bortexcode 1.5.0 → 1.8.0

package/bin/bortex.js

@@ -4,6 +4,7 @@
 const fs = require('fs');
 const os = require('os');
 const path = require('path');
+const crypto = require('crypto');
 const readline = require('readline');
 const { spawn, spawnSync } = require('child_process');
 const packageMeta = require('../package.json');
@@ -44,12 +45,30 @@ function parseArgs(argv) {
       spinner: true,
       progress: false,
       icons: false
-    }
+    },
+    resume: false,
+    resumeTarget: '',
+    resumeAll: false,
+    execMode: false,
+    execJson: false,
+    execOutput: '',
+    execSchema: '',
+    execEphemeral: false,
+    execMaxTurns: 1,
+    permissionProfile: process.env.BORTEX_PERMISSION_PROFILE || process.env.BORTEX_SANDBOX || 'workspace'
   };
 
   const rest = [];
   for (let i = 0; i < argv.length; i += 1) {
     const a = argv[i];
+    if (a === 'resume') {
+      opts.resume = true;
+      continue;
+    }
+    if (a === 'exec') {
+      opts.execMode = true;
+      continue;
+    }
     if (a === 'remote-control' || a === 'remote') {
       opts.remoteControlServerMode = true;
       continue;
@@ -120,6 +139,62 @@ function parseArgs(argv) {
       opts.offline = true;
       continue;
     }
+    if (a === '--json') {
+      opts.execJson = true;
+      continue;
+    }
+    if ((a === '-o' || a === '--output-last-message' || a === '--output') && argv[i + 1]) {
+      opts.execOutput = argv[i + 1];
+      i += 1;
+      continue;
+    }
+    if (a.startsWith('--output-last-message=')) {
+      opts.execOutput = a.slice('--output-last-message='.length);
+      continue;
+    }
+    if (a.startsWith('--output=')) {
+      opts.execOutput = a.slice('--output='.length);
+      continue;
+    }
+    if (a === '--output-schema' && argv[i + 1]) {
+      opts.execSchema = argv[i + 1];
+      i += 1;
+      continue;
+    }
+    if (a.startsWith('--output-schema=')) {
+      opts.execSchema = a.slice('--output-schema='.length);
+      continue;
+    }
+    if (a === '--ephemeral') {
+      opts.execEphemeral = true;
+      continue;
+    }
+    if (a === '--max-turns' && argv[i + 1]) {
+      opts.execMaxTurns = Math.max(1, Number(argv[i + 1]) || 1);
+      i += 1;
+      continue;
+    }
+    if (a.startsWith('--max-turns=')) {
+      opts.execMaxTurns = Math.max(1, Number(a.slice('--max-turns='.length)) || 1);
+      continue;
+    }
+    if ((a === '--sandbox' || a === '--permissions' || a === '--permission-profile') && argv[i + 1]) {
+      opts.permissionProfile = argv[i + 1];
+      i += 1;
+      continue;
+    }
+    if (a.startsWith('--sandbox=')) {
+      opts.permissionProfile = a.slice('--sandbox='.length);
+      continue;
+    }
+    if (a.startsWith('--permissions=')) {
+      opts.permissionProfile = a.slice('--permissions='.length);
+      continue;
+    }
+    if (a.startsWith('--permission-profile=')) {
+      opts.permissionProfile = a.slice('--permission-profile='.length);
+      continue;
+    }
     if (a === '--verbose') {
       opts.ux.verbose = true;
       continue;
@@ -226,6 +301,24 @@ function parseArgs(argv) {
     rest.push(a);
   }
 
+  if (opts.resume && rest.length) {
+    const first = String(rest[0] || '').trim();
+    if (first === '--last' || first === 'last') {
+      opts.resumeTarget = 'last';
+      rest.shift();
+    } else if (first === '--all') {
+      opts.resumeAll = true;
+      rest.shift();
+    } else if (/^[a-z0-9][a-z0-9._-]{5,}$/i.test(first)) {
+      opts.resumeTarget = first;
+      rest.shift();
+    }
+    if (rest[0] === '--all') {
+      opts.resumeAll = true;
+      rest.shift();
+    }
+  }
+
   if (rest.length) {
     opts.prompt = rest.join(' ').trim();
   }
@@ -240,6 +333,8 @@ function usage() {
   console.log(`  ${cliName} [options] [prompt]`);
   console.log(`  ${cliName} remote-control [--name <title>] [--remote-lan]`);
   console.log(`  ${cliName} remote-control --cloud [--name <title>]`);
+  console.log(`  ${cliName} exec [--json] [-o file] [--output-schema file] [prompt]`);
+  console.log(`  ${cliName} resume [--last|<id>] [prompt]`);
   console.log(`  ${cliName} --api-key <apikey>`);
   console.log(`  ${cliName} "write a python function"`);
   console.log('');
@@ -252,6 +347,14 @@ function usage() {
   console.log('  -m, --model <name>  Force a specific LLM model');
   console.log('      --api-url <u>   Custom LLM endpoint');
   console.log('      --offline       Local mode');
+  console.log('      --json          Exec mode: emit JSONL events');
+  console.log('      -o, --output-last-message <file>');
+  console.log('                      Exec mode: write final message to file');
+  console.log('      --output-schema <file>');
+  console.log('                      Exec mode: request final JSON matching schema');
+  console.log('      --ephemeral     Exec mode: do not persist transcript events');
+  console.log('      --sandbox <profile>');
+  console.log('                      Permission profile: read-only, workspace, full');
   console.log('      --verbose       Show request routing details');
   console.log('      --progress      Show server progress events');
   console.log('      --no-spinner    Disable spinner');
@@ -447,15 +550,16 @@ async function fetchJsonWithTimeout(url, timeoutMs = 2500) {
 }
 
 async function resolveLatestCliVersion(opts = {}) {
+  const candidates = [];
   try {
     const npmLatest = await fetchJsonWithTimeout('https://registry.npmjs.org/bortexcode/latest');
     if (npmLatest?.version) {
-      return {
+      candidates.push({
         source: 'npm',
         version: String(npmLatest.version),
         installTarget: 'bortexcode',
         installCommand: 'npm install -g bortexcode'
-      };
+      });
     }
   } catch (_err) {
     // Package may not be published yet. Fall back to bortex.site metadata.
@@ -466,16 +570,18 @@ async function resolveLatestCliVersion(opts = {}) {
     const siteLatest = await fetchJsonWithTimeout(`${base}/bortex-code/latest.json`);
     if (siteLatest?.version) {
       const installTarget = String(siteLatest.installTarget || siteLatest.tarballUrl || `${base}/bortex-code/bortex-code-latest.tgz`);
-      return {
+      candidates.push({
         source: 'bortex.site',
         version: String(siteLatest.version),
         installTarget,
         installCommand: String(siteLatest.installCommand || `npm install -g ${installTarget}`)
-      };
+      });
     }
   } catch (_err) { }
 
-  return null;
+  if (!candidates.length) return null;
+  candidates.sort((a, b) => compareSemver(b.version, a.version));
+  return candidates[0];
 }
 
 async function promptYesNo(question, defaultYes = true) {
@@ -982,7 +1088,7 @@ function detectGitUnmergedConflicts(opts) {
 }
 
 function formatModeLine(opts) {
-  return `Server: ${opts.url} | Mode: ${opts.agent ? 'agent' : 'chat'} | Transport: ${opts.offline ? 'offline-native' : 'server'} | CWD: ${opts.cwd}`;
+  return `Server: ${opts.url} | Mode: ${opts.agent ? 'agent' : 'chat'} | Transport: ${opts.offline ? 'offline-native' : 'server'} | Permissions: ${getEffectivePermissionProfile(opts).name} | CWD: ${opts.cwd}`;
 }
 
 function getCliSessionPath(opts) {
@@ -1083,77 +1189,1665 @@ function sanitizeRunState(runState) {
   };
 }
 
-function sanitizeAgentRunDefaults(value) {
-  const raw = value && typeof value === 'object' ? value : {};
-  const policy = resolveAgentRunPolicyConfig(raw.policy || 'balanced').name;
-  return { policy };
+function sanitizeAgentRunDefaults(value) {
+  const raw = value && typeof value === 'object' ? value : {};
+  const policy = resolveAgentRunPolicyConfig(raw.policy || 'balanced').name;
+  return { policy };
+}
+
+function saveCliWorkspaceState(opts) {
+  const p = getCliSessionPath(opts);
+  const payload = {
+    version: 1,
+    cwd: opts.cwd,
+    updatedAt: Date.now(),
+    todo: sanitizeTodoItems(opts.todo),
+    plan: sanitizePlan(opts.plan),
+    history: sanitizeHistory(opts.commandHistory),
+    artifacts: sanitizeArtifacts(opts.artifacts),
+    runState: sanitizeRunState(opts.runState),
+    agentRunDefaults: sanitizeAgentRunDefaults(opts.agentRunDefaults)
+  };
+  fs.writeFileSync(p, JSON.stringify(payload, null, 2), 'utf8');
+}
+
+function loadCliWorkspaceState(opts) {
+  const p = getCliSessionPath(opts);
+  opts.todo = [];
+  opts.plan = null;
+  opts.commandHistory = [];
+  opts.artifacts = [];
+  opts.runState = null;
+  opts.agentRunDefaults = sanitizeAgentRunDefaults(null);
+  if (!fs.existsSync(p)) return { loaded: false, path: p };
+  try {
+    const raw = JSON.parse(fs.readFileSync(p, 'utf8'));
+    opts.todo = sanitizeTodoItems(raw.todo);
+    opts.plan = sanitizePlan(raw.plan);
+    opts.commandHistory = sanitizeHistory(raw.history);
+    opts.artifacts = sanitizeArtifacts(raw.artifacts);
+    opts.runState = sanitizeRunState(raw.runState);
+    opts.agentRunDefaults = sanitizeAgentRunDefaults(raw.agentRunDefaults);
+    return { loaded: true, path: p };
+  } catch (_err) {
+    opts.agentRunDefaults = sanitizeAgentRunDefaults(null);
+    return { loaded: false, path: p, invalid: true };
+  }
+}
+
+function pushCliHistory(opts, line) {
+  if (!Array.isArray(opts.commandHistory)) opts.commandHistory = [];
+  const text = String(line || '').trim();
+  if (!text) return;
+  const last = opts.commandHistory[opts.commandHistory.length - 1];
+  if (last && last.text === text) {
+    last.ts = Date.now();
+    return;
+  }
+  opts.commandHistory.push({ text, ts: Date.now() });
+  if (opts.commandHistory.length > 200) {
+    opts.commandHistory = opts.commandHistory.slice(-200);
+  }
+}
+
+function recordArtifact(opts, kind, text) {
+  if (!Array.isArray(opts.artifacts)) opts.artifacts = [];
+  opts.artifacts.push({
+    ts: Date.now(),
+    kind: String(kind || 'event'),
+    text: String(text || '')
+  });
+  if (opts.artifacts.length > 300) {
+    opts.artifacts = opts.artifacts.slice(-300);
+  }
+}
+
+function getBortexUserDir() {
+  return path.dirname(resolveSharedSettingsPath());
+}
+
+function getBortexProjectDir(opts) {
+  return path.join(opts.cwd || process.cwd(), '.bortex');
+}
+
+function ensureDirSync(dirPath) {
+  if (!fs.existsSync(dirPath)) fs.mkdirSync(dirPath, { recursive: true });
+}
+
+function safeSlug(value, fallback = 'item') {
+  return String(value || fallback)
+    .toLowerCase()
+    .replace(/[^a-z0-9._-]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+    .slice(0, 80) || fallback;
+}
+
+function safeReadJson(filePath, fallback = null) {
+  try {
+    if (!fs.existsSync(filePath)) return fallback;
+    return JSON.parse(fs.readFileSync(filePath, 'utf8'));
+  } catch (_err) {
+    return fallback;
+  }
+}
+
+function safeWriteJson(filePath, payload) {
+  ensureDirSync(path.dirname(filePath));
+  fs.writeFileSync(filePath, JSON.stringify(payload, null, 2), 'utf8');
+}
+
+function parseFrontmatterMarkdown(rawText) {
+  const text = String(rawText || '');
+  const out = { meta: {}, body: text };
+  if (!text.startsWith('---')) return out;
+  const end = text.indexOf('\n---', 3);
+  if (end < 0) return out;
+  const yaml = text.slice(3, end).trim();
+  const body = text.slice(end + 4).replace(/^\r?\n/, '');
+  const meta = {};
+  yaml.split(/\r?\n/).forEach((line) => {
+    const m = line.match(/^([A-Za-z0-9_.-]+)\s*:\s*(.*)$/);
+    if (!m) return;
+    const key = m[1].trim();
+    let value = m[2].trim();
+    value = value.replace(/^['"]|['"]$/g, '');
+    if (value === 'true') meta[key] = true;
+    else if (value === 'false') meta[key] = false;
+    else meta[key] = value;
+  });
+  return { meta, body };
+}
+
+function listMarkdownFiles(dirPath) {
+  try {
+    if (!fs.existsSync(dirPath)) return [];
+    return fs.readdirSync(dirPath, { withFileTypes: true })
+      .filter((entry) => entry.isFile() && /\.md$/i.test(entry.name))
+      .map((entry) => path.join(dirPath, entry.name));
+  } catch (_err) {
+    return [];
+  }
+}
+
+function listSkillFiles(dirPath) {
+  try {
+    if (!fs.existsSync(dirPath)) return [];
+    return fs.readdirSync(dirPath, { withFileTypes: true })
+      .filter((entry) => entry.isDirectory())
+      .map((entry) => path.join(dirPath, entry.name, 'SKILL.md'))
+      .filter((filePath) => fs.existsSync(filePath));
+  } catch (_err) {
+    return [];
+  }
+}
+
+function getPluginStatePath(opts) {
+  return path.join(getBortexProjectDir(opts), 'plugins.json');
+}
+
+function loadPluginState(opts) {
+  const raw = safeReadJson(getPluginStatePath(opts), { disabled: {} });
+  return { disabled: raw && typeof raw.disabled === 'object' ? raw.disabled : {} };
+}
+
+function savePluginState(opts, state) {
+  safeWriteJson(getPluginStatePath(opts), { disabled: state.disabled || {} });
+}
+
+function pluginBaseDirs(opts) {
+  return [
+    { scope: 'user', dir: path.join(getBortexUserDir(), 'plugins') },
+    { scope: 'project', dir: path.join(getBortexProjectDir(opts), 'plugins') }
+  ];
+}
+
+function readPluginManifest(pluginDir) {
+  const candidates = [
+    path.join(pluginDir, '.bortex-plugin', 'plugin.json'),
+    path.join(pluginDir, 'plugin.json')
+  ];
+  for (const filePath of candidates) {
+    const manifest = safeReadJson(filePath, null);
+    if (manifest && typeof manifest === 'object') return { manifest, filePath };
+  }
+  return null;
+}
+
+function discoverPlugins(opts) {
+  const state = loadPluginState(opts);
+  const rows = [];
+  pluginBaseDirs(opts).forEach((root) => {
+    try {
+      if (!fs.existsSync(root.dir)) return;
+      fs.readdirSync(root.dir, { withFileTypes: true })
+        .filter((entry) => entry.isDirectory())
+        .forEach((entry) => {
+          const dir = path.join(root.dir, entry.name);
+          const loaded = readPluginManifest(dir);
+          if (!loaded) return;
+          const id = safeSlug(loaded.manifest.id || loaded.manifest.name || entry.name);
+          rows.push({
+            id,
+            name: loaded.manifest.name || id,
+            description: loaded.manifest.description || '',
+            version: loaded.manifest.version || '',
+            scope: root.scope,
+            dir,
+            manifestPath: loaded.filePath,
+            manifest: loaded.manifest,
+            enabled: !state.disabled[id]
+          });
+        });
+    } catch (_err) {}
+  });
+  return rows;
+}
+
+function getEnabledPluginContentRoots(opts) {
+  return discoverPlugins(opts)
+    .filter((plugin) => plugin.enabled)
+    .map((plugin) => ({
+      scope: `plugin:${plugin.id}`,
+      commands: path.join(plugin.dir, plugin.manifest.commandsDir || 'commands'),
+      skills: path.join(plugin.dir, plugin.manifest.skillsDir || 'skills'),
+      plugin
+    }));
+}
+
+function loadCustomSlashCommands(opts) {
+  const roots = [
+    { scope: 'user', commands: path.join(getBortexUserDir(), 'commands'), skills: path.join(getBortexUserDir(), 'skills') },
+    { scope: 'project', commands: path.join(getBortexProjectDir(opts), 'commands'), skills: path.join(getBortexProjectDir(opts), 'skills') }
+  ].concat(getEnabledPluginContentRoots(opts));
+  const rows = [];
+  roots.forEach((root) => {
+    listMarkdownFiles(root.commands).forEach((filePath) => {
+      const parsed = parseFrontmatterMarkdown(fs.readFileSync(filePath, 'utf8'));
+      const name = safeSlug(parsed.meta.name || path.basename(filePath, '.md'));
+      rows.push({
+        scope: root.scope,
+        type: 'command',
+        name,
+        command: `/${name}`,
+        description: String(parsed.meta.description || parsed.body.split(/\r?\n/).find(Boolean) || 'Custom command').slice(0, 160),
+        filePath,
+        meta: parsed.meta,
+        body: parsed.body
+      });
+    });
+    listSkillFiles(root.skills).forEach((filePath) => {
+      const parsed = parseFrontmatterMarkdown(fs.readFileSync(filePath, 'utf8'));
+      const name = safeSlug(parsed.meta.name || path.basename(path.dirname(filePath)));
+      rows.push({
+        scope: root.scope,
+        type: 'skill',
+        name,
+        command: `/${name}`,
+        description: String(parsed.meta.description || parsed.body.split(/\r?\n/).find(Boolean) || 'Custom skill').slice(0, 160),
+        filePath,
+        meta: parsed.meta,
+        body: parsed.body
+      });
+    });
+  });
+  const seen = new Set();
+  return rows.reverse().filter((row) => {
+    if (seen.has(row.command)) return false;
+    seen.add(row.command);
+    return true;
+  }).reverse();
+}
+
+function getAllSlashCommandRows(opts = {}) {
+  const custom = loadCustomSlashCommands(opts).map((row) => [row.command, `${row.description} (${row.scope} ${row.type})`]);
+  const existing = new Set(SLASH_COMMANDS.map(([command]) => command.split(/\s+/)[0]));
+  return SLASH_COMMANDS.concat(custom.filter(([command]) => !existing.has(command)));
+}
+
+function redactSensitiveText(text) {
+  return String(text || '')
+    .replace(/Bearer\s+[A-Za-z0-9._~+/=-]+/g, 'Bearer [REDACTED]')
+    .replace(/(sk-[A-Za-z0-9_-]{12,})/g, '[REDACTED_API_KEY]')
+    .replace(/(npm_[A-Za-z0-9]{12,})/g, '[REDACTED_NPM_TOKEN]')
+    .replace(/("?(?:password|token|api[_-]?key|secret)"?\s*[:=]\s*)("[^"]+"|'[^']+'|[^\s,}]+)/gi, '$1[REDACTED]');
+}
+
+function redactPayload(value) {
+  if (typeof value === 'string') return redactSensitiveText(value);
+  if (Array.isArray(value)) return value.map((item) => redactPayload(item));
+  if (value && typeof value === 'object') {
+    const out = {};
+    Object.entries(value).forEach(([key, item]) => {
+      const sensitiveKey = /password|token|api[_-]?key|secret|authorization|cookie/i.test(key);
+      out[key] = sensitiveKey ? '[REDACTED]' : redactPayload(item);
+    });
+    return out;
+  }
+  return value;
+}
+
+function getTranscriptDir(opts) {
+  return path.join(getBortexProjectDir(opts), 'transcripts');
+}
+
+function ensureTranscriptId(opts) {
+  if (opts.transcriptId) return opts.transcriptId;
+  const stamp = new Date().toISOString().replace(/[:.]/g, '-');
+  const slug = safeSlug(path.basename(opts.cwd || process.cwd()), 'session');
+  const rand = crypto.randomBytes(4).toString('hex');
+  opts.transcriptId = `${stamp}-${slug}-${rand}`;
+  return opts.transcriptId;
+}
+
+function getCurrentTranscriptPath(opts) {
+  return path.join(getTranscriptDir(opts), `${ensureTranscriptId(opts)}.jsonl`);
+}
+
+function appendTranscriptEvent(opts, type, payload = {}) {
+  try {
+    if (opts?.execEphemeral || opts?.ephemeral) return null;
+    const filePath = getCurrentTranscriptPath(opts);
+    ensureDirSync(path.dirname(filePath));
+    const event = {
+      version: 1,
+      id: crypto.randomBytes(6).toString('hex'),
+      ts: Date.now(),
+      type: String(type || 'event'),
+      cwd: opts.cwd || process.cwd(),
+      payload: redactPayload(payload || {})
+    };
+    fs.appendFileSync(filePath, `${JSON.stringify(event)}\n`, 'utf8');
+    return filePath;
+  } catch (_err) {
+    return null;
+  }
+}
+
+function listTranscriptFiles(opts, all = false) {
+  const roots = [getTranscriptDir(opts)];
+  if (all) roots.push(path.join(getBortexUserDir(), 'transcripts'));
+  const files = [];
+  roots.forEach((dirPath) => {
+    try {
+      if (!fs.existsSync(dirPath)) return;
+      fs.readdirSync(dirPath)
+        .filter((name) => /\.jsonl$/i.test(name))
+        .forEach((name) => {
+          const filePath = path.join(dirPath, name);
+          const stat = fs.statSync(filePath);
+          files.push({ id: path.basename(name, '.jsonl'), filePath, mtime: stat.mtimeMs, size: stat.size });
+        });
+    } catch (_err) {}
+  });
+  return files.sort((a, b) => b.mtime - a.mtime);
+}
+
+function readTranscriptEvents(filePath, maxEvents = 80) {
+  try {
+    const lines = fs.readFileSync(filePath, 'utf8').split(/\r?\n/).filter(Boolean);
+    return lines.slice(-maxEvents).map((line) => JSON.parse(line));
+  } catch (_err) {
+    return [];
+  }
+}
+
+function summarizeTranscriptForResume(filePath) {
+  const events = readTranscriptEvents(filePath, 60);
+  const turns = [];
+  events.forEach((event) => {
+    const type = event.type;
+    const payload = event.payload || {};
+    if (type === 'user') turns.push(`User: ${String(payload.text || '').slice(0, 500)}`);
+    if (type === 'assistant') turns.push(`Assistant: ${String(payload.text || payload.message || '').slice(0, 500)}`);
+    if (type === 'tool') turns.push(`Tool: ${String(payload.command || payload.name || '').slice(0, 240)}`);
+  });
+  return turns.slice(-20).join('\n');
+}
+
+function findTranscriptByRef(opts, ref = '', all = false) {
+  const rows = listTranscriptFiles(opts, all);
+  if (!rows.length) return null;
+  const target = String(ref || 'last').trim();
+  if (!target || target === 'last' || target === '--last') return rows[0];
+  return rows.find((row) => row.id === target || row.id.includes(target) || row.filePath === target) || null;
+}
+
+function maybeAugmentPromptWithResumeContext(opts, prompt) {
+  if (!opts.resumeContext || opts._resumeContextUsed) return prompt;
+  opts._resumeContextUsed = true;
+  return [
+    'Previous Bortex Code session context:',
+    opts.resumeContext,
+    '',
+    'Continue from that context and answer this request:',
+    String(prompt || '')
+  ].join('\n');
+}
+
+async function prepareResumeContext(opts) {
+  const found = findTranscriptByRef(opts, opts.resumeTarget || 'last', opts.resumeAll);
+  if (!found) {
+    console.log('No transcript found to resume.');
+    return null;
+  }
+  opts.resumeTranscript = found;
+  opts.resumeContext = summarizeTranscriptForResume(found.filePath);
+  console.log(`Resumed transcript: ${found.id}`);
+  console.log(`Transcript path: ${found.filePath}`);
+  return found;
+}
+
+const BUILTIN_SUBAGENTS = [
+  { name: 'reviewer', description: 'Find regressions, risky diffs, missing tests, and code review findings.' },
+  { name: 'security', description: 'Inspect secrets, auth, injection, unsafe shell/network/file operations, and trust boundaries.' },
+  { name: 'tester', description: 'Identify test strategy, missing coverage, flaky paths, and verification commands.' },
+  { name: 'architect', description: 'Assess architecture, module boundaries, maintainability, and migration risks.' },
+  { name: 'fixer', description: 'Propose concrete implementation steps and patches for the current task.' },
+  { name: 'researcher', description: 'Gather local context, docs, dependencies, and unknowns before implementation.' }
+];
+
+function loadCustomSubagents(opts) {
+  const roots = [
+    { scope: 'user', dir: path.join(getBortexUserDir(), 'agents') },
+    { scope: 'project', dir: path.join(getBortexProjectDir(opts), 'agents') }
+  ];
+  const rows = [];
+  roots.forEach((root) => {
+    listMarkdownFiles(root.dir).forEach((filePath) => {
+      const parsed = parseFrontmatterMarkdown(fs.readFileSync(filePath, 'utf8'));
+      rows.push({
+        scope: root.scope,
+        name: safeSlug(parsed.meta.name || path.basename(filePath, '.md')),
+        description: String(parsed.meta.description || parsed.body.split(/\r?\n/).find(Boolean) || 'Custom agent').slice(0, 240),
+        instructions: parsed.body,
+        filePath
+      });
+    });
+  });
+  return rows;
+}
+
+function getAllSubagents(opts) {
+  const custom = loadCustomSubagents(opts);
+  const map = new Map();
+  BUILTIN_SUBAGENTS.forEach((a) => map.set(a.name, { ...a, scope: 'builtin', instructions: a.description }));
+  custom.forEach((a) => map.set(a.name, a));
+  return Array.from(map.values());
+}
+
+function getMcpConfigPath(opts, scope = 'project') {
+  return scope === 'user'
+    ? path.join(getBortexUserDir(), 'mcp.json')
+    : path.join(getBortexProjectDir(opts), 'mcp.json');
+}
+
+function loadMcpConfig(opts, scope = 'project') {
+  const filePath = getMcpConfigPath(opts, scope);
+  const raw = safeReadJson(filePath, { mcpServers: {} });
+  const servers = raw && typeof raw === 'object' && raw.mcpServers && typeof raw.mcpServers === 'object' ? raw.mcpServers : {};
+  return { filePath, mcpServers: servers };
+}
+
+function saveMcpConfig(opts, scope, config) {
+  safeWriteJson(getMcpConfigPath(opts, scope), { mcpServers: config.mcpServers || {} });
+}
+
+function getMergedMcpServers(opts) {
+  const user = loadMcpConfig(opts, 'user');
+  const project = loadMcpConfig(opts, 'project');
+  const rows = [];
+  Object.entries(user.mcpServers).forEach(([name, server]) => rows.push({ scope: 'user', name, server }));
+  discoverPlugins(opts).filter((plugin) => plugin.enabled).forEach((plugin) => {
+    const servers = plugin.manifest.mcpServers && typeof plugin.manifest.mcpServers === 'object' ? plugin.manifest.mcpServers : {};
+    Object.entries(servers).forEach(([name, server]) => rows.push({ scope: `plugin:${plugin.id}`, name, server }));
+  });
+  Object.entries(project.mcpServers).forEach(([name, server]) => rows.push({ scope: 'project', name, server }));
+  return rows;
+}
+
+function resolveMcpServer(opts, name) {
+  const target = String(name || '').trim();
+  return getMergedMcpServers(opts).find((row) => row.name === target) || null;
+}
+
+function buildMcpClientInfo() {
+  return { name: 'bortexcode', version: CLI_VERSION };
+}
+
+function parseMcpJsonLines(buffer, onMessage) {
+  let remaining = buffer;
+  let nl = remaining.indexOf('\n');
+  while (nl >= 0) {
+    const line = remaining.slice(0, nl).trim();
+    remaining = remaining.slice(nl + 1);
+    if (line) {
+      try { onMessage(JSON.parse(line)); } catch (_err) {}
+    }
+    nl = remaining.indexOf('\n');
+  }
+  return remaining;
+}
+
+async function runMcpStdioRequest(opts, row, method, params = {}, options = {}) {
+  const server = row.server || {};
+  if (!server.command) throw new Error(`MCP server "${row.name}" has no command.`);
+  const timeoutMs = Math.max(1000, Number(server.tool_timeout_ms || server.tool_timeout_sec * 1000 || options.timeoutMs || 60000));
+  const env = { ...process.env, ...(server.env || {}) };
+  const child = spawn(String(server.command), Array.isArray(server.args) ? server.args.map(String) : [], {
+    cwd: server.cwd ? resolveCliPath(opts, server.cwd) : (opts.cwd || process.cwd()),
+    env,
+    shell: false,
+    stdio: ['pipe', 'pipe', 'pipe'],
+    windowsHide: true
+  });
+  let nextId = 1;
+  let stdoutBuffer = '';
+  let stderr = '';
+  const pending = new Map();
+  let settled = false;
+
+  const close = () => {
+    if (settled) return;
+    settled = true;
+    try { child.stdin.end(); } catch (_err) {}
+    try { child.kill('SIGTERM'); } catch (_err) {}
+    setTimeout(() => {
+      try { child.kill('SIGKILL'); } catch (_err) {}
+    }, 1000).unref?.();
+  };
+
+  const send = (message) => {
+    child.stdin.write(`${JSON.stringify(message)}\n`);
+  };
+  const request = (reqMethod, reqParams = {}) => new Promise((resolve, reject) => {
+    const id = nextId++;
+    pending.set(id, { resolve, reject });
+    send({ jsonrpc: '2.0', id, method: reqMethod, params: reqParams });
+  });
+
+  child.stdout.on('data', (chunk) => {
+    stdoutBuffer += String(chunk || '');
+    stdoutBuffer = parseMcpJsonLines(stdoutBuffer, (msg) => {
+      if (!msg || typeof msg !== 'object' || msg.id == null) return;
+      const waiter = pending.get(msg.id);
+      if (!waiter) return;
+      pending.delete(msg.id);
+      if (msg.error) waiter.reject(new Error(msg.error.message || JSON.stringify(msg.error)));
+      else waiter.resolve(msg.result);
+    });
+  });
+  child.stderr.on('data', (chunk) => {
+    stderr += String(chunk || '');
+  });
+  child.on('error', (err) => {
+    for (const waiter of pending.values()) waiter.reject(err);
+    pending.clear();
+  });
+  child.on('close', (code) => {
+    const err = new Error(`MCP server "${row.name}" exited with code ${code}${stderr ? `: ${stderr.trim().slice(0, 500)}` : ''}`);
+    for (const waiter of pending.values()) waiter.reject(err);
+    pending.clear();
+  });
+
+  const timer = setTimeout(() => {
+    const err = new Error(`MCP request timed out after ${timeoutMs}ms.`);
+    for (const waiter of pending.values()) waiter.reject(err);
+    pending.clear();
+    close();
+  }, timeoutMs);
+  if (typeof timer.unref === 'function') timer.unref();
+
+  try {
+    await request('initialize', {
+      protocolVersion: server.protocolVersion || '2025-06-18',
+      capabilities: {},
+      clientInfo: buildMcpClientInfo()
+    });
+    send({ jsonrpc: '2.0', method: 'notifications/initialized', params: {} });
+    return await request(method, params);
+  } finally {
+    clearTimeout(timer);
+    close();
+  }
+}
+
+function mcpHttpHeaders(server) {
+  const headers = { 'Content-Type': 'application/json', ...(server.headers || {}), ...(server.http_headers || {}) };
+  const bearerEnv = server.bearerTokenEnvVar || server.bearer_token_env_var;
+  if (bearerEnv && process.env[bearerEnv]) headers.Authorization = `Bearer ${process.env[bearerEnv]}`;
+  if (server.env_http_headers && typeof server.env_http_headers === 'object') {
+    Object.entries(server.env_http_headers).forEach(([key, envName]) => {
+      if (process.env[String(envName)]) headers[key] = process.env[String(envName)];
+    });
+  }
+  return headers;
+}
+
+async function runMcpHttpRequest(_opts, row, method, params = {}) {
+  const server = row.server || {};
+  if (!server.url) throw new Error(`MCP server "${row.name}" has no URL.`);
+  const body = {
+    jsonrpc: '2.0',
+    id: Date.now(),
+    method,
+    params
+  };
+  const res = await fetch(server.url, {
+    method: 'POST',
+    headers: mcpHttpHeaders(server),
+    body: JSON.stringify(body)
+  });
+  const text = await res.text();
+  if (!res.ok) throw new Error(`MCP HTTP ${res.status}: ${text.slice(0, 1000)}`);
+  const jsonText = text.includes('\ndata:')
+    ? text.split(/\r?\n/).map((line) => line.trim()).filter((line) => line.startsWith('data:')).map((line) => line.slice(5).trim()).filter((line) => line && line !== '[DONE]').pop()
+    : text.trim();
+  const payload = JSON.parse(jsonText || '{}');
+  if (payload.error) throw new Error(payload.error.message || JSON.stringify(payload.error));
+  return payload.result ?? payload;
+}
+
+async function runMcpRequest(opts, serverName, method, params = {}, options = {}) {
+  const row = resolveMcpServer(opts, serverName);
+  if (!row) throw new Error(`MCP server not found: ${serverName}`);
+  const server = row.server || {};
+  const type = server.type || (server.command ? 'stdio' : 'http');
+  if (type === 'stdio') return runMcpStdioRequest(opts, row, method, params, options);
+  if (type === 'http' || server.url) return runMcpHttpRequest(opts, row, method, params, options);
+  throw new Error(`Unsupported MCP server type for "${serverName}".`);
+}
+
+function parseScopeFlag(rest) {
+  const user = rest.includes('--global') || rest.includes('--user');
+  const cleaned = rest.filter((x) => x !== '--global' && x !== '--user' && x !== '--project');
+  return { scope: user ? 'user' : 'project', rest: cleaned };
+}
+
+function getPermissionsConfigPath(opts, scope = 'project') {
+  return scope === 'user'
+    ? path.join(getBortexUserDir(), 'permissions.json')
+    : path.join(getBortexProjectDir(opts), 'permissions.json');
+}
+
+function loadPermissionsConfig(opts, scope = 'project') {
+  return safeReadJson(getPermissionsConfigPath(opts, scope), { defaultProfile: '', profiles: {} }) || { defaultProfile: '', profiles: {} };
+}
+
+function getEffectivePermissionProfile(opts) {
+  const project = loadPermissionsConfig(opts, 'project');
+  const user = loadPermissionsConfig(opts, 'user');
+  const name = safeSlug(opts.permissionProfile || project.defaultProfile || user.defaultProfile || 'workspace');
+  const builtins = {
+    'read-only': {
+      name: 'read-only',
+      allowWrites: false,
+      allowShell: false,
+      allowNetwork: false,
+      denyPatterns: ['rm -rf', 'del /s', 'format ', 'shutdown', 'reboot']
+    },
+    workspace: {
+      name: 'workspace',
+      allowWrites: true,
+      allowShell: true,
+      allowNetwork: false,
+      denyPatterns: ['rm -rf /', 'rm -rf .', 'format ', 'shutdown', 'reboot']
+    },
+    full: {
+      name: 'full',
+      allowWrites: true,
+      allowShell: true,
+      allowNetwork: true,
+      denyPatterns: []
+    },
+    'danger-full-access': {
+      name: 'danger-full-access',
+      allowWrites: true,
+      allowShell: true,
+      allowNetwork: true,
+      denyPatterns: []
+    }
+  };
+  const custom = {
+    ...(user.profiles && typeof user.profiles === 'object' ? user.profiles : {}),
+    ...(project.profiles && typeof project.profiles === 'object' ? project.profiles : {})
+  };
+  return { ...(builtins[name] || builtins.workspace), ...(custom[name] || {}), name };
+}
+
+function checkLocalPermission(opts, lc, line) {
+  if (lc === '/permissions' || lc === '/help' || lc === '/status' || lc === '/commands') return { allowed: true };
+  const profile = getEffectivePermissionProfile(opts);
+  const text = String(line || '');
+  const writeCommands = new Set(['/write', '/append', '/mkdir']);
+  const shellCommands = new Set(['/sh', '/shell', '/git', '/tool-run', '/agent-run', '/run']);
+  if (!profile.allowWrites && writeCommands.has(lc)) {
+    return { allowed: false, reason: `Permission profile "${profile.name}" does not allow file writes.` };
+  }
+  if (!profile.allowShell && shellCommands.has(lc)) {
+    return { allowed: false, reason: `Permission profile "${profile.name}" does not allow shell/tool execution.` };
+  }
+  const denyPatterns = Array.isArray(profile.denyPatterns) ? profile.denyPatterns : [];
+  const lowered = text.toLowerCase();
+  const blocked = denyPatterns.find((pattern) => lowered.includes(String(pattern).toLowerCase()));
+  if (blocked) return { allowed: false, reason: `Permission profile "${profile.name}" denied pattern: ${blocked}` };
+  return { allowed: true, profile };
+}
+
+async function handlePermissionsCommand(opts, rest) {
+  const sub = String(rest[0] || 'show').toLowerCase();
+  if (sub === 'show' || sub === 'status') {
+    const profile = getEffectivePermissionProfile(opts);
+    console.log(JSON.stringify({
+      selected: opts.permissionProfile || 'workspace',
+      effective: profile,
+      projectConfig: getPermissionsConfigPath(opts, 'project'),
+      userConfig: getPermissionsConfigPath(opts, 'user')
+    }, null, 2));
+    return { handled: true, data: profile };
+  }
+  if (sub === 'init') {
+    const filePath = getPermissionsConfigPath(opts, 'project');
+    if (fs.existsSync(filePath)) {
+      console.log(`Permissions file already exists: ${filePath}`);
+      return { handled: true };
+    }
+    safeWriteJson(filePath, {
+      defaultProfile: 'workspace',
+      profiles: {
+        workspace: {
+          allowWrites: true,
+          allowShell: true,
+          allowNetwork: false,
+          denyPatterns: ['rm -rf /', 'format ', 'shutdown', 'reboot']
+        }
+      }
+    });
+    console.log(`Created permissions file: ${filePath}`);
+    return { handled: true, data: { filePath } };
+  }
+  if (sub === 'profile' || sub === 'use') {
+    const name = safeSlug(rest[1] || '');
+    if (!name) {
+      console.log('Usage: /permissions profile <read-only|workspace|full>');
+      return { handled: true };
+    }
+    opts.permissionProfile = name;
+    console.log(`Permission profile: ${name}`);
+    return { handled: true, data: getEffectivePermissionProfile(opts) };
+  }
+  if (sub === 'check') {
+    const line = rest.slice(1).join(' ');
+    const [cmd] = parseWords(line);
+    const result = checkLocalPermission(opts, String(cmd || '').toLowerCase(), line);
+    console.log(JSON.stringify(result, null, 2));
+    return { handled: true, data: result };
+  }
+  console.log('Usage: /permissions show|init|profile <name>|check <slash-command>');
+  return { handled: true };
+}
+
+function getHookFiles(opts) {
+  const files = [
+    { scope: 'user', filePath: path.join(getBortexUserDir(), 'hooks.json') },
+    { scope: 'project', filePath: path.join(getBortexProjectDir(opts), 'hooks.json') }
+  ];
+  discoverPlugins(opts).filter((plugin) => plugin.enabled).forEach((plugin) => {
+    const rel = plugin.manifest.hooksFile || path.join('hooks', 'hooks.json');
+    files.push({ scope: `plugin:${plugin.id}`, filePath: path.join(plugin.dir, rel) });
+  });
+  return files;
+}
+
+function loadHookEntries(opts, eventName = '') {
+  const rows = [];
+  getHookFiles(opts).forEach((source) => {
+    const raw = safeReadJson(source.filePath, null);
+    if (!raw || typeof raw !== 'object') return;
+    const hooksRoot = raw.hooks && typeof raw.hooks === 'object' ? raw.hooks : raw;
+    Object.entries(hooksRoot).forEach(([event, hooks]) => {
+      if (eventName && event !== eventName) return;
+      const list = Array.isArray(hooks) ? hooks : [];
+      list.forEach((hook, index) => {
+        if (Array.isArray(hook?.hooks)) {
+          hook.hooks.forEach((inner, innerIndex) => rows.push({
+            ...inner,
+            event,
+            matcher: inner.matcher || hook.matcher || '',
+            index,
+            innerIndex,
+            source: source.scope,
+            filePath: source.filePath
+          }));
+          return;
+        }
+        rows.push({ ...hook, event, index, source: source.scope, filePath: source.filePath });
+      });
+    });
+  });
+  return rows.map((row) => ({ ...row, hash: hashHookEntry(row) }));
+}
+
+function hashHookEntry(hook) {
+  const stable = {
+    event: hook.event,
+    matcher: hook.matcher || '',
+    type: hook.type || 'command',
+    command: hook.command || '',
+    source: hook.source,
+    filePath: hook.filePath
+  };
+  return crypto.createHash('sha256').update(JSON.stringify(stable)).digest('hex').slice(0, 16);
+}
+
+function getHookTrustPath() {
+  return path.join(getBortexUserDir(), 'hooks-trust.json');
+}
+
+function loadHookTrust() {
+  const raw = safeReadJson(getHookTrustPath(), { trusted: {}, disabled: {} });
+  return {
+    trusted: raw && typeof raw.trusted === 'object' ? raw.trusted : {},
+    disabled: raw && typeof raw.disabled === 'object' ? raw.disabled : {}
+  };
+}
+
+function saveHookTrust(trust) {
+  safeWriteJson(getHookTrustPath(), {
+    trusted: trust.trusted || {},
+    disabled: trust.disabled || {}
+  });
+}
+
+function annotateHookTrust(rows) {
+  const trust = loadHookTrust();
+  return rows.map((row) => ({
+    ...row,
+    trusted: !!trust.trusted[row.hash],
+    disabled: !!trust.disabled[row.hash]
+  }));
+}
+
+function hookMatches(hook, payload) {
+  const matcher = String(hook.matcher || '').trim();
+  if (!matcher || matcher === '*') return true;
+  const haystack = [
+    payload.tool_name,
+    payload.command,
+    payload.tool_input?.command,
+    payload.prompt
+  ].filter(Boolean).join(' ');
+  if (!haystack) return false;
+  if (matcher.startsWith('/') && matcher.endsWith('/')) {
+    try { return new RegExp(matcher.slice(1, -1)).test(haystack); } catch (_err) { return false; }
+  }
+  return haystack.toLowerCase().includes(matcher.toLowerCase());
+}
+
+async function runBortexHooks(opts, eventName, payload = {}, options = {}) {
+  if (opts._runningBortexHooks) return { denied: false, results: [] };
+  const hooks = annotateHookTrust(loadHookEntries(opts, eventName))
+    .filter((hook) => !hook.disabled)
+    .filter((hook) => !(process.env.BORTEX_HOOK_TRUST === '1' && hook.source !== 'user' && !hook.trusted))
+    .filter((hook) => hookMatches(hook, payload));
+  const results = [];
+  if (!hooks.length) return { denied: false, results };
+  opts._runningBortexHooks = true;
+  try {
+    for (const hook of hooks) {
+      if (String(hook.type || 'command') !== 'command' || !hook.command) continue;
+      const hookPayload = {
+        event: eventName,
+        cwd: opts.cwd || process.cwd(),
+        source: hook.source,
+        payload
+      };
+      const res = await runChild(String(hook.command), [], {
+        cwd: opts.cwd,
+        shell: true,
+        env: {
+          BORTEX_HOOK_EVENT: eventName,
+          BORTEX_HOOK_PAYLOAD: redactSensitiveText(JSON.stringify(hookPayload))
+        }
+      });
+      let parsed = null;
+      try { parsed = JSON.parse(String(res.stdout || '').trim()); } catch (_err) {}
+      results.push({ hook, ok: res.ok, stdout: res.stdout, stderr: res.stderr, parsed });
+      const decision = parsed?.permissionDecision || parsed?.hookSpecificOutput?.permissionDecision || parsed?.decision;
+      if (options.decision && ['deny', 'block'].includes(String(decision || '').toLowerCase())) {
+        return {
+          denied: true,
+          reason: parsed?.permissionDecisionReason || parsed?.hookSpecificOutput?.permissionDecisionReason || parsed?.reason || `Denied by ${hook.source} hook`,
+          results
+        };
+      }
+      if (options.decision && ['ask'].includes(String(decision || '').toLowerCase())) {
+        const ok = await confirmDangerous(parsed?.reason || `Hook ${hook.source}:${eventName} asks for approval. Continue?`);
+        if (!ok) return { denied: true, reason: 'Rejected by user after hook ask decision', results };
+      }
+    }
+  } finally {
+    opts._runningBortexHooks = false;
+  }
+  return { denied: false, results };
+}
+
+async function renderCustomSlashPrompt(opts, entry, argsText) {
+  let body = String(entry.body || '');
+  body = body
+    .replace(/\$ARGUMENTS/g, argsText)
+    .replace(/\$\{BORTEX_CWD\}/g, opts.cwd || process.cwd())
+    .replace(/\$\{BORTEX_SESSION_ID\}/g, opts.transcriptId || ensureTranscriptId(opts))
+    .replace(/\$\{BORTEX_COMMAND_DIR\}/g, path.dirname(entry.filePath));
+
+  if (entry.meta && entry.meta['allow-shell-injection'] === true) {
+    const lines = [];
+    for (const line of body.split(/\r?\n/)) {
+      const match = line.match(/!\`([^`]+)\`/);
+      if (!match) {
+        lines.push(line);
+        continue;
+      }
+      const res = await runChild(match[1], [], { cwd: opts.cwd, shell: true });
+      const replacement = redactSensitiveText((res.stdout || res.stderr || '').trim()).slice(0, 12000);
+      lines.push(line.replace(match[0], replacement || '(no output)'));
+    }
+    body = lines.join('\n');
+  }
+
+  return [
+    `Run Bortex ${entry.type}: /${entry.name}`,
+    entry.description ? `Purpose: ${entry.description}` : '',
+    argsText ? `Arguments: ${argsText}` : '',
+    '',
+    body
+  ].filter(Boolean).join('\n');
+}
+
+async function handleCustomSlashCommand(opts, lc, rest, line) {
+  const entry = loadCustomSlashCommands(opts).find((row) => row.command.toLowerCase() === lc);
+  if (!entry) return false;
+  const argsText = line.slice(line.indexOf(lc) + lc.length).trim();
+  const prompt = await renderCustomSlashPrompt(opts, entry, argsText);
+  recordArtifact(opts, entry.type, `${entry.command} ${argsText}`.trim());
+  appendTranscriptEvent(opts, 'tool', { command: entry.command, type: entry.type, filePath: entry.filePath, args: argsText });
+  if (opts.offline) {
+    console.log(prompt);
+    return true;
+  }
+  const data = await askServer(opts, maybeAugmentPromptWithResumeContext(opts, prompt));
+  printResponse(opts, data);
+  appendTranscriptEvent(opts, 'assistant', { text: data?.message || JSON.stringify(data || {}) });
+  return true;
+}
+
+async function handleSkillsCommand(opts, rest) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  const commands = loadCustomSlashCommands(opts);
+  if (sub === 'list') {
+    const rows = commands.filter((row) => row.type === 'skill' || row.type === 'command');
+    if (!rows.length) {
+      console.log('No custom skills or commands found.');
+      console.log(`Project path: ${path.join(getBortexProjectDir(opts), 'skills')}`);
+      console.log(`User path   : ${path.join(getBortexUserDir(), 'skills')}`);
+      return { handled: true, data: [] };
+    }
+    rows.forEach((row) => console.log(`${row.command.padEnd(24)} ${row.description} [${row.scope}/${row.type}]`));
+    return { handled: true, data: rows };
+  }
+  if (sub === 'show') {
+    const name = String(rest[1] || '').replace(/^\//, '').toLowerCase();
+    const row = commands.find((item) => item.name.toLowerCase() === name || item.command.toLowerCase() === `/${name}`);
+    if (!row) {
+      console.log('Skill not found.');
+      return { handled: true };
+    }
+    console.log(`${row.command} (${row.scope}/${row.type})`);
+    console.log(`Path: ${row.filePath}`);
+    console.log('');
+    process.stdout.write(row.body.endsWith('\n') ? row.body : `${row.body}\n`);
+    return { handled: true, data: row };
+  }
+  if (sub === 'new') {
+    const name = safeSlug(rest[1] || '');
+    if (!name) {
+      console.log('Usage: /skills new <name>');
+      return { handled: true };
+    }
+    const dirPath = path.join(getBortexProjectDir(opts), 'skills', name);
+    const filePath = path.join(dirPath, 'SKILL.md');
+    if (fs.existsSync(filePath)) {
+      console.log(`Skill already exists: ${filePath}`);
+      return { handled: true };
+    }
+    ensureDirSync(dirPath);
+    const body = [
+      '---',
+      `description: ${name} workflow for this repository.`,
+      'disable-model-invocation: true',
+      '---',
+      '',
+      `Run the ${name} workflow for $ARGUMENTS.`,
+      '',
+      '1. Inspect the relevant files.',
+      '2. Make a concise plan.',
+      '3. Execute only the necessary changes.',
+      '4. Verify the result.'
+    ].join('\n');
+    fs.writeFileSync(filePath, body, 'utf8');
+    console.log(`Created skill: ${filePath}`);
+    return { handled: true, data: { filePath } };
+  }
+  console.log('Usage: /skills list|show <name>|new <name>');
+  return { handled: true };
+}
+
+async function handlePluginsCommand(opts, rest) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  if (sub === 'list') {
+    const rows = discoverPlugins(opts);
+    if (!rows.length) {
+      console.log('No plugins installed.');
+      console.log(`Project plugins: ${path.join(getBortexProjectDir(opts), 'plugins')}`);
+      console.log(`User plugins   : ${path.join(getBortexUserDir(), 'plugins')}`);
+      return { handled: true, data: [] };
+    }
+    rows.forEach((plugin) => {
+      const state = plugin.enabled ? 'enabled' : 'disabled';
+      console.log(`${plugin.id.padEnd(22)} ${state.padEnd(9)} ${plugin.version || '-'} ${plugin.description || plugin.name} [${plugin.scope}]`);
+    });
+    return { handled: true, data: rows };
+  }
+  if (sub === 'init') {
+    const name = safeSlug(rest[1] || '');
+    if (!name) {
+      console.log('Usage: /plugins init <name>');
+      return { handled: true };
+    }
+    const dir = path.join(getBortexProjectDir(opts), 'plugins', name);
+    const manifestPath = path.join(dir, '.bortex-plugin', 'plugin.json');
+    if (fs.existsSync(manifestPath)) {
+      console.log(`Plugin already exists: ${manifestPath}`);
+      return { handled: true };
+    }
+    ensureDirSync(path.dirname(manifestPath));
+    ensureDirSync(path.join(dir, 'skills', name));
+    ensureDirSync(path.join(dir, 'commands'));
+    ensureDirSync(path.join(dir, 'hooks'));
+    safeWriteJson(manifestPath, {
+      id: name,
+      name,
+      version: '0.1.0',
+      description: `${name} plugin for Bortex Code`,
+      skillsDir: 'skills',
+      commandsDir: 'commands',
+      hooksFile: 'hooks/hooks.json',
+      mcpServers: {}
+    });
+    fs.writeFileSync(path.join(dir, 'skills', name, 'SKILL.md'), [
+      '---',
+      `description: ${name} plugin skill.`,
+      '---',
+      '',
+      `Run the ${name} plugin workflow for $ARGUMENTS.`
+    ].join('\n'), 'utf8');
+    safeWriteJson(path.join(dir, 'hooks', 'hooks.json'), { hooks: {} });
+    console.log(`Created plugin: ${dir}`);
+    return { handled: true, data: { dir, manifestPath } };
+  }
+  if (sub === 'install') {
+    const srcRaw = String(rest[1] || '').trim();
+    if (!srcRaw) {
+      console.log('Usage: /plugins install <local-path> [--global]');
+      return { handled: true };
+    }
+    const parsed = parseScopeFlag(rest.slice(2));
+    const src = resolveCliPath(opts, srcRaw);
+    if (!fs.existsSync(src) || !fs.statSync(src).isDirectory()) {
+      console.log(`Plugin path not found: ${src}`);
+      return { handled: true };
+    }
+    const loaded = readPluginManifest(src);
+    if (!loaded) {
+      console.log('Plugin manifest not found. Expected .bortex-plugin/plugin.json or plugin.json.');
+      return { handled: true };
+    }
+    const id = safeSlug(loaded.manifest.id || loaded.manifest.name || path.basename(src));
+    const dest = path.join(parsed.scope === 'user' ? getBortexUserDir() : getBortexProjectDir(opts), 'plugins', id);
+    if (fs.existsSync(dest)) {
+      console.log(`Plugin already installed: ${dest}`);
+      return { handled: true };
+    }
+    ensureDirSync(path.dirname(dest));
+    fs.cpSync(src, dest, { recursive: true });
+    console.log(`Installed plugin "${id}" to ${parsed.scope}: ${dest}`);
+    return { handled: true, data: { id, dest } };
+  }
+  if (sub === 'enable' || sub === 'disable') {
+    const id = safeSlug(rest[1] || '');
+    if (!id) {
+      console.log(`Usage: /plugins ${sub} <id>`);
+      return { handled: true };
+    }
+    const state = loadPluginState(opts);
+    if (sub === 'disable') state.disabled[id] = { ts: Date.now() };
+    else delete state.disabled[id];
+    savePluginState(opts, state);
+    console.log(`${sub === 'disable' ? 'Disabled' : 'Enabled'} plugin: ${id}`);
+    return { handled: true, data: state };
+  }
+  if (sub === 'show') {
+    const id = safeSlug(rest[1] || '');
+    const row = discoverPlugins(opts).find((plugin) => plugin.id === id);
+    if (!row) {
+      console.log('Plugin not found.');
+      return { handled: true };
+    }
+    console.log(JSON.stringify(row, null, 2));
+    return { handled: true, data: row };
+  }
+  console.log('Usage: /plugins list|show <id>|init <name>|install <path> [--global]|enable <id>|disable <id>');
+  return { handled: true };
+}
+
+async function handleBrowserCommand(opts, rest) {
+  const sub = String(rest[0] || 'status').toLowerCase();
+  if (sub === 'setup' || sub === 'install') {
+    const parsed = parseScopeFlag(rest.slice(1));
+    const cfg = loadMcpConfig(opts, parsed.scope);
+    cfg.mcpServers.playwright = {
+      type: 'stdio',
+      command: 'npx',
+      args: ['-y', '@playwright/mcp'],
+      env: {}
+    };
+    saveMcpConfig(opts, parsed.scope, cfg);
+    console.log(`Configured Playwright MCP browser server in ${parsed.scope} config.`);
+    console.log('Use: /mcp tools playwright');
+    return { handled: true, data: cfg.mcpServers.playwright };
+  }
+  if (sub === 'status') {
+    const row = resolveMcpServer(opts, 'playwright');
+    if (!row) {
+      console.log('Playwright MCP is not configured. Run: /browser setup');
+      return { handled: true, data: null };
+    }
+    console.log(JSON.stringify(row, null, 2));
+    return { handled: true, data: row };
+  }
+  console.log('Usage: /browser status|setup [--global]');
+  return { handled: true };
+}
+
+async function handleMcpCommand(opts, rest, line) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  if (sub === 'list' || sub === 'status') {
+    const rows = getMergedMcpServers(opts);
+    if (!rows.length) {
+      console.log('No MCP servers configured.');
+      console.log(`Project config: ${getMcpConfigPath(opts, 'project')}`);
+      console.log(`User config   : ${getMcpConfigPath(opts, 'user')}`);
+      return { handled: true, data: [] };
+    }
+    rows.forEach((row) => {
+      const type = row.server.type || (row.server.command ? 'stdio' : 'http');
+      const target = row.server.command || row.server.url || '(missing target)';
+      console.log(`${row.name.padEnd(22)} ${type.padEnd(8)} ${target} [${row.scope}]`);
+    });
+    return { handled: true, data: rows };
+  }
+  if (sub === 'get') {
+    const name = String(rest[1] || '');
+    const row = getMergedMcpServers(opts).find((item) => item.name === name);
+    if (!row) console.log('MCP server not found.');
+    else console.log(JSON.stringify(row, null, 2));
+    return { handled: true, data: row || null };
+  }
+  if (sub === 'remove' || sub === 'rm') {
+    const name = String(rest[1] || '');
+    if (!name) {
+      console.log('Usage: /mcp remove <name> [--global]');
+      return { handled: true };
+    }
+    const parsed = parseScopeFlag(rest.slice(2));
+    const cfg = loadMcpConfig(opts, parsed.scope);
+    delete cfg.mcpServers[name];
+    saveMcpConfig(opts, parsed.scope, cfg);
+    console.log(`Removed MCP server "${name}" from ${parsed.scope} config.`);
+    return { handled: true };
+  }
+  if (sub === 'add') {
+    const name = safeSlug(rest[1] || '');
+    const sep = rest.indexOf('--');
+    if (!name || sep < 0 || sep >= rest.length - 1) {
+      console.log('Usage: /mcp add <name> [--global] -- <command> [args...]');
+      return { handled: true };
+    }
+    const parsed = parseScopeFlag(rest.slice(2, sep));
+    const commandParts = rest.slice(sep + 1);
+    const cfg = loadMcpConfig(opts, parsed.scope);
+    cfg.mcpServers[name] = { type: 'stdio', command: commandParts[0], args: commandParts.slice(1), env: {} };
+    saveMcpConfig(opts, parsed.scope, cfg);
+    console.log(`Added stdio MCP server "${name}" to ${parsed.scope} config.`);
+    return { handled: true, data: cfg.mcpServers[name] };
+  }
+  if (sub === 'add-http') {
+    const name = safeSlug(rest[1] || '');
+    const url = String(rest[2] || '').trim();
+    if (!name || !/^https?:\/\//i.test(url)) {
+      console.log('Usage: /mcp add-http <name> <url> [--global] [--header Key=Value]');
+      return { handled: true };
+    }
+    const parsed = parseScopeFlag(rest.slice(3));
+    const headers = {};
+    for (let i = 0; i < parsed.rest.length; i += 1) {
+      if (parsed.rest[i] === '--header' && parsed.rest[i + 1]) {
+        const raw = parsed.rest[i + 1];
+        const idx = raw.includes('=') ? raw.indexOf('=') : raw.indexOf(':');
+        if (idx > 0) headers[raw.slice(0, idx).trim()] = raw.slice(idx + 1).trim();
+        i += 1;
+      }
+    }
+    const cfg = loadMcpConfig(opts, parsed.scope);
+    cfg.mcpServers[name] = { type: 'http', url, headers };
+    saveMcpConfig(opts, parsed.scope, cfg);
+    console.log(`Added HTTP MCP server "${name}" to ${parsed.scope} config.`);
+    return { handled: true, data: cfg.mcpServers[name] };
+  }
+  if (sub === 'add-json') {
+    const name = safeSlug(rest[1] || '');
+    const jsonText = rest.slice(2).join(' ').trim();
+    if (!name || !jsonText) {
+      console.log('Usage: /mcp add-json <name> <json>');
+      return { handled: true };
+    }
+    let server;
+    try { server = JSON.parse(jsonText); } catch (err) {
+      console.log(`Invalid JSON: ${err.message}`);
+      return { handled: true };
+    }
+    const cfg = loadMcpConfig(opts, 'project');
+    cfg.mcpServers[name] = server;
+    saveMcpConfig(opts, 'project', cfg);
+    console.log(`Added JSON MCP server "${name}" to project config.`);
+    return { handled: true, data: server };
+  }
+  if (sub === 'tools' || sub === 'tool-list') {
+    const name = String(rest[1] || '').trim();
+    if (!name) {
+      console.log('Usage: /mcp tools <server>');
+      return { handled: true };
+    }
+    try {
+      const result = await runMcpRequest(opts, name, 'tools/list', {});
+      const tools = Array.isArray(result?.tools) ? result.tools : [];
+      if (!tools.length) console.log('No tools returned.');
+      tools.forEach((tool) => console.log(`${String(tool.name || '').padEnd(28)} ${tool.description || ''}`));
+      return { handled: true, data: result };
+    } catch (err) {
+      console.log(`MCP tools failed: ${err.message}`);
+      return { handled: true, data: { error: err.message } };
+    }
+  }
+  if (sub === 'call') {
+    const name = String(rest[1] || '').trim();
+    const toolName = String(rest[2] || '').trim();
+    const jsonText = rest.slice(3).join(' ').trim() || '{}';
+    if (!name || !toolName) {
+      console.log('Usage: /mcp call <server> <tool> [json-arguments]');
+      return { handled: true };
+    }
+    let argsPayload;
+    try { argsPayload = JSON.parse(jsonText); } catch (err) {
+      console.log(`Invalid tool arguments JSON: ${err.message}`);
+      return { handled: true };
+    }
+    const hookDecision = await runBortexHooks(opts, 'PreToolUse', {
+      tool_name: `mcp__${name}__${toolName}`,
+      tool_input: argsPayload,
+      command: `/mcp call ${name} ${toolName}`
+    }, { decision: true });
+    if (hookDecision.denied) {
+      console.log(`MCP tool denied by hook: ${hookDecision.reason}`);
+      return { handled: true, data: hookDecision };
+    }
+    try {
+      const result = await runMcpRequest(opts, name, 'tools/call', { name: toolName, arguments: argsPayload });
+      console.log(JSON.stringify(result, null, 2));
+      await runBortexHooks(opts, 'PostToolUse', {
+        tool_name: `mcp__${name}__${toolName}`,
+        tool_input: argsPayload,
+        result
+      });
+      return { handled: true, data: result };
+    } catch (err) {
+      console.log(`MCP call failed: ${err.message}`);
+      await runBortexHooks(opts, 'PostToolUse', {
+        tool_name: `mcp__${name}__${toolName}`,
+        tool_input: argsPayload,
+        error: err.message
+      });
+      return { handled: true, data: { error: err.message } };
+    }
+  }
+  if (sub === 'ping') {
+    const name = String(rest[1] || '').trim();
+    if (!name) {
+      console.log('Usage: /mcp ping <server>');
+      return { handled: true };
+    }
+    try {
+      const result = await runMcpRequest(opts, name, 'tools/list', {}, { timeoutMs: 15000 });
+      console.log(`MCP server "${name}" responded. tools=${Array.isArray(result?.tools) ? result.tools.length : 0}`);
+      return { handled: true, data: result };
+    } catch (err) {
+      console.log(`MCP ping failed: ${err.message}`);
+      return { handled: true, data: { error: err.message } };
+    }
+  }
+  if (sub === 'login') {
+    const name = String(rest[1] || '');
+    const row = getMergedMcpServers(opts).find((item) => item.name === name);
+    if (!row) {
+      console.log('MCP server not found.');
+      return { handled: true };
+    }
+    console.log('OAuth login handoff is not interactive yet. Store headers or OAuth config in the MCP entry, then use /mcp get to verify it.');
+    return { handled: true, data: row };
+  }
+  console.log('Usage: /mcp list|get|add|add-http|add-json|remove|tools|call|ping|login');
+  return { handled: true };
+}
+
+async function handleTranscriptCommand(opts, rest) {
+  const sub = String(rest[0] || 'path').toLowerCase();
+  if (sub === 'path') {
+    console.log(getCurrentTranscriptPath(opts));
+    return { handled: true, data: { path: getCurrentTranscriptPath(opts) } };
+  }
+  if (sub === 'list') {
+    const rows = listTranscriptFiles(opts, rest.includes('--all')).slice(0, Number(rest[1]) || 20);
+    if (!rows.length) console.log('No transcripts found.');
+    rows.forEach((row, i) => console.log(`${i + 1}. ${row.id}  ${Math.round(row.size / 1024)}KB  ${row.filePath}`));
+    return { handled: true, data: rows };
+  }
+  if (sub === 'export') {
+    const current = getCurrentTranscriptPath(opts);
+    if (!fs.existsSync(current)) {
+      console.log('No current transcript exists yet.');
+      return { handled: true };
+    }
+    const outPath = rest[1]
+      ? resolveCliPath(opts, rest.slice(1).join(' '))
+      : path.join(getTranscriptDir(opts), `${opts.transcriptId}.json`);
+    const events = readTranscriptEvents(current, 100000);
+    safeWriteJson(outPath, { version: 1, id: opts.transcriptId, cwd: opts.cwd, events });
+    console.log(`Transcript exported: ${outPath}`);
+    return { handled: true, data: { outPath, events: events.length } };
+  }
+  console.log('Usage: /transcript path|list [--all]|export [file]');
+  return { handled: true };
+}
+
+async function handleResumeCommand(opts, rest) {
+  const sub = String(rest[0] || 'last').toLowerCase();
+  if (sub === 'list') {
+    const rows = listTranscriptFiles(opts, rest.includes('--all')).slice(0, 30);
+    if (!rows.length) console.log('No transcripts found.');
+    rows.forEach((row, i) => console.log(`${i + 1}. ${row.id}  ${row.filePath}`));
+    return { handled: true, data: rows };
+  }
+  const target = sub === 'last' ? 'last' : String(rest[0] || 'last');
+  const found = findTranscriptByRef(opts, target, rest.includes('--all'));
+  if (!found) {
+    console.log('Transcript not found.');
+    return { handled: true };
+  }
+  opts.resumeTranscript = found;
+  opts.resumeContext = summarizeTranscriptForResume(found.filePath);
+  opts._resumeContextUsed = false;
+  console.log(`Resume context loaded: ${found.id}`);
+  return { handled: true, data: found };
 }
 
-function saveCliWorkspaceState(opts) {
-  const p = getCliSessionPath(opts);
-  const payload = {
-    version: 1,
-    cwd: opts.cwd,
-    updatedAt: Date.now(),
-    todo: sanitizeTodoItems(opts.todo),
-    plan: sanitizePlan(opts.plan),
-    history: sanitizeHistory(opts.commandHistory),
-    artifacts: sanitizeArtifacts(opts.artifacts),
-    runState: sanitizeRunState(opts.runState),
-    agentRunDefaults: sanitizeAgentRunDefaults(opts.agentRunDefaults)
-  };
-  fs.writeFileSync(p, JSON.stringify(payload, null, 2), 'utf8');
+async function handleHooksCommand(opts, rest) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  if (sub === 'list') {
+    const rows = annotateHookTrust(loadHookEntries(opts));
+    if (!rows.length) {
+      console.log('No hooks configured.');
+      console.log(`Project hooks: ${path.join(getBortexProjectDir(opts), 'hooks.json')}`);
+      console.log(`User hooks   : ${path.join(getBortexUserDir(), 'hooks.json')}`);
+      return { handled: true, data: [] };
+    }
+    rows.forEach((row) => {
+      const state = row.disabled ? 'disabled' : (row.trusted ? 'trusted' : 'untrusted');
+      console.log(`${row.hash} ${row.event.padEnd(18)} ${(row.matcher || '*').padEnd(16)} ${state.padEnd(10)} ${row.command || row.type || 'hook'} [${row.source}]`);
+    });
+    return { handled: true, data: rows };
+  }
+  if (sub === 'init') {
+    const filePath = path.join(getBortexProjectDir(opts), 'hooks.json');
+    if (fs.existsSync(filePath)) {
+      console.log(`Hooks file already exists: ${filePath}`);
+      return { handled: true };
+    }
+    safeWriteJson(filePath, {
+      hooks: {
+        UserPromptSubmit: [],
+        PreToolUse: [
+          {
+            type: 'command',
+            matcher: 'rm -rf',
+            command: 'node -e "console.log(JSON.stringify({permissionDecision:\\"deny\\",permissionDecisionReason:\\"Blocked destructive command\\"}))"'
+          }
+        ],
+        PostToolUse: []
+      }
+    });
+    console.log(`Created hooks file: ${filePath}`);
+    return { handled: true, data: { filePath } };
+  }
+  if (sub === 'review') {
+    const rows = annotateHookTrust(loadHookEntries(opts));
+    if (!rows.length) {
+      console.log('No hooks configured.');
+      return { handled: true, data: [] };
+    }
+    rows.forEach((row) => {
+      console.log('');
+      console.log(`${row.hash} ${row.event} [${row.source}] ${row.trusted ? 'trusted' : 'untrusted'}${row.disabled ? ' disabled' : ''}`);
+      console.log(`Matcher: ${row.matcher || '*'}`);
+      console.log(`Command: ${row.command || '(none)'}`);
+      console.log(`Path   : ${row.filePath}`);
+    });
+    return { handled: true, data: rows };
+  }
+  if (sub === 'trust') {
+    const target = String(rest[1] || '').trim();
+    if (!target) {
+      console.log('Usage: /hooks trust <hash|all>');
+      return { handled: true };
+    }
+    const rows = loadHookEntries(opts);
+    const trust = loadHookTrust();
+    rows.filter((row) => target === 'all' || row.hash === target).forEach((row) => {
+      trust.trusted[row.hash] = { ts: Date.now(), event: row.event, command: row.command || '' };
+      delete trust.disabled[row.hash];
+    });
+    saveHookTrust(trust);
+    console.log(`Trusted hooks: ${target}`);
+    return { handled: true, data: trust };
+  }
+  if (sub === 'disable' || sub === 'enable') {
+    const target = String(rest[1] || '').trim();
+    if (!target) {
+      console.log(`Usage: /hooks ${sub} <hash>`);
+      return { handled: true };
+    }
+    const trust = loadHookTrust();
+    if (sub === 'disable') trust.disabled[target] = { ts: Date.now() };
+    else delete trust.disabled[target];
+    saveHookTrust(trust);
+    console.log(`${sub === 'disable' ? 'Disabled' : 'Enabled'} hook: ${target}`);
+    return { handled: true, data: trust };
+  }
+  if (sub === 'test') {
+    const event = String(rest[1] || 'UserPromptSubmit');
+    const result = await runBortexHooks(opts, event, { prompt: rest.slice(2).join(' ') || 'test', command: rest.slice(2).join(' ') || 'test' }, { decision: true });
+    console.log(JSON.stringify(result, null, 2));
+    return { handled: true, data: result };
+  }
+  console.log('Usage: /hooks list|review|trust <hash|all>|disable <hash>|enable <hash>|init|test <event> [payload]');
+  return { handled: true };
 }
 
-function loadCliWorkspaceState(opts) {
-  const p = getCliSessionPath(opts);
-  opts.todo = [];
-  opts.plan = null;
-  opts.commandHistory = [];
-  opts.artifacts = [];
-  opts.runState = null;
-  opts.agentRunDefaults = sanitizeAgentRunDefaults(null);
-  if (!fs.existsSync(p)) return { loaded: false, path: p };
-  try {
-    const raw = JSON.parse(fs.readFileSync(p, 'utf8'));
-    opts.todo = sanitizeTodoItems(raw.todo);
-    opts.plan = sanitizePlan(raw.plan);
-    opts.commandHistory = sanitizeHistory(raw.history);
-    opts.artifacts = sanitizeArtifacts(raw.artifacts);
-    opts.runState = sanitizeRunState(raw.runState);
-    opts.agentRunDefaults = sanitizeAgentRunDefaults(raw.agentRunDefaults);
-    return { loaded: true, path: p };
-  } catch (_err) {
-    opts.agentRunDefaults = sanitizeAgentRunDefaults(null);
-    return { loaded: false, path: p, invalid: true };
+async function handleSubagentsCommand(opts, rest, line) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  const agents = getAllSubagents(opts);
+  if (sub === 'list') {
+    agents.forEach((agent) => console.log(`${agent.name.padEnd(16)} ${agent.description} [${agent.scope}]`));
+    return { handled: true, data: agents };
+  }
+  if (sub === 'run') {
+    const raw = line.slice(line.toLowerCase().indexOf('run') + 3).trim();
+    const agentMatch = raw.match(/(?:^|\s)--agents\s+([a-z0-9_,.-]+)(?=\s|$)/i);
+    const useWorktree = /(?:^|\s)--worktree(?=\s|$)/i.test(raw);
+    const selectedNames = agentMatch
+      ? agentMatch[1].split(',').map((x) => safeSlug(x)).filter(Boolean)
+      : ['reviewer', 'tester', 'security'];
+    const goal = raw
+      .replace(/(?:^|\s)--agents\s+[a-z0-9_,.-]+(?=\s|$)/ig, ' ')
+      .replace(/(?:^|\s)--worktree(?=\s|$)/ig, ' ')
+      .trim();
+    if (!goal) {
+      console.log('Usage: /subagents run [--agents reviewer,tester] <goal>');
+      return { handled: true };
+    }
+    const selected = selectedNames.map((name) => agents.find((agent) => agent.name === name)).filter(Boolean);
+    if (!selected.length) {
+      console.log('No matching subagents.');
+      return { handled: true };
+    }
+    if (opts.offline) {
+      selected.forEach((agent) => console.log(`[${agent.name}] ${agent.instructions || agent.description}\nTask: ${goal}\n`));
+      return { handled: true };
+    }
+    console.log(`Running ${selected.length} subagent(s): ${selected.map((a) => a.name).join(', ')}${useWorktree ? ' with isolated worktrees' : ''}`);
+    const results = await Promise.all(selected.map(async (agent) => {
+      let agentCwd = opts.cwd;
+      let worktree = null;
+      if (useWorktree) {
+        const wtName = safeSlug(`${agent.name}-${Date.now().toString(36)}-${crypto.randomBytes(2).toString('hex')}`);
+        const wtDir = path.join(getBortexProjectDir(opts), 'worktrees', wtName);
+        const branch = `bortex/${wtName}`;
+        const wtRes = await runChild('git', ['worktree', 'add', '-b', branch, wtDir, 'HEAD'], { cwd: opts.cwd, shell: false });
+        if (wtRes.ok) {
+          agentCwd = wtDir;
+          worktree = { path: wtDir, branch };
+        } else {
+          return { agent: agent.name, ok: false, text: `Worktree creation failed: ${wtRes.stderr || wtRes.stdout}`, worktree: null };
+        }
+      }
+      const prompt = [
+        `You are Bortex subagent "${agent.name}".`,
+        `Role: ${agent.description}`,
+        worktree ? `Isolated worktree: ${worktree.path}` : '',
+        agent.instructions ? `Instructions:\n${agent.instructions}` : '',
+        '',
+        `Task: ${goal}`,
+        '',
+        'Return concise findings, risks, and next actions. Do not claim file edits unless you performed them.'
+      ].filter(Boolean).join('\n');
+      try {
+        const data = await askServer({ ...opts, cwd: agentCwd, agent: false }, prompt);
+        return { agent: agent.name, ok: true, text: data?.message || JSON.stringify(data || {}), worktree };
+      } catch (err) {
+        return { agent: agent.name, ok: false, text: err.message, worktree };
+      }
+    }));
+    results.forEach((res) => {
+      console.log('');
+      console.log(`== ${res.agent} ${res.ok ? 'ok' : 'error'} ==`);
+      console.log(res.text);
+    });
+    appendTranscriptEvent(opts, 'subagents', { goal, results });
+    return { handled: true, data: results };
   }
+  console.log('Usage: /subagents list|run [--agents a,b] <goal>');
+  return { handled: true };
 }
 
-function pushCliHistory(opts, line) {
-  if (!Array.isArray(opts.commandHistory)) opts.commandHistory = [];
-  const text = String(line || '').trim();
-  if (!text) return;
-  const last = opts.commandHistory[opts.commandHistory.length - 1];
-  if (last && last.text === text) {
-    last.ts = Date.now();
-    return;
+async function handleWorktreeCommand(opts, rest, line) {
+  const sub = String(rest[0] || 'list').toLowerCase();
+  if (sub === 'list') {
+    const res = await runChild('git', ['worktree', 'list'], { cwd: opts.cwd, shell: false });
+    printExecResult(res, '');
+    return { handled: true, data: res };
   }
-  opts.commandHistory.push({ text, ts: Date.now() });
-  if (opts.commandHistory.length > 200) {
-    opts.commandHistory = opts.commandHistory.slice(-200);
+  const name = safeSlug(sub === 'create' || sub === 'add' ? rest[1] : rest[0]);
+  if (!name) {
+    console.log('Usage: /fork <name> [base]  or  /worktrees list');
+    return { handled: true };
   }
+  const base = String(sub === 'create' || sub === 'add' ? (rest[2] || 'HEAD') : (rest[1] || 'HEAD'));
+  const targetDir = path.join(getBortexProjectDir(opts), 'worktrees', name);
+  ensureDirSync(path.dirname(targetDir));
+  const branch = `bortex/${name}`;
+  const res = await runChild('git', ['worktree', 'add', '-b', branch, targetDir, base], { cwd: opts.cwd, shell: false });
+  printExecResult(res, `Worktree created: ${targetDir}`);
+  return { handled: true, data: { targetDir, branch, ok: res.ok } };
 }
 
-function recordArtifact(opts, kind, text) {
-  if (!Array.isArray(opts.artifacts)) opts.artifacts = [];
-  opts.artifacts.push({
-    ts: Date.now(),
-    kind: String(kind || 'event'),
-    text: String(text || '')
-  });
-  if (opts.artifacts.length > 300) {
-    opts.artifacts = opts.artifacts.slice(-300);
+async function handleGithubActionCommand(opts, rest) {
+  const sub = String(rest[0] || 'init').toLowerCase();
+  if (sub !== 'init') {
+    console.log('Usage: /github-action init');
+    return { handled: true };
   }
+  const workflowPath = path.join(opts.cwd, '.github', 'workflows', 'bortex-code.yml');
+  if (fs.existsSync(workflowPath)) {
+    console.log(`Workflow already exists: ${workflowPath}`);
+    return { handled: true };
+  }
+  ensureDirSync(path.dirname(workflowPath));
+  const body = [
+    'name: Bortex Code',
+    '',
+    'on:',
+    '  issue_comment:',
+    '    types: [created]',
+    '  pull_request_review_comment:',
+    '    types: [created]',
+    '',
+    'jobs:',
+    '  bortex:',
+    '    if: contains(github.event.comment.body, \'@bortex\')',
+    '    runs-on: ubuntu-latest',
+    '    permissions:',
+    '      contents: write',
+    '      pull-requests: write',
+    '      issues: write',
+    '    steps:',
+    '      - uses: actions/checkout@v4',
+    '      - uses: actions/setup-node@v4',
+    '        with:',
+    '          node-version: "20"',
+    '      - run: npm install -g bortexcode',
+    '      - name: Run Bortex Code',
+    '        env:',
+    '          BORTEX_API_KEY: ${{ secrets.BORTEX_API_KEY }}',
+    '          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}',
+    '        run: bortexcode --agent "${{ github.event.comment.body }}"'
+  ].join('\n');
+  fs.writeFileSync(workflowPath, body, 'utf8');
+  console.log(`Created workflow: ${workflowPath}`);
+  return { handled: true, data: { workflowPath } };
+}
+
+async function runReviewPreset(opts, rest) {
+  const baseIndex = rest.findIndex((x) => x === '--base' || x === 'base');
+  const commitIndex = rest.findIndex((x) => x === '--commit' || x === 'commit');
+  const customIndex = rest.findIndex((x) => x === '--custom' || x === 'custom');
+  const ai = rest.includes('--ai');
+  if (baseIndex >= 0) {
+    const base = String(rest[baseIndex + 1] || 'main');
+    const merge = await runChild('git', ['merge-base', base, 'HEAD'], { cwd: opts.cwd, shell: false });
+    const baseRef = String(merge.stdout || '').trim() || base;
+    const stat = await runChild('git', ['diff', '--stat', '--no-color', `${baseRef}..HEAD`], { cwd: opts.cwd, shell: false });
+    const patch = await runChild('git', ['diff', '--no-color', `${baseRef}..HEAD`], { cwd: opts.cwd, shell: false });
+    console.log(`Review preset: base branch ${base}`);
+    printExecResult(stat, '(no diff)');
+    if (ai && !opts.offline) {
+      const data = await askServer(opts, `Review this diff against ${base}. Prioritize bugs, regressions, security, and missing tests.\n\n${String(patch.stdout || '').slice(0, 50000)}`);
+      printResponse(opts, data);
+      return { preset: 'base', base, ai: true, data };
+    }
+    return { preset: 'base', base, stat: stat.stdout };
+  }
+  if (commitIndex >= 0) {
+    const sha = String(rest[commitIndex + 1] || 'HEAD');
+    const show = await runChild('git', ['show', '--stat', '--patch', '--no-color', sha], { cwd: opts.cwd, shell: false });
+    console.log(`Review preset: commit ${sha}`);
+    process.stdout.write(String(show.stdout || show.stderr || '').slice(0, 50000));
+    if (ai && !opts.offline) {
+      const data = await askServer(opts, `Review this commit. Prioritize actionable findings with file/line references when possible.\n\n${String(show.stdout || '').slice(0, 50000)}`);
+      printResponse(opts, data);
+      return { preset: 'commit', sha, ai: true, data };
+    }
+    return { preset: 'commit', sha };
+  }
+  if (customIndex >= 0) {
+    const instructions = rest.slice(customIndex + 1).filter((x) => x !== '--ai').join(' ').trim() || 'Focus on correctness and missing tests.';
+    const diff = await runChild('git', ['diff', '--no-color'], { cwd: opts.cwd, shell: false });
+    if (opts.offline) {
+      console.log(`Custom review instructions: ${instructions}`);
+      return { preset: 'custom', instructions };
+    }
+    const data = await askServer(opts, `Review the current uncommitted diff with these instructions: ${instructions}\n\n${String(diff.stdout || '').slice(0, 50000)}`);
+    printResponse(opts, data);
+    return { preset: 'custom', instructions, data };
+  }
+  return null;
 }
 
 function createRunStateFromGoal(goal) {
@@ -3967,7 +5661,7 @@ function terminateChildProcessTree(child) {
   }, 1500).unref?.();
 }
 
-function runChild(command, args, { cwd, shell = false } = {}) {
+function runChild(command, args, { cwd, shell = false, env = null } = {}) {
   return new Promise((resolve) => {
     const cancelState = ACTIVE_REMOTE_CONTROL_EXECUTION_STATE;
     if (cancelState?.cancelRequested || cancelState?.revoked || cancelState?.active === false) {
@@ -3976,6 +5670,7 @@ function runChild(command, args, { cwd, shell = false } = {}) {
     const child = spawn(command, args, {
       cwd: cwd || process.cwd(),
       shell,
+      env: env ? { ...process.env, ...env } : process.env,
       stdio: ['pipe', 'pipe', 'pipe'],
       windowsHide: true
     });
@@ -4041,6 +5736,18 @@ function printLocalHelp() {
   console.log('  /remote-control [name] [--lan|--host <host>|--port <port>]');
   console.log('  /remote-control --cloud [name]');
   console.log('  /remote-control stop');
+  console.log('  /mcp list|get|add|add-http|add-json|remove|tools|call|ping|login');
+  console.log('  /skills list|show <name>|new <name>');
+  console.log('  /plugins list|show|init|install|enable|disable');
+  console.log('  /permissions show|init|profile|check');
+  console.log('  /browser status|setup');
+  console.log('  /hooks list|review|trust|disable|enable|init|test <event>');
+  console.log('  /subagents list|run [--agents a,b] <goal>');
+  console.log('  /transcript path|list|export [file]');
+  console.log('  /resume list|last|<id>');
+  console.log('  /fork <name> [base]     create isolated git worktree');
+  console.log('  /worktrees list         list git worktrees');
+  console.log('  /github-action init     create @bortex GitHub workflow');
   console.log('  /diff [unstaged|staged|all]');
   console.log('  /stage <file>|--all');
   console.log('  /unstage <file>|--all');
@@ -4705,7 +6412,8 @@ function isReadOnlyRemoteSlashCommand(line) {
   if ([
     '/help', '/commands', '/menu', '/status', '/pwd', '/ls', '/tree', '/read',
     '/diff', '/hunks', '/show-hunk', '/ssh-status', '/sys-status',
-    '/process-status', '/port-status', '/history'
+    '/process-status', '/port-status', '/history', '/mcp', '/skills',
+    '/plugins', '/permissions', '/browser', '/hooks', '/subagents', '/agents', '/transcript', '/resume', '/worktrees'
   ].includes(lc)) return true;
   if (lc === '/llm-config') {
     const sub = String(rest[0] || 'show').toLowerCase();
@@ -4752,6 +6460,7 @@ function assessRemoteControlPromptPermission(opts, line) {
   const mode = getRemoteControlPermissionMode(opts);
   const text = String(line || '').trim();
   if (!text) return { ok: false, mode, reason: 'empty prompt' };
+  if (opts._remoteControlApprovalBypass) return { ok: true, mode, approved: true };
   if (mode === 'full') return { ok: true, mode };
   if (!text.startsWith('/')) return { ok: true, mode, skipNaturalActions: true };
   if (mode === 'read-only') {
@@ -4855,6 +6564,24 @@ async function postCloudRemoteChunk(state, commandId, stream, text) {
   }, 12000);
 }
 
+async function postCloudRemoteApprovalRequest(state, commandId, permission, text) {
+  const approvalUrl = withRemoteControlQuery(
+    state.approvalUrl || `${state.baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(state.sessionId)}/approval-request`,
+    state.baseUrl,
+    { agentToken: state.agentToken }
+  );
+  await fetchRemoteControlJson(approvalUrl, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      commandId,
+      text: String(text || ''),
+      mode: permission?.mode || state.permission || 'balanced',
+      reason: permission?.reason || 'This command requires explicit approval.'
+    })
+  }, 12000);
+}
+
 function createCloudRemoteChunkStreamer(state, commandId) {
   const queue = [];
   let timer = null;
@@ -4972,10 +6699,32 @@ async function pollCloudRemoteControlLoop(opts, state) {
         if (!text) continue;
         state.cancelRequested = false;
         state.cancelCommandId = null;
+        const approved = !!command.approved;
+        const permission = assessRemoteControlPromptPermission(opts, text);
+        if (!permission.ok && !approved) {
+          state.busy = true;
+          opts._remoteControlExecutionState = state;
+          try {
+            await postCloudRemoteApprovalRequest(state, commandId, permission, text);
+            console.log(`Cloud Remote Control approval requested for command #${commandId}: ${permission.reason}.`);
+          } catch (err) {
+            const message = err.message || String(err);
+            await postCloudRemoteResult(state, commandId, {
+              ok: false,
+              output: `Approval request failed: ${message}`
+            }).catch(() => {});
+          } finally {
+            state.busy = false;
+            delete opts._remoteControlExecutionState;
+          }
+          continue;
+        }
         state.busy = true;
         opts._remoteControlExecutionState = state;
         const streamer = createCloudRemoteChunkStreamer(state, commandId);
         let result;
+        const previousApprovalBypass = opts._remoteControlApprovalBypass;
+        if (approved) opts._remoteControlApprovalBypass = true;
         try {
           result = await runRemoteControlPrompt(opts, text, (stream, chunk) => streamer.push(stream, chunk));
         } catch (err) {
@@ -4984,6 +6733,8 @@ async function pollCloudRemoteControlLoop(opts, state) {
           await streamer.flush().catch(() => {});
           state.busy = false;
           delete opts._remoteControlExecutionState;
+          if (previousApprovalBypass === undefined) delete opts._remoteControlApprovalBypass;
+          else opts._remoteControlApprovalBypass = previousApprovalBypass;
         }
         if (state.cancelRequested && result.ok) {
           result = { ok: false, output: 'Canceled by remote request.' };
@@ -5032,6 +6783,11 @@ async function startCloudRemoteControlSession(opts, overrides = {}) {
   const name = getRemoteControlDisplayName(opts, overrides);
   const permission = getRemoteControlPermissionMode(opts, overrides);
   opts.remoteControlPermission = permission;
+  const sharedSettings = loadSharedSettings();
+  const registerCookie = getCookieHeaderFromSharedSettings();
+  const registerApiKey = String(
+    opts.apiKey || process.env.BORTEX_API_KEY || sharedSettings?.llmSettings?.apiKey || ''
+  ).trim();
   const payload = {
     name,
     cwd: opts.cwd,
@@ -5042,9 +6798,12 @@ async function startCloudRemoteControlSession(opts, overrides = {}) {
     mode: opts.agent ? 'agent' : 'chat',
     permission
   };
+  const registerHeaders = { 'Content-Type': 'application/json' };
+  if (registerCookie) registerHeaders.Cookie = registerCookie;
+  if (registerApiKey) registerHeaders['x-api-key'] = registerApiKey;
   const data = await fetchRemoteControlJson(`${baseUrl}/api/bortex-code/remote/register`, {
     method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
+    headers: registerHeaders,
     body: JSON.stringify(payload)
   }, 30000);
 
@@ -5068,6 +6827,7 @@ async function startCloudRemoteControlSession(opts, overrides = {}) {
     pollUrl: data.pollUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/poll`,
     resultUrl: data.resultUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/result`,
     chunkUrl: data.chunkUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/chunk`,
+    approvalUrl: data.approvalUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/approval-request`,
     heartbeatUrl: data.heartbeatUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/heartbeat`,
     controlUrl: data.controlUrl || `${baseUrl}/api/bortex-code/remote/session/${encodeURIComponent(sessionId)}/control`,
     lastCommandId: 0,
@@ -5088,6 +6848,8 @@ async function startCloudRemoteControlSession(opts, overrides = {}) {
 
   console.log(`Cloud Remote Control active: ${state.name}`);
   console.log(`URL: ${state.url}`);
+  if (data.accountUrl) console.log(`Account URL: ${data.accountUrl}`);
+  if (data.sessionsUrl) console.log(`Sessions: ${data.sessionsUrl}`);
   console.log(`Permission: ${state.permission}`);
   console.log('No inbound port required. Keep this process running.');
   console.log('Security: keep this tokenized URL private. Anyone with the URL can control this Bortex Code session.');
@@ -6452,17 +8214,69 @@ async function handleLocalCommand(opts, line) {
   const [cmd, ...rest] = parseWords(line);
   if (!cmd) return { handled: false };
   const lc = cmd.toLowerCase();
+  const permissionDecision = checkLocalPermission(opts, lc, line);
+  if (!permissionDecision.allowed) {
+    console.log(`Command denied by permissions: ${permissionDecision.reason}`);
+    return { handled: true, data: permissionDecision };
+  }
+  if (!opts._skipLocalCommandHooks && lc !== '/hooks') {
+    const hookDecision = await runBortexHooks(opts, 'PreToolUse', {
+      tool_name: 'SlashCommand',
+      tool_input: { command: line },
+      command: line
+    }, { decision: true });
+    if (hookDecision.denied) {
+      console.log(`Command denied by hook: ${hookDecision.reason}`);
+      return { handled: true, data: hookDecision };
+    }
+  }
   if (lc === '/help') {
     printLocalHelp();
     return { handled: true };
   }
   if (lc === '/commands' || lc === '/menu') {
     console.log('Commands');
-    SLASH_COMMANDS.forEach(([command, description]) => {
+    getAllSlashCommandRows(opts).forEach(([command, description]) => {
       console.log(`  ${command.padEnd(28)} ${description}`);
     });
     return { handled: true };
   }
+  if (lc === '/skills' || lc === '/skill') {
+    return handleSkillsCommand(opts, rest);
+  }
+  if (lc === '/plugins' || lc === '/plugin') {
+    return handlePluginsCommand(opts, rest);
+  }
+  if (lc === '/permissions' || lc === '/permission' || lc === '/sandbox') {
+    return handlePermissionsCommand(opts, rest);
+  }
+  if (lc === '/browser' || lc === '/playwright') {
+    return handleBrowserCommand(opts, rest);
+  }
+  if (lc === '/mcp') {
+    return handleMcpCommand(opts, rest, line);
+  }
+  if (lc === '/hooks') {
+    return handleHooksCommand(opts, rest);
+  }
+  if (lc === '/transcript' || lc === '/transcripts') {
+    return handleTranscriptCommand(opts, rest);
+  }
+  if (lc === '/resume') {
+    return handleResumeCommand(opts, rest);
+  }
+  if (lc === '/subagents' || lc === '/agents') {
+    return handleSubagentsCommand(opts, rest, line);
+  }
+  if (lc === '/fork' || lc === '/side' || lc === '/worktree' || lc === '/worktrees') {
+    return handleWorktreeCommand(opts, rest, line);
+  }
+  if (lc === '/github-action' || lc === '/install-github-app') {
+    return handleGithubActionCommand(opts, rest);
+  }
+  if (await handleCustomSlashCommand(opts, lc, rest, line)) {
+    return { handled: true };
+  }
   if (lc === '/agent') {
     const v = String(rest[0] || '').toLowerCase();
     if (!['on', 'off', 'true', 'false', '1', '0'].includes(v)) {
@@ -7475,6 +9289,11 @@ async function handleLocalCommand(opts, line) {
     return { handled: true };
   }
   if (lc === '/review') {
+    const preset = await runReviewPreset(opts, rest);
+    if (preset) {
+      recordArtifact(opts, 'review-preset', JSON.stringify({ preset: preset.preset, base: preset.base, sha: preset.sha }).slice(0, 300));
+      return { handled: true, data: preset };
+    }
     let mode = 'all';
     if (rest.includes('--staged')) mode = 'staged';
     else if (rest.includes('--unstaged')) mode = 'unstaged';
@@ -7650,6 +9469,219 @@ function printResponse(opts, data) {
   }
 }
 
+function responseToFinalText(opts, data) {
+  if (!opts?.agent) return String(data?.message || '');
+  if (data?.message) return String(data.message);
+  const applied = Array.isArray(data?.applied) ? data.applied : [];
+  const errors = Array.isArray(data?.errors) ? data.errors : [];
+  const lines = [];
+  if (applied.length) lines.push(`Applied changes (${applied.length}):`, ...applied.map((p) => `- ${p}`));
+  if (errors.length) lines.push(`Errors (${errors.length}):`, ...errors.map((e) => `- ${e.path || '?'}: ${e.error || 'error'}`));
+  return lines.join('\n') || JSON.stringify(data || {});
+}
+
+function emitExecJson(type, payload = {}) {
+  process.stdout.write(`${JSON.stringify({ type, ...payload })}\n`);
+}
+
+async function readPipedStdin() {
+  if (process.stdin.isTTY) return '';
+  let stat;
+  try {
+    stat = fs.fstatSync(0);
+    if (!stat.isFIFO() && !stat.isFile()) return '';
+  } catch (_err) {
+    return '';
+  }
+  if (stat.isFile()) {
+    try { return fs.readFileSync(0, 'utf8'); } catch (_err) { return ''; }
+  }
+  if (!stat.isFIFO()) return '';
+  return new Promise((resolve) => {
+    const chunks = [];
+    let settled = false;
+    const cleanup = () => {
+      process.stdin.off('data', onFirstData);
+      process.stdin.off('data', onData);
+      process.stdin.off('end', onEnd);
+      process.stdin.off('error', onError);
+      try { process.stdin.pause(); } catch (_err) {}
+    };
+    const finish = () => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      cleanup();
+      resolve(Buffer.concat(chunks).toString('utf8'));
+    };
+    const onData = (chunk) => chunks.push(Buffer.from(chunk));
+    const onFirstData = (chunk) => {
+      clearTimeout(timer);
+      chunks.push(Buffer.from(chunk));
+      process.stdin.on('data', onData);
+    };
+    const onEnd = () => finish();
+    const onError = () => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      cleanup();
+      resolve('');
+    };
+    const timer = setTimeout(() => {
+      if (settled) return;
+      settled = true;
+      cleanup();
+      resolve('');
+    }, 200);
+    if (typeof timer.unref === 'function') timer.unref();
+    process.stdin.once('data', onFirstData);
+    process.stdin.once('end', onEnd);
+    process.stdin.once('error', onError);
+    try { process.stdin.resume(); } catch (_err) { onError(); }
+  });
+}
+
+async function captureStdout(fn) {
+  const originalWrite = process.stdout.write.bind(process.stdout);
+  let output = '';
+  process.stdout.write = (chunk, encoding, cb) => {
+    output += Buffer.isBuffer(chunk) ? chunk.toString(typeof encoding === 'string' ? encoding : 'utf8') : String(chunk || '');
+    if (typeof encoding === 'function') encoding();
+    if (typeof cb === 'function') cb();
+    return true;
+  };
+  try {
+    const result = await fn();
+    return { result, output };
+  } finally {
+    process.stdout.write = originalWrite;
+  }
+}
+
+function loadExecSchemaInstruction(opts) {
+  if (!opts.execSchema) return '';
+  const schemaPath = resolveCliPath(opts, opts.execSchema);
+  const schemaText = fs.readFileSync(schemaPath, 'utf8');
+  JSON.parse(schemaText);
+  return [
+    '',
+    'Structured output requirement:',
+    'Return only valid JSON. Do not wrap it in Markdown. The JSON must conform to this JSON Schema:',
+    schemaText.trim()
+  ].join('\n');
+}
+
+async function runExecMode(opts) {
+  const startedAt = Date.now();
+  const threadId = opts.execEphemeral
+    ? `exec-${Date.now().toString(36)}-${crypto.randomBytes(4).toString('hex')}`
+    : ensureTranscriptId(opts);
+  const json = !!opts.execJson;
+  const oldSpinner = opts.ux.spinner;
+  const oldProgress = opts.ux.progress;
+  opts.ux.spinner = false;
+  opts.ux.progress = false;
+
+  const stdinText = await readPipedStdin();
+  let prompt = String(opts.prompt || '').trim();
+  if (prompt === '-') {
+    prompt = stdinText.trim();
+  } else if (stdinText.trim()) {
+    prompt = [
+      prompt || 'Process the following stdin context.',
+      '',
+      'STDIN context:',
+      stdinText.trim()
+    ].join('\n');
+  }
+
+  if (!prompt) {
+    const msg = 'Usage: bortexcode exec [--json] [-o file] [--output-schema file] <prompt>';
+    if (json) emitExecJson('error', { message: msg });
+    else console.error(msg);
+    process.exitCode = 2;
+    opts.ux.spinner = oldSpinner;
+    opts.ux.progress = oldProgress;
+    return;
+  }
+
+  let schemaInstruction = '';
+  try {
+    schemaInstruction = loadExecSchemaInstruction(opts);
+  } catch (err) {
+    const msg = `Invalid --output-schema: ${err.message}`;
+    if (json) emitExecJson('error', { message: msg });
+    else console.error(msg);
+    process.exitCode = 2;
+    opts.ux.spinner = oldSpinner;
+    opts.ux.progress = oldProgress;
+    return;
+  }
+  if (schemaInstruction) prompt += schemaInstruction;
+
+  if (json) {
+    emitExecJson('thread.started', { thread_id: threadId, cwd: opts.cwd, mode: opts.agent ? 'agent' : 'chat' });
+    emitExecJson('turn.started', { thread_id: threadId });
+  }
+
+  appendTranscriptEvent(opts, 'user', { text: prompt, exec: true, json, outputSchema: !!opts.execSchema });
+  const submitHook = await runBortexHooks(opts, 'UserPromptSubmit', { prompt, exec: true }, { decision: true });
+  if (submitHook.denied) {
+    const msg = `Prompt denied by hook: ${submitHook.reason}`;
+    if (json) emitExecJson('turn.failed', { thread_id: threadId, error: msg });
+    else console.error(msg);
+    process.exitCode = 1;
+    opts.ux.spinner = oldSpinner;
+    opts.ux.progress = oldProgress;
+    return;
+  }
+
+  try {
+    let finalText = '';
+    if (prompt.trim().startsWith('/')) {
+      if (json) throw new Error('Exec --json does not support local slash commands yet. Run the slash command without --json.');
+      const captured = await captureStdout(() => handleLocalCommand(opts, prompt.trim()));
+      const localResult = captured.result;
+      finalText = localResult.handled
+        ? (captured.output.trim() || JSON.stringify(localResult.data ?? { handled: true }, null, 2))
+        : '';
+    } else {
+      if (opts.offline) throw new Error('Exec mode needs the Bortex server unless the prompt is a local slash command.');
+      const data = await askServer(opts, maybeAugmentPromptWithResumeContext(opts, prompt));
+      finalText = responseToFinalText(opts, data);
+    }
+
+    if (opts.execSchema) {
+      try { JSON.parse(finalText); } catch (err) {
+        throw new Error(`Model output did not parse as JSON for --output-schema: ${err.message}`);
+      }
+    }
+
+    if (opts.execOutput) {
+      const outPath = resolveCliPath(opts, opts.execOutput);
+      ensureDirSync(path.dirname(outPath));
+      fs.writeFileSync(outPath, finalText.endsWith('\n') ? finalText : `${finalText}\n`, 'utf8');
+    }
+    appendTranscriptEvent(opts, 'assistant', { text: finalText, exec: true });
+
+    if (json) {
+      emitExecJson('item.completed', { item: { id: 'final', type: 'agent_message', text: finalText } });
+      emitExecJson('turn.completed', { thread_id: threadId, duration_ms: Date.now() - startedAt });
+    } else {
+      process.stdout.write(finalText.endsWith('\n') ? finalText : `${finalText}\n`);
+    }
+  } catch (err) {
+    appendTranscriptEvent(opts, 'assistant-error', { exec: true, error: err.message });
+    if (json) emitExecJson('turn.failed', { thread_id: threadId, error: err.message, duration_ms: Date.now() - startedAt });
+    else console.error(err.message);
+    process.exitCode = 1;
+  } finally {
+    opts.ux.spinner = oldSpinner;
+    opts.ux.progress = oldProgress;
+  }
+}
+
 const SLASH_COMMANDS = [
   ['/agent on', 'Enable agent mode'],
   ['/agent off', 'Disable agent mode'],
@@ -7660,6 +9692,23 @@ const SLASH_COMMANDS = [
   ['/remote-control --lan', 'Expose Remote Control on the local network'],
   ['/remote-control --cloud', 'Control this session through bortex.site relay'],
   ['/rc', 'Toggle Remote Control'],
+  ['/mcp list', 'List configured MCP servers'],
+  ['/mcp add <name> -- <cmd>', 'Add a stdio MCP server'],
+  ['/skills list', 'List custom skills and slash commands'],
+  ['/skills new <name>', 'Create a project skill'],
+  ['/plugins list', 'List installed plugins'],
+  ['/plugins init <name>', 'Create a project plugin'],
+  ['/permissions show', 'Show active permission profile'],
+  ['/browser setup', 'Configure Playwright MCP browser automation'],
+  ['/hooks list', 'List lifecycle hooks'],
+  ['/hooks init', 'Create project hooks.json'],
+  ['/subagents list', 'List available subagents'],
+  ['/subagents run <goal>', 'Run a multi-agent analysis'],
+  ['/transcript path', 'Show current transcript path'],
+  ['/transcript export', 'Export current transcript as JSON'],
+  ['/resume last', 'Load the latest transcript context'],
+  ['/fork <name>', 'Create an isolated git worktree'],
+  ['/github-action init', 'Create GitHub @bortex workflow'],
   ['/llm-config show', 'Show cached LLM configuration'],
   ['/llm-config sync', 'Sync LLM configuration from Bortex'],
   ['/pwd', 'Show current working directory'],
@@ -7683,10 +9732,10 @@ const SLASH_COMMANDS = [
   ['/exit', 'Exit']
 ];
 
-function getSlashCompletions(line = '') {
+function getSlashCompletions(line = '', opts = {}) {
   const prefix = String(line || '').trim();
   if (!prefix.startsWith('/')) return [];
-  return SLASH_COMMANDS
+  return getAllSlashCommandRows(opts)
     .map(([command]) => command)
     .filter((command) => command.startsWith(prefix));
 }
@@ -7696,7 +9745,8 @@ function printSlashMenu(rl, opts) {
   const prompt = opts._currentPrompt || `bortex:${opts.agent ? 'agent' : 'chat'}> `;
   const line = String(rl.line || '');
   const query = line.startsWith('/') ? line : '/';
-  const rows = SLASH_COMMANDS
+  const allRows = getAllSlashCommandRows(opts);
+  const rows = allRows
     .filter(([command]) => command.startsWith(query) || query === '/')
     .slice(0, 12);
 
@@ -7705,7 +9755,7 @@ function printSlashMenu(rl, opts) {
   rows.forEach(([command, description]) => {
     console.log(`  ${command.padEnd(28)} ${description}`);
   });
-  if (SLASH_COMMANDS.length > rows.length) {
+  if (allRows.length > rows.length) {
     console.log(`  ${'...'.padEnd(28)} Keep typing to narrow results`);
   }
   process.stdout.write('\n');
@@ -7780,23 +9830,40 @@ function printWelcomeCard(opts) {
 }
 
 async function runSinglePrompt(opts) {
-  if (String(opts.prompt || '').trim().startsWith('/')) {
-    const localResult = await handleLocalCommand(opts, opts.prompt);
-    if (localResult.handled) return;
+  const rawPrompt = String(opts.prompt || '').trim();
+  appendTranscriptEvent(opts, 'user', { text: rawPrompt, singlePrompt: true });
+  const submitHook = await runBortexHooks(opts, 'UserPromptSubmit', { prompt: rawPrompt }, { decision: true });
+  if (submitHook.denied) {
+    console.log(`Prompt denied by hook: ${submitHook.reason}`);
+    return;
+  }
+  if (rawPrompt.startsWith('/')) {
+    const localResult = await handleLocalCommand(opts, rawPrompt);
+    if (localResult.handled) {
+      appendTranscriptEvent(opts, 'tool', { command: rawPrompt, data: localResult.data || null });
+      return;
+    }
+  }
+  const naturalFileAction = await runNaturalLocalFileAction(opts, rawPrompt);
+  if (naturalFileAction.handled) {
+    appendTranscriptEvent(opts, 'tool', { command: 'natural-file-action', prompt: rawPrompt, data: naturalFileAction.data || null });
+    return;
   }
-  const naturalFileAction = await runNaturalLocalFileAction(opts, opts.prompt);
-  if (naturalFileAction.handled) return;
-  const localIntent = classifyLocalPromptIntent(opts.prompt);
+  const localIntent = classifyLocalPromptIntent(rawPrompt);
   if (localIntent?.command) {
     const localResult = await handleLocalCommand(opts, localIntent.command);
-    if (localResult.handled) return;
+    if (localResult.handled) {
+      appendTranscriptEvent(opts, 'tool', { command: localIntent.command, data: localResult.data || null });
+      return;
+    }
   }
   if (opts.offline) {
     console.error('Modalita --offline: usa REPL interattiva e comandi locali (/help).');
     process.exit(1);
   }
-  const data = await askServer(opts, opts.prompt);
+  const data = await askServer(opts, maybeAugmentPromptWithResumeContext(opts, rawPrompt));
   printResponse(opts, data);
+  appendTranscriptEvent(opts, 'assistant', { text: data?.message || JSON.stringify(data || {}) });
 }
 
 async function runRepl(opts) {
@@ -7818,8 +9885,8 @@ async function runRepl(opts) {
     terminal: true,
     completer: (line) => {
       if (!String(line || '').startsWith('/')) return [[], line];
-      const hits = getSlashCompletions(line);
-      return [hits.length ? hits : SLASH_COMMANDS.map(([command]) => command), line];
+      const hits = getSlashCompletions(line, opts);
+      return [hits.length ? hits : getAllSlashCommandRows(opts).map(([command]) => command), line];
     }
   });
   const uninstallSlashMenu = installSlashMenu(rl, opts);
@@ -7858,6 +9925,13 @@ async function runRepl(opts) {
   while (true) {
     const line = (await question()).trim();
     if (!line) continue;
+    appendTranscriptEvent(opts, 'user', { text: line });
+    const submitHook = await runBortexHooks(opts, 'UserPromptSubmit', { prompt: line }, { decision: true });
+    if (submitHook.denied) {
+      console.log(`Prompt denied by hook: ${submitHook.reason}`);
+      appendTranscriptEvent(opts, 'hook-deny', { event: 'UserPromptSubmit', reason: submitHook.reason });
+      continue;
+    }
     pushCliHistory(opts, line);
     try { saveCliWorkspaceState(opts); } catch (_err) { }
     if (line === '/exit' || line === '/quit') break;
@@ -7883,26 +9957,38 @@ async function runRepl(opts) {
     }
     try {
       const localResult = await handleLocalCommand(opts, line);
-      if (localResult.handled) continue;
+      if (localResult.handled) {
+        appendTranscriptEvent(opts, 'tool', { command: line, data: localResult.data || null });
+        continue;
+      }
     } catch (err) {
       console.error(`Local tool error: ${err.message}`);
+      appendTranscriptEvent(opts, 'tool-error', { command: line, error: err.message });
       continue;
     }
     const localIntent = classifyLocalPromptIntent(line);
     if (localIntent?.command) {
       try {
         const localResult = await handleLocalCommand(opts, localIntent.command);
-        if (localResult.handled) continue;
+        if (localResult.handled) {
+          appendTranscriptEvent(opts, 'tool', { command: localIntent.command, sourcePrompt: line, data: localResult.data || null });
+          continue;
+        }
       } catch (err) {
         console.error(`Local tool error: ${err.message}`);
+        appendTranscriptEvent(opts, 'tool-error', { command: localIntent.command, sourcePrompt: line, error: err.message });
         continue;
       }
     }
     try {
       const naturalFileAction = await runNaturalLocalFileAction(opts, line);
-      if (naturalFileAction.handled) continue;
+      if (naturalFileAction.handled) {
+        appendTranscriptEvent(opts, 'tool', { command: 'natural-file-action', prompt: line, data: naturalFileAction.data || null });
+        continue;
+      }
     } catch (err) {
       console.error(`Local tool error: ${err.message}`);
+      appendTranscriptEvent(opts, 'tool-error', { command: 'natural-file-action', prompt: line, error: err.message });
       continue;
     }
     if (opts.offline) {
@@ -7910,10 +9996,12 @@ async function runRepl(opts) {
       continue;
     }
     try {
-      const data = await askServer(opts, line);
+      const data = await askServer(opts, maybeAugmentPromptWithResumeContext(opts, line));
       printResponse(opts, data);
+      appendTranscriptEvent(opts, 'assistant', { text: data?.message || JSON.stringify(data || {}) });
     } catch (err) {
       console.error(err.message);
+      appendTranscriptEvent(opts, 'assistant-error', { prompt: line, error: err.message });
     }
   }
 
@@ -7975,6 +10063,10 @@ async function main() {
     opts.sessionReused = false;
   }
 
+  if (opts.resume) {
+    await prepareResumeContext(opts);
+  }
+
   if (opts.remoteControlServerMode) {
     let remoteState = null;
     if (opts.remoteControlCloud) {
@@ -8020,6 +10112,11 @@ async function main() {
     return;
   }
 
+  if (opts.execMode) {
+    await runExecMode(opts);
+    return;
+  }
+
   if (opts.prompt) {
     await runSinglePrompt(opts);
     return;
@@ -8049,6 +10146,24 @@ if (require.main === module) {
     isRiskyStructuredToolCall,
     diffCliToolReports,
     extractResumableCallsFromReportPayload,
-    detectGitRepoOperationState
+    detectGitRepoOperationState,
+    loadCustomSlashCommands,
+    getAllSlashCommandRows,
+    loadMcpConfig,
+    getMergedMcpServers,
+    resolveMcpServer,
+    runMcpRequest,
+    appendTranscriptEvent,
+    listTranscriptFiles,
+    findTranscriptByRef,
+    summarizeTranscriptForResume,
+    loadHookEntries,
+    annotateHookTrust,
+    discoverPlugins,
+    getEffectivePermissionProfile,
+    checkLocalPermission,
+    responseToFinalText,
+    getAllSubagents,
+    redactSensitiveText
   };
 }