codex-overleaf-link 1.3.8 → 1.4.0

package/README.md

@@ -3,7 +3,7 @@
   <h1>Codex Overleaf Link</h1>
   <p><strong>Empower Overleaf with Codex.</strong></p>
   <p>
-    <img src="https://img.shields.io/badge/version-1.3.8-blue" alt="version">
+    <img src="https://img.shields.io/badge/version-1.4.0-blue" alt="version">
     <img src="https://img.shields.io/badge/platform-macOS%20%2F%20Windows%20%2F%20Linux-lightgrey" alt="platform">
     <img src="https://img.shields.io/badge/chrome-MV3-green" alt="chrome manifest v3">
     <img src="https://img.shields.io/badge/node-%3E%3D20-brightgreen" alt="node version">
@@ -38,14 +38,14 @@ One command installs the native host **and** sets up the extension: the script r
 macOS / Linux:
 
 ```bash
-CODEX_OVERLEAF_REF=v1.3.8 bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.3.8/install.sh)"
+CODEX_OVERLEAF_REF=v1.4.0 bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.4.0/install.sh)"
 ```
 
 Windows PowerShell:
 
 ```powershell
-iwr https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.3.8/install.ps1 -OutFile install.ps1
-$env:CODEX_OVERLEAF_REF='v1.3.8'
+iwr https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.4.0/install.ps1 -OutFile install.ps1
+$env:CODEX_OVERLEAF_REF='v1.4.0'
 powershell -ExecutionPolicy Bypass -File install.ps1
 ```
 
@@ -56,10 +56,10 @@ Then, in the `chrome://extensions` tab the script opened: enable **Developer mod
 `npm exec` installs and updates the **native host only** — it does not include the Chrome extension. Use it if you prefer a pinned npm package to a source checkout.
 
 ```bash
-npm exec --yes codex-overleaf-link@1.3.8 -- install-native
+npm exec --yes codex-overleaf-link@1.4.0 -- install-native
 ```
 
-Then add the extension yourself: download `codex-overleaf-link-extension-v1.3.8.zip` from the [v1.3.8 GitHub Release](https://github.com/Ghqqqq/codex-overleaf-link/releases/tag/v1.3.8), unzip it to a stable folder, and in `chrome://extensions` enable **Developer mode**, click **Load unpacked**, and select that folder.
+Then add the extension yourself: download `codex-overleaf-link-extension-v1.4.0.zip` from the [v1.4.0 GitHub Release](https://github.com/Ghqqqq/codex-overleaf-link/releases/tag/v1.4.0), unzip it to a stable folder, and in `chrome://extensions` enable **Developer mode**, click **Load unpacked**, and select that folder.
 
 ### Open Overleaf
 
@@ -86,9 +86,9 @@ npm installs, updates, uninstalls, and diagnoses the native host only. npm does
 
 | Action | Command |
 |--------|---------|
-| Install / update | `npm exec --yes codex-overleaf-link@1.3.8 -- install-native` |
-| Diagnose | `npm exec --yes codex-overleaf-link@1.3.8 -- doctor` |
-| Uninstall | `npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native` |
+| Install / update | `npm exec --yes codex-overleaf-link@1.4.0 -- install-native` |
+| Diagnose | `npm exec --yes codex-overleaf-link@1.4.0 -- doctor` |
+| Uninstall | `npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native` |
 
 Use `--extension-id <chrome-extension-id>` only for a custom/dev unpacked extension id that differs from the official bundled id.
 
@@ -98,13 +98,13 @@ To update, re-run any of the [native host installers](#install) — they install
 
 ## GitHub Release Artifacts
 
-The v1.3.8 GitHub Release contains:
+The v1.4.0 GitHub Release contains:
 
-- `codex-overleaf-link-extension-v1.3.8.zip`: loadable Chrome extension package for manual unpacked installation.
-- `codex-overleaf-native-host-v1.3.8.tar.gz`: native host runtime files used by the installer and release verification.
-- `codex-overleaf-link-1.3.8.tgz`: npm native host CLI package for pinned install, doctor, and uninstall flows.
-- `install.sh`: release-pinned macOS / Linux installer that defaults to `v1.3.8` when run directly from the release artifact.
-- `install.ps1`: release-pinned Windows PowerShell installer that defaults to `v1.3.8` when run directly from the release artifact.
+- `codex-overleaf-link-extension-v1.4.0.zip`: loadable Chrome extension package for manual unpacked installation.
+- `codex-overleaf-native-host-v1.4.0.tar.gz`: native host runtime files used by the installer and release verification.
+- `codex-overleaf-link-1.4.0.tgz`: npm native host CLI package for pinned install, doctor, and uninstall flows.
+- `install.sh`: release-pinned macOS / Linux installer that defaults to `v1.4.0` when run directly from the release artifact.
+- `install.ps1`: release-pinned Windows PowerShell installer that defaults to `v1.4.0` when run directly from the release artifact.
 - `uninstall-native-host.mjs`: native host uninstaller that removes the Chrome Native Messaging manifest, bridge executable, and runtime copy.
 - `nativeHostPlatform.js`, `manifest.js`, `runtimeInstaller.js`: helper files required by the loose uninstaller asset.
 - `SHA256SUMS` and `release-manifest.json`: checksum and artifact metadata for release verification.
@@ -115,7 +115,7 @@ The v1.3.8 GitHub Release contains:
 Remove the native host (use `--browser chromium` on Linux Chromium):
 
 ```bash
-npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native
+npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native
 ```
 
 The same command works on Windows PowerShell. If you installed from a manual checkout or source installer, you can also run `npm run uninstall:native` inside the repo, use `node ~/.codex-overleaf/source/scripts/uninstall-native-host.mjs` on macOS / Linux, or use `node $env:LOCALAPPDATA\CodexOverleaf\source\scripts\uninstall-native-host.mjs` on Windows PowerShell.
@@ -150,13 +150,13 @@ Then remove the extension from `chrome://extensions`. To delete local data: on m
 Linux Chromium install or update:
 
 ```bash
-CODEX_OVERLEAF_REF=v1.3.8 bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.3.8/install.sh)" -- --browser chromium
+CODEX_OVERLEAF_REF=v1.4.0 bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ghqqqq/codex-overleaf-link/v1.4.0/install.sh)" -- --browser chromium
 ```
 
 Linux Chromium uninstall:
 
 ```bash
-npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native --browser chromium
+npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native --browser chromium
 ```
 
 ## Features
@@ -289,7 +289,7 @@ Composer attachments are turn-scoped Codex context. Limits are 8 attachments per
 Re-run any [native host installer](#install), reload the extension in `chrome://extensions`, then refresh the Overleaf tab. This also fixes extension/native version mismatch and native protocol mismatch.
 
 ```bash
-npm exec --yes codex-overleaf-link@1.3.8 -- install-native
+npm exec --yes codex-overleaf-link@1.4.0 -- install-native
 ```
 
 **The Windows popup or panel shows a Bash recovery command**
@@ -338,8 +338,8 @@ Use this matrix for release-candidate signoff and compatibility reports. Record
 | Browser/channel/version | Google Chrome channel and version. | Google Chrome channel and version. | Google Chrome channel and version. | Chromium channel/package and version. |
 | Install mode | Manual unpacked extension from GitHub Release zip or checkout. | Manual unpacked extension from GitHub Release zip or checkout. | Manual unpacked extension from GitHub Release zip or checkout. | Manual unpacked extension from GitHub Release zip or checkout; native host installed with `--browser chromium`. |
 | Extension id | Bundled id `illdpneeeopfffmiepaejglgmhpmdhdc`, or actual custom id passed with `--extension-id`. | Bundled id `illdpneeeopfffmiepaejglgmhpmdhdc`, or actual custom id passed with `--extension-id`. | Bundled id `illdpneeeopfffmiepaejglgmhpmdhdc`, or actual custom id passed with `--extension-id`. | Bundled id `illdpneeeopfffmiepaejglgmhpmdhdc`, or actual custom id passed with `--extension-id`. |
-| Installer/update command | `npm exec --yes codex-overleaf-link@1.3.8 -- install-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- install-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- install-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- install-native --browser chromium` |
-| Uninstall command | `npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.3.8 -- uninstall-native --browser chromium` |
+| Installer/update command | `npm exec --yes codex-overleaf-link@1.4.0 -- install-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- install-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- install-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- install-native --browser chromium` |
+| Uninstall command | `npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native` | `npm exec --yes codex-overleaf-link@1.4.0 -- uninstall-native --browser chromium` |
 | Manifest/registry path | `~/Library/Application Support/Google/Chrome/NativeMessagingHosts/com.codex.overleaf.json` | `HKCU\Software\Google\Chrome\NativeMessagingHosts\com.codex.overleaf` -> `%LOCALAPPDATA%\CodexOverleaf\native-host-runtime\com.codex.overleaf.json` | `~/.config/google-chrome/NativeMessagingHosts/com.codex.overleaf.json` | `~/.config/chromium/NativeMessagingHosts/com.codex.overleaf.json` |
 | Bridge/runtime/source path | Bridge `~/.codex-overleaf/codex-overleaf-bridge`; runtime `~/.codex-overleaf/native-host-runtime`; source `~/.codex-overleaf/source`. | Bridge `%LOCALAPPDATA%\CodexOverleaf\codex-overleaf-bridge.cmd`; runtime `%LOCALAPPDATA%\CodexOverleaf\native-host-runtime`; source `%LOCALAPPDATA%\CodexOverleaf\source`. | Bridge `~/.codex-overleaf/codex-overleaf-bridge`; runtime `~/.codex-overleaf/native-host-runtime`; source `~/.codex-overleaf/source`. | Bridge `~/.codex-overleaf/codex-overleaf-bridge`; runtime `~/.codex-overleaf/native-host-runtime`; source `~/.codex-overleaf/source`. |
 | Node/Git/Codex/TeX | Node.js >= 20; Git; Codex CLI installed and logged in; TeX optional. | Node.js >= 20; Git; Codex CLI installed and logged in; TeX optional. | Node.js >= 20; Git; Codex CLI installed and logged in; TeX optional. | Node.js >= 20; Git; Codex CLI installed and logged in; TeX optional. |

package/extension/src/shared/agentTranscript.js

@@ -502,40 +502,53 @@
   function translateRawError(message, context = {}) {
     const locale = normalizeLocale(context);
     const text = String(message || '');
+    // Each branch returns the user-visible {conclusion, nextStep} pair and,
+    // when the error maps to a structured FailureReason code in the v1.3.8
+    // catalog, the `failureCode`. Callers that emit a content-side failure
+    // event can attach the catalog code so the run record carries structured
+    // failure data alongside the human-readable text. The string text is kept
+    // verbatim because it has mode-aware nuance (e.g. "No files were written"
+    // vs "This run did not start") the catalog's fallback strings don't capture.
     if (/Mode must be "confirm" or "auto"/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有写入：当前是“只问不改”，但这个任务需要写入权限。', 'No files were written: this task needs write access, but the current mode is Ask.'),
-        nextStep: textFor(locale, '请切换到“建议修改”或“自动写入”后重新运行。', 'Switch to Suggest or Auto and run the task again.')
+        nextStep: textFor(locale, '请切换到“建议修改”或“自动写入”后重新运行。', 'Switch to Suggest or Auto and run the task again.'),
+        failureCode: null  // no direct catalog match — preflight / governance
       };
     }
     if (/Agent returned invalid JSON/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有写入：Codex 已结束，但本地桥接器没有读到可用结果。', 'No files were written: Codex finished, but the local bridge did not receive a usable result.'),
-        nextStep: textFor(locale, '请重新运行一次；如果再次失败，请打开技术详情查看本地 Codex 输出。', 'Run it again. If it fails again, open Technical Details to inspect local Codex output.')
+        nextStep: textFor(locale, '请重新运行一次；如果再次失败，请打开技术详情查看本地 Codex 输出。', 'Run it again. If it fails again, open Technical Details to inspect local Codex output.'),
+        failureCode: 'codex_result_parse_failed'
       };
     }
     if (/Could not parse Codex output/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有写入：Codex 返回的结果格式不完整。', 'No files were written: Codex returned an incomplete result format.'),
-        nextStep: textFor(locale, '请重新运行一次；如果再次失败，请打开技术详情查看原始输出。', 'Run it again. If it fails again, open Technical Details to inspect the raw output.')
+        nextStep: textFor(locale, '请重新运行一次；如果再次失败，请打开技术详情查看原始输出。', 'Run it again. If it fails again, open Technical Details to inspect the raw output.'),
+        failureCode: 'codex_result_parse_failed'
       };
     }
     if (/timed out/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有写入：本地 Codex 长时间没有完成。', 'No files were written: local Codex took too long to finish.'),
-        nextStep: textFor(locale, '请检查本机 Codex 是否仍在运行；如果没有进展，可以中断后缩小 @context 再重试。', 'Check whether local Codex is still running. If there is no progress, cancel and retry with smaller @context.')
+        nextStep: textFor(locale, '请检查本机 Codex 是否仍在运行；如果没有进展，可以中断后缩小 @context 再重试。', 'Check whether local Codex is still running. If there is no progress, cancel and retry with smaller @context.'),
+        failureCode: 'codex_timeout'
       };
     }
     if (/output limit exceeded/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有写入：本地 Codex 输出过长，桥接器停止读取。', 'No files were written: local Codex output was too large, so the bridge stopped reading.'),
-        nextStep: textFor(locale, '请缩小 @context 后重试，或在技术详情中查看输出限制。', 'Retry with smaller @context, or open Technical Details to inspect the output limit.')
+        nextStep: textFor(locale, '请缩小 @context 后重试，或在技术详情中查看输出限制。', 'Retry with smaller @context, or open Technical Details to inspect the output limit.'),
+        failureCode: 'codex_output_limit'
       };
     }
     if (/codex_not_found|Codex CLI was not found|ENOENT/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有启动：本机没有找到 Codex CLI。', 'This run did not start: Codex CLI was not found locally.'),
-        nextStep: textFor(locale, '请确认终端里可以运行 `codex`，然后重新安装 native host 或刷新扩展后重试。', 'Confirm `codex` works in Terminal, then reinstall the native host or reload the extension.')
+        nextStep: textFor(locale, '请确认终端里可以运行 `codex`，然后重新安装 native host 或刷新扩展后重试。', 'Confirm `codex` works in Terminal, then reinstall the native host or reload the extension.'),
+        failureCode: 'codex_not_found'
       };
     }
     if (/project_locked|currently in use by codex\.run/i.test(text)) {
@@ -545,31 +558,36 @@
           'This run did not start: another Codex task is already running for this Overleaf project.'),
         nextStep: textFor(locale,
           '请等待当前任务完成，或先取消当前任务后再重试。',
-          'Wait for the current task to finish, or cancel it before retrying.')
+          'Wait for the current task to finish, or cancel it before retrying.'),
+        failureCode: 'codex_project_locked'
       };
     }
     if (/unsupported[_ ]parameter/i.test(text) && /reasoning\.summary|summary/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有继续：当前 Codex 模型不支持插件请求的推理摘要参数。', 'This run did not continue: the selected Codex model does not support the requested reasoning summary parameter.'),
-        nextStep: textFor(locale, '请刷新扩展并重新运行；插件会按模型能力自动去掉不兼容参数。', 'Reload the extension and run again; the plugin will omit incompatible parameters based on model capability.')
+        nextStep: textFor(locale, '请刷新扩展并重新运行；插件会按模型能力自动去掉不兼容参数。', 'Reload the extension and run again; the plugin will omit incompatible parameters based on model capability.'),
+        failureCode: 'native_protocol_incompatible'
       };
     }
     if (/quota|kQuotaBytes|QUOTA_BYTES/i.test(text)) {
       return {
         conclusion: textFor(locale, 'Codex 结果已经生成，但本地会话记录超出 Chrome 存储配额。', 'Codex produced a result, but local session history exceeded Chrome storage quota.'),
-        nextStep: textFor(locale, '请删除一些旧 session，或刷新扩展后重试；这不是论文分析本身失败。', 'Delete older sessions or reload the extension and retry. The paper analysis itself did not fail.')
+        nextStep: textFor(locale, '请删除一些旧 session，或刷新扩展后重试；这不是论文分析本身失败。', 'Delete older sessions or reload the extension and retry. The paper analysis itself did not fail.'),
+        failureCode: 'storage_quota_exceeded'
       };
     }
     if (/checkpoint/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有自动写入：Codex 没有拿到可恢复版本。', 'This run did not auto-write: Codex did not get a recoverable version.'),
-        nextStep: textFor(locale, '请切换到“建议修改”，或确认 Overleaf Reviewing 已开启后再用“自动写入”。', 'Switch to Suggest, or confirm Overleaf Reviewing is enabled before using Auto.')
+        nextStep: textFor(locale, '请切换到“建议修改”，或确认 Overleaf Reviewing 已开启后再用“自动写入”。', 'Switch to Suggest, or confirm Overleaf Reviewing is enabled before using Auto.'),
+        failureCode: null  // no current catalog code; preflight reviewing issue
       };
     }
     if (/changed while Codex was working|任务执行期间被你或协作者改过/i.test(text)) {
       return {
         conclusion: textFor(locale, '这轮没有覆盖文件：任务执行期间文件被你或协作者改过。', 'No file was overwritten: a file changed while Codex was working.'),
-        nextStep: textFor(locale, '请先确认 Overleaf 当前内容，再重新运行任务。', 'Review the current Overleaf content, then run the task again.')
+        nextStep: textFor(locale, '请先确认 Overleaf 当前内容，再重新运行任务。', 'Review the current Overleaf content, then run the task again.'),
+        failureCode: 'stale_source_changed'
       };
     }
 
@@ -585,14 +603,16 @@
           'Codex returned a result, but local post-processing of this run failed.'),
         nextStep: textFor(locale,
           '请打开技术详情查看错误。Codex 的回答仍保留在会话中。',
-          'Open Technical Details to inspect the error. Codex\'s answer is preserved in the conversation.')
+          'Open Technical Details to inspect the error. Codex\'s answer is preserved in the conversation.'),
+        failureCode: null  // post-processing path; the real error already attached its own structured failure
       };
     }
     return {
       conclusion: context.mode === 'ask'
         ? textFor(locale, '这轮只问不改没有完成：本地 Codex 没有正常完成，因此没有生成最终说明。', 'This Ask run did not complete: local Codex did not finish normally, so no final answer was generated.')
         : textFor(locale, '这轮任务失败：本地 Codex 没有返回可用结果，未确认任何写入。', 'This task failed: local Codex returned no usable result, so no writes were confirmed.'),
-      nextStep: textFor(locale, '请查看技术详情，处理本地 Codex 错误后重试。', 'Open Technical Details, resolve the local Codex error, and retry.')
+      nextStep: textFor(locale, '请查看技术详情，处理本地 Codex 错误后重试。', 'Open Technical Details, resolve the local Codex error, and retry.'),
+      failureCode: 'codex_no_usable_result'
     };
   }
 

package/extension/src/shared/compatibility.js

@@ -12,7 +12,7 @@
   const MIN_NATIVE_VERSION = '1.0.0';
   const MIN_COMPATIBLE_NATIVE_VERSION = '1.0.0';
   const MIN_COMPATIBLE_EXTENSION_VERSION = '1.0.0';
-  const BUILD_TARGET_VERSION = '1.3.8';
+  const BUILD_TARGET_VERSION = '1.4.0';
   const DEFAULT_CHROME_EXTENSION_ID = 'illdpneeeopfffmiepaejglgmhpmdhdc';
   const REQUIRED_CAPABILITIES = Object.freeze([
     'bridgePing',

package/extension/src/shared/failureReasons.js

@@ -164,7 +164,7 @@
       fallbackNextAction: 'Review written files; use Undo written parts if needed.'
     },
 
-    // 9.0+ — write-safety primitive (welcome-panel + writeback project-ID guard v1.3.8 add-on)
+    // 9.0+ — write-safety primitive (welcome-panel + writeback project-ID guard)
     aborted_project_changed: {
       stage: 'write', severity: 'blocked', defaultRetryable: true,
       fallbackUserMessage: 'Codex stopped a write because Overleaf switched to a different project mid-run.',
@@ -303,6 +303,21 @@
       fallbackUserMessage: 'The local run was cancelled.',
       fallbackNextAction: 'Start a new run.'
     },
+    codex_timeout: {
+      stage: 'codex', severity: 'error', defaultRetryable: true,
+      fallbackUserMessage: 'Local Codex took too long to finish.',
+      fallbackNextAction: 'Check whether local Codex is still running; cancel and retry with smaller @context.'
+    },
+    codex_output_limit: {
+      stage: 'codex', severity: 'error', defaultRetryable: true,
+      fallbackUserMessage: 'Local Codex output was too large; the bridge stopped reading.',
+      fallbackNextAction: 'Retry with smaller @context, or open Technical Details to inspect the output limit.'
+    },
+    codex_not_found: {
+      stage: 'codex', severity: 'blocked', defaultRetryable: true,
+      fallbackUserMessage: 'Codex CLI was not found on this machine.',
+      fallbackNextAction: 'Confirm `codex` works in Terminal, then reinstall the native host or reload the extension.'
+    },
 
     // 9.8 Storage
     storage_quota_exceeded: {

package/extension/src/shared/i18n.js

@@ -188,9 +188,13 @@
       settingsScopeGlobalSubtitle: 'Skill loading settings that apply across all Overleaf projects.',
       governanceRulesTitle: 'Governance Rules',
       governanceReadonlyPatterns: 'Read-only patterns',
+      governanceReadonlyHelp: 'Files Codex must never modify — one glob per line.',
       governanceWritablePatterns: 'Writable patterns',
+      governanceWritableHelp: 'Files Codex may edit — one glob per line.',
       sensitiveCheckEnabled: 'Check for sensitive content before Codex runs',
+      sensitiveCheckHelp: 'Scan project files for secrets and personal data before each run.',
       sensitiveConfirmAllowed: 'Allow explicit confirmation when sensitive findings exist',
+      sensitiveConfirmHelp: 'Lets you review and proceed when the scan flags something.',
       sensitiveConfirmTitle: 'Sensitive Content Found',
       sensitiveConfirmMessage: 'Codex found possible sensitive content. Raw detected secrets are not shown here. Continue only if this project context may be sent to Codex.',
       sensitiveConfirmRun: 'Run anyway',
@@ -198,6 +202,7 @@
       codexOverleafSkillsEmpty: 'No Codex Overleaf skills installed.',
       codexOverleafSkillsDisabled: 'Codex Overleaf skills are disabled for runs.',
       loadCodexLocalSkills: 'Load local Codex skills',
+      loadCodexLocalSkillsHelp: 'Pull skills from your local Codex installation.',
       loadCodexOverleafSkills: 'Load Codex Overleaf skills',
       localSkillRemove: 'Remove',
       localSkillRemoveConfirm: 'Confirm',
@@ -221,6 +226,7 @@
       binaryAssetConfirm: 'Write assets',
       binaryAssetCancel: 'Skip assets',
       personalizationConfig: 'Personalization',
+      personalizationHelp: 'Style, terminology, and LaTeX conventions Codex should follow in this project.',
       settingsSaved: 'Saved',
       settingsSaving: 'Saving…',
       technicalDetails: 'Technical Details',
@@ -344,13 +350,19 @@
       failureReason_codex_no_usable_result_next: 'Open Technical Details and resolve the local Codex error.',
       failureReason_codex_project_locked_user: 'Another Codex task is already running for this Overleaf project.',
       failureReason_codex_project_locked_next: 'Wait for the active task to finish, or cancel it before retrying.',
+      failureReason_codex_timeout_user: 'Local Codex took too long to finish.',
+      failureReason_codex_timeout_next: 'Check whether local Codex is still running. If there is no progress, cancel and retry with smaller @context.',
+      failureReason_codex_output_limit_user: 'Local Codex output was too large, so the bridge stopped reading.',
+      failureReason_codex_output_limit_next: 'Retry with smaller @context, or open Technical Details to inspect the output limit.',
+      failureReason_codex_not_found_user: 'Codex CLI was not found on this machine.',
+      failureReason_codex_not_found_next: 'Confirm `codex` works in Terminal, then reinstall the native host or reload the extension.',
       failureReason_storage_quota_exceeded_user: 'Browser storage quota was exceeded.',
       failureReason_storage_quota_exceeded_next: 'Clear old run history or reduce attachments.',
       failureReason_aborted_project_changed_user: 'Codex stopped a write because Overleaf switched to a different project mid-run.',
       failureReason_aborted_project_changed_next: 'Reopen the original project and rerun the task if you still want this change.',
       failureReason_editor_project_id_unavailable_user: 'Codex could not confirm which Overleaf project the editor is showing, so it did not write.',
       failureReason_editor_project_id_unavailable_next: 'Refresh the Overleaf tab and retry; if it persists, reload the extension.',
-      // Welcome-panel + write-guard v1.3.8 add-on (Task 5): Recent-projects
+      // Welcome-panel + write-guard: Recent-projects
       // variant copy. Spec §5.3–§5.5, §5.8, §5.10 are the source of truth.
       recentProjects_welcome: 'Codex Overleaf Link',
       recentProjects_welcome_subtitle: 'Open a project from the Overleaf list on the left to start.',
@@ -546,9 +558,13 @@
       settingsScopeGlobalSubtitle: '适用于所有 Overleaf 项目的技能加载设置。',
       governanceRulesTitle: '治理规则',
       governanceReadonlyPatterns: '只读路径规则',
+      governanceReadonlyHelp: 'Codex 绝不可修改的文件，每行一个 glob 规则。',
       governanceWritablePatterns: '可写路径规则',
+      governanceWritableHelp: 'Codex 允许编辑的文件，每行一个 glob 规则。',
       sensitiveCheckEnabled: 'Codex 运行前检查敏感内容',
+      sensitiveCheckHelp: '每次运行前扫描项目文件中的密钥和个人信息。',
       sensitiveConfirmAllowed: '发现敏感内容时允许显式确认后继续',
+      sensitiveConfirmHelp: '当扫描发现可疑内容时，允许你审阅后再继续。',
       sensitiveConfirmTitle: '发现敏感内容',
       sensitiveConfirmMessage: 'Codex 发现了可能的敏感内容。这里不会显示原始密钥或秘密值。只有在确认可以把这些项目上下文发送给 Codex 时才继续。',
       sensitiveConfirmRun: '仍然运行',
@@ -556,6 +572,7 @@
       codexOverleafSkillsEmpty: '没有安装 Codex Overleaf 专属技能。',
       codexOverleafSkillsDisabled: '运行时已禁用 Codex Overleaf 专属技能。',
       loadCodexLocalSkills: '加载 Codex 本地技能',
+      loadCodexLocalSkillsHelp: '从本地 Codex 安装中拉取技能。',
       loadCodexOverleafSkills: '加载 Codex Overleaf 专属技能',
       localSkillRemove: '删除',
       localSkillRemoveConfirm: '确认',
@@ -579,6 +596,7 @@
       binaryAssetConfirm: '写入资源',
       binaryAssetCancel: '跳过资源',
       personalizationConfig: '个性化配置',
+      personalizationHelp: 'Codex 在本项目中应遵循的风格、术语和 LaTeX 约定。',
       settingsSaved: '已保存',
       settingsSaving: '保存中…',
       technicalDetails: '技术细节',
@@ -701,13 +719,19 @@
       failureReason_codex_no_usable_result_next: '请打开“技术细节”排查本地 Codex 错误。',
       failureReason_codex_project_locked_user: '同一个 Overleaf 项目里已经有一轮 Codex 任务正在运行。',
       failureReason_codex_project_locked_next: '请等待当前任务完成，或先取消当前任务后再重试。',
+      failureReason_codex_timeout_user: '本地 Codex 长时间没有完成。',
+      failureReason_codex_timeout_next: '请检查本机 Codex 是否仍在运行；如果没有进展，可以中断后缩小 @context 再重试。',
+      failureReason_codex_output_limit_user: '本地 Codex 输出过长，桥接器停止读取。',
+      failureReason_codex_output_limit_next: '请缩小 @context 后重试，或在技术详情中查看输出限制。',
+      failureReason_codex_not_found_user: '本机没有找到 Codex CLI。',
+      failureReason_codex_not_found_next: '请确认终端里可以运行 `codex`，然后重新安装 native host 或刷新扩展后重试。',
       failureReason_storage_quota_exceeded_user: '浏览器本地存储配额已超出。',
       failureReason_storage_quota_exceeded_next: '请清理旧的运行历史，或减少附件大小。',
       failureReason_aborted_project_changed_user: 'Codex 已停止一次写入，因为 Overleaf 在写入过程中切换到了另一个项目。',
       failureReason_aborted_project_changed_next: '如仍需此次改动，请回到原项目后重新运行任务。',
       failureReason_editor_project_id_unavailable_user: 'Codex 无法确认当前 Overleaf 编辑器对应的项目，因此没有写入。',
       failureReason_editor_project_id_unavailable_next: '请刷新 Overleaf 页面后重试；如果仍然失败，请重新加载扩展。',
-      // Welcome-panel + write-guard v1.3.8 add-on (Task 5): Recent-projects
+      // Welcome-panel + write-guard: Recent-projects
       // variant copy. 见 spec §5.3–§5.5、§5.8、§5.10。
       recentProjects_welcome: 'Codex Overleaf Link',
       recentProjects_welcome_subtitle: '从左侧 Overleaf 项目列表中打开任意项目即可开始。',

package/extension/src/shared/pathRedaction.js

@@ -8,7 +8,7 @@
   'use strict';
 
   // -------------------------------------------------------------------------
-  // Welcome-panel + write-guard v1.3.8 add-on (Fix C / spec §5.6.2).
+  // Welcome-panel + write-guard:
   //
   // Canonical local-path sanitizer shared between `computeSafeTaskSummary`
   // (sessionState) and the storage-side audit redaction helpers
@@ -95,19 +95,6 @@
     'gi'
   );
 
-  // Quick predicate — used by callers that only want to do the (more
-  // expensive) substitution pass when there's actually something to strip.
-  const MIGHT_CONTAIN_LOCAL_PATH_PATTERN = new RegExp(
-    [
-      'file:\\/{2,3}',
-      '(?:\\\\\\\\|\\/\\/)[A-Za-z0-9._-]+[\\\\\\/]',
-      '[A-Za-z]:[\\\\\\/]',
-      '\\/(?:' + UNIX_TOPLEVELS.join('|') + ')\\/',
-      '\\.codex-overleaf[\\\\\\/]projects[\\\\\\/]'
-    ].join('|'),
-    'i'
-  );
-
   // Replace every absolute-local-path token in `value` with `placeholder`.
   // Default placeholder is `<local-path>` to match the prior summary-side
   // sanitizer. The storage-side audit redactor uses a richer `[local path]`
@@ -124,20 +111,7 @@
     return value.replace(ABSOLUTE_PATH_PATTERN, token);
   }
 
-  function mightContainLocalPath(value) {
-    if (typeof value !== 'string' || !value) {
-      return false;
-    }
-    return MIGHT_CONTAIN_LOCAL_PATH_PATTERN.test(value);
-  }
-
   return {
-    redactLocalPaths,
-    mightContainLocalPath,
-    // Exposed so the storage-side audit redactor (which formats per-token
-    // placeholders with line-suffix preservation) can iterate the same set
-    // without duplicating the regex source.
-    ABSOLUTE_PATH_PATTERN,
-    UNIX_TOPLEVELS
+    redactLocalPaths
   };
 });

package/extension/src/shared/sensitiveScan.js

@@ -12,6 +12,12 @@
     { id: 'private-key', pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----/gi },
     { id: 'bearer-token', pattern: /\bBearer\s+[A-Za-z0-9._~+/=-]{12,}\b/gi },
     { id: 'api-token', pattern: /\b(?:(?:ghp|github_pat|xox[baprs])_[A-Za-z0-9_=-]{16,}|sk-[A-Za-z0-9_-]{16,})\b/gi },
+    { id: 'aws-access-key', pattern: /\bAKIA[0-9A-Z]{16}\b/g },
+    { id: 'google-api-key', pattern: /\bAIza[0-9A-Za-z_-]{35}\b/g },
+    { id: 'huggingface-token', pattern: /\bhf_[A-Za-z0-9]{20,}\b/g },
+    { id: 'gitlab-token', pattern: /\bglpat-[A-Za-z0-9_-]{20,}\b/g },
+    { id: 'stripe-live-secret', pattern: /\bsk_live_[A-Za-z0-9]{16,}\b/g },
+    { id: 'jwt-token', pattern: /\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g },
     {
       id: 'secret-assignment',
       pattern: /\b(?:api[_-]?key|token|secret|password|passwd)\b\s*[:=]\s*["']?[^"'\s,;]{4,}/gi
@@ -106,11 +112,8 @@
   }
 
   return {
-    DETECTORS,
     scanSensitiveText,
     scanSensitiveProjectFiles,
-    scanSensitiveInputs,
-    buildRedactedPreview,
-    redactPreviewLine
+    scanSensitiveInputs
   };
 });

package/extension/src/shared/sessionState.js

@@ -602,7 +602,7 @@
     }
   }
 
-  // Welcome-panel + write-guard v1.3.8 add-on (Task 2): the run lifecycle now
+  // Welcome-panel + write-guard: the run lifecycle now
   // settles on three additional values when the user navigates away mid-run
   // and the original run completes (or aborts) in the background. They land on
   // the ORIGINAL project's session record, not the active one. The catalog is
@@ -635,16 +635,29 @@
   function normalizeRunEvents(events) {
     return (Array.isArray(events) ? events : [])
       .filter(event => event && typeof event.title === 'string')
-      .map(event => ({
-        title: sanitizeAssistantVisibleText(event.title) || 'Event',
-        status: typeof event.status === 'string' ? event.status : 'info',
-        detail: sanitizeAssistantVisibleValue(event.detail),
-        timestamp: typeof event.timestamp === 'string' ? event.timestamp : '',
-        kind: typeof event.kind === 'string' ? event.kind : 'activity',
-        technicalDetail: sanitizeAssistantVisibleValue(event.technicalDetail),
-        streamKey: sanitizeAssistantVisibleText(event.streamKey),
-        streamRole: sanitizeAssistantVisibleText(event.streamRole)
-      }))
+      .map(event => {
+        const normalized = {
+          title: sanitizeAssistantVisibleText(event.title) || 'Event',
+          status: typeof event.status === 'string' ? event.status : 'info',
+          detail: sanitizeAssistantVisibleValue(event.detail),
+          timestamp: typeof event.timestamp === 'string' ? event.timestamp : '',
+          kind: typeof event.kind === 'string' ? event.kind : 'activity',
+          technicalDetail: sanitizeAssistantVisibleValue(event.technicalDetail),
+          streamKey: sanitizeAssistantVisibleText(event.streamKey),
+          streamRole: sanitizeAssistantVisibleText(event.streamRole)
+        };
+        // Preserve the structured completion-report payload and the structured
+        // failure across reload. Without these the report re-renders via the
+        // flat legacy path (Write result / Undo / Next NOT demoted into the
+        // muted meta block) and the recovery action button disappears.
+        if (event.detailStructured) {
+          normalized.detailStructured = sanitizeAssistantVisibleValue(event.detailStructured);
+        }
+        if (event.failure) {
+          normalized.failure = sanitizeAssistantVisibleValue(event.failure);
+        }
+        return normalized;
+      })
       .slice(-MAX_RUN_EVENTS);
   }
 
@@ -906,7 +919,7 @@
       requireReviewing: session.requireReviewing !== false,
       focusFiles: normalizeFocusFiles(session.focusFiles)
     };
-    // Welcome-panel + write-guard v1.3.8 add-on (Task 3): preserve the four
+    // Welcome-panel + write-guard: preserve the four
     // Recent-projects fields through compaction so they round-trip when state
     // is reloaded from chrome.storage.local. The active record builder in
     // `buildSessionRecord` is the canonical writer; this branch preserves an
@@ -1010,6 +1023,14 @@
         if (detail !== undefined) {
           compact.detail = detail;
         }
+        // Keep the structured report payload + structured failure so the
+        // demoted meta block and the recovery action survive a reload.
+        if (event.detailStructured) {
+          compact.detailStructured = sanitizeAssistantVisibleValue(event.detailStructured);
+        }
+        if (event.failure) {
+          compact.failure = sanitizeAssistantVisibleValue(event.failure);
+        }
         return compact;
       });
   }
@@ -1129,7 +1150,7 @@
     return Math.round(Math.min(760, Math.max(340, width)));
   }
 
-  // Welcome-panel + write-guard v1.3.8 add-on (Task 3): the Recent-projects
+  // Welcome-panel + write-guard: the Recent-projects
   // dashboard variant renders one sanitized line per project. `computeSafeTaskSummary`
   // is the privacy floor for that line. It is written on every `saveState` and
   // stored on the session record (`session.safeTaskSummary`), so the dashboard
@@ -1148,7 +1169,7 @@
     if (typeof task !== 'string' || !task) return '';
     let s = task;
     // Strip absolute local paths via the canonical shared helper
-    // (spec §5.6.2 / Fix C). The helper covers Unix (/Users, /home,
+    // (spec §5.6.2). The helper covers Unix (/Users, /home,
     // /private/var, /tmp, /var/folders, /Volumes, /etc, /opt, /usr, ...),
     // Windows drive letters with both `\\` and `/`, UNC `\\server\share`,
     // and `file:///` URLs. Adding a new path shape is a one-line change

package/extension/src/shared/staleGuard.js

@@ -155,8 +155,6 @@
     updateExpectedFileContent,
     removeExpectedFile,
     moveExpectedFile,
-    checkPatchRangeFreshness,
-    normalizeText,
     normalizePath
   };
 });

package/extension/src/shared/storageDb.js

@@ -239,7 +239,7 @@
     var now = new Date().toISOString();
     var titleSource = input.titleSource === 'manual' ? 'manual' : 'auto';
     var updatedAt = typeof input.updatedAt === 'string' ? input.updatedAt : now;
-    // Welcome-panel + write-guard v1.3.8 add-on (Task 3): persist the four
+    // Welcome-panel + write-guard: persist the four
     // Recent-projects fields on every session record so the cross-project
     // query (`listRecentProjectsAcrossAccount`) can filter / sort / render
     // without touching the raw `task` text.
@@ -680,10 +680,50 @@
         if (detail !== undefined) {
           compact.detail = detail;
         }
+        // Preserve the structured completion-report payload + structured
+        // failure with their object shape intact (the generic detail
+        // compactor would redact unknown objects to a {redacted,hash}
+        // summary). Without this the report re-renders flat on reload —
+        // Write result / Undo / Next no longer demote into the muted meta
+        // block — and the recovery action button disappears.
+        if (event.detailStructured) {
+          compact.detailStructured = compactStructuredEventValueForStorage(event.detailStructured, 0);
+        }
+        if (event.failure) {
+          compact.failure = compactStructuredEventValueForStorage(event.failure, 0);
+        }
         return compact;
       });
   }
 
+  // Deep-copies a known-safe structured event value (the completion-report
+  // {conclusion, body, meta[]} payload, or a FailureReason object) preserving
+  // its shape while redacting + truncating every string field. Bounded depth +
+  // breadth so a pathological value can't blow up the stored record.
+  function compactStructuredEventValueForStorage(value, depth) {
+    var d = depth || 0;
+    if (typeof value === 'string') {
+      return normalizeDisplayTextForStorage(value, SESSION_STORAGE_LIMITS.reportDetailChars);
+    }
+    if (value === null || typeof value === 'number' || typeof value === 'boolean') {
+      return value;
+    }
+    if (d > 6 || typeof value !== 'object') {
+      return null;
+    }
+    if (Array.isArray(value)) {
+      return value.slice(0, 32).map(function (item) {
+        return compactStructuredEventValueForStorage(item, d + 1);
+      });
+    }
+    var out = {};
+    var keys = Object.keys(value).slice(0, 32);
+    for (var i = 0; i < keys.length; i++) {
+      out[keys[i]] = compactStructuredEventValueForStorage(value[keys[i]], d + 1);
+    }
+    return out;
+  }
+
   function getEventDetailLimit(event) {
     return event && event.kind === 'report'
       ? SESSION_STORAGE_LIMITS.reportDetailChars
@@ -845,7 +885,7 @@
   }
 
   function normalizeRunStatus(status) {
-    // Welcome-panel + write-guard v1.3.8 add-on (Task 2/3): the run-status
+    // Welcome-panel + write-guard: the run-status
     // enum gained three post-navigation values. The storage normalizer must
     // accept them so a settled run round-trips intact through `buildSessionRecord`.
     // Unknown legacy values fall through to `completed` (the historical default).
@@ -1065,7 +1105,7 @@
     return result;
   }
 
-  // Welcome-panel + write-guard v1.3.8 add-on (Task 3): the Recent-projects
+  // Welcome-panel + write-guard: the Recent-projects
   // dashboard variant calls `listRecentProjectsAcrossAccount` to get the
   // sorted, deduped, capped list of projects in the current account scope.
   //

package/native-host/src/codexPromptAssembly.js

@@ -279,13 +279,13 @@ function formatFocusFiles(files) {
 }
 
 function formatCompileLogContext(context = {}) {
-  const log = String(context.compileLog || '').trim();
+  const log = redactCompileLogText(String(context.compileLog || '').trim());
   if (!log) {
     return '- none provided.';
   }
 
-  const errors = normalizeCompileMessages(context.compileErrors);
-  const warnings = normalizeCompileMessages(context.compileWarnings);
+  const errors = normalizeCompileMessages(context.compileErrors).map(redactCompileLogText);
+  const warnings = normalizeCompileMessages(context.compileWarnings).map(redactCompileLogText);
   const fresh = context.compileLogFresh === false
     ? 'possibly stale'
     : 'fresh';
@@ -305,6 +305,33 @@ function formatCompileLogContext(context = {}) {
   ].filter(Boolean).join('\n');
 }
 
+function redactCompileLogText(value) {
+  let text = String(value || '');
+  const replacements = [
+    [/\bBearer\s+[A-Za-z0-9._~+/=-]{12,}\b/g, 'Bearer [REDACTED]'],
+    [/\b(?:ghp|github_pat|xox[baprs]|glpat)-?[_A-Za-z0-9=-]{16,}\b/g, '[REDACTED_TOKEN]'],
+    [/\b(?:sk|rk)_(?:live|test)_[A-Za-z0-9]{16,}\b/g, '[REDACTED_TOKEN]'],
+    [/\bsk-[A-Za-z0-9_-]{16,}\b/g, '[REDACTED_TOKEN]'],
+    [/\bAKIA[0-9A-Z]{16}\b/g, '[REDACTED_AWS_KEY]'],
+    [/\bAIza[0-9A-Za-z_-]{35}\b/g, '[REDACTED_GOOGLE_KEY]'],
+    [/\bhf_[A-Za-z0-9]{20,}\b/g, '[REDACTED_HF_TOKEN]'],
+    [/\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g, '[REDACTED_JWT]'],
+    [/file:\/\/\/[^\s'"<>]+/g, '<local-path>'],
+    [/(^|[\s({["'=])\/Users\/[^:\s'"<>)]*/g, '$1<local-path>'],
+    [/(^|[\s({["'=])\/private\/var\/[^:\s'"<>)]*/g, '$1<local-path>'],
+    [/(^|[\s({["'=])\/var\/folders\/[^:\s'"<>)]*/g, '$1<local-path>'],
+    [/(^|[\s({["'=])\/tmp\/[^:\s'"<>)]*/g, '$1<local-path>'],
+    [/(^|[\s({["'=])\/Library\/TeX\/[^:\s'"<>)]*/g, '$1<TEXLIVE_PATH>'],
+    [/(^|[\s({["'=])\/usr\/local\/texlive\/[^:\s'"<>)]*/g, '$1<TEXLIVE_PATH>'],
+    [/[A-Za-z]:\\Users\\[^:\s'"<>)]*/g, '<local-path>'],
+    [/[A-Za-z]:\\(?:Program Files|texlive)\\[^:\s'"<>)]*/gi, '<local-path>']
+  ];
+  for (const [pattern, replacement] of replacements) {
+    text = text.replace(pattern, replacement);
+  }
+  return text;
+}
+
 function formatCustomInstructionsContext(customInstructions = '') {
   const instructions = truncateText(
     String(customInstructions || '').trim(),

package/native-host/src/codexSessionRunner.js

@@ -677,9 +677,23 @@ function runCodexAppServerSession(input) {
     const assistantMessages = new Map();
     const assistantMessageOrder = [];
     let settled = false;
+    // Two-layer timeout strategy:
+    //   1. Optional absolute deadline (CODEX_OVERLEAF_CODEX_TIMEOUT_MS) —
+    //      legacy override; off by default. When set, the whole run must
+    //      finish within that envelope.
+    //   2. Idle watchdog — fires after a stretch of silence from the
+    //      app-server (no stdout / no messages). Default 10 minutes; the
+    //      runtime resets it on every incoming line and on every outgoing
+    //      request. This catches the failure mode where Codex sends
+    //      turn/started, then hangs without ever emitting completed/error
+    //      and the project lock would otherwise be held forever.
     const timeout = createOptionalTimeout(childEnv.CODEX_OVERLEAF_CODEX_TIMEOUT_MS, timeoutMs => {
       fail(new Error(`Codex app-server did not complete within configured timeout (${timeoutMs}ms)`));
     });
+    const idleTimeoutMs = parseOptionalPositiveInteger(childEnv.CODEX_OVERLEAF_CODEX_IDLE_TIMEOUT_MS) || 600000;
+    const idleWatchdog = createCodexIdleWatchdog(idleTimeoutMs, ms => {
+      fail(new Error(`Codex app-server produced no events for ${ms}ms (idle watchdog); the run was aborted to release the project lock.`));
+    });
     const onAbort = () => {
       fail(getAbortReason(input.signal));
     };
@@ -688,6 +702,7 @@ function runCodexAppServerSession(input) {
     child.stdout.setEncoding('utf8');
     child.stderr.setEncoding('utf8');
     child.stdout.on('data', chunk => {
+      idleWatchdog.reset();
       stdoutBuffer += chunk;
       const lines = stdoutBuffer.split(/\r?\n/);
       stdoutBuffer = lines.pop() || '';
@@ -924,6 +939,7 @@ function runCodexAppServerSession(input) {
 
     function cleanup() {
       timeout.cancel();
+      idleWatchdog.cancel();
       input.signal?.removeEventListener('abort', onAbort);
     }
   });
@@ -1141,6 +1157,30 @@ function createOptionalTimeout(value, onTimeout) {
   };
 }
 
+// Idle-style watchdog: fires only after the app-server has been silent for
+// `idleMs`. Callers must invoke .reset() on every signal of liveness
+// (incoming line, outgoing request). cancel() stops the timer on settle.
+// Returns no-op when idleMs is non-positive (defensive guard against bad env
+// var values).
+function createCodexIdleWatchdog(idleMs, onIdle) {
+  if (!(idleMs > 0)) {
+    return {
+      reset() {},
+      cancel() {}
+    };
+  }
+  let timer = setTimeout(() => onIdle(idleMs), idleMs);
+  return {
+    reset() {
+      clearTimeout(timer);
+      timer = setTimeout(() => onIdle(idleMs), idleMs);
+    },
+    cancel() {
+      clearTimeout(timer);
+    }
+  };
+}
+
 function parseOptionalPositiveInteger(value) {
   if (value === undefined || value === null || value === '') {
     return 0;

package/native-host/src/index.js

@@ -84,11 +84,77 @@ process.on('unhandledRejection', reason => {
 });
 
 function writeResponse(response) {
-  const frame = encodeMessage(response);
+  let frame;
+  try {
+    frame = encodeMessage(response);
+  } catch (error) {
+    const fallback = buildOversizeResponseFallback(response, error);
+    try {
+      frame = encodeMessage(fallback);
+    } catch (fallbackError) {
+      frame = encodeMessage({
+        id: response?.id,
+        ok: false,
+        error: {
+          code: 'native_response_too_large',
+          message: truncateForNativeFrame(fallbackError.message || error.message || 'Native response exceeded the browser frame limit.', 800)
+        }
+      });
+    }
+  }
   logDebug('stdout.write', { bytes: frame.length, ok: response?.ok, code: response?.error?.code });
   process.stdout.write(frame);
 }
 
+function buildOversizeResponseFallback(response, error) {
+  if (response?.event) {
+    const event = response.event || {};
+    return {
+      id: response.id,
+      ok: true,
+      event: {
+        type: event.type || 'native.event.truncated',
+        title: truncateForNativeFrame(event.title || 'Native event was truncated', 500),
+        status: event.status || 'warning',
+        detail: {
+          code: 'native_event_truncated',
+          reason: truncateForNativeFrame(error?.message || 'Native event exceeded the browser frame limit.', 800),
+          originalType: truncateForNativeFrame(event.type || '', 160),
+          originalTitle: truncateForNativeFrame(event.title || '', 500),
+          originalDetailBytes: stringByteLength(safeJsonStringify(event.detail))
+        },
+        timestamp: event.timestamp || new Date().toISOString()
+      }
+    };
+  }
+
+  return {
+    id: response?.id,
+    ok: false,
+    error: {
+      code: 'native_response_too_large',
+      message: truncateForNativeFrame(error?.message || 'Native response exceeded the browser frame limit.', 800),
+      originalOk: response?.ok === true
+    }
+  };
+}
+
+function truncateForNativeFrame(value, limit) {
+  const text = String(value || '');
+  if (text.length <= limit) {
+    return text;
+  }
+  return `${text.slice(0, Math.max(0, limit - 24))}... [truncated]`;
+}
+
+function safeJsonStringify(value) {
+  try {
+    return JSON.stringify(value);
+  } catch (_error) {
+    return '';
+  }
+}
+
 function summarizeRequest(message) {
   const params = message?.params || {};
   return {

package/native-host/src/taskRunnerRuntime.js

@@ -25,6 +25,11 @@ const { version: PACKAGE_VERSION } = require('../../package.json');
 
 const activeProjectLocks = new Map();
 const activeRunControllers = new Map();
+// Parallel index of active runs by projectKey so codex.cancel can find a
+// controller even when the original request id is unknown (e.g. after the
+// Overleaf tab was reloaded — the requestId lived in content-side JS state
+// and is gone, but the native-host-side controller is still running).
+const activeRunByProject = new Map();
 const pendingPlans = new Map();
 const PENDING_PLAN_TTL_MS = 30 * 60 * 1000;
 const CODEX_RUN_PASSTHROUGH_ERROR_CODES = new Set(['thread_resume_failed']);
@@ -138,6 +143,7 @@ async function handleCodexRun(request, env, emit) {
   const abortController = new AbortController();
   if (request.id) {
     activeRunControllers.set(request.id, abortController);
+    activeRunByProject.set(projectKey, { id: request.id, controller: abortController });
   }
   try {
     if (params.useExistingMirror) {
@@ -213,24 +219,63 @@ async function handleCodexRun(request, env, emit) {
     if (request.id && activeRunControllers.get(request.id) === abortController) {
       activeRunControllers.delete(request.id);
     }
+    if (activeRunByProject.get(projectKey)?.controller === abortController) {
+      activeRunByProject.delete(projectKey);
+    }
     releaseProjectLock(projectKey, lockToken);
   }
 }
 
+// Cancel paths, in priority order:
+//   1. By requestId (legacy + primary, when the caller still has it)
+//   2. By projectKey (after page refresh — requestId is lost but projectKey
+//      is derivable from the Overleaf URL)
+//   3. Force-release the project lock when no controller is registered for
+//      the given projectKey. Covers the zombie-lock case where a previous
+//      run leaked the lock (unhandled error path, process bug, etc.) and
+//      the user otherwise has no way to recover short of restarting Chrome.
+//      Only fires when `force: true` is explicitly set so accidental calls
+//      can't punch through a real live run.
 function handleCodexCancel(request) {
-  const targetId = request.params?.requestId || request.params?.id;
-  if (!targetId || !activeRunControllers.has(targetId)) {
+  const params = request.params || {};
+  const targetId = params.requestId || params.id;
+  const projectKey = typeof params.projectKey === 'string' ? params.projectKey : '';
+  const force = params.force === true;
+
+  if (targetId && activeRunControllers.has(targetId)) {
+    activeRunControllers.get(targetId).abort(createCancellationError());
     return okResponse(request.id, {
-      cancelled: false,
-      reason: 'No active Codex run matched the cancellation request'
+      cancelled: true,
+      requestId: targetId
     });
   }
 
-  const controller = activeRunControllers.get(targetId);
-  controller.abort(createCancellationError());
+  if (projectKey) {
+    const entry = activeRunByProject.get(projectKey);
+    if (entry?.controller) {
+      entry.controller.abort(createCancellationError());
+      return okResponse(request.id, {
+        cancelled: true,
+        projectKey,
+        requestId: entry.id || ''
+      });
+    }
+    if (force && activeProjectLocks.has(projectKey)) {
+      activeProjectLocks.delete(projectKey);
+      activeRunByProject.delete(projectKey);
+      logDebug('codex.cancel.force_released_zombie_lock', { projectKey });
+      return okResponse(request.id, {
+        cancelled: false,
+        lockReleased: true,
+        projectKey,
+        reason: 'No active controller; force-released the project lock entry'
+      });
+    }
+  }
+
   return okResponse(request.id, {
-    cancelled: true,
-    requestId: targetId
+    cancelled: false,
+    reason: 'No active Codex run matched the cancellation request'
   });
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codex-overleaf-link",
-  "version": "1.3.8",
+  "version": "1.4.0",
   "description": "Cross-platform Chrome bridge that connects Codex to the active Overleaf project.",
   "license": "MIT",
   "type": "commonjs",