wolverine-ai 4.1.0 → 4.3.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolverine-ai",
-  "version": "4.1.0",
+  "version": "4.3.0",
   "description": "Self-healing Node.js server framework powered by AI. Catches crashes, diagnoses errors, generates fixes, verifies, and restarts — automatically.",
   "main": "src/index.js",
   "bin": {

package/src/agent/agent-engine.js

@@ -289,6 +289,76 @@ const TOOL_DEFINITIONS = [
     },
   },
   // ── COMPLETION ──
+  {
+    type: "function",
+    function: {
+      name: "check_memory",
+      description: "Check system and process memory usage. Returns RSS, heap, free system memory, and whether memory pressure is detected.",
+      parameters: { type: "object", properties: {}, required: [] },
+    },
+  },
+  {
+    type: "function",
+    function: {
+      name: "list_processes",
+      description: "List running Node.js processes. Useful for finding zombie/orphan processes or port conflicts.",
+      parameters: { type: "object", properties: {}, required: [] },
+    },
+  },
+  {
+    type: "function",
+    function: {
+      name: "check_logs",
+      description: "Read recent log output. Returns the last N lines from the server's log source.",
+      parameters: {
+        type: "object",
+        properties: {
+          lines: { type: "number", description: "Number of lines to return (default: 50)" },
+          filter: { type: "string", description: "Optional grep filter pattern" },
+        },
+        required: [],
+      },
+    },
+  },
+  {
+    type: "function",
+    function: {
+      name: "restart_service",
+      description: "Trigger a graceful server restart. Use after applying fixes that require a process restart to take effect.",
+      parameters: { type: "object", properties: {}, required: [] },
+    },
+  },
+  {
+    type: "function",
+    function: {
+      name: "check_network",
+      description: "Check network connectivity: DNS resolution, port availability, and external service reachability.",
+      parameters: {
+        type: "object",
+        properties: {
+          host: { type: "string", description: "Hostname to check DNS for (optional)" },
+          port: { type: "number", description: "Port to check availability (optional)" },
+          url: { type: "string", description: "URL to check reachability (optional)" },
+        },
+        required: [],
+      },
+    },
+  },
+  {
+    type: "function",
+    function: {
+      name: "inspect_env",
+      description: "List environment variable names (NOT values) that are set. Checks if required vars exist without exposing secrets.",
+      parameters: {
+        type: "object",
+        properties: {
+          check: { type: "array", items: { type: "string" }, description: "Specific var names to check if set (optional)" },
+        },
+        required: [],
+      },
+    },
+  },
+  // ── TASK MANAGEMENT ──
   {
     type: "function",
     function: {
@@ -569,6 +639,12 @@ class AgentEngine {
       case "run_db_fix":    return this._runDbFix(args);
       case "audit_deps":    return this._auditDeps(args);
       case "check_migration": return this._checkMigration(args);
+      case "check_memory":  return this._checkMemory(args);
+      case "list_processes": return this._listProcesses(args);
+      case "check_logs":    return this._checkLogs(args);
+      case "restart_service": return this._restartService(args);
+      case "check_network": return this._checkNetwork(args);
+      case "inspect_env":   return this._inspectEnv(args);
       case "done":          return this._done(args);
       // Legacy aliases
       case "list_files":    return this._globFiles({ pattern: (args.dir || ".") + "/*" + (args.pattern || "") });
@@ -1062,6 +1138,112 @@ class AgentEngine {
     } catch (e) { return { content: `Migration check error: ${e.message}` }; }
   }
 
+  // ── SERVER DIAGNOSTICS ──
+
+  _checkMemory() {
+    const os = require("os");
+    const mem = process.memoryUsage();
+    const totalMB = Math.round(os.totalmem() / 1048576);
+    const freeMB = Math.round(os.freemem() / 1048576);
+    const usedPct = Math.round((1 - os.freemem() / os.totalmem()) * 100);
+    const lines = [
+      `Process RSS: ${Math.round(mem.rss / 1048576)}MB`,
+      `Process Heap: ${Math.round(mem.heapUsed / 1048576)}MB / ${Math.round(mem.heapTotal / 1048576)}MB`,
+      `Process External: ${Math.round(mem.external / 1048576)}MB`,
+      `System: ${freeMB}MB free / ${totalMB}MB total (${usedPct}% used)`,
+      usedPct > 90 ? "⚠️ MEMORY PRESSURE DETECTED — system above 90% usage" : "✅ Memory OK",
+    ];
+    return { content: lines.join("\n") };
+  }
+
+  _listProcesses() {
+    try {
+      const cmd = process.platform === "win32"
+        ? 'tasklist /FI "IMAGENAME eq node.exe" /FO CSV /NH'
+        : "ps aux | grep -E 'node|PID' | grep -v grep";
+      const output = execSync(cmd, { encoding: "utf-8", timeout: 5000 }).trim();
+      return { content: output || "(no node processes found)" };
+    } catch (e) { return { content: `Error listing processes: ${e.message}` }; }
+  }
+
+  _checkLogs(args) {
+    const lines = args.lines || 50;
+    const filter = args.filter || "";
+    try {
+      let cmd;
+      if (process.platform === "win32") {
+        cmd = `powershell -c "Get-Content -Tail ${lines} .wolverine\\events.log"`;
+      } else {
+        // Try journalctl first (systemd), fall back to log file
+        cmd = `journalctl -u wolverine --no-pager -n ${lines} 2>/dev/null || tail -n ${lines} .wolverine/events.log 2>/dev/null || echo 'No logs found'`;
+      }
+      if (filter) cmd += ` | grep -i '${filter.replace(/'/g, "'\\''")}'`;
+      const output = execSync(cmd, { encoding: "utf-8", timeout: 10000, cwd: this.cwd }).trim();
+      return { content: output.slice(0, 4000) || "(empty)" };
+    } catch (e) { return { content: `Error reading logs: ${e.message}` }; }
+  }
+
+  _restartService() {
+    // Signal the parent wolverine process to restart the child server
+    // We can't directly restart — but we can signal via a file that the runner checks
+    try {
+      const restartFlag = path.join(this.cwd, ".wolverine", "restart-requested");
+      fs.writeFileSync(restartFlag, Date.now().toString(), "utf-8");
+      return { content: "Restart requested. The server will restart after this heal completes." };
+    } catch (e) { return { content: `Error requesting restart: ${e.message}` }; }
+  }
+
+  _checkNetwork(args) {
+    const results = [];
+    try {
+      // DNS check
+      if (args.host) {
+        try {
+          const dns = require("dns");
+          const addresses = execSync(`node -e "require('dns').resolve('${args.host.replace(/'/g, "")}', (e,a) => console.log(e ? 'FAIL:'+e.code : a.join(',')))"`, { encoding: "utf-8", timeout: 5000 }).trim();
+          results.push(`DNS ${args.host}: ${addresses}`);
+        } catch (e) { results.push(`DNS ${args.host}: FAILED — ${e.message}`); }
+      }
+      // Port check
+      if (args.port) {
+        try {
+          const portCmd = process.platform === "win32"
+            ? `netstat -ano | findstr ":${args.port}"`
+            : `ss -tlnp | grep ":${args.port}" || echo "port ${args.port} is free"`;
+          const portResult = execSync(portCmd, { encoding: "utf-8", timeout: 3000 }).trim();
+          results.push(`Port ${args.port}: ${portResult || "free"}`);
+        } catch { results.push(`Port ${args.port}: free (nothing listening)`); }
+      }
+      // URL reachability
+      if (args.url) {
+        try {
+          const urlResult = execSync(`node -e "require('${args.url.startsWith('https') ? 'https' : 'http'}').get('${args.url.replace(/'/g, "")}', r => { console.log(r.statusCode); r.resume(); }).on('error', e => console.log('FAIL:'+e.code))"`, { encoding: "utf-8", timeout: 10000 }).trim();
+          results.push(`URL ${args.url}: ${urlResult}`);
+        } catch (e) { results.push(`URL ${args.url}: FAILED — ${e.message}`); }
+      }
+      if (results.length === 0) results.push("Provide host, port, or url to check.");
+      return { content: results.join("\n") };
+    } catch (e) { return { content: `Network check error: ${e.message}` }; }
+  }
+
+  _inspectEnv(args) {
+    if (args.check && Array.isArray(args.check)) {
+      const results = args.check.map(v => `${v}: ${process.env[v] ? "SET (" + process.env[v].length + " chars)" : "NOT SET"}`);
+      return { content: results.join("\n") };
+    }
+    // List all env var names (not values) grouped by category
+    const keys = Object.keys(process.env).sort();
+    const wolverine = keys.filter(k => /^WOLVERINE|^PORT$|^NODE_ENV$/i.test(k));
+    const apiKeys = keys.filter(k => /KEY|SECRET|TOKEN|PASSWORD|AUTH/i.test(k));
+    const other = keys.filter(k => !wolverine.includes(k) && !apiKeys.includes(k));
+    const lines = [
+      `Wolverine vars (${wolverine.length}): ${wolverine.join(", ") || "none"}`,
+      `Secret vars (${apiKeys.length}): ${apiKeys.map(k => k + "=" + (process.env[k] ? "SET" : "MISSING")).join(", ") || "none"}`,
+      `Total env vars: ${keys.length}`,
+    ];
+    return { content: lines.join("\n") };
+  }
+
   _done(args) {
     console.log(chalk.green(`    ✅ Agent done: ${args.summary}`));
     if (this.logger) {

package/src/brain/brain.js

@@ -66,7 +66,7 @@ const SEED_DOCS = [
     metadata: { topic: "verification" },
   },
   {
-    text: "Wolverine multi-file agent: turn-limited agent loop with 18 tools across 7 categories. Turn budget adapts to error type: simple (TypeError)=4, config/ENOENT=5, complex=8. Each AI call has 45s timeout via Promise.race — prevents indefinite hangs. If timeout occurs mid-fix, partial results returned. FILE: read_file (offset/limit), write_file (creates dirs), edit_file (find-and-replace), glob_files (pattern search), grep_code (regex with context), list_dir (directory listing with sizes), move_file (rename/relocate). SHELL: bash_exec (30s default, 60s cap), git_log, git_diff. DATABASE: inspect_db (tables/schema/SELECT on SQLite), run_db_fix (UPDATE/DELETE/ALTER with auto-backup). DIAGNOSTICS: check_port (find what uses a port), check_env (env vars, values redacted). DEPS: audit_deps (full npm health check), check_migration (known upgrade paths). RESEARCH: web_fetch (10s timeout). CONTROL: done. Prompt emphasizes fast action: fix immediately when solution is obvious, investigate only when cause unclear.",
+    text: "Wolverine multi-file agent: turn-limited agent loop with 24 tools across 8 categories. Turn budget adapts to error type: simple (TypeError)=4, config/ENOENT=5, complex=8. Each AI call has 90s timeout via Promise.race. FILE: read_file, write_file, edit_file, glob_files, grep_code, list_dir, move_file. SHELL: bash_exec (30s default, 60s cap), git_log, git_diff. DATABASE: inspect_db (tables/schema/SELECT on SQLite), run_db_fix (UPDATE/DELETE/ALTER with auto-backup). DIAGNOSTICS: check_port, check_env, check_memory (RSS/heap/system with OOM detection), list_processes (find zombie/orphan node processes), check_logs (read recent journalctl/log file), check_network (DNS/port/URL reachability), inspect_env (list env var names without values, check if required vars exist). SERVER: restart_service (request graceful restart after fix). DEPS: audit_deps, check_migration. RESEARCH: web_fetch. CONTROL: done.",
     metadata: { topic: "agent" },
   },
   {
@@ -110,7 +110,7 @@ const SEED_DOCS = [
     metadata: { topic: "sub-agent-workflow" },
   },
   {
-    text: "Sub-agent tool restrictions: explore gets read_file/glob/grep/git_log/git_diff/list_dir/check_env/check_port/inspect_db/audit_deps. plan gets read_file/glob/grep/list_dir/inspect_db/check_env/audit_deps/check_migration/search_brain. fix gets read_file/write_file/edit_file/glob/grep/bash_exec/move_file/run_db_fix/audit_deps. verify gets read_file/glob/grep/bash_exec/inspect_db/check_port. research gets read_file/grep/web_fetch/search_brain. security gets read_file/glob/grep/inspect_db. database gets read_file/write_file/edit_file/glob/grep/bash_exec/inspect_db/run_db_fix. Each type gets only the tools it needs.",
+    text: "Sub-agent tool restrictions: explore gets read_file/glob/grep/git_log/git_diff/list_dir/check_env/check_port/check_memory/check_network/list_processes/inspect_db/audit_deps. plan gets read_file/glob/grep/list_dir/inspect_db/check_env/inspect_env/audit_deps/check_migration. fix gets read_file/write_file/edit_file/glob/grep/bash_exec/move_file/run_db_fix/audit_deps/restart_service. verify gets read_file/glob/grep/bash_exec/inspect_db/check_port/check_memory/check_logs. research gets read_file/grep/web_fetch/check_logs. security gets read_file/glob/grep/inspect_db/inspect_env. database gets read_file/write_file/edit_file/glob/grep/bash_exec/inspect_db/run_db_fix. 24 tools total, each sub-agent type gets tools relevant to its role.",
     metadata: { topic: "sub-agent-tools" },
   },
   {

package/src/core/error-hook.js

@@ -34,7 +34,15 @@ Module._load = function (request, parent, isMain) {
       _hookFastify(instance);
       return instance;
     };
-    Object.keys(originalFastify).forEach((key) => { wrapped[key] = originalFastify[key]; });
+    // #23: Copy all own properties (including non-enumerable and symbols) to preserve prototype chain
+    for (const key of Object.getOwnPropertyNames(originalFastify)) {
+      if (key !== "length" && key !== "name" && key !== "prototype") {
+        try { wrapped[key] = originalFastify[key]; } catch {}
+      }
+    }
+    for (const sym of Object.getOwnPropertySymbols(originalFastify)) {
+      try { wrapped[sym] = originalFastify[sym]; } catch {}
+    }
     wrapped.default = wrapped; // ESM compat
     return wrapped;
   }
@@ -48,7 +56,15 @@ Module._load = function (request, parent, isMain) {
       _hookExpress(app);
       return app;
     };
-    Object.keys(originalExpress).forEach((key) => { wrapped[key] = originalExpress[key]; });
+    // #23: Copy all own properties (including non-enumerable and symbols)
+    for (const key of Object.getOwnPropertyNames(originalExpress)) {
+      if (key !== "length" && key !== "name" && key !== "prototype") {
+        try { wrapped[key] = originalExpress[key]; } catch {}
+      }
+    }
+    for (const sym of Object.getOwnPropertySymbols(originalExpress)) {
+      try { wrapped[sym] = originalExpress[sym]; } catch {}
+    }
     return wrapped;
   }
 
@@ -94,9 +110,13 @@ function _hookExpress(app) {
   // Wrap app.listen to inject error middleware AFTER all user middleware
   const originalListen = app.listen;
   app.listen = function (...args) {
-    app.use(function _wolverineErrorHook(err, req, res, next) {
-      _reportError(req.originalUrl || req.url, req.method, err);
-      next(err);
+    // #24: Use process.nextTick to ensure our error middleware is added AFTER
+    // any middleware registered synchronously after listen() is called
+    process.nextTick(() => {
+      app.use(function _wolverineErrorHook(err, req, res, next) {
+        _reportError(req.originalUrl || req.url, req.method, err);
+        next(err);
+      });
     });
     return originalListen.apply(this, args);
   };
@@ -114,7 +134,8 @@ function _reportError(url, method, error) {
     let file = null, line = null;
     if (error.stack) {
       for (const frame of error.stack.split("\n")) {
-        const m = frame.match(/\(([^)]+):(\d+):(\d+)\)/) || frame.match(/at\s+([^\s(]+):(\d+):(\d+)/);
+        // #25: Second regex uses (.+) instead of ([^\s(]+) to handle Windows paths with spaces
+        const m = frame.match(/\(([^)]+):(\d+):(\d+)\)/) || frame.match(/at\s+(.+):(\d+):(\d+)/);
         if (m && !m[1].includes("node_modules") && !m[1].includes("node:")) {
           file = m[1]; line = parseInt(m[2], 10); break;
         }

package/src/core/runner.js

@@ -284,7 +284,9 @@ class WolverineRunner {
     this._clearStabilityTimer();
     // Clear any pending heals — restart is a clean slate
     this._pendingErrorHeal = null;
-    this._healInProgress = false;
+    // #1: Don't clear _healInProgress here — only the heal function itself should clear it
+    // #6: Clear stale heal status so dashboard doesn't show phantom heals
+    this._healStatus = null;
 
     if (this.child) {
       const oldChild = this.child;
@@ -295,11 +297,9 @@ class WolverineRunner {
       const onExit = () => {
         if (spawned) return; // Prevent double-spawn from exit + force-kill timeout
         spawned = true;
+        // #7: Don't call _ensurePortFree() here — _spawn() already calls it
         // Give port time to fully release (TIME_WAIT)
-        setTimeout(() => {
-          this._ensurePortFree();
-          setTimeout(() => this._spawn(), 500);
-        }, 500);
+        setTimeout(() => this._spawn(), 500);
       };
 
       oldChild.removeAllListeners("exit");
@@ -314,7 +314,7 @@ class WolverineRunner {
         }
       }, 3000);
     } else {
-      this._ensurePortFree();
+      // #7: Don't call _ensurePortFree() here — _spawn() already calls it
       setTimeout(() => this._spawn(), 500);
     }
   }
@@ -394,7 +394,12 @@ class WolverineRunner {
       process.stderr.write(text);
     });
 
-    this._startStabilityTimer();
+    // #27: Only start stability timer if there's a backup to promote — don't clear
+    // an existing timer on every spawn (e.g., auto-update restart shouldn't reset
+    // the stability countdown for a previously healed backup)
+    if (this._lastBackupId) {
+      this._startStabilityTimer();
+    }
 
     // Start process monitor (memory, CPU, heartbeat)
     if (this.child && this.child.pid) {
@@ -418,32 +423,46 @@ class WolverineRunner {
     this.healthMonitor.stop();
     this.healthMonitor.reset();
     this.healthMonitor.start(async (reason) => {
-      if (this._healInProgress || !this.running) return;
-      console.log(chalk.red(`\n🚨 Health check triggered heal (reason: ${reason})`));
-      this.logger.error(EVENT_TYPES.HEALTH_UNRESPONSIVE, `Server unresponsive: ${reason}`, { reason });
-      this.healthMonitor.stop();
-
-      // Kill the hung process — remove exit listener to prevent double-heal
-      if (this.child) {
-        const pid = this.child.pid;
-        this.child.removeAllListeners("exit");
-        this._killProcessTree(pid, "SIGKILL");
-        this.child = null;
-      }
+      try {
+        if (this._healInProgress || !this.running) return;
+        // #26: Claim the heal lock immediately — prevents exit event from starting
+        // a concurrent heal between our check and the child kill below
+        this._healInProgress = true;
+        console.log(chalk.red(`\n🚨 Health check triggered heal (reason: ${reason})`));
+        this.logger.error(EVENT_TYPES.HEALTH_UNRESPONSIVE, `Server unresponsive: ${reason}`, { reason });
+        this.healthMonitor.stop();
+
+        // Kill the hung process — remove exit listener to prevent double-heal
+        if (this.child) {
+          const pid = this.child.pid;
+          this.child.removeAllListeners("exit");
+          this._killProcessTree(pid, "SIGKILL");
+          this.child = null;
+        }
 
-      // Synthesize error context for the heal pipeline
-      this._stderrBuffer = `Server became unresponsive. Health check failed: ${reason}\n` +
-        `The server was running but stopped responding to HTTP requests.\n` +
-        `Possible causes: infinite loop, deadlock, memory exhaustion, blocked event loop.`;
+        // Synthesize error context for the heal pipeline
+        this._stderrBuffer = `Server became unresponsive. Health check failed: ${reason}\n` +
+          `The server was running but stopped responding to HTTP requests.\n` +
+          `Possible causes: infinite loop, deadlock, memory exhaustion, blocked event loop.`;
 
-      this.retryCount++;
-      if (this.retryCount > this.maxRetries) {
-        console.log(chalk.red(`\n🛑 Max retries reached.`));
-        this._logRollbackHint();
-        this.running = false;
-        return;
+        this.retryCount++;
+        if (this.retryCount > this.maxRetries) {
+          console.log(chalk.red(`\n🛑 Max retries reached.`));
+          this._logRollbackHint();
+          this.running = false;
+          this._healInProgress = false;
+          return;
+        }
+        // Release lock so _healAndRestart can acquire it
+        this._healInProgress = false;
+        await this._healAndRestart();
+      } catch (err) {
+        // #5: Prevent unhandled errors in health callback from crashing the parent
+        console.log(chalk.red(`  ⚠️  Health callback error: ${err.message}`));
+        this._healInProgress = false;
+        this._healStatus = null;
+        if (this.running) this._spawn();
       }
-      await this._healAndRestart();
     });
 
     this.child.on("exit", async (code, signal) => {
@@ -541,6 +560,8 @@ class WolverineRunner {
 
   async _healAndRestart() {
     if (this._healInProgress) return;
+    // #9: Bail if stop() was called during the window between crash and heal
+    if (this._shuttingDown) return;
     this._healInProgress = true;
     this._healStatus = { active: true, error: this._stderrBuffer.slice(0, 200), phase: "diagnosing", startedAt: Date.now() };
 
@@ -567,6 +588,8 @@ class WolverineRunner {
     }
 
     try {
+      // #9: Check again before expensive heal — stop() may have been called during loop guard
+      if (this._shuttingDown) { this._healInProgress = false; return; }
       const result = await heal({
         stderr: this._stderrBuffer,
         cwd: this.cwd,
@@ -606,6 +629,8 @@ class WolverineRunner {
         this._healStatus = null;
         // Clear pending errors — the heal fixed the root cause, stale errors are irrelevant
         this._pendingErrorHeal = null;
+        // #9: Don't restart if stop() was called while heal was running
+        if (this._shuttingDown) return;
         // Use restart() to properly kill old child before spawning — prevents EADDRINUSE
         this.restart();
       } else {
@@ -673,6 +698,15 @@ class WolverineRunner {
     }
     this._healInProgress = true;
 
+    // #8: Safety timeout — if heal hangs, force-release the lock after 6 minutes
+    const healTimeout = setTimeout(() => {
+      if (this._healInProgress) {
+        console.log(chalk.red(`  ⚠️  _healFromError safety timeout (6min) — releasing heal lock`));
+        this._healInProgress = false;
+        this._healStatus = null;
+      }
+    }, 360000);
+
     console.log(chalk.yellow(`\n🐺 Wolverine healing caught error on ${routePath}...`));
     this._healStatus = { active: true, route: routePath, error: errorDetails?.message?.slice(0, 200), phase: "diagnosing", startedAt: Date.now() };
     this.logger.info("heal.error_monitor", `Healing caught 500 on ${routePath}`, { route: routePath });
@@ -727,6 +761,7 @@ class WolverineRunner {
         routeContext: { path: routePath, method: errorDetails?.method },
       });
 
+      clearTimeout(healTimeout);
       if (result.healed) {
         console.log(chalk.green(`\n🐺 Wolverine healed ${routePath} via ${result.mode}! Restarting...\n`));
         this.retryCount = 0; // Fresh start after successful heal
@@ -748,6 +783,7 @@ class WolverineRunner {
         this._healStatus = null;
       }
     } catch (err) {
+      clearTimeout(healTimeout);
       console.log(chalk.red(`\n🐺 Error during heal: ${err.message}`));
       this._healInProgress = false;
       this._healStatus = null;

package/src/core/verifier.js

@@ -23,6 +23,8 @@ const BOOT_PROBE_TIMEOUT_MS = 10000; // 10 seconds
  */
 function syntaxCheck(scriptPath) {
   return new Promise((resolve) => {
+    // #21: Guard against double resolve from exit + error firing in sequence
+    let settled = false;
     const child = spawn("node", ["--check", scriptPath], {
       stdio: ["ignore", "ignore", "pipe"],
       timeout: 5000,
@@ -32,6 +34,8 @@ function syntaxCheck(scriptPath) {
     child.stderr.on("data", (data) => { stderr += data.toString(); });
 
     child.on("exit", (code) => {
+      if (settled) return;
+      settled = true;
       resolve({
         valid: code === 0,
         error: code !== 0 ? stderr.trim() : undefined,
@@ -39,6 +43,8 @@ function syntaxCheck(scriptPath) {
     });
 
     child.on("error", (err) => {
+      if (settled) return;
+      settled = true;
       resolve({ valid: false, error: err.message });
     });
   });
@@ -71,6 +77,8 @@ function bootProbe(scriptPath, cwd, originalErrorSignature) {
     child.on("exit", (code) => {
       if (settled) return;
       settled = true;
+      // #19: Always ensure the child is killed after settling (handles orphan sub-processes)
+      try { child.kill("SIGTERM"); } catch {}
 
       if (code === 0) {
         resolve({ status: "alive" });
@@ -101,6 +109,8 @@ function bootProbe(scriptPath, cwd, originalErrorSignature) {
     child.on("error", (err) => {
       if (settled) return;
       settled = true;
+      // #19: Always ensure the child is killed after settling
+      try { child.kill("SIGTERM"); } catch {}
       resolve({ status: "crashed", stderr: err.message, sameError: false, exitCode: null });
     });
 
@@ -192,9 +202,10 @@ async function verifyFix(scriptPath, cwd, originalErrorSignature, routeContext)
     const relPath = path.relative(cwd, changedFile).replace(/\\/g, "/");
     if (relPath.startsWith("server/") && relPath.endsWith(".js")) {
       try {
-        const { execSync } = require("child_process");
+        const { execFileSync } = require("child_process");
+        // #22: Use execFileSync with args array to prevent path injection via relPath
         const testCode = `try{require('./${relPath}');console.log('MODULE_OK')}catch(e){console.error(e.message);process.exit(1)}`;
-        const out = execSync(`node -e "${testCode}"`, {
+        const out = execFileSync("node", ["-e", testCode], {
           cwd, timeout: 5000, encoding: "utf-8",
           env: { ...process.env, NODE_PATH: path.join(cwd, "node_modules") },
         });
@@ -237,6 +248,14 @@ function routeProbe(scriptPath, cwd, routeContext) {
     child.stdout.on("data", (d) => { stdout += d.toString(); });
     child.stderr.on("data", (d) => { stderr += d.toString(); });
 
+    // #20: Handle spawn errors (e.g., node binary not found)
+    child.on("error", (err) => {
+      clearInterval(checkPort);
+      if (settled) return;
+      settled = true;
+      resolve({ status: "failed", statusCode: 0, body: err.message });
+    });
+
     child.on("exit", () => {
       if (settled) return;
       settled = true;

package/src/core/wolverine.js

@@ -165,7 +165,7 @@ async function _healImpl({ stderr, cwd, sandbox, notifier, rateLimiter, backupMa
   // 4c. Pre-heal operational fix — detect common non-code errors
   // Some crashes aren't code bugs (missing npm packages, missing config files).
   // Fix these directly without wasting AI tokens.
-  const opsFix = await tryOperationalFix(parsed, cwd, logger);
+  const opsFix = await tryOperationalFix(parsed, cwd, logger, sandbox);
   if (opsFix.fixed) {
     console.log(chalk.green(`  ⚡ Operational fix applied: ${opsFix.action}`));
     if (logger) logger.info(EVENT_TYPES.HEAL_SUCCESS, `Operational fix: ${opsFix.action}`, { action: opsFix.action });
@@ -297,8 +297,15 @@ async function _healImpl({ stderr, cwd, sandbox, notifier, rateLimiter, backupMa
     goal: `Fix: ${parsed.errorMessage.slice(0, 80)}`,
 
     onAttempt: async (iteration, researchCtx, priorAttempts) => {
-      // Create backup for this attempt
-      const bid = backupManager.createBackup(`heal attempt ${iteration}: ${parsed.errorMessage.slice(0, 60)}`);
+      // #12: Create backup for this attempt — if backup fails, skip the attempt entirely
+      let bid;
+      try {
+        bid = backupManager.createBackup(`heal attempt ${iteration}: ${parsed.errorMessage.slice(0, 60)}`);
+      } catch (backupErr) {
+        console.log(chalk.red(`  ⚠️  Backup creation failed: ${backupErr.message} — skipping attempt`));
+        if (logger) logger.error(EVENT_TYPES.BACKUP_CREATED, `Backup failed: ${backupErr.message}`);
+        return { healed: false, explanation: `Backup creation failed: ${backupErr.message}` };
+      }
       backupManager.setErrorSignature(bid, errorSignature);
       if (logger) logger.info(EVENT_TYPES.BACKUP_CREATED, `Backup ${bid} (iteration ${iteration})`, { backupId: bid });
 
@@ -532,7 +539,7 @@ async function _healImpl({ stderr, cwd, sandbox, notifier, rateLimiter, backupMa
  * Try to fix common operational errors without AI.
  * Returns { fixed: boolean, action: string }
  */
-async function tryOperationalFix(parsed, cwd, logger) {
+async function tryOperationalFix(parsed, cwd, logger, sandbox) {
   const { execSync } = require("child_process");
   const msg = parsed.errorMessage || "";
 
@@ -565,9 +572,14 @@ async function tryOperationalFix(parsed, cwd, logger) {
 
     // Only auto-create if it's inside the project and looks like a config/data file
     const rel = path.relative(cwd, missingFile).replace(/\\/g, "/");
-    if (!rel.startsWith("..") && /\.(json|yaml|yml|toml|ini|conf|cfg|env|log|txt|csv|db|sqlite)$/i.test(missingFile)) {
+    // #18: Validate through sandbox to prevent creating files outside allowed paths
+    let safePath = missingFile;
+    if (sandbox) {
+      try { safePath = sandbox.resolve(missingFile); } catch { safePath = null; }
+    }
+    if (safePath && !rel.startsWith("..") && /\.(json|yaml|yml|toml|ini|conf|cfg|env|log|txt|csv|db|sqlite)$/i.test(missingFile)) {
       try {
-        fs.mkdirSync(path.dirname(missingFile), { recursive: true });
+        fs.mkdirSync(path.dirname(safePath), { recursive: true });
         const ext = path.extname(missingFile).toLowerCase();
 
         // For JSON config files, try to infer expected structure from the code or error message
@@ -600,7 +612,7 @@ async function tryOperationalFix(parsed, cwd, logger) {
           content = defaults[ext] || "";
         }
 
-        fs.writeFileSync(missingFile, content, "utf-8");
+        fs.writeFileSync(safePath, content, "utf-8");
         console.log(chalk.blue(`  📄 Created missing file: ${rel}`));
         return { fixed: true, action: `Created missing file: ${rel} with ${content === "{}" ? "empty" : "inferred"} config` };
       } catch {}
@@ -659,10 +671,13 @@ function _inferJsonConfig(missingFile, cwd, parsed) {
   const sourceFile = parsed.filePath;
   if (!sourceFile) return null;
 
+  // #17: Escape all regex special characters in basename to prevent regex injection
+  const escapedBasename = basename.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+
   try {
     const source = fs.readFileSync(sourceFile, "utf-8");
     // Look for property accesses on the loaded config: config.apiUrl, config.timeout, etc.
-    const configVarMatch = source.match(new RegExp(`(?:const|let|var)\\s+(\\w+)\\s*=\\s*(?:require|JSON\\.parse).*${basename.replace(".", "\\.")}`));
+    const configVarMatch = source.match(new RegExp(`(?:const|let|var)\\s+(\\w+)\\s*=\\s*(?:require|JSON\\.parse).*${escapedBasename}`));
     if (!configVarMatch) return null;
 
     const varName = configVarMatch[1];