- Increased PBKDF2 iterations to 600k/100k for stronger key derivation
- Added memory zeroing for plaintext bytes in encryption/decryption operations
- Implemented promise-based locking for key rotation to prevent concurrent modifications
- Added detailed security documentation for deterministic salt design and SQL injection prevention
- Updated UserSecretsStore to wait for any in-progress key rotation before executing operations
- Added comprehensive

…ic coding agent implemented

- Abstracted behaviors and objectives
- Behavior and Objectives are bot h AgentComponent
- CodeGeneratorAgent (Agent DO) houses common business logic
- Implemented agentic coding agent and and assistant

- Implemented AI-powered project type prediction (app/workflow/presentation) with confidence scoring and auto-detection when projectType is 'auto'
- Enhanced template selection to filter by project type and skip AI selection for single-template scenarios in workflow/presentation types
- Added GitHub token caching in CodeGeneratorAgent for persistent OAuth sessions across exports
- Updated commitlint config to allow longer commit messages (

- Initialize template cache during agent setup to avoid redundant fetches
- Remove redundant project name prompt from template selection
- Clean up default projectType fallback logic

- Added concurrency control to prevent duplicate workflow runs on the same PR
- Replaced Claude-based comment cleanup with direct GitHub API deletion for better reliability
- Enhanced code debugger instructions to handle Vite dev server restarts and config file restrictions

- Replaced unsafe type assertions with proper type guards for legacy state detection
- Added explicit type definitions for deprecated state fields and legacy file formats
- Eliminated all 'any' types while maintaining backward compatibility with legacy states

…dering

…ess design

- Sandbox layer does not rely on templates now, instead expects raw files list
- Tools to init/list templates, files
- Templates can be chosen by agentic mode after creation
- Restructured system prompt with detailed architecture explanations covering virtual filesystem, sandbox environment, and deployment flow
- Better tool descriptions
- Improved communication guidelines and workflow steps for better agent reasoning and execution

- Replaced agent mode toggle with project mode selector (App/Slides/Chat) that determines behavior type
- Implemented agentic behavior detection for static content (docs, markdown) with automatic editor view
- Conditionally render PhaseTimeline and deployment controls based on behavior type (phasic vs agentic)

- Replaced manual template_manager tool with init_suitable_template that uses the original template selector ai
- Updated system prompts to emphasize template-first workflow for interactive projects with AI selector as mandatory first step
- Simplified template selection process by removing manual list/select commands in favor of intelligent matching
```

- Added conversation history support to AgenticProjectBuilder with message preparation and context tracking
- Implemented tool call completion callbacks to sync messages and trigger periodic compactification
- Modified AgenticCodingBehavior to queue user inputs during builds and inject them between tool call chains using abort mechanism

- Fix importTemplate to actually work
- Fixed template filtering logic to respect 'general' project type
- Added behaviorType to logger context for better debugging
- fixed not saving behaviorType to state

…ructor

- Moved behaviorType and projectType initialization from hardcoded values to constructor-based setup
- Changed initial state values to 'unknown' to ensure proper initialization through behavior constructor
- Cleared template details cache when importing new templates to prevent stale data

- Moved user input idle check from PhasicCodingBehavior to CodeGeneratorAgent for consistent behavior across all modes
- Fixed message order in agenticProjectBuilder to place history after user message instead of before
- Added replaceExisting parameter to addConversationMessage for better control over message updates
- Enhanced initial state restoration to include queued user messages and behaviorType
- Added status and queuePosition fields

- Single convo id needs to be broadcasted but messages need to be saved with unique ids.
- Fix message deduplication to use composite key (conversationId + role + tool_call_id)
- Improved tool message filtering to validate against parent assistant tool_calls
- Removed unused CodingAgentInterface stub file
- Simplified addConversationMessage interface by removing replaceExisting parameter

- Added CompletionDetector interface and CompletionConfig for detecting task completion signals
- Implemented dependency-aware parallel tool execution engine with resource conflict detection
- Added LoopDetector to prevent infinite tool call loops with contextual warnings
- Enhanced ToolCallContext with completion signal tracking and warning injection state
- Modified tool execution to respect dependencies and execute in parallel groups

… and debugger

- Added CompletionDetector to track completion signals via dedicated tools (mark_generation_complete, mark_debugging_complete)
- Implemented LoopDetector to prevent infinite tool call loops with contextual warnings
- Created wrapToolsWithLoopDetection utility to inject loop detection into tool execution flow
- Enhanced system prompts to emphasize efficient parallel tool usage and completion discipline

Feat: Better tooling system

…at/general-agents

…ent-sdk

- Add VIBESDK_RUN_INTEGRATION_TESTS environment variable to control integration test execution
- Exclude SDK integration tests from pre-commit hooks to improve commit speed
- Add dedicated test:integration npm script for running integration tests explicitly
- Update vitest config to conditionally exclude integration tests based on environment variable

…onment variables

Feat: Client SDK for vibesdk

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

…tion

…ript

- Add ALLOCATION_STRATEGY, ENVIRONMENT, PLATFORM_MODEL_PROVIDERS, and USE_CLOUDFLARE_IMAGES to deploy-release-live workflow
- Add AI_PROXY_JWT_SECRET secret to deployment workflow
- Update deploy script to include new variables in .prod.vars generation

- Add clear() methods to TypedEmitter, SessionStateStore, and WorkspaceStore for proper resource cleanup
- Truncate HTTP error response text to 1000 characters to prevent excessive error messages
- Add message queue overflow error emission when pending sends exceed limit
- Export FileOutputType from protocol for type safety
- Refactor extractPhaseInfo to use proper type guards instead of any casts
- Add type guard isFileOutputType for safer file

…ering

- Add detectBlankScreenshot utility with entropy-based analysis to identify blank/uniform screenshots
- Implement retry mechanism with exponential backoff (3 total attempts) for screenshot capture
- Add SCREENSHOT_CONFIG with configurable timeouts, retry delays, and detection thresholds
- Change waitUntil from networkidle0 to networkidle2 and add 2s post-load wait for better page stability
- Refactor captureScreenshot into

Feat: improve SDK error handling and resource cleanup

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>