moflo 4.10.1 → 4.10.3

package/.claude/skills/healer/SKILL.md

@@ -30,7 +30,9 @@ Thin wrapper around the `flo healer` CLI. All check + fix logic lives in the CLI
    - `✓ N passing` (count only)
    - `⚠ warnings` — list `name: message`; flag with `[auto-fixable]` when the result has a `fix` field
    - `✗ failures` — same
-   - If `--fix` mode, also list which fixes were applied vs which need manual action.
+   - If `--fix` mode, read `fixesApplied[]` from the JSON payload and list `{name, applied}` per entry — applied=true → "fixed", applied=false → "needs manual action". The `results[]` array is post-fix state (re-evaluated), so report the final status.
+   - If `--install` was passed, surface `claudeCodeInstall.installed` from the payload.
+   - If `--kill-zombies` was passed, surface `zombieScan.killed` / `zombieScan.found` from the payload.
 
 4. **Nudge based on what changed.** Only mention next steps for state that *actually* changed:
    - Daemon restarted → `Statusline should refresh within ~5s.`

package/bin/session-start-launcher.mjs

@@ -358,10 +358,67 @@ function fireAndForget(cmd, args, label) {
   }
 }
 
+// Cross-platform sync sleep — Atomics.wait parks the thread at the OS level
+// without burning CPU (same primitive as src/cli/shared/utils/atomic-file-
+// write.ts:131). Used by stopDaemon's liveness polling between graceful and
+// forced termination so we never unlink the lockfile while the daemon is
+// still running.
+const STOP_SLEEP_BUF = new Int32Array(new SharedArrayBuffer(4));
+function sleepSyncMs(ms) {
+  Atomics.wait(STOP_SLEEP_BUF, 0, 0, ms);
+}
+
+// PID liveness check. EPERM means the process exists but is owned by another
+// user — treat as alive (matches the canonical isAlive in process-manager.mjs
+// after #1061; the prior `catch { return false; }` falsely reported foreign-
+// owned daemons as dead and let the lockfile be unlinked under them).
+//
+// Linux zombie handling: on Linux, `kill(pid, 0)` returns success for zombie
+// processes (exited but not yet reaped by their parent). A zombie can't write
+// to the DB, hold locks, or do anything else stopDaemon cares about — treating
+// it as alive exhausts the kill budget polling a corpse, then preserves the
+// lockfile under a dead process. Production never hits this (the daemon is
+// detached and reaped by init/systemd within ~ms), but a misbehaving parent
+// can keep a daemon zombified, and the launcher's vitest harness reproduces
+// the case deterministically (#1083 CI failure on ubuntu-latest). Read
+// /proc/<pid>/stat (fixed-format, cheap) and treat 'Z' as dead.
+function isDaemonPidAlive(pid) {
+  try {
+    process.kill(pid, 0);
+  } catch (err) {
+    return err && err.code === 'EPERM';
+  }
+  if (process.platform === 'linux') {
+    try {
+      const stat = readFileSync(`/proc/${pid}/stat`, 'utf-8');
+      // Format: "pid (comm) state ..." — comm can contain spaces/parens, so
+      // parse from the LAST ')' to skip it safely.
+      const lastParen = stat.lastIndexOf(')');
+      if (lastParen !== -1 && stat.charAt(lastParen + 2) === 'Z') return false;
+    } catch (err) {
+      // ENOENT = pid vanished between kill(0) and the read — already dead.
+      if (err && err.code === 'ENOENT') return false;
+      // Anything else (e.g. /proc unavailable) — keep the kill(0) verdict.
+    }
+  }
+  return true;
+}
+
 // Stop the daemon recorded in `lockFile` (if any) without restarting. Used by
 // the upgrade flow before any DB work — the daemon must not be holding old
 // path resolution in memory, and a concurrent sql.js flush would clobber the
-// cherry-picked rows. Returns true when a live PID was actually killed.
+// cherry-picked rows. Returns true when a live PID was confirmed dead (or the
+// PID was already gone when we read the lockfile).
+//
+// Escalation mirrors src/cli/commands/daemon.ts:killBackgroundDaemon so the
+// launcher's upgrade path and `flo daemon stop` behave identically: graceful
+// signal → wait → liveness check → force kill. The prior implementation sent
+// bare `process.kill(pid, 'SIGTERM')` on every platform, which on Windows
+// either silently force-kills or fails entirely depending on the process; in
+// either case the catch swallowed the outcome and the lockfile was unlinked.
+// The daemon (if it survived) then re-wrote the lockfile with its stale PID +
+// pre-upgrade version, defeating the section-3a-pre version-skew recovery and
+// leaving the statusline stuck on `📊 ?` until manual `flo daemon restart`.
 //
 // Section 4's `hooks.mjs session-start` spawn is responsible for starting a
 // fresh daemon under the current code; this function intentionally does not.
@@ -372,11 +429,61 @@ function stopDaemon(lockFile) {
     const lock = JSON.parse(readFileSync(lockFile, 'utf-8'));
     if (typeof lock?.pid === 'number' && lock.pid > 0) stalePid = lock.pid;
   } catch { /* malformed lock — fall through to unlink */ }
-  if (stalePid !== null) {
-    try { process.kill(stalePid, 'SIGTERM'); } catch { /* already dead */ }
+
+  let killed = false;
+  if (stalePid !== null && isDaemonPidAlive(stalePid)) {
+    // Graceful signal — platform-aware. On Windows, `process.kill(pid, 'SIGTERM')`
+    // silently force-kills (skipping the daemon's shutdown handlers that flush
+    // sql.js + release lock cleanly), so use bare `taskkill` (no /F) for a
+    // close-event signal.
+    try {
+      if (process.platform === 'win32') {
+        execFileSync('taskkill', ['/PID', String(stalePid)], { windowsHide: true, timeout: 5000 });
+      } else {
+        process.kill(stalePid, 'SIGTERM');
+      }
+    } catch { /* signal/spawn failed — fall through to liveness poll + force */ }
+
+    // Poll for death up to 3s. The daemon's shutdown handler does a final
+    // sql.js dump + lock release, which under load can take ~1s.
+    const gracefulDeadline = Date.now() + 3000;
+    while (Date.now() < gracefulDeadline) {
+      if (!isDaemonPidAlive(stalePid)) { killed = true; break; }
+      sleepSyncMs(100);
+    }
+
+    // Force-kill if still alive.
+    if (!killed) {
+      try {
+        if (process.platform === 'win32') {
+          execFileSync('taskkill', ['/F', '/T', '/PID', String(stalePid)], { windowsHide: true, timeout: 5000 });
+        } else {
+          process.kill(stalePid, 'SIGKILL');
+        }
+      } catch { /* dead or unreachable */ }
+      // Short grace period for OS reap.
+      const forceDeadline = Date.now() + 1000;
+      while (Date.now() < forceDeadline) {
+        if (!isDaemonPidAlive(stalePid)) { killed = true; break; }
+        sleepSyncMs(100);
+      }
+    }
+
+    if (!killed) {
+      // Daemon survived both signals. Leave the lockfile in place so the next
+      // session can see the stale PID and retry — unlinking now would let the
+      // surviving daemon re-write the lockfile with its stale PID + version,
+      // perpetuating the loop this fix exists to break.
+      emitWarning(`stopDaemon: PID ${stalePid} did not exit after SIGTERM+force-kill; lockfile preserved`);
+      return false;
+    }
+  } else if (stalePid !== null) {
+    // PID was in the lockfile but the process is already gone — clean unlink.
+    killed = true;
   }
+
   try { unlinkSync(lockFile); } catch { /* non-fatal */ }
-  return stalePid !== null;
+  return killed;
 }
 
 // Stop-and-restart helper for the stale-daemon branch (section 3a-pre). The
@@ -720,7 +827,7 @@ try {
 
       // ── Sync .claude/agents/ + .claude/skills/ recursively (#948) ──────
       // Pre-#948, agents and skills weren't manifest-tracked at all, so any
-      // file moflo retired (e.g. the 49 ruflo-aspirational agents in #932 or
+      // file moflo retired (e.g. the 49 aspirational agents in #932 or
       // skill-builder in #945) would linger forever in consumer projects —
       // Claude Code kept loading them on every prompt, paying the per-prompt
       // roster tokens we just spent #932 fixing. Walking these dirs through

package/dist/src/cli/commands/doctor-checks-config.js

@@ -13,7 +13,7 @@ import { errorDetail } from '../shared/utils/error-detail.js';
 export async function checkConfigFile() {
     // JSON configs (parse-validated). LEGACY-CONFIG: `.claude-flow.json` and
     // `claude-flow.config.json` filenames are still recognised so consumers
-    // upgrading from pre-#699 moflo builds (upstream Ruflo) keep working
+    // upgrading from pre-#699 moflo builds keep working
     // without manual rename. Drift guard exempts these via LEGACY-CONFIG marker.
     const jsonPaths = [
         '.moflo/config.json',
@@ -233,18 +233,18 @@ export async function checkMcpServers() {
                 const content = JSON.parse(readFileSync(configPath, 'utf8'));
                 const servers = content.mcpServers || content.servers || {};
                 const count = Object.keys(servers).length;
-                const hasClaudeFlow = 'moflo' in servers || 'claude-flow' in servers || 'claude-flow_alpha' in servers || 'ruflo' in servers || 'ruflo_alpha' in servers;
+                const hasClaudeFlow = 'moflo' in servers || 'claude-flow' in servers || 'claude-flow_alpha' in servers;
                 if (hasClaudeFlow) {
                     return { name: 'MCP Servers', status: 'pass', message: `${count} servers (flo configured)` };
                 }
-                return { name: 'MCP Servers', status: 'warn', message: `${count} servers (flo not found)`, fix: 'claude mcp add ruflo -- npx -y ruflo@latest mcp start' };
+                return { name: 'MCP Servers', status: 'warn', message: `${count} servers (flo not found)`, fix: 'claude mcp add moflo -- npx -y moflo mcp start' };
             }
             catch {
                 // continue to next path
             }
         }
     }
-    return { name: 'MCP Servers', status: 'warn', message: 'No MCP config found', fix: 'claude mcp add moflo npx moflo mcp start' };
+    return { name: 'MCP Servers', status: 'warn', message: 'No MCP config found', fix: 'claude mcp add moflo -- npx -y moflo mcp start' };
 }
 // Catches three failure modes (#895):
 //   1. File missing — session-start should have created it; warn user that

package/dist/src/cli/commands/doctor-checks-memory-access.js

@@ -144,7 +144,33 @@ async function runMemoryRoundTrip(ctx) {
     }
     else {
         const top = searchOut.results?.find(r => r.key === key);
-        pushDetail(ctx.details, { id: `${ctx.idPrefix}.search-finds-key`, mcpTool: 'memory_search', expected: `result containing key=${key}` }, top ? { topKey: top.key, similarity: top.similarity } : { allKeys: searchOut.results?.map(r => r.key) }, top ? null : `stored key ${key} not in results (got: ${searchOut?.results?.map(r => r.key).join(', ') ?? 'none'})`);
+        if (top) {
+            pushDetail(ctx.details, { id: `${ctx.idPrefix}.search-finds-key`, mcpTool: 'memory_search', expected: `result containing key=${key}` }, { topKey: top.key, similarity: top.similarity }, null);
+        }
+        else {
+            // #1120: search returned results but our just-stored key wasn't among
+            // them. Mirrors the #1111 empty-HNSW fallback for the non-zero case:
+            // if the row IS reachable by literal key, demote to warn — memory
+            // access works, the HNSW index just hasn't propagated the new write
+            // yet (stale-neighbor race when healer runs 2+ times in one session
+            // against accumulated probe rows). If literal retrieve also fails,
+            // surface the original fail unchanged.
+            const otherKeys = searchOut?.results?.map(r => r.key).join(', ') ?? 'none';
+            const retrievable = await literalKeyReachable(ctx.memoryTools, key, namespace);
+            if (retrievable) {
+                ctx.details.push({
+                    id: `${ctx.idPrefix}.search-finds-key`,
+                    mcpTool: 'memory_search',
+                    status: 'warn',
+                    observed: { topKeys: searchOut?.results?.map(r => r.key), retrievable: true },
+                    expected: `result containing key=${key}`,
+                    message: `search returned results but our key was not among them (got: ${otherKeys}); row IS reachable by literal retrieve — HNSW stale-neighbor race (newly-written row not yet propagated to the index). Memory access path works.`,
+                });
+            }
+            else {
+                pushDetail(ctx.details, { id: `${ctx.idPrefix}.search-finds-key`, mcpTool: 'memory_search', expected: `result containing key=${key}` }, { allKeys: searchOut.results?.map(r => r.key) }, `stored key ${key} not in results (got: ${otherKeys})`);
+            }
+        }
     }
     // 4. memory_retrieve returns the full value (search content is truncated
     // to a 60-char snippet). Catches write clobber and namespace bleed — we

package/dist/src/cli/commands/doctor-embedding-hygiene.js

@@ -16,6 +16,13 @@
  *      vectors. The Story-2 self-healing migration converges every active
  *      row on the canonical label; this check verifies it actually did.
  *
+ * Story #729 carve-out: ephemeral-namespace rows (tasklist, hive-mind,
+ * epic-state, test-bridge-fix, plus EPHEMERAL_NAMESPACE_PREFIXES) are
+ * intentionally written with `embedding IS NULL AND embedding_model IS
+ * NULL`. They are excluded from the count so they don't trip branch (4)
+ * "unrecognised embedding_model" on every publish — see bridge-embedder.ts
+ * for the writer-side rationale.
+ *
  * Lives next to the doctor command rather than in `doctor.ts` to keep that
  * file under the 500-line decomposition target.
  *
@@ -26,6 +33,7 @@ import { existsSync } from 'fs';
 import { CANONICAL_EMBEDDING_MODEL } from '../embeddings/migration/types.js';
 import { memoryDbCandidatePaths } from '../services/moflo-paths.js';
 import { openDaemonDatabase } from '../memory/daemon-backend.js';
+import { EPHEMERAL_NAMESPACES, EPHEMERAL_NAMESPACE_PREFIXES, } from '../memory/bridge-embedder.js';
 /**
  * Known neural-model labels that all share the all-MiniLM-L6-v2 384-dim
  * vector space. The Story-2 migration retags any of these to the
@@ -155,23 +163,51 @@ async function loadModelGroups(dbPath) {
         }
         if (!hasSchema)
             return [];
-        const groups = [];
-        const result = db.exec(`SELECT
+        // Story #729: ephemeral-namespace rows (tasklist, hive-mind, epic-state,
+        // …) are intentionally written with `embedding IS NULL AND
+        // embedding_model IS NULL`. Without this exclusion every spell run that
+        // logs to `tasklist` re-trips branch (4) "unrecognised embedding_model"
+        // on the next publish, even though the writer is doing the right thing.
+        const ephemeralNames = [...EPHEMERAL_NAMESPACES];
+        const ephemeralPrefixes = [...EPHEMERAL_NAMESPACE_PREFIXES];
+        const matchClauses = [];
+        const params = [];
+        if (ephemeralNames.length > 0) {
+            matchClauses.push(`namespace IN (${ephemeralNames.map(() => '?').join(', ')})`);
+            params.push(...ephemeralNames);
+        }
+        for (const prefix of ephemeralPrefixes) {
+            matchClauses.push(`namespace LIKE ?`);
+            params.push(`${prefix}%`);
+        }
+        const ephemeralExclusion = matchClauses.length > 0
+            ? `AND NOT (embedding IS NULL AND embedding_model IS NULL AND (${matchClauses.join(' OR ')}))`
+            : '';
+        const sql = `SELECT
          COALESCE(embedding_model, 'NULL') AS model,
          COUNT(*) AS n,
          SUM(CASE WHEN embedding IS NULL THEN 1 ELSE 0 END) AS null_count
        FROM memory_entries
        WHERE status = 'active'
-       GROUP BY model`);
-        if (!result || result.length === 0)
-            return [];
-        const rows = result[0]?.values ?? [];
-        for (const row of rows) {
-            groups.push({
-                model: String(row[0]),
-                count: Number(row[1]),
-                hasNullEmbedding: Number(row[2]) > 0,
-            });
+       ${ephemeralExclusion}
+       GROUP BY model`;
+        const groups = [];
+        const stmt = db.prepare(sql);
+        try {
+            stmt.bind(params);
+            while (stmt.step()) {
+                const row = stmt.get();
+                if (Array.isArray(row)) {
+                    groups.push({
+                        model: String(row[0]),
+                        count: Number(row[1]),
+                        hasNullEmbedding: Number(row[2]) > 0,
+                    });
+                }
+            }
+        }
+        finally {
+            stmt.free();
         }
         return groups;
     }

package/dist/src/cli/commands/doctor-render.js

@@ -19,66 +19,95 @@ function tally(results) {
         failed: results.filter(r => r.status === 'fail').length,
     };
 }
-export async function runKillZombiesBanner() {
-    output.writeln(output.bold('Zombie Process Scan'));
-    output.writeln();
+/**
+ * Run the kill-zombies scan, with optional rendering. Issue #1122: in JSON
+ * mode the prose banner would corrupt the single-document contract, so the
+ * caller passes `silent: true` and surfaces the structured result inside the
+ * JSON payload instead.
+ */
+export async function runKillZombies(opts = {}) {
+    const silent = !!opts.silent;
+    if (!silent) {
+        output.writeln(output.bold('Zombie Process Scan'));
+        output.writeln();
+    }
     const registryKilled = killTrackedProcesses();
-    if (registryKilled > 0) {
+    if (!silent && registryKilled > 0) {
         output.writeln(output.success(`  Killed ${registryKilled} tracked background process(es) from registry`));
     }
     // Single OS-level scan + kill — the previous flow scanned twice.
     const result = await findZombieProcesses(true);
     const found = result.details.length;
-    if (found === 0) {
-        if (registryKilled === 0) {
-            output.writeln(output.success('  No orphaned moflo processes found'));
-        }
-    }
-    else {
-        output.writeln(output.warning(`  Found ${found} additional orphaned process(es):`));
-        for (const d of result.details) {
-            output.writeln(output.dim(`    ${formatZombieDetail(d)}`));
-        }
-        if (result.killed > 0) {
-            output.writeln(output.success(`  Killed ${result.killed} zombie process(es)`));
+    if (!silent) {
+        if (found === 0) {
+            if (registryKilled === 0) {
+                output.writeln(output.success('  No orphaned moflo processes found'));
+            }
         }
-        if (result.killed < found) {
-            output.writeln(output.warning(`  ${found - result.killed} process(es) could not be killed`));
+        else {
+            output.writeln(output.warning(`  Found ${found} additional orphaned process(es):`));
+            for (const d of result.details) {
+                output.writeln(output.dim(`    ${formatZombieDetail(d)}`));
+            }
+            if (result.killed > 0) {
+                output.writeln(output.success(`  Killed ${result.killed} zombie process(es)`));
+            }
+            if (result.killed < found) {
+                output.writeln(output.warning(`  ${found - result.killed} process(es) could not be killed`));
+            }
         }
+        output.writeln();
+        output.writeln(output.dim('─'.repeat(50)));
+        output.writeln();
     }
-    output.writeln();
-    output.writeln(output.dim('─'.repeat(50)));
-    output.writeln();
+    return { registryKilled, found, killed: result.killed, details: result.details };
 }
 /**
  * Issue #818: machine-readable output. Emits a single JSON document with
  * per-check fields (and any FunctionalCheckDetail entries from the swarm/
- * hive checks) and exits with the right code. Skips auto-fix entirely —
- * --json is read-only by intent so CI gates can consume it without
- * mutating the working tree.
+ * hive checks) and exits with the right code.
+ *
+ * Issue #1122: action flags (`--fix`, `--install`, `--kill-zombies`) now run
+ * before this is called and their outcomes are passed in so automation can
+ * tell what changed without re-parsing prose. `results` reflects post-fix
+ * state when `fixesApplied` includes any successful fix.
  */
-export function emitJsonOutput({ results, strict, allowWarnList }) {
+export function emitJsonOutput({ results, strict, allowWarnList, fixesApplied, zombieScan, claudeCodeInstall, }) {
     const { passed, warnings, failed } = tally(results);
     const allowSet = new Set(allowWarnList);
     const strictWarningFailures = strict
         ? results.filter(r => r.status === 'warn' && !allowSet.has(r.name)).map(r => r.name)
         : [];
     const exitCode = failed > 0 || strictWarningFailures.length > 0 ? 1 : 0;
-    process.stdout.write(JSON.stringify({
+    const payload = {
         summary: { passed, warnings, failed },
         strict: strict ? { strictMode: true, warningsTriggeringFail: strictWarningFailures } : { strictMode: false },
         results,
-    }, null, 2) + '\n');
+    };
+    if (fixesApplied !== undefined)
+        payload.fixesApplied = fixesApplied;
+    if (zombieScan !== undefined)
+        payload.zombieScan = zombieScan;
+    if (claudeCodeInstall !== undefined)
+        payload.claudeCodeInstall = claudeCodeInstall;
+    process.stdout.write(JSON.stringify(payload, null, 2) + '\n');
     return { success: exitCode === 0, exitCode, data: { passed, warnings, failed, results } };
 }
-/** Re-runs Claude Code CLI install + check if --install was passed and the prior result wasn't pass. */
-export async function maybeAutoInstallClaudeCode(results, fixes) {
+/**
+ * Re-runs Claude Code CLI install + check if --install was passed and the
+ * prior result wasn't pass. Issue #1122: accepts `{silent}` so the JSON path
+ * runs the install without writing prose to the corrupted stdout, and
+ * returns a structured outcome for inclusion in the JSON document.
+ */
+export async function maybeAutoInstallClaudeCode(results, fixes, opts = {}) {
+    const silent = !!opts.silent;
     const claudeCodeResult = results.find(r => r.name === 'Claude Code CLI');
-    if (!claudeCodeResult || claudeCodeResult.status === 'pass')
-        return;
+    if (!claudeCodeResult || claudeCodeResult.status === 'pass') {
+        return { attempted: false, installed: false };
+    }
     const installed = await installClaudeCode();
     if (!installed)
-        return;
+        return { attempted: true, installed: false };
     const newCheck = await checkClaudeCode();
     const idx = results.findIndex(r => r.name === 'Claude Code CLI');
     if (idx !== -1) {
@@ -88,7 +117,9 @@ export async function maybeAutoInstallClaudeCode(results, fixes) {
             fixes.splice(fixIdx, 1);
         }
     }
-    output.writeln(formatCheck(newCheck));
+    if (!silent)
+        output.writeln(formatCheck(newCheck));
+    return { attempted: true, installed: true, postCheck: newCheck };
 }
 export function renderSummary(results) {
     const counts = tally(results);
@@ -103,62 +134,75 @@ export function renderSummary(results) {
     output.writeln(`Summary: ${summaryParts.join(', ')}`);
     return counts;
 }
-/** Auto-fix loop, including the post-fix re-run. Mutates `results` and `fixes` in place when fixes succeed. */
-export async function runAutoFix(results, fixes, checksToRun) {
+/**
+ * Auto-fix loop, including the post-fix re-run. Mutates `results` and `fixes`
+ * in place when fixes succeed and returns a structured outcome.
+ *
+ * Issue #1122: accepts `{silent}` so the JSON path can run the same fix work
+ * without writing prose to a stubbed stdout, and emit `fixesApplied` +
+ * post-fix `results` from the returned data.
+ */
+export async function runAutoFix(results, fixes, checksToRun, opts = {}) {
+    const silent = !!opts.silent;
     if (fixes.length === 0)
-        return;
-    output.writeln();
-    output.writeln(output.bold('Auto-fixing issues...'));
-    output.writeln();
+        return { fixesApplied: [], reEvaluated: null };
+    if (!silent) {
+        output.writeln();
+        output.writeln(output.bold('Auto-fixing issues...'));
+        output.writeln();
+    }
     const fixableResults = results.filter(r => r.fix && (r.status === 'fail' || r.status === 'warn'));
-    let fixed = 0;
-    const unfixed = [];
+    const fixesApplied = [];
     for (const check of fixableResults) {
         const success = await autoFixCheck(check);
-        if (success) {
-            fixed++;
+        fixesApplied.push({ name: check.name, applied: success });
+    }
+    const fixed = fixesApplied.filter(f => f.applied).length;
+    const unfixed = fixesApplied.filter(f => !f.applied);
+    if (!silent) {
+        if (fixed > 0) {
+            output.writeln();
+            output.writeln(output.success(`Auto-fixed ${fixed} issue${fixed > 1 ? 's' : ''}`));
         }
-        else {
-            unfixed.push(`${check.name}: ${check.fix}`);
+        if (unfixed.length > 0) {
+            output.writeln();
+            output.writeln(output.bold('Manual fixes needed:'));
+            const fixByName = new Map(fixableResults.map(r => [r.name, r.fix ?? '']));
+            for (const f of unfixed) {
+                output.writeln(output.dim(`  ${f.name}: ${fixByName.get(f.name) ?? ''}`));
+            }
         }
     }
-    if (fixed > 0) {
+    if (fixed === 0)
+        return { fixesApplied, reEvaluated: null };
+    const reSettled = await Promise.allSettled(checksToRun.map(check => check()));
+    const reEvaluated = reSettled.map((sr) => sr.status === 'fulfilled'
+        ? sr.value
+        : { name: 'Check', status: 'fail', message: sr.reason?.message ?? 'Unknown error' });
+    if (!silent) {
         output.writeln();
-        output.writeln(output.success(`Auto-fixed ${fixed} issue${fixed > 1 ? 's' : ''}`));
-    }
-    if (unfixed.length > 0) {
+        output.writeln(output.dim('Re-checking...'));
         output.writeln();
-        output.writeln(output.bold('Manual fixes needed:'));
-        for (const fix of unfixed) {
-            output.writeln(output.dim(`  ${fix}`));
-        }
-    }
-    if (fixed === 0)
-        return;
-    output.writeln();
-    output.writeln(output.dim('Re-checking...'));
-    output.writeln();
-    const reResults = await Promise.allSettled(checksToRun.map(check => check()));
-    let rePassed = 0, reWarnings = 0, reFailed = 0;
-    for (const sr of reResults) {
-        if (sr.status === 'fulfilled') {
-            output.writeln(formatCheck(sr.value));
-            if (sr.value.status === 'pass')
+        let rePassed = 0, reWarnings = 0, reFailed = 0;
+        for (const r of reEvaluated) {
+            output.writeln(formatCheck(r));
+            if (r.status === 'pass')
                 rePassed++;
-            else if (sr.value.status === 'warn')
+            else if (r.status === 'warn')
                 reWarnings++;
             else
                 reFailed++;
         }
+        output.writeln();
+        output.writeln(output.dim('─'.repeat(50)));
+        const reSummary = [
+            output.success(`${rePassed} passed`),
+            reWarnings > 0 ? output.warning(`${reWarnings} warnings`) : null,
+            reFailed > 0 ? output.error(`${reFailed} failed`) : null,
+        ].filter(Boolean);
+        output.writeln(`After fix: ${reSummary.join(', ')}`);
     }
-    output.writeln();
-    output.writeln(output.dim('─'.repeat(50)));
-    const reSummary = [
-        output.success(`${rePassed} passed`),
-        reWarnings > 0 ? output.warning(`${reWarnings} warnings`) : null,
-        reFailed > 0 ? output.error(`${reFailed} failed`) : null,
-    ].filter(Boolean);
-    output.writeln(`After fix: ${reSummary.join(', ')}`);
+    return { fixesApplied, reEvaluated };
 }
 /**
  * Build the final CommandResult based on pass/warn/fail counts and --strict

package/dist/src/cli/commands/doctor-version.js

@@ -27,7 +27,7 @@ function readCurrentVersion() {
                     const pkg = JSON.parse(readFileSync(candidate, 'utf8'));
                     if (pkg.version &&
                         typeof pkg.name === 'string' &&
-                        (pkg.name === 'moflo' || pkg.name === 'claude-flow' || pkg.name === 'ruflo')) {
+                        (pkg.name === 'moflo' || pkg.name === 'claude-flow')) {
                         return pkg.version;
                     }
                 }