funolio-agent 1.0.7 → 1.0.48

package/dist/message-loop.js

@@ -47,17 +47,12 @@ const approval_1 = require("./approval");
 const local_db_1 = require("./local-db");
 const config_1 = require("./config");
 const auto_detect_1 = require("./auth/auto-detect");
+const anthropic_subscription_1 = require("./auth/anthropic-subscription");
 const clerk_model_1 = require("./clerk-model");
 const local_funnel_1 = require("./local-funnel");
 const auto_organizer_1 = require("./auto-organizer");
-const orchestrator_profile_1 = require("./orchestrator-profile");
-const response_guard_1 = require("./response-guard");
-const context_compressor_1 = require("./context-compressor");
-const crypto = __importStar(require("crypto"));
+const tool_permissions_1 = require("./tool-permissions");
 const data = __importStar(require("./local-data"));
-const agent_config_1 = require("./agent-config");
-const subscription_runtime_1 = require("./auth/subscription-runtime");
-const prompt_template_1 = require("./prompt-template");
 /** Determine priority from an AgentCommand */
 function getCommandPriority(command) {
     if (command.priority)
@@ -72,6 +67,56 @@ function getCommandPriority(command) {
     return 'medium';
 }
 const PRIORITY_ORDER = { high: 0, medium: 1, low: 2 };
+function classifyToolName(toolName) {
+    switch (toolName) {
+        case 'read_file':
+            return 'file_read';
+        case 'list_directory':
+            return 'directory_scan';
+        case 'write_file':
+        case 'edit_file':
+            return 'file_write';
+        case 'run_command':
+        case 'git_status':
+        case 'git_diff':
+        case 'git_commit':
+            return 'command_run';
+        case 'web_fetch':
+            return 'web_fetch';
+        default:
+            return 'workspace_hint';
+    }
+}
+function extractToolLocation(toolName, args, projectDir) {
+    const path = typeof args.path === 'string'
+        ? args.path
+        : typeof args.filePath === 'string'
+            ? args.filePath
+            : typeof args.directory === 'string'
+                ? args.directory
+                : undefined;
+    const cwd = typeof args.cwd === 'string'
+        ? args.cwd
+        : toolName === 'run_command' || toolName.startsWith('git_')
+            ? projectDir
+            : undefined;
+    const url = typeof args.url === 'string' ? args.url : undefined;
+    return { path, cwd, url };
+}
+function summarizeToolResult(output, isError) {
+    const prefix = isError ? 'Tool failed: ' : 'Tool completed: ';
+    const compact = output.replace(/\s+/g, ' ').trim();
+    return `${prefix}${compact}`.slice(0, 240);
+}
+function normalizeMcpToolNames(toolNames) {
+    if (!Array.isArray(toolNames))
+        return undefined;
+    const trimmed = toolNames
+        .filter((toolName) => typeof toolName === 'string')
+        .map((toolName) => toolName.trim())
+        .filter(Boolean);
+    return [...new Set(trimmed)];
+}
 class MessageLoop {
     options;
     llmProvider;
@@ -86,7 +131,6 @@ class MessageLoop {
     resolvedAuth = null;
     idleTimer = null;
     approvalManager;
-    _activeAbortController = null;
     /** Rate limiting / cost guardrails */
     maxToolCallsPerMessage;
     maxTokensPerMessage;
@@ -97,7 +141,6 @@ class MessageLoop {
     static SCHEDULED_TASK_TIMEOUT_MS = 5 * 60 * 1000;
     scheduledTaskTimer = null;
     static IDLE_THRESHOLD_MS = 15 * 60 * 1000; // 15 minutes
-    static SERVER_SYNC_RETRY_MAX = 1;
     constructor(options) {
         this.options = options;
         // DO NOT remap Claude CLI OAuth sessions to the public Anthropic runtime
@@ -114,29 +157,28 @@ class MessageLoop {
         if (isOAuthToken && effectiveProvider === 'anthropic') {
             this.resolveAndUpgradeAuth(effectiveKey, options.model);
         }
-        // Resolve Funolio API credentials for bot status reporting
-        const cfg = (0, config_1.loadConfig)();
-        const funoliApiKey = cfg.auth?.token || process.env.FUNOLIO_API_KEY || '';
-        const funoliApiBaseUrl = config_1.FUNOLIO_API_URL;
         this.toolContext = (0, index_2.createToolContext)(options.projectDir, {
             actorType: 'llm',
             actorId: options.agentName || options.userId,
-            llmProvider: effectiveProvider,
-            llmModel: options.model,
-            llmApiKey: effectiveKey,
-            llmAuthMode: isOAuthToken ? 'oauth-bearer' : 'api-key',
-            apiKey: funoliApiKey,
-            apiBaseUrl: funoliApiBaseUrl,
-            botName: options.agentName || 'funolio-agent',
         });
+        this.options.enabledTools = (0, tool_permissions_1.normalizeConfiguredToolNames)(options.enabledTools);
+        this.options.enabledMcpTools = normalizeMcpToolNames(options.enabledMcpTools);
         let allTools = (0, index_2.getAllToolDefinitions)(options.mcpManager);
         let builtinTools = (0, index_2.getToolDefinitions)();
-        // Filter tools by enabledTools whitelist if specified
-        if (options.enabledTools && options.enabledTools.length > 0) {
-            const allowed = new Set(options.enabledTools);
-            allTools = allTools.filter((t) => allowed.has(t.name));
-            builtinTools = builtinTools.filter((t) => allowed.has(t.name));
-            console.log(chalk_1.default.gray(`  [${options.agentName || 'agent'}] Tool filter: ${allTools.length} tools enabled (${options.enabledTools.length} configured)`));
+        // Filter builtin and MCP tools independently.
+        // An explicit empty array means "deny all" for that category.
+        if (this.options.enabledTools !== undefined || this.options.enabledMcpTools !== undefined) {
+            const builtinNames = new Set(builtinTools.map((t) => t.name));
+            const allowedBuiltin = this.options.enabledTools !== undefined ? new Set(this.options.enabledTools) : null;
+            const allowedMcp = this.options.enabledMcpTools !== undefined ? new Set(this.options.enabledMcpTools) : null;
+            allTools = allTools.filter((t) => {
+                if (builtinNames.has(t.name)) {
+                    return allowedBuiltin ? allowedBuiltin.has(t.name) : true;
+                }
+                return allowedMcp ? allowedMcp.has(t.name) : true;
+            });
+            builtinTools = builtinTools.filter((t) => (allowedBuiltin ? allowedBuiltin.has(t.name) : true));
+            console.log(chalk_1.default.gray(`  [${options.agentName || 'agent'}] Tool filter: ${allTools.length} enabled (builtin=${this.options.enabledTools?.length ?? 'all'}, mcp=${this.options.enabledMcpTools?.length ?? 'all'})`));
         }
         this.toolDefinitions = allTools;
         this.builtinToolDefinitions = builtinTools;
@@ -155,9 +197,7 @@ class MessageLoop {
         });
         // Rate limiting defaults (can be overridden via options from agent config)
         this.maxToolCallsPerMessage = options.maxToolCallsPerMessage ?? 50;
-        // maxTokensPerMessage retained for backwards compat but no longer enforced.
-        // LLM providers handle their own context limits with proper error responses.
-        this.maxTokensPerMessage = options.maxTokensPerMessage ?? 1_000_000;
+        this.maxTokensPerMessage = options.maxTokensPerMessage ?? 200_000;
         // Session idle detection timer (checks every 60s)
         this.idleTimer = setInterval(() => this.checkIdleSession(), 60_000);
     }
@@ -169,37 +209,34 @@ class MessageLoop {
      */
     async resolveAndUpgradeAuth(oauthToken, model) {
         try {
-            const runtime = await (0, subscription_runtime_1.resolveClaudeSubscriptionRuntime)({
-                preferredModel: model,
-                inputCredential: {
-                    provider: 'anthropic',
-                    accessToken: oauthToken,
-                    refreshToken: this.options.resolvedAuth?.credential?.refreshToken || '',
-                    expiresAt: this.options.resolvedAuth?.credential?.expiresAt || 0,
+            const result = await (0, anthropic_subscription_1.resolveAnthropicSubscriptionAuth)({
+                accessToken: oauthToken,
+                refreshToken: this.options.resolvedAuth?.credential?.refreshToken || null,
+                expiresAt: this.options.resolvedAuth?.credential?.expiresAt || null,
+                onRefresh: (credential) => {
+                    // Propagate refreshed credentials to BOTH auth stores
+                    if (this.options.resolvedAuth) {
+                        this.options.resolvedAuth.credential = credential;
+                    }
+                    if (this.resolvedAuth) {
+                        this.resolvedAuth.credential = credential;
+                        // Also update the apiKey field so ensureFreshToken() sees the new token
+                        this.resolvedAuth.apiKey = credential.accessToken;
+                    }
+                    console.log('[message-loop] Anthropic OAuth token refreshed and propagated to runtime state');
                 },
-                inputSource: 'request:anthropic',
-                persistInputCredential: true,
             });
-            if (!runtime)
-                return;
-            if (this.options.resolvedAuth?.credential && runtime.authMode === 'oauth-bearer') {
-                this.options.resolvedAuth.credential.accessToken = runtime.apiKey;
-            }
-            if (this.resolvedAuth?.credential && runtime.authMode === 'oauth-bearer') {
-                this.resolvedAuth.credential.accessToken = runtime.apiKey;
-                this.resolvedAuth.apiKey = runtime.apiKey;
-            }
-            if (runtime.authMode !== 'oauth-bearer') {
+            if (result.source === 'api-key-exchange') {
                 // Successfully exchanged OAuth token for a temporary API key
                 console.log('[message-loop] Anthropic subscription auth: using exchanged API key');
                 this.llmProvider = (0, index_1.createProvider)('anthropic', {
-                    apiKey: runtime.apiKey,
+                    apiKey: result.token,
                     model,
                 });
             }
             else {
                 // Bearer fallback — recreate provider with the (possibly refreshed) token
-                const currentToken = runtime.apiKey || this.options.resolvedAuth?.credential?.accessToken || oauthToken;
+                const currentToken = this.options.resolvedAuth?.credential?.accessToken || oauthToken;
                 console.log('[message-loop] Anthropic subscription auth: using bearer fallback' +
                     (currentToken !== oauthToken ? ' (with refreshed token)' : ''));
                 this.llmProvider = (0, index_1.createProvider)('anthropic', {
@@ -213,95 +250,6 @@ class MessageLoop {
             console.warn('[message-loop] Anthropic subscription auth resolution failed, keeping bearer mode:', err?.message || err);
         }
     }
-    async syncOAuthFromServer(reason) {
-        const providerId = this.options.provider;
-        if (!providerId || providerId.endsWith('-cli'))
-            return false;
-        const cfg = (0, config_1.loadConfig)();
-        const authToken = cfg.auth?.token;
-        if (!authToken)
-            return false;
-        try {
-            const res = await fetch(`${config_1.FUNOLIO_API_URL}/api/v1/agent/config`, {
-                headers: { Authorization: `Bearer ${authToken}` },
-            });
-            if (!res.ok)
-                return false;
-            const body = await res.json();
-            const provider = (body.providers || []).find((p) => p.id === providerId && p.connectionType === 'oauth');
-            if (!provider?.access_token)
-                return false;
-            const currentAccess = this.resolvedAuth?.credential?.accessToken || this.options.oauthToken || '';
-            const currentRefresh = this.resolvedAuth?.credential?.refreshToken || this.options.resolvedAuth?.credential?.refreshToken || '';
-            const currentExpiry = this.resolvedAuth?.credential?.expiresAt || this.options.resolvedAuth?.credential?.expiresAt || 0;
-            const nextExpiry = provider.expires_at || 0;
-            const changed = provider.access_token !== currentAccess
-                || (provider.refresh_token || '') !== currentRefresh
-                || nextExpiry > currentExpiry;
-            if (!changed)
-                return false;
-            if (this.resolvedAuth) {
-                this.resolvedAuth.apiKey = provider.access_token;
-                this.resolvedAuth.expired = false;
-                this.resolvedAuth.error = undefined;
-                if (this.resolvedAuth.credential) {
-                    this.resolvedAuth.credential.accessToken = provider.access_token;
-                    if (provider.refresh_token)
-                        this.resolvedAuth.credential.refreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        this.resolvedAuth.credential.expiresAt = provider.expires_at;
-                }
-            }
-            if (this.options.resolvedAuth) {
-                this.options.resolvedAuth.apiKey = provider.access_token;
-                this.options.resolvedAuth.expired = false;
-                this.options.resolvedAuth.error = undefined;
-                if (this.options.resolvedAuth.credential) {
-                    this.options.resolvedAuth.credential.accessToken = provider.access_token;
-                    if (provider.refresh_token)
-                        this.options.resolvedAuth.credential.refreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        this.options.resolvedAuth.credential.expiresAt = provider.expires_at;
-                }
-            }
-            this.options.oauthToken = provider.access_token;
-            const local = (0, config_1.loadConfig)();
-            if (!local.providers)
-                local.providers = [];
-            const idx = local.providers.findIndex((p) => p.id === providerId);
-            if (idx >= 0) {
-                local.providers[idx].authType = 'oauth';
-                local.providers[idx].oauthToken = provider.access_token;
-                if (provider.refresh_token)
-                    local.providers[idx].oauthRefreshToken = provider.refresh_token;
-                if (provider.expires_at)
-                    local.providers[idx].oauthExpiresAt = provider.expires_at;
-                if (provider.defaultModel)
-                    local.providers[idx].defaultModel = provider.defaultModel;
-            }
-            (0, config_1.saveConfig)(local);
-            if (this.options.agentName) {
-                const agentLocal = (0, agent_config_1.loadAgentConfig)(this.options.agentName);
-                if (agentLocal && agentLocal.provider === providerId) {
-                    agentLocal.oauthToken = provider.access_token;
-                    if (provider.refresh_token)
-                        agentLocal.oauthRefreshToken = provider.refresh_token;
-                    if (provider.expires_at)
-                        agentLocal.oauthExpiresAt = provider.expires_at;
-                    if (provider.defaultModel)
-                        agentLocal.model = provider.defaultModel;
-                    (0, agent_config_1.saveAgentConfig)(this.options.agentName, agentLocal);
-                }
-            }
-            this.updateToken(provider.access_token);
-            console.log(chalk_1.default.green(`  [auth] Synced updated ${providerId} OAuth credentials from server (${reason})`));
-            return true;
-        }
-        catch (err) {
-            console.log(chalk_1.default.gray(`  [auth] Server OAuth sync skipped (${reason}): ${err?.message || err}`));
-            return false;
-        }
-    }
     /** Check if a session has gone idle and trigger auto-organize */
     async checkIdleSession() {
         if (!this.lastMessageAt || !(0, auto_organizer_1.isAutoOrganizeEnabled)())
@@ -402,11 +350,6 @@ class MessageLoop {
                 console.log(chalk_1.default.yellow(`Cancelling command ${command.id}`));
                 this.activeCommandId = null;
                 this.approvalManager.cancelAll();
-                // Abort any running tool execution
-                if (this._activeAbortController) {
-                    this._activeAbortController.abort();
-                    this._activeAbortController = null;
-                }
             }
             return;
         }
@@ -428,30 +371,25 @@ class MessageLoop {
             // For overrides with OAuth tokens, try subscription auth resolution
             if ((apiKey || '').startsWith('sk-ant-oat01-') && provider === 'anthropic') {
                 try {
-                    const runtime = await (0, subscription_runtime_1.resolveClaudeSubscriptionRuntime)({
-                        preferredModel: model,
-                        inputCredential: {
-                            provider: 'anthropic',
-                            accessToken: apiKey,
-                            refreshToken: this.options.resolvedAuth?.credential?.refreshToken || '',
-                            expiresAt: this.options.resolvedAuth?.credential?.expiresAt || 0,
+                    const authResult = await (0, anthropic_subscription_1.resolveAnthropicSubscriptionAuth)({
+                        accessToken: apiKey,
+                        refreshToken: this.options.resolvedAuth?.credential?.refreshToken || null,
+                        expiresAt: this.options.resolvedAuth?.credential?.expiresAt || null,
+                        onRefresh: (credential) => {
+                            if (this.options.resolvedAuth) {
+                                this.options.resolvedAuth.credential = credential;
+                            }
+                            if (this.resolvedAuth) {
+                                this.resolvedAuth.credential = credential;
+                                this.resolvedAuth.apiKey = credential.accessToken;
+                            }
+                            console.log('[message-loop] Anthropic OAuth token refreshed (override path)');
                         },
-                        inputSource: 'request:anthropic',
-                        persistInputCredential: true,
                     });
-                    const resolvedKey = runtime?.apiKey || apiKey;
-                    const authMode = runtime?.authMode;
-                    if (this.options.resolvedAuth?.credential && authMode === 'oauth-bearer') {
-                        this.options.resolvedAuth.credential.accessToken = resolvedKey;
-                    }
-                    if (this.resolvedAuth?.credential && authMode === 'oauth-bearer') {
-                        this.resolvedAuth.credential.accessToken = resolvedKey;
-                        this.resolvedAuth.apiKey = resolvedKey;
-                    }
                     llm = (0, index_1.createProvider)(provider, {
-                        apiKey: resolvedKey,
+                        apiKey: authResult.token,
                         model,
-                        ...(authMode === 'oauth-bearer' ? { authMode: 'oauth-bearer' } : {}),
+                        ...(authResult.authMode === 'oauth-bearer' ? { authMode: 'oauth-bearer' } : {}),
                     });
                 }
                 catch {
@@ -467,15 +405,6 @@ class MessageLoop {
         }
         // Refresh tool definitions each command so newly installed MCP tools are visible
         this.toolDefinitions = (0, index_2.getAllToolDefinitions)(this._mcpManager);
-        // Fix 3: Check for dead MCP servers and note unavailable tools
-        let deadServerNote = '';
-        if (this._mcpManager) {
-            const dead = this._mcpManager.getDeadServers();
-            if (dead.length > 0) {
-                deadServerNote = `\n\n⚠️ UNAVAILABLE TOOL SERVERS: The following MCP servers have crashed and are no longer available: ${dead.join(', ')}. Do NOT attempt to use tools from these servers — they will fail. Inform the user if they ask for functionality from these servers.`;
-                console.log(chalk_1.default.yellow(`  [MCP] Dead servers detected: ${dead.join(', ')}`));
-            }
-        }
         this.activeCommandId = command.id;
         this.activeCommandSource = command.source || 'user';
         this.processing = true;
@@ -538,19 +467,15 @@ class MessageLoop {
                 : undefined;
             const effectiveProjectId = command.context?.projectId || activeConversation?.project_id || undefined;
             const effectiveProject = effectiveProjectId ? localData?.getProject(effectiveProjectId) : undefined;
-            // Create abort controller for this command execution
-            const commandAbortController = new AbortController();
-            this._activeAbortController = commandAbortController;
             const commandToolContext = {
                 ...this.toolContext,
                 projectId: effectiveProjectId ?? null,
-                abortSignal: commandAbortController.signal,
             };
             // ─── Orchestrator Mode Branch ─────────────────────────
             // Resolve the selected bot profile — from command.bot, conversation bot_id, or default
             const selectedBotId = command.bot?.id || activeConversation?.bot_id || localAgentId;
             const activeProfile = selectedBotId ? localData?.getAgentProfile(selectedBotId) : null;
-            if ((0, orchestrator_profile_1.isOrchestratorProfile)(activeProfile) && localFirst) {
+            if (activeProfile?.role_class === 'orchestrator' && localFirst) {
                 const clerk = (0, clerk_model_1.getClerk)();
                 if (!clerk) {
                     // Do not silently fall through to direct chat — report error
@@ -565,15 +490,6 @@ class MessageLoop {
                     const { getWorkflowEngine } = await Promise.resolve().then(() => __importStar(require('./workflow-engine')));
                     const workflowEngine = getWorkflowEngine(this.options.projectDir);
                     const orchestrator = new OrchestratorAgent(clerk, workflowEngine);
-                    // Orchestrator work is conversation-scoped and can continue in parallel.
-                    // Release the global message-loop lock here so another conversation can start.
-                    this.activeCommandId = null;
-                    this.processing = false;
-                    if (this.scheduledTaskTimer) {
-                        clearTimeout(this.scheduledTaskTimer);
-                        this.scheduledTaskTimer = null;
-                    }
-                    void this.drainQueue();
                     try {
                         const response = await orchestrator.handleUserMessage(command.prompt, localConvId || '', {
                             projectDir: this.options.projectDir,
@@ -590,7 +506,7 @@ class MessageLoop {
                             mqttPublish: (result) => this.options.mqttClient.publishResult(result),
                         });
                         // Save O's response to local DB
-                        if (localConvId && localData && activeProfile) {
+                        if (localConvId && localData) {
                             localData.addMessage(localConvId, 'assistant', response, undefined, undefined, activeProfile.id, 'Project Manager');
                         }
                         // Publish final response and complete
@@ -617,7 +533,7 @@ class MessageLoop {
                             clearTimeout(this.scheduledTaskTimer);
                             this.scheduledTaskTimer = null;
                         }
-                        void this.drainQueue();
+                        this.drainQueue();
                     }
                     return;
                 }
@@ -662,10 +578,6 @@ class MessageLoop {
                 systemPrompt = this.buildFallbackSystemPrompt(command);
             }
             // --- Context priority rules & tool fallback (AFTER context) ---
-            // Fix 3: Inject dead server warnings into system prompt
-            if (deadServerNote) {
-                systemPrompt += deadServerNote;
-            }
             systemPrompt += `\n\nCONTEXT PRIORITY RULES:
 1. ALWAYS use the context provided above (decisions, memory facts, conversations) to answer questions about past work, decisions, or projects. This is your PRIMARY knowledge source — it comes from the user's stored conversation history.
 2. Do NOT browse local files or run shell commands unless:
@@ -682,101 +594,14 @@ TOOL EFFICIENCY RULES:
             // Count context sections injected into system prompt
             const contextSectionCount = ['[Key Decisions]', '[Memory Facts]', '[Relevant Conversations]', '[Code References]', '[Relevant Files]', '[Bot Memory]', '[Retrieved Context]']
                 .filter(header => systemPrompt.includes(header)).length;
-            // Add the current prompt (with image attachments if present)
-            if (command.attachments && command.attachments.length > 0) {
-                const contentParts = [];
-                for (const att of command.attachments) {
-                    if (att.fileType === 'image' && att.dataUrl) {
-                        // Anthropic native format: source block with base64
-                        const commaIdx = att.dataUrl.indexOf(',');
-                        if (commaIdx >= 0) {
-                            const mimeMatch = att.dataUrl.match(/^data:([^;]+);/);
-                            const mediaType = mimeMatch?.[1] || att.mimeType || 'image/png';
-                            const base64Data = att.dataUrl.slice(commaIdx + 1);
-                            contentParts.push({ type: 'image', source: { type: 'base64', media_type: mediaType, data: base64Data } });
-                        }
-                        else {
-                            // Fallback: treat as URL
-                            contentParts.push({ type: 'image_url', image_url: { url: att.dataUrl, detail: 'auto' } });
-                        }
-                    }
-                    if (att.extractedText) {
-                        contentParts.push({ type: 'text', text: `[File: ${att.filename}]\n${att.extractedText}` });
-                    }
-                }
-                contentParts.push({ type: 'text', text: command.prompt });
-                messages.push({ role: 'user', content: contentParts });
-            }
-            else {
-                messages.push({ role: 'user', content: command.prompt });
-            }
-            // Retry budget tracker (Optimization 2)
-            const toolFailuresByKey = new Map(); // toolName:argsHash → count
-            const toolFailuresByName = new Map(); // toolName → count
-            function getArgsHash(args) {
-                const str = JSON.stringify(args || {}).slice(0, 200);
-                return crypto.createHash('md5').update(str).digest('hex').slice(0, 12);
-            }
-            function trackToolFailure(name, args) {
-                const key = `${name}:${getArgsHash(args)}`;
-                toolFailuresByKey.set(key, (toolFailuresByKey.get(key) || 0) + 1);
-                toolFailuresByName.set(name, (toolFailuresByName.get(name) || 0) + 1);
-            }
-            function checkRetryBudget(name, args) {
-                const key = `${name}:${getArgsHash(args)}`;
-                const keyCount = toolFailuresByKey.get(key) || 0;
-                const nameCount = toolFailuresByName.get(name) || 0;
-                if (keyCount >= 2) {
-                    return `This exact operation has failed ${keyCount} times. Stop retrying and inform the user what went wrong. Suggest an alternative approach or ask for help.`;
-                }
-                if (nameCount >= 3) {
-                    return `The ${name} tool has failed ${nameCount} times in this conversation. Consider a completely different approach.`;
-                }
-                return null;
-            }
+            // Add the current prompt
+            messages.push({ role: 'user', content: command.prompt });
             // Agentic loop - keep calling LLM until no more tool calls
             let iteration = 0;
-            const MAX_ITERATIONS = 100;
-            const GLOBAL_TIMEOUT_MS = 10 * 60 * 1000; // 10 minutes wall-clock timeout
+            const MAX_ITERATIONS = Infinity;
             let totalTokensUsed = 0;
-            let totalInputTokens = 0;
-            let totalOutputTokens = 0;
-            let totalCacheReadTokens = 0;
-            let totalCacheCreationTokens = 0;
-            let totalToolCallDurationMs = 0;
-            let serverSyncRetries = 0;
-            const deniedTools = new Set(); // Track tools denied by user — don't re-ask
-            const commandStartMs = Date.now();
-            // Publish prompt context for "View Prompt" panel
-            try {
-                const promptSnapshot = [
-                    { role: 'system', content: systemPrompt.slice(0, 4000) + (systemPrompt.length > 4000 ? '\n...(truncated)' : '') },
-                    ...messages.map(m => ({ role: m.role, content: typeof m.content === 'string' ? m.content.slice(0, 2000) : '' })),
-                ];
-                await this.options.mqttClient.publishResult({
-                    commandId: command.id,
-                    type: 'prompt_messages',
-                    messages: promptSnapshot,
-                    contextSections: contextSectionCount,
-                    model,
-                    timestamp: Date.now(),
-                });
-            }
-            catch { }
             while (iteration < MAX_ITERATIONS && this.activeCommandId === command.id) {
                 iteration++;
-                // Global wall-clock timeout check
-                if (Date.now() - commandStartMs > GLOBAL_TIMEOUT_MS) {
-                    console.log(chalk_1.default.red(`  ⏱ Global timeout exceeded (${GLOBAL_TIMEOUT_MS / 1000}s) — breaking out of loop`));
-                    await this.options.mqttClient.publishResult({
-                        commandId: command.id,
-                        type: 'error',
-                        error: `Command execution exceeded the ${GLOBAL_TIMEOUT_MS / 60000} minute global timeout limit.`,
-                        timestamp: Date.now(),
-                    });
-                    commandAbortController.abort();
-                    break;
-                }
                 // Send a separator between agentic loop iterations so streamed text
                 // from different LLM calls doesn't run together in the UI.
                 if (iteration > 1) {
@@ -791,13 +616,6 @@ TOOL EFFICIENCY RULES:
                 if (this.resolvedAuth) {
                     const refreshed = await (0, auto_detect_1.ensureFreshToken)(this.resolvedAuth);
                     if (refreshed.expired) {
-                        if (serverSyncRetries < MessageLoop.SERVER_SYNC_RETRY_MAX) {
-                            const synced = await this.syncOAuthFromServer('refresh-failed');
-                            if (synced) {
-                                serverSyncRetries++;
-                                continue;
-                            }
-                        }
                         console.error(chalk_1.default.red(`  [auth] Token refresh failed: ${refreshed.error}`));
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
@@ -820,15 +638,10 @@ TOOL EFFICIENCY RULES:
                 if (filteredTools.length < this.toolDefinitions.length) {
                     console.log(chalk_1.default.gray(`  [tool-filter] ${filteredTools.length}/${this.toolDefinitions.length} tools selected`));
                 }
-                // Compress context before sending to LLM (Optimizations 3+4)
-                const compressedMessages = (0, context_compressor_1.compressContext)(messages, 40, 3, 200);
-                if (compressedMessages.length < messages.length) {
-                    console.log(chalk_1.default.gray(`  [context] Compressed ${messages.length} → ${compressedMessages.length} messages`));
-                }
                 let response;
                 try {
                     response = await llm.chat({
-                        messages: compressedMessages,
+                        messages,
                         system: systemPrompt,
                         stream: true,
                         tools: filteredTools,
@@ -848,13 +661,6 @@ TOOL EFFICIENCY RULES:
                     const msg = llmError?.message || String(llmError);
                     const isAuthError = /401|403|unauthorized|forbidden|authentication/i.test(msg);
                     if (isAuthError) {
-                        if (serverSyncRetries < MessageLoop.SERVER_SYNC_RETRY_MAX) {
-                            const synced = await this.syncOAuthFromServer('llm-auth-error');
-                            if (synced) {
-                                serverSyncRetries++;
-                                continue;
-                            }
-                        }
                         console.error(chalk_1.default.red(`  [auth] LLM API authentication failed: ${msg}`));
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
@@ -866,15 +672,9 @@ TOOL EFFICIENCY RULES:
                     }
                     throw llmError;
                 }
-                // Any successful provider response clears one-shot sync retry budget
-                serverSyncRetries = 0;
                 // Track token usage across iterations
                 if (response.usage) {
                     totalTokensUsed += response.usage.inputTokens + response.usage.outputTokens;
-                    totalInputTokens += response.usage.inputTokens;
-                    totalOutputTokens += response.usage.outputTokens;
-                    totalCacheReadTokens += response.usage.cacheReadTokens || 0;
-                    totalCacheCreationTokens += response.usage.cacheCreationTokens || 0;
                 }
                 // If there are tool calls, publish them and continue the loop
                 if (response.toolCalls && response.toolCalls.length > 0) {
@@ -887,30 +687,40 @@ TOOL EFFICIENCY RULES:
                     for (const toolCall of response.toolCalls) {
                         totalToolCalls++;
                         console.log(chalk_1.default.cyan(`  🔧 Tool: ${toolCall.name}(${JSON.stringify(toolCall.arguments).slice(0, 60)}...)`));
+                        const toolSummary = (0, approval_1.generateToolSummary)(toolCall.name, toolCall.arguments);
+                        const toolLocation = extractToolLocation(toolCall.name, toolCall.arguments, commandToolContext.projectDir);
                         // Check permission before execution
                         const permMode = this.options.permissionMode || 'autopilot';
-                        let approval = (0, approval_1.checkPermission)(toolCall.name, permMode, this.options.enabledTools);
-                        // If tool was already denied once in this command, auto-deny without re-asking
-                        if (!approval.approved && deniedTools.has(toolCall.name)) {
-                            approval = { approved: false, reason: `Tool "${toolCall.name}" was already denied in this session.` };
-                        }
+                        const allowedToolNames = this.options.enabledTools !== undefined || this.options.enabledMcpTools !== undefined
+                            ? [...(this.options.enabledTools || []), ...(this.options.enabledMcpTools || [])]
+                            : undefined;
+                        let approval = (0, approval_1.checkPermission)(toolCall.name, permMode, allowedToolNames);
                         // If not auto-approved, request interactive approval via MQTT
-                        if (!approval.approved && permMode !== 'autopilot' && !deniedTools.has(toolCall.name)) {
+                        if (!approval.approved && permMode !== 'autopilot') {
                             console.log(chalk_1.default.yellow(`  🔐 Requesting user approval for: ${toolCall.name}`));
-                            // Generate requestId up front so the MQTT result and pending map use the same ID
-                            const approvalRequestId = require('crypto').randomUUID();
-                            await this.options.mqttClient.publishResult({
-                                commandId: command.id,
-                                type: 'approval_request',
-                                requestId: approvalRequestId,
-                                toolCall: {
-                                    id: toolCall.id,
-                                    name: toolCall.name,
-                                    arguments: toolCall.arguments,
+                            approval = await this.approvalManager.requestApproval(command.id, toolCall.name, toolCall.arguments, {
+                                onRequest: async (request) => {
+                                    await this.options.mqttClient.publishResult({
+                                        commandId: command.id,
+                                        type: 'approval_request',
+                                        requestId: request.requestId,
+                                        riskLevel: request.riskLevel,
+                                        summary: request.summary,
+                                        toolCall: {
+                                            id: toolCall.id,
+                                            name: toolCall.name,
+                                            arguments: toolCall.arguments,
+                                            classification: classifyToolName(toolCall.name),
+                                            summary: toolSummary,
+                                            path: toolLocation.path,
+                                            cwd: toolLocation.cwd,
+                                            url: toolLocation.url,
+                                            importance: request.riskLevel === 'destructive' ? 'high' : 'medium',
+                                        },
+                                        timestamp: Date.now(),
+                                    });
                                 },
-                                timestamp: Date.now(),
                             });
-                            approval = await this.approvalManager.requestApproval(command.id, toolCall.name, toolCall.arguments);
                             // If user chose "always allow", persist it
                             if (approval.approved && approval.remember) {
                                 (0, approval_1.rememberTool)(toolCall.name);
@@ -918,21 +728,27 @@ TOOL EFFICIENCY RULES:
                             }
                         }
                         if (!approval.approved) {
-                            deniedTools.add(toolCall.name);
                             console.log(chalk_1.default.yellow(`  ⚠ Tool denied: ${approval.reason}`));
+                            const deniedOutput = `PERMISSION_DENIED: ${approval.reason}`;
                             await this.options.mqttClient.publishResult({
                                 commandId: command.id,
                                 type: 'tool_result',
                                 toolResult: {
                                     callId: toolCall.id,
-                                    output: `PERMISSION_DENIED: ${approval.reason}`,
+                                    output: deniedOutput,
                                     isError: true,
+                                    success: false,
+                                    summary: summarizeToolResult(deniedOutput, true),
+                                    path: toolLocation.path,
+                                    cwd: toolLocation.cwd,
+                                    url: toolLocation.url,
+                                    pathsTouched: toolLocation.path ? [toolLocation.path] : [],
                                 },
                                 timestamp: Date.now(),
                             });
                             messages.push({
                                 role: 'tool',
-                                content: `PERMISSION_DENIED: ${approval.reason}`,
+                                content: deniedOutput,
                                 toolCallId: toolCall.id,
                                 toolName: toolCall.name,
                             });
@@ -945,57 +761,36 @@ TOOL EFFICIENCY RULES:
                                 id: toolCall.id,
                                 name: toolCall.name,
                                 arguments: toolCall.arguments,
+                                classification: classifyToolName(toolCall.name),
+                                summary: toolSummary,
+                                path: toolLocation.path,
+                                cwd: toolLocation.cwd,
+                                url: toolLocation.url,
+                                importance: (0, approval_1.getRiskLevel)(toolCall.name) === 'destructive' ? 'high' : 'medium',
                             },
                             timestamp: Date.now(),
                         });
-                        // Check retry budget before execution (Optimization 2)
-                        const retryBlock = checkRetryBudget(toolCall.name, toolCall.arguments);
-                        if (retryBlock) {
-                            console.log(chalk_1.default.yellow(`  ⚠ Retry budget exceeded for ${toolCall.name}`));
-                            const retryOutput = `ERROR: ${retryBlock}`;
-                            await this.options.mqttClient.publishResult({
-                                commandId: command.id,
-                                type: 'tool_result',
-                                toolResult: {
-                                    callId: toolCall.id,
-                                    name: toolCall.name,
-                                    output: retryOutput,
-                                    isError: true,
-                                    durationMs: 0,
-                                },
-                                timestamp: Date.now(),
-                            });
-                            messages.push({
-                                role: 'tool',
-                                content: retryOutput,
-                                toolCallId: toolCall.id,
-                                toolName: toolCall.name,
-                            });
-                            continue;
-                        }
                         // Execute the tool (with MCP fallback)
-                        const toolStartMs = Date.now();
                         const rawResult = await (0, tools_1.executeToolWithMCP)({ id: toolCall.id, name: toolCall.name, arguments: toolCall.arguments }, commandToolContext, this.options.mcpManager);
                         const toolResult = await (0, verification_1.verifyToolResult)(rawResult, toolCall.arguments, commandToolContext);
                         const resultOutput = toolResult.success
                             ? toolResult.output
                             : `ERROR: ${toolResult.error || 'Unknown error'}`;
-                        // Track failures for retry budget (Optimization 2)
-                        if (!toolResult.success) {
-                            trackToolFailure(toolCall.name, toolCall.arguments);
-                        }
                         console.log(chalk_1.default.gray(`    Result: ${toolResult.success ? '✓' : '✗'} ${resultOutput.slice(0, 100)}${resultOutput.length > 100 ? '...' : ''}`));
-                        const toolDurationMs = Date.now() - toolStartMs;
-                        totalToolCallDurationMs += toolDurationMs;
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
                             type: 'tool_result',
                             toolResult: {
                                 callId: toolCall.id,
-                                name: toolCall.name,
                                 output: resultOutput,
                                 isError: !toolResult.success,
-                                durationMs: toolDurationMs,
+                                success: toolResult.success,
+                                summary: summarizeToolResult(resultOutput, !toolResult.success),
+                                path: toolLocation.path,
+                                cwd: toolLocation.cwd,
+                                url: toolLocation.url,
+                                pathsTouched: toolLocation.path ? [toolLocation.path] : [],
+                                exitCode: typeof toolResult.exit_code === 'number' ? toolResult.exit_code : undefined,
                             },
                             timestamp: Date.now(),
                         });
@@ -1012,10 +807,9 @@ TOOL EFFICIENCY RULES:
                     if (totalToolCalls >= this.maxToolCallsPerMessage * 0.8 && totalToolCalls < this.maxToolCallsPerMessage) {
                         console.log(chalk_1.default.yellow(`  ⚠ Approaching tool call limit: ${totalToolCalls}/${this.maxToolCallsPerMessage}`));
                     }
-                    // Log context window usage for monitoring (no artificial cap — let the LLM
-                    // provider return its own error if context exceeds the model's real limit)
-                    if (response.usage?.inputTokens) {
-                        console.log(chalk_1.default.gray(`  [tokens] iteration ${iteration}: ${response.usage.inputTokens} input, ${response.usage.outputTokens} output`));
+                    // Warn at 80% of token limit
+                    if (totalTokensUsed >= this.maxTokensPerMessage * 0.8 && totalTokensUsed < this.maxTokensPerMessage) {
+                        console.log(chalk_1.default.yellow(`  ⚠ Approaching token limit: ${totalTokensUsed}/${this.maxTokensPerMessage}`));
                     }
                     // Check tool call limit
                     if (totalToolCalls >= this.maxToolCallsPerMessage) {
@@ -1042,20 +836,35 @@ TOOL EFFICIENCY RULES:
                         }
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
-                            type: 'stats',
-                            llmCalls: iteration,
-                            toolsUsed: totalToolCalls,
-                            inputTokens: totalInputTokens,
-                            outputTokens: totalOutputTokens,
-                            cacheReadTokens: totalCacheReadTokens || undefined,
-                            cacheCreationTokens: totalCacheCreationTokens || undefined,
-                            totalTokens: totalTokensUsed,
-                            latencyMs: Date.now() - commandStartMs,
-                            toolCallDurationMs: totalToolCallDurationMs || undefined,
-                            contextSections: contextSectionCount || undefined,
-                            model,
+                            type: 'complete',
+                            content: '',
                             timestamp: Date.now(),
                         });
+                        console.log(chalk_1.default.green(`  Command completed: ${iteration} iterations, ${totalToolCalls} tool calls, ~${totalTokensUsed} tokens`));
+                        break;
+                    }
+                    // Check token limit
+                    if (totalTokensUsed >= this.maxTokensPerMessage) {
+                        console.log(chalk_1.default.red(`  🛑 Token limit reached: ${totalTokensUsed}/${this.maxTokensPerMessage}`));
+                        messages.push({ role: 'user', content: 'Token limit reached. Please summarize what you\'ve done so far.' });
+                        const summaryResponse = await llm.chat({
+                            messages,
+                            system: systemPrompt,
+                            stream: true,
+                            onChunk: async (chunk) => {
+                                if (this.activeCommandId !== command.id)
+                                    return;
+                                await this.options.mqttClient.publishResult({
+                                    commandId: command.id,
+                                    type: 'chunk',
+                                    content: chunk,
+                                    timestamp: Date.now(),
+                                });
+                            },
+                        });
+                        if (summaryResponse.usage) {
+                            totalTokensUsed += summaryResponse.usage.inputTokens + summaryResponse.usage.outputTokens;
+                        }
                         await this.options.mqttClient.publishResult({
                             commandId: command.id,
                             type: 'complete',
@@ -1065,9 +874,6 @@ TOOL EFFICIENCY RULES:
                         console.log(chalk_1.default.green(`  Command completed: ${iteration} iterations, ${totalToolCalls} tool calls, ~${totalTokensUsed} tokens`));
                         break;
                     }
-                    // No artificial token limit — LLM providers return proper errors (400/413)
-                    // when context exceeds the model's real limit, and those are caught by the
-                    // error handler above which surfaces them to the user.
                     // Continue the loop for the next LLM call
                     continue;
                 }
@@ -1075,36 +881,6 @@ TOOL EFFICIENCY RULES:
                 // DEDUP FIX: Content was already streamed via onChunk callbacks above.
                 // The 'complete' message signals end-of-response; we send empty content
                 // to avoid the receiver concatenating streamed chunks + full content.
-                // Fix 1: Detect phantom tool use — LLM claims it did something but made 0 tool calls
-                const phantom = (0, response_guard_1.detectPhantomToolUse)(response.content || '', totalToolCalls);
-                if (phantom.detected) {
-                    console.log(chalk_1.default.yellow(`  ⚠ Phantom tool use detected — injecting correction`));
-                    // Stream the correction to the user
-                    await this.options.mqttClient.publishResult({
-                        commandId: command.id,
-                        type: 'chunk',
-                        content: '\n\n---\n⚠️ ' + phantom.correction,
-                        timestamp: Date.now(),
-                    });
-                }
-                // Publish stats before complete
-                const latencyMs = Date.now() - commandStartMs;
-                await this.options.mqttClient.publishResult({
-                    commandId: command.id,
-                    type: 'stats',
-                    llmCalls: iteration,
-                    toolsUsed: totalToolCalls,
-                    inputTokens: totalInputTokens,
-                    outputTokens: totalOutputTokens,
-                    cacheReadTokens: totalCacheReadTokens || undefined,
-                    cacheCreationTokens: totalCacheCreationTokens || undefined,
-                    totalTokens: totalTokensUsed,
-                    latencyMs,
-                    toolCallDurationMs: totalToolCallDurationMs || undefined,
-                    contextSections: contextSectionCount || undefined,
-                    model,
-                    timestamp: Date.now(),
-                });
                 await this.options.mqttClient.publishResult({
                     commandId: command.id,
                     type: 'complete',
@@ -1128,6 +904,7 @@ TOOL EFFICIENCY RULES:
                     }
                 }
                 console.log(chalk_1.default.white(`  Response: ${response.content?.slice(0, 200)}${(response.content?.length || 0) > 200 ? '...' : ''}`));
+                const latencyMs = Date.now() - commandStartMs;
                 console.log(`[agent-metrics] commandId=${command.id} contextSections=${contextSectionCount} toolCallsMade=${totalToolCalls} iterations=${iteration} totalTokens=${totalTokensUsed} latencyMs=${latencyMs}`);
                 console.log(chalk_1.default.green(`  Command completed: ${iteration} iterations, ${totalToolCalls} tool calls, ~${totalTokensUsed} tokens`));
                 break;
@@ -1159,31 +936,11 @@ TOOL EFFICIENCY RULES:
     }
     /** Build system prompt manually (without clerk) — original logic */
     buildFallbackSystemPrompt(command) {
-        let systemPrompt = (0, prompt_template_1.buildDefaultSystemPrompt)({
-            botName: this.options.agentName,
-            model: this.options.model,
-            soulMd: command.context?.soulMd || this.options.systemPrompt,
-        });
-        // Auto-enumerate available tools so the bot always knows its capabilities
-        const toolDefs = (0, index_2.getToolDefinitions)();
-        const toolList = toolDefs.map(t => `- **${t.name}**: ${t.description.slice(0, 120)}`).join('\n');
-        systemPrompt += `\n\n## Your Available Tools\nYou have ${toolDefs.length} tools available. Use them proactively:\n${toolList}`;
-        systemPrompt += `\n\n## Working Style
-- You are autonomous — take action, don't just describe what you could do.
-- For complex tasks, use spawn_subagent to parallelize work.
-- Read project files to understand context before making changes.
-- Commit your work with git_commit when you've made meaningful progress.
-- Use web_search and web_fetch to research unfamiliar topics.
-- Write important context to files so you remember it across sessions.
-- If you're unsure about something destructive, ask first. Otherwise, just do it.`;
-        // Platform awareness — always present regardless of soulMd content
-        systemPrompt += `\n\n## Extending Your Capabilities
-- You have built-in tools (file ops, shell, git, web search, web fetch, tasks, sub-agents, memory search).
-- If the user asks you to do something you don't have a tool for (e.g. Google Drive, GitHub issues, Slack, email, databases), search the Funolio marketplace with \`search_marketplace\`.
-- If a matching MCP tool server exists, use \`request_mcp_install\` to request permission to install it.
-- You can discover and gain new capabilities on-the-fly through the marketplace.
-- **NEVER tell the user to "do it manually" or "upload it yourself"** — always check the marketplace first and offer to install the right tool.`;
+        let systemPrompt = command.context?.soulMd
+            || this.options.systemPrompt
+            || 'You are a Funolio AI agent running locally on the user\'s machine. You have access to their project files and can execute code.';
         systemPrompt += '\n\nIMPORTANT: When the user references a project, topic, or past work, use the relevant memory/facts provided below. If no relevant facts are available, say so honestly rather than guessing. Use your tools (file browsing, commands) to find project files on the local machine.';
+        systemPrompt += '\n\nIMPORTANT: If a Workspace Manifest or Recent Operational State section is present, use it before repeating discovery work. Check known local files and directories before fetching from external sources. Do not re-fetch from Drive, GitHub, or the web if the state context shows the artifact is already local unless the user explicitly asks for a fresh external copy.';
         systemPrompt += '\n\nDo not end with a deferred promise (for example: "Let me check..."). Return a final answer in this turn, or state exactly what is unavailable.';
         systemPrompt += '\n\n' + (0, clerk_model_1.buildTodoInstructions)(this.options.agentName || 'LLM');
         // Inject model self-switch info
@@ -1228,6 +985,32 @@ When a user asks to "use Opus" or "switch to GPT-4o", identify the right model I
         if (command.context?.files?.length) {
             systemPrompt += '\n\nRelevant files: ' + command.context.files.join(', ');
         }
+        if (command.context?.stateContext?.summaryText) {
+            systemPrompt += '\n\n[Recent Operational State]\n' + command.context.stateContext.summaryText;
+        }
+        if (command.context?.workspaceManifest) {
+            const manifestLines = [];
+            const manifest = command.context.workspaceManifest;
+            if (manifest.projectRoot)
+                manifestLines.push(`- Project root: ${manifest.projectRoot}`);
+            if (manifest.likelyWorkingDirectory)
+                manifestLines.push(`- Likely working directory: ${manifest.likelyWorkingDirectory}`);
+            if (manifest.recentlyReadFiles?.length)
+                manifestLines.push(`- Recently read files: ${manifest.recentlyReadFiles.join(', ')}`);
+            if (manifest.recentlyWrittenFiles?.length)
+                manifestLines.push(`- Recently written files: ${manifest.recentlyWrittenFiles.join(', ')}`);
+            if (manifest.recentlyScannedDirectories?.length)
+                manifestLines.push(`- Recently scanned directories: ${manifest.recentlyScannedDirectories.join(', ')}`);
+            if (manifest.recentDownloads?.length)
+                manifestLines.push(`- Recent downloads: ${manifest.recentDownloads.join(', ')}`);
+            if (manifest.recentFailures?.length)
+                manifestLines.push(`- Recent failures: ${manifest.recentFailures.join(' | ')}`);
+            if (manifest.startHereHints?.length)
+                manifestLines.push(`- Start here: ${manifest.startHereHints.join(', ')}`);
+            if (manifestLines.length) {
+                systemPrompt += '\n\n[Workspace Manifest]\n' + manifestLines.join('\n');
+            }
+        }
         return systemPrompt;
     }
     async publishError(commandId, error) {