ata-coder 2.4.9__tar.gz → 2.5.0__tar.gz

{ata_coder-2.4.9/ata_coder.egg-info → ata_coder-2.5.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ata-coder
-Version: 2.4.9
+Version: 2.5.0
 Summary: ATA Coder — AI-powered coding assistant
 Author: ATA Coder Team
 License-Expression: MIT

{ata_coder-2.4.9 → ata_coder-2.5.0}/agent.py

@@ -319,14 +319,17 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
             raise
         except Exception as e:
             logger.critical("Agent fatal error: %s", e, exc_info=True)
-            self._emit(ErrorEvent(f"Fatal error: {e}"))
-            return f"Error: {e}"
+            # Sanitize — full details are in the log; never leak exception
+            # messages (which may contain paths / keys) to the caller.
+            self._emit(ErrorEvent("An unexpected error occurred. Check logs for details."))
+            return "An unexpected error occurred. Please check the logs for details."
         finally:
             self._state.phase = AgentPhase.SHUTDOWN
             # Auto-save session after every task (best-effort, never crashes)
             self._auto_save_session()
-            # Always deactivate skill after task — prevents state leak
-            if self.skills:
+            # Deactivate skill only for fresh-context runs; persistent
+            # (reset_context=False) sessions keep their skill active.
+            if self.skills and reset_context:
                 self.skills.deactivate()
 
     async def _run_loop(self, task: str, stream: bool = True) -> str:
@@ -445,7 +448,7 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
                 self._append_message(assistant_msg)
                 for tc, result in zip(tool_calls, results, strict=True):
                     self._warn_if_large_result(result, tc["function"]["name"])
-                    self._store_tool_result(result, tc["id"])
+                    self._store_tool_result(result, tc["id"], tool_name=tc["function"]["name"])
             else:
                 # Clawd: one PreToolUse for the batch (not per-tool)
                 get_clawd().tool_use(
@@ -470,7 +473,7 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
                     assistant_msg["reasoning_content"] = response["reasoning_content"]
                 self._append_message(assistant_msg)
                 for tc, result in zip(tool_calls, batch_results, strict=True):
-                    self._store_tool_result(result, tc["id"])
+                    self._store_tool_result(result, tc["id"], tool_name=tc["function"]["name"])
 
                 # Clawd: one PostToolUse for the serial batch
                 all_ok = all(r.success for r in batch_results)
@@ -584,6 +587,7 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
         Mirrors the main run() loop: skill tool filtering, token compaction,
         consecutive-failure detection, and circuit breaker.
         """
+        self._state.phase = AgentPhase.THINKING
         self._append_message({"role": "user", "content": message})
 
         SAFETY_LIMIT = 999  # circuit breaker
@@ -626,9 +630,11 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
             text = response.get("content", "")
 
             if not tool_calls:
+                self._state.phase = AgentPhase.COMPLETED
                 return text or "Done."
 
             # Execute tool calls (serial for safety in follow-up context)
+            self._state.phase = AgentPhase.TOOL_EXECUTING
             batch_results: list[ToolResult] = []
             for tc in tool_calls:
                 self._state.tool_call_count += 1
@@ -642,12 +648,17 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
                 batch_results.append(result)
                 self._warn_if_large_result(result, tool_name)
 
-                self._append_message({
-                    "role": "assistant",
-                    "content": text or None,
-                    "tool_calls": [tc],
-                })
-                self._store_tool_result(result, tc["id"])
+            # Append ONE assistant message with ALL tool_calls (API protocol)
+            assistant_msg: dict[str, Any] = {
+                "role": "assistant", "content": text or None, "tool_calls": tool_calls,
+            }
+            if response.get("reasoning_content"):
+                assistant_msg["reasoning_content"] = response["reasoning_content"]
+            self._append_message(assistant_msg)
+            for tc, result in zip(tool_calls, batch_results, strict=True):
+                self._store_tool_result(result, tc["id"], tool_name=tc["function"]["name"])
+
+            self._state.phase = AgentPhase.THINKING  # ready for next LLM turn
 
             # ── Consecutive failure detection ───────────────────────────
             if batch_results and not any(r.success for r in batch_results):
@@ -663,6 +674,7 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
             else:
                 _consecutive_failures = 0
 
+        self._state.phase = AgentPhase.COMPLETED
         return text or "Done."
 
     # ── Tool filtering → agent_tools.py (ToolExecutionMixin)
@@ -681,7 +693,10 @@ class CoderAgent(CompactionMixin, ToolExecutionMixin,
         """
         # Refresh model name on each build (may have changed via /model)
         self._prompt_builder.model = self.config.llm.model
-        return self._prompt_builder.build(TOOL_DEFINITIONS, user_input=user_input)
+        prompt = self._prompt_builder.build(TOOL_DEFINITIONS, user_input=user_input)
+        # Trigger extension point: on_system_prompt_build
+        self._ep_on_system_prompt.trigger(prompt=prompt, task=user_input)
+        return prompt
 
     # ── Memory commands ───────────────────────────────────────────────────
 

{ata_coder-2.4.9 → ata_coder-2.5.0}/agent_compact.py

@@ -73,7 +73,7 @@ class CompactionMixin:
 
         cm.replace_all(truncated)
         self._cached_system_prompt = None  # system msg may have shifted
-        self._state.messages = cm.messages  # sync for backward compat
+        self._state.messages = list(cm.messages)  # sync for backward compat (copy — avoid shared ref)
 
         new_tokens = cm.token_total
         logger.info("Compacted: %d→%d msgs, ~%d→%d tokens (files: %d, tools: %d)",
@@ -95,7 +95,7 @@ class CompactionMixin:
         truncated, result = cm.build_truncated_list()
         cm.replace_all(truncated)
         self._cached_system_prompt = None
-        self._state.messages = cm.messages  # sync
+        self._state.messages = list(cm.messages)  # sync (copy — avoid shared ref)
         logger.warning("Force-truncated: %d → %d messages (~%d tokens kept)",
                        result.old_count, result.new_count, result.new_tokens)
 

{ata_coder-2.4.9 → ata_coder-2.5.0}/agent_controller.py

@@ -163,8 +163,10 @@ class AgentController:
                 raise
             except Exception as e:
                 logger.exception("Agent task failed")
+                # Sanitize — full details are in the log; never leak exception
+                # messages to the event stream.
                 await self.event_queue.put(
-                    ErrorEvent(f"Agent error: {e}")
+                    ErrorEvent("An unexpected error occurred. Check logs for details.")
                 )
                 await self.event_queue.put(
                     CompleteEvent(

{ata_coder-2.4.9 → ata_coder-2.5.0}/agent_routing.py

@@ -75,7 +75,7 @@ class ModelRoutingMixin:
             s = get_settings()
             simple_max = s.get("complexity", "simple_max_chars", default=60)
             complex_min = s.get("complexity", "complex_min_chars", default=500)
-        except Exception:
+        except (ImportError, AttributeError, KeyError):
             simple_max, complex_min = 60, 500  # fallback defaults
 
         if task_len <= simple_max:

{ata_coder-2.4.9 → ata_coder-2.5.0}/agent_tools.py

@@ -123,7 +123,6 @@ class ToolExecutionMixin:
             if diagnosis and diagnosis.retry_strategy == "auto_fix":
                 fixed_args = self.self_correct.suggest_fix(tool_name, arguments, diagnosis, error_message=result.error)
                 if fixed_args and fixed_args != arguments:
-                    self._emit(ToolResultEvent(tool_name, result, source="builtin", arguments=arguments))
                     logger.info("Auto-correcting: %s (was: %s)", diagnosis.fix_suggestion[:80], result.error[:80])
                     # Retry with fixed args THROUGH the full safety pipeline
                     self._self_correct_depth += 1
@@ -157,6 +156,8 @@ class ToolExecutionMixin:
             name = tc["function"]["name"]
             if name == "run_shell":
                 return False  # Shell commands have side effects, serialize
+            if name.startswith("mcp__"):
+                return False  # MCP tools may have arbitrary side effects
             if name in ("write_file", "edit_file"):
                 if pre_parsed and i in pre_parsed:
                     fp = pre_parsed[i].get("file_path", "")
@@ -248,12 +249,16 @@ class ToolExecutionMixin:
             return json.dumps(mcp_result)
         return str(mcp_result)
 
-    def _store_tool_result(self, result: ToolResult, tool_call_id: str) -> None:
+    def _store_tool_result(self, result: ToolResult, tool_call_id: str,
+                           tool_name: str = "") -> None:
         """Truncate tool output and append to message history.
 
         Full output is available during execution, but only a capped version
         is stored for future LLM turns to prevent context bloat.
         """
+        # Trigger extension point: on_tool_result
+        if tool_name:
+            self._ep_on_tool_result.trigger(tool_name=tool_name, result=result)
         cap = self.config.agent.max_message_output_chars
         content = result.to_message()
         if len(content) > cap:
@@ -262,11 +267,13 @@ class ToolExecutionMixin:
                 + f"\n\n... [truncated {len(content) - cap:,} chars "
                 + f"from {result.output.count(chr(10)) + 1} lines]"
             )
-        self._state.messages.append({
+        tool_msg = {
             "role": "tool",
             "tool_call_id": tool_call_id,
             "content": content,
-        })
+        }
+        self._state.messages.append(tool_msg)
+        self._context_manager.append(tool_msg)  # keep CM token tracking in sync
 
     @staticmethod
     def _warn_if_large_result(result: ToolResult, tool_name: str) -> None:
@@ -297,10 +304,13 @@ class ToolExecutionMixin:
         # Check file cache first (populated by _tool_read_file)
         # Cache format: (mtime, cached_at, content) — 3-tuple with LRU timestamp
         cache_key = str(p.resolve())
-        if cache_key in self.tools._file_cache:
-            cached_mtime, _, cached_content = self.tools._file_cache[cache_key]
-            if cached_mtime == p.stat().st_mtime:
-                return cached_content
+        try:
+            if cache_key in self.tools._file_cache:
+                cached_mtime, _, cached_content = self.tools._file_cache[cache_key]
+                if cached_mtime == p.stat().st_mtime:
+                    return cached_content
+        except (ValueError, KeyError):
+            pass  # cache format changed — fall through to disk read
 
         try:
             # Safety: skip files > 50MB to avoid OOM

{ata_coder-2.4.9 → ata_coder-2.5.0}/anthropic_client.py

@@ -72,9 +72,9 @@ class AnthropicClient(BaseLLMClient):
             "x-api-key": self.config.api_key,
             "Content-Type": "application/json",
         }
-        # Native Anthropic requires this header; proxies may ignore it
-        if os.getenv("ANTHROPIC_VERSION"):
-            self._headers["anthropic-version"] = os.getenv("ANTHROPIC_VERSION")
+        # Native Anthropic requires this header (default: 2023-06-01).
+        # Proxies may ignore it; override via ANTHROPIC_VERSION env var.
+        self._headers["anthropic-version"] = os.getenv("ANTHROPIC_VERSION", "2023-06-01")
 
         self._client = httpx.AsyncClient(
             timeout=httpx.Timeout(300.0, connect=30.0),
@@ -263,6 +263,8 @@ class AnthropicClient(BaseLLMClient):
                 )
 
             tool_buf: dict[int, dict] = {}
+            prompt_tokens = 0
+            completion_tokens = 0
             async for line in resp.aiter_lines():
                 if not line or not line.startswith("data: "):
                     continue
@@ -278,6 +280,17 @@ class AnthropicClient(BaseLLMClient):
                 delta = event.get("delta", {})
                 idx = event.get("index", 0)
 
+                # Track usage from streaming events (Anthropic protocol)
+                if evt_type == "message_start":
+                    msg = event.get("message", {})
+                    usage = msg.get("usage", {})
+                    if usage.get("input_tokens"):
+                        prompt_tokens = usage["input_tokens"]
+                elif evt_type == "message_delta":
+                    usage = delta.get("usage", {})
+                    if usage.get("output_tokens"):
+                        completion_tokens = usage["output_tokens"]
+
                 if evt_type == "content_block_delta":
                     dt = delta.get("type", "")
                     if dt == "text_delta":
@@ -297,6 +310,18 @@ class AnthropicClient(BaseLLMClient):
                 elif evt_type == "message_stop":
                     yield ("finish", "end_turn")
 
+            # Update token counters with streamed usage data
+            if prompt_tokens:
+                self._total_prompt_tokens += prompt_tokens
+                self.last_exact_prompt_tokens = prompt_tokens
+            if completion_tokens:
+                self._total_completion_tokens += completion_tokens
+            if self._usage_callback and (prompt_tokens or completion_tokens):
+                self._usage_callback(
+                    prompt_tokens=prompt_tokens,
+                    completion_tokens=completion_tokens,
+                )
+
             # Yield tool calls
             for idx in sorted(tool_buf.keys()):
                 buf = tool_buf[idx]
@@ -345,7 +370,11 @@ class AnthropicClient(BaseLLMClient):
             elif ch in (']', '}'):
                 if stack and stack[-1] == ch:
                     stack.pop()
-        return text + ''.join(reversed(stack))
+        # Close any unterminated string before balancing brackets
+        result = text
+        if in_string and not escape:
+            result += '"'
+        return result + ''.join(reversed(stack))
 
     def _apply_thinking(self, body: dict) -> None:
         """Apply thinking/reasoning_effort — provider-agnostic.
@@ -431,18 +460,18 @@ class AnthropicClient(BaseLLMClient):
         out = usage.get("output_tokens", 0)
         if inp:
             self.last_exact_prompt_tokens = inp
-        else:
-            # Fallback: use estimated counts from the response text
+        if out:
+            # Only estimate output tokens when API doesn't provide them;
+            # never estimate prompt tokens from output text.
+            pass
+        elif texts:
             from .token_counter import _cjk_estimate
             out_text = "\n".join(texts)
-            inp = max(1, self.count_tokens_approx(
-                [{"role": "user", "content": out_text}]
-            ))
-            out = max(1, _cjk_estimate(out_text) or out_text and len(out_text) // 4 or 1)
+            out = max(1, _cjk_estimate(out_text))
         self._total_prompt_tokens += inp
-        self._total_completion_tokens += out or 1
+        self._total_completion_tokens += out
         if self._usage_callback:
-            self._usage_callback(inp, out or 1)
+            self._usage_callback(inp, out)
 
         return result
 

{ata_coder-2.4.9 → ata_coder-2.5.0/ata_coder.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ata-coder
-Version: 2.4.9
+Version: 2.5.0
 Summary: ATA Coder — AI-powered coding assistant
 Author: ATA Coder Team
 License-Expression: MIT

{ata_coder-2.4.9 → ata_coder-2.5.0}/ata_coder.egg-info/SOURCES.txt

@@ -9,7 +9,6 @@ agent_extension.py
 agent_routing.py
 agent_subsystems.py
 agent_tools.py
-agent_undo.py
 anthropic_client.py
 change_tracker.py
 clawd_integration.py
@@ -62,7 +61,6 @@ utils.py
 ./agent_routing.py
 ./agent_subsystems.py
 ./agent_tools.py
-./agent_undo.py
 ./anthropic_client.py
 ./change_tracker.py
 ./clawd_integration.py
@@ -156,7 +154,6 @@ utils.py
 ./tools/__init__.py
 ./tools/definitions.py
 ./tools/executor.py
-./tools/file_ops.py
 ./tools/result.py
 ./tools/strategy.py
 ./tools/subagent.py
@@ -241,7 +238,6 @@ tests/test_tools.py
 tools/__init__.py
 tools/definitions.py
 tools/executor.py
-tools/file_ops.py
 tools/result.py
 tools/strategy.py
 tools/subagent.py

{ata_coder-2.4.9 → ata_coder-2.5.0}/change_tracker.py

@@ -109,6 +109,7 @@ class ChangeTracker:
         self._backups: dict[str, str] = {}
         self._dry_run = False
         self._last_active: int = -1
+        self.workspace: Path | None = None  # set by agent for workspace boundary checks
 
     # ── Dry run toggle ───────────────────────────────────────────────────
 
@@ -245,6 +246,13 @@ class ChangeTracker:
     def _apply_revert(self, c: FileChange) -> None:
         """Apply revert for a single change."""
         path = Path(c.file_path)
+        # Safety: skip paths outside the workspace (defense in depth)
+        if self.workspace is not None:
+            try:
+                path.resolve().relative_to(self.workspace.resolve())
+            except ValueError:
+                logger.warning("Skipping undo outside workspace: %s", c.file_path)
+                return
         if c.change_type == ChangeType.WRITE:
             if c.old_content is None:
                 if path.exists():

{ata_coder-2.4.9 → ata_coder-2.5.0}/config.py

@@ -273,7 +273,7 @@ def _settings_base_url() -> str:
 
 
 def _settings_default_model() -> str:
-    return _from_settings("default_model", "deepseek-chat")
+    return _from_settings("default_model", "deepseek-v4-pro")
 
 
 def _settings_max_output_tokens() -> int:

{ata_coder-2.4.9 → ata_coder-2.5.0}/core/queue.py

@@ -42,7 +42,7 @@ class EventQueue:
     async def get(self, timeout: Optional[float] = None) -> Optional[Any]:
         """Get one event, blocking with optional timeout."""
         try:
-            if timeout:
+            if timeout is not None:
                 event = await asyncio.wait_for(self._queue.get(), timeout=timeout)
             else:
                 event = await self._queue.get()

{ata_coder-2.4.9 → ata_coder-2.5.0}/extension.py

@@ -262,6 +262,7 @@ class ExtensionManager:
     def __init__(self):
         self._extensions: dict[str, Extension] = {}
         self._active: set[str] = set()
+        self._activating: set[str] = set()  # cycle detection stack
         self._loaded_dirs: list[Path] = []
         self._lock = threading.Lock()  # protects _extensions, _active, _loaded_dirs
 
@@ -358,25 +359,38 @@ class ExtensionManager:
                 return False
             if name in self._active:
                 return True  # already active
+            # Cycle detection — detect circular dependencies
+            if name in self._activating:
+                logger.error(
+                    "Circular dependency detected: %s is already being activated. "
+                    "Active path: %s",
+                    name, ", ".join(self._activating),
+                )
+                return False
+            self._activating.add(name)
             deps = list(ext.meta.dependencies)
 
-        # Activate dependencies (try raw name first, then skill: prefix)
-        for dep in deps:
-            if dep not in self._active:
-                if not self.activate(dep):
-                    self.activate(f"skill:{dep}")
-
-        # on_activate 在锁外调用，避免死锁
         try:
-            ext.on_activate()
-        except Exception:
-            logger.exception("Extension %r on_activate failed", name)
-            return False
+            # Activate dependencies (try raw name first, then skill: prefix)
+            for dep in deps:
+                if dep not in self._active:
+                    if not self.activate(dep):
+                        self.activate(f"skill:{dep}")
 
-        with self._lock:
-            self._active.add(name)
-        logger.debug("Extension activated: %s", name)
-        return True
+            # on_activate 在锁外调用，避免死锁
+            try:
+                ext.on_activate()
+            except Exception:
+                logger.exception("Extension %r on_activate failed", name)
+                return False
+
+            with self._lock:
+                self._active.add(name)
+            logger.debug("Extension activated: %s", name)
+            return True
+        finally:
+            with self._lock:
+                self._activating.discard(name)
 
     def deactivate(self, name: str) -> bool:
         """停用一个扩展（线程安全）。"""

{ata_coder-2.4.9 → ata_coder-2.5.0}/fool_proof.py

@@ -126,6 +126,13 @@ class FoolProofEngine:
             self._blocks += 1
             return check
 
+        # 1b. Typing confirmation (safety guard flagged requires_typing)
+        if safety.requires_typing:
+            check.action = ActionRequired.WARN_CONFIRM
+            check.confirm_message = safety.reason or "Type 'YES' to confirm this operation."
+            check.requires_typing = True
+            return check
+
         # 2. Read tools — always safe
         if category == "read":
             check.allowed = True

{ata_coder-2.4.9 → ata_coder-2.5.0}/git_workflow.py

@@ -221,10 +221,11 @@ class GitWorkflow:
         if code != 0:
             return False, err
 
-        # Check for secrets in staged changes
+        # Check for secrets in staged changes — block the commit
         secret_check = self._check_secrets()
         if secret_check:
-            logger.warning("Potential secrets in commit: %s", secret_check)
+            logger.error("Potential secrets in commit — blocked: %s", secret_check)
+            return False, f"Secret detection blocked commit:\n{secret_check}\n\nUse --force to override."
 
         # Generate commit message if not provided
         if not message:

{ata_coder-2.4.9 → ata_coder-2.5.0}/llm_client.py

@@ -424,19 +424,18 @@ class LLMClient(BaseLLMClient):
         for attempt in range(self._max_retries + 1):
             try:
                 response = await self._client.post(self._api_url, json=body)
-            except httpx.ConnectError as e:
+            except (httpx.ConnectError, httpx.ReadTimeout) as e:
+                last_error = str(e)
+                if attempt < self._max_retries:
+                    delay = self._retry_base_delay * (2 ** attempt) * (0.5 + random.random())
+                    logger.warning("Transient network error, retrying in %.1fs: %s", delay, e)
+                    await asyncio.sleep(delay)
+                    continue
                 raise RuntimeError(
-                    f"Cannot connect to {self._api_url}\n"
-                    f"  Check: is the server running? Is the URL correct?\n"
-                    f"  Current: {self.config.base_url}\n"
+                    f"Cannot reach {self._api_url} after {self._max_retries + 1} attempts.\n"
+                    f"  Check your connection and the server URL.\n"
                     f"  Detail: {e}"
                 )
-            except httpx.ReadTimeout:
-                raise RuntimeError(
-                    "Request timed out after 300s.\n"
-                    "  The model may be overloaded or the prompt too large.\n"
-                    "  Try again or reduce the task complexity."
-                )
             except httpx.RemoteProtocolError as e:
                 last_error = str(e)
                 if attempt < self._max_retries:
@@ -457,7 +456,9 @@ class LLMClient(BaseLLMClient):
                 try:
                     delay = float(retry_after) if retry_after else self._retry_base_delay * (2 ** attempt)
                 except ValueError:
-                    delay = self._retry_base_delay * (2 ** attempt) * (0.5 + random.random())
+                    delay = self._retry_base_delay * (2 ** attempt)
+                # Always apply jitter to prevent thundering-herd
+                delay *= (0.5 + random.random())
                 delay = min(delay, 60.0)  # cap at 60s
 
                 if attempt < self._max_retries:

{ata_coder-2.4.9 → ata_coder-2.5.0}/main.py

@@ -44,7 +44,7 @@ if sys.platform == 'win32':
         _patched_init.__ata_patched__ = True
         _sp.Popen.__init__ = _patched_init
 
-__version__ = "2.4.9"
+__version__ = "2.5.0"
 
 import asyncio
 import logging

{ata_coder-2.4.9 → ata_coder-2.5.0}/mcp_client.py

@@ -308,11 +308,10 @@ class MCPServerConnection:
 class StdioMCPConnection(MCPServerConnection):
     """MCP connection over stdio (subprocess)."""
 
-    _next_req_id = 0
-
     def __init__(self, name: str, command: str, args: list[str] | None = None,
                  env: dict[str, str] | None = None, cwd: str | None = None):
         super().__init__(name)
+        self._next_req_id = 0  # per-instance counter (was shared class var)
         self.command = command
         self.args = args or []
         self.env = env
@@ -325,9 +324,9 @@ class StdioMCPConnection(MCPServerConnection):
         self._on_progress: Callable[[int, int, str | None], None] | None = None
 
     @classmethod
-    def _next_id(cls) -> str:
-        cls._next_req_id += 1
-        return str(cls._next_req_id)
+    def _next_id(self) -> str:
+        self._next_req_id += 1
+        return str(self._next_req_id)
 
     def on_progress(self, callback: Callable[[int, int, str | None], None]) -> None:
         """Register a callback for progress notifications."""
@@ -815,7 +814,7 @@ class MCPClient:
             tool["_mcp_original_name"] = tool_name
             self._all_tools.append(tool)
 
-    def refresh_tools(self, server_name: str | None = None) -> None:
+    async def refresh_tools(self, server_name: str | None = None) -> None:
         """Re-discover and re-register tools from one or all servers."""
         names = [server_name] if server_name else list(self._connections)
         for name in names:
@@ -826,7 +825,7 @@ class MCPClient:
             self._all_tools = [t for t in self._all_tools if t.get("_mcp_server") != name]
             self._tool_to_server = {k: v for k, v in self._tool_to_server.items() if v != name}
             # Re-discover and register
-            conn.discover()
+            await conn.discover()
             self._register_server_tools(name, conn)
 
     # ── Tool access ─────────────────────────────────────────────────────────
@@ -945,7 +944,7 @@ class MCPClient:
 
     # ── Resource cache ──────────────────────────────────────────────────────
 
-    def cached_read_resource(self, uri: str) -> dict[str, Any]:
+    async def cached_read_resource(self, uri: str) -> dict[str, Any]:
         """Read a resource with LRU+TTL caching."""
         now = time.time()
         if uri in self._resource_cache:
@@ -959,7 +958,7 @@ class MCPClient:
         for conn in self._connections.values():
             for res in conn.resources:
                 if res.get("uri") == uri:
-                    result = conn.read_resource(uri)
+                    result = await conn.read_resource(uri)
                     content = result.get("contents", result)
                     if len(self._resource_cache) >= self._resource_cache_max:
                         self._resource_cache.popitem(last=False)
@@ -973,7 +972,7 @@ class MCPClient:
                 # Simple match: if URI starts with the template prefix
                 prefix = tmpl_uri.split("{")[0] if "{" in tmpl_uri else tmpl_uri
                 if uri.startswith(prefix):
-                    result = conn.read_resource(uri)
+                    result = await conn.read_resource(uri)
                     content = result.get("contents", result)
                     if len(self._resource_cache) >= self._resource_cache_max:
                         self._resource_cache.popitem(last=False)