@poolzin/pool-bot 2026.2.24 → 2026.2.26

package/dist/agents/ollama-stream.js

@@ -1,6 +1,119 @@
 import { randomUUID } from "node:crypto";
 import { createAssistantMessageEventStream } from "@mariozechner/pi-ai";
+import { createSubsystemLogger } from "../logging/subsystem.js";
+const log = createSubsystemLogger("ollama-stream");
 export const OLLAMA_NATIVE_BASE_URL = "http://127.0.0.1:11434";
+const MAX_SAFE_INTEGER_ABS_STR = String(Number.MAX_SAFE_INTEGER);
+function isAsciiDigit(ch) {
+    return ch !== undefined && ch >= "0" && ch <= "9";
+}
+function parseJsonNumberToken(input, start) {
+    let idx = start;
+    if (input[idx] === "-") {
+        idx += 1;
+    }
+    if (idx >= input.length) {
+        return null;
+    }
+    if (input[idx] === "0") {
+        idx += 1;
+    }
+    else if (isAsciiDigit(input[idx]) && input[idx] !== "0") {
+        while (isAsciiDigit(input[idx])) {
+            idx += 1;
+        }
+    }
+    else {
+        return null;
+    }
+    let isInteger = true;
+    if (input[idx] === ".") {
+        isInteger = false;
+        idx += 1;
+        if (!isAsciiDigit(input[idx])) {
+            return null;
+        }
+        while (isAsciiDigit(input[idx])) {
+            idx += 1;
+        }
+    }
+    if (input[idx] === "e" || input[idx] === "E") {
+        isInteger = false;
+        idx += 1;
+        if (input[idx] === "+" || input[idx] === "-") {
+            idx += 1;
+        }
+        if (!isAsciiDigit(input[idx])) {
+            return null;
+        }
+        while (isAsciiDigit(input[idx])) {
+            idx += 1;
+        }
+    }
+    return {
+        token: input.slice(start, idx),
+        end: idx,
+        isInteger,
+    };
+}
+function isUnsafeIntegerLiteral(token) {
+    const digits = token[0] === "-" ? token.slice(1) : token;
+    if (digits.length < MAX_SAFE_INTEGER_ABS_STR.length) {
+        return false;
+    }
+    if (digits.length > MAX_SAFE_INTEGER_ABS_STR.length) {
+        return true;
+    }
+    return digits > MAX_SAFE_INTEGER_ABS_STR;
+}
+function quoteUnsafeIntegerLiterals(input) {
+    let out = "";
+    let inString = false;
+    let escaped = false;
+    let idx = 0;
+    while (idx < input.length) {
+        const ch = input[idx] ?? "";
+        if (inString) {
+            out += ch;
+            if (escaped) {
+                escaped = false;
+            }
+            else if (ch === "\\") {
+                escaped = true;
+            }
+            else if (ch === '"') {
+                inString = false;
+            }
+            idx += 1;
+            continue;
+        }
+        if (ch === '"') {
+            inString = true;
+            out += ch;
+            idx += 1;
+            continue;
+        }
+        if (ch === "-" || isAsciiDigit(ch)) {
+            const parsed = parseJsonNumberToken(input, idx);
+            if (parsed) {
+                if (parsed.isInteger && isUnsafeIntegerLiteral(parsed.token)) {
+                    out += `"${parsed.token}"`;
+                }
+                else {
+                    out += parsed.token;
+                }
+                idx = parsed.end;
+                continue;
+            }
+        }
+        out += ch;
+        idx += 1;
+    }
+    return out;
+}
+function parseJsonPreservingUnsafeIntegers(input) {
+    return JSON.parse(quoteUnsafeIntegerLiterals(input));
+}
 function extractTextContent(content) {
     if (typeof content === "string") {
         return content;
@@ -159,19 +272,19 @@ export async function* parseNdjsonStream(reader) {
                 continue;
             }
             try {
-                yield JSON.parse(trimmed);
+                yield parseJsonPreservingUnsafeIntegers(trimmed);
             }
             catch {
-                console.warn("[ollama-stream] Skipping malformed NDJSON line:", trimmed.slice(0, 120));
+                log.warn(`Skipping malformed NDJSON line: ${trimmed.slice(0, 120)}`);
             }
         }
     }
     if (buffer.trim()) {
         try {
-            yield JSON.parse(buffer.trim());
+            yield parseJsonPreservingUnsafeIntegers(buffer.trim());
         }
         catch {
-            console.warn("[ollama-stream] Skipping malformed trailing data:", buffer.trim().slice(0, 120));
+            log.warn(`Skipping malformed trailing data: ${buffer.trim().slice(0, 120)}`);
         }
     }
 }

package/dist/agents/opencode-zen-models.js

@@ -1,14 +1,19 @@
 /**
  * OpenCode Zen model catalog with dynamic fetching, caching, and static fallback.
  *
- * OpenCode Zen is a $200/month subscription that provides proxy access to multiple
- * AI models (Claude, GPT, Gemini, etc.) through a single API endpoint.
+ * OpenCode Zen is a pay-as-you-go token-based API that provides access to curated
+ * models optimized for coding agents. It uses per-request billing with auto top-up.
+ *
+ * Note: OpenCode Black ($20/$100/$200/month subscriptions) is a separate product
+ * with flat-rate usage tiers. This module handles Zen, not Black.
  *
  * API endpoint: https://opencode.ai/zen/v1
  * Auth URL: https://opencode.ai/auth
  */
+import { createSubsystemLogger } from "../logging/subsystem.js";
+const log = createSubsystemLogger("opencode-zen-models");
 export const OPENCODE_ZEN_API_BASE_URL = "https://opencode.ai/zen/v1";
-export const OPENCODE_ZEN_DEFAULT_MODEL = "claude-opus-4-5";
+export const OPENCODE_ZEN_DEFAULT_MODEL = "claude-opus-4-6";
 export const OPENCODE_ZEN_DEFAULT_MODEL_REF = `opencode/${OPENCODE_ZEN_DEFAULT_MODEL}`;
 // Cache for fetched models (1 hour TTL)
 let cachedModels = null;
@@ -16,18 +21,19 @@ let cacheTimestamp = 0;
 const CACHE_TTL_MS = 60 * 60 * 1000; // 1 hour
 /**
  * Model aliases for convenient shortcuts.
- * Users can use "opus" instead of "claude-opus-4-5", etc.
+ * Users can use "opus" instead of "claude-opus-4-6", etc.
  */
 export const OPENCODE_ZEN_MODEL_ALIASES = {
     // Claude
-    opus: "claude-opus-4-5",
+    opus: "claude-opus-4-6",
+    "opus-4.6": "claude-opus-4-6",
     "opus-4.5": "claude-opus-4-5",
-    "opus-4": "claude-opus-4-5",
+    "opus-4": "claude-opus-4-6",
     // Legacy Claude aliases (OpenCode Zen rotates model catalogs; keep old keys working).
-    sonnet: "claude-opus-4-5",
-    "sonnet-4": "claude-opus-4-5",
-    haiku: "claude-opus-4-5",
-    "haiku-3.5": "claude-opus-4-5",
+    sonnet: "claude-opus-4-6",
+    "sonnet-4": "claude-opus-4-6",
+    haiku: "claude-opus-4-6",
+    "haiku-3.5": "claude-opus-4-6",
     // GPT-5.x family
     gpt5: "gpt-5.2",
     "gpt-5": "gpt-5.2",
@@ -99,6 +105,7 @@ const MODEL_COSTS = {
         cacheRead: 0.107,
         cacheWrite: 0,
     },
+    "claude-opus-4-6": { input: 5, output: 25, cacheRead: 0.5, cacheWrite: 6.25 },
     "claude-opus-4-5": { input: 5, output: 25, cacheRead: 0.5, cacheWrite: 6.25 },
     "gemini-3-pro": { input: 2, output: 12, cacheRead: 0.2, cacheWrite: 0 },
     "gpt-5.1-codex-mini": {
@@ -121,6 +128,7 @@ const MODEL_COSTS = {
 const DEFAULT_COST = { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 };
 const MODEL_CONTEXT_WINDOWS = {
     "gpt-5.1-codex": 400000,
+    "claude-opus-4-6": 1000000,
     "claude-opus-4-5": 200000,
     "gemini-3-pro": 1048576,
     "gpt-5.1-codex-mini": 400000,
@@ -135,6 +143,7 @@ function getDefaultContextWindow(modelId) {
 }
 const MODEL_MAX_TOKENS = {
     "gpt-5.1-codex": 128000,
+    "claude-opus-4-6": 128000,
     "claude-opus-4-5": 64000,
     "gemini-3-pro": 65536,
     "gpt-5.1-codex-mini": 128000,
@@ -168,6 +177,7 @@ function buildModelDefinition(modelId) {
  */
 const MODEL_NAMES = {
     "gpt-5.1-codex": "GPT-5.1 Codex",
+    "claude-opus-4-6": "Claude Opus 4.6",
     "claude-opus-4-5": "Claude Opus 4.5",
     "gemini-3-pro": "Gemini 3 Pro",
     "gpt-5.1-codex-mini": "GPT-5.1 Codex Mini",
@@ -192,6 +202,7 @@ function formatModelName(modelId) {
 export function getOpencodeZenStaticFallbackModels() {
     const modelIds = [
         "gpt-5.1-codex",
+        "claude-opus-4-6",
         "claude-opus-4-5",
         "gemini-3-pro",
         "gpt-5.1-codex-mini",
@@ -241,7 +252,7 @@ export async function fetchOpencodeZenModels(apiKey) {
         return models;
     }
     catch (error) {
-        console.warn(`[opencode-zen] Failed to fetch models, using static fallback: ${String(error)}`);
+        log.warn(`Failed to fetch models, using static fallback: ${String(error)}`);
         return getOpencodeZenStaticFallbackModels();
     }
 }

package/dist/agents/pi-embedded-helpers/errors.js

@@ -1,8 +1,13 @@
+import { createSubsystemLogger } from "../../logging/subsystem.js";
 import { formatSandboxToolPolicyBlockedMessage } from "../sandbox.js";
-export function formatBillingErrorMessage(provider) {
+import { stableStringify } from "../stable-stringify.js";
+const log = createSubsystemLogger("errors");
+export function formatBillingErrorMessage(provider, model) {
     const providerName = provider?.trim();
-    if (providerName) {
-        return `⚠️ ${providerName} returned a billing error — your API key has run out of credits or has an insufficient balance. Check your ${providerName} billing dashboard and top up or switch to a different API key.`;
+    const modelName = model?.trim();
+    const providerLabel = providerName && modelName ? `${providerName} (${modelName})` : providerName || undefined;
+    if (providerLabel) {
+        return `⚠️ ${providerLabel} returned a billing error — your API key has run out of credits or has an insufficient balance. Check your ${providerName} billing dashboard and top up or switch to a different API key.`;
     }
     return "⚠️ API provider returned a billing error — your API key has run out of credits or has an insufficient balance. Check your provider's billing dashboard and top up or switch to a different API key.";
 }
@@ -199,15 +204,6 @@ function shouldRewriteContextOverflowText(raw) {
         ERROR_PREFIX_RE.test(raw) ||
         CONTEXT_OVERFLOW_ERROR_HEAD_RE.test(raw));
 }
-function shouldRewriteBillingText(raw) {
-    if (!isBillingErrorMessage(raw)) {
-        return false;
-    }
-    return (isRawApiErrorPayload(raw) ||
-        isLikelyHttpErrorText(raw) ||
-        ERROR_PREFIX_RE.test(raw) ||
-        BILLING_ERROR_HEAD_RE.test(raw));
-}
 function isErrorPayloadObject(payload) {
     if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
         return false;
@@ -260,18 +256,6 @@ function parseApiErrorPayload(raw) {
     }
     return null;
 }
-function stableStringify(value) {
-    if (!value || typeof value !== "object") {
-        return JSON.stringify(value) ?? "null";
-    }
-    if (Array.isArray(value)) {
-        return `[${value.map((entry) => stableStringify(entry)).join(",")}]`;
-    }
-    const record = value;
-    const keys = Object.keys(record).toSorted();
-    const entries = keys.map((key) => `${JSON.stringify(key)}:${stableStringify(record[key])}`);
-    return `{${entries.join(",")}}`;
-}
 export function getApiErrorPayloadFingerprint(raw) {
     if (!raw) {
         return null;
@@ -404,14 +388,14 @@ export function formatAssistantErrorText(msg, opts) {
         return "LLM request timed out.";
     }
     if (isBillingErrorMessage(raw)) {
-        return formatBillingErrorMessage(opts?.provider);
+        return formatBillingErrorMessage(opts?.provider, opts?.model ?? msg.model);
     }
     if (isLikelyHttpErrorText(raw) || isRawApiErrorPayload(raw)) {
         return formatRawAssistantErrorForUi(raw);
     }
     // Never return raw unhandled errors - log for debugging but return safe message
     if (raw.length > 600) {
-        console.warn("[formatAssistantErrorText] Long error truncated:", raw.slice(0, 200));
+        log.warn(`Long error truncated: ${raw.slice(0, 200)}`);
     }
     return raw.length > 600 ? `${raw.slice(0, 600)}…` : raw;
 }
@@ -453,12 +437,6 @@ export function sanitizeUserFacingText(text, opts) {
             return formatRawAssistantErrorForUi(trimmed);
         }
     }
-    // Preserve legacy behavior for explicit billing-head text outside known
-    // error contexts (e.g., "billing: please upgrade your plan"), while
-    // keeping conversational billing mentions untouched.
-    if (shouldRewriteBillingText(trimmed)) {
-        return BILLING_ERROR_USER_MESSAGE;
-    }
     // Strip leading blank lines (including whitespace-only lines) without clobbering indentation on
     // the first content line (e.g. markdown/code blocks).
     const withoutLeadingEmptyLines = stripped.replace(/^(?:[ \t]*\r?\n)+/, "");
@@ -479,7 +457,12 @@ const ERROR_PATTERNS = {
         "resource_exhausted",
         "usage limit",
     ],
-    overloaded: [/overloaded_error|"type"\s*:\s*"overloaded_error"/i, "overloaded"],
+    overloaded: [
+        /overloaded_error|"type"\s*:\s*"overloaded_error"/i,
+        "overloaded",
+        "service unavailable",
+        "high demand",
+    ],
     timeout: [
         "timeout",
         "timed out",
@@ -575,6 +558,15 @@ export function isAuthErrorMessage(raw) {
 export function isOverloadedErrorMessage(raw) {
     return matchesErrorPatterns(raw, ERROR_PATTERNS.overloaded);
 }
+function isJsonApiInternalServerError(raw) {
+    if (!raw) {
+        return false;
+    }
+    const value = raw.toLowerCase();
+    // Anthropic often wraps transient 500s in JSON payloads like:
+    // {"type":"error","error":{"type":"api_error","message":"Internal server error"}}
+    return value.includes('"type":"api_error"') && value.includes("internal server error");
+}
 export function parseImageDimensionError(raw) {
     if (!raw) {
         return null;
@@ -624,6 +616,30 @@ export function isAuthAssistantError(msg) {
     }
     return isAuthErrorMessage(msg.errorMessage ?? "");
 }
+export function isModelNotFoundErrorMessage(raw) {
+    if (!raw) {
+        return false;
+    }
+    const lower = raw.toLowerCase();
+    // Direct pattern matches from Pool Bot internals and common providers.
+    if (lower.includes("unknown model") ||
+        lower.includes("model not found") ||
+        lower.includes("model_not_found") ||
+        lower.includes("not_found_error") ||
+        (lower.includes("does not exist") && lower.includes("model")) ||
+        (lower.includes("invalid model") && !lower.includes("invalid model reference"))) {
+        return true;
+    }
+    // Google Gemini: "models/X is not found for api version"
+    if (/models\/[^\s]+ is not found/i.test(raw)) {
+        return true;
+    }
+    // JSON error payloads: {"status": "NOT_FOUND"} or {"code": 404} combined with not-found text.
+    if (/\b404\b/.test(raw) && /not[-_ ]?found/i.test(raw)) {
+        return true;
+    }
+    return false;
+}
 export function classifyFailoverReason(raw) {
     if (isImageDimensionErrorMessage(raw)) {
         return null;
@@ -631,10 +647,16 @@ export function classifyFailoverReason(raw) {
     if (isImageSizeError(raw)) {
         return null;
     }
+    if (isModelNotFoundErrorMessage(raw)) {
+        return "model_not_found";
+    }
     if (isTransientHttpError(raw)) {
         // Treat transient 5xx provider failures as retryable transport issues.
         return "timeout";
     }
+    if (isJsonApiInternalServerError(raw)) {
+        return "timeout";
+    }
     if (isRateLimitErrorMessage(raw)) {
         return "rate_limit";
     }

package/dist/agents/pi-embedded-helpers/messaging-dedupe.js

@@ -15,21 +15,26 @@ export function normalizeTextForComparison(text) {
         .trim();
 }
 export function isMessagingToolDuplicateNormalized(normalized, normalizedSentTexts) {
-    if (normalizedSentTexts.length === 0)
+    if (normalizedSentTexts.length === 0) {
         return false;
-    if (!normalized || normalized.length < MIN_DUPLICATE_TEXT_LENGTH)
+    }
+    if (!normalized || normalized.length < MIN_DUPLICATE_TEXT_LENGTH) {
         return false;
+    }
     return normalizedSentTexts.some((normalizedSent) => {
-        if (!normalizedSent || normalizedSent.length < MIN_DUPLICATE_TEXT_LENGTH)
+        if (!normalizedSent || normalizedSent.length < MIN_DUPLICATE_TEXT_LENGTH) {
             return false;
+        }
         return normalized.includes(normalizedSent) || normalizedSent.includes(normalized);
     });
 }
 export function isMessagingToolDuplicate(text, sentTexts) {
-    if (sentTexts.length === 0)
+    if (sentTexts.length === 0) {
         return false;
+    }
     const normalized = normalizeTextForComparison(text);
-    if (!normalized || normalized.length < MIN_DUPLICATE_TEXT_LENGTH)
+    if (!normalized || normalized.length < MIN_DUPLICATE_TEXT_LENGTH) {
         return false;
+    }
     return isMessagingToolDuplicateNormalized(normalized, sentTexts.map(normalizeTextForComparison));
 }

package/dist/agents/pi-embedded-helpers/thinking.js

@@ -1,8 +1,9 @@
 import { normalizeThinkLevel } from "../../auto-reply/thinking.js";
 function extractSupportedValues(raw) {
     const match = raw.match(/supported values are:\s*([^\n.]+)/i) ?? raw.match(/supported values:\s*([^\n.]+)/i);
-    if (!match?.[1])
+    if (!match?.[1]) {
         return [];
+    }
     const fragment = match[1];
     const quoted = Array.from(fragment.matchAll(/['"]([^'"]+)['"]/g)).map((entry) => entry[1]?.trim());
     if (quoted.length > 0) {
@@ -15,17 +16,21 @@ function extractSupportedValues(raw) {
 }
 export function pickFallbackThinkingLevel(params) {
     const raw = params.message?.trim();
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const supported = extractSupportedValues(raw);
-    if (supported.length === 0)
+    if (supported.length === 0) {
         return undefined;
+    }
     for (const entry of supported) {
         const normalized = normalizeThinkLevel(entry);
-        if (!normalized)
+        if (!normalized) {
             continue;
-        if (params.attempted.has(normalized))
+        }
+        if (params.attempted.has(normalized)) {
             continue;
+        }
         return normalized;
     }
     return undefined;

package/dist/agents/pi-embedded-helpers.js

@@ -1,5 +1,5 @@
 export { buildBootstrapContextFiles, DEFAULT_BOOTSTRAP_MAX_CHARS, DEFAULT_BOOTSTRAP_TOTAL_MAX_CHARS, ensureSessionHeader, resolveBootstrapMaxChars, resolveBootstrapTotalMaxChars, stripThoughtSignatures, } from "./pi-embedded-helpers/bootstrap.js";
-export { BILLING_ERROR_USER_MESSAGE, formatBillingErrorMessage, classifyFailoverReason, formatRawAssistantErrorForUi, formatAssistantErrorText, getApiErrorPayloadFingerprint, isAuthAssistantError, isAuthErrorMessage, isBillingAssistantError, parseApiErrorInfo, sanitizeUserFacingText, isBillingErrorMessage, isCloudflareOrHtmlErrorPage, isCloudCodeAssistFormatError, isCompactionFailureError, isContextOverflowError, isLikelyContextOverflowError, isFailoverAssistantError, isFailoverErrorMessage, isImageDimensionErrorMessage, isImageSizeError, isOverloadedErrorMessage, isRawApiErrorPayload, isRateLimitAssistantError, isRateLimitErrorMessage, isTransientHttpError, isTimeoutErrorMessage, parseImageDimensionError, parseImageSizeError, } from "./pi-embedded-helpers/errors.js";
+export { BILLING_ERROR_USER_MESSAGE, formatBillingErrorMessage, classifyFailoverReason, formatRawAssistantErrorForUi, formatAssistantErrorText, getApiErrorPayloadFingerprint, isAuthAssistantError, isAuthErrorMessage, isModelNotFoundErrorMessage, isBillingAssistantError, parseApiErrorInfo, sanitizeUserFacingText, isBillingErrorMessage, isCloudflareOrHtmlErrorPage, isCloudCodeAssistFormatError, isCompactionFailureError, isContextOverflowError, isLikelyContextOverflowError, isFailoverAssistantError, isFailoverErrorMessage, isImageDimensionErrorMessage, isImageSizeError, isOverloadedErrorMessage, isRawApiErrorPayload, isRateLimitAssistantError, isRateLimitErrorMessage, isTransientHttpError, isTimeoutErrorMessage, parseImageDimensionError, parseImageSizeError, } from "./pi-embedded-helpers/errors.js";
 export { isGoogleModelApi, sanitizeGoogleTurnOrdering } from "./pi-embedded-helpers/google.js";
 export { downgradeOpenAIReasoningBlocks } from "./pi-embedded-helpers/openai.js";
 export { isEmptyAssistantMessageContent, sanitizeSessionMessagesImages, } from "./pi-embedded-helpers/images.js";

package/dist/agents/pi-embedded-payloads.js

@@ -0,0 +1 @@
+export {};

package/dist/agents/pi-embedded-runner/compact.js

@@ -1,6 +1,6 @@
 import fs from "node:fs/promises";
 import os from "node:os";
-import { createAgentSession, estimateTokens, SessionManager, SettingsManager, } from "@mariozechner/pi-coding-agent";
+import { createAgentSession, DefaultResourceLoader, estimateTokens, SessionManager, SettingsManager, } from "@mariozechner/pi-coding-agent";
 import { resolveHeartbeatPrompt } from "../../auto-reply/heartbeat.js";
 import { resolveChannelCapabilities } from "../../config/channel-capabilities.js";
 import { getMachineDisplayName } from "../../infra/machine-name.js";
@@ -24,7 +24,7 @@ import { resolvePoolbotDocsPath } from "../docs-path.js";
 import { getApiKeyForModel, resolveModelAuthMode } from "../model-auth.js";
 import { ensurePoolbotModelsJson } from "../models-config.js";
 import { ensureSessionHeader, validateAnthropicTurns, validateGeminiTurns, } from "../pi-embedded-helpers.js";
-import { ensurePiCompactionReserveTokens, resolveCompactionReserveTokensFloor, } from "../pi-settings.js";
+import { applyPiCompactionSettingsFromConfig } from "../pi-settings.js";
 import { createPoolbotCodingTools } from "../pi-tools.js";
 import { resolveSandboxContext } from "../sandbox.js";
 import { repairSessionFileIfNeeded } from "../session-file-repair.js";
@@ -35,7 +35,7 @@ import { detectRuntimeShell } from "../shell-utils.js";
 import { applySkillEnvOverrides, applySkillEnvOverridesFromSnapshot, loadWorkspaceSkillEntries, resolveSkillsPromptForRun, } from "../skills.js";
 import { resolveTranscriptPolicy } from "../transcript-policy.js";
 import { compactWithSafetyTimeout, EMBEDDED_COMPACTION_TIMEOUT_MS, } from "./compaction-safety-timeout.js";
-import { buildEmbeddedExtensionPaths } from "./extensions.js";
+import { buildEmbeddedExtensionFactories } from "./extensions.js";
 import { logToolSchemasForGoogle, sanitizeSessionHistory, sanitizeToolsForGoogle, } from "./google.js";
 import { getDmHistoryLimitFromSessionKey, limitHistoryTurns } from "./history.js";
 import { resolveGlobalLane, resolveSessionLane } from "./lanes.js";
@@ -44,6 +44,7 @@ import { buildModelAliasLines, resolveModel } from "./model.js";
 import { buildEmbeddedSandboxInfo } from "./sandbox-info.js";
 import { prewarmSessionFile, trackSessionManagerAccess } from "./session-manager-cache.js";
 import { applySystemPromptOverrideToSession, buildEmbeddedSystemPrompt, createSystemPromptOverride, } from "./system-prompt.js";
+import { collectAllowedToolNames } from "./tool-name-allowlist.js";
 import { splitSdkTools } from "./tool-split.js";
 import { describeUnknownError, mapThinkingLevel } from "./utils.js";
 import { flushPendingToolResultsAfterIdle } from "./wait-for-idle-before-flush.js";
@@ -276,6 +277,7 @@ export async function compactEmbeddedPiSessionDirect(params) {
             modelAuthMode: resolveModelAuthMode(model.provider, params.config),
         });
         const tools = sanitizeToolsForGoogle({ tools: toolsRaw, provider });
+        const allowedToolNames = collectAllowedToolNames({ tools });
         logToolSchemasForGoogle({ tools, provider });
         const machineName = await getMachineDisplayName();
         const runtimeChannel = normalizeMessageChannel(params.messageChannel ?? params.messageProvider);
@@ -372,6 +374,10 @@ export async function compactEmbeddedPiSessionDirect(params) {
             reasoningLevel: params.reasoningLevel ?? "off",
             extraSystemPrompt: params.extraSystemPrompt,
             ownerNumbers: params.ownerNumbers,
+            ownerDisplay: params.config?.commands?.ownerDisplay,
+            ownerDisplaySecret: params.config?.commands?.ownerDisplaySecret ??
+                params.config?.gateway?.auth?.token ??
+                params.config?.gateway?.remote?.token,
             reasoningTagHint,
             heartbeatPrompt: isDefaultAgent
                 ? resolveHeartbeatPrompt(params.config?.agents?.defaults?.heartbeat?.prompt)
@@ -414,21 +420,35 @@ export async function compactEmbeddedPiSessionDirect(params) {
                 agentId: sessionAgentId,
                 sessionKey: params.sessionKey,
                 allowSyntheticToolResults: transcriptPolicy.allowSyntheticToolResults,
+                allowedToolNames,
             });
             trackSessionManagerAccess(params.sessionFile);
             const settingsManager = SettingsManager.create(effectiveWorkspace, agentDir);
-            ensurePiCompactionReserveTokens({
+            applyPiCompactionSettingsFromConfig({
                 settingsManager,
-                minReserveTokens: resolveCompactionReserveTokensFloor(params.config),
+                cfg: params.config,
             });
-            // Call for side effects (sets compaction/pruning runtime state)
-            buildEmbeddedExtensionPaths({
+            // Sets compaction/pruning runtime state and returns extension factories
+            // that must be passed to the resource loader for the safeguard to be active.
+            const extensionFactories = buildEmbeddedExtensionFactories({
                 cfg: params.config,
                 sessionManager,
                 provider,
                 modelId,
                 model,
             });
+            // Only create an explicit resource loader when there are extension factories
+            // to register; otherwise let createAgentSession use its built-in default.
+            let resourceLoader;
+            if (extensionFactories.length > 0) {
+                resourceLoader = new DefaultResourceLoader({
+                    cwd: resolvedWorkspace,
+                    agentDir,
+                    settingsManager,
+                    extensionFactories,
+                });
+                await resourceLoader.reload();
+            }
             const { builtInTools, customTools } = splitSdkTools({
                 tools,
                 sandboxEnabled: !!sandbox?.enabled,
@@ -444,6 +464,7 @@ export async function compactEmbeddedPiSessionDirect(params) {
                 customTools,
                 sessionManager,
                 settingsManager,
+                resourceLoader,
             });
             applySystemPromptOverrideToSession(session, systemPromptOverride());
             try {
@@ -452,6 +473,7 @@ export async function compactEmbeddedPiSessionDirect(params) {
                     modelApi: model.api,
                     modelId,
                     provider,
+                    allowedToolNames,
                     config: params.config,
                     sessionManager,
                     sessionId: params.sessionId,