clementine-agent 1.18.146 → 1.18.148

package/dist/agent/route-classifier.js

@@ -351,7 +351,15 @@ export async function classifyRoute(userMessage, agents, gateway) {
         undefined, // maxHours
         undefined, // timeoutMs
         undefined, // successCriteria
-        undefined);
+        undefined, // agentSlug
+        // 1.18.148 — F1/F2 pattern: meta-jobs run predictable to keep the
+        // prompt under Claude's input limit. Without these the classifier
+        // inherited MEMORY.md + team comms + auto-matched skills, blew up
+        // 12+ times in 8 hours (silent fallback to default route).
+        undefined, // pinnedSkills
+        [], // allowedTools
+        [], // allowedMcpServers
+        true);
     }
     catch (err) {
         logger.warn({ err }, 'Route classifier call failed');

package/dist/agent/run-agent-cron.js

@@ -45,8 +45,17 @@ const MAX_INJECTED_SKILLS = 4;
  *     delegation is the one thing every cron must always be able to do).
  */
 export function computeEffectiveAllowedTools(jobAllow, profileAllow) {
-    if (!jobAllow?.length)
+    // 1.18.148 — distinguish "no allowlist" (undefined → unrestricted) from
+    // "explicitly empty allowlist" (`[]` → deny all). Before this, both
+    // collapsed to `undefined` because of the `?.length` check, which meant
+    // meta-jobs passing `allowedTools: []` actually got the FULL tool set
+    // injected (and blew past the prompt limit when Composio toolkits piled
+    // on tool schemas). The fix: an explicit `[]` returns `['Agent']` only
+    // (just the SDK's required spawn-subagent tool).
+    if (jobAllow === undefined)
         return undefined;
+    if (jobAllow.length === 0)
+        return ['Agent']; // explicitly empty → minimal
     let result;
     if (profileAllow?.length) {
         const jobSet = new Set(jobAllow);
@@ -67,8 +76,16 @@ export function computeEffectiveAllowedTools(jobAllow, profileAllow) {
  * MCP allowlist set.
  */
 export function applyMcpAllowlist(servers, jobAllowedMcpServers) {
-    if (!jobAllowedMcpServers?.length)
+    // 1.18.148 — empty array means "deny all MCP servers", not "no
+    // restriction". Before this, passing `[]` collapsed to `?.length === 0`
+    // and returned the unfiltered server map — so meta-jobs (insight-check,
+    // grade:*, route-classify, diagnose:*) got every Composio toolkit's
+    // tool schemas wired into their prompt and blew past Claude's input
+    // limit. 110+ "Prompt is too long" errors per 8 hours.
+    if (jobAllowedMcpServers === undefined)
         return servers;
+    if (jobAllowedMcpServers.length === 0)
+        return {};
     const allow = new Set(jobAllowedMcpServers);
     return Object.fromEntries(Object.entries(servers).filter(([name]) => allow.has(name)));
 }
@@ -94,8 +111,13 @@ export function applyMcpAllowlist(servers, jobAllowedMcpServers) {
  *     unchanged.
  */
 export function widenAllowlistWithSkillTools(jobAllow, pinnedSkillTools) {
-    if (!jobAllow?.length)
+    // 1.18.148 — preserve "explicitly empty" semantics. An empty array is a
+    // contract: "I want no tools." Skill-pin widening doesn't apply when no
+    // skills are pinned (which is the case for meta-jobs).
+    if (jobAllow === undefined)
         return undefined;
+    if (jobAllow.length === 0 && !pinnedSkillTools?.length)
+        return [];
     if (!pinnedSkillTools?.length)
         return [...jobAllow];
     return [...new Set([...jobAllow, ...pinnedSkillTools])];
@@ -130,8 +152,12 @@ export function extractMcpServersFromSkillBodies(bodies) {
  * allowlist; doesn't synthesize one when the cron is unrestricted.
  */
 export function widenMcpAllowlistWithSkillRefs(jobMcpAllow, skillReferencedServers) {
-    if (!jobMcpAllow?.length)
+    // 1.18.148 — preserve "explicitly empty" semantics. See note on
+    // applyMcpAllowlist + widenAllowlistWithSkillTools above.
+    if (jobMcpAllow === undefined)
         return undefined;
+    if (jobMcpAllow.length === 0 && !skillReferencedServers.length)
+        return [];
     if (!skillReferencedServers.length)
         return [...jobMcpAllow];
     return [...new Set([...jobMcpAllow, ...skillReferencedServers])];
@@ -572,8 +598,10 @@ export async function buildCronExecutionPlan(opts) {
     const widenedJobMcpAllowlist = widenMcpAllowlistWithSkillRefs(opts.allowedMcpServers, skillReferencedMcpServers);
     // Per-trick MCP allowlist: post-filter on the profile-narrowed map.
     // Effective set = profile ∩ trick (widened).
+    // 1.18.148 — empty array means "deny all" not "no restriction" (was a
+    // silent prompt-bloat bug — see applyMcpAllowlist note above).
     const mcpServerMap = applyMcpAllowlist(mcp.servers, widenedJobMcpAllowlist);
-    const allowSet = widenedJobMcpAllowlist?.length ? new Set(widenedJobMcpAllowlist) : null;
+    const allowSet = widenedJobMcpAllowlist === undefined ? null : new Set(widenedJobMcpAllowlist);
     const composioConnected = allowSet ? mcp.composioConnected.filter(n => allowSet.has(n)) : mcp.composioConnected;
     const externalConnected = allowSet ? mcp.externalConnected.filter(n => allowSet.has(n)) : mcp.externalConnected;
     const mcpServersApplied = Object.keys(mcpServerMap);

package/dist/cli/dashboard.js

@@ -1754,6 +1754,28 @@ export async function cmdDashboard(opts) {
             }
             catch { /* ignore */ }
         };
+        // 1.18.147 — Auto-open the dashboard URL in the user's default
+        // browser once the child has had a chance to bind + write the
+        // token file. Direct `clementine dashboard` invocations now match
+        // the restart/update flow so the user never has to copy-paste a
+        // token by hand. Honors NO_BROWSER=1 for headless / CI runs.
+        if (process.env.NO_BROWSER !== '1') {
+            setTimeout(() => {
+                try {
+                    const tokenPath = path.join(BASE_DIR, '.dashboard-token');
+                    const token = existsSync(tokenPath) ? readFileSync(tokenPath, 'utf-8').trim() : '';
+                    if (!token)
+                        return;
+                    const url = `http://localhost:${childPort}/?token=${token}`;
+                    const platform = process.platform;
+                    const cmd = platform === 'darwin' ? 'open'
+                        : platform === 'win32' ? 'start'
+                            : 'xdg-open';
+                    spawn(cmd, [url], { detached: true, stdio: 'ignore' }).unref();
+                }
+                catch { /* best effort */ }
+            }, 1500);
+        }
         // Forward signals to child
         process.on('SIGINT', () => { child.kill('SIGINT'); cleanup(); process.exit(0); });
         process.on('SIGTERM', () => { child.kill('SIGTERM'); cleanup(); process.exit(0); });

package/dist/cli/index.js

@@ -472,7 +472,32 @@ function cmdStop() {
  * the user's old browser tab (which would silently 401 on the stale
  * token) doesn't waste their time.
  */
-async function relaunchDashboardDetached() {
+/**
+ * 1.18.147 — Open the dashboard URL in the user's default browser.
+ *
+ * Invoked after the dashboard child binds. Best-effort cross-platform:
+ * macOS uses `open`, Windows uses `start`, Linux falls back to
+ * `xdg-open`. Failures are swallowed (no native browser, headless
+ * SSH session, etc.) — the printed URL is still the source of truth
+ * the user can copy by hand.
+ *
+ * Honors NO_BROWSER=1 env var so CI / scripted runs don't get a
+ * spurious browser tab.
+ */
+function openInBrowser(url) {
+    if (process.env.NO_BROWSER === '1')
+        return;
+    const platform = process.platform;
+    const cmd = platform === 'darwin' ? 'open'
+        : platform === 'win32' ? 'start'
+            : 'xdg-open';
+    try {
+        const { spawn: spawnProc } = require('node:child_process');
+        spawnProc(cmd, [url], { detached: true, stdio: 'ignore' }).unref();
+    }
+    catch { /* no browser available; URL was already printed */ }
+}
+async function relaunchDashboardDetached(opts = {}) {
     try {
         const { spawn: spawnProc } = await import('node:child_process');
         const child = spawnProc('node', [path.join(PACKAGE_ROOT, 'dist/cli/index.js'), 'dashboard'], { detached: true, stdio: 'ignore' });
@@ -489,7 +514,13 @@ async function relaunchDashboardDetached() {
         }
         catch { /* token may not be ready yet */ }
         if (token) {
-            console.log(`  Dashboard relaunched: http://localhost:3030/?token=${token}`);
+            const url = `http://localhost:3030/?token=${token}`;
+            console.log(`  Dashboard relaunched: ${url}`);
+            // 1.18.147 — auto-open the browser by default. Restart/update
+            // already imply user wants the dashboard back; making them copy a
+            // URL was a UX papercut.
+            if (opts.open !== false)
+                openInBrowser(url);
         }
         else {
             console.log('  Dashboard relaunched (token not ready — check `clementine status`).');

package/dist/gateway/failure-diagnostics.js

@@ -546,7 +546,15 @@ export async function diagnoseBrokenJob(broken, gateway) {
         undefined, // maxHours
         undefined, // timeoutMs
         undefined, // successCriteria
-        undefined);
+        undefined, // agentSlug
+        // 1.18.148 — F1/F2 pattern: diagnostics are pure analysis of an
+        // existing run, no need for MEMORY.md / team / auto-skills. Without
+        // these flags the diagnostic prompt blew past Claude's input limit
+        // and broken jobs went undiagnosed silently.
+        undefined, // pinnedSkills
+        [], // allowedTools
+        [], // allowedMcpServers
+        true);
     }
     catch (err) {
         logger.warn({ err, job: broken.jobName }, 'Diagnostic LLM call failed');

package/dist/gateway/outcome-grader.js

@@ -140,7 +140,16 @@ export async function gradeRun(entry, gateway, jobPrompt) {
         undefined, // maxHours
         undefined, // timeoutMs
         undefined, // successCriteria
-        undefined);
+        undefined, // agentSlug
+        // 1.18.148 — F1/F2 pattern: meta-jobs don't get user MEMORY.md /
+        // team comms / auto-matched skills, otherwise the prompt blows
+        // past Claude's input limit (110+ "Prompt is too long" errors/8h
+        // before this fix). Same shape applied to insight-check (1.18.132)
+        // and route-classify / failure-diagnostics in this same ship.
+        undefined, // pinnedSkills
+        [], // allowedTools — empty = no MCP injection
+        [], // allowedMcpServers — empty = no MCP servers wired
+        true);
     }
     catch (err) {
         logger.warn({ err, jobName: entry.jobName }, 'Outcome grader LLM call failed');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.18.146",
+  "version": "1.18.148",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",