copilot-liku-cli 0.0.8 → 0.0.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "copilot-liku-cli",
-  "version": "0.0.8",
+  "version": "0.0.9",
   "description": "GitHub Copilot CLI with headless agent + ultra-thin overlay architecture",
   "main": "src/main/index.js",
   "bin": {

package/src/main/agents/index.js

@@ -18,6 +18,7 @@ const { VerifierAgent } = require('./verifier');
 const { ProducerAgent } = require('./producer');
 const { ResearcherAgent } = require('./researcher');
 const { AgentStateManager } = require('./state-manager');
+const { TraceWriter } = require('./trace-writer');
 
 module.exports = {
   AgentOrchestrator,
@@ -27,6 +28,7 @@ module.exports = {
   ProducerAgent,
   ResearcherAgent,
   AgentStateManager,
+  TraceWriter,
   
   // Factory function for creating configured orchestrator
   createAgentSystem: (aiService, options = {}) => {
@@ -47,8 +49,11 @@ module.exports = {
       modelMetadata
     });
     
+    // Attach persistent flight recorder
+    const traceWriter = new TraceWriter(orchestrator);
+    
     // Return object with both orchestrator and stateManager
-    return { orchestrator, stateManager };
+    return { orchestrator, stateManager, traceWriter };
   },
   
   // Recovery function for checkpoint restoration

package/src/main/agents/orchestrator.js

@@ -181,6 +181,33 @@ class AgentOrchestrator extends EventEmitter {
 
   // ===== Handoff Management =====
 
+  /**
+   * Execute multiple agents in parallel (e.g., Builder + Researcher)
+   * Returns array of results in the same order as the roles array.
+   */
+  async executeParallel(roles, context, message) {
+    const agents = roles.map(role => {
+      const agent = this.agents.get(role);
+      if (!agent) throw new Error(`Agent not found for parallel execution: ${role}`);
+      return { role, agent };
+    });
+
+    this.emit('parallel:start', { roles, message });
+
+    const task = { description: message, context };
+    const results = await Promise.all(
+      agents.map(({ role, agent }) => {
+        this.stateManager.updateAgentActivity(agent.id);
+        return agent.process(task, context).catch(err => ({
+          success: false, error: err.message, role
+        }));
+      })
+    );
+
+    this.emit('parallel:complete', { roles, results: results.map((r, i) => ({ role: roles[i], success: r.success })) });
+    return results;
+  }
+
   async executeHandoff(fromAgent, targetRole, context, message) {
     const targetAgent = this.agents.get(targetRole);
     

package/src/main/agents/trace-writer.js

@@ -0,0 +1,83 @@
+/**
+ * Agent Trace Writer — persistent JSONL flight recorder
+ * 
+ * Subscribes to orchestrator events and writes a structured trace log
+ * to ~/.liku-cli/traces/<sessionId>.jsonl for post-hoc debugging.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const TRACE_DIR = path.join(os.homedir(), '.liku-cli', 'traces');
+
+class TraceWriter {
+  constructor(orchestrator) {
+    this.orchestrator = orchestrator;
+    this.stream = null;
+    this.sessionId = null;
+
+    this._bindEvents();
+  }
+
+  _ensureDir() {
+    if (!fs.existsSync(TRACE_DIR)) {
+      fs.mkdirSync(TRACE_DIR, { recursive: true, mode: 0o700 });
+    }
+  }
+
+  _write(event, data) {
+    if (!this.stream) return;
+    const entry = {
+      ts: new Date().toISOString(),
+      session: this.sessionId,
+      event,
+      ...data
+    };
+    this.stream.write(JSON.stringify(entry) + '\n');
+  }
+
+  _bindEvents() {
+    const o = this.orchestrator;
+
+    o.on('session:start', (session) => {
+      this._ensureDir();
+      this.sessionId = session.id;
+      const filePath = path.join(TRACE_DIR, `${this.sessionId}.jsonl`);
+      this.stream = fs.createWriteStream(filePath, { flags: 'a', mode: 0o600 });
+      this._write('session:start', { metadata: session.metadata });
+    });
+
+    o.on('session:end', (session) => {
+      this._write('session:end', { summary: session.summary });
+      this._close();
+    });
+
+    o.on('task:start', (d) => this._write('task:start', { task: d.task, agent: d.agent }));
+    o.on('task:complete', (d) => this._write('task:complete', { success: d.result?.success }));
+    o.on('task:error', (d) => this._write('task:error', { error: d.error?.message || String(d.error) }));
+    o.on('handoff:execute', (h) => this._write('handoff', { from: h.from, to: h.to, message: h.message }));
+    o.on('checkpoint', (cp) => this._write('checkpoint', { label: cp.label }));
+
+    // Agent-level events
+    o.on('agent:log', (entry) => this._write('agent:log', entry));
+    o.on('agent:proof', (proof) => this._write('agent:proof', proof));
+    o.on('agent:handoff', (h) => this._write('agent:handoff', h));
+  }
+
+  _close() {
+    if (this.stream) {
+      this.stream.end();
+      this.stream = null;
+    }
+    this.sessionId = null;
+  }
+
+  /** Destroy and detach all listeners */
+  destroy() {
+    this._close();
+    this.orchestrator.removeAllListeners();
+  }
+}
+
+module.exports = { TraceWriter };

package/src/main/ai-service.js

@@ -189,6 +189,214 @@ const AI_PROVIDERS = {
 // GitHub Copilot OAuth Configuration
 const COPILOT_CLIENT_ID = 'Iv1.b507a08c87ecfe98';
 
+// ===== TOOL DEFINITIONS FOR NATIVE FUNCTION CALLING =====
+// These map directly to the action types the system already executes.
+const LIKU_TOOLS = [
+  {
+    type: 'function',
+    function: {
+      name: 'click_element',
+      description: 'Click a UI element by its visible text or name (uses Windows UI Automation). Preferred over coordinate clicks.',
+      parameters: {
+        type: 'object',
+        properties: {
+          text: { type: 'string', description: 'The visible text/name of the element to click' },
+          reason: { type: 'string', description: 'Why this click is needed' }
+        },
+        required: ['text']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'click',
+      description: 'Left click at pixel coordinates on screen. Use as fallback when click_element cannot find the target.',
+      parameters: {
+        type: 'object',
+        properties: {
+          x: { type: 'number', description: 'X pixel coordinate' },
+          y: { type: 'number', description: 'Y pixel coordinate' },
+          reason: { type: 'string', description: 'Why clicking here' }
+        },
+        required: ['x', 'y']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'double_click',
+      description: 'Double click at pixel coordinates.',
+      parameters: {
+        type: 'object',
+        properties: {
+          x: { type: 'number', description: 'X pixel coordinate' },
+          y: { type: 'number', description: 'Y pixel coordinate' }
+        },
+        required: ['x', 'y']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'right_click',
+      description: 'Right click at pixel coordinates to open context menu.',
+      parameters: {
+        type: 'object',
+        properties: {
+          x: { type: 'number', description: 'X pixel coordinate' },
+          y: { type: 'number', description: 'Y pixel coordinate' }
+        },
+        required: ['x', 'y']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'type_text',
+      description: 'Type text into the currently focused input field.',
+      parameters: {
+        type: 'object',
+        properties: {
+          text: { type: 'string', description: 'The text to type' }
+        },
+        required: ['text']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'press_key',
+      description: 'Press a key or keyboard shortcut (e.g., "enter", "ctrl+c", "win+r", "alt+tab").',
+      parameters: {
+        type: 'object',
+        properties: {
+          key: { type: 'string', description: 'Key combo string (e.g., "ctrl+s", "enter", "win+d")' },
+          reason: { type: 'string', description: 'Why pressing this key' }
+        },
+        required: ['key']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'scroll',
+      description: 'Scroll up or down.',
+      parameters: {
+        type: 'object',
+        properties: {
+          direction: { type: 'string', enum: ['up', 'down'], description: 'Scroll direction' },
+          amount: { type: 'number', description: 'Scroll amount (default 3)' }
+        },
+        required: ['direction']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'drag',
+      description: 'Drag from one point to another.',
+      parameters: {
+        type: 'object',
+        properties: {
+          fromX: { type: 'number' }, fromY: { type: 'number' },
+          toX: { type: 'number' }, toY: { type: 'number' }
+        },
+        required: ['fromX', 'fromY', 'toX', 'toY']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'wait',
+      description: 'Wait for a specified number of milliseconds before the next action.',
+      parameters: {
+        type: 'object',
+        properties: {
+          ms: { type: 'number', description: 'Milliseconds to wait' }
+        },
+        required: ['ms']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'screenshot',
+      description: 'Take a screenshot to see the current screen state. Use for verification or when elements are not in the UI tree.',
+      parameters: { type: 'object', properties: {} }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_command',
+      description: 'Execute a shell command and return output. Preferred for any file/system operations.',
+      parameters: {
+        type: 'object',
+        properties: {
+          command: { type: 'string', description: 'Shell command to execute' },
+          cwd: { type: 'string', description: 'Working directory (optional)' },
+          shell: { type: 'string', enum: ['powershell', 'cmd', 'bash'], description: 'Shell to use (default: powershell on Windows)' }
+        },
+        required: ['command']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'focus_window',
+      description: 'Bring a window to the foreground by its handle or title.',
+      parameters: {
+        type: 'object',
+        properties: {
+          title: { type: 'string', description: 'Partial window title to match' },
+          windowHandle: { type: 'number', description: 'Window handle (hwnd)' }
+        }
+      }
+    }
+  }
+];
+
+/**
+ * Convert tool_calls from API response into the action block format
+ * that the existing executeActions pipeline expects.
+ */
+function toolCallsToActions(toolCalls) {
+  return toolCalls.map(tc => {
+    let args;
+    try { args = JSON.parse(tc.function.arguments); } catch { args = {}; }
+    const name = tc.function.name;
+
+    // Map tool names back to existing action types
+    switch (name) {
+      case 'click_element':  return { type: 'click_element', ...args };
+      case 'click':          return { type: 'click', ...args };
+      case 'double_click':   return { type: 'double_click', ...args };
+      case 'right_click':    return { type: 'right_click', ...args };
+      case 'type_text':      return { type: 'type', ...args };
+      case 'press_key':      return { type: 'key', key: args.key, reason: args.reason };
+      case 'scroll':         return { type: 'scroll', ...args };
+      case 'drag':           return { type: 'drag', ...args };
+      case 'wait':           return { type: 'wait', ...args };
+      case 'screenshot':     return { type: 'screenshot' };
+      case 'run_command':    return { type: 'run_command', ...args };
+      case 'focus_window':
+        if (args.title) return { type: 'bring_window_to_front', title: args.title };
+        return { type: 'focus_window', windowHandle: args.windowHandle };
+      default:               return { type: name, ...args };
+    }
+  });
+}
+
 // Current configuration
 let currentProvider = 'copilot'; // Default to GitHub Copilot
 let apiKeys = {
@@ -218,6 +426,41 @@ let oauthCallback = null;
 // Conversation history for context
 let conversationHistory = [];
 const MAX_HISTORY = 20;
+const HISTORY_FILE = path.join(LIKU_HOME, 'conversation-history.json');
+
+/**
+ * Load conversation history from disk (survives process restarts)
+ */
+function loadConversationHistory() {
+  try {
+    if (fs.existsSync(HISTORY_FILE)) {
+      const data = JSON.parse(fs.readFileSync(HISTORY_FILE, 'utf-8'));
+      if (Array.isArray(data)) {
+        conversationHistory = data.slice(-MAX_HISTORY * 2);
+        console.log(`[AI] Restored ${conversationHistory.length} history entries from disk`);
+      }
+    }
+  } catch (e) {
+    console.warn('[AI] Could not load conversation history:', e.message);
+  }
+}
+
+/**
+ * Persist conversation history to disk
+ */
+function saveConversationHistory() {
+  try {
+    if (!fs.existsSync(LIKU_HOME)) {
+      fs.mkdirSync(LIKU_HOME, { recursive: true, mode: 0o700 });
+    }
+    fs.writeFileSync(HISTORY_FILE, JSON.stringify(conversationHistory.slice(-MAX_HISTORY * 2)), { mode: 0o600 });
+  } catch (e) {
+    console.warn('[AI] Could not save conversation history:', e.message);
+  }
+}
+
+// Restore history on module load
+loadConversationHistory();
 
 // Visual context for AI awareness
 let visualContextBuffer = [];
@@ -366,11 +609,15 @@ When the user asks you to DO something, respond with a JSON action block:
 - Be specific about UI elements, text, buttons
 
 **For ACTION requests** (click here, type this, open that):
-- ALWAYS respond with the JSON action block
+- **YOU MUST respond with the JSON action block — NEVER respond with only a plan or description**
+- **NEVER say "Let me proceed" or "I will click" without including the actual \`\`\`json action block**
+- **If the user says "proceed" or "do it", output the JSON actions immediately — do not ask again**
 - Use PLATFORM-SPECIFIC shortcuts (see above!)
 - Prefer \`click_element\` over coordinate clicks when targeting named UI elements
 - Add \`wait\` actions between steps that need UI to update
 - Add verification step to confirm success
+- **If an element is NOT in the Live UI State**: Use \`{"type": "screenshot"}\` first, then use coordinates from the screenshot to click. Do NOT give up or say "I can't find the element."
+- **If you need to interact with web content inside an app** (like VS Code panels, browser tabs): Use keyboard shortcuts or coordinate-based clicks since web UI may not appear in UIA tree
 
 **Common Task Patterns**:
 ${PLATFORM === 'win32' ? `
@@ -391,7 +638,14 @@ ${PLATFORM === 'win32' ? `
 - **Save file**: \`ctrl+s\`
 - **Copy/Paste**: \`ctrl+c\` / \`ctrl+v\``}
 
-Be precise, use platform-correct shortcuts, and execute actions confidently!`;
+Be precise, use platform-correct shortcuts, and execute actions confidently!
+
+## CRITICAL RULES
+1. **NEVER describe actions without executing them.** If the user asks you to click/type/open something, output the JSON action block.
+2. **NEVER say "Let me proceed" or "I'll do this now" without the JSON block.** Words without actions are useless.
+3. **If user says "proceed" or "go ahead", output the JSON actions IMMEDIATELY.**
+4. **When you can't find an element in Live UI State, take a screenshot and use pixel coordinates.** Don't give up.
+5. **One response = one action block.** Don't split actions across multiple messages unless the user asks you to wait.`;
 
 /**
  * Set the AI provider
@@ -668,12 +922,12 @@ function saveCopilotToken(token) {
   try {
     const dir = path.dirname(TOKEN_FILE);
     if (!fs.existsSync(dir)) {
-      fs.mkdirSync(dir, { recursive: true });
+      fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
     }
     fs.writeFileSync(TOKEN_FILE, JSON.stringify({ 
       access_token: token, 
       saved_at: new Date().toISOString() 
-    }));
+    }), { mode: 0o600 });
     console.log('[COPILOT] Token saved');
   } catch (e) {
     console.error('[COPILOT] Failed to save token:', e.message);
@@ -920,7 +1174,9 @@ async function callCopilot(messages, modelOverride = null) {
       messages: messages,
       max_tokens: 4096,
       temperature: 0.7,
-      stream: false
+      stream: false,
+      tools: LIKU_TOOLS,
+      tool_choice: 'auto'
     });
 
     // Try multiple endpoint formats
@@ -979,7 +1235,22 @@ async function callCopilot(messages, modelOverride = null) {
             try {
               const result = JSON.parse(body);
               if (result.choices && result.choices[0]) {
-                resolveReq(result.choices[0].message.content);
+                const choice = result.choices[0];
+                const msg = choice.message;
+                
+                // Handle native tool calls — convert to action JSON block
+                if (msg.tool_calls && msg.tool_calls.length > 0) {
+                  const actions = toolCallsToActions(msg.tool_calls);
+                  const actionBlock = JSON.stringify({
+                    thought: msg.content || 'Executing requested actions',
+                    actions,
+                    verification: 'Verify the actions completed successfully'
+                  }, null, 2);
+                  console.log(`[Copilot] Received ${msg.tool_calls.length} tool_calls, converted to action block`);
+                  resolveReq('```json\n' + actionBlock + '\n```');
+                } else {
+                  resolveReq(msg.content);
+                }
               } else if (result.error) {
                 rejectReq(new Error(result.error.message || 'Copilot API error'));
               } else {
@@ -1237,6 +1508,9 @@ function detectTruncation(response) {
 /**
  * Send a message and get AI response with auto-continuation
  */
+// Provider fallback priority order
+const PROVIDER_FALLBACK_ORDER = ['copilot', 'openai', 'anthropic', 'ollama'];
+
 async function sendMessage(userMessage, options = {}) {
   const { includeVisualContext = false, coordinates = null, maxContinuations = 2, model = null } = options;
 
@@ -1253,43 +1527,55 @@ async function sendMessage(userMessage, options = {}) {
     let response;
     let effectiveModel = currentCopilotModel;
     
-    switch (currentProvider) {
-      case 'copilot':
-        // GitHub Copilot - uses OAuth token or env var
-        if (!apiKeys.copilot) {
-          // Try loading saved token
-          if (!loadCopilotToken()) {
-            throw new Error('Not authenticated with GitHub Copilot.\n\nTo authenticate:\n1. Type /login and authorize in browser\n2. Or set GH_TOKEN or GITHUB_TOKEN environment variable');
-          }
-        }
-        effectiveModel = resolveCopilotModelKey(model);
-        // Enforce vision-capable model when visual context is included
-        if (includeVisualContext && COPILOT_MODELS[effectiveModel] && !COPILOT_MODELS[effectiveModel].vision) {
-          const visionFallback = AI_PROVIDERS.copilot.visionModel || 'gpt-4o';
-          console.log(`[AI] Model ${effectiveModel} lacks vision, upgrading to ${visionFallback} for visual context`);
-          effectiveModel = visionFallback;
-        }
-        response = await callCopilot(messages, effectiveModel);
-        break;
-        
-      case 'openai':
-        if (!apiKeys.openai) {
-          throw new Error('OpenAI API key not set. Use /setkey openai <key> or set OPENAI_API_KEY environment variable.');
+    // Build fallback chain: current provider first, then remaining in priority order
+    const fallbackChain = [currentProvider, ...PROVIDER_FALLBACK_ORDER.filter(p => p !== currentProvider)];
+    let lastError = null;
+    let usedProvider = currentProvider;
+
+    for (const provider of fallbackChain) {
+      try {
+        switch (provider) {
+          case 'copilot':
+            if (!apiKeys.copilot) {
+              if (!loadCopilotToken()) {
+                throw new Error('Not authenticated with GitHub Copilot.');
+              }
+            }
+            effectiveModel = resolveCopilotModelKey(model);
+            if (includeVisualContext && COPILOT_MODELS[effectiveModel] && !COPILOT_MODELS[effectiveModel].vision) {
+              const visionFallback = AI_PROVIDERS.copilot.visionModel || 'gpt-4o';
+              console.log(`[AI] Model ${effectiveModel} lacks vision, upgrading to ${visionFallback} for visual context`);
+              effectiveModel = visionFallback;
+            }
+            response = await callCopilot(messages, effectiveModel);
+            break;
+          case 'openai':
+            if (!apiKeys.openai) throw new Error('OpenAI API key not set.');
+            response = await callOpenAI(messages);
+            break;
+          case 'anthropic':
+            if (!apiKeys.anthropic) throw new Error('Anthropic API key not set.');
+            response = await callAnthropic(messages);
+            break;
+          case 'ollama':
+          default:
+            response = await callOllama(messages);
+            break;
         }
-        response = await callOpenAI(messages);
-        break;
-        
-      case 'anthropic':
-        if (!apiKeys.anthropic) {
-          throw new Error('Anthropic API key not set. Use /setkey anthropic <key> or set ANTHROPIC_API_KEY environment variable.');
+        usedProvider = provider;
+        if (usedProvider !== currentProvider) {
+          console.log(`[AI] Fallback: ${currentProvider} failed, succeeded with ${usedProvider}`);
         }
-        response = await callAnthropic(messages);
-        break;
-        
-      case 'ollama':
-      default:
-        response = await callOllama(messages);
-        break;
+        break; // success — exit fallback loop
+      } catch (providerErr) {
+        lastError = providerErr;
+        console.warn(`[AI] Provider ${provider} failed: ${providerErr.message}`);
+        continue; // try next provider
+      }
+    }
+
+    if (!response) {
+      throw lastError || new Error('All AI providers failed.');
     }
 
     // Auto-continuation for truncated responses
@@ -1345,10 +1631,13 @@ async function sendMessage(userMessage, options = {}) {
       conversationHistory.shift();
     }
 
+    // Persist to disk for session continuity
+    saveConversationHistory();
+
     return {
       success: true,
       message: response,
-      provider: currentProvider,
+      provider: usedProvider,
       model: effectiveModel,
       modelVersion: COPILOT_MODELS[effectiveModel]?.id || null,
       hasVisualContext: includeVisualContext && visualContextBuffer.length > 0
@@ -1393,6 +1682,7 @@ function handleCommand(command) {
     case '/clear':
       conversationHistory = [];
       clearVisualContext();
+      saveConversationHistory();
       return { type: 'system', message: 'Conversation and visual context cleared.' };
 
     case '/vision':
@@ -2038,5 +2328,8 @@ module.exports = {
   setUIWatcher,
   getUIWatcher,
   setSemanticDOMSnapshot,
-  clearSemanticDOMSnapshot
+  clearSemanticDOMSnapshot,
+  // Tool-calling
+  LIKU_TOOLS,
+  toolCallsToActions
 };

package/src/main/index.js

@@ -344,6 +344,7 @@ function createOverlayWindow() {
     webPreferences: {
       nodeIntegration: false,
       contextIsolation: true,
+      sandbox: true,
       preload: path.join(__dirname, '../renderer/overlay/preload.js')
     }
   });
@@ -460,6 +461,7 @@ function createChatWindow() {
     webPreferences: {
       nodeIntegration: false,
       contextIsolation: true,
+      sandbox: true,
       preload: path.join(__dirname, '../renderer/chat/preload.js')
     }
   });

package/src/main/system-automation.js

@@ -1974,10 +1974,10 @@ function parseAIActions(aiResponse) {
   try {
     return JSON.parse(aiResponse);
   } catch (e) {
-    // Not JSON - return null
+    // Not JSON - continue
   }
   
-  // Try to find inline JSON object
+  // Try to find inline JSON object with actions array
   const inlineMatch = aiResponse.match(/\{[\s\S]*"actions"[\s\S]*\}/);
   if (inlineMatch) {
     try {
@@ -1987,9 +1987,92 @@ function parseAIActions(aiResponse) {
     }
   }
   
+  // Fallback: extract actions from natural language descriptions
+  // This handles cases where AI says "I'll click X at (500, 300)" without JSON
+  const nlActions = parseNaturalLanguageActions(aiResponse);
+  if (nlActions && nlActions.actions.length > 0) {
+    console.log('[AUTOMATION] Extracted', nlActions.actions.length, 'action(s) from natural language');
+    return nlActions;
+  }
+  
   return null;
 }
 
+/**
+ * Parse actions from natural language AI responses as a fallback.
+ * Handles patterns like "click at (500, 300)" or "type 'hello'" in prose.
+ */
+function parseNaturalLanguageActions(text) {
+  const actions = [];
+  const lines = text.split('\n');
+  
+  for (const line of lines) {
+    const lower = line.toLowerCase();
+    
+    // Match "click at (x, y)" or "click (x, y)" or "click at coordinates (x, y)"
+    const clickMatch = lower.match(/\b(?:click|tap|press)\b.*?\(\s*(\d+)\s*,\s*(\d+)\s*\)/);
+    if (clickMatch) {
+      actions.push({ type: 'click', x: parseInt(clickMatch[1]), y: parseInt(clickMatch[2]), reason: line.trim() });
+      continue;
+    }
+    
+    // Match "double-click at (x, y)"
+    const dblClickMatch = lower.match(/\bdouble[- ]?click\b.*?\(\s*(\d+)\s*,\s*(\d+)\s*\)/);
+    if (dblClickMatch) {
+      actions.push({ type: 'double_click', x: parseInt(dblClickMatch[1]), y: parseInt(dblClickMatch[2]), reason: line.trim() });
+      continue;
+    }
+    
+    // Match "right-click at (x, y)"
+    const rightClickMatch = lower.match(/\bright[- ]?click\b.*?\(\s*(\d+)\s*,\s*(\d+)\s*\)/);
+    if (rightClickMatch) {
+      actions.push({ type: 'right_click', x: parseInt(rightClickMatch[1]), y: parseInt(rightClickMatch[2]), reason: line.trim() });
+      continue;
+    }
+    
+    // Match 'type "text"' or "type 'text'" 
+    const typeMatch = line.match(/\btype\b.*?["']([^"']+)["']/i);
+    if (typeMatch && !lower.includes('action type')) {
+      actions.push({ type: 'type', text: typeMatch[1], reason: line.trim() });
+      continue;
+    }
+    
+    // Match "press Enter" or "press Ctrl+C"
+    const keyMatch = lower.match(/\bpress\b\s+([\w+]+(?:\+[\w+]+)*)/);
+    if (keyMatch && !clickMatch) {
+      const key = keyMatch[1].toLowerCase();
+      // Only match plausible key combos
+      if (/^(enter|escape|tab|space|backspace|delete|home|end|up|down|left|right|f\d+|ctrl|alt|shift|win|cmd|super)/.test(key)) {
+        actions.push({ type: 'key', key: key, reason: line.trim() });
+        continue;
+      }
+    }
+    
+    // Match "scroll down" or "scroll up 5 lines"
+    const scrollMatch = lower.match(/\bscroll\s+(up|down)(?:\s+(\d+))?\b/);
+    if (scrollMatch) {
+      actions.push({ type: 'scroll', direction: scrollMatch[1], amount: parseInt(scrollMatch[2]) || 3, reason: line.trim() });
+      continue;
+    }
+
+    // Match "click_element" / "click on the X button" pattern
+    const clickElementMatch = line.match(/\bclick\s+(?:on\s+)?(?:the\s+)?["']([^"']+)["']\s*button/i) ||
+                               line.match(/\bclick\s+(?:on\s+)?(?:the\s+)?["']([^"']+)["']/i);
+    if (clickElementMatch && !clickMatch) {
+      actions.push({ type: 'click_element', text: clickElementMatch[1], reason: line.trim() });
+      continue;
+    }
+  }
+  
+  if (actions.length === 0) return null;
+  
+  return {
+    thought: 'Actions extracted from AI natural language response',
+    actions,
+    verification: 'Check that the intended actions completed successfully'
+  };
+}
+
 /**
  * Convert grid coordinate (like "C3") to screen pixels
  * @param {string} coord - Grid coordinate like "C3", "AB12"

package/src/main/ui-watcher.js

@@ -26,6 +26,15 @@ const MODE = {
   FALLBACK: 'FALLBACK'       // polling after event failure, auto-retry after 30s
 };
 
+// Sensitive process denylist — when the active window belongs to one of these,
+// omit element names/text from AI context to prevent prompt leakage.
+const REDACTED_PROCESSES = new Set([
+  'keepassxc', 'keepass', '1password', 'bitwarden', 'lastpass', 'dashlane',
+  'enpass', 'roboform', 'nordpass',                    // password managers
+  'mstsc', 'vmconnect', 'putty', 'winscp',             // remote/admin tools
+  'powershell_ise',                                     // admin consoles
+]);
+
 class UIWatcher extends EventEmitter {
   constructor(options = {}) {
     super();
@@ -438,14 +447,26 @@ $results | ConvertTo-Json -Depth 4 -Compress
     const { elements, activeWindow, lastUpdate } = this.cache;
     const age = Date.now() - lastUpdate;
     
+    // Redaction: if the focused window belongs to a sensitive process,
+    // suppress element names to avoid leaking passwords/secrets to the LLM.
+    const processLower = (activeWindow?.processName || '').toLowerCase();
+    const redacted = REDACTED_PROCESSES.has(processLower);
+    
     // Build context string with window hierarchy
     let context = `\n## Live UI State (${age}ms ago)\n`;
     
     if (activeWindow) {
-      context += `**Focused Window**: ${activeWindow.title || 'Unknown'} (${activeWindow.processName})\n`;
+      const title = redacted ? '[REDACTED — sensitive application]' : (activeWindow.title || 'Unknown');
+      context += `**Focused Window**: ${title} (${activeWindow.processName})\n`;
       context += `**Cursor**: (${activeWindow.bounds.x}, ${activeWindow.bounds.y}) ${activeWindow.bounds.width}x${activeWindow.bounds.height}\n\n`;
     }
     
+    if (redacted) {
+      context += `**⚠ Privacy mode active** — element names hidden because the focused application handles sensitive data.\n`;
+      context += `You can still take screenshots or wait for the user to switch windows.\n`;
+      return context;
+    }
+    
     context += `**Visible Context** (${elements.length} elements detected):\n`;
     
     let listed = 0;

package/src/renderer/chat/chat.js

@@ -88,6 +88,7 @@ const contextCount = document.getElementById('context-count');
 const providerSelect = document.getElementById('provider-select');
 const modelSelect = document.getElementById('model-select');
 const authStatus = document.getElementById('auth-status');
+const loginBtn = document.getElementById('login-btn');
 const tokenCount = document.getElementById('token-count');
 
 function applyElectronAppRegions() {
@@ -127,6 +128,11 @@ function updateAuthStatus(status, provider) {
   
   authStatus.className = 'status-badge';
   
+  // Show login button when disconnected, hide when connected
+  if (loginBtn) {
+    loginBtn.classList.toggle('hidden', status === 'connected');
+  }
+  
   switch (status) {
     case 'connected':
       authStatus.classList.add('connected');
@@ -226,7 +232,7 @@ const AGENT_TRIGGERS = {
   research: /\b(research\s+agent|spawn.*research|investigate\s+this|gather\s+info(?:rmation)?)\b/i,
   verify: /\b(verify\s+agent|spawn.*verif|validate\s+this|verification\s+agent)\b/i,
   build: /\b(build\s+agent|spawn.*build|builder\s+agent|code\s+agent)\b/i,
-  produce: /(^\\s*\\/produce\\b)|\\b(agentic\\s+producer|producer\\s+agent)\\b/i,
+  produce: /(^\s*\/produce\b)|\b(agentic\s+producer|producer\s+agent)\b/i,
   orchestrate: /\b(spawn\s+(?:a\s+)?(?:sub)?agent|orchestrat|multi-?agent|agent\s+system|coordinate\s+agents?)\b/i
 };
 
@@ -274,7 +280,7 @@ async function routeToAgent(text, agentType) {
     let result;
     switch (agentType) {
       case 'produce': {
-        const cleaned = text.replace(/^\\s*\\/produce\\b\\s*/i, '');
+        const cleaned = text.replace(/^\s*\/produce\b\s*/i, '');
         const parsed = parseProduceOptions(cleaned || text);
         const finalPrompt = parsed.prompt || (cleaned || text);
         const referenceUrl = extractFirstUrl(finalPrompt);
@@ -434,6 +440,28 @@ if (providerSelect) {
   });
 }
 
+// Login button
+if (loginBtn) {
+  loginBtn.addEventListener('click', () => {
+    window.electronAPI.sendMessage('/login');
+    addMessage('/login', 'user');
+  });
+}
+
+// Auth status badge click - also triggers login when disconnected
+if (authStatus) {
+  authStatus.style.cursor = 'pointer';
+  authStatus.addEventListener('click', () => {
+    if (authStatus.classList.contains('disconnected')) {
+      window.electronAPI.sendMessage('/login');
+      addMessage('/login', 'user');
+    } else {
+      window.electronAPI.sendMessage('/status');
+      addMessage('/status', 'user');
+    }
+  });
+}
+
 // Model selection
 if (modelSelect) {
   modelSelect.addEventListener('change', (e) => {

package/src/renderer/chat/index.html

@@ -282,6 +282,26 @@
       color: var(--text-secondary);
     }
 
+    .login-button {
+      padding: 3px 10px;
+      border-radius: 10px;
+      font-size: 10px;
+      font-weight: 600;
+      background: var(--accent-blue);
+      color: white;
+      border: none;
+      cursor: pointer;
+      transition: background 0.15s;
+    }
+
+    .login-button:hover {
+      background: var(--accent-blue-hover);
+    }
+
+    .login-button.hidden {
+      display: none;
+    }
+
     /* ===== CHAT HISTORY ===== */
     #chat-history {
       flex: 1;
@@ -544,6 +564,21 @@
       justify-content: center;
     }
 
+    .auth-hint {
+      font-size: 12px;
+      margin-top: 10px;
+      color: var(--text-secondary);
+      line-height: 1.6;
+    }
+
+    .auth-hint kbd {
+      background: var(--bg-secondary);
+      padding: 2px 5px;
+      border-radius: 3px;
+      border: 1px solid var(--border-color);
+      font-family: inherit;
+    }
+
     .empty-state .logo svg {
       width: 32px;
       height: 32px;
@@ -671,6 +706,7 @@
     </div>
     <div id="provider-status">
       <span id="auth-status" class="status-badge">Not Connected</span>
+      <button id="login-btn" class="login-button" title="Login to AI provider">Login</button>
       <span id="token-count" class="token-badge" title="Estimated tokens">0 tokens</span>
     </div>
   </div>
@@ -683,6 +719,7 @@
       </div>
       <h2>Copilot Agent</h2>
       <p>Click "Selection" to interact with screen elements, or type a command below.</p>
+      <p id="empty-auth-hint" class="auth-hint">Click <strong>Login</strong> above or type <kbd>/login</kbd> to connect to GitHub Copilot.<br>You can also use <kbd>/help</kbd> to see all commands.</p>
       <div class="shortcuts">
         <div class="shortcut"><kbd>Ctrl+Alt+Space</kbd> Toggle chat</div>
         <div class="shortcut"><kbd>Ctrl+Shift+O</kbd> Toggle overlay</div>