salmon-loop 0.3.0 → 0.3.2

package/dist/core/context/service.js

@@ -163,7 +163,7 @@ export class ContextService {
             const absoluteFile = defaultPathAdapter.resolve(repoPath, relativeFile);
             try {
                 const stat = await this.fileAdapter.stat(absoluteFile);
-                parts.push(`${relativeFile}:${stat.mtimeMs}:${stat.size}`);
+                parts.push(this.formatStatSignature(relativeFile, stat));
             }
             catch {
                 parts.push(`${relativeFile}:missing`);
@@ -182,7 +182,7 @@ export class ContextService {
             const gitPath = defaultPathAdapter.resolve(repoPath, rel);
             try {
                 const stat = await this.fileAdapter.stat(gitPath);
-                parts.push(`${rel}:${stat.mtimeMs}:${stat.size}`);
+                parts.push(this.formatStatSignature(rel, stat));
             }
             catch {
                 parts.push(`${rel}:missing`);
@@ -190,6 +190,9 @@ export class ContextService {
         }
         return parts;
     }
+    formatStatSignature(relativePath, stat) {
+        return `${relativePath}:${stat.mtimeMs}:${stat.ctimeMs ?? 0}:${stat.size}`;
+    }
     getEntryTimestamp(entry) {
         return entry.lastAccessedAt ?? entry.createdAt ?? 0;
     }
@@ -211,25 +214,48 @@ export class ContextService {
         return true;
     }
     async evictExpiredEntries() {
-        for (const [key, entry] of await this.cacheStore.entries()) {
-            await this.isExpired(key, entry);
+        const entries = Array.from(await this.cacheStore.entries());
+        const now = Date.now();
+        const expiredEntries = entries.filter(([, entry]) => {
+            const last = this.getEntryTimestamp(entry);
+            return last && now - last > this.cacheTtlMs;
+        });
+        for (let i = 0; i < expiredEntries.length; i += 10) {
+            const chunk = expiredEntries.slice(i, i + 10);
+            await Promise.all(chunk.map(([key, entry]) => this.isExpired(key, entry)));
         }
     }
     async evictLruIfNeeded() {
-        while ((await this.cacheStore.size()) > this.cacheMaxEntries) {
+        const size = await this.cacheStore.size();
+        if (size <= this.cacheMaxEntries)
+            return;
+        const excess = size - this.cacheMaxEntries;
+        const entries = Array.from(await this.cacheStore.entries());
+        if (excess === 1) {
             let victimKey;
             let victimTs = Number.POSITIVE_INFINITY;
-            for (const [key, entry] of await this.cacheStore.entries()) {
+            for (const [key, entry] of entries) {
                 const ts = this.getEntryTimestamp(entry);
                 if (ts < victimTs) {
                     victimTs = ts;
                     victimKey = key;
                 }
             }
-            if (!victimKey)
-                break;
-            await this.cacheStore.delete(victimKey);
-            this.cacheMetrics.evictions += 1;
+            if (victimKey) {
+                await this.cacheStore.delete(victimKey);
+                this.cacheMetrics.evictions += 1;
+            }
+        }
+        else {
+            entries.sort((a, b) => (this.getEntryTimestamp(a[1]) || 0) - (this.getEntryTimestamp(b[1]) || 0));
+            const victims = entries.slice(0, excess);
+            for (let i = 0; i < victims.length; i += 10) {
+                const chunk = victims.slice(i, i + 10);
+                await Promise.all(chunk.map(async ([key]) => {
+                    await this.cacheStore.delete(key);
+                    this.cacheMetrics.evictions += 1;
+                }));
+            }
         }
     }
     async getCacheStats() {

package/dist/core/extensions/index.js

@@ -1,4 +1,5 @@
 import path from 'node:path';
+import { buildResolvedMcpServersV2 } from '../mcp/config/index.js';
 import { getLogger } from '../observability/logger.js';
 import { loadConfig } from './load.js';
 import { mergeScopedEntries } from './merge.js';
@@ -14,40 +15,6 @@ function resolvePathForScope(value, scope, repoRoot) {
     const expanded = expandHome(value);
     return scope === 'repo' ? resolveRepoRelative(repoRoot, expanded) : resolveUserRelative(expanded);
 }
-function buildResolvedServers(entries, repoRoot) {
-    return entries.map((entry) => {
-        const scope = entry.scope;
-        const source = entry.entry;
-        const enabled = source.enabled ?? defaultEnabled(scope);
-        if (source.url) {
-            return {
-                name: entry.key,
-                enabled,
-                transport: 'http',
-                url: source.url,
-                headers: source.headers ?? {},
-                allowTools: source.allow?.tools ?? [],
-                allowResources: source.allow?.resources ?? [],
-                scope,
-            };
-        }
-        if (!source.command) {
-            throw new Error(`Invalid MCP server entry ${entry.key}: missing "command" or "url"`);
-        }
-        return {
-            name: entry.key,
-            enabled,
-            transport: 'stdio',
-            command: source.command,
-            args: source.args ?? [],
-            env: source.env ?? {},
-            cwd: resolvePathForScope(source.cwd, scope, repoRoot),
-            allowTools: source.allow?.tools ?? [],
-            allowResources: source.allow?.resources ?? [],
-            scope,
-        };
-    });
-}
 function buildResolvedPlugins(entries, repoRoot) {
     return entries.map((entry) => {
         const scope = entry.scope;
@@ -117,7 +84,7 @@ export async function resolveExtensions(options) {
     const mergedServers = mergeScopedEntries(userMcp?.config.servers, repoMcp?.config.servers);
     const mergedPlugins = mergeScopedEntries(userTools?.config.plugins, repoTools?.config.plugins);
     const resolved = {
-        mcpServers: buildResolvedServers(mergedServers, repoRoot),
+        mcpServers: buildResolvedMcpServersV2(mergedServers, repoRoot),
         toolPlugins: buildResolvedPlugins(mergedPlugins, repoRoot),
         skillDiscovery: buildResolvedSkills(userSkills?.config, repoSkills?.config, repoRoot),
     };

package/dist/core/extensions/redact.js

@@ -17,15 +17,21 @@ function redactHeaders(headers) {
     return output;
 }
 function redactServer(server) {
-    if (server.transport === 'http') {
+    if (server.transport.type === 'http') {
         return {
             ...server,
-            headers: redactHeaders(server.headers || {}),
+            transport: {
+                ...server.transport,
+                headers: redactHeaders(server.transport.headers || {}),
+            },
         };
     }
     return {
         ...server,
-        env: redactEnv(server.env || {}),
+        transport: {
+            ...server.transport,
+            env: redactEnv(server.transport.env || {}),
+        },
     };
 }
 export function redactExtensions(extensions) {

package/dist/core/extensions/schemas.js

@@ -1,55 +1,6 @@
 import { z } from 'zod';
-const mcpAllowSchema = z.object({
-    tools: z.array(z.string()).optional(),
-    resources: z.array(z.string()).optional(),
-});
-const mcpServerSchema = z
-    .object({
-    enabled: z.boolean().optional(),
-    command: z.string().optional(),
-    url: z.string().url().optional(),
-    args: z.array(z.string()).optional(),
-    env: z.record(z.string(), z.string()).optional(),
-    headers: z.record(z.string(), z.string()).optional(),
-    cwd: z.string().optional(),
-    allow: mcpAllowSchema.optional(),
-})
-    .superRefine((value, ctx) => {
-    const hasCommand = Boolean(value.command);
-    const hasUrl = Boolean(value.url);
-    if (hasCommand === hasUrl) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: 'MCP server entry must include exactly one of "command" or "url".',
-            path: ['command'],
-        });
-    }
-    if (hasUrl && value.args && value.args.length > 0) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: '"args" is only valid for stdio MCP servers ("command" transport).',
-            path: ['args'],
-        });
-    }
-    if (hasUrl && value.cwd) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: '"cwd" is only valid for stdio MCP servers ("command" transport).',
-            path: ['cwd'],
-        });
-    }
-    if (hasUrl && value.env && Object.keys(value.env).length > 0) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: '"env" is only valid for stdio MCP servers ("command" transport).',
-            path: ['env'],
-        });
-    }
-});
-export const McpConfigSchema = z.object({
-    version: z.literal(1),
-    servers: z.record(z.string(), mcpServerSchema).optional().default({}),
-});
+import { McpConfigV2Schema } from '../mcp/config/schema-v2.js';
+export const McpConfigSchema = McpConfigV2Schema;
 const toolPluginSchema = z.object({
     enabled: z.boolean().optional(),
     path: z.string(),

package/dist/core/facades/cli-authorization-non-interactive.js

@@ -1,3 +1,3 @@
+export { McpConnectionManager } from '../mcp/client/connection-manager.js';
 export { getLogger } from '../observability/logger.js';
-export { McpClient } from '../tools/mcp/client.js';
 //# sourceMappingURL=cli-authorization-non-interactive.js.map

package/dist/core/facades/cli-serve.js

@@ -10,7 +10,6 @@ export { PluginLoader } from '../plugin/loader.js';
 export { clearPluginRegistry, createPluginRegistry, setPluginRegistry, } from '../plugin/registry.js';
 export { clearPromptRegistry, createPromptRegistry, setPromptRegistry, } from '../prompts/registry.js';
 export { buildA2AAgentCard } from '../protocols/a2a/agent-card.js';
-export { buildA2AFlowSkills } from '../protocols/shared/flow-mode-mapping.js';
 export { createAcpFormalAgent } from '../protocols/acp/formal-agent.js';
 export { startAcpStdioServer } from '../protocols/acp/stdio-server.js';
 export { createAgentServerRuntime } from '../runtime/agent-server-runtime.js';

package/dist/core/grizzco/dsl/strategies.js

@@ -15,9 +15,7 @@ export const SafetyChecks = (engine) => {
         .require((c) => !c.file.isIgnored || c.options.force, 'Refusing to modify ignored file without --force')
         .phase('Lock Check')
         .requireData('remote_lock')
-        .require((c) => !c.data?.remote_lock?.isLocked, text.grizzco.remoteLocked)
-        .requireData('git_config')
-        .require((c) => !!(c.data?.git_config?.user?.name && c.data?.git_config?.user?.email), text.grizzco.gitUserConfigMissing);
+        .require((c) => !c.data?.remote_lock?.isLocked, text.grizzco.remoteLocked);
 };
 export const IntentRouting = (engine) => {
     return engine

package/dist/core/grizzco/engine/outcome/loop-result-mapper.js

@@ -135,17 +135,21 @@ export function buildLoopResultFromTransaction({ executionReport, flowMode, opti
         };
     }
     const retryFailureReason = executionReport.history.at(-1)?.error ?? text.loop.loopExecutionFailed;
-    const failureReason = executionReport.terminalReason ||
-        (executionReport.retryExhausted ? text.loop.exceededMaxRetriesSimple : retryFailureReason);
+    const failureReason = executionReport.retryExhausted
+        ? text.loop.exceededMaxRetriesSimple
+        : executionReport.terminalReason || retryFailureReason;
     const safeHint = executionReport.terminalSafeHint ||
         (executionReport.retryExhausted
-            ? text.loop.exceededMaxRetriesSimple
+            ? failureReason
             : executionReport.terminalReason || failureReason);
     const remediationSteps = executionReport.terminalRemediationSteps ?? [];
-    const reasonCode = executionReport.terminalReasonCode ||
-        (executionReport.retryExhausted ? 'MAX_RETRIES' : 'LOOP_FAILED');
+    const reasonCode = executionReport.retryExhausted
+        ? 'MAX_RETRIES'
+        : executionReport.terminalReasonCode || 'LOOP_FAILED';
+    const diagnosticCode = executionReport.terminalDiagnosticCode ?? executionReport.terminalReasonCode ?? reasonCode;
     const failurePhase = executionReport.terminalFailurePhase ||
         (executionReport.retryExhausted ? Phase.VERIFY : undefined);
+    const resultReason = executionReport.retryExhausted ? failureReason : safeHint;
     const usage = getTokenUsageFromAuditTrail() ?? undefined;
     const budgetSummary = getBudgetRunSummary() ?? undefined;
     const errorEnvelope = buildFailureEnvelope({
@@ -157,11 +161,11 @@ export function buildLoopResultFromTransaction({ executionReport, flowMode, opti
     });
     return {
         success: false,
-        reason: safeHint,
+        reason: resultReason,
         reasonCode,
         terminalReason,
         rootCause,
-        diagnosticCode: executionReport.terminalDiagnosticCode ?? reasonCode,
+        diagnosticCode,
         safeHint,
         remediationSteps,
         errorEnvelope,
@@ -171,6 +175,7 @@ export function buildLoopResultFromTransaction({ executionReport, flowMode, opti
         usage,
         authorizationDecisions,
         history: telemetry.getHistory(),
+        changedFiles,
         failurePhase,
         errorType: ErrorType.UNKNOWN,
         errorCode: executionReport.lastErrorCode,

package/dist/core/grizzco/engine/transaction/attempt-failure.js

@@ -122,6 +122,29 @@ export function resolveAttemptFailure(params) {
         return undefined;
     }
     const errorCode = extractErrorCode(flowReport.error) ?? extractErrorCodeFromTraces(flowReport);
+    if (profile.verifyPolicy !== 'never' && context?.verifyResult?.ok === false) {
+        const verifyOutput = context.verifyResult.output || text.loop.loopExecutionFailed;
+        const errorType = classifyError(verifyOutput);
+        const fallbackReason = sanitizeReason(context.lastError || verifyOutput);
+        const guidance = buildFailureGuidance({
+            reasonCode: 'VERIFY_FAILED',
+            failurePhase: 'VERIFY',
+            errorCode: String(errorType),
+            verifyOutput,
+            environmentMode,
+            fallbackReason,
+        });
+        return {
+            reason: guidance.safeHint,
+            reasonCode: 'VERIFY_FAILED',
+            failurePhase: 'VERIFY',
+            retryable: isRetryable(errorType),
+            errorCode: String(errorType),
+            diagnosticCode: guidance.diagnosticCode,
+            safeHint: guidance.safeHint,
+            remediationSteps: guidance.remediationSteps,
+        };
+    }
     if (flowMode === 'autopilot' && autopilotCompletion) {
         if (autopilotCompletion.status === 'changed' ||
             autopilotCompletion.status === 'read_only_answer') {
@@ -238,29 +261,6 @@ export function resolveAttemptFailure(params) {
             remediationSteps: guidance.remediationSteps,
         };
     }
-    if (profile.verifyPolicy !== 'never' && context?.verifyResult?.ok === false) {
-        const verifyOutput = context.verifyResult.output || text.loop.loopExecutionFailed;
-        const errorType = classifyError(verifyOutput);
-        const fallbackReason = sanitizeReason(context.lastError || verifyOutput);
-        const guidance = buildFailureGuidance({
-            reasonCode: 'VERIFY_FAILED',
-            failurePhase: 'VERIFY',
-            errorCode: String(errorType),
-            verifyOutput,
-            environmentMode,
-            fallbackReason,
-        });
-        return {
-            reason: guidance.safeHint,
-            reasonCode: 'VERIFY_FAILED',
-            failurePhase: 'VERIFY',
-            retryable: isRetryable(errorType),
-            errorCode: String(errorType),
-            diagnosticCode: guidance.diagnosticCode,
-            safeHint: guidance.safeHint,
-            remediationSteps: guidance.remediationSteps,
-        };
-    }
     const failurePhase = inferFailurePhase(flowReport);
     const fallbackReason = sanitizeReason(context?.lastError || flowReport.error);
     if (isRecoverableToolInputErrorCode(errorCode)) {

package/dist/core/grizzco/engine/transaction/report-mapper.js

@@ -58,7 +58,10 @@ export function mapRetryExhaustedReport(params) {
         lastRecentReadArtifacts,
         lastToolResultPreviewArtifacts,
         terminalFailurePhase: failure?.failurePhase,
+        terminalReasonCode: failure?.reasonCode,
         terminalDiagnosticCode: failure?.diagnosticCode,
+        terminalSafeHint: failure?.safeHint,
+        terminalRemediationSteps: failure ? [...failure.remediationSteps] : undefined,
     };
 }
 //# sourceMappingURL=report-mapper.js.map

package/dist/core/grizzco/engine/transaction/transaction-runner.js

@@ -128,6 +128,7 @@ export class FlowTransactionRunner {
     lastRecentReadArtifacts;
     lastToolResultPreviewArtifacts;
     lastReplacementState;
+    pendingAutopilotVerification;
     constructor(params) {
         this.params = params;
         this.lastVerifyArtifact = params.options.artifactHints?.verifyArtifact;
@@ -182,6 +183,7 @@ export class FlowTransactionRunner {
                         : undefined,
                 },
                 replacementState: this.lastReplacementState,
+                pendingVerification: this.pendingAutopilotVerification,
                 lastError: this.currentLastError,
                 applyBackRuntime: {
                     activeRepoPath: this.params.env.activeRepoPath,
@@ -212,6 +214,18 @@ export class FlowTransactionRunner {
                 flowMode: this.params.flowMode,
             });
             lastAttemptFailure = attemptFailure;
+            if (this.params.flowMode === 'autopilot') {
+                if (attemptFailure?.reasonCode === 'VERIFY_FAILED') {
+                    this.pendingAutopilotVerification = {
+                        changedFiles: terminalCtx && 'changedFiles' in terminalCtx
+                            ? (terminalCtx.changedFiles ?? undefined)
+                            : undefined,
+                    };
+                }
+                else if (!attemptFailure) {
+                    this.pendingAutopilotVerification = undefined;
+                }
+            }
             const entry = {
                 attempt,
                 plan: shrinkCtx?.plan ?? null,

package/dist/core/grizzco/flows/AutopilotFlow.js

@@ -10,6 +10,7 @@ export async function executeAutopilotFlow(initCtx) {
         .step('VERIFY_GATE', runAutopilotVerifyGate)
         .step('REPORT', displayReport);
     const report = await pipeline.execute();
+    await report.data?.toolstack?.dispose?.();
     report.auditPath = await saveAudit(report, initCtx.options);
     report.strategyName = initCtx.mode;
     report.fsMode = initCtx.mode;

package/dist/core/grizzco/flows/SalmonLoopFlow.js

@@ -93,6 +93,7 @@ function buildPipelineByMode(initCtx) {
 export async function executeSalmonLoopFlow(initCtx) {
     const pipeline = buildPipelineByMode(initCtx);
     const report = await pipeline.execute();
+    await report.data?.toolstack?.dispose?.();
     // Save audit log
     report.auditPath = await saveAudit(report, initCtx.options);
     report.strategyName = initCtx.mode;

package/dist/core/grizzco/steps/apply.js

@@ -7,10 +7,7 @@ import { MicroTaskRunner } from '../dsl/MicroTaskRunner.js';
 import { StandardStrategy } from '../dsl/strategies.js';
 import { Executor } from '../execution/Executor.js';
 import { WorkerFactory } from '../execution/WorkerFactory.js';
-import { CachedService } from '../services/CachedService.js';
-import { GitConfigService } from '../services/implementations/default/GitConfigService.js';
 import { MockLockService } from '../services/implementations/mock/MockLockService.js';
-import { MockUserQuotaService } from '../services/implementations/mock/MockUserQuotaService.js';
 import { registry } from '../services/registry.js';
 /**
  * Bootstraps the service registry with required providers.
@@ -18,10 +15,6 @@ import { registry } from '../services/registry.js';
 export function bootstrapRegistry() {
     if (!registry.has('remote_lock'))
         registry.register(new MockLockService());
-    if (!registry.has('user_quota'))
-        registry.register(new MockUserQuotaService());
-    if (!registry.has('git_config'))
-        registry.register(new CachedService(new GitConfigService()));
 }
 export const runApply = async (ctx) => {
     const { workspace, diff, fileStateResolver, emit } = ctx;

package/dist/core/grizzco/steps/autopilot.js

@@ -1,7 +1,7 @@
 import { createHash } from 'crypto';
 import { join } from 'path';
 import { text } from '../../../locales/index.js';
-import { lstat, readlink } from '../../adapters/fs/node-fs.js';
+import { lstat, readFile, readdir, readlink } from '../../adapters/fs/node-fs.js';
 import { GitAdapter } from '../../adapters/git/git-adapter.js';
 import { LIMITS } from '../../config/limits.js';
 import { supportsLlmStreaming } from '../../llm/capabilities.js';
@@ -23,6 +23,20 @@ const GIT_HASH_OUTPUT_LIMITS = {
     maxStdoutBytes: 256,
     maxStderrChars: 4_096,
 };
+const FILESYSTEM_SAMPLE_LIMITS = {
+    maxEntries: 10_000,
+    maxBytesPerFile: 5 * 1024 * 1024,
+};
+const FILESYSTEM_EXCLUDED_SEGMENTS = new Set([
+    '.git',
+    '.salmonloop',
+    'node_modules',
+    '.next',
+    'dist',
+    'build',
+    '.turbo',
+    '.cache',
+]);
 function hashFingerprintValue(value) {
     return createHash('sha256').update(value).digest('hex');
 }
@@ -165,6 +179,7 @@ async function captureWorkspaceFingerprint(workspacePath) {
     }
     const workingContent = hashFingerprintValue(workingEntries.map(([path, fingerprint]) => `${path}:${fingerprint}`).join('\n'));
     return {
+        kind: 'git',
         head,
         index,
         statusMetadata: hashFingerprintBuffer(statusOutput),
@@ -173,6 +188,79 @@ async function captureWorkspaceFingerprint(workspacePath) {
         workingEntries,
     };
 }
+function isFilesystemSamplingExcludedPath(path) {
+    const normalized = path.replace(/\\/g, '/');
+    if (isRuntimeGeneratedPath(normalized))
+        return true;
+    return normalized.split('/').some((segment) => FILESYSTEM_EXCLUDED_SEGMENTS.has(segment));
+}
+function formatFilesystemMode(mode) {
+    return (mode & 0o7777).toString(8);
+}
+async function hashFilesystemPath(absolutePath) {
+    const stats = await lstat(absolutePath);
+    if (stats.isSymbolicLink()) {
+        return `symlink:${formatFilesystemMode(stats.mode)}:${hashFingerprintValue(await readlink(absolutePath))}`;
+    }
+    if (stats.isDirectory()) {
+        return `dir:${formatFilesystemMode(stats.mode)}`;
+    }
+    if (stats.size > FILESYSTEM_SAMPLE_LIMITS.maxBytesPerFile) {
+        throw new Error(`Workspace sampling skipped file larger than ${FILESYSTEM_SAMPLE_LIMITS.maxBytesPerFile} bytes`);
+    }
+    if (stats.isFile()) {
+        return `file:${formatFilesystemMode(stats.mode)}:${hashFingerprintBuffer(await readFile(absolutePath))}`;
+    }
+    return `other:${formatFilesystemMode(stats.mode)}:${stats.size}`;
+}
+function appendFilesystemEntry(entries, path, fingerprint) {
+    if (entries.length >= FILESYSTEM_SAMPLE_LIMITS.maxEntries) {
+        throw new Error(`Workspace sampling exceeded ${FILESYSTEM_SAMPLE_LIMITS.maxEntries} entries`);
+    }
+    entries.push([path, fingerprint]);
+}
+async function collectFilesystemEntries(params) {
+    const absoluteDir = join(params.workspacePath, params.relativeDir);
+    const dirents = await readdir(absoluteDir, { withFileTypes: true });
+    const sorted = [...dirents].sort((left, right) => left.name.localeCompare(right.name));
+    for (const dirent of sorted) {
+        const relativePath = params.relativeDir ? `${params.relativeDir}/${dirent.name}` : dirent.name;
+        if (isFilesystemSamplingExcludedPath(relativePath)) {
+            continue;
+        }
+        const absolutePath = join(params.workspacePath, relativePath);
+        if (dirent.isDirectory()) {
+            appendFilesystemEntry(params.entries, `${relativePath}/`, await hashFilesystemPath(absolutePath));
+            await collectFilesystemEntries({
+                workspacePath: params.workspacePath,
+                relativeDir: relativePath,
+                entries: params.entries,
+            });
+            continue;
+        }
+        appendFilesystemEntry(params.entries, relativePath, await hashFilesystemPath(absolutePath));
+    }
+}
+async function captureFilesystemFingerprint(workspacePath) {
+    const workingEntries = [];
+    await collectFilesystemEntries({ workspacePath, relativeDir: '', entries: workingEntries });
+    const statusMetadata = hashFingerprintValue(workingEntries.map(([path, fingerprint]) => `${path}:${fingerprint}`).join('\n'));
+    return {
+        kind: 'filesystem',
+        head: '',
+        index: '',
+        statusMetadata,
+        workingContent: statusMetadata,
+        statusEntries: workingEntries,
+        workingEntries,
+    };
+}
+async function captureWorkspaceFingerprintForContext(ctx) {
+    if (ctx.workspace.capabilities?.git.insideWorkTree === false) {
+        return captureFilesystemFingerprint(ctx.workspace.workPath);
+    }
+    return captureWorkspaceFingerprint(ctx.workspace.workPath);
+}
 function collectChangedWorkspacePaths(before, after) {
     const beforeStatusEntries = new Map(before.statusEntries);
     const afterStatusEntries = new Map(after.statusEntries);
@@ -280,7 +368,7 @@ export async function runAutopilot(ctx) {
     let samplingFailedClosed = false;
     if (supportsTools) {
         try {
-            workspaceFingerprintBefore = await captureWorkspaceFingerprint(ctx.workspace.workPath);
+            workspaceFingerprintBefore = await captureWorkspaceFingerprintForContext(ctx);
         }
         catch {
             samplingFailedClosed = true;
@@ -339,10 +427,11 @@ export async function runAutopilot(ctx) {
         }
         else {
             try {
-                const workspaceFingerprintAfter = await captureWorkspaceFingerprint(ctx.workspace.workPath);
+                const workspaceFingerprintAfter = await captureWorkspaceFingerprintForContext(ctx);
                 changedFiles = collectChangedWorkspacePaths(workspaceFingerprintBefore, workspaceFingerprintAfter);
                 mutated =
                     changedFiles.length > 0 ||
+                        workspaceFingerprintBefore.statusMetadata !== workspaceFingerprintAfter.statusMetadata ||
                         workspaceFingerprintBefore.head !== workspaceFingerprintAfter.head ||
                         workspaceFingerprintBefore.index !== workspaceFingerprintAfter.index;
             }
@@ -351,11 +440,23 @@ export async function runAutopilot(ctx) {
             }
         }
     }
+    const pendingChangedFiles = ctx.pendingVerification?.changedFiles && ctx.pendingVerification.changedFiles.length > 0
+        ? ctx.pendingVerification.changedFiles
+        : undefined;
+    const effectiveChangedFiles = changedFiles && changedFiles.length > 0
+        ? changedFiles
+        : pendingChangedFiles && pendingChangedFiles.length > 0
+            ? pendingChangedFiles
+            : undefined;
+    const effectiveMutated = mutated || Boolean(ctx.pendingVerification);
     return {
         ...ctx,
-        mutated,
-        changedFiles: changedFiles && changedFiles.length > 0 ? changedFiles : undefined,
-        completion: resolveAutopilotCompletion({ content, mutated, localAudit }),
+        mutated: effectiveMutated,
+        changedFiles: effectiveChangedFiles,
+        pendingVerification: effectiveMutated
+            ? { changedFiles: effectiveChangedFiles }
+            : ctx.pendingVerification,
+        completion: resolveAutopilotCompletion({ content, mutated: effectiveMutated, localAudit }),
         toolCallingAudit: mergedAudit,
         report: {
             kind: 'answer',
@@ -390,6 +491,7 @@ export async function runAutopilotVerifyGate(ctx) {
     const nextCtx = {
         ...ctx,
         verifyResult,
+        pendingVerification: verifyResult.ok ? undefined : ctx.pendingVerification,
     };
     return verifyArtifact ? { ...nextCtx, verifyArtifact } : nextCtx;
 }

package/dist/core/grizzco/steps/preflight.js

@@ -3,11 +3,17 @@ import { recordAuditEvent } from '../../observability/audit-trail.js';
 import { resolveExecutionProfile } from '../../runtime/execution-profile.js';
 import { createStandardToolstack } from '../../tools/loader.js';
 import { preflight } from '../../verification/runner.js';
+import { requiresGitWorkspace } from '../../workspace/capabilities.js';
 import { resolveLlmToolCallingPolicy } from '../dsl/llm-strategy.js';
 export const runPreflight = async (ctx) => {
     const executionProfile = resolveExecutionProfile(ctx.mode);
     const result = await preflight(ctx.workspace, ctx.emit, {
         ignoreDirty: executionProfile.ignoreDirtyPreflight,
+        requireWrite: !executionProfile.readOnly,
+        requireGit: requiresGitWorkspace({
+            mode: ctx.mode,
+            strategy: ctx.workspace.strategy,
+        }),
     });
     if (!result.ok) {
         const reason = result.reason || text.loop.preflightFailedNotGit;
@@ -27,12 +33,16 @@ export const runPreflight = async (ctx) => {
         message: text.loop.preflightPassed,
         timestamp: new Date(),
     });
+    if (result.capabilities) {
+        ctx.workspace.capabilities = result.capabilities;
+    }
     const toolstack = resolveLlmToolCallingPolicy(executionProfile.entryPhase, ctx.options.llm)
         .enabled
         ? await createStandardToolstack({
             repoRoot: ctx.workspace.workPath,
             persistenceRoot: ctx.workspace.baseRepoPath || ctx.workspace.workPath,
             worktreeRoot: ctx.workspace.strategy === 'worktree' ? ctx.workspace.workPath : undefined,
+            workspaceCapabilities: ctx.workspace.capabilities,
             attemptId: ctx.attempt ?? 1,
             dryRun: Boolean(ctx.options?.dryRun),
             allowedToolNames: Array.isArray(ctx.options.allowedToolNames)

package/dist/core/grizzco/steps/tool-runtime.js

@@ -4,6 +4,7 @@ export function buildPhaseToolRuntimeContext(ctx, phase, cacheSurface) {
         repoRoot: ctx.workspace.workPath,
         persistenceRoot: ctx.workspace.baseRepoPath || ctx.workspace.workPath,
         worktreeRoot: ctx.workspace.strategy === 'worktree' ? ctx.workspace.workPath : undefined,
+        workspaceCapabilities: ctx.workspace.capabilities,
         flowMode: ctx.mode,
         attemptId: ctx.attempt ?? 1,
         dryRun: Boolean(ctx.options?.dryRun),