feat: enable read-only local agent for pro ask mode (#2260)

e2e-tests/fixtures/engine/local-agent/ask-read-file.ts

+import type { LocalAgentFixture } from "../../../../testing/fake-llm-server/localAgentTypes";
+
+export const fixture: LocalAgentFixture = {
+  description: "Read a file in ask mode (read-only)",
+  turns: [
+    {
+      text: "Let me read the file to explain its contents.",
+      toolCalls: [
+        {
+          name: "read_file",
+          args: {
+            path: "src/App.tsx",
+          },
+        },
+      ],
+    },
+    {
+      text: "This is a simple React component that renders a div with the text 'Minimal imported app'. The component is exported as the default export.",
+    },
+  ],
+};

e2e-tests/helpers/test_helper.ts

@@ -40,6 +40,46 @@ function normalizeItemReferences(dump: any): void {
   }
 }
 
+/**
+ * Normalizes tool_call IDs and tool_call_id references to be deterministic.
+ * Tool call IDs have the format "call_[timestamp]_[index]" which changes between runs.
+ */
+function normalizeToolCallIds(dump: any): void {
+  const messages = dump?.body?.messages;
+  if (!Array.isArray(messages)) {
+    return;
+  }
+
+  const oldToNewId: Record<string, string> = {};
+  let toolCallIndex = 0;
+
+  // First pass: collect all tool_call IDs and create mapping
+  for (const message of messages) {
+    if (message?.tool_calls && Array.isArray(message.tool_calls)) {
+      for (const toolCall of message.tool_calls) {
+        if (toolCall?.id && !oldToNewId[toolCall.id]) {
+          oldToNewId[toolCall.id] = `[[TOOL_CALL_${toolCallIndex}]]`;
+          toolCallIndex++;
+        }
+      }
+    }
+  }
+
+  // Second pass: replace all IDs
+  for (const message of messages) {
+    if (message?.tool_calls && Array.isArray(message.tool_calls)) {
+      for (const toolCall of message.tool_calls) {
+        if (toolCall?.id && oldToNewId[toolCall.id]) {
+          toolCall.id = oldToNewId[toolCall.id];
+        }
+      }
+    }
+    if (message?.tool_call_id && oldToNewId[message.tool_call_id]) {
+      message.tool_call_id = oldToNewId[message.tool_call_id];
+    }
+  }
+}
+
 /**
  * Normalizes fileId hashes in versioned_files to be deterministic.
  * FileIds are SHA-256 hashes that may include non-deterministic components
@@ -436,7 +476,7 @@ export class PageObject {
     await this.page.getByTestId("chat-mode-selector").click();
     const mapping = {
       build: "Build Generate and edit code",
-      ask: "Ask",
+      ask: "Ask Ask",
       agent: "Build with MCP",
       "local-agent": "Agent v2",
     };
@@ -856,6 +896,8 @@ export class PageObject {
       normalizeVersionedFiles(parsedDump);
       // Normalize item_reference IDs (e.g., msg_1234567890) to be deterministic
       normalizeItemReferences(parsedDump);
+      // Normalize tool_call IDs (e.g., call_1234567890_0) to be deterministic
+      normalizeToolCallIds(parsedDump);
       expect(
         JSON.stringify(parsedDump, null, 2).replace(/\\r\\n/g, "\\n"),
       ).toMatchSnapshot(name);

e2e-tests/local_agent_ask.spec.ts

+import { testSkipIfWindows } from "./helpers/test_helper";
+
+/**
+ * E2E tests for local-agent in ask mode (read-only mode for Pro users)
+ * Tests that Pro users in ask mode get access to read-only tools
+ */
+
+testSkipIfWindows("local-agent ask mode", async ({ po }) => {
+  await po.setUpDyadPro({ localAgent: true });
+  await po.importApp("minimal");
+
+  // Select ask mode - local agent will be used in read-only mode for Pro users
+  await po.selectChatMode("ask");
+
+  // Test read-only tools work
+  await po.sendPrompt("tc=local-agent/ask-read-file");
+  await po.snapshotMessages();
+
+  // Dump request to verify only read-only tools are provided
+  await po.sendPrompt("[dump]");
+  await po.snapshotServerDump("request");
+});

e2e-tests/snapshots/local_agent_ask.spec.ts_local-agent-ask-mode-1.aria.yml

+- paragraph: /Generate an AI_RULES\.md file for this app\. Describe the tech stack in 5-\d+ bullet points and describe clear rules about what libraries to use for what\./
+- img
+- text: file1.txt
+- button "Edit":
+  - img
+- img
+- text: file1.txt
+- paragraph: More EOM
+- button:
+  - img
+- img
+- text: Approved
+- img
+- text: claude-opus-4-5
+- img
+- text: less than a minute ago
+- button "Request ID":
+  - img
+- paragraph: tc=local-agent/ask-read-file
+- paragraph: Let me read the file to explain its contents.
+- img
+- text: App.tsx Read src/App.tsx
+- paragraph: This is a simple React component that renders a div with the text 'Minimal imported app'. The component is exported as the default export.
+- button:
+  - img
+- img
+- text: claude-opus-4-5
+- img
+- text: less than a minute ago
+- button "Request ID":
+  - img
+- button "Undo":
+  - img
+- button "Retry":
+  - img
\ No newline at end of file

src/ipc/handlers/chat_stream_handlers.ts

@@ -82,7 +82,11 @@ import { inArray } from "drizzle-orm";
 import { replacePromptReference } from "../utils/replacePromptReference";
 import { mcpManager } from "../utils/mcp_manager";
 import z from "zod";
-import { isSupabaseConnected, isTurboEditsV2Enabled } from "@/lib/schemas";
+import {
+  isDyadProEnabled,
+  isSupabaseConnected,
+  isTurboEditsV2Enabled,
+} from "@/lib/schemas";
 import { AI_STREAMING_ERROR_MESSAGE_PREFIX } from "@/shared/texts";
 import { getCurrentCommitHash } from "../utils/git_utils";
 import {
@@ -806,7 +810,14 @@ This conversation includes one or more image attachments. When the user uploads
                 attachmentPaths,
               );
             }
-            if (settings.selectedChatMode === "local-agent") {
+            // Save aiMessagesJson for modes that use handleLocalAgentStream
+            // (which reads from DB and needs structured image content)
+            const willUseLocalAgentStream =
+              settings.selectedChatMode === "local-agent" ||
+              (settings.selectedChatMode === "ask" &&
+                isDyadProEnabled(settings) &&
+                !mentionedAppsCodebases.length);
+            if (willUseLocalAgentStream) {
               // Insert into DB (with size guard)
               const userAiMessagesJson = getAiMessagesJsonIfWithinLimit([
                 chatMessages[lastUserIndex],
@@ -996,6 +1007,31 @@ This conversation includes one or more image attachments. When the user uploads
           return fullResponse;
         };
 
+        // Handle pro ask mode: use local-agent in read-only mode
+        // This gives pro users access to code reading tools while in ask mode
+        if (
+          settings.selectedChatMode === "ask" &&
+          isDyadProEnabled(settings) &&
+          !mentionedAppsCodebases.length
+        ) {
+          // Reconstruct system prompt for local-agent read-only mode
+          const readOnlySystemPrompt = constructSystemPrompt({
+            aiRules,
+            chatMode: "local-agent",
+            enableTurboEditsV2: false,
+            themePrompt,
+            readOnly: true,
+          });
+
+          await handleLocalAgentStream(event, req, abortController, {
+            placeholderMessageId: placeholderAssistantMessage.id,
+            systemPrompt: readOnlySystemPrompt,
+            dyadRequestId: dyadRequestId ?? "[no-request-id]",
+            readOnly: true,
+          });
+          return;
+        }
+
         // Handle local-agent mode (Agent v2)
         // Mentioned apps can't be handled by the local agent (defer to balanced smart context
         // in build mode)

src/pro/main/ipc/handlers/local_agent/local_agent_handler.ts

@@ -107,10 +107,16 @@ export async function handleLocalAgentStream(
     placeholderMessageId,
     systemPrompt,
     dyadRequestId,
+    readOnly = false,
   }: {
     placeholderMessageId: number;
     systemPrompt: string;
     dyadRequestId: string;
+    /**
+     * If true, the agent operates in read-only mode (e.g., ask mode).
+     * State-modifying tools are disabled, and no commits/deploys are made.
+     */
+    readOnly?: boolean;
   },
 ): Promise<void> {
   const settings = readSettings();
@@ -216,8 +222,10 @@ export async function handleLocalAgentStream(
     };
 
     // Build tool set (agent tools + MCP tools)
-    const agentTools = buildAgentToolSet(ctx);
-    const mcpTools = await getMcpTools(event, ctx);
+    // In read-only mode, only include read-only tools and skip MCP tools
+    // (since we can't determine if MCP tools modify state)
+    const agentTools = buildAgentToolSet(ctx, { readOnly });
+    const mcpTools = readOnly ? {} : await getMcpTools(event, ctx);
     const allTools: ToolSet = { ...agentTools, ...mcpTools };
 
     // Prepare message history with graceful fallback
@@ -413,6 +421,8 @@ export async function handleLocalAgentStream(
       logger.warn("Failed to save AI messages JSON:", err);
     }
 
+    // In read-only mode, skip deploys and commits
+    if (!readOnly) {
       // Deploy all Supabase functions if shared modules changed
       await deployAllFunctionsIfNeeded(ctx);
 
@@ -425,6 +435,7 @@ export async function handleLocalAgentStream(
           .set({ commitHash: commitResult.commitHash })
           .where(eq(messages.id, placeholderMessageId));
       }
+    }
 
     // Mark as approved (auto-approve for local-agent)
     await db
@@ -435,7 +446,7 @@ export async function handleLocalAgentStream(
     // Send completion
     safeSend(event.sender, "chat:response:end", {
       chatId: req.chatId,
-      updatedFiles: true,
+      updatedFiles: !readOnly,
     } satisfies ChatResponseEnd);
 
     return;

src/pro/main/ipc/handlers/local_agent/tool_definitions.ts

@@ -255,10 +255,21 @@ function convertToolResultForAiSdk(
   throw new Error(`Unsupported tool result type: ${typeof result}`);
 }
 
+export interface BuildAgentToolSetOptions {
+  /**
+   * If true, exclude tools that modify state (files, database, etc.).
+   * Used for read-only modes like "ask" mode.
+   */
+  readOnly?: boolean;
+}
+
 /**
  * Build ToolSet for AI SDK from tool definitions
  */
-export function buildAgentToolSet(ctx: AgentContext) {
+export function buildAgentToolSet(
+  ctx: AgentContext,
+  options: BuildAgentToolSetOptions = {},
+) {
   const toolSet: Record<string, any> = {};
 
   for (const tool of TOOL_DEFINITIONS) {
@@ -267,6 +278,11 @@ export function buildAgentToolSet(ctx: AgentContext) {
       continue;
     }
 
+    // In read-only mode, skip tools that modify state
+    if (options.readOnly && tool.modifiesState) {
+      continue;
+    }
+
     if (tool.isEnabled && !tool.isEnabled(ctx)) {
       continue;
     }

src/pro/main/ipc/handlers/local_agent/tools/add_dependency.ts

@@ -16,6 +16,7 @@ export const addDependencyTool: ToolDefinition<
   description: "Install npm packages",
   inputSchema: addDependencySchema,
   defaultConsent: "ask",
+  modifiesState: true,
 
   getConsentPreview: (args) => `Install ${args.packages.join(", ")}`,
 

src/pro/main/ipc/handlers/local_agent/tools/add_integration.ts

@@ -17,6 +17,7 @@ export const addIntegrationTool: ToolDefinition<
     "Add an integration provider to the app (e.g., Supabase for auth, database, or server-side functions). Once you have called this tool, stop and do not call any more tools because you need to wait for the user to set up the integration.",
   inputSchema: addIntegrationSchema,
   defaultConsent: "always",
+  modifiesState: true,
   isEnabled: (ctx) => !ctx.supabaseProjectId,
 
   getConsentPreview: (args) => `Add ${args.provider} integration`,

src/pro/main/ipc/handlers/local_agent/tools/delete_file.ts

@@ -27,6 +27,7 @@ export const deleteFileTool: ToolDefinition<z.infer<typeof deleteFileSchema>> =
     description: "Delete a file from the codebase",
     inputSchema: deleteFileSchema,
     defaultConsent: "always",
+    modifiesState: true,
 
     getConsentPreview: (args) => `Delete ${args.path}`,
 

src/pro/main/ipc/handlers/local_agent/tools/edit_file.ts

@@ -134,6 +134,7 @@ export const editFileTool: ToolDefinition<z.infer<typeof editFileSchema>> = {
   description: DESCRIPTION,
   inputSchema: editFileSchema,
   defaultConsent: "always",
+  modifiesState: true,
 
   getConsentPreview: (args) => `Edit ${args.path}`,
 

src/pro/main/ipc/handlers/local_agent/tools/execute_sql.ts

@@ -15,6 +15,7 @@ export const executeSqlTool: ToolDefinition<z.infer<typeof executeSqlSchema>> =
     description: "Execute SQL on the Supabase database",
     inputSchema: executeSqlSchema,
     defaultConsent: "ask",
+    modifiesState: true,
     isEnabled: (ctx) => !!ctx.supabaseProjectId,
 
     getConsentPreview: (args) =>

src/pro/main/ipc/handlers/local_agent/tools/rename_file.ts

@@ -31,6 +31,7 @@ export const renameFileTool: ToolDefinition<z.infer<typeof renameFileSchema>> =
     description: "Rename or move a file in the codebase",
     inputSchema: renameFileSchema,
     defaultConsent: "always",
+    modifiesState: true,
 
     getConsentPreview: (args) => `Rename ${args.from} to ${args.to}`,
 

src/pro/main/ipc/handlers/local_agent/tools/types.ts

@@ -123,6 +123,11 @@ export interface ToolDefinition<T = any> {
   readonly description: string;
   readonly inputSchema: z.ZodType<T>;
   readonly defaultConsent: AgentToolConsent;
+  /**
+   * If true, this tool modifies state (files, database, etc.).
+   * Used to filter out state-modifying tools in read-only mode (e.g., ask mode).
+   */
+  readonly modifiesState?: boolean;
   execute: (args: T, ctx: AgentContext) => Promise<ToolResult>;
 
   /**

src/pro/main/ipc/handlers/local_agent/tools/write_file.ts

@@ -27,6 +27,7 @@ export const writeFileTool: ToolDefinition<z.infer<typeof writeFileSchema>> = {
   description: "Create or completely overwrite a file in the codebase",
   inputSchema: writeFileSchema,
   defaultConsent: "always",
+  modifiesState: true,
 
   getConsentPreview: (args) => `Write to ${args.path}`,
 

src/prompts/local_agent_prompt.ts

@@ -3,6 +3,53 @@
  * Tool-based agent with parallel execution support
  */
 
+/**
+ * System prompt for Local Agent v2 in Ask Mode (read-only)
+ * The agent can read and analyze code, but cannot make changes
+ */
+export const LOCAL_AGENT_ASK_SYSTEM_PROMPT = `
+<role>
+You are Dyad, an AI assistant that helps users understand their web applications. You assist users by answering questions about their code, explaining concepts, and providing guidance. You can read and analyze code in the codebase to provide accurate, context-aware answers.
+You are friendly and helpful, always aiming to provide clear explanations. You take pride in giving thorough, accurate answers based on the actual code.
+</role>
+
+<important_constraints>
+**CRITICAL: You are in READ-ONLY mode.**
+- You can read files, search code, and analyze the codebase
+- You MUST NOT modify any files, create new files, or make any changes
+- You MUST NOT suggest using write_file, edit_file, delete_file, rename_file, add_dependency, or execute_sql tools
+- Focus on explaining, answering questions, and providing guidance
+- If the user asks you to make changes, politely explain that you're in Ask mode and can only provide explanations and guidance
+</important_constraints>
+
+<general_guidelines>
+- Always reply to the user in the same language they are using.
+- Use your tools to read and understand the codebase before answering questions
+- Provide clear, accurate explanations based on the actual code
+- When explaining code, reference specific files and line numbers when helpful
+- If you're not sure about something, read the relevant files to find out
+- Keep explanations clear and focused on what the user is asking about
+</general_guidelines>
+
+<tool_calling>
+You have READ-ONLY tools at your disposal to understand the codebase. Follow these rules:
+1. ALWAYS follow the tool call schema exactly as specified and make sure to provide all necessary parameters.
+2. **NEVER refer to tool names when speaking to the USER.** Instead, just say what you're doing in natural language (e.g., "Let me look at that file" instead of "I'll use read_file").
+3. Use tools proactively to gather information and provide accurate answers.
+4. You can call multiple tools in parallel for independent operations like reading multiple files at once.
+5. If you are not sure about file content or codebase structure pertaining to the user's request, use your tools to read files and gather the relevant information: do NOT guess or make up an answer.
+</tool_calling>
+
+<workflow>
+1. **Understand the question:** Think about what the user is asking and what information you need
+2. **Gather context:** Use your tools to read relevant files and understand the codebase
+3. **Analyze:** Think through the code and how it relates to the user's question
+4. **Explain:** Provide a clear, accurate answer based on what you found
+</workflow>
+
+[[AI_RULES]]
+`;
+
 export const LOCAL_AGENT_SYSTEM_PROMPT = `
 <role>
 You are Dyad, an AI assistant that creates and modifies web applications. You assist users by chatting with them and making changes to their code in real-time. You understand that users can see a live preview of their application in an iframe on the right side of the screen while you make code changes.
@@ -90,11 +137,14 @@ Available packages and libraries:
 export function constructLocalAgentPrompt(
   aiRules: string | undefined,
   themePrompt?: string,
+  options?: { readOnly?: boolean },
 ): string {
-  let prompt = LOCAL_AGENT_SYSTEM_PROMPT.replace(
-    "[[AI_RULES]]",
-    aiRules ?? DEFAULT_AI_RULES,
-  );
+  // Use ask mode prompt if read-only, otherwise use the regular local agent prompt
+  const basePrompt = options?.readOnly
+    ? LOCAL_AGENT_ASK_SYSTEM_PROMPT
+    : LOCAL_AGENT_SYSTEM_PROMPT;
+
+  let prompt = basePrompt.replace("[[AI_RULES]]", aiRules ?? DEFAULT_AI_RULES);
 
   // Append theme prompt if provided
   if (themePrompt) {

src/prompts/system_prompt.ts

@@ -509,14 +509,17 @@ export const constructSystemPrompt = ({
   chatMode = "build",
   enableTurboEditsV2,
   themePrompt,
+  readOnly,
 }: {
   aiRules: string | undefined;
   chatMode?: "build" | "ask" | "agent" | "local-agent";
   enableTurboEditsV2: boolean;
   themePrompt?: string;
+  /** If true, use read-only mode for local-agent (ask mode with tools) */
+  readOnly?: boolean;
 }) => {
   if (chatMode === "local-agent") {
-    return constructLocalAgentPrompt(aiRules, themePrompt);
+    return constructLocalAgentPrompt(aiRules, themePrompt, { readOnly });
   }
 
   let systemPrompt = getSystemPromptForChatMode({