martin-loop 0.1.3 → 0.1.5

package/dist/vendor/adapters/cli-bridge.js

@@ -1,28 +1,33 @@
 import { spawn } from "node:child_process";
-import { isAbsolute } from "node:path";
+import { delimiter, extname, isAbsolute, join, resolve } from "node:path";
+import { existsSync } from "node:fs";
 import { diffStatsFromNumstat } from "./runtime-support.js";
 export async function runSubprocess(command, args, options) {
     return new Promise((resolve) => {
         let timedOut = false;
+        let settled = false;
         const stdoutChunks = [];
         const stderrChunks = [];
         const stdinMode = options.stdinData !== undefined ? "pipe" : "ignore";
+        const resolveOnce = (result) => {
+            if (settled) {
+                return;
+            }
+            settled = true;
+            resolve(result);
+        };
         let proc;
         try {
-            proc = (options.spawnImpl ?? spawn)(command, args, {
+            const spawnPlan = createSpawnPlan(command, args, options.cwd, options.spawnImpl !== undefined);
+            proc = (options.spawnImpl ?? spawn)(spawnPlan.command, spawnPlan.args, {
                 cwd: options.cwd,
                 stdio: [stdinMode, "pipe", "pipe"],
-                env: process.env,
-                // shell: true is required on Windows to resolve PATH shims (e.g. claude.cmd).
-                // Avoid it for absolute .exe paths because cmd.exe can split paths with spaces.
-                // Prompt content is never passed as a shell argument, it goes via stdin, so
-                // injection risk from the DEP0190 warning does not apply here.
-                shell: shouldUseWindowsShell(command)
+                env: process.env
             });
         }
         catch (error) {
             const message = error instanceof Error ? error.message : String(error);
-            resolve({
+            resolveOnce({
                 exitCode: 1,
                 stdout: "",
                 stderr: message,
@@ -30,38 +35,59 @@ export async function runSubprocess(command, args, options) {
             });
             return;
         }
-        if (options.stdinData !== undefined && proc.stdin) {
-            proc.stdin.write(options.stdinData, "utf8");
-            proc.stdin.end();
-        }
         proc.stdout?.on("data", (chunk) => {
             stdoutChunks.push(chunk);
         });
         proc.stderr?.on("data", (chunk) => {
             stderrChunks.push(chunk);
         });
+        proc.stdin?.on("error", (error) => {
+            // Some CLIs exit before consuming stdin in tests and on fast-fail paths.
+            // Treat the closed pipe as a handled subprocess lifecycle condition.
+            if (error.code === "EPIPE") {
+                return;
+            }
+            stderrChunks.push(Buffer.from(`${error.message}\n`, "utf8"));
+        });
         const timer = setTimeout(() => {
             timedOut = true;
             proc.kill("SIGTERM");
         }, options.timeoutMs);
-        proc.on("close", (code) => {
-            clearTimeout(timer);
-            resolve({
-                exitCode: code ?? 1,
-                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
-                stderr: Buffer.concat(stderrChunks).toString("utf8"),
-                timedOut
-            });
-        });
         proc.on("error", (error) => {
             clearTimeout(timer);
-            resolve({
+            resolveOnce({
                 exitCode: 1,
                 stdout: "",
                 stderr: error.message,
                 timedOut: false
             });
         });
+        proc.on("close", (code) => {
+            clearTimeout(timer);
+            resolveOnce({
+                exitCode: code ?? 1,
+                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                stderr: Buffer.concat(stderrChunks).toString("utf8"),
+                timedOut
+            });
+        });
+        if (options.stdinData !== undefined && proc.stdin) {
+            try {
+                proc.stdin.end(options.stdinData, "utf8");
+            }
+            catch (error) {
+                const stdinError = error;
+                if (stdinError.code !== "EPIPE") {
+                    clearTimeout(timer);
+                    resolveOnce({
+                        exitCode: 1,
+                        stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                        stderr: stdinError.message,
+                        timedOut: false
+                    });
+                }
+            }
+        }
     });
 }
 export async function runVerification(commands, cwd, timeoutMs, verificationStack, spawnImpl) {
@@ -76,9 +102,8 @@ export async function runVerification(commands, cwd, timeoutMs, verificationStac
     }
     const failedSteps = [];
     for (const step of steps) {
-        const parts = step.command.trim().split(/\s+/u);
-        const bin = parts[0];
-        const args = parts.slice(1);
+        const parts = splitCommand(step.command);
+        const [bin, ...args] = parts;
         if (!bin) {
             continue;
         }
@@ -115,8 +140,109 @@ export async function readGitExecutionArtifacts(repoRoot, timeoutMs, spawnImpl)
         ...(diffStats ? { diffStats } : {})
     };
 }
-function shouldUseWindowsShell(command) {
-    return process.platform === "win32" && !isAbsolute(command);
+function createSpawnPlan(command, args, cwd, preserveRawForInjectedSpawn) {
+    if (preserveRawForInjectedSpawn || process.platform !== "win32" || isAbsolute(command)) {
+        return { command, args };
+    }
+    const resolved = resolveWindowsCommand(command, cwd);
+    if (!resolved) {
+        return { command, args };
+    }
+    const extension = extname(resolved).toLowerCase();
+    if (extension === ".cmd" || extension === ".bat") {
+        return {
+            command: process.env.ComSpec || "cmd.exe",
+            args: ["/d", "/s", "/c", [quoteWindowsCmdArg(resolved), ...args.map(quoteWindowsCmdArg)].join(" ")]
+        };
+    }
+    return { command: resolved, args };
+}
+function resolveWindowsCommand(command, cwd) {
+    const hasPathSegment = command.includes("\\") || command.includes("/");
+    const baseCandidates = expandWindowsCommandCandidates(hasPathSegment ? resolve(cwd, command) : command);
+    if (hasPathSegment) {
+        return baseCandidates.find((candidate) => existsSync(candidate));
+    }
+    for (const directory of windowsPathDirectories()) {
+        for (const candidate of baseCandidates) {
+            const fullPath = join(directory, candidate);
+            if (existsSync(fullPath)) {
+                return fullPath;
+            }
+        }
+    }
+    return undefined;
+}
+function expandWindowsCommandCandidates(command) {
+    if (extname(command)) {
+        return [command];
+    }
+    const pathExt = process.env.PATHEXT ?? ".COM;.EXE;.BAT;.CMD";
+    return pathExt
+        .split(";")
+        .map((extension) => extension.trim())
+        .filter(Boolean)
+        .map((extension) => `${command}${extension.toLowerCase()}`);
+}
+function windowsPathDirectories() {
+    const rawPath = process.env.Path ?? process.env.PATH ?? "";
+    return rawPath
+        .split(delimiter)
+        .map((entry) => entry.trim().replace(/^"|"$/g, ""))
+        .filter(Boolean);
+}
+function quoteWindowsCmdArg(value) {
+    const normalized = value.replace(/\r?\n/gu, " ");
+    const escaped = normalized
+        .replace(/\^/gu, "^^")
+        .replace(/"/gu, '^"')
+        .replace(/%/gu, "%%")
+        .replace(/!/gu, "^^!")
+        .replace(/[&|<>()]/gu, (match) => `^${match}`);
+    return `"${escaped}"`;
+}
+export function splitCommand(command) {
+    const tokens = [];
+    let current = "";
+    let quote;
+    const trimmed = command.trim();
+    for (let index = 0; index < trimmed.length; index += 1) {
+        const char = trimmed[index];
+        const next = trimmed[index + 1];
+        if (char === undefined) {
+            continue;
+        }
+        if (char === "\\") {
+            const canEscape = quote !== "'" && (next === quote || next === "\\");
+            if (canEscape && next !== undefined) {
+                current += next;
+                index += 1;
+                continue;
+            }
+        }
+        if (char === '"' || char === "'") {
+            if (!quote) {
+                quote = char;
+                continue;
+            }
+            if (quote === char) {
+                quote = undefined;
+                continue;
+            }
+        }
+        if (!quote && /\s/u.test(char)) {
+            if (current.length > 0) {
+                tokens.push(current);
+                current = "";
+            }
+            continue;
+        }
+        current += char;
+    }
+    if (current.length > 0) {
+        tokens.push(current);
+    }
+    return tokens;
 }
 function truncate(text, maxLength) {
     if (text.length <= maxLength) {

package/dist/vendor/adapters/index.d.ts

@@ -2,4 +2,5 @@ export { createDirectProviderAdapter, type DirectProviderAdapterOptions } from "
 export { createStubDirectProviderAdapter, type StubDirectProviderAdapterOptions } from "./stub-direct-provider.js";
 export { createStubAgentCliAdapter, type StubAgentCliAdapterOptions } from "./stub-agent-cli.js";
 export { createAgentCliAdapter, createClaudeCliAdapter, createCodexCliAdapter, type AgentCliAdapterOptions, type ClaudeCliAdapterOptions, type CodexCliAdapterOptions, type CliArgsBuilder } from "./claude-cli.js";
+export { createVerifierOnlyAdapter, type VerifierOnlyAdapterOptions } from "./verifier-only.js";
 export type { SpawnLike, SubprocessResult, VerificationOutcome } from "./cli-bridge.js";

package/dist/vendor/adapters/index.js

@@ -2,4 +2,5 @@ export { createDirectProviderAdapter } from "./direct-provider.js";
 export { createStubDirectProviderAdapter } from "./stub-direct-provider.js";
 export { createStubAgentCliAdapter } from "./stub-agent-cli.js";
 export { createAgentCliAdapter, createClaudeCliAdapter, createCodexCliAdapter } from "./claude-cli.js";
+export { createVerifierOnlyAdapter } from "./verifier-only.js";
 //# sourceMappingURL=index.js.map

package/dist/vendor/adapters/verifier-only.d.ts

@@ -0,0 +1,7 @@
+import type { MartinAdapter } from "../core/index.js";
+export interface VerifierOnlyAdapterOptions {
+    workingDirectory?: string;
+    verifyTimeoutMs?: number;
+    label?: string;
+}
+export declare function createVerifierOnlyAdapter(options?: VerifierOnlyAdapterOptions): MartinAdapter;

package/dist/vendor/adapters/verifier-only.js

@@ -0,0 +1,57 @@
+import { readGitExecutionArtifacts, runVerification } from "./cli-bridge.js";
+import { createAdapterCapabilities, normalizeUsage } from "./runtime-support.js";
+export function createVerifierOnlyAdapter(options = {}) {
+    const workingDirectory = options.workingDirectory ?? process.cwd();
+    const verifyTimeoutMs = options.verifyTimeoutMs ?? 60_000;
+    return {
+        adapterId: "direct:verifier:verify-only",
+        kind: "direct-provider",
+        label: options.label ?? "Verifier-only adapter",
+        metadata: {
+            providerId: "verifier",
+            model: "verify-only",
+            transport: "cli",
+            capabilities: createAdapterCapabilities({
+                usageSettlement: true,
+                diffArtifacts: true
+            })
+        },
+        async execute(request) {
+            const verification = await runVerification(request.context.verificationPlan, workingDirectory, verifyTimeoutMs, request.context.verificationStack);
+            const execution = await readGitExecutionArtifacts(workingDirectory, 5_000);
+            const changedFiles = execution.changedFiles ?? [];
+            if (verification.passed) {
+                return {
+                    status: "completed",
+                    summary: changedFiles.length > 0
+                        ? `Verifier-only run completed but modified files: ${changedFiles.join(", ")}`
+                        : "Verifier-only run completed without file edits.",
+                    usage: normalizeUsage({
+                        actualUsd: 0,
+                        tokensIn: 0,
+                        tokensOut: 0,
+                        provenance: "actual"
+                    }),
+                    verification,
+                    execution
+                };
+            }
+            return {
+                status: "failed",
+                summary: "Verifier-only run failed.",
+                usage: normalizeUsage({
+                    actualUsd: 0,
+                    tokensIn: 0,
+                    tokensOut: 0,
+                    provenance: "actual"
+                }),
+                verification,
+                execution,
+                failure: {
+                    message: verification.summary
+                }
+            };
+        }
+    };
+}
+//# sourceMappingURL=verifier-only.js.map

package/dist/vendor/cli/index.d.ts

@@ -1,4 +1,4 @@
-import { type LoopBudget } from "../contracts/index.js";
+import { type LoopBudget, type MutationMode } from "../contracts/index.js";
 export type RunCommandRequest = {
     workspaceId: string;
     projectId: string;
@@ -11,6 +11,7 @@ export type RunCommandRequest = {
     cwd?: string;
     model?: string;
     engine?: string;
+    mutationMode?: MutationMode;
     allowedPaths?: string[];
     deniedPaths?: string[];
     acceptanceCriteria?: string[];
@@ -23,6 +24,10 @@ export type ParsedCliArguments = {
 } | {
     command: "bench";
     suiteId: string;
+} | {
+    command: "demo";
+    directory: string;
+    force: boolean;
 } | {
     command: "inspect";
     file: string;

package/dist/vendor/cli/index.js

@@ -1,7 +1,8 @@
-import { appendFile, mkdir, readFile } from "node:fs/promises";
+import { appendFile, cp, mkdir, readFile, readdir, rm } from "node:fs/promises";
 import { homedir } from "node:os";
-import { isAbsolute, join, resolve } from "node:path";
-import { createClaudeCliAdapter, createCodexCliAdapter, createStubDirectProviderAdapter } from "../adapters/index.js";
+import { dirname, isAbsolute, join, resolve } from "node:path";
+import { fileURLToPath } from "node:url";
+import { createClaudeCliAdapter, createCodexCliAdapter, createStubDirectProviderAdapter, createVerifierOnlyAdapter } from "../adapters/index.js";
 import { runMartin } from "../core/index.js";
 import { buildPortfolioSnapshot, createLoopRecord } from "../contracts/index.js";
 export async function executeCli(args) {
@@ -30,7 +31,7 @@ export async function executeCli(args) {
                 }
             };
             const workingDirectory = parsed.request.cwd ?? readOption(args, "--cwd") ?? process.cwd();
-            const adapter = selectAdapter(args, workingDirectory, parsed.request.model, parsed.request.engine);
+            const adapter = selectAdapter(args, workingDirectory, parsed.request.model, parsed.request.engine, parsed.request.mutationMode);
             let result;
             try {
                 result = await runMartin({
@@ -40,6 +41,7 @@ export async function executeCli(args) {
                         title: resolvedRequest.title,
                         objective: resolvedRequest.objective,
                         verificationPlan: resolvedRequest.verificationPlan,
+                        ...(resolvedRequest.mutationMode ? { mutationMode: resolvedRequest.mutationMode } : {}),
                         repoRoot: workingDirectory,
                         ...(resolvedRequest.allowedPaths?.length ? { allowedPaths: resolvedRequest.allowedPaths } : {}),
                         ...(resolvedRequest.deniedPaths?.length ? { deniedPaths: resolvedRequest.deniedPaths } : {}),
@@ -58,6 +60,7 @@ export async function executeCli(args) {
                         title: resolvedRequest.title,
                         objective: resolvedRequest.objective,
                         verificationPlan: resolvedRequest.verificationPlan,
+                        ...(resolvedRequest.mutationMode ? { mutationMode: resolvedRequest.mutationMode } : {}),
                         repoRoot: workingDirectory
                     },
                     budget: resolvedRequest.budget,
@@ -115,6 +118,27 @@ export async function executeCli(args) {
                 stderr: "The benchmark harness remains a workspace-only RC surface and is not part of the publishable @martin/cli boundary yet. Use pnpm --filter @martin/benchmarks test or pnpm --filter @martin/benchmarks eval:phase12 from the repo root instead."
             };
         }
+        case "demo": {
+            try {
+                const targetDirectory = await createDemoWorkspace({
+                    targetDirectory: parsed.directory,
+                    force: parsed.force
+                });
+                return {
+                    exitCode: 0,
+                    stdout: renderDemoInstructions(targetDirectory),
+                    stderr: ""
+                };
+            }
+            catch (error) {
+                const message = error instanceof Error ? error.message : String(error);
+                return {
+                    exitCode: 1,
+                    stdout: "",
+                    stderr: `Error: ${message}`
+                };
+            }
+        }
         case "inspect": {
             try {
                 const contents = await readFile(parsed.file, "utf8");
@@ -295,6 +319,9 @@ export function parseCliArguments(args) {
                     request.cwd = next;
                     index += 1;
                     break;
+                case "--verify-only":
+                    request.mutationMode = "verify_only";
+                    break;
                 case "--allow-path":
                     if (next) {
                         request.allowedPaths = [...(request.allowedPaths ?? []), next];
@@ -339,6 +366,7 @@ export function parseCliArguments(args) {
                 ...(request.cwd ? { cwd: request.cwd } : {}),
                 ...(request.model ? { model: request.model } : {}),
                 ...(request.engine ? { engine: request.engine } : {}),
+                ...(request.mutationMode ? { mutationMode: request.mutationMode } : {}),
                 ...(request.allowedPaths?.length ? { allowedPaths: request.allowedPaths } : {}),
                 ...(request.deniedPaths?.length ? { deniedPaths: request.deniedPaths } : {}),
                 ...(request.acceptanceCriteria?.length ? { acceptanceCriteria: request.acceptanceCriteria } : {})
@@ -351,6 +379,13 @@ export function parseCliArguments(args) {
             suiteId: readOption(rest, "--suite") ?? "ralphy-smoke"
         };
     }
+    if (command === "demo") {
+        return {
+            command: "demo",
+            directory: resolve(readOption(rest, "--dir") ?? join(process.cwd(), "martin-loop-demo")),
+            force: hasFlag(rest, "--force")
+        };
+    }
     if (command === "inspect") {
         return {
             command: "inspect",
@@ -373,12 +408,14 @@ export function renderCliHelp() {
         "  martin-loop run <objective> [options]",
         "  martin run <objective> [options]       (alias)",
         "  martin-loop run --objective <text> [options]",
+        "  martin-loop demo [--dir <path>] [--force]",
         "  martin-loop inspect --file <path>",
         "  martin-loop resume <loopId>",
         "  martin-loop bench --suite <suiteId>",
         "",
         "Commands:",
         "  run      Execute a bounded Martin loop against the current repository.",
+        "  demo     Copy a safe local sandbox so you can try MartinLoop outside your own repo.",
         "  inspect  Read a persisted loop record and summarize its portfolio metrics.",
         "  resume   Load a persisted loop record by loop ID from ~/.martin/runs/.",
         "  bench    Redirect to the workspace-only RC benchmark harness.",
@@ -390,12 +427,19 @@ export function renderCliHelp() {
         "  --cwd <path>            Set the repo root used for repo-backed runs.",
         "  --budget <n>            Set the hard cost cap in USD (subprocess killed at limit).",
         "  --budget-usd <n>        Alias for --budget.",
-        "  --verify <cmd>          Shell command to run as the verifier after each attempt.",
+        "  --soft-limit-usd <n>    Soft budget warning threshold in USD.",
         "  --max-iterations <n>    Set the maximum number of attempts.",
+        "  --max-tokens <n>        Set the maximum total token budget.",
+        "  --verify <cmd>          Shell command to run as the verifier after each attempt.",
+        "  --verify-only           Skip the coding adapter and run the verifier only.",
         "  --allow-path <glob>     Restrict agent writes to this path pattern (repeatable).",
         "  --deny-path <glob>      Block agent from this path pattern (repeatable).",
         "  --accept <criterion>    Add an acceptance criterion to the prompt (repeatable).",
-        "  --config <path>         Path to martin.config.yaml."
+        "  --config <path>         Path to martin.config.yaml.",
+        "",
+        "Demo options:",
+        "  --dir <path>            Target directory for the copied demo sandbox.",
+        "  --force                 Replace an existing non-empty demo target."
     ].join("\n");
 }
 function readOption(tokens, flag) {
@@ -418,6 +462,76 @@ function parseLoopRecords(contents) {
         return lines.map((line) => JSON.parse(line));
     }
 }
+async function createDemoWorkspace(input) {
+    const rootDir = await findMartinPackageRoot();
+    const sourceDirectory = join(rootDir, "demo", "seeded-workspace");
+    try {
+        await readdir(sourceDirectory);
+    }
+    catch (error) {
+        if (isNodeErrorWithCode(error, "ENOENT")) {
+            throw new Error(`Demo assets are missing from this install: ${sourceDirectory}`);
+        }
+        throw error;
+    }
+    const targetDirectory = resolve(input.targetDirectory);
+    const existingEntries = await readdir(targetDirectory).catch((error) => {
+        if (isNodeErrorWithCode(error, "ENOENT")) {
+            return undefined;
+        }
+        throw error;
+    });
+    if (existingEntries) {
+        if (existingEntries.length > 0 && !input.force) {
+            throw new Error(`Demo target already exists and is not empty: ${targetDirectory}. Re-run with --force to replace it.`);
+        }
+        await rm(targetDirectory, { force: true, recursive: true });
+    }
+    await mkdir(dirname(targetDirectory), { recursive: true });
+    await cp(sourceDirectory, targetDirectory, { recursive: true });
+    return targetDirectory;
+}
+async function findMartinPackageRoot() {
+    let currentDirectory = dirname(fileURLToPath(import.meta.url));
+    for (let depth = 0; depth < 8; depth += 1) {
+        const manifestPath = join(currentDirectory, "package.json");
+        try {
+            const manifest = JSON.parse(await readFile(manifestPath, "utf8"));
+            if (manifest.name === "martin-loop") {
+                return currentDirectory;
+            }
+        }
+        catch (error) {
+            if (!isNodeErrorWithCode(error, "ENOENT")) {
+                throw error;
+            }
+        }
+        const parentDirectory = dirname(currentDirectory);
+        if (parentDirectory === currentDirectory) {
+            break;
+        }
+        currentDirectory = parentDirectory;
+    }
+    throw new Error("Unable to resolve the martin-loop package root for demo assets.");
+}
+function renderDemoInstructions(targetDirectory) {
+    return [
+        `MartinLoop demo sandbox created at ${targetDirectory}`,
+        "",
+        "Next steps:",
+        `  cd ${targetDirectory}`,
+        "  npm install",
+        "  npm test",
+        "",
+        "Safe first run (no provider spend):",
+        '  MARTIN_LIVE=false npx martin-loop run "Summarize the demo workspace and confirm the verifier is green" --verify "npm test"',
+        "",
+        "Optional live run:",
+        '  npx martin-loop run "Add support for a discount percentage to summarizeInvoice and update the tests" --verify "npm test" --engine codex',
+        "",
+        `Task ideas live in ${join(targetDirectory, "TASKS.md")}`
+    ].join("\n");
+}
 async function resolveGuardrails(request, rawArgs) {
     const tokens = rawArgs.slice(1);
     const { config, configPath } = await loadGuardrailsConfig(request.configPath);
@@ -615,7 +729,10 @@ function isNodeErrorWithCode(error, code) {
  * --engine codex             — real Codex CLI subprocess
  * MARTIN_LIVE=false          — stub adapter (for tests / dry-runs)
  */
-function selectAdapter(rawArgs, workingDirectory, modelOverride, engineOverride) {
+function selectAdapter(rawArgs, workingDirectory, modelOverride, engineOverride, mutationMode) {
+    if (mutationMode === "verify_only") {
+        return createVerifierOnlyAdapter({ workingDirectory });
+    }
     if (process.env.MARTIN_LIVE === "false") {
         return createStubDirectProviderAdapter({
             label: "Stub adapter (MARTIN_LIVE=false)",

package/dist/vendor/contracts/index.d.ts

@@ -1,6 +1,6 @@
 export type LoopStatus = "queued" | "running" | "verifying" | "completed" | "failed" | "exited";
 export type LoopLifecycleState = "created" | "running" | "verifying" | "completed" | "budget_exit" | "diminishing_returns" | "stuck_exit" | "human_escalation";
-export type FailureClass = "logic_error" | "hallucination" | "syntax_error" | "type_error" | "test_regression" | "scope_creep" | "no_progress" | "repo_grounding_failure" | "verification_failure" | "environment_mismatch" | "budget_pressure";
+export type FailureClass = "logic_error" | "hallucination" | "syntax_error" | "type_error" | "test_regression" | "scope_creep" | "no_progress" | "repo_grounding_failure" | "verification_failure" | "environment_mismatch" | "budget_pressure" | "safety_leash_blocked";
 export type InterventionType = "compress_context" | "change_model" | "tighten_task" | "switch_adapter" | "run_verifier" | "escalate_human" | "stop_loop";
 export type LoopEventType = "run.started" | "attempt.started" | "attempt.completed" | "failure.classified" | "intervention.selected" | "verification.completed" | "budget.updated" | "run.completed";
 export interface LoopTask {
@@ -9,6 +9,7 @@ export interface LoopTask {
     repoRoot?: string;
     verificationPlan: string[];
     verificationStack?: VerificationStep[];
+    mutationMode?: MutationMode;
     executionProfile?: ExecutionProfile;
     allowedNetworkDomains?: string[];
     approvalPolicy?: ApprovalPolicy;
@@ -20,6 +21,7 @@ export interface LoopTask {
     acceptanceCriteria?: string[];
 }
 export type ExecutionProfile = "strict_local" | "ci_safe" | "staging_controlled" | "research_untrusted";
+export type MutationMode = "edit" | "verify_only";
 export interface ApprovalPolicy {
     dependencyAdds?: boolean;
     migrations?: boolean;

package/dist/vendor/core/compiler.d.ts

@@ -12,6 +12,7 @@ export interface CompilerAdapterRequest {
         objective: string;
         verificationPlan: string[];
         verificationStack?: LoopTask["verificationStack"];
+        mutationMode?: LoopTask["mutationMode"];
         repoRoot?: string;
         allowedPaths?: string[];
         deniedPaths?: string[];
@@ -29,6 +30,7 @@ export interface PromptPacket {
     contract: {
         objective: string;
         verificationPlan: string[];
+        mutationMode?: LoopTask["mutationMode"];
         allowedPaths?: string[];
         deniedPaths?: string[];
         acceptanceCriteria?: string[];

package/dist/vendor/core/compiler.js

@@ -8,10 +8,15 @@ export function compilePromptPacket(request) {
     const priorFailurePatterns = request.previousAttempts
         .filter((a) => a.failureClass && a.intervention)
         .map((a) => `${a.failureClass}:${a.intervention}`);
-    const guidanceParts = [
-        "Only modify files directly required to satisfy the contract.",
-        "Do not touch files outside the allowed paths."
-    ];
+    const guidanceParts = request.context.mutationMode === "verify_only"
+        ? [
+            "Do not modify files.",
+            "Run the verifier only and report whether it passed."
+        ]
+        : [
+            "Only modify files directly required to satisfy the contract.",
+            "Do not touch files outside the allowed paths."
+        ];
     if (request.context.allowedPaths && request.context.allowedPaths.length > 0) {
         guidanceParts.push(`Allowed paths: ${request.context.allowedPaths.join(", ")}.`);
     }
@@ -27,6 +32,7 @@ export function compilePromptPacket(request) {
         contract: {
             objective: redactSecretsFromText(request.context.objective),
             verificationPlan: request.context.verificationPlan,
+            ...(request.context.mutationMode ? { mutationMode: request.context.mutationMode } : {}),
             ...(request.context.allowedPaths ? { allowedPaths: request.context.allowedPaths } : {}),
             ...(request.context.deniedPaths ? { deniedPaths: request.context.deniedPaths } : {}),
             ...(request.context.acceptanceCriteria

package/dist/vendor/core/context-integrity.d.ts

@@ -0,0 +1,26 @@
+export type ContextIntegrityVerdict = "clean" | "context_poisoning_warning" | "context_poisoning_block";
+export interface ContextIntegrityPrecheck {
+    runId: string;
+    attemptIndex: number;
+    verdict: ContextIntegrityVerdict;
+    reason?: string;
+    detectedSignals: string[];
+    analyzedChannels: {
+        system: boolean;
+        user: boolean;
+        tools: boolean;
+        history: boolean;
+    };
+    timestamp: string;
+}
+/**
+ * T05: Context Poisoning Pre-gate.
+ * Scans untrusted input channels for authority inversion or instruction re-injection.
+ * Runs BEFORE admission control and core reasoning.
+ */
+export declare function runContextIntegrityPrecheck(runId: string, attemptIndex: number, artifactsDir: string, inputs: {
+    userPrompt?: string;
+    toolOutput?: string;
+    retrievedContext?: string;
+    history?: string;
+}): Promise<ContextIntegrityPrecheck>;