@pellux/goodvibes-agent 0.1.69 → 0.1.71

package/src/input/commands/control-room-runtime.ts

@@ -1,234 +0,0 @@
-import type { CommandRegistry } from '../command-registry.ts';
-import { buildMcpAttackPathReview } from '@/runtime/index.ts';
-import { buildKnowledgeInjectionPrompt, selectKnowledgeForTask } from '@pellux/goodvibes-sdk/platform/state';
-import { listBuiltinSubscriptionProviders } from '@pellux/goodvibes-sdk/platform/config';
-import { requireReadModels, requireSubscriptionManager, requireTokenAuditor } from './runtime-services.ts';
-import { getMemoryApi } from './recall-query.ts';
-
-export function registerControlRoomRuntimeCommands(registry: CommandRegistry): void {
-  registry.register({
-    name: 'cockpit',
-    aliases: [],
-    description: 'Open the unified operator cockpit',
-    usage: '',
-    handler(_args, ctx) {
-      if (ctx.openCockpitPanel) {
-        ctx.openCockpitPanel();
-        return;
-      }
-      ctx.print('Cockpit panel is not available in this runtime.');
-    },
-  });
-
-  registry.register({
-    name: 'orchestration',
-    aliases: ['orch'],
-    description: 'Inspect orchestration graphs; local Agent graph cancellation is blocked',
-    usage: '[show [graphId]]',
-    handler(args, ctx) {
-      const graphs = [...requireReadModels(ctx).orchestration.getSnapshot().graphs];
-      if (args.length === 0) {
-        if (ctx.openOrchestrationPanel) {
-          ctx.openOrchestrationPanel();
-          return;
-        }
-        if (graphs.length === 0) {
-          ctx.print('Orchestration panel is not available in this runtime.');
-          return;
-        }
-      }
-      const subcommand = args[0]?.toLowerCase() ?? 'show';
-
-      if (subcommand === 'show') {
-        const graphId = args[1];
-        const graph = graphId ? graphs.find((entry) => entry.id === graphId) : graphs[0];
-        if (!graph) {
-          ctx.print(graphId ? `Unknown orchestration graph: ${graphId}` : 'No orchestration graphs recorded yet.');
-          return;
-        }
-        const lines = [
-          `Graph ${graph.id}`,
-          `  title: ${graph.title}`,
-          `  status: ${graph.status}`,
-          `  mode: ${graph.mode}`,
-          `  nodes: ${graph.nodeOrder.length}`,
-        ];
-        if (graph.lastRecursionGuard) {
-          lines.push(`  last guard: depth ${graph.lastRecursionGuard.depth}, active ${graph.lastRecursionGuard.activeAgents}, ${graph.lastRecursionGuard.reason}`);
-        }
-        for (const nodeId of graph.nodeOrder.slice(0, 12)) {
-          const node = graph.nodes.get(nodeId);
-          if (!node) continue;
-          lines.push(`  - ${node.id} ${node.role} ${node.status} ${node.title}`);
-        }
-        ctx.print(lines.join('\n'));
-        return;
-      }
-
-      if (subcommand === 'cancel') {
-        ctx.print([
-          'GoodVibes Agent orchestration is read-only.',
-          'Local graph/subtree cancellation belongs to the copied coding runtime and is blocked here.',
-          'For explicit build/fix/review work, use /delegate so GoodVibes TUI owns the execution chain.',
-        ].join('\n'));
-        return;
-      }
-
-      ctx.print(`Unknown orchestration subcommand: ${subcommand}`);
-    },
-  });
-
-  registry.register({
-    name: 'communication',
-    aliases: ['comms'],
-    description: 'Inspect structured agent communication routes and recent activity',
-    usage: '',
-    handler(_args, ctx) {
-      if (ctx.openCommunicationPanel) {
-        ctx.openCommunicationPanel();
-        return;
-      }
-      ctx.print('Communication panel is not available in this runtime.');
-    },
-  });
-
-  registry.register({
-    name: 'security',
-    aliases: [],
-    description: 'Inspect security posture, attack paths, and review state',
-    usage: '[review | attack-paths | tokens]',
-    handler(args, ctx) {
-      if (args.length === 0) {
-        if (ctx.openSecurityPanel) {
-          ctx.openSecurityPanel();
-          return;
-        }
-        ctx.print('Security panel is not available in this runtime.');
-        return;
-      }
-
-      const subcommand = args[0]?.toLowerCase() ?? 'review';
-      const audit = requireTokenAuditor(ctx).auditAll(Date.now());
-      const securitySnapshot = requireReadModels(ctx).security.getSnapshot();
-      const policySnapshot = ctx.extensions.policyRuntimeState?.getSnapshot();
-      if (!policySnapshot) {
-        ctx.print('Policy runtime state is not available in this runtime.');
-        return;
-      }
-      const attackPaths = buildMcpAttackPathReview({
-        servers: securitySnapshot.mcpServers,
-        recentDecisions: securitySnapshot.recentMcpDecisions,
-      });
-
-      if (subcommand === 'tokens') {
-        if (audit.results.length === 0) {
-          ctx.print('No registered API tokens are currently under audit.');
-          return;
-        }
-        ctx.print([
-          `Token Audit (${audit.results.length})`,
-          ...audit.results.map((result) => (
-            `  ${result.label}  policy=${result.scope.policyId}  scope=${result.scope.outcome}  rotation=${result.rotation.outcome}  blocked=${result.blocked ? 'yes' : 'no'}`
-          )),
-        ].join('\n'));
-        return;
-      }
-
-      if (subcommand === 'attack-paths') {
-        if (attackPaths.findings.length === 0) {
-          ctx.print('No MCP attack-path findings are currently active.');
-          return;
-        }
-        ctx.print([
-          `MCP Attack-Path Review`,
-          `  summary: ${attackPaths.summary}`,
-          ...attackPaths.findings.slice(0, 12).map((finding) => (
-            `  ${finding.severity.toUpperCase()} ${finding.serverName}  ${finding.route}\n    ${finding.reason}`
-          )),
-        ].join('\n'));
-        return;
-      }
-
-      const plugins = ctx.extensions.pluginManager?.list() ?? [];
-      const subscriptions = requireSubscriptionManager(ctx);
-      const builtinProviders = listBuiltinSubscriptionProviders();
-      ctx.print([
-        'Security Review',
-        `  tokens: ${audit.results.length}`,
-        `  blocked tokens: ${audit.blocked.length}`,
-        `  scope violations: ${audit.scopeViolations.length}`,
-        `  rotation overdue: ${audit.rotationOverdue.length}`,
-        `  rotation warnings: ${audit.rotationWarnings.length}`,
-        `  built-in subscription providers: ${builtinProviders.length}`,
-        `  active subscriptions: ${subscriptions.list().length}`,
-        `  pending subscriptions: ${subscriptions.listPending().length}`,
-        `  policy lint findings: ${policySnapshot.lintFindings.length}`,
-        `  policy preflight: ${policySnapshot.lastPreflightReview?.status ?? 'n/a'}`,
-        `  mcp servers: ${securitySnapshot.mcpServers.length}`,
-        `  mcp quarantined: ${securitySnapshot.mcpServers.filter((server) => server.schemaFreshness === 'quarantined').length}`,
-        `  mcp elevated: ${securitySnapshot.mcpServers.filter((server) => server.trustMode === 'allow-all').length}`,
-        `  mcp attack-path findings: ${attackPaths.findings.length}`,
-        `  quarantined plugins: ${plugins.filter((plugin) => plugin.quarantined).length}`,
-        `  untrusted plugins: ${plugins.filter((plugin) => plugin.trustTier === 'untrusted').length}`,
-      ].join('\n'));
-    },
-  });
-
-  registry.register({
-    name: 'knowledge',
-    aliases: ['know'],
-    description: 'Inspect durable project knowledge, risks, runbooks, and architecture notes',
-    usage: '[open | queue [limit] | explain <task...> [--scope <path> ...]]',
-    handler(args, ctx) {
-      const subcommand = (args[0] ?? 'open').toLowerCase();
-      if (subcommand === 'open') {
-        if (ctx.openKnowledgePanel) {
-          ctx.openKnowledgePanel();
-          return;
-        }
-        ctx.print('Knowledge panel is not available in this runtime.');
-        return;
-      }
-      const memory = getMemoryApi(ctx);
-      if (!memory) return;
-      if (subcommand === 'queue') {
-        const limit = Math.max(1, parseInt(args[1] ?? '10', 10) || 10);
-        const queue = memory.reviewQueue(limit);
-        if (queue.length === 0) {
-          ctx.print('Knowledge review queue is empty.');
-          return;
-        }
-        ctx.print([
-          `Knowledge Review Queue (${queue.length})`,
-          ...queue.map((record) => `  ${record.id}  [${record.scope}/${record.cls}] ${record.reviewState} ${record.confidence}%  ${record.summary}`),
-        ].join('\n'));
-        return;
-      }
-      if (subcommand === 'explain') {
-        const scopeIdx = args.indexOf('--scope');
-        const scopeValues = scopeIdx !== -1
-          ? args.slice(scopeIdx + 1).filter((token) => !token.startsWith('--'))
-          : [];
-        const taskTokens = args.slice(1).filter((token, index) => {
-          if (token === '--scope') return false;
-          if (scopeIdx !== -1 && index + 1 > scopeIdx) return false;
-          return true;
-        });
-        const task = taskTokens.join(' ').trim();
-        if (!task) {
-          ctx.print('Usage: /knowledge explain <task...> [--scope <path> ...]');
-          return;
-        }
-        const injections = selectKnowledgeForTask(memory, task, scopeValues);
-        const prompt = buildKnowledgeInjectionPrompt(injections);
-        ctx.print(prompt ?? 'No reviewed project knowledge matched that task.');
-        return;
-      }
-      if (ctx.openKnowledgePanel) {
-        ctx.openKnowledgePanel();
-        return;
-      }
-      ctx.print(`Unknown knowledge subcommand: ${subcommand}`);
-    },
-  });
-}

package/src/input/commands/discovery-runtime.ts

@@ -1,61 +0,0 @@
-import type { CommandRegistry } from '../command-registry.ts';
-import { scan, persistProviders } from '@pellux/goodvibes-sdk/platform/discovery';
-import { requireProviderApi, requireShellPaths } from './runtime-services.ts';
-import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
-import { GOODVIBES_AGENT_SURFACE_ROOT } from '../../config/surface.ts';
-import { requireYesFlag, stripYesFlag } from './confirmation.ts';
-
-export function registerDiscoveryRuntimeCommands(registry: CommandRegistry): void {
-  registry.register({
-    name: 'scan',
-    aliases: [],
-    description: 'Scan localhost and LAN for local LLM servers',
-    usage: '[--yes]',
-    async handler(args, ctx) {
-      const { yes } = stripYesFlag(args);
-      ctx.print('Scanning for local LLM servers...');
-      ctx.renderRequest();
-
-      const result = await scan();
-
-      if (result.servers.length === 0) {
-        ctx.print(
-          `[Scan] No local LLM servers found (scanned ${result.scannedHosts} hosts, ` +
-          `${result.scannedPorts} ports in ${Math.round(result.durationMs / 1000)}s)`,
-        );
-      } else {
-        const lines = [
-          `[Scan] Found ${result.servers.length} server(s) in ${Math.round(result.durationMs / 1000)}s:`,
-          '',
-          ...result.servers.map((server) =>
-            `  ${server.name.padEnd(30)} ${server.models.length} model(s)  ${server.host}:${server.port}`,
-          ),
-          '',
-          'Use /model to select a discovered model.',
-        ];
-        ctx.print(lines.join('\n'));
-      }
-
-      if (result.servers.length > 0) {
-        if (!yes) {
-          requireYesFlag(ctx, 'persist discovered local provider configuration', '/scan --yes');
-          ctx.print('[Scan] Discovery results were not saved. Rerun /scan --yes to register and persist providers.');
-          ctx.renderRequest();
-          return;
-        }
-        try {
-          await requireProviderApi(ctx).registerDiscoveredProviders(result.servers);
-        } catch (err) {
-          ctx.print(`[Scan] Warning: failed to register some providers: ${summarizeError(err)}`);
-        }
-        const shellPaths = requireShellPaths(ctx);
-        persistProviders({
-          homeDirectory: shellPaths.homeDirectory,
-          surfaceRoot: GOODVIBES_AGENT_SURFACE_ROOT,
-        }, result.servers);
-        ctx.print('[Scan] Discovered providers registered and persisted.');
-      }
-      ctx.renderRequest();
-    },
-  });
-}

package/src/input/commands/hooks-runtime.ts

@@ -1,207 +0,0 @@
-import { readFileSync } from 'node:fs';
-import type { CommandRegistry } from '../command-registry.ts';
-import { requireHookApi } from './runtime-services.ts';
-import { requireYesFlag, stripYesFlag } from './confirmation.ts';
-
-function isRecord(value: unknown): value is Record<string, unknown> {
-  return typeof value === 'object' && value !== null && !Array.isArray(value);
-}
-
-function containsAgentHookType(value: unknown): boolean {
-  if (Array.isArray(value)) return value.some((entry) => containsAgentHookType(entry));
-  if (!isRecord(value)) return false;
-  if (value.type === 'agent') return true;
-  return Object.values(value).some((entry) => containsAgentHookType(entry));
-}
-
-function fileContainsAgentHookType(path: string): boolean {
-  try {
-    return containsAgentHookType(JSON.parse(readFileSync(path, 'utf-8')) as unknown);
-  } catch {
-    return false;
-  }
-}
-
-export function registerHooksRuntimeCommands(registry: CommandRegistry): void {
-  registry.register({
-    name: 'hooks',
-    aliases: [],
-    description: 'Inspect, author, simulate, and reload managed hook workflows',
-    usage: '[contracts [filter] | reload --yes | scaffold <name> <match> <type> --yes | chain <name> <event1,event2,...> --yes | remove <name> --yes | enable <name> --yes | disable <name> --yes | simulate <eventPath> | inspect <path> | import <path> [merge|replace] --yes | export [path] --yes]',
-    argsHint: '[subcommand]',
-    async handler(args, ctx) {
-      const parsed = stripYesFlag(args);
-      const commandArgs = [...parsed.rest];
-      const hookApi = requireHookApi(ctx);
-      const workbench = hookApi.workbench;
-      if (commandArgs.length === 0 && ctx.openHooksPanel) {
-        ctx.openHooksPanel();
-        return;
-      }
-
-      const subcommand = (commandArgs[0] ?? 'contracts').toLowerCase();
-      if (subcommand === 'reload') {
-        if (!parsed.yes) {
-          requireYesFlag(ctx, 'reload managed hook workflows', '/hooks reload --yes');
-          return;
-        }
-        await workbench.reload();
-        ctx.print(`Reloaded managed hooks from ${workbench.getFilePath()}`);
-        return;
-      }
-      if (subcommand === 'scaffold') {
-        const [name, match, type] = commandArgs.slice(1);
-        if (!name || !match || !type) {
-          ctx.print('Usage: /hooks scaffold <name> <match> <command|prompt|http|ts> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `scaffold managed hook ${name}`, '/hooks scaffold <name> <match> <command|prompt|http|ts> --yes');
-          return;
-        }
-        if (type === 'agent') {
-          ctx.print('Blocked: GoodVibes Agent does not author local agent-spawning hooks. Use command, prompt, http, or ts hooks, or delegate explicit build work to GoodVibes TUI.');
-          return;
-        }
-        if (!['command', 'prompt', 'http', 'ts'].includes(type)) {
-          ctx.print(`Unknown hook type: ${type}`);
-          return;
-        }
-        const hook = await workbench.scaffoldHook(name, match, type as Parameters<typeof workbench.scaffoldHook>[2]);
-        ctx.print(`Scaffolded managed hook ${hook.name} at ${match} in ${workbench.getFilePath()}`);
-        return;
-      }
-      if (subcommand === 'chain') {
-        const name = commandArgs[1];
-        const matches = commandArgs[2]?.split(',').map((entry) => entry.trim()).filter(Boolean) ?? [];
-        if (!name || matches.length === 0) {
-          ctx.print('Usage: /hooks chain <name> <event1,event2,...> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `scaffold managed hook chain ${name}`, '/hooks chain <name> <event1,event2,...> --yes');
-          return;
-        }
-        const chain = await workbench.scaffoldChain(name, matches);
-        ctx.print(`Scaffolded managed hook chain ${chain.name} with ${chain.steps.length} step(s).`);
-        return;
-      }
-      if (subcommand === 'remove') {
-        const name = commandArgs[1];
-        if (!name) {
-          ctx.print('Usage: /hooks remove <name> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `remove managed hook workflow ${name}`, '/hooks remove <name> --yes');
-          return;
-        }
-        const removed = await workbench.remove(name);
-        if (!removed) {
-          ctx.print(`No managed hook or chain named ${name}.`);
-          return;
-        }
-        ctx.print(`Removed managed hook workflow entry ${name}.`);
-        return;
-      }
-      if (subcommand === 'enable' || subcommand === 'disable') {
-        const name = commandArgs[1];
-        if (!name) {
-          ctx.print(`Usage: /hooks ${subcommand} <name> --yes`);
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `${subcommand} managed hook ${name}`, `/hooks ${subcommand} <name> --yes`);
-          return;
-        }
-        const changed = await workbench.toggle(name, subcommand === 'enable');
-        if (!changed) {
-          ctx.print(`No managed hook named ${name}.`);
-          return;
-        }
-        ctx.print(`${subcommand === 'enable' ? 'Enabled' : 'Disabled'} managed hook ${name}.`);
-        return;
-      }
-      if (subcommand === 'simulate') {
-        const eventPath = commandArgs[1];
-        if (!eventPath) {
-          ctx.print('Usage: /hooks simulate <eventPath>');
-          return;
-        }
-        const result = workbench.simulate(eventPath);
-        ctx.print([
-          `Hook simulation for ${result.eventPath}`,
-          `  matched hooks: ${result.matchedHooks.length}`,
-          ...result.matchedHooks.map((entry) => `    ${entry.name}  ${entry.pattern}  ${entry.type}`),
-          `  matched chains: ${result.matchedChains.length}`,
-          ...result.matchedChains.map((entry) => `    ${entry.name}  stepMatches=${entry.stepMatches}`),
-        ].join('\n'));
-        return;
-      }
-      if (subcommand === 'export') {
-        if (!parsed.yes) {
-          requireYesFlag(ctx, 'export managed hook workflows', '/hooks export [path] --yes');
-          return;
-        }
-        const path = await workbench.export(commandArgs[1] ?? workbench.getFilePath());
-        ctx.print(`Exported managed hooks to ${path}`);
-        return;
-      }
-      if (subcommand === 'inspect') {
-        const path = commandArgs[1];
-        if (!path) {
-          ctx.print('Usage: /hooks inspect <path>');
-          return;
-        }
-        const inspection = workbench.inspect(path);
-        ctx.print([
-          `Hook bundle inspection: ${inspection.path}`,
-          `  hooks: ${inspection.hookCount}`,
-          `  chains: ${inspection.chainCount}`,
-          `  patterns: ${inspection.patterns.join(', ') || '(none)'}`,
-        ].join('\n'));
-        return;
-      }
-      if (subcommand === 'import') {
-        const path = commandArgs[1];
-        const strategy = commandArgs[2] === 'replace' ? 'replace' : 'merge';
-        if (!path) {
-          ctx.print('Usage: /hooks import <path> [merge|replace] --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `import managed hook workflows from ${path}`, '/hooks import <path> [merge|replace] --yes');
-          return;
-        }
-        if (fileContainsAgentHookType(path)) {
-          ctx.print('Blocked: hook bundle contains type=agent entries. GoodVibes Agent does not import local agent-spawning hooks.');
-          return;
-        }
-        await workbench.import(path, strategy);
-        ctx.print(`Imported managed hooks from ${path} using ${strategy} strategy.`);
-        return;
-      }
-
-      const filter = (subcommand === 'contracts' ? commandArgs.slice(1) : commandArgs).join(' ').trim().toLowerCase();
-      const contracts = hookApi.contracts(filter);
-
-      if (contracts.length === 0) {
-        ctx.print(filter.length === 0 ? 'No hook contracts registered.' : `No hook contracts matched "${filter}".`);
-        return;
-      }
-
-      const lines: string[] = [`Hook Contracts (${contracts.length}):`];
-      for (const contract of contracts) {
-        lines.push(`  ${contract.pattern}`);
-        lines.push(`    authority=${contract.authority} mode=${contract.executionMode} deny=${contract.canDeny ? 'yes' : 'no'} mutate=${contract.canMutateInput ? 'yes' : 'no'} inject=${contract.canInjectContext ? 'yes' : 'no'} timeout=${contract.timeoutMs}ms policy=${contract.failurePolicy}`);
-        lines.push(`    ${contract.description}`);
-      }
-      const managedHooks = workbench.listManagedHooks();
-      const managedChains = workbench.listManagedChains();
-      lines.push('');
-      lines.push(`Managed hooks file: ${workbench.getFilePath()}`);
-      lines.push(`Managed entries: hooks=${managedHooks.length} chains=${managedChains.length}`);
-      ctx.print(lines.join('\n'));
-    },
-  });
-}

package/src/input/commands/incident-runtime.ts

@@ -1,106 +0,0 @@
-import { dirname, resolve } from 'path';
-import { mkdirSync, writeFileSync } from 'node:fs';
-import type { CommandRegistry } from '../command-registry.ts';
-import { buildIncidentMemoryAddOptions } from '@pellux/goodvibes-sdk/platform/state';
-import { requireShellPaths } from './runtime-services.ts';
-import { getMemoryApi } from './recall-query.ts';
-import { requireYesFlag, stripYesFlag } from './confirmation.ts';
-
-export function registerIncidentRuntimeCommands(registry: CommandRegistry): void {
-  registry.register({
-    name: 'incident',
-    aliases: [],
-    description: 'Open, export, and capture incident review bundles',
-    usage: '[open | latest | show <id|latest> | export <id|latest> <path> --yes | capture <id|latest> --yes]',
-    async handler(args, ctx) {
-      const parsed = stripYesFlag(args);
-      const commandArgs = [...parsed.rest];
-      const shellPaths = requireShellPaths(ctx);
-      const subcommand = (commandArgs[0] ?? 'open').toLowerCase();
-      const forensicRegistry = ctx.extensions.forensicsRegistry;
-      if (subcommand === 'open') {
-        if (ctx.openIncidentPanel) {
-          ctx.openIncidentPanel();
-          return;
-        }
-        ctx.print('Incident panel is not available in this runtime.');
-        return;
-      }
-      if (!forensicRegistry) {
-        ctx.print('Forensics registry is not available in this runtime.');
-        return;
-      }
-      const requestedId = commandArgs[1];
-      const report = !requestedId || requestedId === 'latest'
-        ? forensicRegistry.latest()
-        : forensicRegistry.getById(requestedId);
-      if (subcommand === 'latest' || subcommand === 'show') {
-        if (!report) {
-          ctx.print('No incident bundle is available.');
-          return;
-        }
-        const bundle = forensicRegistry.buildBundle(report.id);
-        if (!bundle) {
-          ctx.print(`Failed to build incident bundle for ${report.id}.`);
-          return;
-        }
-        ctx.print([
-          `Incident ${report.id}`,
-          `  classification: ${report.classification}`,
-          `  summary: ${report.summary}`,
-          `  root cause: ${bundle.evidence.rootCause ?? 'n/a'}`,
-          `  denied permissions: ${bundle.evidence.deniedPermissionCount}`,
-          `  budget breaches: ${bundle.evidence.budgetBreachCount}`,
-          `  replay mismatches: ${bundle.replay.mismatchCount}`,
-        ].join('\n'));
-        return;
-      }
-      if (subcommand === 'export') {
-        const pathArg = commandArgs[2];
-        if (!requestedId || !pathArg) {
-          ctx.print('Usage: /incident export <id|latest> <path> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `export incident bundle ${requestedId}`, '/incident export <id|latest> <path> --yes');
-          return;
-        }
-        if (!report) {
-          ctx.print(`Incident not found: ${requestedId}`);
-          return;
-        }
-        const bundleJson = forensicRegistry.exportBundleAsJson(report.id);
-        if (!bundleJson) {
-          ctx.print(`Failed to export incident bundle for ${report.id}.`);
-          return;
-        }
-        const targetPath = shellPaths.resolveWorkspacePath(pathArg);
-        mkdirSync(dirname(targetPath), { recursive: true });
-        writeFileSync(targetPath, `${bundleJson}\n`, 'utf-8');
-        ctx.print(`Exported incident bundle ${report.id} to ${targetPath}`);
-        return;
-      }
-      if (subcommand === 'capture') {
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `capture incident ${requestedId ?? 'latest'} into durable memory`, '/incident capture <id|latest> --yes');
-          return;
-        }
-        const memory = getMemoryApi(ctx);
-        if (!memory) return;
-        if (!report) {
-          ctx.print(`Incident not found: ${requestedId ?? 'latest'}`);
-          return;
-        }
-        const bundle = forensicRegistry.buildBundle(report.id);
-        if (!bundle) {
-          ctx.print(`Failed to build incident bundle for ${report.id}.`);
-          return;
-        }
-        const record = await memory.add(buildIncidentMemoryAddOptions(bundle));
-        ctx.print(`Captured incident ${report.id} into durable memory as ${record.id}`);
-        return;
-      }
-      ctx.print('Usage: /incident [open | latest | show <id|latest> | export <id|latest> <path> --yes | capture <id|latest> --yes]');
-    },
-  });
-}