skillrepo 4.7.0 → 4.8.1

package/bin/skillrepo.mjs

@@ -70,9 +70,12 @@ const COMMANDS = {
   },
   push: {
     description: "Push a local skill directory to your library (create or release new version)",
-    usage:
-      "skillrepo push <path> [--version <label>] [--changelog <text>] " +
-      "[--idempotency-key <key>] [--json]",
+    // Versioning is server-side (frontmatter-driven smart upsert), so the CLI
+    // does NOT accept --version/--changelog — they were removed in the #1455
+    // push rework. Do not re-add them here without wiring them into push.mjs:
+    // the advertised-surface contract test asserts every flag listed in this
+    // string is actually accepted by the command (#1923).
+    usage: "skillrepo push <path> [--idempotency-key <key>] [--json]",
     run: async (argv) => runPush(argv),
   },
   publish: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "skillrepo",
-  "version": "4.7.0",
+  "version": "4.8.1",
   "description": "Pull-based CLI for agent skills — init, sync, search, add, remove your library from any IDE",
   "type": "module",
   "bin": {

package/src/commands/init.mjs

@@ -199,13 +199,23 @@ const BLACK_HOLE_STREAM = {
  * @param {NodeJS.WritableStream} [io.stdout=process.stdout]
  * @param {NodeJS.WritableStream} [io.stderr=process.stderr]
  * @param {object} [deps] - Test-only dependency injection. Production
- *        callers leave this empty. Forwarded to step 6
- *        (`installSessionSyncHook`); see `init-session-sync.mjs` for
- *        the supported keys (`spawn`, `getCliVersion`, `confirmFn`).
+ *        callers leave this empty. `promptFn` (below) is consumed locally;
+ *        the remaining keys are forwarded to step 6
+ *        (`installSessionSyncHook`) — see `init-session-sync.mjs` for
+ *        those (`spawn`, `getCliVersion`, `confirmFn`).
+ * @param {Function} [deps.promptFn] - Override for the interactive
+ *        access-key prompt (`promptWithBrowserOpen`). Lets tests drive
+ *        the step-1 prompt and the step-2 stale-key re-prompt recovery
+ *        without a real TTY/stdin. Default: the real
+ *        `promptWithBrowserOpen`. Same test-seam pattern as `confirmFn`.
  */
 export async function runInit(argv, io = {}, deps = {}) {
   const stdout = io.stdout ?? process.stdout;
   const stderr = io.stderr ?? process.stderr;
+  // Test-seam for the interactive credential prompt. Production uses the
+  // real browser-assisted prompt; tests inject a stub to exercise the
+  // step-1 and stale-key re-prompt paths deterministically.
+  const promptForKey = deps.promptFn ?? promptWithBrowserOpen;
 
   const { flags, yes, force, noSessionSync } = parseInitFlags(argv);
 
@@ -270,7 +280,7 @@ export async function runInit(argv, io = {}, deps = {}) {
         hint: "Pass --key sk_live_... or set SKILLREPO_ACCESS_KEY.",
       });
     }
-    apiKey = await promptWithBrowserOpen(
+    apiKey = await promptForKey(
       cliAuthUrl(serverUrl),
       "Enter your access key (sk_live_...)",
     );
@@ -343,7 +353,7 @@ export async function runInit(argv, io = {}, deps = {}) {
     ) {
       p.warning("Existing config has an invalid key. Re-prompting for a new one.");
       apiKey = (
-        await promptWithBrowserOpen(
+        await promptForKey(
           cliAuthUrl(serverUrl),
           "Enter your access key (sk_live_...)",
         )

package/src/lib/http.mjs

@@ -1118,9 +1118,19 @@ export async function searchSkills(serverUrl, apiKey, opts = {}) {
   }
 
   const body = await parseJsonOrThrow(res, url);
+  const skills = body.skills ?? [];
   return {
-    skills: body.skills ?? [],
-    pagination: body.pagination ?? { total: 0, limit: opts.limit ?? 20, offset: opts.offset ?? 0 },
+    skills,
+    // When the server omits pagination, default `total` to the number of
+    // skills actually returned — never 0 — so the displayed count can't
+    // contradict the visible rows (a fabricated total:0 made `search`
+    // print "0 results" beneath a result, and `--json` emit a total of 0
+    // alongside a non-empty `results`). #1923.
+    pagination: body.pagination ?? {
+      total: skills.length,
+      limit: opts.limit ?? 20,
+      offset: opts.offset ?? 0,
+    },
   };
 }
 

package/src/lib/sync.mjs

@@ -31,6 +31,11 @@
  *        version + content SHAs of every skill written in the last
  *        successful sync. Unblocks per-skill drift detection in `list`
  *        (#1555) and any future `status`-style command.
+ *        Later (#1911) v2 also carries `cliVersion` — the version of the
+ *        CLI that last wrote the state file. Additive, not a schema bump:
+ *        absence is meaningful (a state file with no `cliVersion` was
+ *        written by a pre-#1911 CLI and triggers the one-time membership
+ *        heal). See `FULL_RESYNC_FLOOR` / `cliVersionBelowFloor`.
  *
  * Forward/backward compatibility
  * ------------------------------
@@ -88,13 +93,20 @@
  * @property {number} schemaVersion
  * @property {string|null} etag
  * @property {string} syncedAt
+ * @property {string} [cliVersion] - v2+ (#1911). Version of the CLI that last
+ *                                   wrote this state. Absent on files written
+ *                                   by a pre-#1911 CLI; absence triggers the
+ *                                   one-time membership heal.
  * @property {Record<string, SyncedSkillEntry>} skills - v2+. Keyed by `"<owner>/<name>"`.
  */
 
 import { existsSync, readFileSync } from "node:fs";
 import { join } from "node:path";
 
+import semver from "semver";
+
 import { getLibrary, postSyncReceipt } from "./http.mjs";
+import { getCliVersion } from "./cli-version.mjs";
 import {
   writeSkillDir,
   removeSkillDir,
@@ -118,6 +130,66 @@ import { computeSkillShas } from "./crypto-shas.mjs";
  */
 export const LAST_SYNC_SCHEMA_VERSION = 2;
 
+/**
+ * One-time heal floor (#1911).
+ *
+ * A `.last-sync` written by a CLI BELOW this version predates the
+ * server-side delta-membership fix. Such a state file can be permanently
+ * missing skills that were added to the library but never delivered: the
+ * old delta filter keyed only on `skills.updatedAt`, so a skill whose
+ * content predated the user's `since` was skipped even though the library
+ * ETag advanced (count++). The client then cached the advanced ETag and
+ * every subsequent `update` short-circuited on a 304 — the skill could
+ * never arrive via delta.
+ *
+ * The server fix makes FUTURE adds correct, but it cannot rescue a client
+ * that already cached the advanced ETag (it still matches → 304). So the
+ * FIRST sync performed by a CLI at/above this floor forces ONE full fetch
+ * (drops `If-None-Match` AND `since`), re-fetching the entire library to
+ * fill any gap, then resumes normal delta. `writeLastSync` stamps the
+ * running CLI version on every write, so the heal fires at most once per
+ * upgrade.
+ *
+ * MUST equal the CLI version that ships this fix (see packages/cli/package.json).
+ */
+export const FULL_RESYNC_FLOOR = "4.8.0";
+
+/**
+ * True when a `.last-sync`'s recorded writer version is below the heal
+ * floor — i.e. the state file was written before the #1911 fix and may be
+ * missing never-delivered skills. A missing or unparseable version is
+ * treated as below the floor (older CLIs never stamped `cliVersion`), so
+ * every pre-fix state file heals exactly once.
+ *
+ * @param {unknown} recordedVersion - `.last-sync`'s `cliVersion` field.
+ * @param {string} floor - The heal floor (a valid semver string).
+ * @returns {boolean}
+ */
+export function cliVersionBelowFloor(recordedVersion, floor) {
+  if (typeof recordedVersion !== "string" || !semver.valid(recordedVersion)) {
+    return true;
+  }
+  return semver.lt(recordedVersion, floor);
+}
+
+/**
+ * The running CLI's version, or null if it cannot be read. `getCliVersion`
+ * throws on a malformed/absent package.json (a broken tarball); persisting
+ * last-sync state must never fail on that, so we soft-handle to null here.
+ * A null stamp simply means the next run treats this state as pre-floor and
+ * heals again — safe, just one extra full fetch in the (production-
+ * impossible) broken-tarball case.
+ *
+ * @returns {string | null}
+ */
+function safeCliVersion() {
+  try {
+    return getCliVersion();
+  } catch {
+    return null;
+  }
+}
+
 /**
  * Check whether every skill in the `.last-sync` baseline already exists
  * under every placement target the current sync would write to. Returns
@@ -297,17 +369,26 @@ export function readLastSync() {
  * sync"; consumers should treat absent entries as "unknown" rather
  * than as "missing from library."
  *
+ * Always stamps `cliVersion` with the running CLI's version (#1911). This
+ * is the writer-version record the heal gate (`cliVersionBelowFloor`) reads
+ * on the next run; a state file written by the current CLI is therefore
+ * never re-healed. A caller-supplied `cliVersion` overrides the stamp (used
+ * only by tests to simulate a pre-fix writer); production callers omit it.
+ *
  * @param {object} state
  * @param {string | null} [state.etag]
  * @param {string} [state.syncedAt]
  * @param {Record<string, SyncedSkillEntry>} [state.skills]
+ * @param {string | null} [state.cliVersion] - Override the writer-version
+ *        stamp. Defaults to the running CLI's version.
  */
-export function writeLastSync({ etag, syncedAt, skills } = {}) {
+export function writeLastSync({ etag, syncedAt, skills, cliVersion } = {}) {
   const path = globalLastSyncPath();
   const body = {
     schemaVersion: LAST_SYNC_SCHEMA_VERSION,
     etag: etag ?? null,
     syncedAt: syncedAt ?? new Date().toISOString(),
+    cliVersion: cliVersion !== undefined ? cliVersion : safeCliVersion(),
     skills: skills && typeof skills === "object" && !Array.isArray(skills) ? skills : {},
   };
   try {
@@ -390,6 +471,15 @@ export function upsertLastSyncEntry(skill) {
     etag: prior?.etag ?? null,
     syncedAt: prior?.syncedAt,
     skills: updated,
+    // Preserve the prior writer-version too (#1911). `add`/`get` fetch a
+    // SINGLE skill — they do NOT perform the full-library reconciliation
+    // the membership heal needs, so they must NOT advance the heal gate.
+    // Letting `writeLastSync` default-stamp the running version here would
+    // let a stuck user "spend" their one-time heal on a single-skill add,
+    // leaving every OTHER never-delivered skill stuck forever. `?? null`
+    // carries a pre-fix file's absent version forward as an explicit null
+    // so the next `update` still heals. Same rationale as etag/syncedAt.
+    cliVersion: prior?.cliVersion ?? null,
   });
 }
 
@@ -413,6 +503,10 @@ export function deleteLastSyncEntry(owner, name) {
     etag: prior.etag ?? null,
     syncedAt: prior.syncedAt,
     skills: rest,
+    // Preserve the prior writer-version (#1911) — `remove` is not a full
+    // reconciliation, so it must not advance the one-time heal gate.
+    // See upsertLastSyncEntry for the full rationale.
+    cliVersion: prior.cliVersion ?? null,
   });
 }
 
@@ -527,19 +621,41 @@ export async function runSync(options) {
   const placementsComplete =
     lastSync?.etag &&
     placementsAreComplete(lastSync.skills, vendors, global);
-  if (placementsComplete) {
+
+  // One-time membership-heal (#1911). A `.last-sync` written by a CLI below
+  // the heal floor predates the server delta-membership fix and may be
+  // permanently missing skills that were added to the library but never
+  // delivered (their content predated `since`, so the old delta skipped
+  // them while the ETag still advanced — the client cached the advanced
+  // ETag and every later sync 304'd). The server fix can't rescue such a
+  // client: its cached ETag still matches, so it keeps getting 304s. Force
+  // ONE full fetch (drop BOTH conditional headers) so the entire library
+  // is re-fetched and the gap is filled. `writeLastSync` stamps the running
+  // version on the resulting write, so this fires at most once per upgrade.
+  //
+  // Mixed-version note (benign, do NOT "fix" with a different mechanism): if
+  // a pre-4.8.0 CLI shares this same global `.last-sync` and runs after a
+  // 4.8.0 heal, its `writeLastSync` re-emits a file with no `cliVersion`, so
+  // the next 4.8.0 run heals again. That loop is harmless — a full re-fetch
+  // is idempotent — and self-resolves once the older install is upgraded.
+  const needsFullResync =
+    !!lastSync && cliVersionBelowFloor(lastSync.cliVersion, FULL_RESYNC_FLOOR);
+
+  if (placementsComplete && !needsFullResync) {
     opts.ifNoneMatch = lastSync.etag;
   }
-  if (lastSync?.syncedAt && placementsComplete) {
+  if (lastSync?.syncedAt && placementsComplete && !needsFullResync) {
     opts.since = lastSync.syncedAt;
   }
 
   // Track whether this is a full or delta sync BEFORE the network
-  // call, for the returned summary's `fullSync` field. A "full" sync
-  // is one where no `since` was sent — which is exactly when no
-  // prior last-sync state existed. The distinction matters to
-  // consumers (init.mjs) that need to tell "empty library" from
-  // "nothing changed since last sync" in the zero-counters case.
+  // call, for the returned summary's `fullSync` field. The documented
+  // semantic is "no PRIOR last-sync state existed" — NOT "no `since` was
+  // sent". A forced full re-fetch (placement-incomplete, or the #1911
+  // membership heal) still reports `fullSync:false` because prior state
+  // existed; only a genuine first sync reports true. Consumers (init.mjs)
+  // rely on this to tell "empty library" from "nothing changed since last
+  // sync" in the zero-counters case. Locked by sync.test.mjs.
   const fullSync = !lastSync?.syncedAt;
 
   const result = await getLibrary(serverUrl, apiKey, opts);

package/src/test/commands/add.test.mjs

@@ -4,12 +4,13 @@
 
 import { describe, it, beforeEach, afterEach } from "node:test";
 import assert from "node:assert/strict";
-import { mkdtempSync, mkdirSync, rmSync, existsSync } from "node:fs";
+import { mkdtempSync, mkdirSync, rmSync, existsSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
 import { tmpdir } from "node:os";
 
 import { runAdd } from "../../commands/add.mjs";
 import { resolvePlacementDir } from "../../lib/file-write.mjs";
+import { writeLastSync } from "../../lib/sync.mjs";
 import { CliError, EXIT_VALIDATION, EXIT_AUTH, EXIT_SCOPE } from "../../lib/errors.mjs";
 import { createMockServer } from "../e2e/mock-server.mjs";
 import { createCaptureStream } from "../helpers/capture-stream.mjs";
@@ -304,3 +305,79 @@ describe("runAdd — error paths", () => {
     );
   });
 });
+
+// ── #1911 bypass: add must NOT delta-filter ───────────────────────────
+//
+// add.mjs deliberately uses a single-skill GET (not runSync) precisely
+// so a skill whose content predates the user's last sync still lands —
+// the original #1911 trigger was an established user adding an OLDER
+// catalog skill and relying on delta sync, which silently dropped it.
+// add's whole protective property is "I never apply `since` filtering."
+// This was untested at the command layer; lock it.
+describe("runAdd — #1911 bypass: a skill older than last sync still lands", () => {
+  beforeEach(setup);
+  afterEach(teardown);
+
+  it("writes a skill whose updatedAt predates .last-sync.syncedAt, bypassing the delta endpoint", async () => {
+    // Seed a RECENT last sync — newer than the skill we're about to add.
+    // If `add` ever regressed to delta semantics, `updatedAt < since`
+    // would filter this skill out and it would never reach disk.
+    writeLastSync({
+      etag: '"lib-v9"',
+      syncedAt: "2099-01-01T00:00:00Z",
+      skills: {},
+    });
+    server.resetLibraryInspection();
+
+    // The catalog skill is OLD content (updatedAt years before `since`).
+    server.setSkillResponse("alice", "old-skill", {
+      ...makeSkill("alice", "old-skill"),
+      updatedAt: "2020-01-01T00:00:00Z",
+    });
+
+    await runAdd(["--key", VALID_KEY, "--url", serverUrl, "@alice/old-skill"], { stdout });
+
+    assert.ok(
+      existsSync(join(resolvePlacementDir("claudeProject", "old-skill"), "SKILL.md")),
+      "an older-than-last-sync skill MUST land on disk via `add`",
+    );
+    // The protective invariant: add never touched the delta-filtered
+    // library endpoint, so `since` could not have dropped the skill.
+    assert.equal(
+      server.getLibraryRequestCount(),
+      0,
+      "add must bypass GET /library entirely (no `since` filter can apply)",
+    );
+    assert.match(stdout.text(), /Added @alice\/old-skill/);
+  });
+});
+
+// ── Best-effort .last-sync write (#1574 contract) ─────────────────────
+describe("runAdd — best-effort .last-sync write failure does not fail the command", () => {
+  beforeEach(setup);
+  afterEach(teardown);
+
+  it("adds the skill and exits cleanly even when the .last-sync state write throws", async () => {
+    // Same mechanism as get: occupy the global skillrepo state-dir path
+    // with a file so the upsertLastSyncEntry → writeLastSync write throws
+    // a diskError. add's whole job (POST + fetch + write the skill to the
+    // project placement) must still succeed; the state write is
+    // best-effort and the throw must be swallowed.
+    mkdirSync(join(process.env.HOME, ".claude"), { recursive: true });
+    writeFileSync(join(process.env.HOME, ".claude", "skillrepo"), "not-a-dir");
+    server.setSkillResponse("alice", "pdf-helper", makeSkill("alice", "pdf-helper"));
+
+    await assert.doesNotReject(
+      () =>
+        runAdd(
+          ["--key", VALID_KEY, "--url", serverUrl, "@alice/pdf-helper", "--agent", "claude"],
+          { stdout },
+        ),
+      "a .last-sync write failure must NOT fail `add` after the skill files landed",
+    );
+    assert.ok(
+      existsSync(join(resolvePlacementDir("claudeProject", "pdf-helper"), "SKILL.md")),
+      "the skill files must still be on disk despite the state-write failure",
+    );
+  });
+});

package/src/test/commands/get.test.mjs

@@ -4,13 +4,19 @@
 
 import { describe, it, beforeEach, afterEach } from "node:test";
 import assert from "node:assert/strict";
-import { mkdtempSync, mkdirSync, rmSync, existsSync } from "node:fs";
+import { mkdtempSync, mkdirSync, rmSync, existsSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
 import { tmpdir } from "node:os";
 
 import { runGet } from "../../commands/get.mjs";
 import { resolvePlacementDir } from "../../lib/file-write.mjs";
-import { CliError, EXIT_VALIDATION } from "../../lib/errors.mjs";
+import {
+  CliError,
+  EXIT_VALIDATION,
+  EXIT_AUTH,
+  EXIT_SCOPE,
+  EXIT_NETWORK,
+} from "../../lib/errors.mjs";
 import { createMockServer } from "../e2e/mock-server.mjs";
 import { createCaptureStream } from "../helpers/capture-stream.mjs";
 import {
@@ -180,3 +186,126 @@ describe("runGet — error paths", () => {
     );
   });
 });
+
+// ── Coverage gap closure: --agent vectors + transport errors ───────────
+//
+// These mirror the equivalent vectors already locked in add.test.mjs
+// (`--agent none` rejection, `--agent cursor` placement, 401/403/network
+// transport mapping). `get` and `add` share `requireVendorTargets` and
+// the `http.mjs` error mapping, so the assertions here assert the SAME
+// advertised contract: exit 5 for the no-op flag, exit 2/4 for auth/scope,
+// exit 1 for a network failure, and the cohort `.agents/skills/` placement
+// for `--agent cursor`.
+describe("runGet — --agent flag + transport error paths", () => {
+  beforeEach(setup);
+  afterEach(teardown);
+
+  it("rejects --agent none with a validation error (no targets to write)", async () => {
+    server.setSkillResponse("alice", "pdf-helper", makeSkill("alice", "pdf-helper"));
+    await assert.rejects(
+      () =>
+        runGet(
+          ["--key", VALID_KEY, "--url", serverUrl, "--agent", "none", "@alice/pdf-helper"],
+          { stdout },
+        ),
+      (err) =>
+        err instanceof CliError &&
+        err.exitCode === EXIT_VALIDATION &&
+        /--agent none has no effect on `skillrepo get`/.test(err.message),
+    );
+  });
+
+  it("--agent cursor writes to the cohort .agents/skills/ placement, NOT the claude placement", async () => {
+    server.setSkillResponse("alice", "pdf-helper", makeSkill("alice", "pdf-helper"));
+    await runGet(
+      ["--key", VALID_KEY, "--url", serverUrl, "--agent", "cursor", "@alice/pdf-helper"],
+      { stdout },
+    );
+
+    // Landed in cursor's project target (.agents/skills/).
+    const agentsDir = resolvePlacementDir("agentsProject", "pdf-helper");
+    assert.ok(
+      existsSync(join(agentsDir, "SKILL.md")),
+      "--agent cursor must write the skill into .agents/skills/",
+    );
+
+    // Did NOT also write the Claude Code placement — the flag is scoped.
+    // This couples the assertion to the placement behavior: a regression
+    // that ignored --agent and defaulted to claudeProject would fail here.
+    const claudeDir = resolvePlacementDir("claudeProject", "pdf-helper");
+    assert.ok(
+      !existsSync(claudeDir),
+      "--agent cursor must NOT write the claude placement",
+    );
+  });
+
+  it("401 auth error exits 2", async () => {
+    // The single-skill GET route has no per-skill error slot, so force
+    // the next request (getSkill) to return 401 — the same outcome
+    // add.test.mjs reaches via setAddResponse(status: 401).
+    server.setForcedStatus(401, { error: "Invalid access key" });
+    await assert.rejects(
+      () => runGet(["--key", VALID_KEY, "--url", serverUrl, "@alice/auth-test"], { stdout }),
+      (err) => err instanceof CliError && err.exitCode === EXIT_AUTH,
+    );
+  });
+
+  it("403 scope-required maps to scopeError (exit 4)", async () => {
+    // Mirror add.test.mjs's 403-scope response shape (code: scope_required).
+    server.setForcedStatus(403, { error: "Insufficient scope", code: "scope_required" });
+    await assert.rejects(
+      () => runGet(["--key", VALID_KEY, "--url", serverUrl, "@alice/scope-test"], { stdout }),
+      (err) => err instanceof CliError && err.exitCode === EXIT_SCOPE,
+    );
+  });
+
+  it("network failure exits 1 (network)", async () => {
+    // Point at a port nothing is listening on — fetch rejects with a
+    // connection error that safeFetch wraps as networkError (exit 1).
+    await assert.rejects(
+      () =>
+        runGet(
+          ["--key", VALID_KEY, "--url", "http://127.0.0.1:1", "@alice/pdf-helper"],
+          { stdout },
+        ),
+      (err) => err instanceof CliError && err.exitCode === EXIT_NETWORK,
+    );
+  });
+});
+
+// ── Best-effort .last-sync write (#1574 contract) ─────────────────────
+//
+// get writes the skill bytes to disk, THEN records the skill in
+// .last-sync so `list` can see it. That second write is best-effort: if
+// it fails, the user already has the skill on disk, so the command must
+// NOT turn a successful fetch into a failure. get.mjs wraps it in a
+// try/catch; lock that the swallow actually happens.
+describe("runGet — best-effort .last-sync write failure does not fail the command", () => {
+  beforeEach(setup);
+  afterEach(teardown);
+
+  it("writes the skill and exits cleanly even when the .last-sync state write throws", async () => {
+    // Occupy the global skillrepo state-dir PATH with a regular file, so
+    // writeLastSync (via upsertLastSyncEntry) can't create the directory
+    // and throws a diskError. Cross-platform: a file where a directory is
+    // expected fails identically on POSIX and Windows (no chmod needed).
+    // The skill itself lands in the PROJECT placement (a different path),
+    // so the command's real work succeeds.
+    mkdirSync(join(process.env.HOME, ".claude"), { recursive: true });
+    writeFileSync(join(process.env.HOME, ".claude", "skillrepo"), "not-a-dir");
+    server.setSkillResponse("alice", "pdf-helper", makeSkill("alice", "pdf-helper"));
+
+    await assert.doesNotReject(
+      () =>
+        runGet(
+          ["--key", VALID_KEY, "--url", serverUrl, "@alice/pdf-helper", "--agent", "claude"],
+          { stdout },
+        ),
+      "a .last-sync write failure must NOT fail `get` after the skill files landed",
+    );
+    assert.ok(
+      existsSync(join(resolvePlacementDir("claudeProject", "pdf-helper"), "SKILL.md")),
+      "the skill files must still be on disk despite the state-write failure",
+    );
+  });
+});