feat(manifest): resolve relative command paths against manifest directory and document

- Validate relative command[0] as before, then rewrite to an absolute path anchored to the manifest's folder to decouple from process CWD
- Add unit test covering nested manifest resolution
- Update manifest reference to state resolution rule

Refs: #1

Author: aibuddy

docs/reference/tools-manifest.md

@@ -15,7 +15,7 @@ ToolSpec fields:
 - `name` (string, required): Unique tool name. Must be non-empty and unique across the manifest.
 - `description` (string, optional): Short human description.
 - `schema` (object, optional): JSON Schema for the tool parameters. This is passed through to the model as `parameters` in the OpenAI "function" tool.
-- `command` (array of string, required): Argv vector. First element is the program path (relative or absolute); subsequent elements are fixed args. When relative, it MUST start with `./tools/bin/NAME` (use `.exe` on Windows). The runner will execute this program and write the function call JSON arguments to stdin.
+- `command` (array of string, required): Argv vector. First element is the program path (relative or absolute); subsequent elements are fixed args. When relative, it MUST start with `./tools/bin/NAME` (use `.exe` on Windows). Relative paths are resolved against the directory containing this `tools.json` (not the process working directory). The runner will execute this program and write the function call JSON arguments to stdin.
 - `timeoutSec` (integer, optional): Per-call timeout override in seconds. If omitted, the CLI's `-timeout` applies.
 
 Notes:
@@ -78,7 +78,7 @@ On Windows, use the `.exe` suffix for the tool binary:
 - Missing `name`: error `tool[i]: name is required`.
 - Duplicate `name`: error `tool[i] "<name>": duplicate name`.
 - Empty `command`: error `tool[i] "<name>": command must have at least program name`.
-- Relative `command[0]` not using the canonical bin prefix: error `tool[i] "<name>": relative command[0] must start with ./tools/bin/` (absolute paths are allowed for tests). This ensures tools are invoked from `./tools/bin/NAME`.
+- Relative `command[0]` not using the canonical bin prefix: error `tool[i] "<name>": relative command[0] must start with ./tools/bin/` (absolute paths are allowed for tests). This ensures tools are invoked from `./tools/bin/NAME` and are then resolved relative to the manifest directory.
 - Relative `command[0]` that normalizes to escape the tools bin directory (e.g., `./tools/bin/../hack`): error `tool[i] "<name>": command[0] escapes ./tools/bin after normalization (got "./tools/bin/../hack" -> "./tools/hack")`.
 
 ## Execution model

internal/tools/manifest.go

@@ -24,6 +24,8 @@ type Manifest struct {
 }
 
 // LoadManifest reads tools.json and returns a name->spec registry and an OpenAI-compatible tools array.
+// Relative command paths in the manifest are validated and then resolved relative to the manifest's directory,
+// so they do not depend on the process working directory.
 func LoadManifest(manifestPath string) (map[string]ToolSpec, []oai.Tool, error) {
 	data, err := os.ReadFile(manifestPath)
 	if err != nil {
@@ -36,7 +38,8 @@ func LoadManifest(manifestPath string) (map[string]ToolSpec, []oai.Tool, error)
 	registry := make(map[string]ToolSpec)
 	var oaiTools []oai.Tool
 	nameSeen := make(map[string]struct{})
-	for i, t := range man.Tools {
+    manifestDir := filepath.Dir(manifestPath)
+    for i, t := range man.Tools {
 		if t.Name == "" {
 			return nil, nil, fmt.Errorf("tool[%d]: name is required", i)
 		}
@@ -50,7 +53,7 @@ func LoadManifest(manifestPath string) (map[string]ToolSpec, []oai.Tool, error)
 		// S52/S30: Harden command[0] validation. For any relative program path,
 		// enforce the canonical tools bin prefix and prevent path escapes.
 		cmd0 := t.Command[0]
-		if !filepath.IsAbs(cmd0) {
+        if !filepath.IsAbs(cmd0) {
 			// Normalize separators first (convert backslashes to slashes cross‑platform),
 			// then apply a platform-agnostic clean.
 			raw := strings.ReplaceAll(cmd0, "\\", "/")
@@ -68,12 +71,23 @@ func LoadManifest(manifestPath string) (map[string]ToolSpec, []oai.Tool, error)
 				if !(strings.HasPrefix(norm, "./tools/bin/")) {
 					return nil, nil, fmt.Errorf("tool[%d] %q: command[0] escapes ./tools/bin after normalization (got %q -> %q)", i, t.Name, cmd0, norm)
 				}
-			} else {
+            } else {
 				// Enforce canonical prefix for all other relative commands
 				if !strings.HasPrefix(norm, "./tools/bin/") {
 					return nil, nil, fmt.Errorf("tool[%d] %q: relative command[0] must start with ./tools/bin/", i, t.Name)
 				}
 			}
+            // Resolve relative program path against the manifest directory to avoid dependence on process CWD
+            // Keep validation based on the normalized forward-slash path, but compute a concrete absolute filesystem path.
+            // Example: manifest in /repo/sub/manifest/tools.json and command "./tools/bin/name" -> /repo/sub/manifest/tools/bin/name
+            // Trim leading "./" for joining, then convert to OS-specific separators.
+            trimmed := strings.TrimPrefix(norm, "./")
+            resolved := filepath.Join(manifestDir, filepath.FromSlash(trimmed))
+            absResolved, errAbs := filepath.Abs(resolved)
+            if errAbs != nil {
+                return nil, nil, fmt.Errorf("tool[%d] %q: resolve command[0]: %v", i, t.Name, errAbs)
+            }
+            t.Command[0] = absResolved
 		}
 		registry[t.Name] = t
 		// Build OpenAI tools entry

internal/tools/manifest_test.go

@@ -10,7 +10,7 @@ import (
 // https://github.com/hyperifyio/goagent/issues/1
 func TestLoadManifest_OK(t *testing.T) {
 	dir := t.TempDir()
-	file := filepath.Join(dir, "tools.json")
+    file := filepath.Join(dir, "tools.json")
 	data := map[string]any{
 		"tools": []map[string]any{
 			{
@@ -123,3 +123,76 @@ func TestLoadManifest_CommandEscapeAndDotDot(t *testing.T) {
 		})
 	}
 }
+
+// Relative command paths must resolve against the manifest directory, not process CWD.
+// The loader should rewrite command[0] to an absolute path rooted at the manifest's folder.
+func TestLoadManifest_ResolvesRelativeAgainstManifestDir(t *testing.T) {
+    // Create nested manifest directory
+    base := t.TempDir()
+    nested := filepath.Join(base, "configs", "sub")
+    if err := os.MkdirAll(nested, 0o755); err != nil {
+        t.Fatalf("mkdir nested: %v", err)
+    }
+    // Create a fake tools/bin tree relative to the manifest
+    binDir := filepath.Join(nested, "tools", "bin")
+    if err := os.MkdirAll(binDir, 0o755); err != nil {
+        t.Fatalf("mkdir bin: %v", err)
+    }
+    // Create a small executable file to represent the tool binary
+    toolPath := filepath.Join(binDir, "hello_tool")
+    if err := os.WriteFile(toolPath, []byte("#!/bin/sh\nexit 0\n"), 0o755); err != nil {
+        t.Fatalf("write tool bin: %v", err)
+    }
+    // Write manifest that references ./tools/bin/hello_tool relative to the manifest dir
+    manPath := filepath.Join(nested, "tools.json")
+    data := map[string]any{
+        "tools": []map[string]any{
+            {
+                "name":    "hello",
+                "command": []string{"./tools/bin/hello_tool"},
+            },
+        },
+    }
+    b, err := json.Marshal(data)
+    if err != nil {
+        t.Fatalf("marshal: %v", err)
+    }
+    if err := os.WriteFile(manPath, b, 0o644); err != nil {
+        t.Fatalf("write manifest: %v", err)
+    }
+    // Change working directory to a different location to ensure CWD is not used for resolution
+    oldWD, err := os.Getwd()
+    if err != nil {
+        t.Fatalf("getwd: %v", err)
+    }
+    other := filepath.Join(base, "other")
+    if err := os.MkdirAll(other, 0o755); err != nil {
+        t.Fatalf("mkdir other: %v", err)
+    }
+    if err := os.Chdir(other); err != nil {
+        t.Fatalf("chdir other: %v", err)
+    }
+    t.Cleanup(func() {
+        _ = os.Chdir(oldWD)
+    })
+
+    reg, _, err := LoadManifest(manPath)
+    if err != nil {
+        t.Fatalf("LoadManifest: %v", err)
+    }
+    spec, ok := reg["hello"]
+    if !ok {
+        t.Fatalf("missing tool in registry")
+    }
+    if len(spec.Command) == 0 {
+        t.Fatalf("empty command")
+    }
+    got := spec.Command[0]
+    if !filepath.IsAbs(got) {
+        t.Fatalf("command[0] not absolute: %q", got)
+    }
+    // It should point to the tool under the manifest's directory, not under CWD
+    if got != toolPath {
+        t.Fatalf("resolved path mismatch:\n got: %s\nwant: %s", got, toolPath)
+    }
+}