wogiflow 2.4.2 → 2.4.3

package/scripts/flow-hook-status.js

@@ -0,0 +1,263 @@
+/**
+ * Wogi Flow - Hook Status Aggregator
+ *
+ * Pre-computes a single hook-status.json file containing all state
+ * that PreToolUse/PostToolUse hooks need. Hooks read 1 file instead
+ * of 6-8 separate reads per invocation.
+ *
+ * Writers: flow-start.js, task-completed.js, routing-gate.js, phase-gate.js
+ * Reader: pre-tool-use.js, post-tool-use.js
+ *
+ * IMPORTANT: This module must NOT require flow-utils at load time (circular dep risk).
+ * flow-utils does NOT require this module — keep it that way.
+ */
+
+const fs = require('node:fs');
+const path = require('node:path');
+
+// Lazy-load to avoid circular deps at module level
+let _PATHS = null;
+function getPATHS() {
+  if (!_PATHS) {
+    _PATHS = require('./flow-paths').PATHS;
+  }
+  return _PATHS;
+}
+
+// Lazy-load safeJsonParseString to avoid circular deps
+let _safeJsonParseString = null;
+function getSafeJsonParseString() {
+  if (!_safeJsonParseString) {
+    _safeJsonParseString = require('./flow-io').safeJsonParseString;
+  }
+  return _safeJsonParseString;
+}
+
+const HOOK_STATUS_FILENAME = 'hook-status.json';
+
+function getHookStatusPath() {
+  return path.join(getPATHS().state, HOOK_STATUS_FILENAME);
+}
+
+/**
+ * Read the current hook status (single file read).
+ * Uses safeJsonParseString for prototype pollution protection.
+ * Returns null if file doesn't exist, is corrupt, or stale vs config.json.
+ * @returns {Object|null}
+ */
+function readHookStatus() {
+  try {
+    const statusPath = getHookStatusPath();
+    const content = fs.readFileSync(statusPath, 'utf-8');
+    const parsed = getSafeJsonParseString()(content, null);
+    if (!parsed) return null;
+
+    // Staleness check: if config.json is newer than hook-status.json, invalidate
+    try {
+      const configPath = path.join(getPATHS().workflow, 'config.json');
+      const configMtime = fs.statSync(configPath).mtimeMs;
+      const statusMtime = fs.statSync(statusPath).mtimeMs;
+      if (configMtime > statusMtime) {
+        // Config changed after hook-status was written — refresh needed
+        return null;
+      }
+    } catch (_err) { /* config missing or stat failed — use cached status */ }
+
+    return parsed;
+  } catch (_err) {
+    return null;
+  }
+}
+
+/**
+ * Write the hook status file atomically with PID-scoped temp file.
+ * @param {Object} status - The full status object
+ */
+function writeHookStatus(status) {
+  status.updatedAt = new Date().toISOString();
+  const statusPath = getHookStatusPath();
+  const tmpPath = statusPath + '.tmp.' + process.pid;
+  try {
+    fs.writeFileSync(tmpPath, JSON.stringify(status, null, 2));
+    fs.renameSync(tmpPath, statusPath);
+  } catch (_err) {
+    // Non-blocking — hooks fall back to individual reads
+    try { fs.unlinkSync(tmpPath); } catch (_e) { /* ignore */ }
+  }
+}
+
+/**
+ * Build enforcement block from config (shared by createDefaultStatus + refreshHookStatus).
+ * @param {Object} config - Parsed config object
+ * @returns {Object} enforcement flags + componentReuse + phaseGate
+ */
+function buildEnforcementFromConfig(config) {
+  return {
+    enforcement: {
+      taskGating: config.enforcement?.taskGating?.enabled === true,
+      scopeGating: config.enforcement?.scopeGating?.enabled === true,
+      routingGate: config.enforcement?.routingGate?.enabled === true,
+      commitLogGate: config.enforcement?.commitLogGate?.enabled === true,
+      todoWriteGate: config.enforcement?.todoWriteGate?.enabled === true,
+      loopEnforcement: config.enforcement?.loopEnforcement?.enabled === true
+    },
+    componentReuse: config.componentReuse?.enabled === true,
+    // Correct path: hooks.rules.phaseGate.enabled (matches phase-gate.js:84)
+    phaseGate: config.hooks?.rules?.phaseGate?.enabled === true
+  };
+}
+
+/**
+ * Update specific fields in hook status (read-modify-write).
+ * Creates the file if it doesn't exist.
+ * Deep-merges known nested keys (enforcement, routing) to prevent clobbering.
+ * @param {Object} updates - Fields to merge into current status
+ */
+function updateHookStatus(updates) {
+  const current = readHookStatus() || createDefaultStatus();
+  // Deep-merge known nested keys to prevent shallow-assign clobbering
+  if (updates.enforcement) {
+    updates.enforcement = { ...current.enforcement, ...updates.enforcement };
+  }
+  if (updates.routing) {
+    updates.routing = { ...current.routing, ...updates.routing };
+  }
+  Object.assign(current, updates);
+  writeHookStatus(current);
+}
+
+/**
+ * Create default hook status from current config + state.
+ * Called when hook-status.json doesn't exist yet.
+ * @returns {Object}
+ */
+function createDefaultStatus() {
+  let config = {};
+  try {
+    const { getConfig } = require('./flow-utils');
+    config = getConfig() || {};
+  } catch (_err) { /* ignore */ }
+
+  return {
+    ...buildEnforcementFromConfig(config),
+    activeTask: null,
+    phase: 'idle',
+    routing: {
+      pending: false,
+      cleared: false,
+      clearedAt: null
+    },
+    changedFiles: [],
+    updatedAt: new Date().toISOString()
+  };
+}
+
+/**
+ * Refresh hook status from current config and state files.
+ * Called at session start and after config changes.
+ */
+function refreshHookStatus() {
+  let config = {};
+  try {
+    const { getConfig } = require('./flow-utils');
+    config = getConfig() || {};
+  } catch (_err) { /* ignore */ }
+
+  let activeTask = null;
+  try {
+    const { getReadyData } = require('./flow-utils');
+    const readyData = getReadyData();
+    if (readyData.inProgress && readyData.inProgress.length > 0) {
+      const task = readyData.inProgress[0];
+      activeTask = { id: task.id, title: task.title, routedAt: task.routedAt || null };
+    }
+  } catch (_err) { /* ignore */ }
+
+  let phase = 'idle';
+  try {
+    const { safeJsonParse } = require('./flow-utils');
+    const phasePath = path.join(getPATHS().state, 'workflow-phase.json');
+    const phaseData = safeJsonParse(phasePath, null);
+    if (phaseData) phase = phaseData.phase || 'idle';
+  } catch (_err) { /* ignore */ }
+
+  const status = {
+    ...buildEnforcementFromConfig(config),
+    activeTask,
+    phase,
+    routing: {
+      pending: false,
+      cleared: false,
+      clearedAt: null
+    },
+    changedFiles: []
+  };
+
+  writeHookStatus(status);
+  return status;
+}
+
+/**
+ * Update just the active task field.
+ * @param {Object|null} task - { id, title, routedAt } or null
+ */
+function setActiveTask(task) {
+  updateHookStatus({ activeTask: task });
+}
+
+/**
+ * Update just the phase field.
+ * @param {string} phase
+ */
+function setPhase(phase) {
+  updateHookStatus({ phase });
+}
+
+/**
+ * Update routing state.
+ * @param {Object} routing - { pending, cleared, clearedAt }
+ */
+function setRouting(routing) {
+  updateHookStatus({ routing });
+}
+
+/**
+ * Add a file to the changed files list (deduped).
+ * @param {string} filePath
+ */
+function trackFile(filePath) {
+  const current = readHookStatus();
+  if (!current) return;
+  if (!current.changedFiles) current.changedFiles = [];
+  if (!current.changedFiles.includes(filePath)) {
+    current.changedFiles.push(filePath);
+    writeHookStatus(current);
+  }
+}
+
+/**
+ * Clear hook status on task completion.
+ */
+function clearOnTaskComplete() {
+  const current = readHookStatus() || createDefaultStatus();
+  current.activeTask = null;
+  current.phase = 'idle';
+  current.routing = { pending: false, cleared: false, clearedAt: null };
+  current.changedFiles = [];
+  writeHookStatus(current);
+}
+
+module.exports = {
+  readHookStatus,
+  writeHookStatus,
+  updateHookStatus,
+  refreshHookStatus,
+  createDefaultStatus,
+  setActiveTask,
+  setPhase,
+  setRouting,
+  trackFile,
+  clearOnTaskComplete,
+  getHookStatusPath,
+  HOOK_STATUS_FILENAME
+};

package/scripts/flow-hooks.js

@@ -18,28 +18,26 @@ const fs = require('node:fs');
 const path = require('node:path');
 const {
   getProjectRoot,
-  getConfig
+  getConfig, PATHS
 } = require('./flow-utils')
 const { color, success, warn, error } = require('./flow-output');;
 
 const { getAdapter, getAllAdapters, getAvailableAdapters } = require('./hooks/adapters');
-const { readJson } = require('./flow-io');
-
-const PROJECT_ROOT = getProjectRoot();
+const { readJson, safeJsonParse } = require('./flow-io');
 
 /**
  * Get installed WogiFlow version from package.json (canonical source)
  * @returns {string} Version string or 'unknown'
  */
 function getInstalledVersion() {
-  const pkgPath = path.join(PROJECT_ROOT, 'node_modules', 'wogiflow', 'package.json');
+  const pkgPath = path.join(PATHS.root, 'node_modules', 'wogiflow', 'package.json');
   const pkg = readJson(pkgPath, null);
   if (pkg) {
     return pkg.version || 'unknown';
   }
 
   // Fallback: try settings.json (legacy)
-  const settingsPath = path.join(PROJECT_ROOT, '.claude', 'settings.json');
+  const settingsPath = path.join(PATHS.root, '.claude', 'settings.json');
   const settings = readJson(settingsPath, null);
   if (settings) {
     return settings._wogiFlowVersion || 'unknown';
@@ -113,7 +111,7 @@ function installForTarget(targetName) {
     headers: config.httpHeaders || {},
     allowedEnvVars: config.httpAllowedEnvVars || []
   } : undefined;
-  const hooksConfig = adapter.generateConfig(config.rules, PROJECT_ROOT, transportConfig);
+  const hooksConfig = adapter.generateConfig(config.rules, PATHS.root, transportConfig);
 
   // For Claude Code, we need to merge into settings.local.json
   if (targetName === 'claude-code') {
@@ -138,15 +136,7 @@ function installClaudeCodeHooks(adapter, hooksConfig) {
   }
 
   // Read existing config
-  let existingConfig = {};
-  if (fs.existsSync(configPath)) {
-    try {
-      const content = fs.readFileSync(configPath, 'utf-8');
-      existingConfig = JSON.parse(content);
-    } catch (err) {
-      warn(`  Could not parse existing config, will create new`);
-    }
-  }
+  let existingConfig = safeJsonParse(configPath, {});
 
   // Check if we're overwriting non-Wogi hooks
   if (existingConfig.hooks && !existingConfig._wogiFlowManaged) {
@@ -166,7 +156,7 @@ function installClaudeCodeHooks(adapter, hooksConfig) {
 
   // Write config
   fs.writeFileSync(configPath, JSON.stringify(newConfig, null, 2));
-  success(`Hooks written to ${path.relative(PROJECT_ROOT, configPath)}`);
+  success(`Hooks written to ${path.relative(PATHS.root, configPath)}`);
 
   return true;
 }
@@ -250,8 +240,12 @@ function removeClaudeCodeHooks(adapter) {
   }
 
   try {
-    const content = fs.readFileSync(configPath, 'utf-8');
-    const config = JSON.parse(content);
+    const config = safeJsonParse(configPath, null);
+
+    if (!config) {
+      warn(`  Config file is corrupt or unreadable (skipping)`);
+      return false;
+    }
 
     if (!config._wogiFlowManaged) {
       warn(`  Config not managed by Wogi Flow (skipping)`);
@@ -275,8 +269,7 @@ function removeClaudeCodeHooks(adapter) {
     // Restore backup if exists
     const backupPath = configPath + '.backup';
     if (fs.existsSync(backupPath)) {
-      const backupContent = fs.readFileSync(backupPath, 'utf-8');
-      const backupConfig = JSON.parse(backupContent);
+      const backupConfig = safeJsonParse(backupPath, {});
       if (backupConfig.hooks) {
         const finalConfig = { ...config, hooks: backupConfig.hooks };
         fs.writeFileSync(configPath, JSON.stringify(finalConfig, null, 2));
@@ -375,13 +368,8 @@ function checkIfInstalled(adapter) {
     if (!fs.existsSync(configPath)) {
       return false;
     }
-    try {
-      const content = fs.readFileSync(configPath, 'utf-8');
-      const config = JSON.parse(content);
-      return config._wogiFlowManaged === true;
-    } catch (_err) {
-      return false;
-    }
+    const config = safeJsonParse(configPath, {});
+    return config._wogiFlowManaged === true;
   }
   return false;
 }
@@ -434,7 +422,7 @@ async function testHook(hookName) {
 
   const { spawn } = require('node:child_process');
   const proc = spawn('node', [hookPath], {
-    cwd: PROJECT_ROOT,
+    cwd: PATHS.root,
     stdio: ['pipe', 'pipe', 'pipe']
   });
 

package/scripts/flow-http-client.js

@@ -22,9 +22,9 @@ const { TIMEOUTS, LIMITS, BACKOFF } = require('./flow-constants');
 class HttpClient {
   constructor(baseUrl, options = {}) {
     this.baseUrl = baseUrl;
-    this.defaultHeaders = options.headers || {};
-    this.timeout = options.timeout || TIMEOUTS.HTTP_DEFAULT;
-    this.maxRetries = options.maxRetries || LIMITS.HTTP_MAX_RETRIES;
+    this.defaultHeaders = options.headers ?? {};
+    this.timeout = options.timeout ?? TIMEOUTS.HTTP_DEFAULT;
+    this.maxRetries = options.maxRetries ?? LIMITS.HTTP_MAX_RETRIES;
   }
 
   /**
@@ -55,10 +55,10 @@ class HttpClient {
       port: url.port || (isHttps ? 443 : 80),
       path: url.pathname + url.search,
       headers,
-      timeout: options.timeout || this.timeout,
+      timeout: options.timeout ?? this.timeout,
     };
 
-    return this._executeWithRetry(lib, requestOptions, body, options.retries || 0);
+    return this._executeWithRetry(lib, requestOptions, body, options.retries ?? 0);
   }
 
   /**
@@ -147,7 +147,8 @@ class HttpClient {
    * Sleep helper
    */
   _sleep(ms) {
-    return new Promise(resolve => setTimeout(resolve, ms));
+    const { setTimeout: sleep } = require('node:timers/promises');
+    return sleep(ms);
   }
 
   // Convenience methods
@@ -222,7 +223,7 @@ class HttpClient {
  * Simple fetch JSON helper (for one-off requests)
  */
 async function fetchJson(url, options = {}) {
-  const client = new HttpClient(url, { timeout: options.timeout || TIMEOUTS.HTTP_DEFAULT });
+  const client = new HttpClient(url, { timeout: options.timeout ?? TIMEOUTS.HTTP_DEFAULT });
   const parsedUrl = new URL(url);
   const response = await client.get(parsedUrl.pathname + parsedUrl.search, {
     headers: options.headers,
@@ -234,7 +235,7 @@ async function fetchJson(url, options = {}) {
  * Simple post JSON helper (for one-off requests)
  */
 async function postJson(url, body, options = {}) {
-  const client = new HttpClient(url, { timeout: options.timeout || TIMEOUTS.HTTP_DEFAULT });
+  const client = new HttpClient(url, { timeout: options.timeout ?? TIMEOUTS.HTTP_DEFAULT });
   const parsedUrl = new URL(url);
   const response = await client.post(parsedUrl.pathname + parsedUrl.search, body, {
     headers: options.headers,

package/scripts/flow-hybrid-interactive.js

@@ -10,11 +10,11 @@
 
 const fs = require('node:fs');
 const path = require('node:path');
-const readline = require('node:readline');
+const readline = require('node:readline/promises');
 const http = require('node:http');
 const { HttpClient } = require('./flow-http-client');
 const { URL, URLSearchParams } = require('node:url');
-const { getProjectRoot, colors, safeJsonParse } = require('./flow-utils');
+const { getProjectRoot, colors, safeJsonParse, PATHS } = require('./flow-utils');
 const { error: errorMsg } = require('./flow-output');
 
 // Import model registry for smart model selection
@@ -26,9 +26,7 @@ try {
   // Registry not available, will use hardcoded models
 }
 
-const PROJECT_ROOT = getProjectRoot();
-const WORKFLOW_DIR = path.join(PROJECT_ROOT, '.workflow');
-const CONFIG_PATH = path.join(WORKFLOW_DIR, 'config.json');
+const CONFIG_PATH = path.join(PATHS.workflow, 'config.json');
 
 const symbols = {
   success: '✅',
@@ -96,12 +94,9 @@ async function prompt(question) {
     output: process.stdout
   });
 
-  return new Promise(resolve => {
-    rl.question(question, answer => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
+  const answer = await rl.question(question);
+  rl.close();
+  return answer.trim();
 }
 
 class Spinner {
@@ -700,7 +695,7 @@ ${colors.cyan}╔═════════════════════
 `);
 
   // Check if workflow dir exists
-  if (!fs.existsSync(WORKFLOW_DIR)) {
+  if (!fs.existsSync(PATHS.workflow)) {
     console.log(`${colors.red}${symbols.error} Wogi Flow not installed in this project.${colors.reset}`);
     console.log(`Run /wogi-onboard first.`);
     process.exit(1);

package/scripts/flow-hybrid-test.js

@@ -9,9 +9,8 @@
 const fs = require('node:fs');
 const path = require('node:path');
 const { spawnSync } = require('node:child_process');
-const { getProjectRoot, getConfig, error, success } = require('./flow-utils');
+const { getProjectRoot, getConfig, error, success, PATHS } = require('./flow-utils');
 
-const PROJECT_ROOT = getProjectRoot();
 const TESTS = [];
 let passed = 0;
 let failed = 0;
@@ -45,7 +44,7 @@ async function run() {
 // Tests
 
 test('Config file exists', () => {
-  const configPath = path.join(PROJECT_ROOT, '.workflow', 'config.json');
+  const configPath = path.join(PATHS.workflow, 'config.json');
   if (!fs.existsSync(configPath)) {
     throw new Error('config.json not found');
   }
@@ -59,7 +58,7 @@ test('Config has hybrid section', () => {
 });
 
 test('Detection script exists and runs', () => {
-  const scriptPath = path.join(PROJECT_ROOT, 'scripts', 'flow-hybrid-detect.js');
+  const scriptPath = path.join(PATHS.root, 'scripts', 'flow-hybrid-detect.js');
   if (!fs.existsSync(scriptPath)) {
     throw new Error('flow-hybrid-detect.js not found');
   }
@@ -77,56 +76,56 @@ test('Detection script exists and runs', () => {
 });
 
 test('Orchestrator script exists', () => {
-  const scriptPath = path.join(PROJECT_ROOT, 'scripts', 'flow-orchestrate.js');
+  const scriptPath = path.join(PATHS.root, 'scripts', 'flow-orchestrate.js');
   if (!fs.existsSync(scriptPath)) {
     throw new Error('flow-orchestrate.js not found');
   }
 });
 
 test('Templates directory exists', () => {
-  const templatesDir = path.join(PROJECT_ROOT, 'templates', 'hybrid');
+  const templatesDir = path.join(PATHS.root, 'templates', 'hybrid');
   if (!fs.existsSync(templatesDir)) {
     throw new Error('templates/hybrid directory not found');
   }
 });
 
 test('Base template exists', () => {
-  const basePath = path.join(PROJECT_ROOT, 'templates', 'hybrid', '_base.md');
+  const basePath = path.join(PATHS.root, 'templates', 'hybrid', '_base.md');
   if (!fs.existsSync(basePath)) {
     throw new Error('_base.md template not found');
   }
 });
 
 test('Component template exists', () => {
-  const templatePath = path.join(PROJECT_ROOT, 'templates', 'hybrid', 'create-component.md');
+  const templatePath = path.join(PATHS.root, 'templates', 'hybrid', 'create-component.md');
   if (!fs.existsSync(templatePath)) {
     throw new Error('create-component.md template not found');
   }
 });
 
 test('State directory exists', () => {
-  const stateDir = path.join(PROJECT_ROOT, '.workflow', 'state');
+  const stateDir = path.join(PATHS.workflow, 'state');
   if (!fs.existsSync(stateDir)) {
     throw new Error('.workflow/state directory not found');
   }
 });
 
 test('Progress module exists', () => {
-  const scriptPath = path.join(PROJECT_ROOT, 'scripts', 'flow-progress.js');
+  const scriptPath = path.join(PATHS.root, 'scripts', 'flow-progress.js');
   if (!fs.existsSync(scriptPath)) {
     throw new Error('flow-progress.js not found');
   }
 });
 
 test('Templates module exists', () => {
-  const scriptPath = path.join(PROJECT_ROOT, 'scripts', 'flow-templates.js');
+  const scriptPath = path.join(PATHS.root, 'scripts', 'flow-templates.js');
   if (!fs.existsSync(scriptPath)) {
     throw new Error('flow-templates.js not found');
   }
 });
 
 test('Interactive setup exists', () => {
-  const scriptPath = path.join(PROJECT_ROOT, 'scripts', 'flow-hybrid-interactive.js');
+  const scriptPath = path.join(PATHS.root, 'scripts', 'flow-hybrid-interactive.js');
   if (!fs.existsSync(scriptPath)) {
     throw new Error('flow-hybrid-interactive.js not found');
   }
@@ -140,7 +139,7 @@ test('Slash command files exist', () => {
   ];
 
   for (const cmd of commands) {
-    const cmdPath = path.join(PROJECT_ROOT, '.claude', 'commands', cmd);
+    const cmdPath = path.join(PATHS.root, '.claude', 'commands', cmd);
     if (!fs.existsSync(cmdPath)) {
       throw new Error(`${cmd} not found`);
     }

package/scripts/flow-instruction-richness.js

@@ -427,7 +427,7 @@ function loadRelevantTypes(projectRoot, filePath, options = {}) {
  * @returns {Promise<string|null>} Formatted type information
  */
 async function loadRelevantTypesWithLSP(projectRoot, filePath, options = {}) {
-  const { getConfig } = require('./flow-utils');
+  const { getConfig, PATHS } = require('./flow-utils');
   const config = getConfig();
 
   // Check if LSP is enabled

package/scripts/flow-io.js

@@ -1,5 +1,3 @@
-'use strict';
-
 /**
  * Wogi Flow - File I/O Operations
  *
@@ -510,7 +508,7 @@ async function acquireLock(filePath, options = {}) {
             if (process.env.DEBUG) {
               console.warn(`[DEBUG] Stale lock cleanup failed: ${err.message}`);
             }
-            await new Promise(resolve => setTimeout(resolve, retryDelay));
+            await require('node:timers/promises').setTimeout(retryDelay);
           }
           // Try again
           continue;
@@ -521,7 +519,7 @@ async function acquireLock(filePath, options = {}) {
           const delay = exponentialBackoff
             ? retryDelay * Math.pow(2, attempt)
             : retryDelay * (attempt + 1);
-          await new Promise(resolve => setTimeout(resolve, delay));
+          await require('node:timers/promises').setTimeout(delay);
           continue;
         }
       }
@@ -646,6 +644,22 @@ function cleanupStaleLocks(dirPath, staleMs = CLEANUP_LOCK_STALE_MS) {
   }
 }
 
+// ============================================================
+// String Sanitization (for AI context injection)
+// ============================================================
+
+/**
+ * Sanitize a string value before injecting into AI context.
+ * Strips markdown heading markers and truncates to prevent prompt manipulation.
+ *
+ * @param {string} value - Raw string from state files
+ * @param {number} [maxLen=200] - Maximum length
+ * @returns {string} Sanitized string
+ */
+function sanitizeForContext(value, maxLen = 200) {
+  return String(value).replace(/^#+\s/gm, '').slice(0, maxLen);
+}
+
 // ============================================================
 // Exports
 // ============================================================
@@ -689,4 +703,7 @@ module.exports = {
   withLock,
   withLockSync,
   cleanupStaleLocks,
+
+  // String Sanitization
+  sanitizeForContext,
 };

package/scripts/flow-knowledge-router.js

@@ -303,10 +303,16 @@ ${correction}
 `;
 
   content += entry;
-  fs.writeFileSync(decisionsPath, content);
 
-  // Sync to .claude/rules/ for Claude Code integration
-  syncDecisionsToRules();
+  // Route through orchestrator for locking and dedup
+  try {
+    const { writeToDecisions } = require('./flow-learning-orchestrator');
+    await writeToDecisions({ content, entryText: correction.slice(0, 100), caller: 'flow-knowledge-router', skipDedup: false, syncRules: true });
+  } catch (_err) {
+    // Fallback to direct write if orchestrator unavailable
+    fs.writeFileSync(decisionsPath, content);
+    syncDecisionsToRules();
+  }
 
   return {
     success: true,