npm - @qwen-code/qwen-code - Versions diffs - 0.9.0-preview.2 → 0.9.0-preview.3 - Mend

@qwen-code/qwen-code 0.9.0-preview.2 → 0.9.0-preview.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/cli.js +512 -525
package/package.json +2 -2

package/cli.js CHANGED Viewed

@@ -26270,21 +26270,21 @@ var init_from = __esm({
     init_fetch_blob();
     ({ stat } = fs2);
     blobFromSync = /* @__PURE__ */ __name((path123, type) => fromBlob(statSync(path123), path123, type), "blobFromSync");
-    blobFrom = /* @__PURE__ */ __name((path123, type) => stat(path123).then((stat10) => fromBlob(stat10, path123, type)), "blobFrom");
-    fileFrom = /* @__PURE__ */ __name((path123, type) => stat(path123).then((stat10) => fromFile(stat10, path123, type)), "fileFrom");
+    blobFrom = /* @__PURE__ */ __name((path123, type) => stat(path123).then((stat11) => fromBlob(stat11, path123, type)), "blobFrom");
+    fileFrom = /* @__PURE__ */ __name((path123, type) => stat(path123).then((stat11) => fromFile(stat11, path123, type)), "fileFrom");
     fileFromSync = /* @__PURE__ */ __name((path123, type) => fromFile(statSync(path123), path123, type), "fileFromSync");
-    fromBlob = /* @__PURE__ */ __name((stat10, path123, type = "") => new fetch_blob_default([new BlobDataItem({
+    fromBlob = /* @__PURE__ */ __name((stat11, path123, type = "") => new fetch_blob_default([new BlobDataItem({
       path: path123,
-      size: stat10.size,
-      lastModified: stat10.mtimeMs,
+      size: stat11.size,
+      lastModified: stat11.mtimeMs,
       start: 0
     })], { type }), "fromBlob");
-    fromFile = /* @__PURE__ */ __name((stat10, path123, type = "") => new file_default([new BlobDataItem({
+    fromFile = /* @__PURE__ */ __name((stat11, path123, type = "") => new file_default([new BlobDataItem({
       path: path123,
-      size: stat10.size,
-      lastModified: stat10.mtimeMs,
+      size: stat11.size,
+      lastModified: stat11.mtimeMs,
       start: 0
-    })], basename(path123), { type, lastModified: stat10.mtimeMs }), "fromFile");
+    })], basename(path123), { type, lastModified: stat11.mtimeMs }), "fromFile");
     BlobDataItem = class _BlobDataItem {
       static {
         __name(this, "BlobDataItem");
@@ -123529,18 +123529,18 @@ var require_async = __commonJS({
       ];
     }, "defaultPaths");
     var defaultIsFile = /* @__PURE__ */ __name(function isFile3(file, cb) {
-      fs110.stat(file, function(err, stat10) {
+      fs110.stat(file, function(err, stat11) {
         if (!err) {
-          return cb(null, stat10.isFile() || stat10.isFIFO());
+          return cb(null, stat11.isFile() || stat11.isFIFO());
         }
         if (err.code === "ENOENT" || err.code === "ENOTDIR") return cb(null, false);
         return cb(err);
       });
     }, "isFile");
     var defaultIsDir = /* @__PURE__ */ __name(function isDirectory(dir, cb) {
-      fs110.stat(dir, function(err, stat10) {
+      fs110.stat(dir, function(err, stat11) {
         if (!err) {
-          return cb(null, stat10.isDirectory());
+          return cb(null, stat11.isDirectory());
         }
         if (err.code === "ENOENT" || err.code === "ENOTDIR") return cb(null, false);
         return cb(err);
@@ -124036,21 +124036,21 @@ var require_sync = __commonJS({
     }, "defaultPaths");
     var defaultIsFile = /* @__PURE__ */ __name(function isFile3(file) {
       try {
-        var stat10 = fs110.statSync(file, { throwIfNoEntry: false });
+        var stat11 = fs110.statSync(file, { throwIfNoEntry: false });
       } catch (e4) {
         if (e4 && (e4.code === "ENOENT" || e4.code === "ENOTDIR")) return false;
         throw e4;
       }
-      return !!stat10 && (stat10.isFile() || stat10.isFIFO());
+      return !!stat11 && (stat11.isFile() || stat11.isFIFO());
     }, "isFile");
     var defaultIsDir = /* @__PURE__ */ __name(function isDirectory(dir) {
       try {
-        var stat10 = fs110.statSync(dir, { throwIfNoEntry: false });
+        var stat11 = fs110.statSync(dir, { throwIfNoEntry: false });
       } catch (e4) {
         if (e4 && (e4.code === "ENOENT" || e4.code === "ENOTDIR")) return false;
         throw e4;
       }
-      return !!stat10 && stat10.isDirectory();
+      return !!stat11 && stat11.isDirectory();
     }, "isDirectory");
     var defaultRealpathSync = /* @__PURE__ */ __name(function realpathSync8(x3) {
       try {
@@ -124476,14 +124476,14 @@ var require_require_in_the_middle = __commonJS({
           moduleName2 = parsedPath.name;
           basedir = parsedPath.dir;
         } else {
-          const stat10 = moduleDetailsFromPath(filename);
-          if (stat10 === void 0) {
+          const stat11 = moduleDetailsFromPath(filename);
+          if (stat11 === void 0) {
             debug3("could not parse filename: %s", filename);
             return exports3;
           }
-          moduleName2 = stat10.name;
-          basedir = stat10.basedir;
-          const fullModuleName = resolveModuleName(stat10);
+          moduleName2 = stat11.name;
+          basedir = stat11.basedir;
+          const fullModuleName = resolveModuleName(stat11);
           debug3("resolved filename to module: %s (id: %s, resolved: %s, basedir: %s)", moduleName2, id, fullModuleName, basedir);
           let matchFound = false;
           if (hasWhitelist) {
@@ -124547,9 +124547,9 @@ var require_require_in_the_middle = __commonJS({
         }
       }
     };
-    function resolveModuleName(stat10) {
-      const normalizedPath = path123.sep !== "/" ? stat10.path.split(path123.sep).join("/") : stat10.path;
-      return path123.posix.join(stat10.name, normalizedPath).replace(normalize11, "");
+    function resolveModuleName(stat11) {
+      const normalizedPath = path123.sep !== "/" ? stat11.path.split(path123.sep).join("/") : stat11.path;
+      return path123.posix.join(stat11.name, normalizedPath).replace(normalize11, "");
     }
     __name(resolveModuleName, "resolveModuleName");
   }
@@ -155848,7 +155848,7 @@ __export(geminiContentGenerator_exports, {
   createGeminiContentGenerator: () => createGeminiContentGenerator
 });
 function createGeminiContentGenerator(config2, gcConfig) {
-  const version2 = "0.9.0-preview.2";
+  const version2 = "0.9.0-preview.3";
   const userAgent2 = config2.userAgent || `QwenCode/${version2} (${process.platform}; ${process.arch})`;
   const baseHeaders = {
     "User-Agent": userAgent2
@@ -187415,12 +187415,12 @@ var require_src36 = __commonJS({
     function check2(path123, isFile3, isDirectory) {
       log(`checking %s`, path123);
       try {
-        const stat10 = fs_1.statSync(path123);
-        if (stat10.isFile() && isFile3) {
+        const stat11 = fs_1.statSync(path123);
+        if (stat11.isFile() && isFile3) {
           log(`[OK] path represents a file`);
           return true;
         }
-        if (stat10.isDirectory() && isDirectory) {
+        if (stat11.isDirectory() && isDirectory) {
           log(`[OK] path represents a directory`);
           return true;
         }
@@ -203472,16 +203472,16 @@ var require_windows = __commonJS({
       return false;
     }
     __name(checkPathExt, "checkPathExt");
-    function checkStat(stat10, path123, options2) {
-      if (!stat10.isSymbolicLink() && !stat10.isFile()) {
+    function checkStat(stat11, path123, options2) {
+      if (!stat11.isSymbolicLink() && !stat11.isFile()) {
         return false;
       }
       return checkPathExt(path123, options2);
     }
     __name(checkStat, "checkStat");
     function isexe(path123, options2, cb) {
-      fs110.stat(path123, function(er2, stat10) {
-        cb(er2, er2 ? false : checkStat(stat10, path123, options2));
+      fs110.stat(path123, function(er2, stat11) {
+        cb(er2, er2 ? false : checkStat(stat11, path123, options2));
       });
     }
     __name(isexe, "isexe");
@@ -203500,8 +203500,8 @@ var require_mode = __commonJS({
     isexe.sync = sync2;
     var fs110 = __require("fs");
     function isexe(path123, options2, cb) {
-      fs110.stat(path123, function(er2, stat10) {
-        cb(er2, er2 ? false : checkStat(stat10, options2));
+      fs110.stat(path123, function(er2, stat11) {
+        cb(er2, er2 ? false : checkStat(stat11, options2));
       });
     }
     __name(isexe, "isexe");
@@ -203509,14 +203509,14 @@ var require_mode = __commonJS({
       return checkStat(fs110.statSync(path123), options2);
     }
     __name(sync2, "sync");
-    function checkStat(stat10, options2) {
-      return stat10.isFile() && checkMode(stat10, options2);
+    function checkStat(stat11, options2) {
+      return stat11.isFile() && checkMode(stat11, options2);
     }
     __name(checkStat, "checkStat");
-    function checkMode(stat10, options2) {
-      var mod2 = stat10.mode;
-      var uid = stat10.uid;
-      var gid = stat10.gid;
+    function checkMode(stat11, options2) {
+      var mod2 = stat11.mode;
+      var uid = stat11.uid;
+      var gid = stat11.gid;
       var myUid = options2.uid !== void 0 ? options2.uid : process.getuid && process.getuid();
       var myGid = options2.gid !== void 0 ? options2.gid : process.getgid && process.getgid();
       var u2 = parseInt("100", 8);
@@ -204647,14 +204647,14 @@ var init_ide_client = __esm({
         const fileContents = await Promise.all(lockFiles.map(async (file) => {
           const fullPath = path32.join(ideDir, file);
           try {
-            const stat10 = await fs32.promises.stat(fullPath);
+            const stat11 = await fs32.promises.stat(fullPath);
             const content = await fs32.promises.readFile(fullPath, "utf8");
             try {
               const parsed = JSON.parse(content);
-              return { file, mtimeMs: stat10.mtimeMs, parsed };
+              return { file, mtimeMs: stat11.mtimeMs, parsed };
             } catch (e4) {
               logger.debug("Failed to parse JSON from lock file: ", e4);
-              return { file, mtimeMs: stat10.mtimeMs, parsed: void 0 };
+              return { file, mtimeMs: stat11.mtimeMs, parsed: void 0 };
             }
           } catch (e4) {
             logger.debug("Failed to read/stat IDE lock file:", e4);
@@ -210920,82 +210920,6 @@ function getMCPServerStatus(serverName) {
 function getMCPDiscoveryState() {
   return mcpDiscoveryState;
 }
-function extractWWWAuthenticateHeader(errorString) {
-  const patterns = [
-    /www-authenticate:\s*([^\n\r]+)/i,
-    /WWW-Authenticate:\s*([^\n\r]+)/i,
-    /"www-authenticate":\s*"([^"]+)"/i,
-    /'www-authenticate':\s*'([^']+)'/i
-  ];
-  for (const pattern of patterns) {
-    const match2 = errorString.match(pattern);
-    if (match2) {
-      return match2[1].trim();
-    }
-  }
-  return null;
-}
-async function handleAutomaticOAuth(mcpServerName, mcpServerConfig, wwwAuthenticate) {
-  try {
-    console.log(`\u{1F510} '${mcpServerName}' requires OAuth authentication`);
-    let oauthConfig;
-    const resourceMetadataUri = OAuthUtils.parseWWWAuthenticateHeader(wwwAuthenticate);
-    if (resourceMetadataUri) {
-      oauthConfig = await OAuthUtils.discoverOAuthConfig(resourceMetadataUri);
-    } else if (hasNetworkTransport(mcpServerConfig)) {
-      const serverUrl2 = new URL(mcpServerConfig.httpUrl || mcpServerConfig.url);
-      const baseUrl = `${serverUrl2.protocol}//${serverUrl2.host}`;
-      oauthConfig = await OAuthUtils.discoverOAuthConfig(baseUrl);
-    }
-    if (!oauthConfig) {
-      console.error(`\u274C Could not configure OAuth for '${mcpServerName}' - please authenticate manually with /mcp auth ${mcpServerName}`);
-      return false;
-    }
-    const oauthAuthConfig = {
-      enabled: true,
-      authorizationUrl: oauthConfig.authorizationUrl,
-      tokenUrl: oauthConfig.tokenUrl,
-      scopes: oauthConfig.scopes || []
-    };
-    const serverUrl = mcpServerConfig.httpUrl || mcpServerConfig.url;
-    console.log(`Starting OAuth authentication for server '${mcpServerName}'...`);
-    const authProvider = new MCPOAuthProvider(new MCPOAuthTokenStorage());
-    await authProvider.authenticate(mcpServerName, oauthAuthConfig, serverUrl);
-    console.log(`OAuth authentication successful for server '${mcpServerName}'`);
-    return true;
-  } catch (error2) {
-    console.error(`Failed to handle automatic OAuth for server '${mcpServerName}': ${getErrorMessage(error2)}`);
-    return false;
-  }
-}
-async function createTransportWithOAuth(mcpServerName, mcpServerConfig, accessToken) {
-  try {
-    if (mcpServerConfig.httpUrl) {
-      const oauthTransportOptions = {
-        requestInit: {
-          headers: {
-            ...mcpServerConfig.headers,
-            Authorization: `Bearer ${accessToken}`
-          }
-        }
-      };
-      return new StreamableHTTPClientTransport(new URL(mcpServerConfig.httpUrl), oauthTransportOptions);
-    } else if (mcpServerConfig.url) {
-      return new SSEClientTransport(new URL(mcpServerConfig.url), {
-        requestInit: {
-          headers: {
-            ...mcpServerConfig.headers,
-            Authorization: `Bearer ${accessToken}`
-          }
-        }
-      });
-    }
-    return null;
-  } catch (error2) {
-    console.error(`Failed to create OAuth transport for server '${mcpServerName}': ${getErrorMessage(error2)}`);
-    return null;
-  }
-}
 function populateMcpServerCommand(mcpServers, mcpServerCommand) {
   if (mcpServerCommand) {
     const cmd = mcpServerCommand;
@@ -211010,32 +210934,6 @@ function populateMcpServerCommand(mcpServers, mcpServerCommand) {
   }
   return mcpServers;
 }
-async function connectAndDiscover(mcpServerName, mcpServerConfig, toolRegistry, promptRegistry, debugMode, workspaceContext, cliConfig, sendSdkMcpMessage) {
-  updateMCPServerStatus(mcpServerName, MCPServerStatus.CONNECTING);
-  let mcpClient;
-  try {
-    mcpClient = await connectToMcpServer(mcpServerName, mcpServerConfig, debugMode, workspaceContext, sendSdkMcpMessage);
-    mcpClient.onerror = (error2) => {
-      console.error(`MCP ERROR (${mcpServerName}):`, error2.toString());
-      updateMCPServerStatus(mcpServerName, MCPServerStatus.DISCONNECTED);
-    };
-    const prompts3 = await discoverPrompts(mcpServerName, mcpClient, promptRegistry);
-    const tools = await discoverTools(mcpServerName, mcpServerConfig, mcpClient, cliConfig);
-    if (prompts3.length === 0 && tools.length === 0) {
-      throw new Error("No prompts or tools found on the server.");
-    }
-    updateMCPServerStatus(mcpServerName, MCPServerStatus.CONNECTED);
-    for (const tool of tools) {
-      toolRegistry.registerTool(tool);
-    }
-  } catch (error2) {
-    if (mcpClient) {
-      mcpClient.close();
-    }
-    console.error(`Error connecting to MCP server '${mcpServerName}': ${getErrorMessage(error2)}`);
-    updateMCPServerStatus(mcpServerName, MCPServerStatus.DISCONNECTED);
-  }
-}
 async function discoverTools(mcpServerName, mcpServerConfig, mcpClient, cliConfig) {
   try {
     const mcpCallableTool = mcpToTool(mcpClient, {
@@ -211101,241 +210999,6 @@ async function invokeMcpPrompt(mcpServerName, mcpClient, promptName, promptParam
     throw error2;
   }
 }
-function hasNetworkTransport(config2) {
-  return !!(config2.url || config2.httpUrl);
-}
-async function connectToMcpServer(mcpServerName, mcpServerConfig, debugMode, workspaceContext, sendSdkMcpMessage) {
-  const mcpClient = new Client({
-    name: "qwen-code-mcp-client",
-    version: "0.0.1"
-  });
-  mcpClient.registerCapabilities({
-    roots: {
-      listChanged: true
-    }
-  });
-  mcpClient.setRequestHandler(ListRootsRequestSchema, async () => {
-    const roots = [];
-    for (const dir of workspaceContext.getDirectories()) {
-      roots.push({
-        uri: pathToFileURL(dir).toString(),
-        name: basename11(dir)
-      });
-    }
-    return {
-      roots
-    };
-  });
-  let unlistenDirectories = workspaceContext.onDirectoriesChanged(async () => {
-    try {
-      await mcpClient.notification({
-        method: "notifications/roots/list_changed"
-      });
-    } catch (_2) {
-      unlistenDirectories?.();
-      unlistenDirectories = void 0;
-    }
-  });
-  const oldOnClose = mcpClient.onclose;
-  mcpClient.onclose = () => {
-    oldOnClose?.();
-    unlistenDirectories?.();
-    unlistenDirectories = void 0;
-  };
-  try {
-    const transport = await createTransport(mcpServerName, mcpServerConfig, debugMode, sendSdkMcpMessage);
-    try {
-      await mcpClient.connect(transport, {
-        timeout: mcpServerConfig.timeout ?? MCP_DEFAULT_TIMEOUT_MSEC
-      });
-      return mcpClient;
-    } catch (error2) {
-      await transport.close();
-      throw error2;
-    }
-  } catch (error2) {
-    const errorString = String(error2);
-    if (errorString.includes("401") && hasNetworkTransport(mcpServerConfig)) {
-      mcpServerRequiresOAuth.set(mcpServerName, true);
-      const shouldTriggerOAuth = mcpServerConfig.httpUrl || mcpServerConfig.oauth?.enabled;
-      if (!shouldTriggerOAuth) {
-        const tokenStorage = new MCPOAuthTokenStorage();
-        const credentials = await tokenStorage.getCredentials(mcpServerName);
-        if (credentials) {
-          const authProvider = new MCPOAuthProvider(tokenStorage);
-          const hasStoredTokens = await authProvider.getValidToken(mcpServerName, {
-            // Pass client ID if available
-            clientId: credentials.clientId
-          });
-          if (hasStoredTokens) {
-            console.log(`Stored OAuth token for SSE server '${mcpServerName}' was rejected. Please re-authenticate using: /mcp auth ${mcpServerName}`);
-          } else {
-            console.log(`401 error received for SSE server '${mcpServerName}' without OAuth configuration. Please authenticate using: /mcp auth ${mcpServerName}`);
-          }
-        }
-        throw new Error(`401 error received for SSE server '${mcpServerName}' without OAuth configuration. Please authenticate using: /mcp auth ${mcpServerName}`);
-      }
-      let wwwAuthenticate = extractWWWAuthenticateHeader(errorString);
-      if (!wwwAuthenticate && hasNetworkTransport(mcpServerConfig)) {
-        console.log(`No www-authenticate header in error, trying to fetch it from server...`);
-        try {
-          const urlToFetch = mcpServerConfig.httpUrl || mcpServerConfig.url;
-          const response = await fetch(urlToFetch, {
-            method: "HEAD",
-            headers: {
-              Accept: mcpServerConfig.httpUrl ? "application/json" : "text/event-stream"
-            },
-            signal: AbortSignal.timeout(5e3)
-          });
-          if (response.status === 401) {
-            wwwAuthenticate = response.headers.get("www-authenticate");
-            if (wwwAuthenticate) {
-              console.log(`Found www-authenticate header from server: ${wwwAuthenticate}`);
-            }
-          }
-        } catch (fetchError) {
-          console.debug(`Failed to fetch www-authenticate header: ${getErrorMessage(fetchError)}`);
-        }
-      }
-      if (wwwAuthenticate) {
-        console.log(`Received 401 with www-authenticate header: ${wwwAuthenticate}`);
-        const oauthSuccess = await handleAutomaticOAuth(mcpServerName, mcpServerConfig, wwwAuthenticate);
-        if (oauthSuccess) {
-          console.log(`Retrying connection to '${mcpServerName}' with OAuth token...`);
-          const tokenStorage = new MCPOAuthTokenStorage();
-          const credentials = await tokenStorage.getCredentials(mcpServerName);
-          if (credentials) {
-            const authProvider = new MCPOAuthProvider(tokenStorage);
-            const accessToken = await authProvider.getValidToken(mcpServerName, {
-              // Pass client ID if available
-              clientId: credentials.clientId
-            });
-            if (accessToken) {
-              const oauthTransport = await createTransportWithOAuth(mcpServerName, mcpServerConfig, accessToken);
-              if (oauthTransport) {
-                try {
-                  await mcpClient.connect(oauthTransport, {
-                    timeout: mcpServerConfig.timeout ?? MCP_DEFAULT_TIMEOUT_MSEC
-                  });
-                  return mcpClient;
-                } catch (retryError) {
-                  console.error(`Failed to connect with OAuth token: ${getErrorMessage(retryError)}`);
-                  throw retryError;
-                }
-              } else {
-                console.error(`Failed to create OAuth transport for server '${mcpServerName}'`);
-                throw new Error(`Failed to create OAuth transport for server '${mcpServerName}'`);
-              }
-            } else {
-              console.error(`Failed to get OAuth token for server '${mcpServerName}'`);
-              throw new Error(`Failed to get OAuth token for server '${mcpServerName}'`);
-            }
-          } else {
-            console.error(`Failed to get credentials for server '${mcpServerName}' after successful OAuth authentication`);
-            throw new Error(`Failed to get credentials for server '${mcpServerName}' after successful OAuth authentication`);
-          }
-        } else {
-          console.error(`Failed to handle automatic OAuth for server '${mcpServerName}'`);
-          throw new Error(`Failed to handle automatic OAuth for server '${mcpServerName}'`);
-        }
-      } else {
-        const shouldTryDiscovery = mcpServerConfig.httpUrl || mcpServerConfig.oauth?.enabled;
-        if (!shouldTryDiscovery) {
-          const tokenStorage = new MCPOAuthTokenStorage();
-          const credentials = await tokenStorage.getCredentials(mcpServerName);
-          if (credentials) {
-            const authProvider = new MCPOAuthProvider(tokenStorage);
-            const hasStoredTokens = await authProvider.getValidToken(mcpServerName, {
-              // Pass client ID if available
-              clientId: credentials.clientId
-            });
-            if (hasStoredTokens) {
-              console.log(`Stored OAuth token for SSE server '${mcpServerName}' was rejected. Please re-authenticate using: /mcp auth ${mcpServerName}`);
-            } else {
-              console.log(`401 error received for SSE server '${mcpServerName}' without OAuth configuration. Please authenticate using: /mcp auth ${mcpServerName}`);
-            }
-          }
-          throw new Error(`401 error received for SSE server '${mcpServerName}' without OAuth configuration. Please authenticate using: /mcp auth ${mcpServerName}`);
-        }
-        console.log(`\u{1F50D} Attempting OAuth discovery for '${mcpServerName}'...`);
-        if (hasNetworkTransport(mcpServerConfig)) {
-          const serverUrl = new URL(mcpServerConfig.httpUrl || mcpServerConfig.url);
-          const baseUrl = `${serverUrl.protocol}//${serverUrl.host}`;
-          try {
-            const oauthConfig = await OAuthUtils.discoverOAuthConfig(baseUrl);
-            if (oauthConfig) {
-              console.log(`Discovered OAuth configuration from base URL for server '${mcpServerName}'`);
-              const oauthAuthConfig = {
-                enabled: true,
-                authorizationUrl: oauthConfig.authorizationUrl,
-                tokenUrl: oauthConfig.tokenUrl,
-                scopes: oauthConfig.scopes || []
-              };
-              const authServerUrl = mcpServerConfig.httpUrl || mcpServerConfig.url;
-              console.log(`Starting OAuth authentication for server '${mcpServerName}'...`);
-              const authProvider = new MCPOAuthProvider(new MCPOAuthTokenStorage());
-              await authProvider.authenticate(mcpServerName, oauthAuthConfig, authServerUrl);
-              const tokenStorage = new MCPOAuthTokenStorage();
-              const credentials = await tokenStorage.getCredentials(mcpServerName);
-              if (credentials) {
-                const authProvider2 = new MCPOAuthProvider(tokenStorage);
-                const accessToken = await authProvider2.getValidToken(mcpServerName, {
-                  // Pass client ID if available
-                  clientId: credentials.clientId
-                });
-                if (accessToken) {
-                  const oauthTransport = await createTransportWithOAuth(mcpServerName, mcpServerConfig, accessToken);
-                  if (oauthTransport) {
-                    try {
-                      await mcpClient.connect(oauthTransport, {
-                        timeout: mcpServerConfig.timeout ?? MCP_DEFAULT_TIMEOUT_MSEC
-                      });
-                      return mcpClient;
-                    } catch (retryError) {
-                      console.error(`Failed to connect with OAuth token: ${getErrorMessage(retryError)}`);
-                      throw retryError;
-                    }
-                  } else {
-                    console.error(`Failed to create OAuth transport for server '${mcpServerName}'`);
-                    throw new Error(`Failed to create OAuth transport for server '${mcpServerName}'`);
-                  }
-                } else {
-                  console.error(`Failed to get OAuth token for server '${mcpServerName}'`);
-                  throw new Error(`Failed to get OAuth token for server '${mcpServerName}'`);
-                }
-              } else {
-                console.error(`Failed to get stored credentials for server '${mcpServerName}'`);
-                throw new Error(`Failed to get stored credentials for server '${mcpServerName}'`);
-              }
-            } else {
-              console.error(`\u274C Could not configure OAuth for '${mcpServerName}' - please authenticate manually with /mcp auth ${mcpServerName}`);
-              throw new Error(`OAuth configuration failed for '${mcpServerName}'. Please authenticate manually with /mcp auth ${mcpServerName}`);
-            }
-          } catch (discoveryError) {
-            console.error(`\u274C OAuth discovery failed for '${mcpServerName}' - please authenticate manually with /mcp auth ${mcpServerName}`);
-            throw discoveryError;
-          }
-        } else {
-          console.error(`\u274C '${mcpServerName}' requires authentication but no OAuth configuration found`);
-          throw new Error(`MCP server '${mcpServerName}' requires authentication. Please configure OAuth or check server settings.`);
-        }
-      }
-    } else {
-      const errorMessage = error2.message || String(error2);
-      const isNetworkError = errorMessage.includes("ENOTFOUND") || errorMessage.includes("ECONNREFUSED");
-      let conciseError;
-      if (isNetworkError) {
-        conciseError = `Cannot connect to '${mcpServerName}' - server may be down or URL incorrect`;
-      } else {
-        conciseError = `Connection failed for '${mcpServerName}': ${errorMessage}`;
-      }
-      if (process.env["SANDBOX"]) {
-        conciseError += ` (check sandbox availability)`;
-      }
-      throw new Error(conciseError);
-    }
-  }
-}
 async function createTransport(mcpServerName, mcpServerConfig, debugMode, sendSdkMcpMessage) {
   if (isSdkMcpServerConfig(mcpServerConfig)) {
     if (!sendSdkMcpMessage) {
@@ -211460,7 +211123,7 @@ function isEnabled(funcDecl, mcpServerName, mcpServerConfig) {
   }
   return !includeTools || includeTools.some((tool) => tool === funcDecl.name || tool.startsWith(`${funcDecl.name}(`));
 }
-var import_shell_quote3, MCP_DEFAULT_TIMEOUT_MSEC, MCPServerStatus, MCPDiscoveryState, McpClient, serverStatuses, mcpDiscoveryState, mcpServerRequiresOAuth, statusChangeListeners;
+var import_shell_quote3, MCP_DEFAULT_TIMEOUT_MSEC, MCPServerStatus, MCPDiscoveryState, McpClient, serverStatuses, mcpDiscoveryState, statusChangeListeners;
 var init_mcp_client = __esm({
   "packages/core/dist/src/tools/mcp-client.js"() {
     "use strict";
@@ -211592,6 +211255,15 @@ var init_mcp_client = __esm({
       getStatus() {
         return this.status;
       }
+      async readResource(uri, options2) {
+        if (this.status !== MCPServerStatus.CONNECTED) {
+          throw new Error("Client is not connected.");
+        }
+        if (this.client.getServerCapabilities()?.resources == null) {
+          throw new Error("MCP server does not support resources.");
+        }
+        return this.client.request({ method: "resources/read", params: { uri } }, ReadResourceResultSchema, options2);
+      }
       updateStatus(status) {
         this.status = status;
         updateMCPServerStatus(this.serverName, status);
@@ -211608,21 +211280,14 @@ var init_mcp_client = __esm({
     };
     serverStatuses = /* @__PURE__ */ new Map();
     mcpDiscoveryState = MCPDiscoveryState.NOT_STARTED;
-    mcpServerRequiresOAuth = /* @__PURE__ */ new Map();
     statusChangeListeners = [];
     __name(updateMCPServerStatus, "updateMCPServerStatus");
     __name(getMCPServerStatus, "getMCPServerStatus");
     __name(getMCPDiscoveryState, "getMCPDiscoveryState");
-    __name(extractWWWAuthenticateHeader, "extractWWWAuthenticateHeader");
-    __name(handleAutomaticOAuth, "handleAutomaticOAuth");
-    __name(createTransportWithOAuth, "createTransportWithOAuth");
     __name(populateMcpServerCommand, "populateMcpServerCommand");
-    __name(connectAndDiscover, "connectAndDiscover");
     __name(discoverTools, "discoverTools");
     __name(discoverPrompts, "discoverPrompts");
     __name(invokeMcpPrompt, "invokeMcpPrompt");
-    __name(hasNetworkTransport, "hasNetworkTransport");
-    __name(connectToMcpServer, "connectToMcpServer");
     __name(createTransport, "createTransport");
     __name(isEnabled, "isEnabled");
   }
@@ -211683,6 +211348,42 @@ var init_mcp_client_manager = __esm({
         await Promise.all(discoveryPromises);
         this.discoveryState = MCPDiscoveryState.COMPLETED;
       }
+      /**
+       * Connects to a single MCP server and discovers its tools/prompts.
+       * The connected client is tracked so it can be closed by {@link stop}.
+       *
+       * This is primarily used for on-demand re-discovery flows (e.g. after OAuth).
+       */
+      async discoverMcpToolsForServer(serverName, cliConfig) {
+        const servers = populateMcpServerCommand(this.cliConfig.getMcpServers() || {}, this.cliConfig.getMcpServerCommand());
+        const serverConfig = servers[serverName];
+        if (!serverConfig) {
+          return;
+        }
+        const existingClient = this.clients.get(serverName);
+        if (existingClient) {
+          try {
+            await existingClient.disconnect();
+          } catch (error2) {
+            console.error(`Error stopping client '${serverName}': ${getErrorMessage(error2)}`);
+          } finally {
+            this.clients.delete(serverName);
+            this.eventEmitter?.emit("mcp-client-update", this.clients);
+          }
+        }
+        const sdkCallback = isSdkMcpServerConfig(serverConfig) ? this.sendSdkMcpMessage : void 0;
+        const client = new McpClient(serverName, serverConfig, this.toolRegistry, this.cliConfig.getPromptRegistry(), this.cliConfig.getWorkspaceContext(), this.cliConfig.getDebugMode(), sdkCallback);
+        this.clients.set(serverName, client);
+        this.eventEmitter?.emit("mcp-client-update", this.clients);
+        try {
+          await client.connect();
+          await client.discover(cliConfig);
+        } catch (error2) {
+          console.error(`Error during discovery for server '${serverName}': ${getErrorMessage(error2)}`);
+        } finally {
+          this.eventEmitter?.emit("mcp-client-update", this.clients);
+        }
+      }
       /**
        * Stops all running local MCP servers and closes all client connections.
        * This is the cleanup method to be called on application exit.
@@ -211701,6 +211402,24 @@ var init_mcp_client_manager = __esm({
       getDiscoveryState() {
         return this.discoveryState;
       }
+      async readResource(serverName, uri, options2) {
+        let client = this.clients.get(serverName);
+        if (!client) {
+          const servers = populateMcpServerCommand(this.cliConfig.getMcpServers() || {}, this.cliConfig.getMcpServerCommand());
+          const serverConfig = servers[serverName];
+          if (!serverConfig) {
+            throw new Error(`MCP server '${serverName}' is not configured.`);
+          }
+          const sdkCallback = isSdkMcpServerConfig(serverConfig) ? this.sendSdkMcpMessage : void 0;
+          client = new McpClient(serverName, serverConfig, this.toolRegistry, this.cliConfig.getPromptRegistry(), this.cliConfig.getWorkspaceContext(), this.cliConfig.getDebugMode(), sdkCallback);
+          this.clients.set(serverName, client);
+          this.eventEmitter?.emit("mcp-client-update", this.clients);
+        }
+        if (client.getStatus() !== MCPServerStatus.CONNECTED) {
+          await client.connect();
+        }
+        return client.readResource(uri, options2);
+      }
     };
   }
 });
@@ -211714,7 +211433,6 @@ var init_tool_registry = __esm({
     "use strict";
     init_esbuild_shims();
     init_tools();
-    init_mcp_client();
     init_mcp_client_manager();
     init_mcp_tool();
     import_shell_quote4 = __toESM(require_shell_quote(), 1);
@@ -211923,11 +211641,7 @@ Signal: Signal number or \`(none)\` if no signal was received.
           }
         }
         this.config.getPromptRegistry().removePromptsByServer(serverName);
-        const mcpServers = this.config.getMcpServers() ?? {};
-        const serverConfig = mcpServers[serverName];
-        if (serverConfig) {
-          await connectAndDiscover(serverName, serverConfig, this, this.config.getPromptRegistry(), this.config.getDebugMode(), this.config.getWorkspaceContext(), this.config);
-        }
+        await this.mcpClientManager.discoverMcpToolsForServer(serverName, this.config);
       }
       async discoverAndRegisterToolsFromCommand() {
         const discoveryCmd = this.config.getToolDiscoveryCommand();
@@ -212074,6 +211788,23 @@ Signal: Signal number or \`(none)\` if no signal was received.
       getTool(name3) {
         return this.tools.get(name3);
       }
+      async readMcpResource(serverName, uri, options2) {
+        if (!this.config.isTrustedFolder()) {
+          throw new Error("MCP resources are unavailable in untrusted folders.");
+        }
+        return this.mcpClientManager.readResource(serverName, uri, options2);
+      }
+      /**
+       * Stops all MCP clients and cleans up resources.
+       * This method is idempotent and safe to call multiple times.
+       */
+      async stop() {
+        try {
+          await this.mcpClientManager.stop();
+        } catch (error2) {
+          console.error("Error stopping MCP clients:", error2);
+        }
+      }
     };
   }
 });
@@ -217698,7 +217429,7 @@ ${textContent2}
         return `Fetching content from ${this.params.url} and processing with prompt: "${displayPrompt}"`;
       }
       async shouldConfirmExecute() {
-        if (this.config.getApprovalMode() === ApprovalMode.AUTO_EDIT) {
+        if (this.config.getApprovalMode() === ApprovalMode.AUTO_EDIT || this.config.getApprovalMode() === ApprovalMode.PLAN) {
           return false;
         }
         const confirmationDetails = {
@@ -218089,7 +217820,7 @@ var init_web_search = __esm({
         return ` (Searching the web via ${provider})`;
       }
       async shouldConfirmExecute(_abortSignal) {
-        if (this.config.getApprovalMode() === ApprovalMode.AUTO_EDIT) {
+        if (this.config.getApprovalMode() === ApprovalMode.AUTO_EDIT || this.config.getApprovalMode() === ApprovalMode.PLAN) {
           return false;
         }
         const confirmationDetails = {
@@ -221097,8 +220828,8 @@ var init_esm21 = __esm({
         }
         return this._userIgnored(path123, stats);
       }
-      _isntIgnored(path123, stat10) {
-        return !this._isIgnored(path123, stat10);
+      _isntIgnored(path123, stat11) {
+        return !this._isIgnored(path123, stat11);
       }
       /**
        * Provides a set of common helpers and properties relating to symlink handling.
@@ -221402,9 +221133,15 @@ async function loadSkillsFromDir(baseDir) {
     return [];
   }
 }
+function normalizeSkillFileContent(content) {
+  let normalized2 = content.replace(/^\uFEFF/, "");
+  normalized2 = normalized2.replace(/\r\n/g, "\n").replace(/\r/g, "\n");
+  return normalized2;
+}
 function parseSkillContent(content, filePath) {
-  const frontmatterRegex = /^---\n([\s\S]*?)\n---\n([\s\S]*)$/;
-  const match2 = content.match(frontmatterRegex);
+  const normalizedContent = normalizeSkillFileContent(content);
+  const frontmatterRegex = /^---\n([\s\S]*?)\n---(?:\n|$)([\s\S]*)$/;
+  const match2 = normalizedContent.match(frontmatterRegex);
   if (!match2) {
     throw new Error("Invalid format: missing YAML frontmatter");
   }
@@ -221485,6 +221222,7 @@ var init_skill_load = __esm({
     init_yaml_parser();
     SKILL_MANIFEST_FILE = "SKILL.md";
     __name(loadSkillsFromDir, "loadSkillsFromDir");
+    __name(normalizeSkillFileContent, "normalizeSkillFileContent");
     __name(parseSkillContent, "parseSkillContent");
     __name(validateConfig, "validateConfig");
   }
@@ -221495,7 +221233,7 @@ import * as fs45 from "fs/promises";
 import * as fsSync2 from "fs";
 import * as path49 from "path";
 import * as os19 from "os";
-function normalizeSkillFileContent(content) {
+function normalizeSkillFileContent2(content) {
   let normalized2 = content.replace(/^\uFEFF/, "");
   normalized2 = normalized2.replace(/\r\n/g, "\n").replace(/\r/g, "\n");
   return normalized2;
@@ -221707,7 +221445,7 @@ var init_skill_manager = __esm({
        */
       parseSkillContent(content, filePath, level) {
         try {
-          const normalizedContent = normalizeSkillFileContent(content);
+          const normalizedContent = normalizeSkillFileContent2(content);
           const frontmatterRegex = /^---\n([\s\S]*?)\n---(?:\n|$)([\s\S]*)$/;
           const match2 = normalizedContent.match(frontmatterRegex);
           if (!match2) {
@@ -221795,9 +221533,23 @@ var init_skill_manager = __esm({
           const entries = await fs45.readdir(baseDir, { withFileTypes: true });
           const skills = [];
           for (const entry of entries) {
-            if (!entry.isDirectory())
+            const isDirectory = entry.isDirectory();
+            const isSymlink = entry.isSymbolicLink();
+            if (!isDirectory && !isSymlink)
               continue;
             const skillDir = path49.join(baseDir, entry.name);
+            if (isSymlink) {
+              try {
+                const targetStat = await fs45.stat(skillDir);
+                if (!targetStat.isDirectory()) {
+                  console.warn(`Skipping symlink ${entry.name} that does not point to a directory`);
+                  continue;
+                }
+              } catch (error2) {
+                console.warn(`Skipping invalid symlink ${entry.name}: ${error2 instanceof Error ? error2.message : "Unknown error"}`);
+                continue;
+              }
+            }
             const skillManifest = path49.join(skillDir, SKILL_MANIFEST_FILE2);
             try {
               await fs45.access(skillManifest);
@@ -221885,7 +221637,7 @@ var init_skill_manager = __esm({
         }
       }
     };
-    __name(normalizeSkillFileContent, "normalizeSkillFileContent");
+    __name(normalizeSkillFileContent2, "normalizeSkillFileContent");
   }
 });
@@ -225161,16 +224913,16 @@ var init_list = __esm({
       let fd;
       try {
         fd = fs48.openSync(file, "r");
-        const stat10 = fs48.fstatSync(fd);
+        const stat11 = fs48.fstatSync(fd);
         const readSize = opt.maxReadSize || 16 * 1024 * 1024;
-        if (stat10.size < readSize) {
-          const buf = Buffer.allocUnsafe(stat10.size);
-          const read3 = fs48.readSync(fd, buf, 0, stat10.size, 0);
+        if (stat11.size < readSize) {
+          const buf = Buffer.allocUnsafe(stat11.size);
+          const read3 = fs48.readSync(fd, buf, 0, stat11.size, 0);
           p2.end(read3 === buf.byteLength ? buf : buf.subarray(0, read3));
         } else {
           let pos2 = 0;
           const buf = Buffer.allocUnsafe(readSize);
-          while (pos2 < stat10.size) {
+          while (pos2 < stat11.size) {
             const bytesRead = fs48.readSync(fd, buf, 0, readSize, pos2);
             if (bytesRead === 0)
               break;
@@ -225195,13 +224947,13 @@ var init_list = __esm({
       const p2 = new Promise((resolve31, reject) => {
         parse14.on("error", reject);
         parse14.on("end", resolve31);
-        fs48.stat(file, (er2, stat10) => {
+        fs48.stat(file, (er2, stat11) => {
           if (er2) {
             reject(er2);
           } else {
             const stream2 = new ReadStream(file, {
               readSize,
-              size: stat10.size
+              size: stat11.size
             });
             stream2.on("error", reject);
             stream2.pipe(parse14);
@@ -225417,21 +225169,21 @@ var init_write_entry = __esm({
         return super.emit(ev, ...data);
       }
       [LSTAT]() {
-        fs49.lstat(this.absolute, (er2, stat10) => {
+        fs49.lstat(this.absolute, (er2, stat11) => {
           if (er2) {
             return this.emit("error", er2);
           }
-          this[ONLSTAT](stat10);
+          this[ONLSTAT](stat11);
         });
       }
-      [ONLSTAT](stat10) {
-        this.statCache.set(this.absolute, stat10);
-        this.stat = stat10;
-        if (!stat10.isFile()) {
-          stat10.size = 0;
+      [ONLSTAT](stat11) {
+        this.statCache.set(this.absolute, stat11);
+        this.stat = stat11;
+        if (!stat11.isFile()) {
+          stat11.size = 0;
         }
-        this.type = getType3(stat10);
-        this.emit("stat", stat10);
+        this.type = getType3(stat11);
+        this.emit("stat", stat11);
         this[PROCESS2]();
       }
       [PROCESS2]() {
@@ -225881,7 +225633,7 @@ var init_write_entry = __esm({
         return this;
       }
     };
-    getType3 = /* @__PURE__ */ __name((stat10) => stat10.isFile() ? "File" : stat10.isDirectory() ? "Directory" : stat10.isSymbolicLink() ? "SymbolicLink" : "Unsupported", "getType");
+    getType3 = /* @__PURE__ */ __name((stat11) => stat11.isFile() ? "File" : stat11.isDirectory() ? "Directory" : stat11.isSymbolicLink() ? "SymbolicLink" : "Unsupported", "getType");
   }
 });
@@ -226481,21 +226233,21 @@ var init_pack = __esm({
       [STAT](job) {
         job.pending = true;
         this[JOBS] += 1;
-        const stat10 = this.follow ? "stat" : "lstat";
-        fs50[stat10](job.absolute, (er2, stat11) => {
+        const stat11 = this.follow ? "stat" : "lstat";
+        fs50[stat11](job.absolute, (er2, stat12) => {
           job.pending = false;
           this[JOBS] -= 1;
           if (er2) {
             this.emit("error", er2);
           } else {
-            this[ONSTAT](job, stat11);
+            this[ONSTAT](job, stat12);
           }
         });
       }
-      [ONSTAT](job, stat10) {
-        this.statCache.set(job.absolute, stat10);
-        job.stat = stat10;
-        if (!this.filter(job.path, stat10)) {
+      [ONSTAT](job, stat11) {
+        this.statCache.set(job.absolute, stat11);
+        job.stat = stat11;
+        if (!this.filter(job.path, stat11)) {
           job.ignore = true;
         }
         this[PROCESS3]();
@@ -226677,8 +226429,8 @@ var init_pack = __esm({
       resume() {
       }
       [STAT](job) {
-        const stat10 = this.follow ? "statSync" : "lstatSync";
-        this[ONSTAT](job, fs50[stat10](job.absolute));
+        const stat11 = this.follow ? "statSync" : "lstatSync";
+        this[ONSTAT](job, fs50[stat11](job.absolute));
       }
       [READDIR](job) {
         this[ONREADDIR](job, fs50.readdirSync(job.absolute));
@@ -227978,11 +227730,11 @@ var init_extract = __esm({
     extractFileSync = /* @__PURE__ */ __name((opt) => {
       const u2 = new UnpackSync(opt);
       const file = opt.file;
-      const stat10 = fs55.statSync(file);
+      const stat11 = fs55.statSync(file);
       const readSize = opt.maxReadSize || 16 * 1024 * 1024;
       const stream2 = new ReadStreamSync(file, {
         readSize,
-        size: stat10.size
+        size: stat11.size
       });
       stream2.pipe(u2);
     }, "extractFileSync");
@@ -227993,13 +227745,13 @@ var init_extract = __esm({
       const p2 = new Promise((resolve31, reject) => {
         u2.on("error", reject);
         u2.on("close", resolve31);
-        fs55.stat(file, (er2, stat10) => {
+        fs55.stat(file, (er2, stat11) => {
           if (er2) {
             reject(er2);
           } else {
             const stream2 = new ReadStream(file, {
               readSize,
-              size: stat10.size
+              size: stat11.size
             });
             stream2.on("error", reject);
             stream2.pipe(u2);
@@ -228244,9 +227996,9 @@ var init_update = __esm({
       if (!opt.mtimeCache) {
         opt.mtimeCache = /* @__PURE__ */ new Map();
       }
-      opt.filter = filter4 ? (path123, stat10) => filter4(path123, stat10) && !/* c8 ignore start */
-      ((opt.mtimeCache?.get(path123) ?? stat10.mtime ?? 0) > (stat10.mtime ?? 0)) : (path123, stat10) => !/* c8 ignore start */
-      ((opt.mtimeCache?.get(path123) ?? stat10.mtime ?? 0) > (stat10.mtime ?? 0));
+      opt.filter = filter4 ? (path123, stat11) => filter4(path123, stat11) && !/* c8 ignore start */
+      ((opt.mtimeCache?.get(path123) ?? stat11.mtime ?? 0) > (stat11.mtime ?? 0)) : (path123, stat11) => !/* c8 ignore start */
+      ((opt.mtimeCache?.get(path123) ?? stat11.mtime ?? 0) > (stat11.mtime ?? 0));
     }, "mtimeFilter");
   }
 });
@@ -232923,8 +232675,8 @@ async function collectResources(resourcePaths, pluginRoot, destDir) {
       console.warn(`Resource path not found: ${resolvedPath}`);
       continue;
     }
-    const stat10 = fs60.statSync(resolvedPath);
-    if (stat10.isDirectory()) {
+    const stat11 = fs60.statSync(resolvedPath);
+    if (stat11.isDirectory()) {
       const dirName = path62.basename(resolvedPath);
       const parentDir = path62.dirname(resolvedPath);
       if (dirName === destFolderName && parentDir === pluginRoot) {
@@ -243032,12 +242784,6 @@ var init_config3 = __esm({
       getSessionId() {
         return this.sessionId;
       }
-      /**
-       * Releases resources owned by the config instance.
-       */
-      async shutdown() {
-        this.skillManager?.stopWatching();
-      }
       /**
        * Starts a new session and resets session-scoped services.
        */
@@ -243172,6 +242918,24 @@ var init_config3 = __esm({
       getToolRegistry() {
         return this.toolRegistry;
       }
+      /**
+       * Shuts down the Config and releases all resources.
+       * This method is idempotent and safe to call multiple times.
+       * It handles the case where initialization was not completed.
+       */
+      async shutdown() {
+        if (!this.initialized) {
+          return;
+        }
+        try {
+          this.skillManager?.stopWatching();
+          if (this.toolRegistry) {
+            await this.toolRegistry.stop();
+          }
+        } catch (error2) {
+          console.error("Error during Config shutdown:", error2);
+        }
+      }
       getPromptRegistry() {
         return this.promptRegistry;
       }
@@ -245917,12 +245681,12 @@ var require_resolve_symlink = __commonJS({
       fs_1.default.realpath(path123, (error2, resolvedPath) => {
         if (error2)
           return queue.dequeue(suppressErrors ? null : error2, state);
-        fs_1.default.stat(resolvedPath, (error3, stat10) => {
+        fs_1.default.stat(resolvedPath, (error3, stat11) => {
           if (error3)
             return queue.dequeue(suppressErrors ? null : error3, state);
-          if (stat10.isDirectory() && isRecursive(path123, resolvedPath, state))
+          if (stat11.isDirectory() && isRecursive(path123, resolvedPath, state))
             return queue.dequeue(null, state);
-          callback(stat10, resolvedPath);
+          callback(stat11, resolvedPath);
           queue.dequeue(null, state);
         });
       });
@@ -245932,10 +245696,10 @@ var require_resolve_symlink = __commonJS({
       queue.enqueue();
       try {
         const resolvedPath = fs_1.default.realpathSync(path123);
-        const stat10 = fs_1.default.statSync(resolvedPath);
-        if (stat10.isDirectory() && isRecursive(path123, resolvedPath, state))
+        const stat11 = fs_1.default.statSync(resolvedPath);
+        if (stat11.isDirectory() && isRecursive(path123, resolvedPath, state))
           return;
-        callback(stat10, resolvedPath);
+        callback(stat11, resolvedPath);
       } catch (e4) {
         if (!suppressErrors)
           throw e4;
@@ -246254,8 +246018,8 @@ var require_walker = __commonJS({
             this.walkDirectory(this.state, path123, path123, depth - 1, this.walk);
           } else if (this.resolveSymlink && entry.isSymbolicLink()) {
             let path123 = joinPath.joinPathWithBasePath(entry.name, directoryPath);
-            this.resolveSymlink(path123, this.state, (stat10, resolvedPath) => {
-              if (stat10.isDirectory()) {
+            this.resolveSymlink(path123, this.state, (stat11, resolvedPath) => {
+              if (stat11.isDirectory()) {
                 resolvedPath = (0, utils_1.normalizePath)(resolvedPath, this.state.options);
                 if (exclude && exclude(entry.name, useRealPaths ? resolvedPath : path123 + pathSeparator))
                   return;
@@ -248183,7 +247947,7 @@ var init_skills = __esm({
 import * as fs70 from "node:fs";
 import * as path75 from "node:path";
 import * as https5 from "node:https";
-import { stat as stat6 } from "node:fs/promises";
+import { stat as stat7 } from "node:fs/promises";
 function parseSourceAndPluginName(source2) {
   const urlSchemes = ["http://", "https://", "git@", "sso://"];
   let repoEndIndex = source2.length;
@@ -248308,7 +248072,7 @@ async function parseInstallSource(source2) {
     }
   } else {
     try {
-      await stat6(repo);
+      await stat7(repo);
       installMetadata = {
         source: repo,
         type: "local",
@@ -373328,7 +373092,7 @@ __name(getPackageJson, "getPackageJson");
 // packages/cli/src/utils/version.ts
 async function getCliVersion() {
   const pkgJson = await getPackageJson();
-  return "0.9.0-preview.2";
+  return "0.9.0-preview.3";
 }
 __name(getCliVersion, "getCliVersion");
@@ -380864,7 +380628,7 @@ var formatDuration = /* @__PURE__ */ __name((milliseconds) => {
 // packages/cli/src/generated/git-commit.ts
 init_esbuild_shims();
-var GIT_COMMIT_INFO2 = "525cb380";
+var GIT_COMMIT_INFO2 = "365cfbdd";
 // packages/cli/src/utils/systemInfo.ts
 async function getNpmVersion() {
@@ -387307,6 +387071,161 @@ function parseAllAtCommands(query) {
   );
 }
 __name(parseAllAtCommands, "parseAllAtCommands");
+function getConfiguredMcpServerNames(config2) {
+  const names = new Set(Object.keys(config2.getMcpServers() ?? {}));
+  if (config2.getMcpServerCommand()) {
+    names.add("mcp");
+  }
+  return names;
+}
+__name(getConfiguredMcpServerNames, "getConfiguredMcpServerNames");
+function normalizeMcpResourceUri(serverName, resource) {
+  if (resource.includes("://")) {
+    return resource;
+  }
+  const cleaned = resource.startsWith("/") ? resource.slice(1) : resource;
+  return `${serverName}://${cleaned}`;
+}
+__name(normalizeMcpResourceUri, "normalizeMcpResourceUri");
+function splitLeadingToken(text) {
+  let i3 = 0;
+  while (i3 < text.length && /\s/.test(text[i3])) {
+    i3++;
+  }
+  if (i3 >= text.length) {
+    return null;
+  }
+  let token2 = "";
+  let inEscape = false;
+  while (i3 < text.length) {
+    const char = text[i3];
+    if (inEscape) {
+      token2 += char;
+      inEscape = false;
+      i3++;
+      continue;
+    }
+    if (char === "\\") {
+      inEscape = true;
+      i3++;
+      continue;
+    }
+    if (/[,\s;!?()[\]{}]/.test(char)) {
+      break;
+    }
+    if (char === ".") {
+      const nextChar = i3 + 1 < text.length ? text[i3 + 1] : "";
+      if (nextChar === "" || /\s/.test(nextChar)) {
+        break;
+      }
+    }
+    token2 += char;
+    i3++;
+  }
+  if (!token2) {
+    return null;
+  }
+  return { token: token2, rest: text.slice(i3) };
+}
+__name(splitLeadingToken, "splitLeadingToken");
+function extractMcpResourceAtReferences(parts, config2) {
+  const configuredServers = getConfiguredMcpServerNames(config2);
+  const refs = [];
+  const merged = [];
+  for (let i3 = 0; i3 < parts.length; i3++) {
+    const part = parts[i3];
+    if (part.type !== "atPath") {
+      merged.push(part);
+      continue;
+    }
+    const atText = part.content;
+    const colonIndex = atText.indexOf(":");
+    if (!atText.startsWith("@") || colonIndex <= 1) {
+      merged.push(part);
+      continue;
+    }
+    const serverName = atText.slice(1, colonIndex);
+    if (!configuredServers.has(serverName)) {
+      merged.push(part);
+      continue;
+    }
+    let resource = atText.slice(colonIndex + 1);
+    if (!resource) {
+      const next = parts[i3 + 1];
+      if (next?.type === "text") {
+        const tokenInfo = splitLeadingToken(next.content);
+        if (tokenInfo) {
+          resource = tokenInfo.token;
+          const remainingText = tokenInfo.rest;
+          parts[i3 + 1] = { type: "text", content: remainingText };
+        }
+      }
+    }
+    if (!resource) {
+      merged.push({ type: "text", content: atText });
+      continue;
+    }
+    const normalizedResource = resource.includes("://") ? resource : resource.startsWith("/") ? resource.slice(1) : resource;
+    const normalizedAtCommand = `@${serverName}:${normalizedResource}`;
+    refs.push({
+      atCommand: normalizedAtCommand,
+      serverName,
+      uri: normalizeMcpResourceUri(serverName, normalizedResource)
+    });
+    merged.push({ type: "atPath", content: normalizedAtCommand });
+  }
+  return {
+    parts: merged.filter(
+      (p2) => !(p2.type === "text" && p2.content.trim() === "")
+    ),
+    refs
+  };
+}
+__name(extractMcpResourceAtReferences, "extractMcpResourceAtReferences");
+function formatMcpResourceContents(raw2, limits) {
+  if (!raw2 || typeof raw2 !== "object") {
+    return "[Error: Invalid MCP resource response]";
+  }
+  const contents = raw2.contents;
+  if (!Array.isArray(contents)) {
+    return "[Error: Invalid MCP resource response]";
+  }
+  const parts = [];
+  for (const item of contents) {
+    if (!item || typeof item !== "object") {
+      continue;
+    }
+    const text = item.text;
+    const blob = item.blob;
+    const mimeType = item.mimeType;
+    if (typeof text === "string") {
+      parts.push(text);
+      continue;
+    }
+    if (typeof blob === "string") {
+      const mimeTypeLabel = typeof mimeType === "string" ? mimeType : "application/octet-stream";
+      parts.push(
+        `[Binary MCP resource omitted (mimeType: ${mimeTypeLabel}, bytes: ${blob.length})]`
+      );
+    }
+  }
+  let combined = parts.join("\n\n");
+  const maxLines = limits.maxLinesPerResource;
+  if (Number.isFinite(maxLines)) {
+    const lines = combined.split("\n");
+    if (lines.length > maxLines) {
+      combined = `${lines.slice(0, maxLines).join("\n")}
+[truncated]`;
+    }
+  }
+  const maxChars = limits.maxCharsPerResource;
+  if (Number.isFinite(maxChars) && combined.length > maxChars) {
+    combined = `${combined.slice(0, maxChars)}
+[truncated]`;
+  }
+  return combined;
+}
+__name(formatMcpResourceContents, "formatMcpResourceContents");
 async function handleAtCommand({
   query,
   config: config2,
@@ -387315,10 +387234,15 @@ async function handleAtCommand({
   messageId: userMessageTimestamp,
   signal
 }) {
-  const commandParts = parseAllAtCommands(query);
+  const parsedParts = parseAllAtCommands(query);
+  const { parts: commandParts, refs: mcpResourceRefs } = extractMcpResourceAtReferences(parsedParts, config2);
+  const mcpAtCommands = new Set(mcpResourceRefs.map((r5) => r5.atCommand));
   const atPathCommandParts = commandParts.filter(
     (part) => part.type === "atPath"
   );
+  const fileAtPathCommandParts = atPathCommandParts.filter(
+    (part) => !mcpAtCommands.has(part.content)
+  );
   if (atPathCommandParts.length === 0) {
     return { processedQuery: [{ text: query }], shouldProceed: true };
   }
@@ -387335,14 +387259,7 @@ async function handleAtCommand({
   const toolRegistry = config2.getToolRegistry();
   const readManyFilesTool = toolRegistry.getTool("read_many_files");
   const globTool = toolRegistry.getTool("glob");
-  if (!readManyFilesTool) {
-    addItem(
-      { type: "error", text: "Error: read_many_files tool not found." },
-      userMessageTimestamp
-    );
-    return { processedQuery: null, shouldProceed: false };
-  }
-  for (const atPathPart of atPathCommandParts) {
+  for (const atPathPart of fileAtPathCommandParts) {
     const originalAtPath = atPathPart.content;
     if (originalAtPath === "@") {
       onDebugMessage(
@@ -387502,7 +387419,7 @@ ${messages.join("\n")}`;
     console.log(message);
     onDebugMessage(message);
   }
-  if (pathSpecsToRead.length === 0) {
+  if (pathSpecsToRead.length === 0 && mcpResourceRefs.length === 0) {
     onDebugMessage("No valid file paths found in @ commands to read.");
     if (initialQueryText === "@" && query.trim() === "@") {
       return { processedQuery: [{ text: query }], shouldProceed: true };
@@ -387515,76 +387432,146 @@ ${messages.join("\n")}`;
     };
   }
   const processedQueryParts = [{ text: initialQueryText }];
-  const toolArgs = {
-    paths: pathSpecsToRead,
-    file_filtering_options: {
-      respect_git_ignore: respectFileIgnore.respectGitIgnore,
-      respect_qwen_ignore: respectFileIgnore.respectQwenIgnore
+  const toolDisplays = [];
+  if (pathSpecsToRead.length > 0) {
+    if (!readManyFilesTool) {
+      addItem(
+        { type: "error", text: "Error: read_many_files tool not found." },
+        userMessageTimestamp
+      );
+      return { processedQuery: null, shouldProceed: false };
     }
-    // Use configuration setting
-  };
-  let toolCallDisplay;
-  let invocation = void 0;
-  try {
-    invocation = readManyFilesTool.build(toolArgs);
-    const result = await invocation.execute(signal);
-    toolCallDisplay = {
-      callId: `client-read-${userMessageTimestamp}`,
-      name: readManyFilesTool.displayName,
-      description: invocation.getDescription(),
-      status: "Success" /* Success */,
-      resultDisplay: result.returnDisplay || `Successfully read: ${contentLabelsForDisplay.join(", ")}`,
-      confirmationDetails: void 0
-    };
-    if (Array.isArray(result.llmContent)) {
-      const fileContentRegex = /^--- (.*?) ---\n\n([\s\S]*?)\n\n$/;
-      processedQueryParts.push({
-        text: "\n--- Content from referenced files ---"
+    const toolArgs = {
+      paths: pathSpecsToRead,
+      file_filtering_options: {
+        respect_git_ignore: respectFileIgnore.respectGitIgnore,
+        respect_qwen_ignore: respectFileIgnore.respectQwenIgnore
+      }
+      // Use configuration setting
+    };
+    let invocation = void 0;
+    try {
+      invocation = readManyFilesTool.build(toolArgs);
+      const result = await invocation.execute(signal);
+      toolDisplays.push({
+        callId: `client-read-${userMessageTimestamp}`,
+        name: readManyFilesTool.displayName,
+        description: invocation.getDescription(),
+        status: "Success" /* Success */,
+        resultDisplay: result.returnDisplay || `Successfully read: ${contentLabelsForDisplay.join(", ")}`,
+        confirmationDetails: void 0
       });
-      for (const part of result.llmContent) {
-        if (typeof part === "string") {
-          const match2 = fileContentRegex.exec(part);
-          if (match2) {
-            const filePathSpecInContent = match2[1];
-            const fileActualContent = match2[2].trim();
-            processedQueryParts.push({
-              text: `
+      if (Array.isArray(result.llmContent)) {
+        const fileContentRegex = /^--- (.*?) ---\n\n([\s\S]*?)\n\n$/;
+        processedQueryParts.push({
+          text: "\n--- Content from referenced files ---"
+        });
+        for (const part of result.llmContent) {
+          if (typeof part === "string") {
+            const match2 = fileContentRegex.exec(part);
+            if (match2) {
+              const filePathSpecInContent = match2[1];
+              const fileActualContent = match2[2].trim();
+              processedQueryParts.push({
+                text: `
 Content from @${filePathSpecInContent}:
 `
-            });
-            processedQueryParts.push({ text: fileActualContent });
+              });
+              processedQueryParts.push({ text: fileActualContent });
+            } else {
+              processedQueryParts.push({ text: part });
+            }
           } else {
-            processedQueryParts.push({ text: part });
+            processedQueryParts.push(part);
           }
-        } else {
-          processedQueryParts.push(part);
         }
+      } else {
+        onDebugMessage(
+          "read_many_files tool returned no content or empty content."
+        );
       }
-    } else {
-      onDebugMessage(
-        "read_many_files tool returned no content or empty content."
+    } catch (error2) {
+      toolDisplays.push({
+        callId: `client-read-${userMessageTimestamp}`,
+        name: readManyFilesTool.displayName,
+        description: invocation?.getDescription() ?? "Error attempting to execute tool to read files",
+        status: "Error" /* Error */,
+        resultDisplay: `Error reading files (${contentLabelsForDisplay.join(", ")}): ${getErrorMessage(error2)}`,
+        confirmationDetails: void 0
+      });
+      addItem(
+        { type: "tool_group", tools: toolDisplays },
+        userMessageTimestamp
       );
+      return { processedQuery: null, shouldProceed: false };
     }
+  }
+  if (mcpResourceRefs.length > 0) {
+    const totalCharLimit = config2.getTruncateToolOutputThreshold();
+    const totalLineLimit = config2.getTruncateToolOutputLines();
+    const maxCharsPerResource = Number.isFinite(totalCharLimit) ? Math.floor(totalCharLimit / Math.max(1, mcpResourceRefs.length)) : Number.POSITIVE_INFINITY;
+    const maxLinesPerResource = Number.isFinite(totalLineLimit) ? Math.floor(totalLineLimit / Math.max(1, mcpResourceRefs.length)) : Number.POSITIVE_INFINITY;
+    processedQueryParts.push({
+      text: "\n--- Content from referenced MCP resources ---"
+    });
+    for (let i3 = 0; i3 < mcpResourceRefs.length; i3++) {
+      const ref = mcpResourceRefs[i3];
+      let resourceResult;
+      try {
+        if (signal.aborted) {
+          const error2 = new Error("MCP resource read aborted");
+          error2.name = "AbortError";
+          throw error2;
+        }
+        resourceResult = await toolRegistry.readMcpResource(
+          ref.serverName,
+          ref.uri,
+          { signal }
+        );
+        toolDisplays.push({
+          callId: `client-mcp-resource-${userMessageTimestamp}-${i3}`,
+          name: "McpResourceRead",
+          description: `Read MCP resource ${ref.uri} (server: ${ref.serverName})`,
+          status: "Success" /* Success */,
+          resultDisplay: `Read: ${ref.uri}`,
+          confirmationDetails: void 0
+        });
+      } catch (error2) {
+        toolDisplays.push({
+          callId: `client-mcp-resource-${userMessageTimestamp}-${i3}`,
+          name: "McpResourceRead",
+          description: `Read MCP resource ${ref.uri} (server: ${ref.serverName})`,
+          status: "Error" /* Error */,
+          resultDisplay: `Error reading MCP resource (${ref.uri}): ${getErrorMessage(error2)}`,
+          confirmationDetails: void 0
+        });
+        addItem(
+          { type: "tool_group", tools: toolDisplays },
+          userMessageTimestamp
+        );
+        return { processedQuery: null, shouldProceed: false };
+      }
+      processedQueryParts.push({
+        text: `
+Content from ${ref.atCommand}:
+`
+      });
+      processedQueryParts.push({
+        text: formatMcpResourceContents(resourceResult, {
+          maxCharsPerResource,
+          maxLinesPerResource
+        })
+      });
+    }
+    processedQueryParts.push({ text: "\n--- End of MCP resource content ---" });
+  }
+  if (toolDisplays.length > 0) {
     addItem(
-      { type: "tool_group", tools: [toolCallDisplay] },
-      userMessageTimestamp
-    );
-    return { processedQuery: processedQueryParts, shouldProceed: true };
-  } catch (error2) {
-    toolCallDisplay = {
-      callId: `client-read-${userMessageTimestamp}`,
-      name: readManyFilesTool.displayName,
-      description: invocation?.getDescription() ?? "Error attempting to execute tool to read files",
-      status: "Error" /* Error */,
-      resultDisplay: `Error reading files (${contentLabelsForDisplay.join(", ")}): ${getErrorMessage(error2)}`,
-      confirmationDetails: void 0
-    };
-    addItem(
-      { type: "tool_group", tools: [toolCallDisplay] },
+      { type: "tool_group", tools: toolDisplays },
       userMessageTimestamp
     );
-    return { processedQuery: null, shouldProceed: false };
   }
+  return { processedQuery: processedQueryParts, shouldProceed: true };
 }
 __name(handleAtCommand, "handleAtCommand");
@@ -434286,7 +434273,7 @@ var GeminiAgent = class {
       name: APPROVAL_MODE_INFO[mode].name,
       description: APPROVAL_MODE_INFO[mode].description
     }));
-    const version2 = "0.9.0-preview.2";
+    const version2 = "0.9.0-preview.3";
     return {
       protocolVersion: PROTOCOL_VERSION,
       agentInfo: {