@posthog/wizard 2.13.1 → 2.14.0

package/dist/{agent-interface-D9DeIikl.js → agent-interface-gP4pkZgS.js}

@@ -1,181 +1,17 @@
 import { n as __require } from "./rolldown-runtime-B_-DWIq7.js";
-import { A as POSTHOG_PROPERTY_HEADER_PREFIX, B as WIZARD_VARIANTS, L as WIZARD_REMARK_EVENT_NAME, O as POSTHOG_FLAG_HEADER_PREFIX, V as WIZARD_VARIANT_FLAG_KEY, a as getLogFilePath, c as getUI, o as initLogFile, r as debug, s as logToFile, z as WIZARD_USER_AGENT } from "./debug-B2BH87dh.js";
+import { A as POSTHOG_PROPERTY_HEADER_PREFIX, B as WIZARD_VARIANTS, L as WIZARD_REMARK_EVENT_NAME, O as POSTHOG_FLAG_HEADER_PREFIX, V as WIZARD_VARIANT_FLAG_KEY, a as getLogFilePath, c as getUI, o as initLogFile, r as debug, s as logToFile, z as WIZARD_USER_AGENT } from "./debug-CYUB-urp.js";
 import { i as WIZARD_YARA_REPORT_FILE, o as skillTmpPath } from "./paths-DJS47p5x.js";
-import { n as analytics } from "./analytics-Cek5hIwm.js";
-import { f as getLlmGatewayUrlFromHost } from "./setup-utils-DGUR4Djo.js";
-import { n as ADDITIONAL_FEATURE_PROMPTS } from "./wizard-session-BcNJTl2I.js";
-import { n as registerCleanup, r as wizardAbort, t as WizardError } from "./wizard-abort-54DpTnUi.js";
+import { n as analytics } from "./analytics-Dmnxu2zE.js";
+import { f as getLlmGatewayUrlFromHost } from "./setup-utils-LvtZIY18.js";
+import { n as ADDITIONAL_FEATURE_PROMPTS } from "./wizard-session-CsI33S4_.js";
+import { n as registerCleanup, r as wizardAbort, t as WizardError } from "./wizard-abort-D-t5yDkY.js";
 import * as fs$1 from "fs";
 import fs from "fs";
 import path from "path";
 import { z } from "zod";
 import fg from "fast-glob";
 import { execFileSync } from "child_process";
-//#region src/utils/custom-headers.ts
-/**
-* Builds a list of custom headers for ANTHROPIC_CUSTOM_HEADERS.
-*/
-function createCustomHeaders() {
-	const entries = [];
-	return {
-		add(key, value) {
-			const name = key.startsWith("x-") || key.startsWith("X-") ? key : `X-${key}`;
-			entries.push({
-				key: name,
-				value
-			});
-		},
-		addFlag(flagKey, variant) {
-			const headerName = POSTHOG_FLAG_HEADER_PREFIX + flagKey.toUpperCase();
-			entries.push({
-				key: headerName,
-				value: variant
-			});
-		},
-		encode() {
-			return entries.map(({ key, value }) => `${key}: ${value}`).join("\n");
-		}
-	};
-}
-//#endregion
-//#region src/lib/safe-tools.ts
-const LINTING_TOOLS = [
-	"codespell",
-	"cspell",
-	"git-diff-check",
-	"gitleaks",
-	"trufflehog",
-	"asl-validator",
-	"ansible-lint",
-	"pmd",
-	"biome",
-	"cfn-lint",
-	"cfnlint",
-	"checkov",
-	"trivy",
-	"test-aztemplate",
-	"shellcheck",
-	"shfmt",
-	"buildifier",
-	"cpplint",
-	"clang-format",
-	"clang-tidy",
-	"cmake-format",
-	"iwyu",
-	"pragma-once",
-	"dotnet-format",
-	"circleci",
-	"clj-kondo",
-	"coffeelint",
-	"commitlint",
-	"jscpd",
-	"stylelint",
-	"prettier",
-	"cue-fmt",
-	"dart",
-	"hadolint",
-	"dotenv-linter",
-	"editorconfig-checker",
-	"actionlint",
-	"zizmor",
-	"gofmt",
-	"gofumpt",
-	"goimports",
-	"gokart",
-	"golangci-lint",
-	"golines",
-	"semgrep",
-	"goreleaser",
-	"graphql-schema-linter",
-	"npm-groovy-lint",
-	"haml-lint",
-	"htmlhint",
-	"djlint",
-	"checkstyle",
-	"google-java-format",
-	"eslint",
-	"next lint",
-	"deno",
-	"rome",
-	"eslint-plugin-jsonc",
-	"eslint-plugin-json",
-	"eslint-plugin-jsx-a11y",
-	"eslint-plugin-react",
-	"nbqa",
-	"detekt",
-	"ktlint",
-	"kubeconform",
-	"kube-linter",
-	"chktex",
-	"luacheck",
-	"stylua",
-	"markdownlint",
-	"markdownlint-cli2",
-	"markdown-link-check",
-	"markdown-table-prettify",
-	"remark-lint",
-	"textlint",
-	"vale",
-	"nixpkgs-fmt",
-	"spectral",
-	"sort-package-json",
-	"perlcritic",
-	"perltidy",
-	"php-cs-fixer",
-	"phpcs",
-	"phpstan",
-	"psalm",
-	"oxipng",
-	"psscriptanalyzer",
-	"prisma",
-	"protolint",
-	"buf",
-	"pylint",
-	"flake8",
-	"isort",
-	"ruff",
-	"black",
-	"autopep8",
-	"bandit",
-	"mypy",
-	"pyright",
-	"sourcery",
-	"yapf",
-	"lintr",
-	"opa",
-	"regal",
-	"rubocop",
-	"brakeman",
-	"rufo",
-	"standardrb",
-	"clippy",
-	"rustfmt",
-	"scalafmt",
-	"osv-scanner",
-	"terrascan",
-	"tfsec",
-	"snakemake --lint",
-	"snakefmt",
-	"sqlfluff",
-	"sql-formatter",
-	"sqlfmt",
-	"squawk",
-	"svgo",
-	"stringslint",
-	"swiftformat",
-	"swiftlint",
-	"tflint",
-	"terraform",
-	"tofu",
-	"terragrunt",
-	"txtpbfmt",
-	"taplo",
-	"eslint-plugin-vue",
-	"xmllint",
-	"yamllint"
-];
-//#endregion
-//#region src/lib/workflows/audit/types.ts
+//#region src/lib/programs/audit/types.ts
 /** Single source of truth for status glyph + color across audit views. */
 const AUDIT_SEVERITY_STYLE = {
 	pending: {
@@ -293,7 +129,7 @@ function downloadSkill(skillEntry, installDir, skillsRoot) {
 }
 /**
 * High-level "install a skill by ID" helper. Fetches the skill menu,
-* finds the skill, downloads and extracts it. Workflows should use this
+* finds the skill, downloads and extracts it. Programs should use this
 * instead of composing fetchSkillMenu + downloadSkill themselves.
 */
 async function installSkillById(skillId, installDir, skillsBaseUrl, skillsRoot) {
@@ -315,6 +151,25 @@ async function installSkillById(skillId, installDir, skillsBaseUrl, skillsRoot)
 	};
 }
 /**
+* Pure decision function for the wizard_ask caps. Returns whether the
+* upcoming call should proceed and, if not, the error message to surface
+* to the agent. Extracted so the policy can be unit-tested without
+* spinning up an MCP server.
+*/
+function evaluateAskCap(callCount, maxQuestions) {
+	if (callCount >= maxQuestions) return {
+		kind: "capped",
+		reason: "max_questions",
+		message: `Error: wizard_ask cap reached (${maxQuestions} calls in this run). Proceed with sensible defaults using the answers you already have, or emit [ABORT] requirements-incomplete.`
+	};
+	if (callCount >= 3) return {
+		kind: "capped",
+		reason: "adjacency",
+		message: `Error: too many wizard_ask calls in a row (${callCount} so far). Batch the remaining questions into a single call — the schema accepts up to 8 questions per invocation.`
+	};
+	return { kind: "ok" };
+}
+/**
 * Resolve filePath relative to workingDirectory, rejecting path traversal.
 */
 function resolveEnvPath(workingDirectory, filePath) {
@@ -489,8 +344,9 @@ const SERVER_NAME = "wizard-tools";
 * Must be called asynchronously because the SDK is an ESM module loaded via dynamic import.
 */
 async function createWizardToolsServer(options) {
-	const { workingDirectory, detectPackageManager, skillsBaseUrl } = options;
+	const { workingDirectory, detectPackageManager, skillsBaseUrl, askBridge, askMaxQuestions = 10 } = options;
 	const { tool, createSdkMcpServer } = await getSDKModule$1();
+	let askCallCount = 0;
 	let cachedSkillMenu = {};
 	let categoryNames = ["integration"];
 	const menu = await fetchSkillMenu(skillsBaseUrl);
@@ -591,6 +447,74 @@ async function createWizardToolsServer(options) {
 	});
 	const auditLedgerPath = path.join(workingDirectory, AUDIT_CHECKS_FILE);
 	const auditMutex = makeMutex();
+	const auditSeedChecks = tool("audit_seed_checks", "Seed the audit ledger at .posthog-audit-checks.json with the full set of pending checks. Call this once at the start of the audit. Atomically replaces any existing ledger.", { checks: z.array(auditCheckSchema).describe("Full pending checklist to write to the ledger") }, async (args) => {
+		return auditMutex(() => {
+			writeLedgerAtomic(auditLedgerPath, args.checks);
+			logToFile(`audit_seed_checks: wrote ${args.checks.length} entries`);
+			return { content: [{
+				type: "text",
+				text: `Seeded ${args.checks.length} audit checks.`
+			}] };
+		});
+	});
+	const auditAddChecks = tool("audit_add_checks", "Append one or more pending checks to the existing audit ledger at .posthog-audit-checks.json. Call audit_seed_checks first. Atomically rejects duplicate ids without changing the ledger.", { checks: z.array(auditCheckSchema).min(1).describe("Additional checks to append to the existing ledger") }, async (args) => {
+		return auditMutex(() => {
+			const result = appendAuditChecksToLedger(auditLedgerPath, args.checks);
+			if (!result.ok) {
+				if (result.reason === "missing-ledger") return {
+					content: [{
+						type: "text",
+						text: "Error: audit ledger does not exist. Run audit_seed_checks first."
+					}],
+					isError: true
+				};
+				return {
+					content: [{
+						type: "text",
+						text: `Error: duplicate check id(s): ${result.ids.join(", ")}. Check ids must be unique.`
+					}],
+					isError: true
+				};
+			}
+			logToFile(`audit_add_checks: added ${result.added} entries`);
+			return { content: [{
+				type: "text",
+				text: `Added ${result.added} audit check(s).`
+			}] };
+		});
+	});
+	const auditResolveChecks = tool("audit_resolve_checks", "Resolve one or more audit checks by id. Patches each entry's status (and optional file/details) and writes the ledger back atomically. Concurrent calls serialize.", { updates: z.array(auditUpdateSchema).min(1).describe("Patches to apply, keyed by check id") }, async (args) => {
+		return auditMutex(() => {
+			const { next, unknown } = applyAuditUpdates(readLedger(auditLedgerPath), args.updates);
+			if (unknown.length > 0) return {
+				content: [{
+					type: "text",
+					text: `Error: unknown check id(s): ${unknown.join(", ")}. Run audit_seed_checks first or check the id.`
+				}],
+				isError: true
+			};
+			writeLedgerAtomic(auditLedgerPath, next);
+			logToFile(`audit_resolve_checks: applied ${args.updates.length} update(s)`);
+			return { content: [{
+				type: "text",
+				text: `Resolved ${args.updates.length} check(s).`
+			}] };
+		});
+	});
+	const askQuestionSchema = z.object({
+		id: z.string().min(1).describe("Stable key for the answer in the response map"),
+		prompt: z.string().min(1).describe("Question text shown to the user"),
+		kind: z.enum([
+			"single",
+			"multi",
+			"text"
+		]).describe("'single' = pick one option, 'multi' = pick any, 'text' = free-form single-line answer"),
+		options: z.array(z.object({
+			label: z.string(),
+			value: z.string()
+		})).optional().describe("Required for kind=single|multi; ignored for kind=text"),
+		required: z.boolean().optional().describe("Defaults to true")
+	});
 	return createSdkMcpServer({
 		name: SERVER_NAME,
 		version: "1.0.0",
@@ -600,73 +524,247 @@ async function createWizardToolsServer(options) {
 			detectPM,
 			loadSkillMenu,
 			installSkill,
-			tool("audit_seed_checks", "Seed the audit ledger at .posthog-audit-checks.json with the full set of pending checks. Call this once at the start of the audit. Atomically replaces any existing ledger.", { checks: z.array(auditCheckSchema).describe("Full pending checklist to write to the ledger") }, async (args) => {
-				return auditMutex(() => {
-					writeLedgerAtomic(auditLedgerPath, args.checks);
-					logToFile(`audit_seed_checks: wrote ${args.checks.length} entries`);
-					return { content: [{
+			auditSeedChecks,
+			auditAddChecks,
+			auditResolveChecks,
+			tool("wizard_ask", "Ask the user one or more structured questions and wait for their answers. Use this whenever you would otherwise inline a question in your text output. Batch related questions into a single call — do not call this multiple times in a row.", { questions: z.array(askQuestionSchema).min(1).max(8) }, async (args) => {
+				if (!askBridge) return {
+					content: [{
 						type: "text",
-						text: `Seeded ${args.checks.length} audit checks.`
-					}] };
-				});
-			}),
-			tool("audit_add_checks", "Append one or more pending checks to the existing audit ledger at .posthog-audit-checks.json. Call audit_seed_checks first. Atomically rejects duplicate ids without changing the ledger.", { checks: z.array(auditCheckSchema).min(1).describe("Additional checks to append to the existing ledger") }, async (args) => {
-				return auditMutex(() => {
-					const result = appendAuditChecksToLedger(auditLedgerPath, args.checks);
-					if (!result.ok) {
-						if (result.reason === "missing-ledger") return {
-							content: [{
-								type: "text",
-								text: "Error: audit ledger does not exist. Run audit_seed_checks first."
-							}],
-							isError: true
-						};
-						return {
-							content: [{
-								type: "text",
-								text: `Error: duplicate check id(s): ${result.ids.join(", ")}. Check ids must be unique.`
-							}],
-							isError: true
-						};
-					}
-					logToFile(`audit_add_checks: added ${result.added} entries`);
-					return { content: [{
+						text: "Error: wizard_ask is not available in this environment (CI / non-interactive). Proceed with sensible defaults or emit [ABORT] requirements-incomplete."
+					}],
+					isError: true
+				};
+				const capDecision = evaluateAskCap(askCallCount, askMaxQuestions);
+				if (capDecision.kind === "capped") {
+					analytics.wizardCapture("wizard_ask capped", {
+						reason: capDecision.reason,
+						call_count: askCallCount,
+						max_questions: askMaxQuestions
+					});
+					return {
+						content: [{
+							type: "text",
+							text: capDecision.message
+						}],
+						isError: true
+					};
+				}
+				for (const q of args.questions) if ((q.kind === "single" || q.kind === "multi") && (!q.options || q.options.length === 0)) return {
+					content: [{
 						type: "text",
-						text: `Added ${result.added} audit check(s).`
-					}] };
-				});
-			}),
-			tool("audit_resolve_checks", "Resolve one or more audit checks by id. Patches each entry's status (and optional file/details) and writes the ledger back atomically. Concurrent calls serialize.", { updates: z.array(auditUpdateSchema).min(1).describe("Patches to apply, keyed by check id") }, async (args) => {
-				return auditMutex(() => {
-					const { next, unknown } = applyAuditUpdates(readLedger(auditLedgerPath), args.updates);
-					if (unknown.length > 0) return {
+						text: `Error: question "${q.id}" has kind="${q.kind}" but no options. Provide at least one { label, value } option, or change kind to "text".`
+					}],
+					isError: true
+				};
+				const ids = /* @__PURE__ */ new Set();
+				for (const q of args.questions) {
+					if (ids.has(q.id)) return {
 						content: [{
 							type: "text",
-							text: `Error: unknown check id(s): ${unknown.join(", ")}. Run audit_seed_checks first or check the id.`
+							text: `Error: duplicate question id "${q.id}". Each question must have a unique id.`
 						}],
 						isError: true
 					};
-					writeLedgerAtomic(auditLedgerPath, next);
-					logToFile(`audit_resolve_checks: applied ${args.updates.length} update(s)`);
+					ids.add(q.id);
+				}
+				askCallCount += 1;
+				try {
+					const answers = await askBridge.request({ questions: args.questions });
+					logToFile(`wizard_ask: resolved ${Object.keys(answers).length} answer(s) for ${args.questions.length} question(s)`);
 					return { content: [{
 						type: "text",
-						text: `Resolved ${args.updates.length} check(s).`
+						text: JSON.stringify({ answers }, null, 2)
 					}] };
-				});
+				} catch (err) {
+					logToFile(`wizard_ask: error: ${err?.message ?? err}`);
+					return {
+						content: [{
+							type: "text",
+							text: `Error: wizard_ask failed: ${err?.message ?? String(err)}`
+						}],
+						isError: true
+					};
+				}
 			})
 		]
 	});
 }
-/** Tool names exposed by the wizard-tools server, for use in allowedTools */
-const WIZARD_TOOL_NAMES = [
-	`${SERVER_NAME}:check_env_keys`,
-	`${SERVER_NAME}:set_env_values`,
-	`${SERVER_NAME}:detect_package_manager`,
-	`${SERVER_NAME}:load_skill_menu`,
-	`${SERVER_NAME}:install_skill`,
-	`${SERVER_NAME}:audit_seed_checks`,
-	`${SERVER_NAME}:audit_add_checks`,
-	`${SERVER_NAME}:audit_resolve_checks`
+/** Tool names exposed by the wizard-tools server, keyed for selective use. */
+const WIZARD_TOOL_NAMES = {
+	checkEnvKeys: `${SERVER_NAME}:check_env_keys`,
+	setEnvValues: `${SERVER_NAME}:set_env_values`,
+	detectPackageManager: `${SERVER_NAME}:detect_package_manager`,
+	loadSkillMenu: `${SERVER_NAME}:load_skill_menu`,
+	installSkill: `${SERVER_NAME}:install_skill`,
+	auditSeedChecks: `${SERVER_NAME}:audit_seed_checks`,
+	auditAddChecks: `${SERVER_NAME}:audit_add_checks`,
+	auditResolveChecks: `${SERVER_NAME}:audit_resolve_checks`,
+	wizardAsk: `${SERVER_NAME}:wizard_ask`
+};
+//#endregion
+//#region src/utils/custom-headers.ts
+/**
+* Builds a list of custom headers for ANTHROPIC_CUSTOM_HEADERS.
+*/
+function createCustomHeaders() {
+	const entries = [];
+	return {
+		add(key, value) {
+			const name = key.startsWith("x-") || key.startsWith("X-") ? key : `X-${key}`;
+			entries.push({
+				key: name,
+				value
+			});
+		},
+		addFlag(flagKey, variant) {
+			const headerName = POSTHOG_FLAG_HEADER_PREFIX + flagKey.toUpperCase();
+			entries.push({
+				key: headerName,
+				value: variant
+			});
+		},
+		encode() {
+			return entries.map(({ key, value }) => `${key}: ${value}`).join("\n");
+		}
+	};
+}
+//#endregion
+//#region src/lib/safe-tools.ts
+const LINTING_TOOLS = [
+	"codespell",
+	"cspell",
+	"git-diff-check",
+	"gitleaks",
+	"trufflehog",
+	"asl-validator",
+	"ansible-lint",
+	"pmd",
+	"biome",
+	"cfn-lint",
+	"cfnlint",
+	"checkov",
+	"trivy",
+	"test-aztemplate",
+	"shellcheck",
+	"shfmt",
+	"buildifier",
+	"cpplint",
+	"clang-format",
+	"clang-tidy",
+	"cmake-format",
+	"iwyu",
+	"pragma-once",
+	"dotnet-format",
+	"circleci",
+	"clj-kondo",
+	"coffeelint",
+	"commitlint",
+	"jscpd",
+	"stylelint",
+	"prettier",
+	"cue-fmt",
+	"dart",
+	"hadolint",
+	"dotenv-linter",
+	"editorconfig-checker",
+	"actionlint",
+	"zizmor",
+	"gofmt",
+	"gofumpt",
+	"goimports",
+	"gokart",
+	"golangci-lint",
+	"golines",
+	"semgrep",
+	"goreleaser",
+	"graphql-schema-linter",
+	"npm-groovy-lint",
+	"haml-lint",
+	"htmlhint",
+	"djlint",
+	"checkstyle",
+	"google-java-format",
+	"eslint",
+	"next lint",
+	"deno",
+	"rome",
+	"eslint-plugin-jsonc",
+	"eslint-plugin-json",
+	"eslint-plugin-jsx-a11y",
+	"eslint-plugin-react",
+	"nbqa",
+	"detekt",
+	"ktlint",
+	"kubeconform",
+	"kube-linter",
+	"chktex",
+	"luacheck",
+	"stylua",
+	"markdownlint",
+	"markdownlint-cli2",
+	"markdown-link-check",
+	"markdown-table-prettify",
+	"remark-lint",
+	"textlint",
+	"vale",
+	"nixpkgs-fmt",
+	"spectral",
+	"sort-package-json",
+	"perlcritic",
+	"perltidy",
+	"php-cs-fixer",
+	"phpcs",
+	"phpstan",
+	"psalm",
+	"oxipng",
+	"psscriptanalyzer",
+	"prisma",
+	"protolint",
+	"buf",
+	"pylint",
+	"flake8",
+	"isort",
+	"ruff",
+	"black",
+	"autopep8",
+	"bandit",
+	"mypy",
+	"pyright",
+	"sourcery",
+	"yapf",
+	"lintr",
+	"opa",
+	"regal",
+	"rubocop",
+	"brakeman",
+	"rufo",
+	"standardrb",
+	"clippy",
+	"rustfmt",
+	"scalafmt",
+	"osv-scanner",
+	"terrascan",
+	"tfsec",
+	"snakemake --lint",
+	"snakefmt",
+	"sqlfluff",
+	"sql-formatter",
+	"sqlfmt",
+	"squawk",
+	"svgo",
+	"stringslint",
+	"swiftformat",
+	"swiftlint",
+	"tflint",
+	"terraform",
+	"tofu",
+	"terragrunt",
+	"txtpbfmt",
+	"taplo",
+	"eslint-plugin-vue",
+	"xmllint",
+	"yamllint"
 ];
 //#endregion
 //#region src/lib/yara-scanner.ts
@@ -1228,9 +1326,20 @@ const WIZARD_COMMANDMENTS = [
 	"Treat feature flags, custom properties, and event names as part of an analytics contract. Prefer reusing existing names and patterns in the project. When you must introduce new ones, make them clear, descriptive, and consistent with existing conventions, and avoid scattering the same flag or property across many unrelated callsites.",
 	"Prefer minimal, targeted edits that achieve the requested behavior while preserving existing structure and style. Avoid large refactors, broad reformatting, or unrelated changes unless explicitly requested.",
 	"Do not spawn subagents unless explicitly instructed to do so.",
-	"After reading the integration skill, use the TodoWrite tool to track your progress. Create a todo list at the describing the high-level areas of work, mark each as in_progress when you begin it, and completed when done. Describe high-level tasks from the workflow (\"inserting event tracking code\", etc), not specific files or lines. For each new stage of the integration, create additional todos if necessary. Create a final \"wrapping up\" step and mark it completed when the integration is complete.",
-	"Do not assume \"PostHog provider\" or \"PostHogProvider\" in todo labels, status messages, or code. Only use a provider if the skill workflow explicitly requires one for the specific framework.",
-	"If you see a [YARA WARNING] or [YARA VIOLATION] message, handle it silently. Fix the issue (revert the write, avoid the flagged pattern) without mentioning security warnings or YARA to the user. These are internal guardrails, not user-facing alerts. Never show scary security language to the user."
+	"Create tasks as soon as you understand the work you are going to carry out. Break the list into distinct stages of work that the user can follow through. Create all tasks in a single tool call, in the order you will be performing them. Drive the work with TaskUpdate: status in_progress when you begin a task, completed when done.",
+	"Keep task titles broad and stage-oriented — describe the purpose or area of work, not the specific files, paths, or symbols involved. Do not name individual files, modules, or directories inside task titles, and do not include illustrative examples within a task title.",
+	"Do not assume \"PostHog provider\" or \"PostHogProvider\" in task labels, status messages, or code. Only use a provider if the skill workflow explicitly requires one for the specific framework.",
+	"If you see a [YARA WARNING] or [YARA VIOLATION] message, handle it silently. Fix the issue (revert the write, avoid the flagged pattern) without mentioning security warnings or YARA to the user. These are internal guardrails, not user-facing alerts. Never show scary security language to the user.",
+	[
+		"When a skill instructs you to gather information from the user, use the `wizard_ask` MCP tool from the wizard-tools server. Never inline questions in your text output expecting a reply — the user has no way to answer text.",
+		"When a skill provides a numbered or bulleted list of questions, translate the entire list into a single `wizard_ask` tool call:",
+		"  - One tool call per skill step. Batch every question from that step into the `questions` array — never split into multiple calls.",
+		"  - Infer `kind` from the question phrasing: comma-separated alternatives (\"React, Vue, or vanilla JS?\") → `single`; phrasing like \"all that apply\" or \"any of\" → `multi`; everything else → `text`.",
+		"  - For `single` and `multi`, extract the alternatives from the prose into `options` as `{ label, value }` pairs. Use the human phrase as `label` and a lowercase-hyphenated form as `value` (e.g., `label: \"Vanilla JS\"`, `value: \"vanilla-js\"`).",
+		"  - Use a kebab-case slug of the question label as `id` (e.g., \"Tech stack\" → `tech-stack`, \"Show frequency\" → `show-frequency`).",
+		"  - Do not invent fields the schema does not define (no `source`, `category`, `priority`, etc.) — the tool rejects unknown fields and the wizard already knows which skill is running.",
+		"After `wizard_ask` returns, use the answers directly — do not re-ask in text or call `wizard_ask` again for the same fields."
+	].join("\n")
 ].join("\n");
 function getWizardCommandments() {
 	return WIZARD_COMMANDMENTS;
@@ -1260,7 +1369,8 @@ const AgentSignals = {
 	ERROR_RESOURCE_MISSING: "[ERROR-RESOURCE-MISSING]",
 	ABORT: "[ABORT]",
 	WIZARD_REMARK: "[WIZARD-REMARK]",
-	BENCHMARK: "[BENCHMARK]"
+	BENCHMARK: "[BENCHMARK]",
+	DASHBOARD_URL: "[DASHBOARD_URL]"
 };
 const BLOCKING_ENV_KEYS = [
 	"ANTHROPIC_API_KEY",
@@ -1485,8 +1595,21 @@ function matchesAllowedPrefix(command) {
 * - Build/typecheck/lint commands for verification
 * - Piping to tail/head for output limiting is allowed
 * - Stderr redirection (2>&1) is allowed
+*
+* `wizardAskPending` is true while a wizard_ask overlay is open — when set,
+* Write/Edit calls are denied as a defense-in-depth measure against a
+* misbehaving agent that races to mutate files before the question is
+* answered. The SDK's tool-result protocol already pauses the agent here;
+* this guard is a belt-and-suspenders second line.
 */
-function wizardCanUseTool(toolName, input) {
+function wizardCanUseTool(toolName, input, context = {}) {
+	if (context.wizardAskPending && (toolName === "Write" || toolName === "Edit")) {
+		logToFile(`Denying ${toolName} while wizard_ask overlay is open`);
+		return {
+			behavior: "deny",
+			message: `${toolName} is paused while a wizard_ask question is open. Wait for the user's answer to come back as a tool result before writing files.`
+		};
+	}
 	if (toolName === "Read" || toolName === "Write" || toolName === "Edit") {
 		const filePath = typeof input.file_path === "string" ? input.file_path : "";
 		const basename = path.basename(filePath);
@@ -1604,6 +1727,9 @@ async function initializeAgent(config, options) {
 		process.env.CLAUDE_CODE_OAUTH_TOKEN = config.posthogApiKey;
 		process.env.CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS = "true";
 		logToFile("Configured LLM gateway:", gatewayUrl);
+		logToFile("API key prefix:", config.posthogApiKey ? `${config.posthogApiKey.slice(0, 4)}***` : "(missing)");
+		const initConflicts = checkAllSettingsConflicts(options.installDir);
+		logToFile("Settings conflicts at agent init:", initConflicts.length > 0 ? initConflicts.map((c) => `${c.source}(${c.keys.join(",")})`).join("; ") : "none");
 		const mcpServers = {
 			"posthog-wizard": {
 				type: "http",
@@ -1621,7 +1747,9 @@ async function initializeAgent(config, options) {
 		mcpServers["wizard-tools"] = await createWizardToolsServer({
 			workingDirectory: config.workingDirectory,
 			detectPackageManager: config.detectPackageManager,
-			skillsBaseUrl: config.skillsBaseUrl
+			skillsBaseUrl: config.skillsBaseUrl,
+			askBridge: config.askBridge,
+			askMaxQuestions: config.askMaxQuestions
 		});
 		const model = config.integrationLabel === "audit-3000" ? "claude-opus-4-6" : "claude-sonnet-4-6";
 		const agentRunConfig = {
@@ -1629,7 +1757,10 @@ async function initializeAgent(config, options) {
 			mcpServers,
 			model,
 			wizardFlags: config.wizardFlags,
-			wizardMetadata: config.wizardMetadata
+			wizardMetadata: config.wizardMetadata,
+			allowedTools: config.allowedTools,
+			disallowedTools: config.disallowedTools,
+			getPendingQuestion: config.getPendingQuestion
 		};
 		logToFile("Agent config:", {
 			workingDirectory: agentRunConfig.workingDirectory,
@@ -1684,6 +1815,7 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 	let receivedSuccessResult = false;
 	let loggedInitialContext = false;
 	let lastResultMessage = null;
+	const tasks = /* @__PURE__ */ new Map();
 	let signalDone;
 	const resultReceived = new Promise((resolve) => {
 		signalDone = resolve;
@@ -1729,18 +1861,9 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 	const abortController = new AbortController();
 	let abortReason = null;
 	try {
-		const allowedTools = [
-			"Read",
-			"Write",
-			"Edit",
-			"Glob",
-			"Grep",
-			"Bash",
-			"Task",
-			"ListMcpResourcesTool",
-			"Skill",
-			...WIZARD_TOOL_NAMES
-		];
+		const disallow = new Set(agentConfig.disallowedTools ?? []);
+		const allowedTools = [...BASE_ALLOWED_TOOLS, ...agentConfig.allowedTools ?? []].filter((t) => !disallow.has(t));
+		const inheritedMcpServerNames = Object.keys(agentConfig.mcpServers);
 		const response = query({
 			prompt: createPromptStream(),
 			options: {
@@ -1750,10 +1873,17 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 				permissionMode: "acceptEdits",
 				betas: ["context-1m-2025-08-07"],
 				mcpServers: agentConfig.mcpServers,
+				agents: { "general-purpose": {
+					description: "General-purpose subagent. Inherits the parent run's tools plus the PostHog and wizard-tools MCP servers, so it can call mcp__posthog-wizard__* directly instead of curling the REST API.",
+					prompt: "You are a general-purpose subagent for the PostHog wizard. Prefer the authenticated mcp__posthog-wizard__* MCP tools over raw HTTP — they are already authenticated for this project. Only fall back to other transports if no MCP tool covers the operation.",
+					mcpServers: inheritedMcpServerNames
+				} },
 				settingSources: ["project"],
+				skills: "all",
 				allowedTools,
 				sandbox: {
 					enabled: true,
+					failIfUnavailable: false,
 					allowUnsandboxedCommands: false,
 					filesystem: { allowWrite: [
 						"/" + agentConfig.workingDirectory,
@@ -1762,12 +1892,23 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 						"//tmp/**",
 						"//private/tmp",
 						"//private/tmp/**",
-						"~/Library/pnpm/store/**",
-						"~/.local/share/pnpm/store/**",
+						"~/Library/pnpm/**",
+						"~/.local/share/pnpm/**",
 						"~/.pnpm-store/**",
 						"~/.npm/**",
 						"~/.yarn/**",
-						"~/.yarn/berry/**"
+						"~/.bun/install/**",
+						"~/.cache/node/corepack/**",
+						"~/Library/Caches/node/corepack/**",
+						"~/.volta/**",
+						"~/.cache/pip/**",
+						"~/Library/Caches/pip/**",
+						"~/.cache/uv/**",
+						"~/Library/Caches/uv/**",
+						"~/.cache/pypoetry/**",
+						"~/Library/Caches/pypoetry/**",
+						"~/.bundle/**",
+						"~/.gem/**"
 					] },
 					network: { allowedDomains: [
 						"github.com",
@@ -1781,6 +1922,7 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 					...process.env,
 					ANTHROPIC_API_KEY: void 0,
 					ENABLE_TOOL_SEARCH: "auto:0",
+					MCP_CONNECTION_NONBLOCKING: "0",
 					ANTHROPIC_CUSTOM_HEADERS: buildAgentEnv(agentConfig.wizardMetadata ?? {}, agentConfig.wizardFlags ?? {})
 				},
 				canUseTool: (toolName, input) => {
@@ -1788,7 +1930,7 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 						toolName,
 						input
 					});
-					const result = wizardCanUseTool(toolName, input);
+					const result = wizardCanUseTool(toolName, input, { wizardAskPending: agentConfig.getPendingQuestion?.() != null });
 					logToFile("canUseTool result:", result);
 					return Promise.resolve(result);
 				},
@@ -1833,7 +1975,7 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 				}
 				loggedInitialContext = true;
 			}
-			handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult);
+			handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult, tasks);
 			if (abortCases.length > 0 && !abortReason && message.type === "assistant") {
 				const content = message.message?.content;
 				if (Array.isArray(content)) {
@@ -1852,8 +1994,16 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 			if (message.type === "assistant" && collectedText.join("\n").includes("API Error: 401")) {
 				signalDone();
 				spinner.stop("Authentication failed");
-				logToFile("Agent error: 401, showing auth error screen");
-				getUI().showAuthError();
+				const conflicts = checkAllSettingsConflicts(options.installDir);
+				const hasSettingsConflict = conflicts.length > 0;
+				logToFile("Agent error: 401, showing auth error screen", {
+					hasSettingsConflict,
+					conflicts
+				});
+				getUI().showAuthError({
+					hasSettingsConflict,
+					logFilePath: getLogFilePath()
+				});
 				await wizardAbort({
 					message: "Authentication failed (401)",
 					error: new WizardError("Authentication failed")
@@ -1964,7 +2114,115 @@ async function runAgent(agentConfig, prompt, options, spinner, config, middlewar
 *                          while still logging to file. The SDK may emit a second error
 *                          result after success due to cleanup race conditions.
 */
-function handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult = false) {
+/**
+* SDK >=0.3.142 replaced TodoWrite with four discrete Task* tools.
+* Create / Update mutate the task list; Get / List are read-only.
+*/
+let TaskTool = /* @__PURE__ */ function(TaskTool) {
+	TaskTool["Create"] = "TaskCreate";
+	TaskTool["Update"] = "TaskUpdate";
+	TaskTool["Get"] = "TaskGet";
+	TaskTool["List"] = "TaskList";
+	return TaskTool;
+}({});
+/**
+* Tools every program gets unless its ProgramConfig.disallowedTools says
+* otherwise. Programs add more via ProgramConfig.allowedTools (e.g.
+* `'Agent'` to opt into subagent dispatch). Skills and PostHog MCP tools
+* are enabled separately (skills option / mcpServers).
+*/
+const BASE_ALLOWED_TOOLS = [
+	"Read",
+	"Write",
+	"Edit",
+	"Glob",
+	"Grep",
+	"Bash",
+	...Object.values(TaskTool),
+	"ListMcpResourcesTool",
+	...Object.values(WIZARD_TOOL_NAMES)
+];
+function handleTaskCreate(block, store) {
+	const input = block.input;
+	if (!input?.subject) return;
+	store.tasks.set(block.id, {
+		content: input.subject,
+		status: "pending",
+		activeForm: input.activeForm
+	});
+	store.sync();
+}
+function handleTaskUpdate(block, store) {
+	const input = block.input;
+	if (!input?.taskId) return;
+	const existing = store.tasks.get(input.taskId);
+	if (!existing) return;
+	if (input.status === "deleted") store.tasks.delete(input.taskId);
+	else store.tasks.set(input.taskId, {
+		content: input.subject ?? existing.content,
+		status: input.status ?? existing.status,
+		activeForm: input.activeForm ?? existing.activeForm
+	});
+	store.sync();
+}
+function handleTaskGet(_block, _store) {}
+function handleTaskList(_block, _store) {}
+function dispatchTaskToolUse(block, store) {
+	switch (block.name) {
+		case "TaskCreate": return handleTaskCreate(block, store);
+		case "TaskUpdate": return handleTaskUpdate(block, store);
+		case "TaskGet": return handleTaskGet(block, store);
+		case "TaskList": return handleTaskList(block, store);
+	}
+}
+/**
+* Pull the SDK-assigned task id off a SDKUserMessage.tool_use_result payload.
+* The SDK already deserialises TaskCreateOutput here, so the shape is the
+* structured `{ task: { id, subject } }` object — no JSON parsing needed.
+*/
+function extractTaskIdFromToolResult(result) {
+	if (!result || typeof result !== "object") return void 0;
+	const obj = result;
+	const task = obj.task;
+	if (task && typeof task.id === "string") return task.id;
+	if (typeof obj.taskId === "string") return obj.taskId;
+	if (typeof obj.id === "string") return obj.id;
+}
+/**
+* Fallback id extractor for the inner tool_result block.content — used only
+* when message.tool_use_result is absent. In current SDK versions the inner
+* content is a human-readable string ("Task #1 created successfully: …") so
+* this path almost always returns undefined.
+*/
+function extractTaskIdFromResult(content) {
+	const tryParse = (s) => {
+		try {
+			const parsed = JSON.parse(s);
+			const id = parsed?.task?.id ?? parsed?.taskId ?? parsed?.id;
+			return typeof id === "string" ? id : void 0;
+		} catch {
+			return;
+		}
+	};
+	if (typeof content === "string") return tryParse(content);
+	if (Array.isArray(content)) {
+		for (const block of content) if (block?.type === "text" && typeof block.text === "string") {
+			const id = tryParse(block.text);
+			if (id) return id;
+		}
+	}
+}
+function handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult = false, tasks) {
+	const STATUS_RANK = {
+		completed: 0,
+		in_progress: 1
+	};
+	const rank = (status) => STATUS_RANK[status] ?? 2;
+	const syncTasks = () => {
+		if (!tasks) return;
+		const sorted = Array.from(tasks.values()).sort((a, b) => rank(a.status) - rank(b.status));
+		getUI().syncTodos(sorted);
+	};
 	logToFile(`SDK Message: ${message.type}`, JSON.stringify(message, null, 2));
 	if (options.debug) debug(`SDK Message type: ${message.type}`);
 	switch (message.type) {
@@ -1980,11 +2238,31 @@ function handleSDKMessage(message, options, spinner, collectedText, receivedSucc
 						getUI().pushStatus(statusText);
 						spinner.message(statusText);
 					}
+					const dashboardRegex = new RegExp(`${AgentSignals.DASHBOARD_URL.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}\\s*(\\S+)`, "m");
+					const dashboardMatch = block.text.match(dashboardRegex);
+					if (dashboardMatch) getUI().setDashboardUrl(dashboardMatch[1].trim());
 				}
-				if (block.type === "tool_use" && block.name === "TodoWrite" && block.input?.todos && Array.isArray(block.input.todos)) getUI().syncTodos(block.input.todos);
+				if (block.type === "tool_use" && tasks && Object.values(TaskTool).includes(block.name)) dispatchTaskToolUse(block, {
+					tasks,
+					sync: syncTasks
+				});
 			}
 			break;
 		}
+		case "user":
+			if (tasks && tasks.size > 0) {
+				const content = message.message?.content;
+				if (Array.isArray(content)) for (const block of content) {
+					if (block.type !== "tool_result" || typeof block.tool_use_id !== "string" || !tasks.has(block.tool_use_id)) continue;
+					const taskId = extractTaskIdFromToolResult(message.tool_use_result) ?? extractTaskIdFromResult(block.content);
+					if (!taskId) continue;
+					const entry = tasks.get(block.tool_use_id);
+					tasks.delete(block.tool_use_id);
+					tasks.set(taskId, entry);
+					syncTasks();
+				}
+			}
+			break;
 		case "result":
 			if (message.is_error) {
 				logToFile("Agent result with error:", message.result);
@@ -2017,6 +2295,6 @@ function handleSDKMessage(message, options, spinner, collectedText, receivedSucc
 	}
 }
 //#endregion
-export { coerceAuditChecks as _, initializeAgent as a, formatScanReport as c, fetchSkillMenu as d, installSkillById as f, AUDIT_SEVERITY_STYLE as g, AUDIT_REPORT_FILE as h, checkAllSettingsConflicts as i, writeScanReport as l, AUDIT_CHECKS_KEY as m, backupAndFixClaudeSettings as n, restoreClaudeSettings as o, AUDIT_CHECKS_FILE as p, buildWizardMetadata as r, runAgent as s, AgentSignals as t, downloadSkill as u, getAuditChecks as v };
+export { AUDIT_SEVERITY_STYLE as _, initializeAgent as a, formatScanReport as c, downloadSkill as d, fetchSkillMenu as f, AUDIT_REPORT_FILE as g, AUDIT_CHECKS_KEY as h, checkAllSettingsConflicts as i, writeScanReport as l, AUDIT_CHECKS_FILE as m, backupAndFixClaudeSettings as n, restoreClaudeSettings as o, installSkillById as p, buildWizardMetadata as r, runAgent as s, AgentSignals as t, WIZARD_TOOL_NAMES as u, coerceAuditChecks as v, getAuditChecks as y };
 
-//# sourceMappingURL=agent-interface-D9DeIikl.js.map
+//# sourceMappingURL=agent-interface-gP4pkZgS.js.map