@sienklogic/plan-build-run 2.40.1 → 2.42.0

package/CHANGELOG.md

@@ -5,6 +5,44 @@ All notable changes to Plan-Build-Run will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.42.0](https://github.com/SienkLogic/plan-build-run/compare/plan-build-run-v2.41.0...plan-build-run-v2.42.0) (2026-02-28)
+
+
+### Features
+
+* **48-02:** add localhost-only validation for local_llm.endpoint in configValidate ([511e038](https://github.com/SienkLogic/plan-build-run/commit/511e038bc5821518d261ac49d3098ac8281970cd))
+* **48-02:** add persistent cross-process circuit breaker in lib/circuit-state.js ([85ee2fd](https://github.com/SienkLogic/plan-build-run/commit/85ee2fdb07ee9357c467d80f2ec02b6af2e0378e))
+* **48-02:** replace busy-wait loop with Atomics.wait in lockedFileUpdate ([0099aa2](https://github.com/SienkLogic/plan-build-run/commit/0099aa2b172b7705bba2c834be8601d225667b10))
+
+
+### Bug Fixes
+
+* **48-03:** remove unused imports causing ESLint failures in CI ([f459004](https://github.com/SienkLogic/plan-build-run/commit/f4590048e4847e802ace067b47d10d9c865d0f21))
+* **48-03:** remove unused variable in run-hook.test.js to pass ESLint ([2b553b1](https://github.com/SienkLogic/plan-build-run/commit/2b553b1df752231f9e78246fe6f4d6326f872f87))
+
+
+### Documentation
+
+* **48-03:** add bootstrap documentation and drift-detection test for hooks.json ([d29c015](https://github.com/SienkLogic/plan-build-run/commit/d29c01524bdbc2b01741f4c634b8e3855a3fa0b0))
+
+## [2.41.0](https://github.com/SienkLogic/plan-build-run/compare/plan-build-run-v2.40.1...plan-build-run-v2.41.0) (2026-02-28)
+
+
+### Features
+
+* **47-01:** expand stateUpdate to cover all 9 STATE.md frontmatter fields ([de6a6b3](https://github.com/SienkLogic/plan-build-run/commit/de6a6b3b3f577c436396927a4b5511b5163a527c))
+* **47-02:** add [@file](https://github.com/file): escape hatch tests and documentation ([6634f50](https://github.com/SienkLogic/plan-build-run/commit/6634f504c7e64f25caaecb0b06561c3a03b88d35))
+
+
+### Bug Fixes
+
+* **47-01:** update stale state update usage hint to list all 9 fields ([e0d0e39](https://github.com/SienkLogic/plan-build-run/commit/e0d0e39fa11c8a210b7f44f1e311f80ce761b6c6))
+
+
+### Documentation
+
+* **46-02:** add agent contract compliance audit for phase 46 ([78bca43](https://github.com/SienkLogic/plan-build-run/commit/78bca43bb1c37375c9b7bd3704d874d957f61b26))
+
 ## [2.40.1](https://github.com/SienkLogic/plan-build-run/compare/plan-build-run-v2.40.0...plan-build-run-v2.40.1) (2026-02-27)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sienklogic/plan-build-run",
-  "version": "2.40.1",
+  "version": "2.42.0",
   "description": "Plan it, Build it, Run it — structured development workflow for Claude Code",
   "keywords": [
     "claude-code",

package/plugins/copilot-pbr/agents/dev-sync.agent.md

@@ -6,6 +6,14 @@ infer: true
 target: "github-copilot"
 ---
 
+<files_to_read>
+CRITICAL: If your spawn prompt contains a files_to_read block,
+you MUST Read every listed file BEFORE any other action.
+Skipping this causes hallucinated context and broken output.
+</files_to_read>
+
+> Default files: the changed pbr/ file path(s) provided in the spawn prompt
+
 # Cross-Plugin Sync Agent
 
 You are **dev-sync**, a specialized agent for the Plan-Build-Run project. Your sole job is to take changes made in `plugins/pbr/` and apply the equivalent changes to `plugins/cursor-pbr/` and `plugins/copilot-pbr/`, adjusting for each derivative's format requirements.

package/plugins/copilot-pbr/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "pbr",
   "displayName": "Plan-Build-Run",
-  "version": "2.40.1",
+  "version": "2.42.0",
   "description": "Plan-Build-Run — Structured development workflow for GitHub Copilot CLI. Solves context rot through disciplined agent delegation, structured planning, atomic execution, and goal-backward verification.",
   "author": {
     "name": "SienkLogic",

package/plugins/copilot-pbr/references/plan-authoring.md

@@ -201,6 +201,43 @@ Two plans CONFLICT if their `files_modified` lists overlap. Conflicting plans:
 
 ---
 
+## @file: Output Pattern (Large Payloads)
+
+When a `pbr-tools` CLI command produces output exceeding 50,000 characters, the tool writes
+the JSON payload to a temporary file instead of emitting it inline. It then prints a single
+line of the form:
+
+```
+@file:/tmp/pbr-1234567890.json
+```
+
+This prevents stdout overflow in environments with limited buffer sizes (hooks, Task() runners).
+
+### Verify Step Pattern
+
+If a plan's `<verify>` step calls `pbr-tools` and inspects the output, guard against the
+`@file:` case:
+
+```bash
+OUT=$(node ${CLAUDE_PLUGIN_ROOT}/scripts/pbr-tools.js state load)
+if echo "$OUT" | grep -q '^@file:'; then
+  OUT=$(cat "${OUT#@file:}")
+fi
+echo "$OUT" | grep '"status"'
+```
+
+### Agent Prompt Handling
+
+When an agent receives `@file:` output from a spawned tool call, it must read the referenced
+file to obtain the actual JSON payload. The `@file:` prefix is a signal — not a path fragment
+to be appended to another command.
+
+Plan actions that spawn `pbr-tools` subcommands should instruct the agent:
+
+> If the output starts with `@file:`, read the file at that path to get the full JSON response.
+
+---
+
 ## Context Fidelity Checklist
 
 Before writing plan files, verify context compliance:

package/plugins/cursor-pbr/.cursor-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "pbr",
   "displayName": "Plan-Build-Run",
-  "version": "2.40.1",
+  "version": "2.42.0",
   "description": "Plan-Build-Run — Structured development workflow for Cursor. Solves context rot through disciplined subagent delegation, structured planning, atomic execution, and goal-backward verification.",
   "author": {
     "name": "SienkLogic",

package/plugins/cursor-pbr/agents/dev-sync.md

@@ -5,6 +5,14 @@ model: sonnet
 readonly: false
 ---
 
+<files_to_read>
+CRITICAL: If your spawn prompt contains a files_to_read block,
+you MUST Read every listed file BEFORE any other action.
+Skipping this causes hallucinated context and broken output.
+</files_to_read>
+
+> Default files: the changed pbr/ file path(s) provided in the spawn prompt
+
 # Cross-Plugin Sync Agent
 
 You are **dev-sync**, a specialized agent for the Plan-Build-Run project. Your sole job is to take changes made in `plugins/pbr/` and apply the equivalent changes to `plugins/cursor-pbr/` and `plugins/copilot-pbr/`, adjusting for each derivative's format requirements.

package/plugins/cursor-pbr/references/plan-authoring.md

@@ -201,6 +201,43 @@ Two plans CONFLICT if their `files_modified` lists overlap. Conflicting plans:
 
 ---
 
+## @file: Output Pattern (Large Payloads)
+
+When a `pbr-tools` CLI command produces output exceeding 50,000 characters, the tool writes
+the JSON payload to a temporary file instead of emitting it inline. It then prints a single
+line of the form:
+
+```
+@file:/tmp/pbr-1234567890.json
+```
+
+This prevents stdout overflow in environments with limited buffer sizes (hooks, Task() runners).
+
+### Verify Step Pattern
+
+If a plan's `<verify>` step calls `pbr-tools` and inspects the output, guard against the
+`@file:` case:
+
+```bash
+OUT=$(node ${CLAUDE_PLUGIN_ROOT}/scripts/pbr-tools.js state load)
+if echo "$OUT" | grep -q '^@file:'; then
+  OUT=$(cat "${OUT#@file:}")
+fi
+echo "$OUT" | grep '"status"'
+```
+
+### Agent Prompt Handling
+
+When an agent receives `@file:` output from a spawned tool call, it must read the referenced
+file to obtain the actual JSON payload. The `@file:` prefix is a signal — not a path fragment
+to be appended to another command.
+
+Plan actions that spawn `pbr-tools` subcommands should instruct the agent:
+
+> If the output starts with `@file:`, read the file at that path to get the full JSON response.
+
+---
+
 ## Context Fidelity Checklist
 
 Before writing plan files, verify context compliance:

package/plugins/pbr/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "pbr",
-  "version": "2.40.1",
+  "version": "2.42.0",
   "description": "Plan-Build-Run — Structured development workflow for Claude Code. Solves context rot through disciplined subagent delegation, structured planning, atomic execution, and goal-backward verification.",
   "author": {
     "name": "SienkLogic",

package/plugins/pbr/agents/dev-sync.md

@@ -12,6 +12,14 @@ tools:
   - Grep
 ---
 
+<files_to_read>
+CRITICAL: If your spawn prompt contains a files_to_read block,
+you MUST Read every listed file BEFORE any other action.
+Skipping this causes hallucinated context and broken output.
+</files_to_read>
+
+> Default files: the changed pbr/ file path(s) provided in the spawn prompt
+
 # Cross-Plugin Sync Agent
 
 You are **dev-sync**, a specialized agent for the Plan-Build-Run project. Your sole job is to take changes made in `plugins/pbr/` and apply the equivalent changes to `plugins/cursor-pbr/` and `plugins/copilot-pbr/`, adjusting for each derivative's format requirements.

package/plugins/pbr/hooks/hooks.json

@@ -1,6 +1,11 @@
 {
   "$schema": "../scripts/hooks-schema.json",
   "description": "Plan-Build-Run workflow hooks for state tracking, validation, and auto-continuation",
+  "$bootstrap": {
+    "why": "Claude Code expands ${CLAUDE_PLUGIN_ROOT} before shell execution. On Windows+Git Bash this produces an MSYS path like /d/Repos/... which Node.js cannot resolve. The one-liner converts /d/Repos/... to D:\\Repos\\... before requiring run-hook.js.",
+    "pattern": "node -e \"var r=process.env.CLAUDE_PLUGIN_ROOT||'',m=r.match(/^\\/([a-zA-Z])\\/(.*)/);if(m)r=m[1]+String.fromCharCode(58)+String.fromCharCode(92)+m[2];require(require('path').resolve(r,'scripts','run-hook.js'))\" {script}.js",
+    "run-hook": "scripts/run-hook.js handles MSYS path fix, argv normalization, and require() isolation"
+  },
   "hooks": {
     "SessionStart": [
       {

package/plugins/pbr/references/plan-authoring.md

@@ -200,6 +200,43 @@ Two plans CONFLICT if their `files_modified` lists overlap. Conflicting plans:
 
 ---
 
+## @file: Output Pattern (Large Payloads)
+
+When a `pbr-tools` CLI command produces output exceeding 50,000 characters, the tool writes
+the JSON payload to a temporary file instead of emitting it inline. It then prints a single
+line of the form:
+
+```
+@file:/tmp/pbr-1234567890.json
+```
+
+This prevents stdout overflow in environments with limited buffer sizes (hooks, Task() runners).
+
+### Verify Step Pattern
+
+If a plan's `<verify>` step calls `pbr-tools` and inspects the output, guard against the
+`@file:` case:
+
+```bash
+OUT=$(node ${CLAUDE_PLUGIN_ROOT}/scripts/pbr-tools.js state load)
+if echo "$OUT" | grep -q '^@file:'; then
+  OUT=$(cat "${OUT#@file:}")
+fi
+echo "$OUT" | grep '"status"'
+```
+
+### Agent Prompt Handling
+
+When an agent receives `@file:` output from a spawned tool call, it must read the referenced
+file to obtain the actual JSON payload. The `@file:` prefix is a signal — not a path fragment
+to be appended to another command.
+
+Plan actions that spawn `pbr-tools` subcommands should instruct the agent:
+
+> If the output starts with `@file:`, read the file at that path to get the full JSON response.
+
+---
+
 ## Context Fidelity Checklist
 
 Before writing plan files, verify context compliance:

package/plugins/pbr/scripts/check-plan-format.js

@@ -56,7 +56,7 @@ async function main() {
 
       // Determine file type
       const basename = path.basename(filePath);
-      const isPlan = /PLAN.*\.md$/i.test(basename);
+      const isPlan = /^PLAN.*\.md$/.test(basename);
       const isSummary = basename.includes('SUMMARY') && basename.endsWith('.md');
       const isVerification = basename === 'VERIFICATION.md';
       const isRoadmap = basename === 'ROADMAP.md';
@@ -276,7 +276,7 @@ function validateSummary(content, _filePath) {
 async function checkPlanWrite(data) {
   const filePath = data.tool_input?.file_path || data.tool_input?.path || '';
   const basename = path.basename(filePath);
-  const isPlan = /PLAN.*\.md$/i.test(basename);
+  const isPlan = /^PLAN.*\.md$/.test(basename);
   const isSummary = basename.includes('SUMMARY') && basename.endsWith('.md');
   const isVerification = basename === 'VERIFICATION.md';
   const isRoadmap = basename === 'ROADMAP.md';

package/plugins/pbr/scripts/lib/circuit-state.js

@@ -0,0 +1,134 @@
+'use strict';
+
+/**
+ * lib/circuit-state.js — Persistent cross-process circuit breaker state.
+ *
+ * Stores circuit state in .planning/logs/local-llm-circuit.json so multiple
+ * hook processes share the same failure counts across process boundaries.
+ *
+ * Entries expire after STALE_TTL_MS (30 minutes) since the last failure.
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+const STALE_TTL_MS = 30 * 60 * 1000; // 30 minutes
+const STATE_FILENAME = 'local-llm-circuit.json';
+
+/**
+ * Returns the path to the circuit state file.
+ * @param {string} planningDir
+ * @returns {string}
+ */
+function _statePath(planningDir) {
+  return path.join(planningDir, 'logs', STATE_FILENAME);
+}
+
+/**
+ * Load circuit state from disk. Returns an empty object on any error.
+ * Prunes entries whose last_failure timestamp is older than STALE_TTL_MS.
+ *
+ * @param {string} planningDir - Path to .planning directory
+ * @returns {object} Map of operationType -> { failures, disabled, last_failure }
+ */
+function loadCircuitState(planningDir) {
+  const statePath = _statePath(planningDir);
+  let raw = {};
+  try {
+    if (!fs.existsSync(statePath)) return {};
+    raw = JSON.parse(fs.readFileSync(statePath, 'utf8'));
+  } catch (_e) {
+    return {};
+  }
+
+  const now = Date.now();
+  const pruned = {};
+  for (const [opType, entry] of Object.entries(raw)) {
+    if (entry && typeof entry.last_failure === 'number') {
+      if (now - entry.last_failure < STALE_TTL_MS) {
+        pruned[opType] = entry;
+      }
+      // else: stale — drop it
+    }
+  }
+  return pruned;
+}
+
+/**
+ * Atomically write circuit state to disk.
+ * Uses a temp-file + rename pattern to avoid partial writes.
+ *
+ * @param {string} planningDir - Path to .planning directory
+ * @param {object} state - State object to write
+ */
+function saveCircuitState(planningDir, state) {
+  const logsDir = path.join(planningDir, 'logs');
+  try {
+    if (!fs.existsSync(logsDir)) {
+      fs.mkdirSync(logsDir, { recursive: true });
+    }
+    const statePath = _statePath(planningDir);
+    const tmpPath = statePath + '.tmp.' + process.pid;
+    fs.writeFileSync(tmpPath, JSON.stringify(state, null, 2), 'utf8');
+    fs.renameSync(tmpPath, statePath);
+  } catch (_e) {
+    // Best-effort — never crash the calling hook
+  }
+}
+
+/**
+ * Returns true if the circuit is open (disabled) for the given operation type,
+ * based on persistent state.
+ *
+ * @param {string} planningDir
+ * @param {string} operationType
+ * @param {number} maxFailures
+ * @returns {boolean}
+ */
+function isDisabledPersistent(planningDir, operationType, maxFailures) {
+  const state = loadCircuitState(planningDir);
+  const entry = state[operationType];
+  if (!entry) return false;
+  return entry.disabled === true || entry.failures >= maxFailures;
+}
+
+/**
+ * Records a failure for the given operation type in persistent state.
+ * Marks the circuit disabled when maxFailures is reached.
+ *
+ * @param {string} planningDir
+ * @param {string} operationType
+ * @param {number} maxFailures
+ */
+function recordFailurePersistent(planningDir, operationType, maxFailures) {
+  const state = loadCircuitState(planningDir);
+  const entry = state[operationType] || { failures: 0, disabled: false, last_failure: 0 };
+  entry.failures += 1;
+  entry.last_failure = Date.now();
+  if (entry.failures >= maxFailures) {
+    entry.disabled = true;
+  }
+  state[operationType] = entry;
+  saveCircuitState(planningDir, state);
+}
+
+/**
+ * Resets the persistent circuit state for the given operation type.
+ *
+ * @param {string} planningDir
+ * @param {string} operationType
+ */
+function resetCircuitPersistent(planningDir, operationType) {
+  const state = loadCircuitState(planningDir);
+  delete state[operationType];
+  saveCircuitState(planningDir, state);
+}
+
+module.exports = {
+  loadCircuitState,
+  saveCircuitState,
+  isDisabledPersistent,
+  recordFailurePersistent,
+  resetCircuitPersistent,
+  STALE_TTL_MS
+};

package/plugins/pbr/scripts/lib/config.js

@@ -92,6 +92,23 @@ function configValidate(preloadedConfig, planningDir) {
     warnings.push(`config.json schema is outdated. Run: node pbr-tools.js migrate`);
   }
 
+  // Local LLM endpoint must be localhost-only for security
+  if (config.local_llm && config.local_llm.enabled === true && config.local_llm.endpoint) {
+    try {
+      const parsed = new URL(config.local_llm.endpoint);
+      const hostname = parsed.hostname.toLowerCase();
+      const localhostNames = ['localhost', '127.0.0.1', '::1', '[::1]'];
+      if (!localhostNames.includes(hostname)) {
+        errors.push(
+          `local_llm.endpoint must be a localhost address (localhost, 127.0.0.1, or ::1). ` +
+          `Got: "${hostname}". Non-localhost endpoints are not supported for security reasons.`
+        );
+      }
+    } catch (_urlErr) {
+      errors.push(`local_llm.endpoint is not a valid URL: "${config.local_llm.endpoint}"`);
+    }
+  }
+
   // Semantic conflict detection — logical contradictions that pass schema validation
   // Clear contradictions -> errors; ambiguous/preference issues -> warnings
   if (config.mode === 'autonomous' && config.gates) {

package/plugins/pbr/scripts/lib/core.js

@@ -395,9 +395,11 @@ function lockedFileUpdate(filePath, updateFn, opts = {}) {
           if (attempt < retries - 1) {
             // Wait and retry
             const waitMs = retryDelayMs * (attempt + 1);
-            const start = Date.now();
-            while (Date.now() - start < waitMs) {
-              // Busy wait (synchronous context)
+            try {
+              Atomics.wait(new Int32Array(new SharedArrayBuffer(4)), 0, 0, waitMs);
+            } catch (_atomicsErr) {
+              const end = Date.now() + waitMs;
+              while (Date.now() < end) { /* last-resort fallback */ }
             }
             continue;
           }

package/plugins/pbr/scripts/lib/gates/advisories.js

@@ -0,0 +1,125 @@
+'use strict';
+
+/**
+ * Advisory checks for validate-task.
+ * These return warning strings rather than blocking the tool call.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { readActiveSkill } = require('./helpers');
+
+/**
+ * Advisory check: when pbr:debugger is spawned and .active-skill is 'debug',
+ * warn if .planning/debug/ directory does not exist.
+ * Returns a warning string or null.
+ * @param {object} data - hook data with tool_input
+ * @returns {string|null}
+ */
+function checkDebuggerAdvisory(data) {
+  const subagentType = data.tool_input?.subagent_type || '';
+  if (subagentType !== 'pbr:debugger') return null;
+
+  // Only advise when spawned from the debug skill
+  const cwd = process.env.PBR_PROJECT_ROOT || process.cwd();
+  const planningDir = path.join(cwd, '.planning');
+  const activeSkill = readActiveSkill(planningDir);
+  if (activeSkill !== 'debug') return null;
+
+  const debugDir = path.join(planningDir, 'debug');
+  if (!fs.existsSync(debugDir)) {
+    return 'Debugger advisory: .planning/debug/ does not exist. Create it before spawning the debugger so output has a target location.';
+  }
+  return null;
+}
+
+/**
+ * Advisory check: when pbr:executor is spawned in build context,
+ * warn if .checkpoint-manifest.json is missing from the phase directory.
+ * Returns a warning string or null.
+ * @param {object} data - hook data with tool_input
+ * @returns {string|null}
+ */
+function checkCheckpointManifest(data) {
+  const toolInput = data.tool_input || {};
+  const subagentType = toolInput.subagent_type || '';
+
+  if (subagentType !== 'pbr:executor') return null;
+
+  const cwd = process.env.PBR_PROJECT_ROOT || process.cwd();
+  const planningDir = path.join(cwd, '.planning');
+
+  const activeSkill = readActiveSkill(planningDir);
+  if (activeSkill !== 'build') return null;
+
+  // Find current phase dir
+  const stateFile = path.join(planningDir, 'STATE.md');
+  try {
+    const state = fs.readFileSync(stateFile, 'utf8');
+    const phaseMatch = state.match(/Phase:\s*(\d+)\s+of\s+\d+/);
+    if (!phaseMatch) return null;
+
+    const currentPhase = phaseMatch[1].padStart(2, '0');
+    const phasesDir = path.join(planningDir, 'phases');
+    if (!fs.existsSync(phasesDir)) return null;
+
+    const dirs = fs.readdirSync(phasesDir).filter(d => d.startsWith(currentPhase + '-'));
+    if (dirs.length === 0) return null;
+
+    const phaseDir = path.join(phasesDir, dirs[0]);
+    const manifestFile = path.join(phaseDir, '.checkpoint-manifest.json');
+    if (!fs.existsSync(manifestFile)) {
+      return 'Build advisory: .checkpoint-manifest.json not found in phase directory. The build skill should write this before spawning executors. To fix: Run /pbr:health to regenerate checkpoint manifest.';
+    }
+  } catch (_e) {
+    return null;
+  }
+
+  return null;
+}
+
+/**
+ * Advisory check: when any pbr:* agent is being spawned, warn if
+ * .planning/.active-skill doesn't exist. Without this file, all
+ * skill-specific enforcement is silently disabled.
+ * Returns a warning string or null.
+ * @param {object} data - hook data with tool_input
+ * @returns {string|null}
+ */
+function checkActiveSkillIntegrity(data) {
+  const toolInput = data.tool_input || {};
+  const subagentType = toolInput.subagent_type || '';
+
+  if (typeof subagentType !== 'string' || !subagentType.startsWith('pbr:')) return null;
+
+  // Advisory agents that run without an active skill context — exempt from .active-skill checks
+  const EXEMPT_AGENTS = ['pbr:researcher', 'pbr:synthesizer', 'pbr:audit', 'pbr:dev-sync', 'pbr:general'];
+  if (EXEMPT_AGENTS.includes(subagentType)) return null;
+
+  const cwd = process.env.PBR_PROJECT_ROOT || process.cwd();
+  const planningDir = path.join(cwd, '.planning');
+
+  // Only check if .planning/ exists (PBR project)
+  if (!fs.existsSync(planningDir)) return null;
+
+  const activeSkillFile = path.join(planningDir, '.active-skill');
+  if (!fs.existsSync(activeSkillFile)) {
+    return 'Active-skill integrity: .planning/.active-skill not found. Skill-specific enforcement is disabled. The invoking skill should write this file. To fix: Wait for the current skill to finish, or delete .planning/.active-skill if stale.';
+  }
+
+  // Stale lock detection: warn if .active-skill is older than 2 hours
+  try {
+    const stat = fs.statSync(activeSkillFile);
+    const ageMs = Date.now() - stat.mtimeMs;
+    const TWO_HOURS = 2 * 60 * 60 * 1000;
+    if (ageMs > TWO_HOURS) {
+      const ageHours = Math.round(ageMs / (60 * 60 * 1000));
+      const skill = fs.readFileSync(activeSkillFile, 'utf8').trim();
+      return `Active-skill integrity: .planning/.active-skill is ${ageHours}h old (skill: "${skill}"). This may be a stale lock from a crashed session. Run /pbr:health to diagnose, or delete .planning/.active-skill if the previous session is no longer running.`;
+    }
+  } catch (_e) { /* best-effort */ }
+
+  return null;
+}
+
+module.exports = { checkDebuggerAdvisory, checkCheckpointManifest, checkActiveSkillIntegrity };