diff --git a/.agentsroom/.gitignore b/.agentsroom/.gitignore
new file mode 100644
index 000000000..1acd1a387
--- /dev/null
+++ b/.agentsroom/.gitignore
@@ -0,0 +1,4 @@
+# AgentsRoom: personal files (not committed to git)
+*-personal.json
+agents-local.json
+sessions/
diff --git a/.agentsroom/agents.json b/.agentsroom/agents.json
new file mode 100644
index 000000000..e9a83e418
--- /dev/null
+++ b/.agentsroom/agents.json
@@ -0,0 +1,10 @@
+[
+  {
+    "role": "fullstack",
+    "model": "opus",
+    "customName": "Full-Stack Developer",
+    "isPersonal": false,
+    "id": "agent-1776361243376-3sekdc",
+    "claudeSessionId": "96773a93-be2a-45a9-a732-ceb224d3d0e5"
+  }
+]
\ No newline at end of file
diff --git a/.agentsroom/prompts.json b/.agentsroom/prompts.json
new file mode 100644
index 000000000..f4455d843
--- /dev/null
+++ b/.agentsroom/prompts.json
@@ -0,0 +1,4 @@
+{
+  "folders": [],
+  "prompts": []
+}
\ No newline at end of file
diff --git a/.changeset/ai-claude-code-initial.md b/.changeset/ai-claude-code-initial.md
new file mode 100644
index 000000000..4cca73f0f
--- /dev/null
+++ b/.changeset/ai-claude-code-initial.md
@@ -0,0 +1,5 @@
+---
+'@tanstack/ai-claude-code': minor
+---
+
+New `@tanstack/ai-claude-code` package: a Claude Code harness adapter that runs `@anthropic-ai/claude-agent-sdk` as a TanStack AI chat backend. Claude Code owns the agent loop and executes its built-in tools (bash, file edits, search) server-side; their activity streams back as resolved tool-call events. TanStack `toolDefinition()` server tools are bridged into the harness via an in-process MCP server, sessions are resumable via `modelOptions.sessionId` (surfaced through a `claude-code.session-id` custom event), and structured output uses the harness's native JSON-schema output format.
diff --git a/.changeset/ai-client-noop-bridge-mount.md b/.changeset/ai-client-noop-bridge-mount.md
new file mode 100644
index 000000000..46f22450d
--- /dev/null
+++ b/.changeset/ai-client-noop-bridge-mount.md
@@ -0,0 +1,7 @@
+---
+'@tanstack/ai-client': patch
+---
+
+Fix `NoOpChatDevtoolsBridge` missing `mountWithTools`, `notifyToolsChanged`, and `recordStreamId` — the first call to `ChatClient.sendMessage` (with the default no-op devtools factory) threw `this.devtoolsBridge.mountWithTools is not a function` and silently rejected. `mountDevtools()` sets `devtoolsMounted = true` _before_ invoking `mountWithTools`, so the failure was non-obvious: the first send died inside the bridge call, while every subsequent send short-circuited past the broken line and worked normally.
+
+Also fix the structural-parity check that was supposed to prevent this drift. `const x: Missing = undefined as never` always typechecks (because `never` is assignable to anything), so the original check was a no-op. Replaced with `type _AssertBridgeParity<T extends never> = T`, which now fails the build the next time the real bridge grows a public method the no-op doesn't stub.
diff --git a/.changeset/ai-codex-initial.md b/.changeset/ai-codex-initial.md
new file mode 100644
index 000000000..4034a88b4
--- /dev/null
+++ b/.changeset/ai-codex-initial.md
@@ -0,0 +1,5 @@
+---
+'@tanstack/ai-codex': minor
+---
+
+New `@tanstack/ai-codex` package: a Codex harness adapter that runs `@openai/codex-sdk` as a TanStack AI chat backend. Codex owns the agent loop and executes its built-in tools (shell commands, file changes, web search, todo lists) server-side inside its sandbox; their activity streams back as resolved tool-call events. TanStack `toolDefinition()` server tools are bridged into the harness via a localhost Streamable-HTTP MCP server, threads are resumable via `modelOptions.sessionId` (surfaced through a `codex.session-id` custom event), and structured output uses the harness's native `outputSchema` support. Note: the Codex SDK reports assistant text only as completed messages — tool activity streams live, text arrives message-at-a-time.
diff --git a/.changeset/ai-gemini-cli-initial.md b/.changeset/ai-gemini-cli-initial.md
new file mode 100644
index 000000000..e20180e86
--- /dev/null
+++ b/.changeset/ai-gemini-cli-initial.md
@@ -0,0 +1,5 @@
+---
+'@tanstack/ai-gemini-cli': minor
+---
+
+New `@tanstack/ai-gemini-cli` package: a Gemini CLI harness adapter that drives `gemini --acp` (Agent Client Protocol) as a TanStack AI chat backend. Gemini CLI owns the agent loop and executes its built-in tools (shell, file edits, search) server-side; assistant text and thinking stream as true token-level deltas, and tool activity streams back as resolved tool-call events. TanStack `toolDefinition()` server tools are bridged into the harness via a localhost Streamable-HTTP MCP server, sessions are resumable via `modelOptions.sessionId` (surfaced through a `gemini-cli.session-id` custom event, with graceful fallback to transcript replay when the CLI can't load the session), and ACP permission requests are answered by a configurable never-hanging policy (`default` / `acceptEdits` / `bypassPermissions` or a custom handler). For headless hosts, the auth method is selectable up front via `authMethodId` (e.g. `'oauth-personal'`, `'gemini-api-key'`) — the adapter performs the ACP `authenticate` handshake before opening the session so a run never stalls on an interactive auth picker. Requires the `gemini` CLI to be installed and authenticated on the host.
diff --git a/.changeset/ai-opencode-initial.md b/.changeset/ai-opencode-initial.md
new file mode 100644
index 000000000..66cd96e33
--- /dev/null
+++ b/.changeset/ai-opencode-initial.md
@@ -0,0 +1,5 @@
+---
+'@tanstack/ai-opencode': minor
+---
+
+New `@tanstack/ai-opencode` package: an OpenCode harness adapter that drives [OpenCode](https://opencode.ai) (via `@opencode-ai/sdk`) as a TanStack AI chat backend. OpenCode owns the agent loop and executes its built-in tools (shell, file edits, search) locally; assistant text and thinking stream as token-level deltas, and tool activity streams back as resolved tool-call events. TanStack `toolDefinition()` server tools are bridged into the harness via a localhost MCP server, sessions are stateful and resumable, and OpenCode permission requests are answered by a configurable `permissionMode` (`default` / `acceptEdits` / `bypassPermissions` or a custom handler). Server-only (Node); requires the `opencode` CLI to be installed and authenticated on the host.
diff --git a/.gitignore b/.gitignore
index b261f62d1..5ea4db3e8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -79,3 +79,7 @@ solo.yml
 .agent/gap-analysis/
 .agent/triage/
 .agent/research/
+
+/OpenCode.md
+.agentsroom/
+.opencode/
diff --git a/docs/adapters/claude-code.md b/docs/adapters/claude-code.md
new file mode 100644
index 000000000..3f0f6dfbc
--- /dev/null
+++ b/docs/adapters/claude-code.md
@@ -0,0 +1,181 @@
+---
+title: Claude Code
+id: claude-code-adapter
+order: 11
+description: "Use Claude Code as a chat backend in TanStack AI — agent harness with local tool execution, stateful coding sessions, and tool bridging via @tanstack/ai-claude-code."
+keywords:
+  - tanstack ai
+  - claude code
+  - claude agent sdk
+  - anthropic
+  - harness
+  - agent
+  - coding agent
+  - adapter
+---
+
+The Claude Code adapter runs [Claude Code](https://docs.anthropic.com/en/docs/claude-code) (via the `@anthropic-ai/claude-agent-sdk`) as a chat backend. Unlike HTTP provider adapters, this is a **harness adapter**: Claude Code runs its own agent loop and executes its own tools — bash, file reads and edits, glob/grep search, web search — locally on your server. Each `chat()` call runs one full harness turn; the harness's tool activity streams back as already-resolved tool-call events your UI can render.
+
+> **Server-only.** The harness spawns the Claude Code runtime as a subprocess, so this adapter only works in a Node.js server environment — never in the browser. Treat it like giving Claude a shell on the machine it runs on, and configure permissions accordingly.
+
+## Installation
+
+```bash
+npm install @tanstack/ai-claude-code
+```
+
+A runnable demo lives at [`examples/ts-react-coding-agent`](https://github.com/TanStack/ai/tree/main/examples/ts-react-coding-agent) — session resume, the harness tool timeline, permission modes, and tool bridging, wired into a React app.
+
+## Authentication
+
+The harness resolves credentials the same way Claude Code does:
+
+- `ANTHROPIC_API_KEY` in the server's environment (or the `apiKey` config option), or
+- an existing Claude subscription login on the machine (`claude login`).
+
+## Basic Usage
+
+```typescript
+import { chat } from "@tanstack/ai";
+import { claudeCodeText } from "@tanstack/ai-claude-code";
+
+const stream = chat({
+  adapter: claudeCodeText("claude-opus-4-8", {
+    cwd: "/path/to/project",
+    permissionMode: "acceptEdits",
+  }),
+  messages: [{ role: "user", content: "Fix the failing test in utils.test.ts" }],
+});
+```
+
+## Configuration
+
+| Option                       | Description                                                                                                                                       |
+| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `cwd`                        | Working directory for the harness session. Defaults to `process.cwd()`.                                                                            |
+| `permissionMode`             | Claude Code permission mode (`'default'`, `'acceptEdits'`, `'bypassPermissions'`, `'plan'`, `'dontAsk'`, `'auto'`). See the permissions note below. |
+| `allowedTools`               | Built-in tools the harness may use without prompting (e.g. `['Read', 'Grep', 'Bash(npm test:*)']`).                                                |
+| `disallowedTools`            | Built-in tools removed from the harness entirely.                                                                                                  |
+| `maxTurns`                   | Maximum harness-internal turns per run.                                                                                                            |
+| `systemPromptMode`           | `'append'` (default) keeps Claude Code's preset system prompt and appends your `systemPrompts`; `'replace'` sends yours as the entire prompt.       |
+| `mcpServers`                 | Extra MCP servers passed through to the harness untouched.                                                                                         |
+| `apiKey`                     | Anthropic API key for the harness subprocess.                                                                                                       |
+| `env`                        | Extra environment variables for the harness subprocess.                                                                                            |
+| `pathToClaudeCodeExecutable` | Use a specific Claude Code executable instead of the SDK's bundled one.                                                                             |
+| `streamPartials`             | Emit true token-level text deltas (default `true`).                                                                                                 |
+| `canUseTool`                 | Custom permission handler; replaces the adapter's default handler.                                                                                  |
+| `settingSources`             | Claude Code settings tiers to load. Default `['project']`: the `cwd`'s CLAUDE.md and project settings apply, but user-level config on the host (`~/.claude` plugins, hooks, skills) is ignored. Pass `['user', 'project', 'local']` for CLI-equivalent behavior, or `[]` for full isolation. |
+
+**Permissions on headless servers.** Without an explicit `permissionMode` or `canUseTool`, the adapter installs a safe default handler: bridged TanStack tools always run, and any built-in tool call that would normally prompt a human is denied with guidance instead of hanging the request. To let the harness edit files or run commands, set `permissionMode: 'acceptEdits'` / `'bypassPermissions'`, or enumerate `allowedTools`.
+
+## Stateful Sessions
+
+Claude Code sessions are stateful — the harness keeps the full working context (files read, commands run, conclusions reached) between turns. The adapter surfaces the session id of every run as a custom stream event named `claude-code.session-id`; thread it back via `modelOptions.sessionId` to resume the session. When resuming, only the latest user message is sent — the harness already holds the prior context.
+
+Server endpoint:
+
+```typescript
+import {
+  chat,
+  chatParamsFromRequest,
+  toServerSentEventsResponse,
+} from "@tanstack/ai";
+import { claudeCodeText } from "@tanstack/ai-claude-code";
+
+export async function POST(request: Request) {
+  const params = await chatParamsFromRequest(request);
+
+  // Extra fields the client puts in the connection `body` arrive here.
+  const sessionId =
+    typeof params.forwardedProps.sessionId === "string"
+      ? params.forwardedProps.sessionId
+      : undefined;
+
+  const stream = chat({
+    adapter: claudeCodeText("claude-opus-4-8", {
+      cwd: "/path/to/project",
+      permissionMode: "acceptEdits",
+    }),
+    messages: params.messages,
+    modelOptions: { sessionId },
+  });
+
+  return toServerSentEventsResponse(stream);
+}
+```
+
+Client (React) — capture the session id from the custom event and send it back on subsequent requests:
+
+```typescript
+import { useState } from "react";
+import { useChat } from "@tanstack/ai-react";
+import { fetchServerSentEvents } from "@tanstack/ai-client";
+
+function CodingAssistant() {
+  const [sessionId, setSessionId] = useState<string | undefined>(undefined);
+
+  const { messages, sendMessage } = useChat({
+    connection: fetchServerSentEvents("/api/chat", () => ({
+      body: { sessionId },
+    })),
+    onCustomEvent: (name, value) => {
+      if (
+        name === "claude-code.session-id" &&
+        typeof value === "object" &&
+        value !== null &&
+        "sessionId" in value &&
+        typeof value.sessionId === "string"
+      ) {
+        setSessionId(value.sessionId);
+      }
+    },
+  });
+
+  // ... render messages; harness tool activity (Bash, Edit, Read, ...)
+  // arrives as regular tool-call parts with their results attached.
+}
+```
+
+Sessions are stored on the machine that ran them (`~/.claude/projects/`), so resuming only works on the same server instance. Pass `modelOptions: { forkSession: true }` alongside `sessionId` to branch a session instead of continuing it.
+
+## Tools
+
+Two kinds of tools flow through this adapter:
+
+1. **Built-in harness tools** (`Bash`, `Read`, `Write`, `Edit`, `Glob`, `Grep`, `WebSearch`, ...) are executed by Claude Code itself. Their activity streams back as tool-call events with results already attached, so `useChat` UIs render them with no extra wiring — but your code never executes them.
+
+2. **Your TanStack tools** are bridged *into* the harness as an in-process MCP server. Define them as usual with `toolDefinition().server()`; the model sees them as `mcp__tanstack__<name>` and the adapter strips the prefix on the way back out, so events match the names you registered.
+
+```typescript
+import { z } from "zod";
+import { chat, toolDefinition } from "@tanstack/ai";
+import { claudeCodeText } from "@tanstack/ai-claude-code";
+
+const lookupTicket = toolDefinition({
+  name: "lookup_ticket",
+  description: "Look up an issue ticket by id",
+  inputSchema: z.object({ ticketId: z.string() }),
+}).server(async ({ ticketId }) => {
+  return { ticketId, status: "open", title: "Crash on startup" };
+});
+
+const stream = chat({
+  adapter: claudeCodeText("claude-opus-4-8"),
+  messages: [{ role: "user", content: "What's the status of ticket T-123?" }],
+  tools: [lookupTicket],
+});
+```
+
+**Client-side and approval-gated tools are not supported.** The harness executes tools inside a live subprocess, which cannot pause across HTTP requests to wait for a browser round-trip or a human approval. Passing a tool without a server `execute()` implementation — or one marked `needsApproval` — fails fast with a descriptive error. Run those tools outside the harness with a regular provider adapter.
+
+## Structured Output
+
+`structuredOutput()` uses the harness's native JSON-schema output format in a one-shot run (single turn, no tools). It works for finalization after a chat, but a plain provider adapter (e.g. `@tanstack/ai-anthropic`) is the better choice when structured extraction is the primary job — it's faster and doesn't spawn a subprocess.
+
+## Limitations
+
+- **Server-only (Node).** The harness spawns a subprocess; Windows support is untested.
+- **The harness owns the agent loop.** TanStack's agent-loop strategies and per-iteration middleware don't apply inside a harness turn; `maxTurns` is the equivalent control.
+- **No sampling controls.** `temperature`-style options don't exist here.
+- **Sessions are machine-local.** Resume requires hitting the same server instance.
+- **Cold starts.** Each call spawns a harness turn; expect higher first-token latency than HTTP adapters.
diff --git a/docs/adapters/codex.md b/docs/adapters/codex.md
new file mode 100644
index 000000000..199cffe7f
--- /dev/null
+++ b/docs/adapters/codex.md
@@ -0,0 +1,182 @@
+---
+title: Codex
+id: codex-adapter
+order: 12
+description: "Use OpenAI Codex as a chat backend in TanStack AI — agent harness with local tool execution, stateful coding sessions, and tool bridging via @tanstack/ai-codex."
+keywords:
+  - tanstack ai
+  - codex
+  - codex sdk
+  - openai
+  - harness
+  - agent
+  - coding agent
+  - adapter
+---
+
+The Codex adapter runs [OpenAI Codex](https://developers.openai.com/codex) (via the `@openai/codex-sdk`) as a chat backend. Unlike HTTP provider adapters, this is a **harness adapter**: Codex runs its own agent loop and executes its own tools — shell commands, file changes, web search — locally on your server, inside its sandbox. Each `chat()` call runs one full harness turn; the harness's tool activity streams back as already-resolved tool-call events your UI can render.
+
+> **Server-only.** The harness spawns the Codex runtime (bundled with the SDK) as a subprocess, so this adapter only works in a Node.js server environment — never in the browser. The sandbox mode is the safety boundary; configure it deliberately.
+
+## Installation
+
+```bash
+npm install @tanstack/ai-codex
+```
+
+A runnable demo lives at [`examples/ts-react-coding-agent`](https://github.com/TanStack/ai/tree/main/examples/ts-react-coding-agent) — session resume, the harness tool timeline, sandbox modes, and tool bridging, wired into a React app.
+
+## Authentication
+
+The harness resolves credentials the same way the Codex CLI does:
+
+- the `apiKey` config option (exported to the subprocess as `CODEX_API_KEY`; usage-based billing), or
+- an existing ChatGPT login on the machine (`codex login`).
+
+## Basic Usage
+
+```typescript
+import { chat } from "@tanstack/ai";
+import { codexText } from "@tanstack/ai-codex";
+
+const stream = chat({
+  adapter: codexText("gpt-5.1-codex", {
+    cwd: "/path/to/project",
+    sandboxMode: "workspace-write",
+  }),
+  messages: [{ role: "user", content: "Fix the failing test in utils.test.ts" }],
+});
+```
+
+## Configuration
+
+| Option                 | Description                                                                                                                                  |
+| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
+| `cwd`                  | Working directory for the harness session. Defaults to `process.cwd()`.                                                                       |
+| `sandboxMode`          | Codex sandbox: `'read-only'` (harness default), `'workspace-write'`, or `'danger-full-access'`. This is the safety boundary on a server.       |
+| `approvalPolicy`       | Codex approval policy. Defaults to `'never'` — headless runs have no approval UI, so anything else can stall a turn.                           |
+| `modelReasoningEffort` | `'minimal'` \| `'low'` \| `'medium'` \| `'high'` \| `'xhigh'`.                                                                                 |
+| `skipGitRepoCheck`     | Skip the harness's git-repo safety check. Defaults to `true` (server adapters routinely point at scratch directories).                         |
+| `networkAccessEnabled` | Allow network access inside the `workspace-write` sandbox.                                                                                     |
+| `webSearchMode`        | `'disabled'` \| `'cached'` \| `'live'`.                                                                                                        |
+| `additionalDirectories`| Extra writable directories beyond `cwd`.                                                                                                       |
+| `apiKey`               | OpenAI API key for the harness subprocess.                                                                                                     |
+| `baseUrl`              | Override the Codex backend base URL.                                                                                                           |
+| `codexPathOverride`    | Use a specific codex executable instead of the SDK's bundled binary.                                                                           |
+| `env`                  | Environment variables for the subprocess. When set, `process.env` is **not** inherited (Codex SDK semantics).                                  |
+| `config`               | Extra `--config key=value` overrides passed to the Codex CLI (e.g. additional `mcp_servers` entries).                                          |
+
+Per-call overrides — `sessionId`, `sandboxMode`, `approvalPolicy`, `modelReasoningEffort`, `workingDirectory`, `skipGitRepoCheck` — go through `modelOptions`.
+
+## Stateful Sessions
+
+Codex threads are stateful — the harness keeps the full working context (files read, commands run, conclusions reached) between turns. The adapter surfaces the thread id of every fresh run as a custom stream event named `codex.session-id`; thread it back via `modelOptions.sessionId` to resume. When resuming, only the latest user message is sent — the harness already holds the prior context.
+
+Server endpoint:
+
+```typescript
+import {
+  chat,
+  chatParamsFromRequest,
+  toServerSentEventsResponse,
+} from "@tanstack/ai";
+import { codexText } from "@tanstack/ai-codex";
+
+export async function POST(request: Request) {
+  const params = await chatParamsFromRequest(request);
+
+  // Extra fields the client puts in the connection `body` arrive here.
+  const sessionId =
+    typeof params.forwardedProps.sessionId === "string"
+      ? params.forwardedProps.sessionId
+      : undefined;
+
+  const stream = chat({
+    adapter: codexText("gpt-5.1-codex", {
+      cwd: "/path/to/project",
+      sandboxMode: "workspace-write",
+    }),
+    messages: params.messages,
+    modelOptions: { sessionId },
+  });
+
+  return toServerSentEventsResponse(stream);
+}
+```
+
+Client (React) — capture the session id from the custom event and send it back on subsequent requests:
+
+```typescript
+import { useState } from "react";
+import { useChat } from "@tanstack/ai-react";
+import { fetchServerSentEvents } from "@tanstack/ai-client";
+
+function CodingAssistant() {
+  const [sessionId, setSessionId] = useState<string | undefined>(undefined);
+
+  const { messages, sendMessage } = useChat({
+    connection: fetchServerSentEvents("/api/chat", () => ({
+      body: { sessionId },
+    })),
+    onCustomEvent: (name, value) => {
+      if (
+        name === "codex.session-id" &&
+        typeof value === "object" &&
+        value !== null &&
+        "sessionId" in value &&
+        typeof value.sessionId === "string"
+      ) {
+        setSessionId(value.sessionId);
+      }
+    },
+  });
+
+  // ... render messages; harness tool activity (command_execution,
+  // file_change, ...) arrives as regular tool-call parts with results.
+}
+```
+
+Sessions are stored on the machine that ran them (`~/.codex/sessions/`), so resuming only works on the same server instance.
+
+## Tools
+
+Two kinds of tools flow through this adapter:
+
+1. **Built-in harness tools** are executed by Codex itself and stream back as tool-call events with results already attached: `command_execution` (shell), `file_change` (patches), `web_search`, and `todo_list` (the agent's running plan). Your code never executes them.
+
+2. **Your TanStack tools** are bridged *into* the harness: the adapter starts a short-lived Streamable-HTTP MCP server on `127.0.0.1` for the duration of the turn and points Codex at it. Define tools as usual with `toolDefinition().server()`; tool-call events come back under the names you registered.
+
+```typescript
+import { z } from "zod";
+import { chat, toolDefinition } from "@tanstack/ai";
+import { codexText } from "@tanstack/ai-codex";
+
+const lookupTicket = toolDefinition({
+  name: "lookup_ticket",
+  description: "Look up an issue ticket by id",
+  inputSchema: z.object({ ticketId: z.string() }),
+}).server(async ({ ticketId }) => {
+  return { ticketId, status: "open", title: "Crash on startup" };
+});
+
+const stream = chat({
+  adapter: codexText("gpt-5.1-codex"),
+  messages: [{ role: "user", content: "What's the status of ticket T-123?" }],
+  tools: [lookupTicket],
+});
+```
+
+**Client-side and approval-gated tools are not supported.** The harness executes tools inside a live subprocess, which cannot pause across HTTP requests to wait for a browser round-trip or a human approval. Passing a tool without a server `execute()` implementation — or one marked `needsApproval` — fails fast with a descriptive error. Run those tools outside the harness with a regular provider adapter.
+
+## Structured Output
+
+`structuredOutput()` uses Codex's native `outputSchema` support in a fresh, read-only, one-shot thread whose final message is a JSON string conforming to your schema. It works for finalization after a chat, but a plain provider adapter (e.g. `@tanstack/ai-openai`) is the better choice when structured extraction is the primary job — it's faster and doesn't spawn a subprocess.
+
+## Limitations
+
+- **No token-level text streaming.** The Codex SDK reports assistant text and reasoning only as completed items, so text arrives message-at-a-time. Tool activity (commands starting/finishing) still streams live, which keeps the UI feeling alive during long turns.
+- **Server-only (Node).** The harness spawns a subprocess.
+- **The harness owns the agent loop.** TanStack's agent-loop strategies and per-iteration middleware don't apply inside a harness turn.
+- **No sampling controls.** `temperature`-style options don't exist here.
+- **Sessions are machine-local.** Resume requires hitting the same server instance.
+- **Cold starts.** Each call spawns a harness turn; expect higher first-token latency than HTTP adapters.
diff --git a/docs/adapters/gemini-cli.md b/docs/adapters/gemini-cli.md
new file mode 100644
index 000000000..9822c1298
--- /dev/null
+++ b/docs/adapters/gemini-cli.md
@@ -0,0 +1,205 @@
+---
+title: Gemini CLI
+id: gemini-cli-adapter
+order: 13
+description: "Use Gemini CLI as a chat backend in TanStack AI — agent harness with local tool execution, stateful coding sessions, and tool bridging via @tanstack/ai-gemini-cli."
+keywords:
+  - tanstack ai
+  - gemini cli
+  - agent client protocol
+  - acp
+  - google
+  - harness
+  - agent
+  - coding agent
+  - adapter
+---
+
+The Gemini CLI adapter runs [Gemini CLI](https://github.com/google-gemini/gemini-cli) as a chat backend, driving it over the [Agent Client Protocol](https://agentclientprotocol.com) (`gemini --acp`) — the same interface editors like Zed use to embed it. Unlike HTTP provider adapters, this is a **harness adapter**: Gemini CLI runs its own agent loop and executes its own tools — shell commands, file reads and edits, search — locally on your server. Each `chat()` call runs one full harness turn; assistant text and thinking stream as true token-level deltas, and the harness's tool activity streams back as already-resolved tool-call events your UI can render.
+
+> **Server-only.** The adapter spawns the `gemini` CLI as a subprocess, so it only works in a Node.js server environment — never in the browser. Treat it like giving Gemini a shell on the machine it runs on, and configure permissions accordingly.
+
+## Installation
+
+```bash
+npm install @tanstack/ai-gemini-cli
+```
+
+The `gemini` CLI itself is a prerequisite — it is **not** bundled:
+
+```bash
+npm install -g @google/gemini-cli
+```
+
+A runnable demo lives at [`examples/ts-react-coding-agent`](https://github.com/TanStack/ai/tree/main/examples/ts-react-coding-agent) — session resume, the harness tool timeline, permission modes, and tool bridging, wired into a React app.
+
+## Authentication
+
+The harness resolves credentials the same way Gemini CLI does:
+
+- an existing Google login on the machine (run `gemini` once interactively), or
+- `GEMINI_API_KEY` in the server's environment (pass it via the `env` config option if needed).
+
+**Headless ACP auth.** When driven over ACP, Gemini CLI can't pop an
+interactive auth picker, so it needs to be told which method to use. Set
+`authMethodId` to one of the methods the CLI advertises — commonly
+`'oauth-personal'` (Log in with Google), `'gemini-api-key'`, or `'vertex-ai'`.
+The adapter selects it (via the ACP `authenticate` call) before opening the
+session, and fails fast with the list of available methods if the one you
+asked for isn't offered. Some setups also require trusting the working
+directory in headless mode — set `GEMINI_CLI_TRUST_WORKSPACE=true` (or pass
+`--skip-trust` via `extraArgs`) when the CLI refuses an untrusted folder.
+
+```typescript
+import { geminiCliText } from "@tanstack/ai-gemini-cli";
+
+const adapter = geminiCliText("gemini-3-pro-preview", {
+  cwd: "/path/to/project",
+  authMethodId: "oauth-personal", // reuse the machine's Google login
+});
+```
+
+## Basic Usage
+
+```typescript
+import { chat } from "@tanstack/ai";
+import { geminiCliText } from "@tanstack/ai-gemini-cli";
+
+const stream = chat({
+  adapter: geminiCliText("gemini-3-pro-preview", {
+    cwd: "/path/to/project",
+    permissionMode: "acceptEdits",
+  }),
+  messages: [{ role: "user", content: "Fix the failing test in utils.test.ts" }],
+});
+```
+
+## Configuration
+
+| Option                | Description                                                                                                          |
+| --------------------- | --------------------------------------------------------------------------------------------------------------------- |
+| `cwd`                 | Working directory for the harness session. Defaults to `process.cwd()`.                                                |
+| `executablePath`      | Path to the Gemini CLI executable. Defaults to `gemini` on `PATH`.                                                     |
+| `extraArgs`           | Extra CLI arguments appended after `--acp` (e.g. `['--sandbox']`).                                                     |
+| `env`                 | Extra environment variables merged over `process.env` for the subprocess.                                              |
+| `permissionMode`      | `'default'`, `'acceptEdits'`, or `'bypassPermissions'`. See the permissions note below.                                 |
+| `onPermissionRequest` | Custom permission handler; replaces the adapter's default policy.                                                      |
+| `authMethodId`        | ACP auth method to select before the session starts, e.g. `'oauth-personal'`, `'gemini-api-key'`, `'vertex-ai'`. See Authentication. |
+
+Per-call overrides — `sessionId`, `permissionMode`, `cwd`, `authMethodId` — go through `modelOptions`.
+
+**Permissions on headless servers.** ACP routes the harness's tool-approval questions back to the embedding application. Without a custom `onPermissionRequest`, the adapter installs a safe default policy that always answers immediately: bridged TanStack tools are approved, `'acceptEdits'` additionally approves file-mutation tools (edit / move / delete kinds), `'bypassPermissions'` approves everything, and anything else is rejected — a headless server must never hang on a question only an interactive user could answer.
+
+## Stateful Sessions
+
+Gemini CLI sessions are stateful — the harness keeps the full working context between turns. The adapter surfaces the session id of every run as a custom stream event named `gemini-cli.session-id`; thread it back via `modelOptions.sessionId` to resume the session. When resuming, only the latest user message is sent — the harness already holds the prior context. If the installed CLI can't load the session (older CLI, different machine), the adapter transparently falls back to a fresh session seeded with the flattened transcript, and the new session id is emitted so the client can re-pin it.
+
+Server endpoint:
+
+```typescript
+import {
+  chat,
+  chatParamsFromRequest,
+  toServerSentEventsResponse,
+} from "@tanstack/ai";
+import { geminiCliText } from "@tanstack/ai-gemini-cli";
+
+export async function POST(request: Request) {
+  const params = await chatParamsFromRequest(request);
+
+  // Extra fields the client puts in the connection `body` arrive here.
+  const sessionId =
+    typeof params.forwardedProps.sessionId === "string"
+      ? params.forwardedProps.sessionId
+      : undefined;
+
+  const stream = chat({
+    adapter: geminiCliText("gemini-3-pro-preview", {
+      cwd: "/path/to/project",
+      permissionMode: "acceptEdits",
+    }),
+    messages: params.messages,
+    modelOptions: { sessionId },
+  });
+
+  return toServerSentEventsResponse(stream);
+}
+```
+
+Client (React) — capture the session id from the custom event and send it back on subsequent requests:
+
+```typescript
+import { useState } from "react";
+import { useChat } from "@tanstack/ai-react";
+import { fetchServerSentEvents } from "@tanstack/ai-client";
+
+function CodingAssistant() {
+  const [sessionId, setSessionId] = useState<string | undefined>(undefined);
+
+  const { messages, sendMessage } = useChat({
+    connection: fetchServerSentEvents("/api/chat", () => ({
+      body: { sessionId },
+    })),
+    onCustomEvent: (name, value) => {
+      if (
+        name === "gemini-cli.session-id" &&
+        typeof value === "object" &&
+        value !== null &&
+        "sessionId" in value &&
+        typeof value.sessionId === "string"
+      ) {
+        setSessionId(value.sessionId);
+      }
+    },
+  });
+
+  // ... render messages; harness tool activity (execute, edit, read, ...)
+  // arrives as regular tool-call parts with their results attached.
+}
+```
+
+Sessions are stored on the machine that ran them (under `~/.gemini/tmp/`), so resuming only works on the same server instance.
+
+## Tools
+
+Two kinds of tools flow through this adapter:
+
+1. **Built-in harness tools** (shell, file edits, reads, search, web fetch, ...) are executed by Gemini CLI itself. Their activity streams back as tool-call events — named by their ACP tool kind (`execute`, `edit`, `read`, `search`, ...), with the human-readable title in the arguments — and results attached, so `useChat` UIs render them with no extra wiring. Your code never executes them. The harness's running plan is surfaced as a CUSTOM `gemini-cli.plan` event.
+
+2. **Your TanStack tools** are bridged *into* the harness: the adapter starts a short-lived Streamable-HTTP MCP server on `127.0.0.1` for the duration of the turn and registers it with the ACP session. Define tools as usual with `toolDefinition().server()`; tool-call events come back under the names you registered, and the default permission policy auto-approves them.
+
+```typescript
+import { z } from "zod";
+import { chat, toolDefinition } from "@tanstack/ai";
+import { geminiCliText } from "@tanstack/ai-gemini-cli";
+
+const lookupTicket = toolDefinition({
+  name: "lookup_ticket",
+  description: "Look up an issue ticket by id",
+  inputSchema: z.object({ ticketId: z.string() }),
+}).server(async ({ ticketId }) => {
+  return { ticketId, status: "open", title: "Crash on startup" };
+});
+
+const stream = chat({
+  adapter: geminiCliText("gemini-3-pro-preview"),
+  messages: [{ role: "user", content: "What's the status of ticket T-123?" }],
+  tools: [lookupTicket],
+});
+```
+
+**Client-side and approval-gated tools are not supported.** The harness executes tools inside a live subprocess, which cannot pause across HTTP requests to wait for a browser round-trip or a human approval. Passing a tool without a server `execute()` implementation — or one marked `needsApproval` — fails fast with a descriptive error. Run those tools outside the harness with a regular provider adapter.
+
+## Structured Output
+
+ACP has no native JSON-schema output channel, so `structuredOutput()` is best-effort: the schema is embedded as a prompt instruction in a fresh one-shot session and the final text is parsed (markdown fences are stripped when present). For production structured extraction, use a plain provider adapter (e.g. `@tanstack/ai-gemini`) — it's faster, schema-enforced, and doesn't spawn a subprocess.
+
+## Limitations
+
+- **Server-only (Node)**, and the `gemini` CLI must be installed and authenticated on the host.
+- **Token usage is usually unavailable.** ACP only recently added usage reporting; when the CLI doesn't report it, `RUN_FINISHED` carries no usage.
+- **The harness owns the agent loop.** TanStack's agent-loop strategies and per-iteration middleware don't apply inside a harness turn.
+- **No sampling controls.** `temperature`-style options don't exist here.
+- **Sessions are machine-local.** Resume requires hitting the same server instance (with graceful fallback to a fresh transcript-seeded session).
+- **Cold starts.** Each call spawns the CLI; expect higher first-token latency than HTTP adapters.
+- **ACP is young.** Gemini CLI's ACP mode is still stabilizing; pin a known-good CLI version in production.
diff --git a/docs/adapters/opencode.md b/docs/adapters/opencode.md
new file mode 100644
index 000000000..ff2fa70e6
--- /dev/null
+++ b/docs/adapters/opencode.md
@@ -0,0 +1,186 @@
+---
+title: OpenCode
+id: opencode-adapter
+order: 14
+description: "Use OpenCode as a chat backend in TanStack AI — agent harness with local tool execution, token-level streaming, stateful sessions, and tool bridging via @tanstack/ai-opencode."
+keywords:
+  - tanstack ai
+  - opencode
+  - opencode sdk
+  - harness
+  - agent
+  - coding agent
+  - adapter
+---
+
+The OpenCode adapter runs [OpenCode](https://opencode.ai) as a chat backend, driving it over its local HTTP server (`@opencode-ai/sdk`). Unlike HTTP provider adapters, this is a **harness adapter**: OpenCode runs its own agent loop and executes its own tools — shell commands, file reads and edits, search — locally on your server. Each `chat()` call runs one full harness turn; assistant text and reasoning stream as true token-level deltas, and the harness's tool activity streams back as already-resolved tool-call events your UI can render.
+
+> **Server-only.** The adapter spawns (or attaches to) an `opencode serve` process, so it only works in a Node.js server environment — never in the browser. Treat it like giving OpenCode a shell on the machine it runs on, and configure permissions accordingly.
+
+## Installation
+
+```bash
+npm install @tanstack/ai-opencode
+```
+
+The `opencode` CLI must be installed and its providers authenticated on the host:
+
+```bash
+npm install -g opencode-ai
+opencode auth login
+```
+
+A runnable demo lives at [`examples/ts-react-coding-agent`](https://github.com/TanStack/ai/tree/main/examples/ts-react-coding-agent) — session resume, the harness tool timeline, permission modes, and tool bridging, wired into a React app.
+
+## Models
+
+OpenCode is provider-agnostic: it resolves any `provider/model` id its configured providers support. Address models as `provider/model` (the adapter splits on the first `/`):
+
+```typescript
+import { chat } from "@tanstack/ai";
+import { opencodeText } from "@tanstack/ai-opencode";
+
+const stream = chat({
+  adapter: opencodeText("anthropic/claude-sonnet-4-5", {
+    directory: "/path/to/project",
+    permissionMode: "acceptEdits",
+  }),
+  messages: [{ role: "user", content: "Fix the failing test in utils.test.ts" }],
+});
+```
+
+## Configuration
+
+| Option                | Description                                                                                                                                                  |
+| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `directory`           | Working directory for the harness session. Defaults to `process.cwd()`.                                                                                      |
+| `baseUrl`             | Attach to an already-running `opencode serve` (e.g. `http://127.0.0.1:4096`) instead of spawning a new server per turn.                                       |
+| `hostname`            | Hostname for the spawned server. Defaults to the SDK default (`127.0.0.1`).                                                                                   |
+| `port`                | Port for the spawned server. Defaults to the SDK default (`4096`).                                                                                           |
+| `permissionMode`      | `'default'` (bridged tools run, everything else that prompts is rejected), `'acceptEdits'` (also auto-approves file edits), or `'bypassPermissions'` (allow all). |
+| `onPermissionRequest` | Custom permission handler; replaces the default policy entirely.                                                                                             |
+| `config`              | Extra OpenCode config merged with the adapter's MCP and permission config.                                                                                    |
+
+Per-call overrides — `sessionId`, `permissionMode`, `directory` — go through `modelOptions`.
+
+## Permissions
+
+OpenCode asks for permission before mutating files or running commands. A headless server has no one to answer those prompts, so the adapter applies a policy automatically — it never hangs a turn:
+
+- **`'default'`** — bridged TanStack tools run; anything else that would prompt (edits, shell, web fetch) is rejected.
+- **`'acceptEdits'`** — additionally auto-approves file-mutation requests (edit / write / patch).
+- **`'bypassPermissions'`** — approves everything. Only use this against a sandbox or scratch directory.
+
+Provide `onPermissionRequest` to implement your own policy (e.g. allow-list specific commands).
+
+## Stateful Sessions
+
+OpenCode sessions are stateful — the harness keeps the full working context (files read, commands run, conclusions reached) between turns. The adapter surfaces the session id of every fresh run as a custom stream event named `opencode.session-id`; thread it back via `modelOptions.sessionId` to resume. When resuming, only the latest user message is sent — the harness already holds the prior context.
+
+Server endpoint:
+
+```typescript
+import {
+  chat,
+  chatParamsFromRequest,
+  toServerSentEventsResponse,
+} from "@tanstack/ai";
+import { opencodeText } from "@tanstack/ai-opencode";
+
+export async function POST(request: Request) {
+  const params = await chatParamsFromRequest(request);
+
+  // Extra fields the client puts in the connection `body` arrive here.
+  const sessionId =
+    typeof params.forwardedProps.sessionId === "string"
+      ? params.forwardedProps.sessionId
+      : undefined;
+
+  const stream = chat({
+    adapter: opencodeText("anthropic/claude-sonnet-4-5", {
+      directory: "/path/to/project",
+      permissionMode: "acceptEdits",
+    }),
+    messages: params.messages,
+    modelOptions: { sessionId },
+  });
+
+  return toServerSentEventsResponse(stream);
+}
+```
+
+Client (React) — capture the session id from the custom event and send it back on subsequent requests:
+
+```typescript
+import { useState } from "react";
+import { useChat } from "@tanstack/ai-react";
+import { fetchServerSentEvents } from "@tanstack/ai-client";
+
+function CodingAssistant() {
+  const [sessionId, setSessionId] = useState<string | undefined>(undefined);
+
+  const { messages, sendMessage } = useChat({
+    connection: fetchServerSentEvents("/api/chat", () => ({
+      body: { sessionId },
+    })),
+    onCustomEvent: (name, value) => {
+      if (
+        name === "opencode.session-id" &&
+        typeof value === "object" &&
+        value !== null &&
+        "sessionId" in value &&
+        typeof value.sessionId === "string"
+      ) {
+        setSessionId(value.sessionId);
+      }
+    },
+  });
+
+  // ... render messages; harness tool activity (bash, edit, read, ...)
+  // arrives as regular tool-call parts with results.
+}
+```
+
+Sessions live on the server that ran them, so resuming only works against the same server instance (or a shared `baseUrl`).
+
+## Tools
+
+Two kinds of tools flow through this adapter:
+
+1. **Built-in harness tools** are executed by OpenCode itself and stream back as tool-call events with results already attached: `bash`, `edit`, `write`, `read`, `grep`, and the agent's running todo plan (surfaced as an `opencode.todo` custom event). Your code never executes them.
+
+2. **Your TanStack tools** are bridged *into* the harness: the adapter starts a short-lived Streamable-HTTP MCP server on `127.0.0.1` for the duration of the turn and registers it with OpenCode. Define tools as usual with `toolDefinition().server()`; tool-call events come back under the names you registered (OpenCode prefixes MCP tools `tanstack_…` internally, which the adapter strips).
+
+```typescript
+import { z } from "zod";
+import { chat, toolDefinition } from "@tanstack/ai";
+import { opencodeText } from "@tanstack/ai-opencode";
+
+const lookupTicket = toolDefinition({
+  name: "lookup_ticket",
+  description: "Look up an issue ticket by id",
+  inputSchema: z.object({ ticketId: z.string() }),
+}).server(async ({ ticketId }) => {
+  return { ticketId, status: "open", title: "Crash on startup" };
+});
+
+const stream = chat({
+  adapter: opencodeText("anthropic/claude-sonnet-4-5"),
+  messages: [{ role: "user", content: "What's the status of ticket T-123?" }],
+  tools: [lookupTicket],
+});
+```
+
+**Client-side and approval-gated tools are not supported.** The harness executes tools inside a live process, which cannot pause across HTTP requests to wait for a browser round-trip or a human approval. Passing a tool without a server `execute()` implementation — or one marked `needsApproval` — fails fast with a descriptive error. Run those tools outside the harness with a regular provider adapter.
+
+## Structured Output
+
+`structuredOutput()` is best-effort: OpenCode's prompt API has no native JSON-schema channel, so the schema is embedded as a prompt instruction in a fresh, one-shot session and the final text is parsed (markdown fences are stripped when present). It works for finalization after a chat, but a plain provider adapter (e.g. `@tanstack/ai-openai`) is the better choice when structured extraction is the primary job — it's faster, deterministic, and doesn't spawn a harness.
+
+## Limitations
+
+- **Server-only (Node).** The adapter spawns or attaches to an `opencode serve` process.
+- **The harness owns the agent loop.** TanStack's agent-loop strategies and per-iteration middleware don't apply inside a harness turn.
+- **No sampling controls.** `temperature`-style options don't exist here.
+- **Sessions are server-local.** Resume requires hitting the same server instance (or a shared `baseUrl`).
+- **Cold starts.** Spawning a server per turn adds first-token latency; point the adapter at a long-lived `baseUrl` to avoid it.
diff --git a/docs/config.json b/docs/config.json
index 966b75108..de0eda84f 100644
--- a/docs/config.json
+++ b/docs/config.json
@@ -461,6 +461,26 @@
           "to": "adapters/openai-compatible",
           "addedAt": "2026-06-01",
           "updatedAt": "2026-06-20"
+        },
+        {
+          "label": "Claude Code",
+          "to": "adapters/claude-code",
+          "addedAt": "2026-06-12"
+        },
+        {
+          "label": "Codex",
+          "to": "adapters/codex",
+          "addedAt": "2026-06-12"
+        },
+        {
+          "label": "Gemini CLI",
+          "to": "adapters/gemini-cli",
+          "addedAt": "2026-06-12"
+        },
+        {
+          "label": "OpenCode",
+          "to": "adapters/opencode",
+          "addedAt": "2026-06-12"
         }
       ]
     },
diff --git a/examples/coco/README.md b/examples/coco/README.md
new file mode 100644
index 000000000..883741703
--- /dev/null
+++ b/examples/coco/README.md
@@ -0,0 +1,201 @@
+# Coco — CLI dev-overlay coding agent
+
+Coco is a drop-in command-line tool that wraps your project's dev server with
+an in-page AI coding-agent chat panel. Run `coco` inside any web project, open
+the URL it prints, and a floating chat appears on top of your running app. The
+chat drives a real coding agent — [Claude Code], [Codex], [Gemini CLI], or
+[OpenCode] — pointed at the project's working directory, so the agent edits
+the live code and the dev server's HMR reloads the page.
+
+[Claude Code]: https://docs.anthropic.com/en/docs/claude-code
+[Codex]: https://developers.openai.com/codex
+[Gemini CLI]: https://github.com/google-gemini/gemini-cli
+[OpenCode]: https://opencode.ai
+
+Coco is framework-agnostic: it reverse-proxies the dev server and injects a
+small `<script>` into every HTML response. The panel renders inside a Shadow
+DOM root, so it never collides with the host app's CSS or React/Vue/Svelte/etc.
+
+> ⚠️ The agent writes to your project's working directory with real edits.
+> Run inside a git repo and commit often.
+
+## Quick start
+
+Coco offers two integration paths. **Pick the first one for any Vite-based
+project (TanStack Start, plain Vite, etc.); fall back to the proxy CLI for
+non-Vite dev servers.**
+
+### Recommended: `coco init` (TanStack Start / any Vite app)
+
+```bash
+# from the root of a TanStack Start / Vite project
+pnpm dlx coco init   # or: npx coco init / pnpm coco init
+
+pnpm dev             # start your dev server as usual
+```
+
+`coco init` adds the dev-only `coco/vite` plugin to your `vite.config.ts`
+(idempotent — safe to re-run) and prints which supported agent CLIs it
+found. After that the 🥥 launcher appears in the corner of every page your
+dev server renders — **but only when at least one of `claude`, `codex`,
+`gemini`, or `opencode` is found on `PATH`**. Otherwise the panel stays
+silent so it never shows up on machines that don't have an agent installed.
+
+Pass `--dry-run` to preview the rewrite without writing.
+
+### Alternative: reverse-proxy CLI (framework-agnostic)
+
+```bash
+# from inside your web project (must have a "dev" script)
+pnpm dlx coco            # or: npx coco, or: pnpm --filter coco dev
+```
+
+This spawns `pnpm dev` for you and serves a proxy on `:7777` that injects
+the panel into every HTML response. Use this when you can't (or don't want
+to) edit your dev tooling.
+
+### Try it against the bundled sample-app
+
+A bare-bones TanStack Start app lives at
+[`examples/coco/sample-apps/simple-app`](sample-apps/simple-app) so you can
+exercise Coco without finding a project of your own. It is intentionally
+**not** part of the pnpm workspace — its deps are installed independently so
+the workspace stays clean.
+
+```bash
+pnpm --filter coco build           # build the panel bundle once
+pnpm --filter coco sample:install  # install the sample-app's deps
+pnpm --filter coco sample:dev      # launch Coco in the sample-app
+```
+
+`sample:dev` runs `coco` with the sample-app as cwd; open the printed
+Coco URL and ask the agent to change the page (e.g. "make the headline
+green" or "add a third route"). When you want a blank slate again:
+
+```bash
+pnpm --filter coco sample:reset    # revert all sample-app edits, keep node_modules
+```
+
+`sample:reset` runs `git restore` + `git clean` scoped to
+`sample-apps/simple-app/`, so it only touches that subdirectory and leaves
+`node_modules` (and everything else `.gitignore`d) alone.
+
+In proxy mode, Coco:
+
+- runs `pnpm dev` as a subprocess and scrapes its stdout for the local URL,
+- serves a reverse proxy on `http://localhost:7777` (override with `--port`),
+- injects the chat panel into every HTML page it proxies,
+- proxies WebSockets so HMR keeps working.
+
+Open the printed Coco URL (not the dev server's URL!) and click the 🥥 button
+in the corner. The launcher only appears when one of `claude`, `codex`,
+`gemini`, or `opencode` is on `PATH` (cross-OS lookup, honors `PATHEXT` on
+Windows).
+
+### Flags
+
+| Flag        | Default       | Description                                                       |
+| ----------- | ------------- | ----------------------------------------------------------------- |
+| `--port`    | `7777`        | Port Coco listens on.                                             |
+| `--command` | `pnpm dev`    | Command Coco uses to start the dev server.                        |
+| `--target`  | (auto)        | Existing dev-server URL — skips spawning `--command`.             |
+| `--agent`   | `claude-code` | Default agent (`claude-code`, `codex`, `gemini-cli`, `opencode`). |
+| `--mode`    | `edit`        | `edit` or `read-only` — default agent permission mode.            |
+
+The panel itself has dropdowns for agent + mode, so flags only set defaults.
+
+### Building the panel bundle
+
+The panel bundle lives at `dist/client/client.js`. Build it once with:
+
+```bash
+pnpm --filter coco build
+```
+
+`pnpm --filter coco dev` (the development script) checks for the bundle and
+prints a clear error if it's missing.
+
+## Per-agent setup
+
+Coco's agent backend reuses the same harness adapters as
+[`examples/ts-react-coding-agent`](../ts-react-coding-agent/README.md). You
+only need to set up the agent(s) you actually want to use; the others stay
+selectable in the panel and surface a setup dialog explaining what's missing.
+
+### Claude Code
+
+```bash
+npm i -g @anthropic-ai/claude-code
+claude login                          # or: export ANTHROPIC_API_KEY=sk-ant-…
+```
+
+### Codex
+
+```bash
+codex login                           # or: export OPENAI_API_KEY=sk-…
+```
+
+The `codex` binary ships with `@openai/codex-sdk`. ChatGPT-account logins
+can't run codex models in headless mode — use an API key or an entitled
+account.
+
+### Gemini CLI
+
+```bash
+npm i -g @google/gemini-cli
+gemini                                # one-time interactive login
+GEMINI_ACP_AUTH_METHOD=oauth-personal GEMINI_CLI_TRUST_WORKSPACE=true coco
+```
+
+For an API key instead, set `GEMINI_API_KEY` and
+`GEMINI_ACP_AUTH_METHOD=gemini-api-key`.
+
+### OpenCode
+
+```bash
+npm i -g opencode-ai
+opencode auth login                   # or: export ANTHROPIC_API_KEY=sk-ant-…
+```
+
+## How it works
+
+Two equivalent surfaces serve the same `__coco/*` endpoints and inject the
+same panel `<script>`:
+
+```
+Vite-plugin mode (coco/vite, dev-only):
+  browser ─▶ vite dev server ──┬─ transformIndexHtml + response wrapper
+                                ├─ /__coco/client.js  (panel bundle)
+                                └─ /__coco/api/*       (chat + agent status)
+
+Proxy mode (coco CLI):
+  browser ─▶ http://localhost:7777 (Coco proxy)
+                ├─ proxies HTML / JS / CSS / WS ─▶ pnpm dev (e.g. :5173)
+                ├─ injects <script src="/__coco/client.js"> into HTML
+                ├─ /__coco/client.js (Shadow-DOM chat panel)
+                └─ /__coco/api/*      (chat + agent status)
+```
+
+In both modes the panel uses the headless `ChatClient` from
+`@tanstack/ai-client`, posting to `/__coco/api/chat`. The server runs
+`chat()` from `@tanstack/ai` with one of the four CLI-agent adapters, `cwd`
+set to the project root (Vite's `config.root` for the plugin,
+`process.cwd()` for the CLI). Each chat turn forwards two pieces of UI
+context:
+
+- `route` — `location.pathname + search + hash`, tracked across SPA nav.
+- `selectedElement` — when the user activates the picker (🎯 button) and
+  clicks an element, its tag, selector, text, and a clipped `outerHTML` go
+  along with the next message.
+
+The server prepends those into the agent's system prompt so it knows which
+file/component the user is talking about.
+
+## Notes
+
+- Coco is in `examples/coco` to demonstrate the CLI-agent adapters end-to-end.
+  It is not published as an npm bin from this repo.
+- Sessions don't survive switching agents (the harnesses don't share state).
+- HMR works because the proxy forwards WebSocket upgrades. If your dev server
+  emits an absolute URL in the HMR client, set the dev server to use the same
+  port via `--target` or configure host/port in your dev config.
diff --git a/examples/coco/package.json b/examples/coco/package.json
new file mode 100644
index 000000000..43ac0114c
--- /dev/null
+++ b/examples/coco/package.json
@@ -0,0 +1,41 @@
+{
+  "name": "coco",
+  "private": true,
+  "type": "module",
+  "description": "Coco — drop-in CLI that overlays an AI coding-agent chat panel on your dev server.",
+  "bin": {
+    "coco": "./src/cli.ts"
+  },
+  "exports": {
+    ".": "./src/index.ts",
+    "./vite": "./src/vite/plugin.ts"
+  },
+  "scripts": {
+    "dev": "tsx src/cli.ts",
+    "start": "tsx src/cli.ts",
+    "build:client": "vite build",
+    "build": "pnpm build:client",
+    "test": "exit 0",
+    "test:types": "tsc --noEmit",
+    "sample:install": "pnpm -C sample-apps/simple-app install --ignore-workspace",
+    "sample:dev": "pnpm sample:ensure && cd sample-apps/simple-app && tsx ../../src/cli.ts",
+    "sample:ensure": "node -e \"const fs=require('node:fs');const p='sample-apps/simple-app/node_modules';if(!fs.existsSync(p)){console.error('[coco] sample-apps/simple-app deps missing. Run: pnpm --filter coco sample:install');process.exit(1)}\"",
+    "sample:reset": "node scripts/reset-sample.mjs"
+  },
+  "dependencies": {
+    "@tanstack/ai": "workspace:*",
+    "@tanstack/ai-claude-code": "workspace:*",
+    "@tanstack/ai-client": "workspace:*",
+    "@tanstack/ai-codex": "workspace:*",
+    "@tanstack/ai-gemini-cli": "workspace:*",
+    "@tanstack/ai-opencode": "workspace:*",
+    "http-proxy": "^1.18.1",
+    "tsx": "^4.21.0"
+  },
+  "devDependencies": {
+    "@types/http-proxy": "^1.17.17",
+    "@types/node": "^24.10.1",
+    "typescript": "5.9.3",
+    "vite": "^7.3.3"
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/.cta.json b/examples/coco/sample-apps/simple-app/.cta.json
new file mode 100644
index 000000000..a51c275ca
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/.cta.json
@@ -0,0 +1,16 @@
+{
+  "projectName": "simple-app",
+  "mode": "file-router",
+  "typescript": true,
+  "packageManager": "pnpm",
+  "includeExamples": true,
+  "tailwind": true,
+  "addOnOptions": {},
+  "envVarValues": {},
+  "git": true,
+  "install": true,
+  "routerOnly": false,
+  "version": 1,
+  "framework": "react",
+  "chosenAddOns": ["nitro"]
+}
diff --git a/examples/coco/sample-apps/simple-app/.gitignore b/examples/coco/sample-apps/simple-app/.gitignore
new file mode 100644
index 000000000..99e9e164b
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/.gitignore
@@ -0,0 +1,18 @@
+node_modules
+.DS_Store
+dist
+dist-ssr
+*.local
+.env
+.nitro
+.tanstack
+.wrangler
+.output
+.vinxi
+__unconfig*
+todos.json
+
+# Auto-generated; ignored so `sample:reset` (git clean) leaves them in
+# place, avoiding a full reinstall / route-tree regenerate on every reset.
+pnpm-lock.yaml
+src/routeTree.gen.ts
diff --git a/examples/coco/sample-apps/simple-app/.vscode/settings.json b/examples/coco/sample-apps/simple-app/.vscode/settings.json
new file mode 100644
index 000000000..00b5278e5
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/.vscode/settings.json
@@ -0,0 +1,11 @@
+{
+  "files.watcherExclude": {
+    "**/routeTree.gen.ts": true
+  },
+  "search.exclude": {
+    "**/routeTree.gen.ts": true
+  },
+  "files.readonlyInclude": {
+    "**/routeTree.gen.ts": true
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/README.md b/examples/coco/sample-apps/simple-app/README.md
new file mode 100644
index 000000000..93a737422
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/README.md
@@ -0,0 +1,204 @@
+Welcome to your new TanStack Start app!
+
+# Getting Started
+
+To run this application:
+
+```bash
+pnpm install
+pnpm dev
+```
+
+# Building For Production
+
+To build this application for production:
+
+```bash
+pnpm build
+```
+
+## Testing
+
+This project uses [Vitest](https://vitest.dev/) for testing. You can run the tests with:
+
+```bash
+pnpm test
+```
+
+## Styling
+
+This project uses [Tailwind CSS](https://tailwindcss.com/) for styling.
+
+### Removing Tailwind CSS
+
+If you prefer not to use Tailwind CSS:
+
+1. Remove the demo pages in `src/routes/demo/`
+2. Replace the Tailwind import in `src/styles.css` with your own styles
+3. Remove `tailwindcss()` from the plugins array in `vite.config.ts`
+4. Uninstall the packages: `pnpm add @tailwindcss/vite tailwindcss --dev`
+
+## Deploy with Nitro
+
+This project uses Nitro as a generic server adapter, so it can run on any Node-compatible host.
+
+```bash
+npm run build
+node dist/server/index.mjs
+```
+
+The build output is a self-contained Node server. To deploy, push the `dist/` directory to your host (Render, Fly.io, your own VPS, etc.) and run the server command above.
+
+For host-specific presets (Vercel, Netlify, Cloudflare, AWS Lambda, etc.) and tuning, see https://v3.nitro.build/deploy.
+
+## Routing
+
+This project uses [TanStack Router](https://tanstack.com/router) with file-based routing. Routes are managed as files in `src/routes`.
+
+### Adding A Route
+
+To add a new route to your application just add a new file in the `./src/routes` directory.
+
+TanStack will automatically generate the content of the route file for you.
+
+Now that you have two routes you can use a `Link` component to navigate between them.
+
+### Adding Links
+
+To use SPA (Single Page Application) navigation you will need to import the `Link` component from `@tanstack/react-router`.
+
+```tsx
+import { Link } from '@tanstack/react-router'
+```
+
+Then anywhere in your JSX you can use it like so:
+
+```tsx
+<Link to="/about">About</Link>
+```
+
+This will create a link that will navigate to the `/about` route.
+
+More information on the `Link` component can be found in the [Link documentation](https://tanstack.com/router/v1/docs/framework/react/api/router/linkComponent).
+
+### Using A Layout
+
+In the File Based Routing setup the layout is located in `src/routes/__root.tsx`. Anything you add to the root route will appear in all the routes. The route content will appear in the JSX where you render `{children}` in the `shellComponent`.
+
+Here is an example layout that includes a header:
+
+```tsx
+import { HeadContent, Scripts, createRootRoute } from '@tanstack/react-router'
+
+export const Route = createRootRoute({
+  head: () => ({
+    meta: [
+      { charSet: 'utf-8' },
+      { name: 'viewport', content: 'width=device-width, initial-scale=1' },
+      { title: 'My App' },
+    ],
+  }),
+  shellComponent: ({ children }) => (
+    <html lang="en">
+      <head>
+        <HeadContent />
+      </head>
+      <body>
+        <header>
+          <nav>
+            <Link to="/">Home</Link>
+            <Link to="/about">About</Link>
+          </nav>
+        </header>
+        {children}
+        <Scripts />
+      </body>
+    </html>
+  ),
+})
+```
+
+More information on layouts can be found in the [Layouts documentation](https://tanstack.com/router/latest/docs/framework/react/guide/routing-concepts#layouts).
+
+## Server Functions
+
+TanStack Start provides server functions that allow you to write server-side code that seamlessly integrates with your client components.
+
+```tsx
+import { createServerFn } from '@tanstack/react-start'
+
+const getServerTime = createServerFn({
+  method: 'GET',
+}).handler(async () => {
+  return new Date().toISOString()
+})
+
+// Use in a component
+function MyComponent() {
+  const [time, setTime] = useState('')
+
+  useEffect(() => {
+    getServerTime().then(setTime)
+  }, [])
+
+  return <div>Server time: {time}</div>
+}
+```
+
+## API Routes
+
+You can create API routes by using the `server` property in your route definitions:
+
+```tsx
+import { createFileRoute } from '@tanstack/react-router'
+import { json } from '@tanstack/react-start'
+
+export const Route = createFileRoute('/api/hello')({
+  server: {
+    handlers: {
+      GET: () => json({ message: 'Hello, World!' }),
+    },
+  },
+})
+```
+
+## Data Fetching
+
+There are multiple ways to fetch data in your application. You can use TanStack Query to fetch data from a server. But you can also use the `loader` functionality built into TanStack Router to load the data for a route before it's rendered.
+
+For example:
+
+```tsx
+import { createFileRoute } from '@tanstack/react-router'
+
+export const Route = createFileRoute('/people')({
+  loader: async () => {
+    const response = await fetch('https://swapi.dev/api/people')
+    return response.json()
+  },
+  component: PeopleComponent,
+})
+
+function PeopleComponent() {
+  const data = Route.useLoaderData()
+  return (
+    <ul>
+      {data.results.map((person) => (
+        <li key={person.name}>{person.name}</li>
+      ))}
+    </ul>
+  )
+}
+```
+
+Loaders simplify your data fetching logic dramatically. Check out more information in the [Loader documentation](https://tanstack.com/router/latest/docs/framework/react/guide/data-loading#loader-parameters).
+
+# Demo files
+
+Files prefixed with `demo` can be safely deleted. They are there to provide a starting point for you to play around with the features you've installed.
+
+# Learn More
+
+You can learn more about all of the offerings from TanStack in the [TanStack documentation](https://tanstack.com).
+
+For TanStack Start specific documentation, visit [TanStack Start](https://tanstack.com/start).
diff --git a/examples/coco/sample-apps/simple-app/package.json b/examples/coco/sample-apps/simple-app/package.json
new file mode 100644
index 000000000..41d4adcc2
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/package.json
@@ -0,0 +1,50 @@
+{
+  "name": "simple-app",
+  "private": true,
+  "type": "module",
+  "imports": {
+    "#/*": "./src/*"
+  },
+  "scripts": {
+    "dev": "vite dev --port 3000",
+    "generate-routes": "tsr generate",
+    "build": "vite build",
+    "preview": "vite preview",
+    "test": "vitest run"
+  },
+  "dependencies": {
+    "@tailwindcss/vite": "^4.1.18",
+    "@tanstack/react-devtools": "latest",
+    "@tanstack/react-router": "latest",
+    "@tanstack/react-router-devtools": "latest",
+    "@tanstack/react-router-ssr-query": "latest",
+    "@tanstack/react-start": "latest",
+    "@tanstack/router-plugin": "^1.132.0",
+    "lucide-react": "^0.545.0",
+    "nitro": "npm:nitro-nightly@latest",
+    "react": "^19.2.0",
+    "react-dom": "^19.2.0",
+    "tailwindcss": "^4.1.18"
+  },
+  "devDependencies": {
+    "@tailwindcss/typography": "^0.5.16",
+    "@tanstack/devtools-vite": "latest",
+    "@tanstack/router-cli": "^1.132.0",
+    "@testing-library/dom": "^10.4.1",
+    "@testing-library/react": "^16.3.0",
+    "@types/node": "^22.10.2",
+    "@types/react": "^19.2.0",
+    "@types/react-dom": "^19.2.0",
+    "@vitejs/plugin-react": "^6.0.1",
+    "jsdom": "^28.1.0",
+    "typescript": "^6.0.2",
+    "vite": "^8.0.0",
+    "vitest": "^4.1.5"
+  },
+  "pnpm": {
+    "onlyBuiltDependencies": [
+      "esbuild",
+      "lightningcss"
+    ]
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/public/favicon.ico b/examples/coco/sample-apps/simple-app/public/favicon.ico
new file mode 100644
index 000000000..a11777cc4
Binary files /dev/null and b/examples/coco/sample-apps/simple-app/public/favicon.ico differ
diff --git a/examples/coco/sample-apps/simple-app/public/logo192.png b/examples/coco/sample-apps/simple-app/public/logo192.png
new file mode 100644
index 000000000..fc44b0a37
Binary files /dev/null and b/examples/coco/sample-apps/simple-app/public/logo192.png differ
diff --git a/examples/coco/sample-apps/simple-app/public/logo512.png b/examples/coco/sample-apps/simple-app/public/logo512.png
new file mode 100644
index 000000000..a4e47a654
Binary files /dev/null and b/examples/coco/sample-apps/simple-app/public/logo512.png differ
diff --git a/examples/coco/sample-apps/simple-app/public/manifest.json b/examples/coco/sample-apps/simple-app/public/manifest.json
new file mode 100644
index 000000000..078ef5011
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/public/manifest.json
@@ -0,0 +1,25 @@
+{
+  "short_name": "TanStack App",
+  "name": "Create TanStack App Sample",
+  "icons": [
+    {
+      "src": "favicon.ico",
+      "sizes": "64x64 32x32 24x24 16x16",
+      "type": "image/x-icon"
+    },
+    {
+      "src": "logo192.png",
+      "type": "image/png",
+      "sizes": "192x192"
+    },
+    {
+      "src": "logo512.png",
+      "type": "image/png",
+      "sizes": "512x512"
+    }
+  ],
+  "start_url": ".",
+  "display": "standalone",
+  "theme_color": "#000000",
+  "background_color": "#ffffff"
+}
diff --git a/examples/coco/sample-apps/simple-app/public/robots.txt b/examples/coco/sample-apps/simple-app/public/robots.txt
new file mode 100644
index 000000000..e9e57dc4d
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/public/robots.txt
@@ -0,0 +1,3 @@
+# https://www.robotstxt.org/robotstxt.html
+User-agent: *
+Disallow:
diff --git a/examples/coco/sample-apps/simple-app/src/components/Footer.tsx b/examples/coco/sample-apps/simple-app/src/components/Footer.tsx
new file mode 100644
index 000000000..c8bfd17b5
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/components/Footer.tsx
@@ -0,0 +1,44 @@
+export default function Footer() {
+  const year = new Date().getFullYear()
+
+  return (
+    <footer className="mt-20 border-t border-[var(--line)] px-4 pb-14 pt-10 text-[var(--sea-ink-soft)]">
+      <div className="page-wrap flex flex-col items-center justify-between gap-4 text-center sm:flex-row sm:text-left">
+        <p className="m-0 text-sm">
+          &copy; {year} Your name here. All rights reserved.
+        </p>
+        <p className="island-kicker m-0">Built with TanStack Start</p>
+      </div>
+      <div className="mt-4 flex justify-center gap-4">
+        <a
+          href="https://x.com/tan_stack"
+          target="_blank"
+          rel="noreferrer"
+          className="rounded-xl p-2 text-[var(--sea-ink-soft)] transition hover:bg-[var(--link-bg-hover)] hover:text-[var(--sea-ink)]"
+        >
+          <span className="sr-only">Follow TanStack on X</span>
+          <svg viewBox="0 0 16 16" aria-hidden="true" width="32" height="32">
+            <path
+              fill="currentColor"
+              d="M12.6 1h2.2L10 6.48 15.64 15h-4.41L7.78 9.82 3.23 15H1l5.14-5.84L.72 1h4.52l3.12 4.73L12.6 1zm-.77 12.67h1.22L4.57 2.26H3.26l8.57 11.41z"
+            />
+          </svg>
+        </a>
+        <a
+          href="https://github.com/TanStack"
+          target="_blank"
+          rel="noreferrer"
+          className="rounded-xl p-2 text-[var(--sea-ink-soft)] transition hover:bg-[var(--link-bg-hover)] hover:text-[var(--sea-ink)]"
+        >
+          <span className="sr-only">Go to TanStack GitHub</span>
+          <svg viewBox="0 0 16 16" aria-hidden="true" width="32" height="32">
+            <path
+              fill="currentColor"
+              d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.012 8.012 0 0 0 16 8c0-4.42-3.58-8-8-8z"
+            />
+          </svg>
+        </a>
+      </div>
+    </footer>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/components/Header.tsx b/examples/coco/sample-apps/simple-app/src/components/Header.tsx
new file mode 100644
index 000000000..4b558fba2
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/components/Header.tsx
@@ -0,0 +1,78 @@
+import { Link } from '@tanstack/react-router'
+import ThemeToggle from './ThemeToggle'
+
+export default function Header() {
+  return (
+    <header className="sticky top-0 z-50 border-b border-[var(--line)] bg-[var(--header-bg)] px-4 backdrop-blur-lg">
+      <nav className="page-wrap flex flex-wrap items-center gap-x-3 gap-y-2 py-3 sm:py-4">
+        <h2 className="m-0 flex-shrink-0 text-base font-semibold tracking-tight">
+          <Link
+            to="/"
+            className="inline-flex items-center gap-2 rounded-full border border-[var(--chip-line)] bg-[var(--chip-bg)] px-3 py-1.5 text-sm text-[var(--sea-ink)] no-underline shadow-[0_8px_24px_rgba(30,90,72,0.08)] sm:px-4 sm:py-2"
+          >
+            <span className="h-2 w-2 rounded-full bg-[linear-gradient(90deg,#56c6be,#7ed3bf)]" />
+            TanStack Start
+          </Link>
+        </h2>
+
+        <div className="order-3 flex w-full flex-wrap items-center gap-x-4 gap-y-1 pb-1 text-sm font-semibold sm:order-none sm:w-auto sm:flex-nowrap sm:pb-0">
+          <Link
+            to="/"
+            className="nav-link"
+            activeProps={{ className: 'nav-link is-active' }}
+          >
+            Home
+          </Link>
+          <Link
+            to="/about"
+            className="nav-link"
+            activeProps={{ className: 'nav-link is-active' }}
+          >
+            About
+          </Link>
+          <a
+            href="https://tanstack.com/start/latest/docs/framework/react/overview"
+            className="nav-link"
+            target="_blank"
+            rel="noreferrer"
+          >
+            Docs
+          </a>
+        </div>
+
+        <div className="ml-auto flex items-center gap-1.5 sm:gap-2">
+          <a
+            href="https://x.com/tan_stack"
+            target="_blank"
+            rel="noreferrer"
+            className="hidden rounded-xl p-2 text-[var(--sea-ink-soft)] transition hover:bg-[var(--link-bg-hover)] hover:text-[var(--sea-ink)] sm:block"
+          >
+            <span className="sr-only">Follow TanStack on X</span>
+            <svg viewBox="0 0 16 16" aria-hidden="true" width="24" height="24">
+              <path
+                fill="currentColor"
+                d="M12.6 1h2.2L10 6.48 15.64 15h-4.41L7.78 9.82 3.23 15H1l5.14-5.84L.72 1h4.52l3.12 4.73L12.6 1zm-.77 12.67h1.22L4.57 2.26H3.26l8.57 11.41z"
+              />
+            </svg>
+          </a>
+          <a
+            href="https://github.com/TanStack"
+            target="_blank"
+            rel="noreferrer"
+            className="hidden rounded-xl p-2 text-[var(--sea-ink-soft)] transition hover:bg-[var(--link-bg-hover)] hover:text-[var(--sea-ink)] sm:block"
+          >
+            <span className="sr-only">Go to TanStack GitHub</span>
+            <svg viewBox="0 0 16 16" aria-hidden="true" width="24" height="24">
+              <path
+                fill="currentColor"
+                d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.012 8.012 0 0 0 16 8c0-4.42-3.58-8-8-8z"
+              />
+            </svg>
+          </a>
+
+          <ThemeToggle />
+        </div>
+      </nav>
+    </header>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/components/ThemeToggle.tsx b/examples/coco/sample-apps/simple-app/src/components/ThemeToggle.tsx
new file mode 100644
index 000000000..081ebe2b4
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/components/ThemeToggle.tsx
@@ -0,0 +1,81 @@
+import { useEffect, useState } from 'react'
+
+type ThemeMode = 'light' | 'dark' | 'auto'
+
+function getInitialMode(): ThemeMode {
+  if (typeof window === 'undefined') {
+    return 'auto'
+  }
+
+  const stored = window.localStorage.getItem('theme')
+  if (stored === 'light' || stored === 'dark' || stored === 'auto') {
+    return stored
+  }
+
+  return 'auto'
+}
+
+function applyThemeMode(mode: ThemeMode) {
+  const prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches
+  const resolved = mode === 'auto' ? (prefersDark ? 'dark' : 'light') : mode
+
+  document.documentElement.classList.remove('light', 'dark')
+  document.documentElement.classList.add(resolved)
+
+  if (mode === 'auto') {
+    document.documentElement.removeAttribute('data-theme')
+  } else {
+    document.documentElement.setAttribute('data-theme', mode)
+  }
+
+  document.documentElement.style.colorScheme = resolved
+}
+
+export default function ThemeToggle() {
+  const [mode, setMode] = useState<ThemeMode>('auto')
+
+  useEffect(() => {
+    const initialMode = getInitialMode()
+    setMode(initialMode)
+    applyThemeMode(initialMode)
+  }, [])
+
+  useEffect(() => {
+    if (mode !== 'auto') {
+      return
+    }
+
+    const media = window.matchMedia('(prefers-color-scheme: dark)')
+    const onChange = () => applyThemeMode('auto')
+
+    media.addEventListener('change', onChange)
+    return () => {
+      media.removeEventListener('change', onChange)
+    }
+  }, [mode])
+
+  function toggleMode() {
+    const nextMode: ThemeMode =
+      mode === 'light' ? 'dark' : mode === 'dark' ? 'auto' : 'light'
+    setMode(nextMode)
+    applyThemeMode(nextMode)
+    window.localStorage.setItem('theme', nextMode)
+  }
+
+  const label =
+    mode === 'auto'
+      ? 'Theme mode: auto (system). Click to switch to light mode.'
+      : `Theme mode: ${mode}. Click to switch mode.`
+
+  return (
+    <button
+      type="button"
+      onClick={toggleMode}
+      aria-label={label}
+      title={label}
+      className="rounded-full border border-[var(--chip-line)] bg-[var(--chip-bg)] px-3 py-1.5 text-sm font-semibold text-[var(--sea-ink)] shadow-[0_8px_22px_rgba(30,90,72,0.08)] transition hover:-translate-y-0.5"
+    >
+      {mode === 'auto' ? 'Auto' : mode === 'dark' ? 'Dark' : 'Light'}
+    </button>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/router.tsx b/examples/coco/sample-apps/simple-app/src/router.tsx
new file mode 100644
index 000000000..e7b1c4d2a
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/router.tsx
@@ -0,0 +1,19 @@
+import { createRouter as createTanStackRouter } from '@tanstack/react-router'
+import { routeTree } from './routeTree.gen'
+
+export function getRouter() {
+  const router = createTanStackRouter({
+    routeTree,
+    scrollRestoration: true,
+    defaultPreload: 'intent',
+    defaultPreloadStaleTime: 0,
+  })
+
+  return router
+}
+
+declare module '@tanstack/react-router' {
+  interface Register {
+    router: ReturnType<typeof getRouter>
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/src/routes/__root.tsx b/examples/coco/sample-apps/simple-app/src/routes/__root.tsx
new file mode 100644
index 000000000..3f7f8c21e
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/routes/__root.tsx
@@ -0,0 +1,61 @@
+import { HeadContent, Scripts, createRootRoute } from '@tanstack/react-router'
+import { TanStackRouterDevtoolsPanel } from '@tanstack/react-router-devtools'
+import { TanStackDevtools } from '@tanstack/react-devtools'
+import Footer from '../components/Footer'
+import Header from '../components/Header'
+
+import appCss from '../styles.css?url'
+
+const THEME_INIT_SCRIPT = `(function(){try{var stored=window.localStorage.getItem('theme');var mode=(stored==='light'||stored==='dark'||stored==='auto')?stored:'auto';var prefersDark=window.matchMedia('(prefers-color-scheme: dark)').matches;var resolved=mode==='auto'?(prefersDark?'dark':'light'):mode;var root=document.documentElement;root.classList.remove('light','dark');root.classList.add(resolved);if(mode==='auto'){root.removeAttribute('data-theme')}else{root.setAttribute('data-theme',mode)}root.style.colorScheme=resolved;}catch(e){}})();`
+
+export const Route = createRootRoute({
+  head: () => ({
+    meta: [
+      {
+        charSet: 'utf-8',
+      },
+      {
+        name: 'viewport',
+        content: 'width=device-width, initial-scale=1',
+      },
+      {
+        title: 'TanStack Start Starter',
+      },
+    ],
+    links: [
+      {
+        rel: 'stylesheet',
+        href: appCss,
+      },
+    ],
+  }),
+  shellComponent: RootDocument,
+})
+
+function RootDocument({ children }: { children: React.ReactNode }) {
+  return (
+    <html lang="en" suppressHydrationWarning>
+      <head>
+        <script dangerouslySetInnerHTML={{ __html: THEME_INIT_SCRIPT }} />
+        <HeadContent />
+      </head>
+      <body className="font-sans antialiased [overflow-wrap:anywhere] selection:bg-[rgba(79,184,178,0.24)]">
+        <Header />
+        {children}
+        <Footer />
+        <TanStackDevtools
+          config={{
+            position: 'bottom-right',
+          }}
+          plugins={[
+            {
+              name: 'Tanstack Router',
+              render: <TanStackRouterDevtoolsPanel />,
+            },
+          ]}
+        />
+        <Scripts />
+      </body>
+    </html>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/routes/about.tsx b/examples/coco/sample-apps/simple-app/src/routes/about.tsx
new file mode 100644
index 000000000..e5bc39938
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/routes/about.tsx
@@ -0,0 +1,23 @@
+import { createFileRoute } from '@tanstack/react-router'
+
+export const Route = createFileRoute('/about')({
+  component: About,
+})
+
+function About() {
+  return (
+    <main className="page-wrap px-4 py-12">
+      <section className="island-shell rounded-2xl p-6 sm:p-8">
+        <p className="island-kicker mb-2">About</p>
+        <h1 className="display-title mb-3 text-4xl font-bold text-[var(--sea-ink)] sm:text-5xl">
+          A small starter with room to grow.
+        </h1>
+        <p className="m-0 max-w-3xl text-base leading-8 text-[var(--sea-ink-soft)]">
+          TanStack Start gives you type-safe routing, server functions, and
+          modern SSR defaults. Use this as a clean foundation, then layer in
+          your own routes, styling, and add-ons.
+        </p>
+      </section>
+    </main>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/routes/index.tsx b/examples/coco/sample-apps/simple-app/src/routes/index.tsx
new file mode 100644
index 000000000..f732d8292
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/routes/index.tsx
@@ -0,0 +1,87 @@
+import { createFileRoute } from '@tanstack/react-router'
+
+export const Route = createFileRoute('/')({ component: App })
+
+function App() {
+  return (
+    <main className="page-wrap px-4 pb-8 pt-14">
+      <section className="island-shell rise-in relative overflow-hidden rounded-[2rem] px-6 py-10 sm:px-10 sm:py-14">
+        <div className="pointer-events-none absolute -left-20 -top-24 h-56 w-56 rounded-full bg-[radial-gradient(circle,rgba(79,184,178,0.32),transparent_66%)]" />
+        <div className="pointer-events-none absolute -bottom-20 -right-20 h-56 w-56 rounded-full bg-[radial-gradient(circle,rgba(47,106,74,0.18),transparent_66%)]" />
+        <p className="island-kicker mb-3">TanStack Start Base Template</p>
+        <h1 className="display-title mb-5 max-w-3xl text-4xl leading-[1.02] font-bold tracking-tight text-[var(--sea-ink)] sm:text-6xl">
+          Start simple, ship quickly.
+        </h1>
+        <p className="mb-8 max-w-2xl text-base text-[var(--sea-ink-soft)] sm:text-lg">
+          This base starter intentionally keeps things light: two routes, clean
+          structure, and the essentials you need to build from scratch.
+        </p>
+        <div className="flex flex-wrap gap-3">
+          <a
+            href="/about"
+            className="rounded-full border border-[rgba(50,143,151,0.3)] bg-[rgba(79,184,178,0.14)] px-5 py-2.5 text-sm font-semibold text-[var(--lagoon-deep)] no-underline transition hover:-translate-y-0.5 hover:bg-[rgba(79,184,178,0.24)]"
+          >
+            About This Starter
+          </a>
+          <a
+            href="https://tanstack.com/router"
+            target="_blank"
+            rel="noopener noreferrer"
+            className="rounded-full border border-[rgba(23,58,64,0.2)] bg-white/50 px-5 py-2.5 text-sm font-semibold text-[var(--sea-ink)] no-underline transition hover:-translate-y-0.5 hover:border-[rgba(23,58,64,0.35)]"
+          >
+            Router Guide
+          </a>
+        </div>
+      </section>
+
+      <section className="mt-8 grid gap-4 sm:grid-cols-2 lg:grid-cols-4">
+        {[
+          [
+            'Type-Safe Routing',
+            'Routes and links stay in sync across every page.',
+          ],
+          [
+            'Server Functions',
+            'Call server code from your UI without creating API boilerplate.',
+          ],
+          [
+            'Streaming by Default',
+            'Ship progressively rendered responses for faster experiences.',
+          ],
+          [
+            'Tailwind Native',
+            'Design quickly with utility-first styling and reusable tokens.',
+          ],
+        ].map(([title, desc], index) => (
+          <article
+            key={title}
+            className="island-shell feature-card rise-in rounded-2xl p-5"
+            style={{ animationDelay: `${index * 90 + 80}ms` }}
+          >
+            <h2 className="mb-2 text-base font-semibold text-[var(--sea-ink)]">
+              {title}
+            </h2>
+            <p className="m-0 text-sm text-[var(--sea-ink-soft)]">{desc}</p>
+          </article>
+        ))}
+      </section>
+
+      <section className="island-shell mt-8 rounded-2xl p-6">
+        <p className="island-kicker mb-2">Quick Start</p>
+        <ul className="m-0 list-disc space-y-2 pl-5 text-sm text-[var(--sea-ink-soft)]">
+          <li>
+            Edit <code>src/routes/index.tsx</code> to customize the home page.
+          </li>
+          <li>
+            Update <code>src/components/Header.tsx</code> and{' '}
+            <code>src/components/Footer.tsx</code> for brand links.
+          </li>
+          <li>
+            Add routes in <code>src/routes</code> and tweak visual tokens in{' '}
+            <code>src/styles.css</code>.
+          </li>
+        </ul>
+      </section>
+    </main>
+  )
+}
diff --git a/examples/coco/sample-apps/simple-app/src/styles.css b/examples/coco/sample-apps/simple-app/src/styles.css
new file mode 100644
index 000000000..3cd27e4cb
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/src/styles.css
@@ -0,0 +1,489 @@
+@import url('https://fonts.googleapis.com/css2?family=Fraunces:opsz,wght@9..144,500;9..144,700&family=Manrope:wght@400;500;600;700;800&display=swap');
+@import 'tailwindcss';
+@plugin "@tailwindcss/typography";
+
+@theme {
+  --font-sans: 'Manrope', ui-sans-serif, system-ui, sans-serif;
+}
+
+:root {
+  --sea-ink: #173a40;
+  --sea-ink-soft: #416166;
+  --lagoon: #4fb8b2;
+  --lagoon-deep: #328f97;
+  --palm: #2f6a4a;
+  --sand: #e7f0e8;
+  --foam: #f3faf5;
+  --surface: rgba(255, 255, 255, 0.74);
+  --surface-strong: rgba(255, 255, 255, 0.9);
+  --line: rgba(23, 58, 64, 0.14);
+  --inset-glint: rgba(255, 255, 255, 0.82);
+  --kicker: rgba(47, 106, 74, 0.9);
+  --bg-base: #e7f3ec;
+  --header-bg: rgba(251, 255, 248, 0.84);
+  --chip-bg: rgba(255, 255, 255, 0.8);
+  --chip-line: rgba(47, 106, 74, 0.18);
+  --link-bg-hover: rgba(255, 255, 255, 0.9);
+  --hero-a: rgba(79, 184, 178, 0.36);
+  --hero-b: rgba(47, 106, 74, 0.2);
+}
+
+:root[data-theme='dark'] {
+  --sea-ink: #d7ece8;
+  --sea-ink-soft: #afcdc8;
+  --lagoon: #60d7cf;
+  --lagoon-deep: #8de5db;
+  --palm: #6ec89a;
+  --sand: #0f1a1e;
+  --foam: #101d22;
+  --surface: rgba(16, 30, 34, 0.8);
+  --surface-strong: rgba(15, 27, 31, 0.92);
+  --line: rgba(141, 229, 219, 0.18);
+  --inset-glint: rgba(194, 247, 238, 0.14);
+  --kicker: #b8efe5;
+  --bg-base: #0a1418;
+  --header-bg: rgba(10, 20, 24, 0.8);
+  --chip-bg: rgba(13, 28, 32, 0.9);
+  --chip-line: rgba(141, 229, 219, 0.24);
+  --link-bg-hover: rgba(24, 44, 49, 0.8);
+  --hero-a: rgba(96, 215, 207, 0.18);
+  --hero-b: rgba(110, 200, 154, 0.12);
+}
+
+@media (prefers-color-scheme: dark) {
+  :root:not([data-theme='light']) {
+    --sea-ink: #d7ece8;
+    --sea-ink-soft: #afcdc8;
+    --lagoon: #60d7cf;
+    --lagoon-deep: #8de5db;
+    --palm: #6ec89a;
+    --sand: #0f1a1e;
+    --foam: #101d22;
+    --surface: rgba(16, 30, 34, 0.8);
+    --surface-strong: rgba(15, 27, 31, 0.92);
+    --line: rgba(141, 229, 219, 0.18);
+    --inset-glint: rgba(194, 247, 238, 0.14);
+    --kicker: #b8efe5;
+    --bg-base: #0a1418;
+    --header-bg: rgba(10, 20, 24, 0.8);
+    --chip-bg: rgba(13, 28, 32, 0.9);
+    --chip-line: rgba(141, 229, 219, 0.24);
+    --link-bg-hover: rgba(24, 44, 49, 0.8);
+    --hero-a: rgba(96, 215, 207, 0.18);
+    --hero-b: rgba(110, 200, 154, 0.12);
+  }
+}
+
+* {
+  box-sizing: border-box;
+}
+
+html,
+body,
+#app {
+  min-height: 100%;
+}
+
+body {
+  margin: 0;
+  color: var(--sea-ink);
+  font-family: var(--font-sans);
+  background-color: var(--bg-base);
+  background:
+    radial-gradient(1100px 620px at -8% -10%, var(--hero-a), transparent 58%),
+    radial-gradient(1050px 620px at 112% -12%, var(--hero-b), transparent 62%),
+    radial-gradient(
+      720px 380px at 50% 115%,
+      rgba(79, 184, 178, 0.1),
+      transparent 68%
+    ),
+    linear-gradient(
+      180deg,
+      color-mix(in oklab, var(--sand) 68%, white) 0%,
+      var(--foam) 44%,
+      var(--bg-base) 100%
+    );
+  overflow-x: hidden;
+  -webkit-font-smoothing: antialiased;
+  -moz-osx-font-smoothing: grayscale;
+}
+
+body::before {
+  content: '';
+  position: fixed;
+  inset: 0;
+  pointer-events: none;
+  z-index: -1;
+  opacity: 0.28;
+  background:
+    radial-gradient(
+      circle at 20% 15%,
+      rgba(255, 255, 255, 0.8),
+      transparent 34%
+    ),
+    radial-gradient(
+      circle at 78% 26%,
+      rgba(79, 184, 178, 0.2),
+      transparent 42%
+    ),
+    radial-gradient(circle at 42% 82%, rgba(47, 106, 74, 0.14), transparent 36%);
+}
+
+body::after {
+  content: '';
+  position: fixed;
+  inset: 0;
+  pointer-events: none;
+  z-index: -1;
+  opacity: 0.14;
+  background-image:
+    linear-gradient(rgba(255, 255, 255, 0.07) 1px, transparent 1px),
+    linear-gradient(90deg, rgba(255, 255, 255, 0.06) 1px, transparent 1px);
+  background-size: 28px 28px;
+  mask-image: radial-gradient(circle at 50% 30%, black, transparent 78%);
+}
+
+a {
+  color: var(--lagoon-deep);
+  text-decoration-color: rgba(50, 143, 151, 0.4);
+  text-decoration-thickness: 1px;
+  text-underline-offset: 2px;
+}
+
+a:hover {
+  color: #246f76;
+}
+
+code {
+  font-size: 0.9em;
+  border: 1px solid var(--line);
+  background: color-mix(in oklab, var(--surface-strong) 82%, white 18%);
+  border-radius: 7px;
+  padding: 2px 7px;
+}
+
+pre code {
+  border: 0;
+  background: transparent;
+  padding: 0;
+  border-radius: 0;
+  font-size: inherit;
+  color: inherit;
+}
+
+.page-wrap {
+  width: min(1080px, calc(100% - 2rem));
+  margin-inline: auto;
+}
+
+.display-title {
+  font-family: 'Fraunces', Georgia, serif;
+}
+
+.island-shell {
+  border: 1px solid var(--line);
+  background: linear-gradient(165deg, var(--surface-strong), var(--surface));
+  box-shadow:
+    0 1px 0 var(--inset-glint) inset,
+    0 22px 44px rgba(30, 90, 72, 0.1),
+    0 6px 18px rgba(23, 58, 64, 0.08);
+  backdrop-filter: blur(4px);
+}
+
+.feature-card {
+  background: linear-gradient(
+    165deg,
+    color-mix(in oklab, var(--surface-strong) 93%, white 7%),
+    var(--surface)
+  );
+  box-shadow:
+    0 1px 0 var(--inset-glint) inset,
+    0 18px 34px rgba(30, 90, 72, 0.1),
+    0 4px 14px rgba(23, 58, 64, 0.06);
+}
+
+.feature-card:hover {
+  transform: translateY(-2px);
+  border-color: color-mix(in oklab, var(--lagoon-deep) 35%, var(--line));
+}
+
+.demo-page {
+  width: min(1080px, calc(100% - 2rem));
+  margin-inline: auto;
+  padding-block: clamp(2.25rem, 6vw, 4.5rem);
+  color: var(--sea-ink);
+}
+
+.demo-page-wide {
+  width: min(1280px, calc(100% - 2rem));
+}
+
+.demo-center {
+  min-height: calc(100vh - 13rem);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+
+.demo-panel,
+.demo-card {
+  border: 1px solid var(--line);
+  background: linear-gradient(165deg, var(--surface-strong), var(--surface));
+  box-shadow:
+    0 1px 0 var(--inset-glint) inset,
+    0 18px 34px rgba(30, 90, 72, 0.1),
+    0 4px 14px rgba(23, 58, 64, 0.06);
+  backdrop-filter: blur(4px);
+}
+
+.demo-panel {
+  border-radius: 1.25rem;
+  padding: clamp(1.25rem, 4vw, 2rem);
+}
+
+.demo-card {
+  border-radius: 1rem;
+  padding: 1rem;
+}
+
+.demo-title {
+  margin: 0;
+  color: var(--sea-ink);
+  font-size: clamp(1.75rem, 4vw, 2.75rem);
+  line-height: 1.05;
+  font-weight: 800;
+  letter-spacing: 0;
+}
+
+.demo-section-title {
+  margin: 0;
+  color: var(--sea-ink);
+  font-size: 1rem;
+  font-weight: 700;
+}
+
+.demo-muted {
+  color: var(--sea-ink-soft);
+}
+
+.demo-input,
+.demo-select,
+.demo-textarea {
+  width: 100%;
+  border: 1px solid var(--line);
+  border-radius: 0.75rem;
+  background: color-mix(in oklab, var(--surface-strong) 88%, white 12%);
+  color: var(--sea-ink);
+  outline: none;
+  transition:
+    border-color 180ms ease,
+    box-shadow 180ms ease,
+    background-color 180ms ease;
+}
+
+.demo-input,
+.demo-select {
+  padding: 0.7rem 0.9rem;
+}
+
+.demo-input-fit {
+  width: auto;
+}
+
+.demo-textarea {
+  min-height: 7rem;
+  padding: 0.8rem 0.9rem;
+  resize: vertical;
+}
+
+.demo-input:focus,
+.demo-select:focus,
+.demo-textarea:focus {
+  border-color: color-mix(in oklab, var(--lagoon-deep) 58%, var(--line));
+  box-shadow: 0 0 0 3px color-mix(in oklab, var(--lagoon) 24%, transparent);
+}
+
+.demo-button {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  gap: 0.5rem;
+  border: 1px solid color-mix(in oklab, var(--lagoon-deep) 34%, var(--line));
+  border-radius: 0.85rem;
+  background: color-mix(in oklab, var(--lagoon) 22%, var(--surface-strong));
+  color: var(--sea-ink);
+  padding: 0.72rem 1rem;
+  font-size: 0.9rem;
+  font-weight: 700;
+  line-height: 1;
+  cursor: pointer;
+}
+
+.demo-button:hover {
+  transform: translateY(-1px);
+  background: color-mix(in oklab, var(--lagoon) 30%, var(--surface-strong));
+}
+
+.demo-button:disabled {
+  cursor: not-allowed;
+  opacity: 0.55;
+  transform: none;
+}
+
+.demo-button-secondary {
+  border-color: var(--line);
+  background: color-mix(in oklab, var(--surface-strong) 74%, transparent);
+  color: var(--sea-ink-soft);
+}
+
+.demo-button-danger {
+  border-color: rgba(196, 71, 71, 0.28);
+  background: rgba(196, 71, 71, 0.1);
+  color: #9f3030;
+}
+
+.demo-list-item {
+  border: 1px solid var(--line);
+  border-radius: 0.9rem;
+  background: color-mix(in oklab, var(--chip-bg) 82%, transparent);
+  padding: 0.9rem 1rem;
+}
+
+.demo-pill {
+  display: inline-flex;
+  align-items: center;
+  gap: 0.35rem;
+  border: 1px solid var(--chip-line);
+  border-radius: 999px;
+  background: var(--chip-bg);
+  color: var(--sea-ink-soft);
+  padding: 0.35rem 0.65rem;
+  font-size: 0.75rem;
+  font-weight: 700;
+}
+
+.demo-alert {
+  border: 1px solid rgba(193, 126, 42, 0.3);
+  border-radius: 1rem;
+  background: rgba(193, 126, 42, 0.1);
+  color: var(--sea-ink);
+  padding: 1rem;
+}
+
+.demo-alert-danger {
+  border-color: rgba(196, 71, 71, 0.3);
+  background: rgba(196, 71, 71, 0.1);
+}
+
+.demo-code-block {
+  border: 1px solid var(--line);
+  border-radius: 1rem;
+  background: color-mix(in oklab, var(--chip-bg) 88%, transparent);
+  color: var(--sea-ink);
+  padding: 1rem;
+}
+
+.demo-table-shell {
+  overflow-x: auto;
+  border: 1px solid var(--line);
+  border-radius: 1rem;
+  background: color-mix(in oklab, var(--surface-strong) 78%, transparent);
+}
+
+.demo-table {
+  width: 100%;
+  border-collapse: collapse;
+  color: var(--sea-ink);
+}
+
+.demo-table th,
+.demo-table td {
+  border-bottom: 1px solid var(--line);
+  padding: 0.75rem 1rem;
+  text-align: left;
+}
+
+.demo-table th {
+  background: color-mix(in oklab, var(--chip-bg) 88%, transparent);
+  color: var(--sea-ink);
+  font-weight: 700;
+}
+
+.demo-table tr:hover td {
+  background: color-mix(in oklab, var(--lagoon) 8%, transparent);
+}
+
+button,
+.island-shell,
+a {
+  transition:
+    background-color 180ms ease,
+    color 180ms ease,
+    border-color 180ms ease,
+    transform 180ms ease;
+}
+
+.island-kicker {
+  letter-spacing: 0.16em;
+  text-transform: uppercase;
+  font-weight: 700;
+  font-size: 0.69rem;
+  color: var(--kicker);
+}
+
+.nav-link {
+  position: relative;
+  display: inline-flex;
+  align-items: center;
+  text-decoration: none;
+  color: var(--sea-ink-soft);
+}
+
+.nav-link::after {
+  content: '';
+  position: absolute;
+  left: 0;
+  bottom: -6px;
+  width: 100%;
+  height: 2px;
+  transform: scaleX(0);
+  transform-origin: left;
+  background: linear-gradient(90deg, var(--lagoon), #7ed3bf);
+  transition: transform 170ms ease;
+}
+
+.nav-link:hover,
+.nav-link.is-active {
+  color: var(--sea-ink);
+}
+
+.nav-link:hover::after,
+.nav-link.is-active::after {
+  transform: scaleX(1);
+}
+
+@media (max-width: 640px) {
+  .nav-link::after {
+    bottom: -4px;
+  }
+}
+
+.site-footer {
+  border-top: 1px solid var(--line);
+  background: color-mix(in oklab, var(--header-bg) 84%, transparent 16%);
+}
+
+.rise-in {
+  animation: rise-in 700ms cubic-bezier(0.16, 1, 0.3, 1) both;
+}
+
+@keyframes rise-in {
+  from {
+    opacity: 0;
+    transform: translateY(12px);
+  }
+  to {
+    opacity: 1;
+    transform: translateY(0);
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/tsconfig.json b/examples/coco/sample-apps/simple-app/tsconfig.json
new file mode 100644
index 000000000..14525f4a5
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/tsconfig.json
@@ -0,0 +1,28 @@
+{
+  "include": ["**/*.ts", "**/*.tsx"],
+  "compilerOptions": {
+    "target": "ES2022",
+    "jsx": "react-jsx",
+    "module": "ESNext",
+    "paths": {
+      "#/*": ["./src/*"],
+      "@/*": ["./src/*"]
+    },
+    "lib": ["ES2022", "DOM", "DOM.Iterable"],
+    "types": ["vite/client"],
+
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": true,
+    "noEmit": true,
+
+    /* Linting */
+    "skipLibCheck": true,
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedSideEffectImports": true
+  }
+}
diff --git a/examples/coco/sample-apps/simple-app/tsr.config.json b/examples/coco/sample-apps/simple-app/tsr.config.json
new file mode 100644
index 000000000..8b6b6eddb
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/tsr.config.json
@@ -0,0 +1,3 @@
+{
+  "target": "react"
+}
diff --git a/examples/coco/sample-apps/simple-app/vite.config.ts b/examples/coco/sample-apps/simple-app/vite.config.ts
new file mode 100644
index 000000000..5a46a66cf
--- /dev/null
+++ b/examples/coco/sample-apps/simple-app/vite.config.ts
@@ -0,0 +1,21 @@
+import { defineConfig } from 'vite'
+import { devtools } from '@tanstack/devtools-vite'
+
+import { tanstackStart } from '@tanstack/react-start/plugin/vite'
+
+import viteReact from '@vitejs/plugin-react'
+import tailwindcss from '@tailwindcss/vite'
+import { nitro } from 'nitro/vite'
+
+const config = defineConfig({
+  resolve: { tsconfigPaths: true },
+  plugins: [
+    devtools(),
+    nitro({ rollupConfig: { external: [/^@sentry\//] } }),
+    tailwindcss(),
+    tanstackStart(),
+    viteReact(),
+  ],
+})
+
+export default config
diff --git a/examples/coco/scripts/reset-sample.mjs b/examples/coco/scripts/reset-sample.mjs
new file mode 100644
index 000000000..40cdda17b
--- /dev/null
+++ b/examples/coco/scripts/reset-sample.mjs
@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+/**
+ * Reset `examples/coco/sample-apps/simple-app/` back to its checked-in
+ * state — undoes any edits a coding-agent (or you) made while playing with
+ * Coco, but keeps `node_modules` so the next run doesn't reinstall.
+ *
+ * Steps:
+ *   1. `git restore HEAD -- <simple-app>`  — revert tracked-file edits.
+ *   2. `git clean -fd -- <simple-app>`     — drop untracked files (still
+ *      respects `.gitignore`, so `node_modules`, `dist`, `.tanstack`,
+ *      `.nitro`, etc. are left alone).
+ *
+ * Run as: `pnpm --filter coco sample:reset` (or `node scripts/reset-sample.mjs`).
+ */
+import { execFileSync } from 'node:child_process'
+import { existsSync } from 'node:fs'
+import path from 'node:path'
+import { fileURLToPath } from 'node:url'
+
+const here = path.dirname(fileURLToPath(import.meta.url))
+const pkgRoot = path.resolve(here, '..')
+const sampleAbs = path.join(pkgRoot, 'sample-apps', 'simple-app')
+
+const repoRoot = execFileSync('git', ['rev-parse', '--show-toplevel'], {
+  cwd: pkgRoot,
+  encoding: 'utf8',
+}).trim()
+const sampleRel = path.relative(repoRoot, sampleAbs)
+
+if (!existsSync(sampleAbs)) {
+  console.error(`[reset-sample] missing: ${sampleAbs}`)
+  process.exit(1)
+}
+
+const run = (args) => {
+  process.stdout.write(`[reset-sample] git ${args.join(' ')}\n`)
+  execFileSync('git', args, { cwd: repoRoot, stdio: 'inherit' })
+}
+
+try {
+  run(['restore', '--source=HEAD', '--staged', '--worktree', '--', sampleRel])
+} catch {
+  console.error(
+    '[reset-sample] git restore failed — has the sample-app been committed yet?',
+  )
+  process.exit(1)
+}
+
+run(['clean', '-fd', '--', sampleRel])
+
+process.stdout.write(
+  `[reset-sample] done. (node_modules and other ignored files preserved.)\n`,
+)
diff --git a/examples/coco/src/agent-status.ts b/examples/coco/src/agent-status.ts
new file mode 100644
index 000000000..d0edaef44
--- /dev/null
+++ b/examples/coco/src/agent-status.ts
@@ -0,0 +1,135 @@
+/**
+ * Node-side credential + install probe for each agent harness.
+ *
+ * Reports two things per agent:
+ *
+ * - `installed`  — the CLI binary is on `process.env.PATH` (cross-OS lookup,
+ *   honoring `PATHEXT` on Windows). The panel uses this to decide whether to
+ *   mount at all and which agents to list in the selector.
+ * - `configured` — credentials look plausible (env vars or known config
+ *   files). Drives the "needs setup" hint inside the panel.
+ *
+ * Lives in its own module (separate from `agents.ts`) so the browser-side
+ * panel bundle can pull in agent constants without dragging Node built-ins.
+ */
+import { access, constants } from 'node:fs/promises'
+import os from 'node:os'
+import path from 'node:path'
+import { AGENT_BIN } from './agents.ts'
+import type { AgentId } from './agents.ts'
+
+const fileExists = async (p: string): Promise<boolean> => {
+  try {
+    await access(p)
+    return true
+  } catch {
+    return false
+  }
+}
+
+const isExecutable = async (p: string): Promise<boolean> => {
+  try {
+    await access(p, constants.X_OK)
+    return true
+  } catch {
+    return false
+  }
+}
+
+const WINDOWS_EXTS = (process.env.PATHEXT ?? '.COM;.EXE;.BAT;.CMD')
+  .split(';')
+  .map((e) => e.toLowerCase())
+  .filter((e) => e.startsWith('.'))
+
+const PATH_EXTS = process.platform === 'win32' ? WINDOWS_EXTS : ['']
+
+/**
+ * Cross-OS PATH lookup. Returns true if `bin` resolves to an executable in
+ * any directory listed in `process.env.PATH`. On Windows we also try each
+ * `PATHEXT` extension; on POSIX we rely on the +x bit via `access(X_OK)`.
+ */
+export const findOnPath = async (bin: string): Promise<boolean> => {
+  const raw = process.env.PATH ?? ''
+  if (!raw) return false
+  const dirs = raw.split(path.delimiter).filter(Boolean)
+  for (const dir of dirs) {
+    for (const ext of PATH_EXTS) {
+      const candidate = path.join(dir, bin + ext)
+      if (process.platform === 'win32') {
+        if (await fileExists(candidate)) return true
+      } else if (await isExecutable(candidate)) {
+        return true
+      }
+    }
+  }
+  return false
+}
+
+export interface AgentStatus {
+  /** CLI binary is on PATH (or, in the case of `codex`, ships with the SDK). */
+  installed: boolean
+  /** Credentials look plausible (env vars / known config files). */
+  configured: boolean
+}
+
+export type AgentStatusMap = Record<AgentId, AgentStatus>
+
+const detectConfigured = async (): Promise<Record<AgentId, boolean>> => {
+  const home = os.homedir()
+  const env = process.env
+
+  const claudeCode =
+    Boolean(env.ANTHROPIC_API_KEY) ||
+    Boolean(env.CLAUDE_CODE_OAUTH_TOKEN) ||
+    (await fileExists(path.join(home, '.claude.json')))
+
+  const codex =
+    Boolean(env.OPENAI_API_KEY) ||
+    Boolean(env.CODEX_API_KEY) ||
+    (await fileExists(path.join(home, '.codex', 'auth.json')))
+
+  const geminiCli =
+    Boolean(env.GEMINI_API_KEY) || Boolean(env.GEMINI_ACP_AUTH_METHOD)
+
+  const opencode =
+    Boolean(env.ANTHROPIC_API_KEY) ||
+    Boolean(env.OPENAI_API_KEY) ||
+    Boolean(env.GEMINI_API_KEY) ||
+    (await fileExists(
+      path.join(home, '.local', 'share', 'opencode', 'auth.json'),
+    ))
+
+  return {
+    'claude-code': claudeCode,
+    codex,
+    'gemini-cli': geminiCli,
+    opencode,
+  }
+}
+
+export const detectAgentConfig = async (): Promise<AgentStatusMap> => {
+  const [configured, claudeOnPath, codexOnPath, geminiOnPath, opencodeOnPath] =
+    await Promise.all([
+      detectConfigured(),
+      findOnPath(AGENT_BIN['claude-code']),
+      findOnPath(AGENT_BIN['codex']),
+      findOnPath(AGENT_BIN['gemini-cli']),
+      findOnPath(AGENT_BIN['opencode']),
+    ])
+
+  return {
+    'claude-code': {
+      installed: claudeOnPath,
+      configured: configured['claude-code'],
+    },
+    codex: { installed: codexOnPath, configured: configured.codex },
+    'gemini-cli': {
+      installed: geminiOnPath,
+      configured: configured['gemini-cli'],
+    },
+    opencode: {
+      installed: opencodeOnPath,
+      configured: configured.opencode,
+    },
+  }
+}
diff --git a/examples/coco/src/agents.ts b/examples/coco/src/agents.ts
new file mode 100644
index 000000000..10e5b4db3
--- /dev/null
+++ b/examples/coco/src/agents.ts
@@ -0,0 +1,131 @@
+/**
+ * Registry of coding-agent harnesses Coco can drive.
+ *
+ * Pure data + types only — safe to import from both the Node CLI and the
+ * Shadow-DOM panel bundle. The runtime credential probe lives in
+ * `agent-status.ts` (Node-only).
+ *
+ * Ported from `examples/ts-react-coding-agent/src/lib/agents.ts`.
+ */
+
+export const AGENTS = [
+  { id: 'claude-code', label: 'Claude Code', bin: 'claude' },
+  { id: 'codex', label: 'Codex', bin: 'codex' },
+  { id: 'gemini-cli', label: 'Gemini CLI', bin: 'gemini' },
+  { id: 'opencode', label: 'OpenCode', bin: 'opencode' },
+] as const
+
+export type AgentId = 'claude-code' | 'codex' | 'gemini-cli' | 'opencode'
+
+/** Map AgentId -> CLI binary name expected on PATH. */
+export const AGENT_BIN: Record<AgentId, string> = {
+  'claude-code': 'claude',
+  codex: 'codex',
+  'gemini-cli': 'gemini',
+  opencode: 'opencode',
+}
+
+export const DEFAULT_AGENT: AgentId = 'claude-code'
+
+export const isAgentId = (value: unknown): value is AgentId =>
+  value === 'claude-code' ||
+  value === 'codex' ||
+  value === 'gemini-cli' ||
+  value === 'opencode'
+
+export type AgentMode = 'read-only' | 'edit'
+
+export const isAgentMode = (value: unknown): value is AgentMode =>
+  value === 'read-only' || value === 'edit'
+
+export interface SetupStep {
+  text: string
+  code?: string
+}
+
+export interface AgentSetup {
+  label: string
+  summary: string
+  steps: Array<SetupStep>
+  docsUrl: string
+}
+
+export const AGENT_SETUP: Record<AgentId, AgentSetup> = {
+  'claude-code': {
+    label: 'Claude Code',
+    summary:
+      'Drives the Claude Code CLI through @tanstack/ai-claude-code. Needs the CLI installed and authenticated on the machine running coco.',
+    steps: [
+      {
+        text: 'Install the Claude Code CLI:',
+        code: 'npm i -g @anthropic-ai/claude-code',
+      },
+      {
+        text: 'Log in interactively (uses your Claude subscription):',
+        code: 'claude login',
+      },
+      {
+        text: '…or set an API key in your shell environment instead:',
+        code: 'export ANTHROPIC_API_KEY=sk-ant-…',
+      },
+      { text: 'Restart coco so it picks up the new credentials.' },
+    ],
+    docsUrl: 'https://docs.anthropic.com/en/docs/claude-code',
+  },
+  codex: {
+    label: 'Codex',
+    summary:
+      'Drives OpenAI Codex through @tanstack/ai-codex. The codex binary ships with the SDK; you only need credentials.',
+    steps: [
+      { text: 'Log in interactively:', code: 'codex login' },
+      {
+        text: '…or set an API key in your shell environment instead:',
+        code: 'export OPENAI_API_KEY=sk-…',
+      },
+      {
+        text: 'Heads up: ChatGPT-account logins cannot run codex models in headless mode — an API key or an entitled account is required.',
+      },
+      { text: 'Restart coco so it picks up the new credentials.' },
+    ],
+    docsUrl: 'https://developers.openai.com/codex',
+  },
+  'gemini-cli': {
+    label: 'Gemini CLI',
+    summary:
+      'Drives the Gemini CLI over ACP through @tanstack/ai-gemini-cli. Needs a recent CLI and an ACP auth method chosen up front.',
+    steps: [
+      {
+        text: 'Install a current Gemini CLI (ACP mode needs a recent build):',
+        code: 'npm i -g @google/gemini-cli',
+      },
+      { text: 'Log in with Google once (interactive):', code: 'gemini' },
+      {
+        text: 'Headless ACP runs can’t show an auth picker, so tell coco which method to use:',
+        code: 'GEMINI_ACP_AUTH_METHOD=oauth-personal GEMINI_CLI_TRUST_WORKSPACE=true coco',
+      },
+      {
+        text: '…or use an API key instead (set GEMINI_ACP_AUTH_METHOD=gemini-api-key):',
+        code: 'export GEMINI_API_KEY=…',
+      },
+    ],
+    docsUrl: 'https://github.com/google-gemini/gemini-cli',
+  },
+  opencode: {
+    label: 'OpenCode',
+    summary:
+      'Drives OpenCode through @tanstack/ai-opencode. Needs the opencode CLI installed and a provider authenticated.',
+    steps: [
+      { text: 'Install the OpenCode CLI:', code: 'npm i -g opencode-ai' },
+      {
+        text: 'Authenticate a provider once (interactive):',
+        code: 'opencode auth login',
+      },
+      {
+        text: '…or set the provider API key in your shell environment instead:',
+        code: 'export ANTHROPIC_API_KEY=sk-ant-…',
+      },
+      { text: 'Restart coco so it picks up the new credentials.' },
+    ],
+    docsUrl: 'https://opencode.ai/docs',
+  },
+}
diff --git a/examples/coco/src/chat-handler.ts b/examples/coco/src/chat-handler.ts
new file mode 100644
index 000000000..e56e6b9f9
--- /dev/null
+++ b/examples/coco/src/chat-handler.ts
@@ -0,0 +1,166 @@
+/**
+ * Server-side chat handler for Coco.
+ *
+ * Mirrors `examples/ts-react-coding-agent/src/routes/api.chat.ts` but
+ *
+ * 1. runs inside Coco's own Node HTTP server (not TanStack Start),
+ * 2. uses `process.cwd()` as the agent's cwd so it edits the real project,
+ * 3. injects route + selected-element context from `forwardedProps` into the
+ *    system prompt so the agent knows what the user is looking at.
+ */
+import {
+  chat,
+  chatParamsFromRequestBody,
+  toServerSentEventsResponse,
+} from '@tanstack/ai'
+import { claudeCodeText } from '@tanstack/ai-claude-code'
+import { codexText } from '@tanstack/ai-codex'
+import { geminiCliText } from '@tanstack/ai-gemini-cli'
+import { opencodeText } from '@tanstack/ai-opencode'
+import { isAgentId, isAgentMode } from './agents.ts'
+import type { AnyTextAdapter } from '@tanstack/ai'
+import type { AgentId, AgentMode } from './agents.ts'
+
+const BASE_SYSTEM_PROMPT = `You are Coco, an in-browser coding assistant
+embedded as a floating panel inside the user's running dev server. You can
+read, search, and edit files in the project's working directory (the
+codebase the user is actively developing). Make changes there, and the dev
+server's HMR will reload the page automatically.
+
+Be concise. Prefer small, focused diffs. When the user references "this
+button", "this page", "this section", lean on the page-context block below
+to figure out which file/component they mean.`
+
+interface SelectedElement {
+  selector?: string
+  tagName?: string
+  textSnippet?: string
+  outerHTMLTruncated?: string
+}
+
+const isSelectedElement = (value: unknown): value is SelectedElement => {
+  if (!value || typeof value !== 'object') return false
+  const v = value as Record<string, unknown>
+  const stringy = (key: string) =>
+    v[key] === undefined || typeof v[key] === 'string'
+  return (
+    stringy('selector') &&
+    stringy('tagName') &&
+    stringy('textSnippet') &&
+    stringy('outerHTMLTruncated')
+  )
+}
+
+/** Build the per-turn context block prepended to the system prompt. */
+const buildContextPrompt = (
+  route: string | undefined,
+  selected: SelectedElement | undefined,
+): string => {
+  const lines: Array<string> = ['<page-context>']
+  if (route) lines.push(`Current route: ${route}`)
+  else lines.push('Current route: (unknown)')
+
+  if (selected) {
+    lines.push('Selected element:')
+    if (selected.tagName) lines.push(`  tag: ${selected.tagName}`)
+    if (selected.selector) lines.push(`  selector: ${selected.selector}`)
+    if (selected.textSnippet)
+      lines.push(`  text: ${JSON.stringify(selected.textSnippet)}`)
+    if (selected.outerHTMLTruncated)
+      lines.push(`  outerHTML (truncated):\n${selected.outerHTMLTruncated}`)
+  } else {
+    lines.push('Selected element: (none — user has not picked one)')
+  }
+  lines.push('</page-context>')
+  return lines.join('\n')
+}
+
+/** One harness adapter per agent id. */
+const createAdapter = (
+  agentId: AgentId,
+  mode: AgentMode,
+  cwd: string,
+): AnyTextAdapter => {
+  switch (agentId) {
+    case 'claude-code':
+      return claudeCodeText('claude-opus-4-8', {
+        cwd,
+        maxTurns: 25,
+        ...(mode === 'edit'
+          ? { permissionMode: 'acceptEdits' }
+          : { disallowedTools: ['Write', 'Edit', 'NotebookEdit', 'Bash'] }),
+      })
+    case 'codex':
+      return codexText('gpt-5.1-codex', {
+        cwd,
+        sandboxMode: mode === 'edit' ? 'workspace-write' : 'read-only',
+      })
+    case 'gemini-cli':
+      return geminiCliText('gemini-3-pro-preview', {
+        cwd,
+        permissionMode: mode === 'edit' ? 'acceptEdits' : 'default',
+        ...(process.env.GEMINI_ACP_AUTH_METHOD && {
+          authMethodId: process.env.GEMINI_ACP_AUTH_METHOD,
+        }),
+      })
+    case 'opencode':
+      return opencodeText('anthropic/claude-sonnet-4-5', {
+        directory: cwd,
+        permissionMode: mode === 'edit' ? 'acceptEdits' : 'default',
+      })
+  }
+}
+
+/**
+ * Handle a POST to `/__coco/api/chat`. The body is an AG-UI RunAgentInput
+ * payload; we extract `forwardedProps` for our config + page context, then
+ * dispatch to the selected harness adapter with `cwd` pinned to the project.
+ */
+export const handleChat = async (
+  request: Request,
+  projectCwd: string,
+): Promise<Response> => {
+  if (request.signal.aborted) {
+    return new Response(null, { status: 499 })
+  }
+  const abortController = new AbortController()
+  request.signal.addEventListener('abort', () => abortController.abort(), {
+    once: true,
+  })
+
+  let params
+  try {
+    params = await chatParamsFromRequestBody(await request.json())
+  } catch (error) {
+    return new Response(
+      error instanceof Error ? error.message : 'Bad request',
+      { status: 400 },
+    )
+  }
+
+  const fwd = params.forwardedProps
+  const agentId = isAgentId(fwd.agentId) ? fwd.agentId : 'claude-code'
+  const mode = isAgentMode(fwd.mode) ? fwd.mode : 'edit'
+  const sessionId =
+    typeof fwd.sessionId === 'string' && fwd.sessionId !== ''
+      ? fwd.sessionId
+      : undefined
+  const route = typeof fwd.route === 'string' ? fwd.route : undefined
+  const selectedElement = isSelectedElement(fwd.selectedElement)
+    ? fwd.selectedElement
+    : undefined
+
+  const contextPrompt = buildContextPrompt(route, selectedElement)
+
+  const stream = chat({
+    adapter: createAdapter(agentId, mode, projectCwd),
+    messages: params.messages,
+    systemPrompts: [BASE_SYSTEM_PROMPT, contextPrompt],
+    modelOptions: { sessionId },
+    threadId: params.threadId,
+    runId: params.runId,
+    abortController,
+  })
+
+  return toServerSentEventsResponse(stream, { abortController })
+}
diff --git a/examples/coco/src/cli.ts b/examples/coco/src/cli.ts
new file mode 100644
index 000000000..3190507d7
--- /dev/null
+++ b/examples/coco/src/cli.ts
@@ -0,0 +1,232 @@
+#!/usr/bin/env node
+/**
+ * Coco — drop-in CLI that wraps a project's dev server with an AI
+ * coding-agent chat panel.
+ *
+ * Usage:
+ *   coco                             # `pnpm dev` in cwd, proxy on :7777
+ *   coco --port 8080                 # custom proxy port
+ *   coco --command "npm run dev"     # custom dev command
+ *   coco --target http://localhost:5173  # skip spawning, just inject + proxy
+ *   coco --agent claude-code         # default agent (panel can switch later)
+ *   coco --mode read-only            # default mode
+ */
+import { existsSync } from 'node:fs'
+import { fileURLToPath } from 'node:url'
+import { parseArgs } from 'node:util'
+import path from 'node:path'
+import { startDevServer } from './dev-runner.ts'
+import { startProxyServer } from './proxy.ts'
+import { runInit } from './init.ts'
+import { DEFAULT_AGENT, isAgentId, isAgentMode } from './agents.ts'
+
+const HERE = path.dirname(fileURLToPath(import.meta.url))
+
+const DEFAULT_PORT = 7777
+const DEFAULT_COMMAND = 'pnpm dev'
+
+const usage = () => {
+  process.stdout.write(`coco — AI coding-agent overlay for your dev server
+
+Usage:
+  coco init [--dry-run]   Wire coco/vite into a TanStack Start / Vite project
+  coco [options]          Run the reverse-proxy dev overlay
+
+Options (proxy mode):
+  --port <n>         Port Coco listens on (default ${DEFAULT_PORT})
+  --command <cmd>    Dev-server command (default "${DEFAULT_COMMAND}")
+  --target <url>     Existing dev-server URL (skips spawning --command)
+  --agent <id>       Default agent: claude-code | codex | gemini-cli | opencode
+  --mode <m>         Default permission mode: edit | read-only
+  --help             Show this help
+
+For TanStack Start (recommended): \`coco init\` adds the coco/vite plugin to
+your vite config and you just run \`pnpm dev\`. The reverse-proxy CLI remains
+available for framework-agnostic projects.
+
+The chat panel can change the agent/mode at runtime — these flags only set
+the defaults. The selected agent (and edit-mode in particular) writes to
+your project's working directory; run inside a git repo.
+`)
+}
+
+const parseFlags = () => {
+  const { values } = parseArgs({
+    args: process.argv.slice(2),
+    options: {
+      port: { type: 'string' },
+      command: { type: 'string' },
+      target: { type: 'string' },
+      agent: { type: 'string' },
+      mode: { type: 'string' },
+      help: { type: 'boolean', short: 'h' },
+    },
+    strict: true,
+  })
+
+  if (values.help) {
+    usage()
+    process.exit(0)
+  }
+
+  const portStr = values.port ?? String(DEFAULT_PORT)
+  const port = Number.parseInt(portStr, 10)
+  if (!Number.isFinite(port) || port <= 0 || port > 65535) {
+    throw new Error(
+      `--port must be a valid TCP port, got ${JSON.stringify(portStr)}`,
+    )
+  }
+
+  const command = values.command ?? DEFAULT_COMMAND
+  const fixedTarget = values.target
+  const defaultAgent = values.agent
+  if (defaultAgent !== undefined && !isAgentId(defaultAgent)) {
+    throw new Error(
+      `--agent must be claude-code | codex | gemini-cli | opencode, got ${JSON.stringify(defaultAgent)}`,
+    )
+  }
+  const defaultMode = values.mode
+  if (defaultMode !== undefined && !isAgentMode(defaultMode)) {
+    throw new Error(
+      `--mode must be "edit" or "read-only", got ${JSON.stringify(defaultMode)}`,
+    )
+  }
+
+  return { port, command, fixedTarget, defaultAgent, defaultMode }
+}
+
+/**
+ * Resolve the panel-bundle path. In the workspace dev flow (`pnpm --filter
+ * coco dev`) it's `<pkg>/dist/client/client.js`; we also fall back to the
+ * source path before the build to surface a helpful error.
+ */
+const resolveBundlePath = (): { path: string; built: boolean } => {
+  // src/cli.ts is at examples/coco/src/cli.ts, so the bundle path is
+  // examples/coco/dist/client/client.js — two levels up from HERE.
+  const pkgRoot = path.resolve(HERE, '..')
+  const built = path.join(pkgRoot, 'dist', 'client', 'client.js')
+  return { path: built, built: existsSync(built) }
+}
+
+/**
+ * Subcommand dispatch. We pull off a leading non-flag arg (e.g. `init`)
+ * before handing the remainder to `parseArgs`, since `parseArgs` is strict
+ * about unknown positionals.
+ */
+const handleSubcommand = async (): Promise<boolean> => {
+  const argv = process.argv.slice(2)
+  if (argv.length === 0 || argv[0].startsWith('-')) return false
+  const sub = argv[0]
+  const rest = argv.slice(1)
+
+  if (sub === 'init') {
+    const { values } = parseArgs({
+      args: rest,
+      options: {
+        'dry-run': { type: 'boolean' },
+        help: { type: 'boolean', short: 'h' },
+      },
+      strict: true,
+    })
+    if (values.help) {
+      process.stdout.write(
+        'Usage: coco init [--dry-run]\n\n' +
+          "Adds the `coco/vite` plugin to your project's vite config and prints\n" +
+          'next steps. Idempotent — safe to re-run.\n',
+      )
+      process.exit(0)
+    }
+    const code = await runInit({
+      cwd: process.cwd(),
+      dryRun: Boolean(values['dry-run']),
+    })
+    process.exit(code)
+  }
+
+  process.stderr.write(`coco: unknown subcommand "${sub}"\n\n`)
+  usage()
+  process.exit(2)
+}
+
+const main = async () => {
+  if (await handleSubcommand()) return
+
+  let flags
+  try {
+    flags = parseFlags()
+  } catch (err) {
+    process.stderr.write(`${(err as Error).message}\n\n`)
+    usage()
+    process.exit(2)
+  }
+
+  const projectCwd = process.cwd()
+  const bundle = resolveBundlePath()
+  if (!bundle.built) {
+    process.stderr.write(
+      `[coco] warning: panel bundle missing at ${bundle.path}.\n` +
+        `        Build it once with: pnpm --filter coco build\n`,
+    )
+  }
+
+  process.stdout.write(`[coco] cwd = ${projectCwd}\n`)
+  if (flags.fixedTarget) {
+    process.stdout.write(
+      `[coco] using existing dev server at ${flags.fixedTarget}\n`,
+    )
+  } else {
+    process.stdout.write(`[coco] starting dev server: ${flags.command}\n`)
+  }
+
+  const dev = await startDevServer({
+    command: flags.command,
+    cwd: projectCwd,
+    fixedTarget: flags.fixedTarget,
+  })
+  process.stdout.write(`[coco] dev server target: ${dev.target}\n`)
+
+  const proxy = await startProxyServer({
+    target: dev.target,
+    port: flags.port,
+    projectCwd,
+    clientBundlePath: bundle.path,
+  })
+
+  // The default-agent / default-mode flags only feed the CLI banner; the
+  // panel reads its own defaults. Surface them so users see them in logs.
+  const agent = flags.defaultAgent ?? DEFAULT_AGENT
+  const mode = flags.defaultMode ?? 'edit'
+
+  process.stdout.write(
+    `\n[coco] 🥥 ready: ${proxy.url}  (agent default: ${agent}, mode: ${mode})\n\n`,
+  )
+
+  const shutdown = async (code = 0) => {
+    process.stdout.write('\n[coco] shutting down…\n')
+    try {
+      await proxy.stop()
+    } catch {
+      // ignore
+    }
+    if (dev.child && !dev.child.killed) dev.child.kill('SIGTERM')
+    process.exit(code)
+  }
+
+  process.on('SIGINT', () => void shutdown(0))
+  process.on('SIGTERM', () => void shutdown(0))
+  if (dev.child) {
+    dev.child.on('exit', (code) => {
+      process.stdout.write(
+        `[coco] dev server exited (${code}); stopping coco.\n`,
+      )
+      void shutdown(code ?? 0)
+    })
+  }
+}
+
+main().catch((err) => {
+  process.stderr.write(
+    `[coco] fatal: ${err instanceof Error ? err.stack : String(err)}\n`,
+  )
+  process.exit(1)
+})
diff --git a/examples/coco/src/client/chat.ts b/examples/coco/src/client/chat.ts
new file mode 100644
index 000000000..6e9d2253d
--- /dev/null
+++ b/examples/coco/src/client/chat.ts
@@ -0,0 +1,109 @@
+/**
+ * Thin wrapper around `@tanstack/ai-client`'s `ChatClient` configured to
+ * speak to Coco's `/__coco/api/chat` endpoint. The wrapper:
+ *
+ * - keeps the latest `forwardedProps` (agent / mode / sessionId / route /
+ *   selectedElement) up to date,
+ * - exposes `setAgent`, `setMode`, `setRoute`, `setSelected` setters,
+ * - pulls the session-id back out of `<agent>.session-id` custom events so
+ *   follow-ups continue the same harness session.
+ */
+import { ChatClient, fetchServerSentEvents } from '@tanstack/ai-client'
+import type { UIMessage } from '@tanstack/ai-client'
+import type { AgentId, AgentMode } from '../agents.ts'
+import type { SelectedElement } from './context.ts'
+
+interface ForwardedProps {
+  [key: string]: unknown
+  agentId: AgentId
+  mode: AgentMode
+  sessionId?: string
+  route?: string
+  selectedElement?: SelectedElement | null
+}
+
+export interface CocoChatCallbacks {
+  onMessages: (messages: Array<UIMessage>) => void
+  onLoading: (loading: boolean) => void
+  onError: (error: string | null) => void
+  /** Emitted as soon as `sendMessage` is invoked, before any network I/O. */
+  onSubmit?: () => void
+}
+
+export class CocoChat {
+  private readonly client: ChatClient
+  private readonly callbacks: CocoChatCallbacks
+  private fwd: ForwardedProps
+
+  constructor(agent: AgentId, mode: AgentMode, callbacks: CocoChatCallbacks) {
+    this.callbacks = callbacks
+    this.fwd = { agentId: agent, mode }
+    this.client = new ChatClient({
+      connection: fetchServerSentEvents('/__coco/api/chat'),
+      forwardedProps: this.fwd,
+      onMessagesChange: callbacks.onMessages,
+      onLoadingChange: callbacks.onLoading,
+      onErrorChange: (err) =>
+        callbacks.onError(err ? err.message || String(err) : null),
+      onCustomEvent: (eventType, data) => {
+        if (
+          eventType.endsWith('.session-id') &&
+          data &&
+          typeof data === 'object' &&
+          'sessionId' in (data as Record<string, unknown>) &&
+          typeof (data as { sessionId?: unknown }).sessionId === 'string'
+        ) {
+          this.fwd.sessionId = (data as { sessionId: string }).sessionId
+          this.applyForwardedProps()
+        }
+      },
+    })
+  }
+
+  private applyForwardedProps() {
+    this.client.updateOptions({ forwardedProps: this.fwd })
+  }
+
+  send(text: string) {
+    this.applyForwardedProps()
+    console.debug('[coco] send →', { text, forwardedProps: this.fwd })
+    this.callbacks.onSubmit?.()
+    void this.client.sendMessage(text).catch((err) => {
+      console.error('[coco] sendMessage failed:', err)
+      this.callbacks.onError(err instanceof Error ? err.message : String(err))
+    })
+  }
+
+  clear() {
+    this.client.clear()
+    this.fwd.sessionId = undefined
+    this.applyForwardedProps()
+  }
+
+  setAgent(agent: AgentId) {
+    if (this.fwd.agentId === agent) return
+    this.fwd.agentId = agent
+    this.fwd.sessionId = undefined
+    this.applyForwardedProps()
+    this.client.clear()
+  }
+
+  setMode(mode: AgentMode) {
+    this.fwd.mode = mode
+    this.applyForwardedProps()
+  }
+
+  setRoute(route: string) {
+    this.fwd.route = route
+    this.applyForwardedProps()
+  }
+
+  setSelected(selected: SelectedElement | null) {
+    this.fwd.selectedElement = selected
+    this.applyForwardedProps()
+  }
+
+  getMessages(): Array<UIMessage> {
+    return this.client.getMessages()
+  }
+}
diff --git a/examples/coco/src/client/context.ts b/examples/coco/src/client/context.ts
new file mode 100644
index 000000000..2b3d0047b
--- /dev/null
+++ b/examples/coco/src/client/context.ts
@@ -0,0 +1,206 @@
+/**
+ * Page-context utilities for the Coco panel:
+ *
+ * - `watchRoute(cb)`: subscribes to SPA navigations (`pushState`,
+ *   `replaceState`, `popstate`) and fires `cb(currentRoute)` whenever the
+ *   route changes. Returns an unsubscribe.
+ * - `pickElement()`: opens a one-shot picker — the user clicks an element
+ *   anywhere on the page, and we resolve with a context blob describing it.
+ */
+
+export interface SelectedElement {
+  selector: string
+  tagName: string
+  textSnippet: string
+  outerHTMLTruncated: string
+}
+
+const currentRoute = (): string =>
+  window.location.pathname + window.location.search + window.location.hash
+
+/**
+ * Subscribe to route changes (SPA nav + back/forward). The callback is
+ * invoked synchronously once on subscribe with the current route.
+ */
+export const watchRoute = (cb: (route: string) => void): (() => void) => {
+  let last = currentRoute()
+  cb(last)
+  const fire = () => {
+    const next = currentRoute()
+    if (next !== last) {
+      last = next
+      cb(next)
+    }
+  }
+
+  const origPush = history.pushState
+  const origReplace = history.replaceState
+  history.pushState = function (...args) {
+    const result = origPush.apply(this, args)
+    queueMicrotask(fire)
+    return result
+  }
+  history.replaceState = function (...args) {
+    const result = origReplace.apply(this, args)
+    queueMicrotask(fire)
+    return result
+  }
+  const onPop = () => fire()
+  window.addEventListener('popstate', onPop)
+  window.addEventListener('hashchange', onPop)
+
+  return () => {
+    history.pushState = origPush
+    history.replaceState = origReplace
+    window.removeEventListener('popstate', onPop)
+    window.removeEventListener('hashchange', onPop)
+  }
+}
+
+/** Build a reasonably stable CSS selector for an element. */
+const buildSelector = (el: Element): string => {
+  if (el.id) return `#${CSS.escape(el.id)}`
+  const parts: Array<string> = []
+  let current: Element | null = el
+  let depth = 0
+  while (current && current.nodeType === 1 && depth < 4) {
+    let part = current.tagName.toLowerCase()
+    if (current.classList.length) {
+      part +=
+        '.' +
+        Array.from(current.classList).slice(0, 2).map(CSS.escape).join('.')
+    } else {
+      const parent = current.parentElement
+      if (parent) {
+        const sameTag = Array.from(parent.children).filter(
+          (c) => c.tagName === current!.tagName,
+        )
+        if (sameTag.length > 1) {
+          const idx = sameTag.indexOf(current) + 1
+          part += `:nth-of-type(${idx})`
+        }
+      }
+    }
+    parts.unshift(part)
+    if (current.id) break
+    current = current.parentElement
+    depth++
+  }
+  return parts.join(' > ')
+}
+
+const truncate = (s: string, n: number) =>
+  s.length <= n ? s : s.slice(0, n - 1) + '…'
+
+const describeElement = (el: Element): SelectedElement => ({
+  selector: buildSelector(el),
+  tagName: el.tagName.toLowerCase(),
+  textSnippet: truncate(
+    (el.textContent ?? '').trim().replace(/\s+/g, ' '),
+    200,
+  ),
+  outerHTMLTruncated: truncate(el.outerHTML, 1500),
+})
+
+const PICKER_STYLE_ID = '__coco-picker-style'
+const PICKER_CLASS = '__coco-picker-hover'
+
+const ensurePickerStyles = () => {
+  if (document.getElementById(PICKER_STYLE_ID)) return
+  const style = document.createElement('style')
+  style.id = PICKER_STYLE_ID
+  style.textContent = `
+    .${PICKER_CLASS} {
+      outline: 2px solid #f59e0b !important;
+      outline-offset: 1px !important;
+      cursor: crosshair !important;
+    }
+    body.__coco-picker-active, body.__coco-picker-active * {
+      cursor: crosshair !important;
+    }
+  `
+  document.head.appendChild(style)
+}
+
+/**
+ * Activate the element picker. Returns a promise that resolves with the
+ * selected element's metadata when the user clicks, or `null` if they hit
+ * Escape / call `cancel()`.
+ */
+export interface ElementPickerHandle {
+  promise: Promise<SelectedElement | null>
+  cancel: () => void
+}
+
+export const pickElement = (cocoHost: HTMLElement): ElementPickerHandle => {
+  ensurePickerStyles()
+  let lastHover: Element | null = null
+  let cancelled = false
+
+  const setHover = (el: Element | null) => {
+    if (lastHover && lastHover !== el) {
+      lastHover.classList.remove(PICKER_CLASS)
+    }
+    if (el) el.classList.add(PICKER_CLASS)
+    lastHover = el
+  }
+
+  document.body.classList.add('__coco-picker-active')
+
+  let resolve!: (value: SelectedElement | null) => void
+  const promise = new Promise<SelectedElement | null>((r) => {
+    resolve = r
+  })
+
+  const cleanup = () => {
+    document.body.classList.remove('__coco-picker-active')
+    setHover(null)
+    window.removeEventListener('mousemove', onMove, true)
+    window.removeEventListener('click', onClick, true)
+    window.removeEventListener('keydown', onKey, true)
+  }
+
+  const onMove = (e: MouseEvent) => {
+    if (cancelled) return
+    const target = document.elementFromPoint(e.clientX, e.clientY)
+    if (!target) return
+    if (target === cocoHost || cocoHost.contains(target)) {
+      setHover(null)
+      return
+    }
+    setHover(target)
+  }
+
+  const onClick = (e: MouseEvent) => {
+    if (cancelled) return
+    const target = document.elementFromPoint(e.clientX, e.clientY)
+    if (!target || target === cocoHost || cocoHost.contains(target)) return
+    e.preventDefault()
+    e.stopPropagation()
+    e.stopImmediatePropagation()
+    cleanup()
+    resolve(describeElement(target))
+  }
+
+  const onKey = (e: KeyboardEvent) => {
+    if (e.key === 'Escape') {
+      cancelled = true
+      cleanup()
+      resolve(null)
+    }
+  }
+
+  window.addEventListener('mousemove', onMove, true)
+  window.addEventListener('click', onClick, true)
+  window.addEventListener('keydown', onKey, true)
+
+  return {
+    promise,
+    cancel: () => {
+      if (cancelled) return
+      cancelled = true
+      cleanup()
+      resolve(null)
+    },
+  }
+}
diff --git a/examples/coco/src/client/index.ts b/examples/coco/src/client/index.ts
new file mode 100644
index 000000000..cc52b5ef6
--- /dev/null
+++ b/examples/coco/src/client/index.ts
@@ -0,0 +1,168 @@
+/**
+ * Coco panel entry point — runs in the user's page after the proxy injects
+ * `<script src="/__coco/client.js">`. Mounts the Shadow-DOM panel, wires it
+ * to a `ChatClient` (talking to `/__coco/api/chat`), tracks the current
+ * route, and powers the click-to-select element picker.
+ */
+import { AGENTS, DEFAULT_AGENT } from '../agents.ts'
+import { CocoChat } from './chat.ts'
+import { Panel } from './panel.ts'
+import { pickElement, watchRoute } from './context.ts'
+import type { AgentId, AgentMode } from '../agents.ts'
+import type { AgentStatusMap } from './panel.ts'
+import type { ElementPickerHandle, SelectedElement } from './context.ts'
+
+const MOUNT_FLAG = '__coco_mounted__'
+
+const fetchAgentConfig = async (): Promise<AgentStatusMap | null> => {
+  try {
+    const res = await fetch('/__coco/api/agents', { cache: 'no-store' })
+    if (!res.ok) throw new Error(`HTTP ${res.status}`)
+    return (await res.json()) as AgentStatusMap
+  } catch (err) {
+    console.warn(
+      '[coco] failed to fetch /__coco/api/agents; sends will still work but the "needs setup" hint is unavailable.',
+      err,
+    )
+    return null
+  }
+}
+
+/** First installed agent (used to default the selector when the default is missing). */
+const firstInstalled = (status: AgentStatusMap): AgentId | null => {
+  for (const a of AGENTS) {
+    if (status[a.id].installed) return a.id
+  }
+  return null
+}
+
+const main = async () => {
+  const w = window as unknown as Record<string, unknown>
+  if (w[MOUNT_FLAG]) return
+  w[MOUNT_FLAG] = true
+
+  // Gate panel mount on having at least one supported agent CLI installed.
+  // If we can't reach `/__coco/api/agents` (e.g. proxy/plugin not active) we
+  // still mount the panel — the legacy proxy CLI relied on this and we don't
+  // want to regress that path. Only an explicit "all four uninstalled"
+  // response suppresses the panel.
+  const initialStatus = await fetchAgentConfig()
+  if (initialStatus && !firstInstalled(initialStatus)) {
+    console.info(
+      '[coco] no supported coding-agent CLI found on PATH; panel hidden. ' +
+        'Install one of: claude, codex, gemini, opencode.',
+    )
+    return
+  }
+
+  let picker: ElementPickerHandle | null = null
+
+  // Default to the configured default agent if it's installed; otherwise
+  // pick the first installed one we can find.
+  let agent: AgentId =
+    initialStatus && !initialStatus[DEFAULT_AGENT].installed
+      ? (firstInstalled(initialStatus) ?? DEFAULT_AGENT)
+      : DEFAULT_AGENT
+  let mode: AgentMode = 'edit'
+
+  const panel = new Panel(
+    {
+      send: (text) => chat.send(text),
+      newSession: () => {
+        chat.clear()
+        panel.setState({ error: null, status: 'idle' })
+      },
+      selectAgent: (id) => {
+        agent = id
+        chat.setAgent(id)
+        const cfg = panel.getState().configured
+        const known = cfg !== null
+        panel.setState({
+          agent: id,
+          setupOpen: known && !cfg[id].configured ? id : null,
+        })
+      },
+      selectMode: (m) => {
+        mode = m
+        chat.setMode(m)
+        panel.setState({ mode: m })
+      },
+      togglePicker: () => {
+        if (picker) {
+          picker.cancel()
+          picker = null
+          panel.setState({ picking: false })
+          return
+        }
+        panel.setState({ picking: true })
+        picker = pickElement(panel.hostElement)
+        picker.promise.then((selected: SelectedElement | null) => {
+          picker = null
+          chat.setSelected(selected)
+          panel.setState({ picking: false, selected })
+        })
+      },
+      clearSelection: () => {
+        chat.setSelected(null)
+        panel.setState({ selected: null })
+      },
+      openSetup: (id) => panel.setState({ setupOpen: id }),
+      closeSetup: () => panel.setState({ setupOpen: null }),
+      openPanel: () => panel.setState({ open: true }),
+      closePanel: () => panel.setState({ open: false }),
+    },
+    { agent, configured: initialStatus ?? null },
+  )
+
+  const chat = new CocoChat(agent, mode, {
+    onSubmit: () => panel.setState({ status: 'sending', error: null }),
+    onMessages: (messages) => {
+      // The first chunk that creates an assistant message means the stream
+      // has started — flip from sending → streaming.
+      const cur = panel.getState()
+      const patch: Parameters<typeof panel.setState>[0] = { messages }
+      if (
+        cur.status === 'sending' &&
+        messages.some((m) => m.role === 'assistant')
+      ) {
+        patch.status = 'streaming'
+      }
+      panel.setState(patch)
+    },
+    onLoading: (isLoading) => {
+      const patch: Parameters<typeof panel.setState>[0] = { isLoading }
+      if (!isLoading) patch.status = 'idle'
+      else if (panel.getState().status === 'idle') patch.status = 'sending'
+      panel.setState(patch)
+    },
+    onError: (error) =>
+      panel.setState({
+        error,
+        status: error ? 'idle' : panel.getState().status,
+      }),
+  })
+
+  // Initial route + watcher.
+  const stopWatch = watchRoute((route) => {
+    chat.setRoute(route)
+    panel.setState({ route })
+  })
+
+  document.body.appendChild(panel.hostElement)
+
+  // Clean up if the host page unloads (mostly defensive; HMR replaces the
+  // page rather than running our cleanup).
+  window.addEventListener('beforeunload', stopWatch, { once: true })
+}
+
+if (document.readyState === 'loading') {
+  document.addEventListener(
+    'DOMContentLoaded',
+    () => {
+      void main()
+    },
+    { once: true },
+  )
+} else {
+  void main()
+}
diff --git a/examples/coco/src/client/panel.ts b/examples/coco/src/client/panel.ts
new file mode 100644
index 000000000..65acfca50
--- /dev/null
+++ b/examples/coco/src/client/panel.ts
@@ -0,0 +1,439 @@
+/**
+ * Shadow-DOM chat panel UI for Coco. Vanilla TS, no framework.
+ *
+ * Owns:
+ *
+ * - the floating launcher + the panel element,
+ * - rendering of `UIMessage[]` (text, thinking, tool-call parts),
+ * - the agent / mode selectors,
+ * - the context chips (current route + currently picked element),
+ * - the setup dialog shown when the chosen agent isn't configured.
+ *
+ * The chat I/O itself lives in `chat.ts` (ChatClient wrapper); this module
+ * accepts callbacks from `index.ts` so the two stay independent.
+ */
+import { AGENTS, AGENT_SETUP, DEFAULT_AGENT } from '../agents.ts'
+import { PANEL_CSS } from './styles.ts'
+import type { AgentId, AgentMode } from '../agents.ts'
+import type { SelectedElement } from './context.ts'
+import type { UIMessage } from '@tanstack/ai-client'
+
+export interface AgentStatus {
+  installed: boolean
+  configured: boolean
+}
+
+export type AgentStatusMap = Record<AgentId, AgentStatus>
+
+/** @deprecated Kept for backwards compat; prefer `AgentStatusMap`. */
+export type AgentConfigMap = AgentStatusMap
+
+export interface PanelCallbacks {
+  send: (text: string) => void
+  newSession: () => void
+  selectAgent: (id: AgentId) => void
+  selectMode: (mode: AgentMode) => void
+  togglePicker: () => void
+  clearSelection: () => void
+  openSetup: (id: AgentId) => void
+  closeSetup: () => void
+  openPanel: () => void
+  closePanel: () => void
+}
+
+export interface PanelState {
+  open: boolean
+  agent: AgentId
+  mode: AgentMode
+  /**
+   * Per-agent install + credential status. `null` when we haven't fetched
+   * `/__coco/api/agents` yet (or it errored); when null the panel shows a
+   * soft "(checking…)" and DOES NOT block sends — we let the server's
+   * response speak for itself.
+   */
+  configured: AgentStatusMap | null
+  route: string
+  selected: SelectedElement | null
+  picking: boolean
+  messages: Array<UIMessage>
+  isLoading: boolean
+  /**
+   * High-level status for the in-flight indicator. `idle` means nothing is
+   * happening; `sending` is the moment between submit and the first server
+   * chunk; `streaming` is once we've started receiving chunks.
+   */
+  status: 'idle' | 'sending' | 'streaming'
+  error: string | null
+  setupOpen: AgentId | null
+}
+
+const escapeHtml = (s: string) =>
+  s
+    .replace(/&/g, '&amp;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&#39;')
+
+const truncate = (s: string, n: number) =>
+  s.length <= n ? s : s.slice(0, n - 1) + '…'
+
+const renderMessage = (m: UIMessage): string => {
+  if (m.role === 'user') {
+    const text = m.parts
+      .filter((p): p is { type: 'text'; content: string } => p.type === 'text')
+      .map((p) => p.content)
+      .join('')
+    return `<div class="msg user"><div class="bubble">${escapeHtml(text)}</div></div>`
+  }
+  if (m.role !== 'assistant') return ''
+  const parts = m.parts
+    .map((p) => {
+      if (p.type === 'text' && p.content.trim()) {
+        return `<div class="text">${escapeHtml(p.content)}</div>`
+      }
+      if (p.type === 'thinking' && p.content.trim()) {
+        return `<div class="thinking">${escapeHtml(p.content)}</div>`
+      }
+      if (p.type === 'tool-call') {
+        let args = p.arguments
+        try {
+          args = JSON.stringify(JSON.parse(p.arguments), null, 2)
+        } catch {
+          // keep raw
+        }
+        const output =
+          p.output === undefined
+            ? ''
+            : `<pre>${escapeHtml(
+                typeof p.output === 'string'
+                  ? p.output
+                  : JSON.stringify(p.output, null, 2),
+              )}</pre>`
+        const state = p.output !== undefined ? 'done' : p.state
+        return `<details class="tool">
+          <summary>🔧 ${escapeHtml(p.name)}<span class="state">${escapeHtml(String(state))}</span></summary>
+          <div class="body">
+            <pre>${escapeHtml(args ?? '')}</pre>
+            ${output}
+          </div>
+        </details>`
+      }
+      return ''
+    })
+    .join('')
+  return `<div class="msg assistant">${parts}</div>`
+}
+
+/**
+ * Render the entire panel root from a snapshot of state.
+ *
+ * We do a coarse full-rerender of the messages region; for ~hundreds of
+ * messages this is more than fast enough and keeps the implementation
+ * tiny. A more sophisticated diff is overkill for an example.
+ */
+export class Panel {
+  readonly hostElement: HTMLElement
+  readonly root: ShadowRoot
+  private readonly rootEl: HTMLElement
+  private readonly callbacks: PanelCallbacks
+  private state: PanelState
+  private inputDraft = ''
+
+  constructor(callbacks: PanelCallbacks, initial?: Partial<PanelState>) {
+    this.callbacks = callbacks
+    this.state = {
+      open: false,
+      agent: DEFAULT_AGENT,
+      mode: 'edit',
+      configured: null,
+      route: window.location.pathname,
+      selected: null,
+      picking: false,
+      messages: [],
+      isLoading: false,
+      status: 'idle',
+      error: null,
+      setupOpen: null,
+      ...initial,
+    }
+
+    this.hostElement = document.createElement('div')
+    this.hostElement.id = '__coco-host'
+    this.hostElement.style.all = 'initial'
+    this.root = this.hostElement.attachShadow({ mode: 'open' })
+
+    const styleEl = document.createElement('style')
+    styleEl.textContent = PANEL_CSS
+    this.root.appendChild(styleEl)
+
+    this.rootEl = document.createElement('div')
+    this.rootEl.className = 'root'
+    this.root.appendChild(this.rootEl)
+
+    this.render()
+  }
+
+  setState(patch: Partial<PanelState>) {
+    this.state = { ...this.state, ...patch }
+    this.render()
+  }
+
+  getState(): Readonly<PanelState> {
+    return this.state
+  }
+
+  /**
+   * Render is intentionally idempotent — we recreate the DOM each time
+   * and re-bind events. To preserve the user's draft mid-typing we read
+   * the textarea before the rebuild and write it back after.
+   */
+  private render() {
+    const ta = this.rootEl.querySelector<HTMLTextAreaElement>('.input')
+    if (ta) this.inputDraft = ta.value
+
+    const s = this.state
+    const launcherHtml = `
+      <button class="launcher${s.open ? ' hidden' : ''}${s.status !== 'idle' ? ' busy' : ''}" type="button" aria-label="Open Coco">
+        🥥${s.status !== 'idle' ? '<span class="launcher-dot"></span>' : ''}
+      </button>
+    `
+
+    const setupHtml = s.setupOpen ? this.renderSetup(s.setupOpen) : ''
+
+    // `configured === null` means we haven't successfully fetched the agent
+    // status yet — show a soft pending hint but never block the user.
+    const cfgKnown = s.configured !== null
+    const isConfigured = cfgKnown && s.configured![s.agent].configured
+    const notice =
+      cfgKnown && !isConfigured
+        ? `<div class="notice">
+            <span style="flex:1">⚠️ ${escapeHtml(AGENT_SETUP[s.agent].label)} isn't configured. Sending anyway will likely fail.</span>
+            <button class="btn" data-action="open-setup">Setup</button>
+          </div>`
+        : ''
+
+    const chips: Array<string> = []
+    chips.push(
+      `<span class="chip" title="Current route">📍 <code>${escapeHtml(s.route)}</code></span>`,
+    )
+    if (s.selected) {
+      const label = s.selected.selector || `<${s.selected.tagName}>`
+      chips.push(
+        `<span class="chip" title="Selected element"><code>${escapeHtml(truncate(label, 80))}</code><span class="x" data-action="clear-selection" title="Clear">✕</span></span>`,
+      )
+    }
+
+    const errorHtml = s.error
+      ? `<div class="error">⚠ ${escapeHtml(s.error)}</div>`
+      : ''
+
+    const statusLabel = s.error
+      ? `Error — see message above`
+      : s.status === 'sending'
+        ? `Sending to ${s.agent}…`
+        : s.status === 'streaming'
+          ? `Streaming from ${s.agent}…`
+          : !cfgKnown
+            ? 'Checking agent status…'
+            : `Ready (${s.agent}, ${s.mode})`
+    const statusClass = s.error
+      ? 'error'
+      : s.status === 'idle'
+        ? 'idle'
+        : s.status
+    const statusBarHtml = `<div class="status-bar ${statusClass}"><span class="status-dot"></span><span>${escapeHtml(statusLabel)}</span></div>`
+
+    const thinkingHtml =
+      s.status !== 'idle'
+        ? `<div class="thinking-pill" role="status" aria-live="polite">
+            <span class="dot"></span><span class="dot"></span><span class="dot"></span>
+            <span class="label">${
+              s.status === 'sending'
+                ? 'Coco is calling the agent…'
+                : 'Coco is working…'
+            }</span>
+          </div>`
+        : ''
+
+    const messagesHtml =
+      s.messages.length === 0 && s.status === 'idle'
+        ? `<div class="empty">Ask Coco to change something in this page. Try “make the heading larger” or click 🎯 to point at an element.</div>`
+        : s.messages.map(renderMessage).join('') + thinkingHtml
+
+    const panelHtml = `
+      <div class="panel${s.open ? '' : ' hidden'}" role="dialog" aria-label="Coco">
+        <div class="header">
+          <span class="title"><span class="title-emoji">🥥</span>Coco</span>
+          <select class="select" data-control="agent" aria-label="Agent">
+            ${AGENTS.filter((a) => {
+              if (!cfgKnown) return true
+              return s.configured![a.id].installed || a.id === s.agent
+            })
+              .map((a) => {
+                const status = cfgKnown ? s.configured![a.id] : null
+                const tag = !status
+                  ? ''
+                  : !status.installed
+                    ? ' (not installed)'
+                    : !status.configured
+                      ? ' (setup)'
+                      : ''
+                return `<option value="${a.id}"${a.id === s.agent ? ' selected' : ''}>${escapeHtml(a.label)}${tag}</option>`
+              })
+              .join('')}
+          </select>
+          <select class="select" data-control="mode" aria-label="Mode">
+            <option value="edit"${s.mode === 'edit' ? ' selected' : ''}>Edit</option>
+            <option value="read-only"${s.mode === 'read-only' ? ' selected' : ''}>Read-only</option>
+          </select>
+          <button class="btn icon${s.picking ? ' active' : ''}" data-action="toggle-picker" title="Pick an element">🎯</button>
+          <button class="btn icon" data-action="new-session" title="New session">⟳</button>
+          <button class="btn icon" data-action="close-panel" title="Close">✕</button>
+        </div>
+        ${notice}
+        <div class="context-bar">${chips.join('')}</div>
+        <div class="messages">${messagesHtml}</div>
+        ${errorHtml}
+        <form class="composer" data-action="send-form">
+          <textarea class="input" rows="1" placeholder="${s.picking ? 'Click an element on the page…' : 'Ask Coco to change this page…'}" ${s.picking ? 'disabled' : ''}></textarea>
+          <button class="btn primary" type="submit" ${s.status !== 'idle' || s.picking ? 'disabled' : ''}>${
+            s.status !== 'idle' ? '…' : 'Send'
+          }</button>
+        </form>
+        ${statusBarHtml}
+        ${setupHtml}
+      </div>
+    `
+
+    this.rootEl.innerHTML = launcherHtml + panelHtml
+
+    // Restore draft + scroll
+    const newTa = this.rootEl.querySelector<HTMLTextAreaElement>('.input')
+    if (newTa && !s.picking) {
+      newTa.value = this.inputDraft
+      newTa.focus({ preventScroll: true })
+    }
+    const messagesEl = this.rootEl.querySelector<HTMLElement>('.messages')
+    if (messagesEl) messagesEl.scrollTop = messagesEl.scrollHeight
+
+    this.bindEvents()
+  }
+
+  private renderSetup(id: AgentId): string {
+    const setup = AGENT_SETUP[id]
+    return `
+      <div class="setup-mask" data-action="setup-mask">
+        <div class="setup-card" data-stop-click>
+          <h2>Set up ${escapeHtml(setup.label)}</h2>
+          <p>${escapeHtml(setup.summary)}</p>
+          <ol>
+            ${setup.steps
+              .map(
+                (step) => `
+                <li>
+                  <div>${escapeHtml(step.text)}</div>
+                  ${step.code ? `<pre>${escapeHtml(step.code)}</pre>` : ''}
+                </li>
+              `,
+              )
+              .join('')}
+          </ol>
+          <div class="actions">
+            <a href="${escapeHtml(setup.docsUrl)}" target="_blank" rel="noreferrer">Docs ↗</a>
+            <button class="btn primary" data-action="close-setup">Got it</button>
+          </div>
+        </div>
+      </div>
+    `
+  }
+
+  private bindEvents() {
+    const $ = <T extends Element>(sel: string) =>
+      this.rootEl.querySelector<T>(sel)
+    const $$ = <T extends Element>(sel: string) =>
+      this.rootEl.querySelectorAll<T>(sel)
+
+    $<HTMLButtonElement>('.launcher')?.addEventListener('click', () =>
+      this.callbacks.openPanel(),
+    )
+
+    $$<HTMLElement>('[data-action="open-setup"]').forEach((el) =>
+      el.addEventListener('click', () =>
+        this.callbacks.openSetup(this.state.agent),
+      ),
+    )
+    $$<HTMLElement>('[data-action="close-setup"]').forEach((el) =>
+      el.addEventListener('click', () => this.callbacks.closeSetup()),
+    )
+    $<HTMLElement>('[data-action="setup-mask"]')?.addEventListener(
+      'click',
+      (e) => {
+        if (e.target === e.currentTarget) this.callbacks.closeSetup()
+      },
+    )
+
+    $<HTMLButtonElement>('[data-action="close-panel"]')?.addEventListener(
+      'click',
+      () => this.callbacks.closePanel(),
+    )
+    $<HTMLButtonElement>('[data-action="new-session"]')?.addEventListener(
+      'click',
+      () => this.callbacks.newSession(),
+    )
+    $<HTMLButtonElement>('[data-action="toggle-picker"]')?.addEventListener(
+      'click',
+      () => this.callbacks.togglePicker(),
+    )
+    $$<HTMLElement>('[data-action="clear-selection"]').forEach((el) =>
+      el.addEventListener('click', () => this.callbacks.clearSelection()),
+    )
+
+    $<HTMLSelectElement>('[data-control="agent"]')?.addEventListener(
+      'change',
+      (e) => {
+        const value = (e.target as HTMLSelectElement).value
+        if (
+          value === 'claude-code' ||
+          value === 'codex' ||
+          value === 'gemini-cli' ||
+          value === 'opencode'
+        ) {
+          this.callbacks.selectAgent(value)
+        }
+      },
+    )
+    $<HTMLSelectElement>('[data-control="mode"]')?.addEventListener(
+      'change',
+      (e) => {
+        const value = (e.target as HTMLSelectElement).value
+        if (value === 'edit' || value === 'read-only') {
+          this.callbacks.selectMode(value)
+        }
+      },
+    )
+
+    const form = $<HTMLFormElement>('form[data-action="send-form"]')
+    form?.addEventListener('submit', (e) => {
+      e.preventDefault()
+      const ta = $<HTMLTextAreaElement>('.input')
+      const text = ta?.value.trim() ?? ''
+      console.debug('[coco] form submit', {
+        textareaFound: Boolean(ta),
+        text,
+        rawValue: ta?.value,
+      })
+      if (!text) return
+      ta!.value = ''
+      this.inputDraft = ''
+      this.callbacks.send(text)
+    })
+    const ta = $<HTMLTextAreaElement>('.input')
+    ta?.addEventListener('keydown', (e) => {
+      if (e.key === 'Enter' && !e.shiftKey) {
+        e.preventDefault()
+        form?.requestSubmit()
+      }
+    })
+  }
+}
diff --git a/examples/coco/src/client/styles.ts b/examples/coco/src/client/styles.ts
new file mode 100644
index 000000000..7ceec9eb2
--- /dev/null
+++ b/examples/coco/src/client/styles.ts
@@ -0,0 +1,380 @@
+/**
+ * All panel CSS as a single string. We inject this into the Shadow DOM root
+ * so it can't bleed into (or be styled by) the host page.
+ */
+export const PANEL_CSS = `
+:host, .root {
+  all: initial;
+  font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto,
+    Helvetica, Arial, sans-serif;
+  color: #e5e7eb;
+  font-size: 14px;
+  line-height: 1.4;
+}
+
+* {
+  box-sizing: border-box;
+}
+
+.launcher {
+  position: fixed;
+  bottom: 16px;
+  right: 16px;
+  z-index: 2147483646;
+  width: 48px;
+  height: 48px;
+  border-radius: 9999px;
+  border: none;
+  background: linear-gradient(135deg, #6d4422, #8a5a2e);
+  color: white;
+  font-size: 22px;
+  cursor: pointer;
+  box-shadow: 0 6px 20px rgba(0, 0, 0, 0.35);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+.launcher:hover { filter: brightness(1.1); }
+.launcher.hidden { display: none; }
+.launcher.busy::after {
+  content: "";
+  position: absolute;
+  inset: -3px;
+  border-radius: 9999px;
+  border: 2px solid rgba(96,165,250,0.6);
+  border-top-color: transparent;
+  animation: coco-spin 1s linear infinite;
+}
+.launcher .launcher-dot {
+  position: absolute;
+  top: 2px;
+  right: 2px;
+  width: 10px;
+  height: 10px;
+  border-radius: 9999px;
+  background: #34d399;
+  border: 2px solid #0f172a;
+  animation: coco-pulse 1.2s infinite;
+}
+@keyframes coco-spin { to { transform: rotate(360deg); } }
+
+.panel {
+  position: fixed;
+  bottom: 16px;
+  right: 16px;
+  z-index: 2147483647;
+  width: 420px;
+  max-width: calc(100vw - 32px);
+  height: 600px;
+  max-height: calc(100vh - 32px);
+  background: #0f172a;
+  border: 1px solid #1f2937;
+  border-radius: 12px;
+  box-shadow: 0 14px 50px rgba(0, 0, 0, 0.5);
+  display: flex;
+  flex-direction: column;
+  overflow: hidden;
+}
+.panel.hidden { display: none; }
+
+.header {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  padding: 8px 10px;
+  background: #111827;
+  border-bottom: 1px solid #1f2937;
+}
+.title {
+  font-weight: 600;
+  margin-right: auto;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+}
+.title-emoji { font-size: 16px; }
+
+.select, .btn, .input {
+  font: inherit;
+  color: inherit;
+  background: #1f2937;
+  border: 1px solid #374151;
+  border-radius: 6px;
+  padding: 4px 8px;
+}
+.select { padding: 3px 6px; font-size: 12px; }
+.btn { cursor: pointer; padding: 4px 8px; font-size: 12px; }
+.btn:hover { background: #374151; }
+.btn:disabled { opacity: 0.4; cursor: not-allowed; }
+.btn.primary { background: #2563eb; border-color: #2563eb; }
+.btn.primary:hover { background: #1d4ed8; }
+.btn.danger { background: #7f1d1d; border-color: #7f1d1d; }
+.btn.active { background: #b45309; border-color: #b45309; }
+.btn.icon { padding: 4px 6px; }
+
+.context-bar {
+  padding: 6px 10px;
+  background: #0b1220;
+  border-bottom: 1px solid #1f2937;
+  font-size: 11px;
+  color: #94a3b8;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  flex-wrap: wrap;
+}
+.chip {
+  background: #1f2937;
+  border: 1px solid #374151;
+  border-radius: 9999px;
+  padding: 2px 8px;
+  color: #cbd5e1;
+  font-size: 11px;
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  max-width: 100%;
+}
+.chip code {
+  font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+  font-size: 10.5px;
+  color: #e5e7eb;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  max-width: 220px;
+}
+.chip .x {
+  cursor: pointer;
+  color: #94a3b8;
+  margin-left: 2px;
+}
+.chip .x:hover { color: #f87171; }
+
+.notice {
+  margin: 6px 10px 0;
+  padding: 6px 8px;
+  background: rgba(180, 83, 9, 0.18);
+  border: 1px solid rgba(180, 83, 9, 0.6);
+  color: #fde68a;
+  border-radius: 6px;
+  font-size: 12px;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+}
+.notice .btn {
+  padding: 2px 6px;
+  font-size: 11px;
+}
+
+.messages {
+  flex: 1;
+  overflow-y: auto;
+  padding: 10px;
+  display: flex;
+  flex-direction: column;
+  gap: 8px;
+}
+.empty {
+  color: #64748b;
+  font-size: 12px;
+  text-align: center;
+  margin-top: 24px;
+}
+
+.msg {
+  max-width: 100%;
+}
+.msg.user .bubble {
+  background: #1d4ed8;
+  color: white;
+  border-radius: 10px;
+  padding: 6px 10px;
+  margin-left: auto;
+  max-width: 80%;
+  white-space: pre-wrap;
+  word-break: break-word;
+}
+.msg.user { display: flex; justify-content: flex-end; }
+.msg.assistant { white-space: pre-wrap; word-break: break-word; }
+.msg .text { padding: 2px 0; }
+
+.thinking {
+  border-left: 2px solid #334155;
+  padding-left: 8px;
+  color: #94a3b8;
+  font-style: italic;
+  font-size: 12px;
+  margin: 4px 0;
+  white-space: pre-wrap;
+}
+
+.tool {
+  border: 1px solid #1f2937;
+  background: rgba(15, 23, 42, 0.7);
+  border-radius: 6px;
+  margin: 4px 0;
+  overflow: hidden;
+}
+.tool summary {
+  cursor: pointer;
+  padding: 4px 8px;
+  font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+  font-size: 12px;
+  color: #fbbf24;
+  list-style: none;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+}
+.tool summary::-webkit-details-marker { display: none; }
+.tool .body { padding: 6px 8px; border-top: 1px solid #1f2937; }
+.tool pre {
+  background: #020617;
+  color: #cbd5e1;
+  font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+  font-size: 11px;
+  padding: 6px;
+  border-radius: 4px;
+  overflow: auto;
+  max-height: 180px;
+  margin: 4px 0 0;
+  white-space: pre-wrap;
+  word-break: break-all;
+}
+.tool .state {
+  color: #94a3b8;
+  font-size: 10.5px;
+  margin-left: auto;
+}
+
+.thinking-pill {
+  display: inline-flex;
+  align-items: center;
+  gap: 6px;
+  align-self: flex-start;
+  padding: 6px 12px;
+  border-radius: 9999px;
+  background: linear-gradient(135deg, rgba(37,99,235,0.18), rgba(180,83,9,0.18));
+  border: 1px solid rgba(96,165,250,0.4);
+  color: #e0e7ff;
+  font-size: 12px;
+  margin-top: 4px;
+}
+.thinking-pill .label { margin-left: 2px; }
+.thinking-pill .dot {
+  width: 6px;
+  height: 6px;
+  border-radius: 9999px;
+  background: #93c5fd;
+  display: inline-block;
+  animation: coco-bounce 1s infinite ease-in-out;
+}
+.thinking-pill .dot:nth-child(2) { animation-delay: 0.15s; }
+.thinking-pill .dot:nth-child(3) { animation-delay: 0.3s; }
+@keyframes coco-bounce {
+  0%, 80%, 100% { transform: translateY(0); opacity: 0.5; }
+  40% { transform: translateY(-3px); opacity: 1; }
+}
+
+.status-bar {
+  padding: 4px 10px;
+  background: #0b1220;
+  border-top: 1px solid #1f2937;
+  font-size: 11px;
+  color: #94a3b8;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+}
+.status-bar .status-dot {
+  width: 6px;
+  height: 6px;
+  border-radius: 9999px;
+  background: #475569;
+}
+.status-bar.idle .status-dot { background: #475569; }
+.status-bar.sending .status-dot { background: #facc15; animation: coco-pulse 1.2s infinite; }
+.status-bar.streaming .status-dot { background: #34d399; animation: coco-pulse 1.2s infinite; }
+.status-bar.error .status-dot { background: #f87171; }
+@keyframes coco-pulse {
+  0%, 100% { opacity: 0.4; }
+  50% { opacity: 1; }
+}
+
+.error {
+  margin: 6px 10px;
+  padding: 6px 8px;
+  background: rgba(127, 29, 29, 0.4);
+  border: 1px solid #7f1d1d;
+  color: #fecaca;
+  border-radius: 6px;
+  font-size: 12px;
+}
+
+.composer {
+  border-top: 1px solid #1f2937;
+  padding: 8px;
+  display: flex;
+  gap: 6px;
+}
+.input {
+  flex: 1;
+  resize: none;
+  min-height: 36px;
+  max-height: 120px;
+  padding: 6px 8px;
+}
+
+.setup-mask {
+  position: absolute;
+  inset: 0;
+  background: rgba(0, 0, 0, 0.6);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding: 12px;
+  z-index: 10;
+}
+.setup-card {
+  background: #0f172a;
+  border: 1px solid #334155;
+  border-radius: 8px;
+  padding: 14px;
+  width: 100%;
+  max-width: 360px;
+  max-height: 100%;
+  overflow: auto;
+}
+.setup-card h2 { margin: 0 0 6px; font-size: 14px; }
+.setup-card p { margin: 0 0 10px; color: #94a3b8; font-size: 12px; }
+.setup-card ol { padding-left: 18px; margin: 0 0 10px; }
+.setup-card li { margin-bottom: 8px; font-size: 12px; }
+.setup-card code, .setup-card pre {
+  font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+}
+.setup-card pre {
+  background: #020617;
+  color: #a7f3d0;
+  border-radius: 4px;
+  padding: 6px 8px;
+  font-size: 11px;
+  overflow: auto;
+  margin-top: 4px;
+}
+.setup-card .actions {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  margin-top: 8px;
+}
+.setup-card a {
+  color: #60a5fa;
+  font-size: 12px;
+  text-decoration: none;
+}
+.setup-card a:hover { text-decoration: underline; }
+
+/* Element picker overlay (lives in the host page, not Shadow DOM) */
+`
diff --git a/examples/coco/src/dev-runner.ts b/examples/coco/src/dev-runner.ts
new file mode 100644
index 000000000..16d54b265
--- /dev/null
+++ b/examples/coco/src/dev-runner.ts
@@ -0,0 +1,158 @@
+/**
+ * Spawn the project's dev server (default `pnpm dev`) as a subprocess, sniff
+ * its stdout for the local URL it printed, and wait until the URL accepts
+ * TCP connections. We forward all output so the user still sees the dev
+ * server's startup logs.
+ */
+import { spawn } from 'node:child_process'
+import net from 'node:net'
+import { URL } from 'node:url'
+import type { ChildProcess } from 'node:child_process'
+
+const LOCAL_URL_RE =
+  /\bhttps?:\/\/(?:localhost|127\.0\.0\.1|0\.0\.0\.0|\[::1?\])(?::(\d+))?(?:\/\S*)?/i
+
+export interface DevServer {
+  /** Target URL the proxy should forward to (e.g. `http://localhost:5173`). */
+  target: string
+  /**
+   * The spawned dev-server child process. `null` when Coco was started with
+   * `--target` against an already-running dev server (we don't manage that
+   * server's lifecycle).
+   */
+  child: ChildProcess | null
+}
+
+export interface StartDevServerOptions {
+  command: string
+  cwd: string
+  /** Override the auto-detected target URL. */
+  fixedTarget?: string
+  /** Max milliseconds to wait for the dev server to print/accept connections. */
+  timeoutMs?: number
+}
+
+const probeTcp = (host: string, port: number, timeoutMs = 1000) =>
+  new Promise<boolean>((resolve) => {
+    const socket = new net.Socket()
+    let done = false
+    const finish = (ok: boolean) => {
+      if (done) return
+      done = true
+      socket.destroy()
+      resolve(ok)
+    }
+    socket.setTimeout(timeoutMs)
+    socket.once('connect', () => finish(true))
+    socket.once('timeout', () => finish(false))
+    socket.once('error', () => finish(false))
+    socket.connect(port, host)
+  })
+
+const waitForReachable = async (
+  url: string,
+  timeoutMs: number,
+): Promise<void> => {
+  const parsed = new URL(url)
+  const host = parsed.hostname || 'localhost'
+  const port = Number(
+    parsed.port || (parsed.protocol === 'https:' ? '443' : '80'),
+  )
+  const deadline = Date.now() + timeoutMs
+  while (Date.now() < deadline) {
+    if (await probeTcp(host, port)) return
+    await new Promise((r) => setTimeout(r, 200))
+  }
+  throw new Error(
+    `Timed out waiting for dev server at ${url} (host=${host} port=${port})`,
+  )
+}
+
+/**
+ * Spawn the dev command and resolve once we know its target URL and it's
+ * reachable. If `fixedTarget` is set, skip sniffing and just wait for it.
+ */
+export const startDevServer = async ({
+  command,
+  cwd,
+  fixedTarget,
+  timeoutMs = 60_000,
+}: StartDevServerOptions): Promise<DevServer> => {
+  // If the user pointed Coco at an existing dev server, don't spawn anything
+  // — just wait for it to be reachable.
+  if (fixedTarget) {
+    await waitForReachable(fixedTarget, timeoutMs)
+    return { target: fixedTarget, child: null }
+  }
+
+  const [bin, ...args] = command.trim().split(/\s+/)
+  if (!bin) throw new Error(`Empty dev command: ${JSON.stringify(command)}`)
+
+  const child = spawn(bin, args, {
+    cwd,
+    env: process.env,
+    stdio: ['ignore', 'pipe', 'pipe'],
+    shell: process.platform === 'win32',
+  })
+
+  // Forward output to the parent terminal verbatim so users still see Vite/
+  // Next/whatever logs.
+  child.stdout.on('data', (chunk: Buffer) => process.stdout.write(chunk))
+  child.stderr.on('data', (chunk: Buffer) => process.stderr.write(chunk))
+
+  child.on('error', (err) => {
+    console.error(`[coco] failed to spawn "${command}":`, err)
+  })
+
+  // Sniff stdout for the first localhost URL the dev server prints.
+  const target = await new Promise<string>((resolve, reject) => {
+    let resolved = false
+    const onChunk = (chunk: Buffer) => {
+      if (resolved) return
+      const text = chunk.toString('utf8')
+      const match = text.match(LOCAL_URL_RE)
+      if (match) {
+        try {
+          // Normalize to scheme://host:port (strip any path the dev server
+          // may have decorated the URL with).
+          const url = new URL(match[0])
+          url.pathname = '/'
+          url.search = ''
+          url.hash = ''
+          let normalized = url.toString()
+          if (normalized.endsWith('/')) {
+            normalized = normalized.slice(0, -1)
+          }
+          resolved = true
+          resolve(normalized)
+        } catch {
+          // Ignore parse failures and keep listening.
+        }
+      }
+    }
+    child.stdout.on('data', onChunk)
+    child.stderr.on('data', onChunk)
+    child.once('exit', (code) => {
+      if (!resolved) {
+        reject(
+          new Error(
+            `Dev command "${command}" exited with code ${code} before printing a local URL.`,
+          ),
+        )
+      }
+    })
+    setTimeout(() => {
+      if (!resolved) {
+        reject(
+          new Error(
+            `Timed out (${timeoutMs}ms) waiting for "${command}" to print a localhost URL. ` +
+              `Pass --target=http://localhost:<port> to skip auto-detection.`,
+          ),
+        )
+      }
+    }, timeoutMs).unref()
+  })
+
+  await waitForReachable(target, timeoutMs)
+  return { target, child }
+}
diff --git a/examples/coco/src/http-bridge.ts b/examples/coco/src/http-bridge.ts
new file mode 100644
index 000000000..9639ee9be
--- /dev/null
+++ b/examples/coco/src/http-bridge.ts
@@ -0,0 +1,149 @@
+/**
+ * Helpers for shuttling Node `http` request/response objects through Web
+ * `Request`/`Response` and serving Coco's small set of internal endpoints.
+ *
+ * Shared between:
+ *
+ * - the reverse-proxy CLI (`proxy.ts`), and
+ * - the dev-only Vite plugin (`vite/plugin.ts`).
+ *
+ * Keeping them here ensures both surfaces inject the same `<script>` tag,
+ * speak the same `/__coco/api/*` protocol, and pipe streaming chat
+ * responses identically.
+ */
+import { promises as fs } from 'node:fs'
+import { Readable } from 'node:stream'
+import type { IncomingMessage, ServerResponse } from 'node:http'
+
+const INJECTED_TAG = '<script type="module" src="/__coco/client.js"></script>'
+
+/**
+ * Insert Coco's panel `<script>` just before `</body>`. Idempotent — if the
+ * tag is already present we leave the HTML untouched.
+ */
+export const injectIntoHtml = (html: string): string => {
+  if (html.includes('/__coco/client.js')) return html
+  const lower = html.toLowerCase()
+  const idx = lower.lastIndexOf('</body>')
+  if (idx >= 0) {
+    return html.slice(0, idx) + INJECTED_TAG + html.slice(idx)
+  }
+  return html + INJECTED_TAG
+}
+
+const requestUrl = (req: IncomingMessage): string => {
+  const host = req.headers.host ?? 'localhost'
+  return `http://${host}${req.url ?? '/'}`
+}
+
+/**
+ * Convert a Node IncomingMessage into a Web `Request`. The body is taken
+ * directly from the readable stream for POSTs.
+ */
+export const toFetchRequest = (req: IncomingMessage): Request => {
+  const headers = new Headers()
+  for (const [key, value] of Object.entries(req.headers)) {
+    if (value === undefined) continue
+    if (Array.isArray(value)) for (const v of value) headers.append(key, v)
+    else headers.set(key, value)
+  }
+  const method = (req.method ?? 'GET').toUpperCase()
+  const hasBody = method !== 'GET' && method !== 'HEAD'
+  const init: RequestInit & { duplex?: 'half' } = {
+    method,
+    headers,
+  }
+  if (hasBody) {
+    init.body = Readable.toWeb(req) as ReadableStream<Uint8Array>
+    init.duplex = 'half'
+  }
+  return new Request(requestUrl(req), init)
+}
+
+/**
+ * Pipe a Web `Response` back into a Node ServerResponse. Streams the body so
+ * SSE flows in real-time.
+ */
+export const pipeFetchResponse = async (
+  response: Response,
+  res: ServerResponse,
+): Promise<void> => {
+  const headers: Record<string, string> = {}
+  response.headers.forEach((value, key) => {
+    headers[key] = value
+  })
+  res.writeHead(response.status, headers)
+  if (!response.body) {
+    res.end()
+    return
+  }
+  const reader = response.body.getReader()
+  const onClose = () => {
+    reader.cancel().catch(() => undefined)
+  }
+  res.once('close', onClose)
+  try {
+    for (;;) {
+      const { value, done } = await reader.read()
+      if (done) break
+      res.write(value)
+    }
+  } finally {
+    res.off('close', onClose)
+    res.end()
+  }
+}
+
+export const sendJson = (
+  res: ServerResponse,
+  status: number,
+  value: unknown,
+): void => {
+  const body = JSON.stringify(value)
+  res.writeHead(status, {
+    'Content-Type': 'application/json; charset=utf-8',
+    'Content-Length': Buffer.byteLength(body),
+    'Cache-Control': 'no-store',
+  })
+  res.end(body)
+}
+
+export const send404 = (res: ServerResponse, msg = 'Not found'): void => {
+  res.writeHead(404, { 'Content-Type': 'text/plain; charset=utf-8' })
+  res.end(msg)
+}
+
+export const send500 = (res: ServerResponse, err: unknown): void => {
+  if (res.headersSent) {
+    res.end()
+    return
+  }
+  const body = err instanceof Error ? err.message : String(err)
+  res.writeHead(500, { 'Content-Type': 'text/plain; charset=utf-8' })
+  res.end(body)
+}
+
+/**
+ * Serve the prebuilt panel bundle. Returns `false` if the bundle is missing
+ * so the caller can decide whether to surface a friendly error or fall
+ * through to other handlers.
+ */
+export const serveClientBundle = async (
+  res: ServerResponse,
+  bundlePath: string,
+): Promise<void> => {
+  try {
+    const buf = await fs.readFile(bundlePath)
+    res.writeHead(200, {
+      'Content-Type': 'application/javascript; charset=utf-8',
+      'Content-Length': buf.length,
+      'Cache-Control': 'no-store',
+    })
+    res.end(buf)
+  } catch {
+    res.writeHead(503, { 'Content-Type': 'text/plain; charset=utf-8' })
+    res.end(
+      'Coco panel bundle is missing. Run `pnpm --filter coco build` and reload.',
+    )
+  }
+}
diff --git a/examples/coco/src/index.ts b/examples/coco/src/index.ts
new file mode 100644
index 000000000..a304ff0af
--- /dev/null
+++ b/examples/coco/src/index.ts
@@ -0,0 +1,19 @@
+/**
+ * Public entry for the `coco` package.
+ *
+ * The primary surface is the CLI (`coco`) and the Vite plugin (`coco/vite`);
+ * this module re-exports a handful of agent constants/types in case users
+ * want to script around them.
+ */
+export {
+  AGENTS,
+  AGENT_BIN,
+  AGENT_SETUP,
+  DEFAULT_AGENT,
+  isAgentId,
+  isAgentMode,
+  type AgentId,
+  type AgentMode,
+  type AgentSetup,
+  type SetupStep,
+} from './agents.ts'
diff --git a/examples/coco/src/init.ts b/examples/coco/src/init.ts
new file mode 100644
index 000000000..fd5a10514
--- /dev/null
+++ b/examples/coco/src/init.ts
@@ -0,0 +1,201 @@
+/**
+ * `coco init` — wire the Coco Vite plugin into a TanStack Start (or plain
+ * Vite) project. Idempotent: re-running detects an already-installed plugin
+ * and prints next steps instead of editing the config again.
+ *
+ * The edit is intentionally string-based and conservative. If the
+ * `vite.config.ts` doesn't match the shape we recognize, we abort and print
+ * the manual snippet the user should paste.
+ */
+import { promises as fs } from 'node:fs'
+import path from 'node:path'
+import { AGENTS, AGENT_BIN } from './agents.ts'
+import { findOnPath } from './agent-status.ts'
+
+export interface InitOptions {
+  cwd: string
+  /** When true, print what would change but don't write. */
+  dryRun?: boolean
+}
+
+const CONFIG_CANDIDATES = [
+  'vite.config.ts',
+  'vite.config.mts',
+  'vite.config.js',
+  'vite.config.mjs',
+]
+
+const COCO_IMPORT_LINE = `import { coco } from 'coco/vite'`
+
+interface ProjectInfo {
+  configPath: string
+  isStart: boolean
+}
+
+const findViteConfig = async (cwd: string): Promise<ProjectInfo | null> => {
+  for (const candidate of CONFIG_CANDIDATES) {
+    const full = path.join(cwd, candidate)
+    try {
+      const stat = await fs.stat(full)
+      if (stat.isFile()) {
+        const source = await fs.readFile(full, 'utf8')
+        return {
+          configPath: full,
+          isStart: /@tanstack\/react-start/.test(source),
+        }
+      }
+    } catch {
+      // try next candidate
+    }
+  }
+  return null
+}
+
+const MANUAL_SNIPPET = `Add the Coco plugin to your vite config manually:
+
+  import { defineConfig } from 'vite'
+  import { coco } from 'coco/vite'
+
+  export default defineConfig({
+    plugins: [
+      coco(),
+      // …existing plugins
+    ],
+  })
+`
+
+/**
+ * Apply the Coco plugin to a vite config source. Returns the rewritten
+ * source, or `null` if we couldn't find a `plugins: [...]` array to insert
+ * into (caller should print the manual snippet).
+ */
+export const applyCocoToConfig = (source: string): string | null => {
+  // Idempotency: already wired up?
+  if (/from\s+['"]coco\/vite['"]/.test(source) || /\bcoco\(\)/.test(source)) {
+    return source
+  }
+
+  // 1. Add the import. Prefer placing it right after the last existing
+  //    `import` statement to keep the import block together. Falls back
+  //    to the top of the file.
+  const importBlockRe = /^(?:import[^\n]*\n)+/m
+  const importMatch = source.match(importBlockRe)
+  let withImport: string
+  if (importMatch && typeof importMatch.index === 'number') {
+    const end = importMatch.index + importMatch[0].length
+    withImport =
+      source.slice(0, end) + COCO_IMPORT_LINE + '\n' + source.slice(end)
+  } else {
+    withImport = COCO_IMPORT_LINE + '\n' + source
+  }
+
+  // 2. Insert `coco(),` at the top of the first `plugins: [...]` array.
+  //    Handle both `plugins: [\n  …` and `plugins: [foo, bar]`.
+  const pluginsRe = /plugins\s*:\s*\[/
+  const pluginsMatch = withImport.match(pluginsRe)
+  if (!pluginsMatch || typeof pluginsMatch.index !== 'number') {
+    return null
+  }
+  const bracketEnd = pluginsMatch.index + pluginsMatch[0].length
+  const after = withImport.slice(bracketEnd)
+
+  // Newline-style: `plugins: [\n  foo,\n  bar,\n]`
+  if (/^\s*\n/.test(after)) {
+    const eol = after.indexOf('\n')
+    const indentMatch = after.slice(eol + 1).match(/^[ \t]*/)
+    const indent = indentMatch ? indentMatch[0] : '  '
+    return (
+      withImport.slice(0, bracketEnd) +
+      '\n' +
+      indent +
+      'coco(),' +
+      withImport.slice(bracketEnd)
+    )
+  }
+
+  // Inline: `plugins: [foo, bar]`
+  return (
+    withImport.slice(0, bracketEnd) + 'coco(), ' + withImport.slice(bracketEnd)
+  )
+}
+
+const installedCliNames = async (): Promise<Array<string>> => {
+  const present = await Promise.all(
+    AGENTS.map(async (a) => ((await findOnPath(AGENT_BIN[a.id])) ? a.bin : '')),
+  )
+  return present.filter(Boolean)
+}
+
+export const runInit = async (options: InitOptions): Promise<number> => {
+  const { cwd, dryRun = false } = options
+  const log = (msg: string) => process.stdout.write(`[coco init] ${msg}\n`)
+  const err = (msg: string) => process.stderr.write(`[coco init] ${msg}\n`)
+
+  log(`scanning ${cwd}…`)
+  const project = await findViteConfig(cwd)
+  if (!project) {
+    err(
+      'no vite.config.{ts,mts,js,mjs} found here. ' +
+        'Run `coco init` from the root of a TanStack Start / Vite project.',
+    )
+    return 1
+  }
+  log(`found ${path.relative(cwd, project.configPath)}`)
+  if (project.isStart) {
+    log('detected TanStack Start (imports @tanstack/react-start).')
+  } else {
+    log(
+      'no @tanstack/react-start import detected — plugging in anyway; Coco works with any Vite dev server.',
+    )
+  }
+
+  const original = await fs.readFile(project.configPath, 'utf8')
+  if (
+    /from\s+['"]coco\/vite['"]/.test(original) ||
+    /\bcoco\(\)/.test(original)
+  ) {
+    log('vite config already imports coco/vite — nothing to do.')
+  } else {
+    const updated = applyCocoToConfig(original)
+    if (updated == null) {
+      err(
+        'could not locate a `plugins: [...]` array in your vite config. ' +
+          'No changes written.',
+      )
+      process.stdout.write('\n' + MANUAL_SNIPPET + '\n')
+      return 2
+    }
+    if (dryRun) {
+      log('--dry-run: would rewrite vite config to add coco():')
+      process.stdout.write('\n' + updated + '\n')
+    } else {
+      await fs.writeFile(project.configPath, updated, 'utf8')
+      log(`added \`coco()\` plugin to ${path.basename(project.configPath)}.`)
+    }
+  }
+
+  const installed = await installedCliNames()
+  if (installed.length === 0) {
+    process.stdout.write(
+      '\nNo supported coding-agent CLI was found on PATH. The Coco panel ' +
+        'will stay hidden until at least one of the following is installed:\n' +
+        '  - claude   (npm i -g @anthropic-ai/claude-code)\n' +
+        '  - codex    (ships with @openai/codex-sdk; install via your codex setup)\n' +
+        '  - gemini   (npm i -g @google/gemini-cli)\n' +
+        '  - opencode (npm i -g opencode-ai)\n',
+    )
+  } else {
+    process.stdout.write(
+      `\nDetected agent CLI${installed.length === 1 ? '' : 's'} on PATH: ${installed.join(', ')}.\n`,
+    )
+  }
+
+  process.stdout.write(
+    '\nNext steps:\n' +
+      '  1. Make sure `coco` is installed as a devDependency:\n' +
+      '       pnpm add -D coco   (or npm i -D coco / yarn add -D coco)\n' +
+      '  2. Start your dev server as usual (e.g. `pnpm dev`).\n' +
+      '  3. Open the dev URL — Coco appears as a 🥥 launcher when an agent CLI is on PATH.\n',
+  )
+  return 0
+}
diff --git a/examples/coco/src/proxy.ts b/examples/coco/src/proxy.ts
new file mode 100644
index 000000000..891855e99
--- /dev/null
+++ b/examples/coco/src/proxy.ts
@@ -0,0 +1,172 @@
+/**
+ * Coco's reverse-proxy server. Forwards everything to the user's dev server
+ * EXCEPT:
+ *
+ * - `/__coco/client.js`  — serves the built panel bundle.
+ * - `/__coco/api/*`      — our own routes (chat, agent status).
+ *
+ * For proxied `text/html` responses it injects a `<script>` tag pointing at
+ * `/__coco/client.js` just before `</body>`, so every page the user navigates
+ * to gets the panel.
+ */
+import http from 'node:http'
+import path from 'node:path'
+import { URL } from 'node:url'
+import httpProxy from 'http-proxy'
+import { detectAgentConfig } from './agent-status.ts'
+import { handleChat } from './chat-handler.ts'
+import {
+  injectIntoHtml,
+  pipeFetchResponse,
+  send404,
+  send500,
+  sendJson,
+  serveClientBundle,
+  toFetchRequest,
+} from './http-bridge.ts'
+import type { IncomingMessage } from 'node:http'
+
+export interface ProxyOptions {
+  /** Upstream dev-server URL (e.g. `http://localhost:5173`). */
+  target: string
+  /** Port Coco listens on. */
+  port: number
+  /** Working directory (passed to the agent). */
+  projectCwd: string
+  /** Absolute path to the built panel bundle (`dist/client/client.js`). */
+  clientBundlePath: string
+}
+
+/**
+ * Strip `accept-encoding` so the dev server returns HTML uncompressed and we
+ * can inject a script without round-tripping through gzip/br.
+ */
+const stripAcceptEncoding = (req: IncomingMessage) => {
+  delete req.headers['accept-encoding']
+}
+
+/**
+ * Build and start Coco's proxy server. Returns a promise that resolves to a
+ * stop function.
+ */
+export const startProxyServer = async (
+  options: ProxyOptions,
+): Promise<{ url: string; stop: () => Promise<void> }> => {
+  const { target, port, projectCwd, clientBundlePath } = options
+
+  const proxy = httpProxy.createProxyServer({
+    target,
+    changeOrigin: true,
+    ws: true,
+    selfHandleResponse: true,
+    // Preserve original Host so dev servers that gate on it (e.g. Vite's
+    // allowed-hosts) accept the request.
+    autoRewrite: true,
+  })
+
+  proxy.on('error', (err, _req, resOrSocket) => {
+    if (resOrSocket && 'writeHead' in resOrSocket) {
+      try {
+        const res = resOrSocket
+        if (!res.headersSent) {
+          res.writeHead(502, { 'Content-Type': 'text/plain; charset=utf-8' })
+        }
+        res.end(`Coco proxy error: ${err.message}`)
+      } catch {
+        // ignore
+      }
+    } else if (resOrSocket && 'destroy' in resOrSocket) {
+      ;(resOrSocket as { destroy: () => void }).destroy()
+    }
+  })
+
+  // Custom response handling: buffer HTML to inject the panel script;
+  // stream everything else straight through.
+  proxy.on('proxyRes', (proxyRes, _req, res) => {
+    const contentType = String(proxyRes.headers['content-type'] ?? '')
+    const isHtml = contentType.includes('text/html')
+
+    const status = proxyRes.statusCode ?? 502
+    const headers = { ...proxyRes.headers }
+
+    if (isHtml) {
+      const chunks: Array<Buffer> = []
+      proxyRes.on('data', (chunk: Buffer) => chunks.push(chunk))
+      proxyRes.on('end', () => {
+        const original = Buffer.concat(chunks).toString('utf8')
+        const injected = injectIntoHtml(original)
+        const body = Buffer.from(injected, 'utf8')
+        delete headers['content-length']
+        delete headers['content-encoding']
+        headers['content-length'] = String(body.length)
+        res.writeHead(status, headers)
+        res.end(body)
+      })
+      proxyRes.on('error', (err) => send500(res, err))
+    } else {
+      res.writeHead(status, headers)
+      proxyRes.pipe(res)
+    }
+  })
+
+  const server = http.createServer(async (req, res) => {
+    try {
+      const url = new URL(req.url ?? '/', 'http://localhost')
+      const pathname = url.pathname
+
+      if (pathname === '/__coco/client.js') {
+        await serveClientBundle(res, clientBundlePath)
+        return
+      }
+      if (pathname === '/__coco/api/agents' && req.method === 'GET') {
+        sendJson(res, 200, await detectAgentConfig())
+        return
+      }
+      if (pathname === '/__coco/api/chat' && req.method === 'POST') {
+        const fetchReq = toFetchRequest(req)
+        const fetchRes = await handleChat(fetchReq, projectCwd)
+        await pipeFetchResponse(fetchRes, res)
+        return
+      }
+      if (pathname.startsWith('/__coco/')) {
+        send404(res, 'Unknown __coco endpoint')
+        return
+      }
+
+      stripAcceptEncoding(req)
+      proxy.web(req, res, { target })
+    } catch (err) {
+      send500(res, err)
+    }
+  })
+
+  server.on('upgrade', (req, socket, head) => {
+    if (req.url?.startsWith('/__coco/')) {
+      socket.destroy()
+      return
+    }
+    proxy.ws(req, socket, head, { target })
+  })
+
+  await new Promise<void>((resolve, reject) => {
+    server.once('error', reject)
+    server.listen(port, () => {
+      server.off('error', reject)
+      resolve()
+    })
+  })
+
+  const url = `http://localhost:${port}`
+
+  const stop = () =>
+    new Promise<void>((resolve) => {
+      server.close(() => resolve())
+      proxy.close()
+    })
+
+  // touch the path so a bare `--target` ENOENT bundle path produces a
+  // friendlier error at request time rather than at startup.
+  void path.basename(clientBundlePath)
+
+  return { url, stop }
+}
diff --git a/examples/coco/src/vite/plugin.ts b/examples/coco/src/vite/plugin.ts
new file mode 100644
index 000000000..478042294
--- /dev/null
+++ b/examples/coco/src/vite/plugin.ts
@@ -0,0 +1,212 @@
+/**
+ * Coco — dev-only Vite plugin.
+ *
+ * Wires the Coco panel directly into a TanStack Start (or plain Vite) app
+ * without the reverse-proxy CLI:
+ *
+ * - Mounts `__coco/client.js` and `__coco/api/{agents,chat}` as Vite
+ *   middleware.
+ * - Injects the panel `<script>` tag into every HTML response — both
+ *   `transformIndexHtml` (static index.html / pre-render) and a streaming
+ *   response wrapper for SSR-rendered HTML.
+ * - Activates only in `serve` (dev) mode.
+ *
+ * Usage in a project's `vite.config.ts`:
+ *
+ *   import { defineConfig } from 'vite'
+ *   import { coco } from 'coco/vite'
+ *   export default defineConfig({ plugins: [coco()] })
+ */
+import { fileURLToPath } from 'node:url'
+import path from 'node:path'
+import { detectAgentConfig } from '../agent-status.ts'
+import { handleChat } from '../chat-handler.ts'
+import {
+  injectIntoHtml,
+  pipeFetchResponse,
+  send404,
+  send500,
+  sendJson,
+  serveClientBundle,
+  toFetchRequest,
+} from '../http-bridge.ts'
+import type { IndexHtmlTransformResult, Plugin, ViteDevServer } from 'vite'
+import type { IncomingMessage, ServerResponse } from 'node:http'
+
+export interface CocoPluginOptions {
+  /**
+   * Override the path used as the agent's `cwd`. Defaults to the Vite
+   * server's `config.root` (the project containing `vite.config.ts`).
+   */
+  projectCwd?: string
+  /**
+   * Override the path Coco reads the prebuilt panel bundle from. Defaults
+   * to `<this package>/dist/client/client.js`, which is what
+   * `pnpm --filter coco build` produces.
+   */
+  clientBundlePath?: string
+}
+
+/** Default bundle location: two levels up from `src/vite/plugin.ts`. */
+const defaultBundlePath = (): string => {
+  const here = path.dirname(fileURLToPath(import.meta.url))
+  return path.resolve(here, '..', '..', 'dist', 'client', 'client.js')
+}
+
+/**
+ * Wrap an outgoing response so the final HTML body has the panel script
+ * injected. We only touch responses whose `content-type` includes
+ * `text/html`; everything else is passed through.
+ */
+const wrapHtmlResponse = (res: ServerResponse): void => {
+  const sym = Symbol.for('coco.wrapped')
+  const tagged = res as ServerResponse & { [k: symbol]: boolean }
+  if (tagged[sym]) return
+  tagged[sym] = true
+
+  const chunks: Array<Buffer> = []
+  let intercepting = true
+
+  const isHtml = (): boolean => {
+    const ct = res.getHeader('content-type')
+    const str = Array.isArray(ct) ? ct.join(',') : String(ct ?? '')
+    return str.toLowerCase().includes('text/html')
+  }
+
+  const origWrite = res.write.bind(res)
+  const origEnd = res.end.bind(res)
+
+  res.write = function patchedWrite(
+    chunk: unknown,
+    ...rest: Array<unknown>
+  ): boolean {
+    if (intercepting && isHtml() && chunk != null) {
+      chunks.push(
+        Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk as string, 'utf8'),
+      )
+      return true
+    }
+    if (intercepting && !isHtml()) {
+      intercepting = false
+      // Replay any buffered chunks before the runtime told us this isn't
+      // HTML. In practice content-type is set before the first write so
+      // this branch is rare.
+      for (const c of chunks) origWrite(c)
+      chunks.length = 0
+    }
+
+    return (origWrite as any)(chunk, ...rest)
+  } as typeof res.write
+
+  res.end = function patchedEnd(
+    chunk?: unknown,
+    ...rest: Array<unknown>
+  ): ServerResponse {
+    if (intercepting && isHtml()) {
+      if (chunk != null) {
+        chunks.push(
+          Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk as string, 'utf8'),
+        )
+      }
+      const original = Buffer.concat(chunks).toString('utf8')
+      const injected = injectIntoHtml(original)
+      const body = Buffer.from(injected, 'utf8')
+      // Vite/Nitro tend to set content-length before end(); fix it up so the
+      // client doesn't truncate.
+      res.setHeader('content-length', body.length)
+      res.removeHeader('content-encoding')
+      return origEnd(body)
+    }
+    intercepting = false
+    if (chunks.length > 0) {
+      for (const c of chunks) origWrite(c)
+      chunks.length = 0
+    }
+
+    return (origEnd as any)(chunk, ...rest)
+  } as typeof res.end
+}
+
+const handleCocoRequest = async (
+  req: IncomingMessage,
+  res: ServerResponse,
+  opts: { bundlePath: string; projectCwd: string },
+): Promise<boolean> => {
+  const rawUrl = req.url ?? '/'
+  const pathname = rawUrl.split('?')[0]
+
+  if (pathname === '/__coco/client.js' && req.method === 'GET') {
+    await serveClientBundle(res, opts.bundlePath)
+    return true
+  }
+
+  if (pathname === '/__coco/api/agents' && req.method === 'GET') {
+    sendJson(res, 200, await detectAgentConfig())
+    return true
+  }
+
+  if (pathname === '/__coco/api/chat' && req.method === 'POST') {
+    const fetchReq = toFetchRequest(req)
+    const fetchRes = await handleChat(fetchReq, opts.projectCwd)
+    await pipeFetchResponse(fetchRes, res)
+    return true
+  }
+
+  if (pathname.startsWith('/__coco/')) {
+    send404(res, 'Unknown __coco endpoint')
+    return true
+  }
+
+  return false
+}
+
+/**
+ * Coco Vite plugin.
+ *
+ *   import { coco } from 'coco/vite'
+ *   plugins: [coco()]
+ */
+export function coco(options: CocoPluginOptions = {}): Plugin {
+  const explicitBundle = options.clientBundlePath
+  const explicitCwd = options.projectCwd
+
+  let projectCwd: string = explicitCwd ?? process.cwd()
+  const bundlePath: string = explicitBundle ?? defaultBundlePath()
+
+  return {
+    name: 'coco',
+    apply: 'serve',
+
+    configureServer(server: ViteDevServer) {
+      projectCwd = explicitCwd ?? server.config.root
+
+      // Install BEFORE Vite's internal middlewares so we own the `__coco/*`
+      // namespace and can wrap responses for HTML routes.
+      server.middlewares.use(async (req, res, next) => {
+        try {
+          const handled = await handleCocoRequest(req, res, {
+            bundlePath,
+            projectCwd,
+          })
+          if (handled) return
+          wrapHtmlResponse(res)
+          next()
+        } catch (err) {
+          send500(res, err)
+        }
+      })
+
+      server.config.logger.info(
+        `  \u001b[36m\u279c\u001b[0m  \u001b[1mCoco\u001b[0m: panel ready at \u001b[36m/__coco/client.js\u001b[0m (cwd: ${projectCwd})`,
+      )
+    },
+
+    // Cover the traditional Vite static-index.html path as well so plain
+    // SPAs work without relying on the response wrapper at all.
+    transformIndexHtml(html: string): IndexHtmlTransformResult {
+      return injectIntoHtml(html)
+    },
+  }
+}
+
+export default coco
diff --git a/examples/coco/tsconfig.json b/examples/coco/tsconfig.json
new file mode 100644
index 000000000..37659fa43
--- /dev/null
+++ b/examples/coco/tsconfig.json
@@ -0,0 +1,21 @@
+{
+  "include": ["src/**/*.ts", "vite.config.ts"],
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "ESNext",
+    "lib": ["ES2022", "DOM", "DOM.Iterable"],
+    "types": ["node", "vite/client"],
+
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": false,
+    "noEmit": true,
+
+    "skipLibCheck": true,
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedSideEffectImports": true
+  }
+}
diff --git a/examples/coco/vite.config.ts b/examples/coco/vite.config.ts
new file mode 100644
index 000000000..cf60d642c
--- /dev/null
+++ b/examples/coco/vite.config.ts
@@ -0,0 +1,29 @@
+import { defineConfig } from 'vite'
+import { fileURLToPath } from 'node:url'
+
+/**
+ * Builds the in-page panel as a single IIFE bundle. The proxy serves it at
+ * `/__coco/client.js`; the panel runs inside the host page's window but inside
+ * a Shadow DOM root to keep CSS/DOM isolated from the host app.
+ */
+export default defineConfig({
+  build: {
+    target: 'es2022',
+    outDir: 'dist/client',
+    emptyOutDir: true,
+    sourcemap: true,
+    lib: {
+      entry: fileURLToPath(new URL('./src/client/index.ts', import.meta.url)),
+      formats: ['iife'],
+      name: 'CocoPanel',
+      fileName: () => 'client.js',
+    },
+    rollupOptions: {
+      output: {
+        // Avoid creating a separate CSS file — we inline styles into the
+        // Shadow DOM via a string constant.
+        assetFileNames: 'client.[ext]',
+      },
+    },
+  },
+})
diff --git a/examples/ts-react-coding-agent/README.md b/examples/ts-react-coding-agent/README.md
new file mode 100644
index 000000000..b40587d90
--- /dev/null
+++ b/examples/ts-react-coding-agent/README.md
@@ -0,0 +1,148 @@
+# TanStack AI — Coding Agent Example
+
+A React (TanStack Start) app that drives **coding-agent harnesses** through
+TanStack AI — [Claude Code](https://docs.anthropic.com/en/docs/claude-code)
+via `@tanstack/ai-claude-code`, [Codex](https://developers.openai.com/codex)
+via `@tanstack/ai-codex`,
+[Gemini CLI](https://github.com/google-gemini/gemini-cli) via
+`@tanstack/ai-gemini-cli`, and [OpenCode](https://opencode.ai) via
+`@tanstack/ai-opencode`, switchable from a dropdown.
+
+Unlike a normal chat example, the agent here runs its own loop server-side
+and executes its own tools — reading, searching, and (in Edit mode) editing
+the files in `workspace/`. Its tool activity streams into the UI as a
+timeline of resolved tool calls.
+
+## What it demonstrates
+
+- **Session resume** — the server emits the harness session id via a
+  `<agent>.session-id` custom event (`claude-code.session-id`,
+  `codex.session-id`, `gemini-cli.session-id`, `opencode.session-id`); the
+  client pins it and sends
+  it back through `forwardedProps` → `modelOptions.sessionId`, so follow-ups
+  continue the same stateful session. Switching agents resets the session.
+- **Harness tool timeline** — built-in tools (Read, Grep, Edit,
+  command_execution, ...) arrive as already-resolved tool-call parts and
+  render with their inputs/outputs. Note that Codex streams text
+  message-at-a-time (its SDK has no token deltas), while Claude Code,
+  Gemini CLI, and OpenCode stream token-by-token.
+- **Permission modes** — a Read-only/Edit toggle maps to each harness's
+  knobs: `disallowedTools` vs `permissionMode: 'acceptEdits'` for Claude
+  Code, `sandboxMode: 'read-only'` vs `'workspace-write'` for Codex, and
+  the default-deny vs `acceptEdits` permission policy for Gemini CLI and
+  OpenCode. With Claude Code, Gemini CLI, and OpenCode, ask it to run a
+  shell command and watch the denial show up in the timeline.
+- **Tool bridging** — `lookup_style_guide` is an ordinary TanStack server
+  tool the harness calls from inside its own loop (in-process MCP for
+  Claude Code; a localhost Streamable-HTTP MCP bridge for Codex,
+  Gemini CLI, and OpenCode).
+- **Sandboxed cwd** — the agent only works inside `workspace/`.
+
+## Running
+
+This is a server-spawning example: each chat turn launches the selected
+harness as a subprocess on your machine. You only need to set up the agent(s)
+you actually want to try — the others stay selectable in the UI and pop a
+setup dialog explaining what's missing (see [Runtime config detection](#runtime-config-detection)).
+
+### 1. Set up the agent(s) you want
+
+**Claude Code** ([docs](https://docs.anthropic.com/en/docs/claude-code))
+
+```bash
+npm i -g @anthropic-ai/claude-code   # install the CLI
+claude login                         # log in with your Claude subscription
+# …or, instead of `claude login`, set an API key in the server env:
+export ANTHROPIC_API_KEY=sk-ant-…
+```
+
+The codex/gemini binaries are spawned per turn, so the CLI must be on `PATH`.
+
+**Codex** ([docs](https://developers.openai.com/codex))
+
+```bash
+codex login                          # log in interactively
+# …or set an API key in the server env (forwarded as CODEX_API_KEY):
+export OPENAI_API_KEY=sk-…
+```
+
+The `codex` binary ships with `@openai/codex-sdk`, so there's nothing extra to
+install. Note: a **ChatGPT-account** login can't run codex models in headless
+mode — use an API key or an entitled account, otherwise the run fails with an
+entitlement error from OpenAI.
+
+**Gemini CLI** ([docs](https://github.com/google-gemini/gemini-cli))
+
+```bash
+npm i -g @google/gemini-cli          # ACP mode needs a current build
+gemini                               # log in with Google once (interactive)
+```
+
+Headless ACP runs can't show an interactive auth picker, so you must tell the
+adapter which method to use via `GEMINI_ACP_AUTH_METHOD` (e.g. `oauth-personal`
+for a Google login, or `gemini-api-key`). If the CLI refuses the scratch
+workspace as untrusted, also export `GEMINI_CLI_TRUST_WORKSPACE=true`. So, for
+a Google-login setup, start the dev server like this:
+
+```bash
+GEMINI_ACP_AUTH_METHOD=oauth-personal GEMINI_CLI_TRUST_WORKSPACE=true pnpm dev
+```
+
+To use an API key instead, set `GEMINI_API_KEY` and
+`GEMINI_ACP_AUTH_METHOD=gemini-api-key`.
+
+**OpenCode** ([docs](https://opencode.ai/docs))
+
+```bash
+npm i -g opencode-ai                  # install the CLI
+opencode auth login                   # authenticate a provider (interactive)
+# …or set the provider API key in the server env (this example uses Anthropic):
+export ANTHROPIC_API_KEY=sk-ant-…
+```
+
+The adapter spawns `opencode serve` per turn, so the CLI must be on `PATH`. The
+example drives the `anthropic/claude-sonnet-4-5` model; point it at a different
+`provider/model` in `src/routes/api.chat.ts` to use another provider.
+
+### 2. Install and run
+
+```bash
+pnpm install
+pnpm dev
+```
+
+### 3. Try it out
+
+Open http://localhost:3000 and try:
+
+- "What files are in this project, and what do they do?" (Read-only)
+- Switch to **Edit mode**: "Fix the bug in temperature.js" — note it
+  calls `lookup_style_guide` first.
+- "Now update todo.md to check off what you did" — same session, no
+  re-explaining.
+
+Reset the demo workspace afterwards with `git checkout -- workspace/`.
+
+## Runtime config detection
+
+Environment variables and CLI logins live on the server, not in the browser, so
+the route loader calls a `createServerFn` (`src/lib/agent-status.ts`) that
+reports which agents are actually runnable. Every agent stays selectable in the
+dropdown; picking one that isn't configured — or trying to send to it — opens a
+dialog with the exact setup steps (sourced from `AGENT_SETUP` in
+`src/lib/agents.ts`, which mirrors the instructions above). An agent counts as
+configured when:
+
+- **Claude Code** — `ANTHROPIC_API_KEY` / `CLAUDE_CODE_OAUTH_TOKEN` is set, or
+  a `~/.claude.json` login exists.
+- **Codex** — `OPENAI_API_KEY` / `CODEX_API_KEY` is set, or a
+  `~/.codex/auth.json` login exists.
+- **Gemini CLI** — `GEMINI_API_KEY` or `GEMINI_ACP_AUTH_METHOD` is set (a
+  cached Google login alone isn't enough for headless ACP, so it isn't
+  counted).
+- **OpenCode** — a provider key (`ANTHROPIC_API_KEY` / `OPENAI_API_KEY` /
+  `GEMINI_API_KEY`) is set, or an `opencode auth login` credential file
+  (`~/.local/share/opencode/auth.json`) exists.
+
+Detection runs at server startup time per request to the loader, so set your
+env vars / log in **before** `pnpm dev` (or restart it after).
diff --git a/examples/ts-react-coding-agent/package.json b/examples/ts-react-coding-agent/package.json
new file mode 100644
index 000000000..2d8e74c09
--- /dev/null
+++ b/examples/ts-react-coding-agent/package.json
@@ -0,0 +1,39 @@
+{
+  "name": "ts-react-coding-agent",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "dev": "vite dev --port 3000",
+    "build": "vite build",
+    "serve": "vite preview",
+    "test": "exit 0",
+    "test:types": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@tailwindcss/vite": "^4.1.18",
+    "@tanstack/ai": "workspace:*",
+    "@tanstack/ai-claude-code": "workspace:*",
+    "@tanstack/ai-client": "workspace:*",
+    "@tanstack/ai-codex": "workspace:*",
+    "@tanstack/ai-gemini-cli": "workspace:*",
+    "@tanstack/ai-opencode": "workspace:*",
+    "@tanstack/ai-react": "workspace:*",
+    "@tanstack/nitro-v2-vite-plugin": "^1.154.7",
+    "@tanstack/react-router": "^1.158.4",
+    "@tanstack/react-start": "^1.159.0",
+    "@tanstack/router-plugin": "^1.158.4",
+    "react": "^19.2.3",
+    "react-dom": "^19.2.3",
+    "tailwindcss": "^4.1.18",
+    "vite-tsconfig-paths": "^5.1.4",
+    "zod": "^4.2.0"
+  },
+  "devDependencies": {
+    "@types/node": "^24.10.1",
+    "@types/react": "^19.2.7",
+    "@types/react-dom": "^19.2.3",
+    "@vitejs/plugin-react": "^5.1.2",
+    "typescript": "5.9.3",
+    "vite": "^7.3.3"
+  }
+}
diff --git a/examples/ts-react-coding-agent/src/lib/agent-status.ts b/examples/ts-react-coding-agent/src/lib/agent-status.ts
new file mode 100644
index 000000000..d2db68e9c
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/lib/agent-status.ts
@@ -0,0 +1,63 @@
+import { createServerFn } from '@tanstack/react-start'
+import type { AgentId } from './agents'
+
+/** Whether a path exists, swallowing any access error. */
+async function fileExists(filePath: string): Promise<boolean> {
+  try {
+    const { access } = await import('node:fs/promises')
+    await access(filePath)
+    return true
+  } catch {
+    return false
+  }
+}
+
+/**
+ * Reports, per agent, whether the server has credentials/config to actually
+ * run it. Environment variables aren't visible to the browser, so the client
+ * gets this through a server function (called from the route loader). Each
+ * agent counts as configured when an API key is present in the environment, or
+ * when a local CLI login exists — except Gemini CLI, whose headless ACP mode
+ * additionally needs an auth method selected up front (so we gate on the env
+ * vars the example's adapter actually reads).
+ */
+export const getAgentConfigFn = createServerFn({ method: 'GET' }).handler(
+  async (): Promise<Record<AgentId, boolean>> => {
+    const os = await import('node:os')
+    const path = await import('node:path')
+    const home = os.homedir()
+    const env = process.env
+
+    const claudeCode =
+      Boolean(env.ANTHROPIC_API_KEY) ||
+      Boolean(env.CLAUDE_CODE_OAUTH_TOKEN) ||
+      (await fileExists(path.join(home, '.claude.json')))
+
+    const codex =
+      Boolean(env.OPENAI_API_KEY) ||
+      Boolean(env.CODEX_API_KEY) ||
+      (await fileExists(path.join(home, '.codex', 'auth.json')))
+
+    // Gemini's headless ACP path needs an auth method (or an API key) chosen
+    // explicitly — a cached Google login alone isn't enough, so don't count it.
+    const geminiCli =
+      Boolean(env.GEMINI_API_KEY) || Boolean(env.GEMINI_ACP_AUTH_METHOD)
+
+    // OpenCode resolves any configured provider — count a provider API key in
+    // the environment or an `opencode auth login` credential file.
+    const opencode =
+      Boolean(env.ANTHROPIC_API_KEY) ||
+      Boolean(env.OPENAI_API_KEY) ||
+      Boolean(env.GEMINI_API_KEY) ||
+      (await fileExists(
+        path.join(home, '.local', 'share', 'opencode', 'auth.json'),
+      ))
+
+    return {
+      'claude-code': claudeCode,
+      codex,
+      'gemini-cli': geminiCli,
+      opencode,
+    }
+  },
+)
diff --git a/examples/ts-react-coding-agent/src/lib/agents.ts b/examples/ts-react-coding-agent/src/lib/agents.ts
new file mode 100644
index 000000000..00aaf9bad
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/lib/agents.ts
@@ -0,0 +1,148 @@
+/**
+ * Registry of coding-agent harnesses this example can drive.
+ *
+ * Each entry maps to a harness adapter on the server (see
+ * `src/routes/api.chat.ts`): Claude Code (`@tanstack/ai-claude-code`),
+ * Codex (`@tanstack/ai-codex`), Gemini CLI (`@tanstack/ai-gemini-cli`), and
+ * OpenCode (`@tanstack/ai-opencode`).
+ */
+export const AGENTS = [
+  { id: 'claude-code', label: 'Claude Code' },
+  { id: 'codex', label: 'Codex' },
+  { id: 'gemini-cli', label: 'Gemini CLI' },
+  { id: 'opencode', label: 'OpenCode' },
+] as const
+
+/** Agent ids with a working adapter behind them. */
+export type AgentId = 'claude-code' | 'codex' | 'gemini-cli' | 'opencode'
+
+export const DEFAULT_AGENT: AgentId = 'claude-code'
+
+export function isAgentId(value: unknown): value is AgentId {
+  return (
+    value === 'claude-code' ||
+    value === 'codex' ||
+    value === 'gemini-cli' ||
+    value === 'opencode'
+  )
+}
+
+/** A single, optionally command-bearing step in an agent's setup guide. */
+export interface SetupStep {
+  text: string
+  /** A shell command to show in a copyable code block. */
+  code?: string
+}
+
+export interface AgentSetup {
+  /** Human label (mirrors the AGENTS entry). */
+  label: string
+  /** One-line description of what drives this agent. */
+  summary: string
+  /** Ordered setup steps shown in the "not configured" dialog. */
+  steps: Array<SetupStep>
+  /** Docs link for the underlying CLI/tool. */
+  docsUrl: string
+}
+
+/**
+ * Setup instructions surfaced in the UI when an agent isn't configured on the
+ * server at runtime. Mirrors the README "Running" section — keep them in sync.
+ */
+export const AGENT_SETUP: Record<AgentId, AgentSetup> = {
+  'claude-code': {
+    label: 'Claude Code',
+    summary:
+      'Drives the Claude Code CLI through @tanstack/ai-claude-code. Needs the CLI installed and authenticated on the server.',
+    steps: [
+      {
+        text: 'Install the Claude Code CLI:',
+        code: 'npm i -g @anthropic-ai/claude-code',
+      },
+      {
+        text: 'Log in interactively (uses your Claude subscription):',
+        code: 'claude login',
+      },
+      {
+        text: '…or set an API key in the server environment instead:',
+        code: 'export ANTHROPIC_API_KEY=sk-ant-…',
+      },
+      { text: 'Restart the dev server so it picks up new credentials.' },
+    ],
+    docsUrl: 'https://docs.anthropic.com/en/docs/claude-code',
+  },
+  codex: {
+    label: 'Codex',
+    summary:
+      'Drives OpenAI Codex through @tanstack/ai-codex. The codex binary ships with the SDK; you only need credentials.',
+    steps: [
+      { text: 'Log in interactively:', code: 'codex login' },
+      {
+        text: '…or set an API key in the server environment instead:',
+        code: 'export OPENAI_API_KEY=sk-…',
+      },
+      {
+        text: 'Heads up: ChatGPT-account logins cannot run codex models in headless mode — an API key or an entitled account is required.',
+      },
+      { text: 'Restart the dev server so it picks up new credentials.' },
+    ],
+    docsUrl: 'https://developers.openai.com/codex',
+  },
+  'gemini-cli': {
+    label: 'Gemini CLI',
+    summary:
+      'Drives the Gemini CLI over ACP through @tanstack/ai-gemini-cli. Needs a recent CLI and an ACP auth method chosen up front.',
+    steps: [
+      {
+        text: 'Install a current Gemini CLI (ACP mode needs a recent build):',
+        code: 'npm i -g @google/gemini-cli',
+      },
+      { text: 'Log in with Google once (interactive):', code: 'gemini' },
+      {
+        text: 'Headless ACP runs can’t show an auth picker, so tell the adapter which method to use and start the server:',
+        code: 'GEMINI_ACP_AUTH_METHOD=oauth-personal GEMINI_CLI_TRUST_WORKSPACE=true pnpm dev',
+      },
+      {
+        text: '…or use an API key instead (set GEMINI_ACP_AUTH_METHOD=gemini-api-key):',
+        code: 'export GEMINI_API_KEY=…',
+      },
+    ],
+    docsUrl: 'https://github.com/google-gemini/gemini-cli',
+  },
+  opencode: {
+    label: 'OpenCode',
+    summary:
+      'Drives OpenCode through @tanstack/ai-opencode. Needs the opencode CLI installed and a provider authenticated on the server.',
+    steps: [
+      {
+        text: 'Install the OpenCode CLI:',
+        code: 'npm i -g opencode-ai',
+      },
+      {
+        text: 'Authenticate a provider once (interactive):',
+        code: 'opencode auth login',
+      },
+      {
+        text: '…or set the provider API key in the server environment instead:',
+        code: 'export ANTHROPIC_API_KEY=sk-ant-…',
+      },
+      { text: 'Restart the dev server so it picks up new credentials.' },
+    ],
+    docsUrl: 'https://opencode.ai/docs',
+  },
+}
+
+/**
+ * What the agent is allowed to do in the workspace:
+ * - `read-only`: it can read and search, but file edits and shell commands
+ *   are blocked.
+ * - `edit`: file edits are auto-approved; with Claude Code, Gemini CLI, and
+ *   OpenCode, shell commands still get denied by each adapter's default
+ *   permission policy (a deliberate demo of the permission system), while
+ *   Codex sandboxes them inside the workspace instead.
+ */
+export type AgentMode = 'read-only' | 'edit'
+
+export function isAgentMode(value: unknown): value is AgentMode {
+  return value === 'read-only' || value === 'edit'
+}
diff --git a/examples/ts-react-coding-agent/src/lib/style-guide-tool.ts b/examples/ts-react-coding-agent/src/lib/style-guide-tool.ts
new file mode 100644
index 000000000..679356a48
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/lib/style-guide-tool.ts
@@ -0,0 +1,26 @@
+import { z } from 'zod'
+import { toolDefinition } from '@tanstack/ai'
+
+/**
+ * A TanStack server tool bridged *into* the harness. The agent sees it as
+ * `mcp__tanstack__lookup_style_guide`, calls it like any built-in tool, and
+ * the adapter strips the prefix so the UI shows `lookup_style_guide`.
+ */
+export const lookupStyleGuide = toolDefinition({
+  name: 'lookup_style_guide',
+  description:
+    "Look up this project's coding style guide. Call this before writing or editing any code so your changes match the house style.",
+  inputSchema: z.object({
+    topic: z
+      .string()
+      .describe('What you are about to write, e.g. "functions", "naming"'),
+  }),
+}).server(({ topic }) => ({
+  topic,
+  rules: [
+    'Use arrow functions assigned to const, never function declarations.',
+    'Prefer single quotes and no semicolons.',
+    'Every exported function gets a one-line JSDoc comment.',
+    'Keep files under 100 lines; split modules instead of growing them.',
+  ],
+}))
diff --git a/examples/ts-react-coding-agent/src/routeTree.gen.ts b/examples/ts-react-coding-agent/src/routeTree.gen.ts
new file mode 100644
index 000000000..861dc17e2
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/routeTree.gen.ts
@@ -0,0 +1,86 @@
+/* eslint-disable */
+
+// @ts-nocheck
+
+// noinspection JSUnusedGlobalSymbols
+
+// This file was automatically generated by TanStack Router.
+// You should NOT make any changes in this file as it will be overwritten.
+// Additionally, you should also exclude this file from your linter and/or formatter to prevent it from being checked or modified.
+
+import { Route as rootRouteImport } from './routes/__root'
+import { Route as IndexRouteImport } from './routes/index'
+import { Route as ApiChatRouteImport } from './routes/api.chat'
+
+const IndexRoute = IndexRouteImport.update({
+  id: '/',
+  path: '/',
+  getParentRoute: () => rootRouteImport,
+} as any)
+const ApiChatRoute = ApiChatRouteImport.update({
+  id: '/api/chat',
+  path: '/api/chat',
+  getParentRoute: () => rootRouteImport,
+} as any)
+
+export interface FileRoutesByFullPath {
+  '/': typeof IndexRoute
+  '/api/chat': typeof ApiChatRoute
+}
+export interface FileRoutesByTo {
+  '/': typeof IndexRoute
+  '/api/chat': typeof ApiChatRoute
+}
+export interface FileRoutesById {
+  __root__: typeof rootRouteImport
+  '/': typeof IndexRoute
+  '/api/chat': typeof ApiChatRoute
+}
+export interface FileRouteTypes {
+  fileRoutesByFullPath: FileRoutesByFullPath
+  fullPaths: '/' | '/api/chat'
+  fileRoutesByTo: FileRoutesByTo
+  to: '/' | '/api/chat'
+  id: '__root__' | '/' | '/api/chat'
+  fileRoutesById: FileRoutesById
+}
+export interface RootRouteChildren {
+  IndexRoute: typeof IndexRoute
+  ApiChatRoute: typeof ApiChatRoute
+}
+
+declare module '@tanstack/react-router' {
+  interface FileRoutesByPath {
+    '/': {
+      id: '/'
+      path: '/'
+      fullPath: '/'
+      preLoaderRoute: typeof IndexRouteImport
+      parentRoute: typeof rootRouteImport
+    }
+    '/api/chat': {
+      id: '/api/chat'
+      path: '/api/chat'
+      fullPath: '/api/chat'
+      preLoaderRoute: typeof ApiChatRouteImport
+      parentRoute: typeof rootRouteImport
+    }
+  }
+}
+
+const rootRouteChildren: RootRouteChildren = {
+  IndexRoute: IndexRoute,
+  ApiChatRoute: ApiChatRoute,
+}
+export const routeTree = rootRouteImport
+  ._addFileChildren(rootRouteChildren)
+  ._addFileTypes<FileRouteTypes>()
+
+import type { getRouter } from './router.tsx'
+import type { createStart } from '@tanstack/react-start'
+declare module '@tanstack/react-start' {
+  interface Register {
+    ssr: true
+    router: Awaited<ReturnType<typeof getRouter>>
+  }
+}
diff --git a/examples/ts-react-coding-agent/src/router.tsx b/examples/ts-react-coding-agent/src/router.tsx
new file mode 100644
index 000000000..ee1edab88
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/router.tsx
@@ -0,0 +1,13 @@
+import { createRouter } from '@tanstack/react-router'
+
+// Import the generated route tree
+import { routeTree } from './routeTree.gen'
+
+// Create a new router instance
+export const getRouter = () => {
+  return createRouter({
+    routeTree,
+    scrollRestoration: true,
+    defaultPreloadStaleTime: 0,
+  })
+}
diff --git a/examples/ts-react-coding-agent/src/routes/__root.tsx b/examples/ts-react-coding-agent/src/routes/__root.tsx
new file mode 100644
index 000000000..950ce1bcc
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/routes/__root.tsx
@@ -0,0 +1,41 @@
+import { HeadContent, Scripts, createRootRoute } from '@tanstack/react-router'
+import appCss from '../styles.css?url'
+
+export const Route = createRootRoute({
+  head: () => ({
+    meta: [
+      {
+        charSet: 'utf-8',
+      },
+      {
+        name: 'viewport',
+        content: 'width=device-width, initial-scale=1',
+      },
+      {
+        title: 'TanStack AI — Coding Agent',
+      },
+    ],
+    links: [
+      {
+        rel: 'stylesheet',
+        href: appCss,
+      },
+    ],
+  }),
+
+  shellComponent: RootDocument,
+})
+
+function RootDocument({ children }: { children: React.ReactNode }) {
+  return (
+    <html lang="en">
+      <head>
+        <HeadContent />
+      </head>
+      <body className="bg-gray-950 text-gray-100">
+        {children}
+        <Scripts />
+      </body>
+    </html>
+  )
+}
diff --git a/examples/ts-react-coding-agent/src/routes/api.chat.ts b/examples/ts-react-coding-agent/src/routes/api.chat.ts
new file mode 100644
index 000000000..6e4896936
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/routes/api.chat.ts
@@ -0,0 +1,127 @@
+import path from 'node:path'
+import { createFileRoute } from '@tanstack/react-router'
+import {
+  chat,
+  chatParamsFromRequestBody,
+  toServerSentEventsResponse,
+} from '@tanstack/ai'
+import { claudeCodeText } from '@tanstack/ai-claude-code'
+import { codexText } from '@tanstack/ai-codex'
+import { geminiCliText } from '@tanstack/ai-gemini-cli'
+import { opencodeText } from '@tanstack/ai-opencode'
+import { isAgentId, isAgentMode } from '@/lib/agents'
+import { lookupStyleGuide } from '@/lib/style-guide-tool'
+import type { AgentId, AgentMode } from '@/lib/agents'
+import type { AnyTextAdapter } from '@tanstack/ai'
+
+const SYSTEM_PROMPT = `You are a coding assistant working on the small demo
+project mounted in your working directory. Before writing or editing any
+code, call the lookup_style_guide tool and follow what it says. Keep your
+answers short — the user is watching your tool activity stream by.`
+
+/** One harness adapter per agent id. */
+function createAdapter(
+  agentId: AgentId,
+  mode: AgentMode,
+  cwd: string,
+): AnyTextAdapter {
+  switch (agentId) {
+    case 'claude-code':
+      return claudeCodeText('claude-opus-4-8', {
+        cwd,
+        maxTurns: 25,
+        ...(mode === 'edit'
+          ? // Auto-approve file edits. Shell commands still go through the
+            // adapter's default permission policy, which denies them with an
+            // explanatory message — watch for it in the tool timeline.
+            { permissionMode: 'acceptEdits' }
+          : // Read-only: searching and reading work, mutating tools are
+            // removed from the harness entirely.
+            { disallowedTools: ['Write', 'Edit', 'NotebookEdit', 'Bash'] }),
+      })
+    case 'codex':
+      // Codex has no per-tool permission prompts in headless mode; the
+      // sandbox is the safety boundary. Edit mode lets it write inside the
+      // workspace, read-only keeps every command non-mutating.
+      return codexText('gpt-5.1-codex', {
+        cwd,
+        sandboxMode: mode === 'edit' ? 'workspace-write' : 'read-only',
+      })
+    case 'gemini-cli':
+      return geminiCliText('gemini-3-pro-preview', {
+        cwd,
+        // Edit mode auto-approves file edits; shell commands still get
+        // rejected by the adapter's default permission policy, same demo
+        // as Claude Code above.
+        permissionMode: mode === 'edit' ? 'acceptEdits' : 'default',
+        // Headless ACP runs must select an auth method up front (the CLI
+        // can't pop an interactive picker). Set GEMINI_ACP_AUTH_METHOD to
+        // the method your CLI is set up for, e.g. `oauth-personal` (Log in
+        // with Google) or `gemini-api-key`. See this example's README.
+        ...(process.env.GEMINI_ACP_AUTH_METHOD && {
+          authMethodId: process.env.GEMINI_ACP_AUTH_METHOD,
+        }),
+      })
+    case 'opencode':
+      return opencodeText('anthropic/claude-sonnet-4-5', {
+        directory: cwd,
+        // Edit mode auto-approves file edits; shell commands still get
+        // rejected by the adapter's default permission policy, same demo
+        // as Claude Code and Gemini CLI above.
+        permissionMode: mode === 'edit' ? 'acceptEdits' : 'default',
+      })
+  }
+}
+
+export const Route = createFileRoute('/api/chat')({
+  server: {
+    handlers: {
+      POST: async ({ request }) => {
+        if (request.signal.aborted) {
+          return new Response(null, { status: 499 })
+        }
+        const abortController = new AbortController()
+
+        let params
+        try {
+          params = await chatParamsFromRequestBody(await request.json())
+        } catch (error) {
+          return new Response(
+            error instanceof Error ? error.message : 'Bad request',
+            { status: 400 },
+          )
+        }
+
+        // Client-sent settings arrive via forwardedProps. Validate against
+        // the allowlist — never feed client strings straight into config.
+        const agentId = isAgentId(params.forwardedProps.agentId)
+          ? params.forwardedProps.agentId
+          : 'claude-code'
+        const mode = isAgentMode(params.forwardedProps.mode)
+          ? params.forwardedProps.mode
+          : 'read-only'
+        const sessionId =
+          typeof params.forwardedProps.sessionId === 'string' &&
+          params.forwardedProps.sessionId !== ''
+            ? params.forwardedProps.sessionId
+            : undefined
+
+        // The agent only ever works inside the example's scratch workspace.
+        const cwd = path.join(process.cwd(), 'workspace')
+
+        const stream = chat({
+          adapter: createAdapter(agentId, mode, cwd),
+          messages: params.messages,
+          systemPrompts: [SYSTEM_PROMPT],
+          tools: [lookupStyleGuide],
+          modelOptions: { sessionId },
+          threadId: params.threadId,
+          runId: params.runId,
+          abortController,
+        })
+
+        return toServerSentEventsResponse(stream, { abortController })
+      },
+    },
+  },
+})
diff --git a/examples/ts-react-coding-agent/src/routes/index.tsx b/examples/ts-react-coding-agent/src/routes/index.tsx
new file mode 100644
index 000000000..27c487849
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/routes/index.tsx
@@ -0,0 +1,324 @@
+import { useMemo, useState } from 'react'
+import { createFileRoute } from '@tanstack/react-router'
+import { fetchServerSentEvents, useChat } from '@tanstack/ai-react'
+import { AGENTS, AGENT_SETUP, DEFAULT_AGENT, isAgentId } from '@/lib/agents'
+import { getAgentConfigFn } from '@/lib/agent-status'
+import type { UIMessage } from '@tanstack/ai-react'
+import type { AgentId, AgentMode } from '@/lib/agents'
+
+export const Route = createFileRoute('/')({
+  component: CodingAgentPage,
+  // Env vars aren't available client-side, so the loader asks the server which
+  // agents are actually configured (see src/lib/agent-status.ts).
+  loader: () => getAgentConfigFn(),
+})
+
+function ToolCallCard({
+  part,
+}: {
+  part: Extract<UIMessage['parts'][number], { type: 'tool-call' }>
+}) {
+  const args = useMemo(() => {
+    try {
+      return JSON.stringify(JSON.parse(part.arguments), null, 2)
+    } catch {
+      return part.arguments
+    }
+  }, [part.arguments])
+
+  const output = useMemo(() => {
+    if (part.output === undefined) return undefined
+    return typeof part.output === 'string'
+      ? part.output
+      : JSON.stringify(part.output, null, 2)
+  }, [part.output])
+
+  return (
+    <details className="my-1 rounded border border-gray-800 bg-gray-900/60 text-sm">
+      <summary className="cursor-pointer select-none px-3 py-1.5 font-mono text-amber-300">
+        🔧 {part.name}
+        <span className="ml-2 text-xs text-gray-500">
+          {output !== undefined ? 'done' : part.state}
+        </span>
+      </summary>
+      <div className="space-y-2 border-t border-gray-800 px-3 py-2">
+        <pre className="overflow-x-auto rounded bg-gray-950 p-2 text-xs text-gray-300">
+          {args}
+        </pre>
+        {output !== undefined && (
+          <pre className="max-h-48 overflow-auto rounded bg-gray-950 p-2 text-xs text-emerald-200">
+            {output}
+          </pre>
+        )}
+      </div>
+    </details>
+  )
+}
+
+function Message({ message }: { message: UIMessage }) {
+  const isUser = message.role === 'user'
+  return (
+    <div className={isUser ? 'text-right' : 'text-left'}>
+      <div
+        className={
+          isUser
+            ? 'inline-block max-w-[80%] rounded-lg bg-blue-600 px-3 py-2 text-left'
+            : 'block'
+        }
+      >
+        {message.parts.map((part, index) => {
+          if (part.type === 'text' && part.content.trim()) {
+            return (
+              <p key={index} className="whitespace-pre-wrap py-1">
+                {part.content}
+              </p>
+            )
+          }
+          if (part.type === 'thinking' && part.content.trim()) {
+            return (
+              <details key={index} className="my-1 text-sm text-gray-400">
+                <summary className="cursor-pointer select-none">
+                  💭 thinking…
+                </summary>
+                <p className="whitespace-pre-wrap border-l-2 border-gray-700 pl-3">
+                  {part.content}
+                </p>
+              </details>
+            )
+          }
+          if (part.type === 'tool-call') {
+            return <ToolCallCard key={part.id} part={part} />
+          }
+          return null
+        })}
+      </div>
+    </div>
+  )
+}
+
+function SetupDialog({
+  agentId,
+  onClose,
+}: {
+  agentId: AgentId
+  onClose: () => void
+}) {
+  const setup = AGENT_SETUP[agentId]
+  return (
+    <div
+      className="fixed inset-0 z-50 flex items-center justify-center bg-black/60 p-4"
+      onClick={onClose}
+      role="presentation"
+    >
+      <div
+        className="max-h-[85vh] w-full max-w-lg overflow-y-auto rounded-lg border border-gray-700 bg-gray-900 p-5 shadow-xl"
+        onClick={(event) => event.stopPropagation()}
+        role="dialog"
+        aria-modal="true"
+        aria-label={`${setup.label} setup`}
+      >
+        <div className="mb-3 flex items-start justify-between gap-4">
+          <h2 className="text-base font-semibold">Set up {setup.label}</h2>
+          <button
+            onClick={onClose}
+            aria-label="Close"
+            className="rounded px-2 text-gray-400 hover:bg-gray-800 hover:text-gray-100"
+          >
+            ✕
+          </button>
+        </div>
+        <p className="mb-4 text-sm text-gray-400">{setup.summary}</p>
+        <ol className="space-y-3">
+          {setup.steps.map((step, index) => (
+            <li key={index} className="text-sm">
+              <div className="flex gap-2">
+                <span className="select-none font-mono text-gray-500">
+                  {index + 1}.
+                </span>
+                <div className="flex-1 space-y-1.5">
+                  <p className="text-gray-200">{step.text}</p>
+                  {step.code && (
+                    <pre className="overflow-x-auto rounded bg-gray-950 px-3 py-2 text-xs text-emerald-200">
+                      <code>{step.code}</code>
+                    </pre>
+                  )}
+                </div>
+              </div>
+            </li>
+          ))}
+        </ol>
+        <div className="mt-5 flex items-center justify-between">
+          <a
+            href={setup.docsUrl}
+            target="_blank"
+            rel="noreferrer"
+            className="text-sm text-blue-400 hover:underline"
+          >
+            Documentation ↗
+          </a>
+          <button
+            onClick={onClose}
+            className="rounded bg-blue-600 px-3 py-1.5 text-sm font-medium hover:bg-blue-500"
+          >
+            Got it
+          </button>
+        </div>
+      </div>
+    </div>
+  )
+}
+
+function CodingAgentPage() {
+  const configured = Route.useLoaderData()
+  const [agentId, setAgentId] = useState<AgentId>(DEFAULT_AGENT)
+  const [mode, setMode] = useState<AgentMode>('read-only')
+  const [sessionId, setSessionId] = useState<string | undefined>(undefined)
+  const [input, setInput] = useState('')
+  const [setupOpen, setSetupOpen] = useState(false)
+
+  const isConfigured = configured[agentId]
+
+  const body = useMemo(
+    () => ({ agentId, mode, sessionId }),
+    [agentId, mode, sessionId],
+  )
+
+  const { messages, sendMessage, isLoading, clear, error } = useChat({
+    connection: fetchServerSentEvents('/api/chat'),
+    body,
+    onCustomEvent: (eventType, data) => {
+      // Every harness adapter pins its session with a `<agent>.session-id`
+      // CUSTOM event (claude-code.session-id, codex.session-id, ...).
+      if (
+        eventType.endsWith('.session-id') &&
+        typeof data === 'object' &&
+        data !== null &&
+        'sessionId' in data &&
+        typeof data.sessionId === 'string'
+      ) {
+        setSessionId(data.sessionId)
+      }
+    },
+  })
+
+  const newSession = () => {
+    setSessionId(undefined)
+    clear()
+  }
+
+  const send = () => {
+    const text = input.trim()
+    if (!text || isLoading) return
+    // Don't fire a request the server can't fulfil — explain the setup instead.
+    if (!isConfigured) {
+      setSetupOpen(true)
+      return
+    }
+    setInput('')
+    void sendMessage(text)
+  }
+
+  const selectAgent = (value: string) => {
+    if (!isAgentId(value)) return
+    // Sessions aren't portable across harnesses — switching agents starts fresh.
+    setAgentId(value)
+    setSessionId(undefined)
+    // Selecting is always allowed; if it isn't set up, show how to fix it.
+    if (!configured[value]) setSetupOpen(true)
+  }
+
+  return (
+    <main className="mx-auto flex h-screen max-w-3xl flex-col px-4">
+      <header className="flex flex-wrap items-center gap-3 border-b border-gray-800 py-3">
+        <h1 className="mr-auto text-lg font-semibold">Coding Agent</h1>
+        <select
+          value={agentId}
+          onChange={(event) => selectAgent(event.target.value)}
+          className="rounded border border-gray-700 bg-gray-900 px-2 py-1 text-sm"
+        >
+          {AGENTS.map((agent) => (
+            <option key={agent.id} value={agent.id}>
+              {agent.label}
+              {configured[agent.id] ? '' : ' (not configured)'}
+            </option>
+          ))}
+        </select>
+        <select
+          value={mode}
+          onChange={(event) => setMode(event.target.value as AgentMode)}
+          className="rounded border border-gray-700 bg-gray-900 px-2 py-1 text-sm"
+        >
+          <option value="read-only">Read-only</option>
+          <option value="edit">Edit mode</option>
+        </select>
+        <button
+          onClick={newSession}
+          className="rounded border border-gray-700 px-2 py-1 text-sm hover:bg-gray-800"
+        >
+          New session
+        </button>
+      </header>
+
+      {!isConfigured && (
+        <div className="mt-2 flex items-center gap-3 rounded border border-amber-800 bg-amber-950/40 px-3 py-2 text-sm text-amber-200">
+          <span className="flex-1">
+            ⚠️ {AGENT_SETUP[agentId].label} isn’t configured on the server.
+          </span>
+          <button
+            onClick={() => setSetupOpen(true)}
+            className="rounded border border-amber-700 px-2 py-1 text-xs hover:bg-amber-900/50"
+          >
+            Setup instructions
+          </button>
+        </div>
+      )}
+
+      <div className="py-1 text-xs text-gray-500">
+        {sessionId
+          ? `Resuming session ${sessionId.slice(0, 8)}… — follow-ups send only your latest message.`
+          : `No session yet — the first reply starts one and pins it via the ${agentId}.session-id event.`}
+      </div>
+
+      <div className="flex-1 space-y-3 overflow-y-auto py-4">
+        {messages.length === 0 && (
+          <p className="text-gray-500">
+            Try: “What files are in this project, and what do they do?” — then
+            switch to Edit mode and ask it to fix the bug in{' '}
+            <code className="text-gray-400">workspace/temperature.js</code>.
+          </p>
+        )}
+        {messages.map((message) => (
+          <Message key={message.id} message={message} />
+        ))}
+        {error && (
+          <p className="rounded border border-red-800 bg-red-950/40 p-2 text-sm text-red-300">
+            {String(error)}
+          </p>
+        )}
+      </div>
+
+      <footer className="flex gap-2 border-t border-gray-800 py-3">
+        <input
+          value={input}
+          onChange={(event) => setInput(event.target.value)}
+          onKeyDown={(event) => {
+            if (event.key === 'Enter') send()
+          }}
+          placeholder="Ask the agent to explore or change the workspace…"
+          className="flex-1 rounded border border-gray-700 bg-gray-900 px-3 py-2 outline-none focus:border-gray-500"
+        />
+        <button
+          onClick={send}
+          disabled={isLoading || !input.trim()}
+          className="rounded bg-blue-600 px-4 py-2 font-medium disabled:opacity-40"
+        >
+          {isLoading ? 'Working…' : 'Send'}
+        </button>
+      </footer>
+
+      {setupOpen && (
+        <SetupDialog agentId={agentId} onClose={() => setSetupOpen(false)} />
+      )}
+    </main>
+  )
+}
diff --git a/examples/ts-react-coding-agent/src/styles.css b/examples/ts-react-coding-agent/src/styles.css
new file mode 100644
index 000000000..d4b507858
--- /dev/null
+++ b/examples/ts-react-coding-agent/src/styles.css
@@ -0,0 +1 @@
+@import 'tailwindcss';
diff --git a/examples/ts-react-coding-agent/tsconfig.json b/examples/ts-react-coding-agent/tsconfig.json
new file mode 100644
index 000000000..477479fb7
--- /dev/null
+++ b/examples/ts-react-coding-agent/tsconfig.json
@@ -0,0 +1,28 @@
+{
+  "include": ["**/*.ts", "**/*.tsx"],
+  "compilerOptions": {
+    "target": "ES2022",
+    "jsx": "react-jsx",
+    "module": "ESNext",
+    "lib": ["ES2022", "DOM", "DOM.Iterable"],
+    "types": ["vite/client"],
+
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": false,
+    "noEmit": true,
+
+    /* Linting */
+    "skipLibCheck": true,
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedSideEffectImports": true,
+    "baseUrl": ".",
+    "paths": {
+      "@/*": ["./src/*"]
+    }
+  }
+}
diff --git a/examples/ts-react-coding-agent/vite.config.ts b/examples/ts-react-coding-agent/vite.config.ts
new file mode 100644
index 000000000..563d73a12
--- /dev/null
+++ b/examples/ts-react-coding-agent/vite.config.ts
@@ -0,0 +1,30 @@
+import { defineConfig } from 'vite'
+import { tanstackStart } from '@tanstack/react-start/plugin/vite'
+import viteReact from '@vitejs/plugin-react'
+import viteTsConfigPaths from 'vite-tsconfig-paths'
+import tailwindcss from '@tailwindcss/vite'
+import { nitroV2Plugin } from '@tanstack/nitro-v2-vite-plugin'
+
+const config = defineConfig({
+  // The Claude Agent SDK is server-only and ships its own bundled Claude
+  // Code runtime — keep it external so the SSR build resolves it at runtime
+  // via require() instead of inlining it into the rollup chunk.
+  ssr: {
+    external: ['@anthropic-ai/claude-agent-sdk'],
+  },
+  plugins: [
+    nitroV2Plugin({
+      externals: {
+        external: ['@anthropic-ai/claude-agent-sdk'],
+      },
+    }),
+    viteTsConfigPaths({
+      projects: ['./tsconfig.json'],
+    }),
+    tailwindcss(),
+    tanstackStart(),
+    viteReact(),
+  ],
+})
+
+export default config
diff --git a/examples/ts-react-coding-agent/workspace/README.md b/examples/ts-react-coding-agent/workspace/README.md
new file mode 100644
index 000000000..47dc36b1a
--- /dev/null
+++ b/examples/ts-react-coding-agent/workspace/README.md
@@ -0,0 +1,13 @@
+# Demo Workspace
+
+This directory is the coding agent's working directory (`cwd`). Everything
+the agent reads, searches, and edits happens in here — nothing outside this
+folder is touched.
+
+Files:
+
+- `temperature.js` — a tiny conversion module with a deliberate bug for the
+  agent to find and fix (in Edit mode).
+- `todo.md` — a short task list the agent can read or update.
+
+Feel free to reset this directory with `git checkout -- .` after demos.
diff --git a/examples/ts-react-coding-agent/workspace/temperature.js b/examples/ts-react-coding-agent/workspace/temperature.js
new file mode 100644
index 000000000..4aaeb517b
--- /dev/null
+++ b/examples/ts-react-coding-agent/workspace/temperature.js
@@ -0,0 +1,12 @@
+/** Convert Celsius to Fahrenheit. */
+const celsiusToFahrenheit = (celsius) => {
+  return celsius * (9 / 5) + 32
+}
+
+/** Convert Fahrenheit to Celsius. */
+const fahrenheitToCelsius = (fahrenheit) => {
+  // BUG: should subtract 32 before scaling, not after.
+  return fahrenheit * (5 / 9) - 32
+}
+
+export { celsiusToFahrenheit, fahrenheitToCelsius }
diff --git a/examples/ts-react-coding-agent/workspace/todo.md b/examples/ts-react-coding-agent/workspace/todo.md
new file mode 100644
index 000000000..945973c61
--- /dev/null
+++ b/examples/ts-react-coding-agent/workspace/todo.md
@@ -0,0 +1,5 @@
+# Tasks
+
+- [ ] Fix the Fahrenheit → Celsius conversion bug
+- [ ] Add a Kelvin conversion helper
+- [ ] Write a usage example in the README
diff --git a/packages/ai-claude-code/README.md b/packages/ai-claude-code/README.md
new file mode 100644
index 000000000..8532fcaae
--- /dev/null
+++ b/packages/ai-claude-code/README.md
@@ -0,0 +1,18 @@
+# @tanstack/ai-claude-code
+
+Claude Code harness adapter for [TanStack AI](https://tanstack.com/ai) — run [Claude Code](https://docs.anthropic.com/en/docs/claude-code) (via `@anthropic-ai/claude-agent-sdk`) as a chat backend with local tool execution, stateful coding sessions, and TanStack tool bridging.
+
+```typescript
+import { chat } from '@tanstack/ai'
+import { claudeCodeText } from '@tanstack/ai-claude-code'
+
+const stream = chat({
+  adapter: claudeCodeText('claude-opus-4-8', {
+    cwd: '/path/to/project',
+    permissionMode: 'acceptEdits',
+  }),
+  messages: [{ role: 'user', content: 'Fix the failing test.' }],
+})
+```
+
+Server-only (Node). See the [Claude Code adapter docs](https://tanstack.com/ai/latest/docs/adapters/claude-code) for sessions, tool bridging, permissions, and limitations.
diff --git a/packages/ai-claude-code/package.json b/packages/ai-claude-code/package.json
new file mode 100644
index 000000000..0dbfcf254
--- /dev/null
+++ b/packages/ai-claude-code/package.json
@@ -0,0 +1,60 @@
+{
+  "name": "@tanstack/ai-claude-code",
+  "version": "0.1.0",
+  "description": "Claude Code harness adapter for TanStack AI — run Claude Code as a chat backend with local tool execution and stateful sessions.",
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TanStack/ai.git",
+    "directory": "packages/ai-claude-code"
+  },
+  "keywords": [
+    "ai",
+    "ai-sdk",
+    "typescript",
+    "tanstack",
+    "anthropic",
+    "claude",
+    "claude-code",
+    "harness",
+    "agent",
+    "adapter",
+    "chat",
+    "tool-calling"
+  ],
+  "type": "module",
+  "module": "./dist/esm/index.js",
+  "types": "./dist/esm/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/esm/index.d.ts",
+      "import": "./dist/esm/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "build": "vite build",
+    "clean": "premove ./build ./dist",
+    "lint:fix": "eslint ./src --fix",
+    "test:build": "publint --strict",
+    "test:eslint": "eslint ./src",
+    "test:lib": "vitest",
+    "test:lib:dev": "pnpm test:lib --watch",
+    "test:types": "tsc"
+  },
+  "dependencies": {
+    "@anthropic-ai/claude-agent-sdk": "^0.3.176",
+    "@modelcontextprotocol/sdk": "^1.29.0"
+  },
+  "peerDependencies": {
+    "@tanstack/ai": "workspace:^"
+  },
+  "devDependencies": {
+    "@tanstack/ai": "workspace:*",
+    "@vitest/coverage-v8": "4.0.14"
+  }
+}
diff --git a/packages/ai-claude-code/src/adapters/text.ts b/packages/ai-claude-code/src/adapters/text.ts
new file mode 100644
index 000000000..f36e34d80
--- /dev/null
+++ b/packages/ai-claude-code/src/adapters/text.ts
@@ -0,0 +1,372 @@
+import { query } from '@anthropic-ai/claude-agent-sdk'
+import { EventType, normalizeSystemPrompts } from '@tanstack/ai'
+import { toRunErrorRawEvent } from '@tanstack/ai/adapter-internals'
+import { BaseTextAdapter } from '@tanstack/ai/adapters'
+import { buildPrompt } from '../messages/prompt'
+import { createToolBridge } from '../tools/bridge'
+import {
+  BRIDGED_MCP_SERVER_NAME,
+  translateSdkStream,
+} from '../stream/translate'
+import type {
+  StructuredOutputOptions,
+  StructuredOutputResult,
+} from '@tanstack/ai/adapters'
+import type {
+  AnyTool,
+  DefaultMessageMetadataByModality,
+  Modality,
+  StreamChunk,
+  TextOptions,
+} from '@tanstack/ai'
+import type { Options } from '@anthropic-ai/claude-agent-sdk'
+import type { ClaudeCodeModel } from '../model-meta'
+import type { ClaudeCodeTextProviderOptions } from '../provider-options'
+import type { AgentSdkMessage, SdkResultMessage } from '../stream/sdk-types'
+
+type PermissionMode = NonNullable<Options['permissionMode']>
+
+export interface ClaudeCodeTextConfig {
+  /** Working directory for the harness session. Defaults to `process.cwd()`. */
+  cwd?: string
+  /**
+   * Claude Code permission mode. Without an explicit mode or a custom
+   * `canUseTool`, the adapter's default permission handler auto-allows
+   * bridged TanStack tools and denies anything else that would normally
+   * prompt — set `'acceptEdits'` / `'bypassPermissions'` (or `allowedTools`)
+   * to let the harness edit files and run commands on a headless server.
+   */
+  permissionMode?: PermissionMode
+  /** Built-in tools the harness may use without prompting. */
+  allowedTools?: Array<string>
+  /** Built-in tools removed from the harness entirely. */
+  disallowedTools?: Array<string>
+  /** Maximum harness-internal turns per run. */
+  maxTurns?: number
+  /**
+   * How `systemPrompts` from `chat()` are applied:
+   * - `'append'` (default): kept on top of the Claude Code preset prompt
+   * - `'replace'`: sent as the entire system prompt
+   */
+  systemPromptMode?: 'append' | 'replace'
+  /** Extra MCP servers passed through to the harness untouched. */
+  mcpServers?: Options['mcpServers']
+  /**
+   * Anthropic API key for the harness subprocess. Falls back to the
+   * process environment / the local Claude Code login when omitted.
+   */
+  apiKey?: string
+  /** Extra environment variables for the harness subprocess. */
+  env?: Record<string, string>
+  /** Path to a Claude Code executable (defaults to the SDK's bundled one). */
+  pathToClaudeCodeExecutable?: string
+  /** JavaScript runtime used to execute Claude Code. */
+  executable?: Options['executable']
+  /** Emit true token-level deltas via partial messages (default true). */
+  streamPartials?: boolean
+  /** Custom permission handler; replaces the adapter's default handler. */
+  canUseTool?: Options['canUseTool']
+  /**
+   * Which Claude Code settings tiers the harness loads. Defaults to
+   * `['project']`: the working directory's CLAUDE.md and project settings
+   * apply, but user-level config on the host machine (personal plugins,
+   * hooks, skills under `~/.claude`) is ignored — a server adapter
+   * shouldn't inherit whoever happens to be logged in on the box. Pass
+   * `['user', 'project', 'local']` to match CLI behavior, or `[]` for full
+   * isolation.
+   */
+  settingSources?: Options['settingSources']
+}
+
+function validateTools(tools: Array<AnyTool> | undefined): void {
+  if (!tools || tools.length === 0) return
+  const unsupported = tools.filter(
+    (tool) => typeof tool.execute !== 'function' || tool.needsApproval === true,
+  )
+  if (unsupported.length > 0) {
+    throw new Error(
+      `Claude Code harness cannot execute client-side or approval-gated tools: ${unsupported
+        .map((tool) => tool.name)
+        .join(
+          ', ',
+        )}. Provide server execute() implementations without needsApproval, or run these tools outside the harness.`,
+    )
+  }
+}
+
+function getResultError(result: SdkResultMessage): string {
+  return result.errors && result.errors.length > 0
+    ? result.errors.join('; ')
+    : `Claude Code run failed: ${result.subtype}`
+}
+
+export class ClaudeCodeTextAdapter<
+  TModel extends ClaudeCodeModel,
+> extends BaseTextAdapter<
+  TModel,
+  ClaudeCodeTextProviderOptions,
+  ReadonlyArray<Modality> & readonly ['text'],
+  DefaultMessageMetadataByModality,
+  ReadonlyArray<string>,
+  unknown,
+  never
+> {
+  readonly name = 'claude-code' as const
+
+  private readonly adapterConfig: ClaudeCodeTextConfig
+
+  constructor(config: ClaudeCodeTextConfig, model: TModel) {
+    super({}, model)
+    this.adapterConfig = config
+  }
+
+  async *chatStream(
+    options: TextOptions<ClaudeCodeTextProviderOptions>,
+  ): AsyncIterable<StreamChunk> {
+    const { logger } = options
+    try {
+      validateTools(options.tools)
+
+      const modelOptions = options.modelOptions
+      const { prompt, resume } = buildPrompt(
+        options.messages,
+        modelOptions?.sessionId,
+      )
+      const sdkOptions = this.buildSdkOptions(options, resume)
+
+      logger.request(
+        `activity=chat provider=claude-code model=${this.model} messages=${options.messages.length} tools=${options.tools?.length ?? 0} resume=${resume ?? 'none'}`,
+        { provider: 'claude-code', model: this.model },
+      )
+
+      const sdkStream = query({ prompt, options: sdkOptions })
+
+      yield* translateSdkStream(sdkStream as AsyncIterable<AgentSdkMessage>, {
+        model: this.model,
+        runId: options.runId ?? this.generateId(),
+        threadId: options.threadId ?? this.generateId(),
+        ...(options.parentRunId !== undefined && {
+          parentRunId: options.parentRunId,
+        }),
+        genId: () => this.generateId(),
+        onSdkMessage: (message) =>
+          logger.provider(`provider=claude-code type=${message.type}`, {
+            chunk: message,
+          }),
+      })
+    } catch (error: unknown) {
+      const err = error as Error & { code?: string }
+      const rawEvent = toRunErrorRawEvent(error)
+      logger.errors('claude-code.chatStream fatal', {
+        error,
+        source: 'claude-code.chatStream',
+      })
+      yield {
+        type: EventType.RUN_ERROR,
+        model: options.model,
+        timestamp: Date.now(),
+        message: err.message || 'Unknown error occurred',
+        ...(err.code !== undefined && { code: err.code }),
+        ...(rawEvent !== undefined && { rawEvent }),
+        error: {
+          message: err.message || 'Unknown error occurred',
+          ...(err.code !== undefined && { code: err.code }),
+        },
+      }
+    }
+  }
+
+  /**
+   * Structured output via the harness's native `outputFormat` support: a
+   * one-shot run (no tools, single turn) whose final result carries
+   * `structured_output` matching the schema.
+   */
+  async structuredOutput(
+    options: StructuredOutputOptions<ClaudeCodeTextProviderOptions>,
+  ): Promise<StructuredOutputResult<unknown>> {
+    const { chatOptions, outputSchema } = options
+    const { logger } = chatOptions
+
+    // Fresh one-shot run: deliberately no `resume`, so finalization never
+    // mutates the caller's interactive session.
+    const { prompt } = buildPrompt(chatOptions.messages, undefined)
+
+    const sdkOptions: Options = {
+      ...this.buildBaseSdkOptions(),
+      model: this.model,
+      maxTurns: 1,
+      tools: [],
+      includePartialMessages: false,
+      outputFormat: {
+        type: 'json_schema',
+        schema: outputSchema,
+      },
+    }
+
+    logger.request(
+      `activity=structured-output provider=claude-code model=${this.model}`,
+      { provider: 'claude-code', model: this.model },
+    )
+
+    for await (const message of query({ prompt, options: sdkOptions })) {
+      logger.provider(`provider=claude-code type=${message.type}`, {
+        chunk: message,
+      })
+      if (message.type !== 'result') continue
+      const result = message as SdkResultMessage
+      if (result.subtype !== 'success') {
+        throw new Error(getResultError(result))
+      }
+      const rawText = result.result ?? ''
+      const data =
+        result.structured_output !== undefined
+          ? result.structured_output
+          : JSON.parse(rawText)
+      const usage = result.usage
+      const promptTokens = usage?.input_tokens ?? 0
+      const completionTokens = usage?.output_tokens ?? 0
+      return {
+        data,
+        rawText,
+        usage: {
+          promptTokens,
+          completionTokens,
+          totalTokens: promptTokens + completionTokens,
+        },
+      }
+    }
+
+    throw new Error(
+      'Claude Code run ended without a result message during structured output generation.',
+    )
+  }
+
+  /** Options derived from adapter config alone (shared by both entry points). */
+  private buildBaseSdkOptions(): Options {
+    const config = this.adapterConfig
+    const env =
+      config.apiKey !== undefined || config.env !== undefined
+        ? {
+            ...process.env,
+            ...config.env,
+            ...(config.apiKey !== undefined && {
+              ANTHROPIC_API_KEY: config.apiKey,
+            }),
+          }
+        : undefined
+
+    return {
+      settingSources: config.settingSources ?? ['project'],
+      ...(config.cwd !== undefined && { cwd: config.cwd }),
+      ...(env !== undefined && { env }),
+      ...(config.pathToClaudeCodeExecutable !== undefined && {
+        pathToClaudeCodeExecutable: config.pathToClaudeCodeExecutable,
+      }),
+      ...(config.executable !== undefined && { executable: config.executable }),
+    }
+  }
+
+  private buildSdkOptions(
+    options: TextOptions<ClaudeCodeTextProviderOptions>,
+    resume: string | undefined,
+  ): Options {
+    const config = this.adapterConfig
+    const modelOptions = options.modelOptions
+
+    const permissionMode = modelOptions?.permissionMode ?? config.permissionMode
+    const maxTurns = modelOptions?.maxTurns ?? config.maxTurns
+    const allowedTools = modelOptions?.allowedTools ?? config.allowedTools
+    const disallowedTools =
+      modelOptions?.disallowedTools ?? config.disallowedTools
+    const cwd = modelOptions?.cwd ?? config.cwd
+
+    const bridged =
+      options.tools && options.tools.length > 0
+        ? createToolBridge(options.tools)
+        : undefined
+    const mcpServers = {
+      ...config.mcpServers,
+      ...(bridged && { [BRIDGED_MCP_SERVER_NAME]: bridged }),
+    }
+
+    const systemPrompts = normalizeSystemPrompts(options.systemPrompts)
+      .map((prompt) => prompt.content)
+      .filter((content) => content.trim() !== '')
+    const joinedPrompts = systemPrompts.join('\n\n')
+    const systemPrompt: Options['systemPrompt'] =
+      systemPrompts.length === 0
+        ? undefined
+        : config.systemPromptMode === 'replace'
+          ? joinedPrompts
+          : { type: 'preset', preset: 'claude_code', append: joinedPrompts }
+
+    const abortController = new AbortController()
+    const externalSignal =
+      options.abortController?.signal ?? options.request?.signal
+    if (externalSignal) {
+      if (externalSignal.aborted) abortController.abort()
+      else {
+        externalSignal.addEventListener(
+          'abort',
+          () => abortController.abort(),
+          { once: true },
+        )
+      }
+    }
+
+    // Default permission handler: bridged TanStack tools always run; any
+    // other call that would prompt is denied with guidance instead of
+    // hanging a headless server.
+    const canUseTool: Options['canUseTool'] =
+      config.canUseTool ??
+      ((toolName) => {
+        if (toolName.startsWith(`mcp__${BRIDGED_MCP_SERVER_NAME}__`)) {
+          return Promise.resolve({ behavior: 'allow' as const })
+        }
+        return Promise.resolve({
+          behavior: 'deny' as const,
+          message: `Tool "${toolName}" denied by the @tanstack/ai-claude-code default permission policy. Configure permissionMode, allowedTools, or canUseTool on claudeCodeText() to allow it.`,
+        })
+      })
+
+    return {
+      ...this.buildBaseSdkOptions(),
+      model: this.model,
+      includePartialMessages: config.streamPartials !== false,
+      abortController,
+      canUseTool,
+      ...(cwd !== undefined && { cwd }),
+      ...(resume !== undefined && { resume }),
+      ...(modelOptions?.forkSession !== undefined && {
+        forkSession: modelOptions.forkSession,
+      }),
+      ...(maxTurns !== undefined && { maxTurns }),
+      ...(permissionMode !== undefined && { permissionMode }),
+      ...(permissionMode === 'bypassPermissions' && {
+        allowDangerouslySkipPermissions: true,
+      }),
+      ...(allowedTools !== undefined && { allowedTools }),
+      ...(disallowedTools !== undefined && { disallowedTools }),
+      ...(Object.keys(mcpServers).length > 0 && { mcpServers }),
+      ...(systemPrompt !== undefined && { systemPrompt }),
+    }
+  }
+}
+
+/**
+ * Creates a Claude Code text adapter.
+ *
+ * Unlike HTTP provider adapters, this is a *harness* adapter: Claude Code
+ * runs its own agent loop and executes its own tools (bash, file edits,
+ * search, ...) locally, server-side. Each `chat()` call runs one full
+ * harness turn; harness tool activity streams back as already-resolved
+ * tool-call events, and the session id is surfaced via a CUSTOM
+ * `claude-code.session-id` event so follow-up calls can resume the session
+ * through `modelOptions.sessionId`.
+ */
+export function claudeCodeText<TModel extends ClaudeCodeModel>(
+  model: TModel,
+  config: ClaudeCodeTextConfig = {},
+): ClaudeCodeTextAdapter<TModel> {
+  return new ClaudeCodeTextAdapter(config, model)
+}
diff --git a/packages/ai-claude-code/src/index.ts b/packages/ai-claude-code/src/index.ts
new file mode 100644
index 000000000..4241528a8
--- /dev/null
+++ b/packages/ai-claude-code/src/index.ts
@@ -0,0 +1,19 @@
+export { ClaudeCodeTextAdapter, claudeCodeText } from './adapters/text'
+export type { ClaudeCodeTextConfig } from './adapters/text'
+export type { ClaudeCodeTextProviderOptions } from './provider-options'
+export { CLAUDE_CODE_MODELS } from './model-meta'
+export type { ClaudeCodeModel, KnownClaudeCodeModel } from './model-meta'
+export {
+  SESSION_ID_EVENT,
+  BRIDGED_MCP_SERVER_NAME,
+  translateSdkStream,
+  stripMcpPrefix,
+} from './stream/translate'
+export type {
+  ClaudeCodeProviderUsageDetails,
+  TranslateContext,
+} from './stream/translate'
+export type { AgentSdkMessage } from './stream/sdk-types'
+export { buildPrompt } from './messages/prompt'
+export type { BuiltPrompt } from './messages/prompt'
+export { createToolBridge } from './tools/bridge'
diff --git a/packages/ai-claude-code/src/messages/prompt.ts b/packages/ai-claude-code/src/messages/prompt.ts
new file mode 100644
index 000000000..ca88b7f14
--- /dev/null
+++ b/packages/ai-claude-code/src/messages/prompt.ts
@@ -0,0 +1,68 @@
+import type { ModelMessage } from '@tanstack/ai'
+
+export interface BuiltPrompt {
+  prompt: string
+  /** Claude Code session id to resume, when the caller threaded one through. */
+  resume?: string
+}
+
+function extractText(content: ModelMessage['content']): string {
+  if (content === null) return ''
+  if (typeof content === 'string') return content
+  return content
+    .map((part) =>
+      part.type === 'text' && typeof part.content === 'string'
+        ? part.content
+        : '',
+    )
+    .join('')
+}
+
+/**
+ * Convert TanStack chat history into the Agent SDK's `{ prompt, resume }`
+ * inputs.
+ *
+ * With a `sessionId`, the harness already holds the conversation context, so
+ * only the trailing user message is sent and the session is resumed. Without
+ * one, prior turns are flattened into a plain-text transcript preamble (tool
+ * messages and tool-call-only assistant turns are harness-internal noise and
+ * are skipped; prompts are text-only in v1).
+ */
+export function buildPrompt(
+  messages: Array<ModelMessage>,
+  sessionId: string | undefined,
+): BuiltPrompt {
+  const lastMessage = messages.at(-1)
+  const lastUserText =
+    lastMessage?.role === 'user' ? extractText(lastMessage.content).trim() : ''
+
+  if (!lastUserText) {
+    throw new Error(
+      'Claude Code adapter requires a trailing user message with text content.',
+    )
+  }
+
+  if (sessionId !== undefined) {
+    return { prompt: lastUserText, resume: sessionId }
+  }
+
+  const priorTurns = messages
+    .slice(0, -1)
+    .filter(
+      (message) =>
+        (message.role === 'user' || message.role === 'assistant') &&
+        extractText(message.content).trim() !== '',
+    )
+    .map(
+      (message) =>
+        `${message.role === 'user' ? 'User' : 'Assistant'}: ${extractText(message.content).trim()}`,
+    )
+
+  if (priorTurns.length === 0) {
+    return { prompt: lastUserText }
+  }
+
+  return {
+    prompt: `Previous conversation:\n${priorTurns.join('\n')}\n\n${lastUserText}`,
+  }
+}
diff --git a/packages/ai-claude-code/src/model-meta.ts b/packages/ai-claude-code/src/model-meta.ts
new file mode 100644
index 000000000..22edef39f
--- /dev/null
+++ b/packages/ai-claude-code/src/model-meta.ts
@@ -0,0 +1,21 @@
+/**
+ * Models known to work with Claude Code. The harness accepts any Anthropic
+ * model id (and the `opus` / `sonnet` / `haiku` aliases resolved by the CLI),
+ * so this list exists for autocomplete — any string is accepted via the
+ * `(string & {})` escape hatch in {@link ClaudeCodeModel}.
+ */
+export const CLAUDE_CODE_MODELS = [
+  'claude-opus-4-8',
+  'claude-opus-4-7',
+  'claude-opus-4-6',
+  'claude-sonnet-4-6',
+  'claude-haiku-4-5',
+  'opus',
+  'sonnet',
+  'haiku',
+] as const
+
+export type KnownClaudeCodeModel = (typeof CLAUDE_CODE_MODELS)[number]
+
+/** Any Claude model id accepted by Claude Code; known ids get autocomplete. */
+export type ClaudeCodeModel = KnownClaudeCodeModel | (string & {})
diff --git a/packages/ai-claude-code/src/provider-options.ts b/packages/ai-claude-code/src/provider-options.ts
new file mode 100644
index 000000000..e938439c2
--- /dev/null
+++ b/packages/ai-claude-code/src/provider-options.ts
@@ -0,0 +1,32 @@
+import type { Options } from '@anthropic-ai/claude-agent-sdk'
+
+type PermissionMode = NonNullable<Options['permissionMode']>
+
+/**
+ * Per-call provider options for the Claude Code adapter, passed via
+ * `modelOptions` on `chat()`.
+ */
+export interface ClaudeCodeTextProviderOptions {
+  /**
+   * Resume an existing Claude Code session. The adapter emits the session id
+   * of every run via a CUSTOM `claude-code.session-id` stream event; thread
+   * it back here to continue that session (only the latest user message is
+   * sent — the harness already holds the prior context).
+   */
+  sessionId?: string
+  /**
+   * When resuming, fork to a new session id instead of continuing the
+   * original session.
+   */
+  forkSession?: boolean
+  /** Per-call override of the configured max harness turns. */
+  maxTurns?: number
+  /** Per-call override of the configured permission mode. */
+  permissionMode?: PermissionMode
+  /** Per-call override of the allowed built-in tool list. */
+  allowedTools?: Array<string>
+  /** Per-call override of the disallowed built-in tool list. */
+  disallowedTools?: Array<string>
+  /** Per-call override of the harness working directory. */
+  cwd?: string
+}
diff --git a/packages/ai-claude-code/src/stream/sdk-types.ts b/packages/ai-claude-code/src/stream/sdk-types.ts
new file mode 100644
index 000000000..a4b40be74
--- /dev/null
+++ b/packages/ai-claude-code/src/stream/sdk-types.ts
@@ -0,0 +1,135 @@
+/**
+ * Structural subset of the `@anthropic-ai/claude-agent-sdk` message types that
+ * the stream translator consumes.
+ *
+ * These are intentionally defined structurally (rather than imported from the
+ * agent SDK) so the translator stays a pure, fixture-testable state machine
+ * and the package's public types don't depend on the agent SDK's bundled
+ * `@anthropic-ai/sdk` type imports.
+ */
+
+export interface SdkInitMessage {
+  type: 'system'
+  subtype: 'init'
+  session_id: string
+  model: string
+  tools: Array<string>
+  cwd?: string
+}
+
+export type SdkAssistantContentBlock =
+  | { type: 'text'; text: string }
+  | { type: 'thinking'; thinking: string }
+  | { type: 'tool_use'; id: string; name: string; input: unknown }
+  | { type: string; [key: string]: unknown }
+
+export interface SdkAssistantMessage {
+  type: 'assistant'
+  message: {
+    id?: string
+    content: Array<SdkAssistantContentBlock>
+  }
+  parent_tool_use_id: string | null
+}
+
+export type SdkToolResultContent =
+  | string
+  | Array<{ type: string; text?: string; [key: string]: unknown }>
+
+export type SdkUserContentBlock =
+  | {
+      type: 'tool_result'
+      tool_use_id: string
+      content?: SdkToolResultContent
+      is_error?: boolean
+    }
+  | { type: string; [key: string]: unknown }
+
+export interface SdkUserMessage {
+  type: 'user'
+  message: {
+    role: 'user'
+    content: string | Array<SdkUserContentBlock>
+  }
+  parent_tool_use_id: string | null
+}
+
+/** Raw Anthropic streaming events forwarded when `includePartialMessages` is set. */
+export type SdkRawStreamEvent =
+  | { type: 'message_start'; message: { id?: string } }
+  | {
+      type: 'content_block_start'
+      index: number
+      content_block: { type: string }
+    }
+  | {
+      type: 'content_block_delta'
+      index: number
+      delta: { type: string; text?: string; thinking?: string }
+    }
+  | { type: 'content_block_stop'; index: number }
+  | { type: 'message_delta' }
+  | { type: 'message_stop' }
+
+export interface SdkPartialAssistantMessage {
+  type: 'stream_event'
+  event: SdkRawStreamEvent
+  parent_tool_use_id: string | null
+}
+
+export interface SdkUsage {
+  input_tokens?: number
+  output_tokens?: number
+  cache_read_input_tokens?: number
+  cache_creation_input_tokens?: number
+}
+
+export interface SdkResultMessage {
+  type: 'result'
+  subtype:
+    | 'success'
+    | 'error_max_turns'
+    | 'error_during_execution'
+    | 'error_max_budget_usd'
+    | 'error_max_structured_output_retries'
+  result?: string
+  errors?: Array<string>
+  usage?: SdkUsage
+  total_cost_usd?: number
+  structured_output?: unknown
+}
+
+/**
+ * Harness-internal system messages the translator deliberately ignores.
+ * (The real SDK union has many more members; unknown runtime types simply
+ * fall through every branch.)
+ */
+export interface SdkNoiseSystemMessage {
+  type: 'system'
+  subtype:
+    | 'status'
+    | 'permission_denied'
+    | 'plugin_install'
+    | 'session_state_changed'
+    | 'task_notification'
+    | 'task_progress'
+}
+
+/** Other harness-internal top-level message types the translator ignores. */
+export interface SdkNoiseMessage {
+  type:
+    | 'tool_progress'
+    | 'auth_status'
+    | 'rate_limit_event'
+    | 'prompt_suggestion'
+    | 'compact_boundary'
+}
+
+export type AgentSdkMessage =
+  | SdkInitMessage
+  | SdkAssistantMessage
+  | SdkUserMessage
+  | SdkPartialAssistantMessage
+  | SdkResultMessage
+  | SdkNoiseSystemMessage
+  | SdkNoiseMessage
diff --git a/packages/ai-claude-code/src/stream/translate.ts b/packages/ai-claude-code/src/stream/translate.ts
new file mode 100644
index 000000000..67271d63c
--- /dev/null
+++ b/packages/ai-claude-code/src/stream/translate.ts
@@ -0,0 +1,483 @@
+import { EventType, buildBaseUsage } from '@tanstack/ai'
+import type { StreamChunk, TokenUsage } from '@tanstack/ai'
+import type {
+  AgentSdkMessage,
+  SdkAssistantMessage,
+  SdkPartialAssistantMessage,
+  SdkResultMessage,
+  SdkToolResultContent,
+  SdkUsage,
+  SdkUserMessage,
+} from './sdk-types'
+
+/** Name of the CUSTOM event carrying the Claude Code session id. */
+export const SESSION_ID_EVENT = 'claude-code.session-id'
+
+/** Server name used for bridged TanStack tools (model sees `mcp__tanstack__<name>`). */
+export const BRIDGED_MCP_SERVER_NAME = 'tanstack'
+
+const BRIDGED_MCP_PREFIX = `mcp__${BRIDGED_MCP_SERVER_NAME}__`
+
+/** Claude Code-specific usage details attached to RUN_FINISHED usage. */
+export type ClaudeCodeProviderUsageDetails = {
+  /** Total cost of the harness run in USD, as reported by Claude Code. */
+  totalCostUsd?: number
+}
+
+export interface TranslateContext {
+  model: string
+  runId: string
+  threadId: string
+  parentRunId?: string
+  genId: () => string
+  /** Called as soon as the harness reports its session id. */
+  onSessionId?: (sessionId: string) => void
+  /** Called for each raw SDK message, for logging. */
+  onSdkMessage?: (message: AgentSdkMessage) => void
+}
+
+/**
+ * Strip the bridged MCP server prefix so tool-call events match the TanStack
+ * tool names the application registered. Built-in harness tools (Bash, Read,
+ * Edit, ...) and foreign MCP tools pass through verbatim.
+ */
+export function stripMcpPrefix(name: string): string {
+  return name.startsWith(BRIDGED_MCP_PREFIX)
+    ? name.slice(BRIDGED_MCP_PREFIX.length)
+    : name
+}
+
+function stringifyToolResultContent(
+  content: SdkToolResultContent | undefined,
+): string {
+  if (content === undefined) return ''
+  if (typeof content === 'string') return content
+  return content
+    .map((block) => (typeof block.text === 'string' ? block.text : ''))
+    .join('')
+}
+
+function buildUsage(
+  usage: SdkUsage | undefined,
+  totalCostUsd: number | undefined,
+): TokenUsage<ClaudeCodeProviderUsageDetails> | undefined {
+  if (!usage) return undefined
+  const promptTokens = usage.input_tokens ?? 0
+  const completionTokens = usage.output_tokens ?? 0
+  const result = buildBaseUsage<ClaudeCodeProviderUsageDetails>({
+    promptTokens,
+    completionTokens,
+    totalTokens: promptTokens + completionTokens,
+  })
+  const cacheWrite = usage.cache_creation_input_tokens
+  const cacheRead = usage.cache_read_input_tokens
+  const promptTokensDetails = {
+    ...(cacheWrite ? { cacheWriteTokens: cacheWrite } : {}),
+    ...(cacheRead ? { cachedTokens: cacheRead } : {}),
+  }
+  if (Object.keys(promptTokensDetails).length > 0) {
+    result.promptTokensDetails = promptTokensDetails
+  }
+  if (totalCostUsd !== undefined) {
+    result.providerUsageDetails = { totalCostUsd }
+  }
+  return result
+}
+
+/**
+ * Translate a Claude Code Agent SDK message stream into AG-UI StreamChunk
+ * events.
+ *
+ * The harness runs its own agent loop and executes its own tools, so the
+ * translation always ends with `finishReason: 'stop'` (or `'length'` /
+ * RUN_ERROR) — never `'tool_calls'`. Harness tool activity is emitted as
+ * already-resolved TOOL_CALL_START/ARGS/END + TOOL_CALL_RESULT sequences so
+ * UIs can render it, while the TanStack engine never tries to execute them.
+ *
+ * Invariant: every TOOL_CALL_START is eventually paired with a
+ * TOOL_CALL_RESULT (synthesized as `{"status":"interrupted"}` when the run
+ * ends or aborts before the harness reported one) so the engine's
+ * pending-tool-call scan on the next request never force-executes them.
+ */
+export async function* translateSdkStream(
+  sdkMessages: AsyncIterable<AgentSdkMessage>,
+  ctx: TranslateContext,
+): AsyncIterable<StreamChunk> {
+  const { model, runId, threadId, genId } = ctx
+  const now = () => Date.now()
+
+  let runStarted = false
+  /** Tool calls started but with no result yet. */
+  const unresolvedToolCalls = new Set<string>()
+  /** Anthropic message ids whose text/thinking already streamed via partials. */
+  const streamedMessageIds = new Set<string>()
+
+  // Partial-stream state
+  let partialMessageId: string | null = null
+  let partialBlockType: string | null = null
+  let partialTextMessageId: string | null = null
+  let partialTextContent = ''
+  let partialTextStarted = false
+  let partialReasoningId: string | null = null
+
+  function* startRun(): Generator<StreamChunk> {
+    if (runStarted) return
+    runStarted = true
+    yield {
+      type: EventType.RUN_STARTED,
+      runId,
+      threadId,
+      model,
+      timestamp: now(),
+      ...(ctx.parentRunId !== undefined && { parentRunId: ctx.parentRunId }),
+    }
+  }
+
+  function* synthesizeUnresolvedResults(): Generator<StreamChunk> {
+    for (const toolCallId of unresolvedToolCalls) {
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content: JSON.stringify({ status: 'interrupted' }),
+      }
+    }
+    unresolvedToolCalls.clear()
+  }
+
+  function* closePartialText(): Generator<StreamChunk> {
+    if (partialTextStarted && partialTextMessageId) {
+      yield {
+        type: EventType.TEXT_MESSAGE_END,
+        messageId: partialTextMessageId,
+        model,
+        timestamp: now(),
+      }
+    }
+    partialTextStarted = false
+    partialTextMessageId = null
+    partialTextContent = ''
+  }
+
+  function* closePartialReasoning(): Generator<StreamChunk> {
+    if (partialReasoningId) {
+      yield {
+        type: EventType.REASONING_MESSAGE_END,
+        messageId: partialReasoningId,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_END,
+        messageId: partialReasoningId,
+        model,
+        timestamp: now(),
+      }
+    }
+    partialReasoningId = null
+  }
+
+  function* emitToolUse(block: {
+    id: string
+    name: string
+    input: unknown
+  }): Generator<StreamChunk> {
+    const toolCallName = stripMcpPrefix(block.name)
+    const args = JSON.stringify(block.input ?? {})
+    yield {
+      type: EventType.TOOL_CALL_START,
+      toolCallId: block.id,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+    }
+    yield {
+      type: EventType.TOOL_CALL_ARGS,
+      toolCallId: block.id,
+      model,
+      timestamp: now(),
+      delta: args,
+      args,
+    }
+    yield {
+      type: EventType.TOOL_CALL_END,
+      toolCallId: block.id,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+      input: block.input ?? {},
+    }
+    unresolvedToolCalls.add(block.id)
+  }
+
+  function* handleAssistant(
+    message: SdkAssistantMessage,
+  ): Generator<StreamChunk> {
+    const alreadyStreamed =
+      message.message.id !== undefined &&
+      streamedMessageIds.has(message.message.id)
+
+    for (const block of message.message.content) {
+      if (block.type === 'text') {
+        if (alreadyStreamed) continue
+        const messageId = message.message.id ?? genId()
+        const text = (block as { text: string }).text
+        yield {
+          type: EventType.TEXT_MESSAGE_START,
+          messageId,
+          model,
+          timestamp: now(),
+          role: 'assistant',
+        }
+        yield {
+          type: EventType.TEXT_MESSAGE_CONTENT,
+          messageId,
+          model,
+          timestamp: now(),
+          delta: text,
+          content: text,
+        }
+        yield {
+          type: EventType.TEXT_MESSAGE_END,
+          messageId,
+          model,
+          timestamp: now(),
+        }
+      } else if (block.type === 'thinking') {
+        if (alreadyStreamed) continue
+        const reasoningId = genId()
+        const thinking = (block as { thinking: string }).thinking
+        yield {
+          type: EventType.REASONING_START,
+          messageId: reasoningId,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_MESSAGE_START,
+          messageId: reasoningId,
+          role: 'reasoning' as const,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_MESSAGE_CONTENT,
+          messageId: reasoningId,
+          delta: thinking,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_MESSAGE_END,
+          messageId: reasoningId,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_END,
+          messageId: reasoningId,
+          model,
+          timestamp: now(),
+        }
+      } else if (block.type === 'tool_use') {
+        yield* emitToolUse(
+          block as { id: string; name: string; input: unknown },
+        )
+      }
+    }
+  }
+
+  function* handleUser(message: SdkUserMessage): Generator<StreamChunk> {
+    const content = message.message.content
+    if (typeof content === 'string') return
+    for (const block of content) {
+      if (block.type !== 'tool_result') continue
+      const toolResult = block as {
+        tool_use_id: string
+        content?: SdkToolResultContent
+        is_error?: boolean
+      }
+      unresolvedToolCalls.delete(toolResult.tool_use_id)
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId: toolResult.tool_use_id,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content: stringifyToolResultContent(toolResult.content),
+        ...(toolResult.is_error === true && { state: 'output-error' as const }),
+      }
+    }
+  }
+
+  function* handleResult(message: SdkResultMessage): Generator<StreamChunk> {
+    yield* closePartialText()
+    yield* closePartialReasoning()
+    yield* synthesizeUnresolvedResults()
+
+    const usage = buildUsage(message.usage, message.total_cost_usd)
+    if (message.subtype === 'success') {
+      yield {
+        type: EventType.RUN_FINISHED,
+        runId,
+        threadId,
+        model,
+        timestamp: now(),
+        finishReason: 'stop',
+        ...(usage !== undefined && { usage }),
+      }
+    } else if (message.subtype === 'error_max_turns') {
+      yield {
+        type: EventType.RUN_FINISHED,
+        runId,
+        threadId,
+        model,
+        timestamp: now(),
+        finishReason: 'length',
+        ...(usage !== undefined && { usage }),
+      }
+    } else {
+      const errorMessage =
+        message.errors && message.errors.length > 0
+          ? message.errors.join('; ')
+          : `Claude Code run failed: ${message.subtype}`
+      yield {
+        type: EventType.RUN_ERROR,
+        model,
+        timestamp: now(),
+        message: errorMessage,
+        code: message.subtype,
+        error: { message: errorMessage, code: message.subtype },
+      }
+    }
+  }
+
+  function* handleStreamEvent(
+    message: SdkPartialAssistantMessage,
+  ): Generator<StreamChunk> {
+    const event = message.event
+    if (event.type === 'message_start') {
+      partialMessageId = event.message.id ?? genId()
+      streamedMessageIds.add(partialMessageId)
+    } else if (event.type === 'content_block_start') {
+      partialBlockType = event.content_block.type
+      if (partialBlockType === 'text') {
+        partialTextMessageId = partialMessageId ?? genId()
+        partialTextContent = ''
+        if (!partialTextStarted) {
+          partialTextStarted = true
+          yield {
+            type: EventType.TEXT_MESSAGE_START,
+            messageId: partialTextMessageId,
+            model,
+            timestamp: now(),
+            role: 'assistant',
+          }
+        }
+      } else if (partialBlockType === 'thinking') {
+        partialReasoningId = genId()
+        yield {
+          type: EventType.REASONING_START,
+          messageId: partialReasoningId,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_MESSAGE_START,
+          messageId: partialReasoningId,
+          role: 'reasoning' as const,
+          model,
+          timestamp: now(),
+        }
+      }
+    } else if (event.type === 'content_block_delta') {
+      if (
+        event.delta.type === 'text_delta' &&
+        partialTextStarted &&
+        partialTextMessageId &&
+        typeof event.delta.text === 'string'
+      ) {
+        partialTextContent += event.delta.text
+        yield {
+          type: EventType.TEXT_MESSAGE_CONTENT,
+          messageId: partialTextMessageId,
+          model,
+          timestamp: now(),
+          delta: event.delta.text,
+          content: partialTextContent,
+        }
+      } else if (
+        event.delta.type === 'thinking_delta' &&
+        partialReasoningId &&
+        typeof event.delta.thinking === 'string'
+      ) {
+        yield {
+          type: EventType.REASONING_MESSAGE_CONTENT,
+          messageId: partialReasoningId,
+          delta: event.delta.thinking,
+          model,
+          timestamp: now(),
+        }
+      }
+    } else if (event.type === 'content_block_stop') {
+      if (partialBlockType === 'text') {
+        yield* closePartialText()
+      } else if (partialBlockType === 'thinking') {
+        yield* closePartialReasoning()
+      }
+      partialBlockType = null
+    }
+  }
+
+  try {
+    for await (const sdkMessage of sdkMessages) {
+      ctx.onSdkMessage?.(sdkMessage)
+
+      if (sdkMessage.type === 'system' && sdkMessage.subtype === 'init') {
+        yield* startRun()
+        ctx.onSessionId?.(sdkMessage.session_id)
+        yield {
+          type: EventType.CUSTOM,
+          model,
+          timestamp: now(),
+          name: SESSION_ID_EVENT,
+          value: {
+            sessionId: sdkMessage.session_id,
+            model: sdkMessage.model,
+            tools: sdkMessage.tools,
+          },
+        }
+        continue
+      }
+
+      // Anything before init still needs RUN_STARTED first.
+      yield* startRun()
+
+      if (sdkMessage.type === 'stream_event') {
+        if (sdkMessage.parent_tool_use_id !== null) continue
+        yield* handleStreamEvent(sdkMessage)
+      } else if (sdkMessage.type === 'assistant') {
+        if (sdkMessage.parent_tool_use_id !== null) continue
+        yield* handleAssistant(sdkMessage)
+      } else if (sdkMessage.type === 'user') {
+        if (sdkMessage.parent_tool_use_id !== null) continue
+        yield* handleUser(sdkMessage)
+      } else if (sdkMessage.type === 'result') {
+        yield* handleResult(sdkMessage)
+      }
+      // All other SDK message types (status, hooks, notifications, ...) are
+      // harness-internal and intentionally ignored.
+    }
+  } catch (error) {
+    // The run is dying (abort or SDK failure). Pair any started tool calls
+    // with a synthetic result first so the next request's pending-tool-call
+    // scan doesn't try to execute them, then let the adapter surface the
+    // error as RUN_ERROR.
+    yield* synthesizeUnresolvedResults()
+    throw error
+  }
+}
diff --git a/packages/ai-claude-code/src/tools/bridge.ts b/packages/ai-claude-code/src/tools/bridge.ts
new file mode 100644
index 000000000..bae7504e0
--- /dev/null
+++ b/packages/ai-claude-code/src/tools/bridge.ts
@@ -0,0 +1,64 @@
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js'
+import { BRIDGED_MCP_SERVER_NAME } from '../stream/translate'
+import type { McpSdkServerConfigWithInstance } from '@anthropic-ai/claude-agent-sdk'
+import type { AnyTool } from '@tanstack/ai'
+
+/**
+ * Expose TanStack tools to the Claude Code harness as an in-process MCP
+ * server.
+ *
+ * The engine has already converted each tool's schema to JSON Schema before
+ * the adapter sees it, and JSON Schema is exactly what MCP's `tools/list`
+ * wants — so the low-level request handlers are registered directly on the
+ * `McpServer`'s underlying server, passing schemas through verbatim instead
+ * of round-tripping them through zod.
+ *
+ * The model sees these tools as `mcp__tanstack__<name>`; the stream
+ * translator strips that prefix so tool-call events match the names the
+ * application registered.
+ */
+export function createToolBridge(
+  tools: Array<AnyTool>,
+): McpSdkServerConfigWithInstance {
+  const instance = new McpServer(
+    { name: BRIDGED_MCP_SERVER_NAME, version: '1.0.0' },
+    { capabilities: { tools: {} } },
+  )
+
+  const toolsByName = new Map(tools.map((tool) => [tool.name, tool]))
+
+  instance.server.setRequestHandler(ListToolsRequestSchema, () => ({
+    tools: tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      inputSchema: (tool.inputSchema ?? {
+        type: 'object',
+        properties: {},
+      }) as { type: 'object'; [key: string]: unknown },
+    })),
+  }))
+
+  instance.server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const tool = toolsByName.get(request.params.name)
+    if (!tool?.execute) {
+      throw new Error(`Unknown tool: ${request.params.name}`)
+    }
+    try {
+      const result: unknown = await tool.execute(request.params.arguments ?? {})
+      const text = typeof result === 'string' ? result : JSON.stringify(result)
+      return { content: [{ type: 'text', text }] }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error)
+      return {
+        isError: true,
+        content: [{ type: 'text', text: `Tool execution failed: ${message}` }],
+      }
+    }
+  })
+
+  return { type: 'sdk', name: BRIDGED_MCP_SERVER_NAME, instance }
+}
diff --git a/packages/ai-claude-code/tests/bridge.test.ts b/packages/ai-claude-code/tests/bridge.test.ts
new file mode 100644
index 000000000..982185f98
--- /dev/null
+++ b/packages/ai-claude-code/tests/bridge.test.ts
@@ -0,0 +1,103 @@
+import { describe, expect, it } from 'vitest'
+import { Client } from '@modelcontextprotocol/sdk/client/index.js'
+import { InMemoryTransport } from '@modelcontextprotocol/sdk/inMemory.js'
+import { createToolBridge } from '../src/tools/bridge'
+import type { AnyTool } from '@tanstack/ai'
+
+const lookupUser: AnyTool = {
+  name: 'lookup_user',
+  description: 'Look up a user by id',
+  inputSchema: {
+    type: 'object',
+    properties: { userId: { type: 'string' } },
+    required: ['userId'],
+  },
+  execute: async (args: { userId: string }) => ({
+    id: args.userId,
+    name: 'Ada',
+  }),
+} as AnyTool
+
+async function connect(tools: Array<AnyTool>) {
+  const bridge = createToolBridge(tools)
+  const [clientTransport, serverTransport] =
+    InMemoryTransport.createLinkedPair()
+  await bridge.instance.connect(serverTransport)
+  const client = new Client({ name: 'test-client', version: '1.0.0' })
+  await client.connect(clientTransport)
+  return client
+}
+
+describe('createToolBridge', () => {
+  it('returns an sdk-type MCP server config named tanstack', () => {
+    const bridge = createToolBridge([lookupUser])
+    expect(bridge.type).toBe('sdk')
+    expect(bridge.name).toBe('tanstack')
+    expect(bridge.instance).toBeDefined()
+  })
+
+  it('lists tools with their raw JSON schema', async () => {
+    const client = await connect([lookupUser])
+    const { tools } = await client.listTools()
+    expect(tools).toHaveLength(1)
+    expect(tools[0]).toMatchObject({
+      name: 'lookup_user',
+      description: 'Look up a user by id',
+      inputSchema: {
+        type: 'object',
+        properties: { userId: { type: 'string' } },
+        required: ['userId'],
+      },
+    })
+  })
+
+  it('executes the tool and serializes object results to JSON text', async () => {
+    const client = await connect([lookupUser])
+    const result = await client.callTool({
+      name: 'lookup_user',
+      arguments: { userId: 'u-1' },
+    })
+    expect(result.content).toEqual([
+      { type: 'text', text: JSON.stringify({ id: 'u-1', name: 'Ada' }) },
+    ])
+    expect(result.isError ?? false).toBe(false)
+  })
+
+  it('passes string results through without double-encoding', async () => {
+    const echo: AnyTool = {
+      name: 'echo',
+      description: 'Echo input',
+      inputSchema: { type: 'object', properties: {} },
+      execute: async () => 'plain text result',
+    } as AnyTool
+    const client = await connect([echo])
+    const result = await client.callTool({ name: 'echo', arguments: {} })
+    expect(result.content).toEqual([
+      { type: 'text', text: 'plain text result' },
+    ])
+  })
+
+  it('marks thrown tool errors with isError', async () => {
+    const failing: AnyTool = {
+      name: 'failing',
+      description: 'Always fails',
+      inputSchema: { type: 'object', properties: {} },
+      execute: async () => {
+        throw new Error('tool blew up')
+      },
+    } as AnyTool
+    const client = await connect([failing])
+    const result = await client.callTool({ name: 'failing', arguments: {} })
+    expect(result.isError).toBe(true)
+    expect(result.content).toEqual([
+      { type: 'text', text: expect.stringContaining('tool blew up') },
+    ])
+  })
+
+  it('rejects calls to unknown tools', async () => {
+    const client = await connect([lookupUser])
+    await expect(
+      client.callTool({ name: 'nope', arguments: {} }),
+    ).rejects.toThrow()
+  })
+})
diff --git a/packages/ai-claude-code/tests/prompt.test.ts b/packages/ai-claude-code/tests/prompt.test.ts
new file mode 100644
index 000000000..6e8dfcdf3
--- /dev/null
+++ b/packages/ai-claude-code/tests/prompt.test.ts
@@ -0,0 +1,97 @@
+import { describe, expect, it } from 'vitest'
+import { buildPrompt } from '../src/messages/prompt'
+import type { ModelMessage } from '@tanstack/ai'
+
+const user = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'user',
+  content,
+})
+const assistant = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'assistant',
+  content,
+})
+
+describe('buildPrompt', () => {
+  it('resumes with only the last user message when sessionId is provided', () => {
+    const result = buildPrompt(
+      [
+        user('first question'),
+        assistant('first answer'),
+        user('follow-up question'),
+      ],
+      'sess-1',
+    )
+    expect(result).toEqual({
+      prompt: 'follow-up question',
+      resume: 'sess-1',
+    })
+  })
+
+  it('throws when sessionId is provided but there is no trailing user message', () => {
+    expect(() => buildPrompt([user('q'), assistant('a')], 'sess-1')).toThrow(
+      /user message/i,
+    )
+  })
+
+  it('sends a single user message as-is for a fresh session', () => {
+    expect(buildPrompt([user('hello')], undefined)).toEqual({
+      prompt: 'hello',
+    })
+  })
+
+  it('flattens prior turns into a transcript preamble for fresh multi-turn history', () => {
+    const { prompt, resume } = buildPrompt(
+      [user('What is 2+2?'), assistant('4'), user('And times 3?')],
+      undefined,
+    )
+    expect(resume).toBeUndefined()
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: What is 2+2?\nAssistant: 4\n\nAnd times 3?',
+    )
+  })
+
+  it('skips tool messages and assistant tool-call-only turns when flattening', () => {
+    const messages: Array<ModelMessage> = [
+      user('list files'),
+      {
+        role: 'assistant',
+        content: null,
+        toolCalls: [
+          {
+            id: 't1',
+            type: 'function',
+            function: { name: 'ls', arguments: '{}' },
+          },
+        ],
+      } as unknown as ModelMessage,
+      { role: 'tool', content: 'file-a', toolCallId: 't1' },
+      assistant('There is one file.'),
+      user('thanks, which one?'),
+    ]
+    const { prompt } = buildPrompt(messages, undefined)
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: list files\nAssistant: There is one file.\n\nthanks, which one?',
+    )
+  })
+
+  it('extracts text from content-part arrays and ignores non-text parts', () => {
+    const { prompt } = buildPrompt(
+      [
+        user([
+          { type: 'text', content: 'describe ' },
+          {
+            type: 'image',
+            source: { type: 'url', url: 'https://x/y.png' },
+          } as never,
+          { type: 'text', content: 'this' },
+        ] as ModelMessage['content']),
+      ],
+      undefined,
+    )
+    expect(prompt).toBe('describe this')
+  })
+
+  it('throws when there is no usable user content at all', () => {
+    expect(() => buildPrompt([], undefined)).toThrow(/user message/i)
+  })
+})
diff --git a/packages/ai-claude-code/tests/text-adapter.test.ts b/packages/ai-claude-code/tests/text-adapter.test.ts
new file mode 100644
index 000000000..4223d37a2
--- /dev/null
+++ b/packages/ai-claude-code/tests/text-adapter.test.ts
@@ -0,0 +1,370 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+import { query } from '@anthropic-ai/claude-agent-sdk'
+import { claudeCodeText } from '../src/adapters/text'
+import type { AgentSdkMessage } from '../src/stream/sdk-types'
+import type { InternalLogger } from '@tanstack/ai/adapter-internals'
+import type { StreamChunk, TextOptions } from '@tanstack/ai'
+
+vi.mock('@anthropic-ai/claude-agent-sdk', () => ({
+  query: vi.fn(),
+}))
+
+const queryMock = vi.mocked(query)
+
+const init: AgentSdkMessage = {
+  type: 'system',
+  subtype: 'init',
+  session_id: 'sess-1',
+  model: 'claude-opus-4-6',
+  tools: ['Bash'],
+}
+
+const textTurn: Array<AgentSdkMessage> = [
+  init,
+  {
+    type: 'assistant',
+    message: { id: 'msg-1', content: [{ type: 'text', text: 'hi there' }] },
+    parent_tool_use_id: null,
+  },
+  {
+    type: 'result',
+    subtype: 'success',
+    result: 'hi there',
+    usage: { input_tokens: 10, output_tokens: 5 },
+    total_cost_usd: 0.01,
+  },
+]
+
+function mockQueryReturning(messages: Array<AgentSdkMessage>) {
+  queryMock.mockImplementation(() => {
+    async function* generate() {
+      for (const message of messages) yield message
+    }
+    return generate() as ReturnType<typeof query>
+  })
+}
+
+const noopLogger = {
+  request: vi.fn(),
+  provider: vi.fn(),
+  output: vi.fn(),
+  errors: vi.fn(),
+  middleware: vi.fn(),
+  tools: vi.fn(),
+  agentLoop: vi.fn(),
+  config: vi.fn(),
+  isEnabled: () => false,
+} as unknown as InternalLogger
+
+function makeOptions(
+  overrides: Partial<TextOptions<Record<string, any>>> = {},
+): TextOptions<Record<string, any>> {
+  return {
+    model: 'claude-opus-4-6',
+    messages: [{ role: 'user', content: 'hello' }],
+    logger: noopLogger,
+    ...overrides,
+  } as TextOptions<Record<string, any>>
+}
+
+async function collect(
+  stream: AsyncIterable<StreamChunk>,
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of stream) chunks.push(chunk)
+  return chunks
+}
+
+beforeEach(() => {
+  queryMock.mockReset()
+})
+
+describe('claudeCodeText', () => {
+  it('creates an adapter with the claude-code provider name', () => {
+    const adapter = claudeCodeText('claude-opus-4-6')
+    expect(adapter.kind).toBe('text')
+    expect(adapter.name).toBe('claude-code')
+    expect(adapter.model).toBe('claude-opus-4-6')
+  })
+})
+
+describe('chatStream', () => {
+  it('streams translated AG-UI events for a simple turn', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('passes prompt, model, and resume to query()', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+          modelOptions: { sessionId: 'sess-prior' },
+        }),
+      ),
+    )
+
+    expect(queryMock).toHaveBeenCalledTimes(1)
+    const call = queryMock.mock.calls[0]![0]
+    expect(call.prompt).toBe('follow-up')
+    expect(call.options).toMatchObject({
+      model: 'claude-opus-4-6',
+      resume: 'sess-prior',
+      includePartialMessages: true,
+    })
+  })
+
+  it('isolates the harness from user-level settings by default (project only)', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await collect(adapter.chatStream(makeOptions()))
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.settingSources).toEqual(['project'])
+  })
+
+  it('honors a settingSources override', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6', {
+      settingSources: ['user', 'project', 'local'],
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.settingSources).toEqual(['user', 'project', 'local'])
+  })
+
+  it('bridges executable tools into an mcpServers entry named tanstack', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'lookup_user',
+              description: 'Look up a user',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => ({ ok: true }),
+            } as never,
+          ],
+        }),
+      ),
+    )
+
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.mcpServers).toMatchObject({
+      tanstack: { type: 'sdk', name: 'tanstack' },
+    })
+  })
+
+  it('does not create the bridge server when no tools are passed', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await collect(adapter.chatStream(makeOptions()))
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.mcpServers ?? {}).toEqual({})
+  })
+
+  it('emits RUN_ERROR for client-side tools (no execute)', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'client_only',
+              description: 'runs in browser',
+              inputSchema: { type: 'object', properties: {} },
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(queryMock).not.toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+    expect((chunks.at(-1) as { message: string }).message).toMatch(
+      /client-side/i,
+    )
+  })
+
+  it('emits RUN_ERROR for approval-gated tools', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'needs_ok',
+              description: 'requires approval',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => 'x',
+              needsApproval: true,
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+  })
+
+  it('appends system prompts to the claude_code preset by default', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await collect(
+      adapter.chatStream(
+        makeOptions({ systemPrompts: ['Be terse.', 'Use tabs.'] }),
+      ),
+    )
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.systemPrompt).toEqual({
+      type: 'preset',
+      preset: 'claude_code',
+      append: 'Be terse.\n\nUse tabs.',
+    })
+  })
+
+  it('replaces the system prompt entirely in replace mode', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6', {
+      systemPromptMode: 'replace',
+    })
+    await collect(
+      adapter.chatStream(makeOptions({ systemPrompts: ['Only this.'] })),
+    )
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.systemPrompt).toBe('Only this.')
+  })
+
+  it('wires permissionMode bypassPermissions with the required safety flag', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6', {
+      permissionMode: 'bypassPermissions',
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.permissionMode).toBe('bypassPermissions')
+    expect(options.allowDangerouslySkipPermissions).toBe(true)
+  })
+
+  it('passes an abort controller that follows the request signal', async () => {
+    mockQueryReturning(textTurn)
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const controller = new AbortController()
+    await collect(
+      adapter.chatStream(
+        makeOptions({ request: { signal: controller.signal } }),
+      ),
+    )
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.abortController).toBeInstanceOf(AbortController)
+    expect(options.abortController!.signal.aborted).toBe(false)
+    controller.abort()
+    expect(options.abortController!.signal.aborted).toBe(true)
+  })
+
+  it('emits RUN_ERROR when query() throws', async () => {
+    queryMock.mockImplementation(() => {
+      throw new Error('spawn failed')
+    })
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'spawn failed',
+    })
+  })
+})
+
+describe('structuredOutput', () => {
+  it('uses the native outputFormat and returns structured_output', async () => {
+    mockQueryReturning([
+      init,
+      {
+        type: 'result',
+        subtype: 'success',
+        result: '{"answer":42}',
+        structured_output: { answer: 42 },
+        usage: { input_tokens: 7, output_tokens: 3 },
+        total_cost_usd: 0,
+      },
+    ])
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: {
+        type: 'object',
+        properties: { answer: { type: 'number' } },
+      },
+    })
+
+    expect(result.data).toEqual({ answer: 42 })
+    expect(result.rawText).toBe('{"answer":42}')
+    expect(result.usage).toMatchObject({ promptTokens: 7, completionTokens: 3 })
+
+    const options = queryMock.mock.calls[0]![0].options!
+    expect(options.outputFormat).toEqual({
+      type: 'json_schema',
+      schema: {
+        type: 'object',
+        properties: { answer: { type: 'number' } },
+      },
+    })
+    expect(options.maxTurns).toBe(1)
+  })
+
+  it('falls back to parsing result text when structured_output is missing', async () => {
+    mockQueryReturning([
+      init,
+      {
+        type: 'result',
+        subtype: 'success',
+        result: '{"answer":7}',
+        usage: { input_tokens: 1, output_tokens: 1 },
+        total_cost_usd: 0,
+      },
+    ])
+    const adapter = claudeCodeText('claude-opus-4-6')
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: { type: 'object' },
+    })
+    expect(result.data).toEqual({ answer: 7 })
+  })
+
+  it('throws a descriptive error when the run fails', async () => {
+    mockQueryReturning([
+      init,
+      {
+        type: 'result',
+        subtype: 'error_during_execution',
+        errors: ['harness exploded'],
+        usage: {},
+        total_cost_usd: 0,
+      },
+    ])
+    const adapter = claudeCodeText('claude-opus-4-6')
+    await expect(
+      adapter.structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/harness exploded/)
+  })
+})
diff --git a/packages/ai-claude-code/tests/translate.test.ts b/packages/ai-claude-code/tests/translate.test.ts
new file mode 100644
index 000000000..607d2c457
--- /dev/null
+++ b/packages/ai-claude-code/tests/translate.test.ts
@@ -0,0 +1,485 @@
+import { describe, expect, it } from 'vitest'
+import { translateSdkStream } from '../src/stream/translate'
+import type { AgentSdkMessage } from '../src/stream/sdk-types'
+import type { StreamChunk } from '@tanstack/ai'
+
+function makeContext() {
+  let id = 0
+  return {
+    model: 'claude-opus-4-6',
+    runId: 'run-1',
+    threadId: 'thread-1',
+    genId: () => `gen-${++id}`,
+  }
+}
+
+async function* fromArray(
+  messages: Array<AgentSdkMessage>,
+): AsyncIterable<AgentSdkMessage> {
+  for (const message of messages) {
+    yield message
+  }
+}
+
+async function collect(
+  messages: Array<AgentSdkMessage>,
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of translateSdkStream(
+    fromArray(messages),
+    makeContext(),
+  )) {
+    chunks.push(chunk)
+  }
+  return chunks
+}
+
+const init: AgentSdkMessage = {
+  type: 'system',
+  subtype: 'init',
+  session_id: 'sess-abc',
+  model: 'claude-opus-4-6',
+  tools: ['Bash', 'Read'],
+  cwd: '/tmp',
+}
+
+const usage = {
+  input_tokens: 100,
+  output_tokens: 50,
+  cache_read_input_tokens: 10,
+  cache_creation_input_tokens: 5,
+}
+
+function assistantText(text: string, messageId = 'msg-1'): AgentSdkMessage {
+  return {
+    type: 'assistant',
+    message: { id: messageId, content: [{ type: 'text', text }] },
+    parent_tool_use_id: null,
+  }
+}
+
+const resultSuccess: AgentSdkMessage = {
+  type: 'result',
+  subtype: 'success',
+  result: 'done',
+  usage,
+  total_cost_usd: 0.12,
+}
+
+describe('translateSdkStream', () => {
+  it('translates a simple text turn into RUN_STARTED → CUSTOM → TEXT_* → RUN_FINISHED(stop)', async () => {
+    const chunks = await collect([init, assistantText('Hello!'), resultSuccess])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+
+    expect(chunks[0]).toMatchObject({
+      type: 'RUN_STARTED',
+      runId: 'run-1',
+      threadId: 'thread-1',
+      model: 'claude-opus-4-6',
+    })
+    expect(chunks[3]).toMatchObject({
+      type: 'TEXT_MESSAGE_CONTENT',
+      delta: 'Hello!',
+      content: 'Hello!',
+    })
+    expect(chunks[5]).toMatchObject({
+      type: 'RUN_FINISHED',
+      finishReason: 'stop',
+    })
+  })
+
+  it('surfaces the session id via a CUSTOM claude-code.session-id event', async () => {
+    const chunks = await collect([init, assistantText('hi'), resultSuccess])
+    const custom = chunks.find((c) => c.type === 'CUSTOM')
+    expect(custom).toMatchObject({
+      type: 'CUSTOM',
+      name: 'claude-code.session-id',
+      value: {
+        sessionId: 'sess-abc',
+        model: 'claude-opus-4-6',
+        tools: ['Bash', 'Read'],
+      },
+    })
+  })
+
+  it('maps usage onto RUN_FINISHED including cache token details', async () => {
+    const chunks = await collect([init, assistantText('hi'), resultSuccess])
+    const finished = chunks.find((c) => c.type === 'RUN_FINISHED')
+    expect(finished).toMatchObject({
+      usage: {
+        promptTokens: 100,
+        completionTokens: 50,
+        totalTokens: 150,
+        promptTokensDetails: { cachedTokens: 10, cacheWriteTokens: 5 },
+      },
+    })
+  })
+
+  it('emits resolved TOOL_CALL_* quadruples for harness tool activity and never finishes with tool_calls', async () => {
+    const messages: Array<AgentSdkMessage> = [
+      init,
+      {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            {
+              type: 'tool_use',
+              id: 'toolu_1',
+              name: 'Bash',
+              input: { command: 'ls' },
+            },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'user',
+        message: {
+          role: 'user',
+          content: [
+            {
+              type: 'tool_result',
+              tool_use_id: 'toolu_1',
+              content: 'file-a\nfile-b',
+            },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      assistantText('Found two files.', 'msg-2'),
+      resultSuccess,
+    ]
+
+    const chunks = await collect(messages)
+    const types = chunks.map((c) => c.type)
+    expect(types).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+
+    expect(chunks[2]).toMatchObject({
+      toolCallId: 'toolu_1',
+      toolCallName: 'Bash',
+    })
+    expect(chunks[3]).toMatchObject({
+      toolCallId: 'toolu_1',
+      delta: JSON.stringify({ command: 'ls' }),
+    })
+    expect(chunks[4]).toMatchObject({
+      toolCallId: 'toolu_1',
+      input: { command: 'ls' },
+    })
+    expect(chunks[5]).toMatchObject({
+      type: 'TOOL_CALL_RESULT',
+      toolCallId: 'toolu_1',
+      content: 'file-a\nfile-b',
+    })
+
+    const finished = chunks.filter((c) => c.type === 'RUN_FINISHED')
+    expect(finished).toHaveLength(1)
+    expect(finished[0]).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('strips the mcp__tanstack__ prefix from bridged tool names', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            {
+              type: 'tool_use',
+              id: 'toolu_2',
+              name: 'mcp__tanstack__lookup_user',
+              input: { userId: 'u1' },
+            },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      resultSuccess,
+    ])
+
+    const start = chunks.find((c) => c.type === 'TOOL_CALL_START')
+    expect(start).toMatchObject({ toolCallName: 'lookup_user' })
+  })
+
+  it('marks errored tool results with state output-error', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            { type: 'tool_use', id: 'toolu_3', name: 'Bash', input: {} },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'user',
+        message: {
+          role: 'user',
+          content: [
+            {
+              type: 'tool_result',
+              tool_use_id: 'toolu_3',
+              content: [{ type: 'text', text: 'command failed' }],
+              is_error: true,
+            },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      resultSuccess,
+    ])
+
+    const result = chunks.find((c) => c.type === 'TOOL_CALL_RESULT')
+    expect(result).toMatchObject({
+      toolCallId: 'toolu_3',
+      content: 'command failed',
+      state: 'output-error',
+    })
+  })
+
+  it('synthesizes interrupted tool results for unresolved tool calls before RUN_FINISHED', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            { type: 'tool_use', id: 'toolu_4', name: 'Bash', input: {} },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      resultSuccess,
+    ])
+
+    const types = chunks.map((c) => c.type as string)
+    expect(types.indexOf('TOOL_CALL_RESULT')).toBeGreaterThan(-1)
+    expect(types.indexOf('TOOL_CALL_RESULT')).toBeLessThan(
+      types.indexOf('RUN_FINISHED'),
+    )
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      toolCallId: 'toolu_4',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+  })
+
+  it('translates thinking blocks into REASONING_* events', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            { type: 'thinking', thinking: 'pondering...' },
+            { type: 'text', text: 'answer' },
+          ],
+        },
+        parent_tool_use_id: null,
+      },
+      resultSuccess,
+    ])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'REASONING_START',
+      'REASONING_MESSAGE_START',
+      'REASONING_MESSAGE_CONTENT',
+      'REASONING_MESSAGE_END',
+      'REASONING_END',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(
+      chunks.find((c) => c.type === 'REASONING_MESSAGE_CONTENT'),
+    ).toMatchObject({ delta: 'pondering...' })
+  })
+
+  it('maps error_max_turns to RUN_FINISHED(length)', async () => {
+    const chunks = await collect([
+      init,
+      assistantText('partial'),
+      {
+        type: 'result',
+        subtype: 'error_max_turns',
+        usage,
+        total_cost_usd: 0.5,
+        errors: [],
+      },
+    ])
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_FINISHED',
+      finishReason: 'length',
+    })
+  })
+
+  it('maps error_during_execution to RUN_ERROR', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'result',
+        subtype: 'error_during_execution',
+        usage,
+        total_cost_usd: 0,
+        errors: ['boom'],
+      },
+    ])
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'boom',
+      code: 'error_during_execution',
+    })
+  })
+
+  it('skips subagent messages (parent_tool_use_id set)', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'assistant',
+        message: { id: 'msg-sub', content: [{ type: 'text', text: 'inner' }] },
+        parent_tool_use_id: 'toolu_task',
+      },
+      assistantText('outer'),
+      resultSuccess,
+    ])
+
+    const contents = chunks.filter((c) => c.type === 'TEXT_MESSAGE_CONTENT')
+    expect(contents).toHaveLength(1)
+    expect(contents[0]).toMatchObject({ delta: 'outer' })
+  })
+
+  it('streams partial text deltas and dedupes the whole assistant message', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'stream_event',
+        event: { type: 'message_start', message: { id: 'msg-1' } },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_start',
+          index: 0,
+          content_block: { type: 'text' },
+        },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_delta',
+          index: 0,
+          delta: { type: 'text_delta', text: 'Hel' },
+        },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_delta',
+          index: 0,
+          delta: { type: 'text_delta', text: 'lo' },
+        },
+        parent_tool_use_id: null,
+      },
+      {
+        type: 'stream_event',
+        event: { type: 'content_block_stop', index: 0 },
+        parent_tool_use_id: null,
+      },
+      assistantText('Hello', 'msg-1'),
+      resultSuccess,
+    ])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[3]).toMatchObject({ delta: 'Hel', content: 'Hel' })
+    expect(chunks[4]).toMatchObject({ delta: 'lo', content: 'Hello' })
+  })
+
+  it('emits synthetic tool results then rethrows when the SDK stream throws mid-run', async () => {
+    async function* throwing(): AsyncIterable<AgentSdkMessage> {
+      yield init
+      yield {
+        type: 'assistant',
+        message: {
+          id: 'msg-1',
+          content: [
+            { type: 'tool_use', id: 'toolu_5', name: 'Bash', input: {} },
+          ],
+        },
+        parent_tool_use_id: null,
+      }
+      throw new Error('aborted')
+    }
+
+    const chunks: Array<StreamChunk> = []
+    await expect(async () => {
+      for await (const chunk of translateSdkStream(throwing(), makeContext())) {
+        chunks.push(chunk)
+      }
+    }).rejects.toThrow('aborted')
+
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      toolCallId: 'toolu_5',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+  })
+
+  it('ignores unknown SDK message types', async () => {
+    const chunks = await collect([
+      init,
+      {
+        type: 'system',
+        subtype: 'status',
+        status: 'compacting',
+      } as unknown as AgentSdkMessage,
+      assistantText('hi'),
+      resultSuccess,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+  })
+})
diff --git a/packages/ai-claude-code/tsconfig.json b/packages/ai-claude-code/tsconfig.json
new file mode 100644
index 000000000..c38689f4e
--- /dev/null
+++ b/packages/ai-claude-code/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "dist"
+  },
+  "include": ["src", "tests"],
+  "exclude": ["node_modules", "dist"]
+}
diff --git a/packages/ai-claude-code/vite.config.ts b/packages/ai-claude-code/vite.config.ts
new file mode 100644
index 000000000..11f5b20b7
--- /dev/null
+++ b/packages/ai-claude-code/vite.config.ts
@@ -0,0 +1,37 @@
+import { defineConfig, mergeConfig } from 'vitest/config'
+import { tanstackViteConfig } from '@tanstack/vite-config'
+import packageJson from './package.json'
+
+const config = defineConfig({
+  test: {
+    name: packageJson.name,
+    dir: './',
+    watch: false,
+
+    globals: true,
+    environment: 'node',
+    include: ['tests/**/*.test.ts'],
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'json', 'html', 'lcov'],
+      exclude: [
+        'node_modules/',
+        'dist/',
+        'tests/',
+        '**/*.test.ts',
+        '**/*.config.ts',
+        '**/types.ts',
+      ],
+      include: ['src/**/*.ts'],
+    },
+  },
+})
+
+export default mergeConfig(
+  config,
+  tanstackViteConfig({
+    entry: ['./src/index.ts'],
+    srcDir: './src',
+    cjs: false,
+  }),
+)
diff --git a/packages/ai-codex/README.md b/packages/ai-codex/README.md
new file mode 100644
index 000000000..21284d4a1
--- /dev/null
+++ b/packages/ai-codex/README.md
@@ -0,0 +1,18 @@
+# @tanstack/ai-codex
+
+Codex harness adapter for [TanStack AI](https://tanstack.com/ai) — run [OpenAI Codex](https://developers.openai.com/codex) (via `@openai/codex-sdk`) as a chat backend with local tool execution, stateful coding sessions, and TanStack tool bridging.
+
+```typescript
+import { chat } from '@tanstack/ai'
+import { codexText } from '@tanstack/ai-codex'
+
+const stream = chat({
+  adapter: codexText('gpt-5.1-codex', {
+    cwd: '/path/to/project',
+    sandboxMode: 'workspace-write',
+  }),
+  messages: [{ role: 'user', content: 'Fix the failing test.' }],
+})
+```
+
+Server-only (Node). See the [Codex adapter docs](https://tanstack.com/ai/latest/docs/adapters/codex) for sessions, tool bridging, sandboxing, and limitations.
diff --git a/packages/ai-codex/package.json b/packages/ai-codex/package.json
new file mode 100644
index 000000000..39ca349b4
--- /dev/null
+++ b/packages/ai-codex/package.json
@@ -0,0 +1,59 @@
+{
+  "name": "@tanstack/ai-codex",
+  "version": "0.1.0",
+  "description": "Codex harness adapter for TanStack AI — run OpenAI Codex as a chat backend with local tool execution and stateful sessions.",
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TanStack/ai.git",
+    "directory": "packages/ai-codex"
+  },
+  "keywords": [
+    "ai",
+    "ai-sdk",
+    "typescript",
+    "tanstack",
+    "openai",
+    "codex",
+    "harness",
+    "agent",
+    "adapter",
+    "chat",
+    "tool-calling"
+  ],
+  "type": "module",
+  "module": "./dist/esm/index.js",
+  "types": "./dist/esm/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/esm/index.d.ts",
+      "import": "./dist/esm/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "build": "vite build",
+    "clean": "premove ./build ./dist",
+    "lint:fix": "eslint ./src --fix",
+    "test:build": "publint --strict",
+    "test:eslint": "eslint ./src",
+    "test:lib": "vitest",
+    "test:lib:dev": "pnpm test:lib --watch",
+    "test:types": "tsc"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "@openai/codex-sdk": "^0.139.0"
+  },
+  "peerDependencies": {
+    "@tanstack/ai": "workspace:^"
+  },
+  "devDependencies": {
+    "@tanstack/ai": "workspace:*",
+    "@vitest/coverage-v8": "4.0.14"
+  }
+}
diff --git a/packages/ai-codex/src/adapters/text.ts b/packages/ai-codex/src/adapters/text.ts
new file mode 100644
index 000000000..9e27963ba
--- /dev/null
+++ b/packages/ai-codex/src/adapters/text.ts
@@ -0,0 +1,366 @@
+import { Codex } from '@openai/codex-sdk'
+import { EventType, normalizeSystemPrompts } from '@tanstack/ai'
+import { toRunErrorRawEvent } from '@tanstack/ai/adapter-internals'
+import { BaseTextAdapter } from '@tanstack/ai/adapters'
+import { buildPrompt } from '../messages/prompt'
+import { startToolBridge } from '../tools/bridge'
+import {
+  BRIDGED_MCP_SERVER_NAME,
+  translateThreadEvents,
+} from '../stream/translate'
+import type {
+  StructuredOutputOptions,
+  StructuredOutputResult,
+} from '@tanstack/ai/adapters'
+import type {
+  AnyTool,
+  DefaultMessageMetadataByModality,
+  Modality,
+  StreamChunk,
+  TextOptions,
+} from '@tanstack/ai'
+import type {
+  ApprovalMode,
+  CodexOptions,
+  ModelReasoningEffort,
+  SandboxMode,
+  ThreadOptions,
+  WebSearchMode,
+} from '@openai/codex-sdk'
+import type { CodexModel } from '../model-meta'
+import type { CodexTextProviderOptions } from '../provider-options'
+import type { CodexThreadEvent, CodexUsage } from '../stream/sdk-types'
+
+type CodexConfigValue = NonNullable<CodexOptions['config']>[string]
+
+export interface CodexTextConfig {
+  /** Working directory for the harness session. Defaults to `process.cwd()`. */
+  cwd?: string
+  /**
+   * Codex sandbox mode. Defaults to the harness default (`read-only`); set
+   * `'workspace-write'` to let the harness edit files and run commands
+   * inside the working directory.
+   */
+  sandboxMode?: SandboxMode
+  /**
+   * Codex approval policy. Headless runs have no approval UI, so this
+   * defaults to `'never'` — the sandbox mode is the safety boundary.
+   */
+  approvalPolicy?: ApprovalMode
+  /** Model reasoning effort forwarded to the harness. */
+  modelReasoningEffort?: ModelReasoningEffort
+  /**
+   * Whether to skip the harness's git-repo safety check. Defaults to `true`:
+   * a server adapter routinely points at scratch directories that aren't
+   * repositories, and the sandbox mode is the real safety boundary.
+   */
+  skipGitRepoCheck?: boolean
+  /** Allow network access inside the `workspace-write` sandbox. */
+  networkAccessEnabled?: boolean
+  /** Web search mode forwarded to the harness. */
+  webSearchMode?: WebSearchMode
+  /** Extra writable directories beyond the working directory. */
+  additionalDirectories?: Array<string>
+  /**
+   * OpenAI API key for the harness subprocess (exported as `CODEX_API_KEY`).
+   * Falls back to the local `codex login` credentials when omitted.
+   */
+  apiKey?: string
+  /** Override the Codex backend base URL. */
+  baseUrl?: string
+  /** Path to a Codex executable (defaults to the SDK's bundled binary). */
+  codexPathOverride?: string
+  /**
+   * Environment variables for the harness subprocess. When set, the
+   * subprocess does NOT inherit `process.env` (Codex SDK semantics).
+   */
+  env?: Record<string, string>
+  /**
+   * Extra `--config key=value` overrides passed to the Codex CLI, e.g.
+   * additional `mcp_servers` entries. Merged with (and overridden by) the
+   * adapter's own bridged-tools server config.
+   */
+  config?: CodexOptions['config']
+}
+
+function validateTools(tools: Array<AnyTool> | undefined): void {
+  if (!tools || tools.length === 0) return
+  const unsupported = tools.filter(
+    (tool) => typeof tool.execute !== 'function' || tool.needsApproval === true,
+  )
+  if (unsupported.length > 0) {
+    throw new Error(
+      `Codex harness cannot execute client-side or approval-gated tools: ${unsupported
+        .map((tool) => tool.name)
+        .join(
+          ', ',
+        )}. Provide server execute() implementations without needsApproval, or run these tools outside the harness.`,
+    )
+  }
+}
+
+export class CodexTextAdapter<
+  TModel extends CodexModel,
+> extends BaseTextAdapter<
+  TModel,
+  CodexTextProviderOptions,
+  ReadonlyArray<Modality> & readonly ['text'],
+  DefaultMessageMetadataByModality,
+  ReadonlyArray<string>,
+  unknown,
+  never
+> {
+  readonly name = 'codex' as const
+
+  private readonly adapterConfig: CodexTextConfig
+
+  constructor(config: CodexTextConfig, model: TModel) {
+    super({}, model)
+    this.adapterConfig = config
+  }
+
+  async *chatStream(
+    options: TextOptions<CodexTextProviderOptions>,
+  ): AsyncIterable<StreamChunk> {
+    const { logger } = options
+    let bridge: Awaited<ReturnType<typeof startToolBridge>> | undefined
+    try {
+      validateTools(options.tools)
+
+      const modelOptions = options.modelOptions
+      const { prompt, resume } = buildPrompt(
+        options.messages,
+        modelOptions?.sessionId,
+      )
+
+      if (options.tools && options.tools.length > 0) {
+        bridge = await startToolBridge(options.tools)
+      }
+
+      const codex = this.createCodex(bridge?.url)
+      const threadOptions = this.buildThreadOptions(options)
+      const thread =
+        resume !== undefined
+          ? codex.resumeThread(resume, threadOptions)
+          : codex.startThread(threadOptions)
+
+      logger.request(
+        `activity=chat provider=codex model=${this.model} messages=${options.messages.length} tools=${options.tools?.length ?? 0} resume=${resume ?? 'none'}`,
+        { provider: 'codex', model: this.model },
+      )
+
+      const signal =
+        options.abortController?.signal ?? options.request?.signal ?? undefined
+      const { events } = await thread.runStreamed(
+        this.applySystemPrompts(options, prompt),
+        signal !== undefined ? { signal } : {},
+      )
+
+      yield* translateThreadEvents(events as AsyncIterable<CodexThreadEvent>, {
+        model: this.model,
+        runId: options.runId ?? this.generateId(),
+        threadId: options.threadId ?? this.generateId(),
+        ...(options.parentRunId !== undefined && {
+          parentRunId: options.parentRunId,
+        }),
+        genId: () => this.generateId(),
+        onThreadEvent: (event) =>
+          logger.provider(`provider=codex type=${event.type}`, {
+            chunk: event,
+          }),
+      })
+    } catch (error: unknown) {
+      const err = error as Error & { code?: string }
+      const rawEvent = toRunErrorRawEvent(error)
+      logger.errors('codex.chatStream fatal', {
+        error,
+        source: 'codex.chatStream',
+      })
+      yield {
+        type: EventType.RUN_ERROR,
+        model: options.model,
+        timestamp: Date.now(),
+        message: err.message || 'Unknown error occurred',
+        ...(err.code !== undefined && { code: err.code }),
+        ...(rawEvent !== undefined && { rawEvent }),
+        error: {
+          message: err.message || 'Unknown error occurred',
+          ...(err.code !== undefined && { code: err.code }),
+        },
+      }
+    } finally {
+      await bridge?.close()
+    }
+  }
+
+  /**
+   * Structured output via the harness's native `outputSchema` support: a
+   * fresh one-shot read-only thread whose final agent message is a JSON
+   * string conforming to the schema.
+   */
+  async structuredOutput(
+    options: StructuredOutputOptions<CodexTextProviderOptions>,
+  ): Promise<StructuredOutputResult<unknown>> {
+    const { chatOptions, outputSchema } = options
+    const { logger } = chatOptions
+
+    // Fresh one-shot run: deliberately no `resume`, so finalization never
+    // mutates the caller's interactive session. No bridge either — tools
+    // are a chat concern.
+    const { prompt } = buildPrompt(chatOptions.messages, undefined)
+
+    const codex = this.createCodex(undefined)
+    const thread = codex.startThread({
+      ...this.buildThreadOptions(chatOptions),
+      sandboxMode: 'read-only',
+    })
+
+    logger.request(
+      `activity=structured-output provider=codex model=${this.model}`,
+      { provider: 'codex', model: this.model },
+    )
+
+    const signal =
+      chatOptions.abortController?.signal ??
+      chatOptions.request?.signal ??
+      undefined
+    const { events } = await thread.runStreamed(
+      this.applySystemPrompts(chatOptions, prompt),
+      {
+        outputSchema,
+        ...(signal !== undefined && { signal }),
+      },
+    )
+
+    let rawText = ''
+    let usage: CodexUsage | undefined
+    for await (const event of events as AsyncIterable<CodexThreadEvent>) {
+      logger.provider(`provider=codex type=${event.type}`, { chunk: event })
+      if (
+        event.type === 'item.completed' &&
+        event.item.type === 'agent_message'
+      ) {
+        rawText = event.item.text
+      } else if (event.type === 'turn.completed') {
+        usage = event.usage
+      } else if (event.type === 'turn.failed') {
+        throw new Error(event.error?.message ?? 'Codex turn failed')
+      } else if (event.type === 'error') {
+        throw new Error(event.message)
+      }
+    }
+
+    if (rawText === '') {
+      throw new Error(
+        'Codex run ended without an agent message during structured output generation.',
+      )
+    }
+
+    const promptTokens = usage?.input_tokens ?? 0
+    const completionTokens = usage?.output_tokens ?? 0
+    return {
+      data: JSON.parse(rawText),
+      rawText,
+      usage: {
+        promptTokens,
+        completionTokens,
+        totalTokens: promptTokens + completionTokens,
+      },
+    }
+  }
+
+  /**
+   * Codex threads have no system-prompt channel, so `systemPrompts` from
+   * `chat()` are prepended to the prompt text as an instruction preamble.
+   */
+  private applySystemPrompts(
+    options: TextOptions<CodexTextProviderOptions>,
+    prompt: string,
+  ): string {
+    const systemPrompts = normalizeSystemPrompts(options.systemPrompts)
+      .map((systemPrompt) => systemPrompt.content)
+      .filter((content) => content.trim() !== '')
+    if (systemPrompts.length === 0) return prompt
+    return `${systemPrompts.join('\n\n')}\n\n${prompt}`
+  }
+
+  private createCodex(bridgeUrl: string | undefined): Codex {
+    const config = this.adapterConfig
+    const mergedConfig: CodexOptions['config'] = {
+      ...config.config,
+      ...(bridgeUrl !== undefined && {
+        mcp_servers: {
+          ...(config.config?.mcp_servers as
+            | Record<string, CodexConfigValue>
+            | undefined),
+          [BRIDGED_MCP_SERVER_NAME]: { url: bridgeUrl },
+        },
+      }),
+    }
+    return new Codex({
+      ...(config.apiKey !== undefined && { apiKey: config.apiKey }),
+      ...(config.baseUrl !== undefined && { baseUrl: config.baseUrl }),
+      ...(config.codexPathOverride !== undefined && {
+        codexPathOverride: config.codexPathOverride,
+      }),
+      ...(config.env !== undefined && { env: config.env }),
+      ...(Object.keys(mergedConfig).length > 0 && { config: mergedConfig }),
+    })
+  }
+
+  private buildThreadOptions(
+    options: TextOptions<CodexTextProviderOptions>,
+  ): ThreadOptions {
+    const config = this.adapterConfig
+    const modelOptions = options.modelOptions
+
+    const sandboxMode = modelOptions?.sandboxMode ?? config.sandboxMode
+    const approvalPolicy =
+      modelOptions?.approvalPolicy ?? config.approvalPolicy ?? 'never'
+    const modelReasoningEffort =
+      modelOptions?.modelReasoningEffort ?? config.modelReasoningEffort
+    const workingDirectory = modelOptions?.workingDirectory ?? config.cwd
+    const skipGitRepoCheck =
+      modelOptions?.skipGitRepoCheck ?? config.skipGitRepoCheck ?? true
+
+    return {
+      model: this.model,
+      approvalPolicy,
+      skipGitRepoCheck,
+      ...(sandboxMode !== undefined && { sandboxMode }),
+      ...(modelReasoningEffort !== undefined && { modelReasoningEffort }),
+      ...(workingDirectory !== undefined && { workingDirectory }),
+      ...(config.networkAccessEnabled !== undefined && {
+        networkAccessEnabled: config.networkAccessEnabled,
+      }),
+      ...(config.webSearchMode !== undefined && {
+        webSearchMode: config.webSearchMode,
+      }),
+      ...(config.additionalDirectories !== undefined && {
+        additionalDirectories: config.additionalDirectories,
+      }),
+    }
+  }
+}
+
+/**
+ * Creates a Codex text adapter.
+ *
+ * Unlike HTTP provider adapters, this is a *harness* adapter: Codex runs its
+ * own agent loop and executes its own tools (shell commands, file edits,
+ * web search, ...) locally, server-side, inside its sandbox. Each `chat()`
+ * call runs one full harness turn; harness tool activity streams back as
+ * already-resolved tool-call events, and the thread id is surfaced via a
+ * CUSTOM `codex.session-id` event so follow-up calls can resume the session
+ * through `modelOptions.sessionId`.
+ *
+ * Note: Codex reports assistant text only as completed messages — there are
+ * no token-level text deltas, so text arrives message-at-a-time while tool
+ * activity still streams live.
+ */
+export function codexText<TModel extends CodexModel>(
+  model: TModel,
+  config: CodexTextConfig = {},
+): CodexTextAdapter<TModel> {
+  return new CodexTextAdapter(config, model)
+}
diff --git a/packages/ai-codex/src/index.ts b/packages/ai-codex/src/index.ts
new file mode 100644
index 000000000..2bfdf23d3
--- /dev/null
+++ b/packages/ai-codex/src/index.ts
@@ -0,0 +1,21 @@
+export { CodexTextAdapter, codexText } from './adapters/text'
+export type { CodexTextConfig } from './adapters/text'
+export type { CodexTextProviderOptions } from './provider-options'
+export { CODEX_MODELS } from './model-meta'
+export type { CodexModel, KnownCodexModel } from './model-meta'
+export {
+  SESSION_ID_EVENT,
+  BRIDGED_MCP_SERVER_NAME,
+  translateThreadEvents,
+  toolNameForItem,
+} from './stream/translate'
+export type { TranslateContext } from './stream/translate'
+export type {
+  CodexThreadEvent,
+  CodexThreadItem,
+  CodexUsage,
+} from './stream/sdk-types'
+export { buildPrompt } from './messages/prompt'
+export type { BuiltPrompt } from './messages/prompt'
+export { startToolBridge } from './tools/bridge'
+export type { ToolBridgeHandle } from './tools/bridge'
diff --git a/packages/ai-codex/src/messages/prompt.ts b/packages/ai-codex/src/messages/prompt.ts
new file mode 100644
index 000000000..73b9ac549
--- /dev/null
+++ b/packages/ai-codex/src/messages/prompt.ts
@@ -0,0 +1,67 @@
+import type { ModelMessage } from '@tanstack/ai'
+
+export interface BuiltPrompt {
+  prompt: string
+  /** Codex thread id to resume, when the caller threaded one through. */
+  resume?: string
+}
+
+function extractText(content: ModelMessage['content']): string {
+  if (content === null) return ''
+  if (typeof content === 'string') return content
+  return content
+    .map((part) =>
+      part.type === 'text' && typeof part.content === 'string'
+        ? part.content
+        : '',
+    )
+    .join('')
+}
+
+/**
+ * Convert TanStack chat history into the Codex SDK's prompt + resume inputs.
+ *
+ * With a `sessionId`, the harness already holds the conversation context, so
+ * only the trailing user message is sent and the thread is resumed. Without
+ * one, prior turns are flattened into a plain-text transcript preamble (tool
+ * messages and tool-call-only assistant turns are harness-internal noise and
+ * are skipped; prompts are text-only in v1).
+ */
+export function buildPrompt(
+  messages: Array<ModelMessage>,
+  sessionId: string | undefined,
+): BuiltPrompt {
+  const lastMessage = messages.at(-1)
+  const lastUserText =
+    lastMessage?.role === 'user' ? extractText(lastMessage.content).trim() : ''
+
+  if (!lastUserText) {
+    throw new Error(
+      'Codex adapter requires a trailing user message with text content.',
+    )
+  }
+
+  if (sessionId !== undefined) {
+    return { prompt: lastUserText, resume: sessionId }
+  }
+
+  const priorTurns = messages
+    .slice(0, -1)
+    .filter(
+      (message) =>
+        (message.role === 'user' || message.role === 'assistant') &&
+        extractText(message.content).trim() !== '',
+    )
+    .map(
+      (message) =>
+        `${message.role === 'user' ? 'User' : 'Assistant'}: ${extractText(message.content).trim()}`,
+    )
+
+  if (priorTurns.length === 0) {
+    return { prompt: lastUserText }
+  }
+
+  return {
+    prompt: `Previous conversation:\n${priorTurns.join('\n')}\n\n${lastUserText}`,
+  }
+}
diff --git a/packages/ai-codex/src/model-meta.ts b/packages/ai-codex/src/model-meta.ts
new file mode 100644
index 000000000..dbf2af0fe
--- /dev/null
+++ b/packages/ai-codex/src/model-meta.ts
@@ -0,0 +1,17 @@
+/**
+ * Models known to work with Codex. The harness accepts any OpenAI model id
+ * its backend supports, so this list exists for autocomplete — any string is
+ * accepted via the `(string & {})` escape hatch in {@link CodexModel}.
+ */
+export const CODEX_MODELS = [
+  'gpt-5.3-codex',
+  'gpt-5.2-codex',
+  'gpt-5.1-codex',
+  'gpt-5.1-codex-mini',
+  'gpt-5.1',
+] as const
+
+export type KnownCodexModel = (typeof CODEX_MODELS)[number]
+
+/** Any model id accepted by Codex; known ids get autocomplete. */
+export type CodexModel = KnownCodexModel | (string & {})
diff --git a/packages/ai-codex/src/provider-options.ts b/packages/ai-codex/src/provider-options.ts
new file mode 100644
index 000000000..819702cf4
--- /dev/null
+++ b/packages/ai-codex/src/provider-options.ts
@@ -0,0 +1,29 @@
+import type {
+  ApprovalMode,
+  ModelReasoningEffort,
+  SandboxMode,
+} from '@openai/codex-sdk'
+
+/**
+ * Per-call provider options for the Codex adapter, passed via `modelOptions`
+ * on `chat()`.
+ */
+export interface CodexTextProviderOptions {
+  /**
+   * Resume an existing Codex thread. The adapter emits the thread id of
+   * every fresh run via a CUSTOM `codex.session-id` stream event; thread it
+   * back here to continue that session (only the latest user message is
+   * sent — the harness already holds the prior context).
+   */
+  sessionId?: string
+  /** Per-call override of the configured sandbox mode. */
+  sandboxMode?: SandboxMode
+  /** Per-call override of the configured approval policy. */
+  approvalPolicy?: ApprovalMode
+  /** Per-call override of the model reasoning effort. */
+  modelReasoningEffort?: ModelReasoningEffort
+  /** Per-call override of the harness working directory. */
+  workingDirectory?: string
+  /** Per-call override of the git-repo safety check (defaults to skipping). */
+  skipGitRepoCheck?: boolean
+}
diff --git a/packages/ai-codex/src/stream/sdk-types.ts b/packages/ai-codex/src/stream/sdk-types.ts
new file mode 100644
index 000000000..1e7d36726
--- /dev/null
+++ b/packages/ai-codex/src/stream/sdk-types.ts
@@ -0,0 +1,66 @@
+/**
+ * Structural subset of the `@openai/codex-sdk` event types that the stream
+ * translator consumes.
+ *
+ * These are intentionally defined structurally (rather than imported from the
+ * Codex SDK) so the translator stays a pure, fixture-testable state machine
+ * and the package's public types don't depend on the SDK's type exports.
+ * Unknown item or event types fall through every branch at runtime.
+ */
+
+export interface CodexUsage {
+  input_tokens?: number
+  cached_input_tokens?: number
+  output_tokens?: number
+  reasoning_output_tokens?: number
+}
+
+export interface CodexMcpToolCallResult {
+  content?: Array<{ type: string; text?: string; [key: string]: unknown }>
+  structured_content?: unknown
+}
+
+export type CodexThreadItem =
+  | { id: string; type: 'agent_message'; text: string }
+  | { id: string; type: 'reasoning'; text: string }
+  | {
+      id: string
+      type: 'command_execution'
+      command: string
+      aggregated_output?: string
+      exit_code?: number
+      status: string
+    }
+  | {
+      id: string
+      type: 'file_change'
+      changes: Array<{ path: string; kind: string }>
+      status: string
+    }
+  | {
+      id: string
+      type: 'mcp_tool_call'
+      server: string
+      tool: string
+      arguments?: unknown
+      result?: CodexMcpToolCallResult
+      error?: { message: string }
+      status: string
+    }
+  | { id: string; type: 'web_search'; query: string }
+  | {
+      id: string
+      type: 'todo_list'
+      items: Array<{ text: string; completed: boolean }>
+    }
+  | { id: string; type: 'error'; message: string }
+
+export type CodexThreadEvent =
+  | { type: 'thread.started'; thread_id: string }
+  | { type: 'turn.started' }
+  | { type: 'turn.completed'; usage?: CodexUsage }
+  | { type: 'turn.failed'; error?: { message?: string } }
+  | { type: 'item.started'; item: CodexThreadItem }
+  | { type: 'item.updated'; item: CodexThreadItem }
+  | { type: 'item.completed'; item: CodexThreadItem }
+  | { type: 'error'; message: string }
diff --git a/packages/ai-codex/src/stream/translate.ts b/packages/ai-codex/src/stream/translate.ts
new file mode 100644
index 000000000..082e26ba3
--- /dev/null
+++ b/packages/ai-codex/src/stream/translate.ts
@@ -0,0 +1,381 @@
+import { EventType, buildBaseUsage } from '@tanstack/ai'
+import type { StreamChunk, TokenUsage } from '@tanstack/ai'
+import type { CodexThreadEvent, CodexThreadItem, CodexUsage } from './sdk-types'
+
+/** Name of the CUSTOM event carrying the Codex thread (session) id. */
+export const SESSION_ID_EVENT = 'codex.session-id'
+
+/** Server name used for bridged TanStack tools. */
+export const BRIDGED_MCP_SERVER_NAME = 'tanstack'
+
+export interface TranslateContext {
+  model: string
+  runId: string
+  threadId: string
+  parentRunId?: string
+  genId: () => string
+  /** Called as soon as the harness reports its thread id. */
+  onSessionId?: (sessionId: string) => void
+  /** Called for each raw SDK thread event, for logging. */
+  onThreadEvent?: (event: CodexThreadEvent) => void
+}
+
+/**
+ * Resolve the AG-UI tool-call name for a Codex thread item. Bridged TanStack
+ * tools come back as `mcp_tool_call` items on the `tanstack` server and are
+ * surfaced under the names the application registered; foreign MCP tools are
+ * namespaced `mcp__<server>__<tool>`; harness-native items use their item
+ * type verbatim (`command_execution`, `file_change`, ...).
+ */
+export function toolNameForItem(item: CodexThreadItem): string {
+  if (item.type === 'mcp_tool_call') {
+    return item.server === BRIDGED_MCP_SERVER_NAME
+      ? item.tool
+      : `mcp__${item.server}__${item.tool}`
+  }
+  return item.type
+}
+
+/** Thread items the translator surfaces as already-resolved tool calls. */
+type CodexToolItem = Extract<
+  CodexThreadItem,
+  {
+    type:
+      | 'command_execution'
+      | 'mcp_tool_call'
+      | 'file_change'
+      | 'web_search'
+      | 'todo_list'
+  }
+>
+
+function toolArgsForItem(item: CodexToolItem): unknown {
+  switch (item.type) {
+    case 'command_execution':
+      return { command: item.command }
+    case 'mcp_tool_call':
+      return item.arguments ?? {}
+    case 'file_change':
+      return { changes: item.changes }
+    case 'web_search':
+      return { query: item.query }
+    case 'todo_list':
+      return {}
+  }
+}
+
+function toolResultForItem(item: CodexToolItem): {
+  content: string
+  isError: boolean
+} {
+  switch (item.type) {
+    case 'command_execution':
+      return {
+        content: JSON.stringify({
+          aggregated_output: item.aggregated_output ?? '',
+          ...(item.exit_code !== undefined && { exit_code: item.exit_code }),
+          status: item.status,
+        }),
+        isError: item.status === 'failed',
+      }
+    case 'mcp_tool_call': {
+      if (item.error) {
+        return { content: item.error.message, isError: true }
+      }
+      const text = (item.result?.content ?? [])
+        .map((block) => (typeof block.text === 'string' ? block.text : ''))
+        .join('')
+      if (text !== '') {
+        return { content: text, isError: item.status === 'failed' }
+      }
+      if (item.result?.structured_content !== undefined) {
+        return {
+          content: JSON.stringify(item.result.structured_content),
+          isError: item.status === 'failed',
+        }
+      }
+      return {
+        content: JSON.stringify({ status: item.status }),
+        isError: item.status === 'failed',
+      }
+    }
+    case 'file_change':
+      return {
+        content: JSON.stringify({ changes: item.changes, status: item.status }),
+        isError: item.status === 'failed',
+      }
+    case 'web_search':
+      return {
+        content: JSON.stringify({ status: 'completed' }),
+        isError: false,
+      }
+    case 'todo_list':
+      return { content: JSON.stringify({ items: item.items }), isError: false }
+  }
+}
+
+function isToolItem(item: CodexThreadItem): item is CodexToolItem {
+  return (
+    item.type === 'command_execution' ||
+    item.type === 'mcp_tool_call' ||
+    item.type === 'file_change' ||
+    item.type === 'web_search' ||
+    item.type === 'todo_list'
+  )
+}
+
+function buildUsage(usage: CodexUsage | undefined): TokenUsage | undefined {
+  if (!usage) return undefined
+  const promptTokens = usage.input_tokens ?? 0
+  const completionTokens = usage.output_tokens ?? 0
+  const result = buildBaseUsage({
+    promptTokens,
+    completionTokens,
+    totalTokens: promptTokens + completionTokens,
+  })
+  if (usage.cached_input_tokens) {
+    result.promptTokensDetails = { cachedTokens: usage.cached_input_tokens }
+  }
+  if (usage.reasoning_output_tokens) {
+    result.completionTokensDetails = {
+      reasoningTokens: usage.reasoning_output_tokens,
+    }
+  }
+  return result
+}
+
+/**
+ * Translate a Codex SDK thread-event stream into AG-UI StreamChunk events.
+ *
+ * The harness runs its own agent loop and executes its own tools, so the
+ * translation always ends with `finishReason: 'stop'` (or RUN_ERROR) — never
+ * `'tool_calls'`. Harness tool activity (commands, file changes, MCP calls,
+ * web searches, todo lists) is emitted as already-resolved
+ * TOOL_CALL_START/ARGS/END + TOOL_CALL_RESULT sequences so UIs can render it
+ * while the TanStack engine never tries to execute them.
+ *
+ * Codex reports assistant text and reasoning only as completed items (no
+ * token-level deltas), so each `agent_message` / `reasoning` item becomes a
+ * single START/CONTENT/END burst.
+ *
+ * Invariant: every TOOL_CALL_START is eventually paired with a
+ * TOOL_CALL_RESULT (synthesized as `{"status":"interrupted"}` when the run
+ * ends or aborts before the harness reported one) so the engine's
+ * pending-tool-call scan on the next request never force-executes them.
+ */
+export async function* translateThreadEvents(
+  events: AsyncIterable<CodexThreadEvent>,
+  ctx: TranslateContext,
+): AsyncIterable<StreamChunk> {
+  const { model, runId, threadId, genId } = ctx
+  const now = () => Date.now()
+
+  let runStarted = false
+  /** Tool calls started but with no result yet. */
+  const unresolvedToolCalls = new Set<string>()
+  /** Item ids that already emitted TOOL_CALL_START/ARGS/END. */
+  const openedToolItems = new Set<string>()
+
+  function* startRun(): Generator<StreamChunk> {
+    if (runStarted) return
+    runStarted = true
+    yield {
+      type: EventType.RUN_STARTED,
+      runId,
+      threadId,
+      model,
+      timestamp: now(),
+      ...(ctx.parentRunId !== undefined && { parentRunId: ctx.parentRunId }),
+    }
+  }
+
+  function* synthesizeUnresolvedResults(): Generator<StreamChunk> {
+    for (const toolCallId of unresolvedToolCalls) {
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content: JSON.stringify({ status: 'interrupted' }),
+      }
+    }
+    unresolvedToolCalls.clear()
+  }
+
+  function* openToolCall(item: CodexToolItem): Generator<StreamChunk> {
+    if (openedToolItems.has(item.id)) return
+    openedToolItems.add(item.id)
+    const toolCallName = toolNameForItem(item)
+    const input = toolArgsForItem(item)
+    const args = JSON.stringify(input)
+    yield {
+      type: EventType.TOOL_CALL_START,
+      toolCallId: item.id,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+    }
+    yield {
+      type: EventType.TOOL_CALL_ARGS,
+      toolCallId: item.id,
+      model,
+      timestamp: now(),
+      delta: args,
+      args,
+    }
+    yield {
+      type: EventType.TOOL_CALL_END,
+      toolCallId: item.id,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+      input,
+    }
+    unresolvedToolCalls.add(item.id)
+  }
+
+  function* handleItemCompleted(item: CodexThreadItem): Generator<StreamChunk> {
+    if (item.type === 'agent_message') {
+      const messageId = item.id
+      yield {
+        type: EventType.TEXT_MESSAGE_START,
+        messageId,
+        model,
+        timestamp: now(),
+        role: 'assistant',
+      }
+      yield {
+        type: EventType.TEXT_MESSAGE_CONTENT,
+        messageId,
+        model,
+        timestamp: now(),
+        delta: item.text,
+        content: item.text,
+      }
+      yield {
+        type: EventType.TEXT_MESSAGE_END,
+        messageId,
+        model,
+        timestamp: now(),
+      }
+    } else if (item.type === 'reasoning') {
+      const reasoningId = item.id
+      yield {
+        type: EventType.REASONING_START,
+        messageId: reasoningId,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_MESSAGE_START,
+        messageId: reasoningId,
+        role: 'reasoning' as const,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_MESSAGE_CONTENT,
+        messageId: reasoningId,
+        delta: item.text,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_MESSAGE_END,
+        messageId: reasoningId,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_END,
+        messageId: reasoningId,
+        model,
+        timestamp: now(),
+      }
+    } else if (isToolItem(item)) {
+      yield* openToolCall(item)
+      unresolvedToolCalls.delete(item.id)
+      const { content, isError } = toolResultForItem(item)
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId: item.id,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content,
+        ...(isError && { state: 'output-error' as const }),
+      }
+    }
+    // `error` items are non-fatal diagnostics; `turn.failed` is the fatal
+    // signal. They are surfaced via onThreadEvent logging only.
+  }
+
+  try {
+    for await (const event of events) {
+      ctx.onThreadEvent?.(event)
+
+      if (event.type === 'thread.started') {
+        yield* startRun()
+        ctx.onSessionId?.(event.thread_id)
+        yield {
+          type: EventType.CUSTOM,
+          model,
+          timestamp: now(),
+          name: SESSION_ID_EVENT,
+          value: { sessionId: event.thread_id },
+        }
+        continue
+      }
+
+      // Resumed threads don't re-emit thread.started; anything else still
+      // needs RUN_STARTED first.
+      yield* startRun()
+
+      if (event.type === 'item.started') {
+        if (isToolItem(event.item)) {
+          yield* openToolCall(event.item)
+        }
+      } else if (event.type === 'item.completed') {
+        yield* handleItemCompleted(event.item)
+      } else if (event.type === 'turn.completed') {
+        yield* synthesizeUnresolvedResults()
+        const usage = buildUsage(event.usage)
+        yield {
+          type: EventType.RUN_FINISHED,
+          runId,
+          threadId,
+          model,
+          timestamp: now(),
+          finishReason: 'stop',
+          ...(usage !== undefined && { usage }),
+        }
+      } else if (event.type === 'turn.failed' || event.type === 'error') {
+        yield* synthesizeUnresolvedResults()
+        const message =
+          event.type === 'turn.failed'
+            ? (event.error?.message ?? 'Codex turn failed')
+            : event.message
+        yield {
+          type: EventType.RUN_ERROR,
+          model,
+          timestamp: now(),
+          message,
+          error: { message },
+        }
+      }
+      // turn.started and item.updated carry no state the chunk stream needs:
+      // long-running items resolve via item.completed, and intermediate
+      // updates (e.g. streaming command output) are intentionally dropped.
+    }
+  } catch (error) {
+    // The run is dying (abort or SDK failure). Pair any started tool calls
+    // with a synthetic result first so the next request's pending-tool-call
+    // scan doesn't try to execute them, then let the adapter surface the
+    // error as RUN_ERROR.
+    yield* synthesizeUnresolvedResults()
+    throw error
+  }
+}
diff --git a/packages/ai-codex/src/tools/bridge.ts b/packages/ai-codex/src/tools/bridge.ts
new file mode 100644
index 000000000..daafcc47d
--- /dev/null
+++ b/packages/ai-codex/src/tools/bridge.ts
@@ -0,0 +1,130 @@
+import { createServer } from 'node:http'
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js'
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js'
+import { BRIDGED_MCP_SERVER_NAME } from '../stream/translate'
+import type { AddressInfo } from 'node:net'
+import type { AnyTool } from '@tanstack/ai'
+
+/** A running localhost MCP server exposing TanStack tools to the harness. */
+export interface ToolBridgeHandle {
+  /** Streamable-HTTP MCP endpoint, e.g. `http://127.0.0.1:54321/mcp`. */
+  url: string
+  /** Stop the HTTP server and drop any open connections. */
+  close: () => Promise<void>
+}
+
+function createMcpServer(tools: Array<AnyTool>): McpServer {
+  const instance = new McpServer(
+    { name: BRIDGED_MCP_SERVER_NAME, version: '1.0.0' },
+    { capabilities: { tools: {} } },
+  )
+
+  const toolsByName = new Map(tools.map((tool) => [tool.name, tool]))
+
+  instance.server.setRequestHandler(ListToolsRequestSchema, () => ({
+    tools: tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      inputSchema: (tool.inputSchema ?? {
+        type: 'object',
+        properties: {},
+      }) as { type: 'object'; [key: string]: unknown },
+    })),
+  }))
+
+  instance.server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const tool = toolsByName.get(request.params.name)
+    if (!tool?.execute) {
+      throw new Error(`Unknown tool: ${request.params.name}`)
+    }
+    try {
+      const result: unknown = await tool.execute(request.params.arguments ?? {})
+      const text = typeof result === 'string' ? result : JSON.stringify(result)
+      return { content: [{ type: 'text', text }] }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error)
+      return {
+        isError: true,
+        content: [{ type: 'text', text: `Tool execution failed: ${message}` }],
+      }
+    }
+  })
+
+  return instance
+}
+
+/**
+ * Expose TanStack tools to the Codex harness as a Streamable-HTTP MCP server
+ * on an ephemeral localhost port.
+ *
+ * Codex runs as a separate subprocess, so unlike the Claude Code adapter
+ * there is no in-process MCP option — the bridge listens on `127.0.0.1` and
+ * the adapter points the harness at it via a `mcp_servers.tanstack.url`
+ * config override. Each request is handled statelessly with a fresh
+ * `McpServer` + transport pair, which is all the harness's list/call traffic
+ * needs.
+ *
+ * The engine has already converted each tool's schema to JSON Schema before
+ * the adapter sees it, and JSON Schema is exactly what MCP's `tools/list`
+ * wants — so the low-level request handlers pass schemas through verbatim
+ * instead of round-tripping them through zod.
+ *
+ * The caller owns the lifecycle: `close()` must run when the chat stream
+ * ends (the adapter does this in a `finally`) so the port is never leaked.
+ */
+export async function startToolBridge(
+  tools: Array<AnyTool>,
+): Promise<ToolBridgeHandle> {
+  const httpServer = createServer((req, res) => {
+    void (async () => {
+      if (req.method !== 'POST') {
+        res.writeHead(405).end()
+        return
+      }
+      const chunks: Array<Buffer> = []
+      for await (const chunk of req) {
+        chunks.push(chunk as Buffer)
+      }
+      let parsedBody: unknown
+      try {
+        parsedBody = JSON.parse(Buffer.concat(chunks).toString('utf8'))
+      } catch {
+        res.writeHead(400).end()
+        return
+      }
+      const mcpServer = createMcpServer(tools)
+      const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: undefined,
+      })
+      res.on('close', () => {
+        void transport.close()
+        void mcpServer.close()
+      })
+      await mcpServer.connect(transport)
+      await transport.handleRequest(req, res, parsedBody)
+    })().catch(() => {
+      if (!res.headersSent) res.writeHead(500)
+      res.end()
+    })
+  })
+
+  await new Promise<void>((resolve, reject) => {
+    httpServer.once('error', reject)
+    httpServer.listen(0, '127.0.0.1', resolve)
+  })
+
+  const { port } = httpServer.address() as AddressInfo
+
+  return {
+    url: `http://127.0.0.1:${port}/mcp`,
+    close: () =>
+      new Promise<void>((resolve, reject) => {
+        httpServer.closeAllConnections()
+        httpServer.close((error) => (error ? reject(error) : resolve()))
+      }),
+  }
+}
diff --git a/packages/ai-codex/tests/bridge.test.ts b/packages/ai-codex/tests/bridge.test.ts
new file mode 100644
index 000000000..48acf57aa
--- /dev/null
+++ b/packages/ai-codex/tests/bridge.test.ts
@@ -0,0 +1,108 @@
+import { describe, expect, it } from 'vitest'
+import { Client } from '@modelcontextprotocol/sdk/client/index.js'
+import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js'
+import { startToolBridge } from '../src/tools/bridge'
+import type { AnyTool } from '@tanstack/ai'
+
+function makeTool(overrides: Partial<AnyTool> = {}): AnyTool {
+  return {
+    name: 'echo',
+    description: 'Echo the input back',
+    inputSchema: {
+      type: 'object',
+      properties: { value: { type: 'string' } },
+    },
+    execute: async (args: unknown) => args,
+    ...overrides,
+  } as unknown as AnyTool
+}
+
+async function connectClient(url: string): Promise<Client> {
+  const client = new Client({ name: 'test-client', version: '1.0.0' })
+  await client.connect(new StreamableHTTPClientTransport(new URL(url)))
+  return client
+}
+
+describe('startToolBridge', () => {
+  it('listens on an ephemeral localhost port', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      expect(bridge.url).toMatch(/^http:\/\/127\.0\.0\.1:\d+\/mcp$/)
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('lists tools with their JSON schemas passed through verbatim', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      const client = await connectClient(bridge.url)
+      const { tools } = await client.listTools()
+      expect(tools).toHaveLength(1)
+      expect(tools[0]).toMatchObject({
+        name: 'echo',
+        description: 'Echo the input back',
+        inputSchema: {
+          type: 'object',
+          properties: { value: { type: 'string' } },
+        },
+      })
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('executes tool calls and returns stringified results', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async (args: unknown) => ({
+          echoed: (args as { value: string }).value,
+        }),
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({
+        name: 'echo',
+        arguments: { value: 'hi' },
+      })
+      expect(result.content).toEqual([
+        { type: 'text', text: JSON.stringify({ echoed: 'hi' }) },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('returns isError content when the tool throws', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async () => {
+          throw new Error('tool blew up')
+        },
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({
+        name: 'echo',
+        arguments: {},
+      })
+      expect(result.isError).toBe(true)
+      expect(result.content).toEqual([
+        { type: 'text', text: 'Tool execution failed: tool blew up' },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('refuses connections after close()', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    await bridge.close()
+    await expect(connectClient(bridge.url)).rejects.toThrow()
+  })
+})
diff --git a/packages/ai-codex/tests/prompt.test.ts b/packages/ai-codex/tests/prompt.test.ts
new file mode 100644
index 000000000..6e8dfcdf3
--- /dev/null
+++ b/packages/ai-codex/tests/prompt.test.ts
@@ -0,0 +1,97 @@
+import { describe, expect, it } from 'vitest'
+import { buildPrompt } from '../src/messages/prompt'
+import type { ModelMessage } from '@tanstack/ai'
+
+const user = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'user',
+  content,
+})
+const assistant = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'assistant',
+  content,
+})
+
+describe('buildPrompt', () => {
+  it('resumes with only the last user message when sessionId is provided', () => {
+    const result = buildPrompt(
+      [
+        user('first question'),
+        assistant('first answer'),
+        user('follow-up question'),
+      ],
+      'sess-1',
+    )
+    expect(result).toEqual({
+      prompt: 'follow-up question',
+      resume: 'sess-1',
+    })
+  })
+
+  it('throws when sessionId is provided but there is no trailing user message', () => {
+    expect(() => buildPrompt([user('q'), assistant('a')], 'sess-1')).toThrow(
+      /user message/i,
+    )
+  })
+
+  it('sends a single user message as-is for a fresh session', () => {
+    expect(buildPrompt([user('hello')], undefined)).toEqual({
+      prompt: 'hello',
+    })
+  })
+
+  it('flattens prior turns into a transcript preamble for fresh multi-turn history', () => {
+    const { prompt, resume } = buildPrompt(
+      [user('What is 2+2?'), assistant('4'), user('And times 3?')],
+      undefined,
+    )
+    expect(resume).toBeUndefined()
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: What is 2+2?\nAssistant: 4\n\nAnd times 3?',
+    )
+  })
+
+  it('skips tool messages and assistant tool-call-only turns when flattening', () => {
+    const messages: Array<ModelMessage> = [
+      user('list files'),
+      {
+        role: 'assistant',
+        content: null,
+        toolCalls: [
+          {
+            id: 't1',
+            type: 'function',
+            function: { name: 'ls', arguments: '{}' },
+          },
+        ],
+      } as unknown as ModelMessage,
+      { role: 'tool', content: 'file-a', toolCallId: 't1' },
+      assistant('There is one file.'),
+      user('thanks, which one?'),
+    ]
+    const { prompt } = buildPrompt(messages, undefined)
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: list files\nAssistant: There is one file.\n\nthanks, which one?',
+    )
+  })
+
+  it('extracts text from content-part arrays and ignores non-text parts', () => {
+    const { prompt } = buildPrompt(
+      [
+        user([
+          { type: 'text', content: 'describe ' },
+          {
+            type: 'image',
+            source: { type: 'url', url: 'https://x/y.png' },
+          } as never,
+          { type: 'text', content: 'this' },
+        ] as ModelMessage['content']),
+      ],
+      undefined,
+    )
+    expect(prompt).toBe('describe this')
+  })
+
+  it('throws when there is no usable user content at all', () => {
+    expect(() => buildPrompt([], undefined)).toThrow(/user message/i)
+  })
+})
diff --git a/packages/ai-codex/tests/text-adapter.test.ts b/packages/ai-codex/tests/text-adapter.test.ts
new file mode 100644
index 000000000..e43031316
--- /dev/null
+++ b/packages/ai-codex/tests/text-adapter.test.ts
@@ -0,0 +1,430 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+import { Codex } from '@openai/codex-sdk'
+import { codexText } from '../src/adapters/text'
+import type { CodexThreadEvent } from '../src/stream/sdk-types'
+import type { InternalLogger } from '@tanstack/ai/adapter-internals'
+import type { StreamChunk, TextOptions } from '@tanstack/ai'
+
+vi.mock('@openai/codex-sdk', () => ({
+  Codex: vi.fn(),
+}))
+
+const codexMock = vi.mocked(Codex)
+
+const startThreadMock = vi.fn()
+const resumeThreadMock = vi.fn()
+const runStreamedMock = vi.fn()
+
+const textTurn: Array<CodexThreadEvent> = [
+  { type: 'thread.started', thread_id: 'sess-1' },
+  { type: 'turn.started' },
+  {
+    type: 'item.completed',
+    item: { id: 'item-1', type: 'agent_message', text: 'hi there' },
+  },
+  {
+    type: 'turn.completed',
+    usage: {
+      input_tokens: 10,
+      cached_input_tokens: 0,
+      output_tokens: 5,
+      reasoning_output_tokens: 0,
+    },
+  },
+]
+
+function mockRunReturning(events: Array<CodexThreadEvent>) {
+  runStreamedMock.mockImplementation(() => {
+    async function* generate() {
+      for (const event of events) yield event
+    }
+    return Promise.resolve({ events: generate() })
+  })
+}
+
+const noopLogger = {
+  request: vi.fn(),
+  provider: vi.fn(),
+  output: vi.fn(),
+  errors: vi.fn(),
+  middleware: vi.fn(),
+  tools: vi.fn(),
+  agentLoop: vi.fn(),
+  config: vi.fn(),
+  isEnabled: () => false,
+} as unknown as InternalLogger
+
+function makeOptions(
+  overrides: Partial<TextOptions<Record<string, any>>> = {},
+): TextOptions<Record<string, any>> {
+  return {
+    model: 'gpt-5.1-codex',
+    messages: [{ role: 'user', content: 'hello' }],
+    logger: noopLogger,
+    ...overrides,
+  } as TextOptions<Record<string, any>>
+}
+
+async function collect(
+  stream: AsyncIterable<StreamChunk>,
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of stream) chunks.push(chunk)
+  return chunks
+}
+
+beforeEach(() => {
+  codexMock.mockReset()
+  startThreadMock.mockReset()
+  resumeThreadMock.mockReset()
+  runStreamedMock.mockReset()
+  const thread = { runStreamed: runStreamedMock }
+  startThreadMock.mockReturnValue(thread)
+  resumeThreadMock.mockReturnValue(thread)
+  codexMock.mockImplementation(function (this: unknown) {
+    return {
+      startThread: startThreadMock,
+      resumeThread: resumeThreadMock,
+    } as unknown as Codex
+  })
+})
+
+describe('codexText', () => {
+  it('creates an adapter with the codex provider name', () => {
+    const adapter = codexText('gpt-5.1-codex')
+    expect(adapter.kind).toBe('text')
+    expect(adapter.name).toBe('codex')
+    expect(adapter.model).toBe('gpt-5.1-codex')
+  })
+})
+
+describe('chatStream', () => {
+  it('streams translated AG-UI events for a simple turn', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('starts a fresh thread without a sessionId', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(adapter.chatStream(makeOptions()))
+    expect(startThreadMock).toHaveBeenCalledTimes(1)
+    expect(resumeThreadMock).not.toHaveBeenCalled()
+    expect(runStreamedMock.mock.calls[0]![0]).toBe('hello')
+  })
+
+  it('resumes the thread and sends only the trailing user message', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+          modelOptions: { sessionId: 'sess-prior' },
+        }),
+      ),
+    )
+    expect(resumeThreadMock).toHaveBeenCalledTimes(1)
+    expect(resumeThreadMock.mock.calls[0]![0]).toBe('sess-prior')
+    expect(runStreamedMock.mock.calls[0]![0]).toBe('follow-up')
+  })
+
+  it('flattens prior turns into the prompt without a sessionId', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+        }),
+      ),
+    )
+    expect(runStreamedMock.mock.calls[0]![0]).toBe(
+      'Previous conversation:\nUser: first\nAssistant: answer\n\nfollow-up',
+    )
+  })
+
+  it('builds thread options from config with safe defaults', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex', {
+      cwd: '/workspace',
+      sandboxMode: 'workspace-write',
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    expect(startThreadMock.mock.calls[0]![0]).toMatchObject({
+      model: 'gpt-5.1-codex',
+      sandboxMode: 'workspace-write',
+      workingDirectory: '/workspace',
+      approvalPolicy: 'never',
+      skipGitRepoCheck: true,
+    })
+  })
+
+  it('lets modelOptions override config thread options', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex', {
+      cwd: '/workspace',
+      sandboxMode: 'workspace-write',
+    })
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          modelOptions: {
+            sandboxMode: 'read-only',
+            workingDirectory: '/elsewhere',
+          },
+        }),
+      ),
+    )
+    expect(startThreadMock.mock.calls[0]![0]).toMatchObject({
+      sandboxMode: 'read-only',
+      workingDirectory: '/elsewhere',
+    })
+  })
+
+  it('prepends system prompts to the prompt text', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(
+      adapter.chatStream(
+        makeOptions({ systemPrompts: ['Be terse.', 'Use tabs.'] }),
+      ),
+    )
+    expect(runStreamedMock.mock.calls[0]![0]).toBe(
+      'Be terse.\n\nUse tabs.\n\nhello',
+    )
+  })
+
+  it('starts a localhost MCP bridge and points codex at it when tools are passed', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'lookup_user',
+              description: 'Look up a user',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => ({ ok: true }),
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(codexMock).toHaveBeenCalledTimes(1)
+    const codexOptions = codexMock.mock.calls[0]![0]!
+    const servers = codexOptions.config!.mcp_servers as Record<
+      string,
+      { url: string }
+    >
+    expect(servers.tanstack!.url).toMatch(/^http:\/\/127\.0\.0\.1:\d+\/mcp$/)
+  })
+
+  it('does not configure the bridge when no tools are passed', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    await collect(adapter.chatStream(makeOptions()))
+    const codexOptions = codexMock.mock.calls[0]![0] ?? {}
+    expect(codexOptions.config).toBeUndefined()
+  })
+
+  it('emits RUN_ERROR for client-side tools (no execute)', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'client_only',
+              description: 'runs in browser',
+              inputSchema: { type: 'object', properties: {} },
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(runStreamedMock).not.toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+    expect((chunks.at(-1) as { message: string }).message).toMatch(
+      /client-side/i,
+    )
+  })
+
+  it('emits RUN_ERROR for approval-gated tools', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'needs_ok',
+              description: 'requires approval',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => 'x',
+              needsApproval: true,
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+  })
+
+  it('passes the abort signal through to runStreamed', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex')
+    const controller = new AbortController()
+    await collect(
+      adapter.chatStream(makeOptions({ abortController: controller })),
+    )
+    expect(runStreamedMock.mock.calls[0]![1]).toMatchObject({
+      signal: controller.signal,
+    })
+  })
+
+  it('forwards apiKey and env to the Codex constructor', async () => {
+    mockRunReturning(textTurn)
+    const adapter = codexText('gpt-5.1-codex', {
+      apiKey: 'sk-test',
+      env: { PATH: '/usr/bin' },
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    expect(codexMock.mock.calls[0]![0]).toMatchObject({
+      apiKey: 'sk-test',
+      env: { PATH: '/usr/bin' },
+    })
+  })
+
+  it('emits RUN_ERROR when the SDK throws', async () => {
+    runStreamedMock.mockImplementation(() => {
+      throw new Error('spawn failed')
+    })
+    const adapter = codexText('gpt-5.1-codex')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'spawn failed',
+    })
+  })
+})
+
+describe('structuredOutput', () => {
+  it('passes the schema as outputSchema and parses the final agent message', async () => {
+    mockRunReturning([
+      { type: 'thread.started', thread_id: 'sess-so' },
+      {
+        type: 'item.completed',
+        item: { id: 'item-1', type: 'agent_message', text: '{"answer":42}' },
+      },
+      {
+        type: 'turn.completed',
+        usage: {
+          input_tokens: 7,
+          cached_input_tokens: 0,
+          output_tokens: 3,
+          reasoning_output_tokens: 0,
+        },
+      },
+    ])
+    const adapter = codexText('gpt-5.1-codex')
+    const schema = {
+      type: 'object',
+      properties: { answer: { type: 'number' } },
+    }
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: schema,
+    })
+
+    expect(result.data).toEqual({ answer: 42 })
+    expect(result.rawText).toBe('{"answer":42}')
+    expect(result.usage).toMatchObject({ promptTokens: 7, completionTokens: 3 })
+    expect(runStreamedMock.mock.calls[0]![1]).toMatchObject({
+      outputSchema: schema,
+    })
+  })
+
+  it('runs structured output in a fresh read-only thread', async () => {
+    mockRunReturning([
+      {
+        type: 'item.completed',
+        item: { id: 'item-1', type: 'agent_message', text: '{}' },
+      },
+      {
+        type: 'turn.completed',
+        usage: {
+          input_tokens: 1,
+          cached_input_tokens: 0,
+          output_tokens: 1,
+          reasoning_output_tokens: 0,
+        },
+      },
+    ])
+    const adapter = codexText('gpt-5.1-codex', {
+      sandboxMode: 'workspace-write',
+    })
+    await adapter.structuredOutput({
+      chatOptions: makeOptions({ modelOptions: { sessionId: 'sess-live' } }),
+      outputSchema: { type: 'object' },
+    })
+    expect(resumeThreadMock).not.toHaveBeenCalled()
+    expect(startThreadMock.mock.calls[0]![0]).toMatchObject({
+      sandboxMode: 'read-only',
+    })
+  })
+
+  it('throws a descriptive error when the turn fails', async () => {
+    mockRunReturning([
+      { type: 'turn.failed', error: { message: 'harness exploded' } },
+    ])
+    const adapter = codexText('gpt-5.1-codex')
+    await expect(
+      adapter.structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/harness exploded/)
+  })
+
+  it('throws when the run ends without an agent message', async () => {
+    mockRunReturning([
+      {
+        type: 'turn.completed',
+        usage: {
+          input_tokens: 1,
+          cached_input_tokens: 0,
+          output_tokens: 0,
+          reasoning_output_tokens: 0,
+        },
+      },
+    ])
+    const adapter = codexText('gpt-5.1-codex')
+    await expect(
+      adapter.structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/without an agent message/)
+  })
+})
diff --git a/packages/ai-codex/tests/translate.test.ts b/packages/ai-codex/tests/translate.test.ts
new file mode 100644
index 000000000..b76e1d48f
--- /dev/null
+++ b/packages/ai-codex/tests/translate.test.ts
@@ -0,0 +1,454 @@
+import { describe, expect, it } from 'vitest'
+import {
+  SESSION_ID_EVENT,
+  toolNameForItem,
+  translateThreadEvents,
+} from '../src/stream/translate'
+import type { TranslateContext } from '../src/stream/translate'
+import type { CodexThreadEvent } from '../src/stream/sdk-types'
+import type { StreamChunk } from '@tanstack/ai'
+
+function makeCtx(overrides: Partial<TranslateContext> = {}): TranslateContext {
+  let id = 0
+  return {
+    model: 'gpt-5.1-codex',
+    runId: 'run-1',
+    threadId: 'thread-1',
+    genId: () => `gen-${++id}`,
+    ...overrides,
+  }
+}
+
+async function* fromArray(
+  events: Array<CodexThreadEvent>,
+): AsyncIterable<CodexThreadEvent> {
+  for (const event of events) yield event
+}
+
+async function collect(
+  events: Array<CodexThreadEvent>,
+  ctx: TranslateContext = makeCtx(),
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of translateThreadEvents(fromArray(events), ctx)) {
+    chunks.push(chunk)
+  }
+  return chunks
+}
+
+const started: CodexThreadEvent = {
+  type: 'thread.started',
+  thread_id: 'sess-1',
+}
+
+const completedTurn: CodexThreadEvent = {
+  type: 'turn.completed',
+  usage: {
+    input_tokens: 100,
+    cached_input_tokens: 40,
+    output_tokens: 20,
+    reasoning_output_tokens: 5,
+  },
+}
+
+describe('translateThreadEvents', () => {
+  it('translates a simple text turn', async () => {
+    const chunks = await collect([
+      started,
+      { type: 'turn.started' },
+      {
+        type: 'item.completed',
+        item: { id: 'item-1', type: 'agent_message', text: 'hi there' },
+      },
+      completedTurn,
+    ])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[1]).toMatchObject({
+      name: SESSION_ID_EVENT,
+      value: { sessionId: 'sess-1' },
+    })
+    expect(chunks[3]).toMatchObject({ delta: 'hi there', content: 'hi there' })
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('reports usage with cache and reasoning details', async () => {
+    const chunks = await collect([started, completedTurn])
+    const finished = chunks.at(-1) as unknown as {
+      usage: Record<string, unknown>
+    }
+    expect(finished.usage).toMatchObject({
+      promptTokens: 100,
+      completionTokens: 20,
+      totalTokens: 120,
+      promptTokensDetails: { cachedTokens: 40 },
+      completionTokensDetails: { reasoningTokens: 5 },
+    })
+  })
+
+  it('notifies onSessionId and forwards raw events to onThreadEvent', async () => {
+    const sessionIds: Array<string> = []
+    const raw: Array<string> = []
+    await collect(
+      [started, completedTurn],
+      makeCtx({
+        onSessionId: (id) => sessionIds.push(id),
+        onThreadEvent: (event) => raw.push(event.type),
+      }),
+    )
+    expect(sessionIds).toEqual(['sess-1'])
+    expect(raw).toEqual(['thread.started', 'turn.completed'])
+  })
+
+  it('starts the run without a session event on resumed threads', async () => {
+    const chunks = await collect([
+      { type: 'turn.started' },
+      {
+        type: 'item.completed',
+        item: { id: 'item-1', type: 'agent_message', text: 'resumed' },
+      },
+      completedTurn,
+    ])
+    expect(chunks[0]).toMatchObject({ type: 'RUN_STARTED' })
+    expect(chunks.some((c) => c.type === 'CUSTOM')).toBe(false)
+  })
+
+  it('translates reasoning items into a reasoning burst', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: { id: 'item-r', type: 'reasoning', text: 'thinking...' },
+      },
+      completedTurn,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'REASONING_START',
+      'REASONING_MESSAGE_START',
+      'REASONING_MESSAGE_CONTENT',
+      'REASONING_MESSAGE_END',
+      'REASONING_END',
+      'RUN_FINISHED',
+    ])
+  })
+
+  it('pairs command executions across item.started and item.completed', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.started',
+        item: {
+          id: 'cmd-1',
+          type: 'command_execution',
+          command: 'ls -la',
+          status: 'in_progress',
+        },
+      },
+      {
+        type: 'item.completed',
+        item: {
+          id: 'cmd-1',
+          type: 'command_execution',
+          command: 'ls -la',
+          aggregated_output: 'file.txt',
+          exit_code: 0,
+          status: 'completed',
+        },
+      },
+      completedTurn,
+    ])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[2]).toMatchObject({
+      toolCallId: 'cmd-1',
+      toolCallName: 'command_execution',
+    })
+    expect(chunks[3]).toMatchObject({
+      args: JSON.stringify({ command: 'ls -la' }),
+    })
+    const result = chunks[5] as { content: string; state?: string }
+    expect(JSON.parse(result.content)).toMatchObject({
+      aggregated_output: 'file.txt',
+      exit_code: 0,
+      status: 'completed',
+    })
+    expect(result.state).toBeUndefined()
+  })
+
+  it('marks failed command executions as output-error', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: {
+          id: 'cmd-2',
+          type: 'command_execution',
+          command: 'false',
+          aggregated_output: '',
+          exit_code: 1,
+          status: 'failed',
+        },
+      },
+      completedTurn,
+    ])
+    const result = chunks.find((c) => c.type === 'TOOL_CALL_RESULT')
+    expect(result).toMatchObject({ state: 'output-error' })
+  })
+
+  it('emits a full tool pair when item.completed arrives without item.started', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: {
+          id: 'fc-1',
+          type: 'file_change',
+          changes: [{ path: 'a.ts', kind: 'update' }],
+          status: 'completed',
+        },
+      },
+      completedTurn,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[2]).toMatchObject({ toolCallName: 'file_change' })
+  })
+
+  it('does not duplicate START events when both started and completed fire', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.started',
+        item: {
+          id: 'ws-1',
+          type: 'web_search',
+          query: 'tanstack ai',
+        },
+      },
+      {
+        type: 'item.completed',
+        item: { id: 'ws-1', type: 'web_search', query: 'tanstack ai' },
+      },
+      completedTurn,
+    ])
+    const startEvents = chunks.filter((c) => c.type === 'TOOL_CALL_START')
+    expect(startEvents).toHaveLength(1)
+  })
+
+  it('strips the tanstack server prefix from bridged MCP tool calls', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: {
+          id: 'mcp-1',
+          type: 'mcp_tool_call',
+          server: 'tanstack',
+          tool: 'lookup_user',
+          arguments: { userId: '7' },
+          result: { content: [{ type: 'text', text: '{"name":"Ada"}' }] },
+          status: 'completed',
+        },
+      },
+      completedTurn,
+    ])
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_START')).toMatchObject({
+      toolCallName: 'lookup_user',
+    })
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      content: '{"name":"Ada"}',
+    })
+  })
+
+  it('namespaces foreign MCP tool calls as mcp__server__tool', async () => {
+    expect(
+      toolNameForItem({
+        id: 'x',
+        type: 'mcp_tool_call',
+        server: 'github',
+        tool: 'create_issue',
+        status: 'completed',
+      }),
+    ).toBe('mcp__github__create_issue')
+  })
+
+  it('surfaces MCP tool errors as output-error results', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: {
+          id: 'mcp-2',
+          type: 'mcp_tool_call',
+          server: 'tanstack',
+          tool: 'boom',
+          error: { message: 'kaboom' },
+          status: 'failed',
+        },
+      },
+      completedTurn,
+    ])
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      content: 'kaboom',
+      state: 'output-error',
+    })
+  })
+
+  it('ignores item.updated events', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.started',
+        item: {
+          id: 'todo-1',
+          type: 'todo_list',
+          items: [{ text: 'step 1', completed: false }],
+        },
+      },
+      {
+        type: 'item.updated',
+        item: {
+          id: 'todo-1',
+          type: 'todo_list',
+          items: [{ text: 'step 1', completed: true }],
+        },
+      },
+      {
+        type: 'item.completed',
+        item: {
+          id: 'todo-1',
+          type: 'todo_list',
+          items: [{ text: 'step 1', completed: true }],
+        },
+      },
+      completedTurn,
+    ])
+    expect(chunks.filter((c) => c.type === 'TOOL_CALL_ARGS')).toHaveLength(1)
+    expect(chunks.filter((c) => c.type === 'TOOL_CALL_RESULT')).toHaveLength(1)
+  })
+
+  it('synthesizes interrupted results for unresolved tool calls on turn.completed', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.started',
+        item: {
+          id: 'cmd-9',
+          type: 'command_execution',
+          command: 'sleep 100',
+          status: 'in_progress',
+        },
+      },
+      completedTurn,
+    ])
+    const result = chunks.find((c) => c.type === 'TOOL_CALL_RESULT')
+    expect(result).toMatchObject({
+      toolCallId: 'cmd-9',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_FINISHED' })
+  })
+
+  it('maps turn.failed to RUN_ERROR after synthesizing results', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.started',
+        item: {
+          id: 'cmd-8',
+          type: 'command_execution',
+          command: 'x',
+          status: 'in_progress',
+        },
+      },
+      { type: 'turn.failed', error: { message: 'model exploded' } },
+    ])
+    const types: Array<string> = chunks.map((c) => c.type)
+    expect(types.indexOf('TOOL_CALL_RESULT')).toBeLessThan(
+      types.indexOf('RUN_ERROR'),
+    )
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'model exploded',
+    })
+  })
+
+  it('maps stream error events to RUN_ERROR', async () => {
+    const chunks = await collect([
+      started,
+      { type: 'error', message: 'stream broke' },
+    ])
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'stream broke',
+    })
+  })
+
+  it('synthesizes results then rethrows when the source stream throws', async () => {
+    async function* failing(): AsyncIterable<CodexThreadEvent> {
+      yield started
+      yield {
+        type: 'item.started',
+        item: {
+          id: 'cmd-7',
+          type: 'command_execution',
+          command: 'x',
+          status: 'in_progress',
+        },
+      }
+      throw new Error('aborted')
+    }
+
+    const chunks: Array<StreamChunk> = []
+    await expect(async () => {
+      for await (const chunk of translateThreadEvents(failing(), makeCtx())) {
+        chunks.push(chunk)
+      }
+    }).rejects.toThrow('aborted')
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'TOOL_CALL_RESULT',
+      toolCallId: 'cmd-7',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+  })
+
+  it('ignores non-fatal error items', async () => {
+    const chunks = await collect([
+      started,
+      {
+        type: 'item.completed',
+        item: { id: 'err-1', type: 'error', message: 'transient hiccup' },
+      },
+      completedTurn,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'RUN_FINISHED',
+    ])
+  })
+})
diff --git a/packages/ai-codex/tsconfig.json b/packages/ai-codex/tsconfig.json
new file mode 100644
index 000000000..c38689f4e
--- /dev/null
+++ b/packages/ai-codex/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "dist"
+  },
+  "include": ["src", "tests"],
+  "exclude": ["node_modules", "dist"]
+}
diff --git a/packages/ai-codex/vite.config.ts b/packages/ai-codex/vite.config.ts
new file mode 100644
index 000000000..11f5b20b7
--- /dev/null
+++ b/packages/ai-codex/vite.config.ts
@@ -0,0 +1,37 @@
+import { defineConfig, mergeConfig } from 'vitest/config'
+import { tanstackViteConfig } from '@tanstack/vite-config'
+import packageJson from './package.json'
+
+const config = defineConfig({
+  test: {
+    name: packageJson.name,
+    dir: './',
+    watch: false,
+
+    globals: true,
+    environment: 'node',
+    include: ['tests/**/*.test.ts'],
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'json', 'html', 'lcov'],
+      exclude: [
+        'node_modules/',
+        'dist/',
+        'tests/',
+        '**/*.test.ts',
+        '**/*.config.ts',
+        '**/types.ts',
+      ],
+      include: ['src/**/*.ts'],
+    },
+  },
+})
+
+export default mergeConfig(
+  config,
+  tanstackViteConfig({
+    entry: ['./src/index.ts'],
+    srcDir: './src',
+    cjs: false,
+  }),
+)
diff --git a/packages/ai-gemini-cli/README.md b/packages/ai-gemini-cli/README.md
new file mode 100644
index 000000000..46876a4dd
--- /dev/null
+++ b/packages/ai-gemini-cli/README.md
@@ -0,0 +1,18 @@
+# @tanstack/ai-gemini-cli
+
+Gemini CLI harness adapter for [TanStack AI](https://tanstack.com/ai) — run [Gemini CLI](https://github.com/google-gemini/gemini-cli) (via the Agent Client Protocol) as a chat backend with local tool execution, stateful coding sessions, and TanStack tool bridging.
+
+```typescript
+import { chat } from '@tanstack/ai'
+import { geminiCliText } from '@tanstack/ai-gemini-cli'
+
+const stream = chat({
+  adapter: geminiCliText('gemini-3-pro-preview', {
+    cwd: '/path/to/project',
+    permissionMode: 'acceptEdits',
+  }),
+  messages: [{ role: 'user', content: 'Fix the failing test.' }],
+})
+```
+
+Server-only (Node). Requires the `gemini` CLI to be installed (`npm i -g @google/gemini-cli`) and authenticated. See the [Gemini CLI adapter docs](https://tanstack.com/ai/latest/docs/adapters/gemini-cli) for sessions, tool bridging, permissions, and limitations.
diff --git a/packages/ai-gemini-cli/package.json b/packages/ai-gemini-cli/package.json
new file mode 100644
index 000000000..fdc13adae
--- /dev/null
+++ b/packages/ai-gemini-cli/package.json
@@ -0,0 +1,60 @@
+{
+  "name": "@tanstack/ai-gemini-cli",
+  "version": "0.1.0",
+  "description": "Gemini CLI harness adapter for TanStack AI — run Gemini CLI as a chat backend with local tool execution and stateful sessions.",
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TanStack/ai.git",
+    "directory": "packages/ai-gemini-cli"
+  },
+  "keywords": [
+    "ai",
+    "ai-sdk",
+    "typescript",
+    "tanstack",
+    "google",
+    "gemini",
+    "gemini-cli",
+    "harness",
+    "agent",
+    "adapter",
+    "chat",
+    "tool-calling"
+  ],
+  "type": "module",
+  "module": "./dist/esm/index.js",
+  "types": "./dist/esm/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/esm/index.d.ts",
+      "import": "./dist/esm/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "build": "vite build",
+    "clean": "premove ./build ./dist",
+    "lint:fix": "eslint ./src --fix",
+    "test:build": "publint --strict",
+    "test:eslint": "eslint ./src",
+    "test:lib": "vitest",
+    "test:lib:dev": "pnpm test:lib --watch",
+    "test:types": "tsc"
+  },
+  "dependencies": {
+    "@agentclientprotocol/sdk": "^0.25.0",
+    "@modelcontextprotocol/sdk": "^1.29.0"
+  },
+  "peerDependencies": {
+    "@tanstack/ai": "workspace:^"
+  },
+  "devDependencies": {
+    "@tanstack/ai": "workspace:*",
+    "@vitest/coverage-v8": "4.0.14"
+  }
+}
diff --git a/packages/ai-gemini-cli/src/adapters/text.ts b/packages/ai-gemini-cli/src/adapters/text.ts
new file mode 100644
index 000000000..af0b645ff
--- /dev/null
+++ b/packages/ai-gemini-cli/src/adapters/text.ts
@@ -0,0 +1,386 @@
+import { EventType, normalizeSystemPrompts } from '@tanstack/ai'
+import { toRunErrorRawEvent } from '@tanstack/ai/adapter-internals'
+import { BaseTextAdapter } from '@tanstack/ai/adapters'
+import { buildPrompt } from '../messages/prompt'
+import { startToolBridge } from '../tools/bridge'
+import { startAcpSession } from '../process/acp-client'
+import { resolvePermission } from '../process/permissions'
+import { AsyncQueue } from '../stream/queue'
+import {
+  BRIDGED_MCP_SERVER_NAME,
+  translateAcpStream,
+} from '../stream/translate'
+import type {
+  StructuredOutputOptions,
+  StructuredOutputResult,
+} from '@tanstack/ai/adapters'
+import type {
+  AnyTool,
+  DefaultMessageMetadataByModality,
+  Modality,
+  StreamChunk,
+  TextOptions,
+} from '@tanstack/ai'
+import type { AcpSessionHandle } from '../process/acp-client'
+import type {
+  GeminiCliPermissionMode,
+  PermissionHandler,
+} from '../process/permissions'
+import type { AcpUsage } from '../stream/acp-types'
+import type { AcpStreamEvent } from '../stream/translate'
+import type { GeminiCliModel } from '../model-meta'
+import type { GeminiCliTextProviderOptions } from '../provider-options'
+import type { ToolBridgeHandle } from '../tools/bridge'
+
+export interface GeminiCliTextConfig {
+  /** Working directory for the harness session. Defaults to `process.cwd()`. */
+  cwd?: string
+  /** Path to the Gemini CLI executable. Defaults to `gemini` on PATH. */
+  executablePath?: string
+  /** Extra CLI arguments appended after `--acp`. */
+  extraArgs?: Array<string>
+  /** Extra environment variables merged over `process.env`. */
+  env?: Record<string, string>
+  /**
+   * Gemini CLI permission mode. Without an explicit mode or a custom
+   * `onPermissionRequest`, the adapter's default policy auto-allows bridged
+   * TanStack tools and rejects anything else that would normally prompt —
+   * set `'acceptEdits'` / `'bypassPermissions'` to let the harness edit
+   * files and run commands on a headless server.
+   */
+  permissionMode?: GeminiCliPermissionMode
+  /** Custom permission handler; replaces the adapter's default policy. */
+  onPermissionRequest?: PermissionHandler
+  /**
+   * ACP auth method to select before starting the session, e.g.
+   * `'oauth-personal'` (Log in with Google), `'gemini-api-key'`, or
+   * `'vertex-ai'`. Needed when the installed CLI isn't already authenticated
+   * for headless use; the agent advertises the available method ids in its
+   * ACP initialize response. Overridable per call via
+   * `modelOptions.authMethodId`.
+   */
+  authMethodId?: string
+}
+
+function validateTools(tools: Array<AnyTool> | undefined): void {
+  if (!tools || tools.length === 0) return
+  const unsupported = tools.filter(
+    (tool) => typeof tool.execute !== 'function' || tool.needsApproval === true,
+  )
+  if (unsupported.length > 0) {
+    throw new Error(
+      `Gemini CLI harness cannot execute client-side or approval-gated tools: ${unsupported
+        .map((tool) => tool.name)
+        .join(
+          ', ',
+        )}. Provide server execute() implementations without needsApproval, or run these tools outside the harness.`,
+    )
+  }
+}
+
+/** Extract the first JSON object/array from possibly fenced model output. */
+function extractJson(text: string): unknown {
+  const trimmed = text.trim()
+  const unfenced = trimmed.startsWith('```')
+    ? trimmed.replace(/^```[a-zA-Z]*\n?/, '').replace(/\n?```$/, '')
+    : trimmed
+  try {
+    return JSON.parse(unfenced)
+  } catch {
+    const start = unfenced.search(/[{[]/)
+    if (start === -1) {
+      throw new Error(
+        `Gemini CLI structured output is not valid JSON: ${text.slice(0, 200)}`,
+      )
+    }
+    const end = Math.max(unfenced.lastIndexOf('}'), unfenced.lastIndexOf(']'))
+    return JSON.parse(unfenced.slice(start, end + 1))
+  }
+}
+
+export class GeminiCliTextAdapter<
+  TModel extends GeminiCliModel,
+> extends BaseTextAdapter<
+  TModel,
+  GeminiCliTextProviderOptions,
+  ReadonlyArray<Modality> & readonly ['text'],
+  DefaultMessageMetadataByModality,
+  ReadonlyArray<string>,
+  unknown,
+  never
+> {
+  readonly name = 'gemini-cli' as const
+
+  private readonly adapterConfig: GeminiCliTextConfig
+
+  constructor(config: GeminiCliTextConfig, model: TModel) {
+    super({}, model)
+    this.adapterConfig = config
+  }
+
+  async *chatStream(
+    options: TextOptions<GeminiCliTextProviderOptions>,
+  ): AsyncIterable<StreamChunk> {
+    const { logger } = options
+    let bridge: ToolBridgeHandle | undefined
+    let handle: AcpSessionHandle | undefined
+    const externalSignal =
+      options.abortController?.signal ?? options.request?.signal ?? undefined
+    let onAbort: (() => void) | undefined
+
+    try {
+      validateTools(options.tools)
+
+      const modelOptions = options.modelOptions
+      const sessionId = modelOptions?.sessionId
+      // Validates the trailing user message up front (throws before any
+      // subprocess is spawned) and prepares the resume-path prompt.
+      const { prompt: resumePrompt } = buildPrompt(options.messages, sessionId)
+
+      if (options.tools && options.tools.length > 0) {
+        bridge = await startToolBridge(options.tools)
+      }
+      const bridgedToolNames = new Set(
+        (options.tools ?? []).map((tool) => tool.name),
+      )
+
+      const queue = new AsyncQueue<AcpStreamEvent>()
+      const mode =
+        modelOptions?.permissionMode ??
+        this.adapterConfig.permissionMode ??
+        'default'
+      const permissionHandler: PermissionHandler =
+        this.adapterConfig.onPermissionRequest ??
+        ((request) => resolvePermission(request, mode, bridgedToolNames))
+
+      logger.request(
+        `activity=chat provider=gemini-cli model=${this.model} messages=${options.messages.length} tools=${options.tools?.length ?? 0} resume=${sessionId ?? 'none'}`,
+        { provider: 'gemini-cli', model: this.model },
+      )
+
+      handle = await startAcpSession({
+        ...(this.adapterConfig.executablePath !== undefined && {
+          executablePath: this.adapterConfig.executablePath,
+        }),
+        ...(this.adapterConfig.extraArgs !== undefined && {
+          extraArgs: this.adapterConfig.extraArgs,
+        }),
+        ...(this.adapterConfig.env !== undefined && {
+          env: this.adapterConfig.env,
+        }),
+        ...((modelOptions?.authMethodId ?? this.adapterConfig.authMethodId) !==
+          undefined && {
+          authMethodId:
+            modelOptions?.authMethodId ?? this.adapterConfig.authMethodId,
+        }),
+        model: this.model,
+        cwd: modelOptions?.cwd ?? this.adapterConfig.cwd ?? process.cwd(),
+        ...(bridge !== undefined && {
+          mcpServers: [{ name: BRIDGED_MCP_SERVER_NAME, url: bridge.url }],
+        }),
+        ...(sessionId !== undefined && { resumeSessionId: sessionId }),
+        onUpdate: (update) => queue.push({ kind: 'update', update }),
+        onPermissionRequest: permissionHandler,
+      })
+      const session = handle
+
+      if (externalSignal !== undefined) {
+        onAbort = () => void session.cancel().catch(() => undefined)
+        if (externalSignal.aborted) onAbort()
+        else externalSignal.addEventListener('abort', onAbort, { once: true })
+      }
+
+      queue.push({ kind: 'session', sessionId: session.sessionId })
+
+      // When resume was requested but the CLI couldn't load the session,
+      // fall back to seeding a fresh session with the whole transcript.
+      const promptText = this.applySystemPrompts(
+        options,
+        session.resumed || sessionId === undefined
+          ? resumePrompt
+          : buildPrompt(options.messages, undefined).prompt,
+      )
+
+      session
+        .prompt(promptText)
+        .then(({ stopReason, usage }) => {
+          queue.push({
+            kind: 'done',
+            stopReason,
+            ...(usage !== undefined && { usage }),
+          })
+          queue.end()
+        })
+        .catch((error: unknown) => queue.fail(error))
+
+      yield* translateAcpStream(queue, {
+        model: this.model,
+        runId: options.runId ?? this.generateId(),
+        threadId: options.threadId ?? this.generateId(),
+        ...(options.parentRunId !== undefined && {
+          parentRunId: options.parentRunId,
+        }),
+        genId: () => this.generateId(),
+        bridgedToolNames,
+        onAcpEvent: (event) =>
+          logger.provider(`provider=gemini-cli kind=${event.kind}`, {
+            chunk: event,
+          }),
+      })
+    } catch (error: unknown) {
+      const err = error as Error & { code?: string }
+      const rawEvent = toRunErrorRawEvent(error)
+      logger.errors('gemini-cli.chatStream fatal', {
+        error,
+        source: 'gemini-cli.chatStream',
+      })
+      yield {
+        type: EventType.RUN_ERROR,
+        model: options.model,
+        timestamp: Date.now(),
+        message: err.message || 'Unknown error occurred',
+        ...(err.code !== undefined && { code: err.code }),
+        ...(rawEvent !== undefined && { rawEvent }),
+        error: {
+          message: err.message || 'Unknown error occurred',
+          ...(err.code !== undefined && { code: err.code }),
+        },
+      }
+    } finally {
+      if (externalSignal !== undefined && onAbort !== undefined) {
+        externalSignal.removeEventListener('abort', onAbort)
+      }
+      await handle?.dispose()
+      await bridge?.close()
+    }
+  }
+
+  /**
+   * Structured output, best-effort: ACP has no native JSON-schema channel,
+   * so the schema is embedded as a prompt instruction and the final text is
+   * parsed (stripping markdown fences when present). Runs in a fresh
+   * session with the default deny-everything permission policy.
+   */
+  async structuredOutput(
+    options: StructuredOutputOptions<GeminiCliTextProviderOptions>,
+  ): Promise<StructuredOutputResult<unknown>> {
+    const { chatOptions, outputSchema } = options
+    const { logger } = chatOptions
+
+    // Fresh one-shot run: deliberately no resume, so finalization never
+    // mutates the caller's interactive session. No bridge either — tools
+    // are a chat concern.
+    const { prompt } = buildPrompt(chatOptions.messages, undefined)
+    const instruction = `Respond with ONLY a JSON value that conforms to this JSON Schema — no prose, no markdown fences:\n${JSON.stringify(outputSchema)}`
+    const promptText = this.applySystemPrompts(
+      chatOptions,
+      `${prompt}\n\n${instruction}`,
+    )
+
+    logger.request(
+      `activity=structured-output provider=gemini-cli model=${this.model}`,
+      { provider: 'gemini-cli', model: this.model },
+    )
+
+    let rawText = ''
+    const handle = await startAcpSession({
+      ...(this.adapterConfig.executablePath !== undefined && {
+        executablePath: this.adapterConfig.executablePath,
+      }),
+      ...(this.adapterConfig.extraArgs !== undefined && {
+        extraArgs: this.adapterConfig.extraArgs,
+      }),
+      ...(this.adapterConfig.env !== undefined && {
+        env: this.adapterConfig.env,
+      }),
+      ...((chatOptions.modelOptions?.authMethodId ??
+        this.adapterConfig.authMethodId) !== undefined && {
+        authMethodId:
+          chatOptions.modelOptions?.authMethodId ??
+          this.adapterConfig.authMethodId,
+      }),
+      model: this.model,
+      cwd:
+        chatOptions.modelOptions?.cwd ??
+        this.adapterConfig.cwd ??
+        process.cwd(),
+      onUpdate: (update) => {
+        if (
+          update.sessionUpdate === 'agent_message_chunk' &&
+          typeof update.content.text === 'string'
+        ) {
+          rawText += update.content.text
+        }
+      },
+      onPermissionRequest: (request) =>
+        resolvePermission(request, 'default', undefined),
+    })
+
+    let usage: AcpUsage | undefined
+    try {
+      const result = await handle.prompt(promptText)
+      usage = result.usage
+      if (result.stopReason === 'refusal') {
+        throw new Error('Gemini CLI refused the structured output request.')
+      }
+    } finally {
+      await handle.dispose()
+    }
+
+    if (rawText.trim() === '') {
+      throw new Error(
+        'Gemini CLI run ended without a response during structured output generation.',
+      )
+    }
+
+    const promptTokens = usage?.inputTokens ?? 0
+    const completionTokens = usage?.outputTokens ?? 0
+    return {
+      data: extractJson(rawText),
+      rawText,
+      usage: {
+        promptTokens,
+        completionTokens,
+        totalTokens: usage?.totalTokens ?? promptTokens + completionTokens,
+      },
+    }
+  }
+
+  /**
+   * ACP has no system-prompt channel, so `systemPrompts` from `chat()` are
+   * prepended to the prompt text as an instruction preamble.
+   */
+  private applySystemPrompts(
+    options: TextOptions<GeminiCliTextProviderOptions>,
+    prompt: string,
+  ): string {
+    const systemPrompts = normalizeSystemPrompts(options.systemPrompts)
+      .map((systemPrompt) => systemPrompt.content)
+      .filter((content) => content.trim() !== '')
+    if (systemPrompts.length === 0) return prompt
+    return `${systemPrompts.join('\n\n')}\n\n${prompt}`
+  }
+}
+
+/**
+ * Creates a Gemini CLI text adapter.
+ *
+ * Unlike HTTP provider adapters, this is a *harness* adapter: Gemini CLI
+ * runs its own agent loop and executes its own tools (shell commands, file
+ * edits, search, ...) locally, server-side. The adapter drives the CLI over
+ * the Agent Client Protocol (`gemini --acp`), so assistant text and thinking
+ * stream as true token-level deltas. Each `chat()` call runs one full
+ * harness turn; harness tool activity streams back as already-resolved
+ * tool-call events, and the session id is surfaced via a CUSTOM
+ * `gemini-cli.session-id` event so follow-up calls can resume the session
+ * through `modelOptions.sessionId`.
+ *
+ * Requires the `gemini` CLI to be installed and authenticated on the host
+ * (`npm i -g @google/gemini-cli`).
+ */
+export function geminiCliText<TModel extends GeminiCliModel>(
+  model: TModel,
+  config: GeminiCliTextConfig = {},
+): GeminiCliTextAdapter<TModel> {
+  return new GeminiCliTextAdapter(config, model)
+}
diff --git a/packages/ai-gemini-cli/src/index.ts b/packages/ai-gemini-cli/src/index.ts
new file mode 100644
index 000000000..41add73fd
--- /dev/null
+++ b/packages/ai-gemini-cli/src/index.ts
@@ -0,0 +1,36 @@
+export { GeminiCliTextAdapter, geminiCliText } from './adapters/text'
+export type { GeminiCliTextConfig } from './adapters/text'
+export type { GeminiCliTextProviderOptions } from './provider-options'
+export { GEMINI_CLI_MODELS } from './model-meta'
+export type { GeminiCliModel, KnownGeminiCliModel } from './model-meta'
+export {
+  SESSION_ID_EVENT,
+  PLAN_EVENT,
+  BRIDGED_MCP_SERVER_NAME,
+  translateAcpStream,
+  matchBridgedToolName,
+} from './stream/translate'
+export type { AcpStreamEvent, TranslateContext } from './stream/translate'
+export type {
+  AcpPermissionOption,
+  AcpPermissionOutcome,
+  AcpPermissionRequest,
+  AcpSessionUpdate,
+  AcpStopReason,
+  AcpToolCallUpdate,
+  AcpUsage,
+} from './stream/acp-types'
+export { resolvePermission } from './process/permissions'
+export type {
+  GeminiCliPermissionMode,
+  PermissionHandler,
+} from './process/permissions'
+export { startAcpSession } from './process/acp-client'
+export type {
+  AcpSessionHandle,
+  StartAcpSessionOptions,
+} from './process/acp-client'
+export { buildPrompt } from './messages/prompt'
+export type { BuiltPrompt } from './messages/prompt'
+export { startToolBridge } from './tools/bridge'
+export type { ToolBridgeHandle } from './tools/bridge'
diff --git a/packages/ai-gemini-cli/src/messages/prompt.ts b/packages/ai-gemini-cli/src/messages/prompt.ts
new file mode 100644
index 000000000..ad1b069a6
--- /dev/null
+++ b/packages/ai-gemini-cli/src/messages/prompt.ts
@@ -0,0 +1,67 @@
+import type { ModelMessage } from '@tanstack/ai'
+
+export interface BuiltPrompt {
+  prompt: string
+  /** Gemini CLI session id to resume, when the caller threaded one through. */
+  resume?: string
+}
+
+function extractText(content: ModelMessage['content']): string {
+  if (content === null) return ''
+  if (typeof content === 'string') return content
+  return content
+    .map((part) =>
+      part.type === 'text' && typeof part.content === 'string'
+        ? part.content
+        : '',
+    )
+    .join('')
+}
+
+/**
+ * Convert TanStack chat history into the harness's prompt + resume inputs.
+ *
+ * With a `sessionId`, the harness already holds the conversation context, so
+ * only the trailing user message is sent and the session is resumed. Without
+ * one, prior turns are flattened into a plain-text transcript preamble (tool
+ * messages and tool-call-only assistant turns are harness-internal noise and
+ * are skipped; prompts are text-only in v1).
+ */
+export function buildPrompt(
+  messages: Array<ModelMessage>,
+  sessionId: string | undefined,
+): BuiltPrompt {
+  const lastMessage = messages.at(-1)
+  const lastUserText =
+    lastMessage?.role === 'user' ? extractText(lastMessage.content).trim() : ''
+
+  if (!lastUserText) {
+    throw new Error(
+      'Gemini CLI adapter requires a trailing user message with text content.',
+    )
+  }
+
+  if (sessionId !== undefined) {
+    return { prompt: lastUserText, resume: sessionId }
+  }
+
+  const priorTurns = messages
+    .slice(0, -1)
+    .filter(
+      (message) =>
+        (message.role === 'user' || message.role === 'assistant') &&
+        extractText(message.content).trim() !== '',
+    )
+    .map(
+      (message) =>
+        `${message.role === 'user' ? 'User' : 'Assistant'}: ${extractText(message.content).trim()}`,
+    )
+
+  if (priorTurns.length === 0) {
+    return { prompt: lastUserText }
+  }
+
+  return {
+    prompt: `Previous conversation:\n${priorTurns.join('\n')}\n\n${lastUserText}`,
+  }
+}
diff --git a/packages/ai-gemini-cli/src/model-meta.ts b/packages/ai-gemini-cli/src/model-meta.ts
new file mode 100644
index 000000000..039769910
--- /dev/null
+++ b/packages/ai-gemini-cli/src/model-meta.ts
@@ -0,0 +1,20 @@
+/**
+ * Models known to work with Gemini CLI. The harness accepts any Gemini model
+ * id (and the `auto` / `pro` / `flash` aliases resolved by the CLI), so this
+ * list exists for autocomplete — any string is accepted via the
+ * `(string & {})` escape hatch in {@link GeminiCliModel}.
+ */
+export const GEMINI_CLI_MODELS = [
+  'gemini-3-pro-preview',
+  'gemini-3-flash-preview',
+  'gemini-2.5-pro',
+  'gemini-2.5-flash',
+  'auto',
+  'pro',
+  'flash',
+] as const
+
+export type KnownGeminiCliModel = (typeof GEMINI_CLI_MODELS)[number]
+
+/** Any model id accepted by Gemini CLI; known ids get autocomplete. */
+export type GeminiCliModel = KnownGeminiCliModel | (string & {})
diff --git a/packages/ai-gemini-cli/src/process/acp-client.ts b/packages/ai-gemini-cli/src/process/acp-client.ts
new file mode 100644
index 000000000..0c9aae2a0
--- /dev/null
+++ b/packages/ai-gemini-cli/src/process/acp-client.ts
@@ -0,0 +1,257 @@
+import { spawn } from 'node:child_process'
+import { Readable, Writable } from 'node:stream'
+import {
+  ClientSideConnection,
+  PROTOCOL_VERSION,
+  ndJsonStream,
+} from '@agentclientprotocol/sdk'
+import type {
+  Client,
+  McpServer,
+  RequestPermissionRequest,
+  RequestPermissionResponse,
+  SessionNotification,
+} from '@agentclientprotocol/sdk'
+import type { ChildProcess } from 'node:child_process'
+import type {
+  AcpPermissionOutcome,
+  AcpPermissionRequest,
+  AcpSessionUpdate,
+  AcpStopReason,
+  AcpUsage,
+} from '../stream/acp-types'
+
+/** A live ACP session backed by a `gemini --acp` subprocess. */
+export interface AcpSessionHandle {
+  sessionId: string
+  /** Whether an existing session was actually resumed via `session/load`. */
+  resumed: boolean
+  /** Run one prompt turn; resolves with the harness's stop reason. */
+  prompt: (
+    text: string,
+  ) => Promise<{ stopReason: AcpStopReason; usage?: AcpUsage }>
+  /** Ask the harness to cancel the in-flight prompt turn. */
+  cancel: () => Promise<void>
+  /** Tear down the subprocess (SIGTERM, then SIGKILL after a grace period). */
+  dispose: () => Promise<void>
+}
+
+export interface StartAcpSessionOptions {
+  /** Path to the Gemini CLI executable. Defaults to `gemini` on PATH. */
+  executablePath?: string
+  /** Extra CLI arguments appended after `--acp`. */
+  extraArgs?: Array<string>
+  /** Model id passed via `-m`. */
+  model?: string
+  /** Working directory for the session (absolute path). */
+  cwd: string
+  /** Extra environment variables merged over `process.env`. */
+  env?: Record<string, string>
+  /**
+   * ACP auth method to select (via `authenticate`) before opening a session.
+   * The agent advertises the available method ids in its `initialize`
+   * response (e.g. `'oauth-personal'`, `'gemini-api-key'`, `'vertex-ai'`).
+   * Required when the installed CLI isn't already authenticated for headless
+   * use — without it, `prompt` fails with an auth error.
+   */
+  authMethodId?: string
+  /** MCP servers (e.g. the TanStack tool bridge) for the session. */
+  mcpServers?: Array<{ name: string; url: string }>
+  /** Session id to resume via `session/load`, when supported by the CLI. */
+  resumeSessionId?: string
+  onUpdate: (update: AcpSessionUpdate) => void
+  onPermissionRequest: (
+    request: AcpPermissionRequest,
+  ) => Promise<AcpPermissionOutcome> | AcpPermissionOutcome
+}
+
+const KILL_GRACE_MS = 2000
+
+function waitForExit(child: ChildProcess): Promise<void> {
+  return new Promise((resolve) => {
+    if (child.exitCode !== null || child.signalCode !== null) {
+      resolve()
+      return
+    }
+    child.once('exit', () => resolve())
+  })
+}
+
+/**
+ * Spawn `gemini --acp` and drive it over the Agent Client Protocol
+ * (JSON-RPC 2.0 on stdio).
+ *
+ * This module is the only place that touches `@agentclientprotocol/sdk`; the
+ * rest of the package works with the structural types in `acp-types.ts`.
+ *
+ * Resume semantics: when `resumeSessionId` is set and the CLI advertises the
+ * `loadSession` capability, the session is loaded by id — the CLI streams
+ * the prior conversation back as `session/update` notifications, which are
+ * deliberately swallowed (the TanStack client already has that history).
+ * When loading is unsupported or fails, a fresh session is created and
+ * `resumed: false` tells the adapter to send the flattened transcript.
+ */
+export async function startAcpSession(
+  options: StartAcpSessionOptions,
+): Promise<AcpSessionHandle> {
+  const args = ['--acp', ...(options.extraArgs ?? [])]
+  if (options.model !== undefined) {
+    args.push('-m', options.model)
+  }
+
+  const child = spawn(options.executablePath ?? 'gemini', args, {
+    cwd: options.cwd,
+    env: { ...process.env, ...options.env },
+    stdio: ['pipe', 'pipe', 'pipe'],
+  })
+
+  let stderrTail = ''
+  child.stderr.on('data', (chunk: Buffer) => {
+    stderrTail = (stderrTail + chunk.toString('utf8')).slice(-4096)
+  })
+
+  const spawned = new Promise<void>((resolve, reject) => {
+    child.once('spawn', () => resolve())
+    child.once('error', (error) => reject(error))
+  })
+
+  const exited = waitForExit(child).then(() => {
+    throw new Error(
+      `Gemini CLI exited unexpectedly (code ${child.exitCode ?? 'null'}, signal ${child.signalCode ?? 'null'}).${
+        stderrTail !== '' ? `\nstderr: ${stderrTail.trim()}` : ''
+      }`,
+    )
+  })
+
+  /** Suppressed while session/load replays prior history. */
+  let replaying = false
+
+  const client: Client = {
+    requestPermission: async (
+      params: RequestPermissionRequest,
+    ): Promise<RequestPermissionResponse> => {
+      const outcome = await options.onPermissionRequest(params)
+      return { outcome }
+    },
+    sessionUpdate: (params: SessionNotification): Promise<void> => {
+      if (!replaying) {
+        options.onUpdate(params.update as AcpSessionUpdate)
+      }
+      return Promise.resolve()
+    },
+  }
+
+  const teardown = async (): Promise<void> => {
+    if (child.exitCode === null && child.signalCode === null) {
+      child.kill('SIGTERM')
+      const timer = setTimeout(() => child.kill('SIGKILL'), KILL_GRACE_MS)
+      await waitForExit(child)
+      clearTimeout(timer)
+    }
+  }
+
+  try {
+    await spawned
+
+    const connection = new ClientSideConnection(
+      () => client,
+      ndJsonStream(
+        Writable.toWeb(child.stdin) as WritableStream<Uint8Array>,
+        Readable.toWeb(child.stdout) as ReadableStream<Uint8Array>,
+      ),
+    )
+
+    const race = <T>(work: Promise<T>): Promise<T> =>
+      Promise.race([work, exited])
+
+    const initResult = await race(
+      connection.initialize({
+        protocolVersion: PROTOCOL_VERSION,
+        clientCapabilities: {
+          fs: { readTextFile: false, writeTextFile: false },
+        },
+      }),
+    )
+
+    // Select an auth method before opening a session. The agent advertises
+    // its supported methods in the initialize response; pick the requested
+    // one (failing loudly if it isn't offered) so a headless run never hangs
+    // on an interactive auth picker.
+    if (options.authMethodId !== undefined) {
+      const available = initResult.authMethods ?? []
+      if (!available.some((method) => method.id === options.authMethodId)) {
+        throw new Error(
+          `Gemini CLI does not advertise the ACP auth method '${options.authMethodId}'. Available: ${
+            available.map((method) => method.id).join(', ') || '(none)'
+          }.`,
+        )
+      }
+      await race(connection.authenticate({ methodId: options.authMethodId }))
+    }
+
+    const mcpServers: Array<McpServer> = (options.mcpServers ?? []).map(
+      (server) => ({
+        type: 'http' as const,
+        name: server.name,
+        url: server.url,
+        headers: [],
+      }),
+    )
+
+    let sessionId: string | undefined
+    let resumed = false
+    if (
+      options.resumeSessionId !== undefined &&
+      initResult.agentCapabilities?.loadSession === true
+    ) {
+      // loadSession streams prior history back as session/update
+      // notifications; swallow them so the chat stream only carries the
+      // new turn.
+      replaying = true
+      try {
+        await race(
+          connection.loadSession({
+            sessionId: options.resumeSessionId,
+            cwd: options.cwd,
+            mcpServers,
+          }),
+        )
+        sessionId = options.resumeSessionId
+        resumed = true
+      } catch {
+        // Session unknown to this CLI install — fall through to a fresh one.
+      } finally {
+        replaying = false
+      }
+    }
+
+    if (sessionId === undefined) {
+      const session = await race(
+        connection.newSession({ cwd: options.cwd, mcpServers }),
+      )
+      sessionId = session.sessionId
+    }
+
+    return {
+      sessionId,
+      resumed,
+      prompt: async (text: string) => {
+        const response = await race(
+          connection.prompt({
+            sessionId,
+            prompt: [{ type: 'text', text }],
+          }),
+        )
+        return {
+          stopReason: response.stopReason,
+          ...(response.usage != null && { usage: response.usage }),
+        }
+      },
+      cancel: () => connection.cancel({ sessionId }),
+      dispose: teardown,
+    }
+  } catch (error) {
+    await teardown()
+    throw error
+  }
+}
diff --git a/packages/ai-gemini-cli/src/process/permissions.ts b/packages/ai-gemini-cli/src/process/permissions.ts
new file mode 100644
index 000000000..8ccb7505d
--- /dev/null
+++ b/packages/ai-gemini-cli/src/process/permissions.ts
@@ -0,0 +1,66 @@
+import { matchBridgedToolName } from '../stream/translate'
+import type {
+  AcpPermissionOutcome,
+  AcpPermissionRequest,
+} from '../stream/acp-types'
+
+/**
+ * Permission modes for the Gemini CLI adapter, mirroring the Claude Code
+ * adapter's semantics:
+ *
+ * - `'default'`: bridged TanStack tools run; anything else that asks for
+ *   permission is rejected with no prompt (a headless server must never
+ *   hang on an interactive question).
+ * - `'acceptEdits'`: additionally auto-approves file-mutation tools
+ *   (edit / move / delete kinds).
+ * - `'bypassPermissions'`: approves everything.
+ */
+export type GeminiCliPermissionMode =
+  | 'default'
+  | 'acceptEdits'
+  | 'bypassPermissions'
+
+/** Custom permission handler; replaces the adapter's default policy. */
+export type PermissionHandler = (
+  request: AcpPermissionRequest,
+) => Promise<AcpPermissionOutcome> | AcpPermissionOutcome
+
+const EDIT_KINDS = new Set(['edit', 'move', 'delete'])
+
+function pickOption(
+  request: AcpPermissionRequest,
+  kinds: Array<string>,
+): AcpPermissionOutcome {
+  for (const kind of kinds) {
+    const option = request.options.find((candidate) => candidate.kind === kind)
+    if (option) return { outcome: 'selected', optionId: option.optionId }
+  }
+  return { outcome: 'cancelled' }
+}
+
+/**
+ * The adapter's default permission policy. Always answers immediately —
+ * never hangs a headless server on a question only an interactive user
+ * could answer.
+ */
+export function resolvePermission(
+  request: AcpPermissionRequest,
+  mode: GeminiCliPermissionMode,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): AcpPermissionOutcome {
+  const allow = () => pickOption(request, ['allow_once', 'allow_always'])
+  const reject = () => pickOption(request, ['reject_once', 'reject_always'])
+
+  if (
+    matchBridgedToolName(request.toolCall.title, bridgedToolNames) !== undefined
+  ) {
+    return allow()
+  }
+  if (mode === 'bypassPermissions') {
+    return allow()
+  }
+  if (mode === 'acceptEdits' && EDIT_KINDS.has(request.toolCall.kind ?? '')) {
+    return allow()
+  }
+  return reject()
+}
diff --git a/packages/ai-gemini-cli/src/provider-options.ts b/packages/ai-gemini-cli/src/provider-options.ts
new file mode 100644
index 000000000..3d74cdc18
--- /dev/null
+++ b/packages/ai-gemini-cli/src/provider-options.ts
@@ -0,0 +1,23 @@
+import type { GeminiCliPermissionMode } from './process/permissions'
+
+/**
+ * Per-call provider options for the Gemini CLI adapter, passed via
+ * `modelOptions` on `chat()`.
+ */
+export interface GeminiCliTextProviderOptions {
+  /**
+   * Resume an existing Gemini CLI session. The adapter emits the session id
+   * of every run via a CUSTOM `gemini-cli.session-id` stream event; thread
+   * it back here to continue that session (only the latest user message is
+   * sent — the harness already holds the prior context). If the installed
+   * CLI doesn't support session loading, the adapter falls back to a fresh
+   * session seeded with the flattened transcript.
+   */
+  sessionId?: string
+  /** Per-call override of the configured permission mode. */
+  permissionMode?: GeminiCliPermissionMode
+  /** Per-call override of the harness working directory. */
+  cwd?: string
+  /** Per-call override of the configured ACP auth method id. */
+  authMethodId?: string
+}
diff --git a/packages/ai-gemini-cli/src/stream/acp-types.ts b/packages/ai-gemini-cli/src/stream/acp-types.ts
new file mode 100644
index 000000000..c59c4aa9e
--- /dev/null
+++ b/packages/ai-gemini-cli/src/stream/acp-types.ts
@@ -0,0 +1,82 @@
+/**
+ * Structural subset of the Agent Client Protocol (ACP) types that the
+ * adapter consumes.
+ *
+ * These are intentionally defined structurally (rather than imported from
+ * `@agentclientprotocol/sdk`) so the stream translator stays a pure,
+ * fixture-testable state machine and the package's public types don't depend
+ * on the ACP SDK's generated schema types. Unknown update types fall through
+ * every branch at runtime.
+ */
+
+export type AcpContentBlock =
+  | { type: 'text'; text: string }
+  | { type: string; [key: string]: unknown }
+
+export type AcpToolCallStatus =
+  | 'pending'
+  | 'in_progress'
+  | 'completed'
+  | 'failed'
+
+export interface AcpToolCallUpdate {
+  toolCallId: string
+  title?: string | null
+  kind?: string | null
+  status?: AcpToolCallStatus | null
+  rawInput?: unknown
+  rawOutput?: unknown
+  content?: Array<{
+    type: string
+    content?: AcpContentBlock
+    [key: string]: unknown
+  }> | null
+}
+
+/**
+ * The session-update variants the translator consumes. The harness can send
+ * other update types (`available_commands_update`, `current_mode_update`,
+ * ...); they fall through every branch and are ignored.
+ */
+export type AcpSessionUpdate =
+  | { sessionUpdate: 'agent_message_chunk'; content: AcpContentBlock }
+  | { sessionUpdate: 'agent_thought_chunk'; content: AcpContentBlock }
+  | ({ sessionUpdate: 'tool_call' } & AcpToolCallUpdate)
+  | ({ sessionUpdate: 'tool_call_update' } & AcpToolCallUpdate)
+  | { sessionUpdate: 'plan'; entries: Array<unknown> }
+  | { sessionUpdate: 'available_commands_update' }
+  | { sessionUpdate: 'current_mode_update' }
+  | { sessionUpdate: 'user_message_chunk'; content: AcpContentBlock }
+
+export type AcpStopReason =
+  | 'end_turn'
+  | 'max_tokens'
+  | 'max_turn_requests'
+  | 'refusal'
+  | 'cancelled'
+  | (string & {})
+
+/** Experimental per-turn token usage reported by the ACP prompt response. */
+export interface AcpUsage {
+  inputTokens?: number | null
+  outputTokens?: number | null
+  totalTokens?: number | null
+  cachedReadTokens?: number | null
+  thoughtTokens?: number | null
+}
+
+export interface AcpPermissionOption {
+  optionId: string
+  name: string
+  kind: 'allow_once' | 'allow_always' | 'reject_once' | 'reject_always'
+}
+
+export interface AcpPermissionRequest {
+  sessionId: string
+  toolCall: AcpToolCallUpdate
+  options: Array<AcpPermissionOption>
+}
+
+export type AcpPermissionOutcome =
+  | { outcome: 'cancelled' }
+  | { outcome: 'selected'; optionId: string }
diff --git a/packages/ai-gemini-cli/src/stream/queue.ts b/packages/ai-gemini-cli/src/stream/queue.ts
new file mode 100644
index 000000000..0f095feb1
--- /dev/null
+++ b/packages/ai-gemini-cli/src/stream/queue.ts
@@ -0,0 +1,64 @@
+/**
+ * Minimal promise-based async queue bridging the ACP connection's
+ * callback-style `session/update` notifications into the async-iterable
+ * world the stream translator consumes.
+ */
+export class AsyncQueue<T> implements AsyncIterable<T> {
+  private readonly values: Array<T> = []
+  private readonly waiters: Array<{
+    resolve: (result: IteratorResult<T>) => void
+    reject: (error: unknown) => void
+  }> = []
+  private ended = false
+  private error: unknown = undefined
+  private failed = false
+
+  push(value: T): void {
+    if (this.ended || this.failed) return
+    const waiter = this.waiters.shift()
+    if (waiter) {
+      waiter.resolve({ value, done: false })
+    } else {
+      this.values.push(value)
+    }
+  }
+
+  /** Signal normal completion; pending and future reads resolve as done. */
+  end(): void {
+    if (this.ended || this.failed) return
+    this.ended = true
+    for (const waiter of this.waiters.splice(0)) {
+      waiter.resolve({ value: undefined, done: true })
+    }
+  }
+
+  /** Signal failure; pending and future reads reject (after buffered values drain). */
+  fail(error: unknown): void {
+    if (this.ended || this.failed) return
+    this.failed = true
+    this.error = error
+    for (const waiter of this.waiters.splice(0)) {
+      waiter.reject(error)
+    }
+  }
+
+  [Symbol.asyncIterator](): AsyncIterator<T> {
+    return {
+      next: (): Promise<IteratorResult<T>> => {
+        if (this.values.length > 0) {
+          return Promise.resolve({
+            value: this.values.shift() as T,
+            done: false,
+          })
+        }
+        if (this.failed) return Promise.reject(this.error)
+        if (this.ended) {
+          return Promise.resolve({ value: undefined, done: true })
+        }
+        return new Promise((resolve, reject) => {
+          this.waiters.push({ resolve, reject })
+        })
+      },
+    }
+  }
+}
diff --git a/packages/ai-gemini-cli/src/stream/translate.ts b/packages/ai-gemini-cli/src/stream/translate.ts
new file mode 100644
index 000000000..db18c28c8
--- /dev/null
+++ b/packages/ai-gemini-cli/src/stream/translate.ts
@@ -0,0 +1,395 @@
+import { EventType, buildBaseUsage } from '@tanstack/ai'
+import type { StreamChunk, TokenUsage } from '@tanstack/ai'
+import type {
+  AcpSessionUpdate,
+  AcpStopReason,
+  AcpToolCallUpdate,
+  AcpUsage,
+} from './acp-types'
+
+/** Name of the CUSTOM event carrying the Gemini CLI session id. */
+export const SESSION_ID_EVENT = 'gemini-cli.session-id'
+
+/** Name of the CUSTOM event carrying the harness's plan updates. */
+export const PLAN_EVENT = 'gemini-cli.plan'
+
+/** Server name used for bridged TanStack tools. */
+export const BRIDGED_MCP_SERVER_NAME = 'tanstack'
+
+/**
+ * Events fed to the translator: the session id once established, every ACP
+ * `session/update` notification, and a terminal `done` carrying the prompt
+ * response's stop reason (the adapter's async queue produces these).
+ */
+export type AcpStreamEvent =
+  | { kind: 'session'; sessionId: string }
+  | { kind: 'update'; update: AcpSessionUpdate }
+  | { kind: 'done'; stopReason: AcpStopReason; usage?: AcpUsage }
+
+export interface TranslateContext {
+  model: string
+  runId: string
+  threadId: string
+  parentRunId?: string
+  genId: () => string
+  /**
+   * Names of bridged TanStack tools, used to surface the harness's MCP tool
+   * calls under the names the application registered.
+   */
+  bridgedToolNames?: ReadonlySet<string>
+  /** Called for each raw ACP stream event, for logging. */
+  onAcpEvent?: (event: AcpStreamEvent) => void
+}
+
+/**
+ * Match an ACP tool-call title against the bridged TanStack tool names.
+ * Gemini CLI labels MCP tools with the tool name, optionally suffixed with
+ * the server it came from (e.g. `lookup_user (tanstack MCP Server)`).
+ */
+export function matchBridgedToolName(
+  title: string | null | undefined,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): string | undefined {
+  if (!title || !bridgedToolNames) return undefined
+  if (bridgedToolNames.has(title)) return title
+  for (const name of bridgedToolNames) {
+    if (title.startsWith(`${name} (`)) return name
+  }
+  return undefined
+}
+
+function resolveToolName(
+  update: AcpToolCallUpdate,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): string {
+  return (
+    matchBridgedToolName(update.title, bridgedToolNames) ??
+    update.kind ??
+    'tool'
+  )
+}
+
+function stringifyToolOutput(update: AcpToolCallUpdate): string {
+  if (update.rawOutput !== undefined) {
+    return typeof update.rawOutput === 'string'
+      ? update.rawOutput
+      : JSON.stringify(update.rawOutput)
+  }
+  const text = (update.content ?? [])
+    .map((block) =>
+      block.content && typeof block.content.text === 'string'
+        ? block.content.text
+        : '',
+    )
+    .join('')
+  if (text !== '') return text
+  return JSON.stringify({ status: update.status ?? 'completed' })
+}
+
+function buildUsage(usage: AcpUsage | undefined): TokenUsage | undefined {
+  if (!usage) return undefined
+  const promptTokens = usage.inputTokens ?? 0
+  const completionTokens = usage.outputTokens ?? 0
+  const result = buildBaseUsage({
+    promptTokens,
+    completionTokens,
+    totalTokens: usage.totalTokens ?? promptTokens + completionTokens,
+  })
+  if (usage.cachedReadTokens) {
+    result.promptTokensDetails = { cachedTokens: usage.cachedReadTokens }
+  }
+  if (usage.thoughtTokens) {
+    result.completionTokensDetails = { reasoningTokens: usage.thoughtTokens }
+  }
+  return result
+}
+
+/**
+ * Translate a Gemini CLI ACP event stream into AG-UI StreamChunk events.
+ *
+ * The harness runs its own agent loop and executes its own tools, so the
+ * translation always ends with `finishReason: 'stop'` (or `'length'` /
+ * RUN_ERROR) — never `'tool_calls'`. Harness tool activity is emitted as
+ * already-resolved TOOL_CALL_START/ARGS/END + TOOL_CALL_RESULT sequences so
+ * UIs can render it, while the TanStack engine never tries to execute them.
+ *
+ * ACP delivers true token-level deltas for both assistant text
+ * (`agent_message_chunk`) and thinking (`agent_thought_chunk`).
+ *
+ * Invariant: every TOOL_CALL_START is eventually paired with a
+ * TOOL_CALL_RESULT (synthesized as `{"status":"interrupted"}` when the run
+ * ends or aborts before the harness reported one) so the engine's
+ * pending-tool-call scan on the next request never force-executes them.
+ */
+export async function* translateAcpStream(
+  events: AsyncIterable<AcpStreamEvent>,
+  ctx: TranslateContext,
+): AsyncIterable<StreamChunk> {
+  const { model, runId, threadId, genId } = ctx
+  const now = () => Date.now()
+
+  let runStarted = false
+  /** Tool calls started but with no result yet. */
+  const unresolvedToolCalls = new Set<string>()
+  /** Tool names by id, for synthetic opens on unknown tool_call_update ids. */
+  const knownToolCalls = new Set<string>()
+
+  let textMessageId: string | null = null
+  let textContent = ''
+  let reasoningId: string | null = null
+
+  function* startRun(): Generator<StreamChunk> {
+    if (runStarted) return
+    runStarted = true
+    yield {
+      type: EventType.RUN_STARTED,
+      runId,
+      threadId,
+      model,
+      timestamp: now(),
+      ...(ctx.parentRunId !== undefined && { parentRunId: ctx.parentRunId }),
+    }
+  }
+
+  function* closeText(): Generator<StreamChunk> {
+    if (textMessageId !== null) {
+      yield {
+        type: EventType.TEXT_MESSAGE_END,
+        messageId: textMessageId,
+        model,
+        timestamp: now(),
+      }
+    }
+    textMessageId = null
+    textContent = ''
+  }
+
+  function* closeReasoning(): Generator<StreamChunk> {
+    if (reasoningId !== null) {
+      yield {
+        type: EventType.REASONING_MESSAGE_END,
+        messageId: reasoningId,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_END,
+        messageId: reasoningId,
+        model,
+        timestamp: now(),
+      }
+    }
+    reasoningId = null
+  }
+
+  function* synthesizeUnresolvedResults(): Generator<StreamChunk> {
+    for (const toolCallId of unresolvedToolCalls) {
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content: JSON.stringify({ status: 'interrupted' }),
+      }
+    }
+    unresolvedToolCalls.clear()
+  }
+
+  function* openToolCall(update: AcpToolCallUpdate): Generator<StreamChunk> {
+    if (knownToolCalls.has(update.toolCallId)) return
+    knownToolCalls.add(update.toolCallId)
+    const toolCallName = resolveToolName(update, ctx.bridgedToolNames)
+    const input = {
+      ...(update.title != null && { title: update.title }),
+      ...(update.rawInput !== undefined && update.rawInput !== null
+        ? typeof update.rawInput === 'object'
+          ? (update.rawInput as Record<string, unknown>)
+          : { input: update.rawInput }
+        : {}),
+    }
+    const args = JSON.stringify(input)
+    yield {
+      type: EventType.TOOL_CALL_START,
+      toolCallId: update.toolCallId,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+    }
+    yield {
+      type: EventType.TOOL_CALL_ARGS,
+      toolCallId: update.toolCallId,
+      model,
+      timestamp: now(),
+      delta: args,
+      args,
+    }
+    yield {
+      type: EventType.TOOL_CALL_END,
+      toolCallId: update.toolCallId,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+      input,
+    }
+    unresolvedToolCalls.add(update.toolCallId)
+  }
+
+  function* resolveToolCall(update: AcpToolCallUpdate): Generator<StreamChunk> {
+    yield* openToolCall(update)
+    unresolvedToolCalls.delete(update.toolCallId)
+    yield {
+      type: EventType.TOOL_CALL_RESULT,
+      toolCallId: update.toolCallId,
+      messageId: genId(),
+      model,
+      timestamp: now(),
+      content: stringifyToolOutput(update),
+      ...(update.status === 'failed' && { state: 'output-error' as const }),
+    }
+  }
+
+  function* handleUpdate(update: AcpSessionUpdate): Generator<StreamChunk> {
+    if (update.sessionUpdate === 'agent_message_chunk') {
+      yield* closeReasoning()
+      const text =
+        typeof update.content.text === 'string' ? update.content.text : ''
+      if (text === '') return
+      if (textMessageId === null) {
+        textMessageId = genId()
+        yield {
+          type: EventType.TEXT_MESSAGE_START,
+          messageId: textMessageId,
+          model,
+          timestamp: now(),
+          role: 'assistant',
+        }
+      }
+      textContent += text
+      yield {
+        type: EventType.TEXT_MESSAGE_CONTENT,
+        messageId: textMessageId,
+        model,
+        timestamp: now(),
+        delta: text,
+        content: textContent,
+      }
+    } else if (update.sessionUpdate === 'agent_thought_chunk') {
+      yield* closeText()
+      const thought =
+        typeof update.content.text === 'string' ? update.content.text : ''
+      if (thought === '') return
+      if (reasoningId === null) {
+        reasoningId = genId()
+        yield {
+          type: EventType.REASONING_START,
+          messageId: reasoningId,
+          model,
+          timestamp: now(),
+        }
+        yield {
+          type: EventType.REASONING_MESSAGE_START,
+          messageId: reasoningId,
+          role: 'reasoning' as const,
+          model,
+          timestamp: now(),
+        }
+      }
+      yield {
+        type: EventType.REASONING_MESSAGE_CONTENT,
+        messageId: reasoningId,
+        delta: thought,
+        model,
+        timestamp: now(),
+      }
+    } else if (update.sessionUpdate === 'tool_call') {
+      yield* closeText()
+      yield* closeReasoning()
+      yield* openToolCall(update)
+      if (update.status === 'completed' || update.status === 'failed') {
+        yield* resolveToolCall(update)
+      }
+    } else if (update.sessionUpdate === 'tool_call_update') {
+      if (update.status === 'completed' || update.status === 'failed') {
+        yield* resolveToolCall(update)
+      }
+      // pending / in_progress updates carry no state the chunk stream needs.
+    } else if (update.sessionUpdate === 'plan') {
+      yield {
+        type: EventType.CUSTOM,
+        model,
+        timestamp: now(),
+        name: PLAN_EVENT,
+        value: { entries: update.entries },
+      }
+    }
+    // Other update types (available_commands_update, current_mode_update,
+    // user_message_chunk replays, ...) are harness-internal and ignored.
+  }
+
+  try {
+    for await (const event of events) {
+      ctx.onAcpEvent?.(event)
+
+      if (event.kind === 'session') {
+        yield* startRun()
+        yield {
+          type: EventType.CUSTOM,
+          model,
+          timestamp: now(),
+          name: SESSION_ID_EVENT,
+          value: { sessionId: event.sessionId },
+        }
+      } else if (event.kind === 'update') {
+        yield* startRun()
+        yield* handleUpdate(event.update)
+      } else {
+        yield* startRun()
+        yield* closeText()
+        yield* closeReasoning()
+        yield* synthesizeUnresolvedResults()
+
+        if (event.stopReason === 'refusal') {
+          yield {
+            type: EventType.RUN_ERROR,
+            model,
+            timestamp: now(),
+            message: 'Gemini CLI refused the request.',
+            code: 'refusal',
+            error: {
+              message: 'Gemini CLI refused the request.',
+              code: 'refusal',
+            },
+          }
+        } else {
+          const usage = buildUsage(event.usage)
+          const finishReason =
+            event.stopReason === 'max_tokens' ||
+            event.stopReason === 'max_turn_requests'
+              ? ('length' as const)
+              : ('stop' as const)
+          yield {
+            type: EventType.RUN_FINISHED,
+            runId,
+            threadId,
+            model,
+            timestamp: now(),
+            finishReason,
+            ...(usage !== undefined && { usage }),
+          }
+        }
+      }
+    }
+  } catch (error) {
+    // The run is dying (abort, process exit, or connection failure). Close
+    // any open message and pair started tool calls with a synthetic result
+    // first so the next request's pending-tool-call scan doesn't try to
+    // execute them, then let the adapter surface the error as RUN_ERROR.
+    yield* closeText()
+    yield* closeReasoning()
+    yield* synthesizeUnresolvedResults()
+    throw error
+  }
+}
diff --git a/packages/ai-gemini-cli/src/tools/bridge.ts b/packages/ai-gemini-cli/src/tools/bridge.ts
new file mode 100644
index 000000000..d6cbbf1bc
--- /dev/null
+++ b/packages/ai-gemini-cli/src/tools/bridge.ts
@@ -0,0 +1,129 @@
+import { createServer } from 'node:http'
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js'
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js'
+import { BRIDGED_MCP_SERVER_NAME } from '../stream/translate'
+import type { AddressInfo } from 'node:net'
+import type { AnyTool } from '@tanstack/ai'
+
+/** A running localhost MCP server exposing TanStack tools to the harness. */
+export interface ToolBridgeHandle {
+  /** Streamable-HTTP MCP endpoint, e.g. `http://127.0.0.1:54321/mcp`. */
+  url: string
+  /** Stop the HTTP server and drop any open connections. */
+  close: () => Promise<void>
+}
+
+function createMcpServer(tools: Array<AnyTool>): McpServer {
+  const instance = new McpServer(
+    { name: BRIDGED_MCP_SERVER_NAME, version: '1.0.0' },
+    { capabilities: { tools: {} } },
+  )
+
+  const toolsByName = new Map(tools.map((tool) => [tool.name, tool]))
+
+  instance.server.setRequestHandler(ListToolsRequestSchema, () => ({
+    tools: tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      inputSchema: (tool.inputSchema ?? {
+        type: 'object',
+        properties: {},
+      }) as { type: 'object'; [key: string]: unknown },
+    })),
+  }))
+
+  instance.server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const tool = toolsByName.get(request.params.name)
+    if (!tool?.execute) {
+      throw new Error(`Unknown tool: ${request.params.name}`)
+    }
+    try {
+      const result: unknown = await tool.execute(request.params.arguments ?? {})
+      const text = typeof result === 'string' ? result : JSON.stringify(result)
+      return { content: [{ type: 'text', text }] }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error)
+      return {
+        isError: true,
+        content: [{ type: 'text', text: `Tool execution failed: ${message}` }],
+      }
+    }
+  })
+
+  return instance
+}
+
+/**
+ * Expose TanStack tools to the Gemini CLI harness as a Streamable-HTTP MCP
+ * server on an ephemeral localhost port.
+ *
+ * Gemini CLI runs as a separate subprocess, so there is no in-process MCP
+ * option — the bridge listens on `127.0.0.1` and the adapter hands its URL
+ * to the harness via the ACP session's `mcpServers` list. Each request is
+ * handled statelessly with a fresh `McpServer` + transport pair, which is
+ * all the harness's list/call traffic needs.
+ *
+ * The engine has already converted each tool's schema to JSON Schema before
+ * the adapter sees it, and JSON Schema is exactly what MCP's `tools/list`
+ * wants — so the low-level request handlers pass schemas through verbatim
+ * instead of round-tripping them through zod.
+ *
+ * The caller owns the lifecycle: `close()` must run when the chat stream
+ * ends (the adapter does this in a `finally`) so the port is never leaked.
+ */
+export async function startToolBridge(
+  tools: Array<AnyTool>,
+): Promise<ToolBridgeHandle> {
+  const httpServer = createServer((req, res) => {
+    void (async () => {
+      if (req.method !== 'POST') {
+        res.writeHead(405).end()
+        return
+      }
+      const chunks: Array<Buffer> = []
+      for await (const chunk of req) {
+        chunks.push(chunk as Buffer)
+      }
+      let parsedBody: unknown
+      try {
+        parsedBody = JSON.parse(Buffer.concat(chunks).toString('utf8'))
+      } catch {
+        res.writeHead(400).end()
+        return
+      }
+      const mcpServer = createMcpServer(tools)
+      const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: undefined,
+      })
+      res.on('close', () => {
+        void transport.close()
+        void mcpServer.close()
+      })
+      await mcpServer.connect(transport)
+      await transport.handleRequest(req, res, parsedBody)
+    })().catch(() => {
+      if (!res.headersSent) res.writeHead(500)
+      res.end()
+    })
+  })
+
+  await new Promise<void>((resolve, reject) => {
+    httpServer.once('error', reject)
+    httpServer.listen(0, '127.0.0.1', resolve)
+  })
+
+  const { port } = httpServer.address() as AddressInfo
+
+  return {
+    url: `http://127.0.0.1:${port}/mcp`,
+    close: () =>
+      new Promise<void>((resolve, reject) => {
+        httpServer.closeAllConnections()
+        httpServer.close((error) => (error ? reject(error) : resolve()))
+      }),
+  }
+}
diff --git a/packages/ai-gemini-cli/tests/bridge.test.ts b/packages/ai-gemini-cli/tests/bridge.test.ts
new file mode 100644
index 000000000..48acf57aa
--- /dev/null
+++ b/packages/ai-gemini-cli/tests/bridge.test.ts
@@ -0,0 +1,108 @@
+import { describe, expect, it } from 'vitest'
+import { Client } from '@modelcontextprotocol/sdk/client/index.js'
+import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js'
+import { startToolBridge } from '../src/tools/bridge'
+import type { AnyTool } from '@tanstack/ai'
+
+function makeTool(overrides: Partial<AnyTool> = {}): AnyTool {
+  return {
+    name: 'echo',
+    description: 'Echo the input back',
+    inputSchema: {
+      type: 'object',
+      properties: { value: { type: 'string' } },
+    },
+    execute: async (args: unknown) => args,
+    ...overrides,
+  } as unknown as AnyTool
+}
+
+async function connectClient(url: string): Promise<Client> {
+  const client = new Client({ name: 'test-client', version: '1.0.0' })
+  await client.connect(new StreamableHTTPClientTransport(new URL(url)))
+  return client
+}
+
+describe('startToolBridge', () => {
+  it('listens on an ephemeral localhost port', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      expect(bridge.url).toMatch(/^http:\/\/127\.0\.0\.1:\d+\/mcp$/)
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('lists tools with their JSON schemas passed through verbatim', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      const client = await connectClient(bridge.url)
+      const { tools } = await client.listTools()
+      expect(tools).toHaveLength(1)
+      expect(tools[0]).toMatchObject({
+        name: 'echo',
+        description: 'Echo the input back',
+        inputSchema: {
+          type: 'object',
+          properties: { value: { type: 'string' } },
+        },
+      })
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('executes tool calls and returns stringified results', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async (args: unknown) => ({
+          echoed: (args as { value: string }).value,
+        }),
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({
+        name: 'echo',
+        arguments: { value: 'hi' },
+      })
+      expect(result.content).toEqual([
+        { type: 'text', text: JSON.stringify({ echoed: 'hi' }) },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('returns isError content when the tool throws', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async () => {
+          throw new Error('tool blew up')
+        },
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({
+        name: 'echo',
+        arguments: {},
+      })
+      expect(result.isError).toBe(true)
+      expect(result.content).toEqual([
+        { type: 'text', text: 'Tool execution failed: tool blew up' },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('refuses connections after close()', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    await bridge.close()
+    await expect(connectClient(bridge.url)).rejects.toThrow()
+  })
+})
diff --git a/packages/ai-gemini-cli/tests/permissions.test.ts b/packages/ai-gemini-cli/tests/permissions.test.ts
new file mode 100644
index 000000000..fd8dfd062
--- /dev/null
+++ b/packages/ai-gemini-cli/tests/permissions.test.ts
@@ -0,0 +1,103 @@
+import { describe, expect, it } from 'vitest'
+import { resolvePermission } from '../src/process/permissions'
+import type { AcpPermissionRequest } from '../src/stream/acp-types'
+
+function makeRequest(
+  overrides: Partial<AcpPermissionRequest['toolCall']> = {},
+): AcpPermissionRequest {
+  return {
+    sessionId: 'sess-1',
+    toolCall: {
+      toolCallId: 'tc-1',
+      title: 'Run shell command',
+      kind: 'execute',
+      ...overrides,
+    },
+    options: [
+      { optionId: 'allow-once', name: 'Allow once', kind: 'allow_once' },
+      { optionId: 'allow-always', name: 'Always allow', kind: 'allow_always' },
+      { optionId: 'reject-once', name: 'Reject', kind: 'reject_once' },
+    ],
+  }
+}
+
+describe('resolvePermission', () => {
+  it('rejects harness tools in default mode', () => {
+    expect(resolvePermission(makeRequest(), 'default', undefined)).toEqual({
+      outcome: 'selected',
+      optionId: 'reject-once',
+    })
+  })
+
+  it('allows bridged TanStack tools in every mode', () => {
+    const request = makeRequest({
+      title: 'lookup_user (tanstack MCP Server)',
+      kind: 'other',
+    })
+    const bridged = new Set(['lookup_user'])
+    for (const mode of [
+      'default',
+      'acceptEdits',
+      'bypassPermissions',
+    ] as const) {
+      expect(resolvePermission(request, mode, bridged)).toEqual({
+        outcome: 'selected',
+        optionId: 'allow-once',
+      })
+    }
+  })
+
+  it('allows edit-kind tools only in acceptEdits and bypassPermissions', () => {
+    const edit = makeRequest({ title: 'Edit file', kind: 'edit' })
+    expect(resolvePermission(edit, 'default', undefined)).toEqual({
+      outcome: 'selected',
+      optionId: 'reject-once',
+    })
+    expect(resolvePermission(edit, 'acceptEdits', undefined)).toEqual({
+      outcome: 'selected',
+      optionId: 'allow-once',
+    })
+    expect(resolvePermission(edit, 'bypassPermissions', undefined)).toEqual({
+      outcome: 'selected',
+      optionId: 'allow-once',
+    })
+  })
+
+  it('treats move and delete as edits', () => {
+    for (const kind of ['move', 'delete']) {
+      expect(
+        resolvePermission(makeRequest({ kind }), 'acceptEdits', undefined),
+      ).toEqual({ outcome: 'selected', optionId: 'allow-once' })
+    }
+  })
+
+  it('does not auto-approve execute tools in acceptEdits mode', () => {
+    expect(
+      resolvePermission(
+        makeRequest({ kind: 'execute' }),
+        'acceptEdits',
+        undefined,
+      ),
+    ).toEqual({ outcome: 'selected', optionId: 'reject-once' })
+  })
+
+  it('allows everything in bypassPermissions mode', () => {
+    expect(
+      resolvePermission(makeRequest(), 'bypassPermissions', undefined),
+    ).toEqual({ outcome: 'selected', optionId: 'allow-once' })
+  })
+
+  it('falls back through option kinds and cancels when nothing matches', () => {
+    const request: AcpPermissionRequest = {
+      ...makeRequest(),
+      options: [{ optionId: 'always', name: 'Always', kind: 'allow_always' }],
+    }
+    expect(resolvePermission(request, 'bypassPermissions', undefined)).toEqual({
+      outcome: 'selected',
+      optionId: 'always',
+    })
+    expect(resolvePermission(request, 'default', undefined)).toEqual({
+      outcome: 'cancelled',
+    })
+  })
+})
diff --git a/packages/ai-gemini-cli/tests/prompt.test.ts b/packages/ai-gemini-cli/tests/prompt.test.ts
new file mode 100644
index 000000000..6e8dfcdf3
--- /dev/null
+++ b/packages/ai-gemini-cli/tests/prompt.test.ts
@@ -0,0 +1,97 @@
+import { describe, expect, it } from 'vitest'
+import { buildPrompt } from '../src/messages/prompt'
+import type { ModelMessage } from '@tanstack/ai'
+
+const user = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'user',
+  content,
+})
+const assistant = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'assistant',
+  content,
+})
+
+describe('buildPrompt', () => {
+  it('resumes with only the last user message when sessionId is provided', () => {
+    const result = buildPrompt(
+      [
+        user('first question'),
+        assistant('first answer'),
+        user('follow-up question'),
+      ],
+      'sess-1',
+    )
+    expect(result).toEqual({
+      prompt: 'follow-up question',
+      resume: 'sess-1',
+    })
+  })
+
+  it('throws when sessionId is provided but there is no trailing user message', () => {
+    expect(() => buildPrompt([user('q'), assistant('a')], 'sess-1')).toThrow(
+      /user message/i,
+    )
+  })
+
+  it('sends a single user message as-is for a fresh session', () => {
+    expect(buildPrompt([user('hello')], undefined)).toEqual({
+      prompt: 'hello',
+    })
+  })
+
+  it('flattens prior turns into a transcript preamble for fresh multi-turn history', () => {
+    const { prompt, resume } = buildPrompt(
+      [user('What is 2+2?'), assistant('4'), user('And times 3?')],
+      undefined,
+    )
+    expect(resume).toBeUndefined()
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: What is 2+2?\nAssistant: 4\n\nAnd times 3?',
+    )
+  })
+
+  it('skips tool messages and assistant tool-call-only turns when flattening', () => {
+    const messages: Array<ModelMessage> = [
+      user('list files'),
+      {
+        role: 'assistant',
+        content: null,
+        toolCalls: [
+          {
+            id: 't1',
+            type: 'function',
+            function: { name: 'ls', arguments: '{}' },
+          },
+        ],
+      } as unknown as ModelMessage,
+      { role: 'tool', content: 'file-a', toolCallId: 't1' },
+      assistant('There is one file.'),
+      user('thanks, which one?'),
+    ]
+    const { prompt } = buildPrompt(messages, undefined)
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: list files\nAssistant: There is one file.\n\nthanks, which one?',
+    )
+  })
+
+  it('extracts text from content-part arrays and ignores non-text parts', () => {
+    const { prompt } = buildPrompt(
+      [
+        user([
+          { type: 'text', content: 'describe ' },
+          {
+            type: 'image',
+            source: { type: 'url', url: 'https://x/y.png' },
+          } as never,
+          { type: 'text', content: 'this' },
+        ] as ModelMessage['content']),
+      ],
+      undefined,
+    )
+    expect(prompt).toBe('describe this')
+  })
+
+  it('throws when there is no usable user content at all', () => {
+    expect(() => buildPrompt([], undefined)).toThrow(/user message/i)
+  })
+})
diff --git a/packages/ai-gemini-cli/tests/text-adapter.test.ts b/packages/ai-gemini-cli/tests/text-adapter.test.ts
new file mode 100644
index 000000000..137f4426b
--- /dev/null
+++ b/packages/ai-gemini-cli/tests/text-adapter.test.ts
@@ -0,0 +1,562 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+import { startAcpSession } from '../src/process/acp-client'
+import { startToolBridge } from '../src/tools/bridge'
+import { geminiCliText } from '../src/adapters/text'
+import type { StartAcpSessionOptions } from '../src/process/acp-client'
+import type { AcpStopReason, AcpUsage } from '../src/stream/acp-types'
+import type { InternalLogger } from '@tanstack/ai/adapter-internals'
+import type { StreamChunk, TextOptions } from '@tanstack/ai'
+
+vi.mock('../src/process/acp-client', () => ({
+  startAcpSession: vi.fn(),
+}))
+vi.mock('../src/tools/bridge', () => ({
+  startToolBridge: vi.fn(),
+}))
+
+const startAcpSessionMock = vi.mocked(startAcpSession)
+const startToolBridgeMock = vi.mocked(startToolBridge)
+
+const cancelMock = vi.fn()
+const disposeMock = vi.fn()
+const bridgeCloseMock = vi.fn()
+
+interface ScriptedTurn {
+  updates?: Array<Parameters<StartAcpSessionOptions['onUpdate']>[0]>
+  stopReason?: AcpStopReason
+  usage?: AcpUsage
+  resumed?: boolean
+  sessionId?: string
+  promptError?: Error
+}
+
+/** Captured options from the most recent startAcpSession call. */
+let capturedOptions: StartAcpSessionOptions | undefined
+
+function scriptSession(turn: ScriptedTurn = {}) {
+  startAcpSessionMock.mockImplementation((options) => {
+    capturedOptions = options
+    return Promise.resolve({
+      sessionId: turn.sessionId ?? 'sess-1',
+      resumed: turn.resumed ?? false,
+      prompt: (text: string) => {
+        void text
+        if (turn.promptError) return Promise.reject(turn.promptError)
+        for (const update of turn.updates ?? []) {
+          options.onUpdate(update)
+        }
+        return Promise.resolve({
+          stopReason: turn.stopReason ?? 'end_turn',
+          ...(turn.usage !== undefined && { usage: turn.usage }),
+        })
+      },
+      cancel: cancelMock,
+      dispose: disposeMock,
+    })
+  })
+}
+
+const noopLogger = {
+  request: vi.fn(),
+  provider: vi.fn(),
+  output: vi.fn(),
+  errors: vi.fn(),
+  middleware: vi.fn(),
+  tools: vi.fn(),
+  agentLoop: vi.fn(),
+  config: vi.fn(),
+  isEnabled: () => false,
+} as unknown as InternalLogger
+
+function makeOptions(
+  overrides: Partial<TextOptions<Record<string, any>>> = {},
+): TextOptions<Record<string, any>> {
+  return {
+    model: 'gemini-3-pro-preview',
+    messages: [{ role: 'user', content: 'hello' }],
+    logger: noopLogger,
+    ...overrides,
+  } as TextOptions<Record<string, any>>
+}
+
+async function collect(
+  stream: AsyncIterable<StreamChunk>,
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of stream) chunks.push(chunk)
+  return chunks
+}
+
+const textUpdate = (text: string) => ({
+  sessionUpdate: 'agent_message_chunk' as const,
+  content: { type: 'text' as const, text },
+})
+
+beforeEach(() => {
+  startAcpSessionMock.mockReset()
+  startToolBridgeMock.mockReset()
+  cancelMock.mockReset()
+  disposeMock.mockReset()
+  bridgeCloseMock.mockReset()
+  capturedOptions = undefined
+  startToolBridgeMock.mockResolvedValue({
+    url: 'http://127.0.0.1:7777/mcp',
+    close: bridgeCloseMock,
+  })
+  scriptSession({ updates: [textUpdate('hi there')] })
+})
+
+describe('geminiCliText', () => {
+  it('creates an adapter with the gemini-cli provider name', () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    expect(adapter.kind).toBe('text')
+    expect(adapter.name).toBe('gemini-cli')
+    expect(adapter.model).toBe('gemini-3-pro-preview')
+  })
+})
+
+describe('chatStream', () => {
+  it('streams translated AG-UI events for a simple turn', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('spawns with the configured model, cwd, and executable', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview', {
+      cwd: '/workspace',
+      executablePath: '/opt/bin/gemini',
+      extraArgs: ['--sandbox'],
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    expect(capturedOptions).toMatchObject({
+      model: 'gemini-3-pro-preview',
+      cwd: '/workspace',
+      executablePath: '/opt/bin/gemini',
+      extraArgs: ['--sandbox'],
+    })
+  })
+
+  it('passes the configured ACP auth method through to the session', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview', {
+      authMethodId: 'oauth-personal',
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    expect(capturedOptions).toMatchObject({ authMethodId: 'oauth-personal' })
+  })
+
+  it('lets modelOptions override the configured ACP auth method', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview', {
+      authMethodId: 'oauth-personal',
+    })
+    await collect(
+      adapter.chatStream(
+        makeOptions({ modelOptions: { authMethodId: 'gemini-api-key' } }),
+      ),
+    )
+    expect(capturedOptions).toMatchObject({ authMethodId: 'gemini-api-key' })
+  })
+
+  it('omits authMethodId when none is configured', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(adapter.chatStream(makeOptions()))
+    expect(capturedOptions?.authMethodId).toBeUndefined()
+  })
+
+  it('sends only the trailing user message and requests resume with a sessionId', async () => {
+    scriptSession({ resumed: true, sessionId: 'sess-prior' })
+    const promptSpy = vi.fn()
+    startAcpSessionMock.mockImplementation((options) => {
+      capturedOptions = options
+      return Promise.resolve({
+        sessionId: 'sess-prior',
+        resumed: true,
+        prompt: (text: string) => {
+          promptSpy(text)
+          return Promise.resolve({ stopReason: 'end_turn' as const })
+        },
+        cancel: cancelMock,
+        dispose: disposeMock,
+      })
+    })
+
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+          modelOptions: { sessionId: 'sess-prior' },
+        }),
+      ),
+    )
+    expect(capturedOptions).toMatchObject({ resumeSessionId: 'sess-prior' })
+    expect(promptSpy).toHaveBeenCalledWith('follow-up')
+  })
+
+  it('falls back to the flattened transcript when resume is unavailable', async () => {
+    const promptSpy = vi.fn()
+    startAcpSessionMock.mockImplementation((options) => {
+      capturedOptions = options
+      return Promise.resolve({
+        sessionId: 'sess-fresh',
+        resumed: false,
+        prompt: (text: string) => {
+          promptSpy(text)
+          return Promise.resolve({ stopReason: 'end_turn' as const })
+        },
+        cancel: cancelMock,
+        dispose: disposeMock,
+      })
+    })
+
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+          modelOptions: { sessionId: 'sess-gone' },
+        }),
+      ),
+    )
+    expect(promptSpy).toHaveBeenCalledWith(
+      'Previous conversation:\nUser: first\nAssistant: answer\n\nfollow-up',
+    )
+    // The fresh session id is surfaced so the client can re-sync.
+    expect(chunks.find((c) => c.type === 'CUSTOM')).toMatchObject({
+      value: { sessionId: 'sess-fresh' },
+    })
+  })
+
+  it('prepends system prompts to the prompt text', async () => {
+    const promptSpy = vi.fn()
+    startAcpSessionMock.mockImplementation((options) => {
+      capturedOptions = options
+      return Promise.resolve({
+        sessionId: 'sess-1',
+        resumed: false,
+        prompt: (text: string) => {
+          promptSpy(text)
+          return Promise.resolve({ stopReason: 'end_turn' as const })
+        },
+        cancel: cancelMock,
+        dispose: disposeMock,
+      })
+    })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(
+      adapter.chatStream(
+        makeOptions({ systemPrompts: ['Be terse.', 'Use tabs.'] }),
+      ),
+    )
+    expect(promptSpy).toHaveBeenCalledWith('Be terse.\n\nUse tabs.\n\nhello')
+  })
+
+  it('starts the MCP bridge and hands its URL to the session when tools are passed', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'lookup_user',
+              description: 'Look up a user',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => ({ ok: true }),
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(startToolBridgeMock).toHaveBeenCalledTimes(1)
+    expect(capturedOptions).toMatchObject({
+      mcpServers: [{ name: 'tanstack', url: 'http://127.0.0.1:7777/mcp' }],
+    })
+    expect(bridgeCloseMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('does not start the bridge when no tools are passed', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(adapter.chatStream(makeOptions()))
+    expect(startToolBridgeMock).not.toHaveBeenCalled()
+    expect(capturedOptions?.mcpServers).toBeUndefined()
+  })
+
+  it('wires the default permission policy through the session options', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview', {
+      permissionMode: 'acceptEdits',
+    })
+    await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'lookup_user',
+              description: 'Look up a user',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => ({ ok: true }),
+            } as never,
+          ],
+        }),
+      ),
+    )
+
+    const handler = capturedOptions!.onPermissionRequest
+    const options = [
+      { optionId: 'yes', name: 'Allow', kind: 'allow_once' as const },
+      { optionId: 'no', name: 'Reject', kind: 'reject_once' as const },
+    ]
+
+    await expect(
+      Promise.resolve(
+        handler({
+          sessionId: 's',
+          toolCall: {
+            toolCallId: 't1',
+            title: 'lookup_user (tanstack MCP Server)',
+            kind: 'other',
+          },
+          options,
+        }),
+      ),
+    ).resolves.toEqual({ outcome: 'selected', optionId: 'yes' })
+
+    await expect(
+      Promise.resolve(
+        handler({
+          sessionId: 's',
+          toolCall: { toolCallId: 't2', title: 'Edit file', kind: 'edit' },
+          options,
+        }),
+      ),
+    ).resolves.toEqual({ outcome: 'selected', optionId: 'yes' })
+
+    await expect(
+      Promise.resolve(
+        handler({
+          sessionId: 's',
+          toolCall: { toolCallId: 't3', title: 'Run command', kind: 'execute' },
+          options,
+        }),
+      ),
+    ).resolves.toEqual({ outcome: 'selected', optionId: 'no' })
+  })
+
+  it('lets a custom onPermissionRequest replace the default policy', async () => {
+    const custom = vi.fn().mockResolvedValue({ outcome: 'cancelled' })
+    const adapter = geminiCliText('gemini-3-pro-preview', {
+      onPermissionRequest: custom,
+    })
+    await collect(adapter.chatStream(makeOptions()))
+    expect(capturedOptions!.onPermissionRequest).toBe(custom)
+  })
+
+  it('cancels the harness turn when the abort signal fires', async () => {
+    let resolvePrompt: (() => void) | undefined
+    startAcpSessionMock.mockImplementation((options) => {
+      capturedOptions = options
+      return Promise.resolve({
+        sessionId: 'sess-1',
+        resumed: false,
+        prompt: () =>
+          new Promise((resolve) => {
+            resolvePrompt = () => resolve({ stopReason: 'cancelled' as const })
+          }),
+        cancel: cancelMock.mockImplementation(() => {
+          resolvePrompt?.()
+          return Promise.resolve()
+        }),
+        dispose: disposeMock,
+      })
+    })
+
+    const controller = new AbortController()
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const collected = collect(
+      adapter.chatStream(makeOptions({ abortController: controller })),
+    )
+    // Give the stream a beat to start the session, then abort.
+    await new Promise((resolve) => setTimeout(resolve, 0))
+    controller.abort()
+    const chunks = await collected
+    expect(cancelMock).toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_FINISHED',
+      finishReason: 'stop',
+    })
+  })
+
+  it('disposes the session after the stream completes', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await collect(adapter.chatStream(makeOptions()))
+    expect(disposeMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('emits RUN_ERROR and disposes when the prompt fails', async () => {
+    scriptSession({ promptError: new Error('connection lost') })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'connection lost',
+    })
+    expect(disposeMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('emits RUN_ERROR when the CLI cannot be spawned', async () => {
+    startAcpSessionMock.mockRejectedValue(new Error('gemini not found'))
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(adapter.chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'gemini not found',
+    })
+  })
+
+  it('emits RUN_ERROR for client-side tools (no execute)', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'client_only',
+              description: 'runs in browser',
+              inputSchema: { type: 'object', properties: {} },
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(startAcpSessionMock).not.toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+    expect((chunks.at(-1) as { message: string }).message).toMatch(
+      /client-side/i,
+    )
+  })
+
+  it('emits RUN_ERROR for approval-gated tools', async () => {
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const chunks = await collect(
+      adapter.chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'needs_ok',
+              description: 'requires approval',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => 'x',
+              needsApproval: true,
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+  })
+})
+
+describe('structuredOutput', () => {
+  it('embeds the schema in the prompt and parses the JSON response', async () => {
+    const promptSpy = vi.fn()
+    startAcpSessionMock.mockImplementation((options) => {
+      capturedOptions = options
+      return Promise.resolve({
+        sessionId: 'sess-so',
+        resumed: false,
+        prompt: (text: string) => {
+          promptSpy(text)
+          options.onUpdate(textUpdate('{"answer":42}'))
+          return Promise.resolve({
+            stopReason: 'end_turn' as const,
+            usage: { inputTokens: 7, outputTokens: 3, totalTokens: 10 },
+          })
+        },
+        cancel: cancelMock,
+        dispose: disposeMock,
+      })
+    })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: {
+        type: 'object',
+        properties: { answer: { type: 'number' } },
+      },
+    })
+    expect(result.data).toEqual({ answer: 42 })
+    expect(result.rawText).toBe('{"answer":42}')
+    expect(result.usage).toMatchObject({
+      promptTokens: 7,
+      completionTokens: 3,
+      totalTokens: 10,
+    })
+    expect(promptSpy.mock.calls[0]![0]).toContain('JSON Schema')
+    expect(promptSpy.mock.calls[0]![0]).toContain('"answer"')
+    expect(disposeMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('strips markdown fences from the response', async () => {
+    scriptSession({
+      updates: [textUpdate('```json\n{"answer":7}\n```')],
+    })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: { type: 'object' },
+    })
+    expect(result.data).toEqual({ answer: 7 })
+  })
+
+  it('extracts JSON embedded in prose', async () => {
+    scriptSession({
+      updates: [textUpdate('Sure! Here you go: {"answer":1} Hope that helps.')],
+    })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    const result = await adapter.structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: { type: 'object' },
+    })
+    expect(result.data).toEqual({ answer: 1 })
+  })
+
+  it('throws when the harness refuses', async () => {
+    scriptSession({
+      updates: [textUpdate('no')],
+      stopReason: 'refusal',
+    })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await expect(
+      adapter.structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/refused/)
+  })
+
+  it('throws when the run produces no text', async () => {
+    scriptSession({ updates: [] })
+    const adapter = geminiCliText('gemini-3-pro-preview')
+    await expect(
+      adapter.structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/without a response/)
+  })
+})
diff --git a/packages/ai-gemini-cli/tests/translate.test.ts b/packages/ai-gemini-cli/tests/translate.test.ts
new file mode 100644
index 000000000..d93a7c7b7
--- /dev/null
+++ b/packages/ai-gemini-cli/tests/translate.test.ts
@@ -0,0 +1,435 @@
+import { describe, expect, it } from 'vitest'
+import {
+  PLAN_EVENT,
+  SESSION_ID_EVENT,
+  matchBridgedToolName,
+  translateAcpStream,
+} from '../src/stream/translate'
+import type { AcpStreamEvent, TranslateContext } from '../src/stream/translate'
+import type { StreamChunk } from '@tanstack/ai'
+
+function makeCtx(overrides: Partial<TranslateContext> = {}): TranslateContext {
+  let id = 0
+  return {
+    model: 'gemini-3-pro-preview',
+    runId: 'run-1',
+    threadId: 'thread-1',
+    genId: () => `gen-${++id}`,
+    ...overrides,
+  }
+}
+
+async function* fromArray(
+  events: Array<AcpStreamEvent>,
+): AsyncIterable<AcpStreamEvent> {
+  for (const event of events) yield event
+}
+
+async function collect(
+  events: Array<AcpStreamEvent>,
+  ctx: TranslateContext = makeCtx(),
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of translateAcpStream(fromArray(events), ctx)) {
+    chunks.push(chunk)
+  }
+  return chunks
+}
+
+const session: AcpStreamEvent = { kind: 'session', sessionId: 'sess-1' }
+const done: AcpStreamEvent = { kind: 'done', stopReason: 'end_turn' }
+
+function text(value: string): AcpStreamEvent {
+  return {
+    kind: 'update',
+    update: {
+      sessionUpdate: 'agent_message_chunk',
+      content: { type: 'text', text: value },
+    },
+  }
+}
+
+function thought(value: string): AcpStreamEvent {
+  return {
+    kind: 'update',
+    update: {
+      sessionUpdate: 'agent_thought_chunk',
+      content: { type: 'text', text: value },
+    },
+  }
+}
+
+describe('translateAcpStream', () => {
+  it('translates streamed text deltas into one accumulated message', async () => {
+    const chunks = await collect([session, text('Hel'), text('lo'), done])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[1]).toMatchObject({
+      name: SESSION_ID_EVENT,
+      value: { sessionId: 'sess-1' },
+    })
+    expect(chunks[3]).toMatchObject({ delta: 'Hel', content: 'Hel' })
+    expect(chunks[4]).toMatchObject({ delta: 'lo', content: 'Hello' })
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('translates thought chunks into reasoning events', async () => {
+    const chunks = await collect([
+      session,
+      thought('hmm '),
+      thought('ok'),
+      text('answer'),
+      done,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'REASONING_START',
+      'REASONING_MESSAGE_START',
+      'REASONING_MESSAGE_CONTENT',
+      'REASONING_MESSAGE_CONTENT',
+      'REASONING_MESSAGE_END',
+      'REASONING_END',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+  })
+
+  it('closes an open text message when a tool call interleaves, then reopens', async () => {
+    const chunks = await collect([
+      session,
+      text('Let me check. '),
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call',
+          toolCallId: 'tc-1',
+          title: 'Reading file',
+          kind: 'read',
+          status: 'in_progress',
+          rawInput: { path: 'a.ts' },
+        },
+      },
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call_update',
+          toolCallId: 'tc-1',
+          status: 'completed',
+          rawOutput: 'contents',
+        },
+      },
+      text('Done.'),
+      done,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[5]).toMatchObject({
+      toolCallId: 'tc-1',
+      toolCallName: 'read',
+    })
+    expect(chunks[6]).toMatchObject({
+      args: JSON.stringify({ title: 'Reading file', path: 'a.ts' }),
+    })
+    expect(chunks[8]).toMatchObject({ content: 'contents' })
+  })
+
+  it('marks failed tool calls as output-error', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call',
+          toolCallId: 'tc-2',
+          kind: 'execute',
+          status: 'in_progress',
+        },
+      },
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call_update',
+          toolCallId: 'tc-2',
+          status: 'failed',
+          rawOutput: { error: 'denied' },
+        },
+      },
+      done,
+    ])
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      state: 'output-error',
+      content: JSON.stringify({ error: 'denied' }),
+    })
+  })
+
+  it('resolves a tool_call that arrives already completed', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call',
+          toolCallId: 'tc-3',
+          kind: 'search',
+          status: 'completed',
+          content: [
+            { type: 'content', content: { type: 'text', text: 'found it' } },
+          ],
+        },
+      },
+      done,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[5]).toMatchObject({ content: 'found it' })
+  })
+
+  it('opens a synthetic pair for a tool_call_update with an unknown id', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call_update',
+          toolCallId: 'tc-mystery',
+          status: 'completed',
+          rawOutput: 'late result',
+        },
+      },
+      done,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'RUN_FINISHED',
+    ])
+  })
+
+  it('surfaces bridged TanStack tool calls under their registered names', async () => {
+    const chunks = await collect(
+      [
+        session,
+        {
+          kind: 'update',
+          update: {
+            sessionUpdate: 'tool_call',
+            toolCallId: 'tc-4',
+            title: 'lookup_user (tanstack MCP Server)',
+            kind: 'other',
+            status: 'completed',
+            rawOutput: '{"name":"Ada"}',
+          },
+        },
+        done,
+      ],
+      makeCtx({ bridgedToolNames: new Set(['lookup_user']) }),
+    )
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_START')).toMatchObject({
+      toolCallName: 'lookup_user',
+    })
+  })
+
+  it('emits plan updates as CUSTOM events', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'plan',
+          entries: [{ content: 'step 1', status: 'pending' }],
+        },
+      },
+      done,
+    ])
+    expect(chunks[2]).toMatchObject({
+      type: 'CUSTOM',
+      name: PLAN_EVENT,
+      value: { entries: [{ content: 'step 1', status: 'pending' }] },
+    })
+  })
+
+  it('maps max_tokens and max_turn_requests to finishReason length', async () => {
+    for (const stopReason of ['max_tokens', 'max_turn_requests'] as const) {
+      const chunks = await collect([session, { kind: 'done', stopReason }])
+      expect(chunks.at(-1)).toMatchObject({
+        type: 'RUN_FINISHED',
+        finishReason: 'length',
+      })
+    }
+  })
+
+  it('maps cancelled to a normal stop', async () => {
+    const chunks = await collect([
+      session,
+      { kind: 'done', stopReason: 'cancelled' },
+    ])
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_FINISHED',
+      finishReason: 'stop',
+    })
+  })
+
+  it('maps refusal to RUN_ERROR', async () => {
+    const chunks = await collect([
+      session,
+      { kind: 'done', stopReason: 'refusal' },
+    ])
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR', code: 'refusal' })
+  })
+
+  it('reports usage from the prompt response when present', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'done',
+        stopReason: 'end_turn',
+        usage: {
+          inputTokens: 50,
+          outputTokens: 10,
+          totalTokens: 60,
+          cachedReadTokens: 20,
+          thoughtTokens: 4,
+        },
+      },
+    ])
+    const finished = chunks.at(-1) as unknown as {
+      usage: Record<string, unknown>
+    }
+    expect(finished.usage).toMatchObject({
+      promptTokens: 50,
+      completionTokens: 10,
+      totalTokens: 60,
+      promptTokensDetails: { cachedTokens: 20 },
+      completionTokensDetails: { reasoningTokens: 4 },
+    })
+  })
+
+  it('omits usage when the harness reports none', async () => {
+    const chunks = await collect([session, done])
+    expect(
+      (chunks.at(-1) as unknown as { usage?: unknown }).usage,
+    ).toBeUndefined()
+  })
+
+  it('closes open messages and synthesizes results before finishing', async () => {
+    const chunks = await collect([
+      session,
+      text('working...'),
+      {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call',
+          toolCallId: 'tc-5',
+          kind: 'execute',
+          status: 'in_progress',
+        },
+      },
+      done,
+    ])
+    const types: Array<string> = chunks.map((c) => c.type)
+    expect(types.indexOf('TOOL_CALL_RESULT')).toBeGreaterThan(-1)
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+    expect(types.at(-1)).toBe('RUN_FINISHED')
+  })
+
+  it('synthesizes results then rethrows when the source stream throws', async () => {
+    async function* failing(): AsyncIterable<AcpStreamEvent> {
+      yield session
+      yield {
+        kind: 'update',
+        update: {
+          sessionUpdate: 'tool_call',
+          toolCallId: 'tc-6',
+          kind: 'execute',
+          status: 'in_progress',
+        },
+      }
+      throw new Error('process died')
+    }
+
+    const chunks: Array<StreamChunk> = []
+    await expect(async () => {
+      for await (const chunk of translateAcpStream(failing(), makeCtx())) {
+        chunks.push(chunk)
+      }
+    }).rejects.toThrow('process died')
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'TOOL_CALL_RESULT',
+      toolCallId: 'tc-6',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+  })
+
+  it('ignores harness-internal update types', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'update',
+        update: { sessionUpdate: 'available_commands_update' },
+      },
+      { kind: 'update', update: { sessionUpdate: 'current_mode_update' } },
+      done,
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'RUN_FINISHED',
+    ])
+  })
+})
+
+describe('matchBridgedToolName', () => {
+  const names = new Set(['lookup_user', 'get_weather'])
+
+  it('matches exact tool names', () => {
+    expect(matchBridgedToolName('lookup_user', names)).toBe('lookup_user')
+  })
+
+  it('matches server-suffixed titles', () => {
+    expect(
+      matchBridgedToolName('get_weather (tanstack MCP Server)', names),
+    ).toBe('get_weather')
+  })
+
+  it('returns undefined for unrelated titles', () => {
+    expect(matchBridgedToolName('Run shell command', names)).toBeUndefined()
+    expect(matchBridgedToolName(undefined, names)).toBeUndefined()
+    expect(matchBridgedToolName('lookup_user', undefined)).toBeUndefined()
+  })
+})
diff --git a/packages/ai-gemini-cli/tsconfig.json b/packages/ai-gemini-cli/tsconfig.json
new file mode 100644
index 000000000..c38689f4e
--- /dev/null
+++ b/packages/ai-gemini-cli/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "dist"
+  },
+  "include": ["src", "tests"],
+  "exclude": ["node_modules", "dist"]
+}
diff --git a/packages/ai-gemini-cli/vite.config.ts b/packages/ai-gemini-cli/vite.config.ts
new file mode 100644
index 000000000..11f5b20b7
--- /dev/null
+++ b/packages/ai-gemini-cli/vite.config.ts
@@ -0,0 +1,37 @@
+import { defineConfig, mergeConfig } from 'vitest/config'
+import { tanstackViteConfig } from '@tanstack/vite-config'
+import packageJson from './package.json'
+
+const config = defineConfig({
+  test: {
+    name: packageJson.name,
+    dir: './',
+    watch: false,
+
+    globals: true,
+    environment: 'node',
+    include: ['tests/**/*.test.ts'],
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'json', 'html', 'lcov'],
+      exclude: [
+        'node_modules/',
+        'dist/',
+        'tests/',
+        '**/*.test.ts',
+        '**/*.config.ts',
+        '**/types.ts',
+      ],
+      include: ['src/**/*.ts'],
+    },
+  },
+})
+
+export default mergeConfig(
+  config,
+  tanstackViteConfig({
+    entry: ['./src/index.ts'],
+    srcDir: './src',
+    cjs: false,
+  }),
+)
diff --git a/packages/ai-opencode/README.md b/packages/ai-opencode/README.md
new file mode 100644
index 000000000..80f12e243
--- /dev/null
+++ b/packages/ai-opencode/README.md
@@ -0,0 +1,18 @@
+# @tanstack/ai-opencode
+
+OpenCode harness adapter for [TanStack AI](https://tanstack.com/ai) — run [OpenCode](https://opencode.ai) (via `@opencode-ai/sdk`) as a chat backend with local tool execution, token-level streaming, stateful sessions, and TanStack tool bridging.
+
+```typescript
+import { chat } from '@tanstack/ai'
+import { opencodeText } from '@tanstack/ai-opencode'
+
+const stream = chat({
+  adapter: opencodeText('anthropic/claude-sonnet-4-5', {
+    directory: '/path/to/project',
+    permissionMode: 'acceptEdits',
+  }),
+  messages: [{ role: 'user', content: 'Fix the failing test.' }],
+})
+```
+
+Server-only (Node); requires the `opencode` CLI installed and authenticated. See the [OpenCode adapter docs](https://tanstack.com/ai/latest/docs/adapters/opencode) for sessions, tool bridging, permissions, and limitations.
diff --git a/packages/ai-opencode/package.json b/packages/ai-opencode/package.json
new file mode 100644
index 000000000..f3a85c28c
--- /dev/null
+++ b/packages/ai-opencode/package.json
@@ -0,0 +1,58 @@
+{
+  "name": "@tanstack/ai-opencode",
+  "version": "0.1.0",
+  "description": "OpenCode harness adapter for TanStack AI — run OpenCode as a chat backend with local tool execution and stateful sessions.",
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TanStack/ai.git",
+    "directory": "packages/ai-opencode"
+  },
+  "keywords": [
+    "ai",
+    "ai-sdk",
+    "typescript",
+    "tanstack",
+    "opencode",
+    "harness",
+    "agent",
+    "adapter",
+    "chat",
+    "tool-calling"
+  ],
+  "type": "module",
+  "module": "./dist/esm/index.js",
+  "types": "./dist/esm/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/esm/index.d.ts",
+      "import": "./dist/esm/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "build": "vite build",
+    "clean": "premove ./build ./dist",
+    "lint:fix": "eslint ./src --fix",
+    "test:build": "publint --strict",
+    "test:eslint": "eslint ./src",
+    "test:lib": "vitest",
+    "test:lib:dev": "pnpm test:lib --watch",
+    "test:types": "tsc"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "@opencode-ai/sdk": "^1.17.4"
+  },
+  "peerDependencies": {
+    "@tanstack/ai": "workspace:^"
+  },
+  "devDependencies": {
+    "@tanstack/ai": "workspace:*",
+    "@vitest/coverage-v8": "4.0.14"
+  }
+}
diff --git a/packages/ai-opencode/src/adapters/text.ts b/packages/ai-opencode/src/adapters/text.ts
new file mode 100644
index 000000000..0d287d82b
--- /dev/null
+++ b/packages/ai-opencode/src/adapters/text.ts
@@ -0,0 +1,407 @@
+import { EventType, normalizeSystemPrompts } from '@tanstack/ai'
+import { toRunErrorRawEvent } from '@tanstack/ai/adapter-internals'
+import { BaseTextAdapter } from '@tanstack/ai/adapters'
+import { buildPrompt } from '../messages/prompt'
+import { startToolBridge } from '../tools/bridge'
+import { startOpencodeSession } from '../process/server'
+import { resolvePermission } from '../process/permissions'
+import { AsyncQueue } from '../stream/queue'
+import {
+  BRIDGED_MCP_SERVER_NAME,
+  translateOpencodeStream,
+} from '../stream/translate'
+import type {
+  StructuredOutputOptions,
+  StructuredOutputResult,
+} from '@tanstack/ai/adapters'
+import type {
+  AnyTool,
+  DefaultMessageMetadataByModality,
+  Modality,
+  StreamChunk,
+  TextOptions,
+} from '@tanstack/ai'
+import type { Config } from '@opencode-ai/sdk'
+import type { OpencodeSessionHandle } from '../process/server'
+import type {
+  OpencodePermissionMode,
+  PermissionHandler,
+} from '../process/permissions'
+import type { OpencodeStreamEvent } from '../stream/sdk-types'
+import type { OpencodeModel } from '../model-meta'
+import type { OpencodeTextProviderOptions } from '../provider-options'
+import type { ToolBridgeHandle } from '../tools/bridge'
+
+export interface OpencodeTextConfig {
+  /** Working directory for the harness session. Defaults to `process.cwd()`. */
+  directory?: string
+  /**
+   * Attach to an already-running `opencode serve` instead of spawning a new
+   * server for each turn (e.g. `http://127.0.0.1:4096`). When omitted, the
+   * adapter boots and tears down its own server per turn.
+   */
+  baseUrl?: string
+  /** Hostname for the spawned server. Defaults to the SDK default (`127.0.0.1`). */
+  hostname?: string
+  /** Port for the spawned server. Defaults to the SDK default (`4096`). */
+  port?: number
+  /**
+   * OpenCode permission mode. Without an explicit mode or a custom
+   * `onPermissionRequest`, the adapter's default policy auto-allows bridged
+   * TanStack tools and rejects anything else that would normally prompt —
+   * set `'acceptEdits'` / `'bypassPermissions'` to let the harness edit files
+   * and run commands on a headless server.
+   */
+  permissionMode?: OpencodePermissionMode
+  /** Custom permission handler; replaces the adapter's default policy. */
+  onPermissionRequest?: PermissionHandler
+  /** Extra OpenCode config merged with the adapter's mcp/permission config. */
+  config?: Config
+}
+
+function validateTools(tools: Array<AnyTool> | undefined): void {
+  if (!tools || tools.length === 0) return
+  const unsupported = tools.filter(
+    (tool) => typeof tool.execute !== 'function' || tool.needsApproval === true,
+  )
+  if (unsupported.length > 0) {
+    throw new Error(
+      `OpenCode harness cannot execute client-side or approval-gated tools: ${unsupported
+        .map((tool) => tool.name)
+        .join(
+          ', ',
+        )}. Provide server execute() implementations without needsApproval, or run these tools outside the harness.`,
+    )
+  }
+}
+
+/** Split a `provider/model` id into its provider and model halves. */
+function splitModel(model: string): { providerID: string; modelID: string } {
+  const slash = model.indexOf('/')
+  if (slash <= 0 || slash === model.length - 1) {
+    throw new Error(
+      `OpenCode models must be addressed as "provider/model" (e.g. "anthropic/claude-sonnet-4-5"); received "${model}".`,
+    )
+  }
+  return { providerID: model.slice(0, slash), modelID: model.slice(slash + 1) }
+}
+
+/** Baseline server permission config for a mode (the dynamic policy still runs). */
+function permissionConfig(
+  mode: OpencodePermissionMode,
+): NonNullable<Config['permission']> {
+  switch (mode) {
+    case 'bypassPermissions':
+      return { edit: 'allow', bash: 'allow', webfetch: 'allow' }
+    case 'acceptEdits':
+      return { edit: 'allow', bash: 'ask', webfetch: 'ask' }
+    case 'default':
+      return { edit: 'ask', bash: 'ask', webfetch: 'ask' }
+  }
+}
+
+/** Extract the first JSON object/array from possibly fenced model output. */
+function extractJson(text: string): unknown {
+  const trimmed = text.trim()
+  const unfenced = trimmed.startsWith('```')
+    ? trimmed.replace(/^```[a-zA-Z]*\n?/, '').replace(/\n?```$/, '')
+    : trimmed
+  try {
+    return JSON.parse(unfenced)
+  } catch {
+    const start = unfenced.search(/[{[]/)
+    if (start === -1) {
+      throw new Error(
+        `OpenCode structured output is not valid JSON: ${text.slice(0, 200)}`,
+      )
+    }
+    const end = Math.max(unfenced.lastIndexOf('}'), unfenced.lastIndexOf(']'))
+    return JSON.parse(unfenced.slice(start, end + 1))
+  }
+}
+
+export class OpencodeTextAdapter<
+  TModel extends OpencodeModel,
+> extends BaseTextAdapter<
+  TModel,
+  OpencodeTextProviderOptions,
+  ReadonlyArray<Modality> & readonly ['text'],
+  DefaultMessageMetadataByModality,
+  ReadonlyArray<string>,
+  unknown,
+  never
+> {
+  readonly name = 'opencode' as const
+
+  private readonly adapterConfig: OpencodeTextConfig
+
+  constructor(config: OpencodeTextConfig, model: TModel) {
+    super({}, model)
+    this.adapterConfig = config
+  }
+
+  async *chatStream(
+    options: TextOptions<OpencodeTextProviderOptions>,
+  ): AsyncIterable<StreamChunk> {
+    const { logger } = options
+    let bridge: ToolBridgeHandle | undefined
+    let handle: OpencodeSessionHandle | undefined
+    const externalSignal =
+      options.abortController?.signal ?? options.request?.signal ?? undefined
+    let onAbort: (() => void) | undefined
+
+    try {
+      validateTools(options.tools)
+
+      const modelOptions = options.modelOptions
+      const sessionId = modelOptions?.sessionId
+      // Validates the trailing user message up front (throws before any
+      // server is spawned) and prepares the resume-path prompt.
+      const { prompt: resumePrompt } = buildPrompt(options.messages, sessionId)
+      const { providerID, modelID } = splitModel(this.model)
+
+      if (options.tools && options.tools.length > 0) {
+        bridge = await startToolBridge(options.tools)
+      }
+      const bridgedToolNames = new Set(
+        (options.tools ?? []).map((tool) => tool.name),
+      )
+
+      const queue = new AsyncQueue<OpencodeStreamEvent>()
+      const mode =
+        modelOptions?.permissionMode ??
+        this.adapterConfig.permissionMode ??
+        'default'
+      const permissionHandler: PermissionHandler =
+        this.adapterConfig.onPermissionRequest ??
+        ((request) => resolvePermission(request, mode, bridgedToolNames))
+
+      logger.request(
+        `activity=chat provider=opencode model=${this.model} messages=${options.messages.length} tools=${options.tools?.length ?? 0} resume=${sessionId ?? 'none'}`,
+        { provider: 'opencode', model: this.model },
+      )
+
+      handle = await startOpencodeSession({
+        ...(this.adapterConfig.baseUrl !== undefined && {
+          baseUrl: this.adapterConfig.baseUrl,
+        }),
+        ...(this.adapterConfig.hostname !== undefined && {
+          hostname: this.adapterConfig.hostname,
+        }),
+        ...(this.adapterConfig.port !== undefined && {
+          port: this.adapterConfig.port,
+        }),
+        ...(this.adapterConfig.config !== undefined && {
+          config: this.adapterConfig.config,
+        }),
+        directory:
+          modelOptions?.directory ??
+          this.adapterConfig.directory ??
+          process.cwd(),
+        providerID,
+        modelID,
+        permission: permissionConfig(mode),
+        ...(bridge !== undefined && {
+          mcpServers: [{ name: BRIDGED_MCP_SERVER_NAME, url: bridge.url }],
+        }),
+        ...(sessionId !== undefined && { resumeSessionId: sessionId }),
+        onEvent: (event) => queue.push({ kind: 'event', event }),
+        onPermissionRequest: permissionHandler,
+        onError: (error) => queue.fail(error),
+      })
+      const session = handle
+
+      if (externalSignal !== undefined) {
+        onAbort = () => void session.abort().catch(() => undefined)
+        if (externalSignal.aborted) onAbort()
+        else externalSignal.addEventListener('abort', onAbort, { once: true })
+      }
+
+      queue.push({ kind: 'session', sessionId: session.sessionId })
+
+      // When resume was requested but the server no longer has the session,
+      // fall back to seeding a fresh session with the whole transcript.
+      const promptText = this.applySystemPrompts(
+        options,
+        session.resumed || sessionId === undefined
+          ? resumePrompt
+          : buildPrompt(options.messages, undefined).prompt,
+      )
+
+      session
+        .prompt(promptText)
+        .then(({ message }) => {
+          queue.push({ kind: 'done', message })
+          queue.end()
+        })
+        .catch((error: unknown) => queue.fail(error))
+
+      yield* translateOpencodeStream(queue, {
+        model: this.model,
+        runId: options.runId ?? this.generateId(),
+        threadId: options.threadId ?? this.generateId(),
+        ...(options.parentRunId !== undefined && {
+          parentRunId: options.parentRunId,
+        }),
+        genId: () => this.generateId(),
+        bridgedToolNames,
+        onStreamEvent: (event) =>
+          logger.provider(`provider=opencode kind=${event.kind}`, {
+            chunk: event,
+          }),
+      })
+    } catch (error: unknown) {
+      const err = error as Error & { code?: string }
+      const rawEvent = toRunErrorRawEvent(error)
+      logger.errors('opencode.chatStream fatal', {
+        error,
+        source: 'opencode.chatStream',
+      })
+      yield {
+        type: EventType.RUN_ERROR,
+        model: options.model,
+        timestamp: Date.now(),
+        message: err.message || 'Unknown error occurred',
+        ...(err.code !== undefined && { code: err.code }),
+        ...(rawEvent !== undefined && { rawEvent }),
+        error: {
+          message: err.message || 'Unknown error occurred',
+          ...(err.code !== undefined && { code: err.code }),
+        },
+      }
+    } finally {
+      if (externalSignal !== undefined && onAbort !== undefined) {
+        externalSignal.removeEventListener('abort', onAbort)
+      }
+      await handle?.dispose()
+      await bridge?.close()
+    }
+  }
+
+  /**
+   * Structured output, best-effort: OpenCode's typed prompt API has no native
+   * JSON-schema channel, so the schema is embedded as a prompt instruction in
+   * a fresh one-shot session and the final text is parsed (markdown fences are
+   * stripped when present). Runs with the default deny-everything permission
+   * policy.
+   */
+  async structuredOutput(
+    options: StructuredOutputOptions<OpencodeTextProviderOptions>,
+  ): Promise<StructuredOutputResult<unknown>> {
+    const { chatOptions, outputSchema } = options
+    const { logger } = chatOptions
+
+    // Fresh one-shot run: deliberately no resume, so finalization never
+    // mutates the caller's interactive session. No bridge either — tools are
+    // a chat concern.
+    const { prompt } = buildPrompt(chatOptions.messages, undefined)
+    const { providerID, modelID } = splitModel(this.model)
+    const instruction = `Respond with ONLY a JSON value that conforms to this JSON Schema — no prose, no markdown fences:\n${JSON.stringify(outputSchema)}`
+    const promptText = this.applySystemPrompts(
+      chatOptions,
+      `${prompt}\n\n${instruction}`,
+    )
+
+    logger.request(
+      `activity=structured-output provider=opencode model=${this.model}`,
+      { provider: 'opencode', model: this.model },
+    )
+
+    const handle = await startOpencodeSession({
+      ...(this.adapterConfig.baseUrl !== undefined && {
+        baseUrl: this.adapterConfig.baseUrl,
+      }),
+      ...(this.adapterConfig.hostname !== undefined && {
+        hostname: this.adapterConfig.hostname,
+      }),
+      ...(this.adapterConfig.port !== undefined && {
+        port: this.adapterConfig.port,
+      }),
+      ...(this.adapterConfig.config !== undefined && {
+        config: this.adapterConfig.config,
+      }),
+      directory:
+        chatOptions.modelOptions?.directory ??
+        this.adapterConfig.directory ??
+        process.cwd(),
+      providerID,
+      modelID,
+      permission: permissionConfig('default'),
+      onEvent: () => undefined,
+      onPermissionRequest: (request) =>
+        resolvePermission(request, 'default', undefined),
+    })
+
+    let rawText = ''
+    let usage: { input?: number; output?: number } | undefined
+    try {
+      const result = await handle.prompt(promptText)
+      rawText = result.text
+      usage = result.message.tokens
+      if (result.message.error) {
+        throw new Error(
+          result.message.error.data?.message ?? result.message.error.name,
+        )
+      }
+    } finally {
+      await handle.dispose()
+    }
+
+    if (rawText.trim() === '') {
+      throw new Error(
+        'OpenCode run ended without a response during structured output generation.',
+      )
+    }
+
+    const promptTokens = usage?.input ?? 0
+    const completionTokens = usage?.output ?? 0
+    return {
+      data: extractJson(rawText),
+      rawText,
+      usage: {
+        promptTokens,
+        completionTokens,
+        totalTokens: promptTokens + completionTokens,
+      },
+    }
+  }
+
+  /**
+   * OpenCode prompts have no separate system-prompt channel here, so
+   * `systemPrompts` from `chat()` are prepended to the prompt text as an
+   * instruction preamble.
+   */
+  private applySystemPrompts(
+    options: TextOptions<OpencodeTextProviderOptions>,
+    prompt: string,
+  ): string {
+    const systemPrompts = normalizeSystemPrompts(options.systemPrompts)
+      .map((systemPrompt) => systemPrompt.content)
+      .filter((content) => content.trim() !== '')
+    if (systemPrompts.length === 0) return prompt
+    return `${systemPrompts.join('\n\n')}\n\n${prompt}`
+  }
+}
+
+/**
+ * Creates an OpenCode text adapter.
+ *
+ * Unlike HTTP provider adapters, this is a *harness* adapter: OpenCode runs
+ * its own agent loop and executes its own tools (shell commands, file edits,
+ * search, ...) locally, server-side. The adapter drives OpenCode over its
+ * HTTP server (`@opencode-ai/sdk`), so assistant text and reasoning stream as
+ * true token-level deltas. Each `chat()` call runs one full harness turn;
+ * harness tool activity streams back as already-resolved tool-call events, and
+ * the session id is surfaced via a CUSTOM `opencode.session-id` event so
+ * follow-up calls can resume the session through `modelOptions.sessionId`.
+ *
+ * Models are addressed as `provider/model` (e.g.
+ * `anthropic/claude-sonnet-4-5`). Requires the `opencode` CLI to be installed
+ * and its providers authenticated on the host (`npm i -g opencode-ai`).
+ */
+export function opencodeText<TModel extends OpencodeModel>(
+  model: TModel,
+  config: OpencodeTextConfig = {},
+): OpencodeTextAdapter<TModel> {
+  return new OpencodeTextAdapter(config, model)
+}
diff --git a/packages/ai-opencode/src/index.ts b/packages/ai-opencode/src/index.ts
new file mode 100644
index 000000000..72ba54d7e
--- /dev/null
+++ b/packages/ai-opencode/src/index.ts
@@ -0,0 +1,37 @@
+export { OpencodeTextAdapter, opencodeText } from './adapters/text'
+export type { OpencodeTextConfig } from './adapters/text'
+export type { OpencodeTextProviderOptions } from './provider-options'
+export { OPENCODE_MODELS } from './model-meta'
+export type { OpencodeModel, KnownOpencodeModel } from './model-meta'
+export {
+  SESSION_ID_EVENT,
+  TODO_EVENT,
+  BRIDGED_MCP_SERVER_NAME,
+  translateOpencodeStream,
+  resolveToolName,
+} from './stream/translate'
+export type { TranslateContext } from './stream/translate'
+export type {
+  OpencodeAssistantMessage,
+  OpencodeEvent,
+  OpencodePart,
+  OpencodeStreamEvent,
+  OpencodeTokens,
+  OpencodeToolState,
+} from './stream/sdk-types'
+export { resolvePermission, matchBridgedToolName } from './process/permissions'
+export type {
+  OpencodePermissionMode,
+  OpencodePermissionRequest,
+  OpencodePermissionResponse,
+  PermissionHandler,
+} from './process/permissions'
+export { startOpencodeSession } from './process/server'
+export type {
+  OpencodeSessionHandle,
+  StartOpencodeSessionOptions,
+} from './process/server'
+export { buildPrompt } from './messages/prompt'
+export type { BuiltPrompt } from './messages/prompt'
+export { startToolBridge } from './tools/bridge'
+export type { ToolBridgeHandle } from './tools/bridge'
diff --git a/packages/ai-opencode/src/messages/prompt.ts b/packages/ai-opencode/src/messages/prompt.ts
new file mode 100644
index 000000000..bb2824e17
--- /dev/null
+++ b/packages/ai-opencode/src/messages/prompt.ts
@@ -0,0 +1,67 @@
+import type { ModelMessage } from '@tanstack/ai'
+
+export interface BuiltPrompt {
+  prompt: string
+  /** OpenCode session id to resume, when the caller threaded one through. */
+  resume?: string
+}
+
+function extractText(content: ModelMessage['content']): string {
+  if (content === null) return ''
+  if (typeof content === 'string') return content
+  return content
+    .map((part) =>
+      part.type === 'text' && typeof part.content === 'string'
+        ? part.content
+        : '',
+    )
+    .join('')
+}
+
+/**
+ * Convert TanStack chat history into the OpenCode prompt + resume inputs.
+ *
+ * With a `sessionId`, the harness already holds the conversation context, so
+ * only the trailing user message is sent and the session is resumed. Without
+ * one, prior turns are flattened into a plain-text transcript preamble (tool
+ * messages and tool-call-only assistant turns are harness-internal noise and
+ * are skipped; prompts are text-only in v1).
+ */
+export function buildPrompt(
+  messages: Array<ModelMessage>,
+  sessionId: string | undefined,
+): BuiltPrompt {
+  const lastMessage = messages.at(-1)
+  const lastUserText =
+    lastMessage?.role === 'user' ? extractText(lastMessage.content).trim() : ''
+
+  if (!lastUserText) {
+    throw new Error(
+      'OpenCode adapter requires a trailing user message with text content.',
+    )
+  }
+
+  if (sessionId !== undefined) {
+    return { prompt: lastUserText, resume: sessionId }
+  }
+
+  const priorTurns = messages
+    .slice(0, -1)
+    .filter(
+      (message) =>
+        (message.role === 'user' || message.role === 'assistant') &&
+        extractText(message.content).trim() !== '',
+    )
+    .map(
+      (message) =>
+        `${message.role === 'user' ? 'User' : 'Assistant'}: ${extractText(message.content).trim()}`,
+    )
+
+  if (priorTurns.length === 0) {
+    return { prompt: lastUserText }
+  }
+
+  return {
+    prompt: `Previous conversation:\n${priorTurns.join('\n')}\n\n${lastUserText}`,
+  }
+}
diff --git a/packages/ai-opencode/src/model-meta.ts b/packages/ai-opencode/src/model-meta.ts
new file mode 100644
index 000000000..95a4e8efd
--- /dev/null
+++ b/packages/ai-opencode/src/model-meta.ts
@@ -0,0 +1,24 @@
+/**
+ * Models known to work with OpenCode. OpenCode is provider-agnostic — it
+ * resolves any `provider/model` id its configured providers support (via the
+ * Vercel AI SDK + Models.dev), so this list exists for autocomplete. Any
+ * string is accepted via the `(string & {})` escape hatch in
+ * {@link OpencodeModel}.
+ *
+ * Models are addressed as `provider_id/model_id` (e.g.
+ * `anthropic/claude-sonnet-4-5`); the adapter splits on the first `/`.
+ */
+export const OPENCODE_MODELS = [
+  'anthropic/claude-opus-4-5',
+  'anthropic/claude-sonnet-4-5',
+  'openai/gpt-5.2',
+  'openai/gpt-5.1-codex',
+  'google/gemini-3-pro-preview',
+  'opencode/claude-sonnet-4-5',
+  'opencode/gpt-5.1-codex',
+] as const
+
+export type KnownOpencodeModel = (typeof OPENCODE_MODELS)[number]
+
+/** Any `provider/model` id accepted by OpenCode; known ids get autocomplete. */
+export type OpencodeModel = KnownOpencodeModel | (string & {})
diff --git a/packages/ai-opencode/src/process/permissions.ts b/packages/ai-opencode/src/process/permissions.ts
new file mode 100644
index 000000000..a68b6b525
--- /dev/null
+++ b/packages/ai-opencode/src/process/permissions.ts
@@ -0,0 +1,83 @@
+/**
+ * Permission modes for the OpenCode adapter, mirroring the Claude Code and
+ * Gemini CLI adapters' semantics:
+ *
+ * - `'default'`: bridged TanStack tools run; anything else that asks for
+ *   permission is rejected with no prompt (a headless server must never hang
+ *   on an interactive question).
+ * - `'acceptEdits'`: additionally auto-approves file-mutation requests
+ *   (edit / write / patch).
+ * - `'bypassPermissions'`: approves everything.
+ */
+export type OpencodePermissionMode =
+  | 'default'
+  | 'acceptEdits'
+  | 'bypassPermissions'
+
+/** Structural subset of an OpenCode `permission.updated` payload. */
+export interface OpencodePermissionRequest {
+  id: string
+  sessionID: string
+  /** Permission category, e.g. `'edit'`, `'bash'`, `'webfetch'`, a tool id. */
+  type: string
+  title: string
+  /** Tool call id this permission gates, when it gates a tool. */
+  callID?: string
+}
+
+/** OpenCode permission reply: allow once, allow always, or reject. */
+export type OpencodePermissionResponse = 'once' | 'always' | 'reject'
+
+/** Custom permission handler; replaces the adapter's default policy. */
+export type PermissionHandler = (
+  request: OpencodePermissionRequest,
+) => Promise<OpencodePermissionResponse> | OpencodePermissionResponse
+
+/** Permission categories treated as file mutations for `'acceptEdits'`. */
+const EDIT_TYPES = new Set(['edit', 'write', 'patch'])
+
+/**
+ * Decide whether an OpenCode permission request targets one of the bridged
+ * TanStack tools. OpenCode names MCP tools `<server>_<tool>` (e.g.
+ * `tanstack_lookup_user`), so a request is bridged when its type or title is
+ * a registered tool name, or carries the `tanstack` server prefix.
+ */
+export function matchBridgedToolName(
+  request: OpencodePermissionRequest,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): boolean {
+  if (!bridgedToolNames || bridgedToolNames.size === 0) return false
+  for (const field of [request.type, request.title]) {
+    if (typeof field !== 'string' || field === '') continue
+    if (bridgedToolNames.has(field)) return true
+    if (field.startsWith('tanstack_') && bridgedToolNames.has(field.slice(9))) {
+      return true
+    }
+    if (field.startsWith('tanstack.') && bridgedToolNames.has(field.slice(9))) {
+      return true
+    }
+  }
+  return false
+}
+
+/**
+ * The adapter's default permission policy. Always answers immediately — never
+ * hangs a headless server on a question only an interactive user could
+ * answer.
+ */
+export function resolvePermission(
+  request: OpencodePermissionRequest,
+  mode: OpencodePermissionMode,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): OpencodePermissionResponse {
+  if (matchBridgedToolName(request, bridgedToolNames)) {
+    return 'once'
+  }
+  if (mode === 'bypassPermissions') {
+    return 'once'
+  }
+  if (mode === 'acceptEdits' && EDIT_TYPES.has(request.type)) {
+    return 'once'
+  }
+  return 'reject'
+}
diff --git a/packages/ai-opencode/src/process/server.ts b/packages/ai-opencode/src/process/server.ts
new file mode 100644
index 000000000..199ead3a5
--- /dev/null
+++ b/packages/ai-opencode/src/process/server.ts
@@ -0,0 +1,250 @@
+import { createOpencode, createOpencodeClient } from '@opencode-ai/sdk'
+import type { Config, Event, OpencodeClient, Part } from '@opencode-ai/sdk'
+import type {
+  OpencodeAssistantMessage,
+  OpencodeEvent,
+} from '../stream/sdk-types'
+import type {
+  OpencodePermissionRequest,
+  OpencodePermissionResponse,
+} from './permissions'
+
+/** A live OpenCode session backed by an `opencode serve` HTTP server. */
+export interface OpencodeSessionHandle {
+  sessionId: string
+  /** Whether an existing session was actually resumed. */
+  resumed: boolean
+  /**
+   * Run one prompt turn. Resolves with the final assistant message (finish
+   * reason, token usage, error) and its concatenated text once the harness
+   * goes idle. Streaming deltas arrive via `onEvent` while this is pending.
+   */
+  prompt: (
+    text: string,
+  ) => Promise<{ message: OpencodeAssistantMessage; text: string }>
+  /** Ask the harness to abort the in-flight prompt turn. */
+  abort: () => Promise<void>
+  /** Tear down the event subscription and (if owned) the server. */
+  dispose: () => Promise<void>
+}
+
+export interface StartOpencodeSessionOptions {
+  /** Connect to an already-running server instead of spawning one. */
+  baseUrl?: string
+  /** Hostname for the spawned server. Defaults to the SDK default. */
+  hostname?: string
+  /** Port for the spawned server. Defaults to the SDK default. */
+  port?: number
+  /** Working directory for the session (absolute path). */
+  directory: string
+  /** Provider id (the part before `/` in the model id). */
+  providerID: string
+  /** Model id (the part after `/` in the model id). */
+  modelID: string
+  /** Extra OpenCode config merged with the adapter's mcp/permission config. */
+  config?: Config
+  /** Baseline permission policy applied to the spawned server. */
+  permission?: Config['permission']
+  /** MCP servers (e.g. the TanStack tool bridge) for the session. */
+  mcpServers?: Array<{ name: string; url: string }>
+  /** Session id to resume; falls back to a fresh session when not found. */
+  resumeSessionId?: string
+  onEvent: (event: OpencodeEvent) => void
+  onPermissionRequest: (
+    request: OpencodePermissionRequest,
+  ) => Promise<OpencodePermissionResponse> | OpencodePermissionResponse
+  /** Called when the event subscription fails mid-turn. */
+  onError?: (error: unknown) => void
+}
+
+/** Locate the session id an OpenCode event belongs to, when it carries one. */
+function sessionIdOf(event: Event): string | undefined {
+  const props = event.properties as { sessionID?: string } | undefined
+  if (props?.sessionID !== undefined) return props.sessionID
+  if (event.type === 'message.part.updated') {
+    return event.properties.part.sessionID
+  }
+  if (event.type === 'message.updated') {
+    return event.properties.info.sessionID
+  }
+  if (event.type === 'permission.updated') {
+    return event.properties.sessionID
+  }
+  return undefined
+}
+
+function buildConfig(options: StartOpencodeSessionOptions): Config {
+  const mcp: NonNullable<Config['mcp']> = { ...options.config?.mcp }
+  for (const server of options.mcpServers ?? []) {
+    mcp[server.name] = { type: 'remote', url: server.url, enabled: true }
+  }
+  return {
+    ...options.config,
+    ...(Object.keys(mcp).length > 0 && { mcp }),
+    ...(options.permission !== undefined && { permission: options.permission }),
+  }
+}
+
+/**
+ * Boot (or attach to) an OpenCode HTTP server, resolve a session, and wire its
+ * event subscription + permission replies.
+ *
+ * This module is the only place that touches `@opencode-ai/sdk`; the rest of
+ * the package works with the structural types in `sdk-types.ts`.
+ *
+ * Resume semantics: when `resumeSessionId` is set and the server still knows
+ * the session (same machine, same data dir), it is reused. Otherwise a fresh
+ * session is created and `resumed: false` tells the adapter to send the
+ * flattened transcript.
+ */
+export async function startOpencodeSession(
+  options: StartOpencodeSessionOptions,
+): Promise<OpencodeSessionHandle> {
+  const { directory } = options
+
+  let client: OpencodeClient
+  let ownedServer: { close: () => void } | undefined
+
+  if (options.baseUrl !== undefined) {
+    client = createOpencodeClient({ baseUrl: options.baseUrl, directory })
+  } else {
+    const config = buildConfig(options)
+    const result = await createOpencode({
+      ...(options.hostname !== undefined && { hostname: options.hostname }),
+      ...(options.port !== undefined && { port: options.port }),
+      ...(Object.keys(config).length > 0 && { config }),
+    })
+    client = result.client
+    ownedServer = result.server
+  }
+
+  // Mutated from several closures (the subscription loop, dispose, teardown);
+  // a holder object keeps reads typed as `boolean` rather than being
+  // flow-narrowed to a literal across those boundaries.
+  const lifecycle = { disposed: false }
+
+  const teardown = async (): Promise<void> => {
+    if (lifecycle.disposed) return
+    lifecycle.disposed = true
+    ownedServer?.close()
+    await Promise.resolve()
+  }
+
+  try {
+    // Resolve the session before subscribing so the event filter has an id.
+    let sessionId: string | undefined
+    let resumed = false
+    if (options.resumeSessionId !== undefined) {
+      const existing = await client.session.get({
+        path: { id: options.resumeSessionId },
+        query: { directory },
+      })
+      if (existing.data) {
+        sessionId = options.resumeSessionId
+        resumed = true
+      }
+    }
+    if (sessionId === undefined) {
+      const created = await client.session.create({
+        query: { directory },
+        body: {},
+        throwOnError: true,
+      })
+      sessionId = created.data.id
+    }
+    const resolvedSessionId = sessionId
+
+    const handlePermission = async (
+      permission: Extract<Event, { type: 'permission.updated' }>['properties'],
+    ): Promise<void> => {
+      try {
+        const response = await options.onPermissionRequest({
+          id: permission.id,
+          sessionID: permission.sessionID,
+          type: permission.type,
+          title: permission.title,
+          ...(permission.callID !== undefined && { callID: permission.callID }),
+        })
+        await client.postSessionIdPermissionsPermissionId({
+          path: { id: permission.sessionID, permissionID: permission.id },
+          query: { directory },
+          body: { response },
+          throwOnError: true,
+        })
+      } catch (error) {
+        if (!lifecycle.disposed) options.onError?.(error)
+      }
+    }
+
+    const subscription = await client.event.subscribe()
+    const stream = subscription.stream
+
+    void (async () => {
+      try {
+        for await (const event of stream) {
+          if (lifecycle.disposed) break
+          const sid = sessionIdOf(event)
+          if (sid !== undefined && sid !== resolvedSessionId) continue
+          if (event.type === 'permission.updated') {
+            void handlePermission(event.properties)
+            continue
+          }
+          // The SDK event union is a structural superset of the subset the
+          // translator consumes; unknown event types match no translator
+          // branch and are ignored.
+          options.onEvent(event as OpencodeEvent)
+        }
+      } catch (error) {
+        if (!lifecycle.disposed) options.onError?.(error)
+      }
+    })()
+
+    return {
+      sessionId: resolvedSessionId,
+      resumed,
+      prompt: async (text: string) => {
+        const result = await client.session.prompt({
+          path: { id: resolvedSessionId },
+          query: { directory },
+          body: {
+            model: { providerID: options.providerID, modelID: options.modelID },
+            parts: [{ type: 'text', text }],
+          },
+          throwOnError: true,
+        })
+        const data = result.data
+        const message = data.info as OpencodeAssistantMessage
+        const responseText = data.parts
+          .filter(
+            (part): part is Extract<Part, { type: 'text' }> =>
+              part.type === 'text',
+          )
+          .map((part) => part.text)
+          .join('')
+        return { message, text: responseText }
+      },
+      abort: async () => {
+        try {
+          await client.session.abort({
+            path: { id: resolvedSessionId },
+            query: { directory },
+          })
+        } catch {
+          // Best-effort: the turn may already be finishing.
+        }
+      },
+      dispose: async () => {
+        lifecycle.disposed = true
+        try {
+          await stream.return(undefined)
+        } catch {
+          // Ignore: stream may already be closed.
+        }
+        ownedServer?.close()
+      },
+    }
+  } catch (error) {
+    await teardown()
+    throw error
+  }
+}
diff --git a/packages/ai-opencode/src/provider-options.ts b/packages/ai-opencode/src/provider-options.ts
new file mode 100644
index 000000000..79c65e3f5
--- /dev/null
+++ b/packages/ai-opencode/src/provider-options.ts
@@ -0,0 +1,19 @@
+import type { OpencodePermissionMode } from './process/permissions'
+
+/**
+ * Per-call provider options for the OpenCode adapter, passed via
+ * `modelOptions` on `chat()`.
+ */
+export interface OpencodeTextProviderOptions {
+  /**
+   * Resume an existing OpenCode session. The adapter emits the session id of
+   * every fresh run via a CUSTOM `opencode.session-id` stream event; thread
+   * it back here to continue that session (only the latest user message is
+   * sent — the harness already holds the prior context).
+   */
+  sessionId?: string
+  /** Per-call override of the configured permission mode. */
+  permissionMode?: OpencodePermissionMode
+  /** Per-call override of the harness working directory. */
+  directory?: string
+}
diff --git a/packages/ai-opencode/src/stream/queue.ts b/packages/ai-opencode/src/stream/queue.ts
new file mode 100644
index 000000000..f0f37c5e9
--- /dev/null
+++ b/packages/ai-opencode/src/stream/queue.ts
@@ -0,0 +1,64 @@
+/**
+ * Minimal promise-based async queue bridging the OpenCode event
+ * subscription's callback-style notifications into the async-iterable world
+ * the stream translator consumes.
+ */
+export class AsyncQueue<T> implements AsyncIterable<T> {
+  private readonly values: Array<T> = []
+  private readonly waiters: Array<{
+    resolve: (result: IteratorResult<T>) => void
+    reject: (error: unknown) => void
+  }> = []
+  private ended = false
+  private error: unknown = undefined
+  private failed = false
+
+  push(value: T): void {
+    if (this.ended || this.failed) return
+    const waiter = this.waiters.shift()
+    if (waiter) {
+      waiter.resolve({ value, done: false })
+    } else {
+      this.values.push(value)
+    }
+  }
+
+  /** Signal normal completion; pending and future reads resolve as done. */
+  end(): void {
+    if (this.ended || this.failed) return
+    this.ended = true
+    for (const waiter of this.waiters.splice(0)) {
+      waiter.resolve({ value: undefined, done: true })
+    }
+  }
+
+  /** Signal failure; pending and future reads reject (after buffered values drain). */
+  fail(error: unknown): void {
+    if (this.ended || this.failed) return
+    this.failed = true
+    this.error = error
+    for (const waiter of this.waiters.splice(0)) {
+      waiter.reject(error)
+    }
+  }
+
+  [Symbol.asyncIterator](): AsyncIterator<T> {
+    return {
+      next: (): Promise<IteratorResult<T>> => {
+        if (this.values.length > 0) {
+          return Promise.resolve({
+            value: this.values.shift() as T,
+            done: false,
+          })
+        }
+        if (this.failed) return Promise.reject(this.error)
+        if (this.ended) {
+          return Promise.resolve({ value: undefined, done: true })
+        }
+        return new Promise((resolve, reject) => {
+          this.waiters.push({ resolve, reject })
+        })
+      },
+    }
+  }
+}
diff --git a/packages/ai-opencode/src/stream/sdk-types.ts b/packages/ai-opencode/src/stream/sdk-types.ts
new file mode 100644
index 000000000..8deb3ce87
--- /dev/null
+++ b/packages/ai-opencode/src/stream/sdk-types.ts
@@ -0,0 +1,104 @@
+/**
+ * Structural subset of the `@opencode-ai/sdk` event types that the stream
+ * translator consumes.
+ *
+ * These are intentionally defined structurally (rather than imported from the
+ * OpenCode SDK) so the translator stays a pure, fixture-testable state machine
+ * and the package's public types don't depend on the SDK's generated schema
+ * types. Unknown part or event types fall through every branch at runtime.
+ */
+
+export interface OpencodeTokens {
+  input?: number
+  output?: number
+  reasoning?: number
+  cache?: { read?: number; write?: number }
+}
+
+/** Error payload attached to a failed assistant message. */
+export interface OpencodeMessageError {
+  name: string
+  data?: { message?: string }
+}
+
+/**
+ * The final assistant message of a turn, returned by the blocking prompt
+ * call. Carries the finish reason, token usage, and any fatal error.
+ */
+export interface OpencodeAssistantMessage {
+  id: string
+  role: 'assistant'
+  finish?: string
+  error?: OpencodeMessageError
+  tokens?: OpencodeTokens
+  cost?: number
+}
+
+export type OpencodeToolState =
+  | { status: 'pending'; input?: Record<string, unknown> }
+  | {
+      status: 'running'
+      input?: Record<string, unknown>
+      title?: string
+    }
+  | {
+      status: 'completed'
+      input?: Record<string, unknown>
+      output: string
+      title?: string
+    }
+  | { status: 'error'; input?: Record<string, unknown>; error: string }
+
+/**
+ * The OpenCode message-part kinds the translator understands. The trailing
+ * catch-all member keeps the union open to other kinds (file, step-start,
+ * step-finish, snapshot, patch, agent, ...); the translator dispatches via
+ * the `is*Part` type guards, so those kinds simply match no guard.
+ */
+export type OpencodePart =
+  | { id: string; sessionID?: string; type: 'text'; text: string }
+  | { id: string; sessionID?: string; type: 'reasoning'; text: string }
+  | {
+      id: string
+      sessionID?: string
+      type: 'tool'
+      callID: string
+      tool: string
+      state: OpencodeToolState
+    }
+  | { id: string; sessionID?: string; type: string }
+
+/**
+ * The OpenCode events the translator understands. This is a closed
+ * discriminated union (so `event.type` narrows cleanly); the server forwards
+ * raw SDK events cast to this type, and any event whose `type` isn't listed
+ * here simply matches no branch and is ignored at runtime.
+ */
+export type OpencodeEvent =
+  | {
+      type: 'message.part.updated'
+      properties: { part: OpencodePart; delta?: string }
+    }
+  | {
+      type: 'message.updated'
+      properties: { info: { sessionID?: string } }
+    }
+  | { type: 'session.idle'; properties: { sessionID: string } }
+  | {
+      type: 'session.error'
+      properties: { sessionID?: string; error?: OpencodeMessageError }
+    }
+  | {
+      type: 'todo.updated'
+      properties: { sessionID: string; todos: Array<unknown> }
+    }
+
+/**
+ * Events fed to the translator: the session id once established, every
+ * session-scoped OpenCode event, and a terminal `done` carrying the final
+ * assistant message (the adapter's async queue produces these).
+ */
+export type OpencodeStreamEvent =
+  | { kind: 'session'; sessionId: string }
+  | { kind: 'event'; event: OpencodeEvent }
+  | { kind: 'done'; message: OpencodeAssistantMessage }
diff --git a/packages/ai-opencode/src/stream/translate.ts b/packages/ai-opencode/src/stream/translate.ts
new file mode 100644
index 000000000..2db145fa9
--- /dev/null
+++ b/packages/ai-opencode/src/stream/translate.ts
@@ -0,0 +1,419 @@
+import { EventType, buildBaseUsage } from '@tanstack/ai'
+import type { StreamChunk, TokenUsage } from '@tanstack/ai'
+import type {
+  OpencodeAssistantMessage,
+  OpencodeEvent,
+  OpencodePart,
+  OpencodeStreamEvent,
+  OpencodeTokens,
+} from './sdk-types'
+
+/** Name of the CUSTOM event carrying the OpenCode session id. */
+export const SESSION_ID_EVENT = 'opencode.session-id'
+
+/** Name of the CUSTOM event carrying the harness's todo list updates. */
+export const TODO_EVENT = 'opencode.todo'
+
+/** Server name used for bridged TanStack tools. */
+export const BRIDGED_MCP_SERVER_NAME = 'tanstack'
+
+export interface TranslateContext {
+  model: string
+  runId: string
+  threadId: string
+  parentRunId?: string
+  genId: () => string
+  /**
+   * Names of bridged TanStack tools, used to surface the harness's MCP tool
+   * calls under the names the application registered.
+   */
+  bridgedToolNames?: ReadonlySet<string>
+  /** Called for each raw stream event, for logging. */
+  onStreamEvent?: (event: OpencodeStreamEvent) => void
+}
+
+/**
+ * Resolve the AG-UI tool-call name for an OpenCode tool part. OpenCode names
+ * MCP tools `<server>_<tool>`, so bridged TanStack tools arrive as
+ * `tanstack_<tool>` and are surfaced under the names the application
+ * registered; everything else (built-in `read`, `edit`, `bash`, ... and
+ * foreign MCP tools) uses the harness tool name verbatim.
+ */
+export function resolveToolName(
+  tool: string,
+  bridgedToolNames: ReadonlySet<string> | undefined,
+): string {
+  if (!bridgedToolNames || bridgedToolNames.size === 0) return tool
+  if (bridgedToolNames.has(tool)) return tool
+  if (tool.startsWith('tanstack_') && bridgedToolNames.has(tool.slice(9))) {
+    return tool.slice(9)
+  }
+  return tool
+}
+
+function buildUsage(
+  tokens: OpencodeTokens | undefined,
+): TokenUsage | undefined {
+  if (!tokens) return undefined
+  const promptTokens = tokens.input ?? 0
+  const completionTokens = tokens.output ?? 0
+  const result = buildBaseUsage({
+    promptTokens,
+    completionTokens,
+    totalTokens: promptTokens + completionTokens,
+  })
+  if (tokens.cache?.read) {
+    result.promptTokensDetails = { cachedTokens: tokens.cache.read }
+  }
+  if (tokens.reasoning) {
+    result.completionTokensDetails = { reasoningTokens: tokens.reasoning }
+  }
+  return result
+}
+
+type TextPart = Extract<OpencodePart, { type: 'text' }>
+type ReasoningPart = Extract<OpencodePart, { type: 'reasoning' }>
+type ToolPart = Extract<OpencodePart, { type: 'tool' }>
+
+const isTextPart = (part: OpencodePart): part is TextPart =>
+  part.type === 'text'
+const isReasoningPart = (part: OpencodePart): part is ReasoningPart =>
+  part.type === 'reasoning'
+const isToolPart = (part: OpencodePart): part is ToolPart =>
+  part.type === 'tool'
+
+function messageError(
+  message: OpencodeAssistantMessage,
+): { message: string } | undefined {
+  if (!message.error) return undefined
+  return { message: message.error.data?.message ?? message.error.name }
+}
+
+/**
+ * Translate an OpenCode event stream into AG-UI StreamChunk events.
+ *
+ * The harness runs its own agent loop and executes its own tools, so the
+ * translation always ends with `finishReason: 'stop'` (or `'length'` /
+ * RUN_ERROR) — never `'tool_calls'`. Harness tool activity is emitted as
+ * already-resolved TOOL_CALL_START/ARGS/END + TOOL_CALL_RESULT sequences so
+ * UIs can render it, while the TanStack engine never tries to execute them.
+ *
+ * OpenCode delivers true token-level deltas for both assistant text and
+ * reasoning via `message.part.updated` events (a `delta` string when
+ * incremental, otherwise the full part text, from which the delta is
+ * derived). The final assistant message — finish reason, token usage, and any
+ * fatal error — arrives as the terminal `done` event.
+ *
+ * Invariant: every TOOL_CALL_START is eventually paired with a
+ * TOOL_CALL_RESULT (synthesized as `{"status":"interrupted"}` when the run
+ * ends or aborts before the harness reported one) so the engine's
+ * pending-tool-call scan on the next request never force-executes them.
+ */
+export async function* translateOpencodeStream(
+  events: AsyncIterable<OpencodeStreamEvent>,
+  ctx: TranslateContext,
+): AsyncIterable<StreamChunk> {
+  const { model, runId, threadId, genId } = ctx
+  const now = () => Date.now()
+
+  let runStarted = false
+  /** Tool calls started but with no result yet, keyed by callID. */
+  const unresolvedToolCalls = new Set<string>()
+  /** Tool call ids that already emitted TOOL_CALL_START/ARGS/END. */
+  const openedToolCalls = new Set<string>()
+  /** Tool call ids that already emitted a TOOL_CALL_RESULT. */
+  const resolvedToolCalls = new Set<string>()
+
+  /** Accumulated text per text-part id, for delta derivation. */
+  const textAccumulators = new Map<string, string>()
+  let openTextId: string | null = null
+  let openReasoningId: string | null = null
+
+  function* startRun(): Generator<StreamChunk> {
+    if (runStarted) return
+    runStarted = true
+    yield {
+      type: EventType.RUN_STARTED,
+      runId,
+      threadId,
+      model,
+      timestamp: now(),
+      ...(ctx.parentRunId !== undefined && { parentRunId: ctx.parentRunId }),
+    }
+  }
+
+  function* closeText(): Generator<StreamChunk> {
+    if (openTextId !== null) {
+      yield {
+        type: EventType.TEXT_MESSAGE_END,
+        messageId: openTextId,
+        model,
+        timestamp: now(),
+      }
+      openTextId = null
+    }
+  }
+
+  function* closeReasoning(): Generator<StreamChunk> {
+    if (openReasoningId !== null) {
+      yield {
+        type: EventType.REASONING_MESSAGE_END,
+        messageId: openReasoningId,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_END,
+        messageId: openReasoningId,
+        model,
+        timestamp: now(),
+      }
+      openReasoningId = null
+    }
+  }
+
+  function* synthesizeUnresolvedResults(): Generator<StreamChunk> {
+    for (const toolCallId of unresolvedToolCalls) {
+      yield {
+        type: EventType.TOOL_CALL_RESULT,
+        toolCallId,
+        messageId: genId(),
+        model,
+        timestamp: now(),
+        content: JSON.stringify({ status: 'interrupted' }),
+      }
+    }
+    unresolvedToolCalls.clear()
+  }
+
+  function* handleTextPart(
+    part: Extract<OpencodePart, { type: 'text' }>,
+    delta: string | undefined,
+  ): Generator<StreamChunk> {
+    yield* closeReasoning()
+
+    const prev = textAccumulators.get(part.id) ?? ''
+    let deltaText: string
+    if (typeof delta === 'string' && delta !== '') {
+      deltaText = delta
+      textAccumulators.set(part.id, prev + delta)
+    } else {
+      const full = part.text
+      deltaText = full.startsWith(prev) ? full.slice(prev.length) : full
+      textAccumulators.set(part.id, full)
+    }
+    if (deltaText === '') return
+
+    if (openTextId !== part.id) {
+      yield* closeText()
+      openTextId = part.id
+      yield {
+        type: EventType.TEXT_MESSAGE_START,
+        messageId: part.id,
+        model,
+        timestamp: now(),
+        role: 'assistant',
+      }
+    }
+    yield {
+      type: EventType.TEXT_MESSAGE_CONTENT,
+      messageId: part.id,
+      model,
+      timestamp: now(),
+      delta: deltaText,
+      content: textAccumulators.get(part.id) ?? deltaText,
+    }
+  }
+
+  function* handleReasoningPart(
+    part: Extract<OpencodePart, { type: 'reasoning' }>,
+    delta: string | undefined,
+  ): Generator<StreamChunk> {
+    yield* closeText()
+
+    const prev = textAccumulators.get(part.id) ?? ''
+    let deltaText: string
+    if (typeof delta === 'string' && delta !== '') {
+      deltaText = delta
+      textAccumulators.set(part.id, prev + delta)
+    } else {
+      const full = part.text
+      deltaText = full.startsWith(prev) ? full.slice(prev.length) : full
+      textAccumulators.set(part.id, full)
+    }
+    if (deltaText === '') return
+
+    if (openReasoningId !== part.id) {
+      yield* closeReasoning()
+      openReasoningId = part.id
+      yield {
+        type: EventType.REASONING_START,
+        messageId: part.id,
+        model,
+        timestamp: now(),
+      }
+      yield {
+        type: EventType.REASONING_MESSAGE_START,
+        messageId: part.id,
+        role: 'reasoning' as const,
+        model,
+        timestamp: now(),
+      }
+    }
+    yield {
+      type: EventType.REASONING_MESSAGE_CONTENT,
+      messageId: part.id,
+      delta: deltaText,
+      model,
+      timestamp: now(),
+    }
+  }
+
+  function* openToolCall(
+    part: Extract<OpencodePart, { type: 'tool' }>,
+  ): Generator<StreamChunk> {
+    if (openedToolCalls.has(part.callID)) return
+    openedToolCalls.add(part.callID)
+    const toolCallName = resolveToolName(part.tool, ctx.bridgedToolNames)
+    const input = part.state.input ?? {}
+    const args = JSON.stringify(input)
+    yield {
+      type: EventType.TOOL_CALL_START,
+      toolCallId: part.callID,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+    }
+    yield {
+      type: EventType.TOOL_CALL_ARGS,
+      toolCallId: part.callID,
+      model,
+      timestamp: now(),
+      delta: args,
+      args,
+    }
+    yield {
+      type: EventType.TOOL_CALL_END,
+      toolCallId: part.callID,
+      toolCallName,
+      toolName: toolCallName,
+      model,
+      timestamp: now(),
+      input,
+    }
+    unresolvedToolCalls.add(part.callID)
+  }
+
+  function* handleToolPart(
+    part: Extract<OpencodePart, { type: 'tool' }>,
+  ): Generator<StreamChunk> {
+    yield* closeText()
+    yield* closeReasoning()
+    yield* openToolCall(part)
+
+    const state = part.state
+    if (state.status !== 'completed' && state.status !== 'error') return
+    if (resolvedToolCalls.has(part.callID)) return
+    resolvedToolCalls.add(part.callID)
+    unresolvedToolCalls.delete(part.callID)
+
+    const isError = state.status === 'error'
+    yield {
+      type: EventType.TOOL_CALL_RESULT,
+      toolCallId: part.callID,
+      messageId: genId(),
+      model,
+      timestamp: now(),
+      content: isError ? state.error : state.output,
+      ...(isError && { state: 'output-error' as const }),
+    }
+  }
+
+  function* handleEvent(event: OpencodeEvent): Generator<StreamChunk> {
+    if (event.type === 'message.part.updated') {
+      const { part, delta } = event.properties
+      if (isTextPart(part)) {
+        yield* handleTextPart(part, delta)
+      } else if (isReasoningPart(part)) {
+        yield* handleReasoningPart(part, delta)
+      } else if (isToolPart(part)) {
+        yield* handleToolPart(part)
+      }
+      // Other part kinds (file, step-start/finish, snapshot, ...) carry no
+      // state the chunk stream needs.
+    } else if (event.type === 'todo.updated') {
+      yield {
+        type: EventType.CUSTOM,
+        model,
+        timestamp: now(),
+        name: TODO_EVENT,
+        value: { todos: event.properties.todos },
+      }
+    }
+    // session.idle / session.status / message.updated are redundant with the
+    // terminal `done` event and are ignored.
+  }
+
+  function* finish(message: OpencodeAssistantMessage): Generator<StreamChunk> {
+    yield* startRun()
+    yield* closeText()
+    yield* closeReasoning()
+    yield* synthesizeUnresolvedResults()
+
+    const error = messageError(message)
+    if (error) {
+      yield {
+        type: EventType.RUN_ERROR,
+        model,
+        timestamp: now(),
+        message: error.message,
+        error,
+      }
+      return
+    }
+
+    const usage = buildUsage(message.tokens)
+    const finishReason = message.finish === 'length' ? 'length' : 'stop'
+    yield {
+      type: EventType.RUN_FINISHED,
+      runId,
+      threadId,
+      model,
+      timestamp: now(),
+      finishReason,
+      ...(usage !== undefined && { usage }),
+    }
+  }
+
+  try {
+    for await (const streamEvent of events) {
+      ctx.onStreamEvent?.(streamEvent)
+
+      if (streamEvent.kind === 'session') {
+        yield* startRun()
+        yield {
+          type: EventType.CUSTOM,
+          model,
+          timestamp: now(),
+          name: SESSION_ID_EVENT,
+          value: { sessionId: streamEvent.sessionId },
+        }
+      } else if (streamEvent.kind === 'event') {
+        yield* startRun()
+        yield* handleEvent(streamEvent.event)
+      } else {
+        yield* finish(streamEvent.message)
+      }
+    }
+  } catch (error) {
+    // The run is dying (abort, server exit, or connection failure). Close any
+    // open message and pair started tool calls with a synthetic result first
+    // so the next request's pending-tool-call scan doesn't try to execute
+    // them, then let the adapter surface the error as RUN_ERROR.
+    yield* closeText()
+    yield* closeReasoning()
+    yield* synthesizeUnresolvedResults()
+    throw error
+  }
+}
diff --git a/packages/ai-opencode/src/tools/bridge.ts b/packages/ai-opencode/src/tools/bridge.ts
new file mode 100644
index 000000000..01e6296ec
--- /dev/null
+++ b/packages/ai-opencode/src/tools/bridge.ts
@@ -0,0 +1,129 @@
+import { createServer } from 'node:http'
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js'
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js'
+import { BRIDGED_MCP_SERVER_NAME } from '../stream/translate'
+import type { AddressInfo } from 'node:net'
+import type { AnyTool } from '@tanstack/ai'
+
+/** A running localhost MCP server exposing TanStack tools to the harness. */
+export interface ToolBridgeHandle {
+  /** Streamable-HTTP MCP endpoint, e.g. `http://127.0.0.1:54321/mcp`. */
+  url: string
+  /** Stop the HTTP server and drop any open connections. */
+  close: () => Promise<void>
+}
+
+function createMcpServer(tools: Array<AnyTool>): McpServer {
+  const instance = new McpServer(
+    { name: BRIDGED_MCP_SERVER_NAME, version: '1.0.0' },
+    { capabilities: { tools: {} } },
+  )
+
+  const toolsByName = new Map(tools.map((tool) => [tool.name, tool]))
+
+  instance.server.setRequestHandler(ListToolsRequestSchema, () => ({
+    tools: tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      inputSchema: (tool.inputSchema ?? {
+        type: 'object',
+        properties: {},
+      }) as { type: 'object'; [key: string]: unknown },
+    })),
+  }))
+
+  instance.server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const tool = toolsByName.get(request.params.name)
+    if (!tool?.execute) {
+      throw new Error(`Unknown tool: ${request.params.name}`)
+    }
+    try {
+      const result: unknown = await tool.execute(request.params.arguments ?? {})
+      const text = typeof result === 'string' ? result : JSON.stringify(result)
+      return { content: [{ type: 'text', text }] }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error)
+      return {
+        isError: true,
+        content: [{ type: 'text', text: `Tool execution failed: ${message}` }],
+      }
+    }
+  })
+
+  return instance
+}
+
+/**
+ * Expose TanStack tools to the OpenCode harness as a Streamable-HTTP MCP
+ * server on an ephemeral localhost port.
+ *
+ * OpenCode runs as a separate server process, so the bridge listens on
+ * `127.0.0.1` and the adapter registers it as a `remote` MCP server in the
+ * harness config (`mcp.tanstack.url`). Each request is handled statelessly
+ * with a fresh `McpServer` + transport pair, which is all the harness's
+ * list/call traffic needs.
+ *
+ * The engine has already converted each tool's schema to JSON Schema before
+ * the adapter sees it, and JSON Schema is exactly what MCP's `tools/list`
+ * wants — so the low-level request handlers pass schemas through verbatim
+ * instead of round-tripping them through zod.
+ *
+ * The caller owns the lifecycle: `close()` must run when the chat stream
+ * ends (the adapter does this in a `finally`) so the port is never leaked.
+ */
+export async function startToolBridge(
+  tools: Array<AnyTool>,
+): Promise<ToolBridgeHandle> {
+  const httpServer = createServer((req, res) => {
+    void (async () => {
+      if (req.method !== 'POST') {
+        res.writeHead(405).end()
+        return
+      }
+      const chunks: Array<Buffer> = []
+      for await (const chunk of req) {
+        chunks.push(chunk as Buffer)
+      }
+      let parsedBody: unknown
+      try {
+        parsedBody = JSON.parse(Buffer.concat(chunks).toString('utf8'))
+      } catch {
+        res.writeHead(400).end()
+        return
+      }
+      const mcpServer = createMcpServer(tools)
+      const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: undefined,
+      })
+      res.on('close', () => {
+        void transport.close()
+        void mcpServer.close()
+      })
+      await mcpServer.connect(transport)
+      await transport.handleRequest(req, res, parsedBody)
+    })().catch(() => {
+      if (!res.headersSent) res.writeHead(500)
+      res.end()
+    })
+  })
+
+  await new Promise<void>((resolve, reject) => {
+    httpServer.once('error', reject)
+    httpServer.listen(0, '127.0.0.1', resolve)
+  })
+
+  const { port } = httpServer.address() as AddressInfo
+
+  return {
+    url: `http://127.0.0.1:${port}/mcp`,
+    close: () =>
+      new Promise<void>((resolve, reject) => {
+        httpServer.closeAllConnections()
+        httpServer.close((error) => (error ? reject(error) : resolve()))
+      }),
+  }
+}
diff --git a/packages/ai-opencode/tests/bridge.test.ts b/packages/ai-opencode/tests/bridge.test.ts
new file mode 100644
index 000000000..987efbc3d
--- /dev/null
+++ b/packages/ai-opencode/tests/bridge.test.ts
@@ -0,0 +1,105 @@
+import { describe, expect, it } from 'vitest'
+import { Client } from '@modelcontextprotocol/sdk/client/index.js'
+import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js'
+import { startToolBridge } from '../src/tools/bridge'
+import type { AnyTool } from '@tanstack/ai'
+
+function makeTool(overrides: Partial<AnyTool> = {}): AnyTool {
+  return {
+    name: 'echo',
+    description: 'Echo the input back',
+    inputSchema: {
+      type: 'object',
+      properties: { value: { type: 'string' } },
+    },
+    execute: async (args: unknown) => args,
+    ...overrides,
+  } as unknown as AnyTool
+}
+
+async function connectClient(url: string): Promise<Client> {
+  const client = new Client({ name: 'test-client', version: '1.0.0' })
+  await client.connect(new StreamableHTTPClientTransport(new URL(url)))
+  return client
+}
+
+describe('startToolBridge', () => {
+  it('listens on an ephemeral localhost port', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      expect(bridge.url).toMatch(/^http:\/\/127\.0\.0\.1:\d+\/mcp$/)
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('lists tools with their JSON schemas passed through verbatim', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    try {
+      const client = await connectClient(bridge.url)
+      const { tools } = await client.listTools()
+      expect(tools).toHaveLength(1)
+      expect(tools[0]).toMatchObject({
+        name: 'echo',
+        description: 'Echo the input back',
+        inputSchema: {
+          type: 'object',
+          properties: { value: { type: 'string' } },
+        },
+      })
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('executes tool calls and returns stringified results', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async (args: unknown) => ({
+          echoed: (args as { value: string }).value,
+        }),
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({
+        name: 'echo',
+        arguments: { value: 'hi' },
+      })
+      expect(result.content).toEqual([
+        { type: 'text', text: JSON.stringify({ echoed: 'hi' }) },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('returns isError content when the tool throws', async () => {
+    const bridge = await startToolBridge([
+      makeTool({
+        execute: async () => {
+          throw new Error('tool blew up')
+        },
+      } as Partial<AnyTool>),
+    ])
+    try {
+      const client = await connectClient(bridge.url)
+      const result = await client.callTool({ name: 'echo', arguments: {} })
+      expect(result.isError).toBe(true)
+      expect(result.content).toEqual([
+        { type: 'text', text: 'Tool execution failed: tool blew up' },
+      ])
+      await client.close()
+    } finally {
+      await bridge.close()
+    }
+  })
+
+  it('refuses connections after close()', async () => {
+    const bridge = await startToolBridge([makeTool()])
+    await bridge.close()
+    await expect(connectClient(bridge.url)).rejects.toThrow()
+  })
+})
diff --git a/packages/ai-opencode/tests/permissions.test.ts b/packages/ai-opencode/tests/permissions.test.ts
new file mode 100644
index 000000000..ebbb30016
--- /dev/null
+++ b/packages/ai-opencode/tests/permissions.test.ts
@@ -0,0 +1,118 @@
+import { describe, expect, it } from 'vitest'
+import {
+  matchBridgedToolName,
+  resolvePermission,
+} from '../src/process/permissions'
+import type { OpencodePermissionRequest } from '../src/process/permissions'
+
+function request(
+  overrides: Partial<OpencodePermissionRequest> = {},
+): OpencodePermissionRequest {
+  return {
+    id: 'perm-1',
+    sessionID: 'sess-1',
+    type: 'bash',
+    title: 'Run a command',
+    ...overrides,
+  }
+}
+
+describe('matchBridgedToolName', () => {
+  const bridged = new Set(['lookup_user'])
+
+  it('returns false without bridged tools', () => {
+    expect(
+      matchBridgedToolName(request({ type: 'lookup_user' }), undefined),
+    ).toBe(false)
+    expect(
+      matchBridgedToolName(request({ type: 'lookup_user' }), new Set()),
+    ).toBe(false)
+  })
+
+  it('matches a bare registered tool name in type or title', () => {
+    expect(
+      matchBridgedToolName(request({ type: 'lookup_user' }), bridged),
+    ).toBe(true)
+    expect(
+      matchBridgedToolName(
+        request({ type: 'tool', title: 'lookup_user' }),
+        bridged,
+      ),
+    ).toBe(true)
+  })
+
+  it('matches the tanstack_ and tanstack. server prefixes', () => {
+    expect(
+      matchBridgedToolName(request({ type: 'tanstack_lookup_user' }), bridged),
+    ).toBe(true)
+    expect(
+      matchBridgedToolName(request({ type: 'tanstack.lookup_user' }), bridged),
+    ).toBe(true)
+  })
+
+  it('does not match foreign tools', () => {
+    expect(
+      matchBridgedToolName(request({ type: 'github_create_issue' }), bridged),
+    ).toBe(false)
+  })
+})
+
+describe('resolvePermission', () => {
+  const bridged = new Set(['lookup_user'])
+
+  it('always allows bridged tools regardless of mode', () => {
+    for (const mode of [
+      'default',
+      'acceptEdits',
+      'bypassPermissions',
+    ] as const) {
+      expect(
+        resolvePermission(
+          request({ type: 'tanstack_lookup_user' }),
+          mode,
+          bridged,
+        ),
+      ).toBe('once')
+    }
+  })
+
+  it('rejects everything else in default mode', () => {
+    expect(
+      resolvePermission(request({ type: 'bash' }), 'default', bridged),
+    ).toBe('reject')
+    expect(
+      resolvePermission(request({ type: 'edit' }), 'default', bridged),
+    ).toBe('reject')
+    expect(
+      resolvePermission(request({ type: 'webfetch' }), 'default', bridged),
+    ).toBe('reject')
+  })
+
+  it('auto-approves file mutations only in acceptEdits mode', () => {
+    for (const type of ['edit', 'write', 'patch']) {
+      expect(resolvePermission(request({ type }), 'acceptEdits', bridged)).toBe(
+        'once',
+      )
+    }
+    expect(
+      resolvePermission(request({ type: 'bash' }), 'acceptEdits', bridged),
+    ).toBe('reject')
+  })
+
+  it('approves everything in bypassPermissions mode', () => {
+    expect(
+      resolvePermission(
+        request({ type: 'bash' }),
+        'bypassPermissions',
+        bridged,
+      ),
+    ).toBe('once')
+    expect(
+      resolvePermission(
+        request({ type: 'webfetch' }),
+        'bypassPermissions',
+        undefined,
+      ),
+    ).toBe('once')
+  })
+})
diff --git a/packages/ai-opencode/tests/prompt.test.ts b/packages/ai-opencode/tests/prompt.test.ts
new file mode 100644
index 000000000..b2285eeb3
--- /dev/null
+++ b/packages/ai-opencode/tests/prompt.test.ts
@@ -0,0 +1,92 @@
+import { describe, expect, it } from 'vitest'
+import { buildPrompt } from '../src/messages/prompt'
+import type { ModelMessage } from '@tanstack/ai'
+
+const user = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'user',
+  content,
+})
+const assistant = (content: ModelMessage['content']): ModelMessage => ({
+  role: 'assistant',
+  content,
+})
+
+describe('buildPrompt', () => {
+  it('resumes with only the last user message when sessionId is provided', () => {
+    const result = buildPrompt(
+      [
+        user('first question'),
+        assistant('first answer'),
+        user('follow-up question'),
+      ],
+      'sess-1',
+    )
+    expect(result).toEqual({ prompt: 'follow-up question', resume: 'sess-1' })
+  })
+
+  it('throws when sessionId is provided but there is no trailing user message', () => {
+    expect(() => buildPrompt([user('q'), assistant('a')], 'sess-1')).toThrow(
+      /user message/i,
+    )
+  })
+
+  it('sends a single user message as-is for a fresh session', () => {
+    expect(buildPrompt([user('hello')], undefined)).toEqual({ prompt: 'hello' })
+  })
+
+  it('flattens prior turns into a transcript preamble for fresh multi-turn history', () => {
+    const { prompt, resume } = buildPrompt(
+      [user('What is 2+2?'), assistant('4'), user('And times 3?')],
+      undefined,
+    )
+    expect(resume).toBeUndefined()
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: What is 2+2?\nAssistant: 4\n\nAnd times 3?',
+    )
+  })
+
+  it('skips tool messages and assistant tool-call-only turns when flattening', () => {
+    const messages: Array<ModelMessage> = [
+      user('list files'),
+      {
+        role: 'assistant',
+        content: null,
+        toolCalls: [
+          {
+            id: 't1',
+            type: 'function',
+            function: { name: 'ls', arguments: '{}' },
+          },
+        ],
+      } as unknown as ModelMessage,
+      { role: 'tool', content: 'file-a', toolCallId: 't1' },
+      assistant('There is one file.'),
+      user('thanks, which one?'),
+    ]
+    const { prompt } = buildPrompt(messages, undefined)
+    expect(prompt).toBe(
+      'Previous conversation:\nUser: list files\nAssistant: There is one file.\n\nthanks, which one?',
+    )
+  })
+
+  it('extracts text from content-part arrays and ignores non-text parts', () => {
+    const { prompt } = buildPrompt(
+      [
+        user([
+          { type: 'text', content: 'describe ' },
+          {
+            type: 'image',
+            source: { type: 'url', url: 'https://x/y.png' },
+          } as never,
+          { type: 'text', content: 'this' },
+        ] as ModelMessage['content']),
+      ],
+      undefined,
+    )
+    expect(prompt).toBe('describe this')
+  })
+
+  it('throws when there is no usable user content at all', () => {
+    expect(() => buildPrompt([], undefined)).toThrow(/user message/i)
+  })
+})
diff --git a/packages/ai-opencode/tests/text-adapter.test.ts b/packages/ai-opencode/tests/text-adapter.test.ts
new file mode 100644
index 000000000..d865770f1
--- /dev/null
+++ b/packages/ai-opencode/tests/text-adapter.test.ts
@@ -0,0 +1,411 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+import { opencodeText } from '../src/adapters/text'
+import { startOpencodeSession } from '../src/process/server'
+import { startToolBridge } from '../src/tools/bridge'
+import type {
+  OpencodeAssistantMessage,
+  OpencodeEvent,
+} from '../src/stream/sdk-types'
+import type { StartOpencodeSessionOptions } from '../src/process/server'
+import type { InternalLogger } from '@tanstack/ai/adapter-internals'
+import type { StreamChunk, TextOptions } from '@tanstack/ai'
+
+vi.mock('../src/process/server', () => ({ startOpencodeSession: vi.fn() }))
+vi.mock('../src/tools/bridge', () => ({ startToolBridge: vi.fn() }))
+
+const startSessionMock = vi.mocked(startOpencodeSession)
+const bridgeMock = vi.mocked(startToolBridge)
+const promptMock = vi.fn()
+const abortMock = vi.fn()
+const disposeMock = vi.fn()
+const bridgeCloseMock = vi.fn()
+
+let captured: StartOpencodeSessionOptions | undefined
+
+const MODEL = 'anthropic/claude-sonnet-4-5'
+
+function textTurn(text = 'hi there'): {
+  message: OpencodeAssistantMessage
+  text: string
+} {
+  captured?.onEvent({
+    type: 'message.part.updated',
+    properties: {
+      part: { id: 'p1', sessionID: 's', type: 'text', text },
+      delta: text,
+    },
+  } as OpencodeEvent)
+  return {
+    message: {
+      id: 'm1',
+      role: 'assistant',
+      finish: 'stop',
+      tokens: { input: 10, output: 5 },
+    },
+    text,
+  }
+}
+
+const noopLogger = {
+  request: vi.fn(),
+  provider: vi.fn(),
+  output: vi.fn(),
+  errors: vi.fn(),
+  middleware: vi.fn(),
+  tools: vi.fn(),
+  agentLoop: vi.fn(),
+  config: vi.fn(),
+  isEnabled: () => false,
+} as unknown as InternalLogger
+
+function makeOptions(
+  overrides: Partial<TextOptions<Record<string, any>>> = {},
+): TextOptions<Record<string, any>> {
+  return {
+    model: MODEL,
+    messages: [{ role: 'user', content: 'hello' }],
+    logger: noopLogger,
+    ...overrides,
+  } as TextOptions<Record<string, any>>
+}
+
+async function collect(
+  stream: AsyncIterable<StreamChunk>,
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of stream) chunks.push(chunk)
+  return chunks
+}
+
+beforeEach(() => {
+  captured = undefined
+  startSessionMock.mockReset()
+  bridgeMock.mockReset()
+  promptMock.mockReset()
+  abortMock.mockReset()
+  disposeMock.mockReset()
+  bridgeCloseMock.mockReset()
+
+  abortMock.mockResolvedValue(undefined)
+  disposeMock.mockResolvedValue(undefined)
+  bridgeCloseMock.mockResolvedValue(undefined)
+  bridgeMock.mockResolvedValue({
+    url: 'http://127.0.0.1:54321/mcp',
+    close: bridgeCloseMock,
+  })
+  promptMock.mockImplementation(() => Promise.resolve(textTurn()))
+
+  startSessionMock.mockImplementation(
+    async (options: StartOpencodeSessionOptions) => {
+      captured = options
+      return {
+        sessionId: options.resumeSessionId ?? 'sess-new',
+        resumed: options.resumeSessionId !== undefined,
+        prompt: promptMock,
+        abort: abortMock,
+        dispose: disposeMock,
+      }
+    },
+  )
+})
+
+describe('opencodeText', () => {
+  it('creates an adapter with the opencode provider name', () => {
+    const adapter = opencodeText(MODEL)
+    expect(adapter.kind).toBe('text')
+    expect(adapter.name).toBe('opencode')
+    expect(adapter.model).toBe(MODEL)
+  })
+})
+
+describe('chatStream', () => {
+  it('streams translated AG-UI events for a simple turn', async () => {
+    const chunks = await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('splits the provider/model id for the session', async () => {
+    await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(captured).toMatchObject({
+      providerID: 'anthropic',
+      modelID: 'claude-sonnet-4-5',
+    })
+  })
+
+  it('rejects a model id without a provider prefix', async () => {
+    const chunks = await collect(
+      opencodeText('claude-sonnet-4-5').chatStream(makeOptions()),
+    )
+    expect(startSessionMock).not.toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+    expect((chunks.at(-1) as { message: string }).message).toMatch(
+      /provider\/model/,
+    )
+  })
+
+  it('starts a fresh session without a sessionId', async () => {
+    await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(captured?.resumeSessionId).toBeUndefined()
+    expect(promptMock.mock.calls[0]![0]).toBe('hello')
+  })
+
+  it('resumes the session and sends only the trailing user message', async () => {
+    await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+          modelOptions: { sessionId: 'sess-prior' },
+        }),
+      ),
+    )
+    expect(captured?.resumeSessionId).toBe('sess-prior')
+    expect(promptMock.mock.calls[0]![0]).toBe('follow-up')
+  })
+
+  it('flattens prior turns into the prompt without a sessionId', async () => {
+    await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({
+          messages: [
+            { role: 'user', content: 'first' },
+            { role: 'assistant', content: 'answer' },
+            { role: 'user', content: 'follow-up' },
+          ],
+        }),
+      ),
+    )
+    expect(promptMock.mock.calls[0]![0]).toBe(
+      'Previous conversation:\nUser: first\nAssistant: answer\n\nfollow-up',
+    )
+  })
+
+  it('uses the configured directory and a default permission policy', async () => {
+    await collect(
+      opencodeText(MODEL, { directory: '/workspace' }).chatStream(
+        makeOptions(),
+      ),
+    )
+    expect(captured?.directory).toBe('/workspace')
+    expect(captured?.permission).toMatchObject({
+      edit: 'ask',
+      bash: 'ask',
+      webfetch: 'ask',
+    })
+  })
+
+  it('lets modelOptions.directory override the configured directory', async () => {
+    await collect(
+      opencodeText(MODEL, { directory: '/workspace' }).chatStream(
+        makeOptions({ modelOptions: { directory: '/elsewhere' } }),
+      ),
+    )
+    expect(captured?.directory).toBe('/elsewhere')
+  })
+
+  it('opens permissions for bypassPermissions mode', async () => {
+    await collect(
+      opencodeText(MODEL, { permissionMode: 'bypassPermissions' }).chatStream(
+        makeOptions(),
+      ),
+    )
+    expect(captured?.permission).toMatchObject({
+      edit: 'allow',
+      bash: 'allow',
+      webfetch: 'allow',
+    })
+  })
+
+  it('prepends system prompts to the prompt text', async () => {
+    await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({ systemPrompts: ['Be terse.', 'Use tabs.'] }),
+      ),
+    )
+    expect(promptMock.mock.calls[0]![0]).toBe('Be terse.\n\nUse tabs.\n\nhello')
+  })
+
+  it('starts a localhost MCP bridge and registers it when tools are passed', async () => {
+    await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'lookup_user',
+              description: 'Look up a user',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => ({ ok: true }),
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(bridgeMock).toHaveBeenCalledTimes(1)
+    expect(captured?.mcpServers).toEqual([
+      { name: 'tanstack', url: 'http://127.0.0.1:54321/mcp' },
+    ])
+    expect(bridgeCloseMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('does not start a bridge when no tools are passed', async () => {
+    await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(bridgeMock).not.toHaveBeenCalled()
+    expect(captured?.mcpServers).toBeUndefined()
+  })
+
+  it('emits RUN_ERROR for client-side tools (no execute)', async () => {
+    const chunks = await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'client_only',
+              description: 'runs in browser',
+              inputSchema: { type: 'object', properties: {} },
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(startSessionMock).not.toHaveBeenCalled()
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+    expect((chunks.at(-1) as { message: string }).message).toMatch(
+      /client-side/i,
+    )
+  })
+
+  it('emits RUN_ERROR for approval-gated tools', async () => {
+    const chunks = await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({
+          tools: [
+            {
+              name: 'needs_ok',
+              description: 'requires approval',
+              inputSchema: { type: 'object', properties: {} },
+              execute: async () => 'x',
+              needsApproval: true,
+            } as never,
+          ],
+        }),
+      ),
+    )
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR' })
+  })
+
+  it('aborts the session when the external signal fires', async () => {
+    const controller = new AbortController()
+    controller.abort()
+    await collect(
+      opencodeText(MODEL).chatStream(
+        makeOptions({ abortController: controller }),
+      ),
+    )
+    expect(abortMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('emits RUN_ERROR when the prompt turn rejects', async () => {
+    promptMock.mockRejectedValueOnce(new Error('boom'))
+    const chunks = await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_ERROR', message: 'boom' })
+    expect(disposeMock).toHaveBeenCalledTimes(1)
+  })
+
+  it('emits RUN_ERROR when starting the session throws', async () => {
+    startSessionMock.mockRejectedValueOnce(new Error('serve failed'))
+    const chunks = await collect(opencodeText(MODEL).chatStream(makeOptions()))
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'serve failed',
+    })
+  })
+})
+
+describe('structuredOutput', () => {
+  it('parses the final message text and reports usage', async () => {
+    promptMock.mockResolvedValueOnce({
+      message: {
+        id: 'm1',
+        role: 'assistant',
+        finish: 'stop',
+        tokens: { input: 7, output: 3 },
+      },
+      text: '{"answer":42}',
+    })
+    const result = await opencodeText(MODEL).structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: {
+        type: 'object',
+        properties: { answer: { type: 'number' } },
+      },
+    })
+    expect(result.data).toEqual({ answer: 42 })
+    expect(result.rawText).toBe('{"answer":42}')
+    expect(result.usage).toMatchObject({ promptTokens: 7, completionTokens: 3 })
+  })
+
+  it('strips markdown fences from the model output', async () => {
+    promptMock.mockResolvedValueOnce({
+      message: { id: 'm1', role: 'assistant', finish: 'stop' },
+      text: '```json\n{"ok":true}\n```',
+    })
+    const result = await opencodeText(MODEL).structuredOutput({
+      chatOptions: makeOptions(),
+      outputSchema: { type: 'object' },
+    })
+    expect(result.data).toEqual({ ok: true })
+  })
+
+  it('runs a fresh session even when a sessionId is supplied', async () => {
+    promptMock.mockResolvedValueOnce({
+      message: { id: 'm1', role: 'assistant', finish: 'stop' },
+      text: '{}',
+    })
+    await opencodeText(MODEL).structuredOutput({
+      chatOptions: makeOptions({ modelOptions: { sessionId: 'sess-live' } }),
+      outputSchema: { type: 'object' },
+    })
+    expect(captured?.resumeSessionId).toBeUndefined()
+  })
+
+  it('throws a descriptive error when the message carries an error', async () => {
+    promptMock.mockResolvedValueOnce({
+      message: {
+        id: 'm1',
+        role: 'assistant',
+        error: { name: 'ProviderAuthError', data: { message: 'no key' } },
+      },
+      text: '',
+    })
+    await expect(
+      opencodeText(MODEL).structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/no key/)
+  })
+
+  it('throws when the run ends without any text', async () => {
+    promptMock.mockResolvedValueOnce({
+      message: { id: 'm1', role: 'assistant', finish: 'stop' },
+      text: '   ',
+    })
+    await expect(
+      opencodeText(MODEL).structuredOutput({
+        chatOptions: makeOptions(),
+        outputSchema: { type: 'object' },
+      }),
+    ).rejects.toThrow(/without a response/)
+  })
+})
diff --git a/packages/ai-opencode/tests/translate.test.ts b/packages/ai-opencode/tests/translate.test.ts
new file mode 100644
index 000000000..0b48da075
--- /dev/null
+++ b/packages/ai-opencode/tests/translate.test.ts
@@ -0,0 +1,410 @@
+import { describe, expect, it } from 'vitest'
+import {
+  SESSION_ID_EVENT,
+  TODO_EVENT,
+  resolveToolName,
+  translateOpencodeStream,
+} from '../src/stream/translate'
+import type { TranslateContext } from '../src/stream/translate'
+import type {
+  OpencodeAssistantMessage,
+  OpencodeStreamEvent,
+} from '../src/stream/sdk-types'
+import type { StreamChunk } from '@tanstack/ai'
+
+function makeCtx(overrides: Partial<TranslateContext> = {}): TranslateContext {
+  let id = 0
+  return {
+    model: 'anthropic/claude-sonnet-4-5',
+    runId: 'run-1',
+    threadId: 'thread-1',
+    genId: () => `gen-${++id}`,
+    ...overrides,
+  }
+}
+
+async function* fromArray(
+  events: Array<OpencodeStreamEvent>,
+): AsyncIterable<OpencodeStreamEvent> {
+  for (const event of events) yield event
+}
+
+async function collect(
+  events: Array<OpencodeStreamEvent>,
+  ctx: TranslateContext = makeCtx(),
+): Promise<Array<StreamChunk>> {
+  const chunks: Array<StreamChunk> = []
+  for await (const chunk of translateOpencodeStream(fromArray(events), ctx)) {
+    chunks.push(chunk)
+  }
+  return chunks
+}
+
+const session: OpencodeStreamEvent = { kind: 'session', sessionId: 'sess-1' }
+
+function done(
+  overrides: Partial<OpencodeAssistantMessage> = {},
+): OpencodeStreamEvent {
+  return {
+    kind: 'done',
+    message: { id: 'msg-1', role: 'assistant', finish: 'stop', ...overrides },
+  }
+}
+
+function textPart(
+  id: string,
+  text: string,
+  delta?: string,
+): OpencodeStreamEvent {
+  return {
+    kind: 'event',
+    event: {
+      type: 'message.part.updated',
+      properties: {
+        part: { id, sessionID: 'sess-1', type: 'text', text },
+        ...(delta !== undefined && { delta }),
+      },
+    },
+  }
+}
+
+describe('translateOpencodeStream', () => {
+  it('translates a simple text turn', async () => {
+    const chunks = await collect([
+      session,
+      textPart('part-1', 'hi there', 'hi there'),
+      done(),
+    ])
+
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TEXT_MESSAGE_START',
+      'TEXT_MESSAGE_CONTENT',
+      'TEXT_MESSAGE_END',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[1]).toMatchObject({
+      name: SESSION_ID_EVENT,
+      value: { sessionId: 'sess-1' },
+    })
+    expect(chunks[3]).toMatchObject({ delta: 'hi there', content: 'hi there' })
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'stop' })
+  })
+
+  it('accumulates incremental text deltas', async () => {
+    const chunks = await collect([
+      session,
+      textPart('part-1', 'Hel', 'Hel'),
+      textPart('part-1', 'Hello', 'lo'),
+      done(),
+    ])
+    const contents = chunks.filter((c) => c.type === 'TEXT_MESSAGE_CONTENT')
+    expect(contents).toHaveLength(2)
+    expect(contents[0]).toMatchObject({ delta: 'Hel', content: 'Hel' })
+    expect(contents[1]).toMatchObject({ delta: 'lo', content: 'Hello' })
+    // A single START/END pair for the one part id.
+    expect(chunks.filter((c) => c.type === 'TEXT_MESSAGE_START')).toHaveLength(
+      1,
+    )
+    expect(chunks.filter((c) => c.type === 'TEXT_MESSAGE_END')).toHaveLength(1)
+  })
+
+  it('derives the delta from full-text snapshots when no delta is given', async () => {
+    const chunks = await collect([
+      session,
+      textPart('part-1', 'Hel'),
+      textPart('part-1', 'Hello'),
+      done(),
+    ])
+    const contents = chunks.filter((c) => c.type === 'TEXT_MESSAGE_CONTENT')
+    expect(contents[0]).toMatchObject({ delta: 'Hel' })
+    expect(contents[1]).toMatchObject({ delta: 'lo', content: 'Hello' })
+  })
+
+  it('reports usage with cache and reasoning details', async () => {
+    const chunks = await collect([
+      session,
+      done({
+        tokens: {
+          input: 100,
+          output: 20,
+          reasoning: 5,
+          cache: { read: 40, write: 0 },
+        },
+      }),
+    ])
+    const finished = chunks.at(-1) as unknown as {
+      usage: Record<string, unknown>
+    }
+    expect(finished.usage).toMatchObject({
+      promptTokens: 100,
+      completionTokens: 20,
+      totalTokens: 120,
+      promptTokensDetails: { cachedTokens: 40 },
+      completionTokensDetails: { reasoningTokens: 5 },
+    })
+  })
+
+  it('maps a length finish to finishReason length', async () => {
+    const chunks = await collect([session, done({ finish: 'length' })])
+    expect(chunks.at(-1)).toMatchObject({ finishReason: 'length' })
+  })
+
+  it('translates a reasoning part into a reasoning sequence', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'event',
+        event: {
+          type: 'message.part.updated',
+          properties: {
+            part: {
+              id: 'r-1',
+              sessionID: 'sess-1',
+              type: 'reasoning',
+              text: 'thinking',
+            },
+            delta: 'thinking',
+          },
+        },
+      },
+      done(),
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'REASONING_START',
+      'REASONING_MESSAGE_START',
+      'REASONING_MESSAGE_CONTENT',
+      'REASONING_MESSAGE_END',
+      'REASONING_END',
+      'RUN_FINISHED',
+    ])
+  })
+
+  function toolEvent(
+    callID: string,
+    tool: string,
+    state: Record<string, unknown>,
+  ): OpencodeStreamEvent {
+    return {
+      kind: 'event',
+      event: {
+        type: 'message.part.updated',
+        properties: {
+          part: {
+            id: `part-${callID}`,
+            sessionID: 'sess-1',
+            type: 'tool',
+            callID,
+            tool,
+            state: state as never,
+          },
+        },
+      },
+    }
+  }
+
+  it('pairs a tool call across running and completed states', async () => {
+    const chunks = await collect([
+      session,
+      toolEvent('call-1', 'bash', {
+        status: 'running',
+        input: { command: 'ls' },
+      }),
+      toolEvent('call-1', 'bash', {
+        status: 'completed',
+        input: { command: 'ls' },
+        output: 'file.txt',
+        title: 'ls',
+      }),
+      done(),
+    ])
+    expect(chunks.map((c) => c.type)).toEqual([
+      'RUN_STARTED',
+      'CUSTOM',
+      'TOOL_CALL_START',
+      'TOOL_CALL_ARGS',
+      'TOOL_CALL_END',
+      'TOOL_CALL_RESULT',
+      'RUN_FINISHED',
+    ])
+    expect(chunks[2]).toMatchObject({
+      toolCallId: 'call-1',
+      toolCallName: 'bash',
+    })
+    expect(chunks[3]).toMatchObject({ args: JSON.stringify({ command: 'ls' }) })
+    expect(chunks[5]).toMatchObject({ content: 'file.txt' })
+    expect((chunks[5] as { state?: string }).state).toBeUndefined()
+  })
+
+  it('marks tool errors as output-error', async () => {
+    const chunks = await collect([
+      session,
+      toolEvent('call-2', 'bash', {
+        status: 'error',
+        input: { command: 'false' },
+        error: 'exit 1',
+      }),
+      done(),
+    ])
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      content: 'exit 1',
+      state: 'output-error',
+    })
+  })
+
+  it('does not duplicate START events across repeated tool updates', async () => {
+    const chunks = await collect([
+      session,
+      toolEvent('call-3', 'read', { status: 'pending', input: {} }),
+      toolEvent('call-3', 'read', { status: 'running', input: { path: 'a' } }),
+      toolEvent('call-3', 'read', {
+        status: 'completed',
+        input: { path: 'a' },
+        output: 'data',
+        title: 'read a',
+      }),
+      done(),
+    ])
+    expect(chunks.filter((c) => c.type === 'TOOL_CALL_START')).toHaveLength(1)
+    expect(chunks.filter((c) => c.type === 'TOOL_CALL_RESULT')).toHaveLength(1)
+  })
+
+  it('surfaces bridged MCP tool calls under the registered name', async () => {
+    const chunks = await collect(
+      [
+        session,
+        toolEvent('call-4', 'tanstack_lookup_user', {
+          status: 'completed',
+          input: { userId: '7' },
+          output: '{"name":"Ada"}',
+          title: 'lookup_user',
+        }),
+        done(),
+      ],
+      makeCtx({ bridgedToolNames: new Set(['lookup_user']) }),
+    )
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_START')).toMatchObject({
+      toolCallName: 'lookup_user',
+    })
+    expect(chunks.find((c) => c.type === 'TOOL_CALL_RESULT')).toMatchObject({
+      content: '{"name":"Ada"}',
+    })
+  })
+
+  it('synthesizes interrupted results for unresolved tool calls on done', async () => {
+    const chunks = await collect([
+      session,
+      toolEvent('call-9', 'bash', {
+        status: 'running',
+        input: { command: 'sleep 100' },
+      }),
+      done(),
+    ])
+    const result = chunks.find((c) => c.type === 'TOOL_CALL_RESULT')
+    expect(result).toMatchObject({
+      toolCallId: 'call-9',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+    expect(chunks.at(-1)).toMatchObject({ type: 'RUN_FINISHED' })
+  })
+
+  it('maps a message error to RUN_ERROR', async () => {
+    const chunks = await collect([
+      session,
+      done({
+        finish: undefined,
+        error: { name: 'ProviderAuthError', data: { message: 'no key' } },
+      }),
+    ])
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'RUN_ERROR',
+      message: 'no key',
+    })
+  })
+
+  it('emits a todo CUSTOM event', async () => {
+    const chunks = await collect([
+      session,
+      {
+        kind: 'event',
+        event: {
+          type: 'todo.updated',
+          properties: {
+            sessionID: 'sess-1',
+            todos: [{ content: 'step 1', status: 'pending' }],
+          },
+        },
+      },
+      done(),
+    ])
+    expect(
+      chunks.find((c) => c.type === 'CUSTOM' && c.name === TODO_EVENT),
+    ).toBeDefined()
+  })
+
+  it('forwards raw stream events to onStreamEvent', async () => {
+    const kinds: Array<string> = []
+    await collect(
+      [session, textPart('p', 'hi', 'hi'), done()],
+      makeCtx({ onStreamEvent: (event) => kinds.push(event.kind) }),
+    )
+    expect(kinds).toEqual(['session', 'event', 'done'])
+  })
+
+  it('synthesizes results then rethrows when the source stream throws', async () => {
+    async function* failing(): AsyncIterable<OpencodeStreamEvent> {
+      yield session
+      yield {
+        kind: 'event',
+        event: {
+          type: 'message.part.updated',
+          properties: {
+            part: {
+              id: 'p-c',
+              sessionID: 'sess-1',
+              type: 'tool',
+              callID: 'call-7',
+              tool: 'bash',
+              state: { status: 'running', input: {} } as never,
+            },
+          },
+        },
+      }
+      throw new Error('aborted')
+    }
+
+    const chunks: Array<StreamChunk> = []
+    await expect(async () => {
+      for await (const chunk of translateOpencodeStream(failing(), makeCtx())) {
+        chunks.push(chunk)
+      }
+    }).rejects.toThrow('aborted')
+    expect(chunks.at(-1)).toMatchObject({
+      type: 'TOOL_CALL_RESULT',
+      toolCallId: 'call-7',
+      content: JSON.stringify({ status: 'interrupted' }),
+    })
+  })
+})
+
+describe('resolveToolName', () => {
+  it('returns the tool name verbatim without bridged names', () => {
+    expect(resolveToolName('bash', undefined)).toBe('bash')
+    expect(resolveToolName('edit', new Set())).toBe('edit')
+  })
+
+  it('strips the tanstack_ prefix for bridged tools', () => {
+    const bridged = new Set(['lookup_user'])
+    expect(resolveToolName('tanstack_lookup_user', bridged)).toBe('lookup_user')
+    expect(resolveToolName('lookup_user', bridged)).toBe('lookup_user')
+  })
+
+  it('leaves foreign tool names untouched', () => {
+    expect(
+      resolveToolName('github_create_issue', new Set(['lookup_user'])),
+    ).toBe('github_create_issue')
+  })
+})
diff --git a/packages/ai-opencode/tsconfig.json b/packages/ai-opencode/tsconfig.json
new file mode 100644
index 000000000..c38689f4e
--- /dev/null
+++ b/packages/ai-opencode/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "dist"
+  },
+  "include": ["src", "tests"],
+  "exclude": ["node_modules", "dist"]
+}
diff --git a/packages/ai-opencode/vite.config.ts b/packages/ai-opencode/vite.config.ts
new file mode 100644
index 000000000..11f5b20b7
--- /dev/null
+++ b/packages/ai-opencode/vite.config.ts
@@ -0,0 +1,37 @@
+import { defineConfig, mergeConfig } from 'vitest/config'
+import { tanstackViteConfig } from '@tanstack/vite-config'
+import packageJson from './package.json'
+
+const config = defineConfig({
+  test: {
+    name: packageJson.name,
+    dir: './',
+    watch: false,
+
+    globals: true,
+    environment: 'node',
+    include: ['tests/**/*.test.ts'],
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'json', 'html', 'lcov'],
+      exclude: [
+        'node_modules/',
+        'dist/',
+        'tests/',
+        '**/*.test.ts',
+        '**/*.config.ts',
+        '**/types.ts',
+      ],
+      include: ['src/**/*.ts'],
+    },
+  },
+})
+
+export default mergeConfig(
+  config,
+  tanstackViteConfig({
+    entry: ['./src/index.ts'],
+    srcDir: './src',
+    cjs: false,
+  }),
+)
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index daec47674..2fbe11b36 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -105,6 +105,46 @@ importers:
         specifier: ^4.0.14
         version: 4.1.4(@opentelemetry/api@1.9.1)(@types/node@24.10.3)(happy-dom@20.0.11)(jsdom@27.3.0(postcss@8.5.15))(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
 
+  examples/coco:
+    dependencies:
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../../packages/ai
+      '@tanstack/ai-claude-code':
+        specifier: workspace:*
+        version: link:../../packages/ai-claude-code
+      '@tanstack/ai-client':
+        specifier: workspace:*
+        version: link:../../packages/ai-client
+      '@tanstack/ai-codex':
+        specifier: workspace:*
+        version: link:../../packages/ai-codex
+      '@tanstack/ai-gemini-cli':
+        specifier: workspace:*
+        version: link:../../packages/ai-gemini-cli
+      '@tanstack/ai-opencode':
+        specifier: workspace:*
+        version: link:../../packages/ai-opencode
+      http-proxy:
+        specifier: ^1.18.1
+        version: 1.18.1
+      tsx:
+        specifier: ^4.21.0
+        version: 4.21.0
+    devDependencies:
+      '@types/http-proxy':
+        specifier: ^1.17.17
+        version: 1.17.17
+      '@types/node':
+        specifier: ^24.10.1
+        version: 24.10.3
+      typescript:
+        specifier: 5.9.3
+        version: 5.9.3
+      vite:
+        specifier: ^7.3.3
+        version: 7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2)
+
   examples/ts-angular-chat:
     dependencies:
       '@angular/common':
@@ -541,6 +581,79 @@ importers:
         specifier: ^5.1.0
         version: 5.1.0
 
+  examples/ts-react-coding-agent:
+    dependencies:
+      '@tailwindcss/vite':
+        specifier: ^4.1.18
+        version: 4.1.18(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../../packages/ai
+      '@tanstack/ai-claude-code':
+        specifier: workspace:*
+        version: link:../../packages/ai-claude-code
+      '@tanstack/ai-client':
+        specifier: workspace:*
+        version: link:../../packages/ai-client
+      '@tanstack/ai-codex':
+        specifier: workspace:*
+        version: link:../../packages/ai-codex
+      '@tanstack/ai-gemini-cli':
+        specifier: workspace:*
+        version: link:../../packages/ai-gemini-cli
+      '@tanstack/ai-opencode':
+        specifier: workspace:*
+        version: link:../../packages/ai-opencode
+      '@tanstack/ai-react':
+        specifier: workspace:*
+        version: link:../../packages/ai-react
+      '@tanstack/nitro-v2-vite-plugin':
+        specifier: ^1.154.7
+        version: 1.154.7(rolldown@1.0.0-rc.17)(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      '@tanstack/react-router':
+        specifier: ^1.158.4
+        version: 1.159.5(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+      '@tanstack/react-start':
+        specifier: ^1.159.0
+        version: 1.159.5(crossws@0.4.5(srvx@0.11.15))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(vite-plugin-solid@2.11.10(solid-js@1.9.10)(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2)))(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      '@tanstack/router-plugin':
+        specifier: ^1.158.4
+        version: 1.159.5(@tanstack/react-router@1.159.5(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(vite-plugin-solid@2.11.10(solid-js@1.9.10)(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2)))(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      react:
+        specifier: ^19.2.3
+        version: 19.2.3
+      react-dom:
+        specifier: ^19.2.3
+        version: 19.2.3(react@19.2.3)
+      tailwindcss:
+        specifier: ^4.1.18
+        version: 4.1.18
+      vite-tsconfig-paths:
+        specifier: ^5.1.4
+        version: 5.1.4(typescript@5.9.3)(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      zod:
+        specifier: ^4.2.0
+        version: 4.3.6
+    devDependencies:
+      '@types/node':
+        specifier: ^24.10.1
+        version: 24.10.3
+      '@types/react':
+        specifier: ^19.2.7
+        version: 19.2.7
+      '@types/react-dom':
+        specifier: ^19.2.3
+        version: 19.2.3(@types/react@19.2.7)
+      '@vitejs/plugin-react':
+        specifier: ^5.1.2
+        version: 5.1.2(vite@7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+      typescript:
+        specifier: 5.9.3
+        version: 5.9.3
+      vite:
+        specifier: ^7.3.3
+        version: 7.3.3(@types/node@24.10.3)(jiti@2.6.1)(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2)
+
   examples/ts-react-media:
     dependencies:
       '@tailwindcss/vite':
@@ -1154,6 +1267,22 @@ importers:
         specifier: ^4.2.0
         version: 4.2.1
 
+  packages/ai-claude-code:
+    dependencies:
+      '@anthropic-ai/claude-agent-sdk':
+        specifier: ^0.3.176
+        version: 0.3.178(@anthropic-ai/sdk@0.97.1(zod@4.3.6))(@modelcontextprotocol/sdk@1.29.0(zod@4.3.6))(zod@4.3.6)
+      '@modelcontextprotocol/sdk':
+        specifier: ^1.29.0
+        version: 1.29.0(zod@4.3.6)
+    devDependencies:
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../ai
+      '@vitest/coverage-v8':
+        specifier: 4.0.14
+        version: 4.0.14(vitest@4.0.14(@opentelemetry/api@1.9.1)(@types/node@24.10.3)(happy-dom@20.0.11)(jiti@2.6.1)(jsdom@27.3.0(postcss@8.5.15))(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+
   packages/ai-client:
     dependencies:
       '@tanstack/ai':
@@ -1269,6 +1398,22 @@ importers:
         specifier: ^4.21.0
         version: 4.21.0
 
+  packages/ai-codex:
+    dependencies:
+      '@modelcontextprotocol/sdk':
+        specifier: ^1.29.0
+        version: 1.29.0(zod@4.3.6)
+      '@openai/codex-sdk':
+        specifier: ^0.139.0
+        version: 0.139.0
+    devDependencies:
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../ai
+      '@vitest/coverage-v8':
+        specifier: 4.0.14
+        version: 4.0.14(vitest@4.0.14(@opentelemetry/api@1.9.1)(@types/node@24.10.3)(happy-dom@20.0.11)(jiti@2.6.1)(jsdom@27.3.0(postcss@8.5.15))(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+
   packages/ai-devtools:
     dependencies:
       '@tanstack/ai':
@@ -1385,6 +1530,22 @@ importers:
         specifier: ^4.2.0
         version: 4.3.6
 
+  packages/ai-gemini-cli:
+    dependencies:
+      '@agentclientprotocol/sdk':
+        specifier: ^0.25.0
+        version: 0.25.1(zod@4.3.6)
+      '@modelcontextprotocol/sdk':
+        specifier: ^1.29.0
+        version: 1.29.0(zod@4.3.6)
+    devDependencies:
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../ai
+      '@vitest/coverage-v8':
+        specifier: 4.0.14
+        version: 4.0.14(vitest@4.0.14(@opentelemetry/api@1.9.1)(@types/node@24.10.3)(happy-dom@20.0.11)(jiti@2.6.1)(jsdom@27.3.0(postcss@8.5.15))(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+
   packages/ai-grok:
     dependencies:
       '@tanstack/ai-utils':
@@ -1555,6 +1716,22 @@ importers:
         specifier: ^4.2.0
         version: 4.3.6
 
+  packages/ai-opencode:
+    dependencies:
+      '@modelcontextprotocol/sdk':
+        specifier: ^1.29.0
+        version: 1.29.0(zod@4.3.6)
+      '@opencode-ai/sdk':
+        specifier: ^1.17.4
+        version: 1.17.7
+    devDependencies:
+      '@tanstack/ai':
+        specifier: workspace:*
+        version: link:../ai
+      '@vitest/coverage-v8':
+        specifier: 4.0.14
+        version: 4.0.14(vitest@4.0.14(@opentelemetry/api@1.9.1)(@types/node@24.10.3)(happy-dom@20.0.11)(jiti@2.6.1)(jsdom@27.3.0(postcss@8.5.15))(less@4.6.6)(lightningcss@1.30.2)(sass@1.101.0)(terser@5.44.1)(tsx@4.21.0)(yaml@2.8.2))
+
   packages/ai-openrouter:
     dependencies:
       '@openrouter/sdk':
@@ -1975,6 +2152,9 @@ importers:
       '@tanstack/ai-anthropic':
         specifier: workspace:*
         version: link:../../packages/ai-anthropic
+      '@tanstack/ai-claude-code':
+        specifier: workspace:*
+        version: link:../../packages/ai-claude-code
       '@tanstack/ai-client':
         specifier: workspace:*
         version: link:../../packages/ai-client
@@ -2239,6 +2419,11 @@ packages:
   '@ag-ui/core@0.0.52':
     resolution: {integrity: sha512-Xo0bUaNV56EqylzcrAuhUkQX7et7+SZIrqZZtEByGwEq/I1EHny6ZMkWHLkKR7UNi0FJZwJyhKYmKJS3B2SEgA==}
 
+  '@agentclientprotocol/sdk@0.25.1':
+    resolution: {integrity: sha512-jx2rF3bdpGwZ75Q/meyEDLLbYmbtxk82Uh9hDCdxDvcEedBnNSF5hZAnL/kJR5VNz56JqwOmqnAqasC84MwwkQ==}
+    peerDependencies:
+      zod: ^3.25.0 || ^4.0.0
+
   '@ampproject/remapping@2.3.0':
     resolution: {integrity: sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==}
     engines: {node: '>=6.0.0'}
@@ -2378,6 +2563,58 @@ packages:
       '@angular/animations':
         optional: true
 
+  '@anthropic-ai/claude-agent-sdk-darwin-arm64@0.3.178':
+    resolution: {integrity: sha512-RmIJRoZfjwcrd7cHR3fJOL1d4L8SN7oB0REcQPbIuPM1vav2Ft3g5hBX7I86u52A4LLFKBc3SMom3+E6lR1YtQ==}
+    cpu: [arm64]
+    os: [darwin]
+
+  '@anthropic-ai/claude-agent-sdk-darwin-x64@0.3.178':
+    resolution: {integrity: sha512-wfNl7JoaUk9IzKWQPr+hyEOX8qnkM+e4GBZnKISh60xVhW9wOOp5RdfnYj5MoJzaLYivMSCbo5rb4ThWguhOMw==}
+    cpu: [x64]
+    os: [darwin]
+
+  '@anthropic-ai/claude-agent-sdk-linux-arm64-musl@0.3.178':
+    resolution: {integrity: sha512-Z3U0fNatVK3vkki3e5sjlLJMjros+cT6uq//tdohB2kjNK1CugUuPQFQxd6GU1Lq1DokmdSEPL4OGdKiHckNdQ==}
+    cpu: [arm64]
+    os: [linux]
+    libc: [musl]
+
+  '@anthropic-ai/claude-agent-sdk-linux-arm64@0.3.178':
+    resolution: {integrity: sha512-ktBU6EdJoZivf67AxRXe2uSwj0g5tCe20So9QvWVKuEEtRA4sXW5EpgxSWT6LXkgfwUoeNsJK7VAOuVjZumKmg==}
+    cpu: [arm64]
+    os: [linux]
+    libc: [glibc]
+
+  '@anthropic-ai/claude-agent-sdk-linux-x64-musl@0.3.178':
+    resolution: {integrity: sha512-K84Ybyr0Olsslg2I1Tzd7KIcSkZgFqqDHn7q1Dfqi7bXVxjMjJ4SaV+LnEAeHSM2es7H8A7ejoTEl89xMZde4Q==}
+    cpu: [x64]
+    os: [linux]
+    libc: [musl]
+
+  '@anthropic-ai/claude-agent-sdk-linux-x64@0.3.178':
+    resolution: {integrity: sha512-CPTivDz27LMn5m9iQnJSoWkztLo41e8QTbuYKlAC+CTr98gaYy3Mao0M2tirEK/nGno0xRJw/EpZ1G61yEM3yw==}
+    cpu: [x64]
+    os: [linux]
+    libc: [glibc]
+
+  '@anthropic-ai/claude-agent-sdk-win32-arm64@0.3.178':
+    resolution: {integrity: sha512-uKH3vgv7cQV3d9BPU4lrUKrFgoU/flmy/1QI62j9JzgE6uWVQKWC+BI4V7iceJ36tYVneRhjjuux+l+Q8egTHA==}
+    cpu: [arm64]
+    os: [win32]
+
+  '@anthropic-ai/claude-agent-sdk-win32-x64@0.3.178':
+    resolution: {integrity: sha512-wSC5qG6UA1laWGylOU7axuC4NQxZJtibGQ79sYeOQCc05G7CfkUKSzszLOzsPP3eK63cKi/bX5PA6dd4nA5Wow==}
+    cpu: [x64]
+    os: [win32]
+
+  '@anthropic-ai/claude-agent-sdk@0.3.178':
+    resolution: {integrity: sha512-PNsz20jWuahDWq7OU+pjrgYzr2TnpC1oj5yCZDxGWJ8OvucXIdD2AYlf/vUo7oE2JJwGbMTBFqXErNrfPi6Ffw==}
+    engines: {node: '>=18.0.0'}
+    peerDependencies:
+      '@anthropic-ai/sdk': '>=0.93.0'
+      '@modelcontextprotocol/sdk': ^1.29.0
+      zod: ^4.0.0
+
   '@anthropic-ai/sdk@0.97.1':
     resolution: {integrity: sha512-wOf7AUeJPitcVpvKO4UMu63mWH5SaVipkGd7OOQJt/G6VYGlV8D2Gp9dLxOrttDJh/9gqPqdaBwDGcBevumeAg==}
     hasBin: true
@@ -4863,6 +5100,54 @@ packages:
     resolution: {integrity: sha512-T8TbSnGsxo6TDBJx/Sgv/BlVJL3tshxZP7Aq5R1mSnM5OcHY2dQaxLMu2+E8u3gN0MLOzdjurqN4ZRVuzQycOQ==}
     engines: {node: '>=8.0'}
 
+  '@openai/codex-sdk@0.139.0':
+    resolution: {integrity: sha512-r4lDckaVx4mVZy1v/7ykEhkeWjVfM/4oGJfhG0AP4+zN3Sa+jcf5hdY4EHfJasofBcp0tIF/7JCKHpv534R+tw==}
+    engines: {node: '>=18'}
+
+  '@openai/codex@0.139.0':
+    resolution: {integrity: sha512-wr2fRE+fzW0CjEbfFsLh1ftarVEcw0CMLWS7QyA0nyOz5qacQPVq3cq2+/U7oEbwm1TOqoi0Fm1nxniB5FkpmA==}
+    engines: {node: '>=16'}
+    hasBin: true
+
+  '@openai/codex@0.139.0-darwin-arm64':
+    resolution: {integrity: sha512-o+0ZKWwgDFMMLO7rwinzO0PQsgK+Vme1pMN2GeAxsX29ZgGZcyPICfpJbeGSUO1mb2a36Skjx6nfdRnxMY0r7w==}
+    engines: {node: '>=16'}
+    cpu: [arm64]
+    os: [darwin]
+
+  '@openai/codex@0.139.0-darwin-x64':
+    resolution: {integrity: sha512-9gkBWzu6DB2rqU4DbpxD3DE5bofGpsK46Lp0h0I+bKWc2IIcxvSi8K2utKmBLoJCbKrn4JQu7dFNGRqEfENung==}
+    engines: {node: '>=16'}
+    cpu: [x64]
+    os: [darwin]
+
+  '@openai/codex@0.139.0-linux-arm64':
+    resolution: {integrity: sha512-tBQE5lZciRHeWZGuURgjP9S717MvTIpQMc593+DNxY2LQxozkngOkzFSQd1+/UmQKGrCqdFLu5irIwPXpSZyEw==}
+    engines: {node: '>=16'}
+    cpu: [arm64]
+    os: [linux]
+
+  '@openai/codex@0.139.0-linux-x64':
+    resolution: {integrity: sha512-14UgzDS+X4crkvdt6S02A/ZZOrS8ZyWiuTRpguCtnhNamb7unSuDxy86BWgpAl3sqiTaN2CP8VLyp2ohQ8Nbzw==}
+    engines: {node: '>=16'}
+    cpu: [x64]
+    os: [linux]
+
+  '@openai/codex@0.139.0-win32-arm64':
+    resolution: {integrity: sha512-nlwRjsYotH1Rtqu/Q0VwQbIeO2UX1mkHK84Ov9qn/hl29QqqoBtno0tRyqIPbkXFIVQuWiAYXlV3ugLwH5fTrQ==}
+    engines: {node: '>=16'}
+    cpu: [arm64]
+    os: [win32]
+
+  '@openai/codex@0.139.0-win32-x64':
+    resolution: {integrity: sha512-lQrVLNz+90wdvWVNFDvCkHQRiAK9ZllmkTka3c8eqSDqdJk35Gpgppfv9Xtw5M2ZBtTq0sBdWBiCMyzGDBSpmQ==}
+    engines: {node: '>=16'}
+    cpu: [x64]
+    os: [win32]
+
+  '@opencode-ai/sdk@1.17.7':
+    resolution: {integrity: sha512-7q7StGM+N0OwUgRsmDc8Gyz3hMIH1XGig+qZ4lzWUpmSgFEjLx8U7R14GXY7KiMJVdbVf6FeaYloRz2Rcsma4A==}
+
   '@openrouter/sdk@0.12.35':
     resolution: {integrity: sha512-s4QVLLnG1AmfW3TjnnHUqGfsCkzwVK+kboGcZmKbde09m1DPqgzl4RUFt/HJ5v97MX8aEaN0UG3mKv2S+qj2Gw==}
 
@@ -7801,6 +8086,9 @@ packages:
   '@types/hast@3.0.4':
     resolution: {integrity: sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ==}
 
+  '@types/http-proxy@1.17.17':
+    resolution: {integrity: sha512-ED6LB+Z1AVylNTu7hdzuBqOgMnvG/ld6wGCG8wFnAzKX5uyW2K3WD52v0gnLCTK/VLpXtKckgWuyScYK6cSPaw==}
+
   '@types/istanbul-lib-coverage@2.0.6':
     resolution: {integrity: sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w==}
 
@@ -10586,10 +10874,6 @@ packages:
     resolution: {integrity: sha512-tAAg/72/VxOUW7RQSX1pIxJVucYKcjFjfvj60L57jrZpYCHC3XN0WCQ3sNYL4Gmvv+7GPvTAjc+KSdeNuE8oWQ==}
     engines: {node: '>=12.22.0'}
 
-  ip-address@10.1.0:
-    resolution: {integrity: sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==}
-    engines: {node: '>= 12'}
-
   ip-address@10.2.0:
     resolution: {integrity: sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==}
     engines: {node: '>= 12'}
@@ -14867,6 +15151,10 @@ snapshots:
     dependencies:
       zod: 3.25.76
 
+  '@agentclientprotocol/sdk@0.25.1(zod@4.3.6)':
+    dependencies:
+      zod: 4.3.6
+
   '@ampproject/remapping@2.3.0':
     dependencies:
       '@jridgewell/gen-mapping': 0.3.13
@@ -15075,6 +15363,45 @@ snapshots:
       '@angular/core': 21.2.17(@angular/compiler@21.2.17)(rxjs@7.8.2)(zone.js@0.15.1)
       tslib: 2.8.1
 
+  '@anthropic-ai/claude-agent-sdk-darwin-arm64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-darwin-x64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-linux-arm64-musl@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-linux-arm64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-linux-x64-musl@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-linux-x64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-win32-arm64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk-win32-x64@0.3.178':
+    optional: true
+
+  '@anthropic-ai/claude-agent-sdk@0.3.178(@anthropic-ai/sdk@0.97.1(zod@4.3.6))(@modelcontextprotocol/sdk@1.29.0(zod@4.3.6))(zod@4.3.6)':
+    dependencies:
+      '@anthropic-ai/sdk': 0.97.1(zod@4.3.6)
+      '@modelcontextprotocol/sdk': 1.29.0(zod@4.3.6)
+      zod: 4.3.6
+    optionalDependencies:
+      '@anthropic-ai/claude-agent-sdk-darwin-arm64': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-darwin-x64': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-linux-arm64': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-linux-arm64-musl': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-linux-x64': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-linux-x64-musl': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-win32-arm64': 0.3.178
+      '@anthropic-ai/claude-agent-sdk-win32-x64': 0.3.178
+
   '@anthropic-ai/sdk@0.97.1(zod@4.2.1)':
     dependencies:
       json-schema-to-ts: 3.1.1
@@ -15082,6 +15409,13 @@ snapshots:
     optionalDependencies:
       zod: 4.2.1
 
+  '@anthropic-ai/sdk@0.97.1(zod@4.3.6)':
+    dependencies:
+      json-schema-to-ts: 3.1.1
+      standardwebhooks: 1.0.0
+    optionalDependencies:
+      zod: 4.3.6
+
   '@apidevtools/json-schema-ref-parser@11.9.3':
     dependencies:
       '@jsdevtools/ono': 7.1.3
@@ -17705,6 +18039,41 @@ snapshots:
 
   '@oozcitak/util@8.3.8': {}
 
+  '@openai/codex-sdk@0.139.0':
+    dependencies:
+      '@openai/codex': 0.139.0
+
+  '@openai/codex@0.139.0':
+    optionalDependencies:
+      '@openai/codex-darwin-arm64': '@openai/codex@0.139.0-darwin-arm64'
+      '@openai/codex-darwin-x64': '@openai/codex@0.139.0-darwin-x64'
+      '@openai/codex-linux-arm64': '@openai/codex@0.139.0-linux-arm64'
+      '@openai/codex-linux-x64': '@openai/codex@0.139.0-linux-x64'
+      '@openai/codex-win32-arm64': '@openai/codex@0.139.0-win32-arm64'
+      '@openai/codex-win32-x64': '@openai/codex@0.139.0-win32-x64'
+
+  '@openai/codex@0.139.0-darwin-arm64':
+    optional: true
+
+  '@openai/codex@0.139.0-darwin-x64':
+    optional: true
+
+  '@openai/codex@0.139.0-linux-arm64':
+    optional: true
+
+  '@openai/codex@0.139.0-linux-x64':
+    optional: true
+
+  '@openai/codex@0.139.0-win32-arm64':
+    optional: true
+
+  '@openai/codex@0.139.0-win32-x64':
+    optional: true
+
+  '@opencode-ai/sdk@1.17.7':
+    dependencies:
+      cross-spawn: 7.0.6
+
   '@openrouter/sdk@0.12.35':
     dependencies:
       zod: 4.3.6
@@ -21086,6 +21455,10 @@ snapshots:
     dependencies:
       '@types/unist': 3.0.3
 
+  '@types/http-proxy@1.17.17':
+    dependencies:
+      '@types/node': 24.10.3
+
   '@types/istanbul-lib-coverage@2.0.6': {}
 
   '@types/istanbul-lib-report@3.0.3':
@@ -24417,8 +24790,6 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
-  ip-address@10.1.0: {}
-
   ip-address@10.2.0: {}
 
   ipaddr.js@1.9.1: {}
@@ -28001,7 +28372,7 @@ snapshots:
 
   socks@2.8.7:
     dependencies:
-      ip-address: 10.1.0
+      ip-address: 10.2.0
       smart-buffer: 4.2.0
 
   solid-js@1.9.10:
diff --git a/testing/e2e/README.md b/testing/e2e/README.md
index c75fc5f7f..69a548566 100644
--- a/testing/e2e/README.md
+++ b/testing/e2e/README.md
@@ -6,6 +6,8 @@ End-to-end tests for TanStack AI using Playwright and [aimock](https://github.co
 
 **Providers tested:** openai, anthropic, gemini, ollama, groq, grok, openrouter
 
+> **Claude Code (`@tanstack/ai-claude-code`) is excluded from the standard matrix.** It's a harness adapter that spawns the Claude Code runtime as a subprocess, so aimock's per-test `X-Test-Id` header isolation can't be injected into its requests. It's covered by unit tests in the package plus a gated live smoke test in `tests/claude-code.spec.ts` — run it with `CLAUDE_CODE_E2E=1` and an `ANTHROPIC_API_KEY` (or a local `claude login`).
+
 ## What's tested
 
 ### Provider-coverage tests
diff --git a/testing/e2e/package.json b/testing/e2e/package.json
index 68381f527..bcbe281b0 100644
--- a/testing/e2e/package.json
+++ b/testing/e2e/package.json
@@ -18,6 +18,7 @@
     "@tailwindcss/vite": "^4.1.18",
     "@tanstack/ai": "workspace:*",
     "@tanstack/ai-anthropic": "workspace:*",
+    "@tanstack/ai-claude-code": "workspace:*",
     "@tanstack/ai-client": "workspace:*",
     "@tanstack/ai-elevenlabs": "workspace:*",
     "@tanstack/ai-gemini": "workspace:*",
diff --git a/testing/e2e/tests/claude-code.spec.ts b/testing/e2e/tests/claude-code.spec.ts
new file mode 100644
index 000000000..0a842f1b3
--- /dev/null
+++ b/testing/e2e/tests/claude-code.spec.ts
@@ -0,0 +1,72 @@
+/**
+ * Gated live smoke test for the Claude Code harness adapter.
+ *
+ * The standard e2e matrix mocks providers with aimock via per-test
+ * `X-Test-Id` header isolation. Claude Code spawns its bundled runtime as a
+ * subprocess, so that isolation can't be injected — this adapter is excluded
+ * from the matrix and covered here instead, gated behind CLAUDE_CODE_E2E.
+ *
+ * Run with:
+ *   CLAUDE_CODE_E2E=1 ANTHROPIC_API_KEY=sk-... \
+ *     pnpm --filter @tanstack/ai-e2e test:e2e -- --grep "claude-code"
+ *
+ * (A local `claude login` works in place of ANTHROPIC_API_KEY.)
+ */
+import { expect, test } from '@playwright/test'
+import { chat } from '@tanstack/ai'
+import { claudeCodeText } from '@tanstack/ai-claude-code'
+import type { StreamChunk } from '@tanstack/ai'
+
+test.describe('claude-code harness (gated live smoke)', () => {
+  test.skip(
+    !process.env.CLAUDE_CODE_E2E,
+    'Set CLAUDE_CODE_E2E=1 (plus ANTHROPIC_API_KEY or a local Claude login) to run the Claude Code live smoke test',
+  )
+
+  test('streams a full harness turn with session id and stop finish', async () => {
+    test.setTimeout(180_000)
+
+    const chunks: Array<StreamChunk> = []
+    const stream = chat({
+      adapter: claudeCodeText('haiku', {
+        maxTurns: 2,
+        // Read-only smoke: the default permission policy denies anything
+        // that would prompt, and no tools are bridged.
+        disallowedTools: ['Bash', 'Write', 'Edit'],
+      }),
+      messages: [
+        {
+          role: 'user',
+          content: 'Reply with exactly the word: pong',
+        },
+      ],
+    })
+
+    for await (const chunk of stream) {
+      chunks.push(chunk)
+    }
+
+    const types = chunks.map((chunk) => chunk.type as string)
+    expect(types[0]).toBe('RUN_STARTED')
+
+    const sessionEvent = chunks.find(
+      (chunk) =>
+        chunk.type === 'CUSTOM' &&
+        (chunk as { name?: string }).name === 'claude-code.session-id',
+    )
+    expect(sessionEvent).toBeDefined()
+    expect(
+      (sessionEvent as { value: { sessionId: string } }).value.sessionId,
+    ).toMatch(/.+/)
+
+    const finished = chunks.find((chunk) => chunk.type === 'RUN_FINISHED')
+    expect(finished).toBeDefined()
+    expect((finished as { finishReason?: string }).finishReason).toBe('stop')
+
+    const text = chunks
+      .filter((chunk) => chunk.type === 'TEXT_MESSAGE_CONTENT')
+      .map((chunk) => (chunk as { delta?: string }).delta ?? '')
+      .join('')
+    expect(text.toLowerCase()).toContain('pong')
+  })
+})