scriveno 2.0.9 → 2.0.10

package/README.md

@@ -2,11 +2,13 @@
 
 [![CI](https://github.com/aihxp/scriveno/actions/workflows/ci.yml/badge.svg)](https://github.com/aihxp/scriveno/actions/workflows/ci.yml)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
-[![Version](https://img.shields.io/badge/version-2.0.9-blue)](CHANGELOG.md)
+[![Version](https://img.shields.io/badge/version-2.0.10-blue)](CHANGELOG.md)
 [![npm](https://img.shields.io/npm/v/scriveno.svg)](https://www.npmjs.com/package/scriveno)
 [![Downloads](https://img.shields.io/npm/dm/scriveno.svg)](https://www.npmjs.com/package/scriveno)
 [![Status CLI](https://img.shields.io/badge/status%20CLI-scriveno%20status-blue)](docs/runtime-support.md#shared-auto-invoke-engine)
 [![Route Intelligence](https://img.shields.io/badge/route%20intelligence-agent%20lanes-blue)](docs/auto-invoke-policy.md)
+[![Runtime Smoke](https://img.shields.io/badge/runtime%20smoke-install%20checks-blue)](docs/runtime-support.md#runtime-smoke-and-agent-checks)
+[![Safe Apply](https://img.shields.io/badge/safe%20apply-visible%20gates-blue)](docs/auto-invoke-policy.md#safe-apply-and-audit-commands)
 
 **[scriveno on npm](https://www.npmjs.com/package/scriveno)**
 
@@ -23,6 +25,7 @@ npx scriveno@latest
 
 # Optional project status check
 scriveno status --project .
+scriveno sync --check
 ```
 
 ---
@@ -80,12 +83,19 @@ Scriveno ships a shared read-only status engine for every installer target. The
 ```bash
 scriveno status --project .
 scriveno status . --json
+scriveno status --project . --apply-safe
+scriveno sync --check
+scriveno smoke --json
+scriveno agents --json
+scriveno routes --json
 ```
 
 It inspects disk evidence such as `.manuscript/`, `STATE.md`, `CONTEXT.md`, plan files, drafts, review coverage, notes, revision proposals, translation work, publishing prerequisites, exports, and history, then recommends the safest next command. The engine does not mutate files and does not spawn agents by itself. Command surfaces such as `/scr-next`, `/scr:next`, `/scr:progress`, `/scr:session-report`, and `/scr:sync` call it when local command execution is available, then fall back to embedded markdown logic when a host cannot run Node. See [Auto-Invoke Policy](docs/auto-invoke-policy.md) and [Runtime Support](docs/runtime-support.md#shared-auto-invoke-engine).
 
 The status report separates `Candidate agents`, `Candidate local helpers`, and `Manual gates`. That means Scriveno can say when a route is ready for a drafter, voice-checker, translator, continuity-checker, or review worker, when a deterministic helper such as save or scan is enough, and when writer approval is required for publishing, export overwrites, track merges, or undo.
 
+`--apply-safe` runs only read-only checks and reports write-gated helpers instead of touching manuscript files. `sync --check`, `smoke`, `agents`, and `routes` expose the same cross-runtime audit layer for Claude Code, Codex, Cursor, Gemini CLI, OpenCode, GitHub Copilot, Windsurf, Antigravity, Manus, Perplexity Desktop, and the generic skill fallback.
+
 ---
 
 ## The Voice DNA system
@@ -192,6 +202,7 @@ Scriveno is built on five principles:
 - [Architecture](docs/architecture.md) -- How Scriveno works under the hood
 - [Configuration](docs/configuration.md) -- Package, installer, constraints, and `.manuscript/config.json` surfaces
 - [Auto-Invoke Policy](docs/auto-invoke-policy.md) -- Shared status engine, route intelligence lanes, visible automation status, and agent-spawn boundaries
+- [Route Graph Audit](docs/route-graph.md) -- Generated route graph, automation lanes, and priority fixtures
 - [Development](docs/development.md) -- Contributor workflow for changing commands, templates, installer logic, and docs
 - [Testing](docs/testing.md) -- What the test suite covers and which checks to run before shipping
 - [Release Notes](docs/release-notes.md) -- Public summary of what changed between package releases
@@ -216,7 +227,7 @@ Scriveno currently ships installer targets for these AI tooling environments:
 - **Perplexity Desktop** (guided local-MCP setup)
 - **Generic (SKILL.md)** fallback
 
-**Installer baseline:** `Node.js >=20.0.0` for `npx scriveno@latest`, `bin/install.js`, and `scriveno status --project .`. For new installs, use a currently supported LTS such as Node.js 24; Node.js 20 is now a compatibility floor, not the recommended fresh-install target.
+**Installer baseline:** `Node.js >=20.0.0` for `npx scriveno@latest`, `bin/install.js`, `scriveno status --project .`, and the proactive audit commands. For new installs, use a currently supported LTS such as Node.js 24; Node.js 20 is now a compatibility floor, not the recommended fresh-install target.
 
 **Support note:** Claude Code is the primary reference runtime and now installs a flat `/scr-*` command surface. The environments listed above are installer targets, not a claim that every host runtime has verified parity today. Codex currently installs a skill-native `$scr-*` surface, while Perplexity Desktop is a guided local-MCP target rather than a writable command runtime. See the [runtime compatibility matrix](docs/runtime-support.md) for install type, support level, and verification status.
 
@@ -224,11 +235,11 @@ Scriveno currently ships installer targets for these AI tooling environments:
 
 ## Status
 
-**Version:** 2.0.9
+**Version:** 2.0.10
 
- Scriveno's core command surface is stable across 112 commands, 50 work types, and 11 installer targets. The current repo baseline includes shipped planning milestones through `v2.0 Publishing Cover Packaging`, plus the creative-context, record-store, branching-next, runtime-sync, adaptive concierge, human-first writing-safeguard, authenticity-diagnostic, domain-grilling, installer-marker cleanup, cross-runtime agent metadata, visible automation status, the shared `scriveno status --project .` auto-invoke engine, and route-intelligence lanes through `2.0.9`. See [Shipped Assets](docs/shipped-assets.md) for the canonical asset inventory and [Runtime Support](docs/runtime-support.md) for the runtime compatibility matrix.
+ Scriveno's core command surface is stable across 112 commands, 50 work types, and 11 installer targets. The current repo baseline includes shipped planning milestones through `v2.0 Publishing Cover Packaging`, plus the creative-context, record-store, branching-next, runtime-sync, adaptive concierge, human-first writing-safeguard, authenticity-diagnostic, domain-grilling, installer-marker cleanup, cross-runtime agent metadata, visible automation status, the shared `scriveno status --project .` auto-invoke engine, route-intelligence lanes, safe apply reporting, runtime smoke checks, agent availability checks, and route graph audits through `2.0.10`. See [Shipped Assets](docs/shipped-assets.md) for the canonical asset inventory and [Runtime Support](docs/runtime-support.md) for the runtime compatibility matrix.
 
- Version `2.0.9` publishes Scriveno under the package name `scriveno`, so the current install command is `npx scriveno@latest`. The older `scriveno-cli` package name is historical and was unpublished during the rename, so npm cannot attach a deprecation notice to it while it has no active registry record. The older `scriven-cli` package remains on npm only as a deprecated legacy name that points users to `scriveno`. Do not treat either legacy package name as active unless a deliberate compatibility shim is republished. See [CHANGELOG](CHANGELOG.md) for the full list and [docs/release-notes.md](docs/release-notes.md) for the public-facing summary.
+ Version `2.0.10` publishes Scriveno under the package name `scriveno`, so the current install command is `npx scriveno@latest`. The older `scriveno-cli` package name is historical and was unpublished during the rename, so npm cannot attach a deprecation notice to it while it has no active registry record. The older `scriven-cli` package remains on npm only as a deprecated legacy name that points users to `scriveno`. Do not treat either legacy package name as active unless a deliberate compatibility shim is republished. See [CHANGELOG](CHANGELOG.md) for the full list and [docs/release-notes.md](docs/release-notes.md) for the public-facing summary.
 
 Package history is tracked in [CHANGELOG.md](CHANGELOG.md), and the public-facing summary for this release is in [docs/release-notes.md](docs/release-notes.md).
 

package/bin/install.js

@@ -823,6 +823,11 @@ function printHelp() {
   scriveno
   scriveno status --project .
   scriveno status . --json
+  scriveno status --project . --apply-safe
+  scriveno sync --check
+  scriveno smoke --json
+  scriveno agents --json
+  scriveno routes --json
   scriveno --runtimes codex,claude-code --global --writer --silent
 
 Options:
@@ -841,8 +846,15 @@ Status options:
   status              Inspect a project and recommend the next command
   --project <path>    Project root to inspect (default: current directory)
   --trigger <name>    Status trigger label (default: scriveno status)
+  --apply-safe        Run read-only checks and report write-gated helpers
   --json              Print machine-readable status JSON
 
+Audit commands:
+  sync --check        Check shared sync, runtime, and agent surfaces
+  smoke               Smoke-test installed runtime surfaces
+  agents              Inspect installed agent prompts and metadata
+  routes              Audit route graph and automation lanes
+
 Runtime keys:
   ${Object.keys(RUNTIMES).join(', ')}
 `);
@@ -861,6 +873,9 @@ function parseArgs(argv) {
     statusProjectRoot: process.cwd(),
     statusTrigger: 'scriveno status',
     statusJson: false,
+    statusApplySafe: false,
+    auditJson: false,
+    syncCheck: false,
   };
 
   if (argv[0] === 'status') {
@@ -873,6 +888,8 @@ function parseArgs(argv) {
         options.showVersion = true;
       } else if (arg === '--json') {
         options.statusJson = true;
+      } else if (arg === '--apply-safe') {
+        options.statusApplySafe = true;
       } else if (arg === '--project') {
         const value = argv[i + 1];
         if (!value) throw new Error('--project requires a value for status');
@@ -896,6 +913,36 @@ function parseArgs(argv) {
     return options;
   }
 
+  if (['sync', 'smoke', 'agents', 'routes'].includes(argv[0])) {
+    options.command = argv[0];
+    for (let i = 1; i < argv.length; i++) {
+      const arg = argv[i];
+      if (arg === '--help' || arg === '-h') {
+        options.showHelp = true;
+      } else if (arg === '--version' || arg === '-v') {
+        options.showVersion = true;
+      } else if (arg === '--json') {
+        options.auditJson = true;
+      } else if (arg === '--check' && argv[0] === 'sync') {
+        options.syncCheck = true;
+      } else if (arg === '--project') {
+        const value = argv[i + 1];
+        if (!value) throw new Error('--project requires a value');
+        options.statusProjectRoot = value;
+        i++;
+      } else if (arg.startsWith('--project=')) {
+        options.statusProjectRoot = arg.slice('--project='.length);
+      } else if (arg.startsWith('-')) {
+        throw new Error(`Unknown ${argv[0]} argument "${arg}"`);
+      } else if (argv[0] === 'sync') {
+        options.statusProjectRoot = arg;
+      } else {
+        throw new Error(`Unknown ${argv[0]} argument "${arg}"`);
+      }
+    }
+    return options;
+  }
+
   function addRuntimeList(value) {
     for (const key of String(value).split(',').map((item) => item.trim()).filter(Boolean)) {
       if (!Object.prototype.hasOwnProperty.call(RUNTIMES, key)) {
@@ -947,14 +994,73 @@ function parseArgs(argv) {
   return options;
 }
 
-function runStatus({ projectRoot, trigger, json }) {
+function runStatus({ projectRoot, trigger, json, applySafe }) {
   const analysis = autoInvokeEngine.analyzeProject(projectRoot);
+  const safeApply = applySafe
+    ? autoInvokeEngine.collectSafeApplyActions(projectRoot, { analysis, trigger })
+    : null;
   if (json) {
-    console.log(JSON.stringify(analysis, null, 2));
+    console.log(JSON.stringify(safeApply ? { analysis, safeApply } : analysis, null, 2));
   } else {
     console.log(autoInvokeEngine.formatReport(analysis, { trigger }));
+    if (safeApply) {
+      console.log('');
+      console.log(autoInvokeEngine.formatSafeApplyReport(safeApply));
+    }
+  }
+  return safeApply ? { analysis, safeApply } : analysis;
+}
+
+function runSyncCheck({ projectRoot, json }) {
+  const analysis = autoInvokeEngine.analyzeProject(projectRoot);
+  const safeApply = autoInvokeEngine.collectSafeApplyActions(projectRoot, { analysis, trigger: 'scriveno sync --check' });
+  const agents = autoInvokeEngine.inspectAgentAvailability();
+  const smoke = autoInvokeEngine.inspectRuntimeSmoke();
+  const result = { analysis, safeApply, agents, smoke };
+  if (json) {
+    console.log(JSON.stringify(result, null, 2));
+  } else {
+    console.log('Sync status:');
+    console.log(`Project: ${analysis.projectRoot}`);
+    console.log(`Recommendation: ${analysis.recommendation.command}`);
+    console.log('');
+    console.log(autoInvokeEngine.formatSafeApplyReport(safeApply));
+    console.log('');
+    console.log(autoInvokeEngine.formatAgentAvailabilityReport(agents));
+    console.log('');
+    console.log(autoInvokeEngine.formatRuntimeSmokeReport(smoke));
+  }
+  return result;
+}
+
+function runRuntimeSmoke({ json }) {
+  const result = autoInvokeEngine.inspectRuntimeSmoke();
+  if (json) {
+    console.log(JSON.stringify(result, null, 2));
+  } else {
+    console.log(autoInvokeEngine.formatRuntimeSmokeReport(result));
+  }
+  return result;
+}
+
+function runAgentAvailability({ json }) {
+  const result = autoInvokeEngine.inspectAgentAvailability();
+  if (json) {
+    console.log(JSON.stringify(result, null, 2));
+  } else {
+    console.log(autoInvokeEngine.formatAgentAvailabilityReport(result));
   }
-  return analysis;
+  return result;
+}
+
+function runRouteAudit({ json }) {
+  const result = autoInvokeEngine.buildRouteGraph();
+  if (json) {
+    console.log(JSON.stringify(result, null, 2));
+  } else {
+    console.log(autoInvokeEngine.formatRouteGraphReport(result));
+  }
+  return result;
 }
 
 function resolveInstallRequest(parsed, detectedRuntimeKeys, { isTTY }) {
@@ -1385,10 +1491,34 @@ async function main() {
       projectRoot: parsed.statusProjectRoot,
       trigger: parsed.statusTrigger,
       json: parsed.statusJson,
+      applySafe: parsed.statusApplySafe,
+    });
+    return;
+  }
+
+  if (parsed.command === 'sync') {
+    runSyncCheck({
+      projectRoot: parsed.statusProjectRoot,
+      json: parsed.auditJson,
     });
     return;
   }
 
+  if (parsed.command === 'smoke') {
+    runRuntimeSmoke({ json: parsed.auditJson });
+    return;
+  }
+
+  if (parsed.command === 'agents') {
+    runAgentAvailability({ json: parsed.auditJson });
+    return;
+  }
+
+  if (parsed.command === 'routes') {
+    runRouteAudit({ json: parsed.auditJson });
+    return;
+  }
+
   const detectedRuntimeKeys = Object.entries(RUNTIMES).filter(([, runtime]) => runtime.detect()).map(([key]) => key);
   const installRequest = resolveInstallRequest(parsed, detectedRuntimeKeys, { isTTY: Boolean(process.stdin.isTTY) });
 
@@ -1774,6 +1904,10 @@ module.exports = {
   parseArgs,
   resolveInstallRequest,
   runStatus,
+  runSyncCheck,
+  runRuntimeSmoke,
+  runAgentAvailability,
+  runRouteAudit,
   collectCommandEntries,
   collectAgentEntries,
   assertNoSkillNameCollisions,

package/commands/scr/new-work.md

@@ -69,7 +69,7 @@ Always create `RECORD.md` from `templates/RECORD.md` without renaming it. It is
 Write `.manuscript/config.json` by starting from `templates/config.json` and filling the project-specific values. The generated config must include the shared settings blocks that later commands read:
 ```json
 {
-  "scriveno_version": "2.0.9",
+  "scriveno_version": "2.0.10",
   "work_type": "<chosen>",
   "group": "<group>",
   "command_unit": "<unit>",

package/commands/scr/sync.md

@@ -14,13 +14,15 @@ This is not a package upgrade command. Do not fetch a newer Scriveno release, do
 The auto-invoke status engine is a shared runtime asset. It is copied for every install target and can be checked with one of these paths:
 
 ```bash
+scriveno sync --check
 scriveno status --project "$PWD" --trigger /scr:sync
+scriveno status --project "$PWD" --apply-safe --trigger /scr:sync
 node lib/auto-invoke-engine.js --project "$PWD" --trigger /scr:sync
 node "$HOME/.scriveno/lib/auto-invoke-engine.js" --project "$PWD" --trigger /scr:sync
 node .scriveno/lib/auto-invoke-engine.js --project "$PWD" --trigger /scr:sync
 ```
 
-Use it for read-only project status and next-command reasoning. Use `bin/install.js` for runtime file synchronization.
+Use `scriveno sync --check` for the full read-only sync audit: project status, safe apply, agent availability, and runtime smoke. Use `scriveno status --project "$PWD" --apply-safe` when you only need project routing and safe-helper reporting. Use `bin/install.js` for runtime file synchronization.
 
 ## Prerequisites
 
@@ -70,7 +72,7 @@ If you cannot find a Scriveno source root, stop and explain that `/scr:sync` nee
    - Check that installed Codex commands include current response-contract and source-marker behavior after reinstall.
    - Report each runtime as `current`, `stale`, `missing`, or `unknown`.
 5. Decide mode:
-   - `--check`: report only. Do not write files.
+   - `--check`: report only. Run `scriveno sync --check` when available. Do not write files.
    - `--apply`: run the installer.
    - No flag: if stale installed Scriveno-owned files are detected, ask the writer before applying. If everything is current, report that no sync is needed.
 6. When applying, run from the source root:

package/data/CONSTRAINTS.json

@@ -1,6 +1,6 @@
 {
   "$schema": "./constraints.schema.json",
-  "version": "2.0.9",
+  "version": "2.0.10",
   "description": "Scriveno constraint system: work types, command availability, exports, and dependencies. Every command checks this file at runtime.",
   "_notes": {
     "sacred_keys": "Sacred subcommands live at commands/scr/sacred/<name>.md and run as /scr:sacred:<name>. Their CONSTRAINTS keys use the sacred:<name> form so /scr:help can render the runnable slash-command path directly. The sacred-numbering-format entry is a separate flat command (commands/scr/sacred-numbering-format.md) that surfaces the active tradition's numbering format. It used to be named sacred-verse-numbering, which collided with sacred:verse-numbering at install time -- both flattened to scr-sacred-verse-numbering. Renamed in v1.6.x; the installer now refuses to install when two sources share a flat skill name."

package/docs/architecture.md

@@ -351,7 +351,7 @@ Codex uses a skill-native variation of this strategy. The installer generates on
 
 ### Shared status engine
 
-Scriveno also ships `lib/auto-invoke-engine.js`, exposed through `scriveno status --project .` and `scriveno status . --json`. The installer copies this library into the shared Scriveno asset directory for global and project installs, so command surfaces can call a single read-only status engine before falling back to embedded markdown logic.
+Scriveno also ships `lib/auto-invoke-engine.js`, exposed through `scriveno status --project .`, `scriveno status . --json`, `scriveno status --project . --apply-safe`, `scriveno sync --check`, `scriveno smoke`, `scriveno agents`, and `scriveno routes`. The installer copies this library into the shared Scriveno asset directory for global and project installs, so command surfaces can call a single status and audit engine before falling back to embedded markdown logic.
 
 The engine checks disk evidence only: project presence, required project files, STATE.md, CONTEXT.md freshness, plan files, draft files, review coverage, unresolved notes, revision-track proposals, translation work, publishing prerequisites, exports, history, and save signals. It recommends the next command, but it does not mutate files and does not spawn agents by itself. That boundary keeps proactive behavior portable across Claude Code, Codex, Cursor, Gemini CLI, OpenCode, GitHub Copilot, Windsurf, Antigravity, Manus, Perplexity Desktop, and the generic fallback.
 
@@ -365,6 +365,14 @@ Every command registry category has an automation lane through `getCommandAutoma
 
 This turns disconnected side features into visible routes. A plan without a draft recommends `/scr:draft` and lists the drafter route as a candidate agent path. Drafts without reviews recommend `/scr:editor-review` before export. Notes route to `/scr:check-notes`. Revision proposals route to `/scr:editor-review --proposal` or `/scr:track`. Publishing gaps route to `/scr:front-matter`, `/scr:back-matter`, `/scr:blurb`, `/scr:cover-art`, or `/scr:publish` depending on disk evidence.
 
+The same engine now exposes:
+
+- **Safe apply reporting**: `status --apply-safe` runs read-only checks, identifies safe helpers, lists agent candidates, and marks write-gated actions as skipped.
+- **Sync check**: `sync --check` combines project status, safe apply, agent availability, and runtime smoke into one transcript.
+- **Agent availability**: `agents` verifies prompt fallback readiness for non-Codex runtimes and metadata readiness for Codex.
+- **Runtime smoke**: `smoke` checks installed command, skill, guide, agent, metadata, and shared-engine surfaces.
+- **Route graph audit**: `routes` derives a command graph from constraints, command intents, dependencies, and automation lanes.
+
 ### Installation modes
 
 The installer supports two scopes:
@@ -376,7 +384,7 @@ The user chooses during installation. Guided local-MCP targets still write their
 
 ### Runtime credibility
 
-Scriveno's installer compatibility floor is `Node.js >=20.0.0`. For new installs, prefer a currently supported LTS such as Node.js 24. The compatibility floor applies to `npx scriveno@latest`, `bin/install.js`, `scriveno status --project .`, the shared status engine, and the repo's JavaScript test suite, not to the markdown command system once files are installed.
+Scriveno's installer compatibility floor is `Node.js >=20.0.0`. For new installs, prefer a currently supported LTS such as Node.js 24. The compatibility floor applies to `npx scriveno@latest`, `bin/install.js`, `scriveno status --project .`, the proactive audit commands, the shared status engine, and the repo's JavaScript test suite, not to the markdown command system once files are installed.
 
 This architecture doc is intentionally about mechanics: detection rules, install path shapes, `commands` versus `skills` versus `guided-mcp`, and global versus project scope. For the authoritative runtime matrix, support levels, and verification status, see [`docs/runtime-support.md`](runtime-support.md).
 

package/docs/auto-invoke-policy.md

@@ -8,6 +8,22 @@ The engine reports candidates instead of silently acting. It can identify planne
 
 The same file exports `getCommandAutomationPolicy()`, which classifies every command registry route into an automation lane. Tests assert that every command category is covered, so newly added routes cannot sit outside the proactive policy by accident.
 
+## Safe Apply and Audit Commands
+
+Scriveno now exposes the proactive layer as executable checks instead of documentation-only guidance:
+
+```bash
+scriveno status --project . --apply-safe
+scriveno sync --check
+scriveno smoke --json
+scriveno agents --json
+scriveno routes --json
+```
+
+`--apply-safe` runs the read-only status sweep, reports safe local helpers that are ready, lists agent candidates, and marks writer-owned or write-gated helpers as skipped instead of mutating files. It is intentionally conservative: `/scr:save`, `/scr:scan`, `/scr:sync --apply`, publish packaging, export overwrites, track merges, and undo remain explicit actions.
+
+`sync --check` combines four reports: project status, safe apply, agent availability, and runtime smoke. `smoke` checks installed commands, skills, prompts, Codex metadata, and the shared engine path. `agents` checks prompt fallback readiness and Codex metadata readiness. `routes` builds a route graph from `data/CONSTRAINTS.json` and the automation policy so disconnected command flows are visible in one audit.
+
 ## Cross-Platform Agent Rules
 
 Scriveno agent prompts live in `agents/*.md`. Each host runtime exposes them differently:

package/docs/configuration.md

@@ -57,7 +57,7 @@ When a writer runs `/scr:new-work`, Scriveno creates `.manuscript/config.json`.
 
 ```json
 {
-  "scriveno_version": "2.0.9",
+  "scriveno_version": "2.0.10",
   "work_type": "<chosen>",
   "group": "<group>",
   "command_unit": "<unit>",

package/docs/getting-started.md

@@ -29,10 +29,14 @@ You can also ask Scriveno for a read-only project status from any terminal:
 ```
 scriveno status --project .
 scriveno status . --json
+scriveno status --project . --apply-safe
+scriveno sync --check
 ```
 
 That status command is the same shared auto-invoke engine used by `/scr-next`, `/scr:next`, `/scr:progress`, `/scr:session-report`, and `/scr:sync` when local command execution is available. It recommends the next safest command, but does not mutate files or spawn agents by itself. Current status output separates candidate agents, candidate local helpers, and manual gates so you can tell whether Scriveno is pointing at a specialist route, a deterministic file helper, or a writer-owned decision.
 
+Use `--apply-safe` when you want Scriveno to run the read-only checks and show which helpers are safe, skipped, or agent-ready. Use `sync --check` when you want the installed runtime surfaces checked too.
+
 ## Step 2: Explore the Demo (Optional)
 
 Not sure what Scriveno does? Try the demo before starting your own project:

package/docs/release-notes.md

@@ -2,6 +2,40 @@
 
 This document is the public-facing summary of what changed between package releases. For package history, see the root [CHANGELOG](../CHANGELOG.md).
 
+## 2.0.10 - 2026-05-16
+
+### What changed
+
+- `scriveno status --project . --apply-safe` now runs the read-only proactive checks and reports safe helpers, agent candidates, and write-gated actions.
+- `scriveno sync --check` now produces a read-only sync transcript with project status, safe apply, agent availability, and runtime smoke.
+- `scriveno smoke`, `scriveno agents`, and `scriveno routes` expose installed-surface checks, agent prompt and metadata checks, and generated route graph audits.
+- Runtime checks cover Claude Code, Codex, Cursor, Gemini CLI, OpenCode, GitHub Copilot, Windsurf, Antigravity, Manus, Perplexity Desktop, and the generic skill fallback through the shared engine.
+- README badges, Runtime Support, Auto-Invoke Policy, Architecture, Getting Started, Testing, sync command docs, Route Graph Audit, changelog, and package metadata are aligned on `2.0.10`.
+
+### Why it matters
+
+The previous releases made proactive routing visible. This release makes the support tooling executable. Users can now ask Scriveno what is safe to run, whether installed agent surfaces are present, whether Codex metadata is ready, and how every route fits into the automation graph without relying on a hidden host-specific behavior.
+
+### Affected areas
+
+- shared auto-invoke engine
+- public CLI audit commands
+- runtime smoke and agent availability checks
+- route graph audit docs
+- README badges and launch copy
+- architecture, runtime support, auto-invoke policy, getting started, testing, and sync command docs
+- package metadata and generated project examples
+- regression tests for safe apply, runtime smoke, agent availability, and route graph coverage
+
+### Verification
+
+- `node --test test/auto-invoke-engine.test.js`
+- `node --test test/installer.test.js`
+- `npm test`
+- `npm run release:check`
+- `npm pack --json`
+- `git diff --check`
+
 ## 2.0.9 - 2026-05-16
 
 ### What changed

package/docs/route-graph.md

@@ -0,0 +1,51 @@
+# Route Graph Audit
+
+Scriveno's route graph is generated from `data/CONSTRAINTS.json` and `lib/auto-invoke-engine.js`. It is not a separate hand-maintained registry.
+
+Run the audit with:
+
+```bash
+scriveno routes
+scriveno routes --json
+```
+
+The text report summarizes command count, graph edges, agent-capable routes, local-helper routes, manual-gated routes, read-only routes, and lane counts. The JSON report includes nodes and edges for host adapters, CI checks, and future visualizations.
+
+## Current Shape
+
+As of `2.0.10`, the route graph contains:
+
+- 112 commands
+- intent-order edges from `command_intents`
+- dependency-chain edges from `dependencies.core_chain`
+- automation lanes from `getCommandAutomationPolicy()`
+- route priority fixtures for high-value state transitions
+
+## Automation Lanes
+
+Each command receives one lane:
+
+- `read-only`: inspect and recommend
+- `local-helper`: deterministic local helper, visible in status
+- `agent-ready`: bounded specialist route with known agent prompts
+- `agent-or-local`: route may use a specialist or local diagnostic pass
+- `mixed`: lifecycle route whose behavior depends on project state
+- `manual-gated`: writer-owned action that must stay explicit
+
+## Priority Fixtures
+
+The engine exports priority fixtures for the flows most likely to regress:
+
+- empty workspace routes to `/scr:new-work`
+- scanned project without drafts routes to `/scr:plan`
+- planned work without drafts routes to `/scr:draft`
+- drafts without review coverage route to `/scr:editor-review`
+- revision proposals route to `/scr:editor-review --proposal`
+- translation work routes to `/scr:back-translate`
+- publishing prerequisite gaps route to the first missing packaging prerequisite
+
+These fixtures are covered by `test/auto-invoke-engine.test.js`.
+
+## Cross-Runtime Use
+
+All runtimes use the same route graph audit. Claude Code, Cursor, Gemini CLI, OpenCode, GitHub Copilot, Windsurf, and Antigravity read command files and prompt agents. Codex reads generated `$scr-*` skills plus `.toml` agent metadata. Manus and the generic fallback read bundled skill files. Perplexity Desktop receives guided local-MCP setup. The graph stays shared even when the host's native spawning behavior differs.

package/docs/runtime-support.md

@@ -11,6 +11,8 @@ Node is required for:
 - running `npx scriveno@latest`
 - executing `bin/install.js`
 - running `scriveno status --project .`
+- running `scriveno status --project . --apply-safe`
+- running `scriveno sync --check`, `scriveno smoke`, `scriveno agents`, and `scriveno routes`
 - executing the shared auto-invoke status engine at `lib/auto-invoke-engine.js`
 - running the repo's JavaScript test suite
 
@@ -78,12 +80,30 @@ The public CLI entrypoint is:
 ```bash
 scriveno status --project .
 scriveno status . --json
+scriveno status --project . --apply-safe
 ```
 
 The JSON form is intended for CI, host adapters, and future runtime smoke tests.
 
 Status output uses the same route-intelligence shape across runtimes: `Candidate agents`, `Candidate local helpers`, and `Manual gates`. That keeps Claude Code, Codex, Cursor, Gemini CLI, OpenCode, GitHub Copilot, Windsurf, Antigravity, Manus, Perplexity Desktop, and generic skill installs aligned even when their native spawning mechanisms differ.
 
+## Runtime Smoke and Agent Checks
+
+The package now exposes cross-runtime checks through the public CLI:
+
+```bash
+scriveno sync --check
+scriveno smoke --json
+scriveno agents --json
+scriveno routes --json
+```
+
+`scriveno smoke` checks installed command surfaces, Codex skill directories, bundled skill manifests, agent prompt counts, Codex `.toml` metadata, guided Perplexity setup assets, and the shared engine under `~/.scriveno/lib/auto-invoke-engine.js`.
+
+`scriveno agents` checks whether each runtime has the expected Scriveno agent prompts and reports the correct fallback: prompt-run fallback for Claude Code and standard command runtimes, metadata-ready for Codex when `.toml` files are present, guided setup for Perplexity Desktop, and bundled skill prompts for Manus or generic skill installs.
+
+`scriveno routes` audits the command graph and automation lanes from `data/CONSTRAINTS.json`. It is useful when adding commands because it surfaces whether a route is read-only, local-helper, agent-ready, agent-or-local, mixed, or manual-gated.
+
 ## What Scriveno Proves Today
 
 Scriveno currently proves all of the following in-repo:

package/docs/shipped-assets.md

@@ -39,6 +39,7 @@ These files ship in `templates/` and `docs/` and provide the trust trio for sess
 ## Runtime Sync Asset Shipped Today
 
 - `commands/scr/sync.md` -- local runtime-surface synchronization command. It compares and refreshes installed Scriveno commands, Codex skills, command mirrors, and agent prompts from the current source tree by delegating to `bin/install.js`.
+- `lib/auto-invoke-engine.js` -- shared project status, safe apply, runtime smoke, agent availability, and route graph audit engine used by `scriveno status`, `scriveno sync --check`, `scriveno smoke`, `scriveno agents`, and `scriveno routes`.
 
 ## Export Templates Shipped Today
 

package/docs/testing.md

@@ -136,6 +136,16 @@ For the standard release gate, prefer:
 npm run release:check
 ```
 
+When changing proactive routing, runtime install paths, or agent surfaces, also run:
+
+```bash
+scriveno status --project . --apply-safe
+scriveno sync --check
+scriveno smoke --json
+scriveno agents --json
+scriveno routes --json
+```
+
 Use those for release prep so you can inspect what would ship without mutating the registry.
 
 ## Practical workflow

package/lib/auto-invoke-engine.js

@@ -1,4 +1,5 @@
 const fs = require('fs');
+const os = require('os');
 const path = require('path');
 
 const DEFAULT_RUNTIME_SUPPORT = {
@@ -99,6 +100,119 @@ const CORE_PROJECT_FILES = [
   'config.json',
 ];
 
+const DEFAULT_AGENT_NAMES = [
+  'continuity-checker',
+  'drafter',
+  'plan-checker',
+  'researcher',
+  'translator',
+  'voice-checker',
+];
+
+const ROUTE_PRIORITY_FIXTURES = [
+  {
+    name: 'empty workspace',
+    setup: 'no .manuscript directory',
+    expectedCommand: '/scr:new-work',
+    reason: 'start or import before lifecycle routing',
+  },
+  {
+    name: 'scanned project without drafts',
+    setup: 'STATE.md and CONTEXT.md exist, drafts are absent',
+    expectedCommand: '/scr:plan',
+    reason: 'planning comes before drafting when no plan is ready',
+  },
+  {
+    name: 'planned work without draft',
+    setup: 'plan files exist and drafts are absent',
+    expectedCommand: '/scr:draft',
+    reason: 'connected plan evidence should route to drafting',
+  },
+  {
+    name: 'draft without review coverage',
+    setup: 'draft files exist and reviews are absent',
+    expectedCommand: '/scr:editor-review',
+    reason: 'review should precede export and packaging',
+  },
+  {
+    name: 'revision proposal waiting',
+    setup: 'proposal files exist in .manuscript/proposals',
+    expectedCommand: '/scr:editor-review --proposal',
+    reason: 'proposal review is more urgent than general notes',
+  },
+  {
+    name: 'translation follow-up',
+    setup: 'translation folders or target languages exist after review coverage',
+    expectedCommand: '/scr:back-translate',
+    reason: 'translation needs verification before multi-publish',
+  },
+  {
+    name: 'publishing prerequisite gap',
+    setup: 'reviewed drafts exist without front matter, back matter, blurb, or cover handoff',
+    expectedCommand: '/scr:front-matter',
+    reason: 'specific packaging prerequisites come before final publish',
+  },
+];
+
+const RUNTIME_INSTALL_SURFACES = {
+  'claude-code': {
+    commands: (homeDir) => path.join(homeDir, '.claude', 'commands'),
+    agents: (homeDir) => path.join(homeDir, '.claude', 'agents'),
+    commandLayout: 'flat',
+  },
+  cursor: {
+    commands: (homeDir) => path.join(homeDir, '.cursor', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.cursor', 'agents'),
+    commandLayout: 'nested',
+  },
+  'gemini-cli': {
+    commands: (homeDir) => path.join(homeDir, '.gemini', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.gemini', 'agents'),
+    commandLayout: 'nested',
+  },
+  codex: {
+    commands: (homeDir) => path.join(homeDir, '.codex', 'commands', 'scr'),
+    skills: (homeDir) => path.join(homeDir, '.codex', 'skills'),
+    agents: (homeDir) => path.join(homeDir, '.codex', 'agents'),
+    commandLayout: 'nested',
+    metadata: 'toml',
+  },
+  opencode: {
+    commands: (homeDir) => path.join(homeDir, '.config', 'opencode', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.config', 'opencode', 'agents'),
+    commandLayout: 'nested',
+  },
+  copilot: {
+    commands: (homeDir) => path.join(homeDir, '.github', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.github', 'agents'),
+    commandLayout: 'nested',
+  },
+  windsurf: {
+    commands: (homeDir) => path.join(homeDir, '.windsurf', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.windsurf', 'agents'),
+    commandLayout: 'nested',
+  },
+  antigravity: {
+    commands: (homeDir) => path.join(homeDir, '.gemini', 'antigravity', 'commands', 'scr'),
+    agents: (homeDir) => path.join(homeDir, '.gemini', 'antigravity', 'agents'),
+    commandLayout: 'nested',
+  },
+  manus: {
+    skills: (homeDir) => path.join(homeDir, '.manus', 'skills', 'scriveno'),
+    agents: (homeDir) => path.join(homeDir, '.manus', 'skills', 'scriveno', 'agents'),
+    commandLayout: 'skill-bundle',
+  },
+  'perplexity-desktop': {
+    guide: (homeDir) => path.join(homeDir, '.scriveno', 'perplexity'),
+    commandLayout: 'guided-mcp',
+  },
+  generic: {
+    skills: (homeDir) => path.join(homeDir, '.scriveno', 'skills'),
+    agents: (homeDir) => path.join(homeDir, '.scriveno', 'skills', 'agents'),
+    commandLayout: 'skill-bundle',
+  },
+};
+
 const AGENT_ROUTE_POLICIES = {
   '/scr:plan': {
     agents: ['plan-checker'],
@@ -855,6 +969,381 @@ function listRuntimeAgentSupport() {
   }));
 }
 
+function getPackageRoot() {
+  return path.resolve(__dirname, '..');
+}
+
+function loadConstraints(options = {}) {
+  const constraintsPath = options.constraintsPath || path.join(getPackageRoot(), 'data', 'CONSTRAINTS.json');
+  const constraints = readJson(constraintsPath);
+  return constraints && constraints.commands ? constraints : { commands: {}, command_intents: {}, dependencies: {} };
+}
+
+function expectedCommandCount(options = {}) {
+  return Object.keys(loadConstraints(options).commands || {}).length;
+}
+
+function getExpectedAgentNames(options = {}) {
+  if (Array.isArray(options.agentNames) && options.agentNames.length > 0) {
+    return options.agentNames.slice().sort();
+  }
+  const agentsRoot = options.agentsRoot || path.join(getPackageRoot(), 'agents');
+  const files = listFiles(agentsRoot, { extensions: ['.md'], recursive: false })
+    .map((file) => path.basename(file, '.md'))
+    .sort();
+  return files.length ? files : DEFAULT_AGENT_NAMES.slice().sort();
+}
+
+function collectSafeApplyActions(projectRoot = process.cwd(), options = {}) {
+  const analysis = options.analysis || analyzeProject(projectRoot);
+  const actions = [
+    {
+      name: 'status sweep',
+      command: 'scriveno status',
+      status: 'ran',
+      mutation: false,
+      reason: 'computed the current route, local-helper, agent, and manual-gate state',
+    },
+  ];
+
+  const readOnlyHelpers = new Set(['/scr:progress', '/scr:session-report', '/scr:check-notes', '/scr:health', '/scr:validate']);
+  const writeOrInstallHelpers = new Set(['/scr:save', '/scr:scan', '/scr:sync']);
+
+  for (const candidate of analysis.automation.localCandidates || []) {
+    const command = candidate.command;
+    if (readOnlyHelpers.has(command)) {
+      actions.push({
+        name: command.replace('/scr:', ''),
+        command,
+        status: 'ready',
+        mutation: false,
+        reason: candidate.reason,
+      });
+    } else if (writeOrInstallHelpers.has(command)) {
+      actions.push({
+        name: command.replace('/scr:', ''),
+        command,
+        status: 'skipped',
+        mutation: true,
+        reason: `${candidate.reason}; safe apply reports this instead of writing files`,
+      });
+    } else {
+      actions.push({
+        name: command.replace('/scr:', ''),
+        command,
+        status: 'suggested',
+        mutation: null,
+        reason: candidate.reason,
+      });
+    }
+  }
+
+  for (const candidate of analysis.automation.spawnCandidates || []) {
+    actions.push({
+      name: candidate.command.replace('/scr:', ''),
+      command: candidate.command,
+      status: 'agent-candidate',
+      mutation: null,
+      reason: `${candidate.agents.join(', ')}: ${candidate.reason}`,
+    });
+  }
+
+  for (const gate of analysis.automation.manualGates || []) {
+    actions.push({
+      name: gate.command.replace('/scr:', ''),
+      command: gate.command,
+      status: 'manual-gate',
+      mutation: true,
+      reason: gate.reason,
+    });
+  }
+
+  return {
+    projectRoot: analysis.projectRoot,
+    trigger: options.trigger || 'scriveno status --apply-safe',
+    appliedCount: actions.filter((action) => action.status === 'ran').length,
+    skippedCount: actions.filter((action) => action.status === 'skipped' || action.status === 'manual-gate').length,
+    safeToRunCount: actions.filter((action) => action.status === 'ready').length,
+    agentCandidateCount: actions.filter((action) => action.status === 'agent-candidate').length,
+    actions,
+  };
+}
+
+function formatSafeApplyReport(result) {
+  const actionLines = result.actions.length
+    ? result.actions.map((action) => {
+      const mutation = action.mutation === false ? 'read-only' : action.mutation === true ? 'writes or external action' : 'host-dependent';
+      return `- ${action.command}: ${action.status} (${mutation}) - ${action.reason}`;
+    })
+    : ['- none'];
+  return [
+    'Safe apply status:',
+    `Trigger: ${result.trigger}`,
+    `Project: ${result.projectRoot}`,
+    `Read-only checks run: ${result.appliedCount}`,
+    `Safe helpers ready: ${result.safeToRunCount}`,
+    `Agent candidates: ${result.agentCandidateCount}`,
+    `Manual or write-gated actions: ${result.skippedCount}`,
+    'Actions:',
+    ...actionLines,
+  ].join('\n');
+}
+
+function runtimeSurfacePaths(runtimeKey, options = {}) {
+  const homeDir = options.homeDir || os.homedir();
+  const surface = RUNTIME_INSTALL_SURFACES[runtimeKey];
+  if (!surface) return null;
+  const out = { runtimeKey };
+  for (const [key, value] of Object.entries(surface)) {
+    if (typeof value === 'function') out[key] = value(homeDir);
+  }
+  out.commandLayout = surface.commandLayout;
+  out.metadata = surface.metadata || 'none';
+  return out;
+}
+
+function inspectAgentAvailability(options = {}) {
+  const runtimeKeys = options.runtimeKeys || Object.keys(DEFAULT_RUNTIME_SUPPORT);
+  const agentNames = getExpectedAgentNames(options);
+  const runtimes = [];
+
+  for (const runtimeKey of runtimeKeys) {
+    const support = getRuntimeAgentSupport(runtimeKey);
+    const paths = runtimeSurfacePaths(runtimeKey, options);
+    if (!support || !paths) continue;
+
+    if (runtimeKey === 'perplexity-desktop') {
+      const guideReady = pathExists(path.join(paths.guide || '', 'SETUP.md'));
+      runtimes.push({
+        runtime: runtimeKey,
+        label: support.label,
+        status: guideReady ? 'guided-ready' : 'guided-missing',
+        nativeSpawn: support.nativeSpawn,
+        fallback: support.fallback,
+        agentsDir: null,
+        promptCount: 0,
+        missingPrompts: agentNames,
+        metadataCount: 0,
+        missingMetadata: [],
+      });
+      continue;
+    }
+
+    const agentsDir = paths.agents || path.join(paths.skills || '', 'agents');
+    const promptFiles = agentNames.map((name) => `${name}.md`);
+    const missingPrompts = promptFiles
+      .filter((fileName) => !pathExists(path.join(agentsDir, fileName)))
+      .map((fileName) => path.basename(fileName, '.md'));
+    const metadataFiles = support.metadata === 'toml'
+      ? agentNames.map((name) => `${name}.toml`)
+      : [];
+    const missingMetadata = metadataFiles
+      .filter((fileName) => !pathExists(path.join(agentsDir, fileName)))
+      .map((fileName) => path.basename(fileName, '.toml'));
+    const promptCount = promptFiles.length - missingPrompts.length;
+    const metadataCount = metadataFiles.length - missingMetadata.length;
+    let status = 'missing';
+    if (missingPrompts.length === 0 && missingMetadata.length === 0 && support.metadata === 'toml') {
+      status = 'metadata-ready';
+    } else if (missingPrompts.length === 0) {
+      status = 'prompt-fallback-ready';
+    }
+
+    runtimes.push({
+      runtime: runtimeKey,
+      label: support.label,
+      status,
+      nativeSpawn: support.nativeSpawn,
+      fallback: support.fallback,
+      agentsDir,
+      promptCount,
+      missingPrompts,
+      metadataCount,
+      missingMetadata,
+    });
+  }
+
+  return {
+    checkedAt: new Date().toISOString(),
+    expectedAgents: agentNames,
+    runtimes,
+  };
+}
+
+function formatAgentAvailabilityReport(report) {
+  const lines = [
+    'Agent availability:',
+    `Expected agents: ${report.expectedAgents.join(', ')}`,
+  ];
+  for (const runtime of report.runtimes) {
+    lines.push(`- ${runtime.label}: ${runtime.status}`);
+    if (runtime.agentsDir) lines.push(`  Agents: ${runtime.agentsDir}`);
+    lines.push(`  Prompts: ${runtime.promptCount}/${report.expectedAgents.length}`);
+    if (runtime.missingPrompts.length) lines.push(`  Missing prompts: ${runtime.missingPrompts.join(', ')}`);
+    if (runtime.missingMetadata.length) lines.push(`  Missing metadata: ${runtime.missingMetadata.join(', ')}`);
+    lines.push(`  Fallback: ${runtime.fallback}`);
+  }
+  return lines.join('\n');
+}
+
+function countInstalledCommands(paths) {
+  if (!paths) return 0;
+  if (paths.commandLayout === 'flat') {
+    return listFiles(paths.commands, { extensions: ['.md'], recursive: false })
+      .filter((file) => /^scr-/.test(path.basename(file)))
+      .length;
+  }
+  if (paths.commandLayout === 'skill-bundle') {
+    return countMarkdownFiles(path.join(paths.skills || '', 'commands', 'scr'));
+  }
+  if (paths.commandLayout === 'guided-mcp') {
+    return pathExists(path.join(paths.guide || '', 'SETUP.md')) ? 1 : 0;
+  }
+  return countMarkdownFiles(paths.commands || '');
+}
+
+function inspectRuntimeSmoke(options = {}) {
+  const runtimeKeys = options.runtimeKeys || Object.keys(DEFAULT_RUNTIME_SUPPORT);
+  const expectedCommands = options.expectedCommands || expectedCommandCount(options);
+  const expectedAgents = getExpectedAgentNames(options);
+  const dataDir = options.dataDir || path.join(options.homeDir || os.homedir(), '.scriveno');
+  const enginePath = path.join(dataDir, 'lib', 'auto-invoke-engine.js');
+  const results = [];
+
+  for (const runtimeKey of runtimeKeys) {
+    const support = getRuntimeAgentSupport(runtimeKey);
+    const paths = runtimeSurfacePaths(runtimeKey, options);
+    if (!support || !paths) continue;
+    const commandCount = countInstalledCommands(paths);
+    const skillCount = runtimeKey === 'codex' && pathExists(paths.skills || '')
+      ? fs.readdirSync(paths.skills, { withFileTypes: true }).filter((entry) => entry.isDirectory() && entry.name.startsWith('scr-')).length
+      : paths.skills && pathExists(path.join(paths.skills, 'SKILL.md')) ? 1 : 0;
+    const agentsDir = paths.agents || (paths.skills ? path.join(paths.skills, 'agents') : null);
+    const promptCount = countFiles(agentsDir, ['.md']);
+    const metadataCount = runtimeKey === 'codex' ? countFiles(agentsDir, ['.toml']) : 0;
+    const commandReady = runtimeKey === 'perplexity-desktop' ? commandCount === 1 : commandCount >= expectedCommands;
+    const skillReady = runtimeKey === 'codex' ? skillCount >= expectedCommands : !paths.skills || skillCount >= 1;
+    const agentReady = runtimeKey === 'perplexity-desktop' ? true : promptCount >= expectedAgents.length;
+    const metadataReady = runtimeKey === 'codex' ? metadataCount >= expectedAgents.length : true;
+    const engineReady = pathExists(enginePath);
+    const ok = commandReady && skillReady && agentReady && metadataReady && engineReady;
+
+    results.push({
+      runtime: runtimeKey,
+      label: support.label,
+      ok,
+      commands: commandCount,
+      expectedCommands: runtimeKey === 'perplexity-desktop' ? 1 : expectedCommands,
+      skills: skillCount,
+      agents: promptCount,
+      expectedAgents: runtimeKey === 'perplexity-desktop' ? 0 : expectedAgents.length,
+      metadata: metadataCount,
+      expectedMetadata: runtimeKey === 'codex' ? expectedAgents.length : 0,
+      engineReady,
+      paths,
+    });
+  }
+
+  return {
+    checkedAt: new Date().toISOString(),
+    dataDir,
+    enginePath,
+    expectedCommands,
+    expectedAgents,
+    ok: results.every((result) => result.ok),
+    runtimes: results,
+  };
+}
+
+function formatRuntimeSmokeReport(report) {
+  const lines = [
+    'Runtime smoke status:',
+    `Shared engine: ${report.enginePath} (${report.runtimes.some((runtime) => runtime.engineReady) ? 'present' : 'missing'})`,
+    `Overall: ${report.ok ? 'pass' : 'needs attention'}`,
+  ];
+  for (const runtime of report.runtimes) {
+    lines.push(`- ${runtime.label}: ${runtime.ok ? 'pass' : 'needs attention'}`);
+    lines.push(`  Commands: ${runtime.commands}/${runtime.expectedCommands}`);
+    if (runtime.skills) lines.push(`  Skills: ${runtime.skills}`);
+    if (runtime.expectedAgents) lines.push(`  Agent prompts: ${runtime.agents}/${runtime.expectedAgents}`);
+    if (runtime.expectedMetadata) lines.push(`  Agent metadata: ${runtime.metadata}/${runtime.expectedMetadata}`);
+    lines.push(`  Shared engine: ${runtime.engineReady ? 'present' : 'missing'}`);
+  }
+  return lines.join('\n');
+}
+
+function buildRouteGraph(options = {}) {
+  const constraints = options.commands ? options : loadConstraints(options);
+  const commands = constraints.commands || {};
+  const categories = {};
+  const lanes = {};
+  const nodes = Object.entries(commands).map(([name, command]) => {
+    const policy = getCommandAutomationPolicy(name, command);
+    categories[command.category || 'uncategorized'] = (categories[command.category || 'uncategorized'] || 0) + 1;
+    lanes[policy.lane] = (lanes[policy.lane] || 0) + 1;
+    return {
+      id: `/scr:${name}`,
+      name,
+      category: command.category || 'uncategorized',
+      lane: policy.lane,
+      level: policy.level,
+      available: command.available || [],
+      reason: policy.reason,
+    };
+  });
+
+  const edges = [];
+  for (const [intent, names] of Object.entries(constraints.command_intents || {})) {
+    for (let i = 0; i < names.length - 1; i++) {
+      if (commands[names[i]] && commands[names[i + 1]]) {
+        edges.push({ from: `/scr:${names[i]}`, to: `/scr:${names[i + 1]}`, type: 'intent-order', label: intent });
+      }
+    }
+  }
+  for (const [chainName, entries] of Object.entries(constraints.dependencies || {})) {
+    if (!Array.isArray(entries)) continue;
+    const commandEntries = entries.filter((entry) => entry && typeof entry === 'object' && entry.command);
+    for (let i = 0; i < commandEntries.length - 1; i++) {
+      const from = commandEntries[i].command;
+      const to = commandEntries[i + 1].command;
+      if (commands[from] && commands[to]) {
+        edges.push({ from: `/scr:${from}`, to: `/scr:${to}`, type: 'dependency-chain', label: chainName });
+      }
+    }
+  }
+
+  return {
+    generatedAt: new Date().toISOString(),
+    commandCount: nodes.length,
+    edgeCount: edges.length,
+    categories,
+    lanes,
+    agentRoutes: nodes.filter((node) => node.lane === 'agent-ready' || node.lane === 'agent-or-local').length,
+    localRoutes: nodes.filter((node) => node.lane === 'local-helper').length,
+    manualRoutes: nodes.filter((node) => node.lane === 'manual-gated').length,
+    readOnlyRoutes: nodes.filter((node) => node.lane === 'read-only').length,
+    nodes,
+    edges,
+  };
+}
+
+function formatRouteGraphReport(graph) {
+  const laneLines = Object.entries(graph.lanes)
+    .sort(([a], [b]) => a.localeCompare(b))
+    .map(([lane, count]) => `- ${lane}: ${count}`);
+  return [
+    'Route graph audit:',
+    `Commands: ${graph.commandCount}`,
+    `Edges: ${graph.edgeCount}`,
+    `Agent-capable routes: ${graph.agentRoutes}`,
+    `Local-helper routes: ${graph.localRoutes}`,
+    `Manual-gated routes: ${graph.manualRoutes}`,
+    `Read-only routes: ${graph.readOnlyRoutes}`,
+    'Automation lanes:',
+    ...laneLines,
+  ].join('\n');
+}
+
 function parseCliArgs(argv) {
   const out = {
     projectRoot: process.cwd(),
@@ -892,15 +1381,27 @@ module.exports = {
   AGENT_ROUTE_POLICIES,
   CATEGORY_ROUTE_POLICIES,
   DEFAULT_RUNTIME_SUPPORT,
+  DEFAULT_AGENT_NAMES,
   LOCAL_ROUTE_POLICIES,
   MANUAL_ROUTE_POLICIES,
+  ROUTE_PRIORITY_FIXTURES,
   analyzeProject,
+  buildRouteGraph,
+  collectSafeApplyActions,
+  expectedCommandCount,
+  formatAgentAvailabilityReport,
+  formatRouteGraphReport,
   formatProactiveChecks,
   formatAutomationStatus,
   formatRecommendation,
   formatReport,
+  formatRuntimeSmokeReport,
+  formatSafeApplyReport,
   getCommandAutomationPolicy,
+  getExpectedAgentNames,
   getRuntimeAgentSupport,
+  inspectAgentAvailability,
+  inspectRuntimeSmoke,
   listRuntimeAgentSupport,
   parseCliArgs,
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scriveno",
-  "version": "2.0.9",
+  "version": "2.0.10",
   "description": "Spec-driven creative writing, publishing, and translation pipeline for AI coding agents. From blank page to published book.",
   "bin": {
     "scriveno": "bin/install.js"

package/templates/config.json

@@ -1,5 +1,5 @@
 {
-  "scriveno_version": "2.0.9",
+  "scriveno_version": "2.0.10",
   "work_type": "",
   "group": "",
   "command_unit": "",