funolio-agent 0.17.8 → 1.0.3

package/dist/message-loop.js

@@ -55,8 +55,6 @@ const response_guard_1 = require("./response-guard");
 const context_compressor_1 = require("./context-compressor");
 const crypto = __importStar(require("crypto"));
 const data = __importStar(require("./local-data"));
-const agent_config_1 = require("./agent-config");
-const subscription_runtime_1 = require("./auth/subscription-runtime");
 const prompt_template_1 = require("./prompt-template");
 /** Determine priority from an AgentCommand */
 function getCommandPriority(command) {
@@ -72,6 +70,47 @@ function getCommandPriority(command) {
     return 'medium';
 }
 const PRIORITY_ORDER = { high: 0, medium: 1, low: 2 };
+function classifyToolName(toolName) {
+    switch (toolName) {
+        case 'read_file':
+            return 'file_read';
+        case 'list_directory':
+            return 'directory_scan';
+        case 'write_file':
+        case 'edit_file':
+            return 'file_write';
+        case 'run_command':
+        case 'git_status':
+        case 'git_diff':
+        case 'git_commit':
+            return 'command_run';
+        case 'web_fetch':
+            return 'web_fetch';
+        default:
+            return 'workspace_hint';
+    }
+}
+function extractToolLocation(toolName, args, projectDir) {
+    const path = typeof args.path === 'string'
+        ? args.path
+        : typeof args.filePath === 'string'
+            ? args.filePath
+            : typeof args.directory === 'string'
+                ? args.directory
+                : undefined;
+    const cwd = typeof args.cwd === 'string'
+        ? args.cwd
+        : toolName === 'run_command' || toolName.startsWith('git_')
+            ? projectDir
+            : undefined;
+    const url = typeof args.url === 'string' ? args.url : undefined;
+    return { path, cwd, url };
+}
+function summarizeToolResult(output, isError) {
+    const prefix = isError ? 'Tool failed: ' : 'Tool completed: ';
+    const compact = output.replace(/\s+/g, ' ').trim();
+    return `${prefix}${compact}`.slice(0, 240);
+}
 class MessageLoop {
     options;
     llmProvider;
@@ -97,23 +136,16 @@ class MessageLoop {
     static SCHEDULED_TASK_TIMEOUT_MS = 5 * 60 * 1000;
     scheduledTaskTimer = null;
     static IDLE_THRESHOLD_MS = 15 * 60 * 1000; // 15 minutes
-    static SERVER_SYNC_RETRY_MAX = 1;
     constructor(options) {
         this.options = options;
-        // DO NOT remap Claude CLI OAuth sessions to the public Anthropic runtime
-        // without explicit user approval.
-        const effectiveKey = options.oauthToken || options.apiKey || '';
+        // Use API key directly — subscription OAuth has been removed.
+        // CLI providers (claude-cli, codex-cli) don't use this path at all.
+        const effectiveKey = options.apiKey || '';
         const effectiveProvider = options.provider;
-        const isOAuthToken = effectiveKey.startsWith('sk-ant-oat01-');
         this.llmProvider = (0, index_1.createProvider)(effectiveProvider, {
             apiKey: effectiveKey,
             model: options.model,
-            ...(isOAuthToken ? { authMode: 'oauth-bearer' } : {}),
         });
-        // Async: attempt to resolve Anthropic subscription auth (create_api_key exchange)
-        if (isOAuthToken && effectiveProvider === 'anthropic') {
-            this.resolveAndUpgradeAuth(effectiveKey, options.model);
-        }
         // Resolve Funolio API credentials for bot status reporting
         const cfg = (0, config_1.loadConfig)();
         const funoliApiKey = cfg.auth?.token || process.env.FUNOLIO_API_KEY || '';
@@ -124,7 +156,7 @@ class MessageLoop {
             llmProvider: effectiveProvider,
             llmModel: options.model,
             llmApiKey: effectiveKey,
-            llmAuthMode: isOAuthToken ? 'oauth-bearer' : 'api-key',
+            llmAuthMode: 'api-key',
             apiKey: funoliApiKey,
             apiBaseUrl: funoliApiBaseUrl,
             botName: options.agentName || 'funolio-agent',
@@ -161,147 +193,6 @@ class MessageLoop {
         // Session idle detection timer (checks every 60s)
         this.idleTimer = setInterval(() => this.checkIdleSession(), 60_000);
     }
-    /**
-     * Attempt to resolve Anthropic subscription auth via create_api_key exchange.
-     * If successful, recreates the LLM provider with the exchanged API key (which
-     * works with standard x-api-key auth and unlocks all models on the subscription).
-     * Falls back to bearer mode silently if exchange fails.
-     */
-    async resolveAndUpgradeAuth(oauthToken, model) {
-        try {
-            const runtime = await (0, subscription_runtime_1.resolveClaudeSubscriptionRuntime)({
-                preferredModel: model,
-                inputCredential: {
-                    provider: 'anthropic',
-                    accessToken: oauthToken,
-                    refreshToken: this.options.resolvedAuth?.credential?.refreshToken || '',
-                    expiresAt: this.options.resolvedAuth?.credential?.expiresAt || 0,
-                },
-                inputSource: 'request:anthropic',
-                persistInputCredential: true,
-            });
-            if (!runtime)
-                return;
-            if (this.options.resolvedAuth?.credential && runtime.authMode === 'oauth-bearer') {
-                this.options.resolvedAuth.credential.accessToken = runtime.apiKey;
-            }
-            if (this.resolvedAuth?.credential && runtime.authMode === 'oauth-bearer') {
-                this.resolvedAuth.credential.accessToken = runtime.apiKey;
-                this.resolvedAuth.apiKey = runtime.apiKey;
-            }
-            if (runtime.authMode !== 'oauth-bearer') {
-                // Successfully exchanged OAuth token for a temporary API key
-                console.log('[message-loop] Anthropic subscription auth: using exchanged API key');
-                this.llmProvider = (0, index_1.createProvider)('anthropic', {
-                    apiKey: runtime.apiKey,
-                    model,
-                });
-            }
-            else {
-                // Bearer fallback — recreate provider with the (possibly refreshed) token
-                const currentToken = runtime.apiKey || this.options.resolvedAuth?.credential?.accessToken || oauthToken;
-                console.log('[message-loop] Anthropic subscription auth: using bearer fallback' +
-                    (currentToken !== oauthToken ? ' (with refreshed token)' : ''));
-                this.llmProvider = (0, index_1.createProvider)('anthropic', {
-                    apiKey: currentToken,
-                    model,
-                    authMode: 'oauth-bearer',
-                });
-            }
-        }
-        catch (err) {
-            console.warn('[message-loop] Anthropic subscription auth resolution failed, keeping bearer mode:', err?.message || err);
-        }
-    }
-    async syncOAuthFromServer(reason) {
-        const providerId = this.options.provider;
-        if (!providerId || providerId.endsWith('-cli'))
-            return false;
-        const cfg = (0, config_1.loadConfig)();
-        const authToken = cfg.auth?.token;
-        if (!authToken)
-            return false;
-        try {
-            const res = await fetch(`${config_1.FUNOLIO_API_URL}/api/v1/agent/config`, {
-                headers: { Authorization: `Bearer ${authToken}` },
-            });
-            if (!res.ok)
-                return false;
-            const body = await res.json();
-            const provider = (body.providers || []).find((p) => p.id === providerId && p.connectionType === 'oauth');
-            if (!provider?.access_token)
-                return false;
-            const currentAccess = this.resolvedAuth?.credential?.accessToken || this.options.oauthToken || '';
-            const currentRefresh = this.resolvedAuth?.credential?.refreshToken || this.options.resolvedAuth?.credential?.refreshToken || '';
-            const currentExpiry = this.resolvedAuth?.credential?.expiresAt || this.options.resolvedAuth?.credential?.expiresAt || 0;
-            const nextExpiry = provider.expires_at || 0;
-            const changed = provider.access_token !== currentAccess
-                || (provider.refresh_token || '') !== currentRefresh
-                || nextExpiry > currentExpiry;
-            if (!changed)
-                return false;
-            if (this.resolvedAuth) {
-                this.resolvedAuth.apiKey = provider.access_token;
-                this.resolvedAuth.expired = false;
-                this.resolvedAuth.error = undefined;
-                if (this.resolvedAuth.credential) {
-                    this.resolvedAuth.credential.accessToken = provider.access_token;
-                    if (provider.refresh_token)
-                        this.resolvedAuth.credential.refreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        this.resolvedAuth.credential.expiresAt = provider.expires_at;
-                }
-            }
-            if (this.options.resolvedAuth) {
-                this.options.resolvedAuth.apiKey = provider.access_token;
-                this.options.resolvedAuth.expired = false;
-                this.options.resolvedAuth.error = undefined;
-                if (this.options.resolvedAuth.credential) {
-                    this.options.resolvedAuth.credential.accessToken = provider.access_token;
-                    if (provider.refresh_token)
-                        this.options.resolvedAuth.credential.refreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        this.options.resolvedAuth.credential.expiresAt = provider.expires_at;
-                }
-            }
-            this.options.oauthToken = provider.access_token;
-            const local = (0, config_1.loadConfig)();
-            if (!local.providers)
-                local.providers = [];
-            const idx = local.providers.findIndex((p) => p.id === providerId);
-            if (idx >= 0) {
-                local.providers[idx].authType = 'oauth';
-                local.providers[idx].oauthToken = provider.access_token;
-                if (provider.refresh_token)
-                    local.providers[idx].oauthRefreshToken = provider.refresh_token;
-                if (provider.expires_at)
-                    local.providers[idx].oauthExpiresAt = provider.expires_at;
-                if (provider.defaultModel)
-                    local.providers[idx].defaultModel = provider.defaultModel;
-            }
-            (0, config_1.saveConfig)(local);
-            if (this.options.agentName) {
-                const agentLocal = (0, agent_config_1.loadAgentConfig)(this.options.agentName);
-                if (agentLocal && agentLocal.provider === providerId) {
-                    agentLocal.oauthToken = provider.access_token;
-                    if (provider.refresh_token)
-                        agentLocal.oauthRefreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        agentLocal.oauthExpiresAt = provider.expires_at;
-                    if (provider.defaultModel)
-                        agentLocal.model = provider.defaultModel;
-                    (0, agent_config_1.saveAgentConfig)(this.options.agentName, agentLocal);
-                }
-            }
-            this.updateToken(provider.access_token);
-            console.log(chalk_1.default.green(`  [auth] Synced updated ${providerId} OAuth credentials from server (${reason})`));
-            return true;
-        }
-        catch (err) {
-            console.log(chalk_1.default.gray(`  [auth] Server OAuth sync skipped (${reason}): ${err?.message || err}`));
-            return false;
-        }
-    }
     /** Check if a session has gone idle and trigger auto-organize */
     async checkIdleSession() {
         if (!this.lastMessageAt || !(0, auto_organizer_1.isAutoOrganizeEnabled)())
@@ -419,48 +310,13 @@ class MessageLoop {
         const overrideModel = command.model?.model;
         let provider = overrideProvider || this.options.provider;
         const model = overrideModel || this.options.model;
-        const apiKey = this.options.oauthToken || this.options.apiKey;
+        const apiKey = this.options.apiKey;
         // Only create a new provider if provider or model actually changed (ignore apiKey overrides from server)
         const hasOverride = (overrideProvider && overrideProvider !== this.options.provider) ||
             (overrideModel && overrideModel !== this.options.model);
         let llm;
         if (hasOverride) {
-            // For overrides with OAuth tokens, try subscription auth resolution
-            if ((apiKey || '').startsWith('sk-ant-oat01-') && provider === 'anthropic') {
-                try {
-                    const runtime = await (0, subscription_runtime_1.resolveClaudeSubscriptionRuntime)({
-                        preferredModel: model,
-                        inputCredential: {
-                            provider: 'anthropic',
-                            accessToken: apiKey,
-                            refreshToken: this.options.resolvedAuth?.credential?.refreshToken || '',
-                            expiresAt: this.options.resolvedAuth?.credential?.expiresAt || 0,
-                        },
-                        inputSource: 'request:anthropic',
-                        persistInputCredential: true,
-                    });
-                    const resolvedKey = runtime?.apiKey || apiKey;
-                    const authMode = runtime?.authMode;
-                    if (this.options.resolvedAuth?.credential && authMode === 'oauth-bearer') {
-                        this.options.resolvedAuth.credential.accessToken = resolvedKey;
-                    }
-                    if (this.resolvedAuth?.credential && authMode === 'oauth-bearer') {
-                        this.resolvedAuth.credential.accessToken = resolvedKey;
-                        this.resolvedAuth.apiKey = resolvedKey;
-                    }
-                    llm = (0, index_1.createProvider)(provider, {
-                        apiKey: resolvedKey,
-                        model,
-                        ...(authMode === 'oauth-bearer' ? { authMode: 'oauth-bearer' } : {}),
-                    });
-                }
-                catch {
-                    llm = (0, index_1.createProvider)(provider, { apiKey, model, authMode: 'oauth-bearer' });
-                }
-            }
-            else {
-                llm = (0, index_1.createProvider)(provider, { apiKey, model });
-            }
+            llm = (0, index_1.createProvider)(provider, { apiKey, model });
         }
         else {
             llm = this.llmProvider;
@@ -545,6 +401,8 @@ class MessageLoop {
                 ...this.toolContext,
                 projectId: effectiveProjectId ?? null,
                 abortSignal: commandAbortController.signal,
+                // Use project folder as working directory if available
+                ...(effectiveProject?.folder ? { projectDir: effectiveProject.folder } : {}),
             };
             // ─── Orchestrator Mode Branch ─────────────────────────
             // Resolve the selected bot profile — from command.bot, conversation bot_id, or default
@@ -717,15 +575,40 @@ TOOL EFFICIENCY RULES:
                 const str = JSON.stringify(args || {}).slice(0, 200);
                 return crypto.createHash('md5').update(str).digest('hex').slice(0, 12);
             }
+            function getRetryKey(name, args) {
+                // Bug 6: For meta-tools, include action in retry key so different actions don't share budget
+                if (args?.action)
+                    return `${name}:${args.action}`;
+                return name;
+            }
             function trackToolFailure(name, args) {
-                const key = `${name}:${getArgsHash(args)}`;
+                const key = `${getRetryKey(name, args)}:${getArgsHash(args)}`;
+                const retryKey = getRetryKey(name, args);
                 toolFailuresByKey.set(key, (toolFailuresByKey.get(key) || 0) + 1);
-                toolFailuresByName.set(name, (toolFailuresByName.get(name) || 0) + 1);
+                toolFailuresByName.set(retryKey, (toolFailuresByName.get(retryKey) || 0) + 1);
+            }
+            // Futility detection: track consecutive low-value tool results
+            let consecutiveEmptyResults = 0;
+            const FUTILITY_THRESHOLD = 6; // after 6 consecutive empty/low-value results, nudge the LLM
+            let futilityNudgeInjected = false;
+            function isLowValueResult(output) {
+                if (!output || output.length < 30)
+                    return true;
+                const lower = output.toLowerCase();
+                if (lower.includes('no matches found') || lower.includes('no results'))
+                    return true;
+                if (lower.includes('0 bytes') || lower.includes('empty'))
+                    return true;
+                // exit code 1 with no meaningful stdout
+                if (/\[exit code: [^0]/.test(lower) && output.replace(/\[exit code:.*?\]/g, '').trim().length < 20)
+                    return true;
+                return false;
             }
             function checkRetryBudget(name, args) {
-                const key = `${name}:${getArgsHash(args)}`;
+                const key = `${getRetryKey(name, args)}:${getArgsHash(args)}`;
+                const retryKey = getRetryKey(name, args);
                 const keyCount = toolFailuresByKey.get(key) || 0;
-                const nameCount = toolFailuresByName.get(name) || 0;
+                const nameCount = toolFailuresByName.get(retryKey) || 0;
                 if (keyCount >= 2) {
                     return `This exact operation has failed ${keyCount} times. Stop retrying and inform the user what went wrong. Suggest an alternative approach or ask for help.`;
                 }
@@ -736,7 +619,7 @@ TOOL EFFICIENCY RULES:
             }
             // Agentic loop - keep calling LLM until no more tool calls
             let iteration = 0;
-            const MAX_ITERATIONS = 100;
+            const MAX_ITERATIONS = 30;
             const GLOBAL_TIMEOUT_MS = 10 * 60 * 1000; // 10 minutes wall-clock timeout
             let totalTokensUsed = 0;
             let totalInputTokens = 0;
@@ -744,7 +627,6 @@ TOOL EFFICIENCY RULES:
             let totalCacheReadTokens = 0;
             let totalCacheCreationTokens = 0;
             let totalToolCallDurationMs = 0;
-            let serverSyncRetries = 0;
             const deniedTools = new Set(); // Track tools denied by user — don't re-ask
             const commandStartMs = Date.now();
             // Publish prompt context for "View Prompt" panel
@@ -787,34 +669,14 @@ TOOL EFFICIENCY RULES:
                         timestamp: Date.now(),
                     });
                 }
-                // Refresh OAuth token before each LLM call if needed
+                // API keys don't expire — ensureFreshToken is a no-op for api-key source
                 if (this.resolvedAuth) {
                     const refreshed = await (0, auto_detect_1.ensureFreshToken)(this.resolvedAuth);
-                    if (refreshed.expired) {
-                        if (serverSyncRetries < MessageLoop.SERVER_SYNC_RETRY_MAX) {
-                            const synced = await this.syncOAuthFromServer('refresh-failed');
-                            if (synced) {
-                                serverSyncRetries++;
-                                continue;
-                            }
-                        }
-                        console.error(chalk_1.default.red(`  [auth] Token refresh failed: ${refreshed.error}`));
-                        await this.options.mqttClient.publishResult({
-                            commandId: command.id,
-                            type: 'error',
-                            error: 'Your authentication token has expired or been revoked. Please re-authenticate by running `funolio-agent login` or `funolio-agent configure`.',
-                            timestamp: Date.now(),
-                        });
-                        break;
-                    }
                     if (refreshed.apiKey !== this.resolvedAuth.apiKey) {
                         this.resolvedAuth = refreshed;
                         this.updateToken(refreshed.apiKey);
                     }
                 }
-                // With OAuth auto-detection, all providers now use direct API calls
-                // with full tool support. The old CLI_PROVIDERS check is kept only
-                // for logging/diagnostics but no longer gates tool availability.
                 // Smart tool filtering: only send relevant tools to reduce token usage
                 const filteredTools = (0, tool_filter_1.filterToolsForMessage)(this.toolDefinitions, this.builtinToolDefinitions, command.prompt);
                 if (filteredTools.length < this.toolDefinitions.length) {
@@ -848,26 +710,17 @@ TOOL EFFICIENCY RULES:
                     const msg = llmError?.message || String(llmError);
                     const isAuthError = /401|403|unauthorized|forbidden|authentication/i.test(msg);
                     if (isAuthError) {
-                        if (serverSyncRetries < MessageLoop.SERVER_SYNC_RETRY_MAX) {
-                            const synced = await this.syncOAuthFromServer('llm-auth-error');
-                            if (synced) {
-                                serverSyncRetries++;
-                                continue;
-                            }
-                        }
                         console.error(chalk_1.default.red(`  [auth] LLM API authentication failed: ${msg}`));
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
                             type: 'error',
-                            error: 'API authentication failed. Your token may have expired — run `funolio-agent login` to refresh.',
+                            error: 'API authentication failed. Check your API key or run `funolio-agent configure` to update it.',
                             timestamp: Date.now(),
                         });
                         break;
                     }
                     throw llmError;
                 }
-                // Any successful provider response clears one-shot sync retry budget
-                serverSyncRetries = 0;
                 // Track token usage across iterations
                 if (response.usage) {
                     totalTokensUsed += response.usage.inputTokens + response.usage.outputTokens;
@@ -887,6 +740,8 @@ TOOL EFFICIENCY RULES:
                     for (const toolCall of response.toolCalls) {
                         totalToolCalls++;
                         console.log(chalk_1.default.cyan(`  🔧 Tool: ${toolCall.name}(${JSON.stringify(toolCall.arguments).slice(0, 60)}...)`));
+                        const toolSummary = (0, approval_1.generateToolSummary)(toolCall.name, toolCall.arguments);
+                        const toolLocation = extractToolLocation(toolCall.name, toolCall.arguments, commandToolContext.projectDir);
                         // Check permission before execution
                         const permMode = this.options.permissionMode || 'autopilot';
                         let approval = (0, approval_1.checkPermission)(toolCall.name, permMode, this.options.enabledTools);
@@ -897,20 +752,29 @@ TOOL EFFICIENCY RULES:
                         // If not auto-approved, request interactive approval via MQTT
                         if (!approval.approved && permMode !== 'autopilot' && !deniedTools.has(toolCall.name)) {
                             console.log(chalk_1.default.yellow(`  🔐 Requesting user approval for: ${toolCall.name}`));
-                            // Generate requestId up front so the MQTT result and pending map use the same ID
-                            const approvalRequestId = require('crypto').randomUUID();
-                            await this.options.mqttClient.publishResult({
-                                commandId: command.id,
-                                type: 'approval_request',
-                                requestId: approvalRequestId,
-                                toolCall: {
-                                    id: toolCall.id,
-                                    name: toolCall.name,
-                                    arguments: toolCall.arguments,
+                            approval = await this.approvalManager.requestApproval(command.id, toolCall.name, toolCall.arguments, {
+                                onRequest: async (request) => {
+                                    await this.options.mqttClient.publishResult({
+                                        commandId: command.id,
+                                        type: 'approval_request',
+                                        requestId: request.requestId,
+                                        riskLevel: request.riskLevel,
+                                        summary: request.summary,
+                                        toolCall: {
+                                            id: toolCall.id,
+                                            name: toolCall.name,
+                                            arguments: toolCall.arguments,
+                                            classification: classifyToolName(toolCall.name),
+                                            summary: toolSummary,
+                                            path: toolLocation.path,
+                                            cwd: toolLocation.cwd,
+                                            url: toolLocation.url,
+                                            importance: request.riskLevel === 'destructive' ? 'high' : 'medium',
+                                        },
+                                        timestamp: Date.now(),
+                                    });
                                 },
-                                timestamp: Date.now(),
                             });
-                            approval = await this.approvalManager.requestApprovalWithId(approvalRequestId, command.id, toolCall.name, toolCall.arguments);
                             // If user chose "always allow", persist it
                             if (approval.approved && approval.remember) {
                                 (0, approval_1.rememberTool)(toolCall.name);
@@ -920,19 +784,26 @@ TOOL EFFICIENCY RULES:
                         if (!approval.approved) {
                             deniedTools.add(toolCall.name);
                             console.log(chalk_1.default.yellow(`  ⚠ Tool denied: ${approval.reason}`));
+                            const deniedOutput = `PERMISSION_DENIED: ${approval.reason}`;
                             await this.options.mqttClient.publishResult({
                                 commandId: command.id,
                                 type: 'tool_result',
                                 toolResult: {
                                     callId: toolCall.id,
-                                    output: `PERMISSION_DENIED: ${approval.reason}`,
+                                    output: deniedOutput,
                                     isError: true,
+                                    success: false,
+                                    summary: summarizeToolResult(deniedOutput, true),
+                                    path: toolLocation.path,
+                                    cwd: toolLocation.cwd,
+                                    url: toolLocation.url,
+                                    pathsTouched: toolLocation.path ? [toolLocation.path] : [],
                                 },
                                 timestamp: Date.now(),
                             });
                             messages.push({
                                 role: 'tool',
-                                content: `PERMISSION_DENIED: ${approval.reason}`,
+                                content: deniedOutput,
                                 toolCallId: toolCall.id,
                                 toolName: toolCall.name,
                             });
@@ -945,6 +816,12 @@ TOOL EFFICIENCY RULES:
                                 id: toolCall.id,
                                 name: toolCall.name,
                                 arguments: toolCall.arguments,
+                                classification: classifyToolName(toolCall.name),
+                                summary: toolSummary,
+                                path: toolLocation.path,
+                                cwd: toolLocation.cwd,
+                                url: toolLocation.url,
+                                importance: (0, approval_1.getRiskLevel)(toolCall.name) === 'destructive' ? 'high' : 'medium',
                             },
                             timestamp: Date.now(),
                         });
@@ -977,9 +854,16 @@ TOOL EFFICIENCY RULES:
                         const toolStartMs = Date.now();
                         const rawResult = await (0, tools_1.executeToolWithMCP)({ id: toolCall.id, name: toolCall.name, arguments: toolCall.arguments }, commandToolContext, this.options.mcpManager);
                         const toolResult = await (0, verification_1.verifyToolResult)(rawResult, toolCall.arguments, commandToolContext);
-                        const resultOutput = toolResult.success
+                        let resultOutput = toolResult.success
                             ? toolResult.output
                             : `ERROR: ${toolResult.error || 'Unknown error'}`;
+                        // Bug 2 & 7: Cap tool result size to prevent context blowup
+                        const MAX_TOOL_RESULT_CHARS = 50_000;
+                        if (resultOutput.length > MAX_TOOL_RESULT_CHARS) {
+                            const originalLength = resultOutput.length;
+                            resultOutput = resultOutput.slice(0, MAX_TOOL_RESULT_CHARS) +
+                                `\n\n[OUTPUT TRUNCATED — was ${originalLength} chars. Use more specific commands to read smaller portions.]`;
+                        }
                         // Track failures for retry budget (Optimization 2)
                         if (!toolResult.success) {
                             trackToolFailure(toolCall.name, toolCall.arguments);
@@ -996,6 +880,13 @@ TOOL EFFICIENCY RULES:
                                 output: resultOutput,
                                 isError: !toolResult.success,
                                 durationMs: toolDurationMs,
+                                success: toolResult.success,
+                                summary: summarizeToolResult(resultOutput, !toolResult.success),
+                                path: toolLocation.path,
+                                cwd: toolLocation.cwd,
+                                url: toolLocation.url,
+                                pathsTouched: toolLocation.path ? [toolLocation.path] : [],
+                                exitCode: typeof toolResult.exit_code === 'number' ? toolResult.exit_code : undefined,
                             },
                             timestamp: Date.now(),
                         });
@@ -1006,6 +897,22 @@ TOOL EFFICIENCY RULES:
                             toolCallId: toolCall.id,
                             toolName: toolCall.name,
                         });
+                        // Futility detection: track consecutive low-value results
+                        if (isLowValueResult(resultOutput)) {
+                            consecutiveEmptyResults++;
+                        }
+                        else {
+                            consecutiveEmptyResults = 0; // reset on any meaningful result
+                        }
+                    }
+                    // Futility check: if too many consecutive empty results, nudge the LLM to stop spinning
+                    if (consecutiveEmptyResults >= FUTILITY_THRESHOLD && !futilityNudgeInjected) {
+                        futilityNudgeInjected = true;
+                        console.log(chalk_1.default.yellow(`  ⚠ Futility detected: ${consecutiveEmptyResults} consecutive low-value tool results — nudging LLM`));
+                        messages.push({
+                            role: 'user',
+                            content: '[System] Your last several tool calls returned empty or no-match results. Stop searching and work with what you have. Summarize what you found (or could not find) and suggest next steps to the user. Do not make more search attempts.',
+                        });
                     }
                     // --- Rate limit checks ---
                     // Warn at 80% of tool call limit
@@ -1184,6 +1091,7 @@ TOOL EFFICIENCY RULES:
 - You can discover and gain new capabilities on-the-fly through the marketplace.
 - **NEVER tell the user to "do it manually" or "upload it yourself"** — always check the marketplace first and offer to install the right tool.`;
         systemPrompt += '\n\nIMPORTANT: When the user references a project, topic, or past work, use the relevant memory/facts provided below. If no relevant facts are available, say so honestly rather than guessing. Use your tools (file browsing, commands) to find project files on the local machine.';
+        systemPrompt += '\n\nIMPORTANT: If a Workspace Manifest or Recent Operational State section is present, use it before repeating discovery work. Check known local files and directories before fetching from external sources. Do not re-fetch from Drive, GitHub, or the web if the state context shows the artifact is already local unless the user explicitly asks for a fresh external copy.';
         systemPrompt += '\n\nDo not end with a deferred promise (for example: "Let me check..."). Return a final answer in this turn, or state exactly what is unavailable.';
         systemPrompt += '\n\n' + (0, clerk_model_1.buildTodoInstructions)(this.options.agentName || 'LLM');
         // Inject model self-switch info
@@ -1228,6 +1136,32 @@ When a user asks to "use Opus" or "switch to GPT-4o", identify the right model I
         if (command.context?.files?.length) {
             systemPrompt += '\n\nRelevant files: ' + command.context.files.join(', ');
         }
+        if (command.context?.stateContext?.summaryText) {
+            systemPrompt += '\n\n[Recent Operational State]\n' + command.context.stateContext.summaryText;
+        }
+        if (command.context?.workspaceManifest) {
+            const manifestLines = [];
+            const manifest = command.context.workspaceManifest;
+            if (manifest.projectRoot)
+                manifestLines.push(`- Project root: ${manifest.projectRoot}`);
+            if (manifest.likelyWorkingDirectory)
+                manifestLines.push(`- Likely working directory: ${manifest.likelyWorkingDirectory}`);
+            if (manifest.recentlyReadFiles?.length)
+                manifestLines.push(`- Recently read files: ${manifest.recentlyReadFiles.join(', ')}`);
+            if (manifest.recentlyWrittenFiles?.length)
+                manifestLines.push(`- Recently written files: ${manifest.recentlyWrittenFiles.join(', ')}`);
+            if (manifest.recentlyScannedDirectories?.length)
+                manifestLines.push(`- Recently scanned directories: ${manifest.recentlyScannedDirectories.join(', ')}`);
+            if (manifest.recentDownloads?.length)
+                manifestLines.push(`- Recent downloads: ${manifest.recentDownloads.join(', ')}`);
+            if (manifest.recentFailures?.length)
+                manifestLines.push(`- Recent failures: ${manifest.recentFailures.join(' | ')}`);
+            if (manifest.startHereHints?.length)
+                manifestLines.push(`- Start here: ${manifest.startHereHints.join(', ')}`);
+            if (manifestLines.length) {
+                systemPrompt += '\n\n[Workspace Manifest]\n' + manifestLines.join('\n');
+            }
+        }
         return systemPrompt;
     }
     async publishError(commandId, error) {
@@ -1240,19 +1174,14 @@ When a user asks to "use Opus" or "switch to GPT-4o", identify the right model I
             timestamp: Date.now(),
         });
     }
-    /** Update the OAuth token used for requests (called by token refresh) */
+    /** Update the API key used for requests */
     updateToken(token) {
-        this.options.oauthToken = token;
-        // Recreate the default provider with the new token
+        this.options.apiKey = token;
         const effectiveProvider = this.options.provider;
         this.llmProvider = (0, index_1.createProvider)(effectiveProvider, {
             apiKey: token,
             model: this.options.model,
-            ...(token.startsWith('sk-ant-oat01-') ? { authMode: 'oauth-bearer' } : {}),
         });
-        if (token.startsWith('sk-ant-oat01-') && effectiveProvider === 'anthropic') {
-            this.resolveAndUpgradeAuth(token, this.options.model);
-        }
     }
 }
 exports.MessageLoop = MessageLoop;