When replaying conversation history to Gemini, tool calls without
thought_signature are downgraded to text blocks like [Tool Call: ...].
This leaked internal technical info into user-facing chat messages.
Added stripDowngradedToolCallText filter alongside existing Minimax
filter to remove these text representations before extraction.
* docs: clarify subagent announce status
* Make subagent announce structured and include run outcome
* fix: stabilize sub-agent announce status (#835) (thanks @roshanasingh4)
---------
Co-authored-by: Peter Steinberger <steipete@gmail.com>
Adds support for template variables in `messages.responsePrefix` that
resolve dynamically at runtime with the actual model used (including
after fallback).
Supported variables (case-insensitive):
- {model} - short model name (e.g., "claude-opus-4-5", "gpt-4o")
- {modelFull} - full model identifier (e.g., "anthropic/claude-opus-4-5")
- {provider} - provider name (e.g., "anthropic", "openai")
- {thinkingLevel} or {think} - thinking level ("high", "low", "off")
- {identity.name} or {identityName} - agent identity name
Example: "[{model} | think:{thinkingLevel}]" → "[claude-opus-4-5 | think:high]"
Variables show the actual model used after fallback, not the intended
model. Unresolved variables remain as literal text.
Implementation:
- New module: src/auto-reply/reply/response-prefix-template.ts
- Template interpolation in normalize-reply.ts via context provider
- onModelSelected callback in agent-runner-execution.ts
- Updated all 6 provider message handlers (web, signal, discord,
telegram, slack, imessage)
- 27 unit tests covering all variables and edge cases
- Documentation in docs/gateway/configuration.md and JSDoc
Fixes#923
Add ability to delete messages in Telegram chats via the message tool.
Changes:
- Add deleteMessageTelegram function in send.ts
- Add deleteMessage action handler in telegram-actions.ts
- Add delete action support in telegram message plugin adapter
- Add deleteMessage to TelegramActionConfig type
- Update message tool description to mention delete action
Usage:
- Via message tool: action="delete", chatId, messageId
- Can be disabled via channels.telegram.actions.deleteMessage=false
Limitations (Telegram API):
- Bot can delete its own messages in any chat
- Bot can delete others' messages only if admin with "Delete Messages"
- Messages older than 48h in groups may fail to delete
When Anthropic's API returns an overloaded_error (temporary capacity issue),
the raw JSON error was being sent to users instead of a friendly message.
Changes:
- Add overloaded error pattern detection
- Return user-friendly message for overloaded errors
- Classify overloaded as failover-worthy (triggers retry logic)
This PR includes three main improvements:
1. Tailscale Binary Detection with Fallback Strategies
- Added findTailscaleBinary() with multi-strategy detection:
* PATH lookup via 'which' command
* Known macOS app path (/Applications/Tailscale.app/Contents/MacOS/Tailscale)
* find /Applications for Tailscale.app
* locate database lookup
- Added getTailscaleBinary() with caching
- Updated all Tailscale operations to use detected binary
- Added TUI warning when Tailscale binary not found for serve/funnel modes
2. Custom Gateway IP Binding with Fallback
- New bind mode "custom" allowing user-specified IP with fallback to 0.0.0.0
- Removed "tailnet" mode (folded into "auto")
- All modes now support graceful fallback: custom (if fail → 0.0.0.0), loopback (127.0.0.1 → 0.0.0.0), auto (tailnet → 0.0.0.0), lan (0.0.0.0)
- Added customBindHost config option for custom bind mode
- Added canBindTo() helper to test IP availability before binding
- Updated configure and onboarding wizards with new bind mode options
3. Health Probe Password Auth Fix
- Gateway probe now tries both new and old passwords
- Fixes issue where password change fails health check if gateway hasn't restarted yet
- Uses nextConfig password first, falls back to baseConfig password if needed
Files changed:
- src/infra/tailscale.ts: Binary detection + caching
- src/gateway/net.ts: IP binding with fallback logic
- src/config/types.ts: BridgeBindMode type + customBindHost field
- src/commands/configure.ts: Health probe dual-password try + Tailscale detection warning + bind mode UI
- src/wizard/onboarding.ts: Tailscale detection warning + bind mode UI
- src/gateway/server.ts: Use new resolveGatewayBindHost
- src/gateway/call.ts: Updated preferTailnet logic (removed "tailnet" mode)
- src/commands/onboard-types.ts: Updated GatewayBind type
- src/commands/onboard-helpers.ts: resolveControlUiLinks updated
- src/cli/*.ts: Updated bind mode casts
- src/gateway/call.test.ts: Removed "tailnet" mode test
Claude's extended thinking feature generates thought_signature fields
(message IDs like "msg_abc123...") in content blocks. When these are
sent to Google's Gemini API, it expects Base64-encoded bytes and
rejects Claude's format with a 400 error.
This commit adds stripThoughtSignatures() to remove these fields from
assistant message content blocks during sanitization, enabling session
histories to be shared across different providers (e.g., Claude → Gemini).
Fixes cross-provider session bug where switching from Claude-thinking
to Gemini (or vice versa) would fail with:
"Invalid value at 'thought_signature' (TYPE_BYTES), Base64 decoding failed"
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add validateAnthropicTurns() to merge consecutive user messages that can
occur when steering messages are injected during streaming. This prevents
the API from rejecting requests due to improper role alternation.
Changes:
- Add validateAnthropicTurns() function in pi-embedded-helpers.ts
- Integrate validation into sanitization pipeline in pi-embedded-runner.ts
- Add user-friendly error message for role ordering errors
- Add comprehensive tests for the new validation function
- Enforces strict buffering when enforceFinalTag is enabled.
- Prevents 'thinking out loud' planning steps (e.g. '*Locating Manulife*') from leaking to WhatsApp.
- Hardens <final> tag stripping to remove nested/hallucinated tags.
- Added src/utils/provider-utils.ts to track reasoning provider logic
- Updated isReasoningTagProvider to loosely match 'google-antigravity' (fixes sub-models)
- Enabled enforceFinalTag in reply.ts when provider matches
- Verified <final> tag stripping logic in pi-embedded-subscribe.ts
- Updated pi-embedded-runner to use consistent provider check for prompt hints
When block streaming is enabled with verbose=off, tool blocks are hidden
but their boundary information was lost. Text segments before and after
tool execution would get coalesced into a single message because the
coalescer had no signal that a tool had executed between them.
This adds an onBlockReplyFlush callback that fires on tool_execution_start,
allowing the block reply pipeline to flush pending text before the tool
runs. This preserves natural message boundaries even when tools are hidden.
Fixes the issue where:
text → [hidden tool] → text → rendered as one merged message
Now correctly renders as:
text → [hidden tool] → text → two separate messages
Co-diagnosed-by: Krill (Discord assistant)
Windows system utilities like ipconfig, systeminfo, etc. write directly to
the console via WriteConsole API instead of stdout. When Node.js spawns
cmd.exe with piped stdio, these utilities produce empty output.
Changes:
- Switch from cmd.exe to PowerShell on Windows (properly redirects output)
- Disable detached mode on Windows (PowerShell doesn't pipe stdout when detached)
- Add windowsHide option to prevent console window flashing
- Update tests to use PowerShell-compatible syntax (Start-Sleep, semicolons)
The previous prompt was too permissive about skipping announcements.
Updated to strongly encourage announcing results since the requester
is waiting for a response.
- Add 'You MUST announce your result' instruction
- Clarify ANNOUNCE_SKIP is only for complete failures
- Improve guidance on providing useful summaries
The previous immediate probe (timeoutMs: 0) only caught already-completed
runs. Cross-process spawns need to actually wait via agent.wait RPC for
the gateway to signal completion, then trigger the announce flow.
- Rename probeImmediateCompletion to waitForSubagentCompletion
- Use 10 minute wait timeout for agent.wait RPC
- Remove leftover debug console.log statements
- Use resolveExtraParams() which was defined but unused
- Create streamFn wrapper that injects config-driven params
- Apply to both compaction and run sessions
Config path: agents.defaults.models["provider/model"].params.temperature
Example:
agents.defaults.models["anthropic/claude-sonnet-4"].params.temperature = 0.7
agents.defaults.models["openai/gpt-4"].params.maxTokens = 8192
OpenAI/ChatGPT returns "You have hit your ChatGPT usage limit (plus plan)"
when users exceed their plan quota. This error wasn't being recognized as a
rate limit, so fallback to alternative models wasn't triggering.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Images were previously converted to markdown data URLs which Claude API
treats as plain text, not as actual images.
Changes:
- Add parseMessageWithAttachments() that returns {message, images[]}
- Pass images through the stack to session.prompt() as content blocks
- Filter null/empty attachments before parsing
- Strip data URL prefix if client sends it
This enables iOS and other clients to send images that Claude can actually see.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace model catalog with 11 current models: gpt-5.1-codex, claude-opus-4-5,
gemini-3-pro, alpha-glm-4.7, gpt-5.1-codex-mini, gpt-5.1, glm-4.7-free,
gemini-3-flash, gpt-5.1-codex-max, minimax-m2.1-free, gpt-5.2
- Add accurate per-token costs from OpenCode Zen pricing
- Add accurate context windows and output limits
- Update aliases for new model families (codex, glm, minimax)
- Remove deprecated models (sonnet, haiku, o-series, gemini-2.5)
- Expand schema scrubber to strip additional constraint keywords rejected
by Cloud Code Assist (examples, minLength, maxLength, minimum, maximum,
multipleOf, pattern, format, minItems, maxItems, uniqueItems,
minProperties, maxProperties)
- Extend tool call ID sanitization to cover toolUse and toolCall block
types (previously only functionCall was sanitized)
- Update pi-tools test to include 'examples' in unsupported keywords
Fixes 400 errors when using google-antigravity/claude-opus-4-5-thinking:
- tools.N.custom.input_schema: JSON schema is invalid
- messages.N.content.N.tool_use.id: String should match pattern
Adds `agent.humanDelay` config option to create natural rhythm between
streamed message bubbles. When enabled, introduces a random delay
(default 800-2500ms) between block replies, making multi-message
responses feel more like natural human texting.
Config example:
```json
{
"agent": {
"blockStreamingDefault": "on",
"humanDelay": {
"enabled": true,
"minMs": 800,
"maxMs": 2500
}
}
}
```
- First message sends immediately
- Subsequent messages wait a random delay before sending
- Works with iMessage, Signal, and Discord providers
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Previously, Read/Write/Edit tools used the global tool instances from
pi-coding-agent which had process.cwd() baked in at import time. Since
the gateway starts from /root/dev/ai/clawdbot, relative paths like
'SOUL.md' would incorrectly resolve there instead of the agent's
workspace (/root/clawd).
This fix:
- Adds workspaceDir option to createClawdbotCodingTools
- Creates fresh Read/Write/Edit tools bound to workspaceDir
- Adds cwd option to Bash tool defaults for consistency
- Passes effectiveWorkspace from pi-embedded-runner
Absolute paths and ~/... paths are unaffected. Sandboxed sessions
continue to use sandbox root as before.
Includes tests for Read/Write/Edit workspace path resolution.
When Claude CLI credentials (anthropic:claude-cli) expire, automatically
refresh using the stored refresh token instead of failing with
"No credentials found" error.
Changes:
- Read refreshToken from Claude CLI and store as OAuth credential type
- Implement bidirectional sync: after refresh, write new tokens back to
Claude Code storage (file on Linux/Windows, Keychain on macOS)
- Prefer OAuth over Token credentials (enables auto-refresh capability)
- Maintain backward compatibility for credentials without refreshToken
This enables long-running agents to operate autonomously without manual
re-authentication when OAuth tokens expire.
Co-Authored-By: Claude <noreply@anthropic.com>
When reasoning is enabled on non‑block providers, we now ignore interim streaming chunks and send only the final assistant answer at completion, so replies aren’t partial or duplicated.
- Keep audioAsVoice-only payloads from being filtered out
- Allow empty payloads through when they carry the flag
- Remove temporary debug logs around audioAsVoice buffering
Co-authored-by: Manuel Hettich <17690367+ManuelHettich@users.noreply.github.com>
- Add [[audio_as_voice]] detection to splitMediaFromOutput()
- Pass audioAsVoice through onBlockReply callback chain
- Buffer audio blocks during streaming, flush at end with correct flag
- Non-audio media still streams immediately
- Fix: emit payloads with audioAsVoice flag even if text is empty
Co-authored-by: Manuel Hettich <17690367+ManuelHettich@users.noreply.github.com>
The heartbeat prompt from agents.defaults.heartbeat.prompt was being
injected into the system prompt for ALL agents, causing non-default
agents to read the default agent's identity files and adopt its persona.
Now the heartbeat prompt is only included when the session's agent ID
matches the configured default agent. Other agents receive no heartbeat
section in their system prompt.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix disableBlockStreaming logic in telegram/bot.ts to properly enable
block streaming when telegram.streamMode is 'block' regardless of
blockStreamingDefault setting
- Set minChars default to 1 for Telegram block mode so chunks send
immediately on newlines/sentences instead of waiting for 800 chars
- Skip coalescing for Telegram block mode when not explicitly configured
to reduce chunk batching delays
- Fix newline preference to wait for actual newlines instead of breaking
on any whitespace when buffer is under maxChars
Fixes issue where all Telegram messages were batched into one message
at the end instead of streaming as separate messages during generation.
- Add sanitizeToolCallId() to fix Cloud Code Assist tool call ID validation
- Apply sanitization in sanitizeSessionMessagesImages() for toolResult and assistant messages
- Add legacy CONFIG_PATH_CLAWDIS and STATE_DIR_CLAWDIS exports for backward compatibility
- Resolves Cloud Code Assist rejection of invalid tool call IDs with pipe characters
- Fixes missing session export functions that were blocking system startup
Addresses Cloud Code Assist API 400 errors from invalid tool call IDs like 'call_abc123|item_456'
- Update MessageToolOptions type to include Slack threading options
- Remove duplicate threadTs property in slack/actions.ts
- Fix replyThreadTs parameter name in monitor.ts
- Update test to correctly verify 'first' mode threading behavior:
- 'off' mode: no threading unless already in a thread
- 'first' mode: first reply starts a thread
- Add new test case for 'first' mode threading
- Add shared hasRepliedRef state between auto-reply and tool paths
- Extract buildSlackThreadingContext helper in agent-runner.ts
- Extract resolveThreadTsFromContext helper in slack-actions.ts
- Update docs with clear replyToMode table (off/first/all)
- Add tests for first mode behavior across multiple messages
Replaces Type.Integer with Type.Number and simplifies the sessions_send tool schema to avoid anyOf/oneOf unions that cause 400 errors with Google Cloud Code Assist API.
Add --auth-choice minimax-api for direct MiniMax API usage at
https://api.minimax.io/anthropic using the anthropic-messages API.
Changes:
- Add applyMinimaxApiConfig() function with provider/model config
- Add minimax-api to AuthChoice type and CLI options
- Add handler and non-interactive support
- Fix duplicate minimax entry in envMap
- Update live test to use anthropic-messages API
- Add 11 unit tests covering all edge cases
- Document configuration in gateway docs
Test results:
- 11/11 unit tests pass
- 1/1 live API test passes (verified with real API key)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add `label` field to session entries and expose it in `sessions.list`
- Display label column in the web UI sessions table
- Support `label` parameter in `sessions_send` for lookup by label instead of sessionKey
- `sessions.patch`: Accept and store `label` field
- `sessions.list`: Return `label` in session entries
- `sessions_spawn`: Pass label through to registry and announce flow
- `sessions_send`: Accept optional `label` param, lookup session by label if sessionKey not provided
- `agent` method: Accept `label` and `spawnedBy` params (stored in session entry)
- Add `label` column to sessions table in web UI
- Changed session store writes to merge with existing entry (`{ ...existing, ...new }`)
to preserve fields like `label` that might be set separately
We attempted to implement label persistence "properly" by passing the label
through the `agent` call and storing it during session initialization. However,
the auto-reply flow has multiple write points that overwrite the session entry,
and making all of them merge-aware proved unreliable.
The working solution patches the label in the `finally` block of
`runSubagentAnnounceFlow`, after all other session writes complete.
This is a workaround but robust - the patch happens at the very end,
just before potential cleanup.
A future refactor could make session writes consistently merge-based,
which would allow the cleaner approach of setting label at spawn time.
```typescript
// Spawn with label
sessions_spawn({ task: "...", label: "my-worker" })
// Later, find by label
sessions_send({ label: "my-worker", message: "continue..." })
// Or use sessions_list to see labels
sessions_list() // includes label field in response
```
Cloud Code Assist API requires strict JSON Schema draft 2020-12 compliance
and rejects keywords like patternProperties, additionalProperties, $schema,
$id, $ref, $defs, and definitions.
This extends cleanSchemaForGemini to:
- Remove all unsupported keywords from tool schemas
- Add oneOf literal flattening (matching existing anyOf behavior)
- Add test to verify no unsupported keywords remain in tool schemas
Add 'clawd sandbox list' and 'clawd sandbox recreate' commands to manage
sandbox containers. This fixes the issue where containers continue using
old images/configs after updates.
Problem:
- When sandbox Docker images or configs are updated, existing containers
keep running with old settings
- Containers are only recreated after 24h inactivity (pruning)
- If agents are used regularly, old containers run indefinitely
Solution:
- 'clawd sandbox list': Show all containers with status, age, and image match
- 'clawd sandbox recreate': Force container removal (recreated on next use)
- Supports --all, --session, --agent, --browser filters
- Requires confirmation unless --force is used
Implementation:
- Added helper functions to sandbox.ts (list/remove containers)
- Created sandbox-cli.ts following existing CLI patterns
- Created commands/sandbox.ts with list and recreate logic
- Integrated into program.ts
Use case: After updating sandbox images or changing sandbox config,
run 'clawd sandbox recreate --all' to ensure fresh containers.
Anthropic blocks specific lowercase tool names (bash, read, write, edit)
when using OAuth tokens. This fix:
1. Renames blocked tools to capitalized versions (Bash, Read, Write, Edit)
in pi-tools.ts via renameBlockedToolsForOAuth()
2. Passes all tools as customTools in splitSdkTools() to bypass
pi-coding-agent's built-in tool filtering, which expects lowercase names
The capitalized names work with both OAuth tokens and regular API keys.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds a brief 'Messaging' section to the system prompt to guide agents on:
- Reply in session = auto-routes to source provider
- Cross-session = use sessions_send
- Never use bash/curl for provider messaging
This helps prevent agents from using shell workarounds for messaging
when Clawdbot already handles routing internally.
Fixes parameter mismatch between AI tool schema and internal validation.
The TypeBox schema now uses `jobId` for update/remove/run/runs actions,
matching what users expect based on the returned job objects.
Changes:
- Changed parameter from `id` to `jobId` in TypeBox schema for update/remove/run/runs
- Updated execute function to read `jobId` parameter
- Updated tests to use `jobId` in input parameters
The gateway protocol still uses `id` internally - the tool now maps
`jobId` from the AI to `id` for the gateway call.
Fixes#185
Co-Authored-By: Claude <noreply@anthropic.com>
Add automatic thinking mode support for Z.AI GLM-4.x models:
- GLM-4.7: Preserved thinking (clear_thinking: false)
- GLM-4.5/4.6: Interleaved thinking (clear_thinking: true)
Uses Z.AI Cloud API format: thinking: { type: "enabled", clear_thinking: boolean }
Includes patches for pi-ai, pi-agent-core, and pi-coding-agent to pass
extraParams through the stream pipeline. User can override via config
or disable via --thinking off.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
