@vellumai/assistant 0.5.11 → 0.5.13

package/src/security/oauth2.ts

@@ -20,6 +20,7 @@ import { createHash, randomBytes } from "node:crypto";
 import { createServer, type Server } from "node:http";
 
 import { getLogger } from "../util/logger.js";
+import { renderOAuthCompletionPage as renderLoopbackPage } from "./oauth-completion-page.js";
 
 const log = getLogger("oauth2");
 
@@ -359,7 +360,7 @@ function startLoopbackServerAndWaitForCode(
       res.writeHead(200, { "Content-Type": "text/html" });
       res.end(
         renderLoopbackPage(
-          "Authorization successful! You can close this tab.",
+          "You can close this tab and return to your assistant.",
           true,
         ),
       );
@@ -433,21 +434,6 @@ function startLoopbackServerAndWaitForCode(
   });
 }
 
-function escapeHtml(s: string): string {
-  return s
-    .replace(/&/g, "&")
-    .replace(/</g, "&lt;")
-    .replace(/>/g, "&gt;")
-    .replace(/"/g, "&quot;")
-    .replace(/'/g, "&#39;");
-}
-
-function renderLoopbackPage(message: string, success: boolean): string {
-  const title = success ? "Authorization Successful" : "Authorization Failed";
-  const color = success ? "#4CAF50" : "#f44336";
-  return `<!DOCTYPE html><html><head><title>${escapeHtml(title)}</title><style>body{font-family:system-ui,sans-serif;display:flex;justify-content:center;align-items:center;min-height:100vh;margin:0;background:#f5f5f5}div{text-align:center;padding:2rem;background:white;border-radius:8px;box-shadow:0 2px 4px rgba(0,0,0,0.1)}h1{color:${color}}</style></head><body><div><h1>${escapeHtml(title)}</h1><p>${escapeHtml(message)}</p></div></body></html>`;
-}
-
 // ---------------------------------------------------------------------------
 // Public API
 // ---------------------------------------------------------------------------
@@ -640,7 +626,7 @@ function startLoopbackServerForPreparedFlow(
       res.writeHead(200, { "Content-Type": "text/html" });
       res.end(
         renderLoopbackPage(
-          "Authorization successful! You can close this tab.",
+          "You can close this tab and return to your assistant.",
           true,
         ),
       );

package/src/security/secure-keys.ts

@@ -5,13 +5,16 @@
  * Backend selection (`resolveBackendAsync`) is the single async decision point:
  *   1. CES RPC (primary) — injected via `setCesClient()`: delegates credential
  *      operations to the CES process over stdio RPC. This is the default path
- *      for all local modes (desktop app, dev, CLI).
+ *      for local modes and the managed bootstrap handshake path.
  *   2. CES HTTP — containerized mode (IS_CONTAINERIZED + CES_CREDENTIAL_URL):
- *      delegates to the CES sidecar over HTTP. Used in Docker/managed mode.
+ *      delegates to the CES sidecar over HTTP. Used in Docker/managed mode,
+ *      including failover when the bootstrap RPC transport dies later.
  *   3. Encrypted file store (fallback) — used when CES is unavailable.
  *
  * All operations (reads, writes, lists, deletes) go to exactly one backend.
- * There are no cross-backend fallbacks or merges.
+ * There are no cross-store fallbacks or merges. The only transport failover is
+ * CES RPC → CES HTTP in managed mode; both backends target the same CES
+ * sidecar and credential data.
  */
 
 import type {
@@ -56,12 +59,59 @@ let _encryptedStore: CredentialBackend | undefined;
 let _resolvedBackend: CredentialBackend | undefined;
 let _resolvePromise: Promise<CredentialBackend> | undefined;
 
+/**
+ * Optional callback that attempts to re-establish a CES connection when
+ * the current transport dies. Set by lifecycle.ts after initial CES startup.
+ * Returns a new CesClient on success, or undefined if reconnection failed.
+ */
+let _cesReconnect: (() => Promise<CesClient | undefined>) | undefined;
+
+/** Optional listener invoked whenever setCesClient() updates the client. */
+let _cesClientListener: ((client: CesClient | undefined) => void) | undefined;
+
+/** Epoch ms of the last reconnection attempt. Used for cooldown. */
+let _lastReconnectAttempt = 0;
+
+/** In-flight reconnection promise — concurrent callers share the same attempt. */
+let _reconnectInFlight: Promise<boolean> | undefined;
+
+/**
+ * Set to true when a ces-http operation returns an unreachable result.
+ * Triggers CES RPC reconnection on the next resolveBackendAsync() call so
+ * we don't keep routing to a dead HTTP endpoint. Cleared on reconnection or
+ * backend reset.
+ */
+let _cesHttpUnreachable = false;
+
+/** Minimum interval between CES reconnection attempts. */
+const RECONNECT_COOLDOWN_MS = 3_000;
+
 /** Inject a CES RPC client for credential routing. Resets the resolved backend. */
 export function setCesClient(client: CesClient | undefined): void {
   _cesClient = client;
   // Reset resolved backend so next call picks up CES
   _resolvedBackend = undefined;
   _resolvePromise = undefined;
+  _cesHttpUnreachable = false;
+  _cesClientListener?.(client);
+}
+
+/**
+ * Register a listener that is called whenever setCesClient() updates the
+ * CES client reference. Used by lifecycle.ts to keep DaemonServer in sync
+ * after a successful reconnection.
+ */
+export function onCesClientChanged(
+  fn: ((client: CesClient | undefined) => void) | undefined,
+): void {
+  _cesClientListener = fn;
+}
+
+/** Register a callback for reconnecting to CES when the transport dies. */
+export function setCesReconnect(
+  fn: (() => Promise<CesClient | undefined>) | undefined,
+): void {
+  _cesReconnect = fn;
 }
 
 function getEncryptedStoreBackend(): CredentialBackend {
@@ -77,17 +127,141 @@ function getEncryptedStoreBackend(): CredentialBackend {
  *   2. Containerized + CES_CREDENTIAL_URL → CES HTTP client (Docker/managed).
  *   3. Encrypted file store → fallback when CES is unavailable.
  *
- * Once resolved, the backend does not change during the process lifetime.
+ * Once resolved, the backend is cached. If it becomes unavailable (e.g. the
+ * CES transport dies), we attempt to reconnect via `_cesReconnect` rather
+ * than falling back to a different backend. In managed cloud mode CES is the
+ * primary credential source — falling back to the encrypted file store would
+ * silently serve stale or empty data.
+ *
+ * In managed mode, if the CES bootstrap RPC transport dies, we first fail
+ * over from CES RPC to the CES HTTP credential API exposed by the same
+ * sidecar. This avoids pinning credential reads to a dead bootstrap socket
+ * when the in-pod HTTP interface is still healthy.
+ *
+ * If HTTP failover is unavailable, we attempt CES RPC reconnection. When
+ * reconnection succeeds the cache is refreshed with the new client.
+ *
+ * If neither recovery path succeeds, the existing unavailable backend is
+ * returned — its methods short-circuit via `isAvailable()` guards and return
+ * `unreachable` results so callers can degrade gracefully.
+ *
+ * Additionally, if CES failed on initial startup (so the encrypted file
+ * store became the resolved backend) but the reconnection callback is
+ * registered, we periodically attempt to upgrade to CES — ensuring managed
+ * cloud deployments don't stay on the (potentially stale) file store.
+ *
  * Call `_resetBackend()` in tests to clear the cached resolution.
  */
 async function resolveBackendAsync(): Promise<CredentialBackend> {
-  if (_resolvedBackend) return _resolvedBackend;
+  if (_resolvedBackend) {
+    if (!_resolvedBackend.isAvailable()) {
+      const cesHttpFallback = tryFailoverToCesHttpBackend(_resolvedBackend);
+      if (cesHttpFallback) {
+        return cesHttpFallback;
+      }
+
+      // Backend is no longer reachable — attempt CES reconnection.
+      const reconnected = await attemptCesReconnection();
+      if (reconnected) {
+        // setCesClient() cleared the cache — fall through to re-resolve
+        // with the fresh client.
+      } else {
+        // Reconnection failed or on cooldown — return the existing (dead)
+        // backend. Its methods short-circuit via isAvailable() guards and
+        // return unreachable results. Callers like getProviderKeyAsync fall
+        // back to env vars, and embedding backend selection uses cached
+        // backends.
+        return _resolvedBackend;
+      }
+    } else if (
+      _cesReconnect &&
+      (_resolvedBackend.name === "encrypted-store" ||
+        (_resolvedBackend.name === "ces-http" && _cesHttpUnreachable))
+    ) {
+      // CES RPC is the preferred backend. Attempt to reconnect when:
+      // - We fell back to the encrypted store (CES startup failed), or
+      // - We're on ces-http but an operation returned unreachable (HTTP
+      //   endpoint is actually down even though isAvailable() returned true,
+      //   since it only checks env vars, not actual connectivity).
+      const reconnected = await attemptCesReconnection();
+      if (reconnected) {
+        // setCesClient() cleared the cache — fall through to re-resolve.
+      } else {
+        // Reconnection failed or on cooldown — continue with current backend.
+        return _resolvedBackend;
+      }
+    } else {
+      return _resolvedBackend;
+    }
+  }
   if (!_resolvePromise) {
     _resolvePromise = doResolveBackend();
   }
   return _resolvePromise;
 }
 
+function tryFailoverToCesHttpBackend(
+  backend: CredentialBackend,
+): CredentialBackend | undefined {
+  if (backend.name !== "ces-rpc") return undefined;
+  if (!getIsContainerized() || !process.env.CES_CREDENTIAL_URL) {
+    return undefined;
+  }
+
+  const cesHttp = createCesCredentialBackend();
+  if (!cesHttp.isAvailable()) return undefined;
+
+  _resolvedBackend = cesHttp;
+  _resolvePromise = undefined;
+  log.warn(
+    "CES RPC credential backend became unavailable — failing over to CES HTTP backend",
+  );
+  return cesHttp;
+}
+
+/**
+ * Try to re-establish a CES connection when the current transport has died.
+ * Returns true if reconnection succeeded (setCesClient was called with a
+ * new client), false otherwise.
+ *
+ * Concurrent callers share the same in-flight reconnection attempt to avoid
+ * racing on the same process manager. A timestamp cooldown prevents rapid
+ * back-to-back attempts after completion.
+ */
+async function attemptCesReconnection(): Promise<boolean> {
+  if (!_cesReconnect) return false;
+
+  // If a reconnection is already in flight, share it.
+  if (_reconnectInFlight) return _reconnectInFlight;
+
+  // Cooldown — don't retry immediately after a completed attempt.
+  if (Date.now() - _lastReconnectAttempt < RECONNECT_COOLDOWN_MS) return false;
+
+  _lastReconnectAttempt = Date.now();
+  log.warn("Credential backend unavailable — attempting CES reconnection");
+
+  _reconnectInFlight = (async () => {
+    try {
+      const newClient = await _cesReconnect!();
+      if (newClient) {
+        setCesClient(newClient);
+        log.info("CES reconnection successful — credential backend restored");
+        return true;
+      }
+      log.warn("CES reconnection returned no client");
+    } catch (err) {
+      log.warn({ err }, "CES reconnection failed");
+    }
+    return false;
+  })();
+
+  try {
+    return await _reconnectInFlight;
+  } finally {
+    _reconnectInFlight = undefined;
+  }
+}
+
 async function doResolveBackend(): Promise<CredentialBackend> {
   // 1. CES RPC — primary credential backend for all local modes
   if (_cesClient) {
@@ -119,6 +293,21 @@ async function doResolveBackend(): Promise<CredentialBackend> {
   return _resolvedBackend;
 }
 
+/**
+ * Update the ces-http reachability latch after any get/list operation.
+ * Sets `_cesHttpUnreachable = true` on failure so the next
+ * resolveBackendAsync() call triggers a CES RPC reconnection attempt.
+ * Clears it on success so a transient blip doesn't cause endless churn.
+ */
+function updateCesHttpReachability(
+  backend: CredentialBackend,
+  unreachable: boolean,
+): void {
+  if (backend.name === "ces-http") {
+    _cesHttpUnreachable = unreachable;
+  }
+}
+
 /**
  * List all account names from the resolved backend (async).
  *
@@ -126,7 +315,9 @@ async function doResolveBackend(): Promise<CredentialBackend> {
  */
 export async function listSecureKeysAsync(): Promise<CredentialListResult> {
   const backend = await resolveBackendAsync();
-  return backend.list();
+  const result = await backend.list();
+  updateCesHttpReachability(backend, result.unreachable);
+  return result;
 }
 
 // ---------------------------------------------------------------------------
@@ -147,6 +338,7 @@ export async function getSecureKeyResultAsync(
 ): Promise<SecureKeyResult> {
   const backend = await resolveBackendAsync();
   const result = await backend.get(account);
+  updateCesHttpReachability(backend, result.unreachable);
   if (result.value != null) {
     return { value: result.value, unreachable: false };
   }
@@ -180,6 +372,7 @@ export async function setSecureKeyAsync(
       "Credential backend set failed",
     );
   }
+  updateCesHttpReachability(backend, !ok);
   return ok;
 }
 
@@ -192,7 +385,9 @@ export async function deleteSecureKeyAsync(
   account: string,
 ): Promise<DeleteResult> {
   const backend = await resolveBackendAsync();
-  return backend.delete(account);
+  const result = await backend.delete(account);
+  updateCesHttpReachability(backend, result === "error");
+  return result;
 }
 
 // ---------------------------------------------------------------------------
@@ -264,4 +459,9 @@ export function _resetBackend(): void {
   _encryptedStore = undefined;
   _resolvedBackend = undefined;
   _resolvePromise = undefined;
+  _cesReconnect = undefined;
+  _cesClientListener = undefined;
+  _lastReconnectAttempt = 0;
+  _reconnectInFlight = undefined;
+  _cesHttpUnreachable = false;
 }

package/src/security/token-manager.ts

@@ -35,16 +35,13 @@ import { getSecureKeyAsync, setSecureKeyAsync } from "./secure-keys.js";
 
 const log = getLogger("token-manager");
 
-const MESSAGING_SERVICES = new Set(["integration:google", "integration:slack"]);
+const MESSAGING_SERVICES = new Set(["google", "slack"]);
 
 function recoveryHint(service: string): string {
-  const shortName = service.startsWith("integration:")
-    ? service.slice("integration:".length)
-    : service;
   if (MESSAGING_SERVICES.has(service)) {
-    return ` Reconnect ${shortName} — follow the Error Recovery steps in the messaging skill. Do not present options or explain the error to the user.`;
+    return ` Reconnect ${service} — follow the Error Recovery steps in the messaging skill. Do not present options or explain the error to the user.`;
   }
-  return ` Re-authorization required for ${shortName}. Do not present options or explain the error to the user.`;
+  return ` Re-authorization required for ${service}. Do not present options or explain the error to the user.`;
 }
 
 // ── Shared circuit breaker & deduplication instances ──────────────────

package/src/signals/bash.ts

@@ -138,11 +138,16 @@ export function handleBashSignal(filename: string): void {
   const child = spawn("bash", ["-c", command], {
     cwd: getWorkspaceDir(),
     stdio: ["ignore", "pipe", "pipe"],
+    detached: true,
   });
 
   const timer = setTimeout(() => {
     timedOut = true;
-    child.kill("SIGKILL");
+    try {
+      process.kill(-child.pid!, "SIGKILL");
+    } catch {
+      // Process group may have already exited.
+    }
   }, effectiveTimeout);
 
   child.stdout.on("data", (data: Buffer) => {

package/src/skills/catalog-cache.ts

@@ -0,0 +1,44 @@
+import { getLogger } from "../util/logger.js";
+import type { CatalogSkill } from "./catalog-install.js";
+import {
+  fetchCatalog,
+  getRepoSkillsDir,
+  readLocalCatalog,
+} from "./catalog-install.js";
+
+const log = getLogger("catalog-cache");
+const CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes
+
+let cachedCatalog: CatalogSkill[] | null = null;
+let cacheTimestamp = 0;
+
+/** Resolve the Vellum catalog with in-memory caching. */
+export async function getCatalog(): Promise<CatalogSkill[]> {
+  if (cachedCatalog && Date.now() - cacheTimestamp < CACHE_TTL_MS) {
+    return cachedCatalog;
+  }
+  const repoSkillsDir = getRepoSkillsDir();
+  let catalog: CatalogSkill[];
+  if (repoSkillsDir) {
+    catalog = readLocalCatalog(repoSkillsDir);
+  } else {
+    try {
+      catalog = await fetchCatalog();
+    } catch (err) {
+      log.warn(
+        { err },
+        "Failed to fetch Vellum catalog, using stale cache or empty",
+      );
+      return cachedCatalog ?? [];
+    }
+  }
+  cachedCatalog = catalog;
+  cacheTimestamp = Date.now();
+  return catalog;
+}
+
+/** Invalidate the cache (for testing or forced refresh). */
+export function invalidateCatalogCache(): void {
+  cachedCatalog = null;
+  cacheTimestamp = 0;
+}

package/src/skills/catalog-search.ts

@@ -0,0 +1,18 @@
+/**
+ * Shared catalog text-search helper.
+ *
+ * Both the CLI `skills search` command and the daemon `searchSkills` handler
+ * need case-insensitive substring matching across multiple fields. This module
+ * provides a single generic implementation to prevent the two from drifting.
+ */
+
+export function filterByQuery<T>(
+  items: T[],
+  query: string,
+  fields: ((item: T) => string)[],
+): T[] {
+  const lower = query.toLowerCase();
+  return items.filter((item) =>
+    fields.some((fn) => fn(item).toLowerCase().includes(lower)),
+  );
+}

package/src/tools/browser/browser-manager.ts

@@ -242,13 +242,13 @@ class BrowserManager {
         if (!chromiumInstalled) {
           log.info("Chromium not installed, installing via playwright...");
           const proc = Bun.spawn(
-            ["bunx", "playwright", "install", "chromium"],
+            ["bunx", "playwright", "install", "--with-deps", "chromium"],
             {
               stdout: "pipe",
               stderr: "pipe",
             },
           );
-          const timeoutMs = 120_000;
+          const timeoutMs = 300_000;
           let timer: ReturnType<typeof setTimeout>;
           const exitCode = await Promise.race([
             proc.exited.finally(() => clearTimeout(timer)),

package/src/tools/credentials/post-connect-hooks.ts

@@ -48,7 +48,7 @@ async function slackWelcomeDM(ctx: PostConnectHookContext): Promise<void> {
 // ---------------------------------------------------------------------------
 
 const POST_CONNECT_HOOKS: Record<string, PostConnectHook> = {
-  "integration:slack": slackWelcomeDM,
+  slack: slackWelcomeDM,
 };
 
 /**

package/src/tools/credentials/vault.ts

@@ -11,12 +11,8 @@ import {
   getAppByProviderAndClientId,
   getMostRecentAppByProvider,
   getProvider,
+  listProviders,
 } from "../../oauth/oauth-store.js";
-import {
-  getProviderBehavior,
-  resolveService,
-  SERVICE_ALIASES,
-} from "../../oauth/provider-behaviors.js";
 import { RiskLevel } from "../../permissions/types.js";
 import type { ToolDefinition } from "../../providers/types.js";
 import { buildAssistantEvent } from "../../runtime/assistant-event.js";
@@ -103,11 +99,11 @@ class CredentialStoreTool implements Tool {
               "describe",
             ],
             description:
-              'The operation to perform. Use "prompt" to ask the user for a secret via secure UI - the value never enters the conversation. Use "oauth2_connect" to connect an OAuth2 service via browser authorization. Use "describe" to get setup metadata for a well-known OAuth service (dashboard URL, scopes, redirect URI, etc.). For well-known services (gmail, slack), only the service name is required - endpoints, scopes, and stored client credentials are resolved automatically.',
+              'The operation to perform. Use "prompt" to ask the user for a secret via secure UI - the value never enters the conversation. Use "oauth2_connect" to connect an OAuth2 service via browser authorization. Use "describe" to get setup metadata for a well-known OAuth service (dashboard URL, scopes, redirect URI, etc.). For well-known services (google, slack), only the service name is required - endpoints, scopes, and stored client credentials are resolved automatically.',
           },
           service: {
             type: "string",
-            description: "Service name, e.g. gmail, github",
+            description: "Service name, e.g. google, github",
           },
           account: {
             type: "string",
@@ -158,7 +154,7 @@ class CredentialStoreTool implements Tool {
             type: "array",
             items: { type: "string" },
             description:
-              "OAuth2 scopes to request (only for oauth2_connect action). Auto-filled for well-known services (gmail, slack).",
+              "OAuth2 scopes to request (only for oauth2_connect action). Auto-filled for well-known services (google, slack).",
           },
           client_id: {
             type: "string",
@@ -822,18 +818,13 @@ class CredentialStoreTool implements Tool {
       }
 
       case "oauth2_connect": {
-        const rawService = input.service as string | undefined;
-        if (!rawService)
+        const service = input.service as string | undefined;
+        if (!service)
           return {
             content: "Error: service is required for oauth2_connect action",
             isError: true,
           };
 
-        // Resolve aliases (e.g. "gmail" → "integration:google")
-        const service = resolveService(rawService);
-
-        // Code-side behavioral fields (identityVerifier, setup, etc.)
-        const behavior = getProviderBehavior(service);
         // Protocol-level config from the DB (authUrl, tokenUrl, scopes, etc.)
         const providerRow = getProvider(service);
 
@@ -880,16 +871,10 @@ class CredentialStoreTool implements Tool {
         // Fail early when client_secret is required but missing - guide the
         // agent to collect it from the user rather than letting it improvise
         // browser-automation workarounds that inevitably fail.
-        const requiresSecret =
-          behavior?.setup?.requiresClientSecret ??
-          !!(providerRow.tokenEndpointAuthMethod || providerRow.extraParams);
+        const requiresSecret = !!providerRow.requiresClientSecret;
         if (requiresSecret && !clientSecret) {
-          const skillId = behavior?.setupSkillId;
-          const skillHint = skillId
-            ? `\n\nLoad the "${skillId}" skill for provider-specific instructions on obtaining the client secret.`
-            : '\n\nUse credential_store with action "prompt" to securely collect the client_secret from the user before calling oauth2_connect again.';
           return {
-            content: `Error: client_secret is required for ${rawService} but not found in the vault.${skillHint}`,
+            content: `Error: client_secret is required for ${service} but not found in the vault.\n\nUse credential_store with action "prompt" to securely collect the client_secret from the user before calling oauth2_connect again.`,
             isError: true,
           };
         }
@@ -897,7 +882,7 @@ class CredentialStoreTool implements Tool {
         // Delegate to the shared orchestrator - it resolves authUrl, tokenUrl,
         // extraParams, userinfoUrl, and tokenEndpointAuthMethod from the DB.
         const result = await orchestrateOAuthConnect({
-          service: rawService,
+          service,
           clientId,
           clientSecret,
           isInteractive: !!context.isInteractive,
@@ -949,7 +934,7 @@ class CredentialStoreTool implements Tool {
 
         if (result.deferred) {
           return {
-            content: `To connect ${rawService}, open this link and authorize access:\n\n${result.authUrl}\n\nOnce you authorize, the connection will be set up automatically. You can verify by asking me to check your inbox.`,
+            content: `To connect ${service}, open this link and authorize access:\n\n${result.authUrl}\n\nOnce you authorize, the connection will be set up automatically. You can verify by asking me to check your inbox.`,
             isError: false,
           };
         }
@@ -963,34 +948,30 @@ class CredentialStoreTool implements Tool {
       }
 
       case "describe": {
-        const rawService = (input.service as string | undefined) ?? "";
-        if (!rawService) {
+        const descService = (input.service as string | undefined) ?? "";
+        if (!descService) {
           return {
             content: "Error: service is required for describe action",
             isError: true,
           };
         }
-        const resolvedService = resolveService(rawService);
-        const descProviderRow = getProvider(resolvedService);
+        const descProviderRow = getProvider(descService);
         if (!descProviderRow) {
+          const availableServices = listProviders().map((p) => p.providerKey);
           return {
-            content: `No well-known OAuth config found for "${rawService}". Available services: ${Object.keys(
-              SERVICE_ALIASES,
-            ).join(", ")}`,
+            content: `No well-known OAuth config found for "${descService}". Available services: ${availableServices.join(", ")}`,
             isError: false,
           };
         }
 
-        const descBehavior = getProviderBehavior(resolvedService);
-
         // Compute the redirect URI based on callback transport
         let redirectUri: string;
         const transport =
           (descProviderRow.callbackTransport as
             | "loopback"
             | "gateway"
-            | null) ?? "gateway";
-        const loopbackPort = descBehavior?.loopbackPort;
+            | null) ?? "loopback";
+        const loopbackPort = descProviderRow.loopbackPort;
         if (transport === "loopback" && loopbackPort) {
           redirectUri = `http://localhost:${loopbackPort}/oauth/callback`;
         } else if (transport === "loopback") {
@@ -1010,20 +991,14 @@ class CredentialStoreTool implements Tool {
           }
         }
 
-        // Prefer explicit setup metadata, fall back to heuristic
-        const requiresClientSecret =
-          descBehavior?.setup?.requiresClientSecret ??
-          !!(
-            descProviderRow.tokenEndpointAuthMethod ||
-            descProviderRow.extraParams
-          );
+        const requiresClientSecret = !!descProviderRow.requiresClientSecret;
 
         const descDefaultScopes: string[] = descProviderRow.defaultScopes
           ? JSON.parse(descProviderRow.defaultScopes)
           : [];
 
         const info: Record<string, unknown> = {
-          service: resolvedService,
+          service: descService,
           authUrl: descProviderRow.authUrl,
           tokenUrl: descProviderRow.tokenUrl,
           scopes: descDefaultScopes,
@@ -1031,7 +1006,21 @@ class CredentialStoreTool implements Tool {
           redirectUri,
           requiresClientSecret,
         };
-        if (descBehavior?.setup) info.setup = descBehavior.setup;
+        if (
+          descProviderRow.displayName &&
+          descProviderRow.dashboardUrl &&
+          descProviderRow.appType
+        ) {
+          info.setup = {
+            displayName: descProviderRow.displayName,
+            dashboardUrl: descProviderRow.dashboardUrl,
+            appType: descProviderRow.appType,
+            requiresClientSecret: !!descProviderRow.requiresClientSecret,
+            ...(descProviderRow.setupNotes
+              ? { notes: JSON.parse(descProviderRow.setupNotes) }
+              : {}),
+          };
+        }
         if (descProviderRow.extraParams) {
           try {
             info.extraParams = JSON.parse(descProviderRow.extraParams);