@pugi/cli 0.1.0-beta.24 → 0.1.0-beta.25

package/dist/core/hooks/runner.js

@@ -0,0 +1,236 @@
+/**
+ * Pugi hooks MVP — runner (Leak L12, first pass).
+ *
+ * Spawns the shell command declared in `hooks-mvp.json`, applies the
+ * timeout watchdog, captures stdout / stderr, and surfaces a
+ * structured result. Two events are wired in the MVP (SessionStart,
+ * PreToolUse); the runner itself is event-agnostic so the fast-follow
+ * PR can attach the remaining 6 events without changing this file.
+ *
+ * Safety properties:
+ *   - 30 s default timeout (per task spec); SIGTERM then SIGKILL with
+ *     a 2 s grace window.
+ *   - 1 MiB output cap per stream — a misbehaving hook (`yes`) cannot
+ *     OOM the parent CLI by buffering unbounded data.
+ *   - Spawn failures are caught + logged; the session never crashes
+ *     because of a missing binary or a syntax error in the command.
+ *   - Hook errors are atomic-appended to `<workspaceRoot>/.pugi/logs/
+ *     hooks.log`. Multiple sessions can write concurrently without
+ *     interleaving because `appendFileSync` opens with O_APPEND.
+ *
+ * Brand voice: ASCII only.
+ */
+import { spawn } from 'node:child_process';
+import { appendFileSync, existsSync, mkdirSync } from 'node:fs';
+import { resolve } from 'node:path';
+import { DEFAULT_HOOK_TIMEOUT_MS, isToolEvent, } from './registry.js';
+const HOOK_STREAM_CAP_BYTES = 1024 * 1024;
+const SIGKILL_GRACE_MS = 2_000;
+/**
+ * Fire every matching hook for `event` sequentially. Sequential (not
+ * parallel) is the intentional default — operators frequently chain
+ * `git add` -> `eslint --fix` style hooks that would race otherwise.
+ * Returns a `HookFireOutcome` with the per-invocation results.
+ */
+export async function fireHooks(opts) {
+    const { config, event, payload, toolName, workspaceRoot, env } = opts;
+    const matching = config.listMatching(event, toolName);
+    if (matching.length === 0) {
+        return { event, results: [], anyBlocked: false };
+    }
+    const logger = workspaceRoot ? new HookLogger(workspaceRoot) : undefined;
+    const results = [];
+    let anyBlocked = false;
+    for (const entry of matching) {
+        const timeoutMs = entry.timeoutMs ?? DEFAULT_HOOK_TIMEOUT_MS;
+        const result = await executeOne(entry.command, payload, timeoutMs, env);
+        // Blocking semantics only honored for PreToolUse in the MVP.
+        // Other events can declare `blocking: true` but the runner just
+        // logs that intent — it does NOT short-circuit. The fast-follow
+        // PR threads PostToolUse + UserPromptSubmit blocking through.
+        const blockable = entry.blocking === true && event === 'PreToolUse';
+        const blocked = blockable && !result.ok;
+        if (blocked) {
+            anyBlocked = true;
+            result.blocked = true;
+            result.blockSentinel = `HOOK_BLOCKED: ${truncate(entry.command, 80)} exited ${result.exitCode}`;
+        }
+        if (logger && !result.ok) {
+            logger.recordFailure(event, entry.command, result);
+        }
+        results.push(result);
+    }
+    return { event, results, anyBlocked };
+}
+async function executeOne(command, payload, timeoutMs, env) {
+    const startedAt = Date.now();
+    return new Promise((resolvePromise) => {
+        const payloadJson = JSON.stringify(payload);
+        const childEnv = {
+            ...(env ?? process.env),
+            PUGI_HOOK_PAYLOAD: payloadJson,
+            PUGI_HOOK_EVENT: payload.event,
+            PUGI_HOOK_SESSION_ID: payload.sessionId,
+        };
+        const child = spawn('/bin/sh', ['-c', command], {
+            env: childEnv,
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        const state = {
+            stdout: '',
+            stderr: '',
+            killedForTimeout: false,
+            killedForStreamCap: false,
+        };
+        const escalateKill = () => {
+            if (state.sigKillTimer)
+                return;
+            state.sigKillTimer = setTimeout(() => {
+                if (!child.killed)
+                    child.kill('SIGKILL');
+            }, SIGKILL_GRACE_MS);
+            if (state.sigKillTimer.unref)
+                state.sigKillTimer.unref();
+        };
+        const enforceStreamCap = () => {
+            if (state.killedForStreamCap)
+                return;
+            if (state.stdout.length + state.stderr.length <= HOOK_STREAM_CAP_BYTES)
+                return;
+            state.killedForStreamCap = true;
+            child.kill('SIGTERM');
+            escalateKill();
+        };
+        child.stdout?.on('data', (chunk) => {
+            if (state.killedForStreamCap)
+                return;
+            state.stdout += chunk.toString('utf8');
+            enforceStreamCap();
+        });
+        child.stderr?.on('data', (chunk) => {
+            if (state.killedForStreamCap)
+                return;
+            state.stderr += chunk.toString('utf8');
+            enforceStreamCap();
+        });
+        // Best-effort stdin payload — hook scripts that want to read it can
+        // (e.g. `jq .`); scripts that ignore stdin will EPIPE on our write
+        // which we swallow because the env var carries the same data.
+        if (child.stdin) {
+            child.stdin.on('error', () => {
+                // EPIPE is benign — see above.
+            });
+            child.stdin.end(payloadJson);
+        }
+        const timer = setTimeout(() => {
+            state.killedForTimeout = true;
+            child.kill('SIGTERM');
+            escalateKill();
+        }, timeoutMs);
+        if (timer.unref)
+            timer.unref();
+        child.on('error', (error) => {
+            clearTimeout(timer);
+            if (state.sigKillTimer)
+                clearTimeout(state.sigKillTimer);
+            resolvePromise({
+                command: truncate(command, 200),
+                exitCode: -1,
+                stdoutBytes: state.stdout.length,
+                stderrBytes: state.stderr.length,
+                elapsedMs: Date.now() - startedAt,
+                ok: false,
+                blocked: false,
+                timedOut: false,
+                // No blockSentinel here — spawn errors are not the same as
+                // blocking-failure semantics. The caller logs them generically.
+            });
+        });
+        child.on('close', (code, signal) => {
+            clearTimeout(timer);
+            if (state.sigKillTimer)
+                clearTimeout(state.sigKillTimer);
+            let exitCode;
+            if (code !== null) {
+                exitCode = code;
+            }
+            else if (signal === 'SIGTERM') {
+                exitCode = -15;
+            }
+            else if (signal === 'SIGKILL') {
+                exitCode = -9;
+            }
+            else {
+                exitCode = -1;
+            }
+            const ok = exitCode === 0 &&
+                !state.killedForTimeout &&
+                !state.killedForStreamCap;
+            resolvePromise({
+                command: truncate(command, 200),
+                exitCode,
+                stdoutBytes: state.stdout.length,
+                stderrBytes: state.stderr.length,
+                elapsedMs: Date.now() - startedAt,
+                ok,
+                blocked: false,
+                timedOut: state.killedForTimeout,
+            });
+        });
+    });
+}
+/**
+ * Append-only failure log at `<workspaceRoot>/.pugi/logs/hooks.log`.
+ * Each line is a JSON record so log scrapers can `jq` over it.
+ */
+class HookLogger {
+    path;
+    prepared = false;
+    constructor(workspaceRoot) {
+        this.path = resolve(workspaceRoot, '.pugi', 'logs', 'hooks.log');
+    }
+    recordFailure(event, command, result) {
+        this.prepareDir();
+        const line = JSON.stringify({
+            ts: new Date().toISOString(),
+            event,
+            command: truncate(command, 200),
+            exitCode: result.exitCode,
+            timedOut: result.timedOut,
+            elapsedMs: result.elapsedMs,
+            stdoutBytes: result.stdoutBytes,
+            stderrBytes: result.stderrBytes,
+            toolEvent: isToolEvent(event),
+        });
+        try {
+            appendFileSync(this.path, `${line}\n`, 'utf8');
+        }
+        catch {
+            // Logging is best-effort — the session must not crash when the
+            // disk is full or the directory is read-only. The runner has
+            // already returned the result; dropping the log line is the
+            // safe fallback.
+        }
+    }
+    prepareDir() {
+        if (this.prepared)
+            return;
+        const dir = resolve(this.path, '..');
+        if (!existsSync(dir)) {
+            try {
+                mkdirSync(dir, { recursive: true });
+            }
+            catch {
+                // ignored — appendFileSync will surface a fresh error on the
+                // write path, which we also swallow.
+            }
+        }
+        this.prepared = true;
+    }
+}
+function truncate(value, max) {
+    if (value.length <= max)
+        return value;
+    return `${value.slice(0, max - 3)}...`;
+}
+//# sourceMappingURL=runner.js.map

package/dist/core/lsp/cache.js

@@ -0,0 +1,105 @@
+/**
+ * Per-process LSP client cache — Leak L15.
+ *
+ * The α7.7 `runtime/commands/lsp.ts` CLI surface spawns one LSP server
+ * per invocation and stops it at the end. That is correct for the
+ * one-shot `pugi lsp hover ...` shape but wrong for L15's
+ * post-edit auto-diagnostics: every successful `edit`/`write` would
+ * otherwise pay the ~2-3s cold-start of `typescript-language-server`,
+ * which is unusable inside an agent loop.
+ *
+ * This module owns a singleton map keyed by `LspLanguage` with lazy
+ * initialization (`getOrStart`). The first edit of a TS file in a
+ * session pays cold-start; every subsequent edit of any TS/TSX file
+ * in the same workspace reuses the warm client.
+ *
+ * Lifecycle:
+ *   - `getOrStart(lang, cwd)` — spawn if missing, return cached otherwise.
+ *   - `stopAll()` — graceful shutdown of every cached client. Called from
+ *     `runCli` exit so a Ctrl-C never leaves zombie LSP processes behind.
+ *   - `reset()` — test-only escape hatch, drops the cache without
+ *     touching child processes (specs inject stubs that own their own
+ *     lifecycle).
+ *
+ * Failure handling: a startup failure is NOT cached. The next call
+ * tries again. This keeps the cache from poisoning a session when the
+ * operator installs the missing LSP binary mid-session and re-edits.
+ *
+ * Brand voice: ASCII only, no emoji, no banned words.
+ */
+import { isLspLanguageDisabled, startLspClient, } from './client.js';
+const cache = new Map();
+/**
+ * Return a warm client for `lang`, starting one if needed. The
+ * workspace `cwd` is captured at cache-insert time; if a subsequent
+ * call asks for the same language with a different `cwd` we tear
+ * down the old client and start a fresh one. This handles the
+ * agent-worktree case where the same process hops between workspace
+ * roots inside one Node lifetime.
+ */
+export async function getOrStartLspClient(lang, opts) {
+    // β7 L9: respect the per-language disable toggle BEFORE we attempt to
+    // spawn. The check is cheap and keeps the disabled path from paying
+    // the `npx --yes` warmup cost on first use.
+    if (isLspLanguageDisabled(lang, opts.lspSettings)) {
+        return {
+            ok: false,
+            reason: 'lsp_disabled',
+            detail: `${lang} is disabled via .pugi/settings.json::lsp`,
+        };
+    }
+    const existing = cache.get(lang);
+    if (existing && existing.cwd === opts.cwd) {
+        return { ok: true, client: existing.client };
+    }
+    if (existing && existing.cwd !== opts.cwd) {
+        // Workspace switched — stop the old client and fall through to spawn.
+        try {
+            await existing.client.stop();
+        }
+        catch {
+            // best effort; stop() is idempotent + swallow-safe
+        }
+        cache.delete(lang);
+    }
+    const result = await startLspClient(lang, opts);
+    if (!result.ok) {
+        return { ok: false, reason: result.reason, detail: result.detail };
+    }
+    cache.set(lang, { client: result.value, cwd: opts.cwd });
+    return { ok: true, client: result.value };
+}
+/** Look up the cached client without starting one. Returns undefined when missing. */
+export function peekLspClient(lang) {
+    return cache.get(lang)?.client;
+}
+/** Snapshot of currently-cached languages — used by `pugi lsp status` debug output. */
+export function listCachedLanguages() {
+    return Array.from(cache.keys());
+}
+/**
+ * Stop every cached client and clear the cache. Called from `runCli`
+ * exit and from specs that own the lifecycle of their stub servers.
+ */
+export async function stopAllLspClients() {
+    const snapshot = Array.from(cache.values());
+    cache.clear();
+    await Promise.all(snapshot.map(async (entry) => {
+        try {
+            await entry.client.stop();
+        }
+        catch {
+            // best effort — shutting down anyway
+        }
+    }));
+}
+/**
+ * Test-only: drop the cache map WITHOUT calling stop on the children.
+ * Specs that inject stub servers manage the stub lifecycle themselves;
+ * this lets a spec swap a stub mid-test without the cache holding a
+ * stale reference to a torn-down process.
+ */
+export function __resetLspCacheForTests() {
+    cache.clear();
+}
+//# sourceMappingURL=cache.js.map

package/dist/core/lsp/language-detect.js

@@ -0,0 +1,66 @@
+/**
+ * Language-from-extension detection — Leak L15.
+ *
+ * Single source of truth for "given a file path, which `LspLanguage`
+ * slug do we route to". The α7.7 `runtime/commands/lsp.ts` shipped its
+ * own inline `inferLanguage` switch; L15 (post-edit auto-diagnostics)
+ * needs the same lookup from `core/engine/tool-bridge.ts`, so we lift
+ * the table into a dedicated module to avoid a second copy drifting
+ * out of sync.
+ *
+ * Returning `undefined` is the calling code's signal to silently skip
+ * LSP — an unsupported extension is NOT an error, it just means "no
+ * diagnostics for this file". The tool-bridge hook treats this as a
+ * no-op envelope tail.
+ *
+ * Adding a new language requires THREE coordinated changes:
+ *   1. Add the `LspLanguage` slug + server descriptor in `client.ts`.
+ *   2. Map its extensions here.
+ *   3. Add a `lsp-language-matrix` spec row exercising the new ext.
+ *
+ * Brand voice: ASCII only, no emoji, no banned words.
+ */
+import { extname } from 'node:path';
+/**
+ * Lower-case extension (including the dot) → LSP language slug.
+ * Mirror of the switch in `runtime/commands/lsp.ts::inferLanguage`.
+ * The table form lets tests assert coverage and lets new languages
+ * land with one edit instead of two.
+ */
+export const EXTENSION_TO_LANGUAGE = {
+    '.ts': 'ts',
+    '.tsx': 'ts',
+    '.mts': 'ts',
+    '.cts': 'ts',
+    '.js': 'js',
+    '.jsx': 'js',
+    '.mjs': 'js',
+    '.cjs': 'js',
+    '.py': 'py',
+    '.pyi': 'py',
+    '.go': 'go',
+    '.rs': 'rust',
+};
+/**
+ * Infer the `LspLanguage` for a workspace-relative or absolute path.
+ * Returns `undefined` for unmapped extensions — the caller decides
+ * whether that is silently skipped (post-edit hook) or surfaced as
+ * `language_unsupported` (`pugi lsp` CLI).
+ */
+export function languageForFile(file) {
+    const ext = extname(file).toLowerCase();
+    if (!ext)
+        return undefined;
+    return EXTENSION_TO_LANGUAGE[ext];
+}
+/**
+ * Return every extension currently mapped to the given language.
+ * Used by the matrix spec to assert coverage without re-typing the
+ * extension list.
+ */
+export function extensionsForLanguage(lang) {
+    return Object.entries(EXTENSION_TO_LANGUAGE)
+        .filter(([, value]) => value === lang)
+        .map(([ext]) => ext);
+}
+//# sourceMappingURL=language-detect.js.map

package/dist/core/lsp/post-edit-diagnostics.js

@@ -0,0 +1,171 @@
+/**
+ * Post-edit diagnostics — Leak L15.
+ *
+ * Claude Code's leak intel surfaced this pattern: after a `FileEdit` /
+ * `Write` tool call lands, an LSP diagnostic pass runs on the touched
+ * file and the result is appended to the tool envelope before the
+ * model sees it. The model then self-corrects in the same turn —
+ * "TS2304: Cannot find name 'undef'" comes back, the model fixes the
+ * typo in the next tool call, no operator round-trip needed.
+ *
+ * This module is the Pugi side of that pattern:
+ *
+ *   1. The tool-bridge calls `runPostEditDiagnostics(path, ctx)` after
+ *      a successful `edit` / `write` / `multi_edit`.
+ *   2. We infer the language from the extension (`language-detect`).
+ *      Unsupported extension → `{ skip: true }` and the bridge appends
+ *      nothing.
+ *   3. We borrow (or lazily start) the per-language cached client
+ *      from `cache.ts`. A spawn failure → `{ skip: true }` and the
+ *      envelope stays clean. Silence on failure is intentional: an
+ *      operator who has not installed `typescript-language-server`
+ *      should not see an LSP nag on every edit.
+ *   4. We pull diagnostics with a hard 5s ceiling. A timeout logs a
+ *      warning on stderr (gated on `PUGI_LSP_DEBUG=1`) and skips —
+ *      the envelope is never blocked on LSP.
+ *   5. We format the surviving diagnostics into a readable tail
+ *      mirroring the leak format:
+ *
+ *         LSP DIAGNOSTICS (typescript):
+ *           foo.ts:42:5 error TS2304: Cannot find name 'undef'.
+ *           foo.ts:51:1 warn  TS6133: 'unused' is declared.
+ *
+ * The bridge concatenates this tail onto its existing `wrote ...` /
+ * `edited ...` body with a single newline separator. When there are
+ * zero diagnostics we return `{ skip: true }` so the existing body
+ * is unchanged — the "no news is good news" path stays terse.
+ *
+ * Brand voice: ASCII only, no emoji, no banned words.
+ */
+import { isAbsolute, relative, resolve } from 'node:path';
+import { getOrStartLspClient } from './cache.js';
+import { languageForFile } from './language-detect.js';
+const DEFAULT_TIMEOUT_MS = 5_000;
+/**
+ * Hard cap on how many diagnostics we surface to the model. A file
+ * with 200 errors after a broken bulk edit would otherwise blow the
+ * context window; the model can re-run `pugi lsp diagnostics` if
+ * it needs the full list.
+ */
+const MAX_DIAGNOSTICS = 25;
+export async function runPostEditDiagnostics(filePath, opts) {
+    const lang = languageForFile(filePath);
+    if (!lang) {
+        return { skip: true, reason: 'unsupported_language' };
+    }
+    const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    const clientResult = await loadClient(lang, opts);
+    if (!clientResult.ok) {
+        return { skip: true, reason: mapStartFailure(clientResult.reason) };
+    }
+    // Run diagnostics with a hard timeout. The underlying LspClient has
+    // its own per-request timeout (5s default) but a slow handshake
+    // can blow past it; we belt-and-suspenders here so the agent loop
+    // never blocks on LSP.
+    const relPath = toWorkspaceRelative(filePath, opts.cwd);
+    const diagnosticsPromise = clientResult.client.diagnostics(relPath);
+    let timer;
+    const timeoutPromise = new Promise((resolveFn) => {
+        timer = setTimeout(() => resolveFn({ timedOut: true }), timeoutMs);
+        timer.unref();
+    });
+    const race = await Promise.race([
+        diagnosticsPromise.then((value) => ({ timedOut: false, value })),
+        timeoutPromise,
+    ]);
+    if (timer)
+        clearTimeout(timer);
+    if (race.timedOut) {
+        const writeFn = opts.debugWrite ?? ((line) => {
+            if (process.env.PUGI_LSP_DEBUG === '1')
+                process.stderr.write(`${line}\n`);
+        });
+        writeFn(`[pugi-lsp] post-edit diagnostics for ${relPath} timed out after ${timeoutMs}ms (lang=${lang})`);
+        return { skip: true, reason: 'timeout' };
+    }
+    const diag = race.value;
+    if (!diag.ok) {
+        return { skip: true, reason: 'lsp_error' };
+    }
+    if (diag.value.length === 0) {
+        return { skip: true, reason: 'no_diagnostics' };
+    }
+    const tail = formatDiagnosticsTail(relPath, lang, diag.value);
+    return { skip: false, tail, count: diag.value.length, language: lang };
+}
+async function loadClient(lang, opts) {
+    if (opts.clientLoader) {
+        return opts.clientLoader(lang);
+    }
+    const { cwd, timeoutMs, clientLoader: _ignoredA, debugWrite: _ignoredB, ...rest } = opts;
+    const result = await getOrStartLspClient(lang, { cwd, ...rest });
+    if (!result.ok) {
+        return { ok: false, reason: result.reason, detail: result.detail };
+    }
+    return { ok: true, client: result.client };
+}
+function mapStartFailure(reason) {
+    if (reason === 'lsp_unavailable' || reason === 'language_unsupported')
+        return 'lsp_unavailable';
+    if (reason === 'lsp_disabled')
+        return 'lsp_disabled';
+    return 'lsp_error';
+}
+/**
+ * Convert an absolute or workspace-relative path into the form the
+ * LSP client expects — same shape as `runtime/commands/lsp.ts` uses.
+ */
+function toWorkspaceRelative(filePath, cwd) {
+    if (!isAbsolute(filePath))
+        return filePath;
+    const rel = relative(cwd, resolve(cwd, filePath));
+    return rel || filePath;
+}
+/**
+ * Format diagnostics into the leak-shaped envelope tail. Pure function
+ * exported for unit tests to assert the line format independent of
+ * any LSP plumbing.
+ */
+export function formatDiagnosticsTail(relPath, lang, diagnostics) {
+    const visible = diagnostics.slice(0, MAX_DIAGNOSTICS);
+    const truncated = diagnostics.length > visible.length;
+    const lines = [`LSP DIAGNOSTICS (${LANGUAGE_LABELS[lang]}):`];
+    for (const diag of visible) {
+        const line = diag.range.start.line + 1; // LSP is zero-based; humans expect 1-based.
+        const col = diag.range.start.character + 1;
+        const severity = SEVERITY_LABELS[diag.severityLabel];
+        const code = diag.code !== undefined && diag.code !== '' ? ` ${diag.code}` : '';
+        const source = diag.source ? `${diag.source}` : '';
+        const head = source ? `${severity}${code} (${source}):` : `${severity}${code}:`;
+        lines.push(`  ${relPath}:${line}:${col} ${head} ${diag.message}`);
+    }
+    if (truncated) {
+        lines.push(`  ... ${diagnostics.length - visible.length} more diagnostic(s) — re-run pugi lsp diagnostics ${relPath} for the full list`);
+    }
+    return lines.join('\n');
+}
+const LANGUAGE_LABELS = {
+    ts: 'typescript',
+    js: 'javascript',
+    py: 'python',
+    go: 'go',
+    rust: 'rust',
+};
+/**
+ * Map LSP severity label → the short token the leak envelope uses.
+ * "warn" is shorter than "warning" and matches Claude Code's leak
+ * verbatim; the rest mirror LSP terminology.
+ */
+const SEVERITY_LABELS = {
+    error: 'error',
+    warning: 'warn ',
+    info: 'info ',
+    hint: 'hint ',
+};
+/** Test-only surface so specs can poke the pure helpers without LSP. */
+export const __test__ = {
+    formatDiagnosticsTail,
+    MAX_DIAGNOSTICS,
+    DEFAULT_TIMEOUT_MS,
+};
+//# sourceMappingURL=post-edit-diagnostics.js.map

package/dist/core/repl/session.js

@@ -1233,6 +1233,41 @@ export class ReplSession {
                 }
                 return verdict;
             }
+            case 'repo-map': {
+                // Leak L28 (2026-05-27): AST-light workspace summary. Delegate
+                // к the shared `runRepoMapCommand` so the slash + top-level
+                // paths stay single-sourced. The rendered text lands on the
+                // system pane via `appendSystemLine` (no fresh Ink mount) so
+                // the listing flows into the conversation transcript like
+                // any other command output.
+                try {
+                    const { runRepoMapCommand } = await import('../../runtime/commands/repo-map.js');
+                    const lines = [];
+                    await runRepoMapCommand({
+                        cwd: process.cwd(),
+                        refresh: verdict.refresh,
+                        json: false,
+                        writeOutput: (_payload, text) => {
+                            for (const line of text.split('\n')) {
+                                const trimmed = line.replace(/\s+$/u, '');
+                                lines.push(trimmed);
+                            }
+                        },
+                    });
+                    if (lines.length === 0) {
+                        this.appendSystemLine('/repo-map: no output.');
+                    }
+                    else {
+                        for (const line of lines)
+                            this.appendSystemLine(line);
+                    }
+                }
+                catch (error) {
+                    const message = error instanceof Error ? error.message : String(error);
+                    this.appendSystemLine(`/repo-map failed: ${message}`);
+                }
+                return verdict;
+            }
             case 'stub': {
                 this.appendSystemLine(verdict.message);
                 return verdict;

package/dist/core/repl/slash-commands.js

@@ -75,6 +75,7 @@ export const SLASH_COMMAND_HELP = Object.freeze([
     { name: 'quota', args: '', gloss: 'Plan tier + monthly usage caps (sync / review / engine)', group: 'Pugi tools' },
     { name: 'status', args: '', gloss: 'Session snapshot — id · cwd · mode · tokens · dispatches · auth', group: 'Pugi tools' },
     { name: 'consensus', args: '[ref]', gloss: '3-model consensus review (codex · claude · deepseek)', group: 'Pugi tools' },
+    { name: 'repo-map', args: '[refresh]', gloss: 'AST-light symbol summary of the workspace (leak L28)', group: 'Pugi tools' },
     // Settings
     { name: 'config', args: '', gloss: 'Show config', group: 'Settings', stub: true },
     { name: 'privacy', args: '', gloss: 'Show privacy mode + contract', group: 'Settings' },
@@ -462,6 +463,15 @@ export function parseSlashCommand(input) {
             const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
             return { kind: 'share', args: tokens };
         }
+        case 'repo-map':
+        case 'repomap': {
+            // Leak L28 (2026-05-27): build + show the AST-light symbol
+            // summary. Accepts `refresh` as a positional или `--refresh`
+            // flag so muscle memory from both shells lands the same way.
+            const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
+            const refresh = tokens.includes('--refresh') || tokens.includes('refresh') || tokens.includes('-r');
+            return { kind: 'repo-map', refresh };
+        }
         case 'release-notes':
         case 'releasenotes':
         case 'changelog': {