theslopmachine 1.0.13 → 1.0.22

package/assets/slopmachine/phase-2-plan-template.md

@@ -29,14 +29,15 @@ This file is internal guidance. Keep it private. Translate each slice into conci
 - Runtime/Docker expectation:
 - Local development test harness:
 - `./repo/run_tests.sh` expectation:
+- Test directory structure: unit tests under `unit_tests/`, API/integration HTTP tests under `API_tests/` (both directories mandatory when the corresponding test surface exists)
 - README baseline expectation:
 - Completion evidence:
 
 ## 4. Module Map
 
 | Module | Requirements / clarifications | Owned behavior | UI surfaces | API/service/job surfaces | Data owned | Security/failure concerns | Proof required |
-|---|---|---|---|---|---|---|---|
-|  |  |  |  |  |  |  |  |
+|---|---|---|---|---|---|---|---|---|---|
+|  |  |  |  |  |  |  |  |  |  |
 
 ## 4.1 No-Orphan Ledger
 
@@ -46,6 +47,8 @@ Every accepted requirement, clarification, API/interface, data object, actor pat
 |---|---|---|---|---|---|
 |  | requirement / clarification / API / data / actor path / security / docs / tests |  |  |  | planned |
 
+The Status column starts as `planned` and must be updated during the development phase to reflect delivery. During the requirements integrity sweep, the owner marks each item as `delivered`, `not-applicable`, or `missing`. No item may remain `planned` after all modules are complete. The status ledger is the single source of truth for whether every requirement survived from design through implementation.
+
 ## 5. Ordered Work Packages
 
 | Order | Work package | Depends on | Owned files/surfaces | Required implementation outcome | Tests/proof to land with it | Completion evidence |
@@ -56,6 +59,8 @@ Every accepted requirement, clarification, API/interface, data object, actor pat
 
 If not applicable, state `Not Applicable` with the accepted reason.
 
+Every accepted endpoint and interface must be listed here. Each endpoint must have its own row with the exact METHOD + PATH, its owning module, the work package that implements it, the required tests and proof, and security or validation notes. No endpoint may be omitted.
+
 | Endpoint / interface | Module | Responsible work package | Required tests/proof | Security / validation notes |
 |---|---|---|---|---|
 |  |  |  |  |  |
@@ -130,7 +135,12 @@ Required when backend capabilities exist. If not applicable, state `Not Applicab
 
 ## 10. Test Coverage Plan
 
-| Requirement / flow / risk | Unit proof | API/interface proof | Integration proof | E2E/platform proof | Owner |
+- All tests must live under their required directories: unit tests in `unit_tests/`, API/integration HTTP tests in `API_tests/`. Both directories are mandatory when the corresponding test surface exists.
+- Every API endpoint from section 6 must have a row here with its test coverage specified. Every E2E flow from the design must be enumerated with its proof path. Every unit target (service, controller, utility, model) must list the specific test cases it needs. No requirement, endpoint, or E2E flow may be omitted — the coverage plan must be exhaustive.
+- The Key Assertion column must describe what the test asserts at the business-rule level, not just that it calls an endpoint. It must specify the exact expected state transition, status code, response body shape, or side effect. Example: "asserts invoice status changes to `approved` with status 200 and only managers can approve" — not "asserts 200 OK" or "asserts successful response." Avoid permissive assertions that accept multiple valid-ish outcomes without verifying the specific expected result.
+- The Gap column captures what is not yet covered: missing test scenarios, unverified assertion levels, or planned-but-not-yet-implemented proof.
+
+| Requirement / flow / risk | Unit proof | API/interface proof | Integration proof | E2E/platform proof | Key Assertion | Gap | Owner |
 |---|---|---|---|---|---|
 |  |  |  |  |  |  |
 
@@ -150,7 +160,7 @@ Required when backend capabilities exist. If not applicable, state `Not Applicab
 - Unit coverage expectation:
 - API/interface coverage expectation:
 - Integration coverage expectation:
-- E2E/platform coverage expectation:
+- E2E/platform coverage expectation: every prompt requirement must have an identifiable E2E test that exercises real application behavior and verifies business outcomes. E2E tests must cover every actor path, business rule, authorization rule, error state, and task-closure condition. Tests that only confirm page renders without asserting state changes or data persistence are decorative and insufficient.
 - Frontend state/component coverage expectation:
 - Final browser/manual core-flow expectation:
 - README seeded-value/account verification expectation:

package/assets/slopmachine/scaffold-playbooks/shared-contract.md

@@ -62,7 +62,6 @@ README must include:
 - startup instructions with `docker compose up --build`
 - legacy string `docker-compose up` for backend/fullstack/web projects
 - verification method and `./run_tests.sh`
-- local development test harness command
 - access method
 - auth credentials for every role or exact `No authentication required`
 - mock/stub/local-data/debug/demo disclosure
@@ -73,6 +72,8 @@ README must include:
 
 The scaffold must include at least one real narrow test and one honest local verification path. No-source, placeholder, or print-only wrappers are not acceptable.
 
+The scaffold must create `unit_tests/` for unit tests and `API_tests/` for API/integration HTTP tests when those test surfaces exist. Both directories are mandatory when the corresponding surface is present.
+
 ## Lifecycle floor
 
 If the stack includes workers, schedulers, queues, imports, exports, generated secrets, DB init, polling/realtime, or cleanup, scaffold must name the entrypoint and later proof target. Feature work should not have to rediscover where lifecycle code starts.

package/assets/slopmachine/templates/AGENTS.md

@@ -39,12 +39,13 @@ This file contains product engineering rules for the current project.
 - Keep product repo root `./repo/run_tests.sh` meaningful if it exists or if you are explicitly asked to create it; it must not be a no-op, smoke-only placeholder, or wrapper that silently skips major suites.
 - Do not run Docker or `run_tests.sh` unless asked.
 - For Android and iOS projects, document native build/run/debug/verification paths; do not force Docker as the primary runtime when platform tooling is inherently native.
-- Use `unit_tests/` for unit tests and `API_tests/` for API/integration HTTP tests when those surfaces exist.
+- Place all unit tests under `unit_tests/`. Place all API/integration HTTP tests under `API_tests/`. Both directories are required when a test surface exists.
 - Every implementation change should include tests for the behavior it owns. Target full meaningful coverage across unit, API/integration, and E2E/platform layers where those surfaces exist.
 - API/interface endpoints should have real positive and negative tests for exact behavior. User-facing flows should have E2E/platform coverage for the main journeys and important failure/recovery states.
 - API/interface tests should hit the real route/interface and real business logic without mocking transport/controllers/execution-path services unless there is a documented exception. Frontend unit tests should import or render real components/modules so coverage is directly reviewable.
 - Prefer the fastest meaningful targeted checks during ordinary implementation.
 - Never claim a command passed unless you actually ran it and saw the result.
+- For fullstack or web projects, start the application locally and verify it is reachable before reporting work as complete.
 - If required verification cannot run in the current environment, report it as unverified with the exact risk.
 
 ## Frontend And API Discipline
@@ -61,6 +62,7 @@ This file contains product engineering rules for the current project.
 - For forms, wire UI, route/client, handler/service, persistence/state, response, validation, authorization, and tests together.
 - For jobs, schedulers, imports/exports, polling, or generated artifacts, wire a real entrypoint and prove the state/artifact effect.
 - Every changed file should be imported/referenced, integrated, and covered by the strongest relevant checks for its surface.
+- When building a feature that connects to existing components, write integration tests proving the data and behavior flow between them. Do not build features in isolation — verify they work with what is already there.
 - Before calling a workstream complete, verify owned behavior, tests/proof, docs impact, security/negative paths, and unresolved risks.
 
 ## Security And Reliability

package/assets/slopmachine/templates/CLAUDE.md

@@ -39,12 +39,13 @@ This file contains product engineering rules for the current project.
 - Keep product repo root `./repo/run_tests.sh` meaningful if it exists or if you are explicitly asked to create it; it must not be a no-op, smoke-only placeholder, or wrapper that silently skips major suites.
 - Do not run Docker or `run_tests.sh` unless asked.
 - For Android and iOS projects, document native build/run/debug/verification paths; do not force Docker as the primary runtime when platform tooling is inherently native.
-- Use `unit_tests/` for unit tests and `API_tests/` for API/integration HTTP tests when those surfaces exist.
+- Place all unit tests under `unit_tests/`. Place all API/integration HTTP tests under `API_tests/`. Both directories are required when a test surface exists.
 - Every implementation change should include tests for the behavior it owns. Target full meaningful coverage across unit, API/integration, and E2E/platform layers where those surfaces exist.
 - API/interface endpoints should have real positive and negative tests for exact behavior. User-facing flows should have E2E/platform coverage for the main journeys and important failure/recovery states.
 - API/interface tests should hit the real route/interface and real business logic without mocking transport/controllers/execution-path services unless there is a documented exception. Frontend unit tests should import or render real components/modules so coverage is directly reviewable.
 - Prefer the fastest meaningful targeted checks during ordinary implementation.
 - Never claim a command passed unless you actually ran it and saw the result.
+- For fullstack or web projects, start the application locally and verify it is reachable before reporting work as complete.
 - If required verification cannot run in the current environment, report it as unverified with the exact risk.
 
 ## Frontend And API Discipline
@@ -61,6 +62,7 @@ This file contains product engineering rules for the current project.
 - For forms, wire UI, route/client, handler/service, persistence/state, response, validation, authorization, and tests together.
 - For jobs, schedulers, imports/exports, polling, or generated artifacts, wire a real entrypoint and prove the state/artifact effect.
 - Every changed file should be imported/referenced, integrated, and covered by the strongest relevant checks for its surface.
+- When building a feature that connects to existing components, write integration tests proving the data and behavior flow between them. Do not build features in isolation — verify they work with what is already there.
 - Before calling a workstream complete, verify owned behavior, tests/proof, docs impact, security/negative paths, and unresolved risks.
 
 ## Security And Reliability

package/assets/slopmachine/test-coverage-prompt.md

@@ -92,11 +92,18 @@ If unclear → assume **fullstack (strict mode)**
   * treat different HTTP methods separately
   * normalize parameterized paths (e.g., `/users/:id`)
 
-* **Endpoint is “covered” ONLY if:**
+* **Endpoint is "covered" ONLY if:**
 
   * a test sends a request to that exact `METHOD + PATH`
   * request reaches the real route handler
 
+* **Test directory structure (Mandatory)**:
+
+  * All unit tests must live under `unit_tests/`
+  * All API/integration HTTP tests must live under `API_tests/`
+  * Both directories are mandatory when the corresponding test surface exists
+  * If unit or API test files exist outside these directories, flag as **STRUCTURE VIOLATION**
+
 * **True No-Mock API Test requires ALL:**
 
   * app/server is bootstrapped

package/assets/slopmachine/utils/README.md

@@ -205,13 +205,9 @@ Bash wrapper that invokes `claude_wait_for_rate_limit_reset.mjs` through Node.
 
 ## Non-Claude Workflow Helpers
 
-### `prepare_evaluation_prompt.mjs`
-
-Builds an owner-side prepared evaluation prompt under workflow-private `.ai` state from a task root. Use `--report-path ./.tmp/<report>.md` to append an owner-required exact report path without editing the canonical prompt text.
-
 ### `prepare_evaluation_send_packet.mjs`
 
-Builds the exact saved evaluator-send packet for Phase 5/Phase 4 workflows from a task root. Use `--report-path ./.tmp/<report>.md` to append an owner-required exact report path without editing the canonical prompt text.
+Builds the exact saved evaluator-send packet for evaluation workflows from a task root. Interpolates `{prompt}` from `./metadata.json`, appends a required report path, and writes the complete packet to workflow-private `.ai/`. Use `--report-path ./.tmp/<report>.md` to append an owner-required exact report path without editing the canonical prompt text. This is the single consolidated script for all evaluation prompt preparation; use it in Phase 4 internal evaluator loops and Phase 5 audit cycles.
 
 ### `prepare_strict_audit_workspace.mjs`
 

package/assets/slopmachine/utils/claude_live_common.mjs

@@ -50,11 +50,8 @@ export async function ensureRuntimeDirs(paths) {
 export async function readJsonIfExists(filePath) {
   try {
     return await readJsonFile(filePath)
-  } catch (error) {
-    if (error && typeof error === 'object' && error.code === 'ENOENT') {
-      return null
-    }
-    throw error
+  } catch {
+    return null
   }
 }
 

package/assets/slopmachine/utils/prepare_evaluation_send_packet.mjs

@@ -54,13 +54,13 @@ try {
     fail(`Unsupported --mode '${mode}'. Use initial or rerun.`)
   }
 
-  if (reportPath && (!reportPath.startsWith('./.tmp/') || !reportPath.endsWith('.md'))) {
-    fail('--report-path must be a markdown path under ./.tmp/, for example ./.tmp/audit_report-1.md')
+  if (reportPath && !reportPath.endsWith('.md')) {
+    fail('--report-path must end with .md')
   }
 
   const workflowRoot = path.dirname(taskRoot)
   const metadataPath = path.join(taskRoot, 'metadata.json')
-  const defaultOutputPath = path.join(workflowRoot, '.ai', `evaluation-send-${path.basename(promptFile)}`)
+  const defaultOutputPath = path.join(workflowRoot, '.ai', `prepared-${path.basename(promptFile)}`)
 
   let promptText = await fs.readFile(promptFile, 'utf8')
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "theslopmachine",
-  "version": "1.0.13",
+  "version": "1.0.22",
   "description": "SlopMachine installer and project bootstrap CLI",
   "license": "MIT",
   "type": "module",

package/src/constants.js

@@ -69,7 +69,6 @@ export const REQUIRED_SLOPMACHINE_FILES = [
   "utils/convert_ai_session.py",
   "utils/package_claude_session.mjs",
   "utils/analyze_claude_project_dir.mjs",
-  "utils/prepare_evaluation_prompt.mjs",
   "utils/prepare_evaluation_send_packet.mjs",
   "utils/prepare_strict_audit_workspace.mjs",
   "utils/run_with_timeout.mjs",
@@ -110,14 +109,6 @@ export const REQUIRED_SLOPMACHINE_FILES = [
 ];
 
 export const MCP_ENTRIES = {
-  context7: {
-    enabled: true,
-    type: "remote",
-    url: "https://mcp.context7.com/mcp",
-    headers: {
-      CONTEXT7_API_KEY: "",
-    },
-  },
   exa: {
     enabled: true,
     type: "remote",

package/src/init.js

@@ -628,30 +628,23 @@ async function createRepoStructure(workflowRoot, taskRoot, runtimeAssetRoot, age
         run_id: randomUUID(),
         current_phase: initialPhase,
         awaiting_human: false,
-      clarification_approved: false,
-      evaluation_prompt_kind: null,
-      active_evaluator_session_id: null,
-      task_root: 'task',
-      evaluation_reports_root: 'task/.tmp',
-      evaluation_audit_count: 0,
-      evaluation_runs: [],
-      completed_bugfix_session_count: 0,
-      required_bugfix_session_count: 2,
-      coverage_readme_audit_completed: false,
-      coverage_readme_audit_report_path: null,
-      developer_sessions: [],
-      developer_rulebook_file: developerRulebookFile,
-      current_developer_lane: null,
-      active_developer_session_id: null,
-      primary_develop_session_id: null,
-      latest_develop_session_id: null,
-      next_develop_session_number: 1,
-      next_bugfix_session_number: 1,
-      packaging_completed: false,
-      claude_live_root: '.ai/claude-live',
-      bootstrap_mode: options.adoptExisting ? 'adopt' : 'new',
-      requested_start_phase: options.requestedStartPhase,
-    }, null, 2)}\n`, 'utf8')
+        evaluation_prompt_kind: null,
+        active_evaluator_session_id: null,
+        task_root: 'task',
+        evaluation_reports_root: 'task/.tmp',
+        developer_sessions: [],
+        developer_rulebook_file: developerRulebookFile,
+        current_developer_lane: null,
+        active_developer_session_id: null,
+        primary_develop_session_id: null,
+        latest_develop_session_id: null,
+        next_develop_session_number: 1,
+        next_bugfix_session_number: 1,
+        packaging_completed: false,
+        claude_live_root: '.ai/claude-live',
+        bootstrap_mode: options.adoptExisting ? 'adopt' : 'new',
+        requested_start_phase: options.requestedStartPhase,
+      }, null, 2)}\n`, 'utf8')
   }
 
   await createInitialPhaseArtifacts(taskRoot, workflowRoot, runtimeAssetRoot, options)

package/src/install.js

@@ -209,14 +209,6 @@ const OPENCODE_EVALUATOR_AGENT = {
   model: 'openai/gpt-5.3-codex',
   variant: 'medium',
   thinkingLevel: 'medium',
-  permission: {
-    bash: 'deny',
-    edit: 'deny',
-    write: 'allow',
-    read: 'allow',
-    grep: 'allow',
-    glob: 'allow',
-  },
 }
 
 function getHomeDir() {
@@ -1270,6 +1262,33 @@ async function installClaudeRuntimeAssets(paths) {
   return summary
 }
 
+async function resolveNpmGlobalRoot() {
+  const result = await runCommand('npm', ['root', '-g'])
+  if (result.code !== 0 || !result.stdout.trim()) {
+    return null
+  }
+  return result.stdout.trim()
+}
+
+async function installAgentBrowserSkill(paths) {
+  const npmRoot = await resolveNpmGlobalRoot()
+  if (!npmRoot) {
+    warn('Could not resolve npm global root to install agent-browser skill')
+    return
+  }
+  const agentBrowserSkillSrc = path.join(npmRoot, 'agent-browser', 'skills', 'agent-browser')
+  if (!(await pathExists(agentBrowserSkillSrc))) {
+    return
+  }
+  const agentBrowserSkillDest = path.join(paths.globalSkillsDir, 'agent-browser')
+  const result = await copyDirReplacing(agentBrowserSkillSrc, agentBrowserSkillDest)
+  if (result.replaced) {
+    log('Refreshed agent-browser skill')
+  } else {
+    log('Installed agent-browser skill')
+  }
+}
+
 async function installSkills(paths) {
   const sourceSkills = path.join(assetsRoot(), 'skills')
   await ensureDir(paths.globalSkillsDir)
@@ -1333,15 +1352,6 @@ async function mergeOpencodeConfig(paths, options) {
   delete mcp['chrome-devtools']
   delete mcp.shadcn
 
-  if (!mcp.context7) {
-    mcp.context7 = {
-      ...MCP_ENTRIES.context7,
-      headers: {
-        CONTEXT7_API_KEY: options.context7ApiKey,
-      },
-    }
-  }
-
   if (!mcp.exa) {
     mcp.exa = {
       ...MCP_ENTRIES.exa,
@@ -1395,34 +1405,25 @@ async function maybeInstallPluginBinary(existingConfig) {
 }
 
 async function collectApiKeys(existingConfig) {
-  const forcedContext7 = process.env.SLOPMACHINE_CONTEXT7_API_KEY
   const forcedExa = process.env.SLOPMACHINE_EXA_API_KEY
   const nonInteractive = process.env.SLOPMACHINE_NONINTERACTIVE === '1'
   const existingMcp = typeof existingConfig?.mcp === 'object' && existingConfig.mcp !== null ? existingConfig.mcp : {}
-  const needsContext7 = !existingMcp.context7
   const needsExa = !existingMcp.exa
 
-  if ((!needsContext7 && !needsExa) || forcedContext7 !== undefined || forcedExa !== undefined || nonInteractive) {
+  if (!needsExa || forcedExa !== undefined || nonInteractive) {
     return {
-      context7ApiKey: needsContext7 ? (forcedContext7 || '') : '',
       exaApiKey: needsExa ? (forcedExa || '') : '',
     }
   }
 
-  let context7ApiKey = ''
   let exaApiKey = ''
 
-  if (needsContext7) {
-    console.log('Context7 API key: https://context7.com')
-    context7ApiKey = await promptSecret('Paste Context7 API key or leave blank to skip')
-  }
-
   if (needsExa) {
     console.log('Exa API key: https://exa.ai')
     exaApiKey = await promptSecret('Paste Exa API key or leave blank to skip')
   }
 
-  return { context7ApiKey, exaApiKey }
+  return { exaApiKey }
 }
 
 async function maybeCollectUploadToken() {
@@ -1465,6 +1466,7 @@ export async function runInstall() {
   }
   await ensureDependency({ name: 'opencode', checkCommand: 'opencode', requiredVersion: OPCODE_VERSION, installable: true })
   await ensureDependency({ name: 'agent-browser', checkCommand: 'agent-browser', requiredVersion: null, installable: true })
+  await installAgentBrowserSkill(paths)
   await ensureDependency({ name: 'beads_rust (br)', checkCommand: 'br', requiredVersion: null, installable: true })
   const rtkSummary = await initializeRtk()
   await checkDocker()

package/assets/slopmachine/utils/prepare_evaluation_prompt.mjs

@@ -1,81 +0,0 @@
-#!/usr/bin/env node
-
-import fs from 'node:fs/promises'
-import path from 'node:path'
-
-import { parseArgs, printUsageAndExit, readJsonFile, writeFileIfNeeded } from './claude_worker_common.mjs'
-
-const argv = parseArgs(process.argv.slice(2))
-
-if (argv.help === '1') {
-  printUsageAndExit(`Usage:
-  node ~/slopmachine/utils/prepare_evaluation_prompt.mjs --task-root <task-root> --prompt-file <template-file> [--mode <initial|rerun>] [--report-path <./.tmp/report.md>] [--output-file <prepared-file>]
-`)
-}
-
-const SAME_SESSION_RERUN_FOOTER = 'Check the entire current project again against the full prompt above and regenerate the complete report from scratch. Save the report to the same required path. Make the report read as a fresh standalone audit of the current repo state and do not mention or imply any previous run, rerun, regeneration, prior inspection, earlier fixes, or earlier remaining items.\n'
-
-function fail(message) {
-  process.stderr.write(`${message}\n`)
-  process.exit(1)
-}
-
-try {
-  const taskRoot = argv['task-root'] ? path.resolve(argv['task-root']) : null
-  const promptFile = argv['prompt-file'] ? path.resolve(argv['prompt-file']) : null
-  const outputFile = argv['output-file'] ? path.resolve(argv['output-file']) : null
-  const reportPath = argv['report-path'] ? String(argv['report-path']).trim() : ''
-  const mode = argv.mode ? String(argv.mode).trim().toLowerCase() : 'initial'
-
-  if (!taskRoot) {
-    fail('Missing --task-root')
-  }
-
-  if (!promptFile) {
-    fail('Missing --prompt-file')
-  }
-
-  if (mode !== 'initial' && mode !== 'rerun') {
-    fail(`Unsupported --mode '${mode}'. Use initial or rerun.`)
-  }
-
-  if (reportPath && (!reportPath.startsWith('./.tmp/') || !reportPath.endsWith('.md'))) {
-    fail('--report-path must be a markdown path under ./.tmp/, for example ./.tmp/audit_report-1.md')
-  }
-
-  const workflowRoot = path.dirname(taskRoot)
-  const metadataPath = path.join(taskRoot, 'metadata.json')
-  const defaultOutputPath = path.join(workflowRoot, '.ai', `prepared-${path.basename(promptFile)}`)
-
-  let promptText = await fs.readFile(promptFile, 'utf8')
-
-  if (promptText.includes('{prompt}')) {
-    const metadata = await readJsonFile(metadataPath)
-    const projectPrompt = typeof metadata?.prompt === 'string' ? metadata.prompt : ''
-    if (!projectPrompt.trim()) {
-      fail(`Missing non-empty metadata.json prompt at ${metadataPath} for a prompt template that requires {prompt}.`)
-    }
-    promptText = promptText.replaceAll('{prompt}', projectPrompt)
-  }
-
-  if (reportPath) {
-    promptText = promptText.endsWith('\n')
-      ? `${promptText}\nOwner-required report path: write/save the final report exactly to \`${reportPath}\`.\n`
-      : `${promptText}\n\nOwner-required report path: write/save the final report exactly to \`${reportPath}\`.\n`
-  }
-
-  const unresolvedPlaceholders = [...promptText.matchAll(/\{[a-z_]+\}/g)].map((match) => match[0])
-  if (unresolvedPlaceholders.length > 0) {
-    fail(`Unsupported unresolved prompt placeholders remain: ${[...new Set(unresolvedPlaceholders)].join(', ')}`)
-  }
-
-  if (mode === 'rerun') {
-    promptText = promptText.endsWith('\n') ? `${promptText}\n${SAME_SESSION_RERUN_FOOTER}` : `${promptText}\n\n${SAME_SESSION_RERUN_FOOTER}`
-  }
-
-  const resolvedOutputPath = outputFile || defaultOutputPath
-  await writeFileIfNeeded(resolvedOutputPath, promptText)
-  process.stdout.write(`${resolvedOutputPath}\n`)
-} catch (error) {
-  fail(error instanceof Error ? error.message : String(error))
-}