@mindrian_os/install 1.13.0-beta.11 → 1.13.0-beta.13

package/lib/core/navigation/packet.cjs

@@ -9,12 +9,73 @@
 // Canon Part 9: builder produces the JS object; Phase 110 wraps with validateAndSendBrainPacket;
 // Phase 109 honors the privacy: 'no_raw_artifact_text' field by default in constraints.
 
+const fs = require('node:fs');
 const path = require('node:path');
 const crypto = require('node:crypto');
 const { getNeighborhood } = require('./neighborhood.cjs');
 const { findContradictions, findUnsupportedClaims, findRelevantOpportunities } = require('./insights.cjs');
 const { findRecentChanges } = require('./memory-events.cjs');
 
+// Phase 110-02 (D-03 + D-09): privacy-mode opt-up. local_summary_only is the default and
+// the only mode any of the 12 shipped Brain jobs ever requests (every $def.in.properties.privacy_mode
+// in data/brain-packet-schema.json is { const: 'local_summary_only' }). allow_filenames opts
+// up via .config.json preferences.brain_privacy_mode (project-level) or opts.privacyMode
+// (per-call); allow_excerpts ADDITIONALLY requires a Part-3 Decision Gate APPROVE-with-reason
+// row on the room graph tagged brain_excerpts -- there is NO shipped consumer of allow_excerpts
+// as of v1.13.0-beta.3, so it is a defined-but-unconsumed escape hatch. Config can only CAP
+// the mode, never RAISE what a job sends -- the schema's per-job const enforces this for free
+// in Phase 110-03 sendPacket.
+const PRIVACY_MODES = ['local_summary_only', 'allow_filenames', 'allow_excerpts'];
+
+function readRoomConfigPrivacyMode(roomDir) {
+  if (!roomDir) return null;
+  try {
+    const p = path.join(roomDir, '.config.json');
+    if (!fs.existsSync(p)) return null;
+    const cfg = JSON.parse(fs.readFileSync(p, 'utf8'));
+    const v = cfg && cfg.preferences && cfg.preferences.brain_privacy_mode;
+    return PRIVACY_MODES.includes(v) ? v : null;
+  } catch (_) {
+    return null;
+  }
+}
+
+// The Part-3 Decision Gate APPROVE row (Canon Part 3 + Part 4). The F.0 selector at
+// lib/hmi/shape-f0-renderer.cjs is the canonical render path that, when wired in a future
+// plan, writes the brain_excerpts-tagged APPROVE decision row that this helper looks for.
+// As of v1.13.0-beta.3 there is NO shipped consumer of allow_excerpts -- so this returns
+// false until a Part-3 gate is wired and the user approves. The query is a single guarded
+// SELECT against the local room graph (the same db handle buildBrainPacket already takes);
+// any error or absent row returns false so the resolver caps down safely.
+function roomHasExcerptApproval(db, roomDir) {
+  try {
+    if (!db) return false;
+    const row = db.prepare(
+      "SELECT 1 FROM nodes WHERE type IN ('decision','memory_event') " +
+      "AND review_status = 'confirmed' AND created_by = 'user' " +
+      "AND instr(properties, 'brain_excerpts') > 0 LIMIT 1"
+    ).get();
+    return !!row;
+  } catch (_) {
+    return false;
+  }
+}
+
+function resolvePrivacyMode(db, roomDir, opts) {
+  const options = opts || {};
+  const perCall = options.privacyMode;
+  const fromConfig = readRoomConfigPrivacyMode(roomDir);
+  const requested = (typeof perCall === 'string' && PRIVACY_MODES.includes(perCall))
+    ? perCall
+    : (fromConfig || 'local_summary_only');
+  if (requested === 'allow_excerpts' && !roomHasExcerptApproval(db, roomDir)) {
+    // Cap down per "config caps, never raises". If config said allow_filenames, keep it;
+    // otherwise drop to local_summary_only.
+    return fromConfig === 'allow_filenames' ? 'allow_filenames' : 'local_summary_only';
+  }
+  return requested;
+}
+
 function loadJtbd(roomDir, mocks) {
   if (mocks && mocks.jtbd) return mocks.jtbd;
   try { return require(path.resolve(__dirname, '..', '..', 'hmi', 'jtbd-state.cjs')); } catch (_) { return null; }
@@ -121,6 +182,11 @@ function buildBrainPacket(db, job, focusNodeId, opts) {
   const options = opts || {};
   const mocks = options._mocks;
   const roomId = options.roomId || null;
+  const roomDir = options.roomDir || null;
+
+  // Phase 110-02: resolve the privacy mode BEFORE building the packet body so the resolved
+  // value is available on the top-level return object alongside packet_version and origin.
+  const privacyMode = resolvePrivacyMode(db, roomDir, options);
 
   // Active context. Mocks override the require() calls for hermetic tests.
   const jtbdMod = loadJtbd(null, mocks);
@@ -155,6 +221,16 @@ function buildBrainPacket(db, job, focusNodeId, opts) {
     packet_version: '1.0',
     job,
     room_stage: getRoomStage(db),
+    // Phase 110-02 D-08 layer 1: stamp the navigation-API provenance origin. The schema's
+    // $defs.Origin enum constrains this to the closed set; brain-client.sendPacket (Phase
+    // 110-03) refuses any other value at wire time. defense-in-depth -- three layers (schema
+    // enum + pre-commit hook + sendPacket allowlist), no in-process nonce.
+    origin: 'navigation_api',
+    // Phase 110-02 D-09: top-level privacy_mode (one of D-03's 3 enum values; default
+    // local_summary_only). Separate from constraints.privacy (human-readable note) -- the
+    // schema's $defs.PrivacyMode enum + each job's $def.in.properties.privacy_mode const
+    // enforces "config caps, never raises" at the wire level in Phase 110-03 sendPacket.
+    privacy_mode: privacyMode,
     active_context: {
       jtbd: jtbdId,
       operator,
@@ -179,4 +255,14 @@ function buildBrainPacket(db, job, focusNodeId, opts) {
   };
 }
 
-module.exports = { buildBrainPacket, surface_banked_opportunities, shortText };
+module.exports = {
+  buildBrainPacket,
+  surface_banked_opportunities,
+  shortText,
+  // Phase 110-02 (D-09): exported so Phase 110-05 round-trip tests, future callers, and
+  // brain-client.sendPacket (110-03) can introspect / reuse the resolution order.
+  resolvePrivacyMode,
+  readRoomConfigPrivacyMode,
+  roomHasExcerptApproval,
+  PRIVACY_MODES,
+};

package/lib/core/navigation.cjs

@@ -57,4 +57,10 @@ module.exports = {
 
   // Truth-state chokepoint (Plan 109-04 LIVE).
   promoteNodeStatus: transitions.promoteNodeStatus,
+
+  // Memory-event logging (Phase 110-03 -- a thin re-export so brain-client.cjs can log the
+  //   brain_packet_rejected / brain_response_rejected / brain_legacy_path_used events without
+  //   reaching into the internal navigation/memory-events.cjs. The closed navigation surface is
+  //   the DOCUMENTED 13-function API; the implementation re-exports internal helpers as needed.)
+  logMemoryEvent: memoryEvents.logEvent,
 };

package/lib/core/resolve-brain-key.cjs

@@ -0,0 +1,201 @@
+'use strict';
+/*
+ * lib/core/resolve-brain-key.cjs -- the ONE resolver for "where is the Brain
+ * API key on this machine?" (Phase 123 Plan-07).
+ *
+ * Background: before this module, three different places guessed independently
+ * how to discover the Brain key (brain-client.cjs::getApiKey, session-start's
+ * shell test of MINDRIAN_BRAIN_KEY, brain-connector's skill detection). Three
+ * guessers, three failure modes -- a standard install with the key in
+ * ~/.mindrian.env was visible to brain-client but invisible to session-start,
+ * so a working HTTP-path Brain still printed a Tier-0 MCP warning. This
+ * collapses them into one source of truth. Mirrors active-plugin-root.cjs
+ * (the resolver this one is patterned on).
+ *
+ * Precedence (first hit wins) per D-31:
+ *   1. MINDRIAN_BRAIN_KEY env var     -- explicit operator intent, highest.
+ *   2. <home>/.mindrian.env           -- global backup, persists across CWDs.
+ *   3. <cwd>/.env                     -- project-local override.
+ *   4. not-found.
+ *
+ * IMPORTANT (FLAG-3 fix). The default for `home` is
+ *   process.env.HOME || process.env.USERPROFILE || os.homedir()
+ * -- NOT bare os.homedir(). On Linux/POSIX, os.homedir() reads /etc/passwd and
+ * IGNORES process.env.HOME, which breaks hermetic tests that override HOME to
+ * a scratch directory. The env-aware default matches the precedent in
+ * scripts/doctor.cjs, scripts/session-start, and lib/core/active-plugin-root.cjs.
+ *
+ * Returns { key, source, available, reason }:
+ *   - available=true:  key is the trimmed value, reason is null.
+ *   - available=false: key is null, reason is the explicit cause string
+ *                      (never a silent null -- SEC-02 rejections route here too).
+ *
+ * SEC-02 permission check (POSIX-only, no-op on Windows). When the resolved
+ * source is a key file (~/.mindrian.env or CWD .env), stat the mode. If any
+ * group or world bit is set (mode & 0o077), return available:false with the
+ * explicit reason "permissions too open: <path> is mode 0NNN, must be 0600".
+ *
+ * Use as a module:
+ *   const { resolveBrainKey } = require('<...>/lib/core/resolve-brain-key.cjs');
+ *   const r = resolveBrainKey();           // r.key, r.source, r.available, r.reason
+ *
+ * Use as a CLI (so scripts/session-start can shell out without a JSON parser
+ * in bash):
+ *   node lib/core/resolve-brain-key.cjs          -> prints JSON, exits 0
+ *
+ * Canon Part 8: this reads LOCAL files and env only. Zero network surface.
+ * The plan's verification grep against this file's source returns nothing
+ * -- no network markers in this resolver, ever. The actual Brain call is
+ * brain-client.cjs's job; this module only DISCOVERS whether a key exists.
+ */
+
+const fs = require('node:fs');
+const path = require('node:path');
+const os = require('node:os');
+
+/**
+ * SEC-02 permission gate. POSIX-only -- on Windows POSIX mode bits do not
+ * translate to NTFS ACLs, so we return ok unconditionally there (a single
+ * stderr note would couple this resolver to a side-effect; the calling layer
+ * is the right place to surface that one-time note).
+ *
+ *   mode & 0o077 !== 0   =>   any group or world bit set   =>   reject.
+ *   0o600 / 0o400 pass; 0o644 / 0o664 / 0o666 fail.
+ *
+ * On stat failure (file vanished between exists() and stat() -- rare but
+ * possible) we treat it as not-ok with an explanatory reason rather than
+ * pretending the file is fine.
+ *
+ * @param {string} p   the file path
+ * @returns {{ok: boolean, reason: string|null}}
+ */
+function checkFilePermissions(p) {
+  if (process.platform === 'win32') {
+    return { ok: true, reason: null };
+  }
+  let stat;
+  try {
+    stat = fs.statSync(p);
+  } catch (e) {
+    return { ok: false, reason: 'unable to stat ' + p + ': ' + (e && e.code || String(e)) };
+  }
+  const mode = stat.mode & 0o777;
+  if ((mode & 0o077) !== 0) {
+    const modeStr = mode.toString(8).padStart(3, '0');
+    return {
+      ok: false,
+      reason: 'permissions too open: ' + p + ' is mode 0' + modeStr + ', must be 0600',
+    };
+  }
+  return { ok: true, reason: null };
+}
+
+/**
+ * Parse a single MINDRIAN_BRAIN_KEY=... line out of a (possibly multi-line)
+ * env-file body. Returns the trimmed value, or null if the line is absent or
+ * the value is empty. We deliberately do NOT use a full dotenv parser -- one
+ * variable, one regex, no transitive dependency.
+ *
+ * @param {string} body
+ * @returns {string|null}
+ */
+function _parseKey(body) {
+  const m = body.match(/^MINDRIAN_BRAIN_KEY\s*=\s*(.+?)\s*$/m);
+  if (!m) return null;
+  const v = m[1].trim();
+  return v.length > 0 ? v : null;
+}
+
+/**
+ * Resolve the Brain API key from the standard precedence chain.
+ *
+ * The `home` and `cwd` parameters exist as test seams. Their defaults match
+ * the precedent across the rest of the plugin (scripts/doctor.cjs, scripts/
+ * session-start, lib/core/active-plugin-root.cjs): env-aware home resolution
+ * so hermetic tests overriding process.env.HOME actually work on Linux/POSIX,
+ * where os.homedir() reads /etc/passwd and ignores the env override.
+ *
+ * @param {{home?: string, cwd?: string}} [opts]
+ * @returns {{key: string|null, source: 'env'|'mindrian-env-file'|'cwd-env-file'|'not-found', available: boolean, reason: string|null}}
+ */
+function resolveBrainKey(opts) {
+  const o = opts || {};
+  const home = o.home || process.env.HOME || process.env.USERPROFILE || os.homedir();
+  const cwd = o.cwd || process.cwd();
+
+  // (1) Env var wins.
+  if (process.env.MINDRIAN_BRAIN_KEY) {
+    const v = String(process.env.MINDRIAN_BRAIN_KEY).trim();
+    if (v.length > 0) {
+      return { key: v, source: 'env', available: true, reason: null };
+    }
+  }
+
+  // (2) <home>/.mindrian.env
+  const mindrianEnvPath = path.join(home, '.mindrian.env');
+  if (fs.existsSync(mindrianEnvPath)) {
+    const perms = checkFilePermissions(mindrianEnvPath);
+    if (!perms.ok) {
+      return { key: null, source: 'mindrian-env-file', available: false, reason: perms.reason };
+    }
+    try {
+      const body = fs.readFileSync(mindrianEnvPath, 'utf8');
+      const v = _parseKey(body);
+      if (v) {
+        return { key: v, source: 'mindrian-env-file', available: true, reason: null };
+      }
+    } catch (e) {
+      return {
+        key: null,
+        source: 'mindrian-env-file',
+        available: false,
+        reason: 'unable to read ' + mindrianEnvPath + ': ' + (e && e.code || String(e)),
+      };
+    }
+  }
+
+  // (3) <cwd>/.env
+  const cwdEnvPath = path.join(cwd, '.env');
+  if (fs.existsSync(cwdEnvPath)) {
+    const perms = checkFilePermissions(cwdEnvPath);
+    if (!perms.ok) {
+      return { key: null, source: 'cwd-env-file', available: false, reason: perms.reason };
+    }
+    try {
+      const body = fs.readFileSync(cwdEnvPath, 'utf8');
+      const v = _parseKey(body);
+      if (v) {
+        return { key: v, source: 'cwd-env-file', available: true, reason: null };
+      }
+    } catch (e) {
+      return {
+        key: null,
+        source: 'cwd-env-file',
+        available: false,
+        reason: 'unable to read ' + cwdEnvPath + ': ' + (e && e.code || String(e)),
+      };
+    }
+  }
+
+  // (4) not-found.
+  return {
+    key: null,
+    source: 'not-found',
+    available: false,
+    reason: 'MINDRIAN_BRAIN_KEY not set (env), and neither ' + mindrianEnvPath
+      + ' nor ' + cwdEnvPath + ' contains a MINDRIAN_BRAIN_KEY line',
+  };
+}
+
+module.exports = { resolveBrainKey, checkFilePermissions };
+
+// CLI entry point. session-start shells out via:
+//   node lib/core/resolve-brain-key.cjs
+// and parses the JSON. Exit 0 always (the consumer reads the JSON to learn
+// available/reason); a non-zero exit here would surface as "resolver failed"
+// rather than the clearer not-found / permissions-too-open branches.
+if (require.main === module) {
+  const r = resolveBrainKey();
+  process.stdout.write(JSON.stringify(r) + '\n');
+  process.exit(0);
+}

package/lib/hmi/jtbd-taxonomy.json

@@ -1,6 +1,7 @@
 {
   "version": 1,
   "canon_parts": [2, "2a", 3, 7],
+  "methodology_hooks_note": "informational only; lib/workflow/command-resolver.cjs (reading the generated data/command-registry.json, built from each command's frontmatter -- see docs/COMMAND-FRONTMATTER.md and docs/WORKFLOWS.md) is authoritative for framework-to-command. These hooks are convenience pointers for JTBD-driven routing; they are NOT a source of truth. Larry never names a /mos: from memory.",
   "entries": [
     {
       "id": "decide-pursue",
@@ -16,7 +17,7 @@
       "methodology_hooks": [
         "/mos:diagnose",
         "/mos:build-thesis",
-        "/mos:value-proposition",
+        "/mos:validate-proposition",
         "/mos:lean-canvas"
       ],
       "next_move_verbs": [

package/lib/memory/framework-chain-composer.test.cjs

@@ -104,6 +104,17 @@ const SAMPLE_4_LINES = [
   '- Jobs-to-be-Done FEEDS_INTO Value Proposition Canvas (confidence: 0.90, phase: pre-opportunity)',
 ].join('\n');
 
+// Phase 122-04: a chain whose `next` framework IS registered in
+// data/command-registry.json, so proposeNextFramework returns a non-null
+// /mos: command (Tests 16 + 18 need the engine's offer_next_step.command
+// to be a real command string -- only the resolver-registered frameworks
+// yield one; unregistered ones degrade to null per reliability rule 5).
+// 'Business Model Canvas' is in KNOWN_FRAMEWORKS (detectable from a
+// governing thought); 'Lean Canvas' resolves to /mos:lean-canvas.
+const SAMPLE_REGISTERED_CHAIN = [
+  '- Business Model Canvas FEEDS_INTO Lean Canvas (confidence: 0.85, phase: thesis-build)',
+].join('\n');
+
 // =========================================================
 // Task 1 -- parser + completion detection + proposal (Tests 1..15)
 // =========================================================
@@ -297,25 +308,43 @@ run('Test 11: proposeNextFramework tie-breaking by confidence desc', () => {
   assert.equal(Math.abs(out.confidence - 0.85) < 1e-9, true);
 });
 
-run('Test 12: proposeNextFramework /mos: command mapping', () => {
+run('Test 12: proposeNextFramework command resolution via the resolver (Phase 122-04: degrade to null, not fabricate)', () => {
   const { proposeNextFramework } = requireComposer();
-  // 'Lean Canvas' has an existing /mos:lean-canvas command.
+  const resolver = require('../workflow/command-resolver.cjs');
+  // 'Lean Canvas' has an existing /mos:lean-canvas command in the registry.
   const knownEdges = [
     { from: 'Business Model Canvas', to: 'Lean Canvas', confidence: 0.82, phase_indicator: 'thesis' },
   ];
   const known = proposeNextFramework('Business Model Canvas', knownEdges);
   assert.equal(known !== null, true);
-  assert.equal(typeof known.command, 'string');
-  assert.equal(known.command.indexOf('/mos:') === 0, true,
-    'command must start with /mos:; got: ' + known.command);
-  // Unknown framework name falls back to /mos:beautiful-question or
-  // a slugified default. Either way the command MUST start with /mos:.
+  // Phase 122-04: command comes from the resolver (commandsForFramework[0]).
+  const expected = resolver.commandsForFramework('Lean Canvas');
+  assert.equal(known.command, expected.length > 0 ? expected[0] : null,
+    'command must equal commandsForFramework(next)[0] (or null); got: ' + known.command);
+  assert.equal(typeof known.command === 'string' && known.command.indexOf('/mos:') === 0, true,
+    'Lean Canvas is registered, so command must be a /mos: string; got: ' + known.command);
+  // A workflow array (the resolver's composeWorkflow for the chain) is on
+  // the proposal as data -- a list of { step, framework, command|null, optional }.
+  assert.equal(Array.isArray(known.workflow), true, 'workflow must be a composeWorkflow array');
+  assert.equal(known.workflow.length >= 2, true, 'workflow includes [completed, next, ...]');
+  assert.equal(known.workflow[0].step, 1);
+  for (let i = 0; i < known.workflow.length; i += 1) {
+    const s = known.workflow[i];
+    assert.equal(s.step, i + 1);
+    assert.equal('command' in s && 'optional' in s && 'framework' in s, true);
+    assert.equal(s.command === null || (typeof s.command === 'string' && s.command.indexOf('/mos:') === 0), true);
+  }
+  // A framework name the registry does not know yet -> command is null
+  // (degrade, do not fabricate -- WORKFLOW-LAYER-SPEC reliability rule 5).
   const unknownEdges = [
     { from: 'X', to: 'A Wholly Imaginary Framework', confidence: 0.8, phase_indicator: null },
   ];
   const unknown = proposeNextFramework('X', unknownEdges);
   assert.equal(unknown !== null, true);
-  assert.equal(unknown.command.indexOf('/mos:') === 0, true);
+  assert.equal(unknown.command, null, 'command must be null for an unregistered framework; got: ' + unknown.command);
+  assert.equal(Array.isArray(unknown.workflow), true);
+  assert.equal(unknown.workflow.every(function (s) { return s.command === null; }), true,
+    'an unregistered chain composes to all-null commands (run manually)');
 });
 
 run('Test 13: proposeNextFramework grounding rule (FEEDS_INTO + Brain + confidence in reason)', () => {
@@ -408,9 +437,13 @@ function makeQuadrupleWithChain(chainBody, governingThought) {
 
 run('Test 16: decide() with chain + governing_thought -> offer_next_step with FEEDS_INTO reason', () => {
   const { decide } = requireEngine();
+  // Phase 122-04: use a chain whose `next` framework is registered, so the
+  // resolver yields a real /mos: command (an unregistered `next` would
+  // degrade to command:null -- a true statement, but the presenter then
+  // treats it as not-an-offer; this test wants the command-carrying path).
   const quadruple = makeQuadrupleWithChain(
-    SAMPLE_4_LINES,
-    'After our SWOT Analysis we found two key threats and one opportunity.'
+    SAMPLE_REGISTERED_CHAIN,
+    'After our Business Model Canvas work we mapped the value flows.'
   );
   const out = decide(
     { sectionPath: '/tmp/fixture', sessionId: 's1' },
@@ -421,11 +454,11 @@ run('Test 16: decide() with chain + governing_thought -> offer_next_step with FE
       intentSignal: null,
     }
   );
-  // Engine should compose a chain offer: SWOT -> Porter (the highest-conf
-  // outgoing edge from SWOT in SAMPLE_4_LINES).
+  // Engine should compose a chain offer: Business Model Canvas -> Lean Canvas.
   assert.equal(out.offer_next_step !== null, true,
     'expected non-null offer_next_step; trace: ' + (out.decision_trace.chosen_rationale || ''));
-  assert.equal(typeof out.offer_next_step.command, 'string');
+  assert.equal(typeof out.offer_next_step.command, 'string',
+    'offer command must be a string (Lean Canvas is registered); got: ' + out.offer_next_step.command);
   assert.equal(out.offer_next_step.command.indexOf('/mos:') === 0, true);
   assert.equal(/FEEDS_INTO/.test(out.offer_next_step.reason), true,
     'offer reason must reference FEEDS_INTO; got: ' + out.offer_next_step.reason);
@@ -460,13 +493,12 @@ run('Test 17: decide() Mode A confidence 0.85 chain -> recommended_eligible flag
 
 run('Test 18: decide() user override path: turn 1 offer; turn 2 different command -> REJECTED chain trace', () => {
   const { decide } = requireEngine();
-  // Turn 1: chain proposes /mos:porter-five-forces (or similar slug from
-  // Porter Five Forces). Engine writes trace.brain_patterns including
-  // category 'framework_chain_proposal' OR sets offer_next_step with
-  // chain context.
+  // Turn 1: chain proposes /mos:lean-canvas (Business Model Canvas FEEDS_INTO
+  // Lean Canvas; Lean Canvas is resolver-registered so the command is real).
+  // Engine sets offer_next_step with the chain command + reason.
   const turn1Quad = makeQuadrupleWithChain(
-    SAMPLE_4_LINES,
-    'After our SWOT Analysis we identified threats.'
+    SAMPLE_REGISTERED_CHAIN,
+    'After our Business Model Canvas work we mapped the value flows.'
   );
   const turn1 = decide(
     { sectionPath: '/tmp/fixture', sessionId: 's1', userText: '' },
@@ -480,6 +512,8 @@ run('Test 18: decide() user override path: turn 1 offer; turn 2 different comman
   assert.equal(turn1.offer_next_step !== null, true,
     'turn 1 must produce a chain offer; trace: ' + turn1.decision_trace.chosen_rationale);
   const turn1Command = turn1.offer_next_step.command;
+  assert.equal(typeof turn1Command === 'string' && turn1Command.length > 0, true,
+    'turn 1 chain command must be a real /mos: string; got: ' + turn1Command);
 
   // Turn 2: user invokes a DIFFERENT /mos: command. Engine should record
   // this as REJECTED chain suggestion in decision_trace.
@@ -487,7 +521,7 @@ run('Test 18: decide() user override path: turn 1 offer; turn 2 different comman
     {
       sectionPath: '/tmp/fixture',
       sessionId: 's1',
-      userText: '/mos:lean-canvas help me with my lean canvas instead',
+      userText: '/mos:mullins run the 7-domains screen instead',
     },
     {
       quadruple: turn1Quad,