prjct-cli 1.7.2 → 1.7.3

package/CHANGELOG.md

@@ -1,5 +1,35 @@
 # Changelog
 
+## [1.7.3] - 2026-02-07
+
+### Bug Fixes
+
+- add Zod validation and token budgets for prompt injection (PRJ-282) (#142)
+
+
+## [1.7.3] - 2026-02-07
+
+### Bug Fixes
+- **Validate auto-injected state in prompt builder (PRJ-282)**: Added `safeInject()` validation utility, token-aware truncation via `InjectionBudgetTracker`, and domain-based skill filtering to prevent oversized or irrelevant content in LLM prompts. Replaced hardcoded character limits with configurable token budgets.
+
+### Implementation Details
+- Created `core/agentic/injection-validator.ts` with `safeInject()`, `safeInjectString()`, `truncateToTokenBudget()`, `estimateTokens()`, `filterSkillsByDomains()`, and `InjectionBudgetTracker` class
+- Wired validation into `prompt-builder.ts`: auto-context truncation, agent/skill token budgets, cumulative state budget tracking
+- Skills filtered by detected task domains before injection to reduce token waste
+- 33 new unit tests covering all validation, filtering, and truncation paths
+
+### Test Plan
+
+#### For QA
+1. Run `bun test` — all 526 tests pass (33 new)
+2. Verify `safeInject()` returns fallback on corrupt data
+3. Verify `filterSkillsByDomains()` excludes irrelevant skills
+4. Verify `InjectionBudgetTracker` enforces cumulative limits
+
+#### For Users
+- No user-facing changes — validation is automatic
+- Breaking changes: None
+
 ## [1.7.2] - 2026-02-07
 
 ### Bug Fixes

package/core/__tests__/agentic/injection-validator.test.ts

@@ -0,0 +1,255 @@
+/**
+ * Injection Validator Tests
+ * Tests for safeInject, truncation, skill filtering, and budget tracking.
+ */
+
+import { describe, expect, it } from 'bun:test'
+import { z } from 'zod'
+import {
+  DEFAULT_BUDGETS,
+  estimateTokens,
+  filterSkillsByDomains,
+  InjectionBudgetTracker,
+  safeInject,
+  safeInjectString,
+  truncateToTokenBudget,
+} from '../../agentic/injection-validator'
+
+// =============================================================================
+// safeInject
+// =============================================================================
+
+describe('safeInject', () => {
+  const schema = z.object({ name: z.string(), value: z.number() })
+  const fallback = { name: 'unknown', value: 0 }
+
+  it('returns validated data on valid input', () => {
+    const data = { name: 'test', value: 42 }
+    expect(safeInject(data, schema, fallback)).toEqual(data)
+  })
+
+  it('returns fallback on invalid input', () => {
+    const data = { name: 123, value: 'bad' }
+    expect(safeInject(data, schema, fallback)).toEqual(fallback)
+  })
+
+  it('returns fallback on null input', () => {
+    expect(safeInject(null, schema, fallback)).toEqual(fallback)
+  })
+
+  it('returns fallback on undefined input', () => {
+    expect(safeInject(undefined, schema, fallback)).toEqual(fallback)
+  })
+
+  it('strips extra fields via Zod', () => {
+    const data = { name: 'test', value: 42, extra: 'ignored' }
+    const result = safeInject(data, schema, fallback)
+    expect(result.name).toBe('test')
+    expect(result.value).toBe(42)
+  })
+})
+
+// =============================================================================
+// safeInjectString
+// =============================================================================
+
+describe('safeInjectString', () => {
+  const schema = z.object({ count: z.number() })
+  const formatter = (d: { count: number }) => `Items: ${d.count}`
+
+  it('returns formatted string on valid input', () => {
+    expect(safeInjectString({ count: 5 }, schema, formatter, 'N/A')).toBe('Items: 5')
+  })
+
+  it('returns fallback string on invalid input', () => {
+    expect(safeInjectString({ count: 'bad' }, schema, formatter, 'N/A')).toBe('N/A')
+  })
+
+  it('returns fallback string on null', () => {
+    expect(safeInjectString(null, schema, formatter, 'no data')).toBe('no data')
+  })
+})
+
+// =============================================================================
+// truncateToTokenBudget
+// =============================================================================
+
+describe('truncateToTokenBudget', () => {
+  it('returns text unchanged if within budget', () => {
+    const text = 'short text'
+    expect(truncateToTokenBudget(text, 100)).toBe(text)
+  })
+
+  it('truncates text that exceeds budget', () => {
+    const text = 'a'.repeat(500) // 500 chars = ~125 tokens
+    const result = truncateToTokenBudget(text, 50) // 50 tokens = 200 chars
+    expect(result.length).toBeLessThan(500)
+    expect(result).toContain('truncated')
+    expect(result).toContain('~50 tokens')
+  })
+
+  it('truncates to exact char limit', () => {
+    const text = 'a'.repeat(100)
+    const result = truncateToTokenBudget(text, 10) // 10 tokens = 40 chars
+    expect(result.startsWith('a'.repeat(40))).toBe(true)
+  })
+
+  it('handles empty string', () => {
+    expect(truncateToTokenBudget('', 100)).toBe('')
+  })
+
+  it('handles zero budget', () => {
+    const result = truncateToTokenBudget('some text', 0)
+    expect(result).toContain('truncated')
+  })
+})
+
+// =============================================================================
+// estimateTokens
+// =============================================================================
+
+describe('estimateTokens', () => {
+  it('estimates tokens at ~4 chars per token', () => {
+    expect(estimateTokens('a'.repeat(100))).toBe(25)
+  })
+
+  it('rounds up partial tokens', () => {
+    expect(estimateTokens('abc')).toBe(1) // 3/4 = 0.75, ceil = 1
+  })
+
+  it('handles empty string', () => {
+    expect(estimateTokens('')).toBe(0)
+  })
+})
+
+// =============================================================================
+// filterSkillsByDomains
+// =============================================================================
+
+describe('filterSkillsByDomains', () => {
+  const skills = [
+    { name: 'react-patterns', content: 'React component patterns and hooks' },
+    { name: 'api-design', content: 'RESTful API design and endpoint patterns' },
+    { name: 'jest-testing', content: 'Jest test patterns and assertions' },
+    { name: 'docker-deploy', content: 'Docker and Kubernetes deployment' },
+    { name: 'general-coding', content: 'General coding best practices' },
+  ]
+
+  it('returns all skills when no domains detected', () => {
+    expect(filterSkillsByDomains(skills, [])).toEqual(skills)
+  })
+
+  it('returns all skills when skills array is empty', () => {
+    expect(filterSkillsByDomains([], ['frontend'])).toEqual([])
+  })
+
+  it('filters to frontend-relevant skills', () => {
+    const result = filterSkillsByDomains(skills, ['frontend'])
+    expect(result.some((s) => s.name === 'react-patterns')).toBe(true)
+    expect(result.some((s) => s.name === 'docker-deploy')).toBe(false)
+  })
+
+  it('filters to backend-relevant skills', () => {
+    const result = filterSkillsByDomains(skills, ['backend'])
+    expect(result.some((s) => s.name === 'api-design')).toBe(true)
+    expect(result.some((s) => s.name === 'react-patterns')).toBe(false)
+  })
+
+  it('filters to testing-relevant skills', () => {
+    const result = filterSkillsByDomains(skills, ['testing'])
+    expect(result.some((s) => s.name === 'jest-testing')).toBe(true)
+  })
+
+  it('supports multiple domains', () => {
+    const result = filterSkillsByDomains(skills, ['frontend', 'testing'])
+    expect(result.some((s) => s.name === 'react-patterns')).toBe(true)
+    expect(result.some((s) => s.name === 'jest-testing')).toBe(true)
+    expect(result.some((s) => s.name === 'docker-deploy')).toBe(false)
+  })
+
+  it('matches domain name itself as keyword', () => {
+    const customSkills = [{ name: 'devops-helper', content: 'general devops tools' }]
+    const result = filterSkillsByDomains(customSkills, ['devops'])
+    expect(result).toHaveLength(1)
+  })
+
+  it('is case insensitive', () => {
+    const result = filterSkillsByDomains(skills, ['Frontend'])
+    expect(result.some((s) => s.name === 'react-patterns')).toBe(true)
+  })
+})
+
+// =============================================================================
+// InjectionBudgetTracker
+// =============================================================================
+
+describe('InjectionBudgetTracker', () => {
+  it('tracks cumulative token usage', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 100 })
+    tracker.addSection('a'.repeat(200), 100) // 200 chars = 50 tokens
+    expect(tracker.totalUsed).toBe(50)
+    expect(tracker.remaining).toBe(50)
+  })
+
+  it('truncates sections to per-section budget', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 1000 })
+    const result = tracker.addSection('a'.repeat(500), 50) // budget: 50 tokens = 200 chars
+    expect(result.length).toBeLessThan(500)
+  })
+
+  it('returns empty string when total budget exhausted', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 10 })
+    tracker.addSection('a'.repeat(100), 50) // uses all 10 tokens of total budget
+    const result = tracker.addSection('more content', 50)
+    expect(result).toBe('')
+  })
+
+  it('fits content to remaining total budget', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 30 })
+    tracker.addSection('a'.repeat(80), 30) // 80 chars = 20 tokens
+    // Remaining: 10 tokens
+    const result = tracker.addSection('b'.repeat(200), 100) // wants 100 tokens, only 10 left
+    expect(result.length).toBeLessThan(200)
+    expect(tracker.remaining).toBe(0)
+  })
+
+  it('uses default budgets when none provided', () => {
+    const tracker = new InjectionBudgetTracker()
+    expect(tracker.config.totalPrompt).toBe(DEFAULT_BUDGETS.totalPrompt)
+    expect(tracker.config.autoContext).toBe(DEFAULT_BUDGETS.autoContext)
+  })
+
+  it('allows partial budget overrides', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 5000 })
+    expect(tracker.config.totalPrompt).toBe(5000)
+    expect(tracker.config.autoContext).toBe(DEFAULT_BUDGETS.autoContext) // unchanged
+  })
+
+  it('remaining never goes negative', () => {
+    const tracker = new InjectionBudgetTracker({ totalPrompt: 5 })
+    tracker.addSection('a'.repeat(1000), 500)
+    expect(tracker.remaining).toBe(0)
+  })
+})
+
+// =============================================================================
+// DEFAULT_BUDGETS
+// =============================================================================
+
+describe('DEFAULT_BUDGETS', () => {
+  it('has all required fields', () => {
+    expect(DEFAULT_BUDGETS.autoContext).toBeGreaterThan(0)
+    expect(DEFAULT_BUDGETS.agentContent).toBeGreaterThan(0)
+    expect(DEFAULT_BUDGETS.skillContent).toBeGreaterThan(0)
+    expect(DEFAULT_BUDGETS.stateData).toBeGreaterThan(0)
+    expect(DEFAULT_BUDGETS.memories).toBeGreaterThan(0)
+    expect(DEFAULT_BUDGETS.totalPrompt).toBeGreaterThan(0)
+  })
+
+  it('totalPrompt is larger than individual budgets', () => {
+    expect(DEFAULT_BUDGETS.totalPrompt).toBeGreaterThan(DEFAULT_BUDGETS.autoContext)
+    expect(DEFAULT_BUDGETS.totalPrompt).toBeGreaterThan(DEFAULT_BUDGETS.agentContent)
+    expect(DEFAULT_BUDGETS.totalPrompt).toBeGreaterThan(DEFAULT_BUDGETS.skillContent)
+    expect(DEFAULT_BUDGETS.totalPrompt).toBeGreaterThan(DEFAULT_BUDGETS.stateData)
+  })
+})

package/core/agentic/injection-validator.ts

@@ -0,0 +1,192 @@
+/**
+ * Injection Validator
+ *
+ * Validates data before auto-injection into LLM prompts.
+ * Corrupted or oversized data gets safe fallbacks instead of broken context.
+ *
+ * @module agentic/injection-validator
+ */
+
+import type { z } from 'zod'
+
+// =============================================================================
+// Token Budget Configuration
+// =============================================================================
+
+/** Configurable token budgets per injection section */
+export interface InjectionBudgets {
+  /** Auto-injected context (task + queue + patterns) */
+  autoContext: number
+  /** Per-agent content in orchestrator */
+  agentContent: number
+  /** Per-skill content in orchestrator */
+  skillContent: number
+  /** State data section */
+  stateData: number
+  /** Memories section */
+  memories: number
+  /** Total prompt ceiling (all sections combined) */
+  totalPrompt: number
+}
+
+/** Default budgets (in estimated tokens, ~4 chars per token) */
+export const DEFAULT_BUDGETS: InjectionBudgets = {
+  autoContext: 500,
+  agentContent: 400,
+  skillContent: 500,
+  stateData: 1000,
+  memories: 600,
+  totalPrompt: 8000,
+}
+
+// Approximate chars-per-token ratio
+const CHARS_PER_TOKEN = 4
+
+// =============================================================================
+// Safe Injection
+// =============================================================================
+
+/**
+ * Validate data against a Zod schema before injection.
+ * Returns validated data on success, or the fallback on failure.
+ */
+export function safeInject<T>(data: unknown, schema: z.ZodType<T>, fallback: T): T {
+  const result = schema.safeParse(data)
+  if (result.success) {
+    return result.data
+  }
+  return fallback
+}
+
+/**
+ * Validate and stringify data for prompt injection.
+ * Returns formatted string on success, or fallback string on failure.
+ */
+export function safeInjectString<T>(
+  data: unknown,
+  schema: z.ZodType<T>,
+  formatter: (valid: T) => string,
+  fallbackString: string
+): string {
+  const result = schema.safeParse(data)
+  if (result.success) {
+    return formatter(result.data)
+  }
+  return fallbackString
+}
+
+// =============================================================================
+// Token-Aware Truncation
+// =============================================================================
+
+/**
+ * Truncate text to fit within a token budget.
+ * Uses char-based estimation (~4 chars/token).
+ */
+export function truncateToTokenBudget(text: string, maxTokens: number): string {
+  const maxChars = maxTokens * CHARS_PER_TOKEN
+  if (text.length <= maxChars) return text
+  return `${text.substring(0, maxChars)}\n... (truncated to ~${maxTokens} tokens)`
+}
+
+/**
+ * Estimate token count for a string.
+ */
+export function estimateTokens(text: string): number {
+  return Math.ceil(text.length / CHARS_PER_TOKEN)
+}
+
+// =============================================================================
+// Skill Filtering
+// =============================================================================
+
+/** Domain keywords for matching skills to task domains */
+const DOMAIN_KEYWORDS: Record<string, string[]> = {
+  frontend: ['react', 'vue', 'svelte', 'css', 'html', 'ui', 'component', 'frontend', 'web', 'dom'],
+  backend: ['api', 'server', 'backend', 'endpoint', 'route', 'middleware', 'database', 'sql'],
+  testing: ['test', 'spec', 'jest', 'vitest', 'cypress', 'playwright', 'coverage', 'assert'],
+  devops: ['docker', 'ci', 'cd', 'deploy', 'kubernetes', 'terraform', 'pipeline', 'github-actions'],
+  docs: ['documentation', 'readme', 'guide', 'tutorial', 'markdown'],
+  design: ['design', 'ux', 'ui', 'figma', 'wireframe', 'layout', 'accessibility'],
+}
+
+/**
+ * Filter skills by relevance to detected task domains.
+ * Returns only skills whose content matches the task's domains.
+ */
+export function filterSkillsByDomains(
+  skills: { name: string; content: string }[],
+  detectedDomains: string[]
+): { name: string; content: string }[] {
+  if (detectedDomains.length === 0 || skills.length === 0) return skills
+
+  // Build keyword set from detected domains
+  const relevantKeywords = new Set<string>()
+  for (const domain of detectedDomains) {
+    const keywords = DOMAIN_KEYWORDS[domain.toLowerCase()]
+    if (keywords) {
+      for (const kw of keywords) relevantKeywords.add(kw)
+    }
+    // Also add the domain name itself
+    relevantKeywords.add(domain.toLowerCase())
+  }
+
+  return skills.filter((skill) => {
+    const text = `${skill.name} ${skill.content}`.toLowerCase()
+    // Keep skill if any relevant keyword appears in its name or content
+    for (const kw of relevantKeywords) {
+      if (text.includes(kw)) return true
+    }
+    return false
+  })
+}
+
+// =============================================================================
+// Section Budget Tracker
+// =============================================================================
+
+/**
+ * Tracks cumulative token usage across injection sections.
+ * Allows checking remaining budget before adding more content.
+ */
+export class InjectionBudgetTracker {
+  private used = 0
+  private budgets: InjectionBudgets
+
+  constructor(budgets: Partial<InjectionBudgets> = {}) {
+    this.budgets = { ...DEFAULT_BUDGETS, ...budgets }
+  }
+
+  /** Add content and return it (possibly truncated to fit budget) */
+  addSection(content: string, sectionBudget: number): string {
+    const truncated = truncateToTokenBudget(content, sectionBudget)
+    const tokens = estimateTokens(truncated)
+
+    // Check total budget
+    if (this.used + tokens > this.budgets.totalPrompt) {
+      const remaining = this.budgets.totalPrompt - this.used
+      if (remaining <= 0) return ''
+      const fitted = truncateToTokenBudget(truncated, remaining)
+      this.used += estimateTokens(fitted)
+      return fitted
+    }
+
+    this.used += tokens
+    return truncated
+  }
+
+  /** Get remaining token budget */
+  get remaining(): number {
+    return Math.max(0, this.budgets.totalPrompt - this.used)
+  }
+
+  /** Get total tokens used */
+  get totalUsed(): number {
+    return this.used
+  }
+
+  /** Get the budgets config */
+  get config(): InjectionBudgets {
+    return this.budgets
+  }
+}

package/core/agentic/prompt-builder.ts

@@ -28,6 +28,12 @@ import type {
 import { getErrorMessage, isNotFoundError } from '../types/fs'
 import { fileExists } from '../utils/fs-helpers'
 import { PACKAGE_ROOT } from '../utils/version'
+import {
+  DEFAULT_BUDGETS,
+  filterSkillsByDomains,
+  InjectionBudgetTracker,
+  truncateToTokenBudget,
+} from './injection-validator'
 
 // Re-export types for convenience
 export type {
@@ -288,7 +294,8 @@ class PromptBuilder {
     parts.push('---')
     parts.push('')
 
-    return parts.join('\n')
+    const result = parts.join('\n')
+    return truncateToTokenBudget(result, DEFAULT_BUDGETS.autoContext)
   }
 
   /**
@@ -464,25 +471,29 @@ class PromptBuilder {
           if (agent.skills.length > 0) {
             parts.push(`Skills: ${agent.skills.join(', ')}\n`)
           }
-          // Include first 1500 chars of agent content
-          const truncatedContent =
-            agent.content.length > 1500
-              ? `${agent.content.substring(0, 1500)}\n... (truncated, read full file for more)`
-              : agent.content
+          // Truncate agent content to token budget
+          const truncatedContent = truncateToTokenBudget(
+            agent.content,
+            DEFAULT_BUDGETS.agentContent
+          )
           parts.push(`\`\`\`markdown\n${truncatedContent}\n\`\`\`\n\n`)
         }
       }
 
-      // Inject loaded skill content (truncated)
-      if (orchestratorContext.skills.length > 0) {
+      // Filter skills by detected domains, then inject (truncated)
+      const relevantSkills = filterSkillsByDomains(
+        orchestratorContext.skills,
+        orchestratorContext.detectedDomains
+      )
+      if (relevantSkills.length > 0) {
         parts.push('### LOADED SKILLS (From Agent Frontmatter)\n\n')
-        for (const skill of orchestratorContext.skills) {
+        for (const skill of relevantSkills) {
           parts.push(`#### Skill: ${skill.name}\n`)
-          // Include first 2000 chars of skill content
-          const truncatedContent =
-            skill.content.length > 2000
-              ? `${skill.content.substring(0, 2000)}\n... (truncated)`
-              : skill.content
+          // Truncate skill content to token budget
+          const truncatedContent = truncateToTokenBudget(
+            skill.content,
+            DEFAULT_BUDGETS.skillContent
+          )
           parts.push(`\`\`\`markdown\n${truncatedContent}\n\`\`\`\n\n`)
         }
       }
@@ -721,28 +732,21 @@ class PromptBuilder {
   }
 
   /**
-   * Filter state data to include only relevant portions for the prompt
+   * Filter state data to include only relevant portions for the prompt.
+   * Uses InjectionBudgetTracker to enforce cumulative token limits.
    */
   filterRelevantState(state: State): string | null {
     if (!state || Object.keys(state).length === 0) return null
 
+    const tracker = new InjectionBudgetTracker({ totalPrompt: DEFAULT_BUDGETS.stateData })
+    const criticalFiles = ['now', 'next', 'context', 'analysis', 'codePatterns']
     const relevant: string[] = []
+
     for (const [key, content] of Object.entries(state)) {
       if (content && (content as string).trim()) {
-        const criticalFiles = ['now', 'next', 'context', 'analysis', 'codePatterns']
-        if (criticalFiles.includes(key)) {
-          const display =
-            (content as string).length > 2000
-              ? `${(content as string).substring(0, 2000)}\n... (truncated)`
-              : content
-          relevant.push(`### ${key}\n${display}`)
-        } else if ((content as string).length < 1000) {
-          relevant.push(`### ${key}\n${content}`)
-        } else {
-          relevant.push(
-            `### ${key}\n${(content as string).substring(0, 500)}... (truncated, use Read tool for full content)`
-          )
-        }
+        const sectionBudget = criticalFiles.includes(key) ? 500 : 250
+        const section = tracker.addSection(`### ${key}\n${content}`, sectionBudget)
+        if (section) relevant.push(section)
       }
     }
 
@@ -793,7 +797,8 @@ class PromptBuilder {
       parts.push(`\nAvoid:\n${antiPatterns}`)
     }
 
-    const result = parts.join('\n').substring(0, 800)
+    const joined = parts.join('\n')
+    const result = truncateToTokenBudget(joined, 200) // ~800 chars
     return result || null
   }
 

package/dist/bin/prjct.mjs

@@ -14219,6 +14219,97 @@ var init_outcomes2 = __esm({
   }
 });
 
+// core/agentic/injection-validator.ts
+function truncateToTokenBudget(text, maxTokens) {
+  const maxChars = maxTokens * CHARS_PER_TOKEN2;
+  if (text.length <= maxChars) return text;
+  return `${text.substring(0, maxChars)}
+... (truncated to ~${maxTokens} tokens)`;
+}
+function estimateTokens(text) {
+  return Math.ceil(text.length / CHARS_PER_TOKEN2);
+}
+function filterSkillsByDomains(skills, detectedDomains) {
+  if (detectedDomains.length === 0 || skills.length === 0) return skills;
+  const relevantKeywords = /* @__PURE__ */ new Set();
+  for (const domain of detectedDomains) {
+    const keywords = DOMAIN_KEYWORDS3[domain.toLowerCase()];
+    if (keywords) {
+      for (const kw of keywords) relevantKeywords.add(kw);
+    }
+    relevantKeywords.add(domain.toLowerCase());
+  }
+  return skills.filter((skill) => {
+    const text = `${skill.name} ${skill.content}`.toLowerCase();
+    for (const kw of relevantKeywords) {
+      if (text.includes(kw)) return true;
+    }
+    return false;
+  });
+}
+var DEFAULT_BUDGETS, CHARS_PER_TOKEN2, DOMAIN_KEYWORDS3, InjectionBudgetTracker;
+var init_injection_validator = __esm({
+  "core/agentic/injection-validator.ts"() {
+    "use strict";
+    DEFAULT_BUDGETS = {
+      autoContext: 500,
+      agentContent: 400,
+      skillContent: 500,
+      stateData: 1e3,
+      memories: 600,
+      totalPrompt: 8e3
+    };
+    CHARS_PER_TOKEN2 = 4;
+    __name(truncateToTokenBudget, "truncateToTokenBudget");
+    __name(estimateTokens, "estimateTokens");
+    DOMAIN_KEYWORDS3 = {
+      frontend: ["react", "vue", "svelte", "css", "html", "ui", "component", "frontend", "web", "dom"],
+      backend: ["api", "server", "backend", "endpoint", "route", "middleware", "database", "sql"],
+      testing: ["test", "spec", "jest", "vitest", "cypress", "playwright", "coverage", "assert"],
+      devops: ["docker", "ci", "cd", "deploy", "kubernetes", "terraform", "pipeline", "github-actions"],
+      docs: ["documentation", "readme", "guide", "tutorial", "markdown"],
+      design: ["design", "ux", "ui", "figma", "wireframe", "layout", "accessibility"]
+    };
+    __name(filterSkillsByDomains, "filterSkillsByDomains");
+    InjectionBudgetTracker = class {
+      static {
+        __name(this, "InjectionBudgetTracker");
+      }
+      used = 0;
+      budgets;
+      constructor(budgets = {}) {
+        this.budgets = { ...DEFAULT_BUDGETS, ...budgets };
+      }
+      /** Add content and return it (possibly truncated to fit budget) */
+      addSection(content, sectionBudget) {
+        const truncated = truncateToTokenBudget(content, sectionBudget);
+        const tokens = estimateTokens(truncated);
+        if (this.used + tokens > this.budgets.totalPrompt) {
+          const remaining = this.budgets.totalPrompt - this.used;
+          if (remaining <= 0) return "";
+          const fitted = truncateToTokenBudget(truncated, remaining);
+          this.used += estimateTokens(fitted);
+          return fitted;
+        }
+        this.used += tokens;
+        return truncated;
+      }
+      /** Get remaining token budget */
+      get remaining() {
+        return Math.max(0, this.budgets.totalPrompt - this.used);
+      }
+      /** Get total tokens used */
+      get totalUsed() {
+        return this.used;
+      }
+      /** Get the budgets config */
+      get config() {
+        return this.budgets;
+      }
+    };
+  }
+});
+
 // core/agentic/prompt-builder.ts
 import fs29 from "node:fs/promises";
 import path28 from "node:path";
@@ -14231,6 +14322,7 @@ var init_prompt_builder = __esm({
     init_fs();
     init_fs_helpers();
     init_version();
+    init_injection_validator();
     PromptBuilder = class {
       static {
         __name(this, "PromptBuilder");
@@ -14426,7 +14518,8 @@ var init_prompt_builder = __esm({
         }
         parts.push("---");
         parts.push("");
-        return parts.join("\n");
+        const result = parts.join("\n");
+        return truncateToTokenBudget(result, DEFAULT_BUDGETS.autoContext);
       }
       /**
        * Calculate elapsed time from ISO timestamp.
@@ -14560,8 +14653,10 @@ Apply specialized expertise. Read agent file for details if needed.
                 parts.push(`Skills: ${agent2.skills.join(", ")}
 `);
               }
-              const truncatedContent = agent2.content.length > 1500 ? `${agent2.content.substring(0, 1500)}
-... (truncated, read full file for more)` : agent2.content;
+              const truncatedContent = truncateToTokenBudget(
+                agent2.content,
+                DEFAULT_BUDGETS.agentContent
+              );
               parts.push(`\`\`\`markdown
 ${truncatedContent}
 \`\`\`
@@ -14569,13 +14664,19 @@ ${truncatedContent}
 `);
             }
           }
-          if (orchestratorContext.skills.length > 0) {
+          const relevantSkills = filterSkillsByDomains(
+            orchestratorContext.skills,
+            orchestratorContext.detectedDomains
+          );
+          if (relevantSkills.length > 0) {
             parts.push("### LOADED SKILLS (From Agent Frontmatter)\n\n");
-            for (const skill of orchestratorContext.skills) {
+            for (const skill of relevantSkills) {
               parts.push(`#### Skill: ${skill.name}
 `);
-              const truncatedContent = skill.content.length > 2e3 ? `${skill.content.substring(0, 2e3)}
-... (truncated)` : skill.content;
+              const truncatedContent = truncateToTokenBudget(
+                skill.content,
+                DEFAULT_BUDGETS.skillContent
+              );
               parts.push(`\`\`\`markdown
 ${truncatedContent}
 \`\`\`
@@ -14803,28 +14904,20 @@ Show changes, list affected files, ask for confirmation.
         return parts.join("");
       }
       /**
-       * Filter state data to include only relevant portions for the prompt
+       * Filter state data to include only relevant portions for the prompt.
+       * Uses InjectionBudgetTracker to enforce cumulative token limits.
        */
       filterRelevantState(state) {
         if (!state || Object.keys(state).length === 0) return null;
+        const tracker = new InjectionBudgetTracker({ totalPrompt: DEFAULT_BUDGETS.stateData });
+        const criticalFiles = ["now", "next", "context", "analysis", "codePatterns"];
         const relevant = [];
         for (const [key, content] of Object.entries(state)) {
           if (content && content.trim()) {
-            const criticalFiles = ["now", "next", "context", "analysis", "codePatterns"];
-            if (criticalFiles.includes(key)) {
-              const display = content.length > 2e3 ? `${content.substring(0, 2e3)}
-... (truncated)` : content;
-              relevant.push(`### ${key}
-${display}`);
-            } else if (content.length < 1e3) {
-              relevant.push(`### ${key}
-${content}`);
-            } else {
-              relevant.push(
-                `### ${key}
-${content.substring(0, 500)}... (truncated, use Read tool for full content)`
-              );
-            }
+            const sectionBudget = criticalFiles.includes(key) ? 500 : 250;
+            const section = tracker.addSection(`### ${key}
+${content}`, sectionBudget);
+            if (section) relevant.push(section);
           }
         }
         return relevant.length > 0 ? relevant.join("\n\n") : null;
@@ -14865,7 +14958,8 @@ ${content.substring(0, 500)}... (truncated, use Read tool for full content)`
 Avoid:
 ${antiPatterns}`);
         }
-        const result = parts.join("\n").substring(0, 800);
+        const joined = parts.join("\n");
+        const result = truncateToTokenBudget(joined, 200);
         return result || null;
       }
       /**
@@ -16233,13 +16327,13 @@ var init_breakdown_service = __esm({
 });
 
 // core/services/context-selector.ts
-var DEFAULT_TOKEN_BUDGET, DOMAIN_KEYWORDS3, ContextSelector, contextSelector;
+var DEFAULT_TOKEN_BUDGET, DOMAIN_KEYWORDS4, ContextSelector, contextSelector;
 var init_context_selector = __esm({
   "core/services/context-selector.ts"() {
     "use strict";
     init_index_storage();
     DEFAULT_TOKEN_BUDGET = 8e4;
-    DOMAIN_KEYWORDS3 = {
+    DOMAIN_KEYWORDS4 = {
       payments: [
         "payment",
         "pay",
@@ -16422,7 +16516,7 @@ var init_context_selector = __esm({
       detectTaskDomains(description, projectDomains) {
         const normalizedDesc = description.toLowerCase();
         const detectedDomains = /* @__PURE__ */ new Set();
-        for (const [domain, keywords] of Object.entries(DOMAIN_KEYWORDS3)) {
+        for (const [domain, keywords] of Object.entries(DOMAIN_KEYWORDS4)) {
           for (const keyword of keywords) {
             if (normalizedDesc.includes(keyword)) {
               detectedDomains.add(domain);
@@ -19043,8 +19137,8 @@ var init_analyzer2 = __esm({
 
 // core/services/diff-generator.ts
 import chalk11 from "chalk";
-function estimateTokens(content) {
-  return Math.ceil(content.length / CHARS_PER_TOKEN2);
+function estimateTokens2(content) {
+  return Math.ceil(content.length / CHARS_PER_TOKEN3);
 }
 function parseMarkdownSections(content) {
   const lines = content.split("\n");
@@ -19087,8 +19181,8 @@ function generateSyncDiff(oldContent, newContent) {
     modified: [],
     removed: [],
     preserved: [],
-    tokensBefore: estimateTokens(oldContent),
-    tokensAfter: estimateTokens(newContent),
+    tokensBefore: estimateTokens2(oldContent),
+    tokensAfter: estimateTokens2(newContent),
     tokenDelta: 0
   };
   diff.tokenDelta = diff.tokensAfter - diff.tokensBefore;
@@ -19242,12 +19336,12 @@ function formatFullDiff(diff, options = {}) {
   }
   return lines.join("\n");
 }
-var CHARS_PER_TOKEN2;
+var CHARS_PER_TOKEN3;
 var init_diff_generator = __esm({
   "core/services/diff-generator.ts"() {
     "use strict";
-    CHARS_PER_TOKEN2 = 4;
-    __name(estimateTokens, "estimateTokens");
+    CHARS_PER_TOKEN3 = 4;
+    __name(estimateTokens2, "estimateTokens");
     __name(parseMarkdownSections, "parseMarkdownSections");
     __name(isPreservedSection, "isPreservedSection");
     __name(generateSyncDiff, "generateSyncDiff");
@@ -23429,7 +23523,7 @@ You are the ${name} expert for this project. Apply best practices for the detect
        * Token estimation: ~4 chars per token (industry standard)
        */
       async recordSyncMetrics(stats, contextFiles, agents, duration) {
-        const CHARS_PER_TOKEN3 = 4;
+        const CHARS_PER_TOKEN4 = 4;
         let filteredChars = 0;
         for (const file of contextFiles) {
           try {
@@ -23452,7 +23546,7 @@ You are the ${name} expert for this project. Apply best practices for the detect
             });
           }
         }
-        const filteredSize = Math.floor(filteredChars / CHARS_PER_TOKEN3);
+        const filteredSize = Math.floor(filteredChars / CHARS_PER_TOKEN4);
         const avgTokensPerFile = 500;
         const originalSize = stats.fileCount * avgTokensPerFile;
         const compressionRate = originalSize > 0 ? Math.max(0, (originalSize - filteredSize) / originalSize) : 0;
@@ -29016,7 +29110,7 @@ var require_package = __commonJS({
   "package.json"(exports, module) {
     module.exports = {
       name: "prjct-cli",
-      version: "1.7.2",
+      version: "1.7.3",
       description: "Context layer for AI agents. Project context for Claude Code, Gemini CLI, and more.",
       main: "core/index.ts",
       bin: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prjct-cli",
-  "version": "1.7.2",
+  "version": "1.7.3",
   "description": "Context layer for AI agents. Project context for Claude Code, Gemini CLI, and more.",
   "main": "core/index.ts",
   "bin": {