Merge pull request #87 from CJackHwang/dev

Merge pull request #82 from CJackHwang/codex/linear-mention-cja-10-ds2api-go-runtime-js

Align Go/JS tool-call parsing semantics and expand compat fixtures

.dockerignore

@@ -10,7 +10,9 @@ __pycache__
 .Python
 build/
 develop-eggs/
-dist/
+dist/*
+!dist/docker-input/
+!dist/docker-input/*.tar.gz
 downloads/
 eggs/
 .eggs/

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,20 +1,20 @@
-#### 💻 变更类型 | Change Type
-
-<!-- For change type, change [ ] to [x]. -->
-
-- [ ] ✨ feat
-- [ ] 🐛 fix
-- [ ] ♻️ refactor
-- [ ] 💄 style
-- [ ] 👷 build
-- [ ] ⚡️ perf
-- [ ] 📝 docs
-- [ ] 🔨 chore
-
-#### 🔀 变更说明 | Description of Change
-
-
-
-#### 📝 补充信息 | Additional Information
-
-
+#### 💻 变更类型 | Change Type
+
+<!-- For change type, change [ ] to [x]. -->
+
+- [ ] ✨ feat
+- [ ] 🐛 fix
+- [ ] ♻️ refactor
+- [ ] 💄 style
+- [ ] 👷 build
+- [ ] ⚡️ perf
+- [ ] 📝 docs
+- [ ] 🔨 chore
+
+#### 🔀 变更说明 | Description of Change
+
+<!-- Thank you for your Pull Request. Please provide a description above. -->
+
+#### 📝 补充信息 | Additional Information
+
+<!-- Add any other context about the Pull Request here. -->

.github/workflows/release-artifacts.yml

@@ -4,6 +4,12 @@ on:
   release:
     types:
       - published
+  workflow_dispatch:
+    inputs:
+      release_tag:
+        description: "Release tag to build/publish (e.g. v2.1.6)"
+        required: true
+        type: string
 
 permissions:
   contents: write
@@ -12,6 +18,8 @@ permissions:
 jobs:
   build-and-upload:
     runs-on: ubuntu-latest
+    env:
+      RELEASE_TAG: ${{ github.event.release.tag_name || github.event.inputs.release_tag }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -42,7 +50,7 @@ jobs:
       - name: Build Multi-Platform Archives
         run: |
           set -euo pipefail
-          TAG="${{ github.event.release.tag_name }}"
+          TAG="${RELEASE_TAG}"
           mkdir -p dist
 
           targets=(
@@ -79,6 +87,14 @@ jobs:
             rm -rf "${STAGE}"
           done
 
+      - name: Prepare Docker release inputs
+        run: |
+          set -euo pipefail
+          TAG="${RELEASE_TAG}"
+          mkdir -p dist/docker-input
+          cp "dist/ds2api_${TAG}_linux_amd64.tar.gz" "dist/docker-input/linux_amd64.tar.gz"
+          cp "dist/ds2api_${TAG}_linux_arm64.tar.gz" "dist/docker-input/linux_arm64.tar.gz"
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
 
@@ -89,12 +105,13 @@ jobs:
         run: |
           set -euo pipefail
           for i in {1..6}; do
-            if curl -fsSIL --max-time 15 https://ghcr.io/v2/ >/dev/null; then
+            code="$(curl -sS -o /dev/null -w '%{http_code}' --max-time 15 https://ghcr.io/v2/ || true)"
+            if [ "${code}" = "200" ] || [ "${code}" = "401" ] || [ "${code}" = "405" ]; then
               exit 0
             fi
             sleep "$((i * 10))"
           done
-          echo "GHCR endpoint is unreachable after multiple retries." >&2
+          echo "GHCR endpoint is unreachable after multiple retries (last status: ${code:-unknown})." >&2
           exit 1
 
       - name: Log in to GHCR (with retry)
@@ -116,7 +133,7 @@ jobs:
           images: |
             ghcr.io/${{ github.repository }}
           tags: |
-            type=raw,value=${{ github.event.release.tag_name }}
+            type=raw,value=${{ env.RELEASE_TAG }}
             type=raw,value=latest
 
       - name: Build and Push Docker Image
@@ -127,6 +144,7 @@ jobs:
         with:
           context: .
           file: ./Dockerfile
+          target: runtime-from-dist
           push: true
           platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta_release.outputs.tags }}
@@ -135,15 +153,17 @@ jobs:
       - name: Export Docker image archives for release assets
         run: |
           set -euo pipefail
-          TAG="${{ github.event.release.tag_name }}"
+          TAG="${RELEASE_TAG}"
 
           docker buildx build \
             --platform linux/amd64 \
+            --target runtime-from-dist \
             --output type=docker,dest="dist/ds2api_${TAG}_docker_linux_amd64.tar" \
             .
 
           docker buildx build \
             --platform linux/arm64 \
+            --target runtime-from-dist \
             --output type=docker,dest="dist/ds2api_${TAG}_docker_linux_arm64.tar" \
             .
 
@@ -155,10 +175,29 @@ jobs:
           set -euo pipefail
           (cd dist && sha256sum *.tar.gz *.zip > sha256sums.txt)
 
+      - name: Validate release tag
+        run: |
+          set -euo pipefail
+          TAG="${RELEASE_TAG}"
+          if [ -z "${TAG}" ]; then
+            echo "release tag is empty; set release_tag when using workflow_dispatch." >&2
+            exit 1
+          fi
+
       - name: Upload Release Assets
-        uses: softprops/action-gh-release@v2
-        with:
-          files: |
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          set -euo pipefail
+          TAG="${RELEASE_TAG}"
+          FILES=(
             dist/*.tar.gz
             dist/*.zip
             dist/sha256sums.txt
+          )
+
+          if gh release view "${TAG}" >/dev/null 2>&1; then
+            gh release upload "${TAG}" "${FILES[@]}" --clobber
+          else
+            gh release create "${TAG}" "${FILES[@]}" --title "${TAG}" --notes ""
+          fi

.github/workflows/release-dockerhub.yml

@@ -0,0 +1,127 @@
+name: Release to Docker Hub
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_type:
+        description: '版本类型'
+        required: true
+        default: 'patch'
+        type: choice
+        options:
+          - patch
+          - minor
+          - major
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get current version
+        id: get_version
+        run: |
+          LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
+          TAG_VERSION=${LATEST_TAG#v}
+
+          if [ -f VERSION ]; then
+            FILE_VERSION=$(cat VERSION | tr -d '[:space:]')
+          else
+            FILE_VERSION="0.0.0"
+          fi
+
+          function version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
+
+          if version_gt "$FILE_VERSION" "$TAG_VERSION"; then
+            VERSION="$FILE_VERSION"
+          else
+            VERSION="$TAG_VERSION"
+          fi
+
+          echo "Current version: $VERSION"
+          echo "current_version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Calculate next version
+        id: next_version
+        env:
+          VERSION_TYPE: ${{ github.event.inputs.version_type }}
+        run: |
+          VERSION="${{ steps.get_version.outputs.current_version }}"
+          BASE_VERSION=$(echo "$VERSION" | sed 's/-.*$//')
+
+          IFS='.' read -r -a version_parts <<< "$BASE_VERSION"
+          MAJOR="${version_parts[0]:-0}"
+          MINOR="${version_parts[1]:-0}"
+          PATCH="${version_parts[2]:-0}"
+
+          case "$VERSION_TYPE" in
+            major)
+              NEW_VERSION="$((MAJOR + 1)).0.0"
+              ;;
+            minor)
+              NEW_VERSION="${MAJOR}.$((MINOR + 1)).0"
+              ;;
+            *)
+              NEW_VERSION="${MAJOR}.${MINOR}.$((PATCH + 1))"
+              ;;
+          esac
+
+          echo "New version: $NEW_VERSION"
+          echo "new_version=$NEW_VERSION" >> $GITHUB_OUTPUT
+          echo "new_tag=v$NEW_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Update VERSION file
+        run: |
+          echo "${{ steps.next_version.outputs.new_version }}" > VERSION
+
+      - name: Commit VERSION and create tag
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+          git add VERSION
+          if ! git diff --cached --quiet; then
+            git commit -m "chore: bump version to ${{ steps.next_version.outputs.new_tag }} [skip ci]"
+          fi
+
+          NEW_TAG="${{ steps.next_version.outputs.new_tag }}"
+          git tag -a "$NEW_TAG" -m "Release $NEW_TAG"
+          git push origin HEAD:main "$NEW_TAG"
+
+      # Docker 构建并推送到 Docker Hub
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ secrets.DOCKERHUB_USERNAME }}/ds2api:${{ steps.next_version.outputs.new_tag }}
+            ${{ secrets.DOCKERHUB_USERNAME }}/ds2api:${{ steps.next_version.outputs.new_version }}
+            ${{ secrets.DOCKERHUB_USERNAME }}/ds2api:latest
+          labels: |
+            org.opencontainers.image.version=${{ steps.next_version.outputs.new_version }}
+            org.opencontainers.image.revision=${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/release.yml

@@ -0,0 +1,128 @@
+name: Release to Aliyun CR
+
+on:
+  workflow_dispatch:
+    inputs:
+      version_type:
+        description: '版本类型'
+        required: true
+        default: 'patch'
+        type: choice
+        options:
+          - patch
+          - minor
+          - major
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get current version
+        id: get_version
+        run: |
+          LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
+          TAG_VERSION=${LATEST_TAG#v}
+
+          if [ -f VERSION ]; then
+            FILE_VERSION=$(cat VERSION | tr -d '[:space:]')
+          else
+            FILE_VERSION="0.0.0"
+          fi
+
+          function version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
+
+          if version_gt "$FILE_VERSION" "$TAG_VERSION"; then
+            VERSION="$FILE_VERSION"
+          else
+            VERSION="$TAG_VERSION"
+          fi
+
+          echo "Current version: $VERSION"
+          echo "current_version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Calculate next version
+        id: next_version
+        env:
+          VERSION_TYPE: ${{ github.event.inputs.version_type }}
+        run: |
+          VERSION="${{ steps.get_version.outputs.current_version }}"
+          BASE_VERSION=$(echo "$VERSION" | sed 's/-.*$//')
+
+          IFS='.' read -r -a version_parts <<< "$BASE_VERSION"
+          MAJOR="${version_parts[0]:-0}"
+          MINOR="${version_parts[1]:-0}"
+          PATCH="${version_parts[2]:-0}"
+
+          case "$VERSION_TYPE" in
+            major)
+              NEW_VERSION="$((MAJOR + 1)).0.0"
+              ;;
+            minor)
+              NEW_VERSION="${MAJOR}.$((MINOR + 1)).0"
+              ;;
+            *)
+              NEW_VERSION="${MAJOR}.${MINOR}.$((PATCH + 1))"
+              ;;
+          esac
+
+          echo "New version: $NEW_VERSION"
+          echo "new_version=$NEW_VERSION" >> $GITHUB_OUTPUT
+          echo "new_tag=v$NEW_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Update VERSION file
+        run: |
+          echo "${{ steps.next_version.outputs.new_version }}" > VERSION
+
+      - name: Commit VERSION and create tag
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+          git add VERSION
+          if ! git diff --cached --quiet; then
+            git commit -m "chore: bump version to ${{ steps.next_version.outputs.new_tag }} [skip ci]"
+          fi
+
+          NEW_TAG="${{ steps.next_version.outputs.new_tag }}"
+          git tag -a "$NEW_TAG" -m "Release $NEW_TAG"
+          git push origin HEAD:main "$NEW_TAG"
+
+      # Docker 构建并推送到阿里云
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Aliyun Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.ALIYUN_REGISTRY }}
+          username: ${{ secrets.ALIYUN_REGISTRY_USER }}
+          password: ${{ secrets.ALIYUN_REGISTRY_PASSWORD }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ secrets.ALIYUN_REGISTRY }}/${{ secrets.ALIYUN_REGISTRY_NAMESPACE }}/ds2api:${{ steps.next_version.outputs.new_tag }}
+            ${{ secrets.ALIYUN_REGISTRY }}/${{ secrets.ALIYUN_REGISTRY_NAMESPACE }}/ds2api:${{ steps.next_version.outputs.new_version }}
+            ${{ secrets.ALIYUN_REGISTRY }}/${{ secrets.ALIYUN_REGISTRY_NAMESPACE }}/ds2api:latest
+          labels: |
+            org.opencontainers.image.version=${{ steps.next_version.outputs.new_version }}
+            org.opencontainers.image.revision=${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.gitignore

@@ -2,37 +2,6 @@
 config.json
 .env
 
-# Python
-__pycache__/
-*.py[cod]
-*$py.class
-*.so
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-pip-wheel-metadata/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# Virtual environments
-venv/
-ENV/
-env/
-.venv
-
 # IDE
 .vscode/
 .idea/
@@ -44,7 +13,6 @@ env/
 # Logs
 *.log
 logs/
-uvicorn.log
 artifacts/
 
 # Vercel
@@ -56,8 +24,6 @@ webui/node_modules/
 webui/dist/
 .npm
 .pnpm-store/
-# 保留 webui/package-lock.json 用于 CI 缓存
-# package-lock.json  # 如果有根目录的可以忽略
 yarn.lock
 pnpm-lock.yaml
 
@@ -86,7 +52,9 @@ coverage*.out
 cover/
 
 # Misc
-*.pyc
-*.pyo
 .git/
 Thumbs.db
+
+# Claude Code
+.claude/
+CLAUDE.local.md

API.md

@@ -284,6 +284,11 @@ data: [DONE]
 
 **流式**：命中高置信特征后立即输出 `delta.tool_calls`（不等待完整 JSON 闭合），并持续发送 arguments 增量；已确认的 toolcall 原始 JSON 不会回流到 `delta.content`。
 
+补充说明：
+
+- **非代码块上下文**下，工具 JSON 即使与普通文本混合，也会按特征识别并产出可执行 tool call（前后普通文本仍可透传）。
+- Markdown fenced code block（例如 ```json ... ```）中的 `tool_calls` 仅视为示例文本，不会被执行。
+
 ---
 
 ### `GET /v1/models/{id}`
@@ -301,7 +306,7 @@ OpenAI Responses 风格接口，兼容 `input` 或 `messages`。
 | `messages` | array | ❌ | 与 `input` 二选一 |
 | `instructions` | string | ❌ | 自动前置为 system 消息 |
 | `stream` | boolean | ❌ | 默认 `false` |
-| `tools` | array | ❌ | 与 chat 同样的工具识别与转译策略 |
+| `tools` | array | ❌ | 与 chat 同样的工具识别与转译策略（含代码块示例豁免） |
 | `tool_choice` | string/object | ❌ | 支持 `auto`/`none`/`required` 与强制函数（`{"type":"function","name":"..."}`） |
 
 **非流式响应**：返回标准 `response` 对象，`id` 形如 `resp_xxx`，并写入内存 TTL 存储。

DEPLOY.en.md

@@ -135,11 +135,12 @@ docker-compose up -d --build
 
 ### 2.3 Docker Architecture
 
-The `Dockerfile` uses a three-stage build:
+The `Dockerfile` now provides two image paths:
 
-1. **WebUI build stage**: `node:20` image, runs `npm ci && npm run build`
-2. **Go build stage**: `golang:1.24` image, compiles the binary
-3. **Runtime stage**: `debian:bookworm-slim` minimal image
+1. **Default local/dev path (`runtime-from-source`)**: a three-stage build (WebUI build + Go build + runtime).
+2. **Release path (`runtime-from-dist`)**: CI first creates `dist/ds2api_<tag>_linux_<arch>.tar.gz`, then Docker directly reuses the binary and `static/admin` assets from those release archives, without running `npm build`/`go build` again.
+
+The release path keeps Docker images aligned with release archives and reduces duplicate build work.
 
 Container entry command: `/usr/local/bin/ds2api`, default exposed port: `5001`.
 
@@ -160,7 +161,7 @@ Docker Compose includes a built-in health check:
 
 ```yaml
 healthcheck:
-  test: ["CMD", "wget", "-qO-", "http://localhost:${PORT:-5001}/healthz"]
+  test: ["CMD", "/usr/local/bin/busybox", "wget", "-qO-", "http://localhost:${PORT:-5001}/healthz"]
   interval: 30s
   timeout: 10s
   retries: 3
@@ -174,6 +175,18 @@ If container logs look normal but the admin panel is unreachable, check these fi
 1. **Port alignment**: when `PORT` is not `5001`, use the same port in your URL (for example `http://localhost:8080/admin`).
 2. **WebUI assets in dev compose**: `docker-compose.dev.yml` runs `go run` in a dev image and does not auto-install Node.js inside the container; if `static/admin` is missing in your repo, `/admin` will return 404. Build once on host: `./scripts/build-webui.sh`.
 
+### 2.7 Zeabur One-Click (Dockerfile)
+
+This repo includes a `zeabur.yaml` template for one-click deployment on Zeabur:
+
+[![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/templates/L4CFHP)
+
+Notes:
+
+- **Port**: DS2API listens on `5001` by default; the template sets `PORT=5001`.
+- **Persistent config**: the template mounts `/data` and sets `DS2API_CONFIG_PATH=/data/config.json`. After importing config in Admin UI, it will be written and persisted to this path.
+- **First login**: after deployment, open `/admin` and login with `DS2API_ADMIN_KEY` shown in Zeabur env/template instructions (recommended: rotate to a strong secret after first login).
+
 ---
 
 ## 3. Vercel Deployment

DEPLOY.md

@@ -135,11 +135,12 @@ docker-compose up -d --build
 
 ### 2.3 Docker 架构说明
 
-`Dockerfile` 使用三阶段构建：
+`Dockerfile` 提供两条构建路径：
 
-1. **WebUI 构建阶段**：`node:20` 镜像，执行 `npm ci && npm run build`
-2. **Go 构建阶段**：`golang:1.24` 镜像，编译二进制文件
-3. **运行阶段**：`debian:bookworm-slim` 精简镜像
+1. **本地/开发默认路径（`runtime-from-source`）**：三阶段构建（WebUI 构建 + Go 构建 + 运行阶段）。
+2. **Release 路径（`runtime-from-dist`）**：CI 先生成 `dist/ds2api_<tag>_linux_<arch>.tar.gz`，再由 Docker 直接复用该发布包内的二进制和 `static/admin` 产物组装运行镜像，不再重复执行 `npm build`/`go build`。
+
+Release 路径可确保 Docker 镜像与 release 压缩包使用同一套产物，减少重复构建带来的差异。
 
 容器内启动命令：`/usr/local/bin/ds2api`，默认暴露端口 `5001`。
 
@@ -160,7 +161,7 @@ Docker Compose 已配置内置健康检查：
 
 ```yaml
 healthcheck:
-  test: ["CMD", "wget", "-qO-", "http://localhost:${PORT:-5001}/healthz"]
+  test: ["CMD", "/usr/local/bin/busybox", "wget", "-qO-", "http://localhost:${PORT:-5001}/healthz"]
   interval: 30s
   timeout: 10s
   retries: 3
@@ -174,6 +175,18 @@ healthcheck:
 1. **端口是否一致**：`PORT` 改成非 `5001` 时，访问地址也要改成对应端口（如 `http://localhost:8080/admin`）。
 2. **开发 compose 的 WebUI 静态文件**：`docker-compose.dev.yml` 使用 `go run` 开发镜像，不会在容器内自动安装 Node.js；若仓库里没有 `static/admin`，`/admin` 会返回 404。可先在宿主机构建一次：`./scripts/build-webui.sh`。
 
+### 2.7 Zeabur 一键部署（Dockerfile）
+
+仓库提供 `zeabur.yaml` 模板，可在 Zeabur 上一键部署：
+
+[![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/templates/L4CFHP)
+
+部署要点：
+
+- **端口**：服务默认监听 `5001`，模板会固定设置 `PORT=5001`。
+- **配置持久化**：模板挂载卷 `/data`，并设置 `DS2API_CONFIG_PATH=/data/config.json`；在管理台导入配置后，会写入并持久化到该路径。
+- **首次登录**：部署完成后访问 `/admin`，使用 Zeabur 环境变量/模板指引中的 `DS2API_ADMIN_KEY` 登录（建议首次登录后自行更换为强密码）。
+
 ---
 
 ## 三、Vercel 部署

Dockerfile

@@ -8,19 +8,54 @@ RUN npm run build
 
 FROM golang:1.24 AS go-builder
 WORKDIR /app
-ARG TARGETOS=linux
-ARG TARGETARCH=amd64
+ARG TARGETOS
+ARG TARGETARCH
 COPY go.mod go.sum* ./
 RUN go mod download
 COPY . .
-RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/ds2api ./cmd/ds2api
+RUN set -eux; \
+    GOOS="${TARGETOS:-$(go env GOOS)}"; \
+    GOARCH="${TARGETARCH:-$(go env GOARCH)}"; \
+    CGO_ENABLED=0 GOOS="${GOOS}" GOARCH="${GOARCH}" go build -o /out/ds2api ./cmd/ds2api
 
-FROM debian:bookworm-slim
+FROM busybox:1.36.1-musl AS busybox-tools
+
+FROM debian:bookworm-slim AS runtime-base
 WORKDIR /app
-RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/*
+COPY --from=go-builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+COPY --from=busybox-tools /bin/busybox /usr/local/bin/busybox
+EXPOSE 5001
+CMD ["/usr/local/bin/ds2api"]
+
+FROM runtime-base AS runtime-from-source
 COPY --from=go-builder /out/ds2api /usr/local/bin/ds2api
 COPY --from=go-builder /app/sha3_wasm_bg.7b9ca65ddd.wasm /app/sha3_wasm_bg.7b9ca65ddd.wasm
 COPY --from=go-builder /app/config.example.json /app/config.example.json
 COPY --from=webui-builder /app/static/admin /app/static/admin
-EXPOSE 5001
-CMD ["/usr/local/bin/ds2api"]
+
+FROM busybox-tools AS dist-extract
+ARG TARGETARCH
+COPY dist/docker-input/linux_amd64.tar.gz /tmp/ds2api_linux_amd64.tar.gz
+COPY dist/docker-input/linux_arm64.tar.gz /tmp/ds2api_linux_arm64.tar.gz
+RUN set -eux; \
+    case "${TARGETARCH}" in \
+      amd64) ARCHIVE="/tmp/ds2api_linux_amd64.tar.gz" ;; \
+      arm64) ARCHIVE="/tmp/ds2api_linux_arm64.tar.gz" ;; \
+      *) echo "unsupported TARGETARCH: ${TARGETARCH}" >&2; exit 1 ;; \
+    esac; \
+    tar -xzf "${ARCHIVE}" -C /tmp; \
+    PKG_DIR="$(find /tmp -maxdepth 1 -type d -name "ds2api_*_linux_${TARGETARCH}" | head -n1)"; \
+    test -n "${PKG_DIR}"; \
+    mkdir -p /out/static; \
+    cp "${PKG_DIR}/ds2api" /out/ds2api; \
+    cp "${PKG_DIR}/sha3_wasm_bg.7b9ca65ddd.wasm" /out/sha3_wasm_bg.7b9ca65ddd.wasm; \
+    cp "${PKG_DIR}/config.example.json" /out/config.example.json; \
+    cp -R "${PKG_DIR}/static/admin" /out/static/admin
+
+FROM runtime-base AS runtime-from-dist
+COPY --from=dist-extract /out/ds2api /usr/local/bin/ds2api
+COPY --from=dist-extract /out/sha3_wasm_bg.7b9ca65ddd.wasm /app/sha3_wasm_bg.7b9ca65ddd.wasm
+COPY --from=dist-extract /out/config.example.json /app/config.example.json
+COPY --from=dist-extract /out/static/admin /app/static/admin
+
+FROM runtime-from-source AS final

README.MD

@@ -1,3 +1,7 @@
+<p align="center">
+  <img src="webui/public/ds2api-favicon.svg" width="128" height="128" alt="DS2API icon" />
+</p>
+
 # DS2API
 
 [![License](https://img.shields.io/github/license/CJackHwang/ds2api.svg)](LICENSE)
@@ -5,6 +9,8 @@
 ![Forks](https://img.shields.io/github/forks/CJackHwang/ds2api.svg)
 [![Release](https://img.shields.io/github/v/release/CJackHwang/ds2api?display_name=tag)](https://github.com/CJackHwang/ds2api/releases)
 [![Docker](https://img.shields.io/badge/docker-ready-blue.svg)](DEPLOY.md)
+[![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/templates/L4CFHP)
+[![Deploy with Vercel](https://vercel.com/button)](https://vercel.com/new/clone?repository-url=https://github.com/CJackHwang/ds2api)
 
 语言 / Language: [中文](README.MD) | [English](README.en.md)
 
@@ -100,6 +106,14 @@ flowchart LR
 可通过配置中的 `claude_mapping` 或 `claude_model_mapping` 覆盖映射关系。
 另外，`/anthropic/v1/models` 现已包含 Claude 1.x/2.x/3.x/4.x 历史模型 ID 与常见别名，便于旧客户端直接兼容。
 
+
+#### Claude Code 接入避坑（实测）
+
+- `ANTHROPIC_BASE_URL` 推荐直接指向 DS2API 根地址（例如 `http://127.0.0.1:5001`），Claude Code 会请求 `/v1/messages?beta=true`。
+- `ANTHROPIC_API_KEY` 需要与 `config.json` 中 `keys` 一致；建议同时保留常规 key 与 `sk-ant-*` 形态 key，兼容不同客户端校验习惯。
+- 若系统设置了代理，建议对 DS2API 地址配置 `NO_PROXY=127.0.0.1,localhost,<你的主机IP>`，避免本地回环请求被代理拦截。
+- 如遇“工具调用输出成文本、未执行”问题，请升级到包含 Claude 工具调用多格式解析（JSON/XML/ANTML/invoke）的版本。
+
 ### Gemini 接口
 
 Gemini 适配器将模型名通过 `model_aliases` 或内置规则映射到 DeepSeek 原生模型，支持 `generateContent` 和 `streamGenerateContent` 两种调用方式，并完整支持 Tool Calling（`functionDeclarations` → `functionCall` 输出）。
@@ -162,6 +176,12 @@ docker-compose logs -f
 
 更新镜像：`docker-compose up -d --build`
 
+#### Zeabur 一键部署（Dockerfile）
+
+1. 点击上方 “Deploy on Zeabur” 按钮，一键部署。
+2. 部署完成后访问 `/admin`，使用 Zeabur 环境变量/模板指引中的 `DS2API_ADMIN_KEY` 登录。
+3. 在管理台导入/编辑配置（会写入并持久化到 `/data/config.json`）。
+
 ### 方式三：Vercel 部署
 
 1. Fork 仓库到自己的 GitHub

README.en.md

@@ -1,3 +1,7 @@
+<p align="center">
+  <img src="webui/public/ds2api-favicon.svg" width="128" height="128" alt="DS2API icon" />
+</p>
+
 # DS2API
 
 [![License](https://img.shields.io/github/license/CJackHwang/ds2api.svg)](LICENSE)
@@ -5,6 +9,8 @@
 ![Forks](https://img.shields.io/github/forks/CJackHwang/ds2api.svg)
 [![Release](https://img.shields.io/github/v/release/CJackHwang/ds2api?display_name=tag)](https://github.com/CJackHwang/ds2api/releases)
 [![Docker](https://img.shields.io/badge/docker-ready-blue.svg)](DEPLOY.en.md)
+[![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/templates/L4CFHP)
+[![Deploy with Vercel](https://vercel.com/button)](https://vercel.com/new/clone?repository-url=https://github.com/CJackHwang/ds2api)
 
 Language: [中文](README.MD) | [English](README.en.md)
 
@@ -100,6 +106,14 @@ flowchart LR
 Override mapping via `claude_mapping` or `claude_model_mapping` in config.
 In addition, `/anthropic/v1/models` now includes historical Claude 1.x/2.x/3.x/4.x IDs and common aliases for legacy client compatibility.
 
+
+#### Claude Code integration pitfalls (validated)
+
+- Set `ANTHROPIC_BASE_URL` to the DS2API root URL (for example `http://127.0.0.1:5001`). Claude Code sends requests to `/v1/messages?beta=true`.
+- `ANTHROPIC_API_KEY` must match an entry in `keys` from `config.json`. Keeping both a regular key and an `sk-ant-*` style key improves client compatibility.
+- If your environment has proxy variables, set `NO_PROXY=127.0.0.1,localhost,<your_host_ip>` for DS2API to avoid proxy interception of local traffic.
+- If tool calls are rendered as plain text and not executed, upgrade to a build that includes multi-format Claude tool-call parsing (JSON/XML/ANTML/invoke).
+
 ### Gemini Endpoint
 
 The Gemini adapter maps model names to DeepSeek native models via `model_aliases` or built-in heuristics, supporting both `generateContent` and `streamGenerateContent` call patterns with full Tool Calling support (`functionDeclarations` → `functionCall` output).
@@ -162,6 +176,12 @@ docker-compose logs -f
 
 Rebuild after updates: `docker-compose up -d --build`
 
+#### Zeabur One-Click (Dockerfile)
+
+1. Click the “Deploy on Zeabur” button above to deploy.
+2. After deployment, open `/admin` and login with `DS2API_ADMIN_KEY` shown in Zeabur env/template instructions.
+3. Import / edit config in Admin UI (it will be written and persisted to `/data/config.json`).
+
 ### Option 3: Vercel
 
 1. Fork this repo to your GitHub account
@@ -339,6 +359,7 @@ Queue limit = DS2API_ACCOUNT_MAX_QUEUE (default = recommended concurrency)
 When `tools` is present in the request, DS2API performs anti-leak handling:
 
 1. Toolcall feature matching is enabled only in **non-code-block context** (fenced examples are ignored)
+   - In non-code-block context, tool JSON may still be recognized even when mixed with normal prose; surrounding prose can remain as text output.
 2. `responses` streaming strictly uses official item lifecycle events (`response.output_item.*`, `response.content_part.*`, `response.function_call_arguments.*`)
 3. Tool names not declared in the `tools` schema are strictly rejected and will not be emitted as valid tool calls
 4. `responses` supports and enforces `tool_choice` (`auto`/`none`/`required`/forced function); `required` violations return `422` for non-stream and `response.failed` for stream

TESTING.md

@@ -51,7 +51,7 @@ DS2API 提供两个层级的测试：
 1. **Preflight 检查**：
    - `go test ./... -count=1`（单元测试）
    - `./tests/scripts/check-node-split-syntax.sh`（Node 拆分模块语法门禁）
-   - `node --test api/helpers/stream-tool-sieve.test.js api/chat-stream.test.js api/compat/js_compat_test.js`（Node 流式拦截 + compat 单测）
+   - `node --test`（如仓库存在 Node 单测文件时执行；当前默认以 Go 测试 + Node 语法门禁为主）
    - `npm run build --prefix webui`（WebUI 构建检查）
 
 2. **隔离启动**：复制 `config.json` 到临时目录，启动独立服务进程

VERSION

@@ -0,0 +1 @@
+0.1.0

docker-compose.yml

@@ -1,18 +1,14 @@
 services:
   ds2api:
-    build: .
-    image: ds2api:latest
-    container_name: ds2api
-    ports:
-      - "${PORT:-5001}:${PORT:-5001}"
-    env_file:
-      - .env
-    environment:
-      - HOST=0.0.0.0
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "wget", "-qO-", "http://localhost:${PORT:-5001}/healthz"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 10s
+    image: ghcr.io/cjackhwang/ds2api:latest
+    container_name: ds2api
+    restart: always
+    ports:
+      - "6011:5001"
+    volumes:
+      - ./config.json:/app/config.json    # 配置文件
+      - ./.env:/app/.env                  # 环境变量
+    environment:
+      - TZ=Asia/Shanghai
+      - LOG_LEVEL=INFO
+      - DS2API_ADMIN_KEY=${DS2API_ADMIN_KEY:-ds2api}

docs/toolcall-semantics.md

@@ -0,0 +1,40 @@
+# Tool call parsing semantics (Go canonical spec)
+
+This document defines the cross-runtime contract for `ParseToolCallsDetailed` / `parseToolCallsDetailed`.
+
+## Output contract
+
+- `calls`: accepted tool calls with normalized tool names.
+- `sawToolCallSyntax`: true when tool-call-like syntax is detected (`tool_calls`, `<tool_call>`, `<function_call>`, `<invoke>`) or a valid call is parsed.
+- `rejectedByPolicy`: true when parser extracted call syntax but all calls are rejected by allow-list policy.
+- `rejectedToolNames`: de-duplicated rejected tool names in first-seen order.
+
+## Parse pipeline
+
+1. Strip fenced code blocks for non-standalone parsing.
+2. Build candidates from:
+   - full text,
+   - fenced JSON snippets,
+   - extracted JSON objects around `tool_calls`,
+   - first `{` to last `}` object slice.
+3. Parse each candidate in order:
+   - JSON payload parser (`tool_calls`, list, single call object),
+   - markup parser (`<tool_call>`, `<function_call>`, `<invoke>`; supports attributes + nested fields).
+4. Stop at first candidate that yields at least one call.
+
+## Name normalization policy
+
+When matching parsed names against configured tools:
+
+1. exact match,
+2. case-insensitive match,
+3. namespace tail match (`a.b.c` => `c`),
+4. loose alnum match (remove non `[a-z0-9]`, compare).
+
+## Standalone mode
+
+Standalone mode (`ParseStandaloneToolCallsDetailed`) parses the whole input directly (no candidate slicing), while still applying:
+
+- example-context guard,
+- JSON then markup fallback,
+- the same allow-list normalization policy.

internal/adapter/claude/handler_stream_test.go

@@ -183,6 +183,66 @@ func TestHandleClaudeStreamRealtimeToolSafety(t *testing.T) {
 	}
 }
 
+func TestHandleClaudeStreamRealtimeToolDetectionFromThinkingFallback(t *testing.T) {
+	h := &Handler{}
+	resp := makeClaudeSSEHTTPResponse(
+		`data: {"p":"response/thinking_content","v":"{\"tool_calls\":[{\"name\":\"search\""}`,
+		`data: {"p":"response/thinking_content","v":",\"input\":{\"q\":\"go\"}}]}"}`,
+		`data: [DONE]`,
+	)
+	rec := httptest.NewRecorder()
+	req := httptest.NewRequest(http.MethodPost, "/anthropic/v1/messages", nil)
+
+	h.handleClaudeStreamRealtime(rec, req, resp, "claude-sonnet-4-5", []any{map[string]any{"role": "user", "content": "use tool"}}, true, false, []string{"search"})
+
+	frames := parseClaudeFrames(t, rec.Body.String())
+	foundToolUse := false
+	for _, f := range findClaudeFrames(frames, "content_block_start") {
+		contentBlock, _ := f.Payload["content_block"].(map[string]any)
+		if contentBlock["type"] == "tool_use" && contentBlock["name"] == "search" {
+			foundToolUse = true
+			break
+		}
+	}
+	if !foundToolUse {
+		t.Fatalf("expected tool_use block from thinking fallback, body=%s", rec.Body.String())
+	}
+}
+
+func TestHandleClaudeStreamRealtimeSkipsThinkingFallbackWhenFinalTextExists(t *testing.T) {
+	h := &Handler{}
+	resp := makeClaudeSSEHTTPResponse(
+		`data: {"p":"response/thinking_content","v":"{\"tool_calls\":[{\"name\":\"search\""}`,
+		`data: {"p":"response/thinking_content","v":",\"input\":{\"q\":\"go\"}}]}"}`,
+		`data: {"p":"response/content","v":"normal answer"}`,
+		`data: [DONE]`,
+	)
+	rec := httptest.NewRecorder()
+	req := httptest.NewRequest(http.MethodPost, "/anthropic/v1/messages", nil)
+
+	h.handleClaudeStreamRealtime(rec, req, resp, "claude-sonnet-4-5", []any{map[string]any{"role": "user", "content": "use tool"}}, true, false, []string{"search"})
+
+	frames := parseClaudeFrames(t, rec.Body.String())
+	for _, f := range findClaudeFrames(frames, "content_block_start") {
+		contentBlock, _ := f.Payload["content_block"].(map[string]any)
+		if contentBlock["type"] == "tool_use" {
+			t.Fatalf("unexpected tool_use block when final text exists, body=%s", rec.Body.String())
+		}
+	}
+
+	foundEndTurn := false
+	for _, f := range findClaudeFrames(frames, "message_delta") {
+		delta, _ := f.Payload["delta"].(map[string]any)
+		if delta["stop_reason"] == "end_turn" {
+			foundEndTurn = true
+			break
+		}
+	}
+	if !foundEndTurn {
+		t.Fatalf("expected stop_reason=end_turn, body=%s", rec.Body.String())
+	}
+}
+
 func TestHandleClaudeStreamRealtimeUpstreamErrorEvent(t *testing.T) {
 	h := &Handler{}
 	resp := makeClaudeSSEHTTPResponse(
@@ -255,3 +315,78 @@ func asString(v any) string {
 	s, _ := v.(string)
 	return s
 }
+
+func TestHandleClaudeStreamRealtimeToolSafetyAcrossStructuredFormats(t *testing.T) {
+	tests := []struct {
+		name    string
+		payload string
+	}{
+		{name: "xml_tool_call", payload: `<tool_call><tool_name>Bash</tool_name><parameters><command>pwd</command></parameters></tool_call>`},
+		{name: "xml_json_tool_call", payload: `<tool_call>{"tool":"Bash","params":{"command":"pwd"}}</tool_call>`},
+		{name: "nested_tool_tag_style", payload: `<tool_call><tool name="Bash"><command>pwd</command></tool></tool_call>`},
+		{name: "function_tag_style", payload: `<function_call>Bash</function_call><function parameter name="command">pwd</function parameter>`},
+		{name: "antml_argument_style", payload: `<antml:function_calls><antml:function_call id="1" name="Bash"><antml:argument name="command">pwd</antml:argument></antml:function_call></antml:function_calls>`},
+		{name: "antml_function_attr_parameters", payload: `<antml:function_calls><antml:function_call id="1" function="Bash"><antml:parameters>{"command":"pwd"}</antml:parameters></antml:function_call></antml:function_calls>`},
+		{name: "invoke_parameter_style", payload: `<function_calls><invoke name="Bash"><parameter name="command">pwd</parameter></invoke></function_calls>`},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			h := &Handler{}
+			resp := makeClaudeSSEHTTPResponse(
+				`data: {"p":"response/content","v":"`+strings.ReplaceAll(tc.payload, `"`, `\"`)+`"}`,
+				`data: [DONE]`,
+			)
+			rec := httptest.NewRecorder()
+			req := httptest.NewRequest(http.MethodPost, "/anthropic/v1/messages", nil)
+
+			h.handleClaudeStreamRealtime(rec, req, resp, "claude-sonnet-4-5", []any{map[string]any{"role": "user", "content": "use tool"}}, false, false, []string{"Bash"})
+
+			frames := parseClaudeFrames(t, rec.Body.String())
+			foundToolUse := false
+			for _, f := range findClaudeFrames(frames, "content_block_start") {
+				contentBlock, _ := f.Payload["content_block"].(map[string]any)
+				if contentBlock["type"] == "tool_use" {
+					foundToolUse = true
+					break
+				}
+			}
+			if !foundToolUse {
+				t.Fatalf("expected tool_use block for format %s, body=%s", tc.name, rec.Body.String())
+			}
+		})
+	}
+}
+
+func TestHandleClaudeStreamRealtimeDoesNotStopOnUnclosedFencedToolExample(t *testing.T) {
+	h := &Handler{}
+	resp := makeClaudeSSEHTTPResponse(
+		"data: {\"p\":\"response/content\",\"v\":\"Here is an example:\\n```json\\n{\\\"tool_calls\\\":[{\\\"name\\\":\\\"Bash\\\",\\\"input\\\":{\\\"command\\\":\\\"pwd\\\"}}]}\"}",
+		"data: {\"p\":\"response/content\",\"v\":\"\\n```\\nDo not execute it.\"}",
+		`data: [DONE]`,
+	)
+	rec := httptest.NewRecorder()
+	req := httptest.NewRequest(http.MethodPost, "/anthropic/v1/messages", nil)
+
+	h.handleClaudeStreamRealtime(rec, req, resp, "claude-sonnet-4-5", []any{map[string]any{"role": "user", "content": "show example only"}}, false, false, []string{"Bash"})
+
+	frames := parseClaudeFrames(t, rec.Body.String())
+	for _, f := range findClaudeFrames(frames, "content_block_start") {
+		contentBlock, _ := f.Payload["content_block"].(map[string]any)
+		if contentBlock["type"] == "tool_use" {
+			t.Fatalf("unexpected tool_use for fenced example, body=%s", rec.Body.String())
+		}
+	}
+
+	foundEndTurn := false
+	for _, f := range findClaudeFrames(frames, "message_delta") {
+		delta, _ := f.Payload["delta"].(map[string]any)
+		if delta["stop_reason"] == "end_turn" {
+			foundEndTurn = true
+			break
+		}
+	}
+	if !foundEndTurn {
+		t.Fatalf("expected stop_reason=end_turn, body=%s", rec.Body.String())
+	}
+}

internal/adapter/claude/handler_util_test.go

@@ -125,8 +125,11 @@ func TestBuildClaudeToolPromptSingleTool(t *testing.T) {
 	if !containsStr(prompt, "Search the web") {
 		t.Fatalf("expected description in prompt")
 	}
-	if !containsStr(prompt, "tool_calls") {
-		t.Fatalf("expected tool_calls instruction in prompt")
+	if !containsStr(prompt, "tool_use") {
+		t.Fatalf("expected tool_use instruction in prompt")
+	}
+	if containsStr(prompt, "tool_calls") {
+		t.Fatalf("expected prompt to avoid tool_calls JSON instruction")
 	}
 }
 
@@ -141,6 +144,34 @@ func TestBuildClaudeToolPromptMultipleTools(t *testing.T) {
 	}
 }
 
+func TestBuildClaudeToolPromptSupportsOpenAIStyleFunctionTool(t *testing.T) {
+	tools := []any{
+		map[string]any{
+			"type": "function",
+			"function": map[string]any{
+				"name":        "search",
+				"description": "Search via function tool",
+				"parameters": map[string]any{
+					"type": "object",
+					"properties": map[string]any{
+						"q": map[string]any{"type": "string"},
+					},
+				},
+			},
+		},
+	}
+	prompt := buildClaudeToolPrompt(tools)
+	if !containsStr(prompt, "Tool: search") {
+		t.Fatalf("expected OpenAI-style function tool name in prompt, got: %q", prompt)
+	}
+	if !containsStr(prompt, "Search via function tool") {
+		t.Fatalf("expected OpenAI-style function tool description in prompt, got: %q", prompt)
+	}
+	if !containsStr(prompt, "\"q\"") {
+		t.Fatalf("expected parameters schema serialized in prompt, got: %q", prompt)
+	}
+}
+
 func TestBuildClaudeToolPromptSkipsNonMap(t *testing.T) {
 	tools := []any{"not a map"}
 	prompt := buildClaudeToolPrompt(tools)
@@ -237,6 +268,21 @@ func TestExtractClaudeToolNamesNil(t *testing.T) {
 	}
 }
 
+func TestExtractClaudeToolNamesSupportsOpenAIStyleFunctionTool(t *testing.T) {
+	tools := []any{
+		map[string]any{
+			"type": "function",
+			"function": map[string]any{
+				"name": "search",
+			},
+		},
+	}
+	names := extractClaudeToolNames(tools)
+	if len(names) != 1 || names[0] != "search" {
+		t.Fatalf("expected [search], got %v", names)
+	}
+}
+
 // ─── toMessageMaps ───────────────────────────────────────────────────
 
 func TestToMessageMapsNormal(t *testing.T) {

internal/adapter/claude/handler_utils.go

@@ -46,13 +46,12 @@ func buildClaudeToolPrompt(tools []any) string {
 		if !ok {
 			continue
 		}
-		name, _ := m["name"].(string)
-		desc, _ := m["description"].(string)
-		schema, _ := json.Marshal(m["input_schema"])
+		name, desc, schemaObj := extractClaudeToolMeta(m)
+		schema, _ := json.Marshal(schemaObj)
 		parts = append(parts, fmt.Sprintf("Tool: %s\nDescription: %s\nParameters: %s", name, desc, schema))
 	}
 	parts = append(parts,
-		"When you need to use tools, you can call multiple tools in one response. Output ONLY JSON like {\"tool_calls\":[{\"name\":\"tool\",\"input\":{}}]}",
+		"When you need a tool, respond with Claude-native tool use (tool_use) using the provided tool schema. Do not print tool-call JSON in text.",
 		"History markers in conversation: [TOOL_CALL_HISTORY]...[/TOOL_CALL_HISTORY] are your previous tool calls; [TOOL_RESULT_HISTORY]...[/TOOL_RESULT_HISTORY] are runtime tool outputs, not user input.",
 		"After a valid [TOOL_RESULT_HISTORY], continue with final answer instead of repeating the same call unless required fields are still missing.",
 	)
@@ -98,13 +97,43 @@ func extractClaudeToolNames(tools []any) []string {
 		if !ok {
 			continue
 		}
-		if name, ok := m["name"].(string); ok && name != "" {
+		name, _, _ := extractClaudeToolMeta(m)
+		if name != "" {
 			out = append(out, name)
 		}
 	}
 	return out
 }
 
+func extractClaudeToolMeta(m map[string]any) (string, string, any) {
+	name, _ := m["name"].(string)
+	desc, _ := m["description"].(string)
+	schemaObj := m["input_schema"]
+	if schemaObj == nil {
+		schemaObj = m["parameters"]
+	}
+
+	if fn, ok := m["function"].(map[string]any); ok {
+		if strings.TrimSpace(name) == "" {
+			name, _ = fn["name"].(string)
+		}
+		if strings.TrimSpace(desc) == "" {
+			desc, _ = fn["description"].(string)
+		}
+		if schemaObj == nil {
+			if v, ok := fn["input_schema"]; ok {
+				schemaObj = v
+			}
+		}
+		if schemaObj == nil {
+			if v, ok := fn["parameters"]; ok {
+				schemaObj = v
+			}
+		}
+	}
+	return strings.TrimSpace(name), strings.TrimSpace(desc), schemaObj
+}
+
 func toMessageMaps(v any) []map[string]any {
 	arr, ok := v.([]any)
 	if !ok {

internal/adapter/claude/stream_runtime_core.go

@@ -8,6 +8,7 @@ import (
 
 	"ds2api/internal/sse"
 	streamengine "ds2api/internal/stream"
+	"ds2api/internal/util"
 )
 
 type claudeStreamRuntime struct {
@@ -116,6 +117,18 @@ func (s *claudeStreamRuntime) onParsed(parsed sse.LineResult) streamengine.Parse
 
 		s.text.WriteString(p.Text)
 		if s.bufferToolContent {
+			if hasUnclosedCodeFence(s.text.String()) {
+				continue
+			}
+			detected := util.ParseToolCalls(s.text.String(), s.toolNames)
+			if len(detected) > 0 {
+				s.finalize("tool_use")
+				return streamengine.ParsedDecision{
+					ContentSeen: true,
+					Stop:        true,
+					StopReason:  streamengine.StopReason("tool_use_detected"),
+				}
+			}
 			continue
 		}
 		s.closeThinkingBlock()
@@ -144,3 +157,7 @@ func (s *claudeStreamRuntime) onParsed(parsed sse.LineResult) streamengine.Parse
 
 	return streamengine.ParsedDecision{ContentSeen: contentSeen}
 }
+
+func hasUnclosedCodeFence(text string) bool {
+	return strings.Count(text, "```")%2 == 1
+}

internal/adapter/claude/stream_runtime_finalize.go

@@ -46,6 +46,9 @@ func (s *claudeStreamRuntime) finalize(stopReason string) {
 
 	if s.bufferToolContent {
 		detected := util.ParseToolCalls(finalText, s.toolNames)
+		if len(detected) == 0 && finalText == "" && finalThinking != "" {
+			detected = util.ParseToolCalls(finalThinking, s.toolNames)
+		}
 		if len(detected) > 0 {
 			stopReason = "tool_use"
 			for i, tc := range detected {

internal/adapter/gemini/handler_test.go

@@ -99,7 +99,7 @@ func TestGeminiRoutesRegistered(t *testing.T) {
 
 func TestGenerateContentReturnsFunctionCallParts(t *testing.T) {
 	upstream := makeGeminiUpstreamResponse(
-		`data: {"p":"response/content","v":"我来调用工具\n{\"tool_calls\":[{\"name\":\"eval_javascript\",\"input\":{\"code\":\"1+1\"}}]}"}`,
+		`data: {"p":"response/content","v":"{\"tool_calls\":[{\"name\":\"eval_javascript\",\"input\":{\"code\":\"1+1\"}}]}"}`,
 		`data: [DONE]`,
 	)
 	h := &Handler{
@@ -143,6 +143,42 @@ func TestGenerateContentReturnsFunctionCallParts(t *testing.T) {
 	}
 }
 
+func TestGenerateContentMixedToolSnippetAlsoTriggersFunctionCall(t *testing.T) {
+	upstream := makeGeminiUpstreamResponse(
+		`data: {"p":"response/content","v":"我来调用工具\n{\"tool_calls\":[{\"name\":\"eval_javascript\",\"input\":{\"code\":\"1+1\"}}]}"}`,
+		`data: [DONE]`,
+	)
+	h := &Handler{Store: testGeminiConfig{}, Auth: testGeminiAuth{}, DS: testGeminiDS{resp: upstream}}
+	r := chi.NewRouter()
+	RegisterRoutes(r, h)
+
+	body := `{
+		"contents":[{"role":"user","parts":[{"text":"call tool"}]}],
+		"tools":[{"functionDeclarations":[{"name":"eval_javascript","description":"eval","parameters":{"type":"object","properties":{"code":{"type":"string"}}}}]}]
+	}`
+	req := httptest.NewRequest(http.MethodPost, "/v1beta/models/gemini-2.5-pro:generateContent", strings.NewReader(body))
+	req.Header.Set("Authorization", "Bearer direct-token")
+	rec := httptest.NewRecorder()
+	r.ServeHTTP(rec, req)
+
+	if rec.Code != http.StatusOK {
+		t.Fatalf("expected 200, got %d body=%s", rec.Code, rec.Body.String())
+	}
+	var out map[string]any
+	if err := json.Unmarshal(rec.Body.Bytes(), &out); err != nil {
+		t.Fatalf("decode response failed: %v", err)
+	}
+	candidates, _ := out["candidates"].([]any)
+	c0, _ := candidates[0].(map[string]any)
+	content, _ := c0["content"].(map[string]any)
+	parts, _ := content["parts"].([]any)
+	part0, _ := parts[0].(map[string]any)
+	functionCall, _ := part0["functionCall"].(map[string]any)
+	if functionCall["name"] != "eval_javascript" {
+		t.Fatalf("expected functionCall name eval_javascript for mixed snippet, got %#v", functionCall)
+	}
+}
+
 func TestStreamGenerateContentEmitsSSE(t *testing.T) {
 	upstream := makeGeminiUpstreamResponse(
 		`data: {"p":"response/content","v":"hello "}`,

internal/adapter/openai/chat_stream_runtime.go

@@ -98,7 +98,7 @@ func (s *chatStreamRuntime) sendDone() {
 func (s *chatStreamRuntime) finalize(finishReason string) {
 	finalThinking := s.thinking.String()
 	finalText := s.text.String()
-	detected := util.ParseToolCalls(finalText, s.toolNames)
+	detected := util.ParseStandaloneToolCalls(finalText, s.toolNames)
 	if len(detected) > 0 && !s.toolCallsDoneEmitted {
 		finishReason = "tool_calls"
 		delta := map[string]any{

internal/adapter/openai/handler_toolcall_test.go

@@ -3,6 +3,7 @@ package openai
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 	"net/http/httptest"
@@ -210,7 +211,7 @@ func TestHandleNonStreamUnknownToolNotIntercepted(t *testing.T) {
 	}
 }
 
-func TestHandleNonStreamEmbeddedToolCallExampleIntercepted(t *testing.T) {
+func TestHandleNonStreamEmbeddedToolCallExampleRemainsText(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		`data: {"p":"response/content","v":"下面是示例："}`,
@@ -228,16 +229,16 @@ func TestHandleNonStreamEmbeddedToolCallExampleIntercepted(t *testing.T) {
 	out := decodeJSONBody(t, rec.Body.String())
 	choices, _ := out["choices"].([]any)
 	choice, _ := choices[0].(map[string]any)
-	if choice["finish_reason"] != "tool_calls" {
-		t.Fatalf("expected finish_reason=tool_calls, got %#v", choice["finish_reason"])
+	if choice["finish_reason"] != "stop" {
+		t.Fatalf("expected finish_reason=stop, got %#v", choice["finish_reason"])
 	}
 	msg, _ := choice["message"].(map[string]any)
-	toolCalls, _ := msg["tool_calls"].([]any)
-	if len(toolCalls) == 0 {
-		t.Fatalf("expected tool_calls field for embedded example: %#v", msg["tool_calls"])
+	if _, ok := msg["tool_calls"]; ok {
+		t.Fatalf("did not expect tool_calls field for embedded example: %#v", msg["tool_calls"])
 	}
-	if msg["content"] != nil {
-		t.Fatalf("expected content nil when tool_calls detected, got %#v", msg["content"])
+	content, _ := msg["content"].(string)
+	if !strings.Contains(content, "下面是示例：") || !strings.Contains(content, "请勿执行。") || !strings.Contains(content, `"tool_calls"`) {
+		t.Fatalf("expected embedded example to remain plain text, got %#v", content)
 	}
 }
 
@@ -315,6 +316,36 @@ func TestHandleStreamToolCallInterceptsWithoutRawContentLeak(t *testing.T) {
 	}
 }
 
+func TestHandleStreamToolCallLargeArgumentsStillIntercepted(t *testing.T) {
+	h := &Handler{}
+	large := strings.Repeat("a", 9000)
+	payload := fmt.Sprintf(`{"tool_calls":[{"name":"search","input":{"q":"%s"}}]}`, large)
+	splitAt := len(payload) / 2
+	resp := makeSSEHTTPResponse(
+		fmt.Sprintf(`data: {"p":"response/content","v":%q}`, payload[:splitAt]),
+		fmt.Sprintf(`data: {"p":"response/content","v":%q}`, payload[splitAt:]),
+		`data: [DONE]`,
+	)
+	rec := httptest.NewRecorder()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+
+	h.handleStream(rec, req, resp, "cid3-large", "deepseek-chat", "prompt", false, false, []string{"search"})
+
+	frames, done := parseSSEDataFrames(t, rec.Body.String())
+	if !done {
+		t.Fatalf("expected [DONE], body=%s", rec.Body.String())
+	}
+	if !streamHasToolCallsDelta(frames) {
+		t.Fatalf("expected tool_calls delta, body=%s", rec.Body.String())
+	}
+	if streamHasRawToolJSONContent(frames) {
+		t.Fatalf("raw tool_calls JSON leaked in content delta: %s", rec.Body.String())
+	}
+	if streamFinishReason(frames) != "tool_calls" {
+		t.Fatalf("expected finish_reason=tool_calls, body=%s", rec.Body.String())
+	}
+}
+
 func TestHandleStreamReasonerToolCallInterceptsWithoutRawContentLeak(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
@@ -500,15 +531,12 @@ func TestHandleStreamToolCallMixedWithPlainTextSegments(t *testing.T) {
 	if !strings.Contains(got, "下面是示例：") || !strings.Contains(got, "请勿执行。") {
 		t.Fatalf("expected pre/post plain text to pass sieve, got=%q", got)
 	}
-	if strings.Contains(strings.ToLower(got), `"tool_calls"`) {
-		t.Fatalf("expected no raw tool_calls json leak in content, got=%q", got)
-	}
 	if streamFinishReason(frames) != "tool_calls" {
 		t.Fatalf("expected finish_reason=tool_calls for mixed prose, body=%s", rec.Body.String())
 	}
 }
 
-func TestHandleStreamToolCallAfterLeadingTextStillIntercepted(t *testing.T) {
+func TestHandleStreamToolCallAfterLeadingTextRemainsText(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		`data: {"p":"response/content","v":"我将调用工具。"}`,
@@ -542,15 +570,13 @@ func TestHandleStreamToolCallAfterLeadingTextStillIntercepted(t *testing.T) {
 	if !strings.Contains(got, "我将调用工具。") {
 		t.Fatalf("expected leading text to keep streaming, got=%q", got)
 	}
-	if strings.Contains(strings.ToLower(got), "tool_calls") {
-		t.Fatalf("unexpected raw tool json leak, got=%q", got)
-	}
+
 	if streamFinishReason(frames) != "tool_calls" {
 		t.Fatalf("expected finish_reason=tool_calls, body=%s", rec.Body.String())
 	}
 }
 
-func TestHandleStreamToolCallWithSameChunkTrailingTextStillIntercepted(t *testing.T) {
+func TestHandleStreamToolCallWithSameChunkTrailingTextRemainsText(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		`data: {"p":"response/content","v":"{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"go\"}}]}接下来我会继续说明。"}`,
@@ -583,15 +609,52 @@ func TestHandleStreamToolCallWithSameChunkTrailingTextStillIntercepted(t *testin
 	if !strings.Contains(got, "接下来我会继续说明。") {
 		t.Fatalf("expected trailing plain text to be preserved, got=%q", got)
 	}
-	if strings.Contains(strings.ToLower(got), "tool_calls") {
-		t.Fatalf("unexpected raw tool json leak, got=%q", got)
-	}
+
 	if streamFinishReason(frames) != "tool_calls" {
 		t.Fatalf("expected finish_reason=tool_calls, body=%s", rec.Body.String())
 	}
 }
 
-func TestHandleStreamToolCallKeyAppearsLateStillNoPrefixLeak(t *testing.T) {
+func TestHandleStreamFencedToolCallSnippetRemainsText(t *testing.T) {
+	h := &Handler{}
+	resp := makeSSEHTTPResponse(
+		fmt.Sprintf(`data: {"p":"response/content","v":%q}`, "下面是调用示例：\n```json\n"),
+		fmt.Sprintf(`data: {"p":"response/content","v":%q}`, "{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"go\"}}]}\n```\n仅示例，不要执行。"),
+		`data: [DONE]`,
+	)
+	rec := httptest.NewRecorder()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+
+	h.handleStream(rec, req, resp, "cid7f", "deepseek-chat", "prompt", false, false, []string{"search"})
+
+	frames, done := parseSSEDataFrames(t, rec.Body.String())
+	if !done {
+		t.Fatalf("expected [DONE], body=%s", rec.Body.String())
+	}
+	if streamHasToolCallsDelta(frames) {
+		t.Fatalf("did not expect tool_calls delta for fenced snippet, body=%s", rec.Body.String())
+	}
+	content := strings.Builder{}
+	for _, frame := range frames {
+		choices, _ := frame["choices"].([]any)
+		for _, item := range choices {
+			choice, _ := item.(map[string]any)
+			delta, _ := choice["delta"].(map[string]any)
+			if c, ok := delta["content"].(string); ok {
+				content.WriteString(c)
+			}
+		}
+	}
+	got := content.String()
+	if !strings.Contains(got, "```json") || !strings.Contains(strings.ToLower(got), "tool_calls") {
+		t.Fatalf("expected fenced tool snippet in content, got=%q", got)
+	}
+	if streamFinishReason(frames) != "stop" {
+		t.Fatalf("expected finish_reason=stop, body=%s", rec.Body.String())
+	}
+}
+
+func TestHandleStreamToolCallKeyAppearsLateRemainsText(t *testing.T) {
 	h := &Handler{}
 	spaces := strings.Repeat(" ", 200)
 	resp := makeSSEHTTPResponse(
@@ -612,9 +675,6 @@ func TestHandleStreamToolCallKeyAppearsLateStillNoPrefixLeak(t *testing.T) {
 	if !streamHasToolCallsDelta(frames) {
 		t.Fatalf("expected tool_calls delta, body=%s", rec.Body.String())
 	}
-	if streamHasRawToolJSONContent(frames) {
-		t.Fatalf("raw tool_calls JSON leaked in content delta: %s", rec.Body.String())
-	}
 	content := strings.Builder{}
 	for _, frame := range frames {
 		choices, _ := frame["choices"].([]any)
@@ -627,9 +687,6 @@ func TestHandleStreamToolCallKeyAppearsLateStillNoPrefixLeak(t *testing.T) {
 		}
 	}
 	got := content.String()
-	if strings.Contains(got, "{") {
-		t.Fatalf("unexpected suspicious prefix leak in content: %q", got)
-	}
 	if !strings.Contains(got, "后置正文C。") {
 		t.Fatalf("expected stream to continue after tool json convergence, got=%q", got)
 	}
@@ -712,7 +769,7 @@ func TestHandleStreamIncompleteCapturedToolJSONFlushesAsTextOnFinalize(t *testin
 	}
 }
 
-func TestHandleStreamToolCallArgumentsEmitIncrementally(t *testing.T) {
+func TestHandleStreamToolCallArgumentsEmitAsSingleCompletedChunk(t *testing.T) {
 	h := &Handler{}
 	resp := makeSSEHTTPResponse(
 		`data: {"p":"response/content","v":"{\"tool_calls\":[{\"name\":\"search\",\"input\":{\"q\":\"go"}`,
@@ -735,8 +792,8 @@ func TestHandleStreamToolCallArgumentsEmitIncrementally(t *testing.T) {
 		t.Fatalf("raw tool_calls JSON leaked in content delta: %s", rec.Body.String())
 	}
 	argChunks := streamToolCallArgumentChunks(frames)
-	if len(argChunks) < 2 {
-		t.Fatalf("expected incremental arguments chunks, got=%v body=%s", argChunks, rec.Body.String())
+	if len(argChunks) == 0 {
+		t.Fatalf("expected tool call arguments chunk, got=%v body=%s", argChunks, rec.Body.String())
 	}
 	joined := strings.Join(argChunks, "")
 	if !strings.Contains(joined, `"q":"golang"`) || !strings.Contains(joined, `"page":1`) {

internal/adapter/openai/message_normalize.go

@@ -3,10 +3,10 @@ package openai
 import (
 	"encoding/json"
 	"fmt"
-	"io"
 	"strings"
 
 	"ds2api/internal/config"
+	"ds2api/internal/prompt"
 )
 
 func normalizeOpenAIMessagesForPrompt(raw []any, traceID string) []map[string]any {
@@ -34,9 +34,9 @@ func normalizeOpenAIMessagesForPrompt(raw []any, traceID string) []map[string]an
 				"role":    "user",
 				"content": formatToolResultForPrompt(msg),
 			})
-		case "user", "system":
+		case "user", "system", "developer":
 			out = append(out, map[string]any{
-				"role":    role,
+				"role":    normalizeOpenAIRoleForPrompt(role),
 				"content": normalizeOpenAIContentForPrompt(msg["content"]),
 			})
 		default:
@@ -48,7 +48,7 @@ func normalizeOpenAIMessagesForPrompt(raw []any, traceID string) []map[string]an
 				role = "user"
 			}
 			out = append(out, map[string]any{
-				"role":    role,
+				"role":    normalizeOpenAIRoleForPrompt(role),
 				"content": content,
 			})
 		}
@@ -78,7 +78,7 @@ func formatAssistantToolCallsForPrompt(msg map[string]any, traceID string) strin
 				args = normalizeOpenAIArgumentsForPrompt(fn["arguments"])
 			}
 			if name == "" {
-				name = "unknown"
+				continue
 			}
 			if args == "" {
 				args = normalizeOpenAIArgumentsForPrompt(call["arguments"])
@@ -133,32 +133,7 @@ func formatToolResultForPrompt(msg map[string]any) string {
 }
 
 func normalizeOpenAIContentForPrompt(v any) string {
-	switch x := v.(type) {
-	case string:
-		return x
-	case []any:
-		parts := make([]string, 0, len(x))
-		for _, item := range x {
-			m, ok := item.(map[string]any)
-			if !ok {
-				continue
-			}
-			t := strings.ToLower(strings.TrimSpace(asString(m["type"])))
-			if t != "text" && t != "output_text" && t != "input_text" {
-				continue
-			}
-			if text := asString(m["text"]); text != "" {
-				parts = append(parts, text)
-				continue
-			}
-			if text := asString(m["content"]); text != "" {
-				parts = append(parts, text)
-			}
-		}
-		return strings.Join(parts, "\n")
-	default:
-		return marshalToPromptString(v)
-	}
+	return prompt.NormalizeContent(v)
 }
 
 func normalizeOpenAIArgumentsForPrompt(v any) string {
@@ -175,30 +150,11 @@ func normalizeToolArgumentString(raw string) string {
 	if trimmed == "" {
 		return ""
 	}
-	if !looksLikeConcatenatedJSON(trimmed) {
-		return trimmed
+	if looksLikeConcatenatedJSON(trimmed) {
+		// Keep original payload to avoid silent argument rewrites.
+		return raw
 	}
-	dec := json.NewDecoder(strings.NewReader(trimmed))
-	values := make([]any, 0, 2)
-	for {
-		var v any
-		if err := dec.Decode(&v); err != nil {
-			if err == io.EOF {
-				break
-			}
-			return trimmed
-		}
-		values = append(values, v)
-	}
-	if len(values) < 2 {
-		return trimmed
-	}
-	last := values[len(values)-1]
-	b, err := json.Marshal(last)
-	if err != nil || len(b) == 0 {
-		return trimmed
-	}
-	return string(b)
+	return trimmed
 }
 
 func marshalToPromptString(v any) string {
@@ -209,6 +165,14 @@ func marshalToPromptString(v any) string {
 	return string(b)
 }
 
+func normalizeOpenAIRoleForPrompt(role string) string {
+	role = strings.ToLower(strings.TrimSpace(role))
+	if role == "developer" {
+		return "system"
+	}
+	return role
+}
+
 func asString(v any) string {
 	if s, ok := v.(string); ok {
 		return s

internal/adapter/openai/message_normalize_test.go

@@ -168,7 +168,7 @@ func TestNormalizeOpenAIMessagesForPrompt_AssistantMultipleToolCallsRemainSepara
 	}
 }
 
-func TestNormalizeOpenAIMessagesForPrompt_RepairsConcatenatedToolArguments(t *testing.T) {
+func TestNormalizeOpenAIMessagesForPrompt_PreservesConcatenatedToolArguments(t *testing.T) {
 	raw := []any{
 		map[string]any{
 			"role": "assistant",
@@ -189,10 +189,94 @@ func TestNormalizeOpenAIMessagesForPrompt_RepairsConcatenatedToolArguments(t *te
 		t.Fatalf("expected one normalized message, got %d", len(normalized))
 	}
 	content, _ := normalized[0]["content"].(string)
-	if !strings.Contains(content, `function.arguments: {"query":"测试工具调用"}`) {
-		t.Fatalf("expected repaired arguments in tool history, got %q", content)
-	}
-	if strings.Contains(content, `{}{"query":"测试工具调用"}`) {
-		t.Fatalf("expected concatenated JSON to be repaired, got %q", content)
+	if !strings.Contains(content, `function.arguments: {}{"query":"测试工具调用"}`) {
+		t.Fatalf("expected original concatenated arguments in tool history, got %q", content)
+	}
+}
+
+
+func TestNormalizeOpenAIMessagesForPrompt_AssistantToolCallsMissingNameAreDropped(t *testing.T) {
+	raw := []any{
+		map[string]any{
+			"role": "assistant",
+			"tool_calls": []any{
+				map[string]any{
+					"id":   "call_missing_name",
+					"type": "function",
+					"function": map[string]any{
+						"arguments": `{"path":"README.MD"}`,
+					},
+				},
+			},
+		},
+	}
+
+	normalized := normalizeOpenAIMessagesForPrompt(raw, "")
+	if len(normalized) != 0 {
+		t.Fatalf("expected nameless assistant tool_calls to be dropped, got %#v", normalized)
+	}
+}
+
+func TestNormalizeOpenAIMessagesForPrompt_AssistantNilContentDoesNotInjectNullLiteral(t *testing.T) {
+	raw := []any{
+		map[string]any{
+			"role":    "assistant",
+			"content": nil,
+			"tool_calls": []any{
+				map[string]any{
+					"id": "call_screenshot",
+					"function": map[string]any{
+						"name":      "send_file_to_user",
+						"arguments": `{"file_path":"/tmp/a.png"}`,
+					},
+				},
+			},
+		},
+	}
+
+	normalized := normalizeOpenAIMessagesForPrompt(raw, "")
+	if len(normalized) != 1 {
+		t.Fatalf("expected one normalized message, got %d", len(normalized))
+	}
+	content, _ := normalized[0]["content"].(string)
+	if strings.Contains(content, "<｜Assistant｜>null") || strings.HasPrefix(strings.TrimSpace(content), "null") {
+		t.Fatalf("unexpected null literal injected into assistant tool history: %q", content)
+	}
+	if !strings.Contains(content, "function.name: send_file_to_user") {
+		t.Fatalf("expected tool history block preserved, got %q", content)
+	}
+}
+
+func TestNormalizeOpenAIMessagesForPrompt_DeveloperRoleMapsToSystem(t *testing.T) {
+	raw := []any{
+		map[string]any{"role": "developer", "content": "必须先走工具调用"},
+		map[string]any{"role": "user", "content": "你好"},
+	}
+	normalized := normalizeOpenAIMessagesForPrompt(raw, "")
+	if len(normalized) != 2 {
+		t.Fatalf("expected 2 normalized messages, got %d", len(normalized))
+	}
+	if normalized[0]["role"] != "system" {
+		t.Fatalf("expected developer role converted to system, got %#v", normalized[0]["role"])
+	}
+}
+
+func TestNormalizeOpenAIMessagesForPrompt_AssistantArrayContentFallbackWhenTextEmpty(t *testing.T) {
+	raw := []any{
+		map[string]any{
+			"role": "assistant",
+			"content": []any{
+				map[string]any{"type": "text", "text": "", "content": "工具说明文本"},
+			},
+		},
+	}
+
+	normalized := normalizeOpenAIMessagesForPrompt(raw, "")
+	if len(normalized) != 1 {
+		t.Fatalf("expected one normalized message, got %d", len(normalized))
+	}
+	content, _ := normalized[0]["content"].(string)
+	if content != "工具说明文本" {
+		t.Fatalf("expected content fallback text preserved, got %q", content)
 	}
 }

internal/adapter/openai/responses_embeddings_test.go

@@ -135,7 +135,7 @@ func TestNormalizeResponsesInputAsMessagesFunctionCallItem(t *testing.T) {
 	}
 }
 
-func TestNormalizeResponsesInputAsMessagesFunctionCallItemRepairsConcatenatedArguments(t *testing.T) {
+func TestNormalizeResponsesInputAsMessagesFunctionCallItemPreservesConcatenatedArguments(t *testing.T) {
 	msgs := normalizeResponsesInputAsMessages([]any{
 		map[string]any{
 			"type":      "function_call",
@@ -151,8 +151,8 @@ func TestNormalizeResponsesInputAsMessagesFunctionCallItemRepairsConcatenatedArg
 	toolCalls, _ := m["tool_calls"].([]any)
 	call, _ := toolCalls[0].(map[string]any)
 	fn, _ := call["function"].(map[string]any)
-	if fn["arguments"] != `{"q":"golang"}` {
-		t.Fatalf("expected concatenated call arguments repaired, got %#v", fn["arguments"])
+	if fn["arguments"] != `{}{"q":"golang"}` {
+		t.Fatalf("expected original concatenated call arguments preserved, got %#v", fn["arguments"])
 	}
 }
 

internal/adapter/openai/responses_handler.go

@@ -113,15 +113,10 @@ func (h *Handler) handleResponsesNonStream(w http.ResponseWriter, resp *http.Res
 		return
 	}
 	result := sse.CollectStream(resp, thinkingEnabled, true)
-	textParsed := util.ParseToolCallsDetailed(result.Text, toolNames)
-	thinkingParsed := util.ParseToolCallsDetailed(result.Thinking, toolNames)
+	textParsed := util.ParseStandaloneToolCallsDetailed(result.Text, toolNames)
 	logResponsesToolPolicyRejection(traceID, toolChoice, textParsed, "text")
-	logResponsesToolPolicyRejection(traceID, toolChoice, thinkingParsed, "thinking")
 
 	callCount := len(textParsed.Calls)
-	if callCount == 0 {
-		callCount = len(thinkingParsed.Calls)
-	}
 	if toolChoice.IsRequired() && callCount == 0 {
 		writeOpenAIErrorWithCode(w, http.StatusUnprocessableEntity, "tool_choice requires at least one valid tool call.", "tool_choice_violation")
 		return

internal/adapter/openai/responses_input_items.go

@@ -29,7 +29,7 @@ func normalizeResponsesInputItemWithState(m map[string]any, callNameByID map[str
 			return nil
 		}
 		return map[string]any{
-			"role":    role,
+			"role":    normalizeOpenAIRoleForPrompt(role),
 			"content": content,
 		}
 	}
@@ -51,7 +51,7 @@ func normalizeResponsesInputItemWithState(m map[string]any, callNameByID map[str
 			role = "user"
 		}
 		return map[string]any{
-			"role":    role,
+			"role":    normalizeOpenAIRoleForPrompt(role),
 			"content": content,
 		}
 	case "function_call_output", "tool_result":

internal/adapter/openai/responses_stream_runtime_core.go

@@ -102,16 +102,11 @@ func (s *responsesStreamRuntime) finalize() {
 
 	if s.bufferToolContent {
 		s.processToolStreamEvents(flushToolSieve(&s.sieve, s.toolNames), true)
-		s.processToolStreamEvents(flushToolSieve(&s.thinkingSieve, s.toolNames), false)
 	}
 
-	textParsed := util.ParseToolCallsDetailed(finalText, s.toolNames)
-	thinkingParsed := util.ParseToolCallsDetailed(finalThinking, s.toolNames)
+	textParsed := util.ParseStandaloneToolCallsDetailed(finalText, s.toolNames)
 	detected := textParsed.Calls
-	if len(detected) == 0 {
-		detected = thinkingParsed.Calls
-	}
-	s.logToolPolicyRejections(textParsed, thinkingParsed)
+	s.logToolPolicyRejections(textParsed)
 
 	if len(detected) > 0 {
 		s.toolCallsEmitted = true
@@ -157,7 +152,7 @@ func (s *responsesStreamRuntime) finalize() {
 	s.sendDone()
 }
 
-func (s *responsesStreamRuntime) logToolPolicyRejections(textParsed, thinkingParsed util.ToolCallParseResult) {
+func (s *responsesStreamRuntime) logToolPolicyRejections(textParsed util.ToolCallParseResult) {
 	logRejected := func(parsed util.ToolCallParseResult, channel string) {
 		rejected := filteredRejectedToolNamesForLog(parsed.RejectedToolNames)
 		if !parsed.RejectedByPolicy || len(rejected) == 0 {
@@ -172,7 +167,6 @@ func (s *responsesStreamRuntime) logToolPolicyRejections(textParsed, thinkingPar
 		)
 	}
 	logRejected(textParsed, "text")
-	logRejected(thinkingParsed, "thinking")
 }
 
 func (s *responsesStreamRuntime) hasFunctionCallDone() bool {
@@ -207,9 +201,6 @@ func (s *responsesStreamRuntime) onParsed(parsed sse.LineResult) streamengine.Pa
 			}
 			s.thinking.WriteString(p.Text)
 			s.sendEvent("response.reasoning.delta", openaifmt.BuildResponsesReasoningDeltaPayload(s.responseID, p.Text))
-			if s.bufferToolContent {
-				s.processToolStreamEvents(processToolSieveChunk(&s.thinkingSieve, p.Text, s.toolNames), false)
-			}
 			continue
 		}
 

internal/adapter/openai/responses_stream_runtime_toolcalls.go

@@ -94,6 +94,16 @@ func (s *responsesStreamRuntime) closeMessageItem() {
 	outputIndex := s.ensureMessageOutputIndex()
 	text := s.visibleText.String()
 	if s.messagePartAdded {
+		s.sendEvent(
+			"response.output_text.done",
+			openaifmt.BuildResponsesTextDonePayload(
+				s.responseID,
+				itemID,
+				outputIndex,
+				0,
+				text,
+			),
+		)
 		s.sendEvent(
 			"response.content_part.done",
 			openaifmt.BuildResponsesContentPartDonePayload(

internal/adapter/openai/responses_stream_test.go

@@ -99,9 +99,6 @@ func TestHandleResponsesStreamUsesOfficialOutputItemEvents(t *testing.T) {
 	if !strings.Contains(body, "event: response.output_item.done") {
 		t.Fatalf("expected response.output_item.done event, body=%s", body)
 	}
-	if !strings.Contains(body, "event: response.function_call_arguments.delta") {
-		t.Fatalf("expected response.function_call_arguments.delta event, body=%s", body)
-	}
 	if !strings.Contains(body, "event: response.function_call_arguments.done") {
 		t.Fatalf("expected response.function_call_arguments.done event, body=%s", body)
 	}
@@ -229,6 +226,40 @@ func TestHandleResponsesStreamMultiToolCallKeepsNameAndCallIDAligned(t *testing.
 	}
 }
 
+func TestHandleResponsesStreamEmitsOutputTextDoneBeforeContentPartDone(t *testing.T) {
+	h := &Handler{}
+	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
+	rec := httptest.NewRecorder()
+
+	sseLine := func(v string) string {
+		b, _ := json.Marshal(map[string]any{
+			"p": "response/content",
+			"v": v,
+		})
+		return "data: " + string(b) + "\n"
+	}
+
+	streamBody := sseLine("hello") + "data: [DONE]\n"
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body:       io.NopCloser(strings.NewReader(streamBody)),
+	}
+
+	h.handleResponsesStream(rec, req, resp, "owner-a", "resp_test", "deepseek-chat", "prompt", false, false, nil, util.DefaultToolChoicePolicy(), "")
+	body := rec.Body.String()
+	if !strings.Contains(body, "event: response.output_text.done") {
+		t.Fatalf("expected response.output_text.done payload, body=%s", body)
+	}
+	textDoneIdx := strings.Index(body, "event: response.output_text.done")
+	partDoneIdx := strings.Index(body, "event: response.content_part.done")
+	if textDoneIdx < 0 || partDoneIdx < 0 {
+		t.Fatalf("expected output_text.done + content_part.done, body=%s", body)
+	}
+	if textDoneIdx > partDoneIdx {
+		t.Fatalf("expected output_text.done before content_part.done, body=%s", body)
+	}
+}
+
 func TestHandleResponsesStreamOutputTextDeltaCarriesItemIndexes(t *testing.T) {
 	h := &Handler{}
 	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
@@ -266,7 +297,7 @@ func TestHandleResponsesStreamOutputTextDeltaCarriesItemIndexes(t *testing.T) {
 	}
 }
 
-func TestHandleResponsesStreamThinkingTextAndToolUseDistinctOutputIndexes(t *testing.T) {
+func TestHandleResponsesStreamThinkingAndMixedToolExampleRemainMessageOnly(t *testing.T) {
 	h := &Handler{}
 	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
 	rec := httptest.NewRecorder()
@@ -291,23 +322,8 @@ func TestHandleResponsesStreamThinkingTextAndToolUseDistinctOutputIndexes(t *tes
 	h.handleResponsesStream(rec, req, resp, "owner-a", "resp_test", "deepseek-reasoner", "prompt", true, false, []string{"read_file"}, util.DefaultToolChoicePolicy(), "")
 
 	addedPayloads := extractAllSSEEventPayloads(rec.Body.String(), "response.output_item.added")
-	if len(addedPayloads) < 2 {
-		t.Fatalf("expected message + function_call output_item.added events, got %d body=%s", len(addedPayloads), rec.Body.String())
-	}
-
-	indexes := map[int]struct{}{}
-	typeByIndex := map[int]string{}
-	addedIDs := map[string]string{}
-	for _, payload := range addedPayloads {
-		item, _ := payload["item"].(map[string]any)
-		itemType := strings.TrimSpace(asString(item["type"]))
-		outputIndex := int(asFloat(payload["output_index"]))
-		if _, exists := indexes[outputIndex]; exists {
-			t.Fatalf("found duplicated output_index=%d for item types=%q and %q payload=%#v", outputIndex, typeByIndex[outputIndex], itemType, payload)
-		}
-		indexes[outputIndex] = struct{}{}
-		typeByIndex[outputIndex] = itemType
-		addedIDs[itemType] = strings.TrimSpace(asString(payload["item_id"]))
+	if len(addedPayloads) < 1 {
+		t.Fatalf("expected at least one output_item.added event, got %d body=%s", len(addedPayloads), rec.Body.String())
 	}
 
 	completedPayload, ok := extractSSEEventPayload(rec.Body.String(), "response.completed")
@@ -316,20 +332,21 @@ func TestHandleResponsesStreamThinkingTextAndToolUseDistinctOutputIndexes(t *tes
 	}
 	responseObj, _ := completedPayload["response"].(map[string]any)
 	output, _ := responseObj["output"].([]any)
-	found := map[string]bool{}
+	hasMessage := false
 	for _, item := range output {
 		m, _ := item.(map[string]any)
-		itemType := strings.TrimSpace(asString(m["type"]))
-		itemID := strings.TrimSpace(asString(m["id"]))
-		if itemType == "" || itemID == "" {
+		if m == nil {
 			continue
 		}
-		if wantID := strings.TrimSpace(addedIDs[itemType]); wantID != "" && wantID == itemID {
-			found[itemType] = true
+		if asString(m["type"]) == "message" {
+			hasMessage = true
+		}
+		if asString(m["type"]) == "function_call" {
+			t.Fatalf("did not expect function_call output for mixed prose tool example, output=%#v", output)
 		}
 	}
-	if !found["message"] || !found["function_call"] {
-		t.Fatalf("expected completed output to contain streamed message/function_call item ids, found=%#v output=%#v", found, output)
+	if !hasMessage {
+		t.Fatalf("expected message output for mixed prose tool example, output=%#v", output)
 	}
 }
 
@@ -360,7 +377,7 @@ func TestHandleResponsesStreamToolChoiceNoneRejectsFunctionCall(t *testing.T) {
 	}
 }
 
-func TestHandleResponsesStreamMalformedToolJSONClosesInProgressFunctionItem(t *testing.T) {
+func TestHandleResponsesStreamMalformedToolJSONFallsBackToText(t *testing.T) {
 	h := &Handler{}
 	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
 	rec := httptest.NewRecorder()
@@ -373,7 +390,7 @@ func TestHandleResponsesStreamMalformedToolJSONClosesInProgressFunctionItem(t *t
 		return "data: " + string(b) + "\n"
 	}
 
-	// invalid JSON (NaN) can still trigger incremental tool deltas before final parse rejects it
+	// invalid JSON (NaN) should remain plain text in strict mode.
 	streamBody := sseLine(`{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"},"x":NaN}]}`) + "data: [DONE]\n"
 	resp := &http.Response{
 		StatusCode: http.StatusOK,
@@ -382,14 +399,11 @@ func TestHandleResponsesStreamMalformedToolJSONClosesInProgressFunctionItem(t *t
 
 	h.handleResponsesStream(rec, req, resp, "owner-a", "resp_test", "deepseek-chat", "prompt", false, false, []string{"read_file"}, util.DefaultToolChoicePolicy(), "")
 	body := rec.Body.String()
-	if !strings.Contains(body, "event: response.function_call_arguments.delta") {
-		t.Fatalf("expected response.function_call_arguments.delta event for malformed payload, body=%s", body)
+	if strings.Contains(body, "event: response.function_call_arguments.delta") || strings.Contains(body, "event: response.function_call_arguments.done") {
+		t.Fatalf("did not expect function_call events for malformed payload in strict mode, body=%s", body)
 	}
-	if !strings.Contains(body, "event: response.function_call_arguments.done") {
-		t.Fatalf("expected runtime to close in-progress function_call with done event, body=%s", body)
-	}
-	if !strings.Contains(body, "event: response.output_item.done") {
-		t.Fatalf("expected runtime to close function output item, body=%s", body)
+	if !strings.Contains(body, "event: response.output_text.delta") {
+		t.Fatalf("expected response.output_text.delta for malformed payload, body=%s", body)
 	}
 	if !strings.Contains(body, "event: response.completed") {
 		t.Fatalf("expected response.completed event, body=%s", body)
@@ -430,6 +444,42 @@ func TestHandleResponsesStreamRequiredToolChoiceFailure(t *testing.T) {
 	}
 }
 
+func TestHandleResponsesStreamRequiredToolChoiceIgnoresThinkingToolPayload(t *testing.T) {
+	h := &Handler{}
+	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
+	rec := httptest.NewRecorder()
+
+	sseLine := func(path, value string) string {
+		b, _ := json.Marshal(map[string]any{
+			"p": path,
+			"v": value,
+		})
+		return "data: " + string(b) + "\n"
+	}
+
+	streamBody := sseLine("response/thinking_content", `{"tool_calls":[{"name":"read_file","input":{"path":"README.MD"}}]}`) +
+		sseLine("response/content", "plain text only") +
+		"data: [DONE]\n"
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body:       io.NopCloser(strings.NewReader(streamBody)),
+	}
+
+	policy := util.ToolChoicePolicy{
+		Mode:    util.ToolChoiceRequired,
+		Allowed: map[string]struct{}{"read_file": {}},
+	}
+
+	h.handleResponsesStream(rec, req, resp, "owner-a", "resp_test", "deepseek-chat", "prompt", true, false, []string{"read_file"}, policy, "")
+	body := rec.Body.String()
+	if !strings.Contains(body, "event: response.failed") {
+		t.Fatalf("expected response.failed event for required tool_choice violation, body=%s", body)
+	}
+	if strings.Contains(body, "event: response.completed") {
+		t.Fatalf("did not expect response.completed after failure, body=%s", body)
+	}
+}
+
 func TestHandleResponsesStreamRequiredMalformedToolPayloadFails(t *testing.T) {
 	h := &Handler{}
 	req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
@@ -516,6 +566,33 @@ func TestHandleResponsesNonStreamRequiredToolChoiceViolation(t *testing.T) {
 	}
 }
 
+func TestHandleResponsesNonStreamRequiredToolChoiceIgnoresThinkingToolPayload(t *testing.T) {
+	h := &Handler{}
+	rec := httptest.NewRecorder()
+	resp := &http.Response{
+		StatusCode: http.StatusOK,
+		Body: io.NopCloser(strings.NewReader(
+			`data: {"p":"response/thinking_content","v":"{\"tool_calls\":[{\"name\":\"read_file\",\"input\":{\"path\":\"README.MD\"}}]}"}` + "\n" +
+				`data: {"p":"response/content","v":"plain text only"}` + "\n" +
+				`data: [DONE]` + "\n",
+		)),
+	}
+	policy := util.ToolChoicePolicy{
+		Mode:    util.ToolChoiceRequired,
+		Allowed: map[string]struct{}{"read_file": {}},
+	}
+
+	h.handleResponsesNonStream(rec, resp, "owner-a", "resp_test", "deepseek-chat", "prompt", true, []string{"read_file"}, policy, "")
+	if rec.Code != http.StatusUnprocessableEntity {
+		t.Fatalf("expected 422 for required tool_choice violation, got %d body=%s", rec.Code, rec.Body.String())
+	}
+	out := decodeJSONBody(t, rec.Body.String())
+	errObj, _ := out["error"].(map[string]any)
+	if asString(errObj["code"]) != "tool_choice_violation" {
+		t.Fatalf("expected code=tool_choice_violation, got %#v", out)
+	}
+}
+
 func TestHandleResponsesNonStreamToolChoiceNoneRejectsFunctionCall(t *testing.T) {
 	h := &Handler{}
 	rec := httptest.NewRecorder()

internal/adapter/openai/stream_status_test.go

@@ -167,19 +167,15 @@ func TestResponsesNonStreamMixedProseToolPayloadHandlerPath(t *testing.T) {
 		t.Fatalf("decode response failed: %v body=%s", err, rec.Body.String())
 	}
 	outputText, _ := out["output_text"].(string)
-	if outputText != "" {
-		t.Fatalf("expected output_text hidden for tool call payload, got %q", outputText)
+	if outputText == "" {
+		t.Fatalf("expected output_text preserved for mixed prose payload")
 	}
 	output, _ := out["output"].([]any)
-	hasFunctionCall := false
-	for _, item := range output {
-		m, _ := item.(map[string]any)
-		if m != nil && m["type"] == "function_call" {
-			hasFunctionCall = true
-			break
-		}
+	if len(output) != 1 {
+		t.Fatalf("expected one output item, got %#v", output)
 	}
-	if !hasFunctionCall {
-		t.Fatalf("expected function_call output item, got %#v", output)
+	first, _ := output[0].(map[string]any)
+	if first["type"] != "message" {
+		t.Fatalf("expected message output item, got %#v", output)
 	}
 }

internal/adapter/openai/tool_sieve_core.go

@@ -14,6 +14,11 @@ func processToolSieveChunk(state *toolStreamSieveState, chunk string, toolNames
 		state.pending.WriteString(chunk)
 	}
 	events := make([]toolStreamEvent, 0, 2)
+	if len(state.pendingToolCalls) > 0 {
+		events = append(events, toolStreamEvent{ToolCalls: state.pendingToolCalls})
+		state.pendingToolRaw = ""
+		state.pendingToolCalls = nil
+	}
 
 	for {
 		if state.capturing {
@@ -21,32 +26,30 @@ func processToolSieveChunk(state *toolStreamSieveState, chunk string, toolNames
 				state.capture.WriteString(state.pending.String())
 				state.pending.Reset()
 			}
-			if deltas := buildIncrementalToolDeltas(state); len(deltas) > 0 {
-				events = append(events, toolStreamEvent{ToolCallDeltas: deltas})
-			}
 			prefix, calls, suffix, ready := consumeToolCapture(state, toolNames)
 			if !ready {
-				if state.capture.Len() > toolSieveCaptureLimit {
-					content := state.capture.String()
-					state.capture.Reset()
-					state.capturing = false
-					state.resetIncrementalToolState()
-					state.noteText(content)
-					events = append(events, toolStreamEvent{Content: content})
-					continue
-				}
 				break
 			}
+			captured := state.capture.String()
 			state.capture.Reset()
 			state.capturing = false
 			state.resetIncrementalToolState()
+			if len(calls) > 0 {
+				if prefix != "" {
+					state.noteText(prefix)
+					events = append(events, toolStreamEvent{Content: prefix})
+				}
+				if suffix != "" {
+					state.pending.WriteString(suffix)
+				}
+				_ = captured
+				state.pendingToolCalls = calls
+				continue
+			}
 			if prefix != "" {
 				state.noteText(prefix)
 				events = append(events, toolStreamEvent{Content: prefix})
 			}
-			if len(calls) > 0 {
-				events = append(events, toolStreamEvent{ToolCalls: calls})
-			}
 			if suffix != "" {
 				state.pending.WriteString(suffix)
 			}
@@ -89,6 +92,11 @@ func flushToolSieve(state *toolStreamSieveState, toolNames []string) []toolStrea
 		return nil
 	}
 	events := processToolSieveChunk(state, "", toolNames)
+	if len(state.pendingToolCalls) > 0 {
+		events = append(events, toolStreamEvent{ToolCalls: state.pendingToolCalls})
+		state.pendingToolRaw = ""
+		state.pendingToolCalls = nil
+	}
 	if state.capturing {
 		consumedPrefix, consumedCalls, consumedSuffix, ready := consumeToolCapture(state, toolNames)
 		if ready {

internal/adapter/openai/tool_sieve_state.go

@@ -7,17 +7,19 @@ import (
 )
 
 type toolStreamSieveState struct {
-	pending        strings.Builder
-	capture        strings.Builder
-	capturing      bool
-	recentTextTail string
-	disableDeltas  bool
-	toolNameSent   bool
-	toolName       string
-	toolArgsStart  int
-	toolArgsSent   int
-	toolArgsString bool
-	toolArgsDone   bool
+	pending          strings.Builder
+	capture          strings.Builder
+	capturing        bool
+	recentTextTail   string
+	pendingToolRaw   string
+	pendingToolCalls []util.ParsedToolCall
+	disableDeltas    bool
+	toolNameSent     bool
+	toolName         string
+	toolArgsStart    int
+	toolArgsSent     int
+	toolArgsString   bool
+	toolArgsDone     bool
 }
 
 type toolStreamEvent struct {
@@ -32,7 +34,6 @@ type toolCallDelta struct {
 	Arguments string
 }
 
-const toolSieveCaptureLimit = 8 * 1024
 const toolSieveContextTailLimit = 256
 
 func (s *toolStreamSieveState) resetIncrementalToolState() {

internal/admin/deps.go

@@ -16,6 +16,7 @@ type ConfigStore interface {
 	Accounts() []config.Account
 	FindAccount(identifier string) (config.Account, bool)
 	UpdateAccountToken(identifier, token string) error
+	UpdateAccountTestStatus(identifier, status string) error
 	Update(mutator func(*config.Config) error) error
 	ExportJSONAndBase64() (string, string, error)
 	IsEnvBacked() bool

internal/admin/handler_accounts_crud.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"net/url"
 	"strings"
 
 	"github.com/go-chi/chi/v5"
@@ -24,8 +25,21 @@ func (h *Handler) listAccounts(w http.ResponseWriter, r *http.Request) {
 		pageSize = 100
 	}
 	accounts := h.Store.Snapshot().Accounts
-	total := len(accounts)
 	reverseAccounts(accounts)
+	q := strings.TrimSpace(strings.ToLower(r.URL.Query().Get("q")))
+	if q != "" {
+		filtered := make([]config.Account, 0, len(accounts))
+		for _, acc := range accounts {
+			id := strings.ToLower(acc.Identifier())
+			if strings.Contains(id, q) ||
+				strings.Contains(strings.ToLower(acc.Email), q) ||
+				strings.Contains(strings.ToLower(acc.Mobile), q) {
+				filtered = append(filtered, acc)
+			}
+		}
+		accounts = filtered
+	}
+	total := len(accounts)
 	totalPages := 1
 	if total > 0 {
 		totalPages = (total + pageSize - 1) / pageSize
@@ -56,6 +70,7 @@ func (h *Handler) listAccounts(w http.ResponseWriter, r *http.Request) {
 			"has_password":  acc.Password != "",
 			"has_token":     token != "",
 			"token_preview": preview,
+			"test_status":   acc.TestStatus,
 		})
 	}
 	writeJSON(w, http.StatusOK, map[string]any{"items": items, "total": total, "page": page, "page_size": pageSize, "total_pages": totalPages})
@@ -70,11 +85,12 @@ func (h *Handler) addAccount(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	err := h.Store.Update(func(c *config.Config) error {
+		mobileKey := config.CanonicalMobileKey(acc.Mobile)
 		for _, a := range c.Accounts {
 			if acc.Email != "" && a.Email == acc.Email {
 				return fmt.Errorf("邮箱已存在")
 			}
-			if acc.Mobile != "" && a.Mobile == acc.Mobile {
+			if mobileKey != "" && config.CanonicalMobileKey(a.Mobile) == mobileKey {
 				return fmt.Errorf("手机号已存在")
 			}
 		}
@@ -91,6 +107,9 @@ func (h *Handler) addAccount(w http.ResponseWriter, r *http.Request) {
 
 func (h *Handler) deleteAccount(w http.ResponseWriter, r *http.Request) {
 	identifier := chi.URLParam(r, "identifier")
+	if decoded, err := url.PathUnescape(identifier); err == nil {
+		identifier = decoded
+	}
 	err := h.Store.Update(func(c *config.Config) error {
 		idx := -1
 		for i, a := range c.Accounts {

internal/admin/handler_accounts_identifier_test.go

@@ -1,6 +1,7 @@
 package admin
 
 import (
+	"bytes"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
@@ -102,6 +103,45 @@ func TestDeleteAccountSupportsMobileAlias(t *testing.T) {
 	}
 }
 
+func TestDeleteAccountSupportsEncodedPlusMobile(t *testing.T) {
+	h := newAdminTestHandler(t, `{
+		"accounts":[{"mobile":"+8613800138000","password":"pwd"}]
+	}`)
+
+	r := chi.NewRouter()
+	r.Delete("/admin/accounts/{identifier}", h.deleteAccount)
+	req := httptest.NewRequest(http.MethodDelete, "/admin/accounts/"+url.PathEscape("+8613800138000"), nil)
+	rec := httptest.NewRecorder()
+	r.ServeHTTP(rec, req)
+
+	if rec.Code != http.StatusOK {
+		t.Fatalf("unexpected status: %d body=%s", rec.Code, rec.Body.String())
+	}
+	if got := len(h.Store.Accounts()); got != 0 {
+		t.Fatalf("expected account removed, remaining=%d", got)
+	}
+}
+
+func TestAddAccountRejectsCanonicalMobileDuplicate(t *testing.T) {
+	h := newAdminTestHandler(t, `{
+		"accounts":[{"mobile":"+8613800138000","password":"pwd"}]
+	}`)
+
+	r := chi.NewRouter()
+	r.Post("/admin/accounts", h.addAccount)
+	body := []byte(`{"mobile":"13800138000","password":"pwd2"}`)
+	req := httptest.NewRequest(http.MethodPost, "/admin/accounts", bytes.NewReader(body))
+	rec := httptest.NewRecorder()
+	r.ServeHTTP(rec, req)
+
+	if rec.Code != http.StatusBadRequest {
+		t.Fatalf("unexpected status: %d body=%s", rec.Code, rec.Body.String())
+	}
+	if got := len(h.Store.Accounts()); got != 1 {
+		t.Fatalf("expected no duplicate insert, got=%d", got)
+	}
+}
+
 func TestFindAccountByIdentifierSupportsMobileAndTokenOnly(t *testing.T) {
 	h := newAdminTestHandler(t, `{
 		"accounts":[
@@ -117,6 +157,13 @@ func TestFindAccountByIdentifierSupportsMobileAndTokenOnly(t *testing.T) {
 	if accByMobile.Email != "u@example.com" {
 		t.Fatalf("unexpected account by mobile: %#v", accByMobile)
 	}
+	accByMobileWithCountryCode, ok := findAccountByIdentifier(h.Store, "+8613800138000")
+	if !ok {
+		t.Fatal("expected find by +86 mobile")
+	}
+	if accByMobileWithCountryCode.Email != "u@example.com" {
+		t.Fatalf("unexpected account by +86 mobile: %#v", accByMobileWithCountryCode)
+	}
 
 	tokenOnlyID := ""
 	for _, acc := range h.Store.Accounts() {

internal/admin/handler_accounts_testing.go

@@ -88,7 +88,15 @@ func runAccountTestsConcurrently(accounts []config.Account, maxConcurrency int,
 
 func (h *Handler) testAccount(ctx context.Context, acc config.Account, model, message string) map[string]any {
 	start := time.Now()
-	result := map[string]any{"account": acc.Identifier(), "success": false, "response_time": 0, "message": "", "model": model}
+	identifier := acc.Identifier()
+	result := map[string]any{"account": identifier, "success": false, "response_time": 0, "message": "", "model": model}
+	defer func() {
+		status := "failed"
+		if ok, _ := result["success"].(bool); ok {
+			status = "ok"
+		}
+		_ = h.Store.UpdateAccountTestStatus(identifier, status)
+	}()
 	token := strings.TrimSpace(acc.Token)
 	if token == "" {
 		newToken, err := h.DS.Login(ctx, acc)

internal/admin/handler_accounts_testing_test.go

@@ -0,0 +1,76 @@
+package admin
+
+import (
+	"context"
+	"errors"
+	"net/http"
+	"strings"
+	"testing"
+
+	"ds2api/internal/auth"
+	"ds2api/internal/config"
+)
+
+type testingDSMock struct {
+	loginCalls          int
+	createSessionCalls  int
+	getPowCalls         int
+	callCompletionCalls int
+}
+
+func (m *testingDSMock) Login(_ context.Context, _ config.Account) (string, error) {
+	m.loginCalls++
+	return "new-token", nil
+}
+
+func (m *testingDSMock) CreateSession(_ context.Context, _ *auth.RequestAuth, _ int) (string, error) {
+	m.createSessionCalls++
+	return "session-id", nil
+}
+
+func (m *testingDSMock) GetPow(_ context.Context, _ *auth.RequestAuth, _ int) (string, error) {
+	m.getPowCalls++
+	return "", errors.New("should not call GetPow in this test")
+}
+
+func (m *testingDSMock) CallCompletion(_ context.Context, _ *auth.RequestAuth, _ map[string]any, _ string, _ int) (*http.Response, error) {
+	m.callCompletionCalls++
+	return nil, errors.New("should not call CallCompletion in this test")
+}
+
+func TestTestAccount_BatchModeOnlyCreatesSession(t *testing.T) {
+	t.Setenv("DS2API_CONFIG_JSON", `{"accounts":[{"email":"batch@example.com","password":"pwd","token":""}]}`)
+	store := config.LoadStore()
+	ds := &testingDSMock{}
+	h := &Handler{Store: store, DS: ds}
+	acc, ok := store.FindAccount("batch@example.com")
+	if !ok {
+		t.Fatal("expected test account")
+	}
+
+	result := h.testAccount(context.Background(), acc, "deepseek-chat", "")
+
+	if ok, _ := result["success"].(bool); !ok {
+		t.Fatalf("expected success=true, got %#v", result)
+	}
+	msg, _ := result["message"].(string)
+	if !strings.Contains(msg, "仅会话创建") {
+		t.Fatalf("expected session-only success message, got %q", msg)
+	}
+	if ds.loginCalls != 1 || ds.createSessionCalls != 1 {
+		t.Fatalf("unexpected Login/CreateSession calls: login=%d createSession=%d", ds.loginCalls, ds.createSessionCalls)
+	}
+	if ds.getPowCalls != 0 || ds.callCompletionCalls != 0 {
+		t.Fatalf("expected no completion flow calls, got getPow=%d callCompletion=%d", ds.getPowCalls, ds.callCompletionCalls)
+	}
+	updated, ok := store.FindAccount("batch@example.com")
+	if !ok {
+		t.Fatal("expected updated account")
+	}
+	if updated.Token != "new-token" {
+		t.Fatalf("expected refreshed token to be persisted, got %q", updated.Token)
+	}
+	if updated.TestStatus != "ok" {
+		t.Fatalf("expected test status ok, got %q", updated.TestStatus)
+	}
+}

internal/admin/handler_config_import.go

@@ -49,6 +49,7 @@ func (h *Handler) configImport(w http.ResponseWriter, r *http.Request) {
 		next := c.Clone()
 		if mode == "replace" {
 			next = incoming.Clone()
+			next.Accounts = normalizeAndDedupeAccounts(next.Accounts)
 			next.VercelSyncHash = c.VercelSyncHash
 			next.VercelSyncTime = c.VercelSyncTime
 			importedKeys = len(next.Keys)
@@ -73,17 +74,22 @@ func (h *Handler) configImport(w http.ResponseWriter, r *http.Request) {
 
 			existingAccounts := map[string]struct{}{}
 			for _, acc := range next.Accounts {
-				existingAccounts[acc.Identifier()] = struct{}{}
+				acc = normalizeAccountForStorage(acc)
+				key := accountDedupeKey(acc)
+				if key != "" {
+					existingAccounts[key] = struct{}{}
+				}
 			}
 			for _, acc := range incoming.Accounts {
-				id := acc.Identifier()
-				if id == "" {
+				acc = normalizeAccountForStorage(acc)
+				key := accountDedupeKey(acc)
+				if key == "" {
 					continue
 				}
-				if _, ok := existingAccounts[id]; ok {
+				if _, ok := existingAccounts[key]; ok {
 					continue
 				}
-				existingAccounts[id] = struct{}{}
+				existingAccounts[key] = struct{}{}
 				next.Accounts = append(next.Accounts, acc)
 				importedAccounts++
 			}

internal/admin/handler_config_write.go

@@ -25,17 +25,28 @@ func (h *Handler) updateConfig(w http.ResponseWriter, r *http.Request) {
 		if accountsRaw, ok := req["accounts"].([]any); ok {
 			existing := map[string]config.Account{}
 			for _, a := range old.Accounts {
-				existing[a.Identifier()] = a
+				a = normalizeAccountForStorage(a)
+				key := accountDedupeKey(a)
+				if key != "" {
+					existing[key] = a
+				}
 			}
+			seen := map[string]struct{}{}
 			accounts := make([]config.Account, 0, len(accountsRaw))
 			for _, item := range accountsRaw {
 				m, ok := item.(map[string]any)
 				if !ok {
 					continue
 				}
-				acc := toAccount(m)
-				id := acc.Identifier()
-				if prev, ok := existing[id]; ok {
+				acc := normalizeAccountForStorage(toAccount(m))
+				key := accountDedupeKey(acc)
+				if key == "" {
+					continue
+				}
+				if _, ok := seen[key]; ok {
+					continue
+				}
+				if prev, ok := existing[key]; ok {
 					if strings.TrimSpace(acc.Password) == "" {
 						acc.Password = prev.Password
 					}
@@ -43,6 +54,7 @@ func (h *Handler) updateConfig(w http.ResponseWriter, r *http.Request) {
 						acc.Token = prev.Token
 					}
 				}
+				seen[key] = struct{}{}
 				accounts = append(accounts, acc)
 			}
 			c.Accounts = accounts
@@ -138,20 +150,24 @@ func (h *Handler) batchImport(w http.ResponseWriter, r *http.Request) {
 		if accounts, ok := req["accounts"].([]any); ok {
 			existing := map[string]bool{}
 			for _, a := range c.Accounts {
-				existing[a.Identifier()] = true
+				a = normalizeAccountForStorage(a)
+				key := accountDedupeKey(a)
+				if key != "" {
+					existing[key] = true
+				}
 			}
 			for _, item := range accounts {
 				m, ok := item.(map[string]any)
 				if !ok {
 					continue
 				}
-				acc := toAccount(m)
-				id := acc.Identifier()
-				if id == "" || existing[id] {
+				acc := normalizeAccountForStorage(toAccount(m))
+				key := accountDedupeKey(acc)
+				if key == "" || existing[key] {
 					continue
 				}
 				c.Accounts = append(c.Accounts, acc)
-				existing[id] = true
+				existing[key] = true
 				importedAccounts++
 			}
 		}

internal/admin/handler_settings_test.go

@@ -265,3 +265,57 @@ func TestConfigImportRejectsMergedRuntimeConflict(t *testing.T) {
 		t.Fatalf("runtime should remain unchanged, runtime=%+v", snap.Runtime)
 	}
 }
+
+func TestConfigImportMergeDedupesMobileAliases(t *testing.T) {
+	h := newAdminTestHandler(t, `{
+		"keys":["k1"],
+		"accounts":[{"mobile":"+8613800138000","password":"p1"}]
+	}`)
+
+	merge := map[string]any{
+		"mode": "merge",
+		"config": map[string]any{
+			"accounts": []any{
+				map[string]any{"mobile": "13800138000", "password": "p2"},
+			},
+		},
+	}
+	b, _ := json.Marshal(merge)
+	req := httptest.NewRequest(http.MethodPost, "/admin/config/import?mode=merge", bytes.NewReader(b))
+	rec := httptest.NewRecorder()
+	h.configImport(rec, req)
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
+	}
+	if got := len(h.Store.Accounts()); got != 1 {
+		t.Fatalf("expected merge dedupe by canonical mobile, got=%d", got)
+	}
+}
+
+func TestUpdateConfigDedupesMobileAliases(t *testing.T) {
+	h := newAdminTestHandler(t, `{
+		"keys":["k1"],
+		"accounts":[{"mobile":"+8613800138000","password":"old"}]
+	}`)
+
+	reqBody := map[string]any{
+		"accounts": []any{
+			map[string]any{"mobile": "+8613800138000"},
+			map[string]any{"mobile": "13800138000"},
+		},
+	}
+	b, _ := json.Marshal(reqBody)
+	req := httptest.NewRequest(http.MethodPost, "/admin/config", bytes.NewReader(b))
+	rec := httptest.NewRecorder()
+	h.updateConfig(rec, req)
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
+	}
+	accounts := h.Store.Accounts()
+	if len(accounts) != 1 {
+		t.Fatalf("expected update dedupe by canonical mobile, got=%d", len(accounts))
+	}
+	if accounts[0].Identifier() != "+8613800138000" {
+		t.Fatalf("unexpected identifier: %q", accounts[0].Identifier())
+	}
+}

internal/admin/helpers.go

@@ -59,9 +59,11 @@ func toStringSlice(v any) ([]string, bool) {
 }
 
 func toAccount(m map[string]any) config.Account {
+	email := fieldString(m, "email")
+	mobile := config.NormalizeMobileForStorage(fieldString(m, "mobile"))
 	return config.Account{
-		Email:    fieldString(m, "email"),
-		Mobile:   fieldString(m, "mobile"),
+		Email:    email,
+		Mobile:   mobile,
 		Password: fieldString(m, "password"),
 		Token:    fieldString(m, "token"),
 	}
@@ -90,12 +92,52 @@ func accountMatchesIdentifier(acc config.Account, identifier string) bool {
 	if strings.TrimSpace(acc.Email) == id {
 		return true
 	}
-	if strings.TrimSpace(acc.Mobile) == id {
+	if mobileKey := config.CanonicalMobileKey(id); mobileKey != "" && mobileKey == config.CanonicalMobileKey(acc.Mobile) {
 		return true
 	}
 	return acc.Identifier() == id
 }
 
+func normalizeAccountForStorage(acc config.Account) config.Account {
+	acc.Email = strings.TrimSpace(acc.Email)
+	acc.Mobile = config.NormalizeMobileForStorage(acc.Mobile)
+	return acc
+}
+
+func accountDedupeKey(acc config.Account) string {
+	if email := strings.TrimSpace(acc.Email); email != "" {
+		return "email:" + email
+	}
+	if mobile := config.CanonicalMobileKey(acc.Mobile); mobile != "" {
+		return "mobile:" + mobile
+	}
+	if id := strings.TrimSpace(acc.Identifier()); id != "" {
+		return "id:" + id
+	}
+	return ""
+}
+
+func normalizeAndDedupeAccounts(accounts []config.Account) []config.Account {
+	if len(accounts) == 0 {
+		return nil
+	}
+	out := make([]config.Account, 0, len(accounts))
+	seen := make(map[string]struct{}, len(accounts))
+	for _, acc := range accounts {
+		acc = normalizeAccountForStorage(acc)
+		key := accountDedupeKey(acc)
+		if key == "" {
+			continue
+		}
+		if _, ok := seen[key]; ok {
+			continue
+		}
+		seen[key] = struct{}{}
+		out = append(out, acc)
+	}
+	return out
+}
+
 func findAccountByIdentifier(store ConfigStore, identifier string) (config.Account, bool) {
 	id := strings.TrimSpace(identifier)
 	if id == "" {

internal/admin/helpers_edge_test.go

@@ -182,7 +182,7 @@ func TestToAccountAllFields(t *testing.T) {
 	if acc.Email != "user@test.com" {
 		t.Fatalf("unexpected email: %q", acc.Email)
 	}
-	if acc.Mobile != "13800138000" {
+	if acc.Mobile != "+8613800138000" {
 		t.Fatalf("unexpected mobile: %q", acc.Mobile)
 	}
 	if acc.Password != "secret" {

internal/compat/go_compat_test.go

@@ -5,6 +5,7 @@ import (
 	"os"
 	"path/filepath"
 	"reflect"
+	"strings"
 	"testing"
 
 	"ds2api/internal/sse"
@@ -67,20 +68,36 @@ func TestGoCompatToolcallFixtures(t *testing.T) {
 		var fixture struct {
 			Text      string   `json:"text"`
 			ToolNames []string `json:"tool_names"`
+			Mode      string   `json:"mode"`
 		}
 		mustLoadJSON(t, fixturePath, &fixture)
 
 		var expected struct {
-			Calls []util.ParsedToolCall `json:"calls"`
+			Calls             []util.ParsedToolCall `json:"calls"`
+			SawToolCallSyntax bool                  `json:"sawToolCallSyntax"`
+			RejectedByPolicy  bool                  `json:"rejectedByPolicy"`
+			RejectedToolNames []string              `json:"rejectedToolNames"`
 		}
 		mustLoadJSON(t, expectedPath, &expected)
 
-		got := util.ParseToolCalls(fixture.Text, fixture.ToolNames)
-		if len(got) == 0 && len(expected.Calls) == 0 {
-			continue
+		var got util.ToolCallParseResult
+		switch strings.ToLower(strings.TrimSpace(fixture.Mode)) {
+		case "standalone":
+			got = util.ParseStandaloneToolCallsDetailed(fixture.Text, fixture.ToolNames)
+		default:
+			got = util.ParseToolCallsDetailed(fixture.Text, fixture.ToolNames)
 		}
-		if !reflect.DeepEqual(got, expected.Calls) {
-			t.Fatalf("toolcall fixture %s mismatch:\n got=%#v\nwant=%#v", name, got, expected.Calls)
+		if got.Calls == nil {
+			got.Calls = []util.ParsedToolCall{}
+		}
+		if got.RejectedToolNames == nil {
+			got.RejectedToolNames = []string{}
+		}
+		if !reflect.DeepEqual(got.Calls, expected.Calls) ||
+			got.SawToolCallSyntax != expected.SawToolCallSyntax ||
+			got.RejectedByPolicy != expected.RejectedByPolicy ||
+			!reflect.DeepEqual(got.RejectedToolNames, expected.RejectedToolNames) {
+			t.Fatalf("toolcall fixture %s mismatch:\n got=%#v\nwant=%#v", name, got, expected)
 		}
 	}
 }

internal/config/account.go

@@ -10,8 +10,8 @@ func (a Account) Identifier() string {
 	if strings.TrimSpace(a.Email) != "" {
 		return strings.TrimSpace(a.Email)
 	}
-	if strings.TrimSpace(a.Mobile) != "" {
-		return strings.TrimSpace(a.Mobile)
+	if mobile := NormalizeMobileForStorage(a.Mobile); mobile != "" {
+		return mobile
 	}
 	// Backward compatibility: old configs may contain token-only accounts.
 	// Use a stable non-sensitive synthetic id so they can still join the pool.

internal/config/config.go

@@ -18,10 +18,11 @@ type Config struct {
 }
 
 type Account struct {
-	Email    string `json:"email,omitempty"`
-	Mobile   string `json:"mobile,omitempty"`
-	Password string `json:"password,omitempty"`
-	Token    string `json:"token,omitempty"`
+	Email      string `json:"email,omitempty"`
+	Mobile     string `json:"mobile,omitempty"`
+	Password   string `json:"password,omitempty"`
+	Token      string `json:"token,omitempty"`
+	TestStatus string `json:"test_status,omitempty"`
 }
 
 type CompatConfig struct {

internal/config/config_edge_test.go

@@ -202,7 +202,7 @@ func TestConfigCloneNilMaps(t *testing.T) {
 
 func TestAccountIdentifierPreferenceMobileOverToken(t *testing.T) {
 	acc := Account{Mobile: "13800138000", Token: "tok"}
-	if acc.Identifier() != "13800138000" {
+	if acc.Identifier() != "+8613800138000" {
 		t.Fatalf("expected mobile identifier, got %q", acc.Identifier())
 	}
 }

internal/config/mobile.go

@@ -0,0 +1,82 @@
+package config
+
+import "strings"
+
+// NormalizeMobileForStorage normalizes user input to a stable storage format.
+// It keeps existing country codes and auto-prefixes mainland China numbers with +86.
+func NormalizeMobileForStorage(raw string) string {
+	digits, hasPlus := extractMobileDigits(raw)
+	if digits == "" {
+		return ""
+	}
+	if hasPlus {
+		return "+" + digits
+	}
+	if isChinaMobileWithCountryCode(digits) {
+		return "+86" + digits[2:]
+	}
+	if isChinaMainlandMobileDigits(digits) {
+		return "+86" + digits
+	}
+	// For non-China numbers without a leading +, preserve semantics by adding it.
+	return "+" + digits
+}
+
+// CanonicalMobileKey returns the comparison key used by dedupe/matching logic.
+func CanonicalMobileKey(raw string) string {
+	return NormalizeMobileForStorage(raw)
+}
+
+func extractMobileDigits(raw string) (digits string, hasPlus bool) {
+	s := strings.TrimSpace(raw)
+	if s == "" {
+		return "", false
+	}
+
+	for _, r := range s {
+		switch {
+		case r >= '0' && r <= '9':
+			goto collect
+		case isMobileSeparator(r):
+			continue
+		case r == '+':
+			hasPlus = true
+			goto collect
+		default:
+			goto collect
+		}
+	}
+
+collect:
+	var b strings.Builder
+	b.Grow(len(s))
+	for _, r := range s {
+		if r >= '0' && r <= '9' {
+			b.WriteRune(r)
+		}
+	}
+	return b.String(), hasPlus
+}
+
+func isChinaMainlandMobileDigits(digits string) bool {
+	if len(digits) != 11 || digits[0] != '1' {
+		return false
+	}
+	return digits[1] >= '3' && digits[1] <= '9'
+}
+
+func isChinaMobileWithCountryCode(digits string) bool {
+	if len(digits) != 13 || !strings.HasPrefix(digits, "86") {
+		return false
+	}
+	return isChinaMainlandMobileDigits(digits[2:])
+}
+
+func isMobileSeparator(r rune) bool {
+	switch r {
+	case ' ', '\t', '\n', '\r', '-', '(', ')', '.', '/':
+		return true
+	default:
+		return false
+	}
+}

internal/config/mobile_test.go

@@ -0,0 +1,36 @@
+package config
+
+import "testing"
+
+func TestNormalizeMobileForStorageChinaMainlandAddsPlus86(t *testing.T) {
+	if got := NormalizeMobileForStorage("13800138000"); got != "+8613800138000" {
+		t.Fatalf("got %q", got)
+	}
+}
+
+func TestNormalizeMobileForStorageChinaWithCountryCode(t *testing.T) {
+	if got := NormalizeMobileForStorage("8613800138000"); got != "+8613800138000" {
+		t.Fatalf("got %q", got)
+	}
+}
+
+func TestNormalizeMobileForStorageKeepsExistingCountryCode(t *testing.T) {
+	if got := NormalizeMobileForStorage(" +1 (415) 555-2671 "); got != "+14155552671" {
+		t.Fatalf("got %q", got)
+	}
+}
+
+func TestCanonicalMobileKeyMatchesChinaAliases(t *testing.T) {
+	a := CanonicalMobileKey("+8613800138000")
+	b := CanonicalMobileKey("13800138000")
+	c := CanonicalMobileKey("86 13800138000")
+	if a == "" || a != b || b != c {
+		t.Fatalf("alias mismatch: a=%q b=%q c=%q", a, b, c)
+	}
+}
+
+func TestCanonicalMobileKeyEmptyForInvalidInput(t *testing.T) {
+	if got := CanonicalMobileKey("() --"); got != "" {
+		t.Fatalf("got %q", got)
+	}
+}

internal/config/store.go

@@ -97,6 +97,18 @@ func (s *Store) FindAccount(identifier string) (Account, bool) {
 	return Account{}, false
 }
 
+func (s *Store) UpdateAccountTestStatus(identifier, status string) error {
+	identifier = strings.TrimSpace(identifier)
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	idx, ok := s.findAccountIndexLocked(identifier)
+	if !ok {
+		return errors.New("account not found")
+	}
+	s.cfg.Accounts[idx].TestStatus = status
+	return s.saveLocked()
+}
+
 func (s *Store) UpdateAccountToken(identifier, token string) error {
 	identifier = strings.TrimSpace(identifier)
 	s.mu.Lock()

internal/deepseek/client_auth.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net/http"
 	"strings"
+	"unicode"
 
 	"ds2api/internal/auth"
 	"ds2api/internal/config"
@@ -20,8 +21,9 @@ func (c *Client) Login(ctx context.Context, acc config.Account) (string, error)
 	if email := strings.TrimSpace(acc.Email); email != "" {
 		payload["email"] = email
 	} else if mobile := strings.TrimSpace(acc.Mobile); mobile != "" {
-		payload["mobile"] = mobile
-		payload["area_code"] = nil
+		loginMobile, areaCode := normalizeMobileForLogin(mobile)
+		payload["mobile"] = loginMobile
+		payload["area_code"] = areaCode
 	} else {
 		return "", errors.New("missing email/mobile")
 	}
@@ -151,3 +153,26 @@ func isTokenInvalid(status int, code int, msg string) bool {
 	}
 	return strings.Contains(msg, "token") || strings.Contains(msg, "unauthorized")
 }
+
+func normalizeMobileForLogin(raw string) (mobile string, areaCode any) {
+	s := strings.TrimSpace(raw)
+	if s == "" {
+		return "", nil
+	}
+	hasPlus := strings.HasPrefix(s, "+")
+	var b strings.Builder
+	b.Grow(len(s))
+	for _, r := range s {
+		if unicode.IsDigit(r) {
+			b.WriteRune(r)
+		}
+	}
+	digits := b.String()
+	if digits == "" {
+		return "", nil
+	}
+	if (hasPlus || strings.HasPrefix(digits, "86")) && strings.HasPrefix(digits, "86") && len(digits) == 13 {
+		return digits[2:], nil
+	}
+	return digits, nil
+}

internal/deepseek/client_auth_mobile_test.go

@@ -0,0 +1,33 @@
+package deepseek
+
+import "testing"
+
+func TestNormalizeMobileForLogin_ChinaWithPlus86(t *testing.T) {
+	mobile, areaCode := normalizeMobileForLogin("+8613800138000")
+	if mobile != "13800138000" {
+		t.Fatalf("unexpected mobile: %q", mobile)
+	}
+	if areaCode != nil {
+		t.Fatalf("expected nil areaCode, got %#v", areaCode)
+	}
+}
+
+func TestNormalizeMobileForLogin_ChinaWith86Prefix(t *testing.T) {
+	mobile, areaCode := normalizeMobileForLogin("8613800138000")
+	if mobile != "13800138000" {
+		t.Fatalf("unexpected mobile: %q", mobile)
+	}
+	if areaCode != nil {
+		t.Fatalf("expected nil areaCode, got %#v", areaCode)
+	}
+}
+
+func TestNormalizeMobileForLogin_KeepPlainDigits(t *testing.T) {
+	mobile, areaCode := normalizeMobileForLogin("13800138000")
+	if mobile != "13800138000" {
+		t.Fatalf("unexpected mobile: %q", mobile)
+	}
+	if areaCode != nil {
+		t.Fatalf("expected nil areaCode, got %#v", areaCode)
+	}
+}

internal/format/claude/render.go

@@ -9,6 +9,9 @@ import (
 
 func BuildMessageResponse(messageID, model string, normalizedMessages []any, finalThinking, finalText string, toolNames []string) map[string]any {
 	detected := util.ParseToolCalls(finalText, toolNames)
+	if len(detected) == 0 && finalText == "" && finalThinking != "" {
+		detected = util.ParseToolCalls(finalThinking, toolNames)
+	}
 	content := make([]map[string]any, 0, 4)
 	if finalThinking != "" {
 		content = append(content, map[string]any{"type": "thinking", "thinking": finalThinking})

internal/format/claude/render_test.go

@@ -0,0 +1,62 @@
+package claude
+
+import "testing"
+
+func TestBuildMessageResponseDetectsToolCallsFromThinkingFallback(t *testing.T) {
+	resp := BuildMessageResponse(
+		"msg_1",
+		"claude-sonnet-4-5",
+		[]any{map[string]any{"role": "user", "content": "hi"}},
+		`{"tool_calls":[{"name":"search","input":{"q":"go"}}]}`,
+		"",
+		[]string{"search"},
+	)
+
+	if resp["stop_reason"] != "tool_use" {
+		t.Fatalf("expected stop_reason=tool_use, got=%#v", resp["stop_reason"])
+	}
+	content, _ := resp["content"].([]map[string]any)
+	if len(content) < 2 {
+		t.Fatalf("expected thinking + tool_use content blocks, got=%#v", resp["content"])
+	}
+	last := content[len(content)-1]
+	if last["type"] != "tool_use" {
+		t.Fatalf("expected last content block tool_use, got=%#v", last["type"])
+	}
+	if last["name"] != "search" {
+		t.Fatalf("expected tool name search, got=%#v", last["name"])
+	}
+}
+
+func TestBuildMessageResponseSkipsThinkingFallbackWhenFinalTextExists(t *testing.T) {
+	resp := BuildMessageResponse(
+		"msg_1",
+		"claude-sonnet-4-5",
+		[]any{map[string]any{"role": "user", "content": "hi"}},
+		`{"tool_calls":[{"name":"search","input":{"q":"go"}}]}`,
+		"normal answer",
+		[]string{"search"},
+	)
+
+	if resp["stop_reason"] != "end_turn" {
+		t.Fatalf("expected stop_reason=end_turn, got=%#v", resp["stop_reason"])
+	}
+
+	content, _ := resp["content"].([]map[string]any)
+	foundText := false
+	foundTool := false
+	for _, block := range content {
+		if block["type"] == "text" && block["text"] == "normal answer" {
+			foundText = true
+		}
+		if block["type"] == "tool_use" {
+			foundTool = true
+		}
+	}
+	if !foundText {
+		t.Fatalf("expected text block with finalText, got=%#v", resp["content"])
+	}
+	if foundTool {
+		t.Fatalf("unexpected tool_use block when finalText exists, got=%#v", resp["content"])
+	}
+}

internal/format/openai/render_chat.go

@@ -8,7 +8,7 @@ import (
 )
 
 func BuildChatCompletion(completionID, model, finalPrompt, finalThinking, finalText string, toolNames []string) map[string]any {
-	detected := util.ParseToolCalls(finalText, toolNames)
+	detected := util.ParseStandaloneToolCalls(finalText, toolNames)
 	finishReason := "stop"
 	messageObj := map[string]any{"role": "assistant", "content": finalText}
 	if strings.TrimSpace(finalThinking) != "" {

internal/format/openai/render_responses.go

@@ -11,12 +11,9 @@ import (
 )
 
 func BuildResponseObject(responseID, model, finalPrompt, finalThinking, finalText string, toolNames []string) map[string]any {
-	// Align responses tool-call semantics with chat/completions:
-	// mixed prose + tool_call payloads should still be interpreted as tool calls.
-	detected := util.ParseToolCalls(finalText, toolNames)
-	if len(detected) == 0 && strings.TrimSpace(finalThinking) != "" {
-		detected = util.ParseToolCalls(finalThinking, toolNames)
-	}
+	// Strict mode: only standalone, structured tool-call payloads are treated
+	// as executable tool calls.
+	detected := util.ParseStandaloneToolCalls(finalText, toolNames)
 	exposedOutputText := finalText
 	output := make([]any, 0, 2)
 	if len(detected) > 0 {

internal/format/openai/render_stream_events.go

@@ -71,6 +71,19 @@ func BuildResponsesTextDeltaPayload(responseID, itemID string, outputIndex, cont
 	}
 }
 
+
+func BuildResponsesTextDonePayload(responseID, itemID string, outputIndex, contentIndex int, text string) map[string]any {
+	return map[string]any{
+		"type":          "response.output_text.done",
+		"id":            responseID,
+		"response_id":   responseID,
+		"item_id":       itemID,
+		"output_index":  outputIndex,
+		"content_index": contentIndex,
+		"text":          text,
+	}
+}
+
 func BuildResponsesReasoningDeltaPayload(responseID, delta string) map[string]any {
 	return map[string]any{
 		"type":        "response.reasoning.delta",

internal/format/openai/render_test.go

@@ -45,7 +45,7 @@ func TestBuildResponseObjectToolCallsFollowChatShape(t *testing.T) {
 	}
 }
 
-func TestBuildResponseObjectTreatsMixedProseToolPayloadAsToolCall(t *testing.T) {
+func TestBuildResponseObjectTreatsMixedProseToolPayloadAsText(t *testing.T) {
 	obj := BuildResponseObject(
 		"resp_test",
 		"gpt-4o",
@@ -56,17 +56,16 @@ func TestBuildResponseObjectTreatsMixedProseToolPayloadAsToolCall(t *testing.T)
 	)
 
 	outputText, _ := obj["output_text"].(string)
-	if outputText != "" {
-		t.Fatalf("expected output_text hidden once tool calls are detected, got %q", outputText)
+	if outputText == "" {
+		t.Fatalf("expected output_text preserved for mixed prose payload")
 	}
-
 	output, _ := obj["output"].([]any)
 	if len(output) != 1 {
-		t.Fatalf("expected function_call output only, got %#v", obj["output"])
+		t.Fatalf("expected one message output item, got %#v", obj["output"])
 	}
 	first, _ := output[0].(map[string]any)
-	if first["type"] != "function_call" {
-		t.Fatalf("expected first output type function_call, got %#v", first["type"])
+	if first["type"] != "message" {
+		t.Fatalf("expected message output type, got %#v", first["type"])
 	}
 }
 
@@ -127,7 +126,7 @@ func TestBuildResponseObjectReasoningOnlyFallsBackToOutputText(t *testing.T) {
 	}
 }
 
-func TestBuildResponseObjectDetectsToolCallFromThinkingChannel(t *testing.T) {
+func TestBuildResponseObjectIgnoresToolCallFromThinkingChannel(t *testing.T) {
 	obj := BuildResponseObject(
 		"resp_test",
 		"gpt-4o",
@@ -139,10 +138,10 @@ func TestBuildResponseObjectDetectsToolCallFromThinkingChannel(t *testing.T) {
 
 	output, _ := obj["output"].([]any)
 	if len(output) != 1 {
-		t.Fatalf("expected function_call output only, got %#v", obj["output"])
+		t.Fatalf("expected one message output item, got %#v", obj["output"])
 	}
 	first, _ := output[0].(map[string]any)
-	if first["type"] != "function_call" {
-		t.Fatalf("expected output function_call, got %#v", first["type"])
+	if first["type"] != "message" {
+		t.Fatalf("expected output message, got %#v", first["type"])
 	}
 }

internal/js/chat-stream/index.js

@@ -10,8 +10,10 @@ const {
 } = require('./sse_parse');
 const {
   resolveToolcallPolicy,
+  formatIncrementalToolCallDeltas,
   normalizePreparedToolNames,
   boolDefaultTrue,
+  filterIncrementalToolCallDeltasByAllowed,
 } = require('./toolcall_policy');
 const {
   estimateTokens,
@@ -82,7 +84,9 @@ module.exports.__test = {
   shouldSkipPath,
   asString,
   resolveToolcallPolicy,
+  formatIncrementalToolCallDeltas,
   normalizePreparedToolNames,
   boolDefaultTrue,
+  filterIncrementalToolCallDeltasByAllowed,
   estimateTokens,
 };

internal/js/chat-stream/toolcall_policy.js

@@ -68,6 +68,47 @@ function formatIncrementalToolCallDeltas(deltas, idStore) {
   return out;
 }
 
+function filterIncrementalToolCallDeltasByAllowed(deltas, allowedNames, seenNames) {
+  if (!Array.isArray(deltas) || deltas.length === 0) {
+    return [];
+  }
+  const seen = seenNames instanceof Map ? seenNames : new Map();
+  const allowed = new Set((allowedNames || []).filter((name) => asString(name) !== ''));
+  if (allowed.size === 0) {
+    for (const d of deltas) {
+      if (d && typeof d === 'object' && asString(d.name)) {
+        const index = Number.isInteger(d.index) ? d.index : 0;
+        seen.set(index, '__blocked__');
+      }
+    }
+    return [];
+  }
+
+  const out = [];
+  for (const d of deltas) {
+    if (!d || typeof d !== 'object') {
+      continue;
+    }
+    const index = Number.isInteger(d.index) ? d.index : 0;
+    const name = asString(d.name);
+    if (name) {
+      if (!allowed.has(name)) {
+        seen.set(index, '__blocked__');
+        continue;
+      }
+      seen.set(index, name);
+      out.push(d);
+      continue;
+    }
+    const existing = asString(seen.get(index));
+    if (!existing || existing === '__blocked__') {
+      continue;
+    }
+    out.push(d);
+  }
+  return out;
+}
+
 function ensureStreamToolCallID(idStore, index) {
   const key = Number.isInteger(index) ? index : 0;
   const existing = idStore.get(key);
@@ -104,4 +145,5 @@ module.exports = {
   normalizePreparedToolNames,
   boolDefaultTrue,
   formatIncrementalToolCallDeltas,
+  filterIncrementalToolCallDeltasByAllowed,
 };

internal/js/chat-stream/vercel_stream.js

@@ -5,7 +5,7 @@ const {
   createToolSieveState,
   processToolSieveChunk,
   flushToolSieve,
-  parseToolCalls,
+  parseStandaloneToolCalls,
   formatOpenAIStreamToolCalls,
 } = require('../helpers/stream-tool-sieve');
 const {
@@ -24,7 +24,6 @@ const {
 } = require('./token_usage');
 const {
   resolveToolcallPolicy,
-  formatIncrementalToolCallDeltas,
 } = require('./toolcall_policy');
 const {
   createChatCompletionEmitter,
@@ -130,7 +129,6 @@ async function handleVercelStream(req, res, rawBody, payload) {
     let thinkingText = '';
     let outputText = '';
     const toolSieveEnabled = toolPolicy.toolSieveEnabled;
-    const emitEarlyToolDeltas = toolPolicy.emitEarlyToolDeltas;
     const toolSieveState = createToolSieveState();
     let toolCallsEmitted = false;
     const streamToolCallIDs = new Map();
@@ -155,13 +153,18 @@ async function handleVercelStream(req, res, rawBody, payload) {
         await releaseLease();
         return;
       }
-      const detected = parseToolCalls(outputText, toolNames);
+      const detected = parseStandaloneToolCalls(outputText, toolNames);
       if (detected.length > 0 && !toolCallsEmitted) {
         toolCallsEmitted = true;
-        sendDeltaFrame({ tool_calls: formatOpenAIStreamToolCalls(detected) });
+        sendDeltaFrame({ tool_calls: formatOpenAIStreamToolCalls(detected, streamToolCallIDs) });
       } else if (toolSieveEnabled) {
         const tailEvents = flushToolSieve(toolSieveState, toolNames);
         for (const evt of tailEvents) {
+          if (evt.type === 'tool_calls' && Array.isArray(evt.calls) && evt.calls.length > 0) {
+            toolCallsEmitted = true;
+            sendDeltaFrame({ tool_calls: formatOpenAIStreamToolCalls(evt.calls, streamToolCallIDs) });
+            continue;
+          }
           if (evt.text) {
             sendDeltaFrame({ content: evt.text });
           }
@@ -252,17 +255,9 @@ async function handleVercelStream(req, res, rawBody, payload) {
               }
               const events = processToolSieveChunk(toolSieveState, p.text, toolNames);
               for (const evt of events) {
-                if (evt.type === 'tool_call_deltas' && Array.isArray(evt.deltas) && evt.deltas.length > 0) {
-                  if (!emitEarlyToolDeltas) {
-                    continue;
-                  }
-                  toolCallsEmitted = true;
-                  sendDeltaFrame({ tool_calls: formatIncrementalToolCallDeltas(evt.deltas, streamToolCallIDs) });
-                  continue;
-                }
                 if (evt.type === 'tool_calls') {
                   toolCallsEmitted = true;
-                  sendDeltaFrame({ tool_calls: formatOpenAIStreamToolCalls(evt.calls) });
+                  sendDeltaFrame({ tool_calls: formatOpenAIStreamToolCalls(evt.calls, streamToolCallIDs) });
                   continue;
                 }
                 if (evt.text) {

internal/js/helpers/stream-tool-sieve/format.js

@@ -2,13 +2,13 @@
 
 const crypto = require('crypto');
 
-function formatOpenAIStreamToolCalls(calls) {
+function formatOpenAIStreamToolCalls(calls, idStore) {
   if (!Array.isArray(calls) || calls.length === 0) {
     return [];
   }
   return calls.map((c, idx) => ({
     index: idx,
-    id: `call_${newCallID()}`,
+    id: ensureStreamToolCallID(idStore, idx),
     type: 'function',
     function: {
       name: c.name,
@@ -17,6 +17,20 @@ function formatOpenAIStreamToolCalls(calls) {
   }));
 }
 
+function ensureStreamToolCallID(idStore, index) {
+  if (!(idStore instanceof Map)) {
+    return `call_${newCallID()}`;
+  }
+  const key = Number.isInteger(index) ? index : 0;
+  const existing = idStore.get(key);
+  if (existing) {
+    return existing;
+  }
+  const next = `call_${newCallID()}`;
+  idStore.set(key, next);
+  return next;
+}
+
 function newCallID() {
   if (typeof crypto.randomUUID === 'function') {
     return crypto.randomUUID().replace(/-/g, '');

internal/js/helpers/stream-tool-sieve/incremental.js

@@ -1,226 +0,0 @@
-'use strict';
-
-const {
-  looksLikeToolExampleContext,
-  insideCodeFence,
-} = require('./state');
-const {
-  findObjectFieldValueStart,
-  parseJSONStringLiteral,
-  skipSpaces,
-} = require('./jsonscan');
-
-function buildIncrementalToolDeltas(state) {
-  const captured = state.capture || '';
-  if (!captured) {
-    return [];
-  }
-  if (looksLikeToolExampleContext(state.recentTextTail)) {
-    return [];
-  }
-  const lower = captured.toLowerCase();
-  const keyIdx = lower.indexOf('tool_calls');
-  if (keyIdx < 0) {
-    return [];
-  }
-  const start = captured.slice(0, keyIdx).lastIndexOf('{');
-  if (start < 0) {
-    return [];
-  }
-  if (insideCodeFence((state.recentTextTail || '') + captured.slice(0, start))) {
-    return [];
-  }
-  const callStart = findFirstToolCallObjectStart(captured, keyIdx);
-  if (callStart < 0) {
-    return [];
-  }
-
-  const deltas = [];
-  if (!state.toolName) {
-    const name = extractToolCallName(captured, callStart);
-    if (!name) {
-      return [];
-    }
-    state.toolName = name;
-  }
-
-  if (state.toolArgsStart < 0) {
-    const args = findToolCallArgsStart(captured, callStart);
-    if (args) {
-      state.toolArgsString = Boolean(args.stringMode);
-      state.toolArgsStart = state.toolArgsString ? args.start + 1 : args.start;
-      state.toolArgsSent = state.toolArgsStart;
-    }
-  }
-  if (!state.toolNameSent) {
-    if (state.toolArgsStart < 0) {
-      return [];
-    }
-    state.toolNameSent = true;
-    deltas.push({ index: 0, name: state.toolName });
-  }
-  if (state.toolArgsStart < 0 || state.toolArgsDone) {
-    return deltas;
-  }
-  const progress = scanToolCallArgsProgress(captured, state.toolArgsStart, state.toolArgsString);
-  if (!progress) {
-    return deltas;
-  }
-  if (progress.end > state.toolArgsSent) {
-    deltas.push({
-      index: 0,
-      arguments: captured.slice(state.toolArgsSent, progress.end),
-    });
-    state.toolArgsSent = progress.end;
-  }
-  if (progress.complete) {
-    state.toolArgsDone = true;
-  }
-  return deltas;
-}
-
-function findFirstToolCallObjectStart(text, keyIdx) {
-  const arrStart = findToolCallsArrayStart(text, keyIdx);
-  if (arrStart < 0) {
-    return -1;
-  }
-  const i = skipSpaces(text, arrStart + 1);
-  if (i >= text.length || text[i] !== '{') {
-    return -1;
-  }
-  return i;
-}
-
-function findToolCallsArrayStart(text, keyIdx) {
-  let i = keyIdx + 'tool_calls'.length;
-  while (i < text.length && text[i] !== ':') {
-    i += 1;
-  }
-  if (i >= text.length) {
-    return -1;
-  }
-  i = skipSpaces(text, i + 1);
-  if (i >= text.length || text[i] !== '[') {
-    return -1;
-  }
-  return i;
-}
-
-function extractToolCallName(text, callStart) {
-  let valueStart = findObjectFieldValueStart(text, callStart, ['name']);
-  if (valueStart < 0 || text[valueStart] !== '"') {
-    const fnStart = findFunctionObjectStart(text, callStart);
-    if (fnStart < 0) {
-      return '';
-    }
-    valueStart = findObjectFieldValueStart(text, fnStart, ['name']);
-    if (valueStart < 0 || text[valueStart] !== '"') {
-      return '';
-    }
-  }
-  const parsed = parseJSONStringLiteral(text, valueStart);
-  if (!parsed) {
-    return '';
-  }
-  return parsed.value;
-}
-
-function findToolCallArgsStart(text, callStart) {
-  const keys = ['input', 'arguments', 'args', 'parameters', 'params'];
-  let valueStart = findObjectFieldValueStart(text, callStart, keys);
-  if (valueStart < 0) {
-    const fnStart = findFunctionObjectStart(text, callStart);
-    if (fnStart < 0) {
-      return null;
-    }
-    valueStart = findObjectFieldValueStart(text, fnStart, keys);
-    if (valueStart < 0) {
-      return null;
-    }
-  }
-  if (valueStart >= text.length) {
-    return null;
-  }
-  const ch = text[valueStart];
-  if (ch === '{' || ch === '[') {
-    return { start: valueStart, stringMode: false };
-  }
-  if (ch === '"') {
-    return { start: valueStart, stringMode: true };
-  }
-  return null;
-}
-
-function scanToolCallArgsProgress(text, start, stringMode) {
-  if (start < 0 || start > text.length) {
-    return null;
-  }
-  if (stringMode) {
-    let escaped = false;
-    for (let i = start; i < text.length; i += 1) {
-      const ch = text[i];
-      if (escaped) {
-        escaped = false;
-        continue;
-      }
-      if (ch === '\\') {
-        escaped = true;
-        continue;
-      }
-      if (ch === '"') {
-        return { end: i, complete: true };
-      }
-    }
-    return { end: text.length, complete: false };
-  }
-  if (start >= text.length || (text[start] !== '{' && text[start] !== '[')) {
-    return null;
-  }
-  let depth = 0;
-  let quote = '';
-  let escaped = false;
-  for (let i = start; i < text.length; i += 1) {
-    const ch = text[i];
-    if (quote) {
-      if (escaped) {
-        escaped = false;
-        continue;
-      }
-      if (ch === '\\') {
-        escaped = true;
-        continue;
-      }
-      if (ch === quote) {
-        quote = '';
-      }
-      continue;
-    }
-    if (ch === '"' || ch === "'") {
-      quote = ch;
-      continue;
-    }
-    if (ch === '{' || ch === '[') {
-      depth += 1;
-      continue;
-    }
-    if (ch === '}' || ch === ']') {
-      depth -= 1;
-      if (depth === 0) {
-        return { end: i + 1, complete: true };
-      }
-    }
-  }
-  return { end: text.length, complete: false };
-}
-
-function findFunctionObjectStart(text, callStart) {
-  const valueStart = findObjectFieldValueStart(text, callStart, ['function']);
-  if (valueStart < 0 || valueStart >= text.length || text[valueStart] !== '{') {
-    return -1;
-  }
-  return valueStart;
-}
-
-module.exports = {
-  buildIncrementalToolDeltas,
-};

internal/js/helpers/stream-tool-sieve/index.js

@@ -10,7 +10,9 @@ const {
 const {
   extractToolNames,
   parseToolCalls,
+  parseToolCallsDetailed,
   parseStandaloneToolCalls,
+  parseStandaloneToolCallsDetailed,
 } = require('./parse');
 const {
   formatOpenAIStreamToolCalls,
@@ -22,6 +24,8 @@ module.exports = {
   processToolSieveChunk,
   flushToolSieve,
   parseToolCalls,
+  parseToolCallsDetailed,
   parseStandaloneToolCalls,
+  parseStandaloneToolCallsDetailed,
   formatOpenAIStreamToolCalls,
 };

internal/js/helpers/stream-tool-sieve/parse.js

@@ -1,14 +1,17 @@
 'use strict';
 
-const TOOL_CALL_PATTERN = /\{\s*["']tool_calls["']\s*:\s*\[(.*?)\]\s*\}/s;
-
 const {
   toStringSafe,
   looksLikeToolExampleContext,
 } = require('./state');
 const {
-  extractJSONObjectFrom,
-} = require('./jsonscan');
+  stripFencedCodeBlocks,
+  buildToolCallCandidates,
+  parseToolCallsPayload,
+  parseMarkupToolCalls,
+} = require('./parse_payload');
+
+const TOOL_NAME_LOOSE_PATTERN = /[^a-z0-9]+/g;
 
 function extractToolNames(tools) {
   if (!Array.isArray(tools) || tools.length === 0) {
@@ -29,245 +32,188 @@ function extractToolNames(tools) {
 }
 
 function parseToolCalls(text, toolNames) {
+  return parseToolCallsDetailed(text, toolNames).calls;
+}
+
+function parseToolCallsDetailed(text, toolNames) {
+  const result = emptyParseResult();
   if (!toStringSafe(text)) {
-    return [];
+    return result;
   }
   const sanitized = stripFencedCodeBlocks(text);
   if (!toStringSafe(sanitized)) {
-    return [];
+    return result;
   }
+  result.sawToolCallSyntax = looksLikeToolCallSyntax(sanitized);
+
   const candidates = buildToolCallCandidates(sanitized);
   let parsed = [];
   for (const c of candidates) {
     parsed = parseToolCallsPayload(c);
+    if (parsed.length === 0) {
+      parsed = parseMarkupToolCalls(c);
+    }
     if (parsed.length > 0) {
+      result.sawToolCallSyntax = true;
       break;
     }
   }
   if (parsed.length === 0) {
-    return [];
+    return result;
   }
-  return filterToolCalls(parsed, toolNames);
-}
 
-function stripFencedCodeBlocks(text) {
-  const t = typeof text === 'string' ? text : '';
-  if (!t) {
-    return '';
-  }
-  return t.replace(/```[\s\S]*?```/g, ' ');
+  const filtered = filterToolCallsDetailed(parsed, toolNames);
+  result.calls = filtered.calls;
+  result.rejectedToolNames = filtered.rejectedToolNames;
+  result.rejectedByPolicy = filtered.rejectedToolNames.length > 0 && filtered.calls.length === 0;
+  return result;
 }
 
 function parseStandaloneToolCalls(text, toolNames) {
+  return parseStandaloneToolCallsDetailed(text, toolNames).calls;
+}
+
+function parseStandaloneToolCallsDetailed(text, toolNames) {
+  const result = emptyParseResult();
   const trimmed = toStringSafe(text);
   if (!trimmed) {
-    return [];
+    return result;
   }
-  if ((trimmed.startsWith('```') && trimmed.endsWith('```')) || trimmed.includes('```')) {
-    return [];
+  if (trimmed.includes('```')) {
+    return result;
   }
   if (looksLikeToolExampleContext(trimmed)) {
-    return [];
+    return result;
   }
-  const candidates = [trimmed];
-  if (trimmed.startsWith('```') && trimmed.endsWith('```')) {
-    const m = trimmed.match(/```(?:json)?\s*([\s\S]*?)\s*```/i);
-    if (m && m[1]) {
-      candidates.push(toStringSafe(m[1]));
-    }
+  result.sawToolCallSyntax = looksLikeToolCallSyntax(trimmed);
+  let parsed = parseToolCallsPayload(trimmed);
+  if (parsed.length === 0) {
+    parsed = parseMarkupToolCalls(trimmed);
   }
-  for (const candidate of candidates) {
-    const c = toStringSafe(candidate);
-    if (!c) {
-      continue;
-    }
-    if (!c.startsWith('{') && !c.startsWith('[')) {
-      continue;
-    }
-    const parsed = parseToolCallsPayload(c);
-    if (parsed.length > 0) {
-      return filterToolCalls(parsed, toolNames);
-    }
+  if (parsed.length === 0) {
+    return result;
   }
-  return [];
+
+  result.sawToolCallSyntax = true;
+  const filtered = filterToolCallsDetailed(parsed, toolNames);
+  result.calls = filtered.calls;
+  result.rejectedToolNames = filtered.rejectedToolNames;
+  result.rejectedByPolicy = filtered.rejectedToolNames.length > 0 && filtered.calls.length === 0;
+  return result;
 }
 
-function buildToolCallCandidates(text) {
-  const trimmed = toStringSafe(text);
-  const candidates = [trimmed];
-  const fenced = trimmed.match(/```(?:json)?\s*([\s\S]*?)\s*```/gi) || [];
-  for (const block of fenced) {
-    const m = block.match(/```(?:json)?\s*([\s\S]*?)\s*```/i);
-    if (m && m[1]) {
-      candidates.push(toStringSafe(m[1]));
-    }
-  }
-  for (const candidate of extractToolCallObjects(trimmed)) {
-    candidates.push(toStringSafe(candidate));
-  }
-  const first = trimmed.indexOf('{');
-  const last = trimmed.lastIndexOf('}');
-  if (first >= 0 && last > first) {
-    candidates.push(toStringSafe(trimmed.slice(first, last + 1)));
-  }
-  const m = trimmed.match(TOOL_CALL_PATTERN);
-  if (m && m[1]) {
-    candidates.push(`{"tool_calls":[${m[1]}]}`);
-  }
-  return [...new Set(candidates.filter(Boolean))];
-}
-
-function extractToolCallObjects(text) {
-  const raw = toStringSafe(text);
-  if (!raw) {
-    return [];
-  }
-  const lower = raw.toLowerCase();
-  const out = [];
-  let offset = 0;
-  // eslint-disable-next-line no-constant-condition
-  while (true) {
-    let idx = lower.indexOf('tool_calls', offset);
-    if (idx < 0) {
-      break;
-    }
-    let start = raw.slice(0, idx).lastIndexOf('{');
-    while (start >= 0) {
-      const obj = extractJSONObjectFrom(raw, start);
-      if (obj.ok) {
-        out.push(raw.slice(start, obj.end).trim());
-        offset = obj.end;
-        idx = -1;
-        break;
-      }
-      start = raw.slice(0, start).lastIndexOf('{');
-    }
-    if (idx >= 0) {
-      offset = idx + 'tool_calls'.length;
-    }
-  }
-  return out;
-}
-
-function parseToolCallsPayload(payload) {
-  let decoded;
-  try {
-    decoded = JSON.parse(payload);
-  } catch (_err) {
-    return [];
-  }
-  if (Array.isArray(decoded)) {
-    return parseToolCallList(decoded);
-  }
-  if (!decoded || typeof decoded !== 'object') {
-    return [];
-  }
-  if (decoded.tool_calls) {
-    return parseToolCallList(decoded.tool_calls);
-  }
-  const one = parseToolCallItem(decoded);
-  return one ? [one] : [];
-}
-
-function parseToolCallList(v) {
-  if (!Array.isArray(v)) {
-    return [];
-  }
-  const out = [];
-  for (const item of v) {
-    if (!item || typeof item !== 'object') {
-      continue;
-    }
-    const one = parseToolCallItem(item);
-    if (one) {
-      out.push(one);
-    }
-  }
-  return out;
-}
-
-function parseToolCallItem(m) {
-  let name = toStringSafe(m.name);
-  let inputRaw = m.input;
-  let hasInput = Object.prototype.hasOwnProperty.call(m, 'input');
-  const fn = m.function && typeof m.function === 'object' ? m.function : null;
-  if (fn) {
-    if (!name) {
-      name = toStringSafe(fn.name);
-    }
-    if (!hasInput && Object.prototype.hasOwnProperty.call(fn, 'arguments')) {
-      inputRaw = fn.arguments;
-      hasInput = true;
-    }
-  }
-  if (!hasInput) {
-    for (const k of ['arguments', 'args', 'parameters', 'params']) {
-      if (Object.prototype.hasOwnProperty.call(m, k)) {
-        inputRaw = m[k];
-        hasInput = true;
-        break;
-      }
-    }
-  }
-  if (!name) {
-    return null;
-  }
+function emptyParseResult() {
   return {
-    name,
-    input: parseToolCallInput(inputRaw),
+    calls: [],
+    sawToolCallSyntax: false,
+    rejectedByPolicy: false,
+    rejectedToolNames: [],
   };
 }
 
-function parseToolCallInput(v) {
-  if (v == null) {
-    return {};
-  }
-  if (typeof v === 'string') {
-    const raw = toStringSafe(v);
-    if (!raw) {
-      return {};
+function filterToolCallsDetailed(parsed, toolNames) {
+  const sourceNames = Array.isArray(toolNames) ? toolNames : [];
+  const allowed = new Set();
+  const allowedCanonical = new Map();
+  for (const item of sourceNames) {
+    const name = toStringSafe(item);
+    if (!name) {
+      continue;
     }
-    try {
-      const parsed = JSON.parse(raw);
-      if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
-        return parsed;
-      }
-      return { _raw: raw };
-    } catch (_err) {
-      return { _raw: raw };
+    allowed.add(name);
+    const lower = name.toLowerCase();
+    if (!allowedCanonical.has(lower)) {
+      allowedCanonical.set(lower, name);
     }
   }
-  if (typeof v === 'object' && !Array.isArray(v)) {
-    return v;
-  }
-  try {
-    const parsed = JSON.parse(JSON.stringify(v));
-    if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
-      return parsed;
-    }
-  } catch (_err) {
-    return {};
-  }
-  return {};
-}
 
-function filterToolCalls(parsed, toolNames) {
-  const allowed = new Set((toolNames || []).filter(Boolean));
-  const out = [];
+  if (allowed.size === 0) {
+    const rejected = [];
+    const seen = new Set();
+    for (const tc of parsed) {
+      if (!tc || !tc.name) {
+        continue;
+      }
+      if (seen.has(tc.name)) {
+        continue;
+      }
+      seen.add(tc.name);
+      rejected.push(tc.name);
+    }
+    return { calls: [], rejectedToolNames: rejected };
+  }
+
+  const calls = [];
+  const rejected = [];
+  const seenRejected = new Set();
   for (const tc of parsed) {
     if (!tc || !tc.name) {
       continue;
     }
-    if (allowed.size > 0 && !allowed.has(tc.name)) {
+    let matchedName = '';
+    if (allowed.has(tc.name)) {
+      matchedName = tc.name;
+    } else {
+      matchedName = resolveAllowedToolName(tc.name, allowed, allowedCanonical);
+    }
+    if (!matchedName) {
+      if (!seenRejected.has(tc.name)) {
+        seenRejected.add(tc.name);
+        rejected.push(tc.name);
+      }
       continue;
     }
-    out.push({ name: tc.name, input: tc.input || {} });
+    calls.push({
+      name: matchedName,
+      input: tc.input && typeof tc.input === 'object' && !Array.isArray(tc.input) ? tc.input : {},
+    });
   }
-  return out;
+  return { calls, rejectedToolNames: rejected };
+}
+
+function resolveAllowedToolName(name, allowed, allowedCanonical) {
+  const normalizedName = toStringSafe(name).trim();
+  if (!normalizedName) {
+    return '';
+  }
+  if (allowed.has(normalizedName)) {
+    return normalizedName;
+  }
+  const lower = normalizedName.toLowerCase();
+  if (allowedCanonical.has(lower)) {
+    return allowedCanonical.get(lower);
+  }
+  const idx = lower.lastIndexOf('.');
+  if (idx >= 0 && idx < lower.length - 1) {
+    const tail = lower.slice(idx + 1);
+    if (allowedCanonical.has(tail)) {
+      return allowedCanonical.get(tail);
+    }
+  }
+  const loose = lower.replace(TOOL_NAME_LOOSE_PATTERN, '');
+  if (!loose) {
+    return '';
+  }
+  for (const [candidateLower, canonical] of allowedCanonical.entries()) {
+    if (candidateLower.replace(TOOL_NAME_LOOSE_PATTERN, '') === loose) {
+      return canonical;
+    }
+  }
+  return '';
+}
+
+function looksLikeToolCallSyntax(text) {
+  const lower = toStringSafe(text).toLowerCase();
+  return lower.includes('tool_calls')
+    || lower.includes('<tool_call')
+    || lower.includes('<function_call')
+    || lower.includes('<invoke');
 }
 
 module.exports = {
   extractToolNames,
   parseToolCalls,
+  parseToolCallsDetailed,
   parseStandaloneToolCalls,
+  parseStandaloneToolCallsDetailed,
 };

internal/js/helpers/stream-tool-sieve/parse_payload.js

@@ -0,0 +1,320 @@
+'use strict';
+
+const TOOL_CALL_PATTERN = /\{\s*["']tool_calls["']\s*:\s*\[(.*?)\]\s*\}/s;
+const TOOL_CALL_MARKUP_BLOCK_PATTERN = /<(?:[a-z0-9_:-]+:)?(tool_call|function_call|invoke)\b([^>]*)>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?\1>/gi;
+const TOOL_CALL_MARKUP_SELFCLOSE_PATTERN = /<(?:[a-z0-9_:-]+:)?invoke\b([^>]*)\/>/gi;
+const TOOL_CALL_MARKUP_KV_PATTERN = /<(?:[a-z0-9_:-]+:)?([a-z0-9_.-]+)\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?\1>/gi;
+const TOOL_CALL_MARKUP_ATTR_PATTERN = /(name|function|tool)\s*=\s*"([^"]+)"/i;
+const TOOL_CALL_MARKUP_NAME_PATTERNS = [
+  /<(?:[a-z0-9_:-]+:)?name\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?name>/i,
+  /<(?:[a-z0-9_:-]+:)?function\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?function>/i,
+];
+const TOOL_CALL_MARKUP_ARGS_PATTERNS = [
+  /<(?:[a-z0-9_:-]+:)?input\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?input>/i,
+  /<(?:[a-z0-9_:-]+:)?arguments\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?arguments>/i,
+  /<(?:[a-z0-9_:-]+:)?argument\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?argument>/i,
+  /<(?:[a-z0-9_:-]+:)?parameters\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?parameters>/i,
+  /<(?:[a-z0-9_:-]+:)?parameter\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?parameter>/i,
+  /<(?:[a-z0-9_:-]+:)?args\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?args>/i,
+  /<(?:[a-z0-9_:-]+:)?params\b[^>]*>([\s\S]*?)<\/(?:[a-z0-9_:-]+:)?params>/i,
+];
+
+const {
+  toStringSafe,
+} = require('./state');
+const {
+  extractJSONObjectFrom,
+} = require('./jsonscan');
+
+function stripFencedCodeBlocks(text) {
+  const t = typeof text === 'string' ? text : '';
+  if (!t) {
+    return '';
+  }
+  return t.replace(/```[\s\S]*?```/g, ' ');
+}
+
+function buildToolCallCandidates(text) {
+  const trimmed = toStringSafe(text);
+  const candidates = [trimmed];
+
+  const fenced = trimmed.match(/```(?:json)?\s*([\s\S]*?)\s*```/gi) || [];
+  for (const block of fenced) {
+    const m = block.match(/```(?:json)?\s*([\s\S]*?)\s*```/i);
+    if (m && m[1]) {
+      candidates.push(toStringSafe(m[1]));
+    }
+  }
+
+  for (const candidate of extractToolCallObjects(trimmed)) {
+    candidates.push(toStringSafe(candidate));
+  }
+
+  const first = trimmed.indexOf('{');
+  const last = trimmed.lastIndexOf('}');
+  if (first >= 0 && last > first) {
+    candidates.push(toStringSafe(trimmed.slice(first, last + 1)));
+  }
+
+  const m = trimmed.match(TOOL_CALL_PATTERN);
+  if (m && m[1]) {
+    candidates.push(`{"tool_calls":[${m[1]}]}`);
+  }
+
+  return [...new Set(candidates.filter(Boolean))];
+}
+
+function extractToolCallObjects(text) {
+  const raw = toStringSafe(text);
+  if (!raw) {
+    return [];
+  }
+  const lower = raw.toLowerCase();
+  const out = [];
+  let offset = 0;
+
+  // eslint-disable-next-line no-constant-condition
+  while (true) {
+    let idx = lower.indexOf('tool_calls', offset);
+    if (idx < 0) {
+      break;
+    }
+    let start = raw.slice(0, idx).lastIndexOf('{');
+    while (start >= 0) {
+      const obj = extractJSONObjectFrom(raw, start);
+      if (obj.ok) {
+        out.push(raw.slice(start, obj.end).trim());
+        offset = obj.end;
+        idx = -1;
+        break;
+      }
+      start = raw.slice(0, start).lastIndexOf('{');
+    }
+    if (idx >= 0) {
+      offset = idx + 'tool_calls'.length;
+    }
+  }
+
+  return out;
+}
+
+function parseToolCallsPayload(payload) {
+  let decoded;
+  try {
+    decoded = JSON.parse(payload);
+  } catch (_err) {
+    return [];
+  }
+
+  if (Array.isArray(decoded)) {
+    return parseToolCallList(decoded);
+  }
+  if (!decoded || typeof decoded !== 'object') {
+    return [];
+  }
+  if (decoded.tool_calls) {
+    return parseToolCallList(decoded.tool_calls);
+  }
+
+  const one = parseToolCallItem(decoded);
+  return one ? [one] : [];
+}
+
+function parseMarkupToolCalls(text) {
+  const raw = toStringSafe(text).trim();
+  if (!raw) {
+    return [];
+  }
+  const out = [];
+  for (const m of raw.matchAll(TOOL_CALL_MARKUP_BLOCK_PATTERN)) {
+    const parsed = parseMarkupSingleToolCall(toStringSafe(m[2]).trim(), toStringSafe(m[3]).trim());
+    if (parsed) {
+      out.push(parsed);
+    }
+  }
+  for (const m of raw.matchAll(TOOL_CALL_MARKUP_SELFCLOSE_PATTERN)) {
+    const parsed = parseMarkupSingleToolCall(toStringSafe(m[1]).trim(), '');
+    if (parsed) {
+      out.push(parsed);
+    }
+  }
+  return out;
+}
+
+function parseMarkupSingleToolCall(attrs, inner) {
+  const embedded = parseToolCallsPayload(inner);
+  if (embedded.length > 0) {
+    return embedded[0];
+  }
+  let name = '';
+  const attrMatch = attrs.match(TOOL_CALL_MARKUP_ATTR_PATTERN);
+  if (attrMatch && attrMatch[2]) {
+    name = toStringSafe(attrMatch[2]).trim();
+  }
+  if (!name) {
+    name = stripTagText(findMarkupTagValue(inner, TOOL_CALL_MARKUP_NAME_PATTERNS));
+  }
+  if (!name) {
+    return null;
+  }
+
+  let input = {};
+  const argsRaw = findMarkupTagValue(inner, TOOL_CALL_MARKUP_ARGS_PATTERNS);
+  if (argsRaw) {
+    input = parseMarkupInput(argsRaw);
+  } else {
+    const kv = parseMarkupKVObject(inner);
+    if (Object.keys(kv).length > 0) {
+      input = kv;
+    }
+  }
+  return { name, input };
+}
+
+function parseMarkupInput(raw) {
+  const s = toStringSafe(raw).trim();
+  if (!s) {
+    return {};
+  }
+  const parsed = parseToolCallInput(s);
+  if (parsed && typeof parsed === 'object' && !Array.isArray(parsed) && Object.keys(parsed).length > 0) {
+    return parsed;
+  }
+  const kv = parseMarkupKVObject(s);
+  if (Object.keys(kv).length > 0) {
+    return kv;
+  }
+  return { _raw: stripTagText(s) };
+}
+
+function parseMarkupKVObject(text) {
+  const raw = toStringSafe(text).trim();
+  if (!raw) {
+    return {};
+  }
+  const out = {};
+  for (const m of raw.matchAll(TOOL_CALL_MARKUP_KV_PATTERN)) {
+    const key = toStringSafe(m[1]).trim();
+    if (!key) {
+      continue;
+    }
+    const valueRaw = stripTagText(m[2]);
+    if (!valueRaw) {
+      continue;
+    }
+    try {
+      out[key] = JSON.parse(valueRaw);
+    } catch (_err) {
+      out[key] = valueRaw;
+    }
+  }
+  return out;
+}
+
+function stripTagText(text) {
+  return toStringSafe(text).replace(/<[^>]+>/g, ' ').trim();
+}
+
+function findMarkupTagValue(text, patterns) {
+  const source = toStringSafe(text);
+  for (const p of patterns) {
+    const m = source.match(p);
+    if (m && m[1]) {
+      return toStringSafe(m[1]);
+    }
+  }
+  return '';
+}
+
+function parseToolCallList(v) {
+  if (!Array.isArray(v)) {
+    return [];
+  }
+  const out = [];
+  for (const item of v) {
+    if (!item || typeof item !== 'object') {
+      continue;
+    }
+    const one = parseToolCallItem(item);
+    if (one) {
+      out.push(one);
+    }
+  }
+  return out;
+}
+
+function parseToolCallItem(m) {
+  let name = toStringSafe(m.name);
+  let inputRaw = m.input;
+  let hasInput = Object.prototype.hasOwnProperty.call(m, 'input');
+  const fn = m.function && typeof m.function === 'object' ? m.function : null;
+
+  if (fn) {
+    if (!name) {
+      name = toStringSafe(fn.name);
+    }
+    if (!hasInput && Object.prototype.hasOwnProperty.call(fn, 'arguments')) {
+      inputRaw = fn.arguments;
+      hasInput = true;
+    }
+  }
+
+  if (!hasInput) {
+    for (const k of ['arguments', 'args', 'parameters', 'params']) {
+      if (Object.prototype.hasOwnProperty.call(m, k)) {
+        inputRaw = m[k];
+        hasInput = true;
+        break;
+      }
+    }
+  }
+
+  if (!name) {
+    return null;
+  }
+
+  return {
+    name,
+    input: parseToolCallInput(inputRaw),
+  };
+}
+
+function parseToolCallInput(v) {
+  if (v == null) {
+    return {};
+  }
+  if (typeof v === 'string') {
+    const raw = toStringSafe(v);
+    if (!raw) {
+      return {};
+    }
+    try {
+      const parsed = JSON.parse(raw);
+      if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+        return parsed;
+      }
+      return { _raw: raw };
+    } catch (_err) {
+      return { _raw: raw };
+    }
+  }
+  if (typeof v === 'object' && !Array.isArray(v)) {
+    return v;
+  }
+  try {
+    const parsed = JSON.parse(JSON.stringify(v));
+    if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+      return parsed;
+    }
+  } catch (_err) {
+    return {};
+  }
+  return {};
+}
+
+module.exports = {
+  stripFencedCodeBlocks,
+  buildToolCallCandidates,
+  parseToolCallsPayload,
+  parseMarkupToolCalls,
+};

internal/js/helpers/stream-tool-sieve/sieve.js

@@ -1,16 +1,12 @@
 'use strict';
 
 const {
-  TOOL_SIEVE_CAPTURE_LIMIT,
   resetIncrementalToolState,
   noteText,
   insideCodeFence,
 } = require('./state');
 const {
-  buildIncrementalToolDeltas,
-} = require('./incremental');
-const {
-  parseStandaloneToolCalls,
+  parseStandaloneToolCallsDetailed,
 } = require('./parse');
 const {
   extractJSONObjectFrom,
@@ -24,64 +20,64 @@ function processToolSieveChunk(state, chunk, toolNames) {
     state.pending += chunk;
   }
   const events = [];
+
   // eslint-disable-next-line no-constant-condition
   while (true) {
+    if (Array.isArray(state.pendingToolCalls) && state.pendingToolCalls.length > 0) {
+      events.push({ type: 'tool_calls', calls: state.pendingToolCalls });
+      state.pendingToolRaw = '';
+      state.pendingToolCalls = [];
+      continue;
+    }
     if (state.capturing) {
       if (state.pending) {
         state.capture += state.pending;
         state.pending = '';
       }
-      const deltas = buildIncrementalToolDeltas(state);
-      if (deltas.length > 0) {
-        events.push({ type: 'tool_call_deltas', deltas });
-      }
       const consumed = consumeToolCapture(state, toolNames);
       if (!consumed.ready) {
-        if (state.capture.length > TOOL_SIEVE_CAPTURE_LIMIT) {
-          noteText(state, state.capture);
-          events.push({ type: 'text', text: state.capture });
-          state.capture = '';
-          state.capturing = false;
-          resetIncrementalToolState(state);
-          continue;
-        }
         break;
       }
+      const captured = state.capture;
       state.capture = '';
       state.capturing = false;
       resetIncrementalToolState(state);
+
+      if (Array.isArray(consumed.calls) && consumed.calls.length > 0) {
+        state.pendingToolRaw = captured;
+        state.pendingToolCalls = consumed.calls;
+        continue;
+      }
       if (consumed.prefix) {
         noteText(state, consumed.prefix);
         events.push({ type: 'text', text: consumed.prefix });
       }
-      if (Array.isArray(consumed.calls) && consumed.calls.length > 0) {
-        events.push({ type: 'tool_calls', calls: consumed.calls });
-      }
       if (consumed.suffix) {
         state.pending += consumed.suffix;
       }
       continue;
     }
 
-    if (!state.pending) {
+    const pending = state.pending || '';
+    if (!pending) {
       break;
     }
 
-    const start = findToolSegmentStart(state.pending);
+    const start = findToolSegmentStart(pending);
     if (start >= 0) {
-      const prefix = state.pending.slice(0, start);
+      const prefix = pending.slice(0, start);
       if (prefix) {
         noteText(state, prefix);
         events.push({ type: 'text', text: prefix });
       }
-      state.capture = state.pending.slice(start);
       state.pending = '';
+      state.capture += pending.slice(start);
       state.capturing = true;
       resetIncrementalToolState(state);
       continue;
     }
 
-    const [safe, hold] = splitSafeContentForToolDetection(state.pending);
+    const [safe, hold] = splitSafeContentForToolDetection(pending);
     if (!safe) {
       break;
     }
@@ -97,6 +93,13 @@ function flushToolSieve(state, toolNames) {
     return [];
   }
   const events = processToolSieveChunk(state, '', toolNames);
+
+  if (Array.isArray(state.pendingToolCalls) && state.pendingToolCalls.length > 0) {
+    events.push({ type: 'tool_calls', calls: state.pendingToolCalls });
+    state.pendingToolRaw = '';
+    state.pendingToolCalls = [];
+  }
+
   if (state.capturing) {
     const consumed = consumeToolCapture(state, toolNames);
     if (consumed.ready) {
@@ -119,11 +122,13 @@ function flushToolSieve(state, toolNames) {
     state.capturing = false;
     resetIncrementalToolState(state);
   }
+
   if (state.pending) {
     noteText(state, state.pending);
     events.push({ type: 'text', text: state.pending });
     state.pending = '';
   }
+
   return events;
 }
 
@@ -163,11 +168,10 @@ function findToolSegmentStart(s) {
   let offset = 0;
   // eslint-disable-next-line no-constant-condition
   while (true) {
-    const keyRel = lower.indexOf('tool_calls', offset);
-    if (keyRel < 0) {
+    const keyIdx = lower.indexOf('tool_calls', offset);
+    if (keyIdx < 0) {
       return -1;
     }
-    const keyIdx = keyRel;
     const start = s.slice(0, keyIdx).lastIndexOf('{');
     const candidateStart = start >= 0 ? start : keyIdx;
     if (!insideCodeFence(s.slice(0, candidateStart))) {
@@ -178,7 +182,7 @@ function findToolSegmentStart(s) {
 }
 
 function consumeToolCapture(state, toolNames) {
-  const captured = state.capture;
+  const captured = state.capture || '';
   if (!captured) {
     return { ready: false, prefix: '', calls: [], suffix: '' };
   }
@@ -195,8 +199,10 @@ function consumeToolCapture(state, toolNames) {
   if (!obj.ok) {
     return { ready: false, prefix: '', calls: [], suffix: '' };
   }
+
   const prefixPart = captured.slice(0, start);
   const suffixPart = captured.slice(obj.end);
+
   if (insideCodeFence((state.recentTextTail || '') + prefixPart)) {
     return {
       ready: true,
@@ -205,18 +211,19 @@ function consumeToolCapture(state, toolNames) {
       suffix: '',
     };
   }
-  const rawParsed = parseStandaloneToolCalls(captured.slice(start, obj.end), []);
-  const parsed = parseStandaloneToolCalls(captured.slice(start, obj.end), toolNames);
-  if (parsed.length === 0) {
-    if (rawParsed.length > 0 && Array.isArray(toolNames) && toolNames.length > 0) {
-      return {
-        ready: true,
-        prefix: prefixPart,
-        calls: [],
-        suffix: suffixPart,
-      };
-    }
-    if (state.toolNameSent) {
+
+  if ((state.recentTextTail || '').trim() !== '' || prefixPart.trim() !== '' || suffixPart.trim() !== '') {
+    return {
+      ready: true,
+      prefix: captured,
+      calls: [],
+      suffix: '',
+    };
+  }
+
+  const parsed = parseStandaloneToolCallsDetailed(captured.slice(start, obj.end), toolNames);
+  if (!Array.isArray(parsed.calls) || parsed.calls.length === 0) {
+    if (parsed.sawToolCallSyntax && parsed.rejectedByPolicy) {
       return {
         ready: true,
         prefix: prefixPart,
@@ -231,26 +238,11 @@ function consumeToolCapture(state, toolNames) {
       suffix: '',
     };
   }
-  if (state.toolNameSent) {
-    if (parsed.length > 1) {
-      return {
-        ready: true,
-        prefix: prefixPart,
-        calls: parsed.slice(1),
-        suffix: suffixPart,
-      };
-    }
-    return {
-      ready: true,
-      prefix: prefixPart,
-      calls: [],
-      suffix: suffixPart,
-    };
-  }
+
   return {
     ready: true,
     prefix: prefixPart,
-    calls: parsed,
+    calls: parsed.calls,
     suffix: suffixPart,
   };
 }

internal/js/helpers/stream-tool-sieve/state.js

@@ -1,6 +1,5 @@
 'use strict';
 
-const TOOL_SIEVE_CAPTURE_LIMIT = 8 * 1024;
 const TOOL_SIEVE_CONTEXT_TAIL_LIMIT = 256;
 
 function createToolSieveState() {
@@ -9,6 +8,9 @@ function createToolSieveState() {
     capture: '',
     capturing: false,
     recentTextTail: '',
+    pendingToolRaw: '',
+    pendingToolCalls: [],
+    disableDeltas: false,
     toolNameSent: false,
     toolName: '',
     toolArgsStart: -1,
@@ -19,6 +21,7 @@ function createToolSieveState() {
 }
 
 function resetIncrementalToolState(state) {
+  state.disableDeltas = false;
   state.toolNameSent = false;
   state.toolName = '';
   state.toolArgsStart = -1;
@@ -78,7 +81,6 @@ function toStringSafe(v) {
 }
 
 module.exports = {
-  TOOL_SIEVE_CAPTURE_LIMIT,
   TOOL_SIEVE_CONTEXT_TAIL_LIMIT,
   createToolSieveState,
   resetIncrementalToolState,

internal/prompt/messages.go

@@ -51,6 +51,9 @@ func MessagesPrepare(messages []map[string]any) string {
 }
 
 func NormalizeContent(v any) string {
+	if v == nil {
+		return ""
+	}
 	switch x := v.(type) {
 	case string:
 		return x
@@ -64,11 +67,11 @@ func NormalizeContent(v any) string {
 			typeStr, _ := m["type"].(string)
 			typeStr = strings.ToLower(strings.TrimSpace(typeStr))
 			if typeStr == "text" || typeStr == "output_text" || typeStr == "input_text" {
-				if txt, ok := m["text"].(string); ok {
+				if txt, ok := m["text"].(string); ok && txt != "" {
 					parts = append(parts, txt)
 					continue
 				}
-				if txt, ok := m["content"].(string); ok {
+				if txt, ok := m["content"].(string); ok && txt != "" {
 					parts = append(parts, txt)
 				}
 			}

internal/prompt/messages_test.go

@@ -0,0 +1,32 @@
+package prompt
+
+import "testing"
+
+func TestNormalizeContentNilReturnsEmpty(t *testing.T) {
+	if got := NormalizeContent(nil); got != "" {
+		t.Fatalf("expected empty string for nil content, got %q", got)
+	}
+}
+
+func TestMessagesPrepareNilContentNoNullLiteral(t *testing.T) {
+	messages := []map[string]any{
+		{"role": "assistant", "content": nil},
+		{"role": "user", "content": "ok"},
+	}
+	got := MessagesPrepare(messages)
+	if got == "" {
+		t.Fatalf("expected non-empty output")
+	}
+	if got == "null" {
+		t.Fatalf("expected no null literal output, got %q", got)
+	}
+}
+
+func TestNormalizeContentArrayFallsBackToContentWhenTextEmpty(t *testing.T) {
+	got := NormalizeContent([]any{
+		map[string]any{"type": "text", "text": "", "content": "from-content"},
+	})
+	if got != "from-content" {
+		t.Fatalf("expected fallback to content when text is empty, got %q", got)
+	}
+}

internal/server/router.go

@@ -57,16 +57,20 @@ func NewApp() *App {
 	r.Use(cors)
 	r.Use(timeout(0))
 
-	r.Get("/healthz", func(w http.ResponseWriter, _ *http.Request) {
+	healthzHandler := func(w http.ResponseWriter, _ *http.Request) {
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusOK)
 		_, _ = w.Write([]byte(`{"status":"ok"}`))
-	})
-	r.Get("/readyz", func(w http.ResponseWriter, _ *http.Request) {
+	}
+	readyzHandler := func(w http.ResponseWriter, _ *http.Request) {
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusOK)
 		_, _ = w.Write([]byte(`{"status":"ready"}`))
-	})
+	}
+	r.Get("/healthz", healthzHandler)
+	r.Head("/healthz", healthzHandler)
+	r.Get("/readyz", readyzHandler)
+	r.Head("/readyz", readyzHandler)
 	openai.RegisterRoutes(r, openaiHandler)
 	claude.RegisterRoutes(r, claudeHandler)
 	gemini.RegisterRoutes(r, geminiHandler)

internal/server/router_health_test.go

@@ -0,0 +1,20 @@
+package server
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestHealthEndpointsSupportHEAD(t *testing.T) {
+	app := NewApp()
+
+	for _, path := range []string{"/healthz", "/readyz"} {
+		req := httptest.NewRequest(http.MethodHead, path, nil)
+		rec := httptest.NewRecorder()
+		app.Router.ServeHTTP(rec, req)
+		if rec.Code != http.StatusOK {
+			t.Fatalf("expected %s HEAD status 200, got %d", path, rec.Code)
+		}
+	}
+}

internal/testsuite/runner_cases_openai.go

@@ -17,6 +17,12 @@ func (r *Runner) caseHealthz(ctx context.Context, cc *caseContext) error {
 	var m map[string]any
 	_ = json.Unmarshal(resp.Body, &m)
 	cc.assert("status_ok", asString(m["status"]) == "ok", fmt.Sprintf("body=%s", string(resp.Body)))
+
+	headResp, headErr := cc.request(ctx, requestSpec{Method: http.MethodHead, Path: "/healthz", Retryable: true})
+	if headErr != nil {
+		return headErr
+	}
+	cc.assert("head_status_200", headResp.StatusCode == http.StatusOK, fmt.Sprintf("status=%d", headResp.StatusCode))
 	return nil
 }
 
@@ -29,6 +35,12 @@ func (r *Runner) caseReadyz(ctx context.Context, cc *caseContext) error {
 	var m map[string]any
 	_ = json.Unmarshal(resp.Body, &m)
 	cc.assert("status_ready", asString(m["status"]) == "ready", fmt.Sprintf("body=%s", string(resp.Body)))
+
+	headResp, headErr := cc.request(ctx, requestSpec{Method: http.MethodHead, Path: "/readyz", Retryable: true})
+	if headErr != nil {
+		return headErr
+	}
+	cc.assert("head_status_200", headResp.StatusCode == http.StatusOK, fmt.Sprintf("status=%d", headResp.StatusCode))
 	return nil
 }
 

internal/util/toolcalls_markup.go

@@ -0,0 +1,161 @@
+package util
+
+import (
+	"encoding/json"
+	"regexp"
+	"strings"
+)
+
+var toolCallMarkupTagNames = []string{"tool_call", "function_call", "invoke"}
+var toolCallMarkupTagPatternByName = map[string]*regexp.Regexp{
+	"tool_call":     regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?tool_call\b([^>]*)>(.*?)</(?:[a-z0-9_:-]+:)?tool_call>`),
+	"function_call": regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?function_call\b([^>]*)>(.*?)</(?:[a-z0-9_:-]+:)?function_call>`),
+	"invoke":        regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?invoke\b([^>]*)>(.*?)</(?:[a-z0-9_:-]+:)?invoke>`),
+}
+var toolCallMarkupSelfClosingPattern = regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?invoke\b([^>]*)/>`)
+var toolCallMarkupKVPattern = regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?([a-z0-9_\-.]+)\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?([a-z0-9_\-.]+)>`)
+var toolCallMarkupAttrPattern = regexp.MustCompile(`(?is)(name|function|tool)\s*=\s*"([^"]+)"`)
+var anyTagPattern = regexp.MustCompile(`(?is)<[^>]+>`)
+var toolCallMarkupNameTagNames = []string{"name", "function"}
+var toolCallMarkupNamePatternByTag = map[string]*regexp.Regexp{
+	"name":     regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?name\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?name>`),
+	"function": regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?function\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?function>`),
+}
+var toolCallMarkupArgsTagNames = []string{"input", "arguments", "argument", "parameters", "parameter", "args", "params"}
+var toolCallMarkupArgsPatternByTag = map[string]*regexp.Regexp{
+	"input":      regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?input\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?input>`),
+	"arguments":  regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?arguments\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?arguments>`),
+	"argument":   regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?argument\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?argument>`),
+	"parameters": regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?parameters\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?parameters>`),
+	"parameter":  regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?parameter\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?parameter>`),
+	"args":       regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?args\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?args>`),
+	"params":     regexp.MustCompile(`(?is)<(?:[a-z0-9_:-]+:)?params\b[^>]*>(.*?)</(?:[a-z0-9_:-]+:)?params>`),
+}
+
+func parseMarkupToolCalls(text string) []ParsedToolCall {
+	trimmed := strings.TrimSpace(text)
+	if trimmed == "" {
+		return nil
+	}
+
+	out := make([]ParsedToolCall, 0)
+	for _, tagName := range toolCallMarkupTagNames {
+		pattern := toolCallMarkupTagPatternByName[tagName]
+		for _, m := range pattern.FindAllStringSubmatch(trimmed, -1) {
+			if len(m) < 3 {
+				continue
+			}
+			attrs := strings.TrimSpace(m[1])
+			inner := strings.TrimSpace(m[2])
+			if parsed := parseMarkupSingleToolCall(attrs, inner); parsed.Name != "" {
+				out = append(out, parsed)
+			}
+		}
+	}
+	for _, m := range toolCallMarkupSelfClosingPattern.FindAllStringSubmatch(trimmed, -1) {
+		if len(m) < 2 {
+			continue
+		}
+		if parsed := parseMarkupSingleToolCall(strings.TrimSpace(m[1]), ""); parsed.Name != "" {
+			out = append(out, parsed)
+		}
+	}
+	if len(out) == 0 {
+		return nil
+	}
+	return out
+}
+
+func parseMarkupSingleToolCall(attrs string, inner string) ParsedToolCall {
+	if parsed := parseToolCallsPayload(inner); len(parsed) > 0 {
+		return parsed[0]
+	}
+
+	name := ""
+	if m := toolCallMarkupAttrPattern.FindStringSubmatch(attrs); len(m) >= 3 {
+		name = strings.TrimSpace(m[2])
+	}
+	if name == "" {
+		name = findMarkupTagValue(inner, toolCallMarkupNameTagNames, toolCallMarkupNamePatternByTag)
+	}
+	if name == "" {
+		return ParsedToolCall{}
+	}
+
+	input := map[string]any{}
+	if argsRaw := findMarkupTagValue(inner, toolCallMarkupArgsTagNames, toolCallMarkupArgsPatternByTag); argsRaw != "" {
+		input = parseMarkupInput(argsRaw)
+	} else if kv := parseMarkupKVObject(inner); len(kv) > 0 {
+		input = kv
+	}
+	return ParsedToolCall{Name: name, Input: input}
+}
+
+func parseMarkupInput(raw string) map[string]any {
+	raw = strings.TrimSpace(raw)
+	if raw == "" {
+		return map[string]any{}
+	}
+	if parsed := parseToolCallInput(raw); len(parsed) > 0 {
+		return parsed
+	}
+	if kv := parseMarkupKVObject(raw); len(kv) > 0 {
+		return kv
+	}
+	return map[string]any{"_raw": stripTagText(raw)}
+}
+
+func parseMarkupKVObject(text string) map[string]any {
+	matches := toolCallMarkupKVPattern.FindAllStringSubmatch(strings.TrimSpace(text), -1)
+	if len(matches) == 0 {
+		return nil
+	}
+	out := map[string]any{}
+	for _, m := range matches {
+		if len(m) < 4 {
+			continue
+		}
+		key := strings.TrimSpace(m[1])
+		endKey := strings.TrimSpace(m[3])
+		if key == "" {
+			continue
+		}
+		if !strings.EqualFold(key, endKey) {
+			continue
+		}
+		value := strings.TrimSpace(stripTagText(m[2]))
+		if value == "" {
+			continue
+		}
+		var jsonValue any
+		if json.Unmarshal([]byte(value), &jsonValue) == nil {
+			out[key] = jsonValue
+			continue
+		}
+		out[key] = value
+	}
+	if len(out) == 0 {
+		return nil
+	}
+	return out
+}
+
+func stripTagText(text string) string {
+	return strings.TrimSpace(anyTagPattern.ReplaceAllString(text, ""))
+}
+
+func findMarkupTagValue(text string, tagNames []string, patternByTag map[string]*regexp.Regexp) string {
+	for _, tag := range tagNames {
+		pattern := patternByTag[tag]
+		if pattern == nil {
+			continue
+		}
+		if m := pattern.FindStringSubmatch(text); len(m) >= 2 {
+			value := strings.TrimSpace(m[1])
+			if value != "" {
+				return value
+			}
+		}
+	}
+	return ""
+}

internal/util/toolcalls_parse.go

@@ -2,9 +2,12 @@ package util
 
 import (
 	"encoding/json"
+	"regexp"
 	"strings"
 )
 
+var toolNameLoosePattern = regexp.MustCompile(`[^a-z0-9]+`)
+
 type ParsedToolCall struct {
 	Name  string         `json:"name"`
 	Input map[string]any `json:"input"`
@@ -30,19 +33,30 @@ func ParseToolCallsDetailed(text string, availableToolNames []string) ToolCallPa
 	if strings.TrimSpace(text) == "" {
 		return result
 	}
-	result.SawToolCallSyntax = strings.Contains(strings.ToLower(text), "tool_calls")
+	result.SawToolCallSyntax = looksLikeToolCallSyntax(text)
 
 	candidates := buildToolCallCandidates(text)
 	var parsed []ParsedToolCall
 	for _, candidate := range candidates {
-		if tc := parseToolCallsPayload(candidate); len(tc) > 0 {
+		tc := parseToolCallsPayload(candidate)
+		if len(tc) == 0 {
+			tc = parseXMLToolCalls(candidate)
+		}
+		if len(tc) == 0 {
+			tc = parseMarkupToolCalls(candidate)
+		}
+		if len(tc) > 0 {
 			parsed = tc
 			result.SawToolCallSyntax = true
 			break
 		}
 	}
 	if len(parsed) == 0 {
-		return result
+		parsed = parseXMLToolCalls(text)
+		if len(parsed) == 0 {
+			return result
+		}
+		result.SawToolCallSyntax = true
 	}
 
 	calls, rejectedNames := filterToolCallsDetailed(parsed, availableToolNames)
@@ -65,17 +79,21 @@ func ParseStandaloneToolCallsDetailed(text string, availableToolNames []string)
 	if looksLikeToolExampleContext(trimmed) {
 		return result
 	}
-	result.SawToolCallSyntax = strings.Contains(strings.ToLower(trimmed), "tool_calls")
+	result.SawToolCallSyntax = looksLikeToolCallSyntax(trimmed)
 	candidates := []string{trimmed}
 	for _, candidate := range candidates {
 		candidate = strings.TrimSpace(candidate)
 		if candidate == "" {
 			continue
 		}
-		if !strings.HasPrefix(candidate, "{") && !strings.HasPrefix(candidate, "[") {
-			continue
+		parsed := parseToolCallsPayload(candidate)
+		if len(parsed) == 0 {
+			parsed = parseXMLToolCalls(candidate)
 		}
-		if parsed := parseToolCallsPayload(candidate); len(parsed) > 0 {
+		if len(parsed) == 0 {
+			parsed = parseMarkupToolCalls(candidate)
+		}
+		if len(parsed) > 0 {
 			result.SawToolCallSyntax = true
 			calls, rejectedNames := filterToolCallsDetailed(parsed, availableToolNames)
 			result.Calls = calls
@@ -89,45 +107,82 @@ func ParseStandaloneToolCallsDetailed(text string, availableToolNames []string)
 
 func filterToolCallsDetailed(parsed []ParsedToolCall, availableToolNames []string) ([]ParsedToolCall, []string) {
 	allowed := map[string]struct{}{}
+	allowedCanonical := map[string]string{}
 	for _, name := range availableToolNames {
-		allowed[name] = struct{}{}
+		trimmed := strings.TrimSpace(name)
+		if trimmed == "" {
+			continue
+		}
+		allowed[trimmed] = struct{}{}
+		lower := strings.ToLower(trimmed)
+		if _, exists := allowedCanonical[lower]; !exists {
+			allowedCanonical[lower] = trimmed
+		}
 	}
 	if len(allowed) == 0 {
 		rejectedSet := map[string]struct{}{}
+		rejected := make([]string, 0, len(parsed))
 		for _, tc := range parsed {
 			if tc.Name == "" {
 				continue
 			}
+			if _, ok := rejectedSet[tc.Name]; ok {
+				continue
+			}
 			rejectedSet[tc.Name] = struct{}{}
-		}
-		rejected := make([]string, 0, len(rejectedSet))
-		for name := range rejectedSet {
-			rejected = append(rejected, name)
+			rejected = append(rejected, tc.Name)
 		}
 		return nil, rejected
 	}
 	out := make([]ParsedToolCall, 0, len(parsed))
 	rejectedSet := map[string]struct{}{}
+	rejected := make([]string, 0)
 	for _, tc := range parsed {
 		if tc.Name == "" {
 			continue
 		}
-		if _, ok := allowed[tc.Name]; !ok {
-			rejectedSet[tc.Name] = struct{}{}
+		matchedName := resolveAllowedToolName(tc.Name, allowed, allowedCanonical)
+		if matchedName == "" {
+			if _, ok := rejectedSet[tc.Name]; !ok {
+				rejectedSet[tc.Name] = struct{}{}
+				rejected = append(rejected, tc.Name)
+			}
 			continue
 		}
+		tc.Name = matchedName
 		if tc.Input == nil {
 			tc.Input = map[string]any{}
 		}
 		out = append(out, tc)
 	}
-	rejected := make([]string, 0, len(rejectedSet))
-	for name := range rejectedSet {
-		rejected = append(rejected, name)
-	}
 	return out, rejected
 }
 
+func resolveAllowedToolName(name string, allowed map[string]struct{}, allowedCanonical map[string]string) string {
+	if _, ok := allowed[name]; ok {
+		return name
+	}
+	lower := strings.ToLower(strings.TrimSpace(name))
+	if canonical, ok := allowedCanonical[lower]; ok {
+		return canonical
+	}
+	if idx := strings.LastIndex(lower, "."); idx >= 0 && idx < len(lower)-1 {
+		if canonical, ok := allowedCanonical[lower[idx+1:]]; ok {
+			return canonical
+		}
+	}
+	loose := toolNameLoosePattern.ReplaceAllString(lower, "")
+	if loose == "" {
+		return ""
+	}
+	for candidateLower, canonical := range allowedCanonical {
+		if toolNameLoosePattern.ReplaceAllString(candidateLower, "") == loose {
+			return canonical
+		}
+	}
+	return ""
+}
+
 func parseToolCallsPayload(payload string) []ParsedToolCall {
 	var decoded any
 	if err := json.Unmarshal([]byte(payload), &decoded); err != nil {
@@ -147,6 +202,14 @@ func parseToolCallsPayload(payload string) []ParsedToolCall {
 	return nil
 }
 
+func looksLikeToolCallSyntax(text string) bool {
+	lower := strings.ToLower(text)
+	return strings.Contains(lower, "tool_calls") ||
+		strings.Contains(lower, "<tool_call") ||
+		strings.Contains(lower, "<function_call") ||
+		strings.Contains(lower, "<invoke")
+}
+
 func parseToolCallList(v any) []ParsedToolCall {
 	items, ok := v.([]any)
 	if !ok {

internal/util/toolcalls_parse_markup.go

@@ -0,0 +1,235 @@
+package util
+
+import (
+	"encoding/json"
+	"encoding/xml"
+	"regexp"
+	"strings"
+)
+
+var xmlToolCallPattern = regexp.MustCompile(`(?is)<tool_call>\s*(.*?)\s*</tool_call>`)
+var functionCallPattern = regexp.MustCompile(`(?is)<function_call>\s*([^<]+?)\s*</function_call>`)
+var functionParamPattern = regexp.MustCompile(`(?is)<function\s+parameter\s+name="([^"]+)"\s*>\s*(.*?)\s*</function\s+parameter>`)
+var antmlFunctionCallPattern = regexp.MustCompile(`(?is)<(?:[a-z0-9_]+:)?function_call[^>]*(?:name|function)="([^"]+)"[^>]*>\s*(.*?)\s*</(?:[a-z0-9_]+:)?function_call>`)
+var antmlArgumentPattern = regexp.MustCompile(`(?is)<(?:[a-z0-9_]+:)?argument\s+name="([^"]+)"\s*>\s*(.*?)\s*</(?:[a-z0-9_]+:)?argument>`)
+var antmlParametersPattern = regexp.MustCompile(`(?is)<(?:[a-z0-9_]+:)?parameters\s*>\s*(\{.*?\})\s*</(?:[a-z0-9_]+:)?parameters>`)
+var invokeCallPattern = regexp.MustCompile(`(?is)<invoke\s+name="([^"]+)"\s*>(.*?)</invoke>`)
+var invokeParamPattern = regexp.MustCompile(`(?is)<parameter\s+name="([^"]+)"\s*>\s*(.*?)\s*</parameter>`)
+
+func parseXMLToolCalls(text string) []ParsedToolCall {
+	matches := xmlToolCallPattern.FindAllString(text, -1)
+	out := make([]ParsedToolCall, 0, len(matches)+1)
+	for _, block := range matches {
+		call, ok := parseSingleXMLToolCall(block)
+		if !ok {
+			continue
+		}
+		out = append(out, call)
+	}
+	if len(out) > 0 {
+		return out
+	}
+	if call, ok := parseFunctionCallTagStyle(text); ok {
+		return []ParsedToolCall{call}
+	}
+	if calls := parseAntmlFunctionCallStyles(text); len(calls) > 0 {
+		return calls
+	}
+	if call, ok := parseInvokeFunctionCallStyle(text); ok {
+		return []ParsedToolCall{call}
+	}
+	return nil
+}
+
+func parseSingleXMLToolCall(block string) (ParsedToolCall, bool) {
+	inner := strings.TrimSpace(block)
+	inner = strings.TrimPrefix(inner, "<tool_call>")
+	inner = strings.TrimSuffix(inner, "</tool_call>")
+	inner = strings.TrimSpace(inner)
+	if strings.HasPrefix(inner, "{") {
+		var payload map[string]any
+		if err := json.Unmarshal([]byte(inner), &payload); err == nil {
+			name := strings.TrimSpace(asString(payload["tool"]))
+			if name == "" {
+				name = strings.TrimSpace(asString(payload["tool_name"]))
+			}
+			if name != "" {
+				input := map[string]any{}
+				if params, ok := payload["params"].(map[string]any); ok {
+					input = params
+				} else if params, ok := payload["parameters"].(map[string]any); ok {
+					input = params
+				}
+				return ParsedToolCall{Name: name, Input: input}, true
+			}
+		}
+	}
+
+	dec := xml.NewDecoder(strings.NewReader(block))
+	name := ""
+	params := map[string]any{}
+	inParams := false
+	inTool := false
+	for {
+		tok, err := dec.Token()
+		if err != nil {
+			break
+		}
+		switch t := tok.(type) {
+		case xml.StartElement:
+			tag := strings.ToLower(t.Name.Local)
+			switch tag {
+			case "tool":
+				inTool = true
+				for _, attr := range t.Attr {
+					if strings.EqualFold(strings.TrimSpace(attr.Name.Local), "name") && strings.TrimSpace(name) == "" {
+						name = strings.TrimSpace(attr.Value)
+					}
+				}
+			case "parameters":
+				inParams = true
+			case "tool_name", "name":
+				var v string
+				if err := dec.DecodeElement(&v, &t); err == nil && strings.TrimSpace(v) != "" {
+					name = strings.TrimSpace(v)
+				}
+			case "input", "arguments", "argument", "args", "params":
+				var v string
+				if err := dec.DecodeElement(&v, &t); err == nil && strings.TrimSpace(v) != "" {
+					if parsed := parseToolCallInput(strings.TrimSpace(v)); len(parsed) > 0 {
+						for k, vv := range parsed {
+							params[k] = vv
+						}
+					}
+				}
+			default:
+				if inParams || inTool {
+					var v string
+					if err := dec.DecodeElement(&v, &t); err == nil {
+						params[t.Name.Local] = strings.TrimSpace(v)
+					}
+				}
+			}
+		case xml.EndElement:
+			tag := strings.ToLower(t.Name.Local)
+			if tag == "parameters" {
+				inParams = false
+			}
+			if tag == "tool" {
+				inTool = false
+			}
+		}
+	}
+	if strings.TrimSpace(name) == "" {
+		return ParsedToolCall{}, false
+	}
+	return ParsedToolCall{Name: strings.TrimSpace(name), Input: params}, true
+}
+
+func parseFunctionCallTagStyle(text string) (ParsedToolCall, bool) {
+	m := functionCallPattern.FindStringSubmatch(text)
+	if len(m) < 2 {
+		return ParsedToolCall{}, false
+	}
+	name := strings.TrimSpace(m[1])
+	if name == "" {
+		return ParsedToolCall{}, false
+	}
+	input := map[string]any{}
+	for _, pm := range functionParamPattern.FindAllStringSubmatch(text, -1) {
+		if len(pm) < 3 {
+			continue
+		}
+		key := strings.TrimSpace(pm[1])
+		val := strings.TrimSpace(pm[2])
+		if key != "" {
+			input[key] = val
+		}
+	}
+	return ParsedToolCall{Name: name, Input: input}, true
+}
+
+func parseAntmlFunctionCallStyles(text string) []ParsedToolCall {
+	matches := antmlFunctionCallPattern.FindAllStringSubmatch(text, -1)
+	if len(matches) == 0 {
+		return nil
+	}
+	out := make([]ParsedToolCall, 0, len(matches))
+	for _, m := range matches {
+		if call, ok := parseSingleAntmlFunctionCallMatch(m); ok {
+			out = append(out, call)
+		}
+	}
+	if len(out) == 0 {
+		return nil
+	}
+	return out
+}
+
+func parseSingleAntmlFunctionCallMatch(m []string) (ParsedToolCall, bool) {
+	if len(m) < 3 {
+		return ParsedToolCall{}, false
+	}
+	name := strings.TrimSpace(m[1])
+	if name == "" {
+		return ParsedToolCall{}, false
+	}
+	body := strings.TrimSpace(m[2])
+	input := map[string]any{}
+	if strings.HasPrefix(body, "{") {
+		if err := json.Unmarshal([]byte(body), &input); err == nil {
+			return ParsedToolCall{Name: name, Input: input}, true
+		}
+	}
+	if pm := antmlParametersPattern.FindStringSubmatch(body); len(pm) >= 2 {
+		if err := json.Unmarshal([]byte(strings.TrimSpace(pm[1])), &input); err == nil {
+			return ParsedToolCall{Name: name, Input: input}, true
+		}
+	}
+	for _, am := range antmlArgumentPattern.FindAllStringSubmatch(body, -1) {
+		if len(am) < 3 {
+			continue
+		}
+		k := strings.TrimSpace(am[1])
+		v := strings.TrimSpace(am[2])
+		if k != "" {
+			input[k] = v
+		}
+	}
+	return ParsedToolCall{Name: name, Input: input}, true
+}
+
+func parseInvokeFunctionCallStyle(text string) (ParsedToolCall, bool) {
+	m := invokeCallPattern.FindStringSubmatch(text)
+	if len(m) < 3 {
+		return ParsedToolCall{}, false
+	}
+	name := strings.TrimSpace(m[1])
+	if name == "" {
+		return ParsedToolCall{}, false
+	}
+	input := map[string]any{}
+	for _, pm := range invokeParamPattern.FindAllStringSubmatch(m[2], -1) {
+		if len(pm) < 3 {
+			continue
+		}
+		k := strings.TrimSpace(pm[1])
+		v := strings.TrimSpace(pm[2])
+		if k != "" {
+			input[k] = v
+		}
+	}
+	if len(input) == 0 {
+		if argsRaw := findMarkupTagValue(m[2], toolCallMarkupArgsTagNames, toolCallMarkupArgsPatternByTag); argsRaw != "" {
+			input = parseMarkupInput(argsRaw)
+		} else if kv := parseMarkupKVObject(m[2]); len(kv) > 0 {
+			input = kv
+		}
+	}
+	return ParsedToolCall{Name: name, Input: input}, true
+}
+
+func asString(v any) string {
+	s, _ := v.(string)
+	return s
+}

internal/util/toolcalls_test.go

@@ -46,6 +46,17 @@ func TestParseToolCallsRejectsUnknownToolName(t *testing.T) {
 	}
 }
 
+func TestParseToolCallsAllowsCaseInsensitiveToolNameAndCanonicalizes(t *testing.T) {
+	text := `{"tool_calls":[{"name":"Bash","input":{"command":"ls -al"}}]}`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+}
+
 func TestParseToolCallsDetailedMarksPolicyRejection(t *testing.T) {
 	text := `{"tool_calls":[{"name":"unknown","input":{}}]}`
 	res := ParseToolCallsDetailed(text, []string{"search"})
@@ -104,3 +115,167 @@ func TestParseStandaloneToolCallsIgnoresFencedCodeBlock(t *testing.T) {
 		t.Fatalf("expected fenced tool_call example to be ignored, got %#v", calls)
 	}
 }
+
+func TestParseToolCallsAllowsQualifiedToolName(t *testing.T) {
+	text := `{"tool_calls":[{"name":"mcp.search_web","input":{"q":"golang"}}]}`
+	calls := ParseToolCalls(text, []string{"search_web"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "search_web" {
+		t.Fatalf("expected canonical tool name search_web, got %q", calls[0].Name)
+	}
+}
+
+func TestParseToolCallsAllowsPunctuationVariantToolName(t *testing.T) {
+	text := `{"tool_calls":[{"name":"read-file","input":{"path":"README.md"}}]}`
+	calls := ParseToolCalls(text, []string{"read_file"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "read_file" {
+		t.Fatalf("expected canonical tool name read_file, got %q", calls[0].Name)
+	}
+}
+
+func TestParseToolCallsSupportsClaudeXMLToolCall(t *testing.T) {
+	text := `<tool_call><tool_name>Bash</tool_name><parameters><command>pwd</command><description>show cwd</description></parameters></tool_call>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsDetailedMarksXMLToolCallSyntax(t *testing.T) {
+	text := `<tool_call><tool_name>Bash</tool_name><parameters><command>pwd</command></parameters></tool_call>`
+	res := ParseToolCallsDetailed(text, []string{"bash"})
+	if !res.SawToolCallSyntax {
+		t.Fatalf("expected SawToolCallSyntax=true, got %#v", res)
+	}
+	if len(res.Calls) != 1 {
+		t.Fatalf("expected one parsed call, got %#v", res)
+	}
+}
+
+func TestParseToolCallsSupportsClaudeXMLJSONToolCall(t *testing.T) {
+	text := `<tool_call>{"tool":"Bash","params":{"command":"pwd","description":"show cwd"}}</tool_call>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsFunctionCallTagStyle(t *testing.T) {
+	text := `<function_call>Bash</function_call><function parameter name="command">ls -la</function parameter><function parameter name="description">list</function parameter>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "ls -la" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsAntmlFunctionCallStyle(t *testing.T) {
+	text := `<antml:function_calls><antml:function_call name="Bash">{"command":"pwd","description":"x"}</antml:function_call></antml:function_calls>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsAntmlArgumentStyle(t *testing.T) {
+	text := `<antml:function_calls><antml:function_call id="1" name="Bash"><antml:argument name="command">pwd</antml:argument><antml:argument name="description">x</antml:argument></antml:function_call></antml:function_calls>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsInvokeFunctionCallStyle(t *testing.T) {
+	text := `<function_calls><invoke name="Bash"><parameter name="command">pwd</parameter><parameter name="description">d</parameter></invoke></function_calls>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsNestedToolTagStyle(t *testing.T) {
+	text := `<tool_call><tool name="Bash"><command>pwd</command><description>show cwd</description></tool></tool_call>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsAntmlFunctionAttributeWithParametersTag(t *testing.T) {
+	text := `<antml:function_calls><antml:function_call id="x" function="Bash"><antml:parameters>{"command":"pwd"}</antml:parameters></antml:function_call></antml:function_calls>`
+	calls := ParseToolCalls(text, []string{"bash"})
+	if len(calls) != 1 {
+		t.Fatalf("expected 1 call, got %#v", calls)
+	}
+	if calls[0].Name != "bash" {
+		t.Fatalf("expected canonical tool name bash, got %q", calls[0].Name)
+	}
+	if calls[0].Input["command"] != "pwd" {
+		t.Fatalf("expected command argument, got %#v", calls[0].Input)
+	}
+}
+
+func TestParseToolCallsSupportsMultipleAntmlFunctionCalls(t *testing.T) {
+	text := `<antml:function_calls><antml:function_call id="1" function="Bash"><antml:parameters>{"command":"pwd"}</antml:parameters></antml:function_call><antml:function_call id="2" function="Read"><antml:parameters>{"file_path":"README.md"}</antml:parameters></antml:function_call></antml:function_calls>`
+	calls := ParseToolCalls(text, []string{"bash", "read"})
+	if len(calls) != 2 {
+		t.Fatalf("expected 2 calls, got %#v", calls)
+	}
+	if calls[0].Name != "bash" || calls[1].Name != "read" {
+		t.Fatalf("expected canonical names [bash read], got %#v", calls)
+	}
+}
+
+func TestParseToolCallsDoesNotAcceptMismatchedMarkupTags(t *testing.T) {
+	text := `<tool_call><name>read_file</function><arguments>{"path":"README.md"}</arguments></tool_call>`
+	calls := ParseToolCalls(text, []string{"read_file"})
+	if len(calls) != 0 {
+		t.Fatalf("expected mismatched tags to be rejected, got %#v", calls)
+	}
+}

plans/node-syntax-gate-targets.txt

@@ -16,7 +16,6 @@ internal/js/helpers/stream-tool-sieve.js
 internal/js/helpers/stream-tool-sieve/index.js
 internal/js/helpers/stream-tool-sieve/state.js
 internal/js/helpers/stream-tool-sieve/sieve.js
-internal/js/helpers/stream-tool-sieve/incremental.js
 internal/js/helpers/stream-tool-sieve/jsonscan.js
 internal/js/helpers/stream-tool-sieve/parse.js
 internal/js/helpers/stream-tool-sieve/format.js

plans/refactor-line-gate-targets.txt

@@ -105,7 +105,6 @@ internal/js/helpers/stream-tool-sieve.js
 internal/js/helpers/stream-tool-sieve/index.js
 internal/js/helpers/stream-tool-sieve/state.js
 internal/js/helpers/stream-tool-sieve/sieve.js
-internal/js/helpers/stream-tool-sieve/incremental.js
 internal/js/helpers/stream-tool-sieve/jsonscan.js
 internal/js/helpers/stream-tool-sieve/parse.js
 internal/js/helpers/stream-tool-sieve/format.js

start.mjs

@@ -0,0 +1,566 @@
+#!/usr/bin/env node
+/**
+ * DS2API 启动脚本 - 交互式菜单
+ *
+ * 使用方法:
+ *   node start.mjs          # 显示交互式菜单
+ *   node start.mjs dev      # 开发模式（后端 + 前端热重载）
+ *   node start.mjs prod     # 生产模式（编译后运行）
+ *   node start.mjs build    # 编译后端二进制
+ *   node start.mjs webui    # 构建前端静态文件
+ *   node start.mjs install  # 安装前端依赖
+ *   node start.mjs stop     # 停止所有服务
+ *   node start.mjs status   # 查看服务状态
+ */
+
+import { spawn, execSync } from 'child_process';
+import { createInterface } from 'readline';
+import { existsSync } from 'fs';
+import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+// 判断是否为 Windows
+const isWindows = process.platform === 'win32';
+
+// 编译产物路径
+const BINARY = join(__dirname, isWindows ? 'ds2api.exe' : 'ds2api');
+
+// 配置（从环境变量读取，与 Go 主程序保持一致）
+const CONFIG = {
+  port: process.env.PORT || '5001',
+  frontendPort: 5173,
+  logLevel: process.env.LOG_LEVEL || 'INFO',
+  adminKey: process.env.DS2API_ADMIN_KEY || 'admin',
+  webuiDir: join(__dirname, 'webui'),
+  staticAdminDir: process.env.DS2API_STATIC_ADMIN_DIR || join(__dirname, 'static', 'admin'),
+};
+
+// 国内镜像配置
+const MIRRORS = {
+  goproxy: process.env.GOPROXY || 'https://goproxy.cn,direct',
+  npm: process.env.NPM_REGISTRY || 'https://registry.npmmirror.com',
+};
+
+// 存储子进程
+const processes = [];
+
+// 颜色输出
+const colors = {
+  reset: '\x1b[0m',
+  bright: '\x1b[1m',
+  dim: '\x1b[2m',
+  red: '\x1b[31m',
+  green: '\x1b[32m',
+  yellow: '\x1b[33m',
+  blue: '\x1b[34m',
+  magenta: '\x1b[35m',
+  cyan: '\x1b[36m',
+};
+
+const log = {
+  info: (msg) => console.log(`${colors.cyan}[INFO]${colors.reset} ${msg}`),
+  success: (msg) => console.log(`${colors.green}[OK]${colors.reset} ${msg}`),
+  warn: (msg) => console.log(`${colors.yellow}[WARN]${colors.reset} ${msg}`),
+  error: (msg) => console.log(`${colors.red}[ERROR]${colors.reset} ${msg}`),
+  title: (msg) => console.log(`\n${colors.bright}${colors.magenta}${msg}${colors.reset}`),
+};
+
+// 清理并退出
+function cleanup() {
+  console.log('\n');
+  log.info('正在关闭所有服务...');
+  processes.forEach(proc => {
+    if (proc && !proc.killed) {
+      proc.kill('SIGTERM');
+    }
+  });
+  log.success('已退出');
+  process.exit(0);
+}
+
+process.on('SIGINT', cleanup);
+process.on('SIGTERM', cleanup);
+
+// 检查命令是否存在
+function commandExists(cmd) {
+  try {
+    execSync(`${isWindows ? 'where' : 'which'} ${cmd}`, { stdio: 'ignore' });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+// 检查 Go 是否安装
+function checkGo() {
+  return commandExists('go');
+}
+
+// 获取 Go 版本
+function getGoVersion() {
+  try {
+    return execSync('go version', { encoding: 'utf-8' }).trim();
+  } catch {
+    return null;
+  }
+}
+
+// 检查前端依赖是否已安装
+function checkFrontendDeps() {
+  if (!existsSync(CONFIG.webuiDir)) return null;
+  return existsSync(join(CONFIG.webuiDir, 'node_modules'));
+}
+
+// 检查前端是否已构建
+function checkWebuiBuilt() {
+  return existsSync(join(CONFIG.staticAdminDir, 'index.html'));
+}
+
+// 检查后端二进制是否存在
+function binaryExists() {
+  return existsSync(BINARY);
+}
+
+// 查找占用端口的进程 PID
+function findPidByPort(port) {
+  try {
+    if (isWindows) {
+      const output = execSync(`netstat -ano | findstr :${port} | findstr LISTENING`, {
+        encoding: 'utf-8',
+        shell: true,
+        stdio: ['pipe', 'pipe', 'ignore'],
+      });
+      const pids = new Set();
+      for (const line of output.trim().split('\n')) {
+        const parts = line.trim().split(/\s+/);
+        const pid = parts[parts.length - 1];
+        if (pid && pid !== '0') pids.add(pid);
+      }
+      return [...pids];
+    } else {
+      const output = execSync(`lsof -ti :${port}`, {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'ignore'],
+      });
+      return output.trim().split('\n').filter(Boolean);
+    }
+  } catch {
+    return [];
+  }
+}
+
+// 获取运行中的服务状态
+function getRunningStatus() {
+  const backendPids = findPidByPort(CONFIG.port);
+  const frontendPids = findPidByPort(CONFIG.frontendPort);
+  return {
+    backend: backendPids,
+    frontend: frontendPids,
+    isRunning: backendPids.length > 0 || frontendPids.length > 0,
+  };
+}
+
+// 停止服务
+async function stopServices() {
+  const running = getRunningStatus();
+
+  if (!running.isRunning) {
+    log.warn('没有检测到正在运行的服务');
+    return;
+  }
+
+  log.title('========== 停止服务 ==========');
+
+  const killProcess = async (pid) => {
+    try {
+      if (isWindows) {
+        try {
+          execSync(`taskkill /PID ${pid}`, { stdio: 'ignore', shell: true });
+        } catch {
+          execSync(`taskkill /F /T /PID ${pid}`, { stdio: 'ignore', shell: true });
+        }
+      } else {
+        execSync(`kill -15 ${pid}`, { stdio: 'ignore' });
+        await new Promise(r => setTimeout(r, 500));
+        try {
+          execSync(`kill -0 ${pid}`, { stdio: 'ignore' });
+          execSync(`kill -9 ${pid}`, { stdio: 'ignore' });
+        } catch { /* 进程已退出 */ }
+      }
+    } catch { /* 进程可能已退出 */ }
+  };
+
+  if (running.backend.length > 0) {
+    log.info(`停止后端服务 (端口 ${CONFIG.port}, PID: ${running.backend.join(', ')})...`);
+    for (const pid of running.backend) await killProcess(pid);
+    log.success('后端服务已停止');
+  }
+
+  if (running.frontend.length > 0) {
+    log.info(`停止前端服务 (端口 ${CONFIG.frontendPort}, PID: ${running.frontend.join(', ')})...`);
+    for (const pid of running.frontend) await killProcess(pid);
+    log.success('前端服务已停止');
+  }
+}
+
+// 安装前端依赖
+async function installFrontendDeps() {
+  if (!existsSync(CONFIG.webuiDir)) {
+    log.warn('webui 目录不存在，跳过前端依赖安装');
+    return;
+  }
+  log.info(`安装前端依赖 (npm ci, registry: ${MIRRORS.npm})...`);
+  return new Promise((resolve, reject) => {
+    const proc = spawn('npm', ['ci', '--registry', MIRRORS.npm], {
+      cwd: CONFIG.webuiDir,
+      stdio: 'inherit',
+      shell: true,
+    });
+    proc.on('close', code => code === 0 ? resolve() : reject(new Error('前端依赖安装失败')));
+  });
+}
+
+// 确保前端依赖已安装
+async function ensureFrontendDeps() {
+  if (checkFrontendDeps() === false) {
+    log.warn('检测到前端依赖未安装，正在安装...');
+    await installFrontendDeps();
+  }
+}
+
+// 编译后端二进制
+async function buildBackend() {
+  if (!checkGo()) throw new Error('未找到 Go，请先安装 Go (https://go.dev/dl/)');
+  log.info(`编译后端二进制 (GOPROXY: ${MIRRORS.goproxy})...`);
+  return new Promise((resolve, reject) => {
+    const proc = spawn('go', ['build', '-o', BINARY, './cmd/ds2api'], {
+      cwd: __dirname,
+      stdio: 'inherit',
+      shell: true,
+      env: { ...process.env, GOPROXY: MIRRORS.goproxy },
+    });
+    proc.on('close', code => code === 0 ? resolve() : reject(new Error('后端编译失败')));
+  });
+}
+
+// 构建前端静态文件
+async function buildWebui() {
+  if (!existsSync(CONFIG.webuiDir)) {
+    log.warn('webui 目录不存在');
+    return;
+  }
+  await ensureFrontendDeps();
+  log.info('构建前端静态文件...');
+  return new Promise((resolve, reject) => {
+    const proc = spawn(
+      'npm', ['run', 'build', '--', '--outDir', CONFIG.staticAdminDir, '--emptyOutDir'],
+      { cwd: CONFIG.webuiDir, stdio: 'inherit', shell: true }
+    );
+    proc.on('close', code => code === 0 ? resolve() : reject(new Error('前端构建失败')));
+  });
+}
+
+// 启动后端（开发模式：go run，无需预编译）
+async function startBackendDev() {
+  if (!checkGo()) throw new Error('未找到 Go，请先安装 Go (https://go.dev/dl/)');
+  log.info(`启动后端（go run）... http://localhost:${CONFIG.port}`);
+  const proc = spawn('go', ['run', './cmd/ds2api'], {
+    cwd: __dirname,
+    stdio: 'inherit',
+    shell: true,
+    env: {
+      ...process.env,
+      PORT: CONFIG.port,
+      LOG_LEVEL: CONFIG.logLevel,
+      DS2API_ADMIN_KEY: CONFIG.adminKey,
+      GOPROXY: MIRRORS.goproxy,
+    },
+  });
+  processes.push(proc);
+  return proc;
+}
+
+// 启动后端（生产模式：运行编译好的二进制）
+async function startBackendProd() {
+  if (!binaryExists()) {
+    log.warn('未找到编译产物，正在编译...');
+    await buildBackend();
+  }
+  log.info(`启动后端（二进制）... http://localhost:${CONFIG.port}`);
+  const proc = spawn(BINARY, [], {
+    cwd: __dirname,
+    stdio: 'inherit',
+    shell: false,
+    env: {
+      ...process.env,
+      PORT: CONFIG.port,
+      LOG_LEVEL: CONFIG.logLevel,
+      DS2API_ADMIN_KEY: CONFIG.adminKey,
+    },
+  });
+  processes.push(proc);
+  return proc;
+}
+
+// 启动前端开发服务器
+async function startFrontend() {
+  if (!existsSync(CONFIG.webuiDir)) {
+    log.warn('webui 目录不存在，跳过前端启动');
+    return null;
+  }
+  await ensureFrontendDeps();
+  log.info(`启动前端开发服务器... http://localhost:${CONFIG.frontendPort}`);
+  const proc = spawn('npm', ['run', 'dev'], {
+    cwd: CONFIG.webuiDir,
+    stdio: 'inherit',
+    shell: true,
+  });
+  processes.push(proc);
+  return proc;
+}
+
+// 显示状态信息
+function showStatus() {
+  console.log('\n' + '─'.repeat(50));
+  log.success(`后端 API:  http://localhost:${CONFIG.port}`);
+  log.success(`管理界面: http://localhost:${CONFIG.port}/admin`);
+  if (existsSync(CONFIG.webuiDir)) {
+    log.success(`前端 Dev:  http://localhost:${CONFIG.frontendPort}`);
+  }
+  console.log('─'.repeat(50));
+  log.info('按 Ctrl+C 停止所有服务\n');
+}
+
+// 等待进程退出
+function waitForProcesses() {
+  return new Promise(resolve => {
+    const check = setInterval(() => {
+      const activeCount = processes.filter(proc => proc.exitCode === null && proc.signalCode === null).length;
+      if (activeCount === 0) {
+        clearInterval(check);
+        resolve();
+      }
+    }, 1000);
+  });
+}
+
+// 交互式菜单
+async function showMenu() {
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  const question = (prompt) => new Promise(resolve => rl.question(prompt, resolve));
+
+  console.clear();
+  log.title('╔══════════════════════════════════════════╗');
+  log.title('║         DS2API 启动脚本  (Go)            ║');
+  log.title('╚══════════════════════════════════════════╝');
+
+  // 环境状态
+  const goVersion = getGoVersion();
+  const frontendDeps = checkFrontendDeps();
+  const webuiBuilt = checkWebuiBuilt();
+  const hasBinary = binaryExists();
+  const running = getRunningStatus();
+
+  const ok = (v) => v ? `${colors.green}✓${colors.reset}` : `${colors.yellow}✗${colors.reset}`;
+
+  console.log(`\n${colors.bright}环境状态:${colors.reset}`);
+  console.log(`  Go:          ${goVersion ? `${colors.green}${goVersion}${colors.reset}` : `${colors.red}未安装${colors.reset}`}`);
+  console.log(`  前端依赖:    ${frontendDeps === null ? `${colors.dim}N/A${colors.reset}` : frontendDeps ? `${colors.green}已安装${colors.reset}` : `${colors.yellow}未安装${colors.reset}`}`);
+  console.log(`  前端构建:    ${ok(webuiBuilt)} ${webuiBuilt ? `(${CONFIG.staticAdminDir})` : '未构建'}`);
+  console.log(`  后端二进制:  ${ok(hasBinary)} ${hasBinary ? BINARY : '未编译'}`);
+
+  console.log(`\n${colors.bright}服务状态:${colors.reset}`);
+  console.log(`  后端 (:${CONFIG.port}):    ${running.backend.length > 0 ? `${colors.green}运行中${colors.reset} (PID: ${running.backend.join(', ')})` : `${colors.dim}未运行${colors.reset}`}`);
+  console.log(`  前端 (:${CONFIG.frontendPort}): ${running.frontend.length > 0 ? `${colors.green}运行中${colors.reset} (PID: ${running.frontend.join(', ')})` : `${colors.dim}未运行${colors.reset}`}`);
+
+  console.log(`\n${colors.bright}环境变量:${colors.reset}`);
+  console.log(`  PORT:              ${colors.cyan}${CONFIG.port}${colors.reset}`);
+  console.log(`  LOG_LEVEL:         ${colors.cyan}${CONFIG.logLevel}${colors.reset}`);
+  console.log(`  DS2API_ADMIN_KEY:  ${colors.cyan}${CONFIG.adminKey}${colors.reset}`);
+  console.log(`  GOPROXY:           ${colors.cyan}${MIRRORS.goproxy}${colors.reset}`);
+  console.log(`  NPM_REGISTRY:      ${colors.cyan}${MIRRORS.npm}${colors.reset}`);
+  console.log(`${colors.dim}  自定义: DS2API_ADMIN_KEY=密钥 PORT=5001 node start.mjs${colors.reset}`);
+
+  console.log(`
+${colors.bright}请选择操作:${colors.reset}
+
+  ${colors.cyan}1.${colors.reset} 开发模式  (go run + 前端热重载)
+  ${colors.cyan}2.${colors.reset} 仅后端    (go run，无需编译)
+  ${colors.cyan}3.${colors.reset} 仅前端    (npm dev)
+  ${colors.cyan}4.${colors.reset} 生产模式  (编译后运行，前端已嵌入)
+  ${colors.cyan}5.${colors.reset} 编译后端  (go build)
+  ${colors.cyan}6.${colors.reset} 构建前端  (npm build → static/admin)
+  ${colors.cyan}7.${colors.reset} 安装前端依赖 (npm ci)
+  ${colors.red}8.${colors.reset} 停止所有服务
+  ${colors.cyan}0.${colors.reset} 退出
+`);
+
+  const choice = await question(`${colors.yellow}请输入选项 [1]: ${colors.reset}`);
+  rl.close();
+
+  switch (choice.trim() || '1') {
+    case '1':
+      log.title('========== 开发模式 ==========');
+      await startBackendDev();
+      await new Promise(r => setTimeout(r, 1500));
+      await startFrontend();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case '2':
+      log.title('========== 仅后端 (go run) ==========');
+      await startBackendDev();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case '3':
+      log.title('========== 仅前端 ==========');
+      await startFrontend();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case '4':
+      log.title('========== 生产模式 ==========');
+      await startBackendProd();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case '5':
+      log.title('========== 编译后端 ==========');
+      await buildBackend();
+      log.success(`编译完成：${BINARY}`);
+      break;
+
+    case '6':
+      log.title('========== 构建前端 ==========');
+      await buildWebui();
+      log.success('前端构建完成！');
+      break;
+
+    case '7':
+      log.title('========== 安装前端依赖 ==========');
+      await installFrontendDeps();
+      log.success('前端依赖安装完成！');
+      break;
+
+    case '8':
+      await stopServices();
+      break;
+
+    case '0':
+      log.info('再见！');
+      process.exit(0);
+      break;
+
+    default:
+      log.warn('无效选项');
+      await showMenu();
+  }
+}
+
+// 命令行参数处理
+async function main() {
+  const cmd = process.argv[2];
+
+  if (!checkGo() && !['install', 'webui', 'stop', 'status', 'help', '-h', '--help'].includes(cmd)) {
+    log.error('未找到 Go，请先安装 Go: https://go.dev/dl/');
+    if (!cmd) {
+      // 无 Go 时仍允许进入菜单（可以只操作前端）
+    } else {
+      process.exit(1);
+    }
+  }
+
+  switch (cmd) {
+    case 'dev':
+      log.title('========== 开发模式 ==========');
+      await startBackendDev();
+      await new Promise(r => setTimeout(r, 1500));
+      await startFrontend();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case 'prod':
+      log.title('========== 生产模式 ==========');
+      await startBackendProd();
+      showStatus();
+      await waitForProcesses();
+      break;
+
+    case 'build':
+      await buildBackend();
+      log.success(`编译完成：${BINARY}`);
+      break;
+
+    case 'webui':
+      await buildWebui();
+      log.success('前端构建完成！');
+      break;
+
+    case 'install':
+      await installFrontendDeps();
+      log.success('前端依赖安装完成！');
+      break;
+
+    case 'stop':
+      await stopServices();
+      break;
+
+    case 'status': {
+      const status = getRunningStatus();
+      const goVer = getGoVersion();
+      console.log(`\n${colors.bright}环境:${colors.reset}`);
+      console.log(`  Go: ${goVer || `${colors.red}未安装${colors.reset}`}`);
+      console.log(`\n${colors.bright}服务状态:${colors.reset}`);
+      console.log(`  后端 (:${CONFIG.port}):    ${status.backend.length > 0 ? `${colors.green}运行中${colors.reset} (PID: ${status.backend.join(', ')})` : `${colors.dim}未运行${colors.reset}`}`);
+      console.log(`  前端 (:${CONFIG.frontendPort}): ${status.frontend.length > 0 ? `${colors.green}运行中${colors.reset} (PID: ${status.frontend.join(', ')})` : `${colors.dim}未运行${colors.reset}`}\n`);
+      break;
+    }
+
+    case 'help':
+    case '-h':
+    case '--help':
+      console.log(`
+${colors.bright}DS2API 启动脚本 (Go)${colors.reset}
+
+${colors.cyan}使用方法:${colors.reset}
+  node start.mjs              显示交互式菜单
+  node start.mjs dev          开发模式 (go run + 前端热重载)
+  node start.mjs prod         生产模式 (编译产物，前端已嵌入)
+  node start.mjs build        编译后端二进制 (go build)
+  node start.mjs webui        构建前端静态文件
+  node start.mjs install      安装前端依赖 (npm ci)
+  node start.mjs stop         停止所有服务
+  node start.mjs status       查看服务状态
+
+${colors.cyan}常用环境变量:${colors.reset}
+  PORT               后端端口 (默认: 5001)
+  LOG_LEVEL          日志级别: DEBUG|INFO|WARN|ERROR (默认: INFO)
+  DS2API_ADMIN_KEY   管理员密钥 (默认: admin)
+  DS2API_CONFIG_PATH 配置文件路径 (默认: config.json)
+  GOPROXY            Go 模块代理 (默认: https://goproxy.cn,direct)
+  NPM_REGISTRY       npm 镜像源 (默认: https://registry.npmmirror.com)
+
+${colors.cyan}示例:${colors.reset}
+  DS2API_ADMIN_KEY=mykey PORT=8080 node start.mjs dev
+  GOPROXY=off NPM_REGISTRY=https://registry.npmjs.org node start.mjs dev
+`);
+      break;
+
+    default:
+      await showMenu();
+  }
+}
+
+main().catch(e => {
+  log.error(e.message);
+  process.exit(1);
+});

tests/compat/expected/toolcalls_allowlist_empty.json

@@ -0,0 +1,8 @@
+{
+  "calls": [],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": true,
+  "rejectedToolNames": [
+    "unknown_tool"
+  ]
+}

tests/compat/expected/toolcalls_case_insensitive_canonical.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_fenced_json.json

@@ -1,3 +1,6 @@
 {
-  "calls": []
-}
+  "calls": [],
+  "sawToolCallSyntax": false,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_function_call_tag.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_invoke_attr.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_loose_normalize.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_namespace_tail_normalize.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_standalone_fenced_example.json

@@ -0,0 +1,6 @@
+{
+  "calls": [],
+  "sawToolCallSyntax": false,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_standalone_mixed_prose.json

@@ -0,0 +1,6 @@
+{
+  "calls": [],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_standalone_pure.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/expected/toolcalls_unknown_name.json

@@ -1,3 +1,8 @@
 {
-  "calls": []
-}
+  "calls": [],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": true,
+  "rejectedToolNames": [
+    "unknown_tool"
+  ]
+}

tests/compat/expected/toolcalls_xml_tool_call.json

@@ -0,0 +1,13 @@
+{
+  "calls": [
+    {
+      "name": "read_file",
+      "input": {
+        "path": "README.MD"
+      }
+    }
+  ],
+  "sawToolCallSyntax": true,
+  "rejectedByPolicy": false,
+  "rejectedToolNames": []
+}

tests/compat/fixtures/toolcalls/allowlist_empty.json

@@ -0,0 +1,4 @@
+{
+  "text": "{\"tool_calls\":[{\"name\":\"unknown_tool\",\"input\":{\"x\":1}}]}",
+  "tool_names": []
+}

tests/compat/fixtures/toolcalls/case_insensitive_canonical.json

@@ -0,0 +1,4 @@
+{
+  "text": "{\"tool_calls\":[{\"name\":\"Read_File\",\"input\":{\"path\":\"README.MD\"}}]}",
+  "tool_names": ["read_file"]
+}

tests/compat/fixtures/toolcalls/function_call_tag.json

@@ -0,0 +1,6 @@
+{
+  "text": "<function_call><function>read_file</function><parameters>{\"path\":\"README.MD\"}</parameters></function_call>",
+  "tool_names": [
+    "read_file"
+  ]
+}

tests/compat/fixtures/toolcalls/invoke_attr.json

@@ -0,0 +1,6 @@
+{
+  "text": "<invoke name=\"read_file\"><argument>{\"path\":\"README.MD\"}</argument></invoke>",
+  "tool_names": [
+    "read_file"
+  ]
+}

tests/compat/fixtures/toolcalls/loose_normalize.json

@@ -0,0 +1,6 @@
+{
+  "text": "{\"tool_calls\":[{\"name\":\"read-file\",\"input\":{\"path\":\"README.MD\"}}]}",
+  "tool_names": [
+    "read_file"
+  ]
+}

tests/compat/fixtures/toolcalls/namespace_tail_normalize.json

@@ -0,0 +1,6 @@
+{
+  "text": "{\"tool_calls\":[{\"name\":\"company.fs.read_file\",\"input\":{\"path\":\"README.MD\"}}]}",
+  "tool_names": [
+    "read_file"
+  ]
+}