@vellumai/assistant 0.5.10 → 0.5.12

package/src/__tests__/bundled-skill-retrieval-guard.test.ts

@@ -112,11 +112,11 @@ const GATEWAY_RETRIEVAL_BANLIST: Array<{
   },
 ];
 
-const KEYCHAIN_ALLOWLIST = new Set<string>([
-  // Keep empty unless a keychain lookup instruction is intentionally required.
+const CREDENTIAL_LOOKUP_ALLOWLIST = new Set<string>([
+  // Keep empty unless a credential lookup instruction is intentionally required.
 ]);
 
-const KEYCHAIN_PATTERNS = [
+const CREDENTIAL_LOOKUP_PATTERNS = [
   "security find-generic-password",
   "secret-tool lookup service vellum-assistant account credential:",
   "secret-tool lookup service vellum-assistant account credential/",
@@ -134,7 +134,7 @@ const RETRIEVAL_MARKERS = [
 ];
 
 describe("bundled skill retrieval guard", () => {
-  test("migrated skills do not reintroduce direct gateway/keychain retrieval snippets", () => {
+  test("migrated skills do not reintroduce direct gateway/credential lookup retrieval snippets", () => {
     const violations: string[] = [];
 
     for (const rule of GATEWAY_RETRIEVAL_BANLIST) {
@@ -152,7 +152,7 @@ describe("bundled skill retrieval guard", () => {
     if (violations.length > 0) {
       const message = [
         "Skill retrieval contract regression detected.",
-        "Migrated skills must not reintroduce direct gateway/keychain retrieval snippets.",
+        "Migrated skills must not reintroduce direct gateway/credential lookup retrieval snippets.",
         "",
         "Violations:",
         ...violations.map((v) => `  - ${v}`),
@@ -162,14 +162,14 @@ describe("bundled skill retrieval guard", () => {
     }
   });
 
-  test("skills do not contain direct keychain lookup instructions", () => {
+  test("skills do not contain direct credential lookup instructions", () => {
     const violations: string[] = [];
 
     for (const skillFile of ALL_SKILL_FILES) {
       const rel = relative(REPO_ROOT, skillFile).replaceAll("\\", "/");
-      if (KEYCHAIN_ALLOWLIST.has(rel)) continue;
+      if (CREDENTIAL_LOOKUP_ALLOWLIST.has(rel)) continue;
       const content = readFileSync(skillFile, "utf-8");
-      for (const pattern of KEYCHAIN_PATTERNS) {
+      for (const pattern of CREDENTIAL_LOOKUP_PATTERNS) {
         if (content.includes(pattern)) {
           violations.push(`${rel}: contains "${pattern}"`);
         }
@@ -178,13 +178,13 @@ describe("bundled skill retrieval guard", () => {
 
     if (violations.length > 0) {
       const message = [
-        "Direct keychain lookup instructions were found in skills.",
+        "Direct credential lookup instructions were found in skills.",
         "Use credential_store and CLI/proxied flows instead.",
         "",
         "Violations:",
         ...violations.map((v) => `  - ${v}`),
         "",
-        "Add intentional exceptions to KEYCHAIN_ALLOWLIST only when required.",
+        "Add intentional exceptions to CREDENTIAL_LOOKUP_ALLOWLIST only when required.",
       ].join("\n");
 
       expect(violations, message).toEqual([]);

package/src/__tests__/catalog-cache.test.ts

@@ -0,0 +1,164 @@
+/**
+ * Unit tests for the catalog cache (catalog-cache.ts).
+ *
+ * Validates TTL-based caching, re-fetch after expiry, stale-cache fallback
+ * on fetch failure, and explicit cache invalidation.
+ */
+
+import { afterEach, describe, expect, mock, test } from "bun:test";
+
+import type { CatalogSkill } from "../skills/catalog-install.js";
+
+// ---------------------------------------------------------------------------
+// Mocks — must be defined before importing the module under test
+// ---------------------------------------------------------------------------
+
+// Suppress logger output
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+let mockRepoSkillsDir: string | undefined = undefined;
+let mockFetchCatalogResult: CatalogSkill[] = [];
+let mockFetchCatalogError: Error | null = null;
+let fetchCatalogCallCount = 0;
+let readLocalCatalogCallCount = 0;
+
+mock.module("../skills/catalog-install.js", () => ({
+  getRepoSkillsDir: () => mockRepoSkillsDir,
+  readLocalCatalog: (_dir: string) => {
+    readLocalCatalogCallCount++;
+    return mockFetchCatalogResult;
+  },
+  fetchCatalog: async () => {
+    fetchCatalogCallCount++;
+    if (mockFetchCatalogError) {
+      throw mockFetchCatalogError;
+    }
+    return mockFetchCatalogResult;
+  },
+}));
+
+// ---------------------------------------------------------------------------
+// Imports (after mocks)
+// ---------------------------------------------------------------------------
+
+import { getCatalog, invalidateCatalogCache } from "../skills/catalog-cache.js";
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+const sampleCatalog: CatalogSkill[] = [
+  { id: "web-search", name: "Web Search", description: "Search the web" },
+  { id: "browser", name: "Browser", description: "Browse the web" },
+];
+
+const updatedCatalog: CatalogSkill[] = [
+  { id: "web-search", name: "Web Search v2", description: "Updated search" },
+];
+
+function resetState(): void {
+  invalidateCatalogCache();
+  mockRepoSkillsDir = undefined;
+  mockFetchCatalogResult = [];
+  mockFetchCatalogError = null;
+  fetchCatalogCallCount = 0;
+  readLocalCatalogCallCount = 0;
+}
+
+afterEach(resetState);
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe("getCatalog", () => {
+  test("returns cached value within TTL without re-fetching", async () => {
+    mockFetchCatalogResult = sampleCatalog;
+
+    const first = await getCatalog();
+    expect(first).toEqual(sampleCatalog);
+    expect(fetchCatalogCallCount).toBe(1);
+
+    // Second call should use cache
+    const second = await getCatalog();
+    expect(second).toEqual(sampleCatalog);
+    expect(fetchCatalogCallCount).toBe(1); // no additional fetch
+  });
+
+  test("re-fetches after TTL expires", async () => {
+    mockFetchCatalogResult = sampleCatalog;
+
+    const first = await getCatalog();
+    expect(first).toEqual(sampleCatalog);
+    expect(fetchCatalogCallCount).toBe(1);
+
+    // Simulate TTL expiry by manipulating Date.now
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 5 * 60 * 1000 + 1;
+
+    try {
+      mockFetchCatalogResult = updatedCatalog;
+      const second = await getCatalog();
+      expect(second).toEqual(updatedCatalog);
+      expect(fetchCatalogCallCount).toBe(2);
+    } finally {
+      Date.now = originalNow;
+    }
+  });
+
+  test("falls back to stale cache on fetch failure", async () => {
+    mockFetchCatalogResult = sampleCatalog;
+
+    // Populate cache
+    const first = await getCatalog();
+    expect(first).toEqual(sampleCatalog);
+
+    // Expire cache and make fetch fail
+    const originalNow = Date.now;
+    Date.now = () => originalNow() + 5 * 60 * 1000 + 1;
+
+    try {
+      mockFetchCatalogError = new Error("Network timeout");
+      const fallback = await getCatalog();
+      expect(fallback).toEqual(sampleCatalog); // stale cache
+    } finally {
+      Date.now = originalNow;
+    }
+  });
+
+  test("returns empty array on fetch failure with no stale cache", async () => {
+    mockFetchCatalogError = new Error("Network timeout");
+
+    const result = await getCatalog();
+    expect(result).toEqual([]);
+  });
+
+  test("invalidateCatalogCache forces re-fetch", async () => {
+    mockFetchCatalogResult = sampleCatalog;
+
+    await getCatalog();
+    expect(fetchCatalogCallCount).toBe(1);
+
+    invalidateCatalogCache();
+
+    mockFetchCatalogResult = updatedCatalog;
+    const refreshed = await getCatalog();
+    expect(refreshed).toEqual(updatedCatalog);
+    expect(fetchCatalogCallCount).toBe(2);
+  });
+
+  test("uses local catalog when repoSkillsDir is set", async () => {
+    mockRepoSkillsDir = "/mock/repo/skills";
+    mockFetchCatalogResult = sampleCatalog;
+
+    const result = await getCatalog();
+    expect(result).toEqual(sampleCatalog);
+    expect(readLocalCatalogCallCount).toBe(1);
+    expect(fetchCatalogCallCount).toBe(0); // no remote fetch
+  });
+});

package/src/__tests__/catalog-search.test.ts

@@ -0,0 +1,61 @@
+import { describe, expect, test } from "bun:test";
+
+import { filterByQuery } from "../skills/catalog-search.js";
+
+interface FakeSkill {
+  id: string;
+  name: string;
+  description: string;
+}
+
+const skills: FakeSkill[] = [
+  {
+    id: "weather",
+    name: "Weather Lookup",
+    description: "Get current weather for a city",
+  },
+  {
+    id: "search",
+    name: "Web Search",
+    description: "Search the web for information",
+  },
+  {
+    id: "deploy",
+    name: "Deploy Helper",
+    description: "Deploy apps to production",
+  },
+];
+
+const fields: ((s: FakeSkill) => string)[] = [
+  (s) => s.id,
+  (s) => s.name,
+  (s) => s.description,
+];
+
+describe("filterByQuery", () => {
+  test("case-insensitive matching", () => {
+    const result = filterByQuery(skills, "WEATHER", fields);
+    expect(result).toEqual([skills[0]]);
+  });
+
+  test("matches on any supplied field accessor", () => {
+    // Match on id
+    expect(filterByQuery(skills, "deploy", fields)).toEqual([skills[2]]);
+    // Match on name
+    expect(filterByQuery(skills, "Web Search", fields)).toEqual([skills[1]]);
+    // Match on description
+    expect(filterByQuery(skills, "production", fields)).toEqual([skills[2]]);
+  });
+
+  test("returns empty array for no matches", () => {
+    const result = filterByQuery(skills, "nonexistent", fields);
+    expect(result).toEqual([]);
+  });
+
+  test("returns all items for broad query", () => {
+    // All skills have "e" somewhere in their fields
+    const result = filterByQuery(skills, "e", fields);
+    expect(result).toHaveLength(3);
+    expect(result).toEqual(skills);
+  });
+});

package/src/__tests__/channel-approvals.test.ts

@@ -304,7 +304,7 @@ describe("handleChannelDecision", () => {
     expect(result.applied).toBe(true);
     expect(result.requestId).toBe("req-1");
     expect(
-      interaction!.conversation.handleConfirmationResponse,
+      interaction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-1", "allow");
   });
 
@@ -320,7 +320,7 @@ describe("handleChannelDecision", () => {
     expect(result.applied).toBe(true);
     expect(result.requestId).toBe("req-1");
     expect(
-      interaction!.conversation.handleConfirmationResponse,
+      interaction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-1", "deny");
   });
 
@@ -339,10 +339,10 @@ describe("handleChannelDecision", () => {
     expect(result.applied).toBe(true);
     expect(result.requestId).toBe("req-newer");
     expect(
-      newerInteraction!.conversation.handleConfirmationResponse,
+      newerInteraction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-newer", "allow");
     expect(
-      olderInteraction!.conversation.handleConfirmationResponse,
+      olderInteraction!.conversation!.handleConfirmationResponse,
     ).not.toHaveBeenCalled();
   });
 
@@ -393,7 +393,7 @@ describe("handleChannelDecision", () => {
 
     // The session is approved with "allow"
     expect(
-      interaction!.conversation.handleConfirmationResponse,
+      interaction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-1", "allow");
 
     addRuleSpy.mockRestore();
@@ -420,7 +420,7 @@ describe("handleChannelDecision", () => {
     // The decision should still be applied as a one-time approval
     expect(result.applied).toBe(true);
     expect(
-      interaction!.conversation.handleConfirmationResponse,
+      interaction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-1", "allow");
 
     addRuleSpy.mockRestore();
@@ -446,7 +446,7 @@ describe("handleChannelDecision", () => {
     // The current invocation should still be approved (one-time allow)
     expect(result.applied).toBe(true);
     expect(
-      interaction!.conversation.handleConfirmationResponse,
+      interaction!.conversation!.handleConfirmationResponse,
     ).toHaveBeenCalledWith("req-1", "allow");
 
     addRuleSpy.mockRestore();

package/src/__tests__/channel-readiness-service.test.ts

@@ -1,9 +1,12 @@
 import { beforeEach, describe, expect, mock, test } from "bun:test";
 
+import { credentialKey } from "../security/credential-key.js";
+
 let mockTwilioPhoneNumber: string | undefined;
 let mockRawConfig: Record<string, unknown> | undefined;
 let mockSecureKeys: Record<string, string>;
 let mockHasTwilioCredentials: boolean;
+let mockShouldUsePlatformCallbacks: boolean;
 
 mock.module("../calls/twilio-rest.js", () => ({
   getPhoneNumberSid: async () => null,
@@ -40,6 +43,10 @@ mock.module("../email/service.js", () => ({
   }),
 }));
 
+mock.module("../inbound/platform-callback-registration.js", () => ({
+  shouldUsePlatformCallbacks: () => mockShouldUsePlatformCallbacks,
+}));
+
 mock.module("../security/secure-keys.js", () => ({
   getSecureKeyAsync: async (key: string) => mockSecureKeys[key] ?? null,
 }));
@@ -51,6 +58,7 @@ mock.module("../runtime/channel-invite-transports/whatsapp.js", () => ({
 import type { ChannelId } from "../channels/types.js";
 import {
   ChannelReadinessService,
+  createReadinessService,
   REMOTE_TTL_MS,
 } from "../runtime/channel-readiness-service.js";
 import type {
@@ -96,6 +104,7 @@ describe("ChannelReadinessService", () => {
     mockRawConfig = undefined;
     mockSecureKeys = {};
     mockHasTwilioCredentials = false;
+    mockShouldUsePlatformCallbacks = false;
   });
 
   test("local checks run on every call (no caching of local results)", async () => {
@@ -257,6 +266,38 @@ describe("ChannelReadinessService", () => {
     expect(snapshot.reasons).toHaveLength(0);
   });
 
+  test("telegram readiness accepts managed callback routing when ingress is absent", async () => {
+    mockShouldUsePlatformCallbacks = true;
+    mockSecureKeys[credentialKey("telegram", "bot_token")] = "123:abc";
+    mockSecureKeys[credentialKey("telegram", "webhook_secret")] = "secret";
+
+    const readiness = createReadinessService();
+    const [snapshot] = await readiness.getReadiness("telegram");
+
+    expect(snapshot.ready).toBe(true);
+    expect(snapshot.localChecks).toContainEqual({
+      name: "ingress",
+      passed: true,
+      message: "Managed platform callback routing is configured",
+    });
+  });
+
+  test("phone readiness accepts managed callback routing when ingress is absent", async () => {
+    mockShouldUsePlatformCallbacks = true;
+    mockHasTwilioCredentials = true;
+    mockTwilioPhoneNumber = "+15555550123";
+
+    const readiness = createReadinessService();
+    const [snapshot] = await readiness.getReadiness("phone");
+
+    expect(snapshot.ready).toBe(true);
+    expect(snapshot.localChecks).toContainEqual({
+      name: "ingress",
+      passed: true,
+      message: "Managed platform callback routing is configured",
+    });
+  });
+
   test("getReadiness with no channel returns all registered channels", async () => {
     service.registerProbe(
       makeProbe("phone", [{ name: "a", passed: true, message: "ok" }]),

package/src/__tests__/cli-command-risk-guard.test.ts

@@ -1,7 +1,8 @@
-// Guard test: assistant CLI commands must always classify as Low risk.
+// Guard test: assistant CLI commands must classify at the expected risk level.
 //
-// The assistant uses its own CLI tools during normal operation. If these
-// commands require user approval, it blocks autonomous assistant workflows.
+// The assistant uses its own CLI tools during normal operation. Most commands
+// should be Low risk so they don't block autonomous workflows. Certain
+// sensitive subcommands are intentionally elevated to Medium or High.
 // See #18982 / #18998 for the regression that motivated this guard.
 
 import { mkdtempSync } from "node:fs";
@@ -60,10 +61,10 @@ function expectLowRisk(command: string, actual: RiskLevel): void {
   if (actual !== RiskLevel.Low) {
     throw new Error(
       `"${command}" classified as ${actual} instead of Low. ` +
-        `assistant CLI commands must always be Low risk — the assistant ` +
+        `assistant CLI commands must be Low risk by default — the assistant ` +
         `uses its own CLI during normal operation. If you need risk ` +
-        `escalation for specific subcommands, add them to an allowlist ` +
-        `in this guard test with justification.`,
+        `escalation for specific subcommands, add them to the elevated ` +
+        `risk tests in this guard test with justification.`,
     );
   }
   expect(actual).toBe(RiskLevel.Low);
@@ -86,6 +87,9 @@ describe("CLI command risk guard: assistant commands", () => {
 
   test("all assistant CLI subcommands classify as Low risk", async () => {
     for (const subcommand of ASSISTANT_SUBCOMMANDS) {
+      // Subcommands with elevated children are tested separately below.
+      // The bare top-level subcommand (e.g. `assistant oauth`) is still
+      // expected to be Low.
       const command = `assistant ${subcommand}`;
       const risk = await classifyRisk("bash", { command });
       expectLowRisk(command, risk);
@@ -110,3 +114,174 @@ describe("CLI command risk guard: assistant commands", () => {
     }
   });
 });
+
+// Sensitive subcommands that are intentionally elevated above Low risk.
+// Each entry documents why the elevation is necessary.
+
+describe("CLI command risk guard: elevated assistant subcommands", () => {
+  test("assistant oauth token is High risk (exposes raw tokens)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth token",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("assistant oauth mode --set is High risk (changes auth mode)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth mode --set managed",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("assistant oauth mode --set=value is High risk (equals syntax)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth mode google --set=managed",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("assistant oauth mode without --set is Low risk (read-only)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth mode",
+    });
+    expect(risk).toBe(RiskLevel.Low);
+  });
+
+  test("assistant credentials reveal is High risk (exposes secrets)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant credentials reveal",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("assistant oauth request is Medium risk (initiates OAuth flow)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth request",
+    });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("assistant oauth connect is Medium risk (modifies OAuth connections)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth connect",
+    });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("assistant oauth disconnect is Medium risk (removes OAuth connections)", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth disconnect",
+    });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("--help on elevated subcommands is Low risk (read-only)", async () => {
+    const helpCommands = [
+      "assistant oauth token --help",
+      "assistant oauth mode --set --help",
+      "assistant credentials reveal --help",
+      "assistant oauth request --help",
+      "assistant oauth connect --help",
+      "assistant oauth disconnect -h",
+    ];
+
+    for (const command of helpCommands) {
+      const risk = await classifyRisk("bash", { command });
+      expectLowRisk(command, risk);
+    }
+  });
+
+  test("--help after -- option terminator does not downgrade risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "assistant oauth token -- --help",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("non-sensitive oauth subcommands remain Low risk", async () => {
+    const lowRiskOauthCommands = [
+      "assistant oauth apps",
+      "assistant oauth apps list",
+      "assistant oauth providers",
+      "assistant oauth status",
+    ];
+
+    for (const command of lowRiskOauthCommands) {
+      const risk = await classifyRisk("bash", { command });
+      expectLowRisk(command, risk);
+    }
+  });
+
+  test("non-sensitive credentials subcommands remain Low risk", async () => {
+    const lowRiskCredCommands = [
+      "assistant credentials",
+      "assistant credentials list",
+    ];
+
+    for (const command of lowRiskCredCommands) {
+      const risk = await classifyRisk("bash", { command });
+      expectLowRisk(command, risk);
+    }
+  });
+});
+
+describe("CLI command risk guard: wrapper program propagation", () => {
+  test("env assistant oauth token is High risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "env assistant oauth token",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("nice assistant credentials reveal is High risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "nice assistant credentials reveal",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("timeout 30 assistant oauth request is Medium risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "timeout 30 assistant oauth request",
+    });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("timeout 30 assistant oauth token is High risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "timeout 30 assistant oauth token",
+    });
+    expect(risk).toBe(RiskLevel.High);
+  });
+
+  test("timeout 30 git push is Medium risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "timeout 30 git push",
+    });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("timeout 30 git status is Low risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "timeout 30 git status",
+    });
+    expectLowRisk("timeout 30 git status", risk);
+  });
+
+  test("env assistant config is Low risk", async () => {
+    const risk = await classifyRisk("bash", {
+      command: "env assistant config",
+    });
+    expectLowRisk("env assistant config", risk);
+  });
+
+  test("env git push is Medium risk (not Low)", async () => {
+    const risk = await classifyRisk("bash", { command: "env git push" });
+    expect(risk).toBe(RiskLevel.Medium);
+  });
+
+  test("env git status is Low risk", async () => {
+    const risk = await classifyRisk("bash", { command: "env git status" });
+    expectLowRisk("env git status", risk);
+  });
+});

package/src/__tests__/config-schema.test.ts

@@ -135,6 +135,7 @@ describe("AssistantConfigSchema", () => {
     expect(result.secretDetection).toEqual({
       enabled: true,
       action: "redact",
+      blockIngress: true,
       entropyThreshold: 4.0,
       allowOneTimeSend: false,
     });
@@ -157,6 +158,7 @@ describe("AssistantConfigSchema", () => {
       secretDetection: {
         enabled: false,
         action: "block" as const,
+        blockIngress: false,
         entropyThreshold: 5.5,
       },
       auditLog: { retentionDays: 30 },
@@ -436,7 +438,10 @@ describe("AssistantConfigSchema", () => {
 
   test("defaults permissions.mode to workspace", () => {
     const result = AssistantConfigSchema.parse({});
-    expect(result.permissions).toEqual({ mode: "workspace", dangerouslySkipPermissions: false });
+    expect(result.permissions).toEqual({
+      mode: "workspace",
+      dangerouslySkipPermissions: false,
+    });
   });
 
   test("accepts explicit permissions.mode strict", () => {
@@ -1141,7 +1146,10 @@ describe("loadConfig with schema validation", () => {
   test("defaults permissions.mode to workspace when not specified", () => {
     writeConfig({});
     const config = loadConfig();
-    expect(config.permissions).toEqual({ mode: "workspace", dangerouslySkipPermissions: false });
+    expect(config.permissions).toEqual({
+      mode: "workspace",
+      dangerouslySkipPermissions: false,
+    });
   });
 
   test("loads explicit permissions.mode strict", () => {