@joshski/dust 0.1.65 → 0.1.68

package/dist/dust.js

@@ -275,7 +275,25 @@ async function loadSettings(cwd, fileSystem) {
 }
 
 // lib/version.ts
-var DUST_VERSION = "0.1.65";
+var DUST_VERSION = "0.1.68";
+
+// lib/session.ts
+var DUST_UNATTENDED = "DUST_UNATTENDED";
+var DUST_SKIP_AGENT = "DUST_SKIP_AGENT";
+var DUST_REPOSITORY_ID = "DUST_REPOSITORY_ID";
+function isUnattended(env = process.env) {
+  return !!env[DUST_UNATTENDED];
+}
+function buildUnattendedEnv(options) {
+  const env = {
+    [DUST_UNATTENDED]: "1",
+    [DUST_SKIP_AGENT]: "1"
+  };
+  if (options?.repositoryId) {
+    env[DUST_REPOSITORY_ID] = options.repositoryId;
+  }
+  return env;
+}
 
 // lib/cli/dedent.ts
 function dedent(strings, ...values) {
@@ -524,7 +542,7 @@ ${vars.agentInstructions}` : "";
 }
 async function agent(dependencies, env = process.env) {
   const { context, fileSystem, settings } = dependencies;
-  if (env.DUST_SKIP_AGENT === "1") {
+  if (env[DUST_SKIP_AGENT] === "1") {
     context.stdout("You're running in an automated loop - proceeding to implement the assigned task.");
     return { exitCode: 0 };
   }
@@ -591,6 +609,102 @@ function extractOpeningSentence(content) {
 
 // lib/audits/stock-audits.ts
 var ideasHint = "Review existing ideas in `./.dust/ideas/` to understand what has been proposed or considered historically, then create new idea files in `./.dust/ideas/` for any issues you identify, avoiding duplication.";
+function dataAccessReview() {
+  return dedent`
+    # Data Access Review
+
+    Review data access patterns for performance issues and optimization opportunities.
+
+    ${ideasHint}
+
+    ## Scope
+
+    Focus on these areas:
+
+    1. **N+1 query patterns** - Loops that make individual data requests instead of batching
+    2. **Missing indexes** - Database schema files lacking indexes on frequently queried columns
+    3. **Inefficient data loading** - Over-fetching (loading more data than needed) or under-fetching (requiring multiple round trips)
+    4. **Caching opportunities** - Repeated lookups that could benefit from memoization or caching
+    5. **Batch processing** - Sequential operations that could be parallelized or batched
+    6. **Connection management** - Connection pooling configuration and resource cleanup
+
+    ## Analysis Steps
+
+    1. Search for loops containing data access calls (API requests, database queries, file reads)
+    2. Review database schema or migration files for index definitions
+    3. Identify functions that make multiple related data requests
+    4. Look for repeated identical lookups within the same request lifecycle
+    5. Check for proper resource cleanup (connection closing, stream ending)
+
+    ## Applicability
+
+    This audit applies to codebases that interact with:
+    - Databases (SQL, NoSQL, ORM queries)
+    - External APIs (REST, GraphQL, gRPC)
+    - File systems (reading/writing files)
+    - Caches (Redis, Memcached, in-memory)
+
+    If none of these apply, document that finding and skip the detailed analysis.
+
+    ## Principles
+
+    - [Decoupled Code](../principles/decoupled-code.md) - Data access should be isolated for testability
+    - [Fast Feedback](../principles/fast-feedback.md) - Efficient data access enables faster feedback loops
+    - [Maintainable Codebase](../principles/maintainable-codebase.md) - Good data patterns improve maintainability
+
+    ## Blocked By
+
+    (none)
+
+    ## Definition of Done
+
+    - [ ] Searched for N+1 query patterns (loops with data access)
+    - [ ] Reviewed database schemas for missing indexes (if applicable)
+    - [ ] Identified over-fetching or under-fetching patterns
+    - [ ] Found repeated lookups that could be cached
+    - [ ] Checked for sequential operations that could be batched
+    - [ ] Verified connection/resource cleanup is handled properly
+    - [ ] Proposed ideas for any data access improvements identified
+  `;
+}
+function coverageExclusions() {
+  return dedent`
+    # Coverage Exclusions
+
+    Review coverage exclusion configuration to identify opportunities for removal through refactoring.
+
+    ${ideasHint}
+
+    ## Scope
+
+    Focus on these areas:
+
+    1. **Current exclusions** - Review all exclusions in \`vitest.config.ts\` or equivalent
+    2. **Justification** - Is each exclusion still necessary?
+    3. **Tooling limitations** - Can workarounds be found for coverage tool issues?
+    4. **Decoupling opportunities** - Can excluded code be restructured to enable testing?
+    5. **Entry point patterns** - Can hard-to-test entry points be decoupled from logic?
+
+    ## Principles
+
+    - [Decoupled Code](../principles/decoupled-code.md)
+    - [Unit Test Coverage](../principles/unit-test-coverage.md)
+    - [Comprehensive Test Coverage](../principles/comprehensive-test-coverage.md)
+    - [Make Changes with Confidence](../principles/make-changes-with-confidence.md)
+
+    ## Blocked By
+
+    (none)
+
+    ## Definition of Done
+
+    - [ ] Identified all coverage exclusions in the project
+    - [ ] Documented the reason each exclusion exists
+    - [ ] Evaluated whether each exclusion is still necessary
+    - [ ] Identified exclusions that could be removed through decoupling
+    - [ ] Proposed ideas for refactoring where feasible
+  `;
+}
 function componentReuse() {
   return dedent`
     # Component Reuse
@@ -801,6 +915,56 @@ function ideasFromPrinciples() {
     - [ ] Proposed new ideas for unmet or underserved principles
   `;
 }
+function refactoringOpportunities() {
+  return dedent`
+    # Refactoring Opportunities
+
+    Analyze recent commits to identify code needing structural improvements.
+
+    ${ideasHint}
+
+    ## Scope
+
+    Analyze commits since the last refactoring-opportunities audit (check \`.dust/done/\` for previous runs). Focus on these signals:
+
+    1. **File churn** - Files modified frequently across multiple commits may have unclear responsibilities or be accumulating technical debt
+    2. **Size growth** - Files that have grown significantly may benefit from decomposition
+    3. **Commit message patterns** - Look for messages containing "fix", "workaround", "temporary", "hack", or "TODO" that indicate shortcuts taken
+
+    ## Analysis Steps
+
+    1. Run \`git log --since="<last-audit-date>" --name-only --pretty=format:"COMMIT:%s"\` to get commits with their messages and changed files
+    2. Count file modification frequency to identify high-churn files
+    3. Check current sizes of frequently-modified files with \`wc -l\`
+    4. Review commit messages for patterns suggesting technical debt
+
+    ## Output
+
+    For each refactoring opportunity identified, provide:
+    - **File path** - The specific file needing attention
+    - **Signal** - What triggered this recommendation (churn, size, commit pattern)
+    - **Specific suggestion** - A concrete refactoring action (e.g., "Extract the validation logic into a separate module", not just "consider refactoring")
+
+    ## Principles
+
+    - [Boy Scout Rule](../principles/boy-scout-rule.md) - Leave code better than found, but capture large cleanups as separate tasks
+    - [Make the Change Easy](../principles/make-the-change-easy.md) - Refactor until the change becomes straightforward
+    - [Make Changes with Confidence](../principles/make-changes-with-confidence.md) - Tests and checks enable safe refactoring
+    - [Reasonably DRY](../principles/reasonably-dry.md) - Extract only when duplication represents the same concept
+
+    ## Blocked By
+
+    (none)
+
+    ## Definition of Done
+
+    - [ ] Identified high-churn files (modified in 3+ commits since last audit)
+    - [ ] Flagged files exceeding 300 lines that grew significantly
+    - [ ] Noted commits with concerning message patterns
+    - [ ] Provided specific refactoring suggestions for each opportunity
+    - [ ] Created ideas for any substantial refactoring work identified
+  `;
+}
 function performanceReview() {
   return dedent`
     # Performance Review
@@ -941,17 +1105,129 @@ function testCoverage() {
     - [ ] Proposed ideas for any test coverage gaps identified
   `;
 }
+function errorHandling() {
+  return dedent`
+    # Error Handling
+
+    Review error handling patterns for consistency and agent-friendliness.
+
+    ${ideasHint}
+
+    ## Scope
+
+    Focus on these areas:
+
+    1. **Silently swallowed errors** - Empty catch blocks, \`.catch(() => {})\`, errors caught but not logged or re-thrown
+    2. **Missing error context** - Errors converted to booleans or generic messages that lose details
+    3. **Fire-and-forget promises** - Promises without \`.catch()\` or \`await\` that may fail silently
+    4. **Non-actionable error messages** - Error messages that say what went wrong but not how to fix it
+    5. **Inconsistent error recovery** - Similar error scenarios handled differently across the codebase
+
+    ## Analysis Steps
+
+    1. Search for empty catch blocks: \`catch {}\`, \`catch () {}\`, \`.catch(() => {})\`
+    2. Look for patterns that discard error details: \`catch { return false }\`, \`catch { return null }\`
+    3. Find promises without error handling: unassigned or not-awaited promises
+    4. Review error messages in \`throw\` statements and \`context.stderr()\` calls for actionability
+    5. Compare error handling patterns across similar operations for consistency
+
+    ## Output
+
+    For each error handling issue identified, provide:
+    - **Location** - File path and line number
+    - **Pattern** - Which category of issue (swallowed, missing context, fire-and-forget, etc.)
+    - **Impact** - What failures could go unnoticed or be hard to debug
+    - **Suggestion** - Specific fix (add logging, propagate error, add recovery guidance)
+
+    ## Principles
+
+    - [Actionable Errors](../principles/actionable-errors.md) - Error messages should tell you what to do next
+    - [Debugging Tooling](../principles/debugging-tooling.md) - Agents need readable, structured error output
+    - [Stop the Line](../principles/stop-the-line.md) - Problems should be fixed at source, not hidden
+
+    ## Blocked By
+
+    (none)
+
+    ## Definition of Done
+
+    - [ ] Searched for empty catch blocks and silent error swallowing
+    - [ ] Identified patterns that discard error details
+    - [ ] Found fire-and-forget promises without error handling
+    - [ ] Reviewed error messages for actionability
+    - [ ] Compared error handling consistency across similar operations
+    - [ ] Proposed ideas for any error handling improvements identified
+  `;
+}
+function ubiquitousLanguage() {
+  return dedent`
+    # Ubiquitous Language
+
+    Verify terminology consistency across code, documentation, and user interface.
+
+    ${ideasHint}
+
+    ## Scope
+
+    Focus on these areas:
+
+    1. **Terminology drift** - Do recent changes introduce terms that deviate from established vocabulary?
+    2. **Code-to-docs alignment** - Are variables, functions, and types named consistently with documentation?
+    3. **User interface consistency** - Do UI labels and messages match the terms used in code and docs?
+    4. **Glossary adherence** - If a glossary exists, is it being followed?
+    5. **Acronym and abbreviation usage** - Are shortened forms used consistently?
+
+    ## Analysis Steps
+
+    1. Identify key domain terms from documentation, README, or existing glossary
+    2. Review recent commits for new terminology or naming choices
+    3. Compare code identifiers against documented terminology
+    4. Check user-facing strings for consistency with technical naming
+    5. Flag deviations where the same concept uses different names
+
+    ## Output
+
+    For each terminology issue identified, provide:
+    - **Term in question** - The inconsistent or unclear term
+    - **Where found** - File paths and locations where the term appears
+    - **Recommended action** - Standardize on existing term, or propose a new canonical name
+
+    ## Principles
+
+    - [Naming Matters](../principles/naming-matters.md) - Good naming reduces waste by eliminating confusion
+    - [Consistent Naming](../principles/consistent-naming.md) - Names should follow established conventions
+    - [Clarity Over Brevity](../principles/clarity-over-brevity.md) - Names should be descriptive and self-documenting
+
+    ## Blocked By
+
+    (none)
+
+    ## Definition of Done
+
+    - [ ] Identified key domain terms from project documentation
+    - [ ] Reviewed recent commits for terminology consistency
+    - [ ] Compared code naming against documentation vocabulary
+    - [ ] Checked user-facing text for alignment with code terms
+    - [ ] Documented any terminology drift or inconsistencies found
+    - [ ] Proposed ideas for standardizing inconsistent terminology
+  `;
+}
 var stockAuditFunctions = {
   "agent-developer-experience": agentDeveloperExperience,
   "component-reuse": componentReuse,
+  "coverage-exclusions": coverageExclusions,
+  "data-access-review": dataAccessReview,
   "dead-code": deadCode,
+  "error-handling": errorHandling,
   "facts-verification": factsVerification,
   "ideas-from-commits": ideasFromCommits,
   "ideas-from-principles": ideasFromPrinciples,
   "performance-review": performanceReview,
+  "refactoring-opportunities": refactoringOpportunities,
   "security-review": securityReview,
   "stale-ideas": staleIdeas,
-  "test-coverage": testCoverage
+  "test-coverage": testCoverage,
+  "ubiquitous-language": ubiquitousLanguage
 };
 function loadStockAudits() {
   return Object.entries(stockAuditFunctions).sort(([a], [b]) => a.localeCompare(b)).map(([name, render]) => {
@@ -970,6 +1246,24 @@ function transformAuditContent(content) {
   const originalTitle = titleMatch[1];
   return content.replace(/^#\s+.+$/m, `# Audit: ${originalTitle}`);
 }
+function injectAdHocScope(content, adHocDetails) {
+  const scopeMatch = content.match(/\n## Scope\n/);
+  if (scopeMatch?.index !== undefined) {
+    const insertIndex = scopeMatch.index;
+    const adHocSection = `
+## Ad-hoc Scope
+
+${adHocDetails}
+`;
+    return content.slice(0, insertIndex) + adHocSection + content.slice(insertIndex);
+  }
+  return `${content}
+
+## Ad-hoc Scope
+
+${adHocDetails}
+`;
+}
 
 // lib/cli/colors.ts
 var ANSI_COLORS = {
@@ -1005,7 +1299,7 @@ function getColors() {
 }
 
 // lib/cli/commands/audit.ts
-async function addAudit(auditName, dependencies) {
+async function addAudit(auditName, adHocDetails, dependencies) {
   const { context, fileSystem, settings } = dependencies;
   const dustPath = `${context.cwd}/.dust`;
   const userAuditsPath = `${dustPath}/config/audits`;
@@ -1019,7 +1313,10 @@ async function addAudit(auditName, dependencies) {
   const userAuditPath = `${userAuditsPath}/${auditName}.md`;
   if (fileSystem.exists(userAuditPath)) {
     const content = await fileSystem.readFile(userAuditPath);
-    const transformedContent = transformAuditContent(content);
+    let transformedContent = transformAuditContent(content);
+    if (adHocDetails) {
+      transformedContent = injectAdHocScope(transformedContent, adHocDetails);
+    }
     await fileSystem.mkdir(tasksPath, { recursive: true });
     await fileSystem.writeFile(taskFilePath, transformedContent);
     context.stdout(`→ ${relativeTaskPath}`);
@@ -1027,7 +1324,10 @@ async function addAudit(auditName, dependencies) {
   }
   const stockAudit = loadStockAudits().find((a) => a.name === auditName);
   if (stockAudit) {
-    const transformedContent = transformAuditContent(stockAudit.template);
+    let transformedContent = transformAuditContent(stockAudit.template);
+    if (adHocDetails) {
+      transformedContent = injectAdHocScope(transformedContent, adHocDetails);
+    }
     await fileSystem.mkdir(tasksPath, { recursive: true });
     await fileSystem.writeFile(taskFilePath, transformedContent);
     context.stdout(`→ ${relativeTaskPath}`);
@@ -1083,8 +1383,9 @@ async function listAudits(dependencies) {
 }
 async function audit(dependencies) {
   const auditName = dependencies.arguments[0];
+  const adHocDetails = dependencies.arguments[1];
   if (auditName) {
-    return addAudit(auditName, dependencies);
+    return addAudit(auditName, adHocDetails, dependencies);
   }
   return listAudits(dependencies);
 }
@@ -2189,13 +2490,7 @@ async function runOneIteration(dependencies, loopDependencies, onLoopEvent, onAg
     logger = log,
     repositoryId
   } = options;
-  const baseEnv = {
-    DUST_UNATTENDED: "1",
-    DUST_SKIP_AGENT: "1"
-  };
-  if (repositoryId) {
-    baseEnv.DUST_REPOSITORY_ID = repositoryId;
-  }
+  const baseEnv = buildUnattendedEnv({ repositoryId });
   log("syncing with remote");
   onLoopEvent({ type: "loop.syncing" });
   const pullResult = await gitPull(context.cwd, spawn);
@@ -2319,6 +2614,10 @@ function parseMaxIterations(commandArguments) {
 async function loopClaude(dependencies, loopDependencies = createDefaultDependencies()) {
   enableFileLogs("loop");
   const { context, settings } = dependencies;
+  if (isUnattended()) {
+    context.stderr("dust loop cannot run inside an unattended session (DUST_UNATTENDED is set)");
+    return { exitCode: 1 };
+  }
   const { postEvent } = loopDependencies;
   const maxIterations = parseMaxIterations(dependencies.arguments);
   const eventsUrl = settings.eventsUrl;
@@ -2673,6 +2972,51 @@ async function handleRepositoryList(repositories, manager, repoDeps, context) {
   }
 }
 
+// lib/bucket/server-messages.ts
+function parseServerMessage(data) {
+  if (typeof data !== "object" || data === null) {
+    return null;
+  }
+  const message = data;
+  if (message.type === "repository-list") {
+    if (!Array.isArray(message.repositories)) {
+      return null;
+    }
+    const repositories = [];
+    for (const r of message.repositories) {
+      if (typeof r !== "object" || r === null) {
+        return null;
+      }
+      const repo = r;
+      if (typeof repo.name !== "string" || typeof repo.gitUrl !== "string") {
+        return null;
+      }
+      const item = {
+        name: repo.name,
+        gitUrl: repo.gitUrl
+      };
+      if (typeof repo.url === "string") {
+        item.url = repo.url;
+      }
+      if (typeof repo.id === "string") {
+        item.id = repo.id;
+      }
+      if (typeof repo.hasTask === "boolean") {
+        item.hasTask = repo.hasTask;
+      }
+      repositories.push(item);
+    }
+    return { type: "repository-list", repositories };
+  }
+  if (message.type === "task-available") {
+    if (typeof message.repository !== "string") {
+      return null;
+    }
+    return { type: "task-available", repository: message.repository };
+  }
+  return null;
+}
+
 // lib/bucket/terminal-ui.ts
 var ANSI = {
   HIDE_CURSOR: "\x1B[?25l",
@@ -3259,20 +3603,17 @@ function signalTaskAvailable(repoState, state, repoDeps, context, useTUI) {
 }
 function syncUIWithRepoList(state, repos) {
   const incomingNames = new Set;
-  for (const data of repos) {
-    const repo = parseRepository(data);
-    if (repo) {
-      incomingNames.add(repo.name);
-      if (!state.ui.repositories.includes(repo.name)) {
-        let buffer = state.logBuffers.get(repo.name);
-        if (!buffer) {
-          buffer = createLogBuffer();
-          state.logBuffers.set(repo.name, buffer);
-        }
-        addRepository2(state.ui, repo.name, buffer, repo.url);
-      } else if (repo.url) {
-        state.ui.repositoryUrls.set(repo.name, repo.url);
+  for (const repo of repos) {
+    incomingNames.add(repo.name);
+    if (!state.ui.repositories.includes(repo.name)) {
+      let buffer = state.logBuffers.get(repo.name);
+      if (!buffer) {
+        buffer = createLogBuffer();
+        state.logBuffers.set(repo.name, buffer);
       }
+      addRepository2(state.ui, repo.name, buffer, repo.url);
+    } else if (repo.url) {
+      state.ui.repositoryUrls.set(repo.name, repo.url);
     }
   }
   for (const name of [...state.ui.repositories]) {
@@ -3378,47 +3719,67 @@ function connectWebSocket(token, state, bucketDependencies, context, fileSystem,
     logMessage(state, context, useTUI, `WebSocket error: ${error.message}`, "stderr");
   };
   ws.onmessage = (event) => {
+    let rawData;
     try {
-      const message = JSON.parse(event.data);
-      log4(`ws message: ${message.type}`);
-      if (message.type === "repository-list") {
-        const repos = message.repositories ?? [];
-        const repoNames = repos.map((r) => {
-          const name = r?.name ?? "?";
-          return r?.hasTask ? `${name} (has task)` : name;
-        }).join(", ");
-        logMessage(state, context, useTUI, `Received repository list: ${repoNames || "(empty)"}`);
-        syncUIWithRepoList(state, repos);
-        const repoDeps = toRepositoryDependencies(bucketDependencies, fileSystem);
-        const repoContext = createTUIContext(state, context, useTUI);
-        handleRepositoryList(repos, state, repoDeps, repoContext).then(() => {
-          syncTUI(state);
-          for (const repoData of repos) {
-            if (typeof repoData === "object" && repoData !== null && "name" in repoData && "hasTask" in repoData && repoData.hasTask) {
-              const repoState = state.repositories.get(repoData.name);
-              if (repoState) {
-                signalTaskAvailable(repoState, state, repoDeps, context, useTUI);
-              }
-            }
+      rawData = JSON.parse(event.data);
+    } catch {
+      logMessage(state, context, useTUI, `Failed to parse WebSocket message: ${event.data}`, "stderr");
+      return;
+    }
+    const message = parseServerMessage(rawData);
+    if (!message) {
+      logMessage(state, context, useTUI, `Invalid WebSocket message format: ${event.data}`, "stderr");
+      return;
+    }
+    log4(`ws message: ${message.type}`);
+    if (message.type === "repository-list") {
+      const repos = message.repositories;
+      logMessage(state, context, useTUI, `Received repository list (${repos.length} repositories):`);
+      if (repos.length === 0) {
+        logMessage(state, context, useTUI, "  (empty)");
+      } else {
+        for (const r of repos) {
+          const attrs = [];
+          attrs.push(`name=${r.name}`);
+          if (r.id !== undefined) {
+            attrs.push(`id=${r.id}`);
           }
-        }).catch((error) => {
-          logMessage(state, context, useTUI, `Failed to handle repository list: ${error.message}`, "stderr");
-        });
-      } else if (message.type === "task-available") {
-        const repoName = message.repository;
-        if (typeof repoName === "string") {
-          const repoDeps = toRepositoryDependencies(bucketDependencies, fileSystem);
-          logMessage(state, context, useTUI, `Received task-available for ${repoName}`);
-          const repoState = state.repositories.get(repoName);
-          if (repoState) {
-            signalTaskAvailable(repoState, state, repoDeps, context, useTUI);
-          } else {
-            logMessage(state, context, useTUI, `No repository state found for ${repoName}`, "stderr");
+          attrs.push(`gitUrl=${r.gitUrl}`);
+          if (r.url !== undefined) {
+            attrs.push(`url=${r.url}`);
+          }
+          if (r.hasTask !== undefined) {
+            attrs.push(`hasTask=${r.hasTask}`);
           }
+          logMessage(state, context, useTUI, `  - ${attrs.join(", ")}`);
         }
       }
-    } catch {
-      logMessage(state, context, useTUI, `Failed to parse WebSocket message: ${event.data}`, "stderr");
+      syncUIWithRepoList(state, repos);
+      const repoDeps = toRepositoryDependencies(bucketDependencies, fileSystem);
+      const repoContext = createTUIContext(state, context, useTUI);
+      handleRepositoryList(repos, state, repoDeps, repoContext).then(() => {
+        syncTUI(state);
+        for (const repoData of repos) {
+          if (repoData.hasTask) {
+            const repoState = state.repositories.get(repoData.name);
+            if (repoState) {
+              signalTaskAvailable(repoState, state, repoDeps, context, useTUI);
+            }
+          }
+        }
+      }).catch((error) => {
+        logMessage(state, context, useTUI, `Failed to handle repository list: ${error.message}`, "stderr");
+      });
+    } else if (message.type === "task-available") {
+      const repoName = message.repository;
+      const repoDeps = toRepositoryDependencies(bucketDependencies, fileSystem);
+      logMessage(state, context, useTUI, `Received task-available for ${repoName}`);
+      const repoState = state.repositories.get(repoName);
+      if (repoState) {
+        signalTaskAvailable(repoState, state, repoDeps, context, useTUI);
+      } else {
+        logMessage(state, context, useTUI, `No repository state found for ${repoName}`, "stderr");
+      }
     }
   };
 }
@@ -3502,9 +3863,13 @@ async function resolveToken(authDeps, context) {
     return null;
   }
 }
-async function bucket(dependencies, bucketDeps = createDefaultBucketDependencies()) {
+async function bucketWorker(dependencies, bucketDeps = createDefaultBucketDependencies()) {
   enableFileLogs("bucket");
   const { context, fileSystem } = dependencies;
+  if (isUnattended()) {
+    context.stderr("dust bucket cannot run inside an unattended session (DUST_UNATTENDED is set)");
+    return { exitCode: 1 };
+  }
   const token = await resolveToken(bucketDeps.auth, context);
   if (!token) {
     return { exitCode: 1 };
@@ -3964,6 +4329,11 @@ function validateTitleFilenameMatch(filePath, content) {
 }
 
 // lib/lint/validators/idea-validator.ts
+var WORKFLOW_PREFIX_TO_SECTION = {
+  "Refine Idea: ": "Refines Idea",
+  "Decompose Idea: ": "Decomposes Idea",
+  "Shelve Idea: ": "Shelves Idea"
+};
 function validateIdeaOpenQuestions(filePath, content) {
   const violations = [];
   const lines = content.split(`
@@ -4077,6 +4447,114 @@ function validateIdeaTransitionTitle(filePath, content, ideasPath, fileSystem) {
   }
   return null;
 }
+function extractSectionContent(content, sectionHeading) {
+  const lines = content.split(`
+`);
+  let inSection = false;
+  let sectionContent = "";
+  let startLine = 0;
+  for (let i = 0;i < lines.length; i++) {
+    const line = lines[i];
+    if (line.startsWith("## ")) {
+      if (inSection)
+        break;
+      if (line.trimEnd() === `## ${sectionHeading}`) {
+        inSection = true;
+        startLine = i + 1;
+      }
+      continue;
+    }
+    if (line.startsWith("# ") && inSection)
+      break;
+    if (inSection) {
+      sectionContent += `${line}
+`;
+    }
+  }
+  if (!inSection)
+    return null;
+  return { content: sectionContent, startLine };
+}
+function validateWorkflowTaskBodySection(filePath, content, ideasPath, fileSystem) {
+  const violations = [];
+  const title = extractTitle(content);
+  if (!title)
+    return violations;
+  let matchedPrefix = null;
+  for (const prefix of IDEA_TRANSITION_PREFIXES) {
+    if (title.startsWith(prefix)) {
+      matchedPrefix = prefix;
+      break;
+    }
+  }
+  if (!matchedPrefix)
+    return violations;
+  const expectedHeading = WORKFLOW_PREFIX_TO_SECTION[matchedPrefix];
+  const section = extractSectionContent(content, expectedHeading);
+  if (!section) {
+    violations.push({
+      file: filePath,
+      message: `Workflow task with "${matchedPrefix.trim()}" prefix is missing required "## ${expectedHeading}" section. Add a section with a link to the idea file, e.g.:
+
+## ${expectedHeading}
+
+- [Idea Title](../ideas/idea-slug.md)`
+    });
+    return violations;
+  }
+  const linkRegex = new RegExp(MARKDOWN_LINK_PATTERN.source, "g");
+  const links = [];
+  const sectionLines = section.content.split(`
+`);
+  for (let i = 0;i < sectionLines.length; i++) {
+    const line = sectionLines[i];
+    let match = linkRegex.exec(line);
+    while (match !== null) {
+      links.push({
+        text: match[1],
+        target: match[2],
+        line: section.startLine + i + 1
+      });
+      match = linkRegex.exec(line);
+    }
+  }
+  if (links.length === 0) {
+    violations.push({
+      file: filePath,
+      message: `"## ${expectedHeading}" section contains no link. Add a markdown link to the idea file, e.g.:
+
+- [Idea Title](../ideas/idea-slug.md)`,
+      line: section.startLine
+    });
+    return violations;
+  }
+  const ideaLinks = links.filter((l) => l.target.includes("/ideas/") || l.target.startsWith("../ideas/"));
+  if (ideaLinks.length === 0) {
+    violations.push({
+      file: filePath,
+      message: `"## ${expectedHeading}" section contains no link to an idea file. Links must point to a file in ../ideas/, e.g.:
+
+- [Idea Title](../ideas/idea-slug.md)`,
+      line: section.startLine
+    });
+    return violations;
+  }
+  for (const link of ideaLinks) {
+    const slugMatch = link.target.match(/([^/]+)\.md$/);
+    if (!slugMatch)
+      continue;
+    const ideaSlug = slugMatch[1];
+    const ideaFilePath = `${ideasPath}/${ideaSlug}.md`;
+    if (!fileSystem.exists(ideaFilePath)) {
+      violations.push({
+        file: filePath,
+        message: `Link to idea "${link.text}" points to non-existent file: ${ideaSlug}.md. Either create the idea file at ideas/${ideaSlug}.md or update the link to point to an existing idea.`,
+        line: link.line
+      });
+    }
+  }
+  return violations;
+}
 
 // lib/lint/validators/link-validator.ts
 import { dirname as dirname3, resolve } from "node:path";
@@ -4480,6 +4958,7 @@ async function lintMarkdown(dependencies) {
       if (ideaTransitionViolation) {
         violations.push(ideaTransitionViolation);
       }
+      violations.push(...validateWorkflowTaskBodySection(filePath, content, ideasPath, fileSystem));
     }
   }
   const principlesPath = `${dustPath}/principles`;
@@ -4706,6 +5185,7 @@ function generateHelpText(settings) {
       next              Show tasks ready to work on (not blocked)
       check             Run project-defined quality gate hook
       agent             Agent greeting and routing instructions
+      audit             Create tasks from audit templates
       focus             Declare current objective (for remote session tracking)
       pick task         Pick the next task to work on
       implement task    Implement a task
@@ -5428,7 +5908,7 @@ async function prePush(dependencies, gitRunner = defaultGitRunner, env = process
   if (agent2.type === "unknown") {
     return { exitCode: 0 };
   }
-  if (env.DUST_UNATTENDED) {
+  if (isUnattended(env)) {
     const uncommittedFiles = await getUncommittedFiles(context.cwd, gitRunner);
     if (uncommittedFiles.length > 0) {
       context.stderr("");
@@ -5498,7 +5978,7 @@ var commandRegistry = {
   check,
   agent,
   audit,
-  bucket,
+  "bucket worker": bucketWorker,
   "bucket asset upload": bucketAssetUpload,
   focus,
   "new task": newTask,