shortcutxl 0.3.40 → 0.3.42

package/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## [0.3.41]
+
+- **Hosted MCP OAuth** — ShortcutXL now supports OAuth-authenticated hosted MCP servers. Configure a hosted MCP in `mcp.json`, then log in from `/mcp` or `/login`, see `login required` status when auth is missing, and log out again directly from the MCP menu.
+- **Agent context cleanup** — Simplified agent context and prompt behavior for cleaner single-turn and multi-turn execution.
+
 ## [0.3.40]
 
 - **Runtime permissions** — New `/permissions` command to review and change what file and shell tools can do. Approve individual workspaces, grant narrower read or read/write exceptions to files and folders outside them, and toggle spreadsheet auto-approve per settings profile.

package/dist/app/auth/auth-storage.d.ts

@@ -15,6 +15,23 @@ type LockResult<T> = {
     result: T;
     next?: string;
 };
+export interface AuthStorageOptions {
+    authPath?: string;
+    externalCredentialStores?: ExternalAuthCredentialStore[];
+}
+export interface ExternalAuthCredentialStore {
+    owns(provider: string): boolean;
+    reload(): void;
+    listProviders(): string[];
+    has(provider: string): boolean;
+    get(provider: string): AuthCredential | undefined;
+    set(provider: string, credential: AuthCredential): void;
+    remove(provider: string): void;
+    mutateCredentialWithLock<T>(provider: string, mutate: (credential: AuthCredential | undefined) => Promise<{
+        result: T;
+        credential?: AuthCredential;
+    }>): Promise<T>;
+}
 export interface AuthStorageBackend {
     withLock<T>(fn: (current: string | undefined) => LockResult<T>): T;
     withLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T>;
@@ -55,17 +72,18 @@ export declare class AuthStorage {
     private loadError;
     private errors;
     private _readOnly;
+    private readonly externalCredentialStores;
     private constructor();
-    static create(authPath?: string): AuthStorage;
-    static fromStorage(storage: AuthStorageBackend): AuthStorage;
+    static create(authPathOrOptions?: string | AuthStorageOptions): AuthStorage;
+    static fromStorage(storage: AuthStorageBackend, options?: AuthStorageOptions): AuthStorage;
     /**
      * Create a read-only AuthStorage backed by auth.json.
      * Reads without file locking — safe for concurrent subagents.
      * Never writes or refreshes tokens; call reload() periodically
      * to pick up tokens refreshed by the parent process.
      */
-    static createReadOnly(authPath?: string): AuthStorage;
-    static inMemory(data?: AuthStorageData): AuthStorage;
+    static createReadOnly(authPathOrOptions?: string | AuthStorageOptions): AuthStorage;
+    static inMemory(data?: AuthStorageData, options?: AuthStorageOptions): AuthStorage;
     /**
      * Set a runtime API key override (not persisted to disk).
      * Used for CLI --api-key flag.
@@ -80,8 +98,10 @@ export declare class AuthStorage {
      * Used for custom provider keys from models.json.
      */
     setFallbackResolver(resolver: (provider: string) => string | undefined): void;
-    private recordError;
+    private getExternalCredentialStore;
     private parseStorageData;
+    private parseStorageDocument;
+    private recordError;
     /**
      * Reload credentials from storage.
      */
@@ -104,7 +124,7 @@ export declare class AuthStorage {
      */
     list(): string[];
     /**
-     * Check if credentials exist for a provider in auth.json.
+     * Check if stored credentials exist for a provider.
      */
     has(provider: string): boolean;
     /**
@@ -141,15 +161,11 @@ export declare class AuthStorage {
      * Get API key for a provider.
      * Priority:
      * 1. Runtime override (CLI --api-key)
-     * 2. OAuth token from auth.json (auto-refreshed with locking)
+     * 2. OAuth token from persisted storage (auto-refreshed with locking)
      * 3. Environment variable
      * 4. Fallback resolver (models.json custom providers)
      */
     getApiKey(providerId: string): Promise<string | undefined>;
-    /**
-     * Get all registered OAuth providers
-     */
-    getOAuthProviders(): import("@mariozechner/pi-ai").OAuthProviderInterface[];
 }
 export {};
 //# sourceMappingURL=auth-storage.d.ts.map

package/dist/app/auth/mcp-oauth-state.d.ts

@@ -0,0 +1,44 @@
+import type { OAuthDiscoveryState } from '@modelcontextprotocol/sdk/client/auth.js';
+import type { AuthCredential, AuthStorageData } from './auth-storage.js';
+export interface OAuthClientInformationRecord {
+    clientId: string;
+    clientSecret?: string;
+}
+export type OAuthDiscoveryRecord = OAuthDiscoveryState;
+export interface McpOAuthRuntimeSettings {
+    credentialsStoreMode?: 'file' | 'keychain' | 'auto';
+    callbackPort?: number;
+    callbackUrl?: string;
+}
+type OAuthStorageManifest = Record<string, 'keychain'>;
+export interface ParsedMcpOAuthState {
+    credentials: AuthStorageData;
+    clientInfo: Record<string, OAuthClientInformationRecord>;
+    discoveryInfo: Record<string, OAuthDiscoveryRecord>;
+    storageManifest: OAuthStorageManifest;
+}
+export interface StoredMcpOAuthPayload {
+    credential?: AuthCredential;
+    clientInfo?: OAuthClientInformationRecord;
+    discoveryInfo?: OAuthDiscoveryRecord;
+}
+export declare class McpOAuthPersistence {
+    private readonly isManagedProvider;
+    private settings;
+    constructor(isManagedProvider?: (provider: string) => boolean);
+    configure(settings: McpOAuthRuntimeSettings | undefined): void;
+    getSettings(): Required<McpOAuthRuntimeSettings>;
+    shouldUseKeychain(provider: string): boolean;
+    load(content: string | undefined): ParsedMcpOAuthState;
+    loadOrEmpty(content: string | undefined): ParsedMcpOAuthState;
+    loadProviderPayload(provider: string): StoredMcpOAuthPayload | undefined;
+    getProviderPayload(state: ParsedMcpOAuthState, provider: string): StoredMcpOAuthPayload;
+    writeProviderPayload(baseState: ParsedMcpOAuthState, provider: string, nextPayload: StoredMcpOAuthPayload): string;
+    private resolveStoreMode;
+    private empty;
+    private hydrate;
+    private parse;
+    private serialize;
+}
+export {};
+//# sourceMappingURL=mcp-oauth-state.d.ts.map

package/dist/app/auth/oauth-callback-server.d.ts

@@ -0,0 +1,7 @@
+export interface OAuthCallbackServer {
+    redirectUrl: string;
+    waitForCallback(): Promise<string>;
+    close(): Promise<void>;
+}
+export declare function startOAuthCallbackServer(redirectUrl: string | URL, signal?: AbortSignal): Promise<OAuthCallbackServer>;
+//# sourceMappingURL=oauth-callback-server.d.ts.map

package/dist/app/connectors/secret-store.d.ts

@@ -14,6 +14,12 @@ export declare function setSecret(name: string, payload: Record<string, string>)
 export declare function getSecret(name: string): Record<string, string> | undefined;
 /** Remove a secret for a connection. Returns true if it existed. */
 export declare function removeSecret(name: string): boolean;
+/** Store a JSON payload in the OS keychain under a custom service namespace. */
+export declare function setNamespacedSecret(service: string, name: string, payload: object): void;
+/** Retrieve a JSON payload from the OS keychain for a custom service namespace. */
+export declare function getNamespacedSecret<T extends object>(service: string, name: string): T | undefined;
+/** Remove a JSON payload from the OS keychain for a custom service namespace. */
+export declare function removeNamespacedSecret(service: string, name: string): boolean;
 /**
  * Build environment variables for a set of connections.
  * Returns a Record to merge into a subprocess's env.

package/dist/app/index.d.ts

@@ -13,7 +13,10 @@ export { ExtensionRunner, createExtensionRuntime, discoverAndLoadExtensions, loa
 export type { CompactOptions, ContextUsage, Extension, ExtensionAPI, ExtensionCommandContext, ExtensionCommandContextActions, ExtensionContext, ExtensionError, ExtensionErrorListener, ExtensionFactory, ExtensionHandler, ExtensionRuntime, ExtensionSessionSetupStore, ExtensionSessionView, ExtensionUIContext, ExtensionUIDialogOptions, InputSource, LoadExtensionsResult, RegisteredCommand, RegisteredTool, ResourcesDiscoverEvent, ResourcesDiscoverResult, RunnerEmitEvent, SessionBeforeSwitchEvent, ShutdownHandler, SlashCommandInfo, SlashCommandLocation, SlashCommandSource, ToolInfo } from './extensions/index.js';
 export { formatFileUploadsContext, mergeFileUploads, sanitizeForPrompt, type FileUploadData } from './file-uploads.js';
 export { LoopManager } from './loop/loop-manager.js';
+export { isHostedMcpOAuthProviderId } from './mcp/hosted-oauth-provider.js';
 export { createMcpManager, type McpManager } from './mcp/index.js';
+export { isManagedMcpOAuthProvider } from './mcp/managed-oauth-providers.js';
+export { McpOAuthStore } from './mcp/oauth-state-store.js';
 export { convertToLlm, createCompactionSummaryMessage, createCustomMessage, type CustomMessage } from './messages.js';
 export { handleNewSheetCommand } from './new-sheet-command.js';
 export { ModelRegistry } from './providers/model-registry.js';
@@ -32,11 +35,11 @@ export { listAllSessions, listSessions } from './session/session-catalog.js';
 export type { SessionInfo, SessionListProgress } from './session/session-catalog.js';
 export { continueRecentSessionManager, createInMemorySessionManager, createSessionManager, forkSessionManager, openSessionManager } from './session/session-factory.js';
 export { SessionManager } from './session/session-manager.js';
+export type { SessionObservability } from './session/session-observability.js';
 export { FileSessionPersistenceBackend } from './session/session-persistence-backend.js';
 export type { SessionPersistenceBackend } from './session/session-persistence-backend.js';
 export type { SessionEntry, SessionHeader, SessionInfoEntry, SessionMessageEntry } from './session/session-schema.js';
 export type { BranchSessionStore, ModelSessionStore, PersistenceSessionStore, ProductSessionStore, SessionInfoStore } from './session/session-store-types.js';
-export type { SessionObservability } from './session/session-observability.js';
 export { SettingsManager, type CompactionSettings, type ImageSettings, type PackageSource, type RetrySettings } from './settings-manager.js';
 export type { StartupInfoEntry } from './startup-info.js';
 export { downloadSkillsWithApproval, syncSkillsConservatively } from './sync/skills-download.js';

package/dist/app/mcp/auth-status.d.ts

@@ -0,0 +1,4 @@
+import type { AuthStorage } from '../auth/auth-storage.js';
+import { type McpAuthStatus, type McpServerConfig } from './types.js';
+export declare function getMcpAuthStatus(serverName: string, config: McpServerConfig, authStorage?: AuthStorage): Promise<McpAuthStatus>;
+//# sourceMappingURL=auth-status.d.ts.map

package/dist/app/mcp/catalog.d.ts

@@ -7,7 +7,7 @@
  *
  * Use mcp_describe(server) to get full tool details.
  */
-import type { McpConnection } from './types.js';
+import type { McpAuthStatus, McpConnection, McpServerStatus } from './types.js';
 /**
  * Build a compact tool catalog — just server names and tool names.
  * Detailed descriptions are available via mcp_describe.
@@ -17,8 +17,11 @@ export declare function buildCatalog(connections: McpConnection[]): string;
  * Build a detailed tool listing for a single server (used by mcp_describe).
  */
 export declare function buildServerDetail(connection: McpConnection): string;
-/**
- * Build a status line summary: "github (7 tools), postgres (4 tools)"
- */
-export declare function buildStatusLine(connections: McpConnection[], failures: Map<string, string>): string;
+export declare function buildStatusLine(entries: Array<{
+    name: string;
+    connected?: McpConnection;
+    failure?: string;
+    authStatus: McpAuthStatus;
+    transport: McpServerStatus['transport'];
+}>): string;
 //# sourceMappingURL=catalog.d.ts.map

package/dist/app/mcp/config.d.ts

@@ -6,7 +6,7 @@
  *
  * Project servers override global servers with the same name.
  */
-import type { McpServerConfig } from './types.js';
+import { type McpServerConfig } from './types.js';
 interface LoadConfigOptions {
     cwd: string;
     globalConfigDir: string;

package/dist/app/mcp/connection.d.ts

@@ -1,25 +1,28 @@
 /**
- * MCP server connection — spawn, connect, listTools, callTool, close.
- *
- * Uses the official @modelcontextprotocol/sdk for JSON-RPC over stdio.
+ * MCP server connection — connect, listTools, callTool, close.
  */
-import type { McpConnection, McpRequestPolicy, McpServerConfig } from './types.js';
+import type { AuthStorage } from '../auth/auth-storage.js';
+import type { McpOAuthStore } from './oauth-state-store.js';
+import { type McpConnection, type McpFailureKind, type McpRequestPolicy, type McpServerConfig } from './types.js';
+export declare class McpConnectionError extends Error {
+    readonly failureKind: McpFailureKind;
+    constructor(failureKind: McpFailureKind, message: string);
+}
 export declare function resolveStartupTimeoutMs(config: McpServerConfig): number;
 export declare function buildRequestPolicy(config: McpServerConfig): McpRequestPolicy;
 /**
- * Spawn a server process, connect via stdio, and list its tools.
- * Throws on failure (caller handles per-server error isolation).
+ * Connect a server, list tools, and return a live MCP connection.
  */
-export declare function connectServer(name: string, config: McpServerConfig, defaultCwd: string): Promise<McpConnection>;
+export declare function connectServer(name: string, config: McpServerConfig, defaultCwd: string, authStorage?: AuthStorage, mcpOAuthStore?: McpOAuthStore): Promise<McpConnection>;
 /**
  * Call a tool on a connected server. Returns the result text or throws.
  */
-export declare function callTool(connection: McpConnection, toolName: string, args: Record<string, unknown> | undefined, signal?: AbortSignal): Promise<{
+export declare function callTool(connection: McpConnection, toolName: string, args: Record<string, unknown> | undefined, signal?: AbortSignal, attemptedReconnect?: boolean): Promise<{
     text: string;
     isError: boolean;
 }>;
 /**
- * Close a connection. Sends close, then escalates to SIGKILL after 5s.
+ * Close a connection.
  */
 export declare function closeConnection(connection: McpConnection): void;
 //# sourceMappingURL=connection.d.ts.map

package/dist/app/mcp/hosted-oauth-id.d.ts

@@ -0,0 +1,5 @@
+import type { McpHostedServerConfig } from './types.js';
+export declare const HOSTED_MCP_OAUTH_PROVIDER_PREFIX = "mcp:";
+export declare function getHostedMcpOAuthConfig(config: McpHostedServerConfig): import("./types.js").McpOAuthConfig;
+export declare function getHostedMcpOAuthProviderId(serverName: string, config: McpHostedServerConfig): string;
+//# sourceMappingURL=hosted-oauth-id.d.ts.map

package/dist/app/mcp/hosted-oauth-provider.d.ts

@@ -0,0 +1,11 @@
+import type { OAuthProviderInterface } from '@mariozechner/pi-ai';
+import { type OAuthClientProvider } from '@modelcontextprotocol/sdk/client/auth.js';
+import type { AuthStorage } from '../auth/auth-storage.js';
+import type { McpOAuthStore } from './oauth-state-store.js';
+import type { McpHostedServerConfig } from './types.js';
+export declare function isHostedMcpOAuthProviderId(providerId: string): boolean;
+export declare function createHostedMcpOAuthProvider(serverName: string, config: McpHostedServerConfig, authStorage?: AuthStorage, mcpOAuthStore?: McpOAuthStore): OAuthProviderInterface;
+export declare function createHostedMcpRuntimeAuthProvider(serverName: string, config: McpHostedServerConfig, authStorage: AuthStorage, mcpOAuthStore: McpOAuthStore): OAuthClientProvider;
+export declare function registerHostedMcpOAuthProviders(servers: Record<string, import('./types.js').McpServerConfig>, authStorage?: AuthStorage, mcpOAuthStore?: McpOAuthStore): string[];
+export declare function unregisterHostedMcpOAuthProviders(providerIds: string[]): void;
+//# sourceMappingURL=hosted-oauth-provider.d.ts.map

package/dist/app/mcp/index.d.ts

@@ -1,23 +1,15 @@
 /**
  * MCP client manager — composition root for the MCP subsystem.
- *
- * createMcpManager():
- *   1. Load config (global + project)
- *   2. Connect all servers concurrently (graceful degradation)
- *   3. Build catalog & gateway tools
- *   4. Return tools + shutdown handle
- *
- * Returns null if no servers are configured or all fail.
  */
-import type { McpManager } from './types.js';
+import type { AuthStorage } from '../auth/auth-storage.js';
+import type { McpOAuthStore } from './oauth-state-store.js';
+import { type McpManager } from './types.js';
 export type { McpManager } from './types.js';
 interface CreateMcpManagerOptions {
     cwd: string;
     globalConfigDir: string;
+    authStorage?: AuthStorage;
+    mcpOAuthStore?: McpOAuthStore;
 }
-/**
- * Create the MCP manager: load config, connect servers, build gateway tools.
- * Returns null if no servers are configured or all connections fail.
- */
 export declare function createMcpManager(options: CreateMcpManagerOptions): Promise<McpManager | null>;
 //# sourceMappingURL=index.d.ts.map

package/dist/app/mcp/managed-oauth-providers.d.ts

@@ -0,0 +1,4 @@
+export declare function registerManagedMcpOAuthProvider(providerId: string): void;
+export declare function unregisterManagedMcpOAuthProvider(providerId: string): void;
+export declare function isManagedMcpOAuthProvider(providerId: string): boolean;
+//# sourceMappingURL=managed-oauth-providers.d.ts.map

package/dist/app/mcp/oauth-discovery.d.ts

@@ -0,0 +1,16 @@
+import { type OAuthDiscoveryState } from '@modelcontextprotocol/sdk/client/auth.js';
+import type { McpOAuthStore } from './oauth-state-store.js';
+import type { McpHostedServerConfig } from './types.js';
+export interface HostedMcpOAuthResolution {
+    discoveryState?: OAuthDiscoveryState;
+    resourceMetadataUrl?: URL;
+    resource?: string;
+    scope?: string;
+}
+interface HostedMcpOAuthResolutionOptions {
+    timeoutMs?: number;
+}
+export declare function resolveHostedMcpOAuthTimeoutMs(config: McpHostedServerConfig): number;
+export declare function resolveHostedMcpOAuth(serverName: string, config: McpHostedServerConfig, mcpOAuthStore?: McpOAuthStore, options?: HostedMcpOAuthResolutionOptions): Promise<HostedMcpOAuthResolution>;
+export {};
+//# sourceMappingURL=oauth-discovery.d.ts.map

package/dist/app/mcp/oauth-state-store.d.ts

@@ -0,0 +1,49 @@
+import { type AuthCredential, AuthStorageBackend, type ExternalAuthCredentialStore } from '../auth/auth-storage.js';
+import { type McpOAuthRuntimeSettings, type OAuthClientInformationRecord, type OAuthDiscoveryRecord } from '../auth/mcp-oauth-state.js';
+export interface McpOAuthStoreOptions {
+    authPath?: string;
+    settings?: McpOAuthRuntimeSettings;
+    isManagedMcpOAuthProvider?: (provider: string) => boolean;
+}
+/**
+ * MCP-owned OAuth protocol state.
+ *
+ * Owns hosted-MCP credentials, client registration, and discovery metadata
+ * using the shared auth backend plus optional keychain storage.
+ */
+export declare class McpOAuthStore implements ExternalAuthCredentialStore {
+    private readonly storage;
+    private readonly persistence;
+    private credentials;
+    private clientInfo;
+    private discoveryInfo;
+    constructor(storage: AuthStorageBackend, options?: Pick<McpOAuthStoreOptions, 'settings' | 'isManagedMcpOAuthProvider'>);
+    private readonly isManagedProvider;
+    static create(options?: McpOAuthStoreOptions): McpOAuthStore;
+    static createReadOnly(options?: McpOAuthStoreOptions): McpOAuthStore;
+    static fromStorage(storage: AuthStorageBackend, options?: McpOAuthStoreOptions): McpOAuthStore;
+    static inMemory(options?: Pick<McpOAuthStoreOptions, 'settings'>): McpOAuthStore;
+    reload(): void;
+    getSettings(): Required<McpOAuthRuntimeSettings>;
+    setSettings(settings: McpOAuthRuntimeSettings | undefined): void;
+    owns(provider: string): boolean;
+    listProviders(): string[];
+    has(provider: string): boolean;
+    get(provider: string): AuthCredential | undefined;
+    set(provider: string, credential: AuthCredential): void;
+    remove(provider: string): void;
+    mutateCredentialWithLock<T>(provider: string, mutate: (credential: AuthCredential | undefined) => Promise<{
+        result: T;
+        credential?: AuthCredential;
+    }>): Promise<T>;
+    getClientInfo(provider: string): OAuthClientInformationRecord | undefined;
+    setClientInfo(provider: string, info: OAuthClientInformationRecord): void;
+    removeClientInfo(provider: string): void;
+    getDiscoveryState(provider: string): OAuthDiscoveryRecord | undefined;
+    setDiscoveryState(provider: string, info: OAuthDiscoveryRecord): void;
+    removeDiscoveryState(provider: string): void;
+    clear(provider: string): void;
+    private applyState;
+    private persistProviderPayload;
+}
+//# sourceMappingURL=oauth-state-store.d.ts.map

package/dist/app/mcp/types.d.ts

@@ -5,10 +5,11 @@
  */
 import type { Client } from '@modelcontextprotocol/sdk/client/index.js';
 import type { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
+import type { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
 export interface McpConfig {
     mcpServers: Record<string, McpServerConfig>;
 }
-export interface McpServerConfig {
+export interface McpStdioServerConfig {
     /** Command to spawn the server */
     command: string;
     /** Arguments to the command */
@@ -36,6 +37,40 @@ export interface McpServerConfig {
      */
     maxToolCallTotalTimeoutMs?: number;
 }
+export interface McpOAuthConfig {
+    providerId?: string;
+    providerName?: string;
+    clientId?: string;
+    clientSecret?: string;
+    redirectUrl?: string;
+    scope?: string;
+    resource?: string;
+    resourceMetadataUrl?: string;
+}
+export interface McpHostedServerConfig {
+    transport: 'streamable_http';
+    url: string;
+    /** Static headers to include on every request. */
+    headers?: Record<string, string>;
+    /** Connection name whose fields are injected as HTTP headers. */
+    connection?: string;
+    /** OAuth configuration for hosted MCP login via /login. */
+    oauth?: McpOAuthConfig;
+    /** Deprecated alias for startupTimeoutMs. Kept for config compatibility. */
+    timeout?: number;
+    /** Startup/connect timeout in ms (default: 30000) */
+    startupTimeoutMs?: number;
+    /** Per-tool-call inactivity timeout in ms (default: 600000 / 10 minutes) */
+    toolCallTimeoutMs?: number;
+    resetToolCallTimeoutOnProgress?: boolean;
+    maxToolCallTotalTimeoutMs?: number;
+}
+export type McpServerConfig = McpStdioServerConfig | McpHostedServerConfig;
+export type McpAuthStatus = 'unsupported' | 'not_logged_in' | 'configured' | 'oauth';
+export type McpFailureKind = 'auth_required' | 'connect_failed';
+export declare function isHostedServerConfig(config: McpServerConfig): config is McpHostedServerConfig;
+export declare function isStdioServerConfig(config: McpServerConfig): config is McpStdioServerConfig;
+export type McpTransport = StdioClientTransport | StreamableHTTPClientTransport;
 export interface McpRequestPolicy {
     timeoutMs: number;
     resetTimeoutOnProgress: boolean;
@@ -44,9 +79,10 @@ export interface McpRequestPolicy {
 export interface McpConnection {
     name: string;
     client: Client;
-    transport: StdioClientTransport;
+    transport: McpTransport;
     tools: McpToolInfo[];
     requestPolicy: McpRequestPolicy;
+    reconnect?: () => Promise<McpConnection | null>;
 }
 export interface McpToolInfo {
     name: string;
@@ -57,6 +93,11 @@ export interface McpToolInfo {
 export interface McpServerStatus {
     name: string;
     status: 'connected' | 'failed';
+    transport: 'stdio' | 'streamable_http';
+    authStatus: McpAuthStatus;
+    failureKind?: McpFailureKind;
+    oauthProviderId?: string;
+    oauthProviderName?: string;
     toolCount: number;
     toolNames: string[];
     error?: string;

package/dist/app/modes/action/prompt.d.ts

@@ -9,5 +9,23 @@
  * Those are shown in the TUI status line. The agent discovers them dynamically
  * via the health check endpoint or execute_code.
  */
+interface SelfReferencePaths {
+    cwd: string;
+    packageDir: string;
+    agentDir: string;
+    settingsPath: string;
+    memoriesDir: string;
+    userSkillsDir: string;
+    sessionsDir: string;
+    tempDir: string;
+    desktopDir: string;
+    xllSpec: string;
+    xllSkill: string;
+    readme: string;
+    docs: string;
+    examples: string;
+}
+export declare function buildSelfReferenceSection(paths: SelfReferencePaths): string;
 export declare function buildActionPrompt(): string;
+export {};
 //# sourceMappingURL=prompt.d.ts.map

package/dist/app/permissions/tool-gates.d.ts

@@ -1,7 +1,7 @@
 import type { ToolDefinition } from '../../core/core-types.js';
 import { BASH, EDIT, EXECUTE_CODE, FIND, GREP, LS, READ, TASK, WRITE } from '../../tool-names.js';
-import type { ShortcutClientLogger } from '../observability/client-logging/client-logger.js';
 import { type ApprovalGate, type BashApprovalData, type FileAccessApprovalData } from '../approvals/types.js';
+import type { ShortcutClientLogger } from '../observability/client-logging/client-logger.js';
 import type { SettingsManager } from '../settings-manager.js';
 export type PermissionedRuntimeToolName = typeof READ | typeof WRITE | typeof EDIT | typeof LS | typeof FIND | typeof GREP | typeof BASH | typeof EXECUTE_CODE | typeof TASK;
 export declare const TOOL_GATES: {