ghost-dragon 4.2.1

package/src/ui.ts

@@ -0,0 +1,188 @@
+/**
+ * UI design system — the "ops console" premium look (stealth silver).
+ *
+ * One place for the chrome: framed panels (boxen, ANSI-width-aware), a chrome
+ * gradient wordmark, status dots, key/value rows, rules + section headers. Every
+ * command composes these so the whole CLI reads as one flagship tool.
+ *
+ * Copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ */
+
+import chalk from 'chalk'
+import boxen from 'boxen'
+import { homedir } from 'node:os'
+import { C } from './utils.js'
+
+const BORDER = '#454e57' // dim slate — the frame
+const SILVER_STOPS = ['#dfe6ec', '#99a3ac', '#eef3f7', '#99a3ac', '#dfe6ec']
+
+function hexLerp(a: string, b: string, t: number): string {
+  const A = [1, 3, 5].map((i) => parseInt(a.slice(i, i + 2), 16))
+  const B = [1, 3, 5].map((i) => parseInt(b.slice(i, i + 2), 16))
+  const c = A.map((v, i) => Math.round(v + (B[i] - v) * t))
+  return '#' + c.map((v) => v.toString(16).padStart(2, '0')).join('')
+}
+
+/** Brushed-chrome gradient across a string — the premium wordmark treatment. */
+export function chrome(s: string): string {
+  const chars = [...s]
+  const n = chars.length
+  if (n === 0) return s
+  return chars
+    .map((ch, i) => {
+      if (ch === ' ') return ch
+      const p = (n === 1 ? 0 : i / (n - 1)) * (SILVER_STOPS.length - 1)
+      const lo = Math.floor(p)
+      const hi = Math.min(lo + 1, SILVER_STOPS.length - 1)
+      return chalk.hex(hexLerp(SILVER_STOPS[lo], SILVER_STOPS[hi], p - lo)).bold(ch)
+    })
+    .join('')
+}
+
+/** A framed panel with an optional left-aligned title (rendered in the border). */
+export function panel(lines: string[], opts: { title?: string; borderColor?: string; width?: number } = {}): string {
+  return boxen(lines.join('\n'), {
+    title: opts.title,
+    titleAlignment: 'left',
+    padding: { top: 0, bottom: 0, left: 1, right: 2 },
+    borderStyle: 'round',
+    borderColor: opts.borderColor ?? BORDER,
+    ...(opts.width ? { width: opts.width } : {}),
+  })
+}
+
+// ghosts.lk "live/online" accent — a whisper of emerald (oklch 0.55 0.15 155).
+export const emerald = chalk.hex('#2bb673')
+export const emeraldDim = chalk.hex('#1c6e49')
+
+/** Zip two rectangular blocks side-by-side. `leftWidth` = the left block's visible
+ *  width (set a fixed `width` on the left panel so padding lines up). */
+export function joinColumns(left: string, right: string, leftWidth: number, gap = 3): string {
+  const L = left.split('\n')
+  const R = right.split('\n')
+  const n = Math.max(L.length, R.length)
+  const blank = ' '.repeat(leftWidth)
+  const sep = ' '.repeat(gap)
+  const out: string[] = []
+  for (let i = 0; i < n; i++) out.push((L[i] ?? blank) + sep + (R[i] ?? ''))
+  return out.join('\n')
+}
+
+/** A brushed-chrome horizontal rule. */
+export function chromeRule(width: number): string {
+  return chrome('─'.repeat(Math.max(4, width)))
+}
+
+// ── sub-cell data viz (the obscure terminal-graphics craft) ──
+const SPARK = '▁▂▃▄▅▆▇█'
+const PARTIAL = [' ', '▏', '▎', '▍', '▌', '▋', '▊', '▉', '█'] // eighth-cell fills
+
+/** A unicode sparkline (8 vertical levels). Emerald where there's signal, faint for zero. */
+export function sparkline(values: number[]): string {
+  if (!values.length) return ''
+  const max = Math.max(...values, 1)
+  return values.map((v) => (v <= 0 ? C.faint('▁') : emerald(SPARK[Math.min(7, Math.max(0, Math.round((v / max) * 7)))]))).join('')
+}
+
+/** A fractional gauge bar (eighth-cell precision). Colour ramps green→amber→red. */
+export function gauge(frac: number, width: number): string {
+  const f = Math.max(0, Math.min(1, frac))
+  const cells = f * width
+  const full = Math.floor(cells)
+  const rem = Math.round((cells - full) * 8)
+  const bar = '█'.repeat(full) + (rem > 0 ? PARTIAL[rem] : '')
+  const used = full + (rem > 0 ? 1 : 0)
+  const col = f < 0.7 ? emerald : f < 0.9 ? C.high : C.critical
+  return col(bar) + C.faint('·'.repeat(Math.max(0, width - used)))
+}
+
+// Braille (U+2800 + 8-bit mask) = a 2x4 dot grid per cell → 8 sub-pixels, the
+// densest text-only renderer (see the terminal-subcell-graphics skill).
+const BR_DOTS = [
+  [0x01, 0x08],
+  [0x02, 0x10],
+  [0x04, 0x20],
+  [0x40, 0x80],
+]
+
+/**
+ * A multi-row Braille area/line chart — 4× the vertical resolution of a
+ * sparkline and 2× horizontal (values are interpolated across dot columns).
+ * Returns `height` colored rows of `width` cells. Emerald signal by default.
+ */
+export function brailleChart(
+  values: number[],
+  opts: { width?: number; height?: number; max?: number; color?: (s: string) => string; area?: boolean } = {},
+): string[] {
+  const width = Math.max(2, opts.width ?? 32)
+  const height = Math.max(1, opts.height ?? 3)
+  const W = width * 2
+  const H = height * 4
+  const max = opts.max ?? Math.max(...values, 1)
+  const color = opts.color ?? emerald
+  const area = opts.area ?? true
+  const bits = new Uint8Array(width * height)
+  const set = (x: number, y: number) => {
+    if (x < 0 || x >= W || y < 0 || y >= H) return
+    bits[(y >> 2) * width + (x >> 1)] |= BR_DOTS[y & 3][x & 1]
+  }
+  const n = values.length
+  for (let x = 0; x < W; x++) {
+    const idx = n <= 1 ? 0 : (x / (W - 1)) * (n - 1)
+    const lo = Math.floor(idx)
+    const hi = Math.min(lo + 1, n - 1)
+    const v = (values[lo] ?? 0) + ((values[hi] ?? 0) - (values[lo] ?? 0)) * (idx - lo)
+    const lvl = Math.max(0, Math.min(H - 1, Math.round((v / max) * (H - 1))))
+    const top = H - 1 - lvl
+    if (area) for (let y = H - 1; y >= top; y--) set(x, y)
+    else set(x, top)
+  }
+  const rows: string[] = []
+  for (let cy = 0; cy < height; cy++) {
+    let s = ''
+    for (let cx = 0; cx < width; cx++) {
+      const b = bits[cy * width + cx]
+      s += b ? String.fromCharCode(0x2800 + b) : ' '
+    }
+    rows.push(color(s))
+  }
+  return rows
+}
+
+export const dot = {
+  on: C.accent('●'),
+  off: C.faint('○'),
+  live: chalk.hex('#46e0b0')('●'),
+  warn: C.high('●'),
+  crit: C.critical('●'),
+}
+export const statusDot = (on: boolean) => (on ? dot.on : dot.off)
+
+/** "label  value" with the label dim + padded to a column. */
+export function kv(label: string, value: string, pad = 7): string {
+  return `${C.faint(label.padEnd(pad))} ${value}`
+}
+
+/** A hairline rule, optionally with a section label on the left. */
+export function rule(width = 50, label?: string): string {
+  if (!label) return C.faint('─'.repeat(width))
+  const tag = ` ${label.toUpperCase()} `
+  return C.faint('──') + C.info(tag) + C.faint('─'.repeat(Math.max(0, width - tag.length - 2)))
+}
+
+/** Collapse $HOME → ~ for tidy paths. */
+export function tidyPath(p: string): string {
+  const h = homedir()
+  return p.startsWith(h) ? '~' + p.slice(h.length) : p
+}
+
+/** The ops-console brand splash (global header). */
+export function brandHeader(version: string): string {
+  return panel(
+    [
+      `${C.accent('▟█▙')}  ${chrome('DRAGON')} ${C.faint('· stack control')}`,
+      `${C.accent('▜█▛')}  ${C.faint('account.ghosts.lk · v' + version)}`,
+    ],
+    { title: chrome('GHOST PROTOCOL') },
+  )
+}

package/src/utils.ts

@@ -0,0 +1,153 @@
+/**
+ * Shared utilities for Dragon CLI.
+ *
+ * Output palette intentionally narrow to match the Dragon Console
+ * web UI (one teal/green accent · severity by intensity, not hue).
+ */
+
+import { execSync, spawn, type SpawnOptions } from 'child_process'
+import { existsSync, readFileSync, statSync } from 'node:fs'
+import { join } from 'node:path'
+import { createConnection } from 'node:net'
+import chalk from 'chalk'
+
+export function exec(cmd: string, cwd?: string): string {
+  try {
+    return execSync(cmd, { cwd, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] }).trim()
+  } catch (e: any) {
+    throw new Error(e.stderr?.trim() || e.message)
+  }
+}
+
+export function run(cmd: string, args: string[], cwd: string, opts?: SpawnOptions): Promise<number> {
+  return new Promise((resolve, reject) => {
+    const child = spawn(cmd, args, {
+      cwd,
+      stdio: 'inherit',
+      ...opts,
+    })
+    child.on('close', code => resolve(code ?? 1))
+    child.on('error', reject)
+  })
+}
+
+export async function fetchJSON<T = any>(url: string, timeoutMs = 5000): Promise<T> {
+  const controller = new AbortController()
+  const timer = setTimeout(() => controller.abort(), timeoutMs)
+  try {
+    const res = await fetch(url, { signal: controller.signal })
+    if (!res.ok) throw new Error(`HTTP ${res.status}: ${res.statusText}`)
+    return res.json() as Promise<T>
+  } finally {
+    clearTimeout(timer)
+  }
+}
+
+// ─── brand palette: STEALTH SILVER ─────────────────────────────
+// Mirrors account.ghosts.lk's monochrome scheme (near-black canvas,
+// silver/white accent, zinc muted) — the operator-stealth look. The teal
+// Dragon-Console accent was retired here. Severity stays in hue (function
+// over stealth — a CRITICAL must read as red). Truecolor assumed; legacy
+// 16-color terms fall back to the nearest chalk basic colour.
+
+export const C = {
+  accent:    chalk.hex('#c8d0d8'),   // stealth silver · primary
+  hot:       chalk.hex('#eef3f7'),   // bright silver/white · live / running
+  critical:  chalk.hex('#ff5a55'),   // red    · severity
+  high:      chalk.hex('#fb923c'),   // orange · severity
+  medium:    chalk.hex('#fbbf24'),   // amber  · severity
+  low:       chalk.hex('#8ab4e8'),   // soft blue
+  info:      chalk.hex('#9aa4ad'),   // zinc grey
+  faint:     chalk.hex('#5b6570'),   // dim slate
+}
+
+// ─── output discipline ─────────────────────────────────────────
+
+export function label(text: string): string {
+  return C.accent.bold(`[ ${text.toUpperCase()} ]`)
+}
+
+export function eyebrow(num: string | number, text: string): string {
+  return C.accent.bold(`[ ${String(num).padStart(2, '0')} // ${text.toUpperCase()} ]`)
+}
+
+export function dim(text: string): string {
+  return chalk.dim(text)
+}
+
+// Severity glyphs + hues match the web UI sev pills:
+//   CRITICAL ⚠ red  ·  HIGH ! orange  ·  MEDIUM amber  ·  LOW blue  ·  INFO grey
+// CLI helpers use the matching colour so error/warn/info read at a glance.
+export function error(msg: string): void   { console.error(C.critical.bold('  ⚠'), msg) }
+export function warn(msg: string): void    { console.warn(C.high('  !'),           msg) }
+export function success(msg: string): void { console.log(C.accent('  ✓'),          msg) }
+export function info(msg: string): void    { console.log(C.info('  ·'),            msg) }
+
+export function table(rows: Record<string, string>[]): void {
+  if (rows.length === 0) return
+  const keys = Object.keys(rows[0])
+  const widths = keys.map(k => Math.max(k.length, ...rows.map(r => (r[k] || '').length)))
+
+  const header = keys.map((k, i) => k.padEnd(widths[i])).join('  ')
+  const sep = widths.map(w => '─'.repeat(w)).join('──')
+
+  console.log(chalk.dim(header))
+  console.log(chalk.dim(sep))
+  rows.forEach(row => {
+    console.log(keys.map((k, i) => (row[k] || '').padEnd(widths[i])).join('  '))
+  })
+}
+
+// ─── module state probes ──────────────────────────────────────
+// Used by `dragon list` + `dragon doctor` so output reflects reality,
+// not "the repo dir exists therefore ✓".
+
+export function isInstalled(dir: string): boolean {
+  return existsSync(join(dir, '.git'))
+}
+
+export function isRunning(port?: number, host = '127.0.0.1', timeoutMs = 200): Promise<boolean> {
+  return new Promise((resolve) => {
+    if (!port) return resolve(false)
+    const sock = createConnection({ host, port })
+    const done = (ok: boolean) => { try { sock.destroy() } catch {} resolve(ok) }
+    sock.once('connect', () => done(true))
+    sock.once('error',   () => done(false))
+    setTimeout(() => done(false), timeoutMs)
+  })
+}
+
+export function readVersion(dir: string): string | null {
+  const parsers: Record<string, (raw: string) => string | null> = {
+    'package.json':   (raw) => { try { return JSON.parse(raw).version ?? null } catch { return null } },
+    'Cargo.toml':     (raw) => raw.match(/^version\s*=\s*"([^"]+)"/m)?.[1] ?? null,
+    'pyproject.toml': (raw) => raw.match(/^version\s*=\s*"([^"]+)"/m)?.[1] ?? null,
+  }
+  // Search the repo root + a handful of conventional monorepo layouts so
+  // packages like Wyrm (no root manifest, version in packages/mcp-server)
+  // still report a version on `dragon list`.
+  const candidates = [
+    dir,
+    join(dir, 'packages', 'mcp-server'),
+    join(dir, 'packages', 'core'),
+    join(dir, 'packages', 'cli'),
+    join(dir, 'apps', 'web'),
+    join(dir, 'apps', 'server'),
+  ]
+  for (const c of candidates) {
+    for (const [fname, parse] of Object.entries(parsers)) {
+      const f = join(c, fname)
+      if (!existsSync(f)) continue
+      try {
+        const v = parse(readFileSync(f, 'utf-8'))
+        if (v) return v
+      } catch { /* keep trying */ }
+    }
+  }
+  return null
+}
+
+export function lastUpdated(dir: string): string | null {
+  try { return new Date(statSync(dir).mtime).toISOString().slice(0, 10) }
+  catch { return null }
+}

package/src/wyrm/mcp.ts

@@ -0,0 +1,130 @@
+/**
+ * Deep Wyrm integration — the agent's memory spine, on by default.
+ *
+ * Spawns the Wyrm MCP server (`wyrm-mcp`) over stdio and:
+ *   - exposes a CURATED subset of Wyrm's tools to the brain (recall, remember,
+ *     capture, search, project/global context, quests, skills, entities, truths)
+ *     so the model can read + write long-term memory mid-task;
+ *   - PRIMES each session with the current project's context, folded into the
+ *     system prompt, so Dragon starts already knowing the project.
+ *
+ * Everything is best-effort: if Wyrm isn't reachable the agent still runs (just
+ * without memory). Tool routing in the loop sends any `wyrm_*` call here.
+ *
+ * Copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ */
+
+import { Client } from '@modelcontextprotocol/sdk/client/index.js'
+import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js'
+import { existsSync } from 'node:fs'
+import { homedir } from 'node:os'
+import { join } from 'node:path'
+import type { ToolSpec } from '../brain/types.js'
+
+/** High-value Wyrm tools we surface to the model (the full surface is ~116). */
+const EXPOSED = new Set([
+  'wyrm_recall', 'wyrm_remember', 'wyrm_capture', 'wyrm_search',
+  'wyrm_project_context', 'wyrm_global_context', 'wyrm_context_build',
+  'wyrm_all_quests', 'wyrm_quest_add', 'wyrm_quest_complete',
+  'wyrm_skill_search', 'wyrm_skill_get',
+  'wyrm_entity_search', 'wyrm_truth_get', 'wyrm_truth_set', 'wyrm_decided_because',
+])
+
+function wyrmBin(): string {
+  const candidates = [process.env.WYRM_MCP_BIN, join(homedir(), '.npm-global/bin/wyrm-mcp')].filter(Boolean) as string[]
+  for (const c of candidates) if (existsSync(c)) return c
+  return 'wyrm-mcp' // fall back to PATH
+}
+
+const CONNECT_TIMEOUT = 8_000 // a slow/hanging Wyrm must never freeze the agent
+const CALL_TIMEOUT = 25_000
+
+/** Resolve to `null` if the promise doesn't settle in `ms` (running `onTimeout`). */
+function withTimeout<T>(p: Promise<T>, ms: number, onTimeout?: () => void): Promise<T | null> {
+  return new Promise((resolve) => {
+    let done = false
+    const timer = setTimeout(() => { if (!done) { done = true; onTimeout?.(); resolve(null) } }, ms)
+    p.then(
+      (v) => { if (!done) { done = true; clearTimeout(timer); resolve(v) } },
+      () => { if (!done) { done = true; clearTimeout(timer); resolve(null) } },
+    )
+  })
+}
+
+export interface WyrmTool { spec: ToolSpec }
+
+export class Wyrm {
+  private client: Client | null = null
+  private transport: StdioClientTransport | null = null
+  private toolNames = new Set<string>()
+  connected = false
+
+  /** Connect + discover tools (bounded by CONNECT_TIMEOUT). Never throws / hangs. */
+  async connect(): Promise<boolean> {
+    try {
+      this.transport = new StdioClientTransport({ command: wyrmBin(), args: [], stderr: 'ignore' })
+      this.client = new Client({ name: 'dragon-cli', version: '3.7.0' }, { capabilities: {} })
+      const ok = await withTimeout(
+        (async () => {
+          await this.client!.connect(this.transport!)
+          const { tools } = await this.client!.listTools()
+          this.exposed = tools
+            .filter((t) => EXPOSED.has(t.name))
+            .map((t) => ({ name: t.name, description: t.description ?? '', parameters: (t.inputSchema as Record<string, unknown>) ?? { type: 'object', properties: {} } }))
+          this.exposed.forEach((t) => this.toolNames.add(t.name))
+          return true
+        })(),
+        CONNECT_TIMEOUT,
+        () => { try { void this.transport?.close() } catch { /* ignore */ } },
+      )
+      this.connected = ok === true
+      if (!this.connected) { try { await this.client?.close() } catch { /* ignore */ } this.client = null }
+      return this.connected
+    } catch {
+      this.connected = false
+      return false
+    }
+  }
+
+  private exposed: ToolSpec[] = []
+
+  /** Curated Wyrm tool specs to hand the brain (empty if not connected). */
+  toolSpecs(): ToolSpec[] {
+    return this.exposed
+  }
+
+  handles(name: string): boolean {
+    return this.toolNames.has(name)
+  }
+
+  /** Invoke a Wyrm tool; returns a string result for the model (bounded). */
+  async call(name: string, args: Record<string, unknown>): Promise<string> {
+    if (!this.client) return 'error: Wyrm not connected'
+    const res = await withTimeout(
+      this.client.callTool({ name, arguments: args }) as Promise<{ content?: { type: string; text?: string }[]; isError?: boolean }>,
+      CALL_TIMEOUT,
+    )
+    if (res === null) return `error: ${name} timed out`
+    const text = (res.content ?? []).map((c) => (c.type === 'text' ? c.text ?? '' : `[${c.type}]`)).join('\n').trim()
+    return (res.isError ? 'error: ' : '') + (text || '(no result)')
+  }
+
+  /** Best-effort project context for the system prompt. Never throws. */
+  async prime(cwd: string): Promise<string | null> {
+    if (!this.client) return null
+    for (const [name, args] of [
+      ['wyrm_project_context', { projectPath: cwd }],
+      ['wyrm_project_context', { project: cwd }],
+    ] as const) {
+      if (!this.toolNames.has(name)) continue
+      const out = await this.call(name, args as Record<string, unknown>)
+      if (out && !out.startsWith('error')) return out.slice(0, 4000)
+    }
+    return null
+  }
+
+  async close(): Promise<void> {
+    try { await this.client?.close() } catch { /* ignore */ }
+    this.connected = false
+  }
+}

package/test/auth.test.ts

@@ -0,0 +1,70 @@
+/**
+ * Auth resolution precedence — the "does login actually work on a fresh machine"
+ * guarantee, made deterministic. `resolveAuthFrom` is pure (env + config in,
+ * headers + mode out), so the whole token > session > none ladder, env > config
+ * precedence, origin self-heal, and header-injection rejection are exercised with
+ * zero network and zero dependence on THIS box's ~/.dragon/config.json. (Closes
+ * the premortem's "untested authed / single-machine path" gap.)
+ *
+ * Runs against built output: `npm run build && vitest run`.
+ */
+import { describe, it, expect } from 'vitest'
+import { resolveAuthFrom, DEFAULT_API } from '../dist/auth.js'
+
+// resolveAuthFrom only reads `cfg.auth`; a minimal stub is all it needs.
+const cfg = (auth?: Record<string, unknown>) => ({ auth } as any)
+
+describe('resolveAuthFrom — credential precedence', () => {
+  it('token beats session beats none', () => {
+    const r = resolveAuthFrom({ DRAGON_TOKEN: 'dgn_tok123', DRAGON_SESSION: 'sess456' }, cfg())
+    expect(r.mode).toBe('token')
+    expect(r.headers.authorization).toBe('Bearer dgn_tok123')
+    expect(r.headers.cookie).toBeUndefined()
+  })
+  it('session when only a session is present', () => {
+    const r = resolveAuthFrom({ DRAGON_SESSION: 'sess456' }, cfg())
+    expect(r.mode).toBe('session')
+    expect(r.headers.cookie).toBe('gp_session=sess456')
+  })
+  it('none when nothing is present', () => {
+    const r = resolveAuthFrom({}, cfg())
+    expect(r.mode).toBe('none')
+    expect(r.headers).toEqual({})
+  })
+  it('env overrides config', () => {
+    const r = resolveAuthFrom({ DRAGON_TOKEN: 'env_tok' }, cfg({ token: 'cfg_tok' }))
+    expect(r.headers.authorization).toBe('Bearer env_tok')
+  })
+  it('falls back to config when env is empty, and surfaces the stored email', () => {
+    const r = resolveAuthFrom({}, cfg({ token: 'cfg_tok', email: 'ryan@ghosts.lk' }))
+    expect(r.mode).toBe('token')
+    expect(r.headers.authorization).toBe('Bearer cfg_tok')
+    expect(r.email).toBe('ryan@ghosts.lk')
+  })
+})
+
+describe('resolveAuthFrom — apiBase origin guard', () => {
+  it('defaults when unset', () => {
+    expect(resolveAuthFrom({}, cfg()).apiBase).toBe(DEFAULT_API)
+  })
+  it('honors a valid https override (env) and strips the trailing slash', () => {
+    expect(resolveAuthFrom({ DRAGON_API: 'https://staging.ghosts.lk/' }, cfg()).apiBase).toBe('https://staging.ghosts.lk')
+  })
+  it('self-heals a restricted-port / junk origin back to default', () => {
+    expect(resolveAuthFrom({ DRAGON_API: 'http://127.0.0.1:1' }, cfg()).apiBase).toBe(DEFAULT_API)
+    expect(resolveAuthFrom({ DRAGON_API: 'ftp://x' }, cfg()).apiBase).toBe(DEFAULT_API)
+  })
+})
+
+describe('resolveAuthFrom — header-injection rejection', () => {
+  it('drops a CRLF-poisoned token (no header smuggling) → session wins', () => {
+    const r = resolveAuthFrom({ DRAGON_TOKEN: 'tok\r\nX-Evil: 1', DRAGON_SESSION: 'cleansess' }, cfg())
+    expect(r.mode).toBe('session')
+    expect(r.headers.authorization).toBeUndefined()
+    expect(r.headers.cookie).toBe('gp_session=cleansess')
+  })
+  it('drops a poisoned token AND a poisoned session → none', () => {
+    const r = resolveAuthFrom({ DRAGON_TOKEN: 'a b', DRAGON_SESSION: 'c\nd' }, cfg())
+    expect(r.mode).toBe('none')
+  })
+})

package/test/brain.test.ts

@@ -0,0 +1,39 @@
+/**
+ * Worker brain response normalization — the flaky fp8 tool-caller path the
+ * premortem flagged. The Cloudflare brain (Llama 3.3) returns inconsistent
+ * shapes; `normalizeWorkerTurn` must NEVER throw into the agent loop. It's pure,
+ * so every weird shape is pinned here.
+ *
+ * Runs against built output: `npm run build && vitest run`.
+ */
+import { describe, it, expect } from 'vitest'
+import { normalizeWorkerTurn } from '../dist/brain/worker.js'
+
+describe('normalizeWorkerTurn — tolerant of fp8 weirdness', () => {
+  it('passes plain text through with no tool calls', () => {
+    const t = normalizeWorkerTurn({ response: 'hello' })
+    expect(t.text).toBe('hello')
+    expect(t.toolCalls).toEqual([])
+  })
+  it('parses string-encoded arguments into an object', () => {
+    const t = normalizeWorkerTurn({ tool_calls: [{ name: 'read_file', arguments: '{"path":"a.ts"}' }] })
+    expect(t.toolCalls[0]).toMatchObject({ id: 'wc_0', name: 'read_file', arguments: { path: 'a.ts' } })
+  })
+  it('keeps object arguments as-is', () => {
+    const t = normalizeWorkerTurn({ tool_calls: [{ name: 'grep', arguments: { pattern: 'x' } }] })
+    expect(t.toolCalls[0].arguments).toEqual({ pattern: 'x' })
+  })
+  it('coerces malformed/missing arguments to {} instead of throwing', () => {
+    const t = normalizeWorkerTurn({ tool_calls: [{ name: 'ls', arguments: 'not json' }, { name: 'pwd' }] })
+    expect(t.toolCalls[0].arguments).toEqual({})
+    expect(t.toolCalls[1].arguments).toEqual({})
+  })
+  it('drops nameless garbage tool_calls and re-indexes the survivors contiguously', () => {
+    const t = normalizeWorkerTurn({ tool_calls: [{ arguments: {} }, { name: 'glob', arguments: {} }] })
+    expect(t.toolCalls).toHaveLength(1)
+    expect(t.toolCalls[0]).toMatchObject({ id: 'wc_0', name: 'glob' })
+  })
+  it('handles a totally empty response without throwing', () => {
+    expect(normalizeWorkerTurn({})).toEqual({ text: '', toolCalls: [] })
+  })
+})