clementine-agent 1.18.175 → 1.18.177

package/dist/agent/assistant.js

@@ -2343,6 +2343,7 @@ You have a cost budget per message — not a hard turn limit. Work until the tas
                             ...process.env,
                             CLEMENTINE_HOME: BASE_DIR,
                             CLEMENTINE_TEAM_AGENT: profile?.slug ?? 'clementine',
+                            ...(sessionKey ? { CLEMENTINE_SESSION_KEY: sessionKey } : {}),
                             CLEMENTINE_INTERACTION_SOURCE: sourceOverride ?? inferInteractionSource(sessionKey),
                             CLEMENTINE_TOOL_ALLOWLIST: clementineToolAllowlist,
                             CLEMENTINE_1M_CONTEXT_MODE: oneMillionModeValue,

package/dist/agent/run-agent.d.ts

@@ -75,6 +75,10 @@ export interface RunAgentOptions {
     /** Optional explicit allowedTools list. When unset, falls back to a sensible default
      *  including Agent (so subagents can be spawned) + core SDK tools + Clementine MCP. */
     allowedTools?: string[];
+    /** Extra tools to pre-approve without making their built-in tools visible to
+     *  the main agent. Useful when the main agent may only call Agent, but the
+     *  forced subagent still needs pre-approved MCP/Clementine tools. */
+    permissionTools?: string[];
     /** SDK permission mode. Defaults to dontAsk so allowedTools is enforceable.
      *  Only explicit operator/full-surface paths should request bypassPermissions. */
     permissionMode?: ExecutionPermissionMode;

package/dist/agent/run-agent.js

@@ -254,6 +254,27 @@ export async function runAgent(prompt, opts) {
         clementineServerName: TOOLS_SERVER,
         permissionMode: opts.permissionMode,
     });
+    const permissionToolPolicy = opts.permissionTools
+        ? buildExecutionToolPolicy({
+            requestedTools: opts.permissionTools,
+            defaultBuiltins: CORE_TOOLS_FOR_AGENT_PARENT,
+            mcpServerNames: policyMcpServerNames,
+            clementineServerName: TOOLS_SERVER,
+            permissionMode: opts.permissionMode,
+        })
+        : null;
+    const sdkAllowedTools = permissionToolPolicy
+        ? Array.from(new Set([...toolPolicy.allowedTools, ...permissionToolPolicy.allowedTools])).sort()
+        : toolPolicy.allowedTools;
+    const clementineToolAllowlist = (() => {
+        if (!permissionToolPolicy)
+            return toolPolicy.clementineToolAllowlist;
+        const parts = [toolPolicy.clementineToolAllowlist, permissionToolPolicy.clementineToolAllowlist]
+            .flatMap(v => v.split(',').map(s => s.trim()).filter(Boolean));
+        if (parts.includes('*'))
+            return '*';
+        return Array.from(new Set(parts)).sort().join(',');
+    })();
     // SDK accepts a Record<string, McpServerConfig> here. We cast on
     // assignment because we mix the always-on Clementine stdio server
     // with caller-supplied servers of various types.
@@ -266,8 +287,9 @@ export async function runAgent(prompt, opts) {
                 ...subprocessEnv,
                 CLEMENTINE_HOME: BASE_DIR,
                 ...(opts.profile?.slug ? { CLEMENTINE_TEAM_AGENT: opts.profile.slug } : {}),
+                CLEMENTINE_SESSION_KEY: opts.sessionKey,
                 CLEMENTINE_INTERACTION_SOURCE: interactionSourceForSession(opts.sessionKey, source),
-                CLEMENTINE_TOOL_ALLOWLIST: toolPolicy.clementineToolAllowlist,
+                CLEMENTINE_TOOL_ALLOWLIST: clementineToolAllowlist,
             },
         },
         ...baseMcpServers,
@@ -407,7 +429,7 @@ export async function runAgent(prompt, opts) {
         // callers can mix stdio + http + sse server shapes.
         mcpServers: mcpServers,
         tools: toolPolicy.builtinTools,
-        allowedTools: toolPolicy.allowedTools,
+        allowedTools: sdkAllowedTools,
         permissionMode: toolPolicy.permissionMode,
         ...(sessionStore ? { sessionStore } : {}),
         ...(toolPolicy.allowDangerouslySkipPermissions
@@ -447,7 +469,7 @@ export async function runAgent(prompt, opts) {
         maxBudgetUsd: maxBudgetUsd ?? 'uncapped',
         agentCount: Object.keys(agents).length,
         allowedToolCount: allowedTools.length,
-        sdkAllowedToolCount: toolPolicy.allowedTools.length,
+        sdkAllowedToolCount: sdkAllowedTools.length,
         builtinToolCount: toolPolicy.builtinTools.length,
         permissionMode: toolPolicy.permissionMode,
         mcpServerCount: Object.keys(mcpServers).length,
@@ -739,7 +761,7 @@ export async function runAgent(prompt, opts) {
         ...(usage ? { usage } : {}),
         runId,
         permissionMode: toolPolicy.permissionMode,
-        allowedToolsApplied: toolPolicy.allowedTools,
+        allowedToolsApplied: sdkAllowedTools,
         builtinToolsApplied: toolPolicy.builtinTools,
         mcpServersApplied: Object.keys(mcpServers),
     };

package/dist/agent/run-skill.js

@@ -417,6 +417,9 @@ export async function runSkill(name, options = {}) {
                 // the parent's context shape predictable and prevents it from
                 // doing data-heavy work itself even if the LLM disagrees.
                 allowedTools: ['Agent'],
+                // SDK permissions are session-level, so the worker's tools still
+                // need to be pre-approved even though the parent only sees Agent.
+                permissionTools: ['Agent', ...effectiveTools],
                 // Force-routing: SDK wraps the prompt with "Use the skill-worker
                 // agent to handle this request" so dispatch is the natural
                 // first action.

package/dist/gateway/router.d.ts

@@ -13,6 +13,11 @@ import type { NotificationDispatcher } from './notifications.js';
 import { type ProactiveNotificationInput } from './notification-context.js';
 import { type ToolsetName } from '../agent/toolsets.js';
 export { isLiveUnleashedStatus } from './unleashed-status.js';
+export declare function buildContextOverflowRetryPrompt(opts: {
+    chatPrompt: string;
+    turnContextPrefix?: string;
+    project?: ProjectMeta | null;
+}): string;
 export type ChatErrorKind = 'rate_limit' | 'one_million_context' | 'context_overflow' | 'auth' | 'billing' | 'transient' | 'unknown';
 export declare function classifyChatError(err: unknown): ChatErrorKind;
 /** Detect auth-like errors in response text that the SDK returned as "successful" results. */

package/dist/gateway/router.js

@@ -49,6 +49,8 @@ const CHAT_TIMEOUT_MS = 10 * 60 * 1000;
  *  Safety net so no session runs forever, even if active.
  *  Primary guardrail is cost budget (maxBudgetUsd), not this timer. */
 const CHAT_MAX_WALL_MS = 30 * 60 * 1000;
+const CHAT_CONTEXT_RETRY_CONTEXT_MAX_CHARS = 6_000;
+const CHAT_CONTEXT_RETRY_SYSTEM_MAX_CHARS = 16_000;
 const BACKGROUND_TASK_ID_RE = /\bbg-[a-z0-9]+-[a-f0-9]{6}\b/i;
 function collectRunToolNames(runId) {
     if (!runId)
@@ -74,6 +76,26 @@ function compactToolNames(names) {
     }
     return out;
 }
+function trimContextRecoveryText(text, maxChars) {
+    if (!text || text.length <= maxChars)
+        return text;
+    return `${text.slice(0, maxChars - 80).trimEnd()}\n\n[context recovery: trimmed oversized carry-over context]`;
+}
+export function buildContextOverflowRetryPrompt(opts) {
+    const parts = [
+        '[Context recovery: the previous SDK session was too large, so this is a fresh session. Continue with the current user request. Do not ask the user to resend it.]',
+    ];
+    if (opts.project?.path) {
+        const description = opts.project.description ? ` (${opts.project.description})` : '';
+        parts.push(`[Active project: ${opts.project.path}${description}]`);
+    }
+    const compactContext = trimContextRecoveryText((opts.turnContextPrefix ?? '').trim(), CHAT_CONTEXT_RETRY_CONTEXT_MAX_CHARS);
+    if (compactContext) {
+        parts.push(compactContext);
+    }
+    parts.push(opts.chatPrompt);
+    return parts.filter(Boolean).join('\n\n');
+}
 export function classifyChatError(err) {
     const msg = String(err);
     if (isCreditBalanceError(msg))
@@ -82,7 +104,7 @@ export function classifyChatError(err) {
         return 'rate_limit';
     if (looksLikeClaudeOneMillionContextError(msg))
         return 'one_million_context';
-    if (/context.?length|token.?limit|maximum.?context|prompt.?too.?long|rapid_refill_breaker|autocompact|context.?refilled/i.test(msg))
+    if (/context.?length|token.?limit|maximum.?context|prompt(?:\s+is)?.?too.?long|input.?too.?long|rapid_refill_breaker|autocompact|context.?refilled/i.test(msg))
         return 'context_overflow';
     if (/\b401\b|\b403\b|auth|forbidden|invalid.?api.?key|permission|does not have access|please run \/login/i.test(msg))
         return 'auth';
@@ -2117,6 +2139,7 @@ export class Gateway {
                     const chatSystemAppend = resolvedSkills && resolvedSkills.promptBlock
                         ? (baseSystemAppend ? `${baseSystemAppend}\n\n${resolvedSkills.promptBlock}` : resolvedSkills.promptBlock)
                         : baseSystemAppend;
+                    const retrySystemAppend = trimContextRecoveryText(chatSystemAppend, CHAT_CONTEXT_RETRY_SYSTEM_MAX_CHARS);
                     // Per-turn context (recall + persistent learnings + silent
                     // blocks + security/toolset directives) — real chat only.
                     // Builder doesn't need recall of unrelated transcripts.
@@ -2156,7 +2179,7 @@ export class Gateway {
                         skillMatchNames: resolvedSkills?.matches.map(m => m.name) ?? [],
                         skillHintedMcpServers: resolvedSkills?.hintedMcpServers ?? [],
                     }, 'Routing chat through runAgent');
-                    const runAgentResult = await runAgent(finalPrompt, {
+                    const buildRunAgentChatOptions = (opts) => ({
                         sessionKey: effectiveSessionKey,
                         source: 'chat',
                         profile: resolvedProfile,
@@ -2166,8 +2189,8 @@ export class Gateway {
                         ...(maxTurns ? { maxTurns } : {}),
                         ...(chatBudget !== undefined ? { maxBudgetUsd: chatBudget } : {}),
                         ...(builderAllowedTools ? { allowedTools: builderAllowedTools } : {}),
-                        ...(chatSystemAppend ? { systemPromptAppend: chatSystemAppend } : {}),
-                        ...(priorSdkSessionId ? { resumeSessionId: priorSdkSessionId } : {}),
+                        ...(opts.systemPromptAppend ? { systemPromptAppend: opts.systemPromptAppend } : {}),
+                        ...(opts.resumeSessionId ? { resumeSessionId: opts.resumeSessionId } : {}),
                         ...(chatMcp ? { extraMcpServers: chatMcp.servers } : {}),
                         onText: wrappedOnText,
                         onToolActivity: ({ tool, input }) => {
@@ -2178,6 +2201,38 @@ export class Gateway {
                         },
                         abortSignal: chatAc.signal,
                     });
+                    let runAgentResult;
+                    try {
+                        runAgentResult = await runAgent(finalPrompt, buildRunAgentChatOptions({
+                            ...(priorSdkSessionId ? { resumeSessionId: priorSdkSessionId } : {}),
+                            ...(chatSystemAppend ? { systemPromptAppend: chatSystemAppend } : {}),
+                        }));
+                    }
+                    catch (err) {
+                        if (chatAc.signal.aborted || classifyChatError(err) !== 'context_overflow') {
+                            throw err;
+                        }
+                        const retryPrompt = buildContextOverflowRetryPrompt({
+                            chatPrompt,
+                            turnContextPrefix,
+                            project: sess?.project ?? null,
+                        });
+                        logger.info({
+                            sessionKey: effectiveSessionKey,
+                            hadResume: !!priorSdkSessionId,
+                            promptChars: finalPrompt.length,
+                            retryPromptChars: retryPrompt.length,
+                            systemAppendChars: chatSystemAppend.length,
+                            retrySystemAppendChars: retrySystemAppend.length,
+                        }, 'Context overflow — retrying current message in fresh SDK session');
+                        if (onProgress) {
+                            await onProgress('refreshing conversation context...').catch(() => { });
+                        }
+                        this.assistant.clearSession(effectiveSessionKey);
+                        runAgentResult = await runAgent(retryPrompt, buildRunAgentChatOptions({
+                            ...(retrySystemAppend ? { systemPromptAppend: retrySystemAppend } : {}),
+                        }));
+                    }
                     if (ledgerRunMetadata) {
                         ledgerRunMetadata.runId = runAgentResult.runId;
                         ledgerRunMetadata.executionMode = ledgerRunMetadata.executionMode ?? 'inline';
@@ -2368,7 +2423,10 @@ export class Gateway {
                 if (scheduledSkillName) {
                     const { runSkill } = await import('../agent/run-skill.js');
                     const configuredCap = tier >= 2 ? BUDGET.cronT2 : BUDGET.cronT1;
-                    const scheduledSkillBudget = configuredCap > 0 ? configuredCap : undefined;
+                    // Pass 0 through intentionally. It means "uncapped" and must
+                    // override skill-local clementine.limits.maxBudgetUsd values when
+                    // the operator has disabled global cron budgets.
+                    const scheduledSkillBudget = configuredCap > 0 ? configuredCap : 0;
                     logger.info({ jobName, skill: scheduledSkillName, agentSlug, tier, wallMs, path: 'run_skill' }, 'Routing scheduled skill through runSkill');
                     const skillResult = await runSkill(scheduledSkillName, {
                         sessionKey: `cron:${jobName}`,
@@ -2380,7 +2438,7 @@ export class Gateway {
                         projectWorkDir: workDir,
                         model,
                         ...(maxTurns ? { maxTurns } : {}),
-                        ...(scheduledSkillBudget !== undefined ? { maxBudgetUsd: scheduledSkillBudget } : {}),
+                        maxBudgetUsd: scheduledSkillBudget,
                         abortSignal: cronAc.signal,
                         context: `[Scheduled skill: ${jobName}]`,
                     });

package/dist/tools/background-task-tools.js

@@ -13,7 +13,7 @@
  */
 import { z } from 'zod';
 import { createBackgroundTask, listBackgroundTasks, loadBackgroundTask, } from '../agent/background-tasks.js';
-import { ACTIVE_AGENT_SLUG, logger, textResult } from './shared.js';
+import { ACTIVE_AGENT_SLUG, ACTIVE_SESSION_KEY, logger, textResult } from './shared.js';
 const DEFAULT_MAX_MINUTES = 30;
 export function registerBackgroundTaskTools(server) {
     server.tool('start_background_task', 'Kick off a long-running autonomous task in the background. Use when the work would burn the chat context (deep research, multi-page extraction, batch processing) or take longer than a chat turn. Returns a task id immediately. The daemon picks the task up within seconds, runs it with your profile + tools, and posts the deliverable to your Discord channel when done.', {
@@ -30,8 +30,9 @@ export function registerBackgroundTaskTools(server) {
             fromAgent,
             prompt: trimmed,
             maxMinutes: cap,
+            ...(ACTIVE_SESSION_KEY ? { sessionKey: ACTIVE_SESSION_KEY } : {}),
         });
-        logger.info({ id: task.id, fromAgent, maxMinutes: task.maxMinutes }, 'Background task queued');
+        logger.info({ id: task.id, fromAgent, sessionKey: task.sessionKey, maxMinutes: task.maxMinutes }, 'Background task queued');
         return textResult(`Queued **${task.id}** (max ${task.maxMinutes} min). The daemon will pick it up within a few seconds and run it in the background. You'll get a notification in your channel when the deliverable lands. Use \`get_background_task\` to check status.`);
     });
     server.tool('get_background_task', 'Check the status of a background task. Returns its lifecycle state (pending|running|done|failed|aborted|interrupted), how long it has been running, and the result/error if terminal.', {

package/dist/tools/mcp-server.d.ts

@@ -8,6 +8,6 @@
  * Usage:
  *   npx tsx src/tools/mcp-server.ts
  */
-export { getStore, textResult, externalResult, incrementalSync, ACTIVE_AGENT_SLUG } from './shared.js';
+export { getStore, textResult, externalResult, incrementalSync, ACTIVE_AGENT_SLUG, ACTIVE_SESSION_KEY } from './shared.js';
 export type { MemoryStoreType } from './shared.js';
 //# sourceMappingURL=mcp-server.d.ts.map

package/dist/tools/mcp-server.js

@@ -15,7 +15,7 @@ import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
 import { z } from 'zod';
 import { BASE_DIR, VAULT_DIR, env, getStore, getStoreSync, logger, textResult, externalResult, } from './shared.js';
 // Re-export for any code that imports from mcp-server.ts directly
-export { getStore, textResult, externalResult, incrementalSync, ACTIVE_AGENT_SLUG } from './shared.js';
+export { getStore, textResult, externalResult, incrementalSync, ACTIVE_AGENT_SLUG, ACTIVE_SESSION_KEY } from './shared.js';
 // ── Tool modules ────────────────────────────────────────────────────────
 import { registerMemoryTools } from './memory-tools.js';
 import { registerVaultTools } from './vault-tools.js';

package/dist/tools/shared.d.ts

@@ -671,6 +671,7 @@ export type MemoryStoreType = {
 export declare function getStore(): Promise<MemoryStoreType>;
 export declare function getStoreSync(): MemoryStoreType | null;
 export declare const ACTIVE_AGENT_SLUG: string | null;
+export declare const ACTIVE_SESSION_KEY: string | null;
 export declare const GOALS_DIR: string;
 export declare function agentTasksFile(slug: string | null): string;
 export declare function agentWorkingMemoryFile(slug: string | null): string;

package/dist/tools/shared.js

@@ -59,6 +59,8 @@ export function getStoreSync() {
 // ── Active Agent Slug ──────────────────────────────────────────────────
 const _rawAgentSlug = process.env.CLEMENTINE_TEAM_AGENT || null;
 export const ACTIVE_AGENT_SLUG = _rawAgentSlug === 'clementine' ? null : _rawAgentSlug;
+const _rawSessionKey = process.env.CLEMENTINE_SESSION_KEY || null;
+export const ACTIVE_SESSION_KEY = _rawSessionKey?.trim() || null;
 // ── Agent-aware path helpers ───────────────────────────────────────────
 // GOALS_DIR is defined in config.ts but not in shared.ts — define it here
 export const GOALS_DIR = path.join(BASE_DIR, 'goals');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.18.175",
+  "version": "1.18.177",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",