@link-assistant/hive-mind 1.74.3 → 1.74.5

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @link-assistant/hive-mind
 
+## 1.74.5
+
+### Patch Changes
+
+- c20c2ec: Stop auto-restart-until-mergeable from restarting on CodeRabbit review quota/credit failures, and report them as Ready for review with skipped checks instead.
+
+## 1.74.4
+
+### Patch Changes
+
+- 9b88700: Fix Telegram Docker isolation to use Hive Mind images with scoped GitHub, Claude, and Codex auth mounts.
+
 ## 1.74.3
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@link-assistant/hive-mind",
-  "version": "1.74.3",
+  "version": "1.74.5",
   "description": "AI-powered issue solver and hive mind for collaborative problem solving",
   "main": "src/hive.mjs",
   "type": "module",

package/src/external-review-limit.lib.mjs

@@ -0,0 +1,66 @@
+#!/usr/bin/env node
+
+/**
+ * Helpers for external review services whose checks fail because the service
+ * could not run, not because repository code failed.
+ */
+
+const EXTERNAL_REVIEW_SERVICE_PATTERNS = [/coderabbit/i, /code\s*rabbit/i];
+
+const EXTERNAL_REVIEW_LIMIT_PATTERNS = [/insufficient\s+(?:review\s+)?credits?/i, /review\s+limit\s+reached/i, /rate\s+limit(?:ed|s)?/i, /run\s+out\s+of\s+usage\s+credits?/i, /out\s+of\s+usage\s+credits?/i, /usage\s+credits?\s+(?:exhausted|reached|insufficient)/i, /insufficient\s+(?:balance|limits?)/i, /no\s+(?:credits?|balance)\s+(?:left|remaining)/i];
+
+const checkText = check => {
+  if (!check || typeof check !== 'object') return '';
+  return [check.name, check.context, check.description, check.summary, check.text, check.html_url, check.details_url].filter(Boolean).join('\n');
+};
+
+export const isExternalReviewLimitCheck = check => {
+  const text = checkText(check);
+  if (!text) return false;
+  return EXTERNAL_REVIEW_SERVICE_PATTERNS.some(pattern => pattern.test(text)) && EXTERNAL_REVIEW_LIMIT_PATTERNS.some(pattern => pattern.test(text));
+};
+
+export const splitExternalReviewLimitChecks = checks => {
+  const limitedChecks = [];
+  const actionableFailedChecks = [];
+
+  for (const check of checks || []) {
+    if (isExternalReviewLimitCheck(check)) {
+      limitedChecks.push(check);
+    } else {
+      actionableFailedChecks.push(check);
+    }
+  }
+
+  return { limitedChecks, actionableFailedChecks };
+};
+
+export const formatExternalReviewLimitCheck = check => {
+  const name = check?.name || check?.context || 'External review';
+  const description = check?.description && check.description !== name ? ` — ${check.description}` : '';
+  const url = check?.html_url || check?.details_url;
+  return `${name}${description}${url ? ` — ${url}` : ''}`;
+};
+
+const formatList = items => items.map(item => `- ${item}`).join('\n');
+
+export const buildReadyForReviewComment = ({ blocker, ciStatus } = {}) => {
+  const skippedChecks = blocker?.details?.length ? blocker.details : (blocker?.checks || []).map(formatExternalReviewLimitCheck);
+  const skippedList = skippedChecks.length > 0 ? skippedChecks : ['External review check — blocked by service credits/rate limits'];
+  const passedChecks = (ciStatus?.passedChecks || []).map(formatExternalReviewLimitCheck);
+  const passedSection = passedChecks.length > 0 ? `\n\n**Checks completed successfully:**\n${formatList(passedChecks)}` : '';
+
+  return `## 🟡 Ready for review
+
+Hive Mind stopped automatic restart because the remaining failed check is an external review quota/credit limit, not a code failure it can fix.
+
+**Checks not executed:**
+${formatList(skippedList)}${passedSection}
+
+**Action required:**
+- Restore the external review credits/rate limit and rerun the review, or decide manually whether this PR can proceed.
+- No new AI session was started for this blocker.
+
+---
+*Monitored by hive-mind with --auto-restart-until-mergeable flag.*`;
+};

package/src/github-merge.lib.mjs

@@ -346,12 +346,14 @@ export async function checkPRCIStatus(owner, repo, prNumber, verbose = false) {
         status: check.status,
         conclusion: check.conclusion,
         type: 'check_run',
+        description: check.output?.title || check.output?.summary || null,
       })),
       ...statuses.map(status => ({
         name: status.context,
         status: status.state === 'pending' ? 'in_progress' : 'completed',
         conclusion: status.state === 'pending' ? null : status.state === 'success' ? 'success' : status.state === 'failure' ? 'failure' : status.state,
         type: 'status',
+        description: status.description || null,
       })),
     ];
 
@@ -375,7 +377,7 @@ export async function checkPRCIStatus(owner, repo, prNumber, verbose = false) {
 
     const hasPending = allChecks.some(c => c.status !== 'completed' || c.conclusion === null);
     const allPassed = !hasPending && allChecks.every(c => c.conclusion === 'success' || c.conclusion === 'skipped' || c.conclusion === 'neutral');
-    const hasFailed = allChecks.some(c => c.conclusion === 'failure' || c.conclusion === 'cancelled' || c.conclusion === 'timed_out');
+    const hasFailed = allChecks.some(c => c.conclusion === 'failure' || c.conclusion === 'error' || c.conclusion === 'cancelled' || c.conclusion === 'timed_out');
 
     let status;
     if (hasPending) {
@@ -1126,6 +1128,7 @@ export async function getDetailedCIStatus(owner, repo, prNumber, verbose = false
         conclusion: check.conclusion, // success, failure, cancelled, timed_out, skipped, neutral, action_required, stale, null
         type: 'check_run',
         id: check.id,
+        description: check.output?.title || check.output?.summary || null,
         html_url: check.html_url || check.details_url || null,
       })),
       ...statuses.map(status => ({
@@ -1134,6 +1137,7 @@ export async function getDetailedCIStatus(owner, repo, prNumber, verbose = false
         conclusion: status.state === 'pending' ? null : status.state === 'success' ? 'success' : status.state === 'failure' ? 'failure' : status.state,
         type: 'status',
         id: null,
+        description: status.description || null,
         html_url: status.target_url || null,
       })),
     ];
@@ -1173,7 +1177,7 @@ export async function getDetailedCIStatus(owner, repo, prNumber, verbose = false
     // neutral, action_required, stale, null (not yet completed)
     // GitHub check run statuses include: queued, in_progress, completed, waiting, requested, pending
     const passedChecks = allChecks.filter(c => c.conclusion === 'success' || c.conclusion === 'skipped' || c.conclusion === 'neutral');
-    const failedChecks = allChecks.filter(c => c.conclusion === 'failure' || c.conclusion === 'timed_out' || c.conclusion === 'action_required');
+    const failedChecks = allChecks.filter(c => c.conclusion === 'failure' || c.conclusion === 'error' || c.conclusion === 'timed_out' || c.conclusion === 'action_required');
     const cancelledChecks = allChecks.filter(c => c.conclusion === 'cancelled');
     const staleChecks = allChecks.filter(c => c.conclusion === 'stale');
     const pendingChecks = allChecks.filter(c => (c.status === 'in_progress' || c.status === 'waiting' || c.status === 'requested' || c.status === 'pending') && c.conclusion === null);

package/src/isolation-runner.lib.mjs

@@ -13,6 +13,10 @@
  */
 
 import crypto from 'crypto';
+import { spawn } from 'node:child_process';
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
 
 if (typeof use === 'undefined') {
   globalThis.use = (await eval(await (await fetch('https://unpkg.com/use-m/use.js')).text())).use;
@@ -24,6 +28,11 @@ const { $ } = await use('command-stream');
 const VALID_ISOLATION_BACKENDS = ['screen', 'tmux', 'docker'];
 const RUNNING_SESSION_STATUSES = new Set(['executing', 'running']);
 const TERMINAL_SESSION_STATUSES = new Set(['executed', 'completed', 'failed', 'cancelled', 'canceled', 'error']);
+const DEFAULT_HIVE_MIND_IMAGE = 'konard/hive-mind:latest';
+const DEFAULT_HIVE_MIND_DIND_IMAGE = 'konard/hive-mind-dind:latest';
+const DOCKER_ISOLATION_TRACKING_BACKEND = 'screen';
+const DOCKER_CONTAINER_HOME = '/home/box';
+const DOCKER_CONTAINER_PREFIX = 'hive-mind-isolation';
 
 function normalizeProcessIds(value) {
   if (!value || typeof value !== 'object') return {};
@@ -35,6 +44,149 @@ function normalizeProcessIds(value) {
   return out;
 }
 
+function normalizeTool(tool) {
+  return String(tool || 'claude')
+    .trim()
+    .toLowerCase();
+}
+
+function shellQuote(value) {
+  const stringValue = String(value);
+  if (stringValue === '') return "''";
+  return `'${stringValue.replaceAll("'", "'\\''")}'`;
+}
+
+function shellDoubleQuote(value) {
+  return `"${String(value).replaceAll('\\', '\\\\').replaceAll('"', '\\"').replaceAll('$', '\\$').replaceAll('`', '\\`')}"`;
+}
+
+function buildShellCommand(command, args = []) {
+  return [command, ...args].map(shellQuote).join(' ');
+}
+
+function makeDockerContainerName(sessionId) {
+  const normalizedSession = String(sessionId || crypto.randomUUID()).replace(/[^a-zA-Z0-9_.-]/g, '-');
+  return `${DOCKER_CONTAINER_PREFIX}-${normalizedSession}`;
+}
+
+function shouldRunPrivilegedDockerIsolation(image, env = process.env) {
+  return String(env.HIVE_MIND_IMAGE_VARIANT || '').toLowerCase() === 'dind' || String(image || '').includes('hive-mind-dind');
+}
+
+function maybeAddMount(mounts, source, target, existsSync) {
+  if (!source) return;
+  if (!existsSync(source)) return;
+  mounts.push({ source, target });
+}
+
+/**
+ * Pick the Docker image used for `--isolation docker`.
+ *
+ * start-command defaults its Docker backend to a base OS image. Hive Mind needs
+ * an image with the same CLI/tooling baseline as the parent process instead.
+ */
+export function getDockerIsolationImage({ env = process.env } = {}) {
+  if (env.HIVE_MIND_DOCKER_ISOLATION_IMAGE) return env.HIVE_MIND_DOCKER_ISOLATION_IMAGE;
+  return String(env.HIVE_MIND_IMAGE_VARIANT || '').toLowerCase() === 'dind' ? DEFAULT_HIVE_MIND_DIND_IMAGE : DEFAULT_HIVE_MIND_IMAGE;
+}
+
+/**
+ * Build host auth mounts for a Docker-isolated task.
+ *
+ * GitHub auth is mounted for every task because solve/hive/task need gh. Tool
+ * credentials are deliberately scoped: Codex sessions do not receive Claude
+ * files and Claude sessions do not receive Codex files.
+ */
+export function getDockerIsolationAuthMounts({ tool = 'claude', env = process.env, homeDir = os.homedir(), existsSync = fs.existsSync } = {}) {
+  const mounts = [];
+  const normalizedTool = normalizeTool(tool);
+
+  maybeAddMount(mounts, env.GH_CONFIG_DIR || path.join(homeDir, '.config', 'gh'), path.join(DOCKER_CONTAINER_HOME, '.config', 'gh'), existsSync);
+
+  if (normalizedTool === 'codex') {
+    maybeAddMount(mounts, path.join(homeDir, '.codex'), path.join(DOCKER_CONTAINER_HOME, '.codex'), existsSync);
+  } else if (normalizedTool === 'claude') {
+    maybeAddMount(mounts, path.join(homeDir, '.claude'), path.join(DOCKER_CONTAINER_HOME, '.claude'), existsSync);
+    maybeAddMount(mounts, path.join(homeDir, '.claude.json'), path.join(DOCKER_CONTAINER_HOME, '.claude.json'), existsSync);
+  }
+
+  return mounts;
+}
+
+/**
+ * Build the shell command executed inside a start-command wrapper session for
+ * Docker isolation. The wrapper remains a start-command session so Telegram can
+ * keep using the same status/log lifecycle while Hive Mind controls image and
+ * auth mounts directly.
+ */
+export function buildDockerIsolationCommand(command, args = [], options = {}) {
+  const { sessionId, tool = 'claude', env = process.env, homeDir = os.homedir(), existsSync = fs.existsSync } = options;
+  const image = getDockerIsolationImage({ env });
+  const innerCommand = buildShellCommand(command, args);
+  const dockerArgs = ['docker', 'run', '--rm', '--name', makeDockerContainerName(sessionId), '--workdir', DOCKER_CONTAINER_HOME, '-e', `HOME=${DOCKER_CONTAINER_HOME}`, '-e', `HIVE_MIND_PARENT_SESSION_ID=${sessionId || ''}`];
+
+  if (shouldRunPrivilegedDockerIsolation(image, env)) {
+    dockerArgs.push('--privileged');
+  }
+
+  const imageVariant = image.includes('hive-mind-dind') ? 'dind' : env.HIVE_MIND_IMAGE_VARIANT || 'regular';
+  dockerArgs.push('-e', `HIVE_MIND_IMAGE_VARIANT=${imageVariant}`);
+
+  for (const mount of getDockerIsolationAuthMounts({ tool, env, homeDir, existsSync })) {
+    dockerArgs.push('--volume', `${mount.source}:${mount.target}`);
+  }
+
+  dockerArgs.push(image, 'bash', '-lc');
+
+  return [...dockerArgs.map(shellQuote), shellDoubleQuote(innerCommand)].join(' ');
+}
+
+export function buildStartCommandArgs(command, args = [], options = {}) {
+  const { backend, sessionId } = options;
+  if (backend === 'docker') {
+    return ['--isolated', DOCKER_ISOLATION_TRACKING_BACKEND, '--detached', '--session', sessionId, '--', buildDockerIsolationCommand(command, args, options)];
+  }
+  return ['--isolated', backend, '--detached', '--session', sessionId, '--', buildShellCommand(command, args)];
+}
+
+async function runStartCommand(binPath, startCommandArgs) {
+  return await new Promise(resolve => {
+    const child = spawn(binPath, startCommandArgs, {
+      stdio: ['ignore', 'pipe', 'pipe'],
+      env: process.env,
+    });
+
+    let stdout = '';
+    let stderr = '';
+
+    child.stdout.on('data', data => {
+      stdout += data.toString();
+    });
+    child.stderr.on('data', data => {
+      stderr += data.toString();
+    });
+    child.on('error', error => {
+      resolve({
+        success: false,
+        output: (stdout + stderr).trim(),
+        error: error.message,
+      });
+    });
+    child.on('close', code => {
+      const output = (stdout + (stderr ? `\n${stderr}` : '')).trim();
+      if (code === 0) {
+        resolve({ success: true, output, error: null });
+      } else {
+        resolve({
+          success: false,
+          output,
+          error: stderr.trim() || `start-command exited with code ${code}`,
+        });
+      }
+    });
+  });
+}
+
 /**
  * Generate a UUID v4 for unique session identification
  * @returns {string} UUID v4 string
@@ -169,6 +321,7 @@ async function findStartCommandBinary() {
  * @param {Object} options - Isolation options
  * @param {string} options.backend - Isolation backend: 'screen', 'tmux', or 'docker'
  * @param {string} [options.sessionId] - UUID for session tracking (auto-generated if not provided)
+ * @param {string} [options.tool] - AI tool selected for the task; used to scope Docker auth mounts
  * @param {boolean} [options.verbose] - Enable verbose logging
  * @returns {Promise<{success: boolean, sessionId: string, output: string, error?: string, warning?: string}>}
  */
@@ -201,47 +354,40 @@ export async function executeWithIsolation(command, args, options = {}) {
     console.log(`[VERBOSE] isolation-runner: Backend: ${backend}, Session ID: ${sessionId}`);
   }
 
-  // Build arguments as array for the $ CLI:
-  // $ --isolated <backend> --detached --session <sessionId> -- <command> <args...>
-  const argsStr = args.join(' ');
+  const startCommandArgs = buildStartCommandArgs(command, args, { ...options, sessionId });
 
   if (verbose) {
-    console.log(`[VERBOSE] isolation-runner: $ --isolated ${backend} --detached --session ${sessionId} -- ${command} ${argsStr}`);
+    console.log(`[VERBOSE] isolation-runner: ${[binPath, ...startCommandArgs].map(shellQuote).join(' ')}`);
+    if (backend === 'docker') {
+      const image = getDockerIsolationImage({ env: options.env || process.env });
+      const mounts = getDockerIsolationAuthMounts({ tool: options.tool, env: options.env || process.env, homeDir: options.homeDir || os.homedir(), existsSync: options.existsSync || fs.existsSync });
+      console.log(`[VERBOSE] isolation-runner: Docker isolation image: ${image}`);
+      console.log(`[VERBOSE] isolation-runner: Docker isolation mounts: ${mounts.map(m => m.target).join(', ') || '(none)'}`);
+    }
   }
 
-  try {
-    const result = await $({ mirror: false })`${binPath} --isolated ${backend} --detached --session ${sessionId} -- ${command} ${argsStr}`;
-
-    const stdout = result.stdout?.toString() || '';
-    const stderr = result.stderr?.toString() || '';
-    const output = stdout + (stderr ? '\n' + stderr : '');
+  const result = await runStartCommand(binPath, startCommandArgs);
 
-    if (verbose) {
-      console.log(`[VERBOSE] isolation-runner: Output: ${output.substring(0, 500)}`);
-    }
+  if (verbose) {
+    const stream = result.success ? console.log : console.error;
+    stream(`[VERBOSE] isolation-runner: Output: ${result.output.substring(0, 500)}`);
+    if (result.error) stream(`[VERBOSE] isolation-runner: Error: ${result.error}`);
+  }
 
+  if (result.success) {
     return {
       success: true,
       sessionId,
-      output: output.trim(),
-    };
-  } catch (error) {
-    const stdout = error.stdout?.toString() || '';
-    const stderr = error.stderr?.toString() || '';
-    const output = stdout + stderr;
-
-    if (verbose) {
-      console.error(`[VERBOSE] isolation-runner: Error: ${error.message}`);
-      console.error(`[VERBOSE] isolation-runner: Output: ${output.substring(0, 500)}`);
-    }
-
-    return {
-      success: false,
-      sessionId,
-      output: output.trim(),
-      error: error.message,
+      output: result.output,
     };
   }
+
+  return {
+    success: false,
+    sessionId,
+    output: result.output,
+    error: result.error,
+  };
 }
 
 /**
@@ -378,12 +524,14 @@ export async function isSessionRunning(sessionId, options = {}) {
     }
   }
 
-  // Fallback: for screen backend, check screen -ls directly.
+  // Fallback: for screen-backed sessions, check screen -ls directly.
+  // Docker isolation is also tracked through a screen wrapper so Hive Mind can
+  // control image selection and credential mounts while preserving logs/status.
   // Only use this when $ --status has no usable record. This works around
   // older start-command bugs where:
   // 1. $ --status can't find session by --session name (only by internal UUID)
   // See: https://github.com/link-assistant/hive-mind/issues/1545
-  if (backend === 'screen' && shouldFallbackToScreenStatus(result)) {
+  if ((backend === 'screen' || backend === 'docker') && shouldFallbackToScreenStatus(result)) {
     const screenRunning = await checkScreenSessionRunning(sessionId, verbose);
     if (screenRunning && verbose) {
       console.log(`[VERBOSE] isolation-runner: $ --status says not running, but screen -ls confirms session '${sessionId}' is still active`);

package/src/solve.auto-merge-helpers.lib.mjs

@@ -78,6 +78,9 @@ const formatRunLine = run => {
 const toolComments = await import('./tool-comments.lib.mjs');
 const { SESSION_ENDING_MARKERS, isToolGeneratedComment, isToolTrackedCommentId, trackToolCommentId } = toolComments;
 
+const externalReviewLimitLib = await import('./external-review-limit.lib.mjs');
+const { formatExternalReviewLimitCheck, splitExternalReviewLimitChecks } = externalReviewLimitLib;
+
 /**
  * Issue #1323: Check if a comment with specific content already exists on the PR
  * This prevents duplicate status comments when multiple processes or restarts occur
@@ -798,11 +801,22 @@ export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, c
           sha: ciStatus.sha,
         });
       }
-      blockers.push({
-        type: 'ci_failure',
-        message: 'CI/CD checks are failing',
-        details: ciStatus.failedChecks.map(c => c.name),
-      });
+      const { limitedChecks, actionableFailedChecks } = splitExternalReviewLimitChecks(ciStatus.failedChecks);
+      if (limitedChecks.length > 0) {
+        blockers.push({
+          type: 'external_review_limit',
+          message: 'External review check was not executed because credits/rate limits are exhausted',
+          details: limitedChecks.map(formatExternalReviewLimitCheck),
+          checks: limitedChecks,
+        });
+      }
+      if (actionableFailedChecks.length > 0) {
+        blockers.push({
+          type: 'ci_failure',
+          message: 'CI/CD checks are failing',
+          details: actionableFailedChecks.map(c => c.name),
+        });
+      }
     }
   } else if (ciStatus.status === 'unknown') {
     // Unable to determine CI status - treat as pending to be safe

package/src/solve.auto-merge.lib.mjs

@@ -61,7 +61,10 @@ const { buildCancelledCIReviewComment, getRetriggerableWorkflowRuns, shouldStopF
 
 // Issue #1625: Shared marker constants + posting/tracking helpers
 const toolComments = await import('./tool-comments.lib.mjs');
-const { READY_TO_MERGE_MARKER, AUTO_RESTART_MARKER, AUTO_MERGED_MARKER, postTrackedComment } = toolComments;
+const { READY_TO_MERGE_MARKER, READY_FOR_REVIEW_MARKER, AUTO_RESTART_MARKER, AUTO_MERGED_MARKER, postTrackedComment } = toolComments;
+
+const externalReviewLimitLib = await import('./external-review-limit.lib.mjs');
+const { buildReadyForReviewComment } = externalReviewLimitLib;
 
 // Issue #1728: Per-iteration working session summary attachment helper
 // Issue #1763: Per-iteration PR ↔ issue link verification (so a clobbered
@@ -517,7 +520,44 @@ Once the billing issue is resolved, you can re-run the CI checks or push a new c
 
       // Reason 2: CI failures (only if NOT a billing limit issue and NOT just cancelled)
       // Only restart AI when we have genuine code failures (real feedback to act on)
+      const externalReviewLimitBlocker = blockers.find(b => b.type === 'external_review_limit');
       const ciBlocker = blockers.find(b => b.type === 'ci_failure');
+      const hasMergeConflictBlocker = blockers.some(b => b.type === 'not_mergeable' && b.message?.includes('conflicts'));
+      if (externalReviewLimitBlocker && !ciBlocker && !billingBlocker && !cancelledBlocker && !hasNewComments && !hasUncommittedChanges && !hasMergeConflictBlocker) {
+        await log('');
+        await log(formatAligned('🟡', 'READY FOR REVIEW', 'External review quota/credit limit requires human decision'));
+        for (const detail of externalReviewLimitBlocker.details || []) {
+          await log(formatAligned('', 'Check not executed:', detail, 2));
+        }
+        await log(formatAligned('', 'Action:', 'Stopping auto-restart without starting another AI session', 2));
+
+        try {
+          const commentSignature = `## 🟡 ${READY_FOR_REVIEW_MARKER}`;
+          const hasExistingReadyForReviewComment = await checkForExistingComment(owner, repo, prNumber, commentSignature, argv.verbose);
+          if (hasExistingReadyForReviewComment) {
+            await log(formatAligned('', `Skipping duplicate "${READY_FOR_REVIEW_MARKER}" comment (already posted by another process)`, '', 2));
+          } else {
+            const commentBody = buildReadyForReviewComment({
+              blocker: externalReviewLimitBlocker,
+              ciStatus,
+            });
+            await postTrackedComment({ $, owner, repo, targetNumber: prNumber, body: commentBody });
+            await log(formatAligned('', '💬 Posted ready-for-review notification to PR', '', 2));
+          }
+        } catch (commentError) {
+          reportError(commentError, {
+            context: 'post_external_review_limit_comment',
+            owner,
+            repo,
+            prNumber,
+            operation: 'comment_on_pr',
+          });
+          await log(formatAligned('', '⚠️  Could not post ready-for-review comment to PR', '', 2));
+        }
+
+        return { success: false, reason: 'external_review_limit', latestSessionId, latestAnthropicCost };
+      }
+
       if (ciBlocker && !billingBlocker) {
         shouldRestart = true;
         restartReason = restartReason ? `${restartReason}; CI failures` : 'CI failures detected';

package/src/telegram-command-execution.lib.mjs

@@ -115,7 +115,7 @@ export function buildExecuteAndUpdateMessage(deps) {
     if (iso) {
       session = iso.runner.generateSessionId();
       VERBOSE && console.log(`[VERBOSE] Using isolation (${iso.backend}), session: ${session}`);
-      result = await iso.runner.executeWithIsolation(commandName, args, { backend: iso.backend, sessionId: session, verbose: VERBOSE });
+      result = await iso.runner.executeWithIsolation(commandName, args, { backend: iso.backend, sessionId: session, tool, verbose: VERBOSE });
       if (result.success) {
         sessionInfo = { ...baseSessionInfo, isolationBackend: iso.backend, sessionId: session };
         trackSession(session, sessionInfo, VERBOSE);

package/src/telegram-isolation.lib.mjs

@@ -79,7 +79,8 @@ export function createIsolationAwareQueueCallback(botIsolationBackend, botIsolat
     const iso = await resolveIsolation(item.perCommandIsolation, botIsolationBackend, botIsolationRunner, verbose);
     if (iso) {
       const sid = iso.runner.generateSessionId();
-      const r = await iso.runner.executeWithIsolation(item.command || 'solve', item.args, { backend: iso.backend, sessionId: sid, verbose });
+      const tool = item.tool || 'claude';
+      const r = await iso.runner.executeWithIsolation(item.command || 'solve', item.args, { backend: iso.backend, sessionId: sid, tool, verbose });
       if (r.success)
         trackSession(
           sid,
@@ -91,7 +92,7 @@ export function createIsolationAwareQueueCallback(botIsolationBackend, botIsolat
             command: item.command || 'solve',
             isolationBackend: iso.backend,
             sessionId: sid,
-            tool: item.tool || 'claude',
+            tool,
             infoBlock: item.infoBlock,
             // Issue #1688: propagate URL context + requester through the queue so the
             //   completion notification can append a 'Pull request:' line and skip

package/src/telegram-log-command.lib.mjs

@@ -109,8 +109,9 @@ export function resolveLogPath({ statusResult, isolationBackend }) {
   if (statusResult?.logPath) return statusResult.logPath;
   const uuid = statusResult?.uuid;
   if (!uuid) return null;
-  if (isolationBackend && ISOLATION_BACKENDS.has(isolationBackend)) {
-    return path.join('/tmp/start-command/logs/isolation', isolationBackend, `${uuid}.log`);
+  const logBackend = statusResult?.isolation || isolationBackend;
+  if (logBackend && ISOLATION_BACKENDS.has(logBackend)) {
+    return path.join('/tmp/start-command/logs/isolation', logBackend, `${uuid}.log`);
   }
   return path.join('/tmp/start-command/logs/direct', `${uuid}.log`);
 }

package/src/tool-comments.lib.mjs

@@ -49,6 +49,9 @@ export const AUTO_RESTART_UNTIL_MERGEABLE_LOG_MARKER = 'Auto-restart-until-merge
 // solve.auto-merge.lib.mjs — "ready to merge" status comments
 export const READY_TO_MERGE_MARKER = 'Ready to merge';
 
+// solve.auto-merge.lib.mjs — external review quota/credit stop comments
+export const READY_FOR_REVIEW_MARKER = 'Ready for review';
+
 // solve.auto-merge.lib.mjs — "auto-merged successfully" status comments
 export const AUTO_MERGED_MARKER = 'Auto-merged';
 
@@ -107,7 +110,7 @@ export const USAGE_LIMIT_REACHED_MARKER = 'Usage Limit Reached';
  * named constants above so that adding a new marker only requires adding
  * the constant and appending it here.
  */
-export const TOOL_GENERATED_COMMENT_MARKERS = [AI_WORK_SESSION_STARTED_MARKER, AI_WORK_SESSION_COMPLETED_MARKER, AI_WORK_SESSION_RESUMED_MARKER, AUTO_RESUME_ON_LIMIT_RESET_MARKER, AUTO_RESTART_ON_LIMIT_RESET_MARKER, SOLUTION_DRAFT_LOG_MARKER, AUTO_RESTART_MARKER, AUTO_RESTART_UNTIL_MERGEABLE_LOG_MARKER, READY_TO_MERGE_MARKER, AUTO_MERGED_MARKER, BILLING_LIMIT_MARKER, CANCELLED_CI_REVIEW_MARKER, MAINTAINER_ACCESS_REQUEST_MARKER, LIVE_PROGRESS_SECTION_START_MARKER, SESSION_FORCE_KILLED_MARKER, REPOSITORY_INITIALIZATION_REQUIRED_MARKER, INTERACTIVE_SESSION_STARTED_MARKER, INTERACTIVE_SESSION_ENDED_MARKER, NOW_WORKING_SESSION_IS_ENDED_MARKER, SOLUTION_DRAFT_FAILED_MARKER, SOLUTION_DRAFT_FINISHED_WITH_ERRORS_MARKER, USAGE_LIMIT_REACHED_MARKER, WORKING_SESSION_SUMMARY_AUTOMATION_MARKER];
+export const TOOL_GENERATED_COMMENT_MARKERS = [AI_WORK_SESSION_STARTED_MARKER, AI_WORK_SESSION_COMPLETED_MARKER, AI_WORK_SESSION_RESUMED_MARKER, AUTO_RESUME_ON_LIMIT_RESET_MARKER, AUTO_RESTART_ON_LIMIT_RESET_MARKER, SOLUTION_DRAFT_LOG_MARKER, AUTO_RESTART_MARKER, AUTO_RESTART_UNTIL_MERGEABLE_LOG_MARKER, READY_TO_MERGE_MARKER, READY_FOR_REVIEW_MARKER, AUTO_MERGED_MARKER, BILLING_LIMIT_MARKER, CANCELLED_CI_REVIEW_MARKER, MAINTAINER_ACCESS_REQUEST_MARKER, LIVE_PROGRESS_SECTION_START_MARKER, SESSION_FORCE_KILLED_MARKER, REPOSITORY_INITIALIZATION_REQUIRED_MARKER, INTERACTIVE_SESSION_STARTED_MARKER, INTERACTIVE_SESSION_ENDED_MARKER, NOW_WORKING_SESSION_IS_ENDED_MARKER, SOLUTION_DRAFT_FAILED_MARKER, SOLUTION_DRAFT_FINISHED_WITH_ERRORS_MARKER, USAGE_LIMIT_REACHED_MARKER, WORKING_SESSION_SUMMARY_AUTOMATION_MARKER];
 
 /**
  * Markers that indicate the end of a working session. Used by