vgxness 1.9.2 → 1.9.3

package/dist/governance/governance-report-builder.js

@@ -1,5 +1,5 @@
 import { getSddPhasePermissionMatrixForPhase, permissionCategories, sddPhasePermissionMatrixVersion } from '../permissions/policy-evaluator.js';
-import { isSddPhase, normalizeSddArtifact } from '../sdd/schema.js';
+import { isSddPhase, normalizeSddArtifact, normalizeSddPhaseInput } from '../sdd/schema.js';
 import { fingerprintManagerProfileOverlay } from './overlay-fingerprint.js';
 export class GovernanceReportBuilder {
     services;
@@ -27,11 +27,13 @@ export class GovernanceReportBuilder {
             warnings.push('run-service-unavailable');
         }
         const workflow = input.workflow ?? run?.workflow;
-        const phase = input.phase ?? run?.phase;
+        const rawPhase = input.phase ?? run?.phase;
+        const phase = canonicalReportPhase(workflow, rawPhase);
         const agent = buildAgentRef(input, run);
         const change = input.change;
         const payloadMode = input.payloadMode ?? 'compact';
         const resolvedRunId = input.runId ?? run?.id;
+        const permissionsPhase = phase === undefined ? undefined : (normalizeSddPhaseInput(phase) ?? phase);
         const report = {
             version: 1,
             kind: 'governance-report',
@@ -44,7 +46,7 @@ export class GovernanceReportBuilder {
             ...(agent === undefined ? {} : { agent }),
             sdd: {},
             permissions: {
-                ...buildPermissionsMode(phase),
+                ...buildPermissionsMode(permissionsPhase),
             },
             openCode: {
                 mode: 'audit-only',
@@ -72,7 +74,8 @@ export class GovernanceReportBuilder {
     tryBuildOptimizedSddSnapshot(report, project, change, phase, payloadMode, warnings) {
         if (this.services.sdd.getGovernanceSnapshot === undefined)
             return false;
-        if (phase !== undefined && !isSddPhase(phase)) {
+        const canonicalPhase = phase === undefined ? undefined : normalizeSddPhaseInput(phase);
+        if (phase !== undefined && canonicalPhase === undefined) {
             warnings.push('sdd-readiness-skipped-non-sdd-phase');
             return false;
         }
@@ -80,7 +83,7 @@ export class GovernanceReportBuilder {
             project,
             change,
             payloadMode,
-            ...(phase === undefined ? {} : { phase }),
+            ...(canonicalPhase === undefined ? {} : { phase: canonicalPhase }),
         });
         if (!snapshot.ok) {
             warnings.push(`sdd-snapshot-unavailable:${snapshot.error.code}`);
@@ -125,8 +128,9 @@ export class GovernanceReportBuilder {
         else {
             warnings.push(`sdd-artifacts-unavailable:${listed.error.code}`);
         }
-        if (phase !== undefined && isSddPhase(phase)) {
-            const readiness = this.services.sdd.getReady({ project, change, phase });
+        const canonicalPhase = phase === undefined ? undefined : normalizeSddPhaseInput(phase);
+        if (canonicalPhase !== undefined) {
+            const readiness = this.services.sdd.getReady({ project, change, phase: canonicalPhase });
             if (readiness.ok) {
                 report.sdd.readiness = readiness.value;
                 for (const blocker of readiness.value.blockedPrerequisites ?? [])
@@ -280,6 +284,13 @@ function buildAgentRef(input, run) {
 function dedupe(values) {
     return [...new Set(values)];
 }
+function canonicalReportPhase(workflow, phase) {
+    if (phase === undefined)
+        return undefined;
+    if (workflow !== undefined && workflow.trim().toLowerCase() !== 'sdd')
+        return phase;
+    return normalizeSddPhaseInput(phase) ?? phase;
+}
 function validationFailure(message) {
     return { ok: false, error: { code: 'validation_failed', message } };
 }

package/dist/mcp/claude-code-agent-config.js

@@ -1,6 +1,6 @@
 import { existsSync, readFileSync } from 'node:fs';
 import { homedir } from 'node:os';
-import { join, resolve } from 'node:path';
+import { join, parse, resolve } from 'node:path';
 import { projectCanonicalAgentManifestToClaudeCode } from '../agents/canonical-agent-projection.js';
 import { assertInsideWorkspace } from './claude-code-config.js';
 export const claudeCodeGeneratedMarker = 'VGXNESS-GENERATED';
@@ -29,10 +29,16 @@ export function resolveClaudeAgentTarget(input) {
     return { workspaceRoot: input.workspaceRoot, scope, directoryPath: join(home, '.claude', 'agents'), ...(input.env === undefined ? {} : { env: input.env }) };
 }
 export function safeHomeDirectory(env = process.env) {
-    const candidate = env.HOME?.trim() || homedir();
-    if (!candidate || candidate === '/' || candidate.includes('\0') || candidate.includes('~'))
+    const homeDrive = env.HOMEDRIVE?.trim();
+    const homePath = env.HOMEPATH?.trim();
+    const homeDrivePath = homeDrive && homePath ? `${homeDrive}${homePath}` : '';
+    const candidate = env.HOME?.trim() || env.USERPROFILE?.trim() || homeDrivePath || homedir();
+    if (!candidate || candidate.startsWith('~') || candidate.includes('\0'))
         throw new Error('Unable to resolve a safe home directory for Claude user agents.');
-    return resolve(candidate);
+    const expanded = resolve(candidate);
+    if (parse(expanded).root === expanded)
+        throw new Error('Unable to resolve a safe home directory for Claude user agents.');
+    return expanded;
 }
 export function isVgxnessOwnedClaudeAgentMarkdown(contents) {
     return contents.includes(claudeCodeGeneratedMarker) && contents.includes('provider=claude') && contents.includes('artifact=claude-code-subagent');

package/dist/mcp/control-plane.js

@@ -8,6 +8,7 @@ import { openMemoryDatabase } from '../memory/sqlite/database.js';
 import { prepareMemoryDatabasePath, resolveMemoryDatabasePath } from '../memory/storage-paths.js';
 import { OpenCodeManagerPayloadService } from '../providers/opencode/manager-payload.js';
 import { RunService } from '../runs/run-service.js';
+import { sddContinuationPlanFrom } from '../sdd/sdd-continuation-plan.js';
 import { SddWorkflowService } from '../sdd/sdd-workflow-service.js';
 import { SkillRegistryService } from '../skills/skill-registry-service.js';
 import { VerificationPlanService } from '../verification/index.js';
@@ -43,6 +44,8 @@ export function callVgxTool(call, services) {
             return toEnvelope(validated.tool, services.sdd.getNext(validated.input));
         case 'vgxness_sdd_cockpit':
             return toEnvelope(validated.tool, services.sdd.getCockpit(validated.input));
+        case 'vgxness_sdd_continue':
+            return sddContinueEnvelope(validated.input, services);
         case 'vgxness_governance_report':
             return auditedEnvelope(validated.tool, new GovernanceReportBuilder({
                 sdd: governanceSddServices(services.sdd),
@@ -96,6 +99,8 @@ export function callVgxTool(call, services) {
             return toEnvelope(validated.tool, services.runs.appendCheckpoint(validated.input));
         case 'vgxness_run_finalize':
             return toEnvelope(validated.tool, services.runs.updateFinalStatus(validated.input));
+        case 'vgxness_run_resume_candidates':
+            return runResumeCandidatesEnvelope(validated.input, services);
         case 'vgxness_run_resume_inspect':
             return toEnvelope(validated.tool, services.runs.getRunOperatorResumePlan(validated.input.runId));
         case 'vgxness_run_resume_gate':
@@ -238,6 +243,23 @@ function governanceSddServices(services) {
         },
     };
 }
+function sddContinueEnvelope(input, services) {
+    const next = services.sdd.getNext({ project: input.project, change: input.change });
+    if (!next.ok)
+        return errorEnvelope(next.error.code, next.error.message, 'vgxness_sdd_continue');
+    const cockpit = services.sdd.getCockpit({ project: input.project, change: input.change });
+    if (!cockpit.ok)
+        return errorEnvelope(cockpit.error.code, cockpit.error.message, 'vgxness_sdd_continue');
+    const relatedRun = services.runs.findRelatedInterruptedSddRun({ project: input.project, change: input.change });
+    if (!relatedRun.ok)
+        return errorEnvelope(relatedRun.error.code, relatedRun.error.message, 'vgxness_sdd_continue');
+    return successEnvelope('vgxness_sdd_continue', sddContinuationPlanFrom({
+        project: input.project,
+        next: next.value,
+        cockpit: cockpit.value,
+        ...(relatedRun.value === undefined ? {} : { relatedRunContext: relatedRun.value }),
+    }));
+}
 export function createVgxMcpControlPlane(options = {}) {
     const databasePath = resolveControlPlaneDatabasePath(options);
     if (!databasePath.ok)
@@ -346,6 +368,40 @@ function listRunsEnvelope(input, services) {
         ? successEnvelope('vgxness_run_list', result.value.slice(0, limit))
         : errorEnvelope(result.error.code, result.error.message, 'vgxness_run_list');
 }
+function runResumeCandidatesEnvelope(input, services) {
+    const limit = input.limit ?? 5;
+    const result = services.runs.listRecentInterruptedRuns({ project: input.project, limit });
+    if (!result.ok)
+        return errorEnvelope(result.error.code, result.error.message, 'vgxness_run_resume_candidates');
+    return successEnvelope('vgxness_run_resume_candidates', {
+        kind: 'run-resume-candidates',
+        version: 1,
+        project: input.project,
+        statuses: ['failed', 'blocked', 'needs-human'],
+        limit,
+        candidates: result.value.map((candidate) => ({
+            ...candidate,
+            recommendation: 'Inspect this interrupted run before deciding whether to continue manually.',
+            inspectTool: 'run_resume_inspect',
+            inspectInput: { runId: candidate.runId },
+            resumeCommand: `vgxness resume --project ${input.project} --run-id ${candidate.runId}`,
+        })),
+        nextStep: result.value.length === 0
+            ? 'No interrupted run candidates were found for this project. Start from the current project status or a known runId.'
+            : 'Call run_resume_inspect with a candidate runId, then use run_resume_gate only when inspect returns a relevant approvalId.',
+        safety: {
+            readOnly: true,
+            runMutation: false,
+            retryAdmitted: false,
+            providerInvoked: false,
+            writesProviderConfig: false,
+            writesArtifacts: false,
+            writesOpenSpec: false,
+            createsSandbox: false,
+            createsWorktree: false,
+        },
+    });
+}
 function toEnvelope(tool, result) {
     return result.ok ? successEnvelope(tool, result.value) : errorEnvelope(result.error.code, result.error.message, tool);
 }

package/dist/mcp/provider-status.js

@@ -52,35 +52,36 @@ export class ProviderStatusService {
         const compactBytes = Buffer.byteLength(JSON.stringify(compactShape), 'utf8');
         const issueCount = [canonicalAgentManifest.status, configStatus, ...tools.map((tool) => (tool.present ? 'pass' : 'fail'))].filter((item) => item === 'fail' || item === 'not-configured').length;
         const warningCount = [configStatus, mcpEntry.status, ...paths.map((path) => path.status)].filter((item) => item === 'warn').length;
+        const reportBase = {
+            version: 1,
+            kind: 'provider-status',
+            project: normalized.project,
+            providerAdapter: normalized.providerAdapter,
+            scope: normalized.scope,
+            workspaceRoot: normalized.workspaceRoot,
+            status,
+            overallStatus: status,
+            inspectedPaths: checkedPaths,
+            issueCount,
+            warningCount,
+            summary: summarizeStatus(status, mcpEntry),
+            nextAction: nextActionFor(status, mcpEntry, sdd?.next),
+            checkedPaths,
+            canonicalAgentManifest,
+            ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
+            mcpRequiredTools: tools,
+            originalBytes,
+            compactBytes,
+            verboseAvailable: normalized.payloadMode === 'compact',
+            fullContentRef: `provider-status:${normalized.providerAdapter}:${normalized.workspaceRoot}`,
+            generatedAt,
+            safety: PROVIDER_HEALTH_SAFETY,
+        };
         return {
             ok: true,
-            value: {
-                version: 1,
-                kind: 'provider-status',
-                project: normalized.project,
-                providerAdapter: normalized.providerAdapter,
-                scope: normalized.scope,
-                workspaceRoot: normalized.workspaceRoot,
-                status,
-                payloadMode: normalized.payloadMode,
-                overallStatus: status,
-                inspectedPaths: checkedPaths,
-                issueCount,
-                warningCount,
-                summary: summarizeStatus(status, mcpEntry),
-                nextAction: nextActionFor(status, mcpEntry, sdd?.next),
-                checkedPaths,
-                canonicalAgentManifest,
-                config: { status: configStatus, paths: compactPaths(paths, normalized.payloadMode), mcpEntry: compactMcpEntry(mcpEntry, normalized.payloadMode) },
-                ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
-                mcpRequiredTools: tools,
-                originalBytes,
-                compactBytes,
-                verboseAvailable: normalized.payloadMode === 'compact',
-                fullContentRef: `provider-status:${normalized.providerAdapter}:${normalized.workspaceRoot}`,
-                generatedAt,
-                safety: PROVIDER_HEALTH_SAFETY,
-            },
+            value: normalized.payloadMode === 'verbose'
+                ? { ...reportBase, payloadMode: 'verbose', config: { status: configStatus, paths: compactPaths(paths, 'verbose'), mcpEntry: compactMcpEntry(mcpEntry, 'verbose') } }
+                : { ...reportBase, payloadMode: 'compact', config: { status: configStatus, paths: compactPaths(paths, 'compact'), mcpEntry: compactMcpEntry(mcpEntry, 'compact') } },
         };
     }
     readSdd(project, change) {
@@ -115,35 +116,36 @@ export class ProviderStatusService {
         const compactBytes = Buffer.byteLength(JSON.stringify(compactShape), 'utf8');
         const issueCount = [canonicalAgentManifest.status, configStatus, ...agentStatuses].filter((item) => item === 'fail' || item === 'not-configured').length;
         const warningCount = advisory.length + resolvedScope.value.warnings.length + paths.filter((path) => path.status === 'warn').length;
+        const reportBase = {
+            version: 1,
+            kind: 'provider-status',
+            project: normalized.project,
+            providerAdapter: 'claude',
+            scope: normalized.scope,
+            workspaceRoot: normalized.workspaceRoot,
+            status,
+            overallStatus: status,
+            inspectedPaths: checkedPaths,
+            issueCount,
+            warningCount,
+            summary: summarizeClaudeStatus(status, mcpEntry),
+            nextAction: nextActionFor(status, mcpEntry, sdd?.next),
+            checkedPaths,
+            canonicalAgentManifest,
+            ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
+            mcpRequiredTools: tools,
+            originalBytes,
+            compactBytes,
+            verboseAvailable: normalized.payloadMode === 'compact',
+            fullContentRef: `provider-status:claude:${normalized.workspaceRoot}`,
+            generatedAt: 'read-only-snapshot',
+            safety: PROVIDER_HEALTH_SAFETY,
+        };
         return {
             ok: true,
-            value: {
-                version: 1,
-                kind: 'provider-status',
-                project: normalized.project,
-                providerAdapter: 'claude',
-                scope: normalized.scope,
-                workspaceRoot: normalized.workspaceRoot,
-                status,
-                payloadMode: normalized.payloadMode,
-                overallStatus: status,
-                inspectedPaths: checkedPaths,
-                issueCount,
-                warningCount,
-                summary: summarizeClaudeStatus(status, mcpEntry),
-                nextAction: nextActionFor(status, mcpEntry, sdd?.next),
-                checkedPaths,
-                canonicalAgentManifest,
-                config: { status: configStatus, paths: compactPaths(paths, normalized.payloadMode), mcpEntry: compactMcpEntry(mcpEntry, normalized.payloadMode) },
-                ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
-                mcpRequiredTools: tools,
-                originalBytes,
-                compactBytes,
-                verboseAvailable: normalized.payloadMode === 'compact',
-                fullContentRef: `provider-status:claude:${normalized.workspaceRoot}`,
-                generatedAt: 'read-only-snapshot',
-                safety: PROVIDER_HEALTH_SAFETY,
-            },
+            value: normalized.payloadMode === 'verbose'
+                ? { ...reportBase, payloadMode: 'verbose', config: { status: configStatus, paths: compactPaths(paths, 'verbose'), mcpEntry: compactMcpEntry(mcpEntry, 'verbose') } }
+                : { ...reportBase, payloadMode: 'compact', config: { status: configStatus, paths: compactPaths(paths, 'compact'), mcpEntry: compactMcpEntry(mcpEntry, 'compact') } },
         };
     }
     getClaudeUserGlobalStatus(normalized, canonicalScope = 'user', scopeWarnings = []) {
@@ -162,35 +164,38 @@ export class ProviderStatusService {
         const checkedPaths = normalized.payloadMode === 'verbose' ? [mcpState.path, agents.directoryPath, ...agents.agents.map((agent) => agent.path), userMemory.path] : [mcpState.path, userMemory.path, ...agents.agents.filter((agent) => agent.exists || agent.status !== 'missing').map((agent) => agent.path)];
         const verboseShape = { config: { status: configStatus, paths, mcpEntry }, canonicalAgentManifest, agents, userMemory: { status: userMemory.status, action: userMemory.action }, scopeCapabilities: CLAUDE_USER_GLOBAL_SCOPE_CAPABILITIES, scopeWarnings, sdd, mcpRequiredTools: tools };
         const compactShape = { config: { status: configStatus, paths: compactPaths(paths, 'compact'), mcpEntry: compactMcpEntry(mcpEntry, 'compact') }, canonicalAgentManifest, agentSummary: summarizeClaudeAgents(agents), userMemory: { status: userMemory.status, action: userMemory.action }, scopeCapabilities: CLAUDE_USER_GLOBAL_SCOPE_CAPABILITIES, sdd: sdd === undefined ? undefined : compactSdd(sdd, 'compact'), mcpRequiredTools: tools };
+        const originalBytes = Buffer.byteLength(JSON.stringify(verboseShape), 'utf8');
+        const compactBytes = Buffer.byteLength(JSON.stringify(compactShape), 'utf8');
+        const reportBase = {
+            version: 1,
+            kind: 'provider-status',
+            project: normalized.project,
+            providerAdapter: 'claude',
+            scope: normalized.scope,
+            workspaceRoot: normalized.workspaceRoot,
+            status,
+            overallStatus: status,
+            inspectedPaths: checkedPaths,
+            issueCount: [canonicalAgentManifest.status, configStatus, ...agentStatuses].filter((item) => item === 'fail' || item === 'not-configured').length,
+            warningCount: scopeWarnings.length + paths.filter((path) => path.status === 'warn').length + 1,
+            summary: summarizeClaudeStatus(status, mcpEntry),
+            nextAction: nextActionFor(status, mcpEntry, sdd?.next),
+            checkedPaths,
+            canonicalAgentManifest,
+            ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
+            mcpRequiredTools: tools,
+            originalBytes,
+            compactBytes,
+            verboseAvailable: normalized.payloadMode === 'compact',
+            fullContentRef: `provider-status:claude:user-global:${normalized.workspaceRoot}`,
+            generatedAt: 'read-only-snapshot',
+            safety: { ...PROVIDER_HEALTH_SAFETY, scopeCapabilities: CLAUDE_USER_GLOBAL_SCOPE_CAPABILITIES },
+        };
         return {
             ok: true,
-            value: {
-                version: 1,
-                kind: 'provider-status',
-                project: normalized.project,
-                providerAdapter: 'claude',
-                scope: normalized.scope,
-                workspaceRoot: normalized.workspaceRoot,
-                status,
-                payloadMode: normalized.payloadMode,
-                overallStatus: status,
-                inspectedPaths: checkedPaths,
-                issueCount: [canonicalAgentManifest.status, configStatus, ...agentStatuses].filter((item) => item === 'fail' || item === 'not-configured').length,
-                warningCount: scopeWarnings.length + paths.filter((path) => path.status === 'warn').length + 1,
-                summary: summarizeClaudeStatus(status, mcpEntry),
-                nextAction: nextActionFor(status, mcpEntry, sdd?.next),
-                checkedPaths,
-                canonicalAgentManifest,
-                config: { status: configStatus, paths: compactPaths(paths, normalized.payloadMode), mcpEntry: compactMcpEntry(mcpEntry, normalized.payloadMode) },
-                ...(sdd === undefined ? {} : { sdd: compactSdd(sdd, normalized.payloadMode) }),
-                mcpRequiredTools: tools,
-                originalBytes: Buffer.byteLength(JSON.stringify(verboseShape), 'utf8'),
-                compactBytes: Buffer.byteLength(JSON.stringify(compactShape), 'utf8'),
-                verboseAvailable: normalized.payloadMode === 'compact',
-                fullContentRef: `provider-status:claude:user-global:${normalized.workspaceRoot}`,
-                generatedAt: 'read-only-snapshot',
-                safety: { ...PROVIDER_HEALTH_SAFETY, scopeCapabilities: CLAUDE_USER_GLOBAL_SCOPE_CAPABILITIES },
-            },
+            value: normalized.payloadMode === 'verbose'
+                ? { ...reportBase, payloadMode: 'verbose', config: { status: configStatus, paths: compactPaths(paths, 'verbose'), mcpEntry: compactMcpEntry(mcpEntry, 'verbose') } }
+                : { ...reportBase, payloadMode: 'compact', config: { status: configStatus, paths: compactPaths(paths, 'compact'), mcpEntry: compactMcpEntry(mcpEntry, 'compact') } },
         };
     }
 }

package/dist/mcp/schema.js

@@ -14,6 +14,7 @@ export const SUPPORTED_VGX_MCP_TOOL_NAMES = [
     'vgxness_sdd_list_artifacts',
     'vgxness_sdd_next',
     'vgxness_sdd_cockpit',
+    'vgxness_sdd_continue',
     'vgxness_governance_report',
     'vgxness_memory_save',
     'vgxness_memory_search',
@@ -37,6 +38,7 @@ export const SUPPORTED_VGX_MCP_TOOL_NAMES = [
     'vgxness_run_start',
     'vgxness_run_checkpoint',
     'vgxness_run_finalize',
+    'vgxness_run_resume_candidates',
     'vgxness_run_resume_inspect',
     'vgxness_run_resume_gate',
     'vgxness_provider_status',
@@ -55,6 +57,7 @@ export const EXPOSED_VGX_MCP_TOOL_NAMES = [
     'sdd_list_artifacts',
     'sdd_next',
     'sdd_cockpit',
+    'sdd_continue',
     'governance_report',
     'memory_save',
     'memory_search',
@@ -78,6 +81,7 @@ export const EXPOSED_VGX_MCP_TOOL_NAMES = [
     'run_start',
     'run_checkpoint',
     'run_finalize',
+    'run_resume_candidates',
     'run_resume_inspect',
     'run_resume_gate',
     'provider_status',
@@ -104,6 +108,7 @@ const payloadModes = ['compact', 'verbose'];
 const contextCockpitLevels = ['compact', 'expanded', 'verbose'];
 const providerChangePlanProviders = ['opencode', 'claude', 'antigravity', 'custom'];
 const providerChangePlanTypes = ['opencode-mcp-install', 'claude-mcp-install', 'setup', 'install', 'config-preparation'];
+const sddPhaseInputSchema = z.union([z.enum(sddPhases), z.literal('apply')]);
 const jsonValueSchema = z.lazy(() => z.union([z.string(), z.number().finite(), z.boolean(), z.null(), z.array(jsonValueSchema), z.record(z.string(), jsonValueSchema)]));
 export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
     vgxness_sdd_status: z
@@ -116,7 +121,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         runId: z.string().min(1).optional(),
         agentId: z.string().min(1).optional(),
     })
@@ -125,7 +130,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         runId: z.string().min(1).optional(),
         agentId: z.string().min(1).optional(),
     })
@@ -134,7 +139,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         content: z.string().min(1),
     })
         .passthrough(),
@@ -142,7 +147,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         acceptedBy: z.object({
             type: z.literal('human'),
             id: z.string().min(1),
@@ -158,7 +163,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         reopenedBy: z.object({
             type: z.literal('human'),
             id: z.string().min(1),
@@ -174,7 +179,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         .object({
         project: z.string().min(1),
         change: z.string().min(1),
-        phase: z.enum(sddPhases),
+        phase: sddPhaseInputSchema,
         payloadMode: z.enum(payloadModes).optional(),
     })
         .passthrough(),
@@ -197,6 +202,13 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         change: z.string().min(1),
     })
         .passthrough(),
+    vgxness_sdd_continue: z
+        .object({
+        project: z.string().min(1),
+        change: z.string().min(1),
+        payloadMode: z.enum(payloadModes).optional(),
+    })
+        .passthrough(),
     vgxness_governance_report: z
         .object({
         project: z.string().min(1),
@@ -364,7 +376,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         workspaceRoot: z.string().min(1).optional(),
         maxSourceBytes: z.number().int().positive().optional(),
         change: z.string().min(1).optional(),
-        phase: z.enum(sddPhases).optional(),
+        phase: sddPhaseInputSchema.optional(),
     })
         .passthrough(),
     vgxness_run_list: z
@@ -431,6 +443,12 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         outcomeReason: z.string().min(1).optional(),
     })
         .passthrough(),
+    vgxness_run_resume_candidates: z
+        .object({
+        project: z.string().min(1),
+        limit: z.number().int().min(1).max(100).optional(),
+    })
+        .passthrough(),
     vgxness_run_resume_inspect: z
         .object({
         runId: z.string().min(1),

package/dist/mcp/stdio-server.js

@@ -57,6 +57,8 @@ function descriptionForTool(publicToolName) {
         return 'Read-only OpenCode handoff preview; returns context for manual continuation only, does not execute/control OpenCode, write .opencode/provider config, or create runs, checkpoints, events, sessions, or skill-usage records.';
     if (publicToolName === 'verification_plan')
         return 'Read-only verification plan recommendations only; does not execute commands, write provider config, persist results, create checkpoints, or infer SDD acceptance.';
+    if (publicToolName === 'run_resume_candidates')
+        return 'Read-only interrupted run resume candidate discovery by project; lists bounded failed, blocked, and needs-human runs without mutation, retry admission, provider execution, artifact/config/openspec writes, sandboxes, worktrees, or sessions.';
     if (publicToolName === 'run_resume_inspect')
         return 'Read-only run resume advisory inspect; plan-only and does not execute resume logic, invoke providers, write provider config, mutate retry/abandon/attempt state, or reconstruct sandboxes, worktrees, sessions, or transcripts.';
     if (publicToolName === 'run_resume_gate')
@@ -65,6 +67,8 @@ function descriptionForTool(publicToolName) {
         return 'Read-only context cockpit for start/resume/recovery; returns latest restorable session plus bounded memory previews without traces, provider config writes, repository writes, runs, artifacts, or session mutations.';
     if (publicToolName === 'sdd_cockpit')
         return 'Read-only SDD cockpit summary with next decision, explicit acceptance state, metadata-only artifact summaries, and aggregate blockers.';
+    if (publicToolName === 'sdd_continue')
+        return 'Read-only SDD continuation planner; returns blocker actions, safe suggested commands, related interrupted run context, and safety notes without provider execution, run creation, artifact mutation, provider config writes, or openspec writes.';
     const toolName = toInternalVgxMcpToolName(publicToolName);
     return `VGX control-plane tool ${toolName}`;
 }

package/dist/mcp/validation.js

@@ -1,6 +1,6 @@
 import { isRiskyPermissionCategory, permissionCategories } from '../permissions/schema.js';
 import { parseOperationRetryPolicy } from '../runs/operation-retry.js';
-import { isSddPhase, sddPhases } from '../sdd/schema.js';
+import { normalizeSddPhaseInput, sddPhases } from '../sdd/schema.js';
 import { workflowIds } from '../workflows/schema.js';
 import { supportedTypeMessage, verificationChangeTypes } from '../verification/index.js';
 import { errorEnvelope, isVgxMcpToolName, } from './schema.js';
@@ -52,6 +52,8 @@ export function validateVgxMcpToolCall(call) {
             return validationSuccess(tool.value, validateSddNextInput(input, tool.value));
         case 'vgxness_sdd_cockpit':
             return validationSuccess(tool.value, validateSddCockpitInput(input, tool.value));
+        case 'vgxness_sdd_continue':
+            return validationSuccess(tool.value, validateSddContinueInput(input, tool.value));
         case 'vgxness_governance_report':
             return validationSuccess(tool.value, validateGovernanceReportInput(input, tool.value));
         case 'vgxness_memory_save':
@@ -98,6 +100,8 @@ export function validateVgxMcpToolCall(call) {
             return validationSuccess(tool.value, validateRunCheckpointInput(input, tool.value));
         case 'vgxness_run_finalize':
             return validationSuccess(tool.value, validateRunFinalizeInput(input, tool.value));
+        case 'vgxness_run_resume_candidates':
+            return validationSuccess(tool.value, validateRunResumeCandidatesInput(input, tool.value));
         case 'vgxness_run_resume_inspect':
             return validationSuccess(tool.value, validateRunResumeInspectInput(input, tool.value));
         case 'vgxness_run_resume_gate':
@@ -240,6 +244,21 @@ function validateSddCockpitInput(input, tool) {
         return record;
     return readProjectAndChange(record.value, tool);
 }
+function validateSddContinueInput(input, tool) {
+    const record = inputRecord(input, tool, ['project', 'change', 'payloadMode']);
+    if (!record.ok)
+        return record;
+    const base = readProjectAndChange(record.value, tool);
+    if (!base.ok)
+        return base;
+    const payloadMode = readOptionalOneOf(record.value, 'payloadMode', payloadModes, tool);
+    if (!payloadMode.ok)
+        return payloadMode;
+    const result = { ...base.value };
+    if (payloadMode.value !== undefined)
+        result.payloadMode = payloadMode.value;
+    return { ok: true, value: result };
+}
 function validateContextCockpitInput(input, tool) {
     const record = inputRecord(input, tool, ['project', 'change', 'directory', 'limit', 'level']);
     if (!record.ok)
@@ -971,6 +990,22 @@ function validateRunFinalizeInput(input, tool) {
         return copied;
     return { ok: true, value: result };
 }
+function validateRunResumeCandidatesInput(input, tool) {
+    const record = inputRecord(input, tool, ['project', 'limit']);
+    if (!record.ok)
+        return record;
+    const project = readNonEmptyString(record.value, 'project', tool);
+    if (!project.ok)
+        return project;
+    const result = { project: project.value };
+    if (record.value.limit !== undefined) {
+        const limit = readBoundedLimit(record.value, tool);
+        if (!limit.ok)
+            return limit;
+        result.limit = limit.value;
+    }
+    return { ok: true, value: result };
+}
 function validateRunResumeInspectInput(input, tool) {
     const record = inputRecord(input, tool, ['runId']);
     if (!record.ok)
@@ -1053,9 +1088,10 @@ function readPhase(record, tool) {
     const phase = readNonEmptyString(record, 'phase', tool);
     if (!phase.ok)
         return phase;
-    if (!isSddPhase(phase.value))
+    const normalized = normalizeSddPhaseInput(phase.value);
+    if (normalized === undefined)
         return validationFailure(`phase must be one of: ${sddPhases.join(', ')}`, tool);
-    return { ok: true, value: phase.value };
+    return { ok: true, value: normalized };
 }
 function copyOptionalStrings(target, record, tool, fields) {
     for (const field of fields) {