@oh-my-pi/pi-coding-agent 15.13.0 → 15.13.1

package/src/modes/components/tool-execution.ts

@@ -624,6 +624,18 @@ export class ToolExecutionComponent extends Container implements NativeScrollbac
 	isTranscriptBlockCommitStable(): boolean {
 		if (this.#displaceable) return false;
 		if (this.isTranscriptBlockFinalized()) return true;
+		// `provisionalPendingPreview` describes only the PENDING call preview
+		// (`renderCall`, before any result): the result render may re-anchor it
+		// wholesale, so its rows must never commit. Once a (streaming partial)
+		// result exists the result renderer is the live shape — its body is
+		// top-anchored and grows append-only, and `deriveLiveCommitState` gates
+		// per-row durability — so the block is commit-stable like any settled
+		// stream. Gating the flag on the pending phase is what keeps a collapsed
+		// streaming eval/bash/ssh whose box outgrows the viewport from stranding
+		// its head: while commit-unstable its scrolled-off top committed nowhere
+		// and repainted nowhere, so it read as truncated until ctrl+o (expanded)
+		// flipped it stable.
+		if (this.#result !== undefined) return true;
 		const tool = this.#tool as { provisionalPendingPreview?: boolean | "collapsed" } | undefined;
 		const provisionalPendingPreview =
 			tool?.provisionalPendingPreview ?? toolRenderers[this.#toolName]?.provisionalPendingPreview;

package/src/modes/controllers/input-controller.ts

@@ -785,18 +785,11 @@ export class InputController {
 	}
 
 	handleCtrlC(): void {
-		const now = Date.now();
-		if (now - this.ctx.lastSigintTime < 500) {
-			void this.ctx.shutdown();
-		} else {
-			this.ctx.clearEditor();
-			this.ctx.lastSigintTime = now;
-		}
 		// Sync-flush the session JSONL so in-flight writes survive a hard exit.
 		// The TUI consumes Ctrl+C as a key event in raw mode, so postmortem's
-		// process-level SIGINT handler never fires. The second press still
-		// funnels through shutdown() which awaits its own async flush — the
-		// sync flush here is a superset that also covers the first-press case.
+		// process-level SIGINT handler never fires. shutdown() awaits its own
+		// async flush — this sync pass is a superset that also covers the
+		// first-press case and the hard-abort path below.
 		try {
 			this.ctx.sessionManager.flushSync();
 		} catch (err) {
@@ -804,6 +797,24 @@ export class InputController {
 				error: err instanceof Error ? err.message : String(err),
 			});
 		}
+
+		// Hard-abort: a Ctrl+C arriving while shutdown() is already running
+		// means the user has waited long enough for whatever teardown step is
+		// stuck (typically an extension's session_shutdown handler hanging on
+		// IPC). The 2s session_shutdown cap (see runner.ts) already bounds the
+		// common case; this is the defense-in-depth ladder for everything
+		// else. See issue #2600.
+		if (this.ctx.isShuttingDown) {
+			process.exit(130); // 128 + SIGINT
+		}
+
+		const now = Date.now();
+		if (now - this.ctx.lastSigintTime < 500) {
+			void this.ctx.shutdown();
+		} else {
+			this.ctx.clearEditor();
+			this.ctx.lastSigintTime = now;
+		}
 	}
 
 	handleCtrlD(): void {

package/src/modes/controllers/mcp-command-controller.ts

@@ -7,6 +7,7 @@ import * as path from "node:path";
 import { type Component, replaceTabs, Spacer, Text } from "@oh-my-pi/pi-tui";
 import { getMCPConfigPath, getProjectDir } from "@oh-my-pi/pi-utils";
 import type { SourceMeta } from "../../capability/types";
+import { expandEnvVarsDeep } from "../../discovery/helpers";
 import { analyzeAuthError, discoverOAuthEndpoints, MCPManager } from "../../mcp";
 import { connectToServer, disconnectServer, listTools } from "../../mcp/client";
 import {
@@ -17,7 +18,13 @@ import {
 	setServerDisabled,
 	updateMCPServer,
 } from "../../mcp/config-writer";
-import { MCPOAuthFlow } from "../../mcp/oauth-flow";
+import {
+	lookupMcpOAuthCredentialForServer,
+	mcpOAuthCredentialIdsForServerUrl,
+	removeManagedMcpOAuthCredential,
+	removeManagedMcpOAuthCredentials,
+} from "../../mcp/oauth-credentials";
+import { MCPOAuthFlow, type MCPStoredOAuthCredential, mcpOAuthCredentialId } from "../../mcp/oauth-flow";
 import {
 	clearSmitheryApiKey,
 	createSmitheryCliAuthSession,
@@ -34,7 +41,6 @@ import {
 	toConfigName,
 } from "../../mcp/smithery-registry";
 import type { MCPAuthConfig, MCPServerConfig, MCPServerConnection } from "../../mcp/types";
-import type { OAuthCredential } from "../../session/auth-storage";
 import { shortenPath } from "../../tools/render-utils";
 import { urlHyperlinkAlways } from "../../tui";
 import { openPath } from "../../utils/open";
@@ -116,17 +122,16 @@ class McpConnectingBlock extends ChatBlock {
 /**
  * Outcome of {@link MCPCommandController}'s OAuth handler.
  *
- * `clientId`/`clientSecret` are populated when the OAuth provider required (or
- * accepted) dynamic client registration; callers MUST persist them alongside
- * `credentialId` so subsequent token refreshes and reauthorizations can reuse
- * the same registered client. Both are also set when the caller pre-supplied a
- * client id via the wizard or `oauth.clientId` in `mcp.json`, in which case the
- * write-back is a no-op.
+ * `credentialId` is deterministic per server URL when the URL was supplied, so
+ * every profile resolves its own credential row under the same id. Refresh
+ * material (token URL, client id/secret) is embedded in the stored credential;
+ * the returned `clientId` may be folded into `mcp.json` for pre-auth reuse.
+ * DCR-issued client secrets stay embedded in the stored credential and are
+ * deliberately not surfaced here, so they cannot leak into config files.
  */
 interface OAuthFlowResult {
 	credentialId: string;
 	clientId?: string;
-	clientSecret?: string;
 	resource?: string;
 }
 
@@ -490,38 +495,28 @@ export class MCPCommandController {
 						}
 
 						try {
-							const oauthClientSecret = finalConfig.oauth?.clientSecret ?? "";
 							const oauthResource = oauth.resource ?? finalConfig.url;
 							const oauthResult = await this.#handleOAuthFlow(
 								oauth.authorizationUrl,
 								oauth.tokenUrl,
 								oauth.clientId ?? finalConfig.oauth?.clientId ?? "",
-								oauthClientSecret,
+								finalConfig.oauth?.clientSecret ?? "",
 								oauth.scopes ?? "",
-								finalConfig.oauth?.callbackPort,
-								finalConfig.oauth?.callbackPath,
-								finalConfig.oauth?.redirectUri,
-								oauthResource,
-							);
-							const persistedClientId = oauthResult.clientId ?? oauth.clientId ?? finalConfig.oauth?.clientId;
-							const persistedClientSecret = oauthResult.clientSecret ?? finalConfig.oauth?.clientSecret;
-							const persistedResource = oauthResult.resource ?? oauthResource;
-							finalConfig = {
-								...finalConfig,
-								auth: {
-									type: "oauth",
-									credentialId: oauthResult.credentialId,
-									tokenUrl: oauth.tokenUrl,
-									resource: persistedResource,
-									clientId: persistedClientId,
-									clientSecret: persistedClientSecret,
-								},
-								oauth: {
-									...finalConfig.oauth,
-									clientId: persistedClientId ?? finalConfig.oauth?.clientId,
-									clientSecret: persistedClientSecret ?? finalConfig.oauth?.clientSecret,
+								{
+									callbackPort: finalConfig.oauth?.callbackPort,
+									callbackPath: finalConfig.oauth?.callbackPath,
+									redirectUri: finalConfig.oauth?.redirectUri,
+									prompt: finalConfig.oauth?.prompt,
+									serverUrl: finalConfig.url,
+									resource: oauthResource,
 								},
-							};
+							);
+							finalConfig = this.#persistOAuthResult(finalConfig, oauthResult, {
+								tokenUrl: oauth.tokenUrl,
+								resource: oauthResource,
+								clientId: oauth.clientId,
+								userClientSecret: finalConfig.oauth?.clientSecret,
+							});
 						} catch (oauthError) {
 							this.ctx.showError(
 								`OAuth flow failed for "${parsed.initialName}": ${oauthError instanceof Error ? oauthError.message : String(oauthError)}`,
@@ -553,25 +548,8 @@ export class MCPCommandController {
 				done();
 				this.#handleWizardCancel();
 			},
-			async (
-				authUrl: string,
-				tokenUrl: string,
-				clientId: string,
-				clientSecret: string,
-				scopes: string,
-				resource?: string,
-			) => {
-				return await this.#handleOAuthFlow(
-					authUrl,
-					tokenUrl,
-					clientId,
-					clientSecret,
-					scopes,
-					undefined,
-					undefined,
-					undefined,
-					resource,
-				);
+			async (authUrl: string, tokenUrl: string, clientId: string, clientSecret: string, scopes: string, options) => {
+				return await this.#handleOAuthFlow(authUrl, tokenUrl, clientId, clientSecret, scopes, options);
 			},
 			async (config: MCPServerConfig) => {
 				return await this.#handleTestConnection(config);
@@ -598,10 +576,14 @@ export class MCPCommandController {
 		clientId: string,
 		clientSecret: string,
 		scopes: string,
-		callbackPort?: number,
-		callbackPath?: string,
-		redirectUri?: string,
-		resource?: string,
+		opts?: {
+			callbackPort?: number;
+			callbackPath?: string;
+			redirectUri?: string;
+			prompt?: string;
+			serverUrl?: string;
+			resource?: string;
+		},
 	): Promise<OAuthFlowResult> {
 		const authStorage = this.ctx.session.modelRegistry.authStorage;
 		let parsedAuthUrl: URL;
@@ -637,10 +619,11 @@ export class MCPCommandController {
 					clientId: resolvedClientId,
 					clientSecret: resolvedClientSecret,
 					scopes: scopes || undefined,
-					redirectUri,
-					callbackPort,
-					callbackPath,
-					resource,
+					prompt: opts?.prompt,
+					redirectUri: opts?.redirectUri,
+					callbackPort: opts?.callbackPort,
+					callbackPath: opts?.callbackPath,
+					resource: opts?.resource,
 				},
 				{
 					onAuth: (info: { url: string; instructions?: string }) => {
@@ -712,22 +695,29 @@ export class MCPCommandController {
 				new Text(theme.fg("success", "✓ Authorization completed in browser."), 1, 0),
 			]);
 
-			// Generate a unique credential ID
-			const credentialId = `mcp_oauth_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
+			// Deterministic per-URL id: every profile resolves its own credential row
+			// under the same key, so shared project configs stay profile-isolated.
+			// Random fallback only for flows that never knew the server URL.
+			const credentialId = opts?.serverUrl
+				? mcpOAuthCredentialId(opts.serverUrl)
+				: `mcp_oauth_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
 
-			// Store credentials in auth storage
-			const oauthCredential: OAuthCredential = {
+			// Embed refresh material so the credential is self-contained: token
+			// refresh must work for configs that carry no auth block at all.
+			const oauthCredential: MCPStoredOAuthCredential = {
 				type: "oauth",
 				...credentials,
+				tokenUrl,
+				clientId: flow.resolvedClientId ?? resolvedClientId,
+				clientSecret: flow.registeredClientSecret ?? resolvedClientSecret,
+				resource: flow.resource,
 			};
 
-			// Store under a synthetic provider name
 			await authStorage.set(credentialId, oauthCredential);
 
 			return {
 				credentialId,
 				clientId: flow.resolvedClientId,
-				clientSecret: flow.registeredClientSecret,
 				resource: flow.resource,
 			};
 		} catch (error) {
@@ -750,20 +740,52 @@ export class MCPCommandController {
 		}
 	}
 
+	/**
+	 * Fold a completed OAuth flow back into a server config. Owns the
+	 * persistence policy in one place: the auth block records the credential
+	 * pointer plus refresh material, the oauth block echoes the client id for
+	 * pre-auth reuse, and only a user-supplied client secret is ever written —
+	 * DCR-issued secrets stay embedded in the stored credential so they cannot
+	 * leak into (possibly shared/committed) config files.
+	 */
+	#persistOAuthResult(
+		config: MCPServerConfig,
+		result: OAuthFlowResult,
+		opts: { tokenUrl: string; resource?: string; clientId?: string; userClientSecret?: string },
+	): MCPServerConfig {
+		const clientId = result.clientId ?? opts.clientId ?? config.oauth?.clientId;
+		const resource = result.resource ?? opts.resource ?? config.auth?.resource;
+		return {
+			...config,
+			auth: {
+				type: "oauth",
+				credentialId: result.credentialId,
+				tokenUrl: opts.tokenUrl,
+				clientId,
+				clientSecret: opts.userClientSecret,
+				resource,
+			},
+			oauth: {
+				...config.oauth,
+				clientId,
+			},
+		};
+	}
+
 	/**
 	 * Test connection to an MCP server.
 	 * Throws an error if connection fails (used for auto-detection).
 	 */
-	async #handleTestConnection(config: MCPServerConfig): Promise<void> {
+	async #handleTestConnection(config: MCPServerConfig, options?: { oauth?: boolean }): Promise<void> {
 		// Create temporary connection using a test name
 		const testName = `test_${Date.now()}`;
 		let resolvedConfig: MCPServerConfig;
 		if (this.ctx.mcpManager) {
-			resolvedConfig = await this.ctx.mcpManager.prepareConfig(config);
+			resolvedConfig = await this.ctx.mcpManager.prepareConfig(config, options);
 		} else {
 			const tempManager = new MCPManager(getProjectDir());
 			tempManager.setAuthStorage(this.ctx.session.modelRegistry.authStorage);
-			resolvedConfig = await tempManager.prepareConfig(config);
+			resolvedConfig = await tempManager.prepareConfig(config, options);
 		}
 
 		const connection = await connectToServer(testName, resolvedConfig);
@@ -850,11 +872,6 @@ export class MCPCommandController {
 		};
 	}
 
-	async #removeManagedOAuthCredential(credentialId: string | undefined): Promise<void> {
-		if (!credentialId?.startsWith("mcp_oauth_")) return;
-		await this.ctx.session.modelRegistry.authStorage.remove(credentialId);
-	}
-
 	#stripOAuthAuth(config: MCPServerConfig): MCPServerConfig {
 		const next = { ...config } as MCPServerConfig & { auth?: MCPAuthConfig };
 		delete next.auth;
@@ -868,11 +885,26 @@ export class MCPCommandController {
 		scopes?: string;
 		resource?: string;
 	}> {
+		// Stdio servers manage credentials inside the child process; OMP's OAuth
+		// flow only applies to http/sse transports. Without this guard the
+		// unauthenticated preflight below spawns the child, which happily reuses
+		// its own cached tokens (e.g. mcp-remote's machine-wide ~/.mcp-auth) and
+		// produces the misleading "reauthorization is not required".
+		if (config.type !== "http" && config.type !== "sse") {
+			const remoteUrl = config.args?.find(arg => /^https?:\/\//.test(arg));
+			const httpHint = `{ "type": "http", "url": ${JSON.stringify(remoteUrl ?? "<remote url>")} }`;
+			const usesMcpRemote = [config.command, ...(config.args ?? [])].some(part => part?.includes("mcp-remote"));
+			throw new Error(
+				usesMcpRemote
+					? `this server proxies OAuth through mcp-remote, which caches tokens machine-wide in ~/.mcp-auth (shared across every OMP profile). Clear ~/.mcp-auth to force a fresh login, or replace the proxy with ${httpHint} so OMP manages OAuth per profile.`
+					: `stdio servers manage their own credentials, so OMP has no OAuth to reauthorize. If the service supports OAuth over HTTP, configure it as ${httpHint} instead.`,
+			);
+		}
 		// First test if server actually needs auth by connecting without OAuth
 		let connectionSucceeded = false;
 		let connectionError: Error | undefined;
 		try {
-			await this.#handleTestConnection(this.#stripOAuthAuth(config));
+			await this.#handleTestConnection(this.#stripOAuthAuth(config), { oauth: false });
 			connectionSucceeded = true;
 		} catch (error) {
 			connectionError = error as Error;
@@ -1433,13 +1465,35 @@ export class MCPCommandController {
 			}
 
 			const currentAuth = (found.config as MCPServerConfig & { auth?: MCPAuthConfig }).auth;
+			const authStorage = this.ctx.session.modelRegistry.authStorage;
+			if (currentAuth?.type === "oauth") {
+				await removeManagedMcpOAuthCredential(authStorage, currentAuth.credentialId);
+			}
+			// Also drop this profile's url-keyed binding so the server is truly
+			// signed out even when the config carries no auth block. Runtime
+			// discovery expands `${...}` URL values before MCPManager looks up the
+			// deterministic credential row, so unauth must clear that same key.
+			let removedUrlKeyedCredential = false;
+			if ((found.config.type === "http" || found.config.type === "sse") && found.config.url) {
+				removedUrlKeyedCredential = await removeManagedMcpOAuthCredentials(
+					authStorage,
+					mcpOAuthCredentialIdsForServerUrl(found.config.url),
+				);
+			}
+
 			if (found.discovered && currentAuth?.type !== "oauth") {
-				this.#showMessage(["", theme.fg("muted", `No stored OAuth auth to remove for "${name}".`), ""].join("\n"));
+				if (!removedUrlKeyedCredential) {
+					this.#showMessage(
+						["", theme.fg("muted", `No stored OAuth auth to remove for "${name}".`), ""].join("\n"),
+					);
+					return;
+				}
+				await this.#reloadMCP();
+				this.#showMessage(
+					["", theme.fg("success", `- Cleared auth for "${name}" (${found.scope} config)`), ""].join("\n"),
+				);
 				return;
 			}
-			if (currentAuth?.type === "oauth") {
-				await this.#removeManagedOAuthCredential(currentAuth.credentialId);
-			}
 
 			const updated = this.#stripOAuthAuth(found.config);
 			await updateMCPServer(found.filePath, name, updated);
@@ -1472,52 +1526,70 @@ export class MCPCommandController {
 			}
 
 			const currentAuth = (found.config as MCPServerConfig & { auth?: MCPAuthConfig }).auth;
-			if (currentAuth?.type === "oauth") {
-				await this.#removeManagedOAuthCredential(currentAuth.credentialId);
-			}
-
+			const authStorage = this.ctx.session.modelRegistry.authStorage;
 			const baseConfig = this.#stripOAuthAuth(found.config);
-			const oauth = await this.#resolveOAuthEndpointsFromServer(baseConfig);
-			const oauthClientSecret = found.config.oauth?.clientSecret ?? currentAuth?.clientSecret ?? "";
+			const runtimeBaseConfig = expandEnvVarsDeep(baseConfig);
+			// Resolve endpoints first: this fails fast for stdio transports and
+			// probes http/sse with { oauth: false }, so nothing destructive has
+			// happened yet if the server turns out not to need (or support) OAuth.
+			// Use the same env-expanded config shape runtime discovery passes to
+			// MCPManager; the raw file value may contain `${...}` placeholders.
+			const oauth = await this.#resolveOAuthEndpointsFromServer(runtimeBaseConfig);
+			const serverUrl =
+				runtimeBaseConfig.type === "http" || runtimeBaseConfig.type === "sse" ? runtimeBaseConfig.url : undefined;
+			// A user-supplied client secret may live in either block (the wizard
+			// writes it to auth.clientSecret); DCR secrets are embedded in the
+			// stored credential and never echoed back into config files.
+			const configuredClientId = found.config.oauth?.clientId ?? currentAuth?.clientId;
+			const existingCredential = lookupMcpOAuthCredentialForServer(authStorage, currentAuth, serverUrl)?.credential;
+			const flowClientId = oauth.clientId ?? configuredClientId ?? existingCredential?.clientId ?? "";
+			const storedClientSecret =
+				existingCredential?.clientId === flowClientId ? existingCredential.clientSecret : undefined;
+			const userClientSecret = found.config.oauth?.clientSecret ?? currentAuth?.clientSecret;
+			const flowClientSecret = userClientSecret ?? storedClientSecret ?? "";
 
 			this.#showMessage(["", theme.fg("muted", `Reauthorizing "${name}"...`), ""].join("\n"));
 
+			const currentAuthResource = currentAuth?.resource ? expandEnvVarsDeep(currentAuth.resource) : undefined;
 			const oauthResource =
-				oauth.resource ?? currentAuth?.resource ?? ("url" in baseConfig ? baseConfig.url : undefined);
+				oauth.resource ?? currentAuthResource ?? ("url" in runtimeBaseConfig ? runtimeBaseConfig.url : undefined);
 
 			const oauthResult = await this.#handleOAuthFlow(
 				oauth.authorizationUrl,
 				oauth.tokenUrl,
-				oauth.clientId ?? found.config.oauth?.clientId ?? "",
-				oauthClientSecret,
+				flowClientId,
+				flowClientSecret,
 				oauth.scopes ?? "",
-				found.config.oauth?.callbackPort,
-				found.config.oauth?.callbackPath,
-				found.config.oauth?.redirectUri,
-				oauthResource,
+				{
+					callbackPort: found.config.oauth?.callbackPort,
+					callbackPath: found.config.oauth?.callbackPath,
+					redirectUri: found.config.oauth?.redirectUri,
+					prompt: found.config.oauth?.prompt,
+					serverUrl,
+					resource: oauthResource,
+				},
 			);
 
-			const persistedClientId = oauthResult.clientId ?? oauth.clientId ?? found.config.oauth?.clientId;
-			const persistedClientSecret = oauthResult.clientSecret ?? (oauthClientSecret || undefined);
-			const persistedResource = oauthResult.resource ?? oauthResource;
+			// The flow overwrote (or minted) this profile's row; a superseded
+			// pointer row from the legacy random-id era is now orphaned. GC only
+			// after success so cancelling the browser step leaves the previous
+			// session signed in.
+			if (currentAuth?.type === "oauth" && currentAuth.credentialId !== oauthResult.credentialId) {
+				await removeManagedMcpOAuthCredential(authStorage, currentAuth.credentialId);
+			}
 
-			const updated: MCPServerConfig = {
-				...baseConfig,
-				auth: {
-					type: "oauth",
-					credentialId: oauthResult.credentialId,
+			// Definition-only entries resolve through the url-keyed binding alone;
+			// skip the write-back so a committed project mcp.json stays clean.
+			const urlKeyedId = serverUrl ? mcpOAuthCredentialId(serverUrl) : undefined;
+			if (currentAuth || oauthResult.credentialId !== urlKeyedId) {
+				const updated = this.#persistOAuthResult(baseConfig, oauthResult, {
 					tokenUrl: oauth.tokenUrl,
-					resource: persistedResource,
-					clientId: persistedClientId,
-					clientSecret: persistedClientSecret,
-				},
-				oauth: {
-					...found.config.oauth,
-					clientId: persistedClientId ?? found.config.oauth?.clientId,
-					clientSecret: persistedClientSecret ?? found.config.oauth?.clientSecret,
-				},
-			};
-			await updateMCPServer(found.filePath, name, updated);
+					clientId: oauth.clientId,
+					userClientSecret,
+					resource: oauthResource,
+				});
+				await updateMCPServer(found.filePath, name, updated);
+			}
 			await this.#reloadMCP();
 			const state = await this.#waitForServerConnectionWithAnimation(name);
 

package/src/modes/controllers/tan-command-controller.ts

@@ -1,10 +1,12 @@
 import * as fs from "node:fs/promises";
+import * as path from "node:path";
 import type { AssistantMessage } from "@oh-my-pi/pi-ai";
 import { prompt, Snowflake } from "@oh-my-pi/pi-utils";
 import backgroundTanDispatchPrompt from "../../prompts/system/background-tan-dispatch.md" with { type: "text" };
 import { AgentRegistry, MAIN_AGENT_ID } from "../../registry/agent-registry";
 import * as sdk from "../../sdk";
 import type { AgentSession } from "../../session/agent-session";
+import { BACKGROUND_TAN_DISPATCH_MESSAGE_TYPE } from "../../session/messages";
 import { SessionManager } from "../../session/session-manager";
 import { createMCPProxyTools, createSubagentSettings } from "../../task/executor";
 import type { InteractiveModeContext } from "../types";
@@ -44,10 +46,6 @@ export class TanCommandController {
 		}
 
 		const session = this.ctx.session;
-		if (session.isStreaming) {
-			this.ctx.showWarning("Wait for the current response to finish or abort it before using /tan.");
-			return;
-		}
 
 		const model = session.model;
 		if (!model) {
@@ -84,19 +82,18 @@ export class TanCommandController {
 		const enableLsp = this.ctx.settings.get("task.enableLsp") !== false;
 		const agentRegistry = AgentRegistry.global();
 		const cloneId = `Tan-${Snowflake.next()}`;
+		const cloneFile = path.join(sessionDir, `${cloneId}.jsonl`);
 		const label = `/tan ${previewWork(trimmedWork)}`;
 
 		await this.ctx.sessionManager.ensureOnDisk();
 		await this.ctx.sessionManager.flush();
 
-		let cloneFile = "";
 		let jobId = "";
 		try {
 			const cloneManager = await SessionManager.forkFrom(parentFile, cwd, sessionDir, undefined, {
 				suppressBreadcrumb: true,
+				sessionFile: cloneFile,
 			});
-			cloneFile = cloneManager.getSessionFile() ?? "";
-			if (!cloneFile) throw new Error("Forked session did not create a session file.");
 
 			jobId = manager.register(
 				"task",
@@ -145,7 +142,21 @@ export class TanCommandController {
 							signal.removeEventListener("abort", abortClone);
 						}
 					} finally {
-						await clone?.dispose();
+						// Keep the finished tan in the Agent Hub instead of unregistering it:
+						// flip the ref to parked BEFORE dispose so the sdk dispose wrapper
+						// skips its unregister, then null the disposed session so the hub
+						// treats it as a transcript-only parked agent. An aborted tan is
+						// terminal — let dispose unregister it.
+						if (clone) {
+							if (signal.aborted) {
+								agentRegistry.setStatus(cloneId, "aborted");
+								await clone.dispose();
+							} else {
+								agentRegistry.setStatus(cloneId, "parked");
+								await clone.dispose();
+								agentRegistry.detachSession(cloneId);
+							}
+						}
 					}
 				},
 				{ ownerId },
@@ -157,17 +168,22 @@ export class TanCommandController {
 		}
 
 		const content = prompt.render(backgroundTanDispatchPrompt, { jobId, work: trimmedWork });
+		// /tan is meant to run alongside an active session. While the parent turn is
+		// still streaming, queue the dispatch breadcrumb for the next turn rather than
+		// steering the in-flight response; when idle this same call appends + persists
+		// the entry immediately (identical to omitting deliverAs).
+		const wasStreaming = session.isStreaming;
 		await session.sendCustomMessage(
 			{
-				customType: "background-tan-dispatch",
+				customType: BACKGROUND_TAN_DISPATCH_MESSAGE_TYPE,
 				content,
 				display: true,
 				attribution: "user",
 				details: { jobId, work: trimmedWork, sessionFile: cloneFile },
 			},
-			{ triggerTurn: false },
+			{ triggerTurn: false, deliverAs: "nextTurn" },
 		);
-		this.ctx.rebuildChatFromMessages();
+		if (!wasStreaming) this.ctx.rebuildChatFromMessages();
 		this.ctx.showStatus(`Dispatched background tan ${jobId}`);
 	}
 }

package/src/modes/interactive-mode.ts

@@ -423,6 +423,12 @@ export class InteractiveMode implements InteractiveModeContext {
 	lastLeftTapTime = 0;
 	shutdownRequested = false;
 	#isShuttingDown = false;
+	/** True once `shutdown()` has begun teardown. Surfaced to the input
+	 *  controller so a Ctrl+C arriving while teardown is in flight can hard-
+	 *  abort the remaining work instead of stacking another no-op call. */
+	get isShuttingDown(): boolean {
+		return this.#isShuttingDown;
+	}
 	hookSelector: HookSelectorComponent | undefined = undefined;
 	hookInput: HookInputComponent | undefined = undefined;
 	hookEditor: HookEditorComponent | undefined = undefined;

package/src/modes/types.ts

@@ -159,6 +159,9 @@ export interface InteractiveModeContext {
 	lastEscapeTime: number;
 	lastLeftTapTime: number;
 	shutdownRequested: boolean;
+	/** True once `shutdown()` has started. Read-only from the context;
+	 *  controllers use this to skip work that races with teardown. */
+	readonly isShuttingDown: boolean;
 	hookSelector: HookSelectorComponent | undefined;
 	hookInput: HookInputComponent | undefined;
 	hookEditor: HookEditorComponent | undefined;

package/src/modes/utils/ui-helpers.ts

@@ -5,6 +5,7 @@ import { COLLAB_PROMPT_MESSAGE_TYPE, type CollabPromptDetails } from "../../coll
 import { settings } from "../../config/settings";
 import { getFileSnapshotStore } from "../../edit/file-snapshot-store";
 import { AssistantMessageComponent } from "../../modes/components/assistant-message";
+import { createBackgroundTanDispatchBlock } from "../../modes/components/background-tan-message";
 import { BashExecutionComponent } from "../../modes/components/bash-execution";
 import { BranchSummaryMessageComponent } from "../../modes/components/branch-summary-message";
 import { CollabPromptMessageComponent } from "../../modes/components/collab-prompt-message";
@@ -33,6 +34,7 @@ import { materializeImageReferenceLinksSync } from "../../modes/image-references
 import { theme } from "../../modes/theme/theme";
 import type { CompactionQueuedMessage, InteractiveModeContext } from "../../modes/types";
 import {
+	BACKGROUND_TAN_DISPATCH_MESSAGE_TYPE,
 	type CustomMessage,
 	isSilentAbort,
 	LSP_LATE_DIAGNOSTIC_MESSAGE_TYPE,
@@ -238,6 +240,10 @@ export class UiHelpers {
 						this.ctx.chatContainer.addChild(card);
 						return [card];
 					}
+					if (message.customType === BACKGROUND_TAN_DISPATCH_MESSAGE_TYPE) {
+						this.ctx.chatContainer.addChild(createBackgroundTanDispatchBlock(message as CustomMessage<unknown>));
+						break;
+					}
 					const handoffComponent = createHandoffSummaryMessageComponent(
 						message as CustomMessage<unknown>,
 						this.ctx.toolOutputExpanded,