- Full pipeline with capability_routing: true returns capability-scored decision
- capability_routing: false falls back to tier-only with no capabilityScores
- Single eligible model (pinned) skips scoring and uses tier-only
- Unknown model gets uniform score of 50 and competes in scoring
- capabilityOverrides change scoring outcome in scoreEligibleModels
- capabilityOverrides pass through resolveModelForComplexity to STEP 2
- Regression guards: routing disabled, unknown model, no-downgrade-needed all pass
- All 51 tests pass (42 existing + 9 new integration)
- Fire pi.emitBeforeModelSelect() in selectAndApplyModel before resolveModelForComplexity
- Hook override bypasses capability scoring entirely with tier-only selectionMethod
- Verbose output shows capability-scored breakdown: model scores sorted descending
- Add loadCapabilityOverrides() to model-router.ts for deep-merge with built-in profiles
- Extend resolveModelForComplexity signature with optional capabilityOverrides parameter
- Pass capabilityOverrides through to scoreEligibleModels in STEP 2
- Add before_model_select handler registration inside registerHooks()
- Handler returns undefined (no override) to let capability scoring proceed
- Comment references ADR-004 for traceability
- Serves as documentation and ensures event type is registered for Plan 05 wiring
- Add BeforeModelSelectEvent interface and BeforeModelSelectResult type to types.ts
- Add on('before_model_select') subscription overload to ExtensionAPI interface
- Add emitBeforeModelSelect() method to ExtensionAPI interface and ExtensionRuntimeState
- Implement emitBeforeModelSelect() on ExtensionRunner using invokeHandlers (first-override-wins)
- Bind runner's emitBeforeModelSelect into shared runtime at construction time
- Wire emitBeforeModelSelect delegation through createExtensionAPI in loader.ts
- Pass unitType and classification.taskMetadata as 5th and 6th args to resolveModelForComplexity
- Completes end-to-end data pipeline: classifier extracts metadata, attaches to ClassificationResult, auto-model-selection passes through to router for capability scoring
- Add unitType and taskMetadata optional params to resolveModelForComplexity
- Replace findModelForTier with getEligibleModels for multi-model eligible set
- Insert STEP 2 scoring block: activates when capability_routing enabled, eligible.length > 1, unitType provided
- Add buildFallbackChain helper to deduplicate fallback assembly logic
- Scoring returns capability-scored selectionMethod with capabilityScores and taskRequirements
- Single-model and zero-model paths fall through to tier-only behavior
- All 42 existing tests pass unchanged (backward compat via optional params)
- Add taskMetadata?: TaskMetadata to ClassificationResult in complexity-classifier.ts
- Add taskMetadata?: TaskMetadata to ClassificationResult in types.ts (duplicate interface)
- Export extractTaskMetadata() so it can be imported by model-router.ts
- Refactor classifyUnitComplexity() to extract metadata once for execute-task (eliminates double-extraction at adaptive learning step)
- Populate taskMetadata field on ClassificationResult for execute-task units
- Set taskMetadata: undefined explicitly on hook unit fast-path
Add 102 integration tests across two new files covering state machine
edge cases, runtime failures, and boundary conditions not exercised
by the existing live-validation suite.
Closes#3498
The existing repairToolJson only handles YAML bullet lists (#2660).
Two additional malformation patterns from smaller models now cause
tool call failures and stuck retry loops:
1. XML parameter tags mixed into JSON values (#3403):
LLMs (especially Haiku-class) sometimes emit hybrid XML/JSON
syntax like <parameter name="X">value</parameter> inside
JSON string values. Add stripXmlParameterTags() to remove
the tags while preserving content.
2. Truncated numeric values (#3464):
Smaller models emit incomplete numbers like "exitCode": -,
or "durationMs": , when values are cut off mid-generation.
Add repairTruncatedNumbers() to replace these with 0.
Both repairs run before the existing YAML bullet repair phase.
The AJV validation layer (coerceTypes: true) then handles any
remaining string-to-number coercion.
Adds 13 new tests covering detection and repair for both patterns.
Closes#3464, closes#3403, addresses #3369
* feat: add stop/backtrack capture classifications for milestone regression (#3487)
Adds 4-layer methodology for halting auto-mode and backtracking to
previous milestones when captures indicate the user wants to stop or
that a milestone missed critical features:
1. Type layer: "stop" and "backtrack" classification types in captures.ts
2. Guard layer: pre-dispatch stop check in runGuards() pauses auto-mode
before the next unit dispatches
3. Resolution layer: executeBacktrack() writes BACKTRACK-TRIGGER.md and
milestone regression markers for state machine detection
4. Protection layer: revertExecutorResolvedCaptures() detects and reverts
captures silenced by non-triage agents (resolved without classification)
Also adds fast-path stop detection in auto-post-unit.ts that pattern-matches
pending capture text for stop keywords without waiting for triage.
Closes#3487
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add slice-level skip with gsd_skip_slice tool (#3477)
Adds "skipped" as a closed status alongside "complete" and "done":
- status-guards.ts: isClosedStatus() recognizes "skipped"
- state.ts: isStatusDone() recognizes "skipped"
- gsd-db.ts: getActiveSliceFromDb() skips slices with status "skipped"
- db-tools.ts: new gsd_skip_slice tool for rethink and manual use
- rethink.md: added "Skip a slice" operation to rethink prompt
- rethink.ts: buildRethinkData shows skipped slice counts
Skipped slices satisfy dependencies for downstream slices, allowing
auto-mode to advance past them. Slice data is preserved for reference.
Relates to #3477
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve 4 issues found in adversarial review of PR #3488
1. triage-ui.ts: Restore stop/backtrack entries in CLASSIFICATION_LABELS
and ALL_CLASSIFICATIONS — the Record<Classification, ...> type requires
all union members, and runtime lookups would crash on stop/backtrack.
Also auto-confirm stop/backtrack in the triage confirmation flow
(matching the triage-captures.md prompt directive).
2. triage-resolution.ts: Replace require("node:fs") in clearBacktrackTrigger
with ESM import of unlinkSync — consistent with the rest of the codebase.
3. auto-post-unit.ts: Anchor STOP_PATTERN regex to start-of-string (^) to
prevent false positives on captures like "add a pause button" or "stop
the timer from re-rendering" which are feature descriptions, not halt
directives.
4. status-guards.test.ts: Add missing test case for isClosedStatus("skipped")
to cover the new status value.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update tool-naming test count for gsd_skip_slice
The new gsd_skip_slice tool (no alias) brings the total from 29 to 30.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* docs: add context optimization design spec, implementation plan, and pi-layer research
- Spec: 6-change design for GSD extension context optimization
- Plan: 9-task TDD implementation plan with exact file paths and code
- Pi-layer doc: 10 infrastructure opportunities (research only, not planned)
Part of #3171, #3406, #3452, #3433.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(context): add observation masking for auto-mode sessions
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(context): add phase handoff anchors for auto-mode
Introduces PhaseAnchor read/write utilities so downstream agents can
inherit decisions, blockers, and intent written at phase boundaries
without re-inferring from conversation history.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(context): add capability-aware model routing and context management preferences
Implement ADR-004 Phase 2 capability scoring with 7-dimension model
profiles, task requirement vectors, and weighted scoring. Add
ContextManagementConfig preferences for observation masking thresholds.
Wire capability scoring into auto-model-selection dispatch path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(context): wire observation masking, phase anchors, and tool truncation
Register observation masker in before_provider_request hook to replace
old tool results with placeholders during auto-mode. Add tool result
truncation (configurable via context_management.tool_result_max_chars).
Inject phase handoff anchors into prompt builders so downstream phases
inherit decisions from research/planning. Write anchors after successful
phase completion. Update ADR-004 status to Implemented.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove internal planning artifacts from PR
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: add capability routing, observation masking, and context management
Update dynamic-model-routing.md with capability-aware scoring section.
Update token-optimization.md with observation masking, tool truncation,
and phase handoff anchor documentation. Update configuration.md with
context_management preference block and capability_routing flag.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Merge branch 'main' into feat/gsd-context-optimization
* fix: add context_management to known keys and prevent tool truncation state corruption
- Add missing 'context_management' to KNOWN_PREFERENCE_KEYS set so users
don't get spurious unknown-key warnings when configuring it.
- Replace in-place mutation of tool result content with immutable spread
to prevent corrupting shared conversation message objects.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add stop and backtrack to triage-ui classification labels
The Classification type gained stop and backtrack variants from main
but triage-ui.ts was not updated, causing a TypeScript build failure.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: context masker and tool truncation operate on correct pi-ai message format
The observation masker and tool result truncation in before_provider_request
were checking m.type === "toolResult" but the actual pi-ai payload uses
m.role === "toolResult" with content as TextContent[] arrays (not strings).
bashExecution messages are converted to {role:"user"} by convertToLlm before
the hook fires, so checking m.type === "bashExecution" was a no-op.
- Fix context-masker to match on role, handle array content, detect bash
results by their "Ran `" prefix
- Fix register-hooks truncation to operate on role:"toolResult" with
array content blocks
- Update tests to use correct pi-ai LLM payload format
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
tryRemoteQuestions was gated behind if (!ctx.hasUI), so Telegram/Slack/
Discord were never contacted when GSD ran with a terminal UI. The test
message sent during setup always worked (direct API call, no guard), which
made the feature appear configured but non-functional in practice.
Move the remote call before the hasUI guard so configured channels fire
regardless of UI availability. When no remote channel is configured,
tryRemoteQuestions returns null and the local UI is used as before.
Adds a source-level regression test asserting that tryRemoteQuestions is
called before the !ctx.hasUI branch.
Closes#3480
Verified with AI.
Explicit model changes aborted the active backoff sleep but left already-queued retry callbacks alive. That let stale provider retries continue after a user or runtime model switch, which could keep surfacing the old provider's backoff errors in the new session state.
Cancel the full retry generation on explicit model switches by clearing queued continue callbacks in RetryHandler, then cover the behavior with regression tests for both the session switch ordering and the queued-retry cancellation path.
The TUI slash dispatcher started treating any unrecognized /command as handled before session.prompt() could resolve extension commands, prompt templates, or /skill:* inputs. That blocked valid non-builtin slash commands and also let /export swallow unrelated /export* prefixes.
Move unknown-command detection to the interactive entry points, allow only known builtins or session-resolved slash commands through, gate /skill:* on the skill-command setting, and tighten /export matching to exact command tokens.
Move regression tests and override tests from standalone files into
the existing test files introduced by PR #666:
- resolve-config-value.test.ts: add REGRESSION #666 describe block
and setAllowedCommandPrefixes override tests
- url-utils.test.ts: add REGRESSION #666 describe block and
setFetchAllowedUrls override tests
- Delete: regression-666.test.ts, resolve-config-value-override.test.ts,
url-utils-override.test.ts
Same 59 tests, fewer files, tests live next to the code they test.
Two regression tests that prove the bug introduced by PR #666:
1. Non-default credential tool (sops) is silently blocked by the
hardcoded SAFE_COMMAND_PREFIXES with no way to override.
2. Private IP URL is silently blocked by isBlockedUrl() with no
way to allowlist.
Both tests use dynamic import to check for the override functions,
so they run cleanly on both main (where they fail) and this branch
(where they pass). Verified in a git worktree of main.
- custom-models.md: add Command Allowlist section under Value Resolution
explaining the restriction, default list, and how to override via
allowedCommandPrefixes setting or GSD_ALLOWED_COMMAND_PREFIXES env var
- configuration.md: add URL Blocking (fetch_page) section documenting
what's blocked by default, why, and how to allowlist specific hosts
via fetchAllowedUrls setting or GSD_FETCH_ALLOWED_URLS env var
- configuration.md: add both env vars to the Environment Variables table
PR #666 introduced hardcoded SAFE_COMMAND_PREFIXES and SSRF URL
blocklists with no override mechanism. Users with non-standard
credential tools (sops, doppler, age, infisical) or needing to fetch
from internal URLs (self-hosted docs, VPN services) were silently
blocked with no recourse.
Add two global-only settings (ignored in project-level settings.json
to preserve the security property against malicious repos):
- allowedCommandPrefixes: replaces the built-in command allowlist
- fetchAllowedUrls: exempts hostnames from SSRF blocking
Both also support env var overrides (GSD_ALLOWED_COMMAND_PREFIXES,
GSD_FETCH_ALLOWED_URLS) for CI/container environments. Env vars
take precedence over settings.json.
Security model: global-only keys are stripped from project settings
at load time via stripGlobalOnlyKeys(), applied at all three
assignment points for this.projectSettings. The merge function
stays untouched — no future caller can accidentally skip stripping.
15 new tests covering override behavior, cache invalidation,
allowlist exemptions, and global-only enforcement.
Keep catch-all STREAM_RE from PR; upstream's 5-variant whack-a-mole is
superseded by the /in JSON at position \d+/ pattern. Also drop the now-
stale comment about checking stream before server/connection (no longer
needed since catch-all avoids those false-positive overlaps).
Satisfies CI require-tests gate by adding a test that verifies the
comprehensive pre-merge cleanup (step 7b) removes stale SQUASH_MSG and
MERGE_MSG files — the enhancement over the prior MERGE_HEAD-only cleanup.
https://claude.ai/code/session_01SSHD9RNwVGNxAJZEgNZpgZ
Main already had a simpler step 7c (removing only MERGE_HEAD). The PR's
step 7b is more thorough: it also removes SQUASH_MSG and MERGE_MSG,
matching the existing post-merge cleanup pattern. Replace 7c with 7b.
https://claude.ai/code/session_01SSHD9RNwVGNxAJZEgNZpgZ
Self-contained extension at src/resources/extensions/ollama/ that
auto-detects a running Ollama instance, discovers locally pulled models,
and registers them as a first-class provider with zero configuration.
Features:
- Auto-discovery of local models via /api/tags on session_start
- Capability detection (vision, reasoning, context window) for 40+ model families
- /ollama slash command with status, list, pull, remove, ps subcommands
- ollama_manage LLM-callable tool for agent-driven model operations
- Onboarding flow with auto-detect (no API key required)
- Non-blocking async probe — doesn't delay TUI paint
- Respects OLLAMA_HOST env var for non-default endpoints
Core changes (minimal):
- Add "ollama" to KnownProvider in pi-ai types
- Add "ollama" key resolution in env-api-keys.ts
- Add "ollama" default model in model-resolver.ts
- Add "Ollama (Local)" to onboarding wizard with probe flow
A pre-existing MERGE_HEAD (from failed prior merge, libgit2 native path,
or external tooling) blocks git merge --squash. Remove stale merge state
files before starting the squash merge, not just after.
When DB was available but empty, deriveState skipped deriveStateFromDb
entirely, bypassing the disk→DB sync logic. Milestones created outside
the DB write path were never discovered.
- Check HEAD~1 (newest snapshot) instead of resetTarget (pre-snapshot
base) for remote ancestry. The old check false-positived when the
remote was at the pre-snapshot base but snapshots were local-only.
- Re-run smartStage() after soft reset so RUNTIME_EXCLUSION_PATHS
apply to the absorbed commit. Without this, .gsd/ state files from
snapshot commits leaked into the real commit.
Adds a safety mechanism that detects uncommitted changes idle past a
configurable threshold (default: 30 min), auto-snapshots tracked files
using `git add -u`, and cleans up snapshot commits when real work lands.
- New `stale_uncommitted_changes` doctor issue with auto-snapshot fix
- Detection in health widget (60s), pre-dispatch gate, and /gsd doctor
- `nativeAddTracked()` stages only tracked files (no secrets/binaries)
- `absorbSnapshotCommits()` squashes `gsd snapshot:` commits into next
real autoCommit via soft reset + re-commit
- Configurable via `stale_commit_threshold_minutes` preference (0=off)
- Add extension-manifest.ts and extension-sort.ts to pi-coding-agent
with manifest reading and Kahn's BFS topological sort algorithm
- Add extensionPathsTransform hook to DefaultResourceLoader that runs
between path merging and loadExtensions() — enables pre-load
filtering and reordering without modifying pi internals
- Wire GSD's buildResourceLoader() to provide a transform that:
1. Filters ALL extensions (including community) through the GSD registry
2. Sorts in topological dependency order via sortExtensionPaths()
- Mark discoverAndLoadExtensions() as @deprecated (dead code path)
- Add 16 tests covering manifest reading, dependency sorting, cycles,
missing deps, and non-array deps
Previously, dependencies.extensions in manifests was decorative (sort
existed but was never called), and gsd extensions disable only worked
for bundled extensions. Community extensions in ~/.gsd/agent/extensions/
bypassed the registry entirely.
