- converter: replace rough overhead formula (tools*70+350) with actual
estimateTokens on built few-shot messages + Cursor hidden overhead
(1300 base + perTool by schema_mode); remove 16000 output reservation
- cursor-client: sendCursorRequestFull now returns {text, usage?} to
capture real Cursor inputTokens/outputTokens from messageMetadata
- handler: add estimateCursorReqTokens() and [TokenDiff] log to compare
tiktoken estimate vs actual Cursor usage; fix non-stream retry paths
to update usage from retry result; skip auto-continue when response < 200 chars
- openai-handler: update 4 call sites for new sendCursorRequestFull return type
- config: raise default maxHistoryTokens from 130000 to 150000
- docs/config: remove incorrect 'tiktoken underestimates 10~20%' claim;
update overhead description and reference range to 130000~170000
1. Tool passthrough mode (config: tools.passthrough: true)
- Bypasses multi-namespace few-shot injection
- Embeds raw tool definitions in <tools> tags with minimal 1-shot example
- Cleans conflicting client prompts (provider-native tool calling, XML markup)
- Ideal for Roo Code / Cline clients
2. Enhanced Cursor identity leak sanitization
- New refusal detection patterns for "currently in Cursor context" leaks
- 4 new sanitizeResponse regexes targeting full context leak paragraphs
- Covers "I apologize - it appears I'm in Cursor support assistant context"
3. Enhanced tool_choice=any force message
- Lists available tool names (up to 15) with format example
- Uses collaborative guidance tone to avoid triggering refusal
- Stream and non-stream paths aligned
- Add `thinking.enabled` config option to globally control thinking on/off
- Config priority: env THINKING_ENABLED > config.yaml > client request
- When disabled, removes thinking param even if client requests it
- Applies to both Anthropic and OpenAI format handlers
Cursor no longer validates the x-is-human header, so the entire token
generation pipeline was dead code producing only error logs.
Removed:
- loadScripts(), fetchCursorScript(), generateToken(), replenishPool(),
getXIsHumanToken() and token pool management from cursor-client.ts
- scriptUrl config field and SCRIPT_URL env var support
- unmaskedVendorWebGL/unmaskedRendererWebGL fingerprint fields
- jscode/ script loading (env.js, main.js templates)
- script_url and WebGL fields from config.yaml
Kept:
- Chrome TLS fingerprint headers (user-agent, sec-ch-ua, etc.)
- x-is-human header sent as empty string (Cursor accepts it)
