@blackbelt-technology/pi-agent-dashboard 0.4.6 → 0.5.0

package/packages/extension/src/__tests__/build-provider-catalogue.test.ts

@@ -0,0 +1,176 @@
+/**
+ * Tests for `_buildProviderCatalogue` — the bridge-side pure helper that
+ * derives ProviderInfo[] from a captured ModelRegistry.
+ * See change: replace-hardcoded-provider-lists.
+ */
+import { describe, it, expect } from "vitest";
+import { _buildProviderCatalogue } from "../provider-register.js";
+
+function makeRegistry(opts: {
+  oauthIds?: string[];
+  models?: Array<{ provider: string; id: string }>;
+  authStatus?: Record<string, { configured: boolean; source?: string }>;
+  credentials?: Record<string, { type: "oauth" | "api_key"; expires?: number; key?: string }>;
+  displayNames?: Record<string, string>;
+}): any {
+  return {
+    authStorage: {
+      getOAuthProviders: () => (opts.oauthIds ?? []).map((id) => ({ id, name: id })),
+      getAuthStatus: (id: string) => opts.authStatus?.[id] ?? { configured: false },
+      get: (id: string) => opts.credentials?.[id],
+    },
+    getAll: () => opts.models ?? [],
+    getProviderDisplayName: (id: string) => opts.displayNames?.[id] ?? id,
+  };
+}
+
+describe("_buildProviderCatalogue", () => {
+  it("returns [] when registry is null", () => {
+    expect(_buildProviderCatalogue(null, {})).toEqual([]);
+  });
+
+  it("includes every OAuth id and every distinct model.provider, deduplicated", () => {
+    const reg = makeRegistry({
+      oauthIds: ["anthropic", "openai-codex"],
+      models: [
+        { provider: "anthropic", id: "claude-4" },
+        { provider: "deepseek", id: "deepseek-chat" },
+        { provider: "deepseek", id: "deepseek-coder" },
+      ],
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    const ids = cat.map((c) => c.id).sort();
+    expect(ids).toEqual(["anthropic", "deepseek", "openai-codex"]);
+  });
+
+  it("sets hasOAuth true only for ids in the OAuth provider set", () => {
+    const reg = makeRegistry({
+      oauthIds: ["anthropic"],
+      models: [{ provider: "anthropic", id: "x" }, { provider: "deepseek", id: "y" }],
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat.find((c) => c.id === "anthropic")?.hasOAuth).toBe(true);
+    expect(cat.find((c) => c.id === "deepseek")?.hasOAuth).toBe(false);
+  });
+
+  it("populates displayName from getProviderDisplayName, falling back to id", () => {
+    const reg = makeRegistry({
+      models: [{ provider: "deepseek", id: "x" }, { provider: "custom-llm", id: "y" }],
+      displayNames: { deepseek: "DeepSeek" },
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat.find((c) => c.id === "deepseek")?.displayName).toBe("DeepSeek");
+    expect(cat.find((c) => c.id === "custom-llm")?.displayName).toBe("custom-llm");
+  });
+
+  it("populates configured + source from authStorage.getAuthStatus", () => {
+    const reg = makeRegistry({
+      models: [{ provider: "openai", id: "gpt-4" }],
+      authStatus: { openai: { configured: false, source: "environment" } },
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    const row = cat.find((c) => c.id === "openai")!;
+    expect(row.configured).toBe(false);
+    expect(row.source).toBe("environment");
+  });
+
+  it("populates expires for OAuth credentials in auth.json", () => {
+    const reg = makeRegistry({
+      oauthIds: ["anthropic"],
+      models: [{ provider: "anthropic", id: "x" }],
+      credentials: { anthropic: { type: "oauth", expires: 1234567890 } },
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat.find((c) => c.id === "anthropic")?.expires).toBe(1234567890);
+  });
+
+  it("api_key credentials do not surface expires", () => {
+    const reg = makeRegistry({
+      models: [{ provider: "openai", id: "x" }],
+      credentials: { openai: { type: "api_key", key: "sk-..." } },
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat.find((c) => c.id === "openai")?.expires).toBeUndefined();
+  });
+
+  it("populates envVar from piAi.findEnvKeys (first entry)", () => {
+    const reg = makeRegistry({ models: [{ provider: "openai", id: "x" }] });
+    const cat = _buildProviderCatalogue(reg, {
+      findEnvKeys: (id) => (id === "openai" ? ["OPENAI_API_KEY"] : undefined),
+    });
+    expect(cat.find((c) => c.id === "openai")?.envVar).toBe("OPENAI_API_KEY");
+  });
+
+  it("sets ambient when piAi.getEnvApiKey returns '<authenticated>'", () => {
+    const reg = makeRegistry({ models: [{ provider: "google-vertex", id: "x" }] });
+    const cat = _buildProviderCatalogue(reg, {
+      getEnvApiKey: (id) => (id === "google-vertex" ? "<authenticated>" : undefined),
+    });
+    expect(cat.find((c) => c.id === "google-vertex")?.ambient).toBe(true);
+  });
+
+  it("ambient stays undefined for ordinary api keys", () => {
+    const reg = makeRegistry({ models: [{ provider: "openai", id: "x" }] });
+    const cat = _buildProviderCatalogue(reg, {
+      getEnvApiKey: () => "sk-real-key",
+    });
+    expect(cat.find((c) => c.id === "openai")?.ambient).toBeUndefined();
+  });
+
+  it("does not throw when pi-ai helpers are missing", () => {
+    const reg = makeRegistry({ models: [{ provider: "openai", id: "x" }] });
+    expect(() => _buildProviderCatalogue(reg, {})).not.toThrow();
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat[0].envVar).toBeUndefined();
+    expect(cat[0].ambient).toBeUndefined();
+  });
+
+  it("marks ids in customIds set with custom:true; catalogue stays complete", () => {
+    const reg = makeRegistry({
+      models: [
+        { provider: "deepseek", id: "deepseek-chat" },
+        { provider: "proxy", id: "opus-4" },         // custom (registered via providers.json)
+        { provider: "your-llmproxy", id: "foo" },    // custom
+      ],
+    });
+    const customIds = new Set(["proxy", "your-llmproxy"]);
+    const cat = _buildProviderCatalogue(reg, {}, customIds);
+    // ALL providers present — the catalogue does not filter; consumers do.
+    const ids = cat.map((c) => c.id).sort();
+    expect(ids).toEqual(["deepseek", "proxy", "your-llmproxy"]);
+    // Custom flag is set only for custom providers.
+    expect(cat.find((c) => c.id === "deepseek")?.custom).toBeUndefined();
+    expect(cat.find((c) => c.id === "proxy")?.custom).toBe(true);
+    expect(cat.find((c) => c.id === "your-llmproxy")?.custom).toBe(true);
+  });
+
+  it("OAuth-handler ids carry custom:true when in customIds (custom OAuth provider)", () => {
+    const reg = makeRegistry({
+      oauthIds: ["corporate-sso"],
+      models: [{ provider: "corporate-sso", id: "x" }, { provider: "deepseek", id: "y" }],
+    });
+    const cat = _buildProviderCatalogue(reg, {}, new Set(["corporate-sso"]));
+    expect(cat.find((c) => c.id === "corporate-sso")?.hasOAuth).toBe(true);
+    expect(cat.find((c) => c.id === "corporate-sso")?.custom).toBe(true);
+  });
+
+  it("empty customIds = no provider marked custom (default behaviour)", () => {
+    const reg = makeRegistry({
+      models: [{ provider: "deepseek", id: "x" }, { provider: "proxy", id: "y" }],
+    });
+    const cat = _buildProviderCatalogue(reg, {});
+    const ids = cat.map((c) => c.id).sort();
+    expect(ids).toEqual(["deepseek", "proxy"]);
+    expect(cat.every((c) => !c.custom)).toBe(true);
+  });
+
+  it("does not throw when getProviderDisplayName throws", () => {
+    const reg = {
+      authStorage: { getOAuthProviders: () => [], getAuthStatus: () => ({ configured: false }), get: () => undefined },
+      getAll: () => [{ provider: "weird", id: "x" }],
+      getProviderDisplayName: () => { throw new Error("boom"); },
+    };
+    const cat = _buildProviderCatalogue(reg, {});
+    expect(cat[0].displayName).toBe("weird");
+  });
+});

package/packages/extension/src/__tests__/markdown-image-inliner.test.ts

@@ -0,0 +1,355 @@
+/**
+ * Tests for the bridge's markdown image inliner.
+ * See change: chat-markdown-local-images-and-math.
+ */
+import { describe, it, expect } from "vitest";
+import {
+  inlineMessageText,
+  parseImageTokens,
+  isLocalSrc,
+  mimeFromExtension,
+  hashBytes,
+  resolveLocalPath,
+  type ReadFileOutcome,
+} from "../markdown-image-inliner.js";
+
+/** Build a fake `readFile` from an in-memory map. Missing keys → ENOENT. */
+function fakeReader(files: Record<string, Buffer | "EACCES" | "EISDIR" | "EOTHER">) {
+  return (absolutePath: string): ReadFileOutcome => {
+    const v = files[absolutePath];
+    if (v === undefined) return { ok: false, kind: "ENOENT" };
+    if (v === "EACCES") return { ok: false, kind: "EACCES" };
+    if (v === "EISDIR") return { ok: false, kind: "EISDIR" };
+    if (v === "EOTHER") return { ok: false, kind: "EOTHER" };
+    return { ok: true, bytes: v };
+  };
+}
+
+const PNG = Buffer.from("png-bytes");
+const PNG_2 = Buffer.from("different-png-bytes");
+const SVG = Buffer.from("<svg/>");
+
+describe("parseImageTokens", () => {
+  it("matches a single image token", () => {
+    const tokens = parseImageTokens("Hello ![pic](/abs/path.png) world");
+    expect(tokens).toHaveLength(1);
+    expect(tokens[0].alt).toBe("pic");
+    expect(tokens[0].src).toBe("/abs/path.png");
+    expect(tokens[0].token).toBe("![pic](/abs/path.png)");
+  });
+
+  it("matches multiple image tokens", () => {
+    const tokens = parseImageTokens("![a](/x.png) and ![b](/y.png)");
+    expect(tokens.map((t) => t.src)).toEqual(["/x.png", "/y.png"]);
+  });
+
+  it("does not match partial token without closing paren", () => {
+    const tokens = parseImageTokens("Hello ![pic](/abs/path");
+    expect(tokens).toHaveLength(0);
+  });
+
+  it("does not match non-image link with single bracket", () => {
+    const tokens = parseImageTokens("[click](/x.png)");
+    expect(tokens).toHaveLength(0);
+  });
+});
+
+describe("isLocalSrc", () => {
+  it("treats data: / blob: / http(s): / pi-asset: / # as non-local", () => {
+    expect(isLocalSrc("data:image/png;base64,XXX")).toBe(false);
+    expect(isLocalSrc("blob:abc-123")).toBe(false);
+    expect(isLocalSrc("http://x/y.png")).toBe(false);
+    expect(isLocalSrc("https://x/y.png")).toBe(false);
+    expect(isLocalSrc("pi-asset:abc1234567890123")).toBe(false);
+    expect(isLocalSrc("#anchor")).toBe(false);
+  });
+
+  it("treats absolute and relative paths as local", () => {
+    expect(isLocalSrc("/abs/x.png")).toBe(true);
+    expect(isLocalSrc("./rel.png")).toBe(true);
+    expect(isLocalSrc("../up.png")).toBe(true);
+    expect(isLocalSrc("file:///a/b.png")).toBe(true);
+  });
+});
+
+describe("mimeFromExtension", () => {
+  it("matches case-insensitively", () => {
+    expect(mimeFromExtension("/x/y.PNG")).toBe("image/png");
+    expect(mimeFromExtension("/x/y.JpEg")).toBe("image/jpeg");
+  });
+
+  it("returns null for non-image extensions", () => {
+    expect(mimeFromExtension("/x/y.txt")).toBe(null);
+    expect(mimeFromExtension("/x/y")).toBe(null);
+  });
+
+  it("recognizes svg", () => {
+    expect(mimeFromExtension("/x/y.svg")).toBe("image/svg+xml");
+  });
+});
+
+describe("hashBytes", () => {
+  it("produces 16 hex chars", () => {
+    const h = hashBytes(Buffer.from("hello"));
+    expect(h).toHaveLength(16);
+    expect(h).toMatch(/^[0-9a-f]{16}$/);
+  });
+
+  it("is deterministic", () => {
+    expect(hashBytes(Buffer.from("hello"))).toBe(hashBytes(Buffer.from("hello")));
+  });
+
+  it("differs for different bytes", () => {
+    expect(hashBytes(Buffer.from("a"))).not.toBe(hashBytes(Buffer.from("b")));
+  });
+});
+
+describe("resolveLocalPath", () => {
+  it("strips file:// prefix", () => {
+    expect(resolveLocalPath("file:///abs/x.png", "/cwd")).toBe("/abs/x.png");
+  });
+
+  it("returns absolute paths as-is", () => {
+    expect(resolveLocalPath("/abs/x.png", "/cwd")).toBe("/abs/x.png");
+  });
+
+  it("resolves relative paths against cwd", () => {
+    expect(resolveLocalPath("./x.png", "/cwd")).toBe("/cwd/x.png");
+  });
+});
+
+describe("inlineMessageText — pass-through cases", () => {
+  it("external https URL passes through unchanged", () => {
+    const r = inlineMessageText("![logo](https://example.com/logo.png)", {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("![logo](https://example.com/logo.png)");
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("data: URL passes through unchanged", () => {
+    const r = inlineMessageText("![](data:image/png;base64,XXX)", {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("![](data:image/png;base64,XXX)");
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("blob: URL passes through unchanged", () => {
+    const r = inlineMessageText("![](blob:abc-123)", {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("![](blob:abc-123)");
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("partially-formed token (no closing paren) passes through unchanged", () => {
+    const text = "streaming chunk ![pic](/home/me/shot.p";
+    const r = inlineMessageText(text, {
+      readFile: fakeReader({ "/home/me/shot.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe(text);
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("idempotent on text containing pi-asset tokens", () => {
+    const text = "Here is ![pic](pi-asset:abc1234567890123)";
+    const alreadyEmitted = new Set<string>(["abc1234567890123"]);
+    const r1 = inlineMessageText(text, {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted,
+    });
+    const r2 = inlineMessageText(r1.rewritten, {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted,
+    });
+    expect(r1.rewritten).toBe(text);
+    expect(r2.rewritten).toBe(text);
+    expect(r1.assetsToEmit).toEqual([]);
+    expect(r2.assetsToEmit).toEqual([]);
+  });
+});
+
+describe("inlineMessageText — happy path", () => {
+  it("inlines a single absolute-path local image", () => {
+    const r = inlineMessageText("Here is ![pic](/home/me/shot.png) end", {
+      readFile: fakeReader({ "/home/me/shot.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    const expectedHash = hashBytes(PNG);
+    expect(r.rewritten).toBe(`Here is ![pic](pi-asset:${expectedHash}) end`);
+    expect(r.assetsToEmit).toEqual([
+      { hash: expectedHash, mimeType: "image/png", data: PNG.toString("base64") },
+    ]);
+  });
+
+  it("inlines a relative-path image resolved against cwd", () => {
+    const r = inlineMessageText("![pic](./shot.png)", {
+      readFile: fakeReader({ "/work/shot.png": PNG }),
+      cwd: "/work",
+      alreadyEmitted: new Set(),
+    });
+    const expectedHash = hashBytes(PNG);
+    expect(r.rewritten).toBe(`![pic](pi-asset:${expectedHash})`);
+    expect(r.assetsToEmit).toHaveLength(1);
+  });
+
+  it("inlines an SVG as image/svg+xml", () => {
+    const r = inlineMessageText("![diagram](/d.svg)", {
+      readFile: fakeReader({ "/d.svg": SVG }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.assetsToEmit[0].mimeType).toBe("image/svg+xml");
+    expect(r.rewritten).toContain("pi-asset:");
+  });
+
+  it("matches extension case-insensitively", () => {
+    const r = inlineMessageText("![pic](/x/SHOT.PNG)", {
+      readFile: fakeReader({ "/x/SHOT.PNG": PNG }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.assetsToEmit).toHaveLength(1);
+    expect(r.assetsToEmit[0].mimeType).toBe("image/png");
+  });
+});
+
+describe("inlineMessageText — dedup", () => {
+  it("emits one asset for two refs to the same file in one message", () => {
+    const r = inlineMessageText("![a](/same.png) and ![b](/same.png)", {
+      readFile: fakeReader({ "/same.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.assetsToEmit).toHaveLength(1);
+    const hash = hashBytes(PNG);
+    expect(r.rewritten).toBe(`![a](pi-asset:${hash}) and ![b](pi-asset:${hash})`);
+  });
+
+  it("emits zero assets for refs to a hash already in alreadyEmitted", () => {
+    const hash = hashBytes(PNG);
+    const set = new Set<string>([hash]);
+    const r = inlineMessageText("![pic](/same.png)", {
+      readFile: fakeReader({ "/same.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: set,
+    });
+    expect(r.assetsToEmit).toEqual([]);
+    expect(r.rewritten).toBe(`![pic](pi-asset:${hash})`);
+  });
+
+  it("dedup carries across multiple inliner invocations sharing the same Set", () => {
+    const set = new Set<string>();
+    const r1 = inlineMessageText("![a](/x.png)", {
+      readFile: fakeReader({ "/x.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: set,
+    });
+    expect(r1.assetsToEmit).toHaveLength(1);
+    const r2 = inlineMessageText("![b](/x.png)", {
+      readFile: fakeReader({ "/x.png": PNG }),
+      cwd: "/c",
+      alreadyEmitted: set,
+    });
+    expect(r2.assetsToEmit).toEqual([]);
+    expect(r2.rewritten).toBe(r1.rewritten.replace("![a]", "![b]"));
+  });
+});
+
+describe("inlineMessageText — placeholder branches", () => {
+  it("non-image extension yields [unsupported image type: ...]", () => {
+    const r = inlineMessageText("![doc](/notes.txt)", {
+      readFile: fakeReader({ "/notes.txt": Buffer.from("hi") }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("[unsupported image type: /notes.txt]");
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("ENOENT yields [image not found: ...]", () => {
+    const r = inlineMessageText("![x](/no/such.png)", {
+      readFile: fakeReader({}),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("[image not found: /no/such.png]");
+  });
+
+  it("EACCES is folded into [image not found: ...] (no permission leak)", () => {
+    const r = inlineMessageText("![x](/root/private.png)", {
+      readFile: fakeReader({ "/root/private.png": "EACCES" }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("[image not found: /root/private.png]");
+  });
+
+  it("EISDIR yields [image read failed: ...]", () => {
+    const r = inlineMessageText("![x](/home/me)", {
+      readFile: fakeReader({ "/home/me": "EISDIR" }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toBe("[image read failed: /home/me]");
+  });
+
+  it("oversized image yields [image too large: ...]", () => {
+    const big = Buffer.alloc(6 * 1024 * 1024, 0xab);
+    const r = inlineMessageText("![pic](/big.png)", {
+      readFile: fakeReader({ "/big.png": big }),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.rewritten).toMatch(/^\[image too large: \/big\.png \(6\.0 MB\)\]$/);
+    expect(r.assetsToEmit).toEqual([]);
+  });
+
+  it("per-message budget exhausted after caps reached", () => {
+    // Five distinct 4.5 MB images. First four fit (18 MB ≤ 20 MB cap), fifth
+    // pushes total to 22.5 MB and is rejected.
+    const make = (i: number) => Buffer.alloc(4.5 * 1024 * 1024, i);
+    const files: Record<string, Buffer> = {};
+    let text = "";
+    for (let i = 0; i < 5; i++) {
+      const p = `/img${i}.png`;
+      files[p] = make(i);
+      text += `![p${i}](${p}) `;
+    }
+    const r = inlineMessageText(text, {
+      readFile: fakeReader(files),
+      cwd: "/c",
+      alreadyEmitted: new Set(),
+    });
+    expect(r.assetsToEmit).toHaveLength(4);
+    expect(r.rewritten).toContain("[message asset budget exhausted: /img4.png]");
+  });
+
+  it("already-registered asset does not count against budget", () => {
+    // 4 MB new + 18 MB already-registered → cumulative new bytes = 4 MB
+    const newImg = Buffer.alloc(4 * 1024 * 1024, 1);
+    const oldImg = Buffer.alloc(18 * 1024 * 1024, 2);
+    const oldHash = hashBytes(oldImg);
+    const r = inlineMessageText("![n](/new.png) ![o](/old.png)", {
+      readFile: fakeReader({ "/new.png": newImg, "/old.png": oldImg }),
+      cwd: "/c",
+      alreadyEmitted: new Set([oldHash]),
+    });
+    expect(r.assetsToEmit).toHaveLength(1);
+    expect(r.assetsToEmit[0].hash).toBe(hashBytes(newImg));
+    expect(r.rewritten).toContain(`pi-asset:${hashBytes(newImg)}`);
+    expect(r.rewritten).toContain(`pi-asset:${oldHash}`);
+  });
+});

package/packages/extension/src/__tests__/openspec-activity-detector.test.ts

@@ -266,4 +266,72 @@ describe("detectOpenSpecActivity", () => {
       expect(result).toEqual({ changeName: "add-auth", isActive: true });
     });
   });
+
+  describe("non-slug-shaped change names (fix-uuid-rename-bug)", () => {
+    const UUID = "019df0aa-1234-5678-9abc-def012345678";
+
+    it("returns null for UUID-shaped path on Read", () => {
+      const result = detectOpenSpecActivity("read", {
+        path: `openspec/changes/${UUID}/proposal.md`,
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for UUID-shaped path on Write", () => {
+      const result = detectOpenSpecActivity("write", {
+        path: `openspec/changes/${UUID}/proposal.md`,
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for UUID-shaped CLI argument", () => {
+      const result = detectOpenSpecActivity("bash", {
+        command: `openspec archive ${UUID}`,
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for uppercase change name on Read", () => {
+      const result = detectOpenSpecActivity("read", {
+        path: "openspec/changes/AddAuth/proposal.md",
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for underscore-containing CLI argument", () => {
+      const result = detectOpenSpecActivity("bash", {
+        command: "openspec archive add_auth",
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for digit-prefixed CLI argument", () => {
+      const result = detectOpenSpecActivity("bash", {
+        command: "openspec archive 1bad",
+      });
+      expect(result).toBeNull();
+    });
+
+    it("returns null for token exceeding 64-character cap", () => {
+      const longName = "a".repeat(65);
+      const result = detectOpenSpecActivity("write", {
+        path: `openspec/changes/${longName}/spec.md`,
+      });
+      expect(result).toBeNull();
+    });
+
+    it("still extracts valid digit-containing kebab slug", () => {
+      const result = detectOpenSpecActivity("bash", {
+        command: "openspec archive valid-name-123",
+      });
+      expect(result).toEqual({ changeName: "valid-name-123", isActive: true });
+    });
+
+    it("still extracts valid slug from Write path", () => {
+      const result = detectOpenSpecActivity("write", {
+        path: "openspec/changes/fix-mobile-attach/proposal.md",
+      });
+      expect(result).toEqual({ changeName: "fix-mobile-attach", isActive: true });
+    });
+  });
 });

package/packages/extension/src/__tests__/prompt-expander.test.ts

@@ -2,15 +2,23 @@ import { describe, it, expect, beforeEach, afterEach } from "vitest";
 import { mkdirSync, writeFileSync, rmSync } from "node:fs";
 import { join } from "node:path";
 import { expandPromptTemplateFromDisk } from "../prompt-expander.js";
+import { parseSkillBlock } from "@blackbelt-technology/pi-dashboard-shared/skill-block-parser.js";
 
 const tmpDir = join(import.meta.dirname ?? __dirname, "__tmp_prompt_test__");
 const promptsDir = join(tmpDir, ".pi", "prompts");
+const skillsDir = join(tmpDir, ".pi", "skills");
 
 beforeEach(() => {
   mkdirSync(promptsDir, { recursive: true });
   writeFileSync(join(promptsDir, "opsx-continue.md"), "---\ndescription: continue\n---\nContinue the change");
   writeFileSync(join(promptsDir, "opsx-apply.md"), "Apply the change");
   writeFileSync(join(promptsDir, "hello.md"), "Hello world");
+  // Skill fixture
+  mkdirSync(join(skillsDir, "my-skill"), { recursive: true });
+  writeFileSync(
+    join(skillsDir, "my-skill", "SKILL.md"),
+    "---\nname: my-skill\ndescription: A demo skill\n---\nFirst body line\nSecond body line",
+  );
 });
 
 afterEach(() => {
@@ -51,4 +59,41 @@ describe("expandPromptTemplateFromDisk", () => {
     expect(result).toBe("Continue the change");
     expect(result).not.toContain("---");
   });
+
+  // See change: render-skill-invocations-collapsibly.
+
+  it("wraps /skill:my-skill output in a <skill> envelope (with args)", () => {
+    const result = expandPromptTemplateFromDisk("/skill:my-skill do the thing", tmpDir);
+    expect(result.startsWith('<skill name="my-skill" location="')).toBe(true);
+    expect(result).toContain("References are relative to ");
+    expect(result).toContain("First body line\nSecond body line");
+    expect(result.endsWith("\n\ndo the thing")).toBe(true);
+    // round-trips through parseSkillBlock
+    const parsed = parseSkillBlock(result);
+    expect(parsed).not.toBeNull();
+    expect(parsed!.name).toBe("my-skill");
+    expect(parsed!.args).toBe("do the thing");
+    expect(parsed!.condensed).toBe("/skill:my-skill do the thing");
+  });
+
+  it("wraps /skill:my-skill output in a <skill> envelope (without args)", () => {
+    const result = expandPromptTemplateFromDisk("/skill:my-skill", tmpDir);
+    expect(result.startsWith('<skill name="my-skill" location="')).toBe(true);
+    expect(result.endsWith("</skill>")).toBe(true);
+    expect(result).not.toContain("</skill>\n\n");
+    const parsed = parseSkillBlock(result);
+    expect(parsed!.args).toBeUndefined();
+    expect(parsed!.condensed).toBe("/skill:my-skill");
+  });
+
+  it("prompt template /opsx-continue stays unwrapped (no <skill> tag)", () => {
+    const result = expandPromptTemplateFromDisk("/opsx-continue my-change", tmpDir);
+    expect(result).not.toContain("<skill name=");
+    expect(result).not.toContain("</skill>");
+  });
+
+  it("colon-alias prompt template /opsx:continue stays unwrapped", () => {
+    const result = expandPromptTemplateFromDisk("/opsx:continue x", tmpDir);
+    expect(result).not.toContain("<skill name=");
+  });
 });