ultimate-pi 0.22.1 → 0.23.0

package/.pi/scripts/generate-agents-policy-yaml.mjs

@@ -13,6 +13,53 @@ const ROOT = join(dirname(fileURLToPath(import.meta.url)), "..", "..");
 const AGENTS_DIR = join(ROOT, ".pi", "agents");
 const OUT = join(ROOT, ".pi", "harness", "agents.policy.yaml");
 
+/** Per-agent tool denials layered on kind defaults (ADR 0049). */
+const AGENT_TOOLS_DENY = {
+	"harness/planning/hypothesis-validator": [
+		"bash",
+		"grep",
+		"find",
+		"ls",
+		"ctx_batch_execute",
+		"ctx_execute",
+		"ctx_execute_file",
+		"ctx_search",
+		"ctx_fetch_and_index",
+	],
+	"harness/planning/implementation-researcher": [
+		"bash",
+		"find",
+		"ctx_batch_execute",
+		"ctx_execute",
+		"ctx_execute_file",
+	],
+	"harness/planning/stack-researcher": [
+		"bash",
+		"find",
+		"ctx_batch_execute",
+		"ctx_execute",
+		"ctx_execute_file",
+	],
+	"harness/planning/sprint-contract-auditor": [
+		"bash",
+		"find",
+		"ctx_batch_execute",
+		"ctx_execute",
+		"ctx_execute_file",
+		"ctx_fetch_and_index",
+	],
+	"harness/planning/review-integrator": [
+		"bash",
+		"grep",
+		"find",
+		"ctx_batch_execute",
+		"ctx_execute",
+		"ctx_execute_file",
+		"ctx_search",
+		"ctx_fetch_and_index",
+	],
+};
+
 const SUBMIT_BY_AGENT = {
 	"harness/planning/planning-context": ["submit_planning_context"],
 	"harness/planning/decompose": ["submit_decomposition_brief", "submit_human_required"],
@@ -60,14 +107,31 @@ function kindFor(id) {
 	return "other";
 }
 
+const READ_ONLY_BASE_TOOLS = [
+	"read",
+	"grep",
+	"find",
+	"ls",
+	"bash",
+	"ctx_batch_execute",
+	"ctx_execute",
+	"ctx_execute_file",
+	"ctx_search",
+	"ctx_fetch_and_index",
+];
+
 const KIND_BASE = {
-	planner: ["read", "grep", "find", "ls"],
-	executor: ["read", "write", "edit", "bash", "grep", "find", "ls"],
-	evaluator: ["read", "grep", "find", "ls"],
-	adversary: ["read", "grep", "find", "ls"],
-	tie_breaker: ["read", "grep", "find", "ls"],
-	trace: ["read", "grep", "find", "ls"],
-	incident: ["read", "grep", "find", "ls"],
+	planner: [...READ_ONLY_BASE_TOOLS],
+	executor: [
+		...READ_ONLY_BASE_TOOLS,
+		"write",
+		"edit",
+	],
+	evaluator: [...READ_ONLY_BASE_TOOLS],
+	adversary: [...READ_ONLY_BASE_TOOLS],
+	tie_breaker: [...READ_ONLY_BASE_TOOLS],
+	trace: [...READ_ONLY_BASE_TOOLS],
+	incident: [...READ_ONLY_BASE_TOOLS],
 	other: ["read", "grep", "find", "ls"],
 };
 
@@ -117,6 +181,8 @@ async function main() {
 			(t) => !base.has(t),
 		);
 		const entry = { kind };
+		const toolsDeny = AGENT_TOOLS_DENY[id];
+		if (toolsDeny?.length) entry.tools_deny = toolsDeny;
 		if (toolsAdd.length > 0) entry.tools_add = toolsAdd;
 		if (fm.extensions === false) entry.extensions = false;
 		if (fm.extensions === true) entry.extensions = true;

package/.pi/scripts/harness-reconcile-run-context.mjs

@@ -0,0 +1,62 @@
+#!/usr/bin/env node
+/**
+ * Reconcile run-context.yaml with on-disk plan + executor handoff (no Pi session).
+ * Usage: node .pi/scripts/harness-reconcile-run-context.mjs <run-id>
+ */
+import { mkdtempSync, writeFileSync, rmSync } from "node:fs";
+import { spawnSync } from "node:child_process";
+import { tmpdir } from "node:os";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+
+const root = join(dirname(fileURLToPath(import.meta.url)), "..", "..");
+const runId = process.argv[2];
+if (!runId) {
+	console.error("usage: node .pi/scripts/harness-reconcile-run-context.mjs <run-id>");
+	process.exit(1);
+}
+
+const dir = mkdtempSync(join(tmpdir(), "harness-reconcile-"));
+const runner = join(dir, "run.mts");
+writeFileSync(
+	runner,
+	`import {
+  reconcileStaleExecuteCompletion,
+  reconcileReviewRouting,
+  loadRunContextFromDisk,
+  saveRunContextToDisk,
+} from ${JSON.stringify(join(root, ".pi/lib/harness-run-context.ts"))};
+
+const root = ${JSON.stringify(root)};
+const runId = ${JSON.stringify(runId)};
+const ctx0 = await loadRunContextFromDisk(runId, root);
+if (!ctx0) {
+  console.error("run not found:", runId);
+  process.exit(1);
+}
+console.log("before", JSON.stringify({
+  phase: ctx0.phase,
+  step: ctx0.last_completed_step,
+  outcome: ctx0.last_outcome,
+  next: ctx0.next_recommended_command,
+}));
+let ctx1 = await reconcileStaleExecuteCompletion(root, ctx0, []);
+ctx1 = await reconcileReviewRouting(root, ctx1);
+await saveRunContextToDisk(ctx1, root);
+console.log("after", JSON.stringify({
+  phase: ctx1.phase,
+  step: ctx1.last_completed_step,
+  outcome: ctx1.last_outcome,
+  next: ctx1.next_recommended_command,
+}));
+`,
+	"utf-8",
+);
+
+const result = spawnSync("npx", ["-y", "tsx", runner], {
+	cwd: root,
+	encoding: "utf-8",
+	stdio: "inherit",
+});
+rmSync(dir, { recursive: true, force: true });
+process.exit(result.status ?? 1);

package/.pi/scripts/harness-schema-compile-verify.mjs

@@ -0,0 +1,29 @@
+#!/usr/bin/env node
+/**
+ * Compile every harness JSON Schema (catches unresolved cross-file $ref).
+ * Invoked from harness-verify.mjs via `npx tsx`.
+ */
+
+import { join, dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+import {
+	listHarnessSpecSchemaFiles,
+	verifyHarnessSchemaRefIntegrity,
+	verifyHarnessSchemasCompile,
+} from "../lib/harness-schema-validate.ts";
+
+const ROOT = join(dirname(fileURLToPath(import.meta.url)), "..", "..");
+const SPECS = join(ROOT, ".pi", "harness", "specs");
+
+const files = await listHarnessSpecSchemaFiles(SPECS);
+const integrity = await verifyHarnessSchemaRefIntegrity(SPECS);
+if (!integrity.ok) {
+	console.error(integrity.errors.join("\n"));
+	process.exit(1);
+}
+const compiled = await verifyHarnessSchemasCompile(SPECS, files);
+if (!compiled.ok) {
+	console.error(compiled.errors.join("\n"));
+	process.exit(1);
+}
+console.log(`harness-schema-compile-verify: ${files.length} schemas OK`);

package/.pi/scripts/harness-verify.mjs

@@ -519,6 +519,32 @@ async function checkSentruxGate() {
 	ok("sentrux check passed");
 }
 
+async function verifyHarnessSchemaCompilation() {
+	const script = join(ROOT, ".pi", "scripts", "harness-schema-compile-verify.mjs");
+	if (!(await fileExists(script))) {
+		fail("missing harness-schema-compile-verify.mjs");
+	}
+	const { code, out } = await new Promise((resolve) => {
+		const child = spawn("npx", ["-y", "tsx", script], {
+			cwd: ROOT,
+			stdio: ["ignore", "pipe", "pipe"],
+			shell: true,
+		});
+		let buf = "";
+		child.stdout?.on("data", (d) => {
+			buf += d.toString();
+		});
+		child.stderr?.on("data", (d) => {
+			buf += d.toString();
+		});
+		child.on("close", (c) => resolve({ code: c ?? 1, out: buf }));
+	});
+	if (code !== 0) {
+		fail(out.trim() || "harness schema compile verify failed");
+	}
+	ok(out.trim() || "harness schemas compile (cross-file $ref)");
+}
+
 async function verifySchemaAdrAndExtensions() {
 	for (const name of REQUIRED_SCHEMAS) {
 		const path = join(SPECS, name);
@@ -526,6 +552,7 @@ async function verifySchemaAdrAndExtensions() {
 		JSON.parse(await readFile(path, "utf-8"));
 		ok(`schema ${name}`);
 	}
+	await verifyHarnessSchemaCompilation();
 	for (const name of REQUIRED_ADRS) {
 		const path = join(ADRS, name);
 		if (!(await fileExists(path))) fail(`missing ADR ${name}`);

package/CHANGELOG.md

@@ -2,6 +2,19 @@
 
 All notable changes to this project are documented in this file.
 
+
+## [v0.23.0] — 2026-05-28
+
+### ✨ Features
+
+- strengthen run context human gates
+
+## [v0.22.2] — 2026-05-28
+
+### 🐛 Fixes
+
+- Harden harness plan/run/review/auto pipeline routing: reconcile run context from disk and handoffs, sync review-outcome from eval, fix harness-auto fresh runs (plan path, abort lock, kill-switch disarm), add harness-clear and expanded tests.
+
 ## [v0.22.1] — 2026-05-27
 
 ### 🔧 Chores

package/README.md

@@ -76,6 +76,8 @@ If `/harness-review` returns `implementation_gap`, run:
 | `/harness-review [--run <id>] [--quick] [--readonly] [--trace <ref>]` | Post-run verification gate: deterministic checks, benchmark evaluator, policy verdict, adversary, optional tie-breaker. |
 | `/harness-steer [--attempt N]` | Post-review repair pass for `implementation_gap`; executor reads `repair-brief.yaml`, then you re-run `/harness-review`. |
 | `/harness-abort [reason]` | Safely aborts the active run, clears plan readiness, and re-locks mutation until a fresh plan is approved. |
+
+| `/harness-clear` | Deletes only historical `.pi/harness/runs/<run_id>/` directories after mandatory confirmation; active run is preserved and non-affirmative/outage confirmation paths are no-op. |
 | `/harness-trace [--run <id>] [--phase plan\|execute\|evaluate\|adversary\|merge]` | Summarizes run traces and artifact handoffs for replay/forensics. |
 | `/harness-incident --trigger <reason> [--run <id>] [--severity low\|med\|high\|critical]` | Records incident, rollback, and override trail for harness failures. |
 | `/harness-sentrux-steward [--run <id>]` | Ad-hoc architectural intent review for Sentrux manifest/rule alignment. |
@@ -127,6 +129,8 @@ Subagents run isolated from the parent session. They persist canonical YAML thro
 | No approved plan | Run `/harness-plan "<task>"`, then `/harness-run`. |
 | Need to inspect handoff | Run `/harness-trace` or inspect `.pi/harness/runs/<run_id>/`. |
 | Need to restart safely | Run `/harness-abort [reason]`, then create a fresh plan. |
+
+| Need to prune old run history safely | Run `/harness-clear`; only historical run directories are eligible and confirmation failure/cancel deletes nothing. |
 | Review says `implementation_gap` | Run `/harness-steer`, then `/harness-review`. |
 | Review says `plan_gap` | Revise with `/harness-plan "<updated task>"`. |
 | Sentrux missing | Install/configure Sentrux or keep it skipped; harness verification still reports the status. |

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "ultimate-pi",
-	"version": "0.22.1",
+	"version": "0.23.0",
 	"description": "Governed AI coding harness for pi.dev — bootstrap, plan, execute, review, and steer with deterministic policy gates",
 	"keywords": [
 		"pi-package",