fix: parallel sandbox execution and improve MCP/workflow debugging

- Fix sandbox parallel execution errors by passing `log` through scope
  instead of declaring in code header (prevents "already declared" errors)
- Only inject `log` when injectLog=true, allowing callers to define their own
- Fix wrapFunction default to handle partial options correctly
- Add detailed logging for MCP SSE communication and workflow tool execution
- Make worktree IDs deterministic for reuse across multiple calls
- Reuse existing project paths in workspace manager to prevent duplicates
- Update @probelabs/probe to v0.6.0-rc210
- Add enableTasks option propagation to ProbeAgent

Co-Authored-By: Claude Opus 4.5 <[email protected]>

Author: buger

package-lock.json

@@ -97,7 +97,7 @@
     "@octokit/auth-app": "^8.1.0",
     "@octokit/core": "^7.0.3",
     "@octokit/rest": "^22.0.0",
-    "@probelabs/probe": "^0.6.0-rc207",
+    "@probelabs/probe": "^0.6.0-rc210",
     "@types/commander": "^2.12.0",
     "@types/uuid": "^10.0.0",
     "ajv": "^8.17.1",

package.json

@@ -181,6 +181,8 @@ export interface AIReviewConfig {
   mcpServers?: Record<string, import('./types/config').McpServerConfig>;
   // Enable delegate tool for task distribution to subagents
   enableDelegate?: boolean;
+  // Enable task management for tracking multi-goal requests
+  enableTasks?: boolean;
   // ProbeAgent persona/prompt family (e.g., 'engineer', 'code-review', 'architect')
   promptType?: string;
   // System prompt to prepend (baseline/preamble). Replaces legacy customPrompt
@@ -1816,6 +1818,11 @@ ${'='.repeat(60)}
         (options as any).enableDelegate = this.config.enableDelegate;
       }
 
+      // Enable task management if configured
+      if (this.config.enableTasks !== undefined) {
+        (options as any).enableTasks = this.config.enableTasks;
+      }
+
       // Pass retry configuration to ProbeAgent
       if (this.config.retry) {
         (options as any).retry = this.config.retry;

src/ai-review-service.ts

@@ -489,12 +489,24 @@ export class CustomToolsSSEServer implements CustomMCPServer {
   private sendSSE(connection: SSEConnection, event: string, data: unknown): void {
     try {
       const dataStr = typeof data === 'string' ? data : JSON.stringify(data);
+
+      // Log SSE message being sent (important for debugging MCP communication)
+      const preview =
+        dataStr.length > 300
+          ? `${dataStr.substring(0, 150)}...${dataStr.substring(dataStr.length - 150)}`
+          : dataStr;
+      logger.debug(
+        `[CustomToolsSSEServer:${this.sessionId}] Sending SSE event='${event}' size=${dataStr.length} preview=${preview}`
+      );
+
       connection.response.write(`event: ${event}\n`);
       connection.response.write(`data: ${dataStr}\n\n`);
+
+      logger.debug(
+        `[CustomToolsSSEServer:${this.sessionId}] SSE message sent successfully, event='${event}'`
+      );
     } catch (error) {
-      if (this.debug) {
-        logger.error(`[CustomToolsSSEServer:${this.sessionId}] Error sending SSE: ${error}`);
-      }
+      logger.error(`[CustomToolsSSEServer:${this.sessionId}] Error sending SSE: ${error}`);
     }
   }
 
@@ -518,11 +530,20 @@ export class CustomToolsSSEServer implements CustomMCPServer {
     // Handle tools/call request
     if (message.method === 'tools/call') {
       const request = message as MCPToolCallRequest;
+      const argsPreview = JSON.stringify(request.params.arguments).substring(0, 200);
+      logger.info(
+        `[CustomToolsSSEServer:${this.sessionId}] Received tools/call for '${request.params.name}' id=${request.id} args=${argsPreview}`
+      );
+
       const response = await this.handleToolCall(
         request.id,
         request.params.name,
         request.params.arguments
       );
+
+      logger.info(
+        `[CustomToolsSSEServer:${this.sessionId}] Sending response for '${request.params.name}' id=${request.id} hasError=${!!response.error}`
+      );
       this.sendSSE(connection, 'message', response);
       return;
     }
@@ -635,13 +656,19 @@ export class CustomToolsSSEServer implements CustomMCPServer {
       // Format result as MCP response
       const resultText = typeof result === 'string' ? result : JSON.stringify(result, null, 2);
 
-      if (this.debug) {
-        logger.debug(
-          `[CustomToolsSSEServer:${this.sessionId}] Tool execution completed: ${toolName}`
-        );
-      }
+      // Always log tool completion with result details (important for debugging MCP issues)
+      const resultPreview =
+        resultText.length > 500
+          ? `${resultText.substring(0, 250)}...TRUNCATED(${resultText.length} chars)...${resultText.substring(resultText.length - 250)}`
+          : resultText;
+      logger.info(
+        `[CustomToolsSSEServer:${this.sessionId}] Tool ${toolName} completed. Result size: ${resultText.length} chars`
+      );
+      logger.debug(
+        `[CustomToolsSSEServer:${this.sessionId}] Tool ${toolName} result preview: ${resultPreview}`
+      );
 
-      return {
+      const response: MCPToolCallResponse = {
         jsonrpc: '2.0',
         id,
         result: {
@@ -653,6 +680,12 @@ export class CustomToolsSSEServer implements CustomMCPServer {
           ],
         },
       };
+
+      logger.debug(
+        `[CustomToolsSSEServer:${this.sessionId}] Returning MCP response for ${toolName}, id=${id}, content_length=${resultText.length}`
+      );
+
+      return response;
     } catch (error) {
       const errorMsg = error instanceof Error ? error.message : 'Unknown error';
       logger.error(

src/providers/mcp-custom-sse-server.ts

@@ -226,16 +226,27 @@ export async function executeWorkflowAsTool(
   // Return the output from the workflow execution
   // The workflow output is the most useful part for AI tools
   const output = (result as any).output;
+
+  // Log what we're returning (important for debugging MCP tool results)
+  const outputKeys = output ? Object.keys(output) : [];
+  const outputPreview = output ? JSON.stringify(output).substring(0, 500) : 'undefined';
+  logger.info(
+    `[WorkflowToolExecutor] Workflow '${workflowId}' completed. Output keys: [${outputKeys.join(', ')}]`
+  );
+  logger.debug(`[WorkflowToolExecutor] Workflow '${workflowId}' output preview: ${outputPreview}`);
+
   if (output !== undefined) {
     return output;
   }
 
   // Fall back to content if no structured output
   if ((result as any).content) {
+    logger.debug(`[WorkflowToolExecutor] Using content fallback for '${workflowId}'`);
     return (result as any).content;
   }
 
   // Fall back to the full result
+  logger.debug(`[WorkflowToolExecutor] Using full result fallback for '${workflowId}'`);
   return result;
 }
 

src/providers/workflow-tool-executor.ts

@@ -46,8 +46,9 @@ export function validateJsSyntax(code: string): JsSyntaxValidationResult {
       : `return (() => {\n${trimmed}\n})();\n`
     : `return (\n${trimmed}\n);\n`;
 
-  // Add log injection header (same as compileAndRun)
-  const header = `const __lp = "[syntax-check]"; const log = (...a) => { try { console.log(__lp, ...a); } catch {} };\n`;
+  // For syntax validation, we just need to ensure 'log' is defined so code using it parses correctly
+  // No need for unique IDs since validation creates a fresh sandbox and only compiles (no execution)
+  const header = `var log = function() {};\n`;
   const fullCode = `${header}${body}`;
 
   try {
@@ -238,10 +239,21 @@ export function compileAndRun<T = unknown>(
     .replace(/[`$\\]/g, '') // strip backticks, dollar (template) and backslashes
     .replace(/\$\{/g, '') // remove template openings if present
     .slice(0, 64);
-  // Build a safe header without string concatenation inside user code
-  const header = inject
-    ? `const __lp = ${JSON.stringify(safePrefix)}; const log = (...a) => { try { console.log(__lp, ...a); } catch {} };\n`
-    : '';
+  // Inject log function through scope to avoid "already declared" errors
+  // when multiple sandbox executions run in parallel with shared global state.
+  // Only add log when injectLog is true - when false, user code may declare its own log.
+  const scopeWithLog = inject
+    ? {
+        ...scope,
+        log: (...args: unknown[]) => {
+          try {
+            console.log(safePrefix, ...args);
+          } catch {}
+        },
+      }
+    : scope;
+  // No header needed - log is passed through scope
+  const header = '';
   // When wrapping, execute user code inside an IIFE and return its value.
   // This reliably captures the value of the last expression or any explicit
   // return statements inside the script, without requiring the caller to
@@ -256,7 +268,9 @@ export function compileAndRun<T = unknown>(
   // (e.g., `(() => { ... })()` or `(function(){ ... })()`), return its value
   // directly to avoid swallowing the result by nesting it inside another block.
   const looksLikeIife = /\)\s*\(\s*\)\s*;?$/.test(src.trim());
-  const body = opts.wrapFunction
+  // Default wrapFunction to true if not explicitly set to false
+  const shouldWrap = opts.wrapFunction !== false;
+  const body = shouldWrap
     ? looksLikeBlock
       ? looksLikeIife
         ? `return (\n${src}\n);\n`
@@ -274,7 +288,7 @@ export function compileAndRun<T = unknown>(
 
   let out: any;
   try {
-    out = exec(scope);
+    out = exec(scopeWithLog);
   } catch (e) {
     const msg = e instanceof Error ? e.message : String(e);
     throw new Error(`sandbox_execution_error: ${msg}`);

src/utils/sandbox.ts

@@ -213,6 +213,7 @@ export class WorkspaceManager {
 
   /**
    * Add a project to the workspace (creates symlink to worktree)
+   * If the same repository + worktreePath combination already exists, returns the existing path.
    */
   async addProject(
     repository: string,
@@ -223,10 +224,22 @@ export class WorkspaceManager {
       throw new Error('Workspace not initialized. Call initialize() first.');
     }
 
+    // Check if this exact project (same repo + worktree path) is already added
+    // This prevents duplicate checkouts when tyk-code-talk is called multiple times
+    for (const [existingName, existingProject] of this.projects.entries()) {
+      if (
+        existingProject.repository === repository &&
+        existingProject.worktreePath === worktreePath
+      ) {
+        logger.debug(`Reusing existing project: ${existingName} (${repository})`);
+        return existingProject.path;
+      }
+    }
+
     // Extract project name and sanitize to prevent path traversal
     let projectName = sanitizePathComponent(description || this.extractRepoName(repository));
 
-    // Handle duplicate names
+    // Handle duplicate names (only if not reusing existing)
     projectName = this.getUniqueName(projectName);
     this.usedNames.add(projectName);
 

src/utils/workspace-manager.ts

@@ -100,14 +100,17 @@ export class WorktreeManager {
   }
 
   /**
-   * Generate a unique worktree ID
+   * Generate a deterministic worktree ID based on repository and ref.
+   * This allows worktrees to be reused when the same repo+ref is requested again.
    */
   private generateWorktreeId(repository: string, ref: string): string {
     const sanitizedRepo = repository.replace(/[^a-zA-Z0-9-]/g, '-');
     const sanitizedRef = ref.replace(/[^a-zA-Z0-9-]/g, '-');
+    // Use deterministic hash (no Date.now()) so same repo+ref produces same ID
+    // This enables worktree reuse across multiple calls
     const hash = crypto
       .createHash('md5')
-      .update(`${repository}:${ref}:${Date.now()}`)
+      .update(`${repository}:${ref}`)
       .digest('hex')
       .substring(0, 8);
     return `${sanitizedRepo}-${sanitizedRef}-${hash}`;