multimodel-dev-os 3.0.1 → 3.1.0

package/docs/.vitepress/config.js

@@ -32,7 +32,7 @@ export default {
         'license': 'https://opensource.org/licenses/MIT',
         'url': 'https://github.com/rizvee/multimodel-dev-os',
         'downloadUrl': 'https://www.npmjs.com/package/multimodel-dev-os',
-        'softwareVersion': '3.0.1',
+        'softwareVersion': '3.1.0',
         'description': 'Portable, vendor-neutral AI Developer OS for multi-agent coding workflows.'
       })
     ]
@@ -199,7 +199,7 @@ export default {
           { text: 'v3 Roadmap', link: '/v3-roadmap' },
           { text: 'Release Policy', link: '/release-policy' },
           { text: 'Support Policy', link: '/support-policy' },
-          { text: 'Pre-flight Release Testing', link: '/testing-v0.2' },
+          { text: 'Pre-flight Release Testing', link: '/testing' },
           { text: 'Final Launch Guidelines', link: '/final-launch' },
           { text: 'v1.0.0 Release Checklist', link: '/v1-checklist' }
         ]

package/docs/npm-publishing.md

@@ -12,13 +12,13 @@ Before publishing, always test the built package locally by compiling a compress
    ```bash
    npm pack
    ```
-   This creates a file named like `multimodel-dev-os-3.0.1.tgz` in your directory root.
+   This creates a file named like `multimodel-dev-os-3.0.2.tgz` in your directory root.
 
 2. **Verify bundle contents:**
    Create an empty temporary workspace, extract the tarball, and confirm that only required scaffold folders are included (no `.github/`, test configurations, or local system files):
    ```bash
    mkdir -p /tmp/package-test && cd /tmp/package-test
-   tar -xzf /path/to/multimodel-dev-os-3.0.1.tgz
+   tar -xzf /path/to/multimodel-dev-os-3.0.2.tgz
    ls -la package/
    ```
 
@@ -78,17 +78,17 @@ Execute these validation actions strictly in sequence before triggering a releas
 ## 4. Prepublish Safety Guard
 
 > [!IMPORTANT]
-> **v3.0.1 is the active stable release.** NPM publishing is live.
+> **v3.0.2 is the active stable release.** NPM publishing is live.
 
 ### Source vs. Registry Strategy
-* **GitHub main branch (Source)**: Contains the current stable `v3.0.1` codebase.
+* **GitHub main branch (Source)**: Contains the current stable `v3.0.2` codebase.
 * **npm latest (Registry)**: Pulled and installed globally or via npx.
 
 ### Prepublish Safety Guard
 To prevent accidental `npm publish` executions on developer environments, a local validation script has been added to package hooks. If you run `npm publish`, it is blocked by default.
 
 To bypass this check during approved release windows:
-1. Ensure the version in `package.json` is a valid stable major version >= 2 (e.g., v3.0.1).
+1. Ensure the version in `package.json` is a valid stable major version >= 2 (e.g., v3.0.2).
 2. Run publication with the override env variable:
    ```powershell
    # PowerShell

package/docs/package-safety.md

@@ -27,3 +27,11 @@ The project release audit scripts strictly enforce these checks:
 npm run verify
 ```
 Any violation will cause verification and build pipelines to fail immediately.
+
+## Registry Security Update (v3.0.2)
+
+A security hotfix has been applied in `v3.0.2` to secure the registry synchronization and validation channels:
+* **Remediation of Command Injection Risk:** Removed shell-based url interpolation. Sub-process fetches now use safe, argument-based `execFileSync` invocations, isolating URL arguments from evaluated code context.
+* **Registry URL Sanitization:** Enforces strict validation of remote registry URLs using Node's `URL` parser. URLs must use HTTPS by default. Control characters, credentials, spaces, quotes, and shell metacharacters are strictly rejected.
+* **Upgrade Guidance:** Users running `v3.0.0` or `v3.0.1` must upgrade to `v3.0.2` immediately.
+* **Safety Boundaries Preserved:** Remote registries remain disabled by default, sync operations are cache-only (never installing or running plugins), and conflict checks on sensitive files (`.env`, `.npmrc`, package configuration files) are strictly enforced.

package/docs/public/llms-full.txt

@@ -1,4 +1,4 @@
-# MultiModel Dev OS — Comprehensive AI Assistant Discoverability Guide (v3.0.1 Stable Release)
+# MultiModel Dev OS — Comprehensive AI Assistant Discoverability Guide (v3.1.0 Stable Release)
 
 MultiModel Dev OS is a repository-level porting specification designed to align context and instructions across diverse developer tools and AI models.
 

package/docs/public/llms.txt

@@ -1,4 +1,4 @@
-# MultiModel Dev OS (v3.0.1 Stable Release)
+# MultiModel Dev OS (v3.1.0 Stable Release)
 
 Portable, vendor-neutral workspace configuration standard for multi-agent AI pair-programming workflows.
 

package/docs/public/sitemap.xml

@@ -245,4 +245,9 @@
     <changefreq>weekly</changefreq>
     <priority>0.7</priority>
   </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/testing</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
 </urlset>

package/docs/registry-policy.md

@@ -35,6 +35,10 @@ Here is a list of all fields supported in `.ai/policies/registry-policy.yaml`:
 * **Default:** `false`
 * **Description:** When `false`, blocks installation of plugins originating from registries with `trust_level` set to `community` or `untrusted`.
 
+### `allow_http_localhost` (Boolean)
+* **Default:** `false`
+* **Description:** (Added in `v3.0.2`) When `true`, optionally permits remote registry URLs to use unencrypted `http://localhost` or `http://127.0.0.1` endpoints. Intended strictly for local development and testing.
+
 ### `allowed_write_roots` (Array of Strings)
 * **Default:** `['.ai/', 'adapters/']`
 * **Description:** A whitelist of directory paths relative to the project root. Plugins are only permitted to write files into these directories.

package/docs/registry-security.md

@@ -41,6 +41,13 @@ Threat: Malicious Remote Registry
   * **In-process verification:** The `registry verify` command performs SHA256 checksum checks against the manifest.
   * **ReadOnly Dashboard:** The interactive TUI Dashboard is completely read-only for registry and plugin operations, preventing UI-driven privilege escalation.
 
+### 5. Sync Command Injection & URL Validation (Patched in v3.0.2)
+* **Threat:** A compromised or malicious remote registry URL is pre-configured in `.ai/registries/sources.yaml` to execute command injection payloads (e.g. via quotes or shell metacharacters) during sync.
+* **Mitigation:**
+  * **No Shell Execution:** Remote synchronization (`registry sync`) does not invoke shell interpreters. It spawns the Node sub-process using the safe `execFileSync` API, passing the target URL as arguments (`process.argv[1]`) rather than string-interpolating it into evaluated code.
+  * **Strict URL Sanitization:** URLs are validated using the native `URL` class. Remote registry URLs must use HTTPS by default. Credentials, quotes (`'`, `"`, `` ` ``), spaces, and shell metacharacters (`$`, `;`, `&`, `|`, `<`, `>`, `(`, `)`, `*`) are strictly blocked.
+  * **HTTP Localhost Exception:** The `allow_http_localhost` policy flag (defaulting to `false`) optionally allows local development registries using `http://localhost` or `http://127.0.0.1`.
+
 ---
 
 ## Safety Boundaries Matrix

package/docs/registry-sync.md

@@ -51,6 +51,12 @@ Run the `registry add` command with the `--approved` flag to define a new regist
 npx multimodel-dev-os registry add partner-registry https://registry.example.com/catalog.yaml --approved
 ```
 
+> [!IMPORTANT]
+> **Strict URL Constraints (v3.0.2+)**
+> * All remote registry URLs must be valid and must use HTTPS by default to prevent sniffing and tampering.
+> * URLs containing quotes (`'`, `"`, `` ` ``), spaces, or shell metacharacters (`$`, `;`, etc.) are rejected to eliminate command injection risks.
+> * Local testing via HTTP localhost can be enabled if `allow_http_localhost` is set to `true` inside `registry-policy.yaml`.
+
 ### 3. Synchronize Registry Data
 
 To fetch the remote catalog, run `registry sync`. Executing without the approval flag displays a safety audit preview:

package/docs/testing.md

@@ -0,0 +1,123 @@
+# MultiModel Dev OS — Testing Guide (v3.1.0+)
+
+This document outlines the testing strategy, tools, and execution processes for MultiModel Dev OS.
+
+---
+
+## 1. Testing Architecture
+
+MultiModel Dev OS implements a two-tier testing strategy to ensure safety, correctness, and compatibility:
+
+```
+┌──────────────────────────────────────────────────────────┐
+│              Tier 1: Unit Tests (Vitest)                 │
+│  Validates parser logic, URL rules, path safety, and    │
+│  manifest schemas in isolation.                          │
+└────────────────────────────┬─────────────────────────────┘
+                             │
+┌────────────────────────────▼─────────────────────────────┐
+│          Tier 2: Release Verification (Verify.js)        │
+│  Executes integration checks, CLI commands, packaging    │
+│  pre-flights, and repository structure audits.           │
+└──────────────────────────────────────────────────────────┘
+```
+
+---
+
+## 2. Tier 1: Unit Testing (Vitest)
+
+Unit tests target pure logic and utility functions to verify behavior under edge cases. The test suite is powered by **Vitest** and located under `tests/unit/`.
+
+### Run Unit Tests
+```bash
+npm test
+```
+
+### Coverage Areas
+
+1. **YAML Parser Flow (`tests/unit/yaml.test.js`)**
+   - Stripping comments outside quotes.
+   - Flow arrays (`["item1", "item2"]`).
+   - Quoted booleans/numbers type preservation.
+   - Malformed YAML error handling.
+
+2. **Registry URL Validation (`tests/unit/registry-url-validation.test.js`)**
+   - Rejects non-HTTPS protocols (except localhost/127.0.0.1 under policy).
+   - Rejects URLs containing quotes, backticks, or shell injection characters.
+   - Rejects credential embedding in URLs.
+
+3. **Registry Policy Rules (`tests/unit/registry-policy.test.js`)**
+   - Correct default policy initialization.
+   - Verification of `allow_remote_registries`, `allowed_write_roots`, and `blocked_paths`.
+
+4. **Path & Sandbox Safety (`tests/unit/path-safety.test.js`)**
+   - Rejects path traversal (`../`).
+   - Rejects blocked files (`.env`, `package.json`).
+   - Ensures writes are restricted to whitelisted boundaries.
+
+5. **Plugin Manifest Validation (`tests/unit/plugin-manifest.test.js`)**
+   - Asserts required keys (`name`, `slug`, `version`, `author`, `description`).
+   - Validates alphanumeric slugs.
+   - Verifies sandboxed path prefixes (`.ai/` and `adapters/`).
+
+6. **Prepublish Guard Logic (`tests/unit/prepublish-guard.test.js`)**
+   - Asserts that publishing blocks without `MMDO_ALLOW_PUBLISH=true`.
+   - Permits stable major versions >= 2.
+
+---
+
+## 3. Tier 2: Release Verification Audit
+
+The release verification script (`scripts/verify.js`) checks that the codebase matches packaging rules, CLI commands execute cleanly, and no temporary development artifacts are committed.
+
+### Run Verification Audit
+```bash
+# Deploys build step, executes unit tests, and runs integration verification
+npm run verify
+```
+
+### Key Audit Gates
+- **Structure Check**: Verifies presence of all required configuration, documentation, templates, and adapter files.
+- **CLI Help**: Asserts that `node bin/multimodel-dev-os.js --help` outputs the correct version and all available commands.
+- **TUI Dashboard Dry-Run**: Validates that `--dry-run` and `--list-actions` flags execute without TTY dependencies.
+- **Catalog Integrities**: Scans and validates all bundled catalog plugin manifests.
+- **Security Hotfix Verifications**: Bypasses and checks that registry sync url checks prevent shell escapes.
+
+---
+
+## 4. Build System Testing
+
+Since version `v3.1.0` introduces a modular source layout under `src/`, development happens in modules and is compiled into a single executable `bin/multimodel-dev-os.js`.
+
+### Run Build Step
+```bash
+npm run build
+```
+
+The build runner uses `scripts/build-cli.js` (powered by `esbuild` in devDependencies) to bundle source modules programmatically while preserving shebang, execution permissions, and adding a warning header.
+
+---
+
+## 5. Tarball Smoke Testing
+
+To ensure the npm package functions flawlessly after installation, we run a local tarball smoke test:
+
+1. **Pack the release package**:
+   ```bash
+   npm pack
+   ```
+2. **Setup a clean test directory**:
+   ```bash
+   mkdir C:\mmdo-smoke-test
+   cd C:\mmdo-smoke-test
+   npm init -y
+   ```
+3. **Install the generated tarball locally**:
+   ```bash
+   npm install F:\multimodel-dev-os\multimodel-dev-os-3.1.0.tgz --no-audit --no-fund
+   ```
+4. **Validate npx invocation**:
+   ```bash
+   npx multimodel-dev-os --help
+   npx multimodel-dev-os doctor
+   ```

package/docs/trusted-registries.md

@@ -31,6 +31,10 @@ graph TD
 * **Safety:** Sandboxed logic, restricted file paths.
 * **Installation:** Refused unless `allow_untrusted_install: true` is configured in `.ai/policies/registry-policy.yaml`.
 
+> [!IMPORTANT]
+> **HTTPS Transport Enforcement (v3.0.2+)**
+> All remote community or verified registries must use secure `https:` transport URLs. URLs are validated strictly against injection risks. Unencrypted `http:` transport is strictly rejected, except for localhost testing if `allow_http_localhost` is enabled.
+
 ### 4. Untrusted
 * **Source:** Unknown or flagged endpoints.
 * **Verification:** None.

package/docs/v3-roadmap.md

@@ -7,12 +7,24 @@ This document outlines the development path, completed milestones, and future pl
 ## 1. Current Status
 
 > [!IMPORTANT]
-> **v3.0.1 is the active stable release** on the public npm registry. All features below marked ✅ are shipped and production-ready.
+> **v3.1.0 is the active stable release** on the public npm registry. All features below marked ✅ are shipped and production-ready.
 
 ---
 
 ## 2. Completed Milestones
 
+### v3.1.0 — Modular Source Layout + Formal Unit Tests ✅
+- **Modular Source Layout**: Refactored the monolithic CLI structure into isolated, clean modules under `src/` (core, registry, catalog, plugin, cli).
+- **Programmatic Compiler**: Programmed `scripts/build-cli.js` using `esbuild` to compile modules into a single zero-dependency executable (`bin/multimodel-dev-os.js`) with shebang preservation.
+- **Formal Unit Testing**: Integrated `vitest` unit test suites covering isolated YAML parsing, registry URL validation, policy checks, path safety boundaries, plugin manifest validations, and prepublish guard checks.
+- **Improved Integration Verification**: Hooked the unit test runner and build step directly into the release audit `npm run verify` verification gate.
+
+### v3.0.2 — Registry Sync Security Hotfix ✅
+- **Registry Sync Command Injection Remediation**: Replaced shell-based URL interpolation in fetch helper with safe process arguments passed via `execFileSync`.
+- **Strict URL Validation**: Implemented strict syntax checks using `new URL()` and HTTPS-only transport requirements.
+- **Diagnostics Security**: Hardened URL validations on diagnostics commands (`registry show` and `registry verify`).
+- **HTTP localhost Exception**: Added the `allow_http_localhost` policy flag to optionally support local HTTP development testing.
+
 ### v3.0.1 — Registry UX & Policy Safety Patch ✅
 - **Registry Command UX**: Improved formatting and next-step actions for `registry status`, `registry list`, `registry show`, `registry verify`, and `registry sync`.
 - **Policy Safety Messaging**: Clarified sandboxing, offline verification capabilities, checksum verification, and approval gates.
@@ -62,7 +74,7 @@ All releases follow this strict publishing checklist:
 
 ---
 
-## 4. Upcoming: v3.1.0 — Cryptographic Catalog Signing
+## 4. Upcoming: v3.2.0 — Cryptographic Catalog Signing
 
 *   **Asymmetric Key Signatures**: Cryptographic signature validation for remote registries using public/private key pairs.
 *   **Decentralized Trust Anchors**: Trust anchors configuration allowing teams to pin public keys of verified catalog authors.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "multimodel-dev-os",
-  "version": "3.0.1",
+  "version": "3.1.0",
   "bin": {
     "multimodel-dev-os": "bin/multimodel-dev-os.js"
   },
@@ -38,7 +38,9 @@
     "assets/"
   ],
   "scripts": {
-    "verify": "node scripts/verify.js",
+    "build": "node scripts/build-cli.js",
+    "test": "vitest run",
+    "verify": "npm run build && npm test && node scripts/verify.js",
     "verify:bash": "bash scripts/verify.sh",
     "test:cli": "node bin/multimodel-dev-os.js verify",
     "pack:template": "bash scripts/pack-template.sh",
@@ -49,6 +51,8 @@
     "prepublishOnly": "node scripts/prepublish-guard.js"
   },
   "devDependencies": {
-    "vitepress": "^1.6.4"
+    "esbuild": "^0.20.2",
+    "vitepress": "^1.6.4",
+    "vitest": "^1.4.0"
   }
 }

package/scripts/build-cli.js

@@ -0,0 +1,17 @@
+import esbuild from 'esbuild';
+
+esbuild.build({
+  entryPoints: ['src/cli/main.js'],
+  bundle: true,
+  platform: 'node',
+  format: 'esm',
+  outfile: 'bin/multimodel-dev-os.js',
+  banner: {
+    js: `#!/usr/bin/env node\n// Generated from src/. Do not edit directly.\n`
+  }
+}).then(() => {
+  console.log('Build succeeded.');
+}).catch((err) => {
+  console.error('Build failed:', err);
+  process.exit(1);
+});

package/scripts/install.ps1

@@ -11,7 +11,7 @@ param(
   [switch]$Help
 )
 
-$Version = "3.0.1"
+$Version = "3.1.0"
 $RepoUrl = "https://raw.githubusercontent.com/rizvee/multimodel-dev-os/main"
 
 if ($Help) {

package/scripts/install.sh

@@ -7,7 +7,7 @@ set -euo pipefail
 #        --all      (install all adapters)
 #        --dry-run  (show what would be created without creating)
 
-VERSION="3.0.1"
+VERSION="3.1.0"
 REPO_URL="https://raw.githubusercontent.com/rizvee/multimodel-dev-os/main"
 CAVEMAN=false
 DRY_RUN=false

package/scripts/verify.js

@@ -6,7 +6,7 @@
  * Runs on Windows, macOS, and Linux with zero external dependencies.
  */
 
-import { existsSync, readFileSync, statSync, readdirSync } from 'fs';
+import { existsSync, readFileSync, statSync, readdirSync, mkdirSync, writeFileSync, rmSync } from 'fs';
 import { join, resolve, dirname } from 'path';
 import { fileURLToPath } from 'url';
 import { execSync } from 'child_process';
@@ -203,7 +203,7 @@ checkFile('docs/adapters.md');
 checkFile('docs/installers.md');
 checkFile('docs/cli-roadmap.md');
 checkFile('docs/faq.md');
-checkFile('docs/testing-v0.2.md');
+checkFile('docs/testing.md');
 checkFile('docs/npm-publishing.md');
 checkFile('docs/templates-guide.md');
 checkFile('docs/protocol.md');
@@ -549,7 +549,7 @@ try {
     }
   }
 
-  // Test 2: Allows version 3.0.1 with MMDO_ALLOW_PUBLISH=true
+  // Test 2: Allows version 3.1.0 with MMDO_ALLOW_PUBLISH=true
   try {
     const output = execSync('node scripts/prepublish-guard.js', { 
       cwd: projectRoot, 
@@ -557,7 +557,7 @@ try {
       encoding: 'utf8' 
     });
     if (output.includes('Prepublish guard passed')) {
-      console.log(`  ${GREEN}✓${NC} prepublish guard allows version 3.0.1 when MMDO_ALLOW_PUBLISH=true`);
+      console.log(`  ${GREEN}✓${NC} prepublish guard allows version 3.1.0 when MMDO_ALLOW_PUBLISH=true`);
       pass++;
     } else {
       console.error(`  ${RED}✗${NC} prepublish guard passed but stdout missing success indicator`);
@@ -565,7 +565,7 @@ try {
     }
   } catch (err) {
     const errText = err.stderr ? err.stderr.toString() : '';
-    console.error(`  ${RED}✗${NC} prepublish guard blocked version 3.0.1: ${errText || err.message}`);
+    console.error(`  ${RED}✗${NC} prepublish guard blocked version 3.1.0: ${errText || err.message}`);
     fail++;
   }
 
@@ -579,12 +579,12 @@ try {
     pass++;
   }
 
-  // Test 4: Package.json version is exactly 3.0.1
-  if (expectedVersion === '3.0.1') {
-    console.log(`  ${GREEN}✓${NC} package.json version is exactly 3.0.1`);
+  // Test 4: Package.json version is exactly 3.1.0
+  if (expectedVersion === '3.1.0') {
+    console.log(`  ${GREEN}✓${NC} package.json version is exactly 3.1.0`);
     pass++;
   } else {
-    console.error(`  ${RED}✗${NC} package.json version is not 3.0.1 (found ${expectedVersion})`);
+    console.error(`  ${RED}✗${NC} package.json version is not 3.1.0 (found ${expectedVersion})`);
     fail++;
   }
 } catch (e) {
@@ -1127,6 +1127,97 @@ try {
   fail++;
 }
 
+// Security Hotfix v3.0.2 Regression checks
+console.log('\nSecurity Hotfix v3.0.2 Regression checks:');
+
+const tempPolicyDir = join(projectRoot, 'temp-verify-policy');
+const tempPolicySubdir = join(tempPolicyDir, '.ai', 'policies');
+const tempPolicyFile = join(tempPolicySubdir, 'registry-policy.yaml');
+
+try {
+  // Create temporary policy directory and file
+  mkdirSync(tempPolicySubdir, { recursive: true });
+  writeFileSync(tempPolicyFile, 'allow_remote_registries: true\n', 'utf8');
+
+  // 1. registry add rejects malformed URL
+  try {
+    execSync(`node bin/multimodel-dev-os.js registry add testmalformed not-a-url --approved --target "${tempPolicyDir}"`, { cwd: projectRoot, stdio: 'pipe' });
+    console.error(`  ${RED}✗${NC} registry add should have rejected malformed URL`);
+    fail++;
+  } catch (err) {
+    const errText = err.stderr ? err.stderr.toString() : '';
+    if (errText.includes('invalid') || errText.includes('malformed')) {
+      console.log(`  ${GREEN}✓${NC} registry add rejects malformed URL`);
+      pass++;
+    } else {
+      console.error(`  ${RED}✗${NC} registry add malformed URL failed with unexpected error: ${errText}`);
+      fail++;
+    }
+  }
+
+  // 2. registry add rejects URL containing quote/shell-injection characters
+  try {
+    execSync(`node bin/multimodel-dev-os.js registry add testinjection "https://example.com'console.log(1)" --approved --target "${tempPolicyDir}"`, { cwd: projectRoot, stdio: 'pipe' });
+    console.error(`  ${RED}✗${NC} registry add should have rejected URL containing single quote`);
+    fail++;
+  } catch (err) {
+    const errText = err.stderr ? err.stderr.toString() : '';
+    if (errText.includes('quote') || errText.includes('invalid') || errText.includes('metacharacter')) {
+      console.log(`  ${GREEN}✓${NC} registry add rejects URL containing quote/shell-injection characters`);
+      pass++;
+    } else {
+      console.error(`  ${RED}✗${NC} registry add URL with quotes failed with unexpected error: ${errText}`);
+      fail++;
+    }
+  }
+
+  // 3. registry add rejects non-HTTPS remote URL
+  try {
+    execSync(`node bin/multimodel-dev-os.js registry add testnonhttps http://example.com/catalog.yaml --approved --target "${tempPolicyDir}"`, { cwd: projectRoot, stdio: 'pipe' });
+    console.error(`  ${RED}✗${NC} registry add should have rejected non-HTTPS URL`);
+    fail++;
+  } catch (err) {
+    const errText = err.stderr ? err.stderr.toString() : '';
+    if (errText.includes('Only HTTPS is permitted') || errText.includes('protocol') || errText.includes('invalid')) {
+      console.log(`  ${GREEN}✓${NC} registry add rejects non-HTTPS remote URL`);
+      pass++;
+    } else {
+      console.error(`  ${RED}✗${NC} registry add non-HTTPS URL failed with unexpected error: ${errText}`);
+      fail++;
+    }
+  }
+} catch (tempErr) {
+  console.error(`  ${RED}✗${NC} Setting up temporary policy folder failed: ${tempErr.message}`);
+  fail++;
+} finally {
+  // Clean up temporary policy directory
+  try {
+    if (existsSync(tempPolicyDir)) {
+      rmSync(tempPolicyDir, { recursive: true, force: true });
+    }
+  } catch (e) {}
+}
+
+// 4. Codebase structural checks for shell-based fetch URL interpolation
+try {
+  const cliCode = readFileSync(join(projectRoot, 'bin', 'multimodel-dev-os.js'), 'utf8');
+  
+  // Check for mod.get('${targetUrl}') or similar interpolation in node -e
+  const hasUnsafeSync = cliCode.includes("mod.get('${targetUrl}'") || (cliCode.includes('execSync(`node -e "') && cliCode.includes('${targetUrl}'));
+  const usesExecFileSync = cliCode.includes('execFileSync(process.execPath');
+  
+  if (!hasUnsafeSync && usesExecFileSync) {
+    console.log(`  ${GREEN}✓${NC} fetch helper uses execFileSync and does not use shell-based URL interpolation`);
+    pass++;
+  } else {
+    console.error(`  ${RED}✗${NC} codebase security check failed. Unsafe shell execution or URL interpolation detected.`);
+    fail++;
+  }
+} catch (e) {
+  console.error(`  ${RED}✗${NC} codebase structural check failed: ${e.message}`);
+  fail++;
+}
+
 // Backward compatibility catalog checks
 try {
   const catList = execSync('node bin/multimodel-dev-os.js catalog list', { cwd: projectRoot, encoding: 'utf8' });

package/scripts/verify.sh

@@ -190,7 +190,7 @@ check_file "docs/adapters.md"
 check_file "docs/installers.md"
 check_file "docs/cli-roadmap.md"
 check_file "docs/faq.md"
-check_file "docs/testing-v0.2.md"
+check_file "docs/testing.md"
 check_file "docs/npm-publishing.md"
 
 # --- CLI & Packaging Pre-Flight Tests ---

package/docs/testing-v0.2.md

@@ -1,73 +0,0 @@
-# multimodel-dev-os v0.2.0 Testing Documentation
-
-This document describes how to execute local test cases to verify the `bin/multimodel-dev-os.js` CLI tool and installer scripts.
-
----
-
-## 1. Platform Requirements
-* **Node.js:** v18.0.0 or higher.
-* **Unix-like Shell (Git Bash, macOS Terminal, Linux Bash):** Required for executing `.sh` scripts.
-* **Windows PowerShell:** Required for executing `.ps1` scripts.
-
----
-
-## 2. CLI Validation Tests
-
-### Test Case A: Help Command
-Ensures the argument parser and help outputs render correctly.
-```bash
-# Git Bash / macOS / Linux / PowerShell
-node bin/multimodel-dev-os.js --help
-```
-* **Expected Output:** Displays correct option flags, commands (`init`, `verify`), and versions.
-
-### Test Case B: Structural Verification Check
-Verifies structural presence of 20 critical files inside the repository.
-```bash
-# Git Bash / macOS / Linux / PowerShell
-node bin/multimodel-dev-os.js verify
-```
-* **Expected Output:** Outputs `✓` indicators for each file and returns a `PASSED` status with exit code `0`.
-
-### Test Case C: Dry-Run Scaffolding Check
-Validates loading of custom templates (e.g. `nextjs-saas`) and adapter boundaries without actual writes.
-```bash
-# Git Bash / macOS / Linux / PowerShell
-node bin/multimodel-dev-os.js init --target ./test-project --template nextjs-saas --adapter cursor --dry-run
-```
-* **Expected Output:** Outputs 61 `[DRY-RUN] WOULD CREATE` operation logs and a final `Project initialized successfully!` success message.
-
-### Test Case D: Conflict Prevention Check
-Verifies that the CLI protects existing files from overwrites.
-```bash
-# 1. Create a dummy file
-mkdir -p test-conflict && touch test-conflict/AGENTS.md
-
-# 2. Run init without force
-node bin/multimodel-dev-os.js init --target ./test-conflict
-```
-* **Expected Output:** Safely aborts, prints a red `CONFLICT` warning, and exits with code `1`.
-
-### Test Case E: Overwrite Override Check
-Verifies that `--force` successfully bypasses conflict protection.
-```bash
-# Run init with force
-node bin/multimodel-dev-os.js init --target ./test-conflict --force
-```
-* **Expected Output:** Overwrites conflicting files and completes successfully.
-
----
-
-## 3. Script Installer Validation Tests
-
-### macOS / Linux / WSL (bash):
-```bash
-# Run dry-run installation
-bash scripts/install.sh --dry-run
-```
-
-### Windows (PowerShell):
-```powershell
-# Run dry-run installation
-.\scripts\install.ps1 -DryRun
-```