codeep 1.3.42 → 2.0.0

package/dist/renderer/commands.js

@@ -96,6 +96,30 @@ export async function handleCommand(command, args, ctx) {
             const providerId = config.get('provider');
             const { isDynamicModelsProvider, isNoApiKeyProvider: _noKey } = await import('../config/providers.js');
             if (isDynamicModelsProvider(providerId)) {
+                if (providerId === 'openrouter') {
+                    ctx.app.notify('Fetching OpenRouter catalog…');
+                    const { fetchOpenRouterModels } = await import('../config/index.js');
+                    const apiKey = (await import('../config/index.js')).getApiKey('openrouter');
+                    const models = await fetchOpenRouterModels(apiKey || undefined);
+                    if (!models || models.length === 0) {
+                        ctx.app.notify('Could not fetch OpenRouter models (network? key?). Using built-in shortlist.');
+                        const fallback = getModelsForCurrentProvider();
+                        const currentModel = config.get('model');
+                        const modelItems = Object.keys(fallback).map(id => ({ key: id, label: fallback[id], description: '' }));
+                        ctx.app.showSelect('Select OpenRouter Model', modelItems, currentModel, (item) => {
+                            config.set('model', item.key);
+                            ctx.app.notify(`Model: ${item.key}`);
+                        });
+                        break;
+                    }
+                    const modelItems = models.map(m => ({ key: m.id, label: m.id, description: m.description }));
+                    const currentModel = config.get('model');
+                    ctx.app.showSelect(`Select OpenRouter Model (${models.length})`, modelItems, currentModel, (item) => {
+                        config.set('model', item.key);
+                        ctx.app.notify(`Model: ${item.key}`);
+                    });
+                    break;
+                }
                 const { fetchOllamaModels } = await import('../config/index.js');
                 ctx.app.notify('Fetching models from Ollama...');
                 const ollamaModels = await fetchOllamaModels();
@@ -491,7 +515,7 @@ Format: use headers per category, only include categories where you found issues
         }
         case 'login': {
             const providers = getProviderList();
-            ctx.app.showLogin(providers.map(p => ({ id: p.id, name: p.name, subscribeUrl: p.subscribeUrl, noApiKey: p.noApiKey })), async (result) => {
+            ctx.app.showLogin(providers.map(p => ({ id: p.id, name: p.name, description: p.description, subscribeUrl: p.subscribeUrl, noApiKey: p.noApiKey })), async (result) => {
                 if (result) {
                     setProvider(result.providerId);
                     await setApiKey(result.apiKey);
@@ -790,6 +814,168 @@ Format: use headers per category, only include categories where you found issues
             }).catch(() => ctx.app.notify('No changes tracked'));
             break;
         }
+        case 'cost': {
+            const { formatCostReport } = await import('../utils/tokenTracker.js');
+            ctx.app.addMessage({ role: 'system', content: formatCostReport() });
+            break;
+        }
+        case 'compact': {
+            const messages = ctx.app.getMessages();
+            const keepRecent = args[0] ? Math.max(2, parseInt(args[0], 10) || 4) : 4;
+            if (messages.length <= keepRecent + 2) {
+                ctx.app.notify(`Nothing to compact — only ${messages.length} message(s) in this session.`);
+                break;
+            }
+            ctx.app.notify(`Compacting ${messages.length - keepRecent} older message(s)…`);
+            const { compactHistory } = await import('../utils/context.js');
+            try {
+                const result = await compactHistory(messages, { keepRecent, projectContext: ctx.projectContext });
+                if (result.replaced === 0) {
+                    ctx.app.notify('Nothing to compact');
+                    break;
+                }
+                ctx.app.setMessages(result.compacted);
+                // Persist so the compacted history survives a restart.
+                saveSession(ctx.sessionId, result.compacted, ctx.projectPath);
+                ctx.app.addMessage({
+                    role: 'system',
+                    content: `# Conversation Compacted\n\nReplaced ${result.replaced} earlier message${result.replaced === 1 ? '' : 's'} with a summary. Kept the last ${keepRecent} message${keepRecent === 1 ? '' : 's'} verbatim.\n\n**Summary:**\n\n${result.summary}`,
+                });
+            }
+            catch (err) {
+                ctx.app.notify(`Compaction failed: ${err.message}`);
+            }
+            break;
+        }
+        case 'checkpoint': {
+            const sub = args[0]?.toLowerCase();
+            const { createCheckpoint, deleteCheckpoint, listCheckpoints, formatCheckpointList } = await import('../utils/checkpoints.js');
+            const { getCurrentSessionActions } = await import('../utils/agent.js');
+            if (sub === 'delete') {
+                const id = args[1];
+                if (!id) {
+                    ctx.app.notify('Usage: /checkpoint delete <id>');
+                    break;
+                }
+                ctx.app.notify(deleteCheckpoint(ctx.projectPath, id) ? `Deleted checkpoint ${id}` : `Checkpoint not found: ${id}`);
+                break;
+            }
+            if (sub === 'list') {
+                ctx.app.addMessage({ role: 'system', content: formatCheckpointList(listCheckpoints(ctx.projectPath)) });
+                break;
+            }
+            const name = args.join(' ').trim() || undefined;
+            const provider = getCurrentProvider();
+            const filesTouched = Array.from(new Set(getCurrentSessionActions()
+                .filter(a => a.target && (a.type === 'write' || a.type === 'edit' || a.type === 'delete' || a.type === 'mkdir'))
+                .map(a => a.target)));
+            const cp = createCheckpoint({
+                workspaceRoot: ctx.projectPath,
+                sessionId: ctx.sessionId,
+                provider: provider.id,
+                model: config.get('model'),
+                messages: ctx.app.getMessages(),
+                filesTouched,
+                name,
+            });
+            ctx.app.addMessage({
+                role: 'system',
+                content: `# Checkpoint created\n\n\`${cp.id}\`${cp.name ? ` — **${cp.name}**` : ''}\n\nCaptured ${cp.messages.length} message${cp.messages.length === 1 ? '' : 's'}, ${cp.filesTouched.length} file${cp.filesTouched.length === 1 ? '' : 's'} touched${cp.gitHead ? `, git \`${cp.gitHead}\`` : ''}.\n\nUse \`/rewind ${cp.id}\` to restore.`,
+            });
+            break;
+        }
+        case 'checkpoints': {
+            const { listCheckpoints, formatCheckpointList } = await import('../utils/checkpoints.js');
+            ctx.app.addMessage({ role: 'system', content: formatCheckpointList(listCheckpoints(ctx.projectPath)) });
+            break;
+        }
+        case 'openrouter': {
+            const { readOpenRouterPreferences, writeOpenRouterPreferences, formatOpenRouterPreferences } = await import('../utils/openrouterPrefs.js');
+            const sub = args[0]?.toLowerCase();
+            const current = readOpenRouterPreferences();
+            if (!sub || sub === 'show') {
+                ctx.app.addMessage({ role: 'system', content: formatOpenRouterPreferences(current) });
+                break;
+            }
+            if (sub === 'clear') {
+                writeOpenRouterPreferences(null);
+                ctx.app.notify('OpenRouter preferences cleared');
+                break;
+            }
+            if (sub === 'prefer') {
+                const list = args.slice(1).join(' ').split(',').map(s => s.trim()).filter(Boolean);
+                if (list.length === 0) {
+                    ctx.app.notify('Usage: /openrouter prefer <p1>[,<p2>...]');
+                    break;
+                }
+                writeOpenRouterPreferences({ ...current, order: list });
+                ctx.app.notify(`OpenRouter preference: ${list.join(' → ')}`);
+                break;
+            }
+            if (sub === 'ignore') {
+                const list = args.slice(1).join(' ').split(',').map(s => s.trim()).filter(Boolean);
+                if (list.length === 0) {
+                    ctx.app.notify('Usage: /openrouter ignore <p1>[,<p2>...]');
+                    break;
+                }
+                writeOpenRouterPreferences({ ...current, ignore: list });
+                ctx.app.notify(`OpenRouter ignoring: ${list.join(', ')}`);
+                break;
+            }
+            if (sub === 'fallbacks') {
+                const val = args[1]?.toLowerCase();
+                if (val !== 'on' && val !== 'off') {
+                    ctx.app.notify('Usage: /openrouter fallbacks on|off');
+                    break;
+                }
+                writeOpenRouterPreferences({ ...current, allow_fallbacks: val === 'on' });
+                ctx.app.notify(`Fallbacks ${val}`);
+                break;
+            }
+            if (sub === 'privacy') {
+                const val = args[1]?.toLowerCase();
+                if (val !== 'strict' && val !== 'allow') {
+                    ctx.app.notify('Usage: /openrouter privacy strict|allow');
+                    break;
+                }
+                writeOpenRouterPreferences({ ...current, data_collection: val === 'strict' ? 'deny' : 'allow' });
+                ctx.app.notify(`Privacy: ${val}`);
+                break;
+            }
+            ctx.app.notify(`Unknown subcommand: ${sub}`);
+            break;
+        }
+        case 'hooks': {
+            const { listInstalledHooks, formatHookList } = await import('../utils/hooks.js');
+            ctx.app.addMessage({ role: 'system', content: formatHookList(listInstalledHooks(ctx.projectPath)) });
+            break;
+        }
+        case 'rewind': {
+            const id = args[0];
+            if (!id) {
+                ctx.app.notify('Usage: /rewind <id> — run /checkpoints to see ids');
+                break;
+            }
+            const { loadCheckpoint, buildRewindGitHint } = await import('../utils/checkpoints.js');
+            const cp = loadCheckpoint(ctx.projectPath, id);
+            if (!cp) {
+                ctx.app.notify(`Checkpoint not found: ${id}`);
+                break;
+            }
+            const replacedCount = ctx.app.getMessages().length;
+            ctx.app.setMessages(cp.messages);
+            saveSession(ctx.sessionId, cp.messages, ctx.projectPath);
+            // Switch provider/model back to checkpoint state if different.
+            if (cp.provider && cp.provider !== getCurrentProvider().id)
+                setProvider(cp.provider);
+            if (cp.model && cp.model !== config.get('model'))
+                config.set('model', cp.model);
+            ctx.app.addMessage({
+                role: 'system',
+                content: `# Rewound to ${cp.name ? `**${cp.name}**` : `\`${cp.id}\``}\n\nRestored ${cp.messages.length} message${cp.messages.length === 1 ? '' : 's'} (was ${replacedCount}). Provider: \`${cp.provider}\` · Model: \`${cp.model}\`\n\n${buildRewindGitHint(cp)}`,
+            });
+            break;
+        }
         case 'context-save': {
             const messages = ctx.app.getMessages();
             if (saveSession(`context-${ctx.sessionId}`, messages, ctx.projectPath)) {
@@ -911,6 +1097,148 @@ Format: use headers per category, only include categories where you found issues
             break;
         }
         case 'skills': {
+            const sub = args[0]?.toLowerCase();
+            // Structured skill bundles (separate from the JSON skills in skills.ts).
+            if (sub === 'bundles' || sub === 'list-bundles') {
+                const { loadSkillBundles, formatBundleList } = await import('../utils/skillBundles.js');
+                ctx.app.addMessage({ role: 'system', content: formatBundleList(loadSkillBundles(ctx.projectPath)) });
+                break;
+            }
+            if (sub === 'create-bundle') {
+                const name = (args[1] ?? '').toLowerCase();
+                if (!/^[a-z0-9][a-z0-9-]*$/.test(name)) {
+                    ctx.app.notify('Usage: /skills create-bundle <name> — lowercase letters/digits/hyphens');
+                    break;
+                }
+                const { mkdirSync, writeFileSync, existsSync } = await import('fs');
+                const { join } = await import('path');
+                const dir = join(ctx.projectPath, '.codeep', 'skills', name);
+                if (existsSync(dir)) {
+                    ctx.app.notify(`Skill ${name} already exists`);
+                    break;
+                }
+                mkdirSync(dir, { recursive: true });
+                writeFileSync(join(dir, 'SKILL.md'), `---
+name: ${name}
+description: One-sentence summary shown in the agent's catalog.
+triggers:
+  - keyword
+  - phrase
+---
+
+# ${name}
+
+Describe what this skill does. The agent reads this body verbatim when it invokes the skill.
+
+## Steps
+
+1. First step
+2. Second step
+3. …
+`);
+                ctx.app.addMessage({
+                    role: 'system',
+                    content: `Created skill bundle at \`.codeep/skills/${name}/SKILL.md\`. Edit it, then \`/skills bundles\` to confirm.`,
+                });
+                break;
+            }
+            if (sub === 'show' || sub === 'detail') {
+                const name = args[1];
+                if (!name) {
+                    ctx.app.notify('Usage: /skills show <name>');
+                    break;
+                }
+                const { findSkillBundle } = await import('../utils/skillBundles.js');
+                const bundle = findSkillBundle(name, ctx.projectPath);
+                if (!bundle) {
+                    ctx.app.notify(`Skill ${name} not found`);
+                    break;
+                }
+                ctx.app.addMessage({
+                    role: 'system',
+                    content: `# ${bundle.name}\n_${bundle.description}_\n\n**Source:** ${bundle.source}\n\n---\n\n${bundle.body}`,
+                });
+                break;
+            }
+            // Marketplace operations against codeep.dev.
+            if (sub === 'publish') {
+                const slug = args[1];
+                if (!slug) {
+                    ctx.app.notify('Usage: /skills publish <slug> [--public]');
+                    break;
+                }
+                const isPublic = args.includes('--public');
+                ctx.app.notify(`Publishing ${slug} to codeep.dev…`);
+                const { publishBundle } = await import('../utils/skillBundlesCloud.js');
+                const result = await publishBundle(ctx.projectPath, slug, { isPublic });
+                if (!result.ok) {
+                    ctx.app.notify(`Publish failed: ${result.error}`);
+                    break;
+                }
+                ctx.app.addMessage({
+                    role: 'system',
+                    content: `Published \`${slug}\` (${isPublic ? 'public' : 'private'}) to codeep.dev. Install elsewhere with \`/skills install ${result.skill?.owner_username ?? '<you>'}/${slug}\`.`,
+                });
+                break;
+            }
+            if (sub === 'install') {
+                const target = args[1];
+                if (!target) {
+                    ctx.app.notify('Usage: /skills install <owner>/<slug>');
+                    break;
+                }
+                const { installBundle } = await import('../utils/skillBundlesCloud.js');
+                ctx.app.notify(`Fetching ${target}…`);
+                const result = await installBundle(ctx.projectPath, target);
+                if (!result.ok) {
+                    ctx.app.notify(`Install failed: ${result.error}`);
+                    break;
+                }
+                ctx.app.notify(`Installed ${result.name} to .codeep/skills/${result.name}/`);
+                break;
+            }
+            if (sub === 'browse') {
+                const query = args.slice(1).join(' ').trim();
+                const { browseSkills } = await import('../utils/skillBundlesCloud.js');
+                ctx.app.notify('Fetching marketplace…');
+                const result = await browseSkills({ query });
+                if (!result.ok) {
+                    ctx.app.notify(`Browse failed: ${result.error}`);
+                    break;
+                }
+                const skills = result.skills ?? [];
+                if (skills.length === 0) {
+                    ctx.app.addMessage({ role: 'system', content: query ? `_No public skills matching "${query}"._` : '_No public skills published yet._' });
+                    break;
+                }
+                const lines = [`# ${query ? `Skills matching "${query}"` : 'Public skills'}`, ''];
+                for (const s of skills.slice(0, 30)) {
+                    const owner = s.owner_username ?? s.github_id;
+                    const ver = s.version ? ` v${s.version}` : '';
+                    lines.push(`- **${s.name}** \`${owner}/${s.slug}\`${ver} — ${s.description} _(${s.install_count} installs)_`);
+                }
+                if (skills.length > 30)
+                    lines.push('', `_(showing first 30 of ${skills.length})_`);
+                lines.push('', 'Install with `/skills install <owner>/<slug>`.');
+                ctx.app.addMessage({ role: 'system', content: lines.join('\n') });
+                break;
+            }
+            if (sub === 'unpublish') {
+                const target = args[1];
+                if (!target) {
+                    ctx.app.notify('Usage: /skills unpublish <owner>/<slug>');
+                    break;
+                }
+                const { unpublishBundle } = await import('../utils/skillBundlesCloud.js');
+                const result = await unpublishBundle(target);
+                if (!result.ok) {
+                    ctx.app.notify(`Unpublish failed: ${result.error}`);
+                    break;
+                }
+                ctx.app.notify(`Unpublished ${target} from codeep.dev`);
+                break;
+            }
+            // Default: built-in JSON skills (legacy behaviour).
             import('../utils/skills.js').then(({ getAllSkills, searchSkills, formatSkillsList, getSkillStats }) => {
                 const query = args.join(' ').toLowerCase();
                 if (query === 'stats') {
@@ -1352,10 +1680,28 @@ Format: use headers per category, only include categories where you found issues
             ctx.app.notify(`Memory saved (${intelligence.notes.length} total): "${note}"`);
             break;
         }
-        default:
+        case 'commands': {
+            const { loadCustomCommands, formatCommandList } = await import('../utils/customCommands.js');
+            ctx.app.addMessage({ role: 'system', content: formatCommandList(loadCustomCommands(ctx.projectPath)) });
+            break;
+        }
+        default: {
+            // 1. Try custom user command (project + global Markdown templates).
+            const { findCustomCommand, expandCommand } = await import('../utils/customCommands.js');
+            const custom = findCustomCommand(command, ctx.projectPath);
+            if (custom) {
+                const expandedPrompt = expandCommand(custom, args);
+                ctx.app.notify(`Running custom command /${command} (${custom.scope})`);
+                ctx.app.addMessage({ role: 'user', content: expandedPrompt });
+                const { runAgentTask } = await import('./agentExecution.js');
+                runAgentTask(expandedPrompt, false, ctx, () => null, () => { });
+                break;
+            }
+            // 2. Fall through to skill registry.
             runSkill(command, args, ctx).then(handled => {
                 if (!handled)
                     ctx.app.notify(`Unknown command: /${command}`);
             });
+        }
     }
 }

package/dist/renderer/components/Login.d.ts

@@ -44,4 +44,5 @@ export declare class LoginScreen {
 export declare function renderProviderSelect(screen: Screen, providers: Array<{
     id: string;
     name: string;
+    description?: string;
 }>, selectedIndex: number): void;

package/dist/renderer/components/Login.js

@@ -190,15 +190,17 @@ export function renderProviderSelect(screen, providers, selectedIndex) {
     const { width, height } = screen.getSize();
     screen.clear();
     // Title
-    const title = '═══ Codeep Setup ═══';
+    const title = '═══ Welcome to Codeep ═══';
     const titleX = Math.floor((width - title.length) / 2);
     screen.write(titleX, 1, title, PRIMARY_COLOR + style.bold);
     // Subtitle
-    const subtitle = 'Select your AI provider';
+    const subtitle = 'Pick an AI provider — you can switch later with /provider';
     const subtitleX = Math.floor((width - subtitle.length) / 2);
     screen.write(subtitleX, 3, subtitle, fg.white);
-    // Box
-    const boxWidth = Math.min(40, width - 4);
+    // Box — wider so we can show name + description on a single row.
+    const longestName = providers.reduce((m, p) => Math.max(m, p.name.length), 0);
+    const longestDesc = providers.reduce((m, p) => Math.max(m, (p.description ?? '').length), 0);
+    const boxWidth = Math.min(width - 4, Math.max(60, 6 + longestName + 3 + longestDesc));
     const boxHeight = providers.length + 4;
     const { x: boxX, y: boxY } = centerBox(width, height, boxWidth, boxHeight);
     const boxLines = createBox({
@@ -212,19 +214,32 @@ export function renderProviderSelect(screen, providers, selectedIndex) {
     for (const line of boxLines) {
         screen.writeLine(line.y, line.text, line.style);
     }
-    // Provider list
+    // Provider list — name in white/bold-on-selected, dim description beside it.
+    // Description is clipped to the room remaining inside the box so it never
+    // overwrites the right border on narrow terminals (80-col laptop splits).
     const contentX = boxX + 3;
-    let contentY = boxY + 2;
+    const contentY = boxY + 2;
+    const nameColWidth = longestName + 2;
+    const descStartX = contentX + 2 + nameColWidth;
+    const boxInnerRight = boxX + boxWidth - 2;
+    const descBudget = Math.max(0, boxInnerRight - descStartX);
     for (let i = 0; i < providers.length; i++) {
         const provider = providers[i];
         const isSelected = i === selectedIndex;
         const prefix = isSelected ? '► ' : '  ';
-        const itemStyle = isSelected ? PRIMARY_BRIGHT + style.bold : fg.white;
-        screen.write(contentX, contentY + i, prefix + provider.name, itemStyle);
+        const nameStyle = isSelected ? PRIMARY_BRIGHT + style.bold : fg.white;
+        const descStyle = isSelected ? fg.white : fg.gray;
+        screen.write(contentX, contentY + i, prefix + provider.name.padEnd(nameColWidth), nameStyle);
+        if (provider.description && descBudget > 0) {
+            const desc = provider.description.length > descBudget
+                ? provider.description.slice(0, Math.max(1, descBudget - 1)) + '…'
+                : provider.description;
+            screen.write(descStartX, contentY + i, desc, descStyle);
+        }
     }
     // Footer
     const footerY = height - 2;
-    screen.write(2, footerY, '↑↓ Navigate | Enter Select', fg.gray);
+    screen.write(2, footerY, '↑↓ Navigate · Enter Select · Esc skip (provider chosen later)', fg.gray);
     screen.showCursor(false);
     screen.fullRender();
 }

package/dist/renderer/handlers.d.ts

@@ -26,7 +26,17 @@ export interface MenuHandlerContext {
     close(callback: ((item: SelectItem) => void) | null, selected: SelectItem | null): void;
     render(): void;
 }
-export declare function handleMenuKey(event: KeyEvent, ctx: MenuHandlerContext): void;
+/**
+ * Optional context for type-to-filter support. Callers that supply these
+ * get inline filtering: letters/digits append to `filter`, Backspace
+ * deletes, first Esc clears a non-empty filter, second Esc closes.
+ * Callers that omit them behave exactly as before (back-compat).
+ */
+export interface MenuFilterContext {
+    filter: string;
+    setFilter(v: string): void;
+}
+export declare function handleMenuKey(event: KeyEvent, ctx: MenuHandlerContext & Partial<MenuFilterContext>): void;
 declare const PERMISSION_OPTIONS: readonly ["read", "write", "none"];
 type PermissionLevel = typeof PERMISSION_OPTIONS[number];
 export interface PermissionHandlerContext {

package/dist/renderer/handlers.js

@@ -42,7 +42,14 @@ export function handleInlineHelpKey(event, ctx) {
     }
 }
 export function handleMenuKey(event, ctx) {
+    const supportsFilter = typeof ctx.setFilter === 'function';
     if (event.key === 'escape') {
+        // Two-stage Esc when filter is on: first clears the filter, second closes.
+        if (supportsFilter && ctx.filter) {
+            ctx.setFilter('');
+            ctx.render();
+            return;
+        }
         ctx.close(null, null);
         ctx.render();
         return;
@@ -71,6 +78,29 @@ export function handleMenuKey(event, ctx) {
         const selected = ctx.items[ctx.index];
         ctx.close(null, selected);
         ctx.render();
+        return;
+    }
+    if (!supportsFilter)
+        return;
+    // Backspace removes the last filter char.
+    if (event.key === 'backspace') {
+        if (ctx.filter) {
+            ctx.setFilter(ctx.filter.slice(0, -1));
+            ctx.render();
+        }
+        return;
+    }
+    // Single printable char (letters, digits, punctuation). Modifier-free,
+    // non-paste. We deliberately exclude bare-space at empty filter so a
+    // stray space doesn't kick the user into an unintended filtered view.
+    if (!event.ctrl && !event.alt && !event.isPaste && event.key.length === 1) {
+        const ch = event.key;
+        if (ch === ' ' && !ctx.filter)
+            return;
+        if (/^[\S ]$/.test(ch)) {
+            ctx.setFilter((ctx.filter ?? '') + ch);
+            ctx.render();
+        }
     }
 }
 // ─── Permission ──────────────────────────────────────────────────────────────

package/dist/renderer/main.js

@@ -540,10 +540,83 @@ Commands (in chat):
     welcomeLines.push(githubId
         ? `  Account  codeep.dev linked`
         : `  Account  not linked  ·  run: codeep account`);
+    // Warn before first use if this workspace defines project-scoped custom
+    // slash commands. They run as user prompts — a hostile or unfamiliar repo
+    // could ship `.codeep/commands/refactor.md` whose body silently sends
+    // something the user didn't intend. The banner is informed-consent;
+    // `/commands` shows the full bodies.
+    if (projectPath) {
+        try {
+            const { loadCustomCommands } = await import('../utils/customCommands.js');
+            const projectCustom = loadCustomCommands(projectPath).filter(c => c.scope === 'project');
+            if (projectCustom.length > 0) {
+                const list = projectCustom.slice(0, 6).map(c => `/${c.name}`).join(', ');
+                const more = projectCustom.length > 6 ? ` (+${projectCustom.length - 6} more)` : '';
+                welcomeLines.push('');
+                welcomeLines.push(`  ⚠  This workspace defines ${projectCustom.length} custom slash command${projectCustom.length === 1 ? '' : 's'}: ${list}${more}`);
+                welcomeLines.push('     Type /commands to review before invoking');
+            }
+        }
+        catch {
+            // Loading must never block the welcome banner.
+        }
+        // Same flag for lifecycle hooks — they're arbitrary shell that fires on
+        // tool calls. A surprise post_edit / pre_tool_call from a freshly cloned
+        // repo is exactly the kind of thing a user should be told up front.
+        try {
+            const { summarizeHooks } = await import('../utils/hooks.js');
+            const summary = summarizeHooks(projectPath);
+            if (summary) {
+                welcomeLines.push('');
+                welcomeLines.push(`  ⚠  ${summary} — shell hooks run automatically. Type /hooks to inspect.`);
+            }
+        }
+        catch {
+            // Don't block on hook discovery failure.
+        }
+        // Skill bundles — less dangerous than hooks but worth surfacing
+        // because the agent will invoke them autonomously.
+        try {
+            const { summarizeBundles } = await import('../utils/skillBundles.js');
+            const summary = summarizeBundles(projectPath);
+            if (summary) {
+                welcomeLines.push('');
+                welcomeLines.push(`  ℹ  This workspace ships ${summary}. Type /skills bundles to inspect.`);
+            }
+        }
+        catch {
+            // Don't block on skill discovery failure.
+        }
+    }
     welcomeLines.push('');
     welcomeLines.push('  /help  ·  Ctrl+L clear  ·  Esc cancel');
     app.addMessage({ role: 'welcome', content: welcomeLines.join('\n') });
     app.start();
+    // Spawn MCP servers in the background. They register against the fixed
+    // session id `codeep-tui` that runAgentTask passes into runAgent's
+    // `mcpSessionId` — so the agent picks up `.codeep/mcp_servers.json`
+    // entries (project + global) the same way an ACP client would.
+    if (projectPath) {
+        (async () => {
+            try {
+                const { loadMcpServerConfig } = await import('../utils/mcpConfig.js');
+                const { registerSessionServers } = await import('../utils/mcpRegistry.js');
+                const servers = loadMcpServerConfig(projectPath);
+                if (servers.length === 0)
+                    return;
+                const { registered, errors } = await registerSessionServers('codeep-tui', servers, { workspaceRoot: projectPath });
+                if (registered.length > 0) {
+                    app.notify(`MCP: ${registered.length} tool(s) from ${servers.length} server(s) ready. Type /mcp.`);
+                }
+                for (const e of errors) {
+                    app.notifyWarn(`MCP server "${e.server}" failed: ${e.error}`);
+                }
+            }
+            catch {
+                // Loading MCP must never block the TUI.
+            }
+        })();
+    }
     // Check for updates in background — show notify if new version available
     checkForUpdates().then(info => {
         if (info.hasUpdate) {

package/dist/utils/agent.d.ts

@@ -30,6 +30,23 @@ export interface AgentOptions {
         stderr: string;
         exitCode: number;
     }>;
+    /**
+     * Optional filesystem callbacks. When the ACP client advertises `fs`
+     * capability, the server populates these so read_file/write_file/edit_file
+     * tools route through the client (preserving dirty buffers and undo
+     * history) instead of touching disk directly. Falls back to disk if not
+     * provided or if a delegated call throws.
+     */
+    fs?: import('./toolExecution').FsCallbacks;
+    /**
+     * Optional ACP session id used to route MCP-prefixed tool calls
+     * (`<server>__<tool>`) to the per-session `mcpRegistry`. Not set in TUI
+     * mode (no MCP support there yet); set by `runAgentSession` in ACP mode.
+     * When set, the agent loop also fetches the session's MCP tool list and
+     * passes it into the provider's tool catalog so the model can invoke
+     * those tools natively.
+     */
+    mcpSessionId?: string;
     abortSignal?: AbortSignal;
     dryRun?: boolean;
     autoVerify?: 'off' | 'build' | 'typecheck' | 'test' | 'all' | boolean;