pi-crew 0.5.2 → 0.5.5

package/src/extension/crew-cleanup.ts

@@ -0,0 +1,114 @@
+import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+// NOTE: globalProgressTracker import kept for documentation but not directly used
+// since we don't have agent IDs to untrack. Actual progress clearing should be
+// handled by the progress tracker itself on shutdown.
+// import { globalProgressTracker } from "../runtime/progress-tracker.ts";
+
+/**
+ * Registers cleanup handlers for graceful shutdown.
+ * Handles session_shutdown and SIGTERM/SIGHUP signals.
+ */
+
+interface ChildProcessInfo {
+	pid: number;
+	runId: string;
+	agentId: string;
+	startedAt: number;
+}
+
+class ChildProcessRegistry {
+	private processes = new Map<number, ChildProcessInfo>();
+
+	register(pid: number, runId: string, agentId: string): void {
+		this.processes.set(pid, { pid, runId, agentId, startedAt: Date.now() });
+	}
+
+	unregister(pid: number): void {
+		this.processes.delete(pid);
+	}
+
+	getAllPids(): number[] {
+		return Array.from(this.processes.keys());
+	}
+
+	getInfo(pid: number): ChildProcessInfo | undefined {
+		return this.processes.get(pid);
+	}
+
+	clear(): void {
+		this.processes.clear();
+	}
+}
+
+export const childProcessRegistry = new ChildProcessRegistry();
+
+export function registerCleanupHandler(pi: ExtensionAPI): void {
+	// Handle session_shutdown event
+	pi.on("session_shutdown", async () => {
+		console.log("[pi-crew] Session shutdown - cleaning up resources");
+
+		try {
+			// Kill all child-pi processes
+			await cleanupChildProcesses();
+
+			// Cleanup temp directories
+			await cleanupTempDirectories();
+
+			console.log("[pi-crew] Cleanup complete");
+		} catch (error) {
+			console.error("[pi-crew] Cleanup error:", error);
+		}
+	});
+
+	// Handle SIGTERM/SIGHUP signals
+	const handleSignal = async (signal: string): Promise<void> => {
+		console.log(`[pi-crew] Received ${signal} - starting cleanup`);
+		await cleanupChildProcesses();
+	};
+
+	process.on("SIGTERM", () => { void handleSignal("SIGTERM"); });
+	process.on("SIGHUP", () => { void handleSignal("SIGHUP"); });
+}
+
+async function cleanupChildProcesses(): Promise<void> {
+	const pids = childProcessRegistry.getAllPids();
+
+	for (const pid of pids) {
+		try {
+			process.kill(pid, "SIGTERM");
+			console.log(`[pi-crew] Sent SIGTERM to child process ${pid}`);
+		} catch (error: unknown) {
+			// Process may already be dead or not exist
+			const err = error as NodeJS.ErrnoException;
+			if (err.code !== "ESRCH" && err.code !== "ENOENT") {
+				console.error(`[pi-crew] Error killing process ${pid}:`, err.message);
+			}
+		}
+		childProcessRegistry.unregister(pid);
+	}
+
+	// Clear progress tracker
+	// Note: Can't call untrack on all because we don't track agent IDs here
+	// The progress tracker should clear itself on shutdown via session_dispose
+}
+
+async function cleanupTempDirectories(): Promise<void> {
+	// NOTE: getTempDir is not available in paths.ts.
+	// For now, just log that cleanup is pending.
+	// Actual temp directory cleanup should be implemented by the run-graph
+	// or the specific code that creates temporary workspaces.
+	try {
+		console.log(`[pi-crew] Temp directory cleanup deferred to run-graph`);
+	} catch (error) {
+		console.error("[pi-crew] Temp cleanup error:", error);
+	}
+}
+
+// Export for child-pi.ts to register processes
+export function registerChildProcess(pid: number, runId: string, agentId: string): void {
+	childProcessRegistry.register(pid, runId, agentId);
+}
+
+export function unregisterChildProcess(pid: number): void {
+	childProcessRegistry.unregister(pid);
+}

package/src/extension/register.ts

@@ -17,6 +17,7 @@ import {
 	stopAsyncRunNotifier,
 } from "./async-notifier.ts";
 import { registerAutonomousPolicy } from "./autonomous-policy.ts";
+import { registerCleanupHandler } from "./crew-cleanup.ts";
 import { notifyActiveRuns } from "./session-summary.ts";
 
 let _cachedLiveRunSidebar: typeof LiveRunSidebarType | undefined;
@@ -703,7 +704,7 @@ export function registerPiTeams(pi: ExtensionAPI): void {
 				widgetState,
 				loadConfig(currentCtx.cwd).config.ui,
 			);
-		clearPiCrewPowerbar(pi.events, currentCtx);
+		clearPiCrewPowerbar(pi.events);
 	};
 	const openLiveSidebar = (ctx: ExtensionContext, runId: string): void => {
 		const uiConfig = loadConfig(ctx.cwd).config.ui;
@@ -1084,7 +1085,7 @@ export function registerPiTeams(pi: ExtensionAPI): void {
 			widgetState,
 			currentCtx ? loadConfig(currentCtx.cwd).config.ui : undefined,
 		);
-		clearPiCrewPowerbar(pi.events, currentCtx);
+		clearPiCrewPowerbar(pi.events);
 		disposePowerbarCoalescer();
 		heartbeatWatcher?.dispose();
 		if (autoRepairTimer) {
@@ -1496,8 +1497,17 @@ export function registerPiTeams(pi: ExtensionAPI): void {
 				manifests,
 			);
 			// Health notifications: only warn about genuinely running runs
+			// Filter to only current session's runs to prevent cross-session notification leakage
+			const currentSessionGen = sessionGeneration;
+			const currentSessionId = currentCtx ? (currentCtx as unknown as Record<string, unknown>).sessionId as string | undefined : undefined;
+			const sessionManifests = manifests.filter(
+				(run) =>
+					!run.ownerSessionId ||
+					run.ownerSessionId === currentSessionId ||
+					(run as unknown as Record<string, unknown>).ownerSessionGeneration === currentSessionGen,
+			);
 			const now = Date.now();
-			for (const run of manifests) {
+			for (const run of sessionManifests) {
 				if (run.status !== "running") continue;
 				try {
 					const snapshot = snapshotCache.get(run.runId);
@@ -1792,6 +1802,8 @@ export function registerPiTeams(pi: ExtensionAPI): void {
 	});
 	time("register.tools");
 
+	registerCleanupHandler(pi);
+
 	registerTeamCommands(pi, {
 		startForegroundRun,
 		abortForegroundRun,

package/src/extension/team-tool/run.ts

@@ -22,7 +22,7 @@ async function executeTeamRun(...args: Parameters<typeof ExecuteTeamRunFn>): Pro
 	return _cachedExecuteTeamRun(...args);
 }
 import { spawnBackgroundTeamRun } from "../../subagents/async-entry.ts";
-import { appendEvent, readEvents } from "../../state/event-log.ts";
+import { appendEvent, appendEventAsync, readEvents } from "../../state/event-log.ts";
 import { resolveCrewRuntime, runtimeResolutionState } from "../../runtime/runtime-resolver.ts";
 import { normalizeSkillOverride } from "../../runtime/skill-instructions.ts";
 import { expandParallelResearchWorkflow } from "../../runtime/parallel-research.ts";
@@ -67,7 +67,7 @@ function scheduleBackgroundEarlyExitGuard(cwd: string, runId: string, pid: numbe
 		const tail = tailFile(logPath);
 		const message = `Background runner exited within 3s; see background.log${tail ? `\n${tail}` : ""}`;
 		const failed = updateRunStatus(loaded.manifest, "failed", "Background runner exited within 3s; see background.log");
-		appendEvent(failed.eventsPath, { type: "async.failed", runId: failed.runId, message, data: { pid, detail: liveness.detail } });
+		void appendEventAsync(failed.eventsPath, { type: "async.failed", runId: failed.runId, message, data: { pid, detail: liveness.detail } });
 	}, 3000);
 	timer.unref();
 }
@@ -140,7 +140,7 @@ export async function handleRun(params: TeamToolParamsValue, ctx: TeamContext):
 	const runtimeResolution = runtimeResolutionState(runtime);
 	const executionManifest = { ...updatedManifest, runtimeResolution, runConfig: executedConfig, updatedAt: new Date().toISOString() };
 	atomicWriteJson(paths.manifestPath, executionManifest);
-	appendEvent(executionManifest.eventsPath, { type: "runtime.resolved", runId: executionManifest.runId, message: `Runtime resolved: ${runtime.kind} safety=${runtime.safety}`, data: { runtimeResolution } });
+	appendEventAsync(executionManifest.eventsPath, { type: "runtime.resolved", runId: executionManifest.runId, message: `Runtime resolved: ${runtime.kind} safety=${runtime.safety}`, data: { runtimeResolution } }).catch(() => {});
 	const runAsync = params.async ?? executedConfig.asyncByDefault ?? false;
 	let effectiveRuntime = runtime;
 	if (runAsync && runtime.kind === "live-session") {
@@ -150,13 +150,13 @@ export async function handleRun(params: TeamToolParamsValue, ctx: TeamContext):
 	const effectiveManifest = effectiveRuntime !== runtime ? { ...executionManifest, runtimeResolution: effectiveRuntimeResolution, updatedAt: new Date().toISOString() } : executionManifest;
 	if (effectiveRuntime !== runtime) {
 		atomicWriteJson(paths.manifestPath, effectiveManifest);
-		appendEvent(effectiveManifest.eventsPath, { type: "runtime.resolved", runId: effectiveManifest.runId, message: `Runtime overridden: child-process (async fallback from live-session)`, data: { runtimeResolution: effectiveRuntimeResolution } });
+		appendEventAsync(effectiveManifest.eventsPath, { type: "runtime.resolved", runId: effectiveManifest.runId, message: `Runtime overridden: child-process (async fallback from live-session)`, data: { runtimeResolution: effectiveRuntimeResolution } }).catch(() => {});
 	}
 	if (runAsync) {
 		if (effectiveRuntime.safety === "blocked") {
 			const runningManifest = updateRunStatus(effectiveManifest, "running", "Checking worker runtime availability.");
 			const blocked = updateRunStatus(runningManifest, "blocked", effectiveRuntime.reason ?? "Child worker execution is disabled; refusing to create no-op scaffold subagents.");
-			appendEvent(blocked.eventsPath, { type: "run.blocked", runId: blocked.runId, message: blocked.summary, data: { runtime: effectiveRuntime, runtimeResolution: effectiveRuntimeResolution, async: true, diagnostics: { requestedMode: effectiveRuntime.requestedMode, workersDisabled: executedConfig.executeWorkers === false, envCrew: process.env.PI_CREW_EXECUTE_WORKERS, envTeams: process.env.PI_TEAMS_EXECUTE_WORKERS } } });
+			void appendEventAsync(blocked.eventsPath, { type: "run.blocked", runId: blocked.runId, message: blocked.summary, data: { runtime: effectiveRuntime, runtimeResolution: effectiveRuntimeResolution, async: true, diagnostics: { requestedMode: effectiveRuntime.requestedMode, workersDisabled: executedConfig.executeWorkers === false, envCrew: process.env.PI_CREW_EXECUTE_WORKERS, envTeams: process.env.PI_TEAMS_EXECUTE_WORKERS } } });
 			unregisterActiveRun(blocked.runId);
 			return result([
 				`Blocked pi-crew run ${blocked.runId}: real subagent workers are disabled.`,
@@ -169,7 +169,7 @@ export async function handleRun(params: TeamToolParamsValue, ctx: TeamContext):
 		const spawned = await spawnBackgroundTeamRun(effectiveManifest);
 		const asyncManifest = { ...effectiveManifest, async: { pid: spawned.pid, logPath: spawned.logPath, spawnedAt: new Date().toISOString() } };
 		atomicWriteJson(paths.manifestPath, asyncManifest);
-		appendEvent(effectiveManifest.eventsPath, { type: "async.spawned", runId: effectiveManifest.runId, data: { pid: spawned.pid, logPath: spawned.logPath } });
+		void appendEventAsync(effectiveManifest.eventsPath, { type: "async.spawned", runId: effectiveManifest.runId, data: { pid: spawned.pid, logPath: spawned.logPath } });
 		scheduleBackgroundEarlyExitGuard(ctx.cwd, effectiveManifest.runId, spawned.pid, spawned.logPath);
 		// Wait for the async run to complete and return actual results.
 		try {
@@ -280,7 +280,7 @@ export async function handleRun(params: TeamToolParamsValue, ctx: TeamContext):
 	if (runtime.safety === "blocked") {
 		const runningManifest = updateRunStatus(executionManifest, "running", "Checking worker runtime availability.");
 		const blocked = updateRunStatus(runningManifest, "blocked", runtime.reason ?? "Child worker execution is disabled; refusing to create no-op scaffold subagents.");
-		appendEvent(blocked.eventsPath, { type: "run.blocked", runId: blocked.runId, message: blocked.summary, data: { runtime, runtimeResolution, diagnostics: { requestedMode: runtime.requestedMode, workersDisabled: executedConfig.executeWorkers === false, envCrew: process.env.PI_CREW_EXECUTE_WORKERS, envTeams: process.env.PI_TEAMS_EXECUTE_WORKERS } } });
+		void appendEventAsync(blocked.eventsPath, { type: "run.blocked", runId: blocked.runId, message: blocked.summary, data: { runtime, runtimeResolution, diagnostics: { requestedMode: runtime.requestedMode, workersDisabled: executedConfig.executeWorkers === false, envCrew: process.env.PI_CREW_EXECUTE_WORKERS, envTeams: process.env.PI_TEAMS_EXECUTE_WORKERS } } });
 		unregisterActiveRun(blocked.runId);
 		return result([
 			`Blocked pi-crew run ${blocked.runId}: real subagent workers are disabled.`,

package/src/observability/event-bus.ts

@@ -0,0 +1,60 @@
+import type { AgentProgress } from "../runtime/progress-tracker.ts";
+
+export type CrewEventType =
+  | "agent:progress"
+  | "agent:complete"
+  | "agent:error"
+  | "run:start"
+  | "run:complete";
+
+export interface CrewEvent {
+  type: CrewEventType;
+  runId: string;
+  agentId?: string;
+  payload?: AgentProgress | string;
+  timestamp: number;
+}
+
+type CrewEventListener = (event: CrewEvent) => void;
+
+class EventBus {
+  private listeners = new Map<CrewEventType, Set<CrewEventListener>>();
+  private static instance?: EventBus;
+
+  static getInstance(): EventBus {
+    if (!EventBus.instance) {
+      EventBus.instance = new EventBus();
+    }
+    return EventBus.instance;
+  }
+
+  emit(event: CrewEvent): void {
+    const listeners = this.listeners.get(event.type);
+    if (listeners) {
+      for (const listener of listeners) {
+        try {
+          listener(event);
+        } catch (e) {
+          console.error("[EventBus] Listener error:", e);
+        }
+      }
+    }
+  }
+
+  on(type: CrewEventType, listener: CrewEventListener): () => void {
+    if (!this.listeners.has(type)) {
+      this.listeners.set(type, new Set());
+    }
+    this.listeners.get(type)!.add(listener);
+
+    return () => {
+      this.listeners.get(type)?.delete(listener);
+    };
+  }
+
+  off(type: CrewEventType, listener: CrewEventListener): void {
+    this.listeners.get(type)?.delete(listener);
+  }
+}
+
+export const crewEventBus = EventBus.getInstance();

package/src/runtime/background-runner.ts

@@ -127,6 +127,8 @@ function setupUnhandledRejectionGuard(state: { cwd?: string; runId?: string; eve
 }
 
 async function main(): Promise<void> {
+	// FIX: Store logFd so it can be closed on exit to prevent file descriptor leak
+	let logFd: number | undefined;
 	// Redirect console to background.log since stdio is "ignore" in detached mode.
 	// Must be BEFORE any console.log/console.error calls.
 	const _cwd = argValue("--cwd");
@@ -134,13 +136,17 @@ async function main(): Promise<void> {
 	if (_cwd && _runId) {
 		try {
 			const logPath = path.join(_cwd, ".crew/state/runs", _runId, "background.log");
-			const logFd = fs.openSync(logPath, "a");
+			logFd = fs.openSync(logPath, "a");
 			const origWrite = (prefix: string) => (data: any, ...args: any[]) => {
 				const msg = [data, ...args].map(String).join(" ") + "\n";
-				fs.writeSync(logFd, msg);
+				fs.writeSync(logFd!, msg);
 			};
 			console.log = origWrite("OUT");
 			console.error = origWrite("ERR");
+			// FIX: Close logFd on process exit to prevent file descriptor leak
+			process.on("exit", () => {
+				try { if (logFd !== undefined) fs.closeSync(logFd); } catch { /* ignore */ }
+			});
 		} catch { /* best-effort */ }
 	}
 

package/src/runtime/child-pi.ts

@@ -10,6 +10,7 @@ import { logInternalError } from "../utils/internal-error.ts";
 import { attachPostExitStdioGuard, trySignalChild } from "./post-exit-stdio-guard.ts";
 import { redactJsonLine, SECRET_KEY_PATTERN } from "../utils/redaction.ts";
 import { sanitizeEnvSecrets } from "../utils/env-filter.ts";
+import { registerChildProcess, unregisterChildProcess } from "../extension/crew-cleanup.ts";
 
 const POST_EXIT_STDIO_GUARD_MS = DEFAULT_CHILD_PI.postExitStdioGuardMs;
 const FINAL_DRAIN_MS = DEFAULT_CHILD_PI.finalDrainMs;
@@ -117,6 +118,8 @@ export interface ChildPiLifecycleEvent {
 	error?: string;
 	/** Stderr captured at timeout moment (for response_timeout events). */
 	stderr?: string;
+	/** Last N chars of stderr for error context (exit/error events). */
+	stderrExcerpt?: string;
 	/** Timestamp (ISO). */
 	ts: string;
 }
@@ -146,6 +149,16 @@ export interface ChildPiRunInput {
 	parentContext?: string;
 	/** When true, prepend parentContext to the task prompt. */
 	inheritContext?: boolean;
+	/** Pass to pi to mark certain commands as context-excluded. Default: false */
+	excludeContextBash?: boolean;
+	/** pi session ID for session naming (aligns with pi-crew run ID) */
+	sessionId?: string;
+	/** Run ID for cleanup tracking */
+	runId?: string;
+	/** Agent ID for cleanup tracking */
+	agentId?: string;
+	/** Role for tool restrictions (from role-tools.ts) */
+	role?: string;
 }
 
 export interface ChildPiRunResult {
@@ -168,18 +181,24 @@ export function buildChildPiSpawnOptions(cwd: string, env: NodeJS.ProcessEnv): S
 	// Bug #12 fix: essential env vars (PATH, HOME, etc.) are always preserved so child can find npm/node.
 	const filteredEnv = sanitizeEnvSecrets(env, {
 		allowList: [
-			// Model provider API keys (these are safe to pass — they're meant for API calls)
-			"MINIMAX_*",
-			"OPENAI_*",
-			"ANTHROPIC_*",
-			"GOOGLE_*",
-			"AZURE_*",
-			"AWS_*",
-			"ZEU_*",
-			"ZERODEV_*",
-			"*_API_KEY",
-			"*_TOKEN",
-			"*_SECRET",
+			// Model provider API keys (explicit list — do NOT use wildcards)
+			"MINIMAX_API_KEY",
+			"MINIMAX_GROUP_ID",
+			"OPENAI_API_KEY",
+			"OPENAI_ORG_ID",
+			"ANTHROPIC_API_KEY",
+			"GOOGLE_API_KEY",
+			"GOOGLE_GENERATIVE_LANGUAGE_API_KEY",
+			"AZURE_OPENAI_API_KEY",
+			"AZURE_OPENAI_ENDPOINT",
+			"AWS_ACCESS_KEY_ID",
+			"AWS_SECRET_ACCESS_KEY",
+			"AWS_REGION",
+			"ZEU_API_KEY",
+			"ZERODEV_API_KEY",
+			// SECURITY FIX: Removed dangerous wildcards "*_API_KEY", "*_TOKEN", "*_SECRET"
+			// These patterns would leak ALL secrets matching the pattern to child processes.
+			// Only add specific, intended provider keys above.
 			// Essential non-secret vars for child process to function
 			"PATH",
 			"HOME",
@@ -368,23 +387,31 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 	if (depth.blocked) return { exitCode: 1, stdout: "", stderr: `pi-crew depth guard blocked child worker: depth ${depth.depth} >= max ${depth.maxDepth}` };
 	const mock = process.env.PI_TEAMS_MOCK_CHILD_PI;
 	if (mock) {
+		// SECURITY: Log mock mode activation prominently for audit trail
+		console.warn(`[⚠️ PI_CREW_MOCK_MODE] Mock mode active: ${mock} — NOT running real agents!`);
+		// SECURITY FIX: Require PI_CREW_ALLOW_MOCK alongside PI_TEAMS_MOCK_CHILD_PI
+		const allowMock = process.env.PI_CREW_ALLOW_MOCK === "1" || process.env.PI_CREW_ALLOW_MOCK === "true";
+		if (!allowMock) {
+			console.error(`[🚨 PI_CREW_MOCK_MODE] SECURITY: PI_TEAMS_MOCK_CHILD_PI is set but PI_CREW_ALLOW_MOCK is not "1". Ignoring mock request for safety.`);
+			return { exitCode: 1, stdout: "", stderr: "Mock mode requires PI_CREW_ALLOW_MOCK=1 alongside PI_TEAMS_MOCK_CHILD_PI" };
+		}
 		if (mock === "success") {
-			const stdout = `Mock child Pi success for ${input.agent.name}\n`;
+			const stdout = `[MOCK] Success for ${input.agent.name}\n`;
 			observeStdoutChunk(input, stdout);
 			return { exitCode: 0, stdout, stderr: "" };
 		}
 		if (mock === "json-success" || mock === "adaptive-plan") {
 			const text = mock === "adaptive-plan" && effectiveTask.includes("ADAPTIVE_PLAN_JSON_START")
-				? `Adaptive mock plan\nADAPTIVE_PLAN_JSON_START\n${JSON.stringify({ phases: [{ name: "research", tasks: [{ role: "explorer", task: "Explore adaptive target" }, { role: "analyst", task: "Analyze adaptive target" }, { role: "planner", task: "Plan adaptive target" }] }, { name: "build", tasks: [{ role: "executor", task: "Implement adaptive target" }] }, { name: "check", tasks: [{ role: "reviewer", task: "Review adaptive target" }, { role: "test-engineer", task: "Test adaptive target" }, { role: "writer", task: "Summarize adaptive target" }] }] })}\nADAPTIVE_PLAN_JSON_END`
-				: `Mock JSON success for ${input.agent.name}`;
+				? `[MOCK] Adaptive plan\nADAPTIVE_PLAN_JSON_START\n${JSON.stringify({ phases: [{ name: "research", tasks: [{ role: "explorer", task: "Explore adaptive target" }, { role: "analyst", task: "Analyze adaptive target" }, { role: "planner", task: "Plan adaptive target" }] }, { name: "build", tasks: [{ role: "executor", task: "Implement adaptive target" }] }, { name: "check", tasks: [{ role: "reviewer", task: "Review adaptive target" }, { role: "test-engineer", task: "Test adaptive target" }, { role: "writer", task: "Summarize adaptive target" }] }] })}\nADAPTIVE_PLAN_JSON_END`
+				: `[MOCK] JSON success for ${input.agent.name}`;
 			const stdout = `${JSON.stringify({ type: "message", message: { role: "assistant", content: [{ type: "text", text }] } })}\n${JSON.stringify({ type: "message_end", usage: { input: 10, output: 5, cost: 0.001, turns: 1 } })}\n`;
 			observeStdoutChunk(input, stdout);
 			return { exitCode: 0, stdout, stderr: "" };
 		}
-		if (mock === "retryable-failure") return { exitCode: 1, stdout: "", stderr: "rate limit: mock failure" };
-		return { exitCode: 1, stdout: "", stderr: `mock failure: ${mock}` };
+		if (mock === "retryable-failure") return { exitCode: 1, stdout: "", stderr: "[MOCK] rate limit: mock failure" };
+		return { exitCode: 1, stdout: "", stderr: `[MOCK] failure: ${mock}` };
 	}
-	const built = buildPiWorkerArgs({ task: effectiveTask, agent: input.agent, model: input.model, sessionEnabled: true, maxDepth: input.maxDepth, skillPaths: input.skillPaths });
+	const built = buildPiWorkerArgs({ task: effectiveTask, agent: input.agent, model: input.model, sessionEnabled: true, maxDepth: input.maxDepth, skillPaths: input.skillPaths, role: input.role });
 	const spawnSpec = getPiSpawnCommand(built.args);
 	try {
 		return await new Promise<ChildPiRunResult>((resolve) => {
@@ -393,6 +420,10 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				activeChildProcesses.set(child.pid, child);
 				input.onSpawn?.(child.pid);
 				input.onLifecycleEvent?.({ type: "spawned", pid: child.pid, ts: new Date().toISOString() });
+				// Register with cleanup handler for graceful shutdown
+				if (input.runId && input.agentId) {
+					registerChildProcess(child.pid, input.runId, input.agentId);
+				}
 			} else {
 				input.onLifecycleEvent?.({ type: "spawn_error", error: "spawn returned no pid", ts: new Date().toISOString() });
 			}
@@ -414,6 +445,36 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 			let hardKilled = false;
 			const cleanupErrors: string[] = [];
 			let turnCount = 0;
+			// Track in-flight operations for proper rejection on unexpected exit
+			interface PendingOperation {
+				id: string;
+				type: "prompt" | "steer" | "json_event";
+				startedAt: number;
+			}
+			const pendingOperations = new Map<string, PendingOperation>();
+			let operationIdCounter = 0;
+
+			const startOperation = (type: PendingOperation["type"]): string => {
+				const id = `op-${++operationIdCounter}`;
+				pendingOperations.set(id, { id, type, startedAt: Date.now() });
+				return id;
+			};
+
+			const completeOperation = (id: string): void => {
+				pendingOperations.delete(id);
+			};
+
+			const rejectPendingOperations = (error: Error): void => {
+				pendingOperations.forEach((op, id) => {
+					logInternalError(
+						"child-pi.pending-operation-rejected",
+						error,
+						`opId=${id} type=${op.type} elapsed=${Date.now() - op.startedAt}ms`,
+					);
+				});
+				pendingOperations.clear();
+			};
+
 			let softLimitReached = false;
 			const maxTurns = input.maxTurns;
 			const graceTurns = input.graceTurns;
@@ -450,20 +511,27 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				},
 				onJsonEvent: (event) => {
 					restartNoResponseTimer();
-					// Turn-count-based steering: soft limit steer + hard abort after graceTurns
-					if (event && typeof event === "object" && !Array.isArray(event)) {
-						const obj = event as Record<string, unknown>;
-						if (obj.type === "turn_end") {
-							turnCount += 1;
-							if (maxTurns !== undefined && !softLimitReached && turnCount >= maxTurns) {
-								softLimitReached = true;
-								// Inject steer via stdin to tell child to wrap up
-								child.stdin?.write(JSON.stringify({ type: "steer", message: "You have reached your turn limit. Wrap up immediately — provide your final answer now." }) + "\n");
-							} else if (maxTurns !== undefined && softLimitReached && turnCount >= maxTurns + (graceTurns ?? 5)) {
-								// Hard abort — terminate after grace turns
-								try { child.kill(process.platform === "win32" ? undefined : "SIGTERM"); } catch { /* best-effort */ }
+					const eventOpId = startOperation("json_event");
+					try {
+						// Turn-count-based steering: soft limit steer + hard abort after graceTurns
+						if (event && typeof event === "object" && !Array.isArray(event)) {
+							const obj = event as Record<string, unknown>;
+							if (obj.type === "turn_end") {
+								turnCount += 1;
+								if (maxTurns !== undefined && !softLimitReached && turnCount >= maxTurns) {
+									softLimitReached = true;
+									// Inject steer via stdin to tell child to wrap up
+									child.stdin?.write(JSON.stringify({ type: "steer", message: "You have reached your turn limit. Wrap up immediately — provide your final answer now." }) + "\n");
+								} else if (maxTurns !== undefined && softLimitReached && turnCount >= maxTurns + (graceTurns ?? 5)) {
+									// Hard abort — terminate after grace turns
+									try { child.kill(process.platform === "win32" ? undefined : "SIGTERM"); } catch { /* best-effort */ }
+								}
 							}
 						}
+						completeOperation(eventOpId);
+					} catch (err) {
+						completeOperation(eventOpId);
+						throw err;
 					}
 					input.onJsonEvent?.(event);
 					if (!isFinalAssistantEvent(event) || childExited || settled || finalDrainTimer) return;
@@ -587,20 +655,38 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				stderr = appendBoundedTail(stderr, chunk.toString("utf-8"));
 			});
 			child.on("error", (error) => {
+				// Reject pending operations with process error context
+				const processError = new Error(
+					`Child Pi process error: ${error.message}. Stderr: ${stderr.slice(-500) || "(none)"}`,
+				);
+				rejectPendingOperations(processError);
 				try {
-					input.onLifecycleEvent?.({ type: "spawn_error", pid: child.pid, error: error.message, ts: new Date().toISOString() });
+					input.onLifecycleEvent?.({ type: "spawn_error", pid: child.pid, error: processError.message, ts: new Date().toISOString(), stderrExcerpt: stderr.slice(-500) || undefined });
 				} catch (err) {
 					logInternalError("child-pi.on-lifecycle-event", err, `event=error, pid=${child.pid}`);
 				}
-				settle({ exitCode: null, stdout, stderr, error: error.message });
+				settle({ exitCode: null, stdout, stderr, error: processError.message });
 			});
-			child.on("exit", (code) => {
+			child.on("exit", (code, signal) => {
 				if (child.pid) {
 					activeChildProcesses.delete(child.pid);
 					clearHardKillTimer(child.pid);
+					// Unregister from cleanup handler
+					unregisterChildProcess(child.pid);
+				}
+				// Build comprehensive exit error for unexpected exits
+				const isUnexpectedExit = !childExited && !settled && !responseTimeoutHit && !abortRequested;
+				const exitError = isUnexpectedExit
+					? new Error(
+						`Child Pi process exited unexpectedly (code=${code ?? "null"} signal=${signal ?? "null"}). `
+						+ `Stderr: ${stderr.slice(-1000) || "(none)"}`,
+					)
+					: null;
+				if (exitError) {
+					rejectPendingOperations(exitError);
 				}
 				try {
-					input.onLifecycleEvent?.({ type: "exit", pid: child.pid, exitCode: code, ts: new Date().toISOString() });
+					input.onLifecycleEvent?.({ type: "exit", pid: child.pid, exitCode: code, ts: new Date().toISOString(), error: exitError?.message, stderrExcerpt: isUnexpectedExit ? stderr.slice(-1000) || undefined : undefined });
 				} catch (err) {
 					logInternalError("child-pi.on-lifecycle-event", err, `event=exit, pid=${child.pid}`);
 				}
@@ -618,6 +704,8 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				if (child.pid) {
 					activeChildProcesses.delete(child.pid);
 					clearHardKillTimer(child.pid);
+					// Unregister from cleanup handler
+					unregisterChildProcess(child.pid);
 				}
 				try {
 					input.onLifecycleEvent?.({ type: "close", pid: child.pid, exitCode, ts: new Date().toISOString() });

package/src/runtime/crew-agent-runtime.ts

@@ -7,6 +7,7 @@ export type CrewAgentStatus = "queued" | "running" | "waiting" | "completed" | "
 export interface CrewAgentRecentTool {
 	tool: string;
 	args?: string;
+	startedAt?: string;
 	endedAt: string;
 }