@probelabs/probe 0.6.0-rc198 → 0.6.0-rc200

package/build/agent/index.js

@@ -3554,7 +3554,9 @@ async function delegate({
       debug,
       tracer,
       path: path9,
-      // Inherit from parent
+      // Workspace root (from delegateTool)
+      cwd: path9,
+      // Explicitly set cwd to workspace root to prevent path doubling
       provider,
       // Inherit from parent
       model,
@@ -7869,558 +7871,890 @@ var init_zod = __esm({
   }
 });
 
-// src/tools/common.js
-import { resolve, isAbsolute } from "path";
-function getValidParamsForTool(toolName) {
-  const schemaMap = {
-    search: searchSchema,
-    query: querySchema,
-    extract: extractSchema,
-    delegate: delegateSchema,
-    bash: bashSchema,
-    attempt_completion: attemptCompletionSchema
-  };
-  const schema = schemaMap[toolName];
-  if (!schema) {
-    return ["path", "directory", "pattern", "recursive", "includeHidden", "task", "files", "autoCommits", "result"];
-  }
-  if (toolName === "attempt_completion") {
-    return ["result"];
-  }
-  if (schema && schema._def && schema._def.shape) {
-    return Object.keys(schema._def.shape());
-  }
-  return [];
-}
-function parseXmlToolCall(xmlString, validTools = DEFAULT_VALID_TOOLS) {
-  for (const toolName of validTools) {
-    const openTag = `<${toolName}>`;
-    const closeTag = `</${toolName}>`;
-    const openIndex = xmlString.indexOf(openTag);
-    if (openIndex === -1) {
-      continue;
-    }
-    let closeIndex;
-    if (toolName === "attempt_completion") {
-      closeIndex = xmlString.lastIndexOf(closeTag);
-      if (closeIndex !== -1 && closeIndex <= openIndex + openTag.length) {
-        closeIndex = -1;
-      }
-    } else {
-      closeIndex = xmlString.indexOf(closeTag, openIndex + openTag.length);
-    }
-    let hasClosingTag = closeIndex !== -1;
-    if (closeIndex === -1) {
-      closeIndex = xmlString.length;
-    }
-    const innerContent = xmlString.substring(
-      openIndex + openTag.length,
-      closeIndex
-    );
-    const params = {};
-    const validParams = getValidParamsForTool(toolName);
-    for (const paramName of validParams) {
-      const paramOpenTag = `<${paramName}>`;
-      const paramCloseTag = `</${paramName}>`;
-      const paramOpenIndex = innerContent.indexOf(paramOpenTag);
-      if (paramOpenIndex === -1) {
-        continue;
-      }
-      let paramCloseIndex = innerContent.indexOf(paramCloseTag, paramOpenIndex + paramOpenTag.length);
-      if (paramCloseIndex === -1) {
-        let nextTagIndex = innerContent.length;
-        for (const nextParam of validParams) {
-          const nextOpenTag = `<${nextParam}>`;
-          const nextIndex = innerContent.indexOf(nextOpenTag, paramOpenIndex + paramOpenTag.length);
-          if (nextIndex !== -1 && nextIndex < nextTagIndex) {
-            nextTagIndex = nextIndex;
-          }
-        }
-        paramCloseIndex = nextTagIndex;
-      }
-      let paramValue = innerContent.substring(
-        paramOpenIndex + paramOpenTag.length,
-        paramCloseIndex
-      ).trim();
-      if (paramValue.toLowerCase() === "true") {
-        paramValue = true;
-      } else if (paramValue.toLowerCase() === "false") {
-        paramValue = false;
-      } else if (!isNaN(paramValue) && paramValue.trim() !== "") {
-        const num = Number(paramValue);
-        if (Number.isFinite(num)) {
-          paramValue = num;
-        }
-      }
-      params[paramName] = paramValue;
-    }
-    if (toolName === "attempt_completion") {
-      params["result"] = innerContent.trim();
-      if (params.command) {
-        delete params.command;
-      }
-    }
-    return { toolName, params };
-  }
-  return null;
-}
-function createMessagePreview(message, charsPerSide = 200) {
-  if (message === null || message === void 0) {
-    return "null/undefined";
-  }
-  if (typeof message !== "string") {
-    return "null/undefined";
-  }
-  const totalChars = charsPerSide * 2;
-  if (message.length <= totalChars) {
-    return message;
-  }
-  const start = message.substring(0, charsPerSide);
-  const end = message.substring(message.length - charsPerSide);
-  return `${start}...${end}`;
-}
-function parseTargets(targets) {
-  if (!targets || typeof targets !== "string") {
-    return [];
+// src/tools/edit.js
+import { tool } from "ai";
+import { promises as fs6 } from "fs";
+import { dirname, resolve, isAbsolute, sep } from "path";
+import { existsSync } from "fs";
+function isPathAllowed(filePath, allowedFolders) {
+  if (!allowedFolders || allowedFolders.length === 0) {
+    const resolvedPath2 = resolve(filePath);
+    const cwd = resolve(process.cwd());
+    return resolvedPath2 === cwd || resolvedPath2.startsWith(cwd + sep);
   }
-  return targets.split(/[\s,]+/).filter((f) => f.length > 0);
-}
-function parseAndResolvePaths(pathStr, cwd) {
-  if (!pathStr) return [];
-  const paths = pathStr.split(",").map((p) => p.trim()).filter((p) => p.length > 0);
-  return paths.map((p) => {
-    if (isAbsolute(p)) {
-      return p;
-    }
-    return cwd ? resolve(cwd, p) : p;
+  const resolvedPath = resolve(filePath);
+  return allowedFolders.some((folder) => {
+    const allowedPath = resolve(folder);
+    return resolvedPath === allowedPath || resolvedPath.startsWith(allowedPath + sep);
   });
 }
-function resolveTargetPath(target, cwd) {
-  const searchStart = target.length > 2 && target[1] === ":" && /[a-zA-Z]/.test(target[0]) ? 2 : 0;
-  const colonIdx = target.indexOf(":", searchStart);
-  const hashIdx = target.indexOf("#");
-  let filePart, suffix;
-  if (colonIdx !== -1 && (hashIdx === -1 || colonIdx < hashIdx)) {
-    filePart = target.substring(0, colonIdx);
-    suffix = target.substring(colonIdx);
-  } else if (hashIdx !== -1) {
-    filePart = target.substring(0, hashIdx);
-    suffix = target.substring(hashIdx);
-  } else {
-    filePart = target;
-    suffix = "";
-  }
-  if (!isAbsolute(filePart) && cwd) {
-    filePart = resolve(cwd, filePart);
-  }
-  return filePart + suffix;
+function parseFileToolOptions(options = {}) {
+  return {
+    debug: options.debug || false,
+    allowedFolders: options.allowedFolders || [],
+    cwd: options.cwd
+  };
 }
-var searchSchema, querySchema, extractSchema, delegateSchema, bashSchema, attemptCompletionSchema, searchToolDefinition, queryToolDefinition, extractToolDefinition, delegateToolDefinition, attemptCompletionToolDefinition, bashToolDefinition, searchDescription, queryDescription, extractDescription, delegateDescription, DEFAULT_VALID_TOOLS;
-var init_common = __esm({
-  "src/tools/common.js"() {
+var editTool, createTool, editSchema, createSchema, editDescription, createDescription, editToolDefinition, createToolDefinition;
+var init_edit = __esm({
+  "src/tools/edit.js"() {
     "use strict";
-    init_zod();
-    searchSchema = external_exports.object({
-      query: external_exports.string().describe("Search query with Elasticsearch syntax. Use quotes for exact matches, AND/OR for boolean logic, - for negation."),
-      path: external_exports.string().optional().default(".").describe('Path to search in. For dependencies use "go:github.com/owner/repo", "js:package_name", or "rust:cargo_name" etc.')
-    });
-    querySchema = external_exports.object({
-      pattern: external_exports.string().describe("AST pattern to search for. Use $NAME for variable names, $$$PARAMS for parameter lists, etc."),
-      path: external_exports.string().optional().default(".").describe("Path to search in"),
-      language: external_exports.string().optional().default("rust").describe("Programming language to use for parsing"),
-      allow_tests: external_exports.boolean().optional().default(true).describe("Allow test files in search results")
-    });
-    extractSchema = external_exports.object({
-      targets: external_exports.string().optional().describe('File paths or symbols to extract from. Formats: "file.js" (whole file), "file.js:42" (line 42), "file.js:10-20" (lines 10-20), "file.js#funcName" (symbol). Multiple targets separated by spaces.'),
-      input_content: external_exports.string().optional().describe("Text content to extract file paths from (alternative to targets)"),
-      allow_tests: external_exports.boolean().optional().default(true).describe("Include test files in extraction results")
-    });
-    delegateSchema = external_exports.object({
-      task: external_exports.string().describe("The task to delegate to a subagent. Be specific about what needs to be accomplished.")
-    });
-    bashSchema = external_exports.object({
-      command: external_exports.string().describe("The bash command to execute"),
-      workingDirectory: external_exports.string().optional().describe("Directory to execute the command in (optional)"),
-      timeout: external_exports.number().optional().describe("Command timeout in milliseconds (optional)"),
-      env: external_exports.record(external_exports.string()).optional().describe("Additional environment variables (optional)")
-    });
-    attemptCompletionSchema = {
-      // Custom validation that requires result parameter but allows direct XML response
-      safeParse: (params) => {
-        if (!params || typeof params !== "object") {
-          return {
-            success: false,
-            error: {
-              issues: [{
-                code: "invalid_type",
-                expected: "object",
-                received: typeof params,
-                path: [],
-                message: "Expected object"
-              }]
-            }
-          };
-        }
-        if (!("result" in params)) {
-          return {
-            success: false,
-            error: {
-              issues: [{
-                code: "invalid_type",
-                expected: "string",
-                received: "undefined",
-                path: ["result"],
-                message: "Required"
-              }]
-            }
-          };
-        }
-        if (typeof params.result !== "string") {
-          return {
-            success: false,
-            error: {
-              issues: [{
-                code: "invalid_type",
-                expected: "string",
-                received: typeof params.result,
-                path: ["result"],
-                message: "Expected string"
-              }]
-            }
-          };
-        }
-        const filteredData = { result: params.result };
-        return {
-          success: true,
-          data: filteredData
-        };
-      }
-    };
-    searchToolDefinition = `
-## search
-Description: Search code in the repository using Elasticsearch query syntax (except field based queries, e.g. "filename:..." NOT supported).
-
-You need to focus on main keywords when constructing the query, and always use elastic search syntax like OR AND and brackets to group keywords.
+    editTool = (options = {}) => {
+      const { debug, allowedFolders, cwd } = parseFileToolOptions(options);
+      return tool({
+        name: "edit",
+        description: `Edit files using exact string replacement (Claude Code style).
 
-**Session Management & Caching:**
-- Ensure not to re-read the same symbols twice - reuse context from previous tool calls
-- Probe returns a session ID on first run - reuse it for subsequent calls to avoid redundant searches
-- Once data is returned, it's cached and won't return on next runs (this is expected behavior)
+This tool performs exact string replacements in files. It requires the old_string to match exactly what's in the file, including all whitespace and indentation.
 
 Parameters:
-- query: (required) Search query with Elasticsearch syntax. Use quotes for exact matches ("functionName"), AND/OR for boolean logic, - for negation, + for important terms.
-- path: (optional, default: '.') Path to search in. All dependencies located in /dep folder, under language sub folders, like this: "/dep/go/github.com/owner/repo", "/dep/js/package_name", or "/dep/rust/cargo_name" etc.
-
-**Workflow:** Always start with search, then use extract for detailed context when needed.
-
-Usage Example:
+- file_path: Path to the file to edit (absolute or relative)
+- old_string: Exact text to find and replace (must be unique in the file unless replace_all is true)
+- new_string: Text to replace with
+- replace_all: (optional) Replace all occurrences instead of requiring uniqueness
 
-<examples>
+Important:
+- The old_string must match EXACTLY including whitespace
+- If old_string appears multiple times and replace_all is false, the edit will fail
+- Use larger context around the string to ensure uniqueness when needed`,
+        inputSchema: {
+          type: "object",
+          properties: {
+            file_path: {
+              type: "string",
+              description: "Path to the file to edit"
+            },
+            old_string: {
+              type: "string",
+              description: "Exact text to find and replace"
+            },
+            new_string: {
+              type: "string",
+              description: "Text to replace with"
+            },
+            replace_all: {
+              type: "boolean",
+              description: "Replace all occurrences (default: false)",
+              default: false
+            }
+          },
+          required: ["file_path", "old_string", "new_string"]
+        },
+        execute: async ({ file_path, old_string, new_string, replace_all = false }) => {
+          try {
+            if (!file_path || typeof file_path !== "string" || file_path.trim() === "") {
+              return `Error editing file: Invalid file_path - must be a non-empty string`;
+            }
+            if (old_string === void 0 || old_string === null || typeof old_string !== "string") {
+              return `Error editing file: Invalid old_string - must be a string`;
+            }
+            if (new_string === void 0 || new_string === null || typeof new_string !== "string") {
+              return `Error editing file: Invalid new_string - must be a string`;
+            }
+            const resolvedPath = isAbsolute(file_path) ? file_path : resolve(cwd || process.cwd(), file_path);
+            if (debug) {
+              console.error(`[Edit] Attempting to edit file: ${resolvedPath}`);
+            }
+            if (!isPathAllowed(resolvedPath, allowedFolders)) {
+              return `Error editing file: Permission denied - ${file_path} is outside allowed directories`;
+            }
+            if (!existsSync(resolvedPath)) {
+              return `Error editing file: File not found - ${file_path}`;
+            }
+            const content = await fs6.readFile(resolvedPath, "utf-8");
+            if (!content.includes(old_string)) {
+              return `Error editing file: String not found - the specified old_string was not found in ${file_path}`;
+            }
+            const occurrences = content.split(old_string).length - 1;
+            if (!replace_all && occurrences > 1) {
+              return `Error editing file: Multiple occurrences found - the old_string appears ${occurrences} times. Use replace_all: true to replace all occurrences, or provide more context to make the string unique.`;
+            }
+            let newContent;
+            if (replace_all) {
+              newContent = content.replaceAll(old_string, new_string);
+            } else {
+              newContent = content.replace(old_string, new_string);
+            }
+            if (newContent === content) {
+              return `Error editing file: No changes made - old_string and new_string might be the same`;
+            }
+            await fs6.writeFile(resolvedPath, newContent, "utf-8");
+            const replacedCount = replace_all ? occurrences : 1;
+            if (debug) {
+              console.error(`[Edit] Successfully edited ${resolvedPath}, replaced ${replacedCount} occurrence(s)`);
+            }
+            return `Successfully edited ${file_path} (${replacedCount} replacement${replacedCount !== 1 ? "s" : ""})`;
+          } catch (error) {
+            console.error("[Edit] Error:", error);
+            return `Error editing file: ${error.message}`;
+          }
+        }
+      });
+    };
+    createTool = (options = {}) => {
+      const { debug, allowedFolders, cwd } = parseFileToolOptions(options);
+      return tool({
+        name: "create",
+        description: `Create new files with specified content.
 
-User: Where is the login logic?
-Assistant workflow:
-1. <search>
-<query>login AND auth AND token</query>
-<path>.</path>
-</search>
-2. Now lets look closer: <extract>
-<targets>session.rs#AuthService.login auth.rs:2-100</targets>
-</extract>
+This tool creates new files in the filesystem. It will create parent directories if they don't exist.
 
-User: How to calculate the total amount in the payments module?
-<search>
-<query>calculate AND payment</query>
-<path>src/utils</path>
-</search>
+Parameters:
+- file_path: Path where the file should be created (absolute or relative)
+- content: Content to write to the file
+- overwrite: (optional) Whether to overwrite if file exists (default: false)
 
-User: How do the user authentication and authorization work?
-<search>
-<query>+user AND (authentication OR authorization OR authz)</query>
-<path>.</path>
-</search>
+Important:
+- By default, will fail if the file already exists
+- Set overwrite: true to replace existing files
+- Parent directories will be created automatically if needed`,
+        inputSchema: {
+          type: "object",
+          properties: {
+            file_path: {
+              type: "string",
+              description: "Path where the file should be created"
+            },
+            content: {
+              type: "string",
+              description: "Content to write to the file"
+            },
+            overwrite: {
+              type: "boolean",
+              description: "Overwrite if file exists (default: false)",
+              default: false
+            }
+          },
+          required: ["file_path", "content"]
+        },
+        execute: async ({ file_path, content, overwrite = false }) => {
+          try {
+            if (!file_path || typeof file_path !== "string" || file_path.trim() === "") {
+              return `Error creating file: Invalid file_path - must be a non-empty string`;
+            }
+            if (content === void 0 || content === null || typeof content !== "string") {
+              return `Error creating file: Invalid content - must be a string`;
+            }
+            const resolvedPath = isAbsolute(file_path) ? file_path : resolve(cwd || process.cwd(), file_path);
+            if (debug) {
+              console.error(`[Create] Attempting to create file: ${resolvedPath}`);
+            }
+            if (!isPathAllowed(resolvedPath, allowedFolders)) {
+              return `Error creating file: Permission denied - ${file_path} is outside allowed directories`;
+            }
+            if (existsSync(resolvedPath) && !overwrite) {
+              return `Error creating file: File already exists - ${file_path}. Use overwrite: true to replace it.`;
+            }
+            const dir = dirname(resolvedPath);
+            await fs6.mkdir(dir, { recursive: true });
+            await fs6.writeFile(resolvedPath, content, "utf-8");
+            const action = existsSync(resolvedPath) && overwrite ? "overwrote" : "created";
+            const bytes = Buffer.byteLength(content, "utf-8");
+            if (debug) {
+              console.error(`[Create] Successfully ${action} ${resolvedPath}`);
+            }
+            return `Successfully ${action} ${file_path} (${bytes} bytes)`;
+          } catch (error) {
+            console.error("[Create] Error:", error);
+            return `Error creating file: ${error.message}`;
+          }
+        }
+      });
+    };
+    editSchema = {
+      type: "object",
+      properties: {
+        file_path: {
+          type: "string",
+          description: "Path to the file to edit"
+        },
+        old_string: {
+          type: "string",
+          description: "Exact text to find and replace"
+        },
+        new_string: {
+          type: "string",
+          description: "Text to replace with"
+        },
+        replace_all: {
+          type: "boolean",
+          description: "Replace all occurrences (default: false)"
+        }
+      },
+      required: ["file_path", "old_string", "new_string"]
+    };
+    createSchema = {
+      type: "object",
+      properties: {
+        file_path: {
+          type: "string",
+          description: "Path where the file should be created"
+        },
+        content: {
+          type: "string",
+          description: "Content to write to the file"
+        },
+        overwrite: {
+          type: "boolean",
+          description: "Overwrite if file exists (default: false)"
+        }
+      },
+      required: ["file_path", "content"]
+    };
+    editDescription = "Edit files using exact string replacement. Requires exact match including whitespace.";
+    createDescription = "Create new files with specified content. Will create parent directories if needed.";
+    editToolDefinition = `
+## edit
+Description: ${editDescription}
 
-User: Find all react imports in the project.
-<search>
-<query>"import" AND "react"</query>
-<path>.</path>
-</search>
+When to use:
+- For precise, surgical edits to existing files
+- When you need to change specific lines or blocks of code
+- For renaming functions, variables, or updating configuration values
+- When the exact text to replace is known and unique (or use replace_all for multiple occurrences)
 
-User: Find how decompound library works?
-<search>
-<query>decompound</query>
-<path>/dep/rust/decompound</path>
-</search>
+When NOT to use:
+- For creating new files (use 'create' tool instead)
+- When you cannot determine the exact text to replace
+- When changes span multiple locations that would be better handled together
 
-</examples>
-`;
-    queryToolDefinition = `
-## query
-Description: Search code using ast-grep structural pattern matching. Use this tool to find specific code structures like functions, classes, or methods.
 Parameters:
-- pattern: (required) AST pattern to search for. Use $NAME for variable names, $$$PARAMS for parameter lists, etc.
-- path: (optional, default: '.') Path to search in.
-- language: (optional, default: 'rust') Programming language to use for parsing.
-- allow_tests: (optional, default: true) Allow test files in search results (true/false).
-Usage Example:
+- file_path: (required) Path to the file to edit
+- old_string: (required) Exact text to find and replace (must match including whitespace, newlines, and indentation)
+- new_string: (required) Text to replace with
+- replace_all: (optional, default: false) Replace all occurrences if the string appears multiple times
 
-<examples>
+Important notes:
+- The old_string MUST match EXACTLY, including all whitespace, indentation, and line breaks
+- If old_string appears multiple times and replace_all is false, the tool will fail
+- Always verify the exact formatting of the text you want to replace
 
-<query>
-<pattern>function $FUNC($$$PARAMS) { $$$BODY }</pattern>
-<path>src/parser</path>
-<language>js</language>
-</query>
+Examples:
+<edit>
+<file_path>src/main.js</file_path>
+<old_string>function oldName() {
+  return 42;
+}</old_string>
+<new_string>function newName() {
+  return 42;
+}</new_string>
+</edit>
 
-</examples>
-`;
-    extractToolDefinition = `
-## extract
-Description: Extract code blocks from files based on file paths and optional line numbers. Use this tool to see complete context after finding relevant files. It can be used to read full files as well.
-Full file extraction should be the LAST RESORT! Always prefer search.
+<edit>
+<file_path>config.json</file_path>
+<old_string>"debug": false</old_string>
+<new_string>"debug": true</new_string>
+<replace_all>true</replace_all>
+</edit>`;
+    createToolDefinition = `
+## create
+Description: ${createDescription}
 
-**Multiple Extraction:** You can extract multiple symbols/files in one call by providing multiple file paths separated by spaces.
-
-**Session Awareness:** Reuse context from previous tool calls. Don't re-extract the same symbols you already have.
-
-Parameters:
-- targets: (required) File paths or symbols to extract from. Formats: "file.js" (whole file), "file.js:42" (code block at line 42), "file.js:10-20" (lines 10-20), "file.js#funcName" (specific symbol). Multiple targets separated by spaces.
-- input_content: (optional) Text content to extract file paths from (alternative to targets for processing diffs/logs).
-- allow_tests: (optional, default: true) Include test files in extraction results.
-
-Usage Example:
-
-<examples>
-
-User: Where is the login logic? (After search found relevant files)
-<extract>
-<targets>session.rs#AuthService.login auth.rs:2-100 config.rs#DatabaseConfig</targets>
-</extract>
-
-User: How does error handling work? (After search identified files)
-<extract>
-<targets>error.rs#ErrorType utils.rs#handle_error src/main.rs:50-80</targets>
-</extract>
-
-User: How RankManager works
-<extract>
-<targets>src/search/ranking.rs#RankManager</targets>
-</extract>
-
-User: Lets read the whole file
-<extract>
-<targets>src/search/ranking.rs</targets>
-</extract>
-
-User: Read the first 10 lines of the file
-<extract>
-<targets>src/search/ranking.rs:1-10</targets>
-</extract>
-
-User: Read file inside the dependency
-<extract>
-<targets>/dep/go/github.com/gorilla/mux/router.go</targets>
-</extract>
-
-</examples>
-`;
-    delegateToolDefinition = `
-## delegate
-Description: Automatically delegate big distinct tasks to specialized probe subagents within the agentic loop. Use this when you recognize that a user's request involves multiple large, distinct components that would benefit from parallel processing or specialized focus. The AI agent should automatically identify opportunities for task separation and use delegation without explicit user instruction.
-
-Parameters:
-- task: (required) A complete, self-contained task that can be executed independently by a subagent. Should be specific and focused on one area of expertise.
-
-Usage Pattern:
-When the AI agent encounters complex multi-part requests, it should automatically break them down and delegate:
-
-<delegate>
-<task>Analyze all authentication and authorization code in the codebase for security vulnerabilities and provide specific remediation recommendations</task>
-</delegate>
-
-<delegate>
-<task>Review database queries and API endpoints for performance bottlenecks and suggest optimization strategies</task>
-</delegate>
+When to use:
+- For creating brand new files from scratch
+- When you need to add configuration files, documentation, or new modules
+- For generating boilerplate code or templates
+- When you have the complete content ready to write
 
-The agent uses this tool automatically when it identifies that work can be separated into distinct, parallel tasks for more efficient processing.
-`;
-    attemptCompletionToolDefinition = `
-## attempt_completion
-Description: Use this tool ONLY when the task is fully complete and you have received confirmation of success for all previous tool uses. Presents the final result to the user. You can provide your response directly inside the XML tags without any parameter wrapper.
-Parameters:
-- No validation required - provide your complete answer directly inside the XML tags.
-Usage Example:
-<attempt_completion>
-I have refactored the search module according to the requirements and verified the tests pass. The module now uses the new BM25 ranking algorithm and has improved error handling.
-</attempt_completion>
-`;
-    bashToolDefinition = `
-## bash
-Description: Execute bash commands for system exploration and development tasks. This tool has built-in security with allow/deny lists. By default, only safe read-only commands are allowed for code exploration.
+When NOT to use:
+- For editing existing files (use 'edit' tool instead)
+- When a file already exists unless you explicitly want to overwrite it
 
 Parameters:
-- command: (required) The bash command to execute
-- workingDirectory: (optional) Directory to execute the command in
-- timeout: (optional) Command timeout in milliseconds
-- env: (optional) Additional environment variables as an object
-
-Security: Commands are filtered through allow/deny lists for safety:
-- Allowed by default: ls, cat, git status, npm list, find, grep, etc.
-- Denied by default: rm -rf, sudo, npm install, dangerous system commands
-
-Usage Examples:
-
-<examples>
-
-User: What files are in the src directory?
-<bash>
-<command>ls -la src/</command>
-</bash>
-
-User: Show me the git status
-<bash>
-<command>git status</command>
-</bash>
-
-User: Find all TypeScript files
-<bash>
-<command>find . -name "*.ts" -type f</command>
-</bash>
-
-User: Check installed npm packages
-<bash>
-<command>npm list --depth=0</command>
-</bash>
+- file_path: (required) Path where the file should be created
+- content: (required) Complete content to write to the file
+- overwrite: (optional, default: false) Whether to overwrite if file already exists
 
-User: Search for TODO comments in code
-<bash>
-<command>grep -r "TODO" src/</command>
-</bash>
+Important notes:
+- Parent directories will be created automatically if they don't exist
+- The tool will fail if the file already exists and overwrite is false
+- Be careful with the overwrite option as it completely replaces existing files
 
-User: Show recent git commits
-<bash>
-<command>git log --oneline -10</command>
-</bash>
+Examples:
+<create>
+<file_path>src/newFile.js</file_path>
+<content>export function hello() {
+  return "Hello, world!";
+}</content>
+</create>
 
-User: Check system info
-<bash>
-<command>uname -a</command>
-</bash>
+<create>
+<file_path>README.md</file_path>
+<content># My Project
 
-</examples>
-`;
-    searchDescription = "Search code in the repository using Elasticsearch-like query syntax. Use this tool first for any code-related questions.";
-    queryDescription = "Search code using ast-grep structural pattern matching. Use this tool to find specific code structures like functions, classes, or methods.";
-    extractDescription = "Extract code blocks from files based on file paths and optional line numbers. Use this tool to see complete context after finding relevant files.";
-    delegateDescription = "Automatically delegate big distinct tasks to specialized probe subagents within the agentic loop. Used by AI agents to break down complex requests into focused, parallel tasks.";
-    DEFAULT_VALID_TOOLS = [
-      "search",
-      "query",
-      "extract",
-      "delegate",
-      "listFiles",
-      "searchFiles",
-      "implement",
-      "attempt_completion"
-    ];
+This is a new project.</content>
+<overwrite>true</overwrite>
+</create>`;
   }
 });
 
-// src/tools/vercel.js
-import { tool } from "ai";
-var searchTool, queryTool, extractTool, delegateTool;
-var init_vercel = __esm({
-  "src/tools/vercel.js"() {
-    "use strict";
-    init_search();
-    init_query();
-    init_extract();
-    init_delegate();
-    init_common();
-    searchTool = (options = {}) => {
-      const { sessionId, maxTokens = 1e4, debug = false, outline = false } = options;
-      return tool({
-        name: "search",
-        description: searchDescription,
-        inputSchema: searchSchema,
-        execute: async ({ query: searchQuery, path: path9, allow_tests, exact, maxTokens: paramMaxTokens, language }) => {
-          try {
-            const effectiveMaxTokens = paramMaxTokens || maxTokens;
-            let searchPaths;
-            if (path9) {
-              searchPaths = parseAndResolvePaths(path9, options.cwd);
-            }
-            if (!searchPaths || searchPaths.length === 0) {
-              searchPaths = [options.cwd || "."];
-            }
-            const searchPath = searchPaths.join(" ");
-            if (debug) {
-              console.error(`Executing search with query: "${searchQuery}", path: "${searchPath}", exact: ${exact ? "true" : "false"}, language: ${language || "all"}, session: ${sessionId || "none"}`);
-            }
-            const searchOptions = {
-              query: searchQuery,
-              path: searchPath,
-              cwd: options.cwd,
-              // Working directory for resolving relative paths
-              allowTests: allow_tests ?? true,
-              exact,
-              json: false,
-              maxTokens: effectiveMaxTokens,
-              session: sessionId,
-              // Pass session ID if provided
-              language
-              // Pass language parameter if provided
-            };
-            if (outline) {
-              searchOptions.format = "outline-xml";
-            }
-            const results = await search(searchOptions);
-            return results;
-          } catch (error) {
-            console.error("Error executing search command:", error);
-            return `Error executing search command: ${error.message}`;
-          }
-        }
-      });
-    };
-    queryTool = (options = {}) => {
-      const { debug = false } = options;
-      return tool({
-        name: "query",
-        description: queryDescription,
-        inputSchema: querySchema,
-        execute: async ({ pattern, path: path9, language, allow_tests }) => {
-          try {
-            let queryPaths;
-            if (path9) {
-              queryPaths = parseAndResolvePaths(path9, options.cwd);
-            }
-            if (!queryPaths || queryPaths.length === 0) {
-              queryPaths = [options.cwd || "."];
-            }
-            const queryPath = queryPaths.join(" ");
-            if (debug) {
-              console.error(`Executing query with pattern: "${pattern}", path: "${queryPath}", language: ${language || "auto"}`);
-            }
-            const results = await query({
-              pattern,
-              path: queryPath,
-              cwd: options.cwd,
-              // Working directory for resolving relative paths
-              language,
-              allowTests: allow_tests ?? true,
-              json: false
-            });
-            return results;
-          } catch (error) {
-            console.error("Error executing query command:", error);
-            return `Error executing query command: ${error.message}`;
-          }
-        }
-      });
+// src/tools/common.js
+import { resolve as resolve2, isAbsolute as isAbsolute2 } from "path";
+function buildToolTagPattern(tools2 = DEFAULT_VALID_TOOLS) {
+  const allTools = [...tools2];
+  if (allTools.includes("attempt_completion") && !allTools.includes("attempt_complete")) {
+    allTools.push("attempt_complete");
+  }
+  const escaped = allTools.map((t) => t.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"));
+  return new RegExp(`<(${escaped.join("|")})>`);
+}
+function getValidParamsForTool(toolName) {
+  const schemaMap = {
+    search: searchSchema,
+    query: querySchema,
+    extract: extractSchema,
+    delegate: delegateSchema,
+    bash: bashSchema,
+    attempt_completion: attemptCompletionSchema,
+    edit: editSchema,
+    create: createSchema
+  };
+  const schema = schemaMap[toolName];
+  if (!schema) {
+    return ["path", "directory", "pattern", "recursive", "includeHidden", "task", "files", "autoCommits", "result"];
+  }
+  if (toolName === "attempt_completion") {
+    return ["result"];
+  }
+  if (schema._def && schema._def.shape) {
+    return Object.keys(schema._def.shape());
+  }
+  if (schema.properties) {
+    return Object.keys(schema.properties);
+  }
+  return [];
+}
+function parseXmlToolCall(xmlString, validTools = DEFAULT_VALID_TOOLS) {
+  for (const toolName of validTools) {
+    const openTag = `<${toolName}>`;
+    const closeTag = `</${toolName}>`;
+    const openIndex = xmlString.indexOf(openTag);
+    if (openIndex === -1) {
+      continue;
+    }
+    let closeIndex;
+    if (toolName === "attempt_completion") {
+      closeIndex = xmlString.lastIndexOf(closeTag);
+      if (closeIndex !== -1 && closeIndex <= openIndex + openTag.length) {
+        closeIndex = -1;
+      }
+    } else {
+      closeIndex = xmlString.indexOf(closeTag, openIndex + openTag.length);
+    }
+    let hasClosingTag = closeIndex !== -1;
+    if (closeIndex === -1) {
+      closeIndex = xmlString.length;
+    }
+    const innerContent = xmlString.substring(
+      openIndex + openTag.length,
+      closeIndex
+    );
+    const params = {};
+    const validParams = getValidParamsForTool(toolName);
+    for (const paramName of validParams) {
+      const paramOpenTag = `<${paramName}>`;
+      const paramCloseTag = `</${paramName}>`;
+      const paramOpenIndex = innerContent.indexOf(paramOpenTag);
+      if (paramOpenIndex === -1) {
+        continue;
+      }
+      let paramCloseIndex = innerContent.indexOf(paramCloseTag, paramOpenIndex + paramOpenTag.length);
+      if (paramCloseIndex === -1) {
+        let nextTagIndex = innerContent.length;
+        for (const nextParam of validParams) {
+          const nextOpenTag = `<${nextParam}>`;
+          const nextIndex = innerContent.indexOf(nextOpenTag, paramOpenIndex + paramOpenTag.length);
+          if (nextIndex !== -1 && nextIndex < nextTagIndex) {
+            nextTagIndex = nextIndex;
+          }
+        }
+        paramCloseIndex = nextTagIndex;
+      }
+      let paramValue = innerContent.substring(
+        paramOpenIndex + paramOpenTag.length,
+        paramCloseIndex
+      ).trim();
+      if (paramValue.toLowerCase() === "true") {
+        paramValue = true;
+      } else if (paramValue.toLowerCase() === "false") {
+        paramValue = false;
+      } else if (!isNaN(paramValue) && paramValue.trim() !== "") {
+        const num = Number(paramValue);
+        if (Number.isFinite(num)) {
+          paramValue = num;
+        }
+      }
+      params[paramName] = paramValue;
+    }
+    if (toolName === "attempt_completion") {
+      params["result"] = innerContent.trim();
+      if (params.command) {
+        delete params.command;
+      }
+    }
+    return { toolName, params };
+  }
+  return null;
+}
+function createMessagePreview(message, charsPerSide = 200) {
+  if (message === null || message === void 0) {
+    return "null/undefined";
+  }
+  if (typeof message !== "string") {
+    return "null/undefined";
+  }
+  const totalChars = charsPerSide * 2;
+  if (message.length <= totalChars) {
+    return message;
+  }
+  const start = message.substring(0, charsPerSide);
+  const end = message.substring(message.length - charsPerSide);
+  return `${start}...${end}`;
+}
+function parseTargets(targets) {
+  if (!targets || typeof targets !== "string") {
+    return [];
+  }
+  return targets.split(/[\s,]+/).filter((f) => f.length > 0);
+}
+function parseAndResolvePaths(pathStr, cwd) {
+  if (!pathStr) return [];
+  const paths = pathStr.split(",").map((p) => p.trim()).filter((p) => p.length > 0);
+  return paths.map((p) => {
+    if (isAbsolute2(p)) {
+      return p;
+    }
+    return cwd ? resolve2(cwd, p) : p;
+  });
+}
+function resolveTargetPath(target, cwd) {
+  const searchStart = target.length > 2 && target[1] === ":" && /[a-zA-Z]/.test(target[0]) ? 2 : 0;
+  const colonIdx = target.indexOf(":", searchStart);
+  const hashIdx = target.indexOf("#");
+  let filePart, suffix;
+  if (colonIdx !== -1 && (hashIdx === -1 || colonIdx < hashIdx)) {
+    filePart = target.substring(0, colonIdx);
+    suffix = target.substring(colonIdx);
+  } else if (hashIdx !== -1) {
+    filePart = target.substring(0, hashIdx);
+    suffix = target.substring(hashIdx);
+  } else {
+    filePart = target;
+    suffix = "";
+  }
+  if (!isAbsolute2(filePart) && cwd) {
+    filePart = resolve2(cwd, filePart);
+  }
+  return filePart + suffix;
+}
+var searchSchema, querySchema, extractSchema, delegateSchema, bashSchema, attemptCompletionSchema, searchToolDefinition, queryToolDefinition, extractToolDefinition, delegateToolDefinition, attemptCompletionToolDefinition, bashToolDefinition, searchDescription, queryDescription, extractDescription, delegateDescription, DEFAULT_VALID_TOOLS;
+var init_common = __esm({
+  "src/tools/common.js"() {
+    "use strict";
+    init_zod();
+    init_edit();
+    searchSchema = external_exports.object({
+      query: external_exports.string().describe("Search query with Elasticsearch syntax. Use quotes for exact matches, AND/OR for boolean logic, - for negation."),
+      path: external_exports.string().optional().default(".").describe('Path to search in. For dependencies use "go:github.com/owner/repo", "js:package_name", or "rust:cargo_name" etc.')
+    });
+    querySchema = external_exports.object({
+      pattern: external_exports.string().describe("AST pattern to search for. Use $NAME for variable names, $$$PARAMS for parameter lists, etc."),
+      path: external_exports.string().optional().default(".").describe("Path to search in"),
+      language: external_exports.string().optional().default("rust").describe("Programming language to use for parsing"),
+      allow_tests: external_exports.boolean().optional().default(true).describe("Allow test files in search results")
+    });
+    extractSchema = external_exports.object({
+      targets: external_exports.string().optional().describe('File paths or symbols to extract from. Formats: "file.js" (whole file), "file.js:42" (line 42), "file.js:10-20" (lines 10-20), "file.js#funcName" (symbol). Multiple targets separated by spaces.'),
+      input_content: external_exports.string().optional().describe("Text content to extract file paths from (alternative to targets)"),
+      allow_tests: external_exports.boolean().optional().default(true).describe("Include test files in extraction results")
+    });
+    delegateSchema = external_exports.object({
+      task: external_exports.string().describe("The task to delegate to a subagent. Be specific about what needs to be accomplished.")
+    });
+    bashSchema = external_exports.object({
+      command: external_exports.string().describe("The bash command to execute"),
+      workingDirectory: external_exports.string().optional().describe("Directory to execute the command in (optional)"),
+      timeout: external_exports.number().optional().describe("Command timeout in milliseconds (optional)"),
+      env: external_exports.record(external_exports.string()).optional().describe("Additional environment variables (optional)")
+    });
+    attemptCompletionSchema = {
+      // Custom validation that requires result parameter but allows direct XML response
+      safeParse: (params) => {
+        if (!params || typeof params !== "object") {
+          return {
+            success: false,
+            error: {
+              issues: [{
+                code: "invalid_type",
+                expected: "object",
+                received: typeof params,
+                path: [],
+                message: "Expected object"
+              }]
+            }
+          };
+        }
+        if (!("result" in params)) {
+          return {
+            success: false,
+            error: {
+              issues: [{
+                code: "invalid_type",
+                expected: "string",
+                received: "undefined",
+                path: ["result"],
+                message: "Required"
+              }]
+            }
+          };
+        }
+        if (typeof params.result !== "string") {
+          return {
+            success: false,
+            error: {
+              issues: [{
+                code: "invalid_type",
+                expected: "string",
+                received: typeof params.result,
+                path: ["result"],
+                message: "Expected string"
+              }]
+            }
+          };
+        }
+        const filteredData = { result: params.result };
+        return {
+          success: true,
+          data: filteredData
+        };
+      }
+    };
+    searchToolDefinition = `
+## search
+Description: Search code in the repository using Elasticsearch query syntax (except field based queries, e.g. "filename:..." NOT supported).
+
+You need to focus on main keywords when constructing the query, and always use elastic search syntax like OR AND and brackets to group keywords.
+
+**Session Management & Caching:**
+- Ensure not to re-read the same symbols twice - reuse context from previous tool calls
+- Probe returns a session ID on first run - reuse it for subsequent calls to avoid redundant searches
+- Once data is returned, it's cached and won't return on next runs (this is expected behavior)
+
+Parameters:
+- query: (required) Search query with Elasticsearch syntax. Use quotes for exact matches ("functionName"), AND/OR for boolean logic, - for negation, + for important terms.
+- path: (optional, default: '.') Path to search in. All dependencies located in /dep folder, under language sub folders, like this: "/dep/go/github.com/owner/repo", "/dep/js/package_name", or "/dep/rust/cargo_name" etc.
+
+**Workflow:** Always start with search, then use extract for detailed context when needed.
+
+Usage Example:
+
+<examples>
+
+User: Where is the login logic?
+Assistant workflow:
+1. <search>
+<query>login AND auth AND token</query>
+<path>.</path>
+</search>
+2. Now lets look closer: <extract>
+<targets>session.rs#AuthService.login auth.rs:2-100</targets>
+</extract>
+
+User: How to calculate the total amount in the payments module?
+<search>
+<query>calculate AND payment</query>
+<path>src/utils</path>
+</search>
+
+User: How do the user authentication and authorization work?
+<search>
+<query>+user AND (authentication OR authorization OR authz)</query>
+<path>.</path>
+</search>
+
+User: Find all react imports in the project.
+<search>
+<query>"import" AND "react"</query>
+<path>.</path>
+</search>
+
+User: Find how decompound library works?
+<search>
+<query>decompound</query>
+<path>/dep/rust/decompound</path>
+</search>
+
+</examples>
+`;
+    queryToolDefinition = `
+## query
+Description: Search code using ast-grep structural pattern matching. Use this tool to find specific code structures like functions, classes, or methods.
+Parameters:
+- pattern: (required) AST pattern to search for. Use $NAME for variable names, $$$PARAMS for parameter lists, etc.
+- path: (optional, default: '.') Path to search in.
+- language: (optional, default: 'rust') Programming language to use for parsing.
+- allow_tests: (optional, default: true) Allow test files in search results (true/false).
+Usage Example:
+
+<examples>
+
+<query>
+<pattern>function $FUNC($$$PARAMS) { $$$BODY }</pattern>
+<path>src/parser</path>
+<language>js</language>
+</query>
+
+</examples>
+`;
+    extractToolDefinition = `
+## extract
+Description: Extract code blocks from files based on file paths and optional line numbers. Use this tool to see complete context after finding relevant files. It can be used to read full files as well.
+Full file extraction should be the LAST RESORT! Always prefer search.
+
+**Multiple Extraction:** You can extract multiple symbols/files in one call by providing multiple file paths separated by spaces.
+
+**Session Awareness:** Reuse context from previous tool calls. Don't re-extract the same symbols you already have.
+
+Parameters:
+- targets: (required) File paths or symbols to extract from. Formats: "file.js" (whole file), "file.js:42" (code block at line 42), "file.js:10-20" (lines 10-20), "file.js#funcName" (specific symbol). Multiple targets separated by spaces.
+- input_content: (optional) Text content to extract file paths from (alternative to targets for processing diffs/logs).
+- allow_tests: (optional, default: true) Include test files in extraction results.
+
+Usage Example:
+
+<examples>
+
+User: Where is the login logic? (After search found relevant files)
+<extract>
+<targets>session.rs#AuthService.login auth.rs:2-100 config.rs#DatabaseConfig</targets>
+</extract>
+
+User: How does error handling work? (After search identified files)
+<extract>
+<targets>error.rs#ErrorType utils.rs#handle_error src/main.rs:50-80</targets>
+</extract>
+
+User: How RankManager works
+<extract>
+<targets>src/search/ranking.rs#RankManager</targets>
+</extract>
+
+User: Lets read the whole file
+<extract>
+<targets>src/search/ranking.rs</targets>
+</extract>
+
+User: Read the first 10 lines of the file
+<extract>
+<targets>src/search/ranking.rs:1-10</targets>
+</extract>
+
+User: Read file inside the dependency
+<extract>
+<targets>/dep/go/github.com/gorilla/mux/router.go</targets>
+</extract>
+
+</examples>
+`;
+    delegateToolDefinition = `
+## delegate
+Description: Automatically delegate big distinct tasks to specialized probe subagents within the agentic loop. Use this when you recognize that a user's request involves multiple large, distinct components that would benefit from parallel processing or specialized focus. The AI agent should automatically identify opportunities for task separation and use delegation without explicit user instruction.
+
+Parameters:
+- task: (required) A complete, self-contained task that can be executed independently by a subagent. Should be specific and focused on one area of expertise.
+
+Usage Pattern:
+When the AI agent encounters complex multi-part requests, it should automatically break them down and delegate:
+
+<delegate>
+<task>Analyze all authentication and authorization code in the codebase for security vulnerabilities and provide specific remediation recommendations</task>
+</delegate>
+
+<delegate>
+<task>Review database queries and API endpoints for performance bottlenecks and suggest optimization strategies</task>
+</delegate>
+
+The agent uses this tool automatically when it identifies that work can be separated into distinct, parallel tasks for more efficient processing.
+`;
+    attemptCompletionToolDefinition = `
+## attempt_completion
+Description: Use this tool ONLY when the task is fully complete and you have received confirmation of success for all previous tool uses. Presents the final result to the user. You can provide your response directly inside the XML tags without any parameter wrapper.
+Parameters:
+- No validation required - provide your complete answer directly inside the XML tags.
+Usage Example:
+<attempt_completion>
+I have refactored the search module according to the requirements and verified the tests pass. The module now uses the new BM25 ranking algorithm and has improved error handling.
+</attempt_completion>
+`;
+    bashToolDefinition = `
+## bash
+Description: Execute bash commands for system exploration and development tasks. This tool has built-in security with allow/deny lists. By default, only safe read-only commands are allowed for code exploration.
+
+Parameters:
+- command: (required) The bash command to execute
+- workingDirectory: (optional) Directory to execute the command in
+- timeout: (optional) Command timeout in milliseconds
+- env: (optional) Additional environment variables as an object
+
+Security: Commands are filtered through allow/deny lists for safety:
+- Allowed by default: ls, cat, git status, npm list, find, grep, etc.
+- Denied by default: rm -rf, sudo, npm install, dangerous system commands
+
+Usage Examples:
+
+<examples>
+
+User: What files are in the src directory?
+<bash>
+<command>ls -la src/</command>
+</bash>
+
+User: Show me the git status
+<bash>
+<command>git status</command>
+</bash>
+
+User: Find all TypeScript files
+<bash>
+<command>find . -name "*.ts" -type f</command>
+</bash>
+
+User: Check installed npm packages
+<bash>
+<command>npm list --depth=0</command>
+</bash>
+
+User: Search for TODO comments in code
+<bash>
+<command>grep -r "TODO" src/</command>
+</bash>
+
+User: Show recent git commits
+<bash>
+<command>git log --oneline -10</command>
+</bash>
+
+User: Check system info
+<bash>
+<command>uname -a</command>
+</bash>
+
+</examples>
+`;
+    searchDescription = "Search code in the repository using Elasticsearch-like query syntax. Use this tool first for any code-related questions.";
+    queryDescription = "Search code using ast-grep structural pattern matching. Use this tool to find specific code structures like functions, classes, or methods.";
+    extractDescription = "Extract code blocks from files based on file paths and optional line numbers. Use this tool to see complete context after finding relevant files.";
+    delegateDescription = "Automatically delegate big distinct tasks to specialized probe subagents within the agentic loop. Used by AI agents to break down complex requests into focused, parallel tasks.";
+    DEFAULT_VALID_TOOLS = [
+      "search",
+      "query",
+      "extract",
+      "delegate",
+      "listFiles",
+      "searchFiles",
+      "implement",
+      "bash",
+      "attempt_completion"
+    ];
+  }
+});
+
+// src/tools/vercel.js
+import { tool as tool2 } from "ai";
+var searchTool, queryTool, extractTool, delegateTool;
+var init_vercel = __esm({
+  "src/tools/vercel.js"() {
+    "use strict";
+    init_search();
+    init_query();
+    init_extract();
+    init_delegate();
+    init_common();
+    searchTool = (options = {}) => {
+      const { sessionId, maxTokens = 1e4, debug = false, outline = false } = options;
+      return tool2({
+        name: "search",
+        description: searchDescription,
+        inputSchema: searchSchema,
+        execute: async ({ query: searchQuery, path: path9, allow_tests, exact, maxTokens: paramMaxTokens, language }) => {
+          try {
+            const effectiveMaxTokens = paramMaxTokens || maxTokens;
+            let searchPaths;
+            if (path9) {
+              searchPaths = parseAndResolvePaths(path9, options.cwd);
+            }
+            if (!searchPaths || searchPaths.length === 0) {
+              searchPaths = [options.cwd || "."];
+            }
+            const searchPath = searchPaths.join(" ");
+            if (debug) {
+              console.error(`Executing search with query: "${searchQuery}", path: "${searchPath}", exact: ${exact ? "true" : "false"}, language: ${language || "all"}, session: ${sessionId || "none"}`);
+            }
+            const searchOptions = {
+              query: searchQuery,
+              path: searchPath,
+              cwd: options.cwd,
+              // Working directory for resolving relative paths
+              allowTests: allow_tests ?? true,
+              exact,
+              json: false,
+              maxTokens: effectiveMaxTokens,
+              session: sessionId,
+              // Pass session ID if provided
+              language
+              // Pass language parameter if provided
+            };
+            if (outline) {
+              searchOptions.format = "outline-xml";
+            }
+            const results = await search(searchOptions);
+            return results;
+          } catch (error) {
+            console.error("Error executing search command:", error);
+            return `Error executing search command: ${error.message}`;
+          }
+        }
+      });
+    };
+    queryTool = (options = {}) => {
+      const { debug = false } = options;
+      return tool2({
+        name: "query",
+        description: queryDescription,
+        inputSchema: querySchema,
+        execute: async ({ pattern, path: path9, language, allow_tests }) => {
+          try {
+            let queryPaths;
+            if (path9) {
+              queryPaths = parseAndResolvePaths(path9, options.cwd);
+            }
+            if (!queryPaths || queryPaths.length === 0) {
+              queryPaths = [options.cwd || "."];
+            }
+            const queryPath = queryPaths.join(" ");
+            if (debug) {
+              console.error(`Executing query with pattern: "${pattern}", path: "${queryPath}", language: ${language || "auto"}`);
+            }
+            const results = await query({
+              pattern,
+              path: queryPath,
+              cwd: options.cwd,
+              // Working directory for resolving relative paths
+              language,
+              allowTests: allow_tests ?? true,
+              json: false
+            });
+            return results;
+          } catch (error) {
+            console.error("Error executing query command:", error);
+            return `Error executing query command: ${error.message}`;
+          }
+        }
+      });
     };
     extractTool = (options = {}) => {
       const { debug = false, outline = false } = options;
-      return tool({
+      return tool2({
         name: "extract",
         description: extractDescription,
         inputSchema: extractSchema,
@@ -8496,7 +8830,7 @@ var init_vercel = __esm({
     };
     delegateTool = (options = {}) => {
       const { debug = false, timeout = 300, cwd, allowedFolders, enableBash = false, bashConfig } = options;
-      return tool({
+      return tool2({
         name: "delegate",
         description: delegateDescription,
         inputSchema: delegateSchema,
@@ -8525,14 +8859,15 @@ var init_vercel = __esm({
           if (model !== void 0 && model !== null && typeof model !== "string") {
             throw new TypeError("model must be a string, null, or undefined");
           }
-          const effectivePath = path9 || cwd || allowedFolders && allowedFolders[0];
+          const workspaceRoot = allowedFolders && allowedFolders[0];
+          const effectivePath = path9 || workspaceRoot || cwd;
           if (debug) {
             console.error(`Executing delegate with task: "${task.substring(0, 100)}${task.length > 100 ? "..." : ""}"`);
             if (parentSessionId) {
               console.error(`Parent session: ${parentSessionId}`);
             }
             if (effectivePath && effectivePath !== path9) {
-              console.error(`Using inherited path: ${effectivePath}`);
+              console.error(`Using workspace root: ${effectivePath} (cwd was: ${cwd || "not set"})`);
             }
           }
           const result = await delegate({
@@ -9097,1082 +9432,805 @@ function parseSimpleCommand(command) {
     // Glob patterns (potentially dangerous)
     /^\s*\{.*,.*\}|\{.*\.\.\.*\}/
     // Brace expansion like {a,b} or {1..10} (but not find {} placeholders)
-  ];
-  for (const pattern of complexPatterns) {
-    if (pattern.test(trimmed)) {
-      return {
-        success: false,
-        error: "Complex shell commands with pipes, operators, or redirections are not supported for security reasons",
-        command: null,
-        args: [],
-        isComplex: true,
-        detected: pattern.toString()
-      };
-    }
-  }
-  const args = [];
-  let current = "";
-  let inQuotes = false;
-  let quoteChar = "";
-  let escaped = false;
-  for (let i = 0; i < trimmed.length; i++) {
-    const char = trimmed[i];
-    const nextChar = i + 1 < trimmed.length ? trimmed[i + 1] : "";
-    if (escaped) {
-      current += char;
-      escaped = false;
-      continue;
-    }
-    if (char === "\\" && !inQuotes) {
-      escaped = true;
-      continue;
-    }
-    if (!inQuotes && (char === '"' || char === "'")) {
-      inQuotes = true;
-      quoteChar = char;
-    } else if (inQuotes && char === quoteChar) {
-      inQuotes = false;
-      quoteChar = "";
-    } else if (!inQuotes && char === " ") {
-      if (current.trim()) {
-        args.push(current.trim());
-        current = "";
-      }
-    } else {
-      current += char;
-    }
-  }
-  if (current.trim()) {
-    args.push(current.trim());
-  }
-  if (inQuotes) {
-    return {
-      success: false,
-      error: `Unclosed quote in command: ${quoteChar}`,
-      command: null,
-      args: [],
-      isComplex: false
-    };
-  }
-  if (args.length === 0) {
-    return {
-      success: false,
-      error: "No command found after parsing",
-      command: null,
-      args: [],
-      isComplex: false
-    };
-  }
-  const [baseCommand, ...commandArgs] = args;
-  return {
-    success: true,
-    error: null,
-    command: baseCommand,
-    args: commandArgs,
-    fullArgs: args,
-    isComplex: false,
-    original: command
-  };
-}
-function isComplexCommand(command) {
-  const result = parseSimpleCommand(command);
-  return result.isComplex;
-}
-function isComplexPattern(pattern) {
-  if (!pattern || typeof pattern !== "string") return false;
-  const operatorPatterns = [
-    /\|/,
-    // Pipes
-    /&&/,
-    // Logical AND
-    /\|\|/,
-    // Logical OR
-    /;/,
-    // Command separator
-    /&$/,
-    // Background execution
-    /\$\(/,
-    // Command substitution $()
-    /`/,
-    // Command substitution ``
-    />/,
-    // Redirection >
-    /</
-    // Redirection <
-  ];
-  return operatorPatterns.some((p) => p.test(pattern));
-}
-function globToRegex(pattern) {
-  let escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
-  escaped = escaped.replace(/\*/g, ".*?");
-  return new RegExp("^" + escaped + "$", "i");
-}
-function matchesComplexPattern(command, pattern) {
-  if (!command || !pattern) return false;
-  const normalizedCommand = command.trim().replace(/\s+/g, " ");
-  const normalizedPattern = pattern.trim().replace(/\s+/g, " ");
-  try {
-    const regex = globToRegex(normalizedPattern);
-    return regex.test(normalizedCommand);
-  } catch (e) {
-    return normalizedCommand === normalizedPattern;
-  }
-}
-function parseCommand(command) {
-  const result = parseSimpleCommand(command);
-  if (!result.success) {
-    return {
-      command: "",
-      args: [],
-      error: result.error,
-      isComplex: result.isComplex
-    };
-  }
-  return {
-    command: result.command,
-    args: result.args,
-    error: null,
-    isComplex: result.isComplex
-  };
-}
-function parseCommandForExecution(command) {
-  const result = parseSimpleCommand(command);
-  if (!result.success) {
-    return null;
-  }
-  return result.fullArgs;
-}
-var init_bashCommandUtils = __esm({
-  "src/agent/bashCommandUtils.js"() {
-    "use strict";
-  }
-});
-
-// src/agent/bashPermissions.js
-function matchesPattern(parsedCommand, pattern) {
-  if (!parsedCommand || !pattern) return false;
-  const { command, args } = parsedCommand;
-  if (!command) return false;
-  const patternParts = pattern.split(":");
-  const commandName = patternParts[0];
-  if (commandName === "*") {
-    return true;
-  } else if (commandName !== command) {
-    return false;
-  }
-  if (patternParts.length === 1) {
-    return true;
+  ];
+  for (const pattern of complexPatterns) {
+    if (pattern.test(trimmed)) {
+      return {
+        success: false,
+        error: "Complex shell commands with pipes, operators, or redirections are not supported for security reasons",
+        command: null,
+        args: [],
+        isComplex: true,
+        detected: pattern.toString()
+      };
+    }
   }
-  for (let i = 1; i < patternParts.length; i++) {
-    const patternArg = patternParts[i];
-    const argIndex = i - 1;
-    if (patternArg === "*") {
+  const args = [];
+  let current = "";
+  let inQuotes = false;
+  let quoteChar = "";
+  let escaped = false;
+  for (let i = 0; i < trimmed.length; i++) {
+    const char = trimmed[i];
+    const nextChar = i + 1 < trimmed.length ? trimmed[i + 1] : "";
+    if (escaped) {
+      current += char;
+      escaped = false;
       continue;
     }
-    if (argIndex >= args.length) {
-      return false;
-    }
-    const actualArg = args[argIndex];
-    if (patternArg !== actualArg) {
-      return false;
+    if (char === "\\" && !inQuotes) {
+      escaped = true;
+      continue;
     }
-  }
-  return true;
-}
-function matchesAnyPattern(parsedCommand, patterns) {
-  if (!patterns || patterns.length === 0) return false;
-  return patterns.some((pattern) => matchesPattern(parsedCommand, pattern));
-}
-var BashPermissionChecker;
-var init_bashPermissions = __esm({
-  "src/agent/bashPermissions.js"() {
-    "use strict";
-    init_bashDefaults();
-    init_bashCommandUtils();
-    BashPermissionChecker = class {
-      /**
-       * Create a permission checker
-       * @param {Object} config - Configuration options
-       * @param {string[]} [config.allow] - Additional allow patterns
-       * @param {string[]} [config.deny] - Additional deny patterns
-       * @param {boolean} [config.disableDefaultAllow] - Disable default allow list
-       * @param {boolean} [config.disableDefaultDeny] - Disable default deny list
-       * @param {boolean} [config.debug] - Enable debug logging
-       */
-      constructor(config = {}) {
-        this.debug = config.debug || false;
-        this.allowPatterns = [];
-        if (!config.disableDefaultAllow) {
-          this.allowPatterns.push(...DEFAULT_ALLOW_PATTERNS);
-          if (this.debug) {
-            console.log(`[BashPermissions] Added ${DEFAULT_ALLOW_PATTERNS.length} default allow patterns`);
-          }
-        }
-        if (config.allow && Array.isArray(config.allow)) {
-          this.allowPatterns.push(...config.allow);
-          if (this.debug) {
-            console.log(`[BashPermissions] Added ${config.allow.length} custom allow patterns:`, config.allow);
-          }
-        }
-        this.denyPatterns = [];
-        if (!config.disableDefaultDeny) {
-          this.denyPatterns.push(...DEFAULT_DENY_PATTERNS);
-          if (this.debug) {
-            console.log(`[BashPermissions] Added ${DEFAULT_DENY_PATTERNS.length} default deny patterns`);
-          }
-        }
-        if (config.deny && Array.isArray(config.deny)) {
-          this.denyPatterns.push(...config.deny);
-          if (this.debug) {
-            console.log(`[BashPermissions] Added ${config.deny.length} custom deny patterns:`, config.deny);
-          }
-        }
-        if (this.debug) {
-          console.log(`[BashPermissions] Total patterns - Allow: ${this.allowPatterns.length}, Deny: ${this.denyPatterns.length}`);
-        }
-      }
-      /**
-       * Check if a simple command is allowed (complex commands allowed if they match patterns)
-       * @param {string} command - Command to check
-       * @returns {Object} Permission result
-       */
-      check(command) {
-        if (!command || typeof command !== "string") {
-          return {
-            allowed: false,
-            reason: "Invalid or empty command",
-            command
-          };
-        }
-        const commandIsComplex = isComplexCommand(command);
-        if (commandIsComplex) {
-          return this._checkComplexCommand(command);
-        }
-        const parsed = parseCommand(command);
-        if (parsed.error) {
-          return {
-            allowed: false,
-            reason: parsed.error,
-            command
-          };
-        }
-        if (!parsed.command) {
-          return {
-            allowed: false,
-            reason: "No valid command found",
-            command
-          };
-        }
-        if (this.debug) {
-          console.log(`[BashPermissions] Checking simple command: "${command}"`);
-          console.log(`[BashPermissions] Parsed: ${parsed.command} with args: [${parsed.args.join(", ")}]`);
-        }
-        if (matchesAnyPattern(parsed, this.denyPatterns)) {
-          const matchedPatterns = this.denyPatterns.filter((pattern) => matchesPattern(parsed, pattern));
-          return {
-            allowed: false,
-            reason: `Command matches deny pattern: ${matchedPatterns[0]}`,
-            command,
-            parsed,
-            matchedPatterns
-          };
-        }
-        if (this.allowPatterns.length > 0) {
-          if (!matchesAnyPattern(parsed, this.allowPatterns)) {
-            return {
-              allowed: false,
-              reason: "Command not in allow list",
-              command,
-              parsed
-            };
-          }
-        }
-        const result = {
-          allowed: true,
-          command,
-          parsed,
-          isComplex: false
-        };
-        if (this.debug) {
-          console.log(`[BashPermissions] ALLOWED - command passed all checks`);
-        }
-        return result;
-      }
-      /**
-       * Check a complex command against complex patterns in allow/deny lists
-       * @private
-       * @param {string} command - Complex command to check
-       * @returns {Object} Permission result
-       */
-      _checkComplexCommand(command) {
-        if (this.debug) {
-          console.log(`[BashPermissions] Checking complex command: "${command}"`);
-        }
-        const complexAllowPatterns = this.allowPatterns.filter((p) => isComplexPattern(p));
-        const complexDenyPatterns = this.denyPatterns.filter((p) => isComplexPattern(p));
-        if (this.debug) {
-          console.log(`[BashPermissions] Complex allow patterns: ${complexAllowPatterns.length}`);
-          console.log(`[BashPermissions] Complex deny patterns: ${complexDenyPatterns.length}`);
-        }
-        for (const pattern of complexDenyPatterns) {
-          if (matchesComplexPattern(command, pattern)) {
-            if (this.debug) {
-              console.log(`[BashPermissions] DENIED - matches complex deny pattern: ${pattern}`);
-            }
-            return {
-              allowed: false,
-              reason: `Command matches deny pattern: ${pattern}`,
-              command,
-              isComplex: true,
-              matchedPatterns: [pattern]
-            };
-          }
-        }
-        for (const pattern of complexAllowPatterns) {
-          if (matchesComplexPattern(command, pattern)) {
-            if (this.debug) {
-              console.log(`[BashPermissions] ALLOWED - matches complex allow pattern: ${pattern}`);
-            }
-            return {
-              allowed: true,
-              command,
-              isComplex: true,
-              matchedPattern: pattern
-            };
-          }
-        }
-        if (this.debug) {
-          console.log(`[BashPermissions] DENIED - no matching complex pattern found`);
-        }
-        return {
-          allowed: false,
-          reason: 'Complex shell commands require explicit allow patterns (e.g., "cd * && git *")',
-          command,
-          isComplex: true
-        };
-      }
-      /**
-       * Get configuration summary
-       * @returns {Object} Configuration info
-       */
-      getConfig() {
-        return {
-          allowPatterns: this.allowPatterns.length,
-          denyPatterns: this.denyPatterns.length,
-          totalPatterns: this.allowPatterns.length + this.denyPatterns.length
-        };
+    if (!inQuotes && (char === '"' || char === "'")) {
+      inQuotes = true;
+      quoteChar = char;
+    } else if (inQuotes && char === quoteChar) {
+      inQuotes = false;
+      quoteChar = "";
+    } else if (!inQuotes && char === " ") {
+      if (current.trim()) {
+        args.push(current.trim());
+        current = "";
       }
-    };
-  }
-});
-
-// src/agent/bashExecutor.js
-import { spawn as spawn2 } from "child_process";
-import { resolve as resolve2, join } from "path";
-import { existsSync } from "fs";
-async function executeBashCommand(command, options = {}) {
-  const {
-    workingDirectory = process.cwd(),
-    timeout = 12e4,
-    // 2 minutes default
-    env = {},
-    maxBuffer = 10 * 1024 * 1024,
-    // 10MB
-    debug = false
-  } = options;
-  let cwd = workingDirectory;
-  try {
-    cwd = resolve2(cwd);
-    if (!existsSync(cwd)) {
-      throw new Error(`Working directory does not exist: ${cwd}`);
+    } else {
+      current += char;
     }
-  } catch (error) {
+  }
+  if (current.trim()) {
+    args.push(current.trim());
+  }
+  if (inQuotes) {
     return {
       success: false,
-      error: `Invalid working directory: ${error.message}`,
-      stdout: "",
-      stderr: "",
-      exitCode: 1,
-      command,
-      workingDirectory: cwd,
-      duration: 0
+      error: `Unclosed quote in command: ${quoteChar}`,
+      command: null,
+      args: [],
+      isComplex: false
     };
   }
-  const startTime = Date.now();
-  if (debug) {
-    console.log(`[BashExecutor] Executing command: "${command}"`);
-    console.log(`[BashExecutor] Working directory: "${cwd}"`);
-    console.log(`[BashExecutor] Timeout: ${timeout}ms`);
-  }
-  return new Promise((resolve7, reject2) => {
-    const processEnv = {
-      ...process.env,
-      ...env
+  if (args.length === 0) {
+    return {
+      success: false,
+      error: "No command found after parsing",
+      command: null,
+      args: [],
+      isComplex: false
     };
-    const isComplex = isComplexCommand(command);
-    let cmd, cmdArgs, useShell;
-    if (isComplex) {
-      cmd = "sh";
-      cmdArgs = ["-c", command];
-      useShell = false;
-      if (debug) {
-        console.log(`[BashExecutor] Complex command - using sh -c`);
-      }
-    } else {
-      const args = parseCommandForExecution(command);
-      if (!args || args.length === 0) {
-        resolve7({
-          success: false,
-          error: "Failed to parse command",
-          stdout: "",
-          stderr: "",
-          exitCode: 1,
-          command,
-          workingDirectory: cwd,
-          duration: Date.now() - startTime
-        });
-        return;
-      }
-      [cmd, ...cmdArgs] = args;
-      useShell = false;
-    }
-    const child = spawn2(cmd, cmdArgs, {
-      cwd,
-      env: processEnv,
-      stdio: ["ignore", "pipe", "pipe"],
-      // stdin ignored, capture stdout/stderr
-      shell: useShell,
-      // false for security
-      windowsHide: true
-    });
-    let stdout = "";
-    let stderr = "";
-    let killed = false;
-    let timeoutHandle;
-    if (timeout > 0) {
-      timeoutHandle = setTimeout(() => {
-        if (!killed) {
-          killed = true;
-          child.kill("SIGTERM");
-          setTimeout(() => {
-            if (child.exitCode === null) {
-              child.kill("SIGKILL");
-            }
-          }, 5e3);
-        }
-      }, timeout);
-    }
-    child.stdout.on("data", (data) => {
-      const chunk = data.toString();
-      if (stdout.length + chunk.length <= maxBuffer) {
-        stdout += chunk;
-      } else {
-        if (!killed) {
-          killed = true;
-          child.kill("SIGTERM");
-        }
-      }
-    });
-    child.stderr.on("data", (data) => {
-      const chunk = data.toString();
-      if (stderr.length + chunk.length <= maxBuffer) {
-        stderr += chunk;
-      } else {
-        if (!killed) {
-          killed = true;
-          child.kill("SIGTERM");
-        }
-      }
-    });
-    child.on("close", (code, signal) => {
-      if (timeoutHandle) {
-        clearTimeout(timeoutHandle);
-      }
-      const duration = Date.now() - startTime;
-      if (debug) {
-        console.log(`[BashExecutor] Command completed - Code: ${code}, Signal: ${signal}, Duration: ${duration}ms`);
-        console.log(`[BashExecutor] Stdout length: ${stdout.length}, Stderr length: ${stderr.length}`);
-      }
-      let success = true;
-      let error = "";
-      if (killed) {
-        success = false;
-        if (stdout.length + stderr.length > maxBuffer) {
-          error = `Command output exceeded maximum buffer size (${maxBuffer} bytes)`;
-        } else {
-          error = `Command timed out after ${timeout}ms`;
-        }
-      } else if (code !== 0) {
-        success = false;
-        error = `Command exited with code ${code}`;
-      }
-      resolve7({
-        success,
-        error,
-        stdout: stdout.trim(),
-        stderr: stderr.trim(),
-        exitCode: code,
-        signal,
-        command,
-        workingDirectory: cwd,
-        duration,
-        killed
-      });
-    });
-    child.on("error", (error) => {
-      if (timeoutHandle) {
-        clearTimeout(timeoutHandle);
-      }
-      if (debug) {
-        console.log(`[BashExecutor] Spawn error:`, error);
-      }
-      resolve7({
-        success: false,
-        error: `Failed to execute command: ${error.message}`,
-        stdout: "",
-        stderr: "",
-        exitCode: 1,
-        command,
-        workingDirectory: cwd,
-        duration: Date.now() - startTime
-      });
-    });
-  });
+  }
+  const [baseCommand, ...commandArgs] = args;
+  return {
+    success: true,
+    error: null,
+    command: baseCommand,
+    args: commandArgs,
+    fullArgs: args,
+    isComplex: false,
+    original: command
+  };
 }
-function formatExecutionResult(result, includeMetadata = false) {
-  if (!result) {
-    return "No result available";
+function isComplexCommand(command) {
+  const result = parseSimpleCommand(command);
+  return result.isComplex;
+}
+function isComplexPattern(pattern) {
+  if (!pattern || typeof pattern !== "string") return false;
+  const operatorPatterns = [
+    /\|/,
+    // Pipes
+    /&&/,
+    // Logical AND
+    /\|\|/,
+    // Logical OR
+    /;/,
+    // Command separator
+    /&$/,
+    // Background execution
+    /\$\(/,
+    // Command substitution $()
+    /`/,
+    // Command substitution ``
+    />/,
+    // Redirection >
+    /</
+    // Redirection <
+  ];
+  return operatorPatterns.some((p) => p.test(pattern));
+}
+function globToRegex(pattern) {
+  let escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+  escaped = escaped.replace(/\*/g, ".*?");
+  return new RegExp("^" + escaped + "$", "i");
+}
+function matchesComplexPattern(command, pattern) {
+  if (!command || !pattern) return false;
+  const normalizedCommand = command.trim().replace(/\s+/g, " ");
+  const normalizedPattern = pattern.trim().replace(/\s+/g, " ");
+  try {
+    const regex = globToRegex(normalizedPattern);
+    return regex.test(normalizedCommand);
+  } catch (e) {
+    return normalizedCommand === normalizedPattern;
   }
-  let output = "";
-  if (includeMetadata) {
-    output += `Command: ${result.command}
-`;
-    output += `Working directory: ${result.workingDirectory}
-`;
-    output += `Duration: ${result.duration}ms
-`;
-    output += `Exit Code: ${result.exitCode}
-`;
-    if (result.signal) {
-      output += `Signal: ${result.signal}
-`;
-    }
-    output += "\n";
+}
+function parseCommand(command) {
+  const result = parseSimpleCommand(command);
+  if (!result.success) {
+    return {
+      command: "",
+      args: [],
+      error: result.error,
+      isComplex: result.isComplex
+    };
   }
-  if (result.stdout) {
-    if (includeMetadata) {
-      output += "--- STDOUT ---\n";
-    }
-    output += result.stdout;
-    if (includeMetadata && result.stderr) {
-      output += "\n";
-    }
+  return {
+    command: result.command,
+    args: result.args,
+    error: null,
+    isComplex: result.isComplex
+  };
+}
+function parseCommandForExecution(command) {
+  const result = parseSimpleCommand(command);
+  if (!result.success) {
+    return null;
   }
-  if (result.stderr) {
-    if (includeMetadata) {
-      if (result.stdout) output += "\n";
-      output += "--- STDERR ---\n";
-    } else if (result.stdout) {
-      output += "\n--- STDERR ---\n";
-    }
-    output += result.stderr;
+  return result.fullArgs;
+}
+var init_bashCommandUtils = __esm({
+  "src/agent/bashCommandUtils.js"() {
+    "use strict";
   }
-  if (!result.success && result.error && !result.stderr) {
-    if (output) output += "\n";
-    output += `Error: ${result.error}`;
+});
+
+// src/agent/bashPermissions.js
+function matchesPattern(parsedCommand, pattern) {
+  if (!parsedCommand || !pattern) return false;
+  const { command, args } = parsedCommand;
+  if (!command) return false;
+  const patternParts = pattern.split(":");
+  const commandName = patternParts[0];
+  if (commandName === "*") {
+    return true;
+  } else if (commandName !== command) {
+    return false;
   }
-  if (!result.success && result.exitCode !== void 0 && result.exitCode !== 0) {
-    if (output) output += "\n";
-    output += `Exit code: ${result.exitCode}`;
+  if (patternParts.length === 1) {
+    return true;
   }
-  return output || (result.success ? "Command completed successfully (no output)" : "Command failed (no output)");
-}
-function validateExecutionOptions(options = {}) {
-  const errors = [];
-  const warnings = [];
-  if (options.timeout !== void 0) {
-    if (typeof options.timeout !== "number" || options.timeout < 0) {
-      errors.push("timeout must be a non-negative number");
-    } else if (options.timeout > 6e5) {
-      warnings.push("timeout is very high (>10 minutes)");
+  for (let i = 1; i < patternParts.length; i++) {
+    const patternArg = patternParts[i];
+    const argIndex = i - 1;
+    if (patternArg === "*") {
+      continue;
     }
-  }
-  if (options.maxBuffer !== void 0) {
-    if (typeof options.maxBuffer !== "number" || options.maxBuffer < 1024) {
-      errors.push("maxBuffer must be at least 1024 bytes");
-    } else if (options.maxBuffer > 100 * 1024 * 1024) {
-      warnings.push("maxBuffer is very high (>100MB)");
+    if (argIndex >= args.length) {
+      return false;
     }
-  }
-  if (options.workingDirectory) {
-    if (typeof options.workingDirectory !== "string") {
-      errors.push("workingDirectory must be a string");
-    } else if (!existsSync(options.workingDirectory)) {
-      errors.push(`workingDirectory does not exist: ${options.workingDirectory}`);
+    const actualArg = args[argIndex];
+    if (patternArg !== actualArg) {
+      return false;
     }
   }
-  if (options.env && typeof options.env !== "object") {
-    errors.push("env must be an object");
-  }
-  return {
-    valid: errors.length === 0,
-    errors,
-    warnings
-  };
+  return true;
 }
-var init_bashExecutor = __esm({
-  "src/agent/bashExecutor.js"() {
+function matchesAnyPattern(parsedCommand, patterns) {
+  if (!patterns || patterns.length === 0) return false;
+  return patterns.some((pattern) => matchesPattern(parsedCommand, pattern));
+}
+var BashPermissionChecker;
+var init_bashPermissions = __esm({
+  "src/agent/bashPermissions.js"() {
     "use strict";
+    init_bashDefaults();
     init_bashCommandUtils();
-  }
-});
-
-// src/tools/bash.js
-import { tool as tool2 } from "ai";
-import { resolve as resolve3, isAbsolute as isAbsolute2, sep } from "path";
-var bashTool;
-var init_bash = __esm({
-  "src/tools/bash.js"() {
-    "use strict";
-    init_bashPermissions();
-    init_bashExecutor();
-    bashTool = (options = {}) => {
-      const {
-        bashConfig = {},
-        debug = false,
-        cwd,
-        allowedFolders = []
-      } = options;
-      const permissionChecker = new BashPermissionChecker({
-        allow: bashConfig.allow,
-        deny: bashConfig.deny,
-        disableDefaultAllow: bashConfig.disableDefaultAllow,
-        disableDefaultDeny: bashConfig.disableDefaultDeny,
-        debug
-      });
-      const getDefaultWorkingDirectory = () => {
-        if (bashConfig.workingDirectory) {
-          return bashConfig.workingDirectory;
+    BashPermissionChecker = class {
+      /**
+       * Create a permission checker
+       * @param {Object} config - Configuration options
+       * @param {string[]} [config.allow] - Additional allow patterns
+       * @param {string[]} [config.deny] - Additional deny patterns
+       * @param {boolean} [config.disableDefaultAllow] - Disable default allow list
+       * @param {boolean} [config.disableDefaultDeny] - Disable default deny list
+       * @param {boolean} [config.debug] - Enable debug logging
+       */
+      constructor(config = {}) {
+        this.debug = config.debug || false;
+        this.allowPatterns = [];
+        if (!config.disableDefaultAllow) {
+          this.allowPatterns.push(...DEFAULT_ALLOW_PATTERNS);
+          if (this.debug) {
+            console.log(`[BashPermissions] Added ${DEFAULT_ALLOW_PATTERNS.length} default allow patterns`);
+          }
         }
-        if (cwd) {
-          return cwd;
+        if (config.allow && Array.isArray(config.allow)) {
+          this.allowPatterns.push(...config.allow);
+          if (this.debug) {
+            console.log(`[BashPermissions] Added ${config.allow.length} custom allow patterns:`, config.allow);
+          }
         }
-        if (allowedFolders && allowedFolders.length > 0) {
-          return allowedFolders[0];
+        this.denyPatterns = [];
+        if (!config.disableDefaultDeny) {
+          this.denyPatterns.push(...DEFAULT_DENY_PATTERNS);
+          if (this.debug) {
+            console.log(`[BashPermissions] Added ${DEFAULT_DENY_PATTERNS.length} default deny patterns`);
+          }
         }
-        return process.cwd();
-      };
-      return tool2({
-        name: "bash",
-        description: `Execute bash commands for system exploration and development tasks.
-
-Security: This tool has built-in security with allow/deny lists. By default, only safe read-only commands are allowed for code exploration.
-
-Parameters:
-- command: (required) The bash command to execute
-- workingDirectory: (optional) Directory to execute command in
-- timeout: (optional) Command timeout in milliseconds
-- env: (optional) Additional environment variables
-
-Examples of allowed commands by default:
-- File exploration: ls, cat, head, tail, find, grep
-- Git operations: git status, git log, git diff, git show
-- Package info: npm list, pip list, cargo --version
-- System info: whoami, pwd, uname, date
-
-Dangerous commands are blocked by default (rm -rf, sudo, npm install, etc.)`,
-        inputSchema: {
-          type: "object",
-          properties: {
-            command: {
-              type: "string",
-              description: "The bash command to execute"
-            },
-            workingDirectory: {
-              type: "string",
-              description: "Directory to execute the command in (optional)"
-            },
-            timeout: {
-              type: "number",
-              description: "Command timeout in milliseconds (optional)",
-              minimum: 1e3,
-              maximum: 6e5
-            },
-            env: {
-              type: "object",
-              description: "Additional environment variables (optional)",
-              additionalProperties: {
-                type: "string"
-              }
-            }
-          },
-          required: ["command"],
-          additionalProperties: false
-        },
-        execute: async ({ command, workingDirectory, timeout, env }) => {
-          try {
-            if (command === null || command === void 0 || typeof command !== "string") {
-              return "Error: Command is required and must be a string";
-            }
-            if (command.trim().length === 0) {
-              return "Error: Command cannot be empty";
-            }
-            const permissionResult = permissionChecker.check(command.trim());
-            if (!permissionResult.allowed) {
-              if (debug) {
-                console.log(`[BashTool] Permission denied for command: "${command}"`);
-                console.log(`[BashTool] Reason: ${permissionResult.reason}`);
-              }
-              return `Permission denied: ${permissionResult.reason}
-
-This command is not allowed by the current security policy. 
-
-Common reasons:
-1. The command is in the deny list (potentially dangerous)
-2. The command is not in the allow list (not a recognized safe command)
-
-If you believe this command should be allowed, you can:
-- Use the --bash-allow option to add specific patterns
-- Use the --no-default-bash-deny flag to remove default restrictions (not recommended)
-
-For code exploration, try these safe alternatives:
-- ls, cat, head, tail for file operations
-- find, grep, rg for searching
-- git status, git log, git show for git operations
-- npm list, pip list for package information`;
-            }
-            const defaultDir = getDefaultWorkingDirectory();
-            const workingDir = workingDirectory ? isAbsolute2(workingDirectory) ? resolve3(workingDirectory) : resolve3(defaultDir, workingDirectory) : defaultDir;
-            if (allowedFolders && allowedFolders.length > 0) {
-              const resolvedWorkingDir = resolve3(workingDir);
-              const isAllowed = allowedFolders.some((folder) => {
-                const resolvedFolder = resolve3(folder);
-                return resolvedWorkingDir === resolvedFolder || resolvedWorkingDir.startsWith(resolvedFolder + sep);
-              });
-              if (!isAllowed) {
-                return `Error: Working directory "${workingDir}" is not within allowed folders: ${allowedFolders.join(", ")}`;
-              }
-            }
-            const executionOptions = {
-              workingDirectory: workingDir,
-              timeout: timeout || bashConfig.timeout || 12e4,
-              env: { ...bashConfig.env, ...env },
-              maxBuffer: bashConfig.maxBuffer,
-              debug
+        if (config.deny && Array.isArray(config.deny)) {
+          this.denyPatterns.push(...config.deny);
+          if (this.debug) {
+            console.log(`[BashPermissions] Added ${config.deny.length} custom deny patterns:`, config.deny);
+          }
+        }
+        if (this.debug) {
+          console.log(`[BashPermissions] Total patterns - Allow: ${this.allowPatterns.length}, Deny: ${this.denyPatterns.length}`);
+        }
+      }
+      /**
+       * Check if a simple command is allowed (complex commands allowed if they match patterns)
+       * @param {string} command - Command to check
+       * @returns {Object} Permission result
+       */
+      check(command) {
+        if (!command || typeof command !== "string") {
+          return {
+            allowed: false,
+            reason: "Invalid or empty command",
+            command
+          };
+        }
+        const commandIsComplex = isComplexCommand(command);
+        if (commandIsComplex) {
+          return this._checkComplexCommand(command);
+        }
+        const parsed = parseCommand(command);
+        if (parsed.error) {
+          return {
+            allowed: false,
+            reason: parsed.error,
+            command
+          };
+        }
+        if (!parsed.command) {
+          return {
+            allowed: false,
+            reason: "No valid command found",
+            command
+          };
+        }
+        if (this.debug) {
+          console.log(`[BashPermissions] Checking simple command: "${command}"`);
+          console.log(`[BashPermissions] Parsed: ${parsed.command} with args: [${parsed.args.join(", ")}]`);
+        }
+        if (matchesAnyPattern(parsed, this.denyPatterns)) {
+          const matchedPatterns = this.denyPatterns.filter((pattern) => matchesPattern(parsed, pattern));
+          return {
+            allowed: false,
+            reason: `Command matches deny pattern: ${matchedPatterns[0]}`,
+            command,
+            parsed,
+            matchedPatterns
+          };
+        }
+        if (this.allowPatterns.length > 0) {
+          if (!matchesAnyPattern(parsed, this.allowPatterns)) {
+            return {
+              allowed: false,
+              reason: "Command not in allow list",
+              command,
+              parsed
             };
-            const validation = validateExecutionOptions(executionOptions);
-            if (!validation.valid) {
-              return `Error: Invalid execution options: ${validation.errors.join(", ")}`;
-            }
-            if (validation.warnings.length > 0 && debug) {
-              console.log("[BashTool] Warnings:", validation.warnings);
-            }
-            if (debug) {
-              console.log(`[BashTool] Executing command: "${command}"`);
-              console.log(`[BashTool] Working directory: "${workingDir}"`);
-              console.log(`[BashTool] Timeout: ${executionOptions.timeout}ms`);
+          }
+        }
+        const result = {
+          allowed: true,
+          command,
+          parsed,
+          isComplex: false
+        };
+        if (this.debug) {
+          console.log(`[BashPermissions] ALLOWED - command passed all checks`);
+        }
+        return result;
+      }
+      /**
+       * Check a complex command against complex patterns in allow/deny lists
+       * @private
+       * @param {string} command - Complex command to check
+       * @returns {Object} Permission result
+       */
+      _checkComplexCommand(command) {
+        if (this.debug) {
+          console.log(`[BashPermissions] Checking complex command: "${command}"`);
+        }
+        const complexAllowPatterns = this.allowPatterns.filter((p) => isComplexPattern(p));
+        const complexDenyPatterns = this.denyPatterns.filter((p) => isComplexPattern(p));
+        if (this.debug) {
+          console.log(`[BashPermissions] Complex allow patterns: ${complexAllowPatterns.length}`);
+          console.log(`[BashPermissions] Complex deny patterns: ${complexDenyPatterns.length}`);
+        }
+        for (const pattern of complexDenyPatterns) {
+          if (matchesComplexPattern(command, pattern)) {
+            if (this.debug) {
+              console.log(`[BashPermissions] DENIED - matches complex deny pattern: ${pattern}`);
             }
-            const result = await executeBashCommand(command.trim(), executionOptions);
-            if (debug) {
-              console.log(`[BashTool] Command completed - Success: ${result.success}, Duration: ${result.duration}ms`);
+            return {
+              allowed: false,
+              reason: `Command matches deny pattern: ${pattern}`,
+              command,
+              isComplex: true,
+              matchedPatterns: [pattern]
+            };
+          }
+        }
+        for (const pattern of complexAllowPatterns) {
+          if (matchesComplexPattern(command, pattern)) {
+            if (this.debug) {
+              console.log(`[BashPermissions] ALLOWED - matches complex allow pattern: ${pattern}`);
             }
-            const formattedResult = formatExecutionResult(result, debug);
-            if (!result.success) {
-              let errorInfo = `
+            return {
+              allowed: true,
+              command,
+              isComplex: true,
+              matchedPattern: pattern
+            };
+          }
+        }
+        if (this.debug) {
+          console.log(`[BashPermissions] DENIED - no matching complex pattern found`);
+        }
+        return {
+          allowed: false,
+          reason: 'Complex shell commands require explicit allow patterns (e.g., "cd * && git *")',
+          command,
+          isComplex: true
+        };
+      }
+      /**
+       * Get configuration summary
+       * @returns {Object} Configuration info
+       */
+      getConfig() {
+        return {
+          allowPatterns: this.allowPatterns.length,
+          denyPatterns: this.denyPatterns.length,
+          totalPatterns: this.allowPatterns.length + this.denyPatterns.length
+        };
+      }
+    };
+  }
+});
 
-Command failed with exit code ${result.exitCode}`;
-              if (result.killed) {
-                errorInfo += ` (${result.error})`;
-              }
-              return formattedResult + errorInfo;
-            }
-            return formattedResult;
-          } catch (error) {
-            if (debug) {
-              console.error("[BashTool] Execution error:", error);
+// src/agent/bashExecutor.js
+import { spawn as spawn2 } from "child_process";
+import { resolve as resolve3, join } from "path";
+import { existsSync as existsSync2 } from "fs";
+async function executeBashCommand(command, options = {}) {
+  const {
+    workingDirectory = process.cwd(),
+    timeout = 12e4,
+    // 2 minutes default
+    env = {},
+    maxBuffer = 10 * 1024 * 1024,
+    // 10MB
+    debug = false
+  } = options;
+  let cwd = workingDirectory;
+  try {
+    cwd = resolve3(cwd);
+    if (!existsSync2(cwd)) {
+      throw new Error(`Working directory does not exist: ${cwd}`);
+    }
+  } catch (error) {
+    return {
+      success: false,
+      error: `Invalid working directory: ${error.message}`,
+      stdout: "",
+      stderr: "",
+      exitCode: 1,
+      command,
+      workingDirectory: cwd,
+      duration: 0
+    };
+  }
+  const startTime = Date.now();
+  if (debug) {
+    console.log(`[BashExecutor] Executing command: "${command}"`);
+    console.log(`[BashExecutor] Working directory: "${cwd}"`);
+    console.log(`[BashExecutor] Timeout: ${timeout}ms`);
+  }
+  return new Promise((resolve7, reject2) => {
+    const processEnv = {
+      ...process.env,
+      ...env
+    };
+    const isComplex = isComplexCommand(command);
+    let cmd, cmdArgs, useShell;
+    if (isComplex) {
+      cmd = "sh";
+      cmdArgs = ["-c", command];
+      useShell = false;
+      if (debug) {
+        console.log(`[BashExecutor] Complex command - using sh -c`);
+      }
+    } else {
+      const args = parseCommandForExecution(command);
+      if (!args || args.length === 0) {
+        resolve7({
+          success: false,
+          error: "Failed to parse command",
+          stdout: "",
+          stderr: "",
+          exitCode: 1,
+          command,
+          workingDirectory: cwd,
+          duration: Date.now() - startTime
+        });
+        return;
+      }
+      [cmd, ...cmdArgs] = args;
+      useShell = false;
+    }
+    const child = spawn2(cmd, cmdArgs, {
+      cwd,
+      env: processEnv,
+      stdio: ["ignore", "pipe", "pipe"],
+      // stdin ignored, capture stdout/stderr
+      shell: useShell,
+      // false for security
+      windowsHide: true
+    });
+    let stdout = "";
+    let stderr = "";
+    let killed = false;
+    let timeoutHandle;
+    if (timeout > 0) {
+      timeoutHandle = setTimeout(() => {
+        if (!killed) {
+          killed = true;
+          child.kill("SIGTERM");
+          setTimeout(() => {
+            if (child.exitCode === null) {
+              child.kill("SIGKILL");
             }
-            return `Error executing bash command: ${error.message}`;
-          }
+          }, 5e3);
+        }
+      }, timeout);
+    }
+    child.stdout.on("data", (data) => {
+      const chunk = data.toString();
+      if (stdout.length + chunk.length <= maxBuffer) {
+        stdout += chunk;
+      } else {
+        if (!killed) {
+          killed = true;
+          child.kill("SIGTERM");
+        }
+      }
+    });
+    child.stderr.on("data", (data) => {
+      const chunk = data.toString();
+      if (stderr.length + chunk.length <= maxBuffer) {
+        stderr += chunk;
+      } else {
+        if (!killed) {
+          killed = true;
+          child.kill("SIGTERM");
+        }
+      }
+    });
+    child.on("close", (code, signal) => {
+      if (timeoutHandle) {
+        clearTimeout(timeoutHandle);
+      }
+      const duration = Date.now() - startTime;
+      if (debug) {
+        console.log(`[BashExecutor] Command completed - Code: ${code}, Signal: ${signal}, Duration: ${duration}ms`);
+        console.log(`[BashExecutor] Stdout length: ${stdout.length}, Stderr length: ${stderr.length}`);
+      }
+      let success = true;
+      let error = "";
+      if (killed) {
+        success = false;
+        if (stdout.length + stderr.length > maxBuffer) {
+          error = `Command output exceeded maximum buffer size (${maxBuffer} bytes)`;
+        } else {
+          error = `Command timed out after ${timeout}ms`;
         }
+      } else if (code !== 0) {
+        success = false;
+        error = `Command exited with code ${code}`;
+      }
+      resolve7({
+        success,
+        error,
+        stdout: stdout.trim(),
+        stderr: stderr.trim(),
+        exitCode: code,
+        signal,
+        command,
+        workingDirectory: cwd,
+        duration,
+        killed
       });
-    };
+    });
+    child.on("error", (error) => {
+      if (timeoutHandle) {
+        clearTimeout(timeoutHandle);
+      }
+      if (debug) {
+        console.log(`[BashExecutor] Spawn error:`, error);
+      }
+      resolve7({
+        success: false,
+        error: `Failed to execute command: ${error.message}`,
+        stdout: "",
+        stderr: "",
+        exitCode: 1,
+        command,
+        workingDirectory: cwd,
+        duration: Date.now() - startTime
+      });
+    });
+  });
+}
+function formatExecutionResult(result, includeMetadata = false) {
+  if (!result) {
+    return "No result available";
   }
-});
-
-// src/tools/edit.js
-import { tool as tool3 } from "ai";
-import { promises as fs6 } from "fs";
-import { dirname, resolve as resolve4, isAbsolute as isAbsolute3, sep as sep2 } from "path";
-import { existsSync as existsSync2 } from "fs";
-function isPathAllowed(filePath, allowedFolders) {
-  if (!allowedFolders || allowedFolders.length === 0) {
-    const resolvedPath2 = resolve4(filePath);
-    const cwd = resolve4(process.cwd());
-    return resolvedPath2 === cwd || resolvedPath2.startsWith(cwd + sep2);
+  let output = "";
+  if (includeMetadata) {
+    output += `Command: ${result.command}
+`;
+    output += `Working directory: ${result.workingDirectory}
+`;
+    output += `Duration: ${result.duration}ms
+`;
+    output += `Exit Code: ${result.exitCode}
+`;
+    if (result.signal) {
+      output += `Signal: ${result.signal}
+`;
+    }
+    output += "\n";
   }
-  const resolvedPath = resolve4(filePath);
-  return allowedFolders.some((folder) => {
-    const allowedPath = resolve4(folder);
-    return resolvedPath === allowedPath || resolvedPath.startsWith(allowedPath + sep2);
-  });
+  if (result.stdout) {
+    if (includeMetadata) {
+      output += "--- STDOUT ---\n";
+    }
+    output += result.stdout;
+    if (includeMetadata && result.stderr) {
+      output += "\n";
+    }
+  }
+  if (result.stderr) {
+    if (includeMetadata) {
+      if (result.stdout) output += "\n";
+      output += "--- STDERR ---\n";
+    } else if (result.stdout) {
+      output += "\n--- STDERR ---\n";
+    }
+    output += result.stderr;
+  }
+  if (!result.success && result.error && !result.stderr) {
+    if (output) output += "\n";
+    output += `Error: ${result.error}`;
+  }
+  if (!result.success && result.exitCode !== void 0 && result.exitCode !== 0) {
+    if (output) output += "\n";
+    output += `Exit code: ${result.exitCode}`;
+  }
+  return output || (result.success ? "Command completed successfully (no output)" : "Command failed (no output)");
 }
-function parseFileToolOptions(options = {}) {
+function validateExecutionOptions(options = {}) {
+  const errors = [];
+  const warnings = [];
+  if (options.timeout !== void 0) {
+    if (typeof options.timeout !== "number" || options.timeout < 0) {
+      errors.push("timeout must be a non-negative number");
+    } else if (options.timeout > 6e5) {
+      warnings.push("timeout is very high (>10 minutes)");
+    }
+  }
+  if (options.maxBuffer !== void 0) {
+    if (typeof options.maxBuffer !== "number" || options.maxBuffer < 1024) {
+      errors.push("maxBuffer must be at least 1024 bytes");
+    } else if (options.maxBuffer > 100 * 1024 * 1024) {
+      warnings.push("maxBuffer is very high (>100MB)");
+    }
+  }
+  if (options.workingDirectory) {
+    if (typeof options.workingDirectory !== "string") {
+      errors.push("workingDirectory must be a string");
+    } else if (!existsSync2(options.workingDirectory)) {
+      errors.push(`workingDirectory does not exist: ${options.workingDirectory}`);
+    }
+  }
+  if (options.env && typeof options.env !== "object") {
+    errors.push("env must be an object");
+  }
   return {
-    debug: options.debug || false,
-    allowedFolders: options.allowedFolders || [],
-    cwd: options.cwd
+    valid: errors.length === 0,
+    errors,
+    warnings
   };
 }
-var editTool, createTool, editDescription, createDescription, editToolDefinition, createToolDefinition;
-var init_edit = __esm({
-  "src/tools/edit.js"() {
+var init_bashExecutor = __esm({
+  "src/agent/bashExecutor.js"() {
     "use strict";
-    editTool = (options = {}) => {
-      const { debug, allowedFolders, cwd } = parseFileToolOptions(options);
-      return tool3({
-        name: "edit",
-        description: `Edit files using exact string replacement (Claude Code style).
-
-This tool performs exact string replacements in files. It requires the old_string to match exactly what's in the file, including all whitespace and indentation.
-
-Parameters:
-- file_path: Path to the file to edit (absolute or relative)
-- old_string: Exact text to find and replace (must be unique in the file unless replace_all is true)
-- new_string: Text to replace with
-- replace_all: (optional) Replace all occurrences instead of requiring uniqueness
+    init_bashCommandUtils();
+  }
+});
 
-Important:
-- The old_string must match EXACTLY including whitespace
-- If old_string appears multiple times and replace_all is false, the edit will fail
-- Use larger context around the string to ensure uniqueness when needed`,
-        inputSchema: {
-          type: "object",
-          properties: {
-            file_path: {
-              type: "string",
-              description: "Path to the file to edit"
-            },
-            old_string: {
-              type: "string",
-              description: "Exact text to find and replace"
-            },
-            new_string: {
-              type: "string",
-              description: "Text to replace with"
-            },
-            replace_all: {
-              type: "boolean",
-              description: "Replace all occurrences (default: false)",
-              default: false
-            }
-          },
-          required: ["file_path", "old_string", "new_string"]
-        },
-        execute: async ({ file_path, old_string, new_string, replace_all = false }) => {
-          try {
-            if (!file_path || typeof file_path !== "string" || file_path.trim() === "") {
-              return `Error editing file: Invalid file_path - must be a non-empty string`;
-            }
-            if (old_string === void 0 || old_string === null || typeof old_string !== "string") {
-              return `Error editing file: Invalid old_string - must be a string`;
-            }
-            if (new_string === void 0 || new_string === null || typeof new_string !== "string") {
-              return `Error editing file: Invalid new_string - must be a string`;
-            }
-            const resolvedPath = isAbsolute3(file_path) ? file_path : resolve4(cwd || process.cwd(), file_path);
-            if (debug) {
-              console.error(`[Edit] Attempting to edit file: ${resolvedPath}`);
-            }
-            if (!isPathAllowed(resolvedPath, allowedFolders)) {
-              return `Error editing file: Permission denied - ${file_path} is outside allowed directories`;
-            }
-            if (!existsSync2(resolvedPath)) {
-              return `Error editing file: File not found - ${file_path}`;
-            }
-            const content = await fs6.readFile(resolvedPath, "utf-8");
-            if (!content.includes(old_string)) {
-              return `Error editing file: String not found - the specified old_string was not found in ${file_path}`;
-            }
-            const occurrences = content.split(old_string).length - 1;
-            if (!replace_all && occurrences > 1) {
-              return `Error editing file: Multiple occurrences found - the old_string appears ${occurrences} times. Use replace_all: true to replace all occurrences, or provide more context to make the string unique.`;
-            }
-            let newContent;
-            if (replace_all) {
-              newContent = content.replaceAll(old_string, new_string);
-            } else {
-              newContent = content.replace(old_string, new_string);
-            }
-            if (newContent === content) {
-              return `Error editing file: No changes made - old_string and new_string might be the same`;
-            }
-            await fs6.writeFile(resolvedPath, newContent, "utf-8");
-            const replacedCount = replace_all ? occurrences : 1;
-            if (debug) {
-              console.error(`[Edit] Successfully edited ${resolvedPath}, replaced ${replacedCount} occurrence(s)`);
-            }
-            return `Successfully edited ${file_path} (${replacedCount} replacement${replacedCount !== 1 ? "s" : ""})`;
-          } catch (error) {
-            console.error("[Edit] Error:", error);
-            return `Error editing file: ${error.message}`;
-          }
-        }
+// src/tools/bash.js
+import { tool as tool3 } from "ai";
+import { resolve as resolve4, isAbsolute as isAbsolute3, sep as sep2 } from "path";
+var bashTool;
+var init_bash = __esm({
+  "src/tools/bash.js"() {
+    "use strict";
+    init_bashPermissions();
+    init_bashExecutor();
+    bashTool = (options = {}) => {
+      const {
+        bashConfig = {},
+        debug = false,
+        cwd,
+        allowedFolders = []
+      } = options;
+      const permissionChecker = new BashPermissionChecker({
+        allow: bashConfig.allow,
+        deny: bashConfig.deny,
+        disableDefaultAllow: bashConfig.disableDefaultAllow,
+        disableDefaultDeny: bashConfig.disableDefaultDeny,
+        debug
       });
-    };
-    createTool = (options = {}) => {
-      const { debug, allowedFolders, cwd } = parseFileToolOptions(options);
+      const getDefaultWorkingDirectory = () => {
+        if (bashConfig.workingDirectory) {
+          return bashConfig.workingDirectory;
+        }
+        if (cwd) {
+          return cwd;
+        }
+        if (allowedFolders && allowedFolders.length > 0) {
+          return allowedFolders[0];
+        }
+        return process.cwd();
+      };
       return tool3({
-        name: "create",
-        description: `Create new files with specified content.
+        name: "bash",
+        description: `Execute bash commands for system exploration and development tasks.
 
-This tool creates new files in the filesystem. It will create parent directories if they don't exist.
+Security: This tool has built-in security with allow/deny lists. By default, only safe read-only commands are allowed for code exploration.
 
 Parameters:
-- file_path: Path where the file should be created (absolute or relative)
-- content: Content to write to the file
-- overwrite: (optional) Whether to overwrite if file exists (default: false)
+- command: (required) The bash command to execute
+- workingDirectory: (optional) Directory to execute command in
+- timeout: (optional) Command timeout in milliseconds
+- env: (optional) Additional environment variables
 
-Important:
-- By default, will fail if the file already exists
-- Set overwrite: true to replace existing files
-- Parent directories will be created automatically if needed`,
+Examples of allowed commands by default:
+- File exploration: ls, cat, head, tail, find, grep
+- Git operations: git status, git log, git diff, git show
+- Package info: npm list, pip list, cargo --version
+- System info: whoami, pwd, uname, date
+
+Dangerous commands are blocked by default (rm -rf, sudo, npm install, etc.)`,
         inputSchema: {
           type: "object",
           properties: {
-            file_path: {
+            command: {
               type: "string",
-              description: "Path where the file should be created"
+              description: "The bash command to execute"
             },
-            content: {
+            workingDirectory: {
               type: "string",
-              description: "Content to write to the file"
+              description: "Directory to execute the command in (optional)"
             },
-            overwrite: {
-              type: "boolean",
-              description: "Overwrite if file exists (default: false)",
-              default: false
+            timeout: {
+              type: "number",
+              description: "Command timeout in milliseconds (optional)",
+              minimum: 1e3,
+              maximum: 6e5
+            },
+            env: {
+              type: "object",
+              description: "Additional environment variables (optional)",
+              additionalProperties: {
+                type: "string"
+              }
             }
           },
-          required: ["file_path", "content"]
+          required: ["command"],
+          additionalProperties: false
         },
-        execute: async ({ file_path, content, overwrite = false }) => {
+        execute: async ({ command, workingDirectory, timeout, env }) => {
           try {
-            if (!file_path || typeof file_path !== "string" || file_path.trim() === "") {
-              return `Error creating file: Invalid file_path - must be a non-empty string`;
+            if (command === null || command === void 0 || typeof command !== "string") {
+              return "Error: Command is required and must be a string";
             }
-            if (content === void 0 || content === null || typeof content !== "string") {
-              return `Error creating file: Invalid content - must be a string`;
+            if (command.trim().length === 0) {
+              return "Error: Command cannot be empty";
             }
-            const resolvedPath = isAbsolute3(file_path) ? file_path : resolve4(cwd || process.cwd(), file_path);
-            if (debug) {
-              console.error(`[Create] Attempting to create file: ${resolvedPath}`);
+            const permissionResult = permissionChecker.check(command.trim());
+            if (!permissionResult.allowed) {
+              if (debug) {
+                console.log(`[BashTool] Permission denied for command: "${command}"`);
+                console.log(`[BashTool] Reason: ${permissionResult.reason}`);
+              }
+              return `Permission denied: ${permissionResult.reason}
+
+This command is not allowed by the current security policy. 
+
+Common reasons:
+1. The command is in the deny list (potentially dangerous)
+2. The command is not in the allow list (not a recognized safe command)
+
+If you believe this command should be allowed, you can:
+- Use the --bash-allow option to add specific patterns
+- Use the --no-default-bash-deny flag to remove default restrictions (not recommended)
+
+For code exploration, try these safe alternatives:
+- ls, cat, head, tail for file operations
+- find, grep, rg for searching
+- git status, git log, git show for git operations
+- npm list, pip list for package information`;
             }
-            if (!isPathAllowed(resolvedPath, allowedFolders)) {
-              return `Error creating file: Permission denied - ${file_path} is outside allowed directories`;
+            const defaultDir = getDefaultWorkingDirectory();
+            const workingDir = workingDirectory ? isAbsolute3(workingDirectory) ? resolve4(workingDirectory) : resolve4(defaultDir, workingDirectory) : defaultDir;
+            if (allowedFolders && allowedFolders.length > 0) {
+              const resolvedWorkingDir = resolve4(workingDir);
+              const isAllowed = allowedFolders.some((folder) => {
+                const resolvedFolder = resolve4(folder);
+                return resolvedWorkingDir === resolvedFolder || resolvedWorkingDir.startsWith(resolvedFolder + sep2);
+              });
+              if (!isAllowed) {
+                return `Error: Working directory "${workingDir}" is not within allowed folders: ${allowedFolders.join(", ")}`;
+              }
             }
-            if (existsSync2(resolvedPath) && !overwrite) {
-              return `Error creating file: File already exists - ${file_path}. Use overwrite: true to replace it.`;
+            const executionOptions = {
+              workingDirectory: workingDir,
+              timeout: timeout || bashConfig.timeout || 12e4,
+              env: { ...bashConfig.env, ...env },
+              maxBuffer: bashConfig.maxBuffer,
+              debug
+            };
+            const validation = validateExecutionOptions(executionOptions);
+            if (!validation.valid) {
+              return `Error: Invalid execution options: ${validation.errors.join(", ")}`;
+            }
+            if (validation.warnings.length > 0 && debug) {
+              console.log("[BashTool] Warnings:", validation.warnings);
             }
-            const dir = dirname(resolvedPath);
-            await fs6.mkdir(dir, { recursive: true });
-            await fs6.writeFile(resolvedPath, content, "utf-8");
-            const action = existsSync2(resolvedPath) && overwrite ? "overwrote" : "created";
-            const bytes = Buffer.byteLength(content, "utf-8");
             if (debug) {
-              console.error(`[Create] Successfully ${action} ${resolvedPath}`);
+              console.log(`[BashTool] Executing command: "${command}"`);
+              console.log(`[BashTool] Working directory: "${workingDir}"`);
+              console.log(`[BashTool] Timeout: ${executionOptions.timeout}ms`);
             }
-            return `Successfully ${action} ${file_path} (${bytes} bytes)`;
+            const result = await executeBashCommand(command.trim(), executionOptions);
+            if (debug) {
+              console.log(`[BashTool] Command completed - Success: ${result.success}, Duration: ${result.duration}ms`);
+            }
+            const formattedResult = formatExecutionResult(result, debug);
+            if (!result.success) {
+              let errorInfo = `
+
+Command failed with exit code ${result.exitCode}`;
+              if (result.killed) {
+                errorInfo += ` (${result.error})`;
+              }
+              return formattedResult + errorInfo;
+            }
+            return formattedResult;
           } catch (error) {
-            console.error("[Create] Error:", error);
-            return `Error creating file: ${error.message}`;
+            if (debug) {
+              console.error("[BashTool] Execution error:", error);
+            }
+            return `Error executing bash command: ${error.message}`;
           }
         }
       });
     };
-    editDescription = "Edit files using exact string replacement. Requires exact match including whitespace.";
-    createDescription = "Create new files with specified content. Will create parent directories if needed.";
-    editToolDefinition = `
-## edit
-Description: ${editDescription}
-
-When to use:
-- For precise, surgical edits to existing files
-- When you need to change specific lines or blocks of code
-- For renaming functions, variables, or updating configuration values
-- When the exact text to replace is known and unique (or use replace_all for multiple occurrences)
-
-When NOT to use:
-- For creating new files (use 'create' tool instead)
-- When you cannot determine the exact text to replace
-- When changes span multiple locations that would be better handled together
-
-Parameters:
-- file_path: (required) Path to the file to edit
-- old_string: (required) Exact text to find and replace (must match including whitespace, newlines, and indentation)
-- new_string: (required) Text to replace with
-- replace_all: (optional, default: false) Replace all occurrences if the string appears multiple times
-
-Important notes:
-- The old_string MUST match EXACTLY, including all whitespace, indentation, and line breaks
-- If old_string appears multiple times and replace_all is false, the tool will fail
-- Always verify the exact formatting of the text you want to replace
-
-Examples:
-<edit>
-<file_path>src/main.js</file_path>
-<old_string>function oldName() {
-  return 42;
-}</old_string>
-<new_string>function newName() {
-  return 42;
-}</new_string>
-</edit>
-
-<edit>
-<file_path>config.json</file_path>
-<old_string>"debug": false</old_string>
-<new_string>"debug": true</new_string>
-<replace_all>true</replace_all>
-</edit>`;
-    createToolDefinition = `
-## create
-Description: ${createDescription}
-
-When to use:
-- For creating brand new files from scratch
-- When you need to add configuration files, documentation, or new modules
-- For generating boilerplate code or templates
-- When you have the complete content ready to write
-
-When NOT to use:
-- For editing existing files (use 'edit' tool instead)
-- When a file already exists unless you explicitly want to overwrite it
-
-Parameters:
-- file_path: (required) Path where the file should be created
-- content: (required) Complete content to write to the file
-- overwrite: (optional, default: false) Whether to overwrite if file already exists
-
-Important notes:
-- Parent directories will be created automatically if they don't exist
-- The tool will fail if the file already exists and overwrite is false
-- Be careful with the overwrite option as it completely replaces existing files
-
-Examples:
-<create>
-<file_path>src/newFile.js</file_path>
-<content>export function hello() {
-  return "Hello, world!";
-}</content>
-</create>
-
-<create>
-<file_path>README.md</file_path>
-<content># My Project
-
-This is a new project.</content>
-<overwrite>true</overwrite>
-</create>`;
   }
 });
 
@@ -17708,7 +17766,7 @@ function removeThinkingTags(xmlString) {
   const thinkingIndex = result.indexOf("<thinking>");
   if (thinkingIndex !== -1) {
     const afterThinking = result.substring(thinkingIndex + "<thinking>".length);
-    const toolPattern = /<(search|query|extract|listFiles|searchFiles|implement|attempt_completion|attempt_complete)>/;
+    const toolPattern = buildToolTagPattern(DEFAULT_VALID_TOOLS);
     const toolMatch = afterThinking.match(toolPattern);
     if (toolMatch) {
       const toolStart = thinkingIndex + "<thinking>".length + toolMatch.index;
@@ -17783,8 +17841,7 @@ function checkAttemptCompleteRecovery(cleanedXmlString, validTools = []) {
   return null;
 }
 function hasOtherToolTags(xmlString, validTools = []) {
-  const defaultTools = ["search", "query", "extract", "listFiles", "searchFiles", "implement", "attempt_completion"];
-  const toolsToCheck = validTools.length > 0 ? validTools : defaultTools;
+  const toolsToCheck = validTools.length > 0 ? validTools : DEFAULT_VALID_TOOLS;
   for (const tool4 of toolsToCheck) {
     if (tool4 !== "attempt_completion" && xmlString.includes(`<${tool4}`)) {
       return true;
@@ -17809,6 +17866,7 @@ ${thinkingContent}`);
 var init_xmlParsingUtils = __esm({
   "src/agent/xmlParsingUtils.js"() {
     "use strict";
+    init_common();
   }
 });