create-quiver 0.12.1 → 0.13.0

package/src/create-quiver/index.js

@@ -39,9 +39,14 @@ const { runFlow } = require('./commands/flow');
 const { runGraph } = require('./commands/graph');
 const { runNext } = require('./commands/next');
 const { runPlan } = require('./commands/plan');
-const { runCreateSpec } = require('./commands/spec');
+const { runCreateSpec, runValidateSpec } = require('./commands/spec');
 const { buildInitLayout, formatInitLayoutPlan } = require('./lib/init-layout');
-const { initializeProjectDocs, installSelfAsDevDep, refreshAiContextDoc } = require('./lib/init-docs');
+const {
+  formatInstallSelfCommand,
+  initializeProjectDocs,
+  installSelfAsDevDep,
+  refreshAiContextDoc,
+} = require('./lib/init-docs');
 const { checkPrReadiness, checkScope, checkSliceReadiness } = require('./lib/readiness');
 const { cleanupSlice, refreshActiveSlicesBoard, startSlice } = require('./lib/lifecycle');
 const { buildSpecStatus, closeSpecWorktree, formatSpecCloseResult, formatSpecStartResult, formatSpecStatus, startSpecWorktree } = require('./lib/spec-worktrees');
@@ -119,7 +124,7 @@ const SUPPORTED_AI_COMMANDS = new Set([
   'trace',
 ]);
 
-const SUPPORTED_SPEC_COMMANDS = new Set(['close', 'create', 'start', 'status']);
+const SUPPORTED_SPEC_COMMANDS = new Set(['close', 'create', 'start', 'status', 'validate']);
 const SUPPORTED_DEMO_COMMANDS = new Set(['create']);
 
 function unsupportedCommandMessage(commandName) {
@@ -159,7 +164,7 @@ const COMMAND_HELP_GROUPS = [
       ['ai resume', 'Resume guidance from the last valid lifecycle phase without chat memory.'],
       ['ai onboard', 'Run or print the planner onboarding prompt with a token-aware context pack.'],
       ['ai prepare-context', 'Preview or write docs-only AI context updates with assumptions and risks.'],
-      ['ai agent set|list|show', 'Manage planner, executor, reviewer, and doctor provider profiles without secrets.'],
+      ['ai agent set|list|show', 'Manage planner, executor, reviewer, and doctor provider profiles without secrets; use set --dry-run to preview.'],
       ['ai plan', 'Generate versioned planner drafts for acceptance criteria, technical plan, or spec phase.'],
       ['ai revise', 'Create a new planner draft from human feedback without approving it.'],
       ['ai review-plan', 'Review the technical-plan draft for production readiness before approval.'],
@@ -188,6 +193,7 @@ const COMMAND_HELP_GROUPS = [
       ['spec create', 'Create the real spec tree from a reviewed approved technical plan.'],
       ['spec start', 'Create or reuse the dedicated worktree and branch for one spec.'],
       ['spec status', 'Show spec worktree, branch, slice-00 state, and pending slices.'],
+      ['spec validate', 'Validate spec docs, slices, briefs, evidence, status, dependencies, and safe paths.'],
       ['spec close', 'Close a merged clean spec worktree and guide local sync.'],
       ['start-slice', 'Start work on one slice and mark it active.'],
       ['check-slice', 'Validate slice structure, dependencies, scope, and readiness.'],
@@ -263,6 +269,7 @@ function printUsage() {
   npx create-quiver spec create [options]
   npx create-quiver spec start <spec-dir>
   npx create-quiver spec status <spec-dir>
+  npx create-quiver spec validate <spec-dir>
   npx create-quiver spec close <spec-dir>
   npx create-quiver evidence run [options] -- <command>
   npx create-quiver demo create spec-viewer [options]
@@ -282,12 +289,13 @@ Options:
       --all-ready             List every ready slice returned by next
       --auto-start            Prompt for confirmation and run start-slice on next
       --local                 For check-slice, run structural validation without remote/base checks
+      --strict                Treat supported validation warnings as failures
       --unicode               Prefer Unicode output when supported
       --minimal               Plan or run the minimal init profile
       --full                  Plan or run the full compatibility init profile
       --legacy-scripts        Include legacy Bash wrappers in init profile
       --include-templates     Export packaged templates in init profile
-      --dry-run               Preview init, migrate, prepare, spec create/start/close, demo, or AI work without executing writes/providers
+      --dry-run               Preview init, analyze, migrate, prepare, spec create/start/close, demo, ai agent set, or AI work without executing writes/providers
       --print-prompt          Print the exact AI prompt and exit without executing provider CLIs
       --fix                   For doctor, apply safe non-destructive repairs
       --execute               For ai execute-plan, run the planned slices instead of printing commands
@@ -302,7 +310,7 @@ Options:
       --ssh-host-alias <name> SSH host alias to validate for prepare or AI commands
       --identity-file <path>  SSH identity file to validate for prepare or AI commands
       --remote <name>         Git remote name for check-slice or AI PR checks
-      --base <branch>         Base branch for check-slice, ai pr, or spec close (default: main)
+      --base <branch>         Base branch for check-slice, check-scope, ai pr, or spec close (default: main)
       --output <file>         Output file for evidence run
       --max-output <n>        Maximum stdout/stderr chars per evidence section
       --title <text>          Override PR title for ai pr create
@@ -330,6 +338,7 @@ Examples:
   cd ./my-project && npx create-quiver ai specs list
   cd ./my-project && npx create-quiver ai slices list --json
   cd ./my-project && npx create-quiver ai trace report
+  cd ./my-project && npx create-quiver ai agent set planner --provider codex --model gpt-5.5 --dry-run
   cd ./my-project && npx create-quiver ai agent set planner --provider codex --model gpt-5.5
   cd ./my-project && npx create-quiver ai agent list
   cd ./my-project && npx create-quiver ai plan --phase acceptance --input requirements.md --dry-run
@@ -368,6 +377,7 @@ Examples:
   cd ./my-project && npx create-quiver refresh-active-slices
   cd ./my-project && npx create-quiver spec start specs/my-project
   cd ./my-project && npx create-quiver spec status specs/my-project
+  cd ./my-project && npx create-quiver spec validate specs/my-project
   cd ./my-project && npx create-quiver spec close specs/my-project --dry-run
   cd ./my-project && npx create-quiver evidence run -- npm test
   cd ./my-project && npx create-quiver demo create spec-viewer --dry-run
@@ -951,7 +961,7 @@ function parseArgs(argv) {
       result.specCommand = positional.shift();
     }
     if (!result.specCommand) {
-      throw new Error(formatError('missing spec subcommand. Use: npx create-quiver spec <create|start|status|close>'));
+      throw new Error(formatError('missing spec subcommand. Use: npx create-quiver spec <create|start|status|validate|close>'));
     }
     if (result.specCommand !== 'create' && positional.length > 0) {
       result.targetDir = positional.shift();
@@ -1574,8 +1584,8 @@ function detectFrameworks(projectRoot, files, rootEntries, packageJson) {
     },
     {
       name: 'vue',
-      matches: () => dependencies.has('vue') || rootFileSet.has('vue.config.js') || rootFileSet.has('vite.config.js') || rootFileSet.has('vite.config.ts'),
-      signals: ['vue', 'vue.config.*', 'vite.config.*'],
+      matches: () => dependencies.has('vue') || rootFileSet.has('vue.config.js'),
+      signals: ['vue', 'vue.config.*'],
     },
     {
       name: 'react',
@@ -1998,7 +2008,7 @@ function writeProjectScanArtifacts(projectRoot, scan) {
   return { jsonPath, mdPath: scanPaths.projectMapPath };
 }
 
-function runAnalyze(targetDir) {
+function runAnalyze(targetDir, options = {}) {
   const projectRoot = resolveTargetRoot(process.cwd(), targetDir);
 
   if (!fs.existsSync(projectRoot)) {
@@ -2006,6 +2016,26 @@ function runAnalyze(targetDir) {
   }
 
   const scan = buildProjectScan(projectRoot);
+
+  if (options.dryRun) {
+    console.log(`Project analysis dry-run for ${projectRoot}`);
+    console.log('Writes: none');
+    console.log(`Would write ${CURRENT_SCAN_RELATIVE_PATH}`);
+    console.log(`Would write ${PROJECT_MAP_RELATIVE_PATH}`);
+    console.log('Would refresh docs/AI_CONTEXT.md');
+    console.log(`Detected primary stack: ${scan.stack.primary}`);
+    console.log(`Detected frameworks: ${scan.stack.frameworks.length > 0 ? scan.stack.frameworks.join(', ') : 'none detected'}`);
+    console.log(`Detected package manager: ${scan.project.package_manager}`);
+    return {
+      artifacts: {
+        jsonPath: path.join(projectRoot, CURRENT_SCAN_RELATIVE_PATH),
+        mdPath: path.join(projectRoot, PROJECT_MAP_RELATIVE_PATH),
+      },
+      dryRun: true,
+      scan,
+    };
+  }
+
   const artifacts = writeProjectScanArtifacts(projectRoot, scan);
   const aiContextPath = refreshAiContextDoc(projectRoot, scan);
   updateStateForAnalyze(projectRoot, CLI_VERSION);
@@ -2016,6 +2046,13 @@ function runAnalyze(targetDir) {
   console.log(`Wrote ${relativePosixPath(projectRoot, aiContextPath)}`);
   console.log(`Detected primary stack: ${scan.stack.primary}`);
   console.log(`Detected package manager: ${scan.project.package_manager}`);
+
+  return {
+    artifacts,
+    aiContextPath,
+    dryRun: false,
+    scan,
+  };
 }
 
 function runMigrate(targetDir, options = {}) {
@@ -2079,7 +2116,7 @@ function runMigrate(targetDir, options = {}) {
       if (installResult === 'installed') {
         console.log(`Added create-quiver@${CLI_VERSION} as dev dependency`);
       } else if (installResult === 'failed') {
-        console.warn(`Warning: could not install create-quiver automatically. Run: npm install -D create-quiver@${CLI_VERSION}`);
+        console.warn(`Warning: could not install create-quiver automatically. Run: ${formatInstallSelfCommand(projectRoot, CLI_VERSION)}`);
       }
     }
 
@@ -2117,6 +2154,11 @@ function runDoctor(targetDir, options = {}) {
 
   const doctorReport = collectDoctorReport(projectRoot);
   const specSlugs = doctorReport.specSlugs;
+  const doctorExampleTarget = doctorReport.exampleTarget || {
+    sliceId: '<slice-id>',
+    source: 'generic',
+    specSlug: '<spec-slug>',
+  };
   const specRequiredFiles = specSlugs.flatMap((projectSlug) => [
     `specs/${projectSlug}/SPEC.md`,
     `specs/${projectSlug}/STATUS.md`,
@@ -2237,16 +2279,22 @@ function runDoctor(targetDir, options = {}) {
   if (!hasQuiverState) {
     console.log('- Run migration first: npx create-quiver migrate');
   } else if (!hasScanArtifacts) {
-  console.log('- Analyze the project first: npx create-quiver analyze');
+    console.log('- Analyze the project first: npx create-quiver analyze');
   } else {
     console.log('- Ask your AI agent: Read AGENTS.md, then docs/AI_ONBOARDING_PROMPT.md and execute it.');
   }
   console.log('- Check the next ready slice: npx create-quiver next');
   if (specSlugs.length > 0) {
-    const projectSlug = specSlugs[0];
-    console.log(`- Start a slice: npx create-quiver start-slice specs/${projectSlug}/slices/<slice-id>/slice.json`);
-    console.log(`- Validate a slice: npx create-quiver check-slice specs/${projectSlug}/slices/<slice-id>/slice.json`);
-    console.log(`- Validate the PR gate: npx create-quiver check-pr specs/${projectSlug}/slices/<slice-id>/slice.json`);
+    const projectSlug = doctorExampleTarget.specSlug;
+    const sliceId = doctorExampleTarget.sliceId || '<slice-id>';
+    if (doctorExampleTarget.source === 'active-slice') {
+      console.log(`- Example target: ${projectSlug}/${sliceId} (${doctorExampleTarget.status})`);
+    } else if (doctorExampleTarget.source === 'generic-multiple-specs') {
+      console.log('- Example target: specs/<spec-slug>/slices/<slice-id>/slice.json (generic because no active slice is obvious)');
+    }
+    console.log(`- Start a slice: npx create-quiver start-slice specs/${projectSlug}/slices/${sliceId}/slice.json`);
+    console.log(`- Validate a slice: npx create-quiver check-slice specs/${projectSlug}/slices/${sliceId}/slice.json`);
+    console.log(`- Validate the PR gate: npx create-quiver check-pr specs/${projectSlug}/slices/${sliceId}/slice.json`);
   } else {
     console.log('- Create real specs and slices only after acceptance criteria are approved and the technical plan is reviewed and approved.');
   }
@@ -2280,7 +2328,9 @@ async function run(argv) {
   }
 
   if (args.mode === 'analyze') {
-    runAnalyze(args.targetDir);
+    runAnalyze(args.targetDir, {
+      dryRun: args.dryRun,
+    });
     return;
   }
 
@@ -2387,6 +2437,7 @@ async function run(argv) {
         model: args.aiModel || undefined,
         provider: args.aiProviderExplicit ? args.aiProvider : undefined,
         role: args.aiAgentRole || undefined,
+        dryRun: args.dryRun,
       });
       return;
     }
@@ -2655,7 +2706,11 @@ async function run(argv) {
   }
 
   if (args.mode === 'check-scope') {
-    checkScope(args.targetDir, { strict: args.strict });
+    checkScope(args.targetDir, {
+      baseBranch: args.baseBranchExplicit ? args.aiBaseBranch : '',
+      remote: args.aiRemote,
+      strict: args.strict,
+    });
     return;
   }
 
@@ -2676,7 +2731,7 @@ async function run(argv) {
     }
 
     if (!args.targetDir || args.targetDir === '.') {
-      throw new Error(formatError('missing spec directory. Use: npx create-quiver spec <start|status|close> <spec-dir>'));
+      throw new Error(formatError('missing spec directory. Use: npx create-quiver spec <start|status|validate|close> <spec-dir>'));
     }
 
     if (args.specCommand === 'start') {
@@ -2693,6 +2748,13 @@ async function run(argv) {
       return;
     }
 
+    if (args.specCommand === 'validate') {
+      runValidateSpec(process.cwd(), args.targetDir, {
+        strict: args.strict,
+      });
+      return;
+    }
+
     if (args.specCommand === 'close') {
       const report = closeSpecWorktree(process.cwd(), args.targetDir, {
         baseBranch: args.aiBaseBranch,
@@ -2705,7 +2767,7 @@ async function run(argv) {
       return;
     }
 
-    throw new Error(formatError(`unsupported spec subcommand: ${args.specCommand}. Supported tasks: create, start, status, close`));
+    throw new Error(formatError(`unsupported spec subcommand: ${args.specCommand}. Supported tasks: create, start, status, validate, close`));
   }
 
   const packageRoot = path.resolve(__dirname, '../..');
@@ -2748,7 +2810,7 @@ async function run(argv) {
       if (installResult === 'installed') {
         console.log(`Added create-quiver@${CLI_VERSION} as dev dependency`);
       } else if (installResult === 'failed') {
-        console.warn(`Warning: could not install create-quiver automatically. Run: npm install -D create-quiver@${CLI_VERSION}`);
+        console.warn(`Warning: could not install create-quiver automatically. Run: ${formatInstallSelfCommand(targetDir, CLI_VERSION)}`);
       }
     }
 

package/src/create-quiver/lib/agent-profiles.js

@@ -95,6 +95,16 @@ function listAgentProfiles(projectRoot) {
 }
 
 function setAgentProfile(projectRoot, role, options = {}) {
+  const next = buildAgentProfileState(projectRoot, role, options);
+
+  const filePath = writeAgentProfiles(projectRoot, next.state);
+  return {
+    filePath,
+    profile: next.profile,
+  };
+}
+
+function buildAgentProfileState(projectRoot, role, options = {}) {
   const normalizedRole = normalizeAgentProfileRole(role);
   const provider = assertSupportedProvider(options.provider);
   const model = normalizeOptionalText(options.model, 'model');
@@ -102,7 +112,7 @@ function setAgentProfile(projectRoot, role, options = {}) {
   const context = normalizeOptionalText(options.context, 'context');
   const state = readAgentProfiles(projectRoot);
   const current = state.profiles[normalizedRole] || {};
-  const now = new Date().toISOString();
+  const now = options.now instanceof Date ? options.now.toISOString() : new Date().toISOString();
   const profile = {
     role: normalizedRole,
     provider,
@@ -119,10 +129,11 @@ function setAgentProfile(projectRoot, role, options = {}) {
   };
   state.updated_at = now;
 
-  const filePath = writeAgentProfiles(projectRoot, state);
   return {
-    filePath,
+    action: current.provider ? 'update' : 'create',
+    filePath: agentProfilesPath(projectRoot),
     profile,
+    state,
   };
 }
 
@@ -139,6 +150,7 @@ module.exports = {
   PROFILE_STATE_VERSION,
   agentProfilesPath,
   formatProviderList,
+  buildAgentProfileState,
   getAgentProfile,
   listAgentProfiles,
   normalizeAgentProfileRole,

package/src/create-quiver/lib/ai/artifacts.js

@@ -0,0 +1,318 @@
+const fs = require('node:fs');
+const os = require('node:os');
+const path = require('node:path');
+
+const { redactSecrets } = require('../evidence');
+const { quiverInternalPaths } = require('../init-layout');
+
+const RAW_ARTIFACT_SCHEMA_VERSION = 1;
+const DEFAULT_MAX_PROVIDER_PROMPT_BYTES = 1024 * 1024;
+const DEFAULT_MAX_REVISION_INPUT_BYTES = 400 * 1024;
+const DEFAULT_COMPACTED_REVISION_INPUT_BYTES = 120 * 1024;
+
+const IMPORTANT_REVISION_LINE = /\b(acceptance|criteri[ao]s?|decision|decisi[o\u00f3]n|risk|riesgo|file|archivo|changed|cambio|scope|alcance|validation|validaci[o\u00f3]n|test|blocker|bloque|dependency|dependencia|assumption|supuesto|pending|pendiente|error|rollback|evidence|evidencia)\b/i;
+const PROVIDER_LOG_LINE = /^\s*(?:\[?(?:debug|info|notice|trace|warn|warning)\]?[:\s-]|(?:codex|claude|gemini)\b.*(?:provider|model|prompt|token|running|loading|thinking)|(?:using|loading)\s+(?:model|provider)\b|prompt\s+(?:length|transport)\s*:)/i;
+
+function formatError(message) {
+  return `create-quiver: ${message}`;
+}
+
+function byteLength(value) {
+  return Buffer.byteLength(String(value || ''), 'utf8');
+}
+
+function normalizeText(value) {
+  return String(value || '')
+    .replace(/\r\n/g, '\n')
+    .replace(/\r/g, '\n')
+    .replace(/\u001b\[[0-9;]*m/g, '');
+}
+
+function escapeRegExp(value) {
+  return String(value).replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+function redactSensitiveLocalValues(text, options = {}) {
+  let result = redactSecrets(text);
+  const replacements = [];
+
+  if (options.projectRoot) {
+    replacements.push({
+      value: path.resolve(options.projectRoot),
+      label: '[PROJECT_ROOT]',
+    });
+  }
+
+  if (os.homedir()) {
+    replacements.push({
+      value: os.homedir(),
+      label: '[HOME]',
+    });
+  }
+
+  for (const replacement of replacements) {
+    if (!replacement.value) {
+      continue;
+    }
+    result = result.replace(new RegExp(escapeRegExp(replacement.value), 'g'), replacement.label);
+  }
+
+  return result;
+}
+
+function normalizePositiveInteger(value, fallback) {
+  if (value === undefined || value === null || value === '') {
+    return fallback;
+  }
+  const parsed = Number(value);
+  if (!Number.isFinite(parsed) || parsed <= 0) {
+    return fallback;
+  }
+  return Math.floor(parsed);
+}
+
+function resolveAiArtifactLimits(options = {}) {
+  return {
+    maxProviderPromptBytes: normalizePositiveInteger(
+      options.maxProviderPromptBytes ?? process.env.QUIVER_AI_MAX_PROMPT_BYTES,
+      DEFAULT_MAX_PROVIDER_PROMPT_BYTES,
+    ),
+    maxRevisionInputBytes: normalizePositiveInteger(
+      options.maxRevisionInputBytes ?? process.env.QUIVER_AI_MAX_REVISION_INPUT_BYTES,
+      DEFAULT_MAX_REVISION_INPUT_BYTES,
+    ),
+    compactedRevisionInputBytes: normalizePositiveInteger(
+      options.compactedRevisionInputBytes ?? process.env.QUIVER_AI_COMPACTED_REVISION_INPUT_BYTES,
+      DEFAULT_COMPACTED_REVISION_INPUT_BYTES,
+    ),
+  };
+}
+
+function stripPromptEcho(text, prompt) {
+  const normalizedText = normalizeText(text);
+  const normalizedPrompt = normalizeText(prompt).trim();
+
+  if (!normalizedPrompt || normalizedPrompt.length < 80) {
+    return normalizedText;
+  }
+
+  const directIndex = normalizedText.indexOf(normalizedPrompt);
+  if (directIndex >= 0) {
+    return `${normalizedText.slice(0, directIndex)}${normalizedText.slice(directIndex + normalizedPrompt.length)}`;
+  }
+
+  return normalizedText;
+}
+
+function stripProviderLogEdges(text) {
+  const lines = normalizeText(text).split('\n');
+
+  while (lines.length > 0 && (PROVIDER_LOG_LINE.test(lines[0]) || lines[0].trim() === '')) {
+    lines.shift();
+  }
+
+  while (lines.length > 0 && (PROVIDER_LOG_LINE.test(lines[lines.length - 1]) || lines[lines.length - 1].trim() === '')) {
+    lines.pop();
+  }
+
+  return lines.join('\n').trim();
+}
+
+function normalizeDraftOutput(text, sourceText = text) {
+  const value = normalizeText(text).trim();
+  if (!value) {
+    return '';
+  }
+  return /\n\s*$/.test(String(sourceText || '')) ? `${value}\n` : value;
+}
+
+function extractCleanProviderOutput(result, options = {}) {
+  const stdout = redactSensitiveLocalValues(result?.stdout || '', options);
+  const stderr = redactSensitiveLocalValues(result?.stderr || '', options);
+  const primary = stdout.trim() ? stdout : stderr;
+  const cleaned = stripProviderLogEdges(stripPromptEcho(primary, options.prompt || ''));
+  const cleanOutput = normalizeDraftOutput(cleaned, primary);
+
+  if (cleanOutput) {
+    return {
+      cleanOutput,
+      source: stdout.trim() ? 'stdout' : 'stderr',
+      strippedPromptEcho: primary !== stripPromptEcho(primary, options.prompt || ''),
+    };
+  }
+
+  return {
+    cleanOutput: normalizeDraftOutput(primary || [stdout, stderr].filter(Boolean).join('\n'), primary),
+    source: stdout.trim() ? 'stdout' : stderr.trim() ? 'stderr' : 'empty',
+    strippedPromptEcho: false,
+  };
+}
+
+function safeArtifactName(scope, now = new Date()) {
+  const slug = String(scope || 'provider-output')
+    .trim()
+    .toLowerCase()
+    .replace(/[^a-z0-9._-]+/g, '-')
+    .replace(/^-+|-+$/g, '') || 'provider-output';
+  const stamp = now.toISOString()
+    .replace(/\.\d{3}Z$/, 'z')
+    .replace(/[^0-9a-z]+/gi, '-')
+    .toLowerCase()
+    .replace(/^-+|-+$/g, '');
+  return `${stamp}-${slug}.json`;
+}
+
+function toRelativePosix(root, filePath) {
+  return path.relative(root, filePath).split(path.sep).join('/');
+}
+
+function writeRawProviderArtifact(projectRoot, runId, scope, result, options = {}) {
+  if (!runId) {
+    throw new Error(formatError('missing AI run id for raw provider artifact'));
+  }
+
+  const now = options.now || new Date();
+  const rawDir = path.join(quiverInternalPaths(projectRoot).runsDir, String(runId), 'raw');
+  const rawPath = path.join(rawDir, safeArtifactName(scope, now));
+  const serializedError = result?.error
+    ? {
+        code: result.error.code || null,
+        message: result.error.message || String(result.error),
+        provider: result.error.provider || null,
+        command: result.error.command || null,
+      }
+    : null;
+  const artifact = {
+    schema_version: RAW_ARTIFACT_SCHEMA_VERSION,
+    kind: 'provider-output',
+    scope: String(scope || 'provider-output'),
+    created_at: now.toISOString(),
+    provider: result?.provider || null,
+    command: result?.command || null,
+    args: Array.isArray(result?.args) ? result.args.slice() : [],
+    cwd: result?.cwd ? redactSensitiveLocalValues(result.cwd, { projectRoot }) : null,
+    ok: Boolean(result?.ok),
+    dry_run: Boolean(result?.dryRun),
+    exit_code: typeof result?.exitCode === 'number' ? result.exitCode : null,
+    signal: result?.signal || null,
+    timeout_ms: typeof result?.timeoutMs === 'number' ? result.timeoutMs : null,
+    prompt_transport: result?.promptTransport || null,
+    stdout: redactSensitiveLocalValues(result?.stdout || '', { projectRoot }),
+    stderr: redactSensitiveLocalValues(result?.stderr || '', { projectRoot }),
+    error: serializedError ? JSON.parse(redactSensitiveLocalValues(JSON.stringify(serializedError), { projectRoot })) : null,
+    metadata: options.metadata || {},
+  };
+
+  fs.mkdirSync(rawDir, { recursive: true });
+  fs.writeFileSync(rawPath, `${JSON.stringify(artifact, null, 2)}\n`);
+
+  return {
+    filePath: rawPath,
+    path: toRelativePosix(projectRoot, rawPath),
+    artifact,
+  };
+}
+
+function compactTextToByteLimit(text, maxBytes) {
+  let value = normalizeText(text).trim();
+  if (byteLength(value) <= maxBytes) {
+    return value;
+  }
+
+  while (byteLength(value) > maxBytes && value.length > 0) {
+    value = value.slice(0, Math.max(0, value.length - Math.ceil((byteLength(value) - maxBytes) / 2) - 32)).trimEnd();
+  }
+
+  return value;
+}
+
+function compactRevisionInput(inputText, options = {}) {
+  const limits = resolveAiArtifactLimits(options);
+  const originalText = normalizeText(inputText);
+  const originalBytes = byteLength(originalText);
+
+  if (originalBytes <= limits.maxRevisionInputBytes) {
+    return {
+      text: originalText,
+      compaction: null,
+    };
+  }
+
+  const lines = originalText.split('\n');
+  const selected = [];
+  const seen = new Set();
+  const addLine = (line) => {
+    const key = line;
+    if (seen.has(key)) {
+      return;
+    }
+    seen.add(key);
+    selected.push(line);
+  };
+
+  lines.slice(0, 24).forEach(addLine);
+  for (const line of lines) {
+    if (/^\s*#{1,6}\s+/.test(line) || IMPORTANT_REVISION_LINE.test(line)) {
+      addLine(line);
+    }
+  }
+  lines.slice(-24).forEach(addLine);
+
+  const preface = [
+    `[Quiver compacted oversized revise input from ${originalBytes} bytes before provider execution.]`,
+    '[Preserved headings and lines mentioning decisions, risks, files, acceptance criteria, validation, blockers, dependencies, assumptions, pending work, rollback, and evidence.]',
+    '',
+  ].join('\n');
+  const compacted = `${preface}${selected.join('\n')}`;
+  const targetBytes = Math.min(limits.compactedRevisionInputBytes, limits.maxRevisionInputBytes);
+  const finalText = compactTextToByteLimit(compacted, targetBytes);
+  const compactedBytes = byteLength(finalText);
+
+  if (compactedBytes > limits.maxRevisionInputBytes) {
+    const error = new Error(formatError(`ai revise input is too large after compaction (${compactedBytes} bytes; limit ${limits.maxRevisionInputBytes}). Reduce feedback size and retry.`));
+    error.code = 'AI_INPUT_TOO_LARGE';
+    throw error;
+  }
+
+  return {
+    text: `${finalText.trimEnd()}\n`,
+    compaction: {
+      compacted: true,
+      original_bytes: originalBytes,
+      compacted_bytes: compactedBytes,
+      max_revision_input_bytes: limits.maxRevisionInputBytes,
+      preserved: ['headings', 'decisions', 'risks', 'files', 'acceptance criteria', 'validation', 'blockers', 'dependencies', 'assumptions', 'rollback', 'evidence'],
+    },
+  };
+}
+
+function assertProviderPromptWithinLimit(prompt, options = {}) {
+  const limits = resolveAiArtifactLimits(options);
+  const promptBytes = byteLength(prompt);
+
+  if (promptBytes <= limits.maxProviderPromptBytes) {
+    return {
+      prompt,
+      bytes: promptBytes,
+      maxProviderPromptBytes: limits.maxProviderPromptBytes,
+    };
+  }
+
+  const error = new Error(formatError(`provider prompt is too large (${promptBytes} bytes; limit ${limits.maxProviderPromptBytes}). Reduce the input, split the work, or run ai revise with focused feedback before invoking the provider.`));
+  error.code = 'AI_PROMPT_TOO_LARGE';
+  throw error;
+}
+
+module.exports = {
+  DEFAULT_COMPACTED_REVISION_INPUT_BYTES,
+  DEFAULT_MAX_PROVIDER_PROMPT_BYTES,
+  DEFAULT_MAX_REVISION_INPUT_BYTES,
+  RAW_ARTIFACT_SCHEMA_VERSION,
+  assertProviderPromptWithinLimit,
+  byteLength,
+  compactRevisionInput,
+  extractCleanProviderOutput,
+  redactSensitiveLocalValues,
+  resolveAiArtifactLimits,
+  writeRawProviderArtifact,
+};

package/src/create-quiver/lib/ai/execution-plan.js

@@ -3,6 +3,7 @@ const path = require('node:path');
 
 const { resolveProfileProvider } = require('../agent-profiles');
 const { branchDelete, runGit, statusPorcelain, worktreeAdd, worktreePrune, worktreeRemove } = require('../git');
+const { withLock } = require('../locks');
 const { safeBranchName, worktreesRootForRepo } = require('../slice');
 const { buildGraph, computeLevels, detectFileConflicts, isFoundationSliceId, readAllSlices, topoSort, SliceGraphError } = require('../slice-graph');
 const { runExecuteSlice } = require('./executor');
@@ -486,6 +487,13 @@ async function runParallelGroupInWorktrees(repoRoot, level, group, options = {})
   const slices = group.slice_refs.map((ref) => level.slices.find((item) => item.ref === ref));
   const workspaces = slices.map((slice, index) => buildDelegatedWorkspace(repoRoot, slice, runId, index, options));
 
+  return withLock(repoRoot, `execute-plan-${runId}`, {
+    command: 'ai execute-plan',
+    metadata: {
+      mode: 'delegated',
+      slices: group.slice_refs,
+    },
+  }, async () => {
   let runResults;
   try {
     worktreePrune(repoRoot);
@@ -542,6 +550,7 @@ async function runParallelGroupInWorktrees(repoRoot, level, group, options = {})
     workspace: item.workspace.worktreePath,
     integratedCommit: item.commit,
   }));
+  });
 }
 
 async function runExecutePlan(repoRoot, options = {}) {