@misterhuydo/sentinel 1.4.89 → 1.4.91

package/.cairn/.hint-lock

@@ -1 +1 @@
-2026-03-27T05:41:33.700Z
+2026-03-27T13:47:13.440Z

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-27T05:38:58.308Z",
-  "checkpoint_at": "2026-03-27T05:38:58.309Z",
+  "message": "Auto-checkpoint at 2026-03-27T13:53:02.113Z",
+  "checkpoint_at": "2026-03-27T13:53:02.114Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/lib/.cairn/minify-map.json

@@ -1 +1,8 @@
-{}
+{
+  "J:\\Projects\\Sentinel\\cli\\lib\\test.js": {
+    "tempPath": "J:\\Projects\\Sentinel\\cli\\lib\\.cairn\\views\\ff8fde_test.js",
+    "state": "compressed",
+    "minifiedAt": 1774252437350.0059,
+    "readCount": 1
+  }
+}

package/lib/.cairn/views/ff8fde_test.js

@@ -0,0 +1,172 @@
+'use strict';
+const fs       = require('fs-extra');
+const path     = require('path');
+const os       = require('os');
+const { execSync, spawnSync } = require('child_process');
+const chalk    = require('chalk');
+const ok   = msg => console.log(chalk.green('  ✔'), msg);
+const fail = msg => console.log(chalk.red('  ✖'), msg);
+const warn = msg => console.log(chalk.yellow('  ⚠'), msg);
+const info = msg => console.log(chalk.cyan('  →'), msg);
+module.exports = async function testInstall(projectName) {
+  const defaultWorkspace = path.join(os.homedir(), 'sentinel');
+  const projectDir = projectName
+    ? path.join(defaultWorkspace, projectName)
+    : _findActiveProject(defaultWorkspace);
+  console.log(chalk.bold('\nSentinel — Installation Check\n'));
+  let passed = 0;
+  let failed = 0;
+  info('Checking required tools...');
+  const tools = [
+    { cmd: 'python3 --version',  label: 'Python 3'          },
+    { cmd: 'node --version',     label: 'Node.js'           },
+    { cmd: 'git --version',      label: 'git'               },
+  ];
+  for (const { cmd, label } of tools) {
+    try {
+      const out = execSync(cmd, { encoding: 'utf8', stdio: ['pipe','pipe','pipe'] }).trim();
+      ok(`${label}: ${out}`);
+      passed++;
+    } catch {
+      fail(`${label} not found`);
+      failed++;
+    }
+  }
+  info('Checking npm globals...');
+  const npms = [
+    { cmd: 'sentinel --version',  label: '@misterhuydo/sentinel'   },
+    { cmd: 'cairn --version',     label: '@misterhuydo/cairn-mcp'  },
+    { cmd: 'claude --version',    label: '@anthropic-ai/claude-code'},
+  ];
+  for (const { cmd, label } of npms) {
+    try {
+      const out = execSync(cmd, { encoding: 'utf8', stdio: ['pipe','pipe','pipe'] }).trim();
+      ok(`${label}: ${out}`);
+      passed++;
+    } catch {
+      fail(`${label} not installed — run: npm install -g ${label}`);
+      failed++;
+    }
+  }
+  info('Checking Claude auth...');
+  const apiKey = _readSentinelProp(projectDir, 'ANTHROPIC_API_KEY')
+               || process.env.ANTHROPIC_API_KEY || '';
+  const claudeProTasks = (_readSentinelProp(projectDir, 'CLAUDE_PRO_FOR_TASKS') || 'true').toLowerCase() !== 'false';
+  if (apiKey) {
+    ok(`ANTHROPIC_API_KEY configured (${apiKey.slice(0, 12)}...)`);
+    passed++;
+  } else {
+    warn('ANTHROPIC_API_KEY not set — Sentinel Boss will use CLI fallback only');
+  }
+  try {
+    const r = spawnSync('claude', ['--version'], { encoding: 'utf8', stdio: ['pipe','pipe','pipe'] });
+    if (r.status === 0) {
+      ok(`claude CLI available: ${(r.stdout || '').trim()}`);
+      if (claudeProTasks) {
+        ok('CLAUDE_PRO_FOR_TASKS=true — fix_engine will use Claude Pro subscription');
+      }
+      passed++;
+    } else {
+      warn('claude CLI found but --version failed');
+    }
+  } catch {
+    fail('claude CLI not found');
+    failed++;
+  }
+  if (!apiKey) {
+    try {
+      const r = spawnSync('claude', ['--print', 'ping', '--no-interactive'],
+                          { encoding: 'utf8', timeout: 10000, stdio: ['pipe','pipe','pipe'] });
+      if (r.status === 0) {
+        ok('claude OAuth session active');
+        passed++;
+      } else {
+        warn('claude OAuth session may be expired — run: claude login');
+      }
+    } catch {
+      warn('Could not verify claude OAuth session');
+    }
+  }
+  if (projectDir && fs.existsSync(projectDir)) {
+    info(`Checking project config at ${projectDir}...`);
+    const sentinelProps = path.join(projectDir, 'config', 'sentinel.properties');
+    if (fs.existsSync(sentinelProps)) {
+      ok('sentinel.properties found');
+      passed++;
+    } else {
+      fail(`sentinel.properties missing at ${sentinelProps}`);
+      failed++;
+    }
+    const logConfigs  = path.join(projectDir, 'config', 'log-configs');
+    const repoConfigs = path.join(projectDir, 'config', 'repo-configs');
+    const logCount  = fs.existsSync(logConfigs)  ? fs.readdirSync(logConfigs).filter(f => f.endsWith('.properties') && !f.startsWith('_')).length : 0;
+    const repoCount = fs.existsSync(repoConfigs) ? fs.readdirSync(repoConfigs).filter(f => f.endsWith('.properties') && !f.startsWith('_')).length : 0;
+    if (logCount > 0)  { ok(`${logCount} log-config(s) found`);  passed++; }
+    else               { warn('No log-configs found — add at least one in config/log-configs/'); }
+    if (repoCount > 0) { ok(`${repoCount} repo-config(s) found`); passed++; }
+    else               { warn('No repo-configs found — add at least one in config/repo-configs/'); }
+    const ghToken = _readSentinelProp(projectDir, 'GITHUB_TOKEN') || '';
+    if (ghToken) { ok('GITHUB_TOKEN configured'); passed++; }
+    else         { warn('GITHUB_TOKEN not set — cannot open PRs'); }
+    const slackBot = _readSentinelProp(projectDir, 'SLACK_BOT_TOKEN') || '';
+    const slackApp = _readSentinelProp(projectDir, 'SLACK_APP_TOKEN') || '';
+    if (slackBot && slackApp) { ok('Slack tokens configured (Boss enabled)'); passed++; }
+    else                      { warn('Slack tokens not set — Boss disabled'); }
+  } else if (projectName) {
+    fail(`Project '${projectName}' not found at ${projectDir}`);
+    failed++;
+  } else {
+    warn('No project specified — skipping project config checks');
+    warn('Run: sentinel test <project-name>');
+  }
+  info('Checking Python dependencies...');
+  const codeDir = path.join(defaultWorkspace, 'code');
+  const reqFile = path.join(codeDir, 'requirements.txt');
+  if (fs.existsSync(reqFile)) {
+    try {
+      execSync('python3 -c "import paramiko, schedule, requests, jinja2"',
+               { encoding: 'utf8', stdio: ['pipe','pipe','pipe'] });
+      ok('Python dependencies installed');
+      passed++;
+    } catch {
+      fail('Python dependencies missing — run: pip install -r requirements.txt');
+      failed++;
+    }
+  } else {
+    warn('requirements.txt not found — run: sentinel init');
+  }
+  console.log('');
+  if (failed === 0) {
+    console.log(chalk.green.bold(`  ✔ All checks passed (${passed} ok)`));
+  } else {
+    console.log(chalk.yellow.bold(`  ${passed} passed, ${failed} failed`));
+    console.log(chalk.gray('  Fix the issues above before starting Sentinel.'));
+  }
+  console.log('');
+  process.exit(failed > 0 ? 1 : 0);
+};
+function _findActiveProject(workspace) {
+  if (!fs.existsSync(workspace)) return null;
+  const dirs = fs.readdirSync(workspace)
+    .map(d => path.join(workspace, d))
+    .filter(d => fs.statSync(d).isDirectory()
+              && fs.existsSync(path.join(d, 'config', 'sentinel.properties')));
+  return dirs.length === 1 ? dirs[0] : null;
+}
+function _readSentinelProp(projectDir, key) {
+  if (!projectDir) return '';
+  const candidates = [
+    path.join(projectDir, 'config', 'sentinel.properties'),
+    path.join(os.homedir(), 'sentinel', 'sentinel.properties'),
+  ];
+  for (const f of candidates) {
+    if (!fs.existsSync(f)) continue;
+    for (const line of fs.readFileSync(f, 'utf8').split('\n')) {
+      const stripped = line.trim();
+      if (stripped.startsWith('#') || !stripped.includes('=')) continue;
+      const [k, ...rest] = stripped.split('=');
+      if (k.trim() === key) return rest.join('=').split('#')[0].trim();
+    }
+  }
+  return '';
+}

package/lib/add.js

@@ -616,34 +616,22 @@ async function addFromGit(gitUrl, workspace) {
     generateWorkspaceScripts(workspace, {}, {}, {}, effectiveToken);
   }
 
-  // Write private Slack tokens to slack.properties (gitignored) + set PRIVATE_SLACK=true
+  // Write private tokens to private_sentinel.properties (gitignored — never committed)
   if (projectSlackBotToken || projectSlackAppToken) {
-    // Write slack.properties (never committed — tokens stay off git)
-    const slackProps = path.join(projectDir, 'slack.properties');
-    const lines = ['# Private Slack tokens for this project — DO NOT COMMIT'];
+    const privateProps = path.join(projectDir, 'private_sentinel.properties');
+    const lines = ['# Private credentials for this project — DO NOT COMMIT'];
     if (projectSlackBotToken) lines.push(`SLACK_BOT_TOKEN=${projectSlackBotToken}`);
     if (projectSlackAppToken) lines.push(`SLACK_APP_TOKEN=${projectSlackAppToken}`);
-    fs.writeFileSync(slackProps, lines.join('\n') + '\n');
-    ok('Private Slack tokens → slack.properties (local only)');
+    fs.writeFileSync(privateProps, lines.join('\n') + '\n');
+    ok('Private tokens → private_sentinel.properties (local only)');
 
-    // Ensure slack.properties is gitignored
+    // Ensure private_sentinel.properties is gitignored
     const gitignore = path.join(projectDir, '.gitignore');
-    const ignoreEntry = 'slack.properties';
+    const ignoreEntry = 'private_sentinel.properties';
     const existing = fs.existsSync(gitignore) ? fs.readFileSync(gitignore, 'utf8') : '';
     if (!existing.includes(ignoreEntry)) {
       fs.writeFileSync(gitignore, existing.trimEnd() + `\n${ignoreEntry}\n`);
-      ok('.gitignore updated — slack.properties will not be committed');
-    }
-
-    // Set PRIVATE_SLACK=true in config/sentinel.properties
-    const projProps = path.join(projectDir, 'config', 'sentinel.properties');
-    if (fs.existsSync(projProps)) {
-      let props = fs.readFileSync(projProps, 'utf8');
-      props = /^#?\s*PRIVATE_SLACK\s*=/m.test(props)
-        ? props.replace(/^#?\s*PRIVATE_SLACK\s*=.*/m, 'PRIVATE_SLACK=true')
-        : props.trimEnd() + '\nPRIVATE_SLACK=true\n';
-      fs.writeFileSync(projProps, props);
-      ok('PRIVATE_SLACK=true set in config/sentinel.properties');
+      ok('.gitignore updated — private_sentinel.properties will not be committed');
     }
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.4.89",
+  "version": "1.4.91",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/config_loader.py

@@ -75,6 +75,7 @@ class SentinelConfig:
     sync_retention_days: int = 30    # delete synced log files older than this many days
     sync_max_file_mb: int = 200      # truncate synced log files exceeding this size (MB)
     boss_mode: str = "standard"      # standard | strict | fun
+    sentinel_dev_repo_path: str = "" # path to Sentinel source repo for Dev Claude
 
 
 @dataclass
@@ -151,14 +152,20 @@ class ConfigLoader:
             project_d = _parse_properties(str(path))
             d.update({k: v for k, v in project_d.items() if v})
 
-        # If PRIVATE_SLACK=true, load Slack tokens from <projectDir>/slack.properties
-        # (gitignored — tokens never live in the config repo).
-        if d.get("PRIVATE_SLACK", "").lower() == "true":
+        # Load private_sentinel.properties if present (gitignored — tokens never in config repo).
+        # Supports any secret key: SLACK_BOT_TOKEN, SLACK_APP_TOKEN, GITHUB_TOKEN, etc.
+        # Falls back to legacy slack.properties (PRIVATE_SLACK=true) for existing installs.
+        _private = self.config_dir.parent / "private_sentinel.properties"
+        if _private.exists():
+            _pd = _parse_properties(str(_private))
+            d.update({k: v for k, v in _pd.items() if v})
+            logger.debug("Loaded private config from %s", _private)
+        elif d.get("PRIVATE_SLACK", "").lower() == "true":
             slack_props = self.config_dir.parent / "slack.properties"
             if slack_props.exists():
                 slack_d = _parse_properties(str(slack_props))
                 d.update({k: v for k, v in slack_d.items() if v})
-                logger.debug("Loaded private Slack config from %s", slack_props)
+                logger.debug("Loaded private config from %s (legacy)", slack_props)
             else:
                 logger.warning("PRIVATE_SLACK=true but %s not found — run `sentinel add` to create it", slack_props)
 
@@ -206,6 +213,7 @@ class ConfigLoader:
         c.sync_max_file_mb = int(d.get("SYNC_MAX_FILE_MB", 200))
         raw_mode = d.get("BOSS_MODE", "standard").lower().strip()
         c.boss_mode = raw_mode if raw_mode in ("standard", "strict", "fun") else "standard"
+        c.sentinel_dev_repo_path = d.get("SENTINEL_DEV_REPO_PATH", "")
         self.sentinel = c
 
     def _load_log_sources(self):

package/python/sentinel/dev_watcher.py

@@ -0,0 +1,288 @@
+"""
+dev_watcher.py — Scan the dev-tasks/ directory for Sentinel self-improvement requests,
+and scan Sentinel's own log for errors to self-repair.
+
+Tasks are dropped by:
+  - Boss (via dev_task tool) → slack-<uuid>.txt
+  - Fix engine (via BOSS_ESCALATE) → bot-<fingerprint>-<ts>.txt
+  - Self-repair (log watcher) → self-<fingerprint>-<ts>.txt
+  - Admin (manual drop) → any other .txt
+
+File format:
+    TYPE: feature|fix|refactor|chore|ask
+    SUBMITTED_BY: Name (UXXX)
+    SOURCE: boss|fix_engine/BOSS_ESCALATE|self_repair|manual
+    SOURCE_FINGERPRINT: <8-char error fingerprint>   # optional
+    SUBMITTED_AT: 2026-03-27T10:00:00+00:00
+    NOTIFY: U1234567,U7654321                        # optional extra users to ping on completion
+
+    Task description — what to implement, fix, or improve in Sentinel.
+"""
+
+from __future__ import annotations
+
+import hashlib
+import logging
+import time
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from pathlib import Path
+import re
+
+logger = logging.getLogger(__name__)
+
+_META_PREFIXES = ("TYPE:", "SUBMITTED_BY:", "SOURCE:", "SOURCE_FINGERPRINT:", "SUBMITTED_AT:", "NOTIFY:")
+
+
+@dataclass
+class DevTask:
+    source: str                 # "dev-tasks/<filename>"
+    task_file: Path             # absolute path, used for archiving
+    message: str                # first non-blank body line — shown in Slack
+    body: str                   # full task body (after headers stripped)
+    task_type: str              # feature|fix|refactor|chore|ask
+    fingerprint: str = ""
+    timestamp: str = ""
+    submitter_user_id: str = ""
+    source_fingerprint: str = ""  # error fingerprint if from BOSS_ESCALATE
+    notify_user_ids: list = field(default_factory=list)  # extra users to ping on completion
+
+    def __post_init__(self):
+        if not self.fingerprint:
+            raw = f"dev:{self.task_type}:{self.message[:200]}"
+            self.fingerprint = hashlib.sha1(raw.encode()).hexdigest()[:16]
+        if not self.timestamp:
+            self.timestamp = datetime.now(timezone.utc).isoformat()
+        if not self.submitter_user_id:
+            for line in self.body.splitlines():
+                m = re.match(r'SUBMITTED_BY:.*\(([UW][A-Z0-9]+)\)', line.strip())
+                if m:
+                    self.submitter_user_id = m.group(1)
+                    break
+
+
+def scan_dev_tasks(project_dir: Path) -> list[DevTask]:
+    """Return all pending dev task files from <project_dir>/dev-tasks/."""
+    tasks_dir = project_dir / "dev-tasks"
+    tasks_dir.mkdir(exist_ok=True)
+
+    def _priority(p: Path) -> tuple:
+        if p.name.startswith("slack-"):
+            return (0, p.name)
+        if p.name.startswith("bot-"):
+            return (2, p.name)
+        return (1, p.name)
+
+    tasks = []
+    for f in sorted(tasks_dir.iterdir(), key=_priority):
+        if not f.is_file() or f.name.startswith("."):
+            continue
+        if f.suffix.lower() not in (".txt", ".md", ""):
+            continue
+        try:
+            content = f.read_text(encoding="utf-8", errors="replace").strip()
+        except OSError as e:
+            logger.error("Cannot read dev task %s: %s", f, e)
+            continue
+        if not content:
+            continue
+
+        lines = content.splitlines()
+        task_type = "feature"
+        source_fingerprint = ""
+        submitter_user_id = ""
+        notify_user_ids: list = []
+        body_start = 0
+
+        for i, line in enumerate(lines):
+            stripped = line.strip()
+            upper = stripped.upper()
+            if upper.startswith("TYPE:"):
+                raw = stripped[5:].strip().lower()
+                task_type = raw if raw in ("feature", "fix", "refactor", "chore", "ask") else "feature"
+                body_start = i + 1
+            elif upper.startswith("SUBMITTED_BY:"):
+                m = re.search(r'\(([UW][A-Z0-9]+)\)', stripped)
+                if m:
+                    submitter_user_id = m.group(1)
+                body_start = i + 1
+            elif upper.startswith("SOURCE_FINGERPRINT:"):
+                source_fingerprint = stripped[19:].strip()
+                body_start = i + 1
+            elif upper.startswith("NOTIFY:"):
+                raw_ids = stripped[7:].strip()
+                notify_user_ids = [u.strip() for u in raw_ids.split(",") if u.strip()]
+                body_start = i + 1
+            elif any(upper.startswith(p) for p in _META_PREFIXES) or not stripped:
+                body_start = i + 1
+            else:
+                break
+
+        body = "\n".join(lines[body_start:]).strip() or content
+        message = next((l.strip() for l in lines[body_start:] if l.strip()), f.name)
+
+        tasks.append(DevTask(
+            source=f"dev-tasks/{f.name}",
+            task_file=f,
+            message=message,
+            body=body,
+            task_type=task_type,
+            submitter_user_id=submitter_user_id,
+            source_fingerprint=source_fingerprint,
+            notify_user_ids=notify_user_ids,
+        ))
+        logger.info("Found dev task: %s (type=%s)", f.name, task_type)
+
+    return tasks
+
+
+def mark_dev_done(task_file: Path) -> None:
+    """Archive a processed dev task to dev-tasks/.done/ regardless of outcome."""
+    done_dir = task_file.parent / ".done"
+    done_dir.mkdir(exist_ok=True)
+    dest = done_dir / task_file.name
+    if dest.exists():
+        dest = done_dir / f"{task_file.stem}-{int(time.time())}{task_file.suffix}"
+    task_file.rename(dest)
+    logger.info("Dev task archived: %s -> .done/%s", task_file.name, dest.name)
+
+
+_LOG_TIMESTAMP_RE = re.compile(
+    r'^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2},\d+ '
+    r'(ERROR|CRITICAL)\s+(\S+) — (.+)$'
+)
+_LOG_LINE_RE = re.compile(r'^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2},\d+ \w')
+
+# Error patterns in Sentinel's own code that are worth Dev Claude investigating.
+# Excludes transient/external errors that Dev Claude cannot fix.
+_SKIP_PATTERNS = re.compile(
+    r'SSH|Connection|Timeout|Rate.limit|npm show|git pull|git push'
+    r'|slack_bolt|urllib|requests\.|socket\.',
+    re.IGNORECASE,
+)
+
+
+def scan_sentinel_errors(
+    log_path: Path,
+    tail_lines: int = 300,
+    seen_fps: set | None = None,
+) -> list[tuple[str, str]]:
+    """
+    Scan Sentinel's own log file for recent ERROR/CRITICAL entries and
+    group them with their Traceback blocks.
+
+    Returns list of (fingerprint, error_text) for errors not in seen_fps.
+    Each error_text is suitable as a Dev Claude task body.
+    seen_fps is updated in-place so callers can track across polls.
+    """
+    if seen_fps is None:
+        seen_fps = set()
+
+    if not log_path.exists():
+        return []
+
+    try:
+        # Read last tail_lines lines efficiently
+        with open(log_path, encoding="utf-8", errors="replace") as f:
+            lines = f.readlines()
+        lines = lines[-tail_lines:]
+    except OSError:
+        return []
+
+    # Group lines into blocks: each block starts at an ERROR/CRITICAL log line
+    blocks: list[list[str]] = []
+    current: list[str] | None = None
+
+    for line in lines:
+        if _LOG_LINE_RE.match(line):
+            if current is not None:
+                blocks.append(current)
+            m = _LOG_TIMESTAMP_RE.match(line.rstrip())
+            current = [line.rstrip()] if m else None
+        elif current is not None:
+            current.append(line.rstrip())
+
+    if current:
+        blocks.append(current)
+
+    results = []
+    for block in blocks:
+        if not block:
+            continue
+        header = block[0]
+        m = _LOG_TIMESTAMP_RE.match(header)
+        if not m:
+            continue
+
+        level, logger_name, message = m.group(1), m.group(2), m.group(3)
+
+        # Skip errors from external systems that Dev Claude can't fix
+        if _SKIP_PATTERNS.search(message):
+            continue
+        # Skip if no traceback (single-line errors are often transient)
+        has_traceback = any("Traceback" in l or "Error:" in l for l in block[1:])
+        if not has_traceback and level != "CRITICAL":
+            continue
+
+        # Fingerprint: hash of normalized message + top traceback frame
+        top_frame = next(
+            (l.strip() for l in block if l.strip().startswith("File ")), ""
+        )
+        normalized = re.sub(r'0x[0-9a-f]+|\d+', 'N', message)
+        raw = f"sentinel-self:{logger_name}:{normalized}:{top_frame[:80]}"
+        fp = hashlib.sha1(raw.encode()).hexdigest()[:16]
+
+        if fp in seen_fps:
+            continue
+        seen_fps.add(fp)
+
+        error_text = "\n".join(block)
+        task_body = (
+            f"Sentinel detected an error in its own code (logger: {logger_name}).\n"
+            f"Investigate the root cause in the Sentinel source and fix it.\n\n"
+            f"LOG ENTRY:\n{error_text}\n"
+        )
+        results.append((fp, task_body))
+
+    return results
+
+
+def drop_self_repair_task(project_dir: Path, fp: str, task_body: str) -> Path:
+    """
+    Create a self-repair dev task file for an error found in Sentinel's own log.
+    Returns the path to the created file.
+    """
+    dev_tasks_dir = project_dir / "dev-tasks"
+    dev_tasks_dir.mkdir(exist_ok=True)
+    ts = int(time.time())
+    fname = f"self-{fp[:8]}-{ts}.txt"
+    fpath = dev_tasks_dir / fname
+    lines = [
+        "TYPE: fix",
+        "SOURCE: self_repair",
+        f"SOURCE_FINGERPRINT: {fp}",
+        f"SUBMITTED_AT: {datetime.now(timezone.utc).isoformat()}",
+        "",
+        task_body,
+    ]
+    fpath.write_text("\n".join(lines), encoding="utf-8")
+    logger.info("Self-repair task dropped: %s", fname)
+    return fpath
+
+
+def purge_old_dev_tasks(dev_tasks_dir: Path, keep_days: int = 30) -> int:
+    """Delete files older than keep_days from dev-tasks/.done/."""
+    cutoff = time.time() - keep_days * 86400
+    deleted = 0
+    done = dev_tasks_dir / ".done"
+    if done.exists():
+        for f in done.iterdir():
+            if f.is_file() and f.stat().st_mtime < cutoff:
+                try:
+                    f.unlink()
+                    deleted += 1
+                except OSError:
+                    pass
+    if deleted:
+        logger.info("Purged %d old dev task archive file(s) (>%d days)", deleted, keep_days)
+    return deleted

package/python/sentinel/fix_engine.py

@@ -126,6 +126,10 @@ def _build_prompt(event, repo: RepoConfig, log_file, marker: str, stale_markers:
         "   was insufficient or unsafe, (c) exactly what a human needs to do or decide.",
         "   Do NOT output NEEDS_HUMAN just because the fix is complex — only when human",
         "   judgement or access is genuinely required.",
+        "8. If the fix requires changing Sentinel's own source code (the monitoring/fix agent",
+        "   itself, not the application being monitored) — output exactly:",
+        "   BOSS_ESCALATE: <description of what needs to change in Sentinel>",
+        "   This escalates to Patch, the Sentinel dev agent, who will implement it.",
     ]
     return "\n".join(lines_out)
 
@@ -444,6 +448,27 @@ def generate_fix(
         logger.info("Claude skipped fix for %s: %s", event.fingerprint, reason)
         return "skip", None, reason
 
+    # BOSS_ESCALATE: child Claude determined the fix requires changing Sentinel itself
+    if output.strip().upper().startswith("BOSS_ESCALATE:"):
+        description = output.strip()[len("BOSS_ESCALATE:"):].strip()
+        logger.info(
+            "fix_engine: BOSS_ESCALATE for %s — dropping dev task: %s",
+            event.fingerprint, description[:200],
+        )
+        try:
+            from .sentinel_dev import drop_escalation
+            from pathlib import Path as _Path
+            project_dir = _Path(cfg.workspace_dir).parent
+            drop_escalation(
+                project_dir,
+                description,
+                source="fix_engine/BOSS_ESCALATE",
+                source_fingerprint=event.fingerprint,
+            )
+        except Exception as _esc_err:
+            logger.error("fix_engine: failed to drop escalation: %s", _esc_err)
+        return "skip", None, description
+
     patch = _extract_patch(output)
     if not patch:
         logger.warning("No patch found in Claude output for %s", event.fingerprint)