@lamentis/naome 1.3.7 → 1.3.8

package/Cargo.lock

@@ -76,7 +76,7 @@ checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
 
 [[package]]
 name = "naome-cli"
-version = "1.3.7"
+version = "1.3.8"
 dependencies = [
  "naome-core",
  "serde_json",
@@ -84,7 +84,7 @@ dependencies = [
 
 [[package]]
 name = "naome-core"
-version = "1.3.7"
+version = "1.3.8"
 dependencies = [
  "serde",
  "serde_json",

package/README.md

@@ -41,6 +41,11 @@ For agent-driven work, route the user's request through the harness:
 naome route --prompt-file /path/to/prompt.txt --execute --json
 ```
 
+Prompt files should start with a fenced `naome-prompt-envelope-v1` JSON
+envelope that normalizes the raw user text into canonical routing fields. A raw
+natural-language prompt routes to a non-mutating normalization decision instead
+of becoming a task by keyword inference.
+
 ## Why NAOME?
 
 - Keeps agents inside explicit task scope.

package/crates/naome-cli/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "naome-cli"
-version = "1.3.7"
+version = "1.3.8"
 edition.workspace = true
 license.workspace = true
 repository.workspace = true

package/crates/naome-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "naome-core"
-version = "1.3.7"
+version = "1.3.8"
 edition.workspace = true
 license.workspace = true
 repository.workspace = true

package/crates/naome-core/src/context/select.rs

@@ -1,5 +1,8 @@
-use std::path::Path;
+use std::path::{Component, Path};
 
+use serde::Deserialize;
+
+use crate::intent::prompt_envelope_json;
 use crate::{git, models::NaomeError};
 
 use super::helpers::{capsule_for_paths, context_item, is_source_path, normalize_paths};
@@ -7,6 +10,13 @@ use super::types::{ContextBudgetLedger, ContextItem, ContextSelection};
 
 const MAX_CONTEXT_FILES: usize = 12;
 
+#[derive(Debug, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct PromptEnvelopeContext {
+    schema: Option<String>,
+    referenced_paths: Option<Vec<String>>,
+}
+
 pub fn select_context_for_changed_paths(root: &Path) -> Result<ContextSelection, NaomeError> {
     let paths = git::changed_paths(root)?;
     Ok(selection_for_paths(root, "changed", paths))
@@ -19,7 +29,9 @@ pub fn select_context_for_prompt(
     Ok(selection_for_paths(
         root,
         "prompt",
-        mentioned_paths(prompt.as_ref()),
+        envelope_referenced_paths(prompt.as_ref())
+            .filter(|paths| !paths.is_empty())
+            .unwrap_or_else(|| mentioned_paths(root, prompt.as_ref())),
     ))
 }
 
@@ -119,7 +131,7 @@ fn forbidden_context() -> Vec<String> {
     .collect()
 }
 
-fn mentioned_paths(prompt: &str) -> Vec<String> {
+fn mentioned_paths(root: &Path, prompt: &str) -> Vec<String> {
     prompt
         .split_whitespace()
         .map(|token| {
@@ -127,8 +139,50 @@ fn mentioned_paths(prompt: &str) -> Vec<String> {
                 matches!(ch, '"' | '\'' | '`' | ',' | ';' | ':' | ')' | '(')
             })
         })
-        .filter(|token| token.contains('/') || is_source_path(token) || token.ends_with(".md"))
         .filter(|token| !token.starts_with('-') && !token.starts_with("http"))
         .map(|token| token.trim_start_matches("./").replace('\\', "/"))
+        .filter(|path| path_looks_contextual(path))
+        .filter(|path| path_exists_or_has_repo_parent(root, path))
         .collect()
 }
+
+fn envelope_referenced_paths(prompt: &str) -> Option<Vec<String>> {
+    let input =
+        serde_json::from_str::<PromptEnvelopeContext>(prompt_envelope_json(prompt)?).ok()?;
+    if input.schema.as_deref() != Some("naome.prompt-envelope.v1") {
+        return None;
+    }
+    Some(
+        input
+            .referenced_paths
+            .unwrap_or_default()
+            .into_iter()
+            .map(|path| path.trim_start_matches("./").replace('\\', "/"))
+            .filter(|path| is_repo_relative_path(path))
+            .filter(|path| path_looks_contextual(path))
+            .collect(),
+    )
+}
+
+fn is_repo_relative_path(path: &str) -> bool {
+    let candidate = Path::new(path);
+    !path.contains(':')
+        && !candidate.is_absolute()
+        && !candidate
+            .components()
+            .any(|component| matches!(component, Component::ParentDir))
+}
+
+fn path_looks_contextual(path: &str) -> bool {
+    path.contains('/') || is_source_path(path) || path.ends_with(".md")
+}
+
+fn path_exists_or_has_repo_parent(root: &Path, path: &str) -> bool {
+    let candidate = root.join(path);
+    if candidate.exists() {
+        return true;
+    }
+    candidate
+        .parent()
+        .is_some_and(|parent| parent != root && parent.exists())
+}

package/crates/naome-core/src/intent/classifier.rs

@@ -1,29 +1,42 @@
 use std::collections::HashSet;
 
 use super::envelope::parse_routing_envelope;
-use super::model::{CanonicalIntent, IntentCandidate, IntentKind, PromptSegment, SegmentKind};
-use super::patterns;
+use super::model::{CanonicalIntent, IntentCandidate, IntentKind};
 use super::risk::detect_risk;
 use super::segment::{actionable_text, segment_prompt};
 
-const DIRECT_WORKFLOW_CONFIDENCE: u8 = 90;
-const NEW_TASK_CONFIDENCE: u8 = 80;
-const REVISION_CONFIDENCE: u8 = 78;
-const GENERIC_WORK_CONFIDENCE: u8 = 50;
-
 pub(crate) fn canonical_intent(prompt: &str) -> CanonicalIntent {
     let segments = segment_prompt(prompt);
     let actionable = actionable_text(&segments);
-    let mut candidates = classify_candidates(&segments);
+    let mut has_routing_envelope = false;
+    let mut validation_errors = Vec::new();
+    let mut candidates = Vec::new();
     let mut risk = detect_risk(&segments);
 
     if let Some(envelope) = parse_routing_envelope(prompt) {
+        has_routing_envelope = true;
         candidates.clear();
-        candidates.extend(envelope.candidates);
+        validation_errors = envelope.validation_errors;
         risk.risk_codes.extend(envelope.risk.risk_codes);
         risk.risk_codes.sort();
         risk.risk_codes.dedup();
         risk.has_risky_terms = !risk.risk_codes.is_empty();
+        if validation_errors.is_empty() {
+            candidates.extend(envelope.candidates);
+        } else {
+            candidates.push(IntentCandidate {
+                kind: IntentKind::PromptNormalizationRequired,
+                confidence: 100,
+                evidence: "invalid_prompt_envelope".to_string(),
+            });
+        }
+    } else if !actionable.trim().is_empty() {
+        candidates.clear();
+        candidates.push(IntentCandidate {
+            kind: IntentKind::PromptNormalizationRequired,
+            confidence: 100,
+            evidence: "missing_prompt_envelope".to_string(),
+        });
     }
 
     candidates = dedupe_candidates(candidates);
@@ -37,11 +50,13 @@ pub(crate) fn canonical_intent(prompt: &str) -> CanonicalIntent {
     }
 
     CanonicalIntent {
-        is_empty: actionable.trim().is_empty(),
+        is_empty: actionable.trim().is_empty() && !has_routing_envelope,
+        has_routing_envelope,
         references_current_task,
         has_workflow_conflict: has_workflow_conflict(&candidates),
         candidates,
         risk,
+        validation_errors,
     }
 }
 
@@ -51,14 +66,16 @@ pub(crate) fn winning_intent(canonical: &CanonicalIntent) -> IntentKind {
     }
     for kind in [
         IntentKind::Unsafe,
+        IntentKind::PromptNormalizationRequired,
         IntentKind::StatusQuestion,
+        IntentKind::Advisory,
         IntentKind::RepairRequest,
         IntentKind::CancelRequest,
         IntentKind::ReviewRequest,
         IntentKind::NoCommitRequest,
         IntentKind::CommitRequest,
-        IntentKind::NewTask,
         IntentKind::TaskRevision,
+        IntentKind::NewTask,
         IntentKind::TaskCompletion,
     ] {
         if has_candidate(canonical, kind) {
@@ -75,67 +92,44 @@ pub(crate) fn has_candidate(canonical: &CanonicalIntent, kind: IntentKind) -> bo
         .any(|candidate| candidate.kind == kind)
 }
 
-fn classify_candidates(segments: &[PromptSegment]) -> Vec<IntentCandidate> {
-    let mut candidates = Vec::new();
-    for segment in action_segments(segments) {
-        classify_direct_workflow(&mut candidates, segment);
-        classify_task_work(&mut candidates, &segment.text);
-    }
-
-    if candidates.is_empty() {
-        let actionable = actionable_text(segments);
-        if patterns::is_generic_work_request(&actionable) {
-            push(
-                &mut candidates,
-                IntentKind::NewTask,
-                GENERIC_WORK_CONFIDENCE,
-                "generic_work_request",
-            );
-        }
-    }
-
-    dedupe_candidates(candidates)
-}
-
-fn classify_direct_workflow(candidates: &mut Vec<IntentCandidate>, segment: &PromptSegment) {
-    let intents = if segment.kind == SegmentKind::CommandLike {
-        patterns::command_workflow_intents(&segment.text)
-    } else {
-        patterns::structured_workflow_intents(&segment.text)
-    };
-    for intent in intents {
-        push(
-            candidates,
-            intent,
-            DIRECT_WORKFLOW_CONFIDENCE,
-            &patterns::normalized(&segment.text),
-        );
-    }
-}
-
-fn classify_task_work(candidates: &mut Vec<IntentCandidate>, text: &str) {
-    if let Some(intent) = patterns::explicit_task_intent(text) {
-        let confidence = if intent == IntentKind::NewTask {
-            NEW_TASK_CONFIDENCE
-        } else {
-            REVISION_CONFIDENCE
-        };
-        push(candidates, intent, confidence, &patterns::normalized(text));
-    }
-}
-
 fn has_candidate_kind(candidates: &[IntentCandidate], kind: IntentKind) -> bool {
     candidates.iter().any(|candidate| candidate.kind == kind)
 }
 
 fn has_workflow_conflict(candidates: &[IntentCandidate]) -> bool {
+    let kinds = candidates
+        .iter()
+        .map(|candidate| candidate.kind)
+        .collect::<HashSet<_>>();
+    let mutating_kinds = [
+        IntentKind::NewTask,
+        IntentKind::TaskRevision,
+        IntentKind::CommitRequest,
+        IntentKind::RepairRequest,
+        IntentKind::ReviewRequest,
+        IntentKind::CancelRequest,
+        IntentKind::TaskCompletion,
+    ];
+    if (kinds.contains(&IntentKind::Advisory) || kinds.contains(&IntentKind::StatusQuestion))
+        && mutating_kinds.iter().any(|kind| kinds.contains(kind))
+    {
+        return true;
+    }
+    if kinds.contains(&IntentKind::CommitRequest) && kinds.contains(&IntentKind::NoCommitRequest) {
+        return true;
+    }
+
     let workflow = candidates
         .iter()
-        .filter(|candidate| candidate.confidence >= DIRECT_WORKFLOW_CONFIDENCE)
+        .filter(|candidate| candidate.confidence >= 90)
         .filter(|candidate| {
             !matches!(
                 candidate.kind,
-                IntentKind::NewTask | IntentKind::TaskRevision | IntentKind::Unsafe
+                IntentKind::NewTask
+                    | IntentKind::TaskRevision
+                    | IntentKind::Unsafe
+                    | IntentKind::Advisory
+                    | IntentKind::StatusQuestion
             )
         })
         .map(|candidate| candidate.kind)
@@ -143,25 +137,6 @@ fn has_workflow_conflict(candidates: &[IntentCandidate]) -> bool {
     workflow.len() > 1
 }
 
-fn action_segments(segments: &[PromptSegment]) -> impl Iterator<Item = &PromptSegment> {
-    segments.iter().filter(|segment| {
-        matches!(
-            segment.kind,
-            super::model::SegmentKind::Prose
-                | super::model::SegmentKind::ListItem
-                | super::model::SegmentKind::CommandLike
-        )
-    })
-}
-
-fn push(candidates: &mut Vec<IntentCandidate>, kind: IntentKind, confidence: u8, text: &str) {
-    candidates.push(IntentCandidate {
-        kind,
-        confidence,
-        evidence: text.to_string(),
-    });
-}
-
 fn dedupe_candidates(candidates: Vec<IntentCandidate>) -> Vec<IntentCandidate> {
     let mut seen = HashSet::new();
     candidates

package/crates/naome-core/src/intent/envelope.rs

@@ -1,19 +1,25 @@
 use serde::Deserialize;
+use serde_json::Value;
 
 use super::model::{IntentCandidate, IntentKind, RiskContext};
 
-const ENVELOPE_FENCE: &str = "```naome-intent-v2";
+const PROMPT_ENVELOPE_FENCE: &str = "```naome-prompt-envelope-v1";
 
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub(crate) struct RoutingEnvelope {
     pub candidates: Vec<IntentCandidate>,
     pub risk: RiskContext,
+    pub validation_errors: Vec<String>,
 }
 
 #[derive(Debug, Deserialize)]
 #[serde(rename_all = "camelCase")]
 struct EnvelopeInput {
     schema: Option<String>,
+    request_kind: Option<String>,
+    mutation_intent: Option<String>,
+    publication_intent: Option<String>,
+    requested_actions: Option<Vec<String>>,
     workflow_action: Option<String>,
     task_intent: Option<String>,
     risk: Option<String>,
@@ -21,32 +27,84 @@ struct EnvelopeInput {
 }
 
 pub(crate) fn parse_routing_envelope(prompt: &str) -> Option<RoutingEnvelope> {
-    let json = envelope_json(prompt)?;
-    let input = serde_json::from_str::<EnvelopeInput>(json).ok()?;
-    if !matches!(input.schema.as_deref(), Some("naome.intent.v2")) {
-        return None;
-    }
+    let json = prompt_envelope_json(prompt)?;
+    let raw = match serde_json::from_str::<Value>(json) {
+        Ok(raw) => raw,
+        Err(_) => {
+            return Some(invalid_envelope(
+                vec!["prompt_envelope_invalid:json".to_string()],
+                RiskContext {
+                    has_risky_terms: false,
+                    risk_codes: Vec::new(),
+                },
+            ));
+        }
+    };
+    let input = match serde_json::from_value::<EnvelopeInput>(raw.clone()) {
+        Ok(input) => input,
+        Err(_) => {
+            let mut validation_errors = vec!["prompt_envelope_invalid:shape".to_string()];
+            let risk_codes = envelope_risk_codes(
+                raw.get("risk").and_then(Value::as_str),
+                raw_string_array(&raw, "riskCodes"),
+                &mut validation_errors,
+            );
+            return Some(invalid_envelope(
+                validation_errors,
+                RiskContext {
+                    has_risky_terms: !risk_codes.is_empty(),
+                    risk_codes,
+                },
+            ));
+        }
+    };
 
     let mut candidates = Vec::new();
-    if let Some(kind) = workflow_action(input.workflow_action.as_deref()) {
+    let mut validation_errors = Vec::new();
+    if input.schema.as_deref() != Some("naome.prompt-envelope.v1") {
+        validation_errors.push("prompt_envelope_invalid:schema".to_string());
+    }
+    if let Some(kind) = request_kind(input.request_kind.as_deref(), &mut validation_errors) {
+        candidates.push(candidate(kind, "envelope.requestKind"));
+    }
+    if let Some(kind) = mutation_intent(input.mutation_intent.as_deref(), &mut validation_errors) {
+        candidates.push(candidate(kind, "envelope.mutationIntent"));
+    }
+    if let Some(kind) =
+        publication_intent(input.publication_intent.as_deref(), &mut validation_errors)
+    {
+        candidates.push(candidate(kind, "envelope.publicationIntent"));
+    }
+    for kind in requested_actions(input.requested_actions, &mut validation_errors) {
+        candidates.push(candidate(kind, "envelope.requestedActions"));
+    }
+    if let Some(kind) = workflow_action(input.workflow_action.as_deref(), &mut validation_errors) {
         candidates.push(candidate(kind, "envelope.workflowAction"));
     }
-    if let Some(kind) = task_intent(input.task_intent.as_deref()) {
+    if let Some(kind) = task_intent(input.task_intent.as_deref(), &mut validation_errors) {
         candidates.push(candidate(kind, "envelope.taskIntent"));
     }
 
-    let risk_codes = envelope_risk_codes(input.risk.as_deref(), input.risk_codes);
+    let risk_codes = envelope_risk_codes(
+        input.risk.as_deref(),
+        input.risk_codes,
+        &mut validation_errors,
+    );
     let risk = RiskContext {
         has_risky_terms: !risk_codes.is_empty(),
         risk_codes,
     };
 
-    Some(RoutingEnvelope { candidates, risk })
+    Some(RoutingEnvelope {
+        candidates,
+        risk,
+        validation_errors,
+    })
 }
 
-fn envelope_json(prompt: &str) -> Option<&str> {
-    let start = prompt.find(ENVELOPE_FENCE)?;
-    let after_open = &prompt[start + ENVELOPE_FENCE.len()..];
+pub(crate) fn prompt_envelope_json(prompt: &str) -> Option<&str> {
+    let fence = PROMPT_ENVELOPE_FENCE;
+    let after_open = prompt.strip_prefix(fence)?;
     let after_line = after_open
         .strip_prefix('\n')
         .or_else(|| after_open.strip_prefix("\r\n"))?;
@@ -54,7 +112,69 @@ fn envelope_json(prompt: &str) -> Option<&str> {
     Some(after_line[..end].trim())
 }
 
-fn workflow_action(value: Option<&str>) -> Option<IntentKind> {
+fn request_kind(value: Option<&str>, errors: &mut Vec<String>) -> Option<IntentKind> {
+    match normalized_value(value)?.as_str() {
+        "none" | "unknown" => None,
+        "advisory" | "planning" | "planning_only" | "question" | "recommendation" => {
+            Some(IntentKind::Advisory)
+        }
+        "implementation" | "execution" | "task" | "feature" | "fix" => Some(IntentKind::NewTask),
+        "revision" | "correction" => Some(IntentKind::TaskRevision),
+        "status" => Some(IntentKind::StatusQuestion),
+        _ => invalid_value("requestKind", errors),
+    }
+}
+
+fn mutation_intent(value: Option<&str>, errors: &mut Vec<String>) -> Option<IntentKind> {
+    match normalized_value(value)?.as_str() {
+        "none" | "unknown" => None,
+        "modify_files" | "edit_files" | "create_files" | "delete_files" => {
+            Some(IntentKind::NewTask)
+        }
+        "commit" | "baseline" => Some(IntentKind::CommitRequest),
+        "publish" | "push" | "merge_request" | "pull_request" => {
+            unsupported_value("mutationIntent", errors)
+        }
+        _ => invalid_value("mutationIntent", errors),
+    }
+}
+
+fn publication_intent(value: Option<&str>, errors: &mut Vec<String>) -> Option<IntentKind> {
+    match normalized_value(value)?.as_str() {
+        "none" | "unknown" => None,
+        "commit" => Some(IntentKind::CommitRequest),
+        "push" | "merge_request" | "pull_request" | "mr" | "pr" => {
+            unsupported_value("publicationIntent", errors)
+        }
+        _ => invalid_value("publicationIntent", errors),
+    }
+}
+
+fn requested_actions(values: Option<Vec<String>>, errors: &mut Vec<String>) -> Vec<IntentKind> {
+    values
+        .unwrap_or_default()
+        .into_iter()
+        .filter_map(|value| action_token(&value, errors))
+        .collect()
+}
+
+fn action_token(value: &str, errors: &mut Vec<String>) -> Option<IntentKind> {
+    match normalized_value(Some(value))?.as_str() {
+        "answer" | "advise" | "plan" | "recommend" => Some(IntentKind::Advisory),
+        "implement" | "edit" | "modify" | "create_task" => Some(IntentKind::NewTask),
+        "revise" | "correct" => Some(IntentKind::TaskRevision),
+        "status" => Some(IntentKind::StatusQuestion),
+        "review" => Some(IntentKind::ReviewRequest),
+        "repair" => Some(IntentKind::RepairRequest),
+        "commit" | "baseline" => Some(IntentKind::CommitRequest),
+        "no_commit" => Some(IntentKind::NoCommitRequest),
+        "cancel" => Some(IntentKind::CancelRequest),
+        "complete" => Some(IntentKind::TaskCompletion),
+        _ => invalid_value("requestedActions", errors),
+    }
+}
+
+fn workflow_action(value: Option<&str>, errors: &mut Vec<String>) -> Option<IntentKind> {
     match normalized_value(value)?.as_str() {
         "none" | "unknown" => None,
         "commit_request" => Some(IntentKind::CommitRequest),
@@ -64,20 +184,24 @@ fn workflow_action(value: Option<&str>) -> Option<IntentKind> {
         "task_completion" => Some(IntentKind::TaskCompletion),
         "status_question" => Some(IntentKind::StatusQuestion),
         "no_commit_request" => Some(IntentKind::NoCommitRequest),
-        _ => None,
+        _ => invalid_value("workflowAction", errors),
     }
 }
 
-fn task_intent(value: Option<&str>) -> Option<IntentKind> {
+fn task_intent(value: Option<&str>, errors: &mut Vec<String>) -> Option<IntentKind> {
     match normalized_value(value)?.as_str() {
         "none" | "unknown" => None,
         "new_task" => Some(IntentKind::NewTask),
         "task_revision" => Some(IntentKind::TaskRevision),
-        _ => None,
+        _ => invalid_value("taskIntent", errors),
     }
 }
 
-fn envelope_risk_codes(risk: Option<&str>, risk_codes: Option<Vec<String>>) -> Vec<String> {
+fn envelope_risk_codes(
+    risk: Option<&str>,
+    risk_codes: Option<Vec<String>>,
+    errors: &mut Vec<String>,
+) -> Vec<String> {
     let mut codes = risk_codes.unwrap_or_default();
     match normalized_value(risk).as_deref() {
         Some("none") | Some("unknown") | None => {}
@@ -86,19 +210,49 @@ fn envelope_risk_codes(risk: Option<&str>, risk_codes: Option<Vec<String>>) -> V
             codes.push("envelope_risk:credential_context".to_string());
         }
         Some("bypass_context") => codes.push("envelope_risk:bypass_context".to_string()),
-        Some(other) => codes.push(format!("envelope_risk:{other}")),
+        Some(_) => {
+            errors.push("prompt_envelope_invalid:risk".to_string());
+        }
     }
     codes.sort();
     codes.dedup();
     codes
 }
 
+fn invalid_value(field: &str, errors: &mut Vec<String>) -> Option<IntentKind> {
+    errors.push(format!("prompt_envelope_invalid:{field}"));
+    None
+}
+
+fn unsupported_value(field: &str, errors: &mut Vec<String>) -> Option<IntentKind> {
+    errors.push(format!("prompt_envelope_unsupported:{field}"));
+    None
+}
+
 fn normalized_value(value: Option<&str>) -> Option<String> {
     value
         .map(|value| value.trim().to_ascii_lowercase())
         .filter(|value| !value.is_empty())
 }
 
+fn raw_string_array(raw: &Value, field: &str) -> Option<Vec<String>> {
+    raw.get(field).and_then(Value::as_array).map(|values| {
+        values
+            .iter()
+            .filter_map(Value::as_str)
+            .map(ToString::to_string)
+            .collect()
+    })
+}
+
+fn invalid_envelope(validation_errors: Vec<String>, risk: RiskContext) -> RoutingEnvelope {
+    RoutingEnvelope {
+        candidates: Vec::new(),
+        risk,
+        validation_errors,
+    }
+}
+
 fn candidate(kind: IntentKind, evidence: &str) -> IntentCandidate {
     IntentCandidate {
         kind,

package/crates/naome-core/src/intent/legacy_response.rs

@@ -19,6 +19,8 @@ pub(crate) fn response_policy(
         "auto_commit_harness_refresh_then_completed_task_then_create_new_task" => "The completed task is valid after separating deterministic harness refresh changes. NAOME can baseline the refresh first, then baseline the task before starting the next separate task.",
         "auto_commit_upgrade_baseline_then_create_new_task" => "The setup or repair diff is ready. NAOME can baseline it automatically before starting the next task.",
         "create_new_task" | "create_new_task_without_auto_baseline" => "NAOME is ready to create the next task.",
+        "normalize_prompt_first" => "NAOME needs a structured prompt envelope before it can route or mutate repository state.",
+        "answer_without_mutation" => "The prompt is advisory or planning-only, so NAOME will not mutate repository state.",
         "answer_status_only" => summary,
         "block_auto_baseline_due_to_no_commit" => "I will not baseline or commit because the prompt explicitly blocks committing. Review, revise, cancel, or clear the current diff first.",
         "review_task_diff" | "review_diff_first" | "review_current_task_diff" => "The prompt asks for review, so NAOME will not mutate the repository automatically.",

package/crates/naome-core/src/intent/model.rs

@@ -18,6 +18,8 @@ pub(crate) struct PromptSegment {
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
 pub(crate) enum IntentKind {
     Ambiguous,
+    PromptNormalizationRequired,
+    Advisory,
     NewTask,
     TaskRevision,
     StatusQuestion,
@@ -34,6 +36,8 @@ impl IntentKind {
     pub fn as_str(self) -> &'static str {
         match self {
             Self::Ambiguous => "ambiguous",
+            Self::PromptNormalizationRequired => "prompt_normalization_required",
+            Self::Advisory => "advisory",
             Self::NewTask => "new_task",
             Self::TaskRevision => "task_revision",
             Self::StatusQuestion => "status_question",
@@ -64,8 +68,10 @@ pub(crate) struct RiskContext {
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub(crate) struct CanonicalIntent {
     pub is_empty: bool,
+    pub has_routing_envelope: bool,
     pub references_current_task: bool,
     pub candidates: Vec<IntentCandidate>,
     pub risk: RiskContext,
     pub has_workflow_conflict: bool,
+    pub validation_errors: Vec<String>,
 }