create-walle 0.9.11 → 0.9.13

package/template/claude-task-manager/server.js

@@ -33,9 +33,11 @@ const {
   findCodexThreadForCtmSession,
   findCodexThreadForSession,
   getCodexThreadById,
+  getCodexThreadResumeCwd,
   getResumeSpec,
   parseSessionStartMs,
   parseCodexJsonlIntoMessages,
+  parseCodexJsonlFileIntoMessages,
 } = require('./lib/session-history');
 const { atomicWriteFileSync } = require('./atomic-write');
 const { execFile: execFileCb, execFileSync } = require('child_process');
@@ -46,16 +48,37 @@ const compactStitch = require('./lib/compact-stitch');
 const { registerSessionJobs, registerStreamJobs } = require('./lib/session-jobs');
 const { SessionStream } = require('./lib/session-stream');
 const { getAllSessionFilesAsync: getAllSessionFilesAsyncFromUtils } = require('./session-utils');
+const { SessionCapture } = require('./lib/session-capture');
 const { resolveFallback: resolveLaunchFallback, isEarlyExit } = require('./lib/launch-presets');
 const { buildTelemetryEnv, detectPresetId } = require('./lib/agent-presets');
-const { createCodingAgentModelSync } = require('./lib/coding-agent-models');
+const {
+  createCodingAgentModelSync,
+  shouldApplyCodexAutoTitle,
+} = require('./lib/coding-agent-models');
 const agentCliCache = require('./lib/agent-cli-cache');
 const walleClient = require('./lib/walle-client');
+const walleTranscript = require('./lib/walle-transcript');
+const claudeDesktopSessions = require('./lib/claude-desktop-sessions');
 const SessionSearchUtils = require('./public/js/session-search-utils.js');
 const agentHooksInstaller = require('./lib/agent-hooks-installer');
 const statusHooks = require('./lib/status-hooks');
 const { getStateDetector } = require('./workers/state-detectors');
 const { canResumeAgent, getAgentCapabilities, normalizeAgentType } = require('./lib/agent-capabilities');
+const { resolveWalleChatContext } = require('./lib/walle-session-context');
+const {
+  applyWalleToolEvent,
+  cloneToolCalls,
+  readWalleCtmHistory,
+} = require('./lib/walle-ctm-history');
+const {
+  SETUP_PROVIDER_TYPES,
+  SETUP_PROVIDER_NAMES,
+  SETUP_PROVIDER_ENV_KEYS,
+  sanitizeSetupProviderType,
+  resolveSetupDefaultSelection,
+  setupProviderHasRuntimeAccess,
+  setupProviderTypeList,
+} = require('./lib/setup-provider-config');
 const {
   CONFIG_DIR,
   CONFIG_FILE,
@@ -85,6 +108,121 @@ function getWalleBrain() {
   } catch { return null; }
 }
 
+function getProviderRuntimeState(type) {
+  const providerType = sanitizeSetupProviderType(type);
+  let hasStoredKey = false;
+  let authMethod = providerType === 'anthropic' || providerType === 'openai'
+    ? (process.env.WALLE_AUTH_METHOD || '')
+    : '';
+  try {
+    const brain = getWalleBrain();
+    const row = brain?.getDb?.().prepare(
+      'SELECT api_key_encrypted, auth_method FROM model_providers WHERE type = ? AND enabled = 1 ORDER BY updated_at DESC LIMIT 1'
+    ).get(providerType);
+    hasStoredKey = !!row?.api_key_encrypted;
+    authMethod = row?.auth_method || authMethod || '';
+  } catch {}
+  return {
+    type: providerType,
+    authMethod,
+    hasStoredKey,
+    hasRuntimeAccess: setupProviderHasRuntimeAccess({
+      type: providerType,
+      env: process.env,
+      authMethod,
+      hasStoredKey,
+    }),
+  };
+}
+
+function getActiveWalleProviderState(providerType) {
+  return getProviderRuntimeState(providerType || process.env.WALLE_PROVIDER || 'anthropic');
+}
+
+function _extractLlmText(response) {
+  const content = response?.content ?? response?.text ?? '';
+  if (typeof content === 'string') return content;
+  if (Array.isArray(content)) {
+    return content.map((part) => {
+      if (!part) return '';
+      if (typeof part === 'string') return part;
+      return part.text || part.content || '';
+    }).filter(Boolean).join('\n');
+  }
+  return '';
+}
+
+function _storedProviderKey(brain, type) {
+  try {
+    const row = brain?.getDb?.().prepare(
+      'SELECT api_key_encrypted FROM model_providers WHERE type = ? AND enabled = 1 AND api_key_encrypted IS NOT NULL ORDER BY updated_at DESC LIMIT 1'
+    ).get(type);
+    return row?.api_key_encrypted || '';
+  } catch {
+    return '';
+  }
+}
+
+async function generateSessionSummaryWithWalleProvider({ turnsText, sysPrompt }) {
+  const brain = getWalleBrain();
+  const provider = sanitizeSetupProviderType(
+    brain?.getKv?.('walle_provider') || process.env.WALLE_PROVIDER || 'anthropic'
+  );
+  if (!provider) return null;
+
+  const model = brain?.getKv?.('walle_model_' + provider)
+    || brain?.getKv?.('walle_model')
+    || process.env.WALLE_MODEL
+    || '';
+  const state = getProviderRuntimeState(provider);
+  const config = {};
+  let clientType = provider;
+
+  if (provider === 'anthropic' && state.authMethod === 'claude_cli') {
+    clientType = 'claude-cli';
+  } else if (provider === 'anthropic' && state.authMethod === 'oauth_proxy') {
+    config.apiKey = 'oauth-proxy-placeholder';
+    config.baseUrl = `http://127.0.0.1:${process.env.OAUTH_PROXY_PORT || '3458'}`;
+  } else if (provider === 'openai' && state.authMethod === 'codex_cli') {
+    clientType = 'codex-cli';
+  } else if (provider === 'ollama' || provider === 'mlx') {
+    if (provider === 'ollama' && process.env.OLLAMA_BASE_URL) config.baseUrl = process.env.OLLAMA_BASE_URL;
+    if (provider === 'mlx' && process.env.MLX_MODEL) config.model = process.env.MLX_MODEL;
+  } else {
+    const envKey = SETUP_PROVIDER_ENV_KEYS[provider];
+    const apiKey = _storedProviderKey(brain, provider) || (envKey ? process.env[envKey] : '');
+    if (!apiKey && !state.hasRuntimeAccess) return null;
+    if (apiKey) config.apiKey = apiKey;
+    if (provider === 'anthropic' && process.env.ANTHROPIC_BASE_URL) config.baseUrl = process.env.ANTHROPIC_BASE_URL;
+    if (provider === 'openai' && process.env.OPENAI_BASE_URL) config.baseUrl = process.env.OPENAI_BASE_URL;
+    if (provider === 'deepseek' && process.env.DEEPSEEK_BASE_URL) config.baseUrl = process.env.DEEPSEEK_BASE_URL;
+    if (provider === 'google' && process.env.GOOGLE_AUTH_MODE === 'oauth') {
+      config.authMode = 'oauth';
+      config.refreshToken = process.env.GOOGLE_REFRESH_TOKEN;
+    }
+  }
+
+  try {
+    const { createClient } = require(path.resolve(__dirname, '..', 'wall-e', 'llm', 'client'));
+    const client = createClient(clientType, config);
+    const response = await client.chat({
+      model: model || undefined,
+      system: sysPrompt,
+      messages: [{ role: 'user', content: turnsText }],
+      maxTokens: 60,
+      temperature: 0.2,
+      thinking: 'disabled',
+      reasoningEffort: 'low',
+      signal: AbortSignal.timeout(15000),
+    });
+    const text = _extractLlmText(response).replace(/<think>[\s\S]*?<\/think>/gi, '').trim();
+    return text ? { text, model: `${provider}:${model || clientType}` } : null;
+  } catch (e) {
+    console.warn('[session-stream] configured summary provider failed:', e.message);
+    return null;
+  }
+}
+
 function getShellRcSource(shell) {
   const name = path.basename(shell || '');
   if (name.includes('zsh')) {
@@ -148,6 +286,14 @@ function _isStatusOnlyPtyChunk(session, data) {
   return !!detector.isStatusOnlyChunk(filtered);
 }
 
+function _isBusyStatusPtyChunk(session, data) {
+  const providerId = session?._providerId || _providerIdFromCmd(session?.cmd || '');
+  const detector = getStateDetector(providerId);
+  if (typeof detector.isBusyStatusChunk !== 'function') return false;
+  const filtered = detector.filterOutput ? detector.filterOutput(data) : data;
+  return !!detector.isBusyStatusChunk(filtered);
+}
+
 function _isServerWaitingForInput(sessionId, session) {
   return !!(session?._waitingForInput || idleNotifyState.get(sessionId)?.notified);
 }
@@ -166,6 +312,7 @@ function handleAvailableAgentsApi(res) {
 let _ctmScheduler = null;
 let _jsonlWatcher = null;
 let _sessionStream = null;
+let _sessionCapture = null;
 let _isShuttingDown = false;
 
 function isSqliteBusyError(err) {
@@ -198,17 +345,7 @@ function addStartupTaskWithRetry(label, args, attempt = 0) {
 const telemetry = { track() {}, flush() {}, start() {}, stop() {} };
 
 // --- Wall-E Session JSONL helpers ---
-const WALLE_SESSIONS_DIR = path.join(process.env.HOME, '.walle', 'sessions');
-
-function appendToJsonl(filePath, obj) {
-  fs.appendFileSync(filePath, JSON.stringify(obj) + '\n');
-}
-
-function ensureWalleSessionsDir() {
-  if (!fs.existsSync(WALLE_SESSIONS_DIR)) {
-    fs.mkdirSync(WALLE_SESSIONS_DIR, { recursive: true });
-  }
-}
+const WALLE_SESSIONS_DIR = walleTranscript.defaultSessionsDir(process.env);
 
 const config = loadConfig();
 const AGENT_CLI_CACHE_FILE = path.join(CONFIG_DIR, 'agent-cli-cache.json');
@@ -816,6 +953,96 @@ function probeModel(apiKey, baseUrl, customHeadersB64, modelOrder) {
   });
 }
 
+function probeClaudeCliAuth() {
+  return new Promise((resolve) => {
+    const { spawn } = require('child_process');
+    const childEnv = { ...process.env };
+    delete childEnv.ANTHROPIC_API_KEY;
+    delete childEnv.ANTHROPIC_AUTH_TOKEN;
+    let proc;
+    try {
+      proc = spawn('claude', ['auth', 'status'], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+        timeout: 15000,
+        env: childEnv,
+      });
+    } catch (err) {
+      resolve({ ok: false, error: 'Could not spawn claude: ' + err.message });
+      return;
+    }
+    let stdout = '';
+    let stderr = '';
+    let settled = false;
+    const done = (result) => {
+      if (settled) return;
+      settled = true;
+      resolve(result);
+    };
+    proc.stdout.on('data', (d) => { stdout += d.toString(); });
+    proc.stderr.on('data', (d) => { stderr += d.toString(); });
+    proc.on('error', (err) => {
+      done({
+        ok: false,
+        error: err.code === 'ENOENT'
+          ? 'claude CLI not on PATH. Install Claude Code from claude.com/claude-code.'
+          : 'spawn failed: ' + err.message,
+      });
+    });
+    proc.on('close', (code) => {
+      if (code !== 0) {
+        done({ ok: false, error: 'claude auth status exited ' + code + ': ' + (stderr || stdout).slice(0, 300) });
+        return;
+      }
+      let parsed;
+      try { parsed = JSON.parse(stdout); }
+      catch { done({ ok: false, error: 'claude auth status stdout not JSON: ' + stdout.slice(0, 200) }); return; }
+      if (!parsed.loggedIn) {
+        done({ ok: false, error: 'CLI installed but not signed in. Run `claude auth login`.' });
+        return;
+      }
+      const label = [parsed.email, parsed.subscriptionType].filter(Boolean).join(' · ');
+      done({ ok: true, model: label || 'claude.ai', reply: parsed.authMethod || 'subscription' });
+    });
+  });
+}
+
+async function probeAnthropicOauthProxy() {
+  const proxyStatus = await oauthProxySupervisor.status();
+  if (!proxyStatus.running) {
+    return { ok: false, error: 'OAuth proxy is not running. Click "I understand, enable it" to start it.', proxy_status: proxyStatus };
+  }
+  const port = proxyStatus.port;
+  try {
+    const r = await fetch(`http://127.0.0.1:${port}/v1/messages`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'anthropic-version': '2023-06-01',
+      },
+      body: JSON.stringify({
+        model: 'claude-haiku-4-5-20251001',
+        max_tokens: 20,
+        messages: [{ role: 'user', content: 'reply with the literal string OK and nothing else' }],
+      }),
+      signal: AbortSignal.timeout(20000),
+    });
+    if (!r.ok) {
+      const txt = await r.text().catch(() => '');
+      return { ok: false, error: `Proxy returned ${r.status}: ${txt.slice(0, 250)}`, proxy_status: proxyStatus };
+    }
+    const d = await r.json();
+    const reply = (d.content || []).filter((b) => b.type === 'text').map((b) => b.text).join('').trim();
+    return {
+      ok: reply.length > 0,
+      model: d.model || 'claude-haiku-4-5',
+      reply: reply.slice(0, 50),
+      proxy_status: proxyStatus,
+    };
+  } catch (err) {
+    return { ok: false, error: 'Proxy probe failed: ' + err.message, proxy_status: proxyStatus };
+  }
+}
+
 // --- API Handlers ---
 async function handleApi(req, res, url) {
   // --- Setup API ---
@@ -865,9 +1092,11 @@ async function handleApi(req, res, url) {
     if (!hasApiKey && walleProvider === 'google' && (process.env.GOOGLE_API_KEY || process.env.GEMINI_API_KEY)) hasApiKey = true;
     if (!hasApiKey && walleProvider === 'deepseek' && process.env.DEEPSEEK_API_KEY) hasApiKey = true;
     if (!hasApiKey && (walleProvider === 'ollama' || walleProvider === 'mlx')) hasApiKey = true;
-    const authMethod = process.env.WALLE_AUTH_METHOD || '';
+    const providerState = getActiveWalleProviderState(walleProvider);
+    if (!hasApiKey && providerState.hasRuntimeAccess) hasApiKey = true;
+    const authMethod = providerState.authMethod || '';
     const codingViaCli = process.env.WALLE_CODING_USE_CLI === 'true';
-    res.end(JSON.stringify({ owner_name: ownerName, has_api_key: hasApiKey, slack_connected: slackConnected, slack_team: slackTeam, needs_setup: setup.needsSetup(), version, ctm_data_dir: ctmDataDir, walle_data_dir: walleDataDir, hostname: HOSTNAME, walle_model: walleModel, walle_provider: walleProvider, auth_method: authMethod, coding_via_cli: codingViaCli, service_alerts: serviceAlerts }));
+    res.end(JSON.stringify({ owner_name: ownerName, has_api_key: hasApiKey, slack_connected: slackConnected, slack_team: slackTeam, needs_setup: !hasApiKey && setup.needsSetup(), version, ctm_data_dir: ctmDataDir, walle_data_dir: walleDataDir, hostname: HOSTNAME, walle_model: walleModel, walle_provider: walleProvider, auth_method: authMethod, coding_via_cli: codingViaCli, service_alerts: serviceAlerts }));
     return;
   }
   if (url.pathname === '/api/setup/test-key' && req.method === 'GET') {
@@ -1725,6 +1954,12 @@ async function handleApi(req, res, url) {
         const walleProvider = typeof data.provider === 'string'
           ? data.provider.replace(/[^a-z]/g, '').slice(0, 20)
           : '';
+        if (walleProvider && !SETUP_PROVIDER_TYPES.includes(walleProvider)) {
+          res.writeHead(400, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({ error: 'Invalid provider type. Must be one of: ' + setupProviderTypeList() }));
+          return;
+        }
+        const providerForApiKey = walleProvider || 'anthropic';
         // Anthropic auth_method picker: 'api_key' (default), 'claude_cli', or
         // 'oauth_proxy'. Anything else gets normalized to '' (= cleared).
         // OpenAI auth_method picker: 'api_key' (default) or 'codex_cli'.
@@ -1764,9 +1999,10 @@ async function handleApi(req, res, url) {
           keysToReplace.add('ANTHROPIC_CUSTOM_HEADERS_B64');
         } else if (apiKey) {
           // Only strip the key for the provider being configured — preserve others
-          if (walleProvider === 'openai') { keysToReplace.add('OPENAI_API_KEY'); }
-          else if (walleProvider === 'google') { keysToReplace.add('GOOGLE_API_KEY'); keysToReplace.add('GEMINI_API_KEY'); keysToReplace.add('GOOGLE_AUTH_MODE'); keysToReplace.add('GOOGLE_REFRESH_TOKEN'); }
-          else { keysToReplace.add('ANTHROPIC_API_KEY'); keysToReplace.add('ANTHROPIC_BASE_URL'); keysToReplace.add('ANTHROPIC_AUTH_TOKEN'); keysToReplace.add('ANTHROPIC_CUSTOM_HEADERS_B64'); }
+          if (providerForApiKey === 'openai') { keysToReplace.add('OPENAI_API_KEY'); }
+          else if (providerForApiKey === 'google') { keysToReplace.add('GOOGLE_API_KEY'); keysToReplace.add('GEMINI_API_KEY'); keysToReplace.add('GOOGLE_AUTH_MODE'); keysToReplace.add('GOOGLE_REFRESH_TOKEN'); }
+          else if (providerForApiKey === 'deepseek') { keysToReplace.add('DEEPSEEK_API_KEY'); }
+          else if (providerForApiKey === 'anthropic') { keysToReplace.add('ANTHROPIC_API_KEY'); keysToReplace.add('ANTHROPIC_BASE_URL'); keysToReplace.add('ANTHROPIC_AUTH_TOKEN'); keysToReplace.add('ANTHROPIC_CUSTOM_HEADERS_B64'); }
         }
         // Read existing .env, keep lines that aren't being replaced
         try {
@@ -1823,10 +2059,10 @@ async function handleApi(req, res, url) {
           delete process.env.ANTHROPIC_API_KEY;
         } else if (apiKey) {
           // Save key under the correct provider env var
-          if (walleProvider === 'openai') {
+          if (providerForApiKey === 'openai') {
             lines.push(`OPENAI_API_KEY=${apiKey}`);
             process.env.OPENAI_API_KEY = apiKey;
-          } else if (walleProvider === 'google') {
+          } else if (providerForApiKey === 'google') {
             const googleAuthMode = typeof data.google_auth_mode === 'string' ? data.google_auth_mode.replace(/[^a-z]/g, '') : '';
             const googleRefreshToken = typeof data.google_refresh_token === 'string' ? data.google_refresh_token.replace(/[\r\n]/g, '').slice(0, 2000) : '';
             lines.push(`GOOGLE_API_KEY=${apiKey}`);
@@ -1840,7 +2076,10 @@ async function handleApi(req, res, url) {
               delete process.env.GOOGLE_AUTH_MODE;
               delete process.env.GOOGLE_REFRESH_TOKEN;
             }
-          } else {
+          } else if (providerForApiKey === 'deepseek') {
+            lines.push(`DEEPSEEK_API_KEY=${apiKey}`);
+            process.env.DEEPSEEK_API_KEY = apiKey;
+          } else if (providerForApiKey === 'anthropic') {
             // Default: Anthropic
             lines.push(`ANTHROPIC_API_KEY=${apiKey}`);
             process.env.ANTHROPIC_API_KEY = apiKey;
@@ -1897,17 +2136,27 @@ async function handleApi(req, res, url) {
       const defaultProvider = brain.getKv('walle_provider') || 'anthropic';
       const defaultModel = brain.getKv('walle_model') || '';
       const rows = brain.listModelProviders();
-      const ENV_KEY_MAP = { anthropic: 'ANTHROPIC_API_KEY', openai: 'OPENAI_API_KEY', google: 'GOOGLE_API_KEY', ollama: null };
       const providers = rows.map(row => {
         const model = brain.getKv('walle_model_' + row.type) || (row.type === defaultProvider ? defaultModel : '');
-        const envKey = ENV_KEY_MAP[row.type];
-        const hasKey = !!(row.api_key_encrypted) || (envKey ? !!process.env[envKey] : false) || row.type === 'ollama';
+        const envKey = SETUP_PROVIDER_ENV_KEYS[row.type];
+        let hasStoredKey = false;
+        try {
+          const fullRow = typeof brain.getModelProviderWithKey === 'function' ? brain.getModelProviderWithKey(row.id) : null;
+          hasStoredKey = !!fullRow?.api_key_encrypted;
+        } catch {}
+        const authMethod = row.auth_method || 'api_key';
+        const hasKey = setupProviderHasRuntimeAccess({
+          type: row.type,
+          env: process.env,
+          authMethod,
+          hasStoredKey,
+        }) || (envKey ? !!process.env[envKey] : false);
         let status = 'unknown', lastTested = null, error = null;
         return {
           id: row.id, type: row.type, name: row.name,
           enabled: !!row.enabled, is_default: row.type === defaultProvider,
           has_key: hasKey, model: model || null,
-          auth_method: row.auth_method || 'api_key',
+          auth_method: authMethod,
           status, last_tested: lastTested, error
         };
       });
@@ -1928,13 +2177,10 @@ async function handleApi(req, res, url) {
     req.on('end', () => {
       try {
         const data = JSON.parse(body);
-        const VALID_TYPES = ['anthropic', 'openai', 'google', 'ollama', 'deepseek'];
-        const PROVIDER_NAMES = { anthropic: 'Anthropic', openai: 'OpenAI', google: 'Google Gemini', ollama: 'Ollama (Local)', mlx: 'MLX (Local)', deepseek: 'DeepSeek' };
-        const ENV_VAR_MAP = { anthropic: 'ANTHROPIC_API_KEY', openai: 'OPENAI_API_KEY', google: 'GOOGLE_API_KEY', deepseek: 'DEEPSEEK_API_KEY' };
-        const type = typeof data.type === 'string' ? data.type.replace(/[^a-z]/g, '').slice(0, 20) : '';
-        if (!VALID_TYPES.includes(type)) {
+        const type = sanitizeSetupProviderType(data.type);
+        if (!SETUP_PROVIDER_TYPES.includes(type)) {
           res.writeHead(400, { 'Content-Type': 'application/json' });
-          res.end(JSON.stringify({ error: 'Invalid provider type. Must be one of: ' + VALID_TYPES.join(', ') }));
+          res.end(JSON.stringify({ error: 'Invalid provider type. Must be one of: ' + setupProviderTypeList() }));
           return;
         }
         const apiKey = typeof data.api_key === 'string' ? data.api_key.replace(/[\r\n\s]/g, '').slice(0, 200) : '';
@@ -1946,18 +2192,41 @@ async function handleApi(req, res, url) {
 
         const brain = getWalleBrain();
         if (brain) {
+          const currentDefaultProvider = brain.getKv('walle_provider') || process.env.WALLE_PROVIDER || 'anthropic';
+          const syncDefaultModel = !!(model && currentDefaultProvider === type && !setDefault);
+          let existingApiKey = null;
+          if (!apiKey) {
+            try {
+              const existingProvider = typeof brain.getModelProviderWithKey === 'function'
+                ? brain.getModelProviderWithKey(type + '-default')
+                : null;
+              existingApiKey = existingProvider?.api_key_encrypted || null;
+              if (!existingApiKey) {
+                const row = brain.getDb().prepare(
+                  'SELECT api_key_encrypted FROM model_providers WHERE type = ? AND enabled = 1 AND api_key_encrypted IS NOT NULL ORDER BY updated_at DESC LIMIT 1'
+                ).get(type);
+                existingApiKey = row?.api_key_encrypted || null;
+              }
+            } catch {}
+          }
           // Upsert provider in DB
           brain.upsertModelProvider({
             id: type + '-default',
-            name: PROVIDER_NAMES[type] || type,
+            name: SETUP_PROVIDER_NAMES[type] || type,
             type,
             baseUrl: null,
-            apiKeyEncrypted: apiKey || null,
+            apiKeyEncrypted: apiKey || existingApiKey || null,
             customHeaders: null,
             enabled,
           });
           // Store per-provider model preference
-          if (model) brain.setKv('walle_model_' + type, model);
+          if (model) {
+            brain.setKv('walle_model_' + type, model);
+            if (syncDefaultModel) {
+              brain.setKv('walle_model', model);
+              process.env.WALLE_MODEL = model;
+            }
+          }
           // Persist auth method (must run AFTER upsert so the row exists)
           if (authMethod) {
             try { brain.setProviderAuthMethod(type, authMethod); } catch (_) { /* invalid method silently dropped — already gated above */ }
@@ -1980,7 +2249,11 @@ async function handleApi(req, res, url) {
           // If set_default, update global defaults
           if (setDefault) {
             brain.setKv('walle_provider', type);
-            if (model) brain.setKv('walle_model', model);
+            process.env.WALLE_PROVIDER = type;
+            if (model) {
+              brain.setKv('walle_model', model);
+              process.env.WALLE_MODEL = model;
+            }
           }
         }
 
@@ -1990,12 +2263,12 @@ async function handleApi(req, res, url) {
         // present — auth_method=oauth_proxy (and similar CLI methods) do
         // not require an API key but still need WALLE_AUTH_METHOD wired
         // into the daemon's env so its provider factory routes correctly.
-        const writesEnv = !!(apiKey && ENV_VAR_MAP[type])
+        const writesEnv = !!(apiKey && SETUP_PROVIDER_ENV_KEYS[type])
           || (authMethod && (type === 'anthropic' || type === 'openai'))
           || setDefault;
         if (writesEnv) {
           const envPath = path.resolve(__dirname, '..', '.env');
-          const envVar = ENV_VAR_MAP[type];
+          const envVar = SETUP_PROVIDER_ENV_KEYS[type];
           const lines = [];
           const keysToReplace = new Set();
           if (apiKey && envVar) {
@@ -2084,6 +2357,7 @@ async function handleApi(req, res, url) {
 
         // Sync model registry and restart
         try { seedDefaultModels(); } catch {}
+        setup.clearSetupCache();
         walleSupervisor.restartQuiet();
 
         res.writeHead(200, { 'Content-Type': 'application/json' });
@@ -2104,11 +2378,38 @@ async function handleApi(req, res, url) {
     req.on('end', async () => {
       try {
         const data = JSON.parse(body);
-        const type = typeof data.type === 'string' ? data.type.replace(/[^a-z]/g, '') : '';
+        const type = sanitizeSetupProviderType(data.type);
         const startMs = Date.now();
+        const storedProviderKey = (providerType) => {
+          try {
+            const brain = getWalleBrain();
+            const row = brain?.getDb?.().prepare(
+              'SELECT api_key_encrypted FROM model_providers WHERE type = ? AND enabled = 1 AND api_key_encrypted IS NOT NULL ORDER BY updated_at DESC LIMIT 1'
+            ).get(providerType);
+            return row?.api_key_encrypted || '';
+          } catch { return ''; }
+        };
 
         if (type === 'anthropic') {
-          const key = process.env.ANTHROPIC_API_KEY;
+          const runtime = getProviderRuntimeState('anthropic');
+          const authMethod = typeof data.auth_method === 'string' && data.auth_method
+            ? data.auth_method
+            : runtime.authMethod || 'api_key';
+          if (authMethod === 'claude_cli') {
+            const result = await probeClaudeCliAuth();
+            const latency = Date.now() - startMs;
+            res.writeHead(200, { 'Content-Type': 'application/json' });
+            res.end(JSON.stringify({ ...result, latency_ms: latency, auth_method: authMethod }));
+            return;
+          }
+          if (authMethod === 'oauth_proxy') {
+            const result = await probeAnthropicOauthProxy();
+            const latency = Date.now() - startMs;
+            res.writeHead(200, { 'Content-Type': 'application/json' });
+            res.end(JSON.stringify({ ...result, latency_ms: latency, auth_method: authMethod }));
+            return;
+          }
+          const key = process.env.ANTHROPIC_API_KEY || storedProviderKey('anthropic');
           if (!key) { res.writeHead(200, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ ok: false, error: 'No ANTHROPIC_API_KEY configured' })); return; }
           const result = await probeModel(key, process.env.ANTHROPIC_BASE_URL, process.env.ANTHROPIC_CUSTOM_HEADERS_B64);
           const latency = Date.now() - startMs;
@@ -2123,7 +2424,7 @@ async function handleApi(req, res, url) {
         }
 
         if (type === 'openai') {
-          const key = process.env.OPENAI_API_KEY;
+          const key = process.env.OPENAI_API_KEY || storedProviderKey('openai');
           if (!key) { res.writeHead(200, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ ok: false, error: 'No OPENAI_API_KEY configured' })); return; }
           try {
             const resp = await fetch('https://api.openai.com/v1/chat/completions', {
@@ -2152,7 +2453,7 @@ async function handleApi(req, res, url) {
         }
 
         if (type === 'google') {
-          const key = process.env.GOOGLE_API_KEY || process.env.GEMINI_API_KEY;
+          const key = process.env.GOOGLE_API_KEY || process.env.GEMINI_API_KEY || storedProviderKey('google');
           if (!key) { res.writeHead(200, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ ok: false, error: 'No GOOGLE_API_KEY configured' })); return; }
           // Detect OAuth token
           if (key.startsWith('ya29.')) {
@@ -2186,6 +2487,36 @@ async function handleApi(req, res, url) {
           return;
         }
 
+        if (type === 'deepseek') {
+          const key = process.env.DEEPSEEK_API_KEY || storedProviderKey('deepseek');
+          if (!key) { res.writeHead(200, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ ok: false, error: 'No DEEPSEEK_API_KEY configured' })); return; }
+          try {
+            const resp = await fetch('https://api.deepseek.com/v1/models', {
+              headers: { 'Authorization': 'Bearer ' + key },
+              signal: AbortSignal.timeout(10000),
+            });
+            const latency = Date.now() - startMs;
+            if (resp.ok) {
+              const model = (process.env.WALLE_PROVIDER === 'deepseek' && /^deepseek-/.test(process.env.WALLE_MODEL || ''))
+                ? process.env.WALLE_MODEL
+                : 'deepseek-v4-flash';
+              res.writeHead(200, { 'Content-Type': 'application/json' });
+              res.end(JSON.stringify({ ok: true, model, latency_ms: latency }));
+            } else {
+              const result = await resp.json().catch(() => ({}));
+              let diagnosis = null;
+              if (resp.status === 429) diagnosis = 'Billing quota exceeded — top up your DeepSeek account balance';
+              else if (resp.status === 401 || resp.status === 403) diagnosis = 'Invalid API key';
+              res.writeHead(200, { 'Content-Type': 'application/json' });
+              res.end(JSON.stringify({ ok: false, error: result.error?.message || `HTTP ${resp.status}`, diagnosis }));
+            }
+          } catch (e) {
+            res.writeHead(200, { 'Content-Type': 'application/json' });
+            res.end(JSON.stringify({ ok: false, error: e.message }));
+          }
+          return;
+        }
+
         if (type === 'ollama') {
           try {
             const resp = await fetch('http://localhost:11434/api/tags', { signal: AbortSignal.timeout(5000) });
@@ -2221,22 +2552,24 @@ async function handleApi(req, res, url) {
     let body = '';
     let bodyLen = 0;
     req.on('data', c => { bodyLen += c.length; if (bodyLen > 8192) { req.destroy(); return; } body += c; });
-    req.on('end', () => {
+    req.on('end', async () => {
       try {
         const data = JSON.parse(body);
-        const VALID_TYPES = ['anthropic', 'openai', 'google', 'ollama'];
-        const type = typeof data.type === 'string' ? data.type.replace(/[^a-z]/g, '').slice(0, 20) : '';
-        if (!VALID_TYPES.includes(type)) {
+        const brain = getWalleBrain();
+        const type = sanitizeSetupProviderType(data.type);
+        const storedModel = brain ? brain.getKv('walle_model_' + type) : '';
+        const selection = resolveSetupDefaultSelection({ type, model: data.model, storedModel });
+        if (!selection.ok) {
           res.writeHead(400, { 'Content-Type': 'application/json' });
-          res.end(JSON.stringify({ error: 'Invalid provider type' }));
+          res.end(JSON.stringify({ error: selection.error }));
           return;
         }
 
-        const brain = getWalleBrain();
+        const { requestedModel, targetModel } = selection;
         if (brain) {
           brain.setKv('walle_provider', type);
-          const perProviderModel = brain.getKv('walle_model_' + type);
-          if (perProviderModel) brain.setKv('walle_model', perProviderModel);
+          if (requestedModel) brain.setKv('walle_model_' + type, requestedModel);
+          brain.setKv('walle_model', targetModel || '');
         }
 
         // Update .env
@@ -2255,16 +2588,26 @@ async function handleApi(req, res, url) {
         lines.push('');
         lines.push(`WALLE_PROVIDER=${type}`);
         process.env.WALLE_PROVIDER = type;
-        const perModel = brain ? brain.getKv('walle_model_' + type) : null;
-        if (perModel) {
-          lines.push(`WALLE_MODEL=${perModel}`);
-          process.env.WALLE_MODEL = perModel;
+        if (targetModel) {
+          lines.push(`WALLE_MODEL=${targetModel}`);
+          process.env.WALLE_MODEL = targetModel;
+        } else {
+          delete process.env.WALLE_MODEL;
         }
         atomicWriteFileSync(envPath, lines.join('\n') + '\n', { mode: 0o600 });
 
-        walleSupervisor.restartQuiet();
+        setup.clearSetupCache();
+        let liveUpdated = false;
+        try {
+          const upstream = await walleClient.requestJson('/api/wall-e/setup/config', {
+            method: 'POST',
+            body: { provider: type, model: targetModel || '' },
+          });
+          liveUpdated = upstream.status < 400 && upstream.json && upstream.json.ok !== false;
+        } catch (_) {}
+        if (!liveUpdated) walleSupervisor.restartQuiet();
         res.writeHead(200, { 'Content-Type': 'application/json' });
-        res.end(JSON.stringify({ ok: true }));
+        res.end(JSON.stringify({ ok: true, live_updated: liveUpdated, restart_scheduled: !liveUpdated }));
       } catch (e) {
         res.writeHead(400, { 'Content-Type': 'application/json' });
         res.end(JSON.stringify({ error: e.message }));
@@ -2725,7 +3068,7 @@ async function handleApi(req, res, url) {
   // --- Session Stream API ---
   if (url.pathname === '/api/stream/status' && req.method === 'GET') {
     res.writeHead(200, { 'Content-Type': 'application/json' });
-    return res.end(JSON.stringify({ sessions: _sessionStream ? _sessionStream.getAllStatuses() : [] }));
+    return res.end(JSON.stringify({ sessions: _sessionCapture ? _sessionCapture.getAllStatuses() : _sessionStream ? _sessionStream.getAllStatuses() : [] }));
   }
   if (url.pathname.startsWith('/api/sessions/') && url.pathname.endsWith('/stream') && req.method === 'GET') {
     const parts = url.pathname.split('/');
@@ -2739,7 +3082,7 @@ async function handleApi(req, res, url) {
     let agentId = sessionId;
     const ctmSession = sessions.get(sessionId);
     if (ctmSession && ctmSession._claudeSessionId) agentId = ctmSession._claudeSessionId;
-    const events = _sessionStream.getRecentEvents(agentId, limit);
+    const events = _sessionCapture ? _sessionCapture.getRecentEvents(agentId, limit) : _sessionStream.getRecentEvents(agentId, limit);
     res.writeHead(200, { 'Content-Type': 'application/json' });
     return res.end(JSON.stringify(events));
   }
@@ -2754,7 +3097,7 @@ async function handleApi(req, res, url) {
     let agentId = sessionId;
     const ctmSession = sessions.get(sessionId);
     if (ctmSession && ctmSession._claudeSessionId) agentId = ctmSession._claudeSessionId;
-    let summary = _sessionStream.getSummary(agentId, turns);
+    let summary = _sessionCapture ? _sessionCapture.getSummary(agentId, turns) : _sessionStream.getSummary(agentId, turns);
     // Fallback: if SessionStream doesn't track this session, try DB directly
     if (!summary) {
       try {
@@ -3184,6 +3527,22 @@ function isSyntheticModelName(model) {
   return typeof model === 'string' && /^<[^>]+>$/.test(model.trim());
 }
 
+function inferModelProviderFromId(model) {
+  if (!model || isSyntheticModelName(model)) return '';
+  if (model.startsWith('claude-')) return 'anthropic';
+  if (model.startsWith('codex-')) return 'openai';
+  if (model.startsWith('gemini-')) return 'google';
+  if (model.startsWith('deepseek-')) return 'deepseek';
+  if (model.startsWith('gpt-') || model.startsWith('o1-') || model.startsWith('o3-') || model.startsWith('o4-')) return 'openai';
+  return 'unknown';
+}
+
+function sessionMessageText(messageOrContent) {
+  if (!messageOrContent) return '';
+  const content = messageOrContent.content !== undefined ? messageOrContent.content : messageOrContent;
+  return walleTranscript.extractText(content);
+}
+
 function statSessionFileInfo(filePath) {
   if (!filePath) return { filePath: '', fileSize: 0, modifiedAt: '' };
   try {
@@ -3210,6 +3569,11 @@ function dbRowFileInfo(row) {
 
 // Helper: parse a session JSONL file for metadata
 function parseSessionFile(filePath, projectPath, projectEntry) {
+  if (projectEntry === claudeDesktopSessions.DESKTOP_PROJECT_ENTRY ||
+      claudeDesktopSessions.isVirtualSessionPath(filePath)) {
+    return claudeDesktopSessions.parseSessionFile(filePath, projectPath, projectEntry);
+  }
+
   const fileStat = fs.statSync(filePath);
   const modifiedAt = fileStat.mtime.toISOString();
   const sessionId = path.basename(filePath).replace(/\.jsonl(\.bak)?$/, '');
@@ -3239,24 +3603,37 @@ function parseSessionFile(filePath, projectPath, projectEntry) {
   let version = '';
   let gitBranch = '';
   let sessionModel = '';
+  let modelProvider = '';
+  let agent = 'claude';
   let userMsgCount = 0;
   let allUserMessages = [];
 
   for (const line of lines) {
     try {
       const entry = JSON.parse(line);
+      const isWalle = entry.provider === 'walle' || entry.type === 'walle_part';
+      if (isWalle) agent = 'walle';
+      if (entry.type === 'session_meta' && isWalle) {
+        sessionCwd = entry.cwd || sessionCwd;
+        timestamp = entry.timestamp || timestamp;
+        version = entry.version || version;
+        gitBranch = entry.gitBranch || gitBranch;
+        if (!sessionModel && entry.modelId && !isSyntheticModelName(entry.modelId)) {
+          sessionModel = entry.modelId;
+          modelProvider = entry.modelProvider || inferModelProviderFromId(entry.modelId);
+        } else if (!modelProvider && entry.modelProvider) {
+          modelProvider = entry.modelProvider;
+        }
+        continue;
+      }
       // Extract model from assistant messages (stored in message.model)
-      const entryModel = entry.type === 'assistant' ? (entry.message?.model || entry.model || '') : '';
+      const entryModel = entry.type === 'assistant' ? (entry.message?.model || entry.model || entry.modelId || '') : '';
       if (!sessionModel && entryModel && !isSyntheticModelName(entryModel)) {
         sessionModel = entryModel;
+        modelProvider = entry.modelProvider || inferModelProviderFromId(entryModel);
       }
       if (entry.type === 'user' && entry.message?.role === 'user') {
-        const content = entry.message.content;
-        const text = typeof content === 'string'
-          ? content
-          : Array.isArray(content)
-            ? (content.find(c => c.type === 'text')?.text || '')
-            : '';
+        const text = sessionMessageText(entry.message);
         userMsgCount++;
         const isArtifact = /^\[(?:Request interrupted|Tool use|Error|Retrying)/.test(text);
         if (text && !isArtifact) allUserMessages.push(text.slice(0, 200));
@@ -3267,6 +3644,17 @@ function parseSessionFile(filePath, projectPath, projectEntry) {
           version = entry.version || version;
           gitBranch = entry.gitBranch || gitBranch;
         }
+      } else if (entry.type === 'user' && entry.provider === 'walle' && typeof entry.content === 'string') {
+        const text = entry.content;
+        userMsgCount++;
+        if (text) allUserMessages.push(text.slice(0, 200));
+        if (!firstUserMessage && text) {
+          firstUserMessage = text.slice(0, 200);
+          sessionCwd = entry.cwd || sessionCwd;
+          timestamp = entry.timestamp || timestamp;
+          version = entry.version || version;
+          gitBranch = entry.gitBranch || gitBranch;
+        }
       }
     } catch {
       // JSON.parse failed — line may be truncated (e.g. 1MB+ image block cut off
@@ -3326,6 +3714,9 @@ function parseSessionFile(filePath, projectPath, projectEntry) {
     gitBranch,
     fileSize: fileStat.size,
     model: sessionModel,
+    modelProvider,
+    agent,
+    jsonlPath: filePath,
   };
 }
 
@@ -3334,30 +3725,49 @@ function getAllSessionFiles() {
   const claudeProjectsDir = path.join(process.env.HOME, '.claude', 'projects');
   const results = [];
 
-  if (!fs.existsSync(claudeProjectsDir)) return results;
-
-  for (const projectEntry of fs.readdirSync(claudeProjectsDir)) {
-    const projectDir = path.join(claudeProjectsDir, projectEntry);
-    let stat;
-    try { stat = fs.statSync(projectDir); } catch { continue; }
-    if (!stat.isDirectory()) continue;
+  if (fs.existsSync(claudeProjectsDir)) {
+    for (const projectEntry of fs.readdirSync(claudeProjectsDir)) {
+      const projectDir = path.join(claudeProjectsDir, projectEntry);
+      let stat;
+      try { stat = fs.statSync(projectDir); } catch { continue; }
+      if (!stat.isDirectory()) continue;
 
-    const projectPath = decodeProjectEntry(projectEntry);
-    let files;
-    try { files = fs.readdirSync(projectDir); } catch { continue; }
+      const projectPath = decodeProjectEntry(projectEntry);
+      let files;
+      try { files = fs.readdirSync(projectDir); } catch { continue; }
 
-    const fileSet = new Set(files);
-    for (const file of files) {
-      if (!file.endsWith('.jsonl') && !file.endsWith('.jsonl.bak')) continue;
-      // Skip .jsonl.bak when the .jsonl version exists (Claude Code creates
-      // .bak on session migration/compaction — showing both causes duplicates)
-      if (file.endsWith('.jsonl.bak') && fileSet.has(file.replace(/\.bak$/, ''))) continue;
-      const filePath = path.join(projectDir, file);
-      // Extract session ID: strip .jsonl or .jsonl.bak
-      const sessionId = file.replace(/\.jsonl(\.bak)?$/, '');
-      results.push({ filePath, projectPath, projectEntry, sessionId });
+      const fileSet = new Set(files);
+      for (const file of files) {
+        if (!file.endsWith('.jsonl') && !file.endsWith('.jsonl.bak')) continue;
+        // Skip .jsonl.bak when the .jsonl version exists (Claude Code creates
+        // .bak on session migration/compaction — showing both causes duplicates)
+        if (file.endsWith('.jsonl.bak') && fileSet.has(file.replace(/\.bak$/, ''))) continue;
+        const filePath = path.join(projectDir, file);
+        // Extract session ID: strip .jsonl or .jsonl.bak
+        const sessionId = file.replace(/\.jsonl(\.bak)?$/, '');
+        results.push({ filePath, projectPath, projectEntry, sessionId });
+      }
     }
   }
+
+  let walleFiles;
+  try { walleFiles = fs.readdirSync(WALLE_SESSIONS_DIR); } catch { walleFiles = []; }
+  const walleFileSet = new Set(walleFiles);
+  for (const file of walleFiles) {
+    if (!file.endsWith('.jsonl') && !file.endsWith('.jsonl.bak')) continue;
+    if (file.endsWith('.jsonl.bak') && walleFileSet.has(file.replace(/\.bak$/, ''))) continue;
+    const filePath = path.join(WALLE_SESSIONS_DIR, file);
+    let stat;
+    try { stat = fs.statSync(filePath); } catch { continue; }
+    if (!stat.isFile()) continue;
+    results.push({
+      filePath,
+      projectPath: WALLE_SESSIONS_DIR,
+      projectEntry: walleTranscript.WALLE_PROJECT_ENTRY,
+      sessionId: file.replace(/\.jsonl(\.bak)?$/, ''),
+    });
+  }
+  for (const entry of claudeDesktopSessions.listSessionFileEntries()) results.push(entry);
   return results;
 }
 
@@ -3496,8 +3906,9 @@ function apiRecentSessions(req, res, url) {
           const data = {
             projectEntry: s.projectEntry, projectPath: s.project, cwd: s.cwd,
             label: s.title, title: s.title, firstMessage: s.firstMessage,
-            jsonlPath: s.projectEntry ? path.join(process.env.HOME, '.claude', 'projects', s.projectEntry, `${s.sessionId}.jsonl`) : '',
+            jsonlPath: s.jsonlPath || (s.projectEntry && s.agent !== 'walle' && s.agent !== claudeDesktopSessions.DESKTOP_AGENT ? path.join(process.env.HOME, '.claude', 'projects', s.projectEntry, `${s.sessionId}.jsonl`) : ''),
             fileSize: s.fileSize, modifiedAt: s.modifiedAt, hostname: HOSTNAME,
+            createdAt: s.timestamp || '',
             slug: s.slug || '',
           };
           dbModule.upsertSessionIndex(s.sessionId, s.sessionId, data);
@@ -3726,6 +4137,19 @@ function apiSessionMessages(req, res, url) {
     return;
   }
 
+  if (projectEntry === claudeDesktopSessions.DESKTOP_PROJECT_ENTRY || claudeDesktopSessions.getSession(sessionId)) {
+    const messages = claudeDesktopSessions.getMessages(sessionId, { includeMetadataNote: true });
+    if (messages) {
+      res.writeHead(200, { 'Content-Type': 'application/json' });
+      if (paginated) {
+        res.end(JSON.stringify(_paginateMessages(messages, offset, limit)));
+      } else {
+        res.end(JSON.stringify(messages));
+      }
+      return;
+    }
+  }
+
   // --- Step 1: DB cache fast path (covers ALL agent sessions for this CTM session) ---
   if (!noCache) {
     try {
@@ -3778,39 +4202,55 @@ function apiSessionMessages(req, res, url) {
   }).filter(Boolean).sort((a, b) => a.birthtimeMs - b.birthtimeMs);
 
   let bytesRead = 0;
+  const codexSeenUsers = new Set();
+  const codexParsedFiles = [];
   const SMALL_FILE_THRESHOLD = 1024 * 1024; // 1MB — always read small files (subagents)
   for (const { fp, size } of filesWithTime) {
     const isCodexRollout = fp.includes(`${path.sep}.codex${path.sep}sessions${path.sep}`);
-    if (bytesRead > 0 && bytesRead + size > MAX_SYNC_SIZE && size > SMALL_FILE_THRESHOLD) {
+    if (!isCodexRollout && bytesRead > 0 && bytesRead + size > MAX_SYNC_SIZE && size > SMALL_FILE_THRESHOLD) {
       // Budget exceeded — skip large files, but keep going for small subagent files
       partialLoad = true;
       continue; // continue instead of break — small files after this will still be read
     }
     try {
-      // For very large individual files (>50MB), read only the last 10MB
-      // to show the most recent conversation without blocking the event loop
       const LARGE_FILE_TAIL = 50 * 1024 * 1024;
       const TAIL_READ = 10 * 1024 * 1024;
-      if (size > LARGE_FILE_TAIL) {
+      let fileBytesRead = 0;
+      if (isCodexRollout) {
+        // Codex rollouts are large because they include tool/event payloads.
+        // The semantic user/assistant transcript is much smaller, so stream
+        // the whole JSONL file and keep old eval output visible after restart.
+        const before = messages.length;
+        const parsed = parseCodexJsonlFileIntoMessages(fp, messages, { seenUsers: codexSeenUsers });
+        fileBytesRead = parsed.bytesRead || size;
+        codexParsedFiles.push({
+          fp,
+          size,
+          parsed,
+          messages: messages.slice(before),
+        });
+      } else if (size > LARGE_FILE_TAIL) {
+        // For very large individual files (>50MB), read only the last 10MB
+        // to show the most recent conversation without blocking the event loop
         const fd = fs.openSync(fp, 'r');
         try {
           const readSize = Math.min(size, TAIL_READ);
           const buf = Buffer.alloc(readSize);
           fs.readSync(fd, buf, 0, readSize, size - readSize);
+          fileBytesRead = readSize;
           let content = buf.toString('utf8');
           // Trim to first complete line (the partial first line from offset read)
           const nlIdx = content.indexOf('\n');
           if (nlIdx > 0) content = content.slice(nlIdx + 1);
-          if (isCodexRollout) parseCodexJsonlIntoMessages(content, messages);
-          else _parseJsonlIntoMessages(content, messages);
+          _parseJsonlIntoMessages(content, messages);
           partialLoad = true; // Signal that we didn't load the full file
         } finally { fs.closeSync(fd); }
       } else {
         const content = fs.readFileSync(fp, 'utf8');
-        if (isCodexRollout) parseCodexJsonlIntoMessages(content, messages);
-        else _parseJsonlIntoMessages(content, messages);
+        fileBytesRead = size;
+        _parseJsonlIntoMessages(content, messages);
       }
-      bytesRead += Math.min(size, LARGE_FILE_TAIL);
+      bytesRead += fileBytesRead;
     } catch (e) { console.error(`[session-messages] error reading ${path.basename(fp).slice(0, 8)}:`, e.message); }
   }
 
@@ -3820,6 +4260,10 @@ function apiSessionMessages(req, res, url) {
   // Sort all messages by timestamp across files
   messages.sort((a, b) => (a.timestamp || '').localeCompare(b.timestamp || ''));
 
+  if (codexParsedFiles.length > 0) {
+    _cacheParsedCodexMessages(sessionId, codexParsedFiles);
+  }
+
   if (paginated) {
     const page = _paginateMessages(messages, offset, limit);
     res.writeHead(200, { 'Content-Type': 'application/json' });
@@ -3846,6 +4290,75 @@ function apiSessionMessages(req, res, url) {
   }
 }
 
+function _codexAgentIdFromRolloutPath(filePath) {
+  const base = path.basename(filePath || '');
+  const m = base.match(/-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\.jsonl$/i);
+  return m ? m[1] : '';
+}
+
+function _cacheParsedCodexMessages(ctmSessionId, parsedFiles) {
+  for (const item of parsedFiles || []) {
+    const meta = item.parsed?.sessionMeta || {};
+    const agentSessionId = meta.id || _codexAgentIdFromRolloutPath(item.fp);
+    const fileMessages = Array.isArray(item.messages) ? item.messages : [];
+    if (!agentSessionId || fileMessages.length === 0) continue;
+
+    const users = fileMessages.filter(m => m.role === 'user' && m.text);
+    const assistants = fileMessages.filter(m => m.role === 'assistant' && m.text);
+    const firstUser = users[0]?.text || '';
+    const lastUser = users[users.length - 1]?.text || '';
+    const firstAssistant = assistants[0]?.text || '';
+    const title = firstUser
+      ? firstUser.split('\n')[0].replace(/^#+\s*/, '').replace(/[*_`]/g, '').trim().slice(0, 80)
+      : '';
+
+    try {
+      dbModule.importSessionConversation({
+        session_id: agentSessionId,
+        project_path: meta.cwd || '',
+        messages: fileMessages,
+        user_msg_count: users.length,
+        assistant_msg_count: assistants.length,
+        title,
+        first_message: firstUser.slice(0, 500),
+        last_user_content: lastUser.slice(0, 500),
+        first_assistant_text: firstAssistant.slice(0, 500),
+        git_branch: meta.git_branch || '',
+        file_size: item.size || item.parsed?.bytesRead || 0,
+        session_created_at: meta.timestamp || fileMessages[0]?.timestamp || '',
+        hostname: os.hostname(),
+        model_provider: meta.model ? 'openai' : '',
+        model_id: meta.model || '',
+      });
+    } catch (e) {
+      console.error(`[session-messages] Codex cache write failed for ${agentSessionId.slice(0, 8)}:`, e.message);
+    }
+
+    try {
+      const st = fs.statSync(item.fp);
+      const modifiedAt = st.mtime ? st.mtime.toISOString() : '';
+      const projectDir = path.dirname(item.fp);
+      dbModule.updateStartupTaskAgentSession(ctmSessionId, agentSessionId, projectDir);
+      dbModule.upsertSession(ctmSessionId, {
+        agentSessionId,
+        provider: 'codex',
+        cwd: meta.cwd || '',
+        projectPath: meta.cwd || '',
+        title,
+        jsonlPath: item.fp,
+        fileSize: item.size || st.size || item.parsed?.bytesRead || 0,
+        modifiedAt,
+        model: meta.model || '',
+        gitBranch: meta.git_branch || '',
+        hostname: os.hostname(),
+        userMsgCount: users.length,
+      });
+    } catch (e) {
+      console.error(`[session-messages] Codex index update failed for ${agentSessionId.slice(0, 8)}:`, e.message);
+    }
+  }
+}
+
 /**
  * GET /api/session/export?id=<sessionId>&format=<md|markdown|json|html>
  *
@@ -3875,6 +4388,35 @@ function apiSessionExport(req, res, url) {
     return;
   }
 
+  const desktopSession = claudeDesktopSessions.getSession(sessionId);
+  if (desktopSession) {
+    const messages = claudeDesktopSessions.getMessages(sessionId, { includeMetadataNote: true }) || [];
+    const meta = {
+      sessionName: desktopSession.title || desktopSession.name || desktopSession.summary || sessionId,
+      sessionId,
+      projectPath: claudeDesktopSessions.DESKTOP_PROJECT_PATH,
+      createdAt: desktopSession.createdAt || desktopSession.updatedAt || '',
+    };
+    let body;
+    switch (formatInfo.ext) {
+      case 'md':   body = _msgExport.toMarkdown(messages, meta); break;
+      case 'json': body = _msgExport.toJson(messages, meta); break;
+      case 'html': body = _msgExport.toHtml(messages, meta); break;
+      default:
+        res.writeHead(500, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Internal format error' }));
+        return;
+    }
+    const filename = _msgExport.sanitizeFilename(meta.sessionName) + '.' + formatInfo.ext;
+    res.writeHead(200, {
+      'Content-Type': formatInfo.contentType,
+      'Content-Disposition': `attachment; filename="${filename}"`,
+      'Cache-Control': 'no-store',
+    });
+    res.end(body);
+    return;
+  }
+
   // Load messages — cache fast path, then JSONL fallback (kept to the
   // same logic as apiSessionMessages so export == display).
   let messages = null;
@@ -3950,7 +4492,11 @@ function _computeExpectedFileSize(agentSessionId, dbFileSize) {
       'SELECT jsonl_path FROM agent_sessions WHERE agent_session_id = ?'
     ).get(agentSessionId);
     if (row && row.jsonl_path) {
-      // dbFileSize tracks the live .jsonl; add the .bak when it exists.
+      // Prefer the live stat over agent_sessions.file_size. The DB value can
+      // lag an active Codex rollout, and a stale expected size would make the
+      // conversation cache look fresh after new output was appended.
+      try { total = fs.statSync(row.jsonl_path).size; } catch {}
+      // dbFileSize/live stat tracks the live .jsonl; add the .bak when it exists.
       try { total += fs.statSync(row.jsonl_path + '.bak').size; } catch {}
     }
   } catch {}
@@ -4044,7 +4590,14 @@ function _resolveAllSessionFiles(sessionId, projectEntry) {
   const codexIds = new Set([sessionId]);
 
   // 1. Try direct file from projectEntry — include both .jsonl and .bak.
-  if (projectEntry && PROJECT_ENTRY_RE.test(projectEntry)) {
+  if (projectEntry === walleTranscript.WALLE_PROJECT_ENTRY) {
+    const walleRoot = path.resolve(WALLE_SESSIONS_DIR);
+    const basePath = path.resolve(walleRoot, `${sessionId}.jsonl`);
+    if (basePath.startsWith(walleRoot + path.sep)) {
+      if (fs.existsSync(basePath)) filePaths.add(basePath);
+      if (fs.existsSync(basePath + '.bak')) filePaths.add(basePath + '.bak');
+    }
+  } else if (projectEntry && PROJECT_ENTRY_RE.test(projectEntry)) {
     const basePath = path.resolve(claudeProjectsDir, projectEntry, `${sessionId}.jsonl`);
     if (basePath.startsWith(claudeProjectsDir + '/')) {
       if (fs.existsSync(basePath)) filePaths.add(basePath);
@@ -4284,7 +4837,7 @@ function _materializeRestoredSessionIndex(session) {
   const fileInfo = _agentSessionFileInfo(agentType, agentSessionId, session._claudeProjectDir || '');
   let existingTitle = null;
   try { existingTitle = dbModule.getSessionTitleNew(session.id); } catch {}
-  const title = existingTitle?.title || session.label || '';
+  const title = existingTitle?.userRenamed ? existingTitle.title : (session.label || existingTitle?.title || '');
 
   try {
     dbModule.upsertSession(session.id, {
@@ -4423,9 +4976,11 @@ function _linkCodexThreadToSession(ctmSessionId, liveSession, thread, source) {
   const title = _codexThreadTitle(thread);
   try {
     const titleInfo = dbModule.getSessionTitleNew(ctmSessionId);
-    if (title && !(titleInfo && titleInfo.userRenamed)) {
+    if (title && shouldApplyCodexAutoTitle({ session: liveSession, existingTitle: titleInfo })) {
       liveSession.label = `Codex: ${title}`;
       liveSession._codexTitleSynced = true;
+    } else if (title) {
+      liveSession._codexTitleSynced = true;
     }
   } catch {}
 
@@ -4555,6 +5110,8 @@ function _parseJsonlIntoMessages(content, messages) {
           const cleaned = text.replace(/<system-reminder>[\s\S]*?<\/system-reminder>/g, '').trim();
           messages.push({ role: 'user', text: cleaned || text, timestamp: entry.timestamp });
         }
+      } else if (entry.type === 'user' && entry.provider === 'walle' && typeof entry.content === 'string') {
+        messages.push({ role: 'user', text: entry.content, timestamp: entry.timestamp });
       } else if (entry.type === 'assistant' && entry.message?.role === 'assistant') {
         const c = entry.message.content;
         if (!Array.isArray(c)) continue;
@@ -4575,6 +5132,22 @@ function _parseJsonlIntoMessages(content, messages) {
             messages.push({ role: 'assistant', text: parts.join('\n'), timestamp: entry.timestamp, _parent: entry.parentUuid });
           }
         }
+      } else if (entry.type === 'assistant' && entry.provider === 'walle' && typeof entry.content === 'string') {
+        if (entry.content) messages.push({ role: 'assistant', text: entry.content, timestamp: entry.timestamp });
+      } else if (entry.type === 'walle_part') {
+        const data = entry.data || {};
+        let text = '';
+        if (entry.partType === 'tool_call') {
+          text = `[Tool: ${data.name || 'tool'}]`;
+        } else if (entry.partType === 'tool_result') {
+          const result = typeof data.result === 'string' ? data.result : '';
+          text = `[Tool result: ${data.name || 'tool'}]${result ? '\n' + result : ''}`;
+        } else if (entry.partType === 'error') {
+          text = `[Wall-E error] ${data.message || ''}`.trim();
+        } else if (entry.partType === 'cancelled') {
+          text = '[Wall-E cancelled]';
+        }
+        if (text) messages.push({ role: 'system', text, timestamp: entry.timestamp });
       }
     } catch { /* skip malformed line */ }
   }
@@ -4836,7 +5409,7 @@ function apiCleanEmptySessions(req, res) {
       if (row.first_message) continue;
       if ((row.user_msg_count || 0) > 0) continue;
       // Skip if a JSONL file still exists on disk for this row
-      if (row.jsonl_path && fs.existsSync(row.jsonl_path)) continue;
+      if (row.jsonl_path && fs.existsSync(claudeDesktopSessions.sourcePathForStat(row.jsonl_path))) continue;
       // Skip active sessions (currently running)
       if (sessions.has(row.id)) continue;
       // Safe to delete — empty DB row with no disk backing and not active
@@ -5875,13 +6448,14 @@ wss.on('connection', (ws, req) => {
         if (ws._streamSubscriptions.has(agentId)) return;
         // Send initial batch — include ctmSessionId so the client can find the
         // correct DOM element (conversation-view is keyed by CTM ID, not agent ID)
-        const initEvents = _sessionStream.getRecentEvents(agentId, 100);
+        const initEvents = _sessionCapture ? _sessionCapture.getRecentEvents(agentId, 100) : _sessionStream.getRecentEvents(agentId, 100);
         if (ws.readyState === 1) {
           ws.send(JSON.stringify({ type: 'stream-init', sessionId: agentId, ctmSessionId: msg.sessionId, events: initEvents }));
         }
         // Subscribe to live events — include ctmSessionId for DOM lookup
         const _ctmIdForStream = msg.sessionId;
-        const unsub = _sessionStream.subscribe(agentId, (evt) => {
+        const streamApi = _sessionCapture || _sessionStream;
+        const unsub = streamApi.subscribe(agentId, (evt) => {
           if (ws.readyState === 1) ws.send(JSON.stringify({ type: 'stream-event', ctmSessionId: _ctmIdForStream, ...evt }));
         });
         ws._streamSubscriptions.set(agentId, unsub);
@@ -6104,12 +6678,19 @@ function _approverState(buf) {
 }
 
 function broadcastToSession(sessionId, session, data) {
+  _recordCaptureSignal(data);
   const payload = JSON.stringify(data);
   for (const client of session.clients) {
     if (client.readyState === 1) client.send(payload);
   }
 }
 
+function _recordCaptureSignal(data) {
+  if (!_sessionCapture || !data || typeof data !== 'object') return;
+  if (data.type === 'stream-status') return;
+  try { _sessionCapture.ingestServerMessage(data); } catch (e) { /* capture must never block UI broadcasts */ }
+}
+
 function _broadcastApproverState(sessionId, state) {
   const session = sessions.get(sessionId);
   if (!session) return;
@@ -6412,6 +6993,27 @@ const IDLE_PROMPT_PATTERNS = [
 ];
 const IDLE_NOTIFY_DELAY_MS = 5000; // Wait 5s of silence after prompt marker
 
+function _markServerSessionResumedFromPty(sessionId, session, source) {
+  const now = Date.now();
+  const st = idleNotifyState.get(sessionId);
+  if (st) {
+    if (st.timer) { clearTimeout(st.timer); st.timer = null; }
+    st.notified = false;
+    st.buf = '';
+    st.freshBuf = '';
+    st.lastOutput = now;
+    st._lastCheck = now;
+  }
+  if (session) {
+    session._waitingForInput = false;
+    session.lastActivity = now;
+  }
+  broadcastToAll({ type: 'session-resumed', id: sessionId, source, timestamp: now });
+  if (telemetryReceiver.hasAuthoritativeSource(sessionId)) {
+    broadcastToAll({ type: 'session.status', id: sessionId, working: true, source, timestamp: now });
+  }
+}
+
 function checkIdleNotify(sessionId, session, data) {
   const hasAuthoritativeSource = telemetryReceiver.hasAuthoritativeSource(sessionId);
   let st = idleNotifyState.get(sessionId);
@@ -6496,6 +7098,7 @@ function checkIdleNotify(sessionId, session, data) {
             reason,
             label: session.label || '',
             snippet: lastLines.trim().split('\n').slice(-3).join('\n').slice(0, 200),
+            timestamp: Date.now(),
           });
         }
         return;
@@ -6511,12 +7114,86 @@ function cleanIdleNotify(sessionId) {
 }
 
 function broadcastToAll(data) {
+  _recordCaptureSignal(data);
   const payload = typeof data === 'string' ? data : JSON.stringify(data);
   for (const client of wss.clients) {
     if (client.readyState === 1) client.send(payload);
   }
 }
 
+function _recordWalleTranscriptAppend(session, appendResult) {
+  if (!session || !appendResult || !appendResult.record) return appendResult;
+  if (appendResult.uuid) session._walleLastTranscriptUuid = appendResult.uuid;
+  try {
+    const stat = fs.statSync(appendResult.filePath);
+    session._walleTranscriptFileSize = stat.size || 0;
+    session._walleTranscriptModifiedAt = stat.mtime ? stat.mtime.toISOString() : '';
+  } catch {}
+  broadcastToAll({
+    type: 'walle-transcript-append',
+    id: session.id,
+    sessionId: session.id,
+    chatSessionId: session.chatSessionId || '',
+    jsonlPath: appendResult.filePath,
+    offset: appendResult.offset,
+    bytes: appendResult.bytes,
+    recordType: appendResult.record.type,
+    partType: appendResult.record.partType || '',
+    timestamp: appendResult.record.timestamp || new Date().toISOString(),
+  });
+  return appendResult;
+}
+
+function _appendWallePart(session, partType, data) {
+  if (!session || !session.jsonlPath) return null;
+  return _recordWalleTranscriptAppend(session, walleTranscript.appendPart(session.jsonlPath, {
+    sessionId: session.id,
+    chatSessionId: session.chatSessionId,
+    parentUuid: session._walleLastTranscriptUuid || null,
+    cwd: session.cwd,
+    partType,
+    data,
+  }));
+}
+
+function _walleProgressTranscriptPart(event) {
+  if (!event || typeof event !== 'object') return null;
+  if (event.type === 'thinking') return { partType: 'thinking', data: { turn: event.turn || null } };
+  if (event.type === 'model_selected') {
+    return {
+      partType: 'model',
+      data: {
+        model: event.model || event.model_id || '',
+        provider: event.provider || '',
+      },
+    };
+  }
+  if (event.type === 'tool_call') {
+    return {
+      partType: 'tool_call',
+      data: {
+        id: event.id || event.tool_call_id || '',
+        name: event.name || event.tool || '',
+        input: event.input || event.arguments || null,
+        summary: event.summary || '',
+      },
+    };
+  }
+  if (event.type === 'tool_result') {
+    return {
+      partType: 'tool_result',
+      data: {
+        id: event.id || event.tool_call_id || '',
+        name: event.name || event.tool || '',
+        result: event.result || event.output || '',
+        summary: event.summary || '',
+      },
+    };
+  }
+  if (event.type === 'cancelled') return { partType: 'cancelled', data: {} };
+  return null;
+}
+
 // Notify all clients (except the originator) that a set of ui_* prefs changed.
 // Receivers refetch via GET /api/settings?prefix=ui_ and apply selectively —
 // keeping the broadcast tiny and the source of truth on the server.
@@ -6563,6 +7240,26 @@ function handleCreate(ws, msg) {
   const shell = msg.shell || process.env.SHELL || '/bin/zsh';
   let cmd = msg.cmd || shell;
   let args = msg.args || [];
+  let _codexResumeCwdToHeal = null;
+
+  // Codex resume records the thread's original cwd. If CTM starts `codex
+  // resume <thread>` from a different cwd, Codex stops on an interactive
+  // "choose working directory" picker. Launch from the recorded thread cwd
+  // when it still exists so restart restore stays unattended.
+  try {
+    const preConfigAgentType = detectAgentType(cmd);
+    const preConfigResume = extractResumeTarget(preConfigAgentType, args);
+    if (preConfigAgentType === 'codex' && preConfigResume?.sessionId) {
+      const resumeCwd = getCodexThreadResumeCwd(preConfigResume.sessionId, { fallbackCwd: cwd });
+      if (resumeCwd && resumeCwd !== cwd && fs.existsSync(resumeCwd)) {
+        console.log(`[codex-resume] using thread cwd for ${String(preConfigResume.sessionId).slice(0,8)}: ${cwd} -> ${resumeCwd}`);
+        _codexResumeCwdToHeal = resumeCwd;
+        cwd = resumeCwd;
+      }
+    }
+  } catch (e) {
+    console.error('[codex-resume] cwd resolution error:', e.message);
+  }
 
   // Per-project .ctm.json overrides — project wins for provider/cmd/args/model/env/hooks.
   // Only honor project config when the caller did NOT pass an explicit --skipProjectConfig flag.
@@ -6674,9 +7371,16 @@ function handleCreate(ws, msg) {
   }
 
   // If a user-renamed title exists in the DB (e.g. from a previous session that was
-  // renamed before CTM restart), prefer it over the stale startup_tasks label
+  // renamed before CTM restart), prefer it over the stale startup_tasks label.
+  // On restore, a non-user DB title may be an inferred agent title; keep the
+  // startup task label as the running tab's durable name.
   const existingTitle = dbModule.getSessionTitleNew(id);
-  if (existingTitle && existingTitle.title && (msg._isRestore || existingTitle.userRenamed)) {
+  const shouldUseExistingTitle = existingTitle && existingTitle.title && (
+    existingTitle.userRenamed
+    || !msg._isRestore
+    || (msg._isRestore && !msg.label)
+  );
+  if (shouldUseExistingTitle) {
     label = existingTitle.title;
   }
 
@@ -6686,9 +7390,16 @@ function handleCreate(ws, msg) {
     // Override auto-generated shell label if user didn't provide one
     if (!msg.label) label = 'Wall-E session';
     const chatSessionId = msg.chatSessionId || `walle-${id}`;
-    ensureWalleSessionsDir();
-    const jsonlPath = path.join(WALLE_SESSIONS_DIR, `${id}.jsonl`);
-    fs.writeFileSync(jsonlPath, '');
+    const jsonlPath = walleTranscript.sessionPath(WALLE_SESSIONS_DIR, id);
+    const createResult = walleTranscript.createSession(jsonlPath, {
+      reset: !msg._isRestore,
+      sessionId: id,
+      chatSessionId,
+      cwd,
+      label,
+      modelId: model_id || '',
+      modelProvider: model_provider || '',
+    });
 
     const session = {
       id, type: 'walle', label: label || 'Wall-E session', cwd,
@@ -6697,10 +7408,30 @@ function handleCreate(ws, msg) {
       chatSessionId, jsonlPath,
       abortController: null,
       model_id: model_id || null, model_provider: model_provider || null,
+      _walleLastTranscriptUuid: createResult?.uuid || walleTranscript.readLastUuid(jsonlPath) || null,
     };
     sessions.set(id, session);
     telemetry.track('ctm_session', { type: 'walle' });
 
+    if (createResult) _recordWalleTranscriptAppend(session, createResult);
+    try {
+      const st = fs.statSync(jsonlPath);
+      dbModule.upsertSession(id, {
+        agentSessionId: id,
+        provider: 'walle',
+        cwd,
+        projectPath: cwd,
+        title: session.label,
+        jsonlPath,
+        fileSize: st.size || 0,
+        modifiedAt: st.mtime ? st.mtime.toISOString() : '',
+        model: model_id || '',
+        hostname: HOSTNAME,
+      });
+    } catch (e) {
+      console.error('[walle-session] index create error:', e.message);
+    }
+
     if (!msg._isRestore) {
       addStartupTaskWithRetry('walle', [id, session.label, '', [], cwd, model_id, 'walle', chatSessionId]);
     }
@@ -6866,6 +7597,9 @@ function handleCreate(ws, msg) {
       try { dbModule.updateStartupTaskClaudeSession(id, _injectedSessionId, projectDir); }
       catch (e) { console.error('[ctm] updateStartupTaskClaudeSession (session-id inject) error:', e.message); }
     }
+  } else if (_codexResumeCwdToHeal) {
+    try { dbModule.updateStartupTaskCwd(id, _codexResumeCwdToHeal); }
+    catch (e) { console.error('[codex-resume] heal startup cwd error:', e.message); }
   }
 
   // Output batching — coalesce rapid PTY chunks into fewer WS messages.
@@ -7055,7 +7789,10 @@ function handleCreate(ws, msg) {
     // Claude both emit idle TUI redraws that contain a few printable chars.
     const activeChunk = _isActivePtyChunk(session, data);
     const statusOnlyChunk = _isStatusOnlyPtyChunk(session, data);
-    const activityChunk = activeChunk && !(statusOnlyChunk && _isServerWaitingForInput(id, session));
+    const busyStatusChunk = _isBusyStatusPtyChunk(session, data);
+    const waitingForInput = _isServerWaitingForInput(id, session);
+    const activityChunk = activeChunk && !(statusOnlyChunk && waitingForInput && !busyStatusChunk);
+    if (busyStatusChunk && waitingForInput) _markServerSessionResumedFromPty(id, session, 'codex-working-status');
     if (activityChunk) session.lastActivity = Date.now();
     // Monotonic output byte counter — read by approval-agent's Phase 3
     // post-keystroke verification (sendApprovalKeystroke in approval-agent.js).
@@ -7645,7 +8382,10 @@ function apiAttachSession(req, res) {
       ptyProcess.onData((data) => {
         const activeChunk = _isActivePtyChunk(session, data);
         const statusOnlyChunk = _isStatusOnlyPtyChunk(session, data);
-        const activityChunk = activeChunk && !(statusOnlyChunk && _isServerWaitingForInput(tabId, session));
+        const busyStatusChunk = _isBusyStatusPtyChunk(session, data);
+        const waitingForInput = _isServerWaitingForInput(tabId, session);
+        const activityChunk = activeChunk && !(statusOnlyChunk && waitingForInput && !busyStatusChunk);
+        if (busyStatusChunk && waitingForInput) _markServerSessionResumedFromPty(tabId, session, 'codex-working-status');
         if (activityChunk) session.lastActivity = Date.now();
         const cleanData = data.indexOf('\x1b[') >= 0
           ? data.replace(/\x1b\[3J|\x1b\[\?100[0236]h|\x1b\[\?1015h/g, '')
@@ -7771,7 +8511,13 @@ function handleAttach(ws, msg) {
     walleClient.requestJson(`/api/wall-e/chat/history?session_id=${encodeURIComponent(session.chatSessionId)}&limit=100`)
       .then((upstream) => {
         if (ws.readyState === 1) {
-          ws.send(JSON.stringify({ type: 'walle-history', id: session.id, messages: upstream.json?.data || [] }));
+          const ctmHistory = readWalleCtmHistory(session.jsonlPath);
+          const upstreamHistory = upstream.json?.data || [];
+          ws.send(JSON.stringify({
+            type: 'walle-history',
+            id: session.id,
+            messages: ctmHistory.length ? ctmHistory : upstreamHistory,
+          }));
         }
       })
       .catch((e) => console.error('[attach] walle-history replay error:', e.message));
@@ -8034,12 +8780,111 @@ async function _maybeBroadcastWorktreeFinishGate(session, sessionId) {
   }
 }
 
+const SESSION_WORKTREE_STATUS_TTL_MS = 4000;
+let _sessionWorktreeStatusCache = new Map();
+let _sessionWorktreeStatusLastRefreshAt = 0;
+let _sessionWorktreeStatusRefreshInFlight = false;
+
+function _sessionNeedsWorktreeStatus(session) {
+  if (!session) return false;
+  const branch = session.branch || '';
+  if (branch === 'main' || branch === 'master') return false;
+  return !!(session.worktree_path || (branch && session.cwd));
+}
+
+function _normalizeSessionWorktreeStatus(session, wt) {
+  if (!session || !wt) return null;
+  const branch = wt.branch || session.branch || '';
+  if (!branch || branch === 'main' || branch === 'master' || wt.isMain) return null;
+  const dirtyFiles = Number(wt.dirtyFiles || 0);
+  const unmergedCommits = Number(wt.unmergedCommits || 0);
+  const ahead = Number(wt.ahead || 0);
+  const behind = Number(wt.behind || 0);
+  return {
+    branch,
+    worktreeName: wt.worktreeName || path.basename(wt.path || session.worktree_path || session.cwd || branch),
+    worktreePath: wt.path || session.worktree_path || session.cwd || null,
+    state: wt.state || 'unknown',
+    dirtyFiles,
+    unmergedCommits,
+    ahead,
+    behind,
+    summary: wt.summary || '',
+    needsAttention: dirtyFiles > 0 || unmergedCommits > 0,
+  };
+}
+
+function _sessionWorktreeStatusSnapshot(map) {
+  return JSON.stringify([...map.entries()]
+    .sort(([a], [b]) => a.localeCompare(b))
+    .map(([id, wt]) => [
+      id,
+      wt.branch,
+      wt.state,
+      wt.dirtyFiles,
+      wt.unmergedCommits,
+      wt.ahead,
+      wt.behind,
+      wt.summary,
+      wt.needsAttention,
+    ]));
+}
+
+async function _refreshSessionWorktreeStatusCache(options = {}) {
+  if (_sessionWorktreeStatusRefreshInFlight) return;
+  const now = Date.now();
+  if (!options.force && (now - _sessionWorktreeStatusLastRefreshAt) < SESSION_WORKTREE_STATUS_TTL_MS) return;
+
+  const candidates = Array.from(sessions.values()).filter(_sessionNeedsWorktreeStatus);
+  if (candidates.length === 0) {
+    if (_sessionWorktreeStatusCache.size > 0) {
+      _sessionWorktreeStatusCache = new Map();
+      broadcastSessionList(true);
+    }
+    return;
+  }
+
+  _sessionWorktreeStatusRefreshInFlight = true;
+  _sessionWorktreeStatusLastRefreshAt = now;
+  try {
+    const worktrees = await gitUtilsWorktree.listRichWorktrees(_projectRoot);
+    const next = new Map();
+    for (const session of candidates) {
+      const wt = _findSessionWorktree(worktrees, session);
+      const status = _normalizeSessionWorktreeStatus(session, wt);
+      if (status && status.needsAttention) next.set(session.id, status);
+    }
+    const changed = _sessionWorktreeStatusSnapshot(next) !== _sessionWorktreeStatusSnapshot(_sessionWorktreeStatusCache);
+    _sessionWorktreeStatusCache = next;
+    if (changed) broadcastSessionList(true);
+  } catch (e) {
+    console.error('[session-worktree-status] refresh error:', e.message || e);
+  } finally {
+    _sessionWorktreeStatusRefreshInFlight = false;
+  }
+}
+
+function _sessionWorktreeStatusPayload(session) {
+  const status = _sessionWorktreeStatusCache.get(session?.id);
+  if (!status || !status.needsAttention) return null;
+  return status;
+}
+
 async function handleWalleMessage(ws, msg) {
   const session = sessions.get(msg.id);
   if (!session || session.type !== 'walle') return;
 
   session.lastActivity = Date.now();
-  appendToJsonl(session.jsonlPath, { type: 'user', content: msg.text, timestamp: new Date().toISOString() });
+  const userAppend = walleTranscript.appendUserMessage(session.jsonlPath, {
+    sessionId: session.id,
+    chatSessionId: session.chatSessionId,
+    parentUuid: session._walleLastTranscriptUuid || null,
+    cwd: session.cwd,
+    text: msg.text,
+    modelId: msg.model || session.model_id || '',
+    modelProvider: session.model_provider || '',
+  });
+  _recordWalleTranscriptAppend(session, userAppend);
 
   session.abortController = new AbortController();
 
@@ -8050,10 +8895,20 @@ async function handleWalleMessage(ws, msg) {
     }
   };
 
-  broadcastToSession({ type: 'walle-progress', id: session.id, event: { type: 'thinking' } });
+  const thinkingEvent = { type: 'thinking' };
+  broadcastToSession({ type: 'walle-progress', id: session.id, event: thinkingEvent });
+  _appendWallePart(session, 'thinking', { turn: null });
 
   try {
     let result = null;
+    const turnToolCalls = [];
+    const contextSession = msg.contextSessionId ? sessions.get(msg.contextSessionId) : null;
+    const chatContext = resolveWalleChatContext({
+      session,
+      contextSession,
+      requestedCwd: msg.cwd,
+    });
+    const effectiveCwd = chatContext.cwd || session.cwd;
     const upstream = await walleClient.requestSse('/api/wall-e/chat?stream=1', {
       method: 'POST',
       signal: session.abortController.signal,
@@ -8062,8 +8917,15 @@ async function handleWalleMessage(ws, msg) {
         session_id: session.chatSessionId,
         channel: 'ctm-session',
         model: msg.model || undefined,
-        cwd: session.cwd,
-        context: { cwd: session.cwd },
+        cwd: effectiveCwd,
+        context: {
+          cwd: effectiveCwd,
+          projectPath: effectiveCwd,
+          ctmSessionId: session.id,
+          contextSessionId: chatContext.contextSessionId,
+          contextSessionLabel: chatContext.contextSessionLabel,
+          cwdSource: chatContext.source,
+        },
       },
       onEvent: (event) => {
         if (!event || typeof event !== 'object') return;
@@ -8072,25 +8934,69 @@ async function handleWalleMessage(ws, msg) {
           return;
         }
         if (event.type === 'error') {
-          throw new Error(event.error || 'Wall-E chat failed');
+          const err = new Error(event.message || event.error || 'Wall-E chat failed');
+          if (event.providerError) {
+            err.code = event.code || 'AI_PROVIDER_ERROR';
+            err.providerError = event.providerError;
+          }
+          throw err;
+        }
+        if (event.type === 'tool_call' || event.type === 'tool_result' || event.type === 'tool_done') {
+          applyWalleToolEvent(turnToolCalls, event);
+          appendToJsonl(session.jsonlPath, { ...event, timestamp: new Date().toISOString() });
         }
         broadcastToSession({ type: 'walle-progress', id: session.id, event });
+        const part = _walleProgressTranscriptPart(event);
+        if (part) _appendWallePart(session, part.partType, part.data);
       },
     });
     if (upstream.status >= 400) {
       let parsed = null;
       try { parsed = JSON.parse(upstream.body || '{}'); } catch {}
-      throw new Error(parsed?.error || `Wall-E chat failed (${upstream.status})`);
+      const err = new Error(parsed?.message || parsed?.error || `Wall-E chat failed (${upstream.status})`);
+      if (parsed?.providerError) {
+        err.code = parsed.code || 'AI_PROVIDER_ERROR';
+        err.providerError = parsed.providerError;
+      }
+      throw err;
     }
     if (!result) throw new Error('Wall-E chat ended without a final response');
 
-    appendToJsonl(session.jsonlPath, {
-      type: 'assistant', content: result.reply,
-      model: result.model, provider: result.provider,
+    const assistantAppend = walleTranscript.appendAssistantMessage(session.jsonlPath, {
+      sessionId: session.id,
+      chatSessionId: session.chatSessionId,
+      parentUuid: session._walleLastTranscriptUuid || null,
+      cwd: session.cwd,
+      text: result.reply,
+      model: result.model,
+      provider: result.provider,
+      modelProvider: result.provider || session.model_provider || '',
       latencyMs: result.latencyMs,
-      inputTokens: result.tokens?.input, outputTokens: result.tokens?.output,
-      cost: result.cost, timestamp: new Date().toISOString(),
+      tokens: result.tokens || {},
+      cost: result.cost,
+      toolCalls: cloneToolCalls(turnToolCalls),
+      timestamp: new Date().toISOString(),
     });
+    _recordWalleTranscriptAppend(session, assistantAppend);
+    try {
+      const st = fs.statSync(session.jsonlPath);
+      dbModule.upsertSession(session.id, {
+        agentSessionId: session.id,
+        provider: 'walle',
+        cwd: session.cwd,
+        projectPath: session.cwd,
+        title: session.label,
+        firstMessage: msg.text || '',
+        jsonlPath: session.jsonlPath,
+        fileSize: st.size || 0,
+        modifiedAt: st.mtime ? st.mtime.toISOString() : '',
+        model: result.model || msg.model || session.model_id || '',
+        userMsgCount: 1,
+        hostname: HOSTNAME,
+      });
+    } catch (e) {
+      console.error('[walle-session] index update error:', e.message);
+    }
 
     broadcastToSession({
       type: 'walle-response', id: session.id,
@@ -8100,9 +9006,22 @@ async function handleWalleMessage(ws, msg) {
     });
   } catch (err) {
     if (err.message === 'Cancelled') {
-      broadcastToSession({ type: 'walle-progress', id: session.id, event: { type: 'cancelled' } });
+      const cancelEvent = { type: 'cancelled' };
+      broadcastToSession({ type: 'walle-progress', id: session.id, event: cancelEvent });
+      _appendWallePart(session, 'cancelled', {});
     } else {
-      broadcastToSession({ type: 'walle-error', id: session.id, error: err.message });
+      broadcastToSession({
+        type: 'walle-error',
+        id: session.id,
+        error: err.message,
+        code: err.code,
+        providerError: err.providerError || null,
+      });
+      _appendWallePart(session, 'error', {
+        message: err.message || 'Wall-E chat failed',
+        code: err.code,
+        providerError: err.providerError || null,
+      });
     }
   } finally {
     session.abortController = null;
@@ -8255,6 +9174,7 @@ function _sessionPayload(s) {
     model_provider: s.model_provider,
     branch: s.branch || null,
     worktree_path: s.worktree_path || null,
+    worktreeStatus: _sessionWorktreeStatusPayload(s),
     agentType,
     agentCapabilities: {
       structuredTranscript: !!caps.structuredTranscript,
@@ -8283,6 +9203,7 @@ let _broadcastTimer = null;
 function _doBroadcastSessionList() {
   _broadcastTimer = null;
   if (_restoreInProgress) return;
+  _refreshSessionWorktreeStatusCache().catch(() => {});
   // Invalidate the HTTP API cache so the next GET /api/recent-sessions reflects changes
   _recentSessionsCache = null;
   const payload = JSON.stringify({
@@ -8403,6 +9324,7 @@ setInterval(async () => {
       } catch {} // git rev-parse failures are normal for non-git dirs
     }
     if (changed) broadcastSessionList();
+    await _refreshSessionWorktreeStatusCache({ force: true });
   } finally {
     _branchRefreshRunning = false;
   }
@@ -8414,6 +9336,7 @@ function shutdown() {
   _isShuttingDown = true;
   // Stop scheduler, session stream, and file watcher first
   try { if (_ctmScheduler) _ctmScheduler.shutdown().catch(() => {}); } catch {}
+  try { if (_sessionCapture) _sessionCapture.detach(); } catch {}
   try { if (_sessionStream) _sessionStream.stop(); } catch {}
   try { if (_jsonlWatcher) _jsonlWatcher.stop(); } catch {}
   // Ask scrollback worker to close its DB connection before terminating.
@@ -8605,11 +9528,15 @@ function isValidWorktreeCwd(cwd) {
 
 // Validate git ref names (branch names, tags) — reject values starting with - and special chars
 const VALID_GIT_REF = /^[a-zA-Z0-9][a-zA-Z0-9._\/-]*$/;
+const WORKTREE_JSON_HEADERS = {
+  'Content-Type': 'application/json',
+  'Cache-Control': 'no-store, max-age=0',
+};
 
 function apiListWorktrees(req, res) {
   const cwd = new URL(req.url, 'http://localhost').searchParams.get('cwd') || _projectRoot;
   if (!isValidWorktreeCwd(cwd)) {
-    res.writeHead(403, { 'Content-Type': 'application/json' });
+    res.writeHead(403, WORKTREE_JSON_HEADERS);
     return res.end(JSON.stringify({ error: 'cwd must be within project root' }));
   }
   gitUtilsWorktree.listRichWorktrees(cwd).then(worktrees => {
@@ -8651,10 +9578,10 @@ function apiListWorktrees(req, res) {
         !!w.sessionId || ['ghost','ahead','behind','diverged','dirty','detached'].includes(w.state)
       ).length + (mainRemote.state && !['synced', 'unknown'].includes(mainRemote.state) ? 1 : 0),
     };
-    res.writeHead(200, { 'Content-Type': 'application/json' });
+    res.writeHead(200, WORKTREE_JSON_HEADERS);
     res.end(JSON.stringify({ worktrees, cwd, counts, mainRemote }));
   }).catch(e => {
-    res.writeHead(500, { 'Content-Type': 'application/json' });
+    res.writeHead(500, WORKTREE_JSON_HEADERS);
     res.end(JSON.stringify({ error: e.message }));
   });
 }
@@ -8825,31 +9752,31 @@ function apiSyncWorktree(req, res) {
     try {
       const { name, strategy, cwd: reqCwd } = JSON.parse(body);
       if (!name || !VALID_GIT_REF.test(name)) {
-        res.writeHead(400, { 'Content-Type': 'application/json' });
+        res.writeHead(400, WORKTREE_JSON_HEADERS);
         return res.end(JSON.stringify({ error: 'Invalid branch name' }));
       }
       if (strategy && !['merge', 'rebase'].includes(strategy)) {
-        res.writeHead(400, { 'Content-Type': 'application/json' });
+        res.writeHead(400, WORKTREE_JSON_HEADERS);
         return res.end(JSON.stringify({ error: 'Invalid sync strategy. Use: merge or rebase' }));
       }
       const cwd = reqCwd || _projectRoot;
       if (!isValidWorktreeCwd(cwd)) {
-        res.writeHead(403, { 'Content-Type': 'application/json' });
+        res.writeHead(403, WORKTREE_JSON_HEADERS);
         return res.end(JSON.stringify({ error: 'cwd must be within project root' }));
       }
       gitUtilsWorktree.syncWorktree(cwd, name, strategy || 'merge').then(result => {
         if (result.conflicts) {
-          res.writeHead(409, { 'Content-Type': 'application/json' });
+          res.writeHead(409, WORKTREE_JSON_HEADERS);
           return res.end(JSON.stringify(result));
         }
-        res.writeHead(result.merged ? 200 : 500, { 'Content-Type': 'application/json' });
+        res.writeHead(result.merged ? 200 : 500, WORKTREE_JSON_HEADERS);
         res.end(JSON.stringify(result));
       }).catch(e => {
-        res.writeHead(500, { 'Content-Type': 'application/json' });
+        res.writeHead(500, WORKTREE_JSON_HEADERS);
         res.end(JSON.stringify({ error: e.message }));
       });
     } catch (e) {
-      res.writeHead(400, { 'Content-Type': 'application/json' });
+      res.writeHead(400, WORKTREE_JSON_HEADERS);
       res.end(JSON.stringify({ error: 'Invalid JSON body' }));
     }
   });
@@ -8863,12 +9790,12 @@ function apiSyncAllWorktrees(req, res) {
       const data = body ? JSON.parse(body) : {};
       const { strategy, cwd: reqCwd } = data;
       if (strategy && !['merge', 'rebase'].includes(strategy)) {
-        res.writeHead(400, { 'Content-Type': 'application/json' });
+        res.writeHead(400, WORKTREE_JSON_HEADERS);
         return res.end(JSON.stringify({ error: 'Invalid sync strategy. Use: merge or rebase' }));
       }
       const cwd = reqCwd || _projectRoot;
       if (!isValidWorktreeCwd(cwd)) {
-        res.writeHead(403, { 'Content-Type': 'application/json' });
+        res.writeHead(403, WORKTREE_JSON_HEADERS);
         return res.end(JSON.stringify({ error: 'cwd must be within project root' }));
       }
       const activeWorktreePaths = [...sessions.values()]
@@ -8878,14 +9805,14 @@ function apiSyncAllWorktrees(req, res) {
       gitUtilsWorktree.syncAllWorktrees(cwd, strategy || 'merge', {
         excludePaths: activeWorktreePaths,
       }).then(result => {
-        res.writeHead(result.failed > 0 ? 207 : 200, { 'Content-Type': 'application/json' });
+        res.writeHead(result.failed > 0 ? 207 : 200, WORKTREE_JSON_HEADERS);
         res.end(JSON.stringify(result));
       }).catch(e => {
-        res.writeHead(500, { 'Content-Type': 'application/json' });
+        res.writeHead(500, WORKTREE_JSON_HEADERS);
         res.end(JSON.stringify({ error: e.message }));
       });
     } catch (e) {
-      res.writeHead(400, { 'Content-Type': 'application/json' });
+      res.writeHead(400, WORKTREE_JSON_HEADERS);
       res.end(JSON.stringify({ error: 'Invalid JSON body' }));
     }
   });
@@ -9596,12 +10523,22 @@ server.on('listening', () => {
     console.log('  Wall-E disabled (WALLE_DISABLED=1)');
   }
 
-  // OAuth proxy boot-start: when the user has WALLE_AUTH_METHOD=oauth_proxy
-  // in .env, the daemon needs the proxy on :3458 BEFORE it tries its first
-  // chat call. The supervisor's start() is idempotent (returns
-  // alreadyRunning when already up). Wrapped in try so a proxy boot
-  // failure never blocks CTM itself.
-  if (process.env.WALLE_AUTH_METHOD === 'oauth_proxy' && !process.env.WALLE_DISABLED) {
+  // OAuth proxy boot-start: when Anthropic is the active Wall-E provider and
+  // its auth method is oauth_proxy, the daemon needs the proxy before its
+  // first chat call. Read both .env and the provider DB row so the setup page's
+  // auth-method radio remains authoritative after restarts.
+  const shouldStartOauthProxy = (() => {
+    if (process.env.WALLE_DISABLED) return false;
+    try {
+      const brain = getWalleBrain();
+      const provider = brain?.getKv?.('walle_provider') || process.env.WALLE_PROVIDER || 'anthropic';
+      if (provider !== 'anthropic') return false;
+      return getProviderRuntimeState('anthropic').authMethod === 'oauth_proxy';
+    } catch {
+      return process.env.WALLE_PROVIDER === 'anthropic' && process.env.WALLE_AUTH_METHOD === 'oauth_proxy';
+    }
+  })();
+  if (shouldStartOauthProxy) {
     try {
       const out = oauthProxySupervisor.start();
       if (out.ok && out.running) {
@@ -9849,8 +10786,14 @@ server.on('listening', () => {
   console.log('  JSONL file watcher started');
 
   // --- Session Stream: structured conversation event stream ---
-  const sessionStream = _sessionStream = new SessionStream({ jsonlWatcher, sessions, dbModule });
+  const sessionStream = _sessionStream = new SessionStream({
+    jsonlWatcher,
+    sessions,
+    dbModule,
+    summaryProvider: generateSessionSummaryWithWalleProvider,
+  });
   sessionStream.start();
+  const sessionCapture = _sessionCapture = new SessionCapture({ sessionStream });
   // Link already-active sessions that were created before stream started
   for (const [ctmId, session] of sessions) {
     if (session._claudeSessionId) {
@@ -9861,18 +10804,21 @@ server.on('listening', () => {
   }
   // Forward status changes to WS clients
   sessionStream.on('status', (statusEvt) => {
-    broadcastToAll({ type: 'stream-status', ...statusEvt });
+    const projected = sessionCapture.getStatus(statusEvt.sessionId, statusEvt.newStatus || statusEvt.status);
+    broadcastToAll({ type: 'stream-status', ...statusEvt, captureStatus: projected.status, statusEvidence: projected.evidence });
   });
   setInterval(() => {
     if (wss.clients.size === 0) return;
     const now = Date.now();
-    for (const st of sessionStream.getAllStatuses()) {
+    for (const st of sessionCapture.getAllStatuses()) {
       broadcastToAll({
         type: 'stream-status',
         sessionId: st.sessionId,
         ctmSessionId: st.ctmSessionId,
         oldStatus: st.status,
         newStatus: st.status,
+        captureStatus: st.captureStatus || st.status,
+        statusEvidence: st.statusEvidence || [],
         reason: 'snapshot',
         timestamp: now,
         lastActivity: st.lastActivity,