@rubytech/taskmaster 1.12.3 → 1.13.0

package/dist/agents/auth-profiles/consolidate.js

@@ -0,0 +1,72 @@
+import fs from "node:fs";
+import path from "node:path";
+import { resolveStateDir } from "../../config/paths.js";
+import { AUTH_PROFILE_FILENAME } from "./constants.js";
+import { resolveAuthStorePath } from "./paths.js";
+import { ensureAuthProfileStore, saveAuthProfileStore } from "./store.js";
+/**
+ * One-time migration: scan per-agent auth-profiles.json files, merge any
+ * fresher OAuth tokens into the global store, then rename per-agent files
+ * to `.bak`.
+ *
+ * Returns a list of human-readable change descriptions (empty if no work done).
+ */
+export function consolidateAuthProfileStores() {
+    const changes = [];
+    const mainPath = resolveAuthStorePath();
+    const mainStore = ensureAuthProfileStore();
+    const agentsDir = path.join(resolveStateDir(), "agents");
+    let agentDirs;
+    try {
+        agentDirs = fs.readdirSync(agentsDir);
+    }
+    catch {
+        return changes;
+    }
+    for (const dir of agentDirs) {
+        const agentAuthPath = path.join(agentsDir, dir, "agent", AUTH_PROFILE_FILENAME);
+        // Skip the main agent's store — it IS the global store.
+        if (path.resolve(agentAuthPath) === path.resolve(mainPath))
+            continue;
+        let raw;
+        try {
+            raw = fs.readFileSync(agentAuthPath, "utf8");
+        }
+        catch {
+            continue;
+        }
+        let agentStore;
+        try {
+            agentStore = JSON.parse(raw);
+        }
+        catch {
+            continue;
+        }
+        let merged = false;
+        for (const [profileId, profile] of Object.entries(agentStore.profiles ?? {})) {
+            if (profile.type !== "oauth")
+                continue;
+            const mainProfile = mainStore.profiles[profileId];
+            const mainExpiry = mainProfile?.type === "oauth" ? (mainProfile.expires ?? 0) : 0;
+            const agentExpiry = profile.expires ?? 0;
+            if (agentExpiry > mainExpiry) {
+                mainStore.profiles[profileId] = profile;
+                merged = true;
+            }
+        }
+        if (merged) {
+            changes.push(`Consolidated fresher OAuth tokens from agent "${dir}".`);
+        }
+        try {
+            fs.renameSync(agentAuthPath, `${agentAuthPath}.bak`);
+            changes.push(`Renamed ${dir}/agent/${AUTH_PROFILE_FILENAME} to .bak.`);
+        }
+        catch {
+            // Best-effort rename — file may be locked or read-only.
+        }
+    }
+    if (changes.length > 0) {
+        saveAuthProfileStore(mainStore);
+    }
+    return changes;
+}

package/dist/agents/auth-profiles/oauth.js

@@ -59,30 +59,6 @@ async function refreshOAuthTokenWithLock(params) {
             type: "oauth",
         };
         saveAuthProfileStore(store, params.agentDir);
-        // Propagate refreshed credentials to the main store so auth.status and other agents
-        // see the fresh token. Without this, the main store retains a stale refresh token
-        // that Anthropic has already rotated, causing auth.status to permanently report
-        // "Connection expired" even though the agent is working fine.
-        const mainAuthPath = resolveAuthStorePath();
-        if (authPath !== mainAuthPath) {
-            try {
-                const mainStore = ensureAuthProfileStore();
-                const mainCred = mainStore.profiles[params.profileId];
-                const mainExpiry = mainCred?.type === "oauth" ? mainCred.expires : 0;
-                const freshExpiry = result.newCredentials.expires ?? 0;
-                if (freshExpiry > mainExpiry) {
-                    mainStore.profiles[params.profileId] = {
-                        ...(mainCred ?? cred),
-                        ...result.newCredentials,
-                        type: "oauth",
-                    };
-                    saveAuthProfileStore(mainStore);
-                }
-            }
-            catch {
-                // Best-effort — don't fail the agent's own refresh if main store update fails
-            }
-        }
         // Sync refreshed credentials back to Claude Code CLI if this is the claude-cli profile
         // This ensures Claude Code continues to work after Taskmaster refreshes the token
         if (params.profileId === CLAUDE_CLI_PROFILE_ID && cred.provider === "anthropic") {

package/dist/agents/auth-profiles/paths.js

@@ -4,12 +4,12 @@ import { saveJsonFile } from "../../infra/json-file.js";
 import { resolveUserPath } from "../../utils.js";
 import { resolveTaskmasterAgentDir } from "../agent-paths.js";
 import { AUTH_PROFILE_FILENAME, AUTH_STORE_VERSION, LEGACY_AUTH_FILENAME } from "./constants.js";
-export function resolveAuthStorePath(agentDir) {
-    const resolved = resolveUserPath(agentDir ?? resolveTaskmasterAgentDir());
+export function resolveAuthStorePath(_agentDir) {
+    const resolved = resolveUserPath(resolveTaskmasterAgentDir());
     return path.join(resolved, AUTH_PROFILE_FILENAME);
 }
-export function resolveLegacyAuthStorePath(agentDir) {
-    const resolved = resolveUserPath(agentDir ?? resolveTaskmasterAgentDir());
+export function resolveLegacyAuthStorePath(_agentDir) {
+    const resolved = resolveUserPath(resolveTaskmasterAgentDir());
     return path.join(resolved, LEGACY_AUTH_FILENAME);
 }
 export function resolveAuthStorePathForDisplay(agentDir) {

package/dist/agents/auth-profiles/store.js

@@ -2,8 +2,8 @@ import fs from "node:fs";
 import lockfile from "proper-lockfile";
 import { resolveOAuthPath } from "../../config/paths.js";
 import { loadJsonFile, saveJsonFile } from "../../infra/json-file.js";
-import { AUTH_STORE_LOCK_OPTIONS, AUTH_STORE_VERSION, CODEX_CLI_PROFILE_ID, log, } from "./constants.js";
-import { findDuplicateCodexProfile, syncExternalCliCredentials } from "./external-cli-sync.js";
+import { AUTH_STORE_LOCK_OPTIONS, AUTH_STORE_VERSION, log } from "./constants.js";
+import { syncExternalCliCredentials } from "./external-cli-sync.js";
 import { ensureAuthStoreFile, resolveAuthStorePath, resolveLegacyAuthStorePath } from "./paths.js";
 function _syncAuthProfileStore(target, source) {
     target.version = source.version;
@@ -104,70 +104,6 @@ function coerceAuthStore(raw) {
             : undefined,
     };
 }
-function mergeRecord(base, override) {
-    if (!base && !override)
-        return undefined;
-    if (!base)
-        return { ...override };
-    if (!override)
-        return { ...base };
-    return { ...base, ...override };
-}
-/**
- * Get the expiry timestamp from a credential if it has one.
- * Returns 0 for credentials without expiry (API keys).
- */
-function getCredentialExpiry(cred) {
-    if (cred.type === "oauth" || cred.type === "token") {
-        return cred.expires ?? 0;
-    }
-    return 0;
-}
-/**
- * Merge auth profiles, preferring the FRESHER credential when both have the same profile ID.
- * This ensures OAuth tokens propagate from the shared location to all agents.
- */
-function mergeAuthProfileStores(base, override) {
-    if (Object.keys(override.profiles).length === 0 &&
-        !override.order &&
-        !override.lastGood &&
-        !override.usageStats) {
-        return base;
-    }
-    // Merge profiles, preferring the fresher credential for OAuth/token types.
-    // For api_key profiles, prefer base (main store) — centralized API key
-    // management writes there, and agent stores only have inherited copies.
-    const mergedProfiles = { ...base.profiles };
-    for (const [profileId, overrideCred] of Object.entries(override.profiles)) {
-        const baseCred = base.profiles[profileId];
-        if (!baseCred) {
-            // No conflict — use override
-            mergedProfiles[profileId] = overrideCred;
-        }
-        else if (baseCred.type === "api_key" && overrideCred.type === "api_key") {
-            // API keys: base (main store) is authoritative — applyApiKeys() writes
-            // the centralized key there.  Agent stores only have stale inherited
-            // copies.  Always prefer base so key updates propagate immediately.
-            // (keep base — already in mergedProfiles)
-        }
-        else {
-            // OAuth/token: prefer the one with later expiry (fresher token)
-            const baseExpiry = getCredentialExpiry(baseCred);
-            const overrideExpiry = getCredentialExpiry(overrideCred);
-            if (overrideExpiry >= baseExpiry) {
-                mergedProfiles[profileId] = overrideCred;
-            }
-            // else keep base (it has a later expiry = fresher token)
-        }
-    }
-    return {
-        version: Math.max(base.version, override.version ?? base.version),
-        profiles: mergedProfiles,
-        order: mergeRecord(base.order, override.order),
-        lastGood: mergeRecord(base.lastGood, override.lastGood),
-        usageStats: mergeRecord(base.usageStats, override.usageStats),
-    };
-}
 function mergeOAuthFileIntoStore(store) {
     const oauthPath = resolveOAuthPath();
     const oauthRaw = loadJsonFile(oauthPath);
@@ -249,8 +185,8 @@ export function loadAuthProfileStore() {
     syncExternalCliCredentials(store);
     return store;
 }
-function loadAuthProfileStoreForAgent(agentDir, options) {
-    const authPath = resolveAuthStorePath(agentDir);
+function loadAuthProfileStoreForAgent(_agentDir, options) {
+    const authPath = resolveAuthStorePath();
     const raw = loadJsonFile(authPath);
     const asStore = coerceAuthStore(raw);
     if (asStore) {
@@ -261,19 +197,7 @@ function loadAuthProfileStoreForAgent(agentDir, options) {
         }
         return asStore;
     }
-    // Fallback: inherit auth-profiles from main agent if subagent has none
-    if (agentDir) {
-        const mainAuthPath = resolveAuthStorePath(); // without agentDir = main
-        const mainRaw = loadJsonFile(mainAuthPath);
-        const mainStore = coerceAuthStore(mainRaw);
-        if (mainStore && Object.keys(mainStore.profiles).length > 0) {
-            // Clone main store to subagent directory for auth inheritance
-            saveJsonFile(authPath, mainStore);
-            log.info("inherited auth-profiles from main agent", { agentDir });
-            return mainStore;
-        }
-    }
-    const legacyRaw = loadJsonFile(resolveLegacyAuthStorePath(agentDir));
+    const legacyRaw = loadJsonFile(resolveLegacyAuthStorePath());
     const legacy = coerceLegacyStore(legacyRaw);
     const store = {
         version: AUTH_STORE_VERSION,
@@ -324,7 +248,7 @@ function loadAuthProfileStoreForAgent(agentDir, options) {
     // overwriting fresh OAuth creds with stale tokens (fixes #363). Delete only
     // after we've successfully written auth-profiles.json.
     if (shouldWrite && legacy !== null) {
-        const legacyPath = resolveLegacyAuthStorePath(agentDir);
+        const legacyPath = resolveLegacyAuthStorePath();
         try {
             fs.unlinkSync(legacyPath);
         }
@@ -339,24 +263,8 @@ function loadAuthProfileStoreForAgent(agentDir, options) {
     }
     return store;
 }
-export function ensureAuthProfileStore(agentDir, options) {
-    const store = loadAuthProfileStoreForAgent(agentDir, options);
-    const authPath = resolveAuthStorePath(agentDir);
-    const mainAuthPath = resolveAuthStorePath();
-    if (!agentDir || authPath === mainAuthPath) {
-        return store;
-    }
-    const mainStore = loadAuthProfileStoreForAgent(undefined, options);
-    const merged = mergeAuthProfileStores(mainStore, store);
-    // Keep per-agent view clean even if the main store has codex-cli.
-    const codexProfile = merged.profiles[CODEX_CLI_PROFILE_ID];
-    if (codexProfile?.type === "oauth") {
-        const duplicateId = findDuplicateCodexProfile(merged, codexProfile);
-        if (duplicateId) {
-            delete merged.profiles[CODEX_CLI_PROFILE_ID];
-        }
-    }
-    return merged;
+export function ensureAuthProfileStore(_agentDir, options) {
+    return loadAuthProfileStoreForAgent(undefined, options);
 }
 export function saveAuthProfileStore(store, agentDir) {
     const authPath = resolveAuthStorePath(agentDir);

package/dist/agents/model-fallback.js

@@ -1,6 +1,9 @@
+import { emitInfraAlertEvent } from "../infra/infra-alert-events.js";
+import { createSubsystemLogger } from "../logging/subsystem.js";
 import { DEFAULT_MODEL, DEFAULT_PROVIDER } from "./defaults.js";
 import { coerceToFailoverError, describeFailoverError, isFailoverError, isTimeoutError, } from "./failover-error.js";
 import { buildModelAliasIndex, modelKey, parseModelRef, resolveConfiguredModelRef, resolveModelRefFromString, } from "./model-selection.js";
+const log = createSubsystemLogger("model-fallback");
 function isAbortError(err) {
     if (!err || typeof err !== "object")
         return false;
@@ -173,6 +176,21 @@ export async function runWithModelFallback(params) {
                 status: described.status,
                 code: described.code,
             });
+            const fallbackMsg = `[model-fallback] ${candidate.provider}/${candidate.model} failed (${described.reason ?? "unknown"}): ${described.message}` +
+                (i + 1 < candidates.length
+                    ? ` — falling back to ${candidates[i + 1].provider}/${candidates[i + 1].model}`
+                    : " — no more fallback candidates");
+            log.warn(fallbackMsg);
+            console.warn(fallbackMsg);
+            if (i === 0) {
+                emitInfraAlertEvent({
+                    category: "model-fallback",
+                    message: `${candidate.provider}/${candidate.model} failed (${described.reason ?? "unknown"}): ${described.message}` +
+                        (i + 1 < candidates.length
+                            ? `. Falling back to ${candidates[i + 1].provider}/${candidates[i + 1].model}.`
+                            : ". No fallback available."),
+                });
+            }
             await params.onError?.({
                 provider: candidate.provider,
                 model: candidate.model,
@@ -219,11 +237,18 @@ export async function runWithImageModelFallback(params) {
             if (shouldRethrowAbort(err))
                 throw err;
             lastError = err;
+            const errorMsg = err instanceof Error ? err.message : String(err);
             attempts.push({
                 provider: candidate.provider,
                 model: candidate.model,
-                error: err instanceof Error ? err.message : String(err),
+                error: errorMsg,
             });
+            const imgFallbackMsg = `[model-fallback] image model ${candidate.provider}/${candidate.model} failed: ${errorMsg}` +
+                (i + 1 < candidates.length
+                    ? ` — falling back to ${candidates[i + 1].provider}/${candidates[i + 1].model}`
+                    : " — no more fallback candidates");
+            log.warn(imgFallbackMsg);
+            console.warn(imgFallbackMsg);
             await params.onError?.({
                 provider: candidate.provider,
                 model: candidate.model,

package/dist/agents/pi-embedded-runner/run/payloads.js

@@ -143,6 +143,14 @@ export function buildEmbeddedRunPayloads(params) {
             });
         }
     }
+    // Last-resort safeguard: if the run errored and produced no user-facing content,
+    // inject a minimal fallback so the user isn't left with silence.
+    if (replyItems.length === 0 && lastAssistantErrored) {
+        replyItems.push({
+            text: "Sorry, I wasn't able to process that. Could you try again?",
+            isError: true,
+        });
+    }
     const hasAudioAsVoiceTag = replyItems.some((item) => item.audioAsVoice);
     return replyItems
         .map((item) => ({

package/dist/agents/session-transcript-repair.js

@@ -28,14 +28,15 @@ function extractToolResultId(msg) {
     return null;
 }
 function makeMissingToolResult(params) {
+    const name = params.toolName ?? "unknown";
     return {
         role: "toolResult",
         toolCallId: params.toolCallId,
-        toolName: params.toolName ?? "unknown",
+        toolName: name,
         content: [
             {
                 type: "text",
-                text: "[taskmaster] missing tool result in session history; inserted synthetic error result for transcript repair.",
+                text: `[taskmaster] Tool call "${name}" did not produce a result. The tool name may be misspelled or the call was dropped. Check the exact tool name and retry.`,
             },
         ],
         isError: true,

package/dist/agents/system-prompt.js

@@ -27,6 +27,7 @@ function buildMemorySection(params) {
     return [
         "## Memory Recall",
         "Memory is your knowledge base — customer profiles, business data, preferences, prior interactions, lessons, and instructions all live there. Proactively use memory_search whenever a topic might have stored context: who a person is, what was discussed before, business rules, pricing, product details, or anything that could have been recorded. Do not rely on conversation history alone — it only covers the current session. Use memory_get to pull specific lines when you know the file. If a search returns no results, say you checked.",
+        "When skill files or workspace docs reference paths under `memory/` (e.g. `memory/public/data.md`), always access them with memory_get or memory_search — strip the leading `memory/` prefix to get the relative path (e.g. `public/data.md`). Never use read or skill_read for memory content.",
         "",
     ];
 }

package/dist/agents/taskmaster-tools.js

@@ -37,6 +37,7 @@ import { createBrandSettingsTool } from "./tools/brand-settings-tool.js";
 import { createChannelSettingsTool } from "./tools/channel-settings-tool.js";
 import { createImageGenerateTool } from "./tools/image-generate-tool.js";
 import { createLogsReadTool } from "./tools/logs-read-tool.js";
+import { createOpeningHoursTool } from "./tools/opening-hours-tool.js";
 import { createPublicChatSettingsTool } from "./tools/public-chat-settings-tool.js";
 import { createSkillManageTool } from "./tools/skill-manage-tool.js";
 import { createSoftwareUpdateTool } from "./tools/software-update-tool.js";
@@ -165,6 +166,7 @@ export function createTaskmasterTools(options) {
         createUsageReportTool(),
         createChannelSettingsTool(),
         createBrandSettingsTool(),
+        createOpeningHoursTool(),
         createPublicChatSettingsTool(),
         createSkillManageTool(),
         createLogsReadTool(),

package/dist/agents/tool-policy.js

@@ -52,6 +52,7 @@ export const TOOL_GROUPS = {
         "usage_report",
         "channel_settings",
         "brand_settings",
+        "opening_hours",
         "public_chat_settings",
         "skill_manage",
         "logs_read",
@@ -94,6 +95,7 @@ export const TOOL_GROUPS = {
         "usage_report",
         "channel_settings",
         "brand_settings",
+        "opening_hours",
         "public_chat_settings",
         "skill_manage",
         "logs_read",

package/dist/agents/tools/opening-hours-tool.js

@@ -0,0 +1,92 @@
+/**
+ * Agent tool for managing business opening hours.
+ *
+ * Wraps `config.get`/`config.patch` for reading and updating opening hours
+ * configuration, and `isWithinOpeningHours` for checking current status.
+ * Controls when the public agent responds to customer messages — outside
+ * opening hours, customer messages are received but the agent does not reply.
+ */
+import { Type } from "@sinclair/typebox";
+import { isPublicAgentActive } from "../../business/opening-hours.js";
+import { loadConfig } from "../../config/config.js";
+import { stringEnum } from "../schema/typebox.js";
+import { jsonResult, readStringParam } from "./common.js";
+import { callGatewayTool } from "./gateway.js";
+const ACTIONS = ["get", "set", "check"];
+const OpeningHoursSchema = Type.Object({
+    action: stringEnum(ACTIONS, {
+        description: "get: retrieve current opening hours config. " +
+            "set: update opening hours (partial update supported). " +
+            "check: check if the business is currently open or closed.",
+    }),
+    enabled: Type.Optional(Type.Boolean({ description: "Enable/disable opening hours schedule." })),
+    publicAgentEnabled: Type.Optional(Type.Boolean({ description: "Enable/disable the public agent responding." })),
+    schedule: Type.Optional(Type.Object({
+        monday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        tuesday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        wednesday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        thursday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        friday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        saturday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+        sunday: Type.Optional(Type.Union([Type.Object({ start: Type.String(), end: Type.String() }), Type.Null()])),
+    }, { description: "Per-weekday time windows. null = closed that day." })),
+    closedDates: Type.Optional(Type.Array(Type.String(), { description: "ISO dates (YYYY-MM-DD) to mark as closed." })),
+});
+export function createOpeningHoursTool() {
+    return {
+        label: "Opening Hours",
+        name: "opening_hours",
+        description: "Manage business opening hours. Controls when the public agent responds to customer messages. " +
+            "Outside opening hours, customer messages are received but the agent does not reply.",
+        parameters: OpeningHoursSchema,
+        execute: async (_toolCallId, args) => {
+            const params = args;
+            const action = readStringParam(params, "action", { required: true });
+            const gatewayOpts = {};
+            if (action === "check") {
+                const cfg = loadConfig();
+                const result = isPublicAgentActive(cfg.business);
+                return jsonResult({
+                    currentlyOpen: result.open,
+                    reason: result.reason,
+                    publicAgentEnabled: cfg.business?.publicAgentEnabled !== false,
+                    config: cfg.business?.openingHours ?? null,
+                });
+            }
+            if (action === "get") {
+                const cfg = loadConfig();
+                return jsonResult({
+                    publicAgentEnabled: cfg.business?.publicAgentEnabled !== false,
+                    openingHours: cfg.business?.openingHours ?? null,
+                });
+            }
+            if (action === "set") {
+                // Build a partial business patch.
+                const businessPatch = {};
+                // Public agent toggle lives at business.publicAgentEnabled.
+                if (typeof params.publicAgentEnabled === "boolean") {
+                    businessPatch.publicAgentEnabled = params.publicAgentEnabled;
+                }
+                // Opening hours fields live at business.openingHours.
+                const ohPatch = {};
+                if (typeof params.enabled === "boolean")
+                    ohPatch.enabled = params.enabled;
+                if (params.schedule)
+                    ohPatch.schedule = params.schedule;
+                if (Array.isArray(params.closedDates))
+                    ohPatch.closedDates = params.closedDates;
+                if (Object.keys(ohPatch).length > 0)
+                    businessPatch.openingHours = ohPatch;
+                const snapshot = await callGatewayTool("config.get", gatewayOpts, {});
+                const baseHash = typeof snapshot?.hash === "string" ? snapshot.hash : undefined;
+                const result = await callGatewayTool("config.patch", gatewayOpts, {
+                    raw: JSON.stringify({ business: businessPatch }),
+                    baseHash,
+                    note: "agent: update opening hours",
+                });
+                return jsonResult({ ok: true, result });
+            }
+            throw new Error(`Unknown action: ${action}`);
+        },
+    };
+}

package/dist/agents/tools/web-fetch.js

@@ -105,7 +105,7 @@ function isRedirectStatus(status) {
     return status === 301 || status === 302 || status === 303 || status === 307 || status === 308;
 }
 async function fetchWithRedirects(params) {
-    const signal = withTimeout(undefined, params.timeoutSeconds * 1000);
+    const signal = withTimeout(params.signal, params.timeoutSeconds * 1000);
     const visited = new Set();
     let currentUrl = params.url;
     let redirectCount = 0;
@@ -184,7 +184,7 @@ export async function fetchFirecrawlContent(params) {
             "Content-Type": "application/json",
         },
         body: JSON.stringify(body),
-        signal: withTimeout(undefined, params.timeoutSeconds * 1000),
+        signal: withTimeout(params.signal, params.timeoutSeconds * 1000),
     });
     const payload = (await res.json());
     if (!res.ok || payload?.success === false) {
@@ -230,6 +230,7 @@ async function runWebFetch(params) {
             maxRedirects: params.maxRedirects,
             timeoutSeconds: params.timeoutSeconds,
             userAgent: params.userAgent,
+            signal: params.signal,
         });
         res = result.response;
         finalUrl = result.finalUrl;
@@ -249,6 +250,7 @@ async function runWebFetch(params) {
                 proxy: params.firecrawlProxy,
                 storeInCache: params.firecrawlStoreInCache,
                 timeoutSeconds: params.firecrawlTimeoutSeconds,
+                signal: params.signal,
             });
             const truncated = truncateText(firecrawl.text, params.maxChars);
             const payload = {
@@ -283,6 +285,7 @@ async function runWebFetch(params) {
                 proxy: params.firecrawlProxy,
                 storeInCache: params.firecrawlStoreInCache,
                 timeoutSeconds: params.firecrawlTimeoutSeconds,
+                signal: params.signal,
             });
             const truncated = truncateText(firecrawl.text, params.maxChars);
             const payload = {
@@ -386,6 +389,7 @@ async function tryFirecrawlFallback(params) {
             proxy: params.firecrawlProxy,
             storeInCache: params.firecrawlStoreInCache,
             timeoutSeconds: params.firecrawlTimeoutSeconds,
+            signal: params.signal,
         });
         return { text: firecrawl.text, title: firecrawl.title };
     }
@@ -428,7 +432,7 @@ export function createWebFetchTool(options) {
         name: "web_fetch",
         description: "Fetch and extract readable content from a URL (HTML → markdown/text). Use for lightweight page access without browser automation.",
         parameters: WebFetchSchema,
-        execute: async (_toolCallId, args) => {
+        execute: async (_toolCallId, args, signal) => {
             const params = args;
             const url = readStringParam(params, "url", { required: true });
             const extractMode = readStringParam(params, "extractMode") === "text" ? "text" : "markdown";
@@ -450,6 +454,7 @@ export function createWebFetchTool(options) {
                 firecrawlProxy: "auto",
                 firecrawlStoreInCache: true,
                 firecrawlTimeoutSeconds,
+                signal,
             });
             return jsonResult(result);
         },

package/dist/agents/tools/web-search.js

@@ -233,7 +233,7 @@ async function runPerplexitySearch(params) {
                 },
             ],
         }),
-        signal: withTimeout(undefined, params.timeoutSeconds * 1000),
+        signal: withTimeout(params.signal, params.timeoutSeconds * 1000),
     });
     if (!res.ok) {
         const detail = await readResponseText(res);
@@ -256,7 +256,7 @@ async function runTavilySearch(params) {
             max_results: params.maxResults,
             search_depth: params.searchDepth,
         }),
-        signal: withTimeout(undefined, params.timeoutSeconds * 1000),
+        signal: withTimeout(params.signal, params.timeoutSeconds * 1000),
     });
     if (!res.ok) {
         const detail = await readResponseText(res);
@@ -283,6 +283,7 @@ async function runWebSearch(params) {
             baseUrl: params.perplexityBaseUrl ?? DEFAULT_PERPLEXITY_BASE_URL,
             model: params.perplexityModel ?? DEFAULT_PERPLEXITY_MODEL,
             timeoutSeconds: params.timeoutSeconds,
+            signal: params.signal,
         });
         const payload = {
             query: params.query,
@@ -302,6 +303,7 @@ async function runWebSearch(params) {
             maxResults: params.count,
             searchDepth: params.tavilySearchDepth ?? "basic",
             timeoutSeconds: params.timeoutSeconds,
+            signal: params.signal,
         });
         const mapped = results.map((entry) => ({
             title: entry.title ?? "",
@@ -346,7 +348,7 @@ async function runWebSearch(params) {
             Accept: "application/json",
             "X-Subscription-Token": params.apiKey,
         },
-        signal: withTimeout(undefined, params.timeoutSeconds * 1000),
+        signal: withTimeout(params.signal, params.timeoutSeconds * 1000),
     });
     if (!res.ok) {
         const detail = await readResponseText(res);
@@ -388,7 +390,7 @@ export function createWebSearchTool(options) {
         name: "web_search",
         description,
         parameters: WebSearchSchema,
-        execute: async (_toolCallId, args) => {
+        execute: async (_toolCallId, args, signal) => {
             const perplexityAuth = provider === "perplexity" ? resolvePerplexityApiKey(perplexityConfig) : undefined;
             const apiKey = provider === "perplexity"
                 ? perplexityAuth?.apiKey
@@ -434,6 +436,7 @@ export function createWebSearchTool(options) {
                 perplexityBaseUrl: resolvePerplexityBaseUrl(perplexityConfig, perplexityAuth?.source, perplexityAuth?.apiKey),
                 perplexityModel: resolvePerplexityModel(perplexityConfig),
                 tavilySearchDepth: resolveTavilySearchDepth(tavilyConfig),
+                signal,
             });
             return jsonResult(result);
         },