principles-disciple 1.27.0 → 1.28.1

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "principles-disciple",
   "name": "Principles Disciple",
   "description": "Evolutionary programming agent framework with strategic guardrails and reflection loops.",
-  "version": "1.27.0",
+  "version": "1.28.1",
   "skills": [
     "./skills"
   ],
@@ -76,8 +76,8 @@
     }
   },
   "buildFingerprint": {
-    "gitSha": "9037c29faf9a",
-    "bundleMd5": "e7e9ebf7f67083f72f8f4328314d5670",
-    "builtAt": "2026-04-13T06:10:29.622Z"
+    "gitSha": "27d380ef1db5",
+    "bundleMd5": "e6f2b6946eddc217169568fc45c5569e",
+    "builtAt": "2026-04-13T08:32:02.125Z"
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "principles-disciple",
-  "version": "1.27.0",
+  "version": "1.28.1",
   "description": "Native OpenClaw plugin for Principles Disciple",
   "type": "module",
   "main": "./dist/bundle.js",
@@ -40,14 +40,14 @@
     "@testing-library/react": "^16.3.0",
     "@types/better-sqlite3": "^7.6.13",
     "@types/micromatch": "^4.0.10",
-    "@types/node": "^25.5.0",
+    "@types/node": "^25.6.0",
     "@types/react": "^19.2.2",
     "@types/react-dom": "^19.2.2",
     "@types/ws": "^8.5.13",
     "@typescript-eslint/eslint-plugin": "^8.58.0",
     "@typescript-eslint/parser": "^8.58.0",
     "@vitest/coverage-v8": "^4.1.0",
-    "esbuild": "^0.27.4",
+    "esbuild": "^0.28.0",
     "eslint": "^10.1.0",
     "jsdom": "^29.0.1",
     "typescript": "^6.0.2",
@@ -64,7 +64,7 @@
   },
   "dependencies": {
     "@sinclair/typebox": "^0.34.48",
-    "better-sqlite3": "^12.8.0",
+    "better-sqlite3": "^12.9.0",
     "lucide-react": "^1.7.0",
     "micromatch": "^4.0.8",
     "react": "^19.2.0",

package/scripts/diagnose-nocturnal.mjs

@@ -12,10 +12,10 @@
  * Output: Structured report with pass/fail for each checkpoint.
  */
 
-import { existsSync, readFileSync, readdirSync, statSync } from 'fs';
+import { existsSync, readFileSync, readdirSync, statSync, writeFileSync, rmSync } from 'fs';
 import { join, dirname } from 'path';
 import { fileURLToPath } from 'url';
-import { execSync } from 'child_process';
+import { execSync, execFileSync } from 'child_process';
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
@@ -313,6 +313,45 @@ function main() {
       return 'No active pain flag';
     }
     const content = readFileSync(painFlagPath, 'utf-8');
+
+    // Self-healing: fix [object Object] corruption caused by bash heredoc/toString
+    if (content.includes('[object Object]')) {
+      // Try to extract and parse JSON object from anywhere in the content
+      // The corruption might be at any position, not just the beginning
+      try {
+        // Attempt 1: Extract JSON object using regex (handles {...} anywhere)
+        const jsonMatch = content.match(/\{[\s\S]*\}/);
+        if (jsonMatch) {
+          const json = JSON.parse(jsonMatch[0]);
+          // If we got a valid object, rewrite it properly as KV format
+          const kv = Object.entries(json)
+            .map(([k, v]) => `${k}: ${v === undefined ? '' : v}`)
+            .join('\n');
+          writeFileSync(painFlagPath, kv, 'utf-8');
+          return `Pain flag was corrupted ([object Object]), auto-repaired from JSON backup`;
+        }
+        // Attempt 2: Try parsing the whole content after removing common prefixes
+        const cleaned = content.replace(/^(active:\s*|source:\s*)/, '').trim();
+        if (cleaned.startsWith('{')) {
+          const json = JSON.parse(cleaned);
+          const kv = Object.entries(json)
+            .map(([k, v]) => `${k}: ${v === undefined ? '' : v}`)
+            .join('\n');
+          writeFileSync(painFlagPath, kv, 'utf-8');
+          return `Pain flag was corrupted ([object Object]), auto-repaired from JSON backup`;
+        }
+        throw new Error('No valid JSON found');
+      } catch {
+        // If not JSON, delete the corrupted file to unblock the system
+        try {
+          rmSync(painFlagPath);
+          return `Pain flag was corrupted ([object Object]), deleted invalid file to unblock system`;
+        } catch {
+          return { status: 'warn', detail: 'Pain flag corrupted ([object Object]), could not auto-repair' };
+        }
+      }
+    }
+
     const lines = content.split('\n');
     const fields = {};
     for (const line of lines) {
@@ -394,6 +433,104 @@ function main() {
     }
   });
 
+  // ─────────────────────────────────────────────────────────
+  // CHECKPOINT 13: Correction samples (Phase 2b/3b)
+  // ─────────────────────────────────────────────────────────
+  check('13. Correction samples availability', () => {
+    // Read from trajectory.db using sqlite3 CLI
+    try {
+      const dbPath = join(stateDir, 'trajectory.db');
+      if (!existsSync(dbPath)) {
+        return { status: 'warn', detail: 'trajectory.db not found' };
+      }
+      let result;
+      try {
+        result = execFileSync('sqlite3', [dbPath, 'SELECT review_status, COUNT(*), AVG(quality_score) FROM correction_samples GROUP BY review_status;'], { encoding: 'utf-8', timeout: 5000 }).trim();
+      } catch {
+        return { status: 'warn', detail: 'Could not query correction samples' };
+      }
+      if (!result) {
+        return { status: 'warn', detail: 'Could not query correction samples' };
+      }
+      const pendingMatch = result.match(/pending\|(\d+)/);
+      const approvedMatch = result.match(/approved\|(\d+)/);
+      const rejectedMatch = result.match(/rejected\|(\d+)/);
+      const pending = pendingMatch ? parseInt(pendingMatch[1]) : 0;
+      const approved = approvedMatch ? parseInt(approvedMatch[1]) : 0;
+      const rejected = rejectedMatch ? parseInt(rejectedMatch[1]) : 0;
+      if (pending > 0) {
+        return { status: 'warn', detail: `${pending} pending review, ${approved} approved, ${rejected} rejected` };
+      }
+      if (approved === 0 && rejected === 0) return { status: 'warn', detail: 'No correction samples exist — no user corrections detected yet' };
+      return `${approved} approved, ${rejected} rejected, ${pending} pending`;
+    } catch {
+      return { status: 'warn', detail: 'Could not query trajectory.db' };
+    }
+  });
+
+  // ─────────────────────────────────────────────────────────
+  // CHECKPOINT 14: Signal diversity (Phase 3b)
+  // ─────────────────────────────────────────────────────────
+  check('14. Pain signal diversity', () => {
+    try {
+      const dbPath = join(stateDir, 'trajectory.db');
+      if (!existsSync(dbPath)) {
+        return { status: 'warn', detail: 'trajectory.db not found' };
+      }
+      let result;
+      try {
+        result = execFileSync('sqlite3', [dbPath, 'SELECT source, COUNT(*), ROUND(AVG(score),1) FROM pain_events GROUP BY source ORDER BY COUNT(*) DESC;'], { encoding: 'utf-8', timeout: 5000 }).trim();
+      } catch {
+        return { status: 'warn', detail: 'Could not query pain events' };
+      }
+      if (!result) {
+        return { status: 'warn', detail: 'Could not query pain events' };
+      }
+      const sources = result.split('\n').filter(Boolean);
+      if (sources.length < 2) {
+        return { status: 'warn', detail: `Only ${sources.length} pain signal source(s) — low diversity. Expected: tool_failure, user_empathy, correction_rejected, gate_blocked` };
+      }
+      const summary = sources.map(s => {
+        const parts = s.split('|');
+        return `${parts[0]} (${parts[1]}, avg ${parts[2]})`;
+      }).join(', ');
+      return `${sources.length} sources: ${summary}`;
+    } catch {
+      return { status: 'warn', detail: 'Could not query trajectory.db' };
+    }
+  });
+
+  // ─────────────────────────────────────────────────────────
+  // CHECKPOINT 15: Artifact quality (Phase 3)
+  // ─────────────────────────────────────────────────────────
+  check('15. Nocturnal artifact quality', () => {
+    const samplesDir = join(stateDir, 'nocturnal', 'samples');
+    if (!existsSync(samplesDir)) {
+      return { status: 'warn', detail: 'No samples directory' };
+    }
+    const files = readdirSync(samplesDir).filter(f => f.endsWith('.json'));
+    if (files.length === 0) return { status: 'warn', detail: 'No artifacts produced yet' };
+
+    // Check uniqueness of badDecision across recent artifacts
+    const recentFiles = files
+      .map(f => ({ name: f, mtime: statSync(join(samplesDir, f)).mtimeMs }))
+      .sort((a, b) => b.mtime - a.mtime)
+      .slice(0, 5);
+
+    const decisions = new Set();
+    for (const f of recentFiles) {
+      try {
+        const artifact = JSON.parse(readFileSync(join(samplesDir, f.name), 'utf-8'));
+        if (artifact.badDecision) decisions.add(artifact.badDecision);
+      } catch { /* skip */ }
+    }
+
+    if (decisions.size < recentFiles.length) {
+      return { status: 'warn', detail: `${recentFiles.length - decisions.size} duplicate decision(s) in last ${recentFiles.length} artifacts — stub reflector may not be content-aware` };
+    }
+    return `${files.length} total, last ${recentFiles.length} all unique decisions`;
+  });
+
   printReport();
 }
 

package/scripts/seed-nocturnal-scenarios.mjs

@@ -0,0 +1,377 @@
+#!/usr/bin/env node
+
+/**
+ * Nocturnal Pipeline — Seed Scenarios (Phase 3b)
+ *
+ * Injects synthetic pain/correction scenarios into the trajectory database
+ * to improve signal diversity for the nocturnal reflection pipeline.
+ *
+ * Uses sqlite3 CLI to avoid better-sqlite3 native module dependency.
+ *
+ * Usage:
+ *   node scripts/seed-nocturnal-scenarios.mjs [--workspace /path/to/workspace]
+ */
+
+import { existsSync } from 'fs';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+import { execFileSync, execSync } from 'child_process';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+// ─── Pre-flight: check sqlite3 CLI is available ───
+function ensureSqlite3() {
+  try {
+    execFileSync('sqlite3', ['--version'], { encoding: 'utf-8', timeout: 5000 });
+  } catch {
+    console.error('❌ sqlite3 CLI is required but not found in PATH');
+    console.error('   Install it: apt-get install sqlite3  |  brew install sqlite3  |  choco install sqlite');
+    process.exit(1);
+  }
+}
+
+/**
+ * Run a SQL query safely via execFileSync (no shell interpolation).
+ * Returns trimmed stdout string.
+ */
+function runSql(dbPath, sql) {
+  return execFileSync('sqlite3', [dbPath, sql], {
+    encoding: 'utf-8',
+    timeout: 5000,
+  }).trim();
+}
+
+// ─── Argument parsing ───
+function parseArgs() {
+  let workspaceDir = null;
+  const argv = process.argv.slice(2);
+  for (let i = 0; i < argv.length; i++) {
+    if (argv[i] === '--workspace' && argv[i + 1]) {
+      workspaceDir = argv[++i];
+    }
+  }
+  if (!workspaceDir) {
+    try {
+      workspaceDir = execSync('git rev-parse --show-toplevel', { encoding: 'utf-8' }).trim();
+    } catch {
+      workspaceDir = process.cwd();
+    }
+  }
+  return { workspaceDir };
+}
+
+function esc(s) {
+  // Comprehensive SQL escaping for SQLite string literals
+  // Handles: single quotes, newlines, carriage returns, backslashes, null bytes
+  return String(s)
+    .replace(/\\/g, '\\\\')
+    .replace(/'/g, "''")
+    .replace(/\n/g, '\\n')
+    .replace(/\r/g, '\\r')
+    .replace(/\x00/g, '\\0');
+}
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function daysAgo(days) {
+  const d = new Date();
+  d.setDate(d.getDate() - days);
+  return d.toISOString();
+}
+
+function main() {
+  const { workspaceDir } = parseArgs();
+  const dbPath = join(workspaceDir, '.state', 'trajectory.db');
+
+  ensureSqlite3();
+
+  if (!existsSync(dbPath)) {
+    console.error(`❌ trajectory.db not found at ${dbPath}`);
+    process.exit(1);
+  }
+
+  const scenarios = [
+    // ─────────────────────────────────────────────────────────
+    // Scenario 1: Security violation — writing sensitive file
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-security-violation-001',
+      days: 5,
+      description: 'Agent wrote API key to public config (security violation)',
+      assistantText: 'I\'ve updated the config.json with the new API key for the external service.',
+      userText: '错了！你不应该把 API 密钥写到配置文件里，这是严重的安全问题！',
+      correctionCue: '错了',
+      toolCalls: [
+        { toolName: 'write', outcome: 'success', durationMs: 50, paramsJson: JSON.stringify({ path: 'public/config.json', content: '{"apiKey": "sk-1234567890"}' }) },
+        { toolName: 'read', outcome: 'success', durationMs: 30, paramsJson: JSON.stringify({ path: 'public/config.json' }) },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 85, reason: 'Wrote API key to publicly accessible config file', severity: 'severe', origin: 'assistant_self_report', text: 'Security: apiKey exposed in public/config.json' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 2: Over-engineering — 10 lines became 100
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-overengineering-002',
+      days: 4,
+      description: 'Agent turned a simple function into 100+ lines of abstraction',
+      assistantText: 'I\'ve refactored the utility function into a full class hierarchy with factory pattern, dependency injection, and abstract base classes for future extensibility.',
+      userText: '太复杂了！原来 10 行就能搞定的事情你写了 100 多行，完全没必要。',
+      correctionCue: '太复杂了',
+      toolCalls: [
+        { toolName: 'edit', outcome: 'success', durationMs: 200, paramsJson: JSON.stringify({ path: 'src/utils/format.ts' }) },
+        { toolName: 'read', outcome: 'success', durationMs: 20, paramsJson: JSON.stringify({ path: 'src/utils/format.ts' }) },
+      ],
+      painEvents: [
+        { source: 'user_empathy', score: 60, reason: 'Over-engineering: simple function replaced with unnecessary class hierarchy', severity: 'moderate', origin: 'assistant_self_report', text: 'User indicated the solution is overly complex' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 3: Boundary condition omitted — null deref
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-boundary-omission-003',
+      days: 3,
+      description: 'Agent forgot null check, causing TypeError',
+      assistantText: 'I\'ve implemented the data processor that reads from the API response and extracts the nested fields.',
+      userText: '不对，如果 API 返回 null 或空数组会直接崩溃。你需要加边界检查。',
+      correctionCue: '不对',
+      toolCalls: [
+        { toolName: 'write', outcome: 'success', durationMs: 80, paramsJson: JSON.stringify({ path: 'src/processor.ts' }) },
+        { toolName: 'exec', outcome: 'failure', durationMs: 500, errorType: 'TypeError', errorMessage: 'Cannot read properties of undefined (reading \'items\')', exitCode: 1 },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 70, reason: 'TypeError: no null check on API response before accessing nested property', severity: 'severe', origin: 'assistant_self_report', text: 'response.items accessed without null guard' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 4: Error handling missing — silent failure
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-error-handling-004',
+      days: 3,
+      description: 'Agent ignored error from file operation, continued blindly',
+      assistantText: 'I\'ve updated the migration script to process all files in the directory.',
+      userText: '错了，文件读取失败了你直接跳过了，没有任何错误处理。如果文件不存在怎么办？',
+      correctionCue: '错了',
+      toolCalls: [
+        { toolName: 'read', outcome: 'failure', durationMs: 100, errorType: 'ENOENT', errorMessage: 'ENOENT: no such file or directory, open \'migrations/v2.sql\'' },
+        { toolName: 'write', outcome: 'success', durationMs: 50, paramsJson: JSON.stringify({ path: 'migrations/runner.ts' }) },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 75, reason: 'File read failure (ENOENT) was silently ignored, no error handling or fallback', severity: 'severe', origin: 'assistant_self_report', text: 'Missing error handling for file read operation' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 5: Edit without reading — map before territory
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-edit-without-reading-005',
+      days: 2,
+      description: 'Agent edited a file without reading it first, breaking existing logic',
+      assistantText: 'I\'ve modified the auth middleware to add the new token validation logic.',
+      userText: '你根本没有读原文件就改了，现有的 token 刷新逻辑被你删掉了！',
+      correctionCue: '没有读原文件',
+      toolCalls: [
+        { toolName: 'edit', outcome: 'success', durationMs: 150, paramsJson: JSON.stringify({ path: 'src/middleware/auth.ts' }) },
+        { toolName: 'exec', outcome: 'failure', durationMs: 300, errorType: 'ReferenceError', errorMessage: 'refreshToken is not defined', exitCode: 1 },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 80, reason: 'Edit without reading: existing refreshToken logic was overwritten', severity: 'severe', origin: 'assistant_self_report', text: 'auth.ts edited without prior read, broke existing functionality' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 6: Batch operation without planning — blast radius
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-batch-without-planning-006',
+      days: 2,
+      description: 'Agent modified multiple files simultaneously without a plan',
+      assistantText: 'I\'ve updated the import paths across all files in the src/ directory to use the new module structure.',
+      userText: '你一次性改了太多文件，没有计划也没有测试。其中几个文件的 import 路径是错的。',
+      correctionCue: '没有计划',
+      toolCalls: [
+        { toolName: 'edit', outcome: 'success', durationMs: 100, paramsJson: JSON.stringify({ path: 'src/module-a/index.ts' }) },
+        { toolName: 'edit', outcome: 'success', durationMs: 100, paramsJson: JSON.stringify({ path: 'src/module-b/index.ts' }) },
+        { toolName: 'edit', outcome: 'failure', durationMs: 50, errorType: 'SyntaxError', errorMessage: 'Invalid import path: @/utils/nonexistent' },
+        { toolName: 'exec', outcome: 'failure', durationMs: 500, errorType: 'BuildError', errorMessage: 'Import errors across modified files', exitCode: 1 },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 65, reason: 'Batch edit of multiple files without planning or testing, some files broken', severity: 'moderate', origin: 'assistant_self_report', text: 'Large batch operation without verification' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 7: Continued after failure — pain as signal ignored
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-continued-after-failure-007',
+      days: 1,
+      description: 'Agent got consecutive failures but kept going without diagnosing',
+      assistantText: 'I\'ve completed the data migration pipeline. All steps are in place.',
+      userText: '前面几步都失败了你还继续执行？应该先诊断失败原因再继续。',
+      correctionCue: '应该先诊断',
+      toolCalls: [
+        { toolName: 'exec', outcome: 'failure', durationMs: 200, errorType: 'ExitCode', errorMessage: 'Step 1: schema validation failed', exitCode: 1 },
+        { toolName: 'exec', outcome: 'failure', durationMs: 150, errorType: 'ExitCode', errorMessage: 'Step 2: data transformation failed', exitCode: 1 },
+        { toolName: 'exec', outcome: 'failure', durationMs: 100, errorType: 'ExitCode', errorMessage: 'Step 3: import failed', exitCode: 1 },
+        { toolName: 'exec', outcome: 'success', durationMs: 300, paramsJson: JSON.stringify({ cmd: 'echo done' }) },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 90, reason: 'Consecutive failures ignored, agent continued without diagnosing root cause', severity: 'severe', origin: 'assistant_self_report', text: 'Pain cascade: multiple failures in sequence without pause' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 8: Complex task not decomposed — no planning
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-complex-not-decomposed-008',
+      days: 1,
+      description: 'Agent attempted a full refactor in one turn without breaking it down',
+      assistantText: 'I\'ve refactored the entire authentication system from session-based to JWT-based, updated all routes, middleware, and tests.',
+      userText: '这个改动太大了，你应该分步骤来。先写计划，再一步步改，每步验证。',
+      correctionCue: '分步骤来',
+      toolCalls: [
+        { toolName: 'edit', outcome: 'success', durationMs: 300, paramsJson: JSON.stringify({ path: 'src/auth/session.ts' }) },
+        { toolName: 'edit', outcome: 'success', durationMs: 200, paramsJson: JSON.stringify({ path: 'src/auth/middleware.ts' }) },
+        { toolName: 'exec', outcome: 'failure', durationMs: 800, errorType: 'TestFailure', errorMessage: 'Tests failing after auth refactor', exitCode: 1 },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 70, reason: 'Complex refactoring done in one turn without decomposition or incremental verification', severity: 'severe', origin: 'assistant_self_report', text: 'Large auth refactor without step-by-step approach' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 9: Architecture violation — circular dependency
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-circular-dep-009',
+      days: 1,
+      description: 'Agent introduced circular dependency between modules',
+      assistantText: 'I\'ve connected the UserService and OrderService so they can call each other directly.',
+      userText: '你引入了循环依赖！UserService 引入 OrderService，OrderService 又引入 UserService。',
+      correctionCue: '循环依赖',
+      toolCalls: [
+        { toolName: 'edit', outcome: 'success', durationMs: 100, paramsJson: JSON.stringify({ path: 'src/services/user.ts' }) },
+        { toolName: 'exec', outcome: 'failure', durationMs: 400, errorType: 'CircularDependency', errorMessage: 'Circular dependency detected: user.ts → order.ts → user.ts' },
+      ],
+      painEvents: [
+        { source: 'tool_failure', score: 75, reason: 'Circular dependency introduced between UserService and OrderService', severity: 'severe', origin: 'assistant_self_report', text: 'Architecture: circular import chain detected' },
+      ],
+    },
+
+    // ─────────────────────────────────────────────────────────
+    // Scenario 10: Pure conversation correction — no tool failures
+    // ─────────────────────────────────────────────────────────
+    {
+      sessionId: 'seed-pure-conversation-010',
+      days: 0,
+      description: 'User corrected agent\'s analysis during pure conversation',
+      assistantText: 'Based on the error logs, the issue appears to be a network timeout. I recommend increasing the timeout value to 30 seconds.',
+      userText: '不对，这不是超时问题。错误日志明明写的是 "connection refused"，是服务根本没启动。',
+      correctionCue: '不对',
+      toolCalls: [
+        { toolName: 'read', outcome: 'success', durationMs: 50, paramsJson: JSON.stringify({ path: 'logs/error.log' }) },
+      ],
+      painEvents: [
+        { source: 'user_empathy', score: 50, reason: 'Agent misdiagnosed "connection refused" as timeout, missing root cause', severity: 'moderate', origin: 'assistant_self_report', text: 'Misdiagnosis of error: connection refused vs timeout' },
+      ],
+    },
+  ];
+
+  console.log('\n🌱 Seeding nocturnal scenarios into trajectory.db\n');
+  console.log(`Workspace: ${workspaceDir}`);
+  console.log(`Database:  ${dbPath}\n`);
+
+  let inserted = 0;
+  let skipped = 0;
+
+  for (const s of scenarios) {
+    const createdAt = daysAgo(s.days);
+
+    // Check if scenario already exists with complete data (pain_events, not just sessions)
+    // This prevents partial data if the script was interrupted mid-insert
+    try {
+      const existing = runSql(dbPath, `SELECT COUNT(*) FROM pain_events WHERE session_id = '${esc(s.sessionId)}';`);
+      if (parseInt(existing) > 0) {
+        console.log(`  ⏭️  Skipping ${s.sessionId} (already exists with ${existing} pain events)`);
+        skipped++;
+        continue;
+      }
+    } catch (e) {
+      console.error(`  ❌ Failed to check ${s.sessionId}: ${e.message}`);
+      continue;
+    }
+
+    const sql = [];
+
+    // 1. Session
+    sql.push(`INSERT INTO sessions (session_id, started_at, updated_at) VALUES ('${esc(s.sessionId)}', '${createdAt}', '${createdAt}');`);
+
+    // 2. Assistant turn
+    sql.push(`INSERT INTO assistant_turns (session_id, run_id, provider, model, raw_text, sanitized_text, usage_json, empathy_signal_json, blob_ref, raw_excerpt, created_at)
+VALUES ('${esc(s.sessionId)}', 'run-${esc(s.sessionId)}', 'local', 'main', '${esc(s.assistantText)}', '${esc(s.assistantText.slice(0, 200))}', '{"total_tokens":500}', '{}', NULL, '${esc(s.assistantText.slice(0, 100))}', '${createdAt}');`);
+
+    // We need the assistant turn ID for the user turn reference
+    // Use a subquery to get it
+    sql.push(`INSERT INTO user_turns (session_id, turn_index, raw_text, blob_ref, raw_excerpt, correction_detected, correction_cue, references_assistant_turn_id, created_at)
+SELECT '${esc(s.sessionId)}', 1, '${esc(s.userText)}', NULL, '${esc(s.userText.slice(0, 100))}', ${s.correctionCue ? 1 : 0}, ${s.correctionCue ? `'${esc(s.correctionCue)}'` : 'NULL'}, id, '${createdAt}'
+FROM assistant_turns WHERE session_id = '${esc(s.sessionId)}' LIMIT 1;`);
+
+    // 3. Tool calls
+    for (const tc of s.toolCalls) {
+      sql.push(`INSERT INTO tool_calls (session_id, tool_name, outcome, duration_ms, exit_code, error_type, error_message, gfi_before, gfi_after, params_json, created_at)
+VALUES ('${esc(s.sessionId)}', '${esc(tc.toolName)}', '${esc(tc.outcome)}', ${tc.durationMs ?? 100}, ${tc.exitCode !== undefined ? tc.exitCode : 'NULL'}, ${tc.errorType ? `'${esc(tc.errorType)}'` : 'NULL'}, ${tc.errorMessage ? `'${esc(tc.errorMessage)}'` : 'NULL'}, 0, 0, ${tc.paramsJson ? `'${esc(tc.paramsJson)}'` : "'{}'"}, '${createdAt}');`);
+    }
+
+    // 4. Pain events
+    for (const pe of s.painEvents) {
+      sql.push(`INSERT INTO pain_events (session_id, source, score, reason, severity, origin, confidence, text, created_at)
+VALUES ('${esc(s.sessionId)}', '${esc(pe.source)}', ${pe.score}, '${esc(pe.reason)}', '${esc(pe.severity)}', '${esc(pe.origin)}', ${pe.confidence !== undefined ? pe.confidence : 'NULL'}, ${pe.text ? `'${esc(pe.text)}'` : 'NULL'}, '${createdAt}');`);
+    }
+
+    // Execute all SQL in one transaction via stdin piping
+    const fullSql = `BEGIN TRANSACTION;\n${sql.join('\n')}\nCOMMIT;`;
+    try {
+      execFileSync('sqlite3', [dbPath], {
+        input: fullSql,
+        encoding: 'utf-8',
+        timeout: 10000,
+      });
+      inserted++;
+      console.log(`  ✅ ${s.sessionId} — ${s.description}`);
+    } catch (e) {
+      console.error(`  ❌ Failed to insert ${s.sessionId}: ${e.message}`);
+    }
+  }
+
+  // ─────────────────────────────────────────────────────────
+  // Summary
+  // ─────────────────────────────────────────────────────────
+  console.log(`\n📊 Seed complete: ${inserted} scenarios inserted, ${skipped} skipped (already existed)`);
+
+  // Print signal diversity report
+  try {
+    const painSummary = runSql(dbPath, `.mode column\n.headers on\nSELECT source, COUNT(*) as count, ROUND(AVG(score), 1) as avg_score FROM pain_events WHERE session_id LIKE 'seed-%' GROUP BY source;`);
+    console.log('\n📈 Signal diversity report (seed scenarios only):');
+    console.log(painSummary);
+
+    const correctionSummary = runSql(dbPath, `.mode column\n.headers on\nSELECT COUNT(*) as total, SUM(CASE WHEN correction_detected = 1 THEN 1 ELSE 0 END) as with_correction FROM user_turns WHERE session_id LIKE 'seed-%';`);
+    console.log('📝 Correction scenarios:');
+    console.log(correctionSummary);
+  } catch (e) {
+    console.error(`  Failed to generate summary: ${e.message}`);
+  }
+}
+
+main();