@lnilluv/pi-ralph-loop 0.3.0 → 1.1.0

package/tests/ralph-draft-llm.test.ts

@@ -0,0 +1,434 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, mkdirSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import test from "node:test";
+import type { AssistantMessage } from "@mariozechner/pi-ai";
+import {
+  buildDraftRequest,
+  buildRepoContext,
+  extractDraftMetadata,
+  inspectRepo,
+  parseRalphMarkdown,
+  type DraftRequest,
+} from "../src/ralph.ts";
+import { SECRET_PATH_POLICY_TOKEN } from "../src/secret-paths.ts";
+import {
+  buildStrengtheningPrompt,
+  strengthenDraftWithLlm,
+  type StrengthenDraftRuntime,
+} from "../src/ralph-draft-llm.ts";
+
+function createTempRepo(): string {
+  return mkdtempSync(join(tmpdir(), "pi-ralph-llm-"));
+}
+
+function writeTextFile(root: string, relativePath: string, content: string): void {
+  const fullPath = join(root, relativePath);
+  mkdirSync(join(fullPath, ".."), { recursive: true });
+  writeFileSync(fullPath, content, "utf8");
+}
+
+function makeRequest(): DraftRequest {
+  const repoSignals = {
+    packageManager: "npm" as const,
+    testCommand: "npm test",
+    lintCommand: "npm run lint",
+    hasGit: true,
+    topLevelDirs: ["src", "tests"],
+    topLevelFiles: ["package.json", "README.md"],
+  };
+
+  return buildDraftRequest(
+    "Fix flaky auth tests",
+    { slug: "fix-flaky-auth-tests", dirPath: "/repo/fix-flaky-auth-tests", ralphPath: "/repo/fix-flaky-auth-tests/RALPH.md" },
+    repoSignals,
+    {
+      ...buildRepoContext(repoSignals),
+      summaryLines: [
+        "package manager: npm",
+        "test command: npm test",
+        "lint command: npm run lint",
+        "git repository: present",
+        "top-level dirs: src, tests",
+        "top-level files: package.json, README.md",
+      ],
+      selectedFiles: [
+        {
+          path: "src/auth.ts",
+          reason: "auth logic looks relevant",
+          content: "export const authEnabled = true;\nexport function login() { return true; }\n",
+        },
+        {
+          path: "tests/auth.test.ts",
+          reason: "captures the flaky auth path",
+          content: "import assert from 'node:assert/strict';\nassert.equal(true, true);\n",
+        },
+      ],
+    },
+  );
+}
+
+function makeRuntime(overrides: Partial<StrengthenDraftRuntime> = {}): StrengthenDraftRuntime {
+  const model: NonNullable<StrengthenDraftRuntime["model"]> = {
+    provider: "anthropic",
+    id: "claude-sonnet",
+    name: "Claude Sonnet",
+    api: "anthropic-messages",
+    baseUrl: "https://example.invalid",
+    reasoning: false,
+    input: ["text"],
+    cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+    contextWindow: 200_000,
+    maxTokens: 8_192,
+  };
+
+  const modelRegistry: StrengthenDraftRuntime["modelRegistry"] = {
+    async getApiKeyAndHeaders() {
+      return { ok: true, apiKey: "test-api-key", headers: { "x-test": "1" } };
+    },
+  };
+
+  return {
+    model: Object.prototype.hasOwnProperty.call(overrides, "model") ? overrides.model : model,
+    modelRegistry: overrides.modelRegistry ?? modelRegistry,
+  };
+}
+
+function makeAssistantMessage(content: AssistantMessage["content"]): AssistantMessage {
+  return {
+    role: "assistant",
+    api: "openai-responses",
+    provider: "anthropic",
+    model: "claude-sonnet",
+    content,
+    usage: {
+      input: 0,
+      output: 0,
+      cacheRead: 0,
+      cacheWrite: 0,
+      totalTokens: 0,
+      cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0, total: 0 },
+    },
+    stopReason: "stop",
+    timestamp: 0,
+  };
+}
+
+function promptText(prompt: ReturnType<typeof buildStrengtheningPrompt>): string {
+  return [prompt.systemPrompt ?? "", ...prompt.messages.map((message) => (typeof message.content === "string" ? message.content : ""))].join("\n");
+}
+
+test("buildStrengtheningPrompt includes the full prompt contract and repo signals", () => {
+  const request = makeRequest();
+  const prompt = buildStrengtheningPrompt(request, "body-only");
+  const text = promptText(prompt);
+
+  assert.match(text, /Fix flaky auth tests/);
+  assert.match(text, /inferred mode: fix/i);
+  assert.match(text, /package manager: npm/);
+  assert.match(text, /test command: npm test/);
+  assert.match(text, /lint command: npm run lint/);
+  assert.match(text, /src\/auth\.ts/);
+  assert.match(text, /auth logic looks relevant/);
+  assert.match(text, /export const authEnabled = true;/);
+  assert.match(text, /tests\/auth\.test\.ts/);
+  assert.match(text, /captures the flaky auth path/);
+  assert.match(text, /export function login\(\) \{ return true; \}/);
+  assert.match(text, /deterministic baseline draft/i);
+  assert.match(text, /return only a complete RALPH\.md/i);
+});
+
+test("buildStrengtheningPrompt states the body-and-commands compatibility contract", () => {
+  const request = makeRequest();
+  const prompt = buildStrengtheningPrompt(request, "body-and-commands");
+  const text = promptText(prompt);
+
+  assert.match(text, /strengthening scope: body-and-commands/i);
+  assert.match(text, /body-and-commands scope/i);
+  assert.match(text, /command names and run strings must match the deterministic baseline exactly/i);
+  assert.match(text, /max_iterations may stay the same or decrease from the deterministic baseline, never increase/i);
+  assert.match(text, /top-level timeout may stay the same or decrease from the deterministic baseline, never increase/i);
+  assert.match(text, /per-command timeout may stay the same or decrease from that command's baseline timeout, and must still be <= timeout/i);
+  assert.match(text, /completion_promise must remain unchanged, including remaining absent when absent from the baseline/i);
+  assert.match(text, /every \{\{\s*commands\.<name>\s*\}\} must refer to an accepted command/i);
+  assert.match(text, /baseline guardrails remain fixed in this phase/i);
+  assert.match(text, /unsupported frontmatter changes are rejected and fall back automatically/i);
+});
+
+test("buildStrengtheningPrompt omits secret-bearing top-level repo names", (t) => {
+  const cwd = createTempRepo();
+  t.after(() => rmSync(cwd, { recursive: true, force: true }));
+
+  writeTextFile(cwd, ".env", "TOKEN=one\n");
+  writeTextFile(cwd, ".npmrc", "registry=https://example.invalid\n");
+  mkdirSync(join(cwd, ".ssh"), { recursive: true });
+  mkdirSync(join(cwd, "secrets"), { recursive: true });
+  mkdirSync(join(cwd, "credentials"), { recursive: true });
+  mkdirSync(join(cwd, "src"), { recursive: true });
+  writeTextFile(cwd, "package.json", JSON.stringify({ name: "demo", scripts: { test: "vitest", lint: "eslint ." } }, null, 2));
+
+  const repoSignals = inspectRepo(cwd);
+  const request = buildDraftRequest(
+    "Reverse engineer this app",
+    { slug: "reverse-engineer-this-app", dirPath: "/repo/reverse-engineer-this-app", ralphPath: "/repo/reverse-engineer-this-app/RALPH.md" },
+    repoSignals,
+    buildRepoContext(repoSignals),
+  );
+  const prompt = buildStrengtheningPrompt(request, "body-only");
+  const text = promptText(prompt);
+
+  assert.ok(repoSignals.topLevelFiles.includes("package.json"));
+  assert.ok(repoSignals.topLevelDirs.includes("src"));
+  assert.ok(!repoSignals.topLevelFiles.includes(".env"));
+  assert.ok(!repoSignals.topLevelFiles.includes(".npmrc"));
+  assert.ok(!repoSignals.topLevelDirs.includes(".ssh"));
+  assert.ok(!repoSignals.topLevelDirs.includes("secrets"));
+  assert.ok(!repoSignals.topLevelDirs.includes("credentials"));
+
+  for (const token of [".env", ".npmrc", ".ssh", "secrets", "credentials"]) {
+    assert.ok(!text.includes(token), `unexpected leaked token in prompt: ${token}`);
+  }
+  assert.match(text, /package manager: npm/);
+  assert.match(text, /package\.json/);
+});
+
+test("buildStrengtheningPrompt omits .env* top-level repo names from repo signals and prompt text", (t) => {
+  const cwd = createTempRepo();
+  t.after(() => rmSync(cwd, { recursive: true, force: true }));
+
+  writeTextFile(cwd, ".envrc", "TOKEN=one\n");
+  writeTextFile(cwd, ".env.production", "TOKEN=two\n");
+  writeTextFile(cwd, ".npmrc", "registry=https://example.invalid\n");
+  mkdirSync(join(cwd, ".ssh"), { recursive: true });
+  mkdirSync(join(cwd, "src"), { recursive: true });
+  writeTextFile(cwd, "package.json", JSON.stringify({ name: "demo", scripts: { test: "vitest", lint: "eslint ." } }, null, 2));
+
+  const repoSignals = inspectRepo(cwd);
+  const request = buildDraftRequest(
+    "Reverse engineer this app",
+    { slug: "reverse-engineer-this-app", dirPath: "/repo/reverse-engineer-this-app", ralphPath: "/repo/reverse-engineer-this-app/RALPH.md" },
+    repoSignals,
+    buildRepoContext(repoSignals),
+  );
+  const prompt = buildStrengtheningPrompt(request, "body-only");
+  const text = promptText(prompt);
+
+  assert.ok(repoSignals.topLevelFiles.includes("package.json"));
+  assert.ok(!repoSignals.topLevelFiles.includes(".envrc"));
+  assert.ok(!repoSignals.topLevelFiles.includes(".env.production"));
+  assert.ok(!request.repoContext.summaryLines.some((line) => line.includes(".envrc")));
+  assert.ok(!request.repoContext.summaryLines.some((line) => line.includes(".env.production")));
+  assert.ok(!text.includes(".envrc"));
+  assert.ok(!text.includes(".env.production"));
+  assert.match(text, /package manager: npm/);
+  assert.match(text, /package\.json/);
+});
+
+test("buildStrengtheningPrompt redacts secret-bearing target paths", () => {
+  const request = makeRequest();
+
+  for (const [ralphPath, leakedPrefix] of [
+    ["/repo/config/secrets/task/RALPH.md", "/repo/config/secrets/task"],
+    ["/repo/credentials/task/RALPH.md", "/repo/credentials/task"],
+  ] as const) {
+    const prompt = buildStrengtheningPrompt(
+      {
+        ...request,
+        target: { ...request.target, ralphPath },
+      },
+      "body-only",
+    );
+    const text = promptText(prompt);
+
+    assert.ok(!text.includes(ralphPath), `unexpected leaked target path in prompt: ${ralphPath}`);
+    assert.ok(!text.includes(leakedPrefix), `unexpected leaked target path prefix in prompt: ${ralphPath}`);
+    assert.match(text, /Target file: RALPH\.md/);
+  }
+});
+
+test("strengthenDraftWithLlm falls back when the selected model is missing", async () => {
+  const request = makeRequest();
+  const result = await strengthenDraftWithLlm(request, makeRuntime({ model: undefined }), {
+    completeImpl: async () => {
+      throw new Error("should not be called");
+    },
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});
+
+test("strengthenDraftWithLlm falls back when auth lookup fails", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime({
+    modelRegistry: {
+      async getApiKeyAndHeaders() {
+        return { ok: false, error: "no auth" };
+      },
+    },
+  });
+
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    completeImpl: async () => {
+      throw new Error("should not be called");
+    },
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});
+
+test("strengthenDraftWithLlm falls back when auth succeeds but apiKey is missing", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime({
+    modelRegistry: {
+      async getApiKeyAndHeaders() {
+        return { ok: true, headers: { "x-test": "1" } };
+      },
+    },
+  });
+
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    completeImpl: async () => {
+      throw new Error("should not be called");
+    },
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});
+
+test("strengthenDraftWithLlm falls back on timeout", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime();
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    timeoutMs: 1,
+    completeImpl: async () => await new Promise<never>(() => {}),
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});
+
+test("strengthenDraftWithLlm normalizes a stronger full draft while preserving deterministic frontmatter", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime();
+  const rawDraft = `---\ncommands:\n  - name: rogue\n    run: rm -rf /\n    timeout: 1\nmax_iterations: 1\ntimeout: 1\nguardrails:\n  block_commands:\n    - allow-all\n  protected_files:\n    - tmp/**\n---\nTask: Fix flaky auth tests\n\nAdd concrete verification steps, summarize the auth regression, and end with a concrete checklist.`;
+
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    scope: "body-only",
+    completeImpl: async () =>
+      makeAssistantMessage([
+        { type: "thinking", thinking: "drafting" },
+        { type: "text", text: rawDraft },
+      ]),
+  });
+
+  assert.equal(result.kind, "llm-strengthened");
+  const parsed = parseRalphMarkdown(result.draft.content);
+  const baseline = parseRalphMarkdown(request.baselineDraft);
+
+  assert.deepEqual(result.draft.target, request.target);
+  assert.deepEqual(parsed.frontmatter, baseline.frontmatter);
+  assert.match(parsed.body, /Add concrete verification steps/);
+  assert.deepEqual(extractDraftMetadata(result.draft.content), {
+    generator: "pi-ralph-loop",
+    version: 2,
+    source: "llm-strengthened",
+    task: "Fix flaky auth tests",
+    mode: "fix",
+  });
+});
+
+test("strengthenDraftWithLlm accepts only compatible body-and-commands changes", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime();
+  const baseline = parseRalphMarkdown(request.baselineDraft);
+  const [testsCommand, , gitLogCommand] = baseline.frontmatter.commands;
+  const rawDraft = `---
+commands:
+  - name: ${gitLogCommand.name}
+    run: ${gitLogCommand.run}
+    timeout: ${Math.max(1, gitLogCommand.timeout - 5)}
+  - name: ${testsCommand.name}
+    run: ${testsCommand.run}
+    timeout: ${Math.max(1, testsCommand.timeout - 15)}
+max_iterations: ${Math.max(1, baseline.frontmatter.maxIterations - 5)}
+timeout: ${Math.max(1, Math.min(baseline.frontmatter.timeout, 120))}
+guardrails:
+  block_commands:
+    - 'git\\s+push'
+  protected_files:
+    - '${SECRET_PATH_POLICY_TOKEN}'
+---
+${baseline.body.replace(/\{\{ commands\.lint \}\}/g, "")}
+
+Use {{ commands.${testsCommand.name} }} and {{ commands.${gitLogCommand.name} }}.
+`;
+
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    scope: "body-and-commands",
+    completeImpl: async () => makeAssistantMessage([{ type: "text", text: rawDraft }]),
+  });
+
+  assert.equal(result.kind, "llm-strengthened");
+  const parsed = parseRalphMarkdown(result.draft.content);
+
+  assert.deepEqual(result.draft.target, request.target);
+  assert.deepEqual(parsed.frontmatter.commands, [
+    { name: gitLogCommand.name, run: gitLogCommand.run, timeout: Math.max(1, gitLogCommand.timeout - 5) },
+    { name: testsCommand.name, run: testsCommand.run, timeout: Math.max(1, testsCommand.timeout - 15) },
+  ]);
+  assert.equal(parsed.frontmatter.maxIterations, Math.max(1, baseline.frontmatter.maxIterations - 5));
+  assert.equal(parsed.frontmatter.timeout, Math.max(1, Math.min(baseline.frontmatter.timeout, 120)));
+  assert.deepEqual(parsed.frontmatter.guardrails, baseline.frontmatter.guardrails);
+  assert.equal(parsed.body.trim(), `${baseline.body.replace(/\{\{ commands\.lint \}\}/g, "").trim()}\n\nUse {{ commands.${testsCommand.name} }} and {{ commands.${gitLogCommand.name} }}.`.trim());
+  assert.deepEqual(extractDraftMetadata(result.draft.content), {
+    generator: "pi-ralph-loop",
+    version: 2,
+    source: "llm-strengthened",
+    task: "Fix flaky auth tests",
+    mode: "fix",
+  });
+});
+
+test("strengthenDraftWithLlm falls back when unsupported frontmatter changes are requested in body-and-commands scope", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime();
+  const baseline = parseRalphMarkdown(request.baselineDraft);
+  const [testsCommand, , gitLogCommand] = baseline.frontmatter.commands;
+  const rawDraft = `---
+commands:
+  - name: ${gitLogCommand.name}
+    run: ${gitLogCommand.run}
+    timeout: ${gitLogCommand.timeout}
+  - name: ${testsCommand.name}
+    run: ${testsCommand.run}
+    timeout: ${testsCommand.timeout}
+max_iterations: ${baseline.frontmatter.maxIterations}
+timeout: ${baseline.frontmatter.timeout}
+guardrails:
+  block_commands:
+    - 'git\\s+push'
+    - 'rm\\s+-rf'
+  protected_files: []
+---
+${baseline.body}
+
+Use {{ commands.${testsCommand.name} }} and {{ commands.${gitLogCommand.name} }}.
+`;
+
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    scope: "body-and-commands",
+    completeImpl: async () => makeAssistantMessage([{ type: "text", text: rawDraft }]),
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});
+
+test("strengthenDraftWithLlm falls back on invalid model output", async () => {
+  const request = makeRequest();
+  const runtime = makeRuntime();
+  const result = await strengthenDraftWithLlm(request, runtime, {
+    completeImpl: async () => makeAssistantMessage([{ type: "text", text: "This is not a complete RALPH draft." }]),
+  });
+
+  assert.deepEqual(result, { kind: "fallback" });
+});

package/tests/ralph-draft.test.ts

@@ -0,0 +1,168 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import test from "node:test";
+import { createDraftPlan } from "../src/ralph-draft.ts";
+import { generateDraft, slugifyTask, type DraftPlan, type DraftTarget } from "../src/ralph.ts";
+import type { StrengthenDraftRuntime } from "../src/ralph-draft-llm.ts";
+
+function createTempDir(): string {
+  return mkdtempSync(join(tmpdir(), "pi-ralph-loop-draft-"));
+}
+
+function createTarget(cwd: string, task: string): DraftTarget {
+  const slug = slugifyTask(task);
+  return {
+    slug,
+    dirPath: join(cwd, slug),
+    ralphPath: join(cwd, slug, "RALPH.md"),
+  };
+}
+
+function makeDraftPlan(task: string, target: DraftTarget, source: DraftPlan["source"], cwd: string): DraftPlan {
+  const base = generateDraft(task, target, {
+    packageManager: "npm",
+    testCommand: "npm test",
+    lintCommand: "npm run lint",
+    hasGit: true,
+    topLevelDirs: ["src", "tests"],
+    topLevelFiles: ["package.json"],
+  });
+
+  return {
+    ...base,
+    source,
+    target,
+    content: base.content,
+  };
+}
+
+function makeRuntime(): StrengthenDraftRuntime {
+  return {
+    model: {
+      provider: "anthropic",
+      id: "claude-sonnet-4-5",
+      name: "Claude Sonnet 4.5",
+      api: "anthropic-messages",
+      baseUrl: "https://example.invalid",
+      reasoning: false,
+      input: ["text"],
+      cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
+      contextWindow: 200_000,
+      maxTokens: 8_192,
+    },
+    modelRegistry: {
+      async getApiKeyAndHeaders(model) {
+        assert.equal(model.id, "claude-sonnet-4-5");
+        return { ok: true, apiKey: "active-api-key", headers: { "x-runtime": "1" } };
+      },
+    },
+  };
+}
+
+const CLEAN_ENV_KEYS = [
+  "ANTHROPIC_OAUTH_TOKEN",
+  "ANTHROPIC_API_KEY",
+  "GOOGLE_CLOUD_API_KEY",
+  "GOOGLE_APPLICATION_CREDENTIALS",
+  "GOOGLE_CLOUD_PROJECT",
+  "GCLOUD_PROJECT",
+  "GOOGLE_CLOUD_LOCATION",
+  "COPILOT_GITHUB_TOKEN",
+  "GH_TOKEN",
+  "GITHUB_TOKEN",
+  "OPENAI_API_KEY",
+  "AZURE_OPENAI_API_KEY",
+  "GEMINI_API_KEY",
+  "GROQ_API_KEY",
+  "CEREBRAS_API_KEY",
+  "XAI_API_KEY",
+  "OPENROUTER_API_KEY",
+  "AI_GATEWAY_API_KEY",
+  "ZAI_API_KEY",
+  "MISTRAL_API_KEY",
+  "MINIMAX_API_KEY",
+  "MINIMAX_CN_API_KEY",
+  "HF_TOKEN",
+  "OPENCODE_API_KEY",
+  "KIMI_API_KEY",
+  "AWS_PROFILE",
+  "AWS_ACCESS_KEY_ID",
+  "AWS_SECRET_ACCESS_KEY",
+  "AWS_BEARER_TOKEN_BEDROCK",
+  "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",
+  "AWS_CONTAINER_CREDENTIALS_FULL_URI",
+  "AWS_WEB_IDENTITY_TOKEN_FILE",
+] as const;
+
+function clearEnv() {
+  const snapshot = new Map<string, string | undefined>();
+  for (const key of CLEAN_ENV_KEYS) {
+    snapshot.set(key, process.env[key]);
+    delete process.env[key];
+  }
+  return snapshot;
+}
+
+function restoreEnv(snapshot: Map<string, string | undefined>) {
+  for (const [key, value] of snapshot) {
+    if (typeof value === "undefined") {
+      delete process.env[key];
+    } else {
+      process.env[key] = value;
+    }
+  }
+}
+
+test("createDraftPlan strengthens with an injected active model runtime", async (t) => {
+  const cwd = createTempDir();
+  t.after(() => rmSync(cwd, { recursive: true, force: true }));
+
+  const snapshot = clearEnv();
+  t.after(() => restoreEnv(snapshot));
+
+  const task = "reverse engineer this app";
+  const target = createTarget(cwd, task);
+  const runtime = makeRuntime();
+  const activeModel = runtime.model;
+  assert.ok(activeModel);
+  let strengthenCalls = 0;
+
+  const draft = await createDraftPlan(task, target, cwd, runtime, {
+    strengthenDraftWithLlmImpl: async (request, runtimeArg, options) => {
+      strengthenCalls += 1;
+      assert.equal(runtimeArg.model?.id, activeModel.id);
+      assert.equal(runtimeArg.modelRegistry, runtime.modelRegistry);
+      assert.equal(options?.scope, "body-and-commands");
+      assert.match(request.baselineDraft, /reverse engineer this app/);
+      return { kind: "llm-strengthened", draft: makeDraftPlan(task, target, "llm-strengthened", cwd) };
+    },
+  });
+
+  assert.equal(strengthenCalls, 1);
+  assert.equal(draft.source, "llm-strengthened");
+  assert.deepEqual(draft.target, target);
+});
+
+test("createDraftPlan falls back when no active model is selected", async (t) => {
+  const cwd = createTempDir();
+  t.after(() => rmSync(cwd, { recursive: true, force: true }));
+
+  const snapshot = clearEnv();
+  t.after(() => restoreEnv(snapshot));
+
+  const task = "reverse engineer this app";
+  const target = createTarget(cwd, task);
+  let strengthenCalls = 0;
+
+  const draft = await createDraftPlan(task, target, cwd, undefined, {
+    strengthenDraftWithLlmImpl: async () => {
+      strengthenCalls += 1;
+      throw new Error("should not be called when no active model is available");
+    },
+  });
+
+  assert.equal(strengthenCalls, 0);
+  assert.equal(draft.source, "fallback");
+});