fix(stage-ui): sanitize context snapshots before clone

README.md

@@ -136,7 +136,13 @@
 > Heavily inspired by [Neuro-sama](https://www.youtube.com/@Neurosama)
 
 > [!TIP]
-> On Windows, you can also install AIRI with [Scoop](https://scoop.sh/):
+> On Windows, you can also install AIRI with [winget](https://learn.microsoft.com/windows/package-manager/winget/):
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> Or install AIRI with [Scoop](https://scoop.sh/):
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.fr.md

@@ -135,7 +135,13 @@
 > Fortement inspiré par [Neuro-sama](https://www.youtube.com/@Neurosama)
 
 > [!TIP]
-> Sous Windows, vous pouvez également installer AIRI avec [Scoop](https://scoop.sh/) :
+> Sous Windows, vous pouvez installer AIRI avec [winget](https://learn.microsoft.com/windows/package-manager/winget/) :
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> Ou installer AIRI avec [Scoop](https://scoop.sh/) :
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.ja-JP.md

@@ -135,7 +135,13 @@
 > [Neuro-sama](https://www.youtube.com/@Neurosama) に大きな影響を受けました
 
 > [!TIP]
-> Windows では、[Scoop](https://scoop.sh/) でも AIRI をインストールできます：
+> Windows では、[winget](https://learn.microsoft.com/windows/package-manager/winget/) で AIRI をインストールできます：
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> または、[Scoop](https://scoop.sh/) で AIRI をインストールできます：
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.ko-KR.md

@@ -135,7 +135,13 @@
 > [Neuro-sama](https://www.youtube.com/@Neurosama)에서 큰 영감을 받았습니다
 
 > [!TIP]
-> Windows에서는 [Scoop](https://scoop.sh/)으로도 AIRI를 설치할 수 있습니다:
+> Windows에서는 [winget](https://learn.microsoft.com/windows/package-manager/winget/)으로 AIRI를 설치할 수 있습니다:
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> 또는 [Scoop](https://scoop.sh/)으로 AIRI를 설치할 수 있습니다:
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.ru-RU.md

@@ -135,7 +135,13 @@
 > Сильно вдохновлено [Neuro-sama](https://www.youtube.com/@Neurosama)
 
 > [!TIP]
-> В Windows AIRI также можно установить с помощью [Scoop](https://scoop.sh/):
+> В Windows AIRI можно установить с помощью [winget](https://learn.microsoft.com/windows/package-manager/winget/):
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> Или установить AIRI через [Scoop](https://scoop.sh/):
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.vi.md

@@ -135,7 +135,13 @@
 > Lấy cảm hứng mạnh mẽ từ [Neuro-sama](https://www.youtube.com/@Neurosama)
 
 > [!TIP]
-> Trên Windows, bạn cũng có thể cài AIRI bằng [Scoop](https://scoop.sh/):
+> Trên Windows, bạn có thể cài AIRI bằng [winget](https://learn.microsoft.com/windows/package-manager/winget/):
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> Hoặc cài AIRI bằng [Scoop](https://scoop.sh/):
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

docs/README.zh-CN.md

@@ -135,7 +135,13 @@
 > 深受 [Neuro-sama](https://www.youtube.com/@Neurosama) 启发
 
 > [!TIP]
-> 在 Windows 上，你也可以使用 [Scoop](https://scoop.sh/) 安装 AIRI：
+> 在 Windows 上，你也可以使用 [winget](https://learn.microsoft.com/windows/package-manager/winget/) 安装 AIRI：
+>
+> ```powershell
+> winget install MoeruAI.AIRI
+> ```
+>
+> 或者使用 [Scoop](https://scoop.sh/) 安装 AIRI：
 >
 > ```powershell
 > scoop bucket add airi https://github.com/moeru-ai/airi

packages/stage-ui/src/stores/mods/api/context-bridge-sanitize.test.ts

@@ -0,0 +1,51 @@
+import { describe, expect, it } from 'vitest'
+
+import { sanitizeCloneable } from './context-bridge-sanitize'
+
+describe('sanitizeCloneable', () => {
+  it('preserves cloneable bigint values', () => {
+    const input = {
+      metadata: {
+        count: 3n,
+        nested: [1n, { latest: 5n }],
+      },
+    }
+
+    const sanitized = sanitizeCloneable(input)
+    const cloned = structuredClone(sanitized)
+
+    expect(cloned).toEqual({
+      metadata: {
+        count: 3n,
+        nested: [1n, { latest: 5n }],
+      },
+    })
+  })
+
+  it('removes nested non-cloneable values and stays structuredClone-safe', () => {
+    const input = {
+      text: 'vision update',
+      metadata: {
+        safe: 'ok',
+        nested: {
+          window: globalThis,
+          fn: () => 'bad',
+          arr: [1, { keep: true, drop: globalThis }],
+        },
+      },
+    }
+
+    const sanitized = sanitizeCloneable(input)
+    const cloned = structuredClone(sanitized)
+
+    expect(cloned).toEqual({
+      text: 'vision update',
+      metadata: {
+        safe: 'ok',
+        nested: {
+          arr: [1, { keep: true }],
+        },
+      },
+    })
+  })
+})

packages/stage-ui/src/stores/mods/api/context-bridge-sanitize.ts

@@ -0,0 +1,61 @@
+export function sanitizeCloneable(value: unknown, seen = new WeakSet<object>()): unknown {
+  if (value == null)
+    return value
+  if (typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean' || typeof value === 'bigint')
+    return value
+  if (typeof value === 'symbol' || typeof value === 'function')
+    return undefined
+
+  const rawValue = value
+
+  if (Array.isArray(rawValue)) {
+    return rawValue
+      .map(item => sanitizeCloneable(item, seen))
+      .filter(item => item !== undefined)
+  }
+
+  if (rawValue instanceof Date)
+    return rawValue.toISOString()
+
+  if (rawValue instanceof RegExp)
+    return rawValue.toString()
+
+  if (typeof rawValue !== 'object')
+    return rawValue
+
+  if (seen.has(rawValue))
+    return undefined
+  seen.add(rawValue)
+
+  if (rawValue instanceof Map) {
+    return new Map(
+      [...rawValue.entries()]
+        .map(([key, nestedValue]) => [
+          sanitizeCloneable(key, seen),
+          sanitizeCloneable(nestedValue, seen),
+        ] as const)
+        .filter(([key, nestedValue]) => key !== undefined && nestedValue !== undefined),
+    )
+  }
+
+  if (rawValue instanceof Set) {
+    return new Set(
+      [...rawValue.values()]
+        .map(item => sanitizeCloneable(item, seen))
+        .filter(item => item !== undefined),
+    )
+  }
+
+  if (ArrayBuffer.isView(rawValue) || rawValue instanceof ArrayBuffer)
+    return rawValue
+
+  const proto = Object.getPrototypeOf(rawValue)
+  if (proto !== Object.prototype && proto !== null)
+    return undefined
+
+  return Object.fromEntries(
+    Object.entries(rawValue)
+      .map(([key, nestedValue]) => [key, sanitizeCloneable(nestedValue, seen)] as const)
+      .filter(([, nestedValue]) => nestedValue !== undefined),
+  )
+}

packages/stage-ui/src/stores/mods/api/context-bridge.contract.browser.test.ts

@@ -390,6 +390,44 @@
    * @example
    * Input context updates record store-ingested and stay in chat input payload.
    */
+  it('sanitizes nested non-cloneable context values before broadcasting stream events', async () => {
+    activeProviderRef.value = 'mock-provider'
+    activeModelRef.value = 'mock-model'
+    getProviderInstanceMock.mockResolvedValueOnce({})
+    const store = useContextBridgeStore()
+    await store.initialize()
+
+    const streamMessages = collectChannelMessages<any>(CHAT_STREAM_CHANNEL_NAME)
+    const unsafeContext = {
+      contexts: {
+        vision: [
+          {
+            text: 'vision update',
+            metadata: {
+              safe: 'ok',
+              nested: { window: globalThis, fn: () => 'bad' },
+            },
+          },
+        ],
+      },
+    }
+
+    await emitHooks(beforeComposeHooks, { role: 'user', content: 'hello' }, unsafeContext)
+    await waitForBroadcastDelivery()
+
+    expect(streamMessages).toHaveLength(1)
+    expect(streamMessages[0].type).toBe('before-compose')
+    expect(streamMessages[0].context.contexts.vision[0]).toEqual({
+      text: 'vision update',
+      metadata: {
+        safe: 'ok',
+        nested: {},
+      },
+    })
+
+    await store.dispose()
+  })
+
   it('records core ingest result for input context updates and forwards accepted updates', async () => {
     chatContextIngestMock.mockReturnValueOnce({
       sourceKey: 'weather:station-1',
@@ -638,4 +676,26 @@
 
     await store.dispose()
   })
+
+  it('preserves bigint values in broadcast context snapshots', async () => {
+    const messages = collectChannelMessages<unknown>(CONTEXT_CHANNEL_NAME)
+
+    const store = useContextBridgeStore()
+    await store.initialize()
+
+    await emitContextUpdate(createContextUpdateEvent({
+      metadata: { count: 7n, nested: [{ total: 9n }] },
+    }))
+    await waitForBroadcastDelivery()
+
+    expect(messages.at(-1)).toMatchObject({
+      id: 'context-1',
+      metadata: {
+        count: 7n,
+        nested: [{ total: 9n }],
+      },
+    })
+
+    await store.dispose()
+  })
 })

packages/stage-ui/src/stores/mods/api/context-bridge.ts

@@ -26,6 +26,7 @@ import { useLlmStreamingControlStore } from '../../llm-streaming-control'
 import { useConsciousnessStore } from '../../modules/consciousness'
 import { useProvidersStore } from '../../providers'
 import { useModsServerChannelStore } from './channel-server'
+import { sanitizeCloneable } from './context-bridge-sanitize'
 
 export function normalizeContextSnapshot<C extends Pick<ChatStreamEventContext, 'contexts'>>(contexts: C): C {
   return {
@@ -35,7 +36,9 @@ export function normalizeContextSnapshot<C extends Pick<ChatStreamEventContext,
         .entries(toRaw(contexts.contexts))
         .map(([key, ctx]) => [
           key,
-          ctx.map(c => toRaw(c)),
+          ctx
+            .map(c => sanitizeCloneable(c))
+            .filter((value): value is NonNullable<typeof value> => value !== undefined),
         ]),
     ),
   }

vitest.sanitize.config.ts

@@ -0,0 +1,8 @@
+import { defineConfig } from 'vitest/config'
+
+export default defineConfig({
+  test: {
+    environment: 'node',
+    include: ['packages/stage-ui/src/stores/mods/api/context-bridge-sanitize.test.ts'],
+  },
+})