From 424825f8cb5eabec9524280a32fb99101afd9e9f Mon Sep 17 00:00:00 2001 From: bellman Date: Thu, 14 May 2026 17:08:06 +0900 Subject: [PATCH] task: G001 human board and docs rendering Render the canonical CC2 board into a human-readable review artifact while preserving worker-1's generated schema as the source of truth.\n\nConstraint: leader owns Ultragoal state; .omx/ultragoal was not mutated.\nRejected: hand-editing board.md without a renderer | it would make coverage drift harder to validate.\nConfidence: high\nScope-risk: narrow\nDirective: regenerate board.md with .omx/cc2/render_board_md.py after board.json changes.\nTested: python3 .omx/cc2/render_board_md.py .omx/cc2/board.json .omx/cc2/board.md --check; python3 -m py_compile .omx/cc2/render_board_md.py; cargo check --workspace; cargo test --workspace (fails one unrelated lifecycle test).\nNot-tested: cargo test --workspace is not fully green because tests::session_lifecycle_prefers_running_process_over_idle_shell fails persistently in rusty-claude-cli without touching Rust sources. --- .omx/cc2/board.json | 2 +- .omx/cc2/board.md | 7433 ++++------------------------------- .omx/cc2/render_board_md.py | 250 ++ 3 files changed, 1091 insertions(+), 6594 deletions(-) create mode 100755 .omx/cc2/render_board_md.py diff --git a/.omx/cc2/board.json b/.omx/cc2/board.json index da9a1832..ec508e68 100644 --- a/.omx/cc2/board.json +++ b/.omx/cc2/board.json @@ -7,7 +7,7 @@ "roadmap_headings_total": 124, "unmapped_roadmap_heading_lines": [] }, - "generated_at": "2026-05-14T08:01:51+00:00", + "generated_at": "2026-05-14T07:59:09+00:00", "generation_policy": { "release_buckets": [ "2.x_intake", diff --git a/.omx/cc2/board.md b/.omx/cc2/board.md index a0c89e27..8c4c41b8 100644 --- a/.omx/cc2/board.md +++ b/.omx/cc2/board.md @@ -1,6595 +1,842 @@ # Claw Code 2.0 Canonical Board -Generated: `2026-05-14T08:01:51+00:00` -Roadmap SHA-256 prefix: `2aba3315e52f3079` - -## Summary - -- Total items: **729** -- Roadmap headings covered: **124 / 124** -- Roadmap ordered actions covered: **542 / 542** - -### By lifecycle status - -- `active`: 73 -- `context`: 15 -- `deferred_with_rationale`: 9 -- `done_verify`: 313 -- `open`: 285 -- `rejected_not_claw`: 2 -- `stale_done`: 31 -- `superseded`: 1 - -### By release bucket - -- `2.x_intake`: 30 -- `alpha_blocker`: 240 -- `beta_adoption`: 417 -- `context`: 15 -- `ga_ecosystem`: 22 -- `post_2_0_research`: 3 -- `rejected_not_claw`: 2 - -## Board Items - -### CC2-RM-H0001-clawable-coding-harness-roadmap -- Title: Clawable Coding Harness Roadmap -- Source: `ROADMAP.md:L1` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0002-goal -- Title: Goal -- Source: `ROADMAP.md:L3` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0003-definition-of-clawable -- Title: Definition of "clawable" -- Source: `ROADMAP.md:L14` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0004-current-pain-points -- Title: Current Pain Points -- Source: `ROADMAP.md:L25` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0005-1-session-boot-is-fragile -- Title: 1. Session boot is fragile -- Source: `ROADMAP.md:L27` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `active` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0006-2-truth-is-split-across-layers -- Title: 2. Truth is split across layers -- Source: `ROADMAP.md:L32` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `active` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0007-3-events-are-too-log-shaped -- Title: 3. Events are too log-shaped -- Source: `ROADMAP.md:L39` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0008-4-recovery-loops-are-too-manual -- Title: 4. Recovery loops are too manual -- Source: `ROADMAP.md:L43` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0009-5-branch-freshness-is-not-enforced-enoug -- Title: 5. Branch freshness is not enforced enough -- Source: `ROADMAP.md:L51` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0010-6-plugin-mcp-failures-are-under-classifi -- Title: 6. Plugin/MCP failures are under-classified -- Source: `ROADMAP.md:L55` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `active` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0011-7-human-ux-still-leaks-into-claw-workflo -- Title: 7. Human UX still leaks into claw workflows -- Source: `ROADMAP.md:L58` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `active` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0012-product-principles -- Title: Product Principles -- Source: `ROADMAP.md:L61` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0013-roadmap -- Title: Roadmap -- Source: `ROADMAP.md:L71` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0014-phase-1-reliable-worker-boot -- Title: Phase 1 — Reliable Worker Boot -- Source: `ROADMAP.md:L73` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0015-1-ready-handshake-lifecycle-for-coding-w -- Title: 1. Ready-handshake lifecycle for coding workers -- Source: `ROADMAP.md:L75` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0016-1-5-first-prompt-acceptance-sla -- Title: 1.5. First-prompt acceptance SLA -- Source: `ROADMAP.md:L91` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0017-1-6-startup-no-evidence-evidence-bundle -- Title: 1.6. `startup-no-evidence` evidence bundle + classifier -- Source: `ROADMAP.md:L110` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0018-2-trust-prompt-resolver -- Title: 2. Trust prompt resolver -- Source: `ROADMAP.md:L124` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0019-3-structured-session-control-api -- Title: 3. Structured session control API -- Source: `ROADMAP.md:L132` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `sessions` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0020-3-5-boot-preflight-doctor-contract -- Title: 3.5. Boot preflight / doctor contract -- Source: `ROADMAP.md:L145` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0021-phase-2-event-native-clawhip-integration -- Title: Phase 2 — Event-Native Clawhip Integration -- Source: `ROADMAP.md:L162` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0022-4-canonical-lane-event-schema -- Title: 4. Canonical lane event schema -- Source: `ROADMAP.md:L164` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0023-4-5-session-event-ordering-terminal-stat -- Title: 4.5. Session event ordering + terminal-state reconciliation -- Source: `ROADMAP.md:L183` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `sessions` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0024-4-6-event-provenance-environment-labelin -- Title: 4.6. Event provenance / environment labeling -- Source: `ROADMAP.md:L197` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0025-4-7-session-identity-completeness-at-cre -- Title: 4.7. Session identity completeness at creation time -- Source: `ROADMAP.md:L211` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `sessions` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0026-4-8-duplicate-terminal-event-suppression -- Title: 4.8. Duplicate terminal-event suppression -- Source: `ROADMAP.md:L224` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0027-4-9-lane-ownership-scope-binding -- Title: 4.9. Lane ownership / scope binding -- Source: `ROADMAP.md:L238` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0028-4-10-nudge-acknowledgment-dedupe-contrac -- Title: 4.10. Nudge acknowledgment / dedupe contract -- Source: `ROADMAP.md:L252` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0029-4-11-stable-roadmap-id-assignment-for-ne -- Title: 4.11. Stable roadmap-id assignment for newly filed pinpoints -- Source: `ROADMAP.md:L266` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0030-4-12-roadmap-item-lifecycle-state-contra -- Title: 4.12. Roadmap item lifecycle state contract -- Source: `ROADMAP.md:L280` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0031-4-13-multi-message-report-atomicity -- Title: 4.13. Multi-message report atomicity -- Source: `ROADMAP.md:L294` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0032-4-14-cross-claw-pinpoint-dedupe-merge-co -- Title: 4.14. Cross-claw pinpoint dedupe / merge contract -- Source: `ROADMAP.md:L308` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0033-4-15-pinpoint-evidence-attachment-contra -- Title: 4.15. Pinpoint evidence attachment contract -- Source: `ROADMAP.md:L322` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0034-4-16-pinpoint-priority-severity-contract -- Title: 4.16. Pinpoint priority / severity contract -- Source: `ROADMAP.md:L336` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0035-4-17-pinpoint-to-implementation-handoff -- Title: 4.17. Pinpoint-to-implementation handoff contract -- Source: `ROADMAP.md:L350` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0036-4-18-report-backpressure-repetitive-summ -- Title: 4.18. Report backpressure / repetitive-summary collapse -- Source: `ROADMAP.md:L364` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0037-4-19-no-change-no-op-acknowledgment-cont -- Title: 4.19. No-change / no-op acknowledgment contract -- Source: `ROADMAP.md:L378` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0038-4-20-observation-freshness-staleness-age -- Title: 4.20. Observation freshness / staleness-age contract -- Source: `ROADMAP.md:L392` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0039-4-21-fact-hypothesis-confidence-labeling -- Title: 4.21. Fact / hypothesis / confidence labeling -- Source: `ROADMAP.md:L406` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0040-4-22-negative-evidence-searched-and-not -- Title: 4.22. Negative-evidence / searched-and-not-found contract -- Source: `ROADMAP.md:L420` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0041-4-23-field-level-delta-attribution -- Title: 4.23. Field-level delta attribution -- Source: `ROADMAP.md:L434` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0042-4-24-report-schema-versioning-compatibil -- Title: 4.24. Report schema versioning / compatibility contract -- Source: `ROADMAP.md:L448` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0043-4-25-consumer-capability-negotiation-for -- Title: 4.25. Consumer capability negotiation for structured reports -- Source: `ROADMAP.md:L462` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0044-4-26-self-describing-report-schema-surfa -- Title: 4.26. Self-describing report schema surface -- Source: `ROADMAP.md:L476` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0045-4-27-audience-specific-report-projection -- Title: 4.27. Audience-specific report projection -- Source: `ROADMAP.md:L490` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0046-4-28-canonical-report-identity-content-h -- Title: 4.28. Canonical report identity / content-hash anchor -- Source: `ROADMAP.md:L504` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0047-4-29-projection-invalidation-stale-view -- Title: 4.29. Projection invalidation / stale-view cache contract -- Source: `ROADMAP.md:L518` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0048-4-30-projection-time-redaction-sensitivi -- Title: 4.30. Projection-time redaction / sensitivity labeling -- Source: `ROADMAP.md:L532` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0049-4-31-redaction-provenance-policy-traceab -- Title: 4.31. Redaction provenance / policy traceability -- Source: `ROADMAP.md:L546` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0050-4-32-deterministic-projection-redaction -- Title: 4.32. Deterministic projection / redaction reproducibility -- Source: `ROADMAP.md:L560` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0051-4-33-projection-golden-fixture-regressio -- Title: 4.33. Projection golden-fixture / regression lock -- Source: `ROADMAP.md:L574` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0052-4-34-downstream-consumer-conformance-tes -- Title: 4.34. Downstream consumer conformance test contract -- Source: `ROADMAP.md:L588` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0053-4-35-provisional-status-dedupe-in-flight -- Title: 4.35. Provisional-status dedupe / in-flight acknowledgment suppression -- Source: `ROADMAP.md:L602` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0054-4-36-provisional-status-escalation-timeo -- Title: 4.36. Provisional-status escalation timeout -- Source: `ROADMAP.md:L616` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0055-4-37-policy-blocked-action-handoff -- Title: 4.37. Policy-blocked action handoff -- Source: `ROADMAP.md:L630` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0056-4-38-policy-exception-owner-approval-tok -- Title: 4.38. Policy exception / owner-approval token contract -- Source: `ROADMAP.md:L644` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0057-4-39-approval-token-replay-one-time-use -- Title: 4.39. Approval-token replay / one-time-use enforcement -- Source: `ROADMAP.md:L658` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0058-4-40-approval-token-delegation-execution -- Title: 4.40. Approval-token delegation / execution chain traceability -- Source: `ROADMAP.md:L672` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0059-4-41-token-optimization-repo-scope-guida -- Title: 4.41. Token-optimization / repo-scope guidance contract -- Source: `ROADMAP.md:L686` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0060-4-42-workspace-scope-weight-preview-toke -- Title: 4.42. Workspace-scope weight preview / token-risk preflight -- Source: `ROADMAP.md:L700` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0061-4-43-safer-scope-quick-apply-action -- Title: 4.43. Safer-scope quick-apply action -- Source: `ROADMAP.md:L714` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0062-4-44-5-ship-provenance-opacity-implement -- Title: 4.44.5. Ship/provenance opacity — IMPLEMENTED 2026-04-20 -- Source: `ROADMAP.md:L728` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0063-4-44-typed-error-envelope-contract-silen -- Title: 4.44. Typed-error envelope contract (Silent-state inventory roll-up) -- Source: `ROADMAP.md:L771` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0064-5-failure-taxonomy -- Title: 5. Failure taxonomy -- Source: `ROADMAP.md:L804` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0065-5-5-transport-outage-vs-lane-failure-bou -- Title: 5.5. Transport outage vs lane failure boundary -- Source: `ROADMAP.md:L822` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0066-6-actionable-summary-compression -- Title: 6. Actionable summary compression -- Source: `ROADMAP.md:L836` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0067-140-deprecated-permissionmode-migration -- Title: 140. Deprecated `permissionMode` migration silently downgrades `DangerFullAccess` to `WorkspaceWrite` -- Source: `ROADMAP.md:L847` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0068-137-model-alias-shorthand-regression-in -- Title: 137. Model-alias shorthand regression in test suite — bare alias parsing broken on `feat/134-135-session-identity` branch -- Source: `ROADMAP.md:L871` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `provider` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `provider_routing_contract_test` -- Deferral rationale: - -### CC2-RM-H0069-133-blocked-state-subphase-contract-was -- Title: 133. Blocked-state subphase contract (was §6.5) -- Source: `ROADMAP.md:L890` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0070-phase-3-branch-test-awareness-and-auto-r -- Title: Phase 3 — Branch/Test Awareness and Auto-Recovery -- Source: `ROADMAP.md:L912` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0071-7-stale-branch-detection-before-broad-ve -- Title: 7. Stale-branch detection before broad verification -- Source: `ROADMAP.md:L914` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0072-8-recovery-recipes-for-common-failures -- Title: 8. Recovery recipes for common failures -- Source: `ROADMAP.md:L922` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0073-8-5-recovery-attempt-ledger -- Title: 8.5. Recovery attempt ledger -- Source: `ROADMAP.md:L935` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0074-9-green-ness-contract -- Title: 9. Green-ness contract -- Source: `ROADMAP.md:L951` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0075-phase-4-claws-first-task-execution -- Title: Phase 4 — Claws-First Task Execution -- Source: `ROADMAP.md:L976` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `task_policy` / `stream_4_claws_first_execution` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0076-10-typed-task-packet-format -- Title: 10. Typed task packet format -- Source: `ROADMAP.md:L978` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `task_policy` / `stream_4_claws_first_execution` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0077-11-policy-engine-for-autonomous-coding -- Title: 11. Policy engine for autonomous coding -- Source: `ROADMAP.md:L993` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `task_policy` / `stream_4_claws_first_execution` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0078-12-claw-native-dashboards-lane-board -- Title: 12. Claw-native dashboards / lane board -- Source: `ROADMAP.md:L1003` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control, stream_2_event_reporting_contracts -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-H0079-12-5-running-state-liveness-heartbeat -- Title: 12.5. Running-state liveness heartbeat -- Source: `ROADMAP.md:L1018` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `task_policy` / `stream_4_claws_first_execution` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0080-phase-5-plugin-and-mcp-lifecycle-maturit -- Title: Phase 5 — Plugin and MCP Lifecycle Maturity -- Source: `ROADMAP.md:L1033` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `active` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0081-13-first-class-plugin-mcp-lifecycle-cont -- Title: 13. First-class plugin/MCP lifecycle contract -- Source: `ROADMAP.md:L1035` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `active` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0082-14-mcp-end-to-end-lifecycle-parity -- Title: 14. MCP end-to-end lifecycle parity -- Source: `ROADMAP.md:L1047` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `active` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0083-immediate-backlog-from-current-real-pain -- Title: Immediate Backlog (from current real pain) -- Source: `ROADMAP.md:L1062` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0084-deployment-architecture-gap-filed-from-d -- Title: Deployment Architecture Gap (filed from dogfood 2026-04-08) -- Source: `ROADMAP.md:L1131` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `active` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0085-workerstate-is-in-the-runtime-state-is-n -- Title: WorkerState is in the runtime; /state is NOT in opencode serve -- Source: `ROADMAP.md:L1133` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-H0086-startup-friction-gap-no-default-trusted -- Title: Startup Friction Gap: No Default trusted_roots in Settings (filed 2026-04-08) -- Source: `ROADMAP.md:L1150` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0087-every-lane-starts-with-manual-trust-baby -- Title: Every lane starts with manual trust babysitting unless caller explicitly passes roots -- Source: `ROADMAP.md:L1152` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `active` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0088-observability-transport-decision-filed-2 -- Title: Observability Transport Decision (filed 2026-04-08) -- Source: `ROADMAP.md:L1168` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0089-canonical-state-surface-cli-file-based-h -- Title: Canonical state surface: CLI/file-based. HTTP endpoint deferred. -- Source: `ROADMAP.md:L1170` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `deferred_with_rationale` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: Deferred by roadmap/approved plan until prerequisite contracts or post-2.0 research admission gates are satisfied. - -### CC2-RM-H0090-provider-routing-model-name-prefix-must -- Title: Provider Routing: Model-Name Prefix Must Win Over Env-Var Presence (fixed 2026-04-08, `0530c50`) -- Source: `ROADMAP.md:L1188` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0091-openai-gpt-4-1-mini-was-silently-misrout -- Title: `openai/gpt-4.1-mini` was silently misrouted to Anthropic when ANTHROPIC_API_KEY was set -- Source: `ROADMAP.md:L1190` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0092-pinpoint-122-doctor-invocation-does-not -- Title: Pinpoint #122. `doctor` invocation does not check stale-base condition; `run_stale_base_preflight()` is only invoked in Prompt + REPL paths -- Source: `ROADMAP.md:L5061` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-H0093-pinpoint-135-claw-status-json-missing-ac -- Title: Pinpoint #135. `claw status --json` missing `active_session` boolean and `session.id` cross-reference — two surfaces that should be unified are inconsistent -- Source: `ROADMAP.md:L5088` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0094-pinpoint-134-no-run-correlation-id-at-se -- Title: Pinpoint #134. No run/correlation ID at session boundary — every observer must infer session identity from timing or prompt content -- Source: `ROADMAP.md:L5109` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0095-pinpoint-136-compact-flag-output-is-not -- Title: Pinpoint #136. `--compact` flag output is not machine-readable — compact turn emits plain text instead of JSON when `--output-format json` is also passed -- Source: `ROADMAP.md:L5125` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0096-pinpoint-138-dogfood-cycle-report-gate-o -- Title: Pinpoint #138. Dogfood cycle report-gate opacity — nudge surface collapses "bundle converged", "follow-up landed", and "pre-existing flake only" into single closure shape -- Source: `ROADMAP.md:L5151` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0097-evidence-for-138-feat-134-135-session-id -- Title: Evidence for #138 — feat/134-135-session-identity branch is pushed but no PR was opened (2026-04-21 15:05) -- Source: `ROADMAP.md:L5191` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-H0098-pinpoint-139-claw-state-error-message-re -- Title: Pinpoint #139. `claw state` error message refers to "worker" concept that is not discoverable via `--help` or any documented command — error is unactionable for claws and CI -- Source: `ROADMAP.md:L5226` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-H0099-pinpoint-141-claw-subcommand-help-has-5 -- Title: Pinpoint #141. `claw --help` has 5 different behaviors — inconsistent help surface breaks discoverability -- Source: `ROADMAP.md:L5278` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-H0100-pinpoint-142-claw-init-output-format-jso -- Title: Pinpoint #142. `claw init --output-format json` dumps human text into `message` — no structured fields for created/skipped files -- Source: `ROADMAP.md:L5333` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0101-pinpoint-143-claw-status-hard-fails-on-m -- Title: Pinpoint #143. `claw status` hard-fails on malformed MCP config; `claw doctor` degrades gracefully — inconsistent contract around partial config breakage -- Source: `ROADMAP.md:L5400` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `open` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0102-pinpoint-144-claw-mcp-hard-fails-on-malf -- Title: Pinpoint #144. `claw mcp` hard-fails on malformed MCP config — same surface inconsistency as #143, one command over -- Source: `ROADMAP.md:L5486` (`roadmap_heading`) -- Bucket/status: `ga_ecosystem` / `open` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-H0103-pinpoint-145-claw-plugins-subcommand-not -- Title: Pinpoint #145. `claw plugins` subcommand not wired to CLI parser — word gets treated as a prompt, hits Anthropic API -- Source: `ROADMAP.md:L5551` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `provider` / `stream_0_governance` -- Dependencies: none -- Verification: `provider_routing_contract_test` -- Deferral rationale: - -### CC2-RM-H0104-pinpoint-146-claw-config-and-claw-diff-a -- Title: Pinpoint #146. `claw config` and `claw diff` are pure-local introspection commands but require `--resume SESSION.jsonl` wrapping -- Source: `ROADMAP.md:L5609` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0105-pinpoint-147-claw-claw-silently-fall-thr -- Title: Pinpoint #147. `claw ""` / `claw " "` silently fall through to prompt-execution path; empty-prompt guard is subcommand-only -- Source: `ROADMAP.md:L5650` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-H0106-pinpoint-148-claw-status-json-shows-reso -- Title: Pinpoint #148. `claw status` JSON shows resolved model but not raw input or source — post-hoc "why did my --model flag behave this way?" requires re-reading argv -- Source: `ROADMAP.md:L5696` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `provider` / `stream_0_governance` -- Dependencies: none -- Verification: `provider_routing_contract_test` -- Deferral rationale: - -### CC2-RM-H0107-same-resolved-value-can-come-from-three -- Title: Same resolved value can come from three different sources; -- Source: `ROADMAP.md:L5709` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0108-json-envelope-gives-no-way-to-distinguis -- Title: JSON envelope gives no way to distinguish. -- Source: `ROADMAP.md:L5710` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0109-pinpoint-149-runtime-config-tests-valida -- Title: Pinpoint #149. `runtime::config::tests::validates_unknown_top_level_keys_with_line_and_field_name` flakes under parallel workspace test runs -- Source: `ROADMAP.md:L5739` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-H0110-pinpoint-150-resume-latest-restores-the -- Title: Pinpoint #150. `resume_latest_restores_the_most_recent_managed_session` flakes due to symlink/canonicalization mismatch -- Source: `ROADMAP.md:L5797` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0111-pinpoint-246-reminder-cron-outcome-ambig -- Title: Pinpoint #246. Reminder cron outcome ambiguity — no structured feedback on nudge delivery/skip/timeout -- Source: `ROADMAP.md:L5824` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0112-pinpoint-151-workspace-fingerprint-path -- Title: Pinpoint #151. `workspace_fingerprint` path-equivalence contract gap (product, not just test) -- Source: `ROADMAP.md:L5851` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-H0113-pinpoint-152-diagnostic-verb-suffixes-al -- Title: Pinpoint #152. Diagnostic verb suffixes allow arbitrary positional args, emit double "error:" prefix -- Source: `ROADMAP.md:L5904` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0114-pinpoint-153-readme-usage-missing-add-bi -- Title: Pinpoint #153. README/USAGE missing "add binary to PATH" and "verify install" bridge -- Source: `ROADMAP.md:L5924` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-H0115-pinpoint-154-model-syntax-error-doesn-t -- Title: Pinpoint #154. Model syntax error doesn't hint at env var when multiple credentials present -- Source: `ROADMAP.md:L5953` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `provider` / `stream_0_governance` -- Dependencies: none -- Verification: `provider_routing_contract_test` -- Deferral rationale: - -### CC2-RM-H0116-pinpoint-155-usage-md-missing-docs-for-u -- Title: Pinpoint #155. USAGE.md missing docs for `/ultraplan`, `/teleport`, `/bughunter` commands -- Source: `ROADMAP.md:L5979` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `docs_license` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-H0117-pinpoint-156-error-classification-for-te -- Title: Pinpoint #156. Error classification for text-mode output (Phase 2 of #77) -- Source: `ROADMAP.md:L6018` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `governance` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0118-pinpoint-157-structured-remediation-regi -- Title: Pinpoint #157. Structured remediation registry for error hints (Phase 3 of #77 / §4.44) -- Source: `ROADMAP.md:L6033` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `governance` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0119-pinpoint-158-compact-messages-if-needed -- Title: Pinpoint #158. `compact_messages_if_needed` drops turns silently — no structured compaction event emitted -- Source: `ROADMAP.md:L6062` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0120-pinpoint-159-run-turn-loop-hardcodes-emp -- Title: Pinpoint #159. `run_turn_loop` hardcodes empty denied_tools — permission denials silently absent from multi-turn sessions -- Source: `ROADMAP.md:L6094` (`roadmap_heading`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0121-pinpoint-160-session-store-has-no-list-s -- Title: Pinpoint #160. `session_store` has no `list_sessions`, `delete_session`, or `session_exists` — claw cannot enumerate or clean up sessions without filesystem hacks -- Source: `ROADMAP.md:L6123` (`roadmap_heading`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-H0122-asdict-dataclass-load-session-save-sessi -- Title: ['asdict', 'dataclass', 'load_session', 'save_session'] -- Source: `ROADMAP.md:L6133` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0123-list-sessions-delete-session-session-exi -- Title: list_sessions, delete_session, session_exists — all absent -- Source: `ROADMAP.md:L6134` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-H0124-works-today-breaks-if-the-dir-layout-eve -- Title: Works today, breaks if the dir layout ever changes — no abstraction layer -- Source: `ROADMAP.md:L6141` (`roadmap_heading`) -- Bucket/status: `context` / `context` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `none_context_only` -- Deferral rationale: - -### CC2-RM-A0001-state-machine-first-every-worker-has-exp -- Title: **State machine first** — every worker has explicit lifecycle states. -- Source: `ROADMAP.md:L63` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-A0002-events-over-scraped-prose-channel-output -- Title: **Events over scraped prose** — channel output should be derived from typed events. -- Source: `ROADMAP.md:L64` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `schema_golden_fixture_or_consumer_contract_test` -- Deferral rationale: - -### CC2-RM-A0003-recovery-before-escalation-known-failure -- Title: **Recovery before escalation** — known failure modes should auto-heal once before asking for help. -- Source: `ROADMAP.md:L65` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0004-branch-freshness-before-blame-detect-sta -- Title: **Branch freshness before blame** — detect stale branches before treating red tests as new regressions. -- Source: `ROADMAP.md:L66` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-A0005-partial-success-is-first-class-e-g-mcp-s -- Title: **Partial success is first-class** — e.g. MCP startup can succeed for some servers and fail for others, with structured degraded-mode reporting. -- Source: `ROADMAP.md:L67` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `open` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-A0006-terminal-is-transport-not-truth-tmux-tui -- Title: **Terminal is transport, not truth** — tmux/TUI may remain implementation details, but orchestration state must live above them. -- Source: `ROADMAP.md:L68` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `open` -- Category/lane: `ux_tui` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0007-policy-is-executable-merge-retry-rebase -- Title: **Policy is executable** — merge, retry, rebase, stale cleanup, and escalation rules should be machine-enforced. -- Source: `ROADMAP.md:L69` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `git_fixture_or_recovery_recipe_test` -- Deferral rationale: - -### CC2-RM-A0008-locate-git-push-origin-branch-command-ex -- Title: Locate `git push origin ` command execution(s) in `main.rs`, `tools/lib.rs`, or `worker_boot.rs` -- Source: `ROADMAP.md:L763` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0009-intercept-before-after-push-emit-ship-pr -- Title: Intercept before/after push: emit `ship.prepared` (before merge), `ship.commits_selected` (lock range), `ship.merged` (after merge), `ship.pushed_main` (after push to origin/main) -- Source: `ROADMAP.md:L764` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0010-capture-real-metadata-source-branch-comm -- Title: Capture real metadata: `source_branch`, `commit_range`, `merge_method`, `actor`, `pr_number` -- Source: `ROADMAP.md:L765` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0011-route-events-to-lane-event-stream -- Title: Route events to lane event stream -- Source: `ROADMAP.md:L766` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0012-verify-claw-state-output-surfaces-ship-p -- Title: Verify `claw state` output surfaces ship provenance -- Source: `ROADMAP.md:L767` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0013-isolate-render-diff-report-tests-into-tm -- Title: Isolate `render_diff_report` tests into tmpdir — **done**: `render_diff_report_for()` tests run in temp git repos instead of the live working tree, and targeted `cargo test -p rusty-claude-cli render_diff_report -- --nocapture` now stays green during branch/worktree activity -- Source: `ROADMAP.md:L1067` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0014-expand-github-ci-from-single-crate-cover -- Title: Expand GitHub CI from single-crate coverage to workspace-grade verification — **done**: `.github/workflows/rust-ci.yml` now runs `cargo test --workspace` plus fmt/clippy at the workspace level -- Source: `ROADMAP.md:L1068` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `governance` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0015-add-release-grade-binary-workflow-done-g -- Title: Add release-grade binary workflow — **done**: `.github/workflows/release.yml` now builds tagged Rust release artifacts for the CLI -- Source: `ROADMAP.md:L1069` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0016-add-container-first-test-run-docs-done-c -- Title: Add container-first test/run docs — **done**: `Containerfile` + `docs/container.md` document the canonical Docker/Podman workflow for build, bind-mount, and `cargo test --workspace` usage -- Source: `ROADMAP.md:L1070` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0017-surface-doctor-preflight-diagnostics-in -- Title: Surface `doctor` / preflight diagnostics in onboarding docs and help — **done**: README + USAGE now put `claw doctor` / `/doctor` in the first-run path and point at the built-in preflight report -- Source: `ROADMAP.md:L1071` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0018-automate-branding-source-of-truth-residu -- Title: Automate branding/source-of-truth residue checks in CI — **done**: `.github/scripts/check_doc_source_of_truth.py` and the `doc-source-of-truth` CI job now block stale repo/org/invite residue in tracked docs and metadata -- Source: `ROADMAP.md:L1072` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `docs_license` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0019-eliminate-warning-spam-from-first-run-he -- Title: Eliminate warning spam from first-run help/build path — **done**: current `cargo run -q -p rusty-claude-cli -- --help` renders clean help output without a warning wall before the product surface -- Source: `ROADMAP.md:L1073` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0020-promote-doctor-from-slash-only-to-top-le -- Title: Promote `doctor` from slash-only to top-level CLI entrypoint — **done**: `claw doctor` is now a local shell entrypoint with regression coverage for direct help and health-report output -- Source: `ROADMAP.md:L1074` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0021-make-machine-readable-status-commands-ac -- Title: Make machine-readable status commands actually machine-readable — **done**: `claw --output-format json status` and `claw --output-format json sandbox` now emit structured JSON snapshots instead of prose tables -- Source: `ROADMAP.md:L1075` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0022-unify-legacy-config-skill-namespaces-in -- Title: Unify legacy config/skill namespaces in user-facing output — **done**: skills/help JSON/text output now present `.claw` as the canonical namespace and collapse legacy roots behind `.claw`-shaped source ids/labels -- Source: `ROADMAP.md:L1076` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0023-honor-json-output-on-inventory-commands -- Title: Honor JSON output on inventory commands like `skills` and `mcp` — **done**: direct CLI inventory commands now honor `--output-format json` with structured payloads for both skills and MCP inventory -- Source: `ROADMAP.md:L1077` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `done_verify` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0024-audit-output-format-contract-across-the -- Title: Audit `--output-format` contract across the whole CLI surface — **done**: direct CLI commands now honor deterministic JSON/text handling across help/version/status/sandbox/agents/mcp/skills/bootstrap-plan/system-prompt/init/doctor, with regression coverage in `output_format_contract.rs` and resumed `/status` JSON coverage -- Source: `ROADMAP.md:L1078` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0025-worker-readiness-handshake-trust-resolut -- Title: Worker readiness handshake + trust resolution — **done**: `WorkerStatus` state machine with `Spawning` → `TrustRequired` → `ReadyForPrompt` → `PromptAccepted` → `Running` lifecycle, `trust_auto_resolve` + `trust_gate_cleared` gating -- Source: `ROADMAP.md:L1081` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0026-add-cross-module-integration-tests-done -- Title: Add cross-module integration tests — **done**: 12 integration tests covering worker→recovery→policy, stale_branch→policy, green_contract→policy, reconciliation flows -- Source: `ROADMAP.md:L1082` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0027-wire-lane-completion-emitter-done-lane-c -- Title: Wire lane-completion emitter — **done**: `lane_completion` module with `detect_lane_completion()` auto-sets `LaneContext::completed` from session-finished + tests-green + push-complete → policy closeout -- Source: `ROADMAP.md:L1083` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0028-wire-summarycompressor-into-the-lane-eve -- Title: Wire `SummaryCompressor` into the lane event pipeline — **done**: `compress_summary_text()` feeds into `LaneEvent::Finished` detail field in `tools/src/lib.rs` -- Source: `ROADMAP.md:L1084` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0029-worker-readiness-handshake-trust-resolut -- Title: Worker readiness handshake + trust resolution — **done**: `WorkerStatus` state machine with `Spawning` → `TrustRequired` → `ReadyForPrompt` → `PromptAccepted` → `Running` lifecycle, `trust_auto_resolve` + `trust_gate_cleared` gating -- Source: `ROADMAP.md:L1087` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0030-prompt-misdelivery-detection-and-recover -- Title: Prompt misdelivery detection and recovery — **done**: `prompt_delivery_attempts` counter, `PromptMisdelivery` event detection, `auto_recover_prompt_misdelivery` + `replay_prompt` recovery arm -- Source: `ROADMAP.md:L1088` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0031-canonical-lane-event-schema-in-clawhip-d -- Title: Canonical lane event schema in clawhip — **done**: `LaneEvent` enum with `Started/Blocked/Failed/Finished` variants, `LaneEvent::new()` typed constructor, `tools/src/lib.rs` integration -- Source: `ROADMAP.md:L1089` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0032-failure-taxonomy-blocker-normalization-d -- Title: Failure taxonomy + blocker normalization — **done**: `WorkerFailureKind` enum (`TrustGate/PromptDelivery/Protocol/Provider`), `FailureScenario::from_worker_failure_kind()` bridge to recovery recipes -- Source: `ROADMAP.md:L1090` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0033-stale-branch-detection-before-workspace -- Title: Stale-branch detection before workspace tests — **done**: `stale_branch.rs` module with freshness detection, behind/ahead metrics, policy integration -- Source: `ROADMAP.md:L1091` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `branch_recovery` / `stream_3_branch_test_recovery` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0034-mcp-structured-degraded-startup-reportin -- Title: MCP structured degraded-startup reporting — **done**: `McpManager` degraded-startup reporting (+183 lines in `mcp_stdio.rs`), failed server classification (startup/handshake/config/partial), structured `failed_servers` + `recovery_recommendations` in tool output -- Source: `ROADMAP.md:L1092` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `done_verify` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0035-structured-task-packet-format-done-task -- Title: Structured task packet format — **done**: `task_packet.rs` module with `TaskPacket` struct, validation, serialization, `TaskScope` resolution (workspace/module/single-file/custom), integrated into `tools/src/lib.rs` -- Source: `ROADMAP.md:L1093` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `task_policy` / `stream_4_claws_first_execution` -- Dependencies: stream_2_event_reporting_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0036-lane-board-machine-readable-status-api-d -- Title: Lane board / machine-readable status API — **done**: Lane completion hardening + `LaneContext::completed` auto-detection + MCP degraded reporting surface machine-readable state -- Source: `ROADMAP.md:L1094` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `done_verify` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0037-session-completion-failure-classificatio -- Title: **Session completion failure classification** — **done**: `WorkerFailureKind::Provider` + `observe_completion()` + recovery recipe bridge landed -- Source: `ROADMAP.md:L1095` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0038-config-merge-validation-gap-done-config -- Title: **Config merge validation gap** — **done**: `config.rs` hook validation before deep-merge (+56 lines), malformed entries fail with source-path context instead of merged parse errors -- Source: `ROADMAP.md:L1096` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0039-mcp-manager-discovery-flaky-test-done-ma -- Title: **MCP manager discovery flaky test** — **done**: `manager_discovery_report_keeps_healthy_servers_when_one_server_fails` now runs as a normal workspace test again after repeated stable passes, so degraded-startup coverage is no longer hidden behind `#[ignore]` -- Source: `ROADMAP.md:L1097` (`roadmap_action`) -- Bucket/status: `ga_ecosystem` / `done_verify` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0040-commit-provenance-worktree-aware-push-ev -- Title: **Commit provenance / worktree-aware push events** — **done**: `LaneCommitProvenance` now carries branch/worktree/canonical-commit/supersession metadata in lane events, and `dedupe_superseded_commit_events()` is applied before agent manifests are written so superseded commit events collapse to the latest canonical lineage -- Source: `ROADMAP.md:L1099` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `superseded` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: Superseded by a newer roadmap entry or canonical Rust/control-plane contract; keep only for audit traceability. - -### CC2-RM-A0041-orphaned-module-integration-audit-done-r -- Title: **Orphaned module integration audit** — **done**: `runtime` now keeps `session_control` and `trust_resolver` behind `#[cfg(test)]` until they are wired into a real non-test execution path, so normal builds no longer advertise dead clawability surface area. -- Source: `ROADMAP.md:L1100` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0042-context-window-preflight-gap-done-provid -- Title: **Context-window preflight gap** — **done**: provider request sizing now emits `context_window_blocked` before oversized requests leave the process, using a model-context registry instead of the old naive max-token heuristic. -- Source: `ROADMAP.md:L1101` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0043-subcommand-help-falls-through-into-runti -- Title: **Subcommand help falls through into runtime/API path** — **done**: `claw doctor --help`, `claw status --help`, `claw sandbox --help`, and nested `mcp`/`skills` help are now intercepted locally without runtime/provider startup, with regression tests covering the direct CLI paths. -- Source: `ROADMAP.md:L1102` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0044-session-state-classification-gap-working -- Title: **Session state classification gap (working vs blocked vs finished vs truly stale)** — **done**: agent manifests now derive machine states such as `working`, `blocked_background_job`, `blocked_merge_conflict`, `degraded_mcp`, `interrupted_transport`, `finished_pending_report`, and `finished_cleanable`, and terminal-state persistence records commit provenance plus derived state so downstream monitoring can distinguish quiet progress from truly idle sessions. -- Source: `ROADMAP.md:L1103` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0045-resumed-status-json-parity-gap-done-reso -- Title: **Resumed `/status` JSON parity gap** — **done**: resolved by the broader "Resumed local-command JSON parity gap" work tracked as #26 below. Re-verified on `main` HEAD `8dc6580` — `cargo test --release -p rusty-claude-cli resumed_status_command_emits_structured_json_when_requested` passes cleanly (1 passed, 0 failed), so resumed `/status --output-format json` now goes through the same structured renderer as the fresh CLI path. The original failure (`expected value at line 1 column 1` because resumed dispatch fell back to prose) no longer reproduces. -- Source: `ROADMAP.md:L1104` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0046-opaque-failure-surface-for-session-runti -- Title: **Opaque failure surface for session/runtime crashes** — **done**: `safe_failure_class()` in `error.rs` classifies all API errors into 8 user-safe classes (`provider_auth`, `provider_internal`, `provider_retry_exhausted`, `provider_rate_limit`, `provider_transport`, `provider_error`, `context_window`, `runtime_io`). `format_user_visible_api_error` in `main.rs` attaches session ID + request trace ID to every user-visible error. Coverage in `opaque_provider_wrapper_surfaces_failure_class_session_and_trace` and 3 related tests. -- Source: `ROADMAP.md:L1105` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0047-doctor-output-format-json-check-level-st -- Title: **`doctor --output-format json` check-level structure gap** — **done**: `claw doctor --output-format json` now keeps the human-readable `message`/`report` while also emitting structured per-check diagnostics (`name`, `status`, `summary`, `details`, plus typed fields like workspace paths and sandbox fallback data), with regression coverage in `output_format_contract.rs`. -- Source: `ROADMAP.md:L1106` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0048-plugin-lifecycle-init-shutdown-test-flak -- Title: **Plugin lifecycle init/shutdown test flakes under workspace-parallel execution** — dogfooding surfaced that `build_runtime_runs_plugin_lifecycle_init_and_shutdown` could fail under `cargo test --workspace` while passing in isolation because sibling tests raced on tempdir-backed shell init script paths. **Done (re-verified 2026-04-11):** the current mainline helpers now isolate plugin lifecycle temp resources robustly enough that both `cargo test -p rusty-claude-cli build_runtime_runs_plugin_lifecycle_init_and_shutdown -- --nocapture` and `cargo test -p plugins plugin_registry_runs_initialize_and_shutdown_for_enabled_plugins -- --nocapture` pass, and the current `cargo test --workspace` run includes both tests as green. Treat the old filing as stale unless a new parallel-execution repro appears. -- Source: `ROADMAP.md:L1107` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0049-plugins-hooks-collects-and-runs-hooks-fr -- Title: **`plugins::hooks::collects_and_runs_hooks_from_enabled_plugins` flaked on Linux CI, root cause was a stdin-write race not missing exec bit** — **done at `172a2ad` on 2026-04-08**. Dogfooding reproduced this four times on `main` (CI runs [24120271422](https://github.com/ultraworkers/claw-code/actions/runs/24120271422), [24120538408](https://github.com/ultraworkers/claw-code/actions/runs/24120538408), [24121392171](https://github.com/ultraworkers/claw-code/actions/runs/24121392171), [24121776826](https://github.com/ultraworkers/claw-code/actions/runs/24121776826)), escalating from first-attempt-flake to deterministic-red on the third push. Failure mode was `PostToolUse hook .../hooks/post.sh failed to start for "Read": Broken pipe (os error 32)` surfacing from `HookRunResult`. **Initial diagnosis was wrong.** The first theory (documented in earlier revisions of this entry and in the root-cause note on commit `79da4b8`) was that `write_hook_plugin` in `rust/crates/plugins/src/hooks.rs` was writing the generated `.sh` files without the execute bit and `Command::new(path).spawn()` was racing on fork/exec. An initial chmod-only fix at `4f7b674` was shipped against that theory and **still failed CI on run `24121776826`** with the same `Broken pipe` symptom, falsifying the chmod-only hypothesis. **Actual root cause.** `CommandWithStdin::output_with_stdin` in `rust/crates/plugins/src/hooks.rs` was unconditionally propagating `write_all` errors on the child's stdin pipe, including `std::io::ErrorKind::BrokenPipe`. The test hook scripts run in microseconds (`#!/bin/sh` + a single `printf`), so the child exits and closes its stdin before the parent finishes writing the ~200-byte JSON hook payload. On Linux the pipe raises `EPIPE` immediately; on macOS the pipe happens to buffer the small payload before the child exits, which is why the race only surfaced on ubuntu CI runners. The parent's `write_all` returned `Err(BrokenPipe)`, `output_with_stdin` returned that as a hook failure, and `run_command` classified the hook as "failed to start" even though the child had already run to completion and printed the expected message to stdout. **Fix (commit `172a2ad`, force-pushed over `4f7b674`).** Three parts: (1) **actual fix** — `output_with_stdin` now matches the `write_all` result and swallows `BrokenPipe` specifically, while propagating all other write errors unchanged; after a `BrokenPipe` swallow the code still calls `wait_with_output()` so stdout/stderr/exit code are still captured from the cleanly-exited child. (2) **hygiene hardening** — a new `make_executable` helper sets mode `0o755` on each generated `.sh` via `std::os::unix::fs::PermissionsExt` under `#[cfg(unix)]`. This is defense-in-depth for future non-sh hook runners, not the bug that was biting CI. (3) **regression guard** — new `generated_hook_scripts_are_executable` test under `#[cfg(unix)]` asserts each generated `.sh` file has at least one execute bit set (`mode & 0o111 != 0`) so future tweaks cannot silently regress the hygiene change. **Verification.** `cargo test --release -p plugins` 35 passing, fmt clean, clippy `-D warnings` clean; CI run [24121999385](https://github.com/ultraworkers/claw-code/actions/runs/24121999385) went green on first attempt on `main` for the hotfix commit. **Meta-lesson.** `Broken pipe (os error 32)` from a child-process spawn path is ambiguous between "could not exec" and "exec'd and exited before the parent finished writing stdin." The first theory cargo-culted the "could not exec" reading because the ROADMAP scaffolding anchored on the exec-bit guess; falsification came from empirical CI, not from code inspection. Record the pattern: when a pipe error surfaces on fork/exec, instrument what `wait_with_output()` actually reports on the child before attributing the failure to a permissions or issue. -- Source: `ROADMAP.md:L1108` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0050-resumed-local-command-json-parity-gap-do -- Title: **Resumed local-command JSON parity gap** — **done**: direct `claw --output-format json` already had structured renderers for `sandbox`, `mcp`, `skills`, `version`, and `init`, but resumed `claw --output-format json --resume /…` paths still fell back to prose because resumed slash dispatch only emitted JSON for `/status`. Resumed `/sandbox`, `/mcp`, `/skills`, `/version`, and `/init` now reuse the same JSON envelopes as their direct CLI counterparts, with regression coverage in `rust/crates/rusty-claude-cli/tests/resume_slash_commands.rs` and `rust/crates/rusty-claude-cli/tests/output_format_contract.rs`. -- Source: `ROADMAP.md:L1109` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0051-dev-rust-cargo-test-p-rusty-claude-cli-r -- Title: **`dev/rust` `cargo test -p rusty-claude-cli` reads host `~/.claude/plugins/installed/` from real `$HOME` and fails parse-time on any half-installed user plugin** — dogfooding on 2026-04-08 (filed from gaebal-gajae's clawhip bullet at message `1491322807026454579` after the provider-matrix branch QA surfaced it) reproduced 11 deterministic failures on clean `dev/rust` HEAD of the form `panicked at crates/rusty-claude-cli/src/main.rs:3953:31: args should parse: "hook path \`/Users/yeongyu/.claude/plugins/installed/sample-hooks-bundled/./hooks/pre.sh\` does not exist; hook path \`...\post.sh\` does not exist"` covering `parses_prompt_subcommand`, `parses_permission_mode_flag`, `defaults_to_repl_when_no_args`, `parses_resume_flag_with_slash_command`, `parses_system_prompt_options`, `parses_bare_prompt_and_json_output_flag`, `rejects_unknown_allowed_tools`, `parses_resume_flag_with_multiple_slash_commands`, `resolves_model_aliases_in_args`, `parses_allowed_tools_flags_with_aliases_and_lists`, `parses_login_and_logout_subcommands`. **Same failures do NOT reproduce on `main`** (re-verified with `cargo test --release -p rusty-claude-cli` against `main` HEAD `79da4b8`, all 156 tests pass). **Root cause is two-layered.** First, on `dev/rust` `parse_args` eagerly walks user-installed plugin manifests under `~/.claude/plugins/installed/` and validates that every declared hook script exists on disk before returning a `CliAction`, so any half-installed plugin in the developer's real `$HOME` (in this case `~/.claude/plugins/installed/sample-hooks-bundled/` whose `.claude-plugin` manifest references `./hooks/pre.sh` and `./hooks/post.sh` but whose `hooks/` subdirectory was deleted) makes argv parsing itself fail. Second, the test harness on `dev/rust` does not redirect `$HOME` or `XDG_CONFIG_HOME` to a fixture for the duration of the test — there is no `env_lock`-style guard equivalent to the one `main` already uses (`grep -n env_lock rust/crates/rusty-claude-cli/src/main.rs` returns 0 hits on `dev/rust` and 30+ hits on `main`). Together those two gaps mean `dev/rust` `cargo test -p rusty-claude-cli` is non-deterministic on every clean clone whose owner happens to have any non-pristine plugin in `~/.claude/`. **Action (two parts).** (a) Backport the `env_lock`-based test isolation pattern from `main` into `dev/rust`'s `rusty-claude-cli` test module so each test runs against a temp `$HOME`/`XDG_CONFIG_HOME` and cannot read host plugin state. (b) Decouple `parse_args` from filesystem hook validation on `dev/rust` (the same decoupling already on `main`, where hook validation happens later in the lifecycle than argv parsing) so even outside tests a partially installed user plugin cannot break basic CLI invocation. **Branch scope.** This is a `dev/rust` catchup against `main`, not a `main` regression. Tracking it here so the dev/rust merge train picks it up before the next dev/rust release rather than rediscovering it in CI. -- Source: `ROADMAP.md:L1110` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0052-auth-provider-truth-error-copy-fails-rea -- Title: **Auth-provider truth: error copy fails real users at the env-var-vs-header layer** — dogfooded live on 2026-04-08 in #claw-code (Sisyphus Labs guild), two separate new users hit adjacent failure modes within minutes of each other that both trace back to the same root: the `MissingApiKey` / 401 error surface does not teach users how the auth inputs map to HTTP semantics, so a user who sets a "reasonable-looking" env var still hits a hard error with no signpost. **Case 1 (varleg, Norway).** Wanted to use OpenRouter via the OpenAI-compat path. Found a comparison table claiming "provider-agnostic (Claude, OpenAI, local models)" and assumed it Just Worked. Set `OPENAI_API_KEY` to an OpenRouter `sk-or-v1-...` key and a model name without an `openai/` prefix; claw's provider detection fell through to Anthropic first because `ANTHROPIC_API_KEY` was still in the environment. Unsetting `ANTHROPIC_API_KEY` got them `ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY is not set` instead of a useful hint that the OpenAI path was right there. Fix delivered live as a channel reply: use `main` branch (not `dev/rust`), export `OPENAI_BASE_URL=https://openrouter.ai/api/v1` alongside `OPENAI_API_KEY`, and prefix the model name with `openai/` so the prefix router wins over env-var presence. **Case 2 (stanley078852).** Had set `ANTHROPIC_AUTH_TOKEN="sk-ant-..."` and was getting 401 `Invalid bearer token` from Anthropic. Root cause: `sk-ant-` keys are `x-api-key`-header keys, not bearer tokens. `ANTHROPIC_API_KEY` path in `anthropic.rs` sends the value as `x-api-key`; `ANTHROPIC_AUTH_TOKEN` path sends it as `Authorization: Bearer` (for OAuth access tokens from `claw login`). Setting an `sk-ant-` key in the wrong env var makes claw send it as `Bearer sk-ant-...` which Anthropic rejects at the edge with 401 before it ever reaches the completions endpoint. The error text propagated all the way to the user (`api returned 401 Unauthorized (authentication_error) ... Invalid bearer token`) with zero signal that the problem was env-var choice, not key validity. Fix delivered live as a channel reply: move the `sk-ant-...` key to `ANTHROPIC_API_KEY` and unset `ANTHROPIC_AUTH_TOKEN`. **Pattern.** Both cases are failures at the *auth-intent translation* layer: the user chose an env var that made syntactic sense to them (`OPENAI_API_KEY` for OpenAI, `ANTHROPIC_AUTH_TOKEN` for Anthropic auth) but the actual wire-format routing requires a more specific choice. The error messages surface the HTTP-layer symptom (401, missing-key) without bridging back to "which env var should you have used and why." **Action.** Three concrete improvements, scoped for a single `main`-side PR: (a) In `ApiError::MissingCredentials` Display, when the Anthropic path is the one being reported but `OPENAI_API_KEY`, `XAI_API_KEY`, or `DASHSCOPE_API_KEY` are present in the environment, extend the message with "— but I see `$OTHER_KEY` set; if you meant to use that provider, prefix your model name with `openai/`, `grok`, or `qwen/` respectively so prefix routing selects it." (b) In the 401-from-Anthropic error path in `anthropic.rs`, when the failing auth source is `BearerToken` AND the bearer token starts with `sk-ant-`, append "— looks like you put an `sk-ant-*` API key in `ANTHROPIC_AUTH_TOKEN`, which is the Bearer-header path. Move it to `ANTHROPIC_API_KEY` instead (that env var maps to `x-api-key`, which is the correct header for `sk-ant-*` keys)." Same treatment for OAuth access tokens landing in `ANTHROPIC_API_KEY` (symmetric mis-assignment). (c) In `rust/README.md` on `main` and the matrix section on `dev/rust`, add a short "Which env var goes where" paragraph mapping `sk-ant-*` → `ANTHROPIC_API_KEY` and OAuth access token → `ANTHROPIC_AUTH_TOKEN`, with the one-line explanation of `x-api-key` vs `Authorization: Bearer`. **Verification path.** Both improvements can be tested with unit tests against `ApiError::fmt` output (the prefix-routing hint) and with a targeted integration test that feeds an `sk-ant-*`-shaped token into `BearerToken` and asserts the fmt output surfaces the correction hint (no HTTP call needed). **Source.** Live users in #claw-code at `1491328554598924389` (varleg) and `1491329840706486376` (stanley078852) on 2026-04-08. **Partial landing (`ff1df4c`).** Action parts (a), (b), (c) shipped on `main`: `MissingCredentials` now carries an optional hint field and renders adjacent-provider signals, Anthropic 401 + `sk-ant-*` bearer gets a correction hint, USAGE.md has a "Which env var goes where" section. BUT the copy fix only helps users who fell through to the Anthropic auth path by accident — it does NOT fix the underlying routing bug where the CLI instantiates `AnthropicRuntimeClient` unconditionally and ignores prefix routing at the runtime-client layer. That deeper routing gap is tracked separately as #29 below and was filed within hours of #28 landing when live users still hit `missing Anthropic credentials` with `--model openai/gpt-4` and all `ANTHROPIC_*` env vars unset. -- Source: `ROADMAP.md:L1111` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0053-cli-provider-dispatch-is-hardcoded-to-an -- Title: **CLI provider dispatch is hardcoded to Anthropic, ignoring prefix routing** — **done at `8dc6580` on 2026-04-08**. Changed `AnthropicRuntimeClient.client` from concrete `AnthropicClient` to `ApiProviderClient` (the api crate's `ProviderClient` enum), which dispatches to Anthropic / xAI / OpenAi at construction time based on `detect_provider_kind(&resolved_model)`. 1 file, +59 −7, all 182 rusty-claude-cli tests pass, CI green at run `24125825431`. Users can now run `claw --model openai/gpt-4.1-mini prompt "hello"` with only `OPENAI_API_KEY` set and it routes correctly. **Original filing below for the trace record.** Dogfooded live on 2026-04-08 within hours of ROADMAP #28 landing. Users in #claw-code (nicma at `1491342350960562277`, Jengro at `1491345009021030533`) followed the exact "use main, set OPENAI_API_KEY and OPENAI_BASE_URL, unset ANTHROPIC_*, prefix the model with `openai/`" checklist from the #28 error-copy improvements AND STILL hit `error: missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY before calling the Anthropic API`. **Reproduction on `main` HEAD `ff1df4c`:** `unset ANTHROPIC_API_KEY ANTHROPIC_AUTH_TOKEN; export OPENAI_API_KEY=sk-...; export OPENAI_BASE_URL=https://api.openai.com/v1; claw --model openai/gpt-4 prompt 'test'` → reproduces the error deterministically. **Root cause (traced).** `rust/crates/rusty-claude-cli/src/main.rs` at `build_runtime_with_plugin_state` (line ~6221) unconditionally builds `AnthropicRuntimeClient::new(session_id, model, ...)` without consulting `providers::detect_provider_kind(&model)`. `BuiltRuntime` at line ~2855 is statically typed as `ConversationRuntime`, so even if the dispatch logic existed there would be nowhere to slot an alternative client. `providers/mod.rs::metadata_for_model` correctly identifies `openai/gpt-4` as `ProviderKind::OpenAi` at the metadata layer — the routing decision is *computed* correctly, it's just *never used* to pick a runtime client. The result is that the CLI is structurally single-provider (Anthropic only) even though the `api` crate's `openai_compat.rs`, `XAI_ENV_VARS`, `DASHSCOPE_ENV_VARS`, and `send_message_streaming` all exist and are exercised by unit tests inside the `api` crate. The provider matrix in `rust/README.md` is misleading because it describes the api-crate capabilities, not the CLI's actual dispatch behaviour. **Why #28 didn't catch this.** ROADMAP #28 focused on the `MissingCredentials` error *message* (adding hints when adjacent provider env vars are set, or when a bearer token starts with `sk-ant-*`). None of its tests exercised the `build_runtime` code path — they were all unit tests against `ApiError::fmt` output. The routing bug survives #28 because the `Display` improvements fire AFTER the hardcoded Anthropic client has already been constructed and failed. You need the CLI to dispatch to a different client in the first place for the new hints to even surface at the right moment. **Action (single focused commit).** (1) New `OpenAiCompatRuntimeClient` struct in `rust/crates/rusty-claude-cli/src/main.rs` mirroring `AnthropicRuntimeClient` but delegating to `openai_compat::send_message_streaming`. One client type handles OpenAI, xAI, DashScope, and any OpenAI-compat endpoint — they differ only in base URL and auth env var, both of which come from the `ProviderMetadata` returned by `metadata_for_model`. (2) New enum `DynamicApiClient { Anthropic(AnthropicRuntimeClient), OpenAiCompat(OpenAiCompatRuntimeClient) }` that implements `runtime::ApiClient` by matching on the variant and delegating. (3) Retype `BuiltRuntime` from `ConversationRuntime` to `ConversationRuntime`, update the Deref/DerefMut/new spots. (4) In `build_runtime_with_plugin_state`, call `detect_provider_kind(&model)` and construct either variant of `DynamicApiClient`. Prefix routing wins over env-var presence (that's the whole point). (5) Integration test using a mock OpenAI-compat server (reuse `mock_parity_harness` pattern from `crates/api/tests/`) that feeds `claw --model openai/gpt-4 prompt 'test'` with `OPENAI_BASE_URL` pointed at the mock and no `ANTHROPIC_*` env vars, asserts the request reaches the mock, and asserts the response round-trips as an `AssistantEvent`. (6) Unit test that `build_runtime_with_plugin_state` with `model="openai/gpt-4"` returns a `BuiltRuntime` whose inner client is the `DynamicApiClient::OpenAiCompat` variant. **Verification.** `cargo test --workspace`, `cargo fmt --all`, `cargo clippy --workspace`. **Source.** Live users nicma (`1491342350960562277`) and Jengro (`1491345009021030533`) in #claw-code on 2026-04-08, within hours of #28 landing. -- Source: `ROADMAP.md:L1112` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0054-immediate-backlog-visibility-gap-active -- Title: **Immediate-backlog visibility gap: active dogfood pinpoints are easy to rediscover because ROADMAP lacks a concise in-progress board** — dogfooding on 2026-04-21 surfaced a softer but recurring clawability failure: there are real active branches/sessions (`claw-code-issue-21-resumed-status-json`, `claw-code-issue-24-plugin-lifecycle-flake`, `claw-code-issue-33-xai-integration`), but a claw doing a fresh sweep still has to scrape tmux names, branch diffs, and long-form ROADMAP prose to answer a simple question: "what pinpoint is already active right now, and what delta is in flight?" The result is rediscovery churn, duplicate reporting, and weak handoff quality even when the actual engineering work is already moving. **Concrete gap.** `ROADMAP.md` has rich long-form entries and a large done/archive surface, but no compact machine-friendly `In Progress Now` section that binds `{roadmap_id, pinpoint, owner/session, branch, status, blocker}`. **Action.** Add a small top-of-file/current-work section (or generated JSON companion) that lists only active dogfood items with stable ids and lifecycle state, and require dogfood updates to reference that id when reporting progress. Minimum fields: item id, lifecycle state, current session/branch, one-line delta, blocker/none, last-updated timestamp. **Acceptance.** A fresh claw can answer "what is active now?" from one short section without scraping panes, and repeat dogfood nudges can distinguish `already in progress` from `new pinpoint` automatically. -- Source: `ROADMAP.md:L1113` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0055-phantom-completions-root-cause-global-se -- Title: **Phantom completions root cause: global session store has no per-worktree isolation** — -- Source: `ROADMAP.md:L1115` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0056-upstreaming-a-state-route-into-opencode -- Title: Upstreaming a `/state` route into opencode's HTTP server (requires a PR to sst/opencode), or -- Source: `ROADMAP.md:L1140` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `plugin_mcp` / `stream_5_plugin_mcp_lifecycle` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `plugin_mcp_lifecycle_contract_test` -- Deferral rationale: - -### CC2-RM-A0057-writing-a-sidecar-http-process-that-quer -- Title: Writing a sidecar HTTP process that queries the `WorkerRegistry` in-process (possible but fragile), or -- Source: `ROADMAP.md:L1141` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: - -### CC2-RM-A0058-writing-workerstatus-to-a-well-known-fil -- Title: Writing `WorkerStatus` to a well-known file path (`.claw/worker-state.json`) that an external observer can poll. -- Source: `ROADMAP.md:L1142` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0059-add-a-trusted-roots-field-to-runtimeconf -- Title: Add a `trusted_roots` field to `RuntimeConfig` (or a nested `[trust]` table), loaded via `ConfigLoader`. -- Source: `ROADMAP.md:L1161` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0060-in-workerregistry-spawn-worker-merge-con -- Title: In `WorkerRegistry::spawn_worker()`, merge config-level `trusted_roots` with any per-call overrides. -- Source: `ROADMAP.md:L1162` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0061-default-empty-list-safest-users-opt-in-b -- Title: Default: empty list (safest). Users opt in by adding their repo paths to settings. -- Source: `ROADMAP.md:L1163` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0062-update-config-validate-schema-with-the-n -- Title: Update `config_validate` schema with the new field. -- Source: `ROADMAP.md:L1164` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0063-after-workercreate-poll-claw-worker-stat -- Title: After `WorkerCreate`, poll `.claw/worker-state.json` (or run `claw state --output-format json`) in the worker's CWD at whatever interval makes sense (e.g. 5s). -- Source: `ROADMAP.md:L1182` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `deferred_with_rationale` -- Category/lane: `boot` / `stream_1_worker_boot_session_control` -- Dependencies: none -- Verification: `worker_boot_state_machine_or_cli_json_contract_test` -- Deferral rationale: Deferred by roadmap/approved plan until prerequisite contracts or post-2.0 research admission gates are satisfied. - -### CC2-RM-A0064-trust-seconds-since-update-60-in-trust-r -- Title: Trust `seconds_since_update > 60` in `trust_required` status as the stall signal. -- Source: `ROADMAP.md:L1183` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `deferred_with_rationale` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: Deferred by roadmap/approved plan until prerequisite contracts or post-2.0 research admission gates are satisfied. - -### CC2-RM-A0065-call-workerresolvetrust-tool-to-unblock -- Title: Call `WorkerResolveTrust` tool to unblock, or `WorkerRestart` to reset. -- Source: `ROADMAP.md:L1184` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `deferred_with_rationale` -- Category/lane: `security` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: Deferred by roadmap/approved plan until prerequisite contracts or post-2.0 research admission gates are satisfied. - -### CC2-RM-A0066-dashscope-model-routing-in-providerclien -- Title: **DashScope model routing in ProviderClient dispatch uses wrong config** — **done at `adcea6b` on 2026-04-08**. `ProviderClient::from_model_with_anthropic_auth` dispatched all `ProviderKind::OpenAi` matches to `OpenAiCompatConfig::openai()` (reads `OPENAI_API_KEY`, points at `api.openai.com`). But DashScope models (`qwen-plus`, `qwen/qwen-max`) return `ProviderKind::OpenAi` because DashScope speaks the OpenAI wire format — they need `OpenAiCompatConfig::dashscope()` (reads `DASHSCOPE_API_KEY`, points at `dashscope.aliyuncs.com/compatible-mode/v1`). Fix: consult `metadata_for_model` in the `OpenAi` dispatch arm and pick `dashscope()` vs `openai()` based on `metadata.auth_env`. Adds regression test + `pub base_url()` accessor. 2 files, +94/−3. Authored by droid (Kimi K2.5 Turbo) via acpx, cleaned up by Jobdori. -- Source: `ROADMAP.md:L1205` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0067-code-on-disk-verified-commit-lands-depen -- Title: **`code-on-disk → verified commit lands` depends on undocumented executor quirks** — **verified external/non-actionable on 2026-04-12:** current `main` has no repo-local implementation surface for `acpx`, `use-droid`, `run-acpx`, `commit-wrapper`, or the cited `spawn ENOENT` behavior outside `ROADMAP.md`; those failures live in the external droid/acpx executor-orchestrator path, not claw-code source in this repository. Treat this as an external tracking note instead of an in-repo Immediate Backlog item. **Original filing below.** -- Source: `ROADMAP.md:L1207` (`roadmap_action`) -- Bucket/status: `rejected_not_claw` / `rejected_not_claw` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: Rejected because the source describes clone-only breadth or behavior outside Claw's machine-truth/clawable-harness identity. - -### CC2-RM-A0068-code-on-disk-verified-commit-lands-depen -- Title: **`code-on-disk → verified commit lands` depends on undocumented executor quirks** — dogfooded 2026-04-08 during live fix session. Three hidden contracts tripped the "last mile" path when using droid via acpx in the claw-code workspace: **(a) hidden CWD contract** — droid's `terminal/create` rejects `cd /path && cargo build` compound commands with `spawn ENOENT`; callers must pass `--cwd` or split commands; **(b) hidden commit-message transport limit** — embedding a multi-line commit message in a single shell invocation hits `ENAMETOOLONG`; workaround is `git commit -F ` but the caller must know to write the file first; **(c) hidden workspace lint/edition contract** — `unsafe_code = "forbid"` workspace-wide with Rust 2021 edition makes `unsafe {}` wrappers incorrect for `set_var`/`remove_var`, but droid generates Rust 2024-style unsafe blocks without inspecting the workspace Cargo.toml or clippy config. Each of these required the orchestrator to learn the constraint by failing, then switching strategies. **Acceptance bar:** a fresh agent should be able to verify/commit/push a correct diff in this workspace without needing to know executor-specific shell trivia ahead of time. **Fix shape:** (1) `run-acpx.sh`-style wrapper that normalizes the commit idiom (always writes to temp file, sets `--cwd`, splits compound commands); (2) inject workspace constraints into the droid/acpx task preamble (edition, lint gates, known shell executor quirks) so the model doesn't have to discover them from failures; (3) or upstream a fix to the executor itself so `cd /path && cmd` chains work correctly. -- Source: `ROADMAP.md:L1209` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0069-openai-compatible-provider-model-id-pass -- Title: **OpenAI-compatible provider/model-id passthrough is not fully literal** — **verified no-bug on 2026-04-09**: `resolve_model_alias()` only matches bare shorthand aliases (`opus`/`sonnet`/`haiku`) and passes everything else through unchanged, so `openai/gpt-4` reaches the dispatch layer unmodified. `strip_routing_prefix()` at `openai_compat.rs:732` then strips only recognised routing prefixes (`openai`, `xai`, `grok`, `qwen`) so the wire model is the bare backend id. No fix needed. **Original filing below.** -- Source: `ROADMAP.md:L1211` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0070-hook-json-failure-opacity-invalid-hook-o -- Title: **Hook JSON failure opacity: invalid hook output does not surface the offending payload/context** — dogfooding on 2026-04-13 in the live `clawcode-human` lane repeatedly hit `PreToolUse/PostToolUse/Stop hook returned invalid ... JSON output` while the operator had no immediate visibility into which hook emitted malformed JSON, what raw stdout/stderr came back, or whether the failure was hook-formatting breakage vs prompt-misdelivery fallout. This turns a recoverable hook/schema bug into generic lane fog. **Impact.** Lanes look blocked/noisy, but the event surface is too lossy to classify whether the next action is fix the hook serializer, retry prompt delivery, or ignore a harmless hook-side warning. **Concrete delta landed now.** Recorded as an Immediate Backlog item so the failure is tracked explicitly instead of disappearing into channel scrollback. **Recommended fix shape:** when hook JSON parse fails, emit a typed hook failure event carrying hook phase/name, command/path, exit status, and a redacted raw stdout/stderr preview (bounded + safe), plus a machine class like `hook_invalid_json`. Add regression coverage for malformed-but-nonempty hook output so the surfaced error includes the preview instead of only `invalid ... JSON output`. -- Source: `ROADMAP.md:L1213` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0071-openai-compatible-provider-model-id-pass -- Title: **OpenAI-compatible provider/model-id passthrough is not fully literal** — dogfooded 2026-04-08 via live user in #claw-code who confirmed the exact backend model id works outside claw but fails through claw for an OpenAI-compatible endpoint. The gap: `openai/` prefix is correctly used for **transport selection** (pick the OpenAI-compat client) but the **wire model id** — the string placed in `"model": "..."` in the JSON request body — may not be the literal backend model string the user supplied. Two candidate failure modes: **(a)** `resolve_model_alias()` is called on the model string before it reaches the wire — alias expansion designed for Anthropic/known models corrupts a user-supplied backend-specific id; **(b)** the `openai/` routing prefix may not be stripped before `build_chat_completion_request` packages the body, so backends receive `openai/gpt-4` instead of `gpt-4`. **Fix shape:** cleanly separate transport selection from wire model id. Transport selection uses the prefix; wire model id is the user-supplied string minus only the routing prefix — no alias expansion, no prefix leakage. **Trace path for next session:** (1) find where `resolve_model_alias()` is called relative to the OpenAI-compat dispatch path; (2) inspect what `build_chat_completion_request` puts in `"model"` for an `openai/some-backend-id` input. **Source:** live user in #claw-code 2026-04-08, confirmed exact model id works outside claw, fails through claw for OpenAI-compat backend. -- Source: `ROADMAP.md:L1215` (`roadmap_action`) -- Bucket/status: `rejected_not_claw` / `rejected_not_claw` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: Rejected because the source describes clone-only breadth or behavior outside Claw's machine-truth/clawable-harness identity. - -### CC2-RM-A0072-openai-responses-endpoint-rejects-claw-s -- Title: **OpenAI `/responses` endpoint rejects claw's tool schema: `object schema missing properties` / `invalid_function_parameters`** — **done at `e7e0fd2` on 2026-04-09**. Added `normalize_object_schema()` in `openai_compat.rs` which recursively walks JSON Schema trees and injects `"properties": {}` and `"additionalProperties": false` on every object-type node (without overwriting existing values). Called from `openai_tool_definition()` so both `/chat/completions` and `/responses` receive strict-validator-safe schemas. 3 unit tests added. All api tests pass. **Original filing below.** -- Source: `ROADMAP.md:L1217` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0073-openai-responses-endpoint-rejects-claw-s -- Title: **OpenAI `/responses` endpoint rejects claw's tool schema: `object schema missing properties` / `invalid_function_parameters`** — dogfooded 2026-04-08 via live user in #claw-code. Repro: startup succeeds, provider routing succeeds (`Connected: gpt-5.4 via openai`), but request fails when claw sends tool/function schema to a `/responses`-compatible OpenAI backend. Backend rejects `StructuredOutput` with `object schema missing properties` and `invalid_function_parameters`. This is distinct from the `#32` model-id passthrough issue — routing and transport work correctly. The failure is at the schema validation layer: claw's tool schema is acceptable for `/chat/completions` but not strict enough for `/responses` endpoint validation. **Sharp next check:** emit what schema claw sends for `StructuredOutput` tool functions, compare against OpenAI `/responses` spec for strict JSON schema validation (required `properties` object, `additionalProperties: false`, etc). Likely fix: add missing `properties: {}` on object types, ensure `additionalProperties: false` is present on all object schemas in the function tool JSON. **Source:** live user in #claw-code 2026-04-08 with `gpt-5.4` on OpenAI-compat backend. -- Source: `ROADMAP.md:L1218` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0074-reasoning-effort-budget-tokens-not-surfa -- Title: **`reasoning_effort` / `budget_tokens` not surfaced on OpenAI-compat path** — **done (verified 2026-04-11):** current `main` already carries the Rust-side OpenAI-compat parity fix. `MessageRequest` now includes `reasoning_effort: Option` in `rust/crates/api/src/types.rs`, `build_chat_completion_request()` emits `"reasoning_effort"` in `rust/crates/api/src/providers/openai_compat.rs`, and the CLI threads `--reasoning-effort low|medium|high` through to the API client in `rust/crates/rusty-claude-cli/src/main.rs`. The OpenAI-side parity target here is `reasoning_effort`; Anthropic-only `budget_tokens` remains handled on the Anthropic path. Re-verified on current `origin/main` / HEAD `2d5f836`: `cargo test -p api reasoning_effort -- --nocapture` passes (2 passed), and `cargo test -p rusty-claude-cli reasoning_effort -- --nocapture` passes (2 passed). Historical proof: `e4c3871` added the request field + OpenAI-compatible payload serialization, `ca8950c2` wired the CLI end-to-end, and `f741a425` added CLI validation coverage. **Original filing below.** -- Source: `ROADMAP.md:L1220` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0075-reasoning-effort-budget-tokens-not-surfa -- Title: **`reasoning_effort` / `budget_tokens` not surfaced on OpenAI-compat path** — dogfooded 2026-04-09. Users asking for "reasoning effort parity with opencode" are hitting a structural gap: `MessageRequest` in `rust/crates/api/src/types.rs` has no `reasoning_effort` or `budget_tokens` field, and `build_chat_completion_request` in `openai_compat.rs` does not inject either into the request body. This means passing `--thinking` or equivalent to an OpenAI-compat reasoning model (e.g. `o4-mini`, `deepseek-r1`, any model that accepts `reasoning_effort`) silently drops the field — the model runs without the requested effort level, and the user gets no warning. **Contrast with Anthropic path:** `anthropic.rs` already maps `thinking` config into `anthropic.thinking.budget_tokens` in the request body. **Fix shape:** (a) Add optional `reasoning_effort: Option` field to `MessageRequest`; (b) In `build_chat_completion_request`, if `reasoning_effort` is `Some`, emit `"reasoning_effort": value` in the JSON body; (c) In the CLI, wire `--thinking low/medium/high` or equivalent to populate the field when the resolved provider is `ProviderKind::OpenAi`; (d) Add unit test asserting `reasoning_effort` appears in the request body when set. **Source:** live user questions in #claw-code 2026-04-08/09 (dan_theman369 asking for "same flow as opencode for reasoning effort"; gaebal-gajae confirmed gap at `1491453913100976339`). Companion gap to #33 on the OpenAI-compat path. -- Source: `ROADMAP.md:L1222` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0076-openai-gpt-5-x-requires-max-completion-t -- Title: **OpenAI gpt-5.x requires max_completion_tokens not max_tokens** — **done (verified 2026-04-11):** current `main` already carries the Rust-side OpenAI-compat fix. `build_chat_completion_request()` in `rust/crates/api/src/providers/openai_compat.rs` switches the emitted key to `"max_completion_tokens"` whenever the wire model starts with `gpt-5`, while older models still use `"max_tokens"`. Regression test `gpt5_uses_max_completion_tokens_not_max_tokens()` proves `gpt-5.2` emits `max_completion_tokens` and omits `max_tokens`. Re-verified against current `origin/main` `d40929ca`: `cargo test -p api gpt5_uses_max_completion_tokens_not_max_tokens -- --nocapture` passes. Historical proof: `eb044f0a` landed the request-field switch plus regression test on 2026-04-09. Source: rklehm in #claw-code 2026-04-09. -- Source: `ROADMAP.md:L1224` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0077-custom-project-skill-invocation-disconne -- Title: **Custom/project skill invocation disconnected from skill discovery** — **done (verified 2026-04-11):** current `main` already routes bare-word skill input in the REPL through `resolve_skill_invocation()` instead of forwarding it to the model. `rust/crates/rusty-claude-cli/src/main.rs` now treats a leading bare token that matches a known skill name as `/skills `, while `rust/crates/commands/src/lib.rs` validates the skill against discovered project/user skill roots and reports available-skill guidance on miss. Fresh regression coverage proves the known-skill dispatch path and the unknown/non-skill bypass. Historical proof: `8d0308ee` landed the REPL dispatch fix. Source: gaebal-gajae dogfood 2026-04-09. -- Source: `ROADMAP.md:L1226` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0078-claude-subscription-login-path-should-be -- Title: **Claude subscription login path should be removed, not deprecated** -- dogfooded 2026-04-09. Official auth should be API key only (`ANTHROPIC_API_KEY`) or OAuth bearer token via `ANTHROPIC_AUTH_TOKEN`; the local `claw login` / `claw logout` subscription-style flow created legal/billing ambiguity and a misleading saved-OAuth fallback. **Done (verified 2026-04-11):** removed the direct `claw login` / `claw logout` CLI surface, removed `/login` and `/logout` from shared slash-command discovery, changed both CLI and provider startup auth resolution to ignore saved OAuth credentials, and updated auth diagnostics to point only at `ANTHROPIC_API_KEY` / `ANTHROPIC_AUTH_TOKEN`. Verification: targeted `commands`, `api`, and `rusty-claude-cli` tests for removed login/logout guidance and ignored saved OAuth all pass, and `cargo check -p api -p commands -p rusty-claude-cli` passes. Source: gaebal-gajae policy decision 2026-04-09. -- Source: `ROADMAP.md:L1228` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0079-dead-session-opacity-bot-cannot-self-det -- Title: **Dead-session opacity: bot cannot self-detect compaction vs broken tool surface** -- dogfooded 2026-04-09. Jobdori session spent ~15h declaring itself "dead" in-channel while tools were actually returning correct results within each turn. Root cause: context compaction causes tool outputs to be summarised away between turns, making the bot interpret absence-of-remembered-output as tool failure. This is a distinct failure mode from ROADMAP #31 (executor quirks): the session is alive and tools are functional, but the agent cannot tell the difference between "my last tool call produced no output" (compaction) and "the tool is broken". **Done (verified 2026-04-11):** `ConversationRuntime::run_turn()` now runs a post-compaction session-health probe through `glob_search`, fails fast with a targeted recovery error if the tool surface is broken, and skips the probe for a freshly compacted empty session. Fresh regression coverage proves both the failure gate and the empty-session bypass. Source: Jobdori self-dogfood 2026-04-09; observed in #clawcode-building-in-public across multiple Clawhip nudge cycles. -- Source: `ROADMAP.md:L1230` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0080-several-slash-commands-were-registered-b -- Title: **Several slash commands were registered but not implemented: /branch, /rewind, /ide, /tag, /output-style, /add-dir** — **done (verified 2026-04-12):** current `main` already hides those stub commands from the user-facing discovery surfaces that mattered for the original report. Shared help rendering excludes them via `render_slash_command_help_filtered(...)`, and REPL completions exclude them via `STUB_COMMANDS`. Fresh proof: `cargo test -p commands renders_help_from_shared_specs -- --nocapture`, `cargo test -p rusty-claude-cli shared_help_uses_resume_annotation_copy -- --nocapture`, and `cargo test -p rusty-claude-cli stub_commands_absent_from_repl_completions -- --nocapture` all pass on current `origin/main`. Source: mezz2301 in #claw-code 2026-04-09; pinpointed in main.rs:3728. -- Source: `ROADMAP.md:L1232` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0081-surface-broken-installed-plugins-before -- Title: **Surface broken installed plugins before they become support ghosts** — community-support lane. Clawhip commit `ff6d3b7` on worktree `claw-code-community-support-plugin-list-load-failures` / branch `community-support/plugin-list-load-failures`. When an installed plugin has a broken manifest (missing hook scripts, parse errors, bad json), the plugin silently fails to load and the user sees nothing — no warning, no list entry, no hint. Related to ROADMAP #27 (host plugin path leaking into tests) but at the user-facing surface: the test gap and the UX gap are siblings of the same root. **Done (verified 2026-04-11):** `PluginManager::plugin_registry_report()` and `installed_plugin_registry_report()` now preserve valid plugins while collecting `PluginLoadFailure`s, and the command-layer renderer emits a `Warnings:` block for broken plugins instead of silently hiding them. Fresh proof: `cargo test -p plugins plugin_registry_report_collects_load_failures_without_dropping_valid_plugins -- --nocapture`, `cargo test -p plugins installed_plugin_registry_report_collects_load_failures_from_install_root -- --nocapture`, and a new `commands` regression covering `render_plugins_report_with_failures()` all pass on current main. -- Source: `ROADMAP.md:L1234` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0082-stop-ambient-plugin-state-from-skewing-c -- Title: **Stop ambient plugin state from skewing CLI regression checks** — community-support lane. Clawhip commit `7d493a7` on worktree `claw-code-community-support-plugin-test-sealing` / branch `community-support/plugin-test-sealing`. Companion to #40: the test sealing gap is the CI/developer side of the same root — host `~/.claude/plugins/installed/` bleeds into CLI test runs, making regression checks non-deterministic on any machine with a non-pristine plugin install. Closely related to ROADMAP #27 (dev/rust `cargo test` reads host plugin state). **Done (verified 2026-04-11):** the plugins crate now carries dedicated test-isolation helpers in `rust/crates/plugins/src/test_isolation.rs`, and regression `claw_config_home_isolation_prevents_host_plugin_leakage()` proves `CLAW_CONFIG_HOME` isolation prevents host plugin state from leaking into installed-plugin discovery during tests. -- Source: `ROADMAP.md:L1236` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0083-output-format-json-errors-emitted-as-pro -- Title: **`--output-format json` errors emitted as prose, not JSON** — dogfooded 2026-04-09. When `claw --output-format json prompt` hits an API error, the error was printed as plain text (`error: api returned 401 ...`) to stderr instead of a JSON object. Any tool or CI step parsing claw's JSON output gets nothing parseable on failure — the error is invisible to the consumer. **Fix (`a...`):** detect `--output-format json` in `main()` at process exit and emit `{"type":"error","error":""}` to stderr instead of the prose format. Non-JSON path unchanged. **Done** in this nudge cycle. -- Source: `ROADMAP.md:L1238` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0084-hook-ingress-opacity-typed-hook-health-d -- Title: **Hook ingress opacity: typed hook-health/delivery report missing** — **verified likely external tracking on 2026-04-12:** repo-local searches for `/hooks/health`, `/hooks/status`, and hook-ingress route code found no implementation surface outside `ROADMAP.md`, and the prior state-surface note below already records that the HTTP server is not owned by claw-code. Treat this as likely upstream/server-surface tracking rather than an immediate claw-code task. **Original filing below.** -- Source: `ROADMAP.md:L1240` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0085-hook-ingress-opacity-typed-hook-health-d -- Title: **Hook ingress opacity: typed hook-health/delivery report missing** — dogfooded 2026-04-09 while wiring the agentika timer→hook→session bridge. Debugging hook delivery required manual HTTP probing and inferring state from raw status codes (404 = no route, 405 = route exists, 400 = body missing required field). No typed endpoint exists to report: route present/absent, accepted methods, mapping matched/not matched, target session resolved/not resolved, last delivery failure class. Fix shape: add `GET /hooks/health` (or `/hooks/status`) returning a structured JSON diagnostic — no auth exposure, just routing/matching/session state. Source: gaebal-gajae dogfood 2026-04-09. -- Source: `ROADMAP.md:L1241` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0086-broad-cwd-guardrail-is-warning-only-need -- Title: **Broad-CWD guardrail is warning-only; needs policy-level enforcement** — dogfooded 2026-04-09. `5f6f453` added a stderr warning when claw starts from `$HOME` or filesystem root (live user kapcomunica scanned their whole machine). Warning is a mitigation, not a guardrail: the agent still proceeds with unbounded scope. Follow-up fix shape: (a) add `--allow-broad-cwd` flag to suppress the warning explicitly (for legitimate home-dir use cases); (b) in default interactive mode, prompt "You are running from your home directory — continue? [y/N]" and exit unless confirmed; (c) in `--output-format json` or piped mode, treat broad-CWD as a hard error (exit 1) with `{"type":"error","error":"broad CWD: running from home directory requires --allow-broad-cwd"}`. Source: kapcomunica in #claw-code 2026-04-09; gaebal-gajae ROADMAP note same cycle. -- Source: `ROADMAP.md:L1243` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0087-claw-dump-manifests-fails-with-opaque-no -- Title: **`claw dump-manifests` fails with opaque "No such file or directory"** — dogfooded 2026-04-09. `claw dump-manifests` emits `error: failed to extract manifests: No such file or directory (os error 2)` with no indication of which file or directory is missing. **Partial fix at `47aa1a5`+1**: error message now includes `looked in: ` so the build-tree path is visible, what manifests are, or how to fix it. Fix shape: (a) surface the missing path in the error message; (b) add a pre-check that explains what manifests are and where they should be (e.g. `.claw/manifests/` or the plugins directory); (c) if the command is only valid after `claw init` or after installing plugins, say so explicitly. Source: Jobdori dogfood 2026-04-09. -- Source: `ROADMAP.md:L1245` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0088-claw-dump-manifests-fails-with-opaque-no -- Title: **`claw dump-manifests` fails with opaque `No such file or directory`** — **done (verified 2026-04-12):** current `main` now accepts `claw dump-manifests --manifests-dir PATH`, pre-checks for the required upstream manifest files (`src/commands.ts`, `src/tools.ts`, `src/entrypoints/cli.tsx`), and replaces the opaque os error with guidance that points users to `CLAUDE_CODE_UPSTREAM` or `--manifests-dir`. Fresh proof: parser coverage for both flag forms, unit coverage for missing-manifest and explicit-path flows, and `output_format_contract` JSON coverage via the new flag all pass. **Original filing below.** -- Source: `ROADMAP.md:L1247` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0089-claw-dump-manifests-fails-with-opaque-no -- Title: **`claw dump-manifests` fails with opaque `No such file or directory`** — **done (verified 2026-04-12):** current `main` now accepts `claw dump-manifests --manifests-dir PATH`, pre-checks for the required upstream manifest files (`src/commands.ts`, `src/tools.ts`, `src/entrypoints/cli.tsx`), and replaces the opaque os error with guidance that points users to `CLAUDE_CODE_UPSTREAM` or `--manifests-dir`. Fresh proof: parser coverage for both flag forms, unit coverage for missing-manifest and explicit-path flows, and `output_format_contract` JSON coverage via the new flag all pass. **Original filing below.** -- Source: `ROADMAP.md:L1248` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0090-tokens-cache-stats-were-dead-spec-parse -- Title: **`/tokens`, `/cache`, `/stats` were dead spec — parse arms missing** — dogfooded 2026-04-09. All three had spec entries with `resume_supported: true` but no parse arms, producing the circular error "Unknown slash command: /tokens — Did you mean /tokens". Also `SlashCommand::Stats` existed but was unimplemented in both REPL and resume dispatch. **Done at `60ec2ae` 2026-04-09**: `"tokens" | "cache"` now alias to `SlashCommand::Stats`; `Stats` is wired in both REPL and resume path with full JSON output. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1249` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0091-diff-fails-with-cryptic-unknown-option-c -- Title: **`/diff` fails with cryptic "unknown option 'cached'" outside a git repo; resume /diff used wrong CWD** — dogfooded 2026-04-09. `claw --resume /diff` in a non-git directory produced `git diff --cached failed: error: unknown option 'cached'` because git falls back to `--no-index` mode outside a git tree. Also resume `/diff` used `session_path.parent()` (the `.claw/sessions//` dir) as CWD for the diff — never a git repo. **Done at `aef85f8` 2026-04-09**: `render_diff_report_for()` now checks `git rev-parse --is-inside-work-tree` first and returns a clear "no git repository" message; resume `/diff` uses `std::env::current_dir()`. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1251` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0092-piped-stdin-triggers-repl-startup-and-ba -- Title: **Piped stdin triggers REPL startup and banner instead of one-shot prompt** — dogfooded 2026-04-09. `echo "hello" | claw` started the interactive REPL, printed the ASCII banner, consumed the pipe without sending anything to the API, then exited. `parse_args` always returned `CliAction::Repl` when no args were given, never checking whether stdin was a pipe. **Done at `84b77ec` 2026-04-09**: when `rest.is_empty()` and stdin is not a terminal, read the pipe and dispatch as `CliAction::Prompt`. Empty pipe still falls through to REPL. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1253` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0093-resumed-slash-command-errors-emitted-as -- Title: **Resumed slash command errors emitted as prose in `--output-format json` mode** — dogfooded 2026-04-09. `claw --output-format json --resume /commit` called `eprintln!()` and `exit(2)` directly, bypassing the JSON formatter. Both the slash-command parse-error path and the `run_resume_command` Err path now check `output_format` and emit `{"type":"error","error":"...","command":"..."}`. **Done at `da42421` 2026-04-09**. Source: gaebal-gajae ROADMAP #26 track; Jobdori dogfood. -- Source: `ROADMAP.md:L1255` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0094-powershell-tool-is-registered-as-danger -- Title: **PowerShell tool is registered as `danger-full-access` — workspace-aware reads still require escalation** — dogfooded 2026-04-10. User running `workspace-write` session mode (tanishq_devil in #claw-code) had to use `danger-full-access` even for simple in-workspace reads via PowerShell (e.g. `Get-Content`). Root cause traced by gaebal-gajae: `PowerShell` tool spec is registered with `required_permission: PermissionMode::DangerFullAccess` (same as the `bash` tool in `mvp_tool_specs`), not with per-command workspace-awareness. Bash shell and PowerShell execute arbitrary commands, so blanket promotion to `danger-full-access` is conservative — but it over-escalates read-only in-workspace operations. Fix shape: (a) add command-level heuristic analysis to the PowerShell executor (read-only commands like `Get-Content`, `Get-ChildItem`, `Test-Path` that target paths inside CWD → `WorkspaceWrite` required; everything else → `DangerFullAccess`); (b) mirror the same workspace-path check that the bash executor uses; (c) add tests covering the permission boundary for PowerShell read vs write vs network commands. Note: the `bash` tool in `mvp_tool_specs` is also `DangerFullAccess` and has the same gap — both should be fixed together. Source: tanishq_devil in #claw-code 2026-04-10; root cause identified by gaebal-gajae. -- Source: `ROADMAP.md:L1257` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0095-windows-first-run-onboarding-missing-no -- Title: **Windows first-run onboarding missing: no explicit Rust + shell prerequisite branch** — dogfooded 2026-04-10 via #claw-code. User hit `bash: cargo: command not found`, `C:\...` vs `/c/...` path confusion in Git Bash, and misread `MINGW64` prompt as a broken MinGW install rather than normal Git Bash. Root cause: README/docs have no Windows-specific install path that says (1) install Rust first via rustup, (2) open Git Bash or WSL (not PowerShell or cmd), (3) use `/c/Users/...` style paths in bash, (4) then `cargo install claw-code`. Users can reach chat mode confusion before realizing claw was never installed. Fix shape: add a **Windows setup** section to README.md (or INSTALL.md) with explicit prerequisite steps, Git Bash vs WSL guidance, and a note that `MINGW64` in the prompt is expected and normal. Source: tanishq_devil in #claw-code 2026-04-10; traced by gaebal-gajae. -- Source: `ROADMAP.md:L1259` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0096-cargo-install-claw-code-false-positive-i -- Title: **`cargo install claw-code` false-positive install: deprecated stub silently succeeds** — dogfooded 2026-04-10 via #claw-code. User runs `cargo install claw-code`, install succeeds, Cargo places `claw-code-deprecated.exe`, user runs `claw` and gets `command not found`. The deprecated binary only prints `"claw-code has been renamed to agent-code"`. The success signal is false-positive: install appears to work but leaves the user with no working `claw` binary. Fix shape: (a) README must warn explicitly against `cargo install claw-code` with the hyphen (current note only warns about `clawcode` without hyphen); (b) if the deprecated crate is in our control, update its binary to print a clearer redirect message including `cargo install agent-code`; (c) ensure the Windows setup doc path mentions `agent-code` explicitly. Source: user in #claw-code 2026-04-10; traced by gaebal-gajae. -- Source: `ROADMAP.md:L1261` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0097-cargo-install-agent-code-produces-agent -- Title: **`cargo install agent-code` produces `agent.exe`, not `agent-code.exe` — binary name mismatch in docs** — dogfooded 2026-04-10 via #claw-code. User follows the `claw-code` rename hint to run `cargo install agent-code`, install succeeds, but the installed binary is `agent.exe` (Unix: `agent`), not `agent-code` or `agent-code.exe`. User tries `agent-code --version`, gets `command not found`, concludes install is broken. The package name (`agent-code`), the crate name, and the installed binary name (`agent`) are all different. Fix shape: docs must show the full chain explicitly: `cargo install agent-code` → run via `agent` (Unix) / `agent.exe` (Windows). ROADMAP #52 note updated with corrected binary name. Source: user in #claw-code 2026-04-10; traced by gaebal-gajae. -- Source: `ROADMAP.md:L1263` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0098-circular-did-you-mean-x-error-for-spec-r -- Title: **Circular "Did you mean /X?" error for spec-registered commands with no parse arm** — dogfooded 2026-04-10. 23 commands in the spec (shown in `/help` output) had no parse arm in `validate_slash_command_input`, so typing them produced `"Unknown slash command: /X — Did you mean /X?"`. The "Did you mean" suggestion pointed at the exact command the user just typed. Root cause: spec registration and parse-arm implementation were independent — a command could appear in help and completions without being parseable. **Done at `1e14d59` 2026-04-10**: added all 23 to STUB_COMMANDS and added pre-parse intercept in resume dispatch. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1265` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0099-session-list-unsupported-in-resume-mode -- Title: **`/session list` unsupported in resume mode despite only needing directory read** — dogfooded 2026-04-10. `/session list` in `--output-format json --resume` mode returned `"unsupported resumed slash command"`. The command only reads the sessions directory — no live runtime needed. **Done at `8dcf103` 2026-04-10**: added `Session{action:"list"}` arm in `run_resume_command()`. Emits `{kind:session_list, sessions:[...ids], active:}`. Partial progress on ROADMAP #21. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1267` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0100-resume-with-no-command-ignores-output-fo -- Title: **`--resume` with no command ignores `--output-format json`** — dogfooded 2026-04-10. `claw --output-format json --resume ` (no slash command) printed prose `"Restored session from (N messages)."` to stdout, ignoring the JSON output format flag. **Done at `4f670e5` 2026-04-10**: empty-commands path now emits `{kind:restored, session_id, path, message_count}` in JSON mode. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1269` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0101-session-load-errors-bypass-output-format -- Title: **Session load errors bypass `--output-format json` — prose error on corrupt JSONL** — dogfooded 2026-04-10. `claw --output-format json --resume /status` printed bare prose `"failed to restore session: ..."` to stderr, not a JSON error object. Both the path-resolution and JSONL-load error paths ignored `output_format`. **Done at `cf129c8` 2026-04-10**: both paths now emit `{type:error, error:"failed to restore session: "}` in JSON mode. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1271` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0102-windows-startup-crash-home-is-not-set-us -- Title: **Windows startup crash: `HOME is not set`** — user report 2026-04-10 in #claw-code (MaxDerVerpeilte). On Windows, `HOME` is often unset — `USERPROFILE` is the native equivalent. Four code paths only checked `HOME`: `config_home_dir()` (tools), `credentials_home_dir()` (runtime/oauth), `detect_broad_cwd()` (CLI), and skill lookup roots (tools). All crashed or silently skipped on stock Windows installs. **Done at `b95d330` 2026-04-10**: all four paths now fall back to `USERPROFILE` when `HOME` is absent. Error message updated to suggest `USERPROFILE` or `CLAW_CONFIG_HOME`. Source: MaxDerVerpeilte in #claw-code. -- Source: `ROADMAP.md:L1273` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0103-session-metadata-does-not-persist-the-mo -- Title: **Session metadata does not persist the model used** — dogfooded 2026-04-10. When resuming a session, `/status` reports `model: null` because the session JSONL stores no model field. A claw resuming a session cannot tell what model was originally used. The model is only known at runtime construction time via CLI flag or config. **Done at `0f34c66` 2026-04-10**: added `model: Option` to Session struct, persisted in session_meta JSONL record, surfaced in resumed `/status`. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1275` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0104-glob-search-silently-returns-0-results-f -- Title: **`glob_search` silently returns 0 results for brace expansion patterns** — user report 2026-04-10 in #claw-code (zero, Windows/Unity). Patterns like `Assets/**/*.{cs,uxml,uss}` returned 0 files because the `glob` crate (v0.3) does not support shell-style brace groups. The agent fell back to shell tools as a workaround. **Done at `3a6c9a5` 2026-04-10**: added `expand_braces()` pre-processor that expands brace groups before passing to `glob::glob()`. Handles nested braces. Results deduplicated via `HashSet`. 5 regression tests. Source: zero in #claw-code; traced by gaebal-gajae. -- Source: `ROADMAP.md:L1277` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0105-openai-base-url-ignored-when-model-name -- Title: **`OPENAI_BASE_URL` ignored when model name has no recognized prefix** — user report 2026-04-10 in #claw-code (MaxDerVerpeilte, Ollama). User set `OPENAI_BASE_URL=http://127.0.0.1:11434/v1` with model `qwen2.5-coder:7b` but claw asked for Anthropic credentials. `detect_provider_kind()` checks model prefix first, then falls through to env-var presence — but `OPENAI_BASE_URL` was not in the cascade, so unrecognized model names always hit the Anthropic default. **Done at `1ecdb10` 2026-04-10**: `OPENAI_BASE_URL` + `OPENAI_API_KEY` now beats Anthropic env-check. `OPENAI_BASE_URL` alone (no key, e.g. Ollama) is last-resort before Anthropic default. Source: MaxDerVerpeilte in #claw-code; traced by gaebal-gajae. -- Source: `ROADMAP.md:L1279` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0106-worker-state-file-surface-not-implemente -- Title: **Worker state file surface not implemented** — **done (verified 2026-04-12):** current `main` already wires `emit_state_file(worker)` into the worker transition path in `rust/crates/runtime/src/worker_boot.rs`, atomically writes `.claw/worker-state.json`, and exposes the documented reader surface through `claw state` / `claw state --output-format json` in `rust/crates/rusty-claude-cli/src/main.rs`. Fresh proof exists in `runtime` regression `emit_state_file_writes_worker_status_on_transition`, the end-to-end `tools` regression `recovery_loop_state_file_reflects_transitions`, and direct CLI parsing coverage for `state` / `state --output-format json`. Source: Jobdori dogfood. -- Source: `ROADMAP.md:L1281` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0107-droid-session-completion-semantics-broke -- Title: **Droid session completion semantics broken: code arrives after "status: completed"** — dogfooded 2026-04-12. Ultraclaw droid sessions (use-droid via acpx) report `session.status: completed` before file writes are fully flushed/synced to the working tree. Discovered +410 lines of "late-arriving" droid output that appeared after I had already assessed 8 sessions as "no code produced." This creates false-negative assessments and duplicate work. **Fix shape:** (a) droid agent should only report completion after explicit file-write confirmation (fsync or existence check); (b) or, claw-code should expose a `pending_writes` status that indicates "agent responded, disk flush pending"; (c) lane orchestrators should poll for file changes for N seconds after completion before final assessment. **Blocker:** none. Source: Jobdori ultraclaw dogfood 2026-04-12. -- Source: `ROADMAP.md:L1285` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0108-backlog-scanning-team-lanes-emit-opaque -- Title: **Backlog-scanning team lanes emit opaque stops, not structured selection outcomes** — **done (verified 2026-04-12):** completed lane persistence in `rust/crates/tools/src/lib.rs` now recognizes backlog-scan selection summaries and records structured `selectionOutcome` metadata on `lane.finished`, including `chosenItems`, `skippedItems`, `action`, and optional `rationale`, while preserving existing non-selection and review-lane behavior. Regression coverage locks the structured backlog-scan payload alongside the earlier quality-floor and review-verdict paths. **Original filing below.** -- Source: `ROADMAP.md:L1292` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0109-completion-aware-reminder-shutdown-missi -- Title: **Completion-aware reminder shutdown missing** — **done (verified 2026-04-12):** completed lane persistence in `rust/crates/tools/src/lib.rs` now disables matching enabled cron reminders when the associated lane finishes successfully, and records the affected cron ids in `lane.finished.data.disabledCronIds`. Regression coverage locks the path where a ROADMAP-linked reminder is disabled on successful completion while leaving incomplete work untouched. **Original filing below.** -- Source: `ROADMAP.md:L1294` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0110-scoped-review-lanes-do-not-emit-structur -- Title: **Scoped review lanes do not emit structured verdicts** — **done (verified 2026-04-12):** completed lane persistence in `rust/crates/tools/src/lib.rs` now recognizes review-style `APPROVE`/`REJECT`/`BLOCKED` results and records structured `reviewVerdict`, `reviewTarget`, and `reviewRationale` metadata on the `lane.finished` event while preserving existing non-review lane behavior. Regression coverage locks both the normal completion path and a scoped review-lane completion payload. **Original filing below.** -- Source: `ROADMAP.md:L1296` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0111-internal-reinjection-resume-paths-leak-o -- Title: **Internal reinjection/resume paths leak opaque control prose** — **done (verified 2026-04-12):** completed lane persistence in `rust/crates/tools/src/lib.rs` now recognizes `[OMX_TMUX_INJECT]`-style recovery control prose and records structured `recoveryOutcome` metadata on `lane.finished`, including `cause`, optional `targetLane`, and optional `preservedState`. Recovery-style summaries now normalize to a human-meaningful fallback instead of surfacing the raw internal marker as the primary lane result. Regression coverage locks both the tmux-idle reinjection path and the `Continue from current mode state` resume path. Source: gaebal-gajae / Jobdori dogfood 2026-04-12. -- Source: `ROADMAP.md:L1298` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0112-lane-stop-summaries-have-no-minimum-qual -- Title: **Lane stop summaries have no minimum quality floor** — **done (verified 2026-04-12):** completed lane persistence in `rust/crates/tools/src/lib.rs` now normalizes vague/control-only stop summaries into a contextual fallback that includes the lane target and status, while preserving structured metadata about whether the quality floor fired (`qualityFloorApplied`, `rawSummary`, `reasons`, `wordCount`). Regression coverage locks both the pass-through path for good summaries and the fallback path for mushy summaries like `commit push everyting, keep sweeping $ralph`. **Original filing below.** -- Source: `ROADMAP.md:L1300` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0113-install-source-ambiguity-misleads-real-u -- Title: **Install-source ambiguity misleads real users** — **done (verified 2026-04-12):** repo-local Rust guidance now makes the source of truth explicit in `claw doctor` and `claw --help`, naming `ultraworkers/claw-code` as the canonical repo and warning that `cargo install claw-code` installs a deprecated stub rather than the `claw` binary. Regression coverage locks both the new doctor JSON check and the help-text warning. **Original filing below.** -- Source: `ROADMAP.md:L1302` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0114-wrong-task-prompt-receipt-is-not-detecte -- Title: **Wrong-task prompt receipt is not detected before execution** — **done (verified 2026-04-12):** worker boot prompt dispatch now accepts an optional structured `task_receipt` (`repo`, `task_kind`, `source_surface`, `expected_artifacts`, `objective_preview`) and treats mismatched visible prompt context as a `WrongTask` prompt-delivery failure before execution continues. The prompt-delivery payload now records `observed_prompt_preview` plus the expected receipt, and regression coverage locks both the existing shell/wrong-target paths and the new KakaoTalk-style wrong-task mismatch case. **Original filing below.** -- Source: `ROADMAP.md:L1304` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0115-latest-managed-session-selection-depends -- Title: **`latest` managed-session selection depends on filesystem mtime before semantic session recency** — **done (verified 2026-04-12):** managed-session summaries now carry `updated_at_ms`, `SessionStore::list_sessions()` sorts by semantic recency before filesystem mtime, and regression coverage locks the case where `latest` must prefer the newer session payload even when file mtimes point the other way. The CLI session-summary wrapper now stays in sync with the runtime field so `latest` resolution uses the same ordering signal everywhere. **Original filing below.** -- Source: `ROADMAP.md:L1306` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0116-session-timestamps-are-not-monotonic-eno -- Title: **Session timestamps are not monotonic enough for latest-session ordering under tight loops** — **done (verified 2026-04-12):** runtime session timestamps now use a process-local monotonic millisecond source, so back-to-back saves still produce increasing `updated_at_ms` even when the wall clock does not advance. The temporary sleep hack was removed from the resume-latest regression, and fresh workspace verification stayed green with the semantic-recency ordering path from #72. **Original filing below.** -- Source: `ROADMAP.md:L1307` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0117-poisoned-test-locks-cascade-into-unrelat -- Title: **Poisoned test locks cascade into unrelated Rust regressions** — **done (verified 2026-04-12):** test-only env/cwd lock acquisition in `rust/crates/tools/src/lib.rs`, `rust/crates/plugins/src/lib.rs`, `rust/crates/commands/src/lib.rs`, and `rust/crates/rusty-claude-cli/src/main.rs` now recovers poisoned mutexes via `PoisonError::into_inner`, and new regressions lock that behavior so one panic no longer causes later tests to fail just by touching the shared env/cwd locks. Source: Jobdori dogfood 2026-04-12. -- Source: `ROADMAP.md:L1309` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0118-claw-init-leaves-clawhip-runtime-artifac -- Title: **`claw init` leaves `.clawhip/` runtime artifacts unignored** — **done (verified 2026-04-12):** `rust/crates/rusty-claude-cli/src/init.rs` now treats `.clawhip/` as a first-class local artifact alongside `.claw/` paths, and regression coverage locks both the create and idempotent update paths so `claw init` adds the ignore entry exactly once. The repo `.gitignore` now also ignores `.clawhip/` for immediate dogfood relief, preventing repeated OMX team merge conflicts on `.clawhip/state/prompt-submit.json`. Source: Jobdori dogfood 2026-04-12. -- Source: `ROADMAP.md:L1311` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0119-real-acp-zed-daemon-contract-is-still-mi -- Title: **Real ACP/Zed daemon contract is still missing after the discoverability fix** — follow-up filed 2026-04-16. ROADMAP #64 made the current status explicit via `claw acp`, but editor-first users still cannot actually launch claw-code as an ACP/Zed daemon because there is no protocol-serving surface yet. **Fix shape:** add a real ACP entrypoint (for example `claw acp serve`) only when the underlying protocol/transport contract exists, then document the concrete editor wiring in `claw --help` and first-screen docs. **Acceptance bar:** an editor can launch claw-code for ACP/Zed from a documented, supported command rather than a status-only alias. **Blocker:** protocol/runtime work not yet implemented; current `acp serve` spelling is intentionally guidance-only. -- Source: `ROADMAP.md:L1313` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0120-output-format-json-error-payload-carries -- Title: **`--output-format json` error payload carries no machine-readable error class, so downstream claws cannot route failures without regex-scraping the prose** — dogfooded 2026-04-17 in `/tmp/claw-dogfood-*` on main HEAD `00d0eb6`. ROADMAP #42/#49/#56/#57 made stdout/stderr JSON-shaped on error, but the shape itself is still lossy: every failure emits the exact same three-field envelope `{"type":"error","error":""}`. Concrete repros on the same binary, same JSON flag: -- Source: `ROADMAP.md:L1315` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0121-claw-plugins-cli-route-is-wired-as-a-cli -- Title: **`claw plugins` CLI route is wired as a `CliAction` variant but never constructed by `parse_args`; invocation falls through to LLM-prompt dispatch** — dogfooded 2026-04-17 on main HEAD `d05c868`. `claw agents`, `claw mcp`, `claw skills`, `claw acp`, `claw bootstrap-plan`, `claw system-prompt`, `claw init`, `claw dump-manifests`, and `claw export` all resolve to local CLI routes and emit structured JSON (`{"kind": "agents", ...}` / `{"kind": "mcp", ...}` / etc.) without provider credentials. `claw plugins` does not — it is the sole documented-shaped subcommand that falls through to the `_other => CliAction::Prompt { ... }` arm in `parse_args`. Concrete repros on a clean workspace (`/tmp/claw-dogfood-2`, throwaway git init): -- Source: `ROADMAP.md:L1337` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0122-claw-output-format-json-init-discards-an -- Title: **`claw --output-format json init` discards an already-structured `InitReport` and ships only the rendered prose as `message`** — dogfooded 2026-04-17 on main HEAD `9deaa29`. The init pipeline in `rust/crates/rusty-claude-cli/src/init.rs:38-113` already produces a fully-typed `InitReport { project_root: PathBuf, artifacts: Vec }` where `InitStatus` is the enum `{ Created, Updated, Skipped }` (line 15-20). `run_init()` at `rust/crates/rusty-claude-cli/src/main.rs:5436-5446` then funnels that structured report through `init_claude_md()` which calls `.render()` and throws away the structure, and `init_json_value()` at 5448-5454 wraps *only* the prose string into `{"kind":"init","message":"/` where `workspace_fingerprint()` at line 295-303 is a 16-char FNV-1a hex hash of the absolute CWD path. The gap is user-visible and trivially reproducible. -- Source: `ROADMAP.md:L1419` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0124-claw-status-reports-the-same-project-roo -- Title: **`claw status` reports the same `Project root` for two CWDs that silently land in *different* session partitions — project-root identity is a lie at the session layer** — dogfooded 2026-04-17 on main HEAD `a48575f` inside `~/clawd/claw-code` (itself) and reproduced on a scratch repo at `/tmp/claw-split-17`. The `Workspace` block in `claw status` advertises a single `Project root` derived from the git toplevel, but `SessionStore::from_cwd` at `rust/crates/runtime/src/session_control.rs:32-40` uses the raw **CWD path** as input to `workspace_fingerprint()` (line 295-303), not the project root. The result: two invocations in the same git repo but different CWDs (`~/clawd/claw-code` vs `~/clawd/claw-code/rust`, or `/tmp/claw-split-17` vs `/tmp/claw-split-17/sub`) report the same `Project root` in `claw status` but land in two separate `.claw/sessions//` dirs that cannot see each other's sessions. `claw --resume latest` from one subdir returns `no managed sessions found` even though the adjacent CWD in the same project has a live session that `/session list` from that CWD resolves fine. -- Source: `ROADMAP.md:L1453` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0125-claw-sandbox-advertises-filesystem-activ -- Title: **`claw sandbox` advertises `filesystem_active=true, filesystem_mode=workspace-only` on macOS but the "isolation" is just `HOME`/`TMPDIR` env-var rebasing — subprocesses can still write anywhere on disk** — dogfooded 2026-04-17 on main HEAD `1743e60` against `/tmp/claw-dogfood-2`. `claw --output-format json sandbox` on macOS reports `{"supported":false, "active":false, "filesystem_active":true, "filesystem_mode":"workspace-only", "fallback_reason":"namespace isolation unavailable (requires Linux with `unshare`)"}`. The `fallback_reason` correctly admits namespace isolation is off, but `filesystem_active=true` + `filesystem_mode="workspace-only"` reads — to a claw or a human — as *"filesystem isolation is live, restricted to the workspace."* It is not. -- Source: `ROADMAP.md:L1480` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0126-claw-injects-the-build-date-into-the-liv -- Title: **`claw` injects the *build date* into the live agent system prompt as "today's date" — agents run one week (or any N days) behind real time whenever the binary has aged** — dogfooded 2026-04-17 on main HEAD `e58c194` against `/tmp/cd3`. The binary was built on 2026-04-10 (`claw --version` → `Build date 2026-04-10`). Today is 2026-04-17. Running `claw system-prompt` from a fresh workspace yields: -- Source: `ROADMAP.md:L1519` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0127-compute-current-date-at-runtime-not-comp -- Title: Compute `current_date` at runtime, not compile time. Add a small helper in `runtime::prompt` (or a new `clock.rs`) that returns today's UTC date as `YYYY-MM-DD`, using `chrono::Utc::now().date_naive()` or equivalent. No new heavy dependency — `chrono` is already transitively in the tree. ~10 lines. -- Source: `ROADMAP.md:L1539` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0128-replace-every-default-date-use-site-in-r -- Title: Replace every `DEFAULT_DATE` use site in `rusty-claude-cli/src/main.rs` (call sites enumerated above) with a call to that helper. Leave `DEFAULT_DATE` intact *only* for the `claw version` / `--version` build-metadata path (its honest meaning). -- Source: `ROADMAP.md:L1540` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0129-preserve-date-yyyy-mm-dd-override-on-sys -- Title: Preserve `--date YYYY-MM-DD` override on `system-prompt` as-is; add an env-var escape hatch (`CLAWD_OVERRIDE_DATE=YYYY-MM-DD`) for deterministic tests and SOURCE_DATE_EPOCH-style reproducible agent prompts. -- Source: `ROADMAP.md:L1541` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0130-regression-test-freeze-the-clock-via-the -- Title: Regression test: freeze the clock via the env escape, assert `load_system_prompt(cwd, , ...)` emits the *frozen* date, not the build date. Also a smoke test that the *actual* runtime default rejects any value matching `option_env!("BUILD_DATE")` unless the env override is set. -- Source: `ROADMAP.md:L1542` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0131-claw-dump-manifests-default-search-path -- Title: **`claw dump-manifests` default search path is the build machine's absolute filesystem path baked in at compile time — broken and information-leaking for any user running a distributed binary** — dogfooded 2026-04-17 on main HEAD `70a0f0c` from `/tmp/cd4` (fresh workspace). Running `claw dump-manifests` with no arguments emits: -- Source: `ROADMAP.md:L1550` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0132-broken-default-for-any-distributed-binar -- Title: *Broken default for any distributed binary.* A claw or operator running a packaged/shipped `claw` binary on their own machine will see a path they do not own, cannot create, and cannot reason about. The error surface advertises a default behavior that is contingent on the end user having reconstructed the build machine's filesystem layout verbatim. -- Source: `ROADMAP.md:L1567` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0133-privacy-leak-the-build-machine-s-absolut -- Title: *Privacy leak.* The build machine's absolute filesystem path — including the compiling user's `$HOME` segment (`/Users/yeongyu`) — is baked into the binary and surfaced to every recipient who ever runs `dump-manifests` without `--manifests-dir`. This lands in logs, CI output, transcripts, bug reports, the binary itself. For a tool that aspires to be embedded in clawhip / batch orchestrators this is a sharp edge. -- Source: `ROADMAP.md:L1568` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0134-reproducibility-violation-two-binaries-b -- Title: *Reproducibility violation.* Two binaries built from the same source at the same commit but on different machines produce different runtime behavior for the *default* `dump-manifests` invocation. This is the same reproducibility-breaking shape as ROADMAP #83 (build date injected as "today") — compile-time context leaking into runtime decisions. -- Source: `ROADMAP.md:L1569` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0135-discovery-gap-the-hint-correctly-names-c -- Title: *Discovery gap.* The hint correctly names `CLAUDE_CODE_UPSTREAM` and `--manifests-dir`, but the user only learns about them *after* the default has already failed in a confusing way. A clawhip running this probe to detect whether an upstream manifest source is available cannot distinguish "user hasn't configured an upstream path yet" from "user's config is wrong" from "the binary was built on a different machine" — same error in all three cases. -- Source: `ROADMAP.md:L1570` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0136-drop-the-compile-time-default-remove-env -- Title: *Drop the compile-time default.* Remove `env!("CARGO_MANIFEST_DIR")` from the runtime default path in `main.rs:2016`. Replace with either (a) `env::current_dir()` as the starting point for `resolve_upstream_repo_root`, or (b) a hardcoded `None` that requires `CLAUDE_CODE_UPSTREAM` / `--manifests-dir` / a settings-file entry before any lookup happens. -- Source: `ROADMAP.md:L1573` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0137-when-the-default-is-missing-fail-with-a -- Title: *When the default is missing, fail with a user-legible message — not a leaked absolute path.* Example: `dump-manifests requires an upstream Claude Code source checkout. Set CLAUDE_CODE_UPSTREAM or pass --manifests-dir /path/to/claude-code. No default path is configured for this binary.` No compile-time path, no `$HOME` leak, no confusing "missing files" message for a path the user never asked for. -- Source: `ROADMAP.md:L1574` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0138-add-a-claw-config-upstream-settings-json -- Title: *Add a `claw config upstream` / `settings.json` `[upstream]` entry* so the upstream source path is a first-class, persisted piece of workspace config — not an env var or a command-line flag the user has to remember each time. Matches the settings-based approach used elsewhere (e.g. the `trusted_roots` gap called out in the 2026-04-08 startup-friction note). -- Source: `ROADMAP.md:L1575` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0139-claw-skills-walks-cwd-ancestors-unbounde -- Title: **`claw skills` walks `cwd.ancestors()` unbounded and treats every `.claw/skills`, `.omc/skills`, `.agents/skills`, `.codex/skills`, `.claude/skills` it finds as active project skills — cross-project leakage and a cheap skill-injection path from any ancestor directory** — dogfooded 2026-04-17 on main HEAD `2eb6e0c` from `/tmp/trap/inner/work`. A directory I do not own (`/tmp/trap/.agents/skills/rogue/SKILL.md`) above the worker's CWD is enumerated as an `active: true` skill by `claw --output-format json skills`, sourced as `project_claw`/`Project roots`, even after the worker's own CWD is `git init`ed to declare a project boundary. Same effect from any ancestor walk up to `/`. -- Source: `ROADMAP.md:L1583` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0140-cross-tenant-skill-injection-from-a-shar -- Title: *Cross-tenant skill injection from a shared `/tmp` ancestor.* -- Source: `ROADMAP.md:L1586` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0141-cwd-dependent-skill-set-from-users-yeong -- Title: *CWD-dependent skill set.* From `/Users/yeongyu/scratch-nonrepo` (CWD under `$HOME`) `claw --output-format json skills` returns 50 skills — including every `SKILL.md` under `~/.agents/skills/*`, surfaced via `ancestor.join(".agents").join("skills")` at `rust/crates/commands/src/lib.rs:2811`. From `/tmp/cd5` (same user, same binary, CWD *outside* `$HOME`) the same command returns 24 — missing the entire `~/.agents/skills/*` set because `~` is no longer in the ancestor chain. Skill availability silently flips based on where the worker happened to be started from. -- Source: `ROADMAP.md:L1602` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0142-non-deterministic-skill-surface-two-claw -- Title: *Non-deterministic skill surface.* Two claws started from `/tmp/worker-A/` and `/Users/yeongyu/worker-B/` on the same machine see different skill sets. Principle #1 ("deterministic to start") is violated on a per-CWD basis. -- Source: `ROADMAP.md:L1611` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0143-cross-project-leakage-a-parent-repo-s-ag -- Title: *Cross-project leakage.* A parent repo's `.agents/skills` silently bleeds into a nested sub-checkout's skill namespace. Nested worktrees, monorepo subtrees, and temporary orchestrator workspaces all inherit ancestor skills they may not own. -- Source: `ROADMAP.md:L1612` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0144-skill-injection-primitive-any-directory -- Title: *Skill-injection primitive.* Any directory writable to the attacker on an ancestor path of the worker's CWD (shared `/tmp`, a nested CI mount, a dropbox/iCloud folder, a multi-tenant build agent, a git submodule whose parent repo is attacker-influenced) can drop a `.agents/skills//SKILL.md` and have it surface as an `active: true` skill with full dispatch via `claw`'s slash-command path. Skill descriptions are free-form Markdown fed into the agent's context; a crafted `description:` becomes a prompt-injection payload the agent willingly reads before it realizes which file it's reading. -- Source: `ROADMAP.md:L1613` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0145-asymmetric-with-agents-discovery-project -- Title: *Asymmetric with agents discovery.* Project agents (`/agents` surface) have explicit project-scoping via `ConfigLoader`; skills discovery does not. The two diverge on which context is considered "project." -- Source: `ROADMAP.md:L1614` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0146-terminate-the-ancestor-walk-at-the-proje -- Title: *Terminate the ancestor walk at the project root.* Plumb `ConfigLoader::project_root()` (or git-toplevel) into `discover_skill_roots` and stop at that boundary. Skills above the project root are ignored — they must be installed explicitly (via `claw skills install` or a settings entry). -- Source: `ROADMAP.md:L1617` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0147-optionally-also-terminate-at-home-if-the -- Title: *Optionally also terminate at `$HOME`.* If the project root can't be resolved, stop at `$HOME` so a worker in `/Users/me/foo` never reads from `/Users/`, `/`, `/private`, etc. -- Source: `ROADMAP.md:L1618` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0148-require-acknowledgment-for-cross-project -- Title: *Require acknowledgment for cross-project skills.* If an ancestor skill is inherited (intentional monorepo case), require an explicit `allow_ancestor_skills` toggle in `settings.json` and emit an event when ancestor-sourced skills are loaded. Matches the intent of ROADMAP principle #5 ("partial success / degraded mode is first-class") — surface the fact that skills are coming from outside the canonical project root. -- Source: `ROADMAP.md:L1619` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0149-mirror-the-same-fix-in-rust-crates-tools -- Title: *Mirror the same fix in `rust/crates/tools/src/lib.rs::push_project_skill_lookup_roots`* so the *executable* skill surface matches the *listed* skill surface. Today they share the same ancestor-walk bug, so the fix must apply to both. -- Source: `ROADMAP.md:L1620` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0150-regression-tests-a-worker-in-tmp-attacke -- Title: *Regression tests:* (a) worker in `/tmp/attacker/.agents/skills/rogue` + inner CWD → `rogue` must not be surfaced; (b) worker in a user home subdir → `~/.agents/skills/*` must not leak unless explicitly allowed; (c) explicit monorepo case: `settings.json { "skills": { "allow_ancestor": true } }` → inherited skills reappear, annotated with their source path. -- Source: `ROADMAP.md:L1621` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0151-claw-json-with-invalid-json-is-silently -- Title: **`.claw.json` with invalid JSON is silently discarded and `claw doctor` still reports `Config: ok — runtime config loaded successfully`** — dogfooded 2026-04-17 on main HEAD `586a92b` against `/tmp/cd7`. A user's own legacy config file is parsed, fails, gets dropped on the floor, and every diagnostic surface claims success. Permissions revert to defaults, MCP servers go missing, provider fallbacks stop applying — without a single signal that the operator's config never made it into `RuntimeConfig`. -- Source: `ROADMAP.md:L1629` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0152-the-user-s-current-claw-json-is-now-indi -- Title: The user's *current* `.claw.json` is now indistinguishable from a historical stale `.claw.json` — any typo silently wipes out their permissions/MCP/aliases config on the next invocation. -- Source: `ROADMAP.md:L1655` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0153-no-signal-is-emitted-a-claw-reading-claw -- Title: No signal is emitted. A claw reading `claw --output-format json doctor` sees `config ok`, reports "config is fine," and proceeds to run with wrong permissions/missing MCP. This is exactly the "surface lies about runtime truth" shape from the #80–#84 cluster, at the config layer. -- Source: `ROADMAP.md:L1656` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0154-replace-the-silent-skip-with-a-loud-warn -- Title: *Replace the silent skip with a loud warn-and-skip.* In `read_optional_json_object` at `config.rs:690` and `:695`, instead of `return Ok(None)` on parse failure for `.claw.json`, return `Ok(Some(ParsedConfigFile::empty_with_warning(…)))` (or similar) with the parse error captured as a structured warning. Plumb that warning into `ConfigLoader::load()` alongside the existing `all_warnings` collection so it surfaces on stderr and in `doctor`'s detail block. -- Source: `ROADMAP.md:L1661` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0155-flip-the-doctor-verdict-when-loaded-coun -- Title: *Flip the doctor verdict when `loaded_count < present_count`.* In `rusty-claude-cli/src/main.rs:1747-1755`, when `present_count > 0 && loaded_count < present_count`, emit `DiagnosticLevel::Warn` (or `Fail` when *all* discovered files fail to load) with a summary like `"loaded N/{present_count} config files; {present_count - N} skipped due to parse errors"`. Add a structured field `skipped_files` / `skip_reasons` to the JSON surface so clawhip can branch on it. -- Source: `ROADMAP.md:L1662` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0156-regression-tests-a-corrupt-claw-json-doc -- Title: *Regression tests:* (a) corrupt `.claw.json` → `doctor` emits `warn` with a skipped-files detail; (b) corrupt `.claw.json` → `status` shows a `config_skipped: 1` marker; (c) `loaded_entries.len()` equals zero while `discover()` returns one → never `DiagnosticLevel::Ok`. -- Source: `ROADMAP.md:L1663` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0157-fresh-workspace-default-permission-mode -- Title: **Fresh workspace default `permission_mode` is `danger-full-access` with zero warning in `claw doctor` and no auditable trail of how the mode was chosen — every unconfigured claw spawn runs fully unattended at maximum permission** — dogfooded 2026-04-17 on main HEAD `d6003be` against `/tmp/cd8`. A fresh workspace with no `.claw.json`, no `RUSTY_CLAUDE_PERMISSION_MODE` env var, no `--permission-mode` flag produces: -- Source: `ROADMAP.md:L1671` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0158-no-preflight-signal-roadmap-section-3-5 -- Title: *No preflight signal.* ROADMAP section 3.5 ("Boot preflight / doctor contract") explicitly requires machine-readable preflight to surface state that determines whether a lane is safe to start. Permission mode is precisely that kind of state — a lane at `danger-full-access` has a larger blast radius than one at `workspace-write` — and `doctor` omits it entirely. -- Source: `ROADMAP.md:L1691` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0159-no-provenance-a-clawhip-orchestrator-spa -- Title: *No provenance.* A clawhip orchestrator spawning 20 lanes has no way to distinguish "operator intentionally set `defaultMode: danger-full-access` in the shared config" from "config was missing or typo'd (see #86) and all 20 workers silently fell back to `danger-full-access`." The two outcomes are observably identical at the status layer. -- Source: `ROADMAP.md:L1692` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0160-least-privilege-inversion-for-an-interac -- Title: *Least-privilege inversion.* For an `interactive` harness a permissive default is defensible; for a *batch claw harness* it inverts the normal least-privilege principle. A worker should have to *opt in* to full access, not have it handed to them when config is missing. -- Source: `ROADMAP.md:L1693` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0161-interacts-badly-with-86-a-corrupted-claw -- Title: *Interacts badly with #86.* A corrupted `.claw.json` that specifies `permissions.defaultMode: "plan"` is silently dropped, and the fallback reverts to `danger-full-access` with `doctor` reporting `Config: ok`. So the same typo path that wipes a user's permission choice also escalates them to maximum permission, and nothing in the diagnostic surface says so. -- Source: `ROADMAP.md:L1694` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0162-add-a-permission-or-permissions-doctor-c -- Title: *Add a `permission` (or `permissions`) doctor check.* Mirror `check_sandbox_health`'s shape: emit `DiagnosticLevel::Warn` when the effective mode is `DangerFullAccess` *and* the mode was chosen by fallback (not by explicit env / config / CLI flag). Emit `DiagnosticLevel::Ok` otherwise. Detail lines should include the effective mode, the source (`fallback` / `env:RUSTY_CLAUDE_PERMISSION_MODE` / `config:.claw.json` / `cli:--permission-mode`), and the set of tools whose `required_permission` the current mode satisfies. -- Source: `ROADMAP.md:L1697` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0163-surface-permission-mode-source-in-status -- Title: *Surface `permission_mode_source` in `status` JSON.* Alongside the existing `permission_mode` field, add `permission_mode_source: "fallback" | "env" | "config" | "cli"`. `fn default_permission_mode` becomes `fn resolve_permission_mode() -> (PermissionMode, PermissionModeSource)`. No behavior change; just provenance a claw can audit. -- Source: `ROADMAP.md:L1698` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0164-consider-flipping-the-fallback-default-f -- Title: *Consider flipping the fallback default.* For the subset of invocations that are clearly non-interactive (`--output-format json`, `--resume`, piped stdin) make the fallback `WorkspaceWrite` or `Prompt`, and require an explicit flag / config / env var to escalate to `DangerFullAccess`. Keep `DangerFullAccess` as the interactive-REPL default if that is the intended philosophy, but *announce* it via the new doctor check so a claw can branch on it. This third piece is a judgment call and can ship separately from pieces 1+2. -- Source: `ROADMAP.md:L1699` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0165-discover-instruction-files-walks-cwd-anc -- Title: **`discover_instruction_files` walks `cwd.ancestors()` unbounded and loads every `CLAUDE.md` / `CLAUDE.local.md` / `.claw/CLAUDE.md` / `.claw/instructions.md` it finds into the *system prompt* as trusted "Claude instructions" — direct prompt injection from any ancestor directory, including world-writable `/tmp`** — dogfooded 2026-04-17 on main HEAD `82bd8bb` from `/tmp/claude-md-injection/inner/work`. An attacker-controlled `CLAUDE.md` one directory above the worker is read verbatim into the agent's system prompt under the `# Claude instructions` section. -- Source: `ROADMAP.md:L1707` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0166-system-prompt-not-tool-surface-85-s-inje -- Title: *System prompt, not tool surface.* #85's injection primitive placed a crafted skill on disk and required the agent to invoke it (via `/rogue` slash-command or equivalent). #88 places crafted *text* into the system prompt verbatim, with no agent action required — the injection fires on every turn, before the user even sends their first message. -- Source: `ROADMAP.md:L1745` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0167-lower-bar-for-the-attacker-a-claude-md-i -- Title: *Lower bar for the attacker.* A `CLAUDE.md` is raw Markdown with no frontmatter; it doesn't even need a YAML header; it doesn't need a subdirectory structure. `/tmp/CLAUDE.md` alone is sufficient. -- Source: `ROADMAP.md:L1746` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0168-world-writable-drop-point-is-standard-tm -- Title: *World-writable drop point is standard.* `/tmp` is writable by every local user on the default macOS / Linux configuration. A malicious local user (or a runaway build artifact, or a `curl | sh` installer that dropped `/tmp/CLAUDE.md` by accident) sets up the injection for every `claw` invocation under `/tmp/anything` until someone notices. -- Source: `ROADMAP.md:L1747` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0169-no-visible-signal-in-claw-doctor-claw-sy -- Title: *No visible signal in `claw doctor`.* `claw system-prompt` exposes the loaded files if the operator happens to run it, but `claw doctor` / `claw status` / `claw --output-format json doctor` say nothing about how many instruction files were loaded or where they came from. The `workspace` check reports `memory_files: N` as a count, but not the paths. An orchestrator preflighting lanes cannot tell "this lane will ingest `/tmp/CLAUDE.md` as authoritative agent guidance." -- Source: `ROADMAP.md:L1748` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0170-same-structural-bug-family-as-85-same-st -- Title: *Same structural bug family as #85, same structural fix.* Both `discover_skill_roots` (`commands/src/lib.rs:2795`) and `discover_instruction_files` (`prompt.rs:203`) are unbounded `cwd.ancestors()` walks. `discover_definition_roots` for agents (`commands/src/lib.rs:2724`) is the third sibling. All three need the same project-root / `$HOME` bound with an explicit opt-in for monorepo inheritance. -- Source: `ROADMAP.md:L1749` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0171-terminate-the-ancestor-walk-at-the-proje -- Title: *Terminate the ancestor walk at the project root.* Plumb `ConfigLoader::project_root()` (git toplevel, or the nearest ancestor containing `.claw.json` / `.claw/`) into `discover_instruction_files` and stop at that boundary. Ancestor instruction files above the project root are ignored unless an explicit opt-in is set. -- Source: `ROADMAP.md:L1752` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0172-fallback-bound-at-home-if-the-project-ro -- Title: *Fallback bound at `$HOME`.* If the project root cannot be resolved, stop at `$HOME` so a worker under `/Users/me/foo` never reads from `/Users/`, `/`, `/private`, etc. -- Source: `ROADMAP.md:L1753` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0173-surface-loaded-instruction-files-in-doct -- Title: *Surface loaded instruction files in `doctor`.* Add a `memory` / `instructions` check that emits the resolved path list + per-file byte count. A clawhip preflight can then gate on "unexpected instruction files above the project root." -- Source: `ROADMAP.md:L1754` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0174-require-opt-in-for-cross-project-inherit -- Title: *Require opt-in for cross-project inheritance.* `settings.json { "instructions": { "allow_ancestor": true } }` to preserve the legitimate monorepo use case where a parent `CLAUDE.md` should apply to nested checkouts. Annotate ancestor-sourced files with `source: "ancestor"` in the doctor/status JSON so orchestrators see the inheritance explicitly. -- Source: `ROADMAP.md:L1755` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0175-regression-tests-a-worker-under-tmp-atta -- Title: *Regression tests:* (a) worker under `/tmp/attacker/CLAUDE.md` → `/tmp/attacker/CLAUDE.md` must not appear in the system prompt; (b) worker under `$HOME/scratch` with `~/CLAUDE.md` present → home-level `CLAUDE.md` must not leak unless `allow_ancestor` is set; (c) legitimate repo layout (`/project/CLAUDE.md` with worker at `/project/sub/worker`) → still works; (d) explicit opt-in case → ancestor file appears with `source: "ancestor"` in status JSON. -- Source: `ROADMAP.md:L1756` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0176-claw-is-blind-to-mid-operation-git-state -- Title: **`claw` is blind to mid-operation git states (rebase-in-progress, merge-in-progress, cherry-pick-in-progress, bisect-in-progress) — `doctor` returns `Workspace: ok` on a workspace that is literally paused on a conflict** — dogfooded 2026-04-17 on main HEAD `9882f07` from `/tmp/git-state-probe`. A branch rebase that halted on a conflict leaves the workspace in the `rebase-merge` state with conflict files in the index and `HEAD` detached on the rebase's intermediate commit. `claw`'s workspace surface reports this as a plain dirty workspace on "branch detached HEAD," with no signal that the lane is mid-operation and cannot safely accept new work. -- Source: `ROADMAP.md:L1764` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0177-preflight-blindness-a-clawhip-orchestrat -- Title: *Preflight blindness.* A clawhip orchestrator that runs `claw doctor` before spawning a lane gets `workspace: ok` on a workspace whose next `git commit` will corrupt rebase metadata, whose `HEAD` moves on `git rebase --continue`, and whose test suite is currently running against an intermediate tree that does not correspond to any real branch tip. -- Source: `ROADMAP.md:L1788` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0178-stale-branch-detection-breaks-the-princi -- Title: *Stale-branch detection breaks.* The principle-4 test ("is this branch up to date with base?") is meaningless when `HEAD` is pointing at a rebase's intermediate commit. A claw that runs `git log base..HEAD` against a rebase-in-progress `HEAD` gets noise, not a freshness verdict. -- Source: `ROADMAP.md:L1789` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0179-no-recovery-surface-even-when-a-claw-som -- Title: *No recovery surface.* Even when a claw somehow detects the bad state from another source, it has nothing in `claw`'s own machine-readable output to anchor its recovery: no `operation.kind = "rebase"`, no `operation.abort_hint = "git rebase --abort"`, no `operation.resume_hint = "git rebase --continue"`. Recovery becomes text-scraping terminal output — exactly the shape ROADMAP principle #6 ("Terminal is transport, not truth") argues against. -- Source: `ROADMAP.md:L1790` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0180-same-surface-lies-about-runtime-truth-fa -- Title: *Same "surface lies about runtime truth" family as #80–#87.* The workspace doctor check asserts `ok` for a state that is anything but. Operator reads the doctor output, believes the workspace is healthy, launches a worker, corrupts the rebase. -- Source: `ROADMAP.md:L1791` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0181-detect-in-progress-git-operations-in-par -- Title: *Detect in-progress git operations.* In `parse_git_workspace_summary` (or a sibling `detect_git_operation`), check for marker files: `.git/rebase-merge/`, `.git/rebase-apply/`, `.git/MERGE_HEAD`, `.git/CHERRY_PICK_HEAD`, `.git/BISECT_LOG`, `.git/REVERT_HEAD`. Map each to a typed `GitOperation::{ Rebase, Merge, CherryPick, Bisect, Revert }` enum variant. ~20 lines including tests. -- Source: `ROADMAP.md:L1794` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0182-expose-the-operation-in-status-and-docto -- Title: *Expose the operation in `status` and `doctor` JSON.* Add `workspace.git_operation: null | { kind: "rebase"|"merge"|"cherry_pick"|"bisect"|"revert", paused: bool, abort_hint: string, resume_hint: string }` to the workspace block. When `git_operation != null`, `check_workspace_health` emits `DiagnosticLevel::Warn` (not `Ok`) with a summary like `"rebase in progress; lane is not safe to accept new work"`. -- Source: `ROADMAP.md:L1795` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0183-preserve-the-existing-counts-changed-fil -- Title: *Preserve the existing counts*. `changed_files` / `conflicted_files` / `staged_files` stay where they are; the new `git_operation` field is additive so existing consumers don't break. -- Source: `ROADMAP.md:L1796` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0184-claw-mcp-json-text-surface-redacts-mcp-s -- Title: **`claw mcp` JSON/text surface redacts MCP server `env` values but dumps `args`, `url`, and `headersHelper` verbatim — standard secret-carrying fields leak to every consumer of the machine-readable MCP surface** — dogfooded 2026-04-17 on main HEAD `64b29f1` from `/tmp/cdB`. The MCP details surface deliberately redacts `env` to `env_keys` (only key names, not values) and `headers` to `header_keys` — a correct design choice. The same surface then dumps `args`, the `url`, and `headersHelper` unredacted, even though all three routinely carry inline credentials. -- Source: `ROADMAP.md:L1804` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0185-machine-readable-surface-consumed-by-aut -- Title: *Machine-readable surface consumed by automation.* `mcp list --output-format json` is the surface clawhip / orchestrators are designed to scrape for preflight and lane setup. Any consumer that logs the JSON (Discord announcement, CI artifact, debug log, session transcript export — see `claw export` — bug tracker attachment) now carries the MCP server's secret material in plain text. -- Source: `ROADMAP.md:L1856` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0186-asymmetric-redaction-sends-the-wrong-sig -- Title: *Asymmetric redaction sends the wrong signal.* Because `env_keys` and `header_keys` are correctly redacted, a consumer reasonably assumes the surface is "secret-aware" across the board. The `args` / `url` / `headers_helper` leak is therefore *unexpected*, not loudly documented as caveat, and easy to miss during review. -- Source: `ROADMAP.md:L1857` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0187-standard-patterns-are-hit-every-one-of-t -- Title: *Standard patterns are hit.* Every one of the examples above is a **standard** way of wiring MCP servers: `--api-key`, `--token=...`, `postgres://user:pass@host/db`, `--url=https://@host/...`, helper scripts that take credentials as args. The MCP docs and most community server configs look exactly like this. The leak isn't a weird edge case; it's the common case. -- Source: `ROADMAP.md:L1858` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0188-no-mcp-secret-leak-risk-preflight-claw-d -- Title: *No `mcp.secret_leak_risk` preflight.* `claw doctor` says nothing about whether an MCP server's args or URL look like they contain high-entropy secret material. Even a primitive `token=` / `api[-_]key` / `password=` / `https?://[^/:]+:[^@]+@` regex sweep would raise a `warn` in exactly these cases. -- Source: `ROADMAP.md:L1859` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0189-redact-args-to-args-summary-shape-preser -- Title: *Redact args to `args_summary` (shape-preserving) + `args_len` (count).* Replace `args: &config.args` with `args_summary` that records the count, which flags look like they carry secrets (heuristic: `--api-key`, `--token`, `--password`, `--auth`, `--secret`, `=` containing high-entropy tail, inline `user:pass@`), and emits redacted placeholders like `"--api-key="`. A `--show-sensitive` flag on `claw mcp show` can opt back into full args when the operator explicitly wants them. -- Source: `ROADMAP.md:L1862` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0190-redact-url-basic-auth-for-any-url-that-c -- Title: *Redact URL basic-auth.* For any URL that contains `user:pass@`, emit the URL with the password segment replaced by `` and add `url_has_credentials: true` so consumers can branch on it. Query-string secrets (`?api_key=...`, `?token=...`) get the same redaction heuristic as args. -- Source: `ROADMAP.md:L1863` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0191-redact-headershelper-argv-split-on-white -- Title: *Redact `headersHelper` argv.* Split on whitespace, keep `argv[0]` (the command path), apply the args heuristic from piece 1 to the rest. -- Source: `ROADMAP.md:L1864` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0192-optional-add-a-mcp-secret-posture-doctor -- Title: *Optional: add a `mcp_secret_posture` doctor check.* Emit `warn` when any configured MCP server has args/URL/helper matching the secret heuristic and no opt-in has been granted. Actionable: "move the secret to `env`, reference it via `${ENV_VAR}` interpolation, or explicitly `allow_sensitive_in_args` in settings." -- Source: `ROADMAP.md:L1865` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0193-config-accepts-5-undocumented-permission -- Title: **Config accepts 5 undocumented permission-mode aliases (`default`, `plan`, `acceptEdits`, `auto`, `dontAsk`) that silently collapse onto 3 canonical modes — `--permission-mode` CLI flag rejects all 5 — and `"dontAsk"` in particular sounds like "quiet mode" but maps to `danger-full-access`** — dogfooded 2026-04-18 on main HEAD `478ba55` from `/tmp/cdC`. Two independent permission-mode parsers disagree on which labels are valid, and the config-side parser collapses the semantic space silently. -- Source: `ROADMAP.md:L1873` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0194-surface-to-surface-disagreement-principl -- Title: *Surface-to-surface disagreement.* Principle #2 ("Truth is split across layers") is violated: the same binary accepts a label in one surface and rejects it in another. An orchestrator that attempts to mirror a lane's config into a child lane via `--permission-mode` cannot round-trip through its own `permissions.defaultMode` if the original uses an alias. -- Source: `ROADMAP.md:L1910` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0195-dontask-is-a-footgun-the-most-permissive -- Title: *`"dontAsk"` is a footgun.* The most permissive mode has the friendliest-sounding alias. No security copy-review step will flag `"dontAsk"` as alarming; it reads like a noise preference. Clawhip / batch orchestrators that replay other operators' configs inherit the full-access escalation without a `danger` keyword ever appearing in the audit trail. -- Source: `ROADMAP.md:L1911` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0196-lossy-provenance-status-permission-mode -- Title: *Lossy provenance.* `status.permission_mode` reports the collapsed canonical label. A claw that logs its own permission posture cannot reconstruct whether the operator wrote `"plan"` and expected plan-mode behavior, or wrote `"read-only"` intentionally. -- Source: `ROADMAP.md:L1912` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0197-plan-implies-runtime-semantics-that-don -- Title: *`"plan"` implies runtime semantics that don't exist.* Writing `"defaultMode": "plan"` is a reasonable attempt to use plan-mode (see `ExitPlanMode` in `--allowedTools` enumeration, see REPL `/plan [on|off]` slash command in `--help`). The config-time collapse to `ReadOnly` means the agent does *not* treat `ExitPlanMode` as a meaningful exit event; a claw relying on `ExitPlanMode` as a typed "agent proposes to execute" signal sees nothing, because the agent was never in plan mode to begin with. -- Source: `ROADMAP.md:L1913` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0198-align-the-two-parsers-either-a-drop-the -- Title: *Align the two parsers.* Either (a) drop the non-canonical aliases from `parse_permission_mode_label`, or (b) extend `normalize_permission_mode` to accept the same set and emit them canonicalized via a shared helper. Whichever direction, the two surfaces must accept and reject identical strings. -- Source: `ROADMAP.md:L1916` (`roadmap_action`) -- Bucket/status: `post_2_0_research` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0199-promote-provenance-in-status-add-permiss -- Title: *Promote provenance in `status`.* Add `permission_mode_raw: "plan"` alongside `permission_mode: "read-only"` so a claw can see the original label. Pair with the existing `permission_mode_source` from #87 so provenance is complete. -- Source: `ROADMAP.md:L1917` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0200-kill-dontask-or-warn-on-it-either-a-remo -- Title: *Kill `"dontAsk"` or warn on it.* Either (a) remove the alias entirely (forcing operators to spell `"danger-full-access"` when they mean it — the name should carry the risk), or (b) keep the alias but have `doctor` emit a `warn` check when `permission_mode_raw == "dontAsk"` that explicitly says "this alias maps to danger-full-access; spell it out to confirm intent." Option (a) is more honest; option (b) is less breaking. -- Source: `ROADMAP.md:L1918` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0201-decide-whether-plan-should-map-to-someth -- Title: *Decide whether `"plan"` should map to something real.* Either (a) drop the alias and require operators to use `"read-only"` if that's what they want, or (b) introduce a real `PermissionMode::Plan` runtime variant with distinct semantics (e.g., deny all tools except `ExitPlanMode` and read-only tools) so `"plan"` means plan-mode. Orthogonal to pieces 1–3 and can ship independently. -- Source: `ROADMAP.md:L1919` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0202-mcp-command-args-and-url-config-fields-a -- Title: **MCP `command`, `args`, and `url` config fields are passed to `execve`/URL-parse **verbatim** — no `${VAR}` interpolation, no `~/` home expansion, no preflight check, no doctor warning — so standard config patterns silently fail at MCP connect time with confusing "No such file or directory" errors** — dogfooded 2026-04-18 on main HEAD `d0de86e` from `/tmp/cdE`. Every MCP stdio configuration on the web uses `${VAR}` / `~/...` syntax for command paths and credentials; `claw` stores them literally and hands the literal strings to `Command::new` at spawn time. -- Source: `ROADMAP.md:L1927` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0203-silent-mismatch-with-ecosystem-conventio -- Title: *Silent mismatch with ecosystem convention.* Every public MCP server README (`@modelcontextprotocol/server-filesystem`, `@modelcontextprotocol/server-github`, etc.) uses `${VAR}` / `~/` in example configs. Operators copy-paste those configs expecting standard shell-style interpolation. `claw` accepts the config, reports `doctor: ok`, and fails opaquely at spawn. The failure mode is far from the cause. -- Source: `ROADMAP.md:L1953` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0204-secret-placement-footgun-operators-who-k -- Title: *Secret-placement footgun.* Operators who know the interpolation is missing are forced to either (a) hardcode secrets in `.claw.json` (which triggers the #90 redaction problem) or (b) write a wrapper shell script as the `command` and interpolate there. Both paths push them toward worse security postures than the ecosystem norm. -- Source: `ROADMAP.md:L1954` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0205-doctor-surface-is-silent-about-the-risk -- Title: *Doctor surface is silent about the risk.* No check in `claw doctor` greps `command` / `args` / `url` / `headers` for literal `${`, `$`, `~/` and flags them. A clawhip preflight that gates on `doctor.status == "ok"` proceeds to spawn a lane whose MCP server will fail. -- Source: `ROADMAP.md:L1955` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0206-error-at-the-far-end-is-unhelpful-when-t -- Title: *Error at the far end is unhelpful.* When the spawn does fail at MCP connect time, the error originates in `mcp_stdio.rs`'s `spawn()` returning an `io::Error` whose text is something like `"No such file or directory (os error 2)"`. The user-facing error path strips the command path, loses the "we passed `${HOME}/bin/my-server` to execve literally" context, and prints a generic `ENOENT` with no pointer back to the config source. -- Source: `ROADMAP.md:L1956` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0207-round-trip-from-upstream-configs-fails-r -- Title: *Round-trip from upstream configs fails.* ROADMAP #88 (Claude Code parity) and the general "run existing MCP configs on claw" use case presume operators can copy Claude Code / other-harness `.mcp.json` files over. Literal-`${VAR}` behavior breaks that assumption for any config that uses interpolation — which is most of them. -- Source: `ROADMAP.md:L1957` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0208-add-interpolation-at-config-load-time-in -- Title: *Add interpolation at config-load time.* In `parse_mcp_server_config` (or a shared `resolve_config_strings` helper in `runtime/src/config.rs`), expand `${VAR}` and `~/` in `command`, `args`, `url`, `headers`, `headers_helper`, `install_root`, `registry_path`, `bundled_root`, and similar string-path fields. Use a conservative substitution (only fully-formed `${VAR}` / leading `~/`; do not touch bare `$VAR`). Missing-variable policy: default to empty string with a `warning:` printed on stderr + captured into `ConfigLoader::all_warnings`, so a typo like `${APIP_KEY}` (missing `_`) is loud. Make the substitution optional via a `{"config": {"expand_env": false}}` settings toggle for operators who specifically want literal `$`/`~` in paths. -- Source: `ROADMAP.md:L1960` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0209-add-a-mcp-config-interpolation-doctor-ch -- Title: *Add a `mcp_config_interpolation` doctor check.* When any MCP `command`/`args`/`url`/`headers`/`headers_helper` contains a literal `${`, bare `$VAR`, or leading `~/`, emit `DiagnosticLevel::Warn` naming the field and server. Lets a clawhip preflight distinguish "operator forgot to export the env var" from "operator's config is fundamentally wrong." Pairs cleanly with #90's `mcp_secret_posture` check. -- Source: `ROADMAP.md:L1961` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0210-resume-reference-semantics-silently-fork -- Title: **`--resume ` semantics silently fork on a brittle "looks-like-a-path" heuristic — `session-X` goes to the managed store but `session-X.jsonl` opens a workspace-relative file, and any absolute path is opened verbatim with no workspace scoping** — dogfooded 2026-04-18 on main HEAD `bab66bb` from `/tmp/cdH`. The flag accepts the same-looking string in two very different code paths depending on whether `PathBuf::extension()` returns `Some` or `path.components().count() > 1`. -- Source: `ROADMAP.md:L1969` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0211-two-user-visible-shapes-for-one-intended -- Title: *Two user-visible shapes for one intended contract.* The `/session list` REPL command presents session ids as `session-1776441782197-0`. Operators naturally try `--resume session-1776441782197-0` (works) and `--resume session-1776441782197-0.jsonl` (silently breaks). The mental model "it's a file; I'll add the extension" is wrong, and nothing in the error message (`session not found: session-1776441782197-0.jsonl`) explains that the extension silently switched the lookup mode. -- Source: `ROADMAP.md:L2020` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0212-batch-orchestrator-surprise-clawhip-styl -- Title: *Batch orchestrator surprise.* Clawhip-style tooling that persists session ids and passes them back through `--resume` cannot depend on round-tripping: a session id that came out of `claw --output-format json status` as `"session-...-0"` under `workspace.session_id` must be passed *without* a `.jsonl` suffix or without any slash-containing directory prefix. Any path-munging that an orchestrator does along the way flips the lookup mode. -- Source: `ROADMAP.md:L2021` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0213-no-workspace-scoping-even-if-the-heurist -- Title: *No workspace scoping.* Even if the heuristic is kept as-is, `candidate.exists()` should canonicalize the path and refuse it if it escapes `self.workspace_root`. As shipped, `--resume /etc/passwd` / `--resume ../other-project/.claw/sessions//foreign.jsonl` both proceed to read arbitrary files. -- Source: `ROADMAP.md:L2022` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0214-symlink-follow-inside-managed-path-the-m -- Title: *Symlink-follow inside managed path.* The managed-path branch (where operators trust that `.claw/sessions/` is internally safe) silently follows symlinks out of the workspace, turning a weak "managed = scoped" assumption into a false one. -- Source: `ROADMAP.md:L2023` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0215-principle-6-violation-terminal-is-transp -- Title: *Principle #6 violation.* "Terminal is transport, not truth" is echoed by "session id is an opaque handle, not a path." Letting the flag accept both shapes interchangeably — with a heuristic that the operator can only learn by experiment — is the exact "semantics leak through accidental inputs" shape principle #6 argues against. -- Source: `ROADMAP.md:L2024` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0216-separate-the-two-shapes-into-explicit-su -- Title: *Separate the two shapes into explicit sub-arguments.* `--resume ` for managed ids (stricter character class; reject `.` and `/`); `--resume-file ` for explicit file paths. Deprecate the combined shape behind a single rewrite cycle. Keep the `latest` alias. -- Source: `ROADMAP.md:L2027` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0217-if-keeping-the-combined-shape-canonicali -- Title: *If keeping the combined shape, canonicalize and scope the path.* After resolving `candidate`, call `candidate.canonicalize()?` and assert the result starts with `self.workspace_root.canonicalize()?` (or an allow-listed set of roots). Reject with a typed error `SessionControlError::OutsideWorkspace { requested, workspace_root }` otherwise. This also covers the symlink-escape inside `.claw/sessions//`. -- Source: `ROADMAP.md:L2028` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0218-surface-the-resolved-path-in-resume-succ -- Title: *Surface the resolved path in `--resume` success.* `status` / `session list` already print the path; `--resume` currently prints `{"kind":"restored","path":…}` on success, but on the *failure* path the resolved vs requested distinction is lost (error shows only the requested string). Return both so an operator can tell whether the file-path branch or the managed-id branch was chosen. -- Source: `ROADMAP.md:L2029` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0219-permission-rules-permissions-allow-permi -- Title: **Permission rules (`permissions.allow` / `permissions.deny` / `permissions.ask`) are loaded without validating tool names against the known tool registry, case-sensitively matched against the lowercase runtime tool names, and invisible in every diagnostic surface — so typos and case mismatches silently become non-enforcement** — dogfooded 2026-04-18 on main HEAD `7f76e6b` from `/tmp/cdI`. Operators copy `"Bash(rm:*)"` (capital-B, the convention used in most Claude Code docs and community configs) into `permissions.deny`; `claw doctor` reports `config: ok`; the rule never fires because the runtime tool name is lowercase `bash`. -- Source: `ROADMAP.md:L2037` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0220-silent-non-enforcement-of-safety-rules-a -- Title: *Silent non-enforcement of safety rules.* An operator who writes `"deny":["Bash(rm:*)"]` expecting rm to be denied gets **no** enforcement on two independent failure modes: (a) the tool name `Bash` doesn't match the runtime's `bash`; (b) even if spelled correctly, a typo like `"Bsh(rm:*)"` accepts silently. Both produce the same observable state as "no rule configured" — `config: ok`, `permission_mode: ...`, indistinguishable from never having written the rule at all. -- Source: `ROADMAP.md:L2060` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0221-cross-harness-config-portability-break-r -- Title: *Cross-harness config-portability break.* ROADMAP's implicit goal of running existing `.mcp.json` / Claude Code configs on `claw` (see PARITY.md) assumes the convention overlap is wide. Case-sensitive tool-name matching breaks portability at the permission layer specifically, silently, in exactly the direction that fails *open* (permissive) rather than fails *closed* (denying unknown tools). -- Source: `ROADMAP.md:L2061` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0222-no-preflight-audit-surface-clawhip-style -- Title: *No preflight audit surface.* Clawhip-style orchestrators cannot implement "refuse to spawn this lane unless it denies `Bash(rm:*)`" because they can't read the policy post-parse. They have to re-parse `.claw.json` themselves — which means they also have to re-implement the `parse_optional_permission_rules` + `PermissionRule::parse` semantics to match what claw actually loaded. -- Source: `ROADMAP.md:L2062` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0223-runs-contrary-to-the-existing-allowedtoo -- Title: *Runs contrary to the existing `--allowedTools` validation precedent.* The binary already knows the tool registry (as the `--allowedTools` error proves). Not threading the same list into the permission-rule parser is a small oversight with a large blast radius. -- Source: `ROADMAP.md:L2063` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0224-validate-rule-tool-names-against-the-reg -- Title: *Validate rule tool names against the registered tool set at config-load time.* In `parse_optional_permission_rules`, call into the same tool-alias table used by `--allowedTools` normalization (likely `tools::normalize_tool_alias` or similar) and either (a) reject unknown names with `ConfigError::Parse`, or (b) capture them into `ConfigLoader::all_warnings` so a typo becomes visible in `doctor` without hard-failing startup. Option (a) is stricter; option (b) is less breaking for existing configs that already work by accident. -- Source: `ROADMAP.md:L2066` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0225-case-fold-the-tool-name-compare-in-permi -- Title: *Case-fold the tool-name compare in `PermissionRule::matches`.* Normalize both sides to lowercase (or to the registry's canonical casing) before the `!=` compare. Covers the `Bash` vs `bash` ecosystem-convention gap. Document the normalization in `USAGE.md` / `CLAUDE.md`. -- Source: `ROADMAP.md:L2067` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0226-expose-loaded-permission-rules-in-status -- Title: *Expose loaded permission rules in `status` and `doctor` JSON.* Add `workspace.permission_rules: { allow: [...], deny: [...], ask: [...] }` to status JSON (each entry carrying `raw`, `resolved_tool_name`, `matcher`, and an `unknown_tool: bool` flag that flips true when the tool name didn't match the registry). Emit a `permission_rules` doctor check that reports `Warn` when any loaded rule references an unknown tool. Clawhip can now preflight on a typed field instead of re-parsing `.claw.json`. -- Source: `ROADMAP.md:L2068` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0227-claw-skills-install-path-always-writes-t -- Title: **`claw skills install ` always writes to the *user-level* registry (`~/.claw/skills/`) with no project-level scope, no uninstall subcommand, and no per-workspace confirmation — a skill installed from one workspace silently becomes active in every other workspace on the same machine** — dogfooded 2026-04-18 on main HEAD `b7539e6` from `/tmp/cdJ`. The install registry defaults to `$HOME/.claw/skills/`, the install subcommand has no sibling `uninstall` (only `/skills [list|install|help]` — no remove verb), and the installed skill is immediately visible as `active: true` under `source: user_claw` from every `claw` invocation on the same account. -- Source: `ROADMAP.md:L2076` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0228-least-privilege-least-scope-inversion-fo -- Title: *Least-privilege / least-scope inversion for skill surface.* A skill is live code the agent can invoke via slash-dispatch. Installing "this workspace's skill" into user scope by default is the skill analog of setting `permission_mode=danger-full-access` without asking — the default widens the blast radius beyond what the operator probably intended. -- Source: `ROADMAP.md:L2115` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0229-no-round-trip-a-clawhip-orchestrator-tha -- Title: *No round-trip.* A clawhip orchestrator that installs a skill for a lane, runs the lane, and wants to clean up has no machine-readable way to remove the skill it just installed. Forces orchestrators to shell out to `rm -rf` on a path they parsed out of the install output's `Installed path` line. -- Source: `ROADMAP.md:L2116` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0230-cross-workspace-contamination-any-mistak -- Title: *Cross-workspace contamination.* Any mistake in one workspace's skill install pollutes every other workspace on the same account. Doubly compounds with #85 (skill discovery walks ancestors unbounded) — an attacker who can write under an ancestor OR who can trick the operator into one bad `skills install` in any workspace lands a skill in the user-level registry that's now active in every future `claw` invocation. -- Source: `ROADMAP.md:L2117` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0231-runs-contrary-to-the-project-user-split -- Title: *Runs contrary to the project/user split ROADMAP already uses for settings.* `.claw/settings.local.json` is explicitly gitignored and explicitly project-local (`ConfigSource::Local`). Settings have a three-tier scope (`User` / `Project` / `Local`). Skills collapse all three tiers onto `User` at install time. The asymmetry makes the "project-scoped" mental model operators build from settings break when they reach skills. -- Source: `ROADMAP.md:L2118` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0232-add-a-scope-flag-to-claw-skills-install -- Title: *Add a `--scope` flag to `claw skills install`.* `--scope user` (current default behavior), `--scope project` (writes to `/.claw/skills//`), `--scope local` (writes to `/.claw/skills//` and adds an entry to `.claw/settings.local.json` if needed). Default: **prompt** the operator in interactive use, error-out with `--scope must be specified` in `--output-format json` use. Let orchestrators commit to a scope explicitly. -- Source: `ROADMAP.md:L2121` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0233-add-claw-skills-uninstall-name-and-skill -- Title: *Add `claw skills uninstall ` and `/skills uninstall ` slash-command.* Shares a helper with install; symmetric semantics; `--scope` aware; emits a structured JSON result identical in shape to the install receipt. Covers the machine-readable round-trip that #95 is missing. -- Source: `ROADMAP.md:L2122` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0234-surface-the-install-scope-in-claw-skills -- Title: *Surface the install scope in `claw skills` list output.* The current `source: user_claw / Project roots / etc.` label is close but collapses multiple physical locations behind a single bucket. Add `installed_path` to each skill record so an orchestrator can tell *"this one came from my workspace / this one is inherited from user home / this one is pulled in via ancestor walk (#85)."* Pairs cleanly with the #85 ancestor-walk bound — together the skill surface becomes auditable across scope. -- Source: `ROADMAP.md:L2123` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0235-claw-help-s-resume-safe-commands-one-lin -- Title: **`claw --help`'s "Resume-safe commands:" one-liner summary does not filter `STUB_COMMANDS` — 62 documented slash commands that are explicitly marked unimplemented still show up as valid resume-safe entries, contradicting the main Interactive slash commands list just above it (which *does* filter stubs per ROADMAP #39)** — **done (verified 2026-04-29):** the Resume-safe command summary now applies the same `STUB_COMMANDS` filter as the Interactive slash command block before rendering help, so unimplemented slash-command stubs no longer advertise as resume-safe. Added `stub_commands_absent_from_resume_safe_help` to lock the filtered one-liner contract alongside the existing REPL completion filter. Fresh proof: `cargo fmt --all --check`, `cargo test -p rusty-claude-cli stub_commands_absent_from_resume_safe_help -- --nocapture`, and `cargo test -p rusty-claude-cli parses_direct_cli_actions -- --nocapture` pass. Original filing below for traceability. -- Source: `ROADMAP.md:L2131` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0236-advertisement-contradicts-behavior-the-i -- Title: *Advertisement contradicts behavior.* The Interactive slash commands block (what operators read when they run `claw --help`) correctly hides stubs. The Resume-safe summary immediately below it re-advertises them. Two sections of the same help output disagree on what exists. -- Source: `ROADMAP.md:L2171` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0237-roadmap-39-is-partially-regressed-that-f -- Title: *ROADMAP #39 is partially regressed.* That filing locked in "hide stub commands from the discovery surfaces that mattered for the original report." Shared help rendering + REPL completions got the filter. The `--help` Resume-safe one-liner was missed. New stubs added to `STUB_COMMANDS` since #39 landed (budget, rate-limit, metrics, diagnostics, workspace, etc.) propagate straight into the Resume-safe listing without any guard. -- Source: `ROADMAP.md:L2172` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0238-claws-scraping-help-output-to-build-resu -- Title: *Claws scraping `--help` output to build resume-safe command lists get a 62-item superset of what actually works.* Orchestrators that parse the Resume-safe line to know which slash commands they can safely attempt in resume mode will generate invalid invocations for every stub. -- Source: `ROADMAP.md:L2173` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0239-apply-the-same-filter-used-by-the-intera -- Title: *Apply the same filter used by the Interactive block.* Change `resume_supported_slash_commands()` call at `main.rs:8270` to filter out entries whose name is in `STUB_COMMANDS`: -- Source: `ROADMAP.md:L2176` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0240-regression-test-add-an-assertion-paralle -- Title: *Regression test.* Add an assertion parallel to `stub_commands_absent_from_repl_completions` that parses the Resume-safe line from `render_help` output and asserts no entry matches `STUB_COMMANDS`. Lock the contract to prevent future regressions. -- Source: `ROADMAP.md:L2184` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0241-allowedtools-and-allowedtools-silently-y -- Title: **`--allowedTools ""` and `--allowedTools ",,"` silently yield an empty allow-set that blocks every tool, with no error, no warning, and no trace of the active tool-restriction anywhere in `claw status` / `claw doctor` / `claw --output-format json` surfaces — compounded by `allowedTools` being a *rejected unknown key* in `.claw.json`, so there is no machine-readable way to inspect or recover what the current active allow-set actually is** — dogfooded 2026-04-18 on main HEAD `3ab920a` from `/tmp/cdL`. `--allowedTools "nonsense"` correctly returns a structured error naming every valid tool. `--allowedTools ""` silently produces `Some(BTreeSet::new())` and all subsequent tool lookups fail `contains()` because the set is empty. Neither `status` JSON nor `doctor` JSON exposes `allowed_tools`, so a claw that accidentally restricted itself to zero tools has no observable signal to recover from. -- Source: `ROADMAP.md:L2192` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0242-silent-vs-loud-asymmetry-for-equivalent -- Title: *Silent vs. loud asymmetry for equivalent mis-input.* Typo `--allowedTools "nonsens"` → loud structured error naming every valid tool. Typo `--allowedTools ""` (likely produced by a shell variable that expanded to empty: `--allowedTools "$TOOLS"`) → silent zero-tool lane. Shell interpolation failure modes land in the silent branch. -- Source: `ROADMAP.md:L2242` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0243-no-observable-recovery-surface-a-claw-th -- Title: *No observable recovery surface.* A claw that booted with `--allowedTools ""` has no way to tell from `claw status`, `claw --output-format json status`, or `claw doctor` that its tool surface is empty. Every diagnostic says "ok." Failures surface only when the agent tries to call a tool and gets denied — pushing the problem to runtime prompt failures instead of preflight. -- Source: `ROADMAP.md:L2243` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0244-config-file-surface-is-locked-out-claw-j -- Title: *Config-file surface is locked out.* `.claw.json` cannot declare `allowedTools` — it fails validation with "unknown key." So a team that wants committed, reviewable tool-restriction policy has no path; they can only pass CLI flags at boot. And the CLI flag has the silent-empty footgun. Asymmetric hygiene. -- Source: `ROADMAP.md:L2244` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0245-semantically-ambiguous-allowedtools-coul -- Title: *Semantically ambiguous.* `--allowedTools ""` could reasonably mean (a) "no restriction, fall back to default," (b) "restrict to nothing, disable all tools," or (c) "invalid, error." The current behavior is silently (b) — the most surprising and least recoverable option. Compare to `.claw.json` where `"allowedTools": []` would be an explicit array literal — but that surface is disabled entirely. -- Source: `ROADMAP.md:L2245` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0246-adds-to-the-permission-audit-cluster-50 -- Title: *Adds to the permission-audit cluster.* #50 / #87 / #91 / #94 already cover permission-mode / permission-rule validation, default dangers, parser disagreement, and rule typo tolerance. #97 covers the *tool-allow-list* axis of the same problem: the knob exists, parses empty input silently, disables all tools, and hides its own active value from every diagnostic surface. -- Source: `ROADMAP.md:L2246` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0247-reject-empty-token-input-at-parse-time-i -- Title: *Reject empty-token input at parse time.* In `normalize_allowed_tools` (tools/src/lib.rs:192), after the inner token loop, if the accumulated `allowed` set is empty *and* `values` was non-empty, return `Err("--allowedTools was provided with no usable tool names (got '{raw}'). To restrict to no tools explicitly, pass --allowedTools none; to remove the restriction, omit the flag.")`. ~10 lines. -- Source: `ROADMAP.md:L2249` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0248-support-an-explicit-none-sentinel-if-the -- Title: *Support an explicit "none" sentinel if the "zero tools" lane is actually desirable.* If a claw legitimately wants "zero tools, purely conversational," accept `--allowedTools none` / `--allowedTools ""` with an explicit opt-in. But reject the ambiguous silent path. -- Source: `ROADMAP.md:L2250` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0249-surface-active-allow-set-in-status-json -- Title: *Surface active allow-set in `status` JSON and `doctor` JSON.* Add a top-level `allowed_tools: {source: "flag"|"config"|"default", entries: [...]}` field to the status JSON builder (main.rs `:4951`). Add a `tool_restrictions` doctor check that reports the active allow-set and flags suspicious shapes (empty, single tool, missing Read/Bash for a coding lane). ~40 lines across status + doctor. -- Source: `ROADMAP.md:L2251` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0250-accept-allowedtools-or-a-safer-alternati -- Title: *Accept `allowedTools` (or a safer alternative name) in `.claw.json`.* Or emit a clearer error pointing to the CLI flag as the correct surface. Right now `allowedTools` is silently treated as "unknown field," which is technically correct but operationally hostile — the user typed a plausible key name and got a generic schema failure. -- Source: `ROADMAP.md:L2252` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0251-regression-tests-one-for-normalize-allow -- Title: *Regression tests.* One for `normalize_allowed_tools(&[""])` returning `Err`. One for `--allowedTools ""` on the CLI returning a non-zero exit with a structured error. One for status JSON exposing `allowed_tools` when the flag is active. -- Source: `ROADMAP.md:L2253` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0252-compact-is-silently-ignored-outside-the -- Title: **`--compact` is silently ignored outside the `Prompt → Text` path: `--compact --output-format json` (explicitly documented as "text mode only" in `--help` but unenforced), `--compact status`, `--compact doctor`, `--compact sandbox`, `--compact init`, `--compact export`, `--compact mcp`, `--compact skills`, `--compact agents`, and `claw --compact` with piped stdin (hardcoded `compact: false` at the stdin fallthrough). No error, no warning, no diagnostic trace anywhere** — dogfooded 2026-04-18 on main HEAD `7a172a2` from `/tmp/cdM`. `--help` at `main.rs:8251` explicitly documents "`--compact` (text mode only; useful for piping)"; the implementation *knows* the flag is only meaningful for the text branch of the prompt turn output, but does not refuse or warn in any other case. A claw piping output through `claw --compact --output-format json prompt "..."` gets the same verbose JSON blob as without the flag, silently, with no indication that its documented behavior was discarded. -- Source: `ROADMAP.md:L2261` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0253-documented-behavior-silently-discarded-h -- Title: *Documented behavior, silently discarded.* `--help` tells operators the flag applies in "text mode only." That is the honest constraint. But the implementation never refuses non-text use — it just quietly drops the flag. A claw that piped `claw --compact --output-format json "..."` into a downstream parser would reasonably expect the JSON to be compacted (the human-readable `--help` sentence is ambiguous about whether "text mode only" means "ignored in JSON" or "does not apply in JSON, but will be applied if you pass text"). The current behavior is option 1; the documented intent could be read as either. -- Source: `ROADMAP.md:L2306` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0254-silent-no-op-scope-is-broad-nine-cliacti -- Title: *Silent no-op scope is broad.* Nine CliAction variants (Status, Sandbox, Doctor, Init, Export, Mcp, Skills, Agents, plus stdin-piped Prompt) accept `--compact` on the command line, parse it successfully, and throw the value away without surfacing anything. That's a large set of commands that silently lie about flag support. -- Source: `ROADMAP.md:L2307` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0255-stdin-piped-prompt-hardcodes-compact-fal -- Title: *Stdin-piped Prompt hardcodes `compact: false`.* The stdin fallthrough at `:614` constructs `CliAction::Prompt { ..., compact: false, ... }` regardless of the user's `--compact`. This is actively hostile: the user opted in, the flag was parsed, and the value is silently overridden by a hardcoded `false`. A claw running `echo "summarize" | claw --compact "$model"` gets full verbose output, not the piping-friendly compact form advertised in `--help`'s own `claw --compact "summarize Cargo.toml" | wc -l` example. -- Source: `ROADMAP.md:L2308` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0256-no-observable-diagnostic-neither-status -- Title: *No observable diagnostic.* Neither `status` / `doctor` / the error stream nor the actual JSON output reveals whether `--compact` was honored or dropped. A claw cannot tell from the output shape alone whether the flag worked or was a no-op. -- Source: `ROADMAP.md:L2309` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0257-adds-to-the-silent-flag-no-op-class-sibl -- Title: *Adds to the "silent flag no-op" class.* Sibling of #97 (`--allowedTools ""` silently produces an empty allow-set) and #96 (`--help` Resume-safe summary silently lies about what commands work) — three different flavors of the same underlying problem: flags / surfaces that parse successfully, do nothing useful (or do something harmful), and emit no diagnostic. -- Source: `ROADMAP.md:L2310` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0258-reject-compact-with-output-format-json-a -- Title: *Reject `--compact` with `--output-format json` at parse time.* In `parse_args` after `let allowed_tools = normalize_allowed_tools(...)?`, if `compact && matches!(output_format, CliOutputFormat::Json)`, return `Err("--compact has no effect in --output-format json; drop the flag or switch to --output-format text")`. ~5 lines. -- Source: `ROADMAP.md:L2313` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0259-reject-compact-on-non-prompt-subcommands -- Title: *Reject `--compact` on non-Prompt subcommands.* In the dispatch match around `main.rs:642-770`, when `compact == true` and the subcommand is `status` / `sandbox` / `doctor` / `init` / `export` / `mcp` / `skills` / `agents` / `system-prompt` / `bootstrap-plan` / `dump-manifests`, return `Err("--compact only applies to prompt turns; the '{cmd}' subcommand does not produce tool-call output to strip")`. ~15 lines + a shared helper to name the subcommand in the error. -- Source: `ROADMAP.md:L2314` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0260-honor-compact-in-the-stdin-piped-prompt -- Title: *Honor `--compact` in the stdin-piped Prompt fallthrough.* At `main.rs:614` change `compact: false` to `compact`. One line. Add a parity test: `echo "hi" | claw --compact prompt "..."` should produce the same compact output as `claw --compact prompt "hi"`. -- Source: `ROADMAP.md:L2315` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0261-optionally-support-compact-for-json-mode -- Title: *Optionally — support `--compact` for JSON mode too.* If the compact-JSON lane is actually useful (strip `tool_uses` / `tool_results` / `prompt_cache_events` and keep only `message` / `model` / `usage`), add a fourth arm to `run_turn_with_output`: `CliOutputFormat::Json if compact => self.run_prompt_json_compact(input)`. Not required for the fix — just a forward-looking note. If not supported, rejection in step 1 is the right answer. -- Source: `ROADMAP.md:L2316` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0262-regression-tests-one-per-rejected-combin -- Title: *Regression tests.* One per rejected combination. One for the stdin-piped-Prompt fix. Lock parser behavior so this cannot silently regress. -- Source: `ROADMAP.md:L2317` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0263-claw-system-prompt-cwd-path-date-yyyy-mm -- Title: **`claw system-prompt --cwd PATH --date YYYY-MM-DD` performs zero validation on either value: nonexistent paths, empty strings, multi-line strings, SQL-injection payloads, and arbitrary prompt-injection text are all accepted verbatim and interpolated straight into the rendered system-prompt output in two places each (`# Environment context` and `# Project context` sections) — a classic unvalidated-input → system-prompt surface that a downstream consumer invoking `claw system-prompt --date "$USER_INPUT"` or `--cwd "$TAINTED_PATH"` could weaponize into prompt injection** — dogfooded 2026-04-18 on main HEAD `0e263be` from `/tmp/cdN`. `--help` documents the format as `[--cwd PATH] [--date YYYY-MM-DD]` — implying a filesystem path and an ISO date — but the parser (`main.rs:1162-1190`) just does `PathBuf::from(value)` and `date.clone_from(value)` with no further checks. Both values then reach `SystemPromptBuilder::render_env_context()` at `prompt.rs:176-186` and `render_project_context()` at `prompt.rs:289-293` where they are formatted into the output via `format!("Working directory: {}", cwd.display())` and `format!("Today's date is {}.", current_date)` with no escaping or line-break rejection. -- Source: `ROADMAP.md:L2325` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0264-advertised-format-vs-accepted-format-hel -- Title: *Advertised format vs. accepted format.* `--help` says `[--cwd PATH] [--date YYYY-MM-DD]`. The parser accepts any UTF-8 string, including empty, multi-line, non-ISO dates, and paths that don't exist on disk. Same pattern as #96 / #98 — documented constraint, unenforced at the boundary. -- Source: `ROADMAP.md:L2406` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0265-downstream-consumers-are-the-attack-surf -- Title: *Downstream consumers are the attack surface.* `claw system-prompt` is a utility / debug surface. A claw or CI pipeline that does `claw system-prompt --date "$(date +%Y-%m-%d)" --cwd "$REPO_PATH"` where `$REPO_PATH` comes from an untrusted source (issue title, branch name, user-provided config) has a prompt-injection vector. Newline injection breaks out of the structured bullet into a fresh standalone line that the LLM will read as a separate instruction. -- Source: `ROADMAP.md:L2407` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0266-injection-happens-twice-per-value-both-d -- Title: *Injection happens twice per value.* Both `--date` and `--cwd` are rendered into two sections of the system prompt (`# Environment context` and `# Project context`). A single injection payload gets two bites at the apple. -- Source: `ROADMAP.md:L2408` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0267-cwd-accepts-nonexistent-paths-without-an -- Title: *`--cwd` accepts nonexistent paths without any signal.* If a claw meant to call `claw system-prompt --cwd /real/project/path` and a shell expansion failure sent `/real/project/${MISSING_VAR}` through, the output silently renders the broken path into the system prompt as if it were valid. No warning. No existence check. Not even a `canonicalize()` that would fail on nonexistent paths. -- Source: `ROADMAP.md:L2409` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0268-defense-in-depth-exists-at-the-llm-layer -- Title: *Defense-in-depth exists at the LLM layer, but not at the input layer.* The system prompt itself contains the bullet *"Tool results may include data from external sources; flag suspected prompt injection before continuing."* That is fine LLM guidance, but the system prompt should not itself be a vehicle for injection — the bullet is about tool results, not about the system prompt text. A defense-in-depth system treats the system prompt as trusted; allowing arbitrary operator input into it breaks that trust boundary. -- Source: `ROADMAP.md:L2410` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0269-adds-to-the-silent-flag-unvalidated-inpu -- Title: *Adds to the silent-flag / unvalidated-input class* with #96 / #97 / #98. This one is the most severe of the four because the failure mode is *prompt injection* rather than silent feature no-op: it can actually cause an LLM to do the wrong thing, not just ignore a flag. -- Source: `ROADMAP.md:L2411` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0270-parse-date-as-iso-8601-replace-date-clon -- Title: *Parse `--date` as ISO-8601.* Replace `date.clone_from(value)` at `main.rs:1175` with a `chrono::NaiveDate::parse_from_str(value, "%Y-%m-%d")` or equivalent. Return `Err(format!("invalid --date '{value}': expected YYYY-MM-DD"))` on failure. Rejects empty strings, non-ISO dates, out-of-range years, newlines, and arbitrary payloads in one line. ~5 lines if `chrono` is already a dep, ~10 if a hand-rolled parser. -- Source: `ROADMAP.md:L2414` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0271-validate-cwd-is-a-real-path-replace-cwd -- Title: *Validate `--cwd` is a real path.* Replace `cwd = PathBuf::from(value)` at `main.rs:1169` with `cwd = std::fs::canonicalize(value).map_err(|e| format!("invalid --cwd '{value}': {e}"))?`. Rejects nonexistent paths, empty strings, and newline-containing paths (canonicalize fails on them). ~5 lines. -- Source: `ROADMAP.md:L2415` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0272-strip-or-reject-newlines-defensively-at -- Title: *Strip or reject newlines defensively at the rendering boundary.* Even if the parser validates, add a `debug_assert!(!value.contains('\n'))` or a final-boundary sanitization pass in `render_env_context` / `render_project_context` so that any future entry point into these functions cannot smuggle newlines. Defense in depth. ~3 lines per site. -- Source: `ROADMAP.md:L2416` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0273-regression-tests-one-per-rejected-case-e -- Title: *Regression tests.* One per rejected case (empty `--date`, non-ISO `--date`, newline-containing `--date`, nonexistent `--cwd`, empty `--cwd`, newline-containing `--cwd`). Lock parser behavior. -- Source: `ROADMAP.md:L2417` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0274-claw-status-claw-doctor-json-surfaces-ex -- Title: **`claw status` / `claw doctor` JSON surfaces expose no commit identity: no HEAD SHA, no expected-base SHA, no stale-base state, no upstream tracking info (ahead/behind), no merge-base — making the "branch-freshness before blame" principle from this very roadmap (§Product Principles #4) unachievable without a claw shelling out to `git rev-parse HEAD` / `git merge-base` / `git rev-list` itself. The `--base-commit` flag is silently accepted by `status` / `doctor` / `sandbox` / `init` / `export` / `mcp` / `skills` / `agents` and silently dropped — same silent-no-op pattern as #98 but on the stale-base axis. The `.claw-base` file support exists in `runtime::stale_base` but is invisible to every JSON diagnostic surface. Even the detached-HEAD signal is a magic string (`git_branch: "detached HEAD"`) rather than a typed state, with no accompanying commit SHA to tell *which* commit HEAD is detached on** — dogfooded 2026-04-18 on main HEAD `63a0d30` from `/tmp/cdU` and scratch repos under `/tmp/cdO*`. `claw --base-commit abc1234 status` exits 0 with identical JSON to `claw status`; the flag had zero effect on the status/doctor surface. `run_stale_base_preflight` at `main.rs:3058` is wired into `CliAction::Prompt` and `CliAction::Repl` dispatch paths only, and it writes its output to stderr as human prose — never into the JSON envelope. -- Source: `ROADMAP.md:L2425` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0275-claw-status-claw-doctor-json-surfaces-ex -- Title: **`claw status` / `claw doctor` JSON surfaces expose no commit identity: no HEAD SHA, no expected-base SHA, no stale-base state, no upstream tracking info (ahead/behind), no merge-base — making the "branch-freshness before blame" principle from this very roadmap (Product Principle 4) unachievable without a claw shelling out to `git rev-parse HEAD` / `git merge-base` / `git rev-list` itself. The `--base-commit` flag is silently accepted by `status` / `doctor` / `sandbox` / `init` / `export` / `mcp` / `skills` / `agents` and silently dropped — same silent-no-op pattern as #98 but on the stale-base axis. The `.claw-base` file support exists in `runtime::stale_base` but is invisible to every JSON diagnostic surface. Even the detached-HEAD signal is a magic string (`git_branch: "detached HEAD"`) rather than a typed state, with no accompanying commit SHA to tell *which* commit HEAD is detached on** — dogfooded 2026-04-18 on main HEAD `63a0d30` from `/tmp/cdU` and scratch repos under `/tmp/cdO*`. `claw --base-commit abc1234 status` exits 0 with identical JSON to `claw status`; the flag had zero effect on the status/doctor surface. `run_stale_base_preflight` at `main.rs:3058` is wired into `CliAction::Prompt` and `CliAction::Repl` dispatch paths only, and it writes its output to stderr as human prose — never into the JSON envelope. -- Source: `ROADMAP.md:L2450` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `stale_done` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0276-rusty-claude-permission-mode-env-var-sil -- Title: **`RUSTY_CLAUDE_PERMISSION_MODE` env var silently swallows any invalid value — including common typos and valid-config-file aliases — and falls through to the ultimate default `danger-full-access`. A lane that sets `export RUSTY_CLAUDE_PERMISSION_MODE=readonly` (missing hyphen), `read_only` (underscore), `READ-ONLY` (case), `dontAsk` (config-file alias not recognized at env-var path), or any garbage string gets the LEAST safe mode silently, while `--permission-mode readonly` loudly errors. The env var itself is also undocumented — not referenced in `--help`, README, or any docs — an undocumented knob with fail-open semantics** — dogfooded 2026-04-18 on main HEAD `d63d58f` from `/tmp/cdV`. Matrix of tested values: `"read-only"` / `"workspace-write"` / `"danger-full-access"` / `" read-only "` all work. `""` / `"garbage"` / `"redonly"` / `"readonly"` / `"read_only"` / `"READ-ONLY"` / `"ReadOnly"` / `"dontAsk"` / `"readonly\n"` all silently resolve to `danger-full-access`. -- Source: `ROADMAP.md:L2491` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0277-claw-mcp-list-claw-mcp-show-claw-doctor -- Title: **`claw mcp list` / `claw mcp show` / `claw doctor` surface MCP servers at *configure-time* only — no preflight, no liveness probe, not even a `command-exists-on-PATH` check. A `.claw.json` pointing at `/does/not/exist` as an MCP server command cheerfully reports `found: true` in `mcp show`, `configured_servers: 1` in `mcp list`, `MCP servers: 1` in `doctor` config check, and `status: ok` overall. The actual reachability / startup failure only surfaces when the agent tries to *use* a tool from that server mid-turn — exactly the diagnostic surprise the Roadmap's Phase 2 §4 "Canonical lane event schema" and Product Principle #5 "Partial success is first-class" were written to avoid** — dogfooded 2026-04-18 on main HEAD `eabd257` from `/tmp/cdW2`. A three-server config with 2 broken commands currently shows up everywhere as "Config: ok, MCP servers: 3." An orchestrating claw cannot tell from JSON alone which of its tool surfaces will actually respond. -- Source: `ROADMAP.md:L2594` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `stream_2_event_reporting_contracts` -- Dependencies: adoption_overlay_triage, stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0278-claw-agents-silently-discards-every-agen -- Title: **`claw agents` silently discards every agent definition that is not a `.toml` file — including `.md` files with YAML frontmatter, which is the Claude Code convention that most operators will reach for first. A `.claw/agents/foo.md` file is silently skipped by the agent-discovery walker; `agents list` reports zero agents; doctor reports ok; neither `agents help` nor `--help` nor any docs mention that `.toml` is the accepted format — the gate is entirely code-side and invisible at the operator layer. Compounded by the agent loader not validating *any* of the values inside a discovered `.toml` (model names, tool names, reasoning effort levels) — so the `.toml` gate filters *form* silently while downstream ignores *content* silently** — dogfooded 2026-04-18 on main HEAD `6a16f08` from `/tmp/cdX`. A `.claw/agents/broken.md` with claude-code-style YAML frontmatter is invisible to `agents list`. The same content moved into `.claw/agents/broken.toml` is loaded instantly — including when it references `model: "nonexistent/model-that-does-not-exist"` and `tools: ["DoesNotExist", "AlsoFake"]`, both of which are accepted without complaint. -- Source: `ROADMAP.md:L2670` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0279-export-path-slash-command-and-claw-expor -- Title: **`/export ` (slash command) and `claw export ` (CLI) are two different code paths with incompatible filename semantics: the slash path silently appends `.txt` to any non-`.txt` filename (`/export foo.md` → `foo.md.txt`, `/export report.json` → `report.json.txt`), and neither path does any path-traversal validation so a relative path like `../../../tmp/pwn.md` resolves to the computed absolute path outside the project root. The slash path's rendered content is full Markdown (`# Conversation Export`, `- **Session**: ...`, fenced code blocks) but the forced `.txt` extension misrepresents the file type. Meanwhile `/export`'s `--help` documentation string is just `/export [file]` — no mention of the forced-`.txt` behavior, no mention of the path-resolution semantics** — dogfooded 2026-04-18 on main HEAD `7447232` from `/tmp/cdY`. A claw orchestrating session transcripts via the slash command and expecting `.md` output gets a `.md.txt` file it cannot find with a glob for `*.md`. A claw writing session exports under a trusted output directory gets silently path-traversed outside it when the caller's filename input contains `../` segments. -- Source: `ROADMAP.md:L2757` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0280-claw-status-ignores-claw-json-s-model-fi -- Title: **`claw status` ignores `.claw.json`'s `model` field entirely and always reports the compile-time `DEFAULT_MODEL` (`claude-opus-4-6`), while `claw doctor` reports the raw *configured* alias string (e.g. `haiku`) mislabeled as "Resolved model", and the actual turn-dispatch path resolves the alias to the canonical name (e.g. `claude-haiku-4-5-20251213`) via a third code path (`resolve_repl_model`). Four separate surfaces disagree on "what is this lane's active model?": config file (alias as written), `doctor` (alias mislabeled as resolved), `status` (hardcoded default, config ignored), and turn dispatch (canonical, alias-resolved). A claw reading `status` JSON to pick a tool/routing strategy based on the active model will make decisions against a model string that is neither configured nor actually used** — dogfooded 2026-04-18 on main HEAD `6580903` from `/tmp/cdZ`. `.claw.json` with `{"model":"haiku"}` produces `status.model = "claude-opus-4-6"` and `doctor` config detail `Resolved model haiku` simultaneously. Neither value matches what an actual turn would use (`claude-haiku-4-5-20251213`). -- Source: `ROADMAP.md:L2850` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0281-config-merge-uses-deep-merge-objects-whi -- Title: **Config merge uses `deep_merge_objects` which recurses into nested objects but REPLACES arrays — so `permissions.allow`, `permissions.deny`, `permissions.ask`, `hooks.PreToolUse`, `hooks.PostToolUse`, `hooks.PostToolUseFailure`, and `plugins.externalDirectories` from an earlier config layer are silently discarded whenever a later layer sets the same key. A user-home `~/.claw/settings.json` with `permissions.deny: ["Bash(rm *)"]` is silently overridden by a project `.claw.json` with `permissions.deny: ["Bash(sudo *)"]` — the user's `Bash(rm *)` deny is GONE and never surfaced. Worse: a workspace-local `.claw/settings.local.json` with `permissions.deny: []` silently removes every deny rule from every layer above it** — dogfooded 2026-04-18 on main HEAD `71e7729` from `/tmp/cdAA`. MCP servers *are* merged by-key (distinct server names from different layers coexist), but permission-rule arrays and hook arrays are NOT — they are last-writer-wins for the entire list. This makes claw-code's config merge incompatible with any multi-tier permission policy (team default → project override → local tweak) that a security-conscious team would want, and it is the exact failure mode #91 / #94 / #101 warned about on adjacent axes. -- Source: `ROADMAP.md:L2935` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0282-the-entire-hook-subsystem-is-invisible-t -- Title: **The entire hook subsystem is invisible to every JSON diagnostic surface. `doctor` reports no hook count and no hook health. `mcp`/`skills`/`agents` list-surfaces have no hook sibling. `/hooks list` is in `STUB_COMMANDS` and returns "not yet implemented in this build." `/config hooks` shows `merged_keys: 1` but not the hook commands. Hook execution progress events (`Started`/`Completed`/`Cancelled`) route to `eprintln!` as human prose ("[hook PreToolUse] tool: command"), never into the `--output-format json` envelope. Hook commands are executed via `sh -lc ` so they get full shell expansion; command strings are accepted at config-load without any validation (nonexistent paths, garbage strings, and shell-expansion payloads all accepted as "Config: ok"). Compounded by #106: a downstream `.claw/settings.local.json` can silently REPLACE the entire upstream hook array — so a team-level security-audit hook can be erased and replaced by an attacker-controlled hook with zero visibility anywhere machine-readable** — dogfooded 2026-04-18 on main HEAD `a436f9e` from `/tmp/cdBB`. Hooks exist as a runtime capability (`runtime::hooks` module, `HookProgressReporter` trait, shell dispatcher at `hooks.rs:739-754`) but they are the least-observable subsystem in claw-code from the machine-orchestration perspective. -- Source: `ROADMAP.md:L3020` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0283-cli-subcommand-typos-fall-through-to-the -- Title: **CLI subcommand typos fall through to the LLM prompt dispatch path and silently burn tokens — `claw doctorr`, `claw skilsl`, `claw statuss`, `claw deply` all resolve to `CliAction::Prompt { prompt: "doctorr", ... }` and attempt a live LLM turn. Slash commands have a "Did you mean /skill, /skills" suggestion system that works correctly; subcommands have the same infrastructure available but it is never applied. A claw or CI pipeline that typos a subcommand name gets no structural signal — just the prompt API error (usually "missing credentials" in local dev, or actual billed LLM output with provider keys configured)** — dogfooded 2026-04-18 on main HEAD `91c79ba` from `/tmp/cdCC`. Every unrecognized first-positional falls through the `_other => Ok(CliAction::Prompt { ... })` arm at `main.rs:707`, which is the documented shorthand-prompt mode — but with no levenshtein / prefix matching against the known subcommand set to offer a suggestion first. A claw running with `ANTHROPIC_API_KEY` set that runs `claw doctorr` actually sends the string "doctorr" to the configured LLM provider and pays for the tokens. -- Source: `ROADMAP.md:L3091` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0284-config-validation-emits-structured-diagn -- Title: **Config validation emits structured diagnostics (`ConfigDiagnostic` with `path`, `field`, `line`, `kind: UnknownKey | WrongType | Deprecated`) but the loader flattens ALL warnings to prose via `eprintln!("warning: {warning}")` at `config.rs:298-300`. Deprecation notices for `permissionMode` (now `permissions.defaultMode`) and `enabledPlugins` (now `plugins.enabled`) appear only on stderr — never in the `config` check's JSON output, never as a top-level doctor `warnings` array, never surfaced in `status` JSON, never captured in any machine-readable envelope. A claw reading `--output-format json doctor` with `2>/dev/null` gets `status: "ok", summary: "runtime config loaded successfully"` even when the config uses deprecated field names. Migration-friction and truth-audit gap — the validator knows, the claw does not** — dogfooded 2026-04-18 on main HEAD `21b2773` from `/tmp/cdDD`. The `ValidationResult { errors, warnings }` struct exists; `ConfigDiagnostic` Display impl formats precisely; `DEPRECATED_FIELDS` const lists both migration paths. None of this is surfaced. `errors` (load-failing) correctly propagate into `config.status = fail` with the diagnostic string in `summary`. `warnings` (non-failing) do not. -- Source: `ROADMAP.md:L3165` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0285-configloader-discover-only-looks-at-cwd -- Title: **`ConfigLoader::discover` only looks at `$CWD/.claw.json`, `$CWD/.claw/settings.json`, and `$CWD/.claw/settings.local.json` — it does not walk up to `project_root` (the detected git root) to find config. A developer with `.claw.json` at the repo root who runs claw from a subdirectory gets ZERO config loaded. `doctor` reports `config: ok, no config files present; defaults are active`. `status.permission_mode` resolves to `danger-full-access` (the compile-time fallback) silently. Meanwhile CLAUDE.md / instruction files DO walk ancestors unbounded (per #85). Two adjacent discovery mechanisms, opposite strategies, no documentation, silently inconsistent behavior** — dogfooded 2026-04-18 on main HEAD `16244ce` from `/tmp/cdGG/nested/deep/dir`. The workspace-check correctly identifies `project_root: /tmp/cdGG` (via git-root walk), but config discovery never reaches that directory. A `.claw.json` at `/tmp/cdGG/.claw.json` (the project root) is INVISIBLE from any subdirectory below it. Under-discovery is the opposite failure mode from #85's over-discovery — same meta-issue: "ancestor walk policy is subsystem-by-subsystem ad-hoc, not principled." -- Source: `ROADMAP.md:L3237` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0286-providers-slash-command-is-documented-as -- Title: **`/providers` slash command is documented as "List available model providers" in both `--help` and the shared command-spec registry, but its parser at `commands/src/lib.rs:1386` maps it to `SlashCommand::Doctor` — so invoking `/providers` runs the six-check health report (auth/config/install_source/workspace/sandbox/system) and returns `{kind: "doctor", checks: [...]}`. A claw expecting a structured list of `{providers: [{name, models, base_url, reachable}]}` gets workspace-health JSON instead** — dogfooded 2026-04-18 on main HEAD `b2366d1` from `/tmp/cdHH`. The command-spec registry at `commands/src/lib.rs:716-718` declares `name: "providers", summary: "List available model providers"`. `--help` echoes that summary in the slash-command listing and in the Resume-safe line. Actual dispatch routes to doctor. Declared contract and implementation diverge completely; this is a specification mismatch rather than a stub — `/providers` has documented semantics claw does not implement and silently delivers the wrong subsystem. -- Source: `ROADMAP.md:L3321` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0287-concurrent-claw-invocations-that-touch-t -- Title: **Concurrent claw invocations that touch the same session file (e.g. two `/clear --confirm` or two `/compact` calls on the same session-id race) fail intermittently with a raw OS errno — `{"type":"error","error":"No such file or directory (os error 2)"}` — instead of a domain-specific concurrent-modification error. There is no file locking, no read-modify-write protection, no rename-race guard. The loser of the race gets ENOENT because the winner rotated, renamed, or deleted the session file between the loser's `fs::read_to_string` and its own `fs::write`. A claw orchestrating multiple lanes that happen to share a session id (because the operator reuses one, or because a CI matrix is re-running with the same state) gets unpredictable partial failures with un-actionable raw-io errors** — dogfooded 2026-04-18 on main HEAD `a049bd2` from `/tmp/cdII`. Five concurrent `/compact` calls on the same session: 4 succeed, 1 fails with `os error 2`. Two concurrent `/clear --confirm` calls: same pattern. -- Source: `ROADMAP.md:L3398` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0288-session-switch-session-fork-and-session -- Title: **`/session switch`, `/session fork`, and `/session delete` are registered by the parser (produce `SlashCommand::Session { action, target }`), documented in `--help` as first-class session-management verbs, but dispatch in `run_resume_command` implements ONLY `/session list` with a dedicated handler at `main.rs:2908` — every other `Session { .. }` variant falls through to the "unsupported resumed slash command" bucket at `main.rs:2936`. There is also no `claw session ` CLI subcommand: `claw session delete s` falls through to Prompt dispatch per #108. Net effect: claws can enumerate sessions via `/session list`, but CANNOT programmatically switch, fork, or delete — those are REPL-interactive only, with no `--output-format json`-compatible alternative and no `claw session ...` CLI equivalent. Help advertises the capability universally; implementation surfaces it only in the REPL** — dogfooded 2026-04-18 on main HEAD `8b25daf` from `/tmp/cdJJ`. Full test matrix: `/session list` works from `--resume` (returns structured JSON), `/session switch s` / `/session fork foo` / `/session delete s` / `/session delete s --force` all return `{"type":"error","error":"unsupported resumed slash command"}`. -- Source: `ROADMAP.md:L3478` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0289-session-reference-resolution-is-asymmetr -- Title: **Session reference-resolution is asymmetric with `/session list`: after `/clear --confirm`, the new session_id baked into the meta header diverges from the filename (the file is renamed-in-place as `.jsonl`). `/session list` reads the meta header and reports the NEW session_id (e.g. `session-1776481564268-1`). But `claw --resume ` looks up by FILENAME stem in `sessions_root`, not by meta-header id, and fails with `"session not found"`. Net effect: `/session list` returns session ids that the `--resume` reference resolver cannot find. Also: `/clear` backup files (`.jsonl.before-clear-.bak`) are filtered out of `/session list` (zero discoverability via JSON surface), and 0-byte session files at lookup path cause `--resume` to silently construct ephemeral-never-persisted sessions with fabricated ids not in `/session list` either** — dogfooded 2026-04-18 on main HEAD `43eac4d` from `/tmp/cdNN` and `/tmp/cdOO`. -- Source: `ROADMAP.md:L3550` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0290-claw-init-generates-claw-json-with-permi -- Title: **`claw init` generates `.claw.json` with `"permissions": {"defaultMode": "dontAsk"}` — where "dontAsk" is an alias for `danger-full-access`, hardcoded in `rust/crates/runtime/src/config.rs:858`. The init output is prose-only with zero mention of "danger", "permission", or "access" — a claw (or human) running `claw init` in a fresh project gets no signal that the generated config turns permissions off. `claw init --output-format json` returns `{kind: "init", message: ""}` instead of structured `{files_created: [...], defaultMode: "dontAsk", security_posture: "danger-full-access"}`. The alias choice itself ("dontAsk") obscures the behavior: a user seeing `"defaultMode": "dontAsk"` in their new repo naturally reads it as "don't ask me to confirm" — NOT "grant every tool every permission unconditionally" — but the two are identical per the parser at `config.rs:858`. `claw init` is effectively a silent bootstrap to maximum-permissions mode** — dogfooded 2026-04-18 on main HEAD `ca09b6b` from `/tmp/cdPP`. -- Source: `ROADMAP.md:L3655` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0291-unknown-keys-in-claw-json-are-strict-err -- Title: **Unknown keys in `.claw.json` are strict ERRORS, not warnings — `claw` hard-fails at startup with exit 1 if any field is unrecognized. Only the FIRST error is reported; all subsequent validation messages are lost. Valid Claude Code config fields (`apiKeyHelper`, `env`, and other Claude-Code-native keys) trigger the same hard-fail, so a user renaming `.claude.json → .claw.json` for migration gets `"unknown key \"apiKeyHelper\"" ... exit 1` with zero guidance on what to delete. The error goes to stderr as structured JSON (`{"type":"error","error":"..."}`) but a `--output-format json` consumer has to read BOTH stdout AND stderr to capture success-or-error — the stdout side is empty on error. There is no `--ignore-unknown-config` flag, no `strict` vs `warn` mode toggle, no forward-compat path — a claw's future-self putting a single new field in the config kills every older claw binary** — dogfooded 2026-04-18 on main HEAD `ad02761` from `/tmp/cdRR`. -- Source: `ROADMAP.md:L3752` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0292-p-claude-code-compat-shortcut-for-prompt -- Title: **`-p` (Claude Code compat shortcut for "prompt") is super-greedy: the parser at `main.rs:524-538` does `let prompt = args[index + 1..].join(" ")` and immediately returns, swallowing EVERY subsequent arg into the prompt text. `--model sonnet`, `--output-format json`, `--help`, `--version`, and any other flag placed AFTER `-p` are silently consumed into the prompt that gets sent to the LLM. Flags placed BEFORE `-p` are also dropped when parser-state variables like `wants_help` are set and then discarded by the early `return Ok(CliAction::Prompt {...})`. The emptiness check (`if prompt.trim().is_empty()`) is too weak: `claw -p --model sonnet` produces prompt=`"--model sonnet"` which is non-empty, so no error is raised and the literal flag string is sent to the LLM as user input** — dogfooded 2026-04-18 on main HEAD `f2d6538` from `/tmp/cdSS`. -- Source: `ROADMAP.md:L3847` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0293-three-slash-commands-stats-tokens-and-ca -- Title: **Three slash commands — `/stats`, `/tokens`, and `/cache` — all collapse to `SlashCommand::Stats` at `commands/src/lib.rs:1405` (`"stats" | "tokens" | "cache" => SlashCommand::Stats`), returning bit-identical output (`{"kind":"stats", ...}`) despite `--help` advertising three distinct capabilities: `/stats` = "Show workspace and session statistics", `/tokens` = "Show token count for the current conversation", `/cache` = "Show prompt cache statistics". A claw invoking `/cache` expecting cache-focused output gets a grab-bag that says `kind: "stats"` — not even `kind: "cache"`. A claw invoking `/tokens` expecting a focused token report gets the same grab-bag labeled `kind: "stats"`. This is the 2-dimensional-superset of #111 (2-way dispatch collapse) — #118 is a 3-way collapse where each collapsed alias has a DIFFERENT help description, compounding the documentation-vs-implementation gap** — dogfooded 2026-04-18 on main HEAD `b9331ae` from `/tmp/cdTT`. -- Source: `ROADMAP.md:L3943` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0294-the-this-is-a-slash-command-use-resume-h -- Title: **The "this is a slash command, use `--resume`" helpful-error path only triggers for EXACTLY-bare slash verbs (`claw hooks`, `claw plan`) — any argument after the verb (`claw hooks --help`, `claw plan list`, `claw theme dark`, `claw tokens --json`, `claw providers --output-format json`) silently falls through to Prompt dispatch and burns billable tokens on a nonsensical "hooks --help" user-prompt. The helpful-error function at `main.rs:765` (`bare_slash_command_guidance`) is gated by `if rest.len() != 1 { return None; }` at `main.rs:746`. Nine known slash-only verbs (`hooks`, `plan`, `theme`, `tasks`, `subagent`, `agent`, `providers`, `tokens`, `cache`) ALL exhibit this: bare → clean error; +any-arg → billable LLM call. Users discovering `claw hooks` by pattern-following from `claw status --help` get silently charged** — dogfooded 2026-04-18 on main HEAD `3848ea6` from `/tmp/cdUU`. -- Source: `ROADMAP.md:L4025` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0295-claw-json-is-parsed-by-a-custom-json-ish -- Title: **`.claw.json` is parsed by a custom JSON-ish parser (`JsonValue::parse` in `rust/crates/runtime/src/json.rs`) that accepts trailing commas (one), but silently drops files containing line comments, block comments, unquoted keys, UTF-8 BOM, single quotes, hex numbers, leading commas, or multiple trailing commas. The user sees `.claw.json` behave partially like JSON5 (trailing comma works) and reasonably assumes JSON5 tolerance. Comments or unquoted keys — the two most common JSON5 conveniences a developer would reach for — silently cause the entire config to be dropped with ZERO stderr, exit 0, `loaded_config_files: 0`. Since the no-config default is `danger-full-access` per #87, a commented-out `.claw.json` with `"defaultMode": "default"` silently UPGRADES permissions from intended `read-only` to `danger-full-access` — a security-critical semantic flip from the user's expressed intent to the polar opposite** — dogfooded 2026-04-18 on main HEAD `7859222` from `/tmp/cdVV`. Extends #86 (silent-drop) with the JSON5-partial-tolerance + alias-collapse angle. -- Source: `ROADMAP.md:L4124` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0296-hooks-configuration-schema-is-incompatib -- Title: **`hooks` configuration schema is INCOMPATIBLE with Claude Code. claw-code expects `{"hooks": {"PreToolUse": [, ...]}}` — a flat array of command strings. Claude Code's schema is `{"hooks": {"PreToolUse": [{"matcher": "", "hooks": [{"type": "command", "command": "..."}]}]}}` — a matcher-keyed array of objects with nested command arrays. A user migrating their Claude Code `.claude.json` hooks block gets parse-fail: `field "hooks.PreToolUse" must be an array of strings, got an array (line 3)`. The error message is ALSO wrong — both schemas use arrays; the correct diagnosis is "array-of-objects where array-of-strings was expected." Separately, `claw --output-format json doctor` when failures present emits TWO concatenated JSON objects on stdout (`{kind:"doctor",...}` then `{type:"error",error:"doctor found failing checks"}`), breaking single-document parsing for any claw that does `json.load(stdout)`. Doctor output also has both `message` and `report` top-level fields containing identical prose — byte-duplicated** — dogfooded 2026-04-18 on main HEAD `b81e642` from `/tmp/cdWW`. -- Source: `ROADMAP.md:L4227` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0297-base-commit-accepts-any-string-as-its-va -- Title: **`--base-commit` accepts ANY string as its value with zero validation — no SHA-format check, no `git cat-file -e` probe, no rejection of values that start with `--` or match known subcommand names. The parser at `main.rs:487` greedily takes `args[index+1]` no matter what. So `claw --base-commit doctor` silently uses the literal string `"doctor"` as the base commit, absorbs the subcommand, falls through to Prompt dispatch, emits stderr `"warning: worktree HEAD (...) does not match expected base commit (doctor). Session may run against a stale codebase."` (using the bogus value verbatim), AND burns billable LLM tokens on an empty prompt. Similarly `claw --base-commit --model sonnet status` takes `--model` as the base-commit value, swallowing the model flag. Separately: the stale-base check runs ONLY on the Prompt path; `claw --output-format json --base-commit status` or `doctor` emit NO stale_base field in the JSON surface, silently dropping the signal (plumbing gap adjacent to #100)** — dogfooded 2026-04-18 on main HEAD `d1608ae` from `/tmp/cdYY`. -- Source: `ROADMAP.md:L4346` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `stale_done` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: Marked done in roadmap but needs freshness re-verification before being used as release evidence. - -### CC2-RM-A0298-allowedtools-tool-name-normalization-is -- Title: **`--allowedTools` tool name normalization is asymmetric: `normalize_tool_name` converts `-` → `_` and lowercases, but canonical names aren't normalized the same way, so tools with snake_case canonical (`read_file`) accept underscore + hyphen + lowercase variants (`read_file`, `READ_FILE`, `Read-File`, `read-file`, plus aliases `read`/`Read`), while tools with PascalCase canonical (`WebFetch`) REJECT snake_case variants (`web_fetch`, `web-fetch` both fail). A user or claw defensively writing `--allowedTools WebFetch,web_fetch` gets half the tools accepted and half rejected. The acceptance list mixes conventions: `bash`, `read_file`, `write_file` are snake_case; `WebFetch`, `WebSearch`, `TodoWrite`, `Skill`, `Agent` are PascalCase. Help doesn't explain which convention to use when. Separately: `--allowedTools` splits on BOTH commas AND whitespace (`Bash Read` parses as two tools), duplicate/case-variant tokens like `bash,Bash,BASH` are silently accepted with no dedup warning, and the allowed-tool set is NOT surfaced in `status` / `doctor` JSON output — a claw invoking with `--allowedTools` has no post-hoc way to verify what the runtime actually accepted** — dogfooded 2026-04-18 on main HEAD `2bf2a11` from `/tmp/cdZZ`. -- Source: `ROADMAP.md:L4433` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage, stable_alpha_contracts -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0299-model-accepts-any-string-with-zero-valid -- Title: **`--model` accepts any string with zero validation — typos like `sonet` silently pass through to the API where they fail late with an opaque error; empty string `""` is silently accepted as a model name; `status` JSON shows the resolved model but not the user's raw input, so post-hoc debugging of "why did my model flag not work?" requires re-reading the process argv** — dogfooded 2026-04-18 on main HEAD `bb76ec9` from `/tmp/cdAA2`. -- Source: `ROADMAP.md:L4549` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0300-git-state-clean-is-emitted-by-both-statu -- Title: **`git_state: "clean"` is emitted by both `status` and `doctor` JSON even when `in_git_repo: false` — a non-git directory reports the same sentinel as a git repo with no changes. `GitWorkspaceSummary::default()` returns all-zero fields; `is_clean()` checks `changed_files == 0` → true → `headline() = "clean"`. A claw checking `if git_state == "clean" then proceed` would proceed even in a non-git directory. Doctor correctly surfaces `in_git_repo: false` and `summary: "current directory is not inside a git project"`, but the `git_state` field contradicts this by claiming "clean." Separately, `claw init` creates a `.gitignore` file even in non-git directories — not harmful (ready for future `git init`) but misleading** — dogfooded 2026-04-18 on main HEAD `debbcbe` from `/tmp/cdBB2`. -- Source: `ROADMAP.md:L4625` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0301-config-env-hooks-model-plugins-ignores-t -- Title: **`/config [env|hooks|model|plugins]` ignores the section argument — all four subcommands return bit-identical output: the same config-file-list envelope `{kind:"config", files:[...], loaded_files, merged_keys, cwd}`. Help advertises "/config [env|hooks|model|plugins] — Inspect Claude config files or merged sections [resume]" — implying section-specific output. A claw invoking `/config model` expecting the resolved model config gets the file-list envelope identical to `/config hooks`. The section argument is parsed and discarded** — dogfooded 2026-04-18 on main HEAD `b56841c` from `/tmp/cdFF2`. -- Source: `ROADMAP.md:L4693` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0302-claw-subcommand-json-and-claw-subcommand -- Title: **`claw --json` and `claw ` silently fall through to LLM Prompt dispatch — every diagnostic verb (`doctor`, `status`, `sandbox`, `skills`, `version`, `help`) accepts the documented `--output-format json` global only BEFORE the subcommand. The natural shape `claw doctor --json` parses as: subcommand=`doctor` is consumed, then `--json` becomes prompt text, the parser dispatches to `CliAction::Prompt { prompt: "--json" }`, the prompt path demands Anthropic credentials, and a fresh box with no auth fails hard with exit=1. Same for `claw doctor --garbageflag`, `claw doctor garbage args here`, `claw status --json`, `claw skills --json`, etc. The text-mode form `claw doctor` works fine without auth (it's a pure local diagnostic), so this is a pure CLI-surface failure that breaks every observability tool that pipes JSON. README.md says "`claw doctor` should be your first health check" — but any claw, CI step, or monitoring tool that adds `--json` to that exact suggested command gets a credential-required error instead of structured output** — dogfooded 2026-04-20 on main HEAD `7370546` from `/tmp/claw-dogfood` (no `.git`, no `.claw.json`, all `ANTHROPIC_*` / `OPENAI_*` env vars unset via `env -i`). -- Source: `ROADMAP.md:L4737` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `security` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0303-closed-2026-04-21-claw-model-malformed-s -- Title: **[CLOSED 2026-04-21]** **`claw --model ` (spaces, empty string, special chars, invalid provider/model syntax) silently falls through to API-layer cred error instead of rejecting at parse time** — dogfooded 2026-04-20 on main HEAD `d284ef7` from a fresh environment (no config, no auth). The `--model` flag accepts any string without syntactic validation: spaces (`claw --model "bad model"`), empty strings (`claw --model ""`), special characters (`claw --model "@invalid"`), non-existent provider/model combinations all parse successfully. The malformed model string then flows into the runtime's provider-detection layer, which silently accepts it as Anthropic fallback or passes it to an API layer that fails with `missing Anthropic credentials` (misdirection) rather than a clear "invalid model syntax" error at parse time. With API credentials configured, a malformed model string gets sent to the API, billing tokens against a request that should have failed client-side. -- Source: `ROADMAP.md:L4833` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `provider` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0304-mcp-server-startup-blocks-credential-val -- Title: **MCP server startup blocks credential validation — `claw ` with any `.claw.json` `mcpServers` entry awaits the MCP server's stdio handshake BEFORE checking whether the operator has Anthropic credentials. With no `ANTHROPIC_AUTH_TOKEN` / `ANTHROPIC_API_KEY` set and `mcpServers.everything = { command: "npx", args: ["-y", "@modelcontextprotocol/server-everything"] }` configured, the CLI hangs forever (verified via `timeout 30s` — still in MCP startup at 30s with three repeated `"Starting default (STDIO) server..."` lines), instead of fail-fasting with the same `missing Anthropic credentials` error that fires in milliseconds when no MCP is configured. A misconfigured-but-running MCP server (one that spawns successfully but never completes its `initialize` handshake) wedges every `claw ` invocation permanently. A misconfigured MCP server with a slow-but-eventually-succeeding init (npx download, container pull, network roundtrip) burns startup latency on every Prompt invocation regardless of whether the LLM call would even succeed. This is the runtime-side companion to #102's config-time MCP diagnostic gap: #102 says doctor doesn't surface MCP reachability; #129 says the Prompt path's reachability check is implicit, blocking, retried, and runs *before* the cheaper auth precondition that should run first** — dogfooded 2026-04-20 on main HEAD `d284ef7` from `/tmp/claw-mcp-test` with `env -i PATH=$PATH HOME=$HOME` (all auth env vars unset). -- Source: `ROADMAP.md:L4847` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0305-claw-export-output-path-filesystem-error -- Title: **`claw export --output ` filesystem errors surface raw OS errno strings with zero context — no path that failed, no operation that failed (open/write/mkdir), no structured error kind, no actionable hint, and the `--output-format json` envelope flattens everything to `{"error":"","type":"error"}`. Five distinct filesystem failure modes all produce different raw errno strings but the same zero-context shape. The boilerplate `Run claw --help for usage` trailer is also misleading because these are filesystem errors, not usage errors** — dogfooded 2026-04-20 on main HEAD `d2a8341` from `/Users/yeongyu/clawd/claw-code/rust` (real session file present). -- Source: `ROADMAP.md:L4921` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `windows_install` / `adoption_overlay` -- Dependencies: adoption_overlay_triage -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0306-add-stale-base-check-to-doctor-output-in -- Title: *Add stale-base check to `doctor` output.* In `render_doctor_report()`, collect the same `stale_base::BaseCommitState` that `run_stale_base_preflight()` computes (by calling `check_base_commit(&cwd, resolve_expected_base(None, &cwd).as_ref())` — note: `doctor` never receives `--base-commit` flag value, so expected base comes from `.claw-base` file only). Convert the `BaseCommitState` into a doctor `DiagnosticCheck` (parallel to existing `auth`, `config`, `git_state`, etc.). If `Diverged`, emit `DiagnosticLevel::Warn` with expected and actual commit hashes. If `NotAGitRepo` or `NoExpectedBase`, emit `DiagnosticLevel::Ok`. ~20 lines. -- Source: `ROADMAP.md:L5073` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0307-surface-base-commit-source-in-status-jso -- Title: *Surface base_commit source in `status --json` output.* Alongside the existing JSON fields, add `base_commit_expected: | null` and `base_commit_actual: `. If no `.claw-base` file exists, `base_commit_expected: null`. If diverged, `status` JSON includes both fields so downstream claws can see the mismatch in machine-readable form. ~15 lines. -- Source: `ROADMAP.md:L5074` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0308-regression-tests -- Title: *Regression tests.* -- Source: `ROADMAP.md:L5075` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0309-add-session-id-option-string-and-active -- Title: Add `session_id: Option` and `active_session: bool` to `StatusReport` struct. Both `null`/`false` when no session is active. When a session is running, `session_id` is the same UUID emitted in the startup lane event (#134). -- Source: `ROADMAP.md:L5098` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0310-thread-the-session-state-into-the-status -- Title: Thread the session state into the `status` handler via a shared `Arc>` or equivalent (same mechanism #134 uses for startup event emission). -- Source: `ROADMAP.md:L5099` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0311-text-mode-claw-status-surfaces-the-value -- Title: Text-mode `claw status` surfaces the value: `Session: active (id: abc123)` or `Session: idle`. -- Source: `ROADMAP.md:L5100` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0312-regression-tests-a-claw-status-json-befo -- Title: Regression tests: (a) `claw status --json` before any prompt → `active_session: false, session_id: null`. (b) `claw status --json` during a prompt session → `active_session: true, session_id: `. (c) UUID matches the `session.id` in the first lane event of the same run. -- Source: `ROADMAP.md:L5101` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0313-add-a-clioutputformat-json-if-compact-ar -- Title: Add a `CliOutputFormat::Json if compact` arm (or merge compact flag into `run_prompt_json` as a parameter) that produces a JSON object with `message: ` and a `compact: true` marker. Tool-use fields remain present but empty arrays (consistent with compact semantics — tools ran but are not returned verbatim). -- Source: `ROADMAP.md:L5141` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0314-emit-a-warning-or-error-kind-flag-confli -- Title: Emit a warning or `error.kind: "flag_conflict"` if conflicting flags are passed in a way that silently wins (or document the precedence explicitly in `--help`). -- Source: `ROADMAP.md:L5142` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0315-regression-tests-claw-compact-output-for -- Title: Regression tests: `claw --compact --output-format json ` must produce valid JSON with at minimum `{message: "...", compact: true}`. -- Source: `ROADMAP.md:L5143` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0316-bundle-converged-merge-ready-e-g-134-135 -- Title: `bundle converged, merge-ready` (e.g., #134/#135 branch after fixes) -- Source: `ROADMAP.md:L5154` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0317-follow-up-landed-on-main-branch-still-va -- Title: `follow-up landed on main, branch still valid` (e.g., #137 + #136 fixes after #134/#135 was ready) -- Source: `ROADMAP.md:L5155` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0318-only-pre-existing-flake-remains-no-new-r -- Title: `only pre-existing flake remains, no new regressions` (e.g., `resume_latest...` test failure on main that also fails on feature branch) -- Source: `ROADMAP.md:L5156` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0319-work-still-in-flight-blocker-not-yet-res -- Title: `work still in flight, blocker not yet resolved` -- Source: `ROADMAP.md:L5157` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0320-merged-and-closed-re-nudge-is-a-dup -- Title: `merged and closed, re-nudge is a dup` -- Source: `ROADMAP.md:L5158` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0321-dogfood-report-should-carry-an-explicit -- Title: Dogfood report should carry an explicit **closure state** field: `converged`, `follow-up-landed`, `pre-existing-flake-only`, `in-flight`, `merged`, `dup`. -- Source: `ROADMAP.md:L5168` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0322-each-state-has-a-last-updated-timestamp -- Title: Each state has a **last-updated timestamp** (when report was filed) and **next-action** (null if converged, or describe blocker). -- Source: `ROADMAP.md:L5169` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0323-nudge-logic-checks-prior-report-state-if -- Title: Nudge logic checks prior report state: if `converged` + timestamp < 10 min old, skip nudge and post "still converged as of HH:MM, no action". -- Source: `ROADMAP.md:L5170` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0324-if-state-changed-e-g-new-commits-landed -- Title: If state changed (e.g., new commits landed), emit **state transition** explicitly: "bundle done (14:25) → follow-up landed (14:42)". -- Source: `ROADMAP.md:L5171` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `done_verify` -- Category/lane: `event_report` / `stream_2_event_reporting_contracts` -- Dependencies: stream_1_worker_boot_session_control -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0325-store-closure-state-in-a-shared-metadata -- Title: Store closure state in a **shared metadata surface** (Discord message edit, ROADMAP inline, or compact JSON file) so next cycle can read it. -- Source: `ROADMAP.md:L5172` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `adoption_overlay` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0326-pushed-branch-exists-on-origin-but-no-pr -- Title: `pushed` — branch exists on origin but no PR (current state for feat/134-135) -- Source: `ROADMAP.md:L5210` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0327-in-pr-pr-open-review-pending -- Title: `in-PR` — PR open, review pending -- Source: `ROADMAP.md:L5211` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0328-approved-pr-approved-awaiting-merge -- Title: `approved` — PR approved, awaiting merge -- Source: `ROADMAP.md:L5212` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0329-merged-in-main -- Title: `merged` — in main -- Source: `ROADMAP.md:L5213` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0330-deployed-if-applicable -- Title: `deployed` — if applicable -- Source: `ROADMAP.md:L5214` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0331-abandoned-pr-closed-without-merge -- Title: `abandoned` — PR closed without merge -- Source: `ROADMAP.md:L5215` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `done_verify` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `verify_existing_evidence_and_regression_guard` -- Deferral rationale: - -### CC2-RM-A0332-claw-help-has-no-mention-of-workers-claw -- Title: `claw --help` has no mention of workers, `claw worker`, or worker state -- Source: `ROADMAP.md:L5234` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0333-there-is-no-claw-worker-subcommand-not-l -- Title: There is no `claw worker` subcommand (not listed in help, not in the 16 known subcommands) -- Source: `ROADMAP.md:L5235` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0334-no-hint-in-the-error-itself-about-what-c -- Title: No hint in the error itself about what command triggers worker state creation -- Source: `ROADMAP.md:L5236` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0335-a-claw-ci-pipeline-or-first-time-user-hi -- Title: A claw, CI pipeline, or first-time user hitting this error has no actionable next step -- Source: `ROADMAP.md:L5237` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0336-error-references-concept-that-is-not-dis -- Title: **Error references concept that is not discoverable.** Product Principle violation: "Errors must be actionable." Current error is descriptive but unactionable. -- Source: `ROADMAP.md:L5251` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0337-claws-can-t-self-heal-a-claw-orchestrato -- Title: **Claws can't self-heal.** A claw orchestrator that gets this error cannot construct a follow-up command because the remediation is not in the error or in `--help`. -- Source: `ROADMAP.md:L5252` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0338-dogfood-blocker-automated-test-setups-th -- Title: **Dogfood blocker.** Automated test setups that include `claw state` as a health check will fail silently for users who haven't triggered the worker path. -- Source: `ROADMAP.md:L5253` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0339-internal-architecture-leaks-into-user-su -- Title: **Internal architecture leaks into user surface.** The `worker` / `daemon` / `background session` distinction is internal runtime nomenclature, not user-facing workflow. -- Source: `ROADMAP.md:L5254` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `sessions` / `stream_0_governance` -- Dependencies: none -- Verification: `targeted_regression_or_acceptance_test_required` -- Deferral rationale: - -### CC2-RM-A0340-error-message-should-include-remediation -- Title: **Error message should include remediation.** Change error to: -- Source: `ROADMAP.md:L5257` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0341-add-claw-help-reference-document-under-f -- Title: **Add `claw --help` reference.** Document under `Flags` or `Subcommand overview` that `claw state` requires prior execution. -- Source: `ROADMAP.md:L5266` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0342-consistency-with-typed-error-envelope-ro -- Title: **Consistency with typed-error envelope** (ROADMAP §4.44): include `operation: "state-read"`, `target: ""`, `retryable: false` fields for machine consumers. -- Source: `ROADMAP.md:L5267` (`roadmap_action`) -- Bucket/status: `alpha_blocker` / `open` -- Category/lane: `windows_install` / `stream_0_governance` -- Dependencies: none -- Verification: `install_matrix_or_cross_platform_smoke` -- Deferral rationale: - -### CC2-RM-A0343-product-principle-violation-every-cli-su -- Title: **Product principle violation**: every CLI subcommand should have a consistent ` --help` contract that returns subcommand-specific help. -- Source: `ROADMAP.md:L5312` (`roadmap_action`) -- Bucket/status: `beta_adoption` / `open` -- Category/lane: `docs_license` / `stream_0_governance` -- Dependencies: none -- Verification: `docs_snapshot_or_help_output_check` -- Deferral rationale: - -### CC2-RM-A0344-ci-orchestration-hazard-a-claw-script-th -- Title: **CI/orchestration hazard**: a claw script that tries ` --help | grep