@desplega.ai/agent-swarm 1.93.0 → 1.94.0

package/src/tests/pi-mono-adapter.test.ts

@@ -350,3 +350,322 @@ describe("Cost aggregation from SessionStats", () => {
     expect(cost.numTurns).toBe(0);
   });
 });
+
+// ============================================================================
+// AWS SDK error detection — event-driven PiMonoSession + classifyAwsSdkError
+//
+// Redesign (2026-06): detection is driven entirely by structured
+// pi-coding-agent events, NOT stderr scraping or auto_retry_start inference:
+//   - `message_end` with an assistant `stopReason:'error'` → the ONLY signal
+//     for NON-retryable failures, critically AWS auth (ExpiredToken /
+//     CredentialsProviderError), which never enter pi's _isRetryableError loop.
+//   - `auto_retry_end` with `success:false` + `finalError` → the definitive
+//     terminal failure for the RETRYABLE class (throttle / 5xx / timeout).
+//   - recovery (`message_end` success, or `auto_retry_end` success:true) clears
+//     the tracked error so a recovered turn never surfaces as a false failure.
+// ============================================================================
+
+import type { AgentSession } from "@earendil-works/pi-coding-agent";
+import { PiMonoSession } from "../providers/pi-mono-adapter";
+import type { ProviderEvent, ProviderResult, ProviderSessionConfig } from "../providers/types";
+import { classifyAwsSdkError } from "../utils/aws-error-classifier";
+
+function makeSessionConfig(logFile: string): ProviderSessionConfig {
+  return {
+    prompt: "test prompt",
+    systemPrompt: "",
+    model: "amazon-bedrock/anthropic.claude-3-5-sonnet-20240620-v1:0",
+    role: "worker",
+    agentId: "test-agent-id",
+    taskId: "test-task-id",
+    apiUrl: "http://localhost:3013",
+    apiKey: "test-key",
+    cwd: "/tmp",
+    logFile,
+    iteration: 1,
+  };
+}
+
+type AgentSessionEvent = Parameters<Parameters<AgentSession["subscribe"]>[0]>[0];
+
+/** Build a `message_end` event for an assistant turn that ended in error. */
+function errorMessageEnd(errorMessage: string): AgentSessionEvent {
+  return {
+    type: "message_end",
+    message: {
+      role: "assistant",
+      content: [],
+      stopReason: "error",
+      errorMessage,
+    },
+  } as unknown as AgentSessionEvent;
+}
+
+/** Build a `message_end` event for a successful assistant turn. */
+function successMessageEnd(text: string): AgentSessionEvent {
+  return {
+    type: "message_end",
+    message: {
+      role: "assistant",
+      content: [{ type: "text", text }],
+      stopReason: "stop",
+    },
+  } as unknown as AgentSessionEvent;
+}
+
+/** Build an `auto_retry_end` event (terminal retryable failure / recovery). */
+function autoRetryEnd(success: boolean, finalError?: string): AgentSessionEvent {
+  return {
+    type: "auto_retry_end",
+    success,
+    attempt: 3,
+    ...(finalError ? { finalError } : {}),
+  } as unknown as AgentSessionEvent;
+}
+
+/**
+ * Mock AgentSession that replays a fixed list of structured events to its
+ * subscribers when `prompt()` is called, then resolves (no throw). This mirrors
+ * the real pi-coding-agent: AWS failures arrive as DATA via events, there is no
+ * exception to catch at the agent-swarm layer.
+ */
+function makeMockAgentSession(opts: {
+  events?: AgentSessionEvent[];
+  throwError?: string;
+}): AgentSession {
+  const listeners: Array<(event: AgentSessionEvent) => void> = [];
+  return {
+    sessionId: "mock-session-id",
+    isStreaming: false,
+    model: undefined,
+    subscribe(listener: (event: AgentSessionEvent) => void) {
+      listeners.push(listener);
+      return () => {
+        const idx = listeners.indexOf(listener);
+        if (idx >= 0) listeners.splice(idx, 1);
+      };
+    },
+    async prompt() {
+      for (const event of opts.events ?? []) {
+        for (const l of listeners) l(event);
+      }
+      if (opts.throwError) throw new Error(opts.throwError);
+    },
+    getContextUsage: () => null,
+    getSessionStats: () => ({
+      tokens: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0, total: 0 },
+      cost: 0,
+      userMessages: 0,
+      assistantMessages: 0,
+    }),
+    abort: async () => {},
+    dispose: () => {},
+  } as unknown as AgentSession;
+}
+
+const tmpLogDir = `/tmp/pi-mono-aws-test-${Date.now()}`;
+
+beforeAll(() => {
+  mkdirSync(tmpLogDir, { recursive: true });
+});
+
+afterAll(() => {
+  rmSync(tmpLogDir, { recursive: true, force: true });
+});
+
+async function runWithEvents(events: AgentSessionEvent[]): Promise<{
+  events: ProviderEvent[];
+  result: ProviderResult;
+}> {
+  const logFile = join(tmpLogDir, `evt-${Date.now()}-${Math.random().toString(36).slice(2)}.log`);
+  const session = new PiMonoSession(
+    makeMockAgentSession({ events }),
+    makeSessionConfig(logFile),
+    false,
+  );
+  const emitted: ProviderEvent[] = [];
+  session.onEvent((e) => emitted.push(e));
+  const result = await session.waitForCompletion();
+  return { events: emitted, result };
+}
+
+function findError(events: ProviderEvent[]): Extract<ProviderEvent, { type: "error" }> | undefined {
+  return events.find((e) => e.type === "error") as
+    | Extract<ProviderEvent, { type: "error" }>
+    | undefined;
+}
+
+describe("PiMonoSession — NON-retryable AWS auth via message_end stopReason:'error'", () => {
+  // ORIGINAL-BUG REGRESSION TEST. AWS auth errors (ExpiredToken /
+  // CredentialsProviderError) are non-retryable: pi's _isRetryableError regex
+  // matches throttle/429/5xx/timeout but NOT auth tokens, so they never enter
+  // the retry loop. The ONLY structured signal is a `message_end` assistant
+  // turn with stopReason:'error'. This is the Commander's original silent-fail.
+  test("ExpiredToken stopReason:'error' → type:error category aws-auth + terminal isError", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd(
+        "ExpiredTokenException: The security token included in the request is expired",
+      ),
+    ]);
+    const errorEvent = findError(events);
+    expect(errorEvent).toBeDefined();
+    expect(errorEvent?.category).toBe("aws-auth");
+    expect(errorEvent?.message).toContain("aws sso login");
+    expect(result.isError).toBe(true);
+    expect(result.errorCategory).toBe("aws-auth");
+    expect(result.exitCode).toBe(1);
+    expect(result.failureReason).toContain("aws sso login");
+  });
+
+  test("CredentialsProviderError stopReason:'error' → aws-auth terminal failure", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd("CredentialsProviderError: Could not load credentials from any providers"),
+    ]);
+    expect(findError(events)?.category).toBe("aws-auth");
+    expect(result.errorCategory).toBe("aws-auth");
+    expect(result.isError).toBe(true);
+  });
+
+  test("AccessDeniedException stopReason:'error' → aws-access terminal failure", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd("AccessDeniedException: not authorized to perform: bedrock:InvokeModel"),
+    ]);
+    expect(findError(events)?.category).toBe("aws-access");
+    expect(result.errorCategory).toBe("aws-access");
+  });
+
+  test("ValidationException stopReason:'error' → aws-model terminal failure", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd(
+        "ValidationException: Invocation of model ID x with on-demand throughput isn't supported",
+      ),
+    ]);
+    expect(findError(events)?.category).toBe("aws-model");
+    expect(result.errorCategory).toBe("aws-model");
+  });
+
+  test("non-AWS stopReason:'error' → still terminal failure, no AWS category", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd("Some unrecognized provider failure"),
+    ]);
+    const errorEvent = findError(events);
+    // A terminal stopReason:'error' is a genuine failure by definition — it must
+    // surface (no silent green), but it carries no AWS category.
+    expect(errorEvent).toBeDefined();
+    expect(errorEvent?.category).toBeUndefined();
+    expect(errorEvent?.message).toContain("Some unrecognized provider failure");
+    expect(result.isError).toBe(true);
+    expect(result.exitCode).toBe(1);
+    expect(result.errorCategory).toBeUndefined();
+  });
+});
+
+describe("PiMonoSession — RETRYABLE failure via auto_retry_end success:false", () => {
+  test("throttle finalError after exhausted retries → aws-throttle terminal failure", async () => {
+    const { events, result } = await runWithEvents([
+      // Each retry attempt also produces an errored message_end before retrying;
+      // the definitive terminal marker is auto_retry_end success:false.
+      errorMessageEnd("ThrottlingException: Rate exceeded"),
+      autoRetryEnd(false, "ThrottlingException: Rate exceeded"),
+    ]);
+    const errorEvent = findError(events);
+    expect(errorEvent?.category).toBe("aws-throttle");
+    expect(result.errorCategory).toBe("aws-throttle");
+    expect(result.isError).toBe(true);
+    expect(result.exitCode).toBe(1);
+  });
+
+  test("5xx finalError (non-AWS) → terminal failure surfaced, no AWS category", async () => {
+    const { events, result } = await runWithEvents([
+      autoRetryEnd(false, "provider returned error: 503 service unavailable"),
+    ]);
+    expect(findError(events)).toBeDefined();
+    expect(result.isError).toBe(true);
+    expect(result.errorCategory).toBeUndefined();
+  });
+});
+
+describe("PiMonoSession — recovery clears the tracked error (no false failure)", () => {
+  // The never-cleared-on-recovery false-fail bug the redesign eliminates.
+  test("errored turn then successful auto_retry_end → success, output, no error", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd("ThrottlingException: Rate exceeded"),
+      autoRetryEnd(true),
+      successMessageEnd("Recovered answer"),
+    ]);
+    expect(findError(events)).toBeUndefined();
+    expect(result.isError).toBe(false);
+    expect(result.exitCode).toBe(0);
+    expect(result.output).toBe("Recovered answer");
+  });
+
+  test("errored turn then a later successful message_end → success, no error", async () => {
+    const { events, result } = await runWithEvents([
+      errorMessageEnd("ExpiredTokenException: token expired"),
+      successMessageEnd("Final answer after creds refreshed"),
+    ]);
+    expect(findError(events)).toBeUndefined();
+    expect(result.isError).toBe(false);
+    expect(result.output).toBe("Final answer after creds refreshed");
+  });
+
+  test("clean success path emits a result event and no error", async () => {
+    const { events, result } = await runWithEvents([successMessageEnd("All done")]);
+    expect(findError(events)).toBeUndefined();
+    expect(events.some((e) => e.type === "result")).toBe(true);
+    expect(result.isError).toBe(false);
+    expect(result.output).toBe("All done");
+  });
+});
+
+describe("PiMonoSession — thrown-exception catch path (defense-in-depth)", () => {
+  // AWS failures arrive as events, not throws, but a genuine unexpected throw
+  // (MCP/transport) must still fail the task; an AWS signature that reaches the
+  // catch is still classified.
+  async function runWithThrow(message: string) {
+    const logFile = join(
+      tmpLogDir,
+      `throw-${Date.now()}-${Math.random().toString(36).slice(2)}.log`,
+    );
+    const session = new PiMonoSession(
+      makeMockAgentSession({ throwError: message }),
+      makeSessionConfig(logFile),
+      false,
+    );
+    const emitted: ProviderEvent[] = [];
+    session.onEvent((e) => emitted.push(e));
+    const result = await session.waitForCompletion();
+    return { events: emitted, result };
+  }
+
+  test("thrown ExpiredToken → aws-auth error event + terminal failure", async () => {
+    const { events, result } = await runWithThrow(
+      "ExpiredTokenException: The security token is expired",
+    );
+    expect(findError(events)?.category).toBe("aws-auth");
+    expect(result.isError).toBe(true);
+    expect(result.errorCategory).toBe("aws-auth");
+  });
+
+  test("thrown non-AWS error → no AWS category, still terminal failure", async () => {
+    const { events, result } = await runWithThrow("ECONNREFUSED 127.0.0.1:3013");
+    expect(findError(events)).toBeUndefined();
+    expect(result.isError).toBe(true);
+    expect(result.errorCategory).toBeUndefined();
+  });
+});
+
+describe("classifyAwsSdkError — all 4 categories (quick summary)", () => {
+  test("all four categories are reachable", () => {
+    const cases: Array<[string, string]> = [
+      ["ExpiredTokenException: token expired", "aws-auth"],
+      ["ThrottlingException: rate exceeded", "aws-throttle"],
+      ["AccessDeniedException: no permission", "aws-access"],
+      ["ValidationException: bad model", "aws-model"],
+    ];
+    for (const [msg, expected] of cases) {
+      const r = classifyAwsSdkError(msg);
+      expect(r?.category).toBe(expected);
+    }
+  });
+});

package/src/tests/providers/pi-cost.test.ts

@@ -107,6 +107,15 @@ describe("PiMonoSession — provider tag on CostData", () => {
       const session = new PiMonoSession(fake, makeConfig(logFile), false);
       session.onEvent((e) => events.push(e));
 
+      const sessionInit = events.find((e) => e.type === "session_init");
+      expect(sessionInit).toBeDefined();
+      if (sessionInit?.type === "session_init") {
+        expect(sessionInit.provider).toBe("pi");
+        expect(sessionInit.harnessVariant).toBe("stock");
+        expect(typeof sessionInit.harnessVariantMeta?.version).toBe("string");
+        expect((sessionInit.harnessVariantMeta?.version as string).length).toBeGreaterThan(0);
+      }
+
       const result = await session.waitForCompletion();
 
       // The load-bearing assertion. Phase 2's API recompute path keys off

package/src/tests/runner-fallback-output.test.ts

@@ -1,7 +1,11 @@
 import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { mkdir, mkdtemp, rm } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
 import {
   type ApiConfig,
   ensureTaskFinished,
+  getBridgeFailureDiagnostics,
   handleStructuredOutputFallback,
 } from "../commands/runner";
 
@@ -381,6 +385,27 @@ describe("ensureTaskFinished", () => {
     expect(lastFinishBody!.failureReason).toBe("Out of memory");
   });
 
+  test("appends failure diagnostics when exit code is non-zero", async () => {
+    resetMocks();
+
+    await ensureTaskFinished(
+      makeConfig(),
+      "worker",
+      "task-14b",
+      1,
+      "Session error (exit code 1): Unknown error",
+      undefined,
+      "claude",
+      "Claude bridge final tmux pane tail (/tmp/run/tmux-pane-final.txt):\nraw pane tail",
+    );
+
+    expect(lastFinishBody).toBeTruthy();
+    expect(lastFinishBody!.status).toBe("failed");
+    expect(lastFinishBody!.failureReason).toBe(
+      "Session error (exit code 1): Unknown error\n\nClaude bridge final tmux pane tail (/tmp/run/tmux-pane-final.txt):\nraw pane tail",
+    );
+  });
+
   test("truncates long progress to 2000 chars", async () => {
     resetMocks();
     const longProgress = "x".repeat(3000);
@@ -399,3 +424,28 @@ describe("ensureTaskFinished", () => {
     expect((lastFinishBody!.output as string).length).toBe(2000);
   });
 });
+
+describe("getBridgeFailureDiagnostics", () => {
+  test("returns latest tmux pane artifact and 40-line tail", async () => {
+    const cwd = await mkdtemp(join(tmpdir(), "runner-bridge-diagnostics-"));
+    try {
+      const older = join(cwd, ".claude-bridge/runs/2026-01-01T00-00-00-000Z-old");
+      const newer = join(cwd, ".claude-bridge/runs/2026-01-01T00-00-01-000Z-new");
+      await mkdir(older, { recursive: true });
+      await mkdir(newer, { recursive: true });
+      await Bun.write(join(older, "tmux-pane-final.txt"), "old pane");
+      await Bun.write(
+        join(newer, "tmux-pane-final.txt"),
+        Array.from({ length: 45 }, (_, i) => `line ${i + 1}`).join("\n"),
+      );
+
+      const diagnostics = await getBridgeFailureDiagnostics(cwd);
+
+      expect(diagnostics?.artifactPath).toBe(join(newer, "tmux-pane-final.txt"));
+      expect(diagnostics?.paneTail?.startsWith("line 6\nline 7")).toBe(true);
+      expect(diagnostics?.paneTail?.endsWith("line 45")).toBe(true);
+    } finally {
+      await rm(cwd, { recursive: true, force: true });
+    }
+  });
+});

package/src/tests/scripts-boot-reembed.test.ts

@@ -0,0 +1,163 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import { closeDb, getDb, initDb } from "../be/db";
+import type { EmbeddingProvider } from "../be/memory/types";
+import { runBootReembedScripts } from "../be/scripts/boot-reembed";
+import { upsertScriptByName } from "../be/scripts/db";
+import { setScriptEmbeddingProviderForTests } from "../be/scripts/embeddings";
+
+const TEST_DB_PATH = "./test-scripts-boot-reembed.sqlite";
+
+const signatureJson = JSON.stringify({
+  argsType: "{ value: string }",
+  resultType: "Promise<{ ok: boolean }>",
+  description: "",
+});
+
+async function clearDb() {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      await unlink(TEST_DB_PATH + suffix);
+    } catch {}
+  }
+}
+
+function source(label: string) {
+  return `export default async () => ({ label: ${JSON.stringify(label)} });`;
+}
+
+class FakeEmbeddingProvider implements EmbeddingProvider {
+  readonly name = "test/fake-boot-reembed";
+  readonly dimensions = 5;
+  readonly calls: string[] = [];
+
+  async embed(text: string): Promise<Float32Array | null> {
+    this.calls.push(text);
+    return new Float32Array([0.1, 0.2, 0.3, 0.4, 0.5]);
+  }
+
+  async embedBatch(texts: string[]): Promise<(Float32Array | null)[]> {
+    return Promise.all(texts.map((text) => this.embed(text)));
+  }
+
+  reset(): void {
+    this.calls.length = 0;
+  }
+}
+
+let provider: FakeEmbeddingProvider;
+
+function embeddingCount(scriptId: string): number {
+  return (
+    getDb()
+      .prepare<{ count: number }, [string]>(
+        "SELECT COUNT(*) as count FROM script_embeddings WHERE scriptId = ?",
+      )
+      .get(scriptId)?.count ?? 0
+  );
+}
+
+function totalEmbeddingCount(): number {
+  return (
+    getDb().prepare<{ count: number }, []>("SELECT COUNT(*) as count FROM script_embeddings").get()
+      ?.count ?? 0
+  );
+}
+
+beforeAll(async () => {
+  await clearDb();
+  initDb(TEST_DB_PATH);
+});
+
+afterAll(async () => {
+  setScriptEmbeddingProviderForTests(null);
+  closeDb();
+  await clearDb();
+});
+
+beforeEach(() => {
+  getDb().run("DELETE FROM scripts");
+  getDb().run("DELETE FROM script_embeddings");
+  provider = new FakeEmbeddingProvider();
+  setScriptEmbeddingProviderForTests(provider);
+});
+
+describe("boot-reembed-scripts", () => {
+  test("backfills scripts that were seeded with embeddingMode: skip", async () => {
+    const result = await upsertScriptByName({
+      name: "skipped-embed",
+      scope: "global",
+      source: source("skipped"),
+      description: "A script seeded without embedding",
+      intent: "Test backfill",
+      signatureJson,
+      embeddingMode: "skip",
+    });
+    expect(embeddingCount(result.script.id)).toBe(0);
+
+    provider.reset();
+    await runBootReembedScripts();
+    expect(embeddingCount(result.script.id)).toBe(1);
+    expect(provider.calls).toHaveLength(1);
+  });
+
+  test("no-ops when all scripts already have embeddings", async () => {
+    await upsertScriptByName({
+      name: "already-embedded",
+      scope: "global",
+      source: source("embedded"),
+      description: "Already has embedding",
+      intent: "No-op test",
+      signatureJson,
+    });
+    expect(totalEmbeddingCount()).toBe(1);
+
+    provider.reset();
+    await runBootReembedScripts();
+    expect(provider.calls).toHaveLength(0);
+  });
+
+  test("skips scratch scripts during backfill", async () => {
+    await upsertScriptByName({
+      name: "scratch-no-backfill",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("scratch"),
+      description: "Scratch script",
+      intent: "Should not be backfilled",
+      signatureJson,
+      isScratch: true,
+    });
+
+    provider.reset();
+    await runBootReembedScripts();
+    expect(provider.calls).toHaveLength(0);
+  });
+
+  test("backfills only scripts missing embeddings, not those that already have them", async () => {
+    const withEmbed = await upsertScriptByName({
+      name: "has-embed",
+      scope: "global",
+      source: source("has"),
+      description: "Has embedding",
+      intent: "Already embedded",
+      signatureJson,
+    });
+    const withoutEmbed = await upsertScriptByName({
+      name: "missing-embed",
+      scope: "global",
+      source: source("missing"),
+      description: "Missing embedding",
+      intent: "Needs backfill",
+      signatureJson,
+      embeddingMode: "skip",
+    });
+    expect(embeddingCount(withEmbed.script.id)).toBe(1);
+    expect(embeddingCount(withoutEmbed.script.id)).toBe(0);
+
+    provider.reset();
+    await runBootReembedScripts();
+    expect(provider.calls).toHaveLength(1);
+    expect(embeddingCount(withoutEmbed.script.id)).toBe(1);
+  });
+});

package/src/tests/scripts-embeddings.test.ts

@@ -268,6 +268,96 @@ describe("script embeddings", () => {
     expect(topOneHits).toBeGreaterThanOrEqual(4);
   });
 
+  test("embeddingMode: skip prevents embedding on new script", async () => {
+    provider.reset();
+    const result = await upsertScriptByName({
+      name: "skip-new",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("skip-new"),
+      description: "Should not embed",
+      intent: "Skip mode test",
+      signatureJson,
+      agentId: "agent-1",
+      embeddingMode: "skip",
+    });
+    expect(result.isNew).toBe(true);
+    expect(embeddingCount(result.script.id)).toBe(0);
+    expect(provider.calls).toHaveLength(0);
+  });
+
+  test("embeddingMode: skip prevents embedding on source change", async () => {
+    const first = await upsertScriptByName({
+      name: "skip-update",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("v1"),
+      description: "Will update",
+      intent: "Skip mode update test",
+      signatureJson,
+      agentId: "agent-1",
+    });
+    expect(embeddingCount(first.script.id)).toBe(1);
+
+    provider.reset();
+    const second = await upsertScriptByName({
+      name: "skip-update",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("v2"),
+      description: "Updated source",
+      intent: "Skip mode update test",
+      signatureJson,
+      agentId: "agent-1",
+      embeddingMode: "skip",
+    });
+    expect(second.contentDeduped).toBe(false);
+    expect(provider.calls).toHaveLength(0);
+  });
+
+  test("embeddingMode: skip prevents embedding on metadata change", async () => {
+    await upsertScriptByName({
+      name: "skip-meta",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("skip-meta"),
+      description: "Original description",
+      intent: "Original intent",
+      signatureJson,
+      agentId: "agent-1",
+    });
+
+    provider.reset();
+    await upsertScriptByName({
+      name: "skip-meta",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("skip-meta"),
+      description: "Changed description",
+      intent: "Changed intent",
+      signatureJson,
+      agentId: "agent-1",
+      embeddingMode: "skip",
+    });
+    expect(provider.calls).toHaveLength(0);
+  });
+
+  test("embeddingMode defaults to sync (embeds normally)", async () => {
+    provider.reset();
+    const result = await upsertScriptByName({
+      name: "default-sync",
+      scope: "agent",
+      scopeId: "agent-1",
+      source: source("default-sync"),
+      description: "Should embed by default",
+      intent: "Default mode test",
+      signatureJson,
+      agentId: "agent-1",
+    });
+    expect(embeddingCount(result.script.id)).toBe(1);
+    expect(provider.calls).toHaveLength(1);
+  });
+
   test("reembedAllScripts updates every explicit script", async () => {
     await upsertFixture({ name: "linear-one", description: "Linear issue parser" });
     await upsertFixture({ name: "slack-one", description: "Slack message digest" });