@lumoai/cli 1.21.0 → 1.23.0

package/assets/skill/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: lumo
-description: 'Use the Lumo CLI to load task context, manage session bindings, and run tasks / projects / milestones / sprints / docs / memory from the terminal. Activate when: the user mentions a Lumo task identifier (LUM-42 etc.), asks to load task background/context, wants to bind/check/detach a Claude Code session''s task, is about to start work on a task, or wants to create/update/list/show/comment on tasks, projects, milestones, sprints, documents, artifacts, Figma links, or memory. Triggers on: "LUM-", "task context", "load context", "session start", "session attach", "session status", "session detach", "which task", "what task am I on", "work on LUM", "session wrap", "wrap up session", "进度评论", "卡住检测", "fragment usage vote", "mark used fragments", "which fragments did I use", "--used", "上下文使用投票", "标记用过的记忆", "create task", "new task", "file a task", "list tasks", "my tasks", "show task", "view task", "comment on task", "update task", "change task status", "rename task", "reassign task", "mark task as done", "lumo next", "next task", "what should I work on", "推荐下一个任务", "list projects", "what projects", "milestone", "里程碑", "list/create/update/delete/show milestone", "set milestone", "attach/unbind milestone", "tasks in milestone", "search milestones", "find milestone", "milestone health", "at-risk", "overdue", "archive/unarchive milestone", "归档里程碑", "milestone summary", "里程碑复盘", "reorder/move milestone", "排序里程碑", "milestone add/remove", "挂任务到里程碑", "auth login", "log in", "logout", "sign out", "switch account", "whoami", "who am I", "current workspace", "登录", "切换账号", "create/update/list/show/delete doc", "write doc", "写文档", "新建文档", "修改文档", "查看文档", "bind/unbind doc", "把文档关联到任务", "doc scope", "personal/workspace doc", "tag", "add/remove tag", "标签", "share/unshare doc", "分享文档", "doc share-list", "viewer/editor/manager", "doc tree", "doc move", "move/reparent doc", "移动文档", "sprint", "冲刺", "迭代", "create/list/show/update/delete sprint", "start/close sprint", "开始/关闭冲刺", "add to sprint", "active sprints", "sprint summary", "冲刺总结", "把任务挂到冲刺", "sprint health", "sprint risk", "is this sprint at risk", "冲刺风险", "冲刺健康度", "sprint blockers", "冲刺阻塞", "lumo update", "upgrade lumo", "升级 lumo", "new lumo version", "lumo setup", "install lumo skill/hooks", "wire up lumo", "set up lumo", "安装 lumo", "配置 lumo", "task artifact", "artifact add/list/show/update/rm", "spec artifact", "record/attach spec", "attach plan", "记录 spec", "查看 artifact", figma, attach figma, figma link, 关联 figma, 设计稿, figma design, "memory", "记忆", "remember", "record a memory", "记一条", "promote memory", "promote to project", "沉淀", "task/project memory", "retrieval", "取全文", "拉全文", "task slack show", "看 thread", "show slack thread", "task web show", "web 正文", "task figma context", "figma metadata", "task comments list", "list comments", "看评论", "task pr show", "查看 PR", "show pr", "PR 详情", "import google doc", "sync google doc", "google drive", "doc import-gdoc", "doc sync", "导入/同步 google 文档", "mark blocked", "blocked tag", "标记 blocked", "stuck", "repeatedly failing", "worktree", "git worktree", "并行 worktree", "scaffold worktree", "新建 worktree", "node_modules 软链", "worktree 隔离", "lumo worktree add/rm/list", "task lineage", "lineage", "causal trail", "审计", "因果链", "成本归因", "trace context", "--signal", "usage signal health", "auto usage audit", "自动使用审计", "signal-health".'
+description: 'Use the Lumo CLI to load task context, manage session bindings, and run tasks / projects / milestones / sprints / docs / memory from the terminal. Activate when: the user mentions a Lumo task identifier (LUM-42 etc.), asks to load task background/context, wants to bind/check/detach a Claude Code session''s task, is about to start work on a task, or wants to create/update/list/show/comment on tasks, projects, milestones, sprints, documents, artifacts, Figma links, or memory. Triggers on: "LUM-", "task context", "load context", "session start", "session attach", "session status", "session detach", "which task", "what task am I on", "work on LUM", "session wrap", "wrap up session", "进度评论", "卡住检测", "fragment usage vote", "mark used fragments", "which fragments did I use", "--used", "上下文使用投票", "标记用过的记忆", "create task", "new task", "file a task", "list tasks", "my tasks", "show task", "view task", "comment on task", "update task", "change task status", "rename task", "reassign task", "mark task as done", "lumo next", "next task", "what should I work on", "推荐下一个任务", "list projects", "what projects", "milestone", "里程碑", "list/create/update/delete/show milestone", "set milestone", "attach/unbind milestone", "tasks in milestone", "search milestones", "find milestone", "milestone health", "at-risk", "overdue", "archive/unarchive milestone", "归档里程碑", "milestone summary", "里程碑复盘", "reorder/move milestone", "排序里程碑", "milestone add/remove", "挂任务到里程碑", "auth login", "log in", "logout", "sign out", "switch account", "whoami", "who am I", "current workspace", "登录", "切换账号", "create/update/list/show/delete doc", "write doc", "写文档", "新建文档", "修改文档", "查看文档", "bind/unbind doc", "把文档关联到任务", "doc scope", "personal/workspace doc", "tag", "add/remove tag", "标签", "share/unshare doc", "分享文档", "doc share-list", "viewer/editor/manager", "doc tree", "doc move", "move/reparent doc", "移动文档", "sprint", "冲刺", "迭代", "create/list/show/update/delete sprint", "start/close sprint", "开始/关闭冲刺", "add to sprint", "active sprints", "sprint summary", "冲刺总结", "把任务挂到冲刺", "sprint health", "sprint risk", "is this sprint at risk", "冲刺风险", "冲刺健康度", "sprint blockers", "冲刺阻塞", "lumo update", "upgrade lumo", "升级 lumo", "new lumo version", "lumo setup", "install lumo skill/hooks", "wire up lumo", "set up lumo", "安装 lumo", "配置 lumo", "task artifact", "artifact add/list/show/update/rm", "spec artifact", "record/attach spec", "attach plan", "记录 spec", "查看 artifact", figma, attach figma, figma link, 关联 figma, 设计稿, figma design, "memory", "记忆", "remember", "record a memory", "记一条", "promote memory", "promote to project", "沉淀", "task/project memory", "retrieval", "取全文", "拉全文", "task slack show", "看 thread", "show slack thread", "task web show", "web 正文", "task figma context", "figma metadata", "task comments list", "list comments", "看评论", "task pr show", "查看 PR", "show pr", "PR 详情", "task deps", "dependency", "dependencies", "依赖", "依赖边", "blocked by", "blocker", "confirm dependency", "dismiss dependency", "确认依赖", "忽略依赖", "import google doc", "sync google doc", "google drive", "doc import-gdoc", "doc sync", "导入/同步 google 文档", "mark blocked", "blocked tag", "标记 blocked", "stuck", "repeatedly failing", "worktree", "git worktree", "并行 worktree", "scaffold worktree", "新建 worktree", "node_modules 软链", "worktree 隔离", "lumo worktree add/rm/list", "task criteria", "criteria set", "criteria list", "acceptance criteria", "验收标准", "验收合约", "draft criteria", "草拟验收", "definition of done", "task lineage", "lineage", "causal trail", "审计", "因果链", "成本归因", "trace context", "--signal", "usage signal health", "auto usage audit", "自动使用审计", "signal-health".'
 ---
 
 ## Prerequisites
@@ -25,6 +25,7 @@ The command catalog below is a **map**: it lists every command grouped by domain
 | `task context`, retrieval (`slack/web/figma context`, `comments list`, `pr show`) | [references/task-context.md](references/task-context.md)       |
 | `task create/update/list/show/comment`, `next`                                    | [references/tasks.md](references/tasks.md)                     |
 | `task artifact*`, `task figma*`                                                   | [references/artifacts-figma.md](references/artifacts-figma.md) |
+| `task criteria set/list`, drafting the acceptance contract                        | [references/criteria.md](references/criteria.md)               |
 | `project list`, `milestone*`                                                      | [references/milestones.md](references/milestones.md)           |
 | `doc*`                                                                            | [references/docs.md](references/docs.md)                       |
 | `sprint*`                                                                         | [references/sprints.md](references/sprints.md)                 |
@@ -60,6 +61,20 @@ The command catalog below is a **map**: it lists every command grouped by domain
 - `lumo task show <id>` — print one task's detail
 - `lumo task comment <id> <body>` — leave a comment
 
+**Task dependencies**
+
+- `lumo task deps list <id>` — list dependency edges in both directions, grouped CONFIRMED / SUGGESTED(待确认) / DISMISSED; each row shows a short edge id `[xxxxxxxx]`, the other task, and detected evidence (`shared_files(N 个共享文件: …)` / `task_mention(…)`); SUGGESTED rows include a copy-pasteable confirm hint
+- `lumo task deps add <id> --blocked-by <LUM-N>` — declare a manual hard dependency (created CONFIRMED, source MANUAL; if a SUGGESTED/DISMISSED edge already exists in the same direction, it is confirmed in place rather than creating a new row)
+- `lumo task deps confirm <id> <edge> [--reverse]` — confirm a detected candidate; `<edge>` is a short edge-id prefix (≥6 chars) or the other task's identifier (case-insensitive); `--reverse` flips the direction when the detector guessed it backwards
+- `lumo task deps dismiss <id> <edge>` — dismiss a candidate (never re-suggested)
+- `lumo task deps rm <id> <edge> --yes` — delete an edge (refuses without `--yes`)
+- On an ambiguous/unknown `<edge>` selector the CLI prints all candidates with short ids and exits 1 — retry with one of them
+
+**Acceptance criteria（验收合约）** — see [criteria.md](references/criteria.md)
+
+- `lumo task criteria set <task> --file <criteria.json> [--human]` — submit the whole contract: default = initial agent draft (AGENT_DRAFT, locked once submitted); `--human` = a HUMAN_EDIT revision transcribed from the conversation (desired final list; items with `id` keep/update, missing ones are deleted)
+- `lumo task criteria list <task>` — print the contract (id, MACHINE/HUMAN, provenance source@round, checkpointer)
+
 **Artifacts & Figma** — see [artifacts-figma.md](references/artifacts-figma.md)
 
 - `lumo task artifact add/update/list/show/rm` — record spec/plan products on a task
@@ -114,6 +129,7 @@ Typical flow when a user says "help me with LUM-42":
 1. `lumo session attach LUM-42` — bind this session
 2. `lumo task context LUM-42` — load background
 3. Review unresolved items, PR-review todos, and the task description
-4. Begin working on the task
+4. **If the task has no acceptance criteria** (context shows the 草拟提醒 instead of a contract): draft 3–7 outcome-level criteria and submit them with `lumo task criteria set` **before writing the first line of code** — see [criteria.md](references/criteria.md) for the drafting guide
+5. Begin working on the task
 
 **Git-suggest at start:** when the session is unbound, session-start may infer the task from the git branch / recent commits and print a suggestion — `检测到 LUM-N … 运行 lumo session attach LUM-N 绑定。` — **without** binding. Confirm it's the right task, then run `lumo session attach <LUM-N>` yourself (binding only happens on an explicit attach). See [sessions.md](references/sessions.md) for the full session-start behavior.

package/assets/skill/references/criteria.md

@@ -0,0 +1,124 @@
+# Acceptance criteria（验收合约）
+
+The acceptance contract is a small set of structured criteria the task's work
+will be verified against (Acceptance v1, LUM-341/342). The agent drafts it;
+the server validates and stores it; verification rounds (`lumo verify`,
+Slice 1 任务 ③) judge against it. Criteria are injected at session start and
+in `lumo task context` as the `## 验收标准（合约）` section.
+
+## When to draft — the golden rule
+
+**Attach → read context → draft criteria → THEN write the first line of code.**
+
+If `lumo task context` / session-start shows 该任务尚无验收标准 instead of a
+contract, you MUST draft and submit criteria before starting implementation:
+
+1. Read the task description, comments, linked resources, and memory first —
+   the contract distills what "done" means, so understand the task before
+   writing it.
+2. Draft **3–7 criteria** (soft range — the server warns outside it but never
+   rejects; if you genuinely need more, merge related checks instead).
+3. Submit with `lumo task criteria set <task> --file <criteria.json>`.
+   Submission **locks the contract for agent edits** — get it right before
+   submitting, because afterwards only human revisions (`--human`) can change it.
+
+Once you (the agent) have started work, you can NOT change your own contract.
+That's by design: the contract is what your work gets judged against, not a
+to-do list you trim to fit what you built.
+
+## How to write good criteria
+
+- **Outcome-level definition of done, not micro-steps.** A criterion states a
+  verifiable result ("`lumo task criteria set` rejects a second agent draft
+  with 409"), not a task step ("add a check in the service").
+- **Repo-wide baselines don't take slots.** Tests pass / `tsc --noEmit` clean /
+  i18n locale parity / lint are already required by the repo's PR checklist —
+  never spend one of your 3–7 criteria on them.
+- **MACHINE vs HUMAN:**
+  - `MACHINE` = an executable check exists. It **must** carry a `checkpointer`
+    (the runnable check: a test command, script, probe…). The checkpointer
+    runs on the agent's machine; the structured verdict is reported back to
+    the server (执行在客户端，裁判在服务端).
+  - `HUMAN` = needs human judgment (UX feel, copy tone, design fidelity).
+  - **If you can't attach a checkpointer to a MACHINE criterion, demote it to
+    HUMAN** — the server rejects checkpointer-less MACHINE criteria rather
+    than silently rewriting them. Don't invent a fake checkpointer to keep it
+    MACHINE.
+- `evidenceRequired: true` marks criteria whose verdict must point at proof
+  (a MACHINE PASS always requires evidence regardless of this flag).
+
+## JSON file format
+
+`criteria.json` is a JSON array; one object per criterion:
+
+```json
+[
+  {
+    "statement": "PUT /api/tasks/[id]/criteria rejects a second AGENT_DRAFT submission with 409",
+    "verifierType": "MACHINE",
+    "checkpointer": "npx jest __tests__/task-criteria.service.test.ts -t 'agent lock'"
+  },
+  {
+    "statement": "The criteria section reads naturally as part of the task statement",
+    "verifierType": "HUMAN"
+  },
+  {
+    "statement": "Session-start injection shows the contract ahead of memory",
+    "verifierType": "MACHINE",
+    "checkpointer": "npx jest __tests__/cli/hook-runner-session-start-stdout.test.ts",
+    "evidenceRequired": true
+  }
+]
+```
+
+Fields: `statement` (required, ≤2000 chars), `verifierType` (`"MACHINE"` |
+`"HUMAN"`), `checkpointer` (required for MACHINE), `evidenceRequired`
+(optional, default false), `id` (only in `--human` revisions — see below).
+
+## Commands
+
+### `lumo task criteria set <task> --file <criteria.json>`
+
+Initial agent draft. Creates the whole contract as `AGENT_DRAFT` at round 0.
+Rejected with 409 once **any** criteria exist on the task — the agent lock.
+Echoes the stored criteria (with ids) plus the 3–7 soft-cap warning if
+outside range.
+
+### `lumo task criteria set <task> --file <criteria.json> --human`
+
+Record a **human contract revision** (HUMAN_EDIT), e.g. when the user changes
+the contract in conversation — you transcribe their decision. Allowed at any
+time, even after the agent lock. The file is the **desired final list**:
+
+- items carrying an `id` (from `criteria list`) keep that criterion — changed
+  fields update it and stamp it `HUMAN_EDIT`; identical fields leave it (and
+  its provenance) untouched
+- items without `id` are created as `HUMAN_EDIT`
+- existing criteria missing from the file are **deleted** — refused with 409
+  if the criterion already has verification runs (reword it instead)
+
+The revision is auto-recorded as a task comment with the session 出处
+(`X-Lumo-Session-Id`). **Transcribing the contract is allowed; transcribing a
+verdict is never** — human verdicts only enter through human-initiated paths
+(web UI / Slack action), and the agent has no write path to them.
+
+Only use `--human` for decisions a human actually made (in conversation, in a
+comment, in review). Never use it to work around your own lock.
+
+### `lumo task criteria list <task>`
+
+Print the contract: `<id>  [MACHINE|HUMAN]  SOURCE@rN  [evidence]  statement`
+plus an indented `↳ check:` line for checkpointers. Use it to fetch ids
+before a `--human` revision. Empty contract prints a drafting pointer.
+
+## Injection behavior
+
+- **Session start** (bound task): the contract is the highest-priority
+  section in the injection budget — ahead of memory/PR/Slack/Figma/web. If a
+  still-open task has no criteria, a 草拟提醒 is injected instead.
+- **`lumo session attach`**: prints the contract (or the 草拟提醒) right after
+  binding.
+- **`lumo task context`**: the `## 验收标准（合约）` section appears after the
+  task description, before memory.
+- Review-time gap findings (`REVIEW_ADDED`, appended at the round they
+  surface) arrive via the verification loop (任务 ③), not via `criteria set`.

package/assets/skill/references/sessions.md

@@ -35,6 +35,46 @@ When the session is bound, session-start may inject a **"🆕 待核对：上次
 
 Attribution requires the CC session id to reach the server: `lumo task update <id> --status done` automatically sends `CLAUDE_CODE_SESSION_ID` (via an `X-Lumo-Session-Id` header) so the resulting Layer 2 memories are attributed to the session. Marking a task done from the **web UI** leaves them unattributed (they won't surface for review) — that's expected.
 
+### Blocker alert injected at `session attach` / session-start
+
+When the bound task has live blockers or SUGGESTED dependency candidates, the attach output and session-start hook context inject a dependency warning block. The warning is built by `buildBlockerWarningSectionForTask` and is **omitted entirely** (empty string) when nothing is actionable — no output appears when there are no live blockers and no SUGGESTED candidates.
+
+**Trigger conditions (OR — either or both may appear):**
+1. At least one CONFIRMED "blocked by" edge where the blocking task's status is not DONE.
+2. At least one SUGGESTED (unconfirmed) dependency candidate on the task.
+
+**Output form A — live blockers exist (with or without SUGGESTED candidates):**
+
+Starts with the `## ⚠ 依赖告警` header, followed by one line per live blocker, then the advice line. If there are also SUGGESTED candidates the candidate-hint line is appended after the advice line.
+
+```
+## ⚠ 依赖告警
+
+- 本任务被 LUM-9「Fix auth token expiry」阻塞(状态 IN_PROGRESS)。
+- 本任务被 LUM-15「Upgrade Postgres driver」阻塞(状态 IN_REVIEW,PR #42 未 merge)。
+
+建议先等 blocker 合并再开工,避免白跑 run;如边已过时,用 `lumo task deps rm/dismiss` 清理。
+检测到 3 条候选依赖待确认:运行 `lumo task deps list LUM-42`。
+```
+
+**Output form B — NO live blockers, but SUGGESTED candidates exist:**
+
+Output is **only** the hint line — no `## ⚠ 依赖告警` header, no advice line. Design rationale: 纯候选是提示不是告警,不戴 ⚠ 头,避免稀释真告警。
+
+```
+检测到 3 条候选依赖待确认:运行 `lumo task deps list LUM-42`。
+```
+
+- Each blocker line shows: identifier, title, current status. If the blocking task has an open pull request, a `,PR #N` note is appended (no space after the comma) — `,PR #N (draft) 未 merge` for draft PRs.
+- The guidance line ("建议先等 blocker 合并…") appears only when there is at least one live blocker (form A).
+- The function never throws — if it fails it silently returns an empty string, leaving the session start unaffected.
+
+**Agent guidance — watch for EITHER the `## ⚠ 依赖告警` header (form A) OR the standalone hint line (form B):**
+- **Form A — live blockers:** Evaluate whether to wait. If the blocking task's work overlaps with yours (same files, same API surface), starting immediately risks rework. Read the blocker's status and open PR note before deciding.
+- **Stale or wrong edge?** Run `lumo task deps list <LUM-N>` to inspect the full edge list, then `lumo task deps rm <LUM-N> <edge> --yes` (if manually added and now obsolete) or `lumo task deps dismiss <LUM-N> <edge>` (if a false positive from detection).
+- **Candidate hint present (form A or B)?** Run `lumo task deps list <LUM-N>` and review each SUGGESTED edge — confirm real ones, dismiss false positives. Leaving SUGGESTED edges unreviewed means repeated hints every session.
+- Do **not** blindly start work on a task whose live blocker is still IN_PROGRESS or IN_REVIEW unless the user explicitly decides to proceed in parallel.
+
 ### `lumo session attach <identifier>` — bind the current session to a task
 
 Use this whenever the user mentions a task ID. The command is the only way to bind a session to a task.
@@ -49,6 +89,8 @@ What it does:
 - Calls `POST /api/sessions/<session_id>/bind-task` on the Lumo server, which sets the Session row's `taskId` and re-tags previously-untagged HookEvent rows in this session.
 - The binding lives entirely on the server (`Session.taskId`); subsequent hooks read it back via the session row. The CLI keeps no local sentinel.
 
+- Prints the task's **验收标准（合约）** (acceptance contract, LUM-342) right after the bind confirmation — or, when a still-open task has none, the 草拟提醒 telling you to draft 3–7 criteria before the first line of code (see [criteria.md](criteria.md)). The same section is auto-injected at session start when the session is already bound (highest priority in the injection budget, ahead of memory).
+
 **After attaching, always run `lumo task context <identifier>` to load the task background.**
 
 #### Overwriting an existing binding (LUM-266)

package/assets/skill/references/task-context.md

@@ -15,14 +15,15 @@ Example: `lumo task context LUM-42`
 The command prints a markdown document to stdout containing:
 
 1. **Task header** — identifier, title, status, description
-2. **Memory section** — cross-session learnings accumulated over prior sessions; treat as trusted background context
-3. **Inline source cards** — Slack / web / Figma / artifacts / documents / comments / Pull Requests (see "Context Retrieval" below)
-4. **PR Review 待办** — mirrored PR review comments as a checkbox todo list: each line-level reviewer comment (shown as `` `file:line` `` + the reviewer's ask + a link to the GitHub comment) and each `changes_requested` review summary (shown as "🛑 整体要求改动"). Present only when the task's PR(s) have review comments. This same block is **auto-injected at session start** (alongside the memory section) when the session is bound to a task — so reviewer asks surface without re-running `task context`.
-   - The **inline source cards** (Slack / web / Figma / PR) are likewise **auto-injected at session start** when the session is bound, under a single global token budget shared with the memory section (priority: memory > PR > Slack > Figma > web). Cards that don't fit the budget are degraded to a one-line manifest carrying just the title and its `lumo task … show` retrieval command — so you still know they exist and can pull the full content on demand.
-5. **Previous sessions** — ordered newest-first, each with:
+2. **验收标准（合约）** — the task's acceptance criteria (LUM-342), shown right after the header. Each line: `[MACHINE|HUMAN] statement` with a `↳ check:` line for MACHINE checkpointers; HUMAN_EDIT / REVIEW_ADDED provenance is tagged inline. If a still-open task has none, a 草拟提醒 appears instead — draft 3–7 criteria **before writing code** (see [criteria.md](criteria.md))
+3. **Memory section** — cross-session learnings accumulated over prior sessions; treat as trusted background context
+4. **Inline source cards** — Slack / web / Figma / artifacts / documents / comments / Pull Requests (see "Context Retrieval" below)
+5. **PR Review 待办** — mirrored PR review comments as a checkbox todo list: each line-level reviewer comment (shown as `` `file:line` `` + the reviewer's ask + a link to the GitHub comment) and each `changes_requested` review summary (shown as "🛑 整体要求改动"). Present only when the task's PR(s) have review comments. This same block is **auto-injected at session start** (alongside the memory section) when the session is bound to a task — so reviewer asks surface without re-running `task context`.
+   - The **inline source cards** (Slack / web / Figma / PR) are likewise **auto-injected at session start** when the session is bound, under a single global token budget shared with the memory section (priority: criteria > memory > PR > Slack > Figma > web). Cards that don't fit the budget are degraded to a one-line manifest carrying just the title and its `lumo task … show` retrieval command — so you still know they exist and can pull the full content on demand.
+6. **Previous sessions** — ordered newest-first, each with:
    - A headline summary of what was done
    - Unresolved items (carry-over TODOs from that session)
-6. **飞轮信号 · 历史 merge 贡献** — appended at the very end. For each context fragment with enough history, a one-line historical merge-contribution signal (e.g. `出现在 5 个已闭合任务·4 merged (80%)`), computed from accumulated lineage edges. Denominator = distinct tasks where the fragment appeared with a resolved (non-UNKNOWN) outcome; only fragments with ≥3 such tasks are shown (cold-start gate), so the block is often absent early on. This is **historical correlation, not causation** — don't read it as a prediction.
+7. **飞轮信号 · 历史 merge 贡献** — appended at the very end. For each context fragment with enough history, a one-line historical merge-contribution signal (e.g. `出现在 5 个已闭合任务·4 merged (80%)`), computed from accumulated lineage edges. Denominator = distinct tasks where the fragment appeared with a resolved (non-UNKNOWN) outcome; only fragments with ≥3 such tasks are shown (cold-start gate), so the block is often absent early on. This is **historical correlation, not causation** — don't read it as a prediction.
 
 ### How to use the context
 

package/assets/skill/references/tasks.md

@@ -203,3 +203,133 @@ lumo task comment LUM-42 "Reproduced the redirect bug on staging — Safari only
 ```
 
 The CLI does not support @-mention chip syntax. If the user wants to ping someone, they should comment from the web UI.
+
+---
+
+## Task Dependencies (`lumo task deps …`)
+
+### `lumo task deps list <LUM-N>` — show all dependency edges
+
+Prints the task's dependency edges grouped into three sections: **CONFIRMED**, **SUGGESTED(待确认)**, and **DISMISSED**. Each row includes a short 8-character edge id in square brackets, the direction (`blocked by` / `blocks`), the other task's identifier and title, the other task's current status, the source (`MANUAL` or `DETECTED`), and inline evidence for detected edges.
+
+```bash
+lumo task deps list LUM-42
+```
+
+Example output:
+
+```
+Dependencies for LUM-42 (3)
+
+CONFIRMED
+  [a1b2c3d4] blocked by LUM-9「Fix auth token expiry」 IN_PROGRESS · MANUAL
+
+SUGGESTED(待确认)
+  [e5f6a7b8] blocks LUM-55「Migrate DB schema」 TODO · shared_files(4 个共享文件: src/db/schema.ts, src/db/migrate.ts, ...)
+      确认: lumo task deps confirm LUM-42 e5f6a7b8(方向反了加 --reverse;误报: dismiss)
+  [c9d0e1f2] blocked by LUM-38「Add OAuth scopes」 IN_REVIEW · task_mention(description)
+      确认: lumo task deps confirm LUM-42 c9d0e1f2(方向反了加 --reverse;误报: dismiss)
+
+DISMISSED
+  [b3c4d5e6] blocks LUM-12 · 已忽略
+```
+
+CONFIRMED and SUGGESTED rows show the other task's identifier, title, current status, and source/evidence. DISMISSED rows render as `[shortId] <direction> <identifier> · 已忽略` only — no title, status, or source.
+
+When there are no edges at all the output is:
+```
+Dependencies for LUM-42: 无依赖边。
+```
+
+**Evidence fields by detection signal:**
+- `shared_files` — `shared_files(N 个共享文件: path1, path2, …)` — number of shared write-touched files in the 14-day window, plus up to 5 sample paths.
+- `task_mention` — `task_mention(description)` or `task_mention(comment)` — the surface where the mention appeared.
+
+CONFIRMED rows also show `source`: `MANUAL` (user-declared via `deps add`) or `DETECTED` (auto-found then confirmed via `deps confirm`).
+
+### `lumo task deps add <LUM-N> --blocked-by <LUM-M>` — declare a manual hard dependency
+
+Asserts that LUM-N is blocked by LUM-M. The edge is created as CONFIRMED + MANUAL, meaning it is immediately in effect (no confirmation step required).
+
+```bash
+lumo task deps add LUM-42 --blocked-by LUM-9
+```
+
+Both `<LUM-N>` and `--blocked-by` are required. The command errors on usage if either is missing.
+
+**Service semantics (read before using):**
+- **Self-edge** → 400 ("A task cannot depend on itself").
+- **CONFIRMED edge in the same direction already exists** → 409 ("Dependency already exists").
+- **CONFIRMED edge in the reverse direction already exists** → the cycle guard fires and returns 409 ("Dependency would create a cycle").
+- **Pair has a SUGGESTED or DISMISSED edge** in the same direction → `add` confirms it in place, preserving the original DETECTED source (so the edge transitions to CONFIRMED while keeping its auto-detected provenance). No new row is created.
+- **Cycle guard** — the service runs a DFS over all CONFIRMED BLOCKS edges in the workspace before writing. If adding the edge would create a cycle → 409 ("Dependency would create a cycle").
+
+### `lumo task deps confirm <LUM-N> <edge> [--reverse]` — confirm a detected candidate
+
+Promotes a SUGGESTED edge to CONFIRMED. `<edge>` is a selector for the specific edge on LUM-N's edge list.
+
+```bash
+lumo task deps confirm LUM-42 e5f6a7b8           # confirm as detected direction
+lumo task deps confirm LUM-42 LUM-55              # selector by other task's identifier
+lumo task deps confirm LUM-42 e5f6a7b8 --reverse  # flip direction before confirming
+```
+
+**Edge selector semantics** (shared by `confirm`, `dismiss`, `rm`):
+- **Other task's identifier** (e.g., `LUM-55`) — case-insensitive exact match against the edge's other-task identifier. Resolves unambiguously when there is exactly one edge to that task.
+- **Edge-id prefix** — at least 6 characters of the short id (e.g., `e5f6a7`). Must match exactly one edge.
+- If zero or more than one edge matches → prints all candidate edges with short ids and exits 1. Retry with a more specific selector.
+
+**`--reverse` semantics:**
+- The detector's direction heuristic is best-effort. If the suggested direction is backwards (e.g., the detector says "LUM-42 blocks LUM-55" but actually LUM-55 blocks LUM-42), confirm with `--reverse` to flip before writing.
+- The service checks that the reversed pair does not already have an edge (→ 409), and re-runs the cycle guard with the flipped direction.
+
+### `lumo task deps dismiss <LUM-N> <edge>` — dismiss a candidate (immune to re-detection)
+
+Marks the edge DISMISSED. The row is kept in the database — this is the key difference from `rm`. Because the row exists (in either direction), the detection service will never re-suggest this pair.
+
+```bash
+lumo task deps dismiss LUM-42 e5f6a7b8
+lumo task deps dismiss LUM-42 LUM-38
+```
+
+Output: `Dismissed: [e5f6a7b8] LUM-38「Add OAuth scopes」(不再建议)`
+
+Use `dismiss` for false positives. Use `rm` only when you want the pair to be eligible for re-detection in the future (the detection service can re-suggest pairs with no existing row).
+
+### `lumo task deps rm <LUM-N> <edge> --yes` — delete an edge
+
+Hard-deletes the edge row. **Requires `--yes`** — the CLI refuses without it (no interactive prompt exists).
+
+```bash
+lumo task deps rm LUM-42 a1b2c3d4 --yes
+```
+
+Output: `Removed [a1b2c3d4] from LUM-42`
+
+**`rm` vs `dismiss`:** deleting removes the immunity — the detection service may re-suggest this pair the next time a shared-files sweep or task-mention event fires. Prefer `dismiss` for detection false positives; use `rm` to remove an incorrectly-declared MANUAL edge that you want fully erased.
+
+---
+
+### Detection red lines
+
+- The detection service **never creates CONFIRMED edges automatically**. All auto-detected candidates are SUGGESTED; a human must `confirm` or `add` for an edge to become CONFIRMED.
+- **Dismiss is pair-wise immunity**: once any edge exists between task A and task B (in either direction, regardless of status including DISMISSED), the detection service will not create a new candidate for that pair.
+- **`rm` lifts the immunity**: after deleting the only edge between A and B, the detector may re-suggest them on the next event or sweep.
+
+---
+
+### Detection signals
+
+**Signal 1 — `task_mention`**: fires when a task's description is updated or a comment is created. If the updated HTML contains @-mentions of other tasks, the mentioning task is recorded as depending on the mentioned task (direction heuristic: mentioner blocked by mentioned). Triggers immediately on write events; no cron needed.
+
+**Signal 2 — `shared_files`**: hourly cron sweep. Looks at write-tool hook events (file edits, creates, etc.) in the past 14 days. For every pair of open (non-DONE) tasks that share **≥ 3 written files**, a SUGGESTED edge is created. Direction heuristic: older task blocks newer task. Parent–child task pairs are skipped (they share files by design). Edges are not created across different workspaces.
+
+---
+
+### When to suggest `task deps` commands
+
+- **After `session attach` output shows a blocker warning or candidate-count hint** → run `lumo task deps list <LUM-N>` to review the full edge list, then `confirm` or `dismiss` each SUGGESTED candidate.
+- **User says "X needs to wait for Y" or "LUM-42 is blocked by LUM-9"** → run `lumo task deps add LUM-42 --blocked-by LUM-9`.
+- **Agent sees a `## ⚠ 依赖告警` block (form A — live blockers) at session-start** → evaluate whether to wait for the blocker to merge before starting work; if the edge is stale or wrong, clean it with `deps rm` or `deps dismiss`.
+- **Agent sees only a standalone hint line `检测到 N 条候选依赖待确认…` (form B — no live blockers)** → no immediate blocker, but run `lumo task deps list <LUM-N>` to review and confirm/dismiss SUGGESTED candidates. See [sessions.md](sessions.md) for the full alert format.
+- **User reports a false positive dependency suggestion** → `lumo task deps dismiss <LUM-N> <edge>` to permanently suppress it for this pair.

package/dist/cli/src/commands/session-attach.js

@@ -112,6 +112,16 @@ async function sessionAttach(identifier, options = {}) {
     }
     console.log(`Attached session ${sessionId} to ${body.taskIdentifier} "${(0, sanitize_1.sanitizeField)(body.taskTitle)}"`);
     console.log(`Re-tagged ${body.retaggedEventCount} previously-untagged event${body.retaggedEventCount === 1 ? '' : 's'} in this session.`);
+    // 告警先于 contract/memory:与 hook 注入顺序一致,短且可操作的信息优先。
+    if (body.blockerWarningSection) {
+        console.log('');
+        console.log((0, sanitize_1.sanitizeField)(body.blockerWarningSection));
+    }
+    // Contract next: it's what the upcoming work is judged against (LUM-342).
+    if (body.criteriaSection) {
+        console.log('');
+        console.log((0, sanitize_1.sanitizeField)(body.criteriaSection));
+    }
     if (body.memorySection !== '') {
         console.log('');
         console.log((0, sanitize_1.sanitizeField)(body.memorySection));

package/dist/cli/src/commands/task-context.js

@@ -70,6 +70,12 @@ function formatTaskContextMarkdown(data, now) {
         lines.push(`**Description**: ${(0, sanitize_1.sanitizeField)(body)}`);
     }
     lines.push('');
+    // The acceptance contract leads (LUM-342): it's what the work is judged
+    // against, so it reads as part of the task statement itself.
+    if (data.criteriaSection && data.criteriaSection.trim().length > 0) {
+        lines.push((0, sanitize_1.sanitizeField)(data.criteriaSection.trimEnd()));
+        lines.push('');
+    }
     // Frontload memory before sessions: it's cold context the agent should see
     // first. Server returns "" when empty, in which case we skip the section.
     if (data.memorySection && data.memorySection.trim().length > 0) {

package/dist/cli/src/commands/task-criteria-list.js

@@ -0,0 +1,69 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatCriteriaRows = formatCriteriaRows;
+exports.taskCriteriaList = taskCriteriaList;
+const config_1 = require("../lib/config");
+const api_1 = require("../lib/api");
+const sanitize_1 = require("../lib/sanitize");
+/**
+ * Render criteria rows for stdout. One line per criterion —
+ * `<id>  [TYPE]  SOURCE@rN  statement` — plus an indented checkpointer line
+ * when present. Shared by `criteria list` and the `criteria set` echo so the
+ * agent always sees the ids it needs for a later `--human` revision.
+ */
+function formatCriteriaRows(criteria) {
+    const lines = [];
+    for (const c of criteria) {
+        const provenance = `${c.source}@r${c.addedAtRound}`;
+        const evidence = c.evidenceRequired ? '  [evidence]' : '';
+        lines.push(`${c.id}  [${c.verifierType}]  ${provenance}${evidence}  ${(0, sanitize_1.sanitizeField)(c.statement)}`);
+        if (c.checkpointer) {
+            lines.push(`  ↳ check: ${(0, sanitize_1.sanitizeField)(c.checkpointer)}`);
+        }
+    }
+    return lines.length > 0 ? lines.join('\n') + '\n' : '';
+}
+/** `lumo task criteria list <task>` — print a task's acceptance contract. */
+async function taskCriteriaList(identifier) {
+    if (!identifier) {
+        console.error('Error: missing <task>. Usage: lumo task criteria list <LUM-42>');
+        return 1;
+    }
+    const creds = (0, config_1.readCredentials)();
+    if (!creds) {
+        console.error('Error: not logged in. Run `lumo auth login` first.');
+        return 1;
+    }
+    const apiUrl = (0, api_1.resolveAuthedApiUrl)(creds.apiUrl);
+    const base = (0, api_1.trimTrailingSlash)(apiUrl);
+    let res;
+    try {
+        res = await fetch(`${base}/api/tasks/${encodeURIComponent(identifier)}/criteria`, { headers: { Authorization: `Bearer ${creds.token}` } });
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`Error: could not reach Lumo API at ${apiUrl} (${msg})`);
+        return 1;
+    }
+    if (res.status === 401) {
+        console.error('Error: API key invalid or revoked. Run `lumo auth login`.');
+        return 1;
+    }
+    if (res.status === 404) {
+        console.error(`Error: task ${identifier} not found in workspace ${creds.workspaceSlug}`);
+        return 1;
+    }
+    if (!res.ok) {
+        console.error(`Error: criteria list failed (HTTP ${res.status})`);
+        return 1;
+    }
+    const data = (await res.json());
+    if (data.criteria.length === 0) {
+        process.stdout.write(`No acceptance criteria on ${identifier} — draft 3–7 and submit with lumo task criteria set ${identifier} --file <criteria.json>\n`);
+        return;
+    }
+    process.stdout.write(formatCriteriaRows(data.criteria));
+    if (data.warning) {
+        process.stdout.write(`⚠ ${(0, sanitize_1.sanitizeField)(data.warning)}\n`);
+    }
+}

package/dist/cli/src/commands/task-criteria-set.js

@@ -0,0 +1,126 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.taskCriteriaSet = taskCriteriaSet;
+const config_1 = require("../lib/config");
+const api_1 = require("../lib/api");
+const doc_input_1 = require("../lib/doc-input");
+const path_guard_1 = require("../lib/path-guard");
+const sanitize_1 = require("../lib/sanitize");
+const task_criteria_list_1 = require("./task-criteria-list");
+/** Client-side shape gate: fail fast on obviously malformed JSON before the
+ * round-trip. Full validation (statement length, MACHINE→checkpointer …)
+ * stays server-side. */
+function parseCriteriaJson(raw) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        return { ok: false, error: 'file is not valid JSON' };
+    }
+    if (!Array.isArray(parsed) || parsed.length === 0) {
+        return {
+            ok: false,
+            error: 'expected a non-empty JSON array of criteria, e.g. [{"statement":"…","verifierType":"MACHINE","checkpointer":"npx jest …"}]',
+        };
+    }
+    return { ok: true, items: parsed };
+}
+/**
+ * `lumo task criteria set <task> --file <criteria.json> [--human]`
+ *
+ * Submit a task's whole acceptance contract. Default = the agent's initial
+ * draft (AGENT_DRAFT, locked once submitted — the server rejects a second
+ * agent draft). `--human` records a HUMAN_EDIT revision: the file is the
+ * desired final list, items carrying an `id` keep/update that criterion,
+ * items without `id` are new, and existing criteria missing from the file
+ * are deleted (refused for criteria with recorded verification runs).
+ */
+async function taskCriteriaSet(identifier, options) {
+    if (!identifier) {
+        console.error('Error: missing <task>. Usage: lumo task criteria set <LUM-42> --file criteria.json');
+        return 1;
+    }
+    if (!options.file) {
+        console.error('Error: --file <path> is required (a JSON array of criteria).');
+        return 1;
+    }
+    const verdict = (0, path_guard_1.checkArtifactFilePath)(options.file);
+    if (!verdict.ok) {
+        if (verdict.reason === 'unreadable') {
+            console.error(`Error: could not read file ${options.file}`);
+        }
+        else {
+            console.error(`Error: refusing to read ${options.file} — ${verdict.detail}. ` +
+                `criteria --file must be a non-sensitive path inside the project directory.`);
+        }
+        return 1;
+    }
+    let raw;
+    try {
+        raw = await (0, doc_input_1.readFileUtf8)(verdict.resolved);
+    }
+    catch {
+        console.error(`Error: could not read file ${options.file}`);
+        return 1;
+    }
+    const parsed = parseCriteriaJson(raw);
+    if (!parsed.ok) {
+        console.error(`Error: ${parsed.error}`);
+        return 1;
+    }
+    const creds = (0, config_1.readCredentials)();
+    if (!creds) {
+        console.error('Error: not logged in. Run `lumo auth login` first.');
+        return 1;
+    }
+    const apiUrl = (0, api_1.resolveAuthedApiUrl)(creds.apiUrl);
+    const base = (0, api_1.trimTrailingSlash)(apiUrl);
+    const headers = {
+        Authorization: `Bearer ${creds.token}`,
+        'Content-Type': 'application/json',
+    };
+    // Session 出处 for HUMAN_EDIT transcriptions — the server records the
+    // revision (with this session id) as a task comment.
+    const sessionId = process.env.CLAUDE_CODE_SESSION_ID;
+    if (sessionId)
+        headers['X-Lumo-Session-Id'] = sessionId;
+    let res;
+    try {
+        res = await fetch(`${base}/api/tasks/${encodeURIComponent(identifier)}/criteria`, {
+            method: 'PUT',
+            headers,
+            body: JSON.stringify({
+                source: options.human ? 'HUMAN_EDIT' : 'AGENT_DRAFT',
+                criteria: parsed.items,
+            }),
+        });
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`Error: could not reach Lumo API at ${apiUrl} (${msg})`);
+        return 1;
+    }
+    if (res.status === 401) {
+        console.error('Error: API key invalid or revoked. Run `lumo auth login`.');
+        return 1;
+    }
+    if (res.status === 404) {
+        console.error(`Error: task ${identifier} not found in workspace ${creds.workspaceSlug}`);
+        return 1;
+    }
+    if (!res.ok) {
+        const body = (await res.json().catch(() => null));
+        const detail = body && typeof body.error === 'string' ? (0, sanitize_1.sanitizeField)(body.error) : '';
+        console.error(`Error: criteria set failed (HTTP ${res.status})${detail ? ` — ${detail}` : ''}`);
+        return 1;
+    }
+    const data = (await res.json());
+    process.stdout.write(options.human
+        ? `Recorded HUMAN_EDIT contract revision on ${identifier} (${data.criteria.length} criteria)\n`
+        : `Acceptance contract drafted on ${identifier} (${data.criteria.length} criteria) — locked for agent edits; human revisions via --human\n`);
+    process.stdout.write((0, task_criteria_list_1.formatCriteriaRows)(data.criteria));
+    if (data.warning) {
+        process.stdout.write(`⚠ ${(0, sanitize_1.sanitizeField)(data.warning)}\n`);
+    }
+}

package/dist/cli/src/commands/task-deps.js

@@ -0,0 +1,285 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveEdgeSelector = resolveEdgeSelector;
+exports.formatDepsList = formatDepsList;
+exports.taskDepsList = taskDepsList;
+exports.taskDepsAdd = taskDepsAdd;
+exports.taskDepsConfirm = taskDepsConfirm;
+exports.taskDepsDismiss = taskDepsDismiss;
+exports.taskDepsRm = taskDepsRm;
+const config_1 = require("../lib/config");
+const api_1 = require("../lib/api");
+const sanitize_1 = require("../lib/sanitize");
+/** 短 id = 前 8 位，展示与 selector 都用它。 */
+const shortId = (id) => id.slice(0, 8);
+/**
+ * Resolve a user-supplied edge selector against the task's edge list. Accepts
+ * either the other task's identifier (case-insensitive, exact) or an edge-id
+ * prefix of at least 6 chars. Returns null when nothing (or more than one
+ * edge) matches — callers print the candidate list and bail.
+ */
+function resolveEdgeSelector(edges, selector) {
+    const s = selector.trim();
+    const byIdent = edges.filter(e => e.other.identifier.toUpperCase() === s.toUpperCase());
+    if (byIdent.length === 1)
+        return byIdent[0] ?? null;
+    const byPrefix = edges.filter(e => e.id.startsWith(s));
+    if (s.length >= 6 && byPrefix.length === 1)
+        return byPrefix[0] ?? null;
+    return null;
+}
+/**
+ * Render the dependency edges of a task grouped by status. SUGGESTED rows get
+ * a copy-pasteable confirm hint with the short edge id; detected evidence
+ * (shared files / task mention) is summarized inline.
+ */
+function formatDepsList(identifier, edges) {
+    if (edges.length === 0)
+        return `Dependencies for ${identifier}: 无依赖边。`;
+    const lines = [
+        `Dependencies for ${identifier} (${edges.length})`,
+        '',
+    ];
+    const dirLabel = (e) => e.direction === 'BLOCKED_BY' ? 'blocked by' : 'blocks';
+    const evidence = (e) => {
+        if (e.reason === 'shared_files')
+            return ` · shared_files(${e.detail?.count ?? '?'} 个共享文件${e.detail?.sample?.length ? ': ' + e.detail.sample.join(', ') : ''})`;
+        if (e.reason === 'task_mention')
+            return ` · task_mention(${e.detail?.surface ?? ''})`;
+        return '';
+    };
+    const section = (title, rows, render) => {
+        if (rows.length === 0)
+            return;
+        lines.push(title);
+        for (const e of rows)
+            lines.push(...render(e));
+        lines.push('');
+    };
+    const confirmed = edges.filter(e => e.status === 'CONFIRMED');
+    const suggested = edges.filter(e => e.status === 'SUGGESTED');
+    const dismissed = edges.filter(e => e.status === 'DISMISSED');
+    section('CONFIRMED', confirmed, e => [
+        `  [${shortId(e.id)}] ${dirLabel(e)} ${e.other.identifier}「${e.other.title}」 ${e.other.status} · ${e.source}${evidence(e)}`,
+    ]);
+    section('SUGGESTED(待确认)', suggested, e => [
+        `  [${shortId(e.id)}] ${dirLabel(e)} ${e.other.identifier}「${e.other.title}」 ${e.other.status}${evidence(e)}`,
+        `      确认: lumo task deps confirm ${identifier} ${shortId(e.id)}(方向反了加 --reverse;误报: dismiss)`,
+    ]);
+    section('DISMISSED', dismissed, e => [
+        `  [${shortId(e.id)}] ${dirLabel(e)} ${e.other.identifier} · 已忽略`,
+    ]);
+    return lines.join('\n').trimEnd();
+}
+function getCtx() {
+    const creds = (0, config_1.readCredentials)();
+    if (!creds) {
+        console.error('Error: not logged in. Run `lumo auth login` first.');
+        return 1;
+    }
+    const apiUrl = (0, api_1.resolveAuthedApiUrl)(creds.apiUrl);
+    return {
+        apiUrl,
+        base: (0, api_1.trimTrailingSlash)(apiUrl),
+        token: creds.token,
+        workspaceSlug: creds.workspaceSlug,
+    };
+}
+/** Resolve LUM-N → DB id (the dependencies endpoints take the DB id). */
+async function resolveTask(ctx, identifier) {
+    let res;
+    try {
+        res = await fetch(`${ctx.base}/api/tasks/resolve/${encodeURIComponent(identifier)}`, { headers: { Authorization: `Bearer ${ctx.token}` } });
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`Error: could not reach Lumo API at ${ctx.apiUrl} (${msg})`);
+        return 1;
+    }
+    if (res.status === 401) {
+        console.error('Error: API key invalid or revoked. Run `lumo auth login`.');
+        return 1;
+    }
+    if (res.status === 404) {
+        console.error(`Error: task ${identifier} not found in workspace ${ctx.workspaceSlug}`);
+        return 1;
+    }
+    if (!res.ok) {
+        console.error(`Error: resolve failed (HTTP ${res.status})`);
+        return 1;
+    }
+    return (await res.json());
+}
+/** Best-effort `{ error }` body extraction for non-2xx responses. */
+async function readErrorMessage(res) {
+    try {
+        const body = (await res.json());
+        return typeof body.error === 'string' ? body.error : null;
+    }
+    catch {
+        return null;
+    }
+}
+async function depsFetch(ctx, path, init, label) {
+    let res;
+    try {
+        res = await fetch(`${ctx.base}${path}`, {
+            ...init,
+            headers: {
+                Authorization: `Bearer ${ctx.token}`,
+                ...(init.body ? { 'Content-Type': 'application/json' } : {}),
+            },
+        });
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        console.error(`Error: could not reach Lumo API at ${ctx.apiUrl} (${msg})`);
+        return 1;
+    }
+    if (res.status === 401) {
+        console.error('Error: API key invalid or revoked. Run `lumo auth login`.');
+        return 1;
+    }
+    if (!res.ok) {
+        const serverMsg = await readErrorMessage(res);
+        console.error(serverMsg
+            ? `Error: ${(0, sanitize_1.sanitizeField)(serverMsg)}`
+            : `Error: ${label} failed (HTTP ${res.status})`);
+        return 1;
+    }
+    return res;
+}
+async function fetchDeps(ctx, taskDbId) {
+    const res = await depsFetch(ctx, `/api/tasks/${encodeURIComponent(taskDbId)}/dependencies`, {}, 'dependencies list');
+    if (typeof res === 'number')
+        return res;
+    const { dependencies } = (await res.json());
+    return dependencies ?? [];
+}
+/** Selector miss: print all candidates with short ids so the user can retry. */
+function printSelectorCandidates(edges, selector) {
+    console.error(`Error: no unique dependency edge matches "${selector}". Candidates:`);
+    if (edges.length === 0) {
+        console.error('  (无依赖边)');
+        return;
+    }
+    for (const e of edges) {
+        console.error((0, sanitize_1.sanitizeField)(`  [${shortId(e.id)}] ${e.status} ${e.other.identifier}「${e.other.title}」`));
+    }
+}
+/**
+ * Shared front half of confirm/dismiss/rm: resolve the task, fetch its edge
+ * list, and resolve the selector. Returns the task + edge on success, or an
+ * exit code after printing the candidate list.
+ */
+async function resolveTaskAndEdge(identifier, selector) {
+    const ctx = getCtx();
+    if (typeof ctx === 'number')
+        return ctx;
+    const task = await resolveTask(ctx, identifier);
+    if (typeof task === 'number')
+        return task;
+    const edges = await fetchDeps(ctx, task.id);
+    if (typeof edges === 'number')
+        return edges;
+    const edge = resolveEdgeSelector(edges, selector);
+    if (!edge) {
+        printSelectorCandidates(edges, selector);
+        return 1;
+    }
+    return { ctx, task, edge };
+}
+// ---------------------------------------------------------------------------
+// Command actions
+// ---------------------------------------------------------------------------
+/** `lumo task deps list <LUM-N>` */
+async function taskDepsList(identifier) {
+    if (!identifier) {
+        console.error('Error: usage: lumo task deps list <LUM-42>');
+        return 1;
+    }
+    const ctx = getCtx();
+    if (typeof ctx === 'number')
+        return ctx;
+    const task = await resolveTask(ctx, identifier);
+    if (typeof task === 'number')
+        return task;
+    const edges = await fetchDeps(ctx, task.id);
+    if (typeof edges === 'number')
+        return edges;
+    // Whole-block sanitization (session-attach style): edge titles, reasons and
+    // sample paths are server-controlled free text.
+    console.log((0, sanitize_1.sanitizeField)(formatDepsList(task.identifier, edges)));
+}
+/** `lumo task deps add <LUM-N> --blocked-by <LUM-M>` */
+async function taskDepsAdd(identifier, opts) {
+    if (!identifier || !opts.blockedBy) {
+        console.error('Error: usage: lumo task deps add <LUM-42> --blocked-by <LUM-9>');
+        return 1;
+    }
+    const ctx = getCtx();
+    if (typeof ctx === 'number')
+        return ctx;
+    const task = await resolveTask(ctx, identifier);
+    if (typeof task === 'number')
+        return task;
+    const res = await depsFetch(ctx, `/api/tasks/${encodeURIComponent(task.id)}/dependencies`, { method: 'POST', body: JSON.stringify({ blockedBy: opts.blockedBy }) }, 'dependency add');
+    if (typeof res === 'number')
+        return res;
+    console.log(`Added: ${task.identifier} blocked by ${opts.blockedBy}`);
+}
+/** `lumo task deps confirm <LUM-N> <edge> [--reverse]` */
+async function taskDepsConfirm(identifier, selector, opts) {
+    if (!identifier || !selector) {
+        console.error('Error: usage: lumo task deps confirm <LUM-42> <edge> [--reverse]');
+        return 1;
+    }
+    const resolved = await resolveTaskAndEdge(identifier, selector);
+    if (typeof resolved === 'number')
+        return resolved;
+    const { ctx, task, edge } = resolved;
+    const res = await depsFetch(ctx, `/api/tasks/${encodeURIComponent(task.id)}/dependencies/${encodeURIComponent(edge.id)}`, {
+        method: 'PATCH',
+        body: JSON.stringify({
+            action: 'confirm',
+            reverse: opts.reverse ?? false,
+        }),
+    }, 'dependency confirm');
+    if (typeof res === 'number')
+        return res;
+    console.log((0, sanitize_1.sanitizeField)(`Confirmed: [${shortId(edge.id)}] ${task.identifier} ${edge.direction === 'BLOCKED_BY' ? 'blocked by' : 'blocks'} ${edge.other.identifier}「${edge.other.title}」${opts.reverse ? ' (reversed)' : ''}`));
+}
+/** `lumo task deps dismiss <LUM-N> <edge>` */
+async function taskDepsDismiss(identifier, selector) {
+    if (!identifier || !selector) {
+        console.error('Error: usage: lumo task deps dismiss <LUM-42> <edge>');
+        return 1;
+    }
+    const resolved = await resolveTaskAndEdge(identifier, selector);
+    if (typeof resolved === 'number')
+        return resolved;
+    const { ctx, task, edge } = resolved;
+    const res = await depsFetch(ctx, `/api/tasks/${encodeURIComponent(task.id)}/dependencies/${encodeURIComponent(edge.id)}`, { method: 'PATCH', body: JSON.stringify({ action: 'dismiss' }) }, 'dependency dismiss');
+    if (typeof res === 'number')
+        return res;
+    console.log((0, sanitize_1.sanitizeField)(`Dismissed: [${shortId(edge.id)}] ${edge.other.identifier}「${edge.other.title}」(不再建议)`));
+}
+/** `lumo task deps rm <LUM-N> <edge> --yes` */
+async function taskDepsRm(identifier, selector, opts) {
+    if (!identifier || !selector) {
+        console.error('Error: usage: lumo task deps rm <LUM-42> <edge> --yes');
+        return 1;
+    }
+    if (!opts.yes) {
+        console.error('Error: refusing to delete without --yes. Re-run with --yes to confirm.');
+        return 1;
+    }
+    const resolved = await resolveTaskAndEdge(identifier, selector);
+    if (typeof resolved === 'number')
+        return resolved;
+    const { ctx, task, edge } = resolved;
+    const res = await depsFetch(ctx, `/api/tasks/${encodeURIComponent(task.id)}/dependencies/${encodeURIComponent(edge.id)}`, { method: 'DELETE' }, 'dependency delete');
+    if (typeof res === 'number')
+        return res;
+    console.log(`Removed [${shortId(edge.id)}] from ${task.identifier}`);
+}

package/dist/cli/src/index.js

@@ -64,6 +64,8 @@ const memory_project_add_1 = require("./commands/memory-project-add");
 const memory_promote_1 = require("./commands/memory-promote");
 const memory_rm_1 = require("./commands/memory-rm");
 const task_artifact_add_1 = require("./commands/task-artifact-add");
+const task_criteria_set_1 = require("./commands/task-criteria-set");
+const task_criteria_list_1 = require("./commands/task-criteria-list");
 const task_artifact_list_1 = require("./commands/task-artifact-list");
 const task_artifact_show_1 = require("./commands/task-artifact-show");
 const task_artifact_rm_1 = require("./commands/task-artifact-rm");
@@ -72,6 +74,7 @@ const task_slack_show_1 = require("./commands/task-slack-show");
 const task_web_show_1 = require("./commands/task-web-show");
 const task_figma_context_1 = require("./commands/task-figma-context");
 const task_comment_list_1 = require("./commands/task-comment-list");
+const task_deps_1 = require("./commands/task-deps");
 const task_pr_show_1 = require("./commands/task-pr-show");
 const task_lineage_1 = require("./commands/task-lineage");
 const project_list_1 = require("./commands/project-list");
@@ -305,6 +308,32 @@ taskComments
     .command('list <identifier>')
     .description('List the full task comment thread')
     .action(wrap(id => (0, task_comment_list_1.taskCommentList)(id)));
+const taskDeps = task
+    .command('deps')
+    .description('Task dependency edges — detected candidates + confirmed blockers');
+taskDeps
+    .command('list <identifier>')
+    .description('List dependency edges (both directions)')
+    .action(wrap(id => (0, task_deps_1.taskDepsList)(id)));
+taskDeps
+    .command('add <identifier>')
+    .requiredOption('--blocked-by <blocker>', 'blocker task (LUM-N)')
+    .description('Declare a manual hard dependency (CONFIRMED)')
+    .action(wrap((id, opts) => (0, task_deps_1.taskDepsAdd)(id, opts)));
+taskDeps
+    .command('confirm <identifier> <edge>')
+    .option('--reverse', 'flip direction when confirming')
+    .description('Confirm a detected candidate edge')
+    .action(wrap((id, edge, opts) => (0, task_deps_1.taskDepsConfirm)(id, edge, opts)));
+taskDeps
+    .command('dismiss <identifier> <edge>')
+    .description('Dismiss a candidate (never re-suggested)')
+    .action(wrap((id, edge) => (0, task_deps_1.taskDepsDismiss)(id, edge)));
+taskDeps
+    .command('rm <identifier> <edge>')
+    .option('--yes', 'skip confirmation')
+    .description('Delete a dependency edge')
+    .action(wrap((id, edge, opts) => (0, task_deps_1.taskDepsRm)(id, edge, opts)));
 const taskPr = task.command('pr').description('Inspect linked PRs');
 taskPr
     .command('show <identifier> <number>')
@@ -343,6 +372,19 @@ taskMemory
     .option('--step <text>', 'procedural: a step (repeatable)', collect, [])
     .option('--agent <agent>', 'Producing agent: claude-code | codex | cursor | gemini-cli | github-copilot | windsurf (default claude-code)')
     .action(wrap((taskArg, opts) => (0, memory_task_add_1.memoryTaskAdd)(taskArg, opts)));
+const taskCriteria = task
+    .command('criteria')
+    .description('Acceptance criteria — the task\u2019s verification contract (LUM-342)');
+taskCriteria
+    .command('set <task>')
+    .description('Submit the whole acceptance contract from a JSON file. Default = initial agent draft (locked once submitted); --human records a HUMAN_EDIT revision (desired final list; items with "id" keep/update, missing ones are deleted).')
+    .requiredOption('--file <path>', 'JSON array of criteria: [{"statement","verifierType":"MACHINE"|"HUMAN","checkpointer?","evidenceRequired?","id?"}]')
+    .option('--human', 'Record a human contract revision (HUMAN_EDIT) transcribed from the conversation, with session 出处')
+    .action(wrap((taskId, options) => (0, task_criteria_set_1.taskCriteriaSet)(taskId, options)));
+taskCriteria
+    .command('list <task>')
+    .description('List a task\u2019s acceptance criteria (id, type, provenance, checkpointer)')
+    .action(wrap((taskId) => (0, task_criteria_list_1.taskCriteriaList)(taskId)));
 const taskArtifact = task
     .command('artifact')
     .description('Record spec-engineering artifacts (spec / plan / design …) on a task');

package/dist/cli/src/lib/hook-runner.js

@@ -107,13 +107,20 @@ function formatHookStdoutLines(path, responseBody, now = new Date()) {
     else if (tb && tb.bound === false) {
         lines.push(unboundPromptLine(sessionId));
     }
-    // Recovery card + memory + linked resources + PR-review todos share one
-    // additionalContext block so Claude Code injects a single coherent context
-    // payload at session start. The card slots in first so it's the first thing
-    // the model reads.
+    // Recovery card + blocker warning + memory + linked resources + PR-review
+    // todos share one additionalContext block so Claude Code injects a single
+    // coherent context payload at session start. The card slots in first so it's
+    // the first thing the model reads; the dependency blocker warning (LUM-172)
+    // comes right after so it stays prominent, ahead of the memory section.
     const card = renderRecoveryCard(body.previousSession, tb?.taskIdentifier ?? '', now);
     const envelope = sessionContextEnvelope([
         card,
+        // Blocker warning right after the card: it can preempt the session's
+        // work entirely (wait for the blocker instead of starting) — LUM-172.
+        body.blockerWarningSection,
+        // Acceptance contract next: it's what the session's work is judged
+        // against (LUM-342).
+        body.criteriaSection,
         body.memorySection,
         body.linkedResourcesSection,
         body.reviewTodosSection,

package/dist/cli/src/lib/sanitize.js

@@ -1,17 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.sanitizeField = sanitizeField;
-// Matches C0 control chars EXCEPT tab (\x09) and newline (\x0a), DEL (\x7f),
-// and the C1 control range (\x80-\x9f). Includes ESC (\x1b) and the 8-bit CSI
-// introducer (\x9b) — both ANSI escape-sequence injection vectors. U+0080-U+009F
-// are never legitimate visible text, so stripping them is safe.
-const CONTROL_CHARS = /[\x00-\x08\x0b-\x1f\x7f-\x9f]/g;
-/**
- * Strip terminal control characters from untrusted, server-returned fields
- * before printing them, to prevent ANSI escape-sequence injection. Tab and
- * newline are preserved so fixed-width tables and multi-line bodies render
- * correctly. Callers handle optional values, e.g. `sanitizeField(name ?? '')`.
- */
-function sanitizeField(value) {
-    return value.replace(CONTROL_CHARS, '');
-}
+exports.sanitizeField = void 0;
+// Single source of truth lives in shared/src/sanitize.ts (LUM-346) — the
+// server applies the same character class at its untrusted render boundary.
+var sanitize_1 = require("../../../shared/src/sanitize");
+Object.defineProperty(exports, "sanitizeField", { enumerable: true, get: function () { return sanitize_1.sanitizeField; } });

package/dist/shared/src/index.js

@@ -1,7 +1,7 @@
 "use strict";
 // ── Agent Error types ────────────────────────────────────────────────────────
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseStreamJsonUsage = exports.tiptapToMarkdown = exports.markdownToTiptap = exports.AgentError = void 0;
+exports.sanitizeField = exports.parseStreamJsonUsage = exports.tiptapToMarkdown = exports.markdownToTiptap = exports.AgentError = void 0;
 exports.userFriendlyError = userFriendlyError;
 class AgentError extends Error {
     code;
@@ -36,3 +36,6 @@ Object.defineProperty(exports, "tiptapToMarkdown", { enumerable: true, get: func
 // ── Stream-json run usage parser ──────────────────────────────────────────────
 var stream_json_usage_1 = require("./stream-json-usage");
 Object.defineProperty(exports, "parseStreamJsonUsage", { enumerable: true, get: function () { return stream_json_usage_1.parseStreamJsonUsage; } });
+// ── Untrusted free-text sanitization ─────────────────────────────────────────
+var sanitize_1 = require("./sanitize");
+Object.defineProperty(exports, "sanitizeField", { enumerable: true, get: function () { return sanitize_1.sanitizeField; } });

package/dist/shared/src/sanitize.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sanitizeField = sanitizeField;
+// Matches C0 control chars EXCEPT tab (\x09) and newline (\x0a), DEL (\x7f),
+// and the C1 control range (\x80-\x9f). Includes ESC (\x1b) and the 8-bit CSI
+// introducer (\x9b) — both ANSI escape-sequence injection vectors. U+0080-U+009F
+// are never legitimate visible text, so stripping them is safe.
+const CONTROL_CHARS = /[\x00-\x08\x0b-\x1f\x7f-\x9f]/g;
+/**
+ * Strip terminal control characters from untrusted free text before it is
+ * printed (CLI) or injected into an agent's context (server render boundary),
+ * to prevent ANSI escape-sequence injection. Tab and newline are preserved so
+ * fixed-width tables and multi-line bodies render correctly. ids / urls /
+ * enums don't need this — only free text does. Callers handle optional
+ * values, e.g. `sanitizeField(name ?? '')`.
+ *
+ * Single source of truth shared by the CLI (cli/src/lib/sanitize.ts) and the
+ * server (lib/utils/sanitize.ts) so the two sides can never drift (LUM-346).
+ */
+function sanitizeField(value) {
+    return value.replace(CONTROL_CHARS, '');
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lumoai/cli",
-  "version": "1.21.0",
+  "version": "1.23.0",
   "description": "Lumo CLI — manage tasks and sessions from the terminal",
   "license": "MIT",
   "author": "cli@uselumo.ai",