@skill-map/cli 0.22.0 → 0.23.0

package/dist/cli.js

@@ -606,7 +606,7 @@ var geminiProvider = {
   // registry entries (they ship later under the Gemini bundle), but
   // the qualified form is the contract.
   //
-  // UI presentation: kind visuals are normalised across Providers — every
+  // UI presentation: kind visuals are normalised across Providers, every
   // Provider that contributes `agent` declares the same color + icon as
   // Claude, every Provider that contributes `skill` declares the same
   // color + icon as Claude, etc. The declaration STAYS per-Provider (the
@@ -665,7 +665,7 @@ var agentSkillsProvider = {
   pluginId: "agent-skills",
   kind: "provider",
   version: "1.0.0",
-  description: "Walks the open-standard `.agents/skills/<name>/SKILL.md` convention (Anthropic / OpenAI / Google).",
+  description: "Agent Skills open standard. Vendor-neutral path `.agents/skills/<name>/SKILL.md` (Anthropic, OpenAI, Google). See agentskills.io.",
   stability: "stable",
   read: { extensions: [".md"], parser: "frontmatter-yaml" },
   kinds: {
@@ -706,7 +706,7 @@ var coreMarkdownProvider = {
   pluginId: "core",
   kind: "provider",
   version: "1.0.0",
-  description: "Universal `.md` fallback \u2014 claims any markdown file no vendor-specific Provider classifies.",
+  description: "Universal `.md` fallback. Claims any markdown file no vendor-specific Provider classifies.",
   stability: "stable",
   read: { extensions: [".md"], parser: "frontmatter-yaml" },
   // Per spec § A.6, defaultRefreshAction values MUST be qualified
@@ -825,7 +825,7 @@ var slashExtractor = {
   pluginId: "core",
   kind: "extractor",
   version: "1.0.0",
-  description: "Detects `/command` invocations in a node's body and turns each one into an arrow (edge) between nodes in the graph.",
+  description: "Detects `/command` invocations in a node's body and turns each one into an arrow between nodes in the graph.",
   stability: "stable",
   emitsLinkKinds: ["invokes"],
   defaultConfidence: "medium",
@@ -860,7 +860,7 @@ var atDirectiveExtractor = {
   pluginId: "core",
   kind: "extractor",
   version: "1.0.0",
-  description: "Detects `@agent-name` mentions in a node's body and turns each one into an arrow (edge) between nodes in the graph.",
+  description: "Detects `@agent-name` mentions in a node's body and turns each one into an arrow between nodes in the graph.",
   stability: "stable",
   emitsLinkKinds: ["mentions"],
   defaultConfidence: "medium",
@@ -896,24 +896,24 @@ var externalUrlCounterExtractor = {
   pluginId: "core",
   kind: "extractor",
   version: "1.0.0",
-  description: "Counts the distinct external URLs (`http://` / `https://`) in a node's body and shows the total as a chip on the card.",
+  description: "Counts the distinct external URLs in a node's body and shows the total on the card.",
   stability: "stable",
   emitsLinkKinds: ["references"],
   defaultConfidence: "low",
   scope: "body",
   /**
-   * Phase 6 / View contribution system — surface the distinct-URL
+   * Phase 6 / View contribution system, surface the distinct-URL
    * count as a card-footer-left chip alongside the in/out link
    * counters and the tools-count wrench. The chip is silent when
    * zero URLs were emitted (`emitWhenEmpty: false`), so unrelated
    * nodes do not gain a `link 0` decoration. The counter rides on
    * exactly the same data the orchestrator was already going to
-   * count — there is no second pass.
+   * count, there is no second pass.
    *
    * Icon is the PrimeIcons `pi-link` glyph (declared as the bare
    * `'link'` per `IconString` rules in `view-slots.schema.json`).
    * Mirrors the look of the legacy hardcoded `pi pi-link` chip in
-   * `node-card.html` it replaced — same icon font, same sizing
+   * `node-card.html` it replaced, same icon font, same sizing
    * inherited from the footer `.sm-gnode__stat` styles cloned by
    * the `NodeCounter` renderer.
    */
@@ -997,7 +997,7 @@ var markdownLinkExtractor = {
   pluginId: "core",
   kind: "extractor",
   version: "1.0.0",
-  description: "Detects markdown links (`[text](path)`) in a node's body and turns each one into an arrow (edge) between nodes in the graph.",
+  description: "Detects markdown links (`[text](path)`) in a node's body and turns each one into an arrow between nodes in the graph.",
   stability: "stable",
   emitsLinkKinds: ["references"],
   defaultConfidence: "high",
@@ -1059,14 +1059,14 @@ function lineFor2(lineStarts, offset) {
 
 // built-in-plugins/analyzers/stability/index.ts
 var ID6 = "stability";
-var EXPERIMENTAL_TOOLTIP = "Experimental \u2014 API may change";
-var DEPRECATED_TOOLTIP = "Deprecated \u2014 avoid in new code";
+var EXPERIMENTAL_TOOLTIP = "Experimental: API may change";
+var DEPRECATED_TOOLTIP = "Deprecated: avoid in new code";
 var stabilityAnalyzer = {
   id: ID6,
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Surfaces the node lifecycle stage (`stability: experimental | deprecated`) as a chip on the card footer and as an Issue (`deprecated \u2192 warn`, `experimental \u2192 info`) in `sm check`. Reads `annotations.stability` from the sidecar, falling back to legacy frontmatter `metadata.stability`.",
+  description: "Reports node lifecycle stage (`experimental`, `deprecated`) on the card.",
   stability: "stable",
   mode: "deterministic",
   viewContributions: {
@@ -1098,7 +1098,7 @@ var stabilityAnalyzer = {
           analyzerId: ID6,
           severity: "info",
           nodeIds: [node.path],
-          message: `Node '${node.path}' is marked experimental \u2014 API may change.`,
+          message: `Node '${node.path}' is marked experimental: API may change.`,
           data: { stability }
         });
       } else if (stability === "deprecated") {
@@ -1111,7 +1111,7 @@ var stabilityAnalyzer = {
           analyzerId: ID6,
           severity: "warn",
           nodeIds: [node.path],
-          message: `Node '${node.path}' is marked deprecated \u2014 avoid in new code.`,
+          message: `Node '${node.path}' is marked deprecated: avoid in new code.`,
           data: { stability }
         });
       }
@@ -1143,7 +1143,7 @@ var toolsCountExtractor = {
   pluginId: "core",
   kind: "extractor",
   version: "1.0.0",
-  description: "Counts the tools an agent declares in its frontmatter and shows the total as a wrench chip on the agent card.",
+  description: "Counts the tools an agent declares in its frontmatter and shows the total on the agent card.",
   stability: "stable",
   emitsLinkKinds: [],
   defaultConfidence: "high",
@@ -1193,9 +1193,9 @@ var TRIGGER_COLLISION_TEXTS = {
    * (e.g. `'; y '` in Spanish) without touching the rule code.
    */
   messageTwoParts: 'Trigger "{{normalized}}" has {{first}}; and {{second}}.',
-  /** `<n> nodes advertise it: <list>` part — fires on the advertiser-ambiguous branch. */
+  /** `<n> nodes advertise it: <list>` part, fires on the advertiser-ambiguous branch. */
   partAdvertisers: "{{count}} nodes advertise it: {{paths}}",
-  /** `<n> distinct invocation forms: <list>` part — fires on the invocation-ambiguous branch. */
+  /** `<n> distinct invocation forms: <list>` part, fires on the invocation-ambiguous branch. */
   partInvocations: "{{count}} distinct invocation forms: {{forms}}",
   /** Singular cross-kind cause: `non-canonical invocation <form> against advertiser <path>`. */
   partNonCanonicalSingular: "non-canonical invocation {{forms}} against advertiser {{advertiser}}",
@@ -1216,7 +1216,7 @@ var triggerCollisionAnalyzer = {
   kind: "analyzer",
   mode: "deterministic",
   version: "1.0.0",
-  description: "Flags when two or more nodes claim the same `/command` or `@agent` name \u2014 either by their `name` field or by how they are invoked elsewhere.",
+  description: "Detects and flags two or more nodes claiming the same `/command` or `@agent` name.",
   stability: "stable",
   // Two claim-collection passes (advertisement + invocation) feeding
   // the bucket map. Per-bucket analysis lives in `analyzeTriggerBucket`.
@@ -1343,7 +1343,7 @@ var brokenRefAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Flags arrows pointing at a node that is not part of the current scan (broken link).",
+  description: "Detects and flags arrows pointing at a node not part of the current scan.",
   stability: "stable",
   mode: "deterministic",
   viewContributions: {
@@ -1354,7 +1354,7 @@ var brokenRefAnalyzer = {
       icon: "fa-solid fa-circle-xmark",
       emitWhenEmpty: false
     },
-    // Footer chip on the card. `_counter` shape — `value` always shows,
+    // Footer chip on the card. `_counter` shape, `value` always shows,
     // so the operator sees "how many" at a glance. Renders OUTLINED
     // (`fa-regular`) so the corner alert (filled, attention-grabbing)
     // and the footer chip (quieter, paired with a number) read as two
@@ -1462,7 +1462,7 @@ var supersededAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Marks nodes that have been replaced by a newer one (the sidecar declares `supersededBy`).",
+  description: "Detects and marks nodes replaced by a newer one via `supersededBy`.",
   stability: "stable",
   mode: "deterministic",
   evaluate(ctx) {
@@ -1507,7 +1507,7 @@ var linkConflictAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: 'Flags when two extractors disagree on the meaning of the same arrow (e.g. one says "references", the other says "invokes").',
+  description: 'Detects and flags conflicting arrow meanings between extractors (e.g. "references" vs "invokes").',
   stability: "stable",
   mode: "deterministic",
   // Bucket links by (source, target), then per-bucket detect distinct
@@ -1586,9 +1586,9 @@ var ANNOTATION_STALE_TEXTS = {
   /** both body and frontmatter changed */
   bothDrift: "{{path}}: sidecar `.sm` is stale (body and frontmatter changed since last bump).",
   // Tooltips for the `card.footer.right` clock chip emitted alongside
-  // the issue. Lists only the drifted face(s) — in-sync faces are
+  // the issue. Lists only the drifted face(s), in-sync faces are
   // omitted so the operator immediately sees what's modified without
-  // scanning prose. No `{{path}}` placeholder — the chip already sits
+  // scanning prose. No `{{path}}` placeholder, the chip already sits
   // on the affected node. The hint `sm bump <path>` keeps `<path>` as
   // a literal placeholder the operator substitutes.
   bodyTooltip: "Sidecar drift since last bump:\n  \u2022 body\nRun `sm bump <path>` to refresh.",
@@ -1603,14 +1603,19 @@ var annotationStaleAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Marks nodes whose `.sm` sidecar is out of date \u2014 the `.md` content changed since the last sidecar bump. Surfaces an Issue (panel) plus a `pi-clock` chip in the card footer.",
+  description: "Detects and marks sidecars (`.sm`) out of date of their `.md`.",
   stability: "stable",
   mode: "deterministic",
+  // The natural fix is to bump the node: refreshes `for` hashes,
+  // increments `annotations.version`, and stamps the audit block. The
+  // UI surfaces `core/bump` in the node inspector under "Recommended
+  // for issues" whenever this analyzer fires.
+  recommendedActions: ["core/bump"],
   viewContributions: {
     // A `pi-clock` chip in the footer-right cluster so the operator
     // spots drift in the list / inspector view (and on the graph card
     // body). Emitted with `value: 0` and `emitWhenEmpty: true` so the
-    // renderer treats it as icon-only — drift severity is binary at
+    // renderer treats it as icon-only, drift severity is binary at
     // this surface (the tooltip carries the per-face detail body /
     // frontmatter / both). The corner badge on `graph.node.alert` was
     // dropped on purpose: a tooltip on the footer chip is enough, and
@@ -1670,7 +1675,7 @@ var annotationOrphanAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Flags `.sm` sidecars whose matching `.md` file no longer exists on disk.",
+  description: "Detects and flags sidecars (`.sm`) whose `.md` no longer exists.",
   stability: "stable",
   mode: "deterministic",
   evaluate(ctx) {
@@ -1713,7 +1718,7 @@ var jobOrphanFileAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Flags leftover job result files in `.skill-map/jobs/` that no live job references. Cleanup via `sm job prune --orphan-files`.",
+  description: "Detects and flags leftover job result files (no live job references them). Cleanup via `sm job prune --orphan-files`.",
   stability: "stable",
   mode: "deterministic",
   evaluate(ctx) {
@@ -1751,9 +1756,9 @@ var UNKNOWN_FIELD_TEXTS = {
   /** Key inside `annotations:` is not in the curated catalog. */
   unknownAnnotationKey: "{{path}}: sidecar annotations contain unknown key '{{key}}' (not in annotations.schema.json catalog).",
   /** Top-level key is neither reserved, nor a registered plugin namespace, nor a registered root key. */
-  unknownRootKey: "{{path}}: sidecar declares unknown top-level key '{{key}}' \u2014 not a reserved block, not a registered plugin namespace, not a registered root contribution.",
+  unknownRootKey: "{{path}}: sidecar declares unknown top-level key '{{key}}'; not a reserved block, not a registered plugin namespace, not a registered root contribution.",
   /** Value under a registered plugin namespace fails the contributed schema. */
-  pluginNamespaceInvalid: "{{path}}: sidecar block '{{pluginId}}.{{key}}' fails the schema contributed by plugin '{{pluginId}}' \u2014 {{errors}}.",
+  pluginNamespaceInvalid: "{{path}}: sidecar block '{{pluginId}}.{{key}}' fails the schema contributed by plugin '{{pluginId}}': {{errors}}.",
   // Tooltips for the per-node view-contribution badges. Singular vs
   // plural keeps the count grammar correct without a sub-template.
   alertTooltipSingle: "This node has 1 unknown field in its sidecar. Open the inspector for details.",
@@ -1768,7 +1773,7 @@ var unknownFieldAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Catches typos and unrecognized keys inside `.sm` sidecars, including plugin-contributed annotation fields that fail their own schema.",
+  description: "Detects and flags typos or unrecognized keys in sidecars (`.sm`).",
   stability: "stable",
   mode: "deterministic",
   viewContributions: {
@@ -1776,13 +1781,13 @@ var unknownFieldAnalyzer = {
     // single unknown field (avoids a noisy "icon + 1" chip).
     alert: {
       slot: "graph.node.alert",
-      // Filled warning triangle on the corner — matches the broken-ref
+      // Filled warning triangle on the corner, matches the broken-ref
       // alert's "attention-grabbing solid" pattern; the footer chip
       // below stays outlined for the quieter counter pairing.
       icon: "fa-solid fa-triangle-exclamation",
       emitWhenEmpty: false
     },
-    // Footer chip on the card — `_counter` shape but rendered icon-only
+    // Footer chip on the card, `_counter` shape but rendered icon-only
     // (the analyzer emits `value: 0` so NodeCounter hides the number
     // and only the glyph shows). PrimeIcons `pi-question-circle` so the
     // visual weight matches `annotation-stale`'s `pi-clock` chip
@@ -1796,6 +1801,11 @@ var unknownFieldAnalyzer = {
       priority: 30
     }
   },
+  // Analyzer body iterates every sidecar root and classifies each
+  // key against three buckets (catalog / plugin namespace / unknown
+  // root). The per-key branching IS the classification table; factoring
+  // it out would rebuild the discriminator elsewhere. Per
+  // `context/lint.md` category 7 (recursive type-discriminator walkers).
   // eslint-disable-next-line complexity
   evaluate(ctx) {
     const sidecarRoots = ctx.sidecarRoots;
@@ -1932,64 +1942,14 @@ function collectPluginIds(contributions) {
   return out;
 }
 
-// built-in-plugins/analyzers/unknown-slot/index.ts
-var ID16 = "unknown-slot";
-var KNOWN_SLOTS = /* @__PURE__ */ new Set([
-  "card.title.right",
-  "card.subtitle.left",
-  "card.footer.left",
-  "card.footer.right",
-  "graph.node.alert",
-  "inspector.header.badge.counter",
-  "inspector.header.badge.tag",
-  "inspector.body.panel.breakdown",
-  "inspector.body.panel.records",
-  "inspector.body.panel.tree",
-  "inspector.body.panel.key-values",
-  "inspector.body.panel.link-list",
-  "inspector.body.panel.markdown",
-  "topbar.nav.start"
-]);
-var unknownSlotAnalyzer = {
-  id: ID16,
-  pluginId: "core",
-  kind: "analyzer",
-  version: "1.0.0",
-  description: "Warns when a plugin tries to render in a UI position that does not exist (typo or removed in a newer skill-map version).",
-  stability: "stable",
-  mode: "deterministic",
-  evaluate(ctx) {
-    const contributions = ctx.viewContributions;
-    if (!contributions || contributions.length === 0) return [];
-    const issues = [];
-    for (const c of contributions) {
-      if (KNOWN_SLOTS.has(c.slot)) continue;
-      const qualified = `${c.pluginId}/${c.extensionId}/${c.contributionId}`;
-      issues.push({
-        analyzerId: ID16,
-        severity: "warn",
-        nodeIds: [],
-        message: `Plugin ${qualified} declares unknown slot '${c.slot}'. Run \`sm plugins upgrade ${c.pluginId}\` or update the plugin to a slot in the current catalog (\`sm plugins slots list\`).`,
-        data: {
-          pluginId: c.pluginId,
-          extensionId: c.extensionId,
-          contributionId: c.contributionId,
-          slot: c.slot
-        }
-      });
-    }
-    return issues;
-  }
-};
-
 // built-in-plugins/analyzers/contribution-orphan/index.ts
-var ID17 = "contribution-orphan";
+var ID16 = "contribution-orphan";
 var contributionOrphanAnalyzer = {
-  id: ID17,
+  id: ID16,
   pluginId: "core",
   kind: "analyzer",
-  version: "1.0.0",
-  description: "Warns when a plugin's per-node chips reference a node that was renamed or deleted in the latest scan.",
+  version: "0.0.0",
+  description: "Detects and warns about plugin data referencing nodes renamed or deleted in the latest scan.",
   stability: "experimental",
   mode: "deterministic",
   evaluate(_ctx) {
@@ -2006,14 +1966,14 @@ function sanitizeForTerminal(text) {
 
 // built-in-plugins/i18n/ascii.texts.ts
 var ASCII_FORMATTER_TEXTS = {
-  /** Header line: `skill-map graph — N nodes, M links, K issues`. */
-  header: "skill-map graph \u2014 {{nodes}} nodes, {{links}} links, {{issues}} issues",
+  /** Header line: `skill-map graph: N nodes, M links, K issues`. */
+  header: "skill-map graph: {{nodes}} nodes, {{links}} links, {{issues}} issues",
   /** Per-node-kind section header: `## <kind> (<count>)`. */
   kindSectionHeader: "## {{kind}} ({{count}})",
   /** Plain node bullet: `- <path>`. */
   nodeBullet: "- {{path}}",
-  /** Node bullet with title suffix: `- <path> — "<title>"`. */
-  nodeBulletWithTitle: '- {{path}} \u2014 "{{title}}"',
+  /** Node bullet with title suffix: `- <path>: "<title>"`. */
+  nodeBulletWithTitle: '- {{path}}: "{{title}}"',
   /** `## links (<count>)` section header. */
   linksSectionHeader: "## links ({{count}})",
   /** Link bullet: `- <source> --<kind>--> <target>  [<confidence>]`. */
@@ -2025,17 +1985,17 @@ var ASCII_FORMATTER_TEXTS = {
 };
 
 // built-in-plugins/formatters/ascii/index.ts
-var ID18 = "ascii";
+var ID17 = "ascii";
 var KIND_ORDER = ["agent", "command", "skill", "markdown"];
 var asciiFormatter = {
-  id: ID18,
+  id: ID17,
   pluginId: "core",
   kind: "formatter",
   version: "1.0.0",
-  description: "Plain-text dump of the scan grouped by kind, then arrows, then issues. Used by `sm scan --format=ascii`.",
+  description: "Renders the scan as plain text, grouped by kind, arrows, and issues. Used by `sm scan --format=ascii`.",
   stability: "stable",
   formatId: "ascii",
-  // ASCII tree formatter — header + per-kind sections + per-issue
+  // ASCII tree formatter, header + per-kind sections + per-issue
   // section. Each section iterates and renders; splitting per section
   // would multiply the for-loop boilerplate.
   // eslint-disable-next-line complexity
@@ -2126,11 +2086,54 @@ function renderSection(out, kind, group) {
   out.push("");
 }
 
+// built-in-plugins/formatters/json/index.ts
+var ID18 = "json";
+var jsonFormatter = {
+  id: ID18,
+  pluginId: "core",
+  kind: "formatter",
+  version: "1.0.0",
+  description: "Renders the persisted scan as JSON (conforms to `scan-result.schema.json` when the full ScanResult is available). Used by `sm graph --format json` and `GET /api/graph?format=json`.",
+  stability: "stable",
+  formatId: ID18,
+  format(ctx) {
+    if (ctx.scanResult !== void 0) {
+      return JSON.stringify(ctx.scanResult);
+    }
+    return JSON.stringify({
+      nodes: ctx.nodes,
+      links: ctx.links,
+      issues: ctx.issues
+    });
+  }
+};
+
 // kernel/adapters/schema-validators.ts
 import { readFileSync as readFileSync2 } from "fs";
 import { dirname as dirname2, resolve as resolve3 } from "path";
 import { createRequire as createRequire2 } from "module";
 import { Ajv2020 as Ajv20202 } from "ajv/dist/2020.js";
+
+// kernel/types/view-catalog.ts
+var ALL_SLOT_NAMES = [
+  "card.title.right",
+  "card.subtitle.left",
+  "card.footer.left",
+  "card.footer.right",
+  "graph.node.alert",
+  "inspector.header.badge.counter",
+  "inspector.header.badge.tag",
+  "inspector.body.panel.breakdown",
+  "inspector.body.panel.records",
+  "inspector.body.panel.tree",
+  "inspector.body.panel.key-values",
+  "inspector.body.panel.link-list",
+  "inspector.body.panel.markdown",
+  "topbar.nav.start"
+];
+var KNOWN_SLOT_NAMES = new Set(ALL_SLOT_NAMES);
+
+// kernel/adapters/schema-validators.ts
 var SCHEMA_FILES = {
   node: "schemas/node.schema.json",
   link: "schemas/link.schema.json",
@@ -2198,24 +2201,8 @@ function buildSchemaValidators() {
   });
   const contributionValidators = /* @__PURE__ */ new Map();
   const VIEW_SLOTS_ID = "https://skill-map.dev/spec/v0/view-slots.schema.json";
-  const KNOWN_SLOTS2 = /* @__PURE__ */ new Set([
-    "card.title.right",
-    "card.subtitle.left",
-    "card.footer.left",
-    "card.footer.right",
-    "graph.node.alert",
-    "inspector.header.badge.counter",
-    "inspector.header.badge.tag",
-    "inspector.body.panel.breakdown",
-    "inspector.body.panel.records",
-    "inspector.body.panel.tree",
-    "inspector.body.panel.key-values",
-    "inspector.body.panel.link-list",
-    "inspector.body.panel.markdown",
-    "topbar.nav.start"
-  ]);
   function getContributionValidator(slot) {
-    if (!KNOWN_SLOTS2.has(slot)) return null;
+    if (!KNOWN_SLOT_NAMES.has(slot)) return null;
     const existing = contributionValidators.get(slot);
     if (existing) return existing;
     const ref = `${VIEW_SLOTS_ID}#/$defs/payloads/${slot}`;
@@ -2313,7 +2300,7 @@ function resolveSpecRoot() {
     return dirname2(indexPath);
   } catch {
     throw new Error(
-      "@skill-map/spec not resolvable \u2014 ensure the workspace is linked or the package is installed."
+      "@skill-map/spec not resolvable: ensure the workspace is linked or the package is installed."
     );
   }
 }
@@ -2341,7 +2328,7 @@ var validateAllAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Validates every scanned node / link against the authoritative @skill-map/spec schemas.",
+  description: "Detects and flags nodes or links violating the project schemas.",
   stability: "stable",
   mode: "deterministic",
   evaluate(ctx) {
@@ -2421,7 +2408,7 @@ var linkCountsAnalyzer = {
   pluginId: "core",
   kind: "analyzer",
   version: "1.0.0",
-  description: "Counts incoming and outgoing links per node and surfaces them as paired footer chips.",
+  description: "Counts incoming and outgoing links per node.",
   stability: "stable",
   mode: "deterministic",
   viewContributions: {
@@ -2485,6 +2472,29 @@ import { dirname as dirname3, resolve as resolve4 } from "path";
 import { createRequire as createRequire3 } from "module";
 import { Ajv2020 as Ajv20203 } from "ajv/dist/2020.js";
 import yaml from "js-yaml";
+
+// kernel/util/strip-prototype-pollution.ts
+var FORBIDDEN_KEYS = /* @__PURE__ */ new Set([
+  "__proto__",
+  "constructor",
+  "prototype"
+]);
+function stripPrototypePollution(value) {
+  return strip(value);
+}
+function strip(value) {
+  if (value === null || value === void 0) return value;
+  if (typeof value !== "object") return value;
+  if (Array.isArray(value)) return value.map(strip);
+  const out = {};
+  for (const [k, v] of Object.entries(value)) {
+    if (FORBIDDEN_KEYS.has(k)) continue;
+    out[k] = strip(v);
+  }
+  return out;
+}
+
+// kernel/sidecar/parse.ts
 function readSidecarFor(mdAbsolutePath) {
   const sidecarPath = sidecarPathFor(mdAbsolutePath);
   if (!existsSync(sidecarPath)) {
@@ -2510,6 +2520,7 @@ function readSidecarFor(mdAbsolutePath) {
       issues: [{ message: `malformed YAML in ${sidecarPath}: ${err.message}` }]
     };
   }
+  parsedYaml = stripPrototypePollution(parsedYaml);
   if (!isPlainObject(parsedYaml)) {
     return {
       parsed: null,
@@ -2575,7 +2586,7 @@ function resolveSpecRoot2() {
     return dirname3(indexPath);
   } catch {
     throw new Error(
-      "@skill-map/spec not resolvable \u2014 sidecar reader cannot load schemas."
+      "@skill-map/spec not resolvable: sidecar reader cannot load schemas."
     );
   }
 }
@@ -2588,7 +2599,7 @@ var bumpAction = {
   pluginId: PLUGIN_ID,
   kind: "action",
   version: "1.0.0",
-  description: "Marks a node as updated \u2014 bumps its version, refreshes the sidecar hashes, and records the timestamp. Refuses on a fresh node unless `force: true` is passed.",
+  description: "Marks a node as updated: bumps version, refreshes sidecar hashes, records the timestamp.",
   stability: "stable",
   mode: "deterministic",
   reportSchemaRef: "https://skill-map.dev/spec/v0/bump-report.schema.json",
@@ -2644,6 +2655,24 @@ function pickCurrentVersion(overlay) {
   return typeof v === "number" && Number.isFinite(v) ? v : 0;
 }
 
+// built-in-plugins/actions/mark-superseded/index.ts
+var ID22 = "mark-superseded";
+var PLUGIN_ID2 = "core";
+var markSupersededAction = {
+  id: ID22,
+  pluginId: PLUGIN_ID2,
+  kind: "action",
+  version: "0.0.0",
+  description: "Declares the current node as superseded by another (writes `supersededBy` to the sidecar). Paired with the `core/superseded` analyzer.",
+  stability: "experimental",
+  mode: "deterministic",
+  reportSchemaRef: "https://skill-map.dev/spec/v0/report-base-deterministic.schema.json",
+  invoke(_input, _ctx) {
+    const report = { ok: true, noop: true };
+    return { report };
+  }
+};
+
 // cli/util/update-check-banner.ts
 import { existsSync as existsSync7 } from "fs";
 
@@ -3406,10 +3435,10 @@ function scanCheckedLiteral(sql4, start, closer, label) {
 }
 function findCommentMarker(ch, next, label) {
   if (ch === "-" && next === "-") {
-    return `${label} contains '--' (line comment marker). Reject \u2014 validator and engine would disagree on statement boundaries.`;
+    return `${label} contains '--' (line comment marker). Reject: validator and engine would disagree on statement boundaries.`;
   }
   if (ch === "/" && next === "*") {
-    return `${label} contains '/*' (block comment marker). Reject \u2014 validator and engine would disagree on statement boundaries.`;
+    return `${label} contains '/*' (block comment marker). Reject: validator and engine would disagree on statement boundaries.`;
   }
   return null;
 }
@@ -3975,7 +4004,7 @@ function rowToNode(row) {
     linksInCount: row.linksInCount,
     externalRefsCount: row.externalRefsCount,
     frontmatter: parseJsonObject(row.frontmatterJson),
-    // Step 9.6.2 — reconstitute the sidecar overlay from the
+    // Step 9.6.2, reconstitute the sidecar overlay from the
     // denormalised columns. Status is trusted as-stored (the kernel
     // wrote it from `computeDriftStatus`); annotations re-parse from
     // the JSON column.
@@ -3983,7 +4012,7 @@ function rowToNode(row) {
       present: row.sidecarPresent === 1,
       status: row.sidecarStatus,
       annotations: row.annotationsJson === null ? null : parseJsonObject(row.annotationsJson),
-      // R15 closure (2026-05-07) — rehydrate the full parsed root from
+      // R15 closure (2026-05-07), rehydrate the full parsed root from
       // the sibling JSON column. NULL when no sidecar is present, or
       // when the sidecar failed to parse on the scanning side.
       root: row.sidecarRootJson === null ? null : parseJsonObject(row.sidecarRootJson)
@@ -4076,7 +4105,13 @@ async function loadNodeEnrichments(db, nodePath) {
     nodePath: row.nodePath,
     extractorId: row.extractorId,
     bodyHashAtEnrichment: row.bodyHashAtEnrichment,
-    value: parseJsonObject(row.valueJson),
+    // Audit M3: deep-strip `__proto__` / `constructor` / `prototype`
+    // keys at every depth before the value flows into the read-time
+    // merge in `mergeNodeWithEnrichments`. AJV at emit time does not
+    // forbid these names; without the strip a hostile (or buggy)
+    // extractor could persist a nested forbidden key that survived
+    // the JSON round-trip and exploited a future deep merge.
+    value: stripPrototypePollution(parseJsonObject(row.valueJson)),
     stale: row.stale === 1,
     enrichedAt: row.enrichedAt,
     isProbabilistic: row.isProbabilistic === 1
@@ -4214,7 +4249,7 @@ async function purgeContributionsByPlugin(db, pluginId, extensionId) {
 function rowToContribution(row) {
   let payload;
   try {
-    payload = JSON.parse(row.payloadJson);
+    payload = stripPrototypePollution(JSON.parse(row.payloadJson));
   } catch {
     payload = {};
   }
@@ -4664,7 +4699,7 @@ var SqliteStorageAdapter = class {
   /**
    * Access the underlying Kysely instance.
    *
-   * Test-only escape hatch (per AGENTS.md § Kernel boundaries — tests
+   * Test-only escape hatch (per AGENTS.md § Kernel boundaries, tests
    * are the documented exception). CLI commands MUST consume the
    * adapter through the namespaced port surfaces (`port.<namespace>.*`
    * or `port.transaction(...)`); reaching for this getter from a
@@ -4701,6 +4736,7 @@ var SqliteStorageAdapter = class {
     };
     this.issues = {
       listAll: () => listAllIssues(this.db),
+      list: (filter) => listIssues(this.db, filter),
       findActive: (predicate) => findActiveIssues(this.db, predicate)
     };
     this.history = {
@@ -4855,6 +4891,50 @@ async function listAllIssues(db) {
   const rows = await db.selectFrom("scan_issues").selectAll().execute();
   return rows.map(rowToIssue);
 }
+async function listIssues(db, filter) {
+  const baseQuery = applyIssueFilters(
+    db.selectFrom("scan_issues"),
+    filter
+  );
+  const countRow = await baseQuery.select(({ fn }) => fn.countAll().as("c")).executeTakeFirst();
+  const total = Number(countRow?.c ?? 0);
+  const rows = await applyIssueFilters(
+    db.selectFrom("scan_issues"),
+    filter
+  ).selectAll().orderBy("id", "asc").offset(filter.offset).limit(filter.limit).execute();
+  return { items: rows.map(rowToIssue), total };
+}
+function applyIssueFilters(query, filter) {
+  let q = query;
+  if (filter.severities && filter.severities.length > 0) {
+    q = q.where("severity", "in", [...filter.severities]);
+  }
+  if (filter.analyzerIds && filter.analyzerIds.length > 0) {
+    const tokens = filter.analyzerIds;
+    q = q.where(
+      ({ eb, or }) => or(
+        tokens.flatMap((token) => [
+          eb("analyzerId", "=", token),
+          // `'%/' || ?` keeps the LIKE pattern's `%` literal in the
+          // template and binds `token` separately, no interpolation of
+          // user input into the SQL string.
+          eb("analyzerId", "like", `%/${token}`)
+        ])
+      )
+    );
+  }
+  if (filter.nodePath !== void 0 && filter.nodePath !== null) {
+    const target = filter.nodePath;
+    q = q.where(
+      ({ exists, selectFrom }) => exists(
+        selectFrom(
+          sql3`json_each(scan_issues.node_ids_json)`.as("je")
+        ).select(sql3`1`.as("one")).where(sql3.ref("je.value"), "=", target)
+      )
+    );
+  }
+  return q;
+}
 async function findActiveIssues(db, predicate) {
   const rows = await db.selectFrom("scan_issues").selectAll().execute();
   const out = [];
@@ -5126,14 +5206,15 @@ function loadConfig(opts) {
     const partial = readJsonSafe(path, layer, warnings, strict);
     if (partial === null) continue;
     const cleaned = validateAndStrip(validators, partial, layer, warnings, strict);
-    if (layer === "project") {
-      stripProjectLocalOnlyKeys(cleaned, warnings, strict);
+    if (layer !== "project-local") {
+      stripProjectLocalOnlyKeys(cleaned, layer, warnings, strict);
     }
     effective = deepMerge(effective, cleaned);
     recordSources("", cleaned, sources, layer);
   }
   if (opts.overrides && Object.keys(opts.overrides).length > 0) {
     const cleaned = validateAndStrip(validators, opts.overrides, "override", warnings, strict);
+    stripProjectLocalOnlyKeys(cleaned, "override", warnings, strict);
     effective = deepMerge(effective, cleaned);
     recordSources("", cleaned, sources, "override");
   }
@@ -5208,7 +5289,6 @@ function describeJsonType(v) {
   if (Array.isArray(v)) return "array";
   return typeof v;
 }
-var FORBIDDEN_KEYS = /* @__PURE__ */ new Set(["__proto__", "constructor", "prototype"]);
 function deleteAtPath(root, parentPath, key) {
   if (containsForbidden(parentPath, key)) return;
   const segments = parentPath.split("/").filter(Boolean);
@@ -5219,7 +5299,7 @@ function deleteAtPath(root, parentPath, key) {
   }
   if (isPlainObject2(cur)) delete cur[key];
 }
-function stripProjectLocalOnlyKeys(cloned, warnings, strict) {
+function stripProjectLocalOnlyKeys(cloned, layer, warnings, strict) {
   for (const dotKey of PROJECT_LOCAL_ONLY_KEYS) {
     const segments = dotKey.split(".").filter(Boolean);
     if (segments.length === 0) continue;
@@ -5228,7 +5308,7 @@ function stripProjectLocalOnlyKeys(cloned, warnings, strict) {
     const parentPath = "/" + segments.join("/");
     deleteAtPath(cloned, parentPath, leaf);
     const msg = tx(CONFIG_LOADER_TEXTS.projectLocalOnlyStripped, {
-      layer: "project",
+      layer,
       key: dotKey
     });
     if (strict) throw new Error(msg);
@@ -5387,13 +5467,17 @@ function enumerateConfigPaths(obj, prefix = "") {
 
 // core/config/atomic-write.ts
 import {
+  closeSync,
+  constants as fsConstants,
   existsSync as existsSync6,
   mkdirSync as mkdirSync3,
+  openSync,
   readFileSync as readFileSync7,
   renameSync,
   unlinkSync,
-  writeFileSync
+  writeSync
 } from "fs";
+import { randomBytes } from "crypto";
 import { dirname as dirname6 } from "path";
 function readJsonObjectOrEmpty(path) {
   if (!existsSync6(path)) return {};
@@ -5406,13 +5490,26 @@ function readJsonObjectOrEmpty(path) {
   }
   return {};
 }
-function writeJsonAtomic(path, content) {
-  mkdirSync3(dirname6(path), { recursive: true });
-  const tmp = `${path}.tmp.${process.pid}`;
+function writeFileAtomicExclusive(path, content) {
+  const tmp = `${path}.tmp.${process.pid}.${randomBytes(8).toString("hex")}`;
+  let fd = null;
   try {
-    writeFileSync(tmp, JSON.stringify(content, null, 2) + "\n", "utf8");
+    fd = openSync(
+      tmp,
+      fsConstants.O_WRONLY | fsConstants.O_CREAT | fsConstants.O_EXCL | fsConstants.O_NOFOLLOW,
+      384
+    );
+    writeSync(fd, content);
+    closeSync(fd);
+    fd = null;
     renameSync(tmp, path);
   } catch (err) {
+    if (fd !== null) {
+      try {
+        closeSync(fd);
+      } catch {
+      }
+    }
     try {
       unlinkSync(tmp);
     } catch {
@@ -5420,6 +5517,10 @@ function writeJsonAtomic(path, content) {
     throw err;
   }
 }
+function writeJsonAtomic(path, content) {
+  mkdirSync3(dirname6(path), { recursive: true });
+  writeFileAtomicExclusive(path, JSON.stringify(content, null, 2) + "\n");
+}
 
 // core/config/helper.ts
 var USER_ONLY_KEYS = /* @__PURE__ */ new Set([
@@ -5549,6 +5650,7 @@ function isUnderProject(absPath, cwd) {
 }
 
 // core/update-check/index.ts
+var SEMVER_SHAPE_RE = /^[0-9]+\.[0-9]+\.[0-9]+(?:-[0-9A-Za-z.-]+)?(?:\+[0-9A-Za-z.-]+)?$/;
 async function fetchLatestVersion(pkg, opts) {
   const controller = new AbortController();
   const timer = setTimeout(() => controller.abort(), opts.timeoutMs);
@@ -5565,6 +5667,9 @@ async function fetchLatestVersion(pkg, opts) {
     if (typeof payload.version !== "string" || payload.version.length === 0) {
       throw new Error("registry payload missing string `version`");
     }
+    if (!SEMVER_SHAPE_RE.test(payload.version)) {
+      throw new Error("registry payload `version` is not a semver-shaped string");
+    }
     return payload.version;
   } finally {
     clearTimeout(timer);
@@ -5633,14 +5738,16 @@ function comparePrerelease(a, b) {
 
 // cli/i18n/update-check.texts.ts
 var UPDATE_CHECK_TEXTS = {
-  available: "{{glyph}}  Update available: {{current}} \u2192 {{latest}}\n   {{hint}}\n",
+  /** Label rendered inside the top border, between corner and fill. */
+  availableHeader: "Update available",
+  /** Actionable hint shown on the second body line, in dim ANSI. */
   availableHint: "Run `npm i -g @skill-map/cli@latest` to update."
 };
 
 // package.json
 var package_default = {
   name: "@skill-map/cli",
-  version: "0.22.0",
+  version: "0.23.0",
   description: "skill-map reference implementation \u2014 kernel + CLI + adapters.",
   license: "MIT",
   type: "module",
@@ -5707,16 +5814,16 @@ var package_default = {
   },
   dependencies: {
     "@hono/node-server": "2.0.1",
-    "@skill-map/spec": "0.22.0",
+    "@skill-map/spec": "0.23.0",
     ajv: "8.18.0",
     "ajv-formats": "3.0.1",
     chokidar: "5.0.0",
     clipanion: "4.0.0-rc.4",
-    hono: "4.12.16",
+    hono: "4.12.18",
     ignore: "7.0.5",
     "js-tiktoken": "1.0.21",
     "js-yaml": "4.1.1",
-    kysely: "0.28.16",
+    kysely: "0.28.17",
     semver: "7.7.4",
     typanion: "3.14.0",
     ws: "8.20.0"
@@ -5873,18 +5980,23 @@ async function runWithAdapter(adapter, opts) {
   } catch {
   }
 }
+var BANNER_WIDTH = 60;
 function writeBanner(opts, latestVersion) {
   const ansi = ansiFor({
     isTTY: opts.stderr.isTTY === true,
     noColorFlag: opts.noColorFlag
   });
-  const block = tx(UPDATE_CHECK_TEXTS.available, {
-    glyph: ansi.cyan("\u2139"),
-    current: VERSION,
-    latest: latestVersion,
-    hint: ansi.dim(UPDATE_CHECK_TEXTS.availableHint)
-  });
-  opts.stderr.write(block);
+  const labelRaw = ` \u2B06 ${UPDATE_CHECK_TEXTS.availableHeader} `;
+  const fillCount = Math.max(0, BANNER_WIDTH - 2 - labelRaw.length);
+  const header = ansi.cyan("\u250C\u2500") + ansi.bold(ansi.cyan(labelRaw)) + ansi.cyan("\u2500".repeat(fillCount));
+  const versionLine = `${ansi.cyan("\u2502")}  ${VERSION} \u2192 ${latestVersion}`;
+  const hintLine = `${ansi.cyan("\u2502")}  ${ansi.dim(UPDATE_CHECK_TEXTS.availableHint)}`;
+  const footer = ansi.cyan("\u2514" + "\u2500".repeat(BANNER_WIDTH - 1));
+  opts.stderr.write(`${header}
+${versionLine}
+${hintLine}
+${footer}
+`);
 }
 
 // built-in-plugins/hooks/update-check/index.ts
@@ -5893,7 +6005,7 @@ var updateCheckHook = {
   pluginId: "core",
   kind: "hook",
   version: "1.0.0",
-  description: "Checks once a day for a newer version of skill-map on npm and shows the `update available` banner when one exists.",
+  description: "Checks daily for a newer skill-map version on npm. Shows an `update available` banner when one is found.",
   stability: "stable",
   mode: "deterministic",
   triggers: ["boot"],
@@ -5933,7 +6045,7 @@ var builtInBundles = [
   {
     id: "agent-skills",
     granularity: "bundle",
-    description: "Open-standard agent skills. Classifies files under `.agents/skills/<name>/SKILL.md` (Anthropic / OpenAI / Google convention).",
+    description: "Agent Skills open standard. Vendor-neutral path `.agents/skills/<name>/SKILL.md` (Anthropic, OpenAI, Google). See agentskills.io.",
     extensions: [
       agentSkillsProvider
     ]
@@ -5941,7 +6053,7 @@ var builtInBundles = [
   {
     id: "core",
     granularity: "extension",
-    description: "Core extensions shared across providers \u2014 extractors, analyzers, formatters, the bump action, and the universal `.md` fallback Provider.",
+    description: "Core extensions shared across providers: extractors, analyzers, formatters, the bump action, and the universal `.md` fallback Provider.",
     extensions: [
       // Provider FIRST within the core bundle so the kindRegistry
       // composer picks it up alongside other providers; orchestration
@@ -5949,7 +6061,7 @@ var builtInBundles = [
       // enforced by the bundle list above (claude / gemini /
       // agent-skills precede core). Within the core bundle, the
       // provider's slot among extractors / analyzers / formatter is
-      // irrelevant — the orchestrator buckets by kind before
+      // irrelevant, the orchestrator buckets by kind before
       // iterating, so this list defines registration order, not
       // execution order.
       coreMarkdownProvider,
@@ -5968,12 +6080,13 @@ var builtInBundles = [
       jobOrphanFileAnalyzer,
       stabilityAnalyzer,
       unknownFieldAnalyzer,
-      unknownSlotAnalyzer,
       contributionOrphanAnalyzer,
       asciiFormatter,
+      jsonFormatter,
       validateAllAnalyzer,
       linkCountsAnalyzer,
       bumpAction,
+      markSupersededAction,
       updateCheckHook
     ]
   }
@@ -6183,9 +6296,9 @@ var UTIL_TEXTS = {
   // Every verb's body is expected to end on a content line (with or
   // without its own trailing \n); the blank line here is universal.
   doneIn: "\ndone in {{elapsed}}\n",
-  // confirm.ts (default-no prompt suffix — destructive verbs)
+  // confirm.ts (default-no prompt suffix, destructive verbs)
   confirmPromptSuffix: " [y/N] ",
-  // confirm.ts (default-yes prompt suffix — consent-style verbs where the
+  // confirm.ts (default-yes prompt suffix, consent-style verbs where the
   // user already triggered the action and is just acknowledging it,
   // e.g. the .sm write consent gate).
   confirmPromptSuffixDefaultYes: " [Y/n] ",
@@ -6441,7 +6554,7 @@ function ensureSidecarWritesAllowed(opts) {
 }
 
 // kernel/sidecar/store.ts
-import { existsSync as existsSync9, readFileSync as readFileSync8, renameSync as renameSync2, writeFileSync as writeFileSync2, unlinkSync as unlinkSync2 } from "fs";
+import { existsSync as existsSync9, readFileSync as readFileSync8 } from "fs";
 import { dirname as dirname7, resolve as resolve10 } from "path";
 import { createRequire as createRequire4 } from "module";
 import { Ajv2020 as Ajv20204 } from "ajv/dist/2020.js";
@@ -6501,6 +6614,7 @@ var FilesystemSidecarStore = class {
 function deepMerge2(base, patch) {
   const out = { ...base };
   for (const key of Object.keys(patch)) {
+    if (FORBIDDEN_KEYS.has(key)) continue;
     const a = out[key];
     const b = patch[key];
     if (b === null) {
@@ -6529,20 +6643,10 @@ function readSidecarObject(sidecarAbsPath) {
       `sidecar at ${sidecarAbsPath} is not a YAML mapping; refusing to patch`
     );
   }
-  return parsed;
+  return stripPrototypePollution(parsed);
 }
 function atomicWriteFile(targetPath, content) {
-  const tmpPath = `${targetPath}.tmp`;
-  try {
-    writeFileSync2(tmpPath, content, { encoding: "utf8" });
-    renameSync2(tmpPath, targetPath);
-  } catch (err) {
-    try {
-      if (existsSync9(tmpPath)) unlinkSync2(tmpPath);
-    } catch {
-    }
-    throw err;
-  }
+  writeFileAtomicExclusive(targetPath, content);
 }
 var cachedValidator = null;
 function getSidecarValidator2() {
@@ -6566,7 +6670,7 @@ function resolveSpecRoot3() {
     const indexPath = require2.resolve("@skill-map/spec/index.json");
     return dirname7(indexPath);
   } catch {
-    throw new Error("@skill-map/spec not resolvable \u2014 sidecar store cannot load schemas.");
+    throw new Error("@skill-map/spec not resolvable: sidecar store cannot load schemas.");
   }
 }
 
@@ -6588,7 +6692,7 @@ var BUMP_TEXTS = {
   pendingNone: "sm bump --pending: no stale sidecars in the persisted scan. Nothing to do.\n",
   pendingSummary: "sm bump --pending: bumped {{bumped}}, refused {{refused}}, skipped {{skipped}}, errors {{errors}}.\n",
   bumpedItem: "  bumped {{nodePath}} -> v{{version}}{{createdSuffix}}\n",
-  refusedItem: "  refused {{nodePath}} (fresh \u2014 would need --force)\n",
+  refusedItem: "  refused {{nodePath}} (fresh, would need --force)\n",
   skippedItem: "  skipped {{nodePath}} ({{reason}})\n",
   errorItem: "  error  {{nodePath}}: {{message}}\n",
   // --- staged-mode (--staged) ---------------------------------------------
@@ -6604,12 +6708,12 @@ var BUMP_TEXTS = {
   /**
    * Pre-prompt context shown before the interactive `confirm()` so the
    * operator sees what they are about to opt into. `.skill-map/settings.local.json`
-   * is gitignored — the choice is saved per-checkout, never travels via the repo.
+   * is gitignored, the choice is saved per-checkout, never travels via the repo.
    */
   consentPrompt: "skill-map needs your consent to create .sm sidecar files next to your\nsource files in this project. The choice is saved to\n.skill-map/settings.local.json (gitignored, per-checkout) so this prompt\nnever appears again. Decline to abort without persisting the rejection.\n\nAllow .sm sidecar writes in this project?",
   consentAborted: "{{glyph}}  sm bump: aborted by user. No .sm sidecar files were written.\n",
   consentRequiredNonTty: "{{glyph}}  sm bump: consent required to write .sm sidecar files in this project.\n   {{hint}}\n",
-  consentRequiredNonTtyHint: "Pass --yes to grant (writes to .skill-map/settings.local.json \u2014 gitignored)."
+  consentRequiredNonTtyHint: "Pass --yes to grant (writes to .skill-map/settings.local.json, gitignored)."
 };
 
 // cli/util/confirm.ts
@@ -6743,7 +6847,7 @@ var SmCommand = class extends Command {
   db = Option.String("--db", { required: false, description: "Override the database file location (escape hatch)." });
   /**
    * Subclasses set this to `false` to opt out of the trailing
-   * `done in <…>` line — appropriate for interactive verbs (`db shell`),
+   * `done in <…>` line, appropriate for interactive verbs (`db shell`),
    * watcher loops (`watch`), and meta verbs that report a fixed
    * version (`version`, `help`).
    */
@@ -6886,7 +6990,7 @@ var BumpCommand = class extends SmCommand {
   static paths = [["bump"]];
   static usage = Command2.Usage({
     category: "Actions",
-    description: "Bump a node's sidecar (`<basename>.sm`) \u2014 increment annotations.version, refresh hashes, stamp audit.",
+    description: "Bump a node's sidecar (`<basename>.sm`): increment annotations.version, refresh hashes, stamp audit.",
     details: `
       Wraps the built-in deterministic \`core/bump\` Action. Single-node
       mode bumps one path; \`--pending\` walks every node whose sidecar
@@ -6901,7 +7005,7 @@ var BumpCommand = class extends SmCommand {
       \`--staged\` (only valid with \`--pending\`) runs \`git add\` on
       each successfully-bumped \`.sm\` file so the new content lands in
       the same commit. Requires a git binary on PATH and a parent
-      \`.git/\` \u2014 missing repo exits 5, missing binary exits 2.
+      \`.git/\`: missing repo exits 5, missing binary exits 2.
     `,
     examples: [
       ["Bump a single node", "$0 bump .claude/agents/architect.md"],
@@ -7036,7 +7140,7 @@ var BumpCommand = class extends SmCommand {
    * Handle the three non-`bumped` outcomes for single-node mode
    * (`error`, `refused`, `skipped`). Returns the verb's exit code.
    * The caller pre-narrows on `item.status !== 'bumped'` so this
-   * method's union is exhaustive — the `skipped` branch is the only
+   * method's union is exhaustive, the `skipped` branch is the only
    * one that exits with `Ok` (silent no-op for fresh + --force).
    */
   #renderTerminalSingle(item, node, ansi) {
@@ -7336,8 +7440,8 @@ function matchesAnalyzerFilter(analyzerId, filter) {
 // cli/i18n/check.texts.ts
 var CHECK_TEXTS = {
   noIssues: "{{glyph}}  No issues.\n",
-  /** Header summary line: `sm check — 10 warnings · 0 errors`. */
-  summaryHeader: "sm check \u2014 {{summary}}\n\n",
+  /** Header summary line: `sm check: 10 warnings · 0 errors`. */
+  summaryHeader: "sm check: {{summary}}\n\n",
   /** Section heading: one per file with at least one issue. */
   fileSection: "  {{file}}\n",
   /**
@@ -7349,8 +7453,8 @@ var CHECK_TEXTS = {
   /** Footer hint, separated from the body by a blank line. */
   tipLine: "\nTip: `sm refresh <node>` to revalidate a file after fixes.\n",
   // --- prob stub advisory ---------------------------------------------------
-  probStubAdvisory: "sm check --include-prob: probabilistic Analyzer dispatch requires the job subsystem (Step 10). Stub: skipped {{count}} probabilistic analyzer(s) \u2014 {{analyzerIds}}. Deterministic analyzers ran as usual; full dispatch lands when the job subsystem ships.\n",
-  probStubAdvisoryAsync: "sm check --include-prob --async: probabilistic Analyzer dispatch requires the job subsystem (Step 10). Stub: skipped {{count}} probabilistic analyzer(s) \u2014 {{analyzerIds}}. The --async flag is reserved for future encoding (returns job ids without waiting once jobs land); today it is a no-op. Deterministic analyzers ran as usual.\n"
+  probStubAdvisory: "sm check --include-prob: probabilistic Analyzer dispatch requires the job subsystem (Step 10). Stub: skipped {{count}} probabilistic analyzer(s): {{analyzerIds}}. Deterministic analyzers ran as usual; full dispatch lands when the job subsystem ships.\n",
+  probStubAdvisoryAsync: "sm check --include-prob --async: probabilistic Analyzer dispatch requires the job subsystem (Step 10). Stub: skipped {{count}} probabilistic analyzer(s): {{analyzerIds}}. The --async flag is reserved for future encoding (returns job ids without waiting once jobs land); today it is a no-op. Deterministic analyzers ran as usual.\n"
 };
 
 // cli/util/conformance-env.ts
@@ -7372,25 +7476,25 @@ var PLUGIN_LOADER_TEXTS = {
   invalidSpecCompat: 'specCompat "{{specCompat}}" is not a valid semver range. Use a range like "^1.0.0".',
   incompatibleSpec: `@skill-map/spec {{installedSpecVersion}} does not satisfy specCompat "{{specCompat}}". Either update the plugin's specCompat (and re-test) or pin sm to a compatible spec version.`,
   loadErrorFileNotFound: "extension file not found: {{relEntry}} (resolved to {{abs}}). Check plugin.json#/extensions paths.",
-  loadErrorImportFailed: "{{relEntry}}: import failed \u2014 {{errDescription}}",
+  loadErrorImportFailed: "{{relEntry}}: import failed: {{errDescription}}",
   loadErrorMissingKind: "{{relEntry}}: default export missing a string `kind` field. Expected one of: {{knownKindsList}}.",
   loadErrorUnknownKind: '{{relEntry}}: unknown extension kind "{{kindReceived}}". Expected one of: {{knownKindsList}}.',
-  invalidManifestExtensionShape: "{{relEntry}}: {{kind}} manifest invalid \u2014 {{errors}}. See spec/schemas/extensions/{{kind}}.schema.json.",
-  importExceededTimeout: "import exceeded {{timeoutMs}}ms \u2014 likely a top-level side effect (network call, infinite loop, large blocking work). Move side effects into the runtime methods (`detect` / `evaluate` / `render` / etc.).",
+  invalidManifestExtensionShape: "{{relEntry}}: {{kind}} manifest invalid: {{errors}}. See spec/schemas/extensions/{{kind}}.schema.json.",
+  importExceededTimeout: "import exceeded {{timeoutMs}}ms; likely a top-level side effect (network call, infinite loop, large blocking work). Move side effects into the runtime methods (`detect` / `evaluate` / `render` / etc.).",
   disabledByConfig: "disabled by config_plugins or settings.json",
   invalidManifestDirMismatch: "directory name '{{dirName}}' does not match manifest id '{{manifestId}}'. Rename the directory to match the id, or update the manifest id to match the directory.",
   idCollision: "Plugin '{{id}}' at {{pathA}} collides with the plugin at {{pathB}}. Rename one and rerun.",
-  loadErrorPluginIdMismatch: "{{relEntry}}: extension declares pluginId '{{declared}}' but its plugin.json declares id '{{manifestId}}'. Remove the explicit pluginId from the extension \u2014 the loader injects it from plugin.json#/id.",
-  loadErrorStorageSchemaRead: "plugin '{{pluginId}}' failed to load schema for table '{{table}}': {{schemaPath}} \u2014 {{errDescription}}",
-  loadErrorStorageSchemaCompile: "plugin '{{pluginId}}' failed to compile schema for table '{{table}}': {{schemaPath}} \u2014 {{errDescription}}",
-  loadErrorStorageKvSchemaRead: "plugin '{{pluginId}}' failed to load KV schema: {{schemaPath}} \u2014 {{errDescription}}",
-  loadErrorStorageKvSchemaCompile: "plugin '{{pluginId}}' failed to compile KV schema: {{schemaPath}} \u2014 {{errDescription}}",
+  loadErrorPluginIdMismatch: "{{relEntry}}: extension declares pluginId '{{declared}}' but its plugin.json declares id '{{manifestId}}'. Remove the explicit pluginId from the extension; the loader injects it from plugin.json#/id.",
+  loadErrorStorageSchemaRead: "plugin '{{pluginId}}' failed to load schema for table '{{table}}': {{schemaPath}}: {{errDescription}}",
+  loadErrorStorageSchemaCompile: "plugin '{{pluginId}}' failed to compile schema for table '{{table}}': {{schemaPath}}: {{errDescription}}",
+  loadErrorStorageKvSchemaRead: "plugin '{{pluginId}}' failed to load KV schema: {{schemaPath}}: {{errDescription}}",
+  loadErrorStorageKvSchemaCompile: "plugin '{{pluginId}}' failed to compile KV schema: {{schemaPath}}: {{errDescription}}",
   invalidManifestHookUnknownTrigger: "Hook '{{hookId}}' declares unknown trigger '{{trigger}}'. Hookable triggers: {{hookableList}}.",
   invalidManifestHookEmptyTriggers: "Hook '{{hookId}}' declares no triggers. At least one entry from the curated set is required.",
   loadErrorPathEscapesPlugin: "extension entry '{{relEntry}}' resolves outside the plugin directory ({{pluginPath}}). Plugin entries must be relative paths inside the plugin tree.",
   loadErrorSchemaPathEscapesPlugin: "schema path '{{relPath}}' resolves outside the plugin directory ({{pluginPath}}). Plugin schemas must be relative paths inside the plugin tree.",
-  invalidManifestRootSharedAnnotation: "{{relEntry}}: annotationContributions['{{key}}'] declares location: 'root' with ownership: '{{ownership}}' \u2014 root keys MUST be 'exclusive' (a top-level reserved key cannot be silently shared between plugins).",
-  invalidManifestAnnotationSchemaCompile: "{{relEntry}}: annotationContributions['{{key}}'].schema is not a valid JSON Schema \u2014 {{errDescription}}",
+  invalidManifestRootSharedAnnotation: "{{relEntry}}: annotationContributions['{{key}}'] declares location: 'root' with ownership: '{{ownership}}'; root keys MUST be 'exclusive' (a top-level reserved key cannot be silently shared between plugins).",
+  invalidManifestAnnotationSchemaCompile: "{{relEntry}}: annotationContributions['{{key}}'].schema is not a valid JSON Schema: {{errDescription}}",
   fatalAnnotationRootCollision: "Annotation root-key collision: '{{key}}' is claimed with ownership: 'exclusive' by multiple plugins ({{plugins}}). The kernel cannot boot with this configuration. Rename or merge the contributions and rerun."
 };
 
@@ -7756,10 +7860,10 @@ var PluginLoader = class {
     return out;
   }
   /**
-   * Full pass — discover every plugin, attempt to load each, then apply
+   * Full pass, discover every plugin, attempt to load each, then apply
    * the cross-root id-collision pass over the results. Two plugins that
    * survived their individual load with the same `manifest.id` both get
-   * downgraded to status `id-collision` (no precedence — the spec is
+   * downgraded to status `id-collision` (no precedence, the spec is
    * explicit that "no extension is privileged"). Plugins that already
    * failed their individual load (`invalid-manifest` /
    * `incompatible-spec` / `load-error`) keep their original status:
@@ -7776,7 +7880,7 @@ var PluginLoader = class {
     return applyIdCollisions(out);
   }
   /**
-   * Load a single plugin from its directory. Never throws — a failure is
+   * Load a single plugin from its directory. Never throws, a failure is
    * reported via the returned status.
    */
   // eslint-disable-next-line complexity
@@ -7818,7 +7922,7 @@ var PluginLoader = class {
     };
   }
   /**
-   * Phase 1 of `loadOne` — read `plugin.json`, AJV-validate the manifest,
+   * Phase 1 of `loadOne`, read `plugin.json`, AJV-validate the manifest,
    * enforce the directory-name == manifest.id structural rule, and check
    * specCompat (range syntax + satisfies the installed spec version).
    * Returns either the validated manifest or an `IDiscoveredPlugin` with
@@ -7895,7 +7999,7 @@ var PluginLoader = class {
     return { ok: true, manifest };
   }
   /**
-   * Phase 3 of `loadOne` — load and validate one extension entry. Six
+   * Phase 3 of `loadOne`, load and validate one extension entry. Six
    * sub-checks (file exists, dynamic import, has kind, kind known,
    * pluginId match, kind-specific manifest validation including hook
    * trigger pre-check). On success returns the `ILoadedExtension` with
@@ -8046,20 +8150,37 @@ var LOCKED_PLUGIN_IDS = /* @__PURE__ */ new Set([
   // `core/markdown` is the universal `.md` fallback Provider (see
   // spec/architecture.md §"core/markdown is the universal fallback for
   // unclaimed `.md` files"). Disabling it makes every orphan markdown
-  // silently invisible — a foot-gun the host product does not want to
+  // silently invisible, a foot-gun the host product does not want to
   // expose. Lock it in the enabled state.
   "core/markdown",
   // `core/annotations` turns the `supersedes` / `supersededBy` /
   // `requires` / `related` / `conflictsWith` entries of the sidecar
   // `annotations:` block into the arrows the graph draws between nodes.
   // It does NOT own the rest of the block (`version`, `stability`,
-  // `tags`, `description` — those live on the node bundle directly and
+  // `tags`, `description`, those live on the node bundle directly and
   // keep rendering with the plugin off). Disabling it produces a
   // confusing "edges disappear but the sidecar metadata stays" split
   // that no operator actually wants; the lock makes the asymmetry
   // unreachable from CLI / BFF / UI. Re-evaluate if a third-party ever
   // ships a competing supersession extractor.
-  "core/annotations"
+  "core/annotations",
+  // `core/validate-all` validates every scanned Node against
+  // `node.schema.json` and every Link against `link.schema.json` (the
+  // authoritative @skill-map/spec). Disabling it makes the system
+  // persist non-conformant content silently, breaking the spec
+  // invariant "what reaches the DB conforms to the spec". The check is
+  // foundational, not advisory; lock it on so the guarantee holds
+  // regardless of user / DB / settings hand-edits.
+  "core/validate-all",
+  // `core/ascii` is the only built-in Formatter today and the default
+  // for `sm graph` (`--format ascii`). Disabling it breaks the verb
+  // entirely (`composeFormatters` returns the empty list, the CLI
+  // prints "no formatter registered for 'ascii'" and exits with an
+  // error) with no useful fallback. Lock it on until additional
+  // formatters land (mermaid / dot / json, deferred in ROADMAP § Built-in
+  // graph formatters); revisit the lock once `sm graph` has a real
+  // catalog to choose from.
+  "core/ascii"
 ]);
 function isPluginLocked(idOrQualified) {
   return LOCKED_PLUGIN_IDS.has(idOrQualified);
@@ -8117,7 +8238,7 @@ async function buildEnabledResolver(scope, ctx) {
 }
 
 // kernel/scan/walk-content.ts
-import { readFile, readdir, stat } from "fs/promises";
+import { readFile, readdir, lstat } from "fs/promises";
 import { join as join6, relative as relative2, sep as sep2 } from "path";
 
 // kernel/scan/ignore.ts
@@ -8200,7 +8321,6 @@ function readDefaultsFromDisk() {
 // built-in-plugins/parsers/frontmatter-yaml/index.ts
 import yaml3 from "js-yaml";
 var FRONTMATTER_RE = /^---\r?\n([\s\S]*?)\r?\n---\r?\n?([\s\S]*)$/;
-var FORBIDDEN_FRONTMATTER_KEYS = /* @__PURE__ */ new Set(["__proto__", "constructor", "prototype"]);
 var frontmatterYamlParser = {
   id: "frontmatter-yaml",
   parse(raw, _path) {
@@ -8208,20 +8328,30 @@ var frontmatterYamlParser = {
     if (!match) return { frontmatterRaw: "", frontmatter: {}, body: raw };
     const frontmatterRaw = match[1];
     const body = match[2];
-    const parsed = {};
+    let parsed = {};
+    const issues = [];
     try {
       const doc = yaml3.load(frontmatterRaw, { schema: yaml3.JSON_SCHEMA });
       if (doc && typeof doc === "object" && !Array.isArray(doc)) {
-        for (const [k, v] of Object.entries(doc)) {
-          if (FORBIDDEN_FRONTMATTER_KEYS.has(k)) continue;
-          parsed[k] = v;
-        }
+        parsed = stripPrototypePollution(doc);
       }
-    } catch {
+    } catch (err) {
+      issues.push({
+        code: "frontmatter-parse-error",
+        message: sanitiseParseErrorMessage(err)
+      });
+    }
+    const out = { frontmatterRaw, frontmatter: parsed, body };
+    if (issues.length > 0) {
+      return { ...out, issues };
     }
-    return { frontmatterRaw, frontmatter: parsed, body };
+    return out;
   }
 };
+function sanitiseParseErrorMessage(err) {
+  const raw = err instanceof Error ? err.message : String(err);
+  return raw.replace(/[-]+/g, " ").replace(/\s+/g, " ").trim();
+}
 
 // built-in-plugins/parsers/plain/index.ts
 var plainParser = {
@@ -8267,7 +8397,12 @@ async function* walkContent(roots, options) {
         path: relPath,
         body: parsed.body,
         frontmatterRaw: parsed.frontmatterRaw,
-        frontmatter: parsed.frontmatter
+        frontmatter: parsed.frontmatter,
+        // Audit L1: forward parser diagnostics (e.g. malformed YAML)
+        // through the IRawNode surface so the orchestrator can
+        // convert them into warn-level kernel `Issue` rows. Omitted
+        // when the parser reported no issues (happy path).
+        ...parsed.issues && parsed.issues.length > 0 ? { parseIssues: parsed.issues } : {}
       };
     }
   }
@@ -8289,7 +8424,7 @@ async function* walkRoot(root, current, filter, extensions) {
       yield* walkRoot(root, full, filter, extensions);
     } else if (entry.isFile() && hasMatchingExtension(name, extensions)) {
       try {
-        const s = await stat(full);
+        const s = await lstat(full);
         if (s.isFile()) yield full;
       } catch {
       }
@@ -8364,7 +8499,7 @@ function bucketLoaded(loaded, bundle) {
       analyzer: bundle.extensions.analyzers,
       formatter: bundle.extensions.formatters,
       hook: bundle.extensions.hooks
-      // `action` intentionally absent — see docstring.
+      // `action` intentionally absent, see docstring.
     });
     bundle.manifests.push({
       id: ext.id,
@@ -8420,7 +8555,7 @@ var PLUGIN_RUNTIME_TEXTS = {
    * status word and the reason scannable so a user can grep
    * `incompatible-spec` / `invalid-manifest` / `load-error`.
    */
-  warningRow: "plugin {{id}}: {{status}} \u2014 {{reason}}",
+  warningRow: "plugin {{id}}: {{status}}, {{reason}}",
   /** Placeholder when a non-loaded plugin record carries no `reason`. */
   warningReasonMissing: "(no reason recorded)"
 };
@@ -8670,7 +8805,7 @@ function registerEnabledExtensions(kernel, pluginRuntime, options = {}) {
         // catalog row carries `pluginId`, not `extensionId`), so the
         // bundle-level toggle gates the entire row. Extension
         // granularity falls through to the manifest-level filter above
-        // — this surface is bundle-scoped by design.
+        // this surface is bundle-scoped by design.
         resolveEnabled(entry.pluginId)
       )
     );
@@ -8710,7 +8845,7 @@ var CheckCommand = class extends SmCommand {
       Run \`sm scan\` first to populate the DB.
 
       \`--include-prob\` is an opt-in flag for probabilistic Analyzer
-      dispatch (spec \xA7 A.7). Default is deterministic-only \u2014 same
+      dispatch (spec \xA7 A.7). Default is deterministic-only: same
       CI-safe behaviour as before. With the flag, registered prob
       rules are detected and named in a stderr advisory; full
       dispatch lands when the job subsystem ships at Step 10.
@@ -8928,7 +9063,7 @@ var CONFIG_TEXTS = {
   /**
    * Surfaced when a PROJECT_LOCAL_ONLY key (`allowEditSmFiles` /
    * `scan.extraFolders` / `scan.referencePaths`) reaches the writer
-   * with `target: 'project'` — defensive only, the CLI auto-routes to
+   * with `target: 'project'`, defensive only, the CLI auto-routes to
    * `project-local`, but the helper enforces the rule for any other
    * caller too.
    */
@@ -8959,8 +9094,8 @@ var CONFIG_TEXTS = {
    * indented under the section heading.
    */
   listRow: "    {{key}}  {{value}}\n",
-  /** Placeholder for null / empty array / empty object — printed dim. */
-  listEmptyValue: "\u2014",
+  /** Placeholder for null / empty array / empty object, printed dim. */
+  listEmptyValue: "-",
   /** Section titles. */
   listSectionGeneral: "General",
   listSectionScan: "Scan",
@@ -9435,7 +9570,7 @@ var ConfigResetCommand = class extends SmCommand {
     description: "Remove a config key from the target file (project default; -g for user).",
     details: `
       Strips the key from the target settings.json (lower layers still apply).
-      Idempotent \u2014 running twice is safe; absent key prints an info note and exits 0.
+      Idempotent: running twice is safe; absent key prints an info note and exits 0.
     `
   });
   key = Option4.String({ required: true });
@@ -9901,7 +10036,7 @@ function resolveSpecRoot4() {
     return dirname10(indexPath);
   } catch {
     throw new Error(
-      "@skill-map/spec not resolvable \u2014 ensure the workspace is linked or the package is installed."
+      "@skill-map/spec not resolvable: ensure the workspace is linked or the package is installed."
     );
   }
 }
@@ -9918,7 +10053,7 @@ function resolveCliWorkspaceRoot() {
     cursor = parent;
   }
   throw new Error(
-    `sm conformance: built-in Provider conformance assets not found (expected a 'built-in-plugins/providers/' directory above ${here}). The bundled CLI may not yet copy the assets \u2014 run from the source workspace, or rebuild after enabling the asset-copy step.`
+    `sm conformance: built-in Provider conformance assets not found (expected a 'built-in-plugins/providers/' directory above ${here}). The bundled CLI may not yet copy the assets; run from the source workspace, or rebuild after enabling the asset-copy step.`
   );
 }
 function collectProviderScopes(specRoot) {
@@ -10007,7 +10142,7 @@ var ConformanceRunCommand = class extends SmCommand {
   static paths = [["conformance", "run"]];
   static usage = Command5.Usage({
     category: "Introspection",
-    description: "Run the conformance suite \u2014 spec-owned cases plus every built-in Provider.",
+    description: "Run the conformance suite: spec-owned cases plus every built-in Provider.",
     details: `
       Drives the conformance runner shipped at
       \`@skill-map/cli/conformance\` against the cases bundled with
@@ -10055,11 +10190,22 @@ var ConformanceRunCommand = class extends SmCommand {
       scopes = selectConformanceScopes(this.scope);
     } catch (err) {
       const message = formatErrorMessage(err);
+      if (this.json) {
+        this.#emitJsonError("bad-query", message);
+        return ExitCode.Error;
+      }
       this.printer.error(tx(CONFORMANCE_TEXTS.unknownScope, { glyph: errGlyph, message }));
       return ExitCode.Error;
     }
     const binary = resolveBinary();
     if (!existsSync16(binary)) {
+      if (this.json) {
+        this.#emitJsonError(
+          "internal",
+          `cannot locate the sm binary at ${binary}`
+        );
+        return ExitCode.Error;
+      }
       this.printer.error(
         tx(CONFORMANCE_TEXTS.noBinary, {
           glyph: errGlyph,
@@ -10072,21 +10218,28 @@ var ConformanceRunCommand = class extends SmCommand {
     let totalPass = 0;
     let totalCases = 0;
     let anyFailure = false;
+    const scopeReports = [];
     for (const scope of scopes) {
       const cases = listCaseFiles(scope);
       if (cases.length === 0) {
+        if (!this.json) {
+          this.printer.data(
+            tx(CONFORMANCE_TEXTS.scopeEmpty, { label: scope.label })
+          );
+        }
+        scopeReports.push({ label: scope.label, passCount: 0, caseCount: 0, cases: [] });
+        continue;
+      }
+      if (!this.json) {
         this.printer.data(
-          tx(CONFORMANCE_TEXTS.scopeEmpty, { label: scope.label })
+          tx(CONFORMANCE_TEXTS.scopeHeader, {
+            label: scope.label,
+            caseCount: cases.length
+          })
         );
-        continue;
       }
-      this.printer.data(
-        tx(CONFORMANCE_TEXTS.scopeHeader, {
-          label: scope.label,
-          caseCount: cases.length
-        })
-      );
       let scopePass = 0;
+      const caseReports = [];
       for (const casePath of cases) {
         const caseId = readCaseId(casePath);
         try {
@@ -10097,51 +10250,92 @@ var ConformanceRunCommand = class extends SmCommand {
             fixturesRoot: scope.fixturesDir
           });
           if (result.passed) {
-            this.printer.data(
-              tx(CONFORMANCE_TEXTS.caseOk, { caseId: result.caseId })
-            );
+            if (!this.json) {
+              this.printer.data(
+                tx(CONFORMANCE_TEXTS.caseOk, { caseId: result.caseId })
+              );
+            }
+            caseReports.push({ id: result.caseId, status: "pass", failures: [] });
             scopePass += 1;
           } else {
             anyFailure = true;
-            this.printer.data(
-              tx(CONFORMANCE_TEXTS.caseFail, { caseId: result.caseId })
-            );
-            for (const a of result.assertions) {
-              if (a.ok) continue;
-              this.printer.info(
-                formatAssertionFailureDetail(a.type, a.reason)
+            const failures = projectAssertionFailures(result.assertions);
+            if (!this.json) {
+              this.printer.data(
+                tx(CONFORMANCE_TEXTS.caseFail, { caseId: result.caseId })
+              );
+              for (const a of result.assertions) {
+                if (a.ok) continue;
+                this.printer.info(
+                  formatAssertionFailureDetail(a.type, a.reason)
+                );
+              }
+              writeStreamSnippet(
+                this.context.stderr,
+                CONFORMANCE_TEXTS.caseFailureStdoutHeader,
+                result.stdout
+              );
+              writeStreamSnippet(
+                this.context.stderr,
+                CONFORMANCE_TEXTS.caseFailureStderrHeader,
+                result.stderr
               );
             }
-            writeStreamSnippet(
-              this.context.stderr,
-              CONFORMANCE_TEXTS.caseFailureStdoutHeader,
-              result.stdout
-            );
-            writeStreamSnippet(
-              this.context.stderr,
-              CONFORMANCE_TEXTS.caseFailureStderrHeader,
-              result.stderr
-            );
+            caseReports.push({ id: result.caseId, status: "fail", failures });
           }
         } catch (err) {
           anyFailure = true;
           const message = formatErrorMessage(err);
-          this.printer.error(
-            tx(CONFORMANCE_TEXTS.runtimeError, { glyph: errGlyph, message })
-          );
-          this.printer.data(tx(CONFORMANCE_TEXTS.caseFail, { caseId }));
+          if (!this.json) {
+            this.printer.error(
+              tx(CONFORMANCE_TEXTS.runtimeError, { glyph: errGlyph, message })
+            );
+            this.printer.data(tx(CONFORMANCE_TEXTS.caseFail, { caseId }));
+          }
+          caseReports.push({
+            id: caseId,
+            status: "fail",
+            failures: [{
+              type: "runtime-error",
+              reason: sanitizeForTerminal(truncateHead(message, ASSERTION_REASON_DISPLAY_CAP))
+            }]
+          });
         }
       }
-      this.printer.data(
-        tx(CONFORMANCE_TEXTS.scopeSummary, {
-          label: scope.label,
-          passCount: scopePass,
-          caseCount: cases.length
-        })
-      );
+      if (!this.json) {
+        this.printer.data(
+          tx(CONFORMANCE_TEXTS.scopeSummary, {
+            label: scope.label,
+            passCount: scopePass,
+            caseCount: cases.length
+          })
+        );
+      }
+      scopeReports.push({
+        label: scope.label,
+        passCount: scopePass,
+        caseCount: cases.length,
+        cases: caseReports
+      });
       totalPass += scopePass;
       totalCases += cases.length;
     }
+    if (this.json) {
+      const envelope = {
+        ok: true,
+        kind: "conformance.result",
+        totals: {
+          scopes: scopes.length,
+          cases: totalCases,
+          passCount: totalPass,
+          failCount: totalCases - totalPass
+        },
+        scopes: scopeReports,
+        elapsedMs: this.elapsed.ms()
+      };
+      this.printer.data(JSON.stringify(envelope) + "\n");
+      return anyFailure ? ExitCode.Issues : ExitCode.Ok;
+    }
     this.printer.data(
       tx(CONFORMANCE_TEXTS.totalSummary, {
         passCount: totalPass,
@@ -10152,7 +10346,30 @@ var ConformanceRunCommand = class extends SmCommand {
     if (anyFailure) return ExitCode.Issues;
     return ExitCode.Ok;
   }
+  /**
+   * Emit the canonical `--json` error envelope on stdout. Mirrors the
+   * shape from `cli-contract.md` §Error envelope. Suppresses the
+   * human-facing glyph + hint output that the non-JSON branches still
+   * render.
+   */
+  #emitJsonError(code, message) {
+    const payload = { ok: false, error: { code, message } };
+    this.printer.data(JSON.stringify(payload) + "\n");
+  }
 };
+function projectAssertionFailures(assertions) {
+  const out = [];
+  for (const a of assertions) {
+    if (a.ok) continue;
+    out.push({
+      type: a.type,
+      reason: sanitizeForTerminal(
+        truncateHead(a.reason ?? "", ASSERTION_REASON_DISPLAY_CAP)
+      )
+    });
+  }
+  return out;
+}
 function readCaseId(casePath) {
   try {
     const raw = readFileSync13(casePath, "utf8");
@@ -10226,13 +10443,13 @@ var DB_TEXTS = {
   pluginMigrateApplied: "{{glyph}}  plugin {{pluginId}} \xB7 Applied {{count}} migration(s)\n",
   pluginMigrateIntrusion: "plugin {{pluginId}} \xB7 catalog intrusion detected: {{intrusions}}\n",
   // --- dry-run previews ------------------------------------------------
-  dryRunHeader: "(dry-run \u2014 no DB writes, no file unlinks)\n",
-  dryRunResetWouldClearNone: "would clear   0 table(s): (none \u2014 DB schema is empty)\n",
+  dryRunHeader: "(dry-run, no DB writes, no file unlinks)\n",
+  dryRunResetWouldClearNone: "would clear   0 table(s): (none, DB schema is empty)\n",
   // The `lines` arg is a pre-built multi-line block, one "  - name: N row(s)"
   // per table, joined with `\n`.
   dryRunResetWouldClearWithRowCounts: "would clear   {{tableCount}} table(s) ({{totalRows}} total row(s)):\n{{lines}}\n",
   dryRunResetHardWouldDelete: "would delete  {{path}} ({{sizeBytes}} bytes)\n",
-  dryRunResetHardWouldDeleteMissing: "would delete  {{path}} (file does not exist \u2014 no-op)\n",
+  dryRunResetHardWouldDeleteMissing: "would delete  {{path}} (file does not exist, no-op)\n",
   // The `targetClause` arg is one of two pre-built strings:
   //   "(exists, would be overwritten)"  /  "(does not exist, would be created)".
   dryRunRestoreWouldOverwrite: "would copy    {{sourcePath}} ({{sourceBytes}} bytes) \u2192 {{target}} {{targetClause}}\nwould delete  {{target}}-wal and {{target}}-shm sidecars if present\n",
@@ -10249,7 +10466,7 @@ var DbBackupCommand = class extends SmCommand {
     details: `
       Default output: <db-dir>/backups/<timestamp>.db. Use --out to override.
       scan_* is regenerated on demand and is NOT excluded from the raw file
-      copy, but restoring a backup over a live DB is the expected use \u2014
+      copy, but restoring a backup over a live DB is the expected use;
       running sm scan afterwards refreshes scan_*.
     `
   });
@@ -10281,10 +10498,10 @@ import { dirname as dirname13, resolve as resolve23 } from "path";
 import { Command as Command7, Option as Option7 } from "clipanion";
 
 // cli/util/fs.ts
-import { stat as stat2 } from "fs/promises";
+import { stat } from "fs/promises";
 async function pathExists(path) {
   try {
-    await stat2(path);
+    await stat(path);
     return true;
   } catch (err) {
     if (err.code === "ENOENT") return false;
@@ -10293,7 +10510,7 @@ async function pathExists(path) {
 }
 async function statOrNull(path) {
   try {
-    return await stat2(path);
+    return await stat(path);
   } catch (err) {
     if (err.code === "ENOENT") return null;
     throw err;
@@ -10401,10 +10618,10 @@ var DbResetCommand = class extends SmCommand {
     category: "Database",
     description: "Drop scan_* (default), optionally state_*, or delete the DB entirely.",
     details: `
-      Without flags: drops scan_* tables only. Non-destructive \u2014 no prompt.
-      With --state: also drops state_* tables. Destructive \u2014 requires
+      Without flags: drops scan_* tables only. Non-destructive, no prompt.
+      With --state: also drops state_* tables. Destructive, requires
       confirmation unless --yes / --force.
-      With --hard: deletes the DB file entirely. Destructive \u2014 requires
+      With --hard: deletes the DB file entirely. Destructive, requires
       confirmation unless --yes / --force.
       With --dry-run: previews what would be cleared / deleted without
       touching the DB. Bypasses the confirmation prompt entirely (the
@@ -10544,7 +10761,7 @@ var DbShellCommand = class extends SmCommand {
     `
   });
   // Interactive shell: the spawned `sqlite3` owns the terminal. No
-  // `done in <…>` line — the user expects to see the shell's own
+  // `done in <…>` line, the user expects to see the shell's own
   // prompt + farewell, not a follow-up trailer once they exit.
   emitElapsed = false;
   async run() {
@@ -10595,7 +10812,7 @@ var DbBrowserCommand = class extends SmCommand {
     ]
   });
   // GUI launch: the spawned process is detached and unref'd; we exit
-  // immediately. No `done in <…>` line — the user expects to see the
+  // immediately. No `done in <…>` line, the user expects to see the
   // GUI window, not a follow-up trailer in the terminal.
   emitElapsed = false;
   rw = Option9.Boolean("--rw", false, {
@@ -10637,7 +10854,7 @@ var DbDumpCommand = class extends SmCommand {
   static usage = Command11.Usage({
     category: "Database",
     description: "SQL dump to stdout.",
-    details: "Read-only. Pure node:sqlite \u2014 no external `sqlite3` binary required. Use --tables <names...> to limit the dump to specific tables."
+    details: "Read-only. Pure node:sqlite; no external `sqlite3` binary required. Use --tables <names...> to limit the dump to specific tables."
   });
   tables = Option10.Array("--tables", { required: false });
   async run() {
@@ -11128,17 +11345,17 @@ var EXPORT_TEXTS = {
   /** Echo of the user's query string (or the empty placeholder). */
   mdQueryLine: "Query: `{{query}}`",
   /** Placeholder used when the user's query is empty. */
-  mdQueryEmpty: "(empty \u2014 all nodes)",
+  mdQueryEmpty: "(empty, all nodes)",
   /** Counts summary line under the query. */
   mdCounts: "Counts: {{nodes}} nodes, {{links}} links, {{issues}} issues.",
   /** Section header for a single node-kind group. */
   mdKindSectionHeader: "## {{kind}} ({{count}})",
   /** Bullet template for a node row. `{{title}}` and `{{issues}}` are pre-rendered (empty when absent). */
   mdNodeBullet: "- `{{path}}`{{title}}{{issues}}",
-  /** ` — "<title>"` segment when the node has a title. */
-  mdNodeTitleSuffix: ' \u2014 "{{title}}"',
-  /** ` — N issue(s)` segment when the node has any associated issues. */
-  mdNodeIssueSuffix: " \u2014 {{count}} {{label}}",
+  /** `: "<title>"` segment when the node has a title. */
+  mdNodeTitleSuffix: ': "{{title}}"',
+  /** ` (N issue(s))` segment when the node has any associated issues. */
+  mdNodeIssueSuffix: " ({{count}} {{label}})",
   mdNodeIssueLabelSingular: "issue",
   mdNodeIssueLabelPlural: "issues",
   /** Section header for the links block. */
@@ -11169,10 +11386,10 @@ var ExportCommand = class extends SmCommand {
       Query syntax (v0.5.0): whitespace-separated key=value tokens; AND
       across keys, OR within comma-separated values. Keys: \`kind\`
       (skill / agent / command / note), \`has\` (issues), \`path\`
-      (POSIX glob \u2014 \`*\` matches a single segment, \`**\` matches across
+      (POSIX glob: \`*\` matches a single segment, \`**\` matches across
       segments).
 
-      Pass an empty query (\`""\`) \u2014 or omit the argument entirely \u2014 to
+      Pass an empty query (\`""\`), or omit the argument entirely, to
       export every node.
 
       Run \`sm scan\` first to populate the DB.
@@ -11431,7 +11648,12 @@ var GraphCommand = class extends SmCommand {
       const text = formatter.format({
         nodes: scan.nodes,
         links: scan.links,
-        issues: scan.issues
+        issues: scan.issues,
+        // Pass the full persisted scan so format-specific renderers
+        // that mirror a `ScanResult` envelope (today: built-in `json`)
+        // can emit it verbatim without re-deriving fields like
+        // `schemaVersion` or `stats` from the three primary arrays.
+        scanResult: scan
       });
       this.printer.data(text.endsWith("\n") ? text : text + "\n");
       return ExitCode.Ok;
@@ -11457,7 +11679,7 @@ var HELP_TEXTS = {
   mdSpecVersionLine: "- Spec version: `{{version}}`",
   // --- global flags section ------------------------------------------------
   mdHeaderGlobalFlags: "## Global flags",
-  mdGlobalFlagBullet: "- `{{name}}` \u2014 {{description}}",
+  mdGlobalFlagBullet: "- `{{name}}`: {{description}}",
   /** Description copy for the `--help` global flag in the JSON / md output. */
   globalFlagHelpDescription: "Print usage and exit.",
   // --- per-category / per-verb (md) ----------------------------------------
@@ -11468,12 +11690,12 @@ var HELP_TEXTS = {
   mdFlagBullet: "- {{names}} `{{type}}`{{required}}{{description}}",
   /** Trailing fragment for `mdFlagBullet`'s `{{required}}` slot. */
   mdFlagBulletRequiredFragment: " (required)",
-  /** Trailing fragment for `mdFlagBullet`'s `{{description}}` slot (with leading em-dash). */
-  mdFlagBulletDescriptionFragment: " \u2014 {{description}}",
+  /** Trailing fragment for `mdFlagBullet`'s `{{description}}` slot (with leading colon). */
+  mdFlagBulletDescriptionFragment: ": {{description}}",
   mdExampleBullet: "- {{title}}",
   // --- human single-verb renderer ------------------------------------------
   /** Header line for `sm help <verb>` and `sm <verb> --help`. */
-  humanVerbHeader: "sm {{name}}  \u2014  {{description}}",
+  humanVerbHeader: "sm {{name}}:  {{description}}",
   humanDescriptionHeading: "DESCRIPTION",
   humanUsageHeading: "USAGE",
   /**
@@ -11491,9 +11713,9 @@ var HELP_TEXTS = {
   // --- human compact overview (sm / sm --help / sm help, no verb) ---------
   /**
    * Compact-overview header. Replaces the Clipanion default ANSI banner.
-   * Tagline mirrors README.md "In a sentence" — keep them in sync.
+   * Tagline mirrors README.md "In a sentence", keep them in sync.
    */
-  compactHeader: "{{binary}} {{version}}  \u2014  the missing map for Markdown-based generative-AI ecosystems",
+  compactHeader: "{{binary}} {{version}}:  the missing map for Markdown-based generative-AI ecosystems",
   compactUsageHeading: "USAGE",
   compactUsageLine: "  sm <command> [options]",
   compactExamplesHeading: "EXAMPLES",
@@ -11503,7 +11725,7 @@ var HELP_TEXTS = {
   /**
    * Marker prepended to the description column for not-yet-implemented
    * verbs (those whose registered description carries `(planned)`).
-   * Trailing space is intentional — the marker is concatenated before
+   * Trailing space is intentional, the marker is concatenated before
    * the rest of the description.
    */
   compactStubMarker: "[stub] ",
@@ -11530,10 +11752,10 @@ var HelpCommand = class extends Command15 {
       With a verb: the detail view for that single command.
 
       Formats:
-        human (default) \u2014 pretty terminal output.
-        md              \u2014 canonical markdown. context/cli-reference.md is
-                          regenerated from this and CI fails on drift.
-        json            \u2014 structured surface dump per spec/cli-contract.md.
+        human (default): pretty terminal output.
+        md             : canonical markdown. context/cli-reference.md is
+                         regenerated from this and CI fails on drift.
+        json           : structured surface dump per spec/cli-contract.md.
     `
   });
   verbParts = Option14.Rest({ required: 0 });
@@ -11917,7 +12139,7 @@ import {
   mkdirSync as mkdirSync4,
   readFileSync as readFileSync15,
   statSync as statSync3,
-  writeFileSync as writeFileSync3
+  writeFileSync
 } from "fs";
 import { dirname as dirname15, resolve as resolve26 } from "path";
 import { Command as Command16, Option as Option15 } from "clipanion";
@@ -11971,7 +12193,7 @@ var HooksInstallCommand = class extends SmCommand {
       replacing it.
 
       Requires a parent \`.git/\` (exit 5 otherwise). Writes nothing
-      under \`--dry-run\` \u2014 instead prints the planned content with
+      under \`--dry-run\`; instead prints the planned content with
       \`--- target: <path> ---\` markers.
     `,
     examples: [
@@ -11981,7 +12203,7 @@ var HooksInstallCommand = class extends SmCommand {
   });
   flavour = Option15.String({ required: true });
   dryRun = Option15.Boolean("-n,--dry-run", false);
-  // The remaining cyclomatic count is from CLI ergonomics — flavour
+  // The remaining cyclomatic count is from CLI ergonomics, flavour
   // guard, repo lookup, marker detection, dry-run / json / chained /
   // fresh branches each contributing a guard. Inner work already lives
   // in `computePlannedHookContent` and `findGitRepoRoot`.
@@ -12040,7 +12262,7 @@ var HooksInstallCommand = class extends SmCommand {
     }
     try {
       if (!existsSync17(hooksDir)) mkdirSync4(hooksDir, { recursive: true });
-      writeFileSync3(hookPath, planned2.content, { encoding: "utf8" });
+      writeFileSync(hookPath, planned2.content, { encoding: "utf8" });
       ensureExecutableBit(hookPath);
     } catch (err) {
       this.printer.error(
@@ -12103,13 +12325,14 @@ import cl100k_base from "js-tiktoken/ranks/cl100k_base";
 // kernel/i18n/orchestrator.texts.ts
 var ORCHESTRATOR_TEXTS = {
   frontmatterInvalid: "Frontmatter for {{path}} ({{kind}}) failed schema validation: {{errors}}",
-  frontmatterMalformedPasteWithIndent: "Frontmatter fence in {{path}} appears indented; YAML frontmatter MUST start with `---` at column 0. The file was scanned as body-only \u2014 the metadata block was silently lost. Move the `---` lines to the start of the line.",
+  frontmatterMalformedPasteWithIndent: "Frontmatter fence in {{path}} appears indented; YAML frontmatter MUST start with `---` at column 0. The file was scanned as body-only; the metadata block was silently lost. Move the `---` lines to the start of the line.",
   frontmatterMalformedByteOrderMark: "Frontmatter fence in {{path}} is preceded by a UTF-8 byte-order mark (BOM); the file was scanned as body-only. Re-save the file as UTF-8 without BOM. The metadata block was silently lost.",
-  frontmatterMalformedMissingClose: "Frontmatter in {{path}} opens with `---` but never closes \u2014 no matching `---` line at column 0 was found. The file was scanned as body-only and every metadata field was silently lost. Add a closing `---` line below the metadata block.",
+  frontmatterMalformedMissingClose: "Frontmatter in {{path}} opens with `---` but never closes (no matching `---` line at column 0 was found). The file was scanned as body-only and every metadata field was silently lost. Add a closing `---` line below the metadata block.",
   extensionErrorLinkKindNotDeclared: 'Extractor "{{extractorId}}" emitted a link of kind "{{linkKind}}" outside its declared `emitsLinkKinds` set [{{declaredKinds}}]. Link dropped.',
   extensionErrorIssueInvalidSeverity: `Rule "{{analyzerId}}" emitted an issue with invalid severity {{severity}} (allowed: 'error' | 'warn' | 'info'). Issue dropped.`,
   extensionErrorContributionUnknownId: 'Extractor "{{extractorId}}" emitted contribution "{{contributionId}}" on {{nodePath}} but did not declare it in its `viewContributions` map. Contribution dropped.',
   extensionErrorContributionPayloadInvalid: 'Extractor "{{extractorId}}" emitted contribution "{{contributionId}}" on {{nodePath}}; payload failed the "{{slot}}" schema: {{errors}}. Contribution dropped.',
+  extensionErrorRecommendedActionMissing: 'Analyzer "{{analyzerId}}" declares recommendedAction "{{actionId}}" but no Action is registered under that qualified id. The analyzer stays registered; the recommendation will not surface in the inspector.',
   runScanRootEmptyArray: "runScan: roots must contain at least one path (spec requires minItems: 1)",
   runScanRootMissing: "runScan: root path '{{root}}' does not exist or is not a directory"
 };
@@ -12298,10 +12521,11 @@ function isExternalUrlLink(link2) {
 }
 
 // kernel/orchestrator/analyzers.ts
-async function runAnalyzers(analyzers, nodes, internalLinks, orphanSidecars, sidecarRoots, annotationContributions, viewContributions, orphanJobFiles, referenceablePaths, cwd, emitter, hookDispatcher) {
+async function runAnalyzers(analyzers, nodes, internalLinks, orphanSidecars, sidecarRoots, annotationContributions, viewContributions, orphanJobFiles, referenceablePaths, cwd, registeredActionIds, emitter, hookDispatcher) {
   const issues = [];
   const contributions = [];
   const validators = loadSchemaValidators();
+  validateRecommendedActions(analyzers, registeredActionIds, emitter);
   const analyzerOrphans = orphanSidecars.map((o) => ({
     relativePath: o.relativePath,
     expectedMdPath: o.expectedMdPath
@@ -12373,6 +12597,27 @@ async function runAnalyzers(analyzers, nodes, internalLinks, orphanSidecars, sid
   }
   return { issues, contributions };
 }
+function validateRecommendedActions(analyzers, registeredActionIds, emitter) {
+  for (const analyzer of analyzers) {
+    const refs = analyzer.recommendedActions;
+    if (refs === void 0 || refs.length === 0) continue;
+    const analyzerId = qualifiedExtensionId(analyzer.pluginId, analyzer.id);
+    for (const actionId of refs) {
+      if (registeredActionIds.has(actionId)) continue;
+      emitter.emit(
+        makeEvent("extension.error", {
+          kind: "recommended-action-missing",
+          extensionId: analyzerId,
+          actionId,
+          message: tx(ORCHESTRATOR_TEXTS.extensionErrorRecommendedActionMissing, {
+            analyzerId,
+            actionId
+          })
+        })
+      );
+    }
+  }
+}
 function validateIssue(analyzer, issue, emitter) {
   const severity = issue.severity;
   if (severity !== "error" && severity !== "warn" && severity !== "info") {
@@ -12422,9 +12667,20 @@ function indexPriorLinks(links, priorNodePaths, byOriginating) {
     else byOriginating.set(key, [link2]);
   }
 }
+var FRONTMATTER_ISSUE_ANALYZERS = /* @__PURE__ */ new Set([
+  "frontmatter-invalid",
+  "frontmatter-malformed",
+  // Audit L1: parser parse-error is emitted by
+  // `buildFreshNodeAndValidateFrontmatter` from `raw.parseIssues`. The
+  // raw.parseIssues only flows through the non-cache path; a cached
+  // node skips the rebuild, so the prior issue MUST survive the
+  // incremental scan or the warning silently disappears on a clean
+  // re-scan of an unchanged file.
+  "frontmatter-parse-error"
+]);
 function indexPriorFrontmatterIssues(issues, byNode) {
   for (const issue of issues) {
-    if (issue.analyzerId !== "frontmatter-invalid" && issue.analyzerId !== "frontmatter-malformed") continue;
+    if (!FRONTMATTER_ISSUE_ANALYZERS.has(issue.analyzerId)) continue;
     if (issue.nodeIds.length !== 1) continue;
     const path = issue.nodeIds[0];
     const list = byNode.get(path);
@@ -12623,7 +12879,7 @@ function flagAmbiguousRenames(opts) {
         analyzerId: "auto-rename-ambiguous",
         severity: "warn",
         nodeIds: [toPath],
-        message: `Auto-rename ambiguous: ${toPath} matches ${remaining.length} prior frontmatters \u2014 pick one with \`sm orphans undo-rename ${toPath} --from <old.path>\`.`,
+        message: `Auto-rename ambiguous: ${toPath} matches ${remaining.length} prior frontmatters; pick one with \`sm orphans undo-rename ${toPath} --from <old.path>\`.`,
         data: { to: toPath, candidates: remaining }
       });
     }
@@ -12878,11 +13134,11 @@ function resolveSidecarOverlay(relativePath2, nodePathForIssue, roots, liveBodyH
     liveFrontmatterHash
   });
   return {
-    // R15 closure (2026-05-07) — surface the full parsed root on the
+    // R15 closure (2026-05-07), surface the full parsed root on the
     // overlay so BFF consumers (UI inspector audit / plugin-contributions
     // / debug panels) can read `for.*`, `audit.*`, `settings.*`, and
     // plugin-namespaced sub-keys without re-reading the file. The
-    // `annotations` field above stays — it duplicates `root.annotations`
+    // `annotations` field above stays, it duplicates `root.annotations`
     // by design so existing consumers keep working unchanged.
     overlay: {
       present: true,
@@ -12926,6 +13182,16 @@ function buildFreshNodeAndValidateFrontmatter(opts) {
     encoder: opts.encoder
   });
   const frontmatterIssues = [];
+  if (opts.raw.parseIssues && opts.raw.parseIssues.length > 0) {
+    for (const pi of opts.raw.parseIssues) {
+      frontmatterIssues.push({
+        analyzerId: pi.code,
+        severity: opts.strict ? "error" : "warn",
+        nodeIds: [opts.raw.path],
+        message: pi.message
+      });
+    }
+  }
   if (opts.raw.frontmatterRaw.length > 0) {
     const fmIssue = validateFrontmatter(
       opts.providerFrontmatter,
@@ -13217,6 +13483,9 @@ async function runScanInternal(_kernel, options) {
   recomputeLinkCounts(walked.nodes, walked.internalLinks);
   recomputeExternalRefsCount(walked.nodes, walked.externalLinks, walked.cachedPaths);
   await dispatchExtractorCompleted(exts.extractors, emitter, hookDispatcher);
+  const registeredActionIds = new Set(
+    _kernel.registry.all("action").map((a) => qualifiedExtensionId(a.pluginId, a.id))
+  );
   const analyzerResult = await runAnalyzers(
     exts.analyzers,
     walked.nodes,
@@ -13228,6 +13497,7 @@ async function runScanInternal(_kernel, options) {
     options.orphanJobFiles ?? [],
     options.referenceablePaths,
     options.cwd,
+    registeredActionIds,
     emitter,
     hookDispatcher
   );
@@ -13349,7 +13619,8 @@ function createChokidarWatcher(opts) {
   const watcher = chokidar.watch(absRoots, {
     ignoreInitial: true,
     persistent: true,
-    ...ignored ? { ignored } : {}
+    ...ignored ? { ignored } : {},
+    ...opts.depth !== void 0 ? { depth: opts.depth } : {}
   });
   let pending = [];
   let timer = null;
@@ -13558,16 +13829,19 @@ import { join as join10, resolve as resolve28 } from "path";
 function findOrphanJobFiles(jobsDir, referencedPaths) {
   let entries;
   try {
-    const stat3 = statSync6(jobsDir);
-    if (!stat3.isDirectory()) {
+    const stat2 = statSync6(jobsDir);
+    if (!stat2.isDirectory()) {
       return { orphanFilePaths: [], referencedCount: referencedPaths.size };
     }
-    entries = readdirSync7(jobsDir);
+    entries = readdirSync7(jobsDir, { withFileTypes: true });
   } catch {
     return { orphanFilePaths: [], referencedCount: referencedPaths.size };
   }
   const orphans = [];
-  for (const name of entries) {
+  for (const entry of entries) {
+    if (entry.isSymbolicLink()) continue;
+    if (!entry.isFile()) continue;
+    const name = entry.name;
     if (!name.endsWith(".md")) continue;
     const abs = resolve28(join10(jobsDir, name));
     if (!referencedPaths.has(abs)) orphans.push(abs);
@@ -13649,7 +13923,7 @@ var REFERENCE_WALK_MAX_FILES = 5e4;
 var SKIPPED_DIR_NAMES = /* @__PURE__ */ new Set([
   "node_modules",
   ".git",
-  ".skill-map"
+  SKILL_MAP_DIR
 ]);
 function resolveScanPath(raw, cwd, homedir4) {
   if (raw.startsWith("~/")) return resolve29(join11(homedir4, raw.slice(2)));
@@ -13664,8 +13938,8 @@ function walkReferencePaths(rawRoots, cwd, homedir4) {
   for (const raw of rawRoots) {
     if (truncated) break;
     const root = resolveScanPath(raw, cwd, homedir4);
-    const stat3 = safeStat(root);
-    if (!stat3 || !stat3.isDirectory()) {
+    const stat2 = safeStat(root);
+    if (!stat2 || !stat2.isDirectory()) {
       missingRoots.push(root);
       continue;
     }
@@ -13865,7 +14139,7 @@ function buildRunScanOptions(args2) {
     emitter: opts.emitterFactory ? opts.emitterFactory() : createStderrProgressEmitter(opts.stderr, {
       colorEnabled: opts.colorEnabled === true
     }),
-    // Orphan job-file detection — empty list means "no orphans
+    // Orphan job-file detection, empty list means "no orphans
     // visible from this caller" (legacy behaviour). The orchestrator
     // defaults to `[]` when the field is absent; we always pass the
     // array (possibly empty) to keep the wiring uniform.
@@ -13958,7 +14232,7 @@ var INIT_TEXTS = {
   scanFailed: "{{glyph}}  sm init: scan failed: {{message}}\n",
   firstScanSummary: "{{glyph}}  First scan: {{nodes}} node{{nodesPlural}}, {{links}} link{{linksPlural}}, {{issues}} issue{{issuesPlural}}.\n",
   // --- dry-run previews --------------------------------------------------
-  dryRunHeader: "(dry-run \u2014 no files written, no DB provisioned)\n",
+  dryRunHeader: "(dry-run, no files written, no DB provisioned)\n",
   dryRunWouldCreateDir: "would create   {{path}}/\n",
   dryRunWouldWriteFile: "would write    {{path}}\n",
   dryRunWouldOverwriteFile: "would overwrite {{path}}\n",
@@ -14007,7 +14281,7 @@ var InitCommand = class extends SmCommand {
     description: "Strict mode: fail on any layered-loader warning AND promote frontmatter warnings to errors during the first scan. Same flag as sm scan / sm config."
   });
   dryRun = Option16.Boolean("-n,--dry-run", false, {
-    description: "Preview the scope provisioning without touching the filesystem or the DB. Honours --force for the would-overwrite preview. Skips the first scan unconditionally \u2014 dry-run never persists."
+    description: "Preview the scope provisioning without touching the filesystem or the DB. Honours --force for the would-overwrite preview. Skips the first scan unconditionally; dry-run never persists."
   });
   // CLI orchestrator: paths setup + dry-run branch (delegated to
   // `writeDryRunPlan`) + real provision (mkdir + 4 file writes +
@@ -14137,7 +14411,7 @@ async function runFirstScan(scopeRoot, homedir4, strict, printer, stderr, ansi)
     dryRun: false,
     changed: false,
     // Init's first scan always persists, even when the scope is
-    // empty — the historic behaviour was to seed the DB regardless of
+    // empty, the historic behaviour was to seed the DB regardless of
     // node count. `runScanForCommand`'s guard refuses to wipe a
     // populated DB with a zero-result scan; init's DB is freshly
     // provisioned (zero rows), so the guard is dormant. Pass
@@ -14224,11 +14498,11 @@ var HISTORY_TEXTS = {
   statusInvalidHint: "Allowed: {{allowed}}.",
   periodInvalid: '{{glyph}}  --period: invalid value "{{value}}".\n   {{hint}}\n',
   periodInvalidHint: "Allowed: {{allowed}}.",
-  schemaValidationFailed: "{{glyph}}  internal: history-stats output failed schema validation \u2014 {{errors}}\n",
+  schemaValidationFailed: "{{glyph}}  internal: history-stats output failed schema validation: {{errors}}\n",
   // --- renderStats: sectioned layout (matches `sm plugins doctor`) -----
   statsAllTimeWindow: "(all time)",
-  /** One-line dense header: `sm history stats — N executions · M.M% error rate`. */
-  statsHeader: "sm history stats \u2014 {{summary}}\n\n",
+  /** One-line dense header: `sm history stats: N executions · M.M% error rate`. */
+  statsHeader: "sm history stats: {{summary}}\n\n",
   /** Section heading rendered before each indented block. */
   statsSectionHeader: "  {{title}}\n",
   /** Two-column field row inside a section, label padded by the renderer. */
@@ -14243,7 +14517,7 @@ var HISTORY_TEXTS = {
   statsLabelExecutions: "Executions",
   statsLabelTokens: "Tokens",
   statsLabelDuration: "Duration",
-  /** `N (X ok · Y failed · Z cancelled)` — only the populated buckets render. */
+  /** `N (X ok · Y failed · Z cancelled)`, only the populated buckets render. */
   statsExecutionsCount: "{{count}}{{breakdown}}",
   statsTokensSplit: "{{in}} in / {{out}} out",
   /** Per-action row: `<id>@<version>  N runs  ·  T_in/T_out`. */
@@ -14273,7 +14547,7 @@ var HISTORY_TEXTS = {
   tableFooterCount: "{{count}} {{noun}}\n",
   tableFooterNounSingular: "execution",
   tableFooterNounPlural: "executions",
-  /** Footer tip — printed dim under the count. */
+  /** Footer tip, printed dim under the count. */
   tableFooterTip: "Tip: `sm history stats` for aggregated counts and top actions.\n"
 };
 
@@ -14519,7 +14793,7 @@ function toHistoryRow(r) {
   const status = reason.length > 0 ? tx(HISTORY_TEXTS.statusWithReason, { status: r.status, reason }) : r.status;
   return {
     id: truncateHead(sanitizeForTerminal(r.id), COL_ID_MAX),
-    // ISO timestamp with the `T` swapped for a space — keeps the column
+    // ISO timestamp with the `T` swapped for a space, keeps the column
     // narrow and human-readable without losing the `Z` UTC marker.
     started: new Date(r.startedAt).toISOString().slice(0, 19).replace("T", " ") + "Z",
     action: truncateHead(sanitizeForTerminal(r.extensionId), COL_ACTION_MAX),
@@ -14720,6 +14994,7 @@ function trimMs(iso) {
 
 // cli/commands/jobs.ts
 import { unlink } from "fs/promises";
+import { relative as relative6 } from "path";
 import { Command as Command19, Option as Option18 } from "clipanion";
 
 // cli/i18n/jobs.texts.ts
@@ -14811,18 +15086,30 @@ var JobPruneCommand = class extends SmCommand {
           const cutoff = now - completedPolicy * 1e3;
           const result = await this.pruneOrPreview("completed", cutoff, adapter, this.dryRun);
           out.retention.completed.deleted = result.deletedCount;
-          out.retention.completed.files = await this.unlinkFiles(result.filePaths, this.dryRun);
+          out.retention.completed.files = await this.unlinkFiles(
+            result.filePaths,
+            jobsDir,
+            this.dryRun
+          );
         }
         if (failedPolicy !== null) {
           const cutoff = now - failedPolicy * 1e3;
           const result = await this.pruneOrPreview("failed", cutoff, adapter, this.dryRun);
           out.retention.failed.deleted = result.deletedCount;
-          out.retention.failed.files = await this.unlinkFiles(result.filePaths, this.dryRun);
+          out.retention.failed.files = await this.unlinkFiles(
+            result.filePaths,
+            jobsDir,
+            this.dryRun
+          );
         }
         if (this.orphanFiles && out.orphanFiles.scanned) {
           const referenced = await adapter.jobs.listReferencedFilePaths();
           const orphans = findOrphanJobFiles(jobsDir, referenced);
-          const removed = await this.unlinkFiles(orphans.orphanFilePaths, this.dryRun);
+          const removed = await this.unlinkFiles(
+            orphans.orphanFilePaths,
+            jobsDir,
+            this.dryRun
+          );
           out.orphanFiles = { scanned: true, deleted: removed };
         }
       });
@@ -14841,10 +15128,15 @@ var JobPruneCommand = class extends SmCommand {
   async pruneOrPreview(status, cutoffMs, adapter, dryRun) {
     return dryRun ? adapter.jobs.listTerminalCandidates(status, cutoffMs) : adapter.jobs.pruneTerminal(status, cutoffMs);
   }
-  async unlinkFiles(paths, dryRun) {
+  async unlinkFiles(paths, jobsDir, dryRun) {
     if (dryRun) return paths.length;
     let removed = 0;
     for (const p of paths) {
+      try {
+        assertContained(jobsDir, relative6(jobsDir, p));
+      } catch {
+        continue;
+      }
       try {
         await unlink(p);
         removed += 1;
@@ -14917,7 +15209,7 @@ var LIST_TEXTS = {
   tableFooterCount: "{{count}} {{noun}}\n",
   tableFooterNounSingular: "node",
   tableFooterNounPlural: "nodes",
-  /** Footer tip — printed dim under the count. */
+  /** Footer tip, printed dim under the count. */
   tableFooterTip: "Tip: `sm show <path>` for details, `sm check` for issues.\n"
 };
 
@@ -15183,7 +15475,7 @@ var ORPHANS_TEXTS = {
   reconcileDryRunHead: "{{glyph}}  Would reconcile {{from}} \u2192 {{to}}{{dryTag}}\n",
   /** Breakdown line composed at the call site from non-zero counts only. */
   reconcileBreakdown: "{{rows}} rows \xB7 jobs {{jobs}} \xB7 execs {{execs}} \xB7 summaries {{summaries}} \xB7 enrichments {{enrichments}} \xB7 kv {{kv}} \xB7 favorites {{favorites}}",
-  reconcileCollisionsNote: "{{glyph}}  {{count}} composite-PK collision{{plural}} \u2014 destination rows preserved.\n",
+  reconcileCollisionsNote: "{{glyph}}  {{count}} composite-PK collision{{plural}}; destination rows preserved.\n",
   reconcileCollisionsNoteDryRun: "{{glyph}}  {{count}} composite-PK collision{{plural}} would be skipped; destination rows preserved.\n",
   // --- undo-rename -------------------------------------------------------
   undoNoActiveIssue: '{{glyph}}  sm orphans undo-rename: no active auto-rename issue targets "{{path}}".\n   {{hint}}\n',
@@ -15208,7 +15500,7 @@ var ORPHANS_TEXTS = {
    * emitted after `sm orphans undo-rename`. The string lands in DB rows
    * and travels through `--json`, `sm check`, and downstream consumers,
    * so localising it requires a kernel-side template (not just a CLI
-   * catalog) — kept here for now so the wording lives in one greppable
+   * catalog), kept here for now so the wording lives in one greppable
    * place even if the layering is imperfect.
    */
   undoRenameOrphanMessage: "Orphan history: {{toPath}} (was reverted from auto-rename to {{newPath}}).",
@@ -15217,7 +15509,7 @@ var ORPHANS_TEXTS = {
   invalidKindHint: "Allowed: orphan, medium, ambiguous.",
   // --- renderOrphans (pretty listing) ------------------------------------
   /** Header line for the active orphan / auto-rename issues block. */
-  listHeader: "sm orphans \u2014 {{count}} {{noun}}\n\n",
+  listHeader: "sm orphans: {{count}} {{noun}}\n\n",
   listNounSingular: "issue",
   listNounPlural: "issues",
   /**
@@ -15437,7 +15729,7 @@ var OrphansUndoRenameCommand = class extends SmCommand {
       turned out to be unrelated.
 
       For an active auto-rename-medium issue on <new.path>, the prior
-      path is read from issue.data.from \u2014 omit --from. For an active
+      path is read from issue.data.from; omit --from. For an active
       auto-rename-ambiguous issue, --from <old.path> is REQUIRED to
       pick a candidate from data.candidates.
 
@@ -15684,7 +15976,7 @@ import { Command as Command22, Option as Option21 } from "clipanion";
 // cli/i18n/plugins.texts.ts
 var PLUGINS_TEXTS = {
   // --- enable / disable error guidance --------------------------------
-  // Spec § A.7 — granularity validation. The CLI rejects mismatched ids
+  // Spec § A.7, granularity validation. The CLI rejects mismatched ids
   // up front (instead of silently writing a config_plugins row that the
   // runtime would later ignore) so the user learns the model immediately.
   /**
@@ -15707,7 +15999,7 @@ var PLUGINS_TEXTS = {
   qualifiedIdNotFoundHint: "Run `sm plugins list` to see what each bundle ships.",
   qualifiedIdUnknownBundle: "{{glyph}}  Qualified extension id references unknown bundle: {{bundleId}}\n   {{hint}}\n",
   qualifiedIdUnknownBundleHint: "Run `sm plugins list` for known bundle ids.",
-  // Spec § A.10 — `applicableKinds` filter on Extractors. When an extractor
+  // Spec § A.10, `applicableKinds` filter on Extractors. When an extractor
   // declares a kind that no installed Provider emits, the load succeeds
   // (the Provider may arrive later) but `sm plugins doctor` surfaces a
   // non-blocking warning so the author sees the typo / missing dependency.
@@ -15715,11 +16007,22 @@ var PLUGINS_TEXTS = {
   // The id is rendered as the entry header (`⚠  <id>`); the body skips
   // re-stating it so the message reads cleanly under the entry.
   doctorApplicableKindUnknown: "Declares applicableKinds including '{{unknownKind}}', but no installed Provider declares that kind. The extractor is loaded but will never fire on that kind.",
+  // Phase 7 / View contribution system, defence-in-depth slot drift
+  // check. AJV at manifest load already rejects unknown slots as
+  // `invalid-manifest`, but a plugin authored against an older catalog
+  // whose `catalogCompat` satisfies the current major syntactically can
+  // still ship a slot id that was renamed / removed. The doctor pass
+  // surfaces those so the user runs `sm plugins upgrade` to migrate.
+  // Exit code is NOT promoted by this warning.
+  // The id is rendered as the entry header
+  // (`⚠  <pluginId>/<extensionId>/<contributionId>`); the body skips
+  // re-stating it so the message reads cleanly under the entry.
+  doctorUnknownSlot: "Contribution '{{contributionId}}' targets unknown slot '{{slot}}'. Run `sm plugins upgrade {{pluginId}}` or update the plugin to a slot in the current catalog (`sm plugins slots list`).",
   // --- list verb -------------------------------------------------------
   listEmpty: "No plugins discovered.\n",
   // --- doctor verb -----------------------------------------------------
   /** One-line summary that opens the human doctor output. */
-  doctorSummary: "plugins doctor \u2014 {{enabled}} enabled \xB7 {{issues}} issue{{issuesPlural}} \xB7 {{warnings}} warning{{warningsPlural}}\n\n",
+  doctorSummary: "plugins doctor: {{enabled}} enabled \xB7 {{issues}} issue{{issuesPlural}} \xB7 {{warnings}} warning{{warningsPlural}}\n\n",
   /** Source breakdown row (built-in vs user). Indented 4 to match the status rows. */
   doctorSourceRow: "    {{label}}  {{count}}\n",
   /** Status breakdown table heading. */
@@ -15769,12 +16072,12 @@ var PLUGINS_TEXTS = {
    */
   bundleSubIndent: "       ",
   listTipShow: "\nTip: `sm plugins show <id>` for kinds, versions, and per-extension status.\n",
-  /** Show command — built-in header (no version row, no path). */
+  /** Show command, built-in header (no version row, no path). */
   detailHeaderBuiltIn: "  {{glyph}}  {{id}}   {{source}}   {{count}} extension{{plural}}\n",
   /**
-   * Show command — user-plugin header. Version always present (defaults
+   * Show command, user-plugin header. Version always present (defaults
    * to `?` when the manifest omits it). Source labelled `user`; disabled
-   * / failed states surface via the glyph (✕) only — the source label
+   * / failed states surface via the glyph (✕) only, the source label
    * stays the same so users learn that the plugin _is_ a user one
    * regardless of its load state.
    */
@@ -15801,7 +16104,26 @@ var PLUGINS_TEXTS = {
    */
   detailExtensionRowBare: "       {{kind}}  {{name}}  v{{version}}\n",
   detailVersionUnknown: "?",
-  detailCompatUnknown: "?"
+  detailCompatUnknown: "?",
+  // --- create verb -----------------------------------------------------
+  /** Rejected when `<plugin-id>` fails the kebab-case lowercase regex. */
+  createInvalidId: "{{glyph}}  Plugin id must be kebab-case lowercase (got: {{id}})\n",
+  /** Target directory exists and `--force` was not passed. */
+  createRefuseOverwrite: "{{glyph}}  Refusing to overwrite {{targetDir}}. Pass --force to overwrite.\n",
+  /**
+   * Success block printed after scaffolding. Follows the no-em-dash rule
+   * across every line.
+   */
+  createSuccess: "Created {{targetDir}}\nNext:\n  - Edit {{pluginId}}/extensions/extractor.js (the extract() body)\n  - Run sm scan to see the contribution surface\n  - sm plugins slots list: browse other slots\n",
+  // --- slots list verb -------------------------------------------------
+  /** Section header for the view-slots catalogue. */
+  slotsListHeaderViewSlots: "  View slots ({{count}})\n",
+  /** Section header for the input-types catalogue (leading blank line). */
+  slotsListHeaderInputTypes: "\n  Input types ({{count}})\n",
+  /** Trailing tip; the `{{tip}}` is the dim-wrapped tip text. */
+  slotsListTipFooter: "\n{{tip}}\n",
+  /** Tip body, dim-wrapped by the caller. */
+  slotsListTipText: "Tip: full spec at spec/view-slots.md and spec/input-types.md."
 };
 
 // cli/commands/plugins/shared.ts
@@ -16232,15 +16554,28 @@ var PluginsDoctorCommand = class extends SmCommand {
     const counts = countByStatus(builtIns2, plugins);
     const knownKinds = collectKnownKinds(plugins);
     const applicableKindWarnings = collectApplicableKindWarnings(plugins, knownKinds);
+    const unknownSlotWarnings = collectUnknownSlotWarnings(plugins, KNOWN_SLOT_NAMES);
     const bad = plugins.filter((p) => p.status !== "enabled" && p.status !== "disabled");
-    const totalWarnings = applicableKindWarnings.length;
+    const totalWarnings = applicableKindWarnings.length + unknownSlotWarnings.length;
+    if (this.json) {
+      const envelope = buildDoctorJsonEnvelope({
+        counts,
+        bad,
+        applicableKindWarnings,
+        unknownSlotWarnings,
+        totalWarnings,
+        elapsedMs: this.elapsed.ms()
+      });
+      this.printer.data(JSON.stringify(envelope) + "\n");
+      return bad.length > 0 ? ExitCode.Issues : ExitCode.Ok;
+    }
     const stdout = this.context.stdout;
     const ansi = ansiFor({ isTTY: stdout.isTTY === true, noColorFlag: this.noColor });
     this.#renderSummaryHeader(counts.enabled, bad.length, totalWarnings);
     this.#renderSourceBreakdown(builtIns2.length, plugins.length);
     this.#renderStatusBreakdown(counts, ansi);
     if (totalWarnings > 0) {
-      this.#renderWarnings(applicableKindWarnings, totalWarnings, ansi);
+      this.#renderWarnings(applicableKindWarnings, unknownSlotWarnings, totalWarnings, ansi);
     }
     if (bad.length > 0) {
       this.#renderIssues(bad, ansi);
@@ -16294,7 +16629,7 @@ var PluginsDoctorCommand = class extends SmCommand {
       );
     }
   }
-  #renderWarnings(applicableKindWarnings, totalWarnings, ansi) {
+  #renderWarnings(applicableKindWarnings, unknownSlotWarnings, totalWarnings, ansi) {
     this.printer.data(tx(PLUGINS_TEXTS.doctorWarningsHeader, { count: totalWarnings }));
     const warnGlyph = ansi.yellow("\u26A0");
     for (const w of applicableKindWarnings) {
@@ -16307,6 +16642,20 @@ var PluginsDoctorCommand = class extends SmCommand {
         ansi
       );
     }
+    for (const w of unknownSlotWarnings) {
+      const slash = w.extensionQualifiedId.indexOf("/");
+      const pluginId = slash >= 0 ? w.extensionQualifiedId.slice(0, slash) : w.extensionQualifiedId;
+      this.#emitWarningEntry(
+        warnGlyph,
+        sanitizeForTerminal(`${w.extensionQualifiedId}/${w.contributionId}`),
+        tx(PLUGINS_TEXTS.doctorUnknownSlot, {
+          contributionId: sanitizeForTerminal(w.contributionId),
+          slot: sanitizeForTerminal(w.slot),
+          pluginId: sanitizeForTerminal(pluginId)
+        }),
+        ansi
+      );
+    }
   }
   #emitWarningEntry(glyph, id, message, ansi) {
     this.printer.data(tx(PLUGINS_TEXTS.doctorWarningEntry, { glyph, id }));
@@ -16446,29 +16795,116 @@ function appendUnknownKindWarnings(out, extractorQualifiedId, applicableKinds, k
     if (!knownKinds.has(k)) out.push({ extractorQualifiedId, unknownKind: k });
   }
 }
-
-// cli/commands/plugins/toggle.ts
-import { Command as Command25, Option as Option24 } from "clipanion";
-var TogglePluginsBase = class extends SmCommand {
-  all = Option24.Boolean("--all", false);
-  id = Option24.String({ required: false });
-  async toggle(enabled) {
-    const verb = enabled ? "enable" : "disable";
-    const stderr = this.context.stderr;
-    const stderrAnsi = ansiFor({ isTTY: stderr.isTTY === true, noColorFlag: this.noColor });
-    const argError = this.#validateArgs(stderrAnsi);
-    if (argError !== null) return argError;
-    const plugins = await loadAll({ global: this.global, pluginDir: void 0 });
-    const catalogue = bundleCatalogue(plugins);
-    const targetsResult = this.#pickTargets(catalogue, verb, stderrAnsi);
-    if (typeof targetsResult === "number") return targetsResult;
-    let targets = targetsResult;
-    const lockError = this.#applyLockGate(targets, stderrAnsi);
-    if (typeof lockError === "number") return lockError;
-    targets = lockError;
-    await this.#persistTargets(targets, enabled);
-    this.#renderSuccess(targets, enabled);
-    return ExitCode.Ok;
+function collectUnknownSlotWarnings(plugins, knownSlots) {
+  const out = [];
+  collectBuiltInUnknownSlotWarnings(out, knownSlots);
+  collectUserUnknownSlotWarnings(out, plugins, knownSlots);
+  return out;
+}
+function collectBuiltInUnknownSlotWarnings(out, knownSlots) {
+  for (const bundle of builtInBundles) {
+    for (const ext of bundle.extensions) {
+      const vc = ext.viewContributions;
+      if (!vc) continue;
+      appendUnknownSlotWarnings(out, qualifiedExtensionId(bundle.id, ext.id), vc, knownSlots);
+    }
+  }
+}
+function collectUserUnknownSlotWarnings(out, plugins, knownSlots) {
+  for (const p of plugins) {
+    if (p.status !== "enabled" || !p.extensions) continue;
+    for (const ext of p.extensions) {
+      const inst = extensionInstance(ext);
+      if (!inst) continue;
+      const vc = inst["viewContributions"];
+      if (vc === null || typeof vc !== "object") continue;
+      appendUnknownSlotWarnings(
+        out,
+        qualifiedExtensionId(ext.pluginId, ext.id),
+        vc,
+        knownSlots
+      );
+    }
+  }
+}
+function appendUnknownSlotWarnings(out, extensionQualifiedId, viewContributions, knownSlots) {
+  for (const [contributionId, raw] of Object.entries(viewContributions)) {
+    if (raw === null || typeof raw !== "object") continue;
+    const slot = raw.slot;
+    if (typeof slot !== "string") continue;
+    if (knownSlots.has(slot)) continue;
+    out.push({ extensionQualifiedId, contributionId, slot });
+  }
+}
+function buildDoctorJsonEnvelope(args2) {
+  const issues = args2.bad.map((p) => ({
+    id: sanitizeForTerminal(p.id),
+    status: p.status,
+    reason: sanitizeForTerminal(p.reason ?? "")
+  }));
+  const warnings = [];
+  for (const w of args2.applicableKindWarnings) {
+    warnings.push({
+      id: sanitizeForTerminal(w.extractorQualifiedId),
+      kind: "applicable-kind-unknown",
+      message: tx(PLUGINS_TEXTS.doctorApplicableKindUnknown, {
+        unknownKind: sanitizeForTerminal(w.unknownKind)
+      })
+    });
+  }
+  for (const w of args2.unknownSlotWarnings) {
+    const slash = w.extensionQualifiedId.indexOf("/");
+    const pluginId = slash >= 0 ? w.extensionQualifiedId.slice(0, slash) : w.extensionQualifiedId;
+    warnings.push({
+      id: sanitizeForTerminal(`${w.extensionQualifiedId}/${w.contributionId}`),
+      kind: "unknown-slot",
+      message: tx(PLUGINS_TEXTS.doctorUnknownSlot, {
+        contributionId: sanitizeForTerminal(w.contributionId),
+        slot: sanitizeForTerminal(w.slot),
+        pluginId: sanitizeForTerminal(pluginId)
+      })
+    });
+  }
+  return {
+    ok: true,
+    kind: "plugins.doctor",
+    counts: {
+      enabled: args2.counts.enabled,
+      disabled: args2.counts.disabled,
+      loaded: args2.counts.enabled,
+      incompatible: args2.counts["incompatible-spec"] + args2.counts["incompatible-catalog"],
+      invalid: args2.counts["invalid-manifest"],
+      loadError: args2.counts["load-error"] + args2.counts["id-collision"],
+      warnings: args2.totalWarnings
+    },
+    issues,
+    warnings,
+    elapsedMs: args2.elapsedMs
+  };
+}
+
+// cli/commands/plugins/toggle.ts
+import { Command as Command25, Option as Option24 } from "clipanion";
+var TogglePluginsBase = class extends SmCommand {
+  all = Option24.Boolean("--all", false);
+  id = Option24.String({ required: false });
+  async toggle(enabled) {
+    const verb = enabled ? "enable" : "disable";
+    const stderr = this.context.stderr;
+    const stderrAnsi = ansiFor({ isTTY: stderr.isTTY === true, noColorFlag: this.noColor });
+    const argError = this.#validateArgs(stderrAnsi);
+    if (argError !== null) return argError;
+    const plugins = await loadAll({ global: this.global, pluginDir: void 0 });
+    const catalogue = bundleCatalogue(plugins);
+    const targetsResult = this.#pickTargets(catalogue, verb, stderrAnsi);
+    if (typeof targetsResult === "number") return targetsResult;
+    let targets = targetsResult;
+    const lockError = this.#applyLockGate(targets, stderrAnsi);
+    if (typeof lockError === "number") return lockError;
+    targets = lockError;
+    await this.#persistTargets(targets, enabled);
+    this.#renderSuccess(targets, enabled);
+    return ExitCode.Ok;
   }
   /**
    * `--all` vs `<id>` mutex check. The two are mutually exclusive and
@@ -16493,7 +16929,7 @@ var TogglePluginsBase = class extends SmCommand {
    *
    * `--all` is a macro on bundle ids: every plugin / bundle the user
    * can see. We deliberately do NOT expand to qualified
-   * <bundle>/<ext> keys — that would silently flip a granularity
+   * <bundle>/<ext> keys, that would silently flip a granularity
    * policy. For granularity=extension bundles the user already hits
    * the directed error message when they try the bundle id directly,
    * so `--all` skips them here too and the real "disable every core
@@ -16511,7 +16947,7 @@ var TogglePluginsBase = class extends SmCommand {
     return [resolved.key];
   }
   /**
-   * Host lock — see `src/kernel/config/locked-plugins.ts`. `--all`
+   * Host lock, see `src/kernel/config/locked-plugins.ts`. `--all`
    * silently skips locked targets so the user can still toggle the
    * rest. Single-id mode surfaces a directed exit-5 message.
    */
@@ -16531,7 +16967,7 @@ var TogglePluginsBase = class extends SmCommand {
   /**
    * Persist the toggle in `config_plugins`. On disable, also purge
    * the plugin's `scan_contributions` rows immediately (matches the
-   * BFF route — see `server/routes/plugins.ts:applyChangeToAdapter`).
+   * BFF route, see `server/routes/plugins.ts:applyChangeToAdapter`).
    * `targets` carries either a bare bundle id (e.g. `claude`) or a
    * qualified `<bundle>/<ext>` (e.g. `core/slash`); the split mirrors
    * how the catalog sweep groups rows.
@@ -16597,8 +17033,8 @@ var PluginsDisableCommand = class extends TogglePluginsBase {
     description: "Disable a plugin (or --all). Persists in config_plugins; does not delete files.",
     details: `
       Writes a row to config_plugins with enabled=0. Discovery still
-      surfaces the plugin in sm plugins list, but with status=disabled
-      \u2014 its extensions are not imported and the kernel will not run
+      surfaces the plugin in sm plugins list, but with status=disabled;
+      its extensions are not imported and the kernel will not run
       them.
 
       Granularity: a bundle-granularity plugin (default for user plugins,
@@ -16705,7 +17141,7 @@ function resolveBareToggle(id, catalogue, verb, ansi) {
 }
 
 // cli/commands/plugins/create.ts
-import { existsSync as existsSync21, mkdirSync as mkdirSync5, writeFileSync as writeFileSync4 } from "fs";
+import { existsSync as existsSync21, mkdirSync as mkdirSync5, writeFileSync as writeFileSync2 } from "fs";
 import { join as join13, resolve as resolve31 } from "path";
 import { Command as Command26, Option as Option25 } from "clipanion";
 var PluginsCreateCommand = class extends SmCommand {
@@ -16719,18 +17155,27 @@ var PluginsCreateCommand = class extends SmCommand {
   at = Option25.String("--at", { required: false });
   force = Option25.Boolean("--force", false);
   async run() {
+    const stderr = this.context.stderr;
+    const ansi = ansiFor({ isTTY: stderr.isTTY === true, noColorFlag: this.noColor });
+    const errGlyph = ansi.red("\u2715");
     if (!/^[a-z][a-z0-9]*(-[a-z0-9]+)*$/.test(this.pluginId)) {
       this.printer.error(
-        `Plugin id must be kebab-case lowercase (got: ${sanitizeForTerminal(this.pluginId)})
-`
+        tx(PLUGINS_TEXTS.createInvalidId, {
+          glyph: errGlyph,
+          id: sanitizeForTerminal(this.pluginId)
+        })
       );
       return ExitCode.Error;
     }
-    const targetDir = this.at ? resolve31(this.at) : resolve31(process.cwd(), ".skill-map", "plugins", this.pluginId);
+    const ctx = defaultRuntimeContext();
+    const baseDir = this.global ? defaultUserPluginsDir(ctx) : defaultProjectPluginsDir(ctx);
+    const targetDir = this.at ? resolve31(this.at) : join13(baseDir, this.pluginId);
     if (existsSync21(targetDir) && !this.force) {
       this.printer.error(
-        `Refusing to overwrite ${sanitizeForTerminal(targetDir)}. Pass --force to overwrite.
-`
+        tx(PLUGINS_TEXTS.createRefuseOverwrite, {
+          glyph: errGlyph,
+          targetDir: sanitizeForTerminal(targetDir)
+        })
       );
       return ExitCode.Error;
     }
@@ -16753,22 +17198,20 @@ var PluginsCreateCommand = class extends SmCommand {
         }
       }
     };
-    writeFileSync4(
+    writeFileSync2(
       join13(targetDir, "plugin.json"),
       JSON.stringify(manifest, null, 2) + "\n"
     );
-    writeFileSync4(
+    writeFileSync2(
       join13(targetDir, "extensions", "extractor.js"),
       scaffolderExtractorStub(this.pluginId)
     );
-    writeFileSync4(join13(targetDir, "README.md"), scaffolderReadme(this.pluginId));
+    writeFileSync2(join13(targetDir, "README.md"), scaffolderReadme(this.pluginId));
     this.printer.data(
-      `Created ${sanitizeForTerminal(targetDir)}
-Next:
-  - Edit ${this.pluginId}/extensions/extractor.js (the extract() body)
-  - Run sm scan to see the contribution surface
-  - sm plugins slots list \u2014 browse other slots
-`
+      tx(PLUGINS_TEXTS.createSuccess, {
+        targetDir: sanitizeForTerminal(targetDir),
+        pluginId: this.pluginId
+      })
     );
     return ExitCode.Ok;
   }
@@ -16834,16 +17277,16 @@ Generated by \`sm plugins create\`. Edit \`extensions/extractor.js\` to taste.
 
 ## Verbs
 
-- \`sm plugins show ${pluginId}\` \u2014 manifest + load status
-- \`sm plugins doctor\` \u2014 full plugin diagnostic
-- \`sm scan\` \u2014 re-emit contributions
+- \`sm plugins show ${pluginId}\`: manifest + load status
+- \`sm plugins doctor\`: full plugin diagnostic
+- \`sm scan\`: re-emit contributions
 
 ## Resources
 
 - \`spec/plugin-author-guide.md\` \xA7View contributions
-- \`spec/view-slots.md\` \u2014 the closed catalog of slots
-- \`spec/input-types.md\` \u2014 the closed catalog of input-types for settings
-- \`sm plugins slots list\` \u2014 browse the catalog from the CLI
+- \`spec/view-slots.md\`: the closed catalog of slots
+- \`spec/input-types.md\`: the closed catalog of input-types for settings
+- \`sm plugins slots list\`: browse the catalog from the CLI
 `;
 }
 
@@ -16852,11 +17295,11 @@ import { Command as Command27 } from "clipanion";
 
 // cli/commands/plugins/slots-catalog.ts
 var VIEW_SLOTS_CATALOG = [
-  { id: "card.title.right", summary: "Small icon marker next to the card title \u2014 language flag, platform glyph." },
+  { id: "card.title.right", summary: "Small icon marker next to the card title (language flag, platform glyph)." },
   { id: "card.subtitle.left", summary: "Single non-negative integer in the card subtitle row." },
   { id: "card.footer.left", summary: "Counter chip in the left footer of the card." },
   { id: "card.footer.right", summary: "Counter chip in the right footer of the card." },
-  { id: "graph.node.alert", summary: "Corner badge decoration on the graph node \u2014 alert / status." },
+  { id: "graph.node.alert", summary: "Corner badge decoration on the graph node (alert / status)." },
   { id: "inspector.header.badge.counter", summary: "Counter chip in the inspector header badge cluster." },
   { id: "inspector.header.badge.tag", summary: "Qualitative tag chip in the inspector header badge cluster." },
   { id: "inspector.body.panel.breakdown", summary: "Top-N labeled values rendered as a bar chart in the inspector body." },
@@ -16905,17 +17348,18 @@ var PluginsSlotsListCommand = class extends SmCommand {
       ...VIEW_SLOTS_CATALOG.map((c) => c.id.length),
       ...INPUT_TYPES_CATALOG.map((t) => t.id.length)
     );
-    this.printer.data(`  View slots (${VIEW_SLOTS_CATALOG.length})
-`);
+    this.printer.data(
+      tx(PLUGINS_TEXTS.slotsListHeaderViewSlots, { count: VIEW_SLOTS_CATALOG.length })
+    );
     for (const c of VIEW_SLOTS_CATALOG) {
       this.printer.data(
         `    ${c.id.padEnd(idWidth)}  ${ansi.dim(c.summary)}
 `
       );
     }
-    this.printer.data(`
-  Input types (${INPUT_TYPES_CATALOG.length})
-`);
+    this.printer.data(
+      tx(PLUGINS_TEXTS.slotsListHeaderInputTypes, { count: INPUT_TYPES_CATALOG.length })
+    );
     for (const t of INPUT_TYPES_CATALOG) {
       this.printer.data(
         `    ${t.id.padEnd(idWidth)}  ${ansi.dim(t.summary)}
@@ -16923,9 +17367,9 @@ var PluginsSlotsListCommand = class extends SmCommand {
       );
     }
     this.printer.data(
-      `
-${ansi.dim("Tip: full spec at spec/view-slots.md and spec/input-types.md.")}
-`
+      tx(PLUGINS_TEXTS.slotsListTipFooter, {
+        tip: ansi.dim(PLUGINS_TEXTS.slotsListTipText)
+      })
     );
     return ExitCode.Ok;
   }
@@ -16938,12 +17382,12 @@ var PluginsUpgradeCommand = class extends SmCommand {
   static usage = Command28.Usage({
     category: "Plugins",
     description: "Apply catalog migrations to plugin manifests.",
-    details: "No migrations registered against catalog v1.0.0 yet \u2014 this verb is a no-op today. The structure exists so future slot renames / deprecations land without spec churn."
+    details: "No migrations registered against catalog v1.0.0 yet; this verb is a no-op today. The structure exists so future slot renames / deprecations land without spec churn."
   });
   pluginId = Option26.String({ required: false, name: "plugin-id" });
   async run() {
     this.printer.data(
-      "sm plugins upgrade \u2014 no migrations registered for catalog v1.0.0.\n  All loaded plugins are catalog-current.\n  Run `sm plugins doctor` to surface any incompatible-catalog status.\n"
+      "sm plugins upgrade: no migrations registered for catalog v1.0.0.\n  All loaded plugins are catalog-current.\n  Run `sm plugins doctor` to surface any incompatible-catalog status.\n"
     );
     return ExitCode.Ok;
   }
@@ -16991,6 +17435,13 @@ var REFRESH_TEXTS = {
   refreshNodeNounPlural: "nodes",
   // --- failures -------------------------------------------------------------
   refreshFailed: "{{glyph}}  sm refresh: {{message}}\n",
+  /**
+   * Error-envelope `message` body for `--json` failures. Used as the
+   * `error.message` value when the verb cannot locate the project DB
+   * (the `--json` consumer cannot rely on the human glyph + hint).
+   */
+  jsonErrorDbMissing: "Project database not found. Run `sm init` before `sm refresh`.",
+  jsonErrorNodeNotFound: "Node not found: {{nodePath}}",
   /**
    * Sub-detail composed inside `refreshFailed` when the failure is a
    * filesystem read on a specific node body. Catalogued separately so the
@@ -17009,7 +17460,7 @@ var RefreshCommand = class extends SmCommand {
     details: `
       Re-runs Extractors against the node(s) and upserts their outputs into
       the universal enrichment layer (\`node_enrichments\`). Extractors are
-      deterministic-only \u2014 they always run for real and persist.
+      deterministic-only: they always run for real and persist.
 
       Layer separation: enrichments live separately from the author's
       frontmatter, which is immutable from any Extractor.
@@ -17071,6 +17522,10 @@ var RefreshCommand = class extends SmCommand {
       }
     );
     if (!persisted) {
+      if (this.json) {
+        this.#emitJsonError("db-missing", tx(REFRESH_TEXTS.jsonErrorDbMissing));
+        return ExitCode.NotFound;
+      }
       this.printer.info(
         tx(REFRESH_TEXTS.nodeNotFound, {
           glyph: ansi.red("\u2715"),
@@ -17083,14 +17538,19 @@ var RefreshCommand = class extends SmCommand {
     const targetResult = this.#resolveTargetNodes(persisted, ansi);
     if (!targetResult.ok) return targetResult.exitCode;
     const targetNodes = targetResult.nodes;
-    let freshEnrichments;
+    let freshEnrichmentsByNode;
     try {
-      freshEnrichments = await this.#runExtractorsAcrossNodes(targetNodes, allExtractors, ctx.cwd);
+      freshEnrichmentsByNode = await this.#runExtractorsAcrossNodes(targetNodes, allExtractors, ctx.cwd);
     } catch (err) {
       const message = formatErrorMessage(err);
+      if (this.json) {
+        this.#emitJsonError("internal", message);
+        return ExitCode.Error;
+      }
       this.printer.info(tx(REFRESH_TEXTS.refreshFailed, { glyph: errGlyph, message }));
       return ExitCode.Error;
     }
+    const freshEnrichments = freshEnrichmentsByNode.flatMap((n) => n.enrichments);
     if (freshEnrichments.length > 0) {
       try {
         await withSqlite({ databasePath: dbPath, autoBackup: false }, async (adapter) => {
@@ -17100,10 +17560,25 @@ var RefreshCommand = class extends SmCommand {
         });
       } catch (err) {
         const message = formatErrorMessage(err);
+        if (this.json) {
+          this.#emitJsonError("internal", message);
+          return ExitCode.Error;
+        }
         this.printer.info(tx(REFRESH_TEXTS.refreshFailed, { message }));
         return ExitCode.Error;
       }
     }
+    if (this.json) {
+      const envelope = {
+        ok: true,
+        kind: "refresh.report",
+        refreshed: freshEnrichments.length,
+        nodes: freshEnrichmentsByNode.map((n) => ({ path: n.path, enrichments: n.enrichments.length })),
+        elapsedMs: this.elapsed.ms()
+      };
+      this.printer.data(JSON.stringify(envelope) + "\n");
+      return ExitCode.Ok;
+    }
     const glyph = ansi.green("\u2713");
     const count = freshEnrichments.length;
     const noun = count === 1 ? REFRESH_TEXTS.refreshNounSingular : REFRESH_TEXTS.refreshNounPlural;
@@ -17131,18 +17606,45 @@ var RefreshCommand = class extends SmCommand {
     }
     return ExitCode.Ok;
   }
+  /**
+   * Emit the canonical `--json` error envelope on stdout. Mirrors the
+   * shape from `cli-contract.md` §Error envelope. Suppresses the
+   * human-facing glyph + hint output that the non-JSON branches still
+   * render.
+   */
+  #emitJsonError(code, message) {
+    const payload = { ok: false, error: { code, message } };
+    this.printer.data(JSON.stringify(payload) + "\n");
+  }
   /**
    * Decide which nodes the verb should refresh based on `--stale` /
    * `<nodePath>`. Writes the per-target advisory to stdout (or the
    * not-found / nothing-to-do message). Returns either the target list
    * or the exit code the caller should use.
+   *
+   * Complexity is from the two-axis branch (stale-vs-single x
+   * json-vs-human) plus the two terminal branches inside each axis.
+   * Further extraction would split the method per axis but lose the
+   * tight `nodesByPath.get(...)` reuse that drives both paths.
    */
+  // eslint-disable-next-line complexity
   #resolveTargetNodes(persisted, ansi) {
     const nodesByPath = /* @__PURE__ */ new Map();
     for (const node2 of persisted.result.nodes) nodesByPath.set(node2.path, node2);
     if (this.stale) {
       const staleEnrichments = persisted.enrichments.filter((e) => e.stale);
       if (staleEnrichments.length === 0) {
+        if (this.json) {
+          const envelope = {
+            ok: true,
+            kind: "refresh.report",
+            refreshed: 0,
+            nodes: [],
+            elapsedMs: this.elapsed.ms()
+          };
+          this.printer.data(JSON.stringify(envelope) + "\n");
+          return { ok: false, exitCode: ExitCode.Ok };
+        }
         this.printer.data(
           tx(REFRESH_TEXTS.refreshSuccessNoStale, { glyph: ansi.green("\u2713") })
         );
@@ -17158,6 +17660,13 @@ var RefreshCommand = class extends SmCommand {
     }
     const node = nodesByPath.get(this.nodePath);
     if (!node) {
+      if (this.json) {
+        this.#emitJsonError(
+          "not-found",
+          tx(REFRESH_TEXTS.jsonErrorNodeNotFound, { nodePath: this.nodePath })
+        );
+        return { ok: false, exitCode: ExitCode.NotFound };
+      }
       this.printer.info(
         tx(REFRESH_TEXTS.nodeNotFound, {
           glyph: ansi.red("\u2715"),
@@ -17172,28 +17681,35 @@ var RefreshCommand = class extends SmCommand {
   /**
    * For each target node: read its body off disk, run every applicable
    * Extractor (deterministic-only by spec), and collect the enrichment
-   * records they produce.
+   * records they produce. Returns one entry per node (in iteration
+   * order) so the verb's `--json` envelope can report a per-node
+   * breakdown; consumers that only care about the flat list flatten
+   * the result.
    */
   async #runExtractorsAcrossNodes(targetNodes, allExtractors, cwd) {
-    const freshEnrichments = [];
+    const perNode = [];
     for (const node of targetNodes) {
+      const nodeEnrichments = [];
       let body;
       try {
         assertContained(cwd, node.path);
         const raw = await readFile3(resolve32(cwd, node.path), "utf8");
         body = stripFrontmatterFence(raw);
       } catch (err) {
-        const stderr = this.context.stderr;
-        const ansi = ansiFor({ isTTY: stderr.isTTY === true, noColorFlag: this.noColor });
-        this.printer.info(
-          tx(REFRESH_TEXTS.refreshFailed, {
-            glyph: ansi.red("\u2715"),
-            message: tx(REFRESH_TEXTS.readFailedDetail, {
-              path: node.path,
-              message: formatErrorMessage(err)
+        if (!this.json) {
+          const stderr = this.context.stderr;
+          const ansi = ansiFor({ isTTY: stderr.isTTY === true, noColorFlag: this.noColor });
+          this.printer.info(
+            tx(REFRESH_TEXTS.refreshFailed, {
+              glyph: ansi.red("\u2715"),
+              message: tx(REFRESH_TEXTS.readFailedDetail, {
+                path: node.path,
+                message: formatErrorMessage(err)
+              })
             })
-          })
-        );
+          );
+        }
+        perNode.push({ path: node.path, enrichments: nodeEnrichments });
         continue;
       }
       const fm = node.frontmatter ?? {};
@@ -17202,10 +17718,11 @@ var RefreshCommand = class extends SmCommand {
       );
       for (const extractor of applicable) {
         const records = await runExtractorForEnrichment(extractor, node, body, fm);
-        for (const record of records) freshEnrichments.push(record);
+        for (const record of records) nodeEnrichments.push(record);
       }
+      perNode.push({ path: node.path, enrichments: nodeEnrichments });
     }
-    return freshEnrichments;
+    return perNode;
   }
 };
 async function runExtractorForEnrichment(extractor, node, body, frontmatter) {
@@ -17244,7 +17761,7 @@ var SCAN_TEXTS = {
   scanFailure: "{{glyph}}  sm scan: {{message}}\n",
   guardWipeRefused: "{{glyph}}  Refusing to wipe a populated DB ({{existing}} rows in scan_*) with a zero-result scan.\n   {{hint}}\n",
   guardWipeRefusedHint: "Pass --allow-empty to override. If this is unexpected, double-check the root paths.",
-  jsonSelfValidationFailed: "{{glyph}}  sm scan: internal \u2014 scan-result failed self-validation: {{errors}}\n",
+  jsonSelfValidationFailed: "{{glyph}}  sm scan: internal: scan-result failed self-validation: {{errors}}\n",
   /**
    * Header summary line. `glyph` is ✓ (green) on success or ✕ (red)
    * when error-severity issues fired; `counts` is the comma-separated
@@ -17254,9 +17771,9 @@ var SCAN_TEXTS = {
    * `  (<N> roots)` for multi-root scans.
    */
   scannedSummary: "  {{glyph}}  {{counts}}   {{duration}}{{rootsSuffix}}\n",
-  /** Body line directly under the header — final DB path (dim). */
+  /** Body line directly under the header, final DB path (dim). */
   persistedTo: "     {{dbPath}}\n",
-  /** Body line for dry-run mode — same indent, marker tail. */
+  /** Body line for dry-run mode, same indent, marker tail. */
   wouldPersist: "     would persist to {{dbPath}}  (dry-run)\n",
   // --- scan compare-with sub-verb --------------------------------------
   compareErrorPrefix: "sm scan compare-with: {{message}}\n",
@@ -17272,7 +17789,7 @@ var SCAN_TEXTS = {
    */
   compareDeltaSummary: "{{glyph}}  Delta {{comparedTag}}\n     {{nodesLine}}\n     {{linksLine}}\n     {{issuesLine}}",
   compareDeltaComparedTag: "vs {{comparedWith}}",
-  /** Per-row breakdown templates — composed at the call site with mid-dot separators. */
+  /** Per-row breakdown templates, composed at the call site with mid-dot separators. */
   compareDeltaNodesLine: "nodes:  {{added}} added \xB7 {{removed}} removed \xB7 {{changed}} changed",
   compareDeltaLinksLine: "links:  {{added}} added \xB7 {{removed}} removed",
   compareDeltaIssuesLine: "issues: {{added}} added \xB7 {{removed}} removed",
@@ -17280,25 +17797,28 @@ var SCAN_TEXTS = {
   compareDeltaNodesHeader: "## nodes",
   compareDeltaLinksHeader: "## links",
   compareDeltaIssuesHeader: "## issues",
-  /** `+ <path> (<kind>)` — added node row. */
+  /** `+ <path> (<kind>)`, added node row. */
   compareDeltaNodeAdded: "+ {{path}} ({{kind}})",
-  /** `- <path> (<kind>)` — removed node row. */
+  /** `- <path> (<kind>)`, removed node row. */
   compareDeltaNodeRemoved: "- {{path}} ({{kind}})",
-  /** `~ <path> (<reason> changed)` — changed node row. */
+  /** `~ <path> (<reason> changed)`, changed node row. */
   compareDeltaNodeChanged: "~ {{path}} ({{reason}} changed)",
-  /** `+ <source> --<kind>--> <target>` — added link row. */
+  /** `+ <source> --<kind>--> <target>`, added link row. */
   compareDeltaLinkAdded: "+ {{source}} --{{kind}}--> {{target}}",
-  /** `- <source> --<kind>--> <target>` — removed link row. */
+  /** `- <source> --<kind>--> <target>`, removed link row. */
   compareDeltaLinkRemoved: "- {{source}} --{{kind}}--> {{target}}",
-  /** `+ [<severity>] <analyzerId>: <message>` — added issue row. */
+  /** `+ [<severity>] <analyzerId>: <message>`, added issue row. */
   compareDeltaIssueAdded: "+ [{{severity}}] {{analyzerId}}: {{message}}",
-  /** `- [<severity>] <analyzerId>: <message>` — removed issue row. */
+  /** `- [<severity>] <analyzerId>: <message>`, removed issue row. */
   compareDeltaIssueRemoved: "- [{{severity}}] {{analyzerId}}: {{message}}"
 };
 
 // cli/commands/watch.ts
 import { Command as Command30, Option as Option28 } from "clipanion";
 
+// core/watcher/runtime.ts
+import { dirname as dirname16 } from "path";
+
 // core/runtime/fresh-resolver.ts
 async function buildFreshResolver(deps) {
   const overrides = await tryWithSqlite(
@@ -17504,16 +18024,37 @@ function createWatcherRuntime(opts) {
       });
     };
     const subscribeMeta = () => {
+      const ignorePath = defaultIgnoreFilePath(cwd);
+      const settingsPath = defaultSettingsPath(cwd);
+      const metaTargets = /* @__PURE__ */ new Set([ignorePath, settingsPath]);
       metaHandle = createChokidarWatcher({
+        // Watch the PARENT directories with `depth: 0`, not the
+        // individual files. Why: chokidar single-file watching on
+        // macOS + FSEvents loses the watch when an editor performs an
+        // atomic save (write to a tempfile, rename over the target).
+        // The original inode the watcher attached to is gone and the
+        // newly-renamed file is unobserved, so a `.skillmapignore`
+        // edit silently fails to reach this hook and stale nodes
+        // remain in the graph until the user touches some `.md` file
+        // to force a per-file re-evaluation. Watching the parent
+        // directory tracks the target by name (chokidar maps
+        // directory-level events to filename), so atomic saves
+        // surface as a normal `change` event regardless of inode
+        // churn. The `metaTargets` filter above strips events for any
+        // other file the parent directories happen to contain.
         roots: [
-          defaultIgnoreFilePath(cwd),
-          defaultSettingsPath(cwd)
+          cwd,
+          // parent of `.skillmapignore`
+          dirname16(settingsPath)
+          // parent of `.skill-map/settings.json`
         ],
         cwd,
         debounceMs,
-        // No ignore filter — these specific paths must always be
+        depth: 0,
+        // No ignore filter, these specific paths must always be
         // observed regardless of any user pattern.
-        onBatch: async () => {
+        onBatch: async ({ paths }) => {
+          if (!paths.some((p) => metaTargets.has(p))) return;
           if (stopped) return;
           try {
             cfg = loadEffectiveConfig();
@@ -17583,10 +18124,10 @@ function createWatcherRuntime(opts) {
 // cli/i18n/watch.texts.ts
 var WATCH_TEXTS = {
   configLoadFailure: "{{glyph}}  sm watch: {{message}}\n",
-  initialScanFailed: "{{glyph}}  sm watch: initial scan failed \u2014 {{message}}\n",
-  batchFailed: "{{glyph}}  sm watch: batch failed \u2014 {{message}}\n",
-  scanFailed: "{{glyph}}  sm watch: scan failed \u2014 {{message}}\n",
-  watcherError: "{{glyph}}  sm watch: watcher error \u2014 {{message}}\n",
+  initialScanFailed: "{{glyph}}  sm watch: initial scan failed: {{message}}\n",
+  batchFailed: "{{glyph}}  sm watch: batch failed: {{message}}\n",
+  scanFailed: "{{glyph}}  sm watch: scan failed: {{message}}\n",
+  watcherError: "{{glyph}}  sm watch: watcher error: {{message}}\n",
   starting: "sm watch: starting on {{rootsCount}} root(s), debounce {{debounceMs}}ms\n",
   ready: "sm watch: ready. Press Ctrl+C to stop.\n",
   stopped: "sm watch: stopped after {{batchCount}} batch(es).\n",
@@ -17599,7 +18140,7 @@ var WATCH_TEXTS = {
   scannedNounIssuePlural: "issues",
   scannedDurationTag: "in {{ms}}ms",
   priorSchemaValidationFailed: "prior scan-result loaded from DB failed schema validation: {{errors}}",
-  breakerTripped: "{{glyph}}  sm watch: {{count}} consecutive batch failures \u2014 shutting down.\n   {{hint}}\n",
+  breakerTripped: "{{glyph}}  sm watch: {{count}} consecutive batch failures, shutting down.\n   {{hint}}\n",
   breakerTrippedHint: "Last error: {{message}}",
   maxConsecutiveFailuresInvalid: "{{glyph}}  sm watch: --max-consecutive-failures must be a non-negative integer (got {{raw}}).\n"
 };
@@ -17655,7 +18196,7 @@ async function runWatchLoop(opts) {
     emitterFactory: () => createStderrProgressEmitter(context.stderr),
     runInitialBatch: true,
     // CLI ordering: initial scan first, then subscribe. Matches the
-    // historic `runWatchLoop` shape — events arriving during the
+    // historic `runWatchLoop` shape, events arriving during the
     // initial scan are intentionally lost (the next user save covers
     // any race).
     subscribeBeforeInitial: false,
@@ -17778,7 +18319,7 @@ var WatchCommand = class extends SmCommand {
     required: false,
     description: "Shut down with exit 2 after N consecutive batch failures (default 5; 0 disables the breaker)."
   });
-  // Long-running verb — the watcher prints its own "stopped" line on
+  // Long-running verb, the watcher prints its own "stopped" line on
   // SIGINT / SIGTERM. Adding `done in <…>` after that would be noise.
   emitElapsed = false;
   async run() {
@@ -17835,10 +18376,10 @@ var ScanCommand = class extends SmCommand {
       the prior snapshot from the DB, reuse unchanged nodes, and only
       reprocess new / modified files.
 
-      Scans honour scan.extraFolders (append extra dirs verbatim \u2014
-      the only way to extend the scan beyond cwd) and
-      scan.referencePaths (walk the configured dirs for
-      link-validation only \u2014 files there are not indexed). Both are
+      Scans honour scan.extraFolders (append extra dirs verbatim, the
+      only way to extend the scan beyond cwd) and scan.referencePaths
+      (walk the configured dirs for link-validation only; files there
+      are not indexed). Both are
       privacy-sensitive; see "sm config set --help" for the --yes
       gate.
     `,
@@ -17921,7 +18462,7 @@ var ScanCommand = class extends SmCommand {
   }
   /**
    * `--watch` is a thin alias for the `sm watch` verb. Combining
-   * `--watch` with one-shot-only flags is incoherent — the watcher
+   * `--watch` with one-shot-only flags is incoherent, the watcher
    * always persists incrementally over the prior snapshot.
    */
   async runWatchAlias() {
@@ -18055,7 +18596,7 @@ var ScanCompareCommand = class extends SmCommand {
       (default: current directory) using the same pipeline as 'sm scan'
       (built-ins + plugin runtime + layered config + ignore filter),
       and emits the delta between the dump and the fresh scan. The DB
-      is NEVER touched \u2014 this verb is read-only.
+      is NEVER touched; this verb is read-only.
 
       Exit 0 on empty delta (state matches the dump), exit 1 on any
       drift (added / removed / changed nodes, links, or issues), exit
@@ -18289,13 +18830,26 @@ import { spawn as spawn2 } from "child_process";
 import { existsSync as existsSync26 } from "fs";
 import { Command as Command33, Option as Option31 } from "clipanion";
 
+// cli/util/browser-launch.ts
+function validateBrowserUrl(url) {
+  if (typeof url !== "string" || url.length === 0) return false;
+  const FORBIDDEN_META = /["&|^<>%]/;
+  if (FORBIDDEN_META.test(url)) return false;
+  for (let i = 0; i < url.length; i++) {
+    const code = url.charCodeAt(i);
+    if (code <= 31 || code === 127) return false;
+  }
+  return true;
+}
+
 // server/index.ts
 import { serve } from "@hono/node-server";
 import { WebSocketServer } from "ws";
 
 // server/app.ts
 import { Hono } from "hono";
-import { HTTPException as HTTPException12 } from "hono/http-exception";
+import { bodyLimit } from "hono/body-limit";
+import { HTTPException as HTTPException13 } from "hono/http-exception";
 
 // core/config/service.ts
 var ConfigService = class {
@@ -18306,7 +18860,7 @@ var ConfigService = class {
   }
   /**
    * Return the cached `ILoadedConfig` (loading on first call).
-   * Subsequent calls return the same object reference — callers
+   * Subsequent calls return the same object reference, callers
    * MUST treat it as read-only.
    */
   get() {
@@ -18321,7 +18875,7 @@ var ConfigService = class {
     return this.#cache;
   }
   /**
-   * Sugar for `this.get().effective` — the most common consumer pattern
+   * Sugar for `this.get().effective`, the most common consumer pattern
    * (the `sources` / `warnings` slots are only relevant to the
    * `GET /api/config` and `sm config show` paths).
    */
@@ -18341,19 +18895,19 @@ var ConfigService = class {
 
 // server/i18n/server.texts.ts
 var SERVER_TEXTS = {
-  // Boot banner — printed by the server itself when it begins to listen.
+  // Boot banner, printed by the server itself when it begins to listen.
   // The CLI verb `sm serve` formats its own boot banner separately
   // (SERVE_TEXTS.boot) so the two surfaces can diverge if needed.
   listening: "skill-map server listening on http://{{host}}:{{port}}\n",
-  // UI bundle missing — non-fatal when the path was auto-resolved (the
+  // UI bundle missing, non-fatal when the path was auto-resolved (the
   // server keeps running with an inline placeholder at `/`). Becomes
   // ExitCode.Error when `--ui-dist <path>` was explicit.
-  uiBundleMissing: 'skill-map server: UI bundle not found at {{path}} \u2014 serving inline placeholder at "/" (run "npm run build --workspace=ui" to populate).\n',
-  // Loopback-only deprecation hint — Decision #119. Logged once at boot
+  uiBundleMissing: 'skill-map server: UI bundle not found at {{path}} (serving inline placeholder at "/", run "npm run build --workspace=ui" to populate).\n',
+  // Loopback-only deprecation hint, Decision #119. Logged once at boot
   // when `--host` resolves to a non-loopback address. Multi-host serve
   // re-opens post-v0.6.0.
-  hostNonLoopbackHint: "skill-map server: --host {{host}} is non-loopback \u2014 through v0.6.0 the BFF assumes loopback-only (no auth). See Decision #119 in ROADMAP.\n",
-  // Shutdown trace — printed by the close path so test runs that bring
+  hostNonLoopbackHint: "skill-map server: --host {{host}} is non-loopback (through v0.6.0 the BFF assumes loopback-only, no auth). See Decision #119 in ROADMAP.\n",
+  // Shutdown trace, printed by the close path so test runs that bring
   // the server up and down have a clear marker.
   closed: "skill-map server: closed.\n",
   // ---- error envelope messages (Step 14.2) ---------------------------------
@@ -18361,51 +18915,97 @@ var SERVER_TEXTS = {
   // Hint nudges the user toward `sm scan` so the SPA can call it via the
   // CLI side-by-side with the server.
   dbMissingHint: "No persisted scan available at {{path}}. Run `sm scan` to populate the DB.",
+  // First-stage loopback gate (DNS rebinding + cross-origin defence). The
+  // messages are pre-baked, terse, and shared across every probe so the
+  // response stays opaque (no per-request state leaks). The discriminator
+  // travels on `error.code`; the message is informational only.
+  hostNotAllowed: "Request rejected: Host header is not loopback.",
+  originNotAllowed: "Request rejected: Origin header is not loopback.",
   // `?fresh=1` was requested but the server was booted with --no-built-ins
   // or --no-plugins. A fresh scan with neither pipeline yields an empty /
   // partial result that would surprise the SPA. Reject up front.
   freshScanRequiresPipeline: "?fresh=1 cannot run while the server was started with --no-built-ins or --no-plugins (would yield empty / partial results).",
-  // Unknown formatter on /api/graph — the user asked for a `format` value
+  // Unknown formatter on /api/graph, the user asked for a `format` value
   // that no registered formatter advertises. Mirrors `sm graph`'s message.
   graphUnknownFormat: 'Unknown graph format "{{format}}". Available: {{available}}.',
   // Pagination caps on /api/nodes.
   paginationLimitTooLarge: "limit={{value}} exceeds the maximum of {{max}}.",
   paginationInvalidInteger: "{{name}}={{value}} is not a non-negative integer.",
+  // Required-query-param miss (used by `parseRequiredString`). The
+  // route names the offending parameter so the operator gets a useful
+  // 400 instead of a generic "missing input".
+  queryRequiredString: "Required query parameter: {{name}}.",
+  // Malformed URL-path segment on a route whose params follow the
+  // qualified-id alphabet (`[A-Za-z0-9._-]`). Surfaces on the
+  // contributions lookup route (`/api/contributions/:pluginId/:extensionId/:contributionId`)
+  // so a request with a slash, space, or control char in any segment
+  // returns 400 before the kernel lookup.
+  qualifiedIdMalformed: '{{name}}="{{value}}" is not a valid qualified-id segment ([A-Za-z0-9._-]+).',
+  // 404 envelope for `/api/contributions/:pluginId/:extensionId/:contributionId`
+  // when the catalog has no matching entry. Interpolates the full
+  // triple so the SPA / operator can see which qualified id missed.
+  contributionUnknown: "No registered contribution: {{pluginId}}/{{extensionId}}/{{contributionId}}.",
+  // 400 envelope on /api/graph when `?format=` arrives with an invalid
+  // shape (too long, or characters outside the formatter-id alphabet).
+  // Caught BEFORE the registry lookup so a hostile value never reaches
+  // the formatter table.
+  graphFormatMalformed: 'format="{{value}}" is not a valid formatter id (lowercase a-z, 0-9, hyphen, max 32 chars).',
+  // POST /api/scan + GET /api/scan?fresh=1, the runner returned a
+  // `guard-trip` outcome (an idempotency / safety latch in the kernel).
+  // Surfaced as a 500 with the offending row-count.
+  scanGuardTrip: "scan refused (existing rows: {{existing}})",
+  freshScanGuardTrip: "fresh scan refused (existing rows: {{existing}})",
   // Node lookup miss on /api/nodes/:pathB64. Both the missing-node and
-  // the malformed-pathB64 cases funnel here — the client experience is
+  // the malformed-pathB64 cases funnel here, the client experience is
   // the same (the resource isn't there).
   nodeNotFound: 'No node with path "{{path}}".',
-  pathB64Malformed: "Malformed pathB64 \u2014 not a valid base64url-encoded node.path.",
+  pathB64Malformed: "Malformed pathB64, not a valid base64url-encoded node.path.",
   // ---- WS broadcaster + watcher (Step 14.4.a) ------------------------------
   // Logged once on watcher boot after chokidar's initial walk completes.
   // Marks the broadcaster as armed and the live event stream as flowing.
   watcherReady: 'skill-map server: watcher ready (roots="{{roots}}", debounceMs={{debounceMs}}).\n',
-  // Watcher boot failure inside `createServer`. Non-fatal — the REST
+  // Watcher boot failure inside `createServer`. Non-fatal, the REST
   // surface stays alive so the operator can fix the underlying issue
   // (config, plugin, FS permission) and restart.
-  watcherBootFailed: "skill-map server: watcher boot failed \u2014 {{message}}. /api/* still serving; pass --no-watcher to silence this on the next boot.\n",
+  watcherBootFailed: "skill-map server: watcher boot failed ({{message}}). /api/* still serving; pass --no-watcher to silence this on the next boot.\n",
   // Per-batch failure inside the watcher's scan+persist pipeline. The
-  // watcher loop continues — a transient FS error must not kill the
+  // watcher loop continues, a transient FS error must not kill the
   // broadcaster.
-  watcherBatchFailed: "skill-map server: watcher batch failed \u2014 {{message}}.\n",
+  watcherBatchFailed: "skill-map server: watcher batch failed ({{message}}).\n",
   // chokidar surfaced an error. The watcher stays open per IFsWatcher's
   // contract; the BFF also broadcasts a `watcher.error` advisory so the
   // SPA can surface it in the live event log.
-  watcherError: "skill-map server: watcher error \u2014 {{message}}.\n",
+  watcherError: "skill-map server: watcher error ({{message}}).\n",
   // chokidar.close() rejected during graceful shutdown. Logged but not
-  // surfaced — close() is best-effort and idempotent.
-  watcherCloseFailed: "skill-map server: watcher close failed \u2014 {{message}}.\n",
+  // surfaced, close() is best-effort and idempotent.
+  watcherCloseFailed: "skill-map server: watcher close failed ({{message}}).\n",
+  // ---- body-limit middleware (app.ts, audit M4) ---------------------------
+  // 413 envelope when a request body exceeds the global `BODY_LIMIT_BYTES`
+  // cap. The discriminator travels on `error.code` (`payload-too-large`);
+  // the message is informational only and names the byte cap so the
+  // operator / SPA log can correlate without re-reading the source.
+  bodyTooLarge: "Request body exceeds the {{maxBytes}}-byte limit.",
+  // ---- onError fall-through (app.ts, audit L3) ----------------------------
+  // 500 envelope for any throw that doesn't match a known mapped subclass
+  // (DbMissingError, BulkValidationError, LoopbackGateError, HTTPException,
+  // ExportQueryError, EConsentRequiredError). The raw err.message often
+  // carries kernel detail (absolute paths, registry-probe hostnames),
+  // so we redact the human-readable text to a generic constant and route
+  // the real detail to log.warn instead. The envelope `code` stays
+  // `internal`; `details` stays `null`. Operators see the full message
+  // on stderr / log file via the BFF's logger.
+  internalError: "internal error",
   // ---- catch-all 404 envelopes (app.ts) ------------------------------------
-  // `/api/*` catch-all — request hit the API namespace but no route
+  // `/api/*` catch-all, request hit the API namespace but no route
   // matched. The path is interpolated so the operator (and the SPA)
   // can see exactly which endpoint was queried.
   unknownApiEndpoint: "Unknown API endpoint: {{path}}.",
-  // Hono's `app.notFound` fallback — every other unmatched path funnels
+  // Hono's `app.notFound` fallback, every other unmatched path funnels
   // here (after static + SPA fallback have had their turn).
   unknownPath: "Not found: {{path}}.",
   // ---- sidecar bump route (routes/sidecar.ts) ------------------------------
   // 409 refusal when a fresh node is bumped without `force`. The
-  // `sidecar-fresh:` prefix is load-bearing — the UI pattern-matches
+  // `sidecar-fresh:` prefix is load-bearing, the UI pattern-matches
   // it (the global `app.onError` already maps HTTP 409 to the
   // `sidecar-fresh` envelope `code`, so the prefix is for log-grep
   // affinity with the CLI's bump verb).
@@ -18425,41 +19025,41 @@ var SERVER_TEXTS = {
    * `ConfirmationService` dialog explaining `.sm` writes; on accept
    * it retries with `confirm: true` in the body.
    */
-  sidecarConsentRequired: "consent required to write .sm sidecar files in this project. Retry with `confirm: true` to grant (writes to .skill-map/settings.local.json \u2014 gitignored).",
+  sidecarConsentRequired: "consent required to write .sm sidecar files in this project. Retry with `confirm: true` to grant (writes to .skill-map/settings.local.json, gitignored).",
   // 500 envelope when the built-in bump action ships without an
-  // `invoke()` — should be impossible in production but the route
+  // `invoke()`, should be impossible in production but the route
   // throws a typed envelope rather than a bare `Error` so the global
   // `app.onError` can format it.
   sidecarBumpInvokeMissing: "built-in bump action is missing its invoke().",
   // ---- POST /api/scan (manual refresh) ------------------------------------
-  // 400 — runtime cannot persist a meaningful scan because the boot
+  // 400, runtime cannot persist a meaningful scan because the boot
   // dropped half the pipeline. Same gate the `?fresh=1` GET applies.
   scanPostRequiresFullPipeline: "POST /api/scan cannot run while the server was started with --no-built-ins or --no-plugins (would persist a partial DB).",
-  // 409 — another scan (watcher batch or another POST) is in flight.
+  // 409, another scan (watcher batch or another POST) is in flight.
   // The `scan-busy:` prefix is load-bearing: HTTP 409 maps to
   // `scan-busy` in `app.onError`'s `codeForStatus`, but the prefix
   // keeps log-grep affinity with the CLI's `sm scan` verb.
   scanPostBusy: "scan-busy: Another scan is already in flight; retry once it finishes.",
-  // 500 — DB missing on a write path. Read paths degrade to empty
+  // 500, DB missing on a write path. Read paths degrade to empty
   // shapes; mutations cannot persist without a DB so they fail fast.
   scanPostDbMissing: "Cannot persist scan: project DB not found. Run `sm scan` once or pass --db <path>.",
   // ---- plugins toggle route (routes/plugins.ts) ---------------------------
-  // 400 envelopes from `parsePluginPatchBody` — every branch keeps its
+  // 400 envelopes from `parsePluginPatchBody`, every branch keeps its
   // own key so the UI can disambiguate without regex on the message.
   pluginsBodyNotJson: "Request body must be valid JSON.",
   pluginsBodyNotObject: "Request body must be a JSON object.",
   pluginsEnabledRequired: "`enabled` is required and must be a boolean.",
-  // 400 — granularity mismatch. Two flavours so the message is useful
+  // 400, granularity mismatch. Two flavours so the message is useful
   // when the operator hits the wrong route by hand.
   pluginsGranularityExtensionExpected: 'Plugin "{{id}}" has granularity:"extension"; toggle individual extensions via PATCH /api/plugins/{{id}}/extensions/<extensionId>.',
   pluginsGranularityBundleExpected: 'Plugin "{{id}}" has granularity:"bundle"; toggle the whole bundle via PATCH /api/plugins/{{id}}.',
-  // 404 — unknown plugin / extension.
+  // 404, unknown plugin / extension.
   pluginsUnknown: 'No plugin with id "{{id}}".',
   pluginsExtensionUnknown: 'Plugin "{{bundleId}}" has no extension named "{{extensionId}}".',
-  // 500 — DB missing on a write path. Read paths degrade to empty
+  // 500, DB missing on a write path. Read paths degrade to empty
   // shapes, but mutations cannot persist without a DB so they fail fast.
   pluginsDbMissing: "Cannot persist plugin override: project DB not found at {{path}}. Run `sm scan` first or pass --db <path>.",
-  // 403 — host-enforced lock from `src/server/locked-plugins.ts`. The
+  // 403, host-enforced lock from `src/server/locked-plugins.ts`. The
   // bundle (or qualified extension) is in the hardcoded lock-list and
   // its enabled state is fixed; the UI mirrors the same rule by
   // disabling the toggle.
@@ -18475,7 +19075,7 @@ var SERVER_TEXTS = {
   //
   // GET / PATCH /api/preferences. The PATCH body is shaped
   //   `{ updateCheck?: { enabled?: boolean } }`
-  // — additive: future user-only preferences (locale, theme) extend the
+  // additive: future user-only preferences (locale, theme) extend the
   // shape under their own sub-key. Each error keeps its own message
   // key so the UI can disambiguate without regex on the body.
   preferencesBodyNotJson: "Request body must be valid JSON.",
@@ -18506,15 +19106,69 @@ var SERVER_TEXTS = {
   wsBackpressureEvicted: "skill-map server: ws client evicted (bufferedAmount={{buffered}} > threshold={{threshold}}).\n",
   // `WebSocket.send()` threw on a registered client. The client is
   // unregistered; the broadcast continues with the remaining clients.
-  wsClientSendFailed: "skill-map server: ws send failed \u2014 {{message}}.\n",
+  wsClientSendFailed: "skill-map server: ws send failed ({{message}}).\n",
   // `JSON.stringify(envelope)` threw inside `broadcast()`. The event is
   // dropped. Per spec/job-events.md §Error handling, the right shape
   // is a synthetic `emitter.error` event; v14.4.a does not yet route
   // it through the broadcaster (would re-enter the same stringify
   // path), so we degrade to a logged warning.
-  wsBroadcastSerializeFailed: "skill-map server: ws broadcast dropped \u2014 failed to serialize event: {{message}}.\n"
+  wsBroadcastSerializeFailed: "skill-map server: ws broadcast dropped, failed to serialize event: {{message}}.\n"
 };
 
+// server/loopback-gate.ts
+var LOOPBACK_HOSTNAMES = /* @__PURE__ */ new Set([
+  "127.0.0.1",
+  "::1",
+  "localhost"
+]);
+function createLoopbackGate(_opts) {
+  return async function loopbackGate(c, next) {
+    if (!hostAllowed(c.req.header("host"))) {
+      throw new LoopbackGateError({
+        code: "host-not-allowed",
+        message: SERVER_TEXTS.hostNotAllowed
+      });
+    }
+    if (originGuarded(c.req.path) && !originAllowed(c.req.header("origin"))) {
+      throw new LoopbackGateError({
+        code: "origin-not-allowed",
+        message: SERVER_TEXTS.originNotAllowed
+      });
+    }
+    await next();
+  };
+}
+function hostAllowed(host) {
+  if (host === void 0 || host === "") return true;
+  return LOOPBACK_HOSTNAMES.has(hostnameOf(host));
+}
+function originAllowed(origin) {
+  if (origin === void 0 || origin === "") return true;
+  if (origin.toLowerCase() === "null") return true;
+  try {
+    const url = new URL(origin);
+    if (url.protocol !== "http:" && url.protocol !== "https:") return false;
+    return LOOPBACK_HOSTNAMES.has(url.hostname.toLowerCase());
+  } catch {
+    return false;
+  }
+}
+function hostnameOf(host) {
+  const lower = host.toLowerCase();
+  if (lower.startsWith("[")) {
+    const close = lower.indexOf("]");
+    if (close < 0) return lower;
+    return lower.slice(1, close);
+  }
+  const colon = lower.indexOf(":");
+  return colon < 0 ? lower : lower.slice(0, colon);
+}
+function originGuarded(path) {
+  if (path === "/ws") return true;
+  if (path.startsWith("/api/")) return true;
+  return false;
+}
+
 // server/routes/annotations.ts
 var ENVELOPE_KIND = "annotations.registered";
 function registerAnnotationsRoute(app, deps) {
@@ -18531,6 +19185,63 @@ function registerAnnotationsRoute(app, deps) {
 }
 
 // server/routes/contributions.ts
+import { HTTPException as HTTPException2 } from "hono/http-exception";
+
+// server/util/parse-query.ts
+import { HTTPException } from "hono/http-exception";
+function parseCsv(value) {
+  if (value === void 0) return [];
+  return value.split(",").map((s) => s.trim()).filter((s) => s.length > 0);
+}
+function parsePagination(query, defaults) {
+  const offset = parseNonNegativeInt(query.offset, "offset", 0);
+  const limit = parseNonNegativeInt(query.limit, "limit", defaults.limit);
+  if (limit > defaults.max) {
+    throw new HTTPException(400, {
+      message: tx(SERVER_TEXTS.paginationLimitTooLarge, {
+        value: limit,
+        max: defaults.max
+      })
+    });
+  }
+  return { offset, limit };
+}
+function parseBooleanFlag(value) {
+  return value === "1" || value === "true";
+}
+function parseRequiredString(value, name) {
+  if (typeof value !== "string" || value.length === 0) {
+    throw new HTTPException(400, {
+      message: tx(SERVER_TEXTS.queryRequiredString, { name })
+    });
+  }
+  return value;
+}
+function parseNonNegativeInt(raw, name, fallback) {
+  if (raw === void 0 || raw.length === 0) return fallback;
+  const trimmed = raw.trim();
+  const parsed = Number.parseInt(trimmed, 10);
+  if (!Number.isInteger(parsed) || parsed < 0 || String(parsed) !== trimmed) {
+    throw new HTTPException(400, {
+      message: tx(SERVER_TEXTS.paginationInvalidInteger, { name, value: raw })
+    });
+  }
+  return parsed;
+}
+
+// server/routes/contributions.ts
+var QUALIFIED_ID_SEGMENT = /^[A-Za-z0-9._-]+$/;
+function parseQualifiedIdSegment(value, name) {
+  if (!QUALIFIED_ID_SEGMENT.test(value)) {
+    throw new HTTPException2(400, {
+      message: tx(SERVER_TEXTS.qualifiedIdMalformed, {
+        name,
+        value: sanitizeForTerminal(value)
+      })
+    });
+  }
+  return value;
+}
 var REGISTERED_ENVELOPE_KIND = "contributions.registered";
 function registerContributionsRoutes(app, deps) {
   app.get("/api/contributions/registered", (c) => {
@@ -18544,27 +19255,21 @@ function registerContributionsRoutes(app, deps) {
     return c.json(envelope);
   });
   app.get("/api/contributions/:pluginId/:extensionId/:contributionId", async (c) => {
-    const pluginId = c.req.param("pluginId");
-    const extensionId = c.req.param("extensionId");
-    const contributionId = c.req.param("contributionId");
-    const nodePath = c.req.query("path");
-    if (typeof nodePath !== "string" || nodePath.length === 0) {
-      return c.json(
-        { error: "missing-path", message: "Required query parameter: path" },
-        400
-      );
-    }
+    const pluginId = parseQualifiedIdSegment(c.req.param("pluginId"), "pluginId");
+    const extensionId = parseQualifiedIdSegment(c.req.param("extensionId"), "extensionId");
+    const contributionId = parseQualifiedIdSegment(c.req.param("contributionId"), "contributionId");
+    const nodePath = parseRequiredString(c.req.query("path"), "path");
     const catalogEntry = deps.kernel.getRegisteredViewContributions().find(
       (e) => e.pluginId === pluginId && e.extensionId === extensionId && e.contributionId === contributionId
     );
     if (!catalogEntry) {
-      return c.json(
-        {
-          error: "unknown-contribution",
-          message: `No registered contribution: ${pluginId}/${extensionId}/${contributionId}`
-        },
-        404
-      );
+      throw new HTTPException2(404, {
+        message: tx(SERVER_TEXTS.contributionUnknown, {
+          pluginId: sanitizeForTerminal(pluginId),
+          extensionId: sanitizeForTerminal(extensionId),
+          contributionId: sanitizeForTerminal(contributionId)
+        })
+      });
     }
     const rows = await tryWithSqlite(
       { databasePath: deps.options.dbPath, autoBackup: false },
@@ -18589,7 +19294,7 @@ function registerContributionsRoutes(app, deps) {
 }
 
 // server/routes/config.ts
-import { HTTPException } from "hono/http-exception";
+import { HTTPException as HTTPException3 } from "hono/http-exception";
 
 // server/envelope.ts
 var REST_ENVELOPE_SCHEMA_VERSION = "1";
@@ -18626,7 +19331,7 @@ function registerConfigRoute(app, deps) {
     try {
       loaded = deps.configService.get();
     } catch (err) {
-      throw new HTTPException(500, { message: formatErrorMessage(err) });
+      throw new HTTPException3(500, { message: formatErrorMessage(err) });
     }
     for (const warn of loaded.warnings) {
       log.warn(sanitizeForTerminal(warn));
@@ -18636,7 +19341,7 @@ function registerConfigRoute(app, deps) {
 }
 
 // server/routes/favorites.ts
-import { HTTPException as HTTPException2 } from "hono/http-exception";
+import { HTTPException as HTTPException4 } from "hono/http-exception";
 
 // server/path-codec.ts
 var PathCodecError = class extends Error {
@@ -18676,7 +19381,7 @@ function registerFavoritesRoutes(app, deps) {
       }
     );
     if (!result || !result.found) {
-      throw new HTTPException2(404, {
+      throw new HTTPException4(404, {
         message: tx(SERVER_TEXTS.nodeNotFound, { path: nodePath })
       });
     }
@@ -18696,18 +19401,30 @@ function decodePath(pathB64) {
     return decodeNodePath(pathB64);
   } catch (err) {
     if (err instanceof PathCodecError) {
-      throw new HTTPException2(404, { message: SERVER_TEXTS.pathB64Malformed });
+      throw new HTTPException4(404, { message: SERVER_TEXTS.pathB64Malformed });
     }
     throw err;
   }
 }
 
 // server/routes/graph.ts
-import { HTTPException as HTTPException3 } from "hono/http-exception";
+import { HTTPException as HTTPException5 } from "hono/http-exception";
 var DEFAULT_FORMAT2 = "ascii";
+var FORMAT_ID_PATTERN = /^[a-z0-9-]+$/;
+var FORMAT_ID_MAX = 32;
 function registerGraphRoute(app, deps) {
   app.get("/api/graph", async (c) => {
     const format = c.req.query("format") ?? DEFAULT_FORMAT2;
+    if (format.length > FORMAT_ID_MAX || !FORMAT_ID_PATTERN.test(format)) {
+      throw new HTTPException5(400, {
+        // Sanitize defensively, the regex above already rejects ANSI
+        // and control bytes, but the message interpolates user input
+        // and the BFF mirrors error envelopes into the server log.
+        message: tx(SERVER_TEXTS.graphFormatMalformed, {
+          value: sanitizeForTerminal(format)
+        })
+      });
+    }
     const formatters = composeFormatters({
       noBuiltIns: deps.options.noBuiltIns,
       pluginRuntime: deps.pluginRuntime
@@ -18715,7 +19432,7 @@ function registerGraphRoute(app, deps) {
     const formatter = formatters.find((f) => f.formatId === format);
     if (!formatter) {
       const available = formatters.map((f) => f.formatId).sort().join(", ");
-      throw new HTTPException3(400, {
+      throw new HTTPException5(400, {
         message: tx(SERVER_TEXTS.graphUnknownFormat, {
           format,
           available: available || "(none)"
@@ -18726,16 +19443,23 @@ function registerGraphRoute(app, deps) {
       { databasePath: deps.options.dbPath, autoBackup: false },
       (adapter) => adapter.scans.load()
     );
-    const scan = loaded ?? { nodes: [], links: [], issues: [] };
-    const text = formatter.format({
-      nodes: scan.nodes,
-      links: scan.links,
-      issues: scan.issues
-    });
+    const text = renderGraphPayload(formatter, loaded);
     const body = text.endsWith("\n") ? text : text + "\n";
     return c.body(body, 200, { "content-type": contentTypeFor(format) });
   });
 }
+function renderGraphPayload(formatter, loaded) {
+  const scan = loaded ?? { nodes: [], links: [], issues: [] };
+  if (loaded === null) {
+    return formatter.format({ nodes: scan.nodes, links: scan.links, issues: scan.issues });
+  }
+  return formatter.format({
+    nodes: scan.nodes,
+    links: scan.links,
+    issues: scan.issues,
+    scanResult: loaded
+  });
+}
 function contentTypeFor(format) {
   if (format === "json") return "application/json; charset=utf-8";
   if (format === "md" || format === "markdown" || format === "mermaid") {
@@ -18801,67 +19525,41 @@ function registerHealthRoute(app, deps) {
   });
 }
 
-// server/util/parse-query.ts
-import { HTTPException as HTTPException4 } from "hono/http-exception";
-function parseCsv(value) {
-  if (value === void 0) return [];
-  return value.split(",").map((s) => s.trim()).filter((s) => s.length > 0);
-}
-function parsePagination(query, defaults) {
-  const offset = parseNonNegativeInt(query.offset, "offset", 0);
-  const limit = parseNonNegativeInt(query.limit, "limit", defaults.limit);
-  if (limit > defaults.max) {
-    throw new HTTPException4(400, {
-      message: tx(SERVER_TEXTS.paginationLimitTooLarge, {
-        value: limit,
-        max: defaults.max
-      })
-    });
-  }
-  return { offset, limit };
-}
-function parseBooleanFlag(value) {
-  return value === "1" || value === "true";
-}
-function parseNonNegativeInt(raw, name, fallback) {
-  if (raw === void 0 || raw.length === 0) return fallback;
-  const trimmed = raw.trim();
-  const parsed = Number.parseInt(trimmed, 10);
-  if (!Number.isInteger(parsed) || parsed < 0 || String(parsed) !== trimmed) {
-    throw new HTTPException4(400, {
-      message: tx(SERVER_TEXTS.paginationInvalidInteger, { name, value: raw })
-    });
-  }
-  return parsed;
-}
-
 // server/routes/issues.ts
+var DEFAULT_LIMIT = 100;
+var MAX_LIMIT = 1e3;
 function registerIssuesRoute(app, deps) {
   app.get("/api/issues", async (c) => {
     const severityFilter = parseCsv(c.req.query("severity"));
     const analyzerFilter = parseCsv(c.req.query("analyzerId"));
     const nodePath = c.req.query("node") ?? null;
-    const loaded = await tryWithSqlite(
+    const { offset, limit } = parsePagination(c.req.query(), {
+      limit: DEFAULT_LIMIT,
+      max: MAX_LIMIT
+    });
+    const result = await tryWithSqlite(
       { databasePath: deps.options.dbPath, autoBackup: false },
-      (adapter) => adapter.issues.listAll()
+      (adapter) => adapter.issues.list({
+        severities: severityFilter,
+        analyzerIds: analyzerFilter,
+        nodePath,
+        offset,
+        limit
+      })
     );
-    const allIssues = loaded ?? [];
-    const filtered = allIssues.filter((issue) => {
-      if (severityFilter.length > 0 && !severityFilter.includes(issue.severity)) return false;
-      if (analyzerFilter.length > 0 && !matchesAnalyzerFilter(issue.analyzerId, analyzerFilter)) return false;
-      if (nodePath !== null && !issue.nodeIds.includes(nodePath)) return false;
-      return true;
-    });
+    const items = result?.items ?? [];
+    const total = result?.total ?? 0;
     return c.json(
       buildListEnvelope({
         kind: "issues",
-        items: filtered,
+        items,
         filters: {
           severity: severityFilter.length > 0 ? severityFilter : null,
           analyzerId: analyzerFilter.length > 0 ? analyzerFilter : null,
           node: nodePath
         },
-        total: filtered.length,
+        total,
+        page: { offset, limit },
         kindRegistry: deps.kindRegistry,
         contributionsRegistry: deps.contributionsRegistry
       })
@@ -18904,7 +19602,7 @@ function registerLinksRoute(app, deps) {
 }
 
 // server/routes/nodes.ts
-import { HTTPException as HTTPException5 } from "hono/http-exception";
+import { HTTPException as HTTPException6 } from "hono/http-exception";
 
 // server/node-body.ts
 import { readFile as readFile4 } from "fs/promises";
@@ -18990,8 +19688,8 @@ function splitCsv(raw) {
 }
 
 // server/routes/nodes.ts
-var DEFAULT_LIMIT = 100;
-var MAX_LIMIT = 1e3;
+var DEFAULT_LIMIT2 = 100;
+var MAX_LIMIT2 = 1e3;
 var BFF_MAX_BULK_CONTRIBUTIONS = 200;
 function registerNodesRoutes(app, deps) {
   app.get("/api/nodes/:pathB64", async (c) => {
@@ -19001,7 +19699,7 @@ function registerNodesRoutes(app, deps) {
       nodePath = decodeNodePath(pathB64);
     } catch (err) {
       if (err instanceof PathCodecError) {
-        throw new HTTPException5(404, { message: SERVER_TEXTS.pathB64Malformed });
+        throw new HTTPException6(404, { message: SERVER_TEXTS.pathB64Malformed });
       }
       throw err;
     }
@@ -19033,7 +19731,7 @@ function registerNodesRoutes(app, deps) {
     const contributions = result?.contributions ?? [];
     const tags = result?.tags ?? { byAuthor: [], byUser: [] };
     if (!bundle) {
-      throw new HTTPException5(404, {
+      throw new HTTPException6(404, {
         message: tx(SERVER_TEXTS.nodeNotFound, { path: nodePath })
       });
     }
@@ -19054,8 +19752,8 @@ function registerNodesRoutes(app, deps) {
     const params = new URL(c.req.url).searchParams;
     const { query, filters } = urlParamsToExportQuery(params);
     const { offset, limit } = parsePagination(c.req.query(), {
-      limit: DEFAULT_LIMIT,
-      max: MAX_LIMIT
+      limit: DEFAULT_LIMIT2,
+      max: MAX_LIMIT2
     });
     const opened = await tryWithSqlite(
       { databasePath: deps.options.dbPath, autoBackup: false },
@@ -19150,11 +19848,11 @@ async function groupContributionsByPath(rows) {
 }
 
 // server/routes/plugins.ts
-import { HTTPException as HTTPException7 } from "hono/http-exception";
+import { HTTPException as HTTPException8 } from "hono/http-exception";
 
 // server/util/parse-body.ts
 import { Ajv2020 as Ajv20207 } from "ajv/dist/2020.js";
-import { HTTPException as HTTPException6 } from "hono/http-exception";
+import { HTTPException as HTTPException7 } from "hono/http-exception";
 function makeBodyValidator(schema, messages) {
   const ajv = new Ajv20207({ strict: false, allErrors: false });
   const validate = ajv.compile(schema);
@@ -19163,16 +19861,16 @@ function makeBodyValidator(schema, messages) {
     try {
       raw = await req.json();
     } catch {
-      throw new HTTPException6(400, { message: messages.notJson });
+      throw new HTTPException7(400, { message: messages.notJson });
     }
     if (raw === null || typeof raw !== "object" || Array.isArray(raw)) {
-      throw new HTTPException6(400, { message: messages.notObject });
+      throw new HTTPException7(400, { message: messages.notObject });
     }
     if (validate(raw)) {
       return raw;
     }
     const message = resolveErrorMessage(validate.errors, messages);
-    throw new HTTPException6(400, { message });
+    throw new HTTPException7(400, { message });
   };
 }
 function resolveErrorMessage(errors, messages) {
@@ -19272,23 +19970,23 @@ function registerPluginsRoute(app, deps) {
   app.patch("/api/plugins/:id", async (c) => {
     const id = c.req.param("id");
     if (id.includes("/")) {
-      throw new HTTPException7(400, {
+      throw new HTTPException8(400, {
         message: tx(SERVER_TEXTS.pluginsGranularityExtensionExpected, { id })
       });
     }
     const handle = findHandle(id, deps);
     if (!handle) {
-      throw new HTTPException7(404, {
+      throw new HTTPException8(404, {
         message: tx(SERVER_TEXTS.pluginsUnknown, { id })
       });
     }
     if (granularityOf(handle) !== "bundle") {
-      throw new HTTPException7(400, {
+      throw new HTTPException8(400, {
         message: tx(SERVER_TEXTS.pluginsGranularityExtensionExpected, { id })
       });
     }
     if (isPluginLocked(id)) {
-      throw new HTTPException7(403, {
+      throw new HTTPException8(403, {
         message: tx(SERVER_TEXTS.pluginsLocked, { id })
       });
     }
@@ -19300,23 +19998,23 @@ function registerPluginsRoute(app, deps) {
     const extensionId = c.req.param("extensionId");
     const handle = findHandle(bundleId, deps);
     if (!handle) {
-      throw new HTTPException7(404, {
+      throw new HTTPException8(404, {
         message: tx(SERVER_TEXTS.pluginsUnknown, { id: bundleId })
       });
     }
     if (granularityOf(handle) !== "extension") {
-      throw new HTTPException7(400, {
+      throw new HTTPException8(400, {
         message: tx(SERVER_TEXTS.pluginsGranularityBundleExpected, { id: bundleId })
       });
     }
     if (!hasExtension(handle, extensionId)) {
-      throw new HTTPException7(404, {
+      throw new HTTPException8(404, {
         message: tx(SERVER_TEXTS.pluginsExtensionUnknown, { bundleId, extensionId })
       });
     }
     const qualified = qualifiedExtensionId(bundleId, extensionId);
     if (isPluginLocked(qualified) || isPluginLocked(bundleId)) {
-      throw new HTTPException7(403, {
+      throw new HTTPException8(403, {
         message: tx(SERVER_TEXTS.pluginsExtensionLocked, { bundleId, extensionId })
       });
     }
@@ -19328,17 +20026,12 @@ function registerPluginsRoute(app, deps) {
     for (const change of changes) {
       const failure = validateBulkChange(change, deps);
       if (failure !== null) {
-        return c.json(
-          {
-            ok: false,
-            error: {
-              code: failure.code,
-              message: failure.message,
-              details: { id: change.id }
-            }
-          },
-          failure.status
-        );
+        throw new BulkValidationError({
+          status: failure.status,
+          code: failure.code,
+          message: failure.message,
+          id: change.id
+        });
       }
     }
     return await persistBulkAndProject(c, deps, changes);
@@ -19473,16 +20166,8 @@ async function applyChangeToAdapter(adapter, configKey, enabled) {
 }
 function projectListResponse(c, deps, overrides) {
   if (overrides === null) {
-    return c.json(
-      {
-        ok: false,
-        error: {
-          code: "db-missing",
-          message: tx(SERVER_TEXTS.pluginsDbMissing, { path: deps.options.dbPath }),
-          details: null
-        }
-      },
-      500
+    throw new DbMissingError(
+      tx(SERVER_TEXTS.pluginsDbMissing, { path: deps.options.dbPath })
     );
   }
   const freshResolver = composeResolver2(deps, overrides);
@@ -19598,7 +20283,7 @@ function hasExtension(handle, extensionId) {
 }
 
 // server/routes/preferences.ts
-import { HTTPException as HTTPException8 } from "hono/http-exception";
+import { HTTPException as HTTPException9 } from "hono/http-exception";
 function registerPreferencesRoute(app, deps) {
   app.get("/api/preferences", (c) => {
     return c.json(buildEnvelope(deps));
@@ -19631,7 +20316,7 @@ function applyPatch(deps, body) {
       });
       wrote = true;
     } catch (err) {
-      throw new HTTPException8(400, {
+      throw new HTTPException9(400, {
         message: tx(SERVER_TEXTS.preferencesPersistFailed, {
           message: formatErrorMessage(err)
         })
@@ -19666,7 +20351,7 @@ var parsePatchBody2 = makeBodyValidator(PATCH_BODY_SCHEMA, {
 });
 
 // server/routes/project-preferences.ts
-import { HTTPException as HTTPException9 } from "hono/http-exception";
+import { HTTPException as HTTPException10 } from "hono/http-exception";
 function registerProjectPreferencesRoute(app, deps) {
   app.get("/api/project-preferences", (c) => {
     return c.json(buildEnvelope2(deps));
@@ -19705,7 +20390,7 @@ function applyPatch2(deps, body) {
   const exposures = writes.map((w) => projectPathExposure({ key: w.key, value: w.value, cwd, homedir: homedir4 })).filter((e) => e.expandsSurface);
   if (exposures.length > 0 && body.confirm !== true) {
     const exposed = exposures.flatMap((e) => e.exposedPaths);
-    throw new HTTPException9(412, {
+    throw new HTTPException10(412, {
       message: tx(SERVER_TEXTS.projectPrefsConfirmRequired, {
         paths: exposed.join(", ")
       })
@@ -19716,7 +20401,7 @@ function applyPatch2(deps, body) {
       writeConfigValue(w.key, w.value, { target: "project-local", cwd, homedir: homedir4 });
     } catch (err) {
       const status = err instanceof ConfigValidationError ? 400 : 400;
-      throw new HTTPException9(status, {
+      throw new HTTPException10(status, {
         message: tx(SERVER_TEXTS.projectPrefsPersistFailed, {
           key: w.key,
           message: formatErrorMessage(err)
@@ -19771,7 +20456,7 @@ var parsePatchBody3 = makeBodyValidator(PATCH_BODY_SCHEMA2, {
 });
 
 // server/routes/scan.ts
-import { HTTPException as HTTPException10 } from "hono/http-exception";
+import { HTTPException as HTTPException11 } from "hono/http-exception";
 
 // server/scan-mutex.ts
 var inFlight = null;
@@ -19898,24 +20583,14 @@ function registerScanRoute(app, deps) {
 }
 async function runPersistedScan(c, deps) {
   if (deps.options.noBuiltIns || deps.options.noPlugins) {
-    throw new HTTPException10(400, { message: SERVER_TEXTS.scanPostRequiresFullPipeline });
+    throw new HTTPException11(400, { message: SERVER_TEXTS.scanPostRequiresFullPipeline });
   }
   const dbExists = await tryWithSqlite(
     { databasePath: deps.options.dbPath, autoBackup: false },
     async () => true
   );
   if (dbExists !== true) {
-    return c.json(
-      {
-        ok: false,
-        error: {
-          code: "db-missing",
-          message: SERVER_TEXTS.scanPostDbMissing,
-          details: null
-        }
-      },
-      500
-    );
+    throw new DbMissingError(SERVER_TEXTS.scanPostDbMissing);
   }
   try {
     return await withScanMutex(async () => {
@@ -19937,15 +20612,15 @@ async function runPersistedScan(c, deps) {
         emitterFactory: () => buildBroadcasterEmitter(deps.broadcaster)
       });
       if (outcome.kind !== "ok") {
-        throw new HTTPException10(500, {
-          message: outcome.kind === "guard-trip" ? `scan refused (existing rows: ${outcome.existing})` : outcome.message
+        throw new HTTPException11(500, {
+          message: outcome.kind === "guard-trip" ? tx(SERVER_TEXTS.scanGuardTrip, { existing: outcome.existing }) : outcome.message
         });
       }
       return c.json(outcome.result);
     });
   } catch (err) {
     if (err instanceof ScanBusyError) {
-      throw new HTTPException10(409, { message: SERVER_TEXTS.scanPostBusy });
+      throw new HTTPException11(409, { message: SERVER_TEXTS.scanPostBusy });
     }
     throw err;
   }
@@ -20009,7 +20684,7 @@ function groupTagsBySource2(rows) {
 }
 async function runFreshScan(deps) {
   if (deps.options.noBuiltIns || deps.options.noPlugins) {
-    throw new HTTPException10(400, { message: SERVER_TEXTS.freshScanRequiresPipeline });
+    throw new HTTPException11(400, { message: SERVER_TEXTS.freshScanRequiresPipeline });
   }
   const resolveEnabledOverride = await buildBffResolverOverride(deps);
   const outcome = await runScanForCommand({
@@ -20026,7 +20701,7 @@ async function runFreshScan(deps) {
     // M3: reuse the boot-cached pluginRuntime so a fresh scan over
     // the BFF doesn't re-walk `.skill-map/plugins/` per request. A
     // freshly-installed plugin needs an `sm serve` restart (the rest
-    // of the BFF already classified against the boot snapshot —
+    // of the BFF already classified against the boot snapshot,
     // discovering new plugins here would surface them in scan output
     // but not in `/api/plugins` or the kindRegistry).
     pluginRuntime: deps.pluginRuntime,
@@ -20038,8 +20713,8 @@ async function runFreshScan(deps) {
     printer: bffScanRunnerPrinter
   });
   if (outcome.kind !== "ok") {
-    throw new HTTPException10(500, {
-      message: outcome.kind === "guard-trip" ? `fresh scan refused (existing rows: ${outcome.existing})` : outcome.message
+    throw new HTTPException11(500, {
+      message: outcome.kind === "guard-trip" ? tx(SERVER_TEXTS.freshScanGuardTrip, { existing: outcome.existing }) : outcome.message
     });
   }
   return outcome.result;
@@ -20073,7 +20748,7 @@ function emptyScanResult() {
 }
 
 // server/routes/sidecar.ts
-import { HTTPException as HTTPException11 } from "hono/http-exception";
+import { HTTPException as HTTPException12 } from "hono/http-exception";
 import { resolve as resolve33 } from "path";
 var STATUS_FRESH = "fresh";
 var ENVELOPE_KIND2 = "sidecar.bumped";
@@ -20110,11 +20785,11 @@ function registerSidecarRoutes(app, deps) {
       assertContained(deps.runtimeContext.cwd, node.path);
       absPath = resolve33(deps.runtimeContext.cwd, node.path);
     } catch (err) {
-      throw new HTTPException11(500, { message: formatErrorMessage(err) });
+      throw new HTTPException12(500, { message: formatErrorMessage(err) });
     }
     const result = invokeBump2(node, absPath, body);
     if (result.report.ok === false && result.report.reason === "fresh") {
-      throw new HTTPException11(409, { message: SERVER_TEXTS.sidecarFreshRefusal });
+      throw new HTTPException12(409, { message: SERVER_TEXTS.sidecarFreshRefusal });
     }
     if (result.report.ok === true && result.report.noop === true) {
       const envelope2 = {
@@ -20142,7 +20817,7 @@ function registerSidecarRoutes(app, deps) {
       }
     } catch (err) {
       if (err instanceof EConsentRequiredError) throw err;
-      throw new HTTPException11(500, { message: formatErrorMessage(err) });
+      throw new HTTPException12(500, { message: formatErrorMessage(err) });
     }
     if (body.confirm === true) {
       deps.configService.reload();
@@ -20179,7 +20854,7 @@ async function loadNode(deps, nodePath) {
   );
   const node = persisted?.nodes.find((n) => n.path === nodePath);
   if (!node) {
-    throw new HTTPException11(404, {
+    throw new HTTPException12(404, {
       message: tx(SERVER_TEXTS.nodeNotFound, { path: nodePath })
     });
   }
@@ -20187,7 +20862,7 @@ async function loadNode(deps, nodePath) {
 }
 function invokeBump2(node, absPath, body) {
   if (!bumpAction.invoke) {
-    throw new HTTPException11(500, { message: SERVER_TEXTS.sidecarBumpInvokeMissing });
+    throw new HTTPException12(500, { message: SERVER_TEXTS.sidecarBumpInvokeMissing });
   }
   const input = {};
   if (body.force === true) input.force = true;
@@ -20252,7 +20927,7 @@ var PLACEHOLDER_HTML = `<!doctype html>
   </head>
   <body>
     <h1>skill-map server is running</h1>
-    <p>The UI bundle was not found. If you installed <code>@skill-map/cli</code> from npm, this is a packaging bug \u2014 please report it. If you're developing in the monorepo, run <code>npm run build --workspace=ui</code> from the repo root and restart <code>sm serve</code> (or pass <code>--ui-dist &lt;path&gt;</code> to point at a custom build).</p>
+    <p>The UI bundle was not found. If you installed <code>@skill-map/cli</code> from npm, this is a packaging bug; please report it. If you're developing in the monorepo, run <code>npm run build --workspace=ui</code> from the repo root and restart <code>sm serve</code> (or pass <code>--ui-dist &lt;path&gt;</code> to point at a custom build).</p>
     <p>The REST API is available at <code>/api/health</code>.</p>
   </body>
 </html>
@@ -20271,7 +20946,7 @@ var DEV_PLACEHOLDER_HTML = `<!doctype html>
     </style>
   </head>
   <body>
-    <h1>skill-map BFF in dev mode \u2014 UI disabled</h1>
+    <h1>skill-map BFF in dev mode (UI disabled)</h1>
     <p>Run <code>npm run ui:dev</code> in another terminal and visit <a href="http://localhost:4200/">http://localhost:4200/</a> for the Angular SPA.</p>
     <p>The REST API on this port is reachable at <code>/api/health</code>.</p>
   </body>
@@ -20372,6 +21047,31 @@ function attachBroadcasterRoute(app, broadcaster) {
 }
 
 // server/app.ts
+var BODY_LIMIT_BYTES = 1024 * 1024;
+var DbMissingError = class extends HTTPException13 {
+  constructor(message) {
+    super(500, { message });
+    this.name = "DbMissingError";
+  }
+};
+var BulkValidationError = class extends HTTPException13 {
+  id;
+  code;
+  constructor(init) {
+    super(init.status, { message: init.message });
+    this.name = "BulkValidationError";
+    this.id = init.id;
+    this.code = init.code;
+  }
+};
+var LoopbackGateError = class extends HTTPException13 {
+  code;
+  constructor(init) {
+    super(403, { message: init.message });
+    this.name = "LoopbackGateError";
+    this.code = init.code;
+  }
+};
 function createApp(deps) {
   const app = new Hono();
   const configService = new ConfigService({
@@ -20379,6 +21079,16 @@ function createApp(deps) {
     cwd: deps.runtimeContext.cwd,
     homedir: deps.runtimeContext.homedir
   });
+  app.use("*", createLoopbackGate({ port: deps.options.port }));
+  app.use(
+    "/api/*",
+    bodyLimit({
+      maxSize: BODY_LIMIT_BYTES,
+      onError: () => {
+        throw new HTTPException13(413, { message: tx(SERVER_TEXTS.bodyTooLarge, { maxBytes: String(BODY_LIMIT_BYTES) }) });
+      }
+    })
+  );
   if (deps.options.devCors) {
     app.use("*", async (c, next) => {
       await next();
@@ -20416,16 +21126,16 @@ function createApp(deps) {
   registerPreferencesRoute(app, routeDeps);
   registerProjectPreferencesRoute(app, routeDeps);
   app.all("/api/*", (c) => {
-    throw new HTTPException12(404, {
-      message: tx(SERVER_TEXTS.unknownApiEndpoint, { path: c.req.path })
+    throw new HTTPException13(404, {
+      message: tx(SERVER_TEXTS.unknownApiEndpoint, { path: sanitizeForTerminal(c.req.path) })
     });
   });
   attachBroadcasterRoute(app, deps.broadcaster);
   app.use("*", createStaticHandler({ uiDist: deps.options.uiDist, noUi: deps.options.noUi }));
   app.get("*", createSpaFallback({ uiDist: deps.options.uiDist, noUi: deps.options.noUi }));
   app.notFound((c) => {
-    throw new HTTPException12(404, {
-      message: tx(SERVER_TEXTS.unknownPath, { path: c.req.path })
+    throw new HTTPException13(404, {
+      message: tx(SERVER_TEXTS.unknownPath, { path: sanitizeForTerminal(c.req.path) })
     });
   });
   app.onError((err, c) => {
@@ -20438,6 +21148,7 @@ function codeForStatus(status, message) {
   if (status === 400) return "bad-query";
   if (status === 403) return "locked";
   if (status === 412) return "confirm-required";
+  if (status === 413) return "payload-too-large";
   if (status === 409) {
     if (message.startsWith("scan-busy:")) return "scan-busy";
     return "sidecar-fresh";
@@ -20445,9 +21156,42 @@ function codeForStatus(status, message) {
   return "internal";
 }
 function formatError2(err, c) {
-  if (err instanceof HTTPException12) {
+  if (err instanceof DbMissingError) {
+    const envelope = {
+      ok: false,
+      error: {
+        code: "db-missing",
+        message: err.message,
+        details: null
+      }
+    };
+    return c.json(envelope, 500);
+  }
+  if (err instanceof BulkValidationError) {
+    const envelope = {
+      ok: false,
+      error: {
+        code: err.code,
+        message: err.message,
+        details: { id: err.id }
+      }
+    };
+    return c.json(envelope, err.status);
+  }
+  if (err instanceof LoopbackGateError) {
+    const envelope = {
+      ok: false,
+      error: {
+        code: err.code,
+        message: err.message,
+        details: null
+      }
+    };
+    return c.json(envelope, 403);
+  }
+  if (err instanceof HTTPException13) {
     const status = err.status;
-    const envelope2 = {
+    const envelope = {
       ok: false,
       error: {
         code: codeForStatus(status, err.message),
@@ -20455,10 +21199,10 @@ function formatError2(err, c) {
         details: null
       }
     };
-    return c.json(envelope2, status);
+    return c.json(envelope, status);
   }
   if (err instanceof ExportQueryError) {
-    const envelope2 = {
+    const envelope = {
       ok: false,
       error: {
         code: "bad-query",
@@ -20466,10 +21210,10 @@ function formatError2(err, c) {
         details: null
       }
     };
-    return c.json(envelope2, 400);
+    return c.json(envelope, 400);
   }
   if (err instanceof EConsentRequiredError) {
-    const envelope2 = {
+    const envelope = {
       ok: false,
       error: {
         code: "confirm-required",
@@ -20477,13 +21221,20 @@ function formatError2(err, c) {
         details: { key: err.key }
       }
     };
-    return c.json(envelope2, 412);
+    return c.json(envelope, 412);
   }
+  return formatInternalErrorFallThrough(err, c);
+}
+function formatInternalErrorFallThrough(err, c) {
+  const detail = formatErrorMessage(err);
+  const stack = err instanceof Error && typeof err.stack === "string" ? err.stack : void 0;
+  const context = stack !== void 0 ? { stack } : void 0;
+  log.warn(`onError fall-through: ${detail}`, context);
   const envelope = {
     ok: false,
     error: {
       code: "internal",
-      message: formatErrorMessage(err),
+      message: SERVER_TEXTS.internalError,
       details: null
     }
   };
@@ -20498,7 +21249,7 @@ var READY_STATE_OPEN = 1;
 var WsBroadcaster = class {
   #clients = /* @__PURE__ */ new Set();
   #shutDown = false;
-  /** Number of currently-registered clients. Read-only — for tests / `/api/health`. */
+  /** Number of currently-registered clients. Read-only, for tests / `/api/health`. */
   get clientCount() {
     return this.#clients.size;
   }
@@ -20520,7 +21271,7 @@ var WsBroadcaster = class {
   }
   /**
    * Unregister a client. Called from the `/ws` `onClose` / `onError`
-   * handlers and from the backpressure path. Idempotent — calling on a
+   * handlers and from the backpressure path. Idempotent, calling on a
    * client that was never registered (or was already removed) is a no-op.
    */
   unregister(ws) {
@@ -20563,7 +21314,7 @@ var WsBroadcaster = class {
   }
   /**
    * Drain every connected socket with code 1001 ('going away') + reason
-   * `'server shutdown'`. Idempotent — a second call after the first
+   * `'server shutdown'`. Idempotent, a second call after the first
    * `shutdown()` is a no-op. After shutdown, `register()` immediately
    * closes any new client offered.
    */
@@ -20793,7 +21544,7 @@ function validateNoUi(noUi, uiDist) {
 
 // server/paths.ts
 import { existsSync as existsSync25, statSync as statSync8 } from "fs";
-import { dirname as dirname16, isAbsolute as isAbsolute9, join as join16, resolve as resolve34 } from "path";
+import { dirname as dirname17, isAbsolute as isAbsolute9, join as join16, resolve as resolve34 } from "path";
 import { fileURLToPath as fileURLToPath5 } from "url";
 var DEFAULT_UI_REL = join16("ui", "dist", "ui", "browser");
 var PACKAGE_UI_REL = "ui";
@@ -20818,7 +21569,7 @@ function isUiBundleDir(path) {
 function resolvePackageBundledUi() {
   let here;
   try {
-    here = dirname16(fileURLToPath5(import.meta.url));
+    here = dirname17(fileURLToPath5(import.meta.url));
   } catch {
     return null;
   }
@@ -20831,7 +21582,7 @@ function resolvePackageBundledUiFrom(here) {
     if (isUiBundleDir(candidate)) return candidate;
     const distHere = join16(current, "dist", PACKAGE_UI_REL);
     if (isUiBundleDir(distHere)) return distHere;
-    const parent = dirname16(current);
+    const parent = dirname17(current);
     if (parent === current) return null;
     current = parent;
   }
@@ -20842,7 +21593,7 @@ function walkUpForUi(startDir) {
   for (let i = 0; i < 64; i++) {
     const candidate = join16(current, DEFAULT_UI_REL);
     if (isUiBundleDir(candidate)) return candidate;
-    const parent = dirname16(current);
+    const parent = dirname17(current);
     if (parent === current) return null;
     current = parent;
   }
@@ -21004,44 +21755,44 @@ function normalizeAddress(addr, fallbackHost, fallbackPort) {
 // cli/i18n/serve.texts.ts
 var SERVE_TEXTS = {
   // The boot banner (TTY box / flat-line fallback) is rendered by
-  // `cli/util/serve-banner.ts` rather than templated through `tx` —
+  // `cli/util/serve-banner.ts` rather than templated through `tx`,
   // ANSI escapes + box-drawing aren't a good fit for the flat
   // `{{name}}` interpolation surface. The flat-mode strings live in
   // that helper and stay byte-equivalent to the pre-banner format so
   // existing pipes / redirects ('listening on <url>' scrapers) don't
   // break.
-  // Browser-open failure. Non-fatal — the URL is already printed; the
+  // Browser-open failure. Non-fatal, the URL is already printed; the
   // user can open it manually.
   openFailed: "sm serve: could not auto-open browser ({{message}}). Visit {{url}} manually.\n",
   // Bind failure (port in use, EACCES, etc.) → ExitCode.Error.
-  bindFailed: "sm serve: failed to bind {{host}}:{{port}} \u2014 {{message}}\n",
-  // Flag-validation failures — ExitCode.Error.
+  bindFailed: "sm serve: failed to bind {{host}}:{{port}}: {{message}}\n",
+  // Flag-validation failures, ExitCode.Error.
   hostDevCorsRejected: "sm serve: --dev-cors requires a loopback --host (got {{host}}). Refusing per Decision #119.\n",
   portOutOfRange: "sm serve: --port must be an integer in [0, 65535] (got {{value}}).\n",
   portInvalid: "sm serve: --port must be a non-negative integer (got {{value}}).\n",
   scopeInvalid: 'sm serve: --scope must be "project" or "global" (got {{value}}).\n',
-  // Watcher option failures — ExitCode.Error.
+  // Watcher option failures, ExitCode.Error.
   watcherRequiresPipeline: "sm serve: --no-built-ins is incompatible with the watcher (would persist empty scans on every batch). Pass --no-watcher to opt out, or drop --no-built-ins.\n",
   watcherDebounceInvalid: "sm serve: --watcher-debounce-ms must be a non-negative integer (got {{value}}).\n",
-  // --no-ui flag-validation failures — ExitCode.Error.
+  // --no-ui flag-validation failures, ExitCode.Error.
   noUiConflictsUiDist: "sm serve: --no-ui and --ui-dist {{path}} are mutually exclusive (drop one).\n",
-  // --no-ui + --open is harmless but worth flagging — non-fatal stderr note.
+  // --no-ui + --open is harmless but worth flagging, non-fatal stderr note.
   noUiOpenWarning: "sm serve: warning: --open with --no-ui will open the placeholder, not the live UI; pass --no-open if running alongside `ui:dev`.\n",
-  // Generic operational error — surfaced when the server itself throws
+  // Generic operational error, surfaced when the server itself throws
   // before the listener binds (e.g. UI bundle missing under explicit
   // --ui-dist).
-  startupFailed: "sm serve: startup failed \u2014 {{message}}\n",
+  startupFailed: "sm serve: startup failed: {{message}}\n",
   // DB-not-found (--db <path> doesn't exist) → ExitCode.NotFound.
   dbNotFound: "sm serve: --db {{path}} does not exist.\n",
   // --ui-dist override points at a missing / non-bundle directory.
   uiDistInvalid: "--ui-dist {{path}} does not exist or is not a directory containing index.html",
-  // Shutdown trace — printed once the listener has closed.
+  // Shutdown trace, printed once the listener has closed.
   shutdown: "sm serve: shutdown complete.\n"
 };
 
 // cli/util/serve-banner.ts
 import { homedir as homedir2 } from "os";
-import { relative as relative6, isAbsolute as isAbsolute10 } from "path";
+import { relative as relative7, isAbsolute as isAbsolute10 } from "path";
 var ESC2 = {
   reset: "\x1B[0m",
   bold: "\x1B[1m",
@@ -21166,7 +21917,7 @@ function resolveAnsi(colorEnabled) {
 function formatDbPath(dbPath, cwd) {
   const safe = sanitizeForTerminal(dbPath);
   if (!isAbsolute10(safe)) return safe;
-  const rel = relative6(cwd, safe);
+  const rel = relative7(cwd, safe);
   if (rel === "" || rel.startsWith("..") || isAbsolute10(rel)) {
     return safe;
   }
@@ -21190,10 +21941,10 @@ var ServeCommand = class extends SmCommand {
     details: `
       Boots the skill-map Web UI's backing server. One Node process
       serves the Angular SPA, the REST API under /api/*, and the
-      WebSocket at /ws \u2014 single-port mandate, no proxy.
+      WebSocket at /ws (single-port mandate, no proxy).
 
       Default port is 4242, default host is 127.0.0.1. The server boots
-      even when the project DB is missing \u2014 /api/health reports
+      even when the project DB is missing; /api/health reports
       'db: missing' so the SPA renders an empty-state CTA instead of
       failing the connection.
 
@@ -21227,7 +21978,7 @@ var ServeCommand = class extends SmCommand {
   noPlugins = Option31.Boolean("--no-plugins", false, {
     description: "Skip drop-in plugin discovery."
   });
-  // `Option.Boolean('--open', true)` — Clipanion's parser auto-derives
+  // `Option.Boolean('--open', true)`, Clipanion's parser auto-derives
   // the `--no-open` inverse for every boolean flag (search for
   // `--no-${name.slice(2)}` in clipanion's core), so the explicit
   // `--no-open` descriptor must NOT be declared here or the parser sees
@@ -21253,12 +22004,12 @@ var ServeCommand = class extends SmCommand {
   });
   // `--watcher-debounce-ms` is undocumented sugar for advanced users
   // who want to tighten / relax the watcher's batching window without
-  // editing settings.json. Hidden flag — the Usage block omits it.
+  // editing settings.json. Hidden flag, the Usage block omits it.
   watcherDebounceMs = Option31.String("--watcher-debounce-ms", { required: false, hidden: true });
-  // Long-running daemon — `done in <…>` after a graceful shutdown is
+  // Long-running daemon, `done in <…>` after a graceful shutdown is
   // noise. Mirrors `sm watch`'s opt-out.
   emitElapsed = false;
-  // CLI orchestrator with multi-flag handling — each `if (this.flag)`
+  // CLI orchestrator with multi-flag handling, each `if (this.flag)`
   // branch is one cyclomatic point. Splitting per branch scatters the
   // validation away from the flag it gates. Per AGENTS.md §Linting
   // category 1 ("CLI orchestrators with multi-flag handling").
@@ -21447,6 +22198,15 @@ function waitForShutdown() {
 }
 function tryOpenBrowser(url, stderr) {
   try {
+    if (!validateBrowserUrl(url)) {
+      stderr.write(
+        tx(SERVE_TEXTS.openFailed, {
+          message: sanitizeForTerminal("refused to launch browser: unsafe URL"),
+          url: sanitizeForTerminal(url)
+        })
+      );
+      return;
+    }
     const platform = process.platform;
     let command;
     let args2;
@@ -21455,7 +22215,7 @@ function tryOpenBrowser(url, stderr) {
       args2 = [url];
     } else if (platform === "win32") {
       command = "cmd";
-      args2 = ["/c", "start", '""', url];
+      args2 = ["/c", "start", "", url];
     } else {
       command = "xdg-open";
       args2 = [url];
@@ -21792,7 +22552,7 @@ function rankConfidenceForGrouping(c) {
 }
 
 // cli/commands/sidecar.ts
-import { existsSync as existsSync27, unlinkSync as unlinkSync3 } from "fs";
+import { existsSync as existsSync27, unlinkSync as unlinkSync2 } from "fs";
 import { resolve as resolve35 } from "path";
 import { Command as Command35, Option as Option33 } from "clipanion";
 
@@ -21827,12 +22587,12 @@ var SIDECAR_TEXTS = {
   /**
    * Pre-prompt context shown before the interactive `confirm()` so the
    * operator sees what they are about to opt into. `.skill-map/settings.local.json`
-   * is gitignored — the choice is saved per-checkout, never travels via the repo.
+   * is gitignored, the choice is saved per-checkout, never travels via the repo.
    */
   consentPrompt: "skill-map needs your consent to create .sm sidecar files next to your\nsource files in this project. The choice is saved to\n.skill-map/settings.local.json (gitignored, per-checkout) so this prompt\nnever appears again. Decline to abort without persisting the rejection.\n\nAllow .sm sidecar writes in this project?",
   consentAborted: "{{glyph}}  sm sidecar: aborted by user. No .sm sidecar files were written.\n",
   consentRequiredNonTty: "{{glyph}}  sm sidecar: consent required to write .sm sidecar files in this project.\n   {{hint}}\n",
-  consentRequiredNonTtyHint: "Pass --yes to grant (writes to .skill-map/settings.local.json \u2014 gitignored)."
+  consentRequiredNonTtyHint: "Pass --yes to grant (writes to .skill-map/settings.local.json, gitignored)."
 };
 
 // cli/commands/sidecar.ts
@@ -21876,11 +22636,11 @@ var SidecarRefreshCommand = class extends SmCommand {
       Useful when the user knows a body change is editorial-only and
       doesn't want to spend a \`annotations.version\` increment.
       Distinct from \`sm refresh\` (the enrichment-layer verb at Step
-      A.8) \u2014 different storage, different concept.
+      A.8); different storage, different concept.
 
       Refuses if the node has no sidecar (run \`sm sidecar annotate\`
       first, or \`sm bump\` to create one through the Action). No-ops
-      on a fresh node \u2014 there's nothing to refresh.
+      on a fresh node, there's nothing to refresh.
     `,
     examples: [
       ["Refresh a node's sidecar hashes", "$0 sidecar refresh .claude/agents/architect.md"]
@@ -21912,7 +22672,7 @@ var SidecarRefreshCommand = class extends SmCommand {
       () => this.#runOnce(ctx, dbPath, okGlyph, errGlyph, ansi)
     );
   }
-  // Inner dispatch — single attempt. The outer `run()` wraps every
+  // Inner dispatch, single attempt. The outer `run()` wraps every
   // call in `runWithSidecarConsent` so an `EConsentRequiredError`
   // surfaces as an interactive prompt (TTY) or a directed exit
   // (non-TTY).
@@ -22020,7 +22780,7 @@ var SidecarPruneCommand = class extends SmCommand {
       convention). \`--yes\` (alias \`--force\`) bypasses the prompt
       for non-interactive use (CI, scripts, the pre-commit hook).
 
-      Different domain from \`sm orphans\` \u2014 that verb operates on the
+      Different domain from \`sm orphans\`: that verb operates on the
       node graph (rename heuristic). This one operates on the
       filesystem layer.
     `,
@@ -22034,7 +22794,7 @@ var SidecarPruneCommand = class extends SmCommand {
   yes = Option33.Boolean("--yes,--force", false, {
     description: "Skip the interactive confirmation prompt. Required for non-interactive callers (CI, pre-commit hooks)."
   });
-  // Complexity is from per-orphan handling — empty-set / dry-run /
+  // Complexity is from per-orphan handling, empty-set / dry-run /
   // delete / error capture / json-vs-pretty branches each contributing
   // a guard. The unlink loop itself is linear.
   // eslint-disable-next-line complexity
@@ -22080,7 +22840,7 @@ var SidecarPruneCommand = class extends SmCommand {
         continue;
       }
       try {
-        unlinkSync3(orphan.sidecarPath);
+        unlinkSync2(orphan.sidecarPath);
         items.push({
           sidecarPath: orphan.sidecarPath,
           expectedMd: orphan.expectedMdPath,
@@ -22160,7 +22920,7 @@ var SidecarAnnotateCommand = class extends SmCommand {
       block. After editing, run \`sm bump <node>\` to commit the
       version through the Action.
 
-      Refuses if the file already exists \u2014 pass \`--force\` to
+      Refuses if the file already exists; pass \`--force\` to
       overwrite. Per Decision A4 the \`--from-frontmatter\` migration
       helper is deferred (no released consumer demands it).
     `,
@@ -22195,6 +22955,10 @@ var SidecarAnnotateCommand = class extends SmCommand {
       () => this.#runOnce(ctx, dbPath, errGlyph, ansi)
     );
   }
+  // CLI orchestrator: argument-validation guards + dry-run branch +
+  // interactive confirm + collect/delete loop. Each branch is one
+  // cyclomatic point; splitting would scatter the validations away
+  // from the flag they gate. Per `context/lint.md` category 1.
   // eslint-disable-next-line complexity
   async #runOnce(ctx, dbPath, errGlyph, ansi) {
     const persisted = await tryWithSqlite(
@@ -22245,7 +23009,7 @@ var SidecarAnnotateCommand = class extends SmCommand {
     }
     if (existsSync27(sidecarAbsPath) && this.force === true) {
       try {
-        unlinkSync3(sidecarAbsPath);
+        unlinkSync2(sidecarAbsPath);
       } catch (err) {
         this.printer.error(
           tx(SIDECAR_TEXTS.annotateFailed, { glyph: errGlyph, message: formatErrorMessage(err) })
@@ -22476,13 +23240,13 @@ var STUB_COMMANDS = [
 // cli/commands/tutorial.ts
 import { existsSync as existsSync28, readFileSync as readFileSync17 } from "fs";
 import { writeFile as writeFile2 } from "fs/promises";
-import { dirname as dirname17, join as join17, resolve as resolve36 } from "path";
+import { dirname as dirname18, join as join17, resolve as resolve36 } from "path";
 import { fileURLToPath as fileURLToPath6 } from "url";
 import { Command as Command37, Option as Option35 } from "clipanion";
 
 // cli/i18n/tutorial.texts.ts
 var TUTORIAL_TEXTS = {
-  // Success — written to stdout after `<cwd>/sm-tutorial.md` is created.
+  // Success, written to stdout after `<cwd>/sm-tutorial.md` is created.
   // Multi-line layout: the two trigger phrases (English / Spanish) are
   // indented and labelled so they're the most visible part of the
   // output. The reminder above them surfaces the SKILL's language
@@ -22491,13 +23255,13 @@ var TUTORIAL_TEXTS = {
   /**
    * Success body. `glyph` is wrapped green at the call site; `cwd`
    * renders relative to the user's cwd when it sits underneath. The
-   * `English` / `Español` labels print dim — the eye lands on the
+   * `English` / `Español` labels print dim, the eye lands on the
    * trigger phrases the user is going to copy / paste.
    */
   written: "  {{glyph}}  sm-tutorial.md created at {{cwd}}\n\n  Open Claude Code in this directory. Your first message sets\n  the tutorial language for the rest of the session:\n\n      {{enLabel}}  run @sm-tutorial.md\n      {{esLabel}}  ejecut\xE1 @sm-tutorial.md\n",
   writtenLabelEn: "English",
   writtenLabelEs: "Espa\xF1ol",
-  // Refusal — `sm-tutorial.md` already exists and `--force` was not set.
+  // Refusal, `sm-tutorial.md` already exists and `--force` was not set.
   // Goes to stderr, exit code 2 (operational error per spec § Exit codes).
   // Mirrors the success body shape: glyph + headline, then a dim hint
   // line spelling the fix.
@@ -22519,7 +23283,7 @@ var TutorialCommand = class extends SmCommand {
     details: `
       Drops the canonical SKILL.md content as ./sm-tutorial.md so a tester
       can open Claude Code in the cwd and load the file as a skill by
-      typing "ejecut\xE1 @sm-tutorial.md". Top-level only \u2014 no subdirectory
+      typing "ejecut\xE1 @sm-tutorial.md". Top-level only; no subdirectory
       is created.
 
       Does NOT require an initialized .skill-map/ project. Refuses to
@@ -22603,7 +23367,7 @@ function loadBundledTutorialText() {
   return cachedTutorial;
 }
 function readTutorialFromDisk() {
-  const here = dirname17(fileURLToPath6(import.meta.url));
+  const here = dirname18(fileURLToPath6(import.meta.url));
   const candidates = [
     // dev: src/cli/commands/ → repo-root .claude/skills/sm-tutorial/SKILL.md
     resolve36(here, "../../../.claude/skills/sm-tutorial/SKILL.md"),
@@ -22640,7 +23404,7 @@ var VersionCommand = class extends SmCommand {
     category: "Introspection",
     description: "Print the CLI / kernel / spec / runtime / db-schema version matrix."
   });
-  // Informational verb — no `done in <…>` line; the version matrix is
+  // Informational verb, no `done in <…>` line; the version matrix is
   // the entire output.
   emitElapsed = false;
   async run() {
@@ -22692,10 +23456,10 @@ async function resolveDbSchemaVersion() {
       { databasePath: dbPath, autoBackup: false },
       async (port) => port.migrations.currentSchemaVersion()
     );
-    if (v === null || v === void 0) return "\u2014";
+    if (v === null || v === void 0) return "-";
     return String(v);
   } catch {
-    return "\u2014";
+    return "-";
   }
 }