codemini-cli 0.3.9 → 0.4.0

package/src/core/command-risk.js

@@ -0,0 +1,148 @@
+import { collectCommandTokens, firstToken } from './command-policy.js';
+
+/* ── 只读命令 token ───────────────────────────────────────────── */
+const READ_ONLY_TOKENS = new Set([
+  'ls', 'cat', 'head', 'tail', 'pwd', 'wc', 'sort', 'uniq',
+  'cut', 'tr', 'basename', 'dirname', 'test', 'true', 'false',
+  'whoami', 'uname', 'date', 'env', 'printenv', 'hostname',
+  'rg', 'find', 'grep', 'ag', 'ack', 'fd', 'bat',
+  'git', 'node', 'npm', 'npx', 'python', 'python3', 'py', 'pip', 'pip3',
+  'echo', 'printf', 'seq', 'yes'
+]);
+
+/* 只读时需要检查子命令的 token */
+const READ_ONLY_SUBCOMMANDS = {
+  git: new Set([
+    'status', 'log', 'diff', 'branch', 'show', 'tag', 'stash',
+    'list', 'remote', 'rev-parse', 'describe', 'blame',
+    'shortlog', 'count', 'ls-files', 'ls-remote', 'ls-tree',
+    'config', '--version', 'var', 'for-each-ref', 'name-rev',
+    'merge-base', 'cherry'
+  ]),
+  node: new Set(['--version', '-v', '-e', '--eval', '--print', '-p', '--help']),
+  npm: new Set([
+    '--version', '-v', 'view', 'info', 'list', 'ls', 'll', 'la',
+    'outdated', 'audit', 'pack', 'cache', 'config', 'doctor',
+    'help', 'explore', 'run', 'run-script', 'start', 'test',
+    'restart', 'stop', 'version', 'whoami'
+  ]),
+  npx: new Set(['--version', '-v', '--help']),
+  python: new Set(['--version', '-V', '--help', '-c', '-m']),
+  python3: new Set(['--version', '-V', '--help', '-c', '-m']),
+  py: new Set(['--version', '-V', '--help', '-c', '-m']),
+  pip: new Set(['--version', '-V', 'list', 'show', 'search', 'check', 'debug', 'help']),
+  pip3: new Set(['--version', '-V', 'list', 'show', 'search', 'check', 'debug', 'help'])
+};
+
+/* ── 高风险 pattern ────────────────────────────────────────────── */
+const HIGH_RISK_PATTERNS = [
+  /\binstall\b/i,
+  /\bpublish\b/i,
+  /\bpush\b/i,
+  /\bcommit\b/i,
+  /\brebase\b/i,
+  /\breset\s/i,
+  /\bcheckout\s+--/i,
+  /\brm\b/i,
+  /\bdel\b/i,
+  /\bmkdi[ri]\b/i,
+  /\btouch\b/i,
+  /\bcp\b/i,
+  /\bmv\b/i,
+  /\bchmod\b/i,
+  /\bchown\b/i,
+  /\bmktemp\b/i,
+  /\btee\b/i,
+  /\bsudo\b/i,
+  /\bsu\b/,
+  /\bkill\b/i,
+  /\bpkill\b/i,
+  /\bcurl\s+.*-[A-Z]\s*(POST|PUT|DELETE|PATCH)/i,
+  /\bwget\b/i,
+  /\bdocker\s+(rm|stop|kill|rmi)\b/i,
+  /\bsystemctl\b/i,
+  /\bservice\b/i,
+  /\blaunchctl\b/i,
+  />\s*\S/,
+  />>\s*\S/,
+  /\|&\s*\S/
+];
+
+/* ── 核心分类逻辑 ──────────────────────────────────────────────── */
+
+/**
+ * 判断单个 token 是否为只读命令（含子命令检查）。
+ */
+function isReadOnlyToken(token, rawSegment) {
+  if (!READ_ONLY_TOKENS.has(token)) return false;
+
+  /* 需要 子命令 校验的 token */
+  const allowedSubs = READ_ONLY_SUBCOMMANDS[token];
+  if (!allowedSubs) return true; // 如 ls, pwd 等本身只读
+
+  /* 提取子命令：去掉 token 后第一个非 flag 参数 */
+  const rest = String(rawSegment || '').trim().slice(token.length).trim();
+  const parts = rest.split(/\s+/).filter(Boolean);
+  /* 以 - 开头的 flag 视为安全，取第一个非 flag 参数 */
+  let subcmd = '';
+  for (const part of parts) {
+    if (part.startsWith('-')) continue;
+    subcmd = part;
+    break;
+  }
+  /* 只有 token 本身或全部是 flags → 视为安全 */
+  if (!subcmd) return true;
+  if (allowedSubs.has(subcmd)) return true;
+  /* 子命令 不在白名单 → 不确定 */
+  return false;
+}
+
+/**
+ * 对命令文本做快速 高风险 pattern 扫描。
+ */
+function matchesHighRiskPattern(text) {
+  return HIGH_RISK_PATTERNS.some((p) => p.test(text));
+}
+
+/**
+ * 分类命令风险等级。
+ * @param {string} command
+ * @param {string} [shellName='bash']
+ * @returns {'read-only'|'write-high-risk'|'ambiguous'}
+ */
+export function classifyCommandRisk(command, shellName = 'bash') {
+  const cmd = String(command || '').trim();
+  if (!cmd) return 'read-only';
+
+  /* 高风险 pattern 优先判断 */
+  if (matchesHighRiskPattern(cmd)) return 'write-high-risk';
+
+  /* 解析链式命令的每个 segment */
+  const tokens = collectCommandTokens(cmd);
+  if (tokens.length === 0) return 'ambiguous';
+
+  let highestRisk = 'read-only';
+  const RISK_ORDER = { 'read-only': 0, ambiguous: 1, 'write-high-risk': 2 };
+
+  for (const { token, raw } of tokens) {
+    if (isReadOnlyToken(token, raw)) {
+      /* 保持当前级别 */
+    } else {
+      /* 不在只读集合 → 至少 ambiguous */
+      const segRisk = matchesHighRiskPattern(raw) ? 'write-high-risk' : 'ambiguous';
+      if (RISK_ORDER[segRisk] > RISK_ORDER[highestRisk]) {
+        highestRisk = segRisk;
+      }
+    }
+  }
+
+  return highestRisk;
+}
+
+/**
+ * 是否需要进入审批评估流程。
+ * 只读命令跳过，其余都需要。
+ */
+export function requiresApprovalEvaluation(command, shellName = 'bash') {
+  return classifyCommandRisk(command, shellName) !== 'read-only';
+}

package/src/core/constants.js

@@ -18,7 +18,6 @@ export const INDEX_SKIP_DIRS = new Set([
   '.git',
   'node_modules',
   '.codemini',
-  '.codemini-project',
   '.codemini-global',
   'dist',
   'coverage',

package/src/core/default-system-prompt.js

@@ -45,9 +45,16 @@ User: add a notes file
 Assistant: create the file directly
 Tool: write({"file":"${cwd}/notes.txt","text":"todo\\n"})
 
-6. Capture a high-signal observation during work
-When you notice a reusable pattern, a user correction, a repeated failure, or a stable preference — capture it to the dream loop inbox for later consolidation.
-Tool: capture_memory({"summary":"User prefers tab size 2 for all JSON files","scope":"global","type":"preference"})
+6. Save a high-signal observation to memory
+When you notice a reusable pattern, a user correction, a repeated failure, or a stable preference — save it to persistent memory. Choose scope carefully:
+- scope "user" for personal preferences (language, reply style, interaction habits)
+- scope "global" for cross-project lessons (environment quirks, general tool workflows)
+- scope "project" for project-specific knowledge (architecture conventions, local config, test commands, file locations)
+
+Examples:
+Tool: save_memory({"content":"User prefers tab size 2 for all JSON files","scope":"user","kind":"preference"})
+Tool: save_memory({"content":"This project uses vitest, not jest — run tests with npx vitest run","scope":"project","kind":"pattern"})
+Tool: save_memory({"content":"WSL2 bash exec prefix does not support cd as a command","scope":"global","kind":"correction"})
 
 7. Run a dream loop consolidation pass
 When you want to review and consolidate inbox entries into long-term memory.

package/src/core/dream-consolidate.js

@@ -1,5 +1,6 @@
 import { listMemories, listInbox, archiveEntry, promoteMemory } from './memory-store.js';
 import { writeDreamAuditReport } from './dream-audit.js';
+import { evaluateInboxBatch } from './dream-evaluator.js';
 
 const LONGTERM_TYPES = new Set(['preference', 'pattern', 'win', 'decision']);
 const OPERATIONAL_TYPES = new Set(['correction', 'failure', 'gap', 'observation']);
@@ -8,14 +9,6 @@ function normalizeText(value) {
   return String(value || '').trim().toLowerCase();
 }
 
-function mapInboxScopeToMemoryScope(scope) {
-  const value = normalizeText(scope);
-  if (value === 'repo' || value === 'project') return 'project';
-  if (value === 'thread') return 'global';
-  if (value === 'user') return 'user';
-  return 'global';
-}
-
 function chooseLifecycle(type) {
   const value = normalizeText(type);
   if (LONGTERM_TYPES.has(value)) return 'longterm';
@@ -55,7 +48,10 @@ export async function runDreamConsolidation({
   const filesRead = ['memory/inbox/*', 'memory/global.json', 'memory/user.json', 'memory/project/*.json'];
   const filesChanged = [];
 
+  /* ── Phase 1: 规则预过滤（快速剔除明显垃圾） ─────────────────── */
+  const candidates = [];
   const seen = new Map();
+
   for (const entry of inbox) {
     const summaryKey = normalizeText(entry.summary);
     if (!summaryKey) {
@@ -78,14 +74,58 @@ export async function runDreamConsolidation({
       continue;
     }
 
-    const lifecycle = chooseLifecycle(entry.type);
-    const promoteScope = mapInboxScopeToMemoryScope(entry.scope);
+    candidates.push(entry);
+  }
+
+  if (candidates.length === 0) {
+    const report = { timestamp: new Date().toISOString(), filesRead, filesChanged: [], candidatesGenerated: inbox.length, promotions, rejections, archives };
+    if (!dryRun && writeAudit) {
+      const reportPath = await writeDreamAuditReport(report);
+      report.auditReport = reportPath;
+    }
+    return { ok: true, dryRun, ...report };
+  }
+
+  /* ── Phase 2: LLM 批量评估（质量门控 + scope 分类 + 内容提炼） ── */
+  const llmResults = dryRun
+    ? candidates.map((e) => ({ id: e.id, action: 'keep', scope: 'global', kind: e.type || 'observation', content: e.details || e.summary, summary: e.summary, confidence: 0.9 }))
+    : await evaluateInboxBatch({ entries: candidates, config, workspaceRoot });
+
+  const resultMap = new Map(llmResults.map((r) => [r.id, r]));
+
+  /* ── Phase 3: 按评估结果 promote 或 archive ─────────────────── */
+  for (const entry of candidates) {
+    const evaluation = resultMap.get(entry.id);
+
+    if (!evaluation || evaluation.action === 'discard') {
+      const reason = evaluation?.reason || 'LLM discarded';
+      if (!dryRun) await archiveEntry(entry, 'discarded-by-evaluator', reason);
+      rejections.push({ summary: entry.summary, reason: `evaluator-discard: ${reason}` });
+      continue;
+    }
+
+    const promoteScope = evaluation.scope || 'global';
+    const lifecycle = chooseLifecycle(evaluation.kind);
+    const enrichedEntry = {
+      ...entry,
+      /* 用 LLM 提炼后的内容覆盖原始报错 */
+      summary: evaluation.summary || entry.summary,
+      details: evaluation.content || entry.details || entry.summary,
+      type: evaluation.kind || entry.type || 'observation'
+    };
 
     if (!dryRun) {
       try {
-        await promoteMemory({ entry, scope: promoteScope, lifecycle, workspaceRoot, config });
-        filesChanged.push({ file: `memory/${promoteScope}.json`, why: `Promoted "${entry.summary}" as ${lifecycle}` });
-        promotions.push({ summary: entry.summary, scope: promoteScope, lifecycle, rationale: entry.type });
+        await promoteMemory({
+          entry: enrichedEntry,
+          scope: promoteScope,
+          lifecycle,
+          workspaceRoot,
+          config,
+          confidence: evaluation.confidence || 0.8
+        });
+        filesChanged.push({ file: `memory/${promoteScope}.json`, why: `Promoted "${enrichedEntry.summary}" as ${lifecycle} (${promoteScope})` });
+        promotions.push({ summary: enrichedEntry.summary, scope: promoteScope, lifecycle, rationale: evaluation.kind, confidence: evaluation.confidence });
       } catch (error) {
         const reason = String(error?.message || error || 'promotion failed').slice(0, 180);
         await archiveEntry(entry, 'promotion-failed', reason);
@@ -95,7 +135,7 @@ export async function runDreamConsolidation({
       continue;
     }
 
-    promotions.push({ summary: entry.summary, scope: promoteScope, lifecycle, rationale: entry.type, dryRun: true });
+    promotions.push({ summary: enrichedEntry.summary, scope: promoteScope, lifecycle, rationale: evaluation.kind, confidence: evaluation.confidence, dryRun: true });
   }
 
   const report = {

package/src/core/dream-evaluator.js

@@ -0,0 +1,99 @@
+import { createChatCompletion } from './provider/index.js';
+
+const EVAL_TIMEOUT_MS = 30000;
+
+const SYSTEM_PROMPT = `You are a memory consolidation evaluator for a coding assistant. You receive a batch of inbox items (tool errors, observations, etc.) and decide for each one:
+
+1. **keep or discard** — Does this contain a reusable, durable insight? Discard transient errors, one-off issues, and noise.
+2. **scope** — "global" for cross-project knowledge (e.g., "WSL bash exec does not support cd"), "project" for project-specific context (e.g., "this project uses vitest for testing").
+3. **kind** — One of: pattern, observation, correction, decision, failure
+4. **content** — A refined, actionable sentence describing the insight. NOT the raw error text.
+5. **summary** — A short label (under 80 chars) for quick scanning.
+6. **confidence** — 0.5–1.0 based on how certain and durable the insight is.
+
+Respond with valid JSON only, no markdown fences:
+{"results":[{"id":"<inbox-id>","action":"keep","scope":"global|project","kind":"pattern|observation|correction|decision|failure","content":"...","summary":"...","confidence":0.8},{"id":"<inbox-id>","action":"discard","reason":"..."}]}
+
+Rules:
+- Raw tool error messages are NOT insights by themselves. Only keep if they reveal a reusable lesson.
+- "exit 127", "command not found", "permission denied", "blocked by policy" → always discard (transient/config issues)
+- A repeated pattern across multiple errors → keep as a "pattern" or "correction"
+- Project-specific paths, file names, or commands → scope "project"
+- General coding/environment knowledge → scope "global"
+- If in doubt, discard. Memory is expensive; only promote what future sessions will genuinely benefit from.`;
+
+function parseResults(text) {
+  try {
+    const json = JSON.parse(text);
+    if (!json?.results || !Array.isArray(json.results)) return [];
+    return json.results.map((r) => ({
+      id: String(r.id || ''),
+      action: r.action === 'keep' ? 'keep' : 'discard',
+      scope: r.scope === 'project' ? 'project' : 'global',
+      kind: ['pattern', 'observation', 'correction', 'decision', 'failure'].includes(r.kind) ? r.kind : 'observation',
+      content: String(r.content || '').slice(0, 300),
+      summary: String(r.summary || '').slice(0, 120),
+      confidence: Math.min(1, Math.max(0.5, Number(r.confidence) || 0.7)),
+      reason: String(r.reason || '')
+    }));
+  } catch {
+    return [];
+  }
+}
+
+/**
+ * 用 LLM 批量评估 inbox 条目，决定保留/丢弃、scope、内容提炼。
+ * @param {{ entries: Array, config: object, workspaceRoot?: string }} params
+ * @returns {Promise<Array<{ id, action, scope?, kind?, content?, summary?, confidence?, reason? }>>}
+ */
+export async function evaluateInboxBatch({ entries, config, workspaceRoot }) {
+  if (!entries || entries.length === 0) return [];
+
+  const batch = entries.map((e) => ({
+    id: e.id,
+    type: e.type || '',
+    source: e.source || '',
+    summary: (e.summary || '').slice(0, 150),
+    details: (e.details || '').slice(0, 400)
+  }));
+
+  try {
+    const result = await createChatCompletion({
+      sdkProvider: config?.sdk?.provider,
+      baseUrl: config?.gateway?.base_url,
+      apiKey: config?.gateway?.api_key,
+      model: config?.model?.name,
+      messages: [
+        { role: 'system', content: SYSTEM_PROMPT },
+        {
+          role: 'user',
+          content: `Evaluate these ${batch.length} inbox items. Workspace: ${workspaceRoot || process.cwd()}\n\n${JSON.stringify(batch, null, 2)}`
+        }
+      ],
+      temperature: 0,
+      timeoutMs: EVAL_TIMEOUT_MS
+    });
+
+    const text = result?.text || '';
+    const parsed = parseResults(text);
+    /* 确保每个 entry 都有结果，LLM 没返回的一律 discard */
+    const covered = new Set(parsed.map((r) => r.id));
+    for (const entry of entries) {
+      if (!covered.has(entry.id)) {
+        parsed.push({
+          id: entry.id,
+          action: 'discard',
+          reason: 'LLM did not return a result for this entry'
+        });
+      }
+    }
+    return parsed;
+  } catch {
+    /* LLM 调用失败 → 全部 discard（fail-safe） */
+    return entries.map((e) => ({
+      id: e.id,
+      action: 'discard',
+      reason: 'LLM evaluation failed'
+    }));
+  }
+}

package/src/core/fff-adapter.js

@@ -111,7 +111,7 @@ class FffMcpClient {
       capabilities: {},
       clientInfo: {
         name: 'codemini-cli',
-        version: '0.3.9'
+        version: '0.4.0'
       }
     });
     this.sendNotification('notifications/initialized', {});

package/src/core/memory-store.js

@@ -375,7 +375,8 @@ export async function promoteMemory({
   lifecycle = 'operational',
   workspaceRoot = process.cwd(),
   projectAlias = '',
-  config = {}
+  config = {},
+  confidence = 0.9
 } = {}) {
   if (!entry?.summary) throw new Error('Entry with summary is required for promotion');
   const lc = validateLifecycle(lifecycle);
@@ -386,7 +387,7 @@ export async function promoteMemory({
     kind: entry.type || 'note',
     summary: normalizeMemoryText(entry.summary),
     source: `dream-promote:${entry.id}`,
-    confidence: 0.9,
+    confidence: Math.min(1, Math.max(0.5, confidence)),
     replaceSimilar: true,
     workspaceRoot,
     projectAlias,

package/src/core/paths.js

@@ -3,7 +3,7 @@ import path from 'node:path';
 
 const GLOBAL_APP_DIR = 'codemini-global';
 const PROJECT_APP_DIR = '.codemini';
-const PROJECT_INDEX_DIR = '.codemini-project';
+const PROJECT_INDEX_DIR = '.codemini';
 
 export function getBaseConfigDir() {
   if (process.env.CODEMINI_GLOBAL_DIR) {

package/src/core/project-index.js

@@ -387,7 +387,7 @@ export async function initializeProjectIndex(cwd = process.cwd()) {
       projectRoot: targetRoot,
       projectMap,
       fileIndex,
-      summary: `initialized ${path.basename(targetRoot) || '.'}/.codemini-project (${Array.isArray(fileIndex?.files) ? fileIndex.files.length : 0} files)`
+      summary: `initialized ${path.basename(targetRoot) || '.'}/.codemini (${Array.isArray(fileIndex?.files) ? fileIndex.files.length : 0} files)`
     };
   })();
   initCache.set(cacheKey, promise);
@@ -447,7 +447,7 @@ export async function refreshIndexedFile(cwd = process.cwd(), relativePath = '')
     path: projectRelativePath,
     projectRoot,
     action,
-    summary: `${action} ${path.basename(projectRoot) || '.'}/.codemini-project for ${projectRelativePath}`
+    summary: `${action} ${path.basename(projectRoot) || '.'}/.codemini for ${projectRelativePath}`
   };
 }
 

package/src/core/shell-profile.js

@@ -23,8 +23,10 @@ const SHELL_PROFILES = {
       'npm',
       'npx',
       'python',
+      'python3',
       'py',
       'pip',
+      'pip3',
       'get-childitem',
       'get-content',
       'select-string',
@@ -70,7 +72,9 @@ const SHELL_PROFILES = {
       'npm',
       'npx',
       'python',
+      'python3',
       'pip',
+      'pip3',
       'ls',
       'cat',
       'sed',
@@ -164,7 +168,7 @@ Some tools are loaded on demand through tool_search. Common examples:
 - glob for pattern-based file lookup
 - ast_query and read_ast_node for advanced AST-scoped reads and edits
 - list_background_tasks, get_background_task, and stop_background_task for managing long-running background commands
-- remember_user, remember_global, remember_project, list_memory, search_memory, and forget_memory for persistent memory operations
+- save_memory, list_memory, search_memory, and forget_memory for persistent memory operations
 
 For structural code edits (functions, classes, methods), prefer AST-scoped reads before editing:
 - Common one-shot workflow: read(path, query=..., capture_name=...) → edit with symbol or ast_target

package/src/core/tool-output.js

@@ -0,0 +1,184 @@
+import cliTruncate from 'cli-truncate';
+import stripAnsi from 'strip-ansi';
+import { classifyCommandIntent } from './shell.js';
+
+const CONTROL_CHARS_RE = /[\u0000-\u0008\u000B-\u001F\u007F]/g;
+
+export function sanitizeTextForModel(
+  value,
+  {
+    maxChars = 0,
+    maxLineLength = 220,
+    maxConsecutiveBlankLines = 1
+  } = {}
+) {
+  if (value == null) return '';
+
+  const lines = String(value)
+    .replace(/\r\n?/g, '\n')
+    .split('\n');
+  const output = [];
+  let blankRun = 0;
+
+  for (const rawLine of lines) {
+    const line = stripAnsi(rawLine).replace(CONTROL_CHARS_RE, '').replace(/[ \t]+$/g, '');
+    if (!line.trim()) {
+      blankRun += 1;
+      if (blankRun > maxConsecutiveBlankLines) continue;
+      output.push('');
+      continue;
+    }
+
+    blankRun = 0;
+    output.push(
+      maxLineLength > 0
+        ? cliTruncate(line, maxLineLength, { position: 'end' })
+        : line
+    );
+  }
+
+  let sanitized = output.join('\n').trimEnd();
+  if (maxChars > 0 && sanitized.length > maxChars) {
+    sanitized = `${sanitized.slice(0, maxChars)}\n... [sanitized output truncated ${sanitized.length - maxChars} chars]`;
+  }
+  return sanitized;
+}
+
+export function getToolOutputSanitizeOptions(toolName) {
+  const name = String(toolName || '').trim();
+  if (name === 'read' || name === 'read_ast_node' || name === 'run' || name === 'web_fetch') {
+    return {
+      maxLineLength: 0
+    };
+  }
+  return {};
+}
+
+export function sanitizePreviewLines(value, { maxLineLength = 220 } = {}) {
+  const sanitized = sanitizeTextForModel(value, {
+    maxLineLength,
+    maxConsecutiveBlankLines: 0
+  });
+  if (!sanitized) return [];
+  return sanitized
+    .split('\n')
+    .map((line) => line.trim())
+    .filter(Boolean);
+}
+
+function summarizeGitStatusPorcelain(stdout) {
+  const modified = [];
+  const added = [];
+  const deleted = [];
+  const untracked = [];
+
+  for (const line of String(stdout || '').split('\n')) {
+    const trimmed = line.trimEnd();
+    if (!trimmed) continue;
+    const status = trimmed.slice(0, 2);
+    const file = trimmed.slice(3).trim();
+    if (!file) continue;
+    if (status === '??') {
+      untracked.push(file);
+      continue;
+    }
+    if (status.includes('A')) added.push(file);
+    else if (status.includes('D')) deleted.push(file);
+    else modified.push(file);
+  }
+
+  const total = modified.length + added.length + deleted.length + untracked.length;
+  if (total === 0) return '';
+  const lines = [`[git status: ${total} file(s)]`];
+  if (modified.length) lines.push(`modified: ${modified.join(', ')}`);
+  if (added.length) lines.push(`added: ${added.join(', ')}`);
+  if (deleted.length) lines.push(`deleted: ${deleted.join(', ')}`);
+  if (untracked.length) lines.push(`untracked: ${untracked.join(', ')}`);
+  return lines.join('\n');
+}
+
+function summarizeTestFailure(command, code, stdout, stderr) {
+  if (classifyCommandIntent(command).kind !== 'test') {
+    return '';
+  }
+  if (Number(code ?? 0) === 0) return '';
+
+  const lines = sanitizePreviewLines([stdout, stderr].filter(Boolean).join('\n'), { maxLineLength: 220 });
+  const kept = [];
+
+  for (const line of lines) {
+    if (
+      /^FAIL\b/.test(line) ||
+      /^Test Suites:/.test(line) ||
+      /^Tests:/.test(line) ||
+      /AssertionError|Error:|Expected|expected .* to /i.test(line) ||
+      /^\s*at\b/.test(line) ||
+      /:\d+:\d+\)?$/.test(line)
+    ) {
+      kept.push(line);
+    }
+  }
+
+  if (kept.length === 0) return '';
+  return [`[test failure: exit ${code ?? 1}]`, ...kept.slice(0, 8)].join('\n');
+}
+
+function summarizeInstallOutput(command, code, stdout) {
+  if (classifyCommandIntent(command).kind !== 'install') return '';
+
+  const lines = sanitizePreviewLines(stdout, { maxLineLength: 220 });
+  const kept = [];
+  for (const line of lines) {
+    if (
+      /\b(?:added|removed|changed|audited) \d+ package/i.test(line) ||
+      /\bvulnerabilit(?:y|ies)\b/i.test(line) ||
+      /looking for funding/i.test(line)
+    ) {
+      kept.push(line);
+    }
+  }
+  if (kept.length === 0) return '';
+  return [`[install summary: exit ${code ?? 0}]`, ...kept.slice(0, 6)].join('\n');
+}
+
+function summarizeBuildOutput(command, code, stdout, stderr) {
+  if (classifyCommandIntent(command).kind !== 'build') return '';
+  if (Number(code ?? 0) === 0) return '';
+
+  const lines = sanitizePreviewLines([stdout, stderr].filter(Boolean).join('\n'), { maxLineLength: 220 });
+  const kept = [];
+  for (const line of lines) {
+    if (
+      /\berror\b/i.test(line) ||
+      /Build failed/i.test(line) ||
+      /failed with/i.test(line)
+    ) {
+      kept.push(line);
+    }
+  }
+  if (kept.length === 0) return '';
+  return [`[build failure: exit ${code ?? 1}]`, ...kept.slice(0, 8)].join('\n');
+}
+
+export function summarizeRunOutput(result) {
+  const command = String(result?.command || '').trim();
+  const stdout = String(result?.stdout || '');
+  const stderr = String(result?.stderr || '');
+  const code = result?.code ?? 0;
+
+  if (/^git\s+status\b.*(?:--short|-s)\b/i.test(command)) {
+    const gitSummary = summarizeGitStatusPorcelain(stdout);
+    if (gitSummary) return gitSummary;
+  }
+
+  const installSummary = summarizeInstallOutput(command, code, stdout);
+  if (installSummary) return installSummary;
+
+  const buildSummary = summarizeBuildOutput(command, code, stdout, stderr);
+  if (buildSummary) return buildSummary;
+
+  const testSummary = summarizeTestFailure(command, code, stdout, stderr);
+  if (testSummary) return testSummary;
+
+  return '';
+}