@swarmclawai/swarmclaw 1.2.6 → 1.2.8

package/src/lib/server/tool-capability-policy.test.ts

@@ -20,11 +20,12 @@ test('capability policy balanced mode blocks destructive delete_file', () => {
 
 test('capability policy strict mode blocks execution/platform families', () => {
   const decision = resolveSessionToolPolicy(
-    ['shell', 'manage_tasks', 'web_search', 'memory'],
+    ['shell', 'execute', 'manage_tasks', 'web_search', 'memory'],
     { capabilityPolicyMode: 'strict' },
   )
   assert.deepEqual(decision.enabledExtensions, ['web_search', 'memory'])
   assert.equal(decision.blockedExtensions.some((entry) => entry.tool === 'shell'), true)
+  assert.equal(decision.blockedExtensions.some((entry) => entry.tool === 'execute'), true)
   assert.equal(decision.blockedExtensions.some((entry) => entry.tool === 'manage_tasks'), true)
 })
 

package/src/lib/server/tool-capability-policy.ts

@@ -1,5 +1,6 @@
 import type { AppSettings } from '@/types'
 import { dedup } from '@/lib/shared-utils'
+import { canonicalizeExtensionId } from './tool-aliases'
 
 export type CapabilityPolicyMode = 'permissive' | 'balanced' | 'strict'
 
@@ -37,6 +38,7 @@ interface ToolDescriptor {
 
 const TOOL_DESCRIPTORS: Record<string, ToolDescriptor> = {
   shell: { categories: ['execution'], concreteTools: ['shell', 'execute_command'] },
+  execute: { categories: ['execution'], concreteTools: ['execute'] },
   process: { categories: ['execution'], concreteTools: ['process', 'process_tool'] },
   files: { categories: ['filesystem'], concreteTools: ['files', 'read_file', 'write_file', 'list_files', 'send_file'] },
   read_file: { categories: ['filesystem'], concreteTools: ['read_file'] },
@@ -57,7 +59,6 @@ const TOOL_DESCRIPTORS: Record<string, ToolDescriptor> = {
   opencode_cli: { categories: ['delegation', 'execution'], concreteTools: ['delegate_to_opencode_cli'] },
   gemini_cli: { categories: ['delegation', 'execution'], concreteTools: ['delegate_to_gemini_cli'] },
   memory: { categories: ['memory'], concreteTools: ['memory', 'memory_tool', 'memory_search', 'memory_get', 'memory_store', 'memory_update', 'context_status', 'context_summarize'] },
-  // sandbox_exec/sandbox_list_runtimes routed through shell; git uses shell
   // http_request consolidated into web 'api' action — no separate descriptor
   canvas: { categories: ['filesystem'], concreteTools: ['canvas'] },
   wallet: { categories: ['outbound'], concreteTools: ['wallet', 'wallet_tool'] },
@@ -118,6 +119,55 @@ function normalizeList(value: unknown): string[] {
   return dedup(names)
 }
 
+function getDescriptor(toolName: string): ToolDescriptor | undefined {
+  const normalized = normalizeName(toolName)
+  if (!normalized) return undefined
+  return TOOL_DESCRIPTORS[normalized] || TOOL_DESCRIPTORS[normalizeName(canonicalizeExtensionId(normalized))]
+}
+
+function addComparableName(names: Set<string>, value: string | null | undefined): void {
+  const normalized = normalizeName(value)
+  if (!normalized) return
+  names.add(normalized)
+  const canonical = normalizeName(canonicalizeExtensionId(normalized))
+  if (canonical) names.add(canonical)
+  for (const mappedTool of CONCRETE_TOOL_TO_SESSION_TOOLS.get(normalized) || []) {
+    names.add(mappedTool)
+  }
+}
+
+function collectRequestedExtensionNames(toolName: string, descriptor?: ToolDescriptor): string[] {
+  const names = new Set<string>()
+  addComparableName(names, toolName)
+  for (const concreteName of descriptor?.concreteTools || []) {
+    addComparableName(names, concreteName)
+  }
+  return Array.from(names)
+}
+
+function entryMatchesSessionTool(entry: string, sessionTool: string): boolean {
+  const normalizedEntry = normalizeName(entry)
+  const normalizedTool = normalizeName(sessionTool)
+  if (!normalizedEntry || !normalizedTool) return false
+  if (normalizedEntry === normalizedTool) return true
+  if (!CONCRETE_TOOL_TO_SESSION_TOOLS.has(normalizedEntry)) {
+    return normalizeName(canonicalizeExtensionId(normalizedEntry)) === normalizedTool
+  }
+  return false
+}
+
+function matchesConcreteToolSetting(configuredNames: Set<string>, concreteToolName: string): boolean {
+  const normalizedName = normalizeName(concreteToolName)
+  if (!normalizedName || configuredNames.size === 0) return false
+  if (configuredNames.has(normalizedName)) return true
+  for (const sessionTool of CONCRETE_TOOL_TO_SESSION_TOOLS.get(normalizedName) || []) {
+    for (const entry of configuredNames) {
+      if (entryMatchesSessionTool(entry, sessionTool)) return true
+    }
+  }
+  return false
+}
+
 function getSettingsList(settings: Record<string, unknown>, key: string): string[] {
   return normalizeList(settings[key])
 }
@@ -138,29 +188,11 @@ function modeBlocksTool(mode: CapabilityPolicyMode, toolName: string, descriptor
 }
 
 function safetyMatchesTool(safetyBlocked: Set<string>, toolName: string, descriptor?: ToolDescriptor): boolean {
-  if (safetyBlocked.has(toolName)) return true
-  if (!descriptor) return false
-  for (const concreteName of descriptor.concreteTools) {
-    if (safetyBlocked.has(concreteName)) return true
-  }
-  if (toolName === 'memory' && safetyBlocked.has('memory_tool')) return true
-  if (toolName === 'manage_connectors' && safetyBlocked.has('connector_message_tool')) return true
-  if (toolName === 'manage_sessions' && (
-    safetyBlocked.has('sessions_tool')
-    || safetyBlocked.has('search_history_tool')
-    || safetyBlocked.has('whoami_tool')
-  )) return true
-  if (toolName === 'claude_code' && safetyBlocked.has('delegate_to_claude_code')) return true
-  if (toolName === 'codex_cli' && safetyBlocked.has('delegate_to_codex_cli')) return true
-  if (toolName === 'opencode_cli' && safetyBlocked.has('delegate_to_opencode_cli')) return true
-  if (toolName === 'gemini_cli' && safetyBlocked.has('delegate_to_gemini_cli')) return true
-  return false
+  return collectRequestedExtensionNames(toolName, descriptor).some((name) => safetyBlocked.has(name))
 }
 
 function policyMatchesTool(blockedNames: Set<string>, toolName: string, descriptor?: ToolDescriptor): boolean {
-  if (blockedNames.has(toolName)) return true
-  if (!descriptor) return false
-  return descriptor.concreteTools.some((concreteName) => blockedNames.has(concreteName))
+  return collectRequestedExtensionNames(toolName, descriptor).some((name) => blockedNames.has(name))
 }
 
 function categoryBlockReason(blockedCategories: Set<string>, descriptor?: ToolDescriptor): string | null {
@@ -232,7 +264,7 @@ export function resolveSessionToolPolicy(
   const blockedExtensions: CapabilityPolicyBlock[] = []
 
   for (const extensionName of requestedExtensions) {
-    const descriptor = TOOL_DESCRIPTORS[extensionName]
+    const descriptor = getDescriptor(extensionName)
     const settingsReason = settingsBlockReason(extensionName, normalizedSettings)
 
     if (settingsReason) {
@@ -296,24 +328,19 @@ export function resolveConcreteToolPolicyBlock(
 
   if (settingsReason) return settingsReason
 
-  if (safetyBlocked.has(name)) return 'blocked by safety policy'
-
   const mappedTools = CONCRETE_TOOL_TO_SESSION_TOOLS.get(name) || []
-  const safetyBlockedFamily = mappedTools.find((tool) => safetyBlocked.has(tool))
-  if (safetyBlockedFamily) return `blocked because "${safetyBlockedFamily}" is safety-blocked`
-
-  if (policyBlockedNames.has(name)) return 'blocked by explicit policy rule'
-  const policyBlockedFamily = mappedTools.find((tool) => policyBlockedNames.has(tool) && !policyAllowedNames.has(tool))
-  if (policyBlockedFamily) {
-    return `blocked because "${policyBlockedFamily}" is policy-blocked`
+  if (matchesConcreteToolSetting(safetyBlocked, name)) return 'blocked by safety policy'
+  const explicitlyAllowed = matchesConcreteToolSetting(policyAllowedNames, name)
+  if (matchesConcreteToolSetting(policyBlockedNames, name) && !explicitlyAllowed) {
+    return 'blocked by explicit policy rule'
   }
 
   if (mappedTools.length > 0) {
-    const enabledRoot = mappedTools.find((tool) => decision.enabledExtensions.includes(tool))
+    const enabledRoot = mappedTools.find((tool) => decision.enabledExtensions.some((entry) => entryMatchesSessionTool(entry, tool)))
     if (enabledRoot) return null
 
     const blockedRoot = mappedTools
-      .map((tool) => decision.blockedExtensions.find((entry) => entry.tool === tool))
+      .map((tool) => decision.blockedExtensions.find((entry) => entryMatchesSessionTool(entry.tool, tool)))
       .find(Boolean)
     if (blockedRoot) return blockedRoot.reason
 

package/src/lib/server/tool-planning.ts

@@ -58,6 +58,17 @@ const CORE_TOOL_PLANNING: Record<string, LegacyToolPlanningEntry[]> = {
       requestMatchers: [],
     },
   ],
+  execute: [
+    {
+      toolName: 'execute',
+      capabilities: ['runtime.execute'],
+      disciplineGuidance: [
+        'For `execute`, pass the full bash script in `{"code":"..."}`. Use it for sandboxed command execution, curl-based fetches, and one-shot scripts.',
+        'Use `persistent=true` only when the agent is explicitly configured for host execution. Otherwise use `files` for persistent writes.',
+      ],
+      requestMatchers: [],
+    },
+  ],
   web: [
     {
       toolName: 'web_search',

package/src/lib/setup-defaults.ts

@@ -204,6 +204,7 @@ export const SETUP_PROVIDERS: SetupProviderOption[] = [
 export const STARTER_AGENT_TOOLS = [
   'memory',
   'files',
+  'execute',
   'web_search',
   'web_fetch',
   'browser',
@@ -363,6 +364,7 @@ export interface StarterKit {
 const PERSONAL_AGENT_TOOLS = [
   'memory',
   'files',
+  'execute',
   'web_search',
   'web_fetch',
   'browser',
@@ -374,6 +376,7 @@ const PERSONAL_AGENT_TOOLS = [
 const RESEARCH_AGENT_TOOLS = [
   'memory',
   'files',
+  'execute',
   'web_search',
   'web_fetch',
   'browser',
@@ -384,6 +387,7 @@ const RESEARCH_AGENT_TOOLS = [
 const BUILDER_AGENT_TOOLS = [
   'memory',
   'files',
+  'execute',
   'web_search',
   'web_fetch',
   'browser',
@@ -397,6 +401,7 @@ const OPERATOR_AGENT_TOOLS = STARTER_AGENT_TOOLS
 const OPENCLAW_AGENT_TOOLS = [
   'memory',
   'files',
+  'execute',
   'web_search',
   'web_fetch',
   'browser',

package/src/lib/tool-definitions.ts

@@ -16,6 +16,7 @@ export interface ToolDefinition {
  */
 export const AVAILABLE_TOOLS: ToolDefinition[] = [
   { id: 'shell', label: 'Shell', description: 'Execute commands in the working directory and manage background processes' },
+  { id: 'execute', label: 'Execute', description: 'Run sandboxed bash scripts with just-bash, with optional host execution when explicitly enabled' },
   { id: 'files', label: 'Files', description: 'Complete file management: read, write, list, move, copy, delete, and send' },
   { id: 'edit_file', label: 'Edit File', description: 'Surgical search-and-replace within files' },
   { id: 'web', label: 'Web', description: 'Search the web, fetch content, and make HTTP API calls' },

package/src/lib/validation/schemas.test.ts

@@ -57,4 +57,20 @@ describe('AgentCreateSchema', () => {
     assert.equal(parsed.orchestratorMaxCyclesPerDay, 12)
     assert.equal(parsed.sessionResetMode, 'isolated')
   })
+
+  it('accepts executeConfig for sandboxed execute defaults', () => {
+    const parsed = AgentCreateSchema.parse({
+      name: 'Builder',
+      provider: 'openai',
+      executeConfig: {
+        backend: 'sandbox',
+        network: { enabled: true },
+        timeout: 45,
+      },
+    })
+
+    assert.equal(parsed.executeConfig?.backend, 'sandbox')
+    assert.equal(parsed.executeConfig?.network?.enabled, true)
+    assert.equal(parsed.executeConfig?.timeout, 45)
+  })
 })

package/src/lib/validation/schemas.ts

@@ -41,6 +41,21 @@ const AgentSandboxConfigSchema = z.object({
   prune: AgentSandboxPruneSchema,
 }).nullable().optional()
 
+const AgentExecuteConfigSchema = z.object({
+  backend: z.enum(['sandbox', 'host']).optional(),
+  network: z.object({
+    enabled: z.boolean(),
+    allowedUrls: z.array(z.string()).optional(),
+  }).optional(),
+  runtimes: z.object({
+    python: z.boolean().optional(),
+    javascript: z.boolean().optional(),
+    sqlite: z.boolean().optional(),
+  }).optional(),
+  timeout: z.number().int().positive().optional(),
+  credentials: z.array(z.string()).optional(),
+}).nullable().optional()
+
 const AgentRoutingTargetSchema = z.object({
   id: z.string().min(1),
   label: z.string().optional(),
@@ -110,6 +125,7 @@ export const AgentCreateSchema = z.object({
   avatarSeed: z.string().optional(),
   avatarUrl: z.string().nullable().optional().default(null),
   sandboxConfig: AgentSandboxConfigSchema,
+  executeConfig: AgentExecuteConfigSchema,
   autoRecovery: z.boolean().optional().default(false),
   monthlyBudget: z.number().positive().nullable().optional().default(null),
   dailyBudget: z.number().positive().nullable().optional().default(null),

package/src/stores/use-chat-store.test.ts

@@ -451,6 +451,103 @@ describe('useChatStore control-token hygiene', () => {
     assert.equal(useAppStore.getState().sessions['session-1']?.currentRunId, 'run-active')
   })
 
+  it('hydrates the active turn from the backend queue snapshot as a sending placeholder', async () => {
+    const now = Date.now()
+    const session = makeSession()
+    useAppStore.setState({
+      agents: { 'agent-1': makeAgent() },
+      sessions: { [session.id]: session },
+      currentAgentId: 'agent-1',
+    })
+    useChatStore.setState({
+      messages: [],
+      pendingFiles: [],
+      replyingTo: null,
+      toolEvents: [],
+      streamText: '',
+      displayText: '',
+      streaming: false,
+      streamingSessionId: null,
+      streamSource: null,
+      assistantRenderId: null,
+      streamPhase: 'thinking',
+      streamToolName: '',
+      thinkingText: '',
+      thinkingStartTime: 0,
+      queuedMessages: [],
+      agentStatus: null,
+      lastUsage: null,
+      hasMoreMessages: false,
+      loadingMore: false,
+      totalMessages: 0,
+    })
+
+    global.fetch = (async (input: RequestInfo | URL) => {
+      const url = String(input)
+      if (url === '/api/chats/session-1/queue') {
+        return jsonResponse({
+          sessionId: 'session-1',
+          activeRunId: 'run-active',
+          activeTurn: {
+            runId: 'run-active',
+            sessionId: 'session-1',
+            text: 'Already running',
+            queuedAt: now,
+            position: 0,
+          },
+          queueLength: 1,
+          items: [
+            { runId: 'run-queued-2', sessionId: 'session-1', text: 'Then refine it', queuedAt: now + 1, position: 1 },
+          ],
+        })
+      }
+      throw new Error(`Unexpected fetch: ${url}`)
+    }) as unknown as typeof fetch
+
+    await useChatStore.getState().loadQueuedMessages('session-1')
+
+    const state = useChatStore.getState()
+    assert.deepEqual(
+      state.queuedMessages.map((item) => [item.runId, item.sending === true]),
+      [['run-active', true], ['run-queued-2', false]],
+    )
+    assert.equal(useAppStore.getState().sessions['session-1']?.queuedCount, 1)
+    assert.equal(useAppStore.getState().sessions['session-1']?.currentRunId, 'run-active')
+  })
+
+  it('clears sending placeholders when a persisted user message with the same runId arrives', () => {
+    useChatStore.setState({
+      messages: [],
+      assistantRenderId: null,
+      queuedMessages: [
+        { runId: 'run-active', sessionId: 'session-1', text: 'Already running', queuedAt: 9, position: 0, sending: true },
+      ],
+      toolEvents: [],
+      streamText: '',
+      displayText: '',
+      streaming: false,
+      streamingSessionId: null,
+      streamSource: null,
+      streamPhase: 'thinking',
+      streamToolName: '',
+      thinkingText: '',
+      thinkingStartTime: 0,
+      agentStatus: null,
+      lastUsage: null,
+      hasMoreMessages: false,
+      loadingMore: false,
+      totalMessages: 0,
+    })
+
+    useChatStore.getState().setMessages([
+      { role: 'user', text: 'Already running', time: 10, runId: 'run-active' },
+    ])
+
+    const state = useChatStore.getState()
+    assert.equal(state.queuedMessages.length, 0)
+    assert.equal(state.messages[0]?.runId, 'run-active')
+  })
+
   it('removes optimistic queued items again when the backend enqueue fails', async () => {
     const session = makeSession()
     useAppStore.setState({
@@ -533,4 +630,138 @@ describe('useChatStore control-token hygiene', () => {
     assert.equal(state.assistantRenderId, 'render-1')
     assert.equal(state.messages[1]?.clientRenderId, 'render-1')
   })
+
+  it('preserves transcript totals on local message updates for paginated windows', () => {
+    useChatStore.setState({
+      messages: [
+        { role: 'user', text: 'Ninth', time: 9, bookmarked: false },
+        { role: 'assistant', text: 'Tenth', time: 10 },
+      ],
+      messageStartIndex: 8,
+      assistantRenderId: null,
+      toolEvents: [],
+      streamText: '',
+      displayText: '',
+      streaming: false,
+      streamingSessionId: null,
+      streamSource: null,
+      streamPhase: 'thinking',
+      streamToolName: '',
+      thinkingText: '',
+      thinkingStartTime: 0,
+      queuedMessages: [],
+      agentStatus: null,
+      lastUsage: null,
+      hasMoreMessages: true,
+      loadingMore: false,
+      totalMessages: 10,
+    })
+
+    useChatStore.getState().setMessages([
+      { role: 'user', text: 'Ninth', time: 9, bookmarked: true },
+      { role: 'assistant', text: 'Tenth', time: 10 },
+    ])
+
+    const state = useChatStore.getState()
+    assert.equal(state.messageStartIndex, 8)
+    assert.equal(state.totalMessages, 10)
+    assert.equal(state.hasMoreMessages, true)
+    assert.equal(state.messages[0]?.bookmarked, true)
+  })
+
+  it('does not timeout sending items before 60 seconds', () => {
+    const thirtySecondsAgo = Date.now() - 30_000
+    useChatStore.setState({
+      messages: [],
+      assistantRenderId: null,
+      toolEvents: [],
+      streamText: '',
+      displayText: '',
+      streaming: false,
+      streamingSessionId: null,
+      streamSource: null,
+      streamPhase: 'thinking',
+      streamToolName: '',
+      thinkingText: '',
+      thinkingStartTime: 0,
+      queuedMessages: [
+        { runId: 'run-old', sessionId: 'session-1', text: 'Waiting', queuedAt: thirtySecondsAgo, position: 0, sending: true },
+      ],
+      agentStatus: null,
+      lastUsage: null,
+      hasMoreMessages: false,
+      loadingMore: false,
+      totalMessages: 0,
+    })
+
+    // setMessages with no matching persisted message — item should survive
+    useChatStore.getState().setMessages([
+      { role: 'user', text: 'Unrelated', time: Date.now() },
+    ])
+
+    const state = useChatStore.getState()
+    assert.equal(state.queuedMessages.length, 1)
+    assert.equal(state.queuedMessages[0]?.runId, 'run-old')
+  })
+
+  it('tracks messageStartIndex when loading more paginated history', async () => {
+    const session = makeSession()
+    useAppStore.setState({
+      agents: { 'agent-1': makeAgent() },
+      sessions: { [session.id]: session },
+      currentAgentId: 'agent-1',
+    })
+    useChatStore.setState({
+      messages: [
+        { role: 'user', text: 'Ninth', time: 9 },
+        { role: 'assistant', text: 'Tenth', time: 10 },
+      ],
+      messageStartIndex: 8,
+      pendingFiles: [],
+      replyingTo: null,
+      toolEvents: [],
+      streamText: '',
+      displayText: '',
+      streaming: false,
+      streamingSessionId: null,
+      streamSource: null,
+      assistantRenderId: null,
+      streamPhase: 'thinking',
+      streamToolName: '',
+      thinkingText: '',
+      thinkingStartTime: 0,
+      queuedMessages: [],
+      agentStatus: null,
+      lastUsage: null,
+      hasMoreMessages: true,
+      loadingMore: false,
+      totalMessages: 10,
+    })
+
+    global.fetch = (async (input: RequestInfo | URL) => {
+      const url = String(input)
+      if (url === '/api/chats/session-1/messages?limit=100&before=8') {
+        return jsonResponse({
+          messages: [
+            { role: 'user', text: 'Seventh', time: 7 },
+            { role: 'assistant', text: 'Eighth', time: 8 },
+          ],
+          total: 10,
+          hasMore: true,
+          startIndex: 6,
+        })
+      }
+      throw new Error(`Unexpected fetch: ${url}`)
+    }) as unknown as typeof fetch
+
+    await useChatStore.getState().loadMoreMessages()
+
+    const state = useChatStore.getState()
+    assert.equal(state.messageStartIndex, 6)
+    assert.equal(state.totalMessages, 10)
+    assert.deepEqual(
+      state.messages.map((message) => message.text),
+      ['Seventh', 'Eighth', 'Ninth', 'Tenth'],
+    )
+  })
 })

package/src/stores/use-chat-store.ts

@@ -66,7 +66,8 @@ interface ChatState {
   agentStatus: { goal?: string; status?: string; summary?: string; nextAction?: string } | null
 
   messages: Message[]
-  setMessages: (msgs: Message[]) => void
+  messageStartIndex: number
+  setMessages: (msgs: Message[], options?: { startIndex?: number; totalMessages?: number }) => void
 
   toolEvents: ToolEvent[]
   clearToolEvents: () => void
@@ -136,6 +137,10 @@ interface ChatState {
   loadMoreMessages: () => Promise<void>
 }
 
+/** Safety-net timeout for "sending" queue items. Normally cleaned up by
+ * matchesPersistedQueuedMessage well before this — only fires if matching fails. */
+const SENDING_ITEM_TIMEOUT_MS = 60_000
+
 const CONTROL_TOKEN_PREFIX_RE = /^\s*(?:NO_MESSAGE|HEARTBEAT_OK)(?:(?=[\s.,:;!?()[\]{}"'`-]|$)|(?=[A-Z]))\s*/i
 const CONTROL_TOKEN_LINE_RE = /(^|\n)\s*(?:NO_MESSAGE|HEARTBEAT_OK)\s*(\n|$)/gi
 
@@ -165,6 +170,29 @@ function reconcileMessagesForState(
   return { messages, assistantRenderId: nextAssistantRenderId }
 }
 
+function attachedFilesEqual(left: string[] | undefined, right: string[] | undefined): boolean {
+  if (!left?.length && !right?.length) return true
+  if ((left?.length || 0) !== (right?.length || 0)) return false
+  for (let index = 0; index < (left?.length || 0); index += 1) {
+    if (left?.[index] !== right?.[index]) return false
+  }
+  return true
+}
+
+function matchesPersistedQueuedMessage(message: Message, queued: QueuedSessionMessage): boolean {
+  if (message.role !== 'user') return false
+  const messageRunId = typeof message.runId === 'string' && message.runId.trim() ? message.runId : null
+  const queuedRunId = typeof queued.runId === 'string' && queued.runId.trim() ? queued.runId : null
+  if (messageRunId && queuedRunId) return messageRunId === queuedRunId
+  return (
+    message.text === queued.text
+    && message.replyToId === queued.replyToId
+    && message.imagePath === queued.imagePath
+    && message.imageUrl === queued.imageUrl
+    && attachedFilesEqual(message.attachedFiles, queued.attachedFiles)
+  )
+}
+
 function syncSessionQueueState(sessionId: string, params: {
   queuedCount: number
   currentRunId?: string | null
@@ -203,13 +231,14 @@ export const useChatStore = create<ChatState>((set, get) => ({
   displayText: '',
   agentStatus: null,
   messages: [],
-  setMessages: (msgs) => set((s) => {
+  messageStartIndex: 0,
+  setMessages: (msgs, options) => set((s) => {
     const next = reconcileMessagesForState(msgs, s.messages, s.assistantRenderId)
     // Clear "sending" queue items whose text now appears in the message list
     const queuedMessages = s.queuedMessages.filter((item) => {
       if (!item.sending) return true
-      if (next.messages.some((m) => m.role === 'user' && m.text === item.text)) return false
-      if (Date.now() - item.queuedAt > 15_000) return false
+      if (next.messages.some((message) => matchesPersistedQueuedMessage(message, item))) return false
+      if (Date.now() - item.queuedAt > SENDING_ITEM_TIMEOUT_MS) return false
       return true
     })
     const patch: Partial<ChatState> = {
@@ -217,9 +246,29 @@ export const useChatStore = create<ChatState>((set, get) => ({
       assistantRenderId: next.assistantRenderId,
       queuedMessages,
     }
+    if (typeof options?.startIndex === 'number' && Number.isFinite(options.startIndex)) {
+      patch.messageStartIndex = Math.max(0, Math.trunc(options.startIndex))
+    } else if (next.messages.length === 0) {
+      patch.messageStartIndex = 0
+    }
     if (s.toolEvents.length > 0) patch.toolEvents = []
-    if (s.hasMoreMessages) patch.hasMoreMessages = false
-    if (s.totalMessages !== next.messages.length) patch.totalMessages = next.messages.length
+    if (next.messages.length === 0) {
+      patch.hasMoreMessages = false
+    } else if (
+      typeof options?.startIndex === 'number'
+      && Number.isFinite(options.startIndex)
+      && Math.trunc(options.startIndex) === 0
+      && typeof options?.totalMessages === 'number'
+      && Number.isFinite(options.totalMessages)
+      && Math.max(0, Math.trunc(options.totalMessages)) === next.messages.length
+    ) {
+      patch.hasMoreMessages = false
+    }
+    if (typeof options?.totalMessages === 'number' && Number.isFinite(options.totalMessages)) {
+      patch.totalMessages = Math.max(0, Math.trunc(options.totalMessages))
+    } else if (next.messages.length === 0 && s.totalMessages !== 0) {
+      patch.totalMessages = 0
+    }
     return patch
   }),
   toolEvents: [],
@@ -253,8 +302,8 @@ export const useChatStore = create<ChatState>((set, get) => ({
       const messages = s.messages
       const cleaned = next.filter((item) => {
         if (!item.sending || item.sessionId !== sessionId) return true
-        if (messages.some((m) => m.role === 'user' && m.text === item.text)) return false
-        if (Date.now() - item.queuedAt > 15_000) return false
+        if (messages.some((message) => matchesPersistedQueuedMessage(message, item))) return false
+        if (Date.now() - item.queuedAt > SENDING_ITEM_TIMEOUT_MS) return false
         return true
       })
       return { queuedMessages: cleaned }
@@ -675,7 +724,7 @@ export const useChatStore = create<ChatState>((set, get) => ({
       })
       if (msgsRes.ok) {
         const msgs = await msgsRes.json()
-        get().setMessages(msgs)
+        get().setMessages(msgs, { startIndex: 0, totalMessages: msgs.length })
       }
       // Re-send with the new text
       await get().sendMessage(newText)
@@ -703,7 +752,7 @@ export const useChatStore = create<ChatState>((set, get) => ({
       })
       if (msgsRes.ok) {
         const msgs = await msgsRes.json()
-        get().setMessages(msgs)
+        get().setMessages(msgs, { startIndex: 0, totalMessages: msgs.length })
       }
       // Re-send the last user message through the normal SSE flow
       if (imagePath) {
@@ -817,15 +866,14 @@ export const useChatStore = create<ChatState>((set, get) => ({
   loadingMore: false,
   totalMessages: 0,
   loadMoreMessages: async () => {
-    const { messages, loadingMore, hasMoreMessages, totalMessages } = get()
+    const { loadingMore, hasMoreMessages, messageStartIndex } = get()
     if (loadingMore || !hasMoreMessages) return
     const sessionId = selectActiveSessionId(useAppStore.getState())
     if (!sessionId) return
     set({ loadingMore: true })
     try {
       const key = getStoredAccessKey()
-      // Find the earliest message's original index (startIndex tracked on initial load)
-      const currentStartIndex = totalMessages - messages.length
+      const currentStartIndex = messageStartIndex
       const res = await fetch(`/api/chats/${sessionId}/messages?limit=100&before=${currentStartIndex}`, {
         headers: key ? { 'X-Access-Key': key } : undefined,
       })
@@ -840,6 +888,7 @@ export const useChatStore = create<ChatState>((set, get) => ({
           return {
             messages: next.messages,
             assistantRenderId: next.assistantRenderId,
+            messageStartIndex: data.startIndex,
             hasMoreMessages: data.hasMore,
             totalMessages: data.total,
             loadingMore: false,