleteQueue(sessionId).catch(() => void 0));
     for (const client of this.clients.values()) {
-      void client.connection.notify("hydra-acp/session_closed", { sessionId: this.sessionId }).catch(() => void 0);
+      void client.connection.notify("hydra-acp/session/closed", { sessionId: this.sessionId }).catch(() => void 0);
     }
     this.clients.clear();
     if (this.streamBuffer !== void 0) {
@@ -5607,7 +6224,7 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
       if (!t.intercepts.has(intercept)) {
         continue;
       }
-      void t.connection.notify("transformer/session_event", {
+      void t.connection.notify("hydra-acp/transformer/session_event", {
         event,
         sessionId: this.sessionId,
         payload
@@ -5887,6 +6504,10 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
         }
       );
     } catch (err) {
+      if (this.forceCancelling) {
+        this.clearAmendIfMatches(entry.messageId);
+        return { stopReason: "cancelled" };
+      }
       if (!this.closed) {
         this.broadcastTurnComplete(
           entry.clientId,
@@ -6002,6 +6623,31 @@ function parseModelsList(list) {
   }
   return out;
 }
+function parseModesList(list) {
+  if (!Array.isArray(list)) {
+    return [];
+  }
+  const out = [];
+  for (const raw of list) {
+    if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
+      continue;
+    }
+    const r = raw;
+    const id = typeof r.value === "string" && r.value.trim() || typeof r.id === "string" && r.id.trim() || void 0;
+    if (!id) {
+      continue;
+    }
+    const mode = { id };
+    if (typeof r.name === "string" && r.name.length > 0) {
+      mode.name = r.name;
+    }
+    if (typeof r.description === "string" && r.description.length > 0) {
+      mode.description = r.description;
+    }
+    out.push(mode);
+  }
+  return out;
+}
 function extractAdvertisedModes(params) {
   const obj = params ?? {};
   const update = obj.update ?? {};
@@ -6193,7 +6839,7 @@ function firstLine(text, max) {
 }
 
 // src/core/session-store.ts
-import * as fs8 from "fs/promises";
+import * as fs9 from "fs/promises";
 import * as path6 from "path";
 import { customAlphabet as customAlphabet2 } from "nanoid";
 import { z as z5 } from "zod";
@@ -6378,9 +7024,9 @@ var SessionRecord = z5.object({
   // memory. Cleared after that first resurrect completes.
   pendingHistorySync: z5.boolean().optional(),
   // Set when this session was spawned as a child by a transformer via
-  // hydra-acp/spawn_child_session. Points to the spawning session's id.
+  // hydra-acp/child_session/spawn. Points to the spawning session's id.
   parentSessionId: z5.string().optional(),
-  // Set when this session was created by hydra-acp/fork_session.
+  // Set when this session was created by hydra-acp/session/fork.
   // forkedFromSessionId points to the local source session; forkedFromMessageId
   // is the resolved forkAt — the messageId of the turn_complete the slice
   // ended at. Kept so future UI can show "branched from turn N of session X".
@@ -6400,9 +7046,9 @@ var SessionRecord = z5.object({
   createdAt: z5.string(),
   updatedAt: z5.string()
 });
-var SESSION_ID_PATTERN = /^[A-Za-z0-9_-]+$/;
+var SESSION_ID_PATTERN2 = /^[A-Za-z0-9_-]+$/;
 function assertSafeId(id) {
-  if (!SESSION_ID_PATTERN.test(id)) {
+  if (!SESSION_ID_PATTERN2.test(id)) {
     throw new Error(`unsafe session id: ${id}`);
   }
 }
@@ -6415,7 +7061,7 @@ var SessionStore = class {
     });
   }
   async read(sessionId) {
-    if (!SESSION_ID_PATTERN.test(sessionId)) {
+    if (!SESSION_ID_PATTERN2.test(sessionId)) {
       return void 0;
     }
     const parsed = await readJsonSafe(paths.sessionFile(sessionId));
@@ -6429,11 +7075,11 @@ var SessionStore = class {
     }
   }
   async delete(sessionId) {
-    if (!SESSION_ID_PATTERN.test(sessionId)) {
+    if (!SESSION_ID_PATTERN2.test(sessionId)) {
       return;
     }
     try {
-      await fs8.unlink(paths.sessionFile(sessionId));
+      await fs9.unlink(paths.sessionFile(sessionId));
     } catch (err) {
       const e = err;
       if (e.code !== "ENOENT") {
@@ -6441,7 +7087,7 @@ var SessionStore = class {
       }
     }
     try {
-      await fs8.rmdir(paths.sessionDir(sessionId));
+      await fs9.rmdir(paths.sessionDir(sessionId));
     } catch (err) {
       const e = err;
       if (e.code !== "ENOENT" && e.code !== "ENOTEMPTY") {
@@ -6471,7 +7117,7 @@ var SessionStore = class {
   async list() {
     let entries;
     try {
-      entries = await fs8.readdir(paths.sessionsDir());
+      entries = await fs9.readdir(paths.sessionsDir());
     } catch (err) {
       const e = err;
       if (e.code === "ENOENT") {
@@ -6521,20 +7167,167 @@ function recordFromMemorySession(args) {
   };
 }
 
-// src/core/synopsis-coordinator.ts
+// src/core/tombstone-store.ts
 import * as fs10 from "fs/promises";
+import { z as z6 } from "zod";
+var Tombstone = z6.object({
+  version: z6.literal(1),
+  agentId: z6.string(),
+  upstreamSessionId: z6.string(),
+  deletedAt: z6.string(),
+  // Agent's last-reported updatedAt for this session at the moment we
+  // deleted, snapshotted from SessionRecord.updatedAt. Compared against
+  // the listing's updatedAt on subsequent syncs to detect that the
+  // conversation has moved on (the agent / user revived it), in which
+  // case the tombstone is dropped and the session re-imports. Absent
+  // when the deleted record never carried a meaningful updatedAt.
+  upstreamUpdatedAt: z6.string().optional(),
+  cwd: z6.string().optional(),
+  title: z6.string().optional(),
+  reason: z6.enum(["user", "expired"]).optional()
+});
+var TombstoneStore = class {
+  async add(t) {
+    const full = { version: 1, ...t };
+    await writeJsonAtomic(
+      paths.tombstoneFile(t.agentId, t.upstreamSessionId),
+      full,
+      { mode: 384 }
+    );
+  }
+  async has(agentId, upstreamSessionId) {
+    try {
+      await fs10.access(paths.tombstoneFile(agentId, upstreamSessionId));
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  // Returns the tombstone payload if the file exists. An unreadable or
+  // unparseable file still counts as a tombstone — we synthesize a
+  // bare record so the caller's "is this dead?" check stays correct,
+  // but with no upstreamUpdatedAt the resurrection rule treats any
+  // listed updatedAt as advancement (see SessionManager.syncFromAgent).
+  async read(agentId, upstreamSessionId) {
+    const file = paths.tombstoneFile(agentId, upstreamSessionId);
+    const parsed = await readJsonSafe(file);
+    if (parsed === void 0) {
+      if (await this.has(agentId, upstreamSessionId)) {
+        return {
+          version: 1,
+          agentId,
+          upstreamSessionId,
+          deletedAt: (/* @__PURE__ */ new Date(0)).toISOString()
+        };
+      }
+      return void 0;
+    }
+    try {
+      return Tombstone.parse(parsed);
+    } catch {
+      return {
+        version: 1,
+        agentId,
+        upstreamSessionId,
+        deletedAt: (/* @__PURE__ */ new Date(0)).toISOString()
+      };
+    }
+  }
+  async remove(agentId, upstreamSessionId) {
+    try {
+      await fs10.unlink(paths.tombstoneFile(agentId, upstreamSessionId));
+    } catch (err) {
+      const e = err;
+      if (e.code !== "ENOENT") {
+        throw err;
+      }
+    }
+    try {
+      await fs10.rmdir(paths.tombstoneAgentDir(agentId));
+    } catch (err) {
+      const e = err;
+      if (e.code !== "ENOENT" && e.code !== "ENOTEMPTY") {
+        throw err;
+      }
+    }
+  }
+  async list(agentId) {
+    if (agentId !== void 0) {
+      return this.listForAgent(agentId);
+    }
+    let agents;
+    try {
+      agents = await fs10.readdir(paths.tombstonesDir());
+    } catch (err) {
+      const e = err;
+      if (e.code === "ENOENT") {
+        return [];
+      }
+      throw err;
+    }
+    const out = [];
+    for (const enc of agents) {
+      let decoded;
+      try {
+        decoded = decodeURIComponent(enc);
+      } catch {
+        continue;
+      }
+      out.push(...await this.listForAgent(decoded));
+    }
+    return out;
+  }
+  async listForAgent(agentId) {
+    let files;
+    try {
+      files = await fs10.readdir(paths.tombstoneAgentDir(agentId));
+    } catch (err) {
+      const e = err;
+      if (e.code === "ENOENT") {
+        return [];
+      }
+      throw err;
+    }
+    const out = [];
+    for (const f of files) {
+      let upstreamId;
+      try {
+        upstreamId = decodeURIComponent(f);
+      } catch {
+        continue;
+      }
+      const t = await this.read(agentId, upstreamId);
+      if (t) {
+        out.push(t);
+      }
+    }
+    return out;
+  }
+};
+function shouldResurrectFromUpstream(tombstone, listingUpdatedAt) {
+  if (listingUpdatedAt === void 0) {
+    return false;
+  }
+  if (tombstone.upstreamUpdatedAt === void 0) {
+    return true;
+  }
+  return listingUpdatedAt > tombstone.upstreamUpdatedAt;
+}
+
+// src/core/synopsis-coordinator.ts
+import * as fs12 from "fs/promises";
 
 // src/core/hydra-version.ts
 import { fileURLToPath } from "url";
 import * as path7 from "path";
-import * as fs9 from "fs";
+import * as fs11 from "fs";
 function resolveVersion() {
   try {
     let dir = path7.dirname(fileURLToPath(import.meta.url));
     for (let i = 0; i < 8; i += 1) {
       const candidate = path7.join(dir, "package.json");
-      if (fs9.existsSync(candidate)) {
-        const pkg = JSON.parse(fs9.readFileSync(candidate, "utf8"));
+      if (fs11.existsSync(candidate)) {
+        const pkg = JSON.parse(fs11.readFileSync(candidate, "utf8"));
         if (typeof pkg.version === "string" && pkg.version.length > 0 && (typeof pkg.name !== "string" || pkg.name.includes("hydra-acp"))) {
           return pkg.version;
         }
@@ -7058,7 +7851,7 @@ var SynopsisCoordinator = class {
       });
       const modelId = this.opts.synopsisModel;
       const synopsisCwd = paths.sessionDir(sessionId);
-      await fs10.mkdir(synopsisCwd, { recursive: true }).catch(() => void 0);
+      await fs12.mkdir(synopsisCwd, { recursive: true }).catch(() => void 0);
       this.opts.logger?.info(
         `synopsis: start sessionId=${sessionId} agentId=${synopsisAgentId} historyLen=${history.length} model=${JSON.stringify(modelId ?? "(default)")} cwd=${synopsisCwd}`
       );
@@ -7161,8 +7954,217 @@ function describeFields(s) {
 }
 
 // src/core/history-store.ts
-import * as fs11 from "fs/promises";
-var SESSION_ID_PATTERN2 = /^[A-Za-z0-9_-]+$/;
+import * as fs13 from "fs/promises";
+
+// src/core/tool-content.ts
+function parseToolContentMode(raw) {
+  return raw === "summary" ? "summary" : "inline";
+}
+var SUMMARY_TEXT_CAP = 256;
+function applyToolContentMode(entries, mode) {
+  if (mode !== "summary") {
+    return entries;
+  }
+  return entries.map(summarizeEntry);
+}
+function summarizeEntry(entry) {
+  if (entry.method !== "session/update") {
+    return entry;
+  }
+  const params = entry.params;
+  if (!params || typeof params !== "object" || Array.isArray(params)) {
+    return entry;
+  }
+  const p = params;
+  const update = p.update;
+  if (!update || typeof update !== "object" || Array.isArray(update)) {
+    return entry;
+  }
+  const u = update;
+  if (u.sessionUpdate !== "tool_call" && u.sessionUpdate !== "tool_call_update") {
+    return entry;
+  }
+  const newUpdate = { ...u };
+  if (Array.isArray(u.content)) {
+    newUpdate.content = u.content.map(summarizeBlock);
+  }
+  const rawOutput = u.rawOutput;
+  if (rawOutput && typeof rawOutput === "object" && !Array.isArray(rawOutput)) {
+    const ro = rawOutput;
+    const slim = {};
+    if (ro.error !== void 0) {
+      slim.error = clip(ro.error);
+    }
+    if (ro.metadata !== void 0) {
+      slim.metadata = ro.metadata;
+    }
+    newUpdate.rawOutput = slim;
+  }
+  return { ...entry, params: { ...p, update: newUpdate } };
+}
+function isDiffBlock(block) {
+  return !!block && typeof block === "object" && !Array.isArray(block) && block.type === "diff";
+}
+function summarizeBlock(block) {
+  if (isDiffBlock(block)) {
+    const b2 = block;
+    const out2 = {
+      type: "diff",
+      oldText: "",
+      newText: ""
+    };
+    if (typeof b2.path === "string") {
+      out2.path = b2.path;
+    }
+    return out2;
+  }
+  if (!block || typeof block !== "object" || Array.isArray(block)) {
+    return block;
+  }
+  const b = block;
+  const out = { ...b };
+  if (typeof b.text === "string") {
+    out.text = clip(b.text);
+  }
+  if (typeof b.content === "string") {
+    out.content = clip(b.content);
+  } else if (b.content && typeof b.content === "object") {
+    out.content = summarizeBlock(b.content);
+  }
+  return out;
+}
+function clip(value) {
+  if (typeof value === "string" && value.length > SUMMARY_TEXT_CAP) {
+    const elided = value.length - SUMMARY_TEXT_CAP;
+    return `${value.slice(0, SUMMARY_TEXT_CAP)}\u2026[+${elided} chars omitted from summary export]`;
+  }
+  return value;
+}
+var TOOL_BLOB_THRESHOLD = 2048;
+function collectToolBlobHashes(entries) {
+  const out = /* @__PURE__ */ new Set();
+  const walk = (value) => {
+    if (isToolBlobRef(value)) {
+      out.add(value.__hydraBlob);
+      return;
+    }
+    if (Array.isArray(value)) {
+      for (const item of value) {
+        walk(item);
+      }
+      return;
+    }
+    if (value && typeof value === "object") {
+      for (const v of Object.values(value)) {
+        walk(v);
+      }
+    }
+  };
+  for (const entry of entries) {
+    walk(entry.params);
+  }
+  return out;
+}
+function isToolBlobRef(value) {
+  return !!value && typeof value === "object" && !Array.isArray(value) && typeof value.__hydraBlob === "string";
+}
+function isToolEntry(entry) {
+  if (entry.method !== "session/update") {
+    return false;
+  }
+  const params = entry.params;
+  if (!params || typeof params !== "object" || Array.isArray(params)) {
+    return false;
+  }
+  const update = params.update;
+  if (!update || typeof update !== "object" || Array.isArray(update)) {
+    return false;
+  }
+  const kind = update.sessionUpdate;
+  return kind === "tool_call" || kind === "tool_call_update";
+}
+async function externalizeToolEntry(entry, put) {
+  if (!isToolEntry(entry)) {
+    return entry;
+  }
+  const p = entry.params;
+  const update = p.update;
+  const newUpdate = await deepExternalize(update, put);
+  return { ...entry, params: { ...p, update: newUpdate } };
+}
+async function deepExternalize(value, put) {
+  if (typeof value === "string") {
+    if (value.length <= TOOL_BLOB_THRESHOLD) {
+      return value;
+    }
+    const hash = await put(value);
+    if (hash === null) {
+      return value;
+    }
+    const ref = { __hydraBlob: hash, bytes: value.length };
+    return ref;
+  }
+  if (Array.isArray(value)) {
+    const out = [];
+    for (const item of value) {
+      out.push(await deepExternalize(item, put));
+    }
+    return out;
+  }
+  if (value && typeof value === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(value)) {
+      out[k] = await deepExternalize(v, put);
+    }
+    return out;
+  }
+  return value;
+}
+async function expandToolRefs(entry, get) {
+  const params = entry.params;
+  if (!params || typeof params !== "object" || Array.isArray(params)) {
+    return entry;
+  }
+  const expanded = await deepExpand(params, get);
+  if (expanded === params) {
+    return entry;
+  }
+  return { ...entry, params: expanded };
+}
+async function deepExpand(value, get) {
+  if (isToolBlobRef(value)) {
+    const text = await get(value.__hydraBlob);
+    return text ?? "";
+  }
+  if (Array.isArray(value)) {
+    let changed = false;
+    const out = [];
+    for (const item of value) {
+      const next = await deepExpand(item, get);
+      if (next !== item) {
+        changed = true;
+      }
+      out.push(next);
+    }
+    return changed ? out : value;
+  }
+  if (value && typeof value === "object") {
+    let changed = false;
+    const out = {};
+    for (const [k, v] of Object.entries(value)) {
+      const next = await deepExpand(v, get);
+      if (next !== v) {
+        changed = true;
+      }
+      out[k] = next;
+    }
+    return changed ? out : value;
+  }
+  return value;
+}
+
+// src/core/history-store.ts
+var SESSION_ID_PATTERN3 = /^[A-Za-z0-9_-]+$/;
 var DEFAULT_MAX_ENTRIES = 1e3;
 var HistoryStore = class {
   // Serialize writes per session id so appends and rewrites don't
@@ -7174,26 +8176,34 @@ var HistoryStore = class {
     this.maxEntries = options.maxEntries ?? DEFAULT_MAX_ENTRIES;
   }
   async append(sessionId, entry) {
-    if (!SESSION_ID_PATTERN2.test(sessionId)) {
+    if (!SESSION_ID_PATTERN3.test(sessionId)) {
       return;
     }
     return this.enqueue(sessionId, async () => {
-      await fs11.mkdir(paths.sessionDir(sessionId), { recursive: true });
-      const line = JSON.stringify(entry) + "\n";
-      await fs11.appendFile(paths.historyFile(sessionId), line, {
+      await fs13.mkdir(paths.sessionDir(sessionId), { recursive: true });
+      const stored = await externalizeToolEntry(
+        entry,
+        (t) => putToolBlob(sessionId, t)
+      );
+      const line = JSON.stringify(stored) + "\n";
+      await fs13.appendFile(paths.historyFile(sessionId), line, {
         encoding: "utf8",
         mode: 384
       });
     });
   }
   async rewrite(sessionId, entries) {
-    if (!SESSION_ID_PATTERN2.test(sessionId)) {
+    if (!SESSION_ID_PATTERN3.test(sessionId)) {
       return;
     }
     return this.enqueue(sessionId, async () => {
-      await fs11.mkdir(paths.sessionDir(sessionId), { recursive: true });
-      const body = entries.length === 0 ? "" : entries.map((e) => JSON.stringify(e)).join("\n") + "\n";
-      await fs11.writeFile(paths.historyFile(sessionId), body, {
+      await fs13.mkdir(paths.sessionDir(sessionId), { recursive: true });
+      const stored = [];
+      for (const e of entries) {
+        stored.push(await externalizeToolEntry(e, (t) => putToolBlob(sessionId, t)));
+      }
+      const body = stored.length === 0 ? "" : stored.map((e) => JSON.stringify(e)).join("\n") + "\n";
+      await fs13.writeFile(paths.historyFile(sessionId), body, {
         encoding: "utf8",
         mode: 384
       });
@@ -7204,13 +8214,13 @@ var HistoryStore = class {
   // it's safe to invoke alongside ongoing writes; a no-op if the file is
   // already at or below the cap.
   async compact(sessionId, maxEntries) {
-    if (!SESSION_ID_PATTERN2.test(sessionId)) {
+    if (!SESSION_ID_PATTERN3.test(sessionId)) {
       return;
     }
     return this.enqueue(sessionId, async () => {
       let raw;
       try {
-        raw = await fs11.readFile(paths.historyFile(sessionId), "utf8");
+        raw = await fs13.readFile(paths.historyFile(sessionId), "utf8");
       } catch (err) {
         const e = err;
         if (e.code === "ENOENT") {
@@ -7223,23 +8233,29 @@ var HistoryStore = class {
         return;
       }
       const trimmed = lines.slice(-maxEntries);
-      await fs11.writeFile(paths.historyFile(sessionId), trimmed.join("\n") + "\n", {
+      await fs13.writeFile(paths.historyFile(sessionId), trimmed.join("\n") + "\n", {
         encoding: "utf8",
         mode: 384
       });
     });
   }
-  async load(sessionId) {
-    if (!SESSION_ID_PATTERN2.test(sessionId)) {
+  // `tools` selects how externalized tool content is materialized:
+  //   "inline" (default) — expand blob refs back to full content, so every
+  //                        consumer sees the original recorded shape.
+  //   "references"       — leave references in place (the lean form) for
+  //                        clients that fetch tool content on demand.
+  async load(sessionId, opts = {}) {
+    if (!SESSION_ID_PATTERN3.test(sessionId)) {
       return [];
     }
+    const expand = (opts.tools ?? "inline") === "inline";
     const pending = this.writeQueues.get(sessionId);
     if (pending) {
       await pending;
     }
     let raw;
     try {
-      raw = await fs11.readFile(paths.historyFile(sessionId), "utf8");
+      raw = await fs13.readFile(paths.historyFile(sessionId), "utf8");
     } catch (err) {
       const e = err;
       if (e.code === "ENOENT") {
@@ -7274,10 +8290,25 @@ var HistoryStore = class {
         recordedAt: obj.recordedAt
       });
     }
-    if (out.length > this.maxEntries) {
-      return out.slice(-this.maxEntries);
+    const kept = out.length > this.maxEntries ? out.slice(-this.maxEntries) : out;
+    if (!expand) {
+      return kept;
     }
-    return out;
+    const blobCache = /* @__PURE__ */ new Map();
+    const get = async (hash) => {
+      const cached = blobCache.get(hash);
+      if (cached !== void 0) {
+        return cached;
+      }
+      const value = await getToolBlob(sessionId, hash);
+      blobCache.set(hash, value);
+      return value;
+    };
+    const inlined = [];
+    for (const entry of kept) {
+      inlined.push(await expandToolRefs(entry, get));
+    }
+    return inlined;
   }
   // Wait for every pending append/rewrite/compact across all sessions to
   // settle. Daemon shutdown calls this after closing sessions so the final
@@ -7293,20 +8324,21 @@ var HistoryStore = class {
     await Promise.allSettled(pending);
   }
   async delete(sessionId) {
-    if (!SESSION_ID_PATTERN2.test(sessionId)) {
+    if (!SESSION_ID_PATTERN3.test(sessionId)) {
       return;
     }
     return this.enqueue(sessionId, async () => {
       try {
-        await fs11.unlink(paths.historyFile(sessionId));
+        await fs13.unlink(paths.historyFile(sessionId));
       } catch (err) {
         const e = err;
         if (e.code !== "ENOENT") {
           throw err;
         }
       }
+      await deleteToolBlobs(sessionId);
       try {
-        await fs11.rmdir(paths.sessionDir(sessionId));
+        await fs13.rmdir(paths.sessionDir(sessionId));
       } catch (err) {
         const e = err;
         if (e.code !== "ENOENT" && e.code !== "ENOTEMPTY") {
@@ -7330,74 +8362,79 @@ var HistoryStore = class {
 };
 
 // src/tui/history.ts
-import { promises as fs12 } from "fs";
+import { promises as fs14 } from "fs";
 import * as path8 from "path";
 async function saveHistory(file, history) {
-  await fs12.mkdir(path8.dirname(file), { recursive: true });
+  await fs14.mkdir(path8.dirname(file), { recursive: true });
   const lines = history.map((entry) => JSON.stringify(entry));
-  await fs12.writeFile(file, lines.length > 0 ? lines.join("\n") + "\n" : "");
+  await fs14.writeFile(file, lines.length > 0 ? lines.join("\n") + "\n" : "");
 }
 
 // src/core/bundle.ts
-import { z as z6 } from "zod";
-var HistoryEntrySchema = z6.object({
-  method: z6.string(),
-  params: z6.unknown(),
-  recordedAt: z6.number()
+import { z as z7 } from "zod";
+var HistoryEntrySchema = z7.object({
+  method: z7.string(),
+  params: z7.unknown(),
+  recordedAt: z7.number()
 });
-var BundleSession = z6.object({
+var BundleSession = z7.object({
   // The exporter's local id. Regenerated fresh on import (sessionId is
   // the local namespace; lineageId is what survives across hops).
-  sessionId: z6.string(),
+  sessionId: z7.string(),
   // Required on bundles — the export path backfills if the source
   // record was written before lineageId existed.
-  lineageId: z6.string(),
+  lineageId: z7.string(),
   // The exporter's agent-side session id at export time. Carried so
   // importers can persist it as a breadcrumb (and, eventually, as the
   // handle a "connect back to origin" feature would need). Omitted on
   // bundles whose source record never bound to an agent (e.g. a
   // re-export of an imported, not-yet-attached session).
-  upstreamSessionId: z6.string().optional(),
-  agentId: z6.string(),
-  cwd: z6.string(),
-  title: z6.string().optional(),
+  upstreamSessionId: z7.string().optional(),
+  agentId: z7.string(),
+  cwd: z7.string(),
+  title: z7.string().optional(),
   // Structured snapshot. Carried across export/import so a sync'd
   // session on another machine surfaces the same synopsis in its
   // picker / list / info views without re-asking the agent.
   synopsis: SessionSynopsis.optional(),
-  summarizedThroughEntry: z6.number().int().nonnegative().optional(),
-  currentModel: z6.string().optional(),
-  currentMode: z6.string().optional(),
+  summarizedThroughEntry: z7.number().int().nonnegative().optional(),
+  currentModel: z7.string().optional(),
+  currentMode: z7.string().optional(),
   currentUsage: PersistedUsage.optional(),
-  agentCommands: z6.array(PersistedAgentCommand).optional(),
-  agentModes: z6.array(PersistedAgentMode).optional(),
+  agentCommands: z7.array(PersistedAgentCommand).optional(),
+  agentModes: z7.array(PersistedAgentMode).optional(),
   // Raw interactive tristate (NOT the resolved effectiveInteractive) so
   // the value stays promotable on the destination: a cat/empty source
   // arrives as undefined and a real turn there can still flip it to
   // true. Carried alongside originatingClient so the importer's
   // effectiveInteractive can re-apply the cat-name hint at read time
   // without freezing a sticky `false` into the record.
-  interactive: z6.boolean().optional(),
+  interactive: z7.boolean().optional(),
   originatingClient: PersistedOriginatingClient.optional(),
-  createdAt: z6.string(),
-  updatedAt: z6.string()
+  createdAt: z7.string(),
+  updatedAt: z7.string()
 });
-var Bundle = z6.object({
-  version: z6.literal(1),
-  exportedAt: z6.string(),
-  exportedFrom: z6.object({
-    hydraVersion: z6.string(),
-    machine: z6.string(),
+var Bundle = z7.object({
+  version: z7.literal(1),
+  exportedAt: z7.string(),
+  exportedFrom: z7.object({
+    hydraVersion: z7.string(),
+    machine: z7.string(),
     // Externally-reachable name (and optional ":port") for the exporting
     // daemon, sourced from config.daemon.publicHost (or daemon.host when
     // non-loopback). Carried so an importer can construct a hydra:// URL
     // that dials back to the origin — e.g. over Tailscale. Omitted when
     // the exporter has no routable address; never falls back to loopback.
-    hydraHost: z6.string().optional()
+    hydraHost: z7.string().optional()
   }),
   session: BundleSession,
-  history: z6.array(HistoryEntrySchema),
-  promptHistory: z6.array(z6.string()).optional()
+  history: z7.array(HistoryEntrySchema),
+  promptHistory: z7.array(z7.string()).optional(),
+  // Externalized tool-content blobs referenced by the history, present when
+  // the bundle was exported with tools=references. Map of sha256 → base64
+  // of the gzipped content. Restored to the session's tools/ store on
+  // import; the ref-form history hydrates from them.
+  toolBlobs: z7.record(z7.string()).optional()
 });
 function encodeBundle(params) {
   const bundle = {
@@ -7432,6 +8469,9 @@ function encodeBundle(params) {
   if (params.promptHistory !== void 0) {
     bundle.promptHistory = params.promptHistory;
   }
+  if (params.toolBlobs !== void 0 && Object.keys(params.toolBlobs).length > 0) {
+    bundle.toolBlobs = params.toolBlobs;
+  }
   return bundle;
 }
 function decodeBundle(raw) {
@@ -7447,6 +8487,7 @@ var SessionManager = class {
     this.registry = registry;
     this.spawner = spawner ?? ((opts) => AgentInstance.spawn(opts));
     this.store = store ?? new SessionStore();
+    this.tombstones = options.tombstones ?? new TombstoneStore();
     this.sessionHistoryMaxEntries = options.sessionHistoryMaxEntries ?? 1e3;
     this.histories = new HistoryStore({ maxEntries: this.sessionHistoryMaxEntries });
     this.idleTimeoutMs = options.idleTimeoutMs ?? 0;
@@ -7478,12 +8519,14 @@ var SessionManager = class {
       logger: this.logger,
       npmRegistry: this.npmRegistry
     });
+    void this.refreshAgentCatalog();
   }
   registry;
   sessions = /* @__PURE__ */ new Map();
   resurrectionInflight = /* @__PURE__ */ new Map();
   spawner;
   store;
+  tombstones;
   histories;
   idleTimeoutMs;
   defaultModels;
@@ -7505,6 +8548,25 @@ var SessionManager = class {
   // out-of-band so session close is instant; persists synopsis/title
   // via the same enqueueMetaWrite path the in-session handlers used.
   synopsisCoordinator;
+  // Cached agent catalog used to populate the `agent` config option's
+  // value list. Refreshed lazily (fire-and-forget) since the underlying
+  // registry load may hit the network; sessions read whatever snapshot is
+  // current and always inject their own live agent if it's missing.
+  agentCatalog = [];
+  // Refresh the cached agent catalog from the registry. Fire-and-forget;
+  // failures leave the prior snapshot in place. Called at construction and
+  // after each session creation so the list tracks newly-installed agents.
+  async refreshAgentCatalog() {
+    try {
+      const { agents } = await listAgents(this.registry);
+      this.agentCatalog = agents.map((a) => ({
+        id: a.id,
+        name: a.name,
+        ...a.description !== void 0 ? { description: a.description } : {}
+      }));
+    } catch {
+    }
+  }
   async create(params) {
     const fresh = await this.bootstrapAgent({
       agentId: params.agentId,
@@ -7521,7 +8583,7 @@ var SessionManager = class {
           continue;
         }
         try {
-          const result = await t.connection.request("transformer/message", {
+          const result = await t.connection.request("hydra-acp/transformer/message", {
             token: `t_${generateRawSessionId()}`,
             phase: "response",
             method: "initialize",
@@ -7551,6 +8613,7 @@ var SessionManager = class {
       logger: this.logger,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       listSessions: () => this.list(),
+      availableAgents: () => this.agentCatalog,
       historyStore: this.histories,
       historyMaxEntries: this.sessionHistoryMaxEntries,
       currentModel: fresh.initialModel,
@@ -7718,6 +8781,7 @@ var SessionManager = class {
       logger: this.logger,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       listSessions: () => this.list(),
+      availableAgents: () => this.agentCatalog,
       historyStore: this.histories,
       historyMaxEntries: this.sessionHistoryMaxEntries,
       currentModel: effectiveModel,
@@ -7798,6 +8862,7 @@ var SessionManager = class {
       logger: this.logger,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       listSessions: () => this.list(),
+      availableAgents: () => this.agentCatalog,
       historyStore: this.histories,
       historyMaxEntries: this.sessionHistoryMaxEntries,
       currentModel: effectiveModel,
@@ -7821,7 +8886,7 @@ var SessionManager = class {
   }
   async dirExists(cwd) {
     try {
-      return (await fs13.stat(cwd)).isDirectory();
+      return (await fs15.stat(cwd)).isDirectory();
     } catch {
       return false;
     }
@@ -7927,7 +8992,7 @@ var SessionManager = class {
     for (const rec of stored) {
       existing.add(`${rec.agentId}::${rec.upstreamSessionId}`);
     }
-    const hydraHomeDir = paths.home();
+    const synopsisSandboxDir = paths.sessionsDir();
     const synced = [];
     let skipped = 0;
     for (const entry of entries) {
@@ -7936,10 +9001,21 @@ var SessionManager = class {
         skipped += 1;
         continue;
       }
-      if (isUnderHydraHome(entry.cwd, hydraHomeDir)) {
+      if (isSynopsisSession(entry.cwd, synopsisSandboxDir)) {
         skipped += 1;
         continue;
       }
+      const tombstone = await this.tombstones.read(agentId, entry.sessionId).catch(() => void 0);
+      if (tombstone) {
+        if (!shouldResurrectFromUpstream(tombstone, entry.updatedAt)) {
+          skipped += 1;
+          continue;
+        }
+        await this.tombstones.remove(agentId, entry.sessionId).catch(() => void 0);
+        this.logger?.info(
+          `syncFromAgent: resurrecting tombstoned ${agentId}/${entry.sessionId} (upstream updatedAt advanced past ${tombstone.upstreamUpdatedAt ?? "<unset>"})`
+        );
+      }
       existing.add(dedupeKey);
       const newId = `${HYDRA_SESSION_PREFIX}${generateRawSessionId()}`;
       const now = (/* @__PURE__ */ new Date()).toISOString();
@@ -8000,6 +9076,25 @@ var SessionManager = class {
     }
     return out;
   }
+  // Issue session/set_model for a seed model (defaultModels / --model) at
+  // bootstrap, logging success or a non-fatal rejection. `where` is the
+  // human-readable provenance string used in log lines. A bad id in config
+  // shouldn't break session creation, so a rejection is swallowed.
+  async applySeedModel(agent, sessionId, modelId, where) {
+    try {
+      await agent.connection.request("session/set_model", {
+        sessionId,
+        modelId
+      });
+      this.logger?.info(`${where}: session/set_model accepted`);
+      return true;
+    } catch (err) {
+      this.logger?.warn(
+        `${where} rejected by agent (${err.message}); session will use the agent's own default`
+      );
+      return false;
+    }
+  }
   // Bootstrap a fresh agent process: registry resolve → spawn → initialize
   // → session/new. Shared by create() and the /hydra agent path so both
   // go through the same env / capabilities / error-handling.
@@ -8048,23 +9143,31 @@ var SessionManager = class {
       const initialModels = extractInitialModels(newResult);
       const desired = params.model ?? this.defaultModels[params.agentId];
       if (desired && desired !== initialModel) {
-        const validates = initialModels.length === 0 || initialModels.some((m) => m.modelId === desired);
-        if (validates) {
-          try {
-            await agent.connection.request("session/set_model", {
-              sessionId: sessionIdRaw,
-              modelId: desired
-            });
+        const resolution = resolveModelId(desired, initialModels);
+        const where = params.model !== void 0 ? `model=${JSON.stringify(desired)}` : `defaultModels[${params.agentId}]=${JSON.stringify(desired)}`;
+        if (resolution.kind === "exact" || resolution.kind === "none") {
+          if (await this.applySeedModel(agent, sessionIdRaw, desired, where)) {
             initialModel = desired;
-          } catch (err) {
-            this.logger?.warn(
-              `defaultModels[${params.agentId}]=${JSON.stringify(desired)} rejected by agent (${err.message}); session will use ${JSON.stringify(initialModel)}`
-            );
           }
+        } else if (resolution.kind === "resolved") {
+          if (resolution.modelId === initialModel) {
+            initialModel = resolution.modelId;
+          } else if (await this.applySeedModel(
+            agent,
+            sessionIdRaw,
+            resolution.modelId,
+            `${where} resolved to ${JSON.stringify(resolution.modelId)}`
+          )) {
+            initialModel = resolution.modelId;
+          }
+        } else if (resolution.kind === "ambiguous") {
+          this.logger?.warn(
+            `${where} is ambiguous (trailing-segment matches [${resolution.candidates.join(", ")}]); skipping session/set_model, session will use ${JSON.stringify(initialModel)}`
+          );
         } else {
           const known = initialModels.map((m) => m.modelId).join(", ");
           this.logger?.warn(
-            `defaultModels[${params.agentId}]=${JSON.stringify(desired)} not in agent's availableModels ([${known}]); skipping session/set_model, session will use ${JSON.stringify(initialModel)}`
+            `${where} not in agent's availableModels ([${known}]); skipping session/set_model, session will use ${JSON.stringify(initialModel)}`
           );
         }
       }
@@ -8095,6 +9198,17 @@ var SessionManager = class {
     session.onClose(({ deleteRecord }) => {
       this.sessions.delete(session.sessionId);
       if (deleteRecord) {
+        if (session.upstreamSessionId) {
+          void this.tombstones.add({
+            agentId: session.agentId,
+            upstreamSessionId: session.upstreamSessionId,
+            deletedAt: (/* @__PURE__ */ new Date()).toISOString(),
+            upstreamUpdatedAt: new Date(session.updatedAt).toISOString(),
+            cwd: session.cwd,
+            title: session.title,
+            reason: "user"
+          }).catch(() => void 0);
+        }
         void this.store.delete(session.sessionId).catch(() => void 0);
         void this.histories.delete(session.sessionId).catch(() => void 0);
         return;
@@ -8186,6 +9300,12 @@ var SessionManager = class {
   async loadHistory(sessionId) {
     return this.histories.load(sessionId);
   }
+  // Read a single externalized tool-content blob by sha256 (the lean
+  // `tools: "references"` fetch-on-expand path). Null if the session id or
+  // hash is malformed, or the blob isn't present.
+  async loadToolBlob(sessionId, hash) {
+    return getToolBlob(sessionId, hash);
+  }
   async loadFromDisk(sessionId) {
     const record = await this.store.read(sessionId);
     if (!record) {
@@ -8304,6 +9424,35 @@ var SessionManager = class {
     }
     return session;
   }
+  // Synchronous SessionListEntry for a resident session. Mirrors the
+  // live-session branch of list() but skips the async history probe:
+  // callers on the attach/new hot path already hold the Session and
+  // don't need the history-derived `interactive` inference (they pass
+  // through the session's own tristate) or the history mtime (the
+  // session's updatedAt is current). Used to build the reconciled
+  // session/new + session/attach response `_meta["hydra-acp"]` from the
+  // same shape session/list emits.
+  liveListEntry(session) {
+    return {
+      sessionId: session.sessionId,
+      upstreamSessionId: session.upstreamSessionId,
+      cwd: session.cwd,
+      title: session.title,
+      agentId: session.agentId,
+      currentModel: session.currentModel,
+      currentUsage: session.currentUsage,
+      parentSessionId: session.parentSessionId,
+      forkedFromSessionId: session.forkedFromSessionId,
+      forkedFromMessageId: session.forkedFromMessageId,
+      originatingClient: session.originatingClient,
+      interactive: session.interactive,
+      updatedAt: new Date(session.updatedAt).toISOString(),
+      attachedClients: session.attachedCount,
+      status: "live",
+      busy: session.turnStartedAt !== void 0,
+      awaitingInput: session.awaitingInput
+    };
+  }
   async list(filter = {}) {
     const entries = [];
     const liveIds = /* @__PURE__ */ new Set();
@@ -8394,7 +9543,7 @@ var SessionManager = class {
   // disk. Backfills lineageId if the on-disk record pre-dates that
   // field. Returns undefined if the session doesn't exist. Callers
   // populate the bundle's exportedFrom metadata themselves.
-  async exportBundle(sessionId) {
+  async exportBundle(sessionId, opts = {}) {
     const record = await this.store.read(sessionId);
     if (!record) {
       return void 0;
@@ -8417,9 +9566,20 @@ var SessionManager = class {
       }).catch(() => void 0);
       withLineage = backfilled;
     }
-    const history = await this.histories.load(sessionId).catch(() => []);
+    const tools = opts.tools ?? "inline";
+    const history = await this.histories.load(sessionId, tools === "references" ? { tools: "references" } : {}).catch(() => []);
     const promptHistory = await loadPromptHistorySafely(sessionId);
-    return { record: withLineage, history, promptHistory };
+    if (tools !== "references") {
+      return { record: withLineage, history, promptHistory };
+    }
+    const toolBlobs = {};
+    for (const hash of collectToolBlobHashes(history)) {
+      const gz = await readToolBlobGz(sessionId, hash);
+      if (gz) {
+        toolBlobs[hash] = gz.toString("base64");
+      }
+    }
+    return { record: withLineage, history, promptHistory, toolBlobs };
   }
   // Create a local session from an imported bundle. Without `replace`,
   // a bundle with a lineageId we already have on disk throws
@@ -8580,9 +9740,18 @@ var SessionManager = class {
       args.sessionId,
       args.bundle.history
     );
+    if (args.bundle.toolBlobs) {
+      for (const [hash, b64] of Object.entries(args.bundle.toolBlobs)) {
+        await writeToolBlobGz(
+          args.sessionId,
+          hash,
+          Buffer.from(b64, "base64")
+        ).catch(() => void 0);
+      }
+    }
     const sourceMtime = new Date(args.bundle.session.updatedAt);
     if (!Number.isNaN(sourceMtime.getTime())) {
-      await fs13.utimes(paths.historyFile(args.sessionId), sourceMtime, sourceMtime).catch(() => void 0);
+      await fs15.utimes(paths.historyFile(args.sessionId), sourceMtime, sourceMtime).catch(() => void 0);
     }
     if (args.bundle.promptHistory && args.bundle.promptHistory.length > 0) {
       await saveHistory(
@@ -8637,6 +9806,17 @@ var SessionManager = class {
     if (!record) {
       return false;
     }
+    if (record.upstreamSessionId) {
+      await this.tombstones.add({
+        agentId: record.agentId,
+        upstreamSessionId: record.upstreamSessionId,
+        deletedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        upstreamUpdatedAt: record.updatedAt,
+        cwd: record.cwd,
+        title: record.title,
+        reason: "user"
+      }).catch(() => void 0);
+    }
     await this.store.delete(sessionId).catch(() => void 0);
     return true;
   }
@@ -8846,13 +10026,13 @@ var SessionManager = class {
     }
   }
 };
-function isUnderHydraHome(cwd, hydraHomeDir) {
+function isSynopsisSession(cwd, sandboxDir) {
   if (typeof cwd !== "string" || cwd.length === 0) {
     return false;
   }
   const resolved = path9.resolve(cwd);
-  const home = path9.resolve(hydraHomeDir);
-  return resolved === home || resolved.startsWith(home + path9.sep);
+  const base = path9.resolve(sandboxDir);
+  return resolved === base || resolved.startsWith(base + path9.sep);
 }
 function mergeForPersistence(session, existing) {
   const persistedCommands = session.mergedAvailableCommands().length > 0 ? session.agentOnlyAdvertisedCommands().map((c) => {
@@ -8977,6 +10157,13 @@ function extractInitialModel(result) {
       }
     }
   }
+  const fromConfig = findConfigOptionEntry(result, "model");
+  if (fromConfig) {
+    const cv = asString(fromConfig.currentValue);
+    if (cv) {
+      return cv;
+    }
+  }
   return void 0;
 }
 function asString(value) {
@@ -8986,6 +10173,22 @@ function asString(value) {
   const trimmed = value.trim();
   return trimmed.length > 0 ? trimmed : void 0;
 }
+function findConfigOptionEntry(result, id) {
+  const list = result.configOptions;
+  if (!Array.isArray(list)) {
+    return void 0;
+  }
+  for (const raw of list) {
+    if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
+      continue;
+    }
+    const entry = raw;
+    if (entry.id === id) {
+      return entry;
+    }
+  }
+  return void 0;
+}
 function nonEmptyOrUndefined(arr) {
   return arr.length > 0 ? arr : void 0;
 }
@@ -9021,6 +10224,13 @@ function extractInitialModels(result) {
       }
     }
   }
+  const fromConfig = findConfigOptionEntry(result, "model");
+  if (fromConfig) {
+    const parsed = parseModelsList(fromConfig.options);
+    if (parsed.length > 0) {
+      return parsed;
+    }
+  }
   return [];
 }
 function extractInitialModes(result) {
@@ -9055,6 +10265,13 @@ function extractInitialModes(result) {
       }
     }
   }
+  const fromConfig = findConfigOptionEntry(result, "mode");
+  if (fromConfig) {
+    const parsed = parseModesList(fromConfig.options);
+    if (parsed.length > 0) {
+      return parsed;
+    }
+  }
   return [];
 }
 function extractInitialCurrentMode(result) {
@@ -9085,6 +10302,13 @@ function extractInitialCurrentMode(result) {
       }
     }
   }
+  const fromConfig = findConfigOptionEntry(result, "mode");
+  if (fromConfig) {
+    const cv = asString(fromConfig.currentValue);
+    if (cv) {
+      return cv;
+    }
+  }
   return void 0;
 }
 async function restoreCurrentMode(opts) {
@@ -9146,41 +10370,14 @@ async function restoreCurrentModel(opts) {
     });
     logger?.info(
       `resurrect: session/set_model accepted, effectiveModel=${JSON.stringify(persistedModel)}`
-    );
-    return persistedModel;
-  } catch (err) {
-    logger?.warn(
-      `resurrect: session/set_model rejected by agent for modelId=${JSON.stringify(persistedModel)} (${err.message}); session will use ${JSON.stringify(agentReportedModel)}`
-    );
-    return agentReportedModel;
-  }
-}
-function parseModesList(list) {
-  if (!Array.isArray(list)) {
-    return [];
-  }
-  const out = [];
-  for (const raw of list) {
-    if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
-      continue;
-    }
-    const r = raw;
-    const id = asString(r.id) ?? asString(r.modeId);
-    if (!id) {
-      continue;
-    }
-    const mode = { id };
-    const name = asString(r.name);
-    if (name) {
-      mode.name = name;
-    }
-    const description = asString(r.description);
-    if (description) {
-      mode.description = description;
-    }
-    out.push(mode);
+    );
+    return persistedModel;
+  } catch (err) {
+    logger?.warn(
+      `resurrect: session/set_model rejected by agent for modelId=${JSON.stringify(persistedModel)} (${err.message}); session will use ${JSON.stringify(agentReportedModel)}`
+    );
+    return agentReportedModel;
   }
-  return out;
 }
 function findLastTurnComplete(history) {
   for (let i = history.length - 1; i >= 0; i--) {
@@ -9201,7 +10398,7 @@ function findLastTurnComplete(history) {
 }
 async function loadPromptHistorySafely(sessionId) {
   try {
-    const raw = await fs13.readFile(paths.tuiHistoryFile(sessionId), "utf8");
+    const raw = await fs15.readFile(paths.tuiHistoryFile(sessionId), "utf8");
     const out = [];
     for (const line of raw.split("\n")) {
       if (line.length === 0) {
@@ -9222,7 +10419,7 @@ async function loadPromptHistorySafely(sessionId) {
 }
 async function historyStatus(sessionId) {
   try {
-    const st = await fs13.stat(paths.historyFile(sessionId));
+    const st = await fs15.stat(paths.historyFile(sessionId));
     return {
       mtime: new Date(st.mtimeMs).toISOString(),
       hasContent: st.size > 0
@@ -9243,7 +10440,7 @@ function effectiveInteractive(record, hasContent) {
 
 // src/core/child-supervisor.ts
 import { spawn as spawn4 } from "child_process";
-import * as fs14 from "fs";
+import * as fs16 from "fs";
 import * as fsp5 from "fs/promises";
 import * as path10 from "path";
 
@@ -9616,7 +10813,7 @@ var ChildSupervisor = class {
     }
     const cfg = entry.config;
     const command = cfg.command.length > 0 ? cfg.command : [cfg.name];
-    const logStream = fs14.createWriteStream(
+    const logStream = fs16.createWriteStream(
       this.adapter.paths.logFile(cfg.name),
       { flags: "a" }
     );
@@ -9672,7 +10869,7 @@ var ChildSupervisor = class {
     }
     if (typeof child.pid === "number") {
       try {
-        fs14.writeFileSync(
+        fs16.writeFileSync(
           this.adapter.paths.pidFile(cfg.name),
           `${child.pid}
 `,
@@ -9698,7 +10895,7 @@ var ChildSupervisor = class {
     });
     child.on("exit", (code, signal) => {
       try {
-        fs14.unlinkSync(this.adapter.paths.pidFile(cfg.name));
+        fs16.unlinkSync(this.adapter.paths.pidFile(cfg.name));
       } catch {
       }
       logStream.write(
@@ -9808,13 +11005,13 @@ var TRANSFORMER_ADAPTER = {
   }
 };
 var TransformerManager = class extends ChildSupervisor {
-  // Transformers that have completed transformer/initialize and are ready to
+  // Transformers that have completed hydra-acp/transformer/initialize and are ready to
   // participate in chains. Keyed by transformer name.
   connected = /* @__PURE__ */ new Map();
   constructor(transformers, context, options = {}) {
     super(transformers, TRANSFORMER_ADAPTER, context, options);
   }
-  // Called by the WS handler after transformer/initialize completes. The
+  // Called by the WS handler after hydra-acp/transformer/initialize completes. The
   // transformer is now eligible to participate in session chains.
   registerConnection(name, connection, intercepts) {
     this.connected.set(name, {
@@ -10038,7 +11235,7 @@ function startAgentSyncScheduler(opts) {
 
 // src/core/session-tokens.ts
 import * as path12 from "path";
-import { createHash, randomBytes as randomBytes2, timingSafeEqual } from "crypto";
+import { createHash as createHash2, randomBytes as randomBytes2, timingSafeEqual } from "crypto";
 var TOKEN_PREFIX = "hydra_session_";
 var DEFAULT_TTL_SEC = 60 * 60 * 24 * 30;
 var ID_LENGTH = 12;
@@ -10048,7 +11245,7 @@ function tokensFilePath() {
   return path12.join(paths.home(), "session-tokens.json");
 }
 function sha256Hex(input) {
-  return createHash("sha256").update(input).digest("hex");
+  return createHash2("sha256").update(input).digest("hex");
 }
 function randomHex(bytes) {
   return randomBytes2(bytes).toString("hex");
@@ -10064,20 +11261,27 @@ var SessionTokenStore = class _SessionTokenStore {
   // keyed by hash
   writeTimer = null;
   writeInflight = null;
-  constructor(records) {
+  // Bound at construction so a debounced write that fires after the
+  // process's HYDRA_ACP_HOME has changed (e.g. between tests) targets the
+  // path this store was loaded from rather than re-resolving paths.home()
+  // and clobbering an unrelated home's token file.
+  filePath;
+  constructor(records, filePath) {
+    this.filePath = filePath;
     for (const r of records) {
       this.records.set(r.hash, r);
     }
   }
   static async load() {
     let records = [];
+    const filePath = tokensFilePath();
     const parsed = await readJsonSafe(
-      tokensFilePath()
+      filePath
     );
     if (parsed && Array.isArray(parsed.records)) {
       records = parsed.records.filter(isRecord);
     }
-    const store = new _SessionTokenStore(records);
+    const store = new _SessionTokenStore(records, filePath);
     const removed = store.sweepExpired(/* @__PURE__ */ new Date());
     if (removed > 0) {
       await store.flush();
@@ -10187,21 +11391,29 @@ var SessionTokenStore = class _SessionTokenStore {
       });
     }, WRITE_DEBOUNCE_MS);
   }
-  async persist() {
-    if (this.writeInflight) {
-      await this.writeInflight;
-    }
-    const records = Array.from(this.records.values());
-    this.writeInflight = writeJsonAtomic(
-      tokensFilePath(),
-      { records },
-      { mode: 384 }
+  // Serialize writes by chaining onto whatever write is in flight. Two
+  // concurrent persists (e.g. a debounced scheduleWrite timer firing while
+  // flush() awaits) would otherwise both write a temp file and race their
+  // renames onto the same path — the older snapshot could win. Chaining
+  // guarantees writes run one after another, each snapshotting records at
+  // the moment it actually runs, so the final on-disk state reflects the
+  // latest records. The returned promise resolves once THIS persist's
+  // write has completed.
+  persist() {
+    const run2 = (this.writeInflight ?? Promise.resolve()).catch(() => void 0).then(
+      () => writeJsonAtomic(
+        this.filePath,
+        { records: Array.from(this.records.values()) },
+        { mode: 384 }
+      )
     );
-    try {
-      await this.writeInflight;
-    } finally {
-      this.writeInflight = null;
-    }
+    this.writeInflight = run2;
+    run2.catch(() => void 0).finally(() => {
+      if (this.writeInflight === run2) {
+        this.writeInflight = null;
+      }
+    });
+    return run2;
   }
 };
 function isRecord(value) {
@@ -10363,6 +11575,7 @@ var AuthRateLimiter = class {
 
 // src/daemon/routes/sessions.ts
 import * as os3 from "os";
+import * as path13 from "path";
 
 // src/core/render-update.ts
 import stripAnsi from "strip-ansi";
@@ -10412,10 +11625,52 @@ function mapUpdate(update) {
       return mapAvailableModes(u);
     case "session_info_update":
       return mapSessionInfo(u);
+    case "config_option_update":
+      return mapConfigOptions(u);
     default:
       return { kind: "unknown", sessionUpdate: tag, raw: update };
   }
 }
+function mapConfigOptions(u) {
+  const list = u.configOptions;
+  if (!Array.isArray(list)) {
+    return null;
+  }
+  const options = [];
+  for (const raw of list) {
+    if (!raw || typeof raw !== "object") {
+      continue;
+    }
+    const o = raw;
+    if (typeof o.id !== "string" || typeof o.currentValue !== "string" || !Array.isArray(o.options)) {
+      continue;
+    }
+    const values = [];
+    for (const v of o.options) {
+      if (!v || typeof v !== "object") {
+        continue;
+      }
+      const vv = v;
+      if (typeof vv.value !== "string") {
+        continue;
+      }
+      values.push({
+        value: vv.value,
+        name: typeof vv.name === "string" ? vv.name : vv.value,
+        ...typeof vv.description === "string" ? { description: vv.description } : {}
+      });
+    }
+    options.push({
+      id: o.id,
+      name: typeof o.name === "string" ? o.name : o.id,
+      type: "select",
+      currentValue: o.currentValue,
+      options: values,
+      ...typeof o.category === "string" ? { category: o.category } : {}
+    });
+  }
+  return { kind: "config-options", options };
+}
 function mapSessionInfo(u) {
   const rawTitle = readString(u, "title");
   const title = rawTitle !== void 0 ? sanitizeSingleLine(rawTitle) : void 0;
@@ -10557,6 +11812,23 @@ function isExitPlanModeTool(name) {
   const normalised = name.toLowerCase().replace(/[_\s-]/g, "");
   return normalised === "exitplanmode";
 }
+function readDiffField(value) {
+  if (typeof value === "string") {
+    return { text: value };
+  }
+  if (value && typeof value === "object" && !Array.isArray(value)) {
+    const v = value;
+    if (typeof v.__hydraBlob === "string") {
+      return {
+        ref: {
+          hash: v.__hydraBlob,
+          bytes: typeof v.bytes === "number" ? v.bytes : 0
+        }
+      };
+    }
+  }
+  return void 0;
+}
 function extractEditDiff(u) {
   const content = u.content;
   if (Array.isArray(content)) {
@@ -10568,16 +11840,18 @@ function extractEditDiff(u) {
       if (b.type !== "diff") {
         continue;
       }
-      const oldText = typeof b.oldText === "string" ? b.oldText : void 0;
-      const newText = typeof b.newText === "string" ? b.newText : void 0;
-      if (oldText === void 0 && newText === void 0) {
+      const oldField = readDiffField(b.oldText);
+      const newField = readDiffField(b.newText);
+      if (oldField === void 0 && newField === void 0) {
         continue;
       }
       const path15 = typeof b.path === "string" ? b.path : void 0;
       return {
         ...path15 !== void 0 ? { path: path15 } : {},
-        oldText: oldText ?? "",
-        newText: newText ?? ""
+        oldText: oldField?.text ?? "",
+        newText: newField?.text ?? "",
+        ...oldField?.ref ? { oldRef: oldField.ref } : {},
+        ...newField?.ref ? { newRef: newField.ref } : {}
       };
     }
   }
@@ -10645,8 +11919,36 @@ function mapToolCall(u) {
   if (diff !== null) {
     event.editDiff = diff;
   }
+  const detail = extractToolDetail(u);
+  if (detail !== void 0) {
+    event.detail = detail;
+  }
   return event;
 }
+var TOOL_DETAIL_MAX = 64;
+function extractToolDetail(u) {
+  const rawInput = u.rawInput;
+  if (!rawInput || typeof rawInput !== "object" || Array.isArray(rawInput)) {
+    return void 0;
+  }
+  const r = rawInput;
+  if (typeof r.command === "string" && r.command.trim().length > 0) {
+    const firstLine2 = sanitizeSingleLine(r.command).trim();
+    const cmd = firstLine2.replace(/^cd\s+\S+\s+&&\s+/, "");
+    return clipHead(cmd, TOOL_DETAIL_MAX);
+  }
+  const path15 = typeof r.file_path === "string" ? r.file_path : typeof r.path === "string" ? r.path : void 0;
+  if (path15 !== void 0 && path15.length > 0) {
+    return clipTail(shortenHomePath(sanitizeSingleLine(path15)), TOOL_DETAIL_MAX);
+  }
+  return void 0;
+}
+function clipHead(s, max) {
+  return s.length > max ? `${s.slice(0, max - 1)}\u2026` : s;
+}
+function clipTail(s, max) {
+  return s.length > max ? `\u2026${s.slice(-(max - 1))}` : s;
+}
 function mapToolCallUpdate(u) {
   const toolCallId = readString(u, "toolCallId") ?? readString(u, "id");
   if (!toolCallId) {
@@ -10656,7 +11958,8 @@ function mapToolCallUpdate(u) {
   const title = rawTitle !== void 0 ? sanitizeSingleLine(rawTitle) : void 0;
   const status = readString(u, "status");
   const diff = extractEditDiff(u);
-  const meaningful = title !== void 0 || diff !== null || status === "completed" || status === "failed" || status === "rejected" || status === "cancelled";
+  const detail = extractToolDetail(u);
+  const meaningful = title !== void 0 || diff !== null || detail !== void 0 || status === "completed" || status === "failed" || status === "rejected" || status === "cancelled";
   if (!meaningful) {
     return null;
   }
@@ -10676,6 +11979,9 @@ function mapToolCallUpdate(u) {
   if (title !== void 0) {
     event.title = title;
   }
+  if (detail !== void 0) {
+    event.detail = detail;
+  }
   if (status !== void 0) {
     event.status = status;
   }
@@ -11518,6 +12824,53 @@ function registerSessionRoutes(app, manager, defaults) {
     }
     reply.code(204).send();
   });
+  app.post("/v1/sessions/:id/stdin/open", async (request, reply) => {
+    const raw = request.params.id;
+    const id = await manager.resolveCanonicalId(raw) ?? raw;
+    const session = manager.get(id);
+    if (!session) {
+      reply.code(404).send({ error: "session not found" });
+      return reply;
+    }
+    const body = request.body ?? {};
+    const openOpts = {};
+    if (body.mode === "memory" || body.mode === "file") {
+      openOpts.mode = body.mode;
+    }
+    if (typeof body.capacityBytes === "number") {
+      openOpts.capacityBytes = body.capacityBytes;
+    }
+    if (typeof body.fileCapBytes === "number") {
+      openOpts.fileCapBytes = body.fileCapBytes;
+    }
+    if ((openOpts.mode ?? "memory") === "file") {
+      openOpts.filePathFor = (sid) => path13.join(os3.tmpdir(), `hydra-acp-stdin-${sid}.log`);
+    }
+    try {
+      return session.openStream(openOpts);
+    } catch (err) {
+      reply.code(409).send({ error: err.message });
+      return reply;
+    }
+  });
+  app.post("/v1/sessions/:id/stdin", async (request, reply) => {
+    const raw = request.params.id;
+    const id = await manager.resolveCanonicalId(raw) ?? raw;
+    const session = manager.get(id);
+    if (!session) {
+      reply.code(404).send({ error: "session not found" });
+      return reply;
+    }
+    const body = request.body ?? {};
+    const chunk = typeof body.chunk === "string" ? body.chunk : "";
+    const eof = body.eof === true;
+    try {
+      return session.streamWrite(chunk, eof);
+    } catch (err) {
+      reply.code(409).send({ error: err.message });
+      return reply;
+    }
+  });
   app.patch("/v1/sessions/:id", async (request, reply) => {
     const raw = request.params.id;
     const id = await manager.resolveCanonicalId(raw) ?? raw;
@@ -11562,15 +12915,21 @@ function registerSessionRoutes(app, manager, defaults) {
   app.get("/v1/sessions/:id/export", async (request, reply) => {
     const raw = request.params.id;
     const id = await manager.resolveCanonicalId(raw) ?? raw;
-    const exported = await manager.exportBundle(id);
+    const toolsRaw = request.query?.tools;
+    const toolMode = toolsRaw === "references" ? "references" : parseToolContentMode(toolsRaw);
+    const exported = await manager.exportBundle(
+      id,
+      toolMode === "references" ? { tools: "references" } : {}
+    );
     if (!exported) {
       reply.code(404).send({ error: "session not found" });
       return;
     }
     const bundle = encodeBundle({
       record: exported.record,
-      history: exported.history,
+      history: toolMode === "summary" ? applyToolContentMode(exported.history, "summary") : exported.history,
       promptHistory: exported.promptHistory.length > 0 ? exported.promptHistory : void 0,
+      ...exported.toolBlobs !== void 0 ? { toolBlobs: exported.toolBlobs } : {},
       hydraVersion: HYDRA_VERSION,
       machine: os3.hostname(),
       hydraHost: resolveHydraHost(defaults)
@@ -11582,6 +12941,17 @@ function registerSessionRoutes(app, manager, defaults) {
     );
     reply.code(200).send(bundle);
   });
+  app.get("/v1/sessions/:id/tools/:hash", async (request, reply) => {
+    const params = request.params;
+    const id = await manager.resolveCanonicalId(params.id) ?? params.id;
+    const blob = await manager.loadToolBlob(id, params.hash);
+    if (blob === null) {
+      reply.code(404).send({ error: "tool blob not found" });
+      return;
+    }
+    reply.header("Content-Type", "text/plain; charset=utf-8");
+    reply.code(200).send(blob);
+  });
   app.get("/v1/sessions/:id/transcript", async (request, reply) => {
     const raw = request.params.id;
     const id = await manager.resolveCanonicalId(raw) ?? raw;
@@ -11754,22 +13124,7 @@ function registerSessionRoutes(app, manager, defaults) {
 // src/daemon/routes/agents.ts
 function registerAgentRoutes(app, registry, manager, opts = {}) {
   app.get("/v1/agents", async () => {
-    const doc = await registry.load();
-    const agents = await Promise.all(
-      doc.agents.map(async (a) => ({
-        id: a.id,
-        name: a.name,
-        version: a.version,
-        description: a.description,
-        distributions: Object.keys(a.distribution),
-        installed: await agentInstallState(a)
-      }))
-    );
-    return {
-      version: doc.version,
-      fetchedAt: registry.lastFetchedAt(),
-      agents
-    };
+    return listAgents(registry);
   });
   app.get("/v1/registry", async () => {
     return registry.load();
@@ -12078,22 +13433,22 @@ function registerConfigRoutes(app, snapshot) {
 }
 
 // src/daemon/routes/auth.ts
-import { z as z7 } from "zod";
+import { z as z8 } from "zod";
 
 // src/core/password.ts
-import * as fs15 from "fs/promises";
-import * as path13 from "path";
+import * as fs17 from "fs/promises";
+import * as path14 from "path";
 import { randomBytes as randomBytes3, scrypt, timingSafeEqual as timingSafeEqual2 } from "crypto";
-import { promisify } from "util";
-var scryptAsync = promisify(scrypt);
+import { promisify as promisify2 } from "util";
+var scryptAsync = promisify2(scrypt);
 function passwordHashPath() {
-  return path13.join(paths.home(), "password-hash");
+  return path14.join(paths.home(), "password-hash");
 }
 var DEFAULT_N = 1 << 15;
 var MAX_MEM = 128 * 1024 * 1024;
 async function hasPassword() {
   try {
-    const text = await fs15.readFile(passwordHashPath(), "utf8");
+    const text = await fs17.readFile(passwordHashPath(), "utf8");
     return text.trim().length > 0;
   } catch (err) {
     const e = err;
@@ -12109,7 +13464,7 @@ async function verifyPassword(plaintext) {
   }
   let line;
   try {
-    line = (await fs15.readFile(passwordHashPath(), "utf8")).trim();
+    line = (await fs17.readFile(passwordHashPath(), "utf8")).trim();
   } catch (err) {
     const e = err;
     if (e.code === "ENOENT") {
@@ -12145,13 +13500,13 @@ async function verifyPassword(plaintext) {
 }
 
 // src/daemon/routes/auth.ts
-var LoginBody = z7.object({
-  password: z7.string().min(1),
-  label: z7.string().min(1).max(256).optional(),
-  ttlSec: z7.number().int().positive().optional()
+var LoginBody = z8.object({
+  password: z8.string().min(1),
+  label: z8.string().min(1).max(256).optional(),
+  ttlSec: z8.number().int().positive().optional()
 });
-var LogoutBody = z7.object({
-  id: z7.string().optional()
+var LogoutBody = z8.object({
+  id: z8.string().optional()
 }).optional();
 function registerAuthRoutes(app, deps) {
   app.post(
@@ -12303,8 +13658,6 @@ function wsToMessageStream(ws) {
 }
 
 // src/daemon/acp-ws.ts
-import * as os4 from "os";
-import * as path14 from "path";
 import { randomBytes as randomBytes4 } from "crypto";
 function registerAcpWsEndpoint(app, deps) {
   app.get("/acp", { websocket: true }, async (socket, request) => {
@@ -12361,7 +13714,7 @@ function registerAcpWsEndpoint(app, deps) {
     });
     if (processIdentity && deps.extensionCommands) {
       const registry = deps.extensionCommands;
-      connection.onRequest("hydra-acp/register_commands", async (raw) => {
+      connection.onRequest("hydra-acp/commands/register", async (raw) => {
         const params = raw ?? {};
         const commands = Array.isArray(params.commands) ? params.commands.map((c) => {
           if (!c || typeof c !== "object") {
@@ -12389,7 +13742,7 @@ function registerAcpWsEndpoint(app, deps) {
     }
     if (processIdentity && deps.extensionMcp) {
       const mcpRegistry = deps.extensionMcp;
-      connection.onRequest("hydra-acp/register_mcp_tools", async (raw) => {
+      connection.onRequest("hydra-acp/mcp_tools/register", async (raw) => {
         const params = raw ?? {};
         const instructions = typeof params.instructions === "string" ? params.instructions : void 0;
         const tools = Array.isArray(params.tools) ? params.tools.map((t) => {
@@ -12432,7 +13785,7 @@ function registerAcpWsEndpoint(app, deps) {
       });
     }
     if (processIdentity?.kind === "transformer") {
-      connection.onRequest("transformer/initialize", async (raw) => {
+      connection.onRequest("hydra-acp/transformer/initialize", async (raw) => {
         const params = raw ?? {};
         const intercepts = Array.isArray(params.intercepts) ? params.intercepts.filter(
           (v) => typeof v === "string"
@@ -12457,7 +13810,7 @@ function registerAcpWsEndpoint(app, deps) {
       connection.onClose(() => {
         deps.transformers?.deregisterConnection(processIdentity.name);
       });
-      connection.onRequest("hydra-acp/emit_message", async (raw) => {
+      connection.onRequest("hydra-acp/message/emit", async (raw) => {
         const params = raw ?? {};
         const sessionId = typeof params.sessionId === "string" ? params.sessionId : void 0;
         const method = typeof params.method === "string" ? params.method : void 0;
@@ -12485,7 +13838,7 @@ function registerAcpWsEndpoint(app, deps) {
         }
         throw Object.assign(new Error(`unsupported route: ${JSON.stringify(route)}`), { code: -32602 });
       });
-      connection.onRequest("hydra-acp/spawn_child_session", async (raw) => {
+      connection.onRequest("hydra-acp/child_session/spawn", async (raw) => {
         const params = raw ?? {};
         const agentId = typeof params.agentId === "string" ? params.agentId : deps.defaultAgent;
         const cwd = typeof params.cwd === "string" ? params.cwd : void 0;
@@ -12502,7 +13855,7 @@ function registerAcpWsEndpoint(app, deps) {
         });
         return { childSessionId: child.sessionId };
       });
-      connection.onRequest("hydra-acp/fork_session", async (raw) => {
+      connection.onRequest("hydra-acp/session/fork", async (raw) => {
         const params = raw ?? {};
         if (typeof params.sessionId !== "string") {
           throw Object.assign(
@@ -12519,7 +13872,30 @@ function registerAcpWsEndpoint(app, deps) {
           ...agentId !== void 0 ? { agentId } : {}
         });
       });
-      connection.onRequest("hydra-acp/await_child", async (raw) => {
+      connection.onRequest("hydra-acp/session/delete", async (raw) => {
+        const params = raw ?? {};
+        if (typeof params.sessionId !== "string") {
+          throw Object.assign(
+            new Error("hydra-acp/session/delete requires sessionId"),
+            { code: JsonRpcErrorCodes.InvalidParams }
+          );
+        }
+        const id = await deps.manager.resolveCanonicalId(params.sessionId) ?? params.sessionId;
+        const live = deps.manager.get(id);
+        if (live) {
+          await live.close({ deleteRecord: true });
+          return { deleted: true, sessionId: id };
+        }
+        const removed = await deps.manager.deleteRecord(id);
+        if (!removed) {
+          throw Object.assign(
+            new Error(`session ${id} not found`),
+            { code: JsonRpcErrorCodes.SessionNotFound }
+          );
+        }
+        return { deleted: true, sessionId: id };
+      });
+      connection.onRequest("hydra-acp/child_session/await", async (raw) => {
         const params = raw ?? {};
         const childSessionId = typeof params.childSessionId === "string" ? params.childSessionId : void 0;
         const until = params.until === "idle" ? "idle" : "turn_complete";
@@ -12558,7 +13934,7 @@ function registerAcpWsEndpoint(app, deps) {
           child.onClose(() => finish());
         });
       });
-      connection.onRequest("hydra-acp/close_child_session", async (raw) => {
+      connection.onRequest("hydra-acp/child_session/close", async (raw) => {
         const params = raw ?? {};
         const childSessionId = typeof params.childSessionId === "string" ? params.childSessionId : void 0;
         if (!childSessionId) {
@@ -12570,7 +13946,7 @@ function registerAcpWsEndpoint(app, deps) {
         }
         return { ok: true };
       });
-      connection.onRequest("hydra-acp/keep_alive", async (raw) => {
+      connection.onRequest("hydra-acp/connection/keep_alive", async (raw) => {
         const params = raw ?? {};
         const token2 = typeof params.token === "string" ? params.token : void 0;
         const sessionId = typeof params.sessionId === "string" ? params.sessionId : void 0;
@@ -12582,6 +13958,24 @@ function registerAcpWsEndpoint(app, deps) {
         return { ok: true };
       });
     }
+    connection.onRequest("hydra-acp/session/tool_content", async (raw) => {
+      const params = raw ?? {};
+      if (typeof params.sessionId !== "string" || typeof params.hash !== "string") {
+        throw Object.assign(
+          new Error("hydra-acp/session/tool_content requires sessionId and hash"),
+          { code: JsonRpcErrorCodes.InvalidParams }
+        );
+      }
+      const id = await deps.manager.resolveCanonicalId(params.sessionId) ?? params.sessionId;
+      const content = await deps.manager.loadToolBlob(id, params.hash);
+      if (content === null) {
+        throw Object.assign(
+          new Error("tool content not found"),
+          { code: JsonRpcErrorCodes.SessionNotFound }
+        );
+      }
+      return { content };
+    });
     connection.onRequest("session/new", async (raw) => {
       const params = SessionNewParams.parse(raw);
       const hydraMeta = extractHydraMeta(
@@ -12632,9 +14026,9 @@ function registerAcpWsEndpoint(app, deps) {
       try {
         session = await deps.manager.create({
           cwd: params.cwd,
-          agentId: params.agentId ?? deps.defaultAgent,
+          agentId: hydraMeta.agentId ?? deps.defaultAgent,
           mcpServers: augmentedMcpServers,
-          title: hydraMeta.name,
+          title: hydraMeta.title,
           agentArgs: hydraMeta.agentArgs,
           model: hydraMeta.model,
           onInstallProgress: makeInstallProgressForwarder(connection),
@@ -12685,14 +14079,16 @@ function registerAcpWsEndpoint(app, deps) {
       const modelsPayload = buildModelsPayload(session);
       return {
         sessionId: session.sessionId,
-        // session/new is implicitly an attach; mirror session/attach's
-        // shape by including the clientId so deferred-echo clients
-        // (TUI's queue work) can recognize their own prompt_queue_added
-        // events without an extra round-trip.
-        clientId: client.clientId,
         ...modesPayload ? { modes: modesPayload } : {},
         ...modelsPayload ? { models: modelsPayload } : {},
-        _meta: buildResponseMeta(session)
+        configOptions: session.buildConfigOptions(),
+        // session/new is a core ACP spec method, so the per-attachment
+        // clientId rides under _meta["hydra-acp"] rather than top-level.
+        // Deferred-echo clients (TUI's queue work) read it from there to
+        // recognize their own prompt_queue_added events.
+        _meta: buildResponseMeta(deps.manager, session, {
+          clientId: client.clientId
+        })
       };
     });
     connection.onRequest("session/attach", async (raw) => {
@@ -12705,8 +14101,9 @@ function registerAcpWsEndpoint(app, deps) {
           deps.onTransformerVersion?.(processIdentity.name, attachVersion);
         }
       }
-      const hydraHints = extractHydraMeta(params._meta).resume;
-      const readonly = params.readonly === true;
+      const hydraAttach = extractHydraMeta(params._meta);
+      const hydraHints = hydraAttach.resume;
+      const readonly = hydraAttach.readonly === true;
       app.log.info(
         `session/attach sessionId=${params.sessionId} hasResumeHints=${!!hydraHints} readonly=${readonly}`
       );
@@ -12781,11 +14178,17 @@ function registerAcpWsEndpoint(app, deps) {
         params.clientInfo,
         params.clientId
       );
-      const drip = params.replayMode === "drip";
+      const drip = hydraAttach.replayMode === "drip";
       const { entries: replay, appliedPolicy } = await session.attach(
         client,
         params.historyPolicy,
-        { afterMessageId: params.afterMessageId, raw: drip }
+        {
+          afterMessageId: params.afterMessageId,
+          raw: drip,
+          // Lean clients opt into ref-form tool content via _meta; default
+          // stays inline so existing/third-party clients are unaffected.
+          ...hydraAttach.toolContent !== void 0 ? { toolContent: hydraAttach.toolContent } : {}
+        }
       );
       state.attached.set(session.sessionId, {
         sessionId: session.sessionId,
@@ -12796,7 +14199,7 @@ function registerAcpWsEndpoint(app, deps) {
         `session/attach OK sessionId=${session.sessionId} clientId=${client.clientId} attachedCount=${state.attached.size} requestedPolicy=${params.historyPolicy} appliedPolicy=${appliedPolicy} replayed=${replay.length} readonly=${readonly}${drip ? " replayMode=drip" : ""}`
       );
       if (drip) {
-        const speed = params.dripSpeed && params.dripSpeed > 0 ? params.dripSpeed : 1;
+        const speed = hydraAttach.dripSpeed && hydraAttach.dripSpeed > 0 ? hydraAttach.dripSpeed : 1;
         const MAX_GAP_MS = 750;
         void (async () => {
           let prev = null;
@@ -12819,8 +14222,13 @@ function registerAcpWsEndpoint(app, deps) {
           }
         })();
       } else {
-        for (const note of replay) {
-          await connection.notify(note.method, note.params);
+        const REPLAY_FLUSH_EVERY = 200;
+        for (let i = 0; i < replay.length; i++) {
+          const note = replay[i];
+          const pending = connection.notify(note.method, note.params).catch(() => void 0);
+          if ((i + 1) % REPLAY_FLUSH_EVERY === 0) {
+            await pending;
+          }
         }
       }
       session.replayPendingPermissions(client);
@@ -12838,7 +14246,8 @@ function registerAcpWsEndpoint(app, deps) {
         replayed: replay.length,
         ...modesPayload ? { modes: modesPayload } : {},
         ...modelsPayload ? { models: modelsPayload } : {},
-        _meta: buildResponseMeta(session)
+        configOptions: session.buildConfigOptions(),
+        _meta: buildResponseMeta(deps.manager, session)
       };
     });
     connection.onRequest("session/detach", async (raw) => {
@@ -12855,7 +14264,10 @@ function registerAcpWsEndpoint(app, deps) {
       if (session) {
         void deps.manager.reapIfOrphanedNonInteractive(params.sessionId);
       }
-      return { sessionId: params.sessionId, status: "detached" };
+      return {
+        sessionId: params.sessionId,
+        _meta: { [HYDRA_META_KEY]: { detachStatus: "detached" } }
+      };
     });
     connection.onRequest("session/list", async (raw) => {
       const params = SessionListParams.parse(raw ?? {});
@@ -12868,6 +14280,14 @@ function registerAcpWsEndpoint(app, deps) {
       };
       return result;
     });
+    connection.onRequest("hydra-acp/agents/list", async () => {
+      if (!deps.registry) {
+        const err = new Error("agent registry unavailable");
+        err.code = JsonRpcErrorCodes.InternalError;
+        throw err;
+      }
+      return listAgents(deps.registry);
+    });
     connection.onRequest("session/prompt", async (raw) => {
       const params = SessionPromptParams.parse(raw);
       denyIfReadonly(params.sessionId, "session/prompt");
@@ -12943,9 +14363,9 @@ function registerAcpWsEndpoint(app, deps) {
       handleCancelParams(raw);
       return null;
     });
-    connection.onRequest("hydra-acp/cancel_prompt", async (raw) => {
+    connection.onRequest("hydra-acp/prompt/cancel", async (raw) => {
       const params = CancelPromptParams.parse(raw);
-      denyIfReadonly(params.sessionId, "hydra-acp/cancel_prompt");
+      denyIfReadonly(params.sessionId, "hydra-acp/prompt/cancel");
       const session = deps.manager.get(params.sessionId);
       if (!session) {
         const err = new Error(`session ${params.sessionId} not found`);
@@ -12954,78 +14374,44 @@ function registerAcpWsEndpoint(app, deps) {
       }
       return session.cancelQueuedPrompt(params.messageId);
     });
-    connection.onRequest("hydra-acp/update_prompt", async (raw) => {
-      const params = UpdatePromptParams.parse(raw);
-      denyIfReadonly(params.sessionId, "hydra-acp/update_prompt");
-      const session = deps.manager.get(params.sessionId);
-      if (!session) {
-        const err = new Error(`session ${params.sessionId} not found`);
-        err.code = JsonRpcErrorCodes.SessionNotFound;
-        throw err;
-      }
-      return session.updateQueuedPrompt(params.messageId, params.prompt);
-    });
-    connection.onRequest("hydra-acp/amend_prompt", async (raw) => {
-      const params = AmendPromptParams.parse(raw);
-      denyIfReadonly(params.sessionId, "hydra-acp/amend_prompt");
-      const att = state.attached.get(params.sessionId);
-      if (!att) {
-        const err = new Error("not attached to session");
-        err.code = JsonRpcErrorCodes.SessionNotFound;
-        throw err;
-      }
+    connection.onRequest("hydra-acp/session/force_cancel", async (raw) => {
+      const params = SessionCancelParams.parse(raw);
+      denyIfReadonly(params.sessionId, "hydra-acp/session/force_cancel");
       const session = deps.manager.get(params.sessionId);
       if (!session) {
         const err = new Error(`session ${params.sessionId} not found`);
         err.code = JsonRpcErrorCodes.SessionNotFound;
         throw err;
       }
-      return session.amendPrompt(att.clientId, params);
+      return session.forceCancel();
     });
-    connection.onRequest("hydra-acp/stream_open", async (raw) => {
-      const params = StreamOpenParams.parse(raw);
-      denyIfReadonly(params.sessionId, "hydra-acp/stream_open");
+    connection.onRequest("hydra-acp/prompt/update", async (raw) => {
+      const params = UpdatePromptParams.parse(raw);
+      denyIfReadonly(params.sessionId, "hydra-acp/prompt/update");
       const session = deps.manager.get(params.sessionId);
       if (!session) {
         const err = new Error(`session ${params.sessionId} not found`);
         err.code = JsonRpcErrorCodes.SessionNotFound;
         throw err;
       }
-      const openOpts = {};
-      if (params.mode !== void 0) {
-        openOpts.mode = params.mode;
-      }
-      if (params.capacityBytes !== void 0) {
-        openOpts.capacityBytes = params.capacityBytes;
-      }
-      if (params.fileCapBytes !== void 0) {
-        openOpts.fileCapBytes = params.fileCapBytes;
-      }
-      if ((params.mode ?? "memory") === "file") {
-        openOpts.filePathFor = (sid) => path14.join(os4.tmpdir(), `hydra-acp-stdin-${sid}.log`);
-      }
-      return session.openStream(openOpts);
+      return session.updateQueuedPrompt(params.messageId, params.prompt);
     });
-    connection.onRequest("hydra-acp/stream_write", async (raw) => {
-      const params = StreamWriteParams.parse(raw);
-      denyIfReadonly(params.sessionId, "hydra-acp/stream_write");
-      const session = deps.manager.get(params.sessionId);
-      if (!session) {
-        const err = new Error(`session ${params.sessionId} not found`);
+    connection.onRequest("hydra-acp/prompt/amend", async (raw) => {
+      const params = AmendPromptParams.parse(raw);
+      denyIfReadonly(params.sessionId, "hydra-acp/prompt/amend");
+      const att = state.attached.get(params.sessionId);
+      if (!att) {
+        const err = new Error("not attached to session");
         err.code = JsonRpcErrorCodes.SessionNotFound;
         throw err;
       }
-      return session.streamWrite(params.chunk, params.eof);
-    });
-    connection.onRequest("hydra-acp/stream_read", async (raw) => {
-      const params = StreamReadParams.parse(raw);
       const session = deps.manager.get(params.sessionId);
       if (!session) {
         const err = new Error(`session ${params.sessionId} not found`);
         err.code = JsonRpcErrorCodes.SessionNotFound;
         throw err;
       }
-      return session.streamRead(params.cursor, params.maxBytes, params.waitMs);
+      return session.amendPrompt(att.clientId, params);
     });
     connection.onRequest("session/load", async (raw) => {
       const rawObj = raw ?? {};
@@ -13064,12 +14450,15 @@ function registerAcpWsEndpoint(app, deps) {
       const modelsPayload = buildModelsPayload(session);
       return {
         sessionId: session.sessionId,
-        // Same as session/new: include clientId so the deferred-echo
-        // path in queue-aware clients can recognize own broadcasts.
-        clientId: client.clientId,
         ...modesPayload ? { modes: modesPayload } : {},
         ...modelsPayload ? { models: modelsPayload } : {},
-        _meta: buildResponseMeta(session)
+        configOptions: session.buildConfigOptions(),
+        // session/load is a core ACP spec method: clientId rides under
+        // _meta["hydra-acp"] (not top-level), same as session/new. Lets
+        // deferred-echo clients recognize their own broadcasts.
+        _meta: buildResponseMeta(deps.manager, session, {
+          clientId: client.clientId
+        })
       };
     });
     connection.onRequest("session/set_model", async (rawParams) => {
@@ -13096,8 +14485,11 @@ function registerAcpWsEndpoint(app, deps) {
         return null;
       }
       app.log.info(decision.logMessage);
-      const { modelId } = rawParams;
-      const result = await decision.session.forwardRequest("session/set_model", rawParams);
+      const { modelId } = decision;
+      const result = await decision.session.forwardRequest("session/set_model", {
+        ...rawParams,
+        modelId
+      });
       decision.session.applyModelChange(modelId);
       return result;
     });
@@ -13127,6 +14519,79 @@ function registerAcpWsEndpoint(app, deps) {
       session.applyModeChange(params.modeId);
       return result;
     });
+    connection.onRequest("session/set_config_option", async (rawParams) => {
+      const params = rawParams;
+      const invalid = (msg) => {
+        const err = new Error(msg);
+        err.code = JsonRpcErrorCodes.InvalidParams;
+        return err;
+      };
+      const sessionIdField = params?.sessionId;
+      if (typeof sessionIdField === "string") {
+        denyIfReadonly(sessionIdField, "session/set_config_option");
+      }
+      if (!params || typeof params.sessionId !== "string") {
+        throw invalid("session/set_config_option requires string sessionId");
+      }
+      if (typeof params.configId !== "string") {
+        throw invalid("session/set_config_option requires string configId");
+      }
+      if (typeof params.value !== "string") {
+        throw invalid("session/set_config_option requires string value");
+      }
+      const session = deps.manager.get(params.sessionId);
+      if (!session) {
+        const err = new Error(
+          `session ${params.sessionId} not found`
+        );
+        err.code = JsonRpcErrorCodes.SessionNotFound;
+        throw err;
+      }
+      const option = session.buildConfigOptions().find((o) => o.id === params.configId);
+      if (!option) {
+        throw invalid(
+          `unknown configId ${JSON.stringify(params.configId)} for this session`
+        );
+      }
+      if (!option.options.some((v) => v.value === params.value)) {
+        throw invalid(
+          `value ${JSON.stringify(params.value)} is not valid for configId ${JSON.stringify(params.configId)}`
+        );
+      }
+      switch (params.configId) {
+        case "model": {
+          if (params.value !== session.currentModel) {
+            await session.forwardRequest("session/set_model", {
+              sessionId: params.sessionId,
+              modelId: params.value
+            });
+          }
+          session.applyModelChange(params.value);
+          break;
+        }
+        case "mode": {
+          if (params.value !== session.currentMode) {
+            await session.forwardRequest("session/set_mode", {
+              sessionId: params.sessionId,
+              modeId: params.value
+            });
+          }
+          session.applyModeChange(params.value);
+          break;
+        }
+        case "agent": {
+          if (params.value !== session.agentId) {
+            await session.setAgent(params.value);
+          }
+          break;
+        }
+        default:
+          throw invalid(
+            `configId ${JSON.stringify(params.configId)} is not settable`
+          );
+      }
+      return { configOptions: session.buildConfigOptions() };
+    });
     connection.setDefaultHandler(async (rawParams, method) => {
       if (!method.startsWith("session/") || rawParams === null || typeof rawParams !== "object") {
         const err = new Error(`Method not found: ${method}`);
@@ -13246,114 +14711,101 @@ function decideSetModel(rawParams, manager) {
     };
   }
   const advertised = session.availableModels();
-  if (advertised.length === 0) {
+  const resolution = resolveModelId(params.modelId, advertised);
+  if (resolution.kind === "none") {
     return {
       kind: "ok",
       session,
+      modelId: params.modelId,
       logMessage: `session/set_model passthrough (no availableModels) sessionId=${params.sessionId} modelId=${JSON.stringify(params.modelId)}`
     };
   }
-  const match = advertised.find((m) => m.modelId === params.modelId);
-  if (!match) {
-    const known = advertised.map((m) => m.modelId).join(", ");
-    if (session.currentModel !== void 0 && session.currentModel.length > 0) {
-      return {
-        kind: "no_op",
-        session,
-        sessionId: params.sessionId,
-        currentModel: session.currentModel,
-        logMessage: `session/set_model no_op (resyncing client) sessionId=${params.sessionId} requested=${JSON.stringify(params.modelId)} actual=${JSON.stringify(session.currentModel)} agentId=${session.agentId} known=[${known}]`
-      };
-    }
+  if (resolution.kind === "exact") {
     return {
-      kind: "error",
-      code: JsonRpcErrorCodes.InvalidParams,
-      message: `model "${params.modelId}" is not in this session's availableModels (agent ${session.agentId}); known models: ${known}`,
-      logMessage: `session/set_model rejected sessionId=${params.sessionId} modelId=${JSON.stringify(params.modelId)} agentId=${session.agentId} known=[${known}] (no current model to fall back to)`
+      kind: "ok",
+      session,
+      modelId: params.modelId,
+      logMessage: `session/set_model accepted sessionId=${params.sessionId} modelId=${JSON.stringify(params.modelId)}`
+    };
+  }
+  if (resolution.kind === "resolved") {
+    return {
+      kind: "ok",
+      session,
+      modelId: resolution.modelId,
+      logMessage: `session/set_model resolved sessionId=${params.sessionId} requested=${JSON.stringify(params.modelId)} \u2192 ${JSON.stringify(resolution.modelId)}`
+    };
+  }
+  const known = advertised.map((m) => m.modelId).join(", ");
+  const detail = resolution.kind === "ambiguous" ? `ambiguous (trailing-segment matches [${resolution.candidates.join(", ")}])` : `not in availableModels`;
+  if (session.currentModel !== void 0 && session.currentModel.length > 0) {
+    return {
+      kind: "no_op",
+      session,
+      sessionId: params.sessionId,
+      currentModel: session.currentModel,
+      logMessage: `session/set_model no_op (resyncing client) sessionId=${params.sessionId} requested=${JSON.stringify(params.modelId)} ${detail} actual=${JSON.stringify(session.currentModel)} agentId=${session.agentId} known=[${known}]`
     };
   }
   return {
-    kind: "ok",
-    session,
-    logMessage: `session/set_model accepted sessionId=${params.sessionId} modelId=${JSON.stringify(params.modelId)}`
+    kind: "error",
+    code: JsonRpcErrorCodes.InvalidParams,
+    message: `model "${params.modelId}" is ${detail === "not in availableModels" ? "not in this session's availableModels" : detail} (agent ${session.agentId}); known models: ${known}`,
+    logMessage: `session/set_model rejected sessionId=${params.sessionId} modelId=${JSON.stringify(params.modelId)} ${detail} agentId=${session.agentId} known=[${known}] (no current model to fall back to)`
   };
 }
 function buildViewerResponseMeta(fromDisk) {
-  const ours = {
+  const entry = {
+    sessionId: fromDisk.hydraSessionId,
     upstreamSessionId: fromDisk.upstreamSessionId,
+    cwd: fromDisk.cwd,
+    title: fromDisk.title,
     agentId: fromDisk.agentId,
-    cwd: fromDisk.cwd
+    currentModel: fromDisk.currentModel,
+    currentUsage: fromDisk.currentUsage,
+    forkedFromSessionId: fromDisk.forkedFromSessionId,
+    forkedFromMessageId: fromDisk.forkedFromMessageId,
+    originatingClient: fromDisk.originatingClient,
+    interactive: fromDisk.interactive,
+    updatedAt: fromDisk.createdAt ?? (/* @__PURE__ */ new Date()).toISOString(),
+    attachedClients: 0,
+    status: "cold",
+    busy: false,
+    awaitingInput: false
   };
-  if (fromDisk.title !== void 0) {
-    ours.name = fromDisk.title;
-  }
-  if (fromDisk.agentArgs && fromDisk.agentArgs.length > 0) {
-    ours.agentArgs = fromDisk.agentArgs;
-  }
-  if (fromDisk.currentModel !== void 0) {
-    ours.currentModel = fromDisk.currentModel;
-  }
-  if (fromDisk.currentMode !== void 0) {
-    ours.currentMode = fromDisk.currentMode;
-  }
-  if (fromDisk.currentUsage !== void 0) {
-    ours.currentUsage = fromDisk.currentUsage;
-  }
-  if (fromDisk.agentCommands && fromDisk.agentCommands.length > 0) {
-    ours.availableCommands = fromDisk.agentCommands;
-  }
-  if (fromDisk.agentModes && fromDisk.agentModes.length > 0) {
-    ours.availableModes = fromDisk.agentModes;
-  }
-  if (fromDisk.agentModels && fromDisk.agentModels.length > 0) {
-    ours.availableModels = fromDisk.agentModels;
-  }
-  return { [HYDRA_META_KEY]: ours };
+  const extras = {
+    currentMode: fromDisk.currentMode,
+    agentArgs: fromDisk.agentArgs,
+    availableCommands: fromDisk.agentCommands,
+    availableModes: fromDisk.agentModes,
+    availableModels: fromDisk.agentModels
+  };
+  return { [HYDRA_META_KEY]: buildHydraSessionMeta(entry, extras) };
 }
-function buildResponseMeta(session) {
-  const ours = {
-    upstreamSessionId: session.upstreamSessionId,
-    agentId: session.agentId,
-    cwd: session.cwd
+function buildResponseMeta(manager, session, opts = {}) {
+  const entry = manager.liveListEntry(session);
+  const extras = {
+    clientId: opts.clientId,
+    currentMode: session.currentMode,
+    agentArgs: session.agentArgs,
+    availableCommands: session.mergedAvailableCommands(),
+    availableModes: session.availableModes(),
+    availableModels: session.availableModels(),
+    // Mid-turn at attach time: hand the client the original prompt's
+    // recordedAt so it can boot directly into "busy · Ns" instead of
+    // sitting on "ready" until the next live notification.
+    turnStartedAt: session.turnStartedAt,
+    // The underlying agent's own initialize-time capability claim, captured
+    // verbatim. Lets capability-aware clients (cat --stream) pick the right
+    // consumption surface without re-probing the agent.
+    agentCapabilities: session.agentCapabilities,
+    // Snapshot of the daemon-owned prompt queue. Lets a late attacher
+    // paint queue chips for entries that landed before it joined without
+    // waiting for new prompt_queue_added notifications. Omitted entirely
+    // when the queue is empty (the common case).
+    queue: session.queueSnapshot()
   };
-  if (session.title !== void 0) {
-    ours.name = session.title;
-  }
-  if (session.agentArgs && session.agentArgs.length > 0) {
-    ours.agentArgs = session.agentArgs;
-  }
-  if (session.currentModel !== void 0) {
-    ours.currentModel = session.currentModel;
-  }
-  if (session.currentMode !== void 0) {
-    ours.currentMode = session.currentMode;
-  }
-  if (session.currentUsage !== void 0) {
-    ours.currentUsage = session.currentUsage;
-  }
-  const commands = session.mergedAvailableCommands();
-  if (commands.length > 0) {
-    ours.availableCommands = commands;
-  }
-  const modes = session.availableModes();
-  if (modes.length > 0) {
-    ours.availableModes = modes;
-  }
-  const models = session.availableModels();
-  if (models.length > 0) {
-    ours.availableModels = models;
-  }
-  if (session.turnStartedAt !== void 0) {
-    ours.turnStartedAt = session.turnStartedAt;
-  }
-  if (session.agentCapabilities !== void 0) {
-    ours.agentCapabilities = session.agentCapabilities;
-  }
-  const queue = session.queueSnapshot();
-  if (queue.length > 0) {
-    ours.queue = queue;
-  }
-  return mergeMeta(session.agentMeta, ours);
+  return mergeMeta(session.agentMeta, buildHydraSessionMeta(entry, extras));
 }
 function buildInitializeResult() {
   return {
@@ -13384,18 +14836,26 @@ function buildInitializeResult() {
         description: "Bearer token presented at WS upgrade"
       }
     ],
-    // Advertise hydra-only capabilities via _meta["hydra-acp"]. Generic
-    // ACP clients ignore the field; capability-aware clients learn here
-    // which hydra-acp extensions the daemon supports so they can gate
-    // UI surface accordingly. promptPipelining is false until the
-    // streaming-input probe lands (Option A in the steering brief);
-    // the others are unconditional method-availability flags.
+    // Advertise hydra-only capabilities via _meta["hydra-acp"], grouped by
+    // resource to mirror the hydra-acp/<resource>/<action> method
+    // namespaces. Generic ACP clients ignore the field; capability-aware
+    // clients probe here to gate UI before calling a method. `pipelining`
+    // is false until the streaming-input probe lands; the rest are
+    // unconditional method-availability flags. (Named `prompt`/`agents`,
+    // not `promptCapabilities`/`agentCapabilities` — those are ACP spec
+    // names with different meanings.)
     _meta: mergeMeta(void 0, {
-      promptQueueing: true,
-      promptCancelling: true,
-      promptUpdating: true,
-      promptAmending: true,
-      promptPipelining: false
+      prompt: {
+        queueing: true,
+        cancelling: true,
+        updating: true,
+        amending: true,
+        pipelining: false
+      },
+      agents: {
+        list: true,
+        installProgress: true
+      }
     })
   };
 }
@@ -13493,7 +14953,7 @@ var McpTokenRegistry = class {
 import { randomUUID } from "crypto";
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
-import { z as z8 } from "zod";
+import { z as z9 } from "zod";
 
 // src/daemon/mcp/bearer.ts
 var BEARER_PREFIX2 = "Bearer ";
@@ -13522,7 +14982,7 @@ function buildMcpServer(session) {
     {
       description: "Return the most recent `bytes` bytes of piped stdin (capped server-side, default 64 KiB max). `truncated:true` means older bytes existed but have been evicted from the ring.",
       inputSchema: {
-        bytes: z8.number().int().min(1).describe("How many trailing bytes to return.")
+        bytes: z9.number().int().min(1).describe("How many trailing bytes to return.")
       }
     },
     async ({ bytes }) => {
@@ -13543,7 +15003,7 @@ function buildMcpServer(session) {
     {
       description: "Return the first `bytes` bytes of piped stdin (capped server-side, default 64 KiB max). `truncated:true` means the head has already been evicted from the ring and the returned bytes start at the oldest still-resident cursor.",
       inputSchema: {
-        bytes: z8.number().int().min(1).describe("How many leading bytes to return.")
+        bytes: z9.number().int().min(1).describe("How many leading bytes to return.")
       }
     },
     async ({ bytes }) => {
@@ -13564,13 +15024,13 @@ function buildMcpServer(session) {
     {
       description: "Read up to `max_bytes` bytes starting at absolute byte `cursor`. Returns `{bytes, nextCursor, gap?, eof?}` \u2014 `gap` is the number of bytes silently skipped because the ring had evicted them; `eof:true` means the producer closed and there is nothing left to read.",
       inputSchema: {
-        cursor: z8.number().int().min(0).describe(
+        cursor: z9.number().int().min(0).describe(
           "Absolute byte offset to start reading from. Use 0 to read from the very beginning (may produce a gap if old bytes have been evicted)."
         ),
-        max_bytes: z8.number().int().min(1).optional().describe(
+        max_bytes: z9.number().int().min(1).optional().describe(
           "Optional cap on how many bytes to return. Server caps at 64 KiB regardless."
         ),
-        wait_ms: z8.number().int().min(0).optional().describe(
+        wait_ms: z9.number().int().min(0).optional().describe(
           "If no bytes are available, block up to this many ms for more (capped server-side at 60_000)."
         )
       }
@@ -13593,8 +15053,8 @@ function buildMcpServer(session) {
     {
       description: "Block until bytes are available past `cursor`, the stream closes, or `timeout_ms` elapses. Returns one of {data, eof, timeout} plus the current `writeCursor`. Use this when you've consumed everything up to a cursor and want to wait for more without busy-polling.",
       inputSchema: {
-        cursor: z8.number().int().min(0).describe("The cursor you've already consumed up to."),
-        timeout_ms: z8.number().int().min(0).describe("Maximum ms to block (server caps at 60_000).")
+        cursor: z9.number().int().min(0).describe("The cursor you've already consumed up to."),
+        timeout_ms: z9.number().int().min(0).describe("Maximum ms to block (server caps at 60_000).")
       }
     },
     async ({ cursor, timeout_ms }) => {
@@ -13617,17 +15077,17 @@ function buildMcpServer(session) {
     {
       description: "Scan piped stdin line-by-line and return lines matching `pattern`. Prefer this over `read` when the question is 'find lines that mention X' \u2014 it filters server-side so you don't pull and decode 64 KiB base64 windows. Returns `{matches: [{cursor, line, before?, after?}], truncated, nextCursor, gap?, scannedBytes, eof?}`. Lines come back as decoded UTF-8 strings (not base64). When `truncated:true`, re-call with `cursor: nextCursor` to resume.",
       inputSchema: {
-        pattern: z8.string().min(1).describe(
+        pattern: z9.string().min(1).describe(
           "Search pattern. Treated as a JavaScript regular expression by default (set `regex:false` for a literal substring match)."
         ),
-        regex: z8.boolean().optional().describe("Default true. Pass false to treat `pattern` as a literal substring."),
-        case_insensitive: z8.boolean().optional().describe("Default false. Pass true for case-insensitive matching."),
-        invert: z8.boolean().optional().describe("Default false. Pass true to return lines that do NOT match the pattern."),
-        max_matches: z8.number().int().min(1).optional().describe("Default 100. Capped server-side at 1000."),
-        max_bytes: z8.number().int().min(1).optional().describe("Default 64 KiB output. Capped server-side at 256 KiB."),
-        context_before: z8.number().int().min(0).optional().describe("Default 0. Number of lines before each match to include (capped at 20)."),
-        context_after: z8.number().int().min(0).optional().describe("Default 0. Number of lines after each match to include (capped at 20)."),
-        cursor: z8.number().int().min(0).optional().describe(
+        regex: z9.boolean().optional().describe("Default true. Pass false to treat `pattern` as a literal substring."),
+        case_insensitive: z9.boolean().optional().describe("Default false. Pass true for case-insensitive matching."),
+        invert: z9.boolean().optional().describe("Default false. Pass true to return lines that do NOT match the pattern."),
+        max_matches: z9.number().int().min(1).optional().describe("Default 100. Capped server-side at 1000."),
+        max_bytes: z9.number().int().min(1).optional().describe("Default 64 KiB output. Capped server-side at 256 KiB."),
+        context_before: z9.number().int().min(0).optional().describe("Default 0. Number of lines before each match to include (capped at 20)."),
+        context_after: z9.number().int().min(0).optional().describe("Default 0. Number of lines after each match to include (capped at 20)."),
+        cursor: z9.number().int().min(0).optional().describe(
           "Optional absolute byte offset to start scanning from. Omit to scan from the oldest still-resident byte. Pass the `nextCursor` from a previous truncated call to resume."
         )
       }
@@ -13884,7 +15344,7 @@ async function invokeWithTimeout(connection, server, tool, args, timeoutMs) {
   });
   try {
     return await Promise.race([
-      connection.request("hydra-acp/invoke_mcp_tool", {
+      connection.request("hydra-acp/mcp_tools/invoke", {
         server,
         tool,
         args
@@ -14091,6 +15551,7 @@ async function startDaemon(config, serviceToken) {
     stderrTailBytes: config.daemon.agentStderrTailBytes,
     logger: agentLogger
   });
+  setToolBlobCompression(config.compressToolContent);
   const extensionCommands = new ExtensionCommandRegistry();
   const manager = new SessionManager(registry, spawner, void 0, {
     idleTimeoutMs: config.daemon.sessionIdleTimeoutSeconds * 1e3,
@@ -14161,7 +15622,8 @@ async function startDaemon(config, serviceToken) {
     extensionCommands,
     mcpTokenRegistry,
     extensionMcp,
-    getDaemonOrigin
+    getDaemonOrigin,
+    registry
   });
   await app.listen({ host: config.daemon.host, port: config.daemon.port });
   const address = app.server.address();
@@ -14221,7 +15683,7 @@ async function startDaemon(config, serviceToken) {
     setAgentPruneLogger(null);
     await app.close();
     try {
-      fs16.unlinkSync(paths.pidFile());
+      fs18.unlinkSync(paths.pidFile());
     } catch {
     }
     try {