Harden Language Model Tool telemetry against PII leaks

Centralise all LMT telemetry through src/lmToolTelemetry.ts so user-supplied strings (target, expression, sessionName, file paths, class names, JVM stack traces, etc.) can no longer reach the telemetry pipeline. The new module exposes a typed sanitizedSend choke point that only accepts enums, booleans, numbers and opaque session IDs.

Telemetry changes:

- Drop sendError(error) on debug_java_application failure (stack trace leaked user class / method names).

- Strip PII fields from every existing event: target, sessionName, currentFile, currentLine, simpleClassName, detectedClassName, error: String(error), input.reason.

- Replace bare String(error) propagation with classifyError() -> ErrorCategory enum (mainClassMissing, classpathUnresolved, buildFailure, projectNotDetected, sessionAlreadyRunning, timeout, lsNotReady, noActiveSession, noSuspendedThread, noStackFrame, cancelled, other).

- Add per-invoke recording for all 10 tools with outcome, errorCategory, durationMs, and a tool-specific enum (targetType / breakpointKind / stepKind / scopeType / evalContext / removeScope). The previous build only emitted telemetry on the launch tool and the session-info tool.

- Add chatActivationSnapshot one-shot at registration time so we can measure adoption of the chat surfaces without per-turn cost (counts only).

- evaluate_debug_expression: the expression text is NEVER logged. Only the evalContext enum and outcome are emitted.

Policy:

- src/lmToolTelemetry.ts is now the only file in the LMT code path allowed to call sendInfo. The top-of-file policy comment is the single source of truth for what may be logged.

- The recorder is typed against ToolInvocationRecord so excess raw strings are rejected at compile time.

Validated with: npm run tslint, npm run compile.

Author: Copilot

src/extension.ts

@@ -19,6 +19,7 @@ import { JavaDebugAdapterDescriptorFactory } from "./javaDebugAdapterDescriptorF
 import { JavaInlineValuesProvider } from "./JavaInlineValueProvider";
 import { logJavaException, logJavaInfo } from "./javaLogger";
 import { registerLanguageModelTool, registerDebugSessionTools } from "./languageModelTool";
+import { recordChatActivation } from "./lmToolTelemetry";
 import { IMainClassOption, IMainMethod, resolveMainMethod } from "./languageServerPlugin";
 import { mainClassPicker  } from "./mainClassPicker";
 import { pickJavaProcess } from "./processPicker";
@@ -124,6 +125,29 @@ async function registerLanguageModelToolsWhenReady(context: vscode.ExtensionCont
     registerLanguageModelTool(context);
     const debugToolsDisposables = registerDebugSessionTools(context);
     context.subscriptions.push(...debugToolsDisposables);
+
+    // One-shot activation snapshot so we can track coverage of the new chat surfaces over time.
+    // Counts only — no user data, no file paths, no class names.
+    try {
+        const pkg = context.extension?.packageJSON as {
+            version?: string;
+            contributes?: {
+                languageModelTools?: unknown[];
+                chatSkills?: unknown[];
+                chatInstructions?: unknown[];
+            };
+        } | undefined;
+        const contrib = pkg?.contributes ?? {};
+        recordChatActivation({
+            javaLSReadyAtActivation: !!javaExt.isActive,
+            lmtCount: contrib.languageModelTools?.length ?? 0,
+            chatSkillsCount: contrib.chatSkills?.length ?? 0,
+            chatInstructionsCount: contrib.chatInstructions?.length ?? 0,
+            extensionVersion: pkg?.version ?? "unknown",
+        });
+    } catch {
+        // Telemetry must never break activation.
+    }
 }
 
 async function subscribeToJavaExtensionEvents(): Promise<void> {