@probelabs/probe 0.6.0-rc178 → 0.6.0-rc187

package/build/agent/index.js

@@ -3513,7 +3513,9 @@ async function delegate({
   parentSessionId = null,
   path: path9 = null,
   provider = null,
-  model = null
+  model = null,
+  enableBash = false,
+  bashConfig = null
 }) {
   if (!task || typeof task !== "string") {
     throw new Error("Task parameter is required and must be a string");
@@ -3555,7 +3557,11 @@ async function delegate({
       // Inherit from parent
       provider,
       // Inherit from parent
-      model
+      model,
+      // Inherit from parent
+      enableBash,
+      // Inherit from parent
+      bashConfig
       // Inherit from parent
     });
     if (debug) {
@@ -8455,7 +8461,7 @@ var init_vercel = __esm({
       });
     };
     delegateTool = (options = {}) => {
-      const { debug = false, timeout = 300, cwd, allowedFolders } = options;
+      const { debug = false, timeout = 300, cwd, allowedFolders, enableBash = false, bashConfig } = options;
       return tool({
         name: "delegate",
         description: delegateDescription,
@@ -8505,7 +8511,9 @@ var init_vercel = __esm({
             path: effectivePath,
             provider,
             model,
-            tracer
+            tracer,
+            enableBash,
+            bashConfig
           });
           return result;
         }
@@ -9136,6 +9144,46 @@ function isComplexCommand(command) {
   const result = parseSimpleCommand(command);
   return result.isComplex;
 }
+function isComplexPattern(pattern) {
+  if (!pattern || typeof pattern !== "string") return false;
+  const operatorPatterns = [
+    /\|/,
+    // Pipes
+    /&&/,
+    // Logical AND
+    /\|\|/,
+    // Logical OR
+    /;/,
+    // Command separator
+    /&$/,
+    // Background execution
+    /\$\(/,
+    // Command substitution $()
+    /`/,
+    // Command substitution ``
+    />/,
+    // Redirection >
+    /</
+    // Redirection <
+  ];
+  return operatorPatterns.some((p) => p.test(pattern));
+}
+function globToRegex(pattern) {
+  let escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+  escaped = escaped.replace(/\*/g, ".*?");
+  return new RegExp("^" + escaped + "$", "i");
+}
+function matchesComplexPattern(command, pattern) {
+  if (!command || !pattern) return false;
+  const normalizedCommand = command.trim().replace(/\s+/g, " ");
+  const normalizedPattern = pattern.trim().replace(/\s+/g, " ");
+  try {
+    const regex = globToRegex(normalizedPattern);
+    return regex.test(normalizedCommand);
+  } catch (e) {
+    return normalizedCommand === normalizedPattern;
+  }
+}
 function parseCommand(command) {
   const result = parseSimpleCommand(command);
   if (!result.success) {
@@ -9250,7 +9298,7 @@ var init_bashPermissions = __esm({
         }
       }
       /**
-       * Check if a simple command is allowed (rejects complex commands for security)
+       * Check if a simple command is allowed (complex commands allowed if they match patterns)
        * @param {string} command - Command to check
        * @returns {Object} Permission result
        */
@@ -9262,13 +9310,9 @@ var init_bashPermissions = __esm({
             command
           };
         }
-        if (isComplexCommand(command)) {
-          return {
-            allowed: false,
-            reason: "Complex shell commands with pipes, operators, or redirections are not supported for security reasons",
-            command,
-            isComplex: true
-          };
+        const commandIsComplex = isComplexCommand(command);
+        if (commandIsComplex) {
+          return this._checkComplexCommand(command);
         }
         const parsed = parseCommand(command);
         if (parsed.error) {
@@ -9320,6 +9364,59 @@ var init_bashPermissions = __esm({
         }
         return result;
       }
+      /**
+       * Check a complex command against complex patterns in allow/deny lists
+       * @private
+       * @param {string} command - Complex command to check
+       * @returns {Object} Permission result
+       */
+      _checkComplexCommand(command) {
+        if (this.debug) {
+          console.log(`[BashPermissions] Checking complex command: "${command}"`);
+        }
+        const complexAllowPatterns = this.allowPatterns.filter((p) => isComplexPattern(p));
+        const complexDenyPatterns = this.denyPatterns.filter((p) => isComplexPattern(p));
+        if (this.debug) {
+          console.log(`[BashPermissions] Complex allow patterns: ${complexAllowPatterns.length}`);
+          console.log(`[BashPermissions] Complex deny patterns: ${complexDenyPatterns.length}`);
+        }
+        for (const pattern of complexDenyPatterns) {
+          if (matchesComplexPattern(command, pattern)) {
+            if (this.debug) {
+              console.log(`[BashPermissions] DENIED - matches complex deny pattern: ${pattern}`);
+            }
+            return {
+              allowed: false,
+              reason: `Command matches deny pattern: ${pattern}`,
+              command,
+              isComplex: true,
+              matchedPatterns: [pattern]
+            };
+          }
+        }
+        for (const pattern of complexAllowPatterns) {
+          if (matchesComplexPattern(command, pattern)) {
+            if (this.debug) {
+              console.log(`[BashPermissions] ALLOWED - matches complex allow pattern: ${pattern}`);
+            }
+            return {
+              allowed: true,
+              command,
+              isComplex: true,
+              matchedPattern: pattern
+            };
+          }
+        }
+        if (this.debug) {
+          console.log(`[BashPermissions] DENIED - no matching complex pattern found`);
+        }
+        return {
+          allowed: false,
+          reason: 'Complex shell commands require explicit allow patterns (e.g., "cd * && git *")',
+          command,
+          isComplex: true
+        };
+      }
       /**
        * Get configuration summary
        * @returns {Object} Configuration info
@@ -9378,28 +9475,40 @@ async function executeBashCommand(command, options = {}) {
       ...process.env,
       ...env
     };
-    const args = parseCommandForExecution(command);
-    if (!args || args.length === 0) {
-      resolve6({
-        success: false,
-        error: "Failed to parse command",
-        stdout: "",
-        stderr: "",
-        exitCode: 1,
-        command,
-        workingDirectory: cwd,
-        duration: Date.now() - startTime
-      });
-      return;
+    const isComplex = isComplexCommand(command);
+    let cmd, cmdArgs, useShell;
+    if (isComplex) {
+      cmd = "sh";
+      cmdArgs = ["-c", command];
+      useShell = false;
+      if (debug) {
+        console.log(`[BashExecutor] Complex command - using sh -c`);
+      }
+    } else {
+      const args = parseCommandForExecution(command);
+      if (!args || args.length === 0) {
+        resolve6({
+          success: false,
+          error: "Failed to parse command",
+          stdout: "",
+          stderr: "",
+          exitCode: 1,
+          command,
+          workingDirectory: cwd,
+          duration: Date.now() - startTime
+        });
+        return;
+      }
+      [cmd, ...cmdArgs] = args;
+      useShell = false;
     }
-    const [cmd, ...cmdArgs] = args;
     const child = spawn2(cmd, cmdArgs, {
       cwd,
       env: processEnv,
       stdio: ["ignore", "pipe", "pipe"],
       // stdin ignored, capture stdout/stderr
-      shell: false,
-      // For security
+      shell: useShell,
+      // false for security
       windowsHide: true
     });
     let stdout = "";
@@ -23000,6 +23109,16 @@ var init_regexp_parser = __esm({
               case "!":
                 type = "NegativeLookahead";
                 break;
+              case "<": {
+                switch (this.popChar()) {
+                  case "=":
+                    type = "Lookbehind";
+                    break;
+                  case "!":
+                    type = "NegativeLookbehind";
+                }
+                break;
+              }
             }
             ASSERT_EXISTS(type);
             const disjunction = this.disjunction();
@@ -23491,9 +23610,9 @@ var init_regexp_parser = __esm({
               default:
                 return false;
             }
-          // '(?=' or '(?!'
+          // '(?=' or '(?!' or `(?<=` or `(?<!`
           case "(":
-            return this.peekChar(1) === "?" && (this.peekChar(2) === "=" || this.peekChar(2) === "!");
+            return this.peekChar(1) === "?" && (this.peekChar(2) === "=" || this.peekChar(2) === "!" || this.peekChar(2) === "<" && (this.peekChar(3) === "=" || this.peekChar(3) === "!"));
           default:
             return false;
         }
@@ -23618,6 +23737,12 @@ var init_base_regexp_visitor = __esm({
           case "NegativeLookahead":
             this.visitNegativeLookahead(node);
             break;
+          case "Lookbehind":
+            this.visitLookbehind(node);
+            break;
+          case "NegativeLookbehind":
+            this.visitNegativeLookbehind(node);
+            break;
           case "Character":
             this.visitCharacter(node);
             break;
@@ -23657,6 +23782,10 @@ var init_base_regexp_visitor = __esm({
       }
       visitNegativeLookahead(node) {
       }
+      visitLookbehind(node) {
+      }
+      visitNegativeLookbehind(node) {
+      }
       // atoms
       visitCharacter(node) {
       }
@@ -23750,6 +23879,8 @@ function firstCharOptimizedIndices(ast, result, ignoreCase) {
           // assertions do not affect potential starting codes
           case "Lookahead":
           case "NegativeLookahead":
+          case "Lookbehind":
+          case "NegativeLookbehind":
           case "StartAnchor":
           case "WordBoundary":
           case "NonWordBoundary":
@@ -23894,6 +24025,12 @@ var init_reg_exp = __esm({
           case "NegativeLookahead":
             this.visitNegativeLookahead(node);
             return;
+          case "Lookbehind":
+            this.visitLookbehind(node);
+            return;
+          case "NegativeLookbehind":
+            this.visitNegativeLookbehind(node);
+            return;
         }
         super.visitChildren(node);
       }
@@ -24333,24 +24470,27 @@ function findUnreachablePatterns(tokenTypes) {
     }
     return result;
   }, []);
-  forEach_default(tokenTypes, (tokType, testIdx) => {
-    forEach_default(canBeTested, ({ str, idx, tokenType }) => {
-      if (testIdx < idx && testTokenType(str, tokType.PATTERN)) {
-        const msg = `Token: ->${tokenType.name}<- can never be matched.
-Because it appears AFTER the Token Type ->${tokType.name}<-in the lexer's definition.
+  forEach_default(tokenTypes, (aTokType, aIdx) => {
+    forEach_default(canBeTested, ({ str: bStr, idx: bIdx, tokenType: bTokType }) => {
+      if (aIdx < bIdx && tryToMatchStrToPattern(bStr, aTokType.PATTERN)) {
+        const msg = `Token: ->${bTokType.name}<- can never be matched.
+Because it appears AFTER the Token Type ->${aTokType.name}<-in the lexer's definition.
 See https://chevrotain.io/docs/guide/resolving_lexer_errors.html#UNREACHABLE`;
         errors.push({
           message: msg,
           type: LexerDefinitionErrorType.UNREACHABLE_PATTERN,
-          tokenTypes: [tokType, tokenType]
+          tokenTypes: [aTokType, bTokType]
         });
       }
     });
   });
   return errors;
 }
-function testTokenType(str, pattern) {
+function tryToMatchStrToPattern(str, pattern) {
   if (isRegExp_default(pattern)) {
+    if (usesLookAheadOrBehind(pattern)) {
+      return false;
+    }
     const regExpArray = pattern.exec(str);
     return regExpArray !== null && regExpArray.index === 0;
   } else if (isFunction_default(pattern)) {
@@ -24381,6 +24521,9 @@ function noMetaChar(regExp) {
   ];
   return find_default(metaChars, (char) => regExp.source.indexOf(char) !== -1) === void 0;
 }
+function usesLookAheadOrBehind(regExp) {
+  return /(\(\?=)|(\(\?!)|(\(\?<=)|(\(\?<!)/.test(regExp.source);
+}
 function addStartOfInput(pattern) {
   const flags = pattern.ignoreCase ? "i" : "";
   return new RegExp(`^(?:${pattern.source})`, flags);
@@ -24728,7 +24871,7 @@ var init_lexer_errors_public = __esm({
       buildUnableToPopLexerModeMessage(token) {
         return `Unable to pop Lexer Mode after encountering Token ->${token.image}<- The Mode Stack is empty`;
       },
-      buildUnexpectedCharactersMessage(fullText, startOffset, length, line, column) {
+      buildUnexpectedCharactersMessage(fullText, startOffset, length, line, column, mode) {
         return `unexpected character: ->${fullText.charAt(startOffset)}<- at offset: ${startOffset}, skipped ${length} characters.`;
       }
     };
@@ -25169,7 +25312,7 @@ var init_lexer_public = __esm({
             }
             errLength = offset - errorStartOffset;
             column = this.computeNewColumn(column, errLength);
-            msg = this.config.errorMessageProvider.buildUnexpectedCharactersMessage(orgText, errorStartOffset, errLength, errorLine, errorColumn);
+            msg = this.config.errorMessageProvider.buildUnexpectedCharactersMessage(orgText, errorStartOffset, errLength, errorLine, errorColumn, last_default(modeStack));
             errors.push({
               offset: errorStartOffset,
               line: errorLine,
@@ -25282,7 +25425,7 @@ var init_lexer_public = __esm({
         return regExpArray !== null ? regExpArray[0] : null;
       }
     };
-    Lexer.SKIPPED = "This marks a skipped Token pattern, this means each token identified by it willbe consumed and then thrown into oblivion, this can be used to for example to completely ignore whitespace.";
+    Lexer.SKIPPED = "This marks a skipped Token pattern, this means each token identified by it will be consumed and then thrown into oblivion, this can be used to for example to completely ignore whitespace.";
     Lexer.NA = /NOT_APPLICABLE/;
   }
 });
@@ -54963,18 +55106,18 @@ function createJsonCorrectionPrompt(invalidResponse, schema, errorOrValidation,
   const strengthLevels = [
     {
       prefix: "CRITICAL JSON ERROR:",
-      instruction: "You MUST fix this and return ONLY valid JSON.",
-      emphasis: "Return ONLY the corrected JSON, with no additional text or markdown formatting."
+      instruction: "You MUST fix this and respond using attempt_completion with ONLY valid JSON as the result.",
+      emphasis: "Use attempt_completion with ONLY the corrected JSON in the result field. No explanatory text, no markdown, no code blocks."
     },
     {
       prefix: "URGENT - JSON PARSING FAILED:",
-      instruction: "This is your second chance. Return ONLY valid JSON that can be parsed by JSON.parse().",
-      emphasis: "ABSOLUTELY NO explanatory text, greetings, or formatting. ONLY JSON."
+      instruction: "This is your second chance. Use attempt_completion with valid JSON that can be parsed by JSON.parse().",
+      emphasis: "ABSOLUTELY NO explanatory text or formatting. Use attempt_completion with ONLY raw JSON in the result."
     },
     {
       prefix: "FINAL ATTEMPT - CRITICAL JSON ERROR:",
-      instruction: "This is the final retry. You MUST return ONLY raw JSON without any other content.",
-      emphasis: 'EXAMPLE: {"key": "value"} NOT: ```json{"key": "value"}``` NOT: Here is the JSON: {"key": "value"}'
+      instruction: "This is the final retry. You MUST use attempt_completion with ONLY raw JSON in the result field.",
+      emphasis: 'CORRECT: <attempt_completion><result>{"key": "value"}</result></attempt_completion>\nWRONG: Here is the JSON: {"key": "value"}\nWRONG: ```json{"key": "value"}```'
     }
   ];
   const level = Math.min(retryCount, strengthLevels.length - 1);
@@ -60988,24 +61131,31 @@ You are working with a repository located at: ${searchDirectory}
               console.log(`[DEBUG] Assistant response (${assistantResponseContent.length} chars): ${assistantPreview}`);
             }
             const validTools = [];
-            if (this.allowedTools.isEnabled("search")) validTools.push("search");
-            if (this.allowedTools.isEnabled("query")) validTools.push("query");
-            if (this.allowedTools.isEnabled("extract")) validTools.push("extract");
-            if (this.allowedTools.isEnabled("listFiles")) validTools.push("listFiles");
-            if (this.allowedTools.isEnabled("searchFiles")) validTools.push("searchFiles");
-            if (this.allowedTools.isEnabled("readImage")) validTools.push("readImage");
-            if (this.allowedTools.isEnabled("attempt_completion")) validTools.push("attempt_completion");
-            if (this.allowEdit && this.allowedTools.isEnabled("implement")) {
-              validTools.push("implement", "edit", "create");
-            }
-            if (this.enableBash && this.allowedTools.isEnabled("bash")) {
-              validTools.push("bash");
-            }
-            if (this.enableDelegate && this.allowedTools.isEnabled("delegate")) {
-              validTools.push("delegate");
+            if (options._disableTools) {
+              validTools.push("attempt_completion");
+              if (this.debug) {
+                console.log(`[DEBUG] Tools disabled for this call - only attempt_completion allowed`);
+              }
+            } else {
+              if (this.allowedTools.isEnabled("search")) validTools.push("search");
+              if (this.allowedTools.isEnabled("query")) validTools.push("query");
+              if (this.allowedTools.isEnabled("extract")) validTools.push("extract");
+              if (this.allowedTools.isEnabled("listFiles")) validTools.push("listFiles");
+              if (this.allowedTools.isEnabled("searchFiles")) validTools.push("searchFiles");
+              if (this.allowedTools.isEnabled("readImage")) validTools.push("readImage");
+              if (this.allowedTools.isEnabled("attempt_completion")) validTools.push("attempt_completion");
+              if (this.allowEdit && this.allowedTools.isEnabled("implement")) {
+                validTools.push("implement", "edit", "create");
+              }
+              if (this.enableBash && this.allowedTools.isEnabled("bash")) {
+                validTools.push("bash");
+              }
+              if (this.enableDelegate && this.allowedTools.isEnabled("delegate")) {
+                validTools.push("delegate");
+              }
             }
             const nativeTools = validTools;
-            const parsedTool = this.mcpBridge ? parseHybridXmlToolCall(assistantResponseContent, nativeTools, this.mcpBridge) : parseXmlToolCallWithThinking(assistantResponseContent, validTools);
+            const parsedTool = this.mcpBridge && !options._disableTools ? parseHybridXmlToolCall(assistantResponseContent, nativeTools, this.mcpBridge) : parseXmlToolCallWithThinking(assistantResponseContent, validTools);
             if (parsedTool) {
               const { toolName, params } = parsedTool;
               if (this.debug) console.log(`[DEBUG] Parsed tool call: ${toolName} with params:`, params);
@@ -61086,10 +61236,23 @@ ${toolResultContent}
                   }
                 } else if (this.toolImplementations[toolName]) {
                   try {
+                    let resolvedWorkingDirectory = this.allowedFolders && this.allowedFolders[0] || process.cwd();
+                    if (params.workingDirectory) {
+                      const requestedDir = resolve4(params.workingDirectory);
+                      const isWithinAllowed = !this.allowedFolders || this.allowedFolders.length === 0 || this.allowedFolders.some((folder) => {
+                        const resolvedFolder = resolve4(folder);
+                        return requestedDir === resolvedFolder || requestedDir.startsWith(resolvedFolder + sep3);
+                      });
+                      if (isWithinAllowed) {
+                        resolvedWorkingDirectory = requestedDir;
+                      } else if (this.debug) {
+                        console.error(`[DEBUG] Rejected workingDirectory "${params.workingDirectory}" - not within allowed folders`);
+                      }
+                    }
                     const toolParams = {
                       ...params,
                       sessionId: this.sessionId,
-                      workingDirectory: this.allowedFolders && this.allowedFolders[0] || process.cwd()
+                      workingDirectory: resolvedWorkingDirectory
                     };
                     if (this.debug) {
                       console.error(`
@@ -61604,8 +61767,10 @@ Convert your previous response content into actual JSON data that follows this s
                   finalResult = await this.answer(correctionPrompt, [], {
                     ...options,
                     _schemaFormatted: true,
-                    _skipValidation: true
+                    _skipValidation: true,
                     // Skip validation in recursive correction calls to prevent loops
+                    _disableTools: true
+                    // Only allow attempt_completion - prevent AI from using search/query tools
                   });
                   finalResult = cleanSchemaResponse(finalResult);
                   validation = validateJsonResponse(finalResult, { debug: this.debug });
@@ -63084,7 +63249,7 @@ Please reformat your previous response to match this schema exactly. Only return
               if (!validation.isValid) {
                 const correctionPrompt = createJsonCorrectionPrompt(result, schema, validation.error);
                 try {
-                  result = await agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true });
+                  result = await agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true, _disableTools: true });
                   result = cleanSchemaResponse(result);
                   const finalValidation = validateJsonResponse(result);
                   if (!finalValidation.isValid && args.debug) {
@@ -63370,11 +63535,11 @@ Please reformat your previous response to match this schema exactly. Only return
               if (appTracer) {
                 result = await appTracer.withSpan(
                   "agent.json_correction",
-                  () => agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true }),
+                  () => agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true, _disableTools: true }),
                   { "original_error": validation.error }
                 );
               } else {
-                result = await agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true });
+                result = await agent.answer(correctionPrompt, [], { schema, _schemaFormatted: true, _disableTools: true });
               }
               result = cleanSchemaResponse(result);
               const finalValidation = validateJsonResponse(result);

package/build/agent/schemaUtils.js

@@ -787,21 +787,22 @@ export function createJsonCorrectionPrompt(invalidResponse, schema, errorOrValid
   }
 
   // Create increasingly stronger prompts based on retry attempt
+  // These prompts explicitly instruct the AI to use attempt_completion with the JSON result
   const strengthLevels = [
     {
       prefix: "CRITICAL JSON ERROR:",
-      instruction: "You MUST fix this and return ONLY valid JSON.",
-      emphasis: "Return ONLY the corrected JSON, with no additional text or markdown formatting."
+      instruction: "You MUST fix this and respond using attempt_completion with ONLY valid JSON as the result.",
+      emphasis: "Use attempt_completion with ONLY the corrected JSON in the result field. No explanatory text, no markdown, no code blocks."
     },
     {
       prefix: "URGENT - JSON PARSING FAILED:",
-      instruction: "This is your second chance. Return ONLY valid JSON that can be parsed by JSON.parse().",
-      emphasis: "ABSOLUTELY NO explanatory text, greetings, or formatting. ONLY JSON."
+      instruction: "This is your second chance. Use attempt_completion with valid JSON that can be parsed by JSON.parse().",
+      emphasis: "ABSOLUTELY NO explanatory text or formatting. Use attempt_completion with ONLY raw JSON in the result."
     },
     {
       prefix: "FINAL ATTEMPT - CRITICAL JSON ERROR:",
-      instruction: "This is the final retry. You MUST return ONLY raw JSON without any other content.",
-      emphasis: "EXAMPLE: {\"key\": \"value\"} NOT: ```json{\"key\": \"value\"}``` NOT: Here is the JSON: {\"key\": \"value\"}"
+      instruction: "This is the final retry. You MUST use attempt_completion with ONLY raw JSON in the result field.",
+      emphasis: "CORRECT: <attempt_completion><result>{\"key\": \"value\"}</result></attempt_completion>\nWRONG: Here is the JSON: {\"key\": \"value\"}\nWRONG: ```json{\"key\": \"value\"}```"
     }
   ];
 

package/build/delegate.js

@@ -176,6 +176,8 @@ const delegationManager = new DelegationManager();
  * @param {string} [options.provider] - AI provider (inherited from parent)
  * @param {string} [options.model] - AI model (inherited from parent)
  * @param {Object} [options.tracer=null] - Telemetry tracer instance
+ * @param {boolean} [options.enableBash=false] - Enable bash tool (inherited from parent)
+ * @param {Object} [options.bashConfig] - Bash configuration (inherited from parent)
  * @returns {Promise<string>} The response from the delegate agent
  */
 export async function delegate({
@@ -188,7 +190,9 @@ export async function delegate({
 	parentSessionId = null,
 	path = null,
 	provider = null,
-	model = null
+	model = null,
+	enableBash = false,
+	bashConfig = null
 }) {
 	if (!task || typeof task !== 'string') {
 		throw new Error('Task parameter is required and must be a string');
@@ -234,9 +238,11 @@ export async function delegate({
 			maxIterations: remainingIterations,
 			debug,
 			tracer,
-			path,      // Inherit from parent
-			provider,  // Inherit from parent
-			model      // Inherit from parent
+			path,       // Inherit from parent
+			provider,   // Inherit from parent
+			model,      // Inherit from parent
+			enableBash, // Inherit from parent
+			bashConfig  // Inherit from parent
 		});
 
 		if (debug) {

package/build/tools/vercel.js

@@ -239,10 +239,12 @@ export const extractTool = (options = {}) => {
  * @param {number} [options.timeout=300] - Default timeout in seconds
  * @param {string} [options.cwd] - Working directory to use if not specified in call
  * @param {string[]} [options.allowedFolders] - Allowed folders for workspace isolation
+ * @param {boolean} [options.enableBash=false] - Enable bash tool for sub-agents
+ * @param {Object} [options.bashConfig] - Bash configuration (allow/deny patterns)
  * @returns {Object} Configured delegate tool
  */
 export const delegateTool = (options = {}) => {
-	const { debug = false, timeout = 300, cwd, allowedFolders } = options;
+	const { debug = false, timeout = 300, cwd, allowedFolders, enableBash = false, bashConfig } = options;
 
 	return tool({
 		name: 'delegate',
@@ -309,7 +311,9 @@ export const delegateTool = (options = {}) => {
 				path: effectivePath,
 				provider,
 				model,
-				tracer
+				tracer,
+				enableBash,
+				bashConfig
 			});
 
 			return result;