bridge-agent 0.2.11 → 0.2.13

package/dist/ws/client.js

@@ -0,0 +1,989 @@
+import WebSocket from 'ws';
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+import { spawnSync } from 'node:child_process';
+import { createHash } from 'node:crypto';
+import { mkWorkspaceId, mkProjectId, mkAgentId } from '../shared/types.js';
+import { detectAgents, AGENT_SPECS } from '../pty/agents.js';
+import { loadConfig, loadProjectSettings } from '../config.js';
+import { startClaudeUsageWatcher } from '../pty/claude-usage.js';
+import { startClaudeQuotaWatcher } from '../pty/claude-quota.js';
+import { startMetricsRelay } from '../metrics.js';
+import { isSpawnHelperHealthy } from '../pty/spawn-helper-health.js';
+// agentId → cleanup function for Claude usage watchers
+const usageWatchers = new Map();
+// Track `posix_spawnp failed` occurrences across agentKeys for SPAWN_HELPER_BROKEN detection
+const spawnFailureWindow = [];
+function recordPosixSpawnpFailure(agentKey) {
+    const now = Date.now();
+    const cutoff = now - 30_000;
+    while (spawnFailureWindow.length && spawnFailureWindow[0].ts < cutoff) {
+        spawnFailureWindow.shift();
+    }
+    spawnFailureWindow.push({ agentKey, ts: now });
+    const distinctKeys = new Set(spawnFailureWindow.map(f => f.agentKey));
+    return distinctKeys.size >= 2;
+}
+// TUI agents that treat \n as soft newline (multi-line mode) and \r as submit.
+// Strip any trailing \r/\n first to avoid a double-submit on the last line.
+// Applies to: Claude Code, Qwen CLI, Kimi.
+const appendCR = (text) => text.replace(/[\r\n]+$/, '') + '\r';
+// Global quota watcher — runs once, shared across all Claude panels
+let latestQuota = null;
+const stopQuotaWatcher = startClaudeQuotaWatcher(info => { latestQuota = info; });
+const KEEPALIVE_MS = 30_000;
+const EARLY_EXIT_MS = 5000;
+const OUTPUT_SNIPPET_MAX = 400;
+function stripAnsi(text) {
+    return text.replace(/\x1b\[[0-9;?]*[A-Za-z]/g, '');
+}
+function clip(text, max = OUTPUT_SNIPPET_MAX) {
+    return text.length <= max ? text : `${text.slice(0, max)}...`;
+}
+/** Derive HTTP base URL from the WebSocket server URL stored in config. */
+function deriveServerUrl(wsUrl) {
+    return wsUrl
+        .replace(/^wss?:/, m => (m === 'wss:' ? 'https:' : 'http:'))
+        .replace(/\/ws(\/.*)?$/, '');
+}
+/** Resolve the bridge-mcp binary path from the daemon's real location. */
+function resolveMcpBin() {
+    // process.argv[1] gives the daemon script path; realpathSync resolves symlinks.
+    const daemonReal = fs.realpathSync(process.argv[1] ?? '');
+    const daemonDir = path.dirname(daemonReal);
+    const candidates = [
+        path.resolve(daemonDir, '../../mcp-server/dist/index.cjs'), // monorepo: packages/mcp-server
+        path.resolve(daemonDir, 'bridge-mcp.cjs'), // prod bundle: same dist dir
+        path.resolve(process.cwd(), 'node_modules/.bin/bridge-mcp'), // installed in cwd
+    ];
+    return candidates.find(p => fs.existsSync(p)) ?? 'bridge-mcp';
+}
+/**
+ * Write a temp MCP config file and return --mcp-config args for Claude Code.
+ * Uses claude's --mcp-config flag which is reliable regardless of project root detection.
+ *
+ * When BRIDGE_MCP_URL is set (production), writes an HTTP MCP transport config.
+ * Otherwise falls back to stdio transport (monorepo dev).
+ */
+function buildMcpConfigArgs(ctx) {
+    try {
+        const bridgeMcpUrl = process.env['BRIDGE_MCP_URL'];
+        const config = bridgeMcpUrl
+            ? {
+                mcpServers: {
+                    bridge: {
+                        type: 'http',
+                        url: `${bridgeMcpUrl}/mcp/${ctx.workspaceId}/${ctx.projectId}`,
+                        headers: {
+                            Authorization: `Bearer ${ctx.token}`,
+                            'x-panel-id': ctx.agentId ?? '',
+                        },
+                    },
+                },
+            }
+            : {
+                mcpServers: {
+                    bridge: {
+                        command: resolveMcpBin(),
+                        args: [],
+                        env: {
+                            BRIDGE_SERVER_URL: ctx.serverUrl,
+                            BRIDGE_TOKEN: ctx.token,
+                            BRIDGE_WORKSPACE_ID: ctx.workspaceId,
+                            BRIDGE_PROJECT_ID: ctx.projectId,
+                            BRIDGE_PANEL_ID: ctx.agentId ?? '',
+                            HTTP_MODE: 'false',
+                        },
+                    },
+                },
+            };
+        const tmpPath = path.join(os.tmpdir(), `bridge-mcp-${ctx.agentId ?? ctx.projectId}.json`);
+        fs.writeFileSync(tmpPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+        console.log('[daemon] mcp.config.written', { tmpPath, transport: bridgeMcpUrl ? 'http' : 'stdio' });
+        return ['--mcp-config', tmpPath];
+    }
+    catch (err) {
+        console.warn('[daemon] mcp.config.build.failed', { error: String(err) });
+        return [];
+    }
+}
+// ── Bridge tool registry ─────────────────────────────────────────────────────
+// Single source of truth for all bridge_* MCP tool descriptions.
+// Add new tools here — role prompts compose from this map.
+// `as const` — keyof yields the exact literal union, not `string`.
+// toolRef('bridge_typo') is a compile-time error.
+const BRIDGE_TOOL_DOCS = {
+    // Project / plan
+    bridge_get_project: 'Project metadata: name, cwd, machineId',
+    bridge_get_plan: 'Read project spec/description',
+    bridge_update_plan: 'Update project spec/description',
+    bridge_get_project_history: 'Past run history and failure patterns',
+    bridge_get_execution_status: 'Run history with todo completion counts',
+    // Todos
+    bridge_get_todos: 'List todos + session state for this project',
+    bridge_add_todo: 'Create a new todo (title, todoType, dependsOn)',
+    bridge_update_todo: 'Update a todo title or status',
+    bridge_cancel_run: 'Cancel active run (use before restarting a stale plan)',
+    // Panel management
+    bridge_list_agents: 'All agents: role, status, inRun flag',
+    bridge_get_agent_status: 'Single agent status check',
+    bridge_spawn_worker: 'Spawn a new worker agent (agentKey, role)',
+    bridge_kill_agent: 'Terminate a stuck or dead agent',
+    bridge_get_agent_output: 'Read terminal output of any agent',
+    bridge_send_input: 'Send text input to an agent PTY',
+    // Worker task lifecycle
+    bridge_get_my_task: 'Get the task assigned to this agent',
+    bridge_complete_task: 'Signal task completion',
+    bridge_fail_task: 'Signal task failure with a specific reason',
+    bridge_get_todo_context: 'Read todo output/error for a specific todo',
+    bridge_assign_task: 'Assign a pending todo to a specific agent',
+};
+/** Inline footer: "Available MCP tools: bridge_x, bridge_y, ..." */
+function toolRef(...tools) {
+    return `\n\n**Available MCP tools:** ${tools.join(', ')}`;
+}
+/** Markdown table footer for orchestrator-style full reference */
+function toolTable(...tools) {
+    const rows = tools.map(t => `| \`${t}\` | ${BRIDGE_TOOL_DOCS[t]} |`).join('\n');
+    return `\n\n## Tool reference (only call tools listed here)\n\n| Tool | Purpose |\n|------|---------|
+${rows}`;
+}
+// ── Role system prompt injection ─────────────────────────────────────────────
+const ROLE_SYSTEM_PROMPTS = {
+    developer: `# Bridge Worker — Developer Role
+
+You are a **Developer** worker in a multi-agent orchestration system called Bridge.
+
+**Your responsibilities:**
+- Implement assigned tasks completely and correctly — no stubs, no TODOs
+- Work inside the project working directory
+- Run existing tests after changes and fix any failures
+- Read dependency outputs with \`bridge_get_todo_context\` before starting a task
+- Signal completion with \`bridge_complete_task\`, failure with \`bridge_fail_task\` + reason
+- After making changes, check the runner agent (role:'runner' in bridge_list_agents) for build errors: bridge_get_agent_output(runnerAgentId)
+- Trigger hot reload after file changes: bridge_send_input(runnerAgentId, "r")
+
+${toolRef('bridge_get_my_task', 'bridge_complete_task', 'bridge_fail_task', 'bridge_get_todo_context', 'bridge_get_todos', 'bridge_list_agents', 'bridge_get_agent_output', 'bridge_send_input')}`,
+    reviewer: `# Bridge Worker — Reviewer Role
+
+You are a **Quality-Obsessed Tech Lead** reviewing code changes in a multi-agent system called Bridge.
+Your identity: Agile, pragmatic, anti-fragile. You ship with confidence or you send it back.
+
+---
+
+## Workflow
+
+### Step 1 — Load context
+1. Call \`bridge_get_my_task\` — understand what this review covers
+2. Call \`bridge_get_todo_context\` on ALL dependency task IDs — read what the developer produced
+3. Read the actual changed files in the codebase (Glob, Grep, Read)
+
+### Step 2 — Pareto scan (do this first)
+Identify the 20% of changes that carry 80% of the risk:
+- New external interfaces (API endpoints, public functions, exports)
+- State mutations (DB writes, file I/O, global state)
+- Error handling paths and fallbacks
+- Auth, validation, and input boundaries
+Focus your deep review on these. Skim the rest.
+
+### Step 3 — Review lenses (apply all, in order)
+
+**Principles (KISS · DRY · SOLID · YAGNI)**
+- Is the solution simpler than it needs to be, or over-engineered?
+- Is logic duplicated that should be shared?
+- Are responsibilities clearly separated (single responsibility)?
+- Is anything implemented "for the future" with no current use?
+
+**Chaos Engineering lens**
+- What happens when a dependency (DB, API, file system) is unavailable?
+- What happens under partial failure — does the system leave inconsistent state?
+- Are retries safe? Is idempotency guaranteed for mutations?
+- Are resources (connections, file handles, timers) properly disposed on failure paths?
+
+**Safety & correctness**
+- Fail fast: are invalid states caught at entry points, not deep in logic?
+- Strict types: no implicit any, no unchecked casts, no dynamic keys without guards
+- Are all async paths awaited? Are race conditions possible?
+- Edge cases: empty input, null/undefined, zero, max values, concurrent calls
+
+**Security**
+- Assume all external input is malicious — is it sanitized before use?
+- SQL/command/template injection vectors?
+- Are secrets never logged or exposed in error messages?
+- Auth checks before data access, not after?
+
+**Observability**
+- Does every failure path emit a structured log with enough context to debug?
+- Are errors surfaced to the caller or silently swallowed?
+- Is there a way to trace what happened without a debugger?
+
+### Step 4 — Follow the dependency chain
+- Pull the output of each dependency todo via \`bridge_get_todo_context\`
+- Verify the developer actually used the context from prior tasks correctly
+- Check that interfaces between tasks are consistent (types match, contracts hold)
+
+### Step 5 — Compile & runtime check
+Detect the stack and run the appropriate compile/typecheck/lint/test commands.
+Do NOT approve if any check fails. Do NOT skip this step.
+If a runner agent exists (bridge_list_agents → role:'runner'), call bridge_get_agent_output to verify the app still builds and runs after changes.
+
+### Step 6 — Verdict
+
+**Approve** (\`bridge_complete_task\`) only when:
+- All lenses pass or issues are trivial cosmetic nits
+- Compile check is clean
+
+**Reject** (\`bridge_fail_task\`) with a specific, actionable message:
+- Quote the file + line number
+- State what is wrong and why
+- State the approach to fix it — not the exact code, but the direction (e.g. "validate before accessing, not after" not "write this exact line")
+- Do NOT reject for style preferences — only for correctness, safety, resilience, or security issues
+
+**Retry limit:** If the same issue persists after 2 retries, approve with a documented caveat in your completion message rather than blocking indefinitely.
+
+---
+
+## Rules
+- Never fix the code yourself — only review and report
+- One \`bridge_fail_task\` per review cycle — consolidate all issues into a single message
+- If unsure whether something is a bug or intentional design: flag it as a question, don't reject
+
+${toolRef('bridge_get_my_task', 'bridge_complete_task', 'bridge_fail_task', 'bridge_get_todo_context', 'bridge_get_todos', 'bridge_list_agents', 'bridge_get_agent_output')}`,
+    planner: `# Bridge Worker — Planner Role
+
+You are a **Planner** in Bridge. Your job: understand the project, listen to the user, then create a well-structured and verified execution plan.
+
+---
+
+## Workflow
+
+### Phase 1 — Load context
+Call all three tools (can be parallel):
+1. \`bridge_get_plan\` — project spec and goals
+2. \`bridge_get_project_history\` — past runs, successes, failures
+3. \`bridge_get_todos\` — currently open todos
+
+Then ask the user what they want to work on. Wait for their answer.
+
+### Phase 1.5 — Ambiguity check (after user responds, before planning)
+
+Evaluate the user's task against these criteria:
+
+**CLEAR — skip to Phase 2 immediately if ALL of these hold:**
+- A specific component, file, endpoint, or UI element is named
+- The outcome is observable (passes tests, renders on page, endpoint returns X)
+- No vague scope verbs without a target: "improve", "refactor", "optimize", "clean up"
+
+**AMBIGUOUS — ask ONE targeted question if any of these apply:**
+- Multiple layers could be the target (server vs daemon vs web UI)
+- Success criteria are unclear (what does "faster" or "better" mean here?)
+- A named tool/library is requested but its scope is open (e.g. "add Sentry" — errors only? performance? which layer?)
+
+**How to ask (if needed):**
+- Forced-choice format: "Are we targeting (a) [X] or (b) [Y]?"
+- Include concrete options drawn from the project context you just loaded
+- Do NOT ask: "What exactly do you mean?" — too open, wastes a turn
+- Do NOT ask multiple questions at once
+
+**After the user's ONE clarifying response:**
+- Proceed to Phase 2 immediately — no more questions
+- If still unclear, state your assumption explicitly: "I'll proceed assuming [X]. Let me know if that's wrong."
+
+### Phase 2 — Plan & create todos (triggered after user specifies the task)
+
+**Step A — False positive check (MANDATORY)**
+For any feature or area the user mentions that appears "completed" in history:
+- Search the codebase (Glob, Grep, Read) to confirm it actually exists in code
+- If "completed" but missing from code → it needs a new todo, note the discrepancy
+- If a pending todo is already fully implemented → close it: \`bridge_complete_task\` with that todo's ID
+Past runs can lie. Always verify before trusting history.
+
+**Step B — Gap analysis (MANDATORY)**
+For the scope the user requested, compare plan goals vs verified-done vs open todos:
+- ✅ Done (verified in Step A)
+- 🔄 In progress (open todos)
+- ❌ Missing (in plan, no todo, not implemented)
+Show this to the user before creating anything.
+
+**Step C — Confirm scope**
+Based on the gap analysis, confirm with the user exactly what to create todos for.
+Do NOT create todos before this confirmation.
+
+**Step D — Create todos**
+For each subtask (3–10 todos):
+- Call \`bridge_add_todo\` with: title, description, todoType, dependsOn
+- **Do not set estimatedAgent** — it is set automatically from todoType (\`infra\` → \`sh\`, others → \`claude\`)
+- **todoType determines who does the work:**
+  - \`implementation\` → developer worker
+  - \`review\`         → reviewer worker (validation, QA, sign-off)
+  - \`infra\`          → infra/shell worker (migrations, scripts, CI)
+  - \`planning\`       → meta tasks (specs, design decisions)
+- **description**: include relevant file paths, expected inputs/outputs, what the worker needs from prior todos — workers only see title + description
+- **dependsOn**: set when a task needs a prior task's output; omit for parallel tasks
+
+**Step E — Dependency chain validation (MANDATORY)**
+After all todos are created:
+- Identify all leaf todos (nothing else depends on them)
+- Every leaf must be covered by a \`review\` todo that depends on it
+- If any leaf is uncovered → add a review todo now
+- Verify: no circular dependencies, no orphaned chains
+
+**Step F — Final summary**
+Show the complete todo list with types and dependency chain. Then stop.
+
+---
+
+## Rules
+- Never implement anything yourself
+- You MAY read the codebase during Steps A–B — this is required, not optional
+- To close a stale open todo that's already done: \`bridge_complete_task\` with its ID
+- Todo titles must be specific: name the files, endpoints, components — no vague verbs
+
+${toolRef('bridge_get_plan', 'bridge_get_project_history', 'bridge_get_todos', 'bridge_add_todo', 'bridge_complete_task', 'bridge_fail_task')}`,
+    executor: `# Bridge Worker — Executor Role
+
+You are an **Executor** worker in a multi-agent orchestration system called Bridge.
+
+**Your responsibilities:**
+- Run the specified commands, scripts, or CLI tools exactly as described in the task
+- Use \`bridge_get_todo_context\` to fetch artefacts from dependencies (file paths, config, etc.)
+- Capture and report all relevant output
+- Call \`bridge_complete_task\` on success, \`bridge_fail_task\` with error details on failure
+
+${toolRef('bridge_get_my_task', 'bridge_complete_task', 'bridge_fail_task', 'bridge_get_todo_context', 'bridge_list_agents', 'bridge_get_agent_output', 'bridge_send_input')}`,
+    shell: `# Bridge Worker — Shell Role
+
+You are a **Shell** worker in a multi-agent orchestration system called Bridge.
+
+**Your responsibilities:**
+- Execute shell commands given in each task title directly and faithfully
+- Do not modify, interpret, or add to the command unless it clearly contains a typo
+- Call \`bridge_complete_task\` when the command exits cleanly
+- Call \`bridge_fail_task\` with the error output if the command fails
+
+${toolRef('bridge_get_my_task', 'bridge_complete_task', 'bridge_fail_task')}`,
+    orchestrator: `# Bridge Orchestrator
+
+You are a **Bridge Orchestrator**. Your sole purpose is to decompose specs into todos, delegate them to worker agents, and report results. Nothing else.
+
+---
+
+## Identity constraints (absolute)
+
+- Do NOT answer questions, browse files, run bash, or use mem0
+- Do NOT call any tool not listed in the tool reference below — if a tool isn't listed, it does not exist
+- Do NOT ask "should I start?" / "shall I proceed?" — if you have work and workers, act
+- If a user asks you to do something outside orchestration, respond: "I'm an orchestrator. Give me a task spec and I'll delegate it to workers."
+
+**Your own agent ID: \`{{PANEL_ID}}\`**
+Never call \`bridge_kill_agent\` with this ID — killing yourself terminates the orchestration session.
+
+---
+
+## Workflow
+
+### Step 1 — Orient
+Call these in parallel:
+- \`bridge_get_project\` — project name, cwd, machineId
+- \`bridge_get_todos\` — open todos and current session state
+- \`bridge_list_agents\` — worker availability (role, status, inRun)
+
+**Decision after Step 1:**
+- If todos exist AND idle workers available → go directly to Step 4 (assign now, no re-planning)
+- If todos exist but no workers → go to Step 4 (spawn first)
+- If no todos exist → go to Step 2
+- If session is stale or wrong → call \`bridge_cancel_run\`, then go to Step 2
+
+### Step 2 — Clarify (if needed)
+If the spec is genuinely ambiguous, ask ONE question. Otherwise skip.
+
+### Step 3 — Plan
+Create 3–10 todos with \`bridge_add_todo\`:
+- \`todoType\`: \`implementation\` → developer, \`review\` → reviewer, \`infra\` → shell/executor
+- \`dependsOn\`: list todo IDs that must complete first
+- Every implementation block must have a \`review\` todo depending on it
+- Descriptions: include file paths, expected inputs/outputs, relevant context
+
+Verify plan with \`bridge_get_todos\` before proceeding.
+
+### Step 4 — Spawn workers if needed
+\`bridge_list_agents\` — check for idle agents first (previous sessions may have them).
+Missing a required role → \`bridge_spawn_worker\` (role: developer, reviewer, shell, executor).
+
+### Step 5 — Assign initial work
+For each idle agent matching a needed role:
+- Get the todo ID from \`bridge_list_agents\` (assignedTodo field shows what's already running)
+- \`bridge_assign_task\` — pin the todo to the agent (\`inRun:false\` agents are valid targets)
+- Server dispatches remaining todos automatically as workers complete — you do NOT need to manually assign every todo
+
+After assigning, call \`bridge_get_execution_status\` and report current progress to the user:
+- How many todos are running / done / total
+- Which workers are active
+
+Then go idle. The server handles dispatch automatically.
+
+### Step 6 — Monitor (only when user explicitly requests it)
+
+**Default behavior: stop after Step 5 and go idle.**
+
+Only enter this step if the user explicitly asks to "monitor", "watch this", "drive to completion", or similar.
+
+**Bounded monitoring loop — maximum 5 poll iterations:**
+
+Each iteration:
+1. \`bridge_get_execution_status\`
+   - run status = \`completed\` → DONE: go to Step 7
+   - run status = \`circuit_broken\` → all retries exhausted: go to Step 7 with failure summary
+   - done = total → DONE: go to Step 7
+2. \`bridge_list_agents\`
+   - Any agent \`status: busy\` → work in progress, continue to next iteration
+   - **ALL agents idle + done < total = DEADLOCK:**
+     - \`bridge_get_agent_output\` on recently-idle agents to diagnose
+     - Missing a required role? → \`bridge_spawn_worker\` **once** (do NOT spawn repeatedly)
+     - Report to user: what is stuck and why. Exit loop.
+3. Continue to next iteration (max 5 total)
+
+After 5 iterations: report current \`bridge_get_execution_status\` snapshot and go idle. Tell the user to re-engage you for another status check.
+
+**Hard limits in monitoring mode:**
+- Max 5 poll iterations — never exceed this
+- Max 1 \`bridge_spawn_worker\` call per deadlock — never spawn repeatedly
+- If \`bridge_get_execution_status\` returns an error → exit loop, report to user
+
+### Step 7 — Wrap up
+Summarize: todos completed, failed, any blockers. List what workers did.
+
+---
+
+${toolTable('bridge_get_project', 'bridge_get_plan', 'bridge_get_todos', 'bridge_add_todo', 'bridge_cancel_run', 'bridge_get_project_history', 'bridge_get_execution_status', 'bridge_list_agents', 'bridge_get_agent_status', 'bridge_spawn_worker', 'bridge_assign_task', 'bridge_get_todo_context', 'bridge_get_agent_output', 'bridge_kill_agent')}`,
+};
+/**
+ * Write a per-agent role system prompt file to tmp and return
+ * --append-system-prompt-file args for Claude, or
+ * --append-system-prompt args for Qwen.
+ * Returns [] if no role or agent doesn't support it.
+ */
+function buildRolePromptArgs(agentKey, role, agentId) {
+    if (!role)
+        return [];
+    const content = ROLE_SYSTEM_PROMPTS[role];
+    if (!content)
+        return [];
+    if (agentKey === 'claude') {
+        try {
+            const tmpPath = path.join(os.tmpdir(), `bridge-role-${agentId}.md`);
+            const resolved = content.replaceAll('{{PANEL_ID}}', agentId);
+            fs.writeFileSync(tmpPath, resolved + '\n', 'utf-8');
+            console.log('[daemon] role.prompt.written', { agentId, role, tmpPath });
+            return ['--append-system-prompt-file', tmpPath];
+        }
+        catch (err) {
+            console.warn('[daemon] role.prompt.write.failed', { agentId, role, error: String(err) });
+            return [];
+        }
+    }
+    if (agentKey === 'qwen') {
+        // Qwen supports --append-system-prompt as a CLI flag
+        return ['--append-system-prompt', content];
+    }
+    // Kimi does not support --system-prompt-file flag
+    // Role prompts are not supported for Kimi at this time
+    return [];
+}
+function toTomlString(v) {
+    return `"${v.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
+}
+function buildKimiMcpConfigArgs(ctx) {
+    try {
+        const bridgeMcpUrl = process.env['BRIDGE_MCP_URL'];
+        const config = bridgeMcpUrl
+            ? {
+                mcpServers: {
+                    bridge: {
+                        type: 'http',
+                        url: `${bridgeMcpUrl}/mcp/${ctx.workspaceId}/${ctx.projectId}`,
+                        headers: {
+                            Authorization: `Bearer ${ctx.token}`,
+                            'x-panel-id': ctx.agentId ?? '',
+                        },
+                    },
+                },
+            }
+            : {
+                mcpServers: {
+                    bridge: {
+                        command: resolveMcpBin(),
+                        args: [],
+                        env: {
+                            BRIDGE_SERVER_URL: ctx.serverUrl,
+                            BRIDGE_TOKEN: ctx.token,
+                            BRIDGE_WORKSPACE_ID: ctx.workspaceId,
+                            BRIDGE_PROJECT_ID: ctx.projectId,
+                            BRIDGE_PANEL_ID: ctx.agentId ?? '',
+                            HTTP_MODE: 'false',
+                        },
+                    },
+                },
+            };
+        const tmpPath = path.join(os.tmpdir(), `bridge-mcp-kimi-${ctx.agentId ?? ctx.projectId}.json`);
+        fs.writeFileSync(tmpPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+        console.log('[daemon] kimi.mcp.config.written', { tmpPath, transport: bridgeMcpUrl ? 'http' : 'stdio' });
+        return ['--mcp-config-file', tmpPath];
+    }
+    catch (err) {
+        console.warn('[daemon] kimi.mcp.config.build.failed', { error: String(err) });
+        return [];
+    }
+}
+function buildCodexMcpConfigArgs(ctx) {
+    try {
+        const mcpBin = resolveMcpBin();
+        const envInline = `{BRIDGE_SERVER_URL=${toTomlString(ctx.serverUrl)},BRIDGE_TOKEN=${toTomlString(ctx.token)},BRIDGE_WORKSPACE_ID=${toTomlString(ctx.workspaceId)},BRIDGE_PROJECT_ID=${toTomlString(ctx.projectId)},HTTP_MODE="false"}`;
+        return [
+            '-c', 'mcp_servers.bridge.transport="stdio"',
+            '-c', `mcp_servers.bridge.command=${toTomlString(mcpBin)}`,
+            '-c', 'mcp_servers.bridge.args=[]',
+            '-c', `mcp_servers.bridge.env=${envInline}`,
+        ];
+    }
+    catch (err) {
+        console.warn('[daemon] codex.mcp.config.build.failed', { error: String(err) });
+        return [];
+    }
+}
+function ensureQwenProjectMcp(ctx) {
+    try {
+        if (!ctx.cwd) {
+            console.warn('[daemon] qwen.mcp.setup.skipped', { reason: 'missing_cwd', projectId: ctx.projectId });
+            return false;
+        }
+        const mcpBin = resolveMcpBin();
+        const common = {
+            cwd: ctx.cwd,
+            encoding: 'utf-8',
+            timeout: 5000,
+            stdio: 'pipe',
+        };
+        // Idempotent reset to avoid stale env from prior projects.
+        spawnSync('qwen', ['mcp', 'remove', '--scope', 'project', 'bridge'], common);
+        const add = spawnSync('qwen', [
+            'mcp', 'add', '--scope', 'project',
+            '-t', 'stdio',
+            '-e', `BRIDGE_SERVER_URL=${ctx.serverUrl}`,
+            '-e', `BRIDGE_TOKEN=${ctx.token}`,
+            '-e', `BRIDGE_WORKSPACE_ID=${ctx.workspaceId}`,
+            '-e', `BRIDGE_PROJECT_ID=${ctx.projectId}`,
+            '-e', `BRIDGE_PANEL_ID=${ctx.agentId ?? ''}`,
+            '-e', 'HTTP_MODE=false',
+            'bridge', mcpBin,
+        ], common);
+        if (add.status === 0) {
+            console.log('[daemon] qwen.mcp.setup.ok', { cwd: ctx.cwd, projectId: ctx.projectId });
+            return true;
+        }
+        console.warn('[daemon] qwen.mcp.setup.failed', {
+            cwd: ctx.cwd,
+            projectId: ctx.projectId,
+            status: add.status,
+            stderr: (add.stderr ?? '').toString().slice(0, 300),
+        });
+        return false;
+    }
+    catch (err) {
+        console.warn('[daemon] qwen.mcp.setup.error', { error: String(err), projectId: ctx.projectId });
+        return false;
+    }
+}
+let cachedAgents = [];
+let _isConnected = false;
+let _started = false;
+export function isDaemonWsConnected() { return _isConnected; }
+export function startDaemonConnection(manager) {
+    if (_started)
+        throw new Error('[daemon] startDaemonConnection called twice — only one connection manager allowed');
+    _started = true;
+    const config = loadConfig();
+    const daemonId = createHash('sha256').update(config.token).digest('hex');
+    let ws = null;
+    let reconnectTimer = null;
+    let heartbeatTimer = null;
+    let consecutive1008 = 0; // exit only after 2 consecutive auth failures — avoids transient proxy 1008s
+    function connect() {
+        if (reconnectTimer) {
+            clearTimeout(reconnectTimer);
+            reconnectTimer = null;
+        }
+        ws = new WebSocket(config.server, {
+            headers: { Authorization: `Bearer ${config.token}` },
+        });
+        const currentWs = ws;
+        let stopMetrics = null;
+        currentWs.on('open', () => {
+            _isConnected = true;
+            console.log('[daemon] ws.connected', { server: config.server });
+            heartbeatTimer = setInterval(() => {
+                if (currentWs.readyState === WebSocket.OPEN)
+                    currentWs.ping();
+            }, KEEPALIVE_MS);
+            const spawnHelperBroken = !isSpawnHelperHealthy();
+            currentWs.send(JSON.stringify({ type: 'ready', version: '1.1', name: config.name, spawnHelperBroken }));
+            void detectAgents(config.agentPaths).then(list => {
+                cachedAgents = list;
+                if (currentWs.readyState === WebSocket.OPEN) {
+                    currentWs.send(JSON.stringify({ type: 'agents', list: cachedAgents }));
+                }
+            });
+            stopMetrics = startMetricsRelay((metrics) => {
+                if (currentWs.readyState === WebSocket.OPEN) {
+                    currentWs.send(JSON.stringify({ type: 'system_metrics', daemonId, ...metrics }));
+                }
+            });
+        });
+        currentWs.on('message', (raw) => {
+            let msg;
+            try {
+                msg = JSON.parse(raw.toString());
+            }
+            catch {
+                console.warn('[daemon] Invalid JSON from server, ignoring');
+                return;
+            }
+            handleMessage(msg, currentWs, manager, config);
+        });
+        currentWs.on('close', (code) => {
+            _isConnected = false;
+            if (heartbeatTimer) {
+                clearInterval(heartbeatTimer);
+                heartbeatTimer = null;
+            }
+            stopMetrics?.();
+            stopMetrics = null;
+            if (code === 1008) {
+                consecutive1008++;
+                if (consecutive1008 >= 2) {
+                    console.error('[daemon] ws.auth_failed — token invalid or expired (2 consecutive rejections), stopping. Re-run: bridge-agent auth');
+                    process.exit(1);
+                }
+                console.warn('[daemon] ws.auth_rejected — transient 1008, will retry once', { attempt: consecutive1008 });
+            }
+            else {
+                consecutive1008 = 0;
+            }
+            if (reconnectTimer)
+                return;
+            console.log('[daemon] ws.reconnecting', { attempt: 1 });
+            reconnectTimer = setTimeout(connect, 3000);
+        });
+        currentWs.on('error', (err) => {
+            console.error('[daemon] ws.error', { message: err.message });
+        });
+    }
+    function cleanShutdown() {
+        if (heartbeatTimer) {
+            clearInterval(heartbeatTimer);
+            heartbeatTimer = null;
+        }
+        stopQuotaWatcher();
+        for (const stop of usageWatchers.values())
+            stop();
+        manager.killAll();
+        ws?.close();
+    }
+    process.on('SIGINT', () => { cleanShutdown(); process.exit(0); });
+    process.on('SIGTERM', () => { cleanShutdown(); process.exit(0); });
+    process.on('SIGHUP', () => { cleanShutdown(); process.exit(0); });
+    process.on('uncaughtException', (err) => {
+        console.error('[daemon] uncaughtException', { error: err.message });
+        manager.killAll();
+        process.exit(1);
+    });
+    connect();
+}
+function handleMessage(msg, ws, manager, config) {
+    switch (msg.type) {
+        case 'spawn': {
+            console.log('[daemon] pty.spawn.start', { agentId: msg.agentId, agentKey: msg.agentKey, sessionId: msg.sessionId, projectId: msg.projectId, workspaceId: msg.workspaceId, role: msg.role });
+            const agent = cachedAgents.find(a => a.key === msg.agentKey);
+            if (!agent) {
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({
+                        type: 'error',
+                        code: 'AGENT_NOT_FOUND',
+                        message: `Agent '${msg.agentKey}' is not installed on this machine`,
+                    }));
+                }
+                return;
+            }
+            const spec = AGENT_SPECS.find(s => s.key === msg.agentKey);
+            let args = [];
+            let shouldResume = !!(msg.sessionId && spec?.resumeArgs);
+            if (shouldResume && msg.agentKey === 'claude') {
+                const sessionPath = path.join(os.homedir(), '.claude', 'sessions', msg.sessionId);
+                if (!fs.existsSync(sessionPath) && !fs.existsSync(sessionPath + '.json')) {
+                    console.warn('[daemon] claude resume cache missing — fresh spawning', { agentId: msg.agentId, sessionId: msg.sessionId });
+                    shouldResume = false;
+                }
+            }
+            if (shouldResume) {
+                // Resuming a specific session
+                args = spec.resumeArgs(msg.sessionId);
+                console.log('[daemon] pty.spawn.resume', { agentId: msg.agentId, sessionId: msg.sessionId });
+                // (Re)start usage watcher for resumed Claude session
+                if (msg.agentKey === 'claude') {
+                    usageWatchers.get(msg.agentId)?.();
+                    usageWatchers.set(msg.agentId, startClaudeUsageWatcher(msg.agentId, msg.sessionId, (agentId, usedPct, usedTokens) => {
+                        if (ws.readyState === WebSocket.OPEN) {
+                            ws.send(JSON.stringify({ type: 'panel_token_usage', agentId, usedPct, usedTokens, ...latestQuota }));
+                        }
+                    }));
+                }
+            }
+            else if (spec?.assignSessionId) {
+                // Fresh spawn for session-capable agent — assign stable UUID now
+                const newSessionId = crypto.randomUUID();
+                // Kimi uses --session (or -r) instead of --session-id
+                const sessionArg = msg.agentKey === 'kimi' ? '--session' : '--session-id';
+                args = [...(spec.spawnArgs ?? []), sessionArg, newSessionId];
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'session_started', agentId: msg.agentId, sessionId: newSessionId }));
+                    console.log('[daemon] session.assigned', { agentId: msg.agentId, sessionId: newSessionId });
+                }
+                // Start usage watcher for fresh Claude session
+                if (msg.agentKey === 'claude') {
+                    usageWatchers.get(msg.agentId)?.();
+                    usageWatchers.set(msg.agentId, startClaudeUsageWatcher(msg.agentId, newSessionId, (agentId, usedPct, usedTokens) => {
+                        if (ws.readyState === WebSocket.OPEN) {
+                            ws.send(JSON.stringify({ type: 'panel_token_usage', agentId, usedPct, usedTokens, ...latestQuota }));
+                        }
+                    }));
+                }
+            }
+            else {
+                // Non-session agent (e.g. sh) — still notify browser so panel transitions to 'running'
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'session_started', agentId: msg.agentId, sessionId: crypto.randomUUID() }));
+                }
+            }
+            // Build MCP spawn context if the spawn message includes project info
+            let spawnCtx;
+            let mcpConfigured = false;
+            let mcpTransport;
+            if (msg.projectId && msg.workspaceId) {
+                const serverUrl = deriveServerUrl(config.server);
+                const projectSettings = loadProjectSettings(msg.cwd);
+                spawnCtx = {
+                    serverUrl,
+                    token: config.token,
+                    workspaceId: mkWorkspaceId(msg.workspaceId),
+                    projectId: mkProjectId(msg.projectId),
+                    agentId: msg.agentId ? mkAgentId(msg.agentId) : undefined,
+                    cwd: msg.cwd,
+                    projectEnv: projectSettings.env,
+                };
+                // Agent-specific MCP wiring: different CLIs use different config surfaces.
+                if (msg.agentKey === 'claude') {
+                    const mcpArgs = buildMcpConfigArgs(spawnCtx);
+                    mcpConfigured = mcpArgs.length > 0;
+                    mcpTransport = process.env['BRIDGE_MCP_URL'] ? 'http' : 'stdio';
+                    args = [...args, ...mcpArgs];
+                }
+                else if (msg.agentKey === 'codex') {
+                    const codexArgs = buildCodexMcpConfigArgs(spawnCtx);
+                    mcpConfigured = codexArgs.length > 0;
+                    mcpTransport = 'stdio';
+                    args = [...args, ...codexArgs];
+                }
+                else if (msg.agentKey === 'qwen') {
+                    mcpConfigured = ensureQwenProjectMcp(spawnCtx);
+                    mcpTransport = mcpConfigured ? 'stdio' : undefined;
+                }
+                else if (msg.agentKey === 'kimi') {
+                    const kimiMcpArgs = buildKimiMcpConfigArgs(spawnCtx);
+                    mcpConfigured = kimiMcpArgs.length > 0;
+                    mcpTransport = process.env['BRIDGE_MCP_URL'] ? 'http' : 'stdio';
+                    args = [...args, ...kimiMcpArgs];
+                }
+                else {
+                    mcpConfigured = false;
+                    console.log('[daemon] mcp.config.skipped', { agentId: msg.agentId, agentKey: msg.agentKey, reason: 'unsupported_agent_path' });
+                }
+            }
+            // Inject role-specific system prompt regardless of MCP setup —
+            // role identity must work even without project context
+            const roleArgs = buildRolePromptArgs(msg.agentKey, msg.role, msg.agentId);
+            if (roleArgs.length > 0)
+                args = [...args, ...roleArgs];
+            const clampedCols = Math.max(1, Math.min(500, msg.cols));
+            const clampedRows = Math.max(1, Math.min(500, msg.rows));
+            const spawnStartedAt = Date.now();
+            let firstOutputSnippet = '';
+            let outputBytes = 0;
+            let codexOnboardingAcked = false;
+            let kimiRoleInjected = false; // Track if we've injected role prompt for Kimi
+            const ok = manager.spawn(msg.agentId, msg.agentKey, agent.binaryPath, args, clampedCols, clampedRows, (data) => {
+                outputBytes += data.length;
+                // Kimi: Check every chunk for TUI readiness (outside firstOutputSnippet block)
+                try {
+                    const decoded = Buffer.from(data, 'base64').toString('utf-8');
+                    if (msg.agentKey === 'kimi' &&
+                        msg.role &&
+                        !kimiRoleInjected &&
+                        (Date.now() - spawnStartedAt) < 30_000 &&
+                        (/yolo  agent/.test(decoded) || /●/.test(decoded) || /○/.test(decoded))) {
+                        kimiRoleInjected = true;
+                        const roleContent = ROLE_SYSTEM_PROMPTS[msg.role];
+                        if (roleContent) {
+                            const injectionText = roleContent.replaceAll('{{PANEL_ID}}', msg.agentId);
+                            const formatted = appendCR(injectionText);
+                            const base64data = Buffer.from(formatted).toString('base64');
+                            manager.write(msg.agentId, base64data, 'orchestrator');
+                            console.log('[daemon] kimi.role.injected', { agentId: msg.agentId, role: msg.role });
+                        }
+                    }
+                }
+                catch {
+                    // ignore
+                }
+                if (!firstOutputSnippet) {
+                    try {
+                        const decoded = Buffer.from(data, 'base64').toString('utf-8');
+                        const cleaned = stripAnsi(decoded).replace(/\x00/g, '').trim();
+                        if (cleaned)
+                            firstOutputSnippet = clip(cleaned);
+                        // Codex may block on a one-time onboarding yes/no prompt.
+                        // Auto-ack only for this specific startup banner pattern.
+                        if (msg.agentKey === 'codex' &&
+                            !codexOnboardingAcked &&
+                            (Date.now() - spawnStartedAt) < 20_000 &&
+                            /included in your plan for free|let[’']s build together/i.test(cleaned) &&
+                            /yes|no|\[y\/n\]|\(y\/n\)|y\/n/i.test(cleaned)) {
+                            codexOnboardingAcked = true;
+                            const yes = Buffer.from('y').toString('base64');
+                            manager.write(msg.agentId, yes, 'orchestrator');
+                            console.log('[daemon] codex.onboarding.auto_ack', { agentId: msg.agentId });
+                        }
+                    }
+                    catch {
+                        // ignore decode errors for logging
+                    }
+                }
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'output', agentId: msg.agentId, data }));
+                }
+            }, (exitCode, signal) => {
+                const uptimeMs = Date.now() - spawnStartedAt;
+                const earlyExit = uptimeMs <= EARLY_EXIT_MS;
+                console.log('[daemon] pty.spawn.result', {
+                    agentId: msg.agentId,
+                    agentKey: msg.agentKey,
+                    daemonId: msg.daemonId,
+                    exitCode,
+                    signal,
+                    uptimeMs,
+                    earlyExit,
+                    outputBytes,
+                    firstOutputSnippet: firstOutputSnippet || undefined,
+                });
+                if (earlyExit && ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({
+                        type: 'error',
+                        code: 'SPAWN_FAILED',
+                        message: `Early exit: agent=${msg.agentKey} code=${exitCode ?? 'null'} signal=${signal ?? 'null'} snippet="${firstOutputSnippet || 'no output'}"`,
+                    }));
+                }
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'exit', agentId: msg.agentId, exitCode, signal }));
+                }
+            }, spawnCtx);
+            if (!ok) {
+                const lastError = manager.getLastError(msg.agentId);
+                const isSpawnHelperBroken = lastError?.includes('posix_spawnp failed') && recordPosixSpawnpFailure(msg.agentKey);
+                if (ws.readyState === WebSocket.OPEN) {
+                    if (isSpawnHelperBroken) {
+                        ws.send(JSON.stringify({
+                            type: 'error',
+                            code: 'SPAWN_HELPER_BROKEN',
+                            message: 'node-pty spawn-helper is not executable. Upgrade bridge-agent to v0.2.10+.',
+                        }));
+                    }
+                    else {
+                        ws.send(JSON.stringify({
+                            type: 'error',
+                            code: 'SPAWN_FAILED',
+                            message: `Failed to spawn panel ${msg.agentId}`,
+                        }));
+                    }
+                }
+            }
+            else {
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({
+                        type: 'mcp_status',
+                        agentId: msg.agentId,
+                        mcpConfigured,
+                        transport: mcpConfigured ? mcpTransport : undefined,
+                        projectId: spawnCtx?.projectId,
+                    }));
+                }
+            }
+            break;
+        }
+        case 'input':
+            manager.write(msg.agentId, msg.data, msg.source);
+            break;
+        case 'kill':
+            usageWatchers.get(msg.agentId)?.();
+            usageWatchers.delete(msg.agentId);
+            manager.kill(msg.agentId, msg.force);
+            break;
+        case 'resize':
+            manager.resize(msg.agentId, msg.cols, msg.rows);
+            break;
+        case 'detect_agents':
+            void detectAgents(config.agentPaths).then(list => {
+                cachedAgents = list;
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'agents', list }));
+                }
+            });
+            break;
+        case 'dir_list': {
+            const homeDir = os.homedir();
+            // Expand leading ~ to home directory before resolving
+            const expanded = (msg.path || '~').replace(/^~/, homeDir);
+            const safePath = path.resolve(expanded);
+            if (safePath !== homeDir && !safePath.startsWith(homeDir + path.sep)) {
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'error', code: 'INVALID_MSG', message: 'Path outside home directory' }));
+                }
+                return;
+            }
+            try {
+                const entries = fs.readdirSync(safePath, { withFileTypes: true })
+                    .filter(e => e.isDirectory() && !e.name.startsWith('.'))
+                    .map(e => ({ name: e.name, path: path.join(safePath, e.name) }))
+                    .sort((a, b) => a.name.localeCompare(b.name));
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({ type: 'dir_list_result', requestId: msg.requestId, path: safePath, entries }));
+                }
+            }
+            catch (err) {
+                if (ws.readyState === WebSocket.OPEN) {
+                    ws.send(JSON.stringify({
+                        type: 'dir_list_result',
+                        requestId: msg.requestId,
+                        path: safePath,
+                        entries: [],
+                        error: err instanceof Error ? err.message : 'Cannot read directory',
+                    }));
+                }
+            }
+            break;
+        }
+        default: {
+            const _ = msg;
+            void _;
+        }
+    }
+}