@trops/dash-core 0.1.385 → 0.1.387

package/dist/electron/index.js

@@ -28153,1027 +28153,6 @@ const pluginController$1 = {
 
 var pluginController_1 = pluginController$1;
 
-/**
- * cliController.js
- *
- * Manages Claude Code CLI (`claude -p`) as an alternative LLM backend.
- * Spawns the CLI subprocess, parses stream-json NDJSON output, and emits
- * the same LLM_STREAM_* events as the Anthropic SDK path.
- *
- * Users with a Claude Pro/Max subscription and Claude Code installed
- * can use the Chat widget without a separate API key.
- */
-
-const { spawn, execSync } = require$$7;
-const {
-  LLM_STREAM_DELTA: LLM_STREAM_DELTA$2,
-  LLM_STREAM_TOOL_CALL: LLM_STREAM_TOOL_CALL$2,
-  LLM_STREAM_TOOL_RESULT: LLM_STREAM_TOOL_RESULT$2,
-  LLM_STREAM_COMPLETE: LLM_STREAM_COMPLETE$2,
-  LLM_STREAM_ERROR: LLM_STREAM_ERROR$2,
-} = llmEvents$1;
-
-const IS_WINDOWS = process.platform === "win32";
-
-/**
- * Cached shell PATH result (resolved once, reused for all spawns).
- * Same pattern as mcpController.js.
- */
-let _shellPath = null;
-
-function getShellPath() {
-  if (_shellPath !== null) return _shellPath;
-
-  // Windows: no POSIX login-shell trick — just use the inherited PATH,
-  // which is typically correct for GUI-launched Electron apps.
-  if (IS_WINDOWS) {
-    _shellPath = process.env.PATH || "";
-    return _shellPath;
-  }
-
-  try {
-    const shell = process.env.SHELL || "/bin/bash";
-    _shellPath = execSync(`${shell} -ilc 'echo -n "$PATH"'`, {
-      encoding: "utf8",
-      timeout: 5000,
-    });
-  } catch {
-    _shellPath = process.env.PATH || "";
-  }
-
-  return _shellPath;
-}
-
-/**
- * Cached CLI binary path (resolved once via `which` / `where`).
- */
-let _cliBinaryPath = undefined; // undefined = not yet checked
-
-function resolveCliBinary() {
-  if (_cliBinaryPath !== undefined) return _cliBinaryPath;
-
-  try {
-    const fullPath = getShellPath();
-    // `where` on Windows, `which` everywhere else. `where` may list
-    // multiple matches on separate lines (e.g. claude.cmd + claude.ps1)
-    // — take the first hit.
-    const lookup = IS_WINDOWS ? "where claude" : "which claude";
-    const result = execSync(lookup, {
-      encoding: "utf8",
-      timeout: 5000,
-      env: { ...process.env, PATH: fullPath },
-    });
-    _cliBinaryPath = IS_WINDOWS
-      ? result
-          .split(/\r?\n/)
-          .find((l) => l.trim())
-          ?.trim() || null
-      : result.trim();
-  } catch {
-    _cliBinaryPath = null;
-  }
-
-  return _cliBinaryPath;
-}
-
-/**
- * Active CLI processes for abort support.
- * Map<requestId, ChildProcess>
- */
-const activeProcesses = new Map();
-
-/**
- * Kill a child process and its descendants. On Windows, spawning with
- * shell:true (needed for .cmd targets) means child.kill() only
- * terminates the cmd.exe — the real CLI keeps running. Use taskkill
- * with /T (tree) /F (force) to clean up.
- */
-function killChildTree(child) {
-  if (!child || child.killed || typeof child.pid !== "number") return;
-  if (IS_WINDOWS) {
-    try {
-      execSync(`taskkill /pid ${child.pid} /T /F`, {
-        stdio: "ignore",
-        timeout: 5000,
-      });
-    } catch {
-      // Fall back to plain kill — best-effort
-      try {
-        child.kill();
-      } catch {
-        /* ignore */
-      }
-    }
-  } else {
-    child.kill("SIGTERM");
-  }
-}
-
-/**
- * Session IDs for conversation continuity.
- * Map<widgetUuid, sessionId>
- */
-const sessions = new Map();
-
-/**
- * Send events safely to a window.
- */
-function safeSend(win, channel, data) {
-  if (win && !win.isDestroyed()) {
-    win.webContents.send(channel, data);
-  }
-}
-
-const cliController$2 = {
-  /**
-   * isAvailable
-   * Check if the Claude Code CLI is installed and accessible.
-   *
-   * @returns {{ available: boolean, path?: string }}
-   */
-  isAvailable: () => {
-    const binaryPath = resolveCliBinary();
-    if (binaryPath) {
-      return { available: true, path: binaryPath };
-    }
-    return { available: false };
-  },
-
-  /**
-   * sendMessage
-   * Stream a response from the Claude Code CLI with NDJSON parsing.
-   *
-   * @param {BrowserWindow} win - the window to send stream events to
-   * @param {string} requestId - unique ID for this request
-   * @param {object} params - { model, messages, systemPrompt, maxToolRounds, widgetUuid }
-   */
-  sendMessage: async (win, requestId, params) => {
-    const { model, messages, systemPrompt, widgetUuid, cwd } = params;
-
-    const binaryPath = resolveCliBinary();
-    if (!binaryPath) {
-      safeSend(win, LLM_STREAM_ERROR$2, {
-        requestId,
-        error:
-          "Claude Code CLI not found. Install from https://claude.ai/download",
-        code: "CLI_NOT_FOUND",
-      });
-      return;
-    }
-
-    // Build CLI args.
-    //
-    // --disable-slash-commands: prevent Claude from auto-triggering project
-    // skills by description match. When running in a project with a
-    // `.claude/skills/<name>/SKILL.md`, Claude would otherwise internalize
-    // that skill's content even when the host app's system prompt says not
-    // to — causing long reasoning loops or silent hangs. We pass only the
-    // caller's `systemPrompt` as context.
-    //
-    // --permission-mode bypassPermissions: in an embedded in-app assistant,
-    // the user has already opted into the configured MCP servers (they
-    // ran `claude mcp add` themselves). Prompting for tool-use approval
-    // on every call produces "I need permission to..." replies instead of
-    // actual actions. Bypassing matches the user's intent — if they
-    // didn't want the assistant to use a tool, they wouldn't have
-    // configured it.
-    //
-    // (We intentionally avoid `--bare` — it also disables keychain reads,
-    // which breaks OAuth login for users authenticated via `claude login`.)
-    const args = [
-      "-p",
-      "--disable-slash-commands",
-      "--permission-mode",
-      "bypassPermissions",
-      "--output-format",
-      "stream-json",
-      "--verbose",
-    ];
-
-    if (model) {
-      args.push("--model", model);
-    }
-
-    if (systemPrompt) {
-      args.push("--append-system-prompt", systemPrompt);
-    }
-
-    // Resume existing session for conversation continuity
-    const sessionId = widgetUuid ? sessions.get(widgetUuid) : null;
-    if (sessionId) {
-      args.push("--resume", sessionId);
-    }
-
-    // Extract the user message (last user message in the array)
-    const lastUserMsg = [...messages].reverse().find((m) => m.role === "user");
-    const userText =
-      typeof lastUserMsg?.content === "string"
-        ? lastUserMsg.content
-        : Array.isArray(lastUserMsg?.content)
-          ? lastUserMsg.content
-              .filter((b) => b.type === "text")
-              .map((b) => b.text)
-              .join("\n")
-          : "";
-
-    if (!userText) {
-      safeSend(win, LLM_STREAM_ERROR$2, {
-        requestId,
-        error: "No user message to send.",
-        code: "CLI_ERROR",
-      });
-      return;
-    }
-
-    try {
-      const fullPath = getShellPath();
-      const spawnOpts = {
-        env: { ...process.env, PATH: fullPath },
-        stdio: ["pipe", "pipe", "pipe"],
-        // On Windows, the Claude CLI is typically installed as claude.cmd
-        // (a batch wrapper). Node's child_process.spawn can't launch .cmd
-        // files directly without a shell — ENOENT otherwise.
-        shell: IS_WINDOWS,
-      };
-      if (cwd) {
-        const fs = require("fs");
-        if (!fs.existsSync(cwd)) {
-          fs.mkdirSync(cwd, { recursive: true });
-        }
-        spawnOpts.cwd = cwd;
-      }
-      const child = spawn(binaryPath, args, spawnOpts);
-
-      activeProcesses.set(requestId, child);
-
-      // Pipe user message via stdin (not visible in ps)
-      child.stdin.write(userText);
-      child.stdin.end();
-
-      let stdoutBuffer = "";
-      let stderrBuffer = "";
-      let capturedSessionId = null;
-      let retried = false;
-
-      // Track active tool calls for mapping results
-      const activeToolCalls = new Map();
-
-      child.stdout.on("data", (chunk) => {
-        stdoutBuffer += chunk.toString();
-
-        // Process complete lines
-        const lines = stdoutBuffer.split("\n");
-        stdoutBuffer = lines.pop(); // keep incomplete line in buffer
-
-        for (const line of lines) {
-          if (!line.trim()) continue;
-
-          let parsed;
-          try {
-            parsed = JSON.parse(line);
-          } catch {
-            console.warn("[cliController] Skipping invalid JSON line:", line);
-            continue;
-          }
-
-          // Capture session ID from any message that has it
-          if (parsed.session_id && widgetUuid) {
-            capturedSessionId = parsed.session_id;
-            sessions.set(widgetUuid, capturedSessionId);
-          }
-
-          // Map CLI stream-json events to IPC events
-          if (parsed.type === "content_block_delta") {
-            if (parsed.delta?.type === "text_delta" && parsed.delta.text) {
-              safeSend(win, LLM_STREAM_DELTA$2, {
-                requestId,
-                text: parsed.delta.text,
-              });
-            } else if (parsed.delta?.type === "input_json_delta") {
-              // Update tool input incrementally
-              const tc = activeToolCalls.get(parsed.index);
-              if (tc) {
-                tc.partialInput =
-                  (tc.partialInput || "") + (parsed.delta.partial_json || "");
-              }
-            }
-          } else if (parsed.type === "content_block_start") {
-            if (parsed.content_block?.type === "tool_use") {
-              const toolBlock = parsed.content_block;
-              activeToolCalls.set(parsed.index, {
-                toolUseId: toolBlock.id,
-                toolName: toolBlock.name,
-                partialInput: "",
-              });
-              safeSend(win, LLM_STREAM_TOOL_CALL$2, {
-                requestId,
-                toolUseId: toolBlock.id,
-                toolName: toolBlock.name,
-                serverName: "Claude Code",
-                input: toolBlock.input || {},
-              });
-            }
-          } else if (parsed.type === "content_block_stop") {
-            // Tool call completed — try to parse the accumulated input
-            const tc = activeToolCalls.get(parsed.index);
-            if (tc && tc.partialInput) {
-              try {
-                tc.finalInput = JSON.parse(tc.partialInput);
-              } catch {
-                tc.finalInput = tc.partialInput;
-              }
-            }
-          } else if (parsed.type === "message_stop") {
-            // Individual message completed (may be followed by more in tool-use loops)
-          } else if (parsed.type === "result") {
-            // Final result — conversation complete
-            const content = [];
-            if (parsed.result) {
-              content.push({ type: "text", text: parsed.result });
-            }
-
-            safeSend(win, LLM_STREAM_COMPLETE$2, {
-              requestId,
-              content,
-              stopReason: parsed.stop_reason || "end_turn",
-              usage: parsed.usage || {},
-            });
-          }
-        }
-      });
-
-      child.stderr.on("data", (chunk) => {
-        stderrBuffer += chunk.toString();
-      });
-
-      child.on("error", (err) => {
-        activeProcesses.delete(requestId);
-        safeSend(win, LLM_STREAM_ERROR$2, {
-          requestId,
-          error: `Failed to start Claude CLI: ${err.message}`,
-          code: "CLI_SPAWN_ERROR",
-        });
-      });
-
-      child.on("close", (code) => {
-        activeProcesses.delete(requestId);
-
-        // Process any remaining buffer
-        if (stdoutBuffer.trim()) {
-          try {
-            const parsed = JSON.parse(stdoutBuffer);
-            if (parsed.session_id && widgetUuid) {
-              sessions.set(widgetUuid, parsed.session_id);
-            }
-            if (parsed.type === "result") {
-              const content = [];
-              if (parsed.result) {
-                content.push({ type: "text", text: parsed.result });
-              }
-              safeSend(win, LLM_STREAM_COMPLETE$2, {
-                requestId,
-                content,
-                stopReason: parsed.stop_reason || "end_turn",
-                usage: parsed.usage || {},
-              });
-              return;
-            }
-          } catch {
-            // ignore
-          }
-        }
-
-        if (code !== 0 && code !== null) {
-          // Check if resume failed and retry without it
-          if (sessionId && !retried && stderrBuffer.includes("session")) {
-            retried = true;
-            if (widgetUuid) sessions.delete(widgetUuid);
-            // Retry without --resume
-            cliController$2.sendMessage(win, requestId, {
-              ...params,
-              _retryWithoutResume: true,
-            });
-            return;
-          }
-
-          // Check for auth errors
-          if (
-            stderrBuffer.includes("auth") ||
-            stderrBuffer.includes("login") ||
-            stderrBuffer.includes("not authenticated")
-          ) {
-            safeSend(win, LLM_STREAM_ERROR$2, {
-              requestId,
-              error:
-                "Claude Code CLI is not authenticated. Run `claude auth login` in your terminal.",
-              code: "CLI_AUTH_ERROR",
-            });
-            return;
-          }
-
-          safeSend(win, LLM_STREAM_ERROR$2, {
-            requestId,
-            error: `Claude CLI exited with code ${code}${stderrBuffer ? ": " + stderrBuffer.slice(0, 500) : ""}`,
-            code: "CLI_ERROR",
-          });
-        }
-      });
-    } catch (err) {
-      activeProcesses.delete(requestId);
-      safeSend(win, LLM_STREAM_ERROR$2, {
-        requestId,
-        error: `Failed to start Claude CLI: ${err.message}`,
-        code: "CLI_SPAWN_ERROR",
-      });
-    }
-  },
-
-  /**
-   * abortRequest
-   * Kill an in-flight CLI process.
-   *
-   * @param {string} requestId - the request to cancel
-   * @returns {{ success: boolean }}
-   */
-  abortRequest: (requestId) => {
-    const child = activeProcesses.get(requestId);
-    if (child) {
-      killChildTree(child);
-      activeProcesses.delete(requestId);
-      return { success: true };
-    }
-    return { success: false, message: "Request not found" };
-  },
-
-  /**
-   * clearSession
-   * Remove the stored session ID for a widget (called on "New Chat").
-   *
-   * @param {string} widgetUuid - the widget whose session to clear
-   * @returns {{ success: boolean }}
-   */
-  clearSession: (widgetUuid) => {
-    if (widgetUuid && sessions.has(widgetUuid)) {
-      sessions.delete(widgetUuid);
-      return { success: true };
-    }
-    return { success: false };
-  },
-
-  /**
-   * getSessionStatus
-   * Check if a CLI session exists and whether a process is active for a widget.
-   *
-   * @param {string} widgetUuid - the widget to check
-   * @returns {{ hasSession: boolean, sessionId?: string, isProcessActive: boolean }}
-   */
-  getSessionStatus: (widgetUuid) => {
-    const sessionId = widgetUuid ? sessions.get(widgetUuid) : null;
-    // Check if any active process belongs to this widget
-    let isProcessActive = false;
-    for (const [, child] of activeProcesses) {
-      if (!child.killed) {
-        isProcessActive = true;
-        break;
-      }
-    }
-    return {
-      hasSession: !!sessionId,
-      sessionId: sessionId || undefined,
-      isProcessActive,
-    };
-  },
-
-  /**
-   * endSession
-   * Kill any active CLI process AND clear the session for a widget.
-   *
-   * @param {string} widgetUuid - the widget whose session to end
-   * @returns {{ success: boolean }}
-   */
-  endSession: (widgetUuid) => {
-    // Kill any active processes for this widget
-    for (const [reqId, child] of activeProcesses) {
-      if (reqId.startsWith(widgetUuid)) {
-        killChildTree(child);
-        activeProcesses.delete(reqId);
-      }
-    }
-    // Clear the session
-    if (widgetUuid && sessions.has(widgetUuid)) {
-      sessions.delete(widgetUuid);
-    }
-    return { success: true };
-  },
-};
-
-var cliController_1 = cliController$2;
-
-/**
- * toolDefinitions.js
- *
- * MCP tool schemas for dashboard/workspace operations and app stats.
- * Each definition includes name, description, and JSON Schema inputSchema.
- */
-
-const dashboardTools$1 = [
-  {
-    name: "list_dashboards",
-    description:
-      "List all dashboards with their IDs, names, and widget counts. Use this to discover existing dashboards before creating new ones or to find a dashboard ID for other operations.",
-    inputSchema: {
-      type: "object",
-      properties: {},
-      required: [],
-    },
-  },
-  {
-    name: "get_dashboard",
-    description:
-      "Get full details of a dashboard including layout, widgets, and theme. Omit dashboardId to get the active dashboard. Use this to inspect widget configurations or to understand the current layout before making changes.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description:
-            "Dashboard ID. Omit to get the currently active dashboard.",
-        },
-      },
-      required: [],
-    },
-  },
-  {
-    name: "create_dashboard",
-    description:
-      "Create a new dashboard with the given name. Defaults to a 1×1 grid layout if `layout` is omitted — the resulting dashboard has a single cell ready for a widget. Pass an explicit `layout` object to use different dimensions. Pass `layout: null` only if the caller specifically wants a layout-less container dashboard (rare — widgets cannot be added without further editing). Returns the dashboard ID.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description: "Display name for the new dashboard",
-        },
-        layout: {
-          type: "object",
-          description:
-            "Optional grid layout configuration. When provided, creates a grid dashboard instead of a simple container.",
-          properties: {
-            rows: {
-              type: "number",
-              description: "Number of rows (1-10)",
-            },
-            cols: {
-              type: "number",
-              description: "Number of columns (1-10)",
-            },
-            gap: {
-              type: "string",
-              description:
-                "Tailwind gap class (e.g. 'gap-2', 'gap-4'). Defaults to 'gap-2'.",
-            },
-            colModes: {
-              type: "object",
-              description:
-                "Per-row column sizing. Keys are row numbers (as strings), values are mode strings: 'equal', '1/4', '1/3', '1/2', '2/3'.",
-            },
-          },
-          required: ["rows", "cols"],
-        },
-      },
-      required: ["name"],
-    },
-  },
-  {
-    name: "delete_dashboard",
-    description:
-      "Delete a dashboard by ID. Cannot delete the last remaining dashboard. Use list_dashboards first to find the dashboard ID.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "ID of the dashboard to delete",
-        },
-      },
-      required: ["dashboardId"],
-    },
-  },
-  {
-    name: "get_app_stats",
-    description:
-      "Get application statistics: counts of dashboards, widgets, themes, and providers. Useful for understanding the current state of the app at a glance.",
-    inputSchema: {
-      type: "object",
-      properties: {},
-      required: [],
-    },
-  },
-];
-
-const widgetTools$1 = [
-  {
-    name: "add_widget",
-    description:
-      "Add a widget to a dashboard by its scoped component name. IMPORTANT: Use the exact scoped name from list_widgets or search_widgets (format: 'scope.package.WidgetName', e.g. 'trops.gong.GongCallSearch'). Can be called multiple times. Returns the widget instance ID for use with configure_widget. If the dashboard has a grid layout, you can specify row/col for explicit placement, or omit them to auto-place in the next empty cell.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description:
-            "Dashboard ID to add the widget to. Omit to use the active dashboard.",
-        },
-        widgetName: {
-          type: "string",
-          description:
-            "Scoped component name from list_widgets/search_widgets (e.g. 'trops.gong.GongCallSearch', 'trops.slack.SlackChannelFeed')",
-        },
-        row: {
-          type: "number",
-          description:
-            "Grid row to place the widget in (1-indexed). Must be used together with col. Requires a grid layout on the dashboard.",
-        },
-        col: {
-          type: "number",
-          description:
-            "Grid column to place the widget in (1-indexed). Must be used together with row.",
-        },
-      },
-      required: ["widgetName"],
-    },
-  },
-  {
-    name: "remove_widget",
-    description:
-      "Remove a widget instance from a dashboard by its ID. Use get_dashboard to find widget instance IDs.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "Dashboard ID. Omit to use the active dashboard.",
-        },
-        widgetId: {
-          type: "string",
-          description: "ID of the widget instance to remove",
-        },
-      },
-      required: ["widgetId"],
-    },
-  },
-  {
-    name: "configure_widget",
-    description:
-      "Update a widget's configuration. The config object is merged into the existing config (partial update). Use get_dashboard to see current widget configs and discover valid config keys.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "Dashboard ID. Omit to use the active dashboard.",
-        },
-        widgetId: {
-          type: "string",
-          description: "ID of the widget instance to configure",
-        },
-        config: {
-          type: "object",
-          description:
-            "Configuration object to merge into existing widget config",
-        },
-      },
-      required: ["widgetId", "config"],
-    },
-  },
-  {
-    name: "list_widgets",
-    description:
-      "List all available widgets from the registry. Returns scoped component names (e.g. 'trops.gong.GongCallSearch') that can be passed directly to add_widget. Each widget includes an 'installed' boolean — if true, use add_widget directly; if false, call install_widget first. Also includes description, provider requirements, and package info.",
-    inputSchema: {
-      type: "object",
-      properties: {},
-      required: [],
-    },
-  },
-  {
-    name: "search_widgets",
-    description:
-      "Search the widget registry by keyword. Returns matching widgets with scoped names (e.g. 'trops.slack.SlackChannelFeed') that can be passed directly to add_widget. Each widget includes an 'installed' boolean — if true, use add_widget directly; if false, call install_widget first. Also includes description and provider info.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        query: {
-          type: "string",
-          description:
-            "Search keyword to match against widget names, descriptions, and tags",
-        },
-      },
-      required: ["query"],
-    },
-  },
-  {
-    name: "install_widget",
-    description:
-      "Install a widget package from the Dash registry. Requires registry authentication — the user must be signed in via Settings > Account in the Dash app. Use search_widgets first to find available packages, then install by package name (e.g., 'slack', 'gong', 'chat'). After installation, use add_widget to place it on a dashboard.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        packageName: {
-          type: "string",
-          description:
-            "Package name from the registry (e.g., 'slack', 'gong', 'chat'). Use the 'package' field from search_widgets results.",
-        },
-      },
-      required: ["packageName"],
-    },
-  },
-];
-
-const themeTools$1 = [
-  {
-    name: "list_themes",
-    description:
-      "List all saved themes with their names and whether they are currently active. Use this to discover available themes before applying one.",
-    inputSchema: {
-      type: "object",
-      properties: {},
-      required: [],
-    },
-  },
-  {
-    name: "get_theme",
-    description:
-      "Get full details of a theme by name, including all color values and shade mappings. Use list_themes first to find theme names.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description: "Name of the theme to retrieve",
-        },
-      },
-      required: ["name"],
-    },
-  },
-  {
-    name: "create_theme",
-    description:
-      "Create a new theme from a colors object. Primary maps to buttons, links, and active states. Secondary maps to backgrounds, cards, and panels. Tertiary maps to accents, badges, and highlights. Example colors: { primary: '#3b82f6', secondary: '#10b981', tertiary: '#f59e0b' }. After creation, use apply_theme to activate it.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description: "Display name for the new theme",
-        },
-        colors: {
-          type: "object",
-          description:
-            "Theme colors object with role keys mapped to hex values or shade objects",
-        },
-      },
-      required: ["name", "colors"],
-    },
-  },
-  {
-    name: "create_theme_from_url",
-    description:
-      "Extract brand colors from a website URL and generate a matching theme. Loads the page in a hidden browser, extracts colors from meta tags, CSS variables, computed styles, and favicons, then maps them to theme roles. Works best with pages that have visible brand colors. Takes a few seconds to process. After creation, use apply_theme to activate it.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        url: {
-          type: "string",
-          description:
-            "Website URL to extract colors from (must start with http:// or https://)",
-        },
-        name: {
-          type: "string",
-          description:
-            "Optional name for the theme. If omitted, a name is derived from the URL hostname.",
-        },
-      },
-      required: ["url"],
-    },
-  },
-  {
-    name: "apply_theme",
-    description:
-      "Apply a saved theme. Omit `dashboard` to set the app-wide default theme (affects every dashboard that doesn't have its own override). Pass `dashboard` (name or ID) to set that dashboard's theme override instead — useful when the user asks for a theme on a specific dashboard (e.g. 'apply ocean to my Sales dashboard'). The theme must already exist; use list_themes to see available themes or create one with create_theme / create_theme_from_url.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description: "Name of the theme to apply",
-        },
-        dashboard: {
-          type: "string",
-          description:
-            "Optional dashboard name or numeric ID. Omit for app-wide application.",
-        },
-      },
-      required: ["name"],
-    },
-  },
-];
-
-const guideTools$1 = [
-  {
-    name: "get_setup_guide",
-    description:
-      "Get a contextual setup guide for Dash. Returns step-by-step instructions for the requested topic. Call this when the user asks how to get started, what they can do, or needs help with a specific workflow.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        topic: {
-          type: "string",
-          enum: ["dashboard", "theme", "provider", "widget", "overview"],
-          description:
-            "Topic to get help with. Use 'overview' or omit for a general capabilities guide.",
-        },
-      },
-      required: [],
-    },
-  },
-];
-
-const providerTools$1 = [
-  {
-    name: "list_providers",
-    description:
-      "List all configured providers with their names, types, and status. Credential secrets are never returned. Use this to check which services are already connected.",
-    inputSchema: {
-      type: "object",
-      properties: {},
-      required: [],
-    },
-  },
-  {
-    name: "add_provider",
-    description:
-      "Add a new provider configuration. Supports credential providers (API keys) and MCP providers (server connections with tool scoping). Credentials are encrypted at rest. Common types: 'github', 'slack', 'algolia', 'notion', 'openai'. Use list_providers first to check existing connections.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description:
-            "Unique display name for the provider (e.g. 'Algolia Production', 'Slack')",
-        },
-        type: {
-          type: "string",
-          description:
-            "Provider type identifier (e.g. 'algolia', 'slack', 'openai', 'github')",
-        },
-        providerClass: {
-          type: "string",
-          enum: ["credential", "mcp"],
-          description:
-            "Provider class: 'credential' for API key providers, 'mcp' for MCP server providers. Defaults to 'credential'.",
-        },
-        credentials: {
-          type: "object",
-          description:
-            "Credentials object (e.g. { apiKey: '...', appId: '...' }). Encrypted at rest, never returned in responses.",
-        },
-        mcpConfig: {
-          type: "object",
-          description:
-            "MCP server configuration (transport, command, args, envMapping). Only used when providerClass is 'mcp'.",
-        },
-        allowedTools: {
-          type: "array",
-          items: { type: "string" },
-          description:
-            "Optional list of allowed MCP tool names. Only used when providerClass is 'mcp'.",
-        },
-      },
-      required: ["name", "type", "credentials"],
-    },
-  },
-  {
-    name: "remove_provider",
-    description:
-      "Remove a provider by name. This deletes the provider and its stored credentials permanently.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        name: {
-          type: "string",
-          description: "Name of the provider to remove",
-        },
-      },
-      required: ["name"],
-    },
-  },
-];
-
-const layoutTools$1 = [
-  {
-    name: "set_layout",
-    description:
-      "Set or replace the grid layout on a dashboard. Creates a LayoutGridContainer with the specified dimensions. Existing widgets in cells that fit the new grid are preserved; widgets outside the new bounds are orphaned (kept but unassigned). Use this to add a grid to an existing dashboard or to resize the grid.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "Dashboard ID. Omit to use the active dashboard.",
-        },
-        rows: {
-          type: "number",
-          description: "Number of rows (1-10)",
-        },
-        cols: {
-          type: "number",
-          description: "Number of columns (1-10)",
-        },
-        gap: {
-          type: "string",
-          description:
-            "Tailwind gap class (e.g. 'gap-2', 'gap-4'). Defaults to 'gap-2'.",
-        },
-        colModes: {
-          type: "object",
-          description:
-            "Per-row column sizing. Keys are row numbers (as strings), values are mode strings: 'equal', '1/4', '1/3', '1/2', '2/3'.",
-        },
-      },
-      required: ["rows", "cols"],
-    },
-  },
-  {
-    name: "update_layout",
-    description:
-      "Partially update the grid layout. Only specified properties change — omitted properties keep their current values. colModes is merged (not replaced). Widgets in removed rows/columns are orphaned. Dashboard must already have a grid layout.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "Dashboard ID. Omit to use the active dashboard.",
-        },
-        rows: {
-          type: "number",
-          description: "New number of rows (1-10). Omit to keep current.",
-        },
-        cols: {
-          type: "number",
-          description: "New number of columns (1-10). Omit to keep current.",
-        },
-        gap: {
-          type: "string",
-          description: "Tailwind gap class. Omit to keep current.",
-        },
-        colModes: {
-          type: "object",
-          description:
-            "Column sizing modes to merge. Set a key to null to reset that row to default.",
-        },
-      },
-      required: [],
-    },
-  },
-  {
-    name: "move_widget",
-    description:
-      "Move a widget to a different grid cell. If the target cell is occupied, the two widgets are swapped. The widget must already be placed in a grid cell. Use get_dashboard to find widget IDs and current positions.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        dashboardId: {
-          type: "string",
-          description: "Dashboard ID. Omit to use the active dashboard.",
-        },
-        widgetId: {
-          type: "string",
-          description: "ID of the widget to move",
-        },
-        row: {
-          type: "number",
-          description: "Target row (1-indexed)",
-        },
-        col: {
-          type: "number",
-          description: "Target column (1-indexed)",
-        },
-      },
-      required: ["widgetId", "row", "col"],
-    },
-  },
-];
-
-var toolDefinitions$1 = {
-  dashboardTools: dashboardTools$1,
-  widgetTools: widgetTools$1,
-  themeTools: themeTools$1,
-  providerTools: providerTools$1,
-  guideTools: guideTools$1,
-  layoutTools: layoutTools$1,
-};
-
 var mcp = {};
 
 var server$1 = {};
@@ -49304,533 +48283,1635 @@ function jsonSchemaToZod$1(schema) {
     if (!required.includes(key)) {
       fieldSchema = fieldSchema.optional();
     }
-    shape[key] = fieldSchema;
-  }
+    shape[key] = fieldSchema;
+  }
+
+  return z$1.object(shape);
+}
+
+var jsonSchemaToZod_1 = { jsonSchemaToZod: jsonSchemaToZod$1, jsonSchemaPropertyToZod };
+
+/**
+ * mcpDashServerController.js
+ *
+ * Manages the hosted MCP server that exposes Dash capabilities to external
+ * LLM clients (Claude Desktop, ChatGPT, etc.) via Streamable HTTP transport.
+ *
+ * This is the MCP *server* — distinct from mcpController.js which is the
+ * MCP *client* that connects to external tool servers for widgets.
+ *
+ * Architecture:
+ *   - Node https server bound to 127.0.0.1 (localhost only)
+ *   - Auto-generated self-signed TLS certificate for localhost
+ *   - StreamableHTTPServerTransport from @modelcontextprotocol/sdk
+ *   - McpServer registers tools and resources
+ *   - Bearer token authentication on all requests
+ *   - Rate limiting via token bucket (60 req/min)
+ */
+
+const https$2 = require$$8$1;
+const { randomUUID } = require$$1$5;
+const { BrowserWindow } = require$$0$1;
+const { McpServer } = mcp;
+const {
+  StreamableHTTPServerTransport,
+} = streamableHttp;
+
+const settingsController$3 = settingsController_1;
+const { getOrCreateCert } = tlsCert;
+
+// Tool-name prefixes that indicate a mutation. After a successful call
+// to any of these, the renderer is notified via "dash-mcp:state-changed"
+// so it can refresh the relevant UI slice (themes, dashboards, widgets,
+// providers, etc.) without requiring a manual reload.
+const MUTATING_PREFIXES = [
+  "create_",
+  "add_",
+  "remove_",
+  "delete_",
+  "update_",
+  "apply_",
+  "install_",
+  "move_",
+  "set_",
+  "configure_",
+];
+
+function isMutatingTool(name) {
+  return MUTATING_PREFIXES.some((p) => name.startsWith(p));
+}
+
+function broadcastStateChanged(toolName, result) {
+  // Best-effort parse of the tool's first text content block. MCP tool
+  // results are of shape { content: [{ type: "text", text: "<json>" }] }.
+  // Expose the parsed JSON as `result` so renderers can act on specifics
+  // (e.g. the new dashboard ID from create_dashboard) without a round
+  // trip back to fetch state.
+  let parsed = null;
+  try {
+    const firstText = result?.content?.find?.((c) => c.type === "text")?.text;
+    if (firstText) parsed = JSON.parse(firstText);
+  } catch {
+    /* leave null */
+  }
+  const payload = { toolName, result: parsed };
+  for (const win of BrowserWindow.getAllWindows()) {
+    if (!win.isDestroyed()) {
+      try {
+        win.webContents.send("dash-mcp:state-changed", payload);
+      } catch {
+        /* ignore */
+      }
+    }
+  }
+}
+
+// --- State ---
+let mcpServer = null;
+let httpsServer = null;
+let transport = null;
+let startTime = null;
+let connectionCount = 0;
+let activeWin = null;
+
+// --- Rate Limiting ---
+const RATE_LIMIT = 60; // requests per minute
+const RATE_WINDOW = 60 * 1000; // 1 minute in ms
+const rateBuckets$1 = new Map(); // ip -> { count, resetAt }
+
+function isRateLimited$1(ip) {
+  const now = Date.now();
+  let bucket = rateBuckets$1.get(ip);
+  if (!bucket || now > bucket.resetAt) {
+    bucket = { count: 0, resetAt: now + RATE_WINDOW };
+    rateBuckets$1.set(ip, bucket);
+  }
+  bucket.count++;
+  return bucket.count > RATE_LIMIT;
+}
+
+// Clean up stale buckets periodically
+let cleanupInterval = null;
+function startCleanup() {
+  if (cleanupInterval) return;
+  cleanupInterval = setInterval(() => {
+    const now = Date.now();
+    for (const [ip, bucket] of rateBuckets$1) {
+      if (now > bucket.resetAt) rateBuckets$1.delete(ip);
+    }
+  }, RATE_WINDOW);
+}
+function stopCleanup() {
+  if (cleanupInterval) {
+    clearInterval(cleanupInterval);
+    cleanupInterval = null;
+  }
+  rateBuckets$1.clear();
+}
+
+// --- Tool, Resource & Prompt Registration ---
+// These are populated by other modules (DASH-78, DASH-79, etc.)
+// Each entry: { name, description, inputSchema, handler }
+const registeredTools = [];
+const registeredResources = [];
+// Each entry: { name, description, args, handler }
+const registeredPrompts = [];
+
+/**
+ * Register a tool to be exposed via the MCP server.
+ * Call this before starting the server (or restart after registering).
+ */
+function registerTool$6(toolDef) {
+  registeredTools.push(toolDef);
+}
+
+/**
+ * Register a resource to be exposed via the MCP server.
+ */
+function registerResource$1(resourceDef) {
+  registeredResources.push(resourceDef);
+}
+
+/**
+ * Register a prompt to be exposed via the MCP server.
+ * Prompts are guided entry points that LLM clients display as suggested actions.
+ */
+function registerPrompt$1(promptDef) {
+  registeredPrompts.push(promptDef);
+}
+
+const z = zod;
+const { jsonSchemaToZod } = jsonSchemaToZod_1;
+
+/**
+ * Apply all registered tools, resources, and prompts to the McpServer instance.
+ */
+function applyRegistrations(server) {
+  for (const tool of registeredTools) {
+    const zodSchema = jsonSchemaToZod(tool.inputSchema);
+    // Wrap mutating tool handlers so a successful invocation broadcasts
+    // "dash-mcp:state-changed" to all renderer windows. Read-only tools
+    // (list_, get_, search_) are passed through unwrapped.
+    const mutating = isMutatingTool(tool.name);
+    const handler = mutating
+      ? async (...args) => {
+          const result = await tool.handler(...args);
+          if (result && !result.isError) {
+            broadcastStateChanged(tool.name, result);
+          }
+          return result;
+        }
+      : tool.handler;
+    // server.tool() expects a raw Zod shape (e.g. { name: z.string() }),
+    // NOT a z.object() wrapper. Extract .shape from the Zod object.
+    server.tool(tool.name, tool.description, zodSchema.shape || {}, handler);
+  }
+  for (const resource of registeredResources) {
+    server.resource(
+      resource.name,
+      resource.uri,
+      resource.metadata || {},
+      resource.handler,
+    );
+  }
+  for (const prompt of registeredPrompts) {
+    if (prompt.args && Object.keys(prompt.args).length > 0) {
+      // Prompt with arguments — use the 4-arg overload
+      // Build a Zod-compatible arg schema from our plain arg definitions
+      const shape = {};
+      for (const [key, def] of Object.entries(prompt.args)) {
+        shape[key] = def.required
+          ? z.string().describe(def.description)
+          : z.string().optional().describe(def.description);
+      }
+      server.prompt(prompt.name, prompt.description, shape, prompt.handler);
+    } else {
+      // Prompt with no arguments — use the 2-arg overload
+      server.prompt(prompt.name, prompt.description, prompt.handler);
+    }
+  }
+}
+
+// --- Settings Helpers ---
+function getMcpServerSettings(win) {
+  const result = settingsController$3.getSettingsForApplication(win);
+  const settings = result?.settings || {};
+  return settings.mcpDashServer || {};
+}
+
+function saveMcpServerSettings(win, mcpSettings) {
+  const result = settingsController$3.getSettingsForApplication(win);
+  const settings = result?.settings || {};
+  settings.mcpDashServer = mcpSettings;
+  settingsController$3.saveSettingsForApplication(win, settings);
+}
+
+// --- App ID Resolution ---
+/**
+ * Resolve the appId by scanning the userData/Dashboard directory for
+ * subdirectories containing workspaces.json. Falls back to the default.
+ */
+function resolveAppId() {
+  const { app } = require$$0$1;
+  const fs = require$$0$2;
+  const path = require$$1$2;
+  const dashboardDir = path.join(app.getPath("userData"), "Dashboard");
+  try {
+    const entries = fs.readdirSync(dashboardDir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.isDirectory()) {
+        const wsFile = path.join(dashboardDir, entry.name, "workspaces.json");
+        if (fs.existsSync(wsFile)) {
+          return entry.name;
+        }
+      }
+    }
+  } catch (e) {
+    // Directory may not exist yet
+  }
+  return "@trops/dash-electron";
+}
+
+/**
+ * Get the current server context (win + appId) for tool handlers.
+ * Returns null if the server is not running.
+ */
+function getServerContext() {
+  if (!activeWin) return null;
+  return { win: activeWin, appId: resolveAppId() };
+}
+
+// --- Controller ---
+const mcpDashServerController$4 = {
+  /**
+   * Start the MCP Dash server.
+   * @param {BrowserWindow} win
+   * @param {Object} options - { port?: number }
+   */
+  startServer: async (win, options = {}) => {
+    if (httpsServer) {
+      return {
+        success: false,
+        error: "Server is already running",
+      };
+    }
+
+    try {
+      const serverSettings = getMcpServerSettings(win);
+      const port = options.port || serverSettings.port || 3141;
+      const token =
+        serverSettings.token || mcpDashServerController$4.getOrCreateToken(win);
+
+      // Create McpServer
+      mcpServer = new McpServer({
+        name: "dash-electron",
+        version: "1.0.0",
+      });
+
+      // Generate or load TLS certificate
+      const { app } = require("electron");
+      const path = require("path");
+      const certsDir = path.join(app.getPath("userData"), "certs");
+      const tlsCert = getOrCreateCert(certsDir);
+
+      // Apply registered tools and resources
+      applyRegistrations(mcpServer);
+
+      // Create HTTPS server with auth and rate limiting
+      httpsServer = https$2.createServer(
+        { key: tlsCert.key, cert: tlsCert.cert },
+        async (req, res) => {
+          const ip = req.socket.remoteAddress || req.connection.remoteAddress;
+
+          // Rate limiting
+          if (isRateLimited$1(ip)) {
+            res.writeHead(429, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Rate limit exceeded" }));
+            return;
+          }
+
+          // Bearer token auth
+          const authHeader = req.headers.authorization;
+          if (!authHeader || authHeader !== `Bearer ${token}`) {
+            res.writeHead(401, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Unauthorized" }));
+            return;
+          }
+
+          // Handle MCP requests on /mcp path
+          if (req.url === "/mcp" || req.url?.startsWith("/mcp")) {
+            try {
+              // Stateless mode: create a fresh server + transport per request
+              const reqServer = new McpServer({
+                name: "dash-electron",
+                version: "1.0.0",
+              });
+              applyRegistrations(reqServer);
+              const reqTransport = new StreamableHTTPServerTransport({
+                sessionIdGenerator: undefined,
+              });
+              await reqServer.connect(reqTransport);
+              connectionCount++;
+              await reqTransport.handleRequest(req, res);
+            } catch (err) {
+              console.error("[mcpDashServer] Error handling MCP request:", err);
+              if (!res.headersSent) {
+                res.writeHead(500, {
+                  "Content-Type": "application/json",
+                });
+                res.end(
+                  JSON.stringify({
+                    error: "Internal server error",
+                  }),
+                );
+              }
+            }
+          } else {
+            // Health check endpoint
+            if (req.url === "/health" && req.method === "GET") {
+              res.writeHead(200, {
+                "Content-Type": "application/json",
+              });
+              res.end(
+                JSON.stringify({
+                  status: "ok",
+                  server: "dash-electron-mcp",
+                  version: "1.0.0",
+                }),
+              );
+              return;
+            }
+            res.writeHead(404, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Not found" }));
+          }
+        },
+      );
+
+      // Bind to localhost only
+      await new Promise((resolve, reject) => {
+        httpsServer.on("error", (err) => {
+          httpsServer = null;
+          mcpServer = null;
+          if (err.code === "EADDRINUSE") {
+            reject(
+              new Error(
+                `Port ${port} is already in use. Choose a different port in Settings.`,
+              ),
+            );
+          } else {
+            reject(err);
+          }
+        });
+        httpsServer.listen(port, "127.0.0.1", () => {
+          resolve();
+        });
+      });
+
+      startTime = Date.now();
+      connectionCount = 0;
+      activeWin = win;
+      startCleanup();
+
+      // Save enabled state
+      saveMcpServerSettings(win, {
+        ...serverSettings,
+        enabled: true,
+        port,
+        token,
+      });
+
+      console.log(
+        `[mcpDashServer] Server started on https://127.0.0.1:${port}/mcp`,
+      );
+
+      return {
+        success: true,
+        port,
+        url: `https://127.0.0.1:${port}/mcp`,
+      };
+    } catch (err) {
+      console.error("[mcpDashServer] Failed to start server:", err);
+      httpsServer = null;
+      mcpServer = null;
+      return {
+        success: false,
+        error: err.message,
+      };
+    }
+  },
+
+  /**
+   * Stop the MCP Dash server.
+   */
+  stopServer: async (win) => {
+    if (!httpsServer) {
+      return { success: true, message: "Server was not running" };
+    }
+
+    try {
+      stopCleanup();
+
+      await new Promise((resolve) => {
+        httpsServer.close(() => resolve());
+        // Force close after 5 seconds
+        setTimeout(() => resolve(), 5000);
+      });
+
+      if (mcpServer) {
+        try {
+          await mcpServer.close();
+        } catch (e) {
+          // Ignore close errors
+        }
+      }
+
+      httpsServer = null;
+      mcpServer = null;
+      transport = null;
+      startTime = null;
+      connectionCount = 0;
+      activeWin = null;
+
+      // Update settings
+      if (win) {
+        const serverSettings = getMcpServerSettings(win);
+        saveMcpServerSettings(win, {
+          ...serverSettings,
+          enabled: false,
+        });
+      }
+
+      console.log("[mcpDashServer] Server stopped");
+      return { success: true };
+    } catch (err) {
+      console.error("[mcpDashServer] Error stopping server:", err);
+      return { success: false, error: err.message };
+    }
+  },
+
+  /**
+   * Restart the server (stop + start).
+   */
+  restartServer: async (win, options = {}) => {
+    await mcpDashServerController$4.stopServer(win);
+    return mcpDashServerController$4.startServer(win, options);
+  },
+
+  /**
+   * Get server status.
+   */
+  getStatus: (win) => {
+    const serverSettings = getMcpServerSettings(win);
+    return {
+      running: !!httpsServer,
+      enabled: serverSettings.enabled || false,
+      port: serverSettings.port || 3141,
+      connectionCount,
+      uptime: startTime ? Math.floor((Date.now() - startTime) / 1000) : 0,
+      toolCount: registeredTools.length,
+      resourceCount: registeredResources.length,
+    };
+  },
+
+  /**
+   * Get or create the bearer token.
+   */
+  getOrCreateToken: (win) => {
+    const serverSettings = getMcpServerSettings(win);
+    if (serverSettings.token) {
+      return serverSettings.token;
+    }
+    const token = randomUUID();
+    saveMcpServerSettings(win, { ...serverSettings, token });
+    return token;
+  },
+
+  /**
+   * Auto-start server if enabled in settings.
+   * Called from dash-electron on app ready.
+   */
+  autoStart: async (win) => {
+    const serverSettings = getMcpServerSettings(win);
+    if (serverSettings.enabled) {
+      console.log("[mcpDashServer] Auto-starting server...");
+      return mcpDashServerController$4.startServer(win, {
+        port: serverSettings.port,
+      });
+    }
+    return { success: false, message: "Server not enabled" };
+  },
 
-  return z$1.object(shape);
-}
+  // Expose registration functions for other controllers
+  registerTool: registerTool$6,
+  registerResource: registerResource$1,
+  registerPrompt: registerPrompt$1,
+  getServerContext,
+};
 
-var jsonSchemaToZod_1 = { jsonSchemaToZod: jsonSchemaToZod$1, jsonSchemaPropertyToZod };
+var mcpDashServerController_1 = mcpDashServerController$4;
 
 /**
- * mcpDashServerController.js
- *
- * Manages the hosted MCP server that exposes Dash capabilities to external
- * LLM clients (Claude Desktop, ChatGPT, etc.) via Streamable HTTP transport.
+ * cliController.js
  *
- * This is the MCP *server* — distinct from mcpController.js which is the
- * MCP *client* that connects to external tool servers for widgets.
+ * Manages Claude Code CLI (`claude -p`) as an alternative LLM backend.
+ * Spawns the CLI subprocess, parses stream-json NDJSON output, and emits
+ * the same LLM_STREAM_* events as the Anthropic SDK path.
  *
- * Architecture:
- *   - Node https server bound to 127.0.0.1 (localhost only)
- *   - Auto-generated self-signed TLS certificate for localhost
- *   - StreamableHTTPServerTransport from @modelcontextprotocol/sdk
- *   - McpServer registers tools and resources
- *   - Bearer token authentication on all requests
- *   - Rate limiting via token bucket (60 req/min)
+ * Users with a Claude Pro/Max subscription and Claude Code installed
+ * can use the Chat widget without a separate API key.
  */
 
-const https$2 = require$$8$1;
-const { randomUUID } = require$$1$5;
-const { BrowserWindow } = require$$0$1;
-const { McpServer } = mcp;
+const { spawn, execSync } = require$$7;
 const {
-  StreamableHTTPServerTransport,
-} = streamableHttp;
+  LLM_STREAM_DELTA: LLM_STREAM_DELTA$2,
+  LLM_STREAM_TOOL_CALL: LLM_STREAM_TOOL_CALL$2,
+  LLM_STREAM_TOOL_RESULT: LLM_STREAM_TOOL_RESULT$2,
+  LLM_STREAM_COMPLETE: LLM_STREAM_COMPLETE$2,
+  LLM_STREAM_ERROR: LLM_STREAM_ERROR$2,
+} = llmEvents$1;
 
-const settingsController$3 = settingsController_1;
-const { getOrCreateCert } = tlsCert;
+const IS_WINDOWS = process.platform === "win32";
 
-// Tool-name prefixes that indicate a mutation. After a successful call
-// to any of these, the renderer is notified via "dash-mcp:state-changed"
-// so it can refresh the relevant UI slice (themes, dashboards, widgets,
-// providers, etc.) without requiring a manual reload.
-const MUTATING_PREFIXES = [
-  "create_",
-  "add_",
-  "remove_",
-  "delete_",
-  "update_",
-  "apply_",
-  "install_",
-  "move_",
-  "set_",
-  "configure_",
-];
+/**
+ * Cached shell PATH result (resolved once, reused for all spawns).
+ * Same pattern as mcpController.js.
+ */
+let _shellPath = null;
 
-function isMutatingTool(name) {
-  return MUTATING_PREFIXES.some((p) => name.startsWith(p));
-}
+function getShellPath() {
+  if (_shellPath !== null) return _shellPath;
+
+  // Windows: no POSIX login-shell trick — just use the inherited PATH,
+  // which is typically correct for GUI-launched Electron apps.
+  if (IS_WINDOWS) {
+    _shellPath = process.env.PATH || "";
+    return _shellPath;
+  }
 
-function broadcastStateChanged(toolName, result) {
-  // Best-effort parse of the tool's first text content block. MCP tool
-  // results are of shape { content: [{ type: "text", text: "<json>" }] }.
-  // Expose the parsed JSON as `result` so renderers can act on specifics
-  // (e.g. the new dashboard ID from create_dashboard) without a round
-  // trip back to fetch state.
-  let parsed = null;
   try {
-    const firstText = result?.content?.find?.((c) => c.type === "text")?.text;
-    if (firstText) parsed = JSON.parse(firstText);
+    const shell = process.env.SHELL || "/bin/bash";
+    _shellPath = execSync(`${shell} -ilc 'echo -n "$PATH"'`, {
+      encoding: "utf8",
+      timeout: 5000,
+    });
   } catch {
-    /* leave null */
-  }
-  const payload = { toolName, result: parsed };
-  for (const win of BrowserWindow.getAllWindows()) {
-    if (!win.isDestroyed()) {
-      try {
-        win.webContents.send("dash-mcp:state-changed", payload);
-      } catch {
-        /* ignore */
-      }
-    }
+    _shellPath = process.env.PATH || "";
   }
+
+  return _shellPath;
 }
 
-// --- State ---
-let mcpServer = null;
-let httpsServer = null;
-let transport = null;
-let startTime = null;
-let connectionCount = 0;
-let activeWin = null;
+/**
+ * Cached CLI binary path (resolved once via `which` / `where`).
+ */
+let _cliBinaryPath = undefined; // undefined = not yet checked
 
-// --- Rate Limiting ---
-const RATE_LIMIT = 60; // requests per minute
-const RATE_WINDOW = 60 * 1000; // 1 minute in ms
-const rateBuckets$1 = new Map(); // ip -> { count, resetAt }
+function resolveCliBinary() {
+  if (_cliBinaryPath !== undefined) return _cliBinaryPath;
 
-function isRateLimited$1(ip) {
-  const now = Date.now();
-  let bucket = rateBuckets$1.get(ip);
-  if (!bucket || now > bucket.resetAt) {
-    bucket = { count: 0, resetAt: now + RATE_WINDOW };
-    rateBuckets$1.set(ip, bucket);
+  try {
+    const fullPath = getShellPath();
+    // `where` on Windows, `which` everywhere else. `where` may list
+    // multiple matches on separate lines (e.g. claude.cmd + claude.ps1)
+    // — take the first hit.
+    const lookup = IS_WINDOWS ? "where claude" : "which claude";
+    const result = execSync(lookup, {
+      encoding: "utf8",
+      timeout: 5000,
+      env: { ...process.env, PATH: fullPath },
+    });
+    _cliBinaryPath = IS_WINDOWS
+      ? result
+          .split(/\r?\n/)
+          .find((l) => l.trim())
+          ?.trim() || null
+      : result.trim();
+  } catch {
+    _cliBinaryPath = null;
   }
-  bucket.count++;
-  return bucket.count > RATE_LIMIT;
-}
 
-// Clean up stale buckets periodically
-let cleanupInterval = null;
-function startCleanup() {
-  if (cleanupInterval) return;
-  cleanupInterval = setInterval(() => {
-    const now = Date.now();
-    for (const [ip, bucket] of rateBuckets$1) {
-      if (now > bucket.resetAt) rateBuckets$1.delete(ip);
-    }
-  }, RATE_WINDOW);
-}
-function stopCleanup() {
-  if (cleanupInterval) {
-    clearInterval(cleanupInterval);
-    cleanupInterval = null;
-  }
-  rateBuckets$1.clear();
+  return _cliBinaryPath;
 }
 
-// --- Tool, Resource & Prompt Registration ---
-// These are populated by other modules (DASH-78, DASH-79, etc.)
-// Each entry: { name, description, inputSchema, handler }
-const registeredTools = [];
-const registeredResources = [];
-// Each entry: { name, description, args, handler }
-const registeredPrompts = [];
-
 /**
- * Register a tool to be exposed via the MCP server.
- * Call this before starting the server (or restart after registering).
+ * Active CLI processes for abort support.
+ * Map<requestId, ChildProcess>
  */
-function registerTool$6(toolDef) {
-  registeredTools.push(toolDef);
-}
+const activeProcesses = new Map();
 
 /**
- * Register a resource to be exposed via the MCP server.
+ * Kill a child process and its descendants. On Windows, spawning with
+ * shell:true (needed for .cmd targets) means child.kill() only
+ * terminates the cmd.exe — the real CLI keeps running. Use taskkill
+ * with /T (tree) /F (force) to clean up.
  */
-function registerResource$1(resourceDef) {
-  registeredResources.push(resourceDef);
+function killChildTree(child) {
+  if (!child || child.killed || typeof child.pid !== "number") return;
+  if (IS_WINDOWS) {
+    try {
+      execSync(`taskkill /pid ${child.pid} /T /F`, {
+        stdio: "ignore",
+        timeout: 5000,
+      });
+    } catch {
+      // Fall back to plain kill — best-effort
+      try {
+        child.kill();
+      } catch {
+        /* ignore */
+      }
+    }
+  } else {
+    child.kill("SIGTERM");
+  }
 }
 
 /**
- * Register a prompt to be exposed via the MCP server.
- * Prompts are guided entry points that LLM clients display as suggested actions.
+ * Session IDs for conversation continuity.
+ * Map<widgetUuid, sessionId>
  */
-function registerPrompt$1(promptDef) {
-  registeredPrompts.push(promptDef);
-}
-
-const z = zod;
-const { jsonSchemaToZod } = jsonSchemaToZod_1;
+const sessions = new Map();
 
 /**
- * Apply all registered tools, resources, and prompts to the McpServer instance.
+ * Send events safely to a window.
  */
-function applyRegistrations(server) {
-  for (const tool of registeredTools) {
-    const zodSchema = jsonSchemaToZod(tool.inputSchema);
-    // Wrap mutating tool handlers so a successful invocation broadcasts
-    // "dash-mcp:state-changed" to all renderer windows. Read-only tools
-    // (list_, get_, search_) are passed through unwrapped.
-    const mutating = isMutatingTool(tool.name);
-    const handler = mutating
-      ? async (...args) => {
-          const result = await tool.handler(...args);
-          if (result && !result.isError) {
-            broadcastStateChanged(tool.name, result);
-          }
-          return result;
-        }
-      : tool.handler;
-    // server.tool() expects a raw Zod shape (e.g. { name: z.string() }),
-    // NOT a z.object() wrapper. Extract .shape from the Zod object.
-    server.tool(tool.name, tool.description, zodSchema.shape || {}, handler);
-  }
-  for (const resource of registeredResources) {
-    server.resource(
-      resource.name,
-      resource.uri,
-      resource.metadata || {},
-      resource.handler,
-    );
-  }
-  for (const prompt of registeredPrompts) {
-    if (prompt.args && Object.keys(prompt.args).length > 0) {
-      // Prompt with arguments — use the 4-arg overload
-      // Build a Zod-compatible arg schema from our plain arg definitions
-      const shape = {};
-      for (const [key, def] of Object.entries(prompt.args)) {
-        shape[key] = def.required
-          ? z.string().describe(def.description)
-          : z.string().optional().describe(def.description);
-      }
-      server.prompt(prompt.name, prompt.description, shape, prompt.handler);
-    } else {
-      // Prompt with no arguments — use the 2-arg overload
-      server.prompt(prompt.name, prompt.description, prompt.handler);
-    }
+function safeSend(win, channel, data) {
+  if (win && !win.isDestroyed()) {
+    win.webContents.send(channel, data);
   }
 }
 
-// --- Settings Helpers ---
-function getMcpServerSettings(win) {
-  const result = settingsController$3.getSettingsForApplication(win);
-  const settings = result?.settings || {};
-  return settings.mcpDashServer || {};
-}
+const cliController$2 = {
+  /**
+   * isAvailable
+   * Check if the Claude Code CLI is installed and accessible.
+   *
+   * @returns {{ available: boolean, path?: string }}
+   */
+  isAvailable: () => {
+    const binaryPath = resolveCliBinary();
+    if (binaryPath) {
+      return { available: true, path: binaryPath };
+    }
+    return { available: false };
+  },
 
-function saveMcpServerSettings(win, mcpSettings) {
-  const result = settingsController$3.getSettingsForApplication(win);
-  const settings = result?.settings || {};
-  settings.mcpDashServer = mcpSettings;
-  settingsController$3.saveSettingsForApplication(win, settings);
-}
+  /**
+   * sendMessage
+   * Stream a response from the Claude Code CLI with NDJSON parsing.
+   *
+   * @param {BrowserWindow} win - the window to send stream events to
+   * @param {string} requestId - unique ID for this request
+   * @param {object} params - { model, messages, systemPrompt, maxToolRounds, widgetUuid }
+   */
+  sendMessage: async (win, requestId, params) => {
+    const { model, messages, systemPrompt, widgetUuid, cwd } = params;
 
-// --- App ID Resolution ---
-/**
- * Resolve the appId by scanning the userData/Dashboard directory for
- * subdirectories containing workspaces.json. Falls back to the default.
- */
-function resolveAppId() {
-  const { app } = require$$0$1;
-  const fs = require$$0$2;
-  const path = require$$1$2;
-  const dashboardDir = path.join(app.getPath("userData"), "Dashboard");
-  try {
-    const entries = fs.readdirSync(dashboardDir, { withFileTypes: true });
-    for (const entry of entries) {
-      if (entry.isDirectory()) {
-        const wsFile = path.join(dashboardDir, entry.name, "workspaces.json");
-        if (fs.existsSync(wsFile)) {
-          return entry.name;
+    const binaryPath = resolveCliBinary();
+    if (!binaryPath) {
+      safeSend(win, LLM_STREAM_ERROR$2, {
+        requestId,
+        error:
+          "Claude Code CLI not found. Install from https://claude.ai/download",
+        code: "CLI_NOT_FOUND",
+      });
+      return;
+    }
+
+    // Build CLI args.
+    //
+    // --disable-slash-commands: prevent Claude from auto-triggering project
+    // skills by description match. When running in a project with a
+    // `.claude/skills/<name>/SKILL.md`, Claude would otherwise internalize
+    // that skill's content even when the host app's system prompt says not
+    // to — causing long reasoning loops or silent hangs. We pass only the
+    // caller's `systemPrompt` as context.
+    //
+    // --permission-mode bypassPermissions: in an embedded in-app assistant,
+    // the user has already opted into the configured MCP servers (they
+    // ran `claude mcp add` themselves). Prompting for tool-use approval
+    // on every call produces "I need permission to..." replies instead of
+    // actual actions. Bypassing matches the user's intent — if they
+    // didn't want the assistant to use a tool, they wouldn't have
+    // configured it.
+    //
+    // (We intentionally avoid `--bare` — it also disables keychain reads,
+    // which breaks OAuth login for users authenticated via `claude login`.)
+    const args = [
+      "-p",
+      "--disable-slash-commands",
+      "--permission-mode",
+      "bypassPermissions",
+      "--output-format",
+      "stream-json",
+      "--verbose",
+    ];
+
+    // Auto-wire the hosted Dash MCP server so the assistant can use Dash
+    // tools (apply_theme, create_dashboard, add_widget, etc.) without
+    // the user running `claude mcp add dash ...` themselves. We pass an
+    // inline --mcp-config every spawn; merges with any user-configured
+    // MCPs so their other tools (github, slack, etc.) remain available.
+    //
+    // Prereqs: the Dash MCP server is running and has issued a bearer
+    // token. If either is missing (server disabled, first launch before
+    // auto-start completes), we silently skip — the assistant still
+    // works for non-Dash queries, and the setup banner remains visible
+    // as a manual fallback.
+    try {
+      const mcpDashServerController = mcpDashServerController_1;
+      const status = mcpDashServerController.getStatus?.(win);
+      if (status?.running) {
+        const token = mcpDashServerController.getOrCreateToken?.(win);
+        if (token) {
+          const port = status.port || 3141;
+          const mcpConfig = JSON.stringify({
+            mcpServers: {
+              dash: {
+                type: "stdio",
+                command: "npx",
+                args: [
+                  "mcp-remote",
+                  `https://127.0.0.1:${port}/mcp`,
+                  "--header",
+                  `Authorization: Bearer ${token}`,
+                ],
+                env: { NODE_TLS_REJECT_UNAUTHORIZED: "0" },
+              },
+            },
+          });
+          args.push("--mcp-config", mcpConfig);
         }
       }
+    } catch (err) {
+      // Non-fatal: log and continue without Dash MCP.
+      console.warn(
+        "[cliController] Failed to inject Dash MCP config:",
+        err?.message,
+      );
     }
-  } catch (e) {
-    // Directory may not exist yet
-  }
-  return "@trops/dash-electron";
-}
 
-/**
- * Get the current server context (win + appId) for tool handlers.
- * Returns null if the server is not running.
- */
-function getServerContext() {
-  if (!activeWin) return null;
-  return { win: activeWin, appId: resolveAppId() };
-}
+    if (model) {
+      args.push("--model", model);
+    }
 
-// --- Controller ---
-const mcpDashServerController$4 = {
-  /**
-   * Start the MCP Dash server.
-   * @param {BrowserWindow} win
-   * @param {Object} options - { port?: number }
-   */
-  startServer: async (win, options = {}) => {
-    if (httpsServer) {
-      return {
-        success: false,
-        error: "Server is already running",
-      };
+    if (systemPrompt) {
+      args.push("--append-system-prompt", systemPrompt);
     }
 
-    try {
-      const serverSettings = getMcpServerSettings(win);
-      const port = options.port || serverSettings.port || 3141;
-      const token =
-        serverSettings.token || mcpDashServerController$4.getOrCreateToken(win);
+    // Resume existing session for conversation continuity
+    const sessionId = widgetUuid ? sessions.get(widgetUuid) : null;
+    if (sessionId) {
+      args.push("--resume", sessionId);
+    }
 
-      // Create McpServer
-      mcpServer = new McpServer({
-        name: "dash-electron",
-        version: "1.0.0",
+    // Extract the user message (last user message in the array)
+    const lastUserMsg = [...messages].reverse().find((m) => m.role === "user");
+    const userText =
+      typeof lastUserMsg?.content === "string"
+        ? lastUserMsg.content
+        : Array.isArray(lastUserMsg?.content)
+          ? lastUserMsg.content
+              .filter((b) => b.type === "text")
+              .map((b) => b.text)
+              .join("\n")
+          : "";
+
+    if (!userText) {
+      safeSend(win, LLM_STREAM_ERROR$2, {
+        requestId,
+        error: "No user message to send.",
+        code: "CLI_ERROR",
       });
+      return;
+    }
 
-      // Generate or load TLS certificate
-      const { app } = require("electron");
-      const path = require("path");
-      const certsDir = path.join(app.getPath("userData"), "certs");
-      const tlsCert = getOrCreateCert(certsDir);
+    try {
+      const fullPath = getShellPath();
+      const spawnOpts = {
+        env: { ...process.env, PATH: fullPath },
+        stdio: ["pipe", "pipe", "pipe"],
+        // On Windows, the Claude CLI is typically installed as claude.cmd
+        // (a batch wrapper). Node's child_process.spawn can't launch .cmd
+        // files directly without a shell — ENOENT otherwise.
+        shell: IS_WINDOWS,
+      };
+      if (cwd) {
+        const fs = require("fs");
+        if (!fs.existsSync(cwd)) {
+          fs.mkdirSync(cwd, { recursive: true });
+        }
+        spawnOpts.cwd = cwd;
+      }
+      const child = spawn(binaryPath, args, spawnOpts);
 
-      // Apply registered tools and resources
-      applyRegistrations(mcpServer);
+      activeProcesses.set(requestId, child);
 
-      // Create HTTPS server with auth and rate limiting
-      httpsServer = https$2.createServer(
-        { key: tlsCert.key, cert: tlsCert.cert },
-        async (req, res) => {
-          const ip = req.socket.remoteAddress || req.connection.remoteAddress;
+      // Pipe user message via stdin (not visible in ps)
+      child.stdin.write(userText);
+      child.stdin.end();
 
-          // Rate limiting
-          if (isRateLimited$1(ip)) {
-            res.writeHead(429, { "Content-Type": "application/json" });
-            res.end(JSON.stringify({ error: "Rate limit exceeded" }));
-            return;
+      let stdoutBuffer = "";
+      let stderrBuffer = "";
+      let capturedSessionId = null;
+      let retried = false;
+
+      // Track active tool calls for mapping results
+      const activeToolCalls = new Map();
+
+      child.stdout.on("data", (chunk) => {
+        stdoutBuffer += chunk.toString();
+
+        // Process complete lines
+        const lines = stdoutBuffer.split("\n");
+        stdoutBuffer = lines.pop(); // keep incomplete line in buffer
+
+        for (const line of lines) {
+          if (!line.trim()) continue;
+
+          let parsed;
+          try {
+            parsed = JSON.parse(line);
+          } catch {
+            console.warn("[cliController] Skipping invalid JSON line:", line);
+            continue;
           }
 
-          // Bearer token auth
-          const authHeader = req.headers.authorization;
-          if (!authHeader || authHeader !== `Bearer ${token}`) {
-            res.writeHead(401, { "Content-Type": "application/json" });
-            res.end(JSON.stringify({ error: "Unauthorized" }));
-            return;
+          // Capture session ID from any message that has it
+          if (parsed.session_id && widgetUuid) {
+            capturedSessionId = parsed.session_id;
+            sessions.set(widgetUuid, capturedSessionId);
           }
 
-          // Handle MCP requests on /mcp path
-          if (req.url === "/mcp" || req.url?.startsWith("/mcp")) {
-            try {
-              // Stateless mode: create a fresh server + transport per request
-              const reqServer = new McpServer({
-                name: "dash-electron",
-                version: "1.0.0",
+          // Map CLI stream-json events to IPC events
+          if (parsed.type === "content_block_delta") {
+            if (parsed.delta?.type === "text_delta" && parsed.delta.text) {
+              safeSend(win, LLM_STREAM_DELTA$2, {
+                requestId,
+                text: parsed.delta.text,
               });
-              applyRegistrations(reqServer);
-              const reqTransport = new StreamableHTTPServerTransport({
-                sessionIdGenerator: undefined,
+            } else if (parsed.delta?.type === "input_json_delta") {
+              // Update tool input incrementally
+              const tc = activeToolCalls.get(parsed.index);
+              if (tc) {
+                tc.partialInput =
+                  (tc.partialInput || "") + (parsed.delta.partial_json || "");
+              }
+            }
+          } else if (parsed.type === "content_block_start") {
+            if (parsed.content_block?.type === "tool_use") {
+              const toolBlock = parsed.content_block;
+              activeToolCalls.set(parsed.index, {
+                toolUseId: toolBlock.id,
+                toolName: toolBlock.name,
+                partialInput: "",
               });
-              await reqServer.connect(reqTransport);
-              connectionCount++;
-              await reqTransport.handleRequest(req, res);
-            } catch (err) {
-              console.error("[mcpDashServer] Error handling MCP request:", err);
-              if (!res.headersSent) {
-                res.writeHead(500, {
-                  "Content-Type": "application/json",
-                });
-                res.end(
-                  JSON.stringify({
-                    error: "Internal server error",
-                  }),
-                );
+              safeSend(win, LLM_STREAM_TOOL_CALL$2, {
+                requestId,
+                toolUseId: toolBlock.id,
+                toolName: toolBlock.name,
+                serverName: "Claude Code",
+                input: toolBlock.input || {},
+              });
+            }
+          } else if (parsed.type === "content_block_stop") {
+            // Tool call completed — try to parse the accumulated input
+            const tc = activeToolCalls.get(parsed.index);
+            if (tc && tc.partialInput) {
+              try {
+                tc.finalInput = JSON.parse(tc.partialInput);
+              } catch {
+                tc.finalInput = tc.partialInput;
               }
             }
-          } else {
-            // Health check endpoint
-            if (req.url === "/health" && req.method === "GET") {
-              res.writeHead(200, {
-                "Content-Type": "application/json",
+          } else if (parsed.type === "message_stop") {
+            // Individual message completed (may be followed by more in tool-use loops)
+          } else if (parsed.type === "result") {
+            // Final result — conversation complete
+            const content = [];
+            if (parsed.result) {
+              content.push({ type: "text", text: parsed.result });
+            }
+
+            safeSend(win, LLM_STREAM_COMPLETE$2, {
+              requestId,
+              content,
+              stopReason: parsed.stop_reason || "end_turn",
+              usage: parsed.usage || {},
+            });
+          }
+        }
+      });
+
+      child.stderr.on("data", (chunk) => {
+        stderrBuffer += chunk.toString();
+      });
+
+      child.on("error", (err) => {
+        activeProcesses.delete(requestId);
+        safeSend(win, LLM_STREAM_ERROR$2, {
+          requestId,
+          error: `Failed to start Claude CLI: ${err.message}`,
+          code: "CLI_SPAWN_ERROR",
+        });
+      });
+
+      child.on("close", (code) => {
+        activeProcesses.delete(requestId);
+
+        // Process any remaining buffer
+        if (stdoutBuffer.trim()) {
+          try {
+            const parsed = JSON.parse(stdoutBuffer);
+            if (parsed.session_id && widgetUuid) {
+              sessions.set(widgetUuid, parsed.session_id);
+            }
+            if (parsed.type === "result") {
+              const content = [];
+              if (parsed.result) {
+                content.push({ type: "text", text: parsed.result });
+              }
+              safeSend(win, LLM_STREAM_COMPLETE$2, {
+                requestId,
+                content,
+                stopReason: parsed.stop_reason || "end_turn",
+                usage: parsed.usage || {},
               });
-              res.end(
-                JSON.stringify({
-                  status: "ok",
-                  server: "dash-electron-mcp",
-                  version: "1.0.0",
-                }),
-              );
               return;
             }
-            res.writeHead(404, { "Content-Type": "application/json" });
-            res.end(JSON.stringify({ error: "Not found" }));
+          } catch {
+            // ignore
           }
-        },
-      );
+        }
 
-      // Bind to localhost only
-      await new Promise((resolve, reject) => {
-        httpsServer.on("error", (err) => {
-          httpsServer = null;
-          mcpServer = null;
-          if (err.code === "EADDRINUSE") {
-            reject(
-              new Error(
-                `Port ${port} is already in use. Choose a different port in Settings.`,
-              ),
-            );
-          } else {
-            reject(err);
+        if (code !== 0 && code !== null) {
+          // Check if resume failed and retry without it
+          if (sessionId && !retried && stderrBuffer.includes("session")) {
+            retried = true;
+            if (widgetUuid) sessions.delete(widgetUuid);
+            // Retry without --resume
+            cliController$2.sendMessage(win, requestId, {
+              ...params,
+              _retryWithoutResume: true,
+            });
+            return;
           }
-        });
-        httpsServer.listen(port, "127.0.0.1", () => {
-          resolve();
-        });
-      });
 
-      startTime = Date.now();
-      connectionCount = 0;
-      activeWin = win;
-      startCleanup();
+          // Check for auth errors
+          if (
+            stderrBuffer.includes("auth") ||
+            stderrBuffer.includes("login") ||
+            stderrBuffer.includes("not authenticated")
+          ) {
+            safeSend(win, LLM_STREAM_ERROR$2, {
+              requestId,
+              error:
+                "Claude Code CLI is not authenticated. Run `claude auth login` in your terminal.",
+              code: "CLI_AUTH_ERROR",
+            });
+            return;
+          }
 
-      // Save enabled state
-      saveMcpServerSettings(win, {
-        ...serverSettings,
-        enabled: true,
-        port,
-        token,
+          safeSend(win, LLM_STREAM_ERROR$2, {
+            requestId,
+            error: `Claude CLI exited with code ${code}${stderrBuffer ? ": " + stderrBuffer.slice(0, 500) : ""}`,
+            code: "CLI_ERROR",
+          });
+        }
+      });
+    } catch (err) {
+      activeProcesses.delete(requestId);
+      safeSend(win, LLM_STREAM_ERROR$2, {
+        requestId,
+        error: `Failed to start Claude CLI: ${err.message}`,
+        code: "CLI_SPAWN_ERROR",
       });
+    }
+  },
 
-      console.log(
-        `[mcpDashServer] Server started on https://127.0.0.1:${port}/mcp`,
-      );
+  /**
+   * abortRequest
+   * Kill an in-flight CLI process.
+   *
+   * @param {string} requestId - the request to cancel
+   * @returns {{ success: boolean }}
+   */
+  abortRequest: (requestId) => {
+    const child = activeProcesses.get(requestId);
+    if (child) {
+      killChildTree(child);
+      activeProcesses.delete(requestId);
+      return { success: true };
+    }
+    return { success: false, message: "Request not found" };
+  },
 
-      return {
-        success: true,
-        port,
-        url: `https://127.0.0.1:${port}/mcp`,
-      };
-    } catch (err) {
-      console.error("[mcpDashServer] Failed to start server:", err);
-      httpsServer = null;
-      mcpServer = null;
-      return {
-        success: false,
-        error: err.message,
-      };
+  /**
+   * clearSession
+   * Remove the stored session ID for a widget (called on "New Chat").
+   *
+   * @param {string} widgetUuid - the widget whose session to clear
+   * @returns {{ success: boolean }}
+   */
+  clearSession: (widgetUuid) => {
+    if (widgetUuid && sessions.has(widgetUuid)) {
+      sessions.delete(widgetUuid);
+      return { success: true };
+    }
+    return { success: false };
+  },
+
+  /**
+   * getSessionStatus
+   * Check if a CLI session exists and whether a process is active for a widget.
+   *
+   * @param {string} widgetUuid - the widget to check
+   * @returns {{ hasSession: boolean, sessionId?: string, isProcessActive: boolean }}
+   */
+  getSessionStatus: (widgetUuid) => {
+    const sessionId = widgetUuid ? sessions.get(widgetUuid) : null;
+    // Check if any active process belongs to this widget
+    let isProcessActive = false;
+    for (const [, child] of activeProcesses) {
+      if (!child.killed) {
+        isProcessActive = true;
+        break;
+      }
+    }
+    return {
+      hasSession: !!sessionId,
+      sessionId: sessionId || undefined,
+      isProcessActive,
+    };
+  },
+
+  /**
+   * endSession
+   * Kill any active CLI process AND clear the session for a widget.
+   *
+   * @param {string} widgetUuid - the widget whose session to end
+   * @returns {{ success: boolean }}
+   */
+  endSession: (widgetUuid) => {
+    // Kill any active processes for this widget
+    for (const [reqId, child] of activeProcesses) {
+      if (reqId.startsWith(widgetUuid)) {
+        killChildTree(child);
+        activeProcesses.delete(reqId);
+      }
+    }
+    // Clear the session
+    if (widgetUuid && sessions.has(widgetUuid)) {
+      sessions.delete(widgetUuid);
     }
+    return { success: true };
+  },
+};
+
+var cliController_1 = cliController$2;
+
+/**
+ * toolDefinitions.js
+ *
+ * MCP tool schemas for dashboard/workspace operations and app stats.
+ * Each definition includes name, description, and JSON Schema inputSchema.
+ */
+
+const dashboardTools$1 = [
+  {
+    name: "list_dashboards",
+    description:
+      "List all dashboards with their IDs, names, and widget counts. Use this to discover existing dashboards before creating new ones or to find a dashboard ID for other operations.",
+    inputSchema: {
+      type: "object",
+      properties: {},
+      required: [],
+    },
+  },
+  {
+    name: "get_dashboard",
+    description:
+      "Get full details of a dashboard including layout, widgets, and theme. Omit dashboardId to get the active dashboard. Use this to inspect widget configurations or to understand the current layout before making changes.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description:
+            "Dashboard ID. Omit to get the currently active dashboard.",
+        },
+      },
+      required: [],
+    },
+  },
+  {
+    name: "create_dashboard",
+    description:
+      "Create a new dashboard with the given name. Defaults to a 1×1 grid layout if `layout` is omitted — the resulting dashboard has a single cell ready for a widget. Pass an explicit `layout` object to use different dimensions. Pass `layout: null` only if the caller specifically wants a layout-less container dashboard (rare — widgets cannot be added without further editing). Returns the dashboard ID.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: "Display name for the new dashboard",
+        },
+        layout: {
+          type: "object",
+          description:
+            "Optional grid layout configuration. When provided, creates a grid dashboard instead of a simple container.",
+          properties: {
+            rows: {
+              type: "number",
+              description: "Number of rows (1-10)",
+            },
+            cols: {
+              type: "number",
+              description: "Number of columns (1-10)",
+            },
+            gap: {
+              type: "string",
+              description:
+                "Tailwind gap class (e.g. 'gap-2', 'gap-4'). Defaults to 'gap-2'.",
+            },
+            colModes: {
+              type: "object",
+              description:
+                "Per-row column sizing. Keys are row numbers (as strings), values are mode strings: 'equal', '1/4', '1/3', '1/2', '2/3'.",
+            },
+          },
+          required: ["rows", "cols"],
+        },
+      },
+      required: ["name"],
+    },
+  },
+  {
+    name: "delete_dashboard",
+    description:
+      "Delete a dashboard by ID. Cannot delete the last remaining dashboard. Use list_dashboards first to find the dashboard ID.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "ID of the dashboard to delete",
+        },
+      },
+      required: ["dashboardId"],
+    },
+  },
+  {
+    name: "get_app_stats",
+    description:
+      "Get application statistics: counts of dashboards, widgets, themes, and providers. Useful for understanding the current state of the app at a glance.",
+    inputSchema: {
+      type: "object",
+      properties: {},
+      required: [],
+    },
+  },
+  {
+    name: "search_registry_dashboards",
+    description:
+      "Search the online Dash registry for pre-built dashboard templates. Returns matching dashboards with their names, descriptions, and the list of widgets they require. Useful when the user asks for a dashboard by topic (e.g. 'find me a sales dashboard'). If `compatibleWidgetsOnly` is true, only dashboards whose required widgets are ALL already installed are returned — safe to install without additional widget downloads. Otherwise, include dashboards that may require pulling in new widget packages first.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        query: {
+          type: "string",
+          description:
+            "Search keyword to match against dashboard names, descriptions, and tags",
+        },
+        compatibleWidgetsOnly: {
+          type: "boolean",
+          description:
+            "When true, restrict results to dashboards whose required widgets are already installed. Defaults to false (returns all matches).",
+        },
+      },
+      required: ["query"],
+    },
+  },
+];
+
+const widgetTools$1 = [
+  {
+    name: "add_widget",
+    description:
+      "Add a widget to a dashboard by its scoped component name. IMPORTANT: Use the exact scoped name from list_widgets or search_widgets (format: 'scope.package.WidgetName', e.g. 'trops.gong.GongCallSearch'). Can be called multiple times. Returns the widget instance ID for use with configure_widget. If the dashboard has a grid layout, you can specify row/col for explicit placement, or omit them to auto-place in the next empty cell.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description:
+            "Dashboard ID to add the widget to. Omit to use the active dashboard.",
+        },
+        widgetName: {
+          type: "string",
+          description:
+            "Scoped component name from list_widgets/search_widgets (e.g. 'trops.gong.GongCallSearch', 'trops.slack.SlackChannelFeed')",
+        },
+        row: {
+          type: "number",
+          description:
+            "Grid row to place the widget in (1-indexed). Must be used together with col. Requires a grid layout on the dashboard.",
+        },
+        col: {
+          type: "number",
+          description:
+            "Grid column to place the widget in (1-indexed). Must be used together with row.",
+        },
+      },
+      required: ["widgetName"],
+    },
+  },
+  {
+    name: "remove_widget",
+    description:
+      "Remove a widget instance from a dashboard by its ID. Use get_dashboard to find widget instance IDs.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "Dashboard ID. Omit to use the active dashboard.",
+        },
+        widgetId: {
+          type: "string",
+          description: "ID of the widget instance to remove",
+        },
+      },
+      required: ["widgetId"],
+    },
+  },
+  {
+    name: "configure_widget",
+    description:
+      "Update a widget's configuration. The config object is merged into the existing config (partial update). Use get_dashboard to see current widget configs and discover valid config keys.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "Dashboard ID. Omit to use the active dashboard.",
+        },
+        widgetId: {
+          type: "string",
+          description: "ID of the widget instance to configure",
+        },
+        config: {
+          type: "object",
+          description:
+            "Configuration object to merge into existing widget config",
+        },
+      },
+      required: ["widgetId", "config"],
+    },
+  },
+  {
+    name: "list_widgets",
+    description:
+      "List all available widgets from the registry. Returns scoped component names (e.g. 'trops.gong.GongCallSearch') that can be passed directly to add_widget. Each widget includes an 'installed' boolean — if true, use add_widget directly; if false, call install_widget first. Also includes description, provider requirements, and package info.",
+    inputSchema: {
+      type: "object",
+      properties: {},
+      required: [],
+    },
+  },
+  {
+    name: "search_widgets",
+    description:
+      "Search the widget registry by keyword. Returns matching widgets with scoped names (e.g. 'trops.slack.SlackChannelFeed') that can be passed directly to add_widget. Each widget includes an 'installed' boolean — if true, use add_widget directly; if false, call install_widget first. Also includes description and provider info.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        query: {
+          type: "string",
+          description:
+            "Search keyword to match against widget names, descriptions, and tags",
+        },
+      },
+      required: ["query"],
+    },
   },
-
-  /**
-   * Stop the MCP Dash server.
-   */
-  stopServer: async (win) => {
-    if (!httpsServer) {
-      return { success: true, message: "Server was not running" };
-    }
-
-    try {
-      stopCleanup();
-
-      await new Promise((resolve) => {
-        httpsServer.close(() => resolve());
-        // Force close after 5 seconds
-        setTimeout(() => resolve(), 5000);
-      });
-
-      if (mcpServer) {
-        try {
-          await mcpServer.close();
-        } catch (e) {
-          // Ignore close errors
-        }
-      }
-
-      httpsServer = null;
-      mcpServer = null;
-      transport = null;
-      startTime = null;
-      connectionCount = 0;
-      activeWin = null;
-
-      // Update settings
-      if (win) {
-        const serverSettings = getMcpServerSettings(win);
-        saveMcpServerSettings(win, {
-          ...serverSettings,
-          enabled: false,
-        });
-      }
-
-      console.log("[mcpDashServer] Server stopped");
-      return { success: true };
-    } catch (err) {
-      console.error("[mcpDashServer] Error stopping server:", err);
-      return { success: false, error: err.message };
-    }
+  {
+    name: "install_widget",
+    description:
+      "Install a widget package from the Dash registry. Requires registry authentication — the user must be signed in via Settings > Account in the Dash app. Use search_widgets first to find available packages, then install by package name (e.g., 'slack', 'gong', 'chat'). After installation, use add_widget to place it on a dashboard.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        packageName: {
+          type: "string",
+          description:
+            "Package name from the registry (e.g., 'slack', 'gong', 'chat'). Use the 'package' field from search_widgets results.",
+        },
+      },
+      required: ["packageName"],
+    },
   },
+];
 
-  /**
-   * Restart the server (stop + start).
-   */
-  restartServer: async (win, options = {}) => {
-    await mcpDashServerController$4.stopServer(win);
-    return mcpDashServerController$4.startServer(win, options);
+const themeTools$1 = [
+  {
+    name: "list_themes",
+    description:
+      "List all saved themes with their names and whether they are currently active. Use this to discover available themes before applying one.",
+    inputSchema: {
+      type: "object",
+      properties: {},
+      required: [],
+    },
+  },
+  {
+    name: "get_theme",
+    description:
+      "Get full details of a theme by name, including all color values and shade mappings. Use list_themes first to find theme names.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: "Name of the theme to retrieve",
+        },
+      },
+      required: ["name"],
+    },
+  },
+  {
+    name: "create_theme",
+    description:
+      "Create a new theme from a colors object. Primary maps to buttons, links, and active states. Secondary maps to backgrounds, cards, and panels. Tertiary maps to accents, badges, and highlights. Example colors: { primary: '#3b82f6', secondary: '#10b981', tertiary: '#f59e0b' }. After creation, use apply_theme to activate it.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: "Display name for the new theme",
+        },
+        colors: {
+          type: "object",
+          description:
+            "Theme colors object with role keys mapped to hex values or shade objects",
+        },
+      },
+      required: ["name", "colors"],
+    },
+  },
+  {
+    name: "create_theme_from_url",
+    description:
+      "Extract brand colors from a website URL and generate a matching theme. Loads the page in a hidden browser, extracts colors from meta tags, CSS variables, computed styles, and favicons, then maps them to theme roles. Works best with pages that have visible brand colors. Takes a few seconds to process. After creation, use apply_theme to activate it.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        url: {
+          type: "string",
+          description:
+            "Website URL to extract colors from (must start with http:// or https://)",
+        },
+        name: {
+          type: "string",
+          description:
+            "Optional name for the theme. If omitted, a name is derived from the URL hostname.",
+        },
+      },
+      required: ["url"],
+    },
+  },
+  {
+    name: "apply_theme",
+    description:
+      "Apply a saved theme. Omit `dashboard` to set the app-wide default theme (affects every dashboard that doesn't have its own override). Pass `dashboard` (name or ID) to set that dashboard's theme override instead — useful when the user asks for a theme on a specific dashboard (e.g. 'apply ocean to my Sales dashboard'). The theme must already exist; use list_themes to see available themes or create one with create_theme / create_theme_from_url.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: "Name of the theme to apply",
+        },
+        dashboard: {
+          type: "string",
+          description:
+            "Optional dashboard name or numeric ID. Omit for app-wide application.",
+        },
+      },
+      required: ["name"],
+    },
+  },
+  {
+    name: "search_registry_themes",
+    description:
+      "Search the online Dash registry for themes by keyword. Returns matching theme packages with their names, descriptions, and preview metadata. Useful when the user asks for a theme style (e.g. 'find me a dark purple theme') and the local `list_themes` set doesn't have a good match. Each result includes an `installed` boolean — if false, call `install_registry_theme` to pull it in, then `apply_theme` to activate.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        query: {
+          type: "string",
+          description:
+            "Search keyword to match against theme names, descriptions, and tags",
+        },
+      },
+      required: ["query"],
+    },
   },
+];
 
-  /**
-   * Get server status.
-   */
-  getStatus: (win) => {
-    const serverSettings = getMcpServerSettings(win);
-    return {
-      running: !!httpsServer,
-      enabled: serverSettings.enabled || false,
-      port: serverSettings.port || 3141,
-      connectionCount,
-      uptime: startTime ? Math.floor((Date.now() - startTime) / 1000) : 0,
-      toolCount: registeredTools.length,
-      resourceCount: registeredResources.length,
-    };
+const guideTools$1 = [
+  {
+    name: "get_setup_guide",
+    description:
+      "Get a contextual setup guide for Dash. Returns step-by-step instructions for the requested topic. Call this when the user asks how to get started, what they can do, or needs help with a specific workflow.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        topic: {
+          type: "string",
+          enum: ["dashboard", "theme", "provider", "widget", "overview"],
+          description:
+            "Topic to get help with. Use 'overview' or omit for a general capabilities guide.",
+        },
+      },
+      required: [],
+    },
   },
+];
 
-  /**
-   * Get or create the bearer token.
-   */
-  getOrCreateToken: (win) => {
-    const serverSettings = getMcpServerSettings(win);
-    if (serverSettings.token) {
-      return serverSettings.token;
-    }
-    const token = randomUUID();
-    saveMcpServerSettings(win, { ...serverSettings, token });
-    return token;
+const providerTools$1 = [
+  {
+    name: "list_providers",
+    description:
+      "List all configured providers with their names, types, and status. Credential secrets are never returned. Use this to check which services are already connected.",
+    inputSchema: {
+      type: "object",
+      properties: {},
+      required: [],
+    },
+  },
+  {
+    name: "add_provider",
+    description:
+      "Add a new provider configuration. Supports credential providers (API keys) and MCP providers (server connections with tool scoping). Credentials are encrypted at rest. Common types: 'github', 'slack', 'algolia', 'notion', 'openai'. Use list_providers first to check existing connections.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description:
+            "Unique display name for the provider (e.g. 'Algolia Production', 'Slack')",
+        },
+        type: {
+          type: "string",
+          description:
+            "Provider type identifier (e.g. 'algolia', 'slack', 'openai', 'github')",
+        },
+        providerClass: {
+          type: "string",
+          enum: ["credential", "mcp"],
+          description:
+            "Provider class: 'credential' for API key providers, 'mcp' for MCP server providers. Defaults to 'credential'.",
+        },
+        credentials: {
+          type: "object",
+          description:
+            "Credentials object (e.g. { apiKey: '...', appId: '...' }). Encrypted at rest, never returned in responses.",
+        },
+        mcpConfig: {
+          type: "object",
+          description:
+            "MCP server configuration (transport, command, args, envMapping). Only used when providerClass is 'mcp'.",
+        },
+        allowedTools: {
+          type: "array",
+          items: { type: "string" },
+          description:
+            "Optional list of allowed MCP tool names. Only used when providerClass is 'mcp'.",
+        },
+      },
+      required: ["name", "type", "credentials"],
+    },
+  },
+  {
+    name: "remove_provider",
+    description:
+      "Remove a provider by name. This deletes the provider and its stored credentials permanently.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: "Name of the provider to remove",
+        },
+      },
+      required: ["name"],
+    },
   },
+];
 
-  /**
-   * Auto-start server if enabled in settings.
-   * Called from dash-electron on app ready.
-   */
-  autoStart: async (win) => {
-    const serverSettings = getMcpServerSettings(win);
-    if (serverSettings.enabled) {
-      console.log("[mcpDashServer] Auto-starting server...");
-      return mcpDashServerController$4.startServer(win, {
-        port: serverSettings.port,
-      });
-    }
-    return { success: false, message: "Server not enabled" };
+const layoutTools$1 = [
+  {
+    name: "set_layout",
+    description:
+      "Set or replace the grid layout on a dashboard. Creates a LayoutGridContainer with the specified dimensions. Existing widgets in cells that fit the new grid are preserved; widgets outside the new bounds are orphaned (kept but unassigned). Use this to add a grid to an existing dashboard or to resize the grid.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "Dashboard ID. Omit to use the active dashboard.",
+        },
+        rows: {
+          type: "number",
+          description: "Number of rows (1-10)",
+        },
+        cols: {
+          type: "number",
+          description: "Number of columns (1-10)",
+        },
+        gap: {
+          type: "string",
+          description:
+            "Tailwind gap class (e.g. 'gap-2', 'gap-4'). Defaults to 'gap-2'.",
+        },
+        colModes: {
+          type: "object",
+          description:
+            "Per-row column sizing. Keys are row numbers (as strings), values are mode strings: 'equal', '1/4', '1/3', '1/2', '2/3'.",
+        },
+      },
+      required: ["rows", "cols"],
+    },
+  },
+  {
+    name: "update_layout",
+    description:
+      "Partially update the grid layout. Only specified properties change — omitted properties keep their current values. colModes is merged (not replaced). Widgets in removed rows/columns are orphaned. Dashboard must already have a grid layout.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "Dashboard ID. Omit to use the active dashboard.",
+        },
+        rows: {
+          type: "number",
+          description: "New number of rows (1-10). Omit to keep current.",
+        },
+        cols: {
+          type: "number",
+          description: "New number of columns (1-10). Omit to keep current.",
+        },
+        gap: {
+          type: "string",
+          description: "Tailwind gap class. Omit to keep current.",
+        },
+        colModes: {
+          type: "object",
+          description:
+            "Column sizing modes to merge. Set a key to null to reset that row to default.",
+        },
+      },
+      required: [],
+    },
+  },
+  {
+    name: "move_widget",
+    description:
+      "Move a widget to a different grid cell. If the target cell is occupied, the two widgets are swapped. The widget must already be placed in a grid cell. Use get_dashboard to find widget IDs and current positions.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        dashboardId: {
+          type: "string",
+          description: "Dashboard ID. Omit to use the active dashboard.",
+        },
+        widgetId: {
+          type: "string",
+          description: "ID of the widget to move",
+        },
+        row: {
+          type: "number",
+          description: "Target row (1-indexed)",
+        },
+        col: {
+          type: "number",
+          description: "Target column (1-indexed)",
+        },
+      },
+      required: ["widgetId", "row", "col"],
+    },
   },
+];
 
-  // Expose registration functions for other controllers
-  registerTool: registerTool$6,
-  registerResource: registerResource$1,
-  registerPrompt: registerPrompt$1,
-  getServerContext,
+var toolDefinitions$1 = {
+  dashboardTools: dashboardTools$1,
+  widgetTools: widgetTools$1,
+  themeTools: themeTools$1,
+  providerTools: providerTools$1,
+  guideTools: guideTools$1,
+  layoutTools: layoutTools$1,
 };
 
-var mcpDashServerController_1 = mcpDashServerController$4;
-
 var widgetRegistry$1 = {exports: {}};
 
 var dynamicWidgetLoader$3 = {exports: {}};
@@ -60782,6 +60863,159 @@ async function handleApplyTheme$1({ name, dashboard }) {
   };
 }
 
+/**
+ * search_registry_themes — Search the online Dash registry for themes by
+ * keyword. Companion to list_themes (which lists already-saved themes).
+ */
+async function handleSearchRegistryThemes$1({ query }) {
+  if (!query || typeof query !== "string" || !query.trim()) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            error: "query is required and must be a non-empty string",
+          }),
+        },
+      ],
+      isError: true,
+    };
+  }
+
+  try {
+    const result = await registryController$2.searchThemes(query.trim());
+    const packages = result.packages || [];
+
+    // Build a set of locally-saved theme names so the LLM knows which
+    // registry themes are already available.
+    let installedNames = new Set();
+    try {
+      const { win, appId } = requireContext$1();
+      const local = themeController$4.listThemesForApplication(win, appId);
+      const themeMap = local?.themes || {};
+      installedNames = new Set(Object.keys(themeMap));
+    } catch {
+      /* best-effort — continue with empty set if context unavailable */
+    }
+
+    const themes = packages.map((pkg) => ({
+      name: pkg.name,
+      scope: pkg.scope || null,
+      displayName: pkg.displayName || pkg.name,
+      description: pkg.description || "",
+      icon: pkg.icon || null,
+      installed: installedNames.has(pkg.name),
+      preview: pkg.preview || null,
+    }));
+
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify(
+            { query: query.trim(), themes, count: themes.length },
+            null,
+            2,
+          ),
+        },
+      ],
+    };
+  } catch (err) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            error: `Failed to search theme registry: ${err.message}`,
+          }),
+        },
+      ],
+      isError: true,
+    };
+  }
+}
+
+/**
+ * search_registry_dashboards — Search the online Dash registry for
+ * pre-built dashboard templates.
+ */
+async function handleSearchRegistryDashboards$1({
+  query,
+  compatibleWidgetsOnly = false,
+}) {
+  if (!query || typeof query !== "string" || !query.trim()) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            error: "query is required and must be a non-empty string",
+          }),
+        },
+      ],
+      isError: true,
+    };
+  }
+
+  try {
+    // If compatibility filter requested, compute the list of widget
+    // scoped IDs the user currently has installed. The registry
+    // filter in searchDashboards then prunes dashboards whose required
+    // widgets aren't all present.
+    let filters = {};
+    if (compatibleWidgetsOnly) {
+      const installedPkgs = getInstalledPackageNames();
+      filters.compatibleWidgets = Array.from(installedPkgs);
+    }
+
+    const result = await registryController$2.searchDashboards(
+      query.trim(),
+      filters,
+    );
+    const packages = result.packages || [];
+
+    const dashboards = packages.map((pkg) => ({
+      name: pkg.name,
+      scope: pkg.scope || null,
+      displayName: pkg.displayName || pkg.name,
+      description: pkg.description || "",
+      icon: pkg.icon || null,
+      requiredWidgets: pkg.requiredWidgets || pkg.widgets || [],
+      preview: pkg.preview || null,
+    }));
+
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify(
+            {
+              query: query.trim(),
+              compatibleWidgetsOnly,
+              dashboards,
+              count: dashboards.length,
+            },
+            null,
+            2,
+          ),
+        },
+      ],
+    };
+  } catch (err) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            error: `Failed to search dashboard registry: ${err.message}`,
+          }),
+        },
+      ],
+      isError: true,
+    };
+  }
+}
+
 // --- Provider Tool Handlers ---
 
 const { PROVIDER_LIST_COMPLETE } = events$8;
@@ -61647,6 +61881,8 @@ var toolHandlers$1 = {
   handleCreateTheme: handleCreateTheme$1,
   handleCreateThemeFromUrl: handleCreateThemeFromUrl$1,
   handleApplyTheme: handleApplyTheme$1,
+  handleSearchRegistryThemes: handleSearchRegistryThemes$1,
+  handleSearchRegistryDashboards: handleSearchRegistryDashboards$1,
   handleListProviders: handleListProviders$1,
   handleAddProvider: handleAddProvider$1,
   handleRemoveProvider: handleRemoveProvider$1,
@@ -61715,6 +61951,8 @@ const dashToolHandlerMap = {
   create_theme: toolHandlers.handleCreateTheme,
   create_theme_from_url: toolHandlers.handleCreateThemeFromUrl,
   apply_theme: toolHandlers.handleApplyTheme,
+  search_registry_themes: toolHandlers.handleSearchRegistryThemes,
+  search_registry_dashboards: toolHandlers.handleSearchRegistryDashboards,
   list_providers: toolHandlers.handleListProviders,
   add_provider: toolHandlers.handleAddProvider,
   remove_provider: toolHandlers.handleRemoveProvider,
@@ -75031,6 +75269,7 @@ const {
   handleCreateDashboard,
   handleDeleteDashboard,
   handleGetAppStats,
+  handleSearchRegistryDashboards,
 } = toolHandlers$1;
 
 // Map tool names to handler functions
@@ -75040,6 +75279,7 @@ const handlerMap$7 = {
   create_dashboard: handleCreateDashboard,
   delete_dashboard: handleDeleteDashboard,
   get_app_stats: handleGetAppStats,
+  search_registry_dashboards: handleSearchRegistryDashboards,
 };
 
 /**
@@ -75131,6 +75371,7 @@ const {
   handleCreateTheme,
   handleCreateThemeFromUrl,
   handleApplyTheme,
+  handleSearchRegistryThemes,
 } = toolHandlers$1;
 
 // Map tool names to handler functions
@@ -75140,6 +75381,7 @@ const handlerMap$5 = {
   create_theme: handleCreateTheme,
   create_theme_from_url: handleCreateThemeFromUrl,
   apply_theme: handleApplyTheme,
+  search_registry_themes: handleSearchRegistryThemes,
 };
 
 /**