npm - @machina.ai/cell-cli-core - Versions diffs - 1.36.0-rc1 → 1.38.1-rc2 - Mend

@machina.ai/cell-cli-core 1.36.0-rc1 → 1.38.1-rc2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (733) hide show

package/dist/docs/AFTER_MERGE_PROMPT.md +3 -10
package/dist/docs/assets/theme-tokyonight-dark.png +0 -0
package/dist/docs/changelogs/index.md +49 -0
package/dist/docs/changelogs/latest.md +355 -458
package/dist/docs/changelogs/preview.md +402 -363
package/dist/docs/cli/acp-mode.md +126 -0
package/dist/docs/cli/cli-reference.md +1 -1
package/dist/docs/cli/notifications.md +5 -5
package/dist/docs/cli/plan-mode.md +26 -10
package/dist/docs/cli/sandbox.md +53 -1
package/dist/docs/cli/settings.md +52 -48
package/dist/docs/cli/themes.md +5 -0
package/dist/docs/core/index.md +2 -2
package/dist/docs/core/remote-agents.md +14 -18
package/dist/docs/core/subagents.md +194 -47
package/dist/docs/get-started/authentication.md +2 -2
package/dist/docs/get-started/gemini-3.md +1 -1
package/dist/docs/get-started/index.md +127 -1
package/dist/docs/get-started/installation.md +7 -0
package/dist/docs/hooks/index.md +6 -6
package/dist/docs/ide-integration/index.md +99 -24
package/dist/docs/index.md +0 -2
package/dist/docs/redirects.json +1 -0
package/dist/docs/reference/commands.md +1 -3
package/dist/docs/reference/configuration.md +220 -99
package/dist/docs/reference/keyboard-shortcuts.md +21 -8
package/dist/docs/reference/policy-engine.md +36 -31
package/dist/docs/reference/tools.md +56 -23
package/dist/docs/release-confidence.md +0 -6
package/dist/docs/releases.md +4 -0
package/dist/docs/resources/quota-and-pricing.md +23 -9
package/dist/docs/sidebar.json +11 -4
package/dist/docs/tools/mcp-server.md +3 -3
package/dist/docs/tools/planning.md +6 -4
package/dist/docs/tools/web-fetch.md +3 -0
package/dist/package.json +2 -1
package/dist/src/agent/agent-session.test.js +14 -6
package/dist/src/agent/agent-session.test.js.map +1 -1
package/dist/src/agent/event-translator.js +2 -1
package/dist/src/agent/event-translator.js.map +1 -1
package/dist/src/agent/event-translator.test.js +1 -0
package/dist/src/agent/event-translator.test.js.map +1 -1
package/dist/src/agent/legacy-agent-session.d.ts +47 -4
package/dist/src/agent/legacy-agent-session.js +38 -15
package/dist/src/agent/legacy-agent-session.js.map +1 -1
package/dist/src/agent/legacy-agent-session.test.js +60 -73
package/dist/src/agent/legacy-agent-session.test.js.map +1 -1
package/dist/src/agent/mock.js +7 -1
package/dist/src/agent/mock.js.map +1 -1
package/dist/src/agent/mock.test.js +1 -1
package/dist/src/agent/mock.test.js.map +1 -1
package/dist/src/agent/types.d.ts +34 -1
package/dist/src/agents/a2a-client-manager.js +3 -3
package/dist/src/agents/a2a-client-manager.js.map +1 -1
package/dist/src/agents/agent-scheduler.js +6 -1
package/dist/src/agents/agent-scheduler.js.map +1 -1
package/dist/src/agents/agent-scheduler.test.js +38 -0
package/dist/src/agents/agent-scheduler.test.js.map +1 -1
package/dist/src/agents/agentLoader.d.ts +12 -12
package/dist/src/agents/agentLoader.js +1 -0
package/dist/src/agents/agentLoader.js.map +1 -1
package/dist/src/agents/auth-provider/api-key-provider.test.js +18 -2
package/dist/src/agents/auth-provider/api-key-provider.test.js.map +1 -1
package/dist/src/agents/auth-provider/value-resolver.test.js +30 -0
package/dist/src/agents/auth-provider/value-resolver.test.js.map +1 -1
package/dist/src/agents/browser/analyzeScreenshot.js +36 -6
package/dist/src/agents/browser/analyzeScreenshot.js.map +1 -1
package/dist/src/agents/browser/analyzeScreenshot.test.js +35 -3
package/dist/src/agents/browser/analyzeScreenshot.test.js.map +1 -1
package/dist/src/agents/browser/automationOverlay.js +2 -10
package/dist/src/agents/browser/automationOverlay.js.map +1 -1
package/dist/src/agents/browser/browserAgentDefinition.js +10 -3
package/dist/src/agents/browser/browserAgentDefinition.js.map +1 -1
package/dist/src/agents/browser/browserAgentFactory.d.ts +11 -3
package/dist/src/agents/browser/browserAgentFactory.js +171 -129
package/dist/src/agents/browser/browserAgentFactory.js.map +1 -1
package/dist/src/agents/browser/browserAgentFactory.test.js +99 -13
package/dist/src/agents/browser/browserAgentFactory.test.js.map +1 -1
package/dist/src/agents/browser/browserAgentInvocation.d.ts +1 -0
package/dist/src/agents/browser/browserAgentInvocation.js +87 -27
package/dist/src/agents/browser/browserAgentInvocation.js.map +1 -1
package/dist/src/agents/browser/browserAgentInvocation.test.js +107 -7
package/dist/src/agents/browser/browserAgentInvocation.test.js.map +1 -1
package/dist/src/agents/browser/browserManager.d.ts +89 -8
package/dist/src/agents/browser/browserManager.js +357 -74
package/dist/src/agents/browser/browserManager.js.map +1 -1
package/dist/src/agents/browser/browserManager.test.js +540 -19
package/dist/src/agents/browser/browserManager.test.js.map +1 -1
package/dist/src/agents/browser/inputBlocker.d.ts +4 -4
package/dist/src/agents/browser/inputBlocker.js +8 -18
package/dist/src/agents/browser/inputBlocker.js.map +1 -1
package/dist/src/agents/browser/inputBlocker.test.js +31 -3
package/dist/src/agents/browser/inputBlocker.test.js.map +1 -1
package/dist/src/agents/browser/mcpToolWrapper.d.ts +1 -1
package/dist/src/agents/browser/mcpToolWrapper.js +9 -6
package/dist/src/agents/browser/mcpToolWrapper.js.map +1 -1
package/dist/src/agents/browser/mcpToolWrapper.test.js +2 -2
package/dist/src/agents/browser/mcpToolWrapper.test.js.map +1 -1
package/dist/src/agents/browser/modelAvailability.d.ts +5 -0
package/dist/src/agents/browser/modelAvailability.js +12 -0
package/dist/src/agents/browser/modelAvailability.js.map +1 -1
package/dist/src/agents/browser/snapshotSuperseder.d.ts +31 -0
package/dist/src/agents/browser/snapshotSuperseder.js +101 -0
package/dist/src/agents/browser/snapshotSuperseder.js.map +1 -0
package/dist/src/agents/browser/snapshotSuperseder.test.js +158 -0
package/dist/src/agents/browser/snapshotSuperseder.test.js.map +1 -0
package/dist/src/agents/local-executor.d.ts +9 -0
package/dist/src/agents/local-executor.js +144 -200
package/dist/src/agents/local-executor.js.map +1 -1
package/dist/src/agents/local-executor.test.js +500 -115
package/dist/src/agents/local-executor.test.js.map +1 -1
package/dist/src/agents/local-invocation.d.ts +1 -0
package/dist/src/agents/local-invocation.js +19 -9
package/dist/src/agents/local-invocation.js.map +1 -1
package/dist/src/agents/local-invocation.test.js +24 -0
package/dist/src/agents/local-invocation.test.js.map +1 -1
package/dist/src/agents/memory-manager-agent.js +1 -0
package/dist/src/agents/memory-manager-agent.js.map +1 -1
package/dist/src/agents/memory-manager-agent.test.js +6 -0
package/dist/src/agents/memory-manager-agent.test.js.map +1 -1
package/dist/src/agents/registry.js +19 -11
package/dist/src/agents/registry.js.map +1 -1
package/dist/src/agents/registry.test.js +67 -0
package/dist/src/agents/registry.test.js.map +1 -1
package/dist/src/agents/skill-extraction-agent.d.ts +24 -0
package/dist/src/agents/skill-extraction-agent.js +269 -0
package/dist/src/agents/skill-extraction-agent.js.map +1 -0
package/dist/src/agents/types.d.ts +20 -0
package/dist/src/agents/types.js.map +1 -1
package/dist/src/availability/policyCatalog.d.ts +2 -1
package/dist/src/availability/policyCatalog.js +1 -1
package/dist/src/availability/policyCatalog.js.map +1 -1
package/dist/src/availability/policyHelpers.js +43 -32
package/dist/src/availability/policyHelpers.js.map +1 -1
package/dist/src/availability/policyHelpers.test.js +12 -1
package/dist/src/availability/policyHelpers.test.js.map +1 -1
package/dist/src/code_assist/admin/admin_controls.js +1 -1
package/dist/src/code_assist/admin/admin_controls.js.map +1 -1
package/dist/src/code_assist/experiments/flagNames.d.ts +1 -0
package/dist/src/code_assist/experiments/flagNames.js +1 -0
package/dist/src/code_assist/experiments/flagNames.js.map +1 -1
package/dist/src/code_assist/oauth2.js +8 -3
package/dist/src/code_assist/oauth2.js.map +1 -1
package/dist/src/code_assist/oauth2.test.js +57 -0
package/dist/src/code_assist/oauth2.test.js.map +1 -1
package/dist/src/code_assist/server.js +1 -1
package/dist/src/code_assist/server.js.map +1 -1
package/dist/src/code_assist/setup.js +5 -2
package/dist/src/code_assist/setup.js.map +1 -1
package/dist/src/code_assist/setup.test.js +27 -1
package/dist/src/code_assist/setup.test.js.map +1 -1
package/dist/src/code_assist/types.d.ts +80 -80
package/dist/src/commands/memory.js +1 -1
package/dist/src/commands/memory.js.map +1 -1
package/dist/src/config/agent-loop-context.d.ts +2 -0
package/dist/src/config/config.d.ts +91 -23
package/dist/src/config/config.js +238 -79
package/dist/src/config/config.js.map +1 -1
package/dist/src/config/config.test.js +189 -15
package/dist/src/config/config.test.js.map +1 -1
package/dist/src/config/defaultModelConfigs.js +9 -0
package/dist/src/config/defaultModelConfigs.js.map +1 -1
package/dist/src/config/extensions/integrity.js +1 -1
package/dist/src/config/extensions/integrity.js.map +1 -1
package/dist/src/config/memory.d.ts +1 -0
package/dist/src/config/memory.js +6 -0
package/dist/src/config/memory.js.map +1 -1
package/dist/src/config/projectRegistry.js +5 -3
package/dist/src/config/projectRegistry.js.map +1 -1
package/dist/src/config/scoped-config.d.ts +30 -0
package/dist/src/config/scoped-config.js +69 -0
package/dist/src/config/scoped-config.js.map +1 -0
package/dist/src/config/scoped-config.test.d.ts +6 -0
package/dist/src/config/scoped-config.test.js +161 -0
package/dist/src/config/scoped-config.test.js.map +1 -0
package/dist/src/config/storage.d.ts +3 -0
package/dist/src/config/storage.js +9 -0
package/dist/src/config/storage.js.map +1 -1
package/dist/src/config/storage.test.js +10 -5
package/dist/src/config/storage.test.js.map +1 -1
package/dist/src/config/topicState.d.ts +21 -0
package/dist/src/config/topicState.js +41 -0
package/dist/src/config/topicState.js.map +1 -0
package/dist/src/confirmation-bus/types.d.ts +13 -4
package/dist/src/confirmation-bus/types.js +2 -0
package/dist/src/confirmation-bus/types.js.map +1 -1
package/dist/src/context/agentHistoryProvider.d.ts +45 -0
package/dist/src/context/agentHistoryProvider.js +294 -0
package/dist/src/context/agentHistoryProvider.js.map +1 -0
package/dist/src/context/agentHistoryProvider.test.d.ts +6 -0
package/dist/src/context/agentHistoryProvider.test.js +357 -0
package/dist/src/context/agentHistoryProvider.test.js.map +1 -0
package/dist/src/context/chatCompressionService.js.map +1 -0
package/dist/src/context/chatCompressionService.test.js.map +1 -0
package/dist/src/context/contextCompressionService.d.ts +30 -0
package/dist/src/context/contextCompressionService.js +405 -0
package/dist/src/context/contextCompressionService.js.map +1 -0
package/dist/src/context/contextCompressionService.test.js +253 -0
package/dist/src/context/contextCompressionService.test.js.map +1 -0
package/dist/src/{services/contextManager.d.ts → context/memoryContextManager.d.ts} +3 -1
package/dist/src/{services/contextManager.js → context/memoryContextManager.js} +20 -11
package/dist/src/context/memoryContextManager.js.map +1 -0
package/dist/src/{services/contextManager.test.js → context/memoryContextManager.test.js} +42 -33
package/dist/src/context/memoryContextManager.test.js.map +1 -0
package/dist/src/context/profiles.d.ts +7 -0
package/dist/src/context/profiles.js +21 -0
package/dist/src/context/profiles.js.map +1 -0
package/dist/src/context/toolDistillationService.d.ts +38 -0
package/dist/src/context/toolDistillationService.js +170 -0
package/dist/src/context/toolDistillationService.js.map +1 -0
package/dist/src/context/toolDistillationService.test.d.ts +6 -0
package/dist/src/context/toolDistillationService.test.js +86 -0
package/dist/src/context/toolDistillationService.test.js.map +1 -0
package/dist/src/{services → context}/toolOutputMaskingService.d.ts +2 -2
package/dist/src/{services → context}/toolOutputMaskingService.js +7 -7
package/dist/src/context/toolOutputMaskingService.js.map +1 -0
package/dist/src/context/toolOutputMaskingService.test.d.ts +6 -0
package/dist/src/{services → context}/toolOutputMaskingService.test.js +4 -5
package/dist/src/context/toolOutputMaskingService.test.js.map +1 -0
package/dist/src/context/truncation.d.ts +26 -0
package/dist/src/context/truncation.js +102 -0
package/dist/src/context/truncation.js.map +1 -0
package/dist/src/context/types.d.ts +36 -0
package/dist/src/context/types.js +7 -0
package/dist/src/context/types.js.map +1 -0
package/dist/src/core/AuthenticatedContentGenerator.js +9 -1
package/dist/src/core/AuthenticatedContentGenerator.js.map +1 -1
package/dist/src/core/baseLlmClient.js +1 -1
package/dist/src/core/baseLlmClient.js.map +1 -1
package/dist/src/core/baseLlmClient.test.js +1 -0
package/dist/src/core/baseLlmClient.test.js.map +1 -1
package/dist/src/core/client.d.ts +3 -1
package/dist/src/core/client.js +24 -14
package/dist/src/core/client.js.map +1 -1
package/dist/src/core/client.test.js +36 -40
package/dist/src/core/client.test.js.map +1 -1
package/dist/src/core/contentGenerator.d.ts +0 -1
package/dist/src/core/contentGenerator.js +2 -28
package/dist/src/core/contentGenerator.js.map +1 -1
package/dist/src/core/contentGenerator.test.js +1 -101
package/dist/src/core/contentGenerator.test.js.map +1 -1
package/dist/src/core/geminiChat.js +12 -5
package/dist/src/core/geminiChat.js.map +1 -1
package/dist/src/core/geminiChat.test.js +72 -18
package/dist/src/core/geminiChat.test.js.map +1 -1
package/dist/src/core/geminiChat_network_retry.test.js +1 -0
package/dist/src/core/geminiChat_network_retry.test.js.map +1 -1
package/dist/src/core/logger.js +4 -4
package/dist/src/core/logger.js.map +1 -1
package/dist/src/core/logger.test.js +1 -1
package/dist/src/core/logger.test.js.map +1 -1
package/dist/src/core/loggingContentGenerator.js +1 -1
package/dist/src/core/loggingContentGenerator.js.map +1 -1
package/dist/src/core/prompts-substitution.test.js +5 -0
package/dist/src/core/prompts-substitution.test.js.map +1 -1
package/dist/src/core/prompts.test.js +3 -0
package/dist/src/core/prompts.test.js.map +1 -1
package/dist/src/generated/git-commit.d.ts +2 -2
package/dist/src/generated/git-commit.js +2 -2
package/dist/src/hooks/hookEventHandler.js +8 -0
package/dist/src/hooks/hookEventHandler.js.map +1 -1
package/dist/src/hooks/hookRunner.js +9 -5
package/dist/src/hooks/hookRunner.js.map +1 -1
package/dist/src/hooks/hookRunner.test.js +20 -3
package/dist/src/hooks/hookRunner.test.js.map +1 -1
package/dist/src/hooks/hookSystem.d.ts +2 -0
package/dist/src/hooks/hookSystem.js +1 -0
package/dist/src/hooks/hookSystem.js.map +1 -1
package/dist/src/hooks/hookTranslator.js +20 -13
package/dist/src/hooks/hookTranslator.js.map +1 -1
package/dist/src/hooks/hookTranslator.test.js +36 -0
package/dist/src/hooks/hookTranslator.test.js.map +1 -1
package/dist/src/hooks/types.d.ts +2 -0
package/dist/src/ide/ide-client.js +3 -3
package/dist/src/ide/ide-client.js.map +1 -1
package/dist/src/ide/ide-connection-utils.js +1 -1
package/dist/src/ide/ide-connection-utils.js.map +1 -1
package/dist/src/ide/ide-installer.js +5 -4
package/dist/src/ide/ide-installer.js.map +1 -1
package/dist/src/ide/process-utils.js +3 -3
package/dist/src/ide/process-utils.js.map +1 -1
package/dist/src/index.d.ts +10 -3
package/dist/src/index.js +13 -5
package/dist/src/index.js.map +1 -1
package/dist/src/mcp/mcpLauncher.js +1 -1
package/dist/src/output/json-formatter.js +2 -1
package/dist/src/output/json-formatter.js.map +1 -1
package/dist/src/policy/config.d.ts +1 -1
package/dist/src/policy/config.js +61 -24
package/dist/src/policy/config.js.map +1 -1
package/dist/src/policy/config.test.js +21 -20
package/dist/src/policy/config.test.js.map +1 -1
package/dist/src/policy/persistence.test.js +42 -0
package/dist/src/policy/persistence.test.js.map +1 -1
package/dist/src/policy/policies/discovered.toml +7 -0
package/dist/src/policy/policies/memory-manager.toml +11 -1
package/dist/src/policy/policies/non-interactive.toml +7 -0
package/dist/src/policy/policies/plan.toml +36 -2
package/dist/src/policy/policies/read-only.toml +12 -0
package/dist/src/policy/policies/sandbox-default.toml +4 -4
package/dist/src/policy/policies/write.toml +21 -0
package/dist/src/policy/policies/yolo.toml +1 -1
package/dist/src/policy/policy-engine.d.ts +2 -4
package/dist/src/policy/policy-engine.js +47 -37
package/dist/src/policy/policy-engine.js.map +1 -1
package/dist/src/policy/policy-engine.test.js +236 -30
package/dist/src/policy/policy-engine.test.js.map +1 -1
package/dist/src/policy/sandboxPolicyManager.d.ts +26 -1
package/dist/src/policy/sandboxPolicyManager.js +41 -12
package/dist/src/policy/sandboxPolicyManager.js.map +1 -1
package/dist/src/policy/sandboxPolicyManager.test.d.ts +6 -0
package/dist/src/policy/sandboxPolicyManager.test.js +61 -0
package/dist/src/policy/sandboxPolicyManager.test.js.map +1 -0
package/dist/src/policy/topic-policy.test.d.ts +6 -0
package/dist/src/policy/topic-policy.test.js +48 -0
package/dist/src/policy/topic-policy.test.js.map +1 -0
package/dist/src/policy/types.d.ts +9 -6
package/dist/src/policy/types.js +11 -0
package/dist/src/policy/types.js.map +1 -1
package/dist/src/policy/workspace-policy.test.js +18 -15
package/dist/src/policy/workspace-policy.test.js.map +1 -1
package/dist/src/prompts/promptProvider.js +20 -4
package/dist/src/prompts/promptProvider.js.map +1 -1
package/dist/src/prompts/promptProvider.test.js +84 -1
package/dist/src/prompts/promptProvider.test.js.map +1 -1
package/dist/src/prompts/snippets-memory-manager.test.js +1 -1
package/dist/src/prompts/snippets-memory-manager.test.js.map +1 -1
package/dist/src/prompts/snippets.d.ts +3 -4
package/dist/src/prompts/snippets.js +37 -52
package/dist/src/prompts/snippets.js.map +1 -1
package/dist/src/prompts/snippets.legacy.d.ts +6 -4
package/dist/src/prompts/snippets.legacy.js +36 -7
package/dist/src/prompts/snippets.legacy.js.map +1 -1
package/dist/src/prompts/utils.test.js +7 -5
package/dist/src/prompts/utils.test.js.map +1 -1
package/dist/src/safety/built-in.js +1 -1
package/dist/src/safety/built-in.js.map +1 -1
package/dist/src/sandbox/linux/LinuxSandboxManager.d.ts +11 -1
package/dist/src/sandbox/linux/LinuxSandboxManager.js +131 -41
package/dist/src/sandbox/linux/LinuxSandboxManager.js.map +1 -1
package/dist/src/sandbox/linux/LinuxSandboxManager.test.js +82 -139
package/dist/src/sandbox/linux/LinuxSandboxManager.test.js.map +1 -1
package/dist/src/sandbox/linux/bwrapArgsBuilder.d.ts +24 -0
package/dist/src/sandbox/linux/bwrapArgsBuilder.js +200 -0
package/dist/src/sandbox/linux/bwrapArgsBuilder.js.map +1 -0
package/dist/src/sandbox/linux/bwrapArgsBuilder.test.d.ts +6 -0
package/dist/src/sandbox/linux/bwrapArgsBuilder.test.js +247 -0
package/dist/src/sandbox/linux/bwrapArgsBuilder.test.js.map +1 -0
package/dist/src/sandbox/macos/MacOsSandboxManager.d.ts +10 -22
package/dist/src/sandbox/macos/MacOsSandboxManager.js +67 -59
package/dist/src/sandbox/macos/MacOsSandboxManager.js.map +1 -1
package/dist/src/sandbox/macos/MacOsSandboxManager.test.js +168 -103
package/dist/src/sandbox/macos/MacOsSandboxManager.test.js.map +1 -1
package/dist/src/sandbox/macos/baseProfile.d.ts +1 -1
package/dist/src/sandbox/macos/baseProfile.js +26 -8
package/dist/src/sandbox/macos/baseProfile.js.map +1 -1
package/dist/src/sandbox/macos/seatbeltArgsBuilder.d.ts +10 -10
package/dist/src/sandbox/macos/seatbeltArgsBuilder.js +81 -93
package/dist/src/sandbox/macos/seatbeltArgsBuilder.js.map +1 -1
package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js +136 -99
package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js.map +1 -1
package/dist/src/sandbox/{macos → utils}/commandSafety.d.ts +11 -0
package/dist/src/sandbox/{macos → utils}/commandSafety.js +47 -14
package/dist/src/sandbox/utils/commandSafety.js.map +1 -0
package/dist/src/sandbox/utils/commandUtils.d.ts +9 -0
package/dist/src/sandbox/utils/commandUtils.js +57 -0
package/dist/src/sandbox/utils/commandUtils.js.map +1 -0
package/dist/src/sandbox/utils/fsUtils.d.ts +11 -0
package/dist/src/sandbox/utils/fsUtils.js +84 -0
package/dist/src/sandbox/utils/fsUtils.js.map +1 -0
package/dist/src/sandbox/utils/fsUtils.test.d.ts +6 -0
package/dist/src/sandbox/utils/fsUtils.test.js +43 -0
package/dist/src/sandbox/utils/fsUtils.test.js.map +1 -0
package/dist/src/sandbox/utils/proactivePermissions.d.ts +19 -0
package/dist/src/sandbox/utils/proactivePermissions.js +163 -0
package/dist/src/sandbox/utils/proactivePermissions.js.map +1 -0
package/dist/src/sandbox/utils/proactivePermissions.test.d.ts +6 -0
package/dist/src/sandbox/utils/proactivePermissions.test.js +145 -0
package/dist/src/sandbox/utils/proactivePermissions.test.js.map +1 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.d.ts +27 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.js +142 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.js.map +1 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.test.d.ts +6 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.test.js +188 -0
package/dist/src/sandbox/utils/sandboxDenialUtils.test.js.map +1 -0
package/dist/src/sandbox/utils/sandboxReadWriteUtils.d.ts +5 -0
package/dist/src/sandbox/utils/sandboxReadWriteUtils.js +64 -0
package/dist/src/sandbox/utils/sandboxReadWriteUtils.js.map +1 -0
package/dist/src/sandbox/windows/GeminiSandbox.cs +312 -223
package/dist/src/sandbox/windows/WindowsSandboxManager.d.ts +16 -2
package/dist/src/sandbox/windows/WindowsSandboxManager.js +261 -44
package/dist/src/sandbox/windows/WindowsSandboxManager.js.map +1 -1
package/dist/src/sandbox/windows/WindowsSandboxManager.test.js +379 -17
package/dist/src/sandbox/windows/WindowsSandboxManager.test.js.map +1 -1
package/dist/src/sandbox/windows/commandSafety.d.ts +19 -0
package/dist/src/sandbox/windows/commandSafety.js +128 -0
package/dist/src/sandbox/windows/commandSafety.js.map +1 -0
package/dist/src/sandbox/windows/commandSafety.test.d.ts +6 -0
package/dist/src/sandbox/windows/commandSafety.test.js +42 -0
package/dist/src/sandbox/windows/commandSafety.test.js.map +1 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.d.ts +13 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.js +69 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.js.map +1 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.d.ts +6 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.js +68 -0
package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.js.map +1 -0
package/dist/src/scheduler/policy.js +20 -5
package/dist/src/scheduler/policy.js.map +1 -1
package/dist/src/scheduler/policy.test.js +80 -0
package/dist/src/scheduler/policy.test.js.map +1 -1
package/dist/src/scheduler/scheduler.js +13 -3
package/dist/src/scheduler/scheduler.js.map +1 -1
package/dist/src/scheduler/scheduler.test.js +52 -0
package/dist/src/scheduler/scheduler.test.js.map +1 -1
package/dist/src/scheduler/scheduler_hooks.test.js +1 -0
package/dist/src/scheduler/scheduler_hooks.test.js.map +1 -1
package/dist/src/scheduler/state-manager.js +1 -1
package/dist/src/scheduler/state-manager.js.map +1 -1
package/dist/src/scheduler/state-manager.test.js +10 -0
package/dist/src/scheduler/state-manager.test.js.map +1 -1
package/dist/src/scheduler/tool-executor.js +7 -2
package/dist/src/scheduler/tool-executor.js.map +1 -1
package/dist/src/scheduler/tool-executor.test.js +38 -0
package/dist/src/scheduler/tool-executor.test.js.map +1 -1
package/dist/src/scheduler/types.d.ts +4 -2
package/dist/src/services/chatRecordingService.d.ts +1 -13
package/dist/src/services/chatRecordingService.js +45 -46
package/dist/src/services/chatRecordingService.js.map +1 -1
package/dist/src/services/chatRecordingService.test.js +79 -10
package/dist/src/services/chatRecordingService.test.js.map +1 -1
package/dist/src/services/executionLifecycleService.d.ts +44 -6
package/dist/src/services/executionLifecycleService.js +52 -12
package/dist/src/services/executionLifecycleService.js.map +1 -1
package/dist/src/services/executionLifecycleService.test.js +157 -3
package/dist/src/services/executionLifecycleService.test.js.map +1 -1
package/dist/src/services/fileDiscoveryService.d.ts +17 -2
package/dist/src/services/fileDiscoveryService.js +84 -20
package/dist/src/services/fileDiscoveryService.js.map +1 -1
package/dist/src/services/fileDiscoveryService.test.js +67 -1
package/dist/src/services/fileDiscoveryService.test.js.map +1 -1
package/dist/src/services/gitService.js +1 -1
package/dist/src/services/gitService.js.map +1 -1
package/dist/src/services/memoryService.d.ts +65 -0
package/dist/src/services/memoryService.js +511 -0
package/dist/src/services/memoryService.js.map +1 -0
package/dist/src/services/memoryService.test.d.ts +6 -0
package/dist/src/services/memoryService.test.js +563 -0
package/dist/src/services/memoryService.test.js.map +1 -0
package/dist/src/services/modelConfigService.d.ts +11 -0
package/dist/src/services/modelConfigService.js +67 -0
package/dist/src/services/modelConfigService.js.map +1 -1
package/dist/src/services/modelConfigService.test.js +30 -0
package/dist/src/services/modelConfigService.test.js.map +1 -1
package/dist/src/services/sandboxManager.d.ts +107 -8
package/dist/src/services/sandboxManager.integration.test.d.ts +1 -0
package/dist/src/services/sandboxManager.integration.test.js +445 -0
package/dist/src/services/sandboxManager.integration.test.js.map +1 -0
package/dist/src/services/sandboxManager.js +176 -13
package/dist/src/services/sandboxManager.js.map +1 -1
package/dist/src/services/sandboxManager.test.js +401 -117
package/dist/src/services/sandboxManager.test.js.map +1 -1
package/dist/src/services/sandboxManagerFactory.d.ts +2 -3
package/dist/src/services/sandboxManagerFactory.js +12 -22
package/dist/src/services/sandboxManagerFactory.js.map +1 -1
package/dist/src/services/sandboxedFileSystemService.d.ts +1 -0
package/dist/src/services/sandboxedFileSystemService.js +43 -3
package/dist/src/services/sandboxedFileSystemService.js.map +1 -1
package/dist/src/services/sandboxedFileSystemService.test.js +97 -11
package/dist/src/services/sandboxedFileSystemService.test.js.map +1 -1
package/dist/src/services/shellExecutionService.d.ts +18 -1
package/dist/src/services/shellExecutionService.js +115 -26
package/dist/src/services/shellExecutionService.js.map +1 -1
package/dist/src/services/shellExecutionService.test.js +70 -8
package/dist/src/services/shellExecutionService.test.js.map +1 -1
package/dist/src/services/test-data/resolved-aliases-retry.golden.json +4 -0
package/dist/src/services/test-data/resolved-aliases.golden.json +4 -0
package/dist/src/services/worktreeService.test.js +7 -7
package/dist/src/services/worktreeService.test.js.map +1 -1
package/dist/src/skills/skillLoader.d.ts +8 -0
package/dist/src/skills/skillLoader.js +1 -1
package/dist/src/skills/skillLoader.js.map +1 -1
package/dist/src/telemetry/clearcut-logger/clearcut-logger.d.ts +29 -1
package/dist/src/telemetry/clearcut-logger/clearcut-logger.js +107 -0
package/dist/src/telemetry/clearcut-logger/clearcut-logger.js.map +1 -1
package/dist/src/telemetry/clearcut-logger/clearcut-logger.test.js +172 -1
package/dist/src/telemetry/clearcut-logger/clearcut-logger.test.js.map +1 -1
package/dist/src/telemetry/clearcut-logger/event-metadata-key.d.ts +10 -1
package/dist/src/telemetry/clearcut-logger/event-metadata-key.js +22 -1
package/dist/src/telemetry/clearcut-logger/event-metadata-key.js.map +1 -1
package/dist/src/telemetry/loggers.d.ts +22 -0
package/dist/src/telemetry/loggers.js +41 -2
package/dist/src/telemetry/loggers.js.map +1 -1
package/dist/src/telemetry/loggers.test.js +8 -3
package/dist/src/telemetry/loggers.test.js.map +1 -1
package/dist/src/telemetry/metrics.d.ts +118 -1
package/dist/src/telemetry/metrics.js +196 -4
package/dist/src/telemetry/metrics.js.map +1 -1
package/dist/src/telemetry/metrics.test.js +298 -0
package/dist/src/telemetry/metrics.test.js.map +1 -1
package/dist/src/telemetry/types.d.ts +3 -3
package/dist/src/telemetry/types.js +9 -4
package/dist/src/telemetry/types.js.map +1 -1
package/dist/src/test-utils/mock-message-bus.d.ts +1 -1
package/dist/src/test-utils/mock-message-bus.js +1 -1
package/dist/src/test-utils/mock-message-bus.js.map +1 -1
package/dist/src/tools/complete-task.d.ts +29 -0
package/dist/src/tools/complete-task.js +123 -0
package/dist/src/tools/complete-task.js.map +1 -0
package/dist/src/tools/complete-task.test.d.ts +6 -0
package/dist/src/tools/complete-task.test.js +114 -0
package/dist/src/tools/complete-task.test.js.map +1 -0
package/dist/src/tools/definitions/base-declarations.d.ts +8 -0
package/dist/src/tools/definitions/base-declarations.js +10 -0
package/dist/src/tools/definitions/base-declarations.js.map +1 -1
package/dist/src/tools/definitions/coreTools.d.ts +2 -1
package/dist/src/tools/definitions/coreTools.js +9 -3
package/dist/src/tools/definitions/coreTools.js.map +1 -1
package/dist/src/tools/definitions/dynamic-declaration-helpers.d.ts +4 -0
package/dist/src/tools/definitions/dynamic-declaration-helpers.js +33 -2
package/dist/src/tools/definitions/dynamic-declaration-helpers.js.map +1 -1
package/dist/src/tools/definitions/model-family-sets/default-legacy.js +14 -9
package/dist/src/tools/definitions/model-family-sets/default-legacy.js.map +1 -1
package/dist/src/tools/definitions/model-family-sets/gemini-3.js +13 -7
package/dist/src/tools/definitions/model-family-sets/gemini-3.js.map +1 -1
package/dist/src/tools/definitions/trackerTools.js +3 -3
package/dist/src/tools/definitions/trackerTools.js.map +1 -1
package/dist/src/tools/definitions/types.d.ts +1 -0
package/dist/src/tools/enter-plan-mode.js +15 -0
package/dist/src/tools/enter-plan-mode.js.map +1 -1
package/dist/src/tools/enter-plan-mode.test.js +25 -0
package/dist/src/tools/enter-plan-mode.test.js.map +1 -1
package/dist/src/tools/grep-utils.d.ts +2 -1
package/dist/src/tools/grep-utils.js +22 -3
package/dist/src/tools/grep-utils.js.map +1 -1
package/dist/src/tools/grep.js +16 -3
package/dist/src/tools/grep.js.map +1 -1
package/dist/src/tools/grep.test.js +36 -8
package/dist/src/tools/grep.test.js.map +1 -1
package/dist/src/tools/jit-context.js +3 -3
package/dist/src/tools/jit-context.js.map +1 -1
package/dist/src/tools/jit-context.test.js +15 -13
package/dist/src/tools/jit-context.test.js.map +1 -1
package/dist/src/tools/ls.js +6 -4
package/dist/src/tools/ls.js.map +1 -1
package/dist/src/tools/ls.test.js +22 -7
package/dist/src/tools/ls.test.js.map +1 -1
package/dist/src/tools/mcp-client-manager.js +6 -3
package/dist/src/tools/mcp-client-manager.js.map +1 -1
package/dist/src/tools/mcp-client-manager.test.js +35 -0
package/dist/src/tools/mcp-client-manager.test.js.map +1 -1
package/dist/src/tools/mcp-client.js +1 -1
package/dist/src/tools/mcp-client.js.map +1 -1
package/dist/src/tools/mcp-tool.test.js +1 -1
package/dist/src/tools/mcp-tool.test.js.map +1 -1
package/dist/src/tools/memoryTool.d.ts +9 -2
package/dist/src/tools/memoryTool.js +39 -15
package/dist/src/tools/memoryTool.js.map +1 -1
package/dist/src/tools/memoryTool.test.js +61 -2
package/dist/src/tools/memoryTool.test.js.map +1 -1
package/dist/src/tools/read-many-files.js +12 -4
package/dist/src/tools/read-many-files.js.map +1 -1
package/dist/src/tools/read-many-files.test.js +17 -17
package/dist/src/tools/read-many-files.test.js.map +1 -1
package/dist/src/tools/ripGrep.js +14 -1
package/dist/src/tools/ripGrep.js.map +1 -1
package/dist/src/tools/ripGrep.test.js +10 -10
package/dist/src/tools/ripGrep.test.js.map +1 -1
package/dist/src/tools/shell.d.ts +17 -4
package/dist/src/tools/shell.js +342 -151
package/dist/src/tools/shell.js.map +1 -1
package/dist/src/tools/shell.test.js +204 -11
package/dist/src/tools/shell.test.js.map +1 -1
package/dist/src/tools/shellBackgroundTools.d.ts +38 -0
package/dist/src/tools/shellBackgroundTools.integration.test.d.ts +6 -0
package/dist/src/tools/shellBackgroundTools.integration.test.js +86 -0
package/dist/src/tools/shellBackgroundTools.integration.test.js.map +1 -0
package/dist/src/tools/shellBackgroundTools.js +186 -0
package/dist/src/tools/shellBackgroundTools.js.map +1 -0
package/dist/src/tools/shellBackgroundTools.test.d.ts +6 -0
package/dist/src/tools/shellBackgroundTools.test.js +230 -0
package/dist/src/tools/shellBackgroundTools.test.js.map +1 -0
package/dist/src/tools/shell_proactive.test.d.ts +6 -0
package/dist/src/tools/shell_proactive.test.js +122 -0
package/dist/src/tools/shell_proactive.test.js.map +1 -0
package/dist/src/tools/tool-names.d.ts +4 -4
package/dist/src/tools/tool-names.js +6 -3
package/dist/src/tools/tool-names.js.map +1 -1
package/dist/src/tools/tool-registry.js +11 -1
package/dist/src/tools/tool-registry.js.map +1 -1
package/dist/src/tools/tool-registry.test.js +43 -1
package/dist/src/tools/tool-registry.test.js.map +1 -1
package/dist/src/tools/tools.d.ts +12 -1
package/dist/src/tools/tools.js +16 -1
package/dist/src/tools/tools.js.map +1 -1
package/dist/src/tools/tools.test.js +42 -1
package/dist/src/tools/tools.test.js.map +1 -1
package/dist/src/tools/topicTool.d.ts +29 -0
package/dist/src/tools/topicTool.js +72 -0
package/dist/src/tools/topicTool.js.map +1 -0
package/dist/src/tools/topicTool.test.d.ts +6 -0
package/dist/src/tools/topicTool.test.js +105 -0
package/dist/src/tools/topicTool.test.js.map +1 -0
package/dist/src/tools/web-fetch.js +40 -22
package/dist/src/tools/web-fetch.js.map +1 -1
package/dist/src/tools/web-fetch.test.js +28 -0
package/dist/src/tools/web-fetch.test.js.map +1 -1
package/dist/src/tools/xcode-mcp-fix-transport.js +1 -1
package/dist/src/tools/xcode-mcp-fix-transport.js.map +1 -1
package/dist/src/utils/bfsFileSearch.js +3 -6
package/dist/src/utils/bfsFileSearch.js.map +1 -1
package/dist/src/utils/checkpointUtils.d.ts +4 -4
package/dist/src/utils/checkpointUtils.js +11 -8
package/dist/src/utils/checkpointUtils.js.map +1 -1
package/dist/src/utils/compatibility.js +0 -7
package/dist/src/utils/compatibility.js.map +1 -1
package/dist/src/utils/compatibility.test.js +0 -9
package/dist/src/utils/compatibility.test.js.map +1 -1
package/dist/src/utils/editor.js +3 -0
package/dist/src/utils/editor.js.map +1 -1
package/dist/src/utils/errorParsing.js +2 -2
package/dist/src/utils/errorParsing.js.map +1 -1
package/dist/src/utils/errors.d.ts +3 -0
package/dist/src/utils/errors.js +28 -6
package/dist/src/utils/errors.js.map +1 -1
package/dist/src/utils/errors.test.js +23 -0
package/dist/src/utils/errors.test.js.map +1 -1
package/dist/src/utils/events.d.ts +12 -0
package/dist/src/utils/events.js +7 -0
package/dist/src/utils/events.js.map +1 -1
package/dist/src/utils/fetch.d.ts +1 -0
package/dist/src/utils/fetch.js +22 -6
package/dist/src/utils/fetch.js.map +1 -1
package/dist/src/utils/fetch.test.js +26 -1
package/dist/src/utils/fetch.test.js.map +1 -1
package/dist/src/utils/fileUtils.js +1 -1
package/dist/src/utils/fileUtils.js.map +1 -1
package/dist/src/utils/filesearch/crawler.js +1 -1
package/dist/src/utils/filesearch/crawler.js.map +1 -1
package/dist/src/utils/filesearch/fileSearch.test.js +7 -2
package/dist/src/utils/filesearch/fileSearch.test.js.map +1 -1
package/dist/src/utils/getFolderStructure.js +1 -1
package/dist/src/utils/getFolderStructure.js.map +1 -1
package/dist/src/utils/getPty.js +2 -2
package/dist/src/utils/getPty.js.map +1 -1
package/dist/src/utils/gitIgnoreParser.d.ts +2 -2
package/dist/src/utils/gitIgnoreParser.js +30 -52
package/dist/src/utils/gitIgnoreParser.js.map +1 -1
package/dist/src/utils/gitIgnoreParser.test.js +51 -185
package/dist/src/utils/gitIgnoreParser.test.js.map +1 -1
package/dist/src/utils/gitUtils.js +2 -2
package/dist/src/utils/gitUtils.js.map +1 -1
package/dist/src/utils/googleErrors.js +5 -5
package/dist/src/utils/googleErrors.js.map +1 -1
package/dist/src/utils/ignoreFileParser.d.ts +2 -2
package/dist/src/utils/ignoreFileParser.js +7 -18
package/dist/src/utils/ignoreFileParser.js.map +1 -1
package/dist/src/utils/ignoreFileParser.test.js +40 -132
package/dist/src/utils/ignoreFileParser.test.js.map +1 -1
package/dist/src/utils/ignorePathUtils.d.ts +11 -0
package/dist/src/utils/ignorePathUtils.js +39 -0
package/dist/src/utils/ignorePathUtils.js.map +1 -0
package/dist/src/utils/ignorePathUtils.test.d.ts +6 -0
package/dist/src/utils/ignorePathUtils.test.js +70 -0
package/dist/src/utils/ignorePathUtils.test.js.map +1 -0
package/dist/src/utils/memoryDiscovery.d.ts +6 -4
package/dist/src/utils/memoryDiscovery.js +69 -48
package/dist/src/utils/memoryDiscovery.js.map +1 -1
package/dist/src/utils/memoryDiscovery.test.js +40 -0
package/dist/src/utils/memoryDiscovery.test.js.map +1 -1
package/dist/src/utils/memoryImportProcessor.d.ts +1 -1
package/dist/src/utils/memoryImportProcessor.js +24 -15
package/dist/src/utils/memoryImportProcessor.js.map +1 -1
package/dist/src/utils/paths.d.ts +8 -0
package/dist/src/utils/paths.js +37 -6
package/dist/src/utils/paths.js.map +1 -1
package/dist/src/utils/paths.test.js +61 -3
package/dist/src/utils/paths.test.js.map +1 -1
package/dist/src/utils/process-utils.js +2 -2
package/dist/src/utils/process-utils.js.map +1 -1
package/dist/src/utils/retry.js +7 -0
package/dist/src/utils/retry.js.map +1 -1
package/dist/src/utils/retry.test.js +41 -0
package/dist/src/utils/retry.test.js.map +1 -1
package/dist/src/utils/secure-browser-launcher.js +1 -1
package/dist/src/utils/secure-browser-launcher.js.map +1 -1
package/dist/src/utils/sessionOperations.d.ts +19 -0
package/dist/src/utils/sessionOperations.js +101 -0
package/dist/src/utils/sessionOperations.js.map +1 -0
package/dist/src/utils/sessionOperations.test.d.ts +6 -0
package/dist/src/utils/sessionOperations.test.js +92 -0
package/dist/src/utils/sessionOperations.test.js.map +1 -0
package/dist/src/utils/shell-utils.d.ts +24 -0
package/dist/src/utils/shell-utils.integration.test.js +1 -1
package/dist/src/utils/shell-utils.integration.test.js.map +1 -1
package/dist/src/utils/shell-utils.js +86 -6
package/dist/src/utils/shell-utils.js.map +1 -1
package/dist/src/utils/shell-utils.test.js +13 -1
package/dist/src/utils/shell-utils.test.js.map +1 -1
package/dist/src/utils/systemEncoding.js +1 -1
package/dist/src/utils/systemEncoding.js.map +1 -1
package/dist/src/utils/terminalSerializer.d.ts +1 -0
package/dist/src/utils/terminalSerializer.js +31 -8
package/dist/src/utils/terminalSerializer.js.map +1 -1
package/dist/src/utils/terminalSerializer.test.js +3 -2
package/dist/src/utils/terminalSerializer.test.js.map +1 -1
package/dist/src/utils/textUtils.d.ts +8 -0
package/dist/src/utils/textUtils.js +16 -0
package/dist/src/utils/textUtils.js.map +1 -1
package/dist/src/utils/tokenCalculation.d.ts +2 -0
package/dist/src/utils/tokenCalculation.js +2 -2
package/dist/src/utils/tokenCalculation.js.map +1 -1
package/dist/src/utils/workspaceContext.js +2 -2
package/dist/src/utils/workspaceContext.js.map +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +2 -1
package/dist/docs/CONTRIBUTING.md +0 -566
package/dist/docs/get-started/examples.md +0 -141
package/dist/src/sandbox/macos/MacOsSandboxManager.integration.test.js +0 -164
package/dist/src/sandbox/macos/MacOsSandboxManager.integration.test.js.map +0 -1
package/dist/src/sandbox/macos/commandSafety.js.map +0 -1
package/dist/src/services/chatCompressionService.js.map +0 -1
package/dist/src/services/chatCompressionService.test.js.map +0 -1
package/dist/src/services/contextManager.js.map +0 -1
package/dist/src/services/contextManager.test.js.map +0 -1
package/dist/src/services/toolOutputMaskingService.js.map +0 -1
package/dist/src/services/toolOutputMaskingService.test.js.map +0 -1
/package/dist/src/{services/toolOutputMaskingService.test.d.ts → agents/browser/snapshotSuperseder.test.d.ts} +0 -0
/package/dist/src/{services → context}/chatCompressionService.d.ts +0 -0
/package/dist/src/{services → context}/chatCompressionService.js +0 -0
/package/dist/src/{services → context}/chatCompressionService.test.d.ts +0 -0
/package/dist/src/{services → context}/chatCompressionService.test.js +0 -0
/package/dist/src/{sandbox/macos/MacOsSandboxManager.integration.test.d.ts → context/contextCompressionService.test.d.ts} +0 -0
/package/dist/src/{services/contextManager.test.d.ts → context/memoryContextManager.test.d.ts} +0 -0

package/dist/src/tools/shell.js CHANGED Viewed

@@ -9,26 +9,52 @@ import path from 'node:path';
 import os from 'node:os';
 import crypto from 'node:crypto';
 import { debugLogger } from '../index.js';
+import { getPathIdentity, } from '../services/sandboxManager.js';
 import { ToolErrorType } from './tool-error.js';
 import { BaseDeclarativeTool, BaseToolInvocation, ToolConfirmationOutcome, Kind, } from './tools.js';
 import { getErrorMessage } from '../utils/errors.js';
 import { summarizeToolOutput } from '../utils/summarizer.js';
 import { ShellExecutionService, } from '../services/shellExecutionService.js';
 import { formatBytes } from '../utils/formatters.js';
-import { getCommandRoots, initializeShellParsers, stripShellWrapper, parseCommandDetails, hasRedirection, } from '../utils/shell-utils.js';
+import { getCommandRoots, initializeShellParsers, stripShellWrapper, parseCommandDetails, hasRedirection, normalizeCommand, } from '../utils/shell-utils.js';
 import { SHELL_TOOL_NAME } from './tool-names.js';
 import { PARAM_ADDITIONAL_PERMISSIONS } from './definitions/base-declarations.js';
 import { getShellDefinition } from './definitions/coreTools.js';
 import { resolveToolDeclaration } from './definitions/resolver.js';
+import { isSubpath, resolveToRealPath } from '../utils/paths.js';
+import { getProactiveToolSuggestions, isNetworkReliantCommand, } from '../sandbox/utils/proactivePermissions.js';
 export const OUTPUT_UPDATE_INTERVAL_MS = 1000;
 // Delay so user does not see the output of the process before the process is moved to the background.
 const BACKGROUND_DELAY_MS = 200;
 export class ShellToolInvocation extends BaseToolInvocation {
     context;
+    proactivePermissionsConfirmed;
     constructor(context, params, messageBus, _toolName, _toolDisplayName) {
         super(params, messageBus, _toolName, _toolDisplayName);
         this.context = context;
     }
+    /**
+     * Wraps a command in a subshell `()` to capture background process IDs (PIDs) using pgrep.
+     * Uses newlines to prevent breaking heredocs or trailing comments.
+     *
+     * @param command The raw command string to execute.
+     * @param tempFilePath Path to the temporary file where PIDs will be written.
+     * @param isWindows Whether the current platform is Windows (if true, the command is returned as-is).
+     * @returns The wrapped command string.
+     */
+    wrapCommandForPgrep(command, tempFilePath, isWindows) {
+        if (isWindows) {
+            return command;
+        }
+        let trimmed = command.trim();
+        if (!trimmed) {
+            return '';
+        }
+        if (trimmed.endsWith('\\')) {
+            trimmed += ' ';
+        }
+        return `(\n${trimmed}\n); __code=$?; pgrep -g 0 >${tempFilePath} 2>&1; exit $__code;`;
+    }
     getContextualDetails() {
         let details = '';
         // append optional [in directory]
@@ -49,7 +75,79 @@ export class ShellToolInvocation extends BaseToolInvocation {
         return details;
     }
     getDescription() {
-        return `${this.params.command} ${this.getContextualDetails()}`;
+        return this.params.description?.trim()
+            ? this.params.description
+            : this.params.command;
+    }
+    simplifyPaths(paths) {
+        if (paths.size === 0)
+            return [];
+        const rawPaths = Array.from(paths);
+        // 1. Remove redundant paths (subpaths of already included paths)
+        const sorted = rawPaths.sort((a, b) => a.length - b.length);
+        const nonRedundant = [];
+        for (const p of sorted) {
+            if (!nonRedundant.some((s) => isSubpath(s, p))) {
+                nonRedundant.push(p);
+            }
+        }
+        // 2. Consolidate clusters: if >= 3 paths share the same immediate parent, use the parent
+        const parentCounts = new Map();
+        for (const p of nonRedundant) {
+            const parent = path.dirname(p);
+            if (!parentCounts.has(parent)) {
+                parentCounts.set(parent, []);
+            }
+            parentCounts.get(parent).push(p);
+        }
+        const finalPaths = new Set();
+        const sensitiveDirs = new Set([
+            os.homedir(),
+            path.dirname(os.homedir()),
+            path.sep,
+            path.join(path.sep, 'etc'),
+            path.join(path.sep, 'usr'),
+            path.join(path.sep, 'var'),
+            path.join(path.sep, 'bin'),
+            path.join(path.sep, 'sbin'),
+            path.join(path.sep, 'lib'),
+            path.join(path.sep, 'root'),
+            path.join(path.sep, 'home'),
+            path.join(path.sep, 'Users'),
+        ]);
+        if (os.platform() === 'win32') {
+            const systemRoot = process.env['SystemRoot'];
+            if (systemRoot) {
+                sensitiveDirs.add(systemRoot);
+                sensitiveDirs.add(path.join(systemRoot, 'System32'));
+            }
+            const programFiles = process.env['ProgramFiles'];
+            if (programFiles)
+                sensitiveDirs.add(programFiles);
+            const programFilesX86 = process.env['ProgramFiles(x86)'];
+            if (programFilesX86)
+                sensitiveDirs.add(programFilesX86);
+        }
+        for (const [parent, children] of parentCounts.entries()) {
+            const isSensitive = sensitiveDirs.has(parent);
+            if (children.length >= 3 && parent.length > 1 && !isSensitive) {
+                finalPaths.add(parent);
+            }
+            else {
+                for (const child of children) {
+                    finalPaths.add(child);
+                }
+            }
+        }
+        // 3. Final redundancy check after consolidation
+        const finalSorted = Array.from(finalPaths).sort((a, b) => a.length - b.length);
+        const result = [];
+        for (const p of finalSorted) {
+            if (!result.some((s) => isSubpath(s, p))) {
+                result.push(p);
+            }
+        }
+        return result;
     }
     getDisplayTitle() {
         return this.params.command;
@@ -70,13 +168,81 @@ export class ShellToolInvocation extends BaseToolInvocation {
         }
         return undefined;
     }
-    async shouldConfirmExecute(abortSignal) {
+    async shouldConfirmExecute(abortSignal, forcedDecision) {
         if (this.params[PARAM_ADDITIONAL_PERMISSIONS]) {
             return this.getConfirmationDetails(abortSignal);
         }
-        return super.shouldConfirmExecute(abortSignal);
+        if (this.context.config.getSandboxEnabled()) {
+            const command = stripShellWrapper(this.params.command);
+            const rootCommands = getCommandRoots(command);
+            const rawRootCommand = rootCommands[0];
+            if (rawRootCommand) {
+                const rootCommand = normalizeCommand(rawRootCommand);
+                const proactive = await getProactiveToolSuggestions(rootCommand);
+                if (proactive) {
+                    const mode = this.context.config.getApprovalMode();
+                    const modeConfig = this.context.config.sandboxPolicyManager.getModeConfig(mode);
+                    const approved = this.context.config.sandboxPolicyManager.getCommandPermissions(rootCommand);
+                    const hasNetwork = modeConfig.network || approved.network;
+                    const missingNetwork = !!proactive.network && !hasNetwork;
+                    // Detect commands or sub-commands that definitely need network
+                    const parsed = parseCommandDetails(command);
+                    const subCommand = parsed?.details[0]?.args?.[0];
+                    const needsNetwork = isNetworkReliantCommand(rootCommand, subCommand);
+                    if (needsNetwork) {
+                        // Add write permission to the current directory if we are in readonly mode
+                        const isReadonlyMode = modeConfig.readonly ?? false;
+                        if (isReadonlyMode) {
+                            const cwd = this.params.dir_path || this.context.config.getTargetDir();
+                            proactive.fileSystem = proactive.fileSystem || {
+                                read: [],
+                                write: [],
+                            };
+                            proactive.fileSystem.write = proactive.fileSystem.write || [];
+                            if (!proactive.fileSystem.write.includes(cwd)) {
+                                proactive.fileSystem.write.push(cwd);
+                                proactive.fileSystem.read = proactive.fileSystem.read || [];
+                                if (!proactive.fileSystem.read.includes(cwd)) {
+                                    proactive.fileSystem.read.push(cwd);
+                                }
+                            }
+                        }
+                        const isApproved = (requestedPath, approvedPaths) => {
+                            if (!approvedPaths || approvedPaths.length === 0)
+                                return false;
+                            const requestedRealIdentity = getPathIdentity(resolveToRealPath(requestedPath));
+                            // Identity check is fast, subpath check is slower
+                            return approvedPaths.some((p) => {
+                                const approvedRealIdentity = getPathIdentity(resolveToRealPath(p));
+                                return (requestedRealIdentity === approvedRealIdentity ||
+                                    isSubpath(approvedRealIdentity, requestedRealIdentity));
+                            });
+                        };
+                        const missingRead = (proactive.fileSystem?.read || []).filter((p) => !isApproved(p, approved.fileSystem?.read));
+                        const missingWrite = (proactive.fileSystem?.write || []).filter((p) => !isApproved(p, approved.fileSystem?.write));
+                        const needsExpansion = missingRead.length > 0 ||
+                            missingWrite.length > 0 ||
+                            missingNetwork;
+                        if (needsExpansion) {
+                            const details = await this.getConfirmationDetails(abortSignal, proactive);
+                            if (details && details.type === 'sandbox_expansion') {
+                                const originalOnConfirm = details.onConfirm;
+                                details.onConfirm = async (outcome) => {
+                                    await originalOnConfirm(outcome);
+                                    if (outcome !== ToolConfirmationOutcome.Cancel) {
+                                        this.proactivePermissionsConfirmed = proactive;
+                                    }
+                                };
+                            }
+                            return details;
+                        }
+                    }
+                }
+            }
+        }
+        return super.shouldConfirmExecute(abortSignal, forcedDecision);
     }
-    async getConfirmationDetails(_abortSignal) {
+    async getConfirmationDetails(_abortSignal, proactivePermissions) {
         const command = stripShellWrapper(this.params.command);
         const parsed = parseCommandDetails(command);
         let rootCommandDisplay = '';
@@ -94,25 +260,29 @@ export class ShellToolInvocation extends BaseToolInvocation {
                 .join(', ');
         }
         const rootCommands = [...new Set(getCommandRoots(command))];
+        const rootCommand = rootCommands[0] || 'shell';
+        // Proactively suggest expansion for known network-heavy tools (npm install, etc.)
+        // to avoid hangs when network is restricted by default.
+        const effectiveAdditionalPermissions = this.params[PARAM_ADDITIONAL_PERMISSIONS] || proactivePermissions;
         // Rely entirely on PolicyEngine for interactive confirmation.
         // If we are here, it means PolicyEngine returned ASK_USER (or no message bus),
         // so we must provide confirmation details.
         // If additional_permissions are provided, it's an expansion request
-        if (this.params[PARAM_ADDITIONAL_PERMISSIONS]) {
+        if (effectiveAdditionalPermissions) {
             return {
                 type: 'sandbox_expansion',
-                title: 'Sandbox Expansion Request',
+                title: proactivePermissions
+                    ? 'Sandbox Expansion Request (Recommended)'
+                    : 'Sandbox Expansion Request',
                 command: this.params.command,
                 rootCommand: rootCommandDisplay,
-                additionalPermissions: this.params[PARAM_ADDITIONAL_PERMISSIONS],
+                additionalPermissions: effectiveAdditionalPermissions,
                 onConfirm: async (outcome) => {
                     if (outcome === ToolConfirmationOutcome.ProceedAlwaysAndSave) {
-                        const commandName = rootCommands[0] || 'shell';
-                        this.context.config.sandboxPolicyManager.addPersistentApproval(commandName, this.params[PARAM_ADDITIONAL_PERMISSIONS]);
+                        this.context.config.sandboxPolicyManager.addPersistentApproval(rootCommand, effectiveAdditionalPermissions);
                     }
                     else if (outcome === ToolConfirmationOutcome.ProceedAlways) {
-                        const commandName = rootCommands[0] || 'shell';
-                        this.context.config.sandboxPolicyManager.addSessionApproval(commandName, this.params[PARAM_ADDITIONAL_PERMISSIONS]);
+                        this.context.config.sandboxPolicyManager.addSessionApproval(rootCommand, effectiveAdditionalPermissions);
                     }
                 },
             };
@@ -151,15 +321,7 @@ export class ShellToolInvocation extends BaseToolInvocation {
         const onAbort = () => combinedController.abort();
         try {
             // pgrep is not available on Windows, so we can't get background PIDs
-            const commandToExecute = isWindows
-                ? strippedCommand
-                : (() => {
-                    // wrap command to append subprocess pids (via pgrep) to temporary file
-                    let command = strippedCommand.trim();
-                    if (!command.endsWith('&'))
-                        command += ';';
-                    return `{ ${command} }; __code=$?; pgrep -g 0 >${tempFilePath} 2>&1; exit $__code;`;
-                })();
+            const commandToExecute = this.wrapCommandForPgrep(strippedCommand, tempFilePath, isWindows);
             const cwd = this.params.dir_path
                 ? path.resolve(this.context.config.getTargetDir(), this.params.dir_path)
                 : this.context.config.getTargetDir();
@@ -231,21 +393,60 @@ export class ShellToolInvocation extends BaseToolInvocation {
                 }
             }, combinedController.signal, this.context.config.getEnableInteractiveShell(), {
                 ...shellExecutionConfig,
+                sessionId: this.context.config?.getSessionId?.() ?? 'default',
                 pager: 'cat',
                 sanitizationConfig: shellExecutionConfig?.sanitizationConfig ??
                     this.context.config.sanitizationConfig,
                 sandboxManager: this.context.config.sandboxManager,
-                additionalPermissions: this.params[PARAM_ADDITIONAL_PERMISSIONS],
+                additionalPermissions: {
+                    network: this.params[PARAM_ADDITIONAL_PERMISSIONS]?.network ||
+                        this.proactivePermissionsConfirmed?.network,
+                    fileSystem: {
+                        read: [
+                            ...(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem
+                                ?.read || []),
+                            ...(this.proactivePermissionsConfirmed?.fileSystem?.read ||
+                                []),
+                        ],
+                        write: [
+                            ...(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem
+                                ?.write || []),
+                            ...(this.proactivePermissionsConfirmed?.fileSystem?.write ||
+                                []),
+                        ],
+                    },
+                },
+                backgroundCompletionBehavior: this.context.config.getShellBackgroundCompletionBehavior(),
+                originalCommand: strippedCommand,
             });
             if (pid) {
                 if (setExecutionIdCallback) {
                     setExecutionIdCallback(pid);
                 }
                 // If the model requested to run in the background, do so after a short delay.
+                let completed = false;
                 if (this.params.is_background) {
+                    resultPromise
+                        .then(() => {
+                        completed = true;
+                    })
+                        .catch(() => {
+                        completed = true; // Also mark completed if it failed
+                    });
+                    const sessionId = this.context.config?.getSessionId?.() ?? 'default';
+                    const delay = this.params.delay_ms ?? BACKGROUND_DELAY_MS;
                     setTimeout(() => {
-                        ShellExecutionService.background(pid);
-                    }, BACKGROUND_DELAY_MS);
+                        ShellExecutionService.background(pid, sessionId, strippedCommand);
+                    }, delay);
+                    // Wait for the delay amount to see if command returns quickly
+                    await new Promise((resolve) => setTimeout(resolve, delay));
+                    if (!completed) {
+                        // Return early with initial output if still running
+                        return {
+                            llmContent: `Command is running in background. PID: ${pid}. Initial output:\n${cumulativeOutput}`,
+                            returnDisplay: `Background process started with PID ${pid}.`,
+                        };
+                    }
                 }
             }
             const result = await resultPromise;
@@ -336,164 +537,154 @@ export class ShellToolInvocation extends BaseToolInvocation {
                 }
                 llmContent = llmContentParts.join('\n');
             }
-            let returnDisplayMessage = '';
+            let returnDisplay = '';
             if (this.context.config.getDebugMode()) {
-                returnDisplayMessage = llmContent;
+                returnDisplay = llmContent;
             }
             else {
                 if (this.params.is_background || result.backgrounded) {
-                    returnDisplayMessage = `Command moved to background (PID: ${result.pid}). Output hidden. Press Ctrl+B to view.`;
+                    returnDisplay = `Command moved to background (PID: ${result.pid}). Output hidden. Press Ctrl+B to view.`;
                 }
                 else if (result.aborted) {
                     const cancelMsg = timeoutMessage || 'Command cancelled by user.';
                     if (result.output.trim()) {
-                        returnDisplayMessage = `${cancelMsg}\n\nOutput before cancellation:\n${result.output}`;
+                        returnDisplay = `${cancelMsg}\n\nOutput before cancellation:\n${result.output}`;
                     }
                     else {
-                        returnDisplayMessage = cancelMsg;
+                        returnDisplay = cancelMsg;
                     }
                 }
-                else if (result.output.trim()) {
-                    returnDisplayMessage = result.output;
+                else if (result.output.trim() || result.ansiOutput) {
+                    returnDisplay =
+                        result.ansiOutput && result.ansiOutput.length > 0
+                            ? result.ansiOutput
+                            : result.output;
                 }
                 else {
                     if (result.signal) {
-                        returnDisplayMessage = `Command terminated by signal: ${result.signal}`;
+                        returnDisplay = `Command terminated by signal: ${result.signal}`;
                     }
                     else if (result.error) {
-                        returnDisplayMessage = `Command failed: ${getErrorMessage(result.error)}`;
+                        returnDisplay = `Command failed: ${getErrorMessage(result.error)}`;
                     }
                     else if (result.exitCode !== null && result.exitCode !== 0) {
-                        returnDisplayMessage = `Command exited with code: ${result.exitCode}`;
+                        returnDisplay = `Command exited with code: ${result.exitCode}`;
                     }
                     // If output is empty and command succeeded (code 0, no error/signal/abort),
-                    // returnDisplayMessage will remain empty, which is fine.
+                    // returnDisplay will remain empty, which is fine.
                 }
             }
             // Heuristic Sandbox Denial Detection
-            const lowerOutput = ((result.output || '') +
-                ' ' +
-                (result.error?.message || '')).toLowerCase();
-            const isFileDenial = [
-                'operation not permitted',
-                'vim:e303',
-                'should be read/write',
-                'sandbox_apply',
-                'sandbox: ',
-            ].some((keyword) => lowerOutput.includes(keyword));
-            const isNetworkDenial = [
-                'error connecting to',
-                'network is unreachable',
-                'could not resolve host',
-                'connection refused',
-                'no address associated with hostname',
-            ].some((keyword) => lowerOutput.includes(keyword));
-            // Only trigger heuristic if the command actually failed (exit code != 0 or aborted)
-            const failed = !!result.error ||
+            if (!!result.error ||
                 !!result.signal ||
                 (result.exitCode !== undefined && result.exitCode !== 0) ||
-                result.aborted;
-            if (failed && (isFileDenial || isNetworkDenial)) {
-                const strippedCommand = stripShellWrapper(this.params.command);
-                const rootCommands = getCommandRoots(strippedCommand).filter((r) => r !== 'shopt');
-                const rootCommandDisplay = rootCommands.length > 0 ? rootCommands[0] : 'shell';
-                // Extract denied paths
-                const deniedPaths = new Set();
-                const regex = /(?:^|\s)['"]?(\/[\w.-/]+)['"]?:\s*[Oo]peration not permitted/gi;
-                let match;
-                while ((match = regex.exec(result.output || '')) !== null) {
-                    deniedPaths.add(match[1]);
-                }
-                while ((match = regex.exec(result.error?.message || '')) !== null) {
-                    deniedPaths.add(match[1]);
-                }
-                if (isFileDenial && deniedPaths.size === 0) {
-                    // Fallback heuristic: look for any absolute path in the output
-                    // Avoid matching simple commands like /bin/sh
-                    const fallbackRegex = /(?:^|[\s"'[\]])(\/[a-zA-Z0-9_.-]+(?:\/[a-zA-Z0-9_.-]+)+)(?:$|[\s"'[\]:])/gi;
-                    let m;
-                    while ((m = fallbackRegex.exec(result.output || '')) !== null) {
-                        const p = m[1];
-                        if (p && !p.startsWith('/bin/') && !p.startsWith('/usr/bin/')) {
-                            deniedPaths.add(p);
-                        }
-                    }
-                    while ((m = fallbackRegex.exec(result.error?.message || '')) !== null) {
-                        const p = m[1];
-                        if (p && !p.startsWith('/bin/') && !p.startsWith('/usr/bin/')) {
-                            deniedPaths.add(p);
+                result.aborted) {
+                const sandboxDenial = this.context.config.sandboxManager.parseDenials(result);
+                if (sandboxDenial) {
+                    const strippedCommand = stripShellWrapper(this.params.command);
+                    const rootCommands = getCommandRoots(strippedCommand).filter((r) => r !== 'shopt');
+                    const rootCommandDisplay = rootCommands.length > 0 ? rootCommands[0] : 'shell';
+                    const readPaths = new Set(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.read || []);
+                    const writePaths = new Set(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.write || []);
+                    // Proactive permission suggestions for Node ecosystem tools
+                    if (this.context.config.getSandboxEnabled()) {
+                        const proactive = await getProactiveToolSuggestions(rootCommandDisplay);
+                        if (proactive) {
+                            if (proactive.network) {
+                                sandboxDenial.network = true;
+                            }
+                            if (proactive.fileSystem?.read) {
+                                for (const p of proactive.fileSystem.read) {
+                                    readPaths.add(p);
+                                }
+                            }
+                            if (proactive.fileSystem?.write) {
+                                for (const p of proactive.fileSystem.write) {
+                                    writePaths.add(p);
+                                }
+                            }
                         }
                     }
-                }
-                const readPaths = new Set(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.read || []);
-                const writePaths = new Set(this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.write || []);
-                for (const p of deniedPaths) {
-                    try {
-                        // Find an existing parent directory to add instead of a non-existent file
-                        let currentPath = p;
-                        try {
-                            if (fs.existsSync(currentPath) &&
-                                fs.statSync(currentPath).isFile()) {
-                                currentPath = path.dirname(currentPath);
+                    if (sandboxDenial.filePaths) {
+                        for (const p of sandboxDenial.filePaths) {
+                            try {
+                                // Find an existing parent directory to add instead of a non-existent file
+                                let currentPath = p;
+                                if (currentPath.startsWith('~')) {
+                                    currentPath = path.join(os.homedir(), currentPath.slice(1));
+                                }
+                                try {
+                                    if (fs.existsSync(currentPath) &&
+                                        fs.statSync(currentPath).isFile()) {
+                                        currentPath = path.dirname(currentPath);
+                                    }
+                                }
+                                catch {
+                                    /* ignore */
+                                }
+                                while (currentPath.length > 1) {
+                                    if (fs.existsSync(currentPath)) {
+                                        const mode = this.context.config.getApprovalMode();
+                                        const isReadonlyMode = this.context.config.sandboxPolicyManager.getModeConfig(mode)?.readonly ?? false;
+                                        const isAllowed = this.context.config.isPathAllowed(currentPath);
+                                        if (!isAllowed || isReadonlyMode) {
+                                            writePaths.add(currentPath);
+                                            readPaths.add(currentPath);
+                                        }
+                                        break;
+                                    }
+                                    currentPath = path.dirname(currentPath);
+                                }
                             }
-                        }
-                        catch (_e) {
-                            /* ignore */
-                        }
-                        while (currentPath.length > 1) {
-                            if (fs.existsSync(currentPath)) {
-                                writePaths.add(currentPath);
-                                readPaths.add(currentPath);
-                                break;
+                            catch {
+                                // ignore
                             }
-                            currentPath = path.dirname(currentPath);
                         }
                     }
-                    catch (_e) {
-                        // ignore
-                    }
-                }
-                const additionalPermissions = {
-                    network: isNetworkDenial ||
-                        this.params[PARAM_ADDITIONAL_PERMISSIONS]?.network ||
-                        undefined,
-                    fileSystem: isFileDenial || writePaths.size > 0
-                        ? {
-                            read: Array.from(readPaths),
-                            write: Array.from(writePaths),
-                        }
-                        : undefined,
-                };
-                const originalReadSize = this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.read?.length ||
-                    0;
-                const originalWriteSize = this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.write
-                    ?.length || 0;
-                const originalNetwork = !!this.params[PARAM_ADDITIONAL_PERMISSIONS]?.network;
-                const newReadSize = additionalPermissions.fileSystem?.read?.length || 0;
-                const newWriteSize = additionalPermissions.fileSystem?.write?.length || 0;
-                const newNetwork = !!additionalPermissions.network;
-                const hasNewPermissions = newReadSize > originalReadSize ||
-                    newWriteSize > originalWriteSize ||
-                    (!originalNetwork && newNetwork);
-                if (hasNewPermissions) {
-                    const confirmationDetails = {
-                        type: 'sandbox_expansion',
-                        title: 'Sandbox Expansion Request',
-                        command: this.params.command,
-                        rootCommand: rootCommandDisplay,
-                        additionalPermissions,
-                    };
-                    return {
-                        llmContent: 'Sandbox expansion required',
-                        returnDisplay: returnDisplayMessage,
-                        error: {
-                            type: ToolErrorType.SANDBOX_EXPANSION_REQUIRED,
-                            message: JSON.stringify(confirmationDetails),
-                        },
+                    const simplifiedRead = this.simplifyPaths(readPaths);
+                    const simplifiedWrite = this.simplifyPaths(writePaths);
+                    const additionalPermissions = {
+                        network: sandboxDenial.network ||
+                            this.params[PARAM_ADDITIONAL_PERMISSIONS]?.network ||
+                            undefined,
+                        fileSystem: simplifiedRead.length > 0 || simplifiedWrite.length > 0
+                            ? {
+                                read: simplifiedRead,
+                                write: simplifiedWrite,
+                            }
+                            : undefined,
                     };
+                    const originalReadSize = this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.read
+                        ?.length || 0;
+                    const originalWriteSize = this.params[PARAM_ADDITIONAL_PERMISSIONS]?.fileSystem?.write
+                        ?.length || 0;
+                    const originalNetwork = !!this.params[PARAM_ADDITIONAL_PERMISSIONS]?.network;
+                    const newReadSize = additionalPermissions.fileSystem?.read?.length || 0;
+                    const newWriteSize = additionalPermissions.fileSystem?.write?.length || 0;
+                    const newNetwork = !!additionalPermissions.network;
+                    const hasNewPermissions = newReadSize > originalReadSize ||
+                        newWriteSize > originalWriteSize ||
+                        (!originalNetwork && newNetwork);
+                    if (hasNewPermissions) {
+                        const confirmationDetails = {
+                            type: 'sandbox_expansion',
+                            title: 'Sandbox Expansion Request',
+                            command: this.params.command,
+                            rootCommand: rootCommandDisplay,
+                            additionalPermissions,
+                        };
+                        return {
+                            llmContent: 'Sandbox expansion required',
+                            returnDisplay,
+                            error: {
+                                type: ToolErrorType.SANDBOX_EXPANSION_REQUIRED,
+                                message: JSON.stringify(confirmationDetails),
+                            },
+                        };
+                    }
+                    // If no new permissions were found by heuristic, do not intercept.
+                    // Just return the normal execution error so the LLM can try providing explicit paths itself.
                 }
-                // If no new permissions were found by heuristic, do not intercept.
-                // Just return the normal execution error so the LLM can try providing explicit paths itself.
             }
             const summarizeConfig = this.context.config.getSummarizeToolOutputConfig();
             const executionError = result.error
@@ -508,13 +699,13 @@ export class ShellToolInvocation extends BaseToolInvocation {
                 const summary = await summarizeToolOutput(this.context.config, { model: 'summarizer-shell' }, llmContent, this.context.geminiClient, signal);
                 return {
                     llmContent: summary,
-                    returnDisplay: returnDisplayMessage,
+                    returnDisplay,
                     ...executionError,
                 };
             }
             return {
                 llmContent,
-                returnDisplay: returnDisplayMessage,
+                returnDisplay,
                 data,
                 ...executionError,
             };
@@ -556,7 +747,7 @@ export class ShellTool extends BaseDeclarativeTool {
         return null;
     }
     createInvocation(params, messageBus, _toolName, _toolDisplayName) {
-        return new ShellToolInvocation(this.context.config, params, messageBus, _toolName, _toolDisplayName);
+        return new ShellToolInvocation(this.context, params, messageBus, _toolName, _toolDisplayName);
     }
     getSchema(modelId) {
         const definition = getShellDefinition(this.context.config.getEnableInteractiveShell(), this.context.config.getEnableShellOutputEfficiency(), this.context.config.getSandboxEnabled());