@trusty-squire/mcp 0.9.9 → 0.9.11

package/dist/bot/replay-skill.js

@@ -42,7 +42,7 @@
 //   - It doesn't sandbox the browser (T14 lives at the caller layer —
 //     the router decides whether to spawn a fresh BrowserController
 //     or reuse one).
-import { appendFileSync, mkdirSync } from "node:fs";
+import { appendFileSync, mkdirSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
 import { loggedInProviders } from "./login-state.js";
 import { isTruncatedCapture, extractApiKeyFromText, findOAuthButton, isCredentialNoiseCandidate, } from "./agent.js";
@@ -98,11 +98,18 @@ export async function replaySkill(input) {
     // once every named extract has run successfully — not on the first
     // extract like the single-cred path. Detected by skill content:
     // any *_named step → multi mode, else → single.
+    // extract_labeled is ALSO a multi-cred extract (pusher: application_id /
+    // app_key / secret) — it returns extract_named_ok and accumulates into the
+    // bundle just like the *_named kinds. Omitting it here left isMultiCred false,
+    // so a pusher skill accumulated all 3 values but never returned ok_multi and
+    // fell through to "walked entire graph without producing a credential."
     const isMultiCred = skill.steps.some((s) => s.kind === "extract_via_copy_button_named" ||
-        s.kind === "extract_via_regex_named");
+        s.kind === "extract_via_regex_named" ||
+        s.kind === "extract_labeled");
     const expectedProduces = new Set(skill.steps
         .filter((s) => s.kind === "extract_via_copy_button_named" ||
-        s.kind === "extract_via_regex_named")
+        s.kind === "extract_via_regex_named" ||
+        s.kind === "extract_labeled")
         .map((s) => s.produces));
     const credentialBundle = {};
     const viaBundle = {};
@@ -198,7 +205,25 @@ export async function replaySkill(input) {
                 skippedOnboardingFill = true;
                 continue;
             }
+            else if (step.kind === "select" &&
+                isSkippableAbsentSelect(step, validation.reason, i, skill.steps)) {
+                // Account-state-dependent ONBOARDING select (porter "Role" /
+                // railway "Workspace" class): the wizard dropdown only exists for a
+                // brand-new account. The verifier's operator account is already
+                // registered, so the service skips the onboarding form and the
+                // <select> is wholly absent — exactly the fill case above, just a
+                // different control. A later extract step still reaches the
+                // credential and the credential validator is the backstop, so skip
+                // rather than false-failing the whole replay.
+                console.error(`[replay] step ${i} (select label_hint=${JSON.stringify(step.label_hint)}) ` +
+                    `select absent — skipping as account-state-dependent onboarding ` +
+                    `(account already registered; signup form gone). A later extract ` +
+                    `step still reaches the credential. Reason: ${validation.reason}`);
+                skippedOnboardingFill = true;
+                continue;
+            }
             else {
+                await maybeDumpReplayDebug(browser, skill, i, validation.reason);
                 return {
                     kind: "step_failed",
                     stepIndex: i,
@@ -224,6 +249,18 @@ export async function replaySkill(input) {
                 const credSpec = skill.credentials[0];
                 const validatorResult = await validateCredential(execOutcome.value, credSpec, input.fetchFn);
                 if (!validatorResult.ok) {
+                    if (process.env.REPLAY_DEBUG) {
+                        try {
+                            const cands = await browser.extractCredentialCandidates().catch(() => []);
+                            const txt = (await browser.extractText().catch(() => "")).slice(0, 2000);
+                            writeFileSync(`/tmp/replay-validator-${skill.service}.txt`, `url=${browser.currentUrl()}\ngot=${execOutcome.value}\nreason=${validatorResult.reason}\n` +
+                                `candidates=${JSON.stringify(cands.slice(0, 20))}\n\nTEXT:\n${txt}`);
+                            console.error(`[replay-debug] dumped /tmp/replay-validator-${skill.service}.txt`);
+                        }
+                        catch {
+                            /* best-effort */
+                        }
+                    }
                     return {
                         kind: "validator_failed",
                         stepIndex: i,
@@ -357,9 +394,15 @@ async function preValidateStep(step, browser, templateValues) {
         case "click": {
             const inventory = await browser.extractInteractiveElements();
             const matches = inventory.filter((el) => matchesClickHint(el, step.text_match));
-            const filtered = step.role_hint
+            // role_hint is a SOFT preference, not a hard gate. When it filters out
+            // every text-match — imagekit's live "Next" renders as an <a>, not the
+            // captured <button> — fall back to the text matches and let the
+            // disambiguator below pick. A genuinely-absent target (no text match at
+            // all) still falls through to the href/token fallbacks.
+            const roleFiltered = step.role_hint
                 ? matches.filter((el) => matchesRole(el, step.role_hint))
                 : matches;
+            const filtered = roleFiltered.length > 0 ? roleFiltered : matches;
             if (filtered.length === 0) {
                 // href fallback: a nav-link target whose text rendered as an icon
                 // on replay (or whose URL slug differs) won't match by text but
@@ -370,13 +413,17 @@ async function preValidateStep(step, browser, templateValues) {
                     if (byHref.length === 1)
                         return { ok: true, match: byHref[0] };
                 }
-                if (matches.length > 0) {
-                    return {
-                        ok: false,
-                        reason: `text_match=${JSON.stringify(step.text_match)} matched ${matches.length} elements, ` +
-                            `but role_hint=${step.role_hint} filtered them all out.`,
-                    };
-                }
+                // Last-resort token-subset fallback: the captured text_match is a
+                // planner gloss ("Create Token") that doesn't substring-match the live
+                // button ("Create API Token"). Resolve by token containment, honoring
+                // role_hint, and accept ONLY a unique match — ambiguity is unsafe for a
+                // click that may mint a credential (the validator is the backstop).
+                const tokenPool = step.role_hint
+                    ? inventory.filter((el) => matchesRole(el, step.role_hint))
+                    : inventory;
+                const byTokens = tokenPool.filter((el) => matchesClickHintTokens(el, step.text_match));
+                if (byTokens.length === 1)
+                    return { ok: true, match: byTokens[0] };
                 return {
                     ok: false,
                     reason: `No element matches text_match=${JSON.stringify(step.text_match)}` +
@@ -410,6 +457,15 @@ async function preValidateStep(step, browser, templateValues) {
                 const buttons = filtered.filter((el) => el.tag === "button");
                 if (buttons.length === 1)
                     return { ok: true, match: buttons[0] };
+                // Multiple BUTTONS with the same text (imagekit's onboarding renders
+                // two "Next" buttons): pick the first. preValidate used to hard-fail
+                // while execute would happily pickClickPriority — an inconsistency that
+                // failed the replay before it tried. Clicking either advances a wizard
+                // and the credential validator backstops a wrong pick. Ambiguous
+                // NON-button elements (two same-text links) stay a hard fail — that's
+                // genuine rot the skill can't pin, not a wizard button.
+                if (buttons.length > 1)
+                    return { ok: true, match: buttons[0] };
                 return {
                     ok: false,
                     reason: `text_match=${JSON.stringify(step.text_match)} matched ${filtered.length} elements; ` +
@@ -425,6 +481,15 @@ async function preValidateStep(step, browser, templateValues) {
             const inventory = await browser.extractInteractiveElements();
             const matches = inventory.filter((el) => isFillable(el) && matchesLabelHint(el, step.label_hint));
             if (matches.length === 0) {
+                // Fuzzy last-resort: the label_hint is a verbose gloss ("Name your
+                // key:") that didn't match the live input labeled "Name". Match on
+                // significant-token overlap, unique only — so a present-but-glossed
+                // field is filled rather than wrongly skipped (which left anthropic's
+                // submit disabled). A genuinely-absent onboarding field still matches
+                // nothing here and falls through to the absent-skip path.
+                const fuzzy = inventory.filter((el) => isFillable(el) && el.tag !== "select" && matchesLabelHintFuzzy(el, step.label_hint));
+                if (fuzzy.length === 1)
+                    return { ok: true, match: fuzzy[0] };
                 return {
                     ok: false,
                     reason: `No input matches label_hint=${JSON.stringify(step.label_hint)}.`,
@@ -515,10 +580,16 @@ async function preValidateStep(step, browser, templateValues) {
                     reason: `${copyButtons.length} Copy buttons visible; none near text ${JSON.stringify(step.near_text_hint)}.`,
                 };
             }
-            return {
-                ok: false,
-                reason: `${copyButtons.length} Copy buttons visible; ${disambiguated.length} match near_text_hint — ambiguous.`,
-            };
+            // Ambiguous (2+ match) on a SINGLE-cred extract: the synthesizer's
+            // near_text_hint was unique at capture, but the returning-user keys page
+            // shows extra copyable values near the same label (planetscale renders a
+            // password + a connection string under one heading). Pick the FIRST
+            // match in DOM order — the credential's own copy button typically leads —
+            // rather than hard-failing a reachable credential. The post-extract
+            // credential validator is the backstop if the first one is wrong.
+            console.error(`[replay] ${copyButtons.length} Copy buttons match near_text_hint=${JSON.stringify(step.near_text_hint)} — ` +
+                `taking the first (validator backstops a wrong pick).`);
+            return { ok: true, match: disambiguated[0] };
         }
         case "extract_via_regex": {
             // Pre-validation for regex extraction: confirm the page text
@@ -575,6 +646,17 @@ async function preValidateStep(step, browser, templateValues) {
             const candidates = await browser.extractLabeledCredentialCandidates();
             const match = candidates.find((c) => labelMatchesHint(c.label, step.label_hint));
             if (match === undefined) {
+                if (process.env.REPLAY_DEBUG) {
+                    try {
+                        const txt = (await browser.extractText().catch(() => "")).slice(0, 2500);
+                        writeFileSync(`/tmp/replay-labeled-${step.produces}.txt`, `url=${browser.currentUrl()}\nlabel_hint=${step.label_hint}\n` +
+                            `candidates=${JSON.stringify(candidates.map((c) => ({ label: c.label, val: (c.value ?? "").slice(0, 6) })))}\n\nTEXT:\n${txt}`);
+                        console.error(`[replay-debug] dumped /tmp/replay-labeled-${step.produces}.txt`);
+                    }
+                    catch {
+                        /* best-effort */
+                    }
+                }
                 return {
                     ok: false,
                     reason: `No labeled credential matches label_hint=${JSON.stringify(step.label_hint)} ` +
@@ -594,7 +676,15 @@ async function preValidateStep(step, browser, templateValues) {
 export function labelMatchesHint(label, hint) {
     if (label === null)
         return false;
-    const norm = (s) => s.toLowerCase().replace(/[^a-z0-9]+/g, "");
+    // Collapse common credential-label synonyms so a skill's hint matches the
+    // page's variant: pusher renders "app_id" while the skill asks for
+    // "application id". Apply on the already-stripped alphanumeric string so
+    // underscores ("application_id") don't defeat a word boundary.
+    const norm = (s) => s
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, "")
+        .replace(/application/g, "app")
+        .replace(/identifier/g, "id");
     const a = norm(label);
     const b = norm(hint);
     if (a.length === 0 || b.length === 0)
@@ -605,10 +695,13 @@ async function executeStep(step, browser, templateValues, skill) {
     switch (step.kind) {
         case "navigate": {
             await browser.goto(step.url);
-            // Tiny settle for SPA-style apps that fire route handlers
-            // post-DOMContentLoaded. The bot's runPrewarm waits 2s
-            // post-navigate too.
+            // Settle for SPA-style apps that fire route handlers post-
+            // DOMContentLoaded. A fixed 2s under-waits heavy authenticated
+            // dashboards (pusher's App Keys, imagekit's onboarding step rendered
+            // blank → "0 elements" at the next step). Poll for real interactive
+            // content first, with the 2s as a floor for fast/static pages.
             await browser.wait(2);
+            await browser.waitForInteractiveDom().catch(() => undefined);
             // 0.8.2-rc.22 — URL drift detection. When a skill's signup_url
             // assumes the user is authenticated (Railway's /account/tokens
             // captured after OAuth was done in a prior session), the
@@ -672,9 +765,12 @@ async function executeStep(step, browser, templateValues, skill) {
         case "click": {
             const inventory = await browser.extractInteractiveElements();
             const matches = inventory.filter((el) => matchesClickHint(el, step.text_match));
-            const filtered = step.role_hint
+            // role_hint soft-fallback (mirrors preValidate): if it filters out every
+            // text-match, trust the text matches and let the disambiguator pick.
+            const roleFiltered = step.role_hint
                 ? matches.filter((el) => matchesRole(el, step.role_hint))
                 : matches;
+            const filtered = roleFiltered.length > 0 ? roleFiltered : matches;
             if (filtered.length === 0) {
                 // href fallback (mirrors preValidate): resolve a nav link by its
                 // stable href path tail when text matching finds nothing. If even
@@ -696,6 +792,17 @@ async function executeStep(step, browser, templateValues, skill) {
                         return { kind: "clicked" };
                     }
                 }
+                // Token-subset fallback — mirrors preValidate so execute clicks the
+                // same gloss-resolved element preValidate approved. Unique match only.
+                const tokenPool = step.role_hint
+                    ? inventory.filter((el) => matchesRole(el, step.role_hint))
+                    : inventory;
+                const byTokens = tokenPool.filter((el) => matchesClickHintTokens(el, step.text_match));
+                if (byTokens.length === 1) {
+                    await browser.click(byTokens[0].selector);
+                    await browser.wait(1);
+                    return { kind: "clicked" };
+                }
                 throw new Error(`No element matches text_match=${step.text_match}` +
                     (step.href_hint !== undefined ? ` (nor href_hint=${step.href_hint})` : ""));
             }
@@ -709,15 +816,25 @@ async function executeStep(step, browser, templateValues, skill) {
                 : filterByNearTextHint(filtered, step.near_text_hint, inventory);
             const target = narrowed.length === 1 ? narrowed[0] : pickClickPriority(narrowed);
             await browser.click(target.selector);
-            // Settle so any post-click navigation finishes before the next
-            // pre-validation reads inventory.
+            // Settle so any post-click navigation/SPA route render finishes before
+            // the next step reads inventory (pusher's App Keys page, imagekit's
+            // onboarding step render a beat after the click → blank "0 elements").
             await browser.wait(1);
+            await browser.waitForInteractiveDom().catch(() => undefined);
             return { kind: "clicked" };
         }
         case "fill": {
             const inventory = await browser.extractInteractiveElements();
             const matches = inventory.filter((el) => isFillable(el) && matchesLabelHint(el, step.label_hint));
             if (matches.length === 0) {
+                // Fuzzy fallback (mirrors preValidate): fill a present-but-glossed
+                // input matched by significant-token overlap, unique only.
+                const fuzzy = inventory.filter((el) => isFillable(el) && el.tag !== "select" && matchesLabelHintFuzzy(el, step.label_hint));
+                if (fuzzy.length === 1) {
+                    const value = substituteTemplate(step.value_template, templateValues);
+                    await browser.type(fuzzy[0].selector, value);
+                    return { kind: "filled" };
+                }
                 throw new Error(`No input matches label_hint=${step.label_hint}`);
             }
             // rc.25 — share the disambiguator with preValidate so execute
@@ -1438,12 +1555,33 @@ function writeSkillUpdateCandidate(candidatesDir, skill, stepIndex, capturedStep
     }
 }
 // ── Inventory matching helpers ──────────────────────────────────────
+// Substring match that requires the needle to sit at a WORD boundary — the
+// adjacent characters must not be alphanumeric or a dot. Without this, a short
+// hint like "Next" matched "Next.js" (imagekit's dashboard footer), so a stale
+// onboarding "Next" step false-matched framework chrome instead of being
+// skipped as absent. Multi-word hints still match across internal whitespace.
+function includesAtWordBoundary(haystack, needle) {
+    if (needle.length === 0)
+        return false;
+    const isWordChar = (c) => /[a-z0-9.]/i.test(c);
+    let idx = haystack.indexOf(needle);
+    while (idx !== -1) {
+        const before = idx === 0 ? "" : haystack[idx - 1];
+        const afterIdx = idx + needle.length;
+        const after = afterIdx >= haystack.length ? "" : haystack[afterIdx];
+        if (!isWordChar(before) && !isWordChar(after))
+            return true;
+        idx = haystack.indexOf(needle, idx + 1);
+    }
+    return false;
+}
 function matchesClickHint(el, hint) {
     const lowerHint = hint.toLowerCase();
     const text = (el.visibleText ?? "").toLowerCase();
     const aria = (el.ariaLabel ?? "").toLowerCase();
-    if (text.includes(lowerHint) || aria.includes(lowerHint))
+    if (includesAtWordBoundary(text, lowerHint) || includesAtWordBoundary(aria, lowerHint)) {
         return true;
+    }
     // 0.8.3-rc.1 — stable-attribute fallback. Form-control elements
     // routinely have a stable `name` attribute (mistral's ToS checkbox
     // ships as `<input name="terms">`) even when their visible text is
@@ -1459,6 +1597,56 @@ function matchesClickHint(el, hint) {
         return true;
     return false;
 }
+// Token-subset fallback for a credential-creating click whose captured
+// text_match is a planner GLOSS that doesn't substring-match the live button
+// ("Create Token" vs the page's "Create API Token" / "+ Create new token").
+// Matches when EVERY meaningful token (len>=3) of the hint appears among the
+// element's text/aria tokens, order-independent. Deliberately looser than
+// matchesClickHint's substring rule, so it is used ONLY as a last resort and
+// ONLY when it resolves to a UNIQUE element (the call site enforces this) —
+// pinning the wrong control on a click that may mint a credential is the risk,
+// and the post-extract credential validator is the backstop if it slips.
+// REPLAY_DEBUG diagnostic: on a step failure, dump the current URL + visible
+// clickable/fillable inventory to /tmp/replay-debug-<service>-step<N>.json so a
+// returning-user divergence can be diagnosed against the REAL authenticated
+// page (which a standalone trace can't reach — it doesn't walk OAuth consent).
+// No-op unless REPLAY_DEBUG is set; best-effort (never throws into replay).
+async function maybeDumpReplayDebug(browser, skill, stepIndex, reason) {
+    if (!process.env.REPLAY_DEBUG)
+        return;
+    try {
+        const inv = await browser.extractInteractiveElements();
+        const interesting = inv
+            .filter((e) => e.visible)
+            .map((e) => ({
+            tag: e.tag,
+            role: e.role,
+            text: (e.visibleText ?? "").slice(0, 60),
+            aria: e.ariaLabel,
+            label: e.labelText,
+            placeholder: e.placeholder,
+            href: e.href ?? null,
+        }))
+            .filter((e) => e.text || e.aria || e.label || e.placeholder || e.href);
+        const path = `/tmp/replay-debug-${skill.service}-step${stepIndex}.json`;
+        writeFileSync(path, JSON.stringify({ service: skill.service, stepIndex, reason, url: browser.currentUrl(), interesting }, null, 2));
+        console.error(`[replay-debug] dumped ${path} (${interesting.length} elements)`);
+    }
+    catch {
+        // best-effort diagnostic only
+    }
+}
+function matchesClickHintTokens(el, hint) {
+    const tokenize = (s) => (s.toLowerCase().match(/[a-z0-9]+/g) ?? []).filter((t) => t.length >= 3);
+    const want = tokenize(hint);
+    if (want.length === 0)
+        return false;
+    const have = new Set([
+        ...tokenize(el.visibleText ?? ""),
+        ...tokenize(el.ariaLabel ?? ""),
+    ]);
+    return want.every((t) => have.has(t));
+}
 // 2026-06-07 — href-tail match for nav-link clicks. The synthesizer
 // records a link target's href path (href_hint); on replay the link's
 // visible text may render as an icon and its URL's leading workspace/org
@@ -1560,6 +1748,28 @@ function matchesLabelHint(el, hint) {
         return true;
     return false;
 }
+const LABEL_STOPWORDS = new Set([
+    "your", "the", "for", "and", "please", "enter", "field", "input", "this",
+]);
+// Fuzzy label match for a fill/select whose captured label_hint is a verbose
+// gloss that doesn't exact/substring-match the live control. anthropic's skill
+// captured "Name your key:" but the live input is labeled "Name" — the exact
+// matcher missed it, the field was wrongly skipped as absent, and the form's
+// submit stayed disabled (precondition unmet). Matches on SIGNIFICANT-token
+// overlap (len>=3, minus stopwords) between the hint and the element's
+// label/placeholder/aria/name — so "Name your key:" overlaps "Name" / "Key
+// name" but NOT a "Search" box. Last-resort + unique-match-only (call site),
+// so it can't fill the wrong control on a multi-input form.
+function significantTokens(s) {
+    return (s.toLowerCase().match(/[a-z0-9]+/g) ?? []).filter((t) => t.length >= 3 && !LABEL_STOPWORDS.has(t));
+}
+function matchesLabelHintFuzzy(el, hint) {
+    const want = new Set(significantTokens(hint));
+    if (want.size === 0)
+        return false;
+    const have = significantTokens(`${el.labelText ?? ""} ${el.placeholder ?? ""} ${el.ariaLabel ?? ""} ${el.name ?? ""}`);
+    return have.some((t) => want.has(t));
+}
 function isRuntimeId(id) {
     // Mirror promote-to-skill.ts:looksLikeRuntimeId. Inline here to keep
     // the replay engine self-contained — the patterns rarely change and
@@ -1783,6 +1993,20 @@ function isSkippableAbsentFill(step, validationReason, stepIndex, steps) {
         return false;
     return hasLaterCredentialStep(steps, stepIndex);
 }
+// True when an absent onboarding SELECT is safe to skip — the <select> dropdown
+// equivalent of isSkippableAbsentFill. Wizard selects (porter "Role", railway
+// "Workspace") only exist for a brand-new account; on a returning-user replay
+// the onboarding form is gone and preValidateStep reports "No select matches…".
+// A present-but-unresolvable select is genuine rot and must NOT skip; only a
+// wholly-absent one is skippable, and only when a later step still yields a
+// credential (the validator at the extract step is the real backstop).
+function isSkippableAbsentSelect(step, validationReason, stepIndex, steps) {
+    if (step.kind !== "select")
+        return false;
+    if (!/no select matches/i.test(validationReason))
+        return false;
+    return hasLaterCredentialStep(steps, stepIndex);
+}
 // Does the recipe still reach a credential after stepIndex — a later
 // extract step, or the credential-creating click still ahead?
 function hasLaterCredentialStep(steps, stepIndex) {
@@ -1791,7 +2015,8 @@ function hasLaterCredentialStep(steps, stepIndex) {
         if (k === "extract_via_copy_button" ||
             k === "extract_via_regex" ||
             k === "extract_via_copy_button_named" ||
-            k === "extract_via_regex_named") {
+            k === "extract_via_regex_named" ||
+            k === "extract_labeled") {
             return true;
         }
     }
@@ -1847,6 +2072,21 @@ const OAUTH_PROVIDER_HOSTS = new Set([
     "auth0.com",
     "login.microsoftonline.com",
 ]);
+// A service's OWN auth/login host — the FIRST hop when the replay session has
+// expired (porter's dashboard.porter.run → auth.porter.run). Distinct from
+// OAUTH_PROVIDER_HOSTS (the social IdPs): this is the service bouncing us to
+// log in, not the IdP handshake. Matches an auth-shaped subdomain
+// (auth./login./accounts./signin./sso./id.) or a hosted-auth vendor
+// (WorkOS/Auth0/Okta/Clerk/Stytch). Without this, detectNavigationDrift
+// returned null for auth.porter.run, so replay marched through its steps ON
+// the login page and failed at the cred-click with a misleading "nav
+// divergence" reason instead of the real cause (session not present).
+function looksLikeAuthHost(hostname) {
+    const h = hostname.toLowerCase();
+    if (/^(auth|login|accounts|signin|sign-in|sso|id)\./.test(h))
+        return true;
+    return /(^|\.)(workos|auth0|okta|clerk|stytch|onelogin|duosecurity)\.(com|io|dev|app)$/.test(h);
+}
 // Returns null when the current URL is consistent with the requested
 // URL (same origin, no login-path redirect). Returns a short reason
 // string when drift is detected. Exported for unit tests.
@@ -1867,6 +2107,14 @@ export function detectNavigationDrift(currentUrl, expectedUrl) {
         OAUTH_PROVIDER_HOSTS.has(cur.hostname)) {
         return `redirected to OAuth provider ${cur.hostname}`;
     }
+    // Cross-domain landing on the service's OWN auth host (auth.porter.run,
+    // a WorkOS/Auth0/etc. tenant) — the session expired, so we got bounced to
+    // log in. Classify as drift so attemptOAuthRecovery can re-auth via the
+    // cached provider session (or, failing that, return needs_login) instead of
+    // replaying the skill onto the login page.
+    if (cur.hostname !== exp.hostname && looksLikeAuthHost(cur.hostname)) {
+        return `redirected to login host ${cur.hostname} (session expired / not authenticated)`;
+    }
     // Same-origin redirect to a login-shaped path — covers Railway's
     // /login fallback when /account/tokens is hit unauthenticated.
     if (cur.hostname === exp.hostname && cur.pathname !== exp.pathname) {
@@ -1945,11 +2193,13 @@ async function clickConsentAffordance(browser) {
     const page = pageOf(browser);
     if (page === null)
         return false;
-    const name = /^(continue|allow|authorize|approve|accept|agree|i agree)$/i;
+    // Exact-name match first (safest): the approve control's accessible name IS
+    // just the verb.
+    const exact = /^(continue|allow|authorize|approve|accept|agree|i agree)$/i;
     for (const role of ["button", "link"]) {
         try {
-            const loc = page.getByRole(role, { name }).first();
-            await loc.waitFor({ state: "visible", timeout: 2000 });
+            const loc = page.getByRole(role, { name: exact }).first();
+            await loc.waitFor({ state: "visible", timeout: 3000 });
             await loc.click({ timeout: 3000 });
             return true;
         }
@@ -1957,6 +2207,45 @@ async function clickConsentAffordance(browser) {
             /* try the next role */
         }
     }
+    // Fallback: Google's modern consent button carries extra accessible-name
+    // text ("Continue", "Continue to kinde", a nested span) that the exact match
+    // misses — so kinde/imagekit reached state=consent but this returned false
+    // and the verifier bailed needs_login. Match an approve verb at the START of
+    // the name, and explicitly skip negatives ("Cancel", "Don't allow", "Back").
+    const approve = /^(continue|allow|authorize|approve|accept|agree)/i;
+    const negative = /(cancel|deny|don'?t\s*allow|no\s*thanks|go\s*back|^back$|reject)/i;
+    for (const role of ["button", "link"]) {
+        const loc = page.getByRole(role, { name: approve });
+        const count = await loc.count().catch(() => 0);
+        for (let i = 0; i < count; i++) {
+            const el = loc.nth(i);
+            const txt = ((await el.textContent().catch(() => "")) ?? "").trim();
+            if (negative.test(txt))
+                continue;
+            try {
+                await el.waitFor({ state: "visible", timeout: 2000 });
+                await el.click({ timeout: 3000 });
+                return true;
+            }
+            catch {
+                /* next candidate */
+            }
+        }
+    }
+    if (process.env.REPLAY_DEBUG) {
+        try {
+            const btns = await page
+                .getByRole("button")
+                .all()
+                .then((ls) => Promise.all(ls.slice(0, 25).map((l) => l.textContent().catch(() => ""))))
+                .catch(() => []);
+            writeFileSync(`/tmp/replay-consent-buttons.txt`, `url=${page.url()}\nbuttons=${JSON.stringify(btns)}`);
+            console.error(`[replay-oauth-debug] consent affordance not found — dumped /tmp/replay-consent-buttons.txt`);
+        }
+        catch {
+            /* best-effort */
+        }
+    }
     return false;
 }
 // Deterministically walk the provider's account-chooser + consent screens
@@ -2003,24 +2292,54 @@ export async function walkOAuthConsent(browser, providerId) {
         console.error(`[replay-oauth] state=${state} url=${url.slice(0, 100)}`);
         if (state === "not_provider")
             return "ok"; // flow left the provider
-        if (state === "challenge" || state === "needs_login")
+        if (state === "challenge" || state === "needs_login") {
+            if (process.env.REPLAY_DEBUG) {
+                try {
+                    writeFileSync(`/tmp/replay-oauth-${providerId}-${state}.txt`, `url=${url}\n\n${body}`);
+                    console.error(`[replay-oauth-debug] dumped /tmp/replay-oauth-${providerId}-${state}.txt`);
+                }
+                catch {
+                    // best-effort
+                }
+            }
             return "needs_login";
+        }
         // state === "consent": scope-gate it. Only auto-approve identity-basic
         // scopes — verify must never grant a sensitive scope blind.
         const scopes = extractOAuthScopes(url);
+        // GitHub sensitive-scope phrases — repo/org/write/admin access. A consent
+        // showing NONE is identity-basic (login). pusher's 2nd github consent
+        // screen carries no scope= param (extractOAuthScopes → null), so without a
+        // DOM fallback github fell straight to "not basic" and bailed.
+        const githubSensitive = /\b(repositor|organization|act on your behalf|write|delete|admin|workflow|manage|gist|webhook|deploy)/i.test(body);
         const basic = scopes !== null
             ? provider.scopesAreBasic(scopes)
-            : // Google hides scopes behind an opaque part= token; fall back to
-                // the visible DOM — basic only when NO scope-grant phrases show.
-                providerId === "google" && scrapeGoogleScopePhrases(body).length === 0;
+            : // Scopes unreadable from the URL → fall back to the visible DOM.
+                // Basic only when NO scope-grant phrases show (mirrors per-provider).
+                providerId === "google"
+                    ? scrapeGoogleScopePhrases(body).length === 0
+                    : providerId === "github"
+                        ? !githubSensitive
+                        : false;
         if (!basic) {
             console.error("[replay-oauth] consent scopes not basic/unreadable — needs_login");
             return "needs_login";
         }
         const beforeUrl = browser.currentUrl();
         const clicked = await clickConsentAffordance(browser);
-        if (!clicked)
-            return "needs_login";
+        if (!clicked) {
+            // The consent may be auto-completing and navigating away before we can
+            // click — Google's GIS flow (kinde/imagekit) redirects the consent to
+            // /gsi/transform on its own for basic, previously-seen scopes, and the
+            // popup then closes. Don't bail needs_login on a flow that's finishing:
+            // wait a beat, then let the loop re-evaluate (oauthPageClosed /
+            // not_provider → ok). If it's genuinely stuck on the consent, the loop
+            // retries the click, bounded by MAX_NAV before the final needs_login.
+            for (let w = 0; w < 6 && browser.currentUrl() === beforeUrl && !browser.oauthPageClosed(); w++) {
+                await browser.wait(1);
+            }
+            continue;
+        }
         // Same race as the chooser: the approve click navigates after a beat.
         // Wait for the URL to move before re-reading, or the next pass sees the
         // same consent URL, finds the affordance already consumed, and bails.
@@ -2032,10 +2351,15 @@ export async function walkOAuthConsent(browser, providerId) {
     return browser.oauthPageClosed() ? "ok" : "needs_login";
 }
 async function attemptOAuthRecovery(browser, expectedUrl) {
-    const profiles = loggedInProviders();
-    if (profiles.length === 0) {
+    const rawProfiles = loggedInProviders();
+    if (rawProfiles.length === 0) {
         return { kind: "needs_login", provider: "google" };
     }
+    // Prefer Google over GitHub when a service offers both. GitHub OAuth
+    // callbacks are rejected by more anti-bot services (pusher bounces a
+    // github sign-in back to /accounts/sign_in with no session, while the
+    // google round-trip completes). Try the more-reliable provider first.
+    const profiles = [...rawProfiles].sort((a, b) => a === "google" ? -1 : b === "google" ? 1 : 0);
     // Find an OAuth button matching a provider we have a cached session for.
     // Retry: SPA login pages (posthog, kinde) render the OAuth buttons a beat
     // after domcontentloaded, so a single inventory races them → false
@@ -2059,6 +2383,19 @@ async function attemptOAuthRecovery(browser, expectedUrl) {
         // The page may genuinely be a non-OAuth login form (some services
         // also offer password auth). The replay can't synthesize a
         // password; surface needs_login with a guess based on the URL.
+        if (process.env.REPLAY_DEBUG) {
+            try {
+                const inv = await browser.extractInteractiveElements();
+                const clickable = inv
+                    .filter((e) => e.visible && (e.tag === "button" || e.tag === "a" || e.role === "button"))
+                    .map((e) => ({ tag: e.tag, text: (e.visibleText ?? "").slice(0, 40), aria: e.ariaLabel, href: (e.href ?? "").slice(0, 60) }));
+                writeFileSync(`/tmp/replay-nobutton-${browser.currentUrl().replace(/[^a-z0-9]+/gi, "_").slice(-30)}.txt`, `url=${browser.currentUrl()}\nprofiles=${JSON.stringify(profiles)}\nclickable=${JSON.stringify(clickable, null, 1)}`);
+                console.error(`[replay-oauth-debug] no OAuth button — dumped page affordances`);
+            }
+            catch {
+                /* best-effort */
+            }
+        }
         const guess = inferProviderFromUrl(browser.currentUrl()) ?? "google";
         return { kind: "needs_login", provider: guess };
     }
@@ -2068,6 +2405,7 @@ async function attemptOAuthRecovery(browser, expectedUrl) {
     await browser.startOAuth(pickedButton.selector);
     const walk = await walkOAuthConsent(browser, pickedProvider);
     if (walk === "needs_login") {
+        await browser.settleAfterOAuth().catch(() => undefined);
         return { kind: "needs_login", provider: pickedProvider };
     }
     // Confirm we're back: poll for the round-trip, then re-navigate to the
@@ -2089,6 +2427,12 @@ async function attemptOAuthRecovery(browser, expectedUrl) {
         if (host === expectedHost)
             break;
     }
+    // Restore this.page to the product page. The GIS popup flow (kinde/imagekit)
+    // closes the OAuth popup on its own; without this, this.page stays the CLOSED
+    // popup and the re-navigate below throws "Target page has been closed". Only
+    // the discovery bot called settleAfterOAuth before — the replay recovery
+    // never did, so every popup-based OAuth crashed here.
+    await browser.settleAfterOAuth().catch(() => undefined);
     await browser.goto(expectedUrl);
     await browser.wait(2);
     const drift = detectNavigationDrift(browser.currentUrl(), expectedUrl);