mustflow 2.18.20 → 2.21.1

package/dist/core/command-contract-validation.js

@@ -161,6 +161,7 @@ function validateCommandIntent(intentName, intent, issues) {
     validateAllowedStringField(intent, 'env_policy', `[commands.intents.${intentName}].env_policy`, COMMAND_ENV_POLICIES, issues);
     validateStringArrayField(intent, 'env_allowlist', `[commands.intents.${intentName}].env_allowlist`, issues);
     validateMaxOutputBytesField(intent, 'max_output_bytes', `[commands.intents.${intentName}].max_output_bytes`, issues);
+    validatePositiveIntegerField(intent, 'kill_after_seconds', `[commands.intents.${intentName}].kill_after_seconds`, issues);
     validateCommandIntentSelection(intentName, intent, issues);
     if (intent.status !== 'configured') {
         return;
@@ -223,10 +224,10 @@ function getEffectiveCommandEnvPolicy(defaults, intent) {
     }
     return { policy: DEFAULT_COMMAND_ENV_POLICY, source: 'implicit' };
 }
-function validateCommandEnvInheritanceWarnings(commandsToml) {
-    const issues = [];
+export function findCommandEnvInheritanceWarnings(commandsToml) {
+    const warnings = [];
     if (!commandsToml || !isRecord(commandsToml.intents)) {
-        return issues;
+        return warnings;
     }
     const defaults = isRecord(commandsToml.defaults) ? commandsToml.defaults : undefined;
     for (const [intentName, intent] of Object.entries(commandsToml.intents)) {
@@ -237,13 +238,26 @@ function validateCommandEnvInheritanceWarnings(commandsToml) {
         if (envPolicy.policy !== 'inherit') {
             continue;
         }
-        const networkScope = intent.network === true ? ' with network = true' : '';
-        const migration = 'set env_policy = "minimal" or "allowlist" unless broad host state is required';
-        if (envPolicy.source === 'implicit') {
-            issues.push(commandContractWarning(`configured agent-runnable intent ${intentName} implicitly inherits the host environment${networkScope}; ${migration}`));
-            continue;
-        }
-        issues.push(commandContractWarning(`configured agent-runnable intent ${intentName} uses env_policy = "inherit"${networkScope}; ${migration}`));
+        warnings.push({
+            intentName,
+            source: envPolicy.source,
+            network: intent.network === true,
+        });
+    }
+    return warnings;
+}
+function formatCommandEnvInheritanceWarning(warning) {
+    const networkScope = warning.network ? ' with network = true' : '';
+    const migration = 'set env_policy = "minimal" or "allowlist" unless broad host state is required';
+    if (warning.source === 'implicit') {
+        return `configured agent-runnable intent ${warning.intentName} implicitly inherits the host environment${networkScope}; ${migration}`;
+    }
+    return `configured agent-runnable intent ${warning.intentName} uses env_policy = "inherit"${networkScope}; ${migration}`;
+}
+function validateCommandEnvInheritanceWarnings(commandsToml) {
+    const issues = [];
+    for (const warning of findCommandEnvInheritanceWarnings(commandsToml)) {
+        issues.push(commandContractWarning(formatCommandEnvInheritanceWarning(warning)));
     }
     return issues;
 }

package/dist/core/command-output-limits.js

@@ -1,5 +1,6 @@
 export const DEFAULT_COMMAND_MAX_OUTPUT_BYTES = 1_048_576;
 export const MAX_COMMAND_OUTPUT_BYTES = 16 * 1024 * 1024;
+export const COMMAND_OUTPUT_LIMIT_SCOPE = 'per_stream';
 export function commandMaxOutputBytesLimitMessage(label) {
-    return `${label} must be less than or equal to ${MAX_COMMAND_OUTPUT_BYTES}`;
+    return `${label} must be less than or equal to ${MAX_COMMAND_OUTPUT_BYTES} per output stream`;
 }

package/dist/core/line-endings.js

@@ -1,6 +1,7 @@
 import { spawnSync } from 'node:child_process';
-import { existsSync, readFileSync, writeFileSync } from 'node:fs';
+import { existsSync } from 'node:fs';
 import path from 'node:path';
+import { readFileInsideWithoutSymlinks, writeFileInsideWithoutSymlinks } from './safe-filesystem.js';
 const GITATTRIBUTES_PATH = '.gitattributes';
 function toPosixPath(value) {
     return value.split(path.sep).join('/');
@@ -10,7 +11,7 @@ function hasLfPolicy(projectRoot) {
     if (!existsSync(attributesPath)) {
         return false;
     }
-    const content = readFileSync(attributesPath, 'utf8');
+    const content = readFileInsideWithoutSymlinks(projectRoot, attributesPath).toString('utf8');
     return /^\*\s+.*(?:^|\s)eol=lf(?:\s|$)/imu.test(content);
 }
 function gitList(projectRoot, args) {
@@ -107,14 +108,21 @@ export function inspectLineEndings(projectRoot, mode, options = {}) {
         if (!existsSync(absolutePath)) {
             continue;
         }
-        const buffer = readFileSync(absolutePath);
+        let buffer;
+        try {
+            buffer = readFileInsideWithoutSymlinks(root, absolutePath);
+        }
+        catch (error) {
+            issues.push(error instanceof Error ? error.message : String(error));
+            continue;
+        }
         const lineEnding = detectLineEnding(buffer);
         const wouldChange = policy === 'lf' && (lineEnding === 'crlf' || lineEnding === 'mixed');
         if (!wouldChange) {
             continue;
         }
         if (canApply) {
-            writeFileSync(absolutePath, normalizeLf(buffer));
+            writeFileInsideWithoutSymlinks(root, absolutePath, normalizeLf(buffer));
             changedFiles.push(toPosixPath(relativePath));
         }
         nonCompliantFiles.push({

package/dist/core/repeated-failure.js

@@ -1,6 +1,7 @@
 import { createHash } from 'node:crypto';
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { existsSync, readFileSync } from 'node:fs';
 import path from 'node:path';
+import { writeJsonFileInsideWithoutSymlinks } from './safe-filesystem.js';
 export const REPEATED_FAILURE_STATE_PATH = '.mustflow/state/repeated-failures.json';
 export const REPEATED_FAILURE_STATE_LIMIT = 50;
 const UNRESOLVED_VERIFY_STATUSES = new Set(['failed', 'blocked', 'partial']);
@@ -59,8 +60,7 @@ function readRepeatedFailureState(projectRoot) {
 }
 function writeRepeatedFailureState(projectRoot, state) {
     const statePath = repeatedFailureStatePath(projectRoot);
-    mkdirSync(path.dirname(statePath), { recursive: true });
-    writeFileSync(statePath, `${JSON.stringify(state, null, 2)}\n`, 'utf8');
+    writeJsonFileInsideWithoutSymlinks(projectRoot, statePath, state);
 }
 export function createVerificationFailureFingerprint(input) {
     const failedIntents = normalizeStrings(input.failedIntents);

package/dist/core/run-performance-history.js

@@ -1,5 +1,6 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { existsSync, readFileSync } from 'node:fs';
 import path from 'node:path';
+import { writeJsonFileInsideWithoutSymlinks } from './safe-filesystem.js';
 const PERFORMANCE_HISTORY_SCHEMA_VERSION = '1';
 const PERFORMANCE_HISTORY_DIR = path.join('.mustflow', 'state', 'perf');
 const PERFORMANCE_SAMPLES_FILE = 'samples.json';
@@ -297,9 +298,8 @@ export function recordRunPerformanceHistory(projectRoot, receipt) {
         const samples = enforceSizeLimit(pruneSamples([...readSamples(samplesPath), sample], sample.observed_day), sample.observed_day);
         const samplesFile = createSamplesFile(samples);
         const summaryFile = createSummary(samples, sample.observed_day);
-        mkdirSync(historyDir, { recursive: true });
-        writeFileSync(samplesPath, serialize(samplesFile));
-        writeFileSync(summaryPath, serialize(summaryFile));
+        writeJsonFileInsideWithoutSymlinks(projectRoot, samplesPath, samplesFile);
+        writeJsonFileInsideWithoutSymlinks(projectRoot, summaryPath, summaryFile);
     }
     catch {
         // Performance history is a local optimization hint. A write failure must not affect command execution.

package/dist/core/run-profile.js

@@ -1,6 +1,6 @@
-import { mkdirSync, writeFileSync } from 'node:fs';
 import { performance } from 'node:perf_hooks';
 import path from 'node:path';
+import { writeJsonFileInsideWithoutSymlinks } from './safe-filesystem.js';
 const RUN_PROFILE_SCHEMA_VERSION = '1';
 const RUN_PROFILE_ENV = 'MUSTFLOW_RUN_PROFILE';
 const RUN_PROFILE_DIR = path.join('.mustflow', 'state', 'runs');
@@ -75,8 +75,7 @@ export class RunProfiler {
             profile_path: getProfileRelativePath(),
         };
         const profilePath = path.join(input.projectRoot, RUN_PROFILE_DIR, LATEST_RUN_PROFILE);
-        mkdirSync(path.dirname(profilePath), { recursive: true });
-        writeFileSync(profilePath, `${JSON.stringify(profile, null, 2)}\n`);
+        writeJsonFileInsideWithoutSymlinks(input.projectRoot, profilePath, profile);
     }
     recordPhase(name, startedAtMs) {
         this.phases.push({

package/dist/core/run-receipt.js

@@ -1,8 +1,10 @@
 import { createHash } from 'node:crypto';
 import path from 'node:path';
-import { atomicWriteJsonFile, createStateRunId } from './atomic-state-write.js';
+import { createStateRunId } from './atomic-state-write.js';
+import { COMMAND_OUTPUT_LIMIT_SCOPE } from './command-output-limits.js';
 import { decodeUtf8Tail } from './bounded-output.js';
 import { DEFAULT_RUN_RECEIPT_TAIL_BYTES } from './retention-policy.js';
+import { writeJsonFileInsideWithoutSymlinks } from './safe-filesystem.js';
 import { redactSecretLikeText } from './secret-redaction.js';
 const RUN_RECEIPT_SCHEMA_VERSION = '1';
 const RUN_RECEIPT_DIR = path.join('.mustflow', 'state', 'runs');
@@ -111,6 +113,7 @@ function createPerformanceSummary(input) {
         cwd: input.cwd,
         env_allowlist: input.envAllowlist,
         env_policy: input.envPolicy,
+        kill_after_seconds: input.killAfterSeconds,
         lifecycle: input.lifecycle,
         max_output_bytes: input.maxOutputBytes,
         mode: input.mode,
@@ -148,8 +151,10 @@ function createPerformanceSummary(input) {
         output_summary: {
             stdout_bytes: input.stdout.bytes,
             stderr_bytes: input.stderr.bytes,
+            total_bytes: input.stdout.bytes + input.stderr.bytes,
             stdout_truncated: input.stdout.truncated,
             stderr_truncated: input.stderr.truncated,
+            max_output_bytes_scope: COMMAND_OUTPUT_LIMIT_SCOPE,
         },
         result_summary: {
             status: input.status,
@@ -235,7 +240,9 @@ export function createRunReceipt(input) {
         env_policy: input.envPolicy,
         env_allowlist: input.envAllowlist,
         timeout_seconds: input.timeoutSeconds,
+        kill_after_seconds: input.killAfterSeconds,
         max_output_bytes: input.maxOutputBytes,
+        max_output_bytes_scope: COMMAND_OUTPUT_LIMIT_SCOPE,
         success_exit_codes: input.successExitCodes,
         exit_code: input.exitCode,
         signal: input.signal,
@@ -260,6 +267,7 @@ export function createRunReceipt(input) {
             envPolicy: input.envPolicy,
             envAllowlist: input.envAllowlist,
             timeoutSeconds: input.timeoutSeconds,
+            killAfterSeconds: input.killAfterSeconds,
             maxOutputBytes: input.maxOutputBytes,
             successExitCodes: input.successExitCodes,
             exitCode: input.exitCode,
@@ -285,6 +293,6 @@ export function writeRunReceipt(projectRoot, receipt) {
     if (relativeToRunDir.startsWith('..') || path.isAbsolute(relativeToRunDir)) {
         throw new Error(`Run receipt path must stay inside ${RUN_RECEIPT_DIR}`);
     }
-    atomicWriteJsonFile(receiptPath, receipt);
-    atomicWriteJsonFile(latestPath, receipt);
+    writeJsonFileInsideWithoutSymlinks(projectRoot, receiptPath, receipt);
+    writeJsonFileInsideWithoutSymlinks(projectRoot, latestPath, receipt);
 }

package/dist/core/run-write-drift.js

@@ -1,9 +1,14 @@
 import { spawnSync } from 'node:child_process';
-import { lstatSync, readlinkSync, readdirSync } from 'node:fs';
+import { createHash } from 'node:crypto';
+import { existsSync, lstatSync, readFileSync, readlinkSync, readdirSync } from 'node:fs';
 import path from 'node:path';
 import { normalizeCommandEffects } from './command-effects.js';
 const MAX_SNAPSHOT_FILES = 20_000;
 const MAX_REPORTED_PATHS = 200;
+const GIT_STATUS_TIMEOUT_MS = 10_000;
+const GIT_STATUS_MAX_BUFFER_BYTES = 16 * 1024 * 1024;
+const GIT_STATUS_UNTRACKED_MODE = 'normal';
+const MAX_HASH_BYTES = 5 * 1024 * 1024;
 const RECURSIVE_SNAPSHOT_ENV = 'MUSTFLOW_WRITE_DRIFT_SNAPSHOT';
 const EXCLUDED_DIRECTORY_NAMES = new Set(['.git', 'node_modules']);
 const EXCLUDED_RELATIVE_DIRECTORY_PATHS = new Set(['.mustflow/state/runs']);
@@ -33,6 +38,24 @@ function signatureForPath(fullPath) {
     const type = stat.isDirectory() ? 'directory' : stat.isFile() ? 'file' : 'other';
     return `${type}:${stat.size}:${stat.mtimeMs}`;
 }
+function signatureForGitStatusPath(projectRoot, relativePath, status) {
+    const fullPath = path.join(projectRoot, ...relativePath.split('/'));
+    if (!existsSync(fullPath)) {
+        return `git:${status}:missing`;
+    }
+    const stat = lstatSync(fullPath);
+    if (stat.isSymbolicLink()) {
+        return `git:${status}:symlink:${readlinkSync(fullPath)}`;
+    }
+    if (!stat.isFile()) {
+        return `git:${status}:${stat.isDirectory() ? 'directory' : 'other'}:${stat.size}:${stat.mtimeMs}`;
+    }
+    if (stat.size > MAX_HASH_BYTES) {
+        return `git:${status}:file:${stat.size}:${stat.mtimeMs}:unhashed`;
+    }
+    const digest = createHash('sha256').update(readFileSync(fullPath)).digest('hex');
+    return `git:${status}:file:${stat.size}:${digest}`;
+}
 function collectSnapshotEntries(projectRoot, currentPath, entries) {
     const names = readdirSync(currentPath).sort((left, right) => left.localeCompare(right));
     for (const name of names) {
@@ -59,7 +82,7 @@ function captureSnapshot(projectRoot) {
     }
     if (!isRecursiveSnapshotEnabled()) {
         return {
-            ok: false,
+            status: 'unavailable',
             entries: new Map(),
             reason: 'git_status_unavailable_recursive_snapshot_disabled',
             source: 'unavailable',
@@ -68,11 +91,11 @@ function captureSnapshot(projectRoot) {
     try {
         const entries = new Map();
         collectSnapshotEntries(projectRoot, projectRoot, entries);
-        return { ok: true, entries, reason: null, source: 'recursive_snapshot' };
+        return { status: 'checked', entries, reason: null, source: 'recursive_snapshot' };
     }
     catch (error) {
         return {
-            ok: false,
+            status: 'unavailable',
             entries: new Map(),
             reason: error instanceof Error && error.message.length > 0 ? error.message : 'snapshot_unavailable',
             source: 'unavailable',
@@ -80,12 +103,33 @@ function captureSnapshot(projectRoot) {
     }
 }
 function captureGitStatusSnapshot(projectRoot) {
-    const result = spawnSync('git', ['-C', projectRoot, 'status', '--porcelain=v1', '-z', '--untracked-files=all'], {
+    const result = spawnSync('git', ['-C', projectRoot, 'status', '--porcelain=v1', '-z', `--untracked-files=${GIT_STATUS_UNTRACKED_MODE}`], {
         encoding: 'utf8',
         input: '',
+        maxBuffer: GIT_STATUS_MAX_BUFFER_BYTES,
         stdio: ['ignore', 'pipe', 'pipe'],
+        timeout: GIT_STATUS_TIMEOUT_MS,
         windowsHide: true,
     });
+    const errorCode = typeof result.error === 'object' && result.error && 'code' in result.error
+        ? String(result.error.code)
+        : null;
+    if (errorCode === 'ETIMEDOUT') {
+        return {
+            status: 'unavailable',
+            entries: new Map(),
+            reason: 'git_status_timeout',
+            source: 'unavailable',
+        };
+    }
+    if (errorCode === 'ENOBUFS') {
+        return {
+            status: 'unavailable',
+            entries: new Map(),
+            reason: 'git_status_output_limit_exceeded',
+            source: 'unavailable',
+        };
+    }
     if (result.error || result.status !== 0) {
         return null;
     }
@@ -98,15 +142,15 @@ function captureGitStatusSnapshot(projectRoot) {
         if (filePath.length === 0) {
             continue;
         }
-        entries.set(filePath, `git:${status}`);
+        entries.set(filePath, signatureForGitStatusPath(projectRoot, filePath, status));
         if (status.includes('R') || status.includes('C')) {
             index += 1;
         }
     }
     return {
-        ok: true,
+        status: 'partial',
         entries,
-        reason: null,
+        reason: 'git_status_untracked_files_normal',
         source: 'git_status',
     };
 }
@@ -130,6 +174,10 @@ function listObservedChangedPaths(before, after) {
 function declaredPathCoversObservedPath(declaredPath, observedPath) {
     const declaredKey = pathKey(declaredPath);
     const observedKey = pathKey(observedPath);
+    if (declaredKey.endsWith('/**')) {
+        const baseKey = declaredKey.slice(0, -3) || '.';
+        return baseKey === '.' || observedKey === baseKey || observedKey.startsWith(`${baseKey}/`);
+    }
     return declaredKey === '.' || observedKey === declaredKey || observedKey.startsWith(`${declaredKey}/`);
 }
 function truncatePaths(paths) {
@@ -146,7 +194,7 @@ export function startRunWriteTracking(projectRoot, contract, intentName) {
     };
 }
 export function finishRunWriteTracking(tracker) {
-    if (!tracker.before.ok) {
+    if (tracker.before.status === 'unavailable') {
         return {
             status: 'unavailable',
             declared_paths: tracker.declaredPaths,
@@ -161,7 +209,7 @@ export function finishRunWriteTracking(tracker) {
         };
     }
     const after = captureSnapshot(tracker.projectRoot);
-    if (!after.ok) {
+    if (after.status === 'unavailable') {
         return {
             status: 'unavailable',
             declared_paths: tracker.declaredPaths,
@@ -181,8 +229,12 @@ export function finishRunWriteTracking(tracker) {
     const observed = truncatePaths(observedPaths);
     const declaredObserved = truncatePaths(declaredObservedPaths);
     const undeclared = truncatePaths(undeclaredPaths);
+    const status = tracker.before.status === 'partial' || after.status === 'partial' ? 'partial' : 'checked';
+    const reason = status === 'partial'
+        ? tracker.before.reason ?? after.reason ?? 'partial_snapshot'
+        : null;
     return {
-        status: 'checked',
+        status,
         declared_paths: tracker.declaredPaths,
         observed_paths: observed.paths,
         declared_observed_paths: declaredObserved.paths,
@@ -191,6 +243,6 @@ export function finishRunWriteTracking(tracker) {
         undeclared_count: undeclaredPaths.length,
         has_undeclared_changes: undeclaredPaths.length > 0,
         truncated: observed.truncated || declaredObserved.truncated || undeclared.truncated,
-        reason: null,
+        reason,
     };
 }

package/dist/core/safe-filesystem.js

@@ -0,0 +1,155 @@
+import { closeSync, constants, lstatSync, mkdirSync, openSync, readFileSync, renameSync, unlinkSync, writeFileSync, } from 'node:fs';
+import { randomBytes } from 'node:crypto';
+import path from 'node:path';
+const NOFOLLOW_FLAG = typeof constants.O_NOFOLLOW === 'number' ? constants.O_NOFOLLOW : 0;
+function isMissingPathError(error) {
+    return error instanceof Error && 'code' in error && error.code === 'ENOENT';
+}
+function tempFilePath(targetPath) {
+    const suffix = `${process.pid}-${Date.now()}-${randomBytes(6).toString('hex')}`;
+    return path.join(path.dirname(targetPath), `.${path.basename(targetPath)}.${suffix}.tmp`);
+}
+export function ensureInside(parentPath, childPath) {
+    const parent = path.resolve(parentPath);
+    const child = path.resolve(childPath);
+    const relative = path.relative(parent, child);
+    if (relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative))) {
+        return;
+    }
+    throw new Error(`Path escapes allowed directory: ${childPath}`);
+}
+export function ensureInsideWithoutSymlinks(parentPath, childPath, options = {}) {
+    ensureInside(parentPath, childPath);
+    const parent = path.resolve(parentPath);
+    const child = path.resolve(childPath);
+    const relative = path.relative(parent, child);
+    const segments = relative === '' ? [] : relative.split(path.sep).filter((segment) => segment.length > 0);
+    let currentPath = parent;
+    const parentStats = lstatSync(parent);
+    if (parentStats.isSymbolicLink()) {
+        throw new Error(`Path must not contain symlinks: ${childPath}`);
+    }
+    for (const [index, segment] of segments.entries()) {
+        currentPath = path.join(currentPath, segment);
+        const isLeaf = index === segments.length - 1;
+        try {
+            const stats = lstatSync(currentPath);
+            if (stats.isSymbolicLink()) {
+                throw new Error(`Path must not contain symlinks: ${childPath}`);
+            }
+            if (!isLeaf && !stats.isDirectory()) {
+                throw new Error(`Path component is not a directory: ${currentPath}`);
+            }
+        }
+        catch (error) {
+            if (isMissingPathError(error) && options.allowMissingLeaf) {
+                return;
+            }
+            throw error;
+        }
+    }
+}
+function ensureDirectoryInsideWithoutSymlinks(parentPath, directoryPath) {
+    ensureInside(parentPath, directoryPath);
+    const parent = path.resolve(parentPath);
+    const directory = path.resolve(directoryPath);
+    const relative = path.relative(parent, directory);
+    const segments = relative === '' ? [] : relative.split(path.sep).filter((segment) => segment.length > 0);
+    let currentPath = parent;
+    const parentStats = lstatSync(parent);
+    if (parentStats.isSymbolicLink()) {
+        throw new Error(`Path must not contain symlinks: ${directoryPath}`);
+    }
+    for (const segment of segments) {
+        currentPath = path.join(currentPath, segment);
+        try {
+            const stats = lstatSync(currentPath);
+            if (stats.isSymbolicLink()) {
+                throw new Error(`Path must not contain symlinks: ${directoryPath}`);
+            }
+            if (!stats.isDirectory()) {
+                throw new Error(`Path component is not a directory: ${currentPath}`);
+            }
+        }
+        catch (error) {
+            if (!isMissingPathError(error)) {
+                throw error;
+            }
+            mkdirSync(currentPath);
+            const stats = lstatSync(currentPath);
+            if (!stats.isDirectory() || stats.isSymbolicLink()) {
+                throw new Error(`Path component is not a directory: ${currentPath}`);
+            }
+        }
+    }
+}
+export function ensureFileTargetInsideWithoutSymlinks(parentPath, childPath, options = {}) {
+    const absoluteChildPath = path.resolve(childPath);
+    ensureInside(parentPath, absoluteChildPath);
+    ensureInsideWithoutSymlinks(parentPath, path.dirname(absoluteChildPath), { allowMissingLeaf: true });
+    try {
+        const stats = lstatSync(absoluteChildPath);
+        if (stats.isSymbolicLink()) {
+            throw new Error(`Path must not contain symlinks: ${childPath}`);
+        }
+        if (!stats.isFile()) {
+            throw new Error(`Path must be a regular file: ${childPath}`);
+        }
+    }
+    catch (error) {
+        if (isMissingPathError(error) && options.allowMissingLeaf) {
+            return;
+        }
+        throw error;
+    }
+}
+export function readFileInsideWithoutSymlinks(parentPath, childPath) {
+    const absoluteChildPath = path.resolve(childPath);
+    ensureInsideWithoutSymlinks(parentPath, absoluteChildPath);
+    const fileDescriptor = openSync(absoluteChildPath, constants.O_RDONLY | NOFOLLOW_FLAG);
+    try {
+        return readFileSync(fileDescriptor);
+    }
+    finally {
+        closeSync(fileDescriptor);
+    }
+}
+export function writeFileInsideWithoutSymlinks(parentPath, childPath, content) {
+    const absoluteChildPath = path.resolve(childPath);
+    const directoryPath = path.dirname(absoluteChildPath);
+    ensureDirectoryInsideWithoutSymlinks(parentPath, directoryPath);
+    ensureFileTargetInsideWithoutSymlinks(parentPath, absoluteChildPath, { allowMissingLeaf: true });
+    const temporaryPath = tempFilePath(absoluteChildPath);
+    let fileDescriptor = null;
+    try {
+        fileDescriptor = openSync(temporaryPath, constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL | NOFOLLOW_FLAG);
+        writeFileSync(fileDescriptor, content);
+        closeSync(fileDescriptor);
+        fileDescriptor = null;
+        ensureFileTargetInsideWithoutSymlinks(parentPath, absoluteChildPath, { allowMissingLeaf: true });
+        renameSync(temporaryPath, absoluteChildPath);
+    }
+    catch (error) {
+        if (fileDescriptor !== null) {
+            try {
+                closeSync(fileDescriptor);
+            }
+            catch {
+                // Best-effort cleanup before removing the temporary file.
+            }
+        }
+        try {
+            unlinkSync(temporaryPath);
+        }
+        catch {
+            // Best-effort cleanup for a temporary file that may not have been created.
+        }
+        throw error;
+    }
+}
+export function writeUtf8FileInsideWithoutSymlinks(parentPath, childPath, content) {
+    writeFileInsideWithoutSymlinks(parentPath, childPath, content);
+}
+export function writeJsonFileInsideWithoutSymlinks(parentPath, childPath, value) {
+    writeUtf8FileInsideWithoutSymlinks(parentPath, childPath, `${JSON.stringify(value, null, 2)}\n`);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mustflow",
-  "version": "2.18.20",
+  "version": "2.21.1",
   "description": "Agent workflow documents and CLI for mustflow repository roots.",
   "type": "module",
   "license": "MIT-0",

package/schemas/commands.schema.json

@@ -137,6 +137,7 @@
         "cmd": { "type": "string" },
         "cwd": { "type": "string" },
         "timeout_seconds": { "type": "integer" },
+        "kill_after_seconds": { "type": "integer" },
         "stdin": { "type": "string" },
         "success_exit_codes": {
           "type": "array",

package/schemas/doctor-report.schema.json

@@ -13,6 +13,7 @@
     "ok",
     "check",
     "context",
+    "command_environment",
     "effective_policy",
     "state_policy",
     "blocked_actions",
@@ -29,13 +30,18 @@
     "check": {
       "type": "object",
       "additionalProperties": false,
-      "required": ["ok", "issue_count", "issues"],
+      "required": ["ok", "issue_count", "issues", "warning_count", "warnings"],
       "properties": {
         "ok": { "type": "boolean" },
         "issue_count": { "type": "integer" },
         "issues": {
           "type": "array",
           "items": { "type": "string" }
+        },
+        "warning_count": { "type": "integer" },
+        "warnings": {
+          "type": "array",
+          "items": { "type": "string" }
         }
       }
     },
@@ -83,6 +89,21 @@
         "latest_run_exists": { "type": "boolean" }
       }
     },
+    "command_environment": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["inherited_intents", "inherited_network_intents"],
+      "properties": {
+        "inherited_intents": {
+          "type": "array",
+          "items": { "type": "string" }
+        },
+        "inherited_network_intents": {
+          "type": "array",
+          "items": { "type": "string" }
+        }
+      }
+    },
     "effective_policy": { "$ref": "#/$defs/effectivePolicy" },
     "state_policy": { "$ref": "#/$defs/statePolicy" },
     "blocked_actions": {
@@ -102,6 +123,7 @@
               "validation",
               "skill_routes",
               "commands",
+              "environment",
               "read_order",
               "optional_read_order",
               "repo_map",

package/schemas/run-receipt.schema.json

@@ -55,7 +55,9 @@
     },
     "cmd": { "type": "string" },
     "timeout_seconds": { "type": "integer" },
+    "kill_after_seconds": { "type": "integer" },
     "max_output_bytes": { "type": "integer" },
+    "max_output_bytes_scope": { "const": "per_stream" },
     "success_exit_codes": {
       "type": "array",
       "items": { "type": "integer" }
@@ -174,8 +176,10 @@
           "properties": {
             "stdout_bytes": { "type": "integer", "minimum": 0 },
             "stderr_bytes": { "type": "integer", "minimum": 0 },
+            "total_bytes": { "type": "integer", "minimum": 0 },
             "stdout_truncated": { "type": "boolean" },
-            "stderr_truncated": { "type": "boolean" }
+            "stderr_truncated": { "type": "boolean" },
+            "max_output_bytes_scope": { "const": "per_stream" }
           }
         },
         "result_summary": {
@@ -256,7 +260,7 @@
         "reason"
       ],
       "properties": {
-        "status": { "enum": ["checked", "unavailable"] },
+        "status": { "enum": ["checked", "partial", "unavailable"] },
         "declared_paths": {
           "type": "array",
           "items": { "type": "string" }