bobs-workshop 3.1.1 → 3.1.3

package/src/skills/brainstorming/SKILL.md

@@ -12,23 +12,23 @@ metadata:
 
 ---
 
-## 🛑 SOCRATIC GATE (ENFORCEMENT)
+## STOP SOCRATIC GATE (ENFORCEMENT)
 
 ### When to Trigger
 
 | Pattern | Action |
 |---------|--------|
-| "Build/Create/Make [thing]" without details | 🛑 ASK 3 questions |
-| Complex feature or architecture | 🛑 Clarify before implementing |
-| Update/change request | 🛑 Confirm scope |
-| Vague requirements | 🛑 Ask purpose, users, constraints |
+| "Build/Create/Make [thing]" without details | STOP ASK 3 questions |
+| Complex feature or architecture | STOP Clarify before implementing |
+| Update/change request | STOP Confirm scope |
+| Vague requirements | STOP Ask purpose, users, constraints |
 
-### 🚫 MANDATORY: 3 Questions Before Implementation
+### DENIED MANDATORY: 3 Questions Before Implementation
 
 1. **STOP** - Do NOT start coding
 2. **ASK** - Minimum 3 questions:
-   - 🎯 Purpose: What problem are you solving?
-   - 👥 Users: Who will use this?
+   - [TARGET] Purpose: What problem are you solving?
+   - [TEAM] Users: Who will use this?
    - 📦 Scope: Must-have vs nice-to-have?
 3. **WAIT** - Get response before proceeding
 
@@ -36,7 +36,7 @@ metadata:
 
 ## 🧠 Dynamic Question Generation
 
-**⛔ NEVER use static templates.** Read `dynamic-questioning.md` for principles.
+**BLOCKED NEVER use static templates.** Read `dynamic-questioning.md` for principles.
 
 ### Core Principles
 
@@ -85,17 +85,17 @@ metadata:
 
 | Agent | Status | Current Task | Progress |
 |-------|--------|--------------|----------|
-| [Agent Name] | ✅🔄⏳❌⚠️ | [Task description] | [% or count] |
+| [Agent Name] | YES[REFRESH]⏳NOWARNING | [Task description] | [% or count] |
 
 ### Status Icons
 
 | Icon | Meaning | Usage |
 |------|---------|-------|
-| ✅ | Completed | Task finished successfully |
-| 🔄 | Running | Currently executing |
+| YES | Completed | Task finished successfully |
+| [REFRESH] | Running | Currently executing |
 | ⏳ | Waiting | Blocked, waiting for dependency |
-| ❌ | Error | Failed, needs attention |
-| ⚠️ | Warning | Potential issue, not blocking |
+| NO | Error | Failed, needs attention |
+| WARNING | Warning | Potential issue, not blocking |
 
 ---
 
@@ -143,7 +143,7 @@ metadata:
 | Principle | Implementation |
 |-----------|----------------|
 | **Concise** | No unnecessary details, get to point |
-| **Visual** | Use emojis (✅🔄⏳❌) for quick scanning |
+| **Visual** | Use emojis (YES[REFRESH]⏳NO) for quick scanning |
 | **Specific** | "~2 minutes" not "wait a bit" |
 | **Alternatives** | Offer multiple paths when stuck |
 | **Proactive** | Suggest next step after completion |
@@ -170,7 +170,7 @@ This skill is used by **alice (architect)** agent during the PLAN phase.
 
 Add planning section to MANUAL:
 ```markdown
-## 📝 Product Specifications
+## [DOC] Product Specifications
 
 ### Requirements Clarification (Socratic Gate)
 - [ ] Purpose identified
@@ -190,7 +190,7 @@ Update agent handoffs with status:
 ```markdown
 ## 🤝 Agent Handoffs
 
-🔄 alice: Planning in progress (3/5 tasks complete)
+[REFRESH] alice: Planning in progress (3/5 tasks complete)
 🤝 alice → bob-eng: Handoff - MANUAL ready for implementation
 ```
 
@@ -198,7 +198,7 @@ Update agent handoffs with status:
 
 Standardize error messages across all agents:
 ```markdown
-❌ Error: [Brief description]
+NO Error: [Brief description]
 
 **What happened:** [User-friendly explanation]
 

package/src/skills/clean-code/SKILL.md

@@ -72,7 +72,7 @@ metadata:
 
 ## Anti-Patterns (DON'T)
 
-| ❌ Pattern | ✅ Fix |
+| NO Pattern | YES Fix |
 |-----------|-------|
 | Comment every line | Delete obvious comments |
 | Helper for one-liner | Inline the code |
@@ -85,7 +85,7 @@ metadata:
 
 ---
 
-## 🔴 Before Editing ANY File (THINK FIRST!)
+## CRITICAL Before Editing ANY File (THINK FIRST!)
 
 **Before changing a file, ask yourself:**
 
@@ -103,8 +103,8 @@ File to edit: UserService.ts
 └── Do they need changes too? → Check function signatures
 ```
 
-> 🔴 **Rule:** Edit the file + all dependent files in the SAME task.
-> 🔴 **Never leave broken imports or missing updates.**
+> CRITICAL **Rule:** Edit the file + all dependent files in the SAME task.
+> CRITICAL **Never leave broken imports or missing updates.**
 
 ---
 
@@ -114,13 +114,13 @@ File to edit: UserService.ts
 
 | Check | Question |
 |-------|----------|
-| ✅ **Goal met?** | Did I do exactly what user asked? |
-| ✅ **Files edited?** | Did I modify all necessary files? |
-| ✅ **Code works?** | Did I test/verify the change? |
-| ✅ **No errors?** | Lint and TypeScript pass? |
-| ✅ **Nothing forgotten?** | Any edge cases missed? |
+| YES **Goal met?** | Did I do exactly what user asked? |
+| YES **Files edited?** | Did I modify all necessary files? |
+| YES **Code works?** | Did I test/verify the change? |
+| YES **No errors?** | Lint and TypeScript pass? |
+| YES **Nothing forgotten?** | Any edge cases missed? |
 
-> 🔴 **Rule:** If ANY check fails, fix it before completing.
+> CRITICAL **Rule:** If ANY check fails, fix it before completing.
 
 ---
 
@@ -132,7 +132,7 @@ This skill is used by **bob-eng (engineer)** agent during the BUILD phase.
 
 Add code quality checks to implementation logs:
 ```markdown
-## 📈 Execution Logs
+##  Execution Logs
 
 ### Code Quality
 - [ ] Functions under 20 lines

package/src/skills/code-review-checklist/SKILL.md

@@ -55,10 +55,10 @@ metadata:
 
 ### Prompt Engineering Review
 ```markdown
-// ❌ Vague prompt in code
+// NO Vague prompt in code
 const response = await ai.generate(userInput);
 
-// ✅ Structured & Safe prompt
+// YES Structured & Safe prompt
 const response = await ai.generate({
   system: "You are a specialized parser...",
   input: sanitize(userInput),
@@ -69,36 +69,36 @@ const response = await ai.generate({
 ## Anti-Patterns to Flag
 
 ```typescript
-// ❌ Magic numbers
+// NO Magic numbers
 if (status === 3) { ... }
 
-// ✅ Named constants
+// YES Named constants
 if (status === Status.ACTIVE) { ... }
 
-// ❌ Deep nesting
+// NO Deep nesting
 if (a) { if (b) { if (c) { ... } } }
 
-// ✅ Early returns
+// YES Early returns
 if (!a) return;
 if (!b) return;
 if (!c) return;
 // do work
 
-// ❌ Long functions (100+ lines)
-// ✅ Small, focused functions
+// NO Long functions (100+ lines)
+// YES Small, focused functions
 
-// ❌ any type
+// NO any type
 const data: any = ...
 
-// ✅ Proper types
+// YES Proper types
 const data: UserData = ...
 ```
 
 ## Review Comments Guide
 
 ```
-// Blocking issues use 🔴
-🔴 BLOCKING: SQL injection vulnerability here
+// Blocking issues use CRITICAL
+CRITICAL BLOCKING: SQL injection vulnerability here
 
 // Important suggestions use 🟡
 🟡 SUGGESTION: Consider using useMemo for performance
@@ -106,8 +106,8 @@ const data: UserData = ...
 // Minor nits use 🟢
 🟢 NIT: Prefer const over let for immutable variable
 
-// Questions use ❓
-❓ QUESTION: What happens if user is null here?
+// Questions use [QUESTION]
+[QUESTION] QUESTION: What happens if user is null here?
 ```
 
 ---
@@ -120,7 +120,7 @@ This skill is used by **bob-rev (reviewer)** agent during the VERIFY phase.
 
 Add review section to MANUAL:
 ```markdown
-## 🔍 Review Notes
+## [SEARCH] Review Notes
 
 ### Review Checklist
 #### Correctness
@@ -153,27 +153,27 @@ Add review section to MANUAL:
 ### Review Comments
 | Severity | Comment | File:Line | Status |
 |----------|----------|-----------|--------|
-| 🔴 BLOCKING | [Description] | [File:Line] | [Open/Resolved] |
+| CRITICAL BLOCKING | [Description] | [File:Line] | [Open/Resolved] |
 | 🟡 SUGGESTION | [Description] | [File:Line] | [Open/Resolved] |
 | 🟢 NIT | [Description] | [File:Line] | [Open/Resolved] |
-| ❓ QUESTION | [Description] | [File:Line] | [Answered] |
+| [QUESTION] QUESTION | [Description] | [File:Line] | [Answered] |
 
 ### Review Decision
-- [ ] ✅ PASS - Ready for SEND
-- [ ] ❌ FAIL - Return to trace for fixes
+- [ ] YES PASS - Ready for SEND
+- [ ] NO FAIL - Return to trace for fixes
 ```
 
 ### PASS/FAIL Criteria
 
 #### PASS Conditions
-- All 🔴 BLOCKING issues resolved
+- All CRITICAL BLOCKING issues resolved
 - Security vulnerabilities addressed
 - Tests pass and have good coverage
 - Code follows project conventions
 - No obvious bugs
 
 #### FAIL Conditions
-- Any unresolved 🔴 BLOCKING issues
+- Any unresolved CRITICAL BLOCKING issues
 - Security vulnerabilities present
 - Tests failing or missing
 - Code doesn't match MANUAL specifications
@@ -184,7 +184,7 @@ Add review section to MANUAL:
 ```markdown
 ## 🤝 Agent Handoffs
 
-🤝 bob-rev: Review complete - ✅ PASS / ❌ FAIL
+🤝 bob-rev: Review complete - YES PASS / NO FAIL
 [Decision rationale]
 
 🤝 bob-rev → trace: [FAIL - Issues found, please fix]
@@ -212,7 +212,7 @@ When quality issues are discussed:
 
 ### Quality Indicators
 
-| Good ✅ | Poor ❌ |
+| Good YES | Poor NO |
 |---------|---------|
 | Self-documenting code | Requires comments to explain |
 | Small, focused functions | God functions (100+ lines) |

package/src/skills/database-design/SKILL.md

@@ -201,7 +201,7 @@ This skill is used by **alice (architect)** agent during PLAN phase and **bob-en
 
 Add database section to MANUAL:
 ```markdown
-## 🏗️ Architecture Analysis
+## [ARCH] Architecture Analysis
 
 ### Database Design
 

package/src/skills/exploration/SKILL.md

@@ -38,7 +38,7 @@ context7: Documentation lookup for frameworks
 
 ## Layer-Specific Exploration
 
-### 🗄️ Database Layer
+### [DB] Database Layer
 
 **Find schemas and migrations**:
 ```bash
@@ -58,7 +58,7 @@ grep("@ManyToOne|@OneToMany|@ManyToMany|references|foreignKey", "src/")
 LspReferences on entity classes
 ```
 
-### 🔧 Backend Layer
+### [TOOL] Backend Layer
 
 **Find services and controllers**:
 ```bash
@@ -84,7 +84,7 @@ LspDefinition on service imports
 LspReferences on service methods
 ```
 
-### 🔗 Integration Layer
+### [LINK] Integration Layer
 
 **Find external API clients**:
 ```bash
@@ -104,7 +104,7 @@ glob("**/Dockerfile", "**/docker-compose*", "**/*.yml")
 glob("**/.github/workflows/**", "**/ci/**")
 ```
 
-### 🎨 Frontend Layer
+### [UI] Frontend Layer
 
 **Find components**:
 ```bash
@@ -131,7 +131,7 @@ LspReferences on component names
 grep("import.*from.*components", "src/")
 ```
 
-### 🎯 UI/UX Layer
+### [TARGET] UI/UX Layer
 
 **Find styles**:
 ```bash

package/src/skills/performance/SKILL.md

@@ -6,7 +6,7 @@ description: Performance analysis, bottleneck identification, and optimization s
 
 **Skill ID**: performance
 **Category**: Code Quality & Optimization
-**Icon**: 📈
+**Icon**: 
 **Agents**: bob-eng, bob-fix
 
 ## Overview

package/src/skills/plan-writing/SKILL.md

@@ -38,11 +38,11 @@ This skill provides a framework for breaking down work into clear, actionable ta
 
 ## Planning Principles (NOT Templates!)
 
-> 🔴 **NO fixed templates. Each plan is UNIQUE to the task.**
+> CRITICAL **NO fixed templates. Each plan is UNIQUE to the task.**
 
 ### Principle 1: Keep It SHORT
 
-| ❌ Wrong | ✅ Right |
+| NO Wrong | YES Right |
 |----------|----------|
 | 50 tasks with sub-sub-tasks | 5-10 clear tasks max |
 | Every micro-step listed | Only actionable items |
@@ -54,7 +54,7 @@ This skill provides a framework for breaking down work into clear, actionable ta
 
 ### Principle 2: Be SPECIFIC, Not Generic
 
-| ❌ Wrong | ✅ Right |
+| NO Wrong | YES Right |
 |----------|----------|
 | "Set up project" | "Run `npx create-next-app`" |
 | "Add authentication" | "Install next-auth, create `/api/auth/[...nextauth].ts`" |
@@ -85,7 +85,7 @@ This skill provides a framework for breaking down work into clear, actionable ta
 
 ### Principle 4: Scripts Are Project-Specific
 
-> 🔴 **DO NOT copy-paste script commands. Choose based on project type.**
+> CRITICAL **DO NOT copy-paste script commands. Choose based on project type.**
 
 | Project Type | Relevant Scripts |
 |--------------|------------------|
@@ -102,7 +102,7 @@ This skill provides a framework for breaking down work into clear, actionable ta
 
 ### Principle 5: Verification is Simple
 
-| ❌ Wrong | ✅ Right |
+| NO Wrong | YES Right |
 |----------|----------|
 | "Verify the component works correctly" | "Run `npm run dev`, click button, see toast" |
 | "Test the API" | "curl localhost:3000/api/users returns 200" |
@@ -163,7 +163,7 @@ This skill is used by **alice (architect)** agent during the PLAN phase.
 
 Add implementation plan to MANUAL:
 ```markdown
-## 🚀 Implementation Plan
+## [LAUNCH] Implementation Plan
 
 ### Layered Tasks
 

package/src/skills/security/SKILL.md

@@ -10,7 +10,7 @@ metadata:
 
 > Think like an attacker, defend like an expert. 2025 threat landscape awareness.
 
-## 🔧 Runtime Scripts
+## [TOOL] Runtime Scripts
 
 **Execute for automated validation:**
 
@@ -18,7 +18,7 @@ metadata:
 |--------|---------|-------|
 | `scripts/security_scan.py` | Validate security principles applied | `python scripts/security_scan.py <project_path>` |
 
-## 📋 Reference Files
+## [LIST] Reference Files
 
 | File | Purpose |
 |------|---------|
@@ -56,14 +56,14 @@ Before scanning, ask:
 |------|----------|-------------|
 | **A01** | Broken Access Control | Who can access what? IDOR, SSRF |
 | **A02** | Security Misconfiguration | Defaults, headers, exposed services |
-| **A03** | Software Supply Chain 🆕 | Dependencies, CI/CD, build integrity |
+| **A03** | Software Supply Chain [NEW] | Dependencies, CI/CD, build integrity |
 | **A04** | Cryptographic Failures | Weak crypto, exposed secrets |
 | **A05** | Injection | User input → system commands |
 | **A06** | Insecure Design | Flawed architecture |
 | **A07** | Authentication Failures | Session, credential management |
 | **A08** | Integrity Failures | Unsigned updates, tampered data |
 | **A09** | Logging & Alerting | Blind spots, no monitoring |
-| **A10** | Exceptional Conditions 🆕 | Error handling, fail-open states |
+| **A10** | Exceptional Conditions [NEW] | Error handling, fail-open states |
 
 ### 2025 Key Changes
 
@@ -226,10 +226,10 @@ Is it actively exploited (EPSS >0.5)?
 
 | Layer | You Own | Provider Owns |
 |-------|---------|---------------|
-| Data | ✅ | ❌ |
-| Application | ✅ | ❌ |
+| Data | YES | NO |
+| Application | YES | NO |
 | OS/Runtime | Depends | Depends |
-| Infrastructure | ❌ | ✅ |
+| Infrastructure | NO | YES |
 
 ### Cloud-Specific Checks
 
@@ -242,7 +242,7 @@ Is it actively exploited (EPSS >0.5)?
 
 ## 10. Anti-Patterns
 
-| ❌ Don't | ✅ Do |
+| NO Don't | YES Do |
 |----------|-------|
 | Scan without understanding | Map attack surface first |
 | Alert on every CVE | Prioritize by exploitability + asset |
@@ -287,7 +287,7 @@ This skill is used by **bob-rev (reviewer)** agent during VERIFY phase and **tra
 
 Add security section to MANUAL:
 ```markdown
-## 🔍 Review Notes
+## [SEARCH] Review Notes
 
 ### Security Checklist
 
@@ -325,7 +325,7 @@ Add security section to MANUAL:
 
 | Severity | Finding | Location | Status |
 |----------|-----------|-----------|--------|
-| 🔴 CRITICAL | [Description] | [File:Line] | [Open/Resolved] |
+| CRITICAL CRITICAL | [Description] | [File:Line] | [Open/Resolved] |
 | 🟠 HIGH | [Description] | [File:Line] | [Open/Resolved] |
 | 🟡 MEDIUM | [Description] | [File:Line] | [Open/Resolved] |
 | 🟢 LOW | [Description] | [File:Line] | [Open/Resolved] |
@@ -339,14 +339,14 @@ Add security section to MANUAL:
 ### Review Decision (Security-Focused)
 
 #### PASS Conditions
-- No 🔴 CRITICAL issues
+- No CRITICAL CRITICAL issues
 - No 🟠 HIGH issues
 - Supply chain secure (dependencies audited)
 - No hardcoded secrets in code
 - Authentication and authorization properly implemented
 
 #### FAIL Conditions
-- Any 🔴 CRITICAL vulnerabilities
+- Any CRITICAL CRITICAL vulnerabilities
 - Unresolved 🟠 HIGH vulnerabilities
 - Hardcoded secrets/API keys found
 - Supply chain vulnerabilities present
@@ -367,7 +367,7 @@ Add security section to MANUAL:
 
 When trace (debugger) investigates security issues:
 ```markdown
-## 🔍 Debug Logs
+## [SEARCH] Debug Logs
 
 ### Security Issue Analysis
 

package/src/skills/simplification/SKILL.md

@@ -202,13 +202,13 @@ Document all changes made:
 ### Changes Reverted
 1. **[file:line]** - Attempted to flatten query builder conditionals
    - Reason: Test 'db.handles-concurrent' failed
-   - Reverted: ✓
+   - Reverted: YES
 
 ### Summary
 - Simplifications made: 2
 - Simplifications reverted: 1
 - Passes completed: 2
-- Tests still pass: ✓
+- Tests still pass: YES
 - Net lines: -21
 ```
 

package/src/skills/systematic-debugging/SKILL.md

@@ -104,11 +104,11 @@ pm2 logs app-name --err --lines 100
 
 ## Anti-Patterns
 
-❌ **Random changes** - "Maybe if I change this..."
-❌ **Ignoring evidence** - "That can't be the cause"
-❌ **Assuming** - "It must be X" without proof
-❌ **Not reproducing first** - Fixing blindly
-❌ **Stopping at symptoms** - Not finding root cause
+NO **Random changes** - "Maybe if I change this..."
+NO **Ignoring evidence** - "That can't be the cause"
+NO **Assuming** - "It must be X" without proof
+NO **Not reproducing first** - Fixing blindly
+NO **Stopping at symptoms** - Not finding root cause
 
 ---
 
@@ -120,7 +120,7 @@ This skill is used by **trace (debugger)** agent during the FIX phase.
 
 Add debugging section to MANUAL:
 ```markdown
-## 🔍 Debug Logs
+## [SEARCH] Debug Logs
 
 ### Issue Summary
 - **Bug ID:** [BUG-001]

package/src/skills/testing-patterns/SKILL.md

@@ -167,7 +167,7 @@ metadata:
 
 ## 10. Anti-Patterns
 
-| ❌ Don't | ✅ Do |
+| NO Don't | YES Do |
 |----------|-------|
 | Test implementation | Test behavior |
 | Duplicate test code | Use factories |

package/src/tools/background-agent/manager.ts

@@ -9,6 +9,39 @@ import { ConcurrencyManager } from "./concurrency";
 
 const TASK_TTL_MS = 30 * 60 * 1000; // 30 minutes
 const MIN_STABILITY_TIME_MS = 10 * 1000; // 10 seconds before stability detection
+const MAX_SYSTEM_CONTENT_LENGTH = 50000; // Maximum characters for system prompt
+const MAX_PROMPT_LENGTH = 10000; // Maximum characters for user prompt
+
+/**
+ * Sanitize content for safe JSON transmission to kimi model
+ * Handles Unicode issues, control characters, and length limits
+ */
+function sanitizeForModel(content: string, maxLength: number = MAX_SYSTEM_CONTENT_LENGTH): string {
+  if (!content) return "";
+  
+  // Step 1: Remove control characters (keep only \n, \r, \t)
+  let sanitized = content
+    .replace(/[\x00-\x08\x0B-\x0C\x0E-\x1F]/g, '')
+    // Step 2: Replace Unicode line/paragraph separators
+    .replace(/\u2028/g, '\n')
+    .replace(/\u2029/g, '\n')
+    // Step 3: Replace other problematic Unicode
+    .replace(/\uFEFF/g, '') // BOM
+    .replace(/\u200B-\u200D/g, '') // Zero-width spaces
+    // Step 4: Escape backslashes to prevent JSON issues
+    .replace(/\\/g, '\\\\')
+    // Step 5: Normalize line endings
+    .replace(/\r\n/g, '\n')
+    .replace(/\r/g, '\n');
+  
+  // Step 6: Truncate if too long (with indicator)
+  if (sanitized.length > maxLength) {
+    const truncationMsg = "\n\n[Content truncated due to length limits]";
+    sanitized = sanitized.substring(0, maxLength - truncationMsg.length) + truncationMsg;
+  }
+  
+  return sanitized;
+}
 
 type OpencodeClient = PluginInput["client"];
 
@@ -118,11 +151,8 @@ export class BackgroundManager {
           const skillPath = join(this.directory, ".opencode", "skill", "bobs-workshop", skillName, "SKILL.md");
           if (existsSync(skillPath)) {
             let skillFile = readFileSync(skillPath, "utf8");
-            // Sanitize content to prevent JSON parsing issues with kimi model
-            skillFile = skillFile
-              .replace(/[\x00-\x08\x0B-\x0C\x0E-\x1F]/g, '') // Remove control chars except \n, \r, \t
-              .replace(/\u2028/g, '\n') // Replace line separator with newline
-              .replace(/\u2029/g, '\n'); // Replace paragraph separator with newline
+            // Sanitize content for kimi model compatibility
+            skillFile = sanitizeForModel(skillFile, 10000); // Limit per skill
             skillContent += `\n\n---\n## Skill: ${skillName}\n\n${skillFile}`;
           }
         }
@@ -133,18 +163,20 @@ export class BackgroundManager {
         const { existsSync, readFileSync } = await import("node:fs");
         if (existsSync(input.manual_path)) {
           let manualContent = readFileSync(input.manual_path, "utf8");
-          // Sanitize content to prevent JSON parsing issues with kimi model
-          // Remove control characters and ensure proper escaping
-          manualContent = manualContent
-            .replace(/[\x00-\x08\x0B-\x0C\x0E-\x1F]/g, '') // Remove control chars except \n, \r, \t
-            .replace(/\u2028/g, '\n') // Replace line separator with newline
-            .replace(/\u2029/g, '\n'); // Replace paragraph separator with newline
+          // Sanitize content for kimi model compatibility
+          manualContent = sanitizeForModel(manualContent, 30000); // Larger limit for manual
           skillContent = skillContent 
             ? `${skillContent}\n\n## MANUAL Context:\n${manualContent}`
             : manualContent;
         }
       }
+      
+      // Final sanitization of combined skill content
+      skillContent = sanitizeForModel(skillContent, MAX_SYSTEM_CONTENT_LENGTH);
 
+      // Sanitize user prompt to prevent JSON issues
+      const sanitizedPrompt = sanitizeForModel(input.prompt, MAX_PROMPT_LENGTH);
+      
       // Fire-and-forget prompt
       this.client.session.prompt({
         path: { id: sessionID },
@@ -156,7 +188,7 @@ export class BackgroundManager {
             task: false,
             delegate_task: false,
           },
-          parts: [{ type: "text", text: input.prompt }],
+          parts: [{ type: "text", text: sanitizedPrompt }],
         },
       } as any).catch((error) => {
         console.error("[background-agent] Prompt error:", error);