aiden-runtime 3.18.0 → 3.19.4

package/dist/core/agentLoop.js

@@ -37,6 +37,7 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.SEQUENTIAL_ONLY = exports.PARALLEL_SAFE = exports.NO_RETRY_TOOLS = exports.VALID_TOOLS = exports.ALLOWED_TOOLS = void 0;
 exports.interruptCurrentCall = interruptCurrentCall;
 exports.setStatusEmitter = setStatusEmitter;
 exports.getBudgetState = getBudgetState;
@@ -44,6 +45,7 @@ exports.surfaceRelevantMemories = surfaceRelevantMemories;
 exports.resolveTemplates = resolveTemplates;
 exports.streamOpenAIResponse = streamOpenAIResponse;
 exports.streamGeminiResponse = streamGeminiResponse;
+exports.resolveStreamingUrl = resolveStreamingUrl;
 exports.planWithLLM = planWithLLM;
 exports.validatePlan = validatePlan;
 exports.buildDependencyGroups = buildDependencyGroups;
@@ -72,6 +74,8 @@ const knowledgeBase_1 = require("./knowledgeBase");
 const skillTeacher_1 = require("./skillTeacher");
 const growthEngine_1 = require("./growthEngine");
 const aidenPersonality_1 = require("./aidenPersonality");
+const protectedContext_1 = require("./protectedContext");
+const contextHandoff_1 = require("./contextHandoff");
 const auditTrail_1 = require("./auditTrail");
 const mcpClient_1 = require("./mcpClient");
 const memoryRecall_1 = require("./memoryRecall");
@@ -87,14 +91,19 @@ const workflowTracker_1 = require("./workflowTracker");
 const parallelExecutor_1 = require("./parallelExecutor");
 const messageValidator_1 = require("./messageValidator");
 const toolNameRepair_1 = require("./toolNameRepair");
-const slashAsTool_1 = require("./slashAsTool");
+// SLASH_MIRROR_TOOL_NAMES import removed in Commit 4 — slash mirrors route
+// through slashAsTool.ts injection path, not the planner's allowed-tool list.
 const planResponseRepair_1 = require("./planResponseRepair");
+const actionVerbDetector_1 = require("./actionVerbDetector");
+const diagnosticError_1 = require("./diagnosticError");
 const nodeFs = __importStar(require("fs"));
 const nodePath = __importStar(require("path"));
 const nodeOs = __importStar(require("os"));
 // ── Pre-compact threshold ──────────────────────────────────────
 // Fire pre_compact hook when history has this many messages
 const COMPACT_THRESHOLD = 40;
+// Per-session soul hash for Option-B protected-context injection (responder).
+const soulHashBySession = new Map();
 // ── Interrupt / stop state ─────────────────────────────────────
 let currentAbortController = null;
 let executionInterrupted = false;
@@ -397,6 +406,7 @@ const OPENAI_COMPAT_ENDPOINTS = {
     nvidia: 'https://integrate.api.nvidia.com/v1/chat/completions',
     github: 'https://models.inference.ai.azure.com/v1/chat/completions',
     boa: 'https://api.bayofassets.com/v1/chat/completions',
+    mistral: 'https://api.mistral.ai/v1/chat/completions',
 };
 function buildHeaders(providerName, apiKey) {
     const headers = {
@@ -409,6 +419,56 @@ function buildHeaders(providerName, apiKey) {
     }
     return headers;
 }
+function extractChatMessageContent(content) {
+    if (typeof content === 'string')
+        return content;
+    if (!Array.isArray(content))
+        return '';
+    return content
+        .map((part) => {
+        if (typeof part === 'string')
+            return part;
+        if (part && typeof part === 'object' && 'text' in part) {
+            const text = part.text;
+            return typeof text === 'string' ? text : '';
+        }
+        return '';
+    })
+        .join('');
+}
+/**
+ * C9b: Resolve streaming URL for any provider — custom or known.
+ *
+ * Custom providers look up baseUrl from config; known providers
+ * use OPENAI_COMPAT_ENDPOINTS; unknown falls back to groq.
+ *
+ * Note: when multiple custom providers share the same API key
+ * (e.g. together-1 and together-deepseek both using
+ * TOGETHER_API_KEY), the first matching enabled entry wins.
+ * Consumers should not rely on which specific entry resolves
+ * if keys overlap.
+ */
+function resolveStreamingUrl(providerName, apiKey) {
+    if (OPENAI_COMPAT_ENDPOINTS[providerName])
+        return OPENAI_COMPAT_ENDPOINTS[providerName];
+    if (providerName === 'custom') {
+        const cfg = (0, index_1.loadConfig)();
+        const fromCustom = cfg.customProviders?.find((c) => c.enabled && c.apiKey === apiKey)?.baseUrl;
+        if (fromCustom)
+            return fromCustom;
+        const apiEntry = (cfg.providers?.apis ?? []).find((a) => {
+            if (a.provider !== 'custom' || !a.enabled || !a.baseUrl)
+                return false;
+            const resolved = a.key?.startsWith('env:')
+                ? (process.env[a.key.replace('env:', '')] || '')
+                : a.key;
+            return resolved === apiKey;
+        });
+        if (apiEntry?.baseUrl)
+            return apiEntry.baseUrl;
+    }
+    return OPENAI_COMPAT_ENDPOINTS.groq; // last resort
+}
 // ── Phase inference from tool steps ───────────────────────────
 // Groups consecutive steps of the same capability type into phases.
 function inferPhasesFromSteps(steps) {
@@ -570,7 +630,16 @@ async function racePlannerAPIs(promptText, topN = 2) {
         if (!a.enabled || a.rateLimited)
             continue;
         const k = a.key.startsWith('env:') ? (process.env[a.key.replace('env:', '')] || '') : a.key;
-        if (!k || !OPENAI_COMPAT_ENDPOINTS[a.provider])
+        if (!k)
+            continue;
+        if (a.provider === 'custom') {
+            // providers.apis entries with provider:'custom' supply their own baseUrl
+            if (!a.baseUrl)
+                continue;
+            candidates.push({ provider: 'custom', model: a.model, key: k, url: a.baseUrl, tier: a.tier ?? 50 });
+            continue;
+        }
+        if (!OPENAI_COMPAT_ENDPOINTS[a.provider])
             continue;
         candidates.push({ provider: a.provider, model: a.model, key: k, url: OPENAI_COMPAT_ENDPOINTS[a.provider], tier: a.tier ?? 50 });
     }
@@ -593,7 +662,7 @@ async function racePlannerAPIs(promptText, topN = 2) {
         if (!r.ok)
             throw new Error(`${entry.provider} ${r.status}`);
         const d = await r.json();
-        const text = d?.choices?.[0]?.message?.content || '';
+        const text = extractChatMessageContent(d?.choices?.[0]?.message?.content);
         if (!text.trim() || !text.includes('{'))
             throw new Error('no JSON');
         return text;
@@ -626,14 +695,24 @@ const COMPACTION_PROTECTED = [
 async function rebuildContextAfterCompaction(contextHistory) {
     const workspaceDir = nodePath.join(process.cwd(), 'workspace');
     const protectedContent = [];
-    // Read all protected files
+    // Use hash-cached manager — no previousHash so SOUL always injects in full.
+    const _pctx = protectedContext_1.protectedContextManager.getProtectedContext();
+    const _pctxBlock = (0, contextHandoff_1.buildProtectedContextBlock)(_pctx, undefined, 'compaction');
+    if (_pctxBlock)
+        protectedContent.push(_pctxBlock);
+    // Legacy per-file entries for any COMPACTION_PROTECTED files not covered above.
+    // (instincts.json is not in protectedContextManager — still read directly.)
     for (const filename of COMPACTION_PROTECTED) {
         try {
             const filepath = nodePath.join(workspaceDir, filename);
             if (nodeFs.existsSync(filepath)) {
                 const content = nodeFs.readFileSync(filepath, 'utf-8');
                 if (content.trim()) {
-                    protectedContent.push(`## ${filename}\n${content.trim()}`);
+                    // Skip the 5 files already in the protected block to avoid duplication.
+                    const skip = ['SOUL.md', 'USER.md', 'GOALS.md', 'STANDING_ORDERS.md', 'LESSONS.md'];
+                    if (!skip.includes(filename)) {
+                        protectedContent.push(`## ${filename}\n${content.trim()}`);
+                    }
                 }
             }
         }
@@ -669,6 +748,10 @@ async function rebuildContextAfterCompaction(contextHistory) {
     };
     return [protectedMessage, ...contextHistory];
 }
+// ── v3.19 Phase 1 Commit 4: derived from TOOL_REGISTRY — literal deleted ──────
+// Slash-mirror tools (status, analytics, etc.) are intentionally excluded here;
+// they route through the slashAsTool.ts injection path, not the planner.
+exports.ALLOWED_TOOLS = (0, toolRegistry_1.registryAllowedTools)();
 // ── STEP 1: planWithLLM ────────────────────────────────────────
 async function planWithLLM(message, history, apiKey, model, provider, memoryContext) {
     // ── Pre-compact hook — fire at multiples of COMPACT_THRESHOLD ─
@@ -709,33 +792,19 @@ async function planWithLLM(message, history, apiKey, model, provider, memoryCont
             console.warn(`[Recipe] Execution failed for ${recipeMatch.recipe.name}: ${err} — falling through to LLM planner`);
         }
     }
-    const ALLOWED_TOOLS = [
-        'web_search', 'fetch_page', 'open_browser', 'browser_extract',
-        'browser_click', 'browser_type', 'browser_screenshot', 'browser_scroll', 'browser_get_url',
-        'file_write', 'file_read',
-        'file_list', 'shell_exec', 'run_python', 'run_node',
-        'system_info', 'notify', 'deep_research', 'get_stocks',
-        'get_market_data', 'get_company_info', 'social_research',
-        'mouse_move', 'mouse_click', 'keyboard_type', 'keyboard_press',
-        'screenshot', 'screen_read', 'vision_loop', 'wait',
-        'code_interpreter_python', 'code_interpreter_node',
-        'clipboard_read', 'clipboard_write', 'window_list', 'window_focus',
-        'app_launch', 'app_close', 'system_volume',
-        'watch_folder', 'watch_folder_list',
-        'send_file_local', 'receive_file_local',
-        'get_briefing',
-        'respond',
-        'clarify', 'todo', 'cronjob', 'vision_analyze',
-        'voice_speak', 'voice_transcribe', 'voice_clone', 'voice_design',
-        'lookup_skill', 'lookup_tool_schema',
-        'spawn', 'spawn_subagent', 'swarm',
-        ...slashAsTool_1.SLASH_MIRROR_TOOL_NAMES,
-    ];
     // Sprint 13: append discovered MCP tools
     const mcpToolNames = mcpClient_1.mcpClient.getAllCachedTools().map(t => t.name);
     const allTools = mcpToolNames.length > 0
-        ? [...ALLOWED_TOOLS, ...mcpToolNames]
-        : ALLOWED_TOOLS;
+        ? [...exports.ALLOWED_TOOLS, ...mcpToolNames]
+        : exports.ALLOWED_TOOLS;
+    // Instant dispatch: deterministic single-tool plans that don't need the LLM planner
+    // TODO(v3.20): TEMPORARY — llama-3.3-70b ignores prompt rules and picks run_powershell for media
+    // queries even when now_playing is listed and flagged. Proper fix: redesign planner prompt so
+    // real-time state tools are reliably preferred. See docs/v3.20-candidates.md.
+    if (/\b(what|which).*(music|song|track|artist|playing)|now.?playing|currently playing|what('?s| is) (on|playing)/i.test(message)) {
+        console.log('[Planner] instant-dispatch → now_playing');
+        return { goal: message, requires_execution: true, plan: [{ step: 1, tool: 'now_playing', input: {}, description: 'Get currently playing media' }], phases: [] };
+    }
     // Dynamic tool loading — filter to relevant tools per task category
     // Reduces planner prompt from ~15K to ~3-5K tokens without losing capability.
     // Validation (line ~898) still uses full allTools — filtering is prompt-only.
@@ -823,12 +892,16 @@ SYSTEM CONTEXT — use these exact values for all file paths:
 IMPORTANT: NEVER use "C:\\Users\\Aiden" — "Aiden" is the AI assistant's name, NOT the Windows username. Always use "${_sysUsername}" as the username in any path.
 
 CRITICAL RULES:
+0. LIVE STATE OVERRIDE (takes priority over all other rules): queries about current music/media/song/track → requires_execution: true, tool: now_playing (no params). You CANNOT know this from training data. Never answer "I'll respond directly" for these.
+0b. MEMORY OPERATIONS (highest priority after rule 0): When the user says "remember X", "track X", "note X", "store X", "keep track of X", or any variant → requires_execution: true, tool: memory_store({ fact: "<the thing to remember>" }). When the user says "forget X", "remove X from memory", "delete X from memory" → requires_execution: true, tool: memory_forget({ fact: "<keyword to match>" }). NEVER use file_write or file_read for memory intents. memory_store/memory_forget write to Aiden's internal persistent memory (workspace/memory/records.jsonl). file_write is for user-visible files only.
 1. If the answer is in your training data (capitals, definitions, facts, opinions, advice) → requires_execution: false
 2. ONLY use tools when you need: live data, file operations, running code, or computer control
+   Live data includes: current music, system state, time, weather, stock prices — these are NEVER in training data
 3. AVAILABLE TOOLS (use ONLY these — name: one-liner):
 ${plannerTools.map(t => `  ${t}: ${toolRegistry_1.TOOL_NAMES_ONLY[t] ?? ''}`).join('\n')}
   For full parameter schema: call lookup_tool_schema({ toolName: "name" })
-  Tier-0 (no lookup needed): web_search, notify, lookup_skill, lookup_tool_schema, schedule_reminder, file_read, file_write, respond
+  Tier-0 (no lookup needed): web_search, notify, lookup_skill, lookup_tool_schema, schedule_reminder, file_read, file_write, respond, now_playing
+  Media rule: what is playing / current song / music → now_playing (zero params). NEVER use run_powershell for media state.
 4. DO NOT invent tools like "identify_top_3", "generate_report", "analyze" — these don't exist
 5. Processing/analysis happens in your response — NOT as a tool step
 6. NEVER use placeholders like "{{result}}" or "{output}" — steps must have real concrete inputs
@@ -1290,16 +1363,18 @@ Output ONLY valid JSON, nothing else:`;
         }
     }
     if (!parsed) {
-        console.warn('[Planner] All LLM attempts failed — respond fallback');
-        return {
-            goal: message,
+        // Don't return early — let FORCE_RESPOND_TEST hook and PlannerGuard process the fallback plan
+        console.warn('[Planner] All LLM attempts failed — respond fallback (going through guard)');
+        parsed = {
+            plan: [{ step: 1, tool: 'respond', input: { message: (0, diagnosticError_1.buildDiagnostic)({ tool: 'planner', error: 'All LLM attempts failed', retries: 3, suggestion: 'Provider chain may be rate-limited. Try again in 1–2 minutes or rephrase your request.' }) }, description: 'Fallback response' }],
             requires_execution: true,
-            plan: [{ step: 1, tool: 'respond', input: { message: "I'm not sure how to help with that right now. Could you rephrase your request?" }, description: 'Fallback response' }],
-            phases: [],
+            goal: message,
         };
     }
-    // Guard against null/empty plan object
-    if (!parsed.plan && !parsed.steps) {
+    // Guard against null/empty plan object — direct_response path bypasses guard (no action tools involved)
+    // C10: But NOT for action intents — "read X", "delete X", etc. must flow through
+    // PlannerGuard and respondWithResults so C6 CRITICAL RULES can fire.
+    if (!parsed.plan && !parsed.steps && !(0, actionVerbDetector_1.isActionIntent)(message)) {
         return {
             goal: message,
             requires_execution: false,
@@ -1393,30 +1468,97 @@ Output ONLY valid JSON, nothing else:`;
             console.warn(`[Planner] Retry failed: ${e.message}`);
         }
     }
+    // ── PlannerGuard: reject respond-only plans for action intents ──────────
+    const isRespondOnly = candidatePlan.plan.length === 1 && candidatePlan.plan[0].tool === 'respond';
+    if (isRespondOnly && (0, actionVerbDetector_1.isActionIntent)(message)) {
+        const verb = (0, actionVerbDetector_1.detectActionVerb)(message);
+        process.stderr.write(`[PlannerGuard] rejected respond-only plan for action intent: verb='${verb}' message='${message.slice(0, 60)}'\n`);
+        const guardRetryMessages = [
+            ...messages,
+            { role: 'assistant', content: JSON.stringify({ plan: candidatePlan.plan }).slice(0, 300) },
+            {
+                role: 'user',
+                content: `PLAN REJECTED: User intent is action (${verb}). You returned respond-only. Generate a plan with concrete tool calls.`,
+            },
+        ];
+        try {
+            const guardRetryRaw = await callLLM(guardRetryMessages.map(m => `${m.role}: ${m.content}`).join('\n'), curApiKey, curModel, curProvider);
+            const guardMatch = guardRetryRaw.replace(/```json\s*/g, '').replace(/```\s*/g, '').match(/\{[\s\S]*\}/);
+            if (!guardMatch) {
+                process.stderr.write(`[PlannerGuard] retry returned no JSON (providers exhausted) for verb='${verb}'\n`);
+                candidatePlan.plan = [];
+                candidatePlan.requires_execution = false;
+                candidatePlan.direct_response = (0, diagnosticError_1.buildDiagnostic)({
+                    tool: 'planner',
+                    error: 'Could not generate tool plan for action intent',
+                    retries: 1,
+                    suggestion: 'Provider chain may be rate-limited. Try again in 1–2 minutes or use a more specific instruction.',
+                });
+            }
+            if (guardMatch) {
+                const guardParsed = JSON.parse(guardMatch[0]);
+                const guardRawPlan = (guardParsed.plan || guardParsed.steps || []);
+                const guardValid = guardRawPlan.filter((s) => allTools.includes(s.tool));
+                const guardNorm = guardValid.map((s, idx) => ({
+                    step: s.step ?? (idx + 1),
+                    tool: s.tool || '',
+                    input: s.input || s.args || {},
+                    description: s.description || '',
+                }));
+                const guardOrdered = fixStepOrdering(guardNorm);
+                const stillRespondOnly = guardOrdered.length === 1 && guardOrdered[0].tool === 'respond';
+                if (guardOrdered.length > 0 && !stillRespondOnly) {
+                    candidatePlan.plan = guardOrdered;
+                    candidatePlan.requires_execution = true;
+                    process.stderr.write(`[PlannerGuard] retry succeeded: ${guardOrdered.length} tool step(s) for verb='${verb}'\n`);
+                }
+                else {
+                    process.stderr.write(`[PlannerGuard] retry still respond-only — emitting diagnostic for verb='${verb}'\n`);
+                    candidatePlan.plan = [];
+                    candidatePlan.requires_execution = false;
+                    candidatePlan.direct_response =
+                        `Planner failed to emit tool call for action intent after retry. User asked: '${message}'`;
+                }
+            }
+        }
+        catch (e) {
+            process.stderr.write(`[PlannerGuard] retry threw: ${e.message}\n`);
+        }
+    }
+    // ── MemoryGuard: override wrong-tool plans for memory intents ──────────────
+    // If the user said "remember/track/note/store X" but the planner chose a tool
+    // other than memory_store (e.g. file_write), force a memory_store plan.
+    // C11: Also handles forget intents → force memory_forget.
+    if ((0, actionVerbDetector_1.isMemoryIntent)(message)) {
+        if ((0, actionVerbDetector_1.isForgetIntent)(message)) {
+            // C11: Forget branch — force memory_forget
+            const usesMemoryForget = candidatePlan.plan.some(s => s.tool === 'memory_forget');
+            if (!usesMemoryForget) {
+                const verb = (0, actionVerbDetector_1.detectActionVerb)(message);
+                const fact = (0, actionVerbDetector_1.extractMemoryFact)(message);
+                process.stderr.write(`[MemoryGuard] overriding plan [${candidatePlan.plan.map(s => s.tool).join(',')}] → memory_forget for verb='${verb}'\n`);
+                candidatePlan.plan = [{ step: 1, tool: 'memory_forget', input: { fact }, description: 'Remove from permanent memory' }];
+                candidatePlan.requires_execution = true;
+            }
+        }
+        else {
+            // Store branch — force memory_store (original C5 logic)
+            const usesMemoryStore = candidatePlan.plan.some(s => s.tool === 'memory_store');
+            if (!usesMemoryStore) {
+                const verb = (0, actionVerbDetector_1.detectActionVerb)(message);
+                const fact = (0, actionVerbDetector_1.extractMemoryFact)(message);
+                process.stderr.write(`[MemoryGuard] overriding plan [${candidatePlan.plan.map(s => s.tool).join(',')}] → memory_store for verb='${verb}'\n`);
+                candidatePlan.plan = [{ step: 1, tool: 'memory_store', input: { fact }, description: 'Store to permanent memory' }];
+                candidatePlan.requires_execution = true;
+            }
+        }
+    }
     return candidatePlan;
 }
 // ── Plan validation ────────────────────────────────────────────
 // Called after planWithLLM — rejects structurally bad plans before execution.
-const VALID_TOOLS = [
-    'web_search', 'fetch_page', 'fetch_url', 'open_browser', 'browser_extract',
-    'browser_click', 'browser_type', 'browser_screenshot', 'browser_scroll', 'browser_get_url',
-    'file_write', 'file_read',
-    'file_list', 'shell_exec', 'run_python', 'run_node', 'run_powershell',
-    'system_info', 'notify', 'deep_research', 'get_stocks', 'run_agent', 'git_commit',
-    'git_push', 'get_market_data', 'get_company_info',
-    'mouse_move', 'mouse_click', 'keyboard_type', 'keyboard_press',
-    'screenshot', 'screen_read', 'vision_loop', 'wait',
-    'code_interpreter_python', 'code_interpreter_node',
-    'clipboard_read', 'clipboard_write', 'window_list', 'window_focus',
-    'app_launch', 'app_close', 'system_volume',
-    'watch_folder', 'watch_folder_list',
-    'send_file_local', 'receive_file_local',
-    'clarify', 'todo', 'cronjob', 'vision_analyze',
-    'voice_speak', 'voice_transcribe', 'voice_clone', 'voice_design',
-    'lookup_skill', 'lookup_tool_schema',
-    'spawn', 'spawn_subagent', 'swarm',
-    ...slashAsTool_1.SLASH_MIRROR_TOOL_NAMES,
-];
+// ── v3.19 Phase 1 Commit 4: derived from TOOL_REGISTRY — literal deleted ──────
+exports.VALID_TOOLS = (0, toolRegistry_1.registryValidTools)();
 function validatePlan(plan) {
     const errors = [];
     const warnings = [];
@@ -1425,8 +1567,8 @@ function validatePlan(plan) {
     }
     for (const step of plan.plan) {
         // Check tool name — attempt fuzzy repair before flagging as error
-        if (!VALID_TOOLS.includes(step.tool)) {
-            const repair = (0, toolNameRepair_1.repairToolName)(step.tool, VALID_TOOLS);
+        if (!exports.VALID_TOOLS.includes(step.tool)) {
+            const repair = (0, toolNameRepair_1.repairToolName)(step.tool, exports.VALID_TOOLS);
             if (repair) {
                 warnings.push(`Step ${step.step}: auto-repaired tool "${repair.original}" → "${repair.repaired}" (edit distance ${repair.distance})`);
                 console.log(`[ToolRepair] ↺ "${repair.original}" → "${repair.repaired}" (distance ${repair.distance})`);
@@ -1700,14 +1842,10 @@ function appendLesson(lesson) {
 }
 // ── executeToolWithRetry — step-level retry with exponential backoff ──
 // Tools that mutate state are excluded from retry to prevent double-execution.
-const NO_RETRY_TOOLS = new Set([
-    'shell_exec', 'run_python', 'run_node', 'notify',
-    'mouse_click', 'keyboard_type', 'keyboard_press',
-    'app_launch', 'app_close',
-    'open_browser', 'browser_extract', 'browser_screenshot', 'browser_click', 'browser_type', 'browser_scroll', 'browser_get_url',
-]);
+// ── v3.19 Phase 1 Commit 5: derived from TOOL_REGISTRY[retry=false] — literal deleted ──
+exports.NO_RETRY_TOOLS = (0, toolRegistry_1.registryNoRetrySet)();
 async function executeToolWithRetry(tool, input, maxRetries = 2) {
-    const retryable = !NO_RETRY_TOOLS.has(tool);
+    const retryable = !exports.NO_RETRY_TOOLS.has(tool);
     const effectiveMax = retryable ? maxRetries : 0;
     // ── Plugin preTool hooks ──────────────────────────────────────
     let effectiveInput = input;
@@ -1776,28 +1914,17 @@ async function executeToolWithRetry(tool, input, maxRetries = 2) {
 // —— Sprint 8: dependency-group builder ——————————————
 // Groups consecutive tool steps into batches: parallel-safe tools are
 // batched together; sequential tools break the batch.
-const PARALLEL_SAFE = new Set([
-    'web_search', 'system_info', 'get_stocks', 'get_market_data',
-    'social_research', 'fetch_url', 'fetch_page', 'get_company_info',
-    'deep_research', 'code_interpreter_python', 'code_interpreter_node',
-    'clipboard_read', 'window_list', 'watch_folder_list',
-    'get_calendar', 'read_email', 'get_natural_events', 'ingest_youtube',
-]);
-const SEQUENTIAL_ONLY = new Set([
-    'file_write', 'run_python', 'run_node', 'shell_exec',
-    'open_browser', 'browser_click', 'browser_type', 'browser_extract',
-    'mouse_move', 'mouse_click', 'keyboard_type', 'keyboard_press',
-    'screenshot', 'screen_read', 'vision_loop', 'notify', 'wait',
-    'clipboard_write', 'window_focus', 'app_launch', 'app_close', 'system_volume',
-    'watch_folder',
-]);
+// ── v3.19 Phase 1 Commit 5: derived from TOOL_REGISTRY[parallel=safe] — literal deleted ──
+exports.PARALLEL_SAFE = (0, toolRegistry_1.registryParallelSafeSet)();
+// ── v3.19 Phase 1 Commit 5: derived from TOOL_REGISTRY[parallel=sequential] — literal deleted ──
+exports.SEQUENTIAL_ONLY = (0, toolRegistry_1.registrySequentialOnlySet)();
 function buildDependencyGroups(steps) {
     const groups = [];
     let currentGroup = [];
     for (const step of steps) {
         const inputStr = JSON.stringify(step.input || {});
-        const dependsOnPrevious = inputStr.includes('PREVIOUS_OUTPUT') || SEQUENTIAL_ONLY.has(step.tool);
-        if (PARALLEL_SAFE.has(step.tool) && !dependsOnPrevious) {
+        const dependsOnPrevious = inputStr.includes('PREVIOUS_OUTPUT') || exports.SEQUENTIAL_ONLY.has(step.tool);
+        if (exports.PARALLEL_SAFE.has(step.tool) && !dependsOnPrevious) {
             currentGroup.push(step);
         }
         else {
@@ -1880,8 +2007,11 @@ async function executePlan(plan, onStep, onPhaseChange, existingState, replanApi
         console.log(`[Exec] Step ${step.step}/${totalSteps}: ${step.tool} — RUNNING`);
         console.log(`[ExecutePlan] Step ${step.step}: ${step.tool} — input: ${JSON.stringify(step.input).slice(0, 100)}`);
         livePulse_1.livePulse.tool('Aiden', step.tool, JSON.stringify(step.input).slice(0, 80));
-        // Validate tool exists
-        if (!toolRegistry_1.TOOLS[step.tool]) {
+        // Validate tool exists — use isKnownTool() which checks both static TOOLS and
+        // runtime-registered externalTools (e.g. memory_store from registerSlashMirrorTools).
+        // ALLOWED_TOOLS is frozen at module-load time before mirror tools are registered,
+        // so it cannot be used here.
+        if (!(0, toolRegistry_1.isKnownTool)(step.tool)) {
             const stepResult = {
                 step: step.step, tool: step.tool, input: step.input,
                 success: false, output: '',
@@ -1893,7 +2023,7 @@ async function executePlan(plan, onStep, onPhaseChange, existingState, replanApi
             return stepResult;
         }
         // Tools that legitimately take zero input
-        const NO_INPUT_TOOLS = ['system_info', 'screenshot', 'get_hardware', 'screen_read', 'vision_loop', 'health_check', 'respond'];
+        const NO_INPUT_TOOLS = ['system_info', 'screenshot', 'get_hardware', 'screen_read', 'vision_loop', 'health_check', 'respond', 'now_playing'];
         if (!NO_INPUT_TOOLS.includes(step.tool)) {
             if (!step.input || Object.keys(step.input).length === 0) {
                 console.log(`[ExecutePlan] Skipping step ${step.step} (${step.tool}) — empty input`);
@@ -2263,7 +2393,19 @@ function resolvePreviousOutput(input, stepOutputs, currentStep) {
     return resolved;
 }
 // ── STEP 3: respondWithResults ────────────────────────────────
-function responderSystem(userName, date) {
+function responderSystem(userName, date, sessionId) {
+    // Option-B: SOUL.md in full on first turn or when content changed on disk;
+    // reference line only on unchanged turns. AIDEN_RESPONDER_SYSTEM already
+    // calls getLiveSoul() — hash tracking here is additional cost guard.
+    const _ctx = protectedContext_1.protectedContextManager.getProtectedContext();
+    const _prevHash = sessionId ? soulHashBySession.get(sessionId) : undefined;
+    if (sessionId)
+        soulHashBySession.set(sessionId, _ctx.hash);
+    // When soul is unchanged, prepend a compact block then the responder body.
+    if (_prevHash !== undefined && _ctx.hash === _prevHash) {
+        const refBlock = (0, contextHandoff_1.buildProtectedContextBlock)(_ctx, _prevHash, sessionId);
+        return refBlock ? refBlock + '\n\n' + (0, aidenPersonality_1.AIDEN_RESPONDER_SYSTEM)(userName, date) : (0, aidenPersonality_1.AIDEN_RESPONDER_SYSTEM)(userName, date);
+    }
     return (0, aidenPersonality_1.AIDEN_RESPONDER_SYSTEM)(userName, date);
 }
 async function respondWithResults(originalMessage, plan, results, history, userName, apiKey, model, providerName, onToken, sessionId, goals) {
@@ -2337,7 +2479,7 @@ async function respondWithResults(originalMessage, plan, results, history, userN
         ? results.map(r => `[${r.tool} result]: ${r.success ? r.output.slice(0, 1000) : 'FAILED: ' + r.error}`).join('\n')
         : '';
     const systemWithResults = toolResultsContext
-        ? `${capabilitiesSection}${entitySummary}${responderSystem(userName, date)}${responseSkillContext}${knowledgeResponderSection}${multiGoalInstruction}
+        ? `${capabilitiesSection}${entitySummary}${responderSystem(userName, date, sessionId)}${responseSkillContext}${knowledgeResponderSection}${multiGoalInstruction}
 
 YOU JUST RAN THESE TOOLS AND GOT THESE RESULTS:
 ${toolResultsContext}
@@ -2346,11 +2488,17 @@ CRITICAL RULES FOR YOUR RESPONSE:
 - Include the ACTUAL output from the tools above in your response
 - Do NOT say "I ran the tool" — show the RESULT
 - If run_python returned a number, say that number
-- If file_read returned text, show that text
+- If file_read SUCCEEDED, show the actual text returned
+- If file_read FAILED (ENOENT or any error), state the file does not exist or could not be read — NEVER invent or fabricate file contents
+- If file_list SUCCEEDED, show the actual listing
+- If file_list FAILED, say the directory could not be listed — NEVER invent filenames
+- If web_fetch SUCCEEDED, show the actual fetched content
+- If web_fetch FAILED, say the page could not be fetched — NEVER invent page content
+- If a search tool returned no results, say no results were found — NEVER invent search results
 - If system_info returned hardware data, show the data
 - Be direct: show the actual output, then provide context if needed
-- If a tool failed, say it failed and why`
-        : `${capabilitiesSection}${entitySummary}${responderSystem(userName, date)}${responseSkillContext}${knowledgeResponderSection}${multiGoalInstruction}`;
+- If a tool result starts with "FAILED:", tell the user it failed and why — NEVER fabricate a successful result`
+        : `${capabilitiesSection}${entitySummary}${responderSystem(userName, date, sessionId)}${responseSkillContext}${knowledgeResponderSection}${multiGoalInstruction}`;
     const userContent = executionSummary
         ? `User asked: "${originalMessage}"\n\nReal execution results:\n${executionSummary}\n\nRespond naturally based on these real results only. Show the actual output, not a description of it.${depthInstruction}${memSection}`
         : `${originalMessage}${memSection}`;
@@ -2427,8 +2575,9 @@ CRITICAL RULES FOR YOUR RESPONSE:
                 throw new Error('Ollama: empty response — no tokens emitted');
         }
         else {
-            // OpenAI-compatible
-            const url = OPENAI_COMPAT_ENDPOINTS[providerName] || OPENAI_COMPAT_ENDPOINTS.groq;
+            // C9b: Unified path for all OpenAI-compatible providers (known + custom).
+            // resolveStreamingUrl handles custom→config lookup and known→endpoint map.
+            const url = resolveStreamingUrl(providerName, apiKey);
             const r = await fetch(url, {
                 method: 'POST',
                 headers: buildHeaders(providerName, apiKey),
@@ -2471,7 +2620,8 @@ CRITICAL RULES FOR YOUR RESPONSE:
             if (nextCloud.providerName !== 'ollama' && nextCloud.apiName !== providerName && nextCloud.apiKey) {
                 console.log(`[Responder] ${providerName} at capacity — trying ${nextCloud.providerName} (${nextCloud.model})`);
                 try {
-                    const url = OPENAI_COMPAT_ENDPOINTS[nextCloud.providerName] || OPENAI_COMPAT_ENDPOINTS.groq;
+                    // C9b: use resolveStreamingUrl for correct custom-provider routing
+                    const url = resolveStreamingUrl(nextCloud.providerName, nextCloud.apiKey);
                     const headers = buildHeaders(nextCloud.providerName, nextCloud.apiKey);
                     const r = await fetch(url, {
                         method: 'POST',
@@ -2501,7 +2651,8 @@ CRITICAL RULES FOR YOUR RESPONSE:
             if (cloudFallback.providerName !== 'ollama' && cloudFallback.apiKey) {
                 console.log(`[Router] Ollama timeout/error — falling back to ${cloudFallback.providerName} (${cloudFallback.model})`);
                 try {
-                    const url = OPENAI_COMPAT_ENDPOINTS[cloudFallback.providerName] || OPENAI_COMPAT_ENDPOINTS.groq;
+                    // C9b: use resolveStreamingUrl for correct custom-provider routing
+                    const url = resolveStreamingUrl(cloudFallback.providerName, cloudFallback.apiKey);
                     const headers = buildHeaders(cloudFallback.providerName, cloudFallback.apiKey);
                     const r = await fetch(url, {
                         method: 'POST',
@@ -2572,20 +2723,23 @@ CRITICAL RULES FOR YOUR RESPONSE:
         }
         if (ollamaResponded)
             return;
-        // Last resort: return raw tool output if tools ran successfully
-        if (results && results.length > 0 && results.some(r => r.success)) {
-            const successResults = results.filter(r => r.success);
-            const lastResult = successResults[successResults.length - 1];
-            onToken(lastResult.output || 'Here are the results.');
-            return;
-        }
-        // Include error info from failed tools if any
+        // Last resort: synthesize honest summary (all LLM providers down)
         if (results && results.length > 0) {
-            const failedResult = results[results.length - 1];
-            if (failedResult.error) {
-                onToken(`Error: ${failedResult.error}`);
+            const successes = results.filter(r => r.success);
+            const failures = results.filter(r => !r.success);
+            if (failures.length === 0) {
+                // All steps succeeded — return last output as before
+                onToken(successes[successes.length - 1].output || 'Done.');
                 return;
             }
+            // Mixed or all-failed — surface both sides honestly
+            const parts = [];
+            if (successes.length > 0)
+                parts.push(`Completed: ${successes.map(r => r.tool).join(', ')}.`);
+            parts.push(`Failed: ${failures.map(r => `${r.tool} — ${r.error || 'unknown error'}`).join('; ')}.`);
+            parts.push('(All language providers are currently unavailable — full response cannot be generated.)');
+            onToken(parts.join(' '));
+            return;
         }
         const degraded = (0, router_1.enterDegradedMode)(e.message || 'unknown error');
         onToken(degraded.message);
@@ -2676,12 +2830,25 @@ async function callLLM(prompt, apiKey, model, providerName, opts) {
             return d?.result?.response || '';
         }
         else if (providerName === 'custom') {
-            // Custom provider — look up baseUrl from config by matching apiKey
+            // Custom provider — look up baseUrl from config.
+            // Checks customProviders first (direct apiKey match), then providers.apis
+            // entries with provider:'custom' (key resolved from env).
             const cfgCustom = (0, index_1.loadConfig)();
-            const cp = cfgCustom.customProviders?.find((c) => c.enabled && c.apiKey === apiKey);
-            if (!cp?.baseUrl)
+            let customBaseUrl = cfgCustom.customProviders?.find((c) => c.enabled && c.apiKey === apiKey)?.baseUrl;
+            if (!customBaseUrl) {
+                const apiEntry = (cfgCustom.providers?.apis ?? []).find((a) => {
+                    if (a.provider !== 'custom' || !a.enabled || !a.baseUrl)
+                        return false;
+                    const resolved = a.key?.startsWith('env:')
+                        ? (process.env[a.key.replace('env:', '')] || '')
+                        : a.key;
+                    return resolved === apiKey;
+                });
+                customBaseUrl = apiEntry?.baseUrl;
+            }
+            if (!customBaseUrl)
                 throw new Error(`callLLM: no baseUrl for custom provider (model=${model})`);
-            const r = await fetch(cp.baseUrl, {
+            const r = await fetch(customBaseUrl, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${apiKey}` },
                 body: JSON.stringify({
@@ -2709,7 +2876,7 @@ async function callLLM(prompt, apiKey, model, providerName, opts) {
                 costTracker_1.costTracker.trackUsage(providerName, model, d?.usage?.prompt_tokens ?? 0, d?.usage?.completion_tokens ?? 0, opts?.traceId, opts?.isSystem ?? false);
             }
             catch { }
-            return d?.choices?.[0]?.message?.content || '';
+            return extractChatMessageContent(d?.choices?.[0]?.message?.content);
         }
         else {
             // OpenAI-compatible: groq, openrouter, cerebras, nvidia, github
@@ -2736,7 +2903,7 @@ async function callLLM(prompt, apiKey, model, providerName, opts) {
                 costTracker_1.costTracker.trackUsage(providerName, model, d?.usage?.prompt_tokens ?? 0, d?.usage?.completion_tokens ?? 0, opts?.traceId, opts?.isSystem ?? false);
             }
             catch { }
-            return d?.choices?.[0]?.message?.content || '';
+            return extractChatMessageContent(d?.choices?.[0]?.message?.content);
         }
     }
     catch (e) {