@rallycry/conveyor-agent 7.3.1 → 7.3.3

package/dist/{chunk-2YHZHOR2.js → chunk-COJPX2QI.js}

@@ -411,12 +411,22 @@ ${q.question}${q.options.length ? "\n" + q.options.map((o) => `- ${o.label}: ${o
   triggerIdentification() {
     return this.call("triggerIdentification", { sessionId: this.config.sessionId });
   }
+  getCumulativeSpending() {
+    return this.call("getCumulativeSpending", { sessionId: this.config.sessionId });
+  }
   async refreshAuthToken() {
     const codespaceName = process.env.CODESPACE_NAME || process.env.CLAUDESPACE_NAME;
     const apiUrl = this.config.apiUrl;
     if (!codespaceName || !apiUrl) return false;
     try {
-      const response = await fetch(`${apiUrl}/api/codespace/bootstrap/${codespaceName}`);
+      const bootstrapToken = process.env.CONVEYOR_BOOTSTRAP_TOKEN;
+      const headers = {};
+      if (bootstrapToken) {
+        headers["x-codespace-token"] = bootstrapToken;
+      }
+      const response = await fetch(`${apiUrl}/api/codespace/bootstrap/${codespaceName}`, {
+        headers
+      });
       if (!response.ok) return false;
       const config = await response.json();
       if (config.envVars?.CLAUDE_CODE_OAUTH_TOKEN) {
@@ -2253,7 +2263,7 @@ import { z } from "zod";
 function buildReadTaskChatTool(connection) {
   return defineTool(
     "read_task_chat",
-    "Read recent messages from a task chat. Omit task_id to read the current task's chat, or provide a child task ID to read a child's chat.",
+    "Read recent human/user chat messages for a task. When to use: you need to see user instructions, questions, or feedback posted to the task chat. Omit task_id for the current task, or pass a child task ID to read a child's chat. When NOT to use: for agent reasoning, tool calls, or setup/dev-server output \u2014 use get_task_cli instead. Returns: JSON array of recent chat messages (default 20).",
     {
       limit: z.number().optional().describe("Number of recent messages to fetch (default 20)"),
       task_id: z.string().optional().describe("Child task ID to read chat from. Omit to read the current task's chat.")
@@ -2280,7 +2290,7 @@ function buildReadTaskChatTool(connection) {
 function buildGetTaskPlanTool(connection) {
   return defineTool(
     "get_task_plan",
-    "Re-read the latest task plan in case it was updated",
+    "Re-read the current task's plan. When to use: the user just said they updated the plan mid-session or explicitly asked you to re-read it. When NOT to use: to fetch general task info (title, status, description) \u2014 use get_task. The plan was already included in your initial context, so do not call this speculatively. Returns: the plan markdown string.",
     {},
     async () => {
       try {
@@ -2298,7 +2308,7 @@ function buildGetTaskPlanTool(connection) {
 function buildGetTaskTool(connection) {
   return defineTool(
     "get_task",
-    "Look up a task by slug or ID to get its title, description, plan, and status",
+    "Look up any task by slug or ID. When to use: you need the current title, description, plan, status, branch, PR info, or story points for this or a related task. When NOT to use: to list child tasks (use list_subtasks), or to re-read only the current plan (use get_task_plan). Returns: JSON task object including id, slug, title, description, plan, status, branch, githubPRNumber, githubPRUrl, storyPointValue.",
     {
       slug_or_id: z.string().describe("The task slug (e.g. 'my-task') or CUID")
     },
@@ -2321,7 +2331,7 @@ function buildGetTaskTool(connection) {
 function buildGetTaskCliTool(connection) {
   return defineTool(
     "get_task_cli",
-    "Read CLI execution logs from a task. Returns agent reasoning, tool calls, setup output, and other execution events. Use 'source' to filter: 'agent' for agent reasoning/tool calls only, 'application' for setup/dev-server output only.",
+    "Read CLI execution logs from a task \u2014 agent reasoning, tool calls, and setup/dev-server output. When to use: inspecting what another agent did, debugging build/setup output, or reviewing prior tool calls. Filter with source='agent' for reasoning and tool calls only, source='application' for setup/dev-server output only. When NOT to use: for human/user chat \u2014 use read_task_chat. Returns: newline-joined event log lines each prefixed with `[timestamp] [type]` and formatted content.",
     {
       task_id: z.string().optional().describe("Task ID or slug. Omit to read logs from the current task."),
       source: z.enum(["agent", "application"]).optional().describe("Filter by log source. Omit for all logs."),
@@ -2354,7 +2364,7 @@ function buildGetTaskCliTool(connection) {
 function buildListTaskFilesTool(connection) {
   return defineTool(
     "list_task_files",
-    "List all files attached to this task with metadata (name, type, size) and download URLs",
+    "List all files attached to this task with metadata. When to use: before fetching a specific file, to see what is available and how large each is. When NOT to use: to read a file's contents \u2014 use get_task_file. Returns: JSON array of file metadata (id, name, mimeType, size, downloadUrl), plus inline image blocks for any attached images.",
     {},
     async () => {
       try {
@@ -2384,7 +2394,7 @@ function buildListTaskFilesTool(connection) {
 function buildGetTaskFileTool(connection) {
   return defineTool(
     "get_task_file",
-    "Get a specific task file's content and download URL by file ID",
+    "Fetch one task file's content plus metadata by file ID. When to use: you have a file ID from list_task_files and need its content or download URL. Call list_task_files first to discover IDs and check sizes \u2014 large binaries may be truncated by the service's size limit. When NOT to use: to enumerate attachments \u2014 use list_task_files. Returns: JSON metadata; for images an inline image block is also returned, and text content is embedded inline when available.",
     { fileId: z.string().describe("The file ID to retrieve") },
     async ({ fileId }) => {
       try {
@@ -2427,7 +2437,7 @@ import { z as z2 } from "zod";
 function buildGetDependenciesTool(connection) {
   return defineTool(
     "get_dependencies",
-    "Get this task's dependencies and their current status (met = merged to dev)",
+    "Get this task's dependencies and their current met/unmet status. When to use: confirming that blockers have been merged before starting work, or investigating why a task cannot start. When NOT to use: to look up a specific task's state \u2014 use get_task. Returns: JSON array of dependency objects (slug, title, status, and whether the dependency is met \u2014 met means merged to dev).",
     {},
     async () => {
       try {
@@ -2447,15 +2457,19 @@ function buildGetDependenciesTool(connection) {
 function buildGetSuggestionsTool(connection) {
   return defineTool(
     "get_suggestions",
-    "List project suggestions sorted by vote score. Use this to see what the team thinks is important.",
+    "List project suggestions sorted by vote score. When to use: seeing what the team thinks is important, finding a suggestion to vote on, or checking for duplicates before create_suggestion. Filter by status (Planning, Open, InProgress, ReviewPR, ReviewDev, ReviewLive, Complete, Cancelled) or cap results with limit (default 20). When NOT to use: for task lists \u2014 suggestions are project-level idea records, not tasks. Returns: JSON array of suggestions with id, title, description, status, score.",
     {
-      status: z2.string().optional().describe("Filter by status: Open, Accepted, Rejected, Implemented"),
-      limit: z2.number().optional().describe("Max results (default 20)")
+      status: z2.string().optional().describe(
+        "Filter by status: Planning, Open, InProgress, ReviewPR, ReviewDev, ReviewLive, Complete, Cancelled"
+      ),
+      limit: z2.number().int().min(1).max(100).optional().describe("Max results (default 20)")
     },
-    async ({ status: _status, limit: _limit }) => {
+    async ({ status, limit }) => {
       try {
         const suggestions = await connection.call("getSuggestions", {
-          sessionId: connection.sessionId
+          sessionId: connection.sessionId,
+          status,
+          limit
         });
         if (suggestions.length === 0) {
           return textResult("No suggestions found.");
@@ -2476,7 +2490,7 @@ import { z as z3 } from "zod";
 function buildPostToChatTool(connection) {
   return defineTool(
     "post_to_chat",
-    "Post a message to a task chat. Your normal replies already appear in chat \u2014 only use this for explicit out-of-band updates or posting to a child task's chat.",
+    "Post an out-of-band message to a task chat. When to use: the user explicitly asked for a status update that must appear in chat, or you need to message a child task's chat (pass its ID as task_id). When NOT to use: for normal responses \u2014 your regular replies already appear in the current task's chat automatically. Returns: confirmation string.",
     {
       message: z3.string().describe("The message to post to the team"),
       task_id: z3.string().optional().describe("Child task ID to post to. Omit to post to the current task's chat.")
@@ -2504,7 +2518,7 @@ function buildPostToChatTool(connection) {
 function buildForceUpdateTaskStatusTool(connection) {
   return defineTool(
     "force_update_task_status",
-    "EMERGENCY ONLY: Force-override a task's Kanban status. Status transitions happen automatically (building sets InProgress, PR creation sets ReviewPR, merge sets ReviewDev). Only use this if an automatic transition failed or a task is stuck in the wrong status. Omit task_id to update the current task, or provide a child task ID.",
+    "EMERGENCY ONLY: force-override a task's Kanban status. When to use: an automatic transition failed and the task is wedged \u2014 e.g. a PR was merged but status did not advance to ReviewDev, a build completed but status is still InProgress with no session running, or a child is stuck in ReviewPR after its PR was closed. When NOT to use: in normal flow \u2014 building, PR creation, and merge each transition status automatically. Omit task_id for the current task; pass a child task ID to update a child. Returns: confirmation string.",
     {
       status: z3.enum(["InProgress", "ReviewPR", "ReviewDev", "Complete"]).describe("The new status for the task"),
       task_id: z3.string().optional().describe("Child task ID to update. Omit to update the current task.")
@@ -2536,7 +2550,7 @@ function buildForceUpdateTaskStatusTool(connection) {
 function buildCreatePullRequestTool(connection, config) {
   return defineTool(
     "create_pull_request",
-    "Create a GitHub pull request for this task. Automatically stages uncommitted changes, commits them, and pushes before creating the PR. Use this instead of gh CLI or git commands to create PRs.",
+    "Create a GitHub pull request for this task. Runs in order: 1) stage any uncommitted changes, 2) commit them (using commitMessage, or a default derived from title), 3) push to origin, 4) create the PR via GitHub API. When to use: opening the PR for this task \u2014 always use this instead of the gh CLI or raw git. Common failures: missing remote branch, a PR already open for this branch, or an expired git token (retry after the refresh). Returns: confirmation string with the new PR number and URL.",
     {
       title: z3.string().describe("The PR title"),
       body: z3.string().describe("The PR description/body in markdown"),
@@ -2622,7 +2636,7 @@ Troubleshooting:
 function buildAddDependencyTool(connection) {
   return defineTool(
     "add_dependency",
-    "Add a dependency \u2014 this task cannot start until the specified task is merged to dev",
+    "Add a blocking dependency \u2014 this task cannot start until the named task is merged to dev. When to use: you discovered work that must land before this task can proceed. When NOT to use: to track work that should happen after this task \u2014 use create_follow_up_task instead. Returns: confirmation string.",
     {
       depends_on_slug_or_id: z3.string().describe("Slug or ID of the task this task depends on")
     },
@@ -2644,7 +2658,7 @@ function buildAddDependencyTool(connection) {
 function buildRemoveDependencyTool(connection) {
   return defineTool(
     "remove_dependency",
-    "Remove a dependency from this task",
+    "Remove a previously added dependency from this task. When to use: the dependency was added in error or is no longer relevant. Returns: confirmation string.",
     {
       depends_on_slug_or_id: z3.string().describe("Slug or ID of the task to remove as dependency")
     },
@@ -2666,7 +2680,7 @@ function buildRemoveDependencyTool(connection) {
 function buildCreateFollowUpTaskTool(connection) {
   return defineTool(
     "create_follow_up_task",
-    "Create a follow-up task in this project that depends on the current task. Use for out-of-scope work, v1.1 features, or cleanup that should happen after this task merges.",
+    "Create a follow-up task that depends on the current task. When to use: out-of-scope work, v1.1 features, or cleanup that should happen after this task merges. The new task will be unblocked once the current task is merged. When NOT to use: to add a blocker to this task \u2014 use add_dependency instead. Returns: confirmation string with the new task's slug.",
     {
       title: z3.string().describe("Follow-up task title"),
       description: z3.string().optional().describe("Brief description of the follow-up work"),
@@ -2696,7 +2710,7 @@ function buildCreateFollowUpTaskTool(connection) {
 function buildCreateSuggestionTool(connection) {
   return defineTool(
     "create_suggestion",
-    "Suggest a feature, improvement, or idea for the project. If you want to recommend something \u2014 a document, a rule, a feature, a task, an optimization \u2014 use this tool. If a similar suggestion already exists, your vote will be added to it instead of creating a duplicate.",
+    "Suggest a feature, improvement, rule, or idea for the project. When to use: recommending anything project-scoped \u2014 a document, a rule, a feature, a task, an optimization. If a similar suggestion already exists the service will dedupe and record your upvote instead. When NOT to use: for actionable work scoped to the current task \u2014 open a follow-up task. Returns: confirmation string with the suggestion id (and mergedIntoId if deduped).",
     {
       title: z3.string().describe("Short title for the suggestion"),
       description: z3.string().optional().describe(
@@ -2729,7 +2743,7 @@ function buildCreateSuggestionTool(connection) {
 function buildVoteSuggestionTool(connection) {
   return defineTool(
     "vote_suggestion",
-    "Vote on a project suggestion. Use +1 to upvote or -1 to downvote.",
+    "Vote +1 or -1 on a project suggestion. When to use: expressing support or disagreement with a specific suggestion returned from get_suggestions. Returns: confirmation string with the suggestion's updated score.",
     {
       suggestion_id: z3.string().describe("The suggestion ID to vote on"),
       value: z3.number().refine((v) => v === 1 || v === -1, { message: "Value must be 1 or -1" }).describe("+1 to upvote, -1 to downvote")
@@ -2778,7 +2792,7 @@ var SP_DESCRIPTION = "Story point value (1=Common, 2=Magic, 3=Rare, 5=Unique)";
 function buildUpdateTaskTool(connection) {
   return defineTool(
     "update_task",
-    "Save the finalized task plan and/or description",
+    "Save the finalized plan and/or description to the current task. When to use: in Plan mode, after reaching alignment with the user on the approach. When NOT to use: for child/subtasks \u2014 use update_subtask. This tool does not change status or other properties. Returns: confirmation string.",
     {
       plan: z4.string().optional().describe("The task plan in markdown"),
       description: z4.string().optional().describe("Updated task description")
@@ -2800,7 +2814,7 @@ function buildUpdateTaskTool(connection) {
 function buildCreateSubtaskTool(connection) {
   return defineTool(
     "create_subtask",
-    "Create a subtask under the current parent task. Use for breaking complex tasks into smaller pieces.",
+    "Create a subtask under the current parent task. When to use: breaking a complex parent task into smaller pieces during planning. When NOT to use: for follow-ups that depend on this task but are not children \u2014 use create_follow_up_task. Returns: confirmation string with the new subtask id.",
     {
       title: z4.string().describe("Subtask title"),
       description: z4.string().optional().describe("Brief description"),
@@ -2830,7 +2844,7 @@ function buildCreateSubtaskTool(connection) {
 function buildUpdateSubtaskTool(connection) {
   return defineTool(
     "update_subtask",
-    "Update an existing subtask's fields",
+    "Update an existing subtask's fields (title, description, plan, ordinal, storyPointValue). When to use: refining a child's plan or reordering the subtask queue. When NOT to use: to change status (pack tools do that automatically) or to update the current task itself (use update_task). Returns: confirmation string.",
     {
       subtaskId: z4.string().describe("The subtask ID to update"),
       title: z4.string().optional(),
@@ -2859,7 +2873,7 @@ function buildUpdateSubtaskTool(connection) {
 function buildDeleteSubtaskTool(connection) {
   return defineTool(
     "delete_subtask",
-    "Delete a subtask",
+    "Delete a subtask by id. When to use: a subtask was created in error or is no longer needed. Returns: confirmation string.",
     { subtaskId: z4.string().describe("The subtask ID to delete") },
     async ({ subtaskId }) => {
       try {
@@ -2877,7 +2891,7 @@ function buildDeleteSubtaskTool(connection) {
 function buildListSubtasksTool(connection) {
   return defineTool(
     "list_subtasks",
-    "List all subtasks under the current parent task. Returns status, PR info (githubPRNumber, githubPRUrl), agent assignment (agentId), and plan for each child.",
+    "List all subtasks under the current parent task. When to use: coordinating child work \u2014 check who is running, which children are ready for review, or which are blocked. When NOT to use: for non-child related tasks \u2014 use get_task. Returns: JSON array with id, slug, title, status, storyPointValue, githubPRNumber, githubPRUrl, agentId, and plan for each child.",
     {},
     async () => {
       try {
@@ -2896,7 +2910,7 @@ function buildPackTools(connection) {
   return [
     defineTool(
       "start_child_cloud_build",
-      "Start a cloud build for a child task. The child must be in Open status with story points and an agent assigned.",
+      "Start a cloud build (codespace) for a child task. Preconditions: the child must be in Open status, have a story point value, and have an agent assigned. When NOT to use: if the child is already InProgress or past Open \u2014 it is already building or done. Returns: confirmation string including the child task id that the build was started for.",
       {
         childTaskId: z4.string().describe("The child task ID to start a cloud build for")
       },
@@ -2916,7 +2930,7 @@ function buildPackTools(connection) {
     ),
     defineTool(
       "stop_child_build",
-      "Stop a running cloud build for a child task. Sends a stop signal to the child agent.",
+      "Send a graceful stop signal to a running child build's agent. When to use: you decided the child should halt (plan changed, deadlock, scope pivot) and want the agent to exit cleanly. This is not a force-kill \u2014 the agent may take a moment to wind down. Returns: confirmation string.",
       {
         childTaskId: z4.string().describe("The child task ID whose build should be stopped")
       },
@@ -2936,7 +2950,7 @@ function buildPackTools(connection) {
     ),
     defineTool(
       "approve_and_merge_pr",
-      "Approve and merge a child task's pull request. Only succeeds if all CI/CD checks are passing. Returns an error if checks are pending (retry after waiting) or failed (investigate). The child task must be in ReviewPR status.",
+      "Approve and merge a child task's PR. Preconditions: child is in ReviewPR and you have reviewed the diff. When NOT to use: if review surfaced issues \u2014 post to the child's chat or escalate instead. Returns: { childTaskId, prNumber, merged }. merged=true means the merge happened and status is now ReviewDev. merged=false means the merge is queued for GitHub automerge (CI still running) \u2014 do NOT proceed as if merged; wait for the child's status to transition to ReviewDev. If checks have failed, this call errors \u2014 investigate the failure.",
       {
         childTaskId: z4.string().describe("The child task ID whose PR should be approved and merged")
       },
@@ -3024,7 +3038,7 @@ function buildCodeReviewTools(connection) {
   return [
     defineTool(
       "approve_code_review",
-      "Approve the code review. Use this when the code passes all review criteria and is ready to merge.",
+      "Approve the code review and exit. When to use: the diff passes all review criteria and is ready to merge. When NOT to use: if any substantive issue remains \u2014 call request_code_changes with a structured issues[] list. This tool takes only a summary; it does not accept an issues array (by design \u2014 an approval should have no blocking issues). Returns: confirmation string.",
       {
         summary: z6.string().describe("Brief summary of what was reviewed and why it looks good")
       },
@@ -3047,7 +3061,7 @@ ${summary}`;
     ),
     defineTool(
       "request_code_changes",
-      "Request changes during code review. Use this when substantive issues are found that need to be fixed before merge.",
+      "Request changes during code review and exit. When to use: substantive issues were found that must be fixed before merge. Each entry in issues[] is { file: string, line?: number, severity: 'critical' | 'major' | 'minor', description: string }. When NOT to use: for an approval \u2014 use approve_code_review. Returns: confirmation string.",
       {
         issues: z6.array(
           z6.object({
@@ -3641,7 +3655,7 @@ function buildClientInspectionTools(manager) {
   return [
     defineTool(
       "debug_inspect_client_paused",
-      "When the client-side debugger is paused at a breakpoint, returns the call stack and local variables. Includes React component state, props, and hooks when paused inside a component.",
+      "When the client-side (browser) debugger is paused at a breakpoint, returns the call stack and local variables from the paused frame. When to use: after a client breakpoint hits, to see what is in scope in the browser. When NOT to use: for server pauses \u2014 use debug_inspect_paused. Returns: JSON with side='client', reason, hitBreakpoints, callStack, and localVariables. If the debugger paused between turns and has since resumed, queued breakpoint hits are returned instead.",
       {},
       async () => {
         const clientOrErr = requirePlaywrightClient(manager);
@@ -3684,7 +3698,7 @@ ${JSON.stringify(queuedHits, null, 2)}`
     ),
     defineTool(
       "debug_evaluate_client",
-      "Evaluate a JavaScript expression in the client-side browser context. When paused at a client breakpoint, evaluates in the paused scope. Can access DOM, window, React internals, etc.",
+      "Evaluate a JavaScript expression in the browser context. When paused at a client breakpoint, runs in the paused scope (use frameIndex to pick a frame); otherwise runs in the page's global scope with access to DOM, window, and React internals. Side effects are real \u2014 navigations, DOM mutations, and function calls execute. Prefer read-only expressions unless you specifically want to mutate page state. Returns: `(type) value`.",
       {
         expression: z8.string().describe("JavaScript expression to evaluate in the browser context"),
         frameIndex: z8.number().optional().describe("Call stack frame index (0 = top frame). Defaults to the top frame.")
@@ -3758,7 +3772,7 @@ function buildClientInteractionTools(manager) {
     ),
     defineTool(
       "debug_navigate_client",
-      "Navigate the headless browser to a specific URL. Use this to reproduce specific flows or visit different pages.",
+      "Navigate the headless browser to a URL. When to use: reproducing a specific flow or visiting a different page. Waits for `domcontentloaded` before returning (Playwright's default ~30s navigation timeout applies). Returns: confirmation string with the resolved current URL.",
       {
         url: z8.string().describe("URL to navigate to (e.g., http://localhost:3000/dashboard)")
       },
@@ -3775,7 +3789,7 @@ function buildClientInteractionTools(manager) {
     ),
     defineTool(
       "debug_click_client",
-      "Click an element on the page in the headless browser. Use CSS selectors to target elements. Useful for reproducing bugs by interacting with the UI programmatically.",
+      "Click an element in the headless browser by CSS selector. When to use: reproducing bugs by interacting with the UI programmatically. Playwright auto-waits for the element to be visible, stable, and enabled before clicking, up to a 10s timeout \u2014 a miss throws and is reported in the failure message. Returns: confirmation string.",
       {
         selector: z8.string().describe(
           "CSS selector of the element to click (e.g., 'button.submit', '#login-form input[type=submit]')"
@@ -3948,7 +3962,7 @@ function buildDebugLifecycleTools(manager) {
   return [
     defineTool(
       "debug_enter_mode",
-      "Activate debug mode: restarts the dev server with Node.js --inspect flag and connects the CDP debugger. Optionally launch a headless Chromium browser for client-side debugging. Use serverSide for backend breakpoints, clientSide for frontend breakpoints, or both for full-stack.",
+      "Activate debug mode. When to use: at the start of a debug session before setting breakpoints or probes. Restarts the dev server with Node.js --inspect for server-side CDP, and/or launches a headless Chromium via Playwright for client-side. Default: if neither serverSide nor clientSide is passed, server-side only is activated. Pass clientSide=true for frontend debugging (previewUrl required), or set both for full-stack. Returns: activation status string listing active modes, an echoed hypothesis if given, and a warning if source maps are missing.",
       {
         hypothesis: z9.string().optional().describe("Your hypothesis about the bug \u2014 helps track debugging intent"),
         serverSide: z9.boolean().optional().describe(
@@ -4094,7 +4108,7 @@ ${JSON.stringify(queuedHits, null, 2)}`
     ),
     defineTool(
       "debug_evaluate",
-      "Evaluate a JavaScript expression in the current paused scope (or globally if not paused). When paused, use frameIndex to evaluate in a specific call frame.",
+      "Evaluate a JavaScript expression server-side in the Node process. When paused at a breakpoint the expression runs in that frame's scope (use frameIndex to pick a different frame); otherwise it runs in the global scope. Side effects are real \u2014 assignments, function calls, and I/O all execute. Prefer read-only expressions unless you specifically want to mutate state. Returns: `(type) value`.",
       {
         expression: z9.string().describe("The JavaScript expression to evaluate"),
         frameIndex: z9.number().optional().describe("Call stack frame index (0 = top frame). Defaults to the top frame.")
@@ -4193,7 +4207,7 @@ function buildProbeResultTools(manager) {
   return [
     defineTool(
       "debug_get_probe_results",
-      "Fetch captured probe hit data. Returns expression values from each time a probed line executed.",
+      "Fetch captured probe hit data. When to use: after triggering the code path for a probe set by debug_add_probe. Filtering: pass label to filter directly, or probeId to look up and filter by that probe's label; if both are passed, label wins and probeId is ignored. Returns: grouped text with per-probe hit count, timestamps, and captured expression values.",
       {
         probeId: z9.string().optional().describe("Filter results by probe ID (resolves to its label)"),
         label: z9.string().optional().describe("Filter results by probe label"),
@@ -4800,7 +4814,31 @@ function collectMissingProps(taskProps) {
 
 // src/execution/tool-access.ts
 var PM_PLAN_FILE_TOOLS = /* @__PURE__ */ new Set(["Write", "Edit", "MultiEdit"]);
-var DESTRUCTIVE_CMD_PATTERN = /git\s+push\s+--force(?!\s*-with-lease)|git\s+reset\s+--hard|rm\s+-rf\s+\//;
+var DESTRUCTIVE_PATTERNS = [
+  {
+    name: "git push --force (without --force-with-lease)",
+    re: /git\s+push\s+(?:-f\b|--force(?!-with-lease))/
+  },
+  { name: "git push --delete", re: /git\s+push\s+(?:-d\b|--delete\b)/ },
+  { name: "git reset --hard", re: /git\s+reset\s+--hard\b/ },
+  {
+    name: "rm -rf /",
+    re: /rm\s+(?:-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r|--recursive\s+--force)\s+\/(?!\S)/
+  },
+  { name: "sudo rm", re: /\bsudo\s+rm\b/ },
+  { name: "chmod world-writable", re: /\bchmod\s+(?:-R\s+)?[0-7]*7{2,3}\b/ },
+  { name: "dd to device", re: /\bdd\s+.*\bof=\/dev\// },
+  { name: "redirect to block device", re: />\s*\/dev\/(?:sd[a-z]|nvme\d|xvd[a-z])/ },
+  { name: "mkfs filesystem creation", re: /\bmkfs(?:\.|\s)/ },
+  { name: "shutdown/poweroff/halt/reboot", re: /\b(?:shutdown|poweroff|halt|reboot)\b/ },
+  { name: "fork bomb", re: /:\(\)\s*\{\s*:\|\s*:&\s*\}\s*;\s*:/ }
+];
+function matchesDestructive(cmd) {
+  for (const { name, re } of DESTRUCTIVE_PATTERNS) {
+    if (re.test(cmd)) return name;
+  }
+  return null;
+}
 function isPlanFile(input) {
   const filePath = String(input.file_path ?? input.path ?? "");
   return filePath.includes(".claude/plans/");
@@ -4820,10 +4858,11 @@ function handleDiscoveryToolAccess(toolName, input) {
 function handleBuildingToolAccess(toolName, input) {
   if (toolName === "Bash") {
     const cmd = String(input.command ?? "");
-    if (DESTRUCTIVE_CMD_PATTERN.test(cmd)) {
+    const matched = matchesDestructive(cmd);
+    if (matched) {
       return {
         behavior: "deny",
-        message: "Destructive operation blocked. Use safer alternatives."
+        message: `Destructive operation blocked (${matched}). Use safer alternatives.`
       };
     }
   }
@@ -5006,6 +5045,65 @@ function buildCanUseTool(host) {
   };
 }
 
+// src/execution/redactor.ts
+var REDACTED = "<redacted>";
+var BEARER_RE = /\b(Bearer\s+)[A-Za-z0-9_\-.]{20,}/g;
+var VENDOR_KEY_RE = /\b(?:sk-[a-zA-Z0-9_-]{20,}|ghp_[A-Za-z0-9]{36}|github_pat_[A-Za-z0-9_]{22,}|xoxb-[A-Za-z0-9-]+|xai-[A-Za-z0-9-]{20,})\b/g;
+var AWS_ACCESS_KEY_RE = /\bAKIA[0-9A-Z]{16}\b/g;
+var JWT_RE = /\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b/g;
+var ENV_SECRET_RE = /^(\s*(?:export\s+)?([A-Z][A-Z0-9_]*(?:TOKEN|SECRET|KEY|PASSWORD|PASS|CREDENTIAL|CREDENTIALS)[A-Z0-9_]*)\s*=\s*)['"]?([^\s'"]+)['"]?/gm;
+var COOKIE_HEADER_RE = /(Cookie:\s*)[^\r\n]+/gi;
+var BASIC_AUTH_URL_RE = /(https?:\/\/)([^:@\s/]+):([^@\s]+)@/g;
+var AWS_SECRET_LINE_RE = /^.*(?:secret|aws_secret).*$/gim;
+var AWS_SECRET_VALUE_RE = /\b([A-Za-z0-9/+=]{40})\b/g;
+var SYSTEM_REMINDER_RE = /<system-reminder>[\s\S]*?<\/system-reminder>/gi;
+function redact(input) {
+  if (!input) return { output: input, redacted: 0 };
+  let count = 0;
+  let output = input;
+  output = output.replace(SYSTEM_REMINDER_RE, () => {
+    count++;
+    return "<!-- stripped injection -->";
+  });
+  output = output.replace(BEARER_RE, (_match, prefix) => {
+    count++;
+    return `${prefix}${REDACTED}`;
+  });
+  output = output.replace(VENDOR_KEY_RE, () => {
+    count++;
+    return REDACTED;
+  });
+  output = output.replace(AWS_ACCESS_KEY_RE, () => {
+    count++;
+    return REDACTED;
+  });
+  output = output.replace(JWT_RE, () => {
+    count++;
+    return REDACTED;
+  });
+  output = output.replace(
+    AWS_SECRET_LINE_RE,
+    (line) => line.replace(AWS_SECRET_VALUE_RE, (match) => {
+      if (/^[a-f0-9]+$/i.test(match)) return match;
+      count++;
+      return REDACTED;
+    })
+  );
+  output = output.replace(ENV_SECRET_RE, (_match, prefix, _key, _value) => {
+    count++;
+    return `${prefix}${REDACTED}`;
+  });
+  output = output.replace(COOKIE_HEADER_RE, (_match, prefix) => {
+    count++;
+    return `${prefix}${REDACTED}`;
+  });
+  output = output.replace(BASIC_AUTH_URL_RE, (_match, scheme, user) => {
+    count++;
+    return `${scheme}${user}:${REDACTED}@`;
+  });
+  return { output, redacted: count };
+}
+
 // src/execution/query-executor.ts
 var logger2 = createServiceLogger("QueryExecutor");
 var IMAGE_ERROR_PATTERN2 = /Could not process image/i;
@@ -5018,12 +5116,15 @@ function buildHooks(host) {
           async (input) => {
             if (host.isStopped()) return await Promise.resolve({ continue: false });
             if (input.hook_event_name === "PostToolUse") {
-              const output = typeof input.tool_response === "string" ? input.tool_response.slice(0, 500) : JSON.stringify(input.tool_response).slice(0, 500);
+              const raw = typeof input.tool_response === "string" ? input.tool_response : JSON.stringify(input.tool_response);
+              const { output: redacted, redacted: redactedCount } = redact(raw);
+              const output = redacted.slice(0, 500);
               host.connection.sendEvent({
                 type: "tool_result",
                 tool: input.tool_name,
                 output,
-                isError: false
+                isError: false,
+                ...redactedCount > 0 ? { redactedCount } : {}
               });
               host.pendingToolOutputs.push({ tool: input.tool_name, output });
               if (input.tool_name === "mcp__conveyor__create_pull_request") {
@@ -5390,6 +5491,22 @@ async function runWithRetry(initialQuery, context, host, options) {
 var CostTracker = class {
   cumulativeCostUsd = 0;
   modelUsage = /* @__PURE__ */ new Map();
+  seeded = false;
+  /**
+   * Rehydrate cumulative spend from the server so `maxBudgetUsd` enforcement
+   * accounts for costs incurred by prior agent runs on the same task. Must be
+   * called before any `addQueryCost` / `addModelUsage` — re-seeding after
+   * costs have accumulated would clobber in-process totals.
+   */
+  seed(totalCostUsd, modelUsage) {
+    if (this.seeded) return;
+    if (this.cumulativeCostUsd > 0 || this.modelUsage.size > 0) return;
+    this.cumulativeCostUsd = totalCostUsd;
+    for (const entry of modelUsage) {
+      this.modelUsage.set(entry.model, { ...entry });
+    }
+    this.seeded = true;
+  }
   /** Add cost from a completed query and return the running total */
   addQueryCost(queryCostUsd) {
     this.cumulativeCostUsd += queryCostUsd;
@@ -5580,6 +5697,10 @@ var QueryBridge = class {
   resume() {
     this._stopped = false;
   }
+  /** Rehydrate CostTracker from server-side cumulative spend on agent boot. */
+  seedCostTracker(totalCostUsd, modelUsage) {
+    this.costTracker.seed(totalCostUsd, modelUsage);
+  }
   /**
    * Execute a Claude SDK query.
    * Without followUpContent: runs initial mode execution (build/plan).
@@ -5845,6 +5966,7 @@ var SessionRunner = class _SessionRunner {
       });
     }
     this.queryBridge = this.createQueryBridge();
+    await this.seedCostTrackerFromServer();
     this.logInitialization();
     const staleMessageCount = this.pendingMessages.length;
     const didExecuteInitialQuery = await this.executeInitialMode();
@@ -6206,6 +6328,36 @@ var SessionRunner = class _SessionRunner {
       }
     });
   }
+  /**
+   * Rehydrate CostTracker from server. Caps at 3s so a slow API call never
+   * blocks agent startup — on timeout/error we fall through with a $0 tracker
+   * (the existing behavior before this rehydration path was added).
+   */
+  async seedCostTrackerFromServer() {
+    if (!this.queryBridge) return;
+    const TIMEOUT_MS = 3e3;
+    try {
+      const timeout = new Promise((resolve2) => {
+        setTimeout(() => resolve2(null), TIMEOUT_MS);
+      });
+      const fetched = await Promise.race([this.connection.getCumulativeSpending(), timeout]);
+      if (fetched) {
+        this.queryBridge.seedCostTracker(fetched.totalCostUsd, fetched.modelUsage);
+        process.stderr.write(
+          `[conveyor-agent] CostTracker seeded: $${fetched.totalCostUsd.toFixed(4)} across ${fetched.modelUsage.length} model(s)
+`
+        );
+      } else {
+        process.stderr.write(
+          "[conveyor-agent] CostTracker seed timed out after 3s \u2014 starting at $0\n"
+        );
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      process.stderr.write(`[conveyor-agent] CostTracker seed failed: ${msg} \u2014 starting at $0
+`);
+    }
+  }
   /** Proactively refresh the GitHub token before the 1-hour expiry. */
   async refreshGithubToken() {
     try {
@@ -6709,8 +6861,8 @@ function buildTaskListTools(connection) {
       { annotations: { readOnlyHint: true } }
     ),
     defineTool(
-      "get_task",
-      "Get detailed information about a task including chat messages, child tasks, and session.",
+      "get_project_task",
+      "Get detailed information about a task in this project (chat messages, child tasks, session). Project-runner scope.",
       { task_id: z10.string().describe("The task ID to look up") },
       async ({ task_id }) => {
         try {
@@ -6808,8 +6960,8 @@ function buildMutationTools2(connection) {
       }
     ),
     defineTool(
-      "update_task",
-      "Update an existing task's title, description, plan, status, or assignee.",
+      "update_project_task",
+      "Update an existing task's title, description, plan, status, or assignee. Project-runner scope.",
       {
         task_id: z10.string().describe("The task ID to update"),
         title: z10.string().optional().describe("New title"),
@@ -7359,7 +7511,7 @@ function spawnChildAgent(assignment, workDir) {
       CONVEYOR_TASK_TOKEN: taskToken,
       CONVEYOR_TASK_ID: taskId,
       ...sessionId ? { CONVEYOR_SESSION_ID: sessionId } : {},
-      CONVEYOR_MODE: agentMode === "code-review" ? "code-review" : mode,
+      CONVEYOR_MODE: mode,
       CONVEYOR_WORKSPACE: workDir,
       CONVEYOR_USE_WORKTREE: "false",
       CONVEYOR_AGENT_MODE: effectiveAgentMode,
@@ -7413,7 +7565,7 @@ async function killAgent(agent, taskId) {
 async function handleAssignment(assignment, activeAgents, projectDir, connection) {
   const { taskId, mode } = assignment;
   const shortId = taskId.slice(0, 8);
-  const agentKey = assignment.agentMode === "code-review" ? `${taskId}:code-review` : taskId;
+  const agentKey = mode === "code-review" ? `${taskId}:code-review` : taskId;
   const existing = activeAgents.get(agentKey);
   if (existing) {
     if (existing.process.exitCode === null) {
@@ -7814,4 +7966,4 @@ export {
   loadForwardPorts,
   loadConveyorConfig
 };
-//# sourceMappingURL=chunk-2YHZHOR2.js.map
+//# sourceMappingURL=chunk-COJPX2QI.js.map