wolverine-ai 3.5.0 → 3.6.1

package/server/routes/inference.js

@@ -0,0 +1,329 @@
+const https = require("https");
+const http = require("http");
+const crypto = require("crypto");
+
+/**
+ * Wolverine Inference API
+ *
+ * Credit system: $1 = 100 credits. 1 credit = $0.01 of compute.
+ * Token pricing (in credits per million tokens):
+ *   wolverine-test-1: 1 credit input / 4 credits output per 1M tokens
+ *   (= $0.01/$0.04 per 1M — 15x cheaper than gpt-4o-mini, 80x cheaper than haiku)
+ *
+ * Rate limiting: per API key, configurable per tier.
+ * Queue: when GPU is at capacity, requests queue with timeout.
+ */
+
+const INFERENCE_URL = process.env.WOLVERINE_INFERENCE_URL || "http://ssh8.vast.ai:24233";
+const GPU_KEY = process.env.WOLVERINE_GPU_KEY || "";
+
+// Pricing in CREDITS per million tokens ($1 = 100 credits)
+const MODEL_PRICING = {
+  "wolverine-test-1":  { input: 1.0, output: 4.0 },   // $0.01/$0.04 per 1M
+  "wolverine-coding":  { input: 1.0, output: 4.0 },
+  "wolverine-reasoning": { input: 2.5, output: 10.0 }, // heavier model when available
+};
+
+const MODEL_MAP = {
+  "wolverine-test-1": "wolverine-test-1",
+  "wolverine-coding": "wolverine-test-1",
+  "wolverine-reasoning": "wolverine-test-1",
+};
+
+const TIER_LIMITS = {
+  free: { rpm: 10, maxTokens: 1024 },
+  starter: { rpm: 60, maxTokens: 4096 },
+  pro: { rpm: 300, maxTokens: 4096 },
+  admin: { rpm: 9999, maxTokens: 4096 },
+};
+
+function tokenCost(model, inputTokens, outputTokens) {
+  const p = MODEL_PRICING[model] || MODEL_PRICING["wolverine-test-1"];
+  return ((inputTokens / 1_000_000) * p.input) + ((outputTokens / 1_000_000) * p.output);
+}
+
+// ── Request Queue (handles GPU saturation) ──
+const queue = [];
+let activeRequests = 0;
+const MAX_CONCURRENT = 8; // vLLM max-num-seqs
+const QUEUE_TIMEOUT_MS = 30000;
+
+function enqueue() {
+  return new Promise((resolve, reject) => {
+    if (activeRequests < MAX_CONCURRENT) {
+      activeRequests++;
+      resolve();
+      return;
+    }
+    const timer = setTimeout(() => {
+      const idx = queue.indexOf(entry);
+      if (idx >= 0) queue.splice(idx, 1);
+      reject(new Error("Queue timeout — GPU at capacity. Try again in a few seconds."));
+    }, QUEUE_TIMEOUT_MS);
+    const entry = { resolve: () => { clearTimeout(timer); activeRequests++; resolve(); }, reject };
+    queue.push(entry);
+  });
+}
+
+function dequeue() {
+  activeRequests = Math.max(0, activeRequests - 1);
+  if (queue.length > 0) {
+    const next = queue.shift();
+    next.resolve();
+  }
+}
+
+async function routes(fastify) {
+  const { pool } = require("../lib/db");
+
+  // Rate limit state (in-memory)
+  const rateWindows = new Map();
+
+  async function authenticate(request, reply) {
+    const apiKey = request.headers.authorization?.replace("Bearer ", "") || request.headers["x-api-key"];
+    if (!apiKey) return reply.code(401).send({ error: { message: "API key required. Pass via Authorization: Bearer <key>", type: "auth_error" } });
+
+    // Platform key bypass
+    let settings = {};
+    try { settings = require("../config/settings.json"); } catch {}
+    if (apiKey === settings.platform?.apiKey) {
+      request.account = { api_key: apiKey, owner: "platform", tier: "admin", credits_remaining: 999999, rate_limit_rpm: 9999 };
+      return;
+    }
+
+    const result = await pool.query("SELECT * FROM api_credits WHERE api_key = $1", [apiKey]);
+    if (result.rows.length === 0) return reply.code(401).send({ error: { message: "Invalid API key", type: "auth_error" } });
+
+    const account = result.rows[0];
+
+    // Credit check
+    if (parseFloat(account.credits_remaining) <= 0) {
+      return reply.code(402).send({ error: { message: "Insufficient credits. Add credits at wolverinenode.xyz", type: "billing_error", credits_remaining: 0 } });
+    }
+
+    // Rate limit
+    const now = Date.now();
+    const window = rateWindows.get(apiKey) || { count: 0, resetAt: now + 60000 };
+    if (now > window.resetAt) { window.count = 0; window.resetAt = now + 60000; }
+    const limit = account.rate_limit_rpm || TIER_LIMITS[account.tier]?.rpm || 10;
+    if (window.count >= limit) {
+      const retryAfter = Math.ceil((window.resetAt - now) / 1000);
+      return reply.code(429).send({ error: { message: `Rate limit: ${limit} requests/min. Retry in ${retryAfter}s`, type: "rate_limit", retry_after: retryAfter } });
+    }
+    window.count++;
+    rateWindows.set(apiKey, window);
+
+    request.account = account;
+  }
+
+  // ── POST /chat/completions ──
+  fastify.post("/chat/completions", { preHandler: authenticate }, async (request, reply) => {
+    const body = request.body || {};
+    const requestedModel = body.model || "wolverine-test-1";
+    const account = request.account;
+    const tier = TIER_LIMITS[account.tier] || TIER_LIMITS.free;
+    const startMs = Date.now();
+
+    // Enforce max tokens per tier
+    if (body.max_tokens && body.max_tokens > tier.maxTokens) {
+      body.max_tokens = tier.maxTokens;
+    }
+
+    // Map model name for backend
+    const backendBody = { ...body, model: MODEL_MAP[requestedModel] || requestedModel };
+
+    // Queue if GPU saturated
+    try {
+      await enqueue();
+    } catch (err) {
+      return reply.code(503).send({ error: { message: err.message, type: "capacity_error", queue_length: queue.length } });
+    }
+
+    try {
+      const result = await proxyToInference("/v1/chat/completions", backendBody);
+      const latencyMs = Date.now() - startMs;
+
+      const usage = result.usage || {};
+      const inputTokens = usage.prompt_tokens || 0;
+      const outputTokens = usage.completion_tokens || 0;
+      const cost = tokenCost(requestedModel, inputTokens, outputTokens);
+
+      // Bill credits (skip for platform)
+      if (account.owner !== "platform") {
+        await pool.query(
+          "UPDATE api_credits SET credits_remaining = credits_remaining - $1, credits_used = credits_used + $1, last_used = NOW() WHERE api_key = $2",
+          [cost, account.api_key]
+        );
+        await pool.query(
+          "INSERT INTO api_usage_log (api_key, model, input_tokens, output_tokens, total_tokens, cost, latency_ms, success, endpoint) VALUES ($1, $2, $3, $4, $5, $6, $7, true, $8)",
+          [account.api_key, requestedModel, inputTokens, outputTokens, inputTokens + outputTokens, cost, latencyMs, "/v1/chat/completions"]
+        );
+      }
+
+      // Rewrite response
+      if (result.model) result.model = requestedModel;
+      result.x_wolverine = {
+        credits_used: Math.round(cost * 1000000) / 1000000,
+        credits_remaining: Math.max(0, parseFloat(account.credits_remaining) - cost),
+        latency_ms: latencyMs,
+        queued: activeRequests > MAX_CONCURRENT,
+      };
+
+      return result;
+    } catch (err) {
+      if (account.owner !== "platform") {
+        await pool.query(
+          "INSERT INTO api_usage_log (api_key, model, input_tokens, output_tokens, total_tokens, cost, latency_ms, success, endpoint) VALUES ($1, $2, 0, 0, 0, 0, $3, false, $4)",
+          [account.api_key, requestedModel, Date.now() - startMs, "/v1/chat/completions"]
+        ).catch(() => {});
+      }
+      return reply.code(502).send({ error: { message: `Inference error: ${err.message}`, type: "inference_error" } });
+    } finally {
+      dequeue();
+    }
+  });
+
+  // ── GET /models ──
+  fastify.get("/models", async () => ({
+    object: "list",
+    data: Object.entries(MODEL_PRICING).map(([id, p]) => ({
+      id, object: "model", owned_by: "wolverine",
+      created: Math.floor(Date.now() / 1000),
+      pricing: { input_credits_per_million: p.input, output_credits_per_million: p.output, usd_per_credit: 0.01 },
+    })),
+  }));
+
+  // ── POST /keys/create — generate new API key ──
+  fastify.post("/keys/create", { preHandler: authenticate }, async (request, reply) => {
+    const account = request.account;
+    if (account.tier !== "admin") return reply.code(403).send({ error: { message: "Only admins can create API keys", type: "auth_error" } });
+
+    const { owner, email, credits, tier, rpm } = request.body || {};
+    if (!owner) return reply.code(400).send({ error: { message: "owner required", type: "validation_error" } });
+
+    const newKey = "wlv_" + crypto.randomBytes(24).toString("hex");
+    const keyTier = tier || "free";
+    const keyCredits = credits || (keyTier === "free" ? 10 : 0);
+    const keyRpm = rpm || TIER_LIMITS[keyTier]?.rpm || 10;
+
+    await pool.query(
+      "INSERT INTO api_credits (api_key, owner, email, credits_remaining, tier, plan_name, rate_limit_rpm) VALUES ($1, $2, $3, $4, $5, $6, $7)",
+      [newKey, owner, email || null, keyCredits, keyTier, keyTier, keyRpm]
+    );
+
+    return { api_key: newKey, owner, tier: keyTier, credits: keyCredits, rate_limit_rpm: keyRpm };
+  });
+
+  // ── POST /keys/add-credits — add credits to a key ──
+  fastify.post("/keys/add-credits", { preHandler: authenticate }, async (request, reply) => {
+    const account = request.account;
+    if (account.tier !== "admin") return reply.code(403).send({ error: { message: "Only admins can add credits", type: "auth_error" } });
+
+    const { api_key, credits } = request.body || {};
+    if (!api_key || !credits) return reply.code(400).send({ error: { message: "api_key and credits required" } });
+
+    await pool.query("UPDATE api_credits SET credits_remaining = credits_remaining + $1 WHERE api_key = $2", [credits, api_key]);
+    const updated = await pool.query("SELECT credits_remaining FROM api_credits WHERE api_key = $1", [api_key]);
+    return { api_key, credits_added: credits, credits_remaining: parseFloat(updated.rows[0]?.credits_remaining || 0) };
+  });
+
+  // ── GET /keys — list all keys (admin only) ──
+  fastify.get("/keys", { preHandler: authenticate }, async (request, reply) => {
+    if (request.account.tier !== "admin") return reply.code(403).send({ error: { message: "Admin only" } });
+    const { rows } = await pool.query("SELECT api_key, owner, email, tier, credits_remaining, credits_used, rate_limit_rpm, created_at, last_used FROM api_credits ORDER BY created_at DESC");
+    return { keys: rows };
+  });
+
+  // ── GET /credits ──
+  fastify.get("/credits", { preHandler: authenticate }, async (request, reply) => {
+    const a = request.account;
+    return {
+      credits_remaining: parseFloat(a.credits_remaining),
+      credits_used: parseFloat(a.credits_used || 0),
+      usd_remaining: parseFloat(a.credits_remaining) * 0.01,
+      usd_used: parseFloat(a.credits_used || 0) * 0.01,
+      tier: a.tier, rate_limit_rpm: a.rate_limit_rpm, owner: a.owner,
+    };
+  });
+
+  // ── GET /usage ──
+  fastify.get("/usage", { preHandler: authenticate }, async (request, reply) => {
+    const apiKey = request.account.api_key;
+    const period = request.query.period || "7d";
+    const interval = { "1h": "1 hour", "1d": "1 day", "7d": "7 days", "30d": "30 days" }[period] || "7 days";
+
+    const summary = await pool.query(
+      `SELECT model, COUNT(*) AS calls, SUM(input_tokens) AS input, SUM(output_tokens) AS output,
+              SUM(total_tokens) AS tokens, SUM(cost) AS credits_spent, AVG(latency_ms) AS avg_latency,
+              COUNT(*) FILTER (WHERE success) AS successes
+       FROM api_usage_log WHERE api_key = $1 AND timestamp > NOW() - $2::interval
+       GROUP BY model ORDER BY credits_spent DESC`, [apiKey, interval]
+    );
+
+    const timeline = await pool.query(
+      `SELECT date_trunc('hour', timestamp) AS hour, SUM(cost) AS credits, SUM(total_tokens) AS tokens, COUNT(*) AS calls
+       FROM api_usage_log WHERE api_key = $1 AND timestamp > NOW() - $2::interval
+       GROUP BY hour ORDER BY hour`, [apiKey, interval]
+    );
+
+    const totalCredits = summary.rows.reduce((s, r) => s + parseFloat(r.credits_spent || 0), 0);
+
+    return {
+      period,
+      total_credits_spent: Math.round(totalCredits * 1000000) / 1000000,
+      total_usd_spent: Math.round(totalCredits * 0.01 * 1000000) / 1000000,
+      byModel: summary.rows.map(r => ({
+        model: r.model, calls: parseInt(r.calls), input: parseInt(r.input || 0), output: parseInt(r.output || 0),
+        tokens: parseInt(r.tokens || 0), credits_spent: parseFloat(r.credits_spent || 0),
+        usd_spent: parseFloat(r.credits_spent || 0) * 0.01,
+        avgLatencyMs: Math.round(parseFloat(r.avg_latency || 0)),
+        successRate: parseInt(r.calls) > 0 ? parseFloat(((parseInt(r.successes) / parseInt(r.calls)) * 100).toFixed(2)) : 0,
+      })),
+      timeline: timeline.rows.map(r => ({
+        hour: r.hour, credits: parseFloat(r.credits), tokens: parseInt(r.tokens), calls: parseInt(r.calls),
+      })),
+      queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT },
+    };
+  });
+
+  // ── GET /health ──
+  fastify.get("/health", async () => {
+    try {
+      const result = await proxyToInference("/health", null, "GET");
+      return { status: "ok", inference: result, queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT } };
+    } catch (err) {
+      return { status: "down", error: err.message, queue: { active: activeRequests, waiting: queue.length, max: MAX_CONCURRENT } };
+    }
+  });
+}
+
+function proxyToInference(path, body, method = "POST") {
+  return new Promise((resolve, reject) => {
+    const url = new (require("url").URL)(INFERENCE_URL + path);
+    const client = url.protocol === "https:" ? https : http;
+    const bodyStr = body ? JSON.stringify(body) : null;
+
+    const req = client.request({
+      hostname: url.hostname,
+      port: url.port || (url.protocol === "https:" ? 443 : 80),
+      path: url.pathname,
+      method,
+      timeout: 120000,
+      headers: {
+        "Content-Type": "application/json",
+        ...(GPU_KEY ? { "Authorization": `Bearer ${GPU_KEY}` } : {}),
+        ...(bodyStr ? { "Content-Length": Buffer.byteLength(bodyStr) } : {}),
+      },
+    }, (res) => {
+      let data = "";
+      res.on("data", (c) => { data += c; });
+      res.on("end", () => { try { resolve(JSON.parse(data)); } catch { resolve({ raw: data }); } });
+    });
+    req.on("error", reject);
+    req.on("timeout", () => { req.destroy(); reject(new Error("Inference timeout")); });
+    if (bodyStr) req.write(bodyStr);
+    req.end();
+  });
+}
+
+module.exports = routes;

package/src/agent/agent-engine.js

@@ -250,7 +250,7 @@ const TOOL_DEFINITIONS = [
     type: "function",
     function: {
       name: "run_db_fix",
-      description: "Run a write query on a SQLite database to fix data issues: UPDATE invalid entries, DELETE corrupt rows, ALTER schema. Creates a backup first.",
+      description: "Run a write query on a SQLite database to fix data issues. IMPORTANT: Always use inspect_db FIRST to see the current state before writing. This tool auto-snapshots affected rows before and after the write. Creates a backup. Returns before/after state so you can verify the fix is correct.",
       parameters: {
         type: "object",
         properties: {
@@ -448,6 +448,15 @@ class AgentEngine {
       const assistantMessage = choice.message || choice;
       this.messages.push(assistantMessage);
 
+      // Parse Gemma-style text tool calls: "call:tool_name{json_args}" → structured tool_calls
+      if ((!assistantMessage.tool_calls || assistantMessage.tool_calls.length === 0) && assistantMessage.content) {
+        const parsed = _parseTextToolCalls(assistantMessage.content);
+        if (parsed.length > 0) {
+          assistantMessage.tool_calls = parsed;
+          console.log(chalk.gray(`  🔧 Parsed ${parsed.length} tool call(s) from text output`));
+        }
+      }
+
       if (!assistantMessage.tool_calls || assistantMessage.tool_calls.length === 0) {
         if (assistantMessage.content) {
           console.log(chalk.gray(`  💬 ${(assistantMessage.content || "").slice(0, 200)}`));
@@ -944,15 +953,60 @@ class AgentEngine {
       if (upper.startsWith("DROP DATABASE") || upper.includes("DROP TABLE sqlite_")) {
         return { content: "BLOCKED: Cannot drop system tables" };
       }
+
       // Backup the DB file first
       const backupPath = dbPath + ".wolverine-backup";
       fs.copyFileSync(dbPath, backupPath);
+
       const db = new Database(dbPath);
+
+      // SAFETY: Snapshot affected rows BEFORE the write
+      // Extract table name and WHERE clause to SELECT the rows that will change
+      let beforeSnapshot = "";
+      try {
+        const tableMatch = upper.match(/(?:UPDATE|DELETE\s+FROM|INSERT\s+INTO)\s+(\w+)/i);
+        const whereMatch = args.sql.match(/WHERE\s+(.+?)(?:;|$)/i);
+        if (tableMatch) {
+          const table = tableMatch[1];
+          const whereClause = whereMatch ? `WHERE ${whereMatch[1]}` : "";
+          const selectSql = `SELECT * FROM ${table} ${whereClause} LIMIT 20`;
+          try {
+            const before = db.prepare(selectSql).all();
+            if (before.length > 0) {
+              beforeSnapshot = `\n\nBEFORE STATE (${before.length} rows affected):\n${JSON.stringify(before, null, 2).slice(0, 2000)}`;
+              console.log(chalk.gray(`    🗃️ Snapshot: ${before.length} rows from ${table} ${whereClause ? whereClause.slice(0, 40) : "(all)"}`));
+            }
+          } catch { /* SELECT failed, might be INSERT into new table — that's fine */ }
+        }
+      } catch { /* snapshot failed, proceed with caution */ }
+
+      // Execute the fix
       const result = db.prepare(args.sql).run();
+
+      // SAFETY: Snapshot AFTER to show what changed
+      let afterSnapshot = "";
+      try {
+        const tableMatch = upper.match(/(?:UPDATE|DELETE\s+FROM|INSERT\s+INTO)\s+(\w+)/i);
+        const whereMatch = args.sql.match(/WHERE\s+(.+?)(?:;|$)/i);
+        if (tableMatch) {
+          const table = tableMatch[1];
+          const whereClause = whereMatch ? `WHERE ${whereMatch[1]}` : "";
+          const selectSql = `SELECT * FROM ${table} ${whereClause} LIMIT 20`;
+          try {
+            const after = db.prepare(selectSql).all();
+            afterSnapshot = `\n\nAFTER STATE (${after.length} rows):\n${JSON.stringify(after, null, 2).slice(0, 2000)}`;
+          } catch {}
+        }
+      } catch {}
+
       db.close();
       this.filesModified.push(args.db_path);
+
+      const summary = `SQL executed. Changes: ${result.changes}. Backup at: ${backupPath}${beforeSnapshot}${afterSnapshot}`;
       console.log(chalk.green(`    🗃️ DB fix applied: ${args.sql.slice(0, 60)} (changes: ${result.changes})`));
-      return { content: `SQL executed. Changes: ${result.changes}. Backup at: ${backupPath}` };
+      if (beforeSnapshot) console.log(chalk.gray(`    🗃️ Before/after snapshot captured for audit`));
+
+      return { content: summary };
     } catch (e) { return { content: `DB error: ${e.message}` }; }
   }
 
@@ -1085,14 +1139,23 @@ FAST FIXES (act immediately, don't investigate):
 - Missing env var → check_env → report it → done
 
 INVESTIGATION (only when cause is unclear):
-- Database error → inspect_db then run_db_fix
+- Database error → inspect_db FIRST to see current state → understand what went wrong → run_db_fix with targeted fix
 - Unknown errors → grep_code, list_dir to find root cause
 
+DATABASE SAFETY:
+- ALWAYS inspect_db before run_db_fix — never write blind
+- run_db_fix auto-snapshots affected rows before/after — check the response to verify your fix
+- For bad data: understand WHY the data is wrong before changing it
+- For NaN/null errors: check if the data was corrupted or if the code should handle it
+- Prefer fixing code to handle edge cases over modifying production data
+- A database backup is created automatically before every write
+
 RULES:
 1. Fix on turn 1-2 when possible. Investigation is a last resort.
 2. For ENOENT config files: read the code that requires the file, then create it with the expected structure.
 3. bash_exec for operational fixes, edit_file for code, write_file for missing files, run_db_fix for data
-4. Always call done with summary when finished — never end without calling done.
+4. For database errors: inspect first, fix data only when code can't reasonably handle the edge case
+5. Always call done with summary when finished — never end without calling done.
 ${primaryFile ? `\nFile: ${primaryFile}` : ""}
 Project: ${cwd}`;
 }
@@ -1223,4 +1286,50 @@ function _runPostHook(toolName, toolInput, toolOutput, isError, cwd) {
   } catch {}
 }
 
+/**
+ * Parse Gemma-style text tool calls into OpenAI tool_calls format.
+ * Gemma outputs: "call:tool_name{json_args}" or "<|tool_call>call:tool_name{args}<tool_call|>"
+ * We convert to: [{ id, type: "function", function: { name, arguments } }]
+ */
+function _parseTextToolCalls(content) {
+  if (!content) return [];
+  const calls = [];
+  // Match patterns: call:name{args} or call:name{"key":"val"}
+  const patterns = [
+    /call:(\w+)\{([^}]*(?:\{[^}]*\}[^}]*)*)\}/g,  // call:name{args with nested braces}
+    /call:(\w+)\(([^)]*)\)/g,                        // call:name(args)
+  ];
+  for (const regex of patterns) {
+    let match;
+    while ((match = regex.exec(content)) !== null) {
+      const name = match[1];
+      let argsStr = match[2];
+      // Try to parse as JSON, otherwise build from key:value pairs
+      let args;
+      try {
+        // Clean up Gemma's quoting: path:"value" → "path":"value"
+        const cleaned = argsStr.replace(/(\w+)\s*:\s*/g, '"$1":').replace(/<\|"\|>/g, '"');
+        args = JSON.parse("{" + cleaned + "}");
+      } catch {
+        try { args = JSON.parse(argsStr); } catch {
+          // Last resort: treat as single string argument for the most common param
+          const paramGuess = argsStr.replace(/['"<|>]/g, "").trim();
+          if (name === "read_file" || name === "glob_files") args = { path: paramGuess };
+          else if (name === "grep_code") args = { pattern: paramGuess };
+          else if (name === "bash_exec") args = { command: paramGuess };
+          else if (name === "write_file") args = { path: paramGuess, content: "" };
+          else args = { input: paramGuess };
+        }
+      }
+      calls.push({
+        id: "call_" + Date.now().toString(36) + "_" + calls.length,
+        type: "function",
+        function: { name, arguments: JSON.stringify(args) },
+      });
+    }
+    if (calls.length > 0) break; // use first matching pattern
+  }
+  return calls;
+}
+
 module.exports = { AgentEngine, TOOL_DEFINITIONS, BLOCKED_COMMANDS };

package/src/brain/brain.js

@@ -218,7 +218,7 @@ const SEED_DOCS = [
     metadata: { topic: "error-monitor" },
   },
   {
-    text: "Agent tool details: read_file supports offset/limit for large files. edit_file does surgical find-and-replace (preferred for small fixes). glob_files discovers files by pattern (**/*.js). grep_code does regex search with context lines. list_dir shows directory contents with file sizes. move_file relocates/renames files. bash_exec runs shell commands (30s default timeout, 60s hard cap, dangerous commands blocked: rm -rf /, git push --force, npm publish). inspect_db reads SQLite: action=tables (list), action=schema (CREATE statements), action=query (SELECT/PRAGMA only). run_db_fix writes SQLite: UPDATE/DELETE/INSERT/ALTER, auto-backs up db file first. check_port finds what process is using a port (netstat/lsof). check_env lists environment variables with values redacted. audit_deps runs full npm health check (vulnerabilities, outdated, peer deps, unused, lock file). check_migration returns known upgrade paths with before/after code patterns. web_fetch retrieves URL content.",
+    text: "Agent tool details: read_file supports offset/limit for large files. edit_file does surgical find-and-replace (preferred for small fixes). glob_files discovers files by pattern (**/*.js). grep_code does regex search with context lines. list_dir shows directory contents with file sizes. move_file relocates/renames files. bash_exec runs shell commands (30s default timeout, 60s hard cap, dangerous commands blocked: rm -rf /, git push --force, npm publish). inspect_db reads SQLite: action=tables (list), action=schema (CREATE statements), action=query (SELECT/PRAGMA only). run_db_fix writes SQLite with SAFETY: auto-snapshots affected rows BEFORE write (SELECT WHERE matching the UPDATE/DELETE), executes the fix, snapshots AFTER, returns before/after comparison so agent can verify. Always backs up the DB file. Agent MUST inspect_db before run_db_fix — never write blind. For NaN/null data errors: prefer fixing code to handle edge cases over modifying production data. check_port finds what process is using a port (netstat/lsof). check_env lists environment variables with values redacted. audit_deps runs full npm health check. check_migration returns known upgrade paths. web_fetch retrieves URL content.",
     metadata: { topic: "agent-tools-detail" },
   },
   {

package/src/brain/embedder.js

@@ -115,7 +115,7 @@ async function compact(text) {
     systemPrompt: "Compress the following text into a dense, semantically rich summary. Keep all technical terms, function names, file paths, and error messages. Remove filler words. Output ONLY the compressed text, nothing else.",
     userPrompt: text,
     maxTokens: 256,
-    category: "brain",
+    category: "compacting",
   });
 
   return result.content || text;

package/src/brain/function-map.js

@@ -17,7 +17,7 @@ const path = require("path");
  * - Config files (.env, .json, .yaml)
  */
 
-const SKIP_DIRS = new Set(["node_modules", ".wolverine", ".git", "dist", "build", "coverage", "src", "bin", "tests"]);
+const SKIP_DIRS = new Set(["node_modules", ".wolverine", ".git", "dist", "build", "coverage", "src", "bin", "tests", "examples", "public", "static", "assets", "__tests__", ".next", ".nuxt"]);
 const CODE_EXTENSIONS = new Set([".js", ".ts", ".mjs", ".cjs", ".jsx", ".tsx"]);
 const CONFIG_EXTENSIONS = new Set([".json", ".yaml", ".yml", ".toml", ".env"]);
 
@@ -52,6 +52,11 @@ function scanProject(projectRoot) {
   // Recursive scan
   _scanDir(root, root, map);
 
+  // Cap collections to prevent memory bloat on large projects
+  if (map.functions.length > 500) map.functions = map.functions.slice(0, 500);
+  if (map.classes.length > 200) map.classes = map.classes.slice(0, 200);
+  if (map.exports.length > 300) map.exports = map.exports.slice(0, 300);
+
   // Build summary
   map.summary = _buildSummary(map);
 
@@ -88,12 +93,21 @@ function _scanDir(dir, root, map) {
 
     map.files.push({ path: relPath, type: "code" });
 
+    // Skip large/minified files — they bloat memory and aren't useful for repair context
+    let stat;
+    try { stat = fs.statSync(fullPath); } catch { continue; }
+    if (stat.size > 100000) continue; // Skip files > 100KB (bundles, minified, generated)
+
     // Parse the file for patterns
     let content;
     try {
       content = fs.readFileSync(fullPath, "utf-8");
     } catch { continue; }
 
+    // Skip minified code (avg line length > 200 chars = likely minified)
+    const lines = content.split("\n");
+    if (lines.length > 0 && content.length / lines.length > 200) continue;
+
     _extractRoutes(content, relPath, map);
     _extractExports(content, relPath, map);
     _extractFunctions(content, relPath, map);

package/src/core/ai-client.js

@@ -5,6 +5,7 @@ const { getModel, detectProvider } = require("./models");
 
 let _openaiClient = null;
 let _anthropicClient = null;
+let _wolverineClient = null;
 let _tracker = null;
 
 function setTokenTracker(tracker) { _tracker = tracker; }
@@ -35,9 +36,24 @@ function _track(model, category, usage, tool, latencyMs, success) {
 
 function getClient(provider) {
   if (provider === "anthropic") return _getAnthropicClient();
+  if (provider === "wolverine") return _getWolverineClient();
   return _getOpenAIClient();
 }
 
+function _getWolverineClient() {
+  if (!_wolverineClient) {
+    // Wolverine inference: direct to GPU or via proxy
+    // WOLVERINE_GPU_KEY = internal key for direct GPU access (llama.cpp --api-key)
+    // WOLVERINE_API_KEY = user key for billed proxy access (api.wolverinenode.xyz)
+    const baseURL = process.env.WOLVERINE_INFERENCE_URL
+      ? process.env.WOLVERINE_INFERENCE_URL + "/v1"
+      : "https://api.wolverinenode.xyz/v1";
+    const apiKey = process.env.WOLVERINE_GPU_KEY || process.env.WOLVERINE_API_KEY || "none";
+    _wolverineClient = new OpenAI({ apiKey, baseURL });
+  }
+  return _wolverineClient;
+}
+
 function _getOpenAIClient() {
   if (!_openaiClient) {
     const apiKey = process.env.OPENAI_API_KEY;
@@ -65,6 +81,7 @@ function isReasoningModel(model) {
 }
 
 function isAnthropicModel(model) { return detectProvider(model) === "anthropic"; }
+function isWolverineModel(model) { return detectProvider(model) === "wolverine"; }
 
 /**
  * Per-model max output token limits (with 10% overestimation buffer).
@@ -176,6 +193,8 @@ async function aiCall({ model, systemPrompt, userPrompt, maxTokens = 2048, tools
   try {
     if (provider === "anthropic") {
       result = await _anthropicCall({ model, systemPrompt, userPrompt, maxTokens, tools, toolChoice });
+    } else if (provider === "wolverine") {
+      result = await _chatCall(_getWolverineClient(), { model, systemPrompt, userPrompt, maxTokens, tools, toolChoice });
     } else if (isResponsesModel(model)) {
       result = await _responsesCall(_getOpenAIClient(), { model, systemPrompt, userPrompt, maxTokens, tools });
     } else {
@@ -200,6 +219,8 @@ async function aiCallWithHistory({ model, messages, tools, maxTokens = 4096, cat
   try {
     if (provider === "anthropic") {
       result = await _anthropicCallWithHistory({ model, messages, tools, maxTokens });
+    } else if (provider === "wolverine") {
+      result = await _chatCallWithHistory(_getWolverineClient(), { model, messages, tools, maxTokens });
     } else if (isResponsesModel(model)) {
       result = await _responsesCallWithHistory(_getOpenAIClient(), { model, messages, tools, maxTokens });
     } else {
@@ -573,7 +594,7 @@ ${backupSourceCode ? `## Last Known Working Version\n\`\`\`javascript\n${backupS
 "changes" is for code edits (optional, use for actual code fixes).
 Include both if needed, or just one.`;
 
-  const result = await aiCall({ model, systemPrompt, userPrompt, maxTokens: 2048, category: "heal" });
+  const result = await aiCall({ model, systemPrompt, userPrompt, maxTokens: 2048, category: "coding" });
   const content = result.content;
   const cleaned = content.replace(/^```(?:json)?\n?/, "").replace(/\n?```$/, "");
 

package/src/core/error-parser.js

@@ -97,11 +97,11 @@ function classifyError(errorMessage, fullStderr) {
   const full = (fullStderr || "").toLowerCase();
 
   // Missing npm package: Cannot find module 'cors' (not a relative path)
-  if (/cannot find module '(?![./\\])/.test(msg) || /module_not_found/.test(full)) {
+  if (/cannot find module ['"](?![./\\])/.test(msg) || /module_not_found/.test(full)) {
     return "missing_module";
   }
   // Missing local file: Cannot find module './routes/api'
-  if (/cannot find module '[./\\]/.test(msg) || /enoent/.test(msg)) {
+  if (/cannot find module ['"][./\\]/.test(msg) || /enoent/.test(msg)) {
     return "missing_file";
   }
   // Permission denied

package/src/core/models.js

@@ -15,7 +15,14 @@
  */
 function detectProvider(model) {
   if (!model) return "openai";
-  if (/^claude/i.test(model)) return "anthropic";
+  if (/^wolverine/i.test(model) || /^gemma/i.test(model)) return "wolverine";
+  if (/^claude/i.test(model) || /^anthropic/i.test(model)) return "anthropic";
+  if (/^gemini/i.test(model) || /^google/i.test(model)) return "google";
+  if (/^mistral/i.test(model) || /^codestral/i.test(model) || /^pixtral/i.test(model)) return "mistral";
+  if (/^llama/i.test(model) || /^meta/i.test(model)) return "meta";
+  if (/^deepseek/i.test(model)) return "deepseek";
+  if (/^command/i.test(model) || /^cohere/i.test(model)) return "cohere";
+  // Default: OpenAI (gpt-*, o1-*, o3-*, o4-*, codex-*, text-embedding-*, dall-e-*, etc.)
   return "openai";
 }