agentbox-sdk 0.0.0 → 0.1.0

package/dist/chunk-BW43ESRM.js

@@ -0,0 +1,4381 @@
+import {
+  createNormalizedEvent,
+  normalizeRawAgentEvent,
+  toAISDKStream
+} from "./chunk-7FLLQJ6J.js";
+import {
+  AgentBoxError,
+  AsyncQueue,
+  UnsupportedProviderError,
+  asError,
+  getAvailablePort,
+  linesFromTextChunks,
+  sleep,
+  waitFor
+} from "./chunk-HMBWQSVN.js";
+import {
+  shellQuote
+} from "./chunk-JFDP556Q.js";
+
+// src/agents/Agent.ts
+import { randomUUID as randomUUID3 } from "crypto";
+
+// src/agents/providers/claude-code.ts
+import { randomUUID as randomUUID2 } from "crypto";
+import path8 from "path";
+
+// src/agents/approval.ts
+function getApprovalMode(options) {
+  return options.approvalMode ?? "auto";
+}
+function isInteractiveApproval(options) {
+  return getApprovalMode(options) === "interactive";
+}
+function shouldAutoApproveClaudeTools(options) {
+  if (options.provider?.autoApproveTools !== void 0) {
+    return options.provider.autoApproveTools;
+  }
+  return !isInteractiveApproval(options);
+}
+
+// src/agents/input.ts
+import { readFile } from "fs/promises";
+import path from "path";
+import { fileURLToPath } from "url";
+var IMAGE_MEDIA_TYPE_BY_EXTENSION = {
+  ".gif": "image/gif",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".png": "image/png",
+  ".webp": "image/webp"
+};
+var FILE_MEDIA_TYPE_BY_EXTENSION = {
+  ...IMAGE_MEDIA_TYPE_BY_EXTENSION,
+  ".csv": "text/csv",
+  ".htm": "text/html",
+  ".html": "text/html",
+  ".json": "application/json",
+  ".md": "text/markdown",
+  ".pdf": "application/pdf",
+  ".txt": "text/plain",
+  ".xml": "application/xml",
+  ".yaml": "application/yaml",
+  ".yml": "application/yaml"
+};
+var CLAUDE_IMAGE_MEDIA_TYPES = /* @__PURE__ */ new Set([
+  "image/gif",
+  "image/jpeg",
+  "image/png",
+  "image/webp"
+]);
+var CLAUDE_TEXT_LIKE_MEDIA_TYPES = /* @__PURE__ */ new Set([
+  "application/json",
+  "application/xml",
+  "application/yaml",
+  "text/csv",
+  "text/html",
+  "text/markdown",
+  "text/plain",
+  "text/xml"
+]);
+function normalizeUserInput(input) {
+  return typeof input === "string" ? [{ type: "text", text: input }] : input;
+}
+async function resolveUserInputParts(input) {
+  const parts = normalizeUserInput(input);
+  return Promise.all(parts.map((part) => resolveUserInputPart(part)));
+}
+async function validateProviderUserInput(provider, input) {
+  const parts = await resolveUserInputParts(input);
+  if (provider === "codex") {
+    const unsupportedPart = parts.find((part) => part.type === "file");
+    if (unsupportedPart) {
+      throw new AgentBoxError(
+        `The codex provider does not yet support "${unsupportedPart.type}" input parts through codex app-server. Codex currently supports text and image input items.`,
+        {
+          code: "UNSUPPORTED_INPUT_PART",
+          details: {
+            provider,
+            partType: unsupportedPart.type
+          }
+        }
+      );
+    }
+    return parts;
+  }
+  if (provider === "claude-code") {
+    for (const part of parts) {
+      if (part.type === "image") {
+        if (!CLAUDE_IMAGE_MEDIA_TYPES.has(part.mediaType)) {
+          throw new AgentBoxError(
+            `Claude Code only supports image inputs with one of these media types: ${Array.from(CLAUDE_IMAGE_MEDIA_TYPES).join(", ")}.`,
+            {
+              code: "UNSUPPORTED_INPUT_MEDIA_TYPE",
+              details: {
+                provider,
+                partType: part.type,
+                mediaType: part.mediaType
+              }
+            }
+          );
+        }
+      }
+      if (part.type === "file") {
+        if (part.mediaType !== "application/pdf" && !isClaudeTextLikeMediaType(part.mediaType)) {
+          throw new AgentBoxError(
+            `Claude Code only supports PDF and text-like file inputs. Received "${part.mediaType}".`,
+            {
+              code: "UNSUPPORTED_INPUT_MEDIA_TYPE",
+              details: {
+                provider,
+                partType: part.type,
+                mediaType: part.mediaType
+              }
+            }
+          );
+        }
+        if (part.source.type === "url" && part.mediaType !== "application/pdf" && isClaudeTextLikeMediaType(part.mediaType)) {
+          throw new AgentBoxError(
+            "Claude Code text-like file inputs must be provided as inline data, not a remote URL.",
+            {
+              code: "UNSUPPORTED_INPUT_SOURCE",
+              details: {
+                provider,
+                partType: part.type,
+                mediaType: part.mediaType,
+                sourceType: part.source.type
+              }
+            }
+          );
+        }
+      }
+    }
+  }
+  return parts;
+}
+function mapToOpenCodeParts(parts) {
+  return parts.map((part) => {
+    if (part.type === "text") {
+      return {
+        type: "text",
+        text: part.text
+      };
+    }
+    return {
+      type: "file",
+      url: binarySourceToUrl(part.source, part.mediaType),
+      mime: part.mediaType,
+      ...part.type === "file" && part.filename ? { filename: part.filename } : {}
+    };
+  });
+}
+function mapToClaudeUserContent(parts) {
+  if (parts.every((part) => part.type === "text")) {
+    return joinTextParts(parts);
+  }
+  return parts.map((part) => {
+    if (part.type === "text") {
+      return {
+        type: "text",
+        text: part.text
+      };
+    }
+    if (part.type === "image") {
+      if (part.source.type === "url" && isRemoteUrl(part.source.url)) {
+        return {
+          type: "image",
+          source: {
+            type: "url",
+            url: part.source.url
+          }
+        };
+      }
+      return {
+        type: "image",
+        source: {
+          type: "base64",
+          media_type: part.mediaType,
+          data: part.source.type === "base64" ? part.source.data : dataUrlToBase64(part.source.url)
+        }
+      };
+    }
+    if (part.mediaType === "application/pdf") {
+      if (part.source.type === "url" && isRemoteUrl(part.source.url)) {
+        return {
+          type: "document",
+          source: {
+            type: "url",
+            url: part.source.url
+          }
+        };
+      }
+      return {
+        type: "document",
+        source: {
+          type: "base64",
+          media_type: part.mediaType,
+          data: part.source.type === "base64" ? part.source.data : dataUrlToBase64(part.source.url)
+        }
+      };
+    }
+    if (!isClaudeTextLikeMediaType(part.mediaType)) {
+      throw new AgentBoxError(
+        `Claude Code cannot map file inputs with media type "${part.mediaType}".`,
+        {
+          code: "UNSUPPORTED_INPUT_MEDIA_TYPE",
+          details: {
+            partType: part.type,
+            mediaType: part.mediaType
+          }
+        }
+      );
+    }
+    return {
+      type: "document",
+      source: {
+        type: "text",
+        media_type: "text/plain",
+        data: Buffer.from(
+          part.source.type === "base64" ? part.source.data : dataUrlToBase64(part.source.url),
+          "base64"
+        ).toString("utf8")
+      }
+    };
+  });
+}
+async function mapToCodexPromptParts(parts, materializeLocalImage) {
+  const mapped = [];
+  for (const [index, part] of parts.entries()) {
+    if (part.type !== "image") {
+      continue;
+    }
+    if (part.source.type === "url" && isRemoteUrl(part.source.url)) {
+      mapped.push({
+        type: "image",
+        url: part.source.url
+      });
+      continue;
+    }
+    mapped.push({
+      type: "localImage",
+      path: await materializeLocalImage(part, index)
+    });
+  }
+  return mapped;
+}
+function joinTextParts(parts) {
+  return parts.map((part) => {
+    if (part.type !== "text") {
+      throw new AgentBoxError(
+        `Cannot join "${part.type}" input parts into a text-only prompt.`,
+        {
+          code: "UNSUPPORTED_INPUT_PART",
+          details: {
+            partType: part.type
+          }
+        }
+      );
+    }
+    return part.text;
+  }).join("");
+}
+async function resolveUserInputPart(part) {
+  if (part.type === "text") {
+    return part;
+  }
+  if (part.type === "image") {
+    const resolved2 = await resolveBinaryContent(part.image, {
+      kind: "image",
+      mediaType: part.mediaType
+    });
+    return {
+      type: "image",
+      mediaType: resolved2.mediaType,
+      source: resolved2.source
+    };
+  }
+  const resolved = await resolveBinaryContent(part.data, {
+    kind: "file",
+    mediaType: part.mediaType,
+    filename: part.filename
+  });
+  return {
+    type: "file",
+    mediaType: resolved.mediaType,
+    filename: resolved.filename,
+    source: resolved.source
+  };
+}
+async function resolveBinaryContent(content, options) {
+  if (content instanceof URL) {
+    return resolveUrlContent(content, options);
+  }
+  if (typeof content === "string") {
+    const url = parseStructuredUrl(content);
+    if (url) {
+      return resolveUrlContent(url, options);
+    }
+    const mediaType = resolveMediaType("", options);
+    return {
+      mediaType,
+      filename: options.filename,
+      source: {
+        type: "base64",
+        data: content
+      }
+    };
+  }
+  if (Buffer.isBuffer(content)) {
+    return {
+      mediaType: resolveMediaType("", options),
+      filename: options.filename,
+      source: {
+        type: "base64",
+        data: content.toString("base64")
+      }
+    };
+  }
+  if (content instanceof Uint8Array) {
+    return {
+      mediaType: resolveMediaType("", options),
+      filename: options.filename,
+      source: {
+        type: "base64",
+        data: Buffer.from(content).toString("base64")
+      }
+    };
+  }
+  if (content instanceof ArrayBuffer) {
+    return {
+      mediaType: resolveMediaType("", options),
+      filename: options.filename,
+      source: {
+        type: "base64",
+        data: Buffer.from(content).toString("base64")
+      }
+    };
+  }
+  throw new AgentBoxError("Unsupported input content type.", {
+    code: "UNSUPPORTED_INPUT_SOURCE",
+    details: {
+      kind: options.kind,
+      valueType: typeof content
+    }
+  });
+}
+async function resolveUrlContent(url, options) {
+  if (url.protocol === "data:") {
+    const parsed = parseDataUrl(url.toString());
+    return {
+      mediaType: resolveMediaType("", options, parsed.mediaType),
+      filename: options.filename,
+      source: {
+        type: "base64",
+        data: parsed.base64Data
+      }
+    };
+  }
+  if (url.protocol === "file:") {
+    const filePath = fileURLToPath(url);
+    const buffer = await readFile(filePath);
+    return {
+      mediaType: resolveMediaType(filePath, options),
+      filename: options.filename ?? path.basename(filePath),
+      source: {
+        type: "base64",
+        data: buffer.toString("base64")
+      }
+    };
+  }
+  if (url.protocol === "http:" || url.protocol === "https:") {
+    return {
+      mediaType: resolveMediaType(url.pathname, options),
+      filename: options.filename ?? inferFilename(url.pathname),
+      source: {
+        type: "url",
+        url: url.toString()
+      }
+    };
+  }
+  throw new AgentBoxError(
+    `Unsupported input URL protocol "${url.protocol}" for ${options.kind} parts.`,
+    {
+      code: "UNSUPPORTED_INPUT_SOURCE",
+      details: {
+        kind: options.kind,
+        protocol: url.protocol
+      }
+    }
+  );
+}
+function resolveMediaType(pathname, options, parsedMediaType) {
+  const explicitMediaType = options.mediaType ?? parsedMediaType;
+  if (explicitMediaType) {
+    return explicitMediaType;
+  }
+  const inferredMediaType = inferMediaType(pathname);
+  if (inferredMediaType) {
+    return inferredMediaType;
+  }
+  throw new AgentBoxError(
+    `Could not determine a media type for the ${options.kind} input part.`,
+    {
+      code: "MISSING_INPUT_MEDIA_TYPE",
+      details: {
+        kind: options.kind,
+        pathname
+      }
+    }
+  );
+}
+function inferMediaType(pathname) {
+  const extension = path.extname(pathname).toLowerCase();
+  return FILE_MEDIA_TYPE_BY_EXTENSION[extension];
+}
+function inferFilename(pathname) {
+  const name = path.basename(pathname);
+  return name && name !== "." ? name : void 0;
+}
+function parseStructuredUrl(value) {
+  if (!/^[a-zA-Z][a-zA-Z\d+\-.]*:/.test(value)) {
+    return null;
+  }
+  try {
+    return new URL(value);
+  } catch {
+    return null;
+  }
+}
+function parseDataUrl(value) {
+  const separatorIndex = value.indexOf(",");
+  if (separatorIndex === -1) {
+    throw new AgentBoxError("Invalid data URL input.", {
+      code: "INVALID_INPUT_DATA_URL"
+    });
+  }
+  const header = value.slice(5, separatorIndex);
+  const body = value.slice(separatorIndex + 1);
+  const mediaType = header.split(";")[0] || void 0;
+  const isBase64 = header.includes(";base64");
+  return {
+    mediaType,
+    base64Data: isBase64 ? body : Buffer.from(decodeURIComponent(body), "utf8").toString("base64")
+  };
+}
+function binarySourceToUrl(source, mediaType) {
+  return source.type === "url" ? source.url : `data:${mediaType};base64,${source.data}`;
+}
+function dataUrlToBase64(value) {
+  return parseDataUrl(value).base64Data;
+}
+function isRemoteUrl(value) {
+  return value.startsWith("http://") || value.startsWith("https://");
+}
+function isClaudeTextLikeMediaType(mediaType) {
+  return mediaType.startsWith("text/") || CLAUDE_TEXT_LIKE_MEDIA_TYPES.has(mediaType);
+}
+
+// src/agents/config/commands.ts
+import path2 from "path";
+function buildFrontmatter(values) {
+  const lines = Object.entries(values).filter(([, value]) => value !== void 0).map(([key, value]) => `${key}: ${JSON.stringify(value)}`);
+  return lines.length > 0 ? `---
+${lines.join("\n")}
+---
+
+` : "";
+}
+function buildClaudeCommandArtifacts(commands, layout) {
+  return (commands ?? []).map((command) => ({
+    path: path2.join(layout.claudeDir, "commands", `${command.name}.md`),
+    content: buildFrontmatter({
+      description: command.description
+    }) + command.template
+  }));
+}
+function buildOpenCodeCommandsConfig(commands) {
+  if (!commands || commands.length === 0) {
+    return void 0;
+  }
+  return Object.fromEntries(
+    commands.map((command) => [
+      command.name,
+      {
+        template: command.template,
+        ...command.description ? { description: command.description } : {},
+        ...command.agent ? { agent: command.agent } : {},
+        ...command.model ? { model: command.model } : {},
+        ...command.subtask !== void 0 ? { subtask: command.subtask } : {}
+      }
+    ])
+  );
+}
+function assertCommandsSupported(provider, commands) {
+  if (!commands || commands.length === 0) {
+    return;
+  }
+  if (provider === "codex") {
+    throw new Error(
+      "Custom commands are not supported for Codex in this package yet."
+    );
+  }
+}
+
+// src/agents/config/hooks.ts
+import path3 from "path";
+function hasHookEntries(hooks) {
+  if (!hooks || typeof hooks !== "object") {
+    return false;
+  }
+  return Object.values(hooks).some(
+    (groups) => Array.isArray(groups) && groups.length > 0
+  );
+}
+function readTopLevelHooks(options) {
+  if (!options || typeof options !== "object" || !("hooks" in options)) {
+    return void 0;
+  }
+  return options.hooks;
+}
+function readProviderHooks(options) {
+  if (!options || typeof options !== "object" || !("provider" in options)) {
+    return void 0;
+  }
+  return options.provider?.hooks;
+}
+function readProviderPlugins(options) {
+  if (!options || typeof options !== "object" || !("provider" in options)) {
+    return void 0;
+  }
+  return options.provider?.plugins;
+}
+function legacySharedHooksError(provider) {
+  return provider === "opencode" ? "OpenCode hook plugins must be configured on options.provider.plugins. The shared options.hooks field was removed because hook semantics differ by provider." : `${provider === "claude-code" ? "Claude Code" : "Codex"} hooks must be configured on options.provider.hooks. The shared options.hooks field was removed because hook semantics differ by provider.`;
+}
+function invalidGroupedHooksShapeError(provider) {
+  return `${provider === "claude-code" ? "Claude Code" : "Codex"} hooks must use the native grouped hooks object shape under options.provider.hooks, with each event mapped to an array of matcher groups.`;
+}
+function hasMalformedGroupedHookEntries(hooks) {
+  return Object.values(hooks).some(
+    (groups) => groups !== void 0 && !Array.isArray(groups)
+  );
+}
+function opencodeHooksFieldError() {
+  return "OpenCode uses options.provider.plugins for native hook support. options.provider.hooks is not supported for opencode.";
+}
+function unexpectedPluginsFieldError(provider) {
+  return `OpenCode plugins are only supported for the opencode provider in this package. Configure them on options.provider.plugins for opencode; received plugin configuration for ${provider}.`;
+}
+function buildClaudeHookSettings(hooks) {
+  if (!hasHookEntries(hooks)) {
+    return void 0;
+  }
+  return { hooks };
+}
+function buildCodexHooksFile(hooks) {
+  if (!hasHookEntries(hooks)) {
+    return void 0;
+  }
+  return { hooks };
+}
+function toPluginFileName(name, extension) {
+  const base = name.trim().toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "");
+  return `${base || "agentbox-plugin"}.${extension}`;
+}
+function toPluginExportName(name) {
+  const base = name.replace(/[^a-zA-Z0-9]+/g, " ").trim();
+  const parts = base.split(/\s+/).filter(Boolean).map((part) => part[0].toUpperCase() + part.slice(1));
+  const identifier = parts.join("") || "AgentBoxPlugin";
+  return /^[A-Za-z_]/.test(identifier) ? identifier : `AgentBoxPlugin${identifier}`;
+}
+function indentBlock(input, spaces) {
+  const indent = " ".repeat(spaces);
+  return input.split("\n").map((line) => `${indent}${line}`).join("\n");
+}
+function renderOpenCodePluginHook(hook) {
+  const body = hook.body.trim().length > 0 ? hook.body.trim() : "return undefined;";
+  return [
+    `    ${JSON.stringify(hook.event)}: async (input, output) => {`,
+    indentBlock(body, 6),
+    "    },"
+  ].join("\n");
+}
+function buildOpenCodePluginSource(plugin) {
+  const exportName = toPluginExportName(plugin.name);
+  const setup = plugin.setup?.trim();
+  const preamble = plugin.preamble?.trim();
+  return [
+    ...preamble ? [preamble, ""] : [],
+    `export const ${exportName} = async (ctx) => {`,
+    ...setup ? [indentBlock(setup, 2)] : [],
+    "  return {",
+    ...plugin.hooks.map((hook) => renderOpenCodePluginHook(hook)),
+    "  };",
+    "};",
+    "",
+    `export default ${exportName};`,
+    ""
+  ].join("\n");
+}
+function buildOpenCodePluginArtifacts(plugins, opencodeDir) {
+  if (!plugins || plugins.length === 0) {
+    return [];
+  }
+  const seenFileNames = /* @__PURE__ */ new Set();
+  return plugins.map((plugin) => {
+    const fileExtension = plugin.fileExtension ?? "ts";
+    const fileName = toPluginFileName(plugin.name, fileExtension);
+    if (seenFileNames.has(fileName)) {
+      throw new Error(
+        `OpenCode plugin names must be unique after normalization. Duplicate plugin file: ${fileName}`
+      );
+    }
+    seenFileNames.add(fileName);
+    return {
+      path: path3.join(opencodeDir, "plugins", fileName),
+      content: buildOpenCodePluginSource(plugin)
+    };
+  });
+}
+function assertHooksSupported(provider, options) {
+  const topLevelHooks = readTopLevelHooks(options);
+  if (topLevelHooks !== void 0) {
+    throw new Error(legacySharedHooksError(provider));
+  }
+  const providerHooks = readProviderHooks(options);
+  const providerPlugins = readProviderPlugins(options);
+  if (provider === "opencode") {
+    if (providerHooks !== void 0) {
+      throw new Error(opencodeHooksFieldError());
+    }
+    if (providerPlugins === void 0) {
+      return void 0;
+    }
+    if (!Array.isArray(providerPlugins)) {
+      throw new Error(
+        "OpenCode plugins must be configured as an array on options.provider.plugins."
+      );
+    }
+    return providerPlugins.length > 0 ? providerPlugins : void 0;
+  }
+  if (providerPlugins !== void 0) {
+    throw new Error(unexpectedPluginsFieldError(provider));
+  }
+  if (providerHooks === void 0) {
+    return void 0;
+  }
+  if (!providerHooks || typeof providerHooks !== "object" || Array.isArray(providerHooks)) {
+    throw new Error(invalidGroupedHooksShapeError(provider));
+  }
+  if (hasMalformedGroupedHookEntries(providerHooks)) {
+    throw new Error(invalidGroupedHooksShapeError(provider));
+  }
+  if (!hasHookEntries(providerHooks)) {
+    return void 0;
+  }
+  return providerHooks;
+}
+
+// src/agents/config/mcp.ts
+import path4 from "path";
+var SAFE_TOML_KEY = /^[a-zA-Z0-9_-]+$/;
+function assertSafeTomlKey(name, context) {
+  if (!SAFE_TOML_KEY.test(name)) {
+    throw new Error(
+      `${context} name ${JSON.stringify(name)} contains characters that are not safe for TOML keys. Use only alphanumeric characters, hyphens, and underscores.`
+    );
+  }
+}
+function tomlString(value) {
+  return JSON.stringify(value);
+}
+function tomlStringArray(values) {
+  return `[${values.map(tomlString).join(", ")}]`;
+}
+function buildClaudeMcpConfig(mcps) {
+  if (!mcps || mcps.length === 0) {
+    return void 0;
+  }
+  const mcpServers = Object.fromEntries(
+    mcps.filter((mcp) => mcp.enabled !== false).map((mcp) => {
+      if (mcp.type === "remote") {
+        const headers = {
+          ...mcp.headers ?? {},
+          ...mcp.bearerTokenEnvVar ? {
+            Authorization: `Bearer \${${mcp.bearerTokenEnvVar}}`
+          } : {}
+        };
+        return [
+          mcp.name,
+          {
+            type: "http",
+            url: mcp.url,
+            ...Object.keys(headers).length > 0 ? { headers } : {}
+          }
+        ];
+      }
+      return [
+        mcp.name,
+        {
+          type: "stdio",
+          command: mcp.command,
+          ...mcp.args?.length ? { args: mcp.args } : {},
+          ...mcp.env ? { env: mcp.env } : {}
+        }
+      ];
+    })
+  );
+  return JSON.stringify({ mcpServers }, null, 2);
+}
+function buildOpenCodeMcpConfig(mcps) {
+  if (!mcps || mcps.length === 0) {
+    return void 0;
+  }
+  return Object.fromEntries(
+    mcps.filter((mcp) => mcp.enabled !== false).map((mcp) => {
+      if (mcp.type === "remote") {
+        const headers = {
+          ...mcp.headers ?? {},
+          ...mcp.bearerTokenEnvVar ? { Authorization: `Bearer {env:${mcp.bearerTokenEnvVar}}` } : {}
+        };
+        return [
+          mcp.name,
+          {
+            type: "remote",
+            url: mcp.url,
+            enabled: true,
+            ...Object.keys(headers).length > 0 ? { headers } : {}
+          }
+        ];
+      }
+      return [
+        mcp.name,
+        {
+          type: "local",
+          command: [mcp.command, ...mcp.args ?? []],
+          enabled: true,
+          ...mcp.env ? { env: mcp.env } : {}
+        }
+      ];
+    })
+  );
+}
+function buildCodexConfigToml(mcps, agentSections = [], enableHooks = false) {
+  const blocks = [];
+  for (const mcp of mcps ?? []) {
+    if (mcp.enabled === false) {
+      continue;
+    }
+    assertSafeTomlKey(mcp.name, "MCP server");
+    if (mcp.type === "remote") {
+      if (mcp.headers && Object.keys(mcp.headers).length > 0) {
+        throw new Error(
+          `Codex only supports remote MCPs with bearerTokenEnvVar in this package. MCP "${mcp.name}" includes raw headers.`
+        );
+      }
+      blocks.push(`[mcp_servers.${mcp.name}]`);
+      blocks.push(`url = ${tomlString(mcp.url)}`);
+      if (mcp.bearerTokenEnvVar) {
+        blocks.push(
+          `bearer_token_env_var = ${tomlString(mcp.bearerTokenEnvVar)}`
+        );
+      }
+      blocks.push("");
+      continue;
+    }
+    blocks.push(`[mcp_servers.${mcp.name}]`);
+    blocks.push(`command = ${tomlString(mcp.command)}`);
+    if (mcp.args?.length) {
+      blocks.push(`args = ${tomlStringArray(mcp.args)}`);
+    }
+    if (mcp.env && Object.keys(mcp.env).length > 0) {
+      blocks.push(`env_vars = ${tomlStringArray(Object.keys(mcp.env))}`);
+    }
+    blocks.push("");
+  }
+  if (enableHooks) {
+    blocks.push("[features]");
+    blocks.push("codex_hooks = true");
+    blocks.push("");
+  }
+  blocks.push(...agentSections);
+  if (blocks.length === 0) {
+    return void 0;
+  }
+  return `${blocks.join("\n").trim()}
+`;
+}
+function buildClaudeMcpArtifact(mcps, claudeDir) {
+  const content = buildClaudeMcpConfig(mcps);
+  if (!content) {
+    return void 0;
+  }
+  return {
+    path: path4.join(claudeDir, "agentbox-mcp.json"),
+    content
+  };
+}
+
+// src/agents/config/runtime.ts
+import { mkdtemp, mkdir, chmod, rm, writeFile } from "fs/promises";
+import os from "os";
+import path5 from "path";
+
+// src/agents/transports/spawn.ts
+import { spawn } from "child_process";
+import { createInterface } from "readline";
+function spawnCommand(options) {
+  const child = spawn(options.command, options.args ?? [], {
+    cwd: options.cwd,
+    env: options.env,
+    stdio: "pipe",
+    shell: process.platform === "win32",
+    windowsHide: true
+  });
+  const exitPromise = new Promise((resolve, reject) => {
+    child.once("error", reject);
+    child.once("close", (code) => resolve(code ?? 0));
+  });
+  return {
+    child,
+    wait: () => exitPromise,
+    kill: async (signal = "SIGTERM") => {
+      child.kill(signal);
+      await exitPromise.catch(() => void 0);
+    }
+  };
+}
+async function waitForHttpReady(url, options) {
+  await waitFor(
+    async () => {
+      try {
+        const response = await fetch(url, options?.init);
+        return response.ok;
+      } catch {
+        return false;
+      }
+    },
+    {
+      timeoutMs: options?.timeoutMs,
+      intervalMs: options?.intervalMs
+    }
+  );
+}
+async function* linesFromNodeStream(stream) {
+  const lineReader = createInterface({ input: stream });
+  try {
+    for await (const line of lineReader) {
+      yield line;
+    }
+  } finally {
+    lineReader.close();
+  }
+}
+
+// src/agents/config/runtime.ts
+function createLayout(homeDir) {
+  const xdgConfigHome = path5.join(homeDir, ".config");
+  const codexDir = path5.join(homeDir, ".codex");
+  return {
+    rootDir: homeDir,
+    homeDir,
+    xdgConfigHome,
+    agentsDir: path5.join(homeDir, ".agents"),
+    claudeDir: path5.join(homeDir, ".claude"),
+    opencodeDir: path5.join(xdgConfigHome, "opencode"),
+    codexDir
+  };
+}
+var HostRuntimeTarget = class {
+  constructor(provider, layout, cwd, baseEnv) {
+    this.provider = provider;
+    this.layout = layout;
+    this.cwd = cwd;
+    this.baseEnv = baseEnv;
+    this.env = {};
+  }
+  provider;
+  layout;
+  cwd;
+  baseEnv;
+  env;
+  async writeArtifact(artifact) {
+    await mkdir(path5.dirname(artifact.path), { recursive: true });
+    await writeFile(artifact.path, artifact.content, "utf8");
+    if (artifact.executable) {
+      await chmod(artifact.path, 493);
+    }
+  }
+  async runCommand(command, extraEnv) {
+    const handle = spawnCommand({
+      command: process.env.SHELL || "sh",
+      args: ["-lc", command],
+      cwd: this.cwd,
+      env: {
+        ...process.env,
+        ...this.baseEnv,
+        ...this.env,
+        ...extraEnv ?? {}
+      }
+    });
+    const exitCode = await handle.wait();
+    if (exitCode !== 0) {
+      throw new Error(`Setup command failed (${exitCode}): ${command}`);
+    }
+  }
+  async cleanup() {
+    await rm(this.layout.rootDir, { recursive: true, force: true });
+  }
+};
+var SandboxRuntimeTarget = class {
+  constructor(provider, layout, options) {
+    this.provider = provider;
+    this.layout = layout;
+    this.options = options;
+    this.env = {};
+  }
+  provider;
+  layout;
+  options;
+  env;
+  async writeArtifact(artifact) {
+    const marker = `__AGENTBOX_${Math.random().toString(36).slice(2)}__`;
+    const command = `mkdir -p ${shellQuote(
+      path5.posix.dirname(artifact.path)
+    )} && cat > ${shellQuote(artifact.path)} <<'${marker}'
+${artifact.content}
+${marker}`;
+    await this.options.sandbox?.run(command, {
+      cwd: this.options.cwd,
+      env: {
+        ...this.options.env ?? {},
+        ...this.env
+      }
+    });
+    if (artifact.executable) {
+      await this.options.sandbox?.run(`chmod +x ${shellQuote(artifact.path)}`, {
+        cwd: this.options.cwd,
+        env: {
+          ...this.options.env ?? {},
+          ...this.env
+        }
+      });
+    }
+  }
+  async runCommand(command, extraEnv) {
+    const result = await this.options.sandbox?.run(command, {
+      cwd: this.options.cwd,
+      env: {
+        ...this.options.env ?? {},
+        ...this.env,
+        ...extraEnv ?? {}
+      }
+    });
+    if (result && result.exitCode !== 0) {
+      throw new Error(
+        `Sandbox setup command failed (${result.exitCode}): ${command}`
+      );
+    }
+  }
+  async cleanup() {
+    await this.options.sandbox?.run(
+      `rm -rf ${shellQuote(this.layout.rootDir)}`,
+      {
+        cwd: this.options.cwd,
+        env: {
+          ...this.options.env ?? {},
+          ...this.env
+        }
+      }
+    );
+  }
+};
+async function createRuntimeTarget(provider, runId, options) {
+  if (options.sandbox) {
+    const layout2 = createLayout(`/tmp/agentbox/${provider}/${runId}`);
+    await options.sandbox.run(
+      [
+        `mkdir -p ${shellQuote(layout2.homeDir)}`,
+        `mkdir -p ${shellQuote(layout2.xdgConfigHome)}`,
+        `mkdir -p ${shellQuote(layout2.agentsDir)}`,
+        `mkdir -p ${shellQuote(layout2.claudeDir)}`,
+        `mkdir -p ${shellQuote(layout2.opencodeDir)}`,
+        `mkdir -p ${shellQuote(layout2.codexDir)}`
+      ].join(" && "),
+      {
+        cwd: options.cwd,
+        env: {
+          ...options.env ?? {}
+        }
+      }
+    );
+    return new SandboxRuntimeTarget(provider, layout2, options);
+  }
+  const rootDir = await mkdtemp(
+    path5.join(os.tmpdir(), `agentbox-${provider}-`)
+  );
+  const layout = createLayout(rootDir);
+  await mkdir(layout.homeDir, { recursive: true });
+  await mkdir(layout.xdgConfigHome, { recursive: true });
+  await mkdir(layout.agentsDir, { recursive: true });
+  await mkdir(layout.claudeDir, { recursive: true });
+  await mkdir(layout.opencodeDir, { recursive: true });
+  await mkdir(layout.codexDir, { recursive: true });
+  return new HostRuntimeTarget(
+    provider,
+    layout,
+    options.cwd ?? process.cwd(),
+    options.env ?? {}
+  );
+}
+
+// src/agents/config/skills.ts
+import path6 from "path";
+function getSkillTargetDir(provider, layout, skillName) {
+  switch (provider) {
+    case "claude-code":
+      return path6.join(layout.claudeDir, "skills", skillName);
+    case "opencode":
+      return path6.join(layout.opencodeDir, "skills", skillName);
+    case "codex":
+      return path6.join(layout.agentsDir, "skills", skillName);
+  }
+}
+function buildSkillsInstallerCommand(provider, skill) {
+  const repo = skill.repo ?? "https://github.com/anthropics/skills";
+  const agent = provider === "claude-code" ? "claude-code" : provider;
+  return `npx skills add ${shellQuote(repo)} -g --skill ${shellQuote(skill.name)} --agent ${shellQuote(agent)} -y`;
+}
+async function prepareSkillArtifacts(provider, skills, layout) {
+  const artifacts = [];
+  const installCommands = [];
+  const preparedSkills = [];
+  for (const skill of skills ?? []) {
+    const targetDir = getSkillTargetDir(provider, layout, skill.name);
+    const skillFilePath = path6.join(targetDir, "SKILL.md");
+    if (!("files" in skill)) {
+      installCommands.push(buildSkillsInstallerCommand(provider, skill));
+      preparedSkills.push({ name: skill.name, skillFilePath });
+      continue;
+    }
+    for (const [relativePath, content] of Object.entries(skill.files)) {
+      artifacts.push({
+        path: path6.join(targetDir, relativePath),
+        content,
+        executable: relativePath.startsWith("scripts/")
+      });
+    }
+    preparedSkills.push({ name: skill.name, skillFilePath });
+  }
+  return {
+    artifacts,
+    installCommands,
+    preparedSkills
+  };
+}
+async function installSkills(target, installCommands, extraEnv) {
+  for (const command of installCommands) {
+    await target.runCommand(command, extraEnv);
+  }
+}
+
+// src/agents/config/subagents.ts
+import path7 from "path";
+function toToolsArray(tools) {
+  const filtered = tools?.map((tool) => tool.trim()).filter(Boolean);
+  return filtered && filtered.length > 0 ? filtered : void 0;
+}
+function tomlString2(value) {
+  return JSON.stringify(value);
+}
+function buildClaudeAgentsConfig(subAgents) {
+  if (!subAgents || subAgents.length === 0) {
+    return void 0;
+  }
+  return Object.fromEntries(
+    subAgents.map((subAgent) => [
+      subAgent.name,
+      {
+        description: subAgent.description,
+        prompt: subAgent.instructions,
+        ...subAgent.model ? { model: subAgent.model } : {},
+        ...toToolsArray(subAgent.tools) ? { tools: toToolsArray(subAgent.tools) } : {}
+      }
+    ])
+  );
+}
+function mapOpenCodeTools(tools) {
+  if (!tools || tools.length === 0) {
+    return void 0;
+  }
+  return Object.fromEntries(tools.map((tool) => [tool, true]));
+}
+function buildOpenCodeSubagentConfig(subAgents) {
+  return Object.fromEntries(
+    (subAgents ?? []).map((subAgent) => [
+      subAgent.name,
+      {
+        mode: "subagent",
+        description: subAgent.description,
+        prompt: subAgent.instructions,
+        ...mapOpenCodeTools(subAgent.tools) ? { tools: mapOpenCodeTools(subAgent.tools) } : {}
+      }
+    ])
+  );
+}
+function buildCodexSubagentArtifacts(subAgents, layout) {
+  const artifacts = [];
+  const agentSections = [];
+  for (const subAgent of subAgents ?? []) {
+    if (subAgent.model) {
+      throw new Error(
+        `Codex sub-agent "${subAgent.name}" specifies a model override, which is not supported in this package yet.`
+      );
+    }
+    const roleConfigRelativePath = `./agents/${subAgent.name}.toml`;
+    const roleConfigPromptPath = `../prompts/${subAgent.name}.md`;
+    artifacts.push({
+      path: path7.join(layout.codexDir, "prompts", `${subAgent.name}.md`),
+      content: subAgent.instructions
+    });
+    artifacts.push({
+      path: path7.join(layout.codexDir, "agents", `${subAgent.name}.toml`),
+      content: [
+        `model_instructions_file = ${tomlString2(roleConfigPromptPath)}`,
+        `model_reasoning_effort = ${tomlString2("medium")}`,
+        "",
+        "[features]",
+        "multi_agent = false",
+        ""
+      ].join("\n")
+    });
+    agentSections.push(
+      `[agents.${subAgent.name}]`,
+      `description = ${tomlString2(subAgent.description)}`,
+      `config_file = ${tomlString2(roleConfigRelativePath)}`,
+      ""
+    );
+  }
+  return {
+    artifacts,
+    agentSections,
+    enableMultiAgent: (subAgents?.length ?? 0) > 0
+  };
+}
+
+// src/agents/transports/sdk-ws.ts
+import { randomUUID } from "crypto";
+import {
+  WebSocket,
+  WebSocketServer
+} from "ws";
+function handleIncomingMessage(text, messagesQueue, pendingResponses) {
+  const lines = text.split("\n").map((line) => line.trim()).filter(Boolean);
+  for (const line of lines) {
+    let message;
+    try {
+      message = JSON.parse(line);
+    } catch {
+      continue;
+    }
+    if (message.type === "control_response" && typeof message.response === "object" && message.response !== null) {
+      const requestId = String(
+        message.response.request_id ?? ""
+      );
+      const pending = pendingResponses.get(requestId);
+      if (pending) {
+        pendingResponses.delete(requestId);
+        pending.resolve(message);
+      }
+    }
+    messagesQueue.push(message);
+  }
+}
+var SdkWsServer = class {
+  server;
+  socket;
+  messagesQueue = new AsyncQueue();
+  pendingResponses = /* @__PURE__ */ new Map();
+  host;
+  port;
+  constructor(options) {
+    this.host = options?.host ?? "127.0.0.1";
+    this.port = options?.port;
+  }
+  get url() {
+    if (!this.port) {
+      throw new Error("SDK WebSocket server has not been started yet.");
+    }
+    return `ws://${this.host}:${this.port}`;
+  }
+  async start() {
+    if (this.server) {
+      return;
+    }
+    this.port ??= await getAvailablePort(this.host);
+    this.server = new WebSocketServer({ host: this.host, port: this.port });
+    this.server.on("connection", (socket) => {
+      this.socket = socket;
+      socket.on("message", (data) => this.handleMessage(data));
+      socket.on("close", () => {
+        if (this.socket === socket) {
+          this.socket = void 0;
+        }
+      });
+    });
+    this.server.on("error", (error) => {
+      this.messagesQueue.fail(error);
+    });
+  }
+  async waitForConnection(timeoutMs = 15e3) {
+    await waitFor(async () => Boolean(this.socket), {
+      timeoutMs,
+      intervalMs: 100
+    });
+  }
+  async send(message) {
+    await this.waitForConnection();
+    const socket = this.socket;
+    if (!socket) {
+      throw new Error("SDK WebSocket server has no active connection.");
+    }
+    await new Promise((resolve, reject) => {
+      socket.send(`${JSON.stringify(message)}
+`, (error) => {
+        if (error) {
+          reject(error);
+          return;
+        }
+        resolve();
+      });
+    });
+  }
+  async request(request) {
+    const requestId = randomUUID();
+    const response = new Promise((resolve, reject) => {
+      this.pendingResponses.set(requestId, { resolve, reject });
+    });
+    await this.send({
+      type: "control_request",
+      request_id: requestId,
+      request
+    });
+    return response;
+  }
+  async close() {
+    this.messagesQueue.finish();
+    for (const pending of this.pendingResponses.values()) {
+      pending.reject(new Error("SDK WebSocket server closed."));
+    }
+    this.pendingResponses.clear();
+    this.socket?.close();
+    if (!this.server) {
+      return;
+    }
+    await new Promise((resolve, reject) => {
+      this.server?.close((error) => {
+        if (error) {
+          reject(error);
+          return;
+        }
+        resolve();
+      });
+    });
+    this.server = void 0;
+    this.socket = void 0;
+  }
+  messages() {
+    return this.messagesQueue;
+  }
+  handleMessage(rawData) {
+    handleIncomingMessage(
+      rawData.toString(),
+      this.messagesQueue,
+      this.pendingResponses
+    );
+  }
+};
+var SharedSdkWsChannel = class {
+  constructor(connection, runId, onClose) {
+    this.connection = connection;
+    this.runId = runId;
+    this.onClose = onClose;
+  }
+  connection;
+  runId;
+  onClose;
+  messagesQueue = new AsyncQueue();
+  pendingResponses = /* @__PURE__ */ new Map();
+  closed = false;
+  handleIncomingMessage(message) {
+    if (this.closed) {
+      return;
+    }
+    if (message.type === "control_response" && typeof message.response === "object" && message.response !== null) {
+      const requestId = String(
+        message.response.request_id ?? ""
+      );
+      const pending = this.pendingResponses.get(requestId);
+      if (pending) {
+        this.pendingResponses.delete(requestId);
+        pending.resolve(message);
+      }
+    }
+    this.messagesQueue.push(message);
+  }
+  handleConnectionClosed(error) {
+    if (this.closed) {
+      return;
+    }
+    for (const pending of this.pendingResponses.values()) {
+      pending.reject(error);
+    }
+    this.pendingResponses.clear();
+    this.messagesQueue.fail(error);
+  }
+  async waitForConnection(timeoutMs = 15e3) {
+    await this.connection.waitForConnection(timeoutMs);
+  }
+  async send(message) {
+    await this.connection.sendToRun(this.runId, message);
+  }
+  async request(request) {
+    const requestId = randomUUID();
+    const response = new Promise((resolve, reject) => {
+      this.pendingResponses.set(requestId, { resolve, reject });
+    });
+    await this.send({
+      type: "control_request",
+      request_id: requestId,
+      request
+    });
+    return response;
+  }
+  async close() {
+    if (this.closed) {
+      return;
+    }
+    this.closed = true;
+    for (const pending of this.pendingResponses.values()) {
+      pending.reject(new Error("SDK WebSocket channel closed."));
+    }
+    this.pendingResponses.clear();
+    this.messagesQueue.finish();
+    this.onClose();
+  }
+  messages() {
+    return this.messagesQueue;
+  }
+};
+var MAX_PENDING_MESSAGES_PER_RUN = 1e3;
+var SharedSdkWsConnection = class {
+  constructor(url) {
+    this.url = url;
+  }
+  url;
+  socket;
+  channels = /* @__PURE__ */ new Map();
+  pendingMessages = /* @__PURE__ */ new Map();
+  async start() {
+    if (this.socket?.readyState === WebSocket.OPEN) {
+      return;
+    }
+    const socket = new WebSocket(this.url);
+    this.socket = socket;
+    socket.on("message", (data) => {
+      const lines = data.toString().split("\n").map((line) => line.trim()).filter(Boolean);
+      for (const line of lines) {
+        try {
+          const envelope = JSON.parse(line);
+          if (!envelope.runId || !envelope.message) {
+            continue;
+          }
+          const channel = this.channels.get(envelope.runId);
+          if (channel) {
+            channel.handleIncomingMessage(envelope.message);
+            continue;
+          }
+          const pending = this.pendingMessages.get(envelope.runId) ?? [];
+          if (pending.length < MAX_PENDING_MESSAGES_PER_RUN) {
+            pending.push(envelope.message);
+            this.pendingMessages.set(envelope.runId, pending);
+          }
+        } catch (error) {
+          const failure = error instanceof Error ? error : new Error("Failed to parse shared SDK message.");
+          for (const channel of this.channels.values()) {
+            channel.handleConnectionClosed(failure);
+          }
+        }
+      }
+    });
+    socket.on("close", () => {
+      if (this.socket === socket) {
+        this.socket = void 0;
+      }
+      const error = new Error("Shared SDK WebSocket connection closed.");
+      for (const channel of this.channels.values()) {
+        channel.handleConnectionClosed(error);
+      }
+    });
+    socket.on("error", (error) => {
+      for (const channel of this.channels.values()) {
+        channel.handleConnectionClosed(error);
+      }
+    });
+    await new Promise((resolve, reject) => {
+      const cleanup = () => {
+        socket.off("open", handleOpen);
+        socket.off("error", handleError);
+      };
+      const handleOpen = () => {
+        cleanup();
+        resolve();
+      };
+      const handleError = (error) => {
+        cleanup();
+        reject(error);
+      };
+      socket.once("open", handleOpen);
+      socket.once("error", handleError);
+    });
+  }
+  async waitForConnection(timeoutMs = 15e3) {
+    await waitFor(async () => this.socket?.readyState === WebSocket.OPEN, {
+      timeoutMs,
+      intervalMs: 100
+    });
+  }
+  createChannel(runId) {
+    const existing = this.channels.get(runId);
+    if (existing) {
+      return existing;
+    }
+    const channel = new SharedSdkWsChannel(this, runId, () => {
+      this.channels.delete(runId);
+    });
+    this.channels.set(runId, channel);
+    const pending = this.pendingMessages.get(runId);
+    if (pending?.length) {
+      for (const message of pending) {
+        channel.handleIncomingMessage(message);
+      }
+      this.pendingMessages.delete(runId);
+    }
+    return channel;
+  }
+  async sendToRun(runId, message) {
+    await this.waitForConnection();
+    const socket = this.socket;
+    if (!socket) {
+      throw new Error("Shared SDK WebSocket connection is not open.");
+    }
+    await new Promise((resolve, reject) => {
+      socket.send(`${JSON.stringify({ runId, message })}
+`, (error) => {
+        if (error) {
+          reject(error);
+          return;
+        }
+        resolve();
+      });
+    });
+  }
+  async close() {
+    for (const channel of this.channels.values()) {
+      await channel.close();
+    }
+    this.channels.clear();
+    this.pendingMessages.clear();
+    if (!this.socket) {
+      return;
+    }
+    await new Promise((resolve) => {
+      const socket = this.socket;
+      this.socket = void 0;
+      if (!socket) {
+        resolve();
+        return;
+      }
+      if (socket.readyState === WebSocket.CLOSED || socket.readyState === WebSocket.CLOSING) {
+        resolve();
+        return;
+      }
+      socket.once("close", () => resolve());
+      socket.close();
+    });
+  }
+};
+
+// src/agents/providers/claude-code.ts
+var REMOTE_SDK_RELAY_PORT = 43180;
+var REMOTE_SDK_RELAY_PATH = "/tmp/agentbox/claude-code/relay.mjs";
+var sharedRemoteConnectionBySandbox = /* @__PURE__ */ new WeakMap();
+function toRawEvent(runId, payload, type) {
+  return {
+    provider: "claude-code",
+    runId,
+    type,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    payload
+  };
+}
+function extractAssistantText(message) {
+  const content = message.message;
+  if (Array.isArray(content)) {
+    return content.filter((block) => block.type === "text").map((block) => String(block.text ?? "")).join("");
+  }
+  if (content && Array.isArray(content.content)) {
+    return content.content.filter((block) => block.type === "text").map((block) => String(block.text ?? "")).join("");
+  }
+  return "";
+}
+function extractStreamDelta(message) {
+  const event = message.event;
+  if (!event) {
+    return "";
+  }
+  const delta = event.delta;
+  if (typeof delta?.text === "string") {
+    return delta.text;
+  }
+  if (typeof event.text === "string") {
+    return event.text;
+  }
+  return "";
+}
+function createClaudePermissionEvent(request, message) {
+  const requestPayload = message.request ?? {};
+  return createNormalizedEvent(
+    "permission.requested",
+    {
+      provider: request.provider,
+      runId: request.runId,
+      raw: toRawEvent(request.runId, message, message.type)
+    },
+    {
+      requestId: String(message.request_id ?? ""),
+      kind: "tool",
+      title: `Approve ${String(requestPayload.tool_name ?? "tool")} tool`,
+      message: `Claude wants to use ${String(requestPayload.tool_name ?? "tool")}.`,
+      input: requestPayload.input,
+      canRemember: false
+    }
+  );
+}
+async function prepareClaudeRuntime(request) {
+  const options = request.options;
+  const provider = options.provider;
+  const target = await createRuntimeTarget(
+    request.provider,
+    request.runId,
+    options
+  );
+  const hooks = assertHooksSupported(request.provider, options);
+  assertCommandsSupported(request.provider, options.commands);
+  const { artifacts: skillArtifacts, installCommands } = await prepareSkillArtifacts(
+    request.provider,
+    options.skills,
+    target.layout
+  );
+  const artifacts = [
+    ...skillArtifacts,
+    ...buildClaudeCommandArtifacts(options.commands, target.layout)
+  ];
+  const mcpArtifact = buildClaudeMcpArtifact(
+    options.mcps,
+    target.layout.claudeDir
+  );
+  if (mcpArtifact) {
+    artifacts.push(mcpArtifact);
+  }
+  const hookSettings = buildClaudeHookSettings(hooks);
+  let settingsPath;
+  if (hookSettings) {
+    settingsPath = path8.join(target.layout.claudeDir, "settings.json");
+    artifacts.push({
+      path: settingsPath,
+      content: JSON.stringify(hookSettings, null, 2)
+    });
+  }
+  for (const artifact of artifacts) {
+    await target.writeArtifact(artifact);
+  }
+  await installSkills(target, installCommands);
+  const agents = buildClaudeAgentsConfig(options.subAgents);
+  const initializeRequest = Object.keys({
+    ...request.run.systemPrompt ? { systemPrompt: request.run.systemPrompt } : {},
+    ...agents ? { agents } : {}
+  }).length ? {
+    subtype: "initialize",
+    ...request.run.systemPrompt ? { systemPrompt: request.run.systemPrompt } : {},
+    ...agents ? { agents } : {}
+  } : void 0;
+  const buildArgs = (sdkUrl) => [
+    "--sdk-url",
+    sdkUrl,
+    "--print",
+    "--output-format",
+    "stream-json",
+    "--input-format",
+    "stream-json",
+    ...provider?.verbose ? ["--verbose"] : [],
+    ...request.run.model ? ["--model", request.run.model] : [],
+    ...provider?.permissionMode ? ["--permission-mode", provider.permissionMode] : [],
+    ...provider?.allowedTools?.length ? ["--allowedTools", provider.allowedTools.join(",")] : [],
+    ...request.run.resumeSessionId ? ["-r", request.run.resumeSessionId] : [],
+    ...settingsPath ? ["--settings", settingsPath] : [],
+    ...mcpArtifact ? ["--mcp-config", mcpArtifact.path] : [],
+    ...provider?.args ?? [],
+    "-p",
+    ""
+  ];
+  const env = {
+    ...options.env ?? {},
+    ...target.env
+  };
+  return {
+    target,
+    buildArgs,
+    env,
+    initializeRequest
+  };
+}
+function createRemoteSdkRelayScript() {
+  return `
+import crypto from "node:crypto";
+import http from "node:http";
+
+const port = Number(process.argv[2] ?? "43180");
+const magic = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
+const channels = new Map();
+let hostSocket = null;
+
+function getChannel(runId) {
+  let channel = channels.get(runId);
+  if (!channel) {
+    channel = {
+      claude: null,
+      pending: {
+        toHost: [],
+        claude: [],
+      },
+    };
+    channels.set(runId, channel);
+  }
+  return channel;
+}
+
+function sendFrame(socket, payload, opcode = 0x1) {
+  const length = payload.length;
+  let header;
+  if (length < 126) {
+    header = Buffer.alloc(2);
+    header[1] = length;
+  } else if (length < 65536) {
+    header = Buffer.alloc(4);
+    header[1] = 126;
+    header.writeUInt16BE(length, 2);
+  } else {
+    header = Buffer.alloc(10);
+    header[1] = 127;
+    header.writeBigUInt64BE(BigInt(length), 2);
+  }
+  header[0] = 0x80 | opcode;
+  socket.write(Buffer.concat([header, payload]));
+}
+
+function parseFrame(buffer) {
+  if (buffer.length < 2) {
+    return null;
+  }
+
+  const first = buffer[0];
+  const second = buffer[1];
+  const fin = (first & 0x80) !== 0;
+  const opcode = first & 0x0f;
+  const masked = (second & 0x80) !== 0;
+  let length = second & 0x7f;
+  let offset = 2;
+
+  if (length === 126) {
+    if (buffer.length < offset + 2) {
+      return null;
+    }
+    length = buffer.readUInt16BE(offset);
+    offset += 2;
+  } else if (length === 127) {
+    if (buffer.length < offset + 8) {
+      return null;
+    }
+    length = Number(buffer.readBigUInt64BE(offset));
+    offset += 8;
+  }
+
+  let mask;
+  if (masked) {
+    if (buffer.length < offset + 4) {
+      return null;
+    }
+    mask = buffer.subarray(offset, offset + 4);
+    offset += 4;
+  }
+
+  if (buffer.length < offset + length) {
+    return null;
+  }
+
+  let payload = buffer.subarray(offset, offset + length);
+  if (mask) {
+    payload = Buffer.from(payload);
+    for (let index = 0; index < payload.length; index += 1) {
+      payload[index] ^= mask[index % 4];
+    }
+  }
+
+  return {
+    fin,
+    opcode,
+    payload,
+    bytesUsed: offset + length,
+  };
+}
+
+function sendHostEnvelope(runId, message) {
+  if (!hostSocket) {
+    return false;
+  }
+  sendFrame(
+    hostSocket,
+    Buffer.from(JSON.stringify({ runId, message }), "utf8"),
+  );
+  return true;
+}
+
+function flushClaude(channel) {
+  const socket = channel.claude;
+  if (!socket) {
+    return;
+  }
+  while (channel.pending.claude.length > 0) {
+    sendFrame(socket, Buffer.from(channel.pending.claude.shift(), "utf8"));
+  }
+}
+
+function flushHostBacklog() {
+  if (!hostSocket) {
+    return;
+  }
+  for (const [runId, channel] of channels.entries()) {
+    while (channel.pending.toHost.length > 0) {
+      sendHostEnvelope(runId, channel.pending.toHost.shift());
+    }
+  }
+}
+
+function relayFromClaude(runId, message) {
+  const channel = getChannel(runId);
+  if (!sendHostEnvelope(runId, message)) {
+    channel.pending.toHost.push(message);
+  }
+}
+
+function registerClaudePeer(socket, runId) {
+  const channel = getChannel(runId);
+  channel.claude = socket;
+  flushClaude(channel);
+  let buffer = Buffer.alloc(0);
+  let fragments = [];
+
+  socket.on("data", (chunk) => {
+    buffer = Buffer.concat([buffer, chunk]);
+
+    while (true) {
+      const frame = parseFrame(buffer);
+      if (!frame) {
+        return;
+      }
+      buffer = buffer.subarray(frame.bytesUsed);
+
+      if (frame.opcode === 0x8) {
+        socket.end();
+        return;
+      }
+      if (frame.opcode === 0x9) {
+        sendFrame(socket, frame.payload, 0xA);
+        continue;
+      }
+      if (frame.opcode === 0xA) {
+        continue;
+      }
+      if (frame.opcode === 0x1) {
+        fragments = [frame.payload];
+      } else if (frame.opcode === 0x0) {
+        fragments.push(frame.payload);
+      } else {
+        continue;
+      }
+
+      if (frame.fin) {
+        const text = Buffer.concat(fragments).toString("utf8");
+        for (const line of text
+          .split("\\n")
+          .map((value) => value.trim())
+          .filter(Boolean)) {
+          relayFromClaude(runId, JSON.parse(line));
+        }
+        fragments = [];
+      }
+    }
+  });
+
+  const clearPeer = () => {
+    const latestChannel = channels.get(runId);
+    if (!latestChannel) {
+      return;
+    }
+    if (latestChannel.claude === socket) {
+      latestChannel.claude = null;
+    }
+    if (
+      latestChannel.claude === null &&
+      latestChannel.pending.toHost.length === 0 &&
+      latestChannel.pending.claude.length === 0
+    ) {
+      channels.delete(runId);
+    }
+  };
+  socket.on("close", clearPeer);
+  socket.on("error", clearPeer);
+}
+
+function registerHostPeer(socket) {
+  hostSocket = socket;
+  flushHostBacklog();
+
+  let buffer = Buffer.alloc(0);
+  let fragments = [];
+
+  socket.on("data", (chunk) => {
+    buffer = Buffer.concat([buffer, chunk]);
+
+    while (true) {
+      const frame = parseFrame(buffer);
+      if (!frame) {
+        return;
+      }
+      buffer = buffer.subarray(frame.bytesUsed);
+
+      if (frame.opcode === 0x8) {
+        socket.end();
+        return;
+      }
+      if (frame.opcode === 0x9) {
+        sendFrame(socket, frame.payload, 0xA);
+        continue;
+      }
+      if (frame.opcode === 0xA) {
+        continue;
+      }
+      if (frame.opcode === 0x1) {
+        fragments = [frame.payload];
+      } else if (frame.opcode === 0x0) {
+        fragments.push(frame.payload);
+      } else {
+        continue;
+      }
+
+      if (frame.fin) {
+        const envelope = JSON.parse(Buffer.concat(fragments).toString("utf8"));
+        const runId = String(envelope.runId ?? "");
+        const message = envelope.message;
+        if (!runId || !message) {
+          fragments = [];
+          continue;
+        }
+        const channel = getChannel(runId);
+        if (channel.claude) {
+          sendFrame(
+            channel.claude,
+            Buffer.from(JSON.stringify(message) + "\\n", "utf8"),
+          );
+        } else {
+          channel.pending.claude.push(JSON.stringify(message) + "\\n");
+        }
+        fragments = [];
+      }
+    }
+  });
+
+  const clearHost = () => {
+    if (hostSocket === socket) {
+      hostSocket = null;
+    }
+  };
+  socket.on("close", clearHost);
+  socket.on("error", clearHost);
+}
+
+const server = http.createServer((_request, response) => {
+  response.writeHead(426, { "content-type": "text/plain" });
+  response.end("Upgrade Required");
+});
+
+server.on("upgrade", (request, socket) => {
+  if (request.headers.upgrade?.toLowerCase() !== "websocket") {
+    socket.destroy();
+    return;
+  }
+
+  const key = request.headers["sec-websocket-key"];
+  if (typeof key !== "string") {
+    socket.destroy();
+    return;
+  }
+
+  const accept = crypto
+    .createHash("sha1")
+    .update(key + magic)
+    .digest("base64");
+  socket.write(
+    [
+      "HTTP/1.1 101 Switching Protocols",
+      "Upgrade: websocket",
+      "Connection: Upgrade",
+      "Sec-WebSocket-Accept: " + accept,
+      "",
+      "",
+    ].join("\\r\\n"),
+  );
+
+  const url = new URL(request.url ?? "/", "http://127.0.0.1");
+  const role = url.searchParams.get("role") === "host" ? "host" : "claude";
+  if (role === "host") {
+    registerHostPeer(socket);
+    return;
+  }
+
+  const runId = url.searchParams.get("runId") ?? "default";
+  registerClaudePeer(socket, runId);
+});
+
+server.listen(port, "0.0.0.0");
+
+const shutdown = () => {
+  hostSocket?.destroy();
+  for (const channel of channels.values()) {
+    channel.claude?.destroy();
+  }
+  server.close(() => process.exit(0));
+};
+
+process.on("SIGINT", shutdown);
+process.on("SIGTERM", shutdown);
+`.trimStart();
+}
+function toWebSocketUrl(url) {
+  const parsed = new URL(url);
+  parsed.protocol = parsed.protocol === "https:" ? "wss:" : "ws:";
+  return parsed.toString();
+}
+function toSharedHostWebSocketUrl(url) {
+  const parsed = new URL(toWebSocketUrl(url));
+  parsed.searchParams.set("role", "host");
+  parsed.searchParams.delete("runId");
+  return parsed.toString();
+}
+function toClaudeRelayUrl(port, runId) {
+  const parsed = new URL(`ws://127.0.0.1:${port}/`);
+  parsed.searchParams.set("role", "claude");
+  parsed.searchParams.set("runId", runId);
+  return parsed.toString();
+}
+function buildLocalSdkUrl(server, sandboxProvider) {
+  if (sandboxProvider === "local-docker") {
+    return server.url.replace("127.0.0.1", "host.docker.internal").replace("0.0.0.0", "host.docker.internal");
+  }
+  return server.url;
+}
+async function connectRemoteTransport(url) {
+  const startedAt = Date.now();
+  let lastError;
+  while (Date.now() - startedAt < 3e4) {
+    const client = new SharedSdkWsConnection(url);
+    try {
+      await Promise.race([
+        client.start(),
+        sleep(2e3).then(() => {
+          throw new Error(
+            `Timed out connecting to remote SDK bridge at ${url}.`
+          );
+        })
+      ]);
+      return client;
+    } catch (error) {
+      lastError = error;
+      await client.close().catch(() => void 0);
+      await sleep(250);
+    }
+  }
+  throw lastError ?? new Error(`Could not connect to remote SDK bridge at ${url}.`);
+}
+async function canConnectToRemoteRelay(previewUrl) {
+  const parsed = new URL(toWebSocketUrl(previewUrl));
+  parsed.searchParams.set("role", "claude");
+  parsed.searchParams.set("runId", "__probe__");
+  const client = new SharedSdkWsConnection(parsed.toString());
+  try {
+    await Promise.race([
+      client.start(),
+      sleep(2e3).then(() => {
+        throw new Error("Timed out connecting to remote relay.");
+      })
+    ]);
+    return true;
+  } catch {
+    return false;
+  } finally {
+    await client.close().catch(() => void 0);
+  }
+}
+async function ensureSharedRemoteConnection(sandbox, previewUrl) {
+  const key = sandbox;
+  const existing = sharedRemoteConnectionBySandbox.get(key);
+  if (existing) {
+    try {
+      const connection = await existing;
+      await connection.connection.waitForConnection(1e3);
+      return connection;
+    } catch {
+      try {
+        const stale = await existing;
+        await stale.connection.close().catch(() => void 0);
+      } catch {
+      }
+      sharedRemoteConnectionBySandbox.delete(key);
+    }
+  }
+  const created = (async () => {
+    const url = toSharedHostWebSocketUrl(previewUrl);
+    const connection = await connectRemoteTransport(url);
+    return { previewUrl, connection };
+  })();
+  sharedRemoteConnectionBySandbox.set(key, created);
+  try {
+    return await created;
+  } catch (error) {
+    sharedRemoteConnectionBySandbox.delete(key);
+    throw error;
+  }
+}
+async function ensureRemoteRelay(request, prepared) {
+  const sandbox = request.options.sandbox;
+  await sandbox.openPort(REMOTE_SDK_RELAY_PORT);
+  const previewUrl = await sandbox.getPreviewLink(REMOTE_SDK_RELAY_PORT);
+  if (await canConnectToRemoteRelay(previewUrl)) {
+    return {
+      relayPort: REMOTE_SDK_RELAY_PORT,
+      relayPath: REMOTE_SDK_RELAY_PATH,
+      previewUrl
+    };
+  }
+  await prepared.target.writeArtifact({
+    path: REMOTE_SDK_RELAY_PATH,
+    content: createRemoteSdkRelayScript()
+  });
+  const relayLogPath = "/tmp/agentbox/claude-code/relay.log";
+  const relayHandle = await sandbox.runAsync(
+    [
+      `mkdir -p ${shellQuote(path8.posix.dirname(REMOTE_SDK_RELAY_PATH))}`,
+      `mkdir -p ${shellQuote(path8.posix.dirname(relayLogPath))}`,
+      `node ${shellQuote(REMOTE_SDK_RELAY_PATH)} ${shellQuote(String(REMOTE_SDK_RELAY_PORT))} > ${shellQuote(relayLogPath)} 2>&1`
+    ].join(" && "),
+    {
+      cwd: request.options.cwd,
+      env: { ...prepared.env, IS_SANDBOX: "1" }
+    }
+  );
+  let relayExit;
+  void relayHandle.wait().then((result) => {
+    relayExit = result;
+  }).catch((error) => {
+    relayExit = error;
+  });
+  const startedAt = Date.now();
+  while (Date.now() - startedAt < 3e4) {
+    if (await canConnectToRemoteRelay(previewUrl)) {
+      return {
+        relayPort: REMOTE_SDK_RELAY_PORT,
+        relayPath: REMOTE_SDK_RELAY_PATH,
+        previewUrl,
+        handle: relayHandle
+      };
+    }
+    if (relayExit !== void 0) {
+      break;
+    }
+    await sleep(250);
+  }
+  await relayHandle.kill().catch(() => void 0);
+  throw new Error(`Timed out waiting for Claude relay on ${previewUrl}.`);
+}
+async function createLocalRuntime(request, prepared) {
+  const sandboxProvider = request.options.sandbox?.provider;
+  const transport = new SdkWsServer({
+    host: sandboxProvider === "local-docker" ? "0.0.0.0" : "127.0.0.1"
+  });
+  await transport.start();
+  const args = prepared.buildArgs(buildLocalSdkUrl(transport, sandboxProvider));
+  if (request.options.sandbox) {
+    const handle = await request.options.sandbox.runAsync(
+      [request.options.provider?.binary ?? "claude", ...args],
+      {
+        cwd: request.options.cwd,
+        env: {
+          ...prepared.env
+        },
+        pty: true
+      }
+    );
+    return {
+      transport,
+      cleanup: async () => {
+        await handle.kill();
+        await transport.close();
+        await prepared.target.cleanup();
+      },
+      raw: { transport, handle, layout: prepared.target.layout },
+      initializeRequest: prepared.initializeRequest
+    };
+  }
+  const processHandle = spawnCommand({
+    command: request.options.provider?.binary ?? "claude",
+    args,
+    cwd: request.options.cwd,
+    env: {
+      ...process.env,
+      ...prepared.env
+    }
+  });
+  return {
+    transport,
+    cleanup: async () => {
+      await processHandle.kill();
+      await transport.close();
+      await prepared.target.cleanup();
+    },
+    raw: { transport, processHandle, layout: prepared.target.layout },
+    initializeRequest: prepared.initializeRequest
+  };
+}
+async function createRemoteSandboxRuntime(request, prepared) {
+  const sandbox = request.options.sandbox;
+  const relay = await ensureRemoteRelay(request, prepared);
+  const args = prepared.buildArgs(
+    toClaudeRelayUrl(relay.relayPort, request.runId)
+  );
+  const handle = await sandbox.runAsync(
+    [request.options.provider?.binary ?? "claude", ...args],
+    {
+      cwd: request.options.cwd,
+      env: { ...prepared.env, IS_SANDBOX: "1" },
+      pty: true
+    }
+  );
+  const sharedConnection = await ensureSharedRemoteConnection(
+    sandbox,
+    relay.previewUrl
+  );
+  const transport = sharedConnection.connection.createChannel(request.runId);
+  return {
+    transport,
+    cleanup: async () => {
+      await handle.kill().catch(() => void 0);
+      await transport.close().catch(() => void 0);
+      await prepared.target.cleanup();
+    },
+    raw: { transport, handle, relay, layout: prepared.target.layout },
+    initializeRequest: prepared.initializeRequest
+  };
+}
+async function createRuntime(request) {
+  if (request.options.sandbox && request.options.sandbox.provider !== "local-docker") {
+    await request.options.sandbox.openPort(REMOTE_SDK_RELAY_PORT);
+    const prepared2 = await prepareClaudeRuntime(request);
+    return createRemoteSandboxRuntime(request, prepared2);
+  }
+  const prepared = await prepareClaudeRuntime(request);
+  return createLocalRuntime(request, prepared);
+}
+function buildDirectClaudeArgs(buildArgs, prompt) {
+  const args = buildArgs("ws://127.0.0.1:9/");
+  const directArgs = [];
+  for (let index = 0; index < args.length; index += 1) {
+    const current = args[index];
+    if (current === void 0) {
+      continue;
+    }
+    if (current === "--sdk-url" || current === "--input-format") {
+      index += 1;
+      continue;
+    }
+    directArgs.push(current);
+  }
+  if (!directArgs.includes("--verbose")) {
+    const printIndex = directArgs.indexOf("--print");
+    if (printIndex === -1) {
+      directArgs.unshift("--verbose");
+    } else {
+      directArgs.splice(printIndex + 1, 0, "--verbose");
+    }
+  }
+  const promptIndex = directArgs.lastIndexOf("-p");
+  if (promptIndex !== -1 && promptIndex + 1 < directArgs.length) {
+    directArgs[promptIndex + 1] = prompt;
+  } else {
+    directArgs.push("-p", prompt);
+  }
+  return directArgs;
+}
+var ClaudeCodeAgentAdapter = class {
+  async execute(request, sink) {
+    const inputParts = await validateProviderUserInput(
+      request.provider,
+      request.run.input
+    );
+    const userContent = mapToClaudeUserContent(inputParts);
+    if (request.options.sandbox?.provider === "e2b" && typeof userContent === "string" && !request.run.systemPrompt && !request.options.subAgents?.length) {
+      const prepared = await prepareClaudeRuntime(request);
+      const args = buildDirectClaudeArgs(prepared.buildArgs, userContent);
+      const handle = await request.options.sandbox.runAsync(
+        [request.options.provider?.binary ?? "claude", ...args],
+        {
+          cwd: request.options.cwd,
+          env: {
+            ...prepared.env,
+            IS_SANDBOX: "1"
+          },
+          timeoutMs: 0
+        }
+      );
+      sink.setRaw({
+        handle,
+        layout: prepared.target.layout,
+        mode: "e2b-direct"
+      });
+      sink.setAbort(async () => {
+        await handle.kill().catch(() => void 0);
+        await handle.wait().catch(() => void 0);
+        await prepared.target.cleanup().catch(() => void 0);
+      });
+      sink.emitEvent(
+        createNormalizedEvent("run.started", {
+          provider: request.provider,
+          runId: request.runId
+        })
+      );
+      const completion2 = new Promise((resolve, reject) => {
+        let accumulatedText2 = "";
+        async function* stdoutChunks() {
+          for await (const event of handle) {
+            if (event.type === "stdout" && event.chunk) {
+              yield event.chunk;
+            }
+          }
+        }
+        void (async () => {
+          for await (const line of linesFromTextChunks(stdoutChunks())) {
+            const trimmed = line.trim();
+            if (!trimmed) {
+              continue;
+            }
+            let message;
+            try {
+              message = JSON.parse(trimmed);
+            } catch {
+              continue;
+            }
+            sink.emitRaw(toRawEvent(request.runId, message, message.type));
+            if (message.type === "system" && message.subtype === "init") {
+              const sessionId2 = String(message.session_id ?? "");
+              if (sessionId2) {
+                sink.setSessionId(sessionId2);
+              }
+              sink.emitEvent(
+                createNormalizedEvent("message.started", {
+                  provider: request.provider,
+                  runId: request.runId
+                })
+              );
+              continue;
+            }
+            if (message.type === "stream_event") {
+              const delta = extractStreamDelta(message);
+              if (delta) {
+                accumulatedText2 += delta;
+                sink.emitEvent(
+                  createNormalizedEvent(
+                    "text.delta",
+                    {
+                      provider: request.provider,
+                      runId: request.runId
+                    },
+                    { delta }
+                  )
+                );
+              }
+              continue;
+            }
+            if (message.type === "assistant") {
+              const text = extractAssistantText(message);
+              if (text) {
+                accumulatedText2 = text;
+                sink.emitEvent(
+                  createNormalizedEvent(
+                    "text.delta",
+                    {
+                      provider: request.provider,
+                      runId: request.runId
+                    },
+                    { delta: text }
+                  )
+                );
+              }
+              sink.emitEvent(
+                createNormalizedEvent(
+                  "message.completed",
+                  {
+                    provider: request.provider,
+                    runId: request.runId
+                  },
+                  { text }
+                )
+              );
+              continue;
+            }
+            if (message.type === "result") {
+              if (String(message.subtype ?? "success") === "success") {
+                resolve({ text: accumulatedText2 });
+              } else {
+                reject(
+                  new Error(
+                    String(
+                      message.result ?? message.error ?? "Claude Code run failed."
+                    )
+                  )
+                );
+              }
+              return;
+            }
+            if (message.type === "auth_status" && message.authenticated === false) {
+              reject(
+                new Error("Claude Code reported an authentication failure.")
+              );
+              return;
+            }
+            if (message.type === "control_request") {
+              reject(
+                new Error(
+                  "Claude Code direct E2B mode does not yet support interactive control requests."
+                )
+              );
+              return;
+            }
+          }
+          const result = await handle.wait().catch((error) => error);
+          reject(
+            new Error(
+              result instanceof Error ? String(result) : "Claude Code direct E2B mode ended before returning a result."
+            )
+          );
+        })().catch(reject);
+      });
+      try {
+        const { text } = await completion2;
+        await handle.wait().catch(() => void 0);
+        sink.emitEvent(
+          createNormalizedEvent(
+            "run.completed",
+            { provider: request.provider, runId: request.runId },
+            { text }
+          )
+        );
+        sink.complete({ text });
+      } catch (error) {
+        await handle.kill().catch(() => void 0);
+        await handle.wait().catch(() => void 0);
+        sink.fail(error);
+      } finally {
+        await prepared.target.cleanup().catch(() => void 0);
+      }
+      return async () => {
+        await handle.kill().catch(() => void 0);
+        await handle.wait().catch(() => void 0);
+      };
+    }
+    const runtime = await createRuntime(request);
+    sink.setRaw(runtime.raw);
+    sink.setAbort(runtime.cleanup);
+    sink.emitEvent(
+      createNormalizedEvent("run.started", {
+        provider: request.provider,
+        runId: request.runId
+      })
+    );
+    let sessionId = "";
+    let accumulatedText = "";
+    let usedStreaming = false;
+    let pendingMessages = 1;
+    const autoApproveTools = shouldAutoApproveClaudeTools(request.options);
+    sink.onMessage(async (content) => {
+      pendingMessages++;
+      const parts = await validateProviderUserInput(request.provider, content);
+      const mapped = mapToClaudeUserContent(parts);
+      accumulatedText = "";
+      usedStreaming = false;
+      await runtime.transport.send({
+        type: "user",
+        message: { role: "user", content: mapped },
+        parent_tool_use_id: null,
+        session_id: sessionId || request.run.resumeSessionId || "",
+        uuid: randomUUID2()
+      });
+    });
+    const completion = new Promise((resolve, reject) => {
+      void (async () => {
+        for await (const message of runtime.transport.messages()) {
+          sink.emitRaw(toRawEvent(request.runId, message, message.type));
+          if (message.type === "system" && message.subtype === "init") {
+            sessionId = String(message.session_id ?? "");
+            if (sessionId) {
+              sink.setSessionId(sessionId);
+            }
+            continue;
+          }
+          if (message.type === "control_request" && message.request?.subtype === "can_use_tool") {
+            const requestId = String(message.request_id ?? "");
+            const requestPayload = message.request;
+            const response = autoApproveTools ? {
+              requestId,
+              decision: "allow"
+            } : await sink.requestPermission(
+              createClaudePermissionEvent(request, message)
+            );
+            if (response.decision === "allow") {
+              sink.emitEvent(
+                createNormalizedEvent(
+                  "tool.call.started",
+                  {
+                    provider: request.provider,
+                    runId: request.runId
+                  },
+                  {
+                    toolName: String(requestPayload.tool_name ?? "tool"),
+                    callId: requestId,
+                    input: requestPayload.input
+                  }
+                )
+              );
+            }
+            await runtime.transport.send({
+              type: "control_response",
+              response: {
+                subtype: "success",
+                request_id: requestId,
+                response: response.decision === "allow" ? {
+                  behavior: "allow",
+                  updatedInput: requestPayload.input
+                } : {
+                  behavior: "deny",
+                  message: "User denied this action."
+                }
+              }
+            });
+            continue;
+          }
+          if (message.type === "stream_event") {
+            const delta = extractStreamDelta(message);
+            if (delta) {
+              usedStreaming = true;
+              accumulatedText += delta;
+              sink.emitEvent(
+                createNormalizedEvent(
+                  "text.delta",
+                  {
+                    provider: request.provider,
+                    runId: request.runId
+                  },
+                  {
+                    delta
+                  }
+                )
+              );
+            }
+            continue;
+          }
+          if (message.type === "assistant") {
+            const text = extractAssistantText(message);
+            if (!usedStreaming && text) {
+              accumulatedText = text;
+              sink.emitEvent(
+                createNormalizedEvent(
+                  "text.delta",
+                  {
+                    provider: request.provider,
+                    runId: request.runId
+                  },
+                  {
+                    delta: text
+                  }
+                )
+              );
+            }
+            sink.emitEvent(
+              createNormalizedEvent(
+                "message.completed",
+                {
+                  provider: request.provider,
+                  runId: request.runId
+                },
+                {
+                  text
+                }
+              )
+            );
+            continue;
+          }
+          if (message.type === "result") {
+            const subtype = String(message.subtype ?? "success");
+            if (subtype === "success") {
+              pendingMessages--;
+              if (pendingMessages <= 0) {
+                resolve({ text: accumulatedText });
+                return;
+              }
+              continue;
+            } else {
+              reject(
+                new Error(
+                  String(
+                    message.result ?? message.error ?? "Claude Code run failed."
+                  )
+                )
+              );
+            }
+            return;
+          }
+          if (message.type === "auth_status" && message.authenticated === false) {
+            reject(
+              new Error("Claude Code reported an authentication failure.")
+            );
+            return;
+          }
+        }
+        reject(new Error("Claude Code transport closed before run completed."));
+      })().catch(reject);
+    });
+    try {
+      await runtime.transport.waitForConnection(3e4);
+      if (runtime.initializeRequest) {
+        const response = await runtime.transport.request(
+          runtime.initializeRequest
+        );
+        sink.emitRaw(
+          toRawEvent(request.runId, response, "control_response:initialize")
+        );
+      }
+      await runtime.transport.send({
+        type: "user",
+        message: {
+          role: "user",
+          content: userContent
+        },
+        parent_tool_use_id: null,
+        session_id: request.run.resumeSessionId ?? "",
+        uuid: randomUUID2()
+      });
+      sink.emitEvent(
+        createNormalizedEvent("message.started", {
+          provider: request.provider,
+          runId: request.runId
+        })
+      );
+      const { text } = await completion;
+      sink.emitEvent(
+        createNormalizedEvent(
+          "run.completed",
+          {
+            provider: request.provider,
+            runId: request.runId
+          },
+          {
+            text
+          }
+        )
+      );
+      sink.complete({ text });
+    } finally {
+      await runtime.cleanup().catch(() => void 0);
+    }
+    return async () => void 0;
+  }
+};
+
+// src/agents/providers/codex.ts
+import path9 from "path";
+
+// src/agents/transports/app-server.ts
+import { createParser } from "eventsource-parser";
+import { WebSocket as WebSocket2 } from "ws";
+async function fetchJson(url, init) {
+  const response = await fetch(url, init);
+  if (!response.ok) {
+    throw new Error(`Request to ${url} failed with ${response.status}.`);
+  }
+  return await response.json();
+}
+async function* streamSse(url, init) {
+  const response = await fetch(url, init);
+  if (!response.ok || !response.body) {
+    throw new Error(`Could not open SSE stream at ${url}.`);
+  }
+  const queue = new AsyncQueue();
+  const parser = createParser({
+    onEvent(event) {
+      queue.push({
+        event: event.event || void 0,
+        id: event.id || void 0,
+        data: event.data
+      });
+    },
+    onError(error) {
+      queue.fail(error);
+    }
+  });
+  const reader = response.body.getReader();
+  const decoder = new TextDecoder();
+  void (async () => {
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) {
+          break;
+        }
+        parser.feed(decoder.decode(value, { stream: true }));
+      }
+      parser.feed(decoder.decode());
+      queue.finish();
+    } catch (error) {
+      queue.fail(error);
+    } finally {
+      reader.releaseLock();
+    }
+  })();
+  yield* queue;
+}
+async function connectJsonRpcWebSocket(url) {
+  const notifications = new AsyncQueue();
+  const socket = new WebSocket2(url);
+  await new Promise((resolve, reject) => {
+    const cleanup = () => {
+      socket.off("open", handleOpen);
+      socket.off("error", handleError);
+    };
+    const handleOpen = () => {
+      cleanup();
+      resolve();
+    };
+    const handleError = (error) => {
+      cleanup();
+      reject(error);
+    };
+    socket.once("open", handleOpen);
+    socket.once("error", handleError);
+  });
+  socket.on("message", (data) => {
+    notifications.push(data.toString());
+  });
+  socket.on("close", () => {
+    notifications.finish();
+  });
+  socket.on("error", (error) => {
+    notifications.fail(error);
+  });
+  return {
+    source: notifications,
+    send: async (line) => {
+      await new Promise((resolve, reject) => {
+        socket.send(line, (error) => {
+          if (error) {
+            reject(error);
+            return;
+          }
+          resolve();
+        });
+      });
+    },
+    close: async () => {
+      await new Promise((resolve) => {
+        if (socket.readyState === WebSocket2.CLOSED || socket.readyState === WebSocket2.CLOSING) {
+          resolve();
+          return;
+        }
+        socket.once("close", () => resolve());
+        socket.close();
+      });
+    },
+    raw: socket
+  };
+}
+var JsonRpcLineClient = class {
+  constructor(source, writeLine) {
+    this.writeLine = writeLine;
+    void this.consume(source);
+  }
+  writeLine;
+  pending = /* @__PURE__ */ new Map();
+  notifications = new AsyncQueue();
+  nextId = 1;
+  async request(method, params) {
+    const id = this.nextId++;
+    const response = new Promise((resolve, reject) => {
+      this.pending.set(id, {
+        resolve,
+        reject
+      });
+    });
+    await this.writeLine(JSON.stringify({ id, method, params }));
+    return response;
+  }
+  async notify(method, params) {
+    await this.writeLine(JSON.stringify({ method, params: params ?? {} }));
+  }
+  async respond(id, result) {
+    await this.writeLine(JSON.stringify({ id, result }));
+  }
+  async respondError(id, error) {
+    await this.writeLine(JSON.stringify({ id, error }));
+  }
+  async *messages() {
+    yield* this.notifications;
+  }
+  async consume(source) {
+    try {
+      for await (const line of source) {
+        if (!line.trim()) {
+          continue;
+        }
+        const message = JSON.parse(line);
+        if (typeof message.method === "string") {
+          this.notifications.push(message);
+          continue;
+        }
+        if (typeof message.id === "number") {
+          const pending = this.pending.get(message.id);
+          if (!pending) {
+            continue;
+          }
+          this.pending.delete(message.id);
+          if (message.error) {
+            pending.reject(message.error);
+          } else {
+            pending.resolve(message.result);
+          }
+          continue;
+        }
+      }
+      const closeError = new Error("JSON-RPC transport closed.");
+      for (const pending of this.pending.values()) {
+        pending.reject(closeError);
+      }
+      this.pending.clear();
+      this.notifications.finish();
+    } catch (error) {
+      for (const pending of this.pending.values()) {
+        pending.reject(error);
+      }
+      this.pending.clear();
+      this.notifications.fail(error);
+    }
+  }
+};
+
+// src/agents/providers/codex.ts
+var REMOTE_CODEX_APP_SERVER_PORT = 43181;
+var REMOTE_CODEX_APP_SERVER_ID = "shared-app-server";
+function compactEnv(values) {
+  return Object.fromEntries(
+    Object.entries(values).filter(([, value]) => value !== void 0)
+  );
+}
+function buildCodexSandboxMode(options) {
+  return options.sandbox ? "workspace-write" : "read-only";
+}
+function buildThreadParams(cwd, options, request) {
+  return {
+    cwd,
+    model: request.run.model ?? null,
+    approvalPolicy: isInteractiveApproval(options) ? "untrusted" : "never",
+    sandbox: buildCodexSandboxMode(options),
+    serviceName: "agentbox",
+    ephemeral: true,
+    experimentalRawEvents: true
+  };
+}
+function buildResumeParams(cwd, options, request) {
+  return {
+    threadId: request.run.resumeSessionId,
+    cwd,
+    model: request.run.model ?? null,
+    approvalPolicy: isInteractiveApproval(options) ? "untrusted" : "never",
+    sandbox: buildCodexSandboxMode(options)
+  };
+}
+function buildTurnSandboxPolicy(options) {
+  if (!options.sandbox) {
+    return void 0;
+  }
+  if (options.sandbox.provider === "local-docker") {
+    return {
+      type: "workspaceWrite",
+      networkAccess: true
+    };
+  }
+  return {
+    type: "externalSandbox",
+    networkAccess: "enabled"
+  };
+}
+function buildTurnCollaborationMode(request) {
+  if (!request.run.systemPrompt) {
+    return void 0;
+  }
+  return {
+    mode: "custom",
+    settings: {
+      developer_instructions: request.run.systemPrompt
+    }
+  };
+}
+function toRawEvent2(runId, payload, type) {
+  return {
+    provider: "codex",
+    runId,
+    type,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    payload
+  };
+}
+function shouldIgnoreCodexError(notification) {
+  if (notification.method !== "error") {
+    return false;
+  }
+  return notification.params?.willRetry === true;
+}
+function buildCodexCommandArgs(binary, args) {
+  return ["-u", "CODEX_HOME", "-u", "XDG_CONFIG_HOME", binary, ...args];
+}
+function toNormalizedCodexEvents(runId, notification) {
+  const base = {
+    provider: "codex",
+    runId,
+    raw: toRawEvent2(runId, notification, notification.method)
+  };
+  if (notification.method === "turn/started") {
+    return [createNormalizedEvent("message.started", base)];
+  }
+  if (notification.method === "item/completed") {
+    const item = notification.params?.item;
+    if (!item) {
+      return [];
+    }
+    if (item.type === "agentMessage" && typeof item.text === "string") {
+      return [
+        createNormalizedEvent("text.delta", base, { delta: item.text }),
+        createNormalizedEvent("message.completed", base, { text: item.text })
+      ];
+    }
+    if (item.type === "reasoning" && item.summary) {
+      return [
+        createNormalizedEvent("reasoning.delta", base, {
+          delta: typeof item.summary === "string" ? item.summary : JSON.stringify(item.summary)
+        })
+      ];
+    }
+    if (item.type === "commandExecution" || item.type === "dynamicToolCall" || item.type === "mcpToolCall" || item.type === "webSearch") {
+      return [
+        createNormalizedEvent("tool.call.completed", base, {
+          toolName: String(
+            item.tool ?? item.command ?? item.server ?? item.query ?? item.type
+          ),
+          callId: String(item.id ?? ""),
+          output: item
+        })
+      ];
+    }
+  }
+  if (notification.method === "item/started") {
+    const item = notification.params?.item;
+    if (item && (item.type === "commandExecution" || item.type === "dynamicToolCall" || item.type === "mcpToolCall" || item.type === "webSearch")) {
+      return [
+        createNormalizedEvent("tool.call.started", base, {
+          toolName: String(
+            item.tool ?? item.command ?? item.server ?? item.query ?? item.type
+          ),
+          callId: String(item.id ?? ""),
+          input: item
+        })
+      ];
+    }
+  }
+  if (notification.method === "turn/completed") {
+    const turn = notification.params?.turn;
+    const text = typeof turn?.lastAgentMessage === "string" ? turn.lastAgentMessage : void 0;
+    return [createNormalizedEvent("run.completed", base, { text })];
+  }
+  if (notification.method === "error") {
+    const error = notification.params?.error;
+    return [
+      createNormalizedEvent("run.error", base, {
+        error: String(error?.message ?? "Codex app-server error")
+      })
+    ];
+  }
+  return [];
+}
+function createCodexPermissionEvent(request, notification) {
+  const raw = toRawEvent2(request.runId, notification, notification.method);
+  const params = notification.params;
+  const requestId = notification.id;
+  if (!params || requestId === void 0) {
+    return null;
+  }
+  if (notification.method === "item/commandExecution/requestApproval") {
+    const networkContext = params.networkApprovalContext;
+    const availableDecisions = Array.isArray(params.availableDecisions) ? params.availableDecisions : [];
+    const title = networkContext ? "Approve network access" : "Approve command execution";
+    const message = typeof params.reason === "string" ? params.reason : typeof params.command === "string" ? params.command : void 0;
+    return createNormalizedEvent(
+      "permission.requested",
+      {
+        provider: request.provider,
+        runId: request.runId,
+        raw
+      },
+      {
+        requestId: String(requestId),
+        kind: networkContext ? "network" : "bash",
+        title,
+        message,
+        input: params,
+        canRemember: availableDecisions.includes("acceptForSession")
+      }
+    );
+  }
+  if (notification.method === "item/fileChange/requestApproval") {
+    const availableDecisions = Array.isArray(params.availableDecisions) ? params.availableDecisions : [];
+    return createNormalizedEvent(
+      "permission.requested",
+      {
+        provider: request.provider,
+        runId: request.runId,
+        raw
+      },
+      {
+        requestId: String(requestId),
+        kind: "file-change",
+        title: "Approve file changes",
+        message: typeof params.reason === "string" ? params.reason : "Codex wants to modify files.",
+        input: params,
+        canRemember: availableDecisions.includes("acceptForSession")
+      }
+    );
+  }
+  return null;
+}
+function toCodexApprovalDecision(notification, response) {
+  const params = notification.params ?? {};
+  const availableDecisions = Array.isArray(params.availableDecisions) ? params.availableDecisions : [];
+  const proposedExecpolicyAmendment = Array.isArray(
+    params.proposedExecpolicyAmendment
+  ) ? params.proposedExecpolicyAmendment.filter(
+    (part) => typeof part === "string"
+  ) : [];
+  if (response.decision === "deny") {
+    return availableDecisions.includes("decline") ? "decline" : "cancel";
+  }
+  if (response.remember && availableDecisions.includes("acceptForSession")) {
+    return "acceptForSession";
+  }
+  if (proposedExecpolicyAmendment.length > 0 && availableDecisions.some(
+    (decision) => typeof decision === "object" && decision !== null && "acceptWithExecpolicyAmendment" in decision
+  )) {
+    return {
+      acceptWithExecpolicyAmendment: {
+        execpolicy_amendment: proposedExecpolicyAmendment
+      }
+    };
+  }
+  return "accept";
+}
+function buildCodexSkillInputItems(skills) {
+  return skills.map((skill) => ({
+    type: "skill",
+    name: skill.name,
+    path: skill.skillFilePath
+  }));
+}
+function buildCodexPromptText(prompt, skills) {
+  if (skills.length === 0) {
+    return prompt;
+  }
+  return [
+    `Available skills for this run: ${skills.map((skill) => `$${skill.name}`).join(", ")}.`,
+    prompt
+  ].join("\n\n");
+}
+function codexImageExtension(mediaType) {
+  switch (mediaType) {
+    case "image/gif":
+      return ".gif";
+    case "image/jpeg":
+      return ".jpg";
+    case "image/png":
+      return ".png";
+    case "image/webp":
+      return ".webp";
+    default:
+      return ".img";
+  }
+}
+async function materializeCodexImage(target, part, index) {
+  if (part.source.type === "url") {
+    return part.source.url;
+  }
+  const imagePath = path9.join(
+    target.layout.rootDir,
+    "inputs",
+    `codex-image-${index}${codexImageExtension(part.mediaType)}`
+  );
+  const encodedPath = `${imagePath}.b64`;
+  await target.writeArtifact({
+    path: encodedPath,
+    content: part.source.data
+  });
+  await target.runCommand(
+    [
+      `mkdir -p ${shellQuote(path9.posix.dirname(imagePath))}`,
+      `(base64 --decode < ${shellQuote(encodedPath)} > ${shellQuote(imagePath)} || base64 -D < ${shellQuote(encodedPath)} > ${shellQuote(imagePath)})`,
+      `rm -f ${shellQuote(encodedPath)}`
+    ].join(" && ")
+  );
+  return imagePath;
+}
+async function ensureCodexLogin(request, target) {
+  const openAiApiKey = request.options.env?.OPENAI_API_KEY;
+  if (!openAiApiKey) {
+    return;
+  }
+  await target.runCommand(
+    'if [ -z "$OPENAI_API_KEY" ]; then exit 1; fi; printenv OPENAI_API_KEY | env -u CODEX_HOME -u XDG_CONFIG_HOME codex login --with-api-key >/dev/null 2>&1',
+    {
+      OPENAI_API_KEY: openAiApiKey
+    }
+  );
+}
+function toRemoteCodexWebSocketUrl(url) {
+  const parsed = new URL(url);
+  parsed.protocol = parsed.protocol === "https:" ? "wss:" : "ws:";
+  return parsed.toString();
+}
+async function connectRemoteCodexAppServer(url) {
+  const startedAt = Date.now();
+  let lastError;
+  while (Date.now() - startedAt < 3e4) {
+    try {
+      return await connectJsonRpcWebSocket(url);
+    } catch (error) {
+      lastError = error;
+      await sleep(250);
+    }
+  }
+  throw lastError ?? new Error(`Could not connect to Codex app-server at ${url}.`);
+}
+async function waitForInternalCodexReady(sandbox, port, cwd, env) {
+  const startedAt = Date.now();
+  while (Date.now() - startedAt < 6e4) {
+    const result = await sandbox.run(`curl -fsS http://127.0.0.1:${port}/readyz >/dev/null`, {
+      cwd,
+      env,
+      timeoutMs: 5e3
+    }).catch(() => void 0);
+    if (result?.exitCode === 0) {
+      return;
+    }
+    await sleep(250);
+  }
+  throw new Error(`Codex internal app-server did not become ready on ${port}.`);
+}
+async function createRuntime2(request, inputParts) {
+  const options = request.options;
+  const usesRemoteWebSocket = options.sandbox && options.sandbox.provider !== "local-docker";
+  const hooks = assertHooksSupported(request.provider, options);
+  assertCommandsSupported(request.provider, options.commands);
+  if (usesRemoteWebSocket && options.sandbox) {
+    const sandbox = options.sandbox;
+    await sandbox.openPort(REMOTE_CODEX_APP_SERVER_PORT);
+    const sharedTarget = await createRuntimeTarget(
+      request.provider,
+      REMOTE_CODEX_APP_SERVER_ID,
+      options
+    );
+    await ensureCodexLogin(request, sharedTarget);
+    const env2 = compactEnv({
+      ...options.env ?? {},
+      ...sharedTarget.env,
+      ...options.provider?.env ?? {}
+    });
+    const serverCwd = sharedTarget.layout.rootDir;
+    const previewUrl = await sandbox.getPreviewLink(
+      REMOTE_CODEX_APP_SERVER_PORT
+    );
+    const {
+      artifacts: subAgentArtifacts2,
+      agentSections: agentSections2,
+      enableMultiAgent: enableMultiAgent2
+    } = buildCodexSubagentArtifacts(options.subAgents, sharedTarget.layout);
+    const serverArtifacts = [...subAgentArtifacts2];
+    const hooksFile2 = buildCodexHooksFile(hooks);
+    const configToml2 = buildCodexConfigToml(
+      options.mcps,
+      agentSections2,
+      Boolean(hooksFile2)
+    );
+    if (configToml2) {
+      serverArtifacts.push({
+        path: path9.join(sharedTarget.layout.codexDir, "config.toml"),
+        content: configToml2
+      });
+    }
+    if (hooksFile2) {
+      serverArtifacts.push({
+        path: path9.join(sharedTarget.layout.codexDir, "hooks.json"),
+        content: JSON.stringify(hooksFile2, null, 2)
+      });
+    }
+    for (const artifact of serverArtifacts) {
+      await sharedTarget.writeArtifact(artifact);
+    }
+    const configArgs2 = [];
+    configArgs2.push("-c", `features.multi_agent=${enableMultiAgent2}`);
+    const binary = options.provider?.binary ?? "codex";
+    const pidFilePath = path9.posix.join(
+      sharedTarget.layout.rootDir,
+      "codex-app-server.pid"
+    );
+    const logFilePath = path9.posix.join(
+      sharedTarget.layout.rootDir,
+      "codex-app-server.log"
+    );
+    const launchResult = await sandbox.run(
+      [
+        `mkdir -p ${shellQuote(sharedTarget.layout.rootDir)}`,
+        `if curl -fsS http://127.0.0.1:${REMOTE_CODEX_APP_SERVER_PORT}/readyz >/dev/null 2>&1; then exit 0; fi`,
+        `if [ -f ${shellQuote(pidFilePath)} ]; then kill "$(cat ${shellQuote(pidFilePath)})" >/dev/null 2>&1 || true; rm -f ${shellQuote(pidFilePath)}; fi`,
+        `(${[
+          `nohup ${[
+            "env",
+            ...buildCodexCommandArgs(binary, [
+              ...configArgs2,
+              "app-server",
+              "--listen",
+              `ws://0.0.0.0:${REMOTE_CODEX_APP_SERVER_PORT}`
+            ])
+          ].map(shellQuote).join(" ")} > ${shellQuote(logFilePath)} 2>&1 &`,
+          `echo $! > ${shellQuote(pidFilePath)}`
+        ].join(" ")})`
+      ].join(" && "),
+      {
+        cwd: serverCwd,
+        env: env2
+      }
+    );
+    if (launchResult.exitCode !== 0) {
+      throw new Error(
+        `Could not start Codex app-server: ${launchResult.combinedOutput || launchResult.stderr}`
+      );
+    }
+    await waitForInternalCodexReady(
+      sandbox,
+      REMOTE_CODEX_APP_SERVER_PORT,
+      serverCwd,
+      env2
+    );
+    const target2 = await createRuntimeTarget(
+      request.provider,
+      request.runId,
+      options
+    );
+    try {
+      const {
+        artifacts: skillArtifacts2,
+        installCommands: installCommands2,
+        preparedSkills: preparedSkills2
+      } = await prepareSkillArtifacts(
+        request.provider,
+        options.skills,
+        target2.layout
+      );
+      for (const artifact of skillArtifacts2) {
+        await target2.writeArtifact(artifact);
+      }
+      await installSkills(target2, installCommands2);
+      const textPrompt2 = joinTextParts(
+        inputParts.filter(
+          (part) => part.type === "text"
+        )
+      );
+      const codexPromptText2 = buildCodexPromptText(textPrompt2, preparedSkills2);
+      const inputItems2 = [];
+      if (codexPromptText2.trim().length > 0) {
+        inputItems2.push({
+          type: "text",
+          text: codexPromptText2,
+          text_elements: []
+        });
+      }
+      inputItems2.push(
+        ...await mapToCodexPromptParts(
+          inputParts,
+          async (part, index) => materializeCodexImage(target2, part, index)
+        )
+      );
+      inputItems2.push(...buildCodexSkillInputItems(preparedSkills2));
+      const transport = await connectRemoteCodexAppServer(
+        toRemoteCodexWebSocketUrl(previewUrl)
+      );
+      return {
+        source: transport.source,
+        writeLine: transport.send,
+        cleanup: async () => {
+          await transport?.close().catch(() => void 0);
+          await target2.cleanup().catch(() => void 0);
+        },
+        raw: {
+          transport: transport.raw,
+          previewUrl,
+          port: REMOTE_CODEX_APP_SERVER_PORT,
+          serverLayout: sharedTarget.layout,
+          layout: target2.layout
+        },
+        inputItems: inputItems2,
+        turnStartOverrides: buildTurnCollaborationMode(request)
+      };
+    } catch (error) {
+      await target2.cleanup().catch(() => void 0);
+      throw error;
+    }
+  }
+  const target = await createRuntimeTarget(
+    request.provider,
+    request.runId,
+    options
+  );
+  try {
+    await ensureCodexLogin(request, target);
+  } catch (error) {
+    await target.cleanup().catch(() => void 0);
+    throw error;
+  }
+  const env = compactEnv({
+    ...options.env ?? {},
+    ...target.env,
+    ...options.provider?.env ?? {}
+  });
+  const runtimeCwd = target.layout.rootDir;
+  const {
+    artifacts: skillArtifacts,
+    installCommands,
+    preparedSkills
+  } = await prepareSkillArtifacts(
+    request.provider,
+    options.skills,
+    target.layout
+  );
+  const {
+    artifacts: subAgentArtifacts,
+    agentSections,
+    enableMultiAgent
+  } = buildCodexSubagentArtifacts(options.subAgents, target.layout);
+  const artifacts = [...skillArtifacts, ...subAgentArtifacts];
+  const hooksFile = buildCodexHooksFile(hooks);
+  const configToml = buildCodexConfigToml(
+    options.mcps,
+    agentSections,
+    Boolean(hooksFile)
+  );
+  if (configToml) {
+    artifacts.push({
+      path: path9.join(target.layout.codexDir, "config.toml"),
+      content: configToml
+    });
+  }
+  if (hooksFile) {
+    artifacts.push({
+      path: path9.join(target.layout.codexDir, "hooks.json"),
+      content: JSON.stringify(hooksFile, null, 2)
+    });
+  }
+  let instructionsFilePath;
+  if (request.run.systemPrompt) {
+    instructionsFilePath = path9.join(
+      target.layout.codexDir,
+      "prompts",
+      "agentbox-system.md"
+    );
+    artifacts.push({
+      path: instructionsFilePath,
+      content: request.run.systemPrompt
+    });
+  }
+  for (const artifact of artifacts) {
+    await target.writeArtifact(artifact);
+  }
+  await installSkills(target, installCommands);
+  const configArgs = [];
+  if (instructionsFilePath) {
+    configArgs.push(
+      "-c",
+      `model_instructions_file=${JSON.stringify(instructionsFilePath)}`
+    );
+  }
+  configArgs.push("-c", `features.multi_agent=${enableMultiAgent}`);
+  const textPrompt = joinTextParts(
+    inputParts.filter(
+      (part) => part.type === "text"
+    )
+  );
+  const codexPromptText = buildCodexPromptText(textPrompt, preparedSkills);
+  const inputItems = [];
+  if (codexPromptText.trim().length > 0) {
+    inputItems.push({
+      type: "text",
+      text: codexPromptText,
+      text_elements: []
+    });
+  }
+  inputItems.push(
+    ...await mapToCodexPromptParts(
+      inputParts,
+      async (part, index) => materializeCodexImage(target, part, index)
+    )
+  );
+  inputItems.push(...buildCodexSkillInputItems(preparedSkills));
+  if (options.sandbox) {
+    const handle = await options.sandbox.runAsync(
+      [
+        "env",
+        ...buildCodexCommandArgs(options.provider?.binary ?? "codex", [
+          ...configArgs,
+          "app-server"
+        ])
+      ],
+      {
+        cwd: runtimeCwd,
+        env
+      }
+    );
+    if (!handle.write) {
+      throw new Error(
+        "The selected sandbox does not expose an interactive stdin channel for Codex."
+      );
+    }
+    async function* stdoutLines() {
+      async function* stdoutChunks() {
+        for await (const event of handle) {
+          if (event.type === "stdout" && event.chunk) {
+            yield event.chunk;
+          }
+        }
+      }
+      yield* linesFromTextChunks(stdoutChunks());
+    }
+    return {
+      source: stdoutLines(),
+      writeLine: async (line) => {
+        await handle.write?.(`${line}
+`);
+      },
+      cleanup: async () => {
+        await handle.kill();
+        await target.cleanup();
+      },
+      raw: { handle, layout: target.layout },
+      inputItems
+    };
+  }
+  const processHandle = spawnCommand({
+    command: "env",
+    args: buildCodexCommandArgs(options.provider?.binary ?? "codex", [
+      ...configArgs,
+      "app-server"
+    ]),
+    cwd: runtimeCwd,
+    env: {
+      ...process.env,
+      ...env
+    }
+  });
+  return {
+    source: linesFromNodeStream(processHandle.child.stdout),
+    writeLine: async (line) => {
+      processHandle.child.stdin.write(`${line}
+`);
+    },
+    cleanup: async () => {
+      await processHandle.kill();
+      await target.cleanup();
+    },
+    raw: { processHandle, layout: target.layout },
+    inputItems
+  };
+}
+var CodexAgentAdapter = class {
+  async execute(request, sink) {
+    const inputParts = await validateProviderUserInput(
+      request.provider,
+      request.run.input
+    );
+    const runtime = await createRuntime2(request, inputParts);
+    sink.setRaw(runtime.raw);
+    sink.setAbort(runtime.cleanup);
+    sink.emitEvent(
+      createNormalizedEvent("run.started", {
+        provider: request.provider,
+        runId: request.runId
+      })
+    );
+    const client = runtime.client ?? new JsonRpcLineClient(
+      runtime.source,
+      runtime.writeLine
+    );
+    const interactiveApproval = isInteractiveApproval(request.options);
+    let rootThreadId;
+    let turnId;
+    let pendingTurns = 1;
+    const sendTurn = async (content) => {
+      if (!rootThreadId) {
+        throw new Error("Cannot send message before thread is started.");
+      }
+      const parts = normalizeUserInput(content);
+      const text = parts.filter((p) => p.type === "text").map((p) => p.text).join("");
+      const inputItems = [];
+      if (text.trim().length > 0) {
+        inputItems.push({ type: "text", text, text_elements: [] });
+      }
+      pendingTurns++;
+      const sandboxPolicy = buildTurnSandboxPolicy(request.options);
+      await client.request("turn/start", {
+        threadId: rootThreadId,
+        input: inputItems,
+        approvalPolicy: isInteractiveApproval(request.options) ? "untrusted" : "never",
+        ...sandboxPolicy ? { sandboxPolicy } : {},
+        model: request.run.model ?? null,
+        effort: null,
+        outputSchema: null
+      });
+    };
+    sink.onMessage(sendTurn);
+    const completion = new Promise((resolve, reject) => {
+      let finalText = "";
+      void (async () => {
+        for await (const message of client.messages()) {
+          const raw = toRawEvent2(request.runId, message, message.method);
+          sink.emitRaw(raw);
+          if (message.method === "tool/requestUserInput" && message.id !== void 0) {
+            reject(
+              new Error(
+                "Codex tool/requestUserInput approvals are not yet supported by AgentBox."
+              )
+            );
+            return;
+          }
+          const permissionEvent = createCodexPermissionEvent(request, message);
+          if (permissionEvent && message.id !== void 0) {
+            const response = interactiveApproval ? await sink.requestPermission(permissionEvent) : {
+              requestId: permissionEvent.requestId,
+              decision: "allow"
+            };
+            await client.respond(message.id, {
+              decision: toCodexApprovalDecision(message, response)
+            });
+            continue;
+          }
+          for (const event of toNormalizedCodexEvents(request.runId, message)) {
+            sink.emitEvent(event);
+            if (event.type === "text.delta") {
+              finalText += event.delta;
+            }
+          }
+          if (message.method === "thread/started" && !rootThreadId) {
+            rootThreadId = message.params?.thread?.id ?? rootThreadId;
+          }
+          if (message.method === "turn/started") {
+            turnId = message.params?.turn?.id ?? turnId;
+          }
+          if (message.method === "turn/completed" && (!message.params?.threadId || message.params.threadId === rootThreadId)) {
+            pendingTurns--;
+            if (pendingTurns <= 0) {
+              resolve({ text: finalText, turnId, threadId: rootThreadId });
+              return;
+            }
+          }
+          if (message.method === "error" && !shouldIgnoreCodexError(message)) {
+            reject(message);
+            return;
+          }
+        }
+        reject(new Error("Codex transport closed before run completed."));
+      })().catch(reject);
+    });
+    try {
+      if (!runtime.client) {
+        await client.request("initialize", {
+          clientInfo: {
+            title: "AgentBox",
+            name: "AgentBox",
+            version: "0.1.0"
+          },
+          capabilities: {
+            experimentalApi: true
+          }
+        });
+        await client.notify("initialized", {});
+      }
+      const cwd = request.options.cwd ?? process.cwd();
+      const threadResponse = request.run.resumeSessionId ? await client.request(
+        "thread/resume",
+        buildResumeParams(cwd, request.options, request)
+      ) : await client.request(
+        "thread/start",
+        buildThreadParams(cwd, request.options, request)
+      );
+      rootThreadId = threadResponse.thread.id;
+      if ("bindThread" in client && typeof client.bindThread === "function") {
+        client.bindThread(threadResponse.thread.id);
+      }
+      sink.setSessionId(threadResponse.thread.id);
+      sink.emitRaw(
+        toRawEvent2(
+          request.runId,
+          threadResponse,
+          request.run.resumeSessionId ? "thread/resume:result" : "thread/start:result"
+        )
+      );
+      const sandboxPolicy = buildTurnSandboxPolicy(request.options);
+      await client.request("turn/start", {
+        threadId: threadResponse.thread.id,
+        input: runtime.inputItems,
+        approvalPolicy: isInteractiveApproval(request.options) ? "untrusted" : "never",
+        ...sandboxPolicy ? { sandboxPolicy } : {},
+        ...runtime.turnStartOverrides ?? {},
+        model: request.run.model ?? null,
+        effort: null,
+        outputSchema: null
+      });
+      const { text } = await completion;
+      sink.complete({ text });
+    } finally {
+      await runtime.cleanup().catch(() => void 0);
+    }
+    return async () => void 0;
+  }
+};
+
+// src/agents/providers/opencode.ts
+import path10 from "path";
+var SANDBOX_OPENCODE_PORT = 4096;
+var SANDBOX_OPENCODE_READY_TIMEOUT_MS = 9e4;
+var SHARED_OPENCODE_TARGET_ID = "shared-opencode-server";
+function toRawEvent3(runId, payload, type) {
+  return {
+    provider: "opencode",
+    runId,
+    type,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    payload
+  };
+}
+function extractText(value) {
+  if (!value) {
+    return "";
+  }
+  if (typeof value === "string") {
+    return value;
+  }
+  if (Array.isArray(value)) {
+    return value.map(extractText).filter(Boolean).join("");
+  }
+  if (typeof value === "object") {
+    const record = value;
+    if (record.type === "text" && typeof record.text === "string") {
+      return record.text;
+    }
+    if (record.type === "reasoning") {
+      return "";
+    }
+    if (record.message) {
+      return extractText(record.message);
+    }
+    if (record.content) {
+      return extractText(record.content);
+    }
+    if (record.parts) {
+      return extractText(record.parts);
+    }
+    if (record.text) {
+      return extractText(record.text);
+    }
+  }
+  return "";
+}
+function toOpenCodeModel(model) {
+  if (!model) {
+    return void 0;
+  }
+  const slashIndex = model.indexOf("/");
+  if (slashIndex === -1) {
+    return { modelID: model };
+  }
+  const providerID = model.slice(0, slashIndex).trim();
+  const modelID = model.slice(slashIndex + 1).trim();
+  if (!providerID || !modelID) {
+    return { modelID: model };
+  }
+  return { providerID, modelID };
+}
+function buildOpenCodePermissionConfig(interactive) {
+  if (!interactive) {
+    return {
+      read: { "*": "allow" },
+      edit: "allow",
+      bash: "allow",
+      webfetch: "allow",
+      external_directory: "allow",
+      skill: { "*": "allow" },
+      task: "allow"
+    };
+  }
+  return {
+    read: { "*": "allow" },
+    edit: "ask",
+    bash: "ask",
+    webfetch: "ask",
+    external_directory: "ask",
+    skill: { "*": "allow" },
+    task: "ask"
+  };
+}
+function createOpenCodePermissionEvent(request, raw, payload) {
+  const properties = payload.properties ?? {};
+  const permission = String(properties.permission ?? "tool");
+  return createNormalizedEvent(
+    "permission.requested",
+    {
+      provider: request.provider,
+      runId: request.runId,
+      raw
+    },
+    {
+      requestId: String(properties.id ?? ""),
+      kind: permission === "bash" ? "bash" : permission === "edit" ? "edit" : permission === "external_directory" ? "file-change" : permission === "webfetch" ? "network" : permission === "task" ? "tool" : "unknown",
+      title: `Approve ${permission} permission`,
+      message: typeof properties.metadata === "object" && properties.metadata !== null ? JSON.stringify(properties.metadata) : `OpenCode requested ${permission} permission.`,
+      input: properties,
+      canRemember: Array.isArray(properties.always) && properties.always.length > 0
+    }
+  );
+}
+function buildOpenCodeConfig(request, interactiveApproval) {
+  const options = request.options;
+  const mcpConfig = buildOpenCodeMcpConfig(options.mcps);
+  const commandsConfig = buildOpenCodeCommandsConfig(options.commands);
+  return {
+    $schema: "https://opencode.ai/config.json",
+    ...mcpConfig ? { mcp: mcpConfig } : {},
+    ...commandsConfig ? { command: commandsConfig } : {},
+    agent: {
+      agentbox: {
+        mode: "primary",
+        prompt: request.run.systemPrompt ?? "",
+        permission: buildOpenCodePermissionConfig(interactiveApproval),
+        tools: {
+          write: true,
+          edit: true,
+          bash: true,
+          webfetch: true,
+          skill: true
+        }
+      },
+      ...buildOpenCodeSubagentConfig(options.subAgents)
+    }
+  };
+}
+async function ensureSandboxOpenCodeServer(request) {
+  const sandbox = request.options.sandbox;
+  const options = request.options;
+  const port = SANDBOX_OPENCODE_PORT;
+  await sandbox.openPort(port);
+  const healthCheck = await sandbox.run(
+    `curl -fsS http://127.0.0.1:${port}/global/health >/dev/null 2>&1`,
+    { cwd: options.cwd, timeoutMs: 5e3 }
+  );
+  if (healthCheck.exitCode === 0) {
+    const baseUrl2 = (await sandbox.getPreviewLink(port)).replace(/\/$/, "");
+    return {
+      baseUrl: baseUrl2,
+      cleanup: async () => {
+      },
+      raw: { baseUrl: baseUrl2, port, reused: true }
+    };
+  }
+  const plugins = assertHooksSupported(request.provider, options);
+  assertCommandsSupported(request.provider, options.commands);
+  const interactiveApproval = isInteractiveApproval(options);
+  const target = await createRuntimeTarget(
+    request.provider,
+    SHARED_OPENCODE_TARGET_ID,
+    options
+  );
+  const { artifacts: skillArtifacts, installCommands } = await prepareSkillArtifacts(
+    request.provider,
+    options.skills,
+    target.layout
+  );
+  const pluginArtifacts = buildOpenCodePluginArtifacts(
+    plugins,
+    target.layout.opencodeDir
+  );
+  for (const artifact of [...skillArtifacts, ...pluginArtifacts]) {
+    await target.writeArtifact(artifact);
+  }
+  const configPath = path10.join(target.layout.opencodeDir, "agentbox.json");
+  const openCodeConfig = buildOpenCodeConfig(request, interactiveApproval);
+  await target.writeArtifact({
+    path: configPath,
+    content: JSON.stringify(openCodeConfig, null, 2)
+  });
+  const commonEnv = {
+    OPENCODE_CONFIG: configPath,
+    OPENCODE_CONFIG_DIR: target.layout.opencodeDir,
+    OPENCODE_DISABLE_DEFAULT_PLUGINS: "true"
+  };
+  await installSkills(target, installCommands, commonEnv);
+  const binary = options.provider?.binary ?? "opencode";
+  const pidFilePath = path10.posix.join(
+    target.layout.rootDir,
+    "opencode-serve.pid"
+  );
+  const logFilePath = path10.posix.join(
+    target.layout.rootDir,
+    "opencode-serve.log"
+  );
+  const serveEnv = { ...options.env ?? {}, ...commonEnv };
+  const launchCommand = [
+    `mkdir -p ${shellQuote(target.layout.rootDir)}`,
+    `(${[
+      `nohup ${[
+        binary,
+        "serve",
+        "--hostname",
+        "0.0.0.0",
+        "--port",
+        String(port),
+        ...options.provider?.args ?? []
+      ].map(shellQuote).join(" ")} > ${shellQuote(logFilePath)} 2>&1 &`,
+      `echo $! > ${shellQuote(pidFilePath)}`
+    ].join(" ")})`
+  ].join(" && ");
+  const launchHandle = await sandbox.runAsync(launchCommand, {
+    cwd: options.cwd,
+    env: serveEnv
+  });
+  const launchResult = await launchHandle.wait();
+  if (launchResult.exitCode !== 0) {
+    await target.cleanup().catch(() => void 0);
+    throw new Error(
+      `Could not start OpenCode server: ${launchResult.combinedOutput || launchResult.stderr}`
+    );
+  }
+  const baseUrl = (await sandbox.getPreviewLink(port)).replace(/\/$/, "");
+  await waitForHttpReady(`${baseUrl}/global/health`, {
+    timeoutMs: SANDBOX_OPENCODE_READY_TIMEOUT_MS
+  });
+  return {
+    baseUrl,
+    cleanup: async () => {
+      await target.cleanup().catch(() => void 0);
+    },
+    raw: { pidFilePath, logFilePath, baseUrl, layout: target.layout, port }
+  };
+}
+async function createLocalRuntime2(request) {
+  const options = request.options;
+  const plugins = assertHooksSupported(request.provider, options);
+  assertCommandsSupported(request.provider, options.commands);
+  const interactiveApproval = isInteractiveApproval(options);
+  const target = await createRuntimeTarget(
+    request.provider,
+    request.runId,
+    options
+  );
+  const { artifacts: skillArtifacts, installCommands } = await prepareSkillArtifacts(
+    request.provider,
+    options.skills,
+    target.layout
+  );
+  const pluginArtifacts = buildOpenCodePluginArtifacts(
+    plugins,
+    target.layout.opencodeDir
+  );
+  for (const artifact of [...skillArtifacts, ...pluginArtifacts]) {
+    await target.writeArtifact(artifact);
+  }
+  const configPath = path10.join(target.layout.opencodeDir, "agentbox.json");
+  const openCodeConfig = buildOpenCodeConfig(request, interactiveApproval);
+  await target.writeArtifact({
+    path: configPath,
+    content: JSON.stringify(openCodeConfig, null, 2)
+  });
+  const commonEnv = {
+    OPENCODE_CONFIG: configPath,
+    OPENCODE_CONFIG_DIR: target.layout.opencodeDir,
+    OPENCODE_DISABLE_DEFAULT_PLUGINS: "true"
+  };
+  await installSkills(target, installCommands, commonEnv);
+  const hostPort = await getAvailablePort();
+  const processHandle = spawnCommand({
+    command: options.provider?.binary ?? "opencode",
+    args: [
+      "serve",
+      "--hostname",
+      "127.0.0.1",
+      "--port",
+      String(hostPort),
+      ...options.provider?.args ?? []
+    ],
+    cwd: options.cwd,
+    env: {
+      ...process.env,
+      ...options.env ?? {},
+      ...commonEnv
+    }
+  });
+  const baseUrl = `http://127.0.0.1:${hostPort}`;
+  await waitForHttpReady(`${baseUrl}/global/health`, { timeoutMs: 2e4 });
+  return {
+    baseUrl,
+    cleanup: async () => {
+      await processHandle.kill();
+      await target.cleanup();
+    },
+    raw: { processHandle, layout: target.layout }
+  };
+}
+async function createRuntime3(request) {
+  if (request.options.sandbox) {
+    return ensureSandboxOpenCodeServer(request);
+  }
+  return createLocalRuntime2(request);
+}
+var OpenCodeAgentAdapter = class {
+  async execute(request, sink) {
+    const inputParts = await validateProviderUserInput(
+      request.provider,
+      request.run.input
+    );
+    const runtime = await createRuntime3(request);
+    sink.setRaw(runtime.raw);
+    sink.setAbort(runtime.cleanup);
+    sink.emitEvent(
+      createNormalizedEvent("run.started", {
+        provider: request.provider,
+        runId: request.runId
+      })
+    );
+    const sseAbort = new AbortController();
+    let sseTask;
+    try {
+      const interactiveApproval = isInteractiveApproval(request.options);
+      const createdSession = request.run.resumeSessionId ? null : await fetchJson(
+        `${runtime.baseUrl}/session`,
+        {
+          method: "POST",
+          headers: { "content-type": "application/json" },
+          body: JSON.stringify({
+            title: `AgentBox ${request.runId}`
+          })
+        }
+      );
+      const sessionId = request.run.resumeSessionId ?? createdSession?.id ?? createdSession?.sessionId;
+      if (!sessionId) {
+        throw new Error("OpenCode did not return a session id.");
+      }
+      sseTask = (async () => {
+        try {
+          for await (const event of streamSse(`${runtime.baseUrl}/event`, {
+            signal: sseAbort.signal
+          })) {
+            let payload = event.data;
+            try {
+              payload = JSON.parse(event.data);
+            } catch {
+            }
+            const raw = toRawEvent3(
+              request.runId,
+              payload,
+              `sse:${event.event ?? "message"}`
+            );
+            sink.emitRaw(raw);
+            const eventType = typeof payload?.type === "string" ? String(payload.type) : event.event;
+            if (eventType === "permission.asked") {
+              const properties = payload.properties;
+              if (properties && typeof properties.sessionID === "string" && properties.sessionID === sessionId) {
+                const permissionEvent = createOpenCodePermissionEvent(
+                  request,
+                  raw,
+                  payload
+                );
+                const response2 = interactiveApproval ? await sink.requestPermission(permissionEvent) : {
+                  requestId: permissionEvent.requestId,
+                  decision: "allow"
+                };
+                await fetchJson(
+                  `${runtime.baseUrl}/session/${sessionId}/permissions/${permissionEvent.requestId}`,
+                  {
+                    method: "POST",
+                    headers: { "content-type": "application/json" },
+                    body: JSON.stringify({
+                      response: response2.decision === "allow" ? response2.remember ? "always" : "once" : "reject"
+                    })
+                  }
+                );
+              }
+              continue;
+            }
+            for (const normalized of normalizeRawAgentEvent(raw)) {
+              sink.emitEvent(normalized);
+            }
+          }
+        } catch {
+        }
+      })();
+      sink.onMessage(async () => {
+        console.warn(
+          "[agentbox] sendMessage is not yet supported for the opencode provider. Use resumeSessionId for follow-ups instead."
+        );
+      });
+      sink.setSessionId(sessionId);
+      sink.emitRaw(
+        toRawEvent3(
+          request.runId,
+          createdSession ?? { sessionId },
+          request.run.resumeSessionId ? "session.resumed" : "session.created"
+        )
+      );
+      sink.emitEvent(
+        createNormalizedEvent("message.started", {
+          provider: request.provider,
+          runId: request.runId
+        })
+      );
+      const response = await fetchJson(
+        `${runtime.baseUrl}/session/${sessionId}/message`,
+        {
+          method: "POST",
+          headers: { "content-type": "application/json" },
+          body: JSON.stringify({
+            ...request.run.model ? { model: toOpenCodeModel(request.run.model) } : {},
+            agent: "agentbox",
+            parts: mapToOpenCodeParts(inputParts)
+          })
+        }
+      );
+      const rawResponse = toRawEvent3(
+        request.runId,
+        response,
+        "message.response"
+      );
+      sink.emitRaw(rawResponse);
+      for (const event of normalizeRawAgentEvent(rawResponse)) {
+        sink.emitEvent(event);
+      }
+      const text = extractText(response);
+      if (text) {
+        sink.emitEvent(
+          createNormalizedEvent(
+            "text.delta",
+            {
+              provider: request.provider,
+              runId: request.runId
+            },
+            { delta: text }
+          )
+        );
+      }
+      sink.emitEvent(
+        createNormalizedEvent(
+          "run.completed",
+          {
+            provider: request.provider,
+            runId: request.runId
+          },
+          { text }
+        )
+      );
+      sseAbort.abort();
+      await sseTask;
+      sink.complete({ text });
+    } finally {
+      sseAbort.abort();
+      if (sseTask) {
+        await sseTask.catch(() => void 0);
+      }
+      await runtime.cleanup().catch(() => void 0);
+    }
+    return async () => void 0;
+  }
+};
+
+// src/agents/Agent.ts
+function buildAgentOptionsSystemAppendix(options) {
+  const sections = [];
+  if (options.mcps?.length) {
+    sections.push(
+      [
+        "Configured MCP servers are available for this run:",
+        ...options.mcps.map((mcp) => `- ${mcp.name}`)
+      ].join("\n")
+    );
+  }
+  if (options.skills?.length) {
+    sections.push(
+      [
+        "Configured skills are available for this run:",
+        ...options.skills.map((skill) => `- ${skill.name}`)
+      ].join("\n")
+    );
+  }
+  if (options.subAgents?.length) {
+    sections.push(
+      [
+        "Configured sub-agents are available for delegation:",
+        ...options.subAgents.map(
+          (subAgent) => `- ${subAgent.name}: ${subAgent.description}`
+        )
+      ].join("\n")
+    );
+  }
+  if (options.commands?.length) {
+    sections.push(
+      [
+        "Custom commands are installed for this environment:",
+        ...options.commands.map(
+          (command) => `- /${command.name}${command.description ? `: ${command.description}` : ""}`
+        )
+      ].join("\n")
+    );
+  }
+  return sections.length > 0 ? sections.join("\n\n") : void 0;
+}
+function buildRunConfig(options, runConfig) {
+  const appendix = buildAgentOptionsSystemAppendix(options);
+  const systemPrompt = [runConfig.systemPrompt, appendix].filter(Boolean).join("\n\n");
+  return {
+    ...runConfig,
+    ...systemPrompt ? { systemPrompt } : {}
+  };
+}
+function createAdapter(provider) {
+  switch (provider) {
+    case "codex":
+      return new CodexAgentAdapter();
+    case "opencode":
+      return new OpenCodeAgentAdapter();
+    case "claude-code":
+      return new ClaudeCodeAgentAdapter();
+    default:
+      throw new UnsupportedProviderError("agent", provider);
+  }
+}
+function prepareAgentOptions(provider, options) {
+  if (provider === "opencode") {
+    const openCodeOptions = options;
+    const port = 4096;
+    openCodeOptions.sandbox?.openPort(port);
+  }
+  return options;
+}
+var AgentRunController = class {
+  id;
+  provider;
+  sessionId;
+  raw;
+  sessionIdReady;
+  abortHandler = async () => void 0;
+  abortRequested = false;
+  eventQueue = new AsyncQueue();
+  rawQueue = new AsyncQueue();
+  events = [];
+  rawEventsList = [];
+  pendingPermissions = /* @__PURE__ */ new Map();
+  messageHandler;
+  text = "";
+  settled = false;
+  finished;
+  resolveSessionIdReady;
+  rejectSessionIdReady;
+  resolveFinished;
+  rejectFinished;
+  constructor(provider, id) {
+    this.provider = provider;
+    this.id = id;
+    let resolveFinished;
+    let rejectFinished;
+    let resolveSessionIdReady;
+    let rejectSessionIdReady;
+    this.finished = new Promise((resolve, reject) => {
+      resolveFinished = resolve;
+      rejectFinished = reject;
+    });
+    this.sessionIdReady = new Promise((resolve, reject) => {
+      resolveSessionIdReady = resolve;
+      rejectSessionIdReady = reject;
+    });
+    void this.sessionIdReady.catch(() => void 0);
+    this.resolveFinished = resolveFinished;
+    this.rejectFinished = rejectFinished;
+    this.resolveSessionIdReady = resolveSessionIdReady;
+    this.rejectSessionIdReady = rejectSessionIdReady;
+  }
+  setRaw(raw) {
+    this.raw = raw;
+  }
+  setAbort(abort) {
+    this.abortHandler = abort;
+    if (this.abortRequested) {
+      void abort();
+    }
+  }
+  setSessionId(sessionId) {
+    if (this.sessionId) {
+      return;
+    }
+    this.sessionId = sessionId;
+    this.resolveSessionIdReady(sessionId);
+  }
+  emitRaw(event) {
+    this.rawEventsList.push(event);
+    this.rawQueue.push(event);
+  }
+  pushEvent(event) {
+    this.events.push(event);
+    if (event.type === "text.delta") {
+      this.text += event.delta;
+    } else if ((event.type === "message.completed" || event.type === "run.completed") && event.text) {
+      this.text = event.text;
+    }
+    this.eventQueue.push(event);
+  }
+  emitEvent(event) {
+    this.pushEvent(event);
+  }
+  requestPermission(event) {
+    if (this.settled) {
+      throw new Error("Cannot request permission on a settled agent run.");
+    }
+    if (this.pendingPermissions.has(event.requestId)) {
+      throw new Error(
+        `Permission request ${event.requestId} is already pending for this run.`
+      );
+    }
+    const response = new Promise((resolve, reject) => {
+      this.pendingPermissions.set(event.requestId, {
+        event,
+        resolve,
+        reject
+      });
+    });
+    this.pushEvent(event);
+    return response;
+  }
+  onMessage(handler) {
+    this.messageHandler = handler;
+  }
+  async sendMessage(content) {
+    if (this.settled) {
+      throw new Error("Cannot send a message on a settled agent run.");
+    }
+    if (!this.messageHandler) {
+      throw new Error(
+        "This provider does not support sending messages during a run."
+      );
+    }
+    const textContent = normalizeUserInput(content).filter((p) => p.type === "text").map((p) => p.text).join("");
+    this.pushEvent(
+      createNormalizedEvent(
+        "message.injected",
+        { provider: this.provider, runId: this.id },
+        { content: textContent || "(non-text content)" }
+      )
+    );
+    await this.messageHandler(content);
+  }
+  async respondToPermission(response) {
+    const pending = this.pendingPermissions.get(response.requestId);
+    if (!pending) {
+      throw new Error(
+        `Permission request ${response.requestId} is not pending for this run.`
+      );
+    }
+    this.pendingPermissions.delete(response.requestId);
+    const remember = pending.event.canRemember ? response.remember : void 0;
+    const resolvedResponse = {
+      requestId: response.requestId,
+      decision: response.decision,
+      ...remember !== void 0 ? { remember } : {}
+    };
+    this.pushEvent(
+      createNormalizedEvent(
+        "permission.resolved",
+        {
+          provider: this.provider,
+          runId: this.id
+        },
+        {
+          requestId: response.requestId,
+          decision: response.decision,
+          ...remember !== void 0 ? { remember } : {}
+        }
+      )
+    );
+    pending.resolve(resolvedResponse);
+  }
+  clearPendingPermissions(error) {
+    for (const pending of this.pendingPermissions.values()) {
+      pending.reject(error);
+    }
+    this.pendingPermissions.clear();
+  }
+  complete(result) {
+    if (this.settled) {
+      return;
+    }
+    this.settled = true;
+    this.clearPendingPermissions(
+      new Error(
+        "Agent run completed before pending permission requests resolved."
+      )
+    );
+    if (result?.text) {
+      this.text = result.text;
+    }
+    this.eventQueue.finish();
+    this.rawQueue.finish();
+    if (!this.sessionId) {
+      const error = new Error(
+        "Agent run completed before a provider session id was set."
+      );
+      this.rejectSessionIdReady(error);
+      this.rejectFinished(error);
+      return;
+    }
+    this.resolveFinished({
+      id: this.id,
+      provider: this.provider,
+      sessionId: this.sessionId,
+      text: this.text,
+      rawEvents: [...this.rawEventsList],
+      events: [...this.events]
+    });
+  }
+  fail(error) {
+    if (this.settled) {
+      return;
+    }
+    const normalizedError = asError(error);
+    this.clearPendingPermissions(normalizedError);
+    this.emitEvent(
+      createNormalizedEvent(
+        "run.error",
+        {
+          provider: this.provider,
+          runId: this.id
+        },
+        {
+          error: normalizedError.message
+        }
+      )
+    );
+    this.settled = true;
+    this.eventQueue.finish();
+    this.rawQueue.finish();
+    if (!this.sessionId) {
+      this.rejectSessionIdReady(normalizedError);
+    }
+    this.rejectFinished(normalizedError);
+  }
+  async abort() {
+    this.abortRequested = true;
+    await this.abortHandler();
+  }
+  rawEvents() {
+    return this.rawQueue;
+  }
+  toAISDKEvents() {
+    return toAISDKStream(this);
+  }
+  [Symbol.asyncIterator]() {
+    return this.eventQueue[Symbol.asyncIterator]();
+  }
+};
+var Agent = class {
+  adapter;
+  provider;
+  options;
+  constructor(provider, options) {
+    this.provider = provider;
+    this.options = prepareAgentOptions(provider, options);
+    this.adapter = createAdapter(provider);
+  }
+  stream(runConfig) {
+    const runId = randomUUID3();
+    const run = new AgentRunController(this.provider, runId);
+    const request = {
+      runId,
+      provider: this.provider,
+      options: this.options,
+      run: buildRunConfig(this.options, runConfig)
+    };
+    void (async () => {
+      try {
+        const cleanup = await this.adapter.execute(request, run);
+        run.setAbort(async () => {
+          await cleanup();
+        });
+      } catch (error) {
+        run.fail(error);
+      }
+    })();
+    return run;
+  }
+  async run(runConfig) {
+    return this.stream(runConfig).finished;
+  }
+  rawEvents(runConfig) {
+    return this.stream(runConfig).rawEvents();
+  }
+};
+
+export {
+  Agent
+};