@gajae-code/coding-agent 0.2.0 → 0.2.2

package/src/session/contribution-prep.ts

@@ -0,0 +1,320 @@
+import * as fs from "node:fs/promises";
+import * as os from "node:os";
+import * as path from "node:path";
+import type { AgentMessage } from "@gajae-code/agent-core";
+import type { AssistantMessage, ToolResultMessage, UserMessage } from "@gajae-code/ai";
+import { $ } from "bun";
+import { resolveGjcCommand } from "../task/gjc-command";
+import { shortenPath } from "../tools/render-utils";
+
+export const CONTRIBUTION_PREP_SCHEMA_VERSION = 1;
+
+const MAX_TRANSCRIPT_MESSAGES = 20;
+const MAX_TEXT_CHARS = 12000;
+const MAX_GIT_OUTPUT_CHARS = 60000;
+
+export interface ContributionPrepArtifact {
+	path: string;
+	description: string;
+}
+
+export interface ContributionPrepManifest {
+	schema_version: number;
+	source_session_id: string;
+	created_at: string;
+	cwd: string;
+	git_head: string | null;
+	changed_files: string[];
+	artifacts: ContributionPrepArtifact[];
+	redactions: string[];
+	recommended_output: string[];
+	worker_prompt_path: string;
+}
+
+export interface ContributionPrepResult {
+	manifestPath: string;
+	workerPromptPath: string;
+	artifactDir: string;
+	changedFiles: string[];
+	spawned: boolean;
+}
+
+export interface ContributionPrepOptions {
+	customInstructions?: string;
+	spawnWorker?: boolean;
+	artifactRoot?: string;
+	now?: Date;
+	spawn?: (args: string[], cwd: string, shell: boolean) => Promise<void>;
+}
+
+export interface ContributionPrepContext {
+	sessionId: string;
+	cwd: string;
+	sessionFile?: string;
+	messages: AgentMessage[];
+	customInstructions?: string;
+	now?: Date;
+}
+
+interface RedactionState {
+	labels: Set<string>;
+}
+
+function limitText(text: string, maxChars = MAX_TEXT_CHARS): string {
+	if (text.length <= maxChars) return text;
+	return `${text.slice(0, maxChars)}\n\n[truncated ${text.length - maxChars} chars]`;
+}
+
+function replaceRegex(text: string, regex: RegExp, replacement: string, state: RedactionState, label: string): string {
+	if (!regex.test(text)) return text;
+	state.labels.add(label);
+	regex.lastIndex = 0;
+	return text.replace(regex, replacement);
+}
+
+export function redactContributionPrepText(
+	text: string,
+	cwd: string,
+	state: RedactionState = { labels: new Set() },
+): string {
+	let redacted = text;
+	redacted = replaceRegex(
+		redacted,
+		/\b(?:sk|pk|rk|xox[baprs])-[-_A-Za-z0-9]{12,}\b/g,
+		"[REDACTED_TOKEN]",
+		state,
+		"tokens",
+	);
+	redacted = replaceRegex(
+		redacted,
+		/\b(?:ghp_[A-Za-z0-9_]{12,}|gho_[A-Za-z0-9_]{12,}|github_pat_[A-Za-z0-9_]{12,})\b/g,
+		"[REDACTED_TOKEN]",
+		state,
+		"tokens",
+	);
+	redacted = replaceRegex(
+		redacted,
+		/\b((?:ANTHROPIC|OPENAI|GITHUB|GOOGLE|GEMINI|KAGI|TAVILY|EXA|PERPLEXITY|ZAI|KIMI|BRAVE|SEARXNG|AWS)_[A-Z0-9_]*(?:KEY|TOKEN|SECRET|COOKIE|PASSWORD))\s*=\s*[^\s\n]+/gi,
+		"$1=[REDACTED_SECRET]",
+		state,
+		"provider_keys",
+	);
+	redacted = replaceRegex(
+		redacted,
+		/\b(Authorization|Proxy-Authorization)\s*:\s*(?:Bearer|Basic|Token)\s+[^\s\n]+/gi,
+		"$1: [REDACTED_AUTH_HEADER]",
+		state,
+		"auth_headers",
+	);
+	redacted = replaceRegex(redacted, /\b(Cookie|Set-Cookie)\s*:\s*[^\n]+/gi, "$1: [REDACTED_COOKIE]", state, "cookies");
+	redacted = replaceRegex(
+		redacted,
+		/https?:\/\/(?:localhost|127\.0\.0\.1|0\.0\.0\.0|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(?:1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})[^\s)>'"]*/gi,
+		"[REDACTED_PRIVATE_ENDPOINT]",
+		state,
+		"private_endpoints",
+	);
+	const home = os.homedir();
+	if (home && redacted.includes(home)) {
+		state.labels.add("home_paths");
+		redacted = redacted.split(home).join("~");
+	}
+	const normalizedCwd = path.resolve(cwd);
+	if (normalizedCwd && redacted.includes(normalizedCwd)) {
+		state.labels.add("cwd_paths");
+		redacted = redacted.split(normalizedCwd).join(shortenPath(normalizedCwd));
+	}
+	return redacted;
+}
+
+function contentText(content: UserMessage["content"] | AssistantMessage["content"]): string {
+	if (typeof content === "string") return content;
+	return content
+		.map(part => {
+			if (part.type === "text") return part.text;
+			if (part.type === "toolCall") return `[tool call: ${part.name}] ${JSON.stringify(part.arguments)}`;
+			if (part.type === "image") return "[image]";
+			return `[${part.type}]`;
+		})
+		.join("\n");
+}
+
+function formatMessage(message: AgentMessage): string {
+	if (message.role === "user" || message.role === "assistant") {
+		return `## ${message.role}\n\n${contentText(message.content)}\n`;
+	}
+	if (message.role === "toolResult") {
+		const tool = message as ToolResultMessage;
+		return `## toolResult: ${tool.toolName}\n\n${typeof tool.content === "string" ? tool.content : JSON.stringify(tool.content)}\n`;
+	}
+	return `## ${message.role}\n\n${JSON.stringify(message)}\n`;
+}
+
+async function gitOutput(cwd: string, args: string[], maxChars = MAX_GIT_OUTPUT_CHARS): Promise<string> {
+	try {
+		const output = await $`git ${args}`.cwd(cwd).quiet().text();
+		return limitText(output.trim(), maxChars);
+	} catch {
+		return "";
+	}
+}
+
+async function changedFiles(cwd: string): Promise<string[]> {
+	const output = await gitOutput(cwd, ["status", "--short"]);
+	return output
+		.split("\n")
+		.map(line => line.trim())
+		.filter(Boolean)
+		.map(line => line.replace(/^..\s+/, ""));
+}
+
+async function writeArtifact(
+	dir: string,
+	name: string,
+	description: string,
+	text: string,
+): Promise<ContributionPrepArtifact> {
+	const filePath = path.join(dir, name);
+	await Bun.write(filePath, `${text.trimEnd()}\n`);
+	return { path: filePath, description };
+}
+
+export function buildContributionPrepWorkerPrompt(manifestPath: string): string {
+	return [
+		"Prepare a maintainer-friendly contribution draft from the redacted context dump.",
+		"Read the manifest and referenced artifact file pointers. Do not assume transcript context was inlined here.",
+		`Manifest: ${manifestPath}`,
+		"Produce structured markdown with: title, problem summary, reproduction/context, proposed fix or implementation plan, affected files, tests to run, and uncertainty/remaining risks.",
+		"Do not create GitHub issues, open PRs, push branches, or perform remote writes unless the user explicitly confirms that action in this fresh session.",
+	].join("\n");
+}
+
+export async function prepareContributionPrep(
+	context: ContributionPrepContext,
+	options: ContributionPrepOptions = {},
+): Promise<ContributionPrepResult> {
+	const createdAt = (options.now ?? context.now ?? new Date()).toISOString();
+	const safeTimestamp = createdAt.replace(/[:.]/g, "-");
+	const artifactDir = path.join(
+		options.artifactRoot ?? path.join(context.cwd, ".gjc", "contribution-prep"),
+		safeTimestamp,
+	);
+	await fs.mkdir(artifactDir, { recursive: true });
+
+	const redactions: RedactionState = { labels: new Set() };
+	const recentMessages = context.messages.slice(-MAX_TRANSCRIPT_MESSAGES);
+	const artifacts: ContributionPrepArtifact[] = [];
+	const redact = (text: string) => redactContributionPrepText(text, context.cwd, redactions);
+
+	artifacts.push(
+		await writeArtifact(
+			artifactDir,
+			"transcript.md",
+			"Redacted recent transcript window",
+			redact(recentMessages.map(formatMessage).join("\n---\n")),
+		),
+	);
+	artifacts.push(
+		await writeArtifact(
+			artifactDir,
+			"summary.md",
+			"Current session summary and operator instructions",
+			redact(
+				[
+					`# Contribution prep context`,
+					`Source session: ${context.sessionId}`,
+					`Session file: ${context.sessionFile ?? "(none)"}`,
+					`Working directory: ${context.cwd}`,
+					options.customInstructions || context.customInstructions
+						? `Custom instructions: ${options.customInstructions ?? context.customInstructions}`
+						: "Custom instructions: (none)",
+				].join("\n"),
+			),
+		),
+	);
+
+	const gitHead = (await gitOutput(context.cwd, ["rev-parse", "HEAD"])) || null;
+	const files = await changedFiles(context.cwd);
+	artifacts.push(
+		await writeArtifact(artifactDir, "changed-files.txt", "Changed files from git status", redact(files.join("\n"))),
+	);
+	artifacts.push(
+		await writeArtifact(
+			artifactDir,
+			"git-diff.patch",
+			"Bounded redacted git diff",
+			redact(await gitOutput(context.cwd, ["diff", "--no-ext-diff"])),
+		),
+	);
+	artifacts.push(
+		await writeArtifact(
+			artifactDir,
+			"environment.md",
+			"Redacted environment and reproduction metadata",
+			redact(
+				[
+					`cwd: ${context.cwd}`,
+					`git_head: ${gitHead ?? "unknown"}`,
+					`platform: ${process.platform}`,
+					`arch: ${process.arch}`,
+					`bun: ${Bun.version}`,
+				].join("\n"),
+			),
+		),
+	);
+
+	const manifestPath = path.join(artifactDir, "manifest.json");
+	const workerPromptPath = path.join(artifactDir, "worker-prompt.md");
+	await Bun.write(workerPromptPath, `${buildContributionPrepWorkerPrompt(manifestPath)}\n`);
+
+	const manifest: ContributionPrepManifest = {
+		schema_version: CONTRIBUTION_PREP_SCHEMA_VERSION,
+		source_session_id: context.sessionId,
+		created_at: createdAt,
+		cwd: redact(context.cwd),
+		git_head: gitHead,
+		changed_files: files,
+		artifacts,
+		redactions: [...redactions.labels].sort(),
+		recommended_output: [
+			"title",
+			"problem summary",
+			"reproduction/context",
+			"proposed fix or implementation plan",
+			"affected files",
+			"tests to run",
+			"uncertainty / remaining risks",
+		],
+		worker_prompt_path: workerPromptPath,
+	};
+	await Bun.write(manifestPath, `${JSON.stringify(manifest, null, 2)}\n`);
+
+	let spawned = false;
+	if (options.spawnWorker) {
+		const spawn =
+			options.spawn ??
+			(async (args, cwd, shell) => {
+				if (shell) {
+					Bun.spawn({
+						cmd: args,
+						cwd,
+						stdout: "inherit",
+						stderr: "inherit",
+						stdin: "inherit",
+						windowsVerbatimArguments: true,
+					});
+					return;
+				}
+				Bun.spawn(args, { cwd, stdout: "inherit", stderr: "inherit", stdin: "inherit" });
+			});
+		const command = resolveGjcCommand();
+		await spawn(
+			[command.cmd, ...command.args, "--no-skills", "--", `@${workerPromptPath}`],
+			context.cwd,
+			command.shell,
+		);
+		spawned = true;
+	}
+
+	return { manifestPath, workerPromptPath, artifactDir, changedFiles: files, spawned };
+}

package/src/setup/provider-onboarding.ts

@@ -1,3 +1,4 @@
+import * as fs from "node:fs/promises";
 import * as path from "node:path";
 import { getAgentDir } from "@gajae-code/utils";
 import { YAML } from "bun";
@@ -131,6 +132,7 @@ async function writeModelsConfig(modelsPath: string, config: ModelsConfig): Prom
 		const where = first?.path.length ? `/${first.path.map(String).join("/")}` : "root";
 		throw new Error(`Generated models config is invalid at ${where}: ${first?.message ?? "unknown schema error"}`);
 	}
+	await fs.mkdir(path.dirname(modelsPath), { recursive: true });
 	await Bun.write(modelsPath, YAML.stringify(checked.data, null, 2));
 }
 

package/src/skill-state/active-state.ts

@@ -1,5 +1,6 @@
 import * as fs from "node:fs/promises";
 import * as path from "node:path";
+import type { WorkflowStateReceipt } from "./workflow-state-contract";
 
 export const SKILL_ACTIVE_STATE_FILE = "skill-active-state.json";
 export const SKILL_ACTIVE_STALE_MS = 24 * 60 * 60 * 1000;
@@ -25,6 +26,8 @@ export interface WorkflowHudSummary {
 	updated_at?: string;
 }
 
+export type { WorkflowStateReceipt } from "./workflow-state-contract";
+
 export interface SkillActiveEntry {
 	skill: string;
 	phase?: string;
@@ -36,6 +39,7 @@ export interface SkillActiveEntry {
 	turn_id?: string;
 	hud?: WorkflowHudSummary;
 	stale?: boolean;
+	receipt?: WorkflowStateReceipt;
 }
 
 export interface SkillActiveState {
@@ -70,6 +74,7 @@ export interface SyncSkillActiveStateOptions {
 	nowIso?: string;
 	source?: string;
 	hud?: WorkflowHudSummary;
+	receipt?: WorkflowStateReceipt;
 }
 
 const HUD_TEXT_LIMIT = 80;
@@ -142,6 +147,36 @@ export function normalizeWorkflowHudSummary(raw: unknown): WorkflowHudSummary |
 	};
 }
 
+function normalizeWorkflowStateReceipt(raw: unknown): WorkflowStateReceipt | undefined {
+	if (!raw || typeof raw !== "object") return undefined;
+	const record = raw as Record<string, unknown>;
+	if (record.version !== 1) return undefined;
+	const skill = safeString(record.skill).trim();
+	if (!isCanonicalGjcWorkflowSkill(skill)) return undefined;
+	const owner = safeString(record.owner).trim();
+	if (owner !== "gjc-state-cli" && owner !== "gjc-runtime" && owner !== "gjc-hook") return undefined;
+	const command = sanitizeHudString(record.command, 120);
+	const statePath = sanitizeHudString(record.state_path, 240);
+	const storagePath = sanitizeHudString(record.storage_path, 240);
+	const mutatedAt = sanitizeHudString(record.mutated_at, 40);
+	const freshUntil = sanitizeHudString(record.fresh_until, 40);
+	const status = safeString(record.status).trim();
+	const mutationId = sanitizeHudString(record.mutation_id, 120);
+	if (!command || !statePath || !storagePath || !mutatedAt || !freshUntil || !mutationId) return undefined;
+	return {
+		version: 1,
+		skill,
+		owner,
+		command,
+		state_path: statePath,
+		storage_path: storagePath,
+		mutated_at: mutatedAt,
+		fresh_until: freshUntil,
+		status: status === "stale" ? "stale" : "fresh",
+		mutation_id: mutationId,
+	};
+}
+
 function encodePathSegment(value: string): string {
 	return encodeURIComponent(value).replaceAll(".", "%2E");
 }
@@ -175,6 +210,7 @@ function normalizeEntry(raw: unknown): SkillActiveEntry | null {
 	const skill = safeString(record.skill).trim();
 	if (!skill) return null;
 	const hud = normalizeWorkflowHudSummary(record.hud);
+	const receipt = normalizeWorkflowStateReceipt(record.receipt);
 	return {
 		...record,
 		skill,
@@ -186,6 +222,7 @@ function normalizeEntry(raw: unknown): SkillActiveEntry | null {
 		thread_id: safeString(record.thread_id).trim() || undefined,
 		turn_id: safeString(record.turn_id).trim() || undefined,
 		...(hud ? { hud } : {}),
+		...(receipt ? { receipt } : {}),
 		stale: undefined,
 	};
 }
@@ -338,6 +375,7 @@ export async function syncSkillActiveState(options: SyncSkillActiveStateOptions)
 		thread_id: options.threadId,
 		turn_id: options.turnId,
 		...(hud ? { hud } : {}),
+		...(options.receipt ? { receipt: options.receipt } : {}),
 	};
 	const { rootPath, sessionPath } = getSkillActiveStatePaths(options.cwd, options.sessionId);
 	const rootState = (await readStateFile(rootPath)) ?? { version: 1, active_skills: [] };

package/src/skill-state/deep-interview-mutation-guard.ts

@@ -5,14 +5,20 @@ import { LocalProtocolHandler, resolveLocalUrlToPath } from "../internal-urls/lo
 import { resolveToCwd } from "../tools/path-utils";
 import { ToolError } from "../tools/tool-errors";
 import { listActiveSkills, readVisibleSkillActiveState, type SkillActiveEntry } from "./active-state";
+import {
+	type CanonicalGjcWorkflowSkill,
+	sanctionedWorkflowStateCommand,
+	workflowModeStateFileName,
+} from "./workflow-state-contract";
 
 export const DEEP_INTERVIEW_MUTATION_BLOCK_MESSAGE =
-	"Deep-interview is active; either continue interviewing with `ask`, or write/finalize the pending spec under `.gjc/specs/` / update state under `.gjc/state/`. Do not edit product code until explicit execution approval.";
+	"Deep-interview is active; continue interviewing with `ask`, write/finalize pending specs through the required GJC workflow CLI, or use an explicit force override. Direct `.gjc/` and product-code edits are blocked until explicit execution approval.";
+export const WORKFLOW_STATE_MUTATION_BLOCK_MESSAGE =
+	"Workflow state JSON is runtime-owned. Use `gjc state <skill> read|write --input '<json>'` for deep-interview, ralplan, ultragoal, and team. Planning artifacts under `.gjc/specs/` and `.gjc/plans/` remain allowed.";
 
 const BLOCKED_TOOL_NAMES = new Set(["edit", "write", "ast_edit"]);
 const ARCHIVE_OR_SQLITE_BASE_RE = /^(.+?\.(?:tar\.gz|sqlite3|sqlite|db3|zip|tgz|tar|db))(?:$|:)/i;
 const INTERNAL_SCHEME_RE = /^[a-z][a-z0-9+.-]*:\/\//i;
-const GLOB_META_RE = /[*?[\]{}]/;
 const VIM_FILE_SWITCH_RE = /^\s*:(?:e|e!|edit|edit!)(?:\s+([^<\r\n]+))?(?:<CR>|\r|\n|$)/i;
 
 type ToolWithEditMode = AgentTool & {
@@ -26,6 +32,8 @@ export interface DeepInterviewMutationGuardInput {
 	threadId?: string;
 	tool: ToolWithEditMode;
 	args: unknown;
+	forceOverride?: boolean;
+	enforceWorkflowState?: boolean;
 }
 
 interface ExtractedTargets {
@@ -38,6 +46,7 @@ export interface DeepInterviewMutationDecision {
 	message?: string;
 	targets: string[];
 	reason?: string;
+	command?: string;
 }
 
 interface ModeState {
@@ -246,34 +255,67 @@ function resolveRawPath(cwd: string, rawPath: string): { absolutePath?: string;
 	}
 }
 
-function isAllowlistedPath(cwd: string, rawPath: string): boolean {
+function relativeGjcSegments(cwd: string, rawPath: string): string[] | null {
 	const { absolutePath, unknown } = resolveRawPath(cwd, rawPath);
-	if (unknown || !absolutePath) return false;
+	if (unknown || !absolutePath) return null;
 	const relative = path.relative(path.resolve(cwd), path.resolve(absolutePath));
-	if (relative === "" || relative.startsWith("..") || path.isAbsolute(relative)) return false;
-	const segments = normalizePosix(relative).split("/").filter(Boolean);
-	return segments[0] === ".gjc" && (segments[1] === "specs" || segments[1] === "state");
+	if (relative === "" || relative.startsWith("..") || path.isAbsolute(relative)) return null;
+	return normalizePosix(relative).split("/").filter(Boolean);
 }
 
-function allTargetsAllowlisted(cwd: string, targets: ExtractedTargets): boolean {
+function blockedWorkflowStateSkill(cwd: string, rawPath: string): CanonicalGjcWorkflowSkill | null {
+	const segments = relativeGjcSegments(cwd, rawPath);
+	if (!segments || segments[0] !== ".gjc") return null;
+	if (segments[1] === "specs" || segments[1] === "plans") return null;
+	if (segments[1] !== "state") return null;
+	const fileName = segments.at(-1) ?? "";
+	for (const skillName of ["deep-interview", "ralplan", "ultragoal", "team"] as const) {
+		if (fileName === workflowModeStateFileName(skillName)) return skillName;
+	}
+	if (fileName === "skill-active-state.json") return "deep-interview";
+	return null;
+}
+
+function firstBlockedWorkflowStateSkill(cwd: string, targets: ExtractedTargets): CanonicalGjcWorkflowSkill | null {
+	for (const rawPath of targets.paths) {
+		const skill = blockedWorkflowStateSkill(cwd, rawPath);
+		if (skill) return skill;
+	}
+	return null;
+}
+
+function isGjcManagedPath(cwd: string, rawPath: string): boolean {
+	const segments = relativeGjcSegments(cwd, rawPath);
+	return segments?.[0] === ".gjc";
+}
+
+function isAllowlistedPath(cwd: string, rawPath: string): boolean {
+	const segments = relativeGjcSegments(cwd, rawPath);
+	if (!segments || segments[0] !== ".gjc") return false;
+	return segments[1] === "specs" || segments[1] === "plans";
+}
+
+function hasGjcManagedTarget(cwd: string, targets: ExtractedTargets): boolean {
 	if (targets.unknown || targets.paths.length === 0) return false;
-	return targets.paths.every(rawPath => {
-		if (GLOB_META_RE.test(rawPath)) {
-			return isAllowlistedPath(cwd, rawPath);
-		}
-		return isAllowlistedPath(cwd, rawPath);
-	});
+	return targets.paths.some(rawPath => isGjcManagedPath(cwd, rawPath));
 }
 
+function allTargetsAllowlisted(cwd: string, targets: ExtractedTargets): boolean {
+	return (
+		!targets.unknown && targets.paths.length > 0 && targets.paths.every(rawPath => isAllowlistedPath(cwd, rawPath))
+	);
+}
 export async function assertDeepInterviewMutationRawPathsAllowed(input: {
 	cwd: string;
 	sessionId?: string;
 	threadId?: string;
 	rawPaths: string[];
+	forceOverride?: boolean;
 }): Promise<void> {
+	if (input.forceOverride) return;
 	if (!(await isActiveDeepInterview(input.cwd, input.sessionId, input.threadId))) return;
 	const targets: ExtractedTargets = { paths: input.rawPaths, unknown: input.rawPaths.length === 0 };
-	if (!allTargetsAllowlisted(input.cwd, targets)) {
+	if (hasGjcManagedTarget(input.cwd, targets)) {
 		throw new ToolError(DEEP_INTERVIEW_MUTATION_BLOCK_MESSAGE);
 	}
 }
@@ -282,19 +324,41 @@ export async function getDeepInterviewMutationDecision(
 	input: DeepInterviewMutationGuardInput,
 ): Promise<DeepInterviewMutationDecision> {
 	if (!BLOCKED_TOOL_NAMES.has(input.tool.name)) return { blocked: false, targets: [] };
+	const targets = extractTargets(input.tool, input.args);
+	if (input.enforceWorkflowState !== false) {
+		const stateSkill = firstBlockedWorkflowStateSkill(input.cwd, targets);
+		if (stateSkill) {
+			const command = sanctionedWorkflowStateCommand(stateSkill);
+			return {
+				blocked: true,
+				message: `${WORKFLOW_STATE_MUTATION_BLOCK_MESSAGE}\nUse: ${command}`,
+				targets: targets.paths,
+				reason: "workflow-state-target",
+				command,
+			};
+		}
+	}
 	if (!(await isActiveDeepInterview(input.cwd, input.sessionId, input.threadId))) {
 		return { blocked: false, targets: [] };
 	}
-	const targets = extractTargets(input.tool, input.args);
-	if (allTargetsAllowlisted(input.cwd, targets)) {
-		return { blocked: false, targets: targets.paths };
+	if (input.forceOverride) return { blocked: false, targets: [] };
+	if (targets.unknown) {
+		return {
+			blocked: true,
+			message: DEEP_INTERVIEW_MUTATION_BLOCK_MESSAGE,
+			targets: targets.paths,
+			reason: "unknown-target",
+		};
+	}
+	if (hasGjcManagedTarget(input.cwd, targets) && !allTargetsAllowlisted(input.cwd, targets)) {
+		return {
+			blocked: true,
+			message: DEEP_INTERVIEW_MUTATION_BLOCK_MESSAGE,
+			targets: targets.paths,
+			reason: "gjc-managed-target",
+		};
 	}
-	return {
-		blocked: true,
-		message: DEEP_INTERVIEW_MUTATION_BLOCK_MESSAGE,
-		targets: targets.paths,
-		reason: targets.unknown ? "unknown-target" : "product-target",
-	};
+	return { blocked: false, targets: targets.paths };
 }
 
 export async function assertDeepInterviewMutationAllowed(input: DeepInterviewMutationGuardInput): Promise<void> {

package/src/skill-state/workflow-hud.ts

@@ -1,6 +1,12 @@
 import type { WorkflowHudChip, WorkflowHudSummary } from "./active-state";
 
-interface DeepInterviewHudState {
+interface WorkflowGateHudState {
+	approvalStatus?: string;
+	blockedReason?: string;
+	nextAction?: string;
+}
+
+interface DeepInterviewHudState extends WorkflowGateHudState {
 	phase?: string;
 	ambiguity?: number;
 	threshold?: number;
@@ -11,7 +17,7 @@ interface DeepInterviewHudState {
 	updatedAt?: string;
 }
 
-interface RalplanHudState {
+interface RalplanHudState extends WorkflowGateHudState {
 	stage?: string;
 	waiting?: string;
 	iteration?: number;
@@ -27,7 +33,7 @@ interface UltragoalLikeGoal {
 	status: string;
 }
 
-interface UltragoalHudState {
+interface UltragoalHudState extends WorkflowGateHudState {
 	status: string;
 	currentGoal?: UltragoalLikeGoal;
 	counts: Record<string, number>;
@@ -41,7 +47,7 @@ interface TeamHudWorker {
 	status?: string;
 }
 
-interface TeamHudState {
+interface TeamHudState extends WorkflowGateHudState {
 	phase: string;
 	task_total: number;
 	task_counts: Record<string, number>;
@@ -66,6 +72,14 @@ function chip(
 	return { label, value, priority, ...(severity ? { severity } : {}) };
 }
 
+function gateChips(state: WorkflowGateHudState, gatePriority: number): Array<WorkflowHudChip | null> {
+	return [
+		chip("gate", state.approvalStatus, gatePriority, state.approvalStatus === "approved" ? "success" : "warning"),
+		chip("blocked", state.blockedReason, gatePriority + 10, "blocked"),
+		chip("next", state.nextAction, gatePriority + 20),
+	];
+}
+
 function compactChips(chips: Array<WorkflowHudChip | null>): WorkflowHudChip[] {
 	return chips.filter((item): item is WorkflowHudChip => item !== null);
 }
@@ -74,6 +88,7 @@ export function buildDeepInterviewHudSummary(state: DeepInterviewHudState): Work
 	return {
 		version: 1,
 		chips: compactChips([
+			...gateChips(state, 5),
 			chip("phase", state.phase, 10),
 			chip("ambiguity", [percent(state.ambiguity), percent(state.threshold)].filter(Boolean).join("/"), 20),
 			chip("round", state.roundCount === undefined ? undefined : String(state.roundCount), 30),
@@ -100,6 +115,7 @@ export function buildRalplanHudSummary(state: RalplanHudState): WorkflowHudSumma
 		summary: state.latestSummary,
 		chips: compactChips([
 			state.pendingApproval ? { label: "pending", value: "approval", priority: 5, severity: "warning" } : null,
+			...gateChips(state, 6),
 			chip("stage", state.stage, 10),
 			chip("waiting", state.waiting, 20),
 			chip("iter", state.iteration === undefined ? undefined : String(state.iteration), 30),
@@ -120,6 +136,7 @@ export function buildUltragoalHudSummary(state: UltragoalHudState): WorkflowHudS
 			chip("goals", `${complete}/${total}`, 10),
 			chip("current", state.currentGoal ? `${state.currentGoal.id}:${state.currentGoal.title}` : state.status, 20),
 			chip("status", state.status, 30, state.status === "complete" ? "success" : undefined),
+			...gateChips(state, 40),
 		]),
 		details: state.latestLedgerEvent
 			? compactChips([
@@ -153,7 +170,8 @@ export function buildTeamHudSummary(state: TeamHudState): WorkflowHudSummary {
 			chip("phase", state.phase, 10),
 			chip("workers", `${state.workers.length - failedWorkers}/${state.workers.length}`, 20),
 			chip("tasks", `${completed}/${state.task_total}`, 30),
-			chip("latest", latest, 50),
+			...gateChips(state, 40),
+			chip("latest", latest, 70),
 		]),
 		...(state.updated_at ? { updated_at: state.updated_at } : {}),
 	};