fix: Remove unused vars and improve type safety. Improve task recovery

apps/server/src/providers/claude-provider.ts

@@ -5,7 +5,7 @@
  * with the provider architecture.
  */
 
-import { query, type Options } from '@anthropic-ai/claude-agent-sdk';
+import { query, type Options, type SDKUserMessage } from '@anthropic-ai/claude-agent-sdk';
 import { BaseProvider } from './base-provider.js';
 import { classifyError, getUserFriendlyErrorMessage, createLogger } from '@automaker/utils';
 
@@ -32,31 +32,6 @@ import type {
   ModelDefinition,
 } from './types.js';
 
-// Explicit allowlist of environment variables to pass to the SDK.
-// Only these vars are passed - nothing else from process.env leaks through.
-const ALLOWED_ENV_VARS = [
-  // Authentication
-  'ANTHROPIC_API_KEY',
-  'ANTHROPIC_AUTH_TOKEN',
-  // Endpoint configuration
-  'ANTHROPIC_BASE_URL',
-  'API_TIMEOUT_MS',
-  // Model mappings
-  'ANTHROPIC_DEFAULT_HAIKU_MODEL',
-  'ANTHROPIC_DEFAULT_SONNET_MODEL',
-  'ANTHROPIC_DEFAULT_OPUS_MODEL',
-  // Traffic control
-  'CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC',
-  // System vars (always from process.env)
-  'PATH',
-  'HOME',
-  'SHELL',
-  'TERM',
-  'USER',
-  'LANG',
-  'LC_ALL',
-];
-
 // System vars are always passed from process.env regardless of profile
 const SYSTEM_ENV_VARS = ['PATH', 'HOME', 'SHELL', 'TERM', 'USER', 'LANG', 'LC_ALL'];
 
@@ -258,7 +233,7 @@ export class ClaudeProvider extends BaseProvider {
     };
 
     // Build prompt payload
-    let promptPayload: string | AsyncIterable<any>;
+    let promptPayload: string | AsyncIterable<SDKUserMessage>;
 
     if (Array.isArray(prompt)) {
       // Multi-part prompt (with images)
@@ -317,12 +292,16 @@ export class ClaudeProvider extends BaseProvider {
         ? `${userMessage}\n\nTip: If you're running multiple features in auto-mode, consider reducing concurrency (maxConcurrency setting) to avoid hitting rate limits.`
         : userMessage;
 
-      const enhancedError = new Error(message);
-      (enhancedError as any).originalError = error;
-      (enhancedError as any).type = errorInfo.type;
+      const enhancedError = new Error(message) as Error & {
+        originalError: unknown;
+        type: string;
+        retryAfter?: number;
+      };
+      enhancedError.originalError = error;
+      enhancedError.type = errorInfo.type;
 
       if (errorInfo.isRateLimit) {
-        (enhancedError as any).retryAfter = errorInfo.retryAfter;
+        enhancedError.retryAfter = errorInfo.retryAfter;
       }
 
       throw enhancedError;

apps/server/src/providers/codex-provider.ts

@@ -30,7 +30,6 @@ import type {
   ModelDefinition,
 } from './types.js';
 import {
-  CODEX_MODEL_MAP,
   supportsReasoningEffort,
   validateBareModelId,
   calculateReasoningTimeout,
@@ -56,15 +55,9 @@ const CODEX_EXEC_SUBCOMMAND = 'exec';
 const CODEX_JSON_FLAG = '--json';
 const CODEX_MODEL_FLAG = '--model';
 const CODEX_VERSION_FLAG = '--version';
-const CODEX_SANDBOX_FLAG = '--sandbox';
-const CODEX_APPROVAL_FLAG = '--ask-for-approval';
-const CODEX_SEARCH_FLAG = '--search';
-const CODEX_OUTPUT_SCHEMA_FLAG = '--output-schema';
 const CODEX_CONFIG_FLAG = '--config';
-const CODEX_IMAGE_FLAG = '--image';
 const CODEX_ADD_DIR_FLAG = '--add-dir';
 const CODEX_SKIP_GIT_REPO_CHECK_FLAG = '--skip-git-repo-check';
-const CODEX_RESUME_FLAG = 'resume';
 const CODEX_REASONING_EFFORT_KEY = 'reasoning_effort';
 const CODEX_YOLO_FLAG = '--dangerously-bypass-approvals-and-sandbox';
 const OPENAI_API_KEY_ENV = 'OPENAI_API_KEY';
@@ -106,9 +99,6 @@ const TEXT_ENCODING = 'utf-8';
  */
 const CODEX_CLI_TIMEOUT_MS = DEFAULT_TIMEOUT_MS;
 const CODEX_FEATURE_GENERATION_BASE_TIMEOUT_MS = 300000; // 5 minutes for feature generation
-const CONTEXT_WINDOW_256K = 256000;
-const MAX_OUTPUT_32K = 32000;
-const MAX_OUTPUT_16K = 16000;
 const SYSTEM_PROMPT_SEPARATOR = '\n\n';
 const CODEX_INSTRUCTIONS_DIR = '.codex';
 const CODEX_INSTRUCTIONS_SECTION = 'Codex Project Instructions';
@@ -758,17 +748,14 @@ export class CodexProvider extends BaseProvider {
         options.cwd,
         codexSettings.sandboxMode !== 'danger-full-access'
       );
-      const resolvedSandboxMode = sandboxCheck.enabled
-        ? codexSettings.sandboxMode
-        : 'danger-full-access';
       if (!sandboxCheck.enabled && sandboxCheck.message) {
         console.warn(`[CodexProvider] ${sandboxCheck.message}`);
       }
       const searchEnabled =
         codexSettings.enableWebSearch || resolveSearchEnabled(resolvedAllowedTools, restrictTools);
-      const outputSchemaPath = await writeOutputSchemaFile(options.cwd, options.outputFormat);
+      await writeOutputSchemaFile(options.cwd, options.outputFormat);
       const imageBlocks = codexSettings.enableImages ? extractImageBlocks(options.prompt) : [];
-      const imagePaths = await writeImageFiles(options.cwd, imageBlocks);
+      await writeImageFiles(options.cwd, imageBlocks);
       const approvalPolicy =
         hasMcpServers && options.mcpAutoApproveTools !== undefined
           ? options.mcpAutoApproveTools
@@ -801,7 +788,7 @@ export class CodexProvider extends BaseProvider {
         overrides.push({ key: 'features.web_search_request', value: true });
       }
 
-      const configOverrides = buildConfigOverrides(overrides);
+      buildConfigOverrides(overrides);
       const preExecArgs: string[] = [];
 
       // Add additional directories with write access
@@ -1033,7 +1020,7 @@ export class CodexProvider extends BaseProvider {
   async detectInstallation(): Promise<InstallationStatus> {
     const cliPath = await findCodexCliPath();
     const hasApiKey = Boolean(await resolveOpenAiApiKey());
-    const authIndicators = await getCodexAuthIndicators();
+    await getCodexAuthIndicators();
     const installed = !!cliPath;
 
     let version = '';
@@ -1045,7 +1032,7 @@ export class CodexProvider extends BaseProvider {
           cwd: process.cwd(),
         });
         version = result.stdout.trim();
-      } catch (error) {
+      } catch {
         version = '';
       }
     }

apps/server/src/providers/copilot-provider.ts

@@ -85,10 +85,6 @@ interface SdkToolExecutionEndEvent extends SdkEvent {
   };
 }
 
-interface SdkSessionIdleEvent extends SdkEvent {
-  type: 'session.idle';
-}
-
 interface SdkSessionErrorEvent extends SdkEvent {
   type: 'session.error';
   data: {

apps/server/src/providers/cursor-provider.ts

@@ -69,6 +69,7 @@ interface CursorToolHandler<TArgs = unknown, TResult = unknown> {
  * Registry of Cursor tool handlers
  * Each handler knows how to normalize its specific tool call type
  */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any -- handler registry stores heterogeneous tool type parameters
 const CURSOR_TOOL_HANDLERS: Record<string, CursorToolHandler<any, any>> = {
   readToolCall: {
     name: 'Read',
@@ -878,7 +879,7 @@ export class CursorProvider extends CliProvider {
     logger.debug(`CursorProvider.executeQuery called with model: "${options.model}"`);
 
     // Get effective permissions for this project
-    const effectivePermissions = await getEffectivePermissions(options.cwd || process.cwd());
+    await getEffectivePermissions(options.cwd || process.cwd());
 
     // Debug: log raw events when AUTOMAKER_DEBUG_RAW_OUTPUT is enabled
     const debugRawEvents =

apps/server/src/providers/gemini-provider.ts

@@ -20,7 +20,6 @@ import type {
   ProviderMessage,
   InstallationStatus,
   ModelDefinition,
-  ContentBlock,
 } from './types.js';
 import { validateBareModelId } from '@automaker/types';
 import { GEMINI_MODEL_MAP, type GeminiAuthStatus } from '@automaker/types';

apps/server/src/providers/simple-query-service.ts

@@ -16,8 +16,6 @@
 
 import { ProviderFactory } from './provider-factory.js';
 import type {
-  ProviderMessage,
-  ContentBlock,
   ThinkingLevel,
   ReasoningEffort,
   ClaudeApiProfile,