kimiflare 0.86.0 → 0.87.0

package/dist/index.js

@@ -385,6 +385,396 @@ var init_lsp_config = __esm({
   }
 });
 
+// src/util/version.ts
+import { readFileSync } from "fs";
+import { fileURLToPath } from "url";
+import { dirname as dirname2, join as join3 } from "path";
+function getAppVersion() {
+  if (cachedVersion !== null) return cachedVersion;
+  const here = dirname2(fileURLToPath(import.meta.url));
+  const candidates = [join3(here, "..", "..", "package.json"), join3(here, "..", "package.json")];
+  for (const path of candidates) {
+    try {
+      const pkg = JSON.parse(readFileSync(path, "utf8"));
+      cachedVersion = pkg.version ?? "0.0.0";
+      return cachedVersion;
+    } catch {
+    }
+  }
+  cachedVersion = "0.0.0";
+  return cachedVersion;
+}
+function getUserAgent() {
+  return `kimiflare/${getAppVersion()} (+https://github.com/sinameraji/kimiflare)`;
+}
+var cachedVersion;
+var init_version = __esm({
+  "src/util/version.ts"() {
+    "use strict";
+    cachedVersion = null;
+  }
+});
+
+// src/util/update-check.ts
+import { readFile as readFile3, writeFile as writeFile3, mkdir as mkdir3 } from "fs/promises";
+import { homedir as homedir2 } from "os";
+import { join as join4, dirname as dirname3 } from "path";
+import { fileURLToPath as fileURLToPath2 } from "url";
+function cachePath() {
+  const xdg = process.env.XDG_CONFIG_HOME || join4(homedir2(), ".config");
+  return join4(xdg, "kimiflare", "update-check.json");
+}
+async function findPackageJson(startDir) {
+  let dir = startDir;
+  while (true) {
+    const candidate = join4(dir, "package.json");
+    try {
+      const raw = await readFile3(candidate, "utf8");
+      const parsed = JSON.parse(raw);
+      if (parsed.name === "kimiflare" && parsed.version) {
+        return { path: candidate, version: parsed.version };
+      }
+    } catch {
+    }
+    const parent = dirname3(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return null;
+}
+async function readLocalVersion() {
+  const here = dirname3(fileURLToPath2(import.meta.url));
+  const found = await findPackageJson(here);
+  return found?.version ?? null;
+}
+async function readCache() {
+  try {
+    const raw = await readFile3(cachePath(), "utf8");
+    const parsed = JSON.parse(raw);
+    if (Date.now() - parsed.checkedAt < CACHE_TTL_MS) {
+      return parsed;
+    }
+  } catch {
+  }
+  return null;
+}
+async function writeCache(entry) {
+  const p = cachePath();
+  await mkdir3(dirname3(p), { recursive: true });
+  await writeFile3(p, JSON.stringify(entry), "utf8");
+}
+async function fetchLatestVersion() {
+  try {
+    const res = await fetch(NPM_REGISTRY, {
+      headers: { "User-Agent": getUserAgent(), Accept: "application/json" }
+    });
+    if (!res.ok) return null;
+    const data = await res.json();
+    return data.version ?? null;
+  } catch {
+    return null;
+  }
+}
+function stripV(v) {
+  return v.startsWith("v") ? v.slice(1) : v;
+}
+function isNewer(local, remote) {
+  const a = stripV(local).split(".").map(Number);
+  const b = stripV(remote).split(".").map(Number);
+  for (let i = 0; i < Math.max(a.length, b.length); i++) {
+    const av = a[i] ?? 0;
+    const bv = b[i] ?? 0;
+    if (av < bv) return true;
+    if (av > bv) return false;
+  }
+  return false;
+}
+async function readOptionalDepVersion(name) {
+  try {
+    const here = dirname3(fileURLToPath2(import.meta.url));
+    const candidate = join4(here, "..", "..", "node_modules", name, "package.json");
+    const raw = await readFile3(candidate, "utf8");
+    const parsed = JSON.parse(raw);
+    return parsed.version ?? null;
+  } catch {
+    return null;
+  }
+}
+async function fetchDistTagVersion(name, tag2) {
+  try {
+    const res = await fetch(`https://registry.npmjs.org/${name}/${tag2}`, {
+      headers: { "User-Agent": getUserAgent(), Accept: "application/json" }
+    });
+    if (!res.ok) return null;
+    const data = await res.json();
+    return data.version ?? null;
+  } catch {
+    return null;
+  }
+}
+async function checkOptionalDependency(name, tag2) {
+  const localVersion = await readOptionalDepVersion(name);
+  if (!localVersion) {
+    return { name, hasUpdate: false, localVersion: null, latestVersion: null };
+  }
+  const latestVersion = await fetchDistTagVersion(name, tag2);
+  if (!latestVersion) {
+    return { name, hasUpdate: false, localVersion, latestVersion: null };
+  }
+  const hasUpdate = isNewer(localVersion, latestVersion);
+  return { name, hasUpdate, localVersion, latestVersion };
+}
+async function checkForUpdate(force = false) {
+  const localVersion = await readLocalVersion();
+  if (!localVersion) return { hasUpdate: false, localVersion: null, latestVersion: null };
+  if (!force) {
+    const cached = await readCache();
+    if (cached) {
+      const hasUpdate2 = isNewer(localVersion, cached.latestVersion);
+      return { hasUpdate: hasUpdate2, localVersion, latestVersion: cached.latestVersion };
+    }
+  }
+  const latestVersion = await fetchLatestVersion();
+  if (!latestVersion) {
+    return { hasUpdate: false, localVersion, latestVersion: null };
+  }
+  const hasUpdate = isNewer(localVersion, latestVersion);
+  await writeCache({ checkedAt: Date.now(), latestVersion });
+  return { hasUpdate, localVersion, latestVersion };
+}
+var CACHE_TTL_MS, NPM_REGISTRY;
+var init_update_check = __esm({
+  "src/util/update-check.ts"() {
+    "use strict";
+    init_version();
+    CACHE_TTL_MS = 60 * 60 * 1e3;
+    NPM_REGISTRY = "https://registry.npmjs.org/kimiflare/latest";
+  }
+});
+
+// src/remote/session-store.ts
+import { readFile as readFile4, writeFile as writeFile4, mkdir as mkdir4, readdir } from "fs/promises";
+import { homedir as homedir3 } from "os";
+import { join as join5 } from "path";
+function remoteDir() {
+  const xdg = process.env.XDG_DATA_HOME || join5(homedir3(), ".config");
+  return join5(xdg, "kimiflare", "remote");
+}
+async function saveRemoteSession(session) {
+  const dir = remoteDir();
+  await mkdir4(dir, { recursive: true });
+  const path = join5(dir, `${session.sessionId}.json`);
+  await writeFile4(path, JSON.stringify(session, null, 2) + "\n", "utf8");
+}
+async function loadRemoteSession(sessionId) {
+  try {
+    const path = join5(remoteDir(), `${sessionId}.json`);
+    const raw = await readFile4(path, "utf8");
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+async function listRemoteSessions() {
+  const dir = remoteDir();
+  try {
+    const files = await readdir(dir);
+    const sessions = [];
+    for (const file of files) {
+      if (!file.endsWith(".json")) continue;
+      try {
+        const raw = await readFile4(join5(dir, file), "utf8");
+        sessions.push(JSON.parse(raw));
+      } catch {
+      }
+    }
+    return sessions.sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+  } catch {
+    return [];
+  }
+}
+async function getMostRecentRemoteSession() {
+  const sessions = await listRemoteSessions();
+  return sessions[0] ?? null;
+}
+var init_session_store = __esm({
+  "src/remote/session-store.ts"() {
+    "use strict";
+  }
+});
+
+// src/remote/deploy.ts
+import { execSync } from "child_process";
+import { join as join6, dirname as dirname4 } from "path";
+import { fileURLToPath as fileURLToPath3 } from "url";
+import { randomBytes } from "crypto";
+function generateSecret() {
+  return randomBytes(32).toString("hex");
+}
+function runCapture(cmd, cwd) {
+  return execSync(cmd, { cwd, encoding: "utf8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+}
+async function* deployForTui() {
+  yield { message: "Checking prerequisites..." };
+  try {
+    runCapture("wrangler --version");
+  } catch {
+    yield { message: "wrangler not found. Install: npm install -g wrangler", error: true };
+    yield { message: "Then run: wrangler login", error: true };
+    throw new Error("wrangler not installed");
+  }
+  yield { message: "wrangler OK" };
+  try {
+    runCapture("wrangler whoami");
+  } catch {
+    yield { message: "wrangler not authenticated. Run: wrangler login", error: true };
+    throw new Error("wrangler not authenticated");
+  }
+  yield { message: "wrangler authenticated" };
+  try {
+    runCapture("docker --version");
+  } catch {
+    yield { message: "Docker not found. Install: https://docs.docker.com/get-docker/", error: true };
+    throw new Error("docker not installed");
+  }
+  yield { message: "Docker OK" };
+  yield { message: "Building remote agent bundle..." };
+  try {
+    runCapture("npm run build:remote-agent", join6(REMOTE_DIR, ".."));
+    yield { message: "Agent bundle built" };
+  } catch (err) {
+    yield { message: `Build failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
+    throw err;
+  }
+  yield { message: "Deploying Worker to Cloudflare..." };
+  try {
+    runCapture("wrangler deploy", WORKER_DIR);
+    yield { message: "Worker deployed" };
+  } catch (err) {
+    yield { message: `Deploy failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
+    throw err;
+  }
+  let workerUrl;
+  try {
+    const info = runCapture("wrangler info", WORKER_DIR);
+    const match = info.match(/https:\/\/[^\s]+\.workers\.dev/);
+    if (match) workerUrl = match[0];
+  } catch {
+  }
+  if (!workerUrl) {
+    yield { message: "Could not auto-detect Worker URL", error: true };
+    throw new Error("Worker URL not found");
+  }
+  yield { message: `Worker URL: ${workerUrl}` };
+  const authSecret = generateSecret();
+  const cfg = await loadConfig();
+  const cfToken = process.env.CF_API_TOKEN ?? cfg?.apiToken;
+  if (!cfToken) {
+    yield { message: "CF_API_TOKEN not found. Set CF_API_TOKEN env var or apiToken in config", error: true };
+    throw new Error("CF_API_TOKEN missing");
+  }
+  yield { message: "Setting Worker secrets..." };
+  try {
+    execSync(`wrangler secret put REMOTE_AUTH_SECRET`, {
+      cwd: WORKER_DIR,
+      input: authSecret,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    execSync(`wrangler secret put CF_API_TOKEN`, {
+      cwd: WORKER_DIR,
+      input: cfToken,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    yield { message: "Secrets set" };
+  } catch (err) {
+    yield { message: `Secret setup failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
+    throw err;
+  }
+  const imageTag = "ghcr.io/sinameraji/kimiflare-remote-agent:latest";
+  yield { message: "Building container image..." };
+  try {
+    runCapture(`docker build -t ${imageTag} .`, REMOTE_DIR);
+    yield { message: "Image built" };
+  } catch (err) {
+    yield { message: `Image build failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
+    throw err;
+  }
+  yield { message: `Pushing ${imageTag}...` };
+  try {
+    runCapture(`docker push ${imageTag}`, REMOTE_DIR);
+    yield { message: "Image pushed" };
+  } catch (err) {
+    yield { message: `Push failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
+    yield { message: "Make sure you're logged into ghcr.io: docker login ghcr.io -u USERNAME -p GITHUB_TOKEN", error: true };
+    throw err;
+  }
+  const nextCfg = {
+    ...cfg ?? { accountId: "", apiToken: "", model: "@cf/moonshotai/kimi-k2.6" },
+    remoteWorkerUrl: workerUrl,
+    remoteAuthSecret: authSecret
+  };
+  await saveConfig(nextCfg);
+  yield { message: "Config saved" };
+  yield { message: "Remote infrastructure ready!", done: true };
+  return { workerUrl, authSecret };
+}
+async function runDeploy() {
+  console.log("kimiflare remote deploy\n");
+  try {
+    for await (const step of deployForTui()) {
+      console.log(step.message);
+      if (step.done) break;
+      if (step.error) process.exit(1);
+    }
+    console.log("\nDeploy complete!");
+  } catch (err) {
+    console.error(`Deploy failed: ${err instanceof Error ? err.message : String(err)}`);
+    process.exit(1);
+  }
+}
+async function checkDeployStatus() {
+  let wrangler = false;
+  let wranglerAuth = false;
+  let docker = false;
+  let workerUrl;
+  try {
+    execSync("wrangler --version", { stdio: "pipe" });
+    wrangler = true;
+  } catch {
+  }
+  if (wrangler) {
+    try {
+      execSync("wrangler whoami", { stdio: "pipe" });
+      wranglerAuth = true;
+    } catch {
+    }
+  }
+  try {
+    execSync("docker --version", { stdio: "pipe" });
+    docker = true;
+  } catch {
+  }
+  const cfg = await loadConfig();
+  if (cfg?.remoteWorkerUrl) {
+    try {
+      const res = await fetch(`${cfg.remoteWorkerUrl}/health`, { signal: AbortSignal.timeout(5e3) });
+      if (res.ok) workerUrl = cfg.remoteWorkerUrl;
+    } catch {
+    }
+  }
+  return { wrangler, wranglerAuth, docker, workerUrl };
+}
+var __dirname2, REMOTE_DIR, WORKER_DIR;
+var init_deploy = __esm({
+  "src/remote/deploy.ts"() {
+    "use strict";
+    init_config();
+    __dirname2 = dirname4(fileURLToPath3(import.meta.url));
+    REMOTE_DIR = join6(__dirname2, "..", "..", "..", "remote");
+    WORKER_DIR = join6(REMOTE_DIR, "worker");
+  }
+});
+
 // src/util/log-sink.ts
 var log_sink_exports = {};
 __export(log_sink_exports, {
@@ -401,12 +791,12 @@ __export(log_sink_exports, {
   setLogTurnId: () => setLogTurnId,
   writeLogLine: () => writeLogLine
 });
-import { homedir as homedir2 } from "os";
-import { join as join3 } from "path";
+import { homedir as homedir4 } from "os";
+import { join as join7 } from "path";
 import { mkdirSync, createWriteStream, readdirSync, statSync, unlinkSync } from "fs";
 function defaultLogDir() {
-  const xdg = process.env.XDG_CONFIG_HOME || join3(homedir2(), ".config");
-  return join3(xdg, "kimiflare", "logs");
+  const xdg = process.env.XDG_CONFIG_HOME || join7(homedir4(), ".config");
+  return join7(xdg, "kimiflare", "logs");
 }
 function isInNodeTestContext() {
   if (process.env.NODE_TEST_CONTEXT) return true;
@@ -418,7 +808,7 @@ function logDir() {
   return overrideDir ?? defaultLogDir();
 }
 function logPathFor(date = /* @__PURE__ */ new Date()) {
-  return join3(logDir(), `${date.toISOString().slice(0, 10)}.jsonl`);
+  return join7(logDir(), `${date.toISOString().slice(0, 10)}.jsonl`);
 }
 function setLogDirForTesting(dir) {
   if (currentStream) {
@@ -441,8 +831,8 @@ async function flushAndCloseForTesting() {
   const s = currentStream;
   currentStream = null;
   currentDate = null;
-  await new Promise((resolve5) => {
-    s.end(() => resolve5());
+  await new Promise((resolve8) => {
+    s.end(() => resolve8());
   });
 }
 function isLogSinkEnabled() {
@@ -488,7 +878,7 @@ function pruneOldLogs(retentionDays = RETENTION_DAYS) {
   const cutoff = Date.now() - retentionDays * 24 * 60 * 60 * 1e3;
   for (const name of entries) {
     if (!name.endsWith(".jsonl")) continue;
-    const full = join3(logDir(), name);
+    const full = join7(logDir(), name);
     try {
       const st = statSync(full);
       if (st.mtimeMs < cutoff) {
@@ -919,36 +1309,6 @@ var init_errors = __esm({
   }
 });
 
-// src/util/version.ts
-import { readFileSync } from "fs";
-import { fileURLToPath } from "url";
-import { dirname as dirname2, join as join4 } from "path";
-function getAppVersion() {
-  if (cachedVersion !== null) return cachedVersion;
-  const here = dirname2(fileURLToPath(import.meta.url));
-  const candidates = [join4(here, "..", "..", "package.json"), join4(here, "..", "package.json")];
-  for (const path of candidates) {
-    try {
-      const pkg = JSON.parse(readFileSync(path, "utf8"));
-      cachedVersion = pkg.version ?? "0.0.0";
-      return cachedVersion;
-    } catch {
-    }
-  }
-  cachedVersion = "0.0.0";
-  return cachedVersion;
-}
-function getUserAgent() {
-  return `kimiflare/${getAppVersion()} (+https://github.com/sinameraji/kimiflare)`;
-}
-var cachedVersion;
-var init_version = __esm({
-  "src/util/version.ts"() {
-    "use strict";
-    cachedVersion = null;
-  }
-});
-
 // src/agent/messages.ts
 function sanitizeString(str) {
   return str.replace(/[\uD800-\uDFFF]/g, "\uFFFD");
@@ -1432,11 +1792,11 @@ function extractCloudflareError(parsed, rawText) {
   return null;
 }
 function sleep(ms, signal) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve8, reject) => {
     if (signal?.aborted) return reject(new DOMException("aborted", "AbortError"));
     const t = setTimeout(() => {
       signal?.removeEventListener("abort", onAbort);
-      resolve5();
+      resolve8();
     }, ms);
     const onAbort = () => {
       clearTimeout(t);
@@ -1501,21 +1861,21 @@ var init_registry2 = __esm({
 });
 
 // src/storage-limits.ts
-import { readdir, stat, unlink } from "fs/promises";
-import { join as join5 } from "path";
+import { readdir as readdir2, stat as stat2, unlink } from "fs/promises";
+import { join as join8 } from "path";
 async function listFilesByMtime(dir, pattern = /.*/) {
   let entries;
   try {
-    entries = await readdir(dir);
+    entries = await readdir2(dir);
   } catch {
     return [];
   }
   const files = [];
   for (const name of entries) {
     if (!pattern.test(name)) continue;
-    const p = join5(dir, name);
+    const p = join8(dir, name);
     try {
-      const s = await stat(p);
+      const s = await stat2(p);
       if (s.isFile()) files.push({ path: p, mtime: s.mtime });
     } catch {
     }
@@ -1554,7 +1914,7 @@ async function rotateJsonl(path, maxBytes, rotations) {
   const { rename } = await import("fs/promises");
   let s;
   try {
-    s = await stat(path);
+    s = await stat2(path);
   } catch {
     return;
   }
@@ -1596,15 +1956,15 @@ var init_storage_limits = __esm({
 });
 
 // src/cost-debug.ts
-import { appendFile, mkdir as mkdir3 } from "fs/promises";
-import { homedir as homedir3 } from "os";
-import { join as join6 } from "path";
+import { appendFile, mkdir as mkdir5 } from "fs/promises";
+import { homedir as homedir5 } from "os";
+import { join as join9 } from "path";
 function debugDir() {
-  const xdg = process.env.XDG_DATA_HOME || join6(homedir3(), ".local", "share");
-  return join6(xdg, "kimiflare");
+  const xdg = process.env.XDG_DATA_HOME || join9(homedir5(), ".local", "share");
+  return join9(xdg, "kimiflare");
 }
 function debugPath() {
-  return join6(debugDir(), "cost-debug.jsonl");
+  return join9(debugDir(), "cost-debug.jsonl");
 }
 function now() {
   return (/* @__PURE__ */ new Date()).toISOString();
@@ -1659,7 +2019,7 @@ function buildToolStats(results) {
   });
 }
 async function logCostDebug(entry) {
-  await mkdir3(debugDir(), { recursive: true });
+  await mkdir5(debugDir(), { recursive: true });
   await rotateJsonl(debugPath(), RETENTION.costDebugMaxBytes, RETENTION.costDebugRotations);
   await appendFile(debugPath(), JSON.stringify(entry) + "\n", "utf8");
 }
@@ -2159,9 +2519,9 @@ var require_node_gyp_build = __commonJS({
         var debug = getFirst(path.join(dir, "build/Debug"), matchBuild);
         if (debug) return debug;
       }
-      var prebuild = resolve5(dir);
+      var prebuild = resolve8(dir);
       if (prebuild) return prebuild;
-      var nearby = resolve5(path.dirname(process.execPath));
+      var nearby = resolve8(path.dirname(process.execPath));
       if (nearby) return nearby;
       var target = [
         "platform=" + platform8,
@@ -2177,7 +2537,7 @@ var require_node_gyp_build = __commonJS({
         // eslint-disable-line
       ].filter(Boolean).join(" ");
       throw new Error("No native build was found for " + target + "\n    loaded from: " + dir + "\n");
-      function resolve5(dir2) {
+      function resolve8(dir2) {
         var tuples = readdirSync2(path.join(dir2, "prebuilds")).map(parseTuple);
         var tuple = tuples.filter(matchTuple(platform8, arch)).sort(compareTuples)[0];
         if (!tuple) return;
@@ -2317,7 +2677,7 @@ var require_isolated_vm = __commonJS({
 });
 
 // src/code-mode/sandbox.ts
-import { join as join7, dirname as dirname3 } from "path";
+import { join as join10, dirname as dirname5 } from "path";
 import { pathToFileURL } from "url";
 function stripTypescript(code) {
   let js = code;
@@ -2342,13 +2702,13 @@ async function loadTypescript(cwd) {
   } catch {
   }
   let dir = cwd;
-  while (dir !== dirname3(dir)) {
+  while (dir !== dirname5(dir)) {
     try {
-      const tsPath = join7(dir, "node_modules", "typescript", "lib", "typescript.js");
+      const tsPath = join10(dir, "node_modules", "typescript", "lib", "typescript.js");
       return await import(pathToFileURL(tsPath).href);
     } catch {
     }
-    dir = dirname3(dir);
+    dir = dirname5(dir);
   }
   return null;
 }
@@ -3025,7 +3385,7 @@ function truncateForEmbedding(text) {
   return text.slice(0, MAX_EMBED_CHARS);
 }
 async function sleep2(ms) {
-  return new Promise((resolve5) => setTimeout(resolve5, ms));
+  return new Promise((resolve8) => setTimeout(resolve8, ms));
 }
 async function fetchWithRetry(url, init, retries = 3) {
   let lastError;
@@ -3080,10 +3440,10 @@ async function fetchEmbeddings(opts2) {
     const truncated = truncateForEmbedding(text);
     const body = JSON.stringify({ text: [truncated] });
     const res = await fetchWithRetry(url, { method: "POST", headers, body });
-    const json = await res.json();
+    const json2 = await res.json();
     let vectors = [];
-    if (json && typeof json === "object") {
-      const result = json.result;
+    if (json2 && typeof json2 === "object") {
+      const result = json2.result;
       if (result && typeof result === "object") {
         const data = result.data;
         if (Array.isArray(data)) {
@@ -3572,12 +3932,12 @@ var init_mode = __esm({
 });
 
 // src/agent/system-prompt.ts
-import { platform, release, homedir as homedir4 } from "os";
-import { basename, join as join8 } from "path";
+import { platform, release, homedir as homedir6 } from "os";
+import { basename, join as join11 } from "path";
 import { readFileSync as readFileSync2, statSync as statSync2 } from "fs";
 function loadContextFile(cwd) {
   for (const name of CONTEXT_FILENAMES) {
-    const path = join8(cwd, name);
+    const path = join11(cwd, name);
     try {
       const s = statSync2(path);
       if (!s.isFile() || s.size > MAX_CONTEXT_BYTES) continue;
@@ -3627,7 +3987,7 @@ If the user asks what model you are, answer with exactly: \`${opts2.model}\`. Th
 - Working directory: ${opts2.cwd}
 - Platform: ${platform()} ${release()}
 - Shell: ${shell}
-- Home: ${homedir4()}
+- Home: ${homedir6()}
 - Today: ${date}`;
   const hasLsp = opts2.tools.some((t) => t.name.startsWith("lsp_"));
   const lspBlock = hasLsp ? "\n\nLSP tools are available for semantic code intelligence. Prefer `lsp_definition` over `grep` when looking for the source of a symbol. Prefer `lsp_references` over `grep` when finding usages. Use `lsp_hover` to confirm types before refactoring." : "";
@@ -4828,10 +5188,10 @@ var init_tool_error = __esm({
 
 // src/util/paths.ts
 import { resolve, isAbsolute, relative, sep } from "path";
-import { homedir as homedir5 } from "os";
+import { homedir as homedir7 } from "os";
 function resolvePath(cwd, input) {
   if (input.startsWith("~/") || input === "~") {
-    return resolve(homedir5(), input === "~" ? "." : input.slice(2));
+    return resolve(homedir7(), input === "~" ? "." : input.slice(2));
   }
   return isAbsolute(input) ? input : resolve(cwd, input);
 }
@@ -4865,7 +5225,7 @@ var init_paths = __esm({
 });
 
 // src/tools/read.ts
-import { readFile as readFile3, stat as stat2 } from "fs/promises";
+import { readFile as readFile5, stat as stat3 } from "fs/promises";
 import { createReadStream } from "fs";
 import { createInterface } from "readline";
 function aborted(signal) {
@@ -4936,7 +5296,7 @@ var init_read = __esm({
       async run(args, ctx) {
         if (aborted(ctx.signal)) throw abortError();
         const abs = resolvePath(ctx.cwd, args.path);
-        const st = await stat2(abs);
+        const st = await stat3(abs);
         if (aborted(ctx.signal)) throw abortError();
         if (st.size > MAX_BYTES) {
           if (args.offset === void 0 || args.limit === void 0) {
@@ -4947,7 +5307,7 @@ var init_read = __esm({
           const lines2 = await readSliceStreaming(abs, args.offset, args.limit, ctx.signal);
           return formatLines(lines2, args.offset);
         }
-        const text = await readFile3(abs, { encoding: "utf8", signal: ctx.signal });
+        const text = await readFile5(abs, { encoding: "utf8", signal: ctx.signal });
         if (aborted(ctx.signal)) throw abortError();
         const lines = text.split("\n");
         const start = Math.max(0, (args.offset ?? 1) - 1);
@@ -4960,8 +5320,8 @@ var init_read = __esm({
 });
 
 // src/tools/write.ts
-import { mkdir as mkdir4, readFile as readFile4, writeFile as writeFile3 } from "fs/promises";
-import { dirname as dirname4 } from "path";
+import { mkdir as mkdir6, readFile as readFile6, writeFile as writeFile5 } from "fs/promises";
+import { dirname as dirname6 } from "path";
 var writeTool;
 var init_write = __esm({
   "src/tools/write.ts"() {
@@ -4988,11 +5348,11 @@ var init_write = __esm({
         const abs = resolvePath(ctx.cwd, args.path);
         let before = "";
         try {
-          before = await readFile4(abs, "utf8");
+          before = await readFile6(abs, "utf8");
         } catch {
         }
-        await mkdir4(dirname4(abs), { recursive: true });
-        await writeFile3(abs, args.content, "utf8");
+        await mkdir6(dirname6(abs), { recursive: true });
+        await writeFile5(abs, args.content, "utf8");
         const verb = before ? "Overwrote" : "Created";
         return `${verb} ${args.path} (${args.content.length} chars).`;
       }
@@ -5001,7 +5361,7 @@ var init_write = __esm({
 });
 
 // src/tools/edit.ts
-import { readFile as readFile5, writeFile as writeFile4 } from "fs/promises";
+import { readFile as readFile7, writeFile as writeFile6 } from "fs/promises";
 function countOccurrences(haystack, needle) {
   if (!needle) return 0;
   let count = 0;
@@ -5039,7 +5399,7 @@ var init_edit = __esm({
       }),
       async run(args, ctx) {
         const abs = resolvePath(ctx.cwd, args.path);
-        const orig = await readFile5(abs, "utf8");
+        const orig = await readFile7(abs, "utf8");
         const occurrences = countOccurrences(orig, args.old_string);
         if (occurrences === 0) throw new Error(`old_string not found in ${args.path}`);
         if (occurrences > 1 && !args.replace_all) {
@@ -5048,7 +5408,7 @@ var init_edit = __esm({
           );
         }
         const next = args.replace_all ? orig.split(args.old_string).join(args.new_string) : orig.replace(args.old_string, args.new_string);
-        await writeFile4(abs, next, "utf8");
+        await writeFile6(abs, next, "utf8");
         return `Replaced ${occurrences} occurrence(s) in ${args.path}.`;
       }
     };
@@ -5058,7 +5418,7 @@ var init_edit = __esm({
 // src/tools/bash.ts
 import { spawn } from "child_process";
 import { tmpdir, platform as platform2 } from "os";
-import { join as join9 } from "path";
+import { join as join12 } from "path";
 function getShellCommand(override) {
   const raw = override?.trim();
   if (raw && raw !== "auto") {
@@ -5104,7 +5464,7 @@ function injectCoauthor(command, coauthor) {
   const mentionsGit = /\bgit\b/.test(trimmed);
   if (!createsCommit && !isRebaseContinue && !mentionsGit) return command;
   if (movesHeadOnly) return command;
-  const tmpFile = join9(tmpdir(), `kf-coauthor-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`);
+  const tmpFile = join12(tmpdir(), `kf-coauthor-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`);
   const amendBlock = `
     if ! git log -1 --pretty=%B 2>/dev/null | grep -qF "${trailer}"; then
       git log -1 --pretty=%B | git interpret-trailers --trailer "${trailer}" > "${tmpFile}" && git commit --amend -F "${tmpFile}" --no-edit && rm -f "${tmpFile}"
@@ -5126,7 +5486,7 @@ function runBash(args, ctx) {
   const timeout = Math.min(Math.max(1e3, args.timeout_ms ?? DEFAULT_TIMEOUT), MAX_TIMEOUT);
   const { shell, args: shellArgs, isPosix } = getShellCommand(ctx.shell);
   const command = isPosix ? injectCoauthor(args.command, ctx.coauthor) : args.command;
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve8, reject) => {
     logger.debug("bash:spawn", { command: args.command.slice(0, 200), cwd: ctx.cwd, shell });
     const child = spawn(shell, [...shellArgs, command], {
       cwd: ctx.cwd,
@@ -5179,7 +5539,7 @@ ${stdout.trimEnd()}`);
 ${stderr.trimEnd()}`);
       if (!stdout && !stderr) parts.push("(no output)");
       const raw = parts.join("\n");
-      resolve5({
+      resolve8({
         content: raw,
         rawBytes: Buffer.byteLength(raw, "utf8"),
         reducedBytes: Buffer.byteLength(raw, "utf8")
@@ -5219,8 +5579,8 @@ var init_bash = __esm({
 });
 
 // src/util/glob.ts
-import { readdir as readdir2, lstat, realpath } from "fs/promises";
-import { join as join10, relative as relative2, resolve as resolve2 } from "path";
+import { readdir as readdir3, lstat, realpath } from "fs/promises";
+import { join as join13, relative as relative2, resolve as resolve2 } from "path";
 function parsePattern(pattern) {
   const parts = pattern.split(/\//g);
   return parts.map((p) => {
@@ -5318,7 +5678,7 @@ async function* walk(root, pattern, options) {
     if (segIdx + 1 >= segs.length) {
       let entries2;
       try {
-        entries2 = await readdir2(dirPath, { withFileTypes: true, encoding: "utf8" });
+        entries2 = await readdir3(dirPath, { withFileTypes: true, encoding: "utf8" });
       } catch (err) {
         if (!suppressErrors) throw err;
         return;
@@ -5329,7 +5689,7 @@ async function* walk(root, pattern, options) {
         if (!dot && name.startsWith(".")) continue;
         const matched = seg.type === "literal" ? seg.value === name : matchSegment(name, seg.value);
         if (!matched) continue;
-        const childPath = join10(dirPath, name);
+        const childPath = join13(dirPath, name);
         const childRel = [...relativeParts, name];
         const childRelStr = childRel.join("/");
         if (shouldIgnore(childRelStr, ignorePatterns)) continue;
@@ -5343,7 +5703,7 @@ async function* walk(root, pattern, options) {
     }
     let entries;
     try {
-      entries = await readdir2(dirPath, { withFileTypes: true, encoding: "utf8" });
+      entries = await readdir3(dirPath, { withFileTypes: true, encoding: "utf8" });
     } catch (err) {
       if (!suppressErrors) throw err;
       return;
@@ -5354,7 +5714,7 @@ async function* walk(root, pattern, options) {
       if (!dot && name.startsWith(".")) continue;
       const matched = seg.type === "literal" ? seg.value === name : matchSegment(name, seg.value);
       if (!matched) continue;
-      const childPath = join10(dirPath, name);
+      const childPath = join13(dirPath, name);
       const childRel = [...relativeParts, name];
       const childRelStr = childRel.join("/");
       if (shouldIgnore(childRelStr, ignorePatterns)) continue;
@@ -5387,7 +5747,7 @@ async function* walk(root, pattern, options) {
       yield* processEntries(dirPath, segIdx + 1, relativeParts);
       let entries;
       try {
-        entries = await readdir2(dirPath, { withFileTypes: true, encoding: "utf8" });
+        entries = await readdir3(dirPath, { withFileTypes: true, encoding: "utf8" });
       } catch (err) {
         if (!suppressErrors) throw err;
         return;
@@ -5396,7 +5756,7 @@ async function* walk(root, pattern, options) {
         const name = String(ent.name);
         if (name === "." || name === "..") continue;
         if (!dot && name.startsWith(".")) continue;
-        const childPath = join10(dirPath, name);
+        const childPath = join13(dirPath, name);
         const childRel = [...relativeParts, name];
         const childRelStr = childRel.join("/");
         if (shouldIgnore(childRelStr, ignorePatterns)) continue;
@@ -5543,7 +5903,7 @@ var init_glob2 = __esm({
 // src/tools/grep.ts
 import { execFile } from "child_process";
 import { promisify } from "util";
-import { readFile as readFile6 } from "fs/promises";
+import { readFile as readFile8 } from "fs/promises";
 async function hasRipgrep() {
   if (cachedHasRg !== null) return cachedHasRg;
   try {
@@ -5590,7 +5950,7 @@ async function runJsFallback(args, root, mode, signal) {
     if (signal?.aborted) throw new DOMException("aborted", "AbortError");
     const file = files[fi];
     try {
-      const content = await readFile6(file, "utf8");
+      const content = await readFile8(file, "utf8");
       if (mode === "files") {
         if (re.test(content)) out.push(file);
       } else {
@@ -6080,9 +6440,9 @@ var changelog_image_exports = {};
 __export(changelog_image_exports, {
   changelogImageTool: () => changelogImageTool
 });
-import { readFile as readFile7 } from "fs/promises";
-import { writeFile as writeFile5 } from "fs/promises";
-import { join as join11 } from "path";
+import { readFile as readFile9 } from "fs/promises";
+import { writeFile as writeFile7 } from "fs/promises";
+import { join as join14 } from "path";
 import { Resvg } from "@resvg/resvg-js";
 async function githubFetch2(path, token) {
   const controller = new AbortController();
@@ -6114,7 +6474,7 @@ function escapeXml(str) {
 }
 async function loadLogoBase64() {
   try {
-    const buf = await readFile7(join11(process.cwd(), "docs", "logo.png"));
+    const buf = await readFile9(join14(process.cwd(), "docs", "logo.png"));
     return `data:image/png;base64,${buf.toString("base64")}`;
   } catch {
     return null;
@@ -6407,7 +6767,7 @@ Format your response as plain text bullet points, one per line, starting with "\
         setTask("4", "completed");
         setTask("5", "in_progress");
         const outputPath = args.output ?? `./changelog-${args.repo}-${version.replace(/[^a-zA-Z0-9._-]/g, "_")}.png`;
-        await writeFile5(outputPath, pngBuffer);
+        await writeFile7(outputPath, pngBuffer);
         setTask("5", "completed");
         const periodLabel = days === 1 ? "past day" : `past ${days} days`;
         const content = `\u2713 Changelog image saved to ${outputPath}
@@ -6420,12 +6780,12 @@ Format your response as plain text bullet points, one per line, starting with "\
 });
 
 // src/tools/browser.ts
-import { mkdir as mkdir5 } from "fs/promises";
+import { mkdir as mkdir7 } from "fs/promises";
 import { tmpdir as tmpdir2 } from "os";
-import { join as join12, dirname as dirname5 } from "path";
+import { join as join15, dirname as dirname7 } from "path";
 async function autoScroll(page) {
   await page.evaluate(async () => {
-    await new Promise((resolve5) => {
+    await new Promise((resolve8) => {
       let totalHeight = 0;
       const distance = 300;
       const timer2 = setInterval(() => {
@@ -6434,12 +6794,12 @@ async function autoScroll(page) {
         totalHeight += distance;
         if (totalHeight >= scrollHeight) {
           clearInterval(timer2);
-          resolve5();
+          resolve8();
         }
       }, 100);
       setTimeout(() => {
         clearInterval(timer2);
-        resolve5();
+        resolve8();
       }, 1e4);
     });
   });
@@ -6498,8 +6858,8 @@ var init_browser = __esm({
           }
           let screenshotPath;
           if (args.screenshot) {
-            screenshotPath = join12(tmpdir2(), `kimiflare-browser-${Date.now()}.png`);
-            await mkdir5(dirname5(screenshotPath), { recursive: true });
+            screenshotPath = join15(tmpdir2(), `kimiflare-browser-${Date.now()}.png`);
+            await mkdir7(dirname7(screenshotPath), { recursive: true });
             await page.screenshot({ path: screenshotPath, fullPage: true });
           }
           const text = await page.evaluate(() => {
@@ -7866,369 +8226,598 @@ var init_executor = __esm({
   }
 });
 
-// src/util/update-check.ts
-import { readFile as readFile8, writeFile as writeFile7, mkdir as mkdir6 } from "fs/promises";
-import { homedir as homedir6 } from "os";
-import { join as join13, dirname as dirname6 } from "path";
-import { fileURLToPath as fileURLToPath2 } from "url";
-function cachePath() {
-  const xdg = process.env.XDG_CONFIG_HOME || join13(homedir6(), ".config");
-  return join13(xdg, "kimiflare", "update-check.json");
+// src/sessions.ts
+var sessions_exports = {};
+__export(sessions_exports, {
+  addCheckpoint: () => addCheckpoint,
+  generateSessionTitle: () => generateSessionTitle,
+  listSessions: () => listSessions,
+  loadSession: () => loadSession,
+  loadSessionFromCheckpoint: () => loadSessionFromCheckpoint,
+  makeSessionId: () => makeSessionId,
+  pruneSessions: () => pruneSessions,
+  saveSession: () => saveSession,
+  sessionsDir: () => sessionsDir
+});
+import { readFile as readFile10, writeFile as writeFile9, mkdir as mkdir8, readdir as readdir4, stat as stat4 } from "fs/promises";
+import { homedir as homedir8 } from "os";
+import { join as join16 } from "path";
+function sessionsDir() {
+  const xdg = process.env.XDG_DATA_HOME || join16(homedir8(), ".local", "share");
+  return join16(xdg, "kimiflare", "sessions");
 }
-async function findPackageJson(startDir) {
-  let dir = startDir;
-  while (true) {
-    const candidate = join13(dir, "package.json");
+function sanitize(text) {
+  return text.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 40);
+}
+function generateSessionTitle(firstPrompt, intent) {
+  const prefix = INTENT_PREFIX_MAP[intent] ?? INTENT_PREFIX_MAP.default;
+  const cleaned = firstPrompt.replace(/\s+/g, " ").replace(/[\n\r]/g, " ").trim();
+  const words = cleaned.split(" ").slice(0, 6).join(" ");
+  const title = `${prefix} ${words}`;
+  return title.length > 40 ? title.slice(0, 37) + "..." : title;
+}
+function makeSessionId(firstPrompt) {
+  const ts = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+  const slug = sanitize(firstPrompt) || "session";
+  return `${ts}_${slug}`;
+}
+async function saveSession(file) {
+  const dir = sessionsDir();
+  await mkdir8(dir, { recursive: true });
+  const path = join16(dir, `${file.id}.json`);
+  await writeFile9(path, JSON.stringify(file, null, 2), "utf8");
+  return path;
+}
+async function pruneSessions() {
+  const dir = sessionsDir();
+  const files = await listFilesByMtime(dir, /\.json$/);
+  return pruneFiles(files, RETENTION.sessionMaxAgeDays, RETENTION.sessionMaxCount);
+}
+async function listSessions(limit = 30, cwd) {
+  const dir = sessionsDir();
+  let entries;
+  try {
+    entries = await readdir4(dir);
+  } catch {
+    return [];
+  }
+  const summaries = [];
+  for (const name of entries) {
+    if (!name.endsWith(".json")) continue;
+    const path = join16(dir, name);
     try {
-      const raw = await readFile8(candidate, "utf8");
+      const [s, raw] = await Promise.all([stat4(path), readFile10(path, "utf8")]);
       const parsed = JSON.parse(raw);
-      if (parsed.name === "kimiflare" && parsed.version) {
-        return { path: candidate, version: parsed.version };
-      }
+      if (cwd && parsed.cwd !== cwd) continue;
+      const firstUser = parsed.messages.find((m) => m.role === "user");
+      const firstPrompt = typeof firstUser?.content === "string" ? firstUser.content : firstUser?.content ? firstUser.content.find((p) => p.type === "text")?.text ?? "(no prompt)" : "(no prompt)";
+      summaries.push({
+        id: parsed.id,
+        filePath: path,
+        cwd: parsed.cwd,
+        firstPrompt: firstPrompt.slice(0, 80),
+        title: parsed.title,
+        messageCount: parsed.messages.filter((m) => m.role !== "system").length,
+        updatedAt: parsed.updatedAt ?? s.mtime.toISOString(),
+        checkpointCount: parsed.checkpoints?.length ?? 0
+      });
     } catch {
     }
-    const parent = dirname6(dir);
-    if (parent === dir) break;
-    dir = parent;
   }
-  return null;
+  summaries.sort((a, b) => b.updatedAt < a.updatedAt ? -1 : 1);
+  return summaries.slice(0, limit);
 }
-async function readLocalVersion() {
-  const here = dirname6(fileURLToPath2(import.meta.url));
-  const found = await findPackageJson(here);
-  return found?.version ?? null;
+async function loadSession(filePath) {
+  const raw = await readFile10(filePath, "utf8");
+  return JSON.parse(raw);
 }
-async function readCache() {
-  try {
-    const raw = await readFile8(cachePath(), "utf8");
-    const parsed = JSON.parse(raw);
-    if (Date.now() - parsed.checkedAt < CACHE_TTL_MS) {
-      return parsed;
-    }
-  } catch {
-  }
-  return null;
+async function addCheckpoint(filePath, checkpoint) {
+  const file = await loadSession(filePath);
+  if (!file.checkpoints) file.checkpoints = [];
+  file.checkpoints.push(checkpoint);
+  await saveSession(file);
 }
-async function writeCache(entry) {
-  const p = cachePath();
-  await mkdir6(dirname6(p), { recursive: true });
-  await writeFile7(p, JSON.stringify(entry), "utf8");
+async function loadSessionFromCheckpoint(filePath, checkpointId) {
+  const file = await loadSession(filePath);
+  const checkpoint = file.checkpoints?.find((c) => c.id === checkpointId);
+  if (!checkpoint) {
+    throw new Error(`checkpoint ${checkpointId} not found`);
+  }
+  const truncated = file.messages.slice(0, checkpoint.turnIndex);
+  return {
+    file: {
+      ...file,
+      messages: truncated,
+      sessionState: checkpoint.sessionState ?? file.sessionState,
+      artifactStore: checkpoint.artifactStore ?? file.artifactStore
+    },
+    checkpoint
+  };
 }
-async function fetchLatestVersion() {
-  try {
-    const res = await fetch(NPM_REGISTRY, {
-      headers: { "User-Agent": getUserAgent(), Accept: "application/json" }
-    });
-    if (!res.ok) return null;
-    const data = await res.json();
-    return data.version ?? null;
-  } catch {
-    return null;
+var INTENT_PREFIX_MAP;
+var init_sessions = __esm({
+  "src/sessions.ts"() {
+    "use strict";
+    init_storage_limits();
+    INTENT_PREFIX_MAP = {
+      diagnose: "Bug:",
+      feature_bounded: "Feature:",
+      feature_exploratory: "Feature:",
+      polish: "Refactor:",
+      meta: "Plan:",
+      explore: "Explore:",
+      qa: "Q&A:",
+      verify: "Verify:",
+      small_edit: "Edit:",
+      default: "Task:"
+    };
   }
+});
+
+// src/util/image.ts
+import { readFile as readFile11 } from "fs/promises";
+import { basename as basename2 } from "path";
+async function encodeImageFile(filePath) {
+  const buf = await readFile11(filePath);
+  if (buf.byteLength > MAX_IMAGE_BYTES) {
+    throw new Error(
+      `image too large (${(buf.byteLength / 1024 / 1024).toFixed(1)} MB); max is ${MAX_IMAGE_BYTES / 1024 / 1024} MB`
+    );
+  }
+  const ext = filePath.slice(filePath.lastIndexOf(".")).toLowerCase();
+  const mime = EXT_TO_MIME[ext] ?? "image/jpeg";
+  const b64 = buf.toString("base64");
+  return {
+    filename: basename2(filePath),
+    mime,
+    dataUrl: `data:${mime};base64,${b64}`
+  };
 }
-function stripV(v) {
-  return v.startsWith("v") ? v.slice(1) : v;
+function isImagePath(path) {
+  const ext = path.slice(path.lastIndexOf(".")).toLowerCase();
+  return ext in EXT_TO_MIME;
 }
-function isNewer(local, remote) {
-  const a = stripV(local).split(".").map(Number);
-  const b = stripV(remote).split(".").map(Number);
-  for (let i = 0; i < Math.max(a.length, b.length); i++) {
-    const av = a[i] ?? 0;
-    const bv = b[i] ?? 0;
-    if (av < bv) return true;
-    if (av > bv) return false;
+var MAX_IMAGE_BYTES, EXT_TO_MIME;
+var init_image = __esm({
+  "src/util/image.ts"() {
+    "use strict";
+    MAX_IMAGE_BYTES = 5 * 1024 * 1024;
+    EXT_TO_MIME = {
+      ".png": "image/png",
+      ".jpg": "image/jpeg",
+      ".jpeg": "image/jpeg",
+      ".gif": "image/gif",
+      ".webp": "image/webp",
+      ".bmp": "image/bmp"
+    };
   }
-  return false;
+});
+
+// src/permissions-evaluator.ts
+import { resolve as resolve3, relative as relative3 } from "path";
+import { homedir as homedir9 } from "os";
+function evaluatePermissionRules(req, rules) {
+  const toolRules = rules[req.tool];
+  if (!toolRules) return "ask";
+  const target = extractTarget(req.tool, req.args, req.cwd);
+  if (!target) return "ask";
+  const entries = Object.entries(toolRules).sort((a, b) => b[0].length - a[0].length);
+  for (const [pattern, rule] of entries) {
+    if (matchPattern(target, pattern, req.cwd)) {
+      return rule;
+    }
+  }
+  return "ask";
 }
-async function readOptionalDepVersion(name) {
-  try {
-    const here = dirname6(fileURLToPath2(import.meta.url));
-    const candidate = join13(here, "..", "..", "node_modules", name, "package.json");
-    const raw = await readFile8(candidate, "utf8");
-    const parsed = JSON.parse(raw);
-    return parsed.version ?? null;
-  } catch {
-    return null;
+function expandHome(path) {
+  if (path.startsWith("~/")) {
+    return resolve3(homedir9(), path.slice(2));
   }
+  return path;
 }
-async function fetchDistTagVersion(name, tag2) {
-  try {
-    const res = await fetch(`https://registry.npmjs.org/${name}/${tag2}`, {
-      headers: { "User-Agent": getUserAgent(), Accept: "application/json" }
-    });
-    if (!res.ok) return null;
-    const data = await res.json();
-    return data.version ?? null;
-  } catch {
-    return null;
+function extractTarget(tool, args, cwd) {
+  switch (tool) {
+    case "write":
+    case "edit":
+    case "read":
+    case "glob":
+    case "grep":
+      return typeof args.path === "string" ? resolve3(cwd, expandHome(args.path)) : null;
+    case "bash":
+      return typeof args.command === "string" ? args.command : null;
+    case "browser_fetch":
+    case "web_fetch":
+      return typeof args.url === "string" ? args.url : null;
+    case "search_web":
+      return typeof args.query === "string" ? args.query : null;
+    default:
+      return (typeof args.path === "string" ? resolve3(cwd, expandHome(args.path)) : null) ?? (typeof args.url === "string" ? args.url : null) ?? (typeof args.command === "string" ? args.command : null);
   }
 }
-async function checkOptionalDependency(name, tag2) {
-  const localVersion = await readOptionalDepVersion(name);
-  if (!localVersion) {
-    return { name, hasUpdate: false, localVersion: null, latestVersion: null };
+function matchPattern(target, pattern, cwd) {
+  let expandedPattern = pattern;
+  if (pattern.startsWith("~/")) {
+    expandedPattern = resolve3(homedir9(), pattern.slice(2));
   }
-  const latestVersion = await fetchDistTagVersion(name, tag2);
-  if (!latestVersion) {
-    return { name, hasUpdate: false, localVersion, latestVersion: null };
+  if (target.startsWith(expandedPattern)) {
+    return true;
   }
-  const hasUpdate = isNewer(localVersion, latestVersion);
-  return { name, hasUpdate, localVersion, latestVersion };
-}
-async function checkForUpdate(force = false) {
-  const localVersion = await readLocalVersion();
-  if (!localVersion) return { hasUpdate: false, localVersion: null, latestVersion: null };
-  if (!force) {
-    const cached = await readCache();
-    if (cached) {
-      const hasUpdate2 = isNewer(localVersion, cached.latestVersion);
-      return { hasUpdate: hasUpdate2, localVersion, latestVersion: cached.latestVersion };
+  const regex = globToRegex2(expandedPattern);
+  if (regex.test(target)) {
+    return true;
+  }
+  try {
+    const relTarget = relative3(cwd, target);
+    if (regex.test(relTarget)) {
+      return true;
     }
+  } catch {
   }
-  const latestVersion = await fetchLatestVersion();
-  if (!latestVersion) {
-    return { hasUpdate: false, localVersion, latestVersion: null };
+  return false;
+}
+function globToRegex2(pattern) {
+  let regex = pattern.replace(/\*\*/g, "<<<DOUBLESTAR>>>").replace(/\*/g, "[^/]*").replace(/<<<DOUBLESTAR>>>/g, ".*").replace(/\?/g, ".");
+  if (!regex.startsWith("/") && !regex.startsWith(".*")) {
+    regex = ".*/" + regex;
   }
-  const hasUpdate = isNewer(localVersion, latestVersion);
-  await writeCache({ checkedAt: Date.now(), latestVersion });
-  return { hasUpdate, localVersion, latestVersion };
+  return new RegExp(`^${regex}$`);
 }
-var CACHE_TTL_MS, NPM_REGISTRY;
-var init_update_check = __esm({
-  "src/util/update-check.ts"() {
+var init_permissions_evaluator = __esm({
+  "src/permissions-evaluator.ts"() {
     "use strict";
-    init_version();
-    CACHE_TTL_MS = 60 * 60 * 1e3;
-    NPM_REGISTRY = "https://registry.npmjs.org/kimiflare/latest";
   }
 });
 
-// src/remote/session-store.ts
-import { readFile as readFile9, writeFile as writeFile8, mkdir as mkdir7, readdir as readdir3 } from "fs/promises";
-import { homedir as homedir7 } from "os";
-import { join as join14 } from "path";
-function remoteDir() {
-  const xdg = process.env.XDG_DATA_HOME || join14(homedir7(), ".config");
-  return join14(xdg, "kimiflare", "remote");
+// src/hooks/types.ts
+var HOOK_EVENTS;
+var init_types = __esm({
+  "src/hooks/types.ts"() {
+    "use strict";
+    HOOK_EVENTS = [
+      "PreToolUse",
+      "PostToolUse",
+      "UserPromptSubmit",
+      "Stop",
+      "PreCompact"
+    ];
+  }
+});
+
+// src/hooks/settings.ts
+import { existsSync as existsSync2, readFileSync as readFileSync3, mkdirSync as mkdirSync2, writeFileSync } from "fs";
+import { homedir as homedir10 } from "os";
+import { join as join17, dirname as dirname8 } from "path";
+import { createHash } from "crypto";
+function globalSettingsPath() {
+  const xdg = process.env.XDG_CONFIG_HOME || join17(homedir10(), ".config");
+  return join17(xdg, "kimiflare", "settings.json");
 }
-async function saveRemoteSession(session) {
-  const dir = remoteDir();
-  await mkdir7(dir, { recursive: true });
-  const path = join14(dir, `${session.sessionId}.json`);
-  await writeFile8(path, JSON.stringify(session, null, 2) + "\n", "utf8");
+function projectSettingsPath(cwd) {
+  return join17(cwd, ".kimiflare", "settings.json");
 }
-async function loadRemoteSession(sessionId) {
+function readSettingsFile(path) {
+  if (!existsSync2(path)) return null;
   try {
-    const path = join14(remoteDir(), `${sessionId}.json`);
-    const raw = await readFile9(path, "utf8");
-    return JSON.parse(raw);
+    const raw = readFileSync3(path, "utf8");
+    const parsed = JSON.parse(raw);
+    return parsed && typeof parsed === "object" ? parsed : null;
   } catch {
     return null;
   }
 }
-async function listRemoteSessions() {
-  const dir = remoteDir();
-  try {
-    const files = await readdir3(dir);
-    const sessions = [];
-    for (const file of files) {
-      if (!file.endsWith(".json")) continue;
-      try {
-        const raw = await readFile9(join14(dir, file), "utf8");
-        sessions.push(JSON.parse(raw));
-      } catch {
-      }
+function deriveHookId(event, command) {
+  const h = createHash("sha256").update(`${event}\0${command}`).digest("hex");
+  return h.slice(0, 8);
+}
+function normalizeHook(event, raw, source) {
+  if (!raw || typeof raw !== "object") return null;
+  const r = raw;
+  if (typeof r.command !== "string" || !r.command.trim()) return null;
+  const enabled = typeof r.enabled === "boolean" ? r.enabled : true;
+  const matcher = typeof r.matcher === "string" ? r.matcher : void 0;
+  const timeoutMs = typeof r.timeoutMs === "number" && r.timeoutMs > 0 ? r.timeoutMs : void 0;
+  const description = typeof r.description === "string" ? r.description : void 0;
+  const id = typeof r.id === "string" && r.id.length > 0 ? r.id : deriveHookId(event, r.command);
+  return { id, matcher, command: r.command, timeoutMs, enabled, description, source };
+}
+function mergeHookMaps(a, b) {
+  const out = {};
+  for (const ev of HOOK_EVENTS) {
+    const left = a?.[ev] ?? [];
+    const right = b?.[ev] ?? [];
+    if (left.length + right.length === 0) continue;
+    out[ev] = [...left, ...right];
+  }
+  return out;
+}
+function loadHooksSettings(cwd) {
+  const global = readSettingsFile(globalSettingsPath());
+  const project = readSettingsFile(projectSettingsPath(cwd));
+  const normalized = (raw, source) => {
+    const out = {};
+    for (const ev of HOOK_EVENTS) {
+      const list = raw?.hooks?.[ev];
+      if (!Array.isArray(list)) continue;
+      const cleaned = list.map((h) => normalizeHook(ev, h, source)).filter((h) => h !== null);
+      if (cleaned.length > 0) out[ev] = cleaned;
     }
-    return sessions.sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
-  } catch {
-    return [];
+    return out;
+  };
+  const merged = mergeHookMaps(normalized(global, "global"), normalized(project, "project"));
+  return { hooks: merged };
+}
+function appendHook(scope, cwd, event, hook) {
+  const path = scope === "global" ? globalSettingsPath() : projectSettingsPath(cwd);
+  const existing = readSettingsFile(path) ?? {};
+  const hooks = existing.hooks ?? {};
+  const list = hooks[event] ?? [];
+  const { source: _src, ...toWrite } = hook;
+  const newId = toWrite.id ?? deriveHookId(event, toWrite.command);
+  const byId = /* @__PURE__ */ new Map();
+  for (const raw of list) {
+    if (!raw || typeof raw !== "object") continue;
+    const h = raw;
+    if (typeof h.command !== "string") continue;
+    const id = h.id ?? deriveHookId(event, h.command);
+    if (byId.has(id)) continue;
+    byId.set(id, h);
   }
+  byId.set(newId, { ...toWrite, id: newId });
+  hooks[event] = Array.from(byId.values()).map((h) => {
+    if (hook.id) return h;
+    const { id: _id, ...rest } = h;
+    return rest;
+  });
+  existing.hooks = hooks;
+  mkdirSync2(dirname8(path), { recursive: true });
+  writeFileSync(path, JSON.stringify(existing, null, 2) + "\n", "utf8");
+  return path;
 }
-async function getMostRecentRemoteSession() {
-  const sessions = await listRemoteSessions();
-  return sessions[0] ?? null;
+function setHookEnabled(cwd, id, enabled) {
+  for (const [scope, path] of [
+    ["global", globalSettingsPath()],
+    ["project", projectSettingsPath(cwd)]
+  ]) {
+    const existing = readSettingsFile(path);
+    if (!existing?.hooks) continue;
+    let changed = false;
+    for (const ev of HOOK_EVENTS) {
+      const list = existing.hooks[ev];
+      if (!Array.isArray(list)) continue;
+      for (const hook of list) {
+        if (!hook || typeof hook !== "object") continue;
+        const h = hook;
+        const hookId = h.id ?? deriveHookId(ev, h.command);
+        if (hookId === id) {
+          h.enabled = enabled;
+          changed = true;
+        }
+      }
+    }
+    if (changed) {
+      mkdirSync2(dirname8(path), { recursive: true });
+      writeFileSync(path, JSON.stringify(existing, null, 2) + "\n", "utf8");
+      return path;
+    }
+    void scope;
+  }
+  return null;
 }
-var init_session_store = __esm({
-  "src/remote/session-store.ts"() {
+var init_settings = __esm({
+  "src/hooks/settings.ts"() {
     "use strict";
+    init_types();
   }
 });
 
-// src/remote/deploy.ts
-import { execSync } from "child_process";
-import { join as join15, dirname as dirname7 } from "path";
-import { fileURLToPath as fileURLToPath3 } from "url";
-import { randomBytes } from "crypto";
-function generateSecret() {
-  return randomBytes(32).toString("hex");
-}
-function runCapture(cmd, cwd) {
-  return execSync(cmd, { cwd, encoding: "utf8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+// src/hooks/runner.ts
+import { spawn as spawn2 } from "child_process";
+function isVetoEvent(event) {
+  return event === "PreToolUse" || event === "UserPromptSubmit";
 }
-async function* deployForTui() {
-  yield { message: "Checking prerequisites..." };
-  try {
-    runCapture("wrangler --version");
-  } catch {
-    yield { message: "wrangler not found. Install: npm install -g wrangler", error: true };
-    yield { message: "Then run: wrangler login", error: true };
-    throw new Error("wrangler not installed");
-  }
-  yield { message: "wrangler OK" };
-  try {
-    runCapture("wrangler whoami");
-  } catch {
-    yield { message: "wrangler not authenticated. Run: wrangler login", error: true };
-    throw new Error("wrangler not authenticated");
-  }
-  yield { message: "wrangler authenticated" };
-  try {
-    runCapture("docker --version");
-  } catch {
-    yield { message: "Docker not found. Install: https://docs.docker.com/get-docker/", error: true };
-    throw new Error("docker not installed");
-  }
-  yield { message: "Docker OK" };
-  yield { message: "Building remote agent bundle..." };
-  try {
-    runCapture("npm run build:remote-agent", join15(REMOTE_DIR, ".."));
-    yield { message: "Agent bundle built" };
-  } catch (err) {
-    yield { message: `Build failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
-    throw err;
-  }
-  yield { message: "Deploying Worker to Cloudflare..." };
-  try {
-    runCapture("wrangler deploy", WORKER_DIR);
-    yield { message: "Worker deployed" };
-  } catch (err) {
-    yield { message: `Deploy failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
-    throw err;
-  }
-  let workerUrl;
-  try {
-    const info = runCapture("wrangler info", WORKER_DIR);
-    const match = info.match(/https:\/\/[^\s]+\.workers\.dev/);
-    if (match) workerUrl = match[0];
-  } catch {
-  }
-  if (!workerUrl) {
-    yield { message: "Could not auto-detect Worker URL", error: true };
-    throw new Error("Worker URL not found");
-  }
-  yield { message: `Worker URL: ${workerUrl}` };
-  const authSecret = generateSecret();
-  const cfg = await loadConfig();
-  const cfToken = process.env.CF_API_TOKEN ?? cfg?.apiToken;
-  if (!cfToken) {
-    yield { message: "CF_API_TOKEN not found. Set CF_API_TOKEN env var or apiToken in config", error: true };
-    throw new Error("CF_API_TOKEN missing");
-  }
-  yield { message: "Setting Worker secrets..." };
-  try {
-    execSync(`wrangler secret put REMOTE_AUTH_SECRET`, {
-      cwd: WORKER_DIR,
-      input: authSecret,
-      stdio: ["pipe", "pipe", "pipe"]
-    });
-    execSync(`wrangler secret put CF_API_TOKEN`, {
-      cwd: WORKER_DIR,
-      input: cfToken,
-      stdio: ["pipe", "pipe", "pipe"]
-    });
-    yield { message: "Secrets set" };
-  } catch (err) {
-    yield { message: `Secret setup failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
-    throw err;
-  }
-  const imageTag = "ghcr.io/sinameraji/kimiflare-remote-agent:latest";
-  yield { message: "Building container image..." };
-  try {
-    runCapture(`docker build -t ${imageTag} .`, REMOTE_DIR);
-    yield { message: "Image built" };
-  } catch (err) {
-    yield { message: `Image build failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
-    throw err;
+function buildHookEnv(payload) {
+  const env2 = {
+    KIMIFLARE_HOOK_EVENT: payload.event,
+    KIMIFLARE_HOOK_CWD: payload.cwd,
+    KIMIFLARE_HOOK_PAYLOAD: JSON.stringify(payload)
+  };
+  if (payload.session_id) env2.KIMIFLARE_HOOK_SESSION_ID = payload.session_id;
+  if (payload.event === "PreToolUse" || payload.event === "PostToolUse") {
+    const p = payload;
+    env2.KIMIFLARE_HOOK_TOOL = p.tool;
+    const path = p.args.path;
+    if (typeof path === "string") env2.KIMIFLARE_HOOK_PATH = path;
+    if (p.tier) env2.KIMIFLARE_HOOK_TIER = p.tier;
+    if (p.event === "PostToolUse") {
+      env2.KIMIFLARE_HOOK_RESULT_OK = String(p.result.ok);
+      const ec = p.result.errorCode;
+      if (ec) env2.KIMIFLARE_HOOK_RESULT_ERROR_CODE = ec;
+    }
   }
-  yield { message: `Pushing ${imageTag}...` };
-  try {
-    runCapture(`docker push ${imageTag}`, REMOTE_DIR);
-    yield { message: "Image pushed" };
-  } catch (err) {
-    yield { message: `Push failed: ${err instanceof Error ? err.message : String(err)}`, error: true };
-    yield { message: "Make sure you're logged into ghcr.io: docker login ghcr.io -u USERNAME -p GITHUB_TOKEN", error: true };
-    throw err;
+  if (payload.event === "UserPromptSubmit") {
+    const p = payload;
+    if (p.tier) env2.KIMIFLARE_HOOK_TIER = p.tier;
   }
-  const nextCfg = {
-    ...cfg ?? { accountId: "", apiToken: "", model: "@cf/moonshotai/kimi-k2.6" },
-    remoteWorkerUrl: workerUrl,
-    remoteAuthSecret: authSecret
-  };
-  await saveConfig(nextCfg);
-  yield { message: "Config saved" };
-  yield { message: "Remote infrastructure ready!", done: true };
-  return { workerUrl, authSecret };
+  return env2;
 }
-async function runDeploy() {
-  console.log("kimiflare remote deploy\n");
-  try {
-    for await (const step of deployForTui()) {
-      console.log(step.message);
-      if (step.done) break;
-      if (step.error) process.exit(1);
-    }
-    console.log("\nDeploy complete!");
-  } catch (err) {
-    console.error(`Deploy failed: ${err instanceof Error ? err.message : String(err)}`);
-    process.exit(1);
+function capStream(s) {
+  if (Buffer.byteLength(s, "utf8") <= STREAM_CAP_BYTES) return s;
+  let cut = s;
+  while (Buffer.byteLength(cut, "utf8") > STREAM_CAP_BYTES) {
+    cut = cut.slice(0, Math.floor(cut.length * 0.9));
   }
+  return `${cut}
+[\u2026truncated]`;
 }
-async function checkDeployStatus() {
-  let wrangler = false;
-  let wranglerAuth = false;
-  let docker = false;
-  let workerUrl;
+async function runHook(hook, payload, signal) {
+  const start = Date.now();
+  const timeoutMs = hook.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+  const env2 = { ...process.env, ...buildHookEnv(payload) };
+  const json2 = JSON.stringify(payload);
+  const id = hook.id ?? "anonymous";
+  let result;
   try {
-    execSync("wrangler --version", { stdio: "pipe" });
-    wrangler = true;
-  } catch {
+    result = await spawnImpl(hook.command, json2, env2, payload.cwd, timeoutMs, signal);
+  } catch (e) {
+    return {
+      id,
+      exitCode: null,
+      stdout: "",
+      stderr: e instanceof Error ? e.message : String(e),
+      timedOut: false,
+      durationMs: Date.now() - start
+    };
   }
-  if (wrangler) {
+  return {
+    id,
+    exitCode: result.exitCode,
+    stdout: capStream(result.stdout.trim()),
+    stderr: capStream(result.stderr.trim()),
+    timedOut: result.timedOut,
+    durationMs: Date.now() - start
+  };
+}
+function filterHooks(hooks, toolName) {
+  if (!hooks || hooks.length === 0) return [];
+  return hooks.filter((h) => {
+    if (h.enabled === false) return false;
+    if (!h.matcher) return true;
+    if (!toolName) return true;
     try {
-      execSync("wrangler whoami", { stdio: "pipe" });
-      wranglerAuth = true;
+      return new RegExp(h.matcher).test(toolName);
     } catch {
+      return false;
     }
-  }
-  try {
-    execSync("docker --version", { stdio: "pipe" });
-    docker = true;
-  } catch {
-  }
-  const cfg = await loadConfig();
-  if (cfg?.remoteWorkerUrl) {
-    try {
-      const res = await fetch(`${cfg.remoteWorkerUrl}/health`, { signal: AbortSignal.timeout(5e3) });
-      if (res.ok) workerUrl = cfg.remoteWorkerUrl;
-    } catch {
+  });
+}
+async function runHooks(event, hooks, payload, toolName = null, signal) {
+  const matched = filterHooks(hooks, toolName);
+  const outcomes = [];
+  const veto = isVetoEvent(event);
+  const vetoReasons = [];
+  let vetoed = false;
+  for (const hook of matched) {
+    const outcome = await runHook(hook, payload, signal);
+    outcomes.push(outcome);
+    if (outcome.timedOut) {
+      logger.warn("hook:timeout", {
+        event,
+        id: outcome.id,
+        timeoutMs: hook.timeoutMs ?? DEFAULT_TIMEOUT_MS
+      });
+    } else if (outcome.exitCode !== 0 && outcome.exitCode !== null) {
+      logger.info("hook:nonzero_exit", {
+        event,
+        id: outcome.id,
+        exitCode: outcome.exitCode
+      });
+    }
+    if (veto && (outcome.exitCode !== 0 || outcome.timedOut)) {
+      vetoed = true;
+      const reason = outcome.stdout || outcome.stderr || `hook ${outcome.id} exited ${outcome.exitCode}`;
+      vetoReasons.push(reason);
+      break;
     }
   }
-  return { wrangler, wranglerAuth, docker, workerUrl };
+  return { outcomes, vetoed, vetoReason: vetoReasons.join("\n") };
 }
-var __dirname2, REMOTE_DIR, WORKER_DIR;
-var init_deploy = __esm({
-  "src/remote/deploy.ts"() {
+var DEFAULT_TIMEOUT_MS, STREAM_CAP_BYTES, defaultSpawn, spawnImpl;
+var init_runner = __esm({
+  "src/hooks/runner.ts"() {
     "use strict";
-    init_config();
-    __dirname2 = dirname7(fileURLToPath3(import.meta.url));
-    REMOTE_DIR = join15(__dirname2, "..", "..", "..", "remote");
-    WORKER_DIR = join15(REMOTE_DIR, "worker");
+    init_logger();
+    DEFAULT_TIMEOUT_MS = 3e4;
+    STREAM_CAP_BYTES = 4 * 1024;
+    defaultSpawn = (command, payloadJson, env2, cwd, timeoutMs, signal) => new Promise((resolve8) => {
+      const child = spawn2(command, {
+        shell: true,
+        cwd,
+        env: env2,
+        stdio: ["pipe", "pipe", "pipe"]
+      });
+      let stdout = "";
+      let stderr = "";
+      let settled = false;
+      const finish = (exitCode, timedOut = false) => {
+        if (settled) return;
+        settled = true;
+        clearTimeout(timer2);
+        signal?.removeEventListener("abort", onAbort);
+        resolve8({ exitCode, stdout, stderr, timedOut });
+      };
+      const onAbort = () => {
+        child.kill("SIGTERM");
+        finish(null, true);
+      };
+      const timer2 = setTimeout(() => {
+        child.kill("SIGTERM");
+        finish(null, true);
+      }, timeoutMs);
+      signal?.addEventListener("abort", onAbort);
+      child.stdout.setEncoding("utf8");
+      child.stderr.setEncoding("utf8");
+      child.stdout.on("data", (d) => {
+        stdout += d;
+      });
+      child.stderr.on("data", (d) => {
+        stderr += d;
+      });
+      child.on("error", () => finish(null));
+      child.on("exit", (code) => finish(code));
+      try {
+        child.stdin.end(payloadJson);
+      } catch {
+      }
+    });
+    spawnImpl = defaultSpawn;
+  }
+});
+
+// src/hooks/manager.ts
+var manager_exports = {};
+__export(manager_exports, {
+  HooksManager: () => HooksManager
+});
+var HooksManager;
+var init_manager = __esm({
+  "src/hooks/manager.ts"() {
+    "use strict";
+    init_settings();
+    init_runner();
+    HooksManager = class {
+      cwd;
+      settings;
+      constructor(cwd) {
+        this.cwd = cwd;
+        this.settings = loadHooksSettings(cwd);
+      }
+      /** Re-read settings from disk. */
+      reload() {
+        this.settings = loadHooksSettings(this.cwd);
+      }
+      /** All hooks registered for an event, before matcher filtering. */
+      hooksFor(event) {
+        return this.settings.hooks?.[event] ?? [];
+      }
+      /** True if at least one enabled hook would match this event. Cheap
+       *  pre-check the loop can use to avoid building payloads for events
+       *  that have no listeners. */
+      hasEnabledHooks(event) {
+        const list = this.hooksFor(event);
+        return list.some((h) => h.enabled !== false);
+      }
+      /** Fire all matching hooks for `event`. Toolname is used only by
+       *  PreToolUse / PostToolUse matchers. */
+      fire(event, payload, toolName = null, signal) {
+        return runHooks(event, this.hooksFor(event), payload, toolName, signal);
+      }
+    };
   }
 });
 
 // src/cost-attribution/types.ts
 var ALL_CATEGORIES;
-var init_types = __esm({
+var init_types2 = __esm({
   "src/cost-attribution/types.ts"() {
     "use strict";
     ALL_CATEGORIES = [
@@ -8307,7 +8896,7 @@ function buildReport(opts2) {
 var init_report = __esm({
   "src/cost-attribution/report.ts"() {
     "use strict";
-    init_types();
+    init_types2();
   }
 });
 
@@ -8431,10 +9020,10 @@ async function fetchGatewayLogs(accountId, apiToken, gatewayId, startDate, endDa
     if (!res.ok) {
       throw new Error(`gateway logs HTTP ${res.status}`);
     }
-    const json = await res.json();
-    const page = Array.isArray(json.result) ? json.result : [];
+    const json2 = await res.json();
+    const page = Array.isArray(json2.result) ? json2.result : [];
     out.push(...page);
-    cursor = json.result_info?.cursor;
+    cursor = json2.result_info?.cursor;
     if (!cursor || page.length === 0) break;
   }
   return out;
@@ -8524,12 +9113,12 @@ function extOf(path) {
   const idx = path.lastIndexOf(".");
   return idx >= 0 ? path.slice(idx).toLowerCase() : "";
 }
-function basename2(path) {
+function basename4(path) {
   const idx = Math.max(path.lastIndexOf("/"), path.lastIndexOf("\\"));
   return idx >= 0 ? path.slice(idx + 1) : path;
 }
 function classifyFile(path) {
-  const base = basename2(path);
+  const base = basename4(path);
   const ext = extOf(path);
   if (TEST_PATTERNS.test(base)) return "writing-tests";
   if (base.toLowerCase().startsWith("readme")) return "reading-documentation";
@@ -8540,7 +9129,7 @@ function classifyFile(path) {
   return null;
 }
 function classifyWriteFile(path) {
-  const base = basename2(path);
+  const base = basename4(path);
   const ext = extOf(path);
   if (TEST_PATTERNS.test(base)) return "writing-tests";
   if (base.toLowerCase().startsWith("readme") || DOC_EXTS.has(ext)) return "writing-documentation";
@@ -8549,7 +9138,7 @@ function classifyWriteFile(path) {
   return null;
 }
 function classifyEditFile(path) {
-  const base = basename2(path);
+  const base = basename4(path);
   const ext = extOf(path);
   if (base.toLowerCase().startsWith("readme") || DOC_EXTS.has(ext)) return "editing-documentation";
   if (CONFIG_EXTS.has(ext)) return "editing-configuration";
@@ -8736,12 +9325,12 @@ var init_heuristic = __esm({
 });
 
 // src/cost-attribution/classify-from-session.ts
-import { readFile as readFile10 } from "fs/promises";
-import { join as join16 } from "path";
-import { homedir as homedir8 } from "os";
-function sessionsDir() {
-  const xdg = process.env.XDG_DATA_HOME || join16(homedir8(), ".local", "share");
-  return join16(xdg, "kimiflare", "sessions");
+import { readFile as readFile13 } from "fs/promises";
+import { join as join18 } from "path";
+import { homedir as homedir11 } from "os";
+function sessionsDir2() {
+  const xdg = process.env.XDG_DATA_HOME || join18(homedir11(), ".local", "share");
+  return join18(xdg, "kimiflare", "sessions");
 }
 function parseToolCalls(calls) {
   return calls.map((c) => {
@@ -8755,7 +9344,7 @@ function parseToolCalls(calls) {
 }
 async function classifyFromSessionFile(sessionId) {
   try {
-    const raw = await readFile10(join16(sessionsDir(), `${sessionId}.json`), "utf8");
+    const raw = await readFile13(join18(sessionsDir2(), `${sessionId}.json`), "utf8");
     const session = JSON.parse(raw);
     const messages = session.messages ?? [];
     const turns = [];
@@ -8788,15 +9377,15 @@ var cli_exports = {};
 __export(cli_exports, {
   runCostCommand: () => runCostCommand
 });
-import { readFile as readFile11 } from "fs/promises";
-import { join as join17 } from "path";
-import { homedir as homedir9 } from "os";
+import { readFile as readFile14 } from "fs/promises";
+import { join as join19 } from "path";
+import { homedir as homedir12 } from "os";
 function usageDir() {
-  const xdg = process.env.XDG_DATA_HOME || join17(homedir9(), ".local", "share");
-  return join17(xdg, "kimiflare");
+  const xdg = process.env.XDG_DATA_HOME || join19(homedir12(), ".local", "share");
+  return join19(xdg, "kimiflare");
 }
 function usagePath() {
-  return join17(usageDir(), "usage.json");
+  return join19(usageDir(), "usage.json");
 }
 function today() {
   return (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
@@ -8808,7 +9397,7 @@ function daysAgo(n) {
 }
 async function loadLog() {
   try {
-    const raw = await readFile11(usagePath(), "utf8");
+    const raw = await readFile14(usagePath(), "utf8");
     return JSON.parse(raw);
   } catch {
     return { version: 1, days: [], sessions: [] };
@@ -8894,134 +9483,6 @@ var init_cli = __esm({
   }
 });
 
-// src/sessions.ts
-var sessions_exports = {};
-__export(sessions_exports, {
-  addCheckpoint: () => addCheckpoint,
-  generateSessionTitle: () => generateSessionTitle,
-  listSessions: () => listSessions,
-  loadSession: () => loadSession,
-  loadSessionFromCheckpoint: () => loadSessionFromCheckpoint,
-  makeSessionId: () => makeSessionId,
-  pruneSessions: () => pruneSessions,
-  saveSession: () => saveSession,
-  sessionsDir: () => sessionsDir2
-});
-import { readFile as readFile12, writeFile as writeFile9, mkdir as mkdir8, readdir as readdir4, stat as stat4 } from "fs/promises";
-import { homedir as homedir10 } from "os";
-import { join as join18 } from "path";
-function sessionsDir2() {
-  const xdg = process.env.XDG_DATA_HOME || join18(homedir10(), ".local", "share");
-  return join18(xdg, "kimiflare", "sessions");
-}
-function sanitize(text) {
-  return text.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 40);
-}
-function generateSessionTitle(firstPrompt, intent) {
-  const prefix = INTENT_PREFIX_MAP[intent] ?? INTENT_PREFIX_MAP.default;
-  const cleaned = firstPrompt.replace(/\s+/g, " ").replace(/[\n\r]/g, " ").trim();
-  const words = cleaned.split(" ").slice(0, 6).join(" ");
-  const title = `${prefix} ${words}`;
-  return title.length > 40 ? title.slice(0, 37) + "..." : title;
-}
-function makeSessionId(firstPrompt) {
-  const ts = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
-  const slug = sanitize(firstPrompt) || "session";
-  return `${ts}_${slug}`;
-}
-async function saveSession(file) {
-  const dir = sessionsDir2();
-  await mkdir8(dir, { recursive: true });
-  const path = join18(dir, `${file.id}.json`);
-  await writeFile9(path, JSON.stringify(file, null, 2), "utf8");
-  return path;
-}
-async function pruneSessions() {
-  const dir = sessionsDir2();
-  const files = await listFilesByMtime(dir, /\.json$/);
-  return pruneFiles(files, RETENTION.sessionMaxAgeDays, RETENTION.sessionMaxCount);
-}
-async function listSessions(limit = 30, cwd) {
-  const dir = sessionsDir2();
-  let entries;
-  try {
-    entries = await readdir4(dir);
-  } catch {
-    return [];
-  }
-  const summaries = [];
-  for (const name of entries) {
-    if (!name.endsWith(".json")) continue;
-    const path = join18(dir, name);
-    try {
-      const [s, raw] = await Promise.all([stat4(path), readFile12(path, "utf8")]);
-      const parsed = JSON.parse(raw);
-      if (cwd && parsed.cwd !== cwd) continue;
-      const firstUser = parsed.messages.find((m) => m.role === "user");
-      const firstPrompt = typeof firstUser?.content === "string" ? firstUser.content : firstUser?.content ? firstUser.content.find((p) => p.type === "text")?.text ?? "(no prompt)" : "(no prompt)";
-      summaries.push({
-        id: parsed.id,
-        filePath: path,
-        cwd: parsed.cwd,
-        firstPrompt: firstPrompt.slice(0, 80),
-        title: parsed.title,
-        messageCount: parsed.messages.filter((m) => m.role !== "system").length,
-        updatedAt: parsed.updatedAt ?? s.mtime.toISOString(),
-        checkpointCount: parsed.checkpoints?.length ?? 0
-      });
-    } catch {
-    }
-  }
-  summaries.sort((a, b) => b.updatedAt < a.updatedAt ? -1 : 1);
-  return summaries.slice(0, limit);
-}
-async function loadSession(filePath) {
-  const raw = await readFile12(filePath, "utf8");
-  return JSON.parse(raw);
-}
-async function addCheckpoint(filePath, checkpoint) {
-  const file = await loadSession(filePath);
-  if (!file.checkpoints) file.checkpoints = [];
-  file.checkpoints.push(checkpoint);
-  await saveSession(file);
-}
-async function loadSessionFromCheckpoint(filePath, checkpointId) {
-  const file = await loadSession(filePath);
-  const checkpoint = file.checkpoints?.find((c) => c.id === checkpointId);
-  if (!checkpoint) {
-    throw new Error(`checkpoint ${checkpointId} not found`);
-  }
-  const truncated = file.messages.slice(0, checkpoint.turnIndex);
-  return {
-    file: {
-      ...file,
-      messages: truncated,
-      sessionState: checkpoint.sessionState ?? file.sessionState,
-      artifactStore: checkpoint.artifactStore ?? file.artifactStore
-    },
-    checkpoint
-  };
-}
-var INTENT_PREFIX_MAP;
-var init_sessions = __esm({
-  "src/sessions.ts"() {
-    "use strict";
-    init_storage_limits();
-    INTENT_PREFIX_MAP = {
-      diagnose: "Bug:",
-      feature_bounded: "Feature:",
-      feature_exploratory: "Feature:",
-      polish: "Refactor:",
-      meta: "Plan:",
-      explore: "Explore:",
-      qa: "Q&A:",
-      verify: "Verify:",
-      small_edit: "Edit:",
-      default: "Task:"
-    };
-  }
-});
-
 // src/camouflage-resume.ts
 var camouflage_resume_exports = {};
 __export(camouflage_resume_exports, {
@@ -9111,7 +9572,7 @@ __export(tui_auth_exports, {
   authGitHubForTui: () => authGitHubForTui
 });
 function sleep3(ms) {
-  return new Promise((resolve5) => setTimeout(resolve5, ms));
+  return new Promise((resolve8) => setTimeout(resolve8, ms));
 }
 async function* authGitHubForTui() {
   yield { message: "Starting GitHub OAuth device flow..." };
@@ -9193,6 +9654,701 @@ var init_tui_auth = __esm({
   }
 });
 
+// src/server/sse.ts
+function createSseStream(res) {
+  res.writeHead(200, {
+    "Content-Type": "text/event-stream",
+    "Cache-Control": "no-cache",
+    Connection: "keep-alive"
+  });
+  const heartbeat = setInterval(() => {
+    res.write(":heartbeat\n\n");
+  }, 3e4);
+  res.on("close", () => {
+    clearInterval(heartbeat);
+  });
+  return {
+    send(event, data) {
+      const payload = JSON.stringify(data);
+      res.write(`event: ${event}
+`);
+      res.write(`data: ${payload}
+
+`);
+    },
+    close() {
+      clearInterval(heartbeat);
+      res.end();
+    }
+  };
+}
+var init_sse2 = __esm({
+  "src/server/sse.ts"() {
+    "use strict";
+  }
+});
+
+// src/server/openapi.ts
+function getOpenApiSpec() {
+  const spec = {
+    openapi: "3.1.0",
+    info: {
+      title: "KimiFlare Headless Server API",
+      version: "1.0.0",
+      description: "HTTP API for running KimiFlare agent sessions headlessly."
+    },
+    servers: [{ url: "/", description: "Local server" }],
+    paths: {
+      "/": {
+        get: {
+          summary: "Health check",
+          responses: {
+            "200": {
+              description: "Server is running",
+              content: {
+                "application/json": {
+                  schema: { type: "object", properties: { status: { type: "string" }, version: { type: "string" } } }
+                }
+              }
+            }
+          }
+        }
+      },
+      "/prompt": {
+        post: {
+          summary: "Start a new agent session with a prompt",
+          requestBody: {
+            required: true,
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  required: ["prompt"],
+                  properties: {
+                    prompt: { type: "string", description: "The user prompt" },
+                    model: { type: "string", description: "Model ID to use" },
+                    cwd: { type: "string", description: "Working directory" },
+                    title: { type: "string", description: "Session title" },
+                    files: { type: "array", items: { type: "string" }, description: "File paths or globs to attach" },
+                    allowAll: { type: "boolean", description: "Auto-approve all tool calls" }
+                  }
+                }
+              }
+            }
+          },
+          responses: {
+            "202": {
+              description: "Session started",
+              content: {
+                "application/json": {
+                  schema: {
+                    type: "object",
+                    properties: {
+                      sessionId: { type: "string" },
+                      status: { type: "string" }
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
+      },
+      "/session": {
+        get: {
+          summary: "List sessions",
+          parameters: [
+            {
+              name: "cwd",
+              in: "query",
+              schema: { type: "string" },
+              description: "Filter by working directory"
+            }
+          ],
+          responses: {
+            "200": {
+              description: "List of sessions",
+              content: {
+                "application/json": {
+                  schema: {
+                    type: "object",
+                    properties: {
+                      sessions: {
+                        type: "array",
+                        items: {
+                          type: "object",
+                          properties: {
+                            id: { type: "string" },
+                            cwd: { type: "string" },
+                            firstPrompt: { type: "string" },
+                            title: { type: "string" },
+                            messageCount: { type: "number" },
+                            updatedAt: { type: "string" }
+                          }
+                        }
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
+      },
+      "/session/{id}": {
+        get: {
+          summary: "Get session state",
+          parameters: [
+            {
+              name: "id",
+              in: "path",
+              required: true,
+              schema: { type: "string" }
+            }
+          ],
+          responses: {
+            "200": {
+              description: "Session state",
+              content: {
+                "application/json": {
+                  schema: {
+                    type: "object",
+                    properties: {
+                      id: { type: "string" },
+                      cwd: { type: "string" },
+                      model: { type: "string" },
+                      messages: { type: "array" },
+                      title: { type: "string" },
+                      updatedAt: { type: "string" }
+                    }
+                  }
+                }
+              }
+            },
+            "404": { description: "Session not found" }
+          }
+        },
+        delete: {
+          summary: "Delete a session",
+          parameters: [
+            {
+              name: "id",
+              in: "path",
+              required: true,
+              schema: { type: "string" }
+            }
+          ],
+          responses: {
+            "200": {
+              description: "Session deleted",
+              content: {
+                "application/json": {
+                  schema: {
+                    type: "object",
+                    properties: { deleted: { type: "string" } }
+                  }
+                }
+              }
+            }
+          }
+        }
+      },
+      "/session/{id}/prompt": {
+        post: {
+          summary: "Send a follow-up prompt to a session",
+          parameters: [
+            {
+              name: "id",
+              in: "path",
+              required: true,
+              schema: { type: "string" }
+            }
+          ],
+          requestBody: {
+            required: true,
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  required: ["prompt"],
+                  properties: {
+                    prompt: { type: "string" },
+                    files: { type: "array", items: { type: "string" } },
+                    allowAll: { type: "boolean" }
+                  }
+                }
+              }
+            }
+          },
+          responses: {
+            "202": {
+              description: "Follow-up started",
+              content: {
+                "application/json": {
+                  schema: {
+                    type: "object",
+                    properties: {
+                      sessionId: { type: "string" },
+                      status: { type: "string" }
+                    }
+                  }
+                }
+              }
+            },
+            "404": { description: "Session not found" }
+          }
+        }
+      },
+      "/event": {
+        get: {
+          summary: "Server-Sent Events stream",
+          responses: {
+            "200": {
+              description: "SSE stream of session events",
+              content: {
+                "text/event-stream": {
+                  schema: {
+                    type: "object",
+                    description: "Stream of events: server.connected, assistant.delta, tool.call, tool.result, usage.update, session.completed, error"
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  };
+  return `<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>KimiFlare Headless Server API</title>
+  <style>
+    body { font-family: system-ui, sans-serif; max-width: 900px; margin: 40px auto; padding: 0 20px; }
+    pre { background: #f5f5f5; padding: 16px; border-radius: 8px; overflow-x: auto; }
+    h1 { border-bottom: 2px solid #333; padding-bottom: 8px; }
+    h2 { margin-top: 32px; }
+    code { background: #f0f0f0; padding: 2px 6px; border-radius: 4px; }
+  </style>
+</head>
+<body>
+  <h1>KimiFlare Headless Server API</h1>
+  <p>OpenAPI 3.1 specification for the local HTTP server.</p>
+  <h2>Spec</h2>
+  <pre>${JSON.stringify(spec, null, 2)}</pre>
+</body>
+</html>`;
+}
+var init_openapi = __esm({
+  "src/server/openapi.ts"() {
+    "use strict";
+  }
+});
+
+// src/server/routes.ts
+import { URL as URL2 } from "url";
+import { readFile as readFile15 } from "fs/promises";
+import { resolve as resolve5, basename as basename5 } from "path";
+function json(res, status, data) {
+  res.writeHead(status, { "Content-Type": "application/json" });
+  res.end(JSON.stringify(data));
+}
+function badRequest(res, message2) {
+  json(res, 400, { error: message2 });
+}
+function notFound(res, message2) {
+  json(res, 404, { error: message2 });
+}
+async function readBody(req) {
+  const chunks = [];
+  for await (const chunk of req) {
+    chunks.push(chunk);
+  }
+  const text = Buffer.concat(chunks).toString("utf8");
+  try {
+    return JSON.parse(text);
+  } catch {
+    return text;
+  }
+}
+async function resolveFiles2(filePatterns, cwd) {
+  const resolved = /* @__PURE__ */ new Set();
+  for (const pattern of filePatterns) {
+    try {
+      const stat8 = await import("fs/promises").then((m) => m.stat(resolve5(cwd, pattern)));
+      if (stat8.isFile()) {
+        resolved.add(resolve5(cwd, pattern));
+        continue;
+      }
+    } catch {
+    }
+    const matches = await glob(pattern, { cwd, absolute: true });
+    for (const m of matches) {
+      resolved.add(m);
+    }
+  }
+  return [...resolved];
+}
+async function buildUserMessage2(prompt, files, cwd) {
+  let text = prompt;
+  const imageParts = [];
+  const fileContents = [];
+  for (const filePath of files) {
+    if (isImagePath(filePath)) {
+      try {
+        const img = await encodeImageFile(filePath);
+        imageParts.push({ type: "image_url", image_url: { url: img.dataUrl } });
+      } catch (e) {
+        fileContents.push(`
+<!-- failed to attach image ${basename5(filePath)}: ${e.message} -->
+`);
+      }
+    } else {
+      try {
+        const content = await readFile15(filePath, "utf8");
+        const relPath = filePath.startsWith(cwd) ? filePath.slice(cwd.length + 1) : filePath;
+        fileContents.push(`
+--- ${relPath} ---
+${content}
+--- end ${relPath} ---
+`);
+      } catch (e) {
+        fileContents.push(`
+<!-- failed to read ${basename5(filePath)}: ${e.message} -->
+`);
+      }
+    }
+  }
+  if (fileContents.length > 0) {
+    text += "\n\n" + fileContents.join("\n");
+  }
+  if (imageParts.length > 0) {
+    const parts = [{ type: "text", text }];
+    parts.push(...imageParts);
+    return parts;
+  }
+  return text;
+}
+function setupRoutes(config2) {
+  async function handleRequest(req, res) {
+    const url = new URL2(req.url ?? "/", `http://${req.headers.host}`);
+    const method = req.method ?? "GET";
+    const pathname = url.pathname;
+    try {
+      if (pathname === "/" && method === "GET") {
+        json(res, 200, { status: "ok", version: process.env.npm_package_version ?? "dev" });
+        return;
+      }
+      if (pathname === "/doc" && method === "GET") {
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(getOpenApiSpec());
+        return;
+      }
+      if (pathname === "/event" && method === "GET") {
+        const client = createSseStream(res);
+        client.send("server.connected", { timestamp: Date.now() });
+        return;
+      }
+      if (pathname === "/session" && method === "GET") {
+        const cwd = url.searchParams.get("cwd") ?? void 0;
+        const sessions = await listSessions(30, cwd);
+        json(res, 200, { sessions });
+        return;
+      }
+      const sessionMatch = pathname.match(/^\/session\/([^/]+)$/);
+      if (sessionMatch && method === "GET") {
+        const sessionId = sessionMatch[1];
+        const active = activeSessions.get(sessionId);
+        if (active) {
+          json(res, 200, {
+            id: active.sessionFile.id,
+            cwd: active.sessionFile.cwd,
+            model: active.sessionFile.model,
+            messages: active.messages,
+            title: active.sessionFile.title,
+            updatedAt: active.sessionFile.updatedAt
+          });
+          return;
+        }
+        try {
+          const file = await loadSession(resolve5(sessionsDir(), `${sessionId}.json`));
+          json(res, 200, {
+            id: file.id,
+            cwd: file.cwd,
+            model: file.model,
+            messages: file.messages,
+            title: file.title,
+            updatedAt: file.updatedAt
+          });
+          return;
+        } catch {
+          notFound(res, `session ${sessionId} not found`);
+          return;
+        }
+      }
+      if (sessionMatch && method === "DELETE") {
+        const sessionId = sessionMatch[1];
+        activeSessions.delete(sessionId);
+        try {
+          const { unlink: unlink6 } = await import("fs/promises");
+          await unlink6(resolve5(sessionsDir(), `${sessionId}.json`));
+        } catch {
+        }
+        json(res, 200, { deleted: sessionId });
+        return;
+      }
+      if (pathname === "/prompt" && method === "POST") {
+        const body = await readBody(req);
+        const prompt = typeof body.prompt === "string" ? body.prompt : "";
+        const model = typeof body.model === "string" ? body.model : config2.model ?? "@cf/moonshotai/kimi-k2.6";
+        const cwd = typeof body.cwd === "string" ? body.cwd : process.cwd();
+        const title = typeof body.title === "string" ? body.title : void 0;
+        const files = Array.isArray(body.files) ? body.files.filter((f) => typeof f === "string") : [];
+        const allowAll = body.allowAll === true;
+        if (!prompt) {
+          badRequest(res, "prompt is required");
+          return;
+        }
+        const { makeSessionId: makeSessionId2 } = await Promise.resolve().then(() => (init_sessions(), sessions_exports));
+        const sessionId = makeSessionId2(prompt);
+        const sessionFile = {
+          id: sessionId,
+          cwd,
+          model,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+          updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          messages: [],
+          title
+        };
+        const executor = new ToolExecutor(ALL_TOOLS);
+        const messages = [
+          { role: "system", content: buildSystemPrompt({ cwd, tools: ALL_TOOLS, model }) }
+        ];
+        const resolvedFiles = await resolveFiles2(files, cwd);
+        const userContent = await buildUserMessage2(prompt, resolvedFiles, cwd);
+        messages.push({ role: "user", content: userContent });
+        const active = {
+          sessionFile,
+          messages,
+          executor,
+          sseClients: /* @__PURE__ */ new Set()
+        };
+        activeSessions.set(sessionId, active);
+        runAgentTurnForSession(active, config2, allowAll);
+        json(res, 202, { sessionId, status: "started" });
+        return;
+      }
+      if (pathname === "/session/:id/prompt" && method === "POST") {
+      }
+      const sessionPromptMatch = pathname.match(/^\/session\/([^/]+)\/prompt$/);
+      if (sessionPromptMatch && method === "POST") {
+        const sessionId = sessionPromptMatch[1];
+        const active = activeSessions.get(sessionId);
+        if (!active) {
+          notFound(res, `session ${sessionId} not found or expired`);
+          return;
+        }
+        const body = await readBody(req);
+        const prompt = typeof body.prompt === "string" ? body.prompt : "";
+        const files = Array.isArray(body.files) ? body.files.filter((f) => typeof f === "string") : [];
+        const allowAll = body.allowAll === true;
+        if (!prompt) {
+          badRequest(res, "prompt is required");
+          return;
+        }
+        const resolvedFiles = await resolveFiles2(files, active.sessionFile.cwd);
+        const userContent = await buildUserMessage2(prompt, resolvedFiles, active.sessionFile.cwd);
+        active.messages.push({ role: "user", content: userContent });
+        runAgentTurnForSession(active, config2, allowAll);
+        json(res, 202, { sessionId, status: "started" });
+        return;
+      }
+      notFound(res, `unknown endpoint: ${method} ${pathname}`);
+    } catch (err) {
+      logger.error("server: request error", { error: err.message, path: pathname });
+      json(res, 500, { error: err.message });
+    }
+  }
+  function cleanup() {
+    for (const [, active] of activeSessions) {
+      for (const client of active.sseClients) {
+        client.close();
+      }
+    }
+    activeSessions.clear();
+  }
+  return { handleRequest, cleanup };
+}
+async function runAgentTurnForSession(active, config2, allowAll) {
+  const controller = new AbortController();
+  const { sessionFile, messages, executor } = active;
+  const callbacks = {
+    onTextDelta: (delta) => {
+      for (const client of active.sseClients) {
+        client.send("assistant.delta", { delta });
+      }
+    },
+    onToolCallFinalized: (call) => {
+      for (const client of active.sseClients) {
+        client.send("tool.call", {
+          id: call.id,
+          name: call.function.name,
+          arguments: call.function.arguments
+        });
+      }
+    },
+    onToolResult: (result) => {
+      for (const client of active.sseClients) {
+        client.send("tool.result", {
+          toolCallId: result.tool_call_id,
+          name: result.name,
+          content: result.content,
+          ok: result.ok
+        });
+      }
+    },
+    onUsage: (usage) => {
+      for (const client of active.sseClients) {
+        client.send("usage.update", {
+          promptTokens: usage.prompt_tokens,
+          completionTokens: usage.completion_tokens,
+          totalTokens: usage.total_tokens
+        });
+      }
+    },
+    onWarning: (msg) => {
+      for (const client of active.sseClients) {
+        client.send("warning", { message: msg });
+      }
+    },
+    askPermission: async ({ tool, args }) => {
+      if (allowAll) return "allow";
+      if (config2.permissions) {
+        const rule = evaluatePermissionRules({ tool: tool.name, args, cwd: sessionFile.cwd }, config2.permissions);
+        if (rule === "allow") return "allow";
+        if (rule === "deny") {
+          for (const client of active.sseClients) {
+            client.send("permission.denied", { tool: tool.name, args, reason: "config_rule" });
+          }
+          return "deny";
+        }
+      }
+      for (const client of active.sseClients) {
+        client.send("permission.request", { tool: tool.name, args });
+      }
+      return "deny";
+    }
+  };
+  try {
+    await runAgentTurn({
+      accountId: config2.accountId,
+      apiToken: config2.apiToken,
+      model: sessionFile.model,
+      messages,
+      tools: ALL_TOOLS,
+      executor,
+      cwd: sessionFile.cwd,
+      signal: controller.signal,
+      codeMode: config2.codeMode,
+      callbacks
+    });
+    sessionFile.messages = messages;
+    sessionFile.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+    await saveSession(sessionFile);
+    for (const client of active.sseClients) {
+      client.send("session.completed", { sessionId: sessionFile.id });
+    }
+  } catch (err) {
+    const message2 = err.message;
+    logger.error("server: agent turn failed", { sessionId: sessionFile.id, error: message2 });
+    for (const client of active.sseClients) {
+      client.send("error", { message: message2, sessionId: sessionFile.id });
+    }
+  }
+}
+var activeSessions;
+var init_routes = __esm({
+  "src/server/routes.ts"() {
+    "use strict";
+    init_loop();
+    init_system_prompt();
+    init_executor();
+    init_sessions();
+    init_logger();
+    init_sse2();
+    init_openapi();
+    init_permissions_evaluator();
+    init_image();
+    init_glob();
+    activeSessions = /* @__PURE__ */ new Map();
+  }
+});
+
+// src/server/index.ts
+var server_exports = {};
+__export(server_exports, {
+  startServer: () => startServer
+});
+import { createServer } from "http";
+async function startServer(opts2) {
+  const { handleRequest, cleanup } = setupRoutes(opts2.config);
+  const server = createServer((req, res) => {
+    res.setHeader("Access-Control-Allow-Origin", "*");
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, Last-Event-ID");
+    if (req.method === "OPTIONS") {
+      res.writeHead(204);
+      res.end();
+      return;
+    }
+    const password = process.env.KIMIFLARE_SERVER_PASSWORD;
+    if (password) {
+      const auth = req.headers.authorization ?? "";
+      const expected = "Basic " + Buffer.from(`kimiflare:${password}`).toString("base64");
+      if (auth !== expected) {
+        res.writeHead(401, { "WWW-Authenticate": 'Basic realm="kimiflare"' });
+        res.end(JSON.stringify({ error: "Unauthorized" }));
+        return;
+      }
+    }
+    void handleRequest(req, res);
+  });
+  server.on("close", () => {
+    cleanup();
+  });
+  const shutdown = () => {
+    logger.info("server: shutting down gracefully");
+    server.close(() => {
+      cleanup();
+      process.exit(0);
+    });
+    setTimeout(() => {
+      logger.warn("server: forced shutdown");
+      process.exit(1);
+    }, 1e4);
+  };
+  process.on("SIGINT", shutdown);
+  process.on("SIGTERM", shutdown);
+  return new Promise((resolve8, reject) => {
+    server.listen(opts2.port, opts2.hostname, () => {
+      logger.info("server: listening", { hostname: opts2.hostname, port: opts2.port });
+      console.log(`kimiflare serve: http://${opts2.hostname}:${opts2.port}`);
+      console.log(`  API docs: http://${opts2.hostname}:${opts2.port}/doc`);
+      console.log(`  SSE stream: http://${opts2.hostname}:${opts2.port}/event`);
+      resolve8(server);
+    });
+    server.on("error", reject);
+  });
+}
+var init_server = __esm({
+  "src/server/index.ts"() {
+    "use strict";
+    init_logger();
+    init_routes();
+  }
+});
+
 // src/memory/schema.ts
 var DEFAULT_EMBEDDING_DIM;
 var init_schema = __esm({
@@ -9230,8 +10386,8 @@ __export(db_exports, {
   updateMemoryEmbedding: () => updateMemoryEmbedding
 });
 import Database from "better-sqlite3";
-import { dirname as dirname8 } from "path";
-import { mkdirSync as mkdirSync2, statSync as statSync3 } from "fs";
+import { dirname as dirname9 } from "path";
+import { mkdirSync as mkdirSync3, statSync as statSync3 } from "fs";
 function initSchema(db) {
   db.exec(`
     CREATE TABLE IF NOT EXISTS memories (
@@ -9315,7 +10471,7 @@ function openMemoryDb(dbPath) {
   if (dbInstance) {
     dbInstance.close();
   }
-  mkdirSync2(dirname8(dbPath), { recursive: true });
+  mkdirSync3(dirname9(dbPath), { recursive: true });
   dbInstance = new Database(dbPath);
   dbInstance.pragma("journal_mode = WAL");
   dbInstance.pragma("foreign_keys = ON");
@@ -9656,8 +10812,8 @@ function computeExactScore(memory, queryText, cwd) {
   let score = 0;
   const lowerQuery = queryText.toLowerCase();
   for (const file of memory.relatedFiles) {
-    const basename6 = file.split("/").pop() ?? file;
-    if (lowerQuery.includes(basename6.toLowerCase()) || basename6.toLowerCase().includes(lowerQuery)) {
+    const basename8 = file.split("/").pop() ?? file;
+    if (lowerQuery.includes(basename8.toLowerCase()) || basename8.toLowerCase().includes(lowerQuery)) {
       score += 0.3;
     }
     if (cwd && file.startsWith(cwd)) {
@@ -9892,7 +11048,7 @@ function pickTopicKey(content, existingKeys) {
   return normalized;
 }
 var SECRET_PATTERNS, VERIFY_SYSTEM, HYPOTHETICAL_QUERIES_SYSTEM, MemoryManager;
-var init_manager = __esm({
+var init_manager2 = __esm({
   "src/memory/manager.ts"() {
     "use strict";
     init_client();
@@ -10237,7 +11393,7 @@ Context: This memory was explicitly provided by the user during a conversation.`
 });
 
 // src/lsp/connection.ts
-import { spawn as spawn2 } from "child_process";
+import { spawn as spawn3 } from "child_process";
 import { EventEmitter } from "events";
 var LspConnection;
 var init_connection = __esm({
@@ -10259,7 +11415,7 @@ var init_connection = __esm({
         if (this.child) {
           throw new Error("LSP connection already started");
         }
-        return new Promise((resolve5, reject) => {
+        return new Promise((resolve8, reject) => {
           const abortController = new AbortController();
           const spawnTimer = setTimeout(() => {
             abortController.abort();
@@ -10267,7 +11423,7 @@ var init_connection = __esm({
             reject(new Error(`LSP server spawn timed out after ${spawnTimeoutMs}ms`));
           }, spawnTimeoutMs);
           try {
-            const child = spawn2(command[0], command.slice(1), {
+            const child = spawn3(command[0], command.slice(1), {
               env: { ...process.env, ...env2 },
               stdio: ["pipe", "pipe", "pipe"]
             });
@@ -10298,7 +11454,7 @@ var init_connection = __esm({
               if (child.pid) {
                 clearTimeout(spawnTimer);
                 this.child = child;
-                resolve5();
+                resolve8();
               }
             });
           } catch (err) {
@@ -10313,12 +11469,12 @@ var init_connection = __esm({
         }
         const id = this.nextId++;
         const msg = { jsonrpc: "2.0", id, method, params };
-        return new Promise((resolve5, reject) => {
+        return new Promise((resolve8, reject) => {
           const timer2 = setTimeout(() => {
             this.pending.delete(id);
             reject(toolTimeoutError(`LSP request '${method}'`, this.requestTimeoutMs));
           }, this.requestTimeoutMs);
-          const pending = { resolve: resolve5, reject, signal, timer: timer2 };
+          const pending = { resolve: resolve8, reject, signal, timer: timer2 };
           this.pending.set(id, pending);
           if (signal) {
             const onAbort = () => {
@@ -10654,7 +11810,7 @@ var init_client2 = __esm({
 
 // src/lsp/manager.ts
 var DEFAULT_LSP_TIMEOUT_MS, DEFAULT_LSP_MAX_RESTART_ATTEMPTS, RESTART_BASE_DELAY_MS, RESTART_MAX_DELAY_MS, LspManager;
-var init_manager2 = __esm({
+var init_manager3 = __esm({
   "src/lsp/manager.ts"() {
     "use strict";
     init_connection();
@@ -10882,10 +12038,10 @@ var init_manager2 = __esm({
 });
 
 // src/lsp/adapter.ts
-import { relative as relative3 } from "path";
+import { relative as relative4 } from "path";
 function formatLocation(loc, cwd) {
   const path = fromUri(loc.uri);
-  const rel = relative3(cwd, path) || path;
+  const rel = relative4(cwd, path) || path;
   return `${rel}:${loc.range.start.line + 1}:${loc.range.start.character + 1}`;
 }
 function formatLocations(locs, cwd) {
@@ -10922,7 +12078,7 @@ function formatWorkspaceSymbols(symbols, cwd) {
   if (!symbols || symbols.length === 0) return "No symbols found.";
   return symbols.map((s) => {
     const path = fromUri(s.location.uri);
-    const rel = relative3(cwd, path) || path;
+    const rel = relative4(cwd, path) || path;
     const container = s.containerName ? ` in ${s.containerName}` : "";
     return `${s.name} (${symbolKindName(s.kind)})${container} \u2014 ${rel}:${s.location.range.start.line + 1}:${s.location.range.start.character + 1}`;
   }).join("\n");
@@ -10942,7 +12098,7 @@ function formatWorkspaceEdit(edit, cwd) {
   if (edit.changes) {
     for (const [uri, edits] of Object.entries(edit.changes)) {
       const path = fromUri(uri);
-      const rel = relative3(cwd, path) || path;
+      const rel = relative4(cwd, path) || path;
       lines.push(`File: ${rel}`);
       for (const e of edits) {
         lines.push(`  ${e.range.start.line + 1}:${e.range.start.character + 1}-${e.range.end.line + 1}:${e.range.end.character + 1}: ${e.newText}`);
@@ -10967,7 +12123,7 @@ var init_adapter = __esm({
 });
 
 // src/tools/lsp.ts
-import { relative as relative4 } from "path";
+import { relative as relative5 } from "path";
 function makeOutput2(content) {
   const bytes = Buffer.byteLength(content, "utf8");
   return { content, rawBytes: bytes, reducedBytes: bytes };
@@ -10975,7 +12131,7 @@ function makeOutput2(content) {
 function resolveLspPath(args, ctx) {
   const raw = typeof args.path === "string" ? args.path : "";
   const resolved = resolvePath(ctx.cwd, raw);
-  const rel = relative4(ctx.cwd, resolved);
+  const rel = relative5(ctx.cwd, resolved);
   if (isPathOutside(rel)) {
     throw new Error(`Path outside workspace: ${raw}`);
   }
@@ -11259,20 +12415,20 @@ var init_pricing = __esm({
 });
 
 // src/usage-tracker.ts
-import { readFile as readFile13, writeFile as writeFile10, mkdir as mkdir9 } from "fs/promises";
-import { homedir as homedir11 } from "os";
-import { join as join20 } from "path";
+import { readFile as readFile16, writeFile as writeFile10, mkdir as mkdir9 } from "fs/promises";
+import { homedir as homedir13 } from "os";
+import { join as join21 } from "path";
 import { EventEmitter as EventEmitter2 } from "events";
 import { randomUUID } from "crypto";
 function usageDir2() {
-  const xdg = process.env.XDG_DATA_HOME || join20(homedir11(), ".local", "share");
-  return join20(xdg, "kimiflare");
+  const xdg = process.env.XDG_DATA_HOME || join21(homedir13(), ".local", "share");
+  return join21(xdg, "kimiflare");
 }
 function usagePath2() {
-  return join20(usageDir2(), "usage.json");
+  return join21(usageDir2(), "usage.json");
 }
 function historyPath() {
-  return join20(usageDir2(), "history.jsonl");
+  return join21(usageDir2(), "history.jsonl");
 }
 function today2() {
   return (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
@@ -11283,7 +12439,7 @@ function cutoffDate(daysBack) {
 }
 async function loadLog2() {
   try {
-    const raw = await readFile13(usagePath2(), "utf8");
+    const raw = await readFile16(usagePath2(), "utf8");
     const parsed = JSON.parse(raw);
     if (parsed.version === LOG_VERSION2) return parsed;
   } catch {
@@ -11301,7 +12457,7 @@ function withLock(fn) {
 }
 async function loadHistory() {
   try {
-    const raw = await readFile13(historyPath(), "utf8");
+    const raw = await readFile16(historyPath(), "utf8");
     const lines = raw.split("\n").filter((l) => l.trim());
     const entries = [];
     for (const line of lines) {
@@ -11717,372 +12873,25 @@ var init_permissions = __esm({
   }
 });
 
-// src/hooks/types.ts
-var HOOK_EVENTS;
-var init_types2 = __esm({
-  "src/hooks/types.ts"() {
-    "use strict";
-    HOOK_EVENTS = [
-      "PreToolUse",
-      "PostToolUse",
-      "UserPromptSubmit",
-      "Stop",
-      "PreCompact"
-    ];
-  }
-});
-
-// src/hooks/settings.ts
-import { existsSync as existsSync2, readFileSync as readFileSync3, mkdirSync as mkdirSync3, writeFileSync } from "fs";
-import { homedir as homedir12 } from "os";
-import { join as join21, dirname as dirname9 } from "path";
-import { createHash } from "crypto";
-function globalSettingsPath() {
-  const xdg = process.env.XDG_CONFIG_HOME || join21(homedir12(), ".config");
-  return join21(xdg, "kimiflare", "settings.json");
-}
-function projectSettingsPath(cwd) {
-  return join21(cwd, ".kimiflare", "settings.json");
-}
-function readSettingsFile(path) {
-  if (!existsSync2(path)) return null;
-  try {
-    const raw = readFileSync3(path, "utf8");
-    const parsed = JSON.parse(raw);
-    return parsed && typeof parsed === "object" ? parsed : null;
-  } catch {
-    return null;
-  }
-}
-function deriveHookId(event, command) {
-  const h = createHash("sha256").update(`${event}\0${command}`).digest("hex");
-  return h.slice(0, 8);
-}
-function normalizeHook(event, raw, source) {
-  if (!raw || typeof raw !== "object") return null;
-  const r = raw;
-  if (typeof r.command !== "string" || !r.command.trim()) return null;
-  const enabled = typeof r.enabled === "boolean" ? r.enabled : true;
-  const matcher = typeof r.matcher === "string" ? r.matcher : void 0;
-  const timeoutMs = typeof r.timeoutMs === "number" && r.timeoutMs > 0 ? r.timeoutMs : void 0;
-  const description = typeof r.description === "string" ? r.description : void 0;
-  const id = typeof r.id === "string" && r.id.length > 0 ? r.id : deriveHookId(event, r.command);
-  return { id, matcher, command: r.command, timeoutMs, enabled, description, source };
-}
-function mergeHookMaps(a, b) {
-  const out = {};
-  for (const ev of HOOK_EVENTS) {
-    const left = a?.[ev] ?? [];
-    const right = b?.[ev] ?? [];
-    if (left.length + right.length === 0) continue;
-    out[ev] = [...left, ...right];
-  }
-  return out;
-}
-function loadHooksSettings(cwd) {
-  const global = readSettingsFile(globalSettingsPath());
-  const project = readSettingsFile(projectSettingsPath(cwd));
-  const normalized = (raw, source) => {
-    const out = {};
-    for (const ev of HOOK_EVENTS) {
-      const list = raw?.hooks?.[ev];
-      if (!Array.isArray(list)) continue;
-      const cleaned = list.map((h) => normalizeHook(ev, h, source)).filter((h) => h !== null);
-      if (cleaned.length > 0) out[ev] = cleaned;
-    }
-    return out;
-  };
-  const merged = mergeHookMaps(normalized(global, "global"), normalized(project, "project"));
-  return { hooks: merged };
-}
-function appendHook(scope, cwd, event, hook) {
-  const path = scope === "global" ? globalSettingsPath() : projectSettingsPath(cwd);
-  const existing = readSettingsFile(path) ?? {};
-  const hooks = existing.hooks ?? {};
-  const list = hooks[event] ?? [];
-  const { source: _src, ...toWrite } = hook;
-  const newId = toWrite.id ?? deriveHookId(event, toWrite.command);
-  const byId = /* @__PURE__ */ new Map();
-  for (const raw of list) {
-    if (!raw || typeof raw !== "object") continue;
-    const h = raw;
-    if (typeof h.command !== "string") continue;
-    const id = h.id ?? deriveHookId(event, h.command);
-    if (byId.has(id)) continue;
-    byId.set(id, h);
-  }
-  byId.set(newId, { ...toWrite, id: newId });
-  hooks[event] = Array.from(byId.values()).map((h) => {
-    if (hook.id) return h;
-    const { id: _id, ...rest } = h;
-    return rest;
-  });
-  existing.hooks = hooks;
-  mkdirSync3(dirname9(path), { recursive: true });
-  writeFileSync(path, JSON.stringify(existing, null, 2) + "\n", "utf8");
-  return path;
-}
-function setHookEnabled(cwd, id, enabled) {
-  for (const [scope, path] of [
-    ["global", globalSettingsPath()],
-    ["project", projectSettingsPath(cwd)]
-  ]) {
-    const existing = readSettingsFile(path);
-    if (!existing?.hooks) continue;
-    let changed = false;
-    for (const ev of HOOK_EVENTS) {
-      const list = existing.hooks[ev];
-      if (!Array.isArray(list)) continue;
-      for (const hook of list) {
-        if (!hook || typeof hook !== "object") continue;
-        const h = hook;
-        const hookId = h.id ?? deriveHookId(ev, h.command);
-        if (hookId === id) {
-          h.enabled = enabled;
-          changed = true;
-        }
-      }
-    }
-    if (changed) {
-      mkdirSync3(dirname9(path), { recursive: true });
-      writeFileSync(path, JSON.stringify(existing, null, 2) + "\n", "utf8");
-      return path;
-    }
-    void scope;
-  }
-  return null;
-}
-var init_settings = __esm({
-  "src/hooks/settings.ts"() {
-    "use strict";
-    init_types2();
-  }
-});
-
-// src/hooks/runner.ts
-import { spawn as spawn3 } from "child_process";
-function isVetoEvent(event) {
-  return event === "PreToolUse" || event === "UserPromptSubmit";
-}
-function buildHookEnv(payload) {
-  const env2 = {
-    KIMIFLARE_HOOK_EVENT: payload.event,
-    KIMIFLARE_HOOK_CWD: payload.cwd,
-    KIMIFLARE_HOOK_PAYLOAD: JSON.stringify(payload)
-  };
-  if (payload.session_id) env2.KIMIFLARE_HOOK_SESSION_ID = payload.session_id;
-  if (payload.event === "PreToolUse" || payload.event === "PostToolUse") {
-    const p = payload;
-    env2.KIMIFLARE_HOOK_TOOL = p.tool;
-    const path = p.args.path;
-    if (typeof path === "string") env2.KIMIFLARE_HOOK_PATH = path;
-    if (p.tier) env2.KIMIFLARE_HOOK_TIER = p.tier;
-    if (p.event === "PostToolUse") {
-      env2.KIMIFLARE_HOOK_RESULT_OK = String(p.result.ok);
-      const ec = p.result.errorCode;
-      if (ec) env2.KIMIFLARE_HOOK_RESULT_ERROR_CODE = ec;
-    }
-  }
-  if (payload.event === "UserPromptSubmit") {
-    const p = payload;
-    if (p.tier) env2.KIMIFLARE_HOOK_TIER = p.tier;
-  }
-  return env2;
-}
-function capStream(s) {
-  if (Buffer.byteLength(s, "utf8") <= STREAM_CAP_BYTES) return s;
-  let cut = s;
-  while (Buffer.byteLength(cut, "utf8") > STREAM_CAP_BYTES) {
-    cut = cut.slice(0, Math.floor(cut.length * 0.9));
-  }
-  return `${cut}
-[\u2026truncated]`;
-}
-async function runHook(hook, payload, signal) {
-  const start = Date.now();
-  const timeoutMs = hook.timeoutMs ?? DEFAULT_TIMEOUT_MS;
-  const env2 = { ...process.env, ...buildHookEnv(payload) };
-  const json = JSON.stringify(payload);
-  const id = hook.id ?? "anonymous";
-  let result;
-  try {
-    result = await spawnImpl(hook.command, json, env2, payload.cwd, timeoutMs, signal);
-  } catch (e) {
-    return {
-      id,
-      exitCode: null,
-      stdout: "",
-      stderr: e instanceof Error ? e.message : String(e),
-      timedOut: false,
-      durationMs: Date.now() - start
-    };
-  }
-  return {
-    id,
-    exitCode: result.exitCode,
-    stdout: capStream(result.stdout.trim()),
-    stderr: capStream(result.stderr.trim()),
-    timedOut: result.timedOut,
-    durationMs: Date.now() - start
-  };
-}
-function filterHooks(hooks, toolName) {
-  if (!hooks || hooks.length === 0) return [];
-  return hooks.filter((h) => {
-    if (h.enabled === false) return false;
-    if (!h.matcher) return true;
-    if (!toolName) return true;
-    try {
-      return new RegExp(h.matcher).test(toolName);
-    } catch {
-      return false;
-    }
-  });
-}
-async function runHooks(event, hooks, payload, toolName = null, signal) {
-  const matched = filterHooks(hooks, toolName);
-  const outcomes = [];
-  const veto = isVetoEvent(event);
-  const vetoReasons = [];
-  let vetoed = false;
-  for (const hook of matched) {
-    const outcome = await runHook(hook, payload, signal);
-    outcomes.push(outcome);
-    if (outcome.timedOut) {
-      logger.warn("hook:timeout", {
-        event,
-        id: outcome.id,
-        timeoutMs: hook.timeoutMs ?? DEFAULT_TIMEOUT_MS
-      });
-    } else if (outcome.exitCode !== 0 && outcome.exitCode !== null) {
-      logger.info("hook:nonzero_exit", {
-        event,
-        id: outcome.id,
-        exitCode: outcome.exitCode
-      });
-    }
-    if (veto && (outcome.exitCode !== 0 || outcome.timedOut)) {
-      vetoed = true;
-      const reason = outcome.stdout || outcome.stderr || `hook ${outcome.id} exited ${outcome.exitCode}`;
-      vetoReasons.push(reason);
-      break;
-    }
-  }
-  return { outcomes, vetoed, vetoReason: vetoReasons.join("\n") };
-}
-var DEFAULT_TIMEOUT_MS, STREAM_CAP_BYTES, defaultSpawn, spawnImpl;
-var init_runner = __esm({
-  "src/hooks/runner.ts"() {
-    "use strict";
-    init_logger();
-    DEFAULT_TIMEOUT_MS = 3e4;
-    STREAM_CAP_BYTES = 4 * 1024;
-    defaultSpawn = (command, payloadJson, env2, cwd, timeoutMs, signal) => new Promise((resolve5) => {
-      const child = spawn3(command, {
-        shell: true,
-        cwd,
-        env: env2,
-        stdio: ["pipe", "pipe", "pipe"]
-      });
-      let stdout = "";
-      let stderr = "";
-      let settled = false;
-      const finish = (exitCode, timedOut = false) => {
-        if (settled) return;
-        settled = true;
-        clearTimeout(timer2);
-        signal?.removeEventListener("abort", onAbort);
-        resolve5({ exitCode, stdout, stderr, timedOut });
-      };
-      const onAbort = () => {
-        child.kill("SIGTERM");
-        finish(null, true);
-      };
-      const timer2 = setTimeout(() => {
-        child.kill("SIGTERM");
-        finish(null, true);
-      }, timeoutMs);
-      signal?.addEventListener("abort", onAbort);
-      child.stdout.setEncoding("utf8");
-      child.stderr.setEncoding("utf8");
-      child.stdout.on("data", (d) => {
-        stdout += d;
-      });
-      child.stderr.on("data", (d) => {
-        stderr += d;
-      });
-      child.on("error", () => finish(null));
-      child.on("exit", (code) => finish(code));
-      try {
-        child.stdin.end(payloadJson);
-      } catch {
-      }
-    });
-    spawnImpl = defaultSpawn;
-  }
-});
-
-// src/hooks/manager.ts
-var manager_exports = {};
-__export(manager_exports, {
-  HooksManager: () => HooksManager
-});
-var HooksManager;
-var init_manager3 = __esm({
-  "src/hooks/manager.ts"() {
-    "use strict";
-    init_settings();
-    init_runner();
-    HooksManager = class {
-      cwd;
-      settings;
-      constructor(cwd) {
-        this.cwd = cwd;
-        this.settings = loadHooksSettings(cwd);
-      }
-      /** Re-read settings from disk. */
-      reload() {
-        this.settings = loadHooksSettings(this.cwd);
-      }
-      /** All hooks registered for an event, before matcher filtering. */
-      hooksFor(event) {
-        return this.settings.hooks?.[event] ?? [];
-      }
-      /** True if at least one enabled hook would match this event. Cheap
-       *  pre-check the loop can use to avoid building payloads for events
-       *  that have no listeners. */
-      hasEnabledHooks(event) {
-        const list = this.hooksFor(event);
-        return list.some((h) => h.enabled !== false);
-      }
-      /** Fire all matching hooks for `event`. Toolname is used only by
-       *  PreToolUse / PostToolUse matchers. */
-      fire(event, payload, toolName = null, signal) {
-        return runHooks(event, this.hooksFor(event), payload, toolName, signal);
-      }
-    };
-  }
-});
-
 // src/sdk/session.ts
-import { resolve as resolve3 } from "path";
-import { homedir as homedir13 } from "os";
+import { resolve as resolve6 } from "path";
+import { homedir as homedir14 } from "os";
 import { join as join22 } from "path";
 import { existsSync as existsSync3 } from "fs";
 async function createAgentSession(opts2) {
   const config2 = await resolveSdkConfig(opts2);
-  const cwd = resolve3(opts2.cwd ?? process.cwd());
+  const cwd = resolve6(opts2.cwd ?? process.cwd());
   const tools = opts2.tools ?? ALL_TOOLS;
   let hooks;
   if (opts2.enableHooks) {
-    const { HooksManager: HooksManager2 } = await Promise.resolve().then(() => (init_manager3(), manager_exports));
+    const { HooksManager: HooksManager2 } = await Promise.resolve().then(() => (init_manager(), manager_exports));
     hooks = new HooksManager2(cwd);
   }
   const executor = new ToolExecutor(tools, { hooks });
   let memoryManager = null;
   const memoryEnabled = opts2.memoryEnabled ?? config2.memoryEnabled ?? false;
   if (memoryEnabled) {
-    const dbPath = config2.memoryDbPath ?? join22(homedir13(), ".local", "share", "kimiflare", "memory.db");
+    const dbPath = config2.memoryDbPath ?? join22(homedir14(), ".local", "share", "kimiflare", "memory.db");
     memoryManager = new MemoryManager({
       dbPath,
       accountId: config2.accountId,
@@ -12113,7 +12922,7 @@ async function createAgentSession(opts2) {
   }
   let sessionFile;
   if (opts2.sessionId) {
-    const filePath = join22(sessionsDir2(), `${opts2.sessionId}.json`);
+    const filePath = join22(sessionsDir(), `${opts2.sessionId}.json`);
     try {
       sessionFile = await loadSession(filePath);
     } catch {
@@ -12175,8 +12984,8 @@ var init_session = __esm({
     init_loop();
     init_system_prompt();
     init_executor();
-    init_manager();
     init_manager2();
+    init_manager3();
     init_lsp();
     init_sessions();
     init_usage_tracker();
@@ -12272,8 +13081,8 @@ var init_session = __esm({
           const parts = [{ type: "text", text }];
           for (const img of options.images) {
             if ("path" in img) {
-              const { readFile: readFile24 } = await import("fs/promises");
-              const data = await readFile24(img.path, "base64");
+              const { readFile: readFile25 } = await import("fs/promises");
+              const data = await readFile25(img.path, "base64");
               const mimeType = img.path.endsWith(".png") ? "image/png" : img.path.endsWith(".jpg") || img.path.endsWith(".jpeg") ? "image/jpeg" : "image/webp";
               parts.push({ type: "image_url", image_url: { url: `data:${mimeType};base64,${data}` } });
             } else {
@@ -12465,12 +13274,12 @@ var init_session = __esm({
               toolName: req.tool.name,
               args: req.args
             });
-            const decision = await new Promise((resolve5) => {
-              this.permissionResolvers.set(requestId, resolve5);
+            const decision = await new Promise((resolve8) => {
+              this.permissionResolvers.set(requestId, resolve8);
               setTimeout(() => {
                 if (this.permissionResolvers.has(requestId)) {
                   this.permissionResolvers.delete(requestId);
-                  resolve5("deny");
+                  resolve8("deny");
                 }
               }, 3e5);
             });
@@ -12519,7 +13328,7 @@ var init_session = __esm({
               this.lspManager?.notifyChange(path, content);
             } else {
               void import("fs/promises").then(
-                ({ readFile: readFile24 }) => readFile24(path, "utf8").then((c) => this.lspManager?.notifyChange(path, c)).catch(() => {
+                ({ readFile: readFile25 }) => readFile25(path, "utf8").then((c) => this.lspManager?.notifyChange(path, c)).catch(() => {
                 })
               ).catch(() => {
               });
@@ -12801,20 +13610,20 @@ var init_repo_info = __esm({
 });
 
 // src/agent/supervisor.ts
-import { readdir as readdir5, readFile as readFile14, stat as stat5 } from "fs/promises";
+import { readdir as readdir5, readFile as readFile17, stat as stat5 } from "fs/promises";
 import { createHash as createHash2 } from "crypto";
-import { resolve as resolve4, join as join23 } from "path";
+import { resolve as resolve7, join as join23 } from "path";
 async function preReadFilesForWorkers(files, repoRoot, maxChars = DEFAULT_PRE_READ_MAX_CHARS) {
   const results = [];
   const filesRead = [];
   let chars = 0;
   for (const file of files) {
     if (chars >= maxChars) break;
-    const path = resolve4(repoRoot, file);
+    const path = resolve7(repoRoot, file);
     try {
       const s = await stat5(path);
       if (!s.isFile()) continue;
-      const raw = await readFile14(path, "utf8");
+      const raw = await readFile17(path, "utf8");
       const remaining = maxChars - chars;
       const content = raw.length > remaining ? raw.slice(0, remaining) + "\n\u2026 (truncated)" : raw;
       results.push(`--- ${file} ---
@@ -13813,8 +14622,8 @@ async function runEmitMode(opts2) {
   async function nextFollowUp() {
     if (followUpQueue.length > 0) return followUpQueue.shift();
     if (stdinClosed) return null;
-    return new Promise((resolve5) => {
-      followUpResolver = resolve5;
+    return new Promise((resolve8) => {
+      followUpResolver = resolve8;
     });
   }
   const cwd = process.cwd();
@@ -13996,8 +14805,8 @@ ${conflicts.join("\n")}`,
               return "allow";
             }
             if (opts2.multiTurn) {
-              const choice = await new Promise((resolve5) => {
-                pendingPermissions.set(reqId, resolve5);
+              const choice = await new Promise((resolve8) => {
+                pendingPermissions.set(reqId, resolve8);
               });
               if (choice === "allow" || choice === "allow_session") {
                 emit("PermissionGranted", { request_id: reqId });
@@ -14098,9 +14907,246 @@ var init_emit_mode = __esm({
   }
 });
 
+// src/attach-mode.ts
+var attach_mode_exports = {};
+__export(attach_mode_exports, {
+  runAttachMode: () => runAttachMode
+});
+async function runAttachMode(opts2) {
+  const url = opts2.attachUrl.replace(/\/$/, "");
+  const format = opts2.format ?? "text";
+  const endpoint = opts2.sessionId ? `${url}/session/${opts2.sessionId}/prompt` : `${url}/prompt`;
+  const body = {
+    prompt: opts2.prompt,
+    allowAll: opts2.allowAll ?? false
+  };
+  if (opts2.model) body.model = opts2.model;
+  if (opts2.files) body.files = opts2.files;
+  const response = await fetch(endpoint, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) {
+    const text = await response.text().catch(() => "unknown error");
+    console.error(`kimiflare attach: ${response.status} ${text}`);
+    process.exit(1);
+  }
+  const result = await response.json();
+  const sessionId = result.sessionId;
+  if (format === "json") {
+    await streamSseJson(url, sessionId);
+  } else {
+    await streamSse(url, sessionId, format);
+  }
+}
+async function streamSse(url, sessionId, format) {
+  const eventSource = new EventSource(`${url}/event`);
+  let done = false;
+  return new Promise((resolve8, reject) => {
+    eventSource.onmessage = (event) => {
+      try {
+        const data = JSON.parse(event.data);
+        if (data.event === "server.connected") return;
+        switch (data.event) {
+          case "assistant.delta":
+            if (format === "text") {
+              process.stdout.write(data.delta);
+            } else if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "text_delta", delta: data.delta }) + "\n");
+            }
+            break;
+          case "tool.call":
+            if (format === "text") {
+              process.stderr.write(`\x1B[2m[tool ${data.name}(${JSON.stringify(data.arguments)})]\x1B[0m
+`);
+            } else if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "tool_call", id: data.id, name: data.name, arguments: data.arguments }) + "\n");
+            }
+            break;
+          case "tool.result":
+            if (format === "text") {
+              const snippet = data.content.length > 400 ? data.content.slice(0, 400) + "..." : data.content;
+              process.stderr.write(`\x1B[2m[result: ${snippet.replace(/\n/g, " \u23CE ")}]\x1B[0m
+`);
+            } else if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "tool_result", toolCallId: data.toolCallId, name: data.name, content: data.content, ok: data.ok }) + "\n");
+            }
+            break;
+          case "usage.update":
+            if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "usage", promptTokens: data.promptTokens, completionTokens: data.completionTokens, totalTokens: data.totalTokens }) + "\n");
+            }
+            break;
+          case "warning":
+            if (format === "text") {
+              process.stderr.write(`\x1B[33mkimiflare: ${data.message}\x1B[0m
+`);
+            } else if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "warning", message: data.message }) + "\n");
+            }
+            break;
+          case "session.completed":
+            done = true;
+            eventSource.close();
+            if (format === "text") process.stdout.write("\n");
+            resolve8(void 0);
+            break;
+          case "error":
+            done = true;
+            eventSource.close();
+            if (format === "text") {
+              process.stderr.write(`
+\x1B[31mError: ${data.message}\x1B[0m
+`);
+            } else if (format === "stream-json") {
+              process.stdout.write(JSON.stringify({ event: "error", message: data.message }) + "\n");
+            }
+            process.exitCode = 1;
+            resolve8(void 0);
+            break;
+        }
+      } catch {
+      }
+    };
+    eventSource.onerror = () => {
+      if (!done) {
+        eventSource.close();
+        reject(new Error("SSE connection failed"));
+      }
+    };
+    setTimeout(() => {
+      if (!done) {
+        eventSource.close();
+        reject(new Error("SSE stream timed out after 10 minutes"));
+      }
+    }, 6e5);
+  });
+}
+async function streamSseJson(url, sessionId) {
+  const text = [];
+  const toolCalls = [];
+  const toolResults = [];
+  let usage;
+  const eventSource = new EventSource(`${url}/event`);
+  return new Promise((resolve8, reject) => {
+    eventSource.onmessage = (event) => {
+      try {
+        const data = JSON.parse(event.data);
+        if (data.event === "server.connected") return;
+        switch (data.event) {
+          case "assistant.delta":
+            text.push(data.delta);
+            break;
+          case "tool.call":
+            toolCalls.push({ id: data.id, name: data.name, arguments: data.arguments });
+            break;
+          case "tool.result":
+            toolResults.push({ toolCallId: data.toolCallId, name: data.name, content: data.content, ok: data.ok });
+            break;
+          case "usage.update":
+            usage = {
+              promptTokens: data.promptTokens,
+              completionTokens: data.completionTokens,
+              totalTokens: data.totalTokens
+            };
+            break;
+          case "session.completed":
+            eventSource.close();
+            process.stdout.write(
+              JSON.stringify(
+                {
+                  text: text.join(""),
+                  toolCalls,
+                  toolResults,
+                  usage,
+                  sessionId
+                },
+                null,
+                2
+              ) + "\n"
+            );
+            resolve8(void 0);
+            break;
+          case "error":
+            eventSource.close();
+            process.stdout.write(
+              JSON.stringify({ error: data.message, sessionId }, null, 2) + "\n"
+            );
+            process.exitCode = 1;
+            resolve8(void 0);
+            break;
+        }
+      } catch {
+      }
+    };
+    eventSource.onerror = () => {
+      eventSource.close();
+      reject(new Error("SSE connection failed"));
+    };
+    setTimeout(() => {
+      eventSource.close();
+      reject(new Error("SSE stream timed out after 10 minutes"));
+    }, 6e5);
+  });
+}
+var EventSource;
+var init_attach_mode = __esm({
+  "src/attach-mode.ts"() {
+    "use strict";
+    EventSource = class {
+      url;
+      controller;
+      onmessage = null;
+      onerror = null;
+      constructor(url) {
+        this.url = url;
+        this.controller = new AbortController();
+        this.start();
+      }
+      async start() {
+        try {
+          const response = await fetch(this.url, {
+            signal: this.controller.signal,
+            headers: { Accept: "text/event-stream" }
+          });
+          if (!response.ok || !response.body) {
+            this.onerror?.();
+            return;
+          }
+          const reader = response.body.getReader();
+          const decoder = new TextDecoder();
+          let buffer = "";
+          while (true) {
+            const { done, value } = await reader.read();
+            if (done) break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop() ?? "";
+            let currentData = "";
+            for (const line of lines) {
+              if (line.startsWith("data: ")) {
+                currentData = line.slice(6);
+              } else if (line === "" && currentData) {
+                this.onmessage?.({ data: currentData });
+                currentData = "";
+              }
+            }
+          }
+        } catch {
+          this.onerror?.();
+        }
+      }
+      close() {
+        this.controller.abort();
+      }
+    };
+  }
+});
+
 // src/remote/deploy-commute.ts
 import { spawn as spawn4 } from "child_process";
-import { mkdtemp, readFile as readFile15, writeFile as writeFile11, rm } from "fs/promises";
+import { mkdtemp, readFile as readFile18, writeFile as writeFile11, rm } from "fs/promises";
 import { tmpdir as tmpdir3 } from "os";
 import { join as join24 } from "path";
 import { randomBytes as randomBytes2 } from "crypto";
@@ -14115,56 +15161,56 @@ async function cfApiFetch(accountId, apiToken, path, init) {
       ...init?.headers
     }
   });
-  const json = await res.json();
-  return json;
+  const json2 = await res.json();
+  return json2;
 }
 async function listDurableObjectNamespaces(accountId, apiToken) {
-  const json = await cfApiFetch(
+  const json2 = await cfApiFetch(
     accountId,
     apiToken,
     "/workers/durable_objects/namespaces"
   );
-  if (!json.success || !json.result) {
+  if (!json2.success || !json2.result) {
     throw new Error(
-      json.errors?.map((e) => e.message).join(", ") ?? "Failed to list DO namespaces"
+      json2.errors?.map((e) => e.message).join(", ") ?? "Failed to list DO namespaces"
     );
   }
-  return json.result;
+  return json2.result;
 }
 async function deleteDurableObjectNamespace(accountId, apiToken, namespaceId) {
-  const json = await cfApiFetch(
+  const json2 = await cfApiFetch(
     accountId,
     apiToken,
     `/workers/durable_objects/namespaces/${encodeURIComponent(namespaceId)}`,
     { method: "DELETE" }
   );
-  if (!json.success) {
+  if (!json2.success) {
     throw new Error(
-      json.errors?.map((e) => e.message).join(", ") ?? "Failed to delete DO namespace"
+      json2.errors?.map((e) => e.message).join(", ") ?? "Failed to delete DO namespace"
     );
   }
 }
 async function listContainerApplications(accountId, apiToken) {
-  const json = await cfApiFetch(
+  const json2 = await cfApiFetch(
     accountId,
     apiToken,
     "/containers/applications"
   );
-  if (!json.success || !json.result) {
+  if (!json2.success || !json2.result) {
     return [];
   }
-  return json.result;
+  return json2.result;
 }
 async function deleteContainerApplication(accountId, apiToken, appId) {
-  const json = await cfApiFetch(
+  const json2 = await cfApiFetch(
     accountId,
     apiToken,
     `/containers/applications/${encodeURIComponent(appId)}`,
     { method: "DELETE" }
   );
-  if (!json.success) {
+  if (!json2.success) {
     throw new Error(
-      json.errors?.map((e) => e.message).join(", ") ?? "Failed to delete container application"
+      json2.errors?.map((e) => e.message).join(", ") ?? "Failed to delete container application"
     );
   }
 }
@@ -14172,7 +15218,7 @@ function generateSecret2() {
   return randomBytes2(32).toString("hex");
 }
 function runCmd(cmd, args, opts2 = {}) {
-  return new Promise((resolve5) => {
+  return new Promise((resolve8) => {
     const child = spawn4(cmd, args, {
       cwd: opts2.cwd,
       env: { ...process.env, ...opts2.env ?? {} },
@@ -14193,11 +15239,11 @@ function runCmd(cmd, args, opts2 = {}) {
     const timer2 = opts2.timeoutMs ? setTimeout(() => child.kill("SIGKILL"), opts2.timeoutMs) : null;
     child.on("close", (code) => {
       if (timer2) clearTimeout(timer2);
-      resolve5({ stdout, stderr, code: code ?? -1 });
+      resolve8({ stdout, stderr, code: code ?? -1 });
     });
     child.on("error", (err) => {
       if (timer2) clearTimeout(timer2);
-      resolve5({ stdout, stderr: stderr + String(err), code: -1 });
+      resolve8({ stdout, stderr: stderr + String(err), code: -1 });
     });
   });
 }
@@ -14433,7 +15479,7 @@ ${(install.stderr || install.stdout).slice(-1200).trim()}`,
     ok: true
   };
   yield { message: "Patching wrangler.toml\u2026" };
-  let toml = await readFile15(wranglerToml, "utf8");
+  let toml = await readFile18(wranglerToml, "utf8");
   toml = toml.replace(/^name\s*=\s*"[^"]+"/m, `name = "${workerName}"`);
   toml = toml.replace(
     /(\[\[kv_namespaces\]\][\s\S]*?binding\s*=\s*"OAUTH_KV"[\s\S]*?id\s*=\s*")[^"]+(")/,
@@ -14659,45 +15705,6 @@ var init_deploy_commute = __esm({
   }
 });
 
-// src/util/image.ts
-import { readFile as readFile16 } from "fs/promises";
-import { basename as basename3 } from "path";
-async function encodeImageFile(filePath) {
-  const buf = await readFile16(filePath);
-  if (buf.byteLength > MAX_IMAGE_BYTES) {
-    throw new Error(
-      `image too large (${(buf.byteLength / 1024 / 1024).toFixed(1)} MB); max is ${MAX_IMAGE_BYTES / 1024 / 1024} MB`
-    );
-  }
-  const ext = filePath.slice(filePath.lastIndexOf(".")).toLowerCase();
-  const mime = EXT_TO_MIME[ext] ?? "image/jpeg";
-  const b64 = buf.toString("base64");
-  return {
-    filename: basename3(filePath),
-    mime,
-    dataUrl: `data:${mime};base64,${b64}`
-  };
-}
-function isImagePath(path) {
-  const ext = path.slice(path.lastIndexOf(".")).toLowerCase();
-  return ext in EXT_TO_MIME;
-}
-var MAX_IMAGE_BYTES, EXT_TO_MIME;
-var init_image = __esm({
-  "src/util/image.ts"() {
-    "use strict";
-    MAX_IMAGE_BYTES = 5 * 1024 * 1024;
-    EXT_TO_MIME = {
-      ".png": "image/png",
-      ".jpg": "image/jpeg",
-      ".jpeg": "image/jpeg",
-      ".gif": "image/gif",
-      ".webp": "image/webp",
-      ".bmp": "image/bmp"
-    };
-  }
-});
-
 // src/ui/app-helpers.ts
 var app_helpers_exports = {};
 __export(app_helpers_exports, {
@@ -15342,7 +16349,7 @@ var init_frontmatter = __esm({
 });
 
 // src/skills/loader.ts
-import { readFile as readFile17, readdir as readdir6, stat as stat6 } from "fs/promises";
+import { readFile as readFile19, readdir as readdir6, stat as stat6 } from "fs/promises";
 import { join as join26, extname } from "path";
 function normalizeManifest(raw, filePath) {
   const name = typeof raw.name === "string" ? raw.name : "";
@@ -15357,7 +16364,7 @@ function normalizeManifest(raw, filePath) {
   return { name, description, match, scope, priority, enabled };
 }
 async function loadSkillFile(filePath) {
-  const raw = await readFile17(filePath, "utf-8");
+  const raw = await readFile19(filePath, "utf-8");
   const parsed = parseFrontmatter(raw);
   const manifest = normalizeManifest(parsed.data, filePath);
   const body = parsed.content.trim();
@@ -15407,7 +16414,7 @@ var init_loader = __esm({
 });
 
 // src/skills/discovery.ts
-import { readdir as readdir7, stat as stat7, readFile as readFile18 } from "fs/promises";
+import { readdir as readdir7, stat as stat7, readFile as readFile20 } from "fs/promises";
 import { join as join27, extname as extname2 } from "path";
 async function dirExists(path) {
   try {
@@ -15445,7 +16452,7 @@ async function discoverSkills(cwd) {
   return ordered;
 }
 async function readSkillFile(filePath) {
-  const bytes = await readFile18(filePath);
+  const bytes = await readFile20(filePath);
   return { bytes, text: bytes.toString("utf-8") };
 }
 var SKILL_EXTENSIONS;
@@ -16677,8 +17684,8 @@ var init_one_dark = __esm({
 });
 
 // src/ui/theme.ts
-function normalizeTheme(json) {
-  const obj = json;
+function normalizeTheme(json2) {
+  const obj = json2;
   const palette = obj.palette;
   const normalizeDim = (v) => {
     if (v === void 0) return void 0;
@@ -16860,8 +17867,8 @@ async function listGateways(accountId, apiToken) {
   if (!res.ok) {
     throw new AiGatewayError(await parseCloudflareError(res));
   }
-  const json = await res.json();
-  return Array.isArray(json.result) ? json.result : [];
+  const json2 = await res.json();
+  return Array.isArray(json2.result) ? json2.result : [];
 }
 async function createGateway(accountId, apiToken, id) {
   const res = await doFetch(baseUrl(accountId), {
@@ -16887,15 +17894,15 @@ async function createGateway(accountId, apiToken, id) {
   if (!res.ok) {
     throw new AiGatewayError(await parseCloudflareError(res));
   }
-  const json = await res.json();
-  if (!json.result) {
+  const json2 = await res.json();
+  if (!json2.result) {
     throw new AiGatewayError({
       kind: "other",
       status: res.status,
       message: "Cloudflare returned no gateway result"
     });
   }
-  return json.result;
+  return json2.result;
 }
 async function enableGatewayAuth(accountId, apiToken, gatewayId) {
   const url = `${baseUrl(accountId)}/${encodeURIComponent(gatewayId)}`;
@@ -16952,7 +17959,7 @@ var init_ai_gateway_api = __esm({
 });
 
 // src/skills/manager.ts
-import { mkdir as mkdir10, writeFile as writeFile12, unlink as unlink2, readFile as readFile19 } from "fs/promises";
+import { mkdir as mkdir10, writeFile as writeFile12, unlink as unlink2, readFile as readFile21 } from "fs/promises";
 import { join as join28 } from "path";
 function getSkillDirs(cwd) {
   return {
@@ -17007,7 +18014,7 @@ async function setSkillEnabled(name, enabled, cwd) {
   const all = await listAllSkills(cwd);
   const skill = all.project.find((s) => s.name === name) ?? all.global.find((s) => s.name === name);
   if (!skill) throw new Error(`skill "${name}" not found`);
-  const raw = await readFile19(skill.filePath, "utf-8");
+  const raw = await readFile21(skill.filePath, "utf-8");
   const parsed = parseFrontmatter(raw);
   parsed.data.enabled = enabled;
   const yaml = Object.entries(parsed.data).map(([k, v]) => {
@@ -17091,13 +18098,13 @@ var init_frontmatter2 = __esm({
 
 // src/commands/loader.ts
 import { open, realpath as realpath2 } from "fs/promises";
-import { homedir as homedir14 } from "os";
-import { join as join29, relative as relative5, sep as sep2 } from "path";
+import { homedir as homedir15 } from "os";
+import { join as join29, relative as relative6, sep as sep2 } from "path";
 function projectCommandsDir(cwd = process.cwd()) {
   return join29(cwd, ".kimiflare", "commands");
 }
 function globalCommandsDir() {
-  const xdg = process.env.XDG_CONFIG_HOME || join29(homedir14(), ".config");
+  const xdg = process.env.XDG_CONFIG_HOME || join29(homedir15(), ".config");
   return join29(xdg, "kimiflare", "commands");
 }
 async function loadCustomCommands(cwd = process.cwd()) {
@@ -17152,7 +18159,7 @@ async function resolveSafeDir(dir, source, cwd, warnings) {
     } catch {
       return null;
     }
-    const rel = relative5(realCwd, realDir);
+    const rel = relative6(realCwd, realDir);
     if (rel !== "" && isPathOutside(rel)) {
       warnings.push(`commands dir ${dir} escapes workspace via symlink \u2014 skipped`);
       return null;
@@ -17227,7 +18234,7 @@ async function loadOne(file, rootDir, source, warnings) {
   return cmd;
 }
 function filenameToCommandName(file, rootDir) {
-  const rel = relative5(rootDir, file);
+  const rel = relative6(rootDir, file);
   if (!rel || isPathOutside(rel)) return null;
   const noExt = rel.replace(/\.md$/i, "");
   const parts = noExt.split(sep2).filter((p) => p.length > 0);
@@ -17909,9 +18916,9 @@ import { execSync as execSync6, spawn as spawn6 } from "child_process";
 import { appendFileSync, mkdirSync as mkdirSync4, openSync } from "fs";
 import { unlink as unlink4 } from "fs/promises";
 import { join as join31 } from "path";
-import { homedir as homedir15, platform as platform6 } from "os";
+import { homedir as homedir16, platform as platform6 } from "os";
 import { randomUUID as randomUUID2 } from "crypto";
-import { readFile as readFile20 } from "fs/promises";
+import { readFile as readFile22 } from "fs/promises";
 import QRCode from "qrcode";
 function kimiLog(payload) {
   if (!KIMI_LOG_PATH) return;
@@ -17949,7 +18956,7 @@ function gatewayFromOpts2(opts2) {
 }
 async function runUiMode(opts2) {
   await loadCamouflage();
-  const xdgConfig = process.env.XDG_CONFIG_HOME || join31(homedir15(), ".config");
+  const xdgConfig = process.env.XDG_CONFIG_HOME || join31(homedir16(), ".config");
   const camoDbDir = join31(xdgConfig, "kimiflare");
   try {
     mkdirSync4(camoDbDir, { recursive: true });
@@ -18812,8 +19819,8 @@ Executor opened PR: ${prUrl}` : plan });
               cam.send("PermissionGranted", { request_id: reqId });
               return "allow";
             }
-            const choice = await new Promise((resolve5) => {
-              pendingPermissions.set(reqId, resolve5);
+            const choice = await new Promise((resolve8) => {
+              pendingPermissions.set(reqId, resolve8);
             });
             cam.send(
               choice === "deny" ? "PermissionDenied" : "PermissionGranted",
@@ -18947,12 +19954,12 @@ Executor opened PR: ${prUrl}` : plan });
   async function nextFollowUp() {
     if (followUpQueue.length > 0) return followUpQueue.shift();
     if (aborted2) return null;
-    return new Promise((resolve5) => {
-      followUpResolver = resolve5;
+    return new Promise((resolve8) => {
+      followUpResolver = resolve8;
     });
   }
   async function openInboxModal() {
-    const URL2 = "https://hello.kimiflare.com";
+    const URL3 = "https://hello.kimiflare.com";
     const f = await form(cam, {
       id: `inbox-${Date.now()}`,
       title: "/inbox  \xB7  check for a voice reply",
@@ -18970,7 +19977,7 @@ Executor opened PR: ${prUrl}` : plan });
     let data;
     try {
       const res = await fetch(
-        `${URL2}/inbox/check?u=${encodeURIComponent(handle)}&s=${encodeURIComponent(secret)}`
+        `${URL3}/inbox/check?u=${encodeURIComponent(handle)}&s=${encodeURIComponent(secret)}`
       );
       if (!res.ok) throw new Error(`server returned ${res.status}`);
       data = await res.json();
@@ -18995,7 +20002,7 @@ Executor opened PR: ${prUrl}` : plan });
     });
     if (pick3.cancelled || !pick3.value) return;
     openBrowser2(
-      `${URL2}/inbox?u=${encodeURIComponent(handle)}&s=${encodeURIComponent(secret)}&m=${encodeURIComponent(pick3.value)}`
+      `${URL3}/inbox?u=${encodeURIComponent(handle)}&s=${encodeURIComponent(secret)}&m=${encodeURIComponent(pick3.value)}`
     );
     cam.send("ShowToast", { text: "opened in browser", kind: "success", ttl_ms: 1500 });
   }
@@ -20311,7 +21318,7 @@ Executor opened PR: ${prUrl}` : plan });
               try {
                 const result2 = await createSkill({ name: name2, description: description || void 0, scope, cwd: process.cwd() });
                 if (content) {
-                  const { writeFile: writeFile15 } = await import("fs/promises");
+                  const { writeFile: writeFile14 } = await import("fs/promises");
                   const yamlLines = [
                     `name: ${name2}`,
                     "enabled: true",
@@ -20326,7 +21333,7 @@ ${yamlLines.join("\n")}
 
 ${content}
 `;
-                  await writeFile15(result2.filepath, fileContent, "utf8");
+                  await writeFile14(result2.filepath, fileContent, "utf8");
                 }
                 cam.send("ShowToast", { text: `created skill '${name2}' \u2192 ${result2.filepath}`, kind: "success", ttl_ms: 3e3 });
               } catch (err) {
@@ -20369,7 +21376,7 @@ ${content}
             }
             let currentContent;
             try {
-              currentContent = await readFile20(filepath, "utf-8");
+              currentContent = await readFile22(filepath, "utf-8");
             } catch (err) {
               cam.send("ShowToast", { text: `failed to read skill: ${err instanceof Error ? err.message : String(err)}`, kind: "error", ttl_ms: 3e3 });
               return true;
@@ -20389,8 +21396,8 @@ ${content}
               return true;
             }
             try {
-              const { writeFile: writeFile15 } = await import("fs/promises");
-              await writeFile15(filepath, newContent, "utf8");
+              const { writeFile: writeFile14 } = await import("fs/promises");
+              await writeFile14(filepath, newContent, "utf8");
               cam.send("ShowToast", { text: `updated skill '${name2}' \u2192 ${filepath}`, kind: "success", ttl_ms: 3e3 });
             } catch (err) {
               cam.send("ShowToast", { text: `failed to save skill: ${err instanceof Error ? err.message : String(err)}`, kind: "error", ttl_ms: 3e3 });
@@ -20873,11 +21880,11 @@ var init_ui_mode = __esm({
     init_glob();
     init_errors();
     init_builtins();
-    init_manager();
+    init_manager2();
     init_db2();
     init_manager4();
-    init_manager2();
     init_manager3();
+    init_manager();
     init_lsp();
     init_skills();
     init_storage_limits();
@@ -20900,7 +21907,7 @@ var init_ui_mode = __esm({
     init_worker_client();
     init_builtins();
     init_settings();
-    init_types2();
+    init_types();
     init_recommended();
     init_context_generator();
     init_mode();
@@ -23414,19 +24421,19 @@ function usePermissionController(getMode, onPlanModeBlocked) {
   const onPlanModeBlockedRef = useRef2(onPlanModeBlocked);
   onPlanModeBlockedRef.current = onPlanModeBlocked;
   const askPermission = useCallback2(
-    (req, askOpts) => new Promise((resolve5) => {
+    (req, askOpts) => new Promise((resolve8) => {
       const outcome = decidePermission(req, getModeRef.current(), askOpts);
       if (outcome.kind === "resolve") {
-        resolve5(outcome.decision);
+        resolve8(outcome.decision);
         return;
       }
       if (outcome.kind === "plan_blocked") {
         onPlanModeBlockedRef.current(outcome.toolName);
-        resolve5(AUTO_DENY);
+        resolve8(AUTO_DENY);
         return;
       }
-      resolveRef.current = resolve5;
-      setPending({ tool: req.tool, args: req.args, resolve: resolve5 });
+      resolveRef.current = resolve8;
+      setPending({ tool: req.tool, args: req.args, resolve: resolve8 });
     }),
     []
   );
@@ -25431,7 +26438,7 @@ var init_welcome = __esm({
 // src/commands/renderer.ts
 import { exec } from "child_process";
 import { open as open2, realpath as realpath3 } from "fs/promises";
-import { isAbsolute as isAbsolute2, relative as relative7, resolve as resolvePathJoin, basename as pathBasename } from "path";
+import { isAbsolute as isAbsolute2, relative as relative8, resolve as resolvePathJoin, basename as pathBasename } from "path";
 import { promisify as promisify2 } from "util";
 function tokenizeArgs(s) {
   return [...s.matchAll(ARG_TOKEN_RE)].map((match) => {
@@ -25536,7 +26543,7 @@ async function replaceFiles(prompt, warnings, cmd, cwd, maxFileBytes) {
         return "";
       }
       const resolved = resolvePathJoin(cwd, rawPath);
-      if (isPathOutside(relative7(cwd, resolved))) {
+      if (isPathOutside(relative8(cwd, resolved))) {
         warnings.push(`file inclusion skipped: @${rawPath} \u2014 outside workspace`);
         return "";
       }
@@ -25547,7 +26554,7 @@ async function replaceFiles(prompt, warnings, cmd, cwd, maxFileBytes) {
         warnings.push(`file inclusion failed: @${rawPath} \u2014 ${message(error)}`);
         return "";
       }
-      if (isPathOutside(relative7(realCwd, real))) {
+      if (isPathOutside(relative8(realCwd, real))) {
         warnings.push(`file inclusion skipped: @${rawPath} \u2014 symlink escapes workspace`);
         return "";
       }
@@ -25660,9 +26667,9 @@ var init_wcag = __esm({
 });
 
 // src/ui/theme-loader.ts
-import { readFile as readFile21, readdir as readdir9 } from "fs/promises";
+import { readFile as readFile23, readdir as readdir9 } from "fs/promises";
 import { join as join32 } from "path";
-import { homedir as homedir16 } from "os";
+import { homedir as homedir17 } from "os";
 function projectThemesDir(cwd = process.cwd()) {
   return join32(cwd, ".kimiflare", "themes");
 }
@@ -25756,23 +26763,23 @@ async function loadThemesFromDir(dir, source) {
     const path = join32(dir, file);
     let raw;
     try {
-      raw = await readFile21(path, "utf-8");
+      raw = await readFile23(path, "utf-8");
     } catch (e) {
       errors.push(`${path}: ${e instanceof Error ? e.message : String(e)}`);
       continue;
     }
-    let json;
+    let json2;
     try {
-      json = JSON.parse(raw);
+      json2 = JSON.parse(raw);
     } catch (e) {
       errors.push(`${path}: invalid JSON \u2014 ${e instanceof Error ? e.message : String(e)}`);
       continue;
     }
-    if (!json || typeof json !== "object") {
+    if (!json2 || typeof json2 !== "object") {
       errors.push(`${path}: root must be an object`);
       continue;
     }
-    const obj = json;
+    const obj = json2;
     const fileErrors = [];
     if (typeof obj.name !== "string" || obj.name.length === 0) {
       fileErrors.push("name is required");
@@ -25903,7 +26910,7 @@ var init_theme_loader = __esm({
     init_wcag();
     init_theme();
     USER_THEMES_DIR = join32(
-      process.env.XDG_CONFIG_HOME || join32(homedir16(), ".config"),
+      process.env.XDG_CONFIG_HOME || join32(homedir17(), ".config"),
       "kimiflare",
       "themes"
     );
@@ -30279,11 +31286,11 @@ var tui_report_exports = {};
 __export(tui_report_exports, {
   getCategoryReportText: () => getCategoryReportText
 });
-import { readFile as readFile22 } from "fs/promises";
+import { readFile as readFile24 } from "fs/promises";
 import { join as join33 } from "path";
-import { homedir as homedir17 } from "os";
+import { homedir as homedir18 } from "os";
 function usageDir3() {
-  const xdg = process.env.XDG_DATA_HOME || join33(homedir17(), ".local", "share");
+  const xdg = process.env.XDG_DATA_HOME || join33(homedir18(), ".local", "share");
   return join33(xdg, "kimiflare");
 }
 function usagePath3() {
@@ -30299,7 +31306,7 @@ function daysAgo2(n) {
 }
 async function loadLog3() {
   try {
-    const raw = await readFile22(usagePath3(), "utf8");
+    const raw = await readFile24(usagePath3(), "utf8");
     return JSON.parse(raw);
   } catch {
     return { version: 1, days: [], sessions: [] };
@@ -30429,7 +31436,7 @@ var init_slash_commands = __esm({
     init_executor();
     init_recommended();
     init_settings();
-    init_types2();
+    init_types();
     init_update_check();
     init_version();
     init_app_helpers();
@@ -31972,7 +32979,7 @@ async function runInit(deps) {
           lspManagerRef.current.notifyChange(path, content);
         } else {
           void import("fs/promises").then(
-            ({ readFile: readFile24 }) => readFile24(path, "utf8").then((c) => lspManagerRef.current.notifyChange(path, c)).catch(() => {
+            ({ readFile: readFile25 }) => readFile25(path, "utf8").then((c) => lspManagerRef.current.notifyChange(path, c)).catch(() => {
             })
           );
         }
@@ -32058,9 +33065,9 @@ async function runInit(deps) {
         },
         onGatewayMeta: updateGatewayMeta,
         askPermission: (req) => askForPermission(req, { promptOnBlockedBash: true }),
-        onLoopDetected: () => new Promise((resolve5) => {
-          loopResolveRef.current = resolve5;
-          setLoopModal({ resolve: resolve5 });
+        onLoopDetected: () => new Promise((resolve8) => {
+          loopResolveRef.current = resolve8;
+          setLoopModal({ resolve: resolve8 });
         }),
         onKimiMdStale: () => {
           if (!kimiMdStaleNudgedRef.current) {
@@ -32171,45 +33178,9 @@ var init_run_init = __esm({
   }
 });
 
-// src/util/state.ts
-import { readFile as readFile23, writeFile as writeFile14, mkdir as mkdir12 } from "fs/promises";
-import { homedir as homedir18 } from "os";
-import { join as join36 } from "path";
-function statePath() {
-  const xdg = process.env.XDG_CONFIG_HOME || join36(homedir18(), ".config");
-  return join36(xdg, "kimiflare", "state.json");
-}
-async function readState() {
-  try {
-    const raw = await readFile23(statePath(), "utf8");
-    return JSON.parse(raw);
-  } catch {
-    return {};
-  }
-}
-async function writeState(state) {
-  const path = statePath();
-  await mkdir12(join36(path, ".."), { recursive: true });
-  await writeFile14(path, JSON.stringify(state, null, 2) + "\n", "utf8");
-}
-async function markCreatorMessageSeen(version) {
-  const state = await readState();
-  state.creatorMessageSeenVersion = version;
-  await writeState(state);
-}
-async function shouldShowCreatorMessage(version) {
-  const state = await readState();
-  return state.creatorMessageSeenVersion !== version;
-}
-var init_state = __esm({
-  "src/util/state.ts"() {
-    "use strict";
-  }
-});
-
 // src/ui/run-startup-tasks.ts
 import { existsSync as existsSync7 } from "fs";
-import { join as join37 } from "path";
+import { join as join36 } from "path";
 function runStartupTasks(deps) {
   const {
     cfg,
@@ -32221,46 +33192,16 @@ function runStartupTasks(deps) {
     customCommandsRef,
     setCustomCommandsVersion
   } = deps;
-  void Promise.resolve().then(() => (init_sessions(), sessions_exports)).then(
-    ({ pruneSessions: pruneSessions2 }) => pruneSessions2().then((removed) => {
-      if (removed > 0) {
-        setEvents((e) => [
-          ...e,
-          { kind: "info", key: mkKey2(), text: `pruned ${removed} old session files` }
-        ]);
-      }
-    })
-  );
-  void Promise.resolve().then(() => (init_log_sink(), log_sink_exports)).then(({ pruneOldLogs: pruneOldLogs2, logPathFor: logPathFor2, isLogSinkEnabled: isLogSinkEnabled2 }) => {
+  void Promise.resolve().then(() => (init_sessions(), sessions_exports)).then(({ pruneSessions: pruneSessions2 }) => pruneSessions2());
+  void Promise.resolve().then(() => (init_log_sink(), log_sink_exports)).then(({ pruneOldLogs: pruneOldLogs2, isLogSinkEnabled: isLogSinkEnabled2 }) => {
     if (!isLogSinkEnabled2()) return;
     try {
       pruneOldLogs2();
     } catch {
     }
-    setEvents((e) => [
-      ...e,
-      {
-        kind: "info",
-        key: mkKey2(),
-        text: `structured logs: ${logPathFor2()} (tail with: tail -f $(kimiflare logs path) | jq)`
-      }
-    ]);
-  });
-  void shouldShowCreatorMessage(getAppVersion()).then((shouldShow) => {
-    if (shouldShow) {
-      setEvents((e) => [
-        ...e,
-        {
-          kind: "info",
-          key: mkKey2(),
-          text: "Hey, how do you like this version? I'd love to hear from you \u2014 type /hello to send me a voice note. Only I see it, and I may DM you back."
-        }
-      ]);
-      void markCreatorMessageSeen(getAppVersion());
-    }
   });
   if (cfg.memoryEnabled) {
-    const dbPath = cfg.memoryDbPath ?? join37(process.cwd(), ".kimiflare", "memory.db");
+    const dbPath = cfg.memoryDbPath ?? join36(process.cwd(), ".kimiflare", "memory.db");
     const manager = new MemoryManager({
       dbPath,
       accountId: cfg.accountId,
@@ -32294,7 +33235,7 @@ function runStartupTasks(deps) {
     });
     const cwd = process.cwd();
     sessionStartRecallRef.current = manager.recall({ text: cwd, repoPath: cwd, limit: 5 });
-    if (existsSync7(join37(cwd, "KIMI.md"))) {
+    if (existsSync7(join36(cwd, "KIMI.md"))) {
       const lastRefresh = manager.getLastKimiMdRefreshTime(cwd);
       const driftCount = manager.countHighSignalMemoriesSince(cwd, lastRefresh);
       if (driftCount >= 5) {
@@ -32305,7 +33246,7 @@ function runStartupTasks(deps) {
     memoryManagerRef.current?.close();
     memoryManagerRef.current = null;
   }
-  const skillDbPath = cfg.memoryDbPath ?? join37(process.cwd(), ".kimiflare", "memory.db");
+  const skillDbPath = cfg.memoryDbPath ?? join36(process.cwd(), ".kimiflare", "memory.db");
   const skillDb = getMemoryDb() ?? openMemoryDb(skillDbPath);
   initSkillsSchema(skillDb);
   void indexSkills({
@@ -32348,11 +33289,9 @@ var init_run_startup_tasks = __esm({
     "use strict";
     init_builtins();
     init_loader2();
-    init_manager();
+    init_manager2();
     init_db2();
     init_skills();
-    init_state();
-    init_version();
     init_storage_limits();
     init_app_helpers();
   }
@@ -32458,10 +33397,7 @@ async function initLsp(deps) {
   if (!cfg.lspEnabled || !cfg.lspServers || lspInitRef.current) {
     if (lspInitRef.current) return;
     if (!cfg.lspEnabled) {
-      setEvents((es) => [
-        ...es,
-        { kind: "info", key: mkKey2(), text: "LSP is disabled. Enable it in config to use language servers." }
-      ]);
+      return;
     } else if (!cfg.lspServers || Object.keys(cfg.lspServers).length === 0) {
       setEvents((es) => [
         ...es,
@@ -32774,7 +33710,7 @@ __export(app_exports, {
 import React25, { useState as useState29, useRef as useRef7, useEffect as useEffect11, useCallback as useCallback10, useMemo as useMemo6 } from "react";
 import { Box as Box42, Text as Text43, useApp, useInput as useInput21, render } from "ink";
 import { existsSync as existsSync8 } from "fs";
-import { join as join38 } from "path";
+import { join as join37 } from "path";
 import { jsx as jsx44, jsxs as jsxs42 } from "react/jsx-runtime";
 function App({
   initialCfg,
@@ -34178,7 +35114,7 @@ ${wcagWarnings.join("\n")}` }
         }
       }
       turnCounterRef.current += 1;
-      if (turnCounterRef.current % 15 === 0 && existsSync8(join38(process.cwd(), "KIMI.md")) && !kimiMdStale) {
+      if (turnCounterRef.current % 15 === 0 && existsSync8(join37(process.cwd(), "KIMI.md")) && !kimiMdStale) {
         setEvents((e) => [
           ...e,
           { kind: "info", key: mkKey(), text: "Tip: Rerunning /init occasionally helps KimiFlare stay accurate as your project evolves." }
@@ -34202,7 +35138,7 @@ ${wcagWarnings.join("\n")}` }
                 };
                 ensureSessionId();
                 const { sessionsDir: sessionsDir3 } = await Promise.resolve().then(() => (init_sessions(), sessions_exports));
-                const filePath = join38(sessionsDir3(), `${sessionIdRef.current}.json`);
+                const filePath = join37(sessionsDir3(), `${sessionIdRef.current}.json`);
                 await addCheckpoint(filePath, cp);
               }
               const summary = await generateContinuationSummary({
@@ -34457,13 +35393,13 @@ ${conflicts.join("\n")}` }
           planOptionsRef.current = options;
         },
         askPermission: askForPermission,
-        onToolLimitReached: () => new Promise((resolve5) => {
-          limitResolveRef.current = resolve5;
-          setLimitModal({ limit: 200, resolve: resolve5 });
+        onToolLimitReached: () => new Promise((resolve8) => {
+          limitResolveRef.current = resolve8;
+          setLimitModal({ limit: 200, resolve: resolve8 });
         }),
-        onLoopDetected: () => new Promise((resolve5) => {
-          loopResolveRef.current = resolve5;
-          setLoopModal({ resolve: resolve5 });
+        onLoopDetected: () => new Promise((resolve8) => {
+          loopResolveRef.current = resolve8;
+          setLoopModal({ resolve: resolve8 });
         }),
         onKimiMdStale: () => {
           if (!kimiMdStaleNudgedRef.current) {
@@ -34564,7 +35500,7 @@ ${conflicts.join("\n")}` }
               lspManagerRef.current.notifyChange(path, content2);
             } else {
               void import("fs/promises").then(
-                ({ readFile: readFile24 }) => readFile24(path, "utf8").then((c) => lspManagerRef.current.notifyChange(path, c)).catch(() => {
+                ({ readFile: readFile25 }) => readFile25(path, "utf8").then((c) => lspManagerRef.current.notifyChange(path, c)).catch(() => {
                 })
               );
             }
@@ -34851,7 +35787,7 @@ ${conflicts.join("\n")}` }
         onCommandDelete: handleCommandDelete2,
         lspServers: cfg?.lspServers ?? {},
         lspScope,
-        hasProjectDir: existsSync8(join38(process.cwd(), ".kimiflare")),
+        hasProjectDir: existsSync8(join37(process.cwd(), ".kimiflare")),
         onLspSave: handleLspSave2,
         themes: themeList(),
         onPickTheme: handleThemePick,
@@ -35218,8 +36154,8 @@ var init_app = __esm({
     init_session_state();
     init_executor();
     init_manager4();
-    init_manager2();
     init_manager3();
+    init_manager();
     init_messages();
     init_errors();
     init_abort_scope();
@@ -35278,10 +36214,6 @@ var init_app = __esm({
 // src/index.tsx
 init_config();
 init_lsp_config();
-init_loop();
-init_errors();
-init_system_prompt();
-init_executor();
 init_update_check();
 init_version();
 import { Command as Command2 } from "commander";
@@ -35461,9 +36393,334 @@ function renderLogo(version) {
   return out.join("\n");
 }
 
+// src/print-mode.ts
+init_loop();
+init_system_prompt();
+init_executor();
+init_errors();
+init_sessions();
+init_image();
+init_glob();
+init_permissions_evaluator();
+import { readFile as readFile12 } from "fs/promises";
+import { resolve as resolve4, basename as basename3 } from "path";
+function gatewayFromPrintOpts(opts2) {
+  if (!opts2.aiGatewayId) return void 0;
+  return {
+    id: opts2.aiGatewayId,
+    cacheTtl: opts2.aiGatewayCacheTtl,
+    skipCache: opts2.aiGatewaySkipCache,
+    collectLogPayload: opts2.aiGatewayCollectLogPayload,
+    metadata: opts2.aiGatewayMetadata
+  };
+}
+async function resolveSession(opts2) {
+  if (opts2.sessionId) {
+    const filePath = resolve4(sessionsDir(), `${opts2.sessionId}.json`);
+    try {
+      const file = await loadSession(filePath);
+      return { sessionFile: file, isNew: false };
+    } catch {
+    }
+  }
+  if (opts2.continueSession) {
+    const cwd = opts2.dir ? resolve4(opts2.dir) : process.cwd();
+    const sessions = await listSessions(1, cwd);
+    if (sessions.length > 0) {
+      const filePath = sessions[0].filePath;
+      const file = await loadSession(filePath);
+      return { sessionFile: file, isNew: false };
+    }
+  }
+  const { makeSessionId: makeSessionId2 } = await Promise.resolve().then(() => (init_sessions(), sessions_exports));
+  const id = makeSessionId2(opts2.prompt);
+  return {
+    sessionFile: {
+      id,
+      cwd: opts2.dir ? resolve4(opts2.dir) : process.cwd(),
+      model: opts2.model,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      messages: [],
+      title: opts2.title
+    },
+    isNew: true
+  };
+}
+async function resolveFiles(filePatterns, cwd) {
+  const resolved = /* @__PURE__ */ new Set();
+  for (const pattern of filePatterns) {
+    try {
+      const stat8 = await import("fs/promises").then((m) => m.stat(resolve4(cwd, pattern)));
+      if (stat8.isFile()) {
+        resolved.add(resolve4(cwd, pattern));
+        continue;
+      }
+    } catch {
+    }
+    const matches = await glob(pattern, { cwd, absolute: true });
+    for (const m of matches) {
+      resolved.add(m);
+    }
+  }
+  return [...resolved];
+}
+async function buildUserMessage(prompt, files, cwd) {
+  let text = prompt;
+  const imageParts = [];
+  const fileContents = [];
+  for (const filePath of files) {
+    if (isImagePath(filePath)) {
+      try {
+        const img = await encodeImageFile(filePath);
+        imageParts.push({ type: "image_url", image_url: { url: img.dataUrl } });
+      } catch (e) {
+        fileContents.push(`
+<!-- failed to attach image ${basename3(filePath)}: ${e.message} -->
+`);
+      }
+    } else {
+      try {
+        const content = await readFile12(filePath, "utf8");
+        const relPath = filePath.startsWith(cwd) ? filePath.slice(cwd.length + 1) : filePath;
+        fileContents.push(`
+--- ${relPath} ---
+${content}
+--- end ${relPath} ---
+`);
+      } catch (e) {
+        fileContents.push(`
+<!-- failed to read ${basename3(filePath)}: ${e.message} -->
+`);
+      }
+    }
+  }
+  if (fileContents.length > 0) {
+    text += "\n\n" + fileContents.join("\n");
+  }
+  const display = prompt;
+  if (imageParts.length > 0) {
+    const parts = [{ type: "text", text }];
+    parts.push(...imageParts);
+    return { content: parts, display };
+  }
+  return { content: text, display };
+}
+async function runPrintMode(opts2) {
+  const startMs = Date.now();
+  if (opts2.updateResult.hasUpdate) {
+    process.stderr.write(
+      `\x1B[33mkimiflare update available: ${opts2.updateResult.localVersion} \u2192 ${opts2.updateResult.latestVersion}\x1B[0m
+\x1B[33m  npm update -g kimiflare  then restart\x1B[0m
+
+`
+    );
+  }
+  const cwd = opts2.dir ? resolve4(opts2.dir) : process.cwd();
+  const { HooksManager: HooksManager2 } = await Promise.resolve().then(() => (init_manager(), manager_exports));
+  const hooks = new HooksManager2(cwd);
+  const executor = new ToolExecutor(ALL_TOOLS, { hooks });
+  const { sessionFile, isNew } = await resolveSession(opts2);
+  if (opts2.title && isNew) {
+    sessionFile.title = opts2.title;
+  }
+  const messages = [];
+  if (isNew || sessionFile.messages.length === 0) {
+    messages.push({ role: "system", content: buildSystemPrompt({ cwd, tools: ALL_TOOLS, model: opts2.model }) });
+  } else {
+    const nonSystem = sessionFile.messages.filter((m) => m.role !== "system");
+    messages.push({ role: "system", content: buildSystemPrompt({ cwd, tools: ALL_TOOLS, model: opts2.model }) });
+    messages.push(...nonSystem);
+  }
+  const files = opts2.files ? await resolveFiles(opts2.files, cwd) : [];
+  const { content: userContent } = await buildUserMessage(opts2.prompt, files, cwd);
+  messages.push({ role: "user", content: userContent });
+  const controller = new AbortController();
+  process.on("SIGINT", () => controller.abort());
+  const format = opts2.format ?? "text";
+  let printedReasoningHeader = false;
+  let printedAnswerHeader = false;
+  const jsonOutput = {
+    text: "",
+    toolCalls: [],
+    toolResults: [],
+    durationMs: 0,
+    sessionId: sessionFile.id
+  };
+  function emitStreamJson(eventType, payload) {
+    if (format === "stream-json") {
+      process.stdout.write(JSON.stringify({ event: eventType, ...payload }) + "\n");
+    }
+  }
+  const callbacks = {
+    onReasoningDelta: opts2.showReasoning ? (delta) => {
+      if (format === "text") {
+        if (!printedReasoningHeader) {
+          process.stderr.write("\x1B[2m--- reasoning ---\n");
+          printedReasoningHeader = true;
+        }
+        process.stderr.write(delta);
+      }
+    } : void 0,
+    onTextDelta: (delta) => {
+      if (format === "text") {
+        if (opts2.showReasoning && printedReasoningHeader && !printedAnswerHeader) {
+          process.stderr.write("\n--- answer ---\x1B[0m\n");
+          printedAnswerHeader = true;
+        }
+        process.stdout.write(delta);
+      } else if (format === "json") {
+        jsonOutput.text += delta;
+      } else if (format === "stream-json") {
+        emitStreamJson("text_delta", { delta });
+      }
+    },
+    onToolCallFinalized: (call) => {
+      if (format === "text") {
+        process.stderr.write(`\x1B[2m[tool ${call.function.name}(${call.function.arguments})]\x1B[0m
+`);
+      } else if (format === "json") {
+        let args = {};
+        try {
+          args = JSON.parse(call.function.arguments);
+        } catch {
+        }
+        jsonOutput.toolCalls.push({ id: call.id, name: call.function.name, arguments: args });
+      } else if (format === "stream-json") {
+        emitStreamJson("tool_call", { id: call.id, name: call.function.name, arguments: call.function.arguments });
+      }
+    },
+    onToolResult: (result) => {
+      if (format === "text") {
+        const snippet = result.content.length > 400 ? result.content.slice(0, 400) + "..." : result.content;
+        process.stderr.write(`\x1B[2m[result: ${snippet.replace(/\n/g, " \u23CE ")}]\x1B[0m
+`);
+      } else if (format === "json") {
+        jsonOutput.toolResults.push({
+          toolCallId: result.tool_call_id,
+          name: result.name,
+          content: result.content,
+          ok: result.ok
+        });
+      } else if (format === "stream-json") {
+        emitStreamJson("tool_result", {
+          toolCallId: result.tool_call_id,
+          name: result.name,
+          content: result.content,
+          ok: result.ok
+        });
+      }
+    },
+    onUsage: (usage) => {
+      if (format === "json") {
+        jsonOutput.usage = {
+          promptTokens: usage.prompt_tokens ?? 0,
+          completionTokens: usage.completion_tokens ?? 0,
+          totalTokens: usage.total_tokens ?? 0
+        };
+      } else if (format === "stream-json") {
+        emitStreamJson("usage", {
+          promptTokens: usage.prompt_tokens ?? 0,
+          completionTokens: usage.completion_tokens ?? 0,
+          totalTokens: usage.total_tokens ?? 0
+        });
+      }
+    },
+    onWarning: (msg) => {
+      if (format === "text") {
+        process.stderr.write(`\x1B[33mkimiflare: ${msg}\x1B[0m
+`);
+      } else if (format === "stream-json") {
+        emitStreamJson("warning", { message: msg });
+      }
+    },
+    askPermission: async ({ tool, args }) => {
+      if (opts2.allowAll) return "allow";
+      if (opts2.permissions) {
+        const rule = evaluatePermissionRules({ tool: tool.name, args, cwd }, opts2.permissions);
+        if (rule === "allow") return "allow";
+        if (rule === "deny") {
+          const msg2 = `[permission denied by config rule: ${tool.name}(${JSON.stringify(args)})]`;
+          if (format === "text") process.stderr.write(`\x1B[31m${msg2}\x1B[0m
+`);
+          else if (format === "stream-json") emitStreamJson("permission_denied", { tool: tool.name, args, reason: "config_rule" });
+          return "deny";
+        }
+      }
+      const msg = `[permission denied: ${tool.name}(${JSON.stringify(args)}) \u2014 pass --dangerously-allow-all to approve in print mode, or configure permissions in config.json]`;
+      if (format === "text") {
+        process.stderr.write(`\x1B[31m${msg}\x1B[0m
+`);
+      } else if (format === "stream-json") {
+        emitStreamJson("permission_denied", { tool: tool.name, args });
+      }
+      return "deny";
+    }
+  };
+  try {
+    await runAgentTurn({
+      accountId: opts2.accountId,
+      apiToken: opts2.apiToken,
+      model: opts2.model,
+      gateway: gatewayFromPrintOpts(opts2),
+      messages,
+      tools: ALL_TOOLS,
+      executor,
+      hooks,
+      cwd,
+      signal: controller.signal,
+      codeMode: opts2.codeMode,
+      continueOnLimit: opts2.continueOnLimit,
+      maxInputTokens: opts2.maxInputTokens,
+      coauthor: opts2.coauthor !== false ? { name: opts2.coauthorName || "kimiflare", email: opts2.coauthorEmail || "kimiflare@proton.me" } : void 0,
+      callbacks
+    });
+  } catch (err) {
+    if (err instanceof BudgetExhaustedError) {
+      const msg = "[Budget exhausted \u2014 exiting with code 42]";
+      if (format === "text") process.stderr.write(`
+\x1B[33m${msg}\x1B[0m
+`);
+      else if (format === "stream-json") emitStreamJson("error", { message: msg, code: 42 });
+      process.exitCode = 42;
+      return;
+    }
+    if (err instanceof AgentLoopError) {
+      const msg = "[Agent loop detected \u2014 exiting with code 43]";
+      if (format === "text") process.stderr.write(`
+\x1B[33m${msg}\x1B[0m
+`);
+      else if (format === "stream-json") emitStreamJson("error", { message: msg, code: 43 });
+      process.exitCode = 43;
+      return;
+    }
+    if (err instanceof KimiApiError) {
+      const msg = `Error: ${humanizeCloudflareError(err)}`;
+      if (format === "text") process.stderr.write(`
+\x1B[31m${msg}\x1B[0m
+`);
+      else if (format === "stream-json") emitStreamJson("error", { message: msg, code: 1 });
+      process.exitCode = 1;
+      return;
+    }
+    throw err;
+  }
+  sessionFile.messages = messages;
+  sessionFile.updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+  await saveSession(sessionFile);
+  jsonOutput.durationMs = Date.now() - startMs;
+  if (format === "text") {
+    process.stdout.write("\n");
+  } else if (format === "json") {
+    process.stdout.write(JSON.stringify(jsonOutput, null, 2) + "\n");
+  } else if (format === "stream-json") {
+    emitStreamJson("done", { sessionId: sessionFile.id, durationMs: jsonOutput.durationMs });
+  }
+}
+
 // src/index.tsx
 var program = new Command2();
-program.name("kimiflare").description("Terminal coding agent powered by Kimi-K2.6 on Cloudflare Workers AI.").version(getAppVersion()).option("-p, --print <prompt>", "one-shot mode: send prompt, stream reply to stdout, exit").option("-m, --model <id>", "model id (defaults to @cf/moonshotai/kimi-k2.6)").option("--dangerously-allow-all", "auto-approve every permission prompt (print mode only)").option("--reasoning", "include reasoning in stdout (print mode only)").option("--continue-on-limit", "reset tool-call counter and continue when the 200-call limit is hit (print mode only)").option("--max-input-tokens <n>", "cumulative prompt token budget; exits 42 when exhausted (print mode only)", (v) => parseInt(v, 10)).option("--emit-events", "emit Camouflage NDJSON events to stdout; requires -p (for initial prompt)").option("--multi-turn", "with --emit-events: keep reading stdin for UserInputSubmitted follow-ups after the initial turn").option("--ui <name>", "render UI with the given engine: `ink` (default, stable) or `camouflage` (experimental Rust TUI). Can also be set via the KIMIFLARE_UI environment variable.").option("--camouflage-bin <path>", "with --ui camouflage: path to the camouflage-tui binary (defaults to PATH lookup)").option("--mode <mode>", "run mode: interactive (default), print, rpc");
+program.name("kimiflare").description("Terminal coding agent powered by Kimi-K2.6 on Cloudflare Workers AI.").version(getAppVersion()).option("-p, --print <prompt>", "one-shot mode: send prompt, stream reply to stdout, exit").option("-m, --model <id>", "model id (defaults to @cf/moonshotai/kimi-k2.6)").option("--dangerously-allow-all", "auto-approve every permission prompt (print mode only)").option("--reasoning", "include reasoning in stdout (print mode only)").option("--thinking", "alias for --reasoning").option("--continue-on-limit", "reset tool-call counter and continue when the 200-call limit is hit (print mode only)").option("--max-input-tokens <n>", "cumulative prompt token budget; exits 42 when exhausted (print mode only)", (v) => parseInt(v, 10)).option("--emit-events", "emit Camouflage NDJSON events to stdout; requires -p (for initial prompt)").option("--multi-turn", "with --emit-events: keep reading stdin for UserInputSubmitted follow-ups after the initial turn").option("--ui <name>", "render UI with the given engine: `ink` (default, stable) or `camouflage` (experimental Rust TUI). Can also be set via the KIMIFLARE_UI environment variable.").option("--camouflage-bin <path>", "with --ui camouflage: path to the camouflage-tui binary (defaults to PATH lookup)").option("--mode <mode>", "run mode: interactive (default), print, rpc").option("-c, --continue", "continue the most recent session in the current working directory (print mode only)").option("-S, --session <id>", "resume a specific session by id (print mode only)").option("-f, --file <path>", "attach file(s) to the prompt; repeatable, supports globs (print mode only)", (v, prev) => (prev ?? []).concat(v)).option("--format <mode>", "output format for print mode: text (default), json, stream-json").option("--dir <path>", "run in the specified directory instead of the current one (print mode only)").option("--title <title>", "override the auto-generated session title (print mode only)").option("--attach <url>", "attach to a running kimiflare serve instance (print mode only)");
 program.command("cost").description("Show cost attribution by task type (requires costAttribution enabled)").option("-w, --week", "last 7 days (default)").option("-m, --month", "last 30 days").option("-d, --day", "today only").option("-s, --session <id>", "single session detail").option("-c, --category <name>", "filter by category").option("--json", "machine-readable output").option("--reclassify", "re-run classification on all sessions").option("--local-only", "skip Cloudflare reconciliation").action(async (cmdOpts) => {
   const cfg = await loadConfig();
   const enabled = cfg?.costAttribution ?? false;
@@ -35516,6 +36773,19 @@ Open: ${step.url}`);
     }
   })
 );
+program.command("serve").description("Start a headless HTTP server for API access and CI integration").option("--port <n>", "port to listen on", (v) => parseInt(v, 10), 4096).option("--hostname <host>", "hostname to listen on", "127.0.0.1").action(async (cmdOpts) => {
+  const cfg = await loadConfig();
+  if (!cfg) {
+    console.error("kimiflare serve: missing credentials.");
+    process.exit(2);
+  }
+  const { startServer: startServer2 } = await Promise.resolve().then(() => (init_server(), server_exports));
+  await startServer2({
+    port: cmdOpts.port,
+    hostname: cmdOpts.hostname,
+    config: cfg
+  });
+});
 program.action(async () => {
   await main();
 });
@@ -35580,16 +36850,41 @@ async function main() {
       process.exit(2);
     }
     const model = opts.model ?? cfg.model ?? DEFAULT_MODEL;
+    const format = opts.format ?? "text";
+    if (format !== "text" && format !== "json" && format !== "stream-json") {
+      console.error(`kimiflare: invalid --format "${format}". Use: text, json, stream-json`);
+      process.exit(2);
+    }
+    if (opts.attach) {
+      const { runAttachMode: runAttachMode2 } = await Promise.resolve().then(() => (init_attach_mode(), attach_mode_exports));
+      await runAttachMode2({
+        attachUrl: opts.attach,
+        prompt: opts.print,
+        model,
+        files: opts.file,
+        format,
+        allowAll: !!opts.dangerouslyAllowAll,
+        sessionId: opts.session
+      });
+      return;
+    }
     await runPrintMode({
       ...cfg,
       model,
       prompt: opts.print,
       allowAll: !!opts.dangerouslyAllowAll,
-      showReasoning: !!opts.reasoning,
+      showReasoning: !!(opts.reasoning || opts.thinking),
       codeMode: cfg.codeMode,
       continueOnLimit: !!opts.continueOnLimit,
       maxInputTokens: opts.maxInputTokens,
-      updateResult
+      updateResult,
+      continueSession: !!opts.continue,
+      sessionId: opts.session,
+      files: opts.file,
+      format,
+      dir: opts.dir,
+      title: opts.title,
+      permissions: cfg.permissions
     });
     return;
   }
@@ -35646,112 +36941,4 @@ async function main() {
     await renderApp2(null, updateResult, lspScope, lspProjectPath);
   }
 }
-function gatewayFromPrintOpts(opts2) {
-  if (!opts2.aiGatewayId) return void 0;
-  return {
-    id: opts2.aiGatewayId,
-    cacheTtl: opts2.aiGatewayCacheTtl,
-    skipCache: opts2.aiGatewaySkipCache,
-    collectLogPayload: opts2.aiGatewayCollectLogPayload,
-    metadata: opts2.aiGatewayMetadata
-  };
-}
-async function runPrintMode(opts2) {
-  if (opts2.updateResult.hasUpdate) {
-    process.stderr.write(
-      `\x1B[33mkimiflare update available: ${opts2.updateResult.localVersion} \u2192 ${opts2.updateResult.latestVersion}\x1B[0m
-\x1B[33m  npm update -g kimiflare  then restart\x1B[0m
-
-`
-    );
-  }
-  const cwd = process.cwd();
-  const { HooksManager: HooksManager2 } = await Promise.resolve().then(() => (init_manager3(), manager_exports));
-  const hooks = new HooksManager2(cwd);
-  const executor = new ToolExecutor(ALL_TOOLS, { hooks });
-  const messages = [
-    { role: "system", content: buildSystemPrompt({ cwd, tools: ALL_TOOLS, model: opts2.model }) },
-    { role: "user", content: opts2.prompt }
-  ];
-  const controller = new AbortController();
-  process.on("SIGINT", () => controller.abort());
-  let printedReasoningHeader = false;
-  let printedAnswerHeader = false;
-  try {
-    await runAgentTurn({
-      accountId: opts2.accountId,
-      apiToken: opts2.apiToken,
-      model: opts2.model,
-      gateway: gatewayFromPrintOpts(opts2),
-      messages,
-      tools: ALL_TOOLS,
-      executor,
-      hooks,
-      // M6.1: Stop fires at end of print-mode turn too.
-      cwd,
-      signal: controller.signal,
-      codeMode: opts2.codeMode,
-      continueOnLimit: opts2.continueOnLimit,
-      maxInputTokens: opts2.maxInputTokens,
-      coauthor: opts2.coauthor !== false ? { name: opts2.coauthorName || "kimiflare", email: opts2.coauthorEmail || "kimiflare@proton.me" } : void 0,
-      callbacks: {
-        onReasoningDelta: opts2.showReasoning ? (delta) => {
-          if (!printedReasoningHeader) {
-            process.stderr.write("\x1B[2m--- reasoning ---\n");
-            printedReasoningHeader = true;
-          }
-          process.stderr.write(delta);
-        } : void 0,
-        onTextDelta: (delta) => {
-          if (opts2.showReasoning && printedReasoningHeader && !printedAnswerHeader) {
-            process.stderr.write("\n--- answer ---\x1B[0m\n");
-            printedAnswerHeader = true;
-          }
-          process.stdout.write(delta);
-        },
-        onToolCallFinalized: (call) => {
-          process.stderr.write(`\x1B[2m[tool ${call.function.name}(${call.function.arguments})]\x1B[0m
-`);
-        },
-        onToolResult: (result) => {
-          const snippet = result.content.length > 400 ? result.content.slice(0, 400) + "..." : result.content;
-          process.stderr.write(`\x1B[2m[result: ${snippet.replace(/\n/g, " \u23CE ")}]\x1B[0m
-`);
-        },
-        onWarning: (msg) => {
-          process.stderr.write(`\x1B[33mkimiflare: ${msg}\x1B[0m
-`);
-        },
-        askPermission: async ({ tool, args }) => {
-          if (opts2.allowAll) return "allow";
-          process.stderr.write(
-            `\x1B[31m[permission denied: ${tool.name}(${JSON.stringify(args)}) \u2014 pass --dangerously-allow-all to approve in print mode]\x1B[0m
-`
-          );
-          return "deny";
-        }
-      }
-    });
-  } catch (err) {
-    if (err instanceof BudgetExhaustedError) {
-      process.stderr.write("\n\x1B[33m[Budget exhausted \u2014 exiting with code 42]\x1B[0m\n");
-      process.exitCode = 42;
-      return;
-    }
-    if (err instanceof AgentLoopError) {
-      process.stderr.write("\n\x1B[33m[Agent loop detected \u2014 exiting with code 43]\x1B[0m\n");
-      process.exitCode = 43;
-      return;
-    }
-    if (err instanceof KimiApiError) {
-      process.stderr.write(`
-\x1B[31mError: ${humanizeCloudflareError(err)}\x1B[0m
-`);
-      process.exitCode = 1;
-      return;
-    }
-    throw err;
-  }
-  process.stdout.write("\n");
-}
 //# sourceMappingURL=index.js.map