dual-brain 0.2.4 → 0.2.6

package/src/checkpoint.mjs

@@ -0,0 +1,109 @@
+// checkpoint.mjs — Checkpoint wrapper for dual-brain execution safety.
+// Wraps Replit's native checkpoint system with a git-based fallback.
+// Exports: hasCheckpoints, createCheckpoint, listCheckpoints, getLastCheckpoint
+
+import { existsSync, readFileSync, mkdirSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { execSync } from 'node:child_process';
+
+/**
+ * Check if checkpoint capability is available.
+ * @returns {boolean}
+ */
+export function hasCheckpoints() {
+  try {
+    // Check for Replit checkpoint binary
+    if (existsSync('/usr/local/bin/replit-checkpoint')) return true;
+    execSync('which replit-checkpoint', { stdio: 'pipe', timeout: 2000 });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Create a checkpoint before a risky operation.
+ * @param {string} label — human-readable label like "before auth refactor"
+ * @param {object} [opts]
+ * @param {string} [opts.cwd]
+ * @returns {{ success: boolean, id: string|null, label: string, timestamp: string }}
+ */
+export function createCheckpoint(label, opts = {}) {
+  const cwd = opts.cwd || process.cwd();
+  const timestamp = new Date().toISOString();
+  const id = `cp-${Date.now()}`;
+
+  // Try Replit checkpoint first
+  if (hasCheckpoints()) {
+    try {
+      execSync('replit-checkpoint create', { cwd, stdio: 'pipe', timeout: 10000 });
+      _logCheckpoint({ id, label, timestamp, type: 'replit', status: 'created' }, cwd);
+      return { success: true, id, label, timestamp };
+    } catch {
+      // Fall through to git-based checkpoint
+    }
+  }
+
+  // Fallback: git stash + tag
+  try {
+    // Stash any uncommitted changes
+    const status = execSync('git status --porcelain', { cwd, encoding: 'utf8', timeout: 5000 }).trim();
+    if (status) {
+      execSync(`git stash push -m "dual-brain-checkpoint: ${label}"`, { cwd, stdio: 'pipe', timeout: 10000 });
+      execSync('git stash pop', { cwd, stdio: 'pipe', timeout: 10000 });
+    }
+    // Create a lightweight tag
+    const safeLabel = label.replace(/[^a-zA-Z0-9-_]/g, '-').slice(0, 50);
+    const tagName = `db-checkpoint/${safeLabel}-${Date.now()}`;
+    execSync(`git tag "${tagName}"`, { cwd, stdio: 'pipe', timeout: 5000 });
+    _logCheckpoint({ id, label, timestamp, type: 'git-tag', tag: tagName, status: 'created' }, cwd);
+    return { success: true, id, label, timestamp };
+  } catch {
+    _logCheckpoint({ id, label, timestamp, type: 'failed', status: 'failed' }, cwd);
+    return { success: false, id: null, label, timestamp };
+  }
+}
+
+/**
+ * List recent checkpoints (most recent first, up to 20).
+ * @param {string} [cwd]
+ * @returns {object[]}
+ */
+export function listCheckpoints(cwd) {
+  const logPath = join(cwd || process.cwd(), '.dual-brain', 'checkpoints.jsonl');
+  if (!existsSync(logPath)) return [];
+  try {
+    return readFileSync(logPath, 'utf8')
+      .trim()
+      .split('\n')
+      .filter(Boolean)
+      .map(line => JSON.parse(line))
+      .reverse()
+      .slice(0, 20);
+  } catch {
+    return [];
+  }
+}
+
+/**
+ * Get the most recent checkpoint.
+ * @param {string} [cwd]
+ * @returns {object|null}
+ */
+export function getLastCheckpoint(cwd) {
+  const checkpoints = listCheckpoints(cwd);
+  return checkpoints[0] || null;
+}
+
+// ─── Internal helpers ─────────────────────────────────────────────────────────
+
+function _logCheckpoint(entry, cwd) {
+  const dir = join(cwd || process.cwd(), '.dual-brain');
+  mkdirSync(dir, { recursive: true });
+  const logPath = join(dir, 'checkpoints.jsonl');
+  const line = JSON.stringify(entry) + '\n';
+  try {
+    const existing = existsSync(logPath) ? readFileSync(logPath, 'utf8') : '';
+    writeFileSync(logPath, existing + line);
+  } catch {}
+}

package/src/ci-triage.mjs

@@ -0,0 +1,191 @@
+import { execSync } from 'node:child_process';
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+
+/**
+ * Detect CI system in use.
+ * @param {string} [cwd]
+ * @returns {{ systems: string[], primary: string|null }}
+ */
+export function detectCI(cwd) {
+  const root = cwd || process.cwd();
+  const systems = [];
+
+  if (existsSync(join(root, '.github/workflows'))) systems.push('github-actions');
+  if (existsSync(join(root, '.circleci')))          systems.push('circleci');
+  if (existsSync(join(root, '.gitlab-ci.yml')))     systems.push('gitlab-ci');
+  if (existsSync(join(root, 'Jenkinsfile')))        systems.push('jenkins');
+  if (existsSync(join(root, '.travis.yml')))        systems.push('travis');
+  if (existsSync(join(root, 'vercel.json')) || existsSync(join(root, '.vercel'))) systems.push('vercel');
+  if (existsSync(join(root, 'netlify.toml')))       systems.push('netlify');
+
+  return { systems, primary: systems[0] || null };
+}
+
+/**
+ * Get recent CI run status using gh CLI.
+ * @param {string} [cwd]
+ * @returns {{ available: boolean, runs: object[], hasFailures: boolean, lastRun: object|null }}
+ */
+export function getCIStatus(cwd) {
+  try {
+    const json = execSync(
+      'gh run list --limit 5 --json databaseId,name,status,conclusion,headBranch,createdAt',
+      { cwd, encoding: 'utf8', timeout: 10000 }
+    );
+    const runs = JSON.parse(json);
+    return {
+      available: true,
+      runs: runs.map(r => ({
+        id: r.databaseId,
+        name: r.name,
+        status: r.status,
+        conclusion: r.conclusion,
+        branch: r.headBranch,
+        createdAt: r.createdAt,
+      })),
+      hasFailures: runs.some(r => r.conclusion === 'failure'),
+      lastRun: runs[0] || null,
+    };
+  } catch {
+    return { available: false, runs: [], hasFailures: false, lastRun: null };
+  }
+}
+
+/**
+ * Get failed CI run logs and classify the failure.
+ * @param {string|number} runId
+ * @param {string} [cwd]
+ * @returns {object}
+ */
+export function triageFailure(runId, cwd) {
+  try {
+    const logs = execSync(`gh run view ${runId} --log-failed 2>/dev/null | tail -100`, {
+      cwd, encoding: 'utf8', timeout: 15000,
+    });
+
+    const classification = classifyFailure(logs);
+    const fileHints = extractFileHints(logs, cwd);
+
+    return {
+      success: true,
+      runId,
+      logs: logs.slice(-3000), // last 3000 chars
+      classification,
+      fileHints,
+      suggestedAction: getSuggestedAction(classification),
+    };
+  } catch (err) {
+    return { success: false, runId, error: err.message };
+  }
+}
+
+/**
+ * Classify a CI failure from log output.
+ * @param {string} logs
+ * @returns {{ type: string, confidence: string }}
+ */
+function classifyFailure(logs) {
+  const lower = logs.toLowerCase();
+
+  if (lower.includes('syntaxerror') || lower.includes('parse error'))               return { type: 'syntax',          confidence: 'high' };
+  if (lower.includes('typeerror') || lower.includes('type error'))                  return { type: 'type-error',      confidence: 'high' };
+  if (lower.includes('referenceerror'))                                              return { type: 'reference-error', confidence: 'high' };
+  if (lower.includes('test fail') || lower.includes('tests failed') || lower.includes('assertion')) return { type: 'test-failure',    confidence: 'high' };
+  if (lower.includes('enoent') || lower.includes('no such file'))                   return { type: 'missing-file',    confidence: 'high' };
+  if (lower.includes('permission denied') || lower.includes('eacces'))             return { type: 'permissions',     confidence: 'high' };
+  if (lower.includes('timeout') || lower.includes('timed out'))                    return { type: 'timeout',         confidence: 'medium' };
+  if (lower.includes('out of memory') || lower.includes('heap'))                   return { type: 'oom',             confidence: 'medium' };
+  if (lower.includes('npm err') || lower.includes('yarn error') || lower.includes('dependency')) return { type: 'dependency',     confidence: 'medium' };
+  if (lower.includes('lint') || lower.includes('eslint'))                           return { type: 'lint',            confidence: 'high' };
+  if (lower.includes('build fail'))                                                  return { type: 'build',           confidence: 'medium' };
+  if (lower.includes('docker') || lower.includes('container'))                      return { type: 'container',       confidence: 'medium' };
+
+  return { type: 'unknown', confidence: 'low' };
+}
+
+/**
+ * Extract local file paths referenced in CI logs.
+ * @param {string} logs
+ * @param {string} [cwd]
+ * @returns {string[]}
+ */
+function extractFileHints(logs, cwd) {
+  const files = new Set();
+  const root = cwd || process.cwd();
+
+  const patterns = [
+    /(?:at\s+)?([a-zA-Z0-9_./\\-]+\.[a-zA-Z]+):(\d+)/g,
+    /(?:in\s+)?([a-zA-Z0-9_./\\-]+\.[a-zA-Z]+)\((\d+)\)/g,
+    /Error in ([a-zA-Z0-9_./\\-]+\.[a-zA-Z]+)/g,
+  ];
+
+  for (const pattern of patterns) {
+    for (const match of logs.matchAll(pattern)) {
+      const file = match[1];
+      if (file && !file.includes('node_modules') && existsSync(join(root, file))) {
+        files.add(file);
+      }
+    }
+  }
+
+  return [...files];
+}
+
+/**
+ * Get a human-readable suggested action for a failure classification.
+ * @param {{ type: string }} classification
+ * @returns {string}
+ */
+function getSuggestedAction(classification) {
+  const actions = {
+    'syntax':          'Fix syntax error in the identified file',
+    'type-error':      'Check type annotations and function signatures',
+    'reference-error': 'Check for undefined variables or missing imports',
+    'test-failure':    'Run tests locally and fix failing assertions',
+    'missing-file':    'Check if a required file was deleted or not committed',
+    'permissions':     'Check file permissions and access rights',
+    'timeout':         'Investigate slow operations or increase timeout',
+    'oom':             'Check for memory leaks or reduce batch size',
+    'dependency':      'Run npm install and check for version conflicts',
+    'lint':            'Run linter locally and fix violations',
+    'build':           'Check build configuration and dependencies',
+    'container':       'Check Dockerfile and container configuration',
+    'unknown':         'Review full CI logs for error details',
+  };
+  return actions[classification.type] || actions.unknown;
+}
+
+/**
+ * Full CI triage: detect CI, fetch status, classify failures, map to files.
+ * @param {string} [cwd]
+ * @returns {object}
+ */
+export function fullTriage(cwd) {
+  const ci = detectCI(cwd);
+  if (!ci.primary) return { available: false, reason: 'no-ci-detected' };
+
+  const status = getCIStatus(cwd);
+  if (!status.available) return { available: false, reason: 'gh-cli-unavailable' };
+  if (!status.hasFailures) return { available: true, healthy: true, message: 'All CI runs passing' };
+
+  const failedRuns = status.runs.filter(r => r.conclusion === 'failure');
+  const triages = failedRuns.slice(0, 3).map(r => triageFailure(r.id, cwd));
+
+  return {
+    available: true,
+    healthy: false,
+    failedRuns: failedRuns.length,
+    triages,
+    topIssue: triages[0]?.classification || null,
+  };
+}
+
+// ─── CLI (direct invocation) ──────────────────────────────────────────────────
+
+const isMain = process.argv[1]?.endsWith('ci-triage.mjs');
+if (isMain) {
+  const cwd = process.argv[2] || process.cwd();
+  const result = fullTriage(cwd);
+  process.stdout.write(JSON.stringify(result, null, 2) + '\n');
+}

package/src/continuity.mjs

@@ -0,0 +1,291 @@
+#!/usr/bin/env node
+// continuity.mjs — Session continuity for dual-brain.
+// Generates handoff receipts so the next session can pick up seamlessly
+// when a session hits context limits, crashes, or is manually ended.
+//
+// Exports: generateHandoff, saveHandoff, getLatestHandoff, getHandoffAge,
+//          buildCompactionSurvivalKit, buildResumeBrief, pruneHandoffs,
+//          extractRoutingPatterns
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync, readdirSync, unlinkSync } from 'node:fs';
+import { join } from 'node:path';
+
+// ─── Session chaining ─────────────────────────────────────────────────────────
+
+/**
+ * Generate a compact handoff object from current session state.
+ * Designed to fit in ~500 tokens when serialized.
+ *
+ * @param {object} sessionState
+ * @param {string}   [sessionState.taskDescription]
+ * @param {string[]} [sessionState.filesChanged]
+ * @param {string[]} [sessionState.testsRun]
+ * @param {object[]} [sessionState.decisions]         Most recent routing decisions
+ * @param {string[]} [sessionState.unresolved]        Open questions / blockers
+ * @param {object}   [sessionState.routingHistory]
+ * @param {string}     [sessionState.routingHistory.lastProvider]
+ * @param {string}     [sessionState.routingHistory.lastModel]
+ * @param {string[]}   [sessionState.routingHistory.failedProviders]
+ * @param {string[]} [sessionState.activePreferences]
+ * @param {string}   [sessionState.resumeHint]        e.g. "continue implementing auth refactor"
+ * @returns {object}
+ */
+export function generateHandoff(sessionState) {
+  return {
+    version: 1,
+    timestamp: new Date().toISOString(),
+    task: sessionState.taskDescription || null,
+    progress: {
+      filesChanged: (sessionState.filesChanged || []).slice(0, 20),
+      testsRun: sessionState.testsRun || [],
+      decisions: (sessionState.decisions || []).slice(0, 5), // most recent routing decisions
+    },
+    unresolved: (sessionState.unresolved || []).slice(0, 5),
+    routing: {
+      lastProvider: sessionState.routingHistory?.lastProvider || null,
+      lastModel: sessionState.routingHistory?.lastModel || null,
+      failedProviders: sessionState.routingHistory?.failedProviders || [],
+    },
+    preferences: sessionState.activePreferences || [],
+    resumeHint: sessionState.resumeHint || null,
+  };
+}
+
+// ─── Handoff persistence ──────────────────────────────────────────────────────
+
+/**
+ * Persist a handoff object to .dual-brain/handoffs/.
+ * @param {object} handoff   Result of generateHandoff()
+ * @param {string} [cwd]     Project root (defaults to process.cwd())
+ * @returns {string}         Absolute path of the written file
+ */
+export function saveHandoff(handoff, cwd) {
+  const dir = join(cwd || process.cwd(), '.dual-brain', 'handoffs');
+  mkdirSync(dir, { recursive: true });
+  const filename = `handoff-${Date.now()}.json`;
+  writeFileSync(join(dir, filename), JSON.stringify(handoff, null, 2));
+  return join(dir, filename);
+}
+
+/**
+ * Load the most recent handoff from .dual-brain/handoffs/.
+ * Returns null when no handoffs exist or all are unreadable.
+ * @param {string} [cwd]
+ * @returns {object|null}
+ */
+export function getLatestHandoff(cwd) {
+  const dir = join(cwd || process.cwd(), '.dual-brain', 'handoffs');
+  if (!existsSync(dir)) return null;
+  const files = readdirSync(dir)
+    .filter(f => f.startsWith('handoff-') && f.endsWith('.json'))
+    .sort()
+    .reverse();
+  if (files.length === 0) return null;
+  try {
+    return JSON.parse(readFileSync(join(dir, files[0]), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Return the age of a handoff in hours.
+ * Returns Infinity when the handoff has no timestamp.
+ * @param {object|null} handoff
+ * @returns {number}  Hours since handoff was generated
+ */
+export function getHandoffAge(handoff) {
+  if (!handoff?.timestamp) return Infinity;
+  return (Date.now() - Date.parse(handoff.timestamp)) / 3600000;
+}
+
+// ─── Smart compaction ─────────────────────────────────────────────────────────
+
+/**
+ * Build a compaction-safe summary string to inject before context compression.
+ * The content must survive being summarised by a compression pass, so keep it
+ * terse, high-signal, and easy to re-state.
+ *
+ * @param {object} state
+ * @param {string}   [state.activeTask]
+ * @param {string[]} [state.routingRules]
+ * @param {string[]} [state.criticalDecisions]
+ * @param {string[]} [state.filesInProgress]
+ * @param {string[]} [state.preferences]
+ * @param {string[]} [state.warnings]
+ * @returns {string}
+ */
+export function buildCompactionSurvivalKit(state) {
+  const lines = [];
+  lines.push('[DUAL-BRAIN CONTINUITY]');
+
+  if (state.activeTask) {
+    lines.push(`TASK: ${state.activeTask}`);
+  }
+  if (state.routingRules?.length) {
+    lines.push(`ROUTING: ${state.routingRules.join('; ')}`);
+  }
+  if (state.criticalDecisions?.length) {
+    lines.push(`DECISIONS: ${state.criticalDecisions.join('; ')}`);
+  }
+  if (state.filesInProgress?.length) {
+    lines.push(`FILES: ${state.filesInProgress.join(', ')}`);
+  }
+  if (state.preferences?.length) {
+    lines.push(`PREFS: ${state.preferences.join('; ')}`);
+  }
+  if (state.warnings?.length) {
+    lines.push(`WARNINGS: ${state.warnings.join('; ')}`);
+  }
+
+  lines.push('[/DUAL-BRAIN CONTINUITY]');
+  return lines.join('\n');
+}
+
+// ─── Resume brief builder ─────────────────────────────────────────────────────
+
+/**
+ * Check for a recent handoff and build a resume context string for a new session.
+ * Returns null when no usable handoff exists (missing, too stale, or unreadable).
+ *
+ * @param {string} [cwd]
+ * @returns {string|null}
+ */
+export function buildResumeBrief(cwd) {
+  const handoff = getLatestHandoff(cwd);
+  if (!handoff) return null;
+
+  const ageHours = getHandoffAge(handoff);
+  if (ageHours > 48) return null; // too stale to be useful
+
+  const lines = [];
+  const ageLabel =
+    ageHours < 1
+      ? 'just now'
+      : ageHours < 24
+        ? `${Math.round(ageHours)}h ago`
+        : `${Math.round(ageHours / 24)}d ago`;
+
+  lines.push(`Resuming from previous session (${ageLabel}):`);
+
+  if (handoff.task) lines.push(`  Task: ${handoff.task}`);
+  if (handoff.resumeHint) lines.push(`  Next: ${handoff.resumeHint}`);
+  if (handoff.progress?.filesChanged?.length) {
+    const shown = handoff.progress.filesChanged.slice(0, 5);
+    const extra = handoff.progress.filesChanged.length > 5
+      ? ` (+${handoff.progress.filesChanged.length - 5} more)`
+      : '';
+    lines.push(`  Changed: ${shown.join(', ')}${extra}`);
+  }
+  if (handoff.unresolved?.length) {
+    lines.push(`  Unresolved: ${handoff.unresolved.join('; ')}`);
+  }
+  if (handoff.routing?.failedProviders?.length) {
+    lines.push(`  Note: ${handoff.routing.failedProviders.join(', ')} failed last session`);
+  }
+
+  return lines.join('\n');
+}
+
+// ─── Handoff cleanup ──────────────────────────────────────────────────────────
+
+/**
+ * Remove old handoff files, keeping only the most recent `keep` entries.
+ * @param {string} [cwd]
+ * @param {number} [keep=10]
+ * @returns {number}  Count of files pruned
+ */
+export function pruneHandoffs(cwd, keep = 10) {
+  const dir = join(cwd || process.cwd(), '.dual-brain', 'handoffs');
+  if (!existsSync(dir)) return 0;
+  const files = readdirSync(dir)
+    .filter(f => f.startsWith('handoff-') && f.endsWith('.json'))
+    .sort()
+    .reverse();
+  let pruned = 0;
+  for (const f of files.slice(keep)) {
+    try {
+      unlinkSync(join(dir, f));
+      pruned++;
+    } catch {
+      // Skip files that can't be removed — best-effort
+    }
+  }
+  return pruned;
+}
+
+// ─── Cross-session learning ───────────────────────────────────────────────────
+
+/**
+ * Extract routing patterns from handoff history to inform provider/model selection.
+ *
+ * @param {string} [cwd]
+ * @returns {{
+ *   patterns: Array<{ type: string, value: string, count: number }>,
+ *   confidence: number,
+ *   sampleSize: number
+ * }}
+ */
+export function extractRoutingPatterns(cwd) {
+  const dir = join(cwd || process.cwd(), '.dual-brain', 'handoffs');
+  if (!existsSync(dir)) return { patterns: [], confidence: 0, sampleSize: 0 };
+
+  const files = readdirSync(dir)
+    .filter(f => f.startsWith('handoff-') && f.endsWith('.json'))
+    .sort()
+    .reverse()
+    .slice(0, 20);
+
+  const handoffs = files
+    .map(f => {
+      try {
+        return JSON.parse(readFileSync(join(dir, f), 'utf8'));
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean);
+
+  // Count provider/model usage patterns
+  const providerCounts = {};
+  const modelCounts = {};
+  const failureCounts = {};
+
+  for (const h of handoffs) {
+    if (h.routing?.lastProvider) {
+      providerCounts[h.routing.lastProvider] = (providerCounts[h.routing.lastProvider] || 0) + 1;
+    }
+    if (h.routing?.lastModel) {
+      modelCounts[h.routing.lastModel] = (modelCounts[h.routing.lastModel] || 0) + 1;
+    }
+    for (const fp of (h.routing?.failedProviders || [])) {
+      failureCounts[fp] = (failureCounts[fp] || 0) + 1;
+    }
+  }
+
+  const patterns = [];
+
+  // Most used provider
+  const topProvider = Object.entries(providerCounts).sort((a, b) => b[1] - a[1])[0];
+  if (topProvider) {
+    patterns.push({ type: 'preferred_provider', value: topProvider[0], count: topProvider[1] });
+  }
+
+  // Most used model
+  const topModel = Object.entries(modelCounts).sort((a, b) => b[1] - a[1])[0];
+  if (topModel) {
+    patterns.push({ type: 'preferred_model', value: topModel[0], count: topModel[1] });
+  }
+
+  // Frequently failing provider (threshold: 3+ failures)
+  const topFailure = Object.entries(failureCounts).sort((a, b) => b[1] - a[1])[0];
+  if (topFailure && topFailure[1] >= 3) {
+    patterns.push({ type: 'unreliable_provider', value: topFailure[0], count: topFailure[1] });
+  }
+
+  return {
+    patterns,
+    confidence: Math.min(1, handoffs.length / 10),
+    sampleSize: handoffs.length,
+  };
+}

package/src/detect.mjs

@@ -5,6 +5,7 @@
 import { readFileSync } from 'fs';
 import { resolve, dirname } from 'path';
 import { fileURLToPath } from 'url';
+import { execSync } from 'child_process';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
 
@@ -365,6 +366,39 @@ function detectSuggestedPlugins(prompt) {
   return [...matched];
 }
 
+// ─── CI risk check ────────────────────────────────────────────────────────────
+
+/**
+ * Lightweight CI risk check: returns true if the current branch has a recent
+ * CI failure, indicating the task may touch already-broken code.
+ * Intentionally best-effort — any error returns false (never blocks detection).
+ * @param {string} [cwd]
+ * @returns {{ hasCIFailure: boolean, failedBranch: string|null }}
+ */
+function checkCIRisk(cwd) {
+  try {
+    const currentBranch = execSync('git rev-parse --abbrev-ref HEAD', {
+      cwd, encoding: 'utf8', timeout: 3000, stdio: ['ignore', 'pipe', 'ignore'],
+    }).trim();
+
+    const json = execSync(
+      'gh run list --limit 5 --json conclusion,headBranch 2>/dev/null',
+      { cwd, encoding: 'utf8', timeout: 8000 }
+    );
+    const runs = JSON.parse(json);
+    const branchFailure = runs.find(
+      r => r.conclusion === 'failure' && r.headBranch === currentBranch
+    );
+
+    return {
+      hasCIFailure: Boolean(branchFailure),
+      failedBranch: branchFailure ? currentBranch : null,
+    };
+  } catch {
+    return { hasCIFailure: false, failedBranch: null };
+  }
+}
+
 /** Main detection function. Input: { prompt, files?, priorFailures?, sessionContext? } */
 function detectTask(input) {
   const { prompt = '', files = [], sessionContext = null } = input;
@@ -455,6 +489,9 @@ function detectTask(input) {
   // 10. Suggested Codex plugins (keyword-based, static map — no I/O)
   const suggestedPlugins = detectSuggestedPlugins(prompt);
 
+  // 11. CI risk — check if current branch has failing CI runs (best-effort, never throws)
+  const ciRiskResult = checkCIRisk(input.cwd || process.cwd());
+
   return {
     intent,
     risk,
@@ -470,6 +507,7 @@ function detectTask(input) {
     reasoningDepth,
     reasoningSignals,
     suggestedPlugins,
+    ciRisk: ciRiskResult,
     ...(repeatedFailure && { repeatedFailure: true }),
   };
 }