Harden reliability, security, and UX across core modules

- Add thread safety: _anthropic_history_lock and _send_lock in ai_client to prevent concurrent corruption
  - Add _send_thread_lock in gui_2 for atomic check-and-start of send thread
  - Add atexit fallback in session_logger to flush log files on abnormal exit
  - Fix file descriptor leaks: use context managers for urlopen in mcp_client
  - Cap unbounded tool output growth at 500KB per send() call (both Gemini and Anthropic)
  - Harden path traversal: resolve(strict=True) with fallback in mcp_client allowlist checks
  - Add SLOP_CREDENTIALS env var override for credentials.toml with helpful error message
  - Fix Gemini token heuristic: use _CHARS_PER_TOKEN (3.5) instead of hardcoded // 4
  - Add keyboard shortcuts: Ctrl+Enter to send, Ctrl+L to clear message input
  - Add auto-save: flush project and config to disk every 60 seconds

gui_2.py

@@ -152,6 +152,7 @@ class App:
         self.last_file_items: list = []
         
         self.send_thread: threading.Thread | None = None
+        self._send_thread_lock = threading.Lock()
         self.models_thread: threading.Thread | None = None
 
         _default_windows = {
@@ -231,6 +232,10 @@ class App:
         self.perf_history = {"frame_time": [0.0]*100, "fps": [0.0]*100, "cpu": [0.0]*100, "input_lag": [0.0]*100}
         self._perf_last_update = 0.0
 
+        # Auto-save timer (every 60s)
+        self._autosave_interval = 60.0
+        self._last_autosave = time.time()
+
         session_logger.open_session()
         ai_client.set_provider(self.current_provider, self.current_model)
         ai_client.confirm_and_run_callback = self._confirm_and_run
@@ -595,6 +600,18 @@ class App:
         # Process GUI task queue
         self._process_pending_gui_tasks()
 
+        # Auto-save (every 60s)
+        now = time.time()
+        if now - self._last_autosave >= self._autosave_interval:
+            self._last_autosave = now
+            try:
+                self._flush_to_project()
+                self._save_active_project()
+                self._flush_to_config()
+                save_config(self.config)
+            except Exception:
+                pass  # silent — don't disrupt the GUI loop
+
         # Sync pending comms
         with self._pending_comms_lock:
             for c in self._pending_comms:
@@ -1079,9 +1096,21 @@ class App:
                     imgui.separator()
 
                 ch, self.ui_ai_input = imgui.input_text_multiline("##ai_in", self.ui_ai_input, imgui.ImVec2(-1, -40))
+
+                # Keyboard shortcuts
+                io = imgui.get_io()
+                ctrl_enter = io.key_ctrl and imgui.is_key_pressed(imgui.Key.enter)
+                ctrl_l = io.key_ctrl and imgui.is_key_pressed(imgui.Key.l)
+                if ctrl_l:
+                    self.ui_ai_input = ""
+
                 imgui.separator()
-                if imgui.button("Gen + Send"):
-                    if not (self.send_thread and self.send_thread.is_alive()):
+                send_busy = False
+                with self._send_thread_lock:
+                    if self.send_thread and self.send_thread.is_alive():
+                        send_busy = True
+                if imgui.button("Gen + Send") or ctrl_enter:
+                    if not send_busy:
                         try:
                             md, path, file_items, stable_md, disc_text = self._do_generate()
                             self.last_md = md
@@ -1097,10 +1126,7 @@ class App:
                             ai_client.set_custom_system_prompt("\n\n".join(csp))
                             ai_client.set_model_params(self.temperature, self.max_tokens, self.history_trunc_limit)
                             ai_client.set_agent_tools(self.ui_agent_tools)
-                            # For Gemini: send stable_md (no history) as cached context,
-                            # and disc_text separately as conversation history.
-                            # For Anthropic: send full md (with history) as before.
-                            send_md = stable_md  # No history in cached context for either provider
+                            send_md = stable_md
                             send_disc = disc_text
 
                             def do_send():
@@ -1129,9 +1155,10 @@ class App:
                                     if self.ui_auto_add_history:
                                         with self._pending_history_adds_lock:
                                             self._pending_history_adds.append({"role": "System", "content": self.ai_response, "collapsed": False, "ts": project_manager.now_ts()})
-                                            
-                            self.send_thread = threading.Thread(target=do_send, daemon=True)
-                            self.send_thread.start()
+
+                            with self._send_thread_lock:
+                                self.send_thread = threading.Thread(target=do_send, daemon=True)
+                                self.send_thread.start()
                 imgui.same_line()
                 if imgui.button("MD Only"):
                     try: