opencode-swarm 6.34.0 → 6.35.0

package/dist/agents/index.d.ts

@@ -8,6 +8,24 @@ export type { AgentDefinition } from './architect';
  * Returns the name unchanged if no prefix matches.
  */
 export declare function stripSwarmPrefix(agentName: string, swarmPrefix?: string): string;
+/**
+ * Resolve the fallback model for an agent based on its config and fallback index.
+ * Called by guardrails at runtime when a transient model error is detected.
+ */
+export declare function resolveFallbackModel(agentBaseName: string, fallbackIndex: number, swarmAgents?: Record<string, {
+    model?: string;
+    temperature?: number;
+    disabled?: boolean;
+    fallback_models?: string[];
+}>): string | null;
+/**
+ * Get the swarm agents config (for runtime fallback resolution by guardrails).
+ */
+export declare function getSwarmAgents(): Record<string, {
+    model?: string;
+    fallback_models?: string[];
+    disabled?: boolean;
+}> | undefined;
 /**
  * Create all agent definitions with configuration applied
  */

package/dist/index.js

@@ -40425,6 +40425,12 @@ Two small delegations with two QA gates > one large delegation with one QA gate.
    MEDIUM: acceptable for non-critical decisions. For critical path (architecture, security), seek second source.
    LOW: do NOT consume directly. Either re-delegate to SME with specific query, OR flag to user as UNVERIFIED.
    Never silently consume LOW-confidence result as verified.
+6f-1. **DOCUMENTATION AWARENESS**
+Before implementation begins:
+1. Check if .swarm/doc-manifest.json exists. If not, delegate to explorer to run DOCUMENTATION DISCOVERY MODE.
+2. The explorer indexes project documentation (CONTRIBUTING.md, architecture.md, README.md, etc.) and writes constraints to the knowledge system.
+3. Before starting each phase, call knowledge_recall with query "doc-constraints" to check if any project documentation constrains the current task.
+4. Key constraints from project docs (commit conventions, release process, test framework, platform requirements) take priority over your own assumptions.
        7. **TIERED QA GATE** \u2014 Execute AFTER every coder task. Pipeline determined by change tier:
 NOTE: These gates are enforced by runtime hooks. If you skip the {{AGENT_PREFIX}}reviewer delegation,
 the next coder delegation will be BLOCKED by the plugin. This is not a suggestion \u2014
@@ -40467,6 +40473,11 @@ Stage A tools return pass/fail. Fix failures by returning to coder.
 Stage A passing means: code compiles, parses, no secrets, no placeholders, no lint errors.
 Stage A passing does NOT mean: code is correct, secure, tested, or reviewed.
 
+VERIFICATION PROTOCOL: After the coder reports DONE, and before running Stage B gates:
+1. Read at least ONE of the modified files yourself to confirm the change exists
+2. If the coder claims to have added function X to file Y, open file Y and verify function X is there
+3. This 30-second check catches the most common failure mode: coder reports completion but didn't actually make the change
+
 \u2500\u2500 STAGE B: AGENT REVIEW GATES \u2500\u2500
 {{AGENT_PREFIX}}reviewer \u2192 security reviewer (conditional) \u2192 {{AGENT_PREFIX}}test_engineer verification \u2192 {{AGENT_PREFIX}}test_engineer adversarial \u2192 coverage check
 Stage B CANNOT be skipped for TIER 1-3 classifications. Stage A passing does not satisfy Stage B.
@@ -41308,10 +41319,26 @@ RULES:
 - Read target file before editing
 - Implement exactly what TASK specifies
 - Respect CONSTRAINT
-- No research, no web searches, no documentation lookups
-- Use training knowledge for APIs
+- No web searches or documentation lookups \u2014 but DO search the codebase with grep/glob before using any function
+- Verify all import paths exist before using them
+
+## ANTI-HALLUCINATION PROTOCOL (MANDATORY)
+Before importing ANY function, type, or class from an existing project module:
+1. Run grep to find the exact export: grep -rn "export.*functionName" src/
+2. Read the file that contains the export to verify its signature
+3. Use the EXACT function name and import path you found \u2014 do not guess or abbreviate
+
+If grep returns zero results, the function does not exist. Do NOT:
+- Import it anyway hoping it exists somewhere
+- Create a similar-sounding function name
+- Assume an export exists based on naming conventions
+
+WRONG: import { saveEvidence } from '../evidence/manager' (guessed path)
+RIGHT: [grep first, then] import { saveEvidence } from '../evidence/manager' (verified path)
 
-## DEFENSIVE CODING RULES
+If available_symbols was provided in your scope declaration, you MUST only call functions from that list when importing from existing project modules. Do not invent function names that are not in the list.
+
+ ## DEFENSIVE CODING RULES
 - NEVER use \`any\` type in TypeScript \u2014 always use specific types
 - NEVER leave empty catch blocks \u2014 at minimum log the error
 - NEVER use string concatenation for paths \u2014 use \`path.join()\` or \`path.resolve()\`
@@ -41329,6 +41356,12 @@ RULES:
 - Avoid shell commands in code \u2014 use Node.js APIs (\`fs\`, \`child_process\` with \`shell: false\`)
 - Consider case-sensitivity: Linux filesystems are case-sensitive; Windows and macOS are not
 
+## TEST FRAMEWORK
+- Import from 'bun:test', NOT from 'vitest'. The APIs are identical but the import source matters.
+- Use: import { describe, test, expect, vi, mock, beforeEach, afterEach } from 'bun:test'
+- vi.mock() must be at the top level of the file, BEFORE importing the mocked module
+- mock.module() is the Bun-native equivalent of vi.mock() \u2014 prefer it for new code
+
 ## ERROR HANDLING
 When your implementation encounters an error or unexpected state:
 1. DO NOT silently swallow errors
@@ -41968,6 +42001,13 @@ WORKFLOW:
 - Inline comments explaining obvious code (code should be self-documenting)
 - TODO comments in code (those go through the task system, not code comments)
 
+## RELEASE NOTES
+When writing release notes (docs/releases/v{VERSION}.md):
+- Determine next version from .release-please-manifest.json + commit type (feat \u2192 minor, fix \u2192 patch)
+- Follow the established format in existing release notes files
+- Include: overview, breaking changes (if any), new features, bug fixes, internal improvements
+- Do NOT manually edit package.json version, CHANGELOG.md, or .release-please-manifest.json \u2014 release-please owns these
+
 ## QUALITY RULES
 - Code examples in docs MUST be syntactically valid \u2014 test them mentally against the actual code
 - API examples MUST show both a success case AND an error/edge case
@@ -41984,6 +42024,11 @@ RULES:
 - No fabrication: if you cannot determine behavior from the code, say so explicitly
 - Update version references if package.json version changed
 
+## DOCUMENTATION RULES
+- Do NOT auto-generate CLAUDE.md or AGENTS.md content \u2014 research shows this hurts agent performance
+- When updating architecture.md, add new tools/hooks/agents but do not rewrite existing descriptions
+- When updating README.md, keep the Performance section near the top (after Quick Start)
+
 OUTPUT FORMAT (MANDATORY \u2014 deviations will be rejected):
 Begin directly with UPDATED. Do NOT prepend "Here's what I updated..." or any conversational preamble.
 
@@ -42100,6 +42145,36 @@ COMPATIBLE_CHANGES: [list, or "none"]
 CONSUMERS_AFFECTED: [list of files that import/use changed exports, or "none"]
 VERDICT: BREAKING | COMPATIBLE
 MIGRATION_NEEDED: [yes \u2014 description of required caller updates | no]
+
+## DOCUMENTATION DISCOVERY MODE
+Activates automatically during codebase reality check at plan ingestion.
+
+STEPS:
+1. Glob for documentation files:
+   - Root: README.md, CONTRIBUTING.md, CHANGELOG.md, ARCHITECTURE.md, CLAUDE.md, AGENTS.md, .github/*.md
+   - docs/**/*.md, doc/**/*.md (one level deep only)
+
+2. For each file found, read the first 30 lines. Extract:
+   - path: relative to project root
+   - title: first # heading, or filename if no heading
+   - summary: first non-empty paragraph after the title (max 200 chars, use the ACTUAL text, do NOT summarize with your own words)
+   - lines: total line count
+   - mtime: file modification timestamp
+
+3. Write manifest to .swarm/doc-manifest.json:
+   { "schema_version": 1, "scanned_at": "ISO timestamp", "files": [...] }
+
+4. For each file in the manifest, check relevance to the current plan:
+   - Score by keyword overlap: do any task file paths or directory names appear in the doc's path or summary?
+   - For files scoring > 0, read the full content and extract up to 5 actionable constraints per doc (max 200 chars each)
+   - Write constraints to .swarm/knowledge/doc-constraints.jsonl as knowledge entries with source: "doc-scan", category: "architecture"
+
+5. Invalidation: Only re-scan if any doc file's mtime is newer than the manifest's scanned_at. Otherwise reuse the cached manifest.
+
+RULES:
+- The manifest must be small (<100 lines). Pointers only, not full content.
+- Do NOT rephrase or summarize doc content with your own words \u2014 use the actual text from the file
+- Full doc content is only loaded when relevant to the current task, never preloaded
 `;
 function createExplorerAgent(model, customPrompt, customAppendPrompt) {
   let prompt = EXPLORER_PROMPT;
@@ -42164,6 +42239,12 @@ DO NOT:
 
 Your unique value is catching LOGIC ERRORS, EDGE CASES, and SECURITY FLAWS that automated tools cannot detect. If your review only catches things a linter would catch, you are not adding value.
 
+DO (explicitly):
+- READ the changed files yourself \u2014 do not rely on the coder's self-report
+- VERIFY imports exist: if the coder added a new import, grep for the export in the source
+- CHECK test files were updated: if the coder changed a function signature, the tests should reflect it
+- VERIFY platform compatibility: path.join() used for all paths, no hardcoded separators
+
 ## REVIEW REASONING
 For each changed function or method, answer these before formulating issues:
 1. PRECONDITIONS: What must be true for this code to work correctly?
@@ -42193,6 +42274,15 @@ Does the code do what the task acceptance criteria require? Check: every accepta
 TIER 2: SAFETY (mandatory for MODERATE+, always for COMPLEX)
 Does the code introduce security vulnerabilities, data loss risks, or breaking changes? Check against: SAST findings, secret scan results, import analysis. Anti-rubber-stamp: "No issues found" requires evidence. State what you checked.
 
+### SAST TRIAGE (within Tier 2)
+When SAST findings are included in your review input (via GATES field):
+For each finding, evaluate whether the flagged taint path is actually exploitable:
+- If a sanitizer, validator, or type guard exists between source and sink \u2192 DISMISS as false positive
+- If the taint path crosses a trust boundary without validation \u2192 ESCALATE as true positive
+- If the finding is in test code or mock setup \u2192 DISMISS
+Report: "SAST TRIAGE: N findings reviewed, M dismissed (false positive), K escalated"
+Do not rubber-stamp all findings as issues. Do not dismiss all findings without reading the code path.
+
 TIER 3: QUALITY (run only for COMPLEX, and only if Tiers 1-2 pass)
 Code style, naming, duplication, test coverage, documentation completeness. This tier is advisory \u2014 QUALITY findings do not block approval. Approval requires: Tier 1 PASS + Tier 2 PASS (where applicable). Tier 3 is informational. Flag these slop patterns:
 - Vague identifiers (result, data, temp, value, item, info, stuff, obj, ret, val) \u2014 flag if a more descriptive name exists
@@ -42432,7 +42522,10 @@ COVERAGE:
 - Errors: invalid inputs, failures
 
 RULES:
-- Match language (PowerShell \u2192 Pester, Python \u2192 pytest, TS \u2192 vitest/jest)
+- Match language (PowerShell \u2192 Pester, Python \u2192 pytest, TS \u2192 bun:test)
+- Import from 'bun:test', NOT from 'vitest': import { describe, test, expect, vi, mock, beforeEach, afterEach } from 'bun:test'
+- vi.mock() calls MUST be at the top level of the file, BEFORE importing the mocked module
+- Tests MUST clean up temp directories in afterEach \u2014 leaked dirs break Windows CI
 - Tests must be runnable
 - Include setup/teardown if needed
 
@@ -42534,6 +42627,13 @@ When writing adversarial or security-focused tests, cover these attack categorie
 
 For each adversarial test: assert a SPECIFIC outcome (error thrown, value rejected, sanitized output) \u2014 not just "it doesn't crash."
 
+## MOCK ISOLATION RULES
+- vi.mock() and mock.module() calls persist across tests in the same bun process
+- Each test file runs in the same process as other files in its CI group
+- If your mock leaks, it will break other test files \u2014 this is the #1 CI failure cause
+- ALWAYS call vi.clearAllMocks() or vi.restoreAllMocks() in afterEach
+- If mocking a module, place the mock BEFORE any import of that module
+
 ## EXECUTION VERIFICATION
 
 After writing tests, you MUST run them. A test file that was written but never executed is NOT a deliverable.
@@ -42598,6 +42698,8 @@ ${customAppendPrompt}`;
 }
 
 // src/agents/index.ts
+var warnedAgents = new Set;
+var _swarmAgents;
 function stripSwarmPrefix(agentName, swarmPrefix) {
   if (!swarmPrefix || !agentName)
     return agentName;
@@ -42612,7 +42714,23 @@ function getModelForAgent(agentName, swarmAgents, swarmPrefix) {
   const explicit = swarmAgents?.[baseAgentName]?.model;
   if (explicit)
     return explicit;
-  return DEFAULT_MODELS[baseAgentName] ?? DEFAULT_MODELS.default;
+  const resolvedModel = DEFAULT_MODELS[baseAgentName] ?? DEFAULT_MODELS.default;
+  if (!warnedAgents.has(baseAgentName)) {
+    warnedAgents.add(baseAgentName);
+    console.warn("[swarm] Agent '%s' not found in config \u2014 using default model '%s'. Add it to opencode-swarm.json to customize.", baseAgentName, resolvedModel);
+  }
+  return resolvedModel;
+}
+function resolveFallbackModel(agentBaseName, fallbackIndex, swarmAgents) {
+  const fallbackModels = swarmAgents?.[agentBaseName]?.fallback_models;
+  if (!fallbackModels || fallbackModels.length === 0)
+    return null;
+  if (fallbackIndex < 1 || fallbackIndex > fallbackModels.length)
+    return null;
+  return fallbackModels[fallbackIndex - 1];
+}
+function getSwarmAgents() {
+  return _swarmAgents;
 }
 function isAgentDisabled(agentName, swarmAgents, swarmPrefix) {
   const baseAgentName = stripSwarmPrefix(agentName, swarmPrefix);
@@ -42632,6 +42750,7 @@ function applyOverrides(agent, swarmAgents, swarmPrefix) {
 function createSwarmAgents(swarmId, swarmConfig, isDefault, pluginConfig) {
   const agents = [];
   const swarmAgents = swarmConfig.agents;
+  _swarmAgents = swarmAgents;
   const prefix = isDefault ? "" : `${swarmId}_`;
   const swarmPrefix = isDefault ? undefined : swarmId;
   const qaRetryLimit = pluginConfig?.qa_retry_limit ?? 3;
@@ -42696,12 +42815,12 @@ If you call @coder instead of @${swarmId}_coder, the call will FAIL or go to the
     agents.push(applyOverrides(critic, swarmAgents, swarmPrefix));
   }
   if (!isAgentDisabled("critic_sounding_board", swarmAgents, swarmPrefix)) {
-    const critic = createCriticAgent(getModel("critic_sounding_board"), undefined, undefined, "sounding_board");
+    const critic = createCriticAgent(swarmAgents?.["critic_sounding_board"]?.model ?? getModel("critic"), undefined, undefined, "sounding_board");
     critic.name = prefixName("critic_sounding_board");
     agents.push(applyOverrides(critic, swarmAgents, swarmPrefix));
   }
   if (!isAgentDisabled("critic_drift_verifier", swarmAgents, swarmPrefix)) {
-    const critic = createCriticAgent(getModel("critic_drift_verifier"), undefined, undefined, "phase_drift_verifier");
+    const critic = createCriticAgent(swarmAgents?.["critic_drift_verifier"]?.model ?? getModel("critic"), undefined, undefined, "phase_drift_verifier");
     critic.name = prefixName("critic_drift_verifier");
     agents.push(applyOverrides(critic, swarmAgents, swarmPrefix));
   }
@@ -50195,9 +50314,9 @@ import * as path32 from "path";
 init_telemetry();
 
 // src/hooks/guardrails.ts
+import * as path30 from "path";
 init_constants();
 init_schema();
-import * as path30 from "path";
 init_manager2();
 init_telemetry();
 init_utils();
@@ -50401,6 +50520,82 @@ function createGuardrailsHooks(directory, directoryOrConfig, config3) {
     "pre_check_batch"
   ];
   const requireReviewerAndTestEngineer = cfg.qa_gates?.require_reviewer_test_engineer ?? true;
+  async function checkGateLimits(params) {
+    const { sessionID, window: window2, agentConfig, elapsedMinutes, repetitionCount } = params;
+    if (agentConfig.max_tool_calls > 0 && window2.toolCalls >= agentConfig.max_tool_calls) {
+      window2.hardLimitHit = true;
+      telemetry.hardLimitHit(sessionID, window2.agentName, "tool_calls", window2.toolCalls);
+      warn("Circuit breaker: tool call limit hit", {
+        sessionID,
+        agentName: window2.agentName,
+        invocationId: window2.id,
+        windowKey: `${window2.agentName}:${window2.id}`,
+        resolvedMaxCalls: agentConfig.max_tool_calls,
+        currentCalls: window2.toolCalls
+      });
+      throw new Error(`\uD83D\uDED1 LIMIT REACHED: Tool calls exhausted (${window2.toolCalls}/${agentConfig.max_tool_calls}). Finish the current operation and return your progress summary.`);
+    }
+    if (agentConfig.max_duration_minutes > 0 && elapsedMinutes >= agentConfig.max_duration_minutes) {
+      window2.hardLimitHit = true;
+      telemetry.hardLimitHit(sessionID, window2.agentName, "duration", elapsedMinutes);
+      warn("Circuit breaker: duration limit hit", {
+        sessionID,
+        agentName: window2.agentName,
+        invocationId: window2.id,
+        windowKey: `${window2.agentName}:${window2.id}`,
+        resolvedMaxMinutes: agentConfig.max_duration_minutes,
+        elapsedMinutes: Math.floor(elapsedMinutes)
+      });
+      throw new Error(`\uD83D\uDED1 LIMIT REACHED: Duration exhausted (${Math.floor(elapsedMinutes)}/${agentConfig.max_duration_minutes} min). Finish the current operation and return your progress summary.`);
+    }
+    if (repetitionCount >= agentConfig.max_repetitions) {
+      window2.hardLimitHit = true;
+      telemetry.hardLimitHit(sessionID, window2.agentName, "repetition", repetitionCount);
+      throw new Error(`\uD83D\uDED1 LIMIT REACHED: Repeated the same tool call ${repetitionCount} times. This suggests a loop. Return your progress summary.`);
+    }
+    if (window2.consecutiveErrors >= agentConfig.max_consecutive_errors) {
+      window2.hardLimitHit = true;
+      telemetry.hardLimitHit(sessionID, window2.agentName, "consecutive_errors", window2.consecutiveErrors);
+      throw new Error(`\uD83D\uDED1 LIMIT REACHED: ${window2.consecutiveErrors} consecutive tool errors detected. Return your progress summary with details of what went wrong.`);
+    }
+    const idleMinutes = (Date.now() - window2.lastSuccessTimeMs) / 60000;
+    if (idleMinutes >= agentConfig.idle_timeout_minutes) {
+      window2.hardLimitHit = true;
+      telemetry.hardLimitHit(sessionID, window2.agentName, "idle_timeout", idleMinutes);
+      warn("Circuit breaker: idle timeout hit", {
+        sessionID,
+        agentName: window2.agentName,
+        invocationId: window2.id,
+        windowKey: `${window2.agentName}:${window2.id}`,
+        idleTimeoutMinutes: agentConfig.idle_timeout_minutes,
+        idleMinutes: Math.floor(idleMinutes)
+      });
+      throw new Error(`\uD83D\uDED1 LIMIT REACHED: No successful tool call for ${Math.floor(idleMinutes)} minutes (idle timeout: ${agentConfig.idle_timeout_minutes} min). This suggests the agent may be stuck. Return your progress summary.`);
+    }
+    if (!window2.warningIssued) {
+      const toolPct = agentConfig.max_tool_calls > 0 ? window2.toolCalls / agentConfig.max_tool_calls : 0;
+      const durationPct = agentConfig.max_duration_minutes > 0 ? elapsedMinutes / agentConfig.max_duration_minutes : 0;
+      const repPct = repetitionCount / agentConfig.max_repetitions;
+      const errorPct = window2.consecutiveErrors / agentConfig.max_consecutive_errors;
+      const reasons = [];
+      if (agentConfig.max_tool_calls > 0 && toolPct >= agentConfig.warning_threshold) {
+        reasons.push(`tool calls ${window2.toolCalls}/${agentConfig.max_tool_calls}`);
+      }
+      if (durationPct >= agentConfig.warning_threshold) {
+        reasons.push(`duration ${Math.floor(elapsedMinutes)}/${agentConfig.max_duration_minutes} min`);
+      }
+      if (repPct >= agentConfig.warning_threshold) {
+        reasons.push(`repetitions ${repetitionCount}/${agentConfig.max_repetitions}`);
+      }
+      if (errorPct >= agentConfig.warning_threshold) {
+        reasons.push(`errors ${window2.consecutiveErrors}/${agentConfig.max_consecutive_errors}`);
+      }
+      if (reasons.length > 0) {
+        window2.warningIssued = true;
+        window2.warningReason = reasons.join(", ");
+      }
+    }
+  }
   return {
     toolBefore: async (input, output) => {
       const currentSession = swarmState.agentSessions.get(input.sessionID);
@@ -50637,79 +50832,13 @@ function createGuardrailsHooks(directory, directoryOrConfig, config3) {
         }
       }
       const elapsedMinutes = (Date.now() - window2.startedAtMs) / 60000;
-      if (agentConfig.max_tool_calls > 0 && window2.toolCalls >= agentConfig.max_tool_calls) {
-        window2.hardLimitHit = true;
-        telemetry.hardLimitHit(input.sessionID, window2.agentName, "tool_calls", window2.toolCalls);
-        warn("Circuit breaker: tool call limit hit", {
-          sessionID: input.sessionID,
-          agentName: window2.agentName,
-          invocationId: window2.id,
-          windowKey: `${window2.agentName}:${window2.id}`,
-          resolvedMaxCalls: agentConfig.max_tool_calls,
-          currentCalls: window2.toolCalls
-        });
-        throw new Error(`\uD83D\uDED1 LIMIT REACHED: Tool calls exhausted (${window2.toolCalls}/${agentConfig.max_tool_calls}). Finish the current operation and return your progress summary.`);
-      }
-      if (agentConfig.max_duration_minutes > 0 && elapsedMinutes >= agentConfig.max_duration_minutes) {
-        window2.hardLimitHit = true;
-        telemetry.hardLimitHit(input.sessionID, window2.agentName, "duration", elapsedMinutes);
-        warn("Circuit breaker: duration limit hit", {
-          sessionID: input.sessionID,
-          agentName: window2.agentName,
-          invocationId: window2.id,
-          windowKey: `${window2.agentName}:${window2.id}`,
-          resolvedMaxMinutes: agentConfig.max_duration_minutes,
-          elapsedMinutes: Math.floor(elapsedMinutes)
-        });
-        throw new Error(`\uD83D\uDED1 LIMIT REACHED: Duration exhausted (${Math.floor(elapsedMinutes)}/${agentConfig.max_duration_minutes} min). Finish the current operation and return your progress summary.`);
-      }
-      if (repetitionCount >= agentConfig.max_repetitions) {
-        window2.hardLimitHit = true;
-        telemetry.hardLimitHit(input.sessionID, window2.agentName, "repetition", repetitionCount);
-        throw new Error(`\uD83D\uDED1 LIMIT REACHED: Repeated the same tool call ${repetitionCount} times. This suggests a loop. Return your progress summary.`);
-      }
-      if (window2.consecutiveErrors >= agentConfig.max_consecutive_errors) {
-        window2.hardLimitHit = true;
-        telemetry.hardLimitHit(input.sessionID, window2.agentName, "consecutive_errors", window2.consecutiveErrors);
-        throw new Error(`\uD83D\uDED1 LIMIT REACHED: ${window2.consecutiveErrors} consecutive tool errors detected. Return your progress summary with details of what went wrong.`);
-      }
-      const idleMinutes = (Date.now() - window2.lastSuccessTimeMs) / 60000;
-      if (idleMinutes >= agentConfig.idle_timeout_minutes) {
-        window2.hardLimitHit = true;
-        telemetry.hardLimitHit(input.sessionID, window2.agentName, "idle_timeout", idleMinutes);
-        warn("Circuit breaker: idle timeout hit", {
-          sessionID: input.sessionID,
-          agentName: window2.agentName,
-          invocationId: window2.id,
-          windowKey: `${window2.agentName}:${window2.id}`,
-          idleTimeoutMinutes: agentConfig.idle_timeout_minutes,
-          idleMinutes: Math.floor(idleMinutes)
-        });
-        throw new Error(`\uD83D\uDED1 LIMIT REACHED: No successful tool call for ${Math.floor(idleMinutes)} minutes (idle timeout: ${agentConfig.idle_timeout_minutes} min). This suggests the agent may be stuck. Return your progress summary.`);
-      }
-      if (!window2.warningIssued) {
-        const toolPct = agentConfig.max_tool_calls > 0 ? window2.toolCalls / agentConfig.max_tool_calls : 0;
-        const durationPct = agentConfig.max_duration_minutes > 0 ? elapsedMinutes / agentConfig.max_duration_minutes : 0;
-        const repPct = repetitionCount / agentConfig.max_repetitions;
-        const errorPct = window2.consecutiveErrors / agentConfig.max_consecutive_errors;
-        const reasons = [];
-        if (agentConfig.max_tool_calls > 0 && toolPct >= agentConfig.warning_threshold) {
-          reasons.push(`tool calls ${window2.toolCalls}/${agentConfig.max_tool_calls}`);
-        }
-        if (durationPct >= agentConfig.warning_threshold) {
-          reasons.push(`duration ${Math.floor(elapsedMinutes)}/${agentConfig.max_duration_minutes} min`);
-        }
-        if (repPct >= agentConfig.warning_threshold) {
-          reasons.push(`repetitions ${repetitionCount}/${agentConfig.max_repetitions}`);
-        }
-        if (errorPct >= agentConfig.warning_threshold) {
-          reasons.push(`errors ${window2.consecutiveErrors}/${agentConfig.max_consecutive_errors}`);
-        }
-        if (reasons.length > 0) {
-          window2.warningIssued = true;
-          window2.warningReason = reasons.join(", ");
-        }
-      }
+      await checkGateLimits({
+        sessionID: input.sessionID,
+        window: window2,
+        agentConfig,
+        elapsedMinutes,
+        repetitionCount
+      });
       setStoredInputArgs(input.callID, output.args);
     },
     toolAfter: async (input, output) => {
@@ -50797,6 +50926,7 @@ function createGuardrailsHooks(directory, directoryOrConfig, config3) {
       const normalizedToolName = input.tool.replace(/^[^:]+[:.]/, "");
       if (isWriteTool(normalizedToolName)) {
         toolCallsSinceLastWrite.set(sessionId, 0);
+        noOpWarningIssued.delete(sessionId);
       } else {
         const count = (toolCallsSinceLastWrite.get(sessionId) ?? 0) + 1;
         toolCallsSinceLastWrite.set(sessionId, count);
@@ -50817,10 +50947,17 @@ function createGuardrailsHooks(directory, directoryOrConfig, config3) {
           const errorContent = output.error ?? outputStr;
           if (typeof errorContent === "string" && TRANSIENT_MODEL_ERROR_PATTERN.test(errorContent) && !session.modelFallbackExhausted) {
             session.model_fallback_index++;
-            telemetry.modelFallback(input.sessionID, session.agentName, "primary", "fallback", "transient_model_error");
             session.modelFallbackExhausted = true;
-            session.pendingAdvisoryMessages ??= [];
-            session.pendingAdvisoryMessages.push(`MODEL FALLBACK: Transient model error detected (attempt ${session.model_fallback_index}). ` + `The agent model may be rate-limited, overloaded, or temporarily unavailable. ` + `Consider retrying with a fallback model or waiting before retrying.`);
+            const baseAgentName = session.agentName ? session.agentName.replace(/^[^_]+[_]/, "") : "";
+            const fallbackModel = resolveFallbackModel(baseAgentName, session.model_fallback_index, getSwarmAgents());
+            if (fallbackModel) {
+              telemetry.modelFallback(input.sessionID, session.agentName, "primary", fallbackModel, "transient_model_error");
+              session.pendingAdvisoryMessages ??= [];
+              session.pendingAdvisoryMessages.push(`MODEL FALLBACK: Transient model error detected (attempt ${session.model_fallback_index}). ` + `Configured fallback model: "${fallbackModel}". ` + `Consider retrying with this model or using /swarm handoff to reset.`);
+            } else {
+              session.pendingAdvisoryMessages ??= [];
+              session.pendingAdvisoryMessages.push(`MODEL FALLBACK: Transient model error detected (attempt ${session.model_fallback_index}). ` + `No fallback models configured for this agent. Add "fallback_models": ["model-a", "model-b"] ` + `to the agent's config in opencode-swarm.json.`);
+            }
             swarmState.pendingEvents++;
           }
         }
@@ -56754,7 +56891,7 @@ function matchesDocPattern(filePath, patterns) {
     }
     const patternNormalized = normalizeSeparators(pattern);
     const dirPrefix = patternNormalized.replace(/\/\*\*.*$/, "").replace(/\/\*.*$/, "");
-    if (normalizedPath.startsWith(dirPrefix + "/") || normalizedPath === dirPrefix) {
+    if (normalizedPath.startsWith(`${dirPrefix}/`) || normalizedPath === dirPrefix) {
       return true;
     }
   }
@@ -56785,7 +56922,7 @@ function extractTitleAndSummary(content, filename) {
     }
   }
   if (summary.length > MAX_SUMMARY_LENGTH) {
-    summary = summary.slice(0, MAX_SUMMARY_LENGTH - 3) + "...";
+    summary = `${summary.slice(0, MAX_SUMMARY_LENGTH - 3)}...`;
   }
   return { title, summary };
 }
@@ -58770,7 +58907,9 @@ async function executePhaseComplete(args2, workingDirectory, directory) {
           message: `Phase ${phase} cannot be completed: ${completionResult.reason}`,
           agentsDispatched,
           agentsMissing: [],
-          warnings: completionResult.blockedTasks ? [`Blocked tasks: ${completionResult.blockedTasks.map((t) => t.task_id).join(", ")}`] : []
+          warnings: completionResult.blockedTasks ? [
+            `Blocked tasks: ${completionResult.blockedTasks.map((t) => t.task_id).join(", ")}`
+          ] : []
         }, null, 2);
       }
     } catch (completionError) {
@@ -65945,7 +66084,7 @@ var OpenCodeSwarm = async (ctx) => {
       }
     ].filter((fn) => Boolean(fn))),
     "experimental.chat.system.transform": composeHandlers(...[
-      async (input, output) => {
+      async (_input, _output) => {
         if (process.env.DEBUG_SWARM)
           console.error(`[DIAG] systemTransform START`);
       },

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencode-swarm",
-	"version": "6.34.0",
+	"version": "6.35.0",
 	"description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",