commandmate 0.3.1 → 0.3.3

package/dist/server/src/config/schedule-config.js

@@ -0,0 +1,60 @@
+"use strict";
+/**
+ * Schedule Execution Configuration Constants
+ * Issue #294: Centralized constants for schedule-related API routes
+ *
+ * Eliminates duplication of validation constants and UUID validation
+ * across schedules/route.ts, schedules/[scheduleId]/route.ts,
+ * and execution-logs/[logId]/route.ts.
+ *
+ * [S4-014] UUID v4 format validation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UUID_V4_PATTERN = exports.DEFAULT_PERMISSIONS = exports.VIBE_LOCAL_PERMISSIONS = exports.GEMINI_PERMISSIONS = exports.CODEX_SANDBOXES = exports.CLAUDE_PERMISSIONS = exports.MAX_SCHEDULE_CRON_LENGTH = exports.MAX_SCHEDULE_MESSAGE_LENGTH = exports.MAX_SCHEDULE_NAME_LENGTH = void 0;
+exports.isValidUuidV4 = isValidUuidV4;
+// =============================================================================
+// Validation Constants
+// =============================================================================
+/** Maximum schedule name length */
+exports.MAX_SCHEDULE_NAME_LENGTH = 100;
+/** Maximum message length for schedule execution */
+exports.MAX_SCHEDULE_MESSAGE_LENGTH = 10000;
+/** Maximum cron expression length */
+exports.MAX_SCHEDULE_CRON_LENGTH = 100;
+// =============================================================================
+// Permission Constants
+// =============================================================================
+/** Allowed permission values for claude CLI (--permission-mode) */
+exports.CLAUDE_PERMISSIONS = ['default', 'acceptEdits', 'plan', 'dontAsk', 'bypassPermissions'];
+/** Allowed sandbox values for codex CLI (--sandbox) */
+exports.CODEX_SANDBOXES = ['read-only', 'workspace-write', 'danger-full-access'];
+/** Allowed permission values for gemini CLI (no permission flags) */
+exports.GEMINI_PERMISSIONS = [];
+/** Allowed permission values for vibe-local CLI (no permission flags) */
+exports.VIBE_LOCAL_PERMISSIONS = [];
+/** Default permission per CLI tool */
+exports.DEFAULT_PERMISSIONS = {
+    claude: 'acceptEdits',
+    codex: 'workspace-write',
+    gemini: '',
+    'vibe-local': '',
+};
+// =============================================================================
+// UUID Validation
+// =============================================================================
+/**
+ * UUID v4 validation pattern.
+ * Matches standard UUID v4 format: xxxxxxxx-xxxx-4xxx-[89ab]xxx-xxxxxxxxxxxx
+ *
+ * [S4-014] Used to validate schedule IDs and execution log IDs
+ */
+exports.UUID_V4_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
+/**
+ * Validate that a string is a valid UUID v4 format.
+ *
+ * @param id - String to validate
+ * @returns true if the string matches UUID v4 format
+ */
+function isValidUuidV4(id) {
+    return exports.UUID_V4_PATTERN.test(id);
+}

package/dist/server/src/lib/auto-yes-manager.js

@@ -403,7 +403,7 @@ async function captureAndCleanOutput(worktreeId, cliToolId) {
     // captureSessionOutput() default is 1000 lines, but tmux buffer capture
     // requires 5000 to avoid truncating long outputs.
     const output = await (0, cli_session_1.captureSessionOutput)(worktreeId, cliToolId, 5000);
-    return (0, cli_patterns_1.stripAnsi)(output);
+    return (0, cli_patterns_1.stripBoxDrawing)((0, cli_patterns_1.stripAnsi)(output));
 }
 /**
  * Process stop condition check using delta-based approach.
@@ -465,7 +465,7 @@ async function detectAndRespondToPrompt(worktreeId, pollerState, cliToolId, clea
     try {
         // 1. Detect prompt
         const promptOptions = (0, cli_patterns_1.buildDetectPromptOptions)(cliToolId);
-        const promptDetection = (0, prompt_detector_1.detectPrompt)(cleanOutput, promptOptions);
+        const promptDetection = (0, prompt_detector_1.detectPrompt)((0, cli_patterns_1.stripBoxDrawing)(cleanOutput), promptOptions);
         if (!promptDetection.isPrompt || !promptDetection.promptData) {
             // No prompt detected - reset lastAnsweredPromptKey (Issue #306)
             pollerState.lastAnsweredPromptKey = null;

package/dist/server/src/lib/claude-executor.js

@@ -0,0 +1,158 @@
+"use strict";
+/**
+ * Claude CLI Executor
+ * Issue #294: Executes claude -p commands for scheduled executions
+ *
+ * Security:
+ * - Uses execFile (not exec) to prevent shell injection
+ * - Sanitizes environment variables via env-sanitizer.ts
+ * - Limits output size to prevent memory exhaustion
+ * - Enforces execution timeout
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ALLOWED_CLI_TOOLS = exports.MAX_MESSAGE_LENGTH = exports.EXECUTION_TIMEOUT_MS = exports.MAX_STORED_OUTPUT_SIZE = exports.MAX_OUTPUT_SIZE = void 0;
+exports.truncateOutput = truncateOutput;
+exports.buildCliArgs = buildCliArgs;
+exports.executeClaudeCommand = executeClaudeCommand;
+exports.getActiveProcesses = getActiveProcesses;
+const child_process_1 = require("child_process");
+const env_sanitizer_1 = require("./env-sanitizer");
+const cli_patterns_1 = require("./cli-patterns");
+// =============================================================================
+// Constants
+// =============================================================================
+/** Maximum output buffer size for execFile (1MB) */
+exports.MAX_OUTPUT_SIZE = 1 * 1024 * 1024;
+/** Maximum output size stored in DB (100KB) */
+exports.MAX_STORED_OUTPUT_SIZE = 100 * 1024;
+/** Execution timeout in milliseconds (5 minutes) */
+exports.EXECUTION_TIMEOUT_MS = 5 * 60 * 1000;
+/** Maximum message length sent to claude -p */
+exports.MAX_MESSAGE_LENGTH = 10000;
+/** Allowed CLI tool identifiers for scheduled execution */
+exports.ALLOWED_CLI_TOOLS = new Set(['claude', 'codex', 'gemini', 'vibe-local']);
+// =============================================================================
+// Executor
+// =============================================================================
+/**
+ * Truncate output to MAX_STORED_OUTPUT_SIZE bytes.
+ * Appends a truncation notice if truncated.
+ *
+ * @param output - Raw output string
+ * @returns Truncated output string
+ */
+function truncateOutput(output) {
+    if (Buffer.byteLength(output, 'utf-8') <= exports.MAX_STORED_OUTPUT_SIZE) {
+        return output;
+    }
+    // Truncate to MAX_STORED_OUTPUT_SIZE bytes
+    const buffer = Buffer.from(output, 'utf-8');
+    const truncated = buffer.subarray(0, exports.MAX_STORED_OUTPUT_SIZE).toString('utf-8');
+    return truncated + '\n\n--- Output truncated (exceeded 100KB limit) ---';
+}
+/**
+ * Build CLI arguments for non-interactive execution based on CLI tool type.
+ *
+ * - claude: -p <message> --output-format text --permission-mode <permission>
+ * - codex: exec <message> --sandbox <permission>
+ * - gemini: -p <message>
+ * - vibe-local: [-p <message> -y] or [--model <model> -p <message> -y]
+ * - others: -p <message> (fallback)
+ *
+ * @param message - Prompt message
+ * @param cliToolId - CLI tool identifier
+ * @param permission - Permission mode (claude: --permission-mode, codex: --sandbox)
+ * @param options - Additional options (e.g., model for vibe-local)
+ * @returns Array of CLI arguments
+ */
+function buildCliArgs(message, cliToolId, permission, options) {
+    switch (cliToolId) {
+        case 'codex':
+            return ['exec', message, '--sandbox', permission ?? 'workspace-write'];
+        case 'gemini':
+            return ['-p', message];
+        case 'vibe-local':
+            if (options?.model) {
+                return ['--model', options.model, '-p', message, '-y'];
+            }
+            return ['-p', message, '-y'];
+        case 'claude':
+        default:
+            return ['-p', message, '--output-format', 'text', '--permission-mode', permission ?? 'acceptEdits'];
+    }
+}
+/**
+ * Execute a CLI command in a worktree directory.
+ *
+ * @param message - Prompt message to send
+ * @param cwd - Working directory (worktree path from DB)
+ * @param cliToolId - CLI tool to use (default: 'claude')
+ * @param permission - Permission mode (claude: --permission-mode, codex: --sandbox)
+ * @param options - Additional options (e.g., model for vibe-local)
+ * @returns Execution result with output and status
+ */
+async function executeClaudeCommand(message, cwd, cliToolId = 'claude', permission, options) {
+    // Validate cliToolId against whitelist [SEC-001]
+    if (!exports.ALLOWED_CLI_TOOLS.has(cliToolId)) {
+        return {
+            output: '',
+            exitCode: null,
+            status: 'failed',
+            error: `Invalid CLI tool: ${cliToolId}`,
+        };
+    }
+    // Validate message length
+    const truncatedMessage = message.length > exports.MAX_MESSAGE_LENGTH
+        ? message.substring(0, exports.MAX_MESSAGE_LENGTH)
+        : message;
+    const args = buildCliArgs(truncatedMessage, cliToolId, permission, options);
+    return new Promise((resolve) => {
+        const child = (0, child_process_1.execFile)(cliToolId, args, {
+            cwd,
+            env: (0, env_sanitizer_1.sanitizeEnvForChildProcess)(),
+            maxBuffer: exports.MAX_OUTPUT_SIZE,
+            timeout: exports.EXECUTION_TIMEOUT_MS,
+        }, (error, stdout, stderr) => {
+            if (error) {
+                const isTimeout = error.killed || error.code === 'ETIMEDOUT';
+                const rawOutput = (0, cli_patterns_1.stripAnsi)(stdout || stderr || error.message);
+                const output = truncateOutput(rawOutput);
+                resolve({
+                    output,
+                    exitCode: error.code ? parseInt(String(error.code), 10) || null : null,
+                    status: isTimeout ? 'timeout' : 'failed',
+                    error: error.message,
+                });
+                return;
+            }
+            const rawOutput = (0, cli_patterns_1.stripAnsi)(stdout || '');
+            const output = truncateOutput(rawOutput);
+            resolve({
+                output,
+                exitCode: 0,
+                status: 'completed',
+            });
+        });
+        // Close stdin immediately to prevent hanging on yes/no prompts
+        child.stdin?.end();
+        // Return the child process PID for tracking
+        if (child.pid) {
+            // Store PID in global active processes for cleanup on shutdown
+            const activeProcesses = getActiveProcesses();
+            activeProcesses.set(child.pid, child);
+            child.on('exit', () => {
+                activeProcesses.delete(child.pid);
+            });
+        }
+    });
+}
+/**
+ * Get the global active processes map.
+ * Uses globalThis for hot reload persistence.
+ */
+function getActiveProcesses() {
+    if (!globalThis.__scheduleActiveProcesses) {
+        globalThis.__scheduleActiveProcesses = new Map();
+    }
+    return globalThis.__scheduleActiveProcesses;
+}

package/dist/server/src/lib/cli-patterns.js

@@ -4,10 +4,11 @@
  * Shared between response-poller.ts and API routes
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CLAUDE_SESSION_ERROR_REGEX_PATTERNS = exports.CLAUDE_SESSION_ERROR_PATTERNS = exports.GEMINI_PROMPT_PATTERN = exports.MAX_PASTED_TEXT_RETRIES = exports.PASTED_TEXT_DETECT_DELAY = exports.PASTED_TEXT_PATTERN = exports.CODEX_SEPARATOR_PATTERN = exports.CODEX_PROMPT_PATTERN = exports.CLAUDE_TRUST_DIALOG_PATTERN = exports.CLAUDE_SEPARATOR_PATTERN = exports.CLAUDE_PROMPT_PATTERN = exports.CODEX_THINKING_PATTERN = exports.CLAUDE_THINKING_PATTERN = exports.CLAUDE_SPINNER_CHARS = void 0;
+exports.CLAUDE_SESSION_ERROR_REGEX_PATTERNS = exports.CLAUDE_SESSION_ERROR_PATTERNS = exports.VIBE_LOCAL_THINKING_PATTERN = exports.VIBE_LOCAL_PROMPT_PATTERN = exports.GEMINI_THINKING_PATTERN = exports.GEMINI_PROMPT_PATTERN = exports.MAX_PASTED_TEXT_RETRIES = exports.PASTED_TEXT_DETECT_DELAY = exports.PASTED_TEXT_PATTERN = exports.CODEX_SEPARATOR_PATTERN = exports.CODEX_PROMPT_PATTERN = exports.CLAUDE_TRUST_DIALOG_PATTERN = exports.CLAUDE_SEPARATOR_PATTERN = exports.CLAUDE_PROMPT_PATTERN = exports.CODEX_THINKING_PATTERN = exports.CLAUDE_THINKING_PATTERN = exports.CLAUDE_SPINNER_CHARS = void 0;
 exports.detectThinking = detectThinking;
 exports.getCliToolPatterns = getCliToolPatterns;
 exports.stripAnsi = stripAnsi;
+exports.stripBoxDrawing = stripBoxDrawing;
 exports.buildDetectPromptOptions = buildDetectPromptOptions;
 const logger_1 = require("./logger");
 const logger = (0, logger_1.createLogger)('cli-patterns');
@@ -113,9 +114,29 @@ exports.PASTED_TEXT_DETECT_DELAY = 500;
  */
 exports.MAX_PASTED_TEXT_RETRIES = 3;
 /**
- * Gemini shell prompt pattern
+ * Gemini interactive REPL prompt pattern
+ * Gemini CLI shows a `>` or `❯` prompt when waiting for user input in interactive mode.
+ * Also matches shell prompts as fallback for session initialization phase.
  */
-exports.GEMINI_PROMPT_PATTERN = /^(%|\$|.*@.*[%$#])\s*$/m;
+exports.GEMINI_PROMPT_PATTERN = /^[>❯]\s*$/m;
+/**
+ * Gemini thinking/processing pattern
+ * Gemini CLI shows braille spinner characters and status text while processing.
+ */
+exports.GEMINI_THINKING_PATTERN = /[\u2800-\u28FF]|Thinking\.\.\./;
+/**
+ * Vibe Local prompt pattern
+ * vibe-local (vibe-coder) shows `ctx:N% ❯` prompt when waiting for user input.
+ * The prompt line includes a context usage percentage prefix.
+ * Examples: "ctx:9% ❯", "ctx:30% ❯", "ctx:9% ❯ /model"
+ */
+exports.VIBE_LOCAL_PROMPT_PATTERN = /ctx:\d+%\s*[>❯]/m;
+/**
+ * Vibe Local thinking/processing pattern
+ * vibe-local shows spinner characters and status text while processing.
+ * Matches braille spinners, "Thinking", and tool execution indicators.
+ */
+exports.VIBE_LOCAL_THINKING_PATTERN = /[\u2800-\u28FF]|Thinking|⠋|⠙|⠹|⠸|⠼|⠴|⠦|⠧|⠇|⠏|Running|Executing/;
 /**
  * Detect if CLI tool is showing "thinking" indicator
  */
@@ -131,8 +152,10 @@ function detectThinking(cliToolId, content) {
             result = exports.CODEX_THINKING_PATTERN.test(content);
             break;
         case 'gemini':
-            // Gemini doesn't have a thinking indicator in one-shot mode
-            result = false;
+            result = exports.GEMINI_THINKING_PATTERN.test(content);
+            break;
+        case 'vibe-local':
+            result = exports.VIBE_LOCAL_THINKING_PATTERN.test(content);
             break;
         default:
             result = exports.CLAUDE_THINKING_PATTERN.test(content);
@@ -186,12 +209,36 @@ function getCliToolPatterns(cliToolId) {
         case 'gemini':
             return {
                 promptPattern: exports.GEMINI_PROMPT_PATTERN,
-                separatorPattern: /^gemini\s+--\s+/m,
-                thinkingPattern: /(?!)/m, // Never matches - one-shot execution
+                separatorPattern: /^[─━]{3,}$/m,
+                thinkingPattern: exports.GEMINI_THINKING_PATTERN,
+                skipPatterns: [
+                    /^[>❯]\s*$/, // Prompt line
+                    exports.GEMINI_THINKING_PATTERN, // Thinking indicators
+                    /^\s*$/, // Empty lines
+                    /Gemini\s+\d+\.\d+/, // Version line
+                    exports.PASTED_TEXT_PATTERN, // [Pasted text #N +XX lines]
+                ],
+            };
+        case 'vibe-local':
+            return {
+                promptPattern: exports.VIBE_LOCAL_PROMPT_PATTERN,
+                separatorPattern: /^[·]{10,}$/m, // vibe-local uses middle dot separators
+                thinkingPattern: exports.VIBE_LOCAL_THINKING_PATTERN,
                 skipPatterns: [
-                    /^gemini\s+--\s+/, // Command line itself
-                    exports.GEMINI_PROMPT_PATTERN, // Shell prompt lines
+                    exports.VIBE_LOCAL_PROMPT_PATTERN, // Prompt line (ctx:N% ❯)
+                    exports.VIBE_LOCAL_THINKING_PATTERN, // Thinking indicators
                     /^\s*$/, // Empty lines
+                    /vibe-local|vibe-coder/, // Version/banner lines
+                    /ctx:\s*\d+%/, // Context usage indicator
+                    /Model\s+\w/, // Model info line
+                    /Engine\s+\w/, // Engine info line
+                    /Mode\s+/, // Mode info line
+                    /RAM\s+/, // RAM info line
+                    /CWD\s+/, // Working directory line
+                    /^[·]{10,}$/, // Middle dot separator lines
+                    /✦\s*Ready/, // Status bar "Ready" indicator
+                    /ESC:\s*stop/, // Status bar "ESC: stop" hint
+                    exports.PASTED_TEXT_PATTERN, // [Pasted text #N +XX lines]
                 ],
             };
         default:
@@ -222,6 +269,23 @@ const ANSI_PATTERN = /\x1b\[[0-9;]*[a-zA-Z]|\x1b\][^\x07]*\x07|\[[0-9;]*m/g;
 function stripAnsi(str) {
     return str.replace(ANSI_PATTERN, '');
 }
+/**
+ * Strip box-drawing border characters from CLI output.
+ * Gemini CLI wraps Action Required prompts in ╭─╮│╰─╯ borders.
+ * Removes │ (U+2502) prefix/suffix and border-only lines (╭╮╰╯─).
+ *
+ * @param str - Input string (typically after stripAnsi())
+ * @returns String with box-drawing borders removed
+ */
+function stripBoxDrawing(str) {
+    return str.split('\n').map(line => {
+        // Remove border-only lines (╭──╮, ╰──╯, │ only, etc.)
+        if (/^[\u2502\u256D\u256E\u256F\u2570\u2500\s]+$/.test(line))
+            return '';
+        // Strip leading │ + optional space, trailing space + │
+        return line.replace(/^\u2502\s?/, '').replace(/\s*\u2502$/, '');
+    }).join('\n');
+}
 /**
  * Build DetectPromptOptions for a given CLI tool.
  * Centralizes cliToolId-to-options mapping logic (DRY - MF-001).

package/dist/server/src/lib/cli-tools/gemini.js

@@ -1,18 +1,33 @@
 "use strict";
 /**
  * Gemini CLI tool implementation
- * Provides integration with Google's Gemini CLI
+ * Provides integration with Google's Gemini CLI in interactive mode
+ *
+ * @remarks Issue #368: Rewritten from non-interactive pipe mode to interactive REPL mode.
+ * Previous implementation used `echo 'msg' | gemini` which caused the process to exit
+ * immediately, making response polling impossible. Now launches `gemini` in interactive
+ * mode within tmux (same approach as Claude/Codex).
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GeminiTool = void 0;
 const base_1 = require("./base");
 const tmux_1 = require("../tmux");
-const child_process_1 = require("child_process");
-const util_1 = require("util");
-const execAsync = (0, util_1.promisify)(child_process_1.exec);
+const pasted_text_helper_1 = require("../pasted-text-helper");
+/**
+ * Extract error message from unknown error type (DRY)
+ */
+function getErrorMessage(error) {
+    return error instanceof Error ? error.message : String(error);
+}
+/** Wait for Gemini CLI to initialize after launch (banner + auth + dialog) */
+const GEMINI_INIT_WAIT_MS = 6000;
+/** Interval for polling trust dialog detection */
+const TRUST_DIALOG_POLL_INTERVAL_MS = 1000;
+/** Max attempts to detect trust dialog (10 * 1000ms = 10s polling window) */
+const TRUST_DIALOG_MAX_ATTEMPTS = 10;
 /**
  * Gemini CLI tool implementation
- * Manages Gemini sessions using tmux
+ * Manages Gemini interactive sessions using tmux
  */
 class GeminiTool extends base_1.BaseCLITool {
     id = 'gemini';
@@ -30,8 +45,7 @@ class GeminiTool extends base_1.BaseCLITool {
     }
     /**
      * Start a new Gemini session for a worktree
-     * Note: Gemini uses non-interactive mode, so we just create a tmux session
-     * for running one-shot commands
+     * Launches `gemini` in interactive REPL mode within tmux
      *
      * @param worktreeId - Worktree ID
      * @param worktreePath - Worktree path
@@ -50,22 +64,59 @@ class GeminiTool extends base_1.BaseCLITool {
             return;
         }
         try {
-            // Create tmux session for running Gemini commands
+            // Create tmux session with large history buffer
             await (0, tmux_1.createSession)({
                 sessionName,
                 workingDirectory: worktreePath,
                 historyLimit: 50000,
             });
+            // Wait a moment for the session to be created
+            await new Promise((resolve) => setTimeout(resolve, 100));
+            // Start Gemini CLI in interactive mode (no flags = interactive REPL)
+            await (0, tmux_1.sendKeys)(sessionName, 'gemini', true);
+            // Wait for Gemini to initialize
+            await new Promise((resolve) => setTimeout(resolve, GEMINI_INIT_WAIT_MS));
+            // Auto-handle "Do you trust this folder?" dialog on first run
+            await this.handleTrustDialog(sessionName);
             console.log(`✓ Started Gemini session: ${sessionName}`);
         }
         catch (error) {
-            const errorMessage = error instanceof Error ? error.message : String(error);
+            const errorMessage = getErrorMessage(error);
             throw new Error(`Failed to start Gemini session: ${errorMessage}`);
         }
     }
     /**
-     * Send a message to Gemini session (non-interactive mode)
-     * Executes a one-shot Gemini command and captures the output
+     * Handle Gemini "Do you trust this folder?" dialog
+     * On first run in a new directory, Gemini shows a trust confirmation.
+     * Auto-selects "1. Trust folder" to allow execution.
+     */
+    async handleTrustDialog(sessionName) {
+        for (let i = 0; i < TRUST_DIALOG_MAX_ATTEMPTS; i++) {
+            try {
+                const output = await (0, tmux_1.capturePane)(sessionName, 50);
+                if (output.includes('Do you trust this folder?')) {
+                    // Option 1 "Trust folder" is pre-selected (● marker).
+                    // Send Enter to confirm the selection.
+                    await (0, tmux_1.sendSpecialKey)(sessionName, 'Enter');
+                    await new Promise((resolve) => setTimeout(resolve, 2000));
+                    console.log('✓ Auto-trusted folder for Gemini session');
+                    return;
+                }
+                // Check if Gemini interactive prompt is already showing (no dialog needed)
+                if (output.match(/^[>❯]\s*$/m)) {
+                    console.log('✓ Gemini prompt detected - no trust dialog needed');
+                    return;
+                }
+            }
+            catch {
+                // Capture may fail during initialization - continue polling
+            }
+            await new Promise((resolve) => setTimeout(resolve, TRUST_DIALOG_POLL_INTERVAL_MS));
+        }
+        console.log('⚠ Trust dialog detection timed out - proceeding anyway');
+    }
+    /**
+     * Send a message to Gemini interactive session
      *
      * @param worktreeId - Worktree ID
      * @param message - Message to send
@@ -78,15 +129,22 @@ class GeminiTool extends base_1.BaseCLITool {
             throw new Error(`Gemini session ${sessionName} does not exist. Start the session first.`);
         }
         try {
-            // Escape the message for shell execution
-            const escapedMessage = message.replace(/'/g, "'\\''");
-            // Execute Gemini in non-interactive mode using stdin piping
-            // This approach bypasses the TUI and executes in one-shot mode
-            await (0, tmux_1.sendKeys)(sessionName, `echo '${escapedMessage}' | gemini`, true);
+            // Send message to Gemini (without Enter)
+            await (0, tmux_1.sendKeys)(sessionName, message, false);
+            // Wait a moment for the text to be typed
+            await new Promise((resolve) => setTimeout(resolve, 100));
+            // Send Enter key separately
+            await (0, tmux_1.sendSpecialKey)(sessionName, 'C-m');
+            // Wait a moment for the message to be processed
+            await new Promise((resolve) => setTimeout(resolve, 200));
+            // Detect [Pasted text] and resend Enter for multi-line messages
+            if (message.includes('\n')) {
+                await (0, pasted_text_helper_1.detectAndResendIfPastedText)(sessionName);
+            }
             console.log(`✓ Sent message to Gemini session: ${sessionName}`);
         }
         catch (error) {
-            const errorMessage = error instanceof Error ? error.message : String(error);
+            const errorMessage = getErrorMessage(error);
             throw new Error(`Failed to send message to Gemini: ${errorMessage}`);
         }
     }
@@ -98,12 +156,13 @@ class GeminiTool extends base_1.BaseCLITool {
     async killSession(worktreeId) {
         const sessionName = this.getSessionName(worktreeId);
         try {
-            // Send Ctrl+D to exit Gemini gracefully
             const exists = await (0, tmux_1.hasSession)(sessionName);
             if (exists) {
-                // Send Ctrl+D (ASCII 4)
-                await execAsync(`tmux send-keys -t "${sessionName}" C-d`);
-                // Wait a moment for Gemini to exit
+                // Send Ctrl+C to interrupt any running operation
+                await (0, tmux_1.sendSpecialKey)(sessionName, 'C-c');
+                await new Promise((resolve) => setTimeout(resolve, 300));
+                // Send /quit to exit Gemini gracefully
+                await (0, tmux_1.sendKeys)(sessionName, '/quit', true);
                 await new Promise((resolve) => setTimeout(resolve, 500));
             }
             // Kill the tmux session
@@ -113,7 +172,7 @@ class GeminiTool extends base_1.BaseCLITool {
             }
         }
         catch (error) {
-            const errorMessage = error instanceof Error ? error.message : String(error);
+            const errorMessage = getErrorMessage(error);
             console.error(`Error stopping Gemini session: ${errorMessage}`);
             throw error;
         }

package/dist/server/src/lib/cli-tools/manager.js

@@ -1,17 +1,18 @@
 "use strict";
 /**
  * CLI Tool Manager
- * Singleton class to manage multiple CLI tools (Claude, Codex, Gemini)
+ * Singleton class to manage multiple CLI tools (Claude, Codex, Gemini, Vibe Local)
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CLIToolManager = void 0;
 const claude_1 = require("./claude");
 const codex_1 = require("./codex");
 const gemini_1 = require("./gemini");
+const vibe_local_1 = require("./vibe-local");
 const response_poller_1 = require("../response-poller");
 /**
  * CLI Tool Manager (Singleton)
- * Provides centralized access to all CLI tools
+ * Provides centralized access to all CLI tools (Issue #368: includes Vibe Local)
  */
 class CLIToolManager {
     static instance;
@@ -25,6 +26,7 @@ class CLIToolManager {
         this.tools.set('claude', new claude_1.ClaudeTool());
         this.tools.set('codex', new codex_1.CodexTool());
         this.tools.set('gemini', new gemini_1.GeminiTool());
+        this.tools.set('vibe-local', new vibe_local_1.VibeLocalTool());
     }
     /**
      * Get singleton instance

package/dist/server/src/lib/cli-tools/types.js

@@ -3,10 +3,72 @@
  * Type definitions and interfaces for CLI tools
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CLI_TOOL_IDS = void 0;
+exports.OLLAMA_MODEL_PATTERN = exports.CLI_TOOL_DISPLAY_NAMES = exports.CLI_TOOL_IDS = void 0;
+exports.isCliToolType = isCliToolType;
+exports.getCliToolDisplayName = getCliToolDisplayName;
+exports.getCliToolDisplayNameSafe = getCliToolDisplayNameSafe;
 /**
  * CLI Tool IDs constant array
  * T2.1: Single source of truth for CLI tool IDs
  * CLIToolType is derived from this constant (DRY principle)
  */
-exports.CLI_TOOL_IDS = ['claude', 'codex', 'gemini'];
+exports.CLI_TOOL_IDS = ['claude', 'codex', 'gemini', 'vibe-local'];
+/**
+ * CLI tool display names for UI rendering
+ * Issue #368: Centralized display name mapping
+ *
+ * Usage: UI display (tab headers, message lists, settings).
+ * For internal logs/debug, use tool.name (BaseCLITool.name) instead.
+ */
+exports.CLI_TOOL_DISPLAY_NAMES = {
+    claude: 'Claude',
+    codex: 'Codex',
+    gemini: 'Gemini',
+    'vibe-local': 'Vibe Local',
+};
+/**
+ * Check if a string is a valid CLIToolType
+ * Issue #368: Type guard for safe casting of untrusted CLI tool ID strings
+ *
+ * @param value - String to check
+ * @returns True if value is a valid CLIToolType
+ */
+function isCliToolType(value) {
+    return exports.CLI_TOOL_IDS.includes(value);
+}
+/**
+ * Get the display name for a CLI tool ID
+ * Issue #368: Centralized display name function for DRY compliance
+ *
+ * @param id - CLI tool type identifier
+ * @returns Human-readable display name
+ */
+function getCliToolDisplayName(id) {
+    return exports.CLI_TOOL_DISPLAY_NAMES[id] ?? id;
+}
+/**
+ * Get the display name for a CLI tool ID string, with fallback for unknown IDs
+ * Issue #368: Safe wrapper for UI components receiving untyped cliToolId strings
+ *
+ * Unlike getCliToolDisplayName(), this accepts optional/untyped strings and
+ * returns a fallback value ('Assistant') for null, undefined, or unknown IDs.
+ *
+ * @param cliToolId - Optional CLI tool ID string (may be untyped)
+ * @param fallback - Fallback display name for missing/unknown IDs (default: 'Assistant')
+ * @returns Human-readable display name or fallback
+ */
+function getCliToolDisplayNameSafe(cliToolId, fallback = 'Assistant') {
+    if (!cliToolId)
+        return fallback;
+    if (isCliToolType(cliToolId))
+        return getCliToolDisplayName(cliToolId);
+    return fallback;
+}
+/**
+ * Ollama model name validation pattern.
+ * Allows: alphanumeric start, followed by alphanumeric, dots, underscores, colons, slashes, hyphens.
+ * Max 100 characters. Used for defense-in-depth validation at point of use.
+ *
+ * [SEC-001] Shared between API route validation and CLI command construction
+ */
+exports.OLLAMA_MODEL_PATTERN = /^[a-zA-Z0-9][a-zA-Z0-9._:/-]*$/;