commandmate 0.2.0 → 0.2.2

package/dist/server/src/lib/prompt-detector.js

@@ -8,6 +8,25 @@ exports.detectPrompt = detectPrompt;
 exports.getAnswerInput = getAnswerInput;
 const logger_1 = require("./logger");
 const logger = (0, logger_1.createLogger)('prompt-detector');
+/**
+ * Yes/no pattern definitions for data-driven matching.
+ * Each entry defines a regex pattern and its associated default option.
+ * Patterns are evaluated in order; the first match wins.
+ *
+ * Pattern format:
+ *   - regex: Must have a capture group (1) for the question text
+ *   - defaultOption: 'yes', 'no', or undefined (no default)
+ */
+const YES_NO_PATTERNS = [
+    // (y/n) - no default
+    { regex: /^(.+)\s+\(y\/n\)\s*$/m },
+    // [y/N] - default no
+    { regex: /^(.+)\s+\[y\/N\]\s*$/m, defaultOption: 'no' },
+    // [Y/n] - default yes
+    { regex: /^(.+)\s+\[Y\/n\]\s*$/m, defaultOption: 'yes' },
+    // (yes/no) - no default
+    { regex: /^(.+)\s+\(yes\/no\)\s*$/m },
+];
 /**
  * Detect if output contains an interactive prompt
  *
@@ -29,7 +48,7 @@ const logger = (0, logger_1.createLogger)('prompt-detector');
  * // result.promptData.question === 'Do you want to proceed?'
  * ```
  */
-function detectPrompt(output) {
+function detectPrompt(output, options) {
     logger.debug('detectPrompt:start', { outputLength: output.length });
     const lines = output.split('\n');
     const lastLines = lines.slice(-10).join('\n');
@@ -39,7 +58,7 @@ function detectPrompt(output) {
     // ❯ 1. Yes
     //   2. No
     //   3. Cancel
-    const multipleChoiceResult = detectMultipleChoicePrompt(output);
+    const multipleChoiceResult = detectMultipleChoicePrompt(output, options);
     if (multipleChoiceResult.isPrompt) {
         logger.info('detectPrompt:multipleChoice', {
             isPrompt: true,
@@ -48,74 +67,30 @@ function detectPrompt(output) {
         });
         return multipleChoiceResult;
     }
-    // Pattern 1: (y/n)
-    const yesNoPattern = /^(.+)\s+\(y\/n\)\s*$/m;
-    const match1 = lastLines.match(yesNoPattern);
-    if (match1) {
-        return {
-            isPrompt: true,
-            promptData: {
-                type: 'yes_no',
-                question: match1[1].trim(),
-                options: ['yes', 'no'],
-                status: 'pending',
-            },
-            cleanContent: match1[1].trim(),
-        };
-    }
-    // Pattern 2: [y/N] (N is default)
-    const yesNoDefaultPattern = /^(.+)\s+\[y\/N\]\s*$/m;
-    const match2 = lastLines.match(yesNoDefaultPattern);
-    if (match2) {
-        return {
-            isPrompt: true,
-            promptData: {
-                type: 'yes_no',
-                question: match2[1].trim(),
-                options: ['yes', 'no'],
-                status: 'pending',
-                defaultOption: 'no',
-            },
-            cleanContent: match2[1].trim(),
-        };
-    }
-    // Pattern 3: [Y/n] (Y is default)
-    const yesDefaultPattern = /^(.+)\s+\[Y\/n\]\s*$/m;
-    const match3 = lastLines.match(yesDefaultPattern);
-    if (match3) {
-        return {
-            isPrompt: true,
-            promptData: {
-                type: 'yes_no',
-                question: match3[1].trim(),
-                options: ['yes', 'no'],
-                status: 'pending',
-                defaultOption: 'yes',
-            },
-            cleanContent: match3[1].trim(),
-        };
-    }
-    // Pattern 4: (yes/no)
-    const yesNoFullPattern = /^(.+)\s+\(yes\/no\)\s*$/m;
-    const match4 = lastLines.match(yesNoFullPattern);
-    if (match4) {
-        return {
-            isPrompt: true,
-            promptData: {
-                type: 'yes_no',
-                question: match4[1].trim(),
-                options: ['yes', 'no'],
-                status: 'pending',
-            },
-            cleanContent: match4[1].trim(),
-        };
+    // Patterns 1-4: Yes/no patterns (data-driven matching)
+    for (const pattern of YES_NO_PATTERNS) {
+        const match = lastLines.match(pattern.regex);
+        if (match) {
+            const question = match[1].trim();
+            return {
+                isPrompt: true,
+                promptData: {
+                    type: 'yes_no',
+                    question,
+                    options: ['yes', 'no'],
+                    status: 'pending',
+                    ...(pattern.defaultOption !== undefined && { defaultOption: pattern.defaultOption }),
+                },
+                cleanContent: question,
+            };
+        }
     }
     // Pattern 5: Approve?
     // Matches "Approve?" on its own line or at the end of a line
     const approvePattern = /^(.*?)Approve\?\s*$/m;
-    const match5 = lastLines.match(approvePattern);
-    if (match5) {
-        const content = match5[1].trim();
+    const approveMatch = lastLines.match(approvePattern);
+    if (approveMatch) {
+        const content = approveMatch[1].trim();
         // If there's content before "Approve?", include it in the question
         const question = content ? `${content} Approve?` : 'Approve?';
         return {
@@ -159,6 +134,87 @@ const DEFAULT_OPTION_PATTERN = /^\s*\u276F\s*(\d+)\.\s*(.+)$/;
  * Anchored at both ends -- ReDoS safe (S4-001).
  */
 const NORMAL_OPTION_PATTERN = /^\s*(\d+)\.\s*(.+)$/;
+/**
+ * Pattern for separator lines (horizontal rules).
+ * Matches lines consisting only of dash (-) or em-dash (─) characters.
+ * Used to skip separator lines in question extraction and non-option line handling.
+ * Anchored at both ends -- ReDoS safe (S4-001).
+ */
+const SEPARATOR_LINE_PATTERN = /^[-─]+$/;
+/**
+ * Creates a "no prompt detected" result.
+ * Centralizes the repeated pattern of returning isPrompt: false with trimmed content.
+ *
+ * @param output - The original output text
+ * @returns PromptDetectionResult with isPrompt: false
+ */
+function noPromptResult(output) {
+    return {
+        isPrompt: false,
+        cleanContent: output.trim(),
+    };
+}
+/**
+ * Pattern for detecting question/selection keywords in question lines.
+ * CLI tools typically use these keywords in the line immediately before numbered choices.
+ *
+ * Keyword classification:
+ *   [Observed] select, choose, pick, which, what, enter, confirm
+ *     - Keywords confirmed in actual Claude Code / CLI tool prompts.
+ *   [Defensive additions] how, where, type, specify, approve, accept, reject, decide, preference, option
+ *     - Not yet observed in actual prompts, but commonly used in question sentences.
+ *       Added defensively to reduce False Negative risk.
+ *     - Slightly beyond YAGNI, but False Positive risk from these keywords is
+ *       extremely low (they rarely appear in normal list headings).
+ *     - Consider removing unused keywords if confirmed unnecessary in the future.
+ *
+ * No word boundaries (\b) used -- partial matches (e.g., "Selections:" matching "select")
+ * are acceptable because such headings followed by consecutive numbered lists are
+ * likely actual prompts. See design policy IC-004 for tradeoff analysis.
+ *
+ * Alternation-only pattern with no nested quantifiers -- ReDoS safe (SEC-S4-002).
+ * The pattern consists only of OR (alternation) within a non-capturing group,
+ * resulting in a linear-time structure (O(n)) with no backtracking risk.
+ * Follows the 'ReDoS safe (S4-001)' annotation convention of existing patterns.
+ */
+const QUESTION_KEYWORD_PATTERN = /(?:select|choose|pick|which|what|how|where|enter|type|specify|confirm|approve|accept|reject|decide|preference|option)/i;
+/**
+ * Validates whether a question line actually asks a question or requests a selection.
+ * Distinguishes normal heading lines ("Recommendations:", "Steps:", etc.) from
+ * actual question lines ("Which option?", "Select a mode:", etc.).
+ *
+ * Control character resilience (SEC-S4-004): The line parameter is passed via
+ * lines[questionEndIndex]?.trim(), so residual control characters from tmux
+ * capture-pane output (8-bit CSI (0x9B), DEC private modes, etc. not fully
+ * removed by stripAnsi()) may be present. However, endsWith('?') / endsWith(':')
+ * inspect only the last character, and QUESTION_KEYWORD_PATTERN.test() matches
+ * only English letter keywords, so residual control characters will not match
+ * any pattern and the function returns false (false-safe).
+ *
+ * Full-width colon (U+FF1A) is intentionally not supported. Claude Code/CLI
+ * prompts use ASCII colon. See design policy IC-008.
+ *
+ * @param line - The line to validate (trimmed)
+ * @returns true if the line is a question/selection request, false otherwise
+ */
+function isQuestionLikeLine(line) {
+    // Empty lines are not questions
+    if (line.length === 0)
+        return false;
+    // Pattern 1: Lines ending with question mark (English or full-width Japanese)
+    // Full-width question mark (U+FF1F) support is a defensive measure: Claude Code/CLI
+    // displays questions in English, but this covers future multi-language support
+    // and third-party tool integration.
+    if (line.endsWith('?') || line.endsWith('\uff1f'))
+        return true;
+    // Pattern 2: Lines ending with colon that contain a selection/input keyword
+    // Examples: "Select an option:", "Choose a mode:", "Pick one:"
+    if (line.endsWith(':')) {
+        if (QUESTION_KEYWORD_PATTERN.test(line))
+            return true;
+    }
+    return false;
+}
 /**
  * Defensive check: protection against future unknown false positive patterns.
  * Note: The actual false positive pattern in Issue #161 ("1. Create file\n2. Run tests")
@@ -196,7 +252,11 @@ function isConsecutiveFromOne(numbers) {
  *   }
  *
  * Each condition's responsibility:
- *   - hasLeadingSpaces: Indented non-option line (label text wrapping with indentation)
+ *   - hasLeadingSpaces: Indented non-option line (label text wrapping with indentation).
+ *     Excludes lines ending with '?' to prevent question lines (e.g., "  Do you want
+ *     to proceed?") from being misclassified as continuation. Claude Bash tool outputs
+ *     question and options with identical 2-space indentation, so this exclusion allows
+ *     the question line to be recognized as questionEndIndex instead of being skipped.
  *   - isShortFragment: Short fragment (< 5 chars, e.g., filename tail)
  *   - isPathContinuation: Path string continuation (Issue #181)
  *
@@ -205,13 +265,19 @@ function isConsecutiveFromOne(numbers) {
  * @returns true if the line should be treated as a continuation of a previous option
  */
 function isContinuationLine(rawLine, line) {
-    // Indented non-option line
-    const hasLeadingSpaces = rawLine.match(/^\s{2,}[^\d]/) && !rawLine.match(/^\s*\d+\./);
+    // Indented non-option line.
+    // Excludes lines ending with '?' or '？' (U+FF1F) because those are typically question lines
+    // (e.g., "  Do you want to proceed?", "  コピーしたい対象はどれですか？") from CLI tool output
+    // where both the question and options are 2-space indented. Without this exclusion,
+    // the question line would be misclassified as a continuation line, causing
+    // questionEndIndex to remain -1 and Layer 5 SEC-001 to block detection.
+    const endsWithQuestion = line.endsWith('?') || line.endsWith('\uff1f');
+    const hasLeadingSpaces = rawLine.match(/^\s{2,}[^\d]/) && !rawLine.match(/^\s*\d+\./) && !endsWithQuestion;
     // Short fragment (< 5 chars, excluding question-ending lines)
-    const isShortFragment = line.length < 5 && !line.endsWith('?');
+    const isShortFragment = line.length < 5 && !endsWithQuestion;
     // Path string continuation: lines starting with / or ~, or alphanumeric-only fragments (2+ chars)
     const isPathContinuation = /^[\/~]/.test(line) || (line.length >= 2 && /^[a-zA-Z0-9_-]+$/.test(line));
-    return !!(hasLeadingSpaces) || isShortFragment || isPathContinuation;
+    return !!hasLeadingSpaces || isShortFragment || isPathContinuation;
 }
 /**
  * Detect multiple choice prompts (numbered list with ❯ indicator)
@@ -233,42 +299,51 @@ function isContinuationLine(rawLine, line) {
  * @param output - The tmux output to analyze (typically captured from tmux pane)
  * @returns Detection result with prompt data if a valid multiple choice prompt is found
  */
-function detectMultipleChoicePrompt(output) {
+function detectMultipleChoicePrompt(output, options) {
+    // C-003: Use ?? true for readability instead of !== false double negation
+    const requireDefault = options?.requireDefaultIndicator ?? true;
     const lines = output.split('\n');
-    // Calculate scan window: last 50 lines
-    const scanStart = Math.max(0, lines.length - 50);
+    // Strip trailing empty lines (tmux terminal padding) before computing scan window.
+    // tmux buffers often end with many empty padding lines that would shift the
+    // scan window away from the actual prompt content.
+    let effectiveEnd = lines.length;
+    while (effectiveEnd > 0 && lines[effectiveEnd - 1].trim() === '') {
+        effectiveEnd--;
+    }
+    // Calculate scan window: last 50 non-trailing-empty lines
+    const scanStart = Math.max(0, effectiveEnd - 50);
     // ==========================================================================
     // Pass 1: Check for ❯ indicator existence in scan window
-    // If no ❯ lines found, there is no multiple_choice prompt.
+    // If no ❯ lines found and requireDefault is true, there is no multiple_choice prompt.
+    // When requireDefault is false, skip this gate entirely to allow ❯-less detection.
     // ==========================================================================
-    let hasDefaultLine = false;
-    for (let i = scanStart; i < lines.length; i++) {
-        const line = lines[i].trim();
-        if (DEFAULT_OPTION_PATTERN.test(line)) {
-            hasDefaultLine = true;
-            break;
+    if (requireDefault) {
+        let hasDefaultLine = false;
+        for (let i = scanStart; i < effectiveEnd; i++) {
+            const line = lines[i].trim();
+            if (DEFAULT_OPTION_PATTERN.test(line)) {
+                hasDefaultLine = true;
+                break;
+            }
+        }
+        if (!hasDefaultLine) {
+            return noPromptResult(output);
         }
-    }
-    if (!hasDefaultLine) {
-        return {
-            isPrompt: false,
-            cleanContent: output.trim(),
-        };
     }
     // ==========================================================================
-    // Pass 2: Collect options (only executed when ❯ was found in Pass 1)
+    // Pass 2: Collect options (executed when Pass 1 passes or is skipped)
     // Scan from end to find options, using both patterns.
     // ==========================================================================
-    const options = [];
+    const collectedOptions = [];
     let questionEndIndex = -1;
-    for (let i = lines.length - 1; i >= scanStart; i--) {
+    for (let i = effectiveEnd - 1; i >= scanStart; i--) {
         const line = lines[i].trim();
         // Try DEFAULT_OPTION_PATTERN first (❯ indicator)
         const defaultMatch = line.match(DEFAULT_OPTION_PATTERN);
         if (defaultMatch) {
             const number = parseInt(defaultMatch[1], 10);
             const label = defaultMatch[2].trim();
-            options.unshift({ number, label, isDefault: true });
+            collectedOptions.unshift({ number, label, isDefault: true });
             continue;
         }
         // Try NORMAL_OPTION_PATTERN (no ❯ indicator)
@@ -276,11 +351,11 @@ function detectMultipleChoicePrompt(output) {
         if (normalMatch) {
             const number = parseInt(normalMatch[1], 10);
             const label = normalMatch[2].trim();
-            options.unshift({ number, label, isDefault: false });
+            collectedOptions.unshift({ number, label, isDefault: false });
             continue;
         }
         // Non-option line handling
-        if (options.length > 0 && line && !line.match(/^[-─]+$/)) {
+        if (collectedOptions.length > 0 && line && !SEPARATOR_LINE_PATTERN.test(line)) {
             // Check if this is a continuation line (indented line between options,
             // or path/filename fragments from terminal width wrapping - Issue #181)
             const rawLine = lines[i]; // Original line with indentation preserved
@@ -294,20 +369,33 @@ function detectMultipleChoicePrompt(output) {
         }
     }
     // Layer 3: Consecutive number validation (defensive measure)
-    const optionNumbers = options.map(opt => opt.number);
+    const optionNumbers = collectedOptions.map(opt => opt.number);
     if (!isConsecutiveFromOne(optionNumbers)) {
-        return {
-            isPrompt: false,
-            cleanContent: output.trim(),
-        };
+        return noPromptResult(output);
     }
-    // Layer 4: Must have at least 2 options AND at least one with ❯ indicator
-    const hasDefaultIndicator = options.some(opt => opt.isDefault);
-    if (options.length < 2 || !hasDefaultIndicator) {
-        return {
-            isPrompt: false,
-            cleanContent: output.trim(),
-        };
+    // Layer 4: Must have at least 2 options. When requireDefault is true,
+    // also require at least one option with ❯ indicator.
+    const hasDefaultIndicator = collectedOptions.some(opt => opt.isDefault);
+    if (collectedOptions.length < 2 || (requireDefault && !hasDefaultIndicator)) {
+        return noPromptResult(output);
+    }
+    // Layer 5 [SEC-001]: Enhanced question line validation for requireDefaultIndicator=false.
+    // When requireDefault is false, apply stricter validation to prevent false positives
+    // from normal numbered lists (e.g., "Recommendations:\n1. Add tests\n2. Update docs").
+    if (!requireDefault) {
+        // SEC-001a: No question line found (questionEndIndex === -1) - reject.
+        // Prevents generic question fallback from triggering Auto-Yes
+        // on plain numbered lists that happen to be consecutive from 1.
+        if (questionEndIndex === -1) {
+            return noPromptResult(output);
+        }
+        // SEC-001b: Question line exists but is not actually a question/selection request.
+        // Validates that the question line contains a question mark or a selection keyword
+        // with colon, distinguishing "Select an option:" from "Recommendations:".
+        const questionLine = lines[questionEndIndex]?.trim() ?? '';
+        if (!isQuestionLikeLine(questionLine)) {
+            return noPromptResult(output);
+        }
     }
     // Extract question text
     let question = '';
@@ -316,7 +404,7 @@ function detectMultipleChoicePrompt(output) {
         const questionLines = [];
         for (let i = Math.max(0, questionEndIndex - 5); i <= questionEndIndex; i++) {
             const line = lines[i].trim();
-            if (line && !line.match(/^[-─]+$/)) {
+            if (line && !SEPARATOR_LINE_PATTERN.test(line)) {
                 questionLines.push(line);
             }
         }
@@ -331,7 +419,7 @@ function detectMultipleChoicePrompt(output) {
         promptData: {
             type: 'multiple_choice',
             question: question.trim(),
-            options: options.map(opt => {
+            options: collectedOptions.map(opt => {
                 // Check if this option requires text input using module-level patterns
                 const requiresTextInput = TEXT_INPUT_PATTERNS.some(pattern => pattern.test(opt.label));
                 return {
@@ -370,7 +458,8 @@ function getAnswerInput(answer, promptType = 'yes_no') {
         if (/^\d+$/.test(normalized)) {
             return normalized;
         }
-        throw new Error(`Invalid answer for multiple choice: ${answer}. Expected a number.`);
+        // SEC-003: Fixed error message without user input to prevent log injection
+        throw new Error('Invalid answer for multiple choice prompt. Expected a number.');
     }
     // Handle yes/no prompts
     if (normalized === 'yes' || normalized === 'y') {
@@ -379,5 +468,6 @@ function getAnswerInput(answer, promptType = 'yes_no') {
     if (normalized === 'no' || normalized === 'n') {
         return 'n';
     }
-    throw new Error(`Invalid answer: ${answer}. Expected 'yes', 'no', 'y', or 'n'.`);
+    // SEC-003: Fixed error message without user input to prevent log injection
+    throw new Error("Invalid answer for yes/no prompt. Expected 'yes', 'no', 'y', or 'n'.");
 }

package/dist/server/src/lib/response-poller.js

@@ -1,7 +1,18 @@
 "use strict";
 /**
- * CLI Tool response polling
- * Periodically checks tmux sessions for CLI tool responses (Claude, Codex, Gemini)
+ * CLI Tool response polling.
+ * Periodically checks tmux sessions for CLI tool responses (Claude, Codex, Gemini).
+ *
+ * Key responsibilities:
+ * - Extract completed responses from tmux output (extractResponse)
+ * - Detect interactive prompts and save as prompt messages
+ * - Clean tool-specific artifacts from response content
+ * - Manage polling lifecycle (start/stop/timeout)
+ *
+ * Issue #188 improvements:
+ * - DR-004: Tail-line windowing for thinking detection in extractResponse
+ * - MF-001 fix: Same windowing applied to checkForResponse thinking check
+ * - SF-003: RESPONSE_THINKING_TAIL_LINE_COUNT constant tracks STATUS_THINKING_LINE_COUNT
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.cleanClaudeResponse = cleanClaudeResponse;
@@ -26,6 +37,22 @@ const POLLING_INTERVAL = 2000;
  * Maximum polling duration in milliseconds (default: 5 minutes)
  */
 const MAX_POLLING_DURATION = 5 * 60 * 1000;
+/**
+ * Number of tail lines to check for active thinking indicators in response extraction.
+ *
+ * SF-003 coupling note: This value must track STATUS_THINKING_LINE_COUNT (5) in
+ * status-detector.ts. Both constants exist because they serve separate modules:
+ *   - RESPONSE_THINKING_TAIL_LINE_COUNT: response-poller.ts (response extraction)
+ *   - STATUS_THINKING_LINE_COUNT: status-detector.ts (UI status display)
+ * If STATUS_THINKING_LINE_COUNT changes, update this value accordingly.
+ *
+ * Why not a shared constant? status-detector.ts has no dependency on response-poller.ts
+ * and vice versa. Introducing a shared module would create a coupling that does not
+ * currently exist. The test suite validates consistency (SF-003 test).
+ *
+ * @constant
+ */
+const RESPONSE_THINKING_TAIL_LINE_COUNT = 5;
 /**
  * Active pollers map: "worktreeId:cliToolId" -> NodeJS.Timeout
  */
@@ -40,6 +67,26 @@ const pollingStartTimes = new Map();
 function getPollerKey(worktreeId, cliToolId) {
     return `${worktreeId}:${cliToolId}`;
 }
+/**
+ * Internal helper: detect prompt with CLI-tool-specific options.
+ *
+ * Centralizes the stripAnsi() + buildDetectPromptOptions() + detectPrompt() pipeline
+ * to avoid repeating this 3-step sequence across extractResponse() and checkForResponse().
+ *
+ * Design notes:
+ * - IA-001: stripAnsi() is applied uniformly inside this helper. It is idempotent,
+ *   so double-application on already-stripped input is safe.
+ * - SF-003: Uses buildDetectPromptOptions() from cli-patterns.ts for tool-specific
+ *   configuration (e.g., Claude's requireDefaultIndicator=false for Issue #193).
+ *
+ * @param output - Raw or pre-stripped tmux output
+ * @param cliToolId - CLI tool identifier for building detection options
+ * @returns PromptDetectionResult with isPrompt, promptData, and cleanContent
+ */
+function detectPromptWithOptions(output, cliToolId) {
+    const promptOptions = (0, cli_patterns_1.buildDetectPromptOptions)(cliToolId);
+    return (0, prompt_detector_1.detectPrompt)((0, cli_patterns_1.stripAnsi)(output), promptOptions);
+}
 /**
  * Clean up Claude response by removing shell setup commands, environment exports, ANSI codes, and banner
  * Also extracts only the LATEST response to avoid including conversation history
@@ -92,6 +139,7 @@ function cleanClaudeResponse(response) {
         /\?\s*for shortcuts\s*$/, // Shortcuts hint at end of line
         /^─{10,}$/, // Separator lines
         /^❯\s*$/, // Empty prompt lines
+        cli_patterns_1.PASTED_TEXT_PATTERN, // [Pasted text #N +XX lines] (Issue #212)
     ];
     // Filter out UI elements and keep only the response content
     const cleanedLines = [];
@@ -209,14 +257,12 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
     // Permission prompts appear after normal responses and need special handling
     if (cliToolId === 'claude') {
         const fullOutput = lines.join('\n');
-        // Strip ANSI codes before prompt detection
-        const cleanFullOutput = (0, cli_patterns_1.stripAnsi)(fullOutput);
-        const promptDetection = (0, prompt_detector_1.detectPrompt)(cleanFullOutput);
+        const promptDetection = detectPromptWithOptions(fullOutput, cliToolId);
         if (promptDetection.isPrompt) {
             // Return the full output as a complete interactive prompt
             // Use the cleaned output without ANSI codes
             return {
-                response: cleanFullOutput,
+                response: (0, cli_patterns_1.stripAnsi)(fullOutput),
                 isComplete: true,
                 lineCount: totalLines,
             };
@@ -285,9 +331,10 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
             responseLines.push(line);
         }
         const response = responseLines.join('\n').trim();
-        // Additional check: ensure response doesn't contain thinking indicators
-        // This prevents saving intermediate states as final responses
-        if (thinkingPattern.test(response)) {
+        // DR-004: Check only the tail of the response for thinking indicators.
+        // Prevents false blocking when completed thinking summaries appear in the response body.
+        const responseTailLines = response.split('\n').slice(-RESPONSE_THINKING_TAIL_LINE_COUNT).join('\n');
+        if (thinkingPattern.test(responseTailLines)) {
             return {
                 response: '',
                 isComplete: false,
@@ -347,18 +394,13 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
                     lineCount: totalLines,
                 };
             }
-            // Check for auth/loading states that should not be treated as complete responses
-            if (response.includes('Waiting for auth') ||
-                response.includes('⠋') ||
-                response.includes('⠙') ||
-                response.includes('⠹') ||
-                response.includes('⠸') ||
-                response.includes('⠼') ||
-                response.includes('⠴') ||
-                response.includes('⠦') ||
-                response.includes('⠧') ||
-                response.includes('⠇') ||
-                response.includes('⠏')) {
+            // Check for auth/loading states that should not be treated as complete responses.
+            // Braille spinner characters are shared with CLAUDE_SPINNER_CHARS in cli-patterns.ts.
+            const LOADING_INDICATORS = [
+                'Waiting for auth',
+                '⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏',
+            ];
+            if (LOADING_INDICATORS.some(indicator => response.includes(indicator))) {
                 return {
                     response: '',
                     isComplete: false,
@@ -382,7 +424,7 @@ function extractResponse(output, lastCapturedLine, cliToolId) {
     // Check if this is an interactive prompt (yes/no or multiple choice)
     // Interactive prompts don't have the ">" prompt and separator, so we need to detect them separately
     const fullOutput = lines.join('\n');
-    const promptDetection = (0, prompt_detector_1.detectPrompt)(fullOutput);
+    const promptDetection = detectPromptWithOptions(fullOutput, cliToolId);
     if (promptDetection.isPrompt) {
         // This is an interactive prompt - consider it complete
         return {
@@ -454,12 +496,17 @@ async function checkForResponse(worktreeId, cliToolId) {
         // Extract response
         const result = extractResponse(output, lastCapturedLine, cliToolId);
         if (!result || !result.isComplete) {
-            // No new output or response not yet complete
-            // But if Claude is processing (thinking), mark any pending prompts as answered
-            // This handles cases where user responded to prompts directly via terminal
+            // No new output or response not yet complete.
+            // If CLI tool is actively thinking, mark any pending prompts as answered.
+            // This handles cases where user responded to prompts directly via terminal.
+            //
+            // DR-004 windowing: Only check tail lines (same as extractResponse thinking check)
+            // to avoid false matches on completed thinking summaries in scrollback.
+            // Previously (MF-001), full-text check caused false positives.
             const { thinkingPattern } = (0, cli_patterns_1.getCliToolPatterns)(cliToolId);
             const cleanOutput = (0, cli_patterns_1.stripAnsi)(output);
-            if (thinkingPattern.test(cleanOutput)) {
+            const tailLines = cleanOutput.split('\n').slice(-RESPONSE_THINKING_TAIL_LINE_COUNT).join('\n');
+            if (thinkingPattern.test(tailLines)) {
                 const answeredCount = (0, db_1.markPendingPromptsAsAnswered)(db, worktreeId, cliToolId);
                 if (answeredCount > 0) {
                     console.log(`Marked ${answeredCount} pending prompt(s) as answered (thinking detected) for ${worktreeId}`);
@@ -479,7 +526,7 @@ async function checkForResponse(worktreeId, cliToolId) {
             return false;
         }
         // Response is complete! Check if it's a prompt
-        const promptDetection = (0, prompt_detector_1.detectPrompt)(result.response);
+        const promptDetection = detectPromptWithOptions(result.response, cliToolId);
         if (promptDetection.isPrompt) {
             // This is a prompt - save as prompt message
             (0, db_1.clearInProgressMessageId)(db, worktreeId, cliToolId);

package/dist/server/src/lib/tmux.js

@@ -9,6 +9,7 @@ exports.hasSession = hasSession;
 exports.listSessions = listSessions;
 exports.createSession = createSession;
 exports.sendKeys = sendKeys;
+exports.sendSpecialKeys = sendSpecialKeys;
 exports.capturePane = capturePane;
 exports.killSession = killSession;
 exports.ensureSession = ensureSession;
@@ -168,6 +169,53 @@ async function sendKeys(sessionName, keys, sendEnter = true) {
         throw new Error(`Failed to send keys to tmux session: ${errorMessage}`);
     }
 }
+/**
+ * Allowed tmux special key names for sendSpecialKeys().
+ * Restricts input to prevent command injection via arbitrary tmux key names.
+ */
+const ALLOWED_SPECIAL_KEYS = new Set([
+    'Up', 'Down', 'Left', 'Right',
+    'Enter', 'Space', 'Tab', 'Escape',
+    'BSpace', 'DC', // Backspace, Delete
+]);
+/** Delay between individual key presses for TUI apps that need processing time (ms). */
+const SPECIAL_KEY_DELAY_MS = 100;
+/**
+ * Send tmux special keys (unquoted key names like Down, Up, Enter, Space).
+ * Used for cursor-based navigation in CLI tool prompts (e.g., Claude Code AskUserQuestion).
+ *
+ * Keys are sent one at a time with a short delay between each press,
+ * because ink-based TUI apps (like Claude Code) need time to process
+ * each keystroke before the next one arrives.
+ *
+ * @param sessionName - Target session name
+ * @param keys - Array of tmux special key names (e.g., ['Down', 'Down', 'Space', 'Enter'])
+ * @throws {Error} If any key name is not in the allowed set, or if tmux command fails
+ */
+async function sendSpecialKeys(sessionName, keys) {
+    if (keys.length === 0)
+        return;
+    // Validate all keys are in the allowed set (command injection prevention)
+    for (const key of keys) {
+        if (!ALLOWED_SPECIAL_KEYS.has(key)) {
+            throw new Error(`Invalid special key: ${key}`);
+        }
+    }
+    try {
+        for (let i = 0; i < keys.length; i++) {
+            const command = `tmux send-keys -t "${sessionName}" ${keys[i]}`;
+            await execAsync(command, { timeout: DEFAULT_TIMEOUT });
+            // Delay between key presses (skip after the last key)
+            if (i < keys.length - 1) {
+                await new Promise(resolve => setTimeout(resolve, SPECIAL_KEY_DELAY_MS));
+            }
+        }
+    }
+    catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        throw new Error(`Failed to send special keys to tmux session: ${errorMessage}`);
+    }
+}
 /**
  * Capture pane output from a tmux session
  *