vibe-coding-master 0.2.7 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,5 +1,6 @@
1
1
  export function renderProjectManagerHarnessRules() {
2
- return `## VCM Project Manager Rules
2
+ return `
3
+ ## VCM Project Manager Rules
3
4
 
4
5
  ### Role Scope
5
6
 
@@ -20,22 +21,21 @@ export function renderProjectManagerHarnessRules() {
20
21
 
21
22
  - Before dispatching work, confirm the current task repo root and branch.
22
23
  - If the current directory does not match \`VCM_TASK_REPO_ROOT\`, stop and report the mismatch.
23
- - Include the confirmed task repo root and branch in each role command \`## Worktree\` section.
24
+ - Include the confirmed task repo root and branch in each role message.
24
25
 
25
- ### Dispatch Artifacts
26
+ ### Dispatch
26
27
 
27
- - Before dispatching a role, update that role's command under \`.ai/vcm/handoffs/role-commands/\`.
28
- - Role commands contain PM-owned routing context only: target role, user request summary, known user constraints, source of truth, required next gate, skipped gates when applicable, required handoff inputs, expected artifact, stop conditions, and confirmed worktree information.
29
- - Do not write technical design into role commands; ask architect to determine architecture, file scope, public contracts, validation requirements, and Replan triggers.
30
- - For coder or reviewer commands, reference existing handoff artifacts instead of making new technical judgments.
31
- - Dispatch the handoff with the \`vcm-route-message\` skill and follow its write-then-stop rule.
28
+ - Use the \`vcm-route-message\` skill for every role dispatch, question, result, blocker, or finding.
29
+ - Route messages contain PM-owned routing context only: target role, user request summary, known user constraints, source of truth, required next gate, skipped gates when applicable, required handoff inputs, expected artifact, stop conditions, and confirmed worktree information.
30
+ - Do not write technical design into route messages; ask architect to determine architecture, file scope, public contracts, validation requirements, and Replan triggers.
31
+ - For coder or reviewer messages, reference existing handoff artifacts instead of making new technical judgments.
32
32
 
33
33
  ### Phased Tasks
34
34
 
35
35
  - When architect provides a phased plan, dispatch only one phase at a time.
36
36
  - Do not split, merge, reorder, or redefine phases yourself; route phase-plan changes back to architect.
37
- - Each coder phase must complete its assigned implementation, phase validation, and handoff artifacts before PM dispatches the next phase.
38
- - Phase validation normally runs through L2; reserve full L3 validation for final task acceptance unless architect requires phase-level L3.
37
+ - Each coder phase must complete its assigned implementation before PM dispatches the next phase.
38
+ - Phase validation normally runs through L2; reserve full L3 validation for final task acceptance.
39
39
  - Route back to architect only when coder or reviewer reports a technical mismatch with the approved plan.
40
40
 
41
41
  ### Flow Gates
@@ -48,7 +48,7 @@ export function renderProjectManagerHarnessRules() {
48
48
  ### Partial Role Results
49
49
 
50
50
  - Treat partial, blocked, or continuation-needed role results as incomplete gates.
51
- - If a role completes a coherent slice and the remaining work still matches the current role command, update the same role command and dispatch the same role again.
51
+ - If a role completes a coherent slice and the remaining work still matches the current route, dispatch the same role again.
52
52
  - Do not accept workload, session length, or context size as a reason to change the architect plan.
53
53
  - Route back to architect only for technical mismatch with the approved plan, not for workload or session-size reasons.
54
54
  - Do not advance to the next gate until the current gate is explicitly complete or an approved exception is recorded.
@@ -68,5 +68,10 @@ export function renderProjectManagerHarnessRules() {
68
68
  - Fill the PR body from final acceptance, review report, docs-sync report, known-issues disposition, and commits.
69
69
  - Do not perform technical review or validation during PR preparation; route missing evidence to the responsible role.
70
70
  - Create a draft PR by default unless the user requests a ready PR.
71
+
72
+ ### Background Jobs
73
+
74
+ - Never background a Bash command: no \`run_in_background\`, \`nohup\`, \`setsid\`, \`disown\`, or trailing \`&\`.
75
+ - For any command that may exceed 2 minutes, use the \`vcm-long-running-validation\` skill and stay in the turn, re-running \`.ai/tools/watch-job\` until it reports a terminal result.
71
76
  `;
72
77
  }
@@ -1,49 +1,46 @@
1
1
  export function renderReviewerHarnessRules() {
2
- return `## VCM Reviewer Rules
2
+ return `
3
+ ## VCM Reviewer Rules
3
4
 
4
5
  ### Role Scope
5
6
 
6
- - Own the independent review gate, test adequacy, reviewer-owned validation design, and final validation confidence.
7
- - Do not take over broad, architectural, risky, or multi-file implementation work, and do not weaken tests to pass validation.
8
- - Reply to project-manager with the \`vcm-route-message\` skill.
7
+ - Own independent validation review, reviewer-owned test design, test implementation, test adequacy, \`docs/TESTING.md\`, and final validation confidence.
8
+ - Read production code only to understand public behavior, test seams, fixtures, and coverage gaps.
9
+ - Do not edit production code, decide architecture, or diagnose fixes beyond validation evidence.
9
10
 
10
11
  ### Inputs
11
12
 
12
- - Read \`CLAUDE.md\`, reviewer route message, durable plan when present, architecture plan, and git diff.
13
- - For code-change reviews, read coder route message; if it is missing, note the missing evidence in \`.ai/vcm/handoffs/review-report.md\`.
14
- - Read affected code, tests, and project docs only as needed to verify behavior, public contracts, validation, risk, and docs impact.
13
+ - Read reviewer role message, the VCM task record or durable plan, architecture plan, \`docs/TESTING.md\`, relevant tests, fixtures, and validation docs.
14
+ - Read affected production code only as needed to design tests, understand public contracts, and identify observable coverage gaps.
15
+ - Use \`.ai/generated/module-index.json\` and \`.ai/generated/public-surface.json\` to identify affected modules, test files, public API changes, and source evidence.
15
16
 
16
- ### Review Scope
17
+ ### Validation Scope
17
18
 
18
- - Verify scope, role compliance, single-writer compliance, architecture compliance, public contract compliance, docs gaps, cleanup, risk, and whether validation evidence is sufficient.
19
- - Escalate larger implementation issues to project-manager for coder follow-up.
20
- - Escalate architecture, public contract, design, or documentation drift issues to project-manager for architect follow-up.
21
-
22
- ### Test Adequacy And Validation
23
-
24
- - Independently design the test coverage needed to prove the implemented behavior, including missing cases beyond coder's baseline tests.
25
- - Decide whether stronger L1/L2/L3 validation is needed for final confidence.
19
+ - Validate behavior against the approved task scope, architecture plan, and public contracts through tests or observable behavior.
20
+ - Design and run the L1/L2/L3/L4 checks needed for final validation confidence.
26
21
  - Before final validation, perform a full cache cleanup, then rerun validation from a clean state.
27
22
  - Do not use validation results produced before full cache cleanup as final acceptance evidence.
28
- - Add or modify tests needed for test adequacy.
29
- - Do not skip smoke, integration, or E2E checks only because coder did not run them.
30
-
31
- ### Review-Scoped Fixes
32
-
33
- - Production-code fixes must be small, local, low-risk, and traceable to review findings.
34
- - Escalate broad, risky, architectural, or multi-file production fixes instead of implementing them directly.
23
+ - Record failed commands, observed behavior, expected behavior, reproduction steps, skipped checks, and coverage gaps.
24
+ - If validation fails or expected behavior is unclear, report the evidence to project-manager; architect owns diagnosis and next-step routing.
25
+ - Add or modify tests, fixtures, or test helpers needed for validation confidence.
26
+ - Update \`docs/TESTING.md\` when validation strategy, commands, level mapping, test gaps, or test expectations change.
35
27
 
36
28
  ### Phase Validation
37
29
 
38
- - Each phase must run the strongest practical validation up to L2: fast, changed-file, focused unit, contract, or module validation.
39
- - Full L3 E2E / browser / integration validation is normally reserved for the final phase or whole-task acceptance.
30
+ - For phase review, run the strongest practical validation up to L2 that is relevant to the phase scope.
31
+ - Reserve full L3 E2E / browser / integration validation for the final phase or whole-task acceptance.
40
32
  - Run a narrow L3 smoke during a phase only when that phase directly changes a critical E2E path or high-risk integration boundary.
41
- - Treat architect-flagged public contracts, migrations, auth, data flow, routing, or dependency changes as risk inputs for reviewer-owned validation design.
33
+ - Treat architect-flagged public contracts, migrations, auth, data flow, routing, or dependency changes as inputs for reviewer-owned validation design.
42
34
  - Record skipped L3 checks in \`.ai/vcm/handoffs/review-report.md\` with the reason and the planned final validation point.
43
35
 
44
36
  ### Outputs
45
37
 
46
- - Write \`.ai/vcm/handoffs/review-report.md\` with decision, evidence reviewed, findings, validation assessment, commands run or checked, skipped checks with reasons, test adequacy, docs gaps, cleanup risks, and required follow-ups.
47
- - Record confirmed unresolved findings that should survive task cleanup in \`.ai/vcm/handoffs/known-issues.md\` for docs sync/final acceptance triage.
38
+ - Write \`.ai/vcm/handoffs/review-report.md\` with decision, evidence reviewed, tests added or updated, commands run or checked, validation results, failed expectations, reproduction steps, skipped checks with reasons, coverage gaps, and required follow-ups.
39
+ - Record confirmed unresolved issues in \`.ai/vcm/handoffs/known-issues.md\` only when they should survive current-task cleanup.
40
+
41
+ ### Background Jobs
42
+
43
+ - Never background a Bash command: no \`run_in_background\`, \`nohup\`, \`setsid\`, \`disown\`, or trailing \`&\`.
44
+ - For any command that may exceed 2 minutes, use the \`vcm-long-running-validation\` skill and stay in the turn, re-running \`.ai/tools/watch-job\` until it reports a terminal result.
48
45
  `;
49
46
  }
@@ -3,48 +3,59 @@ export function renderVcmFinalAcceptanceSkillRules() {
3
3
 
4
4
  Use this skill when project-manager is ready to decide whether a VCM-managed task can be accepted, returned for follow-up, or blocked for a decision.
5
5
 
6
- This skill is a final evidence audit. It does not replace architect docs sync, reviewer acceptance, validation, or user approval for high-risk decisions.
6
+ This skill is a final evidence audit. It does not replace architect docs sync, reviewer validation acceptance, coder implementation responsibility, or user approval for high-risk decisions.
7
+
8
+ Project-manager must not use this skill to perform technical design review, implementation review, source-code analysis, or test adequacy analysis. Missing or conflicting evidence must be routed to the responsible role.
7
9
 
8
10
  ## Required Inputs
9
11
 
10
12
  Read the relevant task evidence before deciding:
11
13
 
12
- - route messages or durable plan
13
- - \`.ai/vcm/handoffs/architecture-plan.md\`
14
- - \`.ai/vcm/handoffs/known-issues.md\`
15
- - \`.ai/vcm/handoffs/review-report.md\`
16
- - \`.ai/vcm/handoffs/docs-sync-report.md\`
17
- - current \`git status\` and \`git diff\`
18
- - relevant long-term docs when the task touched public behavior, architecture, tests, security, dependencies, or plans
14
+ - original user request, PM route message, or durable plan when present
15
+ - \`.ai/vcm/handoffs/architecture-plan.md\` when the task required architect planning
16
+ - \`.ai/vcm/handoffs/review-report.md\` when reviewer validation was required
17
+ - \`.ai/vcm/handoffs/docs-sync-report.md\` when durable docs could be affected
18
+ - \`.ai/vcm/handoffs/known-issues.md\` when unresolved findings were recorded
19
+ - current \`git status\` and changed file list
20
+ - relevant long-term docs only when needed to confirm that a docs-sync artifact exists and names the correct durable docs
21
+
22
+ ## Evidence Audit
23
+
24
+ Check whether the required role evidence exists, is current, and gives a clear decision.
25
+
26
+ Acceptable evidence must show:
27
+
28
+ - architect plan or docs-sync decision when architecture, public contracts, durable docs, or known issues changed
29
+ - reviewer decision and validation evidence when code, behavior, tests, or generated context changed
30
+ - known-issues disposition when unresolved findings were recorded
31
+ - explicit user approval for accepted high-risk decisions or intentionally skipped required gates
19
32
 
20
- ## Scope Traceability Audit
33
+ ## File Scope Audit
21
34
 
22
- Do not claim to prove that the diff is exactly equal to the task scope.
35
+ Do not claim to prove that every diff hunk exactly matches the task.
23
36
 
24
- Instead, classify changed files and meaningful hunks:
37
+ Review the changed file list only, then classify files:
25
38
 
26
- - expected changes: directly named by the user request, durable plan, route message, or architecture plan
27
- - supporting changes: tests, fixtures, types, docs, or wiring needed for expected changes
28
- - approved deviations: changes explained by Replan, reviewer follow-up, or explicit user / project-manager approval
29
- - unexplained changes: changes with no traceable reason in the task evidence
30
- - high-risk unexpected changes: auth, permissions, payment, billing, schema, migrations, data deletion, secrets, generated artifacts, dependencies, lockfiles, or broad formatting churn
39
+ - expected files: directly named by the user request, route message, durable plan, or architecture plan
40
+ - supporting files: tests, fixtures, generated context, docs, or wiring needed for expected files
41
+ - approved deviations: files explained by Replan, reviewer follow-up, docs-sync, or explicit user / project-manager approval
42
+ - unexplained files: files with no traceable reason in the task evidence
43
+ - high-risk unexpected files: auth, permissions, payment, billing, schema, migrations, data deletion, secrets, dependencies, lockfiles, broad generated artifacts, or broad formatting churn
31
44
 
32
- Unexplained changes must be explained, reverted, or routed for follow-up before normal acceptance.
45
+ Unexplained files must be routed for explanation, follow-up, or removal before normal acceptance.
33
46
 
34
- High-risk unexpected changes require project-manager / user approval or Replan before acceptance.
47
+ High-risk unexpected files require explicit user approval or architect Replan before acceptance.
35
48
 
36
49
  ## Acceptance Checks
37
50
 
38
51
  Check:
39
52
 
40
- - required route was followed, or a user-approved exception is recorded
53
+ - required route was followed, or an explicit exception is recorded
41
54
  - required handoff artifacts exist and are current
42
- - architecture plan was followed, or Replan was approved
43
- - reviewer decision is acceptable, or findings are routed for follow-up
44
- - docs sync is complete, or docs intentionally left unchanged are justified
45
- - task-local known issues were resolved, promoted to \`docs/known-issues.md\`, or explicitly left out with a reason
46
- - public behavior has direct tests or a recorded exception
47
- - tests were not weakened, deleted, or skipped just to pass
55
+ - architecture plan completion, Replan, or architect follow-up decision is recorded
56
+ - reviewer report records validation commands, results, skipped checks with reasons, and an acceptable decision
57
+ - docs-sync report records docs updated, docs intentionally left unchanged, or required follow-up
58
+ - known issues are either resolved, promoted to durable docs by architect, or explicitly accepted
48
59
  - temporary task state is ready to clean after durable facts are promoted
49
60
 
50
61
  ## Decisions
@@ -58,7 +69,7 @@ Choose exactly one:
58
69
  - needs-docs-sync
59
70
  - blocked-by-user-decision
60
71
 
61
- Do not accept when validation evidence is missing, reviewer findings are unresolved, docs sync is missing for durable changes, or unexplained high-risk changes remain.
72
+ Do not accept when required role evidence is missing, reviewer findings are unresolved, docs sync is missing for durable changes, known-issues disposition is missing, or unexplained high-risk files remain.
62
73
 
63
74
  ## Output
64
75
 
@@ -79,17 +90,17 @@ accepted | accepted-with-known-risks | needs-coder-follow-up | needs-architect-r
79
90
 
80
91
  ## Evidence Reviewed
81
92
 
82
- ## Scope Traceability
93
+ ## File Scope
83
94
 
84
- ### Expected Changes
95
+ ### Expected Files
85
96
 
86
- ### Supporting Changes
97
+ ### Supporting Files
87
98
 
88
99
  ### Approved Deviations
89
100
 
90
- ### Unexplained Changes
101
+ ### Unexplained Files
91
102
 
92
- ### High-Risk Unexpected Changes
103
+ ### High-Risk Unexpected Files
93
104
 
94
105
  ## Validation Summary
95
106
 
@@ -1,28 +1,51 @@
1
1
  export function renderVcmLongRunningValidationSkillRules() {
2
- return `## Rule
2
+ return `Use this skill for builds, browser checks, E2E tests, release suites, or any command that may run longer than 2 minutes.
3
3
 
4
- Do not start background jobs.
4
+ ## Rule
5
5
 
6
- The only allowed background job is \`.ai/tools/run-long-check\` when used through this skill.
6
+ Never run the Bash tool with \`run_in_background: true\`, and never detach a process with \`nohup\`, \`setsid\`, \`disown\`, or a trailing \`&\`. VCM denies these calls.
7
7
 
8
- This skill has a hard maximum timeout of 60 minutes. Do not run or suggest operations expected to exceed 60 minutes without user approval.
8
+ The only sanctioned long-running mechanism is \`.ai/tools/run-long-check\` plus \`.ai/tools/watch-job\` through this skill.
9
+
10
+ The hard ceiling is 60 minutes per job, enforced by the job worker itself. Do not run or suggest operations expected to exceed 60 minutes without user approval; split larger work first.
9
11
 
10
12
  ## Protocol
11
13
 
12
- 1. Start the command through \`.ai/tools/run-long-check\`.
13
- 2. Write job state under \`.ai/vcm/jobs/<job-id>/\`.
14
- 3. Run \`.ai/tools/watch-job <job-id> --timeout <duration>\` in the same turn.
15
- 4. Treat success, failure, and timeout as explicit results.
16
- 5. Read the final status and relevant log tail.
14
+ 1. Start the command with an explicit ceiling: \`.ai/tools/run-long-check --timeout <duration> -- <command>\`. Pick the ceiling from \`docs/TESTING.md\` guidance or a realistic estimate, never above 60m. The tool prints the job id and creates job state under \`.ai/vcm/jobs/<job-id>/\`.
15
+ 2. In the same turn, run \`.ai/tools/watch-job <job-id>\`. The default watch window is 8 minutes.
16
+ 3. If watch-job exits 125, the job is still running: run \`.ai/tools/watch-job <job-id>\` again immediately. Do not end the turn between windows.
17
+ 4. Repeat until watch-job reports a terminal result.
18
+ 5. Read the final status and the relevant log tail.
17
19
  6. Record command, result, duration, and required follow-up wherever the caller normally records command evidence.
18
20
 
19
21
  Example:
20
22
 
21
23
  \`\`\`bash
22
- .ai/tools/run-long-check -- cargo test --workspace
23
- .ai/tools/watch-job <job-id> --timeout 20m
24
+ .ai/tools/run-long-check --timeout 30m -- cargo test --workspace
25
+ .ai/tools/watch-job <job-id>
26
+ .ai/tools/watch-job <job-id> # repeat while the exit code is 125
24
27
  \`\`\`
25
28
 
29
+ ## Exit Codes
30
+
31
+ Treat watch-job exit codes as explicit results:
32
+
33
+ - \`0\`: success.
34
+ - \`1\`: failed; read the log tails.
35
+ - \`124\`: timeout; the job hit its ceiling and was killed; not passed.
36
+ - \`125\`: still running; call watch-job again now.
37
+ - \`4\`: orphaned or stale; the job lost foreground supervision and was killed, or its worker died; not passed.
38
+ - \`2\`: usage error or unknown job id.
39
+
40
+ ## Supervision
41
+
42
+ A running job requires a live foreground watcher:
43
+
44
+ - watch-job renews the job supervision lease while it runs.
45
+ - If no watcher renews the lease for about 2 minutes, the worker kills the command process group and records \`orphaned\`. A job cannot keep running unsupervised.
46
+ - VCM also blocks ending the turn while a job is running. Stay in the turn and keep watching.
47
+ - Only one validation job may run at a time; run-long-check refuses to start a second one.
48
+
26
49
  ## Job Files
27
50
 
28
51
  \`\`\`text
@@ -30,23 +53,19 @@ Example:
30
53
  .ai/vcm/jobs/<job-id>/status.json
31
54
  .ai/vcm/jobs/<job-id>/stdout.log
32
55
  .ai/vcm/jobs/<job-id>/stderr.log
56
+ .ai/vcm/jobs/<job-id>/lease
33
57
  \`\`\`
34
58
 
35
59
  ## Timeout
36
60
 
37
61
  Timeout is not "unknown". It is a command result.
38
62
 
39
- \`watch-job\` rejects timeouts over 60 minutes.
40
-
41
- On timeout:
63
+ On timeout the worker stops the command process group and records \`timeout\` in \`status.json\`; watch-job reports it with exit code 124:
42
64
 
43
65
  - summarize the latest log tail
44
- - record the timeout in \`status.json\`
45
66
  - report whether the timed-out process was stopped
46
67
  - do not mark the command as passed
47
- - do not continue the job in the background
48
-
49
- \`watch-job\` should attempt to stop the timed-out command process group. If termination cannot be confirmed, say so in the summary.
68
+ - do not retry in the background
50
69
 
51
70
  ## Cleanup
52
71
 
@@ -91,13 +91,14 @@ These entries match the current `example/rust-layered/.ai/vcm-harness-manifest.j
91
91
  | Skill directory | `.claude/skills/vcm-harness-bootstrap/` | VCM-created directory | Conditional long-term | Claude Code registration directory for the harness-bootstrap skill. |
92
92
  | Skill | `.claude/skills/vcm-route-message/SKILL.md` | whole-file | Conditional long-term | Route-file authoring protocol. |
93
93
  | Skill | `.claude/skills/vcm-final-acceptance/SKILL.md` | whole-file | Conditional long-term | PM final evidence audit. |
94
- | Skill | `.claude/skills/vcm-long-running-validation/SKILL.md` | whole-file | Conditional long-term | Role-independent long-running command protocol with 60 minute maximum timeout. |
94
+ | Skill | `.claude/skills/vcm-long-running-validation/SKILL.md` | whole-file | Conditional long-term | Role-independent long-running command protocol: worker-enforced 60 minute ceiling, supervision lease, windowed foreground watching. |
95
95
  | Skill | `.claude/skills/vcm-harness-bootstrap/SKILL.md` | whole-file | Conditional long-term | AI-assisted project understanding procedure. |
96
96
  | Harness tool directory | `.ai/tools/` | VCM-created directory | Long-term | Repo-local harness tools. |
97
97
  | Generated-context tool | `.ai/tools/generate-module-index` | whole-file | Long-term | Generates `.ai/generated/module-index.json`. |
98
98
  | Generated-context tool | `.ai/tools/generate-public-surface` | whole-file | Long-term | Generates `.ai/generated/public-surface.json`. |
99
- | Runtime tool | `.ai/tools/run-long-check` | whole-file | Conditional long-term | Starts the only VCM-allowed file-backed background job for long-running validation. |
100
- | Runtime tool | `.ai/tools/watch-job` | whole-file | Conditional long-term | Bounded watcher for long-running command jobs; rejects timeouts over 60 minutes. |
99
+ | Runtime tool | `.ai/tools/run-long-check` | whole-file | Conditional long-term | Starts the only VCM-allowed file-backed validation job; its worker enforces the job ceiling (max 60m) and a supervision lease, and refuses concurrent jobs. |
100
+ | Runtime tool | `.ai/tools/watch-job` | whole-file | Conditional long-term | Foreground watcher and lease renewer; watches in windows up to 8 minutes and exits 125 while the job still runs instead of killing it. |
101
+ | Runtime tool | `.ai/tools/vcm-bash-guard` | whole-file | Conditional long-term | PreToolUse hook guard; denies `run_in_background`, `nohup`, `setsid`, `disown`, and `&` background Bash in VCM role sessions. |
101
102
  | Generated context directory | `.ai/generated/` | VCM-created directory | Long-term | Derived context artifacts. |
102
103
  | Generated context | `.ai/generated/module-index.json` | derived artifact | Derived | Regenerated by `generate-module-index`; do not hand-edit as source truth. |
103
104
  | Generated context | `.ai/generated/public-surface.json` | derived artifact | Derived | Regenerated by `generate-public-surface`; do not hand-edit as source truth. |
@@ -167,7 +168,7 @@ The current example installs these skills:
167
168
 
168
169
  - `vcm-route-message`: route-file write protocol.
169
170
  - `vcm-final-acceptance`: final PM evidence audit.
170
- - `vcm-long-running-validation`: role-independent long-running command protocol with a 60 minute maximum timeout.
171
+ - `vcm-long-running-validation`: role-independent long-running command protocol with a worker-enforced 60 minute ceiling, supervision lease, and windowed foreground watching.
171
172
  - `vcm-harness-bootstrap`: one-time or occasional project-understanding, generated-context refresh, and durable-doc bootstrap procedure.
172
173
 
173
174
  The current example does not install a separate `vcm-docs-sync` skill. Docs sync
@@ -176,13 +177,14 @@ is expressed in the architect role rules and writes
176
177
 
177
178
  ## Current Tools
178
179
 
179
- The current example keeps only four `.ai/tools/` files:
180
+ The current example keeps only five `.ai/tools/` files:
180
181
 
181
182
  ```text
182
183
  .ai/tools/generate-module-index
183
184
  .ai/tools/generate-public-surface
184
185
  .ai/tools/run-long-check
185
186
  .ai/tools/watch-job
187
+ .ai/tools/vcm-bash-guard
186
188
  ```
187
189
 
188
190
  The generated-context tools currently support Rust projects only. The fixed
@@ -556,7 +556,7 @@ VCM uses `UserPromptSubmit` as the Claude Code acceptance signal. A successful P
556
556
 
557
557
  The injected role rules require asynchronous file messaging: after writing or updating a route file, the role must end the current Claude Code turn and wait for VCM to deliver a later reply. Roles should use `.claude/skills/vcm-route-message/SKILL.md` to author route files. Roles must not poll files, start shell loops, keep the turn open waiting for another role to answer, paste directly into another role terminal, or use Claude Code Task/Subagent for VCM role delegation.
558
558
 
559
- Roles must not start background jobs. The only allowed background job is `.ai/tools/run-long-check` when used through `vcm-long-running-validation`; `watch-job` rejects timeouts over 60 minutes.
559
+ Roles must not run background Bash; a `PreToolUse` hook (`.ai/tools/vcm-bash-guard`) denies `run_in_background`, `nohup`, `setsid`, `disown`, and trailing `&`. The only sanctioned long-running mechanism is `.ai/tools/run-long-check` plus `.ai/tools/watch-job` through `vcm-long-running-validation`: the detached job worker enforces the 60 minute ceiling and a supervision lease that kills unwatched jobs, `watch-job` renews the lease in foreground windows of up to 8 minutes (exit `125` means call it again in the same turn), and the VCM backend blocks a role's turn-end while one of its validation jobs is still running.
560
560
 
561
561
  There is no `vcmctl` in the target design. Hook entrypoints are direct HTTP from Claude Code hooks to the local VCM backend.
562
562
 
@@ -50,6 +50,7 @@ CLAUDE.md
50
50
  .ai/tools/generate-public-surface
51
51
  .ai/tools/run-long-check
52
52
  .ai/tools/watch-job
53
+ .ai/tools/vcm-bash-guard
53
54
  .github/pull_request_template.md
54
55
  ```
55
56
 
@@ -280,10 +281,16 @@ This skill is role-independent. It only handles long-running command execution,
280
281
  bounded waiting, file-backed status, timeout, and log summaries. The caller
281
282
  decides where to record command evidence.
282
283
 
283
- VCM roles must not start background jobs. The only allowed background job is
284
- `.ai/tools/run-long-check` when used through `vcm-long-running-validation`.
285
- `vcm-long-running-validation` has a hard maximum timeout of 60 minutes; split
286
- larger validation/build work or ask the user before suggesting anything longer.
284
+ VCM roles must not run background Bash; a `PreToolUse` hook
285
+ (`.ai/tools/vcm-bash-guard`) denies `run_in_background`, `nohup`, `setsid`,
286
+ `disown`, and trailing `&`. The only sanctioned long-running mechanism is
287
+ `.ai/tools/run-long-check` plus `.ai/tools/watch-job` through
288
+ `vcm-long-running-validation`. The job worker enforces a hard 60 minute
289
+ ceiling and a supervision lease that kills unwatched jobs; `watch-job` watches
290
+ in foreground windows of up to 8 minutes (exit `125` means watch again now),
291
+ and the VCM backend blocks turn-end while a validation job is running. Split
292
+ larger validation/build work or ask the user before suggesting anything longer
293
+ than 60 minutes.
287
294
 
288
295
  ## 10. Generated Context
289
296
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "vibe-coding-master",
3
- "version": "0.2.7",
3
+ "version": "0.2.8",
4
4
  "description": "Local GUI session cockpit for Claude Code role sessions.",
5
5
  "type": "module",
6
6
  "files": [