loki-mode 7.67.0 → 7.69.0

package/SKILL.md

@@ -3,7 +3,7 @@ name: loki-mode
 description: Autonomous spec-driven build system with a built-in trust layer. It does not call work done until it is verified (RARV-C closure loop, 8 quality gates, completion council, verified-completion evidence gate). Triggers on "Loki Mode". Takes a spec (PRD, GitHub issue, OpenAPI doc, etc.) to deployed product with minimal human intervention. Provider-agnostic. Requires --dangerously-skip-permissions flag.
 ---
 
-# Loki Mode v7.67.0
+# Loki Mode v7.69.0
 
 **You are an autonomous agent. You make decisions. You do not ask questions. You do not stop.**
 
@@ -406,4 +406,4 @@ See `CHANGELOG.md` entries [7.5.7], [7.5.8], [7.5.13] for the per-fix list and r
 
 ---
 
-**v7.67.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**
+**v7.69.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**

package/VERSION

@@ -1 +1 @@
-7.67.0
+7.69.0

package/autonomy/app-runner.sh

@@ -1799,8 +1799,14 @@ app_runner_watchdog() {
     log_info "App Runner: auto-restarting in ${backoff}s..."
     sleep "$backoff"
 
-    # Clear PID and restart
+    # Clear PID and restart. Remove the identity token alongside app.pid (LOW-3):
+    # the token belongs to the now-dead process, and if the upcoming start fails
+    # (e.g. the old port is still held) no new token is written, so a leftover
+    # token would outlive its pid and could mislead a later _app_runner_pid_is_ours
+    # check. Every site that removes app.pid removes app.token (cf. stop:1443,
+    # watchdog crash-limit:1789).
     rm -f "$_APP_RUNNER_DIR/app.pid"
+    rm -f "$_APP_RUNNER_DIR/app.token"
     _APP_RUNNER_PID=""
     app_runner_start || log_warn "App Runner: auto-restart failed"
 }
@@ -1829,8 +1835,14 @@ app_runner_cleanup() {
         fi
     fi
 
-    # Remove PID file
+    # Remove PID file and its paired identity token (LOW-3). app_runner_stop
+    # above removes both when a pid is present, but it early-returns without
+    # touching either when called with no pid (the post-failed-restart leftover
+    # state: token present, app.pid already gone). Removing the token here too
+    # guarantees no stale token survives session end regardless of how cleanup
+    # was reached.
     rm -f "$_APP_RUNNER_DIR/app.pid"
+    rm -f "$_APP_RUNNER_DIR/app.token"
 
     # Update state
     _write_app_state "stopped"

package/autonomy/completion-council.sh

@@ -1971,6 +1971,9 @@ council_member_review() {
     fi
 
     local verdict=""
+    # bash-F4: exit code of the provider subcall (0 when no subcall ran, i.e.
+    # no-provider degraded mode). 124/137/143 => timeout => conservative REJECT.
+    local _provider_rc=0
     local role_instruction=""
     case "$role" in
         requirements_verifier)
@@ -2059,34 +2062,62 @@ ISSUES: CRITICAL:description (optional, one per line per issue)"
                 # CAVEMAN_DEFAULT_MODE=off suppression is preserved (see above).
                 # bash-F3: timeout-guard the provider subcall so a hung CLI can
                 # not stall the whole council. Default 600s matches the Bun route
-                # (council.ts LOKI_COUNCIL_TIMEOUT_MS=600000). A timeout yields
-                # empty output, which the [ -z "$verdict" ] fallback below turns
-                # into a conservative heuristic review.
+                # (council.ts LOKI_COUNCIL_TIMEOUT_MS=600000).
+                # bash-F4 (WAVE10 SAFE-DEFAULT): capture the subcall exit code so a
+                # timeout (124) is NOT silently routed into council_heuristic_review.
+                # The heuristic fallback defaults to APPROVE on benign evidence, so
+                # a full provider timeout used to let a 2-of-3 heuristic APPROVE mark
+                # the project COMPLETE (force-review path) -- the opposite of the
+                # required safe default. pipefail (run.sh:172) makes the assignment's
+                # $? equal timeout's 124 when the CLI is killed. _provider_rc is read
+                # after the case to force a conservative REJECT on timeout.
                 verdict=$(echo "$prompt" | timeout "${LOKI_COUNCIL_REVIEW_TIMEOUT:-600}" env CAVEMAN_DEFAULT_MODE=off claude "${_cm_argv[@]}" -p 2>/dev/null)
+                _provider_rc=$?
             fi
             ;;
         codex)
             if command -v codex &>/dev/null; then
                 verdict=$(timeout "${LOKI_COUNCIL_REVIEW_TIMEOUT:-600}" codex exec --sandbox workspace-write "$prompt" 2>/dev/null)
+                _provider_rc=$?
             fi
             ;;
         gemini)
             if command -v gemini &>/dev/null; then
                 verdict=$(echo "$prompt" | timeout "${LOKI_COUNCIL_REVIEW_TIMEOUT:-600}" gemini 2>/dev/null)
+                _provider_rc=$?
             fi
             ;;
         cline)
             if command -v cline &>/dev/null; then
                 verdict=$(timeout "${LOKI_COUNCIL_REVIEW_TIMEOUT:-600}" cline -y "$prompt" 2>/dev/null)
+                _provider_rc=$?
             fi
             ;;
         aider)
             if command -v aider &>/dev/null; then
                 verdict=$(timeout "${LOKI_COUNCIL_REVIEW_TIMEOUT:-600}" aider --message "$prompt" --yes-always --no-auto-commits --no-git 2>/dev/null)
+                _provider_rc=$?
             fi
             ;;
     esac
 
+    # bash-F4 (WAVE10 SAFE-DEFAULT): a provider timeout (124, incl. 128+SIGTERM
+    # variants 137/143 if a wrapper kills it) must NEVER fall through to the
+    # APPROVE-leaning heuristic review. A reviewer whose CLI hung produced NO
+    # judgement, so the only safe verdict is REJECT (conservative re-iterate).
+    # Note: when no provider CLI is installed, the command -v guard above means
+    # the subcall never runs and _provider_rc stays 0, so legitimate no-provider
+    # degraded mode still reaches the heuristic fallback unchanged.
+    if [ "$_provider_rc" -eq 124 ] || [ "$_provider_rc" -eq 137 ] || [ "$_provider_rc" -eq 143 ]; then
+        # run.sh's log_warn writes to STDOUT (see bash-F2 note); council_member_review's
+        # stdout is captured as the verdict, so redirect to stderr to keep the
+        # captured verdict clean (the log line carries no VOTE: token, so the
+        # parse stays REJECT regardless, but this avoids polluting the capture).
+        log_warn "Council member $member_id ($role): provider review timed out (rc=$_provider_rc); defaulting to REJECT" >&2
+        verdict="VOTE:REJECT
+REASON: Provider review timed out (rc=$_provider_rc); no judgement produced, defaulting to conservative REJECT"
+    fi
+
     # Fallback: if no AI provider available, use heuristic-based review
     if [ -z "$verdict" ]; then
         verdict=$(council_heuristic_review "$role" "$evidence_file")

package/autonomy/loki

@@ -3071,7 +3071,7 @@ cmd_status_json() {
     local dashboard_port="${LOKI_DASHBOARD_PORT:-57374}"
     local env_provider="${LOKI_PROVIDER:-claude}"
 
-    python3 -c "
+    if ! python3 -c "
 import json, os, sys, time
 
 skill_dir = sys.argv[1]
@@ -3359,9 +3359,14 @@ if os.path.isfile(gate_count_file):
 result['phase1'] = phase1
 
 print(json.dumps(result, indent=2))
-" "$skill_dir" "$loki_dir" "$dashboard_port" "$env_provider"
-
-    if [ $? -ne 0 ]; then
+" "$skill_dir" "$loki_dir" "$dashboard_port" "$env_provider"; then
+        # WAVE8 loki-F2: under `set -euo pipefail` a bare python3 call aborts
+        # the whole function on non-zero exit, so the old post-call
+        # `if [ $? -ne 0 ]` fallback was DEAD code -- a missing/broken python3
+        # crashed `loki status --json` instead of degrading. Guarding the call
+        # with `if ! ...; then` catches the non-zero exit and emits the honest
+        # error object. (Most malformed state files already degrade internally
+        # via per-file try/except; this covers the interpreter-failure case.)
         echo '{"error": "Failed to generate JSON status. Ensure python3 is available."}' >&2
         return 1
     fi
@@ -7353,8 +7358,8 @@ cmd_config() {
             echo "  issue.provider       Default issue provider: github, gitlab, jira, azure_devops"
             echo "  blind_validation     Blind validation mode: true, false (default: true)"
             echo "  adversarial_testing  Adversarial testing: true, false (default: true)"
-            echo "  spawn_timeout        Provider spawn timeout in seconds (default: 120)"
-            echo "  spawn_retries        Provider spawn retry count (default: 2)"
+            echo "  spawn_timeout        [DEPRECATED] No effect since WAVE9 (no consumer); accepted for back-compat"
+            echo "  spawn_retries        [DEPRECATED] No effect since WAVE9 (no consumer); accepted for back-compat"
             echo "  notify.slack         Slack webhook URL"
             echo "  notify.discord       Discord webhook URL"
             echo "  budget               Cost budget limit in USD"
@@ -7432,6 +7437,7 @@ cmd_config_set() {
             if ! echo "$value" | grep -qE '^[0-9]+$'; then
                 echo -e "${RED}Invalid $key: $value (expected: integer)${NC}"; return 1
             fi
+            echo -e "${YELLOW}Note: '$key' is deprecated and has no effect since WAVE9 (no consumer in the runtime). Accepted for back-compat only.${NC}" >&2
             ;;
         budget)
             if ! echo "$value" | grep -qE '^[0-9]+(\.[0-9]+)?$'; then
@@ -7513,8 +7519,8 @@ SET_CONFIG
         provider)         export LOKI_PROVIDER="$value" ;;
         blind_validation) export LOKI_BLIND_VALIDATION="$value" ;;
         adversarial_testing) export LOKI_ADVERSARIAL_TESTING="$value" ;;
-        spawn_timeout)    export LOKI_SPAWN_TIMEOUT="$value" ;;
-        spawn_retries)    export LOKI_SPAWN_RETRIES="$value" ;;
+        # spawn_timeout / spawn_retries: deprecated, no runtime consumer (WAVE9);
+        # intentionally not exported.
         budget)           export LOKI_BUDGET_LIMIT="$value" ;;
     esac
 }
@@ -7621,8 +7627,8 @@ cmd_config_show() {
     echo "  maxTier:              ${LOKI_MAX_TIER:-(unlimited)}"
     echo "  blind_validation:     ${LOKI_BLIND_VALIDATION:-true}"
     echo "  adversarial_testing:  ${LOKI_ADVERSARIAL_TESTING:-true}"
-    echo "  spawn_timeout:        ${LOKI_SPAWN_TIMEOUT:-120}s"
-    echo "  spawn_retries:        ${LOKI_SPAWN_RETRIES:-2}"
+    echo "  spawn_timeout:        (deprecated, no effect)"
+    echo "  spawn_retries:        (deprecated, no effect)"
     echo "  issue_provider:       ${LOKI_ISSUE_PROVIDER:-(auto-detect)}"
     echo "  budget:               ${LOKI_BUDGET_LIMIT:-(no limit)}"
     echo ""
@@ -12485,18 +12491,27 @@ for f in data.get('frictions', []):
 
     # Initialize or update healing progress
     if [[ ! -f "$heal_dir/healing-progress.json" ]] || [ "$do_resume" != "true" ]; then
+        # WAVE8 loki-est: pass codebase/phase/strict/out-path via env instead of
+        # interpolating raw bash into the python source. A codebase path or phase
+        # containing an apostrophe made this a SyntaxError; under `|| true` the
+        # progress file was then silently never written (and the later
+        # prev_phase read would fail), breaking healing resume.
+        LOKI_HEAL_CODEBASE="$codebase_path" \
+        LOKI_HEAL_PHASE_VAL="$phase" \
+        LOKI_HEAL_STRICT_VAL="$strict" \
+        LOKI_HEAL_OUT="$heal_dir/healing-progress.json" \
         python3 -c "
-import json
+import json, os
 from datetime import datetime
 progress = {
-    'codebase': '$codebase_path',
+    'codebase': os.environ.get('LOKI_HEAL_CODEBASE', ''),
     'started': datetime.now().isoformat(),
-    'current_phase': '$phase',
-    'strict_mode': $( [ "$strict" = "true" ] && echo "True" || echo "False" ),
+    'current_phase': os.environ.get('LOKI_HEAL_PHASE_VAL', ''),
+    'strict_mode': os.environ.get('LOKI_HEAL_STRICT_VAL', '') == 'true',
     'components': [],
     'overall_health': 0.0
 }
-with open('$heal_dir/healing-progress.json', 'w') as f:
+with open(os.environ['LOKI_HEAL_OUT'], 'w') as f:
     json.dump(progress, f, indent=2)
 " || true
     fi
@@ -12504,7 +12519,7 @@ with open('$heal_dir/healing-progress.json', 'w') as f:
     # BUG-HEAL-004: Validate phase gate when resuming from a previous phase
     if [ "$do_resume" = "true" ] && [[ -f "$heal_dir/healing-progress.json" ]] && type hook_healing_phase_gate &>/dev/null; then
         local prev_phase
-        prev_phase=$(python3 -c "import json; print(json.load(open('$heal_dir/healing-progress.json')).get('current_phase', 'archaeology'))" 2>/dev/null || echo "archaeology")
+        prev_phase=$(LOKI_HEAL_PROG="$heal_dir/healing-progress.json" python3 -c "import json, os; print(json.load(open(os.environ['LOKI_HEAL_PROG'])).get('current_phase', 'archaeology'))" 2>/dev/null || echo "archaeology")
         if [[ "$prev_phase" != "$phase" ]]; then
             local gate_result
             if ! gate_result=$(hook_healing_phase_gate "$prev_phase" "$phase" 2>&1); then
@@ -12998,47 +13013,60 @@ else:
                 return 1
             fi
 
-            # Fire lifecycle hooks and record state
-            PYTHONPATH="${SKILL_DIR:-.}" python3 -c "
-import json, sys
-sys.path.insert(0, '${SKILL_DIR:-.}')
+            # Fire lifecycle hooks and record state.
+            # WAVE10: pass cluster_id / template_name / template_file / SKILL_DIR
+            # via os.environ instead of interpolating into the python source.
+            # A --cluster-id containing a single quote (e.g. "o'brien") made the
+            # heredoc body a SyntaxError, skipping all state recording while the
+            # green "Cluster: ..." line still printed (silent false success).
+            _LOKI_SKILL_DIR="${SKILL_DIR:-.}" \
+            _LOKI_TEMPLATE_FILE="${template_file}" \
+            _LOKI_CLUSTER_ID="${cluster_id}" \
+            _LOKI_TEMPLATE_NAME="${template_name}" \
+            _LOKI_DO_RESUME="${do_resume}" \
+            PYTHONPATH="${SKILL_DIR:-.}" python3 -c '
+import json, sys, os
+skill_dir = os.environ["_LOKI_SKILL_DIR"]
+sys.path.insert(0, skill_dir)
 from swarm.patterns import ClusterLifecycleHooks
 from state.sqlite_backend import SqliteStateBackend
 
 # Load template hooks config
-with open('${template_file}') as f:
+with open(os.environ["_LOKI_TEMPLATE_FILE"]) as f:
     tpl = json.load(f)
 
-hooks = ClusterLifecycleHooks(tpl.get('hooks', {}))
+hooks = ClusterLifecycleHooks(tpl.get("hooks", {}))
 db = SqliteStateBackend()
 
-cluster_id = '${cluster_id}'
-resume = '${do_resume}' == 'true'
+cluster_id = os.environ["_LOKI_CLUSTER_ID"]
+template_name = os.environ["_LOKI_TEMPLATE_NAME"]
+resume = os.environ["_LOKI_DO_RESUME"] == "true"
 
 if resume:
-    events = db.query_events(event_type='cluster_state', migration_id=cluster_id, limit=1)
+    events = db.query_events(event_type="cluster_state", migration_id=cluster_id, limit=1)
     if events:
-        print(f'Resuming cluster {cluster_id} from last checkpoint')
+        print(f"Resuming cluster {cluster_id} from last checkpoint")
     else:
-        print(f'No previous state found for {cluster_id}. Starting fresh.')
+        print(f"No previous state found for {cluster_id}. Starting fresh.")
 
 # Fire pre_run hooks
-results = hooks.fire('pre_run', {'cluster_id': cluster_id, 'template': '${template_name}'})
+results = hooks.fire("pre_run", {"cluster_id": cluster_id, "template": template_name})
 for r in results:
-    if not r['success']:
-        print(f'Pre-run hook failed: {r[\"output\"]}')
+    if not r["success"]:
+        print("Pre-run hook failed: " + str(r.get("output", "")))
 
 # Record cluster start
-db.record_event('cluster_start', {
-    'cluster_id': cluster_id,
-    'template': '${template_name}',
-    'agents': len(tpl.get('agents', [])),
-    'resume': resume,
+db.record_event("cluster_start", {
+    "cluster_id": cluster_id,
+    "template": template_name,
+    "agents": len(tpl.get("agents", [])),
+    "resume": resume,
 }, migration_id=cluster_id)
 
-print(f'Cluster {cluster_id} initialized with {len(tpl.get(\"agents\", []))} agents')
-print('Template validated. Lifecycle hooks active.')
-" 2>&1
+_n_agents = len(tpl.get("agents", []))
+print(f"Cluster {cluster_id} initialized with {_n_agents} agents")
+print("Template validated. Lifecycle hooks active.")
+' 2>&1
 
             echo -e "${GREEN}Cluster: $cluster_id${NC}"
             echo -e "Template: $template_name"
@@ -22834,35 +22862,39 @@ cmd_onboard() {
         fi
         # Extract metadata from package.json
         if command -v python3 &>/dev/null; then
+            # WAVE8 loki-est (same class as cmd_explain): pass the repo path via
+            # env (os.environ) instead of interpolating into the python source.
+            # A path with an apostrophe made each heredoc a SyntaxError, silently
+            # dropping the package.json name/version/description under `|| true`.
             local pkg_name
-            pkg_name=$(python3 -c "
-import json, sys
+            pkg_name=$(LOKI_ONB_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_ONB_PKG']))
     print(d.get('name', ''))
 except: pass
 " 2>/dev/null || true)
             if [ -n "$pkg_name" ]; then
                 project_name="$pkg_name"
             fi
-            project_description=$(python3 -c "
-import json, sys
+            project_description=$(LOKI_ONB_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_ONB_PKG']))
     print(d.get('description', ''))
 except: pass
 " 2>/dev/null || true)
-            project_version=$(python3 -c "
-import json, sys
+            project_version=$(LOKI_ONB_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_ONB_PKG']))
     print(d.get('version', ''))
 except: pass
 " 2>/dev/null || true)
-            entry_points=$(python3 -c "
-import json, sys
+            entry_points=$(LOKI_ONB_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_ONB_PKG']))
     main = d.get('main', '')
     if main: print(main)
     scripts = d.get('scripts', {})
@@ -23242,10 +23274,11 @@ $imports"
     if [ -f "$target_path/package.json" ]; then
         if command -v python3 &>/dev/null; then
             local scripts_json
-            scripts_json=$(python3 -c "
-import json
+            # WAVE8 loki-est: env-passed path (see cmd_onboard metadata block).
+            scripts_json=$(LOKI_ONB_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_ONB_PKG']))
     s = d.get('scripts', {})
     for k in ['build', 'dev', 'start', 'test', 'lint', 'format', 'check', 'typecheck']:
         if k in s:
@@ -23306,10 +23339,10 @@ except: pass
         output=$(cat <<ENDJSON
 {
   "project": {
-    "name": "$project_name",
+    "name": $(_VAL="$project_name" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$project_name\""),
     "description": $(_DESC="$project_description" python3 -c "import json, os; print(json.dumps(os.environ.get('_DESC','')))" 2>/dev/null || echo "\"$project_description\""),
-    "version": "$project_version",
-    "path": "$target_path"
+    "version": $(_VAL="$project_version" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$project_version\""),
+    "path": $(_VAL="$target_path" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$target_path\"")
   },
   "languages": "$(echo $languages | sed 's/  */ /g')",
   "frameworks": "$(echo $frameworks | sed 's/  */ /g')",
@@ -23323,9 +23356,9 @@ except: pass
     "docs": $doc_count
   },
   "commands": {
-    "build": "$build_cmd",
-    "run": "$run_cmd",
-    "test": "$test_cmd"
+    "build": $(_VAL="$build_cmd" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$build_cmd\""),
+    "run": $(_VAL="$run_cmd" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$run_cmd\""),
+    "test": $(_VAL="$test_cmd" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$test_cmd\"")
   },
   "depth": $depth
 }
@@ -23335,10 +23368,10 @@ ENDJSON
         # YAML output
         output=$(cat <<ENDYAML
 project:
-  name: $project_name
-  description: "$project_description"
-  version: "$project_version"
-  path: $target_path
+  name: $(_VAL="$project_name" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$project_name\"")
+  description: $(_VAL="$project_description" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$project_description\"")
+  version: $(_VAL="$project_version" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$project_version\"")
+  path: $(_VAL="$target_path" python3 -c "import json, os; print(json.dumps(os.environ.get('_VAL','')))" 2>/dev/null || echo "\"$target_path\"")
 languages: $languages
 frameworks: $frameworks
 build_system: $build_system
@@ -23637,10 +23670,14 @@ cmd_explain() {
 
         if command -v python3 &>/dev/null; then
             local pkg_meta
-            pkg_meta=$(python3 -c "
-import json
+            # WAVE8 loki-est: pass the path via env (os.environ) instead of
+            # interpolating into the python source -- a repo path containing an
+            # apostrophe broke the string literal and dropped all package.json
+            # metadata.
+            pkg_meta=$(LOKI_EXP_PKG="$target_path/package.json" python3 -c "
+import json, os
 try:
-    d = json.load(open('$target_path/package.json'))
+    d = json.load(open(os.environ['LOKI_EXP_PKG']))
     print(d.get('name', ''))
     print(d.get('description', ''))
     print(d.get('version', ''))
@@ -23869,17 +23906,67 @@ $devdeps_list"
 
     # --- JSON output ---
     if [ "$output_json" = true ]; then
+        # WAVE8 loki-est: pass every value via the environment and read it with
+        # os.environ instead of interpolating raw bash into the python source.
+        # Interpolation broke on any apostrophe/quote/newline in a project name,
+        # version, description, or path (e.g. a dir named `my'app`), silently
+        # degrading real analysis to `{"error": "JSON generation failed"}`.
+        # env-passing is injection-proof and keeps the same output shape.
+        LOKI_EXP_NAME="$project_name" \
+        LOKI_EXP_DESC="$project_description" \
+        LOKI_EXP_VERSION="$project_version" \
+        LOKI_EXP_PATH="$target_path" \
+        LOKI_EXP_LANGUAGES="$languages" \
+        LOKI_EXP_FRAMEWORKS="$frameworks" \
+        LOKI_EXP_BUILD="$build_system" \
+        LOKI_EXP_PKGMGR="$package_manager" \
+        LOKI_EXP_TESTFW="$test_framework" \
+        LOKI_EXP_CI="$ci_system" \
+        LOKI_EXP_PATTERNS="$detected_patterns" \
+        LOKI_EXP_TOTAL="$total_files" \
+        LOKI_EXP_SRC="$src_count" \
+        LOKI_EXP_TEST="$test_count" \
+        LOKI_EXP_DOC="$doc_count" \
+        LOKI_EXP_CONFIG="$config_count" \
+        LOKI_EXP_BUILDCMD="$build_cmd" \
+        LOKI_EXP_RUNCMD="$run_cmd" \
+        LOKI_EXP_TESTCMD="$test_cmd" \
+        LOKI_EXP_LINTCMD="$lint_cmd" \
+        LOKI_EXP_ENTRY="$major_files" \
+        LOKI_EXP_MONOREPO="$is_monorepo" \
+        LOKI_EXP_DOCKER="$has_docker" \
         python3 -c "
-import json
+import json, os
+
+def _s(name):
+    return os.environ.get(name, '')
+
+def _list(name):
+    v = _s(name).strip()
+    return v.split() if v else []
+
+def _opt(name):
+    v = _s(name).strip()
+    return v or None
+
+def _int(name):
+    try:
+        return int(_s(name).strip())
+    except (ValueError, TypeError):
+        return 0
+
+def _bool(name):
+    return _s(name).strip() == 'true'
+
 data = {
-    'project': {'name': '$project_name', 'description': '''$(echo "$project_description" | sed "s/'/\\\\'/g")''', 'version': '$project_version', 'path': '$target_path'},
-    'stack': {'languages': '${languages}'.split() if '${languages}'.strip() else [], 'frameworks': '${frameworks}'.split() if '${frameworks}'.strip() else [], 'build_system': '$build_system' or None, 'package_manager': '$package_manager' or None, 'test_framework': '${test_framework}'.split() if '${test_framework}'.strip() else [], 'ci': '${ci_system}'.strip() or None},
-    'patterns': '${detected_patterns}'.split() if '${detected_patterns}'.strip() else [],
-    'files': {'total': $total_files, 'source': $src_count, 'test': $test_count, 'docs': $doc_count, 'config': $config_count},
-    'commands': {'build': '${build_cmd}' or None, 'run': '${run_cmd}' or None, 'test': '${test_cmd}' or None, 'lint': '${lint_cmd}' or None},
-    'entry_points': '${major_files}'.split() if '${major_files}'.strip() else [],
-    'monorepo': $( [ "$is_monorepo" = true ] && echo "True" || echo "False" ),
-    'has_docker': $( [ "$has_docker" = true ] && echo "True" || echo "False" )
+    'project': {'name': _s('LOKI_EXP_NAME'), 'description': _s('LOKI_EXP_DESC'), 'version': _s('LOKI_EXP_VERSION'), 'path': _s('LOKI_EXP_PATH')},
+    'stack': {'languages': _list('LOKI_EXP_LANGUAGES'), 'frameworks': _list('LOKI_EXP_FRAMEWORKS'), 'build_system': _opt('LOKI_EXP_BUILD'), 'package_manager': _opt('LOKI_EXP_PKGMGR'), 'test_framework': _list('LOKI_EXP_TESTFW'), 'ci': _opt('LOKI_EXP_CI')},
+    'patterns': _list('LOKI_EXP_PATTERNS'),
+    'files': {'total': _int('LOKI_EXP_TOTAL'), 'source': _int('LOKI_EXP_SRC'), 'test': _int('LOKI_EXP_TEST'), 'docs': _int('LOKI_EXP_DOC'), 'config': _int('LOKI_EXP_CONFIG')},
+    'commands': {'build': _opt('LOKI_EXP_BUILDCMD'), 'run': _opt('LOKI_EXP_RUNCMD'), 'test': _opt('LOKI_EXP_TESTCMD'), 'lint': _opt('LOKI_EXP_LINTCMD')},
+    'entry_points': _list('LOKI_EXP_ENTRY'),
+    'monorepo': _bool('LOKI_EXP_MONOREPO'),
+    'has_docker': _bool('LOKI_EXP_DOCKER')
 }
 print(json.dumps(data, indent=2))
 " 2>/dev/null || echo '{"error": "JSON generation failed"}'

package/autonomy/run.sh

@@ -1932,61 +1932,32 @@ get_provider_tier_param() {
 }
 
 #===============================================================================
-# Provider Spawn Timeout (v6.0.0)
-# Wraps provider invocation with timeout + retries.
-# Default: 120s timeout, 2 retries.
+# Provider Spawn Timeout (removed WAVE9 / provider-F2)
+#
+# A former invoke_with_timeout() helper (v6.0.0) wrapped a command in
+# `timeout <s> "$@"` with a retry loop. It was never wired to the main
+# provider invocation and is intentionally not revived, for two reasons:
+#
+#   1. No safe generous default. The main provider call is a long-running
+#      autonomous coding agent. Any fixed timeout short enough to catch a
+#      hang would also kill legitimate multi-minute iterations, and there is
+#      no "generous enough" value that is both safe and useful by default.
+#   2. Wrong retry semantics. The helper re-ran the same command on timeout.
+#      Re-running a coding agent mid-work (it may have already edited files)
+#      is actively harmful, not protective.
+#
+# The main invocation is also a pipeline (`claude | tee | python3`), which a
+# positional-arg `timeout "$@"` wrapper cannot wrap at all. Interrupting a
+# hung provider is handled by the SIGINT trap (kill_provider_child) instead.
+#
+# The `loki config spawn_timeout` / `spawn_retries` knobs (autonomy/loki) and
+# the config->env mapping in this file (`'spawn_timeout':'LOKI_SPAWN_TIMEOUT'`
+# in the config loader) still export LOKI_SPAWN_TIMEOUT / LOKI_SPAWN_RETRIES,
+# but nothing consumes them now. The mapping line is intentionally left in place
+# (a config-schema test may enumerate it); the full inert-knob removal spans
+# autonomy/loki too and is a separate cross-file follow-up.
 #===============================================================================
 
-PROVIDER_SPAWN_TIMEOUT=${LOKI_SPAWN_TIMEOUT:-120}
-PROVIDER_SPAWN_RETRIES=${LOKI_SPAWN_RETRIES:-2}
-
-# Invoke a command with timeout and retry logic
-# Usage: invoke_with_timeout <timeout_seconds> <retries> <command...>
-invoke_with_timeout() {
-    local timeout="$1"
-    local max_retries="$2"
-    shift 2
-
-    local attempt=0
-    while [ $attempt -le $max_retries ]; do
-        if [ $attempt -gt 0 ]; then
-            log_warn "Provider spawn retry $attempt/$max_retries..."
-        fi
-
-        local exit_code=0
-        # Use timeout command if available (GNU coreutils or macOS)
-        if command -v timeout &>/dev/null; then
-            timeout "$timeout" "$@"
-            exit_code=$?
-        elif command -v gtimeout &>/dev/null; then
-            gtimeout "$timeout" "$@"
-            exit_code=$?
-        else
-            # Fallback: no timeout wrapper, run directly
-            log_warn "timeout/gtimeout not available - running without timeout enforcement"
-            "$@"
-            exit_code=$?
-        fi
-
-        # Exit code 124 = timeout
-        if [ $exit_code -eq 124 ]; then
-            log_warn "Provider spawn timed out after ${timeout}s (attempt $((attempt+1))/$((max_retries+1)))"
-            ((attempt++))
-            continue
-        fi
-
-        return $exit_code
-    done
-
-    log_error "Provider spawn failed after $((max_retries+1)) attempts (timeout=${timeout}s)"
-    # Crash friction (retry_loop): provider spawn exhausted all retries -- a
-    # clear threshold (not a single retry). Best-effort, never blocks.
-    if type loki_crash_friction &>/dev/null; then
-        loki_crash_friction "retry_loop" "provider spawn failed after $((max_retries+1)) attempts" >/dev/null 2>&1 || true
-    fi
-    return 124
-}
-
 #===============================================================================
 # GitHub Integration Functions (v4.1.0)
 #===============================================================================
@@ -9978,6 +9949,16 @@ CPEOF
         find "$checkpoint_dir" -maxdepth 1 -type d -name "cp-*" 2>/dev/null \
             | while read -r p; do basename "$p"; done | sort -t'-' -k3 -n \
             | head -n "$to_remove" | while read -r old_cp; do
+            # WAVE9 (checkpoint leak): also delete the anchored worktree-snapshot
+            # ref so its stash commit becomes eligible for `git gc`. Without this,
+            # refs/loki/cp/<id> (and its commit) leaked forever even after the
+            # checkpoint directory was pruned. Targeted deletion of exactly the
+            # ids being pruned ONLY -- never a blanket refs/loki/cp/* sweep, since
+            # git refs are shared across worktrees of one repo while checkpoint
+            # dirs are per-TARGET_DIR; a parallel worktree may still need a ref we
+            # are not pruning here. `|| true` because not every checkpoint has a
+            # ref (only those where `git stash create` returned a non-empty sha).
+            git update-ref -d "refs/loki/cp/${old_cp}" 2>/dev/null || true
             old_cp="${checkpoint_dir}/${old_cp}"
             rm -rf "$old_cp" 2>/dev/null || true
         done
@@ -11492,7 +11473,11 @@ try:
     storage = MemoryStorage(f'{target_dir}/.loki/memory')
     retriever = MemoryRetrieval(storage)
     context = {'goal': goal, 'phase': phase}
-    results = retriever.retrieve_task_aware(context, top_k=3)
+    # The autonomous RARV loop opts into persist_boost so retrieved memories are
+    # reinforced on disk ("use it or lose it"). Manual surfaces (loki memory CLI,
+    # dashboard, MCP) keep the default persist_boost=False so a human browsing
+    # memories does not silently inflate their importance.
+    results = retriever.retrieve_task_aware(context, top_k=3, persist_boost=True)
     if results:
         print('RELEVANT MEMORIES:')
         for r in results[:3]: