@poolzin/pool-bot 2026.2.23 → 2026.2.25

package/dist/auto-reply/reply/agent-runner-execution.js

@@ -6,7 +6,7 @@ import { getCliSessionId } from "../../agents/cli-session.js";
 import { runWithModelFallback } from "../../agents/model-fallback.js";
 import { isCliProvider } from "../../agents/model-selection.js";
 import { runEmbeddedPiAgent } from "../../agents/pi-embedded.js";
-import { isCompactionFailureError, isContextOverflowError, isLikelyContextOverflowError, sanitizeUserFacingText, } from "../../agents/pi-embedded-helpers.js";
+import { isCompactionFailureError, isContextOverflowError, isLikelyContextOverflowError, isTransientHttpError, sanitizeUserFacingText, } from "../../agents/pi-embedded-helpers.js";
 import { resolveAgentIdFromSessionKey, resolveGroupSessionKey, resolveSessionTranscriptPath, updateSessionStore, } from "../../config/sessions.js";
 import { logVerbose } from "../../globals.js";
 import { emitAgentEvent, registerAgentRunContext } from "../../infra/agent-events.js";
@@ -19,8 +19,10 @@ import { createBlockReplyPayloadKey } from "./block-reply-pipeline.js";
 import { parseReplyDirectives } from "./reply-directives.js";
 import { applyReplyTagsToPayload, isRenderablePayload } from "./reply-payloads.js";
 export async function runAgentTurnWithFallback(params) {
+    const TRANSIENT_HTTP_RETRY_DELAY_MS = 2_500;
     let didLogHeartbeatStrip = false;
     let autoCompactionCompleted = false;
+    let didRetryTransientHttpError = false;
     // Track payloads sent directly (not via pipeline) during tool flush to avoid duplicates.
     const directlySentBlockKeys = new Set();
     const runId = params.opts?.runId ?? crypto.randomUUID();
@@ -36,6 +38,7 @@ export async function runAgentTurnWithFallback(params) {
     let fallbackProvider = params.followupRun.run.provider;
     let fallbackModel = params.followupRun.run.model;
     let didResetAfterCompactionFailure = false;
+    let fallbackAttempts = [];
     while (true) {
         try {
             const allowPartialStream = !(params.followupRun.run.reasoningLevel === "stream" && params.opts?.onReasoningStream);
@@ -59,9 +62,13 @@ export async function runAgentTurnWithFallback(params) {
                 if (isSilentReplyText(text, SILENT_REPLY_TOKEN)) {
                     return { skip: true };
                 }
-                if (!text)
+                if (!text) {
+                    // Allow media-only payloads through (no text but has media)
+                    if (payload.mediaUrls?.length)
+                        return { text: undefined, skip: false };
                     return { skip: true };
-                const sanitized = sanitizeUserFacingText(text);
+                }
+                const sanitized = sanitizeUserFacingText(text, { errorContext: Boolean(payload.isError) });
                 if (!sanitized.trim())
                     return { skip: true };
                 return { text: sanitized, skip: false };
@@ -112,6 +119,7 @@ export async function runAgentTurnWithFallback(params) {
                             thinkLevel: params.followupRun.run.thinkLevel,
                             timeoutMs: params.followupRun.run.timeoutMs,
                             runId,
+                            agentId: resolveAgentIdFromSessionKey(params.followupRun.run.sessionKey),
                             extraSystemPrompt: params.followupRun.run.extraSystemPrompt,
                             ownerNumbers: params.followupRun.run.ownerNumbers,
                             cliSessionId,
@@ -348,6 +356,16 @@ export async function runAgentTurnWithFallback(params) {
             runResult = fallbackResult.result;
             fallbackProvider = fallbackResult.provider;
             fallbackModel = fallbackResult.model;
+            fallbackAttempts = Array.isArray(fallbackResult.attempts)
+                ? fallbackResult.attempts.map((attempt) => ({
+                    provider: String(attempt.provider ?? ""),
+                    model: String(attempt.model ?? ""),
+                    error: String(attempt.error ?? ""),
+                    reason: attempt.reason ? String(attempt.reason) : undefined,
+                    status: typeof attempt.status === "number" ? attempt.status : undefined,
+                    code: attempt.code ? String(attempt.code) : undefined,
+                }))
+                : [];
             // Some embedded runs surface context overflow as an error payload instead of throwing.
             // Treat those as a session-level failure and auto-recover by starting a fresh session.
             const embeddedError = runResult.meta?.error;
@@ -382,6 +400,7 @@ export async function runAgentTurnWithFallback(params) {
             const isCompactionFailure = isCompactionFailureError(message);
             const isSessionCorruption = /function call turn comes immediately after/i.test(message);
             const isRoleOrderingError = /incorrect role information|roles must alternate/i.test(message);
+            const isTransientHttp = isTransientHttpError(message);
             if (isCompactionFailure &&
                 !didResetAfterCompactionFailure &&
                 (await params.resetSessionAfterCompactionFailure(message))) {
@@ -404,6 +423,14 @@ export async function runAgentTurnWithFallback(params) {
                     };
                 }
             }
+            if (isTransientHttp && !didRetryTransientHttpError) {
+                didRetryTransientHttpError = true;
+                defaultRuntime.error(`Transient HTTP provider error before reply (${message}). Retrying once in ${TRANSIENT_HTTP_RETRY_DELAY_MS}ms.`);
+                await new Promise((resolve) => {
+                    setTimeout(resolve, TRANSIENT_HTTP_RETRY_DELAY_MS);
+                });
+                continue;
+            }
             // Auto-recover from Gemini session corruption by resetting the session
             if (isSessionCorruption &&
                 params.sessionKey &&
@@ -441,7 +468,10 @@ export async function runAgentTurnWithFallback(params) {
                 };
             }
             defaultRuntime.error(`Embedded agent failed before reply: ${message}`);
-            const trimmedMessage = message.replace(/\.\s*$/, "");
+            const safeMessage = isTransientHttp
+                ? sanitizeUserFacingText(message, { errorContext: true })
+                : message;
+            const trimmedMessage = safeMessage.replace(/\.\s*$/, "");
             const fallbackText = isContextOverflow
                 ? "⚠️ Context overflow — prompt too large for this model. Try a shorter message or a larger-context model."
                 : isRoleOrderingError
@@ -460,6 +490,8 @@ export async function runAgentTurnWithFallback(params) {
         runResult,
         fallbackProvider,
         fallbackModel,
+        runId,
+        fallbackAttempts,
         didLogHeartbeatStrip,
         autoCompactionCompleted,
         directlySentBlockKeys: directlySentBlockKeys.size > 0 ? directlySentBlockKeys : undefined,

package/dist/auto-reply/reply/agent-runner.js

@@ -7,8 +7,11 @@ import { isCliProvider } from "../../agents/model-selection.js";
 import { queueEmbeddedPiMessage } from "../../agents/pi-embedded.js";
 import { hasNonzeroUsage } from "../../agents/usage.js";
 import { resolveAgentIdFromSessionKey, resolveSessionFilePath, resolveSessionTranscriptPath, updateSessionStore, updateSessionStoreEntry, } from "../../config/sessions.js";
+import { emitAgentEvent } from "../../infra/agent-events.js";
+import { emitDiagnosticEvent, isDiagnosticsEnabled } from "../../infra/diagnostic-events.js";
 import { defaultRuntime } from "../../runtime.js";
 import { estimateUsageCost, resolveModelCostConfig } from "../../utils/usage-format.js";
+import { buildFallbackClearedNotice, buildFallbackNotice, resolveFallbackTransition, } from "../fallback-state.js";
 import { resolveResponseUsageMode } from "../thinking.js";
 import { runAgentTurnWithFallback } from "./agent-runner-execution.js";
 import { createShouldEmitToolOutput, createShouldEmitToolResult, finalizeWithFollowup, isAudioPayload, signalTypingIfNeeded, } from "./agent-runner-helpers.js";
@@ -20,11 +23,41 @@ import { resolveBlockStreamingCoalescing } from "./block-streaming.js";
 import { createFollowupRunner } from "./followup-runner.js";
 import { enqueueFollowupRun } from "./queue.js";
 import { createReplyToModeFilterForChannel, resolveReplyToMode } from "./reply-threading.js";
-import { persistSessionUsageUpdate } from "./session-usage.js";
-import { incrementCompactionCount } from "./session-updates.js";
+import { incrementRunCompactionCount, persistRunSessionUsage } from "./session-run-accounting.js";
 import { createTypingSignaler } from "./typing-mode.js";
-import { emitDiagnosticEvent, isDiagnosticsEnabled } from "../../infra/diagnostic-events.js";
 const BLOCK_REPLY_SEND_TIMEOUT_MS = 15_000;
+const UNSCHEDULED_REMINDER_NOTE = "Note: I did not schedule a reminder in this turn, so this will not trigger automatically.";
+const REMINDER_COMMITMENT_PATTERNS = [
+    /\b(?:i\s*['']?ll|i will)\s+(?:make sure to\s+)?(?:remember|remind|ping|follow up|follow-up|check back|circle back)\b/i,
+    /\b(?:i\s*['']?ll|i will)\s+(?:set|create|schedule)\s+(?:a\s+)?reminder\b/i,
+];
+function hasUnbackedReminderCommitment(text) {
+    const normalized = text.toLowerCase();
+    if (!normalized.trim()) {
+        return false;
+    }
+    if (normalized.includes(UNSCHEDULED_REMINDER_NOTE.toLowerCase())) {
+        return false;
+    }
+    return REMINDER_COMMITMENT_PATTERNS.some((pattern) => pattern.test(text));
+}
+function appendUnscheduledReminderNote(payloads) {
+    let appended = false;
+    return payloads.map((payload) => {
+        if (appended || payload.isError || typeof payload.text !== "string") {
+            return payload;
+        }
+        if (!hasUnbackedReminderCommitment(payload.text)) {
+            return payload;
+        }
+        appended = true;
+        const trimmed = payload.text.trimEnd();
+        return {
+            ...payload,
+            text: `${trimmed}\n\n${UNSCHEDULED_REMINDER_NOTE}`,
+        };
+    });
+}
 export async function runReplyAgent(params) {
     const { commandBody, followupRun, queueKey, resolvedQueue, shouldSteer, shouldFollowup, isActive, isStreaming, opts, typing, sessionEntry, sessionStore, sessionKey, storePath, defaultModel, agentCfgContextTokens, resolvedVerboseLevel, isNewSession, blockStreamingEnabled, blockReplyChunking, resolvedBlockStreamingBreak, sessionCtx, shouldInjectGroupIntro, typingMode, } = params;
     let activeSessionEntry = sessionEntry;
@@ -64,27 +97,7 @@ export async function runReplyAgent(params) {
             buffer: createAudioAsVoiceBuffer({ isAudioPayload }),
         })
         : null;
-    if (shouldSteer && isStreaming) {
-        const steered = queueEmbeddedPiMessage(followupRun.run.sessionId, followupRun.prompt);
-        if (steered && !shouldFollowup) {
-            if (activeSessionEntry && activeSessionStore && sessionKey) {
-                const updatedAt = Date.now();
-                activeSessionEntry.updatedAt = updatedAt;
-                activeSessionStore[sessionKey] = activeSessionEntry;
-                if (storePath) {
-                    await updateSessionStoreEntry({
-                        storePath,
-                        sessionKey,
-                        update: async () => ({ updatedAt }),
-                    });
-                }
-            }
-            typing.cleanup();
-            return undefined;
-        }
-    }
-    if (isActive && (shouldFollowup || resolvedQueue.mode === "steer")) {
-        enqueueFollowupRun(queueKey, followupRun, resolvedQueue);
+    const touchActiveSessionEntry = async () => {
         if (activeSessionEntry && activeSessionStore && sessionKey) {
             const updatedAt = Date.now();
             activeSessionEntry.updatedAt = updatedAt;
@@ -97,6 +110,18 @@ export async function runReplyAgent(params) {
                 });
             }
         }
+    };
+    if (shouldSteer && isStreaming) {
+        const steered = queueEmbeddedPiMessage(followupRun.run.sessionId, followupRun.prompt);
+        if (steered && !shouldFollowup) {
+            await touchActiveSessionEntry();
+            typing.cleanup();
+            return undefined;
+        }
+    }
+    if (isActive && (shouldFollowup || resolvedQueue.mode === "steer")) {
+        enqueueFollowupRun(queueKey, followupRun, resolvedQueue);
+        await touchActiveSessionEntry();
         typing.cleanup();
         return undefined;
     }
@@ -141,6 +166,9 @@ export async function runReplyAgent(params) {
             updatedAt: Date.now(),
             systemSent: false,
             abortedLastRun: false,
+            fallbackNoticeSelectedModel: undefined,
+            fallbackNoticeActiveModel: undefined,
+            fallbackNoticeReason: undefined,
         };
         const agentId = resolveAgentIdFromSessionKey(sessionKey);
         const nextSessionFile = resolveSessionTranscriptPath(nextSessionId, agentId, sessionCtx.MessageThreadId);
@@ -213,7 +241,7 @@ export async function runReplyAgent(params) {
         if (runOutcome.kind === "final") {
             return finalizeWithFollowup(runOutcome.payload, queueKey, runFollowupTurn);
         }
-        const { runResult, fallbackProvider, fallbackModel, directlySentBlockKeys } = runOutcome;
+        const { runId, runResult, fallbackProvider, fallbackModel, fallbackAttempts, directlySentBlockKeys, } = runOutcome;
         let { didLogHeartbeatStrip, autoCompactionCompleted } = runOutcome;
         if (shouldInjectGroupIntro &&
             activeSessionEntry &&
@@ -243,24 +271,62 @@ export async function runReplyAgent(params) {
         if (pendingToolTasks.size > 0) {
             await Promise.allSettled(pendingToolTasks);
         }
-        const usage = runResult.meta.agentMeta?.usage;
-        const modelUsed = runResult.meta.agentMeta?.model ?? fallbackModel ?? defaultModel;
-        const providerUsed = runResult.meta.agentMeta?.provider ?? fallbackProvider ?? followupRun.run.provider;
+        const usage = runResult.meta?.agentMeta?.usage;
+        const promptTokens = runResult.meta?.agentMeta?.promptTokens;
+        const modelUsed = runResult.meta?.agentMeta?.model ?? fallbackModel ?? defaultModel;
+        const providerUsed = runResult.meta?.agentMeta?.provider ?? fallbackProvider ?? followupRun.run.provider;
+        const verboseEnabled = resolvedVerboseLevel !== "off";
+        const selectedProvider = followupRun.run.provider;
+        const selectedModel = followupRun.run.model;
+        const fallbackStateEntry = activeSessionEntry ?? (sessionKey ? activeSessionStore?.[sessionKey] : undefined);
+        const fallbackTransition = resolveFallbackTransition({
+            selectedProvider,
+            selectedModel,
+            activeProvider: providerUsed,
+            activeModel: modelUsed,
+            attempts: fallbackAttempts,
+            state: fallbackStateEntry,
+        });
+        if (fallbackTransition.stateChanged) {
+            if (fallbackStateEntry) {
+                fallbackStateEntry.fallbackNoticeSelectedModel = fallbackTransition.nextState.selectedModel;
+                fallbackStateEntry.fallbackNoticeActiveModel = fallbackTransition.nextState.activeModel;
+                fallbackStateEntry.fallbackNoticeReason = fallbackTransition.nextState.reason;
+                fallbackStateEntry.updatedAt = Date.now();
+                activeSessionEntry = fallbackStateEntry;
+            }
+            if (sessionKey && fallbackStateEntry && activeSessionStore) {
+                activeSessionStore[sessionKey] = fallbackStateEntry;
+            }
+            if (sessionKey && storePath) {
+                await updateSessionStoreEntry({
+                    storePath,
+                    sessionKey,
+                    update: async () => ({
+                        fallbackNoticeSelectedModel: fallbackTransition.nextState.selectedModel,
+                        fallbackNoticeActiveModel: fallbackTransition.nextState.activeModel,
+                        fallbackNoticeReason: fallbackTransition.nextState.reason,
+                    }),
+                });
+            }
+        }
         const cliSessionId = isCliProvider(providerUsed, cfg)
-            ? runResult.meta.agentMeta?.sessionId?.trim()
+            ? runResult.meta?.agentMeta?.sessionId?.trim()
             : undefined;
         const contextTokensUsed = agentCfgContextTokens ??
             lookupContextTokens(modelUsed) ??
             activeSessionEntry?.contextTokens ??
             DEFAULT_CONTEXT_TOKENS;
-        await persistSessionUsageUpdate({
+        await persistRunSessionUsage({
             storePath,
             sessionKey,
             usage,
+            lastCallUsage: runResult.meta?.agentMeta?.lastCallUsage,
+            promptTokens,
             modelUsed,
             providerUsed,
             contextTokensUsed,
-            systemPromptReport: runResult.meta.systemPromptReport,
+            systemPromptReport: runResult.meta?.systemPromptReport,
             cliSessionId,
         });
         // Drain any late tool/block deliveries before deciding there's "nothing to send".
@@ -288,7 +354,14 @@ export async function runReplyAgent(params) {
         didLogHeartbeatStrip = payloadResult.didLogHeartbeatStrip;
         if (replyPayloads.length === 0)
             return finalizeWithFollowup(undefined, queueKey, runFollowupTurn);
-        await signalTypingIfNeeded(replyPayloads, typingSignals);
+        const successfulCronAdds = runResult.successfulCronAdds ?? 0;
+        const hasReminderCommitment = replyPayloads.some((payload) => !payload.isError &&
+            typeof payload.text === "string" &&
+            hasUnbackedReminderCommitment(payload.text));
+        const guardedReplyPayloads = hasReminderCommitment && successfulCronAdds === 0
+            ? appendUnscheduledReminderNote(replyPayloads)
+            : replyPayloads;
+        await signalTypingIfNeeded(guardedReplyPayloads, typingSignals);
         if (isDiagnosticsEnabled(cfg) && hasNonzeroUsage(usage)) {
             const input = usage.input ?? 0;
             const output = usage.output ?? 0;
@@ -323,6 +396,7 @@ export async function runReplyAgent(params) {
                 },
                 costUsd,
                 durationMs: Date.now() - runStartedAt,
+                lastCallUsage: runResult.meta?.agentMeta?.lastCallUsage,
             });
         }
         const responseUsageRaw = activeSessionEntry?.responseUsage ??
@@ -349,23 +423,75 @@ export async function runReplyAgent(params) {
             if (formatted)
                 responseUsageLine = formatted;
         }
-        // If verbose is enabled and this is a new session, prepend a session hint.
-        let finalPayloads = replyPayloads;
-        const verboseEnabled = resolvedVerboseLevel !== "off";
+        let finalPayloads = guardedReplyPayloads;
+        const verboseNotices = [];
+        if (activeIsNewSession && verboseEnabled) {
+            verboseNotices.push(`🧭 New session: ${followupRun.run.sessionId}`);
+        }
+        if (fallbackTransition.fallbackTransitioned) {
+            const notice = buildFallbackNotice({
+                selectedProvider,
+                selectedModel,
+                activeProvider: providerUsed,
+                activeModel: modelUsed,
+                attempts: fallbackAttempts,
+            });
+            if (runId) {
+                emitAgentEvent({
+                    runId,
+                    stream: "lifecycle",
+                    data: {
+                        kind: "model.fallback.transitioned",
+                        selected: fallbackTransition.selectedModelRef,
+                        active: fallbackTransition.activeModelRef,
+                        reason: fallbackTransition.reasonSummary,
+                        attempts: fallbackTransition.attemptSummaries,
+                    },
+                    sessionKey,
+                });
+            }
+            if (notice && verboseEnabled) {
+                verboseNotices.push(notice);
+            }
+        }
+        if (fallbackTransition.fallbackCleared) {
+            const notice = buildFallbackClearedNotice({
+                selectedProvider,
+                selectedModel,
+                previousActiveModel: fallbackTransition.previousState.activeModel,
+            });
+            if (runId) {
+                emitAgentEvent({
+                    runId,
+                    stream: "lifecycle",
+                    data: {
+                        kind: "model.fallback.cleared",
+                        selected: fallbackTransition.selectedModelRef,
+                        previousActive: fallbackTransition.previousState.activeModel,
+                    },
+                    sessionKey,
+                });
+            }
+            if (verboseEnabled) {
+                verboseNotices.push(notice);
+            }
+        }
         if (autoCompactionCompleted) {
-            const count = await incrementCompactionCount({
+            const count = await incrementRunCompactionCount({
                 sessionEntry: activeSessionEntry,
                 sessionStore: activeSessionStore,
                 sessionKey,
                 storePath,
+                lastCallUsage: runResult.meta?.agentMeta?.lastCallUsage,
+                contextTokensUsed,
             });
             if (verboseEnabled) {
                 const suffix = typeof count === "number" ? ` (count ${count})` : "";
-                finalPayloads = [{ text: `🧹 Auto-compaction complete${suffix}.` }, ...finalPayloads];
+                verboseNotices.push(`🧹 Auto-compaction complete${suffix}.`);
             }
         }
-        if (verboseEnabled && activeIsNewSession) {
-            finalPayloads = [{ text: `🧭 New session: ${followupRun.run.sessionId}` }, ...finalPayloads];
+        if (verboseNotices.length > 0) {
+            finalPayloads = [...verboseNotices.map((text) => ({ text })), ...finalPayloads];
         }
         if (responseUsageLine) {
             finalPayloads = appendUsageLine(finalPayloads, responseUsageLine);

package/dist/auto-reply/reply/commands-setunset-standard.js

@@ -0,0 +1,13 @@
+import { parseSlashCommandWithSetUnset } from "./commands-setunset.js";
+export function parseStandardSetUnsetSlashCommand(params) {
+    return parseSlashCommandWithSetUnset({
+        raw: params.raw,
+        slash: params.slash,
+        invalidMessage: params.invalidMessage,
+        usageMessage: params.usageMessage,
+        onKnownAction: params.onKnownAction,
+        onSet: params.onSet ?? ((path, value) => ({ action: "set", path, value })),
+        onUnset: params.onUnset ?? ((path) => ({ action: "unset", path })),
+        onError: params.onError ?? ((message) => ({ action: "error", message })),
+    });
+}

package/dist/browser/config.js

@@ -16,6 +16,30 @@ function normalizeTimeoutMs(raw, fallback) {
     const value = typeof raw === "number" && Number.isFinite(raw) ? Math.floor(raw) : fallback;
     return value < 0 ? fallback : value;
 }
+function normalizeStringList(raw) {
+    if (!Array.isArray(raw) || raw.length === 0) {
+        return undefined;
+    }
+    const values = raw
+        .map((value) => value.trim())
+        .filter((value) => value.length > 0);
+    return values.length > 0 ? values : undefined;
+}
+function resolveBrowserSsrFPolicy(cfg) {
+    const allowPrivateNetwork = cfg?.ssrfPolicy?.allowPrivateNetwork;
+    const allowedHostnames = normalizeStringList(cfg?.ssrfPolicy?.allowedHostnames);
+    const hostnameAllowlist = normalizeStringList(cfg?.ssrfPolicy?.hostnameAllowlist);
+    if (allowPrivateNetwork === undefined &&
+        allowedHostnames === undefined &&
+        hostnameAllowlist === undefined) {
+        return undefined;
+    }
+    return {
+        ...(allowPrivateNetwork === true ? { allowPrivateNetwork: true } : {}),
+        ...(allowedHostnames ? { allowedHostnames } : {}),
+        ...(hostnameAllowlist ? { hostnameAllowlist } : {}),
+    };
+}
 export function parseHttpUrl(raw, label) {
     const trimmed = raw.trim();
     const parsed = new URL(trimmed);
@@ -113,6 +137,7 @@ export function resolveBrowserConfig(cfg, rootConfig) {
         (profiles[DEFAULT_BROWSER_DEFAULT_PROFILE_NAME]
             ? DEFAULT_BROWSER_DEFAULT_PROFILE_NAME
             : DEFAULT_CLAWD_BROWSER_PROFILE_NAME);
+    const ssrfPolicy = resolveBrowserSsrFPolicy(cfg);
     return {
         enabled,
         evaluateEnabled,
@@ -129,6 +154,7 @@ export function resolveBrowserConfig(cfg, rootConfig) {
         attachOnly,
         defaultProfile,
         profiles,
+        ssrfPolicy,
     };
 }
 /**

package/dist/browser/navigation-guard.js

@@ -0,0 +1,31 @@
+import { resolvePinnedHostnameWithPolicy, } from "../infra/net/ssrf.js";
+const NETWORK_NAVIGATION_PROTOCOLS = new Set(["http:", "https:"]);
+export class InvalidBrowserNavigationUrlError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "InvalidBrowserNavigationUrlError";
+    }
+}
+export function withBrowserNavigationPolicy(ssrfPolicy) {
+    return ssrfPolicy ? { ssrfPolicy } : {};
+}
+export async function assertBrowserNavigationAllowed(opts) {
+    const rawUrl = String(opts.url ?? "").trim();
+    if (!rawUrl) {
+        throw new InvalidBrowserNavigationUrlError("url is required");
+    }
+    let parsed;
+    try {
+        parsed = new URL(rawUrl);
+    }
+    catch {
+        throw new InvalidBrowserNavigationUrlError(`Invalid URL: ${rawUrl}`);
+    }
+    if (!NETWORK_NAVIGATION_PROTOCOLS.has(parsed.protocol)) {
+        return;
+    }
+    await resolvePinnedHostnameWithPolicy(parsed.hostname, {
+        lookupFn: opts.lookupFn,
+        policy: opts.ssrfPolicy,
+    });
+}