feat(models): resolve SDK default URLs for all registered providers

- Add sdkDefaultBaseURL map covering the 14 npm SDKs that ship a
  hard-coded baseURL (groq, cerebras, mistral, xai, perplexity,
  togetherai, deepinfra, cohere, v0, aihubmix, venice, merge-gateway,
  openrouter, vercel gateway), so providers whose models.dev entry
  omits the api field still auto-route correctly.
- Extend npmToWireProtocol so these thin OpenAI-compatible wrappers
  route through fantasy's openaicompat provider.
- Add resolveTemplatedAPIURL to substitute ${VAR} placeholders for
  cloudflare-workers-ai, databricks, snowflake-cortex from the env,
  with friendly errors that name the missing vars.
- Wire amazon-bedrock and azure-cognitive-services aliases into the
  existing native handlers; add createGoogleVertexProvider for the
  google-vertex case.
- Expose kit.ResolveProviderBaseURL in the public SDK so embedders
  can introspect the effective endpoint before instantiating a Kit.
- Refresh embedded_models.json from models.dev (5113 -> 5121 models;
  139 providers unchanged).

README.md

@@ -127,6 +127,7 @@ max-tokens: 4096
 temperature: 0.7
 stream: true
 thinking-level: off       # off, none, minimal, low, medium, high
+no-core-tools: false      # set to true to disable all built-in core tools
 ```
 
 All of the above keys can also be set programmatically via the SDK
@@ -195,9 +196,10 @@ mcpServers:
 --compact                Enable compact output mode
 --auto-compact           Auto-compact conversation near context limit
 
-# Extensions
+# Extensions and tools
 --extension, -e          Load additional extension file(s) (repeatable)
 --no-extensions          Disable all extensions
+--no-core-tools          Disable all built-in core tools (bash, read, write, edit, grep, find, ls, subagent)
 --prompt-template        Load a specific prompt template by name
 --no-prompt-templates    Disable prompt template loading
 
@@ -507,6 +509,8 @@ During an interactive session, use these slash commands:
 
 | Shortcut | Description |
 |----------|-------------|
+| `Ctrl+V` | Paste an image from the clipboard — shows an inline low-res thumbnail preview (tmux/zellij-safe) |
+| `Ctrl+U` | Clear all pending image attachments |
 | `Ctrl+X e` | Open `$VISUAL`/`$EDITOR` to compose or edit your prompt |
 | `Ctrl+X s` | Steer — inject a system-level instruction mid-turn |
 | `ESC ESC` | Cancel the current operation (tool call or streaming) |
@@ -554,7 +558,7 @@ host, err := kit.New(ctx, &kit.Options{
     SystemPrompt: "You are a helpful bot",
     ConfigFile:   "/path/to/config.yml",
     MaxSteps:     10,
-    Streaming:    true,
+    Streaming:    ptr(true), // *bool: nil = unset (default true), &false = off
     Quiet:        true,
 
     // Generation parameters (override env/config/per-model defaults)
@@ -579,7 +583,9 @@ host, err := kit.New(ctx, &kit.Options{
     // Tool options
     Tools:            []kit.Tool{...},     // Replace default tool set entirely
     ExtraTools:       []kit.Tool{...},     // Add tools alongside defaults
-    DisableCoreTools: true,                // Use no core tools (0 tools, for chat-only)
+    DisableCoreTools: true,                // Disable all built-in core tools; also controllable via
+                                           // --no-core-tools flag, KIT_NO_CORE_TOOLS env var,
+                                           // or no-core-tools: true in .kit.yml
 
     // Configuration
     SkipConfig:   true,                   // Skip .kit.yml files (viper defaults + env vars still apply)
@@ -599,6 +605,38 @@ are pointer types so explicit `0.0` is distinguishable from "leave alone"; a
 non-zero `MaxTokens` suppresses automatic right-sizing the same way `--max-tokens`
 does on the CLI.
 
+### Functional options (`NewAgent`)
+
+For simple programmatic setups, `kit.NewAgent` offers an ergonomic
+functional-options front door over `kit.New`. Streaming is **enabled by
+default**; pass `kit.WithStreaming(false)` to opt out.
+
+```go
+host, err := kit.NewAgent(ctx,
+    kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+    kit.WithSystemPrompt("You are a helpful assistant."),
+    kit.WithMaxTokens(8192),
+    kit.WithThinkingLevel("medium"),
+    kit.Ephemeral(), // in-memory session, no persistence
+)
+```
+
+Available options: `WithModel`, `WithSystemPrompt`, `WithStreaming`,
+`WithMaxTokens`, `WithThinkingLevel`, `WithTools`, `WithExtraTools`,
+`WithProviderAPIKey`, `WithProviderURL`, `WithConfigFile`, `WithDebug`, and
+`Ephemeral`. For advanced configuration not covered by the helpers (custom MCP
+config, in-process MCP servers, session backends, MCP task tuning) construct an
+`Options` value explicitly and call `kit.New`.
+
+### Per-instance config isolation
+
+Each `kit.New` / `kit.NewAgent` call owns an **isolated configuration store**,
+so constructing multiple Kit instances in the same process is safe: setting the
+model, thinking level, or generation parameters on one never affects another,
+and runtime mutators (`SetModel`, `SetThinkingLevel`) only touch the owning
+instance. This makes subagent spawning and multi-Kit embedding race-free with
+no external synchronization required.
+
 ### MCP OAuth (remote MCP servers)
 
 When a remote MCP server returns 401, Kit runs the full OAuth flow (dynamic
@@ -756,6 +794,45 @@ host, _ := kit.New(ctx, &kit.Options{
 })
 ```
 
+### Runtime Skills & Context Files
+
+For multi-tenant hosts (chatbots, per-user agents, web services), the SDK
+lets you swap skills and `AGENTS.md`-style context files **after** Kit
+construction. Every mutation recomposes the system prompt and applies it to
+the agent so the next turn picks up the new instructions — no restart needed.
+
+```go
+// Programmatic skill (no file on disk required).
+host.AddSkill(&kit.Skill{
+    Name:        "polite-french",
+    Description: "Respond in French and always greet the user.",
+    Content:     "Always reply in French. Open every response with 'Bonjour'.",
+})
+
+// Or load one from disk.
+host.LoadAndAddSkill("/var/skills/refund-policy.md")
+
+// Per-user AGENTS.md content pulled from a database.
+host.AddContextFileContent(
+    fmt.Sprintf("session://%s/AGENTS.md", userID),
+    rulesFromDB,
+)
+
+// Tear down session-specific state on logout.
+host.RemoveSkill("polite-french")
+host.RemoveContextFile(fmt.Sprintf("session://%s/AGENTS.md", userID))
+
+// Or replace the whole set atomically.
+host.SetSkills(activeSkillsForUser)
+host.SetContextFiles(activeContextForUser)
+```
+
+Skills dedupe by `Name`, context files dedupe by `Path` (which can be any
+opaque identifier — it doesn't have to be a real filesystem path). All
+mutators and readers (`GetSkills`, `GetContextFiles`) are safe to call
+concurrently from multiple goroutines. See the [SDK overview docs](/sdk/overview#runtime-skills-and-context-files)
+for the full reference.
+
 ## Advanced Usage
 
 ### Subagent Pattern
@@ -897,6 +974,31 @@ This automatically defaults to `custom/custom` without needing to specify a mode
 - Reasoning and temperature support
 - Optional `CUSTOM_API_KEY` environment variable or `--provider-api-key` flag
 
+### Auto-routed Providers
+
+Any provider in the [models.dev](https://models.dev) database can be used as
+`provider/model` without a dedicated native integration. Kit auto-routes the
+request through the matching **wire protocol** based on the provider's npm package
+(or per-model override), using its `api` URL as the base:
+
+| npm package | Wire protocol |
+|-------------|---------------|
+| `@ai-sdk/openai` | OpenAI (Responses API) |
+| `@ai-sdk/openai-compatible` | OpenAI (chat completions) |
+| `@ai-sdk/anthropic` | Anthropic |
+| `@ai-sdk/google` | Google Gemini |
+
+Providers with an `api` URL but an unrecognized npm package fall back to the
+OpenAI-compatible wire. Because routing follows the wire protocol, aggregator/proxy
+providers work across all of their models — including Claude, GPT, *and* Gemini
+routes:
+
+```bash
+kit --model opencode/claude-haiku-4-5 "Hello"     # → Anthropic wire
+kit --model opencode/gpt-5 "Hello"                # → OpenAI wire
+kit --model opencode/gemini-3.5-flash "Hello"     # → Google wire
+```
+
 ### Model String Format
 
 ```bash

cmd/root.go

@@ -71,6 +71,7 @@ var (
 
 	// Extensions control
 	noExtensionsFlag bool
+	noCoreToolsFlag  bool
 	extensionPaths   []string
 
 	// TLS configuration
@@ -278,6 +279,8 @@ func init() {
 		BoolVar(&noSessionFlag, "no-session", false, "ephemeral mode — no session persistence")
 	rootCmd.PersistentFlags().
 		BoolVar(&noExtensionsFlag, "no-extensions", false, "disable all extensions")
+	rootCmd.PersistentFlags().
+		BoolVar(&noCoreToolsFlag, "no-core-tools", false, "disable all built-in core tools (bash, read, write, edit, grep, find, ls, subagent)")
 	rootCmd.PersistentFlags().
 		StringSliceVarP(&extensionPaths, "extension", "e", nil, "load additional extension file(s)")
 
@@ -327,6 +330,7 @@ func init() {
 	_ = viper.BindPFlag("main-gpu", rootCmd.PersistentFlags().Lookup("main-gpu"))
 	_ = viper.BindPFlag("tls-skip-verify", rootCmd.PersistentFlags().Lookup("tls-skip-verify"))
 	_ = viper.BindPFlag("no-extensions", rootCmd.PersistentFlags().Lookup("no-extensions"))
+	_ = viper.BindPFlag("no-core-tools", rootCmd.PersistentFlags().Lookup("no-core-tools"))
 	_ = viper.BindPFlag("extension", rootCmd.PersistentFlags().Lookup("extension"))
 	_ = viper.BindPFlag("prompt-template", rootCmd.PersistentFlags().Lookup("prompt-template"))
 	_ = viper.BindPFlag("no-prompt-templates", rootCmd.PersistentFlags().Lookup("no-prompt-templates"))
@@ -772,13 +776,14 @@ func runNormalMode(ctx context.Context) error {
 	var appInstancePtr *app.App
 
 	kitOpts := &kit.Options{
-		Quiet:          quietFlag,
-		Debug:          debugMode,
-		NoSession:      noSessionFlag,
-		Continue:       continueFlag,
-		SessionPath:    sessionPath,
-		AutoCompact:    autoCompactFlag,
-		MCPAuthHandler: authHandler,
+		Quiet:            quietFlag,
+		Debug:            debugMode,
+		NoSession:        noSessionFlag,
+		Continue:         continueFlag,
+		SessionPath:      sessionPath,
+		AutoCompact:      autoCompactFlag,
+		MCPAuthHandler:   authHandler,
+		DisableCoreTools: viper.GetBool("no-core-tools"),
 		// This callback is called when each MCP server finishes loading.
 		// We use a closure that captures appInstancePtr which is set after
 		// app.New() is called below.
@@ -1257,9 +1262,57 @@ func runNormalMode(ctx context.Context) error {
 		}
 	}
 
+	// Bundle all the shared dependencies into a single struct that both
+	// run-mode entry points consume. This keeps the dispatch site and the
+	// function signatures readable.
+	deps := runModeDeps{
+		appInstance:              appInstance,
+		cli:                      cli,
+		modelName:                modelName,
+		providerName:             parsedProvider,
+		loadingMessage:           kitInstance.GetLoadingMessage(),
+		serverNames:              serverNames,
+		toolNames:                toolNames,
+		mcpToolCount:             mcpToolCount,
+		extensionToolCount:       extensionToolCount,
+		usageTracker:             usageTracker,
+		extCommands:              extCommands,
+		promptTemplates:          promptTemplates,
+		contextPaths:             contextPaths,
+		skillItems:               skillItems,
+		extensionItems:           extensionItems,
+		getPromptTemplates:       getPromptTemplates,
+		getSkillItems:            getSkillItems,
+		getExtensionItems:        getExtensionItems,
+		getToolNames:             getToolNames,
+		getMCPToolCount:          getMCPToolCount,
+		mcpPrompts:               mcpPrompts,
+		getMCPPrompts:            getMCPPrompts,
+		expandMCPPrompt:          expandMCPPrompt,
+		getWidgets:               getWidgets,
+		getHeader:                getHeader,
+		getFooter:                getFooter,
+		getToolRenderer:          getToolRenderer,
+		getEditorInterceptor:     getEditorInterceptor,
+		getUIVisibility:          getUIVisibility,
+		getStatusBarEntries:      getStatusBarEntries,
+		emitBeforeFork:           emitBeforeFork,
+		emitBeforeSessionSwitch:  emitBeforeSessionSwitch,
+		getGlobalShortcuts:       getGlobalShortcuts,
+		getExtensionCommands:     getExtensionCommands,
+		setModel:                 setModelForUI,
+		emitModelChange:          emitModelChangeForUI,
+		isReasoningModel:         kitInstance.IsReasoningModel(),
+		thinkingLevel:            kitInstance.GetThinkingLevel(),
+		setThinkingLevel:         setThinkingLevelForUI,
+		switchSession:            switchSessionForUI,
+		reloadExtensions:         reloadExtensionsForUI,
+		startupExtensionMessages: startupExtensionMessages,
+	}
+
 	// Check if running in non-interactive mode
 	if positionalPrompt != "" {
-		return runNonInteractiveModeApp(ctx, appInstance, cli, positionalPrompt, quietFlag, jsonFlag, noExitFlag, modelName, parsedProvider, kitInstance.GetLoadingMessage(), serverNames, toolNames, mcpToolCount, extensionToolCount, usageTracker, extCommands, promptTemplates, contextPaths, skillItems, extensionItems, getPromptTemplates, getSkillItems, getExtensionItems, getToolNames, getMCPToolCount, mcpPrompts, getMCPPrompts, expandMCPPrompt, getWidgets, getHeader, getFooter, getToolRenderer, getEditorInterceptor, getUIVisibility, getStatusBarEntries, emitBeforeFork, emitBeforeSessionSwitch, getGlobalShortcuts, getExtensionCommands, setModelForUI, emitModelChangeForUI, kitInstance.IsReasoningModel(), kitInstance.GetThinkingLevel(), setThinkingLevelForUI, switchSessionForUI, reloadExtensionsForUI)
+		return runNonInteractiveModeApp(ctx, deps, positionalPrompt, quietFlag, jsonFlag, noExitFlag)
 	}
 
 	// Quiet mode is not allowed in interactive mode
@@ -1267,7 +1320,7 @@ func runNormalMode(ctx context.Context) error {
 		return fmt.Errorf("--quiet requires a prompt")
 	}
 
-	return runInteractiveModeBubbleTea(ctx, appInstance, modelName, parsedProvider, kitInstance.GetLoadingMessage(), serverNames, toolNames, mcpToolCount, extensionToolCount, usageTracker, extCommands, promptTemplates, contextPaths, skillItems, extensionItems, getPromptTemplates, getSkillItems, getExtensionItems, getToolNames, getMCPToolCount, mcpPrompts, getMCPPrompts, expandMCPPrompt, getWidgets, getHeader, getFooter, getToolRenderer, getEditorInterceptor, getUIVisibility, getStatusBarEntries, emitBeforeFork, emitBeforeSessionSwitch, getGlobalShortcuts, getExtensionCommands, setModelForUI, emitModelChangeForUI, kitInstance.IsReasoningModel(), kitInstance.GetThinkingLevel(), setThinkingLevelForUI, switchSessionForUI, reloadExtensionsForUI, startupExtensionMessages)
+	return runInteractiveModeBubbleTea(ctx, deps)
 }
 
 // runNonInteractiveModeApp executes a single prompt via the app layer and exits,
@@ -1280,7 +1333,10 @@ func runNormalMode(ctx context.Context) error {
 //
 // When --no-exit is set, after the prompt completes the interactive BubbleTea
 // TUI is started so the user can continue the conversation.
-func runNonInteractiveModeApp(ctx context.Context, appInstance *app.App, cli *ui.CLI, prompt string, quiet, jsonOutput, noExit bool, modelName, providerName, loadingMessage string, serverNames, toolNames []string, mcpToolCount, extensionToolCount int, usageTracker *ui.UsageTracker, extCommands []commands.ExtensionCommand, promptTemplates []*prompts.PromptTemplate, contextPaths []string, skillItems []ui.SkillItem, extensionItems []ui.ExtensionItem, getPromptTemplates func() []*prompts.PromptTemplate, getSkillItems func() []ui.SkillItem, getExtensionItems func() []ui.ExtensionItem, getToolNames func() []string, getMCPToolCount func() int, mcpPrompts []ui.MCPPromptInfo, getMCPPrompts func() []ui.MCPPromptInfo, expandMCPPrompt func(string, string, map[string]string) (*ui.MCPPromptExpandResult, error), getWidgets func(string) []ui.WidgetData, getHeader, getFooter func() *ui.WidgetData, getToolRenderer func(string) *ui.ToolRendererData, getEditorInterceptor func() *ui.EditorInterceptor, getUIVisibility func() *ui.UIVisibility, getStatusBarEntries func() []ui.StatusBarEntryData, emitBeforeFork func(string, bool, string) (bool, string), emitBeforeSessionSwitch func(string) (bool, string), getGlobalShortcuts func() map[string]func(), getExtensionCommands func() []commands.ExtensionCommand, setModel func(string) error, emitModelChange func(string, string, string), isReasoningModel bool, thinkingLevel string, setThinkingLevel func(string) error, switchSession func(string) error, reloadExtensions func() error) error {
+func runNonInteractiveModeApp(ctx context.Context, deps runModeDeps, prompt string, quiet, jsonOutput, noExit bool) error {
+	appInstance := deps.appInstance
+	cli := deps.cli
+	modelName := deps.modelName
 	// Expand @file references in the prompt before sending to the agent.
 	// Text files are XML-inlined; binary files are extracted as multimodal parts.
 	var fileParts []kit.LLMFilePart
@@ -1341,12 +1397,67 @@ func runNonInteractiveModeApp(ctx context.Context, appInstance *app.App, cli *ui
 
 	// If --no-exit was requested, hand off to the interactive TUI.
 	if noExit {
-		return runInteractiveModeBubbleTea(ctx, appInstance, modelName, providerName, loadingMessage, serverNames, toolNames, mcpToolCount, extensionToolCount, usageTracker, extCommands, promptTemplates, contextPaths, skillItems, extensionItems, getPromptTemplates, getSkillItems, getExtensionItems, getToolNames, getMCPToolCount, mcpPrompts, getMCPPrompts, expandMCPPrompt, getWidgets, getHeader, getFooter, getToolRenderer, getEditorInterceptor, getUIVisibility, getStatusBarEntries, emitBeforeFork, emitBeforeSessionSwitch, getGlobalShortcuts, getExtensionCommands, setModel, emitModelChange, isReasoningModel, thinkingLevel, setThinkingLevel, switchSession, reloadExtensions, nil)
+		// Drop the cli (interactive mode doesn't use it) and clear the
+		// interactive-only fields explicitly; deps carries everything else.
+		interactive := deps
+		interactive.cli = nil
+		interactive.startupExtensionMessages = nil
+		return runInteractiveModeBubbleTea(ctx, interactive)
 	}
 
 	return nil
 }
 
+// runModeDeps bundles the shared dependencies that runNormalMode wires up
+// once and threads to both runNonInteractiveModeApp and
+// runInteractiveModeBubbleTea. Grouping them into a single struct keeps the
+// call sites and signatures readable and makes it trivial to add a new
+// provider callback without touching every call chain.
+type runModeDeps struct {
+	appInstance              *app.App
+	cli                      *ui.CLI // non-interactive only
+	modelName                string
+	providerName             string
+	loadingMessage           string
+	serverNames              []string
+	toolNames                []string
+	mcpToolCount             int
+	extensionToolCount       int
+	usageTracker             *ui.UsageTracker
+	extCommands              []commands.ExtensionCommand
+	promptTemplates          []*prompts.PromptTemplate
+	contextPaths             []string
+	skillItems               []ui.SkillItem
+	extensionItems           []ui.ExtensionItem
+	getPromptTemplates       func() []*prompts.PromptTemplate
+	getSkillItems            func() []ui.SkillItem
+	getExtensionItems        func() []ui.ExtensionItem
+	getToolNames             func() []string
+	getMCPToolCount          func() int
+	mcpPrompts               []ui.MCPPromptInfo
+	getMCPPrompts            func() []ui.MCPPromptInfo
+	expandMCPPrompt          func(string, string, map[string]string) (*ui.MCPPromptExpandResult, error)
+	getWidgets               func(string) []ui.WidgetData
+	getHeader                func() *ui.WidgetData
+	getFooter                func() *ui.WidgetData
+	getToolRenderer          func(string) *ui.ToolRendererData
+	getEditorInterceptor     func() *ui.EditorInterceptor
+	getUIVisibility          func() *ui.UIVisibility
+	getStatusBarEntries      func() []ui.StatusBarEntryData
+	emitBeforeFork           func(string, bool, string) (bool, string)
+	emitBeforeSessionSwitch  func(string) (bool, string)
+	getGlobalShortcuts       func() map[string]func()
+	getExtensionCommands     func() []commands.ExtensionCommand
+	setModel                 func(string) error
+	emitModelChange          func(string, string, string)
+	isReasoningModel         bool
+	thinkingLevel            string
+	setThinkingLevel         func(string) error
+	switchSession            func(string) error
+	reloadExtensions         func() error
+	startupExtensionMessages []string // interactive only
+}
+
 // ---------------------------------------------------------------------------
 // JSON output helpers (--json mode)
 // ---------------------------------------------------------------------------
@@ -1439,7 +1550,8 @@ func writeJSONError(err error) {
 //  4. Calls program.Run() which blocks until the user quits (Ctrl+C or /quit).
 //
 // SetupCLI is not used for interactive mode; the TUI (AppModel) handles its own rendering.
-func runInteractiveModeBubbleTea(_ context.Context, appInstance *app.App, modelName, providerName, loadingMessage string, serverNames, toolNames []string, mcpToolCount, extensionToolCount int, usageTracker *ui.UsageTracker, extCommands []commands.ExtensionCommand, promptTemplates []*prompts.PromptTemplate, contextPaths []string, skillItems []ui.SkillItem, extensionItems []ui.ExtensionItem, getPromptTemplates func() []*prompts.PromptTemplate, getSkillItems func() []ui.SkillItem, getExtensionItems func() []ui.ExtensionItem, getToolNames func() []string, getMCPToolCount func() int, mcpPrompts []ui.MCPPromptInfo, getMCPPrompts func() []ui.MCPPromptInfo, expandMCPPrompt func(string, string, map[string]string) (*ui.MCPPromptExpandResult, error), getWidgets func(string) []ui.WidgetData, getHeader, getFooter func() *ui.WidgetData, getToolRenderer func(string) *ui.ToolRendererData, getEditorInterceptor func() *ui.EditorInterceptor, getUIVisibility func() *ui.UIVisibility, getStatusBarEntries func() []ui.StatusBarEntryData, emitBeforeFork func(string, bool, string) (bool, string), emitBeforeSessionSwitch func(string) (bool, string), getGlobalShortcuts func() map[string]func(), getExtensionCommands func() []commands.ExtensionCommand, setModel func(string) error, emitModelChange func(string, string, string), isReasoningModel bool, thinkingLevel string, setThinkingLevel func(string) error, switchSession func(string) error, reloadExtensions func() error, startupExtensionMessages []string) error {
+func runInteractiveModeBubbleTea(_ context.Context, deps runModeDeps) error {
+	appInstance := deps.appInstance
 	// Redirect all log output (stdlib and charm) to a file so that log
 	// messages don't write to stderr and corrupt the TUI. Bubble Tea
 	// captures stdout for rendering; any stray stderr output from
@@ -1462,49 +1574,49 @@ func runInteractiveModeBubbleTea(_ context.Context, appInstance *app.App, modelN
 	cwd, _ := os.Getwd()
 
 	appModel := ui.NewAppModel(appInstance, ui.AppModelOptions{
-		ModelName:                modelName,
-		ProviderName:             providerName,
-		LoadingMessage:           loadingMessage,
+		ModelName:                deps.modelName,
+		ProviderName:             deps.providerName,
+		LoadingMessage:           deps.loadingMessage,
 		Cwd:                      cwd,
 		Width:                    termWidth,
 		Height:                   termHeight,
-		ServerNames:              serverNames,
-		ToolNames:                toolNames,
-		GetToolNames:             getToolNames,
-		GetMCPToolCount:          getMCPToolCount,
-		MCPToolCount:             mcpToolCount,
-		ExtensionToolCount:       extensionToolCount,
-		UsageTracker:             usageTracker,
-		ExtensionCommands:        extCommands,
-		PromptTemplates:          promptTemplates,
-		GetPromptTemplates:       getPromptTemplates,
-		MCPPrompts:               mcpPrompts,
-		GetMCPPrompts:            getMCPPrompts,
-		ExpandMCPPrompt:          expandMCPPrompt,
-		ContextPaths:             contextPaths,
-		SkillItems:               skillItems,
-		GetSkillItems:            getSkillItems,
-		ExtensionItems:           extensionItems,
-		GetExtensionItems:        getExtensionItems,
-		StartupExtensionMessages: startupExtensionMessages,
-		GetWidgets:               getWidgets,
-		GetHeader:                getHeader,
-		GetFooter:                getFooter,
-		GetToolRenderer:          getToolRenderer,
-		GetEditorInterceptor:     getEditorInterceptor,
-		GetUIVisibility:          getUIVisibility,
-		GetStatusBarEntries:      getStatusBarEntries,
-		EmitBeforeFork:           emitBeforeFork,
-		EmitBeforeSessionSwitch:  emitBeforeSessionSwitch,
-		GetGlobalShortcuts:       getGlobalShortcuts,
-		GetExtensionCommands:     getExtensionCommands,
-		SetModel:                 setModel,
-		EmitModelChange:          emitModelChange,
-		ThinkingLevel:            thinkingLevel,
-		IsReasoningModel:         isReasoningModel,
-		SetThinkingLevel:         setThinkingLevel,
-		SwitchSession:            switchSession,
-		ReloadExtensions:         reloadExtensions,
+		ServerNames:              deps.serverNames,
+		ToolNames:                deps.toolNames,
+		GetToolNames:             deps.getToolNames,
+		GetMCPToolCount:          deps.getMCPToolCount,
+		MCPToolCount:             deps.mcpToolCount,
+		ExtensionToolCount:       deps.extensionToolCount,
+		UsageTracker:             deps.usageTracker,
+		ExtensionCommands:        deps.extCommands,
+		PromptTemplates:          deps.promptTemplates,
+		GetPromptTemplates:       deps.getPromptTemplates,
+		MCPPrompts:               deps.mcpPrompts,
+		GetMCPPrompts:            deps.getMCPPrompts,
+		ExpandMCPPrompt:          deps.expandMCPPrompt,
+		ContextPaths:             deps.contextPaths,
+		SkillItems:               deps.skillItems,
+		GetSkillItems:            deps.getSkillItems,
+		ExtensionItems:           deps.extensionItems,
+		GetExtensionItems:        deps.getExtensionItems,
+		StartupExtensionMessages: deps.startupExtensionMessages,
+		GetWidgets:               deps.getWidgets,
+		GetHeader:                deps.getHeader,
+		GetFooter:                deps.getFooter,
+		GetToolRenderer:          deps.getToolRenderer,
+		GetEditorInterceptor:     deps.getEditorInterceptor,
+		GetUIVisibility:          deps.getUIVisibility,
+		GetStatusBarEntries:      deps.getStatusBarEntries,
+		EmitBeforeFork:           deps.emitBeforeFork,
+		EmitBeforeSessionSwitch:  deps.emitBeforeSessionSwitch,
+		GetGlobalShortcuts:       deps.getGlobalShortcuts,
+		GetExtensionCommands:     deps.getExtensionCommands,
+		SetModel:                 deps.setModel,
+		EmitModelChange:          deps.emitModelChange,
+		ThinkingLevel:            deps.thinkingLevel,
+		IsReasoningModel:         deps.isReasoningModel,
+		SetThinkingLevel:         deps.setThinkingLevel,
+		SwitchSession:            deps.switchSession,
+		ReloadExtensions:         deps.reloadExtensions,
 		ShowSessionPicker:        resumeFlag,
 		GetMCPResources:          mcpGetResources,
 		MCPResourceReader:        mcpResourceReader,

examples/sdk/README.md

@@ -42,4 +42,14 @@ defer host.Close()
 response, err := host.Prompt(ctx, "Hello!")
 ```
 
+Or use the functional-options constructor for quick setups (streaming defaults on):
+
+```go
+host, err := kit.NewAgent(ctx,
+    kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+    kit.WithSystemPrompt("You are a helpful assistant."),
+    kit.Ephemeral(),
+)
+```
+
 See the [SDK README](../../pkg/kit/README.md) for the full API reference.

go.mod

@@ -4,21 +4,22 @@ go 1.26.3
 
 require (
 	charm.land/bubbles/v2 v2.1.0
-	charm.land/bubbletea/v2 v2.0.6
+	charm.land/bubbletea/v2 v2.0.7
 	charm.land/fantasy v0.25.0
 	charm.land/huh/v2 v2.0.3
 	charm.land/lipgloss/v2 v2.0.3
 	github.com/alecthomas/chroma/v2 v2.26.1
 	github.com/atotto/clipboard v0.1.4
 	github.com/aymanbagabas/go-udiff v0.4.1
+	github.com/charmbracelet/colorprofile v0.4.3
 	github.com/charmbracelet/fang v1.0.0
 	github.com/charmbracelet/log v1.0.0
 	github.com/charmbracelet/openai-go v0.0.0-20260319145158-d0740cc34266
-	github.com/charmbracelet/ultraviolet v0.0.0-20260525132238-948f4557a654
+	github.com/charmbracelet/ultraviolet v0.0.0-20260601155805-6cf7526a1b3f
 	github.com/charmbracelet/x/editor v0.2.0
 	github.com/clipperhouse/displaywidth v0.11.0
 	github.com/clipperhouse/uax29/v2 v2.7.0
-	github.com/coder/acp-go-sdk v0.13.0
+	github.com/coder/acp-go-sdk v0.13.5
 	github.com/fsnotify/fsnotify v1.10.1
 	github.com/indaco/herald v0.13.0
 	github.com/indaco/herald-md v0.3.0
@@ -26,6 +27,7 @@ require (
 	github.com/spf13/cobra v1.10.2
 	github.com/spf13/viper v1.21.0
 	github.com/traefik/yaegi v0.16.1
+	golang.org/x/image v0.41.0
 	golang.org/x/term v0.43.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -55,11 +57,10 @@ require (
 	github.com/catppuccin/go v0.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/charmbracelet/anthropic-sdk-go v0.0.0-20260223140439-63879b0b8dab // indirect
-	github.com/charmbracelet/colorprofile v0.4.3 // indirect
 	github.com/charmbracelet/harmonica v0.2.0 // indirect
 	github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 // indirect
 	github.com/charmbracelet/x/cellbuf v0.0.15 // indirect
-	github.com/charmbracelet/x/exp/charmtone v0.0.0-20260527151214-009e6338d40d // indirect
+	github.com/charmbracelet/x/exp/charmtone v0.0.0-20260602025833-85a30b5e440a // indirect
 	github.com/charmbracelet/x/exp/ordered v0.1.0 // indirect
 	github.com/charmbracelet/x/exp/slice v0.0.0-20260527151214-009e6338d40d // indirect
 	github.com/charmbracelet/x/exp/strings v0.1.0 // indirect
@@ -113,7 +114,7 @@ require (
 	go.opentelemetry.io/otel/trace v1.44.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/crypto v0.52.0 // indirect
-	golang.org/x/exp v0.0.0-20260528193900-50dc527dd6c7 // indirect
+	golang.org/x/exp v0.0.0-20260603202125-055de637280b // indirect
 	golang.org/x/net v0.55.0 // indirect
 	golang.org/x/oauth2 v0.36.0 // indirect
 	golang.org/x/time v0.15.0 // indirect
@@ -132,7 +133,7 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.4.0 // indirect
 	github.com/mattn/go-isatty v0.0.22 // indirect
-	github.com/mattn/go-runewidth v0.0.23 // indirect
+	github.com/mattn/go-runewidth v0.0.24 // indirect
 	github.com/muesli/cancelreader v0.2.2 // indirect
 	github.com/muesli/termenv v0.16.0 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect

go.sum

@@ -1,13 +1,15 @@
+cel.dev/expr v0.25.2/go.mod h1:hrXvqGP6G6gyx8UAHSHJ5RGk//1Oj5nXQ2NI02Nrsg4=
 charm.land/bubbles/v2 v2.1.0 h1:YSnNh5cPYlYjPxRrzs5VEn3vwhtEn3jVGRBT3M7/I0g=
 charm.land/bubbles/v2 v2.1.0/go.mod h1:l97h4hym2hvWBVfmJDtrEHHCtkIKeTEb3TTJ4ZOB3wY=
-charm.land/bubbletea/v2 v2.0.6 h1:UHN/91OyuhaOFGSrBXQ/hMZD8IO1Uc4BvHlgHXL2WJo=
-charm.land/bubbletea/v2 v2.0.6/go.mod h1:MH/D8ZLlN3op37vQvijKuU29g3rqTp+aQapURFonF9g=
+charm.land/bubbletea/v2 v2.0.7 h1:7qw2tTAVar7m7klOPBYfTB0mniv/RuexsYwMRNxSeL0=
+charm.land/bubbletea/v2 v2.0.7/go.mod h1:DGW2q8gvzHnOpMpZTORs0aySVHCox5C+2Svk0fci1qs=
 charm.land/fantasy v0.25.0 h1:oXOWY1ivmTSnhYGzAolscF8zKtavWZyBWv0LHRSwN5Q=
 charm.land/fantasy v0.25.0/go.mod h1:8QrWUzIcKwZQP+aAnC9vLu3iID6hu9/Jt+rPMiieBkc=
 charm.land/huh/v2 v2.0.3 h1:2cJsMqEPwSywGHvdlKsJyQKPtSJLVnFKyFbsYZTlLkU=
 charm.land/huh/v2 v2.0.3/go.mod h1:93eEveeeqn47MwiC3tf+2atZ2l7Is88rAtmZNZ8x9Wc=
 charm.land/lipgloss/v2 v2.0.3 h1:yM2zJ4Cf5Y51b7RHIwioil4ApI/aypFXXVHSwlM6RzU=
 charm.land/lipgloss/v2 v2.0.3/go.mod h1:7myLU9iG/3xluAWzpY/fSxYYHCgoKTie7laxk6ATwXA=
+charm.land/x/vcr v0.1.1/go.mod h1:eByq2gqzWvcct/8XE2XO5KznoWEBiXH56+y2gphbltM=
 cloud.google.com/go v0.123.0 h1:2NAUJwPR47q+E35uaJeYoNhuNEM9kM8SjgRgdeOJUSE=
 cloud.google.com/go v0.123.0/go.mod h1:xBoMV08QcqUGuPW65Qfm1o9Y4zKZBpGS+7bImXLTAZU=
 cloud.google.com/go/auth v0.20.0 h1:kXTssoVb4azsVDoUiF8KvxAqrsQcQtB53DcSgta74CA=
@@ -16,6 +18,11 @@ cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIi
 cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
 cloud.google.com/go/compute/metadata v0.9.0 h1:pDUj4QMoPejqq20dK0Pg2N4yG9zIkYGdBtwLoEkH9Zs=
 cloud.google.com/go/compute/metadata v0.9.0/go.mod h1:E0bWwX5wTnLPedCKqk3pJmVgCBSM6qQI1yTBdEb3C10=
+cloud.google.com/go/iam v1.11.0/go.mod h1:KP+nKGugNJW4LcLx1uEZcq1ok5sQHFaQehQNl4QDgV4=
+cloud.google.com/go/longrunning v0.5.6/go.mod h1:vUaDrWYOMKRuhiv6JBnn49YxCPz2Ayn9GqyjaBT8/mA=
+cloud.google.com/go/monitoring v1.29.0/go.mod h1:72NOVjJXHY/HBfoLT0+qlCZBT059+9VXLeAnL2PeeVM=
+cloud.google.com/go/storage v1.62.1/go.mod h1:cpYz/kRVZ+UQAF1uHeea10/9ewcRbxGoGNKsS9daSXA=
+cloud.google.com/go/translate v1.10.3/go.mod h1:GW0vC1qvPtd3pgtypCv4k4U8B7EdgK9/QEF2aJEUovs=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.1 h1:jHb/wfvRikGdxMXYV3QG/SzUOPYN9KEUUuC0Yd0/vC0=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.1/go.mod h1:pzBXCYn05zvYIrwLgtK8Ap8QcjRg+0i76tMQdWN6wOk=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1 h1:Hk5QBxZQC1jb2Fwj6mpzme37xbCDdNTxU7O9eb5+LB4=
@@ -24,14 +31,20 @@ github.com/Azure/azure-sdk-for-go/sdk/internal v1.12.0 h1:fhqpLE3UEXi9lPaBRpQ6Xu
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.12.0/go.mod h1:7dCRMLwisfRH3dBupKeNCioWYUZ4SS09Z14H+7i8ZoY=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0 h1:XRzhVemXdgvJqCH0sFfrBUTnUJSBrBf7++ypk+twtRs=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0/go.mod h1:HKpQxkWaGLJ+D/5H8QRpyQXA1eKjxkFlOMwck5+33Jk=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.32.0/go.mod h1:RD2SsorTmYhF6HkTmDw7KmPYQk8OBYwTkuasChwv7R4=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.56.0/go.mod h1:hEpiGU18xf70qb3jbTcIggWAiEfX/cOIVc2OTe4OegA=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.56.0/go.mod h1:6ZZMQhZKDvUvkJw2rc+oDP90tMMzuU/J+5HG1ZmPOmE=
 github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
 github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE=
+github.com/Rhymond/go-money v1.0.15/go.mod h1:iHvCuIvitxu2JIlAlhF0g9jHqjRSr+rpdOs7Omqlupg=
 github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
 github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
 github.com/alecthomas/chroma/v2 v2.26.1 h1:2X21EdxGZNv5GF9mG5u+uzc02GCFyGxbcBm3Grd9A78=
 github.com/alecthomas/chroma/v2 v2.26.1/go.mod h1:lxhRRa9H4hPmRLOOdYga4zkQIQjq3dtrrdwQeCfu78Y=
 github.com/alecthomas/repr v0.5.2 h1:SU73FTI9D1P5UNtvseffFSGmdNci/O6RsqzeXJtP0Qs=
 github.com/alecthomas/repr v0.5.2/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
+github.com/ardanlabs/jinja v1.2.0/go.mod h1:aXXzlJfjA+T3XNKA/YT5ZtDq2VJxt5a5siZ8cl9B35Q=
+github.com/ardanlabs/kronk v1.25.2/go.mod h1:b5Gg4jDqvHDklkeHNB8+7treZRxUiCFsV65zphrTloY=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aws/aws-sdk-go-v2 v1.41.8 h1:sRs7nG6/RiEBZ/K5UO2sNw0w40U02Nmz1VtARloTZXk=
@@ -48,12 +61,16 @@ github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.24 h1:u6kJU2i0va1AgtJsH
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.24/go.mod h1:7GY+xLcXOFUpCkNwDReft9qOAVg54A4/AnjHIU7sSAY=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.24 h1:Xhbcf3KugX6vX7SDyUK205Oicyfg7EGuvoVNyP5L6DM=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.24/go.mod h1:rwDgb2HNOGZsnTHylOUedM7Vnl+bCfnXDqUNPsFWYfk=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.25 h1:54CTMmlJ71Rk2dYvM9qZOob+39wjlVja2zDLxCu69Ew=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.25/go.mod h1:BZaHqxsS9vN1fvV5EfEl0OBLOk5+AajWsMu6MjqnZB4=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.9 h1:FLudkZLt5ci0ozzgkVo8BJGwvqNaZbTWb3UcucAateA=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.9/go.mod h1:w7wZ/s9qK7c8g4al+UyoF1Sp/Z45UwMGcqIzLWVQHWk=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.15/go.mod h1:e3IzZvQ3kAWNykvE0Tr0RDZCMFInMvhku3qNpcIQXhM=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.24 h1:CQW2FTrflfoslYWLf3fv7vG28Q219+v8YJS5QTQb2+Y=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.24/go.mod h1:Xfx13T+u3nH6EEzgl9fBSO6nDRmze1FvnZNYkctQ2zw=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.23/go.mod h1:M8l3mwgx5ToK7wot2sBBce/ojzgnPzZXUV445gTSyE8=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.101.0/go.mod h1:L2dcoOgS2VSgbPLvpak2NyUPsO1TBN7M45Z4H7DlRc4=
 github.com/aws/aws-sdk-go-v2/service/signin v1.1.0 h1:yQo3eZ5qFaL1sJWqs1nL6j3yPHA2/R7c6tQ4T+0IO10=
 github.com/aws/aws-sdk-go-v2/service/signin v1.1.0/go.mod h1:3Zzou41Qt/ueXfIzHvTEjDNuR5IjCUBVF01SNhrt1e8=
 github.com/aws/aws-sdk-go-v2/service/sso v1.30.18 h1:ApLTFdAZfDhZSiY5uskwECKHkSNNF83y2Ru2r7SezWA=
@@ -68,8 +85,14 @@ github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiE
 github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
 github.com/aymanbagabas/go-udiff v0.4.1 h1:OEIrQ8maEeDBXQDoGCbbTTXYJMYRCRO1fnodZ12Gv5o=
 github.com/aymanbagabas/go-udiff v0.4.1/go.mod h1:0L9PGwj20lrtmEMeyw4WKJ/TMyDtvAoK9bf2u/mNo3w=
+github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4=
+github.com/bits-and-blooms/bitset v1.24.4/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
 github.com/catppuccin/go v0.3.0 h1:d+0/YicIq+hSTo5oPuRi5kOpqkVA5tAsU6dNhvRu+aY=
 github.com/catppuccin/go v0.3.0/go.mod h1:8IHJuMGaUUjQM82qBrGNBv7LFq6JI3NnQCF6MOlZjpc=
+github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/charmbracelet/anthropic-sdk-go v0.0.0-20260223140439-63879b0b8dab h1:J7XQLgl9sefgTnTGrmX3xqvp5o6MCiBzEjGv5igAlc4=
@@ -86,8 +109,8 @@ github.com/charmbracelet/log v1.0.0 h1:HVVVMmfOorfj3BA9i8X8UL69Hoz9lI0PYwXfJvOdR
 github.com/charmbracelet/log v1.0.0/go.mod h1:uYgY3SmLpwJWxmlrPwXvzVYujxis1vAKRV/0VQB7yWA=
 github.com/charmbracelet/openai-go v0.0.0-20260319145158-d0740cc34266 h1:BW/sZtyd1JyYy0h5adMm3tzpNyL857LWjuTRET6OhpY=
 github.com/charmbracelet/openai-go v0.0.0-20260319145158-d0740cc34266/go.mod h1:1DahUaExbUZx/jD+FNT2PKP4L9rLE5+ZBRuI8mZjd/E=
-github.com/charmbracelet/ultraviolet v0.0.0-20260525132238-948f4557a654 h1:FpSYhY28ucg9ZRr+2wj67FAQ0Ey5yiK0072PmRDJNek=
-github.com/charmbracelet/ultraviolet v0.0.0-20260525132238-948f4557a654/go.mod h1:hFpumms29Smx3LStRfku8vcCTBe1Kq8aCXtHUJa3mjY=
+github.com/charmbracelet/ultraviolet v0.0.0-20260601155805-6cf7526a1b3f h1:vKsPSlO4g4jKfJ9enESgNZ45BkbHngTIq3UxNOzic74=
+github.com/charmbracelet/ultraviolet v0.0.0-20260601155805-6cf7526a1b3f/go.mod h1:hFpumms29Smx3LStRfku8vcCTBe1Kq8aCXtHUJa3mjY=
 github.com/charmbracelet/x/ansi v0.11.7 h1:kzv1kJvjg2S3r9KHo8hDdHFQLEqn4RBCb39dAYC84jI=
 github.com/charmbracelet/x/ansi v0.11.7/go.mod h1:9qGpnAVYz+8ACONkZBUWPtL7lulP9No6p1epAihUZwQ=
 github.com/charmbracelet/x/cellbuf v0.0.15 h1:ur3pZy0o6z/R7EylET877CBxaiE1Sp1GMxoFPAIztPI=
@@ -98,8 +121,8 @@ github.com/charmbracelet/x/editor v0.2.0 h1:7XLUKtaRaB8jN7bWU2p2UChiySyaAuIfYiIR
 github.com/charmbracelet/x/editor v0.2.0/go.mod h1:p3oQ28TSL3YPd+GKJ1fHWcp+7bVGpedHpXmo0D6t1dY=
 github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86 h1:JSt3B+U9iqk37QUU2Rvb6DSBYRLtWqFqfxf8l5hOZUA=
 github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86/go.mod h1:2P0UgXMEa6TsToMSuFqKFQR+fZTO9CNGUNokkPatT/0=
-github.com/charmbracelet/x/exp/charmtone v0.0.0-20260527151214-009e6338d40d h1:sMilwx1YIYTrQva6jsB522AoRYAerNaDIKP4ZPtUq0A=
-github.com/charmbracelet/x/exp/charmtone v0.0.0-20260527151214-009e6338d40d/go.mod h1:nsExn0DGyX0lh9LwLHTn2Gg+hafdzfSXnC+QmEJTZFY=
+github.com/charmbracelet/x/exp/charmtone v0.0.0-20260602025833-85a30b5e440a h1:aVvnksCVgxB2igk7jERL9ARIkbDXccp1gXCFqhGlamQ=
+github.com/charmbracelet/x/exp/charmtone v0.0.0-20260602025833-85a30b5e440a/go.mod h1:nsExn0DGyX0lh9LwLHTn2Gg+hafdzfSXnC+QmEJTZFY=
 github.com/charmbracelet/x/exp/golden v0.0.0-20250806222409-83e3a29d542f h1:pk6gmGpCE7F3FcjaOEKYriCvpmIN4+6OS/RD0vm4uIA=
 github.com/charmbracelet/x/exp/golden v0.0.0-20250806222409-83e3a29d542f/go.mod h1:IfZAMTHB6XkZSeXUqriemErjAWCCzT0LwjKFYCZyw0I=
 github.com/charmbracelet/x/exp/ordered v0.1.0 h1:55/qLwjIh0gL0Vni+QAWk7T/qRVP6sBf+2agPBgnOFE=
@@ -120,12 +143,13 @@ github.com/charmbracelet/x/xpty v0.1.3 h1:eGSitii4suhzrISYH50ZfufV3v085BXQwIytcO
 github.com/charmbracelet/x/xpty v0.1.3/go.mod h1:poPYpWuLDBFCKmKLDnhBp51ATa0ooD8FhypRwEFtH3Y=
 github.com/clipperhouse/displaywidth v0.11.0 h1:lBc6kY44VFw+TDx4I8opi/EtL9m20WSEFgwIwO+UVM8=
 github.com/clipperhouse/displaywidth v0.11.0/go.mod h1:bkrFNkf81G8HyVqmKGxsPufD3JhNl3dSqnGhOoSD/o0=
+github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
 github.com/clipperhouse/uax29/v2 v2.7.0 h1:+gs4oBZ2gPfVrKPthwbMzWZDaAFPGYK72F0NJv2v7Vk=
 github.com/clipperhouse/uax29/v2 v2.7.0/go.mod h1:EFJ2TJMRUaplDxHKj1qAEhCtQPW2tJSwu5BF98AuoVM=
 github.com/cncf/xds/go v0.0.0-20260202195803-dba9d589def2 h1:aBangftG7EVZoUb69Os8IaYg++6uMOdKK83QtkkvJik=
 github.com/cncf/xds/go v0.0.0-20260202195803-dba9d589def2/go.mod h1:qwXFYgsP6T7XnJtbKlf1HP8AjxZZyzxMmc+Lq5GjlU4=
-github.com/coder/acp-go-sdk v0.13.0 h1:IAKBDIbe/iBfKAGikeIndzb8fowt4ioD+gCtSU4HwMA=
-github.com/coder/acp-go-sdk v0.13.0/go.mod h1:yKzM/3R9uELp4+nBAwwtkS0aN1FOFjo11CNPy37yFko=
+github.com/coder/acp-go-sdk v0.13.5 h1:LI9jq5xon7xslaYlnoktvTVyDlE37yIk2daT7N9ASYk=
+github.com/coder/acp-go-sdk v0.13.5/go.mod h1:yKzM/3R9uELp4+nBAwwtkS0aN1FOFjo11CNPy37yFko=
 github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
 github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
 github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
@@ -137,11 +161,16 @@ github.com/dlclark/regexp2/v2 v2.1.1 h1:LCUGyd9Wf+r+VVOl8Ny38JTpWJcAsdVnCIuhhtth
 github.com/dlclark/regexp2/v2 v2.1.1/go.mod h1:avUrQvPaLz2DrFNHJF0taWAFFX2C1GMSSoeiqFjcBmU=
 github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
+github.com/dromara/carbon/v2 v2.6.16/go.mod h1:NGo3reeV5vhWCYWcSqbJRZm46MEwyfYI5EJRdVFoLJo=
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/ebitengine/purego v0.10.0/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
+github.com/eliben/go-sentencepiece v0.6.0/go.mod h1:nNYk4aMzgBoI6QFp4LUG8Eu1uO9fHD9L5ZEre93o9+c=
 github.com/envoyproxy/go-control-plane v0.14.0 h1:hbG2kr4RuFj222B6+7T83thSPqLjwBIfQawTkC++2HA=
+github.com/envoyproxy/go-control-plane v0.14.0/go.mod h1:NcS5X47pLl/hfqxU70yPwL9ZMkUlwlKxtAohpi2wBEU=
 github.com/envoyproxy/go-control-plane/envoy v1.37.0 h1:u3riX6BoYRfF4Dr7dwSOroNfdSbEPe9Yyl09/B6wBrQ=
 github.com/envoyproxy/go-control-plane/envoy v1.37.0/go.mod h1:DReE9MMrmecPy+YvQOAOHNYMALuowAnbjjEMkkWOi6A=
+github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4=
 github.com/envoyproxy/protoc-gen-validate v1.3.3 h1:MVQghNeW+LZcmXe7SY1V36Z+WFMDjpqGAGacLe2T0ds=
 github.com/envoyproxy/protoc-gen-validate v1.3.3/go.mod h1:TsndJ/ngyIdQRhMcVVGDDHINPLWB7C82oDArY51KfB0=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
@@ -150,6 +179,7 @@ github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHk
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.10.1 h1:b0/UzAf9yR5rhf3RPm9gf3ehBPpf0oZKIjtpKrx59Ho=
 github.com/fsnotify/fsnotify v1.10.1/go.mod h1:TLheqan6HD6GBK6PrDWyDPBaEV8LspOxvPSjC+bVfgo=
+github.com/go-jose/go-jose/v4 v4.1.4/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
 github.com/go-json-experiment/json v0.0.0-20260520185125-572e7c383686 h1:NZBJxCpbHS1gzS6xAmyxbJznosZIIPk9IB42v62UvKA=
 github.com/go-json-experiment/json v0.0.0-20260520185125-572e7c383686/go.mod h1:tphK2c80bpPhMOI4v6bIc2xWywPfbqi1Z06+RcrMkDg=
 github.com/go-logfmt/logfmt v0.6.1 h1:4hvbpePJKnIzH1B+8OR/JPbTx37NktoI9LE2QZBBkvE=
@@ -165,12 +195,17 @@ github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
 github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
+github.com/golang/glog v1.2.5/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/go-pkcs11 v0.3.0/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY=
 github.com/google/jsonschema-go v0.4.3 h1:/DBOLZTfDow7pe2GmaJNhltueGTtDKICi8V8p+DQPd0=
 github.com/google/jsonschema-go v0.4.3/go.mod h1:r5quNTdLOYEz95Ru18zA0ydNbBuYoo9tgaYcxEYhJVE=
+github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
 github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
 github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
@@ -181,14 +216,23 @@ github.com/googleapis/gax-go/v2 v2.22.0 h1:PjIWBpgGIVKGoCXuiCoP64altEJCj3/Ei+kSU
 github.com/googleapis/gax-go/v2 v2.22.0/go.mod h1:irWBbALSr0Sk3qlqb9SyJ1h68WjgeFuiOzI4Rqw5+aY=
 github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0/go.mod h1:Hyl3n6Twe1hvtd9XUXDec4pTvgMSEixRuQKPTMH2bNs=
+github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.72/go.mod h1:Vn+BBgKQHVQYdVQ4NZDICE1Brb+JfaONyDHr3q07oQc=
+github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
+github.com/hashicorp/go-getter v1.8.6/go.mod h1:nVH12eOV2P58dIiL3rsU6Fh3wLeJEKBOJzhMmzlSWoo=
+github.com/hashicorp/go-version v1.9.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
 github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
 github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
+github.com/hybridgroup/yzma v1.13.0/go.mod h1:zrzMgv/KVQz23+s6l16b+vJ+9uJVBdWtGcGkwRTMeiQ=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/indaco/herald v0.13.0 h1:+xVG9Fx5NpuWhwku/9IlRL6I009NnX4VUGKvlZHTRxU=
 github.com/indaco/herald v0.13.0/go.mod h1:T5g1+XLYvpjouhzAGHnAHDCKizhESkoV6+QPZ3DhgWA=
 github.com/indaco/herald-md v0.3.0 h1:hN1cKyrexPPM9PeHBsKuaWvIizSi/iYvM9yzRgtdb8M=
 github.com/indaco/herald-md v0.3.0/go.mod h1:RUHVaDSG45ymJjKyxpDwBocLXrZo93FB4OeYMsw9B9s=
+github.com/invopop/jsonschema v0.13.0/go.mod h1:ffZ5Km5SWWRAIN6wbDXItl95euhFz2uON45H2qjYt+0=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/jupiterrider/ffi v0.7.0/go.mod h1:9dauhpOfNqrqk28fxuu0kkdeFtT9Qr4vbfigiuIXN7c=
 github.com/kaptinlin/go-i18n v0.4.5 h1:9tIlo5A0RXth+yZJO2MG7Bhpu/X9PlzQnGz/qyYWNoY=
 github.com/kaptinlin/go-i18n v0.4.5/go.mod h1:mU/7BH4molY5lGZYBwBRKAaiJ70dWRHuqmQ0/pFLGno=
 github.com/kaptinlin/jsonpointer v0.4.25 h1:iJ197e8n+WwqaqBsa53FqG3rPJCg5oijyFXEXNWWC3E=
@@ -197,6 +241,7 @@ github.com/kaptinlin/jsonschema v0.7.13 h1:kahVXTy/rURL0XJjyQ9WELm59wEmXi6IY0TWs
 github.com/kaptinlin/jsonschema v0.7.13/go.mod h1:Uh0aUBusnhXDCEXJ2oimL/hx7YTo7F+sKniE+tM0ERc=
 github.com/kaptinlin/messageformat-go v0.6.0 h1:D6jiXFsKW4/JG2CMddv/F6Rev9KVbCRKEzzV5QOAcpc=
 github.com/kaptinlin/messageformat-go v0.6.0/go.mod h1:NKjwS6e9u7DRhAK+vydjDDwJ7UbdHhYjk/yk2WPuZPs=
+github.com/klauspost/compress v1.18.6/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
@@ -205,12 +250,14 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/lucasb-eyer/go-colorful v1.4.0 h1:UtrWVfLdarDgc44HcS7pYloGHJUjHV/4FwW4TvVgFr4=
 github.com/lucasb-eyer/go-colorful v1.4.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mark3labs/mcp-go v0.54.1 h1:Ap/ptEB9FtWzFKM8NDsTA7QDxerQOC06eZigrTldVj0=
 github.com/mark3labs/mcp-go v0.54.1/go.mod h1:+8WclSK1ZUweCP3hvktSji8n8ABG/95QaEkeVE/Uwas=
 github.com/mattn/go-isatty v0.0.22 h1:j8l17JJ9i6VGPUFUYoTUKPSgKe/83EYU2zBC7YNKMw4=
 github.com/mattn/go-isatty v0.0.22/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4=
-github.com/mattn/go-runewidth v0.0.23 h1:7ykA0T0jkPpzSvMS5i9uoNn2Xy3R383f9HDx3RybWcw=
-github.com/mattn/go-runewidth v0.0.23/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs=
+github.com/mattn/go-runewidth v0.0.24 h1:cpokDiIn0MGnhdHwuWnJBITySJ20QyNGnY2kR/ay2DU=
+github.com/mattn/go-runewidth v0.0.24/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
 github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
 github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
@@ -225,6 +272,7 @@ github.com/muesli/roff v0.1.0 h1:YD0lalCotmYuF5HhZliKWlIx7IEhiXeSfq7hNjFqGF8=
 github.com/muesli/roff v0.1.0/go.mod h1:pjAHQM9hdUUwm/krAfrLGgJkXJ+YuhtsfZ42kieB2Ig=
 github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc=
 github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/pelletier/go-toml/v2 v2.3.1 h1:MYEvvGnQjeNkRF1qUuGolNtNExTDwct51yp7olPtrEc=
 github.com/pelletier/go-toml/v2 v2.3.1/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
@@ -233,6 +281,10 @@ github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgm
 github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg=
+github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
+github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw=
+github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo=
 github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
@@ -240,8 +292,10 @@ github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sagikazarmark/locafero v0.12.0 h1:/NQhBAkUb4+fH1jivKHWusDYFjMOOKU88eegjfxfHb4=
 github.com/sagikazarmark/locafero v0.12.0/go.mod h1:sZh36u/YSZ918v0Io+U9ogLYQJ9tLLBmM4eneO6WwsI=
+github.com/sahilm/fuzzy v0.1.1/go.mod h1:VFvziUEIMCrT6A6tw2RFIXPXXmzXbOsSHF0DOI8ZK9Y=
 github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 h1:KRzFb2m7YtdldCEkzs6KqmJw4nqEVZGK7IN2kJkjTuQ=
 github.com/santhosh-tekuri/jsonschema/v6 v6.0.2/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU=
+github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8/go.mod h1:3n1Cwaq1E1/1lhQhtRK2ts/ZwZEhjcQeJQ1RuC6Q/8U=
 github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I=
 github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg=
 github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY=
@@ -253,6 +307,7 @@ github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
 github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU=
 github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY=
+github.com/spiffe/go-spiffe/v2 v2.6.0/go.mod h1:gm2SeUoMZEtpnzPNs2Csc0D/gX33k1xIx7lEzqblHEs=
 github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
@@ -270,20 +325,27 @@ github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
 github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
 github.com/traefik/yaegi v0.16.1 h1:f1De3DVJqIDKmnasUF6MwmWv1dSEEat0wcpXhD2On3E=
 github.com/traefik/yaegi v0.16.1/go.mod h1:4eVhbPb3LnD2VigQjhYbEJ69vDRFdT2HQNrXx8eEwUY=
+github.com/ulikunitz/xz v0.5.15/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/wk8/go-ordered-map/v2 v2.1.8/go.mod h1:5nJHM5DyteebpVlHnWMV0rPz6Zp7+xBAnxjb1X5vnTw=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
 github.com/yosida95/uritemplate/v3 v3.0.2 h1:Ed3Oyj9yrmi9087+NczuL5BwkIc4wvTb5zIM+UJPGz4=
 github.com/yosida95/uritemplate/v3 v3.0.2/go.mod h1:ILOh0sOhIJR3+L/8afwt/kE++YT040gmv5BQTMR2HP4=
 github.com/yuin/goldmark v1.8.2 h1:kEGpgqJXdgbkhcOgBxkC0X0PmoPG1ZyoZ117rDVp4zE=
 github.com/yuin/goldmark v1.8.2/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
+github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
 go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
+go.opentelemetry.io/contrib/detectors/gcp v1.43.0/go.mod h1:RyaZMFY7yi1kAs45S6mbFGz8O8rqB0dTY14uzvG4LCs=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.69.0 h1:2yEATaop1/a1I4psnSLgWVPLWwCzkqWakgJy7xTDVy0=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.69.0/go.mod h1:D7J12YRapIekYyPWgGPlA/23pRmpSEZC5xJC/TTLI9U=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.69.0 h1:8tvICD4vSTOOsNrsI4Ljf6C+6UKvpTEH5XY3JMoyPoo=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.69.0/go.mod h1:z9+yiacE0IHRqM4qFfkbt/JYlmYXgss8GY/jXoNuPJI=
 go.opentelemetry.io/otel v1.44.0 h1:JjwHmHpA4iZ3wBxluu2fbbE7j4kqlE8jXyAyPXH7HqU=
 go.opentelemetry.io/otel v1.44.0/go.mod h1:BMgjTHL9WPRlRjL2oZCBTL4whCGtXch2H4BhOPIAyYc=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0/go.mod h1:Vl1/iaggsuRlrHf/hfPJPvVag77kKyvrLeD10kpMl+A=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.43.0/go.mod h1:AGmbycVGEsRx9mXMZ75CsOyhSP6MFIcj/6dnG+vhVjk=
 go.opentelemetry.io/otel/metric v1.44.0 h1:1w0gILTcHdr3YI+ixLyjemwrVnsMURbTZFrSYCdDdmc=
 go.opentelemetry.io/otel/metric v1.44.0/go.mod h1:8O7hanEPBNgEMmybD3s2VBKcgWOCsA6tzHBPODAiquo=
 go.opentelemetry.io/otel/sdk v1.44.0 h1:nHYwb9lK+fJPU/dnT6s7W7Z8itMWyqrnVfbheVYrZ58=
@@ -292,12 +354,18 @@ go.opentelemetry.io/otel/sdk/metric v1.44.0 h1:3LlKgI+VjbVsjNRFZJZAJ30WjXC5VkNRk
 go.opentelemetry.io/otel/sdk/metric v1.44.0/go.mod h1:5B5pMARnXxKhltooO4xUuCBorl65a4EpnTalObqOigA=
 go.opentelemetry.io/otel/trace v1.44.0 h1:jxF5CsGYCe74MCRx2X4g7WsY/VBKRqqpNvXlX/6gtIk=
 go.opentelemetry.io/otel/trace v1.44.0/go.mod h1:oLl1jrMQAVo6v3GAggN+1VH9VIz9iUSvW53sW1Q8PIE=
+go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk=
+go.yaml.in/yaml/v2 v2.4.4/go.mod h1:gMZqIpDtDqOfM0uNfy0SkpRhvUryYH0Z6wdMYcacYXQ=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
+go.yaml.in/yaml/v4 v4.0.0-rc.3/go.mod h1:aZqd9kCMsGL7AuUv/m/PvWLdg5sjJsZ4oHDEnfPPfY0=
 golang.org/x/crypto v0.52.0 h1:RMs7fP2rXdep0CftQlK8Uf+kibLm7qkCcradZWYz988=
 golang.org/x/crypto v0.52.0/go.mod h1:1QgfPxDqh0T2M/elOJtp9RvuR95kVjir0e6/BvEmGbc=
-golang.org/x/exp v0.0.0-20260528193900-50dc527dd6c7 h1:cHpkPjp4TILjdZxz/O4ykwCpeS+dDqNuDGse4zgQDCk=
-golang.org/x/exp v0.0.0-20260528193900-50dc527dd6c7/go.mod h1:d2fgXJLVs4dYDHUk5lwMIfzRzSrWCfGZb0ZqeLa/Vcw=
+golang.org/x/exp v0.0.0-20260603202125-055de637280b h1:v1uXiEBHo8QA0LiGCo7UgHMzHT4Kdfpl2zmtH5vaP1Q=
+golang.org/x/exp v0.0.0-20260603202125-055de637280b/go.mod h1:d2fgXJLVs4dYDHUk5lwMIfzRzSrWCfGZb0ZqeLa/Vcw=
+golang.org/x/image v0.41.0 h1:8wS72eGJMJaBxK6okTzd4WaXumUlTVlb753MlsSvTCo=
+golang.org/x/image v0.41.0/go.mod h1:uIc348UZMSvS5Z65CVZ7iDPaNobNFEPeJ4kbqTOszmA=
+golang.org/x/mod v0.36.0/go.mod h1:moc6ELqsWcOw5Ef3xVprK5ul/MvtVvkIXLziUOICjUQ=
 golang.org/x/net v0.55.0 h1:bcvxaJn3e1U6InsFWt1JUq1aSjnRxLzT2rtD2KfkDF8=
 golang.org/x/net v0.55.0/go.mod h1:L5U2KuzuOe1lY7Z+aWVIKK6qEeJXnXV9yzGA+WCHJww=
 golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
@@ -312,16 +380,21 @@ golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc=
 golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38=
 golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U=
 golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno=
+golang.org/x/tools v0.45.0/go.mod h1:LuUGqqaXcXMEFEruIVJVm5mgDD8vww/z/SR1gQ4uE/0=
+golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
+golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8=
 gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
 gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
 google.golang.org/api v0.282.0 h1:WmJiSVqUnKqJCpJOx7YADbXaC+9DDsnGSfllFSj7R2I=
 google.golang.org/api v0.282.0/go.mod h1:6Wssta4c5n9qHq5CBhmlai5h/PUa1djdDAIhYEHyvcM=
+google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
 google.golang.org/genai v1.58.0 h1:MNA3ZkRyr7MnRwZ9RNZ60p4+UMKV3yYRw6pyHq4pp0U=
 google.golang.org/genai v1.58.0/go.mod h1:A3kkl0nyBjyFlNjgxIwKq70julKbIxpSxqKO5gw/gmk=
 google.golang.org/genproto v0.0.0-20260504160031-60b97b32f348 h1:JjVGDZYWkJWZcxveJGzfkXC5myDVWAd4dZdgbzrDUv8=
 google.golang.org/genproto v0.0.0-20260504160031-60b97b32f348/go.mod h1:95PqD4xM+AdOcBGsmgfaofXsiA37uXDtDufVbntT3TU=
 google.golang.org/genproto/googleapis/api v0.0.0-20260504160031-60b97b32f348 h1:U8orV30l6KpDsi9dxU0CoJZGbjS8EEpw+6ba+XwGPQA=
 google.golang.org/genproto/googleapis/api v0.0.0-20260504160031-60b97b32f348/go.mod h1:Yzdzr5OOZFgSsEV2D/Xi9NL3bszpXFAg0hFJiRohcD8=
+google.golang.org/genproto/googleapis/bytestream v0.0.0-20260523011958-0a33c5d7ca68/go.mod h1:6TABGosqSqU2l1+fJ3jdvOYPPVryeKybxYF0cCZkTBE=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa h1:mZHHdPZl0dbGHCflZgAq/Q468DWVFcU2whhB2KAo8fk=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
 google.golang.org/grpc v1.81.1 h1:VnnIIZ88UzOOKLukQi+ImGz8O1Wdp8nAGGnvOfEIWQQ=
@@ -331,6 +404,8 @@ google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/dnaeon/go-vcr.v4 v4.0.6-0.20251110073552-01de4eb40290/go.mod h1:sbq5oMEcM4PXngbcNbHhzfCP9OdZodLhrbRYoyg09HY=
+gopkg.in/ini.v1 v1.67.1/go.mod h1:x/cyOwCgZqOkJoDIJ3c1KNHMo10+nLGAhh+kn3Zizss=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

internal/acpserver/agent.go

@@ -61,6 +61,12 @@ func (a *Agent) Authenticate(_ context.Context, _ acp.AuthenticateRequest) (acp.
 	return acp.AuthenticateResponse{}, nil
 }
 
+// Logout handles logout requests. Kit doesn't require auth for local stdio
+// usage, so this is a no-op.
+func (a *Agent) Logout(_ context.Context, _ acp.LogoutRequest) (acp.LogoutResponse, error) {
+	return acp.LogoutResponse{}, nil
+}
+
 // Initialize negotiates capabilities with the ACP client.
 func (a *Agent) Initialize(_ context.Context, params acp.InitializeRequest) (acp.InitializeResponse, error) {
 	log.Debug("acp: initialize", "protocol_version", params.ProtocolVersion)

internal/acpserver/session.go

@@ -7,6 +7,7 @@ import (
 	"sync"
 
 	"github.com/charmbracelet/log"
+	"github.com/spf13/viper"
 
 	"github.com/mark3labs/kit/internal/extbridge"
 	"github.com/mark3labs/kit/internal/extensions"
@@ -38,10 +39,21 @@ func newSessionRegistry() *sessionRegistry {
 // given working directory. The Kit-generated session ID is used as the ACP
 // session ID so the mapping is 1:1.
 func (r *sessionRegistry) create(ctx context.Context, cwd string) (*acpSession, error) {
+	// Each ACP session gets its own isolated config store (CLI is left nil) so
+	// per-session SetModel / SetThinkingLevel calls cannot race or bleed across
+	// the sessionRegistry. We seed the relevant root-command flag values from
+	// the process-global store (which cobra populated from flags) so launching
+	// `kit acp -m <model> [--thinking-level ...] [--provider-url ...]` is still
+	// honored; .kit.yml and KIT_* env vars are loaded per session by kit.New.
+	streamOn := true
 	kitInstance, err := kit.New(ctx, &kit.Options{
-		SessionDir: cwd,
-		Quiet:      true,
-		Streaming:  true,
+		SessionDir:     cwd,
+		Quiet:          true,
+		Streaming:      &streamOn,
+		Model:          viper.GetString("model"),
+		ThinkingLevel:  viper.GetString("thinking-level"),
+		ProviderURL:    viper.GetString("provider-url"),
+		ProviderAPIKey: viper.GetString("provider-api-key"),
 	})
 	if err != nil {
 		// Provide actionable guidance for provider auth errors, which are

internal/agent/agent.go

@@ -169,9 +169,9 @@ type RetryHandler func(attempt int, err error)
 type PrepareStepHandler func(stepNumber int, messages []fantasy.Message) []fantasy.Message
 
 // GenerateCallbacks consolidates all callback functions for
-// GenerateWithLoopAndStreaming into a single struct. This replaces the previous
-// 16+ positional callback parameters, making it easier to add new callbacks
-// without breaking existing callers (new fields default to nil).
+// GenerateWithCallbacks into a single struct, replacing what was previously
+// 16+ positional callback parameters. New fields default to nil, so adding
+// new callbacks does not break existing callers.
 type GenerateCallbacks struct {
 	OnToolCall          ToolCallHandler
 	OnToolExecution     ToolExecutionHandler
@@ -246,6 +246,12 @@ type Agent struct {
 	mcpReady chan struct{}
 	// mcpErr holds any error from background MCP loading.
 	mcpErr error
+
+	// promptMu serializes runtime updates to systemPrompt and the
+	// accompanying fantasy agent rebuild so concurrent SetSystemPrompt
+	// callers (e.g. Kit.applyComposedSystemPrompt invoked from multiple
+	// goroutines) don't race on a.systemPrompt / a.fantasyAgent.
+	promptMu sync.Mutex
 }
 
 // GenerateWithLoopResult contains the result and conversation history from an agent interaction.
@@ -516,44 +522,6 @@ func (a *Agent) GenerateWithLoop(ctx context.Context, messages []fantasy.Message
 	})
 }
 
-// GenerateWithLoopAndStreaming processes messages using the agent with streaming and callbacks.
-// The agent handles the tool call loop internally.
-//
-// Deprecated: Use GenerateWithCallbacks instead, which takes a GenerateCallbacks
-// struct and is easier to extend with new callbacks.
-func (a *Agent) GenerateWithLoopAndStreaming(ctx context.Context, messages []fantasy.Message,
-	onToolCall ToolCallHandler, onToolExecution ToolExecutionHandler, onToolResult ToolResultHandler,
-	onResponse ResponseHandler, onToolCallContent ToolCallContentHandler,
-	onStreamingResponse StreamingResponseHandler,
-	onReasoningDelta ReasoningDeltaHandler,
-	onReasoningComplete ReasoningCompleteHandler,
-	onToolOutput ToolOutputHandler,
-	onStepMessages StepMessagesHandler,
-	onStepUsage StepUsageHandler,
-	onPasswordPrompt PasswordPromptHandler,
-	onToolCallStart ToolCallStartHandler,
-	onToolCallDelta ToolCallDeltaHandler,
-	onToolCallEnd ToolCallEndHandler,
-) (*GenerateWithLoopResult, error) {
-	return a.GenerateWithCallbacks(ctx, messages, GenerateCallbacks{
-		OnToolCall:          onToolCall,
-		OnToolExecution:     onToolExecution,
-		OnToolResult:        onToolResult,
-		OnResponse:          onResponse,
-		OnToolCallContent:   onToolCallContent,
-		OnStreamingResponse: onStreamingResponse,
-		OnReasoningDelta:    onReasoningDelta,
-		OnReasoningComplete: onReasoningComplete,
-		OnToolOutput:        onToolOutput,
-		OnStepMessages:      onStepMessages,
-		OnStepUsage:         onStepUsage,
-		OnPasswordPrompt:    onPasswordPrompt,
-		OnToolCallStart:     onToolCallStart,
-		OnToolCallDelta:     onToolCallDelta,
-		OnToolCallEnd:       onToolCallEnd,
-	})
-}
-
 // GenerateWithCallbacks processes messages using the agent with streaming and callbacks.
 // The agent handles the tool call loop internally. We map the rich callback system
 // to kit's existing callback interface for UI integration.
@@ -1318,6 +1286,24 @@ func (a *Agent) GetModel() fantasy.LanguageModel {
 	return a.model
 }
 
+// SetSystemPrompt updates the agent's system prompt and rebuilds the underlying
+// fantasy agent so subsequent turns use the new prompt. Safe to call while the
+// agent is idle; if invoked during an in-flight turn the new prompt takes
+// effect on the next LLM call.
+func (a *Agent) SetSystemPrompt(prompt string) {
+	a.promptMu.Lock()
+	defer a.promptMu.Unlock()
+	a.systemPrompt = prompt
+	a.rebuildFantasyAgent()
+}
+
+// GetSystemPrompt returns the agent's current system prompt.
+func (a *Agent) GetSystemPrompt() string {
+	a.promptMu.Lock()
+	defer a.promptMu.Unlock()
+	return a.systemPrompt
+}
+
 // GetMaxTokens returns the effective max output tokens the agent currently
 // sends to the LLM provider, after per-model defaults, right-sizing, and any
 // Anthropic thinking-budget adjustments. Returns 0 when no ModelConfig is

internal/config/merger.go

@@ -7,32 +7,48 @@ import (
 	"github.com/spf13/viper"
 )
 
-// LoadAndValidateConfig loads configuration from viper, fixes environment variable
-// casing issues, and validates the configuration. Returns an error if loading or
-// validation fails.
+// LoadAndValidateConfig loads configuration from the process-global viper
+// store, fixes environment variable casing issues, and validates the
+// configuration. Returns an error if loading or validation fails.
+//
+// This is a convenience wrapper around [LoadAndValidateConfigFrom] using the
+// shared global store; it is retained for the CLI and other callers that rely
+// on viper's process-global state.
 func LoadAndValidateConfig() (*Config, error) {
+	return LoadAndValidateConfigFrom(viper.GetViper())
+}
+
+// LoadAndValidateConfigFrom loads configuration from the supplied per-instance
+// store, fixes environment variable casing issues, and validates the
+// configuration. When v is nil, the process-global store is used. Threading an
+// explicit store lets each Kit instance own an isolated configuration without
+// clobbering other instances in the same process.
+func LoadAndValidateConfigFrom(v *viper.Viper) (*Config, error) {
+	if v == nil {
+		v = viper.GetViper()
+	}
 	config := &Config{
 		MCPServers: make(map[string]MCPServerConfig),
 	}
-	if err := viper.Unmarshal(config); err != nil {
-		return nil, fmt.Errorf("failed to unmarshal config: %v", err)
+	if err := v.Unmarshal(config); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal config: %w", err)
 	}
 
 	// Fix environment variable case sensitivity issue
 	// Viper lowercases all keys, but we need to preserve the original case for environment variables
-	fixEnvironmentCase(config)
+	fixEnvironmentCase(v, config)
 
 	if err := config.Validate(); err != nil {
-		return nil, fmt.Errorf("invalid config: %v", err)
+		return nil, fmt.Errorf("invalid config: %w", err)
 	}
 
 	return config, nil
 }
 
 // fixEnvironmentCase fixes the case of environment variable keys that were lowercased by Viper
-func fixEnvironmentCase(config *Config) {
+func fixEnvironmentCase(v *viper.Viper, config *Config) {
 	// Get the raw config data from viper
-	rawConfig := viper.AllSettings()
+	rawConfig := v.AllSettings()
 
 	// Check if we have mcpServers in the raw config
 	if mcpServersRaw, ok := rawConfig["mcpservers"]; ok {

internal/core/bash.go

@@ -249,34 +249,37 @@ func executeBash(ctx context.Context, call fantasy.ToolCall, workDir string) (fa
 	return executeBashBuffered(cmdCtx, call, cmd, sudoPassword)
 }
 
-// executeBashBuffered collects all output before returning (original behavior).
-// It uses explicit pipes (not cmd.Stdout) so that cmd.WaitDelay can forcibly
-// close them when grandchild processes hold pipe handles open after the
-// direct child exits.
-func executeBashBuffered(cmdCtx context.Context, call fantasy.ToolCall, cmd *exec.Cmd, sudoPassword string) (fantasy.ToolResponse, error) {
+// setupBashPipes opens stdout/stderr pipes (plus an optional sudo stdin),
+// starts the command, and asynchronously writes the sudo password if any.
+// Returns the readers ready for the caller to consume. If setup fails,
+// errResp is non-nil and the readers must not be used; the caller should
+// return the response directly.
+func setupBashPipes(cmd *exec.Cmd, sudoPassword string) (stdout, stderr io.Reader, errResp *fantasy.ToolResponse) {
 	stdoutPipe, err := cmd.StdoutPipe()
 	if err != nil {
-		return fantasy.NewTextErrorResponse("failed to create stdout pipe"), nil
+		r := fantasy.NewTextErrorResponse("failed to create stdout pipe")
+		return nil, nil, &r
 	}
 	stderrPipe, err := cmd.StderrPipe()
 	if err != nil {
-		return fantasy.NewTextErrorResponse("failed to create stderr pipe"), nil
+		r := fantasy.NewTextErrorResponse("failed to create stderr pipe")
+		return nil, nil, &r
 	}
 
-	// If we have a sudo password, create a stdin pipe and write the password
 	var stdinPipe io.WriteCloser
 	if sudoPassword != "" {
 		stdinPipe, err = cmd.StdinPipe()
 		if err != nil {
-			return fantasy.NewTextErrorResponse("failed to create stdin pipe"), nil
+			r := fantasy.NewTextErrorResponse("failed to create stdin pipe")
+			return nil, nil, &r
 		}
 	}
 
 	if err := cmd.Start(); err != nil {
-		return fantasy.NewTextErrorResponse(fmt.Sprintf("failed to start command: %v", err)), nil
+		r := fantasy.NewTextErrorResponse(fmt.Sprintf("failed to start command: %v", err))
+		return nil, nil, &r
 	}
 
-	// Write password to stdin if needed, then close stdin
 	if sudoPassword != "" && stdinPipe != nil {
 		go func() {
 			defer func() { _ = stdinPipe.Close() }()
@@ -284,19 +287,49 @@ func executeBashBuffered(cmdCtx context.Context, call fantasy.ToolCall, cmd *exe
 		}()
 	}
 
+	return stdoutPipe, stderrPipe, nil
+}
+
+// interpretBashExit decodes cmd.Wait()'s error into an exit code, mapping
+// context-deadline-exceeded to a friendly "command timed out" response.
+// errResp is non-nil only when the caller should short-circuit and return
+// it directly (e.g. timeout).
+func interpretBashExit(waitErr error, cmdCtx context.Context) (exitCode int, errResp *fantasy.ToolResponse) {
+	if waitErr == nil {
+		return 0, nil
+	}
+	if exitErr, ok := waitErr.(*exec.ExitError); ok {
+		return exitErr.ExitCode(), nil
+	}
+	if cmdCtx.Err() == context.DeadlineExceeded {
+		r := fantasy.NewTextErrorResponse("command timed out")
+		return 0, &r
+	}
+	return 0, nil
+}
+
+// executeBashBuffered collects all output before returning (original behavior).
+// It uses explicit pipes (not cmd.Stdout) so that cmd.WaitDelay can forcibly
+// close them when grandchild processes hold pipe handles open after the
+// direct child exits.
+func executeBashBuffered(cmdCtx context.Context, _ fantasy.ToolCall, cmd *exec.Cmd, sudoPassword string) (fantasy.ToolResponse, error) {
+	stdoutPipe, stderrPipe, errResp := setupBashPipes(cmd, sudoPassword)
+	if errResp != nil {
+		return *errResp, nil
+	}
+
 	// Read pipes concurrently
 	var wg sync.WaitGroup
 	var stdout, stderr strings.Builder
-	var stdoutErr, stderrErr error
 
 	wg.Add(2)
 	go func() {
 		defer wg.Done()
-		_, stdoutErr = io.Copy(&stdout, stdoutPipe)
+		_, _ = io.Copy(&stdout, stdoutPipe)
 	}()
 	go func() {
 		defer wg.Done()
-		_, stderrErr = io.Copy(&stderr, stderrPipe)
+		_, _ = io.Copy(&stderr, stderrPipe)
 	}()
 
 	// Wait for the process to exit first. cmd.WaitDelay ensures that if
@@ -307,18 +340,9 @@ func executeBashBuffered(cmdCtx context.Context, call fantasy.ToolCall, cmd *exe
 	// Wait for pipe readers to finish draining.
 	wg.Wait()
 
-	// Ignore pipe read errors caused by WaitDelay force-closing —
-	// we still have whatever was read before the close.
-	_ = stdoutErr
-	_ = stderrErr
-
-	exitCode := 0
-	if waitErr != nil {
-		if exitErr, ok := waitErr.(*exec.ExitError); ok {
-			exitCode = exitErr.ExitCode()
-		} else if cmdCtx.Err() == context.DeadlineExceeded {
-			return fantasy.NewTextErrorResponse("command timed out"), nil
-		}
+	exitCode, errResp := interpretBashExit(waitErr, cmdCtx)
+	if errResp != nil {
+		return *errResp, nil
 	}
 
 	return buildBashResponse(stdout.String(), stderr.String(), exitCode)
@@ -326,35 +350,9 @@ func executeBashBuffered(cmdCtx context.Context, call fantasy.ToolCall, cmd *exe
 
 // executeBashStreaming streams output as it arrives via the callback.
 func executeBashStreaming(cmdCtx context.Context, call fantasy.ToolCall, cmd *exec.Cmd, outputCallback ToolOutputCallback, sudoPassword string) (fantasy.ToolResponse, error) {
-	stdoutPipe, err := cmd.StdoutPipe()
-	if err != nil {
-		return fantasy.NewTextErrorResponse("failed to create stdout pipe"), nil
-	}
-	stderrPipe, err := cmd.StderrPipe()
-	if err != nil {
-		return fantasy.NewTextErrorResponse("failed to create stderr pipe"), nil
-	}
-
-	// If we have a sudo password, create a stdin pipe
-	var stdinPipe io.WriteCloser
-	if sudoPassword != "" {
-		stdinPipe, err = cmd.StdinPipe()
-		if err != nil {
-			return fantasy.NewTextErrorResponse("failed to create stdin pipe"), nil
-		}
-	}
-
-	// Start command execution
-	if err := cmd.Start(); err != nil {
-		return fantasy.NewTextErrorResponse(fmt.Sprintf("failed to start command: %v", err)), nil
-	}
-
-	// Write password to stdin if needed, then close stdin
-	if sudoPassword != "" && stdinPipe != nil {
-		go func() {
-			defer func() { _ = stdinPipe.Close() }()
-			_, _ = io.WriteString(stdinPipe, sudoPassword+"\n")
-		}()
+	stdoutPipe, stderrPipe, errResp := setupBashPipes(cmd, sudoPassword)
+	if errResp != nil {
+		return *errResp, nil
 	}
 
 	// Stream stdout and stderr concurrently
@@ -391,20 +389,16 @@ func executeBashStreaming(cmdCtx context.Context, call fantasy.ToolCall, cmd *ex
 	// Wait for the process to exit. cmd.WaitDelay ensures that if pipes
 	// remain open (held by grandchild processes), they'll be forcibly closed
 	// after the grace period, which unblocks the scanners above.
-	err = cmd.Wait()
+	waitErr := cmd.Wait()
 
 	// Wait for the pipe readers to finish draining. This will complete
 	// quickly since cmd.Wait() (with WaitDelay) has already ensured
 	// the pipes are closed.
 	wg.Wait()
 
-	exitCode := 0
-	if err != nil {
-		if exitErr, ok := err.(*exec.ExitError); ok {
-			exitCode = exitErr.ExitCode()
-		} else if cmdCtx.Err() == context.DeadlineExceeded {
-			return fantasy.NewTextErrorResponse("command timed out"), nil
-		}
+	exitCode, errResp := interpretBashExit(waitErr, cmdCtx)
+	if errResp != nil {
+		return *errResp, nil
 	}
 
 	return buildBashResponse(strings.Join(stdoutChunks, "\n"), strings.Join(stderrChunks, "\n"), exitCode)

internal/core/edit.go

@@ -83,6 +83,9 @@ func NewEditTool(opts ...ToolOption) fantasy.AgentTool {
 }
 
 func executeEdit(ctx context.Context, call fantasy.ToolCall, workDir string) (fantasy.ToolResponse, error) {
+	if err := ctx.Err(); err != nil {
+		return fantasy.ToolResponse{}, err
+	}
 	var args editArgs
 	if err := parseArgs(call.Input, &args); err != nil {
 		return fantasy.NewTextErrorResponse("failed to parse arguments: " + err.Error()), nil

internal/core/ls.go

@@ -42,6 +42,9 @@ func NewLsTool(opts ...ToolOption) fantasy.AgentTool {
 }
 
 func executeLs(ctx context.Context, call fantasy.ToolCall, workDir string) (fantasy.ToolResponse, error) {
+	if err := ctx.Err(); err != nil {
+		return fantasy.ToolResponse{}, err
+	}
 	var args lsArgs
 	_ = parseArgs(call.Input, &args) // optional args
 

internal/core/read.go

@@ -47,6 +47,9 @@ func NewReadTool(opts ...ToolOption) fantasy.AgentTool {
 }
 
 func executeRead(ctx context.Context, call fantasy.ToolCall, workDir string) (fantasy.ToolResponse, error) {
+	if err := ctx.Err(); err != nil {
+		return fantasy.ToolResponse{}, err
+	}
 	var args readArgs
 	if err := parseArgs(call.Input, &args); err != nil {
 		return fantasy.NewTextErrorResponse("path parameter is required"), nil

internal/core/write.go

@@ -41,6 +41,9 @@ func NewWriteTool(opts ...ToolOption) fantasy.AgentTool {
 }
 
 func executeWrite(ctx context.Context, call fantasy.ToolCall, workDir string) (fantasy.ToolResponse, error) {
+	if err := ctx.Err(); err != nil {
+		return fantasy.ToolResponse{}, err
+	}
 	var args writeArgs
 	if err := parseArgs(call.Input, &args); err != nil {
 		return fantasy.NewTextErrorResponse("path and content parameters are required"), nil

internal/extensions/runner.go

@@ -98,9 +98,20 @@ type Runner struct {
 	disabledTools   map[string]bool           // nil = all tools enabled
 	customEventSubs map[string][]func(string) // inter-extension event bus
 	optionOverrides map[string]string         // runtime option overrides
+	configStore     *viper.Viper              // per-instance config store (nil = global)
 	mu              sync.RWMutex
 }
 
+// SetConfigStore sets the per-instance configuration store used by GetOption
+// to resolve "options.<name>" config values. When unset (nil), GetOption falls
+// back to the process-global viper store. Threading a per-Kit store keeps
+// extension option resolution isolated between Kit instances.
+func (r *Runner) SetConfigStore(v *viper.Viper) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	r.configStore = v
+}
+
 // ShortcutEntry pairs a shortcut definition with its handler.
 type ShortcutEntry struct {
 	Def     ShortcutDef
@@ -872,7 +883,13 @@ func (r *Runner) GetOption(name string) string {
 
 	// 3. Viper config: options.<name>
 	configKey := "options." + name
-	if v := viper.GetString(configKey); v != "" {
+	r.mu.RLock()
+	store := r.configStore
+	r.mu.RUnlock()
+	if store == nil {
+		store = viper.GetViper()
+	}
+	if v := store.GetString(configKey); v != "" {
 		return v
 	}
 

internal/extensions/watcher.go

@@ -1,143 +1,32 @@
 package extensions
 
 import (
-	"context"
-	"fmt"
-	"log"
 	"os"
 	"path/filepath"
-	"strings"
-	"sync"
-	"time"
 
-	"github.com/fsnotify/fsnotify"
+	"github.com/mark3labs/kit/internal/watcher"
 )
 
-// Watcher monitors extension directories for file changes and triggers
-// a reload callback when .go files are created, modified, or removed.
-// It uses fsnotify for kernel-level file notifications (inotify on Linux,
-// kqueue on macOS) with debouncing to coalesce rapid editor writes.
-type Watcher struct {
-	watcher  *fsnotify.Watcher
-	onReload func()
-	debounce time.Duration
-	cancel   context.CancelFunc
-	done     chan struct{}
-	mu       sync.Mutex
-}
+// Watcher monitors extension directories for .go file changes and triggers
+// a reload callback when changes are detected. It is implemented in terms
+// of the general-purpose internal/watcher.ContentWatcher.
+//
+// Type-aliasing here lets existing call sites (cmd/root.go and the
+// watcher_test.go suite) keep using `extensions.NewWatcher` / `*Watcher`
+// without knowing about the underlying implementation.
+type Watcher = watcher.ContentWatcher
 
 // NewWatcher creates a file watcher that monitors the given directories
 // for .go file changes. When a change is detected (after debouncing),
 // onReload is called. The watcher must be started with Start() and
 // stopped with Close().
 func NewWatcher(dirs []string, onReload func()) (*Watcher, error) {
-	fsw, err := fsnotify.NewWatcher()
-	if err != nil {
-		return nil, fmt.Errorf("creating file watcher: %w", err)
-	}
-
-	for _, dir := range dirs {
-		// Watch the directory itself.
-		if err := fsw.Add(dir); err != nil {
-			log.Printf("DEBUG watcher: skipping directory: dir=%s err=%v", dir, err)
-			continue
-		}
-
-		// Also watch immediate subdirectories (for */main.go pattern).
-		entries, err := os.ReadDir(dir)
-		if err != nil {
-			continue
-		}
-		for _, entry := range entries {
-			if entry.IsDir() {
-				subdir := filepath.Join(dir, entry.Name())
-				if err := fsw.Add(subdir); err != nil {
-					log.Printf("DEBUG watcher: skipping subdirectory: dir=%s err=%v", subdir, err)
-				}
-			}
-		}
-	}
-
-	return &Watcher{
-		watcher:  fsw,
-		onReload: onReload,
-		debounce: 300 * time.Millisecond,
-		done:     make(chan struct{}),
-	}, nil
-}
-
-// Start begins watching for file changes. It blocks until the context
-// is cancelled or Close() is called. Typically called in a goroutine.
-func (w *Watcher) Start(ctx context.Context) {
-	w.mu.Lock()
-	ctx, w.cancel = context.WithCancel(ctx)
-	w.mu.Unlock()
-
-	defer close(w.done)
-
-	var timer *time.Timer
-	var timerC <-chan time.Time
-
-	for {
-		select {
-		case <-ctx.Done():
-			if timer != nil {
-				timer.Stop()
-			}
-			return
-
-		case event, ok := <-w.watcher.Events:
-			if !ok {
-				return
-			}
-
-			// Only care about .go files.
-			if !strings.HasSuffix(event.Name, ".go") {
-				continue
-			}
-
-			// React to write, create, remove, rename events.
-			if event.Op&(fsnotify.Write|fsnotify.Create|fsnotify.Remove|fsnotify.Rename) == 0 {
-				continue
-			}
-
-			log.Printf("DEBUG watcher: file changed: file=%s op=%s", event.Name, event.Op)
-
-			// Debounce: reset timer on each event.
-			if timer != nil {
-				timer.Stop()
-			}
-			timer = time.NewTimer(w.debounce)
-			timerC = timer.C
-
-		case <-timerC:
-			timerC = nil
-			timer = nil
-			log.Printf("DEBUG watcher: reloading extensions")
-			w.onReload()
-
-		case err, ok := <-w.watcher.Errors:
-			if !ok {
-				return
-			}
-			log.Printf("WARN watcher: error: %v", err)
-		}
-	}
-}
-
-// Close stops the watcher and releases resources.
-func (w *Watcher) Close() error {
-	w.mu.Lock()
-	cancel := w.cancel
-	w.mu.Unlock()
-
-	if cancel != nil {
-		cancel()
-	}
-
-	// Wait for the event loop to finish.
-	<-w.done
-	return w.watcher.Close()
+	return watcher.New(watcher.Options{
+		Dirs:       dirs,
+		Extensions: []string{".go"},
+		OnReload:   onReload,
+		Label:      "extensions",
+	})
 }
 
 // WatchedDirs returns the directories to watch for extension changes.
@@ -146,47 +35,25 @@ func (w *Watcher) Close() error {
 // point to directories are also included; explicit file paths cause
 // their parent directory to be watched instead.
 func WatchedDirs(extraPaths []string) []string {
-	var dirs []string
-	seen := make(map[string]bool)
-
-	add := func(dir string) {
-		abs, err := filepath.Abs(dir)
-		if err != nil {
-			return
-		}
-		if seen[abs] {
-			return
-		}
-
-		// Verify the directory exists.
-		info, err := os.Stat(abs)
-		if err != nil || !info.IsDir() {
-			return
-		}
-
-		seen[abs] = true
-		dirs = append(dirs, abs)
+	standard := []string{
+		globalExtensionsDir(),
+		filepath.Join(".kit", "extensions"),
 	}
 
-	// Global extensions dir.
-	add(globalExtensionsDir())
-
-	// Project-local extensions dir.
-	add(filepath.Join(".kit", "extensions"))
-
-	// Explicit paths that are directories.
+	// Filter explicit paths into directories (passed through) and files
+	// (parent dir watched) for CollectDirs to dedupe.
+	var extras []string
 	for _, p := range extraPaths {
 		info, err := os.Stat(p)
 		if err != nil {
 			continue
 		}
 		if info.IsDir() {
-			add(p)
+			extras = append(extras, p)
 		} else {
-			// For explicit files, watch the parent directory.
-			add(filepath.Dir(p))
+			extras = append(extras, filepath.Dir(p))
 		}
 	}
 
-	return dirs
+	return watcher.CollectDirs(standard, extras)
 }

internal/kitsetup/setup.go

@@ -46,9 +46,9 @@ type AgentSetupOptions struct {
 	ToolWrapper func([]fantasy.AgentTool) []fantasy.AgentTool
 
 	// ProviderConfig, when non-nil, is used directly instead of calling
-	// BuildProviderConfig(). Callers that already hold viperInitMu can
-	// pre-build this and release the lock before calling SetupAgent, so the
-	// slow agent/MCP initialisation runs concurrently with other New() calls.
+	// BuildProviderConfig(). Callers (e.g. Kit.New) pre-build this from their
+	// per-instance config store and pass it here, so the slow agent/MCP
+	// initialisation can run without further config reads.
 	ProviderConfig *models.ProviderConfig
 	// Debug enables debug logging. When zero-value, viper is consulted.
 	// Only meaningful when ProviderConfig is also set.
@@ -75,6 +75,11 @@ type AgentSetupOptions struct {
 	// MCPTaskConfig configures task-augmented tools/call execution. The
 	// zero value preserves historical synchronous-only behaviour.
 	MCPTaskConfig tools.MCPTaskConfig
+	// Viper is the per-instance configuration store. When set, it is used for
+	// any fallback config reads (debug, no-extensions, max-steps, stream,
+	// extension paths) and is attached to the extension runner. When nil, the
+	// process-global viper store is used.
+	Viper *viper.Viper
 }
 
 // AgentSetupResult bundles the created agent and any debug logger so the caller
@@ -87,57 +92,62 @@ type AgentSetupResult struct {
 	ExtRunner *extensions.Runner
 }
 
-// BuildProviderConfig creates a *models.ProviderConfig from the current viper
-// state. All entry points (root, script, SDK) converge through this function.
+// BuildProviderConfig creates a *models.ProviderConfig from the supplied viper
+// store (or the process-global store when v is nil). All entry points (root,
+// script, SDK) converge through this function.
 //
 // Generation parameter pointers (Temperature, TopP, etc.) are only set when
 // the user has explicitly configured them via CLI flag, environment variable,
 // or global config file. This allows per-model defaults from modelSettings
 // and customModels to fill in unset parameters downstream.
-func BuildProviderConfig() (*models.ProviderConfig, string, error) {
-	systemPrompt, err := config.LoadSystemPrompt(viper.GetString("system-prompt"))
+func BuildProviderConfig(v *viper.Viper) (*models.ProviderConfig, string, error) {
+	if v == nil {
+		v = viper.GetViper()
+	}
+	systemPrompt, err := config.LoadSystemPrompt(v.GetString("system-prompt"))
 	if err != nil {
 		return nil, "", fmt.Errorf("failed to load system prompt: %w", err)
 	}
 
-	numGPU := int32(viper.GetInt("num-gpu-layers"))
-	mainGPU := int32(viper.GetInt("main-gpu"))
+	numGPU := int32(v.GetInt("num-gpu-layers"))
+	mainGPU := int32(v.GetInt("main-gpu"))
 
 	cfg := &models.ProviderConfig{
-		ModelString:    viper.GetString("model"),
+		ModelString:    v.GetString("model"),
 		SystemPrompt:   systemPrompt,
-		ProviderAPIKey: viper.GetString("provider-api-key"),
-		ProviderURL:    viper.GetString("provider-url"),
-		MaxTokens:      viper.GetInt("max-tokens"),
-		StopSequences:  viper.GetStringSlice("stop-sequences"),
+		ProviderAPIKey: v.GetString("provider-api-key"),
+		ProviderURL:    v.GetString("provider-url"),
+		MaxTokens:      v.GetInt("max-tokens"),
+		StopSequences:  v.GetStringSlice("stop-sequences"),
 		NumGPU:         &numGPU,
 		MainGPU:        &mainGPU,
-		TLSSkipVerify:  viper.GetBool("tls-skip-verify"),
-		ThinkingLevel:  models.ParseThinkingLevel(viper.GetString("thinking-level")),
+		TLSSkipVerify:  v.GetBool("tls-skip-verify"),
+		ThinkingLevel:  models.ParseThinkingLevel(v.GetString("thinking-level")),
+		ConfigStore:    v,
 	}
 
 	// Only set generation parameter pointers when the user has explicitly
 	// provided a value. This leaves nil pointers for unset params, allowing
 	// per-model defaults (modelSettings / customModels params) to apply.
-	if viper.IsSet("temperature") {
-		v := float32(viper.GetFloat64("temperature"))
-		cfg.Temperature = &v
+	if v.IsSet("temperature") {
+		val := float32(v.GetFloat64("temperature"))
+		cfg.Temperature = &val
 	}
-	if viper.IsSet("top-p") {
-		v := float32(viper.GetFloat64("top-p"))
-		cfg.TopP = &v
+	if v.IsSet("top-p") {
+		val := float32(v.GetFloat64("top-p"))
+		cfg.TopP = &val
 	}
-	if viper.IsSet("top-k") {
-		v := int32(viper.GetInt("top-k"))
-		cfg.TopK = &v
+	if v.IsSet("top-k") {
+		val := int32(v.GetInt("top-k"))
+		cfg.TopK = &val
 	}
-	if viper.IsSet("frequency-penalty") {
-		v := float32(viper.GetFloat64("frequency-penalty"))
-		cfg.FrequencyPenalty = &v
+	if v.IsSet("frequency-penalty") {
+		val := float32(v.GetFloat64("frequency-penalty"))
+		cfg.FrequencyPenalty = &val
 	}
-	if viper.IsSet("presence-penalty") {
-		v := float32(viper.GetFloat64("presence-penalty"))
-		cfg.PresencePenalty = &v
+	if v.IsSet("presence-penalty") {
+		val := float32(v.GetFloat64("presence-penalty"))
+		cfg.PresencePenalty = &val
 	}
 
 	return cfg, systemPrompt, nil
@@ -149,14 +159,21 @@ func SetupAgent(ctx context.Context, opts AgentSetupOptions) (*AgentSetupResult,
 	var modelConfig *models.ProviderConfig
 	var systemPrompt string
 
+	// Resolve the config store: prefer the per-instance store, falling back to
+	// the process-global store.
+	v := opts.Viper
+	if v == nil {
+		v = viper.GetViper()
+	}
+
 	if opts.ProviderConfig != nil {
-		// Pre-built config supplied by caller (e.g. Kit.New after releasing
-		// viperInitMu). Use it directly — no viper reads needed here.
+		// Pre-built config supplied by caller (e.g. Kit.New after building the
+		// per-instance store). Use it directly — no viper reads needed here.
 		modelConfig = opts.ProviderConfig
 		systemPrompt = modelConfig.SystemPrompt
 	} else {
 		var err error
-		modelConfig, systemPrompt, err = BuildProviderConfig()
+		modelConfig, systemPrompt, err = BuildProviderConfig(v)
 		if err != nil {
 			return nil, err
 		}
@@ -164,13 +181,13 @@ func SetupAgent(ctx context.Context, opts AgentSetupOptions) (*AgentSetupResult,
 
 	// Resolve debug / no-extensions / max-steps / streaming: prefer explicit
 	// fields (set when ProviderConfig was pre-built) over viper fallback.
-	debugEnabled := opts.Debug || viper.GetBool("debug")
-	noExtensions := opts.NoExtensions || viper.GetBool("no-extensions")
+	debugEnabled := opts.Debug || v.GetBool("debug")
+	noExtensions := opts.NoExtensions || v.GetBool("no-extensions")
 	maxSteps := opts.MaxSteps
 	if maxSteps == 0 {
-		maxSteps = viper.GetInt("max-steps")
+		maxSteps = v.GetInt("max-steps")
 	}
-	streamingEnabled := opts.StreamingEnabled || viper.GetBool("stream")
+	streamingEnabled := opts.StreamingEnabled || v.GetBool("stream")
 
 	// Create the appropriate debug logger.
 	var debugLogger tools.DebugLogger
@@ -189,7 +206,7 @@ func SetupAgent(ctx context.Context, opts AgentSetupOptions) (*AgentSetupResult,
 	var extCreationOpts extensionCreationOpts
 	if !noExtensions {
 		var extErr error
-		extRunner, extCreationOpts, extErr = loadExtensions()
+		extRunner, extCreationOpts, extErr = loadExtensions(v)
 		if extErr != nil {
 			fmt.Printf("Warning: Failed to load extensions: %v\n", extErr)
 		}
@@ -253,9 +270,14 @@ type extensionCreationOpts struct {
 }
 
 // loadExtensions discovers and loads Yaegi extensions, builds the runner,
-// and returns the tool wrapper/extra tools.
-func loadExtensions() (*extensions.Runner, extensionCreationOpts, error) {
-	extraPaths := viper.GetStringSlice("extension")
+// and returns the tool wrapper/extra tools. The supplied store is used to
+// resolve the "extension" config key and is attached to the runner so
+// extension option lookups stay isolated to this Kit instance.
+func loadExtensions(v *viper.Viper) (*extensions.Runner, extensionCreationOpts, error) {
+	if v == nil {
+		v = viper.GetViper()
+	}
+	extraPaths := v.GetStringSlice("extension")
 	loaded, err := extensions.LoadExtensions(extraPaths)
 	if err != nil {
 		return nil, extensionCreationOpts{}, err
@@ -266,6 +288,7 @@ func loadExtensions() (*extensions.Runner, extensionCreationOpts, error) {
 	}
 
 	runner := extensions.NewRunner(loaded)
+	runner.SetConfigStore(v)
 
 	wrapper := func(tools []fantasy.AgentTool) []fantasy.AgentTool {
 		return extensions.WrapToolsWithExtensions(tools, runner)

internal/models/autoroute_test.go

@@ -0,0 +1,282 @@
+package models
+
+import (
+	"context"
+	"io"
+	"net/http"
+	"reflect"
+	"strings"
+	"testing"
+)
+
+// TestNpmToWireProtocol documents the wire protocols that the auto-router
+// understands. Provider-specific bundles that need bespoke auth or URL
+// templating (azure, bedrock, openrouter, google-vertex*, @ai-sdk/gateway)
+// are intentionally absent — they have native top-level cases in
+// CreateProvider and never reach the auto-router.
+func TestNpmToWireProtocol(t *testing.T) {
+	want := map[string]wireProtocol{
+		"@ai-sdk/openai":            wireOpenAI,
+		"@ai-sdk/openai-compatible": wireOpenAI,
+		"@ai-sdk/anthropic":         wireAnthropic,
+		"@ai-sdk/google":            wireGoogle,
+
+		// Thin OpenAI-compatible wrappers — routed via openaicompat using
+		// the SDK's hard-coded default base URL (sdkDefaultBaseURL).
+		"@ai-sdk/groq":                  wireOpenAI,
+		"@ai-sdk/cerebras":              wireOpenAI,
+		"@ai-sdk/perplexity":            wireOpenAI,
+		"@ai-sdk/togetherai":            wireOpenAI,
+		"@ai-sdk/xai":                   wireOpenAI,
+		"@ai-sdk/deepinfra":             wireOpenAI,
+		"@ai-sdk/mistral":               wireOpenAI,
+		"@ai-sdk/cohere":                wireOpenAI,
+		"@ai-sdk/vercel":                wireOpenAI,
+		"@aihubmix/ai-sdk-provider":     wireOpenAI,
+		"venice-ai-sdk-provider":        wireOpenAI,
+		"merge-gateway-ai-sdk-provider": wireOpenAI,
+	}
+	for npm, wire := range want {
+		if got := npmToWireProtocol[npm]; got != wire {
+			t.Errorf("npmToWireProtocol[%q] = %d, want %d", npm, got, wire)
+		}
+	}
+
+	// Bundle packages must NOT be in the table — they need bespoke auth or
+	// URL templating that the auto-router cannot satisfy.
+	for _, npm := range []string{
+		"@ai-sdk/google-vertex",
+		"@ai-sdk/google-vertex/anthropic",
+		"@ai-sdk/amazon-bedrock",
+		"@ai-sdk/azure",
+		"@openrouter/ai-sdk-provider",
+		"@ai-sdk/gateway",
+	} {
+		if _, ok := npmToWireProtocol[npm]; ok {
+			t.Errorf("npmToWireProtocol unexpectedly contains bundle package %q", npm)
+		}
+	}
+}
+
+// newTestRegistry builds a registry containing a single proxy-style provider
+// ("testproxy") with the given default npm, plus one model that carries the
+// given per-model npm override.
+func newTestRegistry(api, defaultNPM, modelID, modelNPMOverride string) *ModelsRegistry {
+	return &ModelsRegistry{
+		providers: map[string]ProviderInfo{
+			"testproxy": {
+				ID:   "testproxy",
+				Name: "Test Proxy",
+				Env:  []string{"TESTPROXY_API_KEY"},
+				NPM:  defaultNPM,
+				API:  api,
+				Models: map[string]ModelInfo{
+					modelID: {
+						ID:          modelID,
+						Name:        modelID,
+						ProviderNPM: modelNPMOverride,
+					},
+				},
+			},
+		},
+	}
+}
+
+// TestAutoRouteProvider_WireRouting verifies that autoRouteProvider routes each
+// npm package to the correct fantasy provider implementation. This is the core
+// regression test for issue #41: previously any npm that resolved to a
+// non-openai/anthropic/openaicompat LLM provider (notably @ai-sdk/google) hit a
+// dead `default` branch and failed with "has no LLM provider mapping".
+func TestAutoRouteProvider_WireRouting(t *testing.T) {
+	tests := []struct {
+		name        string
+		modelID     string
+		defaultNPM  string
+		overrideNPM string
+		// wantType is the concrete fantasy LanguageModel type the model should
+		// be routed to, identified by reflect type string.
+		wantType string
+	}{
+		{
+			name:       "openai-compatible default",
+			modelID:    "test-model",
+			defaultNPM: "@ai-sdk/openai-compatible",
+			wantType:   "openai.languageModel",
+		},
+		{
+			name:        "anthropic override",
+			modelID:     "test-model",
+			defaultNPM:  "@ai-sdk/openai-compatible",
+			overrideNPM: "@ai-sdk/anthropic",
+			wantType:    "anthropic.languageModel",
+		},
+		{
+			name:        "openai (responses) override",
+			modelID:     "gpt-4o",
+			defaultNPM:  "@ai-sdk/openai-compatible",
+			overrideNPM: "@ai-sdk/openai",
+			wantType:    "openai.responsesLanguageModel",
+		},
+		{
+			// The bug: opencode's gemini-* models override the default
+			// openai-compatible npm with @ai-sdk/google.
+			name:        "google override (issue #41)",
+			modelID:     "gemini-3.5-flash",
+			defaultNPM:  "@ai-sdk/openai-compatible",
+			overrideNPM: "@ai-sdk/google",
+			wantType:    "*google.languageModel",
+		},
+		{
+			// Unknown npm but provider has an API URL → openai-compatible fallback.
+			name:       "unknown npm with API URL falls back to openai-compat",
+			modelID:    "test-model",
+			defaultNPM: "@ai-sdk/some-future-thing",
+			wantType:   "openai.languageModel",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			reg := newTestRegistry("https://proxy.example/v1", tt.defaultNPM, tt.modelID, tt.overrideNPM)
+			config := &ProviderConfig{ProviderAPIKey: "test-key"}
+
+			result, err := autoRouteProvider(context.Background(), config, "testproxy", tt.modelID, reg)
+			if err != nil {
+				t.Fatalf("autoRouteProvider returned error: %v", err)
+			}
+			if result == nil || result.Model == nil {
+				t.Fatalf("autoRouteProvider returned nil model")
+			}
+
+			gotType := reflect.TypeOf(result.Model).String()
+			if gotType != tt.wantType {
+				t.Errorf("routed to %s, want %s", gotType, tt.wantType)
+			}
+		})
+	}
+}
+
+// TestAutoRouteProvider_UnknownNpmNoAPI verifies the improved error message for
+// a provider whose npm has no known wire protocol and that has no API URL to
+// fall back on.
+func TestAutoRouteProvider_UnknownNpmNoAPI(t *testing.T) {
+	reg := newTestRegistry("", "@ai-sdk/unmapped", "test-model", "")
+	config := &ProviderConfig{ProviderAPIKey: "test-key"}
+
+	_, err := autoRouteProvider(context.Background(), config, "testproxy", "test-model", reg)
+	if err == nil {
+		t.Fatal("expected error for unknown npm with no API URL, got nil")
+	}
+	if !strings.Contains(err.Error(), "cannot auto-route provider testproxy") {
+		t.Errorf("unexpected error message: %v", err)
+	}
+	if !strings.Contains(err.Error(), "--provider-url") {
+		t.Errorf("error should suggest --provider-url, got: %v", err)
+	}
+}
+
+// TestAutoRouteProvider_UnknownProvider verifies the not-in-database error.
+func TestAutoRouteProvider_UnknownProvider(t *testing.T) {
+	reg := newTestRegistry("https://proxy.example/v1", "@ai-sdk/openai-compatible", "test-model", "")
+	config := &ProviderConfig{ProviderAPIKey: "test-key"}
+
+	_, err := autoRouteProvider(context.Background(), config, "does-not-exist", "test-model", reg)
+	if err == nil {
+		t.Fatal("expected error for unknown provider, got nil")
+	}
+	if !strings.Contains(err.Error(), "not found in model database") {
+		t.Errorf("unexpected error message: %v", err)
+	}
+}
+
+// TestIsProviderLLMSupported_Google verifies that a provider whose npm is
+// @ai-sdk/google is reported as supported (it now maps to a wire protocol).
+func TestIsProviderLLMSupported_Google(t *testing.T) {
+	info := &ProviderInfo{ID: "testproxy", NPM: "@ai-sdk/google"}
+	if !isProviderLLMSupported("testproxy", info) {
+		t.Error("expected @ai-sdk/google provider to be LLM-supported")
+	}
+}
+
+// TestVersionedBasePath verifies detection of proxy base URLs that already
+// carry an API version segment (which collides with the genai SDK's injected
+// version).
+func TestVersionedBasePath(t *testing.T) {
+	tests := []struct {
+		rawURL string
+		want   string
+	}{
+		{"https://opencode.ai/zen/v1", "/zen/v1"},
+		{"https://opencode.ai/zen/v1/", "/zen/v1"},
+		{"https://example.com/api/v1beta", "/api/v1beta"},
+		{"https://example.com/api/v2alpha", "/api/v2alpha"},
+		{"https://generativelanguage.googleapis.com", ""},
+		{"https://proxy.example/openai", ""},
+		{"", ""},
+	}
+	for _, tt := range tests {
+		if got := versionedBasePath(tt.rawURL); got != tt.want {
+			t.Errorf("versionedBasePath(%q) = %q, want %q", tt.rawURL, got, tt.want)
+		}
+	}
+}
+
+// recordingRoundTripper captures the path of the request it receives.
+type recordingRoundTripper struct{ gotPath string }
+
+func (r *recordingRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+	r.gotPath = req.URL.Path
+	return &http.Response{
+		StatusCode: 200,
+		Body:       io.NopCloser(strings.NewReader("{}")),
+		Header:     make(http.Header),
+	}, nil
+}
+
+// TestGeminiProxyTransport_StripsInjectedVersion verifies that the transport
+// collapses the genai-injected "/v1beta" segment that follows a proxy base
+// URL which already carries its own version segment. This is the second-order
+// fix that makes opencode/gemini-* actually reach the proxy (issue #41).
+func TestGeminiProxyTransport_StripsInjectedVersion(t *testing.T) {
+	tests := []struct {
+		name     string
+		basePath string
+		reqPath  string
+		wantPath string
+	}{
+		{
+			name:     "strips doubled v1beta after /zen/v1",
+			basePath: "/zen/v1",
+			reqPath:  "/zen/v1/v1beta/models/gemini-3.5-flash:generateContent",
+			wantPath: "/zen/v1/models/gemini-3.5-flash:generateContent",
+		},
+		{
+			name:     "strips doubled v1beta1 after /zen/v1",
+			basePath: "/zen/v1",
+			reqPath:  "/zen/v1/v1beta1/models/gemini-3.5-flash:generateContent",
+			wantPath: "/zen/v1/models/gemini-3.5-flash:generateContent",
+		},
+		{
+			name:     "leaves non-matching path untouched",
+			basePath: "/zen/v1",
+			reqPath:  "/other/v1beta/models/x:generateContent",
+			wantPath: "/other/v1beta/models/x:generateContent",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			rec := &recordingRoundTripper{}
+			tr := &geminiProxyTransport{base: rec, basePath: tt.basePath}
+			req, err := http.NewRequest(http.MethodPost, "https://host"+tt.reqPath, nil)
+			if err != nil {
+				t.Fatalf("NewRequest: %v", err)
+			}
+			if _, err := tr.RoundTrip(req); err != nil {
+				t.Fatalf("RoundTrip: %v", err)
+			}
+			if rec.gotPath != tt.wantPath {
+				t.Errorf("forwarded path = %q, want %q", rec.gotPath, tt.wantPath)
+			}
+		})
+	}
+}

internal/models/custom.go

@@ -10,14 +10,24 @@ import (
 
 // loadCustomModelsFromConfig loads custom model definitions from the config file
 // and returns them as a map of model ID -> ModelInfo. Returns nil if no custom
-// models are configured.
+// models are configured. Reads from the process-global viper store (the model
+// registry is a process-global singleton).
 func loadCustomModelsFromConfig() map[string]ModelInfo {
-	if !viper.IsSet("customModels") {
+	return loadCustomModelsFrom(viper.GetViper())
+}
+
+// loadCustomModelsFrom loads custom model definitions from the supplied store.
+// When v is nil the process-global store is used.
+func loadCustomModelsFrom(v *viper.Viper) map[string]ModelInfo {
+	if v == nil {
+		v = viper.GetViper()
+	}
+	if !v.IsSet("customModels") {
 		return nil
 	}
 
 	var customModels map[string]CustomModelConfig
-	if err := viper.UnmarshalKey("customModels", &customModels); err != nil {
+	if err := v.UnmarshalKey("customModels", &customModels); err != nil {
 		log.Printf("Warning: Failed to parse customModels: %v", err)
 		return nil
 	}
@@ -60,15 +70,26 @@ func modelConfigToModelInfo(modelID string, cfg CustomModelConfig) ModelInfo {
 }
 
 // LoadModelSettingsFromConfig loads per-model generation parameter overrides
-// from the config file. Keys are "provider/model" strings. Returns nil if
-// no model settings are configured.
+// from the process-global viper store. Keys are "provider/model" strings.
+// Returns nil if no model settings are configured.
 func LoadModelSettingsFromConfig() map[string]*GenerationParams {
-	if !viper.IsSet("modelSettings") {
+	return LoadModelSettingsFrom(viper.GetViper())
+}
+
+// LoadModelSettingsFrom loads per-model generation parameter overrides from the
+// supplied per-instance store. When v is nil the process-global store is used.
+// Keys are "provider/model" strings. Returns nil if no model settings are
+// configured.
+func LoadModelSettingsFrom(v *viper.Viper) map[string]*GenerationParams {
+	if v == nil {
+		v = viper.GetViper()
+	}
+	if !v.IsSet("modelSettings") {
 		return nil
 	}
 
 	var settings map[string]GenerationParamsConfig
-	if err := viper.UnmarshalKey("modelSettings", &settings); err != nil {
+	if err := v.UnmarshalKey("modelSettings", &settings); err != nil {
 		log.Printf("Warning: Failed to parse modelSettings: %v", err)
 		return nil
 	}
@@ -148,12 +169,17 @@ func ApplyModelSettings(config *ProviderConfig, modelInfo *ModelInfo) {
 		return
 	}
 
+	// Resolve the config store: prefer the per-instance store carried on the
+	// ProviderConfig (set by BuildProviderConfig / Kit.New), falling back to
+	// the process-global store for callers that don't thread one through.
+	store := config.ConfigStore
+
 	// Collect model-level params: modelSettings override > custom model params.
 	// modelSettings takes priority because it's the more specific/intentional config.
 	var params *GenerationParams
 
 	// First check modelSettings from config.
-	if settings := LoadModelSettingsFromConfig(); settings != nil {
+	if settings := LoadModelSettingsFrom(store); settings != nil {
 		modelKey := provider + "/" + modelName
 		if p, ok := settings[modelKey]; ok {
 			params = p
@@ -173,28 +199,28 @@ func ApplyModelSettings(config *ProviderConfig, modelInfo *ModelInfo) {
 	// We check viper.IsSet() which returns true only when the key was
 	// set via CLI flag, environment variable, or config file global section.
 
-	if params.MaxTokens != nil && !isExplicitlySet("max-tokens") {
+	if params.MaxTokens != nil && !isExplicitlySet(store, "max-tokens") {
 		config.MaxTokens = *params.MaxTokens
 	}
-	if params.Temperature != nil && !isExplicitlySet("temperature") {
+	if params.Temperature != nil && !isExplicitlySet(store, "temperature") {
 		config.Temperature = params.Temperature
 	}
-	if params.TopP != nil && !isExplicitlySet("top-p") {
+	if params.TopP != nil && !isExplicitlySet(store, "top-p") {
 		config.TopP = params.TopP
 	}
-	if params.TopK != nil && !isExplicitlySet("top-k") {
+	if params.TopK != nil && !isExplicitlySet(store, "top-k") {
 		config.TopK = params.TopK
 	}
-	if params.FrequencyPenalty != nil && !isExplicitlySet("frequency-penalty") {
+	if params.FrequencyPenalty != nil && !isExplicitlySet(store, "frequency-penalty") {
 		config.FrequencyPenalty = params.FrequencyPenalty
 	}
-	if params.PresencePenalty != nil && !isExplicitlySet("presence-penalty") {
+	if params.PresencePenalty != nil && !isExplicitlySet(store, "presence-penalty") {
 		config.PresencePenalty = params.PresencePenalty
 	}
-	if len(params.StopSequences) > 0 && !isExplicitlySet("stop-sequences") {
+	if len(params.StopSequences) > 0 && !isExplicitlySet(store, "stop-sequences") {
 		config.StopSequences = params.StopSequences
 	}
-	if params.ThinkingLevel != "" && !isExplicitlySet("thinking-level") {
+	if params.ThinkingLevel != "" && !isExplicitlySet(store, "thinking-level") {
 		config.ThinkingLevel = params.ThinkingLevel
 	}
 	if params.SystemPrompt != "" && config.SystemPrompt == "" {
@@ -228,7 +254,14 @@ func LoadSystemPromptValue(input string) string {
 // isExplicitlySet returns true when the user has explicitly set a config key
 // via CLI flag, environment variable, or the global section of the config file.
 // Model-level defaults should not override explicitly set values.
-func isExplicitlySet(key string) bool {
+//
+// The check runs against the supplied per-instance store when non-nil,
+// otherwise the process-global store. This keeps the "explicit vs unset"
+// precedence contract per-Kit-instance once a store is threaded through.
+func isExplicitlySet(v *viper.Viper, key string) bool {
+	if v == nil {
+		v = viper.GetViper()
+	}
 	// viper.IsSet returns true if the key has been set in any of the
 	// data stores (flag, env, config file, default). We need to check
 	// whether the value was set at the global config level (not just
@@ -239,7 +272,7 @@ func isExplicitlySet(key string) bool {
 	// file values. This means global config file values (e.g.
 	// temperature: 0.7 at the top level) will correctly take precedence
 	// over model-level defaults, which is the desired behavior.
-	return viper.IsSet(key)
+	return v.IsSet(key)
 }
 
 // GenerationParams holds per-model generation parameter defaults.

internal/models/modelsdb.go

@@ -48,18 +48,87 @@ type modelsDBLimit struct {
 	Output  int `json:"output"`
 }
 
-// npmToLLMProvider maps npm package names from models.dev to LLM
-// provider identifiers. Providers not in this map but with an api URL
-// can be auto-routed through openaicompat.
-var npmToLLMProvider = map[string]string{
-	"@ai-sdk/anthropic":               "anthropic",
-	"@ai-sdk/openai":                  "openai",
-	"@ai-sdk/google":                  "google",
-	"@ai-sdk/google-vertex":           "google-vertex",
-	"@ai-sdk/google-vertex/anthropic": "google-vertex-anthropic",
-	"@ai-sdk/amazon-bedrock":          "bedrock",
-	"@ai-sdk/azure":                   "azure",
-	"@openrouter/ai-sdk-provider":     "openrouter",
-	"@ai-sdk/vercel":                  "vercel",
-	"@ai-sdk/openai-compatible":       "openaicompat",
+// wireProtocol identifies which LLM API protocol an npm package speaks.
+// Fantasy implements three native protocols (openai, anthropic, google);
+// everything else in its providers/ tree is a thin wrapper around one of
+// them with a pre-baked default URL or auth scheme.
+type wireProtocol int
+
+const (
+	wireUnknown wireProtocol = iota
+	wireOpenAI
+	wireAnthropic
+	wireGoogle
+)
+
+// npmToWireProtocol maps npm package names from models.dev to the wire
+// protocol they speak. Provider-specific bundles that need bespoke auth or
+// URL templating (azure, bedrock, openrouter, google-vertex, google-vertex-
+// anthropic, and @ai-sdk/gateway which is the Vercel AI Gateway) are
+// intentionally absent — they have native top-level cases in CreateProvider
+// and never reach the auto-router. Providers not in this map but with an
+// api URL are auto-routed through the OpenAI-compatible wire.
+//
+// The thin OpenAI-compatible npm wrappers (groq, cerebras, mistral, …) are
+// listed explicitly so that auto-routing can recover their hard-coded base
+// URL from sdkDefaultBaseURL when the registry entry has no api field.
+var npmToWireProtocol = map[string]wireProtocol{
+	// Native wires.
+	"@ai-sdk/openai":            wireOpenAI,
+	"@ai-sdk/openai-compatible": wireOpenAI,
+	"@ai-sdk/anthropic":         wireAnthropic,
+	"@ai-sdk/google":            wireGoogle,
+
+	// Thin OpenAI-compatible wrappers. Each ships with a hard-coded base URL
+	// in its JS SDK (see sdkDefaultBaseURL) but speaks the plain OpenAI chat
+	// completions wire — so we can route them all through fantasy's
+	// openaicompat provider once we supply the URL.
+	"@ai-sdk/groq":                  wireOpenAI,
+	"@ai-sdk/cerebras":              wireOpenAI,
+	"@ai-sdk/perplexity":            wireOpenAI,
+	"@ai-sdk/togetherai":            wireOpenAI,
+	"@ai-sdk/xai":                   wireOpenAI,
+	"@ai-sdk/deepinfra":             wireOpenAI,
+	"@ai-sdk/mistral":               wireOpenAI,
+	"@ai-sdk/cohere":                wireOpenAI,
+	"@ai-sdk/vercel":                wireOpenAI, // v0 API (api.v0.dev), distinct from @ai-sdk/gateway
+	"@aihubmix/ai-sdk-provider":     wireOpenAI,
+	"venice-ai-sdk-provider":        wireOpenAI,
+	"merge-gateway-ai-sdk-provider": wireOpenAI,
+}
+
+// sdkDefaultBaseURL maps an npm package name to the base URL its JavaScript
+// SDK uses by default. This lets us recover a working endpoint for providers
+// whose models.dev entry omits the `api` field because the JS SDK hard-codes
+// the URL (e.g. groq, cerebras, mistral, x.ai…).
+//
+// Only OpenAI-compatible and native-wire SDKs are listed; providers needing
+// bespoke auth or URL templating (bedrock SigV4, azure resource URLs,
+// google-vertex project/location, cloudflare gateway account IDs, gitlab,
+// sap-ai-core) are handled by native CreateProvider cases or surface a
+// targeted error that asks the user to supply --provider-url.
+var sdkDefaultBaseURL = map[string]string{
+	// Native wires.
+	"@ai-sdk/openai":    "https://api.openai.com/v1",
+	"@ai-sdk/anthropic": "https://api.anthropic.com/v1",
+	"@ai-sdk/google":    "https://generativelanguage.googleapis.com/v1beta",
+
+	// Thin OpenAI-compatible wrappers.
+	"@ai-sdk/groq":                  "https://api.groq.com/openai/v1",
+	"@ai-sdk/cerebras":              "https://api.cerebras.ai/v1",
+	"@ai-sdk/perplexity":            "https://api.perplexity.ai",
+	"@ai-sdk/togetherai":            "https://api.together.xyz/v1",
+	"@ai-sdk/xai":                   "https://api.x.ai/v1",
+	"@ai-sdk/deepinfra":             "https://api.deepinfra.com/v1/openai",
+	"@ai-sdk/mistral":               "https://api.mistral.ai/v1",
+	"@ai-sdk/cohere":                "https://api.cohere.com/compatibility/v1",
+	"@ai-sdk/vercel":                "https://api.v0.dev/v1",
+	"@aihubmix/ai-sdk-provider":     "https://aihubmix.com/v1",
+	"venice-ai-sdk-provider":        "https://api.venice.ai/api/v1",
+	"merge-gateway-ai-sdk-provider": "https://api-gateway.merge.dev/v1/ai-sdk",
+
+	// Native handlers — included for ResolveProviderBaseURL introspection
+	// even though CreateProvider routes these via dedicated cases.
+	"@ai-sdk/gateway":             "https://ai-gateway.vercel.sh/v1",
+	"@openrouter/ai-sdk-provider": "https://openrouter.ai/api/v1",
 }

internal/models/providers.go

@@ -9,7 +9,9 @@ import (
 	"io"
 	"maps"
 	"net/http"
+	"net/url"
 	"os"
+	"regexp"
 	"strings"
 	"time"
 
@@ -25,6 +27,7 @@ import (
 	openaisdk "github.com/charmbracelet/openai-go"
 
 	"github.com/mark3labs/kit/internal/auth"
+	"github.com/spf13/viper"
 )
 
 const (
@@ -164,6 +167,13 @@ type ProviderConfig struct {
 	ThinkingLevel    ThinkingLevel
 	DisableCaching   bool // Opt-out: set to true to disable automatic prompt caching
 
+	// ConfigStore is the per-instance configuration store used to resolve
+	// "explicitly set" precedence checks (isExplicitlySet), per-model
+	// settings, and right-sizing. When nil, the process-global viper store is
+	// used. Threading a per-Kit store here keeps generation-parameter
+	// precedence isolated between Kit instances in the same process.
+	ConfigStore *viper.Viper
+
 	// ProgressReaderFunc, when set, wraps an io.Reader with progress display
 	// for long operations like Ollama model pulls. The returned io.ReadCloser
 	// must be closed when done. When nil, the raw reader is consumed directly
@@ -212,8 +222,10 @@ func ParseModelString(modelString string) (provider, model string, err error) {
 //
 // Native providers: anthropic, openai, google, ollama, azure, google-vertex-anthropic,
 // openrouter, bedrock, vercel.
-// Any provider in models.dev with an api URL or openai-compatible npm package
-// is auto-routed through fantasy's openaicompat provider.
+// Any other provider in models.dev is auto-routed by wire protocol: its npm
+// package (or per-model override) selects the OpenAI, Anthropic, or Google
+// transport, using the provider's api URL as the base. Providers with an api
+// URL but an unrecognized npm package fall back to the OpenAI-compatible wire.
 func CreateProvider(ctx context.Context, config *ProviderConfig) (*ProviderResult, error) {
 	provider, modelName, err := ParseModelString(config.ModelString)
 	if err != nil {
@@ -274,13 +286,15 @@ func CreateProvider(ctx context.Context, config *ProviderConfig) (*ProviderResul
 		result, createErr = createGoogleProvider(ctx, config, modelName)
 	case "ollama":
 		result, createErr = createOllamaProvider(ctx, config, modelName)
-	case "azure":
+	case "azure", "azure-cognitive-services":
 		result, createErr = createAzureProvider(ctx, config, modelName)
 	case "google-vertex-anthropic":
 		result, createErr = createVertexAnthropicProvider(ctx, config, modelName)
+	case "google-vertex":
+		result, createErr = createGoogleVertexProvider(ctx, config, modelName)
 	case "openrouter":
 		result, createErr = createOpenRouterProvider(ctx, config, modelName)
-	case "bedrock":
+	case "bedrock", "amazon-bedrock":
 		result, createErr = createBedrockProvider(ctx, config, modelName)
 	case "vercel":
 		result, createErr = createVercelProvider(ctx, config, modelName)
@@ -327,44 +341,100 @@ func CreateProvider(ctx context.Context, config *ProviderConfig) (*ProviderResul
 
 // autoRouteProvider attempts to create a provider by looking up its npm package
 // in the models.dev database and routing through the appropriate fantasy provider.
-// For openai-compatible providers, it uses the api URL from models.dev.
-// Models may have a provider override that specifies a different npm package than
-// the provider's default (e.g., opencode's claude-opus-4-6 uses @ai-sdk/anthropic).
+// It routes on wire protocol (openai, anthropic, google) rather than per-npm
+// provider name: fantasy implements three native wire protocols, and every other
+// entry in its providers/ tree is a thin wrapper around one of them. Using the
+// provider's api URL from models.dev as the base URL, any proxy that re-flavors
+// one of these protocols (e.g. opencode's Gemini routes) Just Works.
+//
+// Models may carry a provider override that specifies a different npm package
+// than the provider's default (e.g. opencode's claude-* uses @ai-sdk/anthropic
+// and its gemini-* uses @ai-sdk/google), which is resolved first.
 func autoRouteProvider(ctx context.Context, config *ProviderConfig, provider, modelName string, registry *ModelsRegistry) (*ProviderResult, error) {
 	providerInfo := registry.GetProviderInfo(provider)
 	if providerInfo == nil {
 		return nil, fmt.Errorf("unsupported provider: %s (not found in model database)", provider)
 	}
 
-	// Check for model-specific provider override
+	// Resolve npm: per-model override > provider default.
 	npmPackage := providerInfo.NPM
 	if modelInfo := registry.LookupModel(provider, modelName); modelInfo != nil && modelInfo.ProviderNPM != "" {
 		npmPackage = modelInfo.ProviderNPM
 	}
 
-	// Determine the LLM provider for this npm package
-	llmProvider := npmToLLMProvider[npmPackage]
-	if llmProvider == "" && providerInfo.API != "" {
-		// Unknown npm but has API URL → route through openaicompat
-		llmProvider = "openaicompat"
+	wire, known := npmToWireProtocol[npmPackage]
+	if !known {
+		// Unknown npm but the provider has an API URL → assume OpenAI-compatible.
+		// (Preserves the long-standing "any provider in models.dev with an api URL
+		// is auto-routed through openaicompat" behaviour.)
+		if providerInfo.API == "" {
+			return nil, fmt.Errorf(
+				"cannot auto-route provider %s: npm package %q has no known wire protocol "+
+					"and the registry has no API URL (use --provider-url to override)",
+				provider, npmPackage,
+			)
+		}
+		wire = wireOpenAI
 	}
 
-	switch llmProvider {
-	case "openaicompat":
-		return createAutoRoutedOpenAICompatProvider(ctx, config, modelName, providerInfo)
-	case "anthropic":
-		if config.ProviderURL == "" && providerInfo.API != "" {
+	// All three wires use the provider's API URL from models.dev as the base.
+	// When the registry has none, fall back to the SDK's hard-coded default for
+	// this npm package (covers groq, cerebras, mistral, x.ai, etc. — providers
+	// whose JS SDK ships a built-in baseURL that models.dev doesn't restate).
+	if config.ProviderURL == "" {
+		if providerInfo.API != "" {
 			config.ProviderURL = providerInfo.API
+		} else if defaultURL, ok := sdkDefaultBaseURL[npmPackage]; ok {
+			config.ProviderURL = defaultURL
+			providerInfo.API = defaultURL // for downstream helpers that read info.API
 		}
-		return createAutoRoutedAnthropicProvider(ctx, config, modelName, providerInfo)
-	case "openai":
-		if config.ProviderURL == "" && providerInfo.API != "" {
-			config.ProviderURL = providerInfo.API
-		}
-		return createAutoRoutedOpenAIProvider(ctx, config, modelName, providerInfo)
-	default:
-		return nil, fmt.Errorf("unsupported provider: %s (npm: %s has no LLM provider mapping)", provider, npmPackage)
 	}
+
+	// Provider templates a runtime account/region/deployment segment into the
+	// URL (cloudflare-ai-gateway, databricks, snowflake-cortex, gitlab,
+	// sap-ai-core). Resolve via environment variables, or surface a targeted
+	// error pointing the user at the right knobs.
+	if resolved, err := resolveTemplatedAPIURL(config.ProviderURL, providerInfo); err != nil {
+		return nil, err
+	} else if resolved != "" {
+		config.ProviderURL = resolved
+		providerInfo.API = resolved
+	}
+
+	switch wire {
+	case wireOpenAI:
+		// The native OpenAI SDK package (@ai-sdk/openai) speaks the Responses
+		// API; openai-compatible proxies (and unknown-npm fallbacks) use the
+		// chat-completions wire via fantasy's openaicompat provider.
+		if npmPackage == "@ai-sdk/openai" {
+			return createAutoRoutedOpenAIProvider(ctx, config, modelName, providerInfo)
+		}
+		return createAutoRoutedOpenAICompatProvider(ctx, config, modelName, providerInfo)
+	case wireAnthropic:
+		return createAutoRoutedAnthropicProvider(ctx, config, modelName, providerInfo)
+	case wireGoogle:
+		return createAutoRoutedGoogleProvider(ctx, config, modelName, providerInfo)
+	default:
+		return nil, fmt.Errorf("internal error: unknown wire protocol for provider %s (npm: %s)", provider, npmPackage)
+	}
+}
+
+// resolveAutoRouteAPIKey looks up the API key for an auto-routed provider,
+// returning a uniform error message when none can be resolved.
+func resolveAutoRouteAPIKey(config *ProviderConfig, info *ProviderInfo) (string, error) {
+	apiKey := resolveAPIKey(config.ProviderAPIKey, info.Env)
+	if apiKey == "" {
+		return "", fmt.Errorf("%s API key not provided. Use --provider-api-key or set %s",
+			info.Name, strings.Join(info.Env, " / "))
+	}
+	return apiKey, nil
+}
+
+// wrapProviderErr produces the uniform "failed to create X provider/model: %w"
+// error wrap used by every createXxxProvider path. kind is typically
+// "provider" or "model".
+func wrapProviderErr(name, kind string, err error) error {
+	return fmt.Errorf("failed to create %s %s: %w", name, kind, err)
 }
 
 // createAutoRoutedOpenAICompatProvider creates an openaicompat provider using
@@ -378,10 +448,9 @@ func createAutoRoutedOpenAICompatProvider(ctx context.Context, config *ProviderC
 		return nil, fmt.Errorf("provider %s requires --provider-url (no API URL in database)", info.ID)
 	}
 
-	apiKey := resolveAPIKey(config.ProviderAPIKey, info.Env)
-	if apiKey == "" {
-		return nil, fmt.Errorf("%s API key not provided. Use --provider-api-key or set %s",
-			info.Name, strings.Join(info.Env, " / "))
+	apiKey, err := resolveAutoRouteAPIKey(config, info)
+	if err != nil {
+		return nil, err
 	}
 
 	var opts []openaicompat.Option
@@ -395,12 +464,12 @@ func createAutoRoutedOpenAICompatProvider(ctx context.Context, config *ProviderC
 
 	p, err := openaicompat.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s provider: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "provider", err)
 	}
 
 	model, err := p.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s model: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -411,10 +480,9 @@ func createAutoRoutedOpenAICompatProvider(ctx context.Context, config *ProviderC
 func createAutoRoutedAnthropicProvider(ctx context.Context, config *ProviderConfig, modelName string, info *ProviderInfo) (*ProviderResult, error) {
 	clearConflictingAnthropicSamplingParams(config)
 
-	apiKey := resolveAPIKey(config.ProviderAPIKey, info.Env)
-	if apiKey == "" {
-		return nil, fmt.Errorf("%s API key not provided. Use --provider-api-key or set %s",
-			info.Name, strings.Join(info.Env, " / "))
+	apiKey, err := resolveAutoRouteAPIKey(config, info)
+	if err != nil {
+		return nil, err
 	}
 
 	var opts []anthropic.Option
@@ -433,12 +501,12 @@ func createAutoRoutedAnthropicProvider(ctx context.Context, config *ProviderConf
 
 	p, err := anthropic.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s provider: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "provider", err)
 	}
 
 	model, err := p.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s model: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -447,10 +515,9 @@ func createAutoRoutedAnthropicProvider(ctx context.Context, config *ProviderConf
 // createAutoRoutedOpenAIProvider creates an openai provider for
 // third-party providers with openai-compatible APIs.
 func createAutoRoutedOpenAIProvider(ctx context.Context, config *ProviderConfig, modelName string, info *ProviderInfo) (*ProviderResult, error) {
-	apiKey := resolveAPIKey(config.ProviderAPIKey, info.Env)
-	if apiKey == "" {
-		return nil, fmt.Errorf("%s API key not provided. Use --provider-api-key or set %s",
-			info.Name, strings.Join(info.Env, " / "))
+	apiKey, err := resolveAutoRouteAPIKey(config, info)
+	if err != nil {
+		return nil, err
 	}
 
 	var opts []openai.Option
@@ -467,12 +534,12 @@ func createAutoRoutedOpenAIProvider(ctx context.Context, config *ProviderConfig,
 
 	p, err := openai.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s provider: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "provider", err)
 	}
 
 	model, err := p.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create %s model: %w", info.Name, err)
+		return nil, wrapProviderErr(info.Name, "model", err)
 	}
 
 	providerOpts := buildOpenAIProviderOptions(config, modelName)
@@ -480,6 +547,114 @@ func createAutoRoutedOpenAIProvider(ctx context.Context, config *ProviderConfig,
 	return &ProviderResult{Model: model, ProviderOptions: providerOpts}, nil
 }
 
+// createAutoRoutedGoogleProvider creates a Google (Gemini) provider for
+// third-party providers that expose a Gemini-compatible API (e.g. opencode's
+// Gemini routes, which carry an @ai-sdk/google per-model override).
+//
+// The underlying genai SDK always injects its own API version segment
+// ("v1beta") between the base URL and the resource path. When the proxy's
+// base URL from models.dev already carries a version segment (e.g. opencode's
+// https://opencode.ai/zen/v1), that produces a doubled ".../v1/v1beta/..."
+// path that the proxy rejects. In that case we install a transport that
+// strips the injected segment so the proxy's own version is used.
+func createAutoRoutedGoogleProvider(ctx context.Context, config *ProviderConfig, modelName string, info *ProviderInfo) (*ProviderResult, error) {
+	apiKey, err := resolveAutoRouteAPIKey(config, info)
+	if err != nil {
+		return nil, err
+	}
+
+	opts := []google.Option{
+		google.WithGeminiAPIKey(apiKey),
+		google.WithName(info.ID),
+	}
+
+	if config.ProviderURL != "" {
+		opts = append(opts, google.WithBaseURL(config.ProviderURL))
+	}
+
+	// Decide whether the genai-injected version segment needs stripping.
+	var httpClient *http.Client
+	if basePath := versionedBasePath(config.ProviderURL); basePath != "" {
+		httpClient = newGeminiProxyHTTPClient(basePath, config.TLSSkipVerify)
+	} else if config.TLSSkipVerify {
+		httpClient = createHTTPClientWithTLSConfig(true)
+	}
+	if httpClient != nil {
+		opts = append(opts, google.WithHTTPClient(httpClient))
+	}
+
+	p, err := google.New(opts...)
+	if err != nil {
+		return nil, wrapProviderErr(info.Name, "provider", err)
+	}
+
+	model, err := p.LanguageModel(ctx, modelName)
+	if err != nil {
+		return nil, wrapProviderErr(info.Name, "model", err)
+	}
+
+	return &ProviderResult{Model: model}, nil
+}
+
+// versionSegmentRe matches a trailing API version segment in a URL path,
+// e.g. "/v1", "/v1beta", "/v1beta1", "/v2alpha".
+var versionSegmentRe = regexp.MustCompile(`/v\d+(?:beta\d*|alpha\d*)?$`)
+
+// versionedBasePath returns the path component of rawURL when that path ends
+// with an API version segment (e.g. opencode's ".../zen/v1" → "/zen/v1").
+// It returns "" when rawURL is empty, unparseable, or has no version suffix
+// — in which case the genai SDK's default version injection is correct and
+// no rewriting is needed.
+func versionedBasePath(rawURL string) string {
+	if rawURL == "" {
+		return ""
+	}
+	u, err := url.Parse(rawURL)
+	if err != nil {
+		return ""
+	}
+	path := strings.TrimSuffix(u.Path, "/")
+	if versionSegmentRe.MatchString(path) {
+		return path
+	}
+	return ""
+}
+
+// newGeminiProxyHTTPClient builds an HTTP client whose transport strips the
+// genai-injected version segment ("v1beta"/"v1beta1") that directly follows
+// basePath, collapsing "{basePath}/v1beta/..." back to "{basePath}/...".
+func newGeminiProxyHTTPClient(basePath string, skipVerify bool) *http.Client {
+	var base http.RoundTripper
+	if skipVerify {
+		base = &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}
+	} else {
+		base = http.DefaultTransport
+	}
+	return &http.Client{
+		Transport: &geminiProxyTransport{base: base, basePath: basePath},
+	}
+}
+
+// geminiProxyTransport removes the redundant API version segment that the
+// genai SDK injects after a proxy base URL that already carries its own
+// version segment.
+type geminiProxyTransport struct {
+	base     http.RoundTripper
+	basePath string
+}
+
+func (t *geminiProxyTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	for _, injected := range []string{"/v1beta1", "/v1beta"} {
+		prefix := t.basePath + injected + "/"
+		if strings.HasPrefix(req.URL.Path, prefix) {
+			newReq := req.Clone(req.Context())
+			newReq.URL.Path = t.basePath + strings.TrimPrefix(req.URL.Path, t.basePath+injected)
+			return t.base.RoundTrip(newReq)
+		}
+	}
+	return t.base.RoundTrip(req)
+}
+
 // resolveAPIKey returns the first non-empty API key from the explicit key
 // or the environment variables.
 func resolveAPIKey(explicitKey string, envVars []string) string {
@@ -530,7 +705,7 @@ func rightSizeMaxTokens(config *ProviderConfig, modelInfo *ModelInfo) {
 	if modelInfo == nil || modelInfo.Limit.Output <= 0 {
 		return
 	}
-	if isExplicitlySet("max-tokens") {
+	if isExplicitlySet(config.ConfigStore, "max-tokens") {
 		return
 	}
 	target := min(modelInfo.Limit.Output, defaultRightSizeCap)
@@ -719,12 +894,12 @@ func createAnthropicProvider(ctx context.Context, config *ProviderConfig, modelN
 
 	provider, err := anthropic.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Anthropic provider: %w", err)
+		return nil, wrapProviderErr("Anthropic", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Anthropic model: %w", err)
+		return nil, wrapProviderErr("Anthropic", "model", err)
 	}
 
 	// Build provider options for extended thinking (reasoning budget).
@@ -761,12 +936,12 @@ func createVertexAnthropicProvider(ctx context.Context, config *ProviderConfig,
 
 	provider, err := anthropic.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Vertex Anthropic provider: %w", err)
+		return nil, wrapProviderErr("Vertex Anthropic", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Vertex Anthropic model: %w", err)
+		return nil, wrapProviderErr("Vertex Anthropic", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -834,12 +1009,12 @@ func createOpenAIProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	provider, err := openai.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenAI provider: %w", err)
+		return nil, wrapProviderErr("OpenAI", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenAI model: %w", err)
+		return nil, wrapProviderErr("OpenAI", "model", err)
 	}
 
 	// Build provider options for OpenAI Responses API reasoning models.
@@ -875,12 +1050,12 @@ func createOpenAICodexProvider(ctx context.Context, config *ProviderConfig, mode
 
 	provider, err := openai.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenAI Codex provider: %w", err)
+		return nil, wrapProviderErr("OpenAI Codex", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenAI Codex model: %w", err)
+		return nil, wrapProviderErr("OpenAI Codex", "model", err)
 	}
 
 	providerOpts := buildCodexProviderOptions(config, modelName)
@@ -993,12 +1168,12 @@ func createGoogleProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	provider, err := google.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Google provider: %w", err)
+		return nil, wrapProviderErr("Google", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Google model: %w", err)
+		return nil, wrapProviderErr("Google", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1031,12 +1206,12 @@ func createAzureProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	provider, err := azure.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Azure OpenAI provider: %w", err)
+		return nil, wrapProviderErr("Azure OpenAI", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Azure OpenAI model: %w", err)
+		return nil, wrapProviderErr("Azure OpenAI", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1056,12 +1231,12 @@ func createOpenRouterProvider(ctx context.Context, config *ProviderConfig, model
 
 	provider, err := openrouter.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenRouter provider: %w", err)
+		return nil, wrapProviderErr("OpenRouter", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create OpenRouter model: %w", err)
+		return nil, wrapProviderErr("OpenRouter", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1073,12 +1248,12 @@ func createBedrockProvider(ctx context.Context, config *ProviderConfig, modelNam
 	// Bedrock uses AWS SDK default credential chain (env vars, shared config, etc.)
 	provider, err := bedrock.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Bedrock provider: %w", err)
+		return nil, wrapProviderErr("Bedrock", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Bedrock model: %w", err)
+		return nil, wrapProviderErr("Bedrock", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1102,12 +1277,12 @@ func createVercelProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	provider, err := vercel.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Vercel provider: %w", err)
+		return nil, wrapProviderErr("Vercel", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Vercel model: %w", err)
+		return nil, wrapProviderErr("Vercel", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1160,12 +1335,12 @@ func createCustomProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	p, err := openai.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create custom provider: %w", err)
+		return nil, wrapProviderErr("custom", "provider", err)
 	}
 
 	model, err := p.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create custom model: %w", err)
+		return nil, wrapProviderErr("custom", "model", err)
 	}
 
 	return &ProviderResult{Model: model}, nil
@@ -1209,12 +1384,12 @@ func createOllamaProvider(ctx context.Context, config *ProviderConfig, modelName
 
 	provider, err := openaicompat.New(opts...)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Ollama provider: %w", err)
+		return nil, wrapProviderErr("Ollama", "provider", err)
 	}
 
 	model, err := provider.LanguageModel(ctx, modelName)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create Ollama model: %w", err)
+		return nil, wrapProviderErr("Ollama", "model", err)
 	}
 
 	return &ProviderResult{

internal/models/registry.go

@@ -404,8 +404,8 @@ func isProviderLLMSupported(providerID string, info *ProviderInfo) bool {
 		return true
 	}
 
-	// Check if npm maps to an LLM provider
-	if _, ok := npmToLLMProvider[info.NPM]; ok {
+	// Check if npm maps to a known wire protocol
+	if _, ok := npmToWireProtocol[info.NPM]; ok {
 		return true
 	}
 

internal/models/sdk_defaults.go

@@ -0,0 +1,170 @@
+package models
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"regexp"
+	"strings"
+
+	"charm.land/fantasy/providers/google"
+)
+
+// templatePlaceholderRe matches "${NAME}" placeholders in URL templates from
+// models.dev (e.g. "https://${DATABRICKS_HOST}/ai-gateway/mlflow/v1").
+var templatePlaceholderRe = regexp.MustCompile(`\$\{([A-Z0-9_]+)\}`)
+
+// templateEnvVarOverrides supplies fallback environment variable names for
+// placeholders that providers commonly use under non-obvious env names.
+// The placeholder name itself is always tried first; this map adds extra
+// names to try when the placeholder doesn't match the canonical env var.
+var templateEnvVarOverrides = map[string][]string{
+	"CLOUDFLARE_ACCOUNT_ID":   {"CF_ACCOUNT_ID"},
+	"CLOUDFLARE_GATEWAY_NAME": {"CF_GATEWAY", "CLOUDFLARE_GATEWAY"},
+	"DATABRICKS_HOST":         {"DATABRICKS_WORKSPACE_URL"},
+	"SNOWFLAKE_ACCOUNT":       {"SNOWFLAKE_ACCOUNT_ID"},
+}
+
+// resolveTemplatedAPIURL substitutes "${VAR}" placeholders in apiURL with the
+// values of the named environment variables. Returns:
+//   - ("", nil) when apiURL contains no placeholders (caller keeps current URL),
+//   - (resolved, nil) when every placeholder was resolved,
+//   - ("", error) when one or more placeholders are unset, with a message that
+//     names the missing env vars and points at the relevant provider.
+//
+// The info parameter is used purely for error messaging (provider name).
+func resolveTemplatedAPIURL(apiURL string, info *ProviderInfo) (string, error) {
+	if apiURL == "" || !strings.Contains(apiURL, "${") {
+		return "", nil
+	}
+
+	var missing []string
+	resolved := templatePlaceholderRe.ReplaceAllStringFunc(apiURL, func(match string) string {
+		// match is "${NAME}". Extract NAME.
+		name := match[2 : len(match)-1]
+		if v := os.Getenv(name); v != "" {
+			return v
+		}
+		for _, alt := range templateEnvVarOverrides[name] {
+			if v := os.Getenv(alt); v != "" {
+				return v
+			}
+		}
+		missing = append(missing, name)
+		return match
+	})
+
+	if len(missing) > 0 {
+		providerName := info.ID
+		if info.Name != "" {
+			providerName = info.Name
+		}
+		return "", fmt.Errorf(
+			"provider %s requires environment variable(s) %s to construct its API URL (%s); "+
+				"set them or pass --provider-url to override",
+			providerName, strings.Join(missing, ", "), apiURL,
+		)
+	}
+	return resolved, nil
+}
+
+// ResolveProviderBaseURL returns the base API URL kit will use when talking to
+// the given provider, applying the same resolution order as CreateProvider:
+//
+//  1. The provider's `api` field from the models.dev registry.
+//  2. The hard-coded default base URL of its npm SDK package (e.g.
+//     @ai-sdk/groq → https://api.groq.com/openai/v1).
+//  3. Template substitution against the current process environment when the
+//     URL contains "${VAR}" placeholders (e.g. cloudflare-workers-ai needs
+//     CLOUDFLARE_ACCOUNT_ID).
+//
+// It returns an error when the provider is unknown, when no URL can be derived,
+// or when a templated URL has unset placeholders. The error message is suitable
+// for direct display to end users.
+//
+// Note: providers handled by bespoke auth schemes (amazon-bedrock SigV4,
+// azure resource URLs, google-vertex project/location, sap-ai-core customer
+// deployments) may return either an empty URL or a regional/templated URL —
+// the actual endpoint is finalised inside their native handlers and depends on
+// runtime credentials.
+func ResolveProviderBaseURL(providerID string) (string, error) {
+	registry := GetGlobalRegistry()
+	info := registry.GetProviderInfo(providerID)
+	if info == nil {
+		return "", fmt.Errorf("unknown provider: %s", providerID)
+	}
+
+	apiURL := info.API
+	if apiURL == "" {
+		if defaultURL, ok := sdkDefaultBaseURL[info.NPM]; ok {
+			apiURL = defaultURL
+		}
+	}
+
+	if apiURL == "" {
+		return "", fmt.Errorf(
+			"provider %s has no default API URL: its npm package %q does not "+
+				"ship a built-in baseURL (likely Bedrock SigV4, Azure deployment, "+
+				"Vertex project/location, or a customer-hosted endpoint). "+
+				"Pass --provider-url or set the provider's URL env var",
+			providerID, info.NPM,
+		)
+	}
+
+	if strings.Contains(apiURL, "${") {
+		resolved, err := resolveTemplatedAPIURL(apiURL, info)
+		if err != nil {
+			return apiURL, err
+		}
+		return resolved, nil
+	}
+	return apiURL, nil
+}
+
+// createGoogleVertexProvider creates a Google Gemini provider that targets the
+// Vertex AI backend (rather than the public generativelanguage.googleapis.com
+// endpoint). It requires the same project/region environment variables as
+// google-vertex-anthropic.
+func createGoogleVertexProvider(ctx context.Context, config *ProviderConfig, modelName string) (*ProviderResult, error) {
+	projectID := firstNonEmpty(
+		os.Getenv("GOOGLE_VERTEX_PROJECT"),
+		os.Getenv("GOOGLE_CLOUD_PROJECT"),
+		os.Getenv("GCLOUD_PROJECT"),
+		os.Getenv("CLOUDSDK_CORE_PROJECT"),
+	)
+	if projectID == "" {
+		return nil, fmt.Errorf(
+			"google Vertex project ID not provided, set GOOGLE_VERTEX_PROJECT, " +
+				"GOOGLE_CLOUD_PROJECT, or GCLOUD_PROJECT environment variable",
+		)
+	}
+
+	region := firstNonEmpty(
+		os.Getenv("GOOGLE_VERTEX_LOCATION"),
+		os.Getenv("CLOUD_ML_REGION"),
+	)
+	if region == "" {
+		region = "global"
+	}
+
+	opts := []google.Option{
+		google.WithVertex(projectID, region),
+		google.WithName("google-vertex"),
+	}
+
+	if config.TLSSkipVerify {
+		opts = append(opts, google.WithHTTPClient(createHTTPClientWithTLSConfig(true)))
+	}
+
+	provider, err := google.New(opts...)
+	if err != nil {
+		return nil, wrapProviderErr("Google Vertex", "provider", err)
+	}
+
+	model, err := provider.LanguageModel(ctx, modelName)
+	if err != nil {
+		return nil, wrapProviderErr("Google Vertex", "model", err)
+	}
+
+	return &ProviderResult{Model: model}, nil
+}

internal/models/sdk_defaults_test.go

@@ -0,0 +1,214 @@
+package models
+
+import (
+	"context"
+	"reflect"
+	"strings"
+	"testing"
+)
+
+// TestSDKDefaultBaseURL_CoversAllWireMappedPackages enforces the invariant
+// that every npm package recognised by the auto-router has a corresponding
+// default base URL — otherwise a provider that omits its `api` field in the
+// registry would silently fail to route at runtime.
+func TestSDKDefaultBaseURL_CoversAllWireMappedPackages(t *testing.T) {
+	for npm := range npmToWireProtocol {
+		// @ai-sdk/openai-compatible is a wire family, not a single SDK with
+		// a default URL — providers using it always supply their own `api`.
+		if npm == "@ai-sdk/openai-compatible" {
+			continue
+		}
+		if _, ok := sdkDefaultBaseURL[npm]; !ok {
+			t.Errorf("npm %q is in npmToWireProtocol but has no sdkDefaultBaseURL entry — "+
+				"providers using this npm with no `api` field cannot be routed", npm)
+		}
+	}
+}
+
+// TestSDKDefaultBaseURL_AllURLsAreAbsolute sanity-checks that every default
+// URL is a well-formed absolute https endpoint (catches typos in the table).
+func TestSDKDefaultBaseURL_AllURLsAreAbsolute(t *testing.T) {
+	for npm, url := range sdkDefaultBaseURL {
+		if !strings.HasPrefix(url, "https://") {
+			t.Errorf("sdkDefaultBaseURL[%q] = %q is not an absolute https URL", npm, url)
+		}
+	}
+}
+
+// TestResolveProviderBaseURL_RegistryFirst verifies that the registry's `api`
+// field wins over any SDK default.
+func TestResolveProviderBaseURL_RegistryFirst(t *testing.T) {
+	// xai is in the registry with no `api` field — its URL comes from the
+	// SDK default. Use a synthetic registry-backed provider to test the
+	// priority via the public registry instead.
+	url, err := ResolveProviderBaseURL("openai")
+	if err != nil {
+		t.Fatalf("ResolveProviderBaseURL(openai): %v", err)
+	}
+	if url != "https://api.openai.com/v1" {
+		t.Errorf("openai URL = %q, want https://api.openai.com/v1", url)
+	}
+}
+
+// TestResolveProviderBaseURL_SDKDefaultFallback verifies that providers
+// without an `api` field (groq, cerebras, xai, …) resolve to their SDK
+// hard-coded default URL.
+func TestResolveProviderBaseURL_SDKDefaultFallback(t *testing.T) {
+	tests := map[string]string{
+		"groq":       "https://api.groq.com/openai/v1",
+		"cerebras":   "https://api.cerebras.ai/v1",
+		"xai":        "https://api.x.ai/v1",
+		"mistral":    "https://api.mistral.ai/v1",
+		"perplexity": "https://api.perplexity.ai",
+		"togetherai": "https://api.together.xyz/v1",
+		"deepinfra":  "https://api.deepinfra.com/v1/openai",
+		"cohere":     "https://api.cohere.com/compatibility/v1",
+		"v0":         "https://api.v0.dev/v1",
+		"aihubmix":   "https://aihubmix.com/v1",
+		"venice":     "https://api.venice.ai/api/v1",
+		"openrouter": "https://openrouter.ai/api/v1",
+	}
+	for providerID, wantURL := range tests {
+		t.Run(providerID, func(t *testing.T) {
+			got, err := ResolveProviderBaseURL(providerID)
+			if err != nil {
+				t.Fatalf("ResolveProviderBaseURL(%s): %v", providerID, err)
+			}
+			if got != wantURL {
+				t.Errorf("%s URL = %q, want %q", providerID, got, wantURL)
+			}
+		})
+	}
+}
+
+// TestResolveProviderBaseURL_TemplatedURL_MissingEnv verifies that providers
+// whose URL contains "${VAR}" placeholders surface a targeted error when the
+// environment variables are unset.
+func TestResolveProviderBaseURL_TemplatedURL_MissingEnv(t *testing.T) {
+	// cloudflare-workers-ai's api URL contains ${CLOUDFLARE_ACCOUNT_ID}.
+	// Ensure the variable is unset for this test.
+	t.Setenv("CLOUDFLARE_ACCOUNT_ID", "")
+	t.Setenv("CF_ACCOUNT_ID", "")
+
+	_, err := ResolveProviderBaseURL("cloudflare-workers-ai")
+	if err == nil {
+		t.Fatal("expected error for unset CLOUDFLARE_ACCOUNT_ID, got nil")
+	}
+	if !strings.Contains(err.Error(), "CLOUDFLARE_ACCOUNT_ID") {
+		t.Errorf("error should name the missing env var, got: %v", err)
+	}
+	if !strings.Contains(err.Error(), "--provider-url") {
+		t.Errorf("error should suggest --provider-url override, got: %v", err)
+	}
+}
+
+// TestResolveProviderBaseURL_TemplatedURL_Resolved verifies env-var
+// substitution succeeds when the placeholder is set.
+func TestResolveProviderBaseURL_TemplatedURL_Resolved(t *testing.T) {
+	t.Setenv("CLOUDFLARE_ACCOUNT_ID", "test-acct-123")
+	got, err := ResolveProviderBaseURL("cloudflare-workers-ai")
+	if err != nil {
+		t.Fatalf("ResolveProviderBaseURL: %v", err)
+	}
+	if !strings.Contains(got, "test-acct-123") {
+		t.Errorf("resolved URL %q should contain test-acct-123", got)
+	}
+	if strings.Contains(got, "${") {
+		t.Errorf("resolved URL %q still contains template placeholder", got)
+	}
+}
+
+// TestResolveProviderBaseURL_UnknownProvider verifies the not-in-registry error.
+func TestResolveProviderBaseURL_UnknownProvider(t *testing.T) {
+	_, err := ResolveProviderBaseURL("does-not-exist")
+	if err == nil {
+		t.Fatal("expected error for unknown provider, got nil")
+	}
+	if !strings.Contains(err.Error(), "unknown provider") {
+		t.Errorf("error should say 'unknown provider', got: %v", err)
+	}
+}
+
+// TestAutoRouteProvider_SDKDefaultURLFallback verifies that providers whose
+// registry entry omits the `api` field (groq, mistral, xai, etc.) are still
+// auto-routed by falling back to the SDK's hard-coded default URL.
+func TestAutoRouteProvider_SDKDefaultURLFallback(t *testing.T) {
+	tests := []struct {
+		name       string
+		npmPackage string
+		wantInURL  string
+	}{
+		{"groq", "@ai-sdk/groq", "groq.com"},
+		{"cerebras", "@ai-sdk/cerebras", "cerebras.ai"},
+		{"xai", "@ai-sdk/xai", "x.ai"},
+		{"mistral", "@ai-sdk/mistral", "mistral.ai"},
+		{"v0", "@ai-sdk/vercel", "v0.dev"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			reg := &ModelsRegistry{
+				providers: map[string]ProviderInfo{
+					"testfallback": {
+						ID:   "testfallback",
+						Name: "Test Fallback",
+						Env:  []string{"TESTFALLBACK_API_KEY"},
+						NPM:  tt.npmPackage,
+						// API intentionally omitted — must fall back to SDK default.
+						Models: map[string]ModelInfo{
+							"any-model": {ID: "any-model", Name: "any-model"},
+						},
+					},
+				},
+			}
+			config := &ProviderConfig{ProviderAPIKey: "test-key"}
+
+			result, err := autoRouteProvider(context.Background(), config, "testfallback", "any-model", reg)
+			if err != nil {
+				t.Fatalf("autoRouteProvider returned error: %v", err)
+			}
+			if result == nil || result.Model == nil {
+				t.Fatal("autoRouteProvider returned nil model")
+			}
+			// Verify the SDK default URL was picked up.
+			if !strings.Contains(config.ProviderURL, tt.wantInURL) {
+				t.Errorf("config.ProviderURL = %q, want substring %q (SDK default)",
+					config.ProviderURL, tt.wantInURL)
+			}
+			// All these wrappers route through the openai-compat wire.
+			gotType := reflect.TypeOf(result.Model).String()
+			if gotType != "openai.languageModel" {
+				t.Errorf("model type = %q, want openai.languageModel", gotType)
+			}
+		})
+	}
+}
+
+// TestResolveTemplatedAPIURL_NoPlaceholders verifies that URLs without
+// placeholders are returned as-is (the caller keeps using the original).
+func TestResolveTemplatedAPIURL_NoPlaceholders(t *testing.T) {
+	got, err := resolveTemplatedAPIURL("https://api.example.com/v1", &ProviderInfo{ID: "x"})
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if got != "" {
+		t.Errorf("got %q, want empty string for URL with no placeholders", got)
+	}
+}
+
+// TestResolveTemplatedAPIURL_AltEnvVar verifies that the alternative env-var
+// names (e.g. CF_ACCOUNT_ID for CLOUDFLARE_ACCOUNT_ID) are honoured.
+func TestResolveTemplatedAPIURL_AltEnvVar(t *testing.T) {
+	t.Setenv("CLOUDFLARE_ACCOUNT_ID", "")
+	t.Setenv("CF_ACCOUNT_ID", "alt-name-123")
+
+	got, err := resolveTemplatedAPIURL(
+		"https://api.cloudflare.com/client/v4/accounts/${CLOUDFLARE_ACCOUNT_ID}/ai/v1",
+		&ProviderInfo{ID: "cloudflare-workers-ai"},
+	)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if !strings.Contains(got, "alt-name-123") {
+		t.Errorf("resolved URL %q should have picked up CF_ACCOUNT_ID alternative", got)
+	}
+}

internal/session/tree_manager.go

@@ -458,11 +458,6 @@ func (tm *TreeManager) AppendLLMMessage(msg fantasy.Message) (string, error) {
 	return tm.AppendMessage(message.FromLLMMessage(msg))
 }
 
-// Deprecated: Use AppendLLMMessage instead.
-func (tm *TreeManager) AppendFantasyMessage(msg fantasy.Message) (string, error) {
-	return tm.AppendLLMMessage(msg)
-}
-
 // AppendModelChange records a model/provider change.
 func (tm *TreeManager) AppendModelChange(provider, modelID string) (string, error) {
 	tm.mu.Lock()
@@ -1170,11 +1165,6 @@ func (tm *TreeManager) AddLLMMessages(msgs []fantasy.Message) error {
 	return tm.flushLocked()
 }
 
-// Deprecated: Use AddLLMMessages instead.
-func (tm *TreeManager) AddFantasyMessages(msgs []fantasy.Message) error {
-	return tm.AddLLMMessages(msgs)
-}
-
 // GetLLMMessages builds the context and returns just the messages.
 // This satisfies the same conceptual role as the old Manager.GetMessages().
 func (tm *TreeManager) GetLLMMessages() []fantasy.Message {
@@ -1182,11 +1172,6 @@ func (tm *TreeManager) GetLLMMessages() []fantasy.Message {
 	return msgs
 }
 
-// Deprecated: Use GetLLMMessages instead.
-func (tm *TreeManager) GetFantasyMessages() []fantasy.Message {
-	return tm.GetLLMMessages()
-}
-
 // --- Internal helpers ---
 
 // addEntryToIndex adds an entry to the in-memory indices.

internal/ui/imagepreview/imagepreview.go

@@ -0,0 +1,233 @@
+// Package imagepreview renders low-resolution, in-terminal thumbnails of
+// images using Unicode upper half-block characters (U+2580, "▀") combined
+// with SGR foreground/background color codes.
+//
+// The technique stacks two vertical pixels into a single character cell: the
+// foreground color paints the top pixel and the background color paints the
+// bottom pixel. This produces pure styled text — no graphics escape sequences
+// — so the output survives terminal multiplexers (tmux, zellij) untouched.
+//
+// The Kitty graphics protocol, Sixel, and iTerm2 inline images are
+// deliberately NOT used: those are graphics escape-sequence protocols that
+// tmux and zellij strip or mangle by default.
+package imagepreview
+
+import (
+	"bytes"
+	"fmt"
+	"image"
+	"image/color"
+	"os"
+	"strings"
+
+	// Register the standard image decoders so image.Decode can handle the
+	// common clipboard / attachment formats.
+	_ "image/gif"
+	_ "image/jpeg"
+	_ "image/png"
+
+	"github.com/charmbracelet/colorprofile"
+	"github.com/charmbracelet/x/ansi"
+	xdraw "golang.org/x/image/draw"
+)
+
+// upperHalfBlock is U+2580 ("▀"). The glyph fills the top half of a cell,
+// letting the foreground color render the top pixel and the cell's background
+// color render the bottom pixel.
+const upperHalfBlock = "▀"
+
+// reset is the SGR reset sequence appended after each rendered row.
+const reset = "\x1b[0m"
+
+// maxImageDimension is the largest width or height, in pixels, that Render will
+// fully decode. Images larger than this in either axis are rejected before the
+// expensive image.Decode call to guard against decompression bombs (small
+// encoded payloads that expand to enormous pixel buffers).
+const maxImageDimension = 20000
+
+// Render returns a half-block ANSI thumbnail of the image, scaled to fit
+// within maxCols x maxRows terminal cells while preserving aspect ratio.
+//
+// Each terminal cell encodes two vertically-stacked pixels, so the effective
+// pixel resolution of the thumbnail is up to maxCols x (maxRows*2).
+//
+// Colors are emitted at the fidelity of the detected terminal color profile:
+// truecolor (24-bit) when available, degrading to 256-color. When the
+// terminal supports neither (no truecolor and no 256-color), Render returns
+// an empty string and a nil error so the caller can fall back to a text
+// indicator. A non-nil error is only returned when the image data cannot be
+// decoded.
+//
+// bg is the color used to composite transparent pixels (typically the
+// terminal background). A nil bg defaults to black.
+func Render(data []byte, mediaType string, maxCols, maxRows int, bg color.Color) (string, error) {
+	profile := colorprofile.Env(os.Environ())
+	return renderWithProfile(data, maxCols, maxRows, bg, profile)
+}
+
+// renderWithProfile is the testable core of Render. It accepts an explicit
+// color profile instead of detecting one from the environment.
+func renderWithProfile(data []byte, maxCols, maxRows int, bg color.Color, profile colorprofile.Profile) (string, error) {
+	// Half-block fidelity needs at least 256-color support. Anything less
+	// degrades to the caller's text fallback.
+	if profile < colorprofile.ANSI256 {
+		return "", nil
+	}
+	if maxCols < 1 || maxRows < 1 {
+		return "", nil
+	}
+	if bg == nil {
+		bg = color.Black
+	}
+
+	// Guard against decompression bombs: inspect the header dimensions before
+	// fully decoding, so a small malicious payload cannot expand into an
+	// enormous pixel buffer.
+	cfg, _, err := image.DecodeConfig(bytes.NewReader(data))
+	if err != nil {
+		return "", fmt.Errorf("decode image config: %w", err)
+	}
+	if cfg.Width > maxImageDimension || cfg.Height > maxImageDimension {
+		return "", fmt.Errorf("decode image: dimensions %dx%d exceed limit %d", cfg.Width, cfg.Height, maxImageDimension)
+	}
+
+	img, _, err := image.Decode(bytes.NewReader(data))
+	if err != nil {
+		return "", fmt.Errorf("decode image: %w", err)
+	}
+
+	// Target pixel dimensions: one pixel per column horizontally and two
+	// pixels per row vertically (the half-block trick).
+	cols, rows := fitDimensions(img.Bounds().Dx(), img.Bounds().Dy(), maxCols, maxRows)
+	if cols < 1 || rows < 1 {
+		return "", nil
+	}
+	pxW, pxH := cols, rows*2
+
+	scaled := image.NewRGBA(image.Rect(0, 0, pxW, pxH))
+	xdraw.CatmullRom.Scale(scaled, scaled.Bounds(), img, img.Bounds(), xdraw.Over, nil)
+
+	var b strings.Builder
+	for y := 0; y < pxH; y += 2 {
+		for x := range pxW {
+			top := composite(scaled.At(x, y), bg)
+			bottom := composite(scaled.At(x, y+1), bg)
+			b.WriteString(sgr(top, bottom, profile))
+			b.WriteString(upperHalfBlock)
+		}
+		b.WriteString(reset)
+		if y+2 < pxH {
+			b.WriteByte('\n')
+		}
+	}
+	return b.String(), nil
+}
+
+// fitDimensions returns the largest cell dimensions (cols, rows) that fit a
+// srcW x srcH image inside a maxCols x maxRows box while preserving aspect
+// ratio. Because each cell stacks two vertical pixels, a terminal cell is
+// treated as roughly twice as tall as it is wide, which keeps the thumbnail's
+// aspect ratio visually correct.
+func fitDimensions(srcW, srcH, maxCols, maxRows int) (cols, rows int) {
+	if srcW <= 0 || srcH <= 0 {
+		return 0, 0
+	}
+	// Work in pixel space: the box is maxCols wide and maxRows*2 tall.
+	maxPxW := float64(maxCols)
+	maxPxH := float64(maxRows * 2)
+	scale := maxPxW / float64(srcW)
+	if h := maxPxH / float64(srcH); h < scale {
+		scale = h
+	}
+	if scale > 1 {
+		scale = 1 // never upscale; keep the low-res look
+	}
+	pxW := int(float64(srcW) * scale)
+	pxH := int(float64(srcH) * scale)
+	if pxW < 1 {
+		pxW = 1
+	}
+	if pxH < 2 {
+		pxH = 2
+	}
+	// Convert back to cells; round the row count up to an even pixel height.
+	cols = pxW
+	rows = (pxH + 1) / 2
+	if cols > maxCols {
+		cols = maxCols
+	}
+	if rows > maxRows {
+		rows = maxRows
+	}
+	return cols, rows
+}
+
+// composite blends a (possibly translucent) pixel over the background color,
+// returning an opaque color. Fully opaque pixels are returned unchanged.
+func composite(c, bg color.Color) color.Color {
+	r, g, b, a := c.RGBA()
+	if a == 0xffff {
+		return c
+	}
+	br, bgc, bb, _ := bg.RGBA()
+	// Standard "over" alpha compositing in 16-bit space.
+	inv := 0xffff - a
+	out := color.RGBA64{
+		R: uint16(r + br*inv/0xffff),
+		G: uint16(g + bgc*inv/0xffff),
+		B: uint16(b + bb*inv/0xffff),
+		A: 0xffff,
+	}
+	return out
+}
+
+// sgr builds the SGR escape sequence that sets the foreground (top pixel) and
+// background (bottom pixel) colors at the fidelity of the given profile.
+func sgr(fg, bg color.Color, profile colorprofile.Profile) string {
+	if profile >= colorprofile.TrueColor {
+		fr, fgc, fb := rgb8(fg)
+		br, bgc, bb := rgb8(bg)
+		return fmt.Sprintf("\x1b[38;2;%d;%d;%d;48;2;%d;%d;%dm", fr, fgc, fb, br, bgc, bb)
+	}
+	return fmt.Sprintf("\x1b[38;5;%d;48;5;%dm", index256(fg, profile), index256(bg, profile))
+}
+
+// rgb8 reduces a color to 8-bit RGB components.
+func rgb8(c color.Color) (r, g, b uint8) {
+	cr, cg, cb, _ := c.RGBA()
+	return uint8(cr >> 8), uint8(cg >> 8), uint8(cb >> 8)
+}
+
+// index256 converts a color to its nearest 256-color palette index using the
+// supplied profile.
+func index256(c color.Color, profile colorprofile.Profile) uint8 {
+	cc := profile.Convert(c)
+	if idx, ok := cc.(ansi.IndexedColor); ok {
+		return uint8(idx)
+	}
+	if idx, ok := cc.(ansi.BasicColor); ok {
+		return uint8(idx)
+	}
+	// Fallback: derive an index directly if conversion produced an
+	// unexpected type.
+	r, g, b := rgb8(c)
+	return ansi256FromRGB(r, g, b)
+}
+
+// ansi256FromRGB maps an 8-bit RGB color to the xterm 256-color cube. It is a
+// best-effort fallback used only when profile.Convert does not yield a known
+// indexed color type.
+func ansi256FromRGB(r, g, b uint8) uint8 {
+	q := func(v uint8) int {
+		switch {
+		case v < 48:
+			return 0
+		case v < 115:
+			return 1
+		default:
+			return int((v - 35) / 40)
+		}
+	}
+	ri, gi, bi := q(r), q(g), q(b)
+	return uint8(16 + 36*ri + 6*gi + bi)
+}

internal/ui/imagepreview/imagepreview_test.go

@@ -0,0 +1,193 @@
+package imagepreview
+
+import (
+	"bytes"
+	"image"
+	"image/color"
+	"image/png"
+	"strings"
+	"testing"
+
+	"github.com/charmbracelet/colorprofile"
+)
+
+// makePNG builds a simple w x h PNG filled with the given color and returns
+// its encoded bytes.
+func makePNG(t *testing.T, w, h int, c color.Color) []byte {
+	t.Helper()
+	img := image.NewRGBA(image.Rect(0, 0, w, h))
+	for y := range h {
+		for x := range w {
+			img.Set(x, y, c)
+		}
+	}
+	var buf bytes.Buffer
+	if err := png.Encode(&buf, img); err != nil {
+		t.Fatalf("encode png: %v", err)
+	}
+	return buf.Bytes()
+}
+
+func TestRenderTrueColor(t *testing.T) {
+	data := makePNG(t, 20, 20, color.RGBA{R: 255, A: 255})
+	out, err := renderWithProfile(data, 10, 5, color.Black, colorprofile.TrueColor)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if out == "" {
+		t.Fatal("expected non-empty thumbnail for truecolor profile")
+	}
+	if !strings.Contains(out, upperHalfBlock) {
+		t.Error("output should contain upper half block glyphs")
+	}
+	if !strings.Contains(out, "\x1b[38;2;") || !strings.Contains(out, "48;2;") {
+		t.Errorf("expected truecolor SGR sequences, got %q", out)
+	}
+	// Red fill should appear as 255;0;0 somewhere.
+	if !strings.Contains(out, "255;0;0") {
+		t.Errorf("expected red color in output, got %q", out)
+	}
+}
+
+func TestRenderANSI256(t *testing.T) {
+	data := makePNG(t, 20, 20, color.RGBA{G: 255, A: 255})
+	out, err := renderWithProfile(data, 8, 4, color.Black, colorprofile.ANSI256)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if out == "" {
+		t.Fatal("expected non-empty thumbnail for ANSI256 profile")
+	}
+	if !strings.Contains(out, "\x1b[38;5;") || !strings.Contains(out, "48;5;") {
+		t.Errorf("expected 256-color SGR sequences, got %q", out)
+	}
+	if strings.Contains(out, "38;2;") {
+		t.Errorf("ANSI256 output should not contain truecolor sequences, got %q", out)
+	}
+}
+
+func TestRenderDegradesBelowANSI256(t *testing.T) {
+	data := makePNG(t, 20, 20, color.RGBA{B: 255, A: 255})
+	for _, p := range []colorprofile.Profile{colorprofile.ANSI, colorprofile.ASCII, colorprofile.NoTTY} {
+		out, err := renderWithProfile(data, 10, 5, color.Black, p)
+		if err != nil {
+			t.Fatalf("profile %v: unexpected error: %v", p, err)
+		}
+		if out != "" {
+			t.Errorf("profile %v: expected empty fallback, got %q", p, out)
+		}
+	}
+}
+
+func TestRenderInvalidImage(t *testing.T) {
+	out, err := renderWithProfile([]byte("not an image"), 10, 5, color.Black, colorprofile.TrueColor)
+	if err == nil {
+		t.Fatal("expected error for invalid image data")
+	}
+	if out != "" {
+		t.Errorf("expected empty output on decode error, got %q", out)
+	}
+}
+
+func TestRenderRejectsOversizedImage(t *testing.T) {
+	// A header advertising dimensions beyond maxImageDimension must be
+	// rejected before full decode (decompression-bomb guard). image.RGBA
+	// allocation is avoided by only checking the config path here.
+	w := maxImageDimension + 1
+	data := makePNG(t, w, 1, color.White)
+	out, err := renderWithProfile(data, 10, 5, color.Black, colorprofile.TrueColor)
+	if err == nil {
+		t.Fatal("expected error for oversized image dimensions")
+	}
+	if out != "" {
+		t.Errorf("expected empty output for oversized image, got %q", out)
+	}
+}
+
+func TestRenderZeroBox(t *testing.T) {
+	data := makePNG(t, 20, 20, color.White)
+	out, err := renderWithProfile(data, 0, 0, color.Black, colorprofile.TrueColor)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if out != "" {
+		t.Errorf("expected empty output for zero-sized box, got %q", out)
+	}
+}
+
+func TestRenderNilBackgroundDefaults(t *testing.T) {
+	data := makePNG(t, 10, 10, color.RGBA{R: 10, G: 20, B: 30, A: 255})
+	out, err := renderWithProfile(data, 6, 3, nil, colorprofile.TrueColor)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if out == "" {
+		t.Fatal("expected output with nil background (defaults to black)")
+	}
+}
+
+func TestRowCountWithinBounds(t *testing.T) {
+	// A tall image should be capped at maxRows cells.
+	data := makePNG(t, 10, 100, color.White)
+	out, err := renderWithProfile(data, 20, 6, color.Black, colorprofile.TrueColor)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	rows := strings.Count(out, "\n") + 1
+	if rows > 6 {
+		t.Errorf("expected at most 6 rows, got %d", rows)
+	}
+}
+
+func TestColumnCountWithinBounds(t *testing.T) {
+	// A wide image should be capped at maxCols cells per row.
+	data := makePNG(t, 100, 10, color.White)
+	out, err := renderWithProfile(data, 8, 20, color.Black, colorprofile.TrueColor)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	firstRow := strings.SplitN(out, "\n", 2)[0]
+	cols := strings.Count(firstRow, upperHalfBlock)
+	if cols > 8 {
+		t.Errorf("expected at most 8 columns, got %d", cols)
+	}
+	if cols == 0 {
+		t.Error("expected at least one column")
+	}
+}
+
+func TestFitDimensionsPreservesAspect(t *testing.T) {
+	// 2:1 (wide) image into a 40x20 box. Pixel box is 40x40; width-bound.
+	cols, rows := fitDimensions(200, 100, 40, 20)
+	if cols != 40 {
+		t.Errorf("expected 40 cols, got %d", cols)
+	}
+	// pxH = 100 * (40/200) = 20 → 10 rows.
+	if rows != 10 {
+		t.Errorf("expected 10 rows, got %d", rows)
+	}
+}
+
+func TestFitDimensionsNeverUpscales(t *testing.T) {
+	cols, rows := fitDimensions(4, 4, 40, 20)
+	if cols != 4 || rows != 2 {
+		t.Errorf("expected 4x2 (no upscale), got %dx%d", cols, rows)
+	}
+}
+
+func TestCompositeOpaquePassthrough(t *testing.T) {
+	c := color.RGBA{R: 1, G: 2, B: 3, A: 255}
+	got := composite(c, color.White)
+	if got != color.Color(c) {
+		t.Errorf("opaque color should pass through unchanged, got %v", got)
+	}
+}
+
+func TestCompositeTransparentOverBackground(t *testing.T) {
+	// Fully transparent pixel over red background should yield red.
+	got := composite(color.RGBA{}, color.RGBA{R: 255, A: 255})
+	r, g, b, a := got.RGBA()
+	if r>>8 != 255 || g>>8 != 0 || b>>8 != 0 || a != 0xffff {
+		t.Errorf("expected opaque red, got r=%d g=%d b=%d a=%d", r>>8, g>>8, b>>8, a)
+	}
+}

internal/ui/input.go

@@ -2,6 +2,7 @@ package ui
 
 import (
 	"fmt"
+	"image/color"
 	"sort"
 	"strings"
 
@@ -13,6 +14,7 @@ import (
 	"github.com/mark3labs/kit/internal/clipboard"
 	"github.com/mark3labs/kit/internal/ui/commands"
 	"github.com/mark3labs/kit/internal/ui/core"
+	"github.com/mark3labs/kit/internal/ui/imagepreview"
 	"github.com/mark3labs/kit/internal/ui/style"
 )
 
@@ -80,6 +82,23 @@ type InputComponent struct {
 	// Images are added via Ctrl+V and cleared on submit or Ctrl+U.
 	pendingImages []core.ImageAttachment
 
+	// imageThumbs caches the rendered half-block thumbnail for each entry in
+	// pendingImages (1:1 index correspondence). Thumbnails are rendered
+	// asynchronously off the Bubble Tea event loop (decode + resample is too
+	// slow to run inside Update), so an entry starts as the empty string
+	// placeholder and is filled in when the matching thumbnailReadyMsg
+	// arrives. An entry stays empty when the terminal cannot display a
+	// half-block preview, in which case the text pill is shown alone.
+	// See internal/ui/imagepreview.
+	imageThumbs []string
+
+	// imageGen is a monotonic generation counter incremented whenever the
+	// pending image set is cleared. Async thumbnail results carry the
+	// generation they were enqueued under and are discarded if it no longer
+	// matches, preventing a stale thumbnail from landing on the wrong slot
+	// after a clear + re-attach.
+	imageGen int
+
 	// history stores previously submitted prompts (most recent last).
 	// Limited to maxHistory entries; duplicates of the previous entry are
 	// skipped. Empty strings are never stored.
@@ -105,6 +124,16 @@ type clipboardImageMsg struct {
 	err   error
 }
 
+// thumbnailReadyMsg carries the result of an async thumbnail render back to
+// the Update loop. gen and index identify the pendingImages slot the
+// thumbnail belongs to; the result is dropped if the generation no longer
+// matches (the pending set was cleared) or the index is out of range.
+type thumbnailReadyMsg struct {
+	gen   int
+	index int
+	thumb string
+}
+
 // NewInputComponent creates a new InputComponent with the given width and
 // optional AppController. If appCtrl is nil the component still works but
 // /clear and /clear-queue are no-ops.
@@ -193,7 +222,23 @@ func (s *InputComponent) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 			return s, nil
 		}
 		if msg.image != nil {
-			s.pendingImages = append(s.pendingImages, *msg.image)
+			img := *msg.image
+			index := len(s.pendingImages)
+			s.pendingImages = append(s.pendingImages, img)
+			// Reserve a placeholder; the async render fills it in via
+			// thumbnailReadyMsg so Update never blocks on decode/resample.
+			s.imageThumbs = append(s.imageThumbs, "")
+			cols := s.thumbCols()
+			if cols < 1 {
+				return s, nil
+			}
+			return s, renderThumbnailCmd(img, cols, thumbMaxRows, style.GetTheme().Background, s.imageGen, index)
+		}
+		return s, nil
+
+	case thumbnailReadyMsg:
+		if msg.gen == s.imageGen && msg.index >= 0 && msg.index < len(s.imageThumbs) {
+			s.imageThumbs[msg.index] = msg.thumb
 		}
 		return s, nil
 
@@ -250,6 +295,8 @@ func (s *InputComponent) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 				// Clear all pending image attachments.
 				if len(s.pendingImages) > 0 {
 					s.pendingImages = nil
+					s.imageThumbs = nil
+					s.imageGen++
 					return s, nil
 				}
 			}
@@ -486,6 +533,8 @@ func (s *InputComponent) handleSubmit(value string) tea.Cmd {
 	// images and clear them.
 	images := s.pendingImages
 	s.pendingImages = nil
+	s.imageThumbs = nil
+	s.imageGen++
 	return func() tea.Msg {
 		return core.SubmitMsg{Text: trimmed, Images: images}
 	}
@@ -519,6 +568,42 @@ func (s *InputComponent) resetHistoryBrowsing() {
 	s.savedInput = ""
 }
 
+// thumbMaxCols and thumbMaxRows cap the size, in terminal cells, of pending
+// image previews. Kept small for the low-res look and to keep scrollback
+// light.
+const (
+	thumbMaxCols = 40
+	thumbMaxRows = 12
+)
+
+// thumbCols returns the thumbnail width in terminal cells given the current
+// input width, or 0 when there is no room to render a preview.
+func (s *InputComponent) thumbCols() int {
+	if s.width <= 6 {
+		return 0
+	}
+	cols := min(thumbMaxCols, s.width-6)
+	if cols < 1 {
+		return 0
+	}
+	return cols
+}
+
+// renderThumbnailCmd returns a tea.Cmd that renders a half-block ANSI preview
+// off the Bubble Tea event loop. The decode + resample work runs in the Cmd
+// goroutine, and the result is delivered as a thumbnailReadyMsg tagged with
+// the generation and slot index it was enqueued for. An empty thumbnail
+// (terminal unsupported or render error) leaves the text pill in place.
+func renderThumbnailCmd(img core.ImageAttachment, cols, rows int, bg color.Color, gen, index int) tea.Cmd {
+	return func() tea.Msg {
+		thumb, err := imagepreview.Render(img.Data, img.MediaType, cols, rows, bg)
+		if err != nil {
+			thumb = ""
+		}
+		return thumbnailReadyMsg{gen: gen, index: index, thumb: thumb}
+	}
+}
+
 // View implements tea.Model. Renders the textarea, autocomplete popup
 // (if visible), and help text.
 func (s *InputComponent) View() tea.View {
@@ -544,7 +629,9 @@ func (s *InputComponent) View() tea.View {
 	// Popup is now rendered as a centered overlay in AppModel.View()
 	// instead of inline here to prevent bottom overflow
 
-	// Show image attachment indicator when images are pending.
+	// Show image attachment previews when images are pending. A cached
+	// half-block thumbnail is rendered when the terminal supports it;
+	// otherwise the text pill alone is shown.
 	if len(s.pendingImages) > 0 {
 		imgStyle := lipgloss.NewStyle().
 			Foreground(theme.Secondary).
@@ -553,6 +640,14 @@ func (s *InputComponent) View() tea.View {
 		label := fmt.Sprintf("[%d image(s) attached] ctrl+u to clear", len(s.pendingImages))
 		view.WriteString("\n")
 		view.WriteString(imgStyle.Render(label))
+
+		thumbStyle := lipgloss.NewStyle().PaddingLeft(3)
+		for i := range s.pendingImages {
+			if i < len(s.imageThumbs) && s.imageThumbs[i] != "" {
+				view.WriteString("\n")
+				view.WriteString(thumbStyle.Render(s.imageThumbs[i]))
+			}
+		}
 	}
 
 	if !s.hideHint {
@@ -844,6 +939,8 @@ func readClipboardImageCmd() tea.Cmd {
 func (s *InputComponent) ClearPendingImages() []core.ImageAttachment {
 	images := s.pendingImages
 	s.pendingImages = nil
+	s.imageThumbs = nil
+	s.imageGen++
 	return images
 }
 

internal/ui/model.go

@@ -25,6 +25,7 @@ import (
 	"github.com/mark3labs/kit/internal/ui/commands"
 	uicore "github.com/mark3labs/kit/internal/ui/core"
 	"github.com/mark3labs/kit/internal/ui/fileutil"
+	"github.com/mark3labs/kit/internal/ui/imagepreview"
 	"github.com/mark3labs/kit/internal/ui/prefs"
 	"github.com/mark3labs/kit/internal/ui/style"
 	kit "github.com/mark3labs/kit/pkg/kit"
@@ -1794,14 +1795,27 @@ func (m *AppModel) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 				// messages stay in chronological order.
 				m.pendingUserPrints = append(m.pendingUserPrints, displayText)
 				m.flushStreamAndPendingUserMessages()
+				// Insert inline thumbnail previews after the user message.
+				cmds = append(cmds, m.transcriptPreviewCmd(msg.Images, m.lastMessageID()))
 			}
 		} else {
 			m.printUserMessage(displayText)
+			// Insert inline thumbnail previews after the user message.
+			cmds = append(cmds, m.transcriptPreviewCmd(msg.Images, m.lastMessageID()))
 		}
 		if m.state != stateWorking {
 			m.state = stateWorking
 		}
 
+	// ── Async transcript image preview ───────────────────────────────────────
+	case imagePreviewReadyMsg:
+		if msg.block != "" {
+			item := NewStyledMessageItem(generateMessageID(), "user", "", msg.block)
+			m.insertMessageAfter(msg.anchorID, item)
+			m.refreshContent()
+			m.layoutDirty = true
+		}
+
 	// ── Shell command (! / !!) ───────────────────────────────────────────────
 	case uicore.ShellCommandMsg:
 		// Show spinner while the shell command runs.
@@ -2447,6 +2461,19 @@ func (m *AppModel) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 			m.printSystemMessage(msg.Text)
 		}
 
+	// ── Clipboard image attached / thumbnail rendered ────────────────────────
+	// Both messages change the input region's rendered height (the pill and
+	// the async half-block preview), so forward them to the input and mark the
+	// layout dirty — otherwise distributeHeight keeps a stale, too-short input
+	// height and the preview is clipped off the bottom of the screen.
+	case clipboardImageMsg, thumbnailReadyMsg:
+		if m.input != nil {
+			updated, cmd := m.input.Update(msg)
+			m.input, _ = updated.(inputComponentIface)
+			cmds = append(cmds, cmd)
+		}
+		m.layoutDirty = true
+
 	default:
 		// Pass unrecognised messages to all children.
 		if m.input != nil {
@@ -3046,6 +3073,85 @@ func truncateMessageForBlock(msg string, maxLines, width int) string {
 // Print helpers — add content to ScrollList
 // --------------------------------------------------------------------------
 
+// imagePreviewReadyMsg carries an asynchronously rendered transcript image
+// preview block back to the Update loop, where it is inserted into the
+// ScrollList directly after the originating user message (identified by
+// anchorID). Inserting by anchor — rather than appending — keeps the preview
+// next to its message even when the agent's streamed reply has already been
+// appended while the thumbnail was being decoded off the event loop.
+type imagePreviewReadyMsg struct {
+	block    string
+	anchorID string
+}
+
+// transcriptPreviewCmd returns a tea.Cmd that renders half-block thumbnail
+// previews for the given clipboard images off the Bubble Tea event loop
+// (decode + resample must not block Update). The rendered block is delivered
+// via imagePreviewReadyMsg, tagged with anchorID so the consumer can place it
+// directly after the originating user message. Returns nil when there is
+// nothing to render or no room for a preview; an empty result (terminal lacks
+// color support) yields a nil message that Bubble Tea ignores.
+func (m *AppModel) transcriptPreviewCmd(images []uicore.ImageAttachment, anchorID string) tea.Cmd {
+	if len(images) == 0 {
+		return nil
+	}
+	cols := thumbMaxCols
+	if m.width > 6 && m.width-6 < cols {
+		cols = m.width - 6
+	}
+	if cols < 1 {
+		return nil
+	}
+	bg := style.GetTheme().Background
+	imgs := images
+	return func() tea.Msg {
+		pad := lipgloss.NewStyle().PaddingLeft(2)
+		var blocks []string
+		for _, img := range imgs {
+			thumb, err := imagepreview.Render(img.Data, img.MediaType, cols, thumbMaxRows, bg)
+			if err != nil || thumb == "" {
+				continue
+			}
+			blocks = append(blocks, pad.Render(thumb))
+		}
+		if len(blocks) == 0 {
+			return nil
+		}
+		return imagePreviewReadyMsg{block: strings.Join(blocks, "\n"), anchorID: anchorID}
+	}
+}
+
+// lastMessageID returns the ID of the most recently added ScrollList message,
+// or "" when there are none. Used to anchor an async transcript preview to the
+// user message that was just printed.
+func (m *AppModel) lastMessageID() string {
+	if len(m.messages) == 0 {
+		return ""
+	}
+	return m.messages[len(m.messages)-1].ID()
+}
+
+// insertMessageAfter inserts item immediately after the message whose ID
+// matches anchorID. If anchorID is empty or not found, item is appended.
+func (m *AppModel) insertMessageAfter(anchorID string, item MessageItem) {
+	idx := -1
+	if anchorID != "" {
+		for i, msgItem := range m.messages {
+			if msgItem.ID() == anchorID {
+				idx = i
+				break
+			}
+		}
+	}
+	if idx < 0 {
+		m.messages = append(m.messages, item)
+		return
+	}
+	m.messages = append(m.messages, nil)
+	copy(m.messages[idx+2:], m.messages[idx+1:])
+	m.messages[idx+1] = item
+}
+
 // printUserMessage renders a user message into the ScrollList.
 func (m *AppModel) printUserMessage(text string) {
 	// Check if this exact message was just added (prevents duplicates)

internal/ui/pending_thumbnail_layout_test.go

@@ -0,0 +1,85 @@
+package ui
+
+import (
+	"strings"
+	"testing"
+
+	tea "charm.land/bubbletea/v2"
+	uicore "github.com/mark3labs/kit/internal/ui/core"
+)
+
+// drainCmds runs a tea.Cmd chain back through m.Update like the BubbleTea
+// event loop, expanding batches, until no further messages are produced.
+func drainCmds(t *testing.T, m *AppModel, cmd tea.Cmd) *AppModel {
+	t.Helper()
+	queue := []tea.Cmd{cmd}
+	for i := 0; i < 50 && len(queue) > 0; i++ {
+		c := queue[0]
+		queue = queue[1:]
+		if c == nil {
+			continue
+		}
+		msg := c()
+		if msg == nil {
+			continue
+		}
+		if batch, ok := msg.(tea.BatchMsg); ok {
+			queue = append(queue, batch...)
+			continue
+		}
+		updated, nc := m.Update(msg)
+		m = updated.(*AppModel)
+		_ = m.View()
+		if nc != nil {
+			queue = append(queue, nc)
+		}
+	}
+	return m
+}
+
+func measuredInputHeight(m *AppModel) int {
+	rendered := m.renderInput()
+	if rendered == "" {
+		return 0
+	}
+	return strings.Count(rendered, "\n") + 1
+}
+
+// TestPendingThumbnailTriggersLayoutRecompute is a regression test for the bug
+// where a pasted image's async half-block preview rendered but was clipped off
+// the bottom of the screen: the thumbnail arrives via thumbnailReadyMsg after
+// distributeHeight already measured the input region without it. The parent
+// must mark the layout dirty so the (now taller) input is re-measured.
+func TestPendingThumbnailTriggersLayoutRecompute(t *testing.T) {
+	// Force a truecolor profile so imagepreview.Render deterministically
+	// produces a thumbnail regardless of the CI terminal's color support.
+	// Without this, a low-color test environment yields an empty preview and
+	// the glyph / height assertions below would flake.
+	t.Setenv("TERM", "xterm-256color")
+	t.Setenv("COLORTERM", "truecolor")
+	t.Setenv("NO_COLOR", "")
+
+	real := NewInputComponent(80, nil)
+	m, _, _ := newTestAppModel(nil)
+	m.input = real
+	m = sendMsg(m, tea.WindowSizeMsg{Width: 80, Height: 24})
+
+	heightBefore := measuredInputHeight(m)
+
+	updated, cmd := m.Update(clipboardImageMsg{image: &uicore.ImageAttachment{
+		Data:      makeTestPNG(t, 16, 16),
+		MediaType: "image/png",
+	}})
+	m = updated.(*AppModel)
+	_ = m.View()
+	m = drainCmds(t, m, cmd)
+
+	heightAfter := measuredInputHeight(m)
+	if heightAfter <= heightBefore {
+		t.Errorf("input region should grow to fit the thumbnail (before=%d after=%d)", heightBefore, heightAfter)
+	}
+
+	if !strings.Contains(m.View().Content, "▀") {
+		t.Error("parent View should contain the half-block thumbnail (was clipped or not rendered)")
+	}
+}

internal/ui/transcript_preview_test.go

@@ -0,0 +1,136 @@
+package ui
+
+import (
+	"bytes"
+	"image"
+	"image/color"
+	"image/png"
+	"strings"
+	"testing"
+
+	uicore "github.com/mark3labs/kit/internal/ui/core"
+)
+
+// makeTestPNG builds a small solid-color PNG for transcript preview tests.
+func makeTestPNG(t *testing.T, w, h int) []byte {
+	t.Helper()
+	img := image.NewRGBA(image.Rect(0, 0, w, h))
+	for y := range h {
+		for x := range w {
+			img.Set(x, y, color.RGBA{R: 200, G: 40, B: 90, A: 255})
+		}
+	}
+	var buf bytes.Buffer
+	if err := png.Encode(&buf, img); err != nil {
+		t.Fatalf("encode png: %v", err)
+	}
+	return buf.Bytes()
+}
+
+func TestTranscriptPreviewCmdNoImages(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	if cmd := m.transcriptPreviewCmd(nil, ""); cmd != nil {
+		t.Error("expected nil cmd when there are no images")
+	}
+}
+
+func TestTranscriptPreviewCmdRendersBlock(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	images := []uicore.ImageAttachment{
+		{Data: makeTestPNG(t, 16, 16), MediaType: "image/png"},
+	}
+	cmd := m.transcriptPreviewCmd(images, "anchor-1")
+	if cmd == nil {
+		t.Fatal("expected a non-nil cmd for a valid image")
+	}
+	msg := cmd()
+	// The result depends on the test process color profile. When the
+	// terminal supports color the cmd yields a preview block; otherwise it
+	// yields nil (caller keeps the text badge). Both are valid — assert the
+	// shape only when a block is produced.
+	if msg == nil {
+		t.Skip("color profile below ANSI256 in test env; preview correctly skipped")
+	}
+	ready, ok := msg.(imagePreviewReadyMsg)
+	if !ok {
+		t.Fatalf("expected imagePreviewReadyMsg, got %T", msg)
+	}
+	if !strings.Contains(ready.block, "▀") {
+		t.Errorf("preview block should contain half-block glyphs, got %q", ready.block)
+	}
+	if ready.anchorID != "anchor-1" {
+		t.Errorf("preview should carry the originating anchorID, got %q", ready.anchorID)
+	}
+}
+
+func TestImagePreviewReadyMsgAppendsItem(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	before := len(m.messages)
+	m = sendMsg(m, imagePreviewReadyMsg{block: "\x1b[38;2;1;2;3;48;2;4;5;6m▀\x1b[0m"})
+	if len(m.messages) != before+1 {
+		t.Fatalf("expected one appended message item, got %d (was %d)", len(m.messages), before)
+	}
+	last, ok := m.messages[len(m.messages)-1].(*TextMessageItem)
+	if !ok {
+		t.Fatalf("expected last item to be *TextMessageItem, got %T", m.messages[len(m.messages)-1])
+	}
+	if !strings.Contains(last.Render(0), "▀") {
+		t.Error("appended preview item should render the half-block block verbatim")
+	}
+}
+
+// TestImagePreviewReadyMsgInsertsAfterAnchor verifies the preview is placed
+// directly after its originating user message even when a later message (e.g.
+// a streamed assistant reply) was already appended while the thumbnail was
+// being decoded asynchronously.
+func TestImagePreviewReadyMsgInsertsAfterAnchor(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	userItem := NewStyledMessageItem("user-anchor", "user", "hi", "hi")
+	assistantItem := NewStyledMessageItem("assistant-1", "assistant", "reply", "reply")
+	m.messages = append(m.messages, userItem, assistantItem)
+
+	m = sendMsg(m, imagePreviewReadyMsg{
+		block:    "\x1b[38;2;1;2;3;48;2;4;5;6m▀\x1b[0m",
+		anchorID: "user-anchor",
+	})
+
+	// Expect order: user, preview, assistant.
+	if len(m.messages) != 3 {
+		t.Fatalf("expected 3 messages, got %d", len(m.messages))
+	}
+	if m.messages[0].ID() != "user-anchor" {
+		t.Errorf("messages[0] should be the user message, got %q", m.messages[0].ID())
+	}
+	if m.messages[2].ID() != "assistant-1" {
+		t.Errorf("messages[2] should be the assistant message, got %q", m.messages[2].ID())
+	}
+	if !strings.Contains(m.messages[1].Render(0), "▀") {
+		t.Errorf("messages[1] should be the inserted preview, got %q", m.messages[1].Render(0))
+	}
+}
+
+// TestImagePreviewReadyMsgUnknownAnchorAppends verifies that when the anchor
+// is missing (e.g. the message was cleared), the preview falls back to append.
+func TestImagePreviewReadyMsgUnknownAnchorAppends(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	m.messages = append(m.messages, NewStyledMessageItem("only", "user", "hi", "hi"))
+	m = sendMsg(m, imagePreviewReadyMsg{
+		block:    "\x1b[38;2;1;2;3;48;2;4;5;6m▀\x1b[0m",
+		anchorID: "does-not-exist",
+	})
+	if len(m.messages) != 2 {
+		t.Fatalf("expected 2 messages, got %d", len(m.messages))
+	}
+	if !strings.Contains(m.messages[1].Render(0), "▀") {
+		t.Error("preview should be appended as the last item when anchor is unknown")
+	}
+}
+
+func TestImagePreviewReadyMsgEmptyBlockIgnored(t *testing.T) {
+	m, _, _ := newTestAppModel(nil)
+	before := len(m.messages)
+	m = sendMsg(m, imagePreviewReadyMsg{block: ""})
+	if len(m.messages) != before {
+		t.Errorf("empty preview block should not append an item; got %d (was %d)", len(m.messages), before)
+	}
+}

pkg/kit/README.md

@@ -49,6 +49,36 @@ The SDK behaves identically to the CLI:
 - Respects all environment variables (`KIT_*`)
 - Uses the same defaults as the CLI
 
+Each `kit.New` / `kit.NewAgent` call owns an **isolated configuration store**,
+so constructing multiple Kit instances in the same process is safe — setting
+the model, thinking level, or generation parameters on one never affects
+another, and runtime mutators (`SetModel`, `SetThinkingLevel`) only touch the
+owning instance. This makes subagent spawning and multi-Kit embedding race-free
+without external synchronization.
+
+### Functional options (`NewAgent`)
+
+For simple programmatic setups, `kit.NewAgent` is an ergonomic
+functional-options front door over `kit.New`. Streaming is enabled by default;
+pass `kit.WithStreaming(false)` to opt out.
+
+```go
+host, err := kit.NewAgent(ctx,
+    kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+    kit.WithSystemPrompt("You are a helpful assistant."),
+    kit.WithMaxTokens(8192),
+    kit.WithThinkingLevel("medium"),
+    kit.Ephemeral(), // in-memory session, no persistence
+)
+```
+
+Helpers: `WithModel`, `WithSystemPrompt`, `WithStreaming`, `WithMaxTokens`,
+`WithThinkingLevel`, `WithTools`, `WithExtraTools`, `WithProviderAPIKey`,
+`WithProviderURL`, `WithConfigFile`, `WithDebug`, and `Ephemeral`. `Option` is
+a plain `func(*Options)`, so you can define your own. For fields without a
+`With*` helper (`MCPConfig`, `InProcessMCPServers`, `SessionManager`, MCP task
+tuning) construct an `Options` value and call `kit.New`.
+
 ### Options
 
 You can override specific settings:
@@ -59,7 +89,7 @@ host, err := kit.New(ctx, &kit.Options{
     SystemPrompt: "You are a helpful bot",    // Override system prompt
     ConfigFile:   "/path/to/config.yml",      // Use specific config file
     MaxSteps:     10,                         // Override max steps
-    Streaming:    true,                       // Enable streaming
+    Streaming:    ptrBool(true),               // *bool: nil = unset (default true), &false = off
     Quiet:        true,                       // Suppress debug output
 
     // Session options
@@ -241,6 +271,43 @@ response, _ := host.Prompt(ctx, "What's my name?")
 host.ClearSession()
 ```
 
+### Runtime Skills and Context Files
+
+For multi-tenant chatbots, web services, or any host that needs per-user or
+per-session instructions, the SDK lets you add, remove, and replace skills and
+project context files (e.g. `AGENTS.md`) **after** Kit construction. Every
+mutation recomposes the system prompt and applies it to the agent so the next
+turn picks up the new instructions — no restart required.
+
+```go
+// Add a programmatic skill (no file on disk required).
+host.AddSkill(&kit.Skill{
+    Name:        "polite-french",
+    Description: "Respond in French and always greet the user.",
+    Content:     "Always reply in French. Open every response with 'Bonjour'.",
+})
+
+// Or load one from disk.
+host.LoadAndAddSkill("/var/skills/refund-policy.md")
+
+// Swap per-user AGENTS.md content fetched from your database.
+host.AddContextFileContent(
+    fmt.Sprintf("session://%s/AGENTS.md", userID),
+    rulesFromDB,
+)
+
+// Tear down session-specific state when the user logs off.
+host.RemoveSkill("polite-french")
+host.RemoveContextFile(fmt.Sprintf("session://%s/AGENTS.md", userID))
+
+// Or replace the whole set in one shot.
+host.SetSkills(activeSkillsForUser)
+host.SetContextFiles(activeContextForUser)
+```
+
+Readers (`GetSkills`, `GetContextFiles`) return snapshots, and every mutator
+is safe to call concurrently from multiple goroutines.
+
 ## Re-exported Types
 
 The SDK re-exports message/session/MCP types so you don't need direct internal imports. Agent-configuration types are Kit-owned (not aliases) and use only SDK types in their signatures, so consumers never need to import the underlying LLM-provider package.
@@ -294,6 +361,7 @@ msg  := kit.ConvertFromLLMMessage(lMsg)  // LLMMessage  → SDK Message
 
 - `Kit` - Main SDK type
 - `Options` - Configuration options
+- `Option` - Functional option (`func(*Options)`) for `NewAgent`
 - `Message` - Conversation message with typed content parts
 - `Tool` - Agent tool interface
 - `TurnResult` - Full result from a prompt including usage stats
@@ -301,6 +369,7 @@ msg  := kit.ConvertFromLLMMessage(lMsg)  // LLMMessage  → SDK Message
 ### Key Methods
 
 - `New(ctx, opts)` - Create new Kit instance
+- `NewAgent(ctx, ...Option)` - Create a Kit via functional options (streaming on by default)
 - `Prompt(ctx, message)` - Send message and get response string
 - `PromptResult(ctx, message)` - Send message and get full TurnResult
 - `PromptWithOptions(ctx, message, opts)` - Prompt with per-call options
@@ -312,6 +381,9 @@ msg  := kit.ConvertFromLLMMessage(lMsg)  // LLMMessage  → SDK Message
 - `ClearSession()` - Clear conversation history
 - `GetSessionPath()` - Get session file path
 - `GetSessionID()` - Get session UUID
+- `AddSkill(*Skill)` / `LoadAndAddSkill(path)` / `RemoveSkill(name)` / `SetSkills([])` - Manage skills at runtime
+- `AddContextFile(*ContextFile)` / `AddContextFileContent(path, content)` / `LoadAndAddContextFile(path)` / `RemoveContextFile(path)` / `SetContextFiles([])` - Manage AGENTS.md-style context files at runtime
+- `RefreshSystemPrompt()` - Re-apply the composed system prompt to the agent
 - `Close()` - Clean up resources
 
 ### Options

pkg/kit/config.go

@@ -65,23 +65,46 @@ const sdkDefaultMaxTokens = 8192
 //     which returns models.ThinkingOff.
 //   - sampling params (temperature, top-p, top-k, frequency/presence-penalty):
 //     left as nil pointers so provider libraries apply their own defaults.
-func setSDKDefaults() {
-	viper.SetDefault("model", "anthropic/claude-sonnet-4-5-20250929")
-	viper.SetDefault("system-prompt", defaultSystemPrompt)
-	viper.SetDefault("stream", true)
-	viper.SetDefault("num-gpu-layers", -1)
-	viper.SetDefault("main-gpu", 0)
+func setSDKDefaults(v *viper.Viper) {
+	v.SetDefault("model", "anthropic/claude-sonnet-4-5-20250929")
+	v.SetDefault("system-prompt", defaultSystemPrompt)
+	v.SetDefault("stream", true)
+	v.SetDefault("num-gpu-layers", -1)
+	v.SetDefault("main-gpu", 0)
 }
 
-// InitConfig initializes the viper configuration system.
+// InitConfig initializes the process-global viper configuration system.
 // It searches for config files in standard locations and loads them with
 // environment variable substitution.
 //
 // configFile: explicit config file path (empty = search defaults).
 // debug: if true, print warnings about missing configs to stderr.
+//
+// This wraps [initConfig] using the process-global store and is retained for
+// the CLI, which binds its flags to the global viper.
 func InitConfig(configFile string, debug bool) error {
+	return initConfig(viper.GetViper(), configFile, debug)
+}
+
+// initConfig loads configuration into the supplied per-instance store. When v
+// is nil the process-global store is used.
+func initConfig(v *viper.Viper, configFile string, debug bool) error {
+	if v == nil {
+		v = viper.GetViper()
+	}
+
+	// Configure KIT_* environment overrides unconditionally, before any file
+	// is loaded, so that an explicit config file does not disable env support.
+	// Map hyphenated config keys (e.g. "max-tokens") to underscored env var
+	// names (e.g. KIT_MAX_TOKENS); without this AutomaticEnv looks for
+	// KIT_MAX-TOKENS and silently misses valid overrides. Precedence is
+	// resolved at read time, so calling these before ReadConfig is fine.
+	v.SetEnvPrefix("KIT")
+	v.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
+	v.AutomaticEnv()
+
 	if configFile != "" {
-		return LoadConfigWithEnvSubstitution(configFile)
+		return loadConfigWithEnvSubstitution(v, configFile)
 	}
 
 	// Ensure a config file exists (create default if none found).
@@ -97,15 +120,15 @@ func InitConfig(configFile string, debug bool) error {
 	}
 
 	// Current directory has higher priority than home directory.
-	viper.AddConfigPath(".")
-	viper.AddConfigPath(home)
+	v.AddConfigPath(".")
+	v.AddConfigPath(home)
 
 	configLoaded := false
 
-	viper.SetConfigName(".kit")
-	if err := viper.ReadInConfig(); err == nil {
-		configPath := viper.ConfigFileUsed()
-		if err := LoadConfigWithEnvSubstitution(configPath); err != nil {
+	v.SetConfigName(".kit")
+	if err := v.ReadInConfig(); err == nil {
+		configPath := v.ConfigFileUsed()
+		if err := loadConfigWithEnvSubstitution(v, configPath); err != nil {
 			if strings.Contains(err.Error(), "environment variable substitution failed") {
 				return fmt.Errorf("error reading config file '%s': %w", configPath, err)
 			}
@@ -118,17 +141,21 @@ func InitConfig(configFile string, debug bool) error {
 		fmt.Fprintf(os.Stderr, "No config file found in current directory or home directory\n")
 	}
 
-	viper.SetEnvPrefix("KIT")
-	// Map hyphenated config keys (e.g. "max-tokens") to underscored env
-	// var names (e.g. KIT_MAX_TOKENS). Without this, AutomaticEnv looks
-	// for KIT_MAX-TOKENS and silently misses valid env overrides.
-	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
-	viper.AutomaticEnv()
 	return nil
 }
 
-// LoadConfigWithEnvSubstitution loads a config file with ${ENV_VAR} expansion.
+// LoadConfigWithEnvSubstitution loads a config file with ${ENV_VAR} expansion
+// into the process-global viper store.
 func LoadConfigWithEnvSubstitution(configPath string) error {
+	return loadConfigWithEnvSubstitution(viper.GetViper(), configPath)
+}
+
+// loadConfigWithEnvSubstitution loads a config file with ${ENV_VAR} expansion
+// into the supplied per-instance store (or the global store when v is nil).
+func loadConfigWithEnvSubstitution(v *viper.Viper, configPath string) error {
+	if v == nil {
+		v = viper.GetViper()
+	}
 	rawContent, err := os.ReadFile(configPath)
 	if err != nil {
 		return fmt.Errorf("failed to read config file: %w", err)
@@ -146,6 +173,6 @@ func LoadConfigWithEnvSubstitution(configPath string) error {
 	}
 
 	config.SetConfigPath(configPath)
-	viper.SetConfigType(configType)
-	return viper.ReadConfig(strings.NewReader(processedContent))
+	v.SetConfigType(configType)
+	return v.ReadConfig(strings.NewReader(processedContent))
 }

pkg/kit/context_files.go

@@ -0,0 +1,150 @@
+package kit
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// ---------------------------------------------------------------------------
+// Runtime context-file management (Issue #36)
+// ---------------------------------------------------------------------------
+//
+// Project context files (AGENTS.md and friends) are normally auto-discovered
+// during Kit.New() and injected into the system prompt. SDK consumers building
+// multi-tenant chatbots often need to swap context per user/session at runtime
+// without restarting the agent. The methods below provide that surface.
+//
+// Every mutation recomposes the system prompt and applies it to the underlying
+// agent so the next turn sees the updated project context.
+
+// AddContextFile registers a project context file (e.g. an AGENTS.md
+// equivalent) on this Kit instance. The file does not need to exist on
+// disk — Path is treated as an opaque identifier used both for de-duplication
+// and for the "Instructions from: <Path>" header injected into the system
+// prompt. If a context file with the same Path is already loaded the new
+// content replaces it.
+//
+// Returns an error when cf is nil or has an empty Path. AddContextFile is
+// safe to call from any goroutine.
+func (m *Kit) AddContextFile(cf *ContextFile) error {
+	if cf == nil {
+		return fmt.Errorf("AddContextFile: context file is nil")
+	}
+	if cf.Path == "" {
+		return fmt.Errorf("AddContextFile: context file path is required")
+	}
+
+	// Take a defensive copy so later mutations by the caller don't race with
+	// the agent reading the composed prompt.
+	stored := &ContextFile{
+		Path:    cf.Path,
+		Content: strings.TrimSpace(cf.Content),
+	}
+
+	m.runtimeMu.Lock()
+	replaced := false
+	for i, existing := range m.contextFiles {
+		if existing.Path == stored.Path {
+			m.contextFiles[i] = stored
+			replaced = true
+			break
+		}
+	}
+	if !replaced {
+		m.contextFiles = append(m.contextFiles, stored)
+	}
+	m.runtimeMu.Unlock()
+
+	m.applyComposedSystemPrompt()
+	return nil
+}
+
+// AddContextFileContent is a convenience wrapper around [Kit.AddContextFile]
+// that builds the ContextFile from a path and inline content string. Use this
+// when the context originates from a database, API response, or any other
+// non-filesystem source.
+func (m *Kit) AddContextFileContent(path, content string) (*ContextFile, error) {
+	cf := &ContextFile{Path: path, Content: content}
+	if err := m.AddContextFile(cf); err != nil {
+		return nil, err
+	}
+	return cf, nil
+}
+
+// LoadAndAddContextFile reads a file from disk and registers it as a project
+// context file via [Kit.AddContextFile]. The absolute path is stored on the
+// resulting ContextFile.
+func (m *Kit) LoadAndAddContextFile(path string) (*ContextFile, error) {
+	data, err := os.ReadFile(path)
+	if err != nil {
+		return nil, fmt.Errorf("LoadAndAddContextFile: %w", err)
+	}
+	abs, absErr := filepath.Abs(path)
+	if absErr != nil {
+		abs = path
+	}
+	cf := &ContextFile{
+		Path:    abs,
+		Content: strings.TrimSpace(string(data)),
+	}
+	if err := m.AddContextFile(cf); err != nil {
+		return nil, err
+	}
+	return cf, nil
+}
+
+// RemoveContextFile removes the context file with the given path and
+// recomposes the system prompt. Returns true when a matching file was found
+// and removed, false otherwise.
+func (m *Kit) RemoveContextFile(path string) bool {
+	m.runtimeMu.Lock()
+	found := false
+	for i, cf := range m.contextFiles {
+		if cf.Path == path {
+			m.contextFiles = append(m.contextFiles[:i], m.contextFiles[i+1:]...)
+			found = true
+			break
+		}
+	}
+	m.runtimeMu.Unlock()
+
+	if !found {
+		return false
+	}
+	m.applyComposedSystemPrompt()
+	return true
+}
+
+// SetContextFiles replaces the active context-file set with the provided
+// slice. Pass nil or an empty slice to clear all context. The system prompt
+// is recomposed and applied. ContextFiles with empty Paths are rejected and
+// no mutation is performed.
+func (m *Kit) SetContextFiles(files []*ContextFile) error {
+	// Validate first so a bad input doesn't partially mutate state.
+	for i, cf := range files {
+		if cf == nil {
+			return fmt.Errorf("SetContextFiles: context file at index %d is nil", i)
+		}
+		if cf.Path == "" {
+			return fmt.Errorf("SetContextFiles: context file at index %d has empty path", i)
+		}
+	}
+
+	// Defensive copies so caller-side mutation cannot race with composition.
+	copied := make([]*ContextFile, len(files))
+	for i, cf := range files {
+		copied[i] = &ContextFile{
+			Path:    cf.Path,
+			Content: strings.TrimSpace(cf.Content),
+		}
+	}
+
+	m.runtimeMu.Lock()
+	m.contextFiles = copied
+	m.runtimeMu.Unlock()
+
+	m.applyComposedSystemPrompt()
+	return nil
+}

pkg/kit/events.go

@@ -571,67 +571,56 @@ func (eb *eventBus) emit(event Event) {
 // Typed convenience subscribers
 // ---------------------------------------------------------------------------
 
+// subscribeTyped is the generic backbone of all the typed `On<EventName>`
+// convenience methods on *Kit. It wraps Subscribe with a type assertion
+// against E so handlers receive a strongly-typed event without each
+// public method having to repeat the boilerplate. Returns an unsubscribe
+// function.
+func subscribeTyped[E Event](k *Kit, handler func(E)) func() {
+	return k.Subscribe(func(e Event) {
+		if tev, ok := e.(E); ok {
+			handler(tev)
+		}
+	})
+}
+
 // OnToolCall registers a handler that fires only for ToolCallEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolCall(handler func(ToolCallEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tc, ok := e.(ToolCallEvent); ok {
-			handler(tc)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolCallStart registers a handler that fires only for ToolCallStartEvent.
 // This fires when the LLM begins generating tool call arguments — before the
 // full argument JSON is available. Returns an unsubscribe function.
 func (m *Kit) OnToolCallStart(handler func(ToolCallStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tcs, ok := e.(ToolCallStartEvent); ok {
-			handler(tcs)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolCallDelta registers a handler that fires only for ToolCallDeltaEvent.
 // Each delta contains a JSON fragment of tool call arguments as they stream in.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolCallDelta(handler func(ToolCallDeltaEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tcd, ok := e.(ToolCallDeltaEvent); ok {
-			handler(tcd)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolCallEnd registers a handler that fires only for ToolCallEndEvent.
 // This fires when tool argument streaming is complete, before the tool call
 // is parsed and execution begins. Returns an unsubscribe function.
 func (m *Kit) OnToolCallEnd(handler func(ToolCallEndEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tce, ok := e.(ToolCallEndEvent); ok {
-			handler(tce)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolResult registers a handler that fires only for ToolResultEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolResult(handler func(ToolResultEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tr, ok := e.(ToolResultEvent); ok {
-			handler(tr)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolOutput registers a handler that fires only for ToolOutputEvent
 // (streaming tool output chunks, e.g., from bash). Returns an unsubscribe function.
 func (m *Kit) OnToolOutput(handler func(ToolOutputEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if to, ok := e.(ToolOutputEvent); ok {
-			handler(to)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnStreaming registers a handler that fires only for MessageUpdateEvent
@@ -646,41 +635,25 @@ func (m *Kit) OnStreaming(handler func(MessageUpdateEvent)) func() {
 // OnMessageUpdate registers a handler that fires only for MessageUpdateEvent
 // (streaming text chunks). Returns an unsubscribe function.
 func (m *Kit) OnMessageUpdate(handler func(MessageUpdateEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if mu, ok := e.(MessageUpdateEvent); ok {
-			handler(mu)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnResponse registers a handler that fires only for ResponseEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnResponse(handler func(ResponseEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if r, ok := e.(ResponseEvent); ok {
-			handler(r)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnTurnStart registers a handler that fires only for TurnStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnTurnStart(handler func(TurnStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ts, ok := e.(TurnStartEvent); ok {
-			handler(ts)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnTurnEnd registers a handler that fires only for TurnEndEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnTurnEnd(handler func(TurnEndEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if te, ok := e.(TurnEndEvent); ok {
-			handler(te)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // ---------------------------------------------------------------------------
@@ -690,101 +663,61 @@ func (m *Kit) OnTurnEnd(handler func(TurnEndEvent)) func() {
 // OnMessageStart registers a handler that fires only for MessageStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnMessageStart(handler func(MessageStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ms, ok := e.(MessageStartEvent); ok {
-			handler(ms)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnMessageEnd registers a handler that fires only for MessageEndEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnMessageEnd(handler func(MessageEndEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if me, ok := e.(MessageEndEvent); ok {
-			handler(me)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnReasoningDelta registers a handler that fires only for ReasoningDeltaEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnReasoningDelta(handler func(ReasoningDeltaEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if rd, ok := e.(ReasoningDeltaEvent); ok {
-			handler(rd)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnReasoningComplete registers a handler that fires only for ReasoningCompleteEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnReasoningComplete(handler func(ReasoningCompleteEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if rc, ok := e.(ReasoningCompleteEvent); ok {
-			handler(rc)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolExecutionStart registers a handler that fires only for ToolExecutionStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolExecutionStart(handler func(ToolExecutionStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tes, ok := e.(ToolExecutionStartEvent); ok {
-			handler(tes)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolExecutionEnd registers a handler that fires only for ToolExecutionEndEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolExecutionEnd(handler func(ToolExecutionEndEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tee, ok := e.(ToolExecutionEndEvent); ok {
-			handler(tee)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnToolCallContent registers a handler that fires only for ToolCallContentEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnToolCallContent(handler func(ToolCallContentEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if tcc, ok := e.(ToolCallContentEvent); ok {
-			handler(tcc)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnStepUsage registers a handler that fires only for StepUsageEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnStepUsage(handler func(StepUsageEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if su, ok := e.(StepUsageEvent); ok {
-			handler(su)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnCompaction registers a handler that fires only for CompactionEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnCompaction(handler func(CompactionEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ce, ok := e.(CompactionEvent); ok {
-			handler(ce)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnSteerConsumed registers a handler that fires only for SteerConsumedEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnSteerConsumed(handler func(SteerConsumedEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if sc, ok := e.(SteerConsumedEvent); ok {
-			handler(sc)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // ---------------------------------------------------------------------------
@@ -794,101 +727,61 @@ func (m *Kit) OnSteerConsumed(handler func(SteerConsumedEvent)) func() {
 // OnStepStart registers a handler that fires only for StepStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnStepStart(handler func(StepStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ss, ok := e.(StepStartEvent); ok {
-			handler(ss)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnStepFinish registers a handler that fires only for StepFinishEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnStepFinish(handler func(StepFinishEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if sf, ok := e.(StepFinishEvent); ok {
-			handler(sf)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnTextStart registers a handler that fires only for TextStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnTextStart(handler func(TextStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ts, ok := e.(TextStartEvent); ok {
-			handler(ts)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnTextEnd registers a handler that fires only for TextEndEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnTextEnd(handler func(TextEndEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if te, ok := e.(TextEndEvent); ok {
-			handler(te)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnReasoningStart registers a handler that fires only for ReasoningStartEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnReasoningStart(handler func(ReasoningStartEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if rs, ok := e.(ReasoningStartEvent); ok {
-			handler(rs)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnWarnings registers a handler that fires only for WarningsEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnWarnings(handler func(WarningsEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if w, ok := e.(WarningsEvent); ok {
-			handler(w)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnSource registers a handler that fires only for SourceEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnSource(handler func(SourceEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if s, ok := e.(SourceEvent); ok {
-			handler(s)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnStreamFinish registers a handler that fires only for StreamFinishEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnStreamFinish(handler func(StreamFinishEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if sf, ok := e.(StreamFinishEvent); ok {
-			handler(sf)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnError registers a handler that fires only for ErrorEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnError(handler func(ErrorEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if ee, ok := e.(ErrorEvent); ok {
-			handler(ee)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // OnRetry registers a handler that fires only for RetryEvent.
 // Returns an unsubscribe function.
 func (m *Kit) OnRetry(handler func(RetryEvent)) func() {
-	return m.Subscribe(func(e Event) {
-		if r, ok := e.(RetryEvent); ok {
-			handler(r)
-		}
-	})
+	return subscribeTyped(m, handler)
 }
 
 // ---------------------------------------------------------------------------

pkg/kit/export_test.go

@@ -0,0 +1,22 @@
+package kit
+
+// This file exposes a handful of internal accessors to the external kit_test
+// package. Because it ends in _test.go it is only compiled during testing and
+// is therefore not part of the public SDK surface.
+
+// ConfigValueIsSetForTest reports whether key is explicitly set in this Kit's
+// isolated configuration store. Used by tests to assert the tri-state
+// precedence contract per-instance.
+func (m *Kit) ConfigValueIsSetForTest(key string) bool { return m.v.IsSet(key) }
+
+// ConfigStringForTest returns the string value of key from this Kit's isolated
+// configuration store.
+func (m *Kit) ConfigStringForTest(key string) string { return m.v.GetString(key) }
+
+// ConfigFloatForTest returns the float64 value of key from this Kit's isolated
+// configuration store.
+func (m *Kit) ConfigFloatForTest(key string) float64 { return m.v.GetFloat64(key) }
+
+// ConfigBoolForTest returns the bool value of key from this Kit's isolated
+// configuration store.
+func (m *Kit) ConfigBoolForTest(key string) bool { return m.v.GetBool(key) }

pkg/kit/extension_api.go

@@ -155,17 +155,17 @@ func (m *Kit) Extensions() ExtensionAPI {
 
 // Context management
 
-func (e *extensionAPI) SetContext(ctx extensions.Context) {
+func (e *extensionAPI) SetContext(ctx ExtensionContext) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetContext(ctx)
 	}
 }
 
-func (e *extensionAPI) GetContext() extensions.Context {
+func (e *extensionAPI) GetContext() ExtensionContext {
 	if e.kit.extRunner != nil {
 		return e.kit.extRunner.GetContext()
 	}
-	return extensions.Context{}
+	return ExtensionContext{}
 }
 
 func (e *extensionAPI) UpdateContextModel(model string) {
@@ -178,7 +178,7 @@ func (e *extensionAPI) UpdateContextModel(model string) {
 
 // Widgets
 
-func (e *extensionAPI) SetWidget(config extensions.WidgetConfig) {
+func (e *extensionAPI) SetWidget(config ExtensionWidgetConfig) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetWidget(config)
 	}
@@ -190,7 +190,7 @@ func (e *extensionAPI) RemoveWidget(id string) {
 	}
 }
 
-func (e *extensionAPI) GetWidgets(placement extensions.WidgetPlacement) []extensions.WidgetConfig {
+func (e *extensionAPI) GetWidgets(placement ExtensionWidgetPlacement) []ExtensionWidgetConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -199,7 +199,7 @@ func (e *extensionAPI) GetWidgets(placement extensions.WidgetPlacement) []extens
 
 // Header/Footer
 
-func (e *extensionAPI) SetHeader(config extensions.HeaderFooterConfig) {
+func (e *extensionAPI) SetHeader(config ExtensionHeaderFooterConfig) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetHeader(config)
 	}
@@ -211,14 +211,14 @@ func (e *extensionAPI) RemoveHeader() {
 	}
 }
 
-func (e *extensionAPI) GetHeader() *extensions.HeaderFooterConfig {
+func (e *extensionAPI) GetHeader() *ExtensionHeaderFooterConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
 	return e.kit.extRunner.GetHeader()
 }
 
-func (e *extensionAPI) SetFooter(config extensions.HeaderFooterConfig) {
+func (e *extensionAPI) SetFooter(config ExtensionHeaderFooterConfig) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetFooter(config)
 	}
@@ -230,7 +230,7 @@ func (e *extensionAPI) RemoveFooter() {
 	}
 }
 
-func (e *extensionAPI) GetFooter() *extensions.HeaderFooterConfig {
+func (e *extensionAPI) GetFooter() *ExtensionHeaderFooterConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -239,7 +239,7 @@ func (e *extensionAPI) GetFooter() *extensions.HeaderFooterConfig {
 
 // Editor
 
-func (e *extensionAPI) SetEditor(config extensions.EditorConfig) {
+func (e *extensionAPI) SetEditor(config ExtensionEditorConfig) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetEditor(config)
 	}
@@ -251,7 +251,7 @@ func (e *extensionAPI) ResetEditor() {
 	}
 }
 
-func (e *extensionAPI) GetEditor() *extensions.EditorConfig {
+func (e *extensionAPI) GetEditor() *ExtensionEditorConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -260,13 +260,13 @@ func (e *extensionAPI) GetEditor() *extensions.EditorConfig {
 
 // UI Visibility
 
-func (e *extensionAPI) SetUIVisibility(v extensions.UIVisibility) {
+func (e *extensionAPI) SetUIVisibility(v ExtensionUIVisibility) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetUIVisibility(v)
 	}
 }
 
-func (e *extensionAPI) GetUIVisibility() *extensions.UIVisibility {
+func (e *extensionAPI) GetUIVisibility() *ExtensionUIVisibility {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -275,14 +275,14 @@ func (e *extensionAPI) GetUIVisibility() *extensions.UIVisibility {
 
 // Tool rendering
 
-func (e *extensionAPI) GetToolRenderer(toolName string) *extensions.ToolRenderConfig {
+func (e *extensionAPI) GetToolRenderer(toolName string) *ExtensionToolRenderConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
 	return e.kit.extRunner.GetToolRenderer(toolName)
 }
 
-func (e *extensionAPI) GetMessageRenderer(name string) *extensions.MessageRendererConfig {
+func (e *extensionAPI) GetMessageRenderer(name string) *ExtensionMessageRendererConfig {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -291,7 +291,7 @@ func (e *extensionAPI) GetMessageRenderer(name string) *extensions.MessageRender
 
 // Session data
 
-func (e *extensionAPI) GetSessionMessages() []extensions.SessionMessage {
+func (e *extensionAPI) GetSessionMessages() []ExtensionSessionMessage {
 	if e.kit.session == nil {
 		return nil
 	}
@@ -299,8 +299,8 @@ func (e *extensionAPI) GetSessionMessages() []extensions.SessionMessage {
 	// Try to use the legacy iterBranchMessages for backward compatibility
 	// with the default TreeManager adapter
 	if adapter, ok := e.kit.session.(*treeManagerAdapter); ok {
-		return iterBranchMessages(adapter.inner, func(me *session.MessageEntry, msg message.Message) extensions.SessionMessage {
-			return extensions.SessionMessage{
+		return iterBranchMessages(adapter.inner, func(me *session.MessageEntry, msg message.Message) ExtensionSessionMessage {
+			return ExtensionSessionMessage{
 				ID:        me.ID,
 				Role:      string(msg.Role),
 				Content:   msg.Content(),
@@ -311,10 +311,10 @@ func (e *extensionAPI) GetSessionMessages() []extensions.SessionMessage {
 
 	// For custom SessionManagers, use the public interface
 	branch := e.kit.session.GetCurrentBranch()
-	var result []extensions.SessionMessage
+	var result []ExtensionSessionMessage
 	for _, entry := range branch {
 		if entry.Type == EntryTypeMessage {
-			result = append(result, extensions.SessionMessage{
+			result = append(result, ExtensionSessionMessage{
 				ID:        entry.ID,
 				Role:      entry.Role,
 				Content:   entry.Content,
@@ -332,14 +332,14 @@ func (e *extensionAPI) AppendEntry(extType, data string) (string, error) {
 	return e.kit.session.AppendExtensionData(extType, data)
 }
 
-func (e *extensionAPI) GetEntries(extType string) []extensions.ExtensionEntry {
+func (e *extensionAPI) GetEntries(extType string) []ExtensionEntry {
 	if e.kit.session == nil {
 		return nil
 	}
 	entries := e.kit.session.GetExtensionData(extType)
-	result := make([]extensions.ExtensionEntry, 0, len(entries))
+	result := make([]ExtensionEntry, 0, len(entries))
 	for _, e := range entries {
-		result = append(result, extensions.ExtensionEntry{
+		result = append(result, ExtensionEntry{
 			ID:        e.ID,
 			EntryType: e.ExtType,
 			Data:      e.Data,
@@ -351,7 +351,7 @@ func (e *extensionAPI) GetEntries(extType string) []extensions.ExtensionEntry {
 
 // Status bar
 
-func (e *extensionAPI) SetStatus(entry extensions.StatusBarEntry) {
+func (e *extensionAPI) SetStatus(entry ExtensionStatusBarEntry) {
 	if e.kit.extRunner != nil {
 		e.kit.extRunner.SetStatusEntry(entry)
 	}
@@ -363,7 +363,7 @@ func (e *extensionAPI) RemoveStatus(key string) {
 	}
 }
 
-func (e *extensionAPI) GetStatusEntries() []extensions.StatusBarEntry {
+func (e *extensionAPI) GetStatusEntries() []ExtensionStatusBarEntry {
 	if e.kit.extRunner == nil {
 		return nil
 	}
@@ -394,12 +394,12 @@ func (e *extensionAPI) GetShortcuts() map[string]func() {
 
 // Tools
 
-func (e *extensionAPI) GetToolInfos() []extensions.ToolInfo {
+func (e *extensionAPI) GetToolInfos() []ExtensionToolInfo {
 	agentTools := e.kit.agent.GetTools()
 	coreCount := e.kit.agent.GetCoreToolCount()
 	mcpCount := e.kit.agent.GetMCPToolCount()
 
-	result := make([]extensions.ToolInfo, 0, len(agentTools))
+	result := make([]ExtensionToolInfo, 0, len(agentTools))
 	for i, t := range agentTools {
 		info := t.Info()
 		source := "core"
@@ -412,7 +412,7 @@ func (e *extensionAPI) GetToolInfos() []extensions.ToolInfo {
 		if e.kit.extRunner != nil && e.kit.extRunner.IsToolDisabled(info.Name) {
 			enabled = false
 		}
-		result = append(result, extensions.ToolInfo{
+		result = append(result, ExtensionToolInfo{
 			Name:        info.Name,
 			Description: info.Description,
 			Source:      source,
@@ -505,7 +505,7 @@ func (e *extensionAPI) EmitBeforeSessionSwitch(switchReason string) (cancelled b
 
 // Commands
 
-func (e *extensionAPI) Commands() []extensions.CommandDef {
+func (e *extensionAPI) Commands() []ExtensionCommandDef {
 	if e.kit.extRunner == nil {
 		return nil
 	}

pkg/kit/kit.go

@@ -53,6 +53,14 @@ type Kit struct {
 	opts           *Options       // stored for reload operations (skills, etc.)
 	mcpConfig      *config.Config // loaded MCP/server config, shared with subagents
 
+	// v is this Kit instance's isolated configuration store. Each Kit owns its
+	// own *viper.Viper (constructed via viper.New) so that runtime config
+	// mutators (SetModel, SetThinkingLevel) and config reads do not clobber or
+	// observe state from other Kit instances in the same process. When the CLI
+	// constructs a Kit (Options.CLI != nil) this points at the process-global
+	// store so cobra flag bindings remain in effect.
+	v *viper.Viper
+
 	// hasCustomSystemPrompt is true when the user explicitly configured a
 	// system prompt (via --system-prompt flag, config file, or SDK option).
 	// When false, per-model system prompts from modelSettings/customModels
@@ -61,6 +69,11 @@ type Kit struct {
 	// systemPromptSource holds the raw configured value (file path or text)
 	// when hasCustomSystemPrompt is true; empty when the built-in default is in use.
 	systemPromptSource string
+	// basePrompt holds the resolved base system prompt text (post file-load,
+	// pre runtime-context composition) captured during New. Used by
+	// RefreshSystemPrompt to recompose after skills/context-file mutations.
+	// Protected by runtimeMu.
+	basePrompt string
 
 	// Hook registries — interception layer (see hooks.go).
 	beforeToolCall  *hookRegistry[BeforeToolCallHook, BeforeToolCallResult]
@@ -90,6 +103,12 @@ type Kit struct {
 		mu     sync.RWMutex
 	}
 
+	// runtimeMu protects contextFiles and skills against concurrent runtime
+	// mutations via AddSkill / RemoveSkill / AddContextFile etc. The fields
+	// are read by composeSystemPrompt and several other accessors, so all
+	// reads and writes after Kit construction must take this lock.
+	runtimeMu sync.RWMutex
+
 	// steerCh is a buffered channel used to inject steering messages into
 	// the running agent turn via the LLM library's PrepareStep. Created fresh for
 	// each generate() call and set to nil when idle. Protected by steerMu.
@@ -544,8 +563,8 @@ func (m *Kit) SetModel(ctx context.Context, modelString string) error {
 
 	// Build a provider config from current settings, overriding the model.
 	// Load system prompt properly (handles both file paths and inline content).
-	systemPrompt, _ := config.LoadSystemPrompt(viper.GetString("system-prompt"))
-	thinkingLevel := models.ParseThinkingLevel(viper.GetString("thinking-level"))
+	systemPrompt, _ := config.LoadSystemPrompt(m.v.GetString("system-prompt"))
+	thinkingLevel := models.ParseThinkingLevel(m.v.GetString("thinking-level"))
 
 	// Validate and adjust thinking level for the target model.
 	// Some models (e.g., OpenAI gpt-5.4) don't support "minimal" and require "none".
@@ -556,8 +575,8 @@ func (m *Kit) SetModel(ctx context.Context, modelString string) error {
 			if !models.IsValidThinkingLevelForModel(thinkingLevel, modelName) {
 				fallback := models.SuggestThinkingLevelFallback(thinkingLevel, modelName)
 				if fallback != models.ThinkingOff {
-					// Adjust the thinking level in viper so the change persists.
-					viper.Set("thinking-level", string(fallback))
+					// Adjust the thinking level in the instance store so the change persists.
+					m.v.Set("thinking-level", string(fallback))
 					thinkingLevel = fallback
 				}
 			}
@@ -569,35 +588,36 @@ func (m *Kit) SetModel(ctx context.Context, modelString string) error {
 	cfg := &models.ProviderConfig{
 		ModelString:    modelString,
 		SystemPrompt:   systemPrompt,
-		ProviderAPIKey: viper.GetString("provider-api-key"),
-		ProviderURL:    viper.GetString("provider-url"),
-		MaxTokens:      viper.GetInt("max-tokens"),
-		TLSSkipVerify:  viper.GetBool("tls-skip-verify"),
+		ProviderAPIKey: m.v.GetString("provider-api-key"),
+		ProviderURL:    m.v.GetString("provider-url"),
+		MaxTokens:      m.v.GetInt("max-tokens"),
+		TLSSkipVerify:  m.v.GetBool("tls-skip-verify"),
 		ThinkingLevel:  thinkingLevel,
 		DisableCaching: false, // Caching enabled by default, works with thinking
+		ConfigStore:    m.v,
 	}
 
 	// Only set generation parameter pointers when the user has explicitly
 	// provided a value. This leaves nil pointers for unset params, allowing
 	// per-model defaults (modelSettings / customModels params) to apply.
-	if viper.IsSet("temperature") {
-		v := float32(viper.GetFloat64("temperature"))
+	if m.v.IsSet("temperature") {
+		v := float32(m.v.GetFloat64("temperature"))
 		cfg.Temperature = &v
 	}
-	if viper.IsSet("top-p") {
-		v := float32(viper.GetFloat64("top-p"))
+	if m.v.IsSet("top-p") {
+		v := float32(m.v.GetFloat64("top-p"))
 		cfg.TopP = &v
 	}
-	if viper.IsSet("top-k") {
-		v := int32(viper.GetInt("top-k"))
+	if m.v.IsSet("top-k") {
+		v := int32(m.v.GetInt("top-k"))
 		cfg.TopK = &v
 	}
-	if viper.IsSet("frequency-penalty") {
-		v := float32(viper.GetFloat64("frequency-penalty"))
+	if m.v.IsSet("frequency-penalty") {
+		v := float32(m.v.GetFloat64("frequency-penalty"))
 		cfg.FrequencyPenalty = &v
 	}
-	if viper.IsSet("presence-penalty") {
-		v := float32(viper.GetFloat64("presence-penalty"))
+	if m.v.IsSet("presence-penalty") {
+		v := float32(m.v.GetFloat64("presence-penalty"))
 		cfg.PresencePenalty = &v
 	}
 
@@ -653,18 +673,25 @@ func (m *Kit) GetSystemPromptSource() string {
 // composeSystemPrompt takes a base system prompt and composes it with the
 // current runtime context: AGENTS.md content, skills metadata, and date/cwd.
 // This mirrors the composition done during Kit.New() initialization.
+// It acquires a read lock on runtimeMu while snapshotting contextFiles and
+// skills, so callers must not hold the write lock.
 func (m *Kit) composeSystemPrompt(basePrompt string) string {
 	cwd, _ := os.Getwd()
 	pb := skills.NewPromptBuilder(basePrompt)
 
+	m.runtimeMu.RLock()
+	contextFiles := append([]*ContextFile(nil), m.contextFiles...)
+	loadedSkills := append([]*skills.Skill(nil), m.skills...)
+	m.runtimeMu.RUnlock()
+
 	// Inject AGENTS.md content as project context.
-	for _, cf := range m.contextFiles {
+	for _, cf := range contextFiles {
 		pb.WithSection("", fmt.Sprintf("Instructions from: %s\n\n%s", cf.Path, cf.Content))
 	}
 
 	// Inject skills metadata.
-	if len(m.skills) > 0 {
-		pb.WithSkills(m.skills)
+	if len(loadedSkills) > 0 {
+		pb.WithSkills(loadedSkills)
 	}
 
 	// Append current date/time and working directory.
@@ -716,7 +743,7 @@ func (m *Kit) ReloadExtensions() error {
 	}
 
 	// Re-load from disk.
-	extraPaths := viper.GetStringSlice("extension")
+	extraPaths := m.v.GetStringSlice("extension")
 	loaded, err := extensions.LoadExtensions(extraPaths)
 	if err != nil {
 		return fmt.Errorf("reloading extensions: %w", err)
@@ -724,6 +751,7 @@ func (m *Kit) ReloadExtensions() error {
 
 	// Swap extensions on the runner (clears dynamic state).
 	m.extRunner.Reload(loaded)
+	m.extRunner.SetConfigStore(m.v)
 
 	// Update extension tools on the agent so the LLM sees changes.
 	if m.agent != nil {
@@ -762,7 +790,8 @@ func (m *Kit) ExecuteCompletion(ctx context.Context, req extensions.CompleteRequ
 		// Create a temporary provider for the requested model.
 		config := &models.ProviderConfig{
 			ModelString:   req.Model,
-			TLSSkipVerify: viper.GetBool("tls-skip-verify"),
+			TLSSkipVerify: m.v.GetBool("tls-skip-verify"),
+			ConfigStore:   m.v,
 		}
 		if req.MaxTokens > 0 {
 			config.MaxTokens = req.MaxTokens
@@ -848,37 +877,30 @@ func (m *Kit) ExecuteCompletion(ctx context.Context, req extensions.CompleteRequ
 // prompts, configuration, and behavior settings. All fields are optional
 // and will use CLI defaults if not specified.
 //
-// Global viper state warning:
-// Options are applied by [New] via [viper.Set] calls against viper's
-// process-global store. This store is shared with every downstream reader
-// (e.g. [Kit.SetModel], [Kit.GetThinkingLevel], BuildProviderConfig, and
-// any other code path that calls viper.Get*). Two consequences:
-//
-//  1. Kit instances are NOT isolated from each other within a single
-//     process. Values set by the second New() call overwrite the first,
-//     and any code that later reads viper will see the most recent Set.
-//  2. Fields left at the zero value do NOT clear prior viper state; they
-//     simply skip the viper.Set. Callers that need a clean slate between
-//     constructions should invoke viper.Reset() (the test suite uses a
-//     private resetViper() helper that wraps it) before the next New().
-//
-// Recommended usage: create one Kit per process, or reset viper between
-// constructions. Concurrent calls to New are serialized internally by
-// [viperInitMu], but that mutex does not prevent later viper reads (from
-// a different Kit) from observing mutated keys.
-//
-// TODO: refactor New to use a per-instance *viper.Viper (constructed via
-// viper.New()) so each Kit owns its own isolated config store and Options
-// no longer leak through the global singleton.
+// Config isolation: each [New] / [NewAgent] call constructs its own isolated
+// configuration store (via viper.New internally). Options are applied to that
+// per-instance store, so two Kits constructed in the same process do NOT share
+// or clobber each other's configuration. Runtime mutators ([Kit.SetModel],
+// [Kit.SetThinkingLevel]) and config readers ([Kit.GetThinkingLevel]) operate
+// only on the owning instance. Fields left at their zero value are simply not
+// applied; they fall through to the precedence chain (env → .kit.yml →
+// per-model defaults) resolved within the instance's own store.
 type Options struct {
 	Model        string // Override model (e.g., "anthropic/claude-sonnet-4-5-20250929")
 	SystemPrompt string // Override system prompt
 	ConfigFile   string // Override config file path
 	MaxSteps     int    // Override max steps (0 = use default)
-	Streaming    bool   // Enable streaming (default from config)
-	Quiet        bool   // Suppress debug output
-	Tools        []Tool // Custom tool set. If empty, AllTools() is used.
-	ExtraTools   []Tool // Additional tools added alongside core/MCP/extension tools.
+
+	// Streaming enables or disables streaming output. It is a pointer so the
+	// SDK can distinguish "unset" (nil) from an explicit choice, mirroring the
+	// sampling-parameter fields below. nil leaves streaming to the precedence
+	// chain (env → .kit.yml → default true); a non-nil value forces it. Prefer
+	// [WithStreaming] for the functional-options API.
+	Streaming *bool
+
+	Quiet      bool   // Suppress debug output
+	Tools      []Tool // Custom tool set. If empty, AllTools() is used.
+	ExtraTools []Tool // Additional tools added alongside core/MCP/extension tools.
 
 	// Generation parameters. These override the corresponding values from
 	// .kit.yml / KIT_* environment variables. Leaving a field at its
@@ -1151,40 +1173,40 @@ func InitTreeSession(opts *Options) (*session.TreeManager, error) {
 	return session.CreateTreeSession(sessionDir)
 }
 
-// viperInitMu serializes viper writes during [New]. Viper's global state
-// is not thread-safe, so concurrent calls (e.g. parallel subagent spawns)
-// must not overlap the Set/Get window. Note that this mutex only protects
-// the construction window — it does not isolate long-lived Kit instances
-// from each other. See the "Global viper state warning" on [Options].
-var viperInitMu sync.Mutex
-
 // New creates a Kit instance using the same initialization as the CLI.
 // It loads configuration, initializes MCP servers, creates the LLM model, and
 // sets up the agent for interaction. Returns an error if initialization fails.
 //
-// Global viper state warning: fields on [Options] are applied by calling
-// [viper.Set] on viper's process-global store. As a result, two Kits
-// constructed in the same process are NOT isolated: the second New
-// overwrites viper keys set by the first, and any downstream reader
-// (e.g. [Kit.SetModel], [Kit.GetThinkingLevel]) will observe the most
-// recent value. Callers that need multiple independent Kits should call
-// viper.Reset() between constructions, or avoid constructing more than
-// one Kit per process. Writes during New are serialized by [viperInitMu].
+// Config isolation: New constructs a per-instance configuration store (via
+// viper.New internally) and applies [Options] to it. Two Kits constructed in
+// the same process are therefore fully isolated — neither overwrites the
+// other's model, thinking level, or generation parameters, and runtime
+// mutators ([Kit.SetModel], [Kit.SetThinkingLevel]) only affect the owning
+// instance. This makes subagent spawning and multi-Kit embedding safe without
+// any external synchronization.
 //
-// TODO: refactor to use a per-call viper.New() instance so each Kit owns
-// its own isolated config store and Options stop leaking through the
-// global singleton.
+// CLI integration: when Options.CLI is non-nil the Kit shares the
+// process-global viper store instead of allocating a fresh one, so cobra flag
+// bindings established by the CLI remain in effect. SDK callers leave
+// Options.CLI nil and always get an isolated store.
+//
+// For an ergonomic functional-options front door, see [NewAgent].
 func New(ctx context.Context, opts *Options) (*Kit, error) {
 	if opts == nil {
 		opts = &Options{}
 	}
 
-	// All viper writes (SetSDKDefaults, InitConfig, Set calls, system-prompt
-	// composition) happen under viperInitMu. We also call BuildProviderConfig
-	// here — it's fast (just reads) — so we can capture the full config
-	// snapshot before releasing the lock. The expensive work (MCP loading,
-	// provider creation, session init) then runs outside the lock, allowing
-	// parallel subagent spawns to proceed concurrently.
+	// Construct this Kit's configuration store. SDK callers get a fresh,
+	// isolated *viper.Viper so concurrent constructions never clobber each
+	// other. The CLI (Options.CLI != nil) shares the process-global store so
+	// its cobra flag bindings and pre-loaded config remain visible.
+	var v *viper.Viper
+	if opts.CLI != nil {
+		v = viper.GetViper()
+	} else {
+		v = viper.New()
+	}
+
 	var (
 		providerConfig        *models.ProviderConfig
 		modelString           string
@@ -1194,86 +1216,93 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 		mcpConfig             *config.Config
 		debug                 bool
 		noExtensions          bool
+		disableCoreTools      bool
 		maxSteps              int
 		streaming             bool
 		hasCustomSystemPrompt bool
 		systemPromptSource    string
+		capturedBasePrompt    string
 	)
 
 	if err := func() error {
-		viperInitMu.Lock()
-		defer viperInitMu.Unlock()
+		// Set CLI-equivalent defaults on the instance store. When used as an
+		// SDK (without cobra), these defaults are not registered via flag bindings.
+		setSDKDefaults(v)
 
-		// Set CLI-equivalent defaults for viper. When used as an SDK (without
-		// cobra), these defaults are not registered via flag bindings.
-		setSDKDefaults()
-
-		// Initialize config (loads config files and env vars).
-		// Only initialize if not already done (e.g., by CLI's cobra.OnInitialize).
-		// Check if model is already set, which indicates config was loaded.
+		// Initialize config (loads config files and env vars) into the instance
+		// store. The CLI shares the process-global store, which cobra.OnInitialize
+		// has already populated, so re-running initConfig there is unnecessary;
+		// SDK callers get a fresh isolated store that must be loaded here.
+		// We key off opts.CLI (not a config value) because setSDKDefaults always
+		// seeds "model", which would otherwise mask an empty store.
 		// SkipConfig bypasses .kit.yml file loading (viper defaults and env vars still apply).
-		if !opts.SkipConfig && viper.GetString("model") == "" {
-			if err := InitConfig(opts.ConfigFile, false); err != nil {
+		if !opts.SkipConfig && opts.CLI == nil {
+			if err := initConfig(v, opts.ConfigFile, false); err != nil {
 				return fmt.Errorf("failed to initialize config: %w", err)
 			}
 		}
 
 		// Handle CLI debug mode.
 		if opts.Debug {
-			viper.Set("debug", true)
+			v.Set("debug", true)
 		}
 
-		// Override viper settings with options.
+		// Override instance settings with options.
 		if opts.Model != "" {
-			viper.Set("model", opts.Model)
+			v.Set("model", opts.Model)
 		}
 		if opts.SystemPrompt != "" {
-			viper.Set("system-prompt", opts.SystemPrompt)
+			v.Set("system-prompt", opts.SystemPrompt)
 		}
 		if opts.MaxSteps > 0 {
-			viper.Set("max-steps", opts.MaxSteps)
+			v.Set("max-steps", opts.MaxSteps)
+		}
+		// Only override streaming when the caller explicitly set it. Otherwise
+		// leave the precedence chain (env → config → default true) untouched so a
+		// zero-valued Options does not silently force stream=false.
+		if opts.Streaming != nil {
+			v.Set("stream", *opts.Streaming)
 		}
-		viper.Set("stream", opts.Streaming)
 
 		// Generation parameter overrides. Each Options field, when set,
-		// is pushed into viper here so the existing downstream code
-		// (BuildProviderConfig, SetModel, modelSettings lookups) picks
-		// it up uniformly. Pointer-typed sampling params use viper.Set
-		// only when non-nil so that nil means "leave provider/per-model
-		// default in place" (BuildProviderConfig keys off viper.IsSet).
+		// is pushed into the instance store here so the existing downstream
+		// code (BuildProviderConfig, SetModel, modelSettings lookups) picks
+		// it up uniformly. Pointer-typed sampling params use Set only when
+		// non-nil so that nil means "leave provider/per-model default in
+		// place" (BuildProviderConfig keys off IsSet).
 		if opts.MaxTokens > 0 {
-			viper.Set("max-tokens", opts.MaxTokens)
+			v.Set("max-tokens", opts.MaxTokens)
 		}
 		if opts.ThinkingLevel != "" {
-			viper.Set("thinking-level", opts.ThinkingLevel)
+			v.Set("thinking-level", opts.ThinkingLevel)
 		}
 		if opts.Temperature != nil {
-			viper.Set("temperature", *opts.Temperature)
+			v.Set("temperature", *opts.Temperature)
 		}
 		if opts.TopP != nil {
-			viper.Set("top-p", *opts.TopP)
+			v.Set("top-p", *opts.TopP)
 		}
 		if opts.TopK != nil {
-			viper.Set("top-k", *opts.TopK)
+			v.Set("top-k", *opts.TopK)
 		}
 		if opts.FrequencyPenalty != nil {
-			viper.Set("frequency-penalty", *opts.FrequencyPenalty)
+			v.Set("frequency-penalty", *opts.FrequencyPenalty)
 		}
 		if opts.PresencePenalty != nil {
-			viper.Set("presence-penalty", *opts.PresencePenalty)
+			v.Set("presence-penalty", *opts.PresencePenalty)
 		}
 
 		// Provider overrides. TLSSkipVerify only takes effect when true —
 		// callers wanting to force-disable should use the config file or
 		// env var instead.
 		if opts.ProviderAPIKey != "" {
-			viper.Set("provider-api-key", opts.ProviderAPIKey)
+			v.Set("provider-api-key", opts.ProviderAPIKey)
 		}
 		if opts.ProviderURL != "" {
-			viper.Set("provider-url", opts.ProviderURL)
+			v.Set("provider-url", opts.ProviderURL)
 		}
 		if opts.TLSSkipVerify {
-			viper.Set("tls-skip-verify", true)
+			v.Set("tls-skip-verify", true)
 		}
 
 		// Resolve working directory for context/skill discovery.
@@ -1304,7 +1333,7 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 		// explicitly set system-prompt, use the per-model prompt as the
 		// base instead of the global default.
 		{
-			rawPromptInput := viper.GetString("system-prompt")
+			rawPromptInput := v.GetString("system-prompt")
 
 			// Resolve a file path to its content so PromptBuilder receives the
 			// actual prompt text rather than a literal path string. Without this,
@@ -1329,12 +1358,12 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 			// Check for per-model system prompt override when no explicit
 			// global system-prompt was configured by the user.
 			if !userSetSystemPrompt {
-				modelStr := viper.GetString("model")
+				modelStr := v.GetString("model")
 				if modelStr != "" {
 					if mi := models.LookupModelForSettings(modelStr); mi != nil {
 						var perModelParams *models.GenerationParams
 						// modelSettings takes priority over custom model params.
-						if ms := models.LoadModelSettingsFromConfig(); ms != nil {
+						if ms := models.LoadModelSettingsFrom(v); ms != nil {
 							perModelParams = ms[modelStr]
 						}
 						if perModelParams == nil && mi.Params != nil {
@@ -1349,6 +1378,10 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 
 			pb := skills.NewPromptBuilder(basePrompt)
 
+			// Capture the resolved base prompt so RefreshSystemPrompt can
+			// recompose later after runtime skill/context-file mutations.
+			capturedBasePrompt = basePrompt
+
 			// Inject AGENTS.md content as project context.
 			for _, cf := range contextFiles {
 				pb.WithSection("", fmt.Sprintf("Instructions from: %s\n\n%s", cf.Path, cf.Content))
@@ -1365,41 +1398,42 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 				time.Now().Format("Monday, January 2, 2006, 3:04:05 PM MST"), cwd,
 			))
 
-			viper.Set("system-prompt", pb.Build())
+			v.Set("system-prompt", pb.Build())
 		}
 
-		// Snapshot all viper-derived values now, while the lock is held.
-		// BuildProviderConfig is fast (pure reads), so we do it here.
+		// Snapshot all instance-derived values now.
+		// BuildProviderConfig is fast (pure reads).
 		var pcErr error
-		providerConfig, _, pcErr = kitsetup.BuildProviderConfig()
+		providerConfig, _, pcErr = kitsetup.BuildProviderConfig(v)
 		if pcErr != nil {
 			return fmt.Errorf("failed to build provider config: %w", pcErr)
 		}
 
 		// SDK last-resort max-tokens floor. When nothing — Options, env,
 		// config, nor a per-model default — supplied a value, we land on
-		// zero here (viper.GetInt returns 0 for unset keys). Apply the
-		// SDK default directly on the struct rather than via viper so
-		// viper.IsSet("max-tokens") stays false: downstream right-sizing
+		// zero here (GetInt returns 0 for unset keys). Apply the
+		// SDK default directly on the struct rather than via the store so
+		// IsSet("max-tokens") stays false: downstream right-sizing
 		// can still raise this toward the model's known output ceiling,
 		// and per-model modelSettings[...].maxTokens can still win.
 		if providerConfig.MaxTokens == 0 && opts.MaxTokens == 0 {
 			providerConfig.MaxTokens = sdkDefaultMaxTokens
 		}
-		modelString = viper.GetString("model")
-		debug = viper.GetBool("debug")
-		noExtensions = opts.NoExtensions || viper.GetBool("no-extensions")
-		maxSteps = viper.GetInt("max-steps")
-		streaming = viper.GetBool("stream")
+		modelString = v.GetString("model")
+		debug = v.GetBool("debug")
+		noExtensions = opts.NoExtensions || v.GetBool("no-extensions")
+		disableCoreTools = opts.DisableCoreTools || v.GetBool("no-core-tools")
+		maxSteps = v.GetInt("max-steps")
+		streaming = v.GetBool("stream")
 
 		return nil
 	}(); err != nil {
 		return nil, err
 	}
-	// ---- viperInitMu released — heavy I/O below runs concurrently ----
+	// ---- config snapshot complete — heavy I/O below ----
 
 	// Load MCP configuration. Use pre-loaded config if provided directly,
-	// via CLI options, or load from viper as a last resort.
+	// via CLI options, or load from the instance store as a last resort.
 	if opts.MCPConfig != nil {
 		mcpConfig = opts.MCPConfig
 	} else if opts.CLI != nil && opts.CLI.MCPConfig != nil {
@@ -1407,7 +1441,7 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 	}
 	if mcpConfig == nil {
 		var err error
-		mcpConfig, err = config.LoadAndValidateConfig()
+		mcpConfig, err = config.LoadAndValidateConfigFrom(v)
 		if err != nil {
 			return nil, fmt.Errorf("failed to load MCP config: %w", err)
 		}
@@ -1446,7 +1480,7 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 		MCPConfig:         mcpConfig,
 		Quiet:             opts.Quiet,
 		CoreTools:         opts.Tools,
-		DisableCoreTools:  opts.DisableCoreTools,
+		DisableCoreTools:  disableCoreTools,
 		ExtraTools:        opts.ExtraTools,
 		ToolWrapper:       hookToolWrapper(beforeToolCall, afterToolResult),
 		ProviderConfig:    providerConfig,
@@ -1463,6 +1497,7 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 			timeout:         opts.MCPTaskTimeout,
 			progress:        opts.MCPTaskProgress,
 		}.toToolsConfig(),
+		Viper: v,
 	}
 
 	// Set up OAuth handler for remote MCP servers. The SDK does not create
@@ -1532,8 +1567,10 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 		authHandler:           setupOpts.AuthHandler,
 		opts:                  opts,
 		mcpConfig:             mcpConfig,
+		v:                     v,
 		hasCustomSystemPrompt: hasCustomSystemPrompt,
 		systemPromptSource:    systemPromptSource,
+		basePrompt:            capturedBasePrompt,
 		beforeToolCall:        beforeToolCall,
 		afterToolResult:       afterToolResult,
 		beforeTurn:            beforeTurn,
@@ -1560,15 +1597,32 @@ func New(ctx context.Context, opts *Options) (*Kit, error) {
 	return k, nil
 }
 
-// GetContextFiles returns the context files (e.g. AGENTS.md) loaded during
-// initialisation. Returns nil if no context files were found.
+// GetContextFiles returns the context files (e.g. AGENTS.md) currently active
+// on this Kit instance. The returned slice is a snapshot — mutating it does
+// not affect Kit state. Returns nil when no context files are loaded.
 func (m *Kit) GetContextFiles() []*ContextFile {
-	return m.contextFiles
+	m.runtimeMu.RLock()
+	defer m.runtimeMu.RUnlock()
+	if len(m.contextFiles) == 0 {
+		return nil
+	}
+	out := make([]*ContextFile, len(m.contextFiles))
+	copy(out, m.contextFiles)
+	return out
 }
 
-// GetSkills returns the skills loaded during initialisation.
+// GetSkills returns the skills currently active on this Kit instance. The
+// returned slice is a snapshot — mutating it does not affect Kit state.
+// Returns nil when no skills are loaded.
 func (m *Kit) GetSkills() []*Skill {
-	return m.skills
+	m.runtimeMu.RLock()
+	defer m.runtimeMu.RUnlock()
+	if len(m.skills) == 0 {
+		return nil
+	}
+	out := make([]*Skill, len(m.skills))
+	copy(out, m.skills)
+	return out
 }
 
 // ---------------------------------------------------------------------------
@@ -1613,12 +1667,14 @@ func (m *Kit) expandSkillCommand(prompt string) string {
 
 	// Find the skill by name.
 	var skillPath string
+	m.runtimeMu.RLock()
 	for _, s := range m.skills {
 		if s.Name == name {
 			skillPath = s.Path
 			break
 		}
 	}
+	m.runtimeMu.RUnlock()
 	if skillPath == "" {
 		return prompt
 	}
@@ -1791,6 +1847,50 @@ type SubagentResult struct {
 	Elapsed time.Duration
 }
 
+// inheritProviderConfig copies the parent's effective provider/runtime
+// configuration from its isolated config store onto child Options. Used by
+// Kit.Subagent so the child — which owns a separate store and re-loads only
+// .kit.yml / KIT_* on its own — still observes provider credentials, the
+// thinking level, and sampler/token overrides the parent acquired via
+// programmatic Options or runtime setters (e.g. SetThinkingLevel).
+//
+// max-tokens and the sampling parameters are only propagated when the parent
+// explicitly set them (IsSet), preserving the tri-state precedence so per-model
+// defaults still apply on the child when the parent left them unset. A nil
+// child or store is a no-op.
+func inheritProviderConfig(child *Options, v *viper.Viper) {
+	if child == nil || v == nil {
+		return
+	}
+	child.ProviderAPIKey = v.GetString("provider-api-key")
+	child.ProviderURL = v.GetString("provider-url")
+	child.TLSSkipVerify = v.GetBool("tls-skip-verify")
+	child.ThinkingLevel = v.GetString("thinking-level")
+	if v.IsSet("max-tokens") {
+		child.MaxTokens = v.GetInt("max-tokens")
+	}
+	if v.IsSet("temperature") {
+		t := float32(v.GetFloat64("temperature"))
+		child.Temperature = &t
+	}
+	if v.IsSet("top-p") {
+		p := float32(v.GetFloat64("top-p"))
+		child.TopP = &p
+	}
+	if v.IsSet("top-k") {
+		k := int32(v.GetInt("top-k"))
+		child.TopK = &k
+	}
+	if v.IsSet("frequency-penalty") {
+		fp := float32(v.GetFloat64("frequency-penalty"))
+		child.FrequencyPenalty = &fp
+	}
+	if v.IsSet("presence-penalty") {
+		pp := float32(v.GetFloat64("presence-penalty"))
+		child.PresencePenalty = &pp
+	}
+}
+
 // Subagent spawns an in-process child Kit instance to perform a task. The
 // child gets its own session, event bus, and agent loop but shares the
 // parent's config (API keys, provider settings) and defaults to the parent's
@@ -1860,22 +1960,28 @@ func (m *Kit) Subagent(ctx context.Context, cfg SubagentConfig) (*SubagentResult
 	}
 
 	// Create child Kit instance. Pass the parent's loaded MCP config to
-	// avoid re-reading viper (which races with concurrent subagent spawns).
-	// Streaming must be explicitly enabled — Options.Streaming defaults to
-	// false, and New() unconditionally writes viper.Set("stream", opts.Streaming).
-	// Without this, the subagent would (a) pollute viper global state for
-	// other concurrent callers and (b) potentially hit provider-level
-	// differences (e.g. Anthropic non-streaming timeouts with extended
-	// thinking).
+	// avoid re-loading and re-validating config for the child.
+	// Streaming is enabled explicitly — without it, non-streaming can hit
+	// provider-level differences (e.g. Anthropic non-streaming timeouts with
+	// extended thinking). The child gets its own config store, so this does not
+	// affect any other concurrent caller.
+	streamOn := true
 	childOpts := &Options{
 		Model:        model,
 		SystemPrompt: systemPrompt,
 		Tools:        tools,
 		NoSession:    cfg.NoSession,
 		Quiet:        true,
-		Streaming:    true,
+		Streaming:    &streamOn,
 		MCPConfig:    m.mcpConfig,
 	}
+
+	// Inherit the parent's effective provider/runtime configuration. Since #40
+	// each Kit owns an isolated config store, so the child's New() only re-loads
+	// .kit.yml / KIT_* on its own — values the parent picked up from
+	// programmatic Options or runtime setters (e.g. SetThinkingLevel) would
+	// otherwise be lost.
+	inheritProviderConfig(childOpts, m.v)
 	// Propagate the parent's MCP task configuration so a child subagent
 	// invoking long-running MCP tools observes the same per-server modes,
 	// timeouts, and progress callback as the parent. Without this, child
@@ -2084,7 +2190,7 @@ func (m *Kit) generate(ctx context.Context, messages []fantasy.Message) (*agent.
 			}
 		},
 		OnStepUsage: func(inputTokens, outputTokens, cacheReadTokens, cacheCreationTokens int64) {
-			if viper.GetBool("debug") {
+			if m.v.GetBool("debug") {
 				log.Printf("DEBUG Kit.generate emitting StepUsageEvent: input=%d output=%d cacheRead=%d cacheCreate=%d",
 					inputTokens, outputTokens, cacheReadTokens, cacheCreationTokens,
 				)
@@ -2580,7 +2686,7 @@ func (m *Kit) IsReasoningModel() bool {
 
 // GetThinkingLevel returns the current thinking level.
 func (m *Kit) GetThinkingLevel() string {
-	return viper.GetString("thinking-level")
+	return m.v.GetString("thinking-level")
 }
 
 // SetThinkingLevel changes the thinking level and recreates the agent with
@@ -2589,7 +2695,7 @@ func (m *Kit) GetThinkingLevel() string {
 // With message-level caching, both thinking and caching work together.
 // Caching reduces costs by 60-90% for repeated context.
 func (m *Kit) SetThinkingLevel(ctx context.Context, level string) error {
-	viper.Set("thinking-level", level)
+	m.v.Set("thinking-level", level)
 	// Recreate agent with new thinking config by re-running SetModel
 	// with the same model string. SetModel rebuilds the provider and
 	// passes the updated viper config (including thinking-level).

pkg/kit/kit_test.go

@@ -86,8 +86,8 @@ func TestNewWithGenerationOptions(t *testing.T) {
 		if got := host.MaxTokens(); got != want {
 			t.Errorf("Options.MaxTokens=%d did not propagate; Kit.MaxTokens()=%d", want, got)
 		}
-		if !viper.IsSet("max-tokens") {
-			t.Error("viper.IsSet(\"max-tokens\") should be true after MaxTokens override")
+		if !host.ConfigValueIsSetForTest("max-tokens") {
+			t.Error("max-tokens should be marked explicitly set on the instance store after MaxTokens override")
 		}
 	})
 
@@ -129,11 +129,11 @@ func TestNewWithGenerationOptions(t *testing.T) {
 		}
 		defer func() { _ = host.Close() }()
 
-		if !viper.IsSet("temperature") {
-			t.Fatal("viper.IsSet(\"temperature\") should be true after Temperature override")
+		if !host.ConfigValueIsSetForTest("temperature") {
+			t.Fatal("temperature should be marked explicitly set on the instance store after Temperature override")
 		}
-		if got := float32(viper.GetFloat64("temperature")); got != want {
-			t.Errorf("Options.Temperature=%v did not propagate; viper=%v", want, got)
+		if got := float32(host.ConfigFloatForTest("temperature")); got != want {
+			t.Errorf("Options.Temperature=%v did not propagate; instance store=%v", want, got)
 		}
 	})
 }
@@ -185,8 +185,8 @@ func TestNewPreservesIsSetSemantics(t *testing.T) {
 	// from SDK-side SetDefault/Set calls — which is exactly what this
 	// test is guarding against.
 	for _, k := range checkKeys {
-		if viper.IsSet(k) {
-			t.Errorf("viper.IsSet(%q) == true when no Options field set it "+
+		if host.ConfigValueIsSetForTest(k) {
+			t.Errorf("instance store reports %q explicitly set when no Options field set it "+
 				"(SDK defaults must not corrupt IsSet semantics)", k)
 		}
 	}
@@ -217,14 +217,14 @@ func TestNewWithProviderOptions(t *testing.T) {
 		}
 		defer func() { _ = host.Close() }()
 
-		if got := viper.GetString("provider-api-key"); got != apiKey {
-			t.Errorf("Options.ProviderAPIKey did not propagate to viper; got %q (len=%d)", got, len(got))
+		if got := host.ConfigStringForTest("provider-api-key"); got != apiKey {
+			t.Errorf("Options.ProviderAPIKey did not propagate to the instance store; got %q (len=%d)", got, len(got))
 		}
 	})
 
-	// Override precedence: even when viper already holds a different
-	// provider-api-key value (as it would if a config file or earlier
-	// Set() call populated one), Options.ProviderAPIKey must win.
+	// Override precedence: even when the process-global store already holds a
+	// different provider-api-key value, Options.ProviderAPIKey must win on the
+	// Kit's isolated store.
 	t.Run("Options override beats pre-existing viper state", func(t *testing.T) {
 		defer resetViper()
 
@@ -242,15 +242,16 @@ func TestNewWithProviderOptions(t *testing.T) {
 			ProviderAPIKey:   want,
 		})
 		// Creation may still fail if the model registry is strict, but
-		// we only care that the override reached viper before any
-		// provider handshake happened.
-		if host != nil {
-			defer func() { _ = host.Close() }()
+		// we only care that the override reached the instance store before
+		// any provider handshake happened.
+		if host == nil {
+			t.Fatalf("expected a Kit instance to inspect; got nil (err=%v)", err)
 		}
+		defer func() { _ = host.Close() }()
 		_ = err
 
-		if got := viper.GetString("provider-api-key"); got != want {
-			t.Errorf("Options.ProviderAPIKey did not override pre-existing viper value; got %q, want %q", got, want)
+		if got := host.ConfigStringForTest("provider-api-key"); got != want {
+			t.Errorf("Options.ProviderAPIKey did not override pre-existing value on the instance store; got %q, want %q", got, want)
 		}
 	})
 
@@ -270,7 +271,7 @@ func TestNewWithProviderOptions(t *testing.T) {
 		}
 		defer func() { _ = host.Close() }()
 
-		if got := viper.GetString("provider-url"); got != want {
+		if got := host.ConfigStringForTest("provider-url"); got != want {
 			t.Errorf("Options.ProviderURL did not propagate; got %q, want %q", got, want)
 		}
 	})
@@ -353,9 +354,9 @@ func TestNewSystemPromptFilePath(t *testing.T) {
 		t.Errorf("GetSystemPromptSource() = %q; want %q", got, want)
 	}
 
-	// The composed system prompt is written back to viper after PromptBuilder
-	// runs. It must contain the file's contents, not the file path.
-	composed := viper.GetString("system-prompt")
+	// The composed system prompt is written back to the instance store after
+	// PromptBuilder runs. It must contain the file's contents, not the file path.
+	composed := host.ConfigStringForTest("system-prompt")
 	if !strings.Contains(composed, promptContent) {
 		t.Errorf("composed system-prompt does not contain file contents\n  composed = %q\n  want substring = %q", composed, promptContent)
 	}
@@ -392,7 +393,7 @@ func TestNewSystemPromptInline(t *testing.T) {
 	if got := host.GetSystemPromptSource(); got != inline {
 		t.Errorf("GetSystemPromptSource() = %q; want %q", got, inline)
 	}
-	if composed := viper.GetString("system-prompt"); !strings.Contains(composed, inline) {
+	if composed := host.ConfigStringForTest("system-prompt"); !strings.Contains(composed, inline) {
 		t.Errorf("composed system-prompt missing inline content; got %q", composed)
 	}
 }

pkg/kit/mcp_tasks_test.go

@@ -4,6 +4,8 @@ import (
 	"testing"
 	"time"
 
+	"github.com/spf13/viper"
+
 	"github.com/mark3labs/kit/internal/tools"
 )
 
@@ -163,3 +165,82 @@ func TestSubagentPropagatesMCPTaskOptions(t *testing.T) {
 	inheritMCPTaskOptions(&Options{}, nil)
 	inheritMCPTaskOptions(nil, parent)
 }
+
+// TestInheritProviderConfig verifies that Kit.Subagent's provider/runtime
+// config inheritance copies the parent's effective settings onto child
+// Options, and that the tri-state (IsSet) keys are only propagated when the
+// parent explicitly set them. Regression test for config loss after the
+// per-instance viper store isolation (#40).
+func TestInheritProviderConfig(t *testing.T) {
+	t.Run("explicit values propagate", func(t *testing.T) {
+		v := viper.New()
+		v.Set("provider-api-key", "sk-parent")
+		v.Set("provider-url", "https://proxy.internal/v1")
+		v.Set("tls-skip-verify", true)
+		v.Set("thinking-level", "high")
+		v.Set("max-tokens", 4321)
+		v.Set("temperature", 0.25)
+		v.Set("top-p", 0.9)
+		v.Set("top-k", 40)
+		v.Set("frequency-penalty", 0.1)
+		v.Set("presence-penalty", 0.2)
+
+		child := &Options{}
+		inheritProviderConfig(child, v)
+
+		if child.ProviderAPIKey != "sk-parent" {
+			t.Errorf("ProviderAPIKey = %q, want sk-parent", child.ProviderAPIKey)
+		}
+		if child.ProviderURL != "https://proxy.internal/v1" {
+			t.Errorf("ProviderURL = %q", child.ProviderURL)
+		}
+		if !child.TLSSkipVerify {
+			t.Error("TLSSkipVerify not propagated")
+		}
+		if child.ThinkingLevel != "high" {
+			t.Errorf("ThinkingLevel = %q, want high", child.ThinkingLevel)
+		}
+		if child.MaxTokens != 4321 {
+			t.Errorf("MaxTokens = %d, want 4321", child.MaxTokens)
+		}
+		if child.Temperature == nil || *child.Temperature != 0.25 {
+			t.Errorf("Temperature = %v, want 0.25", child.Temperature)
+		}
+		if child.TopP == nil || *child.TopP != 0.9 {
+			t.Errorf("TopP = %v, want 0.9", child.TopP)
+		}
+		if child.TopK == nil || *child.TopK != 40 {
+			t.Errorf("TopK = %v, want 40", child.TopK)
+		}
+		if child.FrequencyPenalty == nil || *child.FrequencyPenalty != 0.1 {
+			t.Errorf("FrequencyPenalty = %v, want 0.1", child.FrequencyPenalty)
+		}
+		if child.PresencePenalty == nil || *child.PresencePenalty != 0.2 {
+			t.Errorf("PresencePenalty = %v, want 0.2", child.PresencePenalty)
+		}
+	})
+
+	t.Run("unset tri-state keys stay unset", func(t *testing.T) {
+		// A store with no sampler / max-tokens keys must leave the child's
+		// pointers nil and MaxTokens zero so per-model defaults still apply.
+		v := viper.New()
+		child := &Options{}
+		inheritProviderConfig(child, v)
+
+		if child.MaxTokens != 0 {
+			t.Errorf("MaxTokens = %d, want 0 (unset)", child.MaxTokens)
+		}
+		if child.Temperature != nil || child.TopP != nil || child.TopK != nil ||
+			child.FrequencyPenalty != nil || child.PresencePenalty != nil {
+			t.Error("sampler pointers must stay nil when the parent did not set them")
+		}
+		if child.ThinkingLevel != "" {
+			t.Errorf("ThinkingLevel = %q, want empty", child.ThinkingLevel)
+		}
+	})
+
+	t.Run("nil child or store is a no-op", func(t *testing.T) {
+		inheritProviderConfig(nil, viper.New())
+		inheritProviderConfig(&Options{}, nil)
+	})
+}

pkg/kit/models.go

@@ -61,3 +61,23 @@ func CheckProviderReady(provider string) error {
 	}
 	return models.GetGlobalRegistry().ValidateEnvironment(provider, "")
 }
+
+// ResolveProviderBaseURL returns the base API URL kit will use when talking to
+// the given provider, applying the same resolution order that CreateProvider
+// uses internally:
+//
+//  1. The provider's `api` field from the models.dev registry.
+//  2. The hard-coded default base URL of its npm SDK package (e.g.
+//     @ai-sdk/groq → https://api.groq.com/openai/v1).
+//  3. Template substitution against the current process environment when the
+//     URL contains "${VAR}" placeholders.
+//
+// Returns a non-nil error when the provider is unknown, when no URL can be
+// derived, or when a templated URL has unset placeholders.
+//
+// Use this from your SDK integration to surface the effective endpoint before
+// instantiating a Kit, or to validate that a provider is reachable without
+// running an actual request.
+func ResolveProviderBaseURL(providerID string) (string, error) {
+	return models.ResolveProviderBaseURL(providerID)
+}

pkg/kit/options.go

@@ -0,0 +1,88 @@
+package kit
+
+import "context"
+
+// Option configures a [Kit] created via [NewAgent]. Options are applied in
+// order to an [Options] value, so later options override earlier ones. The
+// type is a plain func(*Options), so callers can define their own options
+// without depending on any internal type.
+type Option func(*Options)
+
+// NewAgent creates a Kit using an ergonomic functional-options API. It is a
+// thin, additive front door over [New]: the supplied options are applied to a
+// fresh [Options] value which is then passed to [New]. For advanced
+// configuration not covered by the With* helpers (MCPConfig,
+// InProcessMCPServers, session backends, MCP task tuning, etc.) construct an
+// [Options] explicitly and call [New].
+//
+// Streaming defaults to enabled. Pass WithStreaming(false) to disable it.
+//
+// Example:
+//
+//	k, err := kit.NewAgent(ctx,
+//	    kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+//	    kit.WithSystemPrompt("You are a helpful assistant."),
+//	    kit.WithMaxTokens(8192),
+//	    kit.Ephemeral(),
+//	)
+func NewAgent(ctx context.Context, opts ...Option) (*Kit, error) {
+	// Streaming defaults to true for the ergonomic constructor — this is the
+	// natural expectation for interactive agents. WithStreaming(false) overrides it.
+	streamOn := true
+	o := &Options{Streaming: &streamOn}
+	for _, fn := range opts {
+		fn(o)
+	}
+	return New(ctx, o)
+}
+
+// WithModel sets the model in "provider/model" format
+// (e.g. "anthropic/claude-sonnet-4-5-20250929").
+func WithModel(m string) Option { return func(o *Options) { o.Model = m } }
+
+// WithSystemPrompt sets the system prompt. The value may be inline text or a
+// path to a file whose contents are loaded as the prompt.
+func WithSystemPrompt(p string) Option { return func(o *Options) { o.SystemPrompt = p } }
+
+// WithStreaming enables or disables streaming responses. [NewAgent] enables
+// streaming by default, so pass WithStreaming(false) to opt out.
+func WithStreaming(b bool) Option {
+	return func(o *Options) { o.Streaming = &b }
+}
+
+// WithMaxTokens sets the maximum output tokens per LLM response. A value of 0
+// lets the precedence chain (env → config → per-model → SDK floor) resolve a
+// value; a non-zero value pins it and suppresses automatic right-sizing.
+func WithMaxTokens(n int) Option { return func(o *Options) { o.MaxTokens = n } }
+
+// WithThinkingLevel sets the reasoning effort for models that support extended
+// thinking. Valid values: "off", "none", "minimal", "low", "medium", "high".
+// An empty string lets the precedence chain resolve a level.
+func WithThinkingLevel(level string) Option { return func(o *Options) { o.ThinkingLevel = level } }
+
+// WithTools sets the agent's tool set, replacing the default core tools. When
+// no tools are provided the default set is used.
+func WithTools(t ...Tool) Option { return func(o *Options) { o.Tools = t } }
+
+// WithExtraTools adds tools alongside the core/MCP/extension tools rather than
+// replacing them.
+func WithExtraTools(t ...Tool) Option { return func(o *Options) { o.ExtraTools = t } }
+
+// WithProviderAPIKey overrides the API key used to authenticate with the model
+// provider.
+func WithProviderAPIKey(key string) Option { return func(o *Options) { o.ProviderAPIKey = key } }
+
+// WithProviderURL overrides the provider endpoint URL. Useful for
+// OpenAI-compatible proxies (LiteLLM, vLLM, Azure OpenAI, etc.).
+func WithProviderURL(url string) Option { return func(o *Options) { o.ProviderURL = url } }
+
+// WithConfigFile sets an explicit config file path, overriding the default
+// .kit.yml search.
+func WithConfigFile(path string) Option { return func(o *Options) { o.ConfigFile = path } }
+
+// WithDebug enables SDK debug logging.
+func WithDebug() Option { return func(o *Options) { o.Debug = true } }
+
+// Ephemeral configures an in-memory session with no persistence (equivalent to
+// Options.NoSession = true).
+func Ephemeral() Option { return func(o *Options) { o.NoSession = true } }

pkg/kit/runtime_skills_context_test.go

@@ -0,0 +1,342 @@
+package kit
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+	"sync"
+	"testing"
+
+	"github.com/mark3labs/kit/internal/agent"
+	"github.com/mark3labs/kit/internal/skills"
+)
+
+// TestAddSkill_AddsAndDeduplicates verifies that AddSkill registers new skills
+// and that re-adding a skill with the same Name replaces the existing entry
+// rather than appending a duplicate. agent is nil in these tests; the method
+// must still mutate the in-memory state and tolerate the absent agent.
+func TestAddSkill_AddsAndDeduplicates(t *testing.T) {
+	k := &Kit{basePrompt: "base"}
+
+	if err := k.AddSkill(&skills.Skill{Name: "alpha", Content: "first"}); err != nil {
+		t.Fatalf("AddSkill alpha: %v", err)
+	}
+	if err := k.AddSkill(&skills.Skill{Name: "beta", Content: "second"}); err != nil {
+		t.Fatalf("AddSkill beta: %v", err)
+	}
+	got := k.GetSkills()
+	if len(got) != 2 {
+		t.Fatalf("expected 2 skills, got %d", len(got))
+	}
+
+	// Re-adding alpha with new content must replace, not duplicate.
+	if err := k.AddSkill(&skills.Skill{Name: "alpha", Content: "replaced"}); err != nil {
+		t.Fatalf("AddSkill alpha replace: %v", err)
+	}
+	got = k.GetSkills()
+	if len(got) != 2 {
+		t.Fatalf("expected 2 skills after replace, got %d", len(got))
+	}
+	for _, s := range got {
+		if s.Name == "alpha" && s.Content != "replaced" {
+			t.Errorf("alpha content = %q; want %q", s.Content, "replaced")
+		}
+	}
+}
+
+// TestAddSkill_Validation rejects nil skills and unnamed skills with errors
+// instead of corrupting state.
+func TestAddSkill_Validation(t *testing.T) {
+	k := &Kit{}
+	if err := k.AddSkill(nil); err == nil {
+		t.Error("expected error for nil skill")
+	}
+	if err := k.AddSkill(&skills.Skill{Content: "x"}); err == nil {
+		t.Error("expected error for unnamed skill")
+	}
+	if got := k.GetSkills(); got != nil {
+		t.Errorf("skills list mutated after invalid AddSkill calls: %#v", got)
+	}
+}
+
+// TestRemoveSkill verifies removal and the false return for misses.
+func TestRemoveSkill(t *testing.T) {
+	k := &Kit{}
+	_ = k.AddSkill(&skills.Skill{Name: "alpha"})
+	_ = k.AddSkill(&skills.Skill{Name: "beta"})
+
+	if removed := k.RemoveSkill("missing"); removed {
+		t.Error("RemoveSkill(missing) = true; want false")
+	}
+	if removed := k.RemoveSkill("alpha"); !removed {
+		t.Error("RemoveSkill(alpha) = false; want true")
+	}
+	got := k.GetSkills()
+	if len(got) != 1 || got[0].Name != "beta" {
+		t.Errorf("remaining skills = %#v; want [beta]", got)
+	}
+}
+
+// TestSetSkills replaces the entire set and validates input.
+func TestSetSkills(t *testing.T) {
+	k := &Kit{}
+	_ = k.AddSkill(&skills.Skill{Name: "alpha"})
+
+	err := k.SetSkills([]*skills.Skill{
+		{Name: "one"},
+		{Name: "two"},
+		{Name: "three"},
+	})
+	if err != nil {
+		t.Fatalf("SetSkills: %v", err)
+	}
+	if got := k.GetSkills(); len(got) != 3 {
+		t.Errorf("expected 3 skills, got %d", len(got))
+	}
+
+	// Invalid entry rejects the whole batch.
+	bad := []*skills.Skill{{Name: "ok"}, nil}
+	if err := k.SetSkills(bad); err == nil {
+		t.Error("expected error when batch contains nil")
+	}
+	// State unchanged after rejected batch.
+	if got := k.GetSkills(); len(got) != 3 {
+		t.Errorf("skills mutated by rejected SetSkills batch: len=%d", len(got))
+	}
+
+	// Empty slice clears.
+	if err := k.SetSkills(nil); err != nil {
+		t.Fatalf("SetSkills(nil): %v", err)
+	}
+	if got := k.GetSkills(); got != nil {
+		t.Errorf("expected nil skills after clear; got %#v", got)
+	}
+}
+
+// TestLoadAndAddSkill round-trips a skill file from disk.
+func TestLoadAndAddSkill(t *testing.T) {
+	dir := t.TempDir()
+	path := filepath.Join(dir, "demo.md")
+	body := "---\nname: demo\ndescription: demo skill\n---\nhello world"
+	if err := os.WriteFile(path, []byte(body), 0o644); err != nil {
+		t.Fatalf("write skill file: %v", err)
+	}
+
+	k := &Kit{}
+	s, err := k.LoadAndAddSkill(path)
+	if err != nil {
+		t.Fatalf("LoadAndAddSkill: %v", err)
+	}
+	if s.Name != "demo" {
+		t.Errorf("loaded skill Name = %q; want demo", s.Name)
+	}
+	if got := k.GetSkills(); len(got) != 1 {
+		t.Errorf("expected 1 skill registered, got %d", len(got))
+	}
+}
+
+// TestAddContextFile_DeduplicatesByPath confirms identical paths replace
+// rather than duplicate.
+func TestAddContextFile_DeduplicatesByPath(t *testing.T) {
+	k := &Kit{}
+	if err := k.AddContextFile(&ContextFile{Path: "/a/AGENTS.md", Content: "v1"}); err != nil {
+		t.Fatalf("AddContextFile: %v", err)
+	}
+	if err := k.AddContextFile(&ContextFile{Path: "/b/AGENTS.md", Content: "vB"}); err != nil {
+		t.Fatalf("AddContextFile: %v", err)
+	}
+	if err := k.AddContextFile(&ContextFile{Path: "/a/AGENTS.md", Content: "v2"}); err != nil {
+		t.Fatalf("AddContextFile replace: %v", err)
+	}
+
+	got := k.GetContextFiles()
+	if len(got) != 2 {
+		t.Fatalf("expected 2 context files, got %d", len(got))
+	}
+	for _, cf := range got {
+		if cf.Path == "/a/AGENTS.md" && cf.Content != "v2" {
+			t.Errorf("/a/AGENTS.md content = %q; want v2", cf.Content)
+		}
+	}
+}
+
+// TestAddContextFile_Validation rejects nil and unpathed entries.
+func TestAddContextFile_Validation(t *testing.T) {
+	k := &Kit{}
+	if err := k.AddContextFile(nil); err == nil {
+		t.Error("expected error for nil context file")
+	}
+	if err := k.AddContextFile(&ContextFile{Content: "x"}); err == nil {
+		t.Error("expected error for empty path")
+	}
+}
+
+// TestRemoveContextFile_Behavior verifies remove returns true on hit and
+// false on miss without mutating state on a miss.
+func TestRemoveContextFile_Behavior(t *testing.T) {
+	k := &Kit{}
+	_ = k.AddContextFile(&ContextFile{Path: "/a", Content: "x"})
+	_ = k.AddContextFile(&ContextFile{Path: "/b", Content: "y"})
+
+	if removed := k.RemoveContextFile("/missing"); removed {
+		t.Error("RemoveContextFile(missing) = true; want false")
+	}
+	if removed := k.RemoveContextFile("/a"); !removed {
+		t.Error("RemoveContextFile(/a) = false; want true")
+	}
+	got := k.GetContextFiles()
+	if len(got) != 1 || got[0].Path != "/b" {
+		t.Errorf("remaining = %#v; want [/b]", got)
+	}
+}
+
+// TestSetContextFiles replaces and validates batch input.
+func TestSetContextFiles(t *testing.T) {
+	k := &Kit{}
+	_ = k.AddContextFile(&ContextFile{Path: "/seed", Content: "old"})
+
+	err := k.SetContextFiles([]*ContextFile{
+		{Path: "/x", Content: "x"},
+		{Path: "/y", Content: "y"},
+	})
+	if err != nil {
+		t.Fatalf("SetContextFiles: %v", err)
+	}
+	if got := k.GetContextFiles(); len(got) != 2 {
+		t.Errorf("expected 2 context files, got %d", len(got))
+	}
+
+	bad := []*ContextFile{{Path: "/ok"}, {Path: ""}}
+	if err := k.SetContextFiles(bad); err == nil {
+		t.Error("expected error for empty path in batch")
+	}
+	if got := k.GetContextFiles(); len(got) != 2 {
+		t.Errorf("state mutated by rejected batch: len=%d", len(got))
+	}
+
+	if err := k.SetContextFiles(nil); err != nil {
+		t.Fatalf("SetContextFiles(nil): %v", err)
+	}
+	if got := k.GetContextFiles(); got != nil {
+		t.Errorf("expected nil after clear; got %#v", got)
+	}
+}
+
+// TestLoadAndAddContextFile reads from disk and registers the context file.
+func TestLoadAndAddContextFile(t *testing.T) {
+	dir := t.TempDir()
+	path := filepath.Join(dir, "AGENTS.md")
+	const content = "# Agent rules\nuse the new lint config"
+	if err := os.WriteFile(path, []byte(content), 0o644); err != nil {
+		t.Fatalf("write file: %v", err)
+	}
+
+	k := &Kit{}
+	cf, err := k.LoadAndAddContextFile(path)
+	if err != nil {
+		t.Fatalf("LoadAndAddContextFile: %v", err)
+	}
+	if !strings.HasSuffix(cf.Path, "AGENTS.md") {
+		t.Errorf("Path = %q; want suffix AGENTS.md", cf.Path)
+	}
+	if !strings.Contains(cf.Content, "use the new lint config") {
+		t.Errorf("Content missing expected body: %q", cf.Content)
+	}
+	got := k.GetContextFiles()
+	if len(got) != 1 {
+		t.Fatalf("expected 1 context file, got %d", len(got))
+	}
+}
+
+// TestAddContextFileContent registers an in-memory context blob.
+func TestAddContextFileContent(t *testing.T) {
+	k := &Kit{}
+	cf, err := k.AddContextFileContent("session://user-123/AGENTS.md", "always greet in French")
+	if err != nil {
+		t.Fatalf("AddContextFileContent: %v", err)
+	}
+	if cf.Path != "session://user-123/AGENTS.md" {
+		t.Errorf("Path = %q", cf.Path)
+	}
+	if cf.Content != "always greet in French" {
+		t.Errorf("Content = %q", cf.Content)
+	}
+}
+
+// TestComposeSystemPrompt_IncludesSkillsAndContext verifies that runtime
+// mutations actually flow into the composed system prompt that the agent
+// would receive.
+func TestComposeSystemPrompt_IncludesSkillsAndContext(t *testing.T) {
+	k := &Kit{basePrompt: "BASE-PROMPT-MARKER"}
+
+	if err := k.AddContextFile(&ContextFile{
+		Path:    "/proj/AGENTS.md",
+		Content: "CTX-MARKER-OK",
+	}); err != nil {
+		t.Fatalf("AddContextFile: %v", err)
+	}
+	if err := k.AddSkill(&skills.Skill{
+		Name:        "greeter",
+		Description: "SKILL-DESC-MARKER",
+		Content:     "do greetings",
+		Path:        "/skills/greeter.md",
+	}); err != nil {
+		t.Fatalf("AddSkill: %v", err)
+	}
+
+	composed := k.composeSystemPrompt(k.basePrompt)
+	for _, want := range []string{
+		"BASE-PROMPT-MARKER",
+		"CTX-MARKER-OK",
+		"/proj/AGENTS.md",
+		"greeter",
+		"SKILL-DESC-MARKER",
+	} {
+		if !strings.Contains(composed, want) {
+			t.Errorf("composed prompt missing %q\n--- composed ---\n%s", want, composed)
+		}
+	}
+
+	// Removing the skill should remove its marker from the next composition.
+	k.RemoveSkill("greeter")
+	composed = k.composeSystemPrompt(k.basePrompt)
+	if strings.Contains(composed, "SKILL-DESC-MARKER") {
+		t.Errorf("composed prompt still contains removed skill description:\n%s", composed)
+	}
+}
+
+// TestRuntimeMutations_AreThreadSafe stresses the mutation API from multiple
+// goroutines to surface data races under `go test -race`.
+func TestRuntimeMutations_AreThreadSafe(t *testing.T) {
+	// Use a non-nil agent so applyComposedSystemPrompt actually invokes
+	// agent.SetSystemPrompt (a no-op agent is fine — we only need the
+	// systemPrompt mutation + fantasy rebuild path to run concurrently so
+	// -race can observe any unsynchronized writes).
+	k := &Kit{basePrompt: "base", agent: &agent.Agent{}}
+	var wg sync.WaitGroup
+	const goroutines = 8
+	const iterations = 50
+
+	for g := range goroutines {
+		wg.Add(1)
+		go func(id int) {
+			defer wg.Done()
+			for range iterations {
+				_ = k.AddSkill(&skills.Skill{
+					Name:    "skill",
+					Content: "content",
+				})
+				_ = k.AddContextFile(&ContextFile{
+					Path:    "/shared/AGENTS.md",
+					Content: "shared",
+				})
+				_ = k.GetSkills()
+				_ = k.GetContextFiles()
+				_ = k.composeSystemPrompt("base")
+				k.RemoveSkill("skill")
+				k.RemoveContextFile("/shared/AGENTS.md")
+			}
+		}(g)
+	}
+	wg.Wait()
+}

pkg/kit/skills.go

@@ -139,13 +139,150 @@ func (m *Kit) ClearSkillCache() {
 }
 
 // ReloadSkills re-discovers skills from disk, replacing the current set.
-// This is called by file watchers when skill files change.
+// This is called by file watchers when skill files change. The system prompt
+// is recomposed and applied to the running agent so subsequent turns see the
+// new skill set.
 func (m *Kit) ReloadSkills() error {
 	newSkills, err := loadSkills(m.opts)
 	if err != nil {
 		return fmt.Errorf("reloading skills: %w", err)
 	}
+	m.runtimeMu.Lock()
 	m.skills = newSkills
+	m.runtimeMu.Unlock()
 	m.ClearSkillCache()
+	m.applyComposedSystemPrompt()
 	return nil
 }
+
+// ---------------------------------------------------------------------------
+// Runtime skill management (Issue #36)
+// ---------------------------------------------------------------------------
+//
+// The methods below let SDK consumers (chatbot hosts, multi-tenant agents)
+// mutate the active skill set after Kit construction. Each mutation recomposes
+// the system prompt and applies it to the underlying agent so the LLM sees
+// the new skill metadata on its next turn.
+
+// AddSkill registers a single skill on this Kit instance. The skill object
+// can be built programmatically (no file on disk required) — only Name and
+// Content are mandatory. If a skill with the same Name is already loaded the
+// new skill replaces it. Returns an error when skill is nil or has an empty
+// name.
+//
+// After mutation the system prompt is recomposed and applied to the running
+// agent so the next turn sees the updated skill metadata. AddSkill is safe to
+// call from any goroutine.
+func (m *Kit) AddSkill(skill *Skill) error {
+	if skill == nil {
+		return fmt.Errorf("AddSkill: skill is nil")
+	}
+	if skill.Name == "" {
+		return fmt.Errorf("AddSkill: skill name is required")
+	}
+
+	m.runtimeMu.Lock()
+	replaced := false
+	for i, s := range m.skills {
+		if s.Name == skill.Name {
+			m.skills[i] = skill
+			replaced = true
+			break
+		}
+	}
+	if !replaced {
+		m.skills = append(m.skills, skill)
+	}
+	m.runtimeMu.Unlock()
+
+	m.ClearSkillCache()
+	m.applyComposedSystemPrompt()
+	return nil
+}
+
+// LoadAndAddSkill loads a skill from a filesystem path (single .md/.txt file)
+// and adds it via [Kit.AddSkill]. Returns the loaded skill on success.
+func (m *Kit) LoadAndAddSkill(path string) (*Skill, error) {
+	s, err := skills.LoadSkill(path)
+	if err != nil {
+		return nil, fmt.Errorf("LoadAndAddSkill: %w", err)
+	}
+	if err := m.AddSkill(s); err != nil {
+		return nil, err
+	}
+	return s, nil
+}
+
+// RemoveSkill removes the named skill from this Kit instance and recomposes
+// the system prompt. Returns true when a skill with that name was found and
+// removed, false otherwise.
+func (m *Kit) RemoveSkill(name string) bool {
+	m.runtimeMu.Lock()
+	found := false
+	for i, s := range m.skills {
+		if s.Name == name {
+			m.skills = append(m.skills[:i], m.skills[i+1:]...)
+			found = true
+			break
+		}
+	}
+	m.runtimeMu.Unlock()
+
+	if !found {
+		return false
+	}
+	m.ClearSkillCache()
+	m.applyComposedSystemPrompt()
+	return true
+}
+
+// SetSkills replaces the active skill set with the provided slice. Pass nil
+// or an empty slice to remove all skills. The system prompt is recomposed and
+// applied. Skills with empty names are rejected and no mutation is performed.
+func (m *Kit) SetSkills(skillList []*Skill) error {
+	// Validate first so a bad input doesn't partially mutate state.
+	for i, s := range skillList {
+		if s == nil {
+			return fmt.Errorf("SetSkills: skill at index %d is nil", i)
+		}
+		if s.Name == "" {
+			return fmt.Errorf("SetSkills: skill at index %d has empty name", i)
+		}
+	}
+
+	copied := make([]*Skill, len(skillList))
+	copy(copied, skillList)
+
+	m.runtimeMu.Lock()
+	m.skills = copied
+	m.runtimeMu.Unlock()
+
+	m.ClearSkillCache()
+	m.applyComposedSystemPrompt()
+	return nil
+}
+
+// applyComposedSystemPrompt recomposes the system prompt from the captured
+// base prompt + current contextFiles + current skills + date/cwd, and pushes
+// the result onto the underlying agent. No-op when the agent is unset (i.e.
+// during construction).
+func (m *Kit) applyComposedSystemPrompt() {
+	if m.agent == nil {
+		return
+	}
+	m.runtimeMu.RLock()
+	base := m.basePrompt
+	m.runtimeMu.RUnlock()
+	composed := m.composeSystemPrompt(base)
+	m.agent.SetSystemPrompt(composed)
+}
+
+// RefreshSystemPrompt manually recomposes the system prompt from the current
+// skills and context files and applies it to the agent. Call this after a
+// batch of low-level mutations or to force a re-render of the date/cwd
+// section. Most callers don't need to invoke this directly because
+// AddSkill, RemoveSkill, SetSkills, AddContextFile, RemoveContextFile, and
+// SetContextFiles all refresh automatically.
+func (m *Kit) RefreshSystemPrompt() {
+	m.applyComposedSystemPrompt()
+}

pkg/kit/viper_isolation_test.go

@@ -0,0 +1,232 @@
+package kit_test
+
+import (
+	"context"
+	"os"
+	"testing"
+
+	"github.com/mark3labs/kit/pkg/kit"
+)
+
+// TestOptionFunctionsPlumbing verifies that the functional options apply their
+// values to the underlying Options struct. This does not create a provider, so
+// it runs without API keys.
+func TestOptionFunctionsPlumbing(t *testing.T) {
+	o := &kit.Options{}
+	opts := []kit.Option{
+		kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+		kit.WithSystemPrompt("be terse"),
+		kit.WithMaxTokens(4321),
+		kit.WithThinkingLevel("high"),
+		kit.WithProviderAPIKey("sk-test"),
+		kit.WithProviderURL("https://example.test/v1"),
+		kit.WithConfigFile("/tmp/.kit.yml"),
+		kit.WithStreaming(false),
+		kit.WithDebug(),
+		kit.Ephemeral(),
+	}
+	for _, fn := range opts {
+		fn(o)
+	}
+
+	if o.Model != "anthropic/claude-sonnet-4-5-20250929" {
+		t.Errorf("WithModel: got %q", o.Model)
+	}
+	if o.SystemPrompt != "be terse" {
+		t.Errorf("WithSystemPrompt: got %q", o.SystemPrompt)
+	}
+	if o.MaxTokens != 4321 {
+		t.Errorf("WithMaxTokens: got %d", o.MaxTokens)
+	}
+	if o.ThinkingLevel != "high" {
+		t.Errorf("WithThinkingLevel: got %q", o.ThinkingLevel)
+	}
+	if o.ProviderAPIKey != "sk-test" {
+		t.Errorf("WithProviderAPIKey: got %q", o.ProviderAPIKey)
+	}
+	if o.ProviderURL != "https://example.test/v1" {
+		t.Errorf("WithProviderURL: got %q", o.ProviderURL)
+	}
+	if o.ConfigFile != "/tmp/.kit.yml" {
+		t.Errorf("WithConfigFile: got %q", o.ConfigFile)
+	}
+	if o.Streaming == nil {
+		t.Error("WithStreaming: expected Streaming to be set (non-nil)")
+	} else if *o.Streaming {
+		t.Error("WithStreaming(false): expected *Streaming=false")
+	}
+	if !o.Debug {
+		t.Error("WithDebug: expected Debug=true")
+	}
+	if !o.NoSession {
+		t.Error("Ephemeral: expected NoSession=true")
+	}
+}
+
+// TestOptionOrderingOverrides verifies later options override earlier ones.
+func TestOptionOrderingOverrides(t *testing.T) {
+	o := &kit.Options{}
+	kit.WithModel("a/b")(o)
+	kit.WithModel("c/d")(o)
+	if o.Model != "c/d" {
+		t.Errorf("later WithModel should win; got %q", o.Model)
+	}
+}
+
+// TestKitConfigIsolation is the regression test for issue #40: two Kit
+// instances constructed in the same process must own independent configuration
+// stores. Setting the thinking level (or model) on one must not affect the
+// other. Against the previous global-viper implementation this test fails
+// because both Kits read and write the same process-global store.
+func TestKitConfigIsolation(t *testing.T) {
+	if os.Getenv("ANTHROPIC_API_KEY") == "" {
+		t.Skip("Skipping test: ANTHROPIC_API_KEY not set")
+	}
+
+	ctx := context.Background()
+
+	a, err := kit.New(ctx, &kit.Options{
+		Model:         "anthropic/claude-sonnet-4-5-20250929",
+		ThinkingLevel: "low",
+		Quiet:         true,
+		NoSession:     true,
+		NoExtensions:  true,
+	})
+	if err != nil {
+		t.Fatalf("failed to create Kit A: %v", err)
+	}
+	defer func() { _ = a.Close() }()
+
+	b, err := kit.New(ctx, &kit.Options{
+		Model:         "anthropic/claude-sonnet-4-5-20250929",
+		ThinkingLevel: "high",
+		Quiet:         true,
+		NoSession:     true,
+		NoExtensions:  true,
+	})
+	if err != nil {
+		t.Fatalf("failed to create Kit B: %v", err)
+	}
+	defer func() { _ = b.Close() }()
+
+	// Each instance must retain its own configured thinking level. Under the
+	// old global-viper implementation, B's construction overwrote A's value.
+	if got := a.GetThinkingLevel(); got != "low" {
+		t.Errorf("Kit A thinking level = %q; want %q (config leaked from B)", got, "low")
+	}
+	if got := b.GetThinkingLevel(); got != "high" {
+		t.Errorf("Kit B thinking level = %q; want %q", got, "high")
+	}
+
+	// Mutating one at runtime must not bleed into the other.
+	if err := a.SetThinkingLevel(ctx, "medium"); err != nil {
+		t.Fatalf("SetThinkingLevel on A: %v", err)
+	}
+	if got := a.GetThinkingLevel(); got != "medium" {
+		t.Errorf("after SetThinkingLevel, Kit A = %q; want %q", got, "medium")
+	}
+	if got := b.GetThinkingLevel(); got != "high" {
+		t.Errorf("after mutating A, Kit B leaked to %q; want %q", got, "high")
+	}
+}
+
+// TestNewAgentDefaultsStreamingOn verifies that the ergonomic constructor
+// enables streaming by default and applies functional options.
+func TestNewAgentDefaultsStreamingOn(t *testing.T) {
+	if os.Getenv("ANTHROPIC_API_KEY") == "" {
+		t.Skip("Skipping test: ANTHROPIC_API_KEY not set")
+	}
+
+	ctx := context.Background()
+	k, err := kit.NewAgent(ctx,
+		kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+		kit.WithMaxTokens(2048),
+		kit.Ephemeral(),
+	)
+	if err != nil {
+		t.Fatalf("NewAgent failed: %v", err)
+	}
+	defer func() { _ = k.Close() }()
+
+	if !k.ConfigValueIsSetForTest("max-tokens") {
+		t.Error("NewAgent did not propagate WithMaxTokens to the instance store")
+	}
+	if !k.ConfigBoolForTest("stream") {
+		t.Error("NewAgent should enable streaming by default")
+	}
+}
+
+// TestNewAgentStreamingOptOut verifies WithStreaming(false) disables the
+// default-on streaming behaviour of NewAgent.
+func TestNewAgentStreamingOptOut(t *testing.T) {
+	if os.Getenv("ANTHROPIC_API_KEY") == "" {
+		t.Skip("Skipping test: ANTHROPIC_API_KEY not set")
+	}
+
+	ctx := context.Background()
+	k, err := kit.NewAgent(ctx,
+		kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+		kit.WithStreaming(false),
+		kit.Ephemeral(),
+	)
+	if err != nil {
+		t.Fatalf("NewAgent failed: %v", err)
+	}
+	defer func() { _ = k.Close() }()
+
+	if k.ConfigBoolForTest("stream") {
+		t.Error("WithStreaming(false) should disable streaming")
+	}
+}
+
+// TestNewZeroOptionsKeepsStreamingDefault is the regression test for the
+// unconditional `v.Set("stream", opts.Streaming)` bug: a zero-valued Options
+// (Streaming == nil) must NOT force stream=false. With Streaming unset,
+// streaming resolves through the precedence chain, whose SDK default is true.
+func TestNewZeroOptionsKeepsStreamingDefault(t *testing.T) {
+	if os.Getenv("ANTHROPIC_API_KEY") == "" {
+		t.Skip("Skipping test: ANTHROPIC_API_KEY not set")
+	}
+
+	ctx := context.Background()
+	k, err := kit.New(ctx, &kit.Options{
+		Model:      "anthropic/claude-sonnet-4-5-20250929",
+		Quiet:      true,
+		NoSession:  true,
+		SkipConfig: true, // isolate from any ~/.kit.yml / env stream setting
+	})
+	if err != nil {
+		t.Fatalf("New failed: %v", err)
+	}
+	defer func() { _ = k.Close() }()
+
+	if !k.ConfigBoolForTest("stream") {
+		t.Error("zero-valued Options must not force stream=false; expected the default (true)")
+	}
+}
+
+// TestNewStreamingExplicitOptOut verifies that a raw Options can still disable
+// streaming by setting Streaming to a pointer to false.
+func TestNewStreamingExplicitOptOut(t *testing.T) {
+	if os.Getenv("ANTHROPIC_API_KEY") == "" {
+		t.Skip("Skipping test: ANTHROPIC_API_KEY not set")
+	}
+
+	streamOff := false
+	ctx := context.Background()
+	k, err := kit.New(ctx, &kit.Options{
+		Model:      "anthropic/claude-sonnet-4-5-20250929",
+		Quiet:      true,
+		NoSession:  true,
+		SkipConfig: true,
+		Streaming:  &streamOff,
+	})
+	if err != nil {
+		t.Fatalf("New failed: %v", err)
+	}
+	defer func() { _ = k.Close() }()
+
+	if k.ConfigBoolForTest("stream") {
+		t.Error("Streaming=&false should disable streaming")
+	}
+}

www/pages/cli/commands.md

@@ -110,6 +110,23 @@ Press **Ctrl+X s** during streaming to inject a system-level instruction mid-tur
 
 Example: While the model is writing code, press Ctrl+X s and type "Use async/await instead" to change the implementation approach.
 
+### Image attachments
+
+Attach images to your next prompt straight from the clipboard:
+
+- Copy an image (e.g. a screenshot) to the system clipboard, then press **Ctrl+V** in the input to attach it.
+- Press **Ctrl+U** to clear all pending image attachments.
+- Attachments are sent alongside your text when you submit, and cleared afterward.
+
+When a terminal supports color, Kit renders a small low-resolution **thumbnail preview** of each pending image directly in the input, below the `[N image(s) attached]` indicator, so you can confirm the right image was attached before sending.
+
+The preview is drawn with Unicode half-block characters and ordinary terminal colors — not a graphics protocol — so it renders correctly inside terminal multiplexers like **tmux** and **zellij**. Thumbnails are capped to a small cell box for a glanceable, low-res look.
+
+- Best fidelity needs a **truecolor** terminal (`COLORTERM=truecolor`); Kit degrades to 256-color where truecolor is unavailable.
+- On terminals with neither, the preview is skipped and the `[N image(s) attached]` text indicator is shown alone.
+
+You can also attach image files by referencing them with `@path/to/image.png` — binary files are auto-detected by MIME type. See [Quick Start](/quick-start) for the `@` attachment syntax.
+
 ## Prompt templates
 
 ### Creating templates

www/pages/configuration.md

@@ -88,6 +88,9 @@ mcpServers:
     type: remote
     url: "https://pubmed.mcp.example.com"
     noOAuth: true  # skip OAuth for public servers
+    headers:
+      - "ApiKey: ${env://API_KEY}"              # required env var
+      - "X-Tenant: ${env://TENANT_ID:-default}" # with fallback default
 
   builds:
     type: remote
@@ -106,9 +109,10 @@ mcpServers:
 | `allowedTools` | list | Whitelist of tool names to expose |
 | `excludedTools` | list | Blacklist of tool names to hide |
 | `noOAuth` | bool | Skip OAuth for this server (for public servers that don't require auth) |
+| `headers` | list of strings | HTTP headers to attach to every request, each as a `"Key: Value"` string. Values support env-substitution: `${env://VAR}` or `${env://VAR:-default}`. |
 | `tasksMode` | string | When to augment `tools/call` with MCP task metadata: `auto` (default — only when the server advertises task support), `never`, or `always`. See [MCP tasks](#mcp-tasks-long-running-tools). |
 
-A legacy format with `transport`, `args`, `env`, and `headers` fields is also supported.
+A legacy format with `transport`, `args`, and `env` fields is also supported; `headers` works in both the current and legacy formats.
 
 ### MCP tasks (long-running tools)
 

www/pages/providers.md

@@ -143,6 +143,39 @@ The `custom/custom` model has zero cost, 262K context window, and supports reaso
 
 Optionally set `CUSTOM_API_KEY` environment variable or use `--provider-api-key` for endpoints requiring authentication.
 
+## Auto-routed providers
+
+Any provider in the [models.dev](https://models.dev) database can be used with the
+standard `provider/model` format, even without a dedicated native integration. Kit
+auto-routes the request through the matching **wire protocol** — the actual API
+shape the provider speaks — rather than requiring a per-provider code path:
+
+| Wire protocol | npm package (models.dev) | Transport used |
+|---------------|--------------------------|----------------|
+| OpenAI (Responses API) | `@ai-sdk/openai` | OpenAI |
+| OpenAI (chat completions) | `@ai-sdk/openai-compatible` | OpenAI-compatible |
+| Anthropic | `@ai-sdk/anthropic` | Anthropic |
+| Google Gemini | `@ai-sdk/google` | Google |
+
+The provider's `api` URL from the database is used as the base URL. A provider
+whose npm package isn't recognized but that has an `api` URL falls back to the
+OpenAI-compatible wire.
+
+Because routing follows the wire protocol, aggregator/proxy providers work across
+**all** of their models — including ones they re-flavor onto a different protocol
+via a per-model override. For example, an aggregator that proxies Claude, GPT,
+*and* Gemini routes them to the Anthropic, OpenAI, and Google transports
+respectively:
+
+```bash
+kit --model opencode/claude-haiku-4-5 "Hello"     # → Anthropic wire
+kit --model opencode/gpt-5 "Hello"                # → OpenAI wire
+kit --model opencode/gemini-3.5-flash "Hello"     # → Google wire
+```
+
+Provide the provider's API key the same way as any other — via its environment
+variable (e.g. `OPENCODE_API_KEY`) or `--provider-api-key`.
+
 ## Model database
 
 Kit ships with a local model database that maps provider names to API configurations. You can manage it with:

www/pages/sdk/options.md

@@ -7,6 +7,16 @@ description: Configuration options for the Kit Go SDK.
 
 Pass an `Options` struct to `kit.New()` to configure the Kit instance.
 
+::: tip
+For simple setups, `kit.NewAgent(ctx, ...Option)` provides functional-options
+helpers (`WithModel`, `WithStreaming`, `Ephemeral`, ...) over the same `Options`
+struct. See [Functional options](/sdk/overview#functional-options-newagent).
+:::
+
+Each `kit.New` / `kit.NewAgent` call owns an isolated configuration store, so
+these options never leak between Kit instances in the same process. See
+[Per-instance config isolation](/sdk/overview#per-instance-config-isolation).
+
 ## Full options reference
 
 ```go
@@ -18,7 +28,7 @@ host, err := kit.New(ctx, &kit.Options{
 
     // Behavior
     MaxSteps:     10,
-    Streaming:    true,
+    Streaming:    ptrBool(true), // *bool: nil = unset (default true), &false = off
     Quiet:        true,
     Debug:        true,
 
@@ -91,7 +101,7 @@ host, err := kit.New(ctx, &kit.Options{
 | `SystemPrompt` | `string` | — | System prompt text or file path |
 | `ConfigFile` | `string` | `~/.kit.yml` | Path to config file |
 | `MaxSteps` | `int` | `0` | Max agent steps (0 = unlimited) |
-| `Streaming` | `bool` | `true` | Enable streaming output |
+| `Streaming` | `*bool` | `nil` | Enable streaming output. `nil` leaves it to the precedence chain (env → config → default `true`); `&true`/`&false` forces it. Pointer so unset is distinct from explicit `false`. |
 | `Quiet` | `bool` | `false` | Suppress output |
 | `Debug` | `bool` | `false` | Enable debug logging |
 
@@ -114,9 +124,10 @@ defaults for samplers).
 | `FrequencyPenalty` | `*float32` | — | OpenAI-family frequency penalty. `nil` leaves provider default. |
 | `PresencePenalty` | `*float32` | — | OpenAI-family presence penalty. `nil` leaves provider default. |
 
-Pointer-typed samplers are populated via a tiny helper:
+Pointer-typed fields (`Streaming` and the samplers) are populated via tiny helpers:
 
 ```go
+func ptrBool(v bool) *bool          { return &v }
 func ptrFloat32(v float32) *float32 { return &v }
 ```
 
@@ -127,7 +138,7 @@ when embedding Kit as a library.
 
 | Field | Type | Default | Description |
 |-------|------|---------|-------------|
-| `ProviderAPIKey` | `string` | — | API key used to authenticate with the provider. `""` falls back to config / provider-specific env var (e.g. `ANTHROPIC_API_KEY`). When set, overrides any pre-existing viper state. |
+| `ProviderAPIKey` | `string` | — | API key used to authenticate with the provider. `""` falls back to config / provider-specific env var (e.g. `ANTHROPIC_API_KEY`). When set, it takes precedence over config and env values on this instance's store. |
 | `ProviderURL` | `string` | — | Override the provider endpoint (e.g. LiteLLM, vLLM, Azure OpenAI, internal proxy). `""` = provider default. |
 | `TLSSkipVerify` | `bool` | `false` | Disable TLS certificate verification on the provider HTTP client. Only effective when `true`; to force-disable, use config file or env var instead. For self-signed dev certs only. |
 
@@ -160,6 +171,14 @@ when embedding Kit as a library.
 | `SkillsDir` | `string` | — | Override default skills directory |
 | `NoSkills` | `bool` | `false` | Disable skill loading entirely |
 
+These fields only control the **initial** skill and context-file set picked
+up by `New()`. To add, remove, or replace skills and `AGENTS.md`-style
+context files at runtime (e.g. per user or per session), use the
+`AddSkill` / `LoadAndAddSkill` / `RemoveSkill` / `SetSkills` and
+`AddContextFile` / `AddContextFileContent` / `RemoveContextFile` /
+`SetContextFiles` methods on `*kit.Kit`. See
+[Runtime skills and context files](/sdk/overview#runtime-skills-and-context-files).
+
 ### Compaction & MCP
 
 | Field | Type | Default | Description |

www/pages/sdk/overview.md

@@ -45,6 +45,73 @@ func main() {
 }
 ```
 
+## Functional options (`NewAgent`)
+
+For simple programmatic setups, `kit.NewAgent` offers an ergonomic
+functional-options front door over `kit.New`. Streaming is **enabled by
+default**; pass `kit.WithStreaming(false)` to opt out.
+
+```go
+host, err := kit.NewAgent(ctx,
+    kit.WithModel("anthropic/claude-sonnet-4-5-20250929"),
+    kit.WithSystemPrompt("You are a helpful assistant."),
+    kit.WithMaxTokens(8192),
+    kit.WithThinkingLevel("medium"),
+    kit.Ephemeral(), // in-memory session, no persistence
+)
+if err != nil {
+    log.Fatal(err)
+}
+defer host.Close()
+```
+
+Available options:
+
+| Option | Sets |
+|--------|------|
+| `WithModel(string)` | `Options.Model` (provider/model format) |
+| `WithSystemPrompt(string)` | `Options.SystemPrompt` (inline text or file path) |
+| `WithStreaming(bool)` | `Options.Streaming` (default `true` under `NewAgent`) |
+| `WithMaxTokens(int)` | `Options.MaxTokens` |
+| `WithThinkingLevel(string)` | `Options.ThinkingLevel` |
+| `WithTools(...Tool)` | `Options.Tools` (replaces the default set) |
+| `WithExtraTools(...Tool)` | `Options.ExtraTools` (adds alongside defaults) |
+| `WithProviderAPIKey(string)` | `Options.ProviderAPIKey` |
+| `WithProviderURL(string)` | `Options.ProviderURL` |
+| `WithConfigFile(string)` | `Options.ConfigFile` |
+| `WithDebug()` | `Options.Debug = true` |
+| `Ephemeral()` | `Options.NoSession = true` |
+
+Options are applied in order, so later options override earlier ones. `Option`
+is a plain `func(*Options)`, so you can define your own. For advanced
+configuration not covered by the helpers (custom MCP config, in-process MCP
+servers, session backends, MCP task tuning) construct an `Options` value
+explicitly and call `kit.New`.
+
+### When to use which
+
+| Constructor | Use when |
+|-------------|----------|
+| `kit.NewAgent(ctx, ...Option)` | Quick programmatic setups; you only need the common fields. Streaming defaults on. |
+| `kit.New(ctx, *Options)` | You need fields without a `With*` helper (`MCPConfig`, `InProcessMCPServers`, `SessionManager`, MCP task tuning, etc.), or you already hold an `Options` value. |
+
+## Per-instance config isolation
+
+Each `kit.New` / `kit.NewAgent` call owns an **isolated configuration store**,
+so constructing multiple Kit instances in the same process is safe: setting the
+model, thinking level, or generation parameters on one never affects another,
+and runtime mutators (`SetModel`, `SetThinkingLevel`) only touch the owning
+instance. This makes subagent spawning and multi-Kit embedding race-free with
+no external synchronization required.
+
+```go
+a, _ := kit.NewAgent(ctx, kit.WithThinkingLevel("low"))
+b, _ := kit.NewAgent(ctx, kit.WithThinkingLevel("high"))
+
+a.SetThinkingLevel(ctx, "medium")
+// a.GetThinkingLevel() == "medium"; b.GetThinkingLevel() is still "high"
+```
+
 ## Multi-turn conversations
 
 Conversations retain context automatically across calls:
@@ -201,6 +268,66 @@ host, _ := kit.New(ctx, &kit.Options{
 n, _ := host.AddInProcessMCPServer(ctx, "docs", mcpSrv)
 ```
 
+## Runtime skills and context files
+
+Kit auto-discovers skills and `AGENTS.md`-style context files during `New()`,
+but multi-tenant hosts (chatbots, web services, per-user agents) often need
+to swap these **after** construction. The runtime mutators below recompose
+the system prompt and apply it to the agent so the next turn picks up the
+updated instructions — no restart, no file shuffling.
+
+```go
+// Add a programmatic skill — no file on disk required.
+host.AddSkill(&kit.Skill{
+    Name:        "polite-french",
+    Description: "Respond in French and always greet the user.",
+    Content:     "Always reply in French. Open every response with 'Bonjour'.",
+})
+
+// Or load one from disk.
+host.LoadAndAddSkill("/var/skills/refund-policy.md")
+
+// Project context (AGENTS.md equivalents): inline content from a DB...
+host.AddContextFileContent(
+    fmt.Sprintf("session://%s/AGENTS.md", userID),
+    rulesFromDB,
+)
+// ...or load from disk.
+host.LoadAndAddContextFile("/etc/agents/tenant-acme.md")
+
+// Remove individually when a session ends.
+host.RemoveSkill("polite-french")
+host.RemoveContextFile(fmt.Sprintf("session://%s/AGENTS.md", userID))
+
+// Or replace the whole set in one call.
+host.SetSkills(activeSkillsForUser)
+host.SetContextFiles(activeContextForUser)
+
+// Inspect current state (snapshot copies — safe to mutate).
+skills := host.GetSkills()
+ctxFiles := host.GetContextFiles()
+```
+
+Key points:
+
+- **Auto-refresh.** Every `Add*` / `Remove*` / `Set*` call recomposes the system
+  prompt against the captured base prompt (preserving per-model overrides and
+  `--system-prompt` resolution) and pushes the result onto the agent. Call
+  `host.RefreshSystemPrompt()` only if you mutate state through a different
+  path and need to force a re-render.
+- **Dedup keys.** Skills dedupe by `Name`; context files dedupe by `Path`.
+  Re-adding the same key replaces the entry instead of appending a duplicate.
+- **Path is opaque.** `ContextFile.Path` does not have to point at a real file
+  — it's only used for dedup and for the `Instructions from: <Path>` header
+  injected into the prompt. URIs like `session://user-123/AGENTS.md` work fine.
+- **Thread safety.** All readers and mutators are safe to call concurrently
+  from multiple goroutines; the underlying state is guarded by an internal
+  `RWMutex`.
+- **Init-time options still apply.** `Options.Skills`, `Options.SkillsDir`,
+  `Options.NoSkills`, and `Options.NoContextFiles` continue to control the
+  startup set; the runtime API mutates from whatever state `New()` produced.
+  See [SDK options](/sdk/options#skills--configuration).
+
 ## MCP prompts and resources
 
 Query prompts and resources exposed by connected MCP servers: