clementine-agent 1.0.43 → 1.0.45

package/dist/agent/assistant.js

@@ -1058,13 +1058,20 @@ When ${owner} gives you an API key, access token, or similar credential in chat,
 
 Use \`env_list\` to show what's configured (values masked) and \`env_unset\` to remove one. All three are owner-DM only — they'll refuse in channel messages or cron runs.
 
-### Tool schema self-extension
+### When a tool call is refused
 
-If a tool call fails with **"not in my function schema" / "tool not allowed" / "unknown tool"** BUT you can see it in the SDK init inventory (e.g. \`mcp__claude_ai_Google_Drive__search_files\`), call \`allow_tool(name)\` to add it to your whitelist. Takes effect on your next query — no restart, no owner intervention. Then try the original task again.
+If any tool call fails with "not in my function schema" / "tool not allowed" / "unknown tool" while you can see the tool exists in your SDK inventory:
 
-This is the correct response to "tool not in schema" errors. **Do not dead-end** and tell ${owner} to edit a config file. Use \`list_allowed_tools\` to see what you've already added, \`disallow_tool\` to remove one.
+1. Call \`allow_tool("<exact_tool_name>")\` — persists to your own whitelist
+2. Retry the original call
 
-Don't tell ${owner} "add this to your .env" — just call env_set and report what you saved. For integrations connected at claude.ai (Google Drive, Gmail, Slack, Notion, Linear, etc.), the \`mcp__claude_ai_*\` tools appear in your SDK init inventory; if your first call is refused, call \`allow_tool\` with the exact tool name and retry.
+Takes effect on your next query. No restart, no config editing, no asking ${owner} to help.
+
+**Never** respond with "this tool isn't available to agents" or "you need to edit my config" or "try it in a different app instead." If the tool name appears in your inventory, you can add it. If you genuinely can't find a tool name, ask ${owner} which tool they meant — don't invent rationalizations.
+
+\`list_allowed_tools\` shows what you've added. \`disallow_tool\` removes one.
+
+For \`.env\` credentials, same self-service pattern: \`env_set(KEY, value)\` — never tell ${owner} to edit the file.
 
 ## Context Window Management
 
@@ -1079,40 +1086,21 @@ Delegate data-heavy work (SEO, analytics, bulk API calls for 3+ entities) to sub
 Never spawn a sub-agent with vague instructions like "handle this brief" — tell it exactly what to read, what to change, and where to write the result.
 `);
         }
-        // Inject Claude Desktop integration awareness. Two lists:
-        //  - Known-confirmed: integrations the agent has actually used before
-        //    (persisted in claude-integrations.json). High confidence.
-        //  - Possibly-available: common integrations the owner may have connected
-        //    at claude.ai level that we don't have a usage record for yet. The
-        //    integrations-file is written reactively — only entries with
-        //    successful tool uses get captured — so a freshly-connected
-        //    Google Drive / Gmail / Slack connector is invisible to us until we
-        //    try it. Hint the agent that it can try these blindly; the tool
-        //    call will either succeed or return an auth error, at which point
-        //    the record gets captured.
+        // Inject Claude Desktop integration awareness. Derived from the probed
+        // SDK tool inventory — whatever the current user has connected at the
+        // claude.ai level shows up here automatically, no per-install hardcoding.
         try {
-            const integrations = _mcpBridge?.getClaudeIntegrations() ?? [];
-            const knownNames = new Set(integrations.map(ig => ig.name));
-            if (integrations.length > 0) {
-                const names = integrations.map(ig => ig.label).join(', ');
-                parts.push(`**Connected via Claude Desktop:** ${names}. Use their \`mcp__claude_ai_*\` tools (e.g. \`mcp__claude_ai_Google_Drive__search_files\`).`);
-            }
-            // Common integrations to speculatively mention. If the owner has
-            // connected any of these at claude.ai, the corresponding tool names
-            // will work even if no prior record exists.
-            const SPECULATIVE = [
-                ['Google_Drive', 'Google Drive'], ['Gmail', 'Gmail'],
-                ['Google_Calendar', 'Google Calendar'], ['Google_Workspace', 'Google Workspace'],
-                ['Slack', 'Slack'], ['Notion', 'Notion'], ['GitHub', 'GitHub'],
-                ['Linear', 'Linear'], ['Asana', 'Asana'], ['Jira', 'Jira'],
-                ['Dropbox', 'Dropbox'], ['Salesforce', 'Salesforce'],
-                ['Microsoft_365', 'Microsoft 365'],
-            ];
-            const maybe = SPECULATIVE.filter(([name]) => !knownNames.has(name)).map(([, label]) => label);
-            if (maybe.length > 0) {
-                parts.push(`**Possibly connected (try them — they'll either work or return an auth error):** ${maybe.join(', ')}. ` +
-                    `Tool names follow \`mcp__claude_ai_<IntegrationName>__<tool>\` — e.g. \`mcp__claude_ai_Google_Drive__search_files\`, \`mcp__claude_ai_Gmail__authenticate\`. ` +
-                    `Don't tell ${owner} an integration is "not available" without first attempting the tool call — a fresh connection won't be in your recorded list until after first use.`);
+            const inv = _mcpBridge?.loadToolInventory();
+            const labels = new Set();
+            if (inv?.tools) {
+                for (const t of inv.tools) {
+                    const m = t.match(/^mcp__claude_ai_([^_]+(?:_[^_]+)*)__/);
+                    if (m)
+                        labels.add(m[1].replace(/_/g, ' '));
+                }
+            }
+            if (labels.size > 0) {
+                parts.push(`**Claude Desktop integrations connected for this user:** ${[...labels].sort().join(', ')}. Call \`mcp__claude_ai_<Integration>__<tool>\` directly; the tool names and schemas are in your SDK inventory.`);
             }
         }
         catch { /* non-fatal */ }
@@ -1434,28 +1422,26 @@ You have a cost budget per message — not a hard turn limit. Work until the tas
             }
         }
         catch { /* non-fatal — dynamic tools are supplementary */ }
-        // Claude Desktop connector tools (mcp__claude_ai_*). These reach the SDK
-        // subprocess via Claude Code's runtime but are NOT added to allowedTools
-        // automatically — which caused the model to see them in the init
-        // inventory but get refused when it tried to call one ("not in my
-        // function schema"). Add every tool from every auto-registered
-        // integration (populated from the SDK init message on prior queries) so
-        // the whitelist matches reality.
+        // Merge the SDK's probed tool inventory. On daemon startup we run a
+        // one-shot query with no whitelist to discover every tool Claude Code
+        // surfaces (mcp__claude_ai_* connectors, plugins, custom MCP servers,
+        // built-ins). The inventory is cached 24h. This makes the whitelist
+        // match whatever the *current user* has connected — no per-install
+        // hardcoding of tool names in the system prompt or code.
         try {
-            const integrations = _mcpBridge?.getClaudeIntegrations() ?? [];
-            for (const ig of integrations) {
-                for (const tool of ig.tools) {
-                    const fullName = `mcp__claude_ai_${ig.name}__${tool}`;
-                    if (!allowedTools.includes(fullName))
-                        allowedTools.push(fullName);
+            const inv = _mcpBridge?.loadToolInventory();
+            if (inv && Array.isArray(inv.tools)) {
+                for (const t of inv.tools) {
+                    if (typeof t === 'string' && !allowedTools.includes(t))
+                        allowedTools.push(t);
                 }
             }
         }
         catch { /* non-fatal */ }
         // Self-service extension — Clementine can add tools to her own whitelist
         // at runtime via the `allow_tool` MCP tool, writing to allowed-tools-
-        // extra.json. This eliminates the "tool not in schema → dead end → tell
-        // owner to edit config" failure pattern. See admin-tools.ts:allow_tool.
+        // extra.json. Covers the case where a user connects a new integration
+        // between daemon startup probes (< 24h window).
         try {
             const extraPath = path.join(BASE_DIR, 'allowed-tools-extra.json');
             if (fs.existsSync(extraPath)) {

package/dist/agent/mcp-bridge.d.ts

@@ -54,6 +54,22 @@ export declare function loadClaudeIntegrations(): Record<string, ClaudeIntegrati
 export declare function recordClaudeIntegrationUse(toolName: string): void;
 /** Get all discovered Claude Desktop integrations as a list. */
 export declare function getClaudeIntegrations(): ClaudeIntegration[];
+export interface ToolInventory {
+    /** ISO timestamp of the probe */
+    probedAt: string;
+    /** Full list of tool names the SDK reported in init.tools when no whitelist was applied */
+    tools: string[];
+}
+export declare function loadToolInventory(): ToolInventory | null;
+/**
+ * Run a minimal SDK query with NO tool whitelist so the init message
+ * returns every tool Claude Code is actually surfacing — claude_ai_*
+ * connectors, plugins, built-ins, custom MCP servers. Cached for 24h.
+ * This removes any need to hardcode user-specific tool names in the
+ * system prompt; whatever Claude Desktop is currently connecting to the
+ * user's account becomes automatically available to the agent.
+ */
+export declare function probeAvailableTools(force?: boolean): Promise<ToolInventory>;
 /**
  * Register every integration found in a tool inventory. The SDK's system
  * init message (subtype='init') includes a `tools: string[]` with the full

package/dist/agent/mcp-bridge.js

@@ -384,6 +384,73 @@ export function recordClaudeIntegrationUse(toolName) {
 export function getClaudeIntegrations() {
     return Object.values(loadClaudeIntegrations());
 }
+// ── SDK tool inventory probe ───────────────────────────────────────────
+const TOOL_INVENTORY_FILE = path.join(BASE_DIR, '.tool-inventory.json');
+const TOOL_INVENTORY_MAX_AGE_MS = 24 * 60 * 60 * 1000; // 24h
+export function loadToolInventory() {
+    try {
+        if (!existsSync(TOOL_INVENTORY_FILE))
+            return null;
+        const data = JSON.parse(readFileSync(TOOL_INVENTORY_FILE, 'utf-8'));
+        if (!Array.isArray(data.tools))
+            return null;
+        return data;
+    }
+    catch {
+        return null;
+    }
+}
+function saveToolInventory(inv) {
+    try {
+        writeFileSync(TOOL_INVENTORY_FILE, JSON.stringify(inv, null, 2));
+    }
+    catch { /* non-fatal */ }
+}
+/**
+ * Run a minimal SDK query with NO tool whitelist so the init message
+ * returns every tool Claude Code is actually surfacing — claude_ai_*
+ * connectors, plugins, built-ins, custom MCP servers. Cached for 24h.
+ * This removes any need to hardcode user-specific tool names in the
+ * system prompt; whatever Claude Desktop is currently connecting to the
+ * user's account becomes automatically available to the agent.
+ */
+export async function probeAvailableTools(force = false) {
+    const cached = loadToolInventory();
+    if (!force && cached) {
+        const age = Date.now() - Date.parse(cached.probedAt);
+        if (Number.isFinite(age) && age < TOOL_INVENTORY_MAX_AGE_MS)
+            return cached;
+    }
+    try {
+        const { query } = await import('@anthropic-ai/claude-agent-sdk');
+        const stream = query({
+            prompt: 'ok',
+            options: {
+                systemPrompt: 'Reply ok.',
+                model: 'claude-haiku-4-5',
+                permissionMode: 'bypassPermissions',
+                allowDangerouslySkipPermissions: true,
+            },
+        });
+        let tools = [];
+        for await (const msg of stream) {
+            if (msg?.type === 'system' && msg?.subtype === 'init' && Array.isArray(msg.tools)) {
+                tools = msg.tools;
+                break;
+            }
+            if (msg?.type === 'result')
+                break;
+        }
+        const inv = { probedAt: new Date().toISOString(), tools };
+        saveToolInventory(inv);
+        logger.info({ toolCount: tools.length }, 'Tool inventory probed');
+        return inv;
+    }
+    catch (err) {
+        logger.warn({ err }, 'Tool inventory probe failed — using cached or empty');
+        return cached ?? { probedAt: new Date(0).toISOString(), tools: [] };
+    }
+}
 /**
  * Register every integration found in a tool inventory. The SDK's system
  * init message (subtype='init') includes a `tools: string[]` with the full

package/dist/index.js

@@ -536,9 +536,13 @@ async function asyncMain() {
     }
     // ── Check MCP extension permissions ────────────────────────────
     try {
-        const { checkPermissionsOnStartup, bootstrapClaudeIntegrationsFromAuditLog } = await import('./agent/mcp-bridge.js');
+        const { checkPermissionsOnStartup, bootstrapClaudeIntegrationsFromAuditLog, probeAvailableTools } = await import('./agent/mcp-bridge.js');
         checkPermissionsOnStartup();
         bootstrapClaudeIntegrationsFromAuditLog(path.join(config.BASE_DIR, 'logs', 'audit.log'));
+        // Fire-and-forget: probe the SDK's full tool inventory so buildOptions
+        // knows everything Claude Code is surfacing (claude_ai_* connectors,
+        // plugins, etc.) without per-user hardcoding. Cached 24h.
+        probeAvailableTools().catch(() => { });
     }
     catch { /* non-fatal */ }
     // ── Initialize layers ────────────────────────────────────────────

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.0.43",
+  "version": "1.0.45",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",