npm - @vellumai/assistant - Versions diffs - 0.6.2 → 0.6.4 - Mend

@vellumai/assistant 0.6.2 → 0.6.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (895) hide show

package/ARCHITECTURE.md +273 -10
package/Dockerfile +2 -3
package/bun.lock +41 -49
package/bunfig.toml +3 -0
package/docs/architecture/memory.md +1 -1
package/docs/backup-troubleshooting.md +52 -0
package/docs/browser-use-architecture-phase2.md +174 -0
package/docs/stt-provider-onboarding.md +120 -0
package/knip.json +12 -2
package/node_modules/@vellumai/ces-contracts/bun.lock +8 -6
package/node_modules/@vellumai/ces-contracts/package.json +3 -3
package/node_modules/@vellumai/ces-contracts/src/rpc.ts +42 -0
package/openapi.yaml +1111 -86
package/package.json +40 -42
package/scripts/generate-openapi.ts +0 -2
package/scripts/test.sh +73 -18
package/src/__tests__/acp-session.test.ts +43 -0
package/src/__tests__/agent-image-optimize.test.ts +28 -0
package/src/__tests__/agent-loop.test.ts +123 -0
package/src/__tests__/anthropic-provider.test.ts +263 -10
package/src/__tests__/app-builder-tool-scripts.test.ts +1 -0
package/src/__tests__/app-executors.test.ts +1 -0
package/src/__tests__/app-source-watcher.test.ts +37 -11
package/src/__tests__/approval-routes-http.test.ts +178 -1
package/src/__tests__/auto-analysis-end-to-end.test.ts +550 -0
package/src/__tests__/auto-analysis-prompt.test.ts +50 -0
package/src/__tests__/browser-fill-credential.test.ts +240 -94
package/src/__tests__/browser-manager.test.ts +40 -27
package/src/__tests__/browser-skill-baseline-tool-payload.test.ts +2 -2
package/src/__tests__/browser-skill-endstate.test.ts +31 -7
package/src/__tests__/btw-routes.test.ts +7 -0
package/src/__tests__/call-controller.test.ts +581 -20
package/src/__tests__/catalog-files.test.ts +1000 -0
package/src/__tests__/channel-approvals.test.ts +53 -0
package/src/__tests__/channel-invite-transport.test.ts +2 -2
package/src/__tests__/channel-readiness-routes.test.ts +16 -20
package/src/__tests__/channel-readiness-service.test.ts +12 -7
package/src/__tests__/checker.test.ts +157 -10
package/src/__tests__/clawhub-files.test.ts +347 -0
package/src/__tests__/commit-message-enrichment-service.test.ts +36 -19
package/src/__tests__/config-analysis.test.ts +100 -0
package/src/__tests__/config-managed-gemini-defaults.test.ts +326 -0
package/src/__tests__/config-schema-cmd.test.ts +2 -2
package/src/__tests__/config-schema.test.ts +1248 -224
package/src/__tests__/config-watcher-cleanup-throttle.test.ts +339 -0
package/src/__tests__/config-watcher.test.ts +43 -8
package/src/__tests__/confirmation-request-guardian-bridge.test.ts +23 -0
package/src/__tests__/contact-store-user-file.test.ts +512 -0
package/src/__tests__/contacts-write.test.ts +197 -0
package/src/__tests__/context-overflow-approval.test.ts +16 -1
package/src/__tests__/context-window-manager.test.ts +88 -0
package/src/__tests__/conversation-abort-tool-results.test.ts +2 -0
package/src/__tests__/conversation-agent-loop-overflow.test.ts +2 -1
package/src/__tests__/conversation-agent-loop.test.ts +99 -3
package/src/__tests__/conversation-analysis-routes.test.ts +2 -2
package/src/__tests__/conversation-attachments.test.ts +80 -4
package/src/__tests__/conversation-confirmation-signals.test.ts +290 -0
package/src/__tests__/conversation-error.test.ts +70 -0
package/src/__tests__/conversation-fork-crud.test.ts +17 -0
package/src/__tests__/conversation-history-web-search.test.ts +12 -4
package/src/__tests__/conversation-host-access-routes.test.ts +229 -0
package/src/__tests__/conversation-init.benchmark.test.ts +6 -1
package/src/__tests__/conversation-inject-context.test.ts +103 -0
package/src/__tests__/conversation-launcher-skill-regression.test.ts +51 -0
package/src/__tests__/conversation-list-source.test.ts +145 -0
package/src/__tests__/conversation-pre-run-repair.test.ts +2 -0
package/src/__tests__/conversation-provider-retry-repair.test.ts +2 -0
package/src/__tests__/conversation-queue.test.ts +946 -62
package/src/__tests__/conversation-routes-disk-view.test.ts +275 -0
package/src/__tests__/conversation-routes-guardian-reply.test.ts +16 -0
package/src/__tests__/conversation-routes-slash-commands.test.ts +1 -0
package/src/__tests__/conversation-runtime-assembly.test.ts +324 -46
package/src/__tests__/conversation-skill-tools.test.ts +7 -4
package/src/__tests__/conversation-slash-commands.test.ts +33 -0
package/src/__tests__/conversation-slash-queue.test.ts +89 -18
package/src/__tests__/conversation-slash-unknown.test.ts +2 -0
package/src/__tests__/conversation-starter-routes.test.ts +126 -0
package/src/__tests__/conversation-starters-cadence.test.ts +161 -0
package/src/__tests__/conversation-store.test.ts +195 -0
package/src/__tests__/conversation-tool-setup-batch-authorized.test.ts +226 -0
package/src/__tests__/conversation-workspace-cache-state.test.ts +193 -0
package/src/__tests__/conversation-workspace-injection.test.ts +2 -0
package/src/__tests__/conversation-workspace-tool-tracking.test.ts +2 -0
package/src/__tests__/credential-execution-approval-bridge.test.ts +32 -1
package/src/__tests__/credential-health-service.test.ts +352 -0
package/src/__tests__/credential-security-invariants.test.ts +6 -3
package/src/__tests__/credential-vault-unit.test.ts +383 -7
package/src/__tests__/credential-vault.test.ts +152 -13
package/src/__tests__/credentials-cli.test.ts +42 -18
package/src/__tests__/cross-provider-web-search.test.ts +146 -35
package/src/__tests__/date-context.test.ts +4 -4
package/src/__tests__/deterministic-verification-control-plane.test.ts +10 -1
package/src/__tests__/device-id.test.ts +112 -0
package/src/__tests__/docker-signing-key-bootstrap.test.ts +167 -4
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +1 -3
package/src/__tests__/email-html-renderer.test.ts +71 -0
package/src/__tests__/email-invite-adapter.test.ts +36 -32
package/src/__tests__/embedding-managed-proxy-selection.test.ts +256 -0
package/src/__tests__/emit-event-signal.test.ts +71 -0
package/src/__tests__/extension-id-sync-guard.test.ts +222 -0
package/src/__tests__/fixtures/mock-chrome-extension.ts +386 -0
package/src/__tests__/gateway-only-enforcement.test.ts +206 -1
package/src/__tests__/gateway-only-guard.test.ts +2 -0
package/src/__tests__/gemini-provider.test.ts +66 -2
package/src/__tests__/get-skill-detail-audit.test.ts +325 -0
package/src/__tests__/gmail-archive-fallback.test.ts +193 -0
package/src/__tests__/gmail-archive-gate.test.ts +246 -0
package/src/__tests__/gmail-preferences.test.ts +117 -0
package/src/__tests__/guardian-routing-invariants.test.ts +70 -2
package/src/__tests__/headless-browser-interactions.test.ts +738 -359
package/src/__tests__/headless-browser-mode.test.ts +614 -0
package/src/__tests__/headless-browser-navigate.test.ts +528 -49
package/src/__tests__/headless-browser-read-tools.test.ts +274 -100
package/src/__tests__/headless-browser-snapshot.test.ts +250 -77
package/src/__tests__/heartbeat-service.test.ts +70 -17
package/src/__tests__/home-state-routes.test.ts +162 -0
package/src/__tests__/host-bash-proxy.test.ts +145 -1
package/src/__tests__/host-browser-e2e-cloud.test.ts +596 -0
package/src/__tests__/host-browser-e2e-self-hosted-capability.test.ts +286 -0
package/src/__tests__/host-browser-e2e-self-hosted.test.ts +374 -0
package/src/__tests__/host-browser-event-routes.test.ts +350 -0
package/src/__tests__/host-browser-proxy.test.ts +444 -0
package/src/__tests__/host-browser-routes.test.ts +198 -0
package/src/__tests__/host-browser-ws-events-e2e.test.ts +423 -0
package/src/__tests__/host-cu-proxy.test.ts +166 -1
package/src/__tests__/host-file-proxy.test.ts +185 -1
package/src/__tests__/host-file-read-tool.test.ts +52 -0
package/src/__tests__/host-proxy-interface.test.ts +165 -0
package/src/__tests__/host-shell-tool.test.ts +1 -11
package/src/__tests__/http-user-message-parity.test.ts +1 -0
package/src/__tests__/identity-intro-cache.test.ts +40 -10
package/src/__tests__/init-feature-flag-overrides.test.ts +38 -112
package/src/__tests__/integration-status.test.ts +6 -7
package/src/__tests__/jobs-store-upsert-debounced.test.ts +141 -0
package/src/__tests__/list-messages-tool-merge.test.ts +37 -12
package/src/__tests__/llm-context-normalization.test.ts +488 -0
package/src/__tests__/llm-context-route-provider.test.ts +86 -5
package/src/__tests__/llm-usage-store.test.ts +363 -0
package/src/__tests__/mcp-client-auth.test.ts +40 -4
package/src/__tests__/mcp-health-check.test.ts +10 -3
package/src/__tests__/media-stream-output.test.ts +555 -0
package/src/__tests__/media-stream-parser.test.ts +374 -0
package/src/__tests__/media-stream-server-integration.test.ts +1234 -0
package/src/__tests__/media-stream-stt-session.test.ts +588 -0
package/src/__tests__/media-turn-detector.test.ts +440 -0
package/src/__tests__/message-queue.test.ts +125 -0
package/src/__tests__/migration-cross-version-compatibility.test.ts +3 -1
package/src/__tests__/migration-export-http.test.ts +67 -8
package/src/__tests__/migration-export-streaming.test.ts +66 -0
package/src/__tests__/migration-import-commit-http.test.ts +109 -7
package/src/__tests__/migration-import-preflight-http.test.ts +6 -5
package/src/__tests__/migration-validate-http.test.ts +3 -3
package/src/__tests__/mock-gateway-ipc.ts +151 -0
package/src/__tests__/model-intents.test.ts +2 -2
package/src/__tests__/native-host-marker-sync-guard.test.ts +157 -0
package/src/__tests__/oauth-apps-routes.test.ts +18 -12
package/src/__tests__/oauth-cli.test.ts +709 -60
package/src/__tests__/oauth-connect-orchestrator.test.ts +118 -24
package/src/__tests__/oauth-provider-seed-logos.test.ts +23 -0
package/src/__tests__/oauth-provider-serializer.test.ts +147 -10
package/src/__tests__/oauth-provider-visibility.test.ts +19 -21
package/src/__tests__/oauth-providers-routes.test.ts +52 -14
package/src/__tests__/oauth-store.test.ts +1465 -176
package/src/__tests__/oauth2-gateway-transport.test.ts +460 -26
package/src/__tests__/onboarding-template-contract.test.ts +81 -70
package/src/__tests__/openai-provider.test.ts +178 -2
package/src/__tests__/openai-responses-cutover-guard.test.ts +184 -0
package/src/__tests__/openai-responses-provider.test.ts +1105 -0
package/src/__tests__/openrouter-token-estimation.test.ts +100 -0
package/src/__tests__/outlook-categories.test.ts +1 -1
package/src/__tests__/outlook-client-automation.test.ts +1 -1
package/src/__tests__/outlook-compose-tools.test.ts +1 -1
package/src/__tests__/outlook-email-watcher.test.ts +1 -1
package/src/__tests__/outlook-follow-up.test.ts +1 -1
package/src/__tests__/outlook-messaging-provider.test.ts +2 -2
package/src/__tests__/outlook-trash.test.ts +1 -1
package/src/__tests__/outlook-unsubscribe.test.ts +32 -3
package/src/__tests__/permission-checker-host-gate.test.ts +74 -14
package/src/__tests__/permission-mode.test.ts +28 -56
package/src/__tests__/persona-resolver.test.ts +251 -0
package/src/__tests__/platform-bash-auto-approve.test.ts +4 -0
package/src/__tests__/platform-callback-registration.test.ts +19 -0
package/src/__tests__/platform.test.ts +92 -1
package/src/__tests__/post-turn-tool-result-truncation.test.ts +343 -0
package/src/__tests__/prechat-onboarding-contract.test.ts +267 -0
package/src/__tests__/pricing.test.ts +174 -0
package/src/__tests__/proxy-approval-callback.test.ts +18 -0
package/src/__tests__/qdrant-manager.test.ts +29 -8
package/src/__tests__/regenerate-fire-and-forget-trace.test.ts +194 -0
package/src/__tests__/relationship-state-contract.test.ts +175 -0
package/src/__tests__/relay-server.test.ts +423 -5
package/src/__tests__/require-fresh-approval.test.ts +40 -1
package/src/__tests__/sanitize-config-for-transfer.test.ts +132 -0
package/src/__tests__/schedule-routes.test.ts +162 -0
package/src/__tests__/search-skills-unified.test.ts +118 -0
package/src/__tests__/secret-detection-handler.test.ts +84 -0
package/src/__tests__/secret-ingress-http.test.ts +1 -0
package/src/__tests__/secret-scanner-executor.test.ts +4 -0
package/src/__tests__/secure-keys.test.ts +107 -0
package/src/__tests__/send-endpoint-busy.test.ts +8 -1
package/src/__tests__/sequence-store.test.ts +1 -1
package/src/__tests__/server-history-render.test.ts +49 -0
package/src/__tests__/set-permission-mode.test.ts +13 -250
package/src/__tests__/settings-routes.test.ts +201 -0
package/src/__tests__/skill-load-feature-flag.test.ts +1 -0
package/src/__tests__/skills-file-content-endpoint.test.ts +801 -0
package/src/__tests__/skills-files-catalog-fallback.test.ts +738 -0
package/src/__tests__/skills.test.ts +5 -2
package/src/__tests__/skillssh-files.test.ts +446 -0
package/src/__tests__/slack-block-formatting.test.ts +110 -0
package/src/__tests__/slack-channel-config.test.ts +576 -16
package/src/__tests__/stt-catalog-parity.test.ts +282 -0
package/src/__tests__/stt-stream-session.test.ts +535 -0
package/src/__tests__/subagent-detail.test.ts +44 -2
package/src/__tests__/subagent-disposal.test.ts +1 -0
package/src/__tests__/subagent-fork-notifications.test.ts +291 -0
package/src/__tests__/subagent-fork-spawn.test.ts +384 -0
package/src/__tests__/subagent-manager-notify.test.ts +1 -0
package/src/__tests__/subagent-notify-parent.test.ts +1 -0
package/src/__tests__/subagent-spawn-tool-fork.test.ts +411 -0
package/src/__tests__/subagent-tools.test.ts +1 -0
package/src/__tests__/subagent-types.test.ts +1 -0
package/src/__tests__/system-prompt-ask-mode.test.ts +27 -71
package/src/__tests__/system-prompt.test.ts +184 -27
package/src/__tests__/task-scheduler.test.ts +32 -6
package/src/__tests__/telegram-config.test.ts +10 -13
package/src/__tests__/telephony-stt-routing.test.ts +329 -0
package/src/__tests__/terminal-tools.test.ts +25 -5
package/src/__tests__/test-preload.ts +18 -0
package/src/__tests__/test-support/browser-skill-harness.ts +4 -1
package/src/__tests__/tool-approval-handler.test.ts +73 -0
package/src/__tests__/tool-executor-lifecycle-events.test.ts +9 -5
package/src/__tests__/tool-executor-shell-integration.test.ts +4 -0
package/src/__tests__/tool-executor.test.ts +33 -24
package/src/__tests__/tool-result-truncation.test.ts +36 -0
package/src/__tests__/tool-side-effects-slack-dm.test.ts +22 -0
package/src/__tests__/top-level-renderer.test.ts +73 -1
package/src/__tests__/transport-hints-queue.test.ts +14 -29
package/src/__tests__/trust-store.test.ts +7 -1
package/src/__tests__/trusted-contact-approval-notifier.test.ts +1 -1
package/src/__tests__/trusted-contact-inline-approval-integration.test.ts +109 -0
package/src/__tests__/tts-catalog-parity.test.ts +345 -0
package/src/__tests__/twilio-routes-twiml.test.ts +512 -114
package/src/__tests__/twilio-routes.test.ts +376 -0
package/src/__tests__/unicode.test.ts +293 -0
package/src/__tests__/update-bulletin-format.test.ts +59 -0
package/src/__tests__/update-bulletin.test.ts +206 -5
package/src/__tests__/usage-routes.test.ts +25 -4
package/src/__tests__/user-reference.test.ts +46 -61
package/src/__tests__/v2-consent-policy.test.ts +103 -0
package/src/__tests__/verification-control-plane-policy.test.ts +4 -0
package/src/__tests__/voice-config-update.test.ts +403 -0
package/src/__tests__/voice-quality.test.ts +434 -19
package/src/__tests__/workspace-heartbeat-service.test.ts +7 -0
package/src/__tests__/workspace-migration-033-stt-service-explicit-config.test.ts +547 -0
package/src/__tests__/workspace-migration-034-remove-calls-voice-transcription-provider.test.ts +596 -0
package/src/__tests__/workspace-migration-drop-user-md.test.ts +368 -0
package/src/__tests__/workspace-migration-meets.test.ts +244 -0
package/src/__tests__/workspace-migration-seed-device-id.test.ts +14 -20
package/src/__tests__/workspace-policy.test.ts +2 -0
package/src/acp/client-handler.ts +30 -4
package/src/agent/image-optimize.ts +24 -12
package/src/agent/loop.ts +55 -9
package/src/approvals/guardian-request-resolvers.ts +21 -15
package/src/backup/__tests__/backup-key.test.ts +152 -0
package/src/backup/__tests__/backup-worker.test.ts +767 -0
package/src/backup/__tests__/list-snapshots.test.ts +87 -0
package/src/backup/__tests__/local-writer.test.ts +218 -0
package/src/backup/__tests__/offsite-writer.test.ts +641 -0
package/src/backup/__tests__/paths.test.ts +300 -0
package/src/backup/__tests__/restore.test.ts +498 -0
package/src/backup/__tests__/snapshot-lock.test.ts +352 -0
package/src/backup/__tests__/stream-crypt.test.ts +228 -0
package/src/backup/backup-key.ts +137 -0
package/src/backup/backup-worker.ts +459 -0
package/src/backup/list-snapshots.ts +147 -0
package/src/backup/local-writer.ts +133 -0
package/src/backup/offsite-writer.ts +222 -0
package/src/backup/paths.ts +226 -0
package/src/backup/restore.ts +322 -0
package/src/backup/snapshot-lock.ts +431 -0
package/src/backup/stream-crypt.ts +263 -0
package/src/browser-session/__tests__/manager.test.ts +297 -0
package/src/browser-session/backends/cdp-inspect.ts +30 -0
package/src/browser-session/backends/extension.ts +26 -0
package/src/browser-session/backends/local.ts +24 -0
package/src/browser-session/events.ts +164 -0
package/src/browser-session/index.ts +27 -0
package/src/browser-session/manager.ts +159 -0
package/src/browser-session/types.ts +28 -0
package/src/bundler/package-resolver.ts +4 -0
package/src/calls/audio-store.ts +11 -5
package/src/calls/call-controller.ts +226 -71
package/src/calls/call-domain.ts +9 -0
package/src/calls/call-speech-output.ts +190 -0
package/src/calls/call-transport.ts +77 -0
package/src/calls/media-stream-audio-transcode.ts +173 -0
package/src/calls/media-stream-output.ts +660 -0
package/src/calls/media-stream-parser.ts +300 -0
package/src/calls/media-stream-protocol.ts +166 -0
package/src/calls/media-stream-server.ts +592 -0
package/src/calls/media-stream-stt-session.ts +460 -0
package/src/calls/media-turn-detector.ts +230 -0
package/src/calls/relay-server.ts +90 -75
package/src/calls/resolve-call-tts-provider.ts +136 -0
package/src/calls/telephony-stt-routing.ts +145 -0
package/src/calls/tts-call-strategy.ts +161 -0
package/src/calls/tts-text-sanitizer.ts +32 -16
package/src/calls/twilio-routes.ts +281 -17
package/src/calls/voice-quality.ts +78 -35
package/src/calls/voice-session-bridge.ts +8 -1
package/src/channels/__tests__/types.test.ts +134 -0
package/src/channels/types.ts +69 -3
package/src/cli/__tests__/run-assistant-command.ts +11 -1
package/src/cli/commands/__tests__/backup.test.ts +1165 -0
package/src/cli/commands/__tests__/domain-register.test.ts +234 -0
package/src/cli/commands/__tests__/domain-status.test.ts +132 -0
package/src/cli/commands/__tests__/email-attachment.test.ts +422 -0
package/src/cli/commands/__tests__/email-download.test.ts +16 -1
package/src/cli/commands/__tests__/email-list.test.ts +22 -4
package/src/cli/commands/__tests__/email-register.test.ts +4 -4
package/src/cli/commands/__tests__/email-send.test.ts +37 -4
package/src/cli/commands/__tests__/email-status.test.ts +5 -1
package/src/cli/commands/__tests__/email-unregister.test.ts +34 -5
package/src/cli/commands/backup.ts +993 -0
package/src/cli/commands/conversations.ts +77 -0
package/src/cli/commands/credentials.ts +3 -4
package/src/cli/commands/domain.ts +210 -0
package/src/cli/commands/email.ts +273 -16
package/src/cli/commands/mcp.ts +16 -4
package/src/cli/commands/oauth/__tests__/connect.test.ts +56 -44
package/src/cli/commands/oauth/__tests__/disconnect.test.ts +21 -21
package/src/cli/commands/oauth/__tests__/mode.test.ts +17 -17
package/src/cli/commands/oauth/__tests__/ping.test.ts +16 -16
package/src/cli/commands/oauth/__tests__/providers-delete.test.ts +32 -33
package/src/cli/commands/oauth/__tests__/providers-register.test.ts +330 -0
package/src/cli/commands/oauth/__tests__/providers-update.test.ts +117 -12
package/src/cli/commands/oauth/__tests__/status.test.ts +10 -10
package/src/cli/commands/oauth/__tests__/token.test.ts +7 -7
package/src/cli/commands/oauth/apps.ts +7 -4
package/src/cli/commands/oauth/connect.ts +6 -3
package/src/cli/commands/oauth/disconnect.ts +1 -1
package/src/cli/commands/oauth/mode.ts +12 -3
package/src/cli/commands/oauth/providers.ts +215 -36
package/src/cli/commands/oauth/shared.ts +7 -6
package/src/cli/commands/platform/__tests__/callback-routes-list.test.ts +254 -0
package/src/cli/commands/platform/__tests__/connect.test.ts +6 -0
package/src/cli/commands/platform/__tests__/disconnect.test.ts +7 -1
package/src/cli/commands/platform/__tests__/status.test.ts +6 -0
package/src/cli/commands/platform/index.ts +107 -10
package/src/cli/commands/usage.ts +10 -9
package/src/cli/lib/daemon-credential-client.ts +4 -0
package/src/cli/program.ts +30 -4
package/src/config/__tests__/backup-schema.test.ts +134 -0
package/src/config/assistant-feature-flags.ts +61 -62
package/src/config/bundled-skills/app-builder/SKILL.md +26 -249
package/src/config/bundled-skills/app-builder/references/CUSTOM_ROUTES.md +141 -0
package/src/config/bundled-skills/app-builder/references/INTERACTION_HOOKS.md +56 -0
package/src/config/bundled-skills/app-builder/references/WIDGETS.md +125 -0
package/src/config/bundled-skills/browser/SKILL.md +30 -5
package/src/config/bundled-skills/browser/TOOLS.json +123 -0
package/src/config/bundled-skills/browser/tools/browser-attach.ts +12 -0
package/src/config/bundled-skills/browser/tools/browser-detach.ts +12 -0
package/src/config/bundled-skills/browser/tools/browser-status.ts +12 -0
package/src/config/bundled-skills/browser/tools/browser-wait-for-download.ts +17 -0
package/src/config/bundled-skills/contacts/SKILL.md +5 -2
package/src/config/bundled-skills/document/SKILL.md +4 -0
package/src/config/bundled-skills/gmail/SKILL.md +54 -8
package/src/config/bundled-skills/gmail/TOOLS.json +33 -3
package/src/config/bundled-skills/gmail/tools/gmail-archive.ts +116 -9
package/src/config/bundled-skills/gmail/tools/gmail-outreach-scan.ts +138 -11
package/src/config/bundled-skills/gmail/tools/gmail-preferences-tool.ts +59 -0
package/src/config/bundled-skills/gmail/tools/gmail-preferences.ts +82 -0
package/src/config/bundled-skills/gmail/tools/gmail-sender-digest.ts +113 -17
package/src/config/bundled-skills/gmail/tools/gmail-unsubscribe.ts +2 -2
package/src/config/bundled-skills/media-processing/SKILL.md +3 -9
package/src/config/bundled-skills/media-processing/TOOLS.json +1 -6
package/src/config/bundled-skills/media-processing/__tests__/audio-transcribe.test.ts +125 -0
package/src/config/bundled-skills/media-processing/__tests__/extract-keyframes.test.ts +181 -0
package/src/config/bundled-skills/media-processing/__tests__/preprocess-audio.test.ts +141 -0
package/src/config/bundled-skills/media-processing/services/audio-transcribe.ts +32 -87
package/src/config/bundled-skills/media-processing/services/preprocess.ts +8 -4
package/src/config/bundled-skills/media-processing/tools/extract-keyframes.ts +0 -10
package/src/config/bundled-skills/messaging/SKILL.md +3 -3
package/src/config/bundled-skills/messaging/tools/messaging-archive-by-sender.ts +2 -2
package/src/config/bundled-skills/outlook/SKILL.md +9 -2
package/src/config/bundled-skills/outlook/tools/outlook-unsubscribe.ts +2 -2
package/src/config/bundled-skills/phone-calls/SKILL.md +2 -2
package/src/config/bundled-skills/phone-calls/references/CONFIG.md +27 -18
package/src/config/bundled-skills/phone-calls/references/TROUBLESHOOTING.md +3 -3
package/src/config/bundled-skills/settings/TOOLS.json +3 -3
package/src/config/bundled-skills/settings/tools/voice-config-update.ts +26 -22
package/src/config/bundled-skills/slack/SKILL.md +1 -0
package/src/config/bundled-skills/subagent/SKILL.md +21 -0
package/src/config/bundled-skills/subagent/TOOLS.json +8 -4
package/src/config/bundled-skills/tasks/SKILL.md +5 -0
package/src/config/bundled-skills/transcribe/SKILL.md +9 -14
package/src/config/bundled-skills/transcribe/TOOLS.json +2 -7
package/src/config/bundled-skills/transcribe/tools/transcribe-media.test.ts +256 -0
package/src/config/bundled-skills/transcribe/tools/transcribe-media.ts +38 -188
package/src/config/bundled-tool-registry.ts +8 -0
package/src/config/env-registry.ts +38 -0
package/src/config/env.ts +49 -4
package/src/config/feature-flag-registry.json +85 -14
package/src/config/loader.ts +82 -13
package/src/config/sanitize-for-transfer.ts +47 -0
package/src/config/schema.ts +81 -15
package/src/config/schemas/__tests__/stt.test.ts +43 -0
package/src/config/schemas/analysis.ts +51 -0
package/src/config/schemas/backup.ts +72 -0
package/src/config/schemas/calls.ts +1 -26
package/src/config/schemas/elevenlabs.ts +0 -59
package/src/config/schemas/filing.ts +47 -7
package/src/config/schemas/heartbeat.ts +27 -5
package/src/config/schemas/host-browser.ts +112 -0
package/src/config/schemas/inference.ts +1 -1
package/src/config/schemas/memory-lifecycle.ts +14 -2
package/src/config/schemas/memory-retrieval.ts +103 -0
package/src/config/schemas/security.ts +0 -6
package/src/config/schemas/services.ts +52 -0
package/src/config/schemas/stt.ts +59 -0
package/src/config/schemas/tts.ts +230 -0
package/src/config/schemas/updates.ts +14 -0
package/src/config/skills.ts +4 -0
package/src/config/types.ts +4 -1
package/src/contacts/contact-store.ts +56 -11
package/src/contacts/contacts-write.ts +38 -1
package/src/context/post-turn-tool-result-truncation.ts +177 -0
package/src/context/tool-result-truncation.ts +2 -1
package/src/context/window-manager.ts +61 -10
package/src/credential-execution/approval-bridge.ts +49 -15
package/src/credential-execution/executable-discovery.ts +12 -2
package/src/credential-execution/process-manager.ts +33 -2
package/src/credential-health/credential-health-service.ts +366 -0
package/src/daemon/__tests__/conversation-lifecycle-auto-analyze.test.ts +324 -0
package/src/daemon/__tests__/conversation-surfaces-launch.test.ts +497 -0
package/src/daemon/__tests__/conversation-tool-setup.test.ts +195 -0
package/src/daemon/__tests__/lifecycle-startup-ordering.test.ts +127 -0
package/src/daemon/app-source-watcher.ts +35 -0
package/src/daemon/config-watcher.ts +99 -5
package/src/daemon/context-overflow-approval.ts +5 -0
package/src/daemon/conversation-agent-loop-handlers.ts +23 -2
package/src/daemon/conversation-agent-loop.ts +153 -42
package/src/daemon/conversation-attachments.ts +40 -0
package/src/daemon/conversation-error.ts +11 -0
package/src/daemon/conversation-history.ts +40 -6
package/src/daemon/conversation-launch.ts +220 -0
package/src/daemon/conversation-lifecycle.ts +59 -9
package/src/daemon/conversation-messaging.ts +37 -3
package/src/daemon/conversation-notifiers.ts +5 -0
package/src/daemon/conversation-process.ts +622 -13
package/src/daemon/conversation-queue-manager.ts +24 -0
package/src/daemon/conversation-runtime-assembly.ts +128 -36
package/src/daemon/conversation-slash.ts +36 -0
package/src/daemon/conversation-surfaces.ts +131 -40
package/src/daemon/conversation-tool-setup.ts +99 -8
package/src/daemon/conversation-usage.ts +7 -4
package/src/daemon/conversation-workspace.ts +12 -0
package/src/daemon/conversation.ts +292 -16
package/src/daemon/date-context.ts +10 -10
package/src/daemon/first-greeting.ts +3 -2
package/src/daemon/handlers/config-slack-channel.ts +269 -94
package/src/daemon/handlers/conversations.ts +13 -141
package/src/daemon/handlers/shared.ts +80 -0
package/src/daemon/handlers/skills.ts +483 -44
package/src/daemon/host-bash-proxy.ts +48 -13
package/src/daemon/host-browser-proxy.ts +192 -0
package/src/daemon/host-cu-proxy.ts +36 -11
package/src/daemon/host-file-proxy.ts +57 -9
package/src/daemon/lifecycle.ts +179 -28
package/src/daemon/message-protocol.ts +13 -0
package/src/daemon/message-types/conversations.ts +89 -14
package/src/daemon/message-types/home.ts +40 -0
package/src/daemon/message-types/host-browser.ts +100 -0
package/src/daemon/message-types/meet.ts +143 -0
package/src/daemon/message-types/messages.ts +19 -5
package/src/daemon/message-types/schedules.ts +34 -2
package/src/daemon/message-types/skills.ts +26 -0
package/src/daemon/message-types/subagents.ts +2 -0
package/src/daemon/message-types/surfaces.ts +2 -0
package/src/daemon/server.ts +439 -14
package/src/daemon/shutdown-handlers.ts +32 -4
package/src/daemon/shutdown-registry.ts +40 -0
package/src/daemon/tool-side-effects.ts +15 -0
package/src/daemon/transport-hints.ts +5 -24
package/src/email/html-renderer.ts +76 -0
package/src/heartbeat/heartbeat-service.ts +93 -7
package/src/home/__tests__/assistant-feed-authoring.test.ts +156 -0
package/src/home/__tests__/emit-feed-event.test.ts +169 -0
package/src/home/__tests__/feed-scheduler.test.ts +194 -0
package/src/home/__tests__/feed-types.test.ts +275 -0
package/src/home/__tests__/feed-writer.test.ts +688 -0
package/src/home/__tests__/phase5-exit-criteria.test.ts +212 -0
package/src/home/__tests__/platform-gmail-digest.test.ts +222 -0
package/src/home/__tests__/progress-formula.test.ts +213 -0
package/src/home/__tests__/relationship-state-writer.test.ts +740 -0
package/src/home/__tests__/rollup-producer.test.ts +398 -0
package/src/home/assistant-feed-authoring.ts +124 -0
package/src/home/emit-feed-event.ts +158 -0
package/src/home/feed-scheduler.ts +247 -0
package/src/home/feed-types.ts +181 -0
package/src/home/feed-writer.ts +469 -0
package/src/home/platform-gmail-digest.ts +163 -0
package/src/home/progress-formula.ts +86 -0
package/src/home/relationship-state-writer.ts +824 -0
package/src/home/relationship-state.ts +143 -0
package/src/home/rollup-producer.ts +384 -0
package/src/hooks/runner.ts +7 -0
package/src/inbound/platform-callback-registration.ts +30 -20
package/src/inbound/public-ingress-urls.ts +12 -0
package/src/instrument.ts +1 -1
package/src/ipc/__tests__/cli-ipc.test.ts +200 -0
package/src/ipc/cli-client.ts +151 -0
package/src/ipc/cli-server.ts +234 -0
package/src/ipc/gateway-client.ts +180 -0
package/src/ipc/routes/index.ts +5 -0
package/src/ipc/routes/wake-conversation.ts +19 -0
package/src/mcp/client.ts +59 -24
package/src/memory/__tests__/auto-analysis-enqueue.test.ts +356 -0
package/src/memory/__tests__/auto-analysis-guard.test.ts +57 -0
package/src/memory/__tests__/conversation-analyze-job.test.ts +232 -0
package/src/memory/__tests__/find-analysis-conversation.test.ts +196 -0
package/src/memory/app-store.ts +31 -1
package/src/memory/attachments-store.ts +70 -0
package/src/memory/auto-analysis-enqueue.ts +127 -0
package/src/memory/auto-analysis-guard.ts +27 -0
package/src/memory/cleanup-schedule-state.ts +37 -0
package/src/memory/conversation-analyze-job.ts +73 -0
package/src/memory/conversation-crud.ts +122 -0
package/src/memory/conversation-disk-view.ts +7 -0
package/src/memory/conversation-group-migration.ts +34 -2
package/src/memory/conversation-queries.ts +6 -5
package/src/memory/conversation-starters-cadence.ts +76 -0
package/src/memory/conversation-title-service.ts +5 -2
package/src/memory/db-init.ts +18 -0
package/src/memory/db-maintenance.ts +108 -0
package/src/memory/db.ts +1 -0
package/src/memory/embedding-backend.test.ts +75 -0
package/src/memory/embedding-backend.ts +131 -5
package/src/memory/embedding-gemini.test.ts +54 -0
package/src/memory/embedding-gemini.ts +20 -9
package/src/memory/embedding-local.ts +176 -17
package/src/memory/graph/consolidation.ts +10 -23
package/src/memory/graph/conversation-graph-memory.ts +15 -0
package/src/memory/graph/extraction-job.ts +15 -0
package/src/memory/graph/extraction.test.ts +23 -0
package/src/memory/graph/extraction.ts +8 -0
package/src/memory/graph/retriever.ts +67 -40
package/src/memory/graph/scoring.test.ts +186 -0
package/src/memory/graph/scoring.ts +31 -1
package/src/memory/graph/store.test.ts +7 -3
package/src/memory/graph/store.ts +47 -12
package/src/memory/graph/tools.ts +1 -1
package/src/memory/group-crud.ts +6 -1
package/src/memory/indexer.ts +95 -16
package/src/memory/job-handlers/cleanup.ts +11 -8
package/src/memory/job-handlers/conversation-starters.ts +16 -10
package/src/memory/jobs-store.ts +64 -4
package/src/memory/jobs-worker.ts +22 -9
package/src/memory/llm-usage-store.ts +137 -60
package/src/memory/migrations/213-oauth-providers-scope-separator.ts +13 -0
package/src/memory/migrations/214-oauth-providers-refresh-url.ts +11 -0
package/src/memory/migrations/215-oauth-providers-revoke.ts +14 -0
package/src/memory/migrations/216-oauth-providers-token-auth-method.ts +30 -0
package/src/memory/migrations/217-conversation-host-access.ts +40 -0
package/src/memory/migrations/218-oauth-providers-logo-url.ts +11 -0
package/src/memory/migrations/219-oauth-providers-token-exchange-body-format.ts +15 -0
package/src/memory/migrations/220-normalize-user-file-by-principal.ts +190 -0
package/src/memory/migrations/221-conversations-archived-at.ts +16 -0
package/src/memory/migrations/index.ts +12 -0
package/src/memory/migrations/registry.ts +16 -0
package/src/memory/qdrant-manager.ts +43 -16
package/src/memory/schema/conversations.ts +3 -0
package/src/memory/schema/oauth.ts +21 -13
package/src/memory/usage-buckets.ts +396 -0
package/src/messaging/providers/gmail/client.ts +57 -6
package/src/messaging/providers/slack/__tests__/adapter-token-routing.test.ts +282 -0
package/src/messaging/providers/slack/adapter.ts +143 -38
package/src/messaging/providers/slack/client.ts +16 -0
package/src/messaging/providers/slack/types.ts +4 -0
package/src/notifications/decision-engine.ts +3 -3
package/src/notifications/signal.ts +5 -0
package/src/oauth/AGENTS.md +76 -0
package/src/oauth/__tests__/identity-verifier.test.ts +25 -19
package/src/oauth/__tests__/seed-providers-managed.test.ts +32 -0
package/src/oauth/byo-connection.test.ts +26 -9
package/src/oauth/byo-connection.ts +10 -8
package/src/oauth/connect-orchestrator.ts +25 -21
package/src/oauth/connect-types.ts +3 -3
package/src/oauth/connection-resolver.test.ts +17 -4
package/src/oauth/connection-resolver.ts +22 -18
package/src/oauth/connection.ts +3 -1
package/src/oauth/manual-token-connection.ts +13 -13
package/src/oauth/oauth-store.ts +223 -100
package/src/oauth/platform-connection.test.ts +101 -3
package/src/oauth/platform-connection.ts +56 -35
package/src/oauth/provider-serializer.ts +31 -5
package/src/oauth/revoke.ts +76 -0
package/src/oauth/seed-providers.ts +133 -87
package/src/oauth/token-persistence.ts +1 -1
package/src/permissions/checker.ts +16 -6
package/src/permissions/defaults.ts +49 -1
package/src/permissions/permission-mode.ts +4 -11
package/src/permissions/prompter.ts +13 -1
package/src/permissions/trust-store.ts +3 -3
package/src/permissions/v2-consent-policy.ts +87 -0
package/src/permissions/workspace-policy.ts +3 -0
package/src/platform/client.test.ts +10 -0
package/src/platform/sync-identity.ts +129 -0
package/src/prompts/persona-resolver.ts +126 -2
package/src/prompts/system-prompt.ts +76 -38
package/src/prompts/templates/BOOTSTRAP-REFERENCE.md +3 -65
package/src/prompts/templates/BOOTSTRAP.md +59 -105
package/src/prompts/templates/SOUL.md +3 -1
package/src/prompts/templates/UPDATES.md +12 -0
package/src/prompts/templates/channels/slack.md +20 -0
package/src/prompts/update-bulletin-format.ts +26 -9
package/src/prompts/update-bulletin.ts +34 -23
package/src/prompts/user-reference.ts +20 -17
package/src/providers/__tests__/provider-secret-catalog.test.ts +42 -0
package/src/providers/anthropic/client.ts +157 -60
package/src/providers/fireworks/client.ts +2 -2
package/src/providers/gemini/client.ts +9 -1
package/src/providers/model-catalog.ts +6 -0
package/src/providers/model-intents.ts +4 -4
package/src/providers/ollama/client.ts +2 -2
package/src/providers/openai/chat-completions-provider.ts +474 -0
package/src/providers/openai/client.ts +25 -440
package/src/providers/openai/responses-provider.ts +502 -0
package/src/providers/openrouter/client.ts +101 -4
package/src/providers/provider-secret-catalog.ts +139 -0
package/src/providers/registry.ts +2 -2
package/src/providers/retry.ts +14 -3
package/src/providers/speech-to-text/__tests__/provider-catalog.test.ts +251 -0
package/src/providers/speech-to-text/__tests__/resolve.test.ts +828 -0
package/src/providers/speech-to-text/deepgram-realtime.test.ts +980 -0
package/src/providers/speech-to-text/deepgram-realtime.ts +767 -0
package/src/providers/speech-to-text/deepgram.test.ts +332 -0
package/src/providers/speech-to-text/deepgram.ts +115 -0
package/src/providers/speech-to-text/google-gemini-live-stream.test.ts +743 -0
package/src/providers/speech-to-text/google-gemini-live-stream.ts +625 -0
package/src/providers/speech-to-text/google-gemini.test.ts +226 -0
package/src/providers/speech-to-text/google-gemini.ts +101 -0
package/src/providers/speech-to-text/openai-whisper-stream.test.ts +564 -0
package/src/providers/speech-to-text/openai-whisper-stream.ts +381 -0
package/src/providers/speech-to-text/openai-whisper.test.ts +1 -37
package/src/providers/speech-to-text/openai-whisper.ts +63 -33
package/src/providers/speech-to-text/provider-catalog.ts +306 -0
package/src/providers/speech-to-text/resolve.ts +386 -6
package/src/providers/types.ts +10 -1
package/src/runtime/AGENTS.md +65 -0
package/src/runtime/__tests__/agent-wake.test.ts +831 -0
package/src/runtime/__tests__/browser-extension-pair-routes.test.ts +715 -0
package/src/runtime/__tests__/capability-tokens.test.ts +258 -0
package/src/runtime/__tests__/chrome-extension-registry.test.ts +518 -0
package/src/runtime/__tests__/runtime-mode.test.ts +62 -0
package/src/runtime/__tests__/slack-block-formatting.test.ts +481 -0
package/src/runtime/agent-wake.ts +512 -0
package/src/runtime/assistant-event-hub.ts +2 -2
package/src/runtime/auth/__tests__/guard-tests.test.ts +1 -0
package/src/runtime/auth/__tests__/middleware.test.ts +116 -1
package/src/runtime/auth/__tests__/route-policy.test.ts +48 -0
package/src/runtime/auth/middleware.ts +98 -0
package/src/runtime/auth/route-policy.ts +33 -9
package/src/runtime/auth/token-service.ts +56 -1
package/src/runtime/btw-sidechain.ts +2 -0
package/src/runtime/capability-tokens.ts +414 -0
package/src/runtime/channel-approvals.ts +18 -5
package/src/runtime/channel-invite-transport.ts +1 -1
package/src/runtime/channel-invite-transports/email.ts +14 -6
package/src/runtime/channel-readiness-service.ts +12 -22
package/src/runtime/chrome-extension-registry.ts +368 -0
package/src/runtime/confirmation-request-guardian-bridge.ts +6 -0
package/src/runtime/guardian-decision-types.ts +7 -0
package/src/runtime/http-server.ts +815 -75
package/src/runtime/http-types.ts +6 -2
package/src/runtime/migrations/__tests__/rebind-secrets-credentials.test.ts +172 -0
package/src/runtime/migrations/__tests__/vbundle-builder-credentials.test.ts +276 -0
package/src/runtime/migrations/__tests__/vbundle-import-credentials.test.ts +198 -0
package/src/runtime/migrations/__tests__/vbundle-legacy-user-md.test.ts +360 -0
package/src/runtime/migrations/migration-transport.ts +7 -0
package/src/runtime/migrations/migration-wizard.ts +23 -2
package/src/runtime/migrations/rebind-secrets-screen.ts +76 -15
package/src/runtime/migrations/vbundle-builder.ts +145 -38
package/src/runtime/migrations/vbundle-import-analyzer.ts +96 -1
package/src/runtime/migrations/vbundle-importer.ts +89 -5
package/src/runtime/pending-interactions.ts +18 -13
package/src/runtime/routes/__tests__/backup-routes.test.ts +967 -0
package/src/runtime/routes/__tests__/home-feed-routes.test.ts +507 -0
package/src/runtime/routes/__tests__/migration-import-credential-filter.test.ts +208 -0
package/src/runtime/routes/__tests__/stt-routes.test.ts +406 -0
package/src/runtime/routes/__tests__/tts-routes.test.ts +474 -0
package/src/runtime/routes/__tests__/user-route-dispatcher.test.ts +148 -17
package/src/runtime/routes/app-management-routes.ts +12 -18
package/src/runtime/routes/approval-routes.ts +90 -16
package/src/runtime/routes/attachment-routes.test.ts +9 -3
package/src/runtime/routes/attachment-routes.ts +216 -17
package/src/runtime/routes/backup-routes.ts +519 -0
package/src/runtime/routes/browser-extension-pair-routes.ts +556 -0
package/src/runtime/routes/btw-routes.ts +8 -6
package/src/runtime/routes/contact-routes.test.ts +298 -0
package/src/runtime/routes/contact-routes.ts +132 -5
package/src/runtime/routes/conversation-analysis-routes.ts +22 -141
package/src/runtime/routes/conversation-management-routes.ts +223 -0
package/src/runtime/routes/conversation-routes.ts +598 -103
package/src/runtime/routes/conversation-starter-routes.ts +78 -16
package/src/runtime/routes/filing-routes.ts +93 -0
package/src/runtime/routes/guardian-action-routes.ts +24 -13
package/src/runtime/routes/home-feed-routes.ts +334 -0
package/src/runtime/routes/home-state-routes.ts +138 -0
package/src/runtime/routes/host-browser-routes.ts +268 -0
package/src/runtime/routes/host-file-routes.ts +9 -1
package/src/runtime/routes/identity-intro-cache.ts +7 -3
package/src/runtime/routes/identity-routes.ts +262 -33
package/src/runtime/routes/inbound-stages/transcribe-audio.test.ts +46 -39
package/src/runtime/routes/inbound-stages/transcribe-audio.ts +15 -15
package/src/runtime/routes/integrations/slack/__tests__/channel.test.ts +137 -0
package/src/runtime/routes/integrations/slack/__tests__/share.test.ts +179 -0
package/src/runtime/routes/integrations/slack/channel.ts +11 -3
package/src/runtime/routes/integrations/slack/share.ts +45 -7
package/src/runtime/routes/llm-context-normalization.ts +303 -0
package/src/runtime/routes/log-export-routes.ts +42 -22
package/src/runtime/routes/memory-item-routes.test.ts +3 -2
package/src/runtime/routes/memory-item-routes.ts +1 -7
package/src/runtime/routes/migration-routes.ts +122 -2
package/src/runtime/routes/oauth-apps.ts +15 -17
package/src/runtime/routes/oauth-providers.ts +4 -0
package/src/runtime/routes/schedule-routes.ts +24 -11
package/src/runtime/routes/settings-routes.ts +31 -102
package/src/runtime/routes/skills-routes.ts +128 -9
package/src/runtime/routes/stt-routes.ts +233 -0
package/src/runtime/routes/subagents-routes.ts +14 -10
package/src/runtime/routes/surface-action-routes.ts +41 -2
package/src/runtime/routes/tts-routes.ts +108 -24
package/src/runtime/routes/usage-routes.ts +38 -9
package/src/runtime/routes/user-route-dispatcher.ts +50 -5
package/src/runtime/routes/user-routes.ts +13 -1
package/src/runtime/routes/work-items-routes.ts +8 -1
package/src/runtime/routes/workspace-routes.test.ts +22 -0
package/src/runtime/routes/workspace-routes.ts +8 -1
package/src/runtime/routes/workspace-utils.ts +2 -0
package/src/runtime/runtime-mode.ts +33 -0
package/src/runtime/services/__tests__/analyze-conversation.test.ts +444 -0
package/src/runtime/services/__tests__/analyze-deps-singleton.test.ts +67 -0
package/src/runtime/services/__tests__/auto-analysis-prompt.test.ts +53 -0
package/src/runtime/services/__tests__/manual-analysis-prompt.test.ts +41 -0
package/src/runtime/services/analyze-conversation.ts +344 -0
package/src/runtime/services/analyze-deps-singleton.ts +32 -0
package/src/runtime/services/auto-analysis-prompt.ts +55 -0
package/src/runtime/skill-route-registry.ts +49 -0
package/src/runtime/slack-block-formatting.ts +437 -10
package/src/schedule/scheduler.ts +57 -5
package/src/security/ces-credential-client.ts +20 -0
package/src/security/ces-rpc-credential-backend.ts +17 -0
package/src/security/credential-backend.ts +5 -0
package/src/security/oauth2.ts +68 -29
package/src/security/secure-keys.ts +143 -27
package/src/security/token-manager.ts +31 -10
package/src/sequence/engine.ts +23 -0
package/src/sequence/types.ts +1 -1
package/src/skills/catalog-files.ts +554 -0
package/src/skills/category-inference.ts +122 -0
package/src/skills/clawhub-files.ts +213 -0
package/src/skills/clawhub.ts +84 -23
package/src/skills/skill-file-provider.ts +40 -0
package/src/skills/skillssh-files.ts +395 -0
package/src/skills/skillssh-registry.ts +4 -4
package/src/stt/__tests__/daemon-batch-transcriber.test.ts +392 -0
package/src/stt/__tests__/types.test.ts +89 -0
package/src/stt/daemon-batch-transcriber.ts +195 -0
package/src/stt/stt-stream-session.ts +499 -0
package/src/stt/types.ts +330 -0
package/src/stt/wav-encoder.test.ts +373 -0
package/src/stt/wav-encoder.ts +175 -0
package/src/subagent/manager.ts +169 -40
package/src/subagent/types.ts +19 -0
package/src/tools/apps/executors.ts +11 -2
package/src/tools/browser/__tests__/auth-detector.test.ts +202 -108
package/src/tools/browser/__tests__/browser-mode.test.ts +119 -0
package/src/tools/browser/__tests__/browser-status.test.ts +123 -0
package/src/tools/browser/auth-detector.ts +43 -12
package/src/tools/browser/browser-execution.ts +1787 -342
package/src/tools/browser/browser-manager.ts +81 -12
package/src/tools/browser/browser-mode-constants.ts +12 -0
package/src/tools/browser/browser-mode.ts +92 -0
package/src/tools/browser/browser-status-constants.ts +33 -0
package/src/tools/browser/cdp-client/__tests__/accessibility-snapshot.test.ts +318 -0
package/src/tools/browser/cdp-client/__tests__/cdp-dom-helpers.test.ts +1175 -0
package/src/tools/browser/cdp-client/__tests__/cdp-inspect-client.test.ts +1263 -0
package/src/tools/browser/cdp-client/__tests__/extension-cdp-client.test.ts +359 -0
package/src/tools/browser/cdp-client/__tests__/factory.test.ts +1993 -0
package/src/tools/browser/cdp-client/__tests__/fixtures/ax-tree-nested-frames.json +64 -0
package/src/tools/browser/cdp-client/__tests__/fixtures/ax-tree-simple.json +69 -0
package/src/tools/browser/cdp-client/__tests__/local-cdp-client.test.ts +310 -0
package/src/tools/browser/cdp-client/__tests__/types.test.ts +96 -0
package/src/tools/browser/cdp-client/accessibility-snapshot.ts +387 -0
package/src/tools/browser/cdp-client/cdp-dom-helpers.ts +695 -0
package/src/tools/browser/cdp-client/cdp-inspect/__tests__/discovery.test.ts +1007 -0
package/src/tools/browser/cdp-client/cdp-inspect/__tests__/ws-transport.test.ts +580 -0
package/src/tools/browser/cdp-client/cdp-inspect/discovery.ts +744 -0
package/src/tools/browser/cdp-client/cdp-inspect/ws-transport.ts +579 -0
package/src/tools/browser/cdp-client/cdp-inspect-client.ts +868 -0
package/src/tools/browser/cdp-client/errors.ts +49 -0
package/src/tools/browser/cdp-client/extension-cdp-client.ts +148 -0
package/src/tools/browser/cdp-client/factory.ts +914 -0
package/src/tools/browser/cdp-client/index.ts +28 -0
package/src/tools/browser/cdp-client/local-cdp-client.ts +187 -0
package/src/tools/browser/cdp-client/types.ts +120 -0
package/src/tools/credentials/vault.ts +35 -6
package/src/tools/filesystem/edit.ts +1 -1
package/src/tools/filesystem/list.ts +1 -1
package/src/tools/filesystem/read.ts +1 -1
package/src/tools/filesystem/write.ts +2 -1
package/src/tools/host-filesystem/edit.ts +1 -1
package/src/tools/host-filesystem/read.ts +12 -15
package/src/tools/host-filesystem/write.ts +1 -1
package/src/tools/host-terminal/host-shell.ts +21 -16
package/src/tools/network/web-fetch.ts +5 -2
package/src/tools/network/web-search.ts +5 -2
package/src/tools/permission-checker.ts +77 -82
package/src/tools/registry.ts +0 -2
package/src/tools/secret-detection-handler.ts +34 -0
package/src/tools/shared/filesystem/image-read.ts +61 -40
package/src/tools/shared/shell-output.ts +3 -1
package/src/tools/side-effects.ts +2 -0
package/src/tools/skills/sandbox-runner.ts +3 -2
package/src/tools/subagent/spawn.ts +47 -3
package/src/tools/subagent/status.ts +2 -0
package/src/tools/system/register.ts +2 -16
package/src/tools/terminal/safe-env.ts +15 -0
package/src/tools/terminal/shell.ts +36 -20
package/src/tools/tool-approval-handler.ts +48 -2
package/src/tools/tool-manifest.ts +21 -0
package/src/tools/types.ts +19 -0
package/src/tools/ui-surface/definitions.ts +6 -1
package/src/tts/__tests__/provider-adapters.test.ts +834 -0
package/src/tts/__tests__/provider-catalog-consistency.test.ts +196 -0
package/src/tts/__tests__/provider-catalog.test.ts +183 -0
package/src/tts/__tests__/provider-registry.test.ts +90 -0
package/src/tts/provider-catalog.ts +201 -0
package/src/tts/provider-registry.ts +73 -0
package/src/tts/providers/deepgram-provider.ts +219 -0
package/src/tts/providers/elevenlabs-provider.ts +211 -0
package/src/tts/providers/fish-audio-provider.ts +183 -0
package/src/tts/providers/index.ts +42 -0
package/src/tts/providers/register-builtins.ts +130 -0
package/src/tts/synthesize-text.ts +110 -0
package/src/tts/tts-config-resolver.ts +78 -0
package/src/tts/types.ts +153 -0
package/src/types/onboarding-context.ts +7 -0
package/src/util/abort-reasons.ts +58 -0
package/src/util/device-id.ts +32 -16
package/src/util/errors.ts +9 -1
package/src/util/platform.ts +63 -24
package/src/util/pricing.ts +66 -3
package/src/util/spawn.ts +1 -1
package/src/util/truncate.ts +4 -2
package/src/util/unicode.ts +201 -0
package/src/version.ts +19 -24
package/src/watcher/engine.ts +23 -0
package/src/watcher/watcher-store.ts +31 -0
package/src/workspace/migrations/003-seed-device-id.ts +9 -3
package/src/workspace/migrations/017-seed-persona-dirs.ts +68 -4
package/src/workspace/migrations/029-seed-pkb.ts +1 -1
package/src/workspace/migrations/031-drop-user-md.ts +317 -0
package/src/workspace/migrations/031-llm-log-retention-zero-to-null.ts +73 -0
package/src/workspace/migrations/032-tts-provider-unification.ts +227 -0
package/src/workspace/migrations/033-stt-service-explicit-config.ts +122 -0
package/src/workspace/migrations/034-remove-calls-voice-transcription-provider.ts +215 -0
package/src/workspace/migrations/035-seed-slack-channel-persona.ts +50 -0
package/src/workspace/migrations/036-update-pkb-index-bar.ts +37 -0
package/src/workspace/migrations/037-create-meets-dir.ts +61 -0
package/src/workspace/migrations/registry.ts +16 -0
package/src/workspace/top-level-renderer.ts +31 -1
package/src/workspace/turn-commit.ts +31 -0
package/src/__tests__/chrome-cdp.test.ts +0 -419
package/src/__tests__/email-cli.test.ts +0 -297
package/src/__tests__/email-service-config-fallback.test.ts +0 -102
package/src/__tests__/permission-mode-sse.test.ts +0 -418
package/src/__tests__/permission-mode-store.test.ts +0 -277
package/src/browser-extension-relay/protocol.ts +0 -63
package/src/browser-extension-relay/server.ts +0 -203
package/src/cli/commands/browser-relay.ts +0 -536
package/src/config/schemas/sandbox.ts +0 -14
package/src/email/guardrails.ts +0 -221
package/src/email/provider.ts +0 -117
package/src/email/providers/agentmail.ts +0 -361
package/src/email/providers/index.ts +0 -65
package/src/email/service.ts +0 -384
package/src/email/types.ts +0 -126
package/src/permissions/permission-mode-store.ts +0 -180
package/src/prompts/templates/USER.md +0 -13
package/src/providers/speech-to-text/types.ts +0 -17
package/src/tools/browser/chrome-cdp.ts +0 -239
package/src/tools/system/set-permission-mode.ts +0 -103

package/src/tools/browser/browser-execution.ts CHANGED Viewed

@@ -1,6 +1,8 @@
+import { getConfig } from "../../config/loader.js";
 import type { ImageContent } from "../../providers/types.js";
 import { getLogger } from "../../util/logger.js";
 import { truncate } from "../../util/truncate.js";
+import { safeStringSlice } from "../../util/unicode.js";
 import { credentialBroker } from "../credentials/broker.js";
 import {
   isPrivateOrLocalHost,
@@ -15,14 +17,58 @@ import {
   detectCaptchaChallenge,
   formatAuthChallenge,
 } from "./auth-detector.js";
-import type { PageResponse, RouteHandler } from "./browser-manager.js";
+import type { RouteHandler } from "./browser-manager.js";
 import { browserManager } from "./browser-manager.js";
+import { type BrowserMode, normalizeBrowserMode } from "./browser-mode.js";
+import { BROWSER_MODE } from "./browser-mode-constants.js";
 import {
   ensureScreencast,
   getSender,
   stopAllScreencasts,
   stopBrowserScreencast,
 } from "./browser-screencast.js";
+import {
+  BROWSER_STATUS_INPUT_FIELD,
+  BROWSER_STATUS_MODE,
+  BROWSER_STATUS_MODES,
+  type BrowserStatusMode,
+  CDP_INSPECT_STATUS_DISCOVERY_CODE,
+  EXTENSION_STATUS_ERROR_MARKER,
+} from "./browser-status-constants.js";
+import {
+  formatAxSnapshot,
+  transformAxTree,
+} from "./cdp-client/accessibility-snapshot.js";
+import {
+  captureScreenshotJpeg,
+  dispatchClickAt,
+  dispatchHoverAt,
+  dispatchInsertText,
+  dispatchKeyPress,
+  dispatchWheelScroll,
+  evaluateExpression,
+  focusElement,
+  getCenterPoint,
+  getCurrentUrl,
+  getPageTitle,
+  navigateAndWait,
+  querySelectorBackendNodeId,
+  scrollIntoViewIfNeeded,
+  waitForSelector as cdpWaitForSelector,
+  waitForText as cdpWaitForText,
+} from "./cdp-client/cdp-dom-helpers.js";
+import { CdpError } from "./cdp-client/errors.js";
+import {
+  buildCandidateList,
+  getCdpClient,
+  isDesktopAutoCooldownActive,
+} from "./cdp-client/factory.js";
+import type {
+  AttemptDiagnostic,
+  CdpClient,
+  CdpClientKind,
+} from "./cdp-client/types.js";
+import { checkBrowserRuntime } from "./runtime-check.js";
 const log = getLogger("headless-browser");
@@ -32,43 +78,433 @@ export const NAVIGATE_TIMEOUT_MS = 15_000;
 export const ACTION_TIMEOUT_MS = 10_000;
-export const MAX_SNAPSHOT_ELEMENTS = 150;
-export const INTERACTIVE_SELECTOR = [
-  "a[href]",
-  "button",
-  "input",
-  "select",
-  "textarea",
-  '[role="button"]',
-  '[role="link"]',
-  '[role="checkbox"]',
-  '[role="radio"]',
-  '[role="tab"]',
-  '[role="menuitem"]',
-  '[role="option"]',
-  '[role="combobox"]',
-  '[role="listbox"]',
-  '[contenteditable="true"]',
-].join(", ");
-export type SnapshotElement = {
-  eid: string;
-  tag: string;
-  attrs: Record<string, string>;
-  text: string;
-};
 export const MAX_WAIT_MS = 30_000;
 export const MAX_EXTRACT_LENGTH = 50_000;
+type StatusCheckMode = BrowserStatusMode;
+const MODE_TRADEOFFS: Record<StatusCheckMode, string[]> = {
+  [BROWSER_STATUS_MODE.EXTENSION]: [
+    "Controls the user's existing Chrome profile and tabs.",
+    "Requires the Vellum extension to be paired and actively connected.",
+    "Best when the user wants the assistant to operate in their real browser session.",
+  ],
+  [BROWSER_STATUS_MODE.CDP_INSPECT]: [
+    "Controls an existing Chrome instance launched with --remote-debugging-port.",
+    "Does not require the extension to be connected.",
+    "Requires remote debugging to stay enabled on localhost, which is more manual to maintain.",
+  ],
+  [BROWSER_STATUS_MODE.LOCAL]: [
+    "Runs a dedicated Playwright-managed Chromium profile.",
+    "Most isolated and reliable fallback when extension/CDP inspect are unavailable.",
+    "Does not use the user's existing browser profile, so sessions/cookies may differ.",
+  ],
+};
+interface BrowserStatusModeResult {
+  mode: StatusCheckMode;
+  available: boolean;
+  verified: "active_probe" | "preflight";
+  autoCandidate: boolean;
+  summary: string;
+  userActions: string[];
+  tradeoffs: string[];
+  details: Record<string, unknown>;
+}
+/**
+ * IIFE evaluated inside the page via `Runtime.evaluate` to auto-dismiss
+ * common blocker modals (regulatory notices, cookie banners) that
+ * aren't exposed in the accessibility tree. Runs silently - if no
+ * matching modal is present the expression is a no-op.
+ */
+const DISMISS_MODALS_EXPRESSION = `(() => {
+  const dismissPatterns = /^(got it|accept|ok|dismiss|i understand|close)$/i;
+  const buttons = document.querySelectorAll('button, [role="button"], input[type="submit"]');
+  for (const btn of buttons) {
+    const text = (btn.textContent || '').trim();
+    if (dismissPatterns.test(text)) {
+      const modal = btn.closest('[role="dialog"], [class*="modal"], [class*="Modal"], [class*="overlay"], [class*="Overlay"]');
+      if (modal) {
+        btn.click();
+        break;
+      }
+    }
+  }
+})()`;
+/**
+ * IIFE evaluated by {@link executeBrowserExtract} when `include_links`
+ * is true. Walks `document.querySelectorAll('a[href]')`, caps at 200
+ * anchors, and shapes each entry as `{ text, href }`. Extracted to a
+ * module-level constant so the expression is shared between the
+ * runtime call site and any future refactors / tests that need to
+ * reason about the evaluated source.
+ */
+export const EXTRACT_LINKS_EXPRESSION = `
+(() => {
+  const anchors = Array.from(document.querySelectorAll('a[href]'));
+  return anchors.slice(0, 200).map(a => ({
+    text: (a.textContent || '').trim().slice(0, 80),
+    href: a.href,
+  }));
+})()
+`;
+// ── browser_mode parsing ─────────────────────────────────────────────
+/**
+ * Parse the `browser_mode` field from a tool input map. Returns either
+ * a normalized {@link BrowserMode} or a pre-formatted error string
+ * suitable for returning directly in a tool response.
+ *
+ * When the value is absent, undefined, or empty the default `"auto"`
+ * is returned. Invalid values produce a descriptive error listing
+ * accepted values and aliases.
+ */
+export function parseBrowserMode(
+  input: Record<string, unknown>,
+): { ok: true; mode: BrowserMode } | { ok: false; error: string } {
+  const raw = input.browser_mode;
+  const result = normalizeBrowserMode(raw);
+  if ("error" in result) {
+    return { ok: false, error: `Error: ${result.error}` };
+  }
+  return { ok: true, mode: result.mode };
+}
+// ── Mode-selection failure formatter ─────────────────────────────────
+/**
+ * Remediation hints keyed by (candidateKind, discoveryCode | errorCode).
+ * Discovery codes come from DevToolsDiscoveryError; error codes come
+ * from CdpError. The formatter walks these in priority order: exact
+ * (kind, discoveryCode) first, then (kind, errorCode), then a generic
+ * per-kind fallback.
+ */
+const REMEDIATION_HINTS: Record<string, string[]> = {
+  // Extension backend
+  "extension:transport_error": [
+    "Ensure the Vellum browser extension is installed and enabled.",
+    "Check that the extension WebSocket connection is active (extension popup → status).",
+    "Try reconnecting the extension or reloading the extension service worker.",
+  ],
+  // cdp-inspect backend — discovery-level failures
+  "cdp-inspect:unreachable": [
+    "Ensure Chrome/Chromium is running with --remote-debugging-port=9222.",
+    "Verify no firewall or antivirus is blocking localhost:9222.",
+    "Try: /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --remote-debugging-port=9222",
+  ],
+  "cdp-inspect:non_chrome": [
+    "The process listening on the configured port is not Chrome/Chromium.",
+    "Check if another application (dev server, proxy) is using port 9222.",
+    "Ensure Chrome is launched with --remote-debugging-port=9222.",
+  ],
+  "cdp-inspect:timeout": [
+    "Chrome DevTools endpoint did not respond within the probe timeout.",
+    "Ensure Chrome is running and listening on the configured port.",
+    "Try increasing hostBrowser.cdpInspect.probeTimeoutMs in config.",
+  ],
+  "cdp-inspect:no_targets": [
+    "Chrome is reachable but has no open page targets.",
+    "Open at least one browser tab, then retry.",
+  ],
+  "cdp-inspect:non_loopback": [
+    "CDP inspect only allows loopback hosts (localhost, 127.0.0.1, ::1).",
+    "Update hostBrowser.cdpInspect.host in config to a loopback address.",
+  ],
+  "cdp-inspect:transport_error": [
+    "CDP endpoint unreachable. Ensure Chrome is running with --remote-debugging-port.",
+    "Verify the configured host:port matches Chrome's DevTools listener.",
+    "Consider using browser_mode: 'extension' or 'local' as an alternative.",
+  ],
+  // Local/Playwright backend
+  "local:transport_error": [
+    "The local Playwright-managed browser failed to start or connect.",
+    "Check that the Playwright browser binary is downloaded (bun run install).",
+    "Try closing any stale Chromium processes and retrying.",
+  ],
+};
+/**
+ * Build a human-readable, tool-response-ready error string from a
+ * pinned-mode failure. Includes:
+ *   - the requested mode
+ *   - ordered attempted modes with exact failure reasons
+ *   - a remediation checklist tailored by backend and failure code
+ *
+ * Exported for testing.
+ */
+export function formatModeSelectionFailure(
+  requestedMode: BrowserMode,
+  error: CdpError,
+): string {
+  const lines: string[] = [];
+  lines.push(`Error: Browser mode "${requestedMode}" failed.`);
+  lines.push("");
+  const diagnostics: readonly AttemptDiagnostic[] =
+    error.attemptDiagnostics ?? [];
+  if (diagnostics.length > 0) {
+    lines.push("Attempted backends:");
+    for (const diag of diagnostics) {
+      const status =
+        diag.stage === "success" ? "OK" : `FAILED at ${diag.stage}`;
+      lines.push(`  - ${diag.candidateKind}: ${status}`);
+      if (diag.errorMessage) {
+        lines.push(`    Reason: ${diag.errorMessage}`);
+      }
+      if (diag.discoveryCode) {
+        lines.push(`    Discovery code: ${diag.discoveryCode}`);
+      }
+    }
+    lines.push("");
+  }
+  // Collect remediation hints
+  const hints = collectRemediationHints(diagnostics, error);
+  if (hints.length > 0) {
+    lines.push("Remediation:");
+    for (const hint of hints) {
+      lines.push(`  - ${hint}`);
+    }
+  }
+  return lines.join("\n");
+}
+/**
+ * Gather remediation hints based on attempt diagnostics and the error.
+ * Walks each diagnostic and looks up hints by (kind, discoveryCode),
+ * then (kind, errorCode), then generic kind-level fallback.
+ */
+function collectRemediationHints(
+  diagnostics: readonly AttemptDiagnostic[],
+  error: CdpError,
+): string[] {
+  const seen = new Set<string>();
+  const hints: string[] = [];
+  const addHints = (key: string) => {
+    const list = REMEDIATION_HINTS[key];
+    if (!list) return;
+    for (const hint of list) {
+      if (!seen.has(hint)) {
+        seen.add(hint);
+        hints.push(hint);
+      }
+    }
+  };
+  for (const diag of diagnostics) {
+    if (diag.stage === "success") continue;
+    if (diag.discoveryCode) {
+      addHints(`${diag.candidateKind}:${diag.discoveryCode}`);
+    }
+    if (diag.errorCode) {
+      addHints(`${diag.candidateKind}:${diag.errorCode}`);
+    }
+  }
+  // Fallback: if no diagnostics but we have a top-level error, use
+  // the error code with a generic candidate kind derived from the mode.
+  if (diagnostics.length === 0 && error.code) {
+    // Try to infer the candidate kind from the error message
+    for (const kind of BROWSER_STATUS_MODES) {
+      if (error.message.toLowerCase().includes(kind)) {
+        addHints(`${kind}:${error.code}`);
+      }
+    }
+  }
+  return hints;
+}
+/**
+ * Parse browser_mode from input and acquire a CdpClient. Returns
+ * either a `{ cdp, browserMode }` pair on success or a pre-formatted
+ * `{ errorResult }` on failure (invalid mode or pinned-mode
+ * precondition not met).
+ *
+ * This is the single integration point for all CDP-backed tool
+ * functions. Using it ensures every tool:
+ *   - normalizes aliases (`cdp-debugger` -> `cdp-inspect`, etc.)
+ *   - passes the mode preference to the factory
+ *   - surfaces a remediation-rich error on pinned-mode failures
+ *
+ * Per-conversation stickiness: when the incoming `browser_mode` is
+ * `"auto"` and the conversation has already resolved to a backend
+ * kind on a prior call, the factory is pinned to that kind instead
+ * of re-running the auto priority list. This prevents
+ * `browser_navigate` (e.g. pinned to `local`) and `browser_screenshot`
+ * (default auto) in the same conversation from landing on different
+ * Chrome instances. Explicit non-auto modes override and update the
+ * memo; teardown via browser_close / browser_detach clears it.
+ *
+ * The returned client is wrapped so its first successful `send()`
+ * writes the resolved kind back to the conversation memo.
+ */
+export function acquireCdpClientWithMode(
+  input: Record<string, unknown>,
+  context: ToolContext,
+):
+  | {
+      cdp: ReturnType<typeof getCdpClient>;
+      browserMode: BrowserMode;
+      errorResult?: never;
+    }
+  | { cdp?: never; browserMode?: never; errorResult: ToolExecutionResult } {
+  const modeResult = parseBrowserMode(input);
+  if (!modeResult.ok) {
+    return {
+      errorResult: { content: modeResult.error, isError: true },
+    };
+  }
+  const browserMode = modeResult.mode;
+  const rememberedKind = browserManager.getPreferredBackendKind(
+    context.conversationId,
+  );
+  const effectiveMode: BrowserMode =
+    browserMode === "auto" && rememberedKind !== null
+      ? rememberedKind
+      : browserMode;
+  try {
+    const raw = getCdpClient(context, { mode: effectiveMode });
+    const cdp = wrapWithKindMemo(raw, context.conversationId);
+    return { cdp, browserMode };
+  } catch (err) {
+    // Sticky-mode fallback: the caller requested "auto" but we pinned to
+    // a remembered backend kind that has since become unavailable. Drop
+    // the stale memo and retry with fresh auto selection so a dead
+    // sticky preference doesn't surface as a hard failure.
+    if (browserMode === "auto" && effectiveMode !== "auto") {
+      browserManager.clearPreferredBackendKind(context.conversationId);
+      try {
+        const raw = getCdpClient(context, { mode: "auto" });
+        const cdp = wrapWithKindMemo(raw, context.conversationId);
+        return { cdp, browserMode };
+      } catch (retryErr) {
+        if (retryErr instanceof CdpError) {
+          return {
+            errorResult: {
+              content: formatModeSelectionFailure("auto", retryErr),
+              isError: true,
+            },
+          };
+        }
+        throw retryErr;
+      }
+    }
+    if (err instanceof CdpError && browserMode !== "auto") {
+      return {
+        errorResult: {
+          content: formatModeSelectionFailure(browserMode, err),
+          isError: true,
+        },
+      };
+    }
+    throw err;
+  }
+}
+/**
+ * Wrap a {@link ScopedCdpClient} so the first successful `send()`
+ * records the resolved backend kind in the conversation's
+ * `preferredBackendKinds` memo. Subsequent sends are no-ops for the
+ * memo; dispose() delegates to the underlying client.
+ */
+function wrapWithKindMemo(
+  inner: ReturnType<typeof getCdpClient>,
+  conversationId: string,
+): ReturnType<typeof getCdpClient> {
+  let recorded = false;
+  return {
+    get kind() {
+      return inner.kind;
+    },
+    conversationId: inner.conversationId,
+    async send<T = unknown>(
+      method: string,
+      params?: Record<string, unknown>,
+      signal?: AbortSignal,
+    ): Promise<T> {
+      const result = await inner.send<T>(method, params, signal);
+      if (!recorded) {
+        browserManager.setPreferredBackendKind(conversationId, inner.kind);
+        recorded = true;
+      }
+      return result;
+    },
+    dispose(): void {
+      inner.dispose();
+    },
+  };
+}
+// ── CDP error diagnostics helper ─────────────────────────────────────
+/**
+ * Check whether a caught error is a {@link CdpError} carrying
+ * {@link AttemptDiagnostic attempt diagnostics} from the factory's
+ * failover walk. When the browser_mode is pinned (not "auto") and
+ * diagnostics are present, format the error with the full remediation
+ * checklist via {@link formatModeSelectionFailure}. Otherwise return
+ * `null` so the caller falls through to its generic error message.
+ *
+ * This handles the case where pinned-mode unavailability is surfaced
+ * on the first `cdp.send()` (via `sendWithFailover`) rather than
+ * during client construction (which `acquireCdpClientWithMode` already
+ * covers).
+ */
+function formatCdpSendDiagnostics(
+  err: unknown,
+  browserMode: BrowserMode,
+): string | null {
+  if (
+    err instanceof CdpError &&
+    browserMode !== "auto" &&
+    err.code === "transport_error" &&
+    err.attemptDiagnostics
+  ) {
+    return formatModeSelectionFailure(browserMode, err);
+  }
+  return null;
+}
 // ── Shared element resolution ────────────────────────────────────────
-export function resolveSelector(
+/**
+ * Discriminated union returned by {@link resolveElement}. The
+ * `"backend"` variant is produced when an `element_id` from the most
+ * recent AX-tree snapshot is resolved to a CDP `backendNodeId`; the
+ * `"selector"` variant is produced when the caller passed a raw CSS
+ * `selector` that should be resolved via `DOM.querySelector` at
+ * send-time by the individual tool.
+ *
+ * Consumed by CDP-native interaction tools (click, hover, type, …)
+ * that talk to CDP directly.
+ */
+export type ResolvedElement =
+  | { kind: "backend"; backendNodeId: number; eid: string }
+  | { kind: "selector"; selector: string };
+/**
+ * Resolve an element reference (either `element_id` from a prior
+ * snapshot or a raw `selector`) for CDP-native tools. Returns a
+ * {@link ResolvedElement} discriminated union so callers can branch
+ * on whether a backendNodeId was recovered from the snapshot map.
+ * Returns `{ resolved: null, error: "Error: …" }` on invalid input
+ * or when an `element_id` is provided but the snapshot map is
+ * empty/stale.
+ */
+export function resolveElement(
   conversationId: string,
   input: Record<string, unknown>,
-): { selector: string | null; error: string | null } {
+): { resolved: ResolvedElement | null; error: string | null } {
   const elementId =
     typeof input.element_id === "string" ? input.element_id : null;
   const rawSelector =
@@ -76,26 +512,32 @@ export function resolveSelector(
   if (!elementId && !rawSelector) {
     return {
-      selector: null,
+      resolved: null,
       error: "Error: Either element_id or selector is required.",
     };
   }
   if (elementId) {
-    const resolved = browserManager.resolveSnapshotSelector(
+    const backendNodeId = browserManager.resolveSnapshotBackendNodeId(
       conversationId,
       elementId,
     );
-    if (!resolved) {
+    if (backendNodeId !== null) {
       return {
-        selector: null,
-        error: `Error: element_id "${elementId}" not found. Run browser_snapshot first to get current element IDs.`,
+        resolved: { kind: "backend", backendNodeId, eid: elementId },
+        error: null,
       };
     }
-    return { selector: resolved, error: null };
+    return {
+      resolved: null,
+      error: `Error: element_id "${elementId}" not found. Run browser_snapshot first to get current element IDs.`,
+    };
   }
-  return { selector: rawSelector!, error: null };
+  return {
+    resolved: { kind: "selector", selector: rawSelector! },
+    error: null,
+  };
 }
 // ── browser_navigate ─────────────────────────────────────────────────
@@ -108,6 +550,8 @@ export async function executeBrowserNavigate(
     return { content: "Error: operation was cancelled", isError: true };
   }
+  // Pre-flight URL validation runs before CDP acquisition so we fail
+  // fast on obviously invalid URLs without opening a browser session.
   const parsedUrl = parseUrl(input.url);
   if (!parsedUrl) {
     return {
@@ -122,7 +566,8 @@ export async function executeBrowserNavigate(
   const allowPrivateNetwork = input.allow_private_network === true;
   const safeRequestedUrl = sanitizeUrlForOutput(parsedUrl);
-  // Block private/local targets by default
+  // Block private/local targets by default. Runs before any CDP session
+  // is opened so we fail fast on obviously invalid URLs.
   if (!allowPrivateNetwork && isPrivateOrLocalHost(parsedUrl.hostname)) {
     return {
       content: `Error: Refusing to navigate to local/private network target (${parsedUrl.hostname}). Set allow_private_network=true if you explicitly need it.`,
@@ -130,7 +575,7 @@ export async function executeBrowserNavigate(
     };
   }
-  // DNS resolution check for non-literal hostnames
+  // DNS resolution check for non-literal hostnames.
   if (!allowPrivateNetwork) {
     const resolution = await resolveRequestAddress(
       parsedUrl.hostname,
@@ -145,29 +590,40 @@ export async function executeBrowserNavigate(
     }
   }
-  let routeHandler: RouteHandler | null = null;
-  let blockedUrl: string | null = null;
-  // Start screencast if a sender is registered for this conversation
-  const sender = getSender(context.conversationId);
-  if (sender) {
+  // URL validation passed — acquire the CDP client.
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const { cdp, browserMode } = acquired;
+  // Screencast + handoff are Playwright-backed and only meaningful
+  // for the local sacrificial-profile path. On the extension path the
+  // user already has their own Chrome window, so both are no-ops.
+  const sender =
+    cdp.kind === "local" ? getSender(context.conversationId) : null;
+  if (cdp.kind === "local" && sender) {
     await ensureScreencast(context.conversationId);
   }
+  // SSRF route interception uses the Playwright page.route() API to
+  // block redirect-time requests to private networks. This only works
+  // on the local path where Playwright manages the browser; on the
+  // extension/cdp-inspect paths, CDP navigates a different browser so
+  // the Playwright route handler would be a no-op. The post-navigation
+  // final URL check below provides defense-in-depth for all paths.
+  let routeHandler: RouteHandler | null = null;
+  let blockedUrl: string | null = null;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
     log.debug(
       { url: safeRequestedUrl, conversationId: context.conversationId },
       "Navigating",
     );
-    // Install request interception to block redirects/sub-requests to private networks.
-    // This prevents SSRF bypass via server-side redirects and DNS rebinding attacks,
-    // since Playwright follows redirects internally and performs its own DNS resolution.
-    // Only skip for connectOverCDP browsers where page.route() is unreliable.
-    if (!allowPrivateNetwork && browserManager.supportsRouteInterception) {
+    if (
+      cdp.kind === "local" &&
+      !allowPrivateNetwork &&
+      browserManager.supportsRouteInterception
+    ) {
       // Cache DNS results per-hostname to avoid redundant lookups on subrequests
       // (heavy sites like DoorDash fire hundreds of requests to the same CDN hostnames).
       // Use a short TTL to mitigate DNS rebinding attacks where a hostname first
@@ -242,47 +698,107 @@ export async function executeBrowserNavigate(
           );
         }
       };
+      // Bridge through browserManager to reach the Playwright Page for
+      // route installation. The route handler intercepts redirect-time
+      // requests before Page.navigate's network fetches can hit them.
+      const page = await browserManager.getOrCreateSessionPage(
+        context.conversationId,
+      );
       await page.route("**/*", routeHandler);
     }
-    // Use domcontentloaded but with a shorter timeout - if it times out,
-    // the page is likely still usable (heavy SPAs like DoorDash keep loading
-    // scripts after DOMContentLoaded). Fall back gracefully instead of failing.
-    let response: PageResponse | null = null;
-    let navigationTimedOut = false;
-    const urlBeforeNav = page.url();
-    try {
-      response = await page.goto(parsedUrl.href, {
-        waitUntil: "domcontentloaded",
-        timeout: NAVIGATE_TIMEOUT_MS,
-      });
-    } catch (navErr) {
-      const navMsg = navErr instanceof Error ? navErr.message : String(navErr);
-      if (navMsg.includes("Timeout") || navMsg.includes("timeout")) {
-        // If the page URL never changed from before navigation, the page
-        // never actually loaded - re-throw instead of reporting success.
-        if (page.url() === urlBeforeNav && urlBeforeNav !== parsedUrl.href) {
-          throw navErr;
+    // Read the current URL BEFORE calling navigateAndWait so we can
+    // detect the "page never moved" case on timeout.
+    const urlBeforeNav = await getCurrentUrl(cdp, context.signal);
+    // Navigate via CDP Page.navigate + document.readyState polling.
+    // navigateAndWait returns { finalUrl, timedOut }; HTTP status is
+    // not available on the CDP path because Page.navigate does not
+    // surface the response status.
+    const { finalUrl, timedOut: navigationTimedOut } = await navigateAndWait(
+      cdp,
+      parsedUrl.href,
+      { timeoutMs: NAVIGATE_TIMEOUT_MS },
+      context.signal,
+    );
+    // Defense-in-depth: check the final URL after navigation completes.
+    // This catches redirect-based SSRF even when Playwright route
+    // interception is unavailable (e.g. extension-backed sessions where
+    // the CDP transport is separate from the Playwright page).
+    if (!allowPrivateNetwork) {
+      const finalParsed = parseUrl(finalUrl);
+      if (
+        finalParsed &&
+        (isPrivateOrLocalHost(finalParsed.hostname) ||
+          (
+            await resolveRequestAddress(
+              finalParsed.hostname,
+              resolveHostAddresses,
+              false,
+            )
+          ).blockedAddress)
+      ) {
+        // Navigate the page away from the private target to prevent
+        // follow-up tool calls (e.g. browser_snapshot) from reading
+        // the already-loaded private content.
+        try {
+          await navigateAndWait(
+            cdp,
+            "about:blank",
+            { timeoutMs: 3_000 },
+            context.signal,
+          );
+        } catch {
+          // Best-effort — if the reset fails, the CDP session will be
+          // disposed in the finally block anyway.
         }
-        navigationTimedOut = true;
-        log.info(
-          { url: safeRequestedUrl },
-          "Navigation timed out waiting for domcontentloaded, continuing with partial load",
+        // Clean up the route handler before returning to avoid leaking
+        // a stale interception handler on the session page.
+        if (routeHandler) {
+          const page = await browserManager.getOrCreateSessionPage(
+            context.conversationId,
+          );
+          await page.unroute("**/*", routeHandler);
+          routeHandler = null;
+        }
+        return {
+          content: `Error: Navigation blocked. Final URL resolved to a local/private network target (${sanitizeUrlForOutput(finalParsed)}). Set allow_private_network=true if you explicitly need it.`,
+          isError: true,
+        };
+      }
+    }
+    if (navigationTimedOut) {
+      // If the page URL never changed from before navigation, the page
+      // never actually loaded - re-throw instead of reporting success.
+      if (finalUrl === urlBeforeNav && urlBeforeNav !== parsedUrl.href) {
+        throw new Error(
+          `Navigation to ${parsedUrl.href} timed out after ${NAVIGATE_TIMEOUT_MS}ms`,
         );
-      } else {
-        throw navErr;
       }
+      log.info(
+        { url: safeRequestedUrl },
+        "Navigation timed out waiting for document.readyState, continuing with partial load",
+      );
     }
-    // Remove the route handler now that navigation is complete
+    // Remove the Playwright route handler now that navigation is
+    // complete (local path only — route interception is gated above).
     if (routeHandler) {
+      const page = await browserManager.getOrCreateSessionPage(
+        context.conversationId,
+      );
       await page.unroute("**/*", routeHandler);
       routeHandler = null;
     }
-    // Reposition the browser window after navigation so the user can watch.
-    // positionWindowSidebar() is a no-op when browserCdpSession is unavailable.
-    if (!browserManager.isInteractive(context.conversationId)) {
+    // Window positioning is a Playwright-internal affordance - on the
+    // extension path the user owns their Chrome window, so positioning
+    // is a no-op.
+    if (
+      cdp.kind === "local" &&
+      !browserManager.isInteractive(context.conversationId)
+    ) {
       await browserManager.positionWindowSidebar();
     }
@@ -293,38 +809,34 @@ export async function executeBrowserNavigate(
       };
     }
-    // Navigation changed the page content, so clear stale snapshot mappings.
-    // Without this, element IDs from a previous page could resolve and cause
-    // confusing Playwright timeout errors instead of the actionable
-    // "run browser_snapshot first" message.
-    browserManager.clearSnapshotMap(context.conversationId);
+    // Navigation changed the page content, so clear stale snapshot
+    // mappings regardless of backend. The backendNodeId map is shared
+    // per-conversation state that needs to be invalidated on any nav.
+    browserManager.clearSnapshotBackendNodeMap(context.conversationId);
-    // Auto-dismiss common blocker modals (regulatory notices, cookie banners)
-    // that aren't exposed in the accessibility tree. Runs silently - if no
-    // modal is present the evaluate is a no-op.
+    // Auto-dismiss common blocker modals (regulatory notices, cookie
+    // banners) that aren't exposed in the accessibility tree. Runs
+    // silently - if no modal is present the evaluate is a no-op.
     try {
-      await page.evaluate(`(() => {
-        const dismissPatterns = /^(got it|accept|ok|dismiss|i understand|close)$/i;
-        const buttons = document.querySelectorAll('button, [role="button"], input[type="submit"]');
-        for (const btn of buttons) {
-          const text = (btn.textContent || '').trim();
-          if (dismissPatterns.test(text)) {
-            const modal = btn.closest('[role="dialog"], [class*="modal"], [class*="Modal"], [class*="overlay"], [class*="Overlay"]');
-            if (modal) {
-              btn.click();
-              break;
-            }
-          }
-        }
-      })()`);
+      await evaluateExpression(
+        cdp,
+        DISMISS_MODALS_EXPRESSION,
+        {},
+        context.signal,
+      );
     } catch {
       // Page may have navigated during evaluate - safe to ignore
     }
-    const finalUrl = page.url();
     const safeFinalUrl = sanitizeUrlForOutput(new URL(finalUrl));
-    const title = await page.title();
-    const status = response?.status() ?? null;
+    const title = await getPageTitle(cdp, context.signal);
+    // HTTP status is not available on the CDP path: `Page.navigate`
+    // resolves the frame id and (on failure) an error text, but does
+    // not carry the response status code. Both the local and extension
+    // paths therefore print "unknown" here. A future phase may subscribe
+    // to `Network.responseReceived` events during the navigation window
+    // if the status is needed again.
+    const status: number | null = null;
     const lines: string[] = [
       `Requested URL: ${safeRequestedUrl}`,
@@ -335,7 +847,7 @@ export async function executeBrowserNavigate(
     if (navigationTimedOut) {
       lines.push(
-        `Note: Page is still loading (domcontentloaded timed out). The page should still be interactive - use browser_snapshot to check.`,
+        `Note: Page is still loading (document.readyState timed out). The page should still be interactive - use browser_snapshot to check.`,
       );
     }
@@ -343,10 +855,14 @@ export async function executeBrowserNavigate(
       lines.push(`Note: Page redirected from the requested URL.`);
     }
-    // Detect auth challenges (login pages, 2FA, OAuth consent) and CAPTCHA challenges
+    // Detect auth challenges (login pages, 2FA, OAuth consent) and CAPTCHA
+    // challenges via the CDP-migrated auth-detector helpers.
     try {
-      const authChallenge = await detectAuthChallenge(page);
-      const captchaChallenge = await detectCaptchaChallenge(page);
+      const authChallenge = await detectAuthChallenge(cdp, context.signal);
+      const captchaChallenge = await detectCaptchaChallenge(
+        cdp,
+        context.signal,
+      );
       // CAPTCHA takes priority - it blocks all interaction including login
       let challenge = captchaChallenge ?? authChallenge;
@@ -359,12 +875,12 @@ export async function executeBrowserNavigate(
             return { content: "Navigation cancelled.", isError: true };
           }
           await new Promise((r) => setTimeout(r, 1000));
-          const still = await detectCaptchaChallenge(page);
+          const still = await detectCaptchaChallenge(cdp, context.signal);
           if (!still) {
             log.info("CAPTCHA auto-resolved");
             // Re-check for auth challenge now that CAPTCHA is gone -
             // the page may have loaded a login form behind it.
-            challenge = await detectAuthChallenge(page);
+            challenge = await detectAuthChallenge(cdp, context.signal);
             break;
           }
         }
@@ -373,7 +889,11 @@ export async function executeBrowserNavigate(
       if (challenge) {
         if (challenge.type === "captcha") {
           // CAPTCHA persisted after auto-resolve wait - hand off to user
-          if (sender) {
+          // only when we have a local Playwright-managed Chrome window
+          // AND a sender is registered. The extension path falls back
+          // to the text-only "solve manually" branch because the user
+          // already owns their Chrome window.
+          if (cdp.kind === "local" && sender) {
             const { startHandoff } = await import("./browser-handoff.js");
             await startHandoff(context.conversationId, {
               reason: "captcha",
@@ -381,15 +901,18 @@ export async function executeBrowserNavigate(
                 "Cloudflare verification detected. Please solve the CAPTCHA in the Chrome window. The browser will automatically detect when you're done and resume.",
               bringToFront: true,
             });
-            const newUrl = page.url();
-            const newTitle = await page.title();
+            const newUrl = await getCurrentUrl(cdp, context.signal);
+            const newTitle = await getPageTitle(cdp, context.signal);
             lines.push("");
             lines.push(
               `CAPTCHA solved by user. Current page: ${newTitle} (${newUrl})`,
             );
             // Re-check for auth challenges - the page behind the CAPTCHA may have a login form
-            const postCaptchaAuth = await detectAuthChallenge(page);
+            const postCaptchaAuth = await detectAuthChallenge(
+              cdp,
+              context.signal,
+            );
             if (postCaptchaAuth) {
               lines.push("");
               lines.push(formatAuthChallenge(postCaptchaAuth));
@@ -448,7 +971,7 @@ export async function executeBrowserNavigate(
     return { content: lines.join("\n"), isError: false };
   } catch (err) {
-    // Best-effort cleanup of route handler on error
+    // Best-effort cleanup of route handler on error (local path only)
     if (routeHandler) {
       try {
         const page = await browserManager.getOrCreateSessionPage(
@@ -461,8 +984,8 @@ export async function executeBrowserNavigate(
     }
     // If the route handler blocked a redirect to a private network address,
-    // page.goto() throws. Return the clear security message instead of the
-    // raw Playwright error (which could leak credentials from the URL).
+    // Page.navigate throws. Return the clear security message instead of
+    // the raw underlying error (which could leak credentials from the URL).
     if (blockedUrl) {
       return {
         content: `Error: Navigation blocked. A request targeted a local/private network address (${blockedUrl}). Set allow_private_network=true if you explicitly need it.`,
@@ -470,9 +993,16 @@ export async function executeBrowserNavigate(
       };
     }
+    const diagnosticMessage = formatCdpSendDiagnostics(err, browserMode);
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err, url: safeRequestedUrl }, "Navigation failed");
     return { content: `Error: Navigation failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -482,79 +1012,49 @@ export async function executeBrowserSnapshot(
   _input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
+  const acquired = acquireCdpClientWithMode(_input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const { cdp, browserMode } = acquired;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
+    const currentUrl = await getCurrentUrl(cdp, context.signal);
+    const title = await getPageTitle(cdp, context.signal);
+    // Pull the full accessibility tree via CDP and fold it into typed
+    // interactive elements + an `eid → backendNodeId` map. Interaction
+    // tools (click, hover, type, …) resolve element_id against this map
+    // and jump straight to CDP DOM commands without another round-trip
+    // through any selector engine.
+    await cdp.send("Accessibility.enable", {}, context.signal);
+    const rawTree = await cdp.send(
+      "Accessibility.getFullAXTree",
+      {},
+      context.signal,
     );
-    const currentUrl = page.url();
-    const title = await page.title();
-    const elements = (await page.evaluate(`
-      (() => {
-        const SELECTOR = ${JSON.stringify(INTERACTIVE_SELECTOR)};
-        const MAX = ${MAX_SNAPSHOT_ELEMENTS};
-        // Clear stale eid attributes from previous snapshots
-        document.querySelectorAll('[data-vellum-eid]').forEach(el => el.removeAttribute('data-vellum-eid'));
-        const els = Array.from(document.querySelectorAll(SELECTOR));
-        const visible = els.filter(el => {
-          const rect = el.getBoundingClientRect();
-          return rect.width > 0 && rect.height > 0;
-        });
-        return visible.slice(0, MAX).map((el, i) => {
-          const eid = 'e' + (i + 1);
-          el.setAttribute('data-vellum-eid', eid);
-          const tag = el.tagName.toLowerCase();
-          const attrs = {};
-          for (const attr of ['type', 'name', 'placeholder', 'href', 'value', 'role', 'aria-label', 'id']) {
-            if (el.hasAttribute(attr)) attrs[attr] = el.getAttribute(attr);
-          }
-          const text = (el.textContent || '').trim().slice(0, 80);
-          return { eid, tag, attrs, text };
-        });
-      })()
-    `)) as SnapshotElement[];
-    // Build and store selector map
-    const selectorMap = new Map<string, string>();
-    for (const el of elements) {
-      selectorMap.set(el.eid, `[data-vellum-eid="${el.eid}"]`);
-    }
-    browserManager.storeSnapshotMap(context.conversationId, selectorMap);
-    // Format output
-    const lines: string[] = [
-      `URL: ${currentUrl}`,
-      `Title: ${title || "(none)"}`,
-      "",
-    ];
+    const { elements, selectorMap: backendNodeMap } = transformAxTree(rawTree);
-    if (elements.length === 0) {
-      lines.push("(no interactive elements found)");
-    } else {
-      for (const el of elements) {
-        let desc = `<${el.tag}`;
-        for (const [key, val] of Object.entries(el.attrs)) {
-          desc += ` ${key}="${val}"`;
-        }
-        desc += ">";
-        if (el.text) {
-          desc += ` ${el.text}`;
-        }
-        lines.push(`[${el.eid}] ${desc}`);
-      }
-      lines.push("");
-      lines.push(
-        `${elements.length} interactive element${
-          elements.length === 1 ? "" : "s"
-        } found.`,
-      );
-    }
+    browserManager.storeSnapshotBackendNodeMap(
+      context.conversationId,
+      backendNodeMap,
+    );
-    return { content: lines.join("\n"), isError: false };
+    return {
+      content: formatAxSnapshot(
+        { elements, selectorMap: backendNodeMap },
+        { url: currentUrl, title },
+      ),
+      isError: false,
+    };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(err, browserMode);
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Snapshot failed");
     return { content: `Error: Snapshot failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -564,17 +1064,17 @@ export async function executeBrowserScreenshot(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const { cdp, browserMode } = acquired;
   const fullPage = input.full_page === true;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
+    const buffer = await captureScreenshotJpeg(
+      cdp,
+      { quality: 80, fullPage },
+      context.signal,
     );
-    const buffer = await page.screenshot({
-      type: "jpeg",
-      quality: 80,
-      fullPage,
-    });
     const base64Data = buffer.toString("base64");
     const imageBlock: ImageContent = {
@@ -594,9 +1094,118 @@ export async function executeBrowserScreenshot(
       contentBlocks: [imageBlock],
     };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(err, browserMode);
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Screenshot failed");
     return { content: `Error: Screenshot failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
+  }
+}
+// ── browser_attach ───────────────────────────────────────────────────
+export async function executeBrowserAttach(
+  _input: Record<string, unknown>,
+  context: ToolContext,
+): Promise<ToolExecutionResult> {
+  const acquired = acquireCdpClientWithMode(_input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
+    if (cdp.kind === "extension") {
+      // Extension path: explicitly attach the debugger via a synthetic
+      // Vellum.attach command so the debugging session is established
+      // before any navigation or interaction.
+      const result = await cdp.send<{ attached?: boolean; target?: unknown }>(
+        "Vellum.attach",
+        {},
+        context.signal,
+      );
+      log.debug(
+        { conversationId: context.conversationId, result },
+        "Browser debugger attached (extension)",
+      );
+      return {
+        content: "Browser debugger attached.",
+        isError: false,
+      };
+    }
+    // Non-extension backends (local / cdp-inspect): explicit attach is
+    // not required — the backend manages its own connection lifecycle.
+    // Return a deterministic no-op success.
+    return {
+      content:
+        "Browser session ready. (Explicit attach is not required on this backend.)",
+      isError: false,
+    };
+  } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
+    const msg = err instanceof Error ? err.message : String(err);
+    log.error({ err }, "Attach failed");
+    return { content: `Error: Attach failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
+  }
+}
+// ── browser_detach ──────────────────────────────────────────────────
+export async function executeBrowserDetach(
+  _input: Record<string, unknown>,
+  context: ToolContext,
+): Promise<ToolExecutionResult> {
+  const acquired = acquireCdpClientWithMode(_input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
+    if (cdp.kind === "extension") {
+      // Extension path: explicitly detach the debugger via a synthetic
+      // Vellum.detach command so the Chrome debugging banner clears.
+      const result = await cdp.send<{ detached?: boolean; target?: unknown }>(
+        "Vellum.detach",
+        {},
+        context.signal,
+      );
+      log.debug(
+        { conversationId: context.conversationId, result },
+        "Browser debugger detached (extension)",
+      );
+    }
+    return {
+      content: "Browser debugger detached and snapshot state cleared.",
+      isError: false,
+    };
+  } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
+    const msg = err instanceof Error ? err.message : String(err);
+    log.error({ err }, "Detach failed");
+    return { content: `Error: Detach failed: ${msg}`, isError: true };
+  } finally {
+    // Always reset conversation-scoped browser state, even if the
+    // Vellum.detach round-trip failed (target gone, transport dropped).
+    // browser_detach is the user's recovery path — leaving a stale
+    // sticky backend or snapshot map behind would defeat its purpose.
+    browserManager.clearSnapshotBackendNodeMap(context.conversationId);
+    browserManager.clearPreferredBackendKind(context.conversationId);
+    cdp.dispose();
   }
 }
@@ -606,29 +1215,62 @@ export async function executeBrowserClose(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const sender = getSender(context.conversationId);
-    if (sender) {
-      await stopBrowserScreencast(context.conversationId);
-    }
+    if (cdp.kind === "local") {
+      // Local/sacrificial-profile path: tear down the Playwright page,
+      // screencast, and associated CDP state for this conversation.
+      const sender = getSender(context.conversationId);
+      if (sender) {
+        await stopBrowserScreencast(context.conversationId);
+      }
-    if (input.close_all_pages === true) {
-      await stopAllScreencasts();
-      await browserManager.closeAllPages();
+      if (input.close_all_pages === true) {
+        await stopAllScreencasts();
+        await browserManager.closeAllPages();
+        return {
+          content: "All browser pages and context closed.",
+          isError: false,
+        };
+      }
+      await browserManager.closeSessionPage(context.conversationId);
       return {
-        content: "All browser pages and context closed.",
+        content: "Browser page closed for this conversation.",
         isError: false,
       };
     }
-    await browserManager.closeSessionPage(context.conversationId);
+    // Extension path: the user owns their Chrome tab — we must not
+    // close it. Detach the debugger (so the Chrome debugging banner
+    // clears promptly) and drop the cached snapshot state so stale
+    // eids from prior snapshots cannot be resolved by later tool calls.
+    try {
+      await cdp.send("Vellum.detach", {}, context.signal);
+    } catch {
+      // Tolerate detach failures (already detached, tab closed, etc.)
+    }
+    browserManager.clearSnapshotBackendNodeMap(context.conversationId);
+    browserManager.clearPreferredBackendKind(context.conversationId);
     return {
-      content: "Browser page closed for this conversation.",
+      content:
+        "Browser session cleared. (Your Chrome tab was not closed — close it yourself if desired.)",
       isError: false,
     };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Close failed");
     return { content: `Error: Close failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -638,32 +1280,115 @@ export async function executeBrowserClick(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
-  const { selector, error } = resolveSelector(context.conversationId, input);
+  const { resolved, error } = resolveElement(context.conversationId, input);
   if (error) return { content: error, isError: true };
-  const timeout =
-    typeof input.timeout === "number" ? input.timeout : ACTION_TIMEOUT_MS;
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
-    await page.click(selector!, { timeout });
-    return { content: `Clicked element: ${selector}`, isError: false };
+    let backendNodeId: number;
+    if (resolved!.kind === "backend") {
+      backendNodeId = resolved!.backendNodeId;
+    } else {
+      // Wait until the selector matches a visible element. Mirrors
+      // Playwright's `page.click(selector, { timeout })` semantics
+      // and lets click work on async-hydrated pages where the
+      // target may not yet exist when the tool is invoked.
+      // cdpWaitForSelector returns the backendNodeId so we don't
+      // need a separate querySelectorBackendNodeId round-trip.
+      backendNodeId = await cdpWaitForSelector(
+        cdp,
+        resolved!.selector,
+        ACTION_TIMEOUT_MS,
+        context.signal,
+      );
+    }
+    await scrollIntoViewIfNeeded(cdp, backendNodeId, context.signal);
+    const point = await getCenterPoint(cdp, backendNodeId, context.signal);
+    await dispatchClickAt(cdp, point, context.signal);
+    const desc =
+      resolved!.kind === "backend"
+        ? `eid=${resolved!.eid}`
+        : resolved!.selector;
+    return { content: `Clicked element: ${desc}`, isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
-    log.error({ err, selector }, "Click failed");
+    log.error({ err }, "Click failed");
     return { content: `Error: Click failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
+// ── Shared input helpers ─────────────────────────────────────────────
+/**
+ * Focus an element, clear its existing value (handling both
+ * `<input>`/`<textarea>` and `contentEditable` targets), re-focus
+ * (sites sometimes blur on a programmatic value reset), and insert
+ * the requested text via `Input.insertText`.
+ *
+ * Used by both `executeBrowserType` and `executeBrowserFillCredential`
+ * so credential fills cannot append to autofilled / pre-populated
+ * fields — appending would leak the existing value into the broker
+ * payload and corrupt the resulting password.
+ */
+async function clearAndInsertText(
+  cdp: CdpClient,
+  backendNodeId: number,
+  value: string,
+  signal?: AbortSignal,
+): Promise<void> {
+  await focusElement(cdp, backendNodeId, signal);
+  // Resolve the node to a Runtime.RemoteObject so we can invoke a
+  // function on the element itself via Runtime.callFunctionOn. This
+  // is more reliable than a keyboard select-all + delete sequence
+  // across input, textarea, and contenteditable targets.
+  const { object } = await cdp.send<{ object: { objectId: string } }>(
+    "DOM.resolveNode",
+    { backendNodeId },
+    signal,
+  );
+  await cdp.send(
+    "Runtime.callFunctionOn",
+    {
+      objectId: object.objectId,
+      functionDeclaration: `function() {
+        if (typeof this.value === "string") {
+          this.value = "";
+        } else if (this.isContentEditable) {
+          this.textContent = "";
+        }
+        this.dispatchEvent(new Event("input", { bubbles: true }));
+      }`,
+      arguments: [],
+    },
+    signal,
+  );
+  // Re-focus after clearing — some sites move focus when the value
+  // property is reassigned programmatically.
+  await focusElement(cdp, backendNodeId, signal);
+  await dispatchInsertText(cdp, value, signal);
+}
 // ── browser_type ─────────────────────────────────────────────────────
 export async function executeBrowserType(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
-  const { selector, error } = resolveSelector(context.conversationId, input);
+  const { resolved, error } = resolveElement(context.conversationId, input);
   if (error) return { content: error, isError: true };
   const text = typeof input.text === "string" ? input.text : "";
@@ -674,40 +1399,54 @@ export async function executeBrowserType(
   const clearFirst = input.clear_first !== false; // default true
   const pressEnter = input.press_enter === true;
-  try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
+  const targetDescription =
+    resolved!.kind === "backend"
+      ? `element_id "${resolved!.eid}"`
+      : resolved!.selector;
-    const fillTimeout =
-      typeof input.timeout === "number" ? input.timeout : ACTION_TIMEOUT_MS;
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
+    let backendNodeId: number;
+    if (resolved!.kind === "backend") {
+      backendNodeId = resolved!.backendNodeId;
+    } else {
+      backendNodeId = await querySelectorBackendNodeId(
+        cdp,
+        resolved!.selector,
+        context.signal,
+      );
+    }
     if (clearFirst) {
-      await page.fill(selector!, text, { timeout: fillTimeout });
+      await clearAndInsertText(cdp, backendNodeId, text, context.signal);
     } else {
-      // Read existing content before appending. Use .value for form inputs,
-      // with fallback to .innerText for contenteditable elements (preserves
-      // visual line breaks from <br> and block elements, unlike textContent).
-      const currentValue = (await page.evaluate(
-        `(() => { const el = document.querySelector(${JSON.stringify(
-          selector!,
-        )}); if (!el) return ''; if (typeof el.value === 'string') return el.value; return el.innerText ?? ''; })()`,
-      )) as string;
-      await page.fill(selector!, currentValue + text, { timeout: fillTimeout });
+      await focusElement(cdp, backendNodeId, context.signal);
+      await dispatchInsertText(cdp, text, context.signal);
     }
     if (pressEnter) {
-      await page.press(selector!, "Enter");
+      await dispatchKeyPress(cdp, "Enter", context.signal);
     }
-    const lines = [`Typed into element: ${selector}`];
+    const lines = [`Typed into element: ${targetDescription}`];
     if (clearFirst) lines.push("(cleared existing content first)");
     if (pressEnter) lines.push("(pressed Enter after typing)");
     return { content: lines.join("\n"), isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
-    log.error({ err, selector }, "Type failed");
+    log.error({ err, target: targetDescription }, "Type failed");
     return { content: `Error: Type failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -722,39 +1461,65 @@ export async function executeBrowserPressKey(
     return { content: "Error: key is required.", isError: true };
   }
-  try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
-    // If element_id or selector is provided, press key on that element
-    const elementId =
-      typeof input.element_id === "string" ? input.element_id : null;
-    const rawSelector =
-      typeof input.selector === "string" ? input.selector : null;
+  const elementId =
+    typeof input.element_id === "string" ? input.element_id : null;
+  const rawSelector =
+    typeof input.selector === "string" ? input.selector : null;
+  const hasTarget = elementId !== null || rawSelector !== null;
+  let targetDescription: string | null = null;
+  let resolved: ResolvedElement | null = null;
+  if (hasTarget) {
+    const res = resolveElement(context.conversationId, input);
+    if (res.error) {
+      return { content: res.error, isError: true };
+    }
+    resolved = res.resolved;
+    targetDescription =
+      resolved!.kind === "backend"
+        ? `element_id "${resolved!.eid}"`
+        : resolved!.selector;
+  }
-    if (elementId || rawSelector) {
-      const { selector, error } = resolveSelector(
-        context.conversationId,
-        input,
-      );
-      if (error) {
-        return { content: error, isError: true };
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
+    if (resolved) {
+      let backendNodeId: number;
+      if (resolved.kind === "backend") {
+        backendNodeId = resolved.backendNodeId;
+      } else {
+        backendNodeId = await querySelectorBackendNodeId(
+          cdp,
+          resolved.selector,
+          context.signal,
+        );
       }
-      await page.press(selector!, key);
+      await focusElement(cdp, backendNodeId, context.signal);
+      await dispatchKeyPress(cdp, key, context.signal);
       return {
-        content: `Pressed "${key}" on element: ${selector}`,
+        content: `Pressed "${key}" on element: ${targetDescription}`,
         isError: false,
       };
     }
-    // No target -> press key on the page (focused element)
-    await page.keyboard.press(key);
+    // No target -> press key on the currently focused element
+    await dispatchKeyPress(cdp, key, context.signal);
     return { content: `Pressed "${key}"`, isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err, key }, "Press key failed");
     return { content: `Error: Press key failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -776,35 +1541,58 @@ export async function executeBrowserScroll(
   const amount =
     typeof input.amount === "number" ? Math.abs(input.amount) : 500;
+  let deltaX = 0;
+  let deltaY = 0;
+  switch (direction) {
+    case "up":
+      deltaY = -amount;
+      break;
+    case "down":
+      deltaY = amount;
+      break;
+    case "left":
+      deltaX = -amount;
+      break;
+    case "right":
+      deltaX = amount;
+      break;
+  }
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
+    // Fetch viewport dimensions so we can dispatch the wheel event at
+    // the viewport center — scrolling from (0, 0) misses sticky
+    // headers and overflow containers on many sites.
+    const { w, h } = await evaluateExpression<{ w: number; h: number }>(
+      cdp,
+      "({ w: window.innerWidth, h: window.innerHeight })",
+      {},
+      context.signal,
     );
-    let deltaX = 0;
-    let deltaY = 0;
-    switch (direction) {
-      case "up":
-        deltaY = -amount;
-        break;
-      case "down":
-        deltaY = amount;
-        break;
-      case "left":
-        deltaX = -amount;
-        break;
-      case "right":
-        deltaX = amount;
-        break;
-    }
-    await page.mouse.wheel(deltaX, deltaY);
+    await dispatchWheelScroll(
+      cdp,
+      { x: w / 2, y: h / 2 },
+      { deltaX, deltaY },
+      context.signal,
+    );
     return { content: `Scrolled ${direction} by ${amount}px`, isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err, direction }, "Scroll failed");
     return { content: `Error: Scroll failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -814,7 +1602,7 @@ export async function executeBrowserSelectOption(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
-  const { selector, error } = resolveSelector(context.conversationId, input);
+  const { resolved, error } = resolveElement(context.conversationId, input);
   if (error) return { content: error, isError: true };
   const value = typeof input.value === "string" ? input.value : undefined;
@@ -828,32 +1616,115 @@ export async function executeBrowserSelectOption(
     };
   }
-  try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
+  const targetDescription =
+    resolved!.kind === "backend"
+      ? `element_id "${resolved!.eid}"`
+      : resolved!.selector;
-    const option: Record<string, string | number> = {};
-    if (value !== undefined) option.value = value;
-    else if (label !== undefined) option.label = label;
-    else if (index !== undefined) option.index = index;
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
+    let backendNodeId: number;
+    if (resolved!.kind === "backend") {
+      backendNodeId = resolved!.backendNodeId;
+    } else {
+      backendNodeId = await querySelectorBackendNodeId(
+        cdp,
+        resolved!.selector,
+        context.signal,
+      );
+    }
-    await page.selectOption(selector!, option);
+    // CDP does not expose a native "set select value" command, so we
+    // resolve the node to a Runtime.RemoteObject and invoke a function
+    // on it that applies value/label/index and dispatches `input`
+    // followed by `change` (HTML spec order — Angular's
+    // DefaultValueAccessor listens for `input`, so missing it breaks
+    // form bindings on Angular sites).
+    const { object } = await cdp.send<{ object: { objectId: string } }>(
+      "DOM.resolveNode",
+      { backendNodeId },
+      context.signal,
+    );
+    const callResult = await cdp.send<{
+      result?: { value?: boolean };
+    }>(
+      "Runtime.callFunctionOn",
+      {
+        objectId: object.objectId,
+        functionDeclaration: `function(value, label, index) {
+          let matched = false;
+          if (value !== null && value !== undefined) {
+            for (const opt of this.options) {
+              if (opt.value === value) {
+                this.value = value;
+                matched = true;
+                break;
+              }
+            }
+          } else if (label !== null && label !== undefined) {
+            for (const opt of this.options) {
+              if (opt.label === label) {
+                this.value = opt.value;
+                matched = true;
+                break;
+              }
+            }
+          } else if (index !== null && index !== undefined) {
+            if (index >= 0 && index < this.options.length) {
+              this.selectedIndex = index;
+              matched = true;
+            }
+          }
+          if (matched) {
+            this.dispatchEvent(new Event("input", { bubbles: true }));
+            this.dispatchEvent(new Event("change", { bubbles: true }));
+          }
+          return matched;
+        }`,
+        arguments: [
+          { value: value ?? null },
+          { value: label ?? null },
+          { value: index ?? null },
+        ],
+        returnByValue: true,
+      },
+      context.signal,
+    );
+    const matched = callResult?.result?.value === true;
     const desc =
       value !== undefined
         ? `value="${value}"`
         : label !== undefined
           ? `label="${label}"`
           : `index=${index}`;
+    if (!matched) {
+      return {
+        content: `Error: Select option failed: no option matched ${desc} on ${targetDescription}.`,
+        isError: true,
+      };
+    }
     return {
-      content: `Selected option (${desc}) on element: ${selector}`,
+      content: `Selected option (${desc}) on element: ${targetDescription}`,
       isError: false,
     };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
-    log.error({ err, selector }, "Select option failed");
+    log.error({ err, target: targetDescription }, "Select option failed");
     return { content: `Error: Select option failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -863,20 +1734,48 @@ export async function executeBrowserHover(
   input: Record<string, unknown>,
   context: ToolContext,
 ): Promise<ToolExecutionResult> {
-  const { selector, error } = resolveSelector(context.conversationId, input);
+  const { resolved, error } = resolveElement(context.conversationId, input);
   if (error) return { content: error, isError: true };
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
-    await page.hover(selector!, { timeout: ACTION_TIMEOUT_MS });
-    return { content: `Hovered element: ${selector}`, isError: false };
+    let backendNodeId: number;
+    if (resolved!.kind === "backend") {
+      backendNodeId = resolved!.backendNodeId;
+    } else {
+      // Wait until the selector matches a visible element. See the
+      // matching note in executeBrowserClick — async-hydrated pages
+      // need this to behave like Playwright's hover-with-timeout.
+      backendNodeId = await cdpWaitForSelector(
+        cdp,
+        resolved!.selector,
+        ACTION_TIMEOUT_MS,
+        context.signal,
+      );
+    }
+    await scrollIntoViewIfNeeded(cdp, backendNodeId, context.signal);
+    const point = await getCenterPoint(cdp, backendNodeId, context.signal);
+    await dispatchHoverAt(cdp, point, context.signal);
+    const desc =
+      resolved!.kind === "backend"
+        ? `eid=${resolved!.eid}`
+        : resolved!.selector;
+    return { content: `Hovered element: ${desc}`, isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
-    log.error({ err, selector }, "Hover failed");
+    log.error({ err }, "Hover failed");
     return { content: `Error: Hover failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -917,39 +1816,59 @@ export async function executeBrowserWaitFor(
       ? Math.min(input.timeout, MAX_WAIT_MS)
       : MAX_WAIT_MS;
-  try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
+  // Validate browser_mode even on the duration path so invalid values
+  // are rejected consistently regardless of which wait mode is used.
+  const modeResult = parseBrowserMode(input);
+  if (!modeResult.ok) {
+    return { content: modeResult.error, isError: true };
+  }
+  // Duration mode has no CDP interaction — handle without acquiring
+  // a CdpClient so the common "sleep" path stays transport-agnostic.
+  if (duration != null) {
+    const waitMs = Math.min(duration, MAX_WAIT_MS);
+    await new Promise((r) => setTimeout(r, waitMs));
+    return { content: `Waited ${waitMs}ms.`, isError: false };
+  }
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
+  try {
     if (selector) {
-      await page.waitForSelector(selector, { timeout });
+      // browser_wait_for selector mode is "did this node appear at
+      // all" — preserve the existing semantics by polling for DOM
+      // attachment, not full visibility. Tools that need
+      // visible-state polling (click/hover) get it via the default
+      // state in cdpWaitForSelector.
+      await cdpWaitForSelector(cdp, selector, timeout, context.signal, {
+        state: "attached",
+      });
       return {
         content: `Element matching "${selector}" appeared.`,
         isError: false,
       };
     }
-    if (text) {
-      const escaped = JSON.stringify(text);
-      await page.waitForFunction(
-        `document.body?.innerText?.includes(${escaped})`,
-        { timeout },
-      );
-      return {
-        content: `Text "${truncate(text, 80)}" appeared on page.`,
-        isError: false,
-      };
-    }
-    // duration mode (milliseconds)
-    const waitMs = Math.min(duration!, MAX_WAIT_MS);
-    await new Promise((r) => setTimeout(r, waitMs));
-    return { content: `Waited ${waitMs}ms.`, isError: false };
+    // text mode (validated above — modeCount === 1 means text is set)
+    await cdpWaitForText(cdp, text!, timeout, context.signal);
+    return {
+      content: `Text "${truncate(text!, 80)}" appeared on page.`,
+      isError: false,
+    };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Wait failed");
     return { content: `Error: Wait failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -961,20 +1880,24 @@ export async function executeBrowserExtract(
 ): Promise<ToolExecutionResult> {
   const includeLinks = input.include_links === true;
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
+    const currentUrl = await getCurrentUrl(cdp, context.signal);
+    const title = await getPageTitle(cdp, context.signal);
+    let textContent = await evaluateExpression<string>(
+      cdp,
+      "document.body?.innerText ?? ''",
+      {},
+      context.signal,
     );
-    const currentUrl = page.url();
-    const title = await page.title();
-    let textContent = (await page.evaluate(
-      `document.body?.innerText ?? ''`,
-    )) as string;
     if (textContent.length > MAX_EXTRACT_LENGTH) {
       textContent =
-        textContent.slice(0, MAX_EXTRACT_LENGTH) + "\n... (truncated)";
+        safeStringSlice(textContent, 0, MAX_EXTRACT_LENGTH) +
+        "\n... (truncated)";
     }
     const lines: string[] = [
@@ -985,15 +1908,9 @@ export async function executeBrowserExtract(
     ];
     if (includeLinks) {
-      const links = (await page.evaluate(`
-        (() => {
-          const anchors = Array.from(document.querySelectorAll('a[href]'));
-          return anchors.slice(0, 200).map(a => ({
-            text: (a.textContent || '').trim().slice(0, 80),
-            href: a.href,
-          }));
-        })()
-      `)) as Array<{ text: string; href: string }>;
+      const links = await evaluateExpression<
+        Array<{ text: string; href: string }>
+      >(cdp, EXTRACT_LINKS_EXPRESSION, {}, context.signal);
       if (links.length > 0) {
         lines.push("");
@@ -1006,9 +1923,18 @@ export async function executeBrowserExtract(
     return { content: lines.join("\n"), isError: false };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Extract failed");
     return { content: `Error: Extract failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
   }
 }
@@ -1028,26 +1954,43 @@ export async function executeBrowserFillCredential(
     return { content: "Error: field is required.", isError: true };
   }
-  const { selector, error } = resolveSelector(context.conversationId, input);
+  const { resolved, error } = resolveElement(context.conversationId, input);
   if (error) return { content: error, isError: true };
   const pressEnter = input.press_enter === true;
+  const targetDescription =
+    resolved!.kind === "backend"
+      ? `element_id "${resolved!.eid}"`
+      : resolved!.selector;
+  const acquired = acquireCdpClientWithMode(input, context);
+  if (acquired.errorResult) return acquired.errorResult;
+  const cdp = acquired.cdp;
   try {
-    const page = await browserManager.getOrCreateSessionPage(
-      context.conversationId,
-    );
+    let backendNodeId: number;
+    if (resolved!.kind === "backend") {
+      backendNodeId = resolved!.backendNodeId;
+    } else {
+      backendNodeId = await querySelectorBackendNodeId(
+        cdp,
+        resolved!.selector,
+        context.signal,
+      );
+    }
-    // Extract domain from the current page for domain policy enforcement
+    // Extract the current page's hostname for broker domain policy
+    // enforcement. Failures here (pre-navigation, about:blank, malformed
+    // URL) fall through with pageDomain undefined; if the credential
+    // has a domain policy the broker will deny the fill.
     let pageDomain: string | undefined;
     try {
-      const pageUrl = page.url();
+      const pageUrl = await getCurrentUrl(cdp, context.signal);
       if (pageUrl && pageUrl !== "about:blank") {
         const parsed = new URL(pageUrl);
         pageDomain = parsed.hostname;
       }
     } catch {
-      // Invalid URL - pageDomain stays undefined, broker will deny if domain policy exists
+      // pageDomain stays undefined
     }
     const result = await credentialBroker.browserFill({
@@ -1056,7 +1999,13 @@ export async function executeBrowserFillCredential(
       toolName: "browser_fill_credential",
       domain: pageDomain,
       fill: async (value) => {
-        await page.fill(selector!, value);
+        // Clear-then-focus-then-insert via the shared helper. We
+        // MUST clear first: Input.insertText writes at the cursor,
+        // so on autofilled / pre-populated fields a bare insert
+        // would append the credential to the existing value,
+        // producing a corrupted password and leaking partial state
+        // back into the page.
+        await clearAndInsertText(cdp, backendNodeId, value, context.signal);
       },
     });
@@ -1086,7 +2035,10 @@ export async function executeBrowserFillCredential(
           isError: true,
         };
       }
-      log.error({ selector, reason }, "Fill credential failed");
+      log.error(
+        { target: targetDescription, reason },
+        "Fill credential failed",
+      );
       return {
         content: `Error: Fill credential failed: ${reason}`,
         isError: true,
@@ -1094,7 +2046,7 @@ export async function executeBrowserFillCredential(
     }
     if (pressEnter) {
-      await page.press(selector!, "Enter");
+      await dispatchKeyPress(cdp, "Enter", context.signal);
     }
     return {
@@ -1102,8 +2054,501 @@ export async function executeBrowserFillCredential(
       isError: false,
     };
   } catch (err) {
+    const diagnosticMessage = formatCdpSendDiagnostics(
+      err,
+      acquired.browserMode,
+    );
+    if (diagnosticMessage) {
+      return { content: diagnosticMessage, isError: true };
+    }
     const msg = err instanceof Error ? err.message : String(err);
     log.error({ err }, "Fill credential failed");
     return { content: `Error: Fill credential failed: ${msg}`, isError: true };
+  } finally {
+    cdp.dispose();
+  }
+}
+function dedupeStrings(values: string[]): string[] {
+  const seen = new Set<string>();
+  const out: string[] = [];
+  for (const value of values) {
+    if (!value) continue;
+    if (seen.has(value)) continue;
+    seen.add(value);
+    out.push(value);
+  }
+  return out;
+}
+function modeTradeoffs(mode: StatusCheckMode): string[] {
+  return MODE_TRADEOFFS[mode];
+}
+function extensionSetupActions(): string[] {
+  return [
+    "Install and enable the Vellum Relay Chrome extension.",
+    "Open the extension popup and click Pair with local assistant.",
+    "Keep the extension connected to the assistant relay.",
+  ];
+}
+function cdpInspectSetupActions(): string[] {
+  return [
+    "Launch Chrome with --remote-debugging-port=9222 (or your configured port).",
+    "Keep Chrome running while browser tools are in use.",
+    "Ensure the configured host is loopback (localhost / 127.0.0.1 / ::1).",
+  ];
+}
+function localSetupActions(): string[] {
+  return [
+    "Install assistant dependencies with bun install in assistant/.",
+    "Install Chromium for Playwright: bunx playwright install chromium.",
+  ];
+}
+function extractDiscoveryCodes(error: CdpError): string[] {
+  const diagnostics = error.attemptDiagnostics ?? [];
+  const codes: string[] = [];
+  for (const diag of diagnostics) {
+    if (diag.discoveryCode) codes.push(diag.discoveryCode);
+  }
+  return dedupeStrings(codes);
+}
+function containsTokenCaseInsensitive(text: string, token: string): boolean {
+  return text.toLowerCase().includes(token.toLowerCase());
+}
+function probeFailureActions(mode: StatusCheckMode, error: CdpError): string[] {
+  const actions: string[] = [];
+  const message = error.message.toLowerCase();
+  const discoveryCodes = extractDiscoveryCodes(error).map((c) =>
+    c.toLowerCase(),
+  );
+  if (mode === BROWSER_STATUS_MODE.EXTENSION) {
+    actions.push(...extensionSetupActions());
+    if (
+      containsTokenCaseInsensitive(
+        message,
+        EXTENSION_STATUS_ERROR_MARKER.UNAUTHORIZED_ORIGIN,
+      )
+    ) {
+      actions.push(
+        "Ensure this extension ID is present in meta/browser-extension/chrome-extension-allowlist.json and restart the assistant.",
+      );
+    }
+    if (
+      containsTokenCaseInsensitive(
+        message,
+        EXTENSION_STATUS_ERROR_MARKER.NATIVE_MESSAGING_HOST,
+      )
+    ) {
+      actions.push(
+        "Reinstall the native messaging host manifest and confirm it allows this extension ID.",
+      );
+    }
+    if (
+      containsTokenCaseInsensitive(
+        message,
+        EXTENSION_STATUS_ERROR_MARKER.HTTP_401,
+      )
+    ) {
+      actions.push(
+        "Re-pair the extension so it refreshes its local relay credential.",
+      );
+    }
+  }
+  if (mode === BROWSER_STATUS_MODE.CDP_INSPECT) {
+    actions.push(...cdpInspectSetupActions());
+    if (discoveryCodes.includes(CDP_INSPECT_STATUS_DISCOVERY_CODE.NO_TARGETS)) {
+      actions.push("Open at least one normal web page tab and retry.");
+    }
+    if (
+      discoveryCodes.includes(
+        CDP_INSPECT_STATUS_DISCOVERY_CODE.INVALID_RESPONSE,
+      ) ||
+      discoveryCodes.includes(
+        CDP_INSPECT_STATUS_DISCOVERY_CODE.WS_FALLBACK_FAILED,
+      )
+    ) {
+      actions.push(
+        "Verify nothing else is bound to the configured CDP port and exposing non-DevTools responses.",
+      );
+    }
+  }
+  if (mode === BROWSER_STATUS_MODE.LOCAL) {
+    actions.push(...localSetupActions());
+  }
+  return dedupeStrings(actions);
+}
+async function probePinnedBrowserMode(
+  mode: StatusCheckMode,
+  context: ToolContext,
+): Promise<
+  | {
+      ok: true;
+      backendKind: CdpClientKind;
+    }
+  | {
+      ok: false;
+      error: CdpError;
+      diagnostic: string;
+    }
+> {
+  let cdp: ReturnType<typeof getCdpClient> | null = null;
+  try {
+    cdp = getCdpClient(context, { mode });
+    await cdp.send(
+      "Runtime.evaluate",
+      {
+        expression: "document.readyState",
+        returnByValue: true,
+      },
+      context.signal,
+    );
+    return { ok: true, backendKind: cdp.kind };
+  } catch (err) {
+    if (err instanceof CdpError) {
+      return {
+        ok: false,
+        error: err,
+        diagnostic: formatModeSelectionFailure(mode, err),
+      };
+    }
+    const wrapped = new CdpError(
+      "transport_error",
+      err instanceof Error ? err.message : String(err),
+      { underlying: err },
+    );
+    return {
+      ok: false,
+      error: wrapped,
+      diagnostic: formatModeSelectionFailure(mode, wrapped),
+    };
+  } finally {
+    cdp?.dispose();
+  }
+}
+async function checkExtensionModeStatus(
+  context: ToolContext,
+  autoCandidate: boolean,
+): Promise<BrowserStatusModeResult> {
+  const proxyBound = Boolean(context.hostBrowserProxy);
+  const proxyConnected = context.hostBrowserProxy?.isAvailable() ?? false;
+  if (!proxyBound) {
+    return {
+      mode: BROWSER_STATUS_MODE.EXTENSION,
+      available: false,
+      verified: "preflight",
+      autoCandidate,
+      summary:
+        "Extension mode is unavailable: no host browser proxy is bound to this conversation.",
+      userActions: extensionSetupActions(),
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.EXTENSION),
+      details: {
+        proxyBound,
+        proxyConnected,
+      },
+    };
+  }
+  if (!proxyConnected) {
+    return {
+      mode: BROWSER_STATUS_MODE.EXTENSION,
+      available: false,
+      verified: "preflight",
+      autoCandidate,
+      summary:
+        "Extension mode is unavailable: the extension transport is currently disconnected.",
+      userActions: extensionSetupActions(),
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.EXTENSION),
+      details: {
+        proxyBound,
+        proxyConnected,
+      },
+    };
+  }
+  const probe = await probePinnedBrowserMode(
+    BROWSER_STATUS_MODE.EXTENSION,
+    context,
+  );
+  if (probe.ok) {
+    return {
+      mode: BROWSER_STATUS_MODE.EXTENSION,
+      available: true,
+      verified: "active_probe",
+      autoCandidate,
+      summary: "Extension mode is ready and responded to an active CDP probe.",
+      userActions: [],
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.EXTENSION),
+      details: {
+        proxyBound,
+        proxyConnected,
+        backendKind: probe.backendKind,
+      },
+    };
+  }
+  return {
+    mode: BROWSER_STATUS_MODE.EXTENSION,
+    available: false,
+    verified: "active_probe",
+    autoCandidate,
+    summary: `Extension mode probe failed: ${probe.error.message}`,
+    userActions: probeFailureActions(
+      BROWSER_STATUS_MODE.EXTENSION,
+      probe.error,
+    ),
+    tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.EXTENSION),
+    details: {
+      proxyBound,
+      proxyConnected,
+      errorCode: probe.error.code,
+      diagnostic: probe.diagnostic,
+      attemptDiagnostics: probe.error.attemptDiagnostics ?? [],
+    },
+  };
+}
+async function checkCdpInspectModeStatus(
+  context: ToolContext,
+  autoCandidate: boolean,
+): Promise<BrowserStatusModeResult> {
+  const cdpInspectConfig = getConfig().hostBrowser.cdpInspect;
+  const desktopAutoEnabled =
+    context.transportInterface === "macos" &&
+    cdpInspectConfig.desktopAuto.enabled;
+  const cooldownActive =
+    desktopAutoEnabled &&
+    isDesktopAutoCooldownActive(cdpInspectConfig.desktopAuto.cooldownMs);
+  const probe = await probePinnedBrowserMode(
+    BROWSER_STATUS_MODE.CDP_INSPECT,
+    context,
+  );
+  if (probe.ok) {
+    return {
+      mode: BROWSER_STATUS_MODE.CDP_INSPECT,
+      available: true,
+      verified: "active_probe",
+      autoCandidate,
+      summary:
+        "CDP inspect mode is ready and responded to an active CDP probe.",
+      userActions: [],
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.CDP_INSPECT),
+      details: {
+        backendKind: probe.backendKind,
+        configEnabled: cdpInspectConfig.enabled,
+        configHost: cdpInspectConfig.host,
+        configPort: cdpInspectConfig.port,
+        desktopAutoEnabled,
+        desktopAutoCooldownActive: cooldownActive,
+      },
+    };
+  }
+  return {
+    mode: BROWSER_STATUS_MODE.CDP_INSPECT,
+    available: false,
+    verified: "active_probe",
+    autoCandidate,
+    summary: `CDP inspect probe failed: ${probe.error.message}`,
+    userActions: probeFailureActions(
+      BROWSER_STATUS_MODE.CDP_INSPECT,
+      probe.error,
+    ),
+    tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.CDP_INSPECT),
+    details: {
+      errorCode: probe.error.code,
+      discoveryCodes: extractDiscoveryCodes(probe.error),
+      diagnostic: probe.diagnostic,
+      attemptDiagnostics: probe.error.attemptDiagnostics ?? [],
+      configEnabled: cdpInspectConfig.enabled,
+      configHost: cdpInspectConfig.host,
+      configPort: cdpInspectConfig.port,
+      desktopAutoEnabled,
+      desktopAutoCooldownActive: cooldownActive,
+    },
+  };
+}
+async function checkLocalModeStatus(
+  context: ToolContext,
+  autoCandidate: boolean,
+  checkLocalLaunch: boolean,
+): Promise<BrowserStatusModeResult> {
+  const runtime = await checkBrowserRuntime();
+  if (!runtime.playwrightAvailable || !runtime.chromiumInstalled) {
+    return {
+      mode: BROWSER_STATUS_MODE.LOCAL,
+      available: false,
+      verified: "preflight",
+      autoCandidate,
+      summary:
+        runtime.error ??
+        "Local mode preflight failed: Playwright Chromium runtime is not ready.",
+      userActions: localSetupActions(),
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.LOCAL),
+      details: {
+        runtime,
+        launchProbeRequested: checkLocalLaunch,
+      },
+    };
+  }
+  if (!checkLocalLaunch) {
+    return {
+      mode: BROWSER_STATUS_MODE.LOCAL,
+      available: true,
+      verified: "preflight",
+      autoCandidate,
+      summary:
+        "Local mode preflight passed (Playwright + Chromium are present). Launch probe was skipped.",
+      userActions: [],
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.LOCAL),
+      details: {
+        runtime,
+        launchProbeRequested: checkLocalLaunch,
+      },
+    };
+  }
+  const probe = await probePinnedBrowserMode(
+    BROWSER_STATUS_MODE.LOCAL,
+    context,
+  );
+  if (probe.ok) {
+    return {
+      mode: BROWSER_STATUS_MODE.LOCAL,
+      available: true,
+      verified: "active_probe",
+      autoCandidate,
+      summary: "Local mode is ready and responded to an active CDP probe.",
+      userActions: [],
+      tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.LOCAL),
+      details: {
+        runtime,
+        launchProbeRequested: checkLocalLaunch,
+        backendKind: probe.backendKind,
+      },
+    };
+  }
+  return {
+    mode: BROWSER_STATUS_MODE.LOCAL,
+    available: false,
+    verified: "active_probe",
+    autoCandidate,
+    summary: `Local mode probe failed: ${probe.error.message}`,
+    userActions: probeFailureActions(BROWSER_STATUS_MODE.LOCAL, probe.error),
+    tradeoffs: modeTradeoffs(BROWSER_STATUS_MODE.LOCAL),
+    details: {
+      runtime,
+      launchProbeRequested: checkLocalLaunch,
+      errorCode: probe.error.code,
+      diagnostic: probe.diagnostic,
+      attemptDiagnostics: probe.error.attemptDiagnostics ?? [],
+    },
+  };
+}
+// ── browser_status ────────────────────────────────────────────────────
+export async function executeBrowserStatus(
+  input: Record<string, unknown>,
+  context: ToolContext,
+): Promise<ToolExecutionResult> {
+  const parsedMode = parseBrowserMode(input);
+  if (!parsedMode.ok) {
+    return { content: parsedMode.error, isError: true };
+  }
+  if (
+    input[BROWSER_STATUS_INPUT_FIELD.CHECK_LOCAL_LAUNCH] !== undefined &&
+    typeof input[BROWSER_STATUS_INPUT_FIELD.CHECK_LOCAL_LAUNCH] !== "boolean"
+  ) {
+    return {
+      content: `Error: ${BROWSER_STATUS_INPUT_FIELD.CHECK_LOCAL_LAUNCH} must be a boolean when provided.`,
+      isError: true,
+    };
+  }
+  const checkLocalLaunch =
+    input[BROWSER_STATUS_INPUT_FIELD.CHECK_LOCAL_LAUNCH] === true;
+  const requestedMode = parsedMode.mode;
+  const modesToCheck: readonly StatusCheckMode[] =
+    requestedMode === BROWSER_MODE.AUTO
+      ? BROWSER_STATUS_MODES
+      : [requestedMode];
+  const autoCandidateKinds = buildCandidateList(context).map((c) => c.kind);
+  const autoCandidateSet = new Set<CdpClientKind>(autoCandidateKinds);
+  try {
+    const modeResults: BrowserStatusModeResult[] = [];
+    for (const mode of modesToCheck) {
+      const autoCandidate = autoCandidateSet.has(mode);
+      if (mode === BROWSER_STATUS_MODE.EXTENSION) {
+        modeResults.push(
+          await checkExtensionModeStatus(context, autoCandidate),
+        );
+      } else if (mode === BROWSER_STATUS_MODE.CDP_INSPECT) {
+        modeResults.push(
+          await checkCdpInspectModeStatus(context, autoCandidate),
+        );
+      } else {
+        modeResults.push(
+          await checkLocalModeStatus(context, autoCandidate, checkLocalLaunch),
+        );
+      }
+    }
+    const stickyMode = browserManager.getPreferredBackendKind(
+      context.conversationId,
+    );
+    const availableModes = modeResults
+      .filter((r) => r.available)
+      .map((r) => r.mode);
+    const recommendedMode =
+      autoCandidateKinds.find((candidate) =>
+        modeResults.some(
+          (result) => result.mode === candidate && result.available,
+        ),
+      ) ??
+      availableModes[0] ??
+      null;
+    return {
+      content: JSON.stringify(
+        {
+          requestedMode,
+          checkedModes: modesToCheck,
+          autoCandidateOrder: autoCandidateKinds,
+          stickyConversationMode: stickyMode,
+          recommendedMode,
+          checkLocalLaunch,
+          modes: modeResults,
+        },
+        null,
+        2,
+      ),
+      isError: false,
+    };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    return {
+      content: `Error: browser_status failed: ${msg}`,
+      isError: true,
+    };
   }
 }