@wrongstack/cli 0.54.1 → 0.63.4

package/dist/index.js

@@ -2,7 +2,7 @@
 import * as path8 from 'path';
 import { join } from 'path';
 import * as fsp3 from 'fs/promises';
-import { color, writeErr, DefaultTaskStore, TaskTracker, renderProgress, SpecStore, TaskGraphStore, analyzeCriticalPath, getTemplate, listTemplates, templateToMarkdown, SpecParser, renderSpecAnalysis, AISpecBuilder, renderTaskGraph, SpecVersioning, DefaultSecretScrubber, atomicWrite, DefaultPathResolver, TOKENS, mergeCustomModelDefs, DefaultSystemPromptBuilder, makeAutonomyPromptContributor, ToolRegistry, createContextManagerTool, EventBus, SlashCommandRegistry, BrainDecisionQueue, ObservableBrainArbiter, HumanEscalatingBrainArbiter, DefaultBrainArbiter, createDelegateTool, FLEET_ROSTER, createMcpControlTool, DefaultLogger, DefaultModelsRegistry, isStdinTTY, writeOut, runProviderWithRetry, ReplayLogStore, ReplayProviderRunner, ProviderRegistry, InMemoryMetricsSink, wireMetricsToEvents, DefaultHealthRegistry, startMetricsServer, RecoveryLock, DefaultAttachmentStore, QueueStore, Context, loadTodosCheckpoint, attachTodosCheckpoint, loadDirectorState, loadPlan, createDefaultPipelines, AutoCompactionMiddleware, estimateRequestTokensCalibrated, Agent, loadPlugins, FleetManager, makeDirectorSessionFactory, Director, makeFleetEmitTool, makeFleetStatusTool, resolveModelMatrix, AutoApprovePermissionPolicy, PhaseStore, AutoPhasePlanner, PhaseGraphBuilder, WorktreeManager, PhaseOrchestrator, makeLLMClassifier, ParallelEternalEngine, EternalAutonomyEngine, allServers as allServers$1, bootConfig as bootConfig$1, setRawMode, DefaultSessionReader, resolveWstackPaths, ToolAuditLog, DefaultSessionRewinder, DefaultSessionStore, DefaultPluginAPI, makeAgentSubagentRunner, NULL_FLEET_BUS, buildChildEnv, formatContextWindowModeList, repairToolUseAdjacency, getContextWindowMode, resolveContextWindowPolicy, AGENTS_BY_PHASE, dispatchAgent, formatTodosList, SessionRecovery, loadGoal, goalFilePath, summarizeUsage, saveGoal, emptyGoal, buildGoalPreamble, formatGoal, pendingBtwCount, setBtwNote, MATRIX_PHASE_KEYS, AGENT_CATALOG, matrixKeyKind, onResize, decryptConfigSecrets as decryptConfigSecrets$1, encryptConfigSecrets as encryptConfigSecrets$1, InputBuilder, FsError, ERROR_CODES } from '@wrongstack/core';
+import { color, writeErr, DefaultTaskStore, TaskTracker, renderProgress, SpecStore, TaskGraphStore, analyzeCriticalPath, getTemplate, listTemplates, templateToMarkdown, SpecParser, renderSpecAnalysis, AISpecBuilder, renderTaskGraph, SpecVersioning, DefaultSecretScrubber, atomicWrite, DefaultPathResolver, TOKENS, mergeCustomModelDefs, DefaultSystemPromptBuilder, makeAutonomyPromptContributor, ToolRegistry, createContextManagerTool, EventBus, HookRegistry, HookRunner, SlashCommandRegistry, BrainDecisionQueue, ObservableBrainArbiter, HumanEscalatingBrainArbiter, DefaultBrainArbiter, createDelegateTool, FLEET_ROSTER, createMcpControlTool, DefaultLogger, DefaultModelsRegistry, isStdinTTY, writeOut, runProviderWithRetry, ReplayLogStore, ReplayProviderRunner, ProviderRegistry, InMemoryMetricsSink, wireMetricsToEvents, DefaultHealthRegistry, startMetricsServer, RecoveryLock, DefaultAttachmentStore, QueueStore, Context, loadTodosCheckpoint, attachTodosCheckpoint, loadDirectorState, loadPlan, createDefaultPipelines, resolveContextWindowPolicy, AutoCompactionMiddleware, estimateRequestTokensCalibrated, Agent, loadPlugins, FleetManager, makeDirectorSessionFactory, Director, makeFleetEmitTool, makeFleetStatusTool, resolveModelMatrix, AutoApprovePermissionPolicy, PhaseStore, AutoPhasePlanner, PhaseGraphBuilder, WorktreeManager, PhaseOrchestrator, makeLLMClassifier, ParallelEternalEngine, EternalAutonomyEngine, allServers as allServers$1, bootConfig as bootConfig$1, setRawMode, DefaultSessionReader, resolveWstackPaths, ToolAuditLog, DefaultSessionRewinder, DefaultSessionStore, DefaultPluginAPI, ProviderError, makeAgentSubagentRunner, NULL_FLEET_BUS, buildChildEnv, formatContextWindowModeList, repairToolUseAdjacency, getContextWindowMode, AGENTS_BY_PHASE, dispatchAgent, formatTodosList, SessionRecovery, loadGoal, goalFilePath, summarizeUsage, saveGoal, emptyGoal, buildGoalPreamble, formatGoal, pendingBtwCount, setBtwNote, MATRIX_PHASE_KEYS, AGENT_CATALOG, matrixKeyKind, onResize, ERROR_CODES, decryptConfigSecrets as decryptConfigSecrets$1, encryptConfigSecrets as encryptConfigSecrets$1, InputBuilder, FsError } from '@wrongstack/core';
 import { createRequire } from 'module';
 import * as os2 from 'os';
 import os2__default from 'os';
@@ -10,21 +10,21 @@ import * as crypto2 from 'crypto';
 import { randomUUID } from 'crypto';
 import { DefaultSecretVault, decryptConfigSecrets, encryptConfigSecrets, isSecretField } from '@wrongstack/core/security';
 import { WebSocketServer, WebSocket } from 'ws';
-import { MCPRegistry } from '@wrongstack/mcp';
+import { MCPRegistry, MCPServer, serveHttp, serveStdio } from '@wrongstack/mcp';
 import { capabilitiesFor, buildProviderFactoriesFromRegistry, makeProviderFromConfig } from '@wrongstack/providers';
 import { createDefaultContainer, routeImagesForModel, readClipboardImage } from '@wrongstack/runtime';
 import { builtinToolsPack, rememberTool, forgetTool } from '@wrongstack/tools';
 import { fileURLToPath } from 'url';
 import * as readline from 'readline';
-import * as fs11 from 'fs';
+import * as fs12 from 'fs';
 import { writeFileSync, existsSync, readFileSync } from 'fs';
 import { WrongStackACPServer } from '@wrongstack/acp/agent';
 import { ACP_AGENT_COMMANDS, makeACPSubagentRunner, makeACPSubagentRunnerWithStop } from '@wrongstack/acp';
 import { ACP_AGENTS, SubagentBudget } from '@wrongstack/core/coordination';
 import { spawn } from 'child_process';
 import { allServers } from '@wrongstack/core/infrastructure';
-import { createToolVisionAdapters } from '@wrongstack/runtime/vision';
 import { ToolExecutor } from '@wrongstack/core/execution';
+import { createToolVisionAdapters } from '@wrongstack/runtime/vision';
 
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
@@ -2345,29 +2345,43 @@ async function resolveRuntimeMaxContext(input) {
   const providerConfig = input.runtimeProviderConfig ?? input.config.providers?.[input.providerId];
   const providerOverride = positiveNumber(readConfiguredMaxContext(providerConfig));
   if (providerOverride) return providerOverride;
-  const topLevelBaseUrlApplies = input.providerId === input.config.provider;
-  const hasCustomBaseUrl = Boolean(
-    providerConfig?.baseUrl || topLevelBaseUrlApplies && input.config.baseUrl
-  );
-  if (input.modelsRegistry && !hasCustomBaseUrl) {
-    const mergedModels = mergeCustomModelDefs(
-      providerConfig?.customModels,
-      input.config.models
-    );
-    const caps = await capabilitiesFor(
-      input.modelsRegistry,
-      input.providerId,
-      input.modelId,
-      mergedModels
-    ).catch(() => void 0);
-    const catalogMax = positiveNumber(caps?.maxContext);
-    if (catalogMax) return catalogMax;
-    const directModel = await input.modelsRegistry.getModel(input.providerId, input.modelId).catch(() => void 0);
-    const directMax = positiveNumber(directModel?.capabilities.maxContext);
-    if (directMax) return directMax;
+  const catalogId = providerConfig?.type && providerConfig.type !== input.providerId ? providerConfig.type : input.providerId;
+  if (input.modelsRegistry) {
+    const topLevelBaseUrlApplies = input.providerId === input.config.provider;
+    const configuredBaseUrl = providerConfig?.baseUrl ?? (topLevelBaseUrlApplies ? input.config.baseUrl : void 0);
+    let divergesFromCatalog = false;
+    if (configuredBaseUrl) {
+      const resolved = await safeGetProvider(input.modelsRegistry, catalogId);
+      divergesFromCatalog = normalizeBaseUrl(configuredBaseUrl) !== normalizeBaseUrl(resolved?.apiBase);
+    }
+    if (!divergesFromCatalog) {
+      const mergedModels = mergeCustomModelDefs(providerConfig?.customModels, input.config.models);
+      const caps = await capabilitiesFor(
+        input.modelsRegistry,
+        catalogId,
+        input.modelId,
+        mergedModels
+      ).catch(() => void 0);
+      const catalogMax = positiveNumber(caps?.maxContext);
+      if (catalogMax) return catalogMax;
+      const directModel = await input.modelsRegistry.getModel(catalogId, input.modelId).catch(() => void 0);
+      const directMax = positiveNumber(directModel?.capabilities.maxContext);
+      if (directMax) return directMax;
+    }
   }
   return positiveNumber(input.provider.capabilities.maxContext) ?? 0;
 }
+async function safeGetProvider(registry, id) {
+  try {
+    return await registry.getProvider(id);
+  } catch {
+    return void 0;
+  }
+}
+function normalizeBaseUrl(url) {
+  if (!url) return "";
+  return url.trim().toLowerCase().replace(/\/+$/, "");
+}
 function readConfiguredMaxContext(providerConfig) {
   if (!providerConfig || typeof providerConfig !== "object") return void 0;
   const capabilities = providerConfig.capabilities;
@@ -2381,6 +2395,7 @@ function positiveNumber(value) {
 // src/arg-parser.ts
 var BOOLEAN_FLAGS = /* @__PURE__ */ new Set([
   "yolo",
+  "yolo-destructive",
   "force-all-yolo",
   "verbose",
   "trace",
@@ -2407,7 +2422,8 @@ var BOOLEAN_FLAGS = /* @__PURE__ */ new Set([
   "autonomy",
   "eternal",
   "no-hints",
-  "hints"
+  "hints",
+  "no-hooks"
 ]);
 function parseArgs(argv) {
   const flags = {};
@@ -2735,10 +2751,12 @@ function buildAutonomyCommand(opts) {
       "  auto     \u2014 After each turn, agent picks the best next step and continues.",
       "             Runs indefinitely until you press Esc or Ctrl+C.",
       "  eternal  \u2014 Goal-driven sense/decide/execute/reflect loop. Requires /goal.",
-      "             Force-enables YOLO. Runs until /autonomy stop or Ctrl+C twice.",
+      "             Force-enables regular YOLO; destructive-gated calls still use",
+      "             the permission flow. Runs until /autonomy stop or Ctrl+C twice.",
       "  parallel \u2014 Fan-out 4\u20138 subagents per tick. Each tick decomposes the goal,",
       "             spawns N agents, awaits results, aggregates. Requires /goal.",
-      "             Force-enables YOLO. Runs until /autonomy stop or Ctrl+C twice.",
+      "             Force-enables regular YOLO; destructive-gated calls still use",
+      "             the permission flow. Runs until /autonomy stop or Ctrl+C twice.",
       "",
       "Eternal stage flow: decide \u2192 execute \u2192 reflect \u2192 sleep | paused | stopped",
       "Stage shown in real-time. Use /goal pause to pause, /goal resume to continue.",
@@ -2896,7 +2914,7 @@ function buildAutonomyCommand(opts) {
         opts.onEternalStart(newMode);
         const modeLabel = newMode === "eternal-parallel" ? `${color.magenta("PARALLEL")} mode` : `${color.red("ETERNAL")} mode`;
         const msg2 = `Autonomy mode: ${modeLabel} \u2014 engine launching against goal: ${color.bold(goal.goal)}
-${color.dim("YOLO forced ON. Use /autonomy stop to end. Journal at /goal journal.")}`;
+${color.dim("Regular YOLO enabled; destructive-gated calls still use the permission flow. Use /autonomy stop to end. Journal at /goal journal.")}`;
         opts.renderer.write(msg2);
         return { message: msg2 };
       }
@@ -3373,6 +3391,11 @@ function buildContextCommand(opts) {
       "  /context           Show counts: messages, est. tokens, tool calls, todos, read files.",
       "  /context detail    As above, plus model, cwd, projectRoot, and the file list.",
       "  /context repair    Repair orphan tool_use/tool_result blocks after manual compaction.",
+      "  /context limit     Show effective context window for this session.",
+      "  /context limit <tokens> Set effective context window for this session (e.g. 220k).",
+      "  /context limit <tokens> --persist Persist effective context window to config.",
+      "  /context thresholds <warn> <soft> <hard> Set compaction thresholds (percent or decimal).",
+      "  /context thresholds <warn> <soft> <hard> --persist Persist thresholds to config.",
       "  /context mode      List context-window modes.",
       "  /context mode <id> Switch context-window mode for this session."
     ].join("\n"),
@@ -3400,6 +3423,83 @@ ${formatContextWindowModeList(active)}`;
           `  empty msgs:   removed ${repaired.report.removedMessages}`
         ].join("\n") : "Context repair: no orphan tool_use/tool_result blocks found.";
         opts.renderer.write(`${msg2}
+`);
+        return { message: msg2 };
+      }
+      if (trimmed === "limit") {
+        const limit = readEffectiveLimit(ctx, opts);
+        const msg2 = limit > 0 ? `Effective context window: ${limit.toLocaleString()} tokens` : "Effective context window: unknown (auto-compaction may be disabled).";
+        opts.renderer.write(`${msg2}
+`);
+        return { message: msg2 };
+      }
+      if (trimmed.startsWith("limit ")) {
+        const persist = hasPersistFlag(trimmed);
+        const raw = stripPersistFlag(trimmed.slice("limit ".length)).trim();
+        const limit = parseTokenCount(raw);
+        if (!limit) {
+          const msg3 = `Invalid context limit "${raw}". Use a positive token count, e.g. 220k or 220000.`;
+          opts.renderer.write(`${color.red(msg3)}
+`);
+          return { message: msg3 };
+        }
+        ctx.meta["effectiveMaxContext"] = limit;
+        const effective = opts.onContextLimit?.(limit) ?? limit;
+        if (persist) {
+          const error = await persistContextConfig(opts, { effectiveMaxContext: limit });
+          if (error) {
+            opts.renderer.write(`${color.red(error)}
+`);
+            return { message: error };
+          }
+        }
+        const msg2 = `${color.green("Effective context window set:")} ${effective.toLocaleString()} tokens${persist ? " (persisted)" : ""}`;
+        opts.renderer.write(`${msg2}
+`);
+        return { message: msg2 };
+      }
+      if (trimmed.startsWith("thresholds ")) {
+        const persist = hasPersistFlag(trimmed);
+        const thresholdArgs = stripPersistFlag(trimmed.slice("thresholds ".length)).trim();
+        const parts = thresholdArgs.split(/\s+/).filter(Boolean);
+        if (parts.length !== 3) {
+          const msg3 = "Usage: /context thresholds <warn> <soft> <hard> (examples: 60% 75% 90% or 0.6 0.75 0.9)";
+          opts.renderer.write(`${color.red(msg3)}
+`);
+          return { message: msg3 };
+        }
+        const thresholds = parts.map(parseThreshold);
+        if (thresholds.some((v) => v === null)) {
+          const msg3 = "Invalid thresholds. Use percentages (60%) or decimals between 0 and 1.";
+          opts.renderer.write(`${color.red(msg3)}
+`);
+          return { message: msg3 };
+        }
+        const [warn, soft, hard] = thresholds;
+        if (!(warn < soft && soft < hard)) {
+          const msg3 = "Invalid thresholds: require warn < soft < hard.";
+          opts.renderer.write(`${color.red(msg3)}
+`);
+          return { message: msg3 };
+        }
+        const base = readPolicy(ctx) ?? resolveContextWindowPolicy({});
+        const policy2 = { ...base, thresholds: { warn, soft, hard } };
+        ctx.meta["contextWindowMode"] = policy2.id;
+        ctx.meta["contextWindowPolicy"] = policy2;
+        if (persist) {
+          const error = await persistContextConfig(opts, {
+            warnThreshold: warn,
+            softThreshold: soft,
+            hardThreshold: hard
+          });
+          if (error) {
+            opts.renderer.write(`${color.red(error)}
+`);
+            return { message: error };
+          }
+        }
+        const msg2 = `${color.green("Context thresholds set:")} warn ${pct(warn)}, soft ${pct(soft)}, hard ${pct(hard)}${persist ? " (persisted)" : ""}`;
+        opts.renderer.write(`${msg2}
 `);
         return { message: msg2 };
       }
@@ -3433,6 +3533,7 @@ ${formatContextWindowModeList(active)}`;
         `  messages:    ${messages.length} total (${countTurnPairs(messages)} user+assistant pairs)`,
         `  tokens (est): ${estimateTokens(messages).toLocaleString()} (chars / 4 estimate)`,
         `  mode:        ${policy ? `${policy.id} (${policy.name})` : "balanced"}`,
+        `  limit:       ${formatLimit(readEffectiveLimit(ctx, opts))}`,
         `  system prompt: ${ctx.systemPrompt.length} block${ctx.systemPrompt.length !== 1 ? "s" : ""}`,
         `  tools:       ${countToolUses(messages)} calls made, ${countToolResults(messages)} results in history`,
         `  read files:  ${ctx.readFiles.size} files`,
@@ -3459,6 +3560,68 @@ function readPolicy(ctx) {
   const policy = ctx.meta?.["contextWindowPolicy"];
   return policy && typeof policy === "object" ? policy : null;
 }
+function hasPersistFlag(input) {
+  return /(?:^|\s)--persist(?:\s|$)/.test(input);
+}
+function stripPersistFlag(input) {
+  return input.replace(/(?:^|\s)--persist(?:\s|$)/g, " ").trim();
+}
+async function persistContextConfig(opts, patch) {
+  if (!opts.configStore || !opts.paths) return "Cannot persist context settings: config store not available.";
+  let raw = "{}";
+  try {
+    raw = await fsp3.readFile(opts.paths.globalConfig, "utf8");
+  } catch (err) {
+    if (err.code !== "ENOENT") {
+      return `Could not read ${opts.paths.globalConfig}: ${err.message}`;
+    }
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch (err) {
+    return `Config at ${opts.paths.globalConfig} is not valid JSON: ${err.message}`;
+  }
+  const current = opts.configStore.get();
+  const context = {
+    ...current.context,
+    ...parsed.context ?? {},
+    ...patch
+  };
+  parsed.context = context;
+  await atomicWrite(opts.paths.globalConfig, JSON.stringify(parsed, null, 2), { mode: 384 });
+  opts.configStore.update({ context });
+  return null;
+}
+function readEffectiveLimit(ctx, opts) {
+  const live = opts.onContextLimit?.();
+  if (typeof live === "number" && Number.isFinite(live) && live > 0) return live;
+  const metaLimit = ctx.meta?.["effectiveMaxContext"];
+  if (typeof metaLimit === "number" && Number.isFinite(metaLimit) && metaLimit > 0) return metaLimit;
+  const providerLimit = ctx.provider?.capabilities?.maxContext;
+  return typeof providerLimit === "number" && Number.isFinite(providerLimit) && providerLimit > 0 ? providerLimit : 0;
+}
+function parseTokenCount(raw) {
+  const normalized = raw.trim().toLowerCase().replace(/,/g, "").replace(/_/g, "");
+  const match = /^(\d+(?:\.\d+)?)([km])?$/.exec(normalized);
+  if (!match) return null;
+  const value = Number(match[1]);
+  const unit = match[2];
+  const scaled = unit === "m" ? value * 1e6 : unit === "k" ? value * 1e3 : value;
+  const rounded = Math.floor(scaled);
+  return Number.isFinite(rounded) && rounded > 0 ? rounded : null;
+}
+function parseThreshold(raw) {
+  const s = raw.trim();
+  const percent = s.endsWith("%");
+  const n = Number((percent ? s.slice(0, -1) : s).trim());
+  if (!Number.isFinite(n)) return null;
+  const value = percent ? n / 100 : n;
+  return value > 0 && value < 1 ? value : null;
+}
+function formatLimit(limit) {
+  return limit > 0 ? `${limit.toLocaleString()} tokens` : "unknown";
+}
 function pct(n) {
   return `${Math.round(n * 100)}%`;
 }
@@ -4867,12 +5030,20 @@ function parseMcpArgs(args) {
 }
 async function runMcpManagementCommand(parsed, deps) {
   const { config, configPath: configPath2, mcpRegistry, allServerPresets } = deps;
-  const configured = config.mcpServers ?? {};
+  const diskConfig = await readConfig(configPath2);
+  const configured = isMcpServerRecord(diskConfig.mcpServers) ? diskConfig.mcpServers : config.mcpServers ?? {};
   switch (parsed.action) {
     case "list":
       return renderList(configured, mcpRegistry, allServerPresets);
     case "add":
-      return runAdd(parsed.name, parsed.enable ?? false, configured, configPath2, allServerPresets);
+      return runAdd(
+        parsed.name,
+        parsed.enable ?? false,
+        configured,
+        configPath2,
+        mcpRegistry,
+        allServerPresets
+      );
     case "remove":
       return runRemove(parsed.name, configured, configPath2, mcpRegistry);
     case "enable":
@@ -4916,34 +5087,46 @@ function renderList(configured, mcpRegistry, all) {
   lines.push(color.dim("  /mcp restart <name>           (runtime restart)"));
   return lines.join("\n");
 }
-async function runAdd(name, enable, configured, configPath2, all) {
+async function runAdd(name, enable, configured, configPath2, mcpRegistry, all) {
   const preset = all[name];
   if (!preset) {
     const known = Object.keys(all).join(", ");
     return `Unknown server "${name}". Available: ${known}`;
   }
-  if (configured[name]) {
-    const full2 = await readConfig(configPath2);
-    full2.mcpServers = {
-      ...full2.mcpServers ?? {},
-      [name]: { ...preset, ...configured[name], enabled: enable }
-    };
-    await writeConfig(configPath2, full2);
-    return `${color.green("Updated")} "${name}" (${enable ? "enabled" : "disabled"}). Config written.`;
-  }
+  const existing = configured[name];
+  const nextCfg = existing ? { ...preset, ...existing, enabled: enable } : { ...preset, enabled: enable };
   const full = await readConfig(configPath2);
-  const mcpServers = { ...full.mcpServers ?? {}, [name]: { ...preset, enabled: enable } };
+  const mcpServers = {
+    ...isMcpServerRecord(full.mcpServers) ? full.mcpServers : {},
+    [name]: nextCfg
+  };
   full.mcpServers = mcpServers;
   await writeConfig(configPath2, full);
-  const verb = enable ? "Enabled" : "Added (disabled \u2014 /mcp enable to start)";
-  return `${color.green(verb)} "${name}" (${preset.transport}). Config written to ${configPath2}.`;
+  if (!enable) {
+    const verb = existing ? "Updated" : "Added (disabled \u2014 /mcp enable to start)";
+    return `${color.green(verb)} "${name}" (${nextCfg.transport}). Config written to ${configPath2}.`;
+  }
+  try {
+    if (mcpRegistry.list().some((server) => server.name === name)) {
+      await mcpRegistry.restart(name);
+    } else {
+      await mcpRegistry.start(nextCfg);
+    }
+    const verb = existing ? "Updated and started" : "Enabled and started";
+    return `${color.green(verb)} "${name}" (${nextCfg.transport}). Config written to ${configPath2}.`;
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return `${color.yellow("Enabled")} "${name}" in config, but failed to start: ${message}`;
+  }
 }
 async function runRemove(name, configured, configPath2, mcpRegistry) {
   if (!configured[name]) return `Server "${name}" is not in config.`;
   await mcpRegistry.stop(name).catch(() => {
   });
   const full = await readConfig(configPath2);
-  const mcpServers = { ...full.mcpServers ?? {} };
+  const mcpServers = {
+    ...full.mcpServers ?? {}
+  };
   delete mcpServers[name];
   full.mcpServers = mcpServers;
   await writeConfig(configPath2, full);
@@ -4962,7 +5145,9 @@ async function runEnable(name, configured, configPath2, mcpRegistry) {
     }
   }
   const full = await readConfig(configPath2);
-  const mcpServers = { ...full.mcpServers ?? {} };
+  const mcpServers = {
+    ...full.mcpServers ?? {}
+  };
   mcpServers[name] = { ...mcpServers[name], enabled: true };
   full.mcpServers = mcpServers;
   await writeConfig(configPath2, full);
@@ -4979,7 +5164,9 @@ async function runDisable(name, configured, configPath2, mcpRegistry) {
   await mcpRegistry.stop(name).catch(() => {
   });
   const full = await readConfig(configPath2);
-  const mcpServers = { ...full.mcpServers ?? {} };
+  const mcpServers = {
+    ...full.mcpServers ?? {}
+  };
   mcpServers[name] = { ...mcpServers[name], enabled: false };
   full.mcpServers = mcpServers;
   await writeConfig(configPath2, full);
@@ -5020,6 +5207,9 @@ async function readConfig(path25) {
     return {};
   }
 }
+function isMcpServerRecord(value) {
+  return !!value && typeof value === "object" && !Array.isArray(value);
+}
 async function writeConfig(path25, cfg) {
   const raw = JSON.stringify(cfg, null, 2);
   const tmp = path25 + ".tmp";
@@ -6340,12 +6530,12 @@ function buildYoloCommand(opts) {
     help: [
       "Usage:",
       "  /yolo          Show current YOLO status",
-      "  /yolo on       Enable YOLO mode (auto-approve every tool call)",
+      "  /yolo on       Enable YOLO mode (auto-approve normal project work)",
       "  /yolo off      Disable YOLO mode (restore permission prompts)",
       "  /yolo toggle   Toggle YOLO mode",
       "",
-      "YOLO mode skips all permission prompts and auto-approves every tool call.",
-      "Use with caution \u2014 the agent can execute any tool without asking."
+      "YOLO mode auto-approves normal in-project tool calls, including simple shell commands.",
+      "Clearly destructive calls may still ask unless --yolo-destructive is enabled."
     ].join("\n"),
     async run(args) {
       const arg = args.trim().toLowerCase();
@@ -6356,7 +6546,7 @@ function buildYoloCommand(opts) {
       }
       if (!arg) {
         const current = opts.onYolo();
-        const status = current ? `${color.yellow("ON")} ${color.dim("(auto-approving all tool calls)")}` : `${color.green("OFF")} ${color.dim("(permission prompts active)")}`;
+        const status = current ? `${color.yellow("ON")} ${color.dim("(auto-approving normal project work)")}` : `${color.green("OFF")} ${color.dim("(permission prompts active)")}`;
         const msg2 = `YOLO mode: ${status}`;
         opts.renderer.write(msg2);
         return { message: msg2 };
@@ -6374,7 +6564,7 @@ function buildYoloCommand(opts) {
         return { message: msg2 };
       }
       opts.onYolo(newState);
-      const label = newState ? `${color.yellow("ENABLED")} \u2014 all tool calls will be auto-approved` : `${color.green("DISABLED")} \u2014 permission prompts are active`;
+      const label = newState ? `${color.yellow("ENABLED")} \u2014 normal project tool calls will be auto-approved` : `${color.green("DISABLED")} \u2014 permission prompts are active`;
       const msg = `YOLO mode: ${label}`;
       opts.renderer.write(msg);
       return { message: msg };
@@ -6581,7 +6771,7 @@ async function runLaunchPrompts(opts) {
     yolo = yoloPinned;
   } else {
     const answer = (await reader.readLine(
-      `  ${color.amber("?")} YOLO mode ${color.dim("(auto-approve every tool call)")} ${color.dim("[Y/n/q]")} `
+      `  ${color.amber("?")} YOLO mode ${color.dim("(auto-approve normal project work)")} ${color.dim("[Y/n/q]")} `
     )).trim().toLowerCase();
     if (answer === "q") {
       renderer.write(color.dim("  Goodbye!\n"));
@@ -7138,11 +7328,11 @@ async function restoreLast(homeFn = defaultHomeDir) {
 var theme = { primary: color.amber };
 async function saveToGlobalConfig(configPath2, provider, model, homeFn = () => process.env.HOME ?? __require("os").homedir()) {
   try {
-    const { atomicWrite: atomicWrite12 } = await import('@wrongstack/core');
-    const fs24 = await import('fs/promises');
+    const { atomicWrite: atomicWrite13 } = await import('@wrongstack/core');
+    const fs25 = await import('fs/promises');
     let existing = {};
     try {
-      const raw = await fs24.readFile(configPath2, "utf8");
+      const raw = await fs25.readFile(configPath2, "utf8");
       existing = JSON.parse(raw);
     } catch {
     }
@@ -7150,7 +7340,7 @@ async function saveToGlobalConfig(configPath2, provider, model, homeFn = () => p
     existing.provider = provider;
     existing.model = model;
     await backupCurrent(homeFn);
-    await atomicWrite12(configPath2, JSON.stringify(existing, null, 2), { mode: 384 });
+    await atomicWrite13(configPath2, JSON.stringify(existing, null, 2), { mode: 384 });
     try {
       await appendHistory(
         oldCfg,
@@ -7440,7 +7630,7 @@ var GROUPS = [
     items: [
       { key: "/mode", blurb: "switch persona: code-reviewer, debugger, architect, tester, devops, \u2026" },
       { key: "/model", blurb: "two-step provider \u2192 model picker, hot-swap at runtime" },
-      { key: "/yolo on|off|toggle", blurb: "auto-approve every tool call without restart" },
+      { key: "/yolo on|off|toggle", blurb: "auto-approve normal project work without restart" },
       { key: "/context mode frugal|balanced|deep|archival", blurb: "pick how aggressively history is trimmed" },
       { key: "/compact", blurb: "manually compact the in-flight context window" },
       { key: "/plan show|add|start|done", blurb: "strategic roadmap, survives /resume across sessions" }
@@ -7473,12 +7663,12 @@ function pickGroupIndex(opts) {
     try {
       let current = 0;
       try {
-        const parsed = Number.parseInt(fs11.readFileSync(opts.cursorFile, "utf8").trim(), 10);
+        const parsed = Number.parseInt(fs12.readFileSync(opts.cursorFile, "utf8").trim(), 10);
         if (Number.isFinite(parsed)) current = wrap(parsed);
       } catch {
       }
-      fs11.mkdirSync(path8.dirname(opts.cursorFile), { recursive: true });
-      fs11.writeFileSync(opts.cursorFile, String(wrap(current + 1)));
+      fs12.mkdirSync(path8.dirname(opts.cursorFile), { recursive: true });
+      fs12.writeFileSync(opts.cursorFile, String(wrap(current + 1)));
       return current;
     } catch {
     }
@@ -9016,9 +9206,160 @@ var initCmd = async (_args, deps) => {
   deps.renderer.writeInfo('Try: wstack "<task>"  or  wstack');
   return 0;
 };
+var AllowAllPermissionPolicy = class extends AutoApprovePermissionPolicy {
+  async evaluate() {
+    return { permission: "auto", source: "default" };
+  }
+};
+function parseToolsFlag(flags) {
+  const raw = flags["tools"];
+  if (typeof raw !== "string") return null;
+  const set = new Set(
+    raw.split(",").map((s) => s.trim()).filter(Boolean)
+  );
+  return set.size > 0 ? set : null;
+}
+function makeServeContext(cwd, projectRoot, signal) {
+  const provider = {
+    id: "mcp-serve",
+    capabilities: { maxContext: 0 },
+    complete: async () => {
+      throw new Error("no model provider in `mcp serve` mode");
+    },
+    stream: () => {
+      throw new Error("no model provider in `mcp serve` mode");
+    }
+  };
+  const session = { append: async () => {
+  } };
+  const tokenCounter = {
+    account: () => {
+    },
+    total: () => ({ input: 0, output: 0 }),
+    estimateCost: () => ({ total: 0 })
+  };
+  return new Context({
+    systemPrompt: [],
+    provider,
+    session,
+    signal,
+    tokenCounter,
+    cwd,
+    projectRoot,
+    model: "mcp-serve",
+    tools: []
+  });
+}
+async function selectExposedTools(registry, ctx, policy, whitelist) {
+  const allowed = [];
+  for (const tool of registry.list()) {
+    if (whitelist && !whitelist.has(tool.name)) continue;
+    const decision = await policy.evaluate(tool, {}, ctx);
+    if (decision.permission === "auto") allowed.push(tool);
+  }
+  return allowed;
+}
+async function serveMcpStdio(deps) {
+  const flags = deps.flags ?? {};
+  const yolo = flags["yolo"] === true || flags["allow-all"] === true;
+  const whitelist = parseToolsFlag(flags);
+  const log = (m) => process.stderr.write(`${m}
+`);
+  let registry = deps.toolRegistry;
+  if (!registry) {
+    registry = new ToolRegistry();
+    registry.registerAllOrThrow([...builtinToolsPack.tools ?? []], builtinToolsPack.name);
+  }
+  const controller = new AbortController();
+  const ctx = makeServeContext(deps.cwd, deps.projectRoot, controller.signal);
+  const permissionPolicy = yolo ? new AllowAllPermissionPolicy() : new AutoApprovePermissionPolicy();
+  const executor = new ToolExecutor(registry, {
+    permissionPolicy,
+    secretScrubber: new DefaultSecretScrubber(),
+    perIterationOutputCapBytes: 1e6
+  });
+  const allowed = await selectExposedTools(registry, ctx, permissionPolicy, whitelist);
+  const allowedNames = new Set(allowed.map((t) => t.name));
+  if (allowed.length === 0) {
+    log(
+      "wrongstack MCP server: no tools to expose (all withheld by policy or filtered out). Pass --yolo to expose write/exec tools, or --tools <names> to whitelist."
+    );
+  }
+  let counter = 0;
+  const host = {
+    listTools: () => allowed.map((t) => ({
+      name: t.name,
+      description: t.description,
+      inputSchema: t.inputSchema ?? { type: "object" }
+    })),
+    callTool: async (name, callArgs) => {
+      if (!allowedNames.has(name)) {
+        return { content: `Tool "${name}" is not exposed by this server`, isError: true };
+      }
+      const use = {
+        type: "tool_use",
+        id: `srv_${++counter}`,
+        name,
+        input: callArgs
+      };
+      const batch = await executor.executeBatch([use], ctx, "sequential");
+      const result = batch.outputs[0]?.result;
+      if (!result || result.type === "tool_confirm_pending") {
+        return {
+          content: `Tool "${name}" requires interactive confirmation, which is unavailable over MCP`,
+          isError: true
+        };
+      }
+      return { content: result.content, isError: Boolean(result.is_error) };
+    }
+  };
+  const server = new MCPServer({
+    host,
+    logger: { warn: (m) => log(`[mcp-serve] ${m}`) }
+  });
+  const mode = yolo ? "yolo: all tools" : "safe: read-only tools";
+  if (flags["http"] === true || typeof flags["http"] === "string" || flags["port"] || flags["host"]) {
+    const port = Number(flags["port"] ?? flags["http"] ?? 0) || 0;
+    const httpHost = typeof flags["host"] === "string" ? flags["host"] : "127.0.0.1";
+    const token = typeof flags["token"] === "string" ? flags["token"] : void 0;
+    let handle2;
+    try {
+      handle2 = await serveHttp(server, {
+        port,
+        host: httpHost,
+        token,
+        logger: { warn: (m) => log(`[mcp-serve] ${m}`) }
+      });
+    } catch (err) {
+      log(`wrongstack MCP server: ${err instanceof Error ? err.message : String(err)}`);
+      return 1;
+    }
+    log(
+      `wrongstack MCP server ready at ${handle2.url} \u2014 exposing ${allowed.length} tool(s) (${mode})${token ? " [token auth]" : ""}.`
+    );
+    await new Promise((resolve3) => {
+      const stop = () => resolve3();
+      process.once("SIGINT", stop);
+      process.once("SIGTERM", stop);
+    });
+    await handle2.close();
+    controller.abort();
+    return 0;
+  }
+  log(`wrongstack MCP server ready on stdio \u2014 exposing ${allowed.length} tool(s) (${mode}).`);
+  const handle = serveStdio(server);
+  await handle.done;
+  controller.abort();
+  return 0;
+}
+
+// src/subcommands/handlers/mcp.ts
 var BUILT_IN_MCP = allServers();
 var mcpCmd = async (args, deps) => {
   const sub = args[0];
+  if (sub === "serve") {
+    return serveMcpStdio(deps);
+  }
   if (!sub || sub === "list") {
     const servers = deps.config.mcpServers ?? {};
     if (Object.keys(servers).length === 0) {
@@ -10266,10 +10607,10 @@ var auditCmd = async (args, deps) => {
   return verify.ok ? 0 : 1;
 };
 async function listAudits(log, dir, deps) {
-  const fs24 = await import('fs/promises');
+  const fs25 = await import('fs/promises');
   let entries;
   try {
-    entries = await fs24.readdir(dir);
+    entries = await fs25.readdir(dir);
   } catch {
     deps.renderer.write(
       color.dim(`No sessions dir found at ${dir}. Run a session first.`) + "\n"
@@ -10356,7 +10697,15 @@ var helpCmd = async (_args, deps) => {
     "  wstack doctor                Health checks",
     "  wstack export <id> [opts]    Render a session",
     "  wstack usage                 Token + cost summary",
-    "  wstack version               Print version"
+    "  wstack version               Print version",
+    "",
+    color.bold("Common flags"),
+    "  --yolo                       Auto-approve normal in-project tool calls",
+    "  --yolo-destructive           Also auto-approve clearly destructive YOLO-gated calls",
+    "  --force-all-yolo             Deprecated alias for --yolo-destructive",
+    "  --tui / --no-tui             Force or disable TUI mode",
+    '  --eternal "<mission>"        Start an eternal-autonomy loop',
+    "  --no-hints                   Hide launch hints"
   ];
   deps.renderer.write(lines.join("\n") + "\n");
   return 0;
@@ -10529,7 +10878,8 @@ async function boot(argv) {
       vault,
       cwd,
       projectRoot,
-      userHome
+      userHome,
+      flags
     });
     await reader.close();
     return code;
@@ -10647,6 +10997,20 @@ async function boot(argv) {
     updateInfo
   };
 }
+var CONTEXT_OVERFLOW_RE = /context window|exceeds the context|too many tokens|context.*tokens/i;
+function contextOverflowHint(err) {
+  const structured = err.code === ERROR_CODES.PROVIDER_CONTEXT_OVERFLOW || err.code === ERROR_CODES.AGENT_CONTEXT_OVERFLOW;
+  const textual = CONTEXT_OVERFLOW_RE.test(`${err.message}
+${err.describe()}`);
+  if (!structured && !textual) return null;
+  return [
+    "Provider rejected the request as over its effective context window.",
+    "If you use a custom baseUrl/proxy, the real limit may be lower than models.dev reports.",
+    "Try: /context limit 220k",
+    "Then, if needed: /context thresholds 50% 70% 85%",
+    "Persistent config: set context.effectiveMaxContext."
+  ].join("\n");
+}
 function fmtElapsed(ms) {
   const s = Math.floor(ms / 1e3);
   if (s < 60) return `${s}s`;
@@ -11238,6 +11602,8 @@ ${taskList}`;
           if (err) {
             const tag = err.recoverable ? " (recoverable)" : "";
             opts.renderer.writeError(`Failed [${err.severity}]${tag}: ${err.describe()}`);
+            const hint = contextOverflowHint(err);
+            if (hint) opts.renderer.writeWarning(hint);
           } else {
             opts.renderer.writeError("Failed.");
           }
@@ -11679,6 +12045,8 @@ async function execute(deps) {
           if (err) {
             const tag = err.recoverable ? " (recoverable)" : "";
             renderer.writeError(`Failed [${err.severity}]${tag}: ${err.describe()}`);
+            const hint = contextOverflowHint(err);
+            if (hint) renderer.writeWarning(hint);
           } else {
             renderer.writeError("Failed.");
           }
@@ -13305,6 +13673,10 @@ async function setupCompaction(params) {
     providerId: config.provider ?? provider.id,
     modelId: config.model ?? context.model
   });
+  const initialPolicy = resolveContextWindowPolicy(config.context);
+  context.meta ??= {};
+  context.meta["contextWindowMode"] = initialPolicy.id;
+  context.meta["contextWindowPolicy"] = initialPolicy;
   let autoCompactor;
   if (config.context.autoCompact !== false && effectiveMaxContext > 0) {
     const auditLevel = resolveAuditLevel(fullConfig ?? config);
@@ -13315,15 +13687,15 @@ async function setupCompaction(params) {
       // Calibrated estimator: recordActualUsage() is called after each API
       // response so this converges on real token counts for compaction decisions.
       (ctx) => estimateRequestTokensCalibrated(ctx.messages, ctx.systemPrompt, ctx.tools ?? []).total,
+      initialPolicy.thresholds,
       {
-        warn: config.context.warnThreshold,
-        soft: config.context.softThreshold,
-        hard: config.context.hardThreshold
-      },
-      {
-        aggressiveOn: "soft",
+        aggressiveOn: initialPolicy.aggressiveOn,
         failureMode: "throw_on_hard",
         events,
+        policyProvider: (ctx) => {
+          const policy = ctx.meta?.["contextWindowPolicy"];
+          return policy && typeof policy === "object" ? policy : null;
+        },
         sessionBridge
       }
     );
@@ -13342,7 +13714,8 @@ function createAgent(params) {
     confirmAwaiter: params.confirmAwaiter,
     iterationTimeoutMs: params.config.tools.iterationTimeoutMs,
     perIterationOutputCapBytes: params.config.tools.perIterationOutputCapBytes,
-    tracer: params.tracer
+    tracer: params.tracer,
+    hookRunner: params.hookRunner
   });
   return new Agent({
     container: params.container,
@@ -13360,6 +13733,139 @@ function createAgent(params) {
     tracer: params.tracer
   });
 }
+function parseModelRef(ref) {
+  const trimmed = ref.trim();
+  const slash = trimmed.indexOf("/");
+  if (slash !== -1) {
+    return {
+      provider: trimmed.slice(0, slash) || void 0,
+      model: trimmed.slice(slash + 1).trim()
+    };
+  }
+  const parts = trimmed.split(/\s+/);
+  if (parts.length >= 2) {
+    return { provider: parts[0], model: parts.slice(1).join(" ") };
+  }
+  return { model: trimmed };
+}
+function overloadStatus(err) {
+  if (!(err instanceof ProviderError)) return null;
+  const s = err.status;
+  if (s === 429 || s === 529 || s >= 500) return s;
+  return null;
+}
+function createFallbackModelExtension(deps) {
+  const initial = deps.getConfig().fallbackModels ?? [];
+  if (initial.length === 0) return null;
+  let dirty = false;
+  return {
+    name: "fallback-model",
+    beforeRun: (ctx) => {
+      if (!dirty) return;
+      const cfg = deps.getConfig();
+      try {
+        ctx.provider = deps.buildProvider(cfg.provider);
+        ctx.model = cfg.model;
+        deps.onModelSwitch?.(cfg.provider, cfg.model);
+      } catch (err) {
+        deps.logger.warn(
+          `fallback-model: could not restore primary "${cfg.provider}/${cfg.model}": ${err instanceof Error ? err.message : String(err)}`
+        );
+      }
+      dirty = false;
+    },
+    wrapProviderRunner: async (ctx, request, inner) => {
+      try {
+        return await inner(ctx, request);
+      } catch (firstErr) {
+        let lastErr = firstErr;
+        const cfg = deps.getConfig();
+        const chain = cfg.fallbackModels ?? [];
+        for (const ref of chain) {
+          const status = overloadStatus(lastErr);
+          if (status === null) break;
+          const parsed = parseModelRef(ref);
+          if (!parsed.model) continue;
+          const targetProviderId = parsed.provider ?? cfg.provider;
+          const from = { providerId: ctx.provider.id, model: ctx.model };
+          let nextProvider;
+          try {
+            nextProvider = deps.buildProvider(targetProviderId);
+          } catch (err) {
+            deps.logger.warn(
+              `fallback-model: skipping "${ref}" \u2014 cannot build provider "${targetProviderId}": ${err instanceof Error ? err.message : String(err)}`
+            );
+            continue;
+          }
+          const providerSwitched = nextProvider.id !== from.providerId;
+          ctx.provider = nextProvider;
+          ctx.model = parsed.model;
+          request.model = parsed.model;
+          dirty = true;
+          deps.onModelSwitch?.(targetProviderId, parsed.model);
+          deps.events.emit("provider.fallback", {
+            from,
+            to: { providerId: nextProvider.id, model: parsed.model },
+            status,
+            providerSwitched
+          });
+          try {
+            return await inner(ctx, request);
+          } catch (err) {
+            lastErr = err;
+          }
+        }
+        throw lastErr;
+      }
+    }
+  };
+}
+
+// src/hooks-wiring.ts
+var HookBlockedError = class extends Error {
+  constructor(reason) {
+    super(`Prompt blocked by hook: ${reason}`);
+    this.name = "HookBlockedError";
+  }
+};
+function createUserPromptSubmitMiddleware(hookRunner) {
+  return {
+    name: "UserPromptSubmitHooks",
+    handler: async (payload, next) => {
+      const prompt = payload.text;
+      if (prompt && hookRunner.has("UserPromptSubmit")) {
+        const r = await hookRunner.userPromptSubmit(prompt, payload.ctx);
+        if (r.block) throw new HookBlockedError(r.reason ?? "no reason given");
+        if (r.additionalContext) {
+          const block = { type: "text", text: r.additionalContext };
+          payload.content = [...payload.content, block];
+          payload.text = `${prompt}
+
+${r.additionalContext}`;
+        }
+      }
+      return next(payload);
+    }
+  };
+}
+function createLifecycleHooksExtension(hookRunner) {
+  let started = false;
+  return {
+    name: "lifecycle-hooks",
+    beforeRun: async (ctx) => {
+      if (started) return;
+      started = true;
+      if (!hookRunner.has("SessionStart")) return;
+      const r = await hookRunner.sessionStart(ctx);
+      if (r.additionalContext) {
+        ctx.systemPrompt.push({ type: "text", text: r.additionalContext });
+      }
+    },
+    afterRun: async (ctx) => {
+      if (hookRunner.has("Stop")) await hookRunner.stop(ctx);
+    }
+  };
+}
 function setupMetrics(params) {
   const { flags, wpaths, events, logger, config } = params;
   let metricsSink;
@@ -13475,7 +13981,8 @@ async function setupPlugins(params) {
     skillLoader,
     configStore,
     pipelines,
-    paths
+    paths,
+    hookRegistry
   } = params;
   const builtinPlugins = [];
   const disabledBuiltins = new Set(
@@ -13540,6 +14047,7 @@ async function setupPlugins(params) {
       config: pluginConfig,
       log,
       extensions: agent.extensions,
+      hookRegistry,
       sessionWriter: {
         transcriptPath: sessionWriter.transcriptPath,
         append: (e) => sessionWriter.append(e)
@@ -13785,10 +14293,8 @@ async function launchEternalFromFlag(deps) {
     lastActivityAt: (/* @__PURE__ */ new Date()).toISOString()
   } : emptyGoal2(eternalFlag);
   await saveGoal2(goalPath, next);
-  const policy = deps.container.resolve(
-    TOKENS.PermissionPolicy
-  );
-  policy.setYolo(true);
+  const policy = deps.container.resolve(TOKENS.PermissionPolicy);
+  policy.setYolo?.(true);
   deps.configRef.current = patchConfig(deps.configRef.current, { yolo: true });
   const compactor = deps.container.resolve(TOKENS.Compactor);
   const engine = new EternalAutonomyEngine({
@@ -13851,7 +14357,7 @@ async function main(argv) {
     modelsRegistry,
     permission: {
       yolo: config.yolo,
-      forceAllYolo: flags["force-all-yolo"] === true,
+      yoloDestructive: flags["yolo-destructive"] === true || flags["force-all-yolo"] === true,
       promptDelegate: makePromptDelegate(reader)
     },
     compactor: {
@@ -14121,6 +14627,19 @@ async function main(argv) {
     });
   });
   const pipelines = setupPipelines({ events, logger });
+  const hooksEnabled = flags["no-hooks"] !== true;
+  const hookRegistry = new HookRegistry();
+  if (hooksEnabled) hookRegistry.loadShellHooks(config.hooks);
+  container.bind(TOKENS.HookRegistry, () => hookRegistry);
+  const hookRunner = new HookRunner({
+    registry: hookRegistry,
+    logger,
+    allowShell: hooksEnabled,
+    sessionId: () => session.id
+  });
+  if (hooksEnabled) {
+    pipelines.userInput.use(createUserPromptSubmitMiddleware(hookRunner));
+  }
   const compactor = container.resolve(TOKENS.Compactor);
   const compactionSetup = await setupCompaction({
     compactor,
@@ -14167,8 +14686,12 @@ async function main(argv) {
     pipelines,
     context,
     config,
-    confirmAwaiter: makeConfirmAwaiter(reader)
+    confirmAwaiter: makeConfirmAwaiter(reader),
+    hookRunner
   });
+  if (hooksEnabled) {
+    agent.extensions.register(createLifecycleHooksExtension(hookRunner));
+  }
   const mcpRegistry = new MCPRegistry({ toolRegistry, events, log: logger });
   if (config.features.mcp) {
     for (const cfg of Object.values(config.mcpServers ?? {})) {
@@ -14196,24 +14719,41 @@ async function main(argv) {
     healthRegistry,
     skillLoader: config.features.skills ? skillLoader : void 0,
     configStore,
-    paths: wpaths
+    paths: wpaths,
+    hookRegistry
   });
+  const resolveProviderCfg = (providerId) => {
+    const savedCfg = config.providers?.[providerId];
+    const resolvedProviderId = savedCfg?.type ?? providerId;
+    const cfgWithType = {
+      ...savedCfg ?? { type: providerId, apiKey: config.apiKey, baseUrl: config.baseUrl },
+      type: resolvedProviderId
+    };
+    return { resolvedProviderId, cfgWithType };
+  };
+  const buildProviderForId = (providerId) => {
+    const { resolvedProviderId, cfgWithType } = resolveProviderCfg(providerId);
+    return config.features.modelsRegistry && providerRegistry.has(resolvedProviderId) ? providerRegistry.create(cfgWithType) : makeProviderFromConfig(resolvedProviderId, cfgWithType);
+  };
+  const refreshMaxContextFor = (providerId, modelId) => {
+    const { resolvedProviderId, cfgWithType } = resolveProviderCfg(providerId);
+    void refreshMaxContext(resolvedProviderId, modelId, cfgWithType);
+  };
+  const fallbackExtension = createFallbackModelExtension({
+    getConfig: () => config,
+    buildProvider: buildProviderForId,
+    onModelSwitch: refreshMaxContextFor,
+    events,
+    logger
+  });
+  if (fallbackExtension) agent.extensions.register(fallbackExtension);
   const switchProviderAndModel = (providerId, modelId) => {
     try {
-      const savedCfg = config.providers?.[providerId];
-      const resolvedProviderId = savedCfg?.type ?? providerId;
-      const newCfg = savedCfg ?? {
-        type: providerId,
-        apiKey: config.apiKey,
-        baseUrl: config.baseUrl
-      };
-      const cfgWithType = { ...newCfg, type: resolvedProviderId };
-      const newProvider = config.features.modelsRegistry && providerRegistry.has(resolvedProviderId) ? providerRegistry.create(cfgWithType) : makeProviderFromConfig(resolvedProviderId, cfgWithType);
-      context.provider = newProvider;
+      context.provider = buildProviderForId(providerId);
       context.model = modelId;
       config = patchConfig(config, { provider: providerId, model: modelId });
       configStore.update({ provider: providerId, model: modelId });
-      void refreshMaxContext(resolvedProviderId, modelId, cfgWithType);
+      refreshMaxContextFor(providerId, modelId);
       return null;
     } catch (err) {
       return err instanceof Error ? err.message : String(err);
@@ -14820,6 +15360,21 @@ Restart WrongStack to load or unload plugin code in this session.`;
       }
       return result.message;
     },
+    onContextLimit: (tokens) => {
+      if (typeof tokens === "number" && Number.isFinite(tokens) && tokens > 0) {
+        effectiveMaxContext = tokens;
+        context.provider.capabilities.maxContext = tokens;
+        context.meta["effectiveMaxContext"] = tokens;
+        autoCompactor?.setMaxContext(tokens);
+        events.emit("ctx.max_context", {
+          providerId: config.provider,
+          modelId: context.model,
+          maxContext: tokens
+        });
+        updateSpinnerContext();
+      }
+      return effectiveMaxContext;
+    },
     onMcp: async (args) => {
       const parsed = parseMcpArgs(args);
       if (!parsed) {
@@ -14838,11 +15393,11 @@ Restart WrongStack to load or unload plugin code in this session.`;
     onYolo: (setTo) => {
       const policy = container.resolve(TOKENS.PermissionPolicy);
       if (setTo !== void 0) {
-        policy.setYolo(setTo);
+        policy.setYolo?.(setTo);
         config = patchConfig(config, { yolo: setTo });
         return setTo;
       }
-      return policy.getYolo();
+      return policy.getYolo?.() ?? config.yolo ?? false;
     },
     onNextPredict: (setTo) => {
       if (setTo !== void 0) {
@@ -15076,7 +15631,7 @@ Restart WrongStack to load or unload plugin code in this session.`;
     setStatuslineHiddenItems,
     getYolo: () => {
       const policy = container.resolve(TOKENS.PermissionPolicy);
-      return policy.getYolo();
+      return policy.getYolo?.() ?? config.yolo ?? false;
     },
     getAutonomy: () => autonomyMode,
     onAutonomy: (setTo) => {