@quanta-intellect/vessel-browser 0.1.94 → 0.1.97

package/out/main/index.js

@@ -15,6 +15,7 @@ const http$1 = require("node:http");
 const os = require("node:os");
 const mcp_js = require("@modelcontextprotocol/sdk/server/mcp.js");
 const streamableHttp_js = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
+const promises = require("fs/promises");
 function getEnvFlag(name) {
   const globalProcess = typeof globalThis === "object" && "process" in globalThis ? globalThis.process : void 0;
   return globalProcess?.env?.[name];
@@ -79,7 +80,7 @@ const defaults = {
 const SAVE_DEBOUNCE_MS$6 = 150;
 const CHAT_PROVIDER_SECRET_FILENAME = "vessel-chat-provider-secret";
 const CODEX_TOKENS_FILENAME = "vessel-codex-tokens";
-const logger$n = createLogger("Settings");
+const logger$p = createLogger("Settings");
 const SETTABLE_KEYS = new Set(Object.keys(defaults));
 let settings = null;
 let settingsIssues = [];
@@ -276,9 +277,10 @@ function persistNow() {
   return fs.promises.mkdir(path.dirname(getSettingsPath()), { recursive: true }).then(
     () => fs.promises.writeFile(
       getSettingsPath(),
-      JSON.stringify(buildPersistedSettings(settings), null, 2)
+      JSON.stringify(buildPersistedSettings(settings), null, 2),
+      { encoding: "utf-8", mode: 384 }
     )
-  ).catch((err) => logger$n.error("Failed to save settings:", err));
+  ).then(() => fs.promises.chmod(getSettingsPath(), 384).catch(() => void 0)).catch((err) => logger$p.error("Failed to save settings:", err));
 }
 function saveSettings() {
   saveDirty = true;
@@ -407,7 +409,7 @@ function loadTrustedAppURL(wc, url) {
 }
 const MAX_CUSTOM_HISTORY = 50;
 const READER_MODE_DATA_URL_PREFIX = "data:text/html;charset=utf-8,";
-const logger$m = createLogger("Tab");
+const logger$o = createLogger("Tab");
 const sessionCertExceptions = /* @__PURE__ */ new WeakMap();
 const sessionsWithVerifyProc = /* @__PURE__ */ new WeakSet();
 const CERT_VERIFY_TRUST = 0;
@@ -473,7 +475,7 @@ class Tab {
   guardedLoadURL(url, options) {
     const blockReason = this.getNavigationBlockReason(url);
     if (blockReason) {
-      logger$m.warn(blockReason);
+      logger$o.warn(blockReason);
       return blockReason;
     }
     void this.view.webContents.loadURL(url, options);
@@ -557,7 +559,7 @@ class Tab {
     wc.setWindowOpenHandler(({ url, disposition }) => {
       const error = this.getNavigationBlockReason(url);
       if (error) {
-        logger$m.warn(error);
+        logger$o.warn(error);
         return { action: "deny" };
       }
       this.onOpenUrl?.({
@@ -571,7 +573,7 @@ class Tab {
       const error = this.getNavigationBlockReason(url);
       if (!error) return;
       event.preventDefault();
-      logger$m.warn(`${context}: ${error}`);
+      logger$o.warn(`${context}: ${error}`);
     };
     wc.on("will-navigate", (event, url) => {
       blockNavigation(event, url, "Blocked top-level navigation");
@@ -655,7 +657,7 @@ class Tab {
         ::-webkit-scrollbar-thumb { background: rgba(255,255,255,0.12); border-radius: 999px; }
         ::-webkit-scrollbar-thumb:hover { background: rgba(255,255,255,0.22); }
         ::-webkit-scrollbar-corner { background: transparent; }
-      `).catch((err) => logger$m.warn("Failed to inject scrollbar CSS:", err));
+      `).catch((err) => logger$o.warn("Failed to inject scrollbar CSS:", err));
     });
     wc.on("page-favicon-updated", (_, favicons) => {
       this._state.favicon = favicons[0] || "";
@@ -691,7 +693,7 @@ class Tab {
       ).then((highlightedText) => {
         this.buildContextMenu(wc, params, highlightedText.trim());
       }).catch((err) => {
-        logger$m.warn("Failed to inspect highlighted text for context menu:", err);
+        logger$o.warn("Failed to inspect highlighted text for context menu:", err);
         this.buildContextMenu(wc, params, "");
       });
     });
@@ -892,7 +894,7 @@ class Tab {
         "document.documentElement.outerHTML"
       );
     } catch (err) {
-      logger$m.warn("Failed to retrieve page source:", err);
+      logger$o.warn("Failed to retrieve page source:", err);
       return;
     }
     const escaped = html.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
@@ -1020,7 +1022,7 @@ class Tab {
             document.addEventListener('mouseup', window.__vesselHighlightHandler);
           }
         })()
-      `).catch((err) => logger$m.warn("Failed to inject highlight listener:", err));
+      `).catch((err) => logger$o.warn("Failed to inject highlight listener:", err));
     } else {
       void wc.executeJavaScript(`
         (function() {
@@ -1031,7 +1033,7 @@ class Tab {
             delete window.__vesselHighlightHandler;
           }
         })()
-      `).catch((err) => logger$m.warn("Failed to remove highlight listener:", err));
+      `).catch((err) => logger$o.warn("Failed to remove highlight listener:", err));
     }
   }
   get webContentsId() {
@@ -1068,7 +1070,7 @@ const SEARCH_ENGINE_PRESETS = {
   ecosia: { label: "Ecosia", url: "https://www.ecosia.org/search?q=" },
   kagi: { label: "Kagi", url: "https://kagi.com/search?q=" }
 };
-const logger$l = createLogger("JsonPersistence");
+const logger$n = createLogger("JsonPersistence");
 function canUseSafeStorage() {
   try {
     return electron.safeStorage.isEncryptionAvailable();
@@ -1133,7 +1135,7 @@ function createDebouncedJsonPersistence({
         data,
         typeof data === "string" ? { encoding: "utf-8", mode: 384 } : { mode: 384 }
       )
-    ).catch((err) => logger$l.error(`Failed to save ${logLabel}:`, err));
+    ).then(() => fs.promises.chmod(filePath2, 384).catch(() => void 0)).catch((err) => logger$n.error(`Failed to save ${logLabel}:`, err));
   };
   const schedule = () => {
     saveDirty2 = true;
@@ -2814,7 +2816,7 @@ function destroySession(tabId) {
     sessions.delete(tabId);
   }
 }
-const logger$k = createLogger("TabManager");
+const logger$m = createLogger("TabManager");
 function sanitizePdfFilename(title) {
   const clean = title.replace(/[<>:"/\\|?*\x00-\x1f]/g, " ").replace(/\s+/g, " ").trim();
   const base = (clean || "Vessel Page").replace(/\.pdf$/i, "");
@@ -3213,7 +3215,7 @@ class TabManager {
     }));
     if (entries.length > 0) {
       void highlightBatchOnPage(wc, entries).catch(
-        (err) => logger$k.warn("Failed to batch highlight:", err)
+        (err) => logger$m.warn("Failed to batch highlight:", err)
       );
     }
   }
@@ -3235,12 +3237,12 @@ class TabManager {
         const result = await captureSelectionHighlight(wc);
         if (result.success && result.text) {
           await highlightOnPage(wc, null, result.text, void 0, void 0, "yellow").catch(
-            (err) => logger$k.warn("Failed to capture highlight:", err)
+            (err) => logger$m.warn("Failed to capture highlight:", err)
           );
         }
         this.highlightCaptureCallback?.(result);
       } catch (err) {
-        logger$k.warn("Failed to capture highlight from page:", err);
+        logger$m.warn("Failed to capture highlight from page:", err);
         this.highlightCaptureCallback?.({
           success: false,
           message: "Could not capture selection"
@@ -3265,7 +3267,7 @@ class TabManager {
           void this.removeHighlightMarksForText(wc, text);
         }
       } catch (err) {
-        logger$k.warn("Failed to remove highlight from matching tab:", err);
+        logger$m.warn("Failed to remove highlight from matching tab:", err);
       }
     }
     this.highlightCaptureCallback?.({
@@ -3296,12 +3298,12 @@ class TabManager {
               void 0,
               color
             ).catch(
-              (err) => logger$k.warn("Failed to update highlight color:", err)
+              (err) => logger$m.warn("Failed to update highlight color:", err)
             );
           });
         }
       } catch (err) {
-        logger$k.warn("Failed to iterate highlights for color change:", err);
+        logger$m.warn("Failed to iterate highlights for color change:", err);
       }
     }
     this.highlightCaptureCallback?.({
@@ -3342,7 +3344,7 @@ class TabManager {
         });
       })()`
     ).catch(
-      (err) => logger$k.warn("Failed to remove highlight marks:", err)
+      (err) => logger$m.warn("Failed to remove highlight marks:", err)
     );
   }
   broadcastState() {
@@ -3372,6 +3374,7 @@ const Channels = {
   AI_STREAM_CHUNK: "ai:stream-chunk",
   AI_STREAM_END: "ai:stream-end",
   AI_STREAM_IDLE: "ai:stream-idle",
+  AI_RESEARCH_CLARIFICATION: "ai:research-clarification",
   AUTOMATION_ACTIVITY_START: "automation:activity-start",
   AUTOMATION_ACTIVITY_CHUNK: "automation:activity-chunk",
   AUTOMATION_ACTIVITY_END: "automation:activity-end",
@@ -3552,6 +3555,16 @@ const Channels = {
   CLEAR_BROWSING_DATA_OPEN: "browsing-data:open",
   // Picture-in-Picture
   TAB_TOGGLE_PIP: "tab:toggle-pip",
+  // Research Desk
+  RESEARCH_STATE_GET: "research:state-get",
+  RESEARCH_STATE_UPDATE: "research:state-update",
+  RESEARCH_START_BRIEF: "research:start-brief",
+  RESEARCH_CONFIRM_BRIEF: "research:confirm-brief",
+  RESEARCH_APPROVE_OBJECTIVES: "research:approve-objectives",
+  RESEARCH_SET_MODE: "research:set-mode",
+  RESEARCH_SET_TRACES: "research:set-traces",
+  RESEARCH_CANCEL: "research:cancel",
+  RESEARCH_EXPORT_REPORT: "research:export-report",
   // Codex OAuth
   CODEX_START_AUTH: "codex:start-auth",
   CODEX_CANCEL_AUTH: "codex:cancel-auth",
@@ -4521,7 +4534,7 @@ function errorResult(error, value) {
 function getErrorMessage(error, fallback = "Unknown error") {
   return error instanceof Error && error.message ? error.message : fallback;
 }
-const logger$j = createLogger("Premium");
+const logger$l = createLogger("Premium");
 const VERIFICATION_API = process.env.VESSEL_PREMIUM_API || "https://vesselpremium.quantaintellect.com";
 const FREE_TOOL_ITERATION_LIMIT = 50;
 const REVALIDATION_INTERVAL_MS = 24 * 60 * 60 * 1e3;
@@ -4561,7 +4574,10 @@ const PREMIUM_TOOLS = /* @__PURE__ */ new Set([
   "vault_totp",
   "human_vault_list",
   "human_vault_fill",
-  "human_vault_remove"
+  "human_vault_remove",
+  "research_confirm_brief",
+  "research_approve_objectives",
+  "research_export_report"
 ]);
 function isPremium() {
   const { premium } = loadSettings();
@@ -4637,7 +4653,7 @@ async function verifySubscription$1(identifier) {
     });
     if (!res.ok) {
       const detail = await readApiErrorDetail(res);
-      logger$j.warn(
+      logger$l.warn(
         "Verification API returned a non-OK status:",
         res.status,
         detail
@@ -4656,7 +4672,7 @@ async function verifySubscription$1(identifier) {
     setSetting("premium", updated);
     return updated;
   } catch (err) {
-    logger$j.warn("Verification failed:", err);
+    logger$l.warn("Verification failed:", err);
     return current;
   }
 }
@@ -4760,6 +4776,21 @@ const POSTHOG_HOST = process.env.POSTHOG_HOST || "https://us.i.posthog.com";
 const BATCH_INTERVAL_MS = 6e4;
 const MAX_BATCH_SIZE = 50;
 const SENSITIVE_PROPERTY_RE = /url|uri|query|prompt|content|text|token|secret|key|password|credential|email|domain/i;
+const SENSITIVE_STRING_VALUE_RE = /https?:\/\/|www\.|[^\s@]+@[^\s@]+\.[^\s@]+|bearer\s+\S+|eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.|(?:sk|pk|rk|gh[pousr]|xox[baprs])-[-_A-Za-z0-9]{12,}/i;
+const EMPTY_PROPERTY_ALLOWLIST = /* @__PURE__ */ new Set();
+const TELEMETRY_PROPERTY_ALLOWLIST = {
+  app_launched: /* @__PURE__ */ new Set(["electron_version", "chrome_version"]),
+  app_session_ended: /* @__PURE__ */ new Set(["duration_minutes"]),
+  tool_called: /* @__PURE__ */ new Set(["tool_name", "page_type"]),
+  provider_configured: /* @__PURE__ */ new Set(["provider_id"]),
+  page_type_detected: /* @__PURE__ */ new Set(["page_type"]),
+  setting_changed: /* @__PURE__ */ new Set(["setting_key"]),
+  approval_mode_changed: /* @__PURE__ */ new Set(["mode"]),
+  bookmark_action: /* @__PURE__ */ new Set(["action"]),
+  vault_action: /* @__PURE__ */ new Set(["action"]),
+  extraction_failed: /* @__PURE__ */ new Set(["reason"]),
+  premium_funnel: /* @__PURE__ */ new Set(["step", "status", "reason"])
+};
 function getDeviceIdPath() {
   return path.join(electron.app.getPath("userData"), ".vessel-device-id");
 }
@@ -4775,7 +4806,8 @@ function getDeviceId() {
   deviceId = crypto$1.randomUUID();
   try {
     fs.mkdirSync(path.dirname(idPath), { recursive: true });
-    fs.writeFileSync(idPath, deviceId, "utf-8");
+    fs.writeFileSync(idPath, deviceId, { encoding: "utf-8", mode: 384 });
+    fs.chmodSync(idPath, 384);
   } catch {
   }
   return deviceId;
@@ -4788,11 +4820,15 @@ function isEnabled() {
   if (process.env.VESSEL_DEV === "1") return false;
   return loadSettings().telemetryEnabled !== false;
 }
-function sanitizeTelemetryProperties(properties) {
+function sanitizeTelemetryProperties(properties, allowedKeys) {
   const safe = {};
   for (const [key2, value] of Object.entries(properties)) {
-    if (SENSITIVE_PROPERTY_RE.test(key2)) continue;
+    if (allowedKeys && !allowedKeys.has(key2)) continue;
+    if (!allowedKeys?.has(key2) && SENSITIVE_PROPERTY_RE.test(key2)) continue;
     if (typeof value === "string" || typeof value === "number" || typeof value === "boolean" || value === null) {
+      if (typeof value === "string" && SENSITIVE_STRING_VALUE_RE.test(value)) {
+        continue;
+      }
       safe[key2] = typeof value === "string" ? value.slice(0, 120) : value;
     }
   }
@@ -4800,10 +4836,11 @@ function sanitizeTelemetryProperties(properties) {
 }
 function trackEvent(event, properties = {}) {
   if (!isEnabled()) return;
+  const allowedKeys = TELEMETRY_PROPERTY_ALLOWLIST[event] ?? EMPTY_PROPERTY_ALLOWLIST;
   eventQueue.push({
     event,
     properties: {
-      ...sanitizeTelemetryProperties(properties),
+      ...sanitizeTelemetryProperties(properties, allowedKeys),
       premium_status: isPremium() ? "premium" : "free",
       app_version: electron.app.getVersion(),
       platform: process.platform,
@@ -5240,7 +5277,7 @@ const EXTRACT_TIMEOUT_MAX_MS = 2e4;
 const MUTATION_CAPTURE_INTERVAL_MS = 5e3;
 const MUTATION_SETTLE_AFTER_MS = 1500;
 const AGENT_STREAM_IDLE_TIMEOUT_MS = 3e4;
-const logger$i = createLogger("Extractor");
+const logger$k = createLogger("Extractor");
 const EMPTY_PAGE_CONTENT = {
   title: "",
   content: "",
@@ -5966,7 +6003,8 @@ async function waitForDomReady(webContents, timeoutMs = DEFAULT_PAGE_SCRIPT_TIME
       (function() {
         return document.readyState || "";
       })()
-    `
+    `,
+      { label: "ready-state" }
     );
     if (readyState === "interactive" || readyState === "complete") {
       return;
@@ -5974,7 +6012,7 @@ async function waitForDomReady(webContents, timeoutMs = DEFAULT_PAGE_SCRIPT_TIME
     await delay(75);
   }
 }
-async function executeScript(webContents, script) {
+async function executeScript(webContents, script, options = {}) {
   if (webContents.isDestroyed()) {
     return null;
   }
@@ -5990,7 +6028,15 @@ async function executeScript(webContents, script) {
       })
     ]);
   } catch (err) {
-    logger$i.warn("Failed to execute page script:", err);
+    const label = options.label ? ` (${options.label})` : "";
+    const url = webContents.getURL() || "unknown URL";
+    const message = err instanceof Error ? err.message : String(err);
+    const detail = `Failed to execute page script${label} on ${url}: ${message}`;
+    if (options.warnOnFailure) {
+      logger$k.warn(detail);
+    } else {
+      logger$k.debug(detail);
+    }
     return null;
   } finally {
     if (timer) {
@@ -6087,7 +6133,8 @@ async function estimateExtractionTimeout(webContents) {
   try {
     const elementCount = await executeScript(
       webContents,
-      `(function() { try { return document.querySelectorAll('*').length; } catch { return 0; } })()`
+      `(function() { try { return document.querySelectorAll('*').length; } catch { return 0; } })()`,
+      { label: "element-count" }
     );
     if (typeof elementCount === "number" && elementCount > 5e3) {
       const extra = Math.min(
@@ -6097,15 +6144,19 @@ async function estimateExtractionTimeout(webContents) {
       return EXTRACT_TIMEOUT_BASE_MS + extra;
     }
   } catch (err) {
-    logger$i.warn("Failed to estimate extraction timeout, using base timeout:", err);
+    logger$k.warn("Failed to estimate extraction timeout, using base timeout:", err);
   }
   return EXTRACT_TIMEOUT_BASE_MS;
 }
 async function extractContentInner(webContents) {
   await waitForDomReady(webContents);
   const [preloadResult, directResult] = await Promise.all([
-    executeScript(webContents, PRELOAD_EXTRACTION_SCRIPT),
-    executeScript(webContents, DIRECT_EXTRACTION_SCRIPT)
+    executeScript(webContents, PRELOAD_EXTRACTION_SCRIPT, {
+      label: "preload-extraction"
+    }),
+    executeScript(webContents, DIRECT_EXTRACTION_SCRIPT, {
+      label: "direct-extraction"
+    })
   ]);
   return mergePageContent(
     [preloadResult, directResult],
@@ -6985,8 +7036,9 @@ function isClickReadLoop(names) {
   }
   return clickReadPairs >= 2;
 }
+const TERMINAL_TOOL_RESULT = "__VESSEL_TERMINAL_TOOL_RESULT__";
 const ANTHROPIC_MAX_TOKENS = 4096;
-function isRecord(value) {
+function isRecord$1(value) {
   return value !== null && typeof value === "object" && !Array.isArray(value);
 }
 function anthropicModelLikelySupportsThinking(model) {
@@ -7110,7 +7162,7 @@ class AnthropicProvider {
             } else if (event.type === "content_block_stop" && currentToolUse) {
               try {
                 const input = JSON.parse(currentToolUse.inputJson || "{}");
-                if (!isRecord(input)) {
+                if (!isRecord$1(input)) {
                   throw new Error("Tool input must be a JSON object");
                 }
                 toolUseBlocks.push({
@@ -7188,6 +7240,9 @@ class AnthropicProvider {
             const msg = toolErr instanceof Error ? toolErr.message : String(toolErr);
             result = `Error: Tool execution failed — ${msg}. Try a different approach or call read_page to refresh context.`;
           }
+          if (result === TERMINAL_TOOL_RESULT) {
+            return;
+          }
           let parsedRich = null;
           try {
             const parsed = JSON.parse(result);
@@ -7456,7 +7511,7 @@ const MAX_MCP_NAV_CONTENT_LENGTH = 3e4;
 const MAX_AGENT_DEBUG_CONTENT_LENGTH = 2e4;
 const LLAMA_CPP_MIN_CTX_TOKENS = 16384;
 const LLAMA_CPP_RECOMMENDED_CTX_TOKENS = 32768;
-const logger$h = createLogger("OpenAIProvider");
+const logger$j = createLogger("OpenAIProvider");
 function shouldDebugAgentLoop() {
   const value = process.env.VESSEL_DEBUG_AGENT_LOOP;
   return value === "1" || value === "true";
@@ -7981,9 +8036,9 @@ function resolveToolCallName(rawName, args, availableToolNames) {
 function logAgentLoopDebug(payload) {
   if (!shouldDebugAgentLoop()) return;
   try {
-    logger$h.info(`[agent-debug] ${JSON.stringify(payload)}`);
+    logger$j.info(`[agent-debug] ${JSON.stringify(payload)}`);
   } catch (err) {
-    logger$h.warn("Failed to serialize debug payload:", err);
+    logger$j.warn("Failed to serialize debug payload:", err);
   }
 }
 function recoverTextEncodedToolCalls(text, availableToolNames) {
@@ -8454,6 +8509,9 @@ class OpenAICompatProvider {
             const msg = toolErr instanceof Error ? toolErr.message : String(toolErr);
             result = `Error: Tool execution failed — ${msg}. Try a different approach or call read_page to refresh context.`;
           }
+          if (result === TERMINAL_TOOL_RESULT) {
+            return;
+          }
           let toolContent = result;
           try {
             const parsed = JSON.parse(result);
@@ -8523,12 +8581,15 @@ async function openExternalAllowlisted(url, rule) {
   if (!schemes.includes(parsed.protocol)) {
     throw new Error(`Blocked external URL scheme: ${parsed.protocol}`);
   }
+  if (parsed.username || parsed.password) {
+    throw new Error("Blocked external URL with embedded credentials");
+  }
   if (rule.hosts && !rule.hosts.includes(parsed.hostname)) {
     throw new Error(`Blocked external URL host: ${parsed.hostname}`);
   }
   await electron.shell.openExternal(parsed.toString());
 }
-const logger$g = createLogger("CodexOAuth");
+const logger$i = createLogger("CodexOAuth");
 const ISSUER = "https://auth.openai.com";
 const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
 const SCOPE = "openid profile email offline_access api.connectors.read api.connectors.invoke";
@@ -8593,54 +8654,6 @@ function parseTokenExpiry(accessToken) {
   }
   return Date.now() + 36e5;
 }
-async function exchangeIdTokenForApiKey(idToken) {
-  const body = new URLSearchParams({
-    grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
-    client_id: CLIENT_ID,
-    requested_token: "openai-api-key",
-    subject_token: idToken,
-    subject_token_type: "urn:ietf:params:oauth:token-type:id_token"
-  });
-  const response = await fetch(`${ISSUER}/oauth/token`, {
-    method: "POST",
-    headers: { "Content-Type": "application/x-www-form-urlencoded" },
-    body: body.toString()
-  });
-  if (!response.ok) {
-    let errorMsg = `OpenAI API token exchange failed: ${response.status}`;
-    try {
-      const err = await response.json();
-      if (typeof err.error_description === "string") {
-        errorMsg = err.error_description;
-      } else if (typeof err.error === "string") {
-        errorMsg = err.error;
-      }
-    } catch {
-    }
-    throw new Error(errorMsg);
-  }
-  const data = await response.json();
-  if (!data.access_token) {
-    throw new Error("OpenAI API token exchange did not return an access token");
-  }
-  return data.access_token;
-}
-async function ensureCodexApiKey(tokens) {
-  if (tokens.apiKey) return tokens;
-  if (!tokens.idToken) return tokens;
-  try {
-    return {
-      ...tokens,
-      apiKey: await exchangeIdTokenForApiKey(tokens.idToken)
-    };
-  } catch (err) {
-    logger$g.warn(
-      "Codex API-key token exchange failed; continuing with ChatGPT OAuth tokens:",
-      err
-    );
-    return tokens;
-  }
-}
 async function exchangeCodeForTokens(code, redirectUri, codeVerifier) {
   const body = new URLSearchParams({
     grant_type: "authorization_code",
@@ -8678,7 +8691,7 @@ async function exchangeCodeForTokens(code, redirectUri, codeVerifier) {
     accountId: claims?.accountId || "",
     accountEmail: claims?.email
   };
-  return ensureCodexApiKey(tokens);
+  return tokens;
 }
 async function refreshAccessToken(tokens) {
   const body = new URLSearchParams({
@@ -8714,7 +8727,7 @@ async function refreshAccessToken(tokens) {
     accountId: claims?.accountId || tokens.accountId || "",
     accountEmail: claims?.email || tokens.accountEmail
   };
-  return ensureCodexApiKey(refreshedTokens);
+  return refreshedTokens;
 }
 function startServer(port, pkce, expectedState, resolve, reject) {
   const server = http.createServer(async (req, res) => {
@@ -8825,7 +8838,7 @@ async function startCodexOAuth(onStatus) {
       try {
         onStatus(status, error);
       } catch {
-        logger$g.warn("Codex OAuth status callback failed — window may be closed");
+        logger$i.warn("Codex OAuth status callback failed — window may be closed");
       }
     };
     const wrappedResolve = (tokens) => {
@@ -8865,7 +8878,7 @@ async function startCodexOAuth(onStatus) {
       const authUrl = buildAuthorizeUrl(port, pkce, state2);
       safeOnStatus("waiting");
       openExternalAllowlisted(authUrl, { hosts: ["auth.openai.com"] }).catch((err) => {
-        logger$g.warn("Failed to open browser, user will need the URL:", err);
+        logger$i.warn("Failed to open browser, user will need the URL:", err);
       });
     }).catch(wrappedReject);
   });
@@ -8877,20 +8890,68 @@ function cancelCodexOAuth() {
   try {
     activeFlow.onStatus("idle");
   } catch {
-    logger$g.warn("Codex OAuth cancel status callback failed — window may be closed");
+    logger$i.warn("Codex OAuth cancel status callback failed — window may be closed");
   }
   activeFlow = null;
 }
-const logger$f = createLogger("CodexProvider");
+const logger$h = createLogger("CodexProvider");
 const REFRESH_WINDOW_MS = 5 * 60 * 1e3;
 const CODEX_BACKEND_BASE_URL = "https://chatgpt.com/backend-api/codex";
 const CODEX_CLIENT_VERSION = "0.129.0";
+function isRecord(value) {
+  return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+async function createCodexFunctionCallOutput(functionCall, availableToolNames, onChunk, onToolCall) {
+  const callId = functionCall.call_id || functionCall.id || "";
+  const name = functionCall.name || "";
+  if (!callId) {
+    return {
+      type: "function_call_output",
+      call_id: callId,
+      output: "Error: Function call was missing a call_id. Please retry the tool call."
+    };
+  }
+  if (!name || !availableToolNames.has(name)) {
+    onChunk(`
+<<tool:${name || "unknown"}:⚠ unsupported>>
+`);
+    return {
+      type: "function_call_output",
+      call_id: callId,
+      output: `Error: Unsupported tool${name ? `: ${name}` : ""}. Use one of the provided tools.`
+    };
+  }
+  let args;
+  try {
+    const parsed = JSON.parse(functionCall.arguments || "{}");
+    if (!isRecord(parsed)) throw new Error("Tool arguments must be a JSON object");
+    args = parsed;
+  } catch {
+    onChunk(`
+<<tool:${name}:⚠ invalid args>>
+`);
+    return {
+      type: "function_call_output",
+      call_id: callId,
+      output: "Error: Invalid JSON in tool arguments. Please retry with a valid JSON object."
+    };
+  }
+  const output = await onToolCall(name, args);
+  if (output === TERMINAL_TOOL_RESULT) {
+    return { terminal: true };
+  }
+  return {
+    type: "function_call_output",
+    call_id: callId,
+    output
+  };
+}
 class CodexProvider {
   agentToolProfile;
   tokens;
   model;
   abortController = null;
-  constructor(tokens, model, _baseUrl) {
+  constructor(tokens, model) {
     this.tokens = tokens;
     this.model = model;
     this.agentToolProfile = "default";
@@ -8898,7 +8959,7 @@ class CodexProvider {
   async ensureFreshTokens() {
     if (Date.now() < this.tokens.expiresAt - REFRESH_WINDOW_MS) return;
     try {
-      logger$f.info("Refreshing Codex access token");
+      logger$h.info("Refreshing Codex access token");
       const fresh = await refreshAccessToken(this.tokens);
       this.tokens = fresh;
       writeStoredCodexTokens(fresh);
@@ -8909,7 +8970,7 @@ class CodexProvider {
       );
     }
   }
-  backendHeaders() {
+  backendHeaders(turnState) {
     const headers = {
       Authorization: `Bearer ${this.tokens.accessToken}`,
       "Content-Type": "application/json",
@@ -8920,6 +8981,9 @@ class CodexProvider {
     if (this.tokens.accountId) {
       headers["ChatGPT-Account-ID"] = this.tokens.accountId;
     }
+    if (turnState) {
+      headers["x-codex-turn-state"] = turnState;
+    }
     return headers;
   }
   buildInput(userMessage, history) {
@@ -8928,7 +8992,7 @@ class CodexProvider {
       input.push({
         type: "message",
         role: msg.role,
-        content: [{ type: "input_text", text: msg.content }]
+        content: [{ type: msg.role === "assistant" ? "output_text" : "input_text", text: msg.content }]
       });
     }
     input.push({
@@ -8938,7 +9002,7 @@ class CodexProvider {
     });
     return input;
   }
-  handleStreamEvent(raw, onChunk, emittedTextFromDelta) {
+  handleStreamEvent(raw, onChunk, acc) {
     if (!raw.trim() || raw.trim() === "[DONE]") return;
     let event;
     try {
@@ -8947,13 +9011,28 @@ class CodexProvider {
       return;
     }
     if (event.type === "response.output_text.delta" && event.delta) {
-      emittedTextFromDelta.value = true;
+      acc.emittedTextFromDelta = true;
+      acc.text += event.delta;
       onChunk(event.delta);
       return;
     }
-    if (event.type === "response.output_item.done" && !emittedTextFromDelta.value) {
-      const text = event.item?.content?.filter((item) => item.type === "output_text" && item.text).map((item) => item.text).join("");
-      if (text) onChunk(text);
+    if (event.type === "response.function_call_arguments.delta" && event.delta) {
+      const key2 = event.call_id || event.item_id || "";
+      if (key2) {
+        acc.functionCallArgs.set(key2, (acc.functionCallArgs.get(key2) || "") + event.delta);
+      }
+      return;
+    }
+    if (event.type === "response.output_item.done" && event.item) {
+      const item = event.item;
+      if (item.type === "function_call") {
+        const key2 = item.call_id || item.id || "";
+        const args = acc.functionCallArgs.get(key2) || item.arguments || "";
+        acc.functionCallArgs.delete(key2);
+        acc.items.push({ ...item, arguments: args });
+      } else if (item.type === "message") {
+        acc.items.push(item);
+      }
       return;
     }
     if (event.type === "response.failed") {
@@ -8962,18 +9041,12 @@ class CodexProvider {
       throw new Error(message);
     }
   }
-  async streamCodexResponse(systemPrompt, userMessage, onChunk, history) {
+  async streamCodexResponse(requestBody, onChunk, turnState) {
     const response = await fetch(`${CODEX_BACKEND_BASE_URL}/responses`, {
       method: "POST",
-      headers: this.backendHeaders(),
+      headers: this.backendHeaders(turnState),
       signal: this.abortController?.signal,
-      body: JSON.stringify({
-        model: this.model,
-        instructions: systemPrompt,
-        input: this.buildInput(userMessage, history),
-        stream: true,
-        store: false
-      })
+      body: JSON.stringify(requestBody)
     });
     if (!response.ok) {
       const text = await response.text().catch(() => "");
@@ -8984,37 +9057,57 @@ class CodexProvider {
     if (!response.body) {
       throw new Error("Codex backend returned an empty response stream");
     }
+    const newTurnState = response.headers.get("x-codex-turn-state") || null;
     const reader = response.body.getReader();
-    const decoder = new TextDecoder();
-    let buffer = "";
-    const emittedTextFromDelta = { value: false };
-    while (true) {
-      const { value, done } = await reader.read();
-      if (done) break;
-      buffer += decoder.decode(value, { stream: true });
-      let separatorIndex;
-      while ((separatorIndex = buffer.indexOf("\n\n")) !== -1) {
-        const block = buffer.slice(0, separatorIndex);
-        buffer = buffer.slice(separatorIndex + 2);
-        const data = block.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
-        this.handleStreamEvent(data, onChunk, emittedTextFromDelta);
-      }
-    }
-    const trailing = buffer.trim();
-    if (trailing) {
-      const data = trailing.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
-      this.handleStreamEvent(data, onChunk, emittedTextFromDelta);
+    try {
+      const decoder = new TextDecoder();
+      let buffer = "";
+      const acc = {
+        text: "",
+        items: [],
+        emittedTextFromDelta: false,
+        functionCallArgs: /* @__PURE__ */ new Map()
+      };
+      while (true) {
+        const { value, done } = await reader.read();
+        if (done) break;
+        buffer += decoder.decode(value, { stream: true });
+        let separatorIndex;
+        while ((separatorIndex = buffer.indexOf("\n\n")) !== -1) {
+          const block = buffer.slice(0, separatorIndex);
+          buffer = buffer.slice(separatorIndex + 2);
+          const data = block.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
+          this.handleStreamEvent(data, onChunk, acc);
+        }
+      }
+      const trailing = buffer.trim();
+      if (trailing) {
+        const data = trailing.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
+        this.handleStreamEvent(data, onChunk, acc);
+      }
+      return { text: acc.text, items: acc.items, turnState: newTurnState };
+    } finally {
+      reader.releaseLock();
     }
   }
   async streamQuery(systemPrompt, userMessage, onChunk, onEnd, history) {
     await this.ensureFreshTokens();
     this.abortController = new AbortController();
     try {
-      await this.streamCodexResponse(systemPrompt, userMessage, onChunk, history);
+      await this.streamCodexResponse(
+        {
+          model: this.model,
+          instructions: systemPrompt,
+          input: this.buildInput(userMessage, history),
+          stream: true,
+          store: false
+        },
+        onChunk
+      );
     } catch (err) {
       if (err.name !== "AbortError") {
         const msg = err instanceof Error ? err.message : String(err);
-        logger$f.error("Codex streamQuery error:", err);
+        logger$h.error("Codex streamQuery error:", err);
         onChunk(`
 
 [Error: ${msg}]`);
@@ -9024,15 +9117,65 @@ class CodexProvider {
       onEnd();
     }
   }
-  async streamAgentQuery(systemPrompt, userMessage, _tools, onChunk, _onToolCall, onEnd, history) {
+  async streamAgentQuery(systemPrompt, userMessage, tools, onChunk, onToolCall, onEnd, history) {
     await this.ensureFreshTokens();
     this.abortController = new AbortController();
+    const maxIterations = getEffectiveMaxIterations();
+    const availableToolNames = new Set(tools.map((tool) => tool.name));
+    let iterationsUsed = 0;
+    const convertedTools = tools.map((tool) => ({
+      type: "function",
+      name: tool.name,
+      description: tool.description || "",
+      parameters: tool.input_schema
+    }));
+    let currentInput = this.buildInput(userMessage, history);
+    let turnState = null;
     try {
-      await this.streamCodexResponse(systemPrompt, userMessage, onChunk, history);
+      for (let i = 0; i < maxIterations; i++) {
+        iterationsUsed = i + 1;
+        const result = await this.streamCodexResponse(
+          {
+            model: this.model,
+            instructions: systemPrompt,
+            input: currentInput,
+            tools: convertedTools,
+            stream: true,
+            store: false
+          },
+          onChunk,
+          turnState || void 0
+        );
+        turnState = result.turnState || turnState;
+        const functionCalls = result.items.filter(
+          (item) => item.type === "function_call"
+        );
+        if (functionCalls.length === 0) {
+          break;
+        }
+        currentInput = [];
+        for (const fc of functionCalls) {
+          const output = await createCodexFunctionCallOutput(
+            fc,
+            availableToolNames,
+            onChunk,
+            onToolCall
+          );
+          if ("terminal" in output) {
+            return;
+          }
+          currentInput.push(output);
+        }
+      }
+      if (iterationsUsed >= maxIterations) {
+        onChunk(`
+
+[Reached maximum tool call limit (${maxIterations} steps). You can adjust this in Settings → Max Tool Iterations, or continue by sending another message.]`);
+      }
     } catch (err) {
       if (err.name !== "AbortError") {
         const msg = err instanceof Error ? err.message : String(err);
-        logger$f.error("Codex streamAgentQuery error:", err);
+        logger$h.error("Codex streamAgentQuery error:", err);
         onChunk(`
 
 [Error: ${msg}]`);
@@ -9112,11 +9255,11 @@ function buildLlamaCppCtxWarning(ctxSize) {
 }
 async function fetchCodexBackendModels(tokens) {
   const url = new URL("https://chatgpt.com/backend-api/codex/models");
-  url.searchParams.set("client_version", "0.129.0");
+  url.searchParams.set("client_version", CODEX_CLIENT_VERSION);
   const headers = {
     Authorization: `Bearer ${tokens.accessToken}`,
     originator: "codex_cli_rs",
-    "User-Agent": "codex_cli_rs/0.129.0 Vessel"
+    "User-Agent": `codex_cli_rs/${CODEX_CLIENT_VERSION} Vessel`
   };
   if (tokens.accountId) {
     headers["ChatGPT-Account-ID"] = tokens.accountId;
@@ -9219,12 +9362,12 @@ function createProvider(config) {
         "OpenAI Codex requires authentication. Open settings to connect your ChatGPT account."
       );
     }
-    return new CodexProvider(tokens, normalized.model, normalized.baseUrl);
+    return new CodexProvider(tokens, normalized.model);
   }
   return new OpenAICompatProvider(normalized);
 }
 const require$1 = node_module.createRequire(require("url").pathToFileURL(__filename).href);
-const logger$e = createLogger("DevTrace");
+const logger$g = createLogger("DevTrace");
 let cachedFactory;
 function createNoopTraceSession() {
   return {
@@ -9257,7 +9400,7 @@ function loadLocalFactory() {
         return cachedFactory;
       }
     } catch (err) {
-      logger$e.warn("Failed to load local trace logger:", err);
+      logger$g.warn("Failed to load local trace logger:", err);
     }
   }
   return cachedFactory;
@@ -13376,7 +13519,7 @@ function formatDeadLinkMessage(label, result) {
   const status = result.statusCode ? `HTTP ${result.statusCode}` : "dead link";
   return `Skipped stale link "${label}" because ${destination} returned ${status}. Try a different link or URL instead.`;
 }
-const logger$d = createLogger("Screenshot");
+const logger$f = createLogger("Screenshot");
 const SCREENSHOT_RETRY_COUNT = 3;
 const SCREENSHOT_RETRY_BASE_DELAY_MS = 120;
 async function captureScreenshot(wc) {
@@ -13398,7 +13541,7 @@ async function captureScreenshot(wc) {
         }
       }
     } catch (err) {
-      logger$d.debug(
+      logger$f.debug(
         `capturePage attempt ${attempt + 1} failed; retrying if attempts remain.`,
         getErrorMessage(err)
       );
@@ -14272,7 +14415,15 @@ function buildHuggingFaceSearchShortcut(currentUrl, rawQuery) {
     appliedFilters
   };
 }
-const logger$c = createLogger("PageActions");
+class TabMutex {
+  queue = Promise.resolve();
+  enqueue(fn) {
+    return new Promise((resolve, reject) => {
+      this.queue = this.queue.then(fn).then(resolve, reject);
+    });
+  }
+}
+const logger$e = createLogger("PageActions");
 function getBookmarkMetadataFromArgs(args) {
   return normalizeBookmarkMetadata({
     intent: args.intent ?? args.intent,
@@ -14458,7 +14609,7 @@ async function executePageScript(wc, script, options) {
     return result;
   } catch (err) {
     const label = options?.label ? ` (${options.label})` : "";
-    logger$c.warn(`Failed to execute page script${label}:`, err);
+    logger$e.warn(`Failed to execute page script${label}:`, err);
     return null;
   } finally {
     if (timer) {
@@ -14559,7 +14710,7 @@ Search results snapshot:
 ${truncated}`;
     }
   } catch (err) {
-    logger$c.warn("Failed to build post-search summary, falling back to nav summary:", err);
+    logger$e.warn("Failed to build post-search summary, falling back to nav summary:", err);
   }
   const fallback = await getPostNavSummary(wc);
   return fallback ? `${fallback}
@@ -14582,7 +14733,7 @@ Page snapshot after navigation:
 ${truncated}`;
     }
   } catch (err) {
-    logger$c.warn("Failed to build post-click navigation summary:", err);
+    logger$e.warn("Failed to build post-click navigation summary:", err);
   }
   return "";
 }
@@ -15076,7 +15227,7 @@ async function restoreLocaleSnapshot(wc, snapshot2) {
       }
     }
   } catch (err) {
-    logger$c.warn("Failed to restore locale via history navigation, trying URL reload fallback:", err);
+    logger$e.warn("Failed to restore locale via history navigation, trying URL reload fallback:", err);
   }
   if (snapshot2.url && snapshot2.url !== wc.getURL()) {
     try {
@@ -15085,7 +15236,7 @@ async function restoreLocaleSnapshot(wc, snapshot2) {
       await waitForLoad(wc, 3e3);
       return;
     } catch (err) {
-      logger$c.warn("Failed to restore locale via safe URL load, trying page reload fallback:", err);
+      logger$e.warn("Failed to restore locale via safe URL load, trying page reload fallback:", err);
     }
   }
   if (snapshot2.url) {
@@ -15093,7 +15244,7 @@ async function restoreLocaleSnapshot(wc, snapshot2) {
       await wc.reload();
       await waitForLoad(wc, 3e3);
     } catch (err) {
-      logger$c.warn("Failed to restore locale via page reload:", err);
+      logger$e.warn("Failed to restore locale via page reload:", err);
     }
   }
 }
@@ -15445,7 +15596,7 @@ ${postActivationOverlayHint}`;
           return `${clickText} -> ${hrefFallbackUrl} (recovered via href fallback)`;
         }
       } catch (err) {
-        logger$c.warn("Failed href fallback after click, returning generic click result:", err);
+        logger$e.warn("Failed href fallback after click, returning generic click result:", err);
       }
     }
   }
@@ -15490,7 +15641,7 @@ async function tryAutoDismissCartDialog(wc) {
       return result;
     }
   } catch (err) {
-    logger$c.warn("Failed to auto-dismiss cart dialog, falling back to dialog actions:", err);
+    logger$e.warn("Failed to auto-dismiss cart dialog, falling back to dialog actions:", err);
   }
   return null;
 }
@@ -17434,6 +17585,19 @@ const KNOWN_TOOLS = /* @__PURE__ */ new Set([
 ]);
 async function executeAction(name, args, ctx) {
   name = normalizeToolAlias(name);
+  if (ctx.tabId && ctx._tabMutex) {
+    return ctx._tabMutex.enqueue(async () => {
+      const prevActiveId = ctx.tabManager.getActiveTabId();
+      if (prevActiveId !== ctx.tabId) ctx.tabManager.switchTab(ctx.tabId);
+      try {
+        return await executeAction(name, args, { ...ctx, tabId: void 0, _tabMutex: void 0 });
+      } finally {
+        if (prevActiveId && prevActiveId !== ctx.tabId) {
+          ctx.tabManager.switchTab(prevActiveId);
+        }
+      }
+    });
+  }
   if (!KNOWN_TOOLS.has(name)) {
     for (const known of KNOWN_TOOLS) {
       if (name.startsWith(known) && name.length > known.length) {
@@ -17760,7 +17924,7 @@ async function executeAction(name, args, ctx) {
               )
             ]);
           } catch (err) {
-            logger$c.warn("Failed to extract content for read_page, falling back to lighter recovery:", err);
+            logger$e.warn("Failed to extract content for read_page, falling back to lighter recovery:", err);
             content = null;
           }
           if (!content || content.content.length === 0) {
@@ -17777,12 +17941,12 @@ async function executeAction(name, args, ctx) {
                     new Promise((resolve) => setTimeout(() => resolve(null), 3e3))
                   ]);
                 } catch (err) {
-                  logger$c.warn("Failed to re-extract content after iframe consent dismissal:", err);
+                  logger$e.warn("Failed to re-extract content after iframe consent dismissal:", err);
                   content = null;
                 }
               }
             } catch (err) {
-              logger$c.warn("Failed iframe consent dismissal during read_page recovery:", err);
+              logger$e.warn("Failed iframe consent dismissal during read_page recovery:", err);
             }
           }
           if (content && content.content.length > 0) {
@@ -18195,7 +18359,7 @@ ${flow.steps.map((s, i) => `  ${i === 0 ? "→" : " "} ${s.label}`).join("\n")}`
           try {
             page = await extractContent(wc);
           } catch (err) {
-            logger$c.warn("Failed to extract content for suggest:", err);
+            logger$e.warn("Failed to extract content for suggest:", err);
             return "Could not read page. Try navigate to a working URL.";
           }
           const suggestions = [];
@@ -18583,7 +18747,80 @@ WARNING: You have clicked ${clickStreakCount} elements on this page without veri
   }
   return formattedResult + await getPostActionState$1(ctx, name) + clickNavSummary + streakWarning + flowCtx;
 }
-async function handleAIQuery(query, provider, activeWebContents, onChunk, onEnd, tabManager, runtime2, history) {
+function buildOrchestratorSystemPrompt() {
+  return `You are the Research Captain of Vessel. You orchestrate deep research on behalf of the user.
+
+YOUR ROLE:
+You are accountable for the final Research Report. The report has YOUR name on it. You do not blindly accept sub-agent findings — you review, challenge, and demand more when needed. You are the captain, and the sub-agents are your crew.
+
+CORE PRINCIPLES:
+- You OWN the research question end-to-end. If the answer is insufficient, you dig deeper.
+- Every factual claim in your final report MUST be backed by a specific source URL and extracted quote. No citation = the claim does not survive synthesis.
+- You are authoritative but honest. Flag contradictions and gaps explicitly. Never invent to fill a hole.
+
+BRIEF PHASE:
+Your first job is to interview the user. Ask one question at a time, and for EVERY question you MUST provide 2–6 concrete answer choices as a bullet list so the user can click instead of typing. Cover:
+- What exactly do they want to know?
+- How deep? How many sources?
+- Who is the report for? Technical or layperson?
+- Any domains to prefer or avoid?
+- What does a good answer look like?
+
+If the user's question is vague, switch into EXPLORATION MODE: proactively suggest 2–3 concrete research angles they might be interested in. Help them discover what they actually want to know.
+
+Never ask a bare question without listed options. Every assistant turn must end with a question and concrete answer choices.
+
+You CANNOT navigate or use tools during the brief. The brief is dialogue only. When you are confident you have enough context, summarize what you heard and ask the user to confirm before moving to planning.
+
+PLANNING PHASE:
+After the brief is confirmed, produce a structured Research Objectives document with 2–5 independent threads. Each thread gets a specific question, suggested search queries, and a source budget. Present this as a clear, structured card for the user to review, edit, or approve.
+
+EXECUTION PHASE:
+Sub-agents run in parallel, each handling one thread. You monitor their progress. If a thread stalls or produces thin findings, rebalance — reassign effort, ask the sub-agent to dig deeper, or spawn a replacement.
+
+SYNTHESIS PHASE:
+Before writing the report, self-audit: "Do I have enough to answer the research question? Am I confident in every claim?" If not, request more from sub-agents.
+
+Write the report with:
+- An executive summary
+- One section per thread with sourced claims
+- Explicit contradictions and gaps
+- A numbered source index
+
+Never use emojis. Be concise. Be precise.`;
+}
+async function handleAIQuery(query, provider, activeWebContents, onChunk, onEnd, tabManager, runtime2, history, researchOrchestrator) {
+  if (researchOrchestrator) {
+    const researchState = researchOrchestrator.getState();
+    if (researchState.phase === "briefing" || researchState.phase === "planning") {
+      const isPlanning = researchState.phase === "planning";
+      const phaseInstruction = isPlanning ? "\n\nNow produce the Research Objectives based on the brief conversation above. Output them as a JSON object with researchQuestion, threads (array of {label, question, searchQueries, sourceBudget}), audience, reportOutline, and totalSourceBudget fields." : "\n\nContinue the briefing interview. You MUST end every assistant turn with one concise question AND 2–6 concrete answer choices formatted as bullet points (e.g. `- Option one`). Never ask a bare question without listed options. Each option should read like something the user could click as their answer. Do not browse, plan the report, or write a prose preamble.";
+      let fullResponse = "";
+      const wrappedOnChunk = (text) => {
+        fullResponse += text;
+        if (text) onChunk(text);
+      };
+      const wrappedOnEnd = () => {
+        if (isPlanning) {
+          const parsed = researchOrchestrator.parseAndSetObjectives(fullResponse);
+          if (!parsed) {
+            onChunk(
+              "\n\n[Failed to parse objectives. Please try confirming the brief again or refine your research question.]"
+            );
+          }
+        }
+        onEnd();
+      };
+      await provider.streamQuery(
+        buildOrchestratorSystemPrompt() + phaseInstruction,
+        query,
+        wrappedOnChunk,
+        wrappedOnEnd,
+        history
+      );
+      return;
+    }
+  }
   const lowerQuery = query.toLowerCase().trim();
   const isSummarize = lowerQuery.startsWith("summarize") || lowerQuery.startsWith("tldr") || lowerQuery === "summary";
   if (provider.streamAgentQuery && tabManager && activeWebContents && runtime2) {
@@ -19520,10 +19757,20 @@ Exception: ${result.exceptionDetails}`);
     }
   );
 }
-const logger$b = createLogger("VaultShared");
+const logger$d = createLogger("VaultShared");
 const ALGORITHM = "aes-256-gcm";
 const IV_LENGTH = 12;
 const AUTH_TAG_LENGTH = 16;
+const KEY_STORAGE_PREFIX = "base64:";
+function encodeEncryptionKeyForStorage(key2) {
+  return `${KEY_STORAGE_PREFIX}${key2.toString("base64")}`;
+}
+function decodeEncryptionKeyFromStorage(value) {
+  if (value.startsWith(KEY_STORAGE_PREFIX)) {
+    return Buffer.from(value.slice(KEY_STORAGE_PREFIX.length), "base64");
+  }
+  return Buffer.from(value, "utf-8");
+}
 function assertSecretStorageAvailable(customMessage) {
   if (!electron.safeStorage.isEncryptionAvailable()) {
     throw new Error(
@@ -19536,11 +19783,17 @@ function getOrCreateEncryptionKey(keyFilename) {
   const keyPath = path$1.join(electron.app.getPath("userData"), keyFilename);
   if (fs$1.existsSync(keyPath)) {
     const encryptedKey = fs$1.readFileSync(keyPath);
-    return Buffer.from(electron.safeStorage.decryptString(encryptedKey), "utf-8");
+    const key22 = decodeEncryptionKeyFromStorage(
+      electron.safeStorage.decryptString(encryptedKey)
+    );
+    if (key22.length !== 32) {
+      throw new Error("Stored vault encryption key has an invalid length.");
+    }
+    return key22;
   }
   const key2 = crypto$2.randomBytes(32);
   fs$1.mkdirSync(path$1.dirname(keyPath), { recursive: true });
-  const encrypted = electron.safeStorage.encryptString(key2.toString("utf-8"));
+  const encrypted = electron.safeStorage.encryptString(encodeEncryptionKeyForStorage(key2));
   fs$1.writeFileSync(keyPath, encrypted, { mode: 384 });
   fs$1.chmodSync(keyPath, 384);
   return key2;
@@ -19598,7 +19851,7 @@ function createVaultIO(vaultFilename, encrypt2, decrypt2) {
       cachedEntries = JSON.parse(json);
       return cachedEntries;
     } catch (err) {
-      logger$b.error("Failed to load vault:", err);
+      logger$d.error("Failed to load vault:", err);
       throw new Error("Could not unlock the vault. Check OS secret storage availability.");
     }
   }
@@ -19607,7 +19860,7 @@ function createVaultIO(vaultFilename, encrypt2, decrypt2) {
     const encrypted = encrypt2(json);
     const vaultPath = getVaultPath();
     fs$1.mkdirSync(path$1.dirname(vaultPath), { recursive: true });
-    fs$1.writeFileSync(vaultPath, encrypted);
+    fs$1.writeFileSync(vaultPath, encrypted, { mode: 384 });
     fs$1.chmodSync(vaultPath, 384);
     cachedEntries = entries;
   }
@@ -19663,17 +19916,25 @@ function createAuditLog(filename, maxEntries) {
     try {
       const auditPath = getAuditPath2();
       fs$1.mkdirSync(path$1.dirname(auditPath), { recursive: true });
-      fs$1.appendFileSync(auditPath, JSON.stringify(entry) + "\n");
+      fs$1.appendFileSync(auditPath, JSON.stringify(entry) + "\n", {
+        encoding: "utf-8",
+        mode: 384
+      });
+      fs$1.chmodSync(auditPath, 384);
       try {
         const lines = fs$1.readFileSync(auditPath, "utf-8").split("\n").filter((l) => l.trim());
         if (lines.length > maxEntries) {
           const trimmed = lines.slice(-maxEntries);
-          fs$1.writeFileSync(auditPath, trimmed.join("\n") + "\n");
+          fs$1.writeFileSync(auditPath, trimmed.join("\n") + "\n", {
+            encoding: "utf-8",
+            mode: 384
+          });
+          fs$1.chmodSync(auditPath, 384);
         }
       } catch {
       }
     } catch (err) {
-      logger$b.error("Failed to write audit log:", err);
+      logger$d.error("Failed to write audit log:", err);
     }
   }
   function readAuditLog2(limit = 100) {
@@ -19683,7 +19944,7 @@ function createAuditLog(filename, maxEntries) {
       const lines = fs$1.readFileSync(auditPath, "utf-8").split("\n").filter((l) => l.trim());
       return lines.slice(-Math.min(limit, maxEntries)).map((line) => JSON.parse(line)).reverse();
     } catch (err) {
-      logger$b.error("Failed to read audit log:", err);
+      logger$d.error("Failed to read audit log:", err);
       return [];
     }
   }
@@ -19787,7 +20048,7 @@ async function requestConsent(request) {
 }
 const AUDIT_FILENAME = "vessel-vault-audit.jsonl";
 const MAX_ENTRIES = 1e3;
-const logger$a = createLogger("VaultAudit");
+const logger$c = createLogger("VaultAudit");
 function getAuditPath() {
   return path$1.join(electron.app.getPath("userData"), AUDIT_FILENAME);
 }
@@ -19795,9 +20056,13 @@ function appendAuditEntry(entry) {
   try {
     const auditPath = getAuditPath();
     fs$1.mkdirSync(path$1.dirname(auditPath), { recursive: true });
-    fs$1.appendFileSync(auditPath, JSON.stringify(entry) + "\n");
+    fs$1.appendFileSync(auditPath, JSON.stringify(entry) + "\n", {
+      encoding: "utf-8",
+      mode: 384
+    });
+    fs$1.chmodSync(auditPath, 384);
   } catch (err) {
-    logger$a.error("Failed to write audit log:", err);
+    logger$c.error("Failed to write audit log:", err);
   }
 }
 function readAuditLog$1(limit = 100) {
@@ -19807,7 +20072,7 @@ function readAuditLog$1(limit = 100) {
     const lines = fs$1.readFileSync(auditPath, "utf-8").split("\n").filter((l) => l.trim());
     return lines.slice(-Math.min(limit, MAX_ENTRIES)).map((line) => JSON.parse(line)).reverse();
   } catch (err) {
-    logger$a.error("Failed to read audit log:", err);
+    logger$c.error("Failed to read audit log:", err);
     return [];
   }
 }
@@ -19975,7 +20240,7 @@ async function requestHumanVaultConsent(request) {
 }
 let httpServer = null;
 let mcpAuthToken = null;
-const logger$9 = createLogger("MCP");
+const logger$b = createLogger("MCP");
 const MCP_AUTH_FILENAME = "mcp-auth.json";
 function getMcpAuthFilePath() {
   const configDir = process.env.VESSEL_CONFIG_DIR || path$1.join(
@@ -20012,7 +20277,7 @@ function writeMcpAuthFile(endpoint, token) {
     );
     fs$1.chmodSync(filePath2, 384);
   } catch (err) {
-    logger$9.warn("Failed to write auth file:", err);
+    logger$b.warn("Failed to write auth file:", err);
   }
 }
 function clearMcpAuthFile() {
@@ -20038,7 +20303,7 @@ function clearMcpAuthFile() {
     );
     fs$1.chmodSync(filePath2, 384);
   } catch (err) {
-    logger$9.warn("Failed to clear auth file:", err);
+    logger$b.warn("Failed to clear auth file:", err);
   }
 }
 function regenerateMcpAuthToken() {
@@ -20075,7 +20340,7 @@ function isDangerousMcpAction(name) {
 }
 function requiresExplicitMcpApproval(name, args) {
   if (name === "delete_session" || name === "close_tab" || name === "load_session") return true;
-  if (name === "remove_folder" && args.delete_contents === true) return true;
+  if (name === "remove_bookmark_folder" && args.delete_contents === true) return true;
   return false;
 }
 function getActiveTabSummary(tabManager) {
@@ -20140,7 +20405,7 @@ async function getPostActionState(tabManager, name) {
         }
       }
     } catch (err) {
-      logger$9.warn("Failed to compute post-action state warning:", err);
+      logger$b.warn("Failed to compute post-action state warning:", err);
     }
     return `${warning}
 [state: url=${wc.getURL()}, canGoBack=${tab.canGoBack()}, canGoForward=${tab.canGoForward()}, loading=${wc.isLoading()}]`;
@@ -20243,7 +20508,7 @@ async function waitForConditionMcp(wc, text, selector, timeoutMs) {
         }
       })()
     `).catch((err) => {
-      logger$9.warn("Failed to gather wait_for timeout diagnostic:", err);
+      logger$b.warn("Failed to gather wait_for timeout diagnostic:", err);
       return null;
     });
     if (typeof diagnostic === "string" && diagnostic.trim()) {
@@ -20330,7 +20595,7 @@ function registerTools(server, tabManager, runtime2) {
           const page = await extractContent(wc);
           pageType = detectPageType(page);
         } catch (err) {
-          logger$9.warn("Failed to detect page type for tool scoring, falling back to GENERAL:", err);
+          logger$b.warn("Failed to detect page type for tool scoring, falling back to GENERAL:", err);
         }
       }
       const scored = TOOL_DEFINITIONS.map((def) => {
@@ -21728,7 +21993,7 @@ ${JSON.stringify(otherHighlights, null, 2)}`
             void 0,
             h.color
           ).catch(
-            (err) => logger$9.warn("Failed to restore highlight after removal:", err)
+            (err) => logger$b.warn("Failed to restore highlight after removal:", err)
           );
         }
       }
@@ -22576,7 +22841,7 @@ ${flow.steps.map((s, i) => `  ${i === 0 ? "→" : " "} ${s.label}`).join("\n")}`
       try {
         page = await extractContent(wc);
       } catch (err) {
-        logger$9.warn("Failed to extract page while generating suggestions:", err);
+        logger$b.warn("Failed to extract page while generating suggestions:", err);
         return asTextResponse(
           "Could not read page. Try navigate to a working URL."
         );
@@ -23185,7 +23450,7 @@ ${JSON.stringify(tableJson, null, 2)}`;
         try {
           targetDomain = new URL(tab.state.url).hostname;
         } catch (err) {
-          logger$9.warn("Failed to parse active tab URL for vault_status:", err);
+          logger$b.warn("Failed to parse active tab URL for vault_status:", err);
           return asErrorTextResponse("Could not parse active tab URL");
         }
       }
@@ -23251,7 +23516,7 @@ Use vault_login to fill the login form. Credentials are filled directly — you
       try {
         hostname = new URL(tab.state.url).hostname;
       } catch (err) {
-        logger$9.warn("Failed to parse active tab URL for vault_login:", err);
+        logger$b.warn("Failed to parse active tab URL for vault_login:", err);
         return asErrorTextResponse("Could not parse active tab URL");
       }
       const matches = findEntriesForDomain(`https://${hostname}`);
@@ -23345,7 +23610,7 @@ Use vault_login to fill the login form. Credentials are filled directly — you
       try {
         hostname = new URL(tab.state.url).hostname;
       } catch (err) {
-        logger$9.warn("Failed to parse active tab URL for vault_totp:", err);
+        logger$b.warn("Failed to parse active tab URL for vault_totp:", err);
         return asErrorTextResponse("Could not parse active tab URL");
       }
       const matches = findEntriesForDomain(`https://${hostname}`);
@@ -23685,7 +23950,7 @@ function startMcpServer(tabManager, runtime2, port) {
         await mcpServer.connect(transport);
         await transport.handleRequest(req, res);
       } catch (error) {
-        logger$9.error("Error handling request:", error);
+        logger$b.error("Error handling request:", error);
         if (!res.headersSent) {
           res.writeHead(500, { "Content-Type": "application/json" });
           res.end(
@@ -23704,7 +23969,7 @@ function startMcpServer(tabManager, runtime2, port) {
     };
     server.once("error", (error) => {
       const message = error.code === "EADDRINUSE" ? `Port ${port} is already in use. MCP server not started.` : error.message;
-      logger$9.error("Server error:", error);
+      logger$b.error("Server error:", error);
       clearMcpAuthFile();
       setMcpHealth({
         configuredPort: port,
@@ -23736,7 +24001,7 @@ function startMcpServer(tabManager, runtime2, port) {
         message: `MCP server listening on ${endpoint}.`
       });
       if (process.env.VESSEL_DEBUG_MCP === "1" || process.env.VESSEL_DEBUG_MCP === "true") {
-        logger$9.info(`Server listening on ${endpoint} (auth enabled)`);
+        logger$b.info(`Server listening on ${endpoint} (auth enabled)`);
       }
       if (mcpAuthToken) {
         writeMcpAuthFile(endpoint, mcpAuthToken);
@@ -23775,7 +24040,7 @@ function stopMcpServer() {
         message: "MCP server is stopped."
       });
       if (process.env.VESSEL_DEBUG_MCP === "1" || process.env.VESSEL_DEBUG_MCP === "true") {
-        logger$9.info("Server stopped");
+        logger$b.info("Server stopped");
       }
       resolve();
     });
@@ -23796,7 +24061,7 @@ const KIT_ID_UNSAFE_CHAR_PATTERN = /[\/\\\0]/;
 function isSafeAutomationKitId(id) {
   return id.length > 0 && !KIT_ID_UNSAFE_CHAR_PATTERN.test(id);
 }
-const logger$8 = createLogger("KitRegistry");
+const logger$a = createLogger("KitRegistry");
 function getUserKitsDir() {
   return path$1.join(electron.app.getPath("userData"), "kits");
 }
@@ -23834,10 +24099,10 @@ function getInstalledKits() {
       if (isValidKit(parsed)) {
         kits.push(parsed);
       } else {
-        logger$8.warn(`Skipping invalid kit file: ${file}`);
+        logger$a.warn(`Skipping invalid kit file: ${file}`);
       }
     } catch (err) {
-      logger$8.warn(`Failed to read kit file: ${file}`, err);
+      logger$a.warn(`Failed to read kit file: ${file}`, err);
     }
   }
   return kits;
@@ -23909,7 +24174,44 @@ function uninstallKit(id, scheduledKitIds) {
     return errorResult("Failed to remove the kit file.");
   }
 }
-const logger$7 = createLogger("Scheduler");
+const trustedIpcSenderIds = /* @__PURE__ */ new Set();
+function registerTrustedIpcSender(wc) {
+  trustedIpcSenderIds.add(wc.id);
+  wc.once("destroyed", () => trustedIpcSenderIds.delete(wc.id));
+}
+function assertTrustedIpcSender(event) {
+  if (!trustedIpcSenderIds.has(event.sender.id)) {
+    throw new Error("Blocked IPC from untrusted renderer");
+  }
+}
+function isManagedTabIpcSender(event, tabManager) {
+  return Boolean(tabManager.findTabByWebContentsId(event.sender.id));
+}
+function assertString(value, name) {
+  if (typeof value !== "string") throw new Error(`${name} must be a string`);
+}
+function assertOptionalString(value, name) {
+  if (value !== void 0 && typeof value !== "string") {
+    throw new Error(`${name} must be a string`);
+  }
+}
+function assertNumber(value, name) {
+  if (typeof value !== "number" || Number.isNaN(value)) {
+    throw new Error(`${name} must be a number`);
+  }
+}
+const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+function isValidEmail(value) {
+  return EMAIL_RE.test(value.trim());
+}
+function getActiveTabInfo(tabManager) {
+  const tab = tabManager.getActiveTab();
+  if (!tab) return null;
+  const wc = tab.view.webContents;
+  if (wc.isDestroyed()) return null;
+  return { tab, wc };
+}
+const logger$9 = createLogger("Scheduler");
 let jobs = [];
 let removeIdleListener = null;
 let broadcastFn = null;
@@ -23932,9 +24234,15 @@ function loadJobs() {
 }
 function saveJobs() {
   try {
-    fs$1.writeFileSync(getJobsPath(), JSON.stringify(jobs, null, 2), "utf-8");
+    const jobsPath = getJobsPath();
+    fs$1.mkdirSync(path$1.dirname(jobsPath), { recursive: true });
+    fs$1.writeFileSync(jobsPath, JSON.stringify(jobs, null, 2), {
+      encoding: "utf-8",
+      mode: 384
+    });
+    fs$1.chmodSync(jobsPath, 384);
   } catch (err) {
-    logger$7.warn("Failed to save jobs:", err);
+    logger$9.warn("Failed to save jobs:", err);
   }
 }
 function normalizeJob(job, now = /* @__PURE__ */ new Date()) {
@@ -24056,7 +24364,7 @@ async function fireJob(job, windowState, runtime2) {
   };
   startActivity();
   if (!settings2.chatProvider) {
-    logger$7.warn(`Job "${job.kitName}" skipped — no chat provider configured`);
+    logger$9.warn(`Job "${job.kitName}" skipped — no chat provider configured`);
     appendActivity(
       "Chat provider not configured. Open Settings (Ctrl+,) to choose a provider."
     );
@@ -24064,7 +24372,7 @@ async function fireJob(job, windowState, runtime2) {
     return;
   }
   if (process.env.VESSEL_DEBUG_SCHEDULER === "1" || process.env.VESSEL_DEBUG_SCHEDULER === "true") {
-    logger$7.info(`Firing scheduled job: ${job.kitName} (${job.id})`);
+    logger$9.info(`Firing scheduled job: ${job.kitName} (${job.id})`);
   }
   try {
     const provider = createProvider(settings2.chatProvider);
@@ -24117,7 +24425,7 @@ function tick(windowState, runtime2) {
     saveJobs();
     broadcastFn?.(Channels.SCHEDULE_JOBS_UPDATE, jobs);
     void fireJob(job, windowState, runtime2).catch((err) => {
-      logger$7.warn("Unexpected error firing job:", err);
+      logger$9.warn("Unexpected error firing job:", err);
     }).finally(fireNext);
   };
   fireNext();
@@ -24136,8 +24444,12 @@ function registerScheduleHandlers(windowState, runtime2, sendToAll) {
     tick(windowState, runtime2);
     setInterval(() => tick(windowState, runtime2), 6e4);
   }, msToNextMinute);
-  electron.ipcMain.handle(Channels.SCHEDULE_GET_ALL, () => jobs);
-  electron.ipcMain.handle(Channels.SCHEDULE_CREATE, (_, rawJob) => {
+  electron.ipcMain.handle(Channels.SCHEDULE_GET_ALL, (event) => {
+    assertTrustedIpcSender(event);
+    return jobs;
+  });
+  electron.ipcMain.handle(Channels.SCHEDULE_CREATE, (event, rawJob) => {
+    assertTrustedIpcSender(event);
     if (!isValidJobData(rawJob)) {
       throw new Error(
         "Invalid job data. Required: kitId, kitName, kitIcon, renderedPrompt, schedule, enabled."
@@ -24154,7 +24466,8 @@ function registerScheduleHandlers(windowState, runtime2, sendToAll) {
     sendToAll(Channels.SCHEDULE_JOBS_UPDATE, jobs);
     return newJob;
   });
-  electron.ipcMain.handle(Channels.SCHEDULE_UPDATE, (_, id, updates) => {
+  electron.ipcMain.handle(Channels.SCHEDULE_UPDATE, (event, id, updates) => {
+    assertTrustedIpcSender(event);
     if (typeof id !== "string") throw new Error("id must be a string");
     const job = jobs.find((j) => j.id === id);
     if (!job) return null;
@@ -24180,7 +24493,8 @@ function registerScheduleHandlers(windowState, runtime2, sendToAll) {
     sendToAll(Channels.SCHEDULE_JOBS_UPDATE, jobs);
     return job;
   });
-  electron.ipcMain.handle(Channels.SCHEDULE_DELETE, (_, id) => {
+  electron.ipcMain.handle(Channels.SCHEDULE_DELETE, (event, id) => {
+    assertTrustedIpcSender(event);
     if (typeof id !== "string") throw new Error("id must be a string");
     const before = jobs.length;
     jobs = jobs.filter((j) => j.id !== id);
@@ -24190,40 +24504,6 @@ function registerScheduleHandlers(windowState, runtime2, sendToAll) {
     return true;
   });
 }
-const trustedIpcSenderIds = /* @__PURE__ */ new Set();
-function registerTrustedIpcSender(wc) {
-  trustedIpcSenderIds.add(wc.id);
-  wc.once("destroyed", () => trustedIpcSenderIds.delete(wc.id));
-}
-function assertTrustedIpcSender(event) {
-  if (!trustedIpcSenderIds.has(event.sender.id)) {
-    throw new Error("Blocked IPC from untrusted renderer");
-  }
-}
-function assertString(value, name) {
-  if (typeof value !== "string") throw new Error(`${name} must be a string`);
-}
-function assertOptionalString(value, name) {
-  if (value !== void 0 && typeof value !== "string") {
-    throw new Error(`${name} must be a string`);
-  }
-}
-function assertNumber(value, name) {
-  if (typeof value !== "number" || Number.isNaN(value)) {
-    throw new Error(`${name} must be a number`);
-  }
-}
-const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
-function isValidEmail(value) {
-  return EMAIL_RE.test(value.trim());
-}
-function getActiveTabInfo(tabManager) {
-  const tab = tabManager.getActiveTab();
-  if (!tab) return null;
-  const wc = tab.view.webContents;
-  if (wc.isDestroyed()) return null;
-  return { tab, wc };
-}
 const SAVE_DEBOUNCE_MS = 250;
 const PROFILE_FIELDS = [
   "label",
@@ -24563,24 +24843,29 @@ function sanitizeAutofillUpdates(value) {
   return updates;
 }
 function registerAutofillHandlers(windowState) {
-  electron.ipcMain.handle(Channels.AUTOFILL_LIST, () => {
+  electron.ipcMain.handle(Channels.AUTOFILL_LIST, (event) => {
+    assertTrustedIpcSender(event);
     return listProfiles();
   });
   electron.ipcMain.handle(
     Channels.AUTOFILL_ADD,
-    (_, profile) => {
+    (event, profile) => {
+      assertTrustedIpcSender(event);
       return addProfile(sanitizeAutofillProfile(profile));
     }
   );
-  electron.ipcMain.handle(Channels.AUTOFILL_UPDATE, (_, id, updates) => {
+  electron.ipcMain.handle(Channels.AUTOFILL_UPDATE, (event, id, updates) => {
+    assertTrustedIpcSender(event);
     assertString(id, "id");
     return updateProfile(id, sanitizeAutofillUpdates(updates));
   });
-  electron.ipcMain.handle(Channels.AUTOFILL_DELETE, (_, id) => {
+  electron.ipcMain.handle(Channels.AUTOFILL_DELETE, (event, id) => {
+    assertTrustedIpcSender(event);
     assertString(id, "id");
     return deleteProfile(id);
   });
-  electron.ipcMain.handle(Channels.AUTOFILL_FILL, async (_, profileId) => {
+  electron.ipcMain.handle(Channels.AUTOFILL_FILL, async (event, profileId) => {
+    assertTrustedIpcSender(event);
     assertString(profileId, "profileId");
     const profile = getProfile(profileId);
     if (!profile) throw new Error("Profile not found");
@@ -24650,27 +24935,800 @@ function registerPageDiffHandlers(windowState, sendToRendererViews) {
   electron.ipcMain.on(Channels.PAGE_DIFF_ACTIVITY, (event) => {
     const wc = event.sender;
     if (!wc || wc.isDestroyed()) return;
+    if (!isManagedTabIpcSender(event, windowState.tabManager)) return;
     if (!allowPageEvent(wc.id)) return;
     notePageMutationActivity(wc, sendToRendererViews);
   });
   electron.ipcMain.on(Channels.PAGE_DIFF_DIRTY, (event) => {
     const wc = event.sender;
     if (!wc || wc.isDestroyed()) return;
+    if (!isManagedTabIpcSender(event, windowState.tabManager)) return;
     if (!allowPageEvent(wc.id)) return;
     schedulePageSnapshotCapture(wc, sendToRendererViews);
   });
 }
-function registerVaultHandlers() {
-  electron.ipcMain.handle(Channels.VAULT_LIST, (event) => {
-    assertTrustedIpcSender(event);
-    return listEntries$1();
+function renderReportAsMarkdown(report, traces) {
+  const sections = [];
+  sections.push(`# ${report.title}`);
+  sections.push("");
+  sections.push(`*Generated: ${report.generatedAt}*`);
+  sections.push("");
+  sections.push("## Executive Summary");
+  sections.push(report.executiveSummary);
+  sections.push("");
+  for (const section of report.findingsByThread) {
+    sections.push(`## ${section.threadLabel}`);
+    sections.push(section.content);
+    sections.push("");
+  }
+  if (report.contradictions.length > 0) {
+    sections.push("## Contradictions & Discrepancies");
+    for (const c of report.contradictions) {
+      sections.push(`- **Claim:** ${c.claim}`);
+      sections.push(`  - Source A: [${c.sourceA.url}](${c.sourceA.url}) — "${c.sourceA.claim}"`);
+      sections.push(`  - Source B: [${c.sourceB.url}](${c.sourceB.url}) — "${c.sourceB.claim}"`);
+      sections.push(`  - **Resolution:** ${c.resolution}`);
+    }
+    sections.push("");
+  }
+  if (report.gaps.length > 0) {
+    sections.push("## Gaps & Unanswered Questions");
+    for (const gap of report.gaps) {
+      sections.push(`- ${gap}`);
+    }
+    sections.push("");
+  }
+  sections.push("## Source Index");
+  for (const source of report.sourceIndex) {
+    sections.push(
+      `${source.index}. [${source.title}](${source.url}) — accessed ${source.accessedAt}`
+    );
+    sections.push(`   > "${source.supportingQuote}"`);
+  }
+  sections.push("");
+  if (traces && traces.length > 0) {
+    sections.push("---");
+    sections.push("");
+    sections.push("## Appendix: Agent Traces");
+    for (const trace of traces) {
+      sections.push(`### ${trace.threadLabel}`);
+      sections.push(`Started: ${trace.startedAt} | Finished: ${trace.finishedAt}`);
+      sections.push(`Tool calls: ${trace.toolCalls.length}`);
+      if (trace.errors.length > 0) {
+        sections.push(`Errors: ${trace.errors.length}`);
+        for (const err of trace.errors) {
+          sections.push(`- [${err.timestamp}] ${err.message}`);
+        }
+      }
+      sections.push("");
+    }
+  }
+  return sections.join("\n");
+}
+const logger$8 = createLogger("ResearchIPC");
+function registerResearchHandlers(getOrchestrator) {
+  electron.ipcMain.handle(Channels.RESEARCH_STATE_GET, () => {
+    return getOrchestrator().getState();
   });
   electron.ipcMain.handle(
-    Channels.VAULT_ADD,
-    (event, entry) => {
-      assertTrustedIpcSender(event);
-      if (!entry || typeof entry !== "object") {
-        throw new Error("Invalid vault entry");
+    Channels.RESEARCH_START_BRIEF,
+    async (_event, query) => {
+      try {
+        const trimmedQuery = query.trim();
+        if (!trimmedQuery) {
+          return { accepted: false, reason: "error" };
+        }
+        if (getOrchestrator().getState().phase !== "idle") {
+          return { accepted: false, reason: "busy" };
+        }
+        await getOrchestrator().startBrief(trimmedQuery);
+        return { accepted: true };
+      } catch (err) {
+        logger$8.error("RESEARCH_START_BRIEF failed", err);
+        return { accepted: false, reason: "error" };
+      }
+    }
+  );
+  electron.ipcMain.handle(Channels.RESEARCH_CONFIRM_BRIEF, () => {
+    try {
+      if (isToolGated("research_confirm_brief")) {
+        return { accepted: false, reason: "premium" };
+      }
+      const orchestrator = getOrchestrator();
+      if (orchestrator.getState().phase !== "briefing") {
+        return { accepted: false, reason: "error" };
+      }
+      orchestrator.confirmBrief();
+      return { accepted: true };
+    } catch (err) {
+      logger$8.error("RESEARCH_CONFIRM_BRIEF failed", err);
+      return { accepted: false, reason: "error" };
+    }
+  });
+  electron.ipcMain.handle(
+    Channels.RESEARCH_APPROVE_OBJECTIVES,
+    (_event, options) => {
+      try {
+        if (isToolGated("research_approve_objectives")) {
+          return { accepted: false, reason: "premium" };
+        }
+        const orchestrator = getOrchestrator();
+        const state2 = orchestrator.getState();
+        if (state2.phase !== "awaiting_approval" || !state2.objectives) {
+          return { accepted: false, reason: "error" };
+        }
+        orchestrator.approveObjectives(
+          options.supervisionMode,
+          options.includeTraces
+        );
+        orchestrator.executeSubAgents().catch((err) => {
+          logger$8.error("Background sub-agent execution failed", err);
+        });
+        return { accepted: true };
+      } catch (err) {
+        logger$8.error("RESEARCH_APPROVE_OBJECTIVES failed", err);
+        return { accepted: false, reason: "error" };
+      }
+    }
+  );
+  electron.ipcMain.handle(
+    Channels.RESEARCH_SET_MODE,
+    (_event, mode) => {
+      getOrchestrator().setSupervisionMode(mode);
+    }
+  );
+  electron.ipcMain.handle(
+    Channels.RESEARCH_SET_TRACES,
+    (_event, include) => {
+      getOrchestrator().setIncludeTraces(include);
+    }
+  );
+  electron.ipcMain.handle(Channels.RESEARCH_CANCEL, () => {
+    getOrchestrator().cancel();
+  });
+  electron.ipcMain.handle(Channels.RESEARCH_EXPORT_REPORT, async () => {
+    try {
+      if (isToolGated("research_export_report")) {
+        return { accepted: false, reason: "premium" };
+      }
+      const state2 = getOrchestrator().getState();
+      if (!state2.report) {
+        return { accepted: false, reason: "error", error: "No report to export" };
+      }
+      const markdown = renderReportAsMarkdown(
+        state2.report,
+        state2.includeTraces ? state2.subAgentTraces : void 0
+      );
+      const { filePath: filePath2, canceled } = await electron.dialog.showSaveDialog({
+        title: "Export Research Report",
+        defaultPath: `${state2.report.title.replace(/[^a-zA-Z0-9 _-]/g, "")}.md`,
+        filters: [
+          { name: "Markdown", extensions: ["md"] },
+          { name: "All Files", extensions: ["*"] }
+        ]
+      });
+      if (canceled || !filePath2) {
+        return { accepted: false, reason: "cancelled" };
+      }
+      await promises.writeFile(filePath2, markdown, "utf-8");
+      return { accepted: true, savedPath: filePath2 };
+    } catch (err) {
+      logger$8.error("RESEARCH_EXPORT_REPORT failed", err);
+      return { accepted: false, reason: "error" };
+    }
+  });
+}
+function buildSubAgentSystemPrompt(thread) {
+  const domainBlock = thread.blockedDomains.length > 0 ? `
+BLOCKED DOMAINS (never visit): ${thread.blockedDomains.join(", ")}` : "";
+  const domainPref = thread.preferredDomains.length > 0 ? `
+PREFERRED DOMAINS: ${thread.preferredDomains.join(", ")}` : "";
+  return `You are a Vessel research sub-agent assigned to a specific thread.
+
+YOUR MISSION: ${thread.question}
+
+SEARCH QUERIES TO START WITH:
+${thread.searchQueries.map((q) => `- ${q}`).join("\n")}${domainPref}${domainBlock}
+
+SOURCE BUDGET: You may visit up to ${thread.sourceBudget} sources. Do not exceed this unless the captain explicitly increases it.
+
+RULES:
+1. Every finding you report MUST include the source URL and the verbatim extracted quote that supports it.
+2. Never fabricate. If you cannot find an answer, say so.
+3. Stay on your thread. Do not wander into other research angles.
+4. Report findings incrementally. After visiting each source, report what you found.
+5. If a page is behind a paywall or requires login, note it and move on.
+6. Prefer primary sources over secondary commentary.
+7. Do not use emojis.
+
+When done, report a summary of your execution: pages visited, useful sources found, discarded sources, any errors.`;
+}
+function buildSynthesisPrompt(objectives, findings) {
+  const findingsBlock = findings.map(
+    (f) => `
+### Thread: ${f.threadLabel}
+Question: ${f.threadQuestion}
+Execution: ${f.executionSummary}
+
+Claims:
+${f.claims.map(
+      (c, i) => `${i + 1}. ${c.claim}
+   Source: ${c.sourceUrl}
+   Title: ${c.sourceTitle}
+   Accessed: ${c.extractedAt}
+   Quote: "${c.extractedQuote}"
+   Relevance: ${c.relevanceNote}`
+    ).join("\n")}
+
+${f.discardedSources.length > 0 ? `Discarded sources:
+${f.discardedSources.map((d) => `- ${d.url}: ${d.reason}`).join("\n")}` : ""}`
+  ).join("\n\n---\n");
+  return `Synthesize the following research findings into a structured JSON Research Report.
+
+RESEARCH QUESTION: ${objectives.researchQuestion}
+AUDIENCE: ${objectives.audience}
+EXPECTED OUTLINE:
+${objectives.reportOutline.map((s) => `- ${s}`).join("\n")}
+
+FINDINGS:
+${findingsBlock}
+
+Return ONLY valid JSON — no markdown, no code fences, no commentary. The JSON object must have these exact fields:
+
+{
+  "title": "Report title (string)",
+  "executiveSummary": "2-3 paragraph answer to the research question",
+  "findingsByThread": [
+    { "threadLabel": "Label", "content": "Section content with claims and numbered citations [1], [2], etc." }
+  ],
+  "contradictions": [
+    {
+      "claim": "The disputed claim",
+      "sourceA": { "url": "https://...", "claim": "What source A says" },
+      "sourceB": { "url": "https://...", "claim": "What source B says" },
+      "resolution": "How to resolve the contradiction (or why it cannot be resolved)"
+    }
+  ],
+  "gaps": ["Gap or unanswered question 1", "Gap 2"],
+  "sourceIndex": [
+    {
+      "index": 1,
+      "url": "https://...",
+      "title": "Page title",
+      "accessedAt": "ISO timestamp from claim metadata",
+      "supportingQuote": "Verbatim quote from the claim"
+    }
+  ]
+}
+
+RULES:
+1. Every factual claim MUST cite its source using the numbered index format [1], [2], etc.
+2. The sourceIndex numbers must correspond to the [n] citations in the text.
+3. Do not invent anything. Only use claims from the findings above.
+4. Omit empty arrays entirely (contradictions, gaps) — do not include "contradictions": [] if there are none.
+5. Do not use emojis.`;
+}
+const logger$7 = createLogger("ResearchOrchestrator");
+const MAX_THREADS = 5;
+function clone$1(value) {
+  return structuredClone(value);
+}
+class ResearchOrchestrator {
+  constructor(provider, tabManager, runtime2) {
+    this.provider = provider;
+    this.tabManager = tabManager;
+    this.runtime = runtime2;
+    this.state = this.initialState();
+  }
+  provider;
+  tabManager;
+  runtime;
+  state;
+  updateListener = null;
+  // ── state access ──────────────────────────────────────────────
+  initialState() {
+    return {
+      phase: "idle",
+      supervisionMode: "interactive",
+      includeTraces: false,
+      objectives: null,
+      threads: [],
+      threadFindings: [],
+      report: null,
+      subAgentTraces: [],
+      error: null,
+      startedAt: null,
+      originalQuery: null
+    };
+  }
+  getState() {
+    return clone$1(this.state);
+  }
+  setUpdateListener(listener) {
+    this.updateListener = listener;
+    if (listener) listener(this.getState());
+  }
+  emit() {
+    if (this.updateListener) this.updateListener(this.getState());
+  }
+  setPhase(phase) {
+    this.state.phase = phase;
+    this.emit();
+  }
+  // ── supervision / config ──────────────────────────────────────
+  setSupervisionMode(mode) {
+    this.state.supervisionMode = mode;
+    this.emit();
+  }
+  setIncludeTraces(include) {
+    this.state.includeTraces = include;
+    this.emit();
+  }
+  cancel() {
+    this.state = this.initialState();
+    this.emit();
+  }
+  /**
+   * Swap the AI provider used by this orchestrator.
+   * Safe to call while research is in progress — running sub-agents
+   * pick up the new provider on their next LLM call.
+   */
+  setProvider(provider) {
+    this.provider = provider;
+  }
+  getProvider() {
+    if (!this.provider) {
+      throw new Error("Chat provider not configured - required for Research Desk");
+    }
+    return this.provider;
+  }
+  // ── phase: idle → briefing ────────────────────────────────────
+  async startBrief(userQuery) {
+    const query = userQuery.trim();
+    if (!query) {
+      logger$7.warn("Ignoring empty Research Desk query");
+      return;
+    }
+    if (this.state.phase !== "idle") {
+      logger$7.warn("Research already in progress, ignoring startBrief");
+      return;
+    }
+    this.state = this.initialState();
+    this.state.originalQuery = query;
+    this.state.startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    this.setPhase("briefing");
+    logger$7.info(`Brief started for query: ${query.slice(0, 120)}`);
+  }
+  // ── phase: briefing → planning ─────────────────────────────────
+  confirmBrief() {
+    if (this.state.phase !== "briefing") {
+      logger$7.warn("Not in briefing phase, ignoring confirmBrief");
+      return;
+    }
+    this.setPhase("planning");
+  }
+  // ── phase: planning → awaiting_approval ────────────────────────
+  setObjectives(objectives) {
+    if (this.state.phase !== "planning") {
+      logger$7.warn("Not in planning phase, ignoring setObjectives");
+      return;
+    }
+    this.state.objectives = objectives;
+    this.state.threads = objectives.threads.slice(0, MAX_THREADS);
+    this.setPhase("awaiting_approval");
+  }
+  /**
+   * Parse a planning-phase LLM response into ResearchObjectives.
+   * Expects JSON (optionally wrapped in ```json fences).
+   * Returns true if parsing succeeded and objectives were set.
+   */
+  parseAndSetObjectives(text) {
+    if (this.state.phase !== "planning") return false;
+    let json = text;
+    const fenceMatch = text.match(/```(?:json)?\s*\n?([\s\S]*?)\n?```/);
+    if (fenceMatch) {
+      json = fenceMatch[1].trim();
+    } else {
+      const objMatch = text.match(/\{[\s\S]*\}/);
+      if (objMatch) json = objMatch[0];
+    }
+    try {
+      const parsed = JSON.parse(json);
+      if (typeof parsed.researchQuestion !== "string" || !parsed.researchQuestion.trim()) {
+        logger$7.warn("Missing researchQuestion in objectives JSON");
+        return false;
+      }
+      if (!Array.isArray(parsed.threads) || parsed.threads.length === 0) {
+        logger$7.warn("Missing or empty threads array in objectives JSON");
+        return false;
+      }
+      const threads = parsed.threads.map((t, i) => {
+        const obj = t;
+        const question = String(obj.question || "").trim();
+        const searchQueries = Array.isArray(obj.searchQueries) ? obj.searchQueries.map((q) => String(q).trim()).filter(Boolean) : [];
+        const sourceBudget = typeof obj.sourceBudget === "number" && Number.isFinite(obj.sourceBudget) ? Math.max(1, Math.floor(obj.sourceBudget)) : 5;
+        return {
+          label: String(obj.label || `Thread ${i + 1}`),
+          question,
+          searchQueries,
+          preferredDomains: Array.isArray(obj.preferredDomains) ? obj.preferredDomains.map((d) => String(d).trim()).filter(Boolean) : [],
+          blockedDomains: Array.isArray(obj.blockedDomains) ? obj.blockedDomains.map((d) => String(d).trim()).filter(Boolean) : [],
+          sourceBudget
+        };
+      }).filter((thread) => thread.question && thread.searchQueries.length > 0).slice(0, MAX_THREADS);
+      if (threads.length === 0) {
+        logger$7.warn("Objectives JSON did not contain any valid research threads");
+        return false;
+      }
+      const objectives = {
+        researchQuestion: String(parsed.researchQuestion).trim(),
+        threads,
+        audience: String(parsed.audience || "general").trim(),
+        reportOutline: Array.isArray(parsed.reportOutline) ? parsed.reportOutline.map((s) => String(s).trim()).filter(Boolean) : [],
+        totalSourceBudget: threads.reduce((sum, t) => sum + t.sourceBudget, 0)
+      };
+      this.setObjectives(objectives);
+      logger$7.info(`Parsed ${objectives.threads.length} threads from objectives`);
+      return true;
+    } catch (err) {
+      logger$7.warn("Failed to parse objectives JSON", err);
+      return false;
+    }
+  }
+  // ── phase: awaiting_approval → executing ───────────────────────
+  approveObjectives(mode, includeTraces) {
+    if (this.state.phase !== "awaiting_approval") {
+      logger$7.warn("Not awaiting approval, ignoring approveObjectives");
+      return;
+    }
+    if (mode) this.state.supervisionMode = mode;
+    if (includeTraces !== void 0) this.state.includeTraces = includeTraces;
+    this.setPhase("executing");
+  }
+  // ── phase: executing → synthesizing ────────────────────────────
+  async executeSubAgents() {
+    if (this.state.phase !== "executing" || !this.state.objectives) return;
+    const tabMutex = new TabMutex();
+    const results = await Promise.all(
+      this.state.threads.map((thread) => {
+        if (this.state.phase !== "executing") return null;
+        return this.runSubAgent(thread, tabMutex).catch((err) => {
+          logger$7.error(`Sub-agent "${thread.label}" failed`, err);
+          return {
+            threadLabel: thread.label,
+            threadQuestion: thread.question,
+            claims: [],
+            discardedSources: [],
+            executionSummary: `Failed: ${String(err)}`
+          };
+        });
+      })
+    );
+    if (this.state.phase !== "executing") return;
+    this.state.threadFindings = results.filter((f) => f !== null);
+    this.setPhase("synthesizing");
+    try {
+      await this.synthesizeReport();
+    } catch (err) {
+      logger$7.error("Auto-synthesis failed", err);
+      this.state.error = `Synthesis failed: ${String(err)}`;
+      this.setPhase("delivered");
+    }
+  }
+  // ── sub-agent loop ─────────────────────────────────────────────
+  async runSubAgent(thread, tabMutex) {
+    const trace = {
+      threadLabel: thread.label,
+      toolCalls: [],
+      errors: [],
+      startedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      finishedAt: ""
+    };
+    const tabId = this.tabManager.createTab();
+    let sourcesConsumed = 0;
+    if (tabId) this.tabManager.switchTab(tabId);
+    const discardedSources = [];
+    let transcript = "";
+    try {
+      const provider = this.getProvider();
+      if (!provider.streamAgentQuery) {
+        throw new Error("Provider does not support agent tool loops");
+      }
+      const systemPrompt = buildSubAgentSystemPrompt(thread);
+      const userMessage = `Begin researching: ${thread.question}
+
+Start by searching for: ${thread.searchQueries.join(" or ")}`;
+      const actionCtx = {
+        tabManager: this.tabManager,
+        runtime: this.runtime,
+        toolProfile: provider.agentToolProfile,
+        tabId: tabId ?? void 0,
+        _tabMutex: tabMutex
+      };
+      await provider.streamAgentQuery(
+        systemPrompt,
+        userMessage,
+        AGENT_TOOLS,
+        (chunk) => {
+          transcript += chunk;
+        },
+        async (name, args) => {
+          const t0 = Date.now();
+          if (this.state.phase !== "executing") {
+            const msg = "Research cancelled — stopping.";
+            return msg;
+          }
+          if (name === "navigate" || name === "search") {
+            sourcesConsumed++;
+            if (sourcesConsumed > thread.sourceBudget) {
+              const msg = `Source budget (${thread.sourceBudget}) exceeded. Summarize findings and stop.`;
+              trace.toolCalls.push({
+                tool: name,
+                args,
+                result: msg,
+                timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+                durationMs: 0
+              });
+              return msg;
+            }
+          }
+          try {
+            const output = await executeAction(name, args, actionCtx);
+            trace.toolCalls.push({
+              tool: name,
+              args,
+              result: output,
+              timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+              durationMs: Date.now() - t0
+            });
+            return output;
+          } catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            if (msg.includes("paywall") || msg.includes("login required") || msg.includes("403")) {
+              discardedSources.push({
+                url: String(args.url || ""),
+                title: String(args.url || "unknown"),
+                reason: msg
+              });
+            }
+            trace.errors.push({
+              message: msg,
+              timestamp: (/* @__PURE__ */ new Date()).toISOString()
+            });
+            trace.toolCalls.push({
+              tool: name,
+              args,
+              result: `Error: ${msg}`,
+              timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+              durationMs: Date.now() - t0
+            });
+            return `Error: ${msg}`;
+          }
+        },
+        () => {
+        }
+      );
+    } catch (err) {
+      trace.errors.push({
+        message: String(err),
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    } finally {
+      trace.finishedAt = (/* @__PURE__ */ new Date()).toISOString();
+      if (tabId) {
+        try {
+          this.tabManager.closeTab(tabId);
+        } catch (err) {
+          logger$7.warn(`Failed to close sub-agent tab ${tabId}`, err);
+        }
+      }
+    }
+    let claims = [];
+    if (this.state.phase === "executing") {
+      try {
+        claims = await this.extractClaimsFromTranscript(thread, transcript);
+      } catch (err) {
+        logger$7.warn(`Claim extraction failed for "${thread.label}"`, err);
+      }
+    }
+    if (this.state.phase === "executing" && this.state.includeTraces) {
+      this.state.subAgentTraces.push(trace);
+    }
+    const pagesVisited = trace.toolCalls.filter(
+      (t) => ["navigate", "read_page", "search"].includes(t.tool)
+    ).length;
+    return {
+      threadLabel: thread.label,
+      threadQuestion: thread.question,
+      claims,
+      discardedSources,
+      executionSummary: `Visited ${pagesVisited} pages (${trace.toolCalls.length} tool calls, ${sourcesConsumed} sources). ${claims.length} claims extracted. ${discardedSources.length} sources discarded.${trace.errors.length > 0 ? ` ${trace.errors.length} errors.` : ""}`
+    };
+  }
+  /**
+   * Extract structured claims from the sub-agent's research transcript.
+   * Makes a follow-up LLM call asking it to parse claims with source URLs and quotes.
+   */
+  async extractClaimsFromTranscript(thread, transcript) {
+    if (!transcript.trim()) return [];
+    const prompt = `You are a claim extractor. Given a research transcript, extract every factual claim along with its source URL and the exact supporting quote from the page.
+
+CRITICAL RULES:
+- Only extract claims that are explicitly supported by a source URL AND a verbatim quote in the transcript.
+- If a claim has no source URL or no extracted quote, do NOT include it.
+- Do not fabricate claims. Only use what is explicitly stated in the transcript.
+- Return ONLY valid JSON — a JSON array of claim objects.
+
+Each claim object must have these fields:
+- claim: the factual claim text
+- sourceUrl: the URL of the source page
+- sourceTitle: the title of the source page (or "Unknown" if not mentioned)
+- extractedQuote: the verbatim quote from the page that supports this claim
+- relevanceNote: a one-sentence note on why this claim matters to the research question
+
+Return format:
+\`\`\`json
+[{"claim": "...", "sourceUrl": "...", "sourceTitle": "...", "extractedQuote": "...", "relevanceNote": "..."}]
+\`\`\`
+
+RESEARCH QUESTION: ${thread.question}
+THREAD LABEL: ${thread.label}
+
+TRANSCRIPT:
+${transcript.slice(0, 32e3)}`;
+    let response = "";
+    await this.getProvider().streamQuery(
+      prompt,
+      "Extract the claims.",
+      (chunk) => {
+        response += chunk;
+      },
+      () => {
+      }
+    );
+    let json = response;
+    const fenceMatch = response.match(/```(?:json)?\s*\n?([\s\S]*?)\n?```/);
+    if (fenceMatch) json = fenceMatch[1].trim();
+    else {
+      const arrMatch = response.match(/\[[\s\S]*\]/);
+      if (arrMatch) json = arrMatch[0];
+    }
+    try {
+      const raw = JSON.parse(json);
+      if (!Array.isArray(raw)) return [];
+      return raw.map((item) => {
+        const c = item;
+        return {
+          claim: String(c.claim || "").trim(),
+          sourceUrl: String(c.sourceUrl || "").trim(),
+          sourceTitle: String(c.sourceTitle || c.sourceUrl || "Unknown").trim(),
+          extractedQuote: String(c.extractedQuote || "").trim(),
+          extractedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          threadLabel: thread.label,
+          relevanceNote: String(c.relevanceNote || "").trim()
+        };
+      }).filter(
+        (claim) => claim.claim && claim.sourceUrl && claim.extractedQuote
+      );
+    } catch {
+      logger$7.warn(`Failed to parse claims JSON for "${thread.label}"`);
+      return [];
+    }
+  }
+  // ── phase: synthesizing → delivered ───────────────────────────
+  async synthesizeReport() {
+    if (this.state.phase !== "synthesizing" || !this.state.objectives) {
+      return null;
+    }
+    const objectives = this.state.objectives;
+    const findings = this.state.threadFindings;
+    const synthesisPrompt = buildSynthesisPrompt(objectives, findings);
+    let response = "";
+    await this.getProvider().streamQuery(
+      synthesisPrompt,
+      "Return ONLY the JSON object now.",
+      (chunk) => {
+        response += chunk;
+      },
+      () => {
+      }
+    );
+    const report = this.parseReportFromJson(response, objectives);
+    this.setReport(report);
+    this.setPhase("delivered");
+    return report;
+  }
+  /**
+   * Parse the LLM's JSON synthesis response into a structured ResearchReport.
+   * Handles both bare JSON and JSON wrapped in markdown fences.
+   */
+  parseReportFromJson(text, objectives) {
+    let json = text.trim();
+    const fenceMatch = json.match(/```(?:json)?\s*\n?([\s\S]*?)\n?```/);
+    if (fenceMatch) json = fenceMatch[1].trim();
+    const objMatch = json.match(/\{[\s\S]*\}/);
+    if (objMatch) json = objMatch[0];
+    try {
+      const parsed = JSON.parse(json);
+      return {
+        title: String(parsed.title || objectives.researchQuestion).trim(),
+        executiveSummary: String(parsed.executiveSummary || "").trim(),
+        findingsByThread: Array.isArray(parsed.findingsByThread) ? parsed.findingsByThread.map((s) => {
+          const obj = s;
+          return {
+            threadLabel: String(obj.threadLabel || "").trim(),
+            content: String(obj.content || "").trim()
+          };
+        }) : [],
+        contradictions: Array.isArray(parsed.contradictions) ? parsed.contradictions.map((c) => {
+          const obj = c;
+          const sourceA = obj.sourceA ?? {};
+          const sourceB = obj.sourceB ?? {};
+          return {
+            claim: String(obj.claim || "").trim(),
+            sourceA: {
+              url: String(sourceA.url || "").trim(),
+              claim: String(sourceA.claim || "").trim()
+            },
+            sourceB: {
+              url: String(sourceB.url || "").trim(),
+              claim: String(sourceB.claim || "").trim()
+            },
+            resolution: String(obj.resolution || "").trim()
+          };
+        }).filter(
+          (c) => c.claim && c.sourceA.url && c.sourceB.url && c.resolution
+        ) : [],
+        gaps: Array.isArray(parsed.gaps) ? parsed.gaps.map((g) => String(g).trim()).filter(Boolean) : [],
+        sourceIndex: Array.isArray(parsed.sourceIndex) ? parsed.sourceIndex.map((s) => {
+          const obj = s;
+          return {
+            index: typeof obj.index === "number" ? obj.index : parseInt(String(obj.index), 10) || 0,
+            url: String(obj.url || "").trim(),
+            title: String(obj.title || "").trim(),
+            accessedAt: String(obj.accessedAt || "").trim(),
+            supportingQuote: String(obj.supportingQuote || "").trim()
+          };
+        }).filter((s) => s.url && s.title) : [],
+        generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        objectives
+      };
+    } catch (err) {
+      logger$7.warn("Failed to parse synthesis JSON, using minimal report", err);
+      return {
+        title: objectives.researchQuestion,
+        executiveSummary: `Report generation failed: ${String(err)}`,
+        findingsByThread: [],
+        contradictions: [],
+        gaps: ["Report generation failed — JSON parsing error"],
+        sourceIndex: [],
+        generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        objectives
+      };
+    }
+  }
+  // ── report management ──────────────────────────────────────────
+  setReport(report) {
+    this.state.report = report;
+    this.emit();
+  }
+  // ── reset ──────────────────────────────────────────────────────
+  reset() {
+    this.state = this.initialState();
+    this.emit();
+  }
+}
+function registerVaultHandlers() {
+  electron.ipcMain.handle(Channels.VAULT_LIST, (event) => {
+    assertTrustedIpcSender(event);
+    return listEntries$1();
+  });
+  electron.ipcMain.handle(
+    Channels.VAULT_ADD,
+    (event, entry) => {
+      assertTrustedIpcSender(event);
+      if (!entry || typeof entry !== "object") {
+        throw new Error("Invalid vault entry");
       }
       assertString(entry.label, "label");
       assertString(entry.domainPattern, "domainPattern");
@@ -25802,19 +26860,22 @@ function getSafeBookmarkExportName(name) {
   return safeName || "folder";
 }
 function registerBookmarkHandlers() {
-  electron.ipcMain.handle(Channels.BOOKMARKS_GET, () => {
+  electron.ipcMain.handle(Channels.BOOKMARKS_GET, (event) => {
+    assertTrustedIpcSender(event);
     return getState();
   });
   electron.ipcMain.handle(
     Channels.FOLDER_CREATE,
-    (_, name, summary) => {
+    (event, name, summary) => {
+      assertTrustedIpcSender(event);
       trackBookmarkAction("folder_create");
       return createFolderWithSummary(name, summary);
     }
   );
   electron.ipcMain.handle(
     Channels.BOOKMARK_SAVE,
-    (_, url, title, folderId, note, intent, expectedContent, keyFields, agentHints) => {
+    (event, url, title, folderId, note, intent, expectedContent, keyFields, agentHints) => {
+      assertTrustedIpcSender(event);
       trackBookmarkAction("save");
       const result = saveBookmarkWithPolicy(url, title, folderId, note, {
         onDuplicate: "update",
@@ -25835,12 +26896,14 @@ function registerBookmarkHandlers() {
   );
   electron.ipcMain.handle(
     Channels.BOOKMARK_UPDATE,
-    (_, id, updates) => {
+    (event, id, updates) => {
+      assertTrustedIpcSender(event);
       trackBookmarkAction("save");
       return updateBookmark(id, updates);
     }
   );
-  electron.ipcMain.handle(Channels.BOOKMARK_REMOVE, (_, id) => {
+  electron.ipcMain.handle(Channels.BOOKMARK_REMOVE, (event, id) => {
+    assertTrustedIpcSender(event);
     trackBookmarkAction("remove");
     return removeBookmark(id);
   });
@@ -25933,22 +26996,26 @@ function registerBookmarkHandlers() {
     trackBookmarkAction("import");
     return importBookmarksFromJson(content);
   });
-  electron.ipcMain.handle(Channels.FOLDER_REMOVE, (_, id, deleteContents) => {
+  electron.ipcMain.handle(Channels.FOLDER_REMOVE, (event, id, deleteContents) => {
+    assertTrustedIpcSender(event);
     trackBookmarkAction("folder_remove");
     return removeFolder(id, deleteContents ?? false);
   });
   electron.ipcMain.handle(
     Channels.FOLDER_RENAME,
-    (_, id, newName, summary) => {
+    (event, id, newName, summary) => {
+      assertTrustedIpcSender(event);
       return renameFolder(id, newName, summary);
     }
   );
 }
 function registerHistoryHandlers() {
-  electron.ipcMain.handle(Channels.HISTORY_GET, () => {
+  electron.ipcMain.handle(Channels.HISTORY_GET, (event) => {
+    assertTrustedIpcSender(event);
     return getState$1();
   });
-  electron.ipcMain.handle(Channels.HISTORY_SEARCH, (_, query) => {
+  electron.ipcMain.handle(Channels.HISTORY_SEARCH, (event, query) => {
+    assertTrustedIpcSender(event);
     return search(query);
   });
   electron.ipcMain.handle(Channels.HISTORY_CLEAR, (event) => {
@@ -26073,10 +27140,12 @@ function registerPremiumHandlers(tabManager, sendToRendererViews) {
       void handleUrl(currentUrl);
     }
   };
-  electron.ipcMain.handle(Channels.PREMIUM_GET_STATE, () => {
+  electron.ipcMain.handle(Channels.PREMIUM_GET_STATE, (event) => {
+    assertTrustedIpcSender(event);
     return getPremiumState();
   });
-  electron.ipcMain.handle(Channels.PREMIUM_ACTIVATION_START, async (_, email) => {
+  electron.ipcMain.handle(Channels.PREMIUM_ACTIVATION_START, async (event, email) => {
+    assertTrustedIpcSender(event);
     assertString(email, "email");
     if (!isValidEmail(email)) {
       return errorResult("Invalid email format");
@@ -26090,7 +27159,8 @@ function registerPremiumHandlers(tabManager, sendToRendererViews) {
   });
   electron.ipcMain.handle(
     Channels.PREMIUM_ACTIVATION_VERIFY,
-    async (_, email, code, challengeToken) => {
+    async (event, email, code, challengeToken) => {
+      assertTrustedIpcSender(event);
       assertString(email, "email");
       assertString(code, "code");
       assertString(challengeToken, "challengeToken");
@@ -26112,7 +27182,8 @@ function registerPremiumHandlers(tabManager, sendToRendererViews) {
       return result;
     }
   );
-  electron.ipcMain.handle(Channels.PREMIUM_CHECKOUT, async (_, email) => {
+  electron.ipcMain.handle(Channels.PREMIUM_CHECKOUT, async (event, email) => {
+    assertTrustedIpcSender(event);
     trackPremiumFunnel("checkout_clicked");
     const result = await getCheckoutUrl(email);
     if (result.ok && result.url) {
@@ -26121,19 +27192,22 @@ function registerPremiumHandlers(tabManager, sendToRendererViews) {
     }
     return result;
   });
-  electron.ipcMain.handle(Channels.PREMIUM_RESET, () => {
+  electron.ipcMain.handle(Channels.PREMIUM_RESET, (event) => {
+    assertTrustedIpcSender(event);
     trackPremiumFunnel("reset");
     const state2 = resetPremium();
     sendToRendererViews(Channels.PREMIUM_UPDATE, state2);
     return state2;
   });
-  electron.ipcMain.handle(Channels.PREMIUM_TRACK_CONTEXT, (_, step) => {
+  electron.ipcMain.handle(Channels.PREMIUM_TRACK_CONTEXT, (event, step) => {
+    assertTrustedIpcSender(event);
     assertString(step, "step");
     if (PREMIUM_TRACKABLE_STEPS.includes(step)) {
       trackPremiumFunnel(step);
     }
   });
-  electron.ipcMain.handle(Channels.PREMIUM_PORTAL, async () => {
+  electron.ipcMain.handle(Channels.PREMIUM_PORTAL, async (event) => {
+    assertTrustedIpcSender(event);
     trackPremiumFunnel("portal_opened");
     const result = await getPortalUrl();
     if (result.ok && result.url) {
@@ -26143,18 +27217,22 @@ function registerPremiumHandlers(tabManager, sendToRendererViews) {
   });
 }
 function registerSessionHandlers(tabManager) {
-  electron.ipcMain.handle(Channels.SESSION_LIST, () => {
+  electron.ipcMain.handle(Channels.SESSION_LIST, (event) => {
+    assertTrustedIpcSender(event);
     return listNamedSessions();
   });
-  electron.ipcMain.handle(Channels.SESSION_SAVE, async (_, name) => {
+  electron.ipcMain.handle(Channels.SESSION_SAVE, async (event, name) => {
+    assertTrustedIpcSender(event);
     assertString(name, "name");
     return await saveNamedSession(tabManager, name);
   });
-  electron.ipcMain.handle(Channels.SESSION_LOAD, async (_, name) => {
+  electron.ipcMain.handle(Channels.SESSION_LOAD, async (event, name) => {
+    assertTrustedIpcSender(event);
     assertString(name, "name");
     return await loadNamedSession(tabManager, name);
   });
-  electron.ipcMain.handle(Channels.SESSION_DELETE, (_, name) => {
+  electron.ipcMain.handle(Channels.SESSION_DELETE, (event, name) => {
+    assertTrustedIpcSender(event);
     assertString(name, "name");
     return deleteNamedSession(name);
   });
@@ -26312,6 +27390,10 @@ function snapshot() {
 function emit() {
   broadcaster?.(Channels.PERMISSIONS_GET, snapshot());
 }
+function getDecision(origin, permission) {
+  const existing = records.find((r) => r.origin === origin && r.permission === permission);
+  return existing?.decision ?? sessionDecisions.get(key(origin, permission)) ?? null;
+}
 function save(origin, permission, decision) {
   const k = key(origin, permission);
   const existing = records.find((r) => key(r.origin, r.permission) === k);
@@ -26344,6 +27426,12 @@ function setPermissionBroadcaster(fn) {
   broadcaster = fn;
 }
 function installPermissionHandler() {
+  electron.session.defaultSession.setPermissionCheckHandler((webContents, permission, requestingOrigin) => {
+    if (!ALLOWED_PERMISSION_TYPES.has(permission)) return false;
+    const origin = parseOrigin(requestingOrigin || webContents.getURL());
+    if (!origin) return false;
+    return getDecision(origin, permission) === "allow";
+  });
   electron.session.defaultSession.setPermissionRequestHandler((webContents, permission, callback, details) => {
     if (!ALLOWED_PERMISSION_TYPES.has(permission)) {
       callback(false);
@@ -26355,19 +27443,21 @@ function installPermissionHandler() {
       return;
     }
     const k = key(origin, permission);
-    const existing = records.find((r) => r.origin === origin && r.permission === permission);
-    if (existing) {
-      callback(existing.decision === "allow");
-      return;
-    }
-    const sessionDecision = sessionDecisions.get(k);
-    if (sessionDecision) {
-      callback(sessionDecision === "allow");
+    const decision = getDecision(origin, permission);
+    if (decision) {
+      callback(decision === "allow");
       return;
     }
     const result = electron.dialog.showMessageBoxSync({
       type: "question",
-      buttons: ["Deny", "Allow Once", "Allow Until Quit", "Always Allow"],
+      buttons: [
+        "Deny Once",
+        "Deny Until Quit",
+        "Always Deny",
+        "Allow Once",
+        "Allow Until Quit",
+        "Always Allow"
+      ],
       defaultId: 0,
       cancelId: 0,
       title: "Site permission request",
@@ -26375,20 +27465,29 @@ function installPermissionHandler() {
       detail: "Temporary choices are safer for camera, microphone, location, and clipboard access. Persistent choices can be cleared in Settings > Privacy."
     });
     if (result === 1) {
-      callback(true);
+      sessionDecisions.set(k, "deny");
+      callback(false);
       return;
     }
     if (result === 2) {
+      save(origin, permission, "deny");
+      callback(false);
+      return;
+    }
+    if (result === 3) {
+      callback(true);
+      return;
+    }
+    if (result === 4) {
       sessionDecisions.set(k, "allow");
       callback(true);
       return;
     }
-    if (result === 3) {
+    if (result === 5) {
       save(origin, permission, "allow");
       callback(true);
       return;
     }
-    save(origin, permission, "deny");
     callback(false);
   });
 }
@@ -26483,6 +27582,18 @@ function registerIpcHandlers(windowState, runtime2) {
   const requireTrusted = (event) => {
     assertTrustedIpcSender(event);
   };
+  let researchOrchestrator = null;
+  const getResearchOrchestrator = () => {
+    if (!researchOrchestrator) {
+      const settings2 = loadSettings();
+      const provider = settings2.chatProvider ? createProvider(settings2.chatProvider) : null;
+      researchOrchestrator = new ResearchOrchestrator(provider, tabManager, runtime2);
+      researchOrchestrator.setUpdateListener((state2) => {
+        sendToRendererViews(Channels.RESEARCH_STATE_UPDATE, state2);
+      });
+    }
+    return researchOrchestrator;
+  };
   electron.ipcMain.handle(Channels.OPEN_PRIVATE_WINDOW, (event) => {
     requireTrusted(event);
     createPrivateWindow();
@@ -26491,7 +27602,10 @@ function registerIpcHandlers(windowState, runtime2) {
     requireTrusted(event);
     createSecondaryWindow();
   });
-  electron.ipcMain.handle(Channels.IS_PRIVATE_MODE, () => false);
+  electron.ipcMain.handle(Channels.IS_PRIVATE_MODE, (event) => {
+    requireTrusted(event);
+    return false;
+  });
   let sidebarResizeRecoveryTimer = null;
   let sidebarResizeActive = false;
   let runtimeUpdateTimer = null;
@@ -26572,37 +27686,45 @@ function registerIpcHandlers(windowState, runtime2) {
   onAIStreamIdle(() => {
     sendToRendererViews(Channels.AI_STREAM_IDLE);
   });
-  electron.ipcMain.handle(Channels.TAB_CREATE, (_, url) => {
+  electron.ipcMain.handle(Channels.TAB_CREATE, (event, url) => {
+    requireTrusted(event);
     const id = tabManager.createTab(url || loadSettings().defaultUrl);
     layoutViews(windowState);
     return id;
   });
-  electron.ipcMain.handle(Channels.TAB_CLOSE, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_CLOSE, (event, id) => {
+    requireTrusted(event);
     tabManager.closeTab(id);
     layoutViews(windowState);
   });
-  electron.ipcMain.handle(Channels.TAB_SWITCH, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_SWITCH, (event, id) => {
+    requireTrusted(event);
     tabManager.switchTab(id);
     layoutViews(windowState);
   });
   electron.ipcMain.handle(
     Channels.TAB_NAVIGATE,
-    (_, id, url, postBody) => {
+    (event, id, url, postBody) => {
+      requireTrusted(event);
       assertString(id, "tabId");
       assertString(url, "url");
       return tabManager.navigateTab(id, url, postBody);
     }
   );
-  electron.ipcMain.handle(Channels.TAB_BACK, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_BACK, (event, id) => {
+    requireTrusted(event);
     tabManager.goBack(id);
   });
-  electron.ipcMain.handle(Channels.TAB_FORWARD, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_FORWARD, (event, id) => {
+    requireTrusted(event);
     tabManager.goForward(id);
   });
-  electron.ipcMain.handle(Channels.TAB_RELOAD, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_RELOAD, (event, id) => {
+    requireTrusted(event);
     tabManager.reloadTab(id);
   });
-  electron.ipcMain.handle(Channels.TAB_TOGGLE_AD_BLOCK, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_TOGGLE_AD_BLOCK, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     const tab = tabManager.getTab(id);
     if (!tab) return null;
@@ -26610,87 +27732,108 @@ function registerIpcHandlers(windowState, runtime2) {
     tab.setAdBlockingEnabled(newState);
     return newState;
   });
-  electron.ipcMain.handle(Channels.TAB_ZOOM_IN, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_ZOOM_IN, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.zoomIn(id);
   });
-  electron.ipcMain.handle(Channels.TAB_ZOOM_OUT, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_ZOOM_OUT, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.zoomOut(id);
   });
-  electron.ipcMain.handle(Channels.TAB_ZOOM_RESET, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_ZOOM_RESET, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.zoomReset(id);
   });
-  electron.ipcMain.handle(Channels.TAB_REOPEN_CLOSED, () => {
+  electron.ipcMain.handle(Channels.TAB_REOPEN_CLOSED, (event) => {
+    requireTrusted(event);
     const id = tabManager.reopenClosedTab();
     if (id) layoutViews(windowState);
     return id;
   });
-  electron.ipcMain.handle(Channels.TAB_DUPLICATE, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_DUPLICATE, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     const newId = tabManager.duplicateTab(id);
     if (newId) layoutViews(windowState);
     return newId;
   });
-  electron.ipcMain.handle(Channels.TAB_PIN, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_PIN, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.pinTab(id);
   });
-  electron.ipcMain.handle(Channels.TAB_UNPIN, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_UNPIN, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.unpinTab(id);
   });
-  electron.ipcMain.handle(Channels.TAB_GROUP_CREATE, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_GROUP_CREATE, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     return tabManager.createGroupFromTab(id);
   });
-  electron.ipcMain.handle(Channels.TAB_GROUP_ADD_TAB, (_, id, groupId) => {
+  electron.ipcMain.handle(Channels.TAB_GROUP_ADD_TAB, (event, id, groupId) => {
+    requireTrusted(event);
     assertString(id, "id");
     assertString(groupId, "groupId");
     tabManager.assignTabToGroup(id, groupId);
   });
-  electron.ipcMain.handle(Channels.TAB_GROUP_REMOVE_TAB, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_GROUP_REMOVE_TAB, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.removeTabFromGroup(id);
   });
-  electron.ipcMain.handle(Channels.TAB_GROUP_TOGGLE_COLLAPSED, (_, groupId) => {
+  electron.ipcMain.handle(Channels.TAB_GROUP_TOGGLE_COLLAPSED, (event, groupId) => {
+    requireTrusted(event);
     assertString(groupId, "groupId");
     return tabManager.toggleGroupCollapsed(groupId);
   });
   electron.ipcMain.handle(
     Channels.TAB_GROUP_SET_COLOR,
-    (_, groupId, color) => {
+    (event, groupId, color) => {
+      requireTrusted(event);
       assertString(groupId, "groupId");
       assertString(color, "color");
       tabManager.setGroupColor(groupId, color);
     }
   );
-  electron.ipcMain.handle(Channels.TAB_TOGGLE_MUTE, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_TOGGLE_MUTE, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     return tabManager.toggleMuted(id);
   });
-  electron.ipcMain.handle(Channels.TAB_PRINT, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_PRINT, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     tabManager.printTab(id);
   });
-  electron.ipcMain.handle(Channels.TAB_PRINT_TO_PDF, (_, id) => {
+  electron.ipcMain.handle(Channels.TAB_PRINT_TO_PDF, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     return tabManager.saveTabAsPdf(id);
   });
-  electron.ipcMain.on(Channels.TAB_CONTEXT_MENU, (_event, id) => {
+  electron.ipcMain.on(Channels.TAB_CONTEXT_MENU, (event, id) => {
+    requireTrusted(event);
     assertString(id, "id");
     showTabContextMenu(tabManager, id, mainWindow, () => layoutViews(windowState));
   });
-  electron.ipcMain.on(Channels.TAB_GROUP_CONTEXT_MENU, (_event, groupId) => {
+  electron.ipcMain.on(Channels.TAB_GROUP_CONTEXT_MENU, (event, groupId) => {
+    requireTrusted(event);
     assertString(groupId, "groupId");
     showGroupContextMenu(tabManager, groupId, mainWindow);
   });
-  electron.ipcMain.handle(Channels.TAB_STATE_GET, () => ({
-    tabs: tabManager.getAllStates(),
-    activeId: tabManager.getActiveTabId() || ""
-  }));
-  electron.ipcMain.handle(Channels.AI_QUERY, async (_, query, history) => {
+  electron.ipcMain.handle(Channels.TAB_STATE_GET, (event) => {
+    requireTrusted(event);
+    return {
+      tabs: tabManager.getAllStates(),
+      activeId: tabManager.getActiveTabId() || ""
+    };
+  });
+  electron.ipcMain.handle(Channels.AI_QUERY, async (event, query, history) => {
+    requireTrusted(event);
     const settings2 = loadSettings();
     const chatConfig = settings2.chatProvider;
     if (!chatConfig) {
@@ -26719,7 +27862,8 @@ function registerIpcHandlers(windowState, runtime2) {
           () => sendToRendererViews(Channels.AI_STREAM_END, "completed"),
           tabManager,
           runtime2,
-          history
+          history,
+          researchOrchestrator
         );
       } catch (err) {
         const msg = err instanceof Error ? err.message : "Unknown error";
@@ -26733,10 +27877,12 @@ function registerIpcHandlers(windowState, runtime2) {
     })();
     return { accepted: true };
   });
-  electron.ipcMain.handle(Channels.AI_CANCEL, () => {
+  electron.ipcMain.handle(Channels.AI_CANCEL, (event) => {
+    requireTrusted(event);
     activeChatProvider?.cancel();
   });
-  electron.ipcMain.handle(Channels.AI_FETCH_MODELS, async (_, config) => {
+  electron.ipcMain.handle(Channels.AI_FETCH_MODELS, async (event, config) => {
+    requireTrusted(event);
     try {
       if (!config || typeof config !== "object" || !("id" in config)) {
         return errorResult("Invalid provider configuration", { models: [] });
@@ -26748,12 +27894,14 @@ function registerIpcHandlers(windowState, runtime2) {
       return errorResult(getErrorMessage(err), { models: [] });
     }
   });
-  electron.ipcMain.handle(Channels.CONTENT_EXTRACT, async () => {
+  electron.ipcMain.handle(Channels.CONTENT_EXTRACT, async (event) => {
+    requireTrusted(event);
     const activeTab = tabManager.getActiveTab();
     if (!activeTab) return null;
     return extractContent(activeTab.view.webContents);
   });
-  electron.ipcMain.handle(Channels.READER_MODE_TOGGLE, async () => {
+  electron.ipcMain.handle(Channels.READER_MODE_TOGGLE, async (event) => {
+    requireTrusted(event);
     const activeTab = tabManager.getActiveTab();
     if (!activeTab) return;
     if (activeTab.state.isReaderMode) {
@@ -26773,7 +27921,8 @@ function registerIpcHandlers(windowState, runtime2) {
       );
     }
   });
-  electron.ipcMain.handle(Channels.SIDEBAR_TOGGLE, () => {
+  electron.ipcMain.handle(Channels.SIDEBAR_TOGGLE, (event) => {
+    requireTrusted(event);
     windowState.uiState.sidebarOpen = !windowState.uiState.sidebarOpen;
     layoutViews(windowState);
     return {
@@ -26781,7 +27930,8 @@ function registerIpcHandlers(windowState, runtime2) {
       width: windowState.uiState.sidebarWidth
     };
   });
-  electron.ipcMain.handle(Channels.SIDEBAR_NAVIGATE, (_, tab) => {
+  electron.ipcMain.handle(Channels.SIDEBAR_NAVIGATE, (event, tab) => {
+    requireTrusted(event);
     assertString(tab, "tab");
     if (!windowState.uiState.sidebarOpen) {
       windowState.uiState.sidebarOpen = true;
@@ -26795,7 +27945,8 @@ function registerIpcHandlers(windowState, runtime2) {
       width: windowState.uiState.sidebarWidth
     };
   });
-  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE_START, () => {
+  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE_START, (event) => {
+    requireTrusted(event);
     sidebarResizeActive = true;
     clearSidebarResizeRecoveryTimer();
     const [width, height] = windowState.mainWindow.getContentSize();
@@ -26810,14 +27961,16 @@ function registerIpcHandlers(windowState, runtime2) {
     });
     scheduleSidebarResizeRecovery();
   });
-  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE, (_, width) => {
+  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE, (event, width) => {
+    requireTrusted(event);
     assertNumber(width, "width");
     const clamped = Math.max(240, Math.min(800, Math.round(width)));
     windowState.uiState.sidebarWidth = clamped;
     resizeSidebarViews(windowState);
     return clamped;
   });
-  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE_COMMIT, () => {
+  electron.ipcMain.handle(Channels.SIDEBAR_RESIZE_COMMIT, (event) => {
+    requireTrusted(event);
     sidebarResizeActive = false;
     clearSidebarResizeRecoveryTimer();
     setSetting("sidebarWidth", windowState.uiState.sidebarWidth);
@@ -26825,7 +27978,8 @@ function registerIpcHandlers(windowState, runtime2) {
   });
   electron.ipcMain.on(
     Channels.RENDERER_VIEW_READY,
-    (_event, view) => {
+    (event, view) => {
+      requireTrusted(event);
       if (view !== "sidebar") return;
       if (!windowState.uiState.sidebarOpen) {
         windowState.uiState.sidebarOpen = true;
@@ -26833,12 +27987,14 @@ function registerIpcHandlers(windowState, runtime2) {
       }
     }
   );
-  electron.ipcMain.handle(Channels.FOCUS_MODE_TOGGLE, () => {
+  electron.ipcMain.handle(Channels.FOCUS_MODE_TOGGLE, (event) => {
+    requireTrusted(event);
     windowState.uiState.focusMode = !windowState.uiState.focusMode;
     layoutViews(windowState);
     return windowState.uiState.focusMode;
   });
-  electron.ipcMain.handle(Channels.SETTINGS_VISIBILITY, (_, open) => {
+  electron.ipcMain.handle(Channels.SETTINGS_VISIBILITY, (event, open) => {
+    requireTrusted(event);
     windowState.uiState.settingsOpen = open;
     if (open) {
       windowState.uiState.sidebarOpen = false;
@@ -26846,10 +28002,14 @@ function registerIpcHandlers(windowState, runtime2) {
     layoutViews(windowState);
     return windowState.uiState.settingsOpen;
   });
-  electron.ipcMain.handle(Channels.SETTINGS_GET, () => {
+  electron.ipcMain.handle(Channels.SETTINGS_GET, (event) => {
+    requireTrusted(event);
     return getRendererSettings();
   });
-  electron.ipcMain.handle(Channels.SETTINGS_HEALTH_GET, () => getRuntimeHealth());
+  electron.ipcMain.handle(Channels.SETTINGS_HEALTH_GET, (event) => {
+    requireTrusted(event);
+    return getRuntimeHealth();
+  });
   electron.ipcMain.handle(Channels.MCP_REGENERATE_TOKEN, (event) => {
     requireTrusted(event);
     return regenerateMcpAuthToken();
@@ -26870,11 +28030,20 @@ function registerIpcHandlers(windowState, runtime2) {
       await stopMcpServer();
       await startMcpServer(tabManager, runtime2, updatedSettings.mcpPort);
     }
+    if (key2 === "chatProvider" && researchOrchestrator) {
+      try {
+        researchOrchestrator.setProvider(createProvider(value));
+      } catch {
+      }
+    }
     const rendererSettings = getRendererSettings();
     sendToRendererViews(Channels.SETTINGS_UPDATE, rendererSettings);
     return rendererSettings;
   });
-  electron.ipcMain.handle(Channels.AGENT_RUNTIME_GET, () => runtime2.getState());
+  electron.ipcMain.handle(Channels.AGENT_RUNTIME_GET, (event) => {
+    requireTrusted(event);
+    return runtime2.getState();
+  });
   electron.ipcMain.handle(Channels.AGENT_PAUSE, (event) => {
     requireTrusted(event);
     return runtime2.pause();
@@ -26905,24 +28074,27 @@ function registerIpcHandlers(windowState, runtime2) {
   );
   electron.ipcMain.handle(
     Channels.AGENT_CHECKPOINT_CREATE,
-    (_, name, note) => runtime2.createCheckpoint(name, note)
-  );
-  electron.ipcMain.handle(
-    Channels.AGENT_CHECKPOINT_RESTORE,
-    (_, checkpointId) => runtime2.restoreCheckpoint(checkpointId)
-  );
-  electron.ipcMain.handle(
-    Channels.AGENT_CHECKPOINT_UPDATE_NOTE,
-    (_, checkpointId, note) => runtime2.updateCheckpointNote(checkpointId, note || "")
-  );
-  electron.ipcMain.handle(
-    Channels.AGENT_UNDO_LAST_ACTION,
-    () => runtime2.undoLastAction()
-  );
-  electron.ipcMain.handle(
-    Channels.AGENT_SESSION_CAPTURE,
-    (_, note) => runtime2.captureSession(note)
+    (event, name, note) => {
+      requireTrusted(event);
+      return runtime2.createCheckpoint(name, note);
+    }
   );
+  electron.ipcMain.handle(Channels.AGENT_CHECKPOINT_RESTORE, (event, checkpointId) => {
+    requireTrusted(event);
+    return runtime2.restoreCheckpoint(checkpointId);
+  });
+  electron.ipcMain.handle(Channels.AGENT_CHECKPOINT_UPDATE_NOTE, (event, checkpointId, note) => {
+    requireTrusted(event);
+    return runtime2.updateCheckpointNote(checkpointId, note || "");
+  });
+  electron.ipcMain.handle(Channels.AGENT_UNDO_LAST_ACTION, (event) => {
+    requireTrusted(event);
+    return runtime2.undoLastAction();
+  });
+  electron.ipcMain.handle(Channels.AGENT_SESSION_CAPTURE, (event, note) => {
+    requireTrusted(event);
+    return runtime2.captureSession(note);
+  });
   electron.ipcMain.handle(
     Channels.AGENT_SESSION_RESTORE,
     (event, snapshot2) => {
@@ -26931,7 +28103,8 @@ function registerIpcHandlers(windowState, runtime2) {
     }
   );
   registerBookmarkHandlers();
-  electron.ipcMain.handle(Channels.HIGHLIGHT_CAPTURE, async () => {
+  electron.ipcMain.handle(Channels.HIGHLIGHT_CAPTURE, async (event) => {
+    requireTrusted(event);
     try {
       const activeTab = tabManager.getActiveTab();
       if (!activeTab) {
@@ -26975,10 +28148,12 @@ function registerIpcHandlers(windowState, runtime2) {
       logger$4.warn("Failed to persist auto-highlight selection:", err);
     }
   });
-  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_COUNT, () => {
+  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_COUNT, (event) => {
+    requireTrusted(event);
     return getActiveHighlightCountSafe();
   });
-  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_SCROLL, (_, index) => {
+  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_SCROLL, (event, index) => {
+    requireTrusted(event);
     const info = getActiveTabInfo(tabManager);
     if (!info) return false;
     try {
@@ -26988,7 +28163,8 @@ function registerIpcHandlers(windowState, runtime2) {
       return false;
     }
   });
-  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_REMOVE, async (_, index) => {
+  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_REMOVE, async (event, index) => {
+    requireTrusted(event);
     const info = getActiveTabInfo(tabManager);
     if (!info) return false;
     try {
@@ -27002,7 +28178,8 @@ function registerIpcHandlers(windowState, runtime2) {
       return false;
     }
   });
-  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_CLEAR, async () => {
+  electron.ipcMain.handle(Channels.HIGHLIGHT_NAV_CLEAR, async (event) => {
+    requireTrusted(event);
     const info = getActiveTabInfo(tabManager);
     if (!info) return false;
     try {
@@ -27017,22 +28194,27 @@ function registerIpcHandlers(windowState, runtime2) {
     }
   });
   const findBridge = createFindInPageBridge(tabManager, chromeView);
-  electron.ipcMain.handle(Channels.FIND_IN_PAGE_START, (_, text, options) => {
+  electron.ipcMain.handle(Channels.FIND_IN_PAGE_START, (event, text, options) => {
+    requireTrusted(event);
     return findBridge.start(text, options);
   });
-  electron.ipcMain.handle(Channels.FIND_IN_PAGE_NEXT, (_, forward) => {
+  electron.ipcMain.handle(Channels.FIND_IN_PAGE_NEXT, (event, forward) => {
+    requireTrusted(event);
     return findBridge.next(forward);
   });
-  electron.ipcMain.handle(Channels.FIND_IN_PAGE_STOP, (_, action) => {
+  electron.ipcMain.handle(Channels.FIND_IN_PAGE_STOP, (event, action) => {
+    requireTrusted(event);
     findBridge.stop(action);
   });
   registerHistoryHandlers();
-  electron.ipcMain.handle(Channels.DEVTOOLS_PANEL_TOGGLE, () => {
+  electron.ipcMain.handle(Channels.DEVTOOLS_PANEL_TOGGLE, (event) => {
+    requireTrusted(event);
     windowState.uiState.devtoolsPanelOpen = !windowState.uiState.devtoolsPanelOpen;
     layoutViews(windowState);
     return { open: windowState.uiState.devtoolsPanelOpen };
   });
-  electron.ipcMain.handle(Channels.DEVTOOLS_PANEL_RESIZE, (_, height) => {
+  electron.ipcMain.handle(Channels.DEVTOOLS_PANEL_RESIZE, (event, height) => {
+    requireTrusted(event);
     const clamped = Math.max(MIN_DEVTOOLS_PANEL, Math.min(MAX_DEVTOOLS_PANEL, Math.round(height)));
     windowState.uiState.devtoolsPanelHeight = clamped;
     layoutViews(windowState);
@@ -27045,7 +28227,8 @@ function registerIpcHandlers(windowState, runtime2) {
   registerHumanVaultHandlers();
   registerWindowControlHandlers(mainWindow);
   registerCodexHandlers();
-  electron.ipcMain.handle(Channels.AUTOMATION_GET_INSTALLED, () => {
+  electron.ipcMain.handle(Channels.AUTOMATION_GET_INSTALLED, (event) => {
+    requireTrusted(event);
     return getInstalledKits();
   });
   electron.ipcMain.handle(Channels.AUTOMATION_INSTALL_FROM_FILE, async (event) => {
@@ -27060,6 +28243,7 @@ function registerIpcHandlers(windowState, runtime2) {
   registerScheduleHandlers(windowState, runtime2, sendToRendererViews);
   registerAutofillHandlers(windowState);
   registerPageDiffHandlers(windowState, sendToRendererViews);
+  registerResearchHandlers(() => getResearchOrchestrator());
   electron.ipcMain.handle(Channels.CLEAR_BROWSING_DATA, async (event, options) => {
     requireTrusted(event);
     const { cache, cookies, history, localStorage: clearLs, timeRange } = options;
@@ -27078,7 +28262,10 @@ function registerIpcHandlers(windowState, runtime2) {
   });
   setDownloadBroadcaster(sendToRendererViews);
   setPermissionBroadcaster(sendToRendererViews);
-  electron.ipcMain.handle(Channels.DOWNLOADS_GET, () => listDownloads());
+  electron.ipcMain.handle(Channels.DOWNLOADS_GET, (event) => {
+    requireTrusted(event);
+    return listDownloads();
+  });
   electron.ipcMain.handle(Channels.DOWNLOADS_CLEAR, (event) => {
     requireTrusted(event);
     clearDownloads();
@@ -27092,7 +28279,10 @@ function registerIpcHandlers(windowState, runtime2) {
     requireTrusted(event);
     return showDownloadInFolder(id);
   });
-  electron.ipcMain.handle(Channels.PERMISSIONS_GET, () => listPermissions());
+  electron.ipcMain.handle(Channels.PERMISSIONS_GET, (event) => {
+    requireTrusted(event);
+    return listPermissions();
+  });
   electron.ipcMain.handle(Channels.PERMISSIONS_CLEAR, (event) => {
     requireTrusted(event);
     clearPermissions();
@@ -27103,12 +28293,16 @@ function registerIpcHandlers(windowState, runtime2) {
     clearPermissionsForOrigin(origin);
     return true;
   });
-  electron.ipcMain.handle(Channels.UPDATES_CHECK, () => checkForUpdates());
+  electron.ipcMain.handle(Channels.UPDATES_CHECK, (event) => {
+    requireTrusted(event);
+    return checkForUpdates();
+  });
   electron.ipcMain.handle(Channels.UPDATES_OPEN_DOWNLOAD, (event) => {
     requireTrusted(event);
     return openUpdateDownload();
   });
-  electron.ipcMain.handle(Channels.TAB_TOGGLE_PIP, async () => {
+  electron.ipcMain.handle(Channels.TAB_TOGGLE_PIP, async (event) => {
+    requireTrusted(event);
     return togglePictureInPicture(tabManager);
   });
 }
@@ -27496,6 +28690,10 @@ ${lines.join("\n")}
 }
 const MAX_TRANSCRIPT_TEXT_LENGTH = 8e3;
 const PERSIST_DEBOUNCE_MS = 500;
+const INTERRUPTED_ACTION_STATUSES = /* @__PURE__ */ new Set([
+  "running",
+  "waiting-approval"
+]);
 const logger$3 = createLogger("Runtime");
 function clone(value) {
   return JSON.parse(JSON.stringify(value));
@@ -27518,6 +28716,15 @@ function getRuntimeStatePath() {
   return path$1.join(electron.app.getPath("userData"), "vessel-agent-runtime.json");
 }
 function sanitizePersistence(persisted) {
+  const recoveredAt = (/* @__PURE__ */ new Date()).toISOString();
+  const actions = Array.isArray(persisted?.actions) ? persisted.actions.slice(-120).map(
+    (action) => INTERRUPTED_ACTION_STATUSES.has(action.status) ? {
+      ...action,
+      status: "failed",
+      finishedAt: action.finishedAt ?? recoveredAt,
+      error: action.error ?? "Action was interrupted before the previous Vessel session ended."
+    } : action
+  ) : [];
   return {
     session: persisted?.session ?? null,
     supervisor: {
@@ -27526,7 +28733,7 @@ function sanitizePersistence(persisted) {
       pendingApprovals: [],
       lastError: persisted?.supervisor?.lastError
     },
-    actions: Array.isArray(persisted?.actions) ? persisted.actions.slice(-120) : [],
+    actions,
     checkpoints: Array.isArray(persisted?.checkpoints) ? persisted.checkpoints.slice(-20) : [],
     transcript: [],
     mcpStatus: "stopped",