ultimate-pi 0.6.0 → 0.7.0

package/.pi/lib/harness-ui-state.ts

@@ -97,6 +97,7 @@ export interface HarnessUiState {
 		testIntegrity: number | null;
 	};
 	traceRunId: string | null;
+	nextRecommendedCommand: string | null;
 }
 
 const DEFAULT_STATE: HarnessUiState = {
@@ -123,6 +124,7 @@ const DEFAULT_STATE: HarnessUiState = {
 		testIntegrity: null,
 	},
 	traceRunId: null,
+	nextRecommendedCommand: null,
 };
 
 const RELEVANT_CUSTOM_TYPES = new Set([
@@ -135,6 +137,7 @@ const RELEVANT_CUSTOM_TYPES = new Set([
 	"harness-test-integrity-flag",
 	"harness-run-trace",
 	"harness-trace-state",
+	"harness-run-context",
 ]);
 
 function asNumber(value: unknown): number | null {
@@ -284,6 +287,14 @@ function createStateFromEntries(entries: unknown[]): HarnessUiState {
 				? traceState.run_id
 				: null;
 
+	const runCtx = latest.get("harness-run-context") as
+		| { next_recommended_command?: string }
+		| undefined;
+	state.nextRecommendedCommand =
+		typeof runCtx?.next_recommended_command === "string"
+			? runCtx.next_recommended_command
+			: null;
+
 	state.flowSubstate = deriveFlowSubstate(state);
 	return state;
 }

package/.pi/prompts/harness-abort.md

@@ -13,8 +13,9 @@ Safely abort the current harness run in this session.
   - `phase: plan`
   - `approvedPlan: false`
   - `planId: null`
-- records abort metadata for observability.
-- enables a hard safety lock that blocks mutating tools until a new approved plan is attached.
+- clears active run `plan_ready` (plan files may remain on disk for forensics)
+- records abort metadata for observability
+- enables a hard safety lock that blocks mutating tools until a new approved plan is attached
 
 ## Usage
 
@@ -27,8 +28,8 @@ Examples:
 
 ## Safety guarantees
 
-- no mutating work should continue under the previous run context.
-- a fresh approved plan is required before mutation can resume.
+- no mutating work should continue under the previous run context
+- a fresh approved plan is required before mutation can resume
 
 ## Next step
 
@@ -36,6 +37,8 @@ Run:
 
 `/harness-plan "<task>"`
 
-Then proceed with:
+Then:
 
-`/harness-run --plan <path-to-plan-packet.json>`
+`/harness-run`
+
+(No `--plan` or run id required — the harness restores active context after replan.)

package/.pi/prompts/harness-auto.md

@@ -22,7 +22,7 @@ If task is missing, stop and return:
 
 ## Process contract
 
-1. Build and approve plan packet before any mutation.
+1. Build and approve plan packet at the canonical active-run path before any mutation (extension allocates one `run_id` for the auto pipeline).
 2. Execute only approved scope with rollback artifacts.
 3. Run independent evaluator then adversarial reviewer.
 4. Apply severity policy + strict pre-PR gates.
@@ -71,13 +71,13 @@ Block commit/PR if any gate fails:
 - `--risk` can tighten behavior, never disable adversary.
 - If risk/ambiguity is high, auto-fallback to manual `harness-plan` and use `ask_user` for blocking forks.
 - If execution must be interrupted safely, run `/harness-abort [reason]`, then restart with `/harness-plan "<task>"`.
-- Always output trace bundle ID and incident/rollback references.
+- Always output artifact references (`plan`, `eval`, `adversary`, `consensus`, `rollback`) and incident paths when applicable — do not ask the user to copy a run id; point to `/harness-run-status` or `/harness-trace-last` for phase handoff.
 
 ## Completion behavior
 
 End with a deterministic handoff block:
 
 1. `Pipeline status` (pass/fail per strict gate).
-2. `Trace bundle` and artifact references (`plan`, `eval`, `adversary`, `consensus`, `rollback`).
+2. Phase trace summary and artifact references (`plan`, `eval`, `adversary`, `consensus`, `rollback`) under the active run directory.
 3. `Policy outcome` (`pass`, `conditional_pass`, `block`, or `human_required`) with one-line rationale.
 4. `Next action` (open PR, replan, rollback, or human override path).

package/.pi/prompts/harness-critic.md

@@ -1,6 +1,6 @@
 ---
 description: Adversarial reviewer command with reproducible, merge-blocking findings.
-argument-hint: "--run <run-id> [--trace <trace-ref>] [--risk low|med|high]"
+argument-hint: "[--run <run-id>] [--trace <trace-ref>] [--risk low|med|high]"
 ---
 
 # harness-critic
@@ -11,12 +11,10 @@ Run adversarial review against the candidate result.
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--run <run-id>`
+- optional: `--run <run-id>` (recovery only)
 - optional: `--trace <trace-ref>`, `--risk low|med|high`
 
-If `--run` is missing, stop and return:
-
-`Usage: /harness-critic --run <run-id> [--trace <trace-ref>] [--risk low|med|high]`
+On the happy path, **omit `--run`**. Use active run context. Prefer a session isolated from execute.
 
 ## Process
 

package/.pi/prompts/harness-eval.md

@@ -1,28 +1,33 @@
 ---
 description: Run focused benchmark/eval checks and emit structured harness verdict artifacts.
-argument-hint: "--run <run-id> [--baseline <ref>] [--suite <name>]"
+argument-hint: "[--run <run-id>] [--baseline <ref>] [--suite <name>]"
 ---
 
 # harness-eval
 
-Run focused evaluations for the run and produce structured artifacts.
+Run focused evaluations for the active harness run and produce structured artifacts.
 
 ## Step 0 — Parse arguments
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--run <run-id>`
+- optional: `--run <run-id>` (recovery only — active run is used when omitted)
 - optional: `--baseline <ref>`, `--suite <name>`
 
-If `--run` is missing, stop and return:
+On the happy path, **omit `--run`**. The extension injects the active run from session + project `active-run.json`.
 
-`Usage: /harness-eval --run <run-id> [--baseline <ref>] [--suite <name>]`
+If no active run exists, stop and return:
+
+`No active run. Finish /harness-plan and /harness-run first, or use /harness-run-status.`
+
+Run in a **new Pi session** after execute (review-integrity isolation).
 
 ## Process
 
-1. Run plan-aligned acceptance checks plus focused regressions.
-2. Collect evaluator-compatible metrics and guard outcomes.
-3. Emit structured artifacts keyed by run ID.
+1. Load plan scope from `[HarnessActivePlan]` (read-only).
+2. Run plan-aligned acceptance checks plus focused regressions.
+3. Collect evaluator-compatible metrics and guard outcomes.
+4. Emit structured artifacts under the active run directory.
 
 ## Requirements
 
@@ -35,17 +40,12 @@ If `--run` is missing, stop and return:
 - Do not overthink simple benchmark outcomes; report measured results directly.
 - Only evaluate the requested run/suite/baseline scope.
 - Never report synthetic metrics; include only measured values.
+- Do not edit `plan-packet.json` in this phase.
 
 ## Output
 
-- Benchmark/eval summary table.
-- Structured verdict artifacts referenced by run ID.
-- Pass/fail recommendation for policy gate consumption.
+Structured eval verdict and summary metrics.
 
 ## Completion behavior
 
-End with a compact evaluator handoff:
-
-- measured metrics (`success_rate`, `cost_per_task`, regression guard status)
-- verdict (`pass`/`fail`)
-- artifact paths keyed by run ID
+End with `eval_status` (`pass` or `fail`) and `next_command` (`/harness-review` on pass; `/harness-plan` or `/harness-incident` on fail).

package/.pi/prompts/harness-incident.md

@@ -1,6 +1,6 @@
 ---
 description: Create incident record with rollback and override trail for harness failures.
-argument-hint: "--run <run-id> --trigger <reason> [--severity low|med|high|critical]"
+argument-hint: "--trigger <reason> [--run <run-id>] [--severity low|med|high|critical]"
 ---
 
 # harness-incident
@@ -11,12 +11,14 @@ Create a structured incident record for blocked or failed harness runs.
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--run <run-id>`, `--trigger <reason>`
-- optional: `--severity low|med|high|critical`
+- required: `--trigger <reason>`
+- optional: `--run <run-id>` (recovery only), `--severity low|med|high|critical`
 
-If required flags are missing, stop and return:
+If `--trigger` is missing, stop and return:
 
-`Usage: /harness-incident --run <run-id> --trigger <reason> [--severity low|med|high|critical]`
+`Usage: /harness-incident --trigger <reason> [--run <run-id>] [--severity low|med|high|critical]`
+
+Use active run when `--run` is omitted.
 
 ## Process
 

package/.pi/prompts/harness-plan.md

@@ -18,12 +18,25 @@ If task is missing, stop and return:
 
 `Usage: /harness-plan "<task>" [--risk low|med|high] [--budget <amount>] [--quick]`
 
+Do **not** require or accept `--plan` on this command.
+
+## Active plan context
+
+If `[HarnessActivePlan]` is present in context:
+
+- Read the current PlanPacket from the injected `plan_packet_path` first.
+- Treat the user task as **revise/amend** of that packet (not a greenfield plan), unless `/harness-new-run` was used.
+- After drift replan or post-abort, update the same canonical file.
+
+If no prior plan file exists, create PlanPacket at the canonical path from `[HarnessRunContext]`.
+
 ## Process
 
 1. Parse the requested task and extract concrete scope and constraints.
 2. If ambiguity blocks safe execution planning, call `ask_user` (harness-decisions skill). Stop with `needs_clarification` if the user cancels.
 3. Build a `PlanPacket` that is valid against `.pi/harness/specs/plan-packet.schema.json`.
-4. Include rollback artifacts in all required forms.
+4. **Write** the PlanPacket JSON to the canonical `plan_packet_path` before completing.
+5. Include rollback artifacts in all required forms.
 
 ## Hard requirements
 
@@ -35,6 +48,7 @@ If task is missing, stop and return:
   - prepared revert branch name
   - patch bundle path
 - Set risk level to `high` if uncertainty, broad blast radius, or policy-sensitive surfaces are involved.
+- Do **not** embed `plan_id=` in the user prompt for policy sync — the extension sets `approvedPlan` from the written file.
 
 ## Guardrails
 
@@ -51,7 +65,7 @@ Return:
    - assumptions
    - acceptance checks
    - rollback plan
-2. A valid JSON `PlanPacket` object.
+2. Confirmation that PlanPacket was written to the canonical path.
 
 Do not proceed to execution from this command.
 
@@ -61,4 +75,5 @@ Always end with:
 
 - one-line `plan_status` (`ready` or `needs_clarification`)
 - the final `risk_level` used
-- explicit `next_command` recommendation (`/harness-run --plan ...` or clarification request)
+- explicit `next_command` recommendation: `/harness-run` when `ready` (never `/harness-run --plan …`)
+- if `needs_clarification`, tell the user they may reply in plain language or run `/harness-plan` again with updates

package/.pi/prompts/harness-review.md

@@ -1,6 +1,6 @@
 ---
 description: Independent evaluator pass/fail verdict in session isolation mode.
-argument-hint: "--run <run-id> [--trace <trace-ref>]"
+argument-hint: "[--run <run-id>] [--trace <trace-ref>]"
 ---
 
 # harness-review
@@ -11,12 +11,11 @@ Produce an independent evaluator verdict.
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--run <run-id>`
+- optional: `--run <run-id>` (recovery only)
 - optional: `--trace <trace-ref>`
 
-If `--run` is missing, stop and return:
-
-`Usage: /harness-review --run <run-id> [--trace <trace-ref>]`
+On the happy path, **omit `--run`**. Use active run context from `[HarnessRunContext]`.
+Run in a **new Pi session** after execute when possible.
 
 ## Process
 

package/.pi/prompts/harness-router-tune.md

@@ -20,7 +20,7 @@ If required args are missing, stop and return:
 
 ## Process
 
-1. Validate evidence completeness and guard status.
+1. Validate evidence completeness and guard status. Evidence may live under `.pi/harness/runs/<run_id>/` for the active harness run when produced by `/harness-eval` (resolve via active run context or explicit paths — no run id required on the happy path).
 2. Generate a proposal artifact only (no live router mutation).
 3. Require explicit human approval metadata before any apply step.
 

package/.pi/prompts/harness-run.md

@@ -1,37 +1,36 @@
 ---
 description: Execute only against an approved PlanPacket with strict phase gates.
-argument-hint: "--plan <path-to-plan-packet.json> [--budget <amount>]"
+argument-hint: "[--budget <amount>]"
 ---
 
 # harness-run
 
-Execute implementation only after an approved plan exists.
+Execute implementation only after an approved plan exists in active run context.
 
 ## Step 0 — Parse arguments
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--plan <path-to-plan-packet.json>`
 - optional: `--budget <amount>`
 
-If `--plan` is missing, stop and return:
+Do **not** parse `--plan` on the happy path. Load the PlanPacket from `[HarnessActivePlan]` / injected `plan_packet_path` only.
 
-`Usage: /harness-run --plan <path-to-plan-packet.json> [--budget <amount>]`
+If the extension reports plan not ready, stop and return:
+
+`Run /harness-plan first — no approved plan in active run context.`
+
+Advanced recovery only: `--plan <path>` must live under the active run directory (extension validates).
 
 ## Process
 
-1. Validate `--plan` input and confirm it is a valid approved `PlanPacket`.
+1. Load PlanPacket from the injected canonical path and confirm it is valid.
 2. Execute only within approved scope.
 3. Run focused validations mapped to approved acceptance checks.
 4. Produce rollback artifacts and handoff references for downstream gates.
 
-## Required input
-
-- `--plan` must point to a valid `PlanPacket`.
-
 ## Gate behavior
 
-- Refuse execution if no valid plan packet is provided.
+- Refuse execution if active plan is not ready (extension blocks before the agent runs).
 - Keep edits strictly within approved scope.
 - If scope drift appears, stop and return to `harness-plan`.
 - For **implementation forks** inside approved scope, call `ask_user` with 2–4 options. For plan-level ambiguity, stop and return to `harness-plan`.
@@ -58,3 +57,4 @@ End with:
 1. `execution_status` (`completed`, `blocked`, or `scope_drift`).
 2. `validation_summary` (pass/fail with command evidence).
 3. `handoff_ready` booleans for evaluator/adversary prerequisites.
+4. `next_command`: **New Pi session → `/harness-eval`** when execution completed successfully.

package/.pi/prompts/harness-setup.md

@@ -17,7 +17,7 @@ Bootstraps the complete ultimate-pi agentic harness: Graphify knowledge graph, C
 | Provider detection from `OPENAI_*` / `ANTHROPIC_*` env only | Wrong for pi users — keys live in `~/.pi/agent/auth.json`. Use `harness-generate-model-router.mjs` (Pi `ModelRegistry.getAvailable()`). |
 | Re-running 2.1–2.8 manually after CLI verify | Wasteful — trust `harness-cli-verify.sh` output; only fix reported ✗ lines. |
 | Overwriting `AGENTS.md` after graphify | Graphify appends a section — **merge**, do not replace (Step 4.3). |
-| `sentrux-rules-sync` without project manifest | Use **`harness-sentrux-bootstrap.mjs`** (Step 4.4) — seeds manifest + idempotent rules sync. |
+| `sentrux-rules-sync` without project manifest | Use **`harness-sentrux-bootstrap.mjs`** (Step 4.2) — seeds manifest + idempotent rules sync. |
 | Re-running bootstrap with `--force` on unchanged manifest | Wasteful but safe — default bootstrap skips when hash unchanged; `--force` only after manifest edits. |
 | `graph.json` uses `links`, not `edges` | Step 6 stats: `g.get('edges', g.get('links', []))`. |
 | Guessing harness-web / `.env` defaults when `ask_user` is available | **Mandatory `ask_user`** at Step 4.0 unless `--non-interactive`. |
@@ -319,7 +319,7 @@ Install all 52 language plugins:
 sentrux plugin add-standard 2>/dev/null || echo "Plugins already installed or failed"
 ```
 
-Ensure the **sentrux** Pi skill is linked (see Step 4.2). **Rules.toml bootstrap runs in Step 4.3** (idempotent, merge-safe).
+**Rules.toml bootstrap runs in Step 4.2** (idempotent, merge-safe). Sentrux CLI workflows use the package **`sentrux`** skill (`.agents/skills/sentrux`); no symlink into `.pi/skills/` required.
 
 ## Step 3 — Pi Extension Packages
 
@@ -496,29 +496,7 @@ Ensure `.gitignore` contains:
 !.sentrux/rules.toml
 ```
 
-### 4.2 — Sentrux Pi skill
-
-Pi does **not** load `.pi/mcp.json`. Agents use Sentrux via the **CLI** and the **`sentrux`** skill.
-
-From **project root**, ensure the skill is discoverable (idempotent):
-
-```bash
-UP_PKG="$(node -p "require('path').dirname(require.resolve('ultimate-pi/package.json'))")"
-SKILL_SRC="$UP_PKG/.agents/skills/sentrux"
-SKILL_DST=".pi/skills/sentrux"
-if [ -d "$SKILL_SRC" ] && [ ! -e "$SKILL_DST" ]; then
-  ln -s "../../.agents/skills/sentrux" "$SKILL_DST"
-  echo "✓ linked $SKILL_DST → sentrux skill"
-elif [ -e "$SKILL_DST" ]; then
-  echo "✓ sentrux skill already present at $SKILL_DST"
-else
-  echo "✗ missing $SKILL_SRC — reinstall ultimate-pi"
-fi
-```
-
-After `/reload`, agents can invoke **`/skill:sentrux`** for install paths, `sentrux check`, `sentrux gate --save` / `sentrux gate`, and harness integration. **context-mode** remains a separate `npm:context-mode` package in `.pi/settings.json` (its own MCP bridge inside that extension).
-
-### 4.3 — Sentrux rules bootstrap (required)
+### 4.2 — Sentrux rules bootstrap (required)
 
 **Skill:** invoke **harness-sentrux-setup** before hand-editing rules or manifest.
 
@@ -552,7 +530,7 @@ Set up structural regression baseline (optional):
 sentrux gate --save . 2>/dev/null || echo "Baseline will be saved on first gate run"
 ```
 
-### 4.4 — Project AGENTS.md
+### 4.3 — Project AGENTS.md
 
 **Do not overwrite** an existing `AGENTS.md` — graphify bootstrap may have appended a `## Graphify` section. If missing, create minimal onboarding content; if present, only add harness subsections that are absent.
 
@@ -681,7 +659,7 @@ Output summary table:
 | biome | ✓/✗ | Project config: found/default |
 | ast-grep | ✓/✗ | AST-aware code search (`sg`)
 | gh CLI | ✓/✗ | Auth: yes/no |
-| sentrux | ✓/✗ | CLI + plugins; rules via Step 4.3 bootstrap |
+| sentrux | ✓/✗ | CLI + plugins; rules via Step 4.2 bootstrap |
 | Sentrux rules.toml | ✓/✗ | `.sentrux/rules.toml` synced from manifest |
 | pi extensions | ✓/✗ | 4 packages |
 | model router | ✓/✗ | Package + config verified, activation via `/router profile auto` |

package/.pi/prompts/harness-trace.md

@@ -1,6 +1,6 @@
 ---
 description: Query and summarize harness run traces for replay and forensics.
-argument-hint: "--run <run-id> [--phase plan|execute|evaluate|adversary|merge]"
+argument-hint: "[--run <run-id>] [--phase plan|execute|evaluate|adversary|merge]"
 ---
 
 # harness-trace
@@ -11,12 +11,10 @@ Retrieve and summarize trace artifacts for a run.
 
 Read `$ARGUMENTS` and parse:
 
-- required: `--run <run-id>`
+- optional: `--run <run-id>` (recovery only)
 - optional: `--phase plan|execute|evaluate|adversary|merge`
 
-If `--run` is missing, stop and return:
-
-`Usage: /harness-trace --run <run-id> [--phase plan|execute|evaluate|adversary|merge]`
+On the happy path, **omit `--run`**. Phase traces live at `trace-<phase>.json` under the active run directory.
 
 ## Process
 

package/.pi/scripts/harness-searxng-bootstrap.mjs

@@ -21,6 +21,7 @@ import {
 	readFile,
 	writeFile,
 } from "node:fs/promises";
+import { randomBytes } from "node:crypto";
 import { constants } from "node:fs";
 import { join, dirname } from "node:path";
 import { fileURLToPath } from "node:url";
@@ -50,7 +51,10 @@ const SETTINGS_PATH = join(CORE_CONFIG, "settings.yml");
 const COMPOSE_PATH = join(SEARXNG_DIR, "docker-compose.yml");
 const ENV_COMPOSE = join(SEARXNG_DIR, ".env");
 
-const HARNESS_SETTINGS = `use_default_settings: true
+const DEFAULT_SECRET = "ultrasecretkey";
+
+function buildHarnessSettings(secret) {
+	return `use_default_settings: true
 
 search:
   formats:
@@ -58,9 +62,11 @@ search:
     - json
 
 server:
+  secret_key: "${secret}"
   limiter: false
   public_instance: false
 `;
+}
 
 async function exists(path) {
 	try {
@@ -138,6 +144,69 @@ async function readComposePort() {
 	return DEFAULT_PORT;
 }
 
+function parseEnvValue(raw) {
+	return raw.trim().replace(/^["']|["']$/g, "");
+}
+
+async function readComposeSecret() {
+	if (!(await exists(ENV_COMPOSE))) return null;
+	const text = await readFile(ENV_COMPOSE, "utf8");
+	for (const line of text.split("\n")) {
+		const m = line.match(/^SEARXNG_SECRET=(.+)$/);
+		if (m) {
+			const val = parseEnvValue(m[1]);
+			if (val && val !== DEFAULT_SECRET) return val;
+		}
+	}
+	return null;
+}
+
+async function readSettingsSecret() {
+	if (!(await exists(SETTINGS_PATH))) return null;
+	const text = await readFile(SETTINGS_PATH, "utf8");
+	const m = text.match(/^\s*secret_key:\s*["']?([^"'\n#]+)["']?\s*$/m);
+	if (!m) return null;
+	const val = m[1].trim();
+	return val && val !== DEFAULT_SECRET ? val : null;
+}
+
+function generateSecret() {
+	return randomBytes(32).toString("hex");
+}
+
+async function getOrCreateSecret() {
+	return (
+		(await readComposeSecret()) ||
+		(await readSettingsSecret()) ||
+		generateSecret()
+	);
+}
+
+async function upsertComposeSecret(secret) {
+	let content = "";
+	if (await exists(ENV_COMPOSE)) {
+		content = await readFile(ENV_COMPOSE, "utf8");
+	}
+	const line = `SEARXNG_SECRET=${secret}`;
+	const re = /^SEARXNG_SECRET=.*$/m;
+	if (re.test(content)) {
+		content = content.replace(re, line);
+	} else {
+		const sep = content.endsWith("\n") || content.length === 0 ? "" : "\n";
+		content = `${content}${sep}${line}\n`;
+	}
+	await writeFile(ENV_COMPOSE, content, "utf8");
+}
+
+async function settingsNeedUpdate() {
+	if (!(await exists(SETTINGS_PATH))) return true;
+	const text = await readFile(SETTINGS_PATH, "utf8");
+	if (!text.includes("json")) return true;
+	if (text.includes(DEFAULT_SECRET)) return true;
+	if (!/^\s*secret_key:/m.test(text)) return true;
+	return false;
+}
+
 async function ensureSearxngLayout() {
 	await mkdir(CORE_CONFIG, { recursive: true });
 	if (!(await exists(COMPOSE_PATH))) {
@@ -152,12 +221,28 @@ async function ensureSearxngLayout() {
 		}
 		await copyFile(example, ENV_COMPOSE);
 	}
-	const needsSettings =
-		!(await exists(SETTINGS_PATH)) ||
-		!(await readFile(SETTINGS_PATH, "utf8")).includes("json");
-	if (needsSettings) {
-		await writeFile(SETTINGS_PATH, HARNESS_SETTINGS, "utf8");
-		console.log(`✓ Wrote ${SETTINGS_PATH} (json format, limiter off)`);
+	const secret = await getOrCreateSecret();
+	await upsertComposeSecret(secret);
+	console.log(`✓ Set SEARXNG_SECRET in ${ENV_COMPOSE}`);
+	if (await settingsNeedUpdate()) {
+		try {
+			await writeFile(SETTINGS_PATH, buildHarnessSettings(secret), "utf8");
+			console.log(
+				`✓ Wrote ${SETTINGS_PATH} (json format, limiter off, secret_key set)`,
+			);
+		} catch (err) {
+			if (err && typeof err === "object" && "code" in err && err.code === "EACCES") {
+				console.warn(
+					`⚠ Could not write ${SETTINGS_PATH} (permission denied). ` +
+						"SEARXNG_SECRET in .env is set — restart containers. " +
+						`Fix ownership: chown -R $USER:$USER ${SEARXNG_DIR}`,
+				);
+			} else {
+				throw err;
+			}
+		}
+	} else {
+		console.log(`✓ ${SETTINGS_PATH} already configured`);
 	}
 }
 

package/.pi/scripts/harness-verify.mjs

@@ -16,6 +16,7 @@ const ADRS = join(ROOT, ".pi", "harness", "docs", "adrs");
 
 const REQUIRED_SCHEMAS = [
 	"harness-run-record.schema.json",
+	"harness-run-context.schema.json",
 	"harness-posthog-event.schema.json",
 	"observation.schema.json",
 	"run-trace.schema.json",
@@ -32,10 +33,12 @@ const REQUIRED_ADRS = [
 	"0007-interactive-drift-monitor.md",
 	"0008-harness-posthog-telemetry.md",
 	"0009-sentrux-rules-lifecycle.md",
+	"0031-harness-run-context.md",
 ];
 
 const REQUIRED_EXTENSIONS = [
 	"harness-telemetry.ts",
+	"harness-run-context.ts",
 	"trace-recorder.ts",
 	"observation-bus.ts",
 	"drift-monitor.ts",
@@ -192,6 +195,21 @@ async function main() {
 	if (!(await fileExists(libPath))) fail("missing lib/harness-posthog.ts");
 	ok("lib/harness-posthog.ts");
 
+	const runCtxLib = join(ROOT, ".pi", "lib", "harness-run-context.ts");
+	if (!(await fileExists(runCtxLib))) fail("missing lib/harness-run-context.ts");
+	ok("lib/harness-run-context.ts");
+
+	const runCtxFixture = join(SMOKE, "run-context.fixture.json");
+	if (!(await fileExists(runCtxFixture))) {
+		fail("missing run-context.fixture.json");
+	}
+	const runCtxData = JSON.parse(await readFile(runCtxFixture, "utf-8"));
+	if (runCtxData.schema_version !== "1.0.0") {
+		fail("run-context fixture schema_version must be 1.0.0");
+	}
+	if (!runCtxData.run_id) fail("run-context fixture missing run_id");
+	ok("run-context.fixture.json");
+
 	const fixture = JSON.parse(
 		await readFile(join(SMOKE, "run-record.fixture.json"), "utf-8"),
 	);

package/CHANGELOG.md

@@ -4,6 +4,28 @@ All notable changes to this project are documented in this file.
 
 ## [Unreleased]
 
+## [v0.7.0] — 2026-05-17
+
+### ✨ Features
+
+- **Harness run context:** track active run and canonical plan path in session; short slash commands without `--run` or `--plan`; project `active-run.json` for forked eval sessions; ADR 0031.
+- **System prompt extension:** load packaged `.pi/SYSTEM.md` by default with optional workspace `.pi/system.md` override.
+
+### 📖 Documentation
+
+- **README and harness prompts:** manual workflow without run IDs; `harness-run-status`, `harness-new-run`, `harness-use-run` helpers.
+
+### 🔧 Chores
+
+- **harness-setup:** remove Sentrux skill symlink step; rules bootstrap only.
+
+## [v0.6.1] — 2026-05-17
+
+### 🐛 Fixes
+
+- **SearXNG bootstrap:** generate `SEARXNG_SECRET` and set `server.secret_key` so containers no longer crash on the default `ultrasecretkey` (SearXNG 2026.4+).
+- **Harness env template:** remove obsolete `PI_VCC_CONFIG_PATH`; add env-only VCC, PostHog MCP, Sentrux, and default `VAULT_WIKI_PATH` keys aligned with `/harness-setup`.
+
 ## [v0.6.0] — 2026-05-17
 
 ### ✨ Features