Handle large exec_command output and surface scan errors as TUI toasts

[mhspektr]

NB: this builds on #577 and should be merged after

• Large output handling — exec_command results are now capped at STRIX_MAX_TOOL_OUTPUT_CHARS (default 65 536 chars). JSON arrays are trimmed to the first 50 records (valid JSON preserved); plain text keeps the first 300 lines. Both truncation paths include a header with total size and count so the agent retains full context awareness. Set STRIX_MAX_TOOL_OUTPUT_CHARS=0 to disable.
• MapReduce LLM compression — when a single chunk still overflows after truncation, a MapReduce pipeline compresses it via the LLM before it reaches the context window, preventing hard overflows.
• Scan error toasts — scan thread failures now post a persistent Textual toast immediately rather than surfacing as a post-exit traceback. A timeout=0 bug that caused the toast to expire on mount was also fixed (Textual's default ~5 sis now used).

Closes #579

[greptile-apps]

Greptile Summary

This PR adds three self-contained features on top of PR #577: structure-aware truncation and MapReduce LLM compression for oversized exec_command outputs, a ContextWindowExceededError fast-path in the agent run loop that bypasses the (unhelpful) image-strip retry, and cross-thread TUI toasts for scan-thread failures. It also adds a --mount CLI option that bind-mounts large local directories read-only instead of streaming them file-by-file.

• Large output pipeline — outputs exceeding STRIX_MAX_TOOL_OUTPUT_CHARS are first compressed via a parallel MapReduce LLM fan-out; single-chunk outputs and compression failures fall back to structure-aware truncation (JSON arrays kept as valid JSON, plain text line-capped), with a final character-count backstop in _wrap_exec_command.
• Context window bypass — ContextWindowExceededError (status 400) is now intercepted before the image-strip retry loop, parks the agent as "failed", and propagates correctly for root agents while returning None for child agents.
• --mount bind-mount support — build_mount_targets_info / build_session_entries / StrixDockerSandboxClient are wired together to pass host directories to Docker at container-create time; a pre-flight size check rejects oversized --target directories and directs users to --mount.

Confidence Score: 5/5

Safe to merge; all three feature areas are well-isolated with dedicated tests, and the fallback chains preserve session correctness.

The truncation/compression pipeline has a solid backstop so oversized outputs cannot bypass the character cap. The ContextWindowExceededError handler is tested end-to-end including the non-retry assertion. The bind-mount wiring is straightforward. The two issues noted are a misleading log message in non-interactive mode and a deprecated asyncio.wait_for(coroutine) call pattern — neither affects correctness.

No files require special attention; strix/core/execution.py has a misleading log message and strix/core/mapreduce_output.py has the deprecated asyncio.wait_for(coroutine) call, but neither introduces wrong behavior.

Important Files Changed

Filename	Overview
strix/core/large_output.py	New module: structure-aware truncation for oversized tool outputs. Halving loop, SDK header preservation, and text/JSON branching all look correct. Single-oversized-record edge case (noted in previous review) is handled by caller backstop.
strix/core/mapreduce_output.py	New MapReduce LLM compression module. Fan-out to parallel litellm calls is sound; single-chunk fast-path correctly delegates truncation to caller. asyncio.wait_for receives a bare coroutine instead of a Task (deprecated in Python 3.12+). Broad except Exception in _summarise is intentional for chunk-level resilience.
strix/agents/factory.py	Added MapReduce compression + truncation backstop inside _wrap_exec_command. Fallback chain (compress → backstop truncate) is correct; load_settings() called inside the hot tool-invocation path, which is fine if settings are cached by the config layer.
strix/core/execution.py	ContextWindowExceededError handler correctly bypasses image-strip retry. Log message "parking as failed" fires before the if not interactive: raise guard and is factually wrong in non-interactive mode.
strix/interface/tui/app.py	Scan error toast via call_from_thread with contextlib.suppress is the correct cross-thread notification pattern. Removed explicit timeout=0 (which caused immediate expiration) and uses Textual's default timeout instead.
strix/interface/utils.py	New helpers: build_mount_targets_info, dedupe_local_targets, find_oversized_local_targets, directory_size_bytes. Deduplication prefers bind-mounted entries; path resolution in build_mount_targets_info is consistent. Size walk is stat-only and best-effort as documented.
strix/runtime/session_manager.py	Refactored to build_session_entries which splits local sources into copied entries and bind-mount specs. Logic is correct; mounted paths are excluded from SDK manifest (preventing file-by-file copy).
strix/runtime/docker_client.py	Added strix_bind_mounts class attribute (now None not [] per prior review) and Docker mount injection in _create_container. Pyright suppression comments added for private SDK imports.
strix/runtime/backends.py	Passes bind_mounts through from session manager to Docker backend. Straightforward wiring change.
strix/config/settings.py	Added max_local_copy_mb and max_tool_output_chars settings with documented env-var aliases and defaults. Zero-disables convention is consistent across both fields.
strix/interface/main.py	Added --mount CLI argument with correct action="append", error messages updated, pre-flight size check wired in. dedupe_local_targets called after both --target and --mount lists are assembled.

_{Reviews (2): Last reviewed commit: "Fix review comment" | Re-trigger Greptile}

[mhspektr]

@greptile

[mhspektr]

I suggest merging #577, updating this branch, and rerunning greptile before reviewing.