aidp 0.19.1 → 0.21.0

data/lib/aidp/watch/repository_safety_checker.rb

@@ -0,0 +1,214 @@
+# frozen_string_literal: true
+
+require "json"
+require "net/http"
+require "open3"
+require_relative "../message_display"
+
+module Aidp
+  module Watch
+    # Validates watch mode safety requirements for public repositories
+    # and enforces author allowlists to prevent untrusted input execution.
+    class RepositorySafetyChecker
+      include Aidp::MessageDisplay
+
+      class UnsafeRepositoryError < StandardError; end
+      class UnauthorizedAuthorError < StandardError; end
+
+      def initialize(repository_client:, config: {})
+        @repository_client = repository_client
+        @config = config
+        @repo_visibility_cache = {}
+      end
+
+      # Check if watch mode is safe to run for this repository
+      # @param force [Boolean] Skip safety checks (dangerous!)
+      # @return [Boolean] true if safe, raises error otherwise
+      def validate_watch_mode_safety!(force: false)
+        Aidp.log_debug("repository_safety", "validate watch mode safety",
+          repo: @repository_client.full_repo,
+          force: force)
+
+        # Skip checks if forced (user takes responsibility)
+        if force
+          display_message("⚠️  Watch mode safety checks BYPASSED (--force)", type: :warning)
+          return true
+        end
+
+        # Check repository visibility
+        unless repository_safe_for_watch_mode?
+          raise UnsafeRepositoryError, unsafe_repository_message
+        end
+
+        # Check if running in safe environment
+        unless safe_environment?
+          display_message("⚠️  Watch mode running outside container/sandbox", type: :warning)
+          display_message("   Consider using a containerized environment for additional safety", type: :muted)
+        end
+
+        display_message("✅ Watch mode safety checks passed", type: :success)
+        true
+      end
+
+      # Check if an issue author is allowed to trigger automated work
+      # @param issue [Hash] Issue data with :author or :assignees
+      # @return [Boolean] true if authorized
+      def author_authorized?(issue)
+        author = extract_author(issue)
+        return false unless author
+
+        # If no allowlist configured, allow all (backward compatible)
+        return true if author_allowlist.empty?
+
+        # Check if author is in allowlist
+        authorized = author_allowlist.include?(author)
+
+        Aidp.log_debug("repository_safety", "check author authorization",
+          author: author,
+          authorized: authorized,
+          allowlist_size: author_allowlist.size)
+
+        authorized
+      end
+
+      # Check if an issue should be processed based on author authorization
+      # @param issue [Hash] Issue data
+      # @param enforce [Boolean] Raise error if unauthorized
+      # @return [Boolean] true if should process
+      def should_process_issue?(issue, enforce: true)
+        unless author_authorized?(issue)
+          author = extract_author(issue)
+          if enforce && author_allowlist.any?
+            raise UnauthorizedAuthorError,
+              "Issue ##{issue[:number]} author '#{author}' not in allowlist. " \
+              "Add to watch.safety.author_allowlist in aidp.yml to allow."
+          end
+
+          display_message("⏭️  Skipping issue ##{issue[:number]} - author '#{author}' not authorized",
+            type: :muted)
+          return false
+        end
+
+        true
+      end
+
+      private
+
+      def repository_safe_for_watch_mode?
+        # Check if repository is private
+        return true if repository_private?
+
+        # Public repositories require explicit opt-in
+        if public_repos_allowed?
+          display_message("⚠️  Watch mode enabled for PUBLIC repository", type: :warning)
+          display_message("   Ensure you trust all contributors and have proper safety measures", type: :muted)
+          return true
+        end
+
+        false
+      end
+
+      def repository_private?
+        # Cache visibility check to avoid repeated API calls
+        return @repo_visibility_cache[:private] if @repo_visibility_cache.key?(:private)
+
+        is_private = if @repository_client.gh_available?
+          check_visibility_via_gh
+        else
+          check_visibility_via_api
+        end
+
+        @repo_visibility_cache[:private] = is_private
+        Aidp.log_debug("repository_safety", "repository visibility check",
+          repo: @repository_client.full_repo,
+          private: is_private)
+
+        is_private
+      end
+
+      def check_visibility_via_gh
+        cmd = ["gh", "repo", "view", @repository_client.full_repo, "--json", "visibility"]
+        stdout, stderr, status = Open3.capture3(*cmd)
+
+        unless status.success?
+          Aidp.log_warn("repository_safety", "failed to check repo visibility via gh",
+            error: stderr.strip)
+          # Assume public if we can't determine (safer default)
+          return false
+        end
+
+        data = JSON.parse(stdout)
+        data["visibility"]&.downcase == "private"
+      rescue JSON::ParserError => e
+        Aidp.log_error("repository_safety", "failed to parse gh repo response", error: e.message)
+        false # Assume public on error
+      end
+
+      def check_visibility_via_api
+        uri = URI("https://api.github.com/repos/#{@repository_client.full_repo}")
+        response = Net::HTTP.get_response(uri)
+
+        unless response.code == "200"
+          Aidp.log_warn("repository_safety", "failed to check repo visibility via API",
+            status: response.code)
+          # Assume public if we can't determine
+          return false
+        end
+
+        data = JSON.parse(response.body)
+        data["private"] == true
+      rescue => e
+        Aidp.log_error("repository_safety", "failed to check repo visibility", error: e.message)
+        false # Assume public on error
+      end
+
+      def public_repos_allowed?
+        @config.dig(:safety, :allow_public_repos) == true
+      end
+
+      def author_allowlist
+        @author_allowlist ||= Array(@config.dig(:safety, :author_allowlist)).compact.map(&:to_s)
+      end
+
+      def safe_environment?
+        # Check if running in a container
+        in_container? || @config.dig(:safety, :require_container) == false
+      end
+
+      def in_container?
+        # Check for container indicators
+        File.exist?("/.dockerenv") ||
+          File.exist?("/run/.containerenv") ||
+          ENV["AIDP_ENV"] == "development" # devcontainer
+      end
+
+      def extract_author(issue)
+        # Try different author fields
+        issue[:author] ||
+          issue.dig(:assignees, 0) ||
+          issue["author"] ||
+          issue.dig("assignees", 0)
+      end
+
+      def unsafe_repository_message
+        <<~MSG
+          🛑 Watch mode is DISABLED for public repositories by default.
+
+          Running automated code execution on untrusted public input is dangerous!
+
+          To enable watch mode for this public repository, add to your aidp.yml:
+
+            watch:
+              safety:
+                allow_public_repos: true
+                author_allowlist:  # Only these users can trigger automation
+                  - trusted_maintainer
+                  - another_admin
+                require_container: true  # Require sandboxed environment
+
+          Alternatively, use --force to bypass this check (NOT RECOMMENDED).
+        MSG
+      end
+    end
+  end
+end

data/lib/aidp/watch/runner.rb

@@ -4,6 +4,7 @@ require "tty-prompt"
 
 require_relative "../message_display"
 require_relative "repository_client"
+require_relative "repository_safety_checker"
 require_relative "state_store"
 require_relative "plan_generator"
 require_relative "plan_processor"
@@ -18,14 +19,19 @@ module Aidp
 
       DEFAULT_INTERVAL = 30
 
-      def initialize(issues_url:, interval: DEFAULT_INTERVAL, provider_name: nil, gh_available: nil, project_dir: Dir.pwd, once: false, use_workstreams: true, prompt: TTY::Prompt.new)
+      def initialize(issues_url:, interval: DEFAULT_INTERVAL, provider_name: nil, gh_available: nil, project_dir: Dir.pwd, once: false, use_workstreams: true, prompt: TTY::Prompt.new, safety_config: {}, force: false)
         @prompt = prompt
         @interval = interval
         @once = once
         @project_dir = project_dir
+        @force = force
 
         owner, repo = RepositoryClient.parse_issues_url(issues_url)
         @repository_client = RepositoryClient.new(owner: owner, repo: repo, gh_available: gh_available)
+        @safety_checker = RepositorySafetyChecker.new(
+          repository_client: @repository_client,
+          config: safety_config
+        )
         @state_store = StateStore.new(project_dir: project_dir, repository: "#{owner}/#{repo}")
         @plan_processor = PlanProcessor.new(
           repository_client: @repository_client,
@@ -41,6 +47,9 @@ module Aidp
       end
 
       def start
+        # Validate safety requirements before starting
+        @safety_checker.validate_watch_mode_safety!(force: @force)
+
         display_message("👀 Watch mode enabled for #{@repository_client.full_repo}", type: :highlight)
         display_message("Polling every #{@interval} seconds. Press Ctrl+C to stop.", type: :muted)
 
@@ -51,6 +60,9 @@ module Aidp
         end
       rescue Interrupt
         display_message("\n⏹️  Watch mode interrupted by user", type: :warning)
+      rescue RepositorySafetyChecker::UnsafeRepositoryError => e
+        display_message("\n#{e.message}", type: :error)
+        raise
       end
 
       private
@@ -66,7 +78,13 @@ module Aidp
           next unless issue_has_label?(issue, PlanProcessor::PLAN_LABEL)
 
           detailed = @repository_client.fetch_issue(issue[:number])
+
+          # Check author authorization before processing
+          next unless @safety_checker.should_process_issue?(detailed, enforce: false)
+
           @plan_processor.process(detailed)
+        rescue RepositorySafetyChecker::UnauthorizedAuthorError => e
+          Aidp.log_warn("watch_runner", "unauthorized issue author", issue: issue[:number], error: e.message)
         end
       end
 
@@ -79,7 +97,13 @@ module Aidp
           next if status["status"] == "completed"
 
           detailed = @repository_client.fetch_issue(issue[:number])
+
+          # Check author authorization before processing
+          next unless @safety_checker.should_process_issue?(detailed, enforce: false)
+
           @build_processor.process(detailed)
+        rescue RepositorySafetyChecker::UnauthorizedAuthorError => e
+          Aidp.log_warn("watch_runner", "unauthorized issue author", issue: issue[:number], error: e.message)
         end
       end
 

data/lib/aidp/workflows/guided_agent.rb

@@ -18,7 +18,7 @@ module Aidp
 
       class ConversationError < StandardError; end
 
-      def initialize(project_dir, prompt: nil, use_enhanced_input: true)
+      def initialize(project_dir, prompt: nil, use_enhanced_input: true, verbose: false)
         @project_dir = project_dir
 
         # Use EnhancedInput with Reline for full readline-style key bindings
@@ -32,6 +32,9 @@ module Aidp
         @provider_manager = Aidp::Harness::ProviderManager.new(@config_manager, prompt: @prompt)
         @conversation_history = []
         @user_input = {}
+        @invalid_planning_responses = 0
+        @verbose = verbose
+        @debug_env = ENV["DEBUG"] == "1" || ENV["DEBUG"] == "2"
       end
 
       # Main entry point for guided workflow selection
@@ -79,6 +82,7 @@ module Aidp
           iteration += 1
           # Ask AI for next question based on current plan
           question_response = get_planning_questions(plan)
+          emit_verbose_iteration(plan, question_response)
 
           # Debug: show raw provider response and parsed result
           debug_log("Planning iteration #{iteration} provider response", level: :debug, data: {
@@ -131,9 +135,10 @@ module Aidp
         end
 
         response = call_provider_for_analysis(system_prompt, user_prompt)
-        parsed = parse_planning_response(response)
+        parsed = safe_parse_planning_response(response)
         # Attach raw response for debug
         parsed[:raw_response] = response
+        emit_verbose_raw_prompt(system_prompt, user_prompt, response)
         parsed
       end
 
@@ -231,24 +236,87 @@ module Aidp
           result
         rescue => e
           message = e.message.to_s
+
+          # Classify error type for better handling
           classified = if message =~ /resource[_ ]exhausted/i || message =~ /\[resource_exhausted\]/i
             "resource_exhausted"
           elsif message =~ /quota[_ ]exceeded/i || message =~ /\[quota_exceeded\]/i
             "quota_exceeded"
+          elsif /empty response/i.match?(message)
+            "empty_response"
+          else
+            "provider_error"
           end
 
-          if classified && attempts < max_attempts
-            display_message("⚠️  Provider '#{provider_name}' #{classified.tr("_", " ")} – attempting fallback...", type: :warning)
-            switched = @provider_manager.switch_provider_for_error(classified, stderr: message) if @provider_manager.respond_to?(:switch_provider_for_error)
-            if switched && switched != provider_name
-              display_message("↩️  Switched to provider '#{switched}'", type: :info)
-              retry
+          # Attempt fallback if we haven't exhausted all providers
+          if attempts < max_attempts
+            display_message("⚠️  Provider '#{provider_name}' failed (#{classified.tr("_", " ")}) – attempting fallback...", type: :warning)
+
+            if @provider_manager.respond_to?(:switch_provider_for_error)
+              # Try to switch to fallback provider
+              switched = @provider_manager.switch_provider_for_error(classified, stderr: message)
+
+              if switched && switched != provider_name
+                display_message("↩️  Switched to provider '#{switched}' – retrying with same prompt", type: :info)
+                retry
+              elsif switched == provider_name
+                # ProviderManager could not advance; mark current as rate limited to encourage next attempt to move on.
+                Aidp.logger.debug("guided_agent", "provider_switch_noop", provider: provider_name, reason: classified)
+                if @provider_manager.respond_to?(:mark_rate_limited)
+                  @provider_manager.mark_rate_limited(provider_name)
+                  next_provider = @provider_manager.switch_provider("rate_limit_forced", previous_error: message)
+                  if next_provider && next_provider != provider_name
+                    display_message("↩️  Switched to provider '#{next_provider}' (forced) – retrying with same prompt", type: :info)
+                    retry
+                  end
+                end
+              end
             end
           end
+
+          # If we get here, either we've exhausted all attempts or couldn't switch providers
+          if attempts >= max_attempts
+            display_message("❌ All providers exhausted after #{attempts} attempts", type: :error)
+          end
           raise
         end
       end
 
+      # Verbose output helpers
+      def emit_verbose_raw_prompt(system_prompt, user_prompt, raw_response)
+        return unless @verbose || @debug_env
+        if @verbose
+          display_message("\n--- Prompt Sent (Planning) ---", type: :muted)
+          display_message(system_prompt.strip, type: :muted)
+          display_message(user_prompt.strip, type: :muted)
+          display_message("--- Raw Provider Response ---", type: :muted)
+          display_message(raw_response.to_s.strip, type: :muted)
+          display_message("------------------------------\n", type: :muted)
+        elsif @debug_env
+          Aidp.logger.debug("guided_agent", "planning_prompt", system: system_prompt.strip, user: user_prompt.strip)
+          Aidp.logger.debug("guided_agent", "planning_raw_response", raw: raw_response.to_s.strip)
+        end
+      rescue => e
+        Aidp.logger.warn("guided_agent", "Failed verbose prompt emit", error: e.message)
+      end
+
+      def emit_verbose_iteration(plan, question_response)
+        return unless @verbose || @debug_env
+        summary = {complete: question_response[:complete], questions: question_response[:questions], reasoning: question_response[:reasoning], error: question_response[:error]}
+        if @verbose
+          display_message("\n=== Planning Iteration Summary ===", type: :info)
+          display_message("Questions: #{(summary[:questions] || []).join(" | ")}", type: :info)
+          display_message("Complete? #{summary[:complete]}", type: :info)
+          display_message("Reasoning: #{summary[:reasoning]}", type: :muted) if summary[:reasoning]
+          display_message("Error: #{summary[:error]}", type: :warning) if summary[:error]
+          display_message("=================================", type: :info)
+        elsif @debug_env
+          Aidp.logger.debug("guided_agent", "iteration_summary", summary: summary, plan_progress_keys: plan.keys)
+        end
+      rescue => e
+        Aidp.logger.warn("guided_agent", "Failed verbose iteration emit", error: e.message)
+      end
+
       def validate_provider_configuration!
         configured = @provider_manager.configured_providers
         if configured.nil? || configured.empty?
@@ -307,20 +375,53 @@ module Aidp
         json_match = response_text.match(/```json\s*(\{.*?\})\s*```/m) ||
           response_text.match(/(\{.*\})/m)
 
-        unless json_match
-          return {complete: false, questions: ["Could you tell me more about your requirements?"]}
-        end
-
+        return {error: :invalid_format} unless json_match
         JSON.parse(json_match[1], symbolize_names: true)
       rescue JSON::ParserError
-        {complete: false, questions: ["Could you tell me more about your requirements?"]}
+        {error: :invalid_format}
+      end
+
+      # Provides structured fallback sequence when provider keeps returning invalid planning JSON.
+      # After exceeding sequence length, switches to manual entry question.
+      def safe_parse_planning_response(response_text)
+        parsed = parse_planning_response(response_text)
+        return parsed unless parsed.is_a?(Hash) && parsed[:error] == :invalid_format
+
+        @invalid_planning_responses += 1
+        fallback_sequence = [
+          "Provide scope (key features) and primary users.",
+          "List 3-5 key functional requirements and any technical constraints.",
+          "Supply any non-functional requirements (performance/security) or type 'skip'."
+        ]
+
+        if @invalid_planning_responses <= fallback_sequence.size
+          {complete: false, questions: [fallback_sequence[@invalid_planning_responses - 1]], reasoning: "Fallback due to invalid provider response (format)", error: :fallback}
+        else
+          display_message("[ERROR] Provider returned invalid planning JSON #{@invalid_planning_responses} times. Enter combined plan details manually.", type: :error)
+          {complete: false, questions: ["Enter plan details manually (features; users; requirements; constraints) or type 'skip'"], reasoning: "Manual recovery mode", error: :manual_recovery}
+        end
       end
 
       def update_plan_from_answer(plan, question, answer)
         # Simple heuristic-based plan updates
         # In a more sophisticated implementation, use AI to categorize answers
 
-        if question.downcase.include?("scope") || question.downcase.include?("include")
+        # IMPORTANT: Check manual recovery sentinel prompt first so it isn't misclassified
+        # by broader keyword heuristics (e.g., it contains the word 'users').
+        if question.start_with?("Enter plan details manually")
+          unless answer.strip.downcase == "skip"
+            parts = answer.split(/;|\|/).map(&:strip).reject(&:empty?)
+            features, users, requirements, constraints = parts
+            plan[:scope][:included] ||= []
+            plan[:scope][:included] << features if features
+            plan[:users][:personas] ||= []
+            plan[:users][:personas] << users if users
+            plan[:requirements][:functional] ||= []
+            plan[:requirements][:functional] << requirements if requirements
+            plan[:constraints][:technical] ||= []
+            plan[:constraints][:technical] << constraints if constraints
+          end
+        elsif question.downcase.include?("scope") || question.downcase.include?("include")
           plan[:scope][:included] ||= []
           plan[:scope][:included] << answer
         elsif question.downcase.include?("user") || question.downcase.include?("who")
@@ -338,7 +439,6 @@ module Aidp
         elsif question.downcase.include?("complete") || question.downcase.include?("done") || question.downcase.include?("success")
           plan[:completion_criteria] << answer
         else
-          # General information
           plan[:additional_context] ||= []
           plan[:additional_context] << {question: question, answer: answer}
         end

data/lib/aidp.rb

@@ -7,6 +7,7 @@ require_relative "aidp/core_ext/class_attribute"
 require_relative "aidp/version"
 require_relative "aidp/config"
 require_relative "aidp/util"
+require_relative "aidp/rescue_logging"
 require_relative "aidp/message_display"
 require_relative "aidp/concurrency"
 require_relative "aidp/setup/wizard"

data/templates/planning/generate_llm_style_guide.md

@@ -1,6 +1,6 @@
 # Generate LLM Style Guide
 
-Your task is to create a project-specific **LLM_STYLE_GUIDE.md** that will be used by AI agents working on this project. This guide should be concise, actionable, and tailored to this specific codebase.
+Your task is to create a project-specific **LLM_STYLE_GUIDE.md** and **STYLE_GUIDE.md** that will be used by AI agents working on this project. The LLM guide should be concise and actionable, while the full guide provides detailed context and rationale.
 
 ## Context
 
@@ -13,9 +13,27 @@ You have access to the project directory. Examine the codebase to understand:
 - Project structure
 - Dependencies and frameworks
 
-## Requirements
+## Two-Guide Approach
 
-Create a file at `docs/LLM_STYLE_GUIDE.md` with the following sections:
+Create **TWO** complementary guides:
+
+### 1. STYLE_GUIDE.md (Detailed Reference)
+
+- Comprehensive explanations with examples
+- Rationale and context for each guideline
+- Deep dives into patterns and anti-patterns
+- Located at `docs/STYLE_GUIDE.md`
+
+### 2. LLM_STYLE_GUIDE.md (Quick Reference)
+
+- Ultra-concise bullet points for quick scanning
+- Each guideline references back to STYLE_GUIDE.md with line numbers
+- Format: `Guideline text. STYLE_GUIDE:start-end`
+- Located at `docs/LLM_STYLE_GUIDE.md`
+
+## Requirements for LLM_STYLE_GUIDE.md
+
+Create a file at `docs/LLM_STYLE_GUIDE.md` with the following sections, **adding line number references to the detailed guide**:
 
 ### 1. Core Engineering Rules
 
@@ -88,32 +106,97 @@ Create a file at `docs/LLM_STYLE_GUIDE.md` with the following sections:
 
 ## Output Format
 
-The LLM_STYLE_GUIDE.md should be:
+### STYLE_GUIDE.md Format
+
+The detailed guide should be:
+
+- **Comprehensive**: Full explanations with context and rationale
+- **Example-driven**: Show code examples for each pattern
+- **Well-structured**: Clear section headers that can be referenced by line number
+- **Numbered sections**: Use consistent heading levels for easy reference
+
+### LLM_STYLE_GUIDE.md Format
+
+The concise guide should be:
 
 - **Concise**: Use bullet points and tables where possible
+- **Cross-referenced**: Every guideline includes `STYLE_GUIDE:start-end` reference
 - **Specific**: Reference actual code patterns from this project
 - **Actionable**: Provide clear do's and don'ts
 - **Scannable**: Use headers, lists, and formatting for easy reference
 
+## Creating Cross-References
+
+### Step 1: Write STYLE_GUIDE.md first
+
+```markdown
+## Code Organization      # Line 18
+
+### Class Structure       # Line 20
+...detailed explanation...
+
+### File Organization     # Line 45
+...detailed explanation...
+```
+
+### Step 2: Add references to LLM_STYLE_GUIDE.md
+
+For each guideline in the LLM guide, add the line range from STYLE_GUIDE.md:
+
+```markdown
+## 1. Core Engineering Rules
+
+- Small objects, clear roles. Avoid god classes. `STYLE_GUIDE:18-50`
+- Methods: do one thing; extract early. `STYLE_GUIDE:108-117`
+```
+
+### Step 3: Verify line numbers
+
+Use `grep -n "^##" docs/STYLE_GUIDE.md` to find section headers and their line numbers.
+
 ## Example Structure
 
+### STYLE_GUIDE.md
+
+```markdown
+# Project Style Guide
+
+## Code Organization
+
+Detailed explanation of code organization principles...
+
+### Single Responsibility Principle
+
+Detailed explanation with examples...
+
+## Testing Guidelines
+
+Comprehensive testing approach...
+```
+
+### LLM_STYLE_GUIDE.md
+
 ```markdown
-# Project LLM Style Guide
+# Project LLM Style Cheat Sheet
 
-> Concise rules for AI agents working on [Project Name]. Based on [Language/Framework].
+> Ultra-concise rules for automated coding agents.
 
 ## 1. Core Engineering Rules
-- [Specific rule based on this project]
-- [Another specific rule]
 
-## 2. Naming & Structure
-- Classes: [convention]
-- Files: [convention]
-- [etc.]
+- Small objects, clear roles. `STYLE_GUIDE:18-50`
+- Methods: do one thing; extract early. `STYLE_GUIDE:108-117`
+
+## 2. Testing Contracts
 
-[Continue with all sections...]
+- Test public behavior only. `STYLE_GUIDE:1022-1261`
+- Mock external boundaries only. `STYLE_GUIDE:1022-1261`
 ```
 
 ## Deliverable
 
-Create `docs/LLM_STYLE_GUIDE.md` with all the sections above, tailored specifically to this project's codebase, languages, and frameworks.
+Create **BOTH** files:
+
+1. `docs/STYLE_GUIDE.md` - Comprehensive guide with detailed explanations
+2. `docs/LLM_STYLE_GUIDE.md` - Quick reference with line number cross-references to the detailed guide
+
+The guides should work together: AI agents read the concise LLM guide for quick decisions, then reference the detailed STYLE_GUIDE for context and examples when needed.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aidp
 version: !ruby/object:Gem::Version
-  version: 0.19.1
+  version: 0.21.0
 platform: ruby
 authors:
 - Bart Agapinan
@@ -379,6 +379,7 @@ files:
 - lib/aidp/watch/plan_generator.rb
 - lib/aidp/watch/plan_processor.rb
 - lib/aidp/watch/repository_client.rb
+- lib/aidp/watch/repository_safety_checker.rb
 - lib/aidp/watch/runner.rb
 - lib/aidp/watch/state_store.rb
 - lib/aidp/workflows/definitions.rb