@bridge_gpt/mcp-server 0.1.16 → 0.2.0

package/build/scheduler-backends/systemd-user.js

@@ -0,0 +1,237 @@
+/**
+ * Linux systemd-user backend (BAPI-327, primary Linux scheduler).
+ *
+ * Generates a `.service` + `.timer` pair under `~/.config/systemd/user/` and
+ * installs them with `systemctl --user`. The timer fires once via
+ * `OnCalendar=<run_at_iso>`.
+ *
+ * Drift policy: `Persistent=false` gives a real OS-level no-catch-up guarantee —
+ * a run missed during downtime is dropped, not fired late on next boot/login.
+ * (launchd and `at` cannot guarantee this; the cross-backend staleness guard is
+ * the baked `--scheduled-at <T>` value checked by `/full-automation` in Phase C.)
+ * Working directory is set by the service's `WorkingDirectory=` directive, never
+ * via a shell `cd` in ExecStart and never a Claude `--cwd` flag.
+ */
+import { promises as fs } from "node:fs";
+import { pathApiForPlatform } from "./types.js";
+import { bakedEnvEntries, systemdQuote } from "./escaping.js";
+/** Return the unit names for a schedule id. */
+export function systemdUnitNamesForId(id) {
+    return {
+        service: `bridge-gpt-full-automation-${id}.service`,
+        timer: `bridge-gpt-full-automation-${id}.timer`,
+    };
+}
+/** Return the unit file paths for a schedule id. */
+export function systemdUnitPathsForId(id, homeDir) {
+    const pathApi = pathApiForPlatform("linux");
+    const dir = pathApi.join(homeDir, ".config", "systemd", "user");
+    const names = systemdUnitNamesForId(id);
+    return {
+        service: pathApi.join(dir, names.service),
+        timer: pathApi.join(dir, names.timer),
+    };
+}
+/** Render the systemd service unit. */
+export function renderSystemdService(input) {
+    const env = bakedEnvEntries({
+        envPath: input.envPath,
+        nodePath: input.nodePath,
+        npxPath: input.npxPath,
+        claudePath: input.claudePath,
+        ideaFile: input.ideaFile,
+        repoPath: input.repoPath,
+    });
+    const envLines = env
+        .map(([key, value]) => `Environment=${key}=${systemdQuote(value)}`)
+        .join("\n");
+    const execStart = [input.invocation.exe, ...input.invocation.args]
+        .map((part) => systemdQuote(part))
+        .join(" ");
+    return [
+        "[Unit]",
+        `Description=Bridge GPT full-automation one-shot run (${input.id})`,
+        "",
+        "[Service]",
+        "Type=oneshot",
+        envLines,
+        `WorkingDirectory=${systemdQuote(input.repoPath)}`,
+        `ExecStart=${execStart}`,
+        `StandardOutput=append:${input.paths.stdoutPath}`,
+        `StandardError=append:${input.paths.stderrPath}`,
+        "",
+    ].join("\n");
+}
+/**
+ * Render an `OnCalendar` value systemd actually accepts. systemd's calendar
+ * grammar is `YYYY-MM-DD HH:MM:SS` with an optional timezone token — it does NOT
+ * accept the ISO `T` separator, fractional seconds, or a bare `Z`, so emitting
+ * `run_at_iso` verbatim makes `systemd-analyze calendar` reject the unit and the
+ * timer silently never fires. Render from the UTC fields (host-timezone
+ * independent) and append the `UTC` token.
+ */
+export function formatSystemdOnCalendar(runAtIso) {
+    const d = new Date(runAtIso);
+    const pad = (n) => String(n).padStart(2, "0");
+    const date = `${d.getUTCFullYear()}-${pad(d.getUTCMonth() + 1)}-${pad(d.getUTCDate())}`;
+    const time = `${pad(d.getUTCHours())}:${pad(d.getUTCMinutes())}:${pad(d.getUTCSeconds())}`;
+    return `${date} ${time} UTC`;
+}
+/** Render the systemd timer unit. */
+export function renderSystemdTimer(input) {
+    const names = systemdUnitNamesForId(input.id);
+    return [
+        "[Unit]",
+        `Description=Bridge GPT full-automation one-shot timer (${input.id})`,
+        "",
+        "[Timer]",
+        `OnCalendar=${formatSystemdOnCalendar(input.runAtIso)}`,
+        // Drift policy: a missed run must NOT fire late on next boot.
+        "Persistent=false",
+        `Unit=${names.service}`,
+        "",
+        "[Install]",
+        "WantedBy=timers.target",
+        "",
+    ].join("\n");
+}
+/** Whether `systemctl --user` is usable (used by isAvailable). */
+async function systemctlUserUsable(deps) {
+    const probe = await deps.runCommand("systemctl", ["--user", "--version"]);
+    return probe.exitCode === 0;
+}
+/** Create the Linux systemd-user backend. */
+export function createSystemdUserBackend() {
+    return {
+        name: "systemd-user",
+        async isAvailable(deps) {
+            if (deps.platform !== "linux")
+                return false;
+            return systemctlUserUsable(deps);
+        },
+        async create(input) {
+            const paths = systemdUnitPathsForId(input.id, input.deps.homeDir);
+            const names = systemdUnitNamesForId(input.id);
+            const serviceContent = renderSystemdService(input);
+            const timerContent = renderSystemdTimer(input);
+            const artifacts = [
+                { path: paths.service, content: serviceContent, kind: "systemd-service" },
+                { path: paths.timer, content: timerContent, kind: "systemd-timer" },
+            ];
+            const unitPaths = [paths.service, paths.timer];
+            if (input.dryRun) {
+                return {
+                    ok: true,
+                    backend: "systemd-user",
+                    unitPath: paths.timer,
+                    unitPaths,
+                    backendJobId: names.timer,
+                    artifacts,
+                };
+            }
+            const pathApi = pathApiForPlatform("linux");
+            await fs.mkdir(pathApi.dirname(paths.service), { recursive: true });
+            await fs.writeFile(paths.service, serviceContent, "utf-8");
+            await fs.writeFile(paths.timer, timerContent, "utf-8");
+            // Remove the orphaned unit files if a systemctl step fails.
+            const cleanupUnitFiles = async () => {
+                await fs.unlink(paths.timer).catch(() => undefined);
+                await fs.unlink(paths.service).catch(() => undefined);
+            };
+            const reload = await input.deps.runCommand("systemctl", ["--user", "daemon-reload"]);
+            if (reload.exitCode !== 0) {
+                await cleanupUnitFiles();
+                return {
+                    ok: false,
+                    backend: "systemd-user",
+                    unitPath: paths.timer,
+                    unitPaths,
+                    backendJobId: names.timer,
+                    artifacts,
+                    error: `systemctl --user daemon-reload failed: ${(reload.stderr || reload.stdout).trim()}`,
+                };
+            }
+            const enable = await input.deps.runCommand("systemctl", [
+                "--user",
+                "enable",
+                "--now",
+                names.timer,
+            ]);
+            if (enable.exitCode !== 0) {
+                await cleanupUnitFiles();
+                return {
+                    ok: false,
+                    backend: "systemd-user",
+                    unitPath: paths.timer,
+                    unitPaths,
+                    backendJobId: names.timer,
+                    artifacts,
+                    error: `systemctl --user enable --now failed: ${(enable.stderr || enable.stdout).trim()}`,
+                };
+            }
+            return {
+                ok: true,
+                backend: "systemd-user",
+                unitPath: paths.timer,
+                unitPaths,
+                backendJobId: names.timer,
+                artifacts,
+            };
+        },
+        async list(input) {
+            const entries = [];
+            for (const metadata of input.recorded) {
+                const paths = systemdUnitPathsForId(metadata.id, input.deps.homeDir);
+                const names = systemdUnitNamesForId(metadata.id);
+                let timerExists = true;
+                try {
+                    await fs.access(paths.timer);
+                }
+                catch {
+                    timerExists = false;
+                }
+                if (!timerExists) {
+                    entries.push({ metadata, status: "stale", detail: "timer unit file missing" });
+                    continue;
+                }
+                const status = await input.deps.runCommand("systemctl", ["--user", "status", names.timer]);
+                if (status.exitCode === 0) {
+                    entries.push({ metadata, status: "active", detail: "timer active" });
+                }
+                else if (status.exitCode === 3) {
+                    // exit 3 = unit known but inactive; still registered, treat as stale.
+                    entries.push({ metadata, status: "stale", detail: "timer inactive" });
+                }
+                else {
+                    entries.push({ metadata, status: "backend-unavailable", detail: "systemctl unavailable" });
+                }
+            }
+            return entries;
+        },
+        async cancel(input) {
+            const paths = systemdUnitPathsForId(input.metadata.id, input.deps.homeDir);
+            const names = systemdUnitNamesForId(input.metadata.id);
+            const disable = await input.deps.runCommand("systemctl", [
+                "--user",
+                "disable",
+                "--now",
+                names.timer,
+            ]);
+            let removedAny = false;
+            for (const unitPath of [paths.timer, paths.service]) {
+                try {
+                    await fs.unlink(unitPath);
+                    removedAny = true;
+                }
+                catch (error) {
+                    if (error.code !== "ENOENT") {
+                        return { ok: false, nativeRemoved: false, stale: false, error: String(error) };
+                    }
+                }
+            }
+            await input.deps.runCommand("systemctl", ["--user", "daemon-reload"]);
+            const nativeRemoved = disable.exitCode === 0 || removedAny;
+            return { ok: true, nativeRemoved, stale: disable.exitCode !== 0 };
+        },
+    };
+}

package/build/scheduler-backends/task-scheduler.js

@@ -0,0 +1,219 @@
+/**
+ * Windows Task Scheduler backend (BAPI-327).
+ *
+ * Generates a `.cmd` wrapper (baked PATH + env, `cd /D <repo>`, absolute Claude
+ * invocation, stdout/stderr redirection) plus a Task Scheduler `.xml` definition,
+ * and registers a one-shot task via `schtasks /Create /XML`.
+ *
+ * Why XML instead of `/SC ONCE /SD /ST`: the CLI `/SD` date is parsed in the
+ * host's short-date locale, so a hard-coded `MM/DD/YYYY` fails on UK/DE/JP/etc.
+ * machines. The XML `<StartBoundary>` is ISO-8601 and locale-independent.
+ *
+ * Drift policy: the generated XML omits the missed-start catch-up element (its
+ * schema default is already off), giving a real OS-level no-catch-up guarantee —
+ * a missed start never runs late. (launchd and `at` cannot guarantee this; the
+ * cross-backend staleness guard is the baked `--scheduled-at <T>` value checked by
+ * `/full-automation` in Phase C.) Working directory is handled only by `cd /D`
+ * inside the wrapper.
+ */
+import { promises as fs } from "node:fs";
+import { pathApiForPlatform } from "./types.js";
+import { bakedEnvEntries, escapeWindowsCmdSetValue, windowsCmdQuote, xmlEscape, } from "./escaping.js";
+/** Task Scheduler task name for a schedule id. */
+export function taskNameForId(id) {
+    return `BridgeGPT-FullAutomation-${id}`;
+}
+/** `%USERPROFILE%\.bridge-gpt\schedules\<id>.cmd` wrapper path for a schedule id. */
+export function cmdWrapperPathForId(id, homeDir) {
+    const pathApi = pathApiForPlatform("win32");
+    return pathApi.join(homeDir, ".bridge-gpt", "schedules", `${id}.cmd`);
+}
+/** `%USERPROFILE%\.bridge-gpt\schedules\<id>.xml` task definition path. */
+export function taskXmlPathForId(id, homeDir) {
+    const pathApi = pathApiForPlatform("win32");
+    return pathApi.join(homeDir, ".bridge-gpt", "schedules", `${id}.xml`);
+}
+/**
+ * Local ISO-8601 `<StartBoundary>` value (`YYYY-MM-DDTHH:MM:SS`, no `Z`). Task
+ * Scheduler interprets a bare boundary as local time, preserving the prior
+ * local-time scheduling semantics while staying locale-independent.
+ */
+export function formatTaskSchedulerBoundary(runAtIso) {
+    const d = new Date(runAtIso);
+    const pad = (n) => String(n).padStart(2, "0");
+    return (`${d.getFullYear()}-${pad(d.getMonth() + 1)}-${pad(d.getDate())}` +
+        `T${pad(d.getHours())}:${pad(d.getMinutes())}:${pad(d.getSeconds())}`);
+}
+/** Render the `.cmd` wrapper that the Task Scheduler task invokes. */
+export function renderWindowsCmdWrapper(input) {
+    const env = bakedEnvEntries({
+        envPath: input.envPath,
+        nodePath: input.nodePath,
+        npxPath: input.npxPath,
+        claudePath: input.claudePath,
+        ideaFile: input.ideaFile,
+        repoPath: input.repoPath,
+    });
+    const lines = ["@echo off"];
+    for (const [key, value] of env) {
+        if (key === "PATH") {
+            // Prepend the baked PATH while preserving the runtime PATH behind it.
+            lines.push(`set "PATH=${escapeWindowsCmdSetValue(value)};%PATH%"`);
+        }
+        else {
+            lines.push(`set "${key}=${escapeWindowsCmdSetValue(value)}"`);
+        }
+    }
+    lines.push(`cd /D ${windowsCmdQuote(input.repoPath)}`);
+    const command = [input.invocation.exe, ...input.invocation.args]
+        .map((part) => windowsCmdQuote(part))
+        .join(" ");
+    // Append stdout/stderr to the local schedule logs.
+    lines.push(`${command} 1>>${windowsCmdQuote(input.paths.stdoutPath)} 2>>${windowsCmdQuote(input.paths.stderrPath)}`);
+    lines.push("");
+    return lines.join("\r\n");
+}
+/**
+ * Render a minimal one-shot Task Scheduler XML document. The single `TimeTrigger`
+ * fires once at the ISO-8601 `<StartBoundary>`; the action runs the generated
+ * `.cmd` wrapper. The `<Settings>` block intentionally does not enable the
+ * missed-start catch-up option, so a missed start never runs late.
+ */
+export function renderTaskSchedulerXml(input) {
+    const wrapperPath = cmdWrapperPathForId(input.id, input.deps.homeDir);
+    const boundary = formatTaskSchedulerBoundary(input.runAtIso);
+    return [
+        '<?xml version="1.0" encoding="UTF-16"?>',
+        '<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">',
+        "  <RegistrationInfo>",
+        `    <Description>${xmlEscape(`Bridge GPT full-automation one-shot run (${input.id})`)}</Description>`,
+        "  </RegistrationInfo>",
+        "  <Triggers>",
+        "    <TimeTrigger>",
+        `      <StartBoundary>${xmlEscape(boundary)}</StartBoundary>`,
+        "      <Enabled>true</Enabled>",
+        "    </TimeTrigger>",
+        "  </Triggers>",
+        "  <Principals>",
+        '    <Principal id="Author">',
+        "      <LogonType>InteractiveToken</LogonType>",
+        "    </Principal>",
+        "  </Principals>",
+        "  <Settings>",
+        "    <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>",
+        "    <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>",
+        "    <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>",
+        "    <Enabled>true</Enabled>",
+        "  </Settings>",
+        '  <Actions Context="Author">',
+        "    <Exec>",
+        `      <Command>${xmlEscape(wrapperPath)}</Command>`,
+        "    </Exec>",
+        "  </Actions>",
+        "</Task>",
+        "",
+    ].join("\r\n");
+}
+/** Whether `schtasks` is resolvable (used by isAvailable). */
+async function schtasksResolvable(deps) {
+    const probe = await deps.runCommand("where.exe", ["schtasks"]);
+    return probe.exitCode === 0;
+}
+/** Create the Windows Task Scheduler backend. */
+export function createTaskSchedulerBackend() {
+    return {
+        name: "task-scheduler",
+        async isAvailable(deps) {
+            if (deps.platform !== "win32")
+                return false;
+            return schtasksResolvable(deps);
+        },
+        async create(input) {
+            const wrapperPath = cmdWrapperPathForId(input.id, input.deps.homeDir);
+            const xmlPath = taskXmlPathForId(input.id, input.deps.homeDir);
+            const wrapperContent = renderWindowsCmdWrapper(input);
+            const xmlContent = renderTaskSchedulerXml(input);
+            const artifacts = [
+                { path: wrapperPath, content: wrapperContent, kind: "windows-cmd-wrapper" },
+                { path: xmlPath, content: xmlContent, kind: "task-scheduler-xml" },
+            ];
+            const taskName = taskNameForId(input.id);
+            const unitPaths = [wrapperPath, xmlPath];
+            if (input.dryRun) {
+                return {
+                    ok: true,
+                    backend: "task-scheduler",
+                    unitPath: wrapperPath,
+                    unitPaths,
+                    backendJobId: taskName,
+                    artifacts,
+                };
+            }
+            await fs.writeFile(wrapperPath, wrapperContent, "utf-8");
+            // schtasks /XML requires the definition file to be UTF-16 with a BOM.
+            await fs.writeFile(xmlPath, `${xmlContent}`, "utf16le");
+            const result = await input.deps.runCommand("schtasks", [
+                "/Create",
+                "/TN",
+                taskName,
+                "/XML",
+                xmlPath,
+                "/F",
+            ]);
+            if (result.exitCode !== 0) {
+                // Don't leave the orphaned wrapper + XML behind when registration fails.
+                await fs.unlink(wrapperPath).catch(() => undefined);
+                await fs.unlink(xmlPath).catch(() => undefined);
+                return {
+                    ok: false,
+                    backend: "task-scheduler",
+                    unitPath: wrapperPath,
+                    unitPaths,
+                    backendJobId: taskName,
+                    artifacts,
+                    error: `schtasks /Create failed: ${(result.stderr || result.stdout).trim()}`,
+                };
+            }
+            return {
+                ok: true,
+                backend: "task-scheduler",
+                unitPath: wrapperPath,
+                unitPaths,
+                backendJobId: taskName,
+                artifacts,
+            };
+        },
+        async list(input) {
+            const entries = [];
+            for (const metadata of input.recorded) {
+                const taskName = metadata.backend_job_id ?? taskNameForId(metadata.id);
+                const query = await input.deps.runCommand("schtasks", ["/Query", "/TN", taskName]);
+                entries.push({
+                    metadata,
+                    status: query.exitCode === 0 ? "active" : "stale",
+                    detail: query.exitCode === 0 ? "task registered" : "task not found",
+                });
+            }
+            return entries;
+        },
+        async cancel(input) {
+            const taskName = input.metadata.backend_job_id ?? taskNameForId(input.metadata.id);
+            const result = await input.deps.runCommand("schtasks", ["/Delete", "/TN", taskName, "/F"]);
+            // Remove the generated wrapper + XML definition; both are ENOENT-tolerant.
+            const wrapperPath = input.metadata.unit_path ?? cmdWrapperPathForId(input.metadata.id, input.deps.homeDir);
+            const xmlPath = taskXmlPathForId(input.metadata.id, input.deps.homeDir);
+            for (const artifactPath of [wrapperPath, xmlPath]) {
+                try {
+                    await fs.unlink(artifactPath);
+                }
+                catch (error) {
+                    if (error.code !== "ENOENT") {
+                        return { ok: false, nativeRemoved: result.exitCode === 0, stale: false, error: String(error) };
+                    }
+                }
+            }
+            const nativeRemoved = result.exitCode === 0;
+            return { ok: true, nativeRemoved, stale: !nativeRemoved };
+        },
+    };
+}

package/build/scheduler-backends/types.js

@@ -0,0 +1,23 @@
+/**
+ * Shared contract for the cross-platform `schedule-run` scheduler backends
+ * (BAPI-327 / Phase B of the Full Automation v1 epic, BAPI-325).
+ *
+ * Every OS-native backend (launchd, Task Scheduler, systemd-user, at-fallback)
+ * implements the {@link SchedulerBackend} interface against an injected
+ * {@link SchedulerBackendDeps} so the create/list/cancel logic is fully unit
+ * testable without touching real schedulers, the filesystem, or the network.
+ *
+ * The design mirrors `start-tickets.ts`: a list-based {@link RunCommand} boundary
+ * (`execFile`, never `shell: true`), `platform`/`env`/`cwd`/`homeDir`/`execPath`
+ * captured as data, and an optional injectable clock for deterministic tests.
+ */
+import path from "node:path";
+/**
+ * Return the platform-appropriate Node path API: `path.win32` on Windows so
+ * generated unit paths use backslashes, `path.posix` everywhere else. Using a
+ * data-driven platform (not the ambient `process.platform`) keeps generation
+ * deterministic and unit-testable for every OS from any host.
+ */
+export function pathApiForPlatform(platform) {
+    return platform === "win32" ? path.win32 : path.posix;
+}

package/build/start-tickets-prereqs.js

@@ -13,6 +13,9 @@
  * the runtime graph stays acyclic — `start-tickets.ts` imports values FROM here,
  * never the reverse.
  */
+import { resolveBapiCredentials } from "./credential-store.js";
+import { readBridgeConfig } from "./bridge-config.js";
+import { probeWorktreeMcpRegistration } from "./mcp-registration-doctor.js";
 // ---------------------------------------------------------------------------
 // Constants (moved here from start-tickets.ts so both consumers share them)
 // ---------------------------------------------------------------------------
@@ -250,6 +253,87 @@ function agentDescriptor(agent) {
 function uvDescriptor() {
     return commandDescriptor("uv", "uv", UV_INSTALL_HINTS);
 }
+/** Secret-free remediation hint shared by the credential-resolution descriptor. */
+const CREDENTIAL_RESOLUTION_HINT = 'Set BAPI_API_KEY in the environment, or add it under "bapi:<repo_name>" in ' +
+    "~/.config/bridge/credentials.json.";
+const CREDENTIAL_RESOLUTION_INSTALL_HINTS = {
+    darwin: CREDENTIAL_RESOLUTION_HINT,
+    linux: CREDENTIAL_RESOLUTION_HINT,
+    win32: CREDENTIAL_RESOLUTION_HINT,
+};
+/**
+ * Doctor-only, strictly read-only probe: can the Bridge API credentials be
+ * resolved for the current repo? Resolves repo identity from `BAPI_REPO_NAME`
+ * first, then `.bridge/config`, then asks the credential resolver. Reports only
+ * the SOURCE CLASS (env vs. store) — NEVER the resolved key value.
+ */
+export function credentialResolutionDescriptor() {
+    return {
+        id: "bapi-credentials",
+        label: "Bridge API credential resolution",
+        installHint: CREDENTIAL_RESOLUTION_INSTALL_HINTS,
+        probe: async (deps) => {
+            const { readFile, stat, homedir } = deps;
+            if (!readFile || !stat || !homedir) {
+                return { found: false, detail: "credential probe unavailable (no read-only filesystem access)" };
+            }
+            let repoName = (deps.env.BAPI_REPO_NAME ?? "").trim();
+            if (repoName.length === 0) {
+                const read = await readBridgeConfig(deps.cwd, { readFile });
+                if (read.ok) {
+                    repoName = read.manifest.repoName;
+                }
+                else {
+                    return {
+                        found: false,
+                        detail: "cannot determine repo identity (set BAPI_REPO_NAME or add a valid .bridge/config). " +
+                            CREDENTIAL_RESOLUTION_HINT,
+                    };
+                }
+            }
+            const result = await resolveBapiCredentials(repoName, {
+                env: deps.env,
+                homedir,
+                platform: deps.platform,
+                readFile,
+                stat,
+            });
+            if (result.ok) {
+                const via = result.credentials.source === "env" ? "env" : "store";
+                return { found: true, detail: `credentials resolvable via ${via}` };
+            }
+            return { found: false, detail: CREDENTIAL_RESOLUTION_HINT };
+        },
+    };
+}
+/** Secret-free remediation hint shared by the worktree-MCP descriptor. */
+const WORKTREE_MCP_HINT = "Re-run start-tickets to provision the worktree MCP registration " +
+    "(.mcp.json / .cursor/mcp.json pointing at the mcp-invoke shim).";
+const WORKTREE_MCP_INSTALL_HINTS = {
+    darwin: WORKTREE_MCP_HINT,
+    linux: WORKTREE_MCP_HINT,
+    win32: WORKTREE_MCP_HINT,
+};
+/**
+ * Doctor-only, strictly read-only probe: does the current worktree's generated
+ * MCP registration point at the Bridge API `mcp-invoke` shim? Inspects
+ * `.mcp.json` / `.cursor/mcp.json` under `deps.cwd` without spawning anything.
+ */
+export function worktreeMcpReachabilityDescriptor() {
+    return {
+        id: "worktree-mcp-registration",
+        label: "Worktree MCP registration reachability",
+        installHint: WORKTREE_MCP_INSTALL_HINTS,
+        probe: async (deps) => {
+            const { readFile } = deps;
+            if (!readFile) {
+                return { found: false, detail: "registration probe unavailable (no read-only filesystem access)" };
+            }
+            const result = await probeWorktreeMcpRegistration(deps.cwd, { readFile });
+            return { found: result.found, detail: result.detail };
+        },
+    };
+}
 /**
  * The exact existing live-preflight requirement set per platform, plus the git
  * work-tree custom check appended after the command checks. This is the ONLY
@@ -286,7 +370,12 @@ export function getPreflightPrereqDescriptors(platform, env) {
  * additive (BAPI-302/303 regression-safe).
  */
 export function getDoctorOnlyPrereqDescriptors(_platform, _env, agent) {
-    return [uvDescriptor(), agentDescriptor(agent)];
+    return [
+        uvDescriptor(),
+        agentDescriptor(agent),
+        credentialResolutionDescriptor(),
+        worktreeMcpReachabilityDescriptor(),
+    ];
 }
 /**
  * The doctor's full descriptor set: the preflight descriptors (verbatim) plus