test(#762 ): classify_error_kind now covers all 23 classifier arms (was 8 of 23)

fix(#761 ): mcp server_not_found and skill_not_found envelopes now include hint field
fix(#760 ): agent_not_found and plugin_not_found envelopes now include hint field
2026-05-26 15:36:46 +00:00 · 2026-05-27 00:33:11 +09:00 · 2026-05-27 00:03:53 +09:00 · 2026-05-26 23:36:30 +09:00 · 2026-05-26 23:04:04 +09:00 · 2026-05-26 22:34:18 +09:00
23 changed files with 2724 additions and 200 deletions
--- a/.github/hooks/pre-push
+++ b/.github/hooks/pre-push
@@ -11,10 +11,21 @@ set -euo pipefail
 repo_root="$(git rev-parse --show-toplevel 2>/dev/null)"
 cd "$repo_root"
 if [[ -x scripts/roadmap-check-ids.sh ]]; then
  echo "pre-push: scripts/roadmap-check-ids.sh" >&2
  scripts/roadmap-check-ids.sh
 fi
 if [[ "${SKIP_CLAW_PRE_PUSH_BUILD:-}" == "1" ]]; then
  echo "pre-push: SKIP_CLAW_PRE_PUSH_BUILD=1 set; skipping cargo workspace build" >&2
  exit 0
 fi
 if [[ ! -f rust/Cargo.toml ]]; then
  echo "pre-push: rust/Cargo.toml not found; skipping cargo workspace build" >&2
  exit 0
 fi
-echo "pre-push: cargo build --manifest-path rust/Cargo.toml --workspace" >&2
+build_cmd=(cargo build --manifest-path rust/Cargo.toml --workspace --locked)
-cargo build --manifest-path rust/Cargo.toml --workspace
+echo "pre-push: ${build_cmd[*]}" >&2
 "${build_cmd[@]}"
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -21,6 +21,8 @@ on:
      - PARITY.md
      - PHILOSOPHY.md
      - ROADMAP.md
      - scripts/roadmap-*.sh
      - tests/test_roadmap_helpers.py
      - docs/**
      - rust/**
  pull_request:
@@ -41,6 +43,8 @@ on:
      - PARITY.md
      - PHILOSOPHY.md
      - ROADMAP.md
      - scripts/roadmap-*.sh
      - tests/test_roadmap_helpers.py
      - docs/**
      - rust/**
  workflow_dispatch:
@@ -72,6 +76,10 @@ jobs:
        run: python .github/scripts/check_doc_source_of_truth.py
      - name: Check release policy docs and local links
        run: python .github/scripts/check_release_readiness.py
      - name: Check ROADMAP ids
        run: scripts/roadmap-check-ids.sh
      - name: Check ROADMAP helper behavior
        run: python -m unittest discover -s tests -p test_roadmap_helpers.py
  fmt:
    name: cargo fmt
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -33,6 +33,41 @@ cargo build --workspace
 .\target\debug\claw.exe --help
 ```
 ## Local pre-push build gate
 Install the repository-local hook to catch stale compile errors before pushing:
 ```bash
 git config core.hooksPath .github/hooks
 ```
 This sets the repo's Git hook directory to `.github/hooks`; if you already use a
 custom `core.hooksPath`, copy or chain `.github/hooks/pre-push` instead. The hook
 runs the ROADMAP id guard, then runs
 `cargo build --manifest-path rust/Cargo.toml --workspace --locked` from the
 repository root. If you must bypass the cargo build for a docs-only push, set
 `SKIP_CLAW_PRE_PUSH_BUILD=1`; the hook still runs the ROADMAP guard and prints
 when the cargo-build escape hatch is used.
 ## ROADMAP id allocation
 Before appending a new numeric ROADMAP entry, pull/rebase onto the latest
 `main`, allocate the id from the file you are about to edit, and run the duplicate
 id guard before pushing:
 ```bash
 git pull --rebase
 NEXT=$(scripts/roadmap-next-id.sh)
 # append "${NEXT}. **...**" to ROADMAP.md
 scripts/roadmap-check-ids.sh
 ```
 The duplicate guard currently checks helper-era ids (`>=723`) by default so it
 catches new optimistic-append collisions without failing on legacy numbered lists
 already present in the historical roadmap. Use `scripts/roadmap-check-ids.sh
 --min-id 1` for a strict whole-file audit after those legacy collisions are
 cleaned up.
 ## Checks before opening a pull request
 Run the smallest relevant tests for your change, then the broader checks when
--- a/ROADMAP.md
+++ b/ROADMAP.md
@@ -7561,3 +7561,133 @@ Original filing (2026-04-18): the session emitted `SessionStart hook (completed)
 697. **`claw plugins remove <name>` silently returns `status:"ok"` with exit 0 when the named plugin does not exist — no `not_found` error, no non-zero exit, no indication the operation was a no-op; sibling: `claw agents <unknown-subcommand>` returns `action:"help"` with exit 0 instead of a typed `unknown_subcommand` error** — dogfooded 2026-05-25 on `63a5a874`. Reproduction: `claw plugins remove nonexistent-plugin --output-format json </dev/null` returns `{"kind":"plugin","action":"remove","status":"ok","error":null,...}` and exits 0. No plugin named `nonexistent-plugin` exists. A caller cannot distinguish "plugin was successfully removed" from "plugin was never there" — both produce the same `status:"ok"` envelope. Sibling: `claw agents stop nonexistent-agent --output-format json </dev/null` returns `{"kind":"agents","action":"help","unexpected":"stop nonexistent-agent",...}` and exits 0 — unknown subcommand falls through to help output rather than a typed error with exit 1. **Required fix shape:** (a) `plugins remove` must check whether the named plugin exists before reporting success; emit `{"kind":"plugin","action":"remove","status":"error","error_kind":"plugin_not_found","plugin_name":"<name>"}` with exit 1 when the plugin is absent; (b) `agents <unknown>` must emit `{"kind":"agents","action":"error","error_kind":"unknown_subcommand","subcommand":"<token>","supported":["list","help"]}` with exit 1 instead of falling back to help output with exit 0; (c) add regression tests proving both paths exit 1 with typed error envelopes. **Why this matters:** idempotent-but-silent remove is fine for infrastructure tools with explicit idempotency contracts; claw has no such contract, and `status:"ok"` for a name-miss means automation cannot audit whether a remove actually ran vs was a no-op. Source: Jobdori dogfood on `63a5a874`, 2026-05-25.
 698. **Config deprecation warnings emit once per `ConfigLoader::load()` call, so surfaces that call `load()` multiple times in a single invocation emit duplicate `warning:` lines to stderr — `claw plugins list` and `claw mcp list` each print the same deprecation warning twice** — dogfooded 2026-05-25 on `c345ce6d`. Reproduction: `echo '{"enabledPlugins": {}}' > ~/.claw/settings.json && claw plugins list 2>&1 | grep warning` prints the same `field "enabledPlugins" is deprecated. Use "plugins.enabled" instead` line twice. Root cause: `config.rs:304` emits `eprintln!("warning: {warning}")` for every warning in every `loader.load()` call; surfaces like `plugins_command_payload_for` and `render_mcp_report_json_for` each trigger an independent `loader.load()` (one for runtime config, one inside the command handler), multiplying the stderr output. `skills list` emits only one warning because its command path calls `load()` once; `plugins` and `mcp` emit two. **Required fix shape:** (a) track already-emitted warning strings in a process-lifetime `std::sync::OnceLock<Mutex<HashSet<String>>>` in `config.rs` and skip re-emitting duplicates within the same process run; or (b) collect all warnings at a single call site after all config loads are complete and emit once with dedup; or (c) change `load()` to return warnings alongside the result instead of eagerly printing them, letting call sites emit once. Option (a) is a minimal one-file fix. **Why this matters:** duplicate warnings make the CLI look buggy, cause CI log noise, and — when the deprecation warning fires on every invocation — are more likely to be `tail -f`'d away than acted on. A single clean warning per invocation is the standard. Source: Jobdori dogfood on `c345ce6d`, 2026-05-25.
 699. **`bootstrap-plan` and `dump-manifests` JSON/help probes fall through to prompt/auth instead of local command dispatch unless global flags are positioned just so; with normal subcommand-style argv they either hang behind the spinner or return `missing_credentials`, making local startup/manifest introspection non-local** — dogfooded 2026-05-25 on `11a6e081a` after the ROADMAP #458 envelope sweep. Reproduction with the freshly rebuilt debug binary: `./rust/target/debug/claw bootstrap-plan --output-format json </dev/null` times out after 10s with spinner bytes on stdout and only a config deprecation warning on stderr in the normal home env; in an isolated env without credentials it exits 1 as `missing_credentials` instead of returning the local bootstrap phase JSON. `./rust/target/debug/claw dump-manifests --output-format json </dev/null` behaves the same. The help forms `bootstrap-plan --help --output-format json` and `dump-manifests --help --output-format json` also time out behind the spinner. This is distinct from #690/#692, which assumed these help paths were intercepted and only lacked schema depth; current dogfood shows an even lower-level routing/argv-order gap on the rebuilt `11a6e081a` binary. **Why it matters:** `bootstrap-plan` and `dump-manifests` are supposed to be credential-free local introspection/preflight commands. If the parser treats `--output-format json` after the subcommand as prompt text or routes into the provider/auth path, claws cannot safely probe startup phases or manifest availability without API credentials and timeout guards. **Required fix shape:** (a) make subcommand-local `--output-format json` and `--help --output-format json` dispatch before prompt/auth for `bootstrap-plan` and `dump-manifests`; (b) guarantee these commands are local-only and do not require provider credentials; (c) add regression tests for both argv orders if global flags are supported after subcommands, or emit a fast typed `cli_parse` error with `status:"error"` and no spinner if not supported; (d) acceptance: `env -i HOME=/tmp/empty PATH=/usr/bin:/bin TERM=dumb ./rust/target/debug/claw bootstrap-plan --output-format json </dev/null | jq -e '.kind=="bootstrap-plan" and (.phases|length>0)'` and the analogous dump-manifests/help probes must return within 1s without credentials. Source: gaebal-gajae dogfood for the 2026-05-25 07:30 Clawhip nudge.
 700. **`claw help --output-format json` emits `{"kind":"help","message":"<prose>"}` with no `status` field, and `claw sessions` (via `/sessions list` slash command) emits `{"kind":"session_list",...}` — both are envelope shape inconsistencies relative to the now-complete #458 sweep** — dogfooded 2026-05-25 on `eb7c14c4`. (1) `help` JSON: all 12 probed surfaces now have `status ∈ {ok,warn,error,unsupported}` after the #458 sweep; `help` is the one remaining surface that emits JSON but lacks `status`. The envelope has only `kind:"help"` and `message:"<prose blob>"` — no machine-readable status, no structured sections array (per #325/#686/#687/#688). (2) `session_list` kind: `claw sessions` and the `/sessions list` slash command emit `"kind":"session_list"` — all other surfaces use the subcommand name as the kind token (`kind:"skills"`, `kind:"agents"`, `kind:"mcp"` etc). `session_list` is a verb+noun compound that breaks the convention and makes kind-based routing require a special case. **Required fix shape:** (a) add `"status": "ok"` to all `help` JSON emission sites (`print_help` at line ~7120 and ~7167, plus inline REPL help at ~3924 in `main.rs`); (b) rename `"kind":"session_list"` to `"kind":"sessions"` at the two emission sites (lines ~3912, ~6385) and update any test assertions; keep a `"action":"list"` field for the action discriminant. Both are 1–3 line changes. **Why this matters:** the #458 acceptance check `for c in … ; do claw $c --output-format json | jq -e '.status | IN(…)' || echo FAIL; done` still FAILs for `help`; `session_list` kind breaks any kind-routing table that maps surface names to handler IDs. Source: Jobdori dogfood on `eb7c14c4`, 2026-05-25.
 700. **Top-level `help --output-format json` hangs behind the prompt spinner instead of returning bounded help JSON or a typed parse error** — dogfooded 2026-05-25 on freshly rebuilt `f9e98a263` during the 08:30 Clawhip nudge. Reproduction: `timeout 8 ./rust/target/debug/claw help --output-format json </dev/null` exits 124; stdout only shows spinner/TUI bytes and stderr is empty or only unrelated config warning depending on HOME. Positive control in the same rebuilt binary: `version --output-format json` returns promptly with `{kind:"version",status:"ok",git_sha:"f9e98a263"}`. This is adjacent to #699 but distinct: #699 covers `bootstrap-plan`/`dump-manifests` local subcommands falling through to prompt/auth; #700 covers the root bootstrap help surface itself. **Why it matters:** `help --output-format json` is the first command a wrapper or new claw probes to discover the CLI. A hanging help path forces every orchestrator to wrap discovery in external timeouts and cannot distinguish “unsupported JSON help” from “provider/auth prompt path accidentally started.” **Required fix shape:** (a) intercept top-level `help --output-format json` before prompt/provider startup; (b) return bounded JSON with `kind:"help"`, `status:"ok"`, command list, formats, and schema/version metadata, or if this argv order is intentionally unsupported, fail fast with `kind:"cli_parse"`, `status:"error"`, no spinner; (c) add regression proving `env -i HOME=/tmp/empty PATH=/usr/bin:/bin TERM=dumb ./rust/target/debug/claw help --output-format json </dev/null` exits within 1s without credentials. Source: gaebal-gajae dogfood for the 2026-05-25 08:30 Clawhip nudge.
 701. **`claw doctor --output-format json` `checks[].details[]` entries are prose strings like `"Enabled          true"` — no structured key/value — so downstream claws must split on whitespace to extract scalar values from the detail table** — dogfooded 2026-05-25 on `f9e98a26`. Reproduction: `claw doctor --output-format json | jq '.checks[] | {name, details}'` returns `details: ["Repo exists      true", "Worktree exists  true", ...]` — each detail is a human-formatted table row. A caller wanting `sandbox.enabled` must do `split(/\s+/)` and strip padding. The `checks[].status` field is already structured (`"ok"/"warn"/"error"`), but the supporting evidence is prose-only. **Required fix shape:** (a) change `details: string[]` to `details: {key: string, value: string | bool | number | null}[]` for all doctor checks; use booleans for `true`/`false` values and numbers for counts; keep a `raw` or `label` string for human rendering; (b) update `format_doctor_detail` / `build_boot_preflight_details` etc. in `main.rs` to emit structured objects instead of padded strings; (c) update test assertions in `output_format_contract.rs` to verify `details[0].key` and `details[0].value` shapes; (d) acceptance: `claw doctor --output-format json | jq '.checks[] | .details[] | if type == "string" then error else . end'` should not error. **Why this matters:** `details[]` is the only per-check evidence available to a claw diagnosing a `"warn"` or `"error"` check; if the values are prose strings, the claw must scrape rather than parse. Source: Jobdori dogfood on `f9e98a26`, 2026-05-25.
 702. **`claw agents --output-format json` per-agent entries use `source: {id, label}` while `claw skills --output-format json` per-skill entries use `origin: {id, detail_label}` — same concept, different field name and key shape, breaking any generic inventory parser** — dogfooded 2026-05-25 on `ee24ff2d`. Reproduction: `claw agents --output-format json | jq '.agents[0] | {source}` returns `{"source": {"id": "project_claw", "label": "Project roots"}}`. `claw skills --output-format json | jq '.skills[0] | {origin}` returns `{"origin": {"id": "skills_dir", "detail_label": null}}`. The provenance concept is the same (where the definition file was loaded from), but the field name (`source` vs `origin`), the human-label key (`label` vs `detail_label`), and the presence of `detail_label: null` vs no such field create two incompatible schemas. A generic claw that wants "where did this agent/skill come from?" must hard-code separate paths for agents and skills. **Required fix shape:** (a) normalise to a single shape — either `source: {id, label, detail_label?}` or `origin: {id, label, detail_label?}` — used identically in agent, skill, and any future resource listings; (b) update test assertions in `output_format_contract.rs` to verify the unified shape; (c) add a cross-resource schema test that parses both agents and skills provenance through the same JSON path. **Why it matters:** multi-resource orchestration (listing agents and skills to pick delegation targets) requires a uniform field layout; name divergence forces per-kind special-casing in every consumer. Source: Jobdori dogfood on `ee24ff2d`, 2026-05-25.
 703. **`claw plugins --output-format json` list response uses prose `message` for inventory summary instead of a structured `summary: {total, enabled, disabled}` object, and leaks `reload_runtime`/`target` into the list envelope** — dogfooded 2026-05-25 on `5bca9ef0`. `claw skills --output-format json` returns `summary: {"active":81,"shadowed":47,"total":128}` — fully machine-readable. `claw plugins --output-format json` returns `message: "Plugins\n  example-bundled v0.1.0 enabled\n  sample-hooks v0.1.0 disabled"` — prose that requires scraping to count plugins. The envelope also includes `reload_runtime: false` and `target: null` which are operation-result fields, not list-response fields (they're only meaningful after install/enable/disable/uninstall). A generic claw computing "how many plugins are active?" cannot do so without text parsing. **Required fix shape:** (a) add `summary: {total, enabled, disabled, load_failures}` to the `plugins list` JSON envelope; (b) drop `reload_runtime` and `target` from the list response (they belong only in install/enable/disable/uninstall/update responses); (c) keep `message` as an optional human field alongside the structured summary; (d) update `output_format_contract.rs` to assert plugins list has `summary.total` and no `reload_runtime`. **Why it matters:** plugin-count queries and health checks require machine-readable inventory summaries; matching `skills` schema parity enables generic resource health checks across both subsystems. Source: Jobdori dogfood on `5bca9ef0`, 2026-05-25.
 704. **`claw doctor --output-format json` all `checks[].label` fields are `null` — downstream claws cannot identify which check produced a `warn`/`error` without scraping the prose `name` or `details[]` array** — dogfooded 2026-05-25 on `1a6f54b9`. Reproduction: `claw doctor --output-format json | jq '[.checks[] | {label, status}]'` returns 7 entries all with `"label": null`. The `status` field correctly encodes `"ok"/"warn"/"error"` but there is no stable machine-readable identifier for each check. A claw automating `claw doctor` must either enumerate checks by positional index (fragile) or scrape the `name` prose string (brittle). **Required fix shape:** (a) add a stable `id` or `label` field to each `DiagnosticCheck` (e.g. `"credentials"`, `"git"`, `"sandbox"`, `"config"`, `"mcp"`, `"trust"`, `"workspace"`) that downstream parsers can key on; (b) the field should be `snake_case` and never change across releases; (c) the `name` field can remain as the human-readable title; (d) add regression asserting at least one check has a non-null `label` in `output_format_contract.rs`. **Why it matters:** doctor automation (e.g. preflight gates, CI health checks) requires routing on which check failed, not just that *a* check failed; positional-index routing breaks whenever a new check is added. Source: Jobdori dogfood on `1a6f54b9`, 2026-05-25.
 705. **`status` and `export` usage JSON `estimated_cost_usd` is a string `"$0.0000"` not a number — downstream claws must strip `$` and parse float to compute costs** — dogfooded 2026-05-25 on `8f809d9a`. `claw status --output-format json | jq '.usage.estimated_cost_usd'` returns `"$0.0000"` (string). Cost aggregation or threshold checks require `parseFloat(x.replace("$",""))`. **Fix shape:** emit `estimated_cost_usd` as a JSON number and add `estimated_cost_usd_formatted` as the display string. Partial fix landed: `estimated_cost_usd_num` (float) added as a companion field at `cb...` alongside the legacy string field for backwards compatibility; `estimated_cost_usd` string preserved. Source: Jobdori dogfood on `8f809d9a`, 2026-05-25.
 706. **`claw skills show <name> --output-format json` silently returns `status:"ok"` with empty `skills:[]` when the named skill does not exist — downstream claws cannot distinguish "no skill installed" from "skill name typo"** — dogfooded 2026-05-26 on `f84799c8`. Reproduction: `claw skills show nonexistent --output-format json` → `{kind:"skills", action:"list", status:"ok", skills:[], summary:{total:0,...}}` exit 0. A claw checking whether a skill is available treats empty success as "no skills installed anywhere" rather than "skill not found". **Fix shape:** return `{kind:"skills", action:"show", status:"error", error_kind:"skill_not_found", requested:"<name>"}` + exit 1 when `show <name>` matches nothing; landed at `...`. Source: Jobdori dogfood on `f84799c8`, 2026-05-26.
 707. **`init.rs` test `temp_dir()` uses nanoseconds only — two parallel test runs in the same process can land in the same nanosecond window and collide on the same temp path, causing intermittent test failures** — dogfooded 2026-05-26 on `dedad14a`. `artifacts_with_status_partitions_fresh_and_idempotent_runs` was seen flaking in full-suite parallel runs but passing in isolation. Root cause: `temp_dir()` at `init.rs:383` used only `SystemTime::now().as_nanos()` as the uniqueness token. Two concurrent callers within the same nanosecond window produce the same path. Fix: added `AtomicU64` counter combined with nanoseconds → `rusty-claude-init-{nanos}-{id}` eliminates same-process collisions. Source: Jobdori dogfood on `dedad14a`, 2026-05-26.
 708. **`claw skills show <name> --output-format json` returns `action:"list"` even on the show path — `render_skills_report_json` hardcoded `"action":"list"` for all skill responses including show/info/describe** — dogfooded 2026-05-26 on `26a50d91`. `claw skills show korea-weather --output-format json` returned `{action:"list"}` even when the show path was taken. Also had duplicate `"status":"ok"` key in the JSON object. Fix: renamed `render_skills_report_json` to `render_skills_report_json_with_action(skills, action)` and updated all call sites to pass `"list"` or `"show"` appropriately; removed duplicate status key. Source: Jobdori dogfood on `26a50d91`, 2026-05-26.
 709. **`render_agents_report_json` and `render_skill_install_report_json` in `commands/src/lib.rs` contained duplicate `"status":"ok"` keys in the same JSON object literal — second key silently overwrites first in serde_json** — found during #708 dogfood sweep on `47c0226a`. Rust `serde_json::json!` macros accept duplicate keys but `serde_json` silently keeps the last occurrence; any consumer relying on the first occurrence gets the wrong value if they are ever different. Fixed by removing the duplicate `status` key from `render_agents_report_json` and `render_skill_install_report_json`. Source: Jobdori dogfood on `47c0226a`, 2026-05-26.
 710. **`claw diff --output-format json` missing `action` and `working_directory` fields — both the ok and error paths in `render_diff_json_for` omitted `action` entirely (returning `null` at parse time) and omitted `working_directory`** — dogfooded 2026-05-26 on `8f8eb41e`. Both the clean/changes success path and the no-git-repo error path were missing the two envelope fields that automation uses for routing and provenance. Fix: added `action:"diff"` and `working_directory: cwd.display()` to both branches of `render_diff_json_for`; added contract-test assertions for both fields. Source: Jobdori dogfood on `8f8eb41e`, 2026-05-26.
 711. **`version`, `system-prompt`, `export`, and `init` `--output-format json` responses all lacked an `action` field — returned `null` or omitted entirely** — dogfooded 2026-05-26 on `42c17bc4`. All four commands emitted `kind` + `status` but no `action`, making them inconsistent with all other JSON surfaces that include the verb. Fix: added `action:"show"` to `version` and `system-prompt`, `action:"export"` to all three `export` paths, `action:"init"` to `init`; added contract-test assertions for each. Source: Jobdori dogfood on `42c17bc4`, 2026-05-26.
 712. **`doctor`, `status`, `bootstrap-plan`, and `dump-manifests` `--output-format json` responses missing `action` field — consistent with batch of missing-action fixes in #710/#711** — dogfooded 2026-05-26 on `bae0099c`. `doctor` returned no `action`; `status` and `bootstrap-plan` same. `dump-manifests` had empty string. Fix: added `action:"doctor"` to doctor JSON, `action:"show"` to status and bootstrap-plan, `action:"dump"` to dump-manifests happy path. Source: Jobdori dogfood on `bae0099c`, 2026-05-26.
 713. **`acp` and `config` (bare and section-show) `--output-format json` responses missing `action` field — continues sweep from #710–#712** — dogfooded 2026-05-26 on `fdde5e45`. `acp` had no action; `config` bare had no action; `config <section>` and the unknown-section error path both had no action. Fix: added `action:"status"` to acp, `action:"list"` to config bare, `action:"show"` to config section-show and unknown-section error path. Source: Jobdori dogfood on `fdde5e45`, 2026-05-26.
 714. **`help --output-format json` missing `action` field; resume `/help` JSON path also missing `action` and `status`** — dogfooded 2026-05-26 on `7d6b2044`. Top-level `claw help --output-format json` returned `{kind:"help", status:"ok"}` with no `action`. The `render_export_help_json` and `render_help_topic_json` resume-path helpers were also missing `action`. The resume REPL help JSON object had neither `action` nor `status`. Fix: added `action:"help"` (and `status:"ok"` where missing) to all 4 help JSON sites. Source: Jobdori dogfood on `7d6b2044`, 2026-05-26.
 715. **Resume-path slash commands (`/compact`, `/clear`, `/cost`, `/stats`, `/history`, `/session exists`, `/session delete`, `memory`) JSON responses missing `action` and `status` fields** — dogfooded 2026-05-26 on `590b5b61`. The `assert_non_empty_action` guardrail added by #3109 only covers `assert_json_command` (top-level CLI surfaces); resume-path commands that emit JSON via `ResumeCommandOutcome.json` were not covered. 8 resume-path JSON sites all lacked `action` and `status`. Fix: added `action` + `status:"ok"` to `compact`, `clear`, `cost`, `stats`, `history`, `session_exists`, `session_delete`, `memory`, and `restored`. Source: Jobdori dogfood on `590b5b61`, 2026-05-26.
 716. **Resume-path error JSON used legacy `{type:"error", error:...}` shape instead of standard `{kind, action, status:"error", error_kind, exit_code}` envelope — 5 error paths affected** — dogfooded 2026-05-26 on `76c8d480`. Session load failure, unsupported command, unsupported resumed command, SlashCommand parse error, and broad-cwd abort all emitted the old two-key shape. Fix: aligned all 5 to `{kind, action:"resume"|"abort", status:"error", error_kind, error, exit_code}`. Updated `resumed_stub_command_emits_not_implemented_json` test to assert `status:"error"` + `kind:"unsupported_command"`. Source: Jobdori dogfood on `76c8d480`, 2026-05-26.
 717. **`claw agents show <name>` missing — `handle_agents_slash_command_json` only accepted `list`; `show/info/describe` was unimplemented unlike skills which had parity** — dogfooded 2026-05-26 on `6a007344`. `claw agents show claw-code --output-format json` returned `unknown_agents_subcommand` error. Fix: added `show/info/describe` and `list <filter>` arms to both `handle_agents_slash_command` and `handle_agents_slash_command_json`, mirroring the skills handler; renamed `render_agents_report_json` → `render_agents_report_json_with_action`; not-found path returns `{kind:"agents", action:"show", status:"error", error_kind:"agent_not_found", requested:"<name>"}` + Ok; added `classify_error_kind` branch for `agent_not_found`. Updated 2 tests. Source: Jobdori dogfood on `6a007344`, 2026-05-26.
 718. **`claw plugins show <name>` unimplemented — unlike `agents show` and `skills show`, `/plugins show` returned `unknown_plugins_action` error** — dogfooded 2026-05-26 on `8d80f2ff`. Fix: added `show/info/describe` arm to `handle_plugins_slash_command` that filters installed plugins by name; `print_plugins` JSON path filters `payload.plugins` when action is `show/info/describe` and emits `{kind:"plugin", action:"show", status:"error", error_kind:"plugin_not_found", requested:"<name>"}` for missing names. Updated error message in catch-all to name `show` as supported. Source: Jobdori dogfood on `8d80f2ff`, 2026-05-26.
 719. **`plugins list <filter>` silently returned all plugins instead of filtering — unlike `agents list <filter>` and `skills list <filter>` which do substring filter** — dogfooded 2026-05-26 on `556a598f`. `claw plugins list nonexistent-filter-xyz --output-format json` returned both installed plugins. Fix: `handle_plugins_slash_command` `list` arm now treats `target` as a substring filter; `print_plugins` JSON path applies `target` filter for `list` action. Source: Jobdori dogfood on `556a598f`, 2026-05-26.
 720. **`claw help agents` (and `help skills|plugins|mcp|config|diff|sandbox|doctor|etc.`) errored with `cli_parse: unrecognized argument` instead of routing to the subsystem's help** — dogfooded 2026-05-26 on `fe2b13a4`. `claw help agents --output-format json` returned `{status:"error", error_kind:"cli_parse"}`. The `is_diagnostic` guard for `"help"` verb rejected any trailing non-flag argument. Fix: when `verb == "help"` and exactly one topic argument follows, match it against all known `LocalHelpTopic` variants (including new `Agents`, `Skills`, `Plugins`, `Mcp`, `Config`, `Diff`) and route to `HelpTopic`; `agents` and `skills` delegate to their subsystem usage JSON in `print_help_topic`. Unknown topics fall through to generic `Help`. Source: Jobdori dogfood on `fe2b13a4`, 2026-05-26.
 721. **`claw config mcp|sandbox|permissions|skills|agents` returned `{status:"error", error_kind:"unsupported_config_section"}` with error message "Use env, hooks, model, or plugins" — 5 valid config sections were not mapped in the JSON path** — dogfooded 2026-05-26 on `02d1f6a0`. `claw config agents --output-format json` → `{status:"error", error_kind:"unsupported_config_section", error:"...Use env, hooks, model, or plugins."}`. The `match section` arms in both text and JSON paths only handled `env/hooks/model/plugins`; all others fell to the error arm. Fix: added `mcp|mcp_servers|mcpServers`, `sandbox`, `permissions`, `skills`, `agents` arms to both text and JSON config section handlers. `unsupported_config_section` error envelope now includes `supported_sections:[]` array. Source: Jobdori dogfood on `02d1f6a0`, 2026-05-26.
 722. **ROADMAP #721 re-entry after rebase conflict: `claw config mcp|sandbox|permissions|skills|agents` returned `unsupported_config_section` — code fix is in `6e44da10`** (main.rs changes preserved through rebase, only ROADMAP.md was conflict-resolved to Gaebal's version). Both text and JSON config section handlers now support `mcp`, `sandbox`, `permissions`, `skills`, `agents`; error envelope includes `supported_sections:[]`. Source: Jobdori dogfood on `02d1f6a0`, 2026-05-26.
 723. **Concurrent dogfood claws allocate ROADMAP ids manually and collide — same id reused by two contributors simultaneously, causing PR ROADMAP.md conflicts and lost entries** — observed live 2026-05-26 during Jobdori+Gaebal parallel dogfood session: Gaebal filed stale-local-probe as #719; Jobdori landed `plugins list <filter>` as #719 on main first; Gaebal shifted to #720; Jobdori landed `claw help <topic>` as #720; stale-local-probe eventually landed as #721 after two forced rebase cycles. The ROADMAP append workflow has no reservation or conflict-aware id allocation. **Required fix shape:** (a) add `scripts/roadmap-next-id.sh` that reads the highest id from ROADMAP.md and prints `highest+1` — claws should call this immediately before appending any new entry; (b) document in CONTRIBUTING.md that id allocation is optimistic-append: call `roadmap-next-id.sh` immediately before the append, git-pull first, resolve collisions at push time by re-numbering the appended entry; (c) long-term: a GitHub Action that validates no duplicate ROADMAP ids on PR would catch this before merge. Added `scripts/roadmap-next-id.sh` (this commit). Source: Gaebal Gajae live observation, 2026-05-26.
 724. **DONE — ROADMAP duplicate-id validation guard for helper-era append collisions** — follow-up to #723 after dogfood showed `scripts/roadmap-next-id.sh` still printed 724 and exited 0 when a temp ROADMAP copy already contained a second `723. ...` line. This PR closes the gap for new optimistic-append collisions by adding `scripts/roadmap-check-ids.sh`, wiring it into docs CI and the local pre-push hook, documenting the pre-push command in CONTRIBUTING, and mentioning the guard from `roadmap-next-id.sh`. The guard defaults to ids >=723 so current historical roadmap content and old numbered lists do not block docs-only PRs; `--min-id 1` is available for a strict whole-file audit once legacy collisions are cleaned up. **Verification:** `scripts/roadmap-check-ids.sh` passes on current ROADMAP; a temp copy with an appended duplicate `723.` fails nonzero and lists duplicate id 723 with line numbers. Source: Jobdori dogfood follow-up on origin/main `922c2398`, 2026-05-25. [SCOPE: docs/scripts]
 725. **DONE — roadmap-next-id helper now fails closed on helper-era duplicate ids before printing a next id** — follow-up to #724 after dogfood on origin/main 25ee5f3d showed `scripts/roadmap-next-id.sh` could print `1000` and exit 0 when a temp ROADMAP copy already contained two `999.` helper-era entries. This PR makes `roadmap-next-id.sh` resolve `roadmap-check-ids.sh` by its own script directory, run the checker with default helper-era min-id semantics before computing `highest+1`, keep stdout reserved for the single next id on success, and fail closed with a useful error if the checker is unavailable. Added focused pytest coverage for clean next-id output, duplicate fail-fast behavior, and missing-checker fail-closed behavior. **Verification:** `scripts/roadmap-next-id.sh ROADMAP.md` prints `725`; `scripts/roadmap-check-ids.sh ROADMAP.md` passes; a temp ROADMAP with duplicate `999.` exits nonzero and lists duplicate id 999 without printing a next id; `bash -n scripts/roadmap-next-id.sh scripts/roadmap-check-ids.sh` passes; `python -m pytest tests/test_roadmap_helpers.py -q` passes. Source: Jobdori dogfood follow-up on origin/main 25ee5f3d. [SCOPE: docs/scripts]
 726. **`claw export` from a workspace with a cross-workspace legacy session emits `kind:"unknown", error_kind:"unknown"` instead of a typed error — `legacy session is missing workspace binding` error propagates through the generic error handler unclassified** — dogfooded 2026-05-26 on `d8a61090`. Reproduction: `claw export --output-format json` from a fresh `git init` workspace where the most-recent managed session was created in a different workspace root returns `{kind:"unknown", action:"abort", status:"error", error_kind:"unknown"}`. The error originates in `SessionControlError::Format(format_legacy_session_missing_workspace_root(...))` in `session_control.rs:313`; `classify_error_kind` had no branch for "legacy session is missing workspace binding" and fell through to "unknown". Fix: added `legacy_session_no_workspace_binding` branch to `classify_error_kind`. Remaining gap: `kind` still shows the error_kind value instead of `"export"` — root cause is the generic error path setting `kind = error_kind` rather than the subcommand name; this is the `#422` class and requires a separate structural fix. Source: Jobdori dogfood on `d8a61090`, 2026-05-26.
 727. **`branch_freshness.fresh: null` with `upstream: null` is ambiguous — automation checking `if .workspace.branch_freshness.fresh == true` treats "no upstream configured" identically to "behind by N commits", both returning falsy null** — dogfooded 2026-05-26 on `a0c6c8ba`. Reproduction: `claw status --output-format json` from a freshly `git init`'d repo with no remote returns `{upstream: null, fresh: null, ahead: 0, behind: 0}`. An automation script that gates on `.branch_freshness.fresh == true` before proceeding sees `null == true → false` and blocks — identical to the behind-by-N case. The JSON has no discriminator between "freshness unknown because no upstream" and "freshness unknown because git unavailable". Fix: added `has_upstream: bool` to `BranchFreshness.json_value()` — automation should check `has_upstream` before branching on `fresh`. Source: Jobdori dogfood on `a0c6c8ba`, 2026-05-26.
 728. **`claw agents list` and `agents show` JSON responses had no `path` field — callers could not determine which on-disk `.toml` file backs each agent without re-walking the same discovery directories** — dogfooded 2026-05-26 on `9757fef8`. `claw agents list --output-format json` returned `{name, description, model, source: {id, label, detail_label: null}}` with no disk path. `AgentSummary` had no `path` field; the `entry.path()` from the `fs::read_dir` loop was discarded after frontmatter parsing. Fix: added `path: Option<PathBuf>` to `AgentSummary`; populated from `entry.path()` in the discovery loop; exposed as `"path": string|null` in `agent_summary_json`. Agents now return e.g. `{path:"/Users/.../.codex/agents/codex-ultrawork-reviewer.toml"}`. Parity gap: `skills list` still lacks `path` — tracked as a follow-on (same fix needed in `SkillSummary`). Source: Jobdori dogfood on `9757fef8`, 2026-05-26.
 729. **`claw skills list/show --output-format json` had no `path` field — parity gap with `agents list` (#728): callers could not determine which on-disk directory backs each skill without re-walking discovery roots** — dogfooded 2026-05-26 on `fa29909f`. `SkillSummary` had no `path` field; both `SkillOrigin::SkillsDir` (returns `entry.path()`) and `SkillOrigin::LegacyCommandsDir` (returns `markdown_path`) push sites discarded the resolved path after parsing. Fix: added `path: Option<PathBuf>` to `SkillSummary`; `SkillsDir` branch populates `Some(entry.path())`, `LegacyCommandsDir` branch populates `Some(markdown_path)`; `skill_summary_json` exposes `"path": string|null`. Skills now return e.g. `{path:"/Users/.../.agents/skills/agent-browser"}`. Completes the path-discoverability trio started in #728 (agents) — plugins path is a remaining follow-on. Source: Jobdori dogfood on `fa29909f`, 2026-05-26.
 730. **`claw plugins list/show --output-format json` had no `path` field — parity gap completing the agents (#728) / skills (#729) trio: callers could not determine which on-disk directory backs each plugin without re-walking discovery roots** — dogfooded 2026-05-26 on `8f44ad30`. `plugin_summary_json` in `rusty-claude-cli/src/main.rs` rendered all `PluginMetadata` fields except `root: Option<PathBuf>`, which was already present in the struct. Fix: added `"path": plugin.metadata.root.as_ref().map(|p| p.display().to_string())` to `plugin_summary_json`. Plugins now return e.g. `{path:"/Users/.../.claw/plugins/installed/example-bundled-bundled"}`. Completes path-discoverability across all three extension surfaces (agents, skills, plugins). Source: Jobdori dogfood on `8f44ad30`, 2026-05-26.
 731. **`claw sandbox --output-format json` returned `status:"error"` when namespace isolation is unsupported on macOS but filesystem sandbox is active — automation treating `status != "ok"` as a hard error would block on a fully-functional degraded sandbox** — dogfooded 2026-05-26 on `425d94ee`. `sandbox_json_value` derived `status:"error"` when `!status.supported` regardless of whether `filesystem_active:true` (workspace-write containment working). On macOS the typical state is `{supported:false, filesystem_active:true, active_namespace:false}` — namespace isolation is unsupported but the filesystem sandbox IS active. This is degradation, not failure. Fix: added `else if status.filesystem_active { "warn" }` branch before the hard `"error"` arm — `status:"error"` is now reserved for the case where sandbox is enabled, unsupported, AND no filesystem containment is active either. macOS default now correctly returns `status:"warn"`. Source: Jobdori dogfood on `425d94ee`, 2026-05-26.
 732. **`claw status --output-format json` `allowed_tools.entries` was `null` when no `--allowed-tools` flag was passed — callers doing `.allowed_tools.entries | length > 0` or trying to iterate got a null-dereference instead of an empty array** — dogfooded 2026-05-26 on `29dcd478`. `allowed_tool_entries` was computed as `allowed_tools.map(|tools| tools.iter().cloned().collect())` — `None` when unrestricted, serialized to JSON `null`. Fix: `.unwrap_or_default()` so unrestricted invocations emit `entries: []` instead of `entries: null`. Callers can now use `.entries | length > 0` uniformly without a null guard. Source: Jobdori dogfood on `29dcd478`, 2026-05-26.
 733. **`claw diff --output-format json` returned no `changed_file_count` field — callers seeing `result:"changes"` had to parse the raw `staged`/`unstaged` diff text to count affected files** — dogfooded 2026-05-26 on `4c16a42f`. `render_diff_json_for` ran `git diff --cached` and `git diff` and exposed them as raw strings but didn't compute a file count. Fix: run two additional `git diff --name-only` passes (staged + unstaged), deduplicate across both sets using a `BTreeSet`, and expose `changed_file_count: usize` in the envelope. Clean repos emit `changed_file_count: 0`, dirty repos emit the true unique-file count. Source: Jobdori dogfood on `4c16a42f`, 2026-05-26.
 734. **`agents show <name>` and `plugins show <name>` error envelopes had no `message` field when the target was not found — `skills show` had `"message": "skill 'X' not found"` but the other two omitted it, leaving callers with only `error_kind` and `requested` and no human-readable explanation in the same field shape** — dogfooded 2026-05-26 on `cc86f54d`. Added `"message": "agent 'X' not found"` to the `agent_not_found` branch in `commands/src/lib.rs` and `"message": "plugin 'X' not found"` to the `plugin_not_found` branch in `rusty-claude-cli/src/main.rs`; both now match the `skills show` shape. Source: Jobdori dogfood on `cc86f54d`, 2026-05-26.
 735. **`claw /compact --output-format json` (and other interactive-only slash commands invoked outside a session) emitted `error_kind:"unknown"` instead of `error_kind:"interactive_only"` — `classify_error_kind` matched `"is a slash command"` and `"interactive_only:"` prefix but missed the `"slash command /X is interactive-only"` sentence pattern emitted by the interactive-only guard; automation branching on `error_kind` got `"unknown"` and couldn't distinguish "you called an interactive command outside a session" from a genuine unknown failure** — dogfooded 2026-05-26 on `d4494a8a`. Added `message.starts_with("slash command") && message.contains("interactive-only")` branch to `classify_error_kind` alongside the existing two matchers. Source: Jobdori dogfood on `d4494a8a`, 2026-05-26.
 736. **`claw doctor --output-format json` `boot_preflight` check `details[]` had `value: null` for `Required binary`, `Last failed boot`, `MCP eligible`, and `Plugin eligible` entries — all four used format strings with no double-space separator, so the prose-splitter that builds `{key, value}` objects (introduced in #701) could not split key from value and emitted the entire string as `key` with `value: null`** — dogfooded 2026-05-26 on `b3242e8c`. Fix: insert the two-space separator between the label and its value in each format string: `"Required binary {}  available={}"` → `key="Required binary claw"` / `value="available=true"`; `"Last failed boot  {}"` → `key="Last failed boot"` / `value="<none>"`; MCP/Plugin eligible compound values use `"  ·  "` intra-value separator since `splitn(2, "  ")` splits only on the first double-space run. Source: Jobdori dogfood on `b3242e8c`, 2026-05-26.
 737. **Test coverage gap: `doctor --output-format json` `boot_preflight` `details[]` had no assertion that entries are `{key,value}` objects with non-null `value` fields — the #736 double-space separator fix had no regression guard, so a revert or accidental prose-format change would silently re-introduce `value:null` entries** — filed 2026-05-26 on `ad982d20`. Added assertions to `doctor_and_resume_status_emit_json_when_requested` in `output_format_contract.rs`: iterate all `boot_preflight.details[]` entries and assert each has a string `key` and a non-null `value`. Source: Jobdori dogfood on `ad982d20`, 2026-05-26.
 738. **`claw /commit --output-format json` (and all other interactive-only slash commands invoked outside a session) emitted `hint: null` — the remediation text was in the `error` prose string but no newline separated the short error from the hint, so `split_error_hint` returned the entire message as `error` and `hint: null`** — dogfooded 2026-05-26 on `c592313d`. The format string `"slash command {cmd} is interactive-only. Start `claw`..."` had no newline, so `split_error_hint` (which splits on `\n`) could not extract the hint. Fix: add `\n` between the short error `"slash command X is interactive-only."` and the remediation text, so callers reading `.hint` get the actionable guidance directly. Source: Jobdori dogfood on `c592313d`, 2026-05-26.
 739. **`claw skills <unknown-subcommand> --output-format json` emitted two JSON objects on stdout: first the usage envelope (`action:"help", unexpected:"X"`), then a second error abort envelope (`kind:"unknown", error:"skills command failed"`) — the `print_skills` JSON path returned `Err` on `status:"error"` responses even when the response was a normal usage-display (`action:"help"`), causing the generic error serializer to emit the second envelope** — dogfooded 2026-05-26 on `4c3cb0f3`. Fix: skip the `return Err` path when `action == "help"`; usage envelopes are informational, not fatal errors. The root prompt-dispatch gap (`claw skills bogus` → `CliAction::Prompt` → `missing_credentials` in no-creds env) is a pre-existing auth-gate-on-local-surface issue (ROADMAP #431/#449) and not addressed here. Source: Jobdori dogfood on `4c3cb0f3`, 2026-05-26.
 740. **Test coverage gap for ROADMAP #733: `diff_json_has_status_and_result_field_702` did not assert `changed_file_count` contract** — dogfooded 2026-05-26 on `d5f0d6ed`. The test asserts `kind`, `status`, `result`, `action`, `working_directory` but not the new `changed_file_count` field added by #733. Coverage gap: (a) no assertion that the field exists, (b) no assertion of numeric type in git repos, (c) no regression guard for dedupe behavior (staged+unstaged to the same file = 1 changed file). Fix: extend the test to assert `changed_file_count: null` in non-git repos and `changed_file_count: u64` in git repos. Source: gaebal-gajae dogfood on `d5f0d6ed`, 2026-05-26.
 741. **`claw config list`, `claw config show`, `claw config bogus` --output-format json returned `hint: null` — the unsupported_config_section error envelope had no `hint` field populated, so callers reading `.hint` get null with no actionable guidance** — dogfooded 2026-05-26 on `5d072d21`. The `render_config_json` unsupported-section branch returned a JSON object with `error` (contains the section list) but no `hint` field. Notably `config list` and `config show` are natural verb patterns that users type expecting a list/show subcommand, but claw config uses `claw config` (no args) for list and `claw config <section>` for show — the error gave no indication of this. Fix: add `hint` field to unsupported_config_section error; verbs (`list`, `show`, `help`, `info`) get a hint explaining the correct idiom (`claw config` / `claw config <section>`); other unknown sections get a "not a config section" hint listing valid values. Source: Jobdori dogfood on `5d072d21`, 2026-05-26.
 742. **ROADMAP #740 test coverage gap: the new `changed_file_count` branch for git repos was unreachable — the fixture is a plain `unique_temp_dir` (no `git init`), so the test always exercises the `no_git_repo` path and never proves the numeric contract or deduplication behavior** — confirmed by gaebal-gajae on `5d072d21`, fixed on `6e78c1fc`. Fix: add `diff_json_changed_file_count_deduplication_733` test that (a) `git init`s a temp repo, (b) commits a file, (c) asserts `result:"clean"` + `changed_file_count:0`, (d) stages an edit + makes an unstaged edit to the same file, (e) asserts `result:"changes"` + `changed_file_count:1` — proving the BTreeSet deduplication actually works. Source: gaebal-gajae dogfood on `5d072d21`, 2026-05-26.
 743. **`claw plugins help --output-format json` returned `error_kind:"unknown_plugins_action"` with `hint:null` instead of the usage envelope (`action:"help", status:"ok", unexpected:null, usage:{...}`) that `agents help`, `mcp help`, and `skills help` all emit — schema drift within the same command family (ROADMAP #420)** — dogfooded 2026-05-26 on `2036f0bd`. Fix: (a) added `Some("help" | "-h" | "--help")` arm to `handle_plugins_slash_command` returning a text usage message (text path parity); (b) added early-return JSON help envelope in `print_plugins` JSON path matching shape of agents/mcp help: `{action:"help", kind:"plugin", status:"ok", unexpected:null, usage:{direct_cli, slash_command}}`. Source: Jobdori dogfood on `2036f0bd`, 2026-05-26.
 744. **ROADMAP #741 has no regression test: `claw config list/show/bogus --output-format json hint` field could silently regress to null** — confirmed by gaebal-gajae on `2036f0bd`. Pattern same as #736→#737 and #740→#742: implementation fix without a pinning test. Fix: add `config_unsupported_section_json_hint_741` test iterating `[list, show, bogus, help]` and asserting `kind:config`, `status:error`, `error_kind:unsupported_config_section`, `hint` is non-empty string, `supported_sections[]` is non-empty. Source: gaebal-gajae dogfood on `2036f0bd`, 2026-05-26.
 745. **`claw issue --output-format json` and all other direct-CLI slash commands (pr, commit, etc.) returned `hint: null` — the `bare_slash_command_guidance` message strings had no `\n` separator between short error and remediation text, so `split_error_hint` couldn't populate the hint field** — dogfooded 2026-05-26 on `92e053a1`. The #738 fix added `\n` to the `--resume SESSION /cmd` path but missed the direct-CLI path (e.g. `claw issue`, `claw pr`). The `bare_slash_command_guidance` function formats two message variants: resume-supported and non-resume; both lacked `\n`. Fix: add `\n` before the remediation text in both format strings. Source: Jobdori dogfood on `92e053a1`, 2026-05-26.
 746. **`claw --output-format json` (bare, no TTY, no prompt) returned `hint: null` — the non-TTY interactive-only guard error string had no `\n` separator, so `split_error_hint` couldn't extract the remediation text into `.hint`** — dogfooded 2026-05-26 on `3c5459a3`. The single-string message `"interactive_only: claw requires an interactive terminal (stdin is not a TTY and no prompt was provided \u2014 pipe a prompt or run in a TTY)"` contained the hint inline but no newline, so callers reading `.hint` got null and had to parse the prose `error` string. Fix: split at `\n` — short error `"interactive_only: claw requires an interactive terminal."` + hint `"Stdin is not a TTY…pipe a prompt with \`echo 'task' | claw\` or run \`claw\` in an interactive terminal."`. Source: Jobdori dogfood on `3c5459a3`, 2026-05-26.
 747. **ROADMAP #745 has no regression test: `claw issue/pr/commit --output-format json hint` could silently regress to null** — confirmed by gaebal-gajae on `3c5459a33`. Same pattern as #737, #742, #744. Fix: add `bare_slash_command_hint_745` test iterating `issue`, `pr`, `commit` and asserting `error_kind:"interactive_only"` + non-empty `hint` field. Source: gaebal-gajae dogfood on `3c5459a33`, fixed on `18e7744e`, 2026-05-26.
 748. **`claw mcp bogussubcmd --output-format json` returned `error_kind: null` when an unknown subcommand was passed — `render_mcp_usage_json(Some("bogus"))` set `status:"error"` but left `error_kind` absent — while `agents bogussubcmd` emits `error_kind:"unknown_agents_subcommand"`** — dogfooded 2026-05-26 on `04eb661e`. Fix: add `error_kind: "unknown_mcp_action"` to `render_mcp_usage_json` when `unexpected.is_some()`; remains `null` for the `help` path (`unexpected: null`). Source: Jobdori dogfood on `04eb661e`, 2026-05-26.
 749. **`claw compact --output-format json` returned `hint: null` — `compact_interactive_only_error()` returned a single-line string with no `\n` between short error and remediation text, so `split_error_hint` couldn't populate the hint field** — identified by gaebal-gajae on `04eb661e`. Same class as #738 / #745 / #746. Fix: add `\n` before the remediation text in `compact_interactive_only_error`. Regression guard: extended `compact_subcommand_json_help_fails_fast_when_stdin_closed` to also assert `hint` is non-empty and mentions `/compact` or `--resume`. Source: gaebal-gajae dogfood on `04eb661e`, 2026-05-26.
 750. **`claw prompt --output-format json` (no text argument) returned `error_kind:"unknown"` and `hint: null`** — dogfooded 2026-05-26 on `2dfb7af6`. The error string `"prompt subcommand requires a prompt string"` had no prefix prefix for classifier and no `\n` for hint extraction. Fix: (a) prefix with `"missing_prompt: "` + newline before usage hint; (b) add `message.starts_with("missing_prompt:")` → `"missing_prompt"` classifier arm. Result: `error_kind:"missing_prompt"`, `hint:"Usage: claw prompt <text>  or  echo '<text>' | claw"`. Source: Jobdori dogfood on `2dfb7af6`, 2026-05-26.
 751. **ROADMAP #750 has no regression test: `claw prompt --output-format json` no-arg `error_kind` and `hint` could silently regress** — confirmed by gaebal-gajae on `ac925ed4`. Fix: add `prompt_no_arg_json_error_kind_750` test asserting nonzero exit, `error_kind:"missing_prompt"`, non-empty `hint` mentioning `claw prompt` or `echo`. Source: gaebal-gajae dogfood on `ac925ed4`, 2026-05-26.
 752. **`claw <subcommand> --output-format json <bogus-arg>` returned `hint: null` for all `cli_parse` errors when an unrecognized positional arg was supplied** — dogfooded 2026-05-26 on `ddc71b56`. Generic `unrecognized argument` format string had no `\n` so `split_error_hint` emitted null hint (only the `--json` special-case added a hint). Fix: add else-branch appending `\nRun `claw <verb> --help` for usage.` to the generic arm. Affected surfaces: `sandbox`, `doctor`, `version`, and any other subcommand routing through the same unrecognized-arg path. Source: Jobdori dogfood on `ddc71b56`, 2026-05-26.
 753. **`claw --output-format json -p` (no prompt arg) returned `error_kind:"unknown"` and `hint: null`** — parity gap with #750/#751 which fixed the explicit `prompt` verb. Identified by gaebal-gajae on `ddc71b56`. Fix: same `missing_prompt:` prefix + newline usage hint as #750. Regression guard: `short_p_flag_no_arg_json_error_kind_753` asserting nonzero exit, `error_kind:"missing_prompt"`, non-empty hint mentioning `claw -p` or `claw prompt`. Source: gaebal-gajae dogfood on `ddc71b56`, 2026-05-26.
 754. **`missing_credentials` JSON envelope always had `hint: null` even when a contextual hint was available** — dogfooded 2026-05-26 on `e9327135`. `ApiError::Display` for `MissingCredentials` appended the hint via ` — hint: {hint}` (inline, no `\n`), so `split_error_hint()` could not extract it and left the JSON `hint` field null. Fix: change delimiter from ` — hint: ` to `\n` in `api/src/error.rs` Display impl; update two tests in `api/src/error.rs` and `api/src/providers/mod.rs` to assert newline separator. Source: Jobdori dogfood on `e9327135`, 2026-05-26.
 755. **`claw -p hello --model sonnet` swallowed `--model sonnet` into the prompt string** — gaebal-gajae pinpoint on `e9327135` (#117 revival). `-p` used `args[index+1..].join(" ")`, consuming all remaining tokens as prompt. Fix: capture exactly one token via `args.get(index+1)`, reject flag-like tokens (`starts_with('-')`) as `missing_prompt`, support `--` sentinel for literal flag-text, then `continue` the flag loop so `--model`/`--output-format`/etc. parse normally. Dispatch via `short_p_prompt` after full flag scan. Regression guard: `short_p_flag_swallows_no_flags_755` asserts `--output-format json` is parsed (not swallowed) and `--model` as prompt-arg is rejected. Source: gaebal-gajae dogfood on `e9327135`, 2026-05-26.
 756. **`--reasoning-effort bogus`, `--model` (no value), and sibling missing/invalid flag-value errors all returned `error_kind:"unknown"` + `hint:null`** — gaebal-gajae pinpoint on `0e8a449e`. All `missing value for --X` and `invalid value for --reasoning-effort` error strings were single-line with no classifier arm. Fix: (a) prefix all with `missing_flag_value:` / `invalid_flag_value:` + `\n` usage hint; (b) add `message.starts_with("missing_flag_value:")` → `"missing_flag_value"` and `message.starts_with("invalid_flag_value:")` → `"invalid_flag_value"` classifier arms. Covers `--model`, `--output-format`, `--permission-mode`, `--base-commit`, `--reasoning-effort`. Regression guard: `flag_value_errors_have_error_kind_and_hint_756` — invalid `--reasoning-effort HIGH` → `invalid_flag_value` + hint with valid values; missing `--model` → `missing_flag_value` + non-null hint. Source: gaebal-gajae dogfood on `0e8a449e`, 2026-05-26.
 757. **`--permission-mode bogus` and `--allowedTools` (no value) returned `error_kind:"unknown"` + `hint:null`** — dogfooded 2026-05-26 on `4df14618`. `parse_permission_mode_arg()` error format had no prefix and no `\n`; `--allowedTools` missing-value string was plain. Fix: prefix `parse_permission_mode_arg` error with `invalid_flag_value:` + `\n` valid-values hint (both call sites); prefix `--allowedTools` missing-value with `missing_flag_value:` + `\n` usage hint. Both now classified by existing `missing_flag_value`/`invalid_flag_value` arms added in #756. Source: Jobdori dogfood on `4df14618`, 2026-05-26.
 758. **Three remaining `missing value for --X` strings in `parse_init_args` were still untyped** — dogfooded 2026-05-26 on `02d77ae1`. `--cwd`, `--date`, `--session` missing-value errors in the init-args parser used the old plain-string form with no `missing_flag_value:` prefix and no `\n` hint, unlike the main `parse_args` flags fixed in #756/#757. Fix: applied `missing_flag_value:` prefix + `\n` usage hint to all three. `grep '"missing value for --'` now returns zero results outside of test assertions. Source: Jobdori dogfood sweep on `02d77ae1`, 2026-05-26.
 759. **`--model badmodel --output-format json` returned `error_kind:"invalid_model_syntax"` but `hint: null`** — dogfooded 2026-05-26 on `b8b3af6f`. `validate_model_syntax()` had hint text embedded after a period in the error string (no `\n`), so `split_error_hint()` could not extract it. Affected paths: (a) generic invalid format `"invalid model syntax: '{}'.  Expected ..."` — joined with `.` not `\n`; (b) spaces-in-model `"contains spaces. Use ..."` — same issue; (c) empty model string — no hint at all. Fix: added `\n` before hint text in all three format strings in `validate_model_syntax`. Source: Jobdori dogfood sweep on `b8b3af6f`, 2026-05-26.
 760. **`agent_not_found` and `plugin_not_found` error envelopes lacked `hint` field** — dogfooded 2026-05-26 on `ef31328a`. `claw agents show nonexistent-agent --output-format json` returned `error_kind:"agent_not_found"` with `hint: null`; same for `claw plugins show`. Both structured JSON envelopes in `commands/src/lib.rs` and `main.rs` omitted `hint`. Fix: added `"hint": "Run \`claw agents list\` to see available agents."` to the `agent_not_found` envelope; `"hint": "Run \`claw plugins list\` to see available plugins."` to the `plugin_not_found` envelope. Source: Jobdori dogfood sweep on `ef31328a`, 2026-05-26.
 761. **`mcp show <nonexistent>` and `skills show <nonexistent>` returned `hint: null`** — dogfooded 2026-05-27 on `7fa81b5d`. `server_not_found` envelope in `render_mcp_show_json` and `skill_not_found` envelope in `print_skills` JSON path both lacked `hint` fields, unlike `agent_not_found`/`plugin_not_found` fixed in #760. Fix: added `"hint": "Run \`claw mcp list\` to see configured servers."` to `server_not_found` and `"hint": "Run \`claw skills list\` to see available skills."` to `skill_not_found`. All four `*_not_found` envelopes now have hints. Source: Jobdori dogfood sweep on `7fa81b5d`, 2026-05-27.
 762. **`classify_error_kind` unit test missing coverage for 15 of 23 classifier arms** — dogfooded 2026-05-27 on `d83de563`. `classify_error_kind_returns_correct_discriminants` only asserted 8 of the 23 arms, leaving `missing_flag_value`, `invalid_flag_value`, `missing_prompt`, `interactive_only`, `unknown_agents_subcommand`, `agent_not_found`, `plugin_not_found`, `skill_not_found`, `unsupported_config_section`, `no_managed_sessions`, `legacy_session_no_workspace_binding`, `missing_manifests`, `unknown_plugins_action`, `unsupported_skills_action`, and `confirmation_required` uncovered. Any discriminant string drift would silently fall to `"unknown"` without a failing test. Fix: added 18 new `assert_eq!` invocations covering all previously untested arms. Source: Jobdori test-brittleness sweep on `d83de563`, 2026-05-27.
--- a/docs/g013-roadmap-pinpoints-693-695-verification-map.md
+++ b/docs/g013-roadmap-pinpoints-693-695-verification-map.md
@@ -17,7 +17,10 @@ covered by the Claw Code 2.0 board.
 - Hook: `.github/hooks/pre-push`
 - Install command: `git config core.hooksPath .github/hooks`
- Gate: `cargo build --manifest-path rust/Cargo.toml --workspace`
+- Gate: `cargo build --manifest-path rust/Cargo.toml --workspace --locked`
 - Escape hatch: `SKIP_CLAW_PRE_PUSH_BUILD=1` prints an explicit skip message.
 - Regression test: `tests/test_pre_push_hook_contract.py` locks the skip
  hatch and `--locked` build command contract.
 - Purpose: mirror the CI build job locally so stale field/variant references are
  caught before push.
@@ -40,8 +43,9 @@ python3 scripts/generate_cc2_board.py
 python3 scripts/validate_cc2_board.py --board .omx/cc2/board.json
 python3 .omx/cc2/validate_issue_parity_intake.py .omx/cc2/issue-parity-intake.json
 bash -n .github/hooks/pre-push
 python3 tests/test_pre_push_hook_contract.py -v
 cargo fmt --manifest-path rust/Cargo.toml --all -- --check
 cargo test --manifest-path rust/Cargo.toml -p claw-analog rag_response_ -- --nocapture
 cargo test --manifest-path rust/Cargo.toml -p runtime startup_preflight -- --nocapture
-cargo build --manifest-path rust/Cargo.toml --workspace
+cargo build --manifest-path rust/Cargo.toml --workspace --locked
 ```
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -2124,6 +2124,7 @@ dependencies = [
 "serde_json",
 "sha2",
 "telemetry",
 "tempfile",
 "tokio",
 "walkdir",
 ]
--- a/rust/crates/api/src/error.rs
+++ b/rust/crates/api/src/error.rs
@@ -273,7 +273,10 @@ impl Display for ApiError {
                    }
                }
                if let Some(hint) = hint {
-                    write!(f, " — hint: {hint}")?;
+                    // #754: newline-delimited so split_error_hint() can extract the hint
                    // into the JSON envelope's `hint` field. The em-dash form was a
                    // single-line string that left hint:null in --output-format json.
                    write!(f, "\n{hint}")?;
                }
                Ok(())
            }
@@ -608,11 +611,16 @@ mod tests {
            rendered.starts_with("missing Anthropic credentials;"),
            "hint should be appended, not replace the base message: {rendered}"
        );
-        let hint_marker = " — hint: I see OPENAI_API_KEY is set — if you meant to use the OpenAI-compat provider, prefix your model name with `openai/` so prefix routing selects it.";
+        // #754: hint is now newline-delimited so split_error_hint() can extract it
        let hint_text = "I see OPENAI_API_KEY is set — if you meant to use the OpenAI-compat provider, prefix your model name with `openai/` so prefix routing selects it.";
        assert!(
-            rendered.ends_with(hint_marker),
+            rendered.ends_with(hint_text),
            "rendered error should end with the hint: {rendered}"
        );
        assert!(
            rendered.contains('\n'),
            "rendered error must contain newline separator so split_error_hint works: {rendered}"
        );
        // Classification semantics are unaffected by the presence of a hint.
        assert_eq!(error.safe_failure_class(), "provider_auth");
        assert!(!error.is_retryable());
--- a/rust/crates/api/src/providers/mod.rs
+++ b/rust/crates/api/src/providers/mod.rs
@@ -1649,10 +1649,15 @@ NO_EQUALS_LINE
            rendered.starts_with("missing Anthropic credentials;"),
            "canonical base message should still lead the rendered error: {rendered}"
        );
        // #754: hint delimiter changed from " — hint: " to "\n" so split_error_hint works
        assert!(
-            rendered.contains(" — hint: I see OPENAI_API_KEY is set"),
+            rendered.contains("I see OPENAI_API_KEY is set"),
            "rendered error should carry the env-driven hint: {rendered}"
        );
        assert!(
            rendered.contains('\n'),
            "rendered error must use newline separator (#754): {rendered}"
        );
    }
    #[test]
--- a/rust/crates/claw-analog/src/lib.rs
+++ b/rust/crates/claw-analog/src/lib.rs
@@ -1109,25 +1109,33 @@ enum BlockKind {
    },
 }
 const KNOWN_RAG_BOOTSTRAP_PHASES: &[&str] =
    &["1-sqlite-no-db", "1-sqlite-empty", "1-sqlite", "2-qdrant"];
 fn unknown_bootstrap_phase_error(received_value: Value, message: &str) -> String {
    json!({
        "kind": "unknown_bootstrap_phase",
        "field": "phase",
        "received_value": received_value,
        "allowed_values": KNOWN_RAG_BOOTSTRAP_PHASES,
        "message": message,
    })
    .to_string()
 }
 pub(crate) fn format_rag_query_json_for_model(body: &str) -> Result<String, String> {
    let v: Value = serde_json::from_str(body).map_err(|e| format!("invalid JSON: {e}"))?;
    let phase = v.get("phase").and_then(|x| x.as_str()).ok_or_else(|| {
-        json!({
+        unknown_bootstrap_phase_error(
-            "kind": "unknown_bootstrap_phase",
+            v.get("phase").cloned().unwrap_or(Value::Null),
-            "field": "phase",
+            "RAG response is missing a string phase; refusing to silently render phase as unknown",
-            "received_value": v.get("phase").cloned().unwrap_or(Value::Null),
+        )
            "message": "RAG response is missing a string phase; refusing to silently render phase as unknown"
        })
        .to_string()
    })?;
-    if phase.trim().is_empty() || phase == "unknown" {
+    if !KNOWN_RAG_BOOTSTRAP_PHASES.contains(&phase) {
-        return Err(json!({
+        return Err(unknown_bootstrap_phase_error(
-            "kind": "unknown_bootstrap_phase",
+            Value::String(phase.to_string()),
-            "field": "phase",
+            "RAG response phase is not a recognized bootstrap phase",
-            "received_value": phase,
+        ));
            "message": "RAG response phase must be a concrete phase name"
        })
        .to_string());
    }
    let hits = v
        .get("hits")
@@ -2586,6 +2594,16 @@ mod tests {
        let err = format_rag_query_json_for_model(r#"{"hits":[],"phase":"unknown"}"#).unwrap_err();
        assert!(err.contains(r#""kind":"unknown_bootstrap_phase""#));
        assert!(err.contains(r#""received_value":"unknown""#));
        assert!(err.contains(r#""field":"phase""#));
    }
    #[test]
    fn rag_response_unrecognized_phase_returns_typed_error() {
        let err =
            format_rag_query_json_for_model(r#"{"hits":[],"phase":"3-drifted"}"#).unwrap_err();
        assert!(err.contains(r#""kind":"unknown_bootstrap_phase""#));
        assert!(err.contains(r#""received_value":"3-drifted""#));
        assert!(err.contains(r#""allowed_values""#));
    }
    #[test]
--- a/rust/crates/commands/src/lib.rs
+++ b/rust/crates/commands/src/lib.rs
@@ -2145,6 +2145,8 @@ struct AgentSummary {
    reasoning_effort: Option<String>,
    source: DefinitionSource,
    shadowed_by: Option<DefinitionSource>,
    // #728: on-disk path so `agents show` can surface the file path
    path: Option<PathBuf>,
 }
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -2154,6 +2156,8 @@ struct SkillSummary {
    source: DefinitionSource,
    shadowed_by: Option<DefinitionSource>,
    origin: SkillOrigin,
    // #729: on-disk path parity with AgentSummary
    path: Option<PathBuf>,
 }
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -2202,7 +2206,16 @@ pub fn handle_plugins_slash_command(
    match action {
        None | Some("list") => {
            let report = manager.installed_plugin_registry_report()?;
-            let plugins = report.summaries();
+            let plugins: Vec<_> = if let Some(filter) = target {
                let needle = filter.to_lowercase();
                report
                    .summaries()
                    .into_iter()
                    .filter(|p| p.metadata.id.to_lowercase().contains(&needle))
                    .collect()
            } else {
                report.summaries().into_iter().collect()
            };
            let failures = report.failures();
            Ok(PluginsCommandResult {
                message: render_plugins_report_with_failures(&plugins, failures),
@@ -2301,12 +2314,36 @@ pub fn handle_plugins_slash_command(
                reload_runtime: true,
            })
        }
-        Some(other) => Ok(PluginsCommandResult {
+        Some("show" | "info" | "describe") => {
-            message: format!(
+            // Show a named plugin by filtering the installed registry.
-                "Unknown /plugins action '{other}'. Use list, install, enable, disable, uninstall, or update."
+            // Without a target, shows all (same as list).
-            ),
+            let report = manager.installed_plugin_registry_report()?;
            let plugins: Vec<_> = if let Some(name) = target {
                let needle = name.to_lowercase();
                report
                    .summaries()
                    .into_iter()
                    .filter(|p| p.metadata.id.to_lowercase() == needle)
                    .collect()
            } else {
                report.summaries().into_iter().collect()
            };
            let failures = report.failures();
            Ok(PluginsCommandResult {
                message: render_plugins_report_with_failures(&plugins, failures),
                reload_runtime: false,
            })
        }
        // #743/#420: "help" was caught by Some(other) → unknown_plugins_action error with hint:null.
        // agents/mcp/skills all return a help envelope; plugins must match that parity.
        Some("help" | "-h" | "--help") => Ok(PluginsCommandResult {
            message: "Plugins\n  Usage            /plugins [list|show <id>|install <id>|enable <id>|disable <id>|uninstall <id>|update <id>|help]\n  Subcommands      list  show  install  enable  disable  uninstall  update  help"
                .to_string(),
            reload_runtime: false,
        }),
        Some(other) => Err(PluginError::CommandFailed(format!(
            "unknown_plugins_action: '{other}' is not a supported /plugins action. Use list, show, install, enable, disable, uninstall, or update."
        ))),
    }
 }
@@ -2326,10 +2363,50 @@ pub fn handle_agents_slash_command(args: Option<&str>, cwd: &Path) -> std::io::R
            let agents = load_agents_from_roots(&roots)?;
            Ok(render_agents_report(&agents))
        }
        Some(args) if args.starts_with("list ") => {
            let filter = args["list ".len()..].trim().to_lowercase();
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            let filtered: Vec<_> = agents
                .into_iter()
                .filter(|a| a.name.to_lowercase().contains(&filter))
                .collect();
            Ok(render_agents_report(&filtered))
        }
        Some("show" | "info" | "describe") => {
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            Ok(render_agents_report(&agents))
        }
        Some(args)
            if args.starts_with("show ")
                || args.starts_with("info ")
                || args.starts_with("describe ") =>
        {
            let name = args
                .split_once(' ')
                .map(|(_, name)| name)
                .unwrap_or_default()
                .trim()
                .to_lowercase();
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            let matched: Vec<_> = agents
                .into_iter()
                .filter(|a| a.name.to_lowercase() == name)
                .collect();
            if matched.is_empty() {
                return Err(std::io::Error::new(
                    std::io::ErrorKind::NotFound,
                    format!("agent not found: {name}"),
                ));
            }
            Ok(render_agents_report(&matched))
        }
        Some(args) if is_help_arg(args) => Ok(render_agents_usage(None)),
        Some(args) => Err(std::io::Error::new(
            std::io::ErrorKind::InvalidInput,
-            format!("unknown agents subcommand: {args}. Supported: list, help"),
+            format!("unknown agents subcommand: {args}. Supported: list, show, help"),
        )),
    }
 }
@@ -2350,10 +2427,57 @@ pub fn handle_agents_slash_command_json(args: Option<&str>, cwd: &Path) -> std::
            let agents = load_agents_from_roots(&roots)?;
            Ok(render_agents_report_json(cwd, &agents))
        }
        Some(args) if args.starts_with("list ") => {
            let filter = args["list ".len()..].trim().to_lowercase();
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            let filtered: Vec<_> = agents
                .into_iter()
                .filter(|a| a.name.to_lowercase().contains(&filter))
                .collect();
            Ok(render_agents_report_json(cwd, &filtered))
        }
        Some("show" | "info" | "describe") => {
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            Ok(render_agents_report_json_with_action(cwd, &agents, "show"))
        }
        Some(args)
            if args.starts_with("show ")
                || args.starts_with("info ")
                || args.starts_with("describe ") =>
        {
            let name = args
                .split_once(' ')
                .map(|(_, name)| name)
                .unwrap_or_default()
                .trim()
                .to_lowercase();
            let roots = discover_definition_roots(cwd, "agents");
            let agents = load_agents_from_roots(&roots)?;
            let matched: Vec<_> = agents
                .into_iter()
                .filter(|a| a.name.to_lowercase() == name)
                .collect();
            if matched.is_empty() {
                return Ok(serde_json::json!({
                    "kind": "agents",
                    "action": "show",
                    "status": "error",
                    "error_kind": "agent_not_found",
                    "requested": name,
                    // #734: parity with skills show which always emits a message field
                    "message": format!("agent '{}' not found", name),
                    // #760: hint so callers know how to enumerate available agents
                    "hint": "Run `claw agents list` to see available agents.",
                }));
            }
            Ok(render_agents_report_json_with_action(cwd, &matched, "show"))
        }
        Some(args) if is_help_arg(args) => Ok(render_agents_usage_json(None)),
        Some(args) => Err(std::io::Error::new(
            std::io::ErrorKind::InvalidInput,
-            format!("unknown agents subcommand: {args}. Supported: list, help"),
+            format!("unknown agents subcommand: {args}. Supported: list, show, help"),
        )),
    }
 }
@@ -2454,7 +2578,7 @@ pub fn handle_skills_slash_command_json(args: Option<&str>, cwd: &Path) -> std::
        None | Some("list") => {
            let roots = discover_skill_roots(cwd);
            let skills = load_skills_from_roots(&roots)?;
-            Ok(render_skills_report_json(&skills))
+            Ok(render_skills_report_json_with_action(&skills, "list"))
        }
        Some(args) if args.starts_with("list ") => {
            let filter = args["list ".len()..].trim().to_lowercase();
@@ -2464,12 +2588,12 @@ pub fn handle_skills_slash_command_json(args: Option<&str>, cwd: &Path) -> std::
                .into_iter()
                .filter(|s| s.name.to_lowercase().contains(&filter))
                .collect();
-            Ok(render_skills_report_json(&filtered))
+            Ok(render_skills_report_json_with_action(&filtered, "list"))
        }
        Some("show" | "info" | "describe") => {
            let roots = discover_skill_roots(cwd);
            let skills = load_skills_from_roots(&roots)?;
-            Ok(render_skills_report_json(&skills))
+            Ok(render_skills_report_json_with_action(&skills, "show"))
        }
        Some(args)
            if args.starts_with("show ")
@@ -2488,7 +2612,20 @@ pub fn handle_skills_slash_command_json(args: Option<&str>, cwd: &Path) -> std::
                .into_iter()
                .filter(|s| s.name.to_lowercase() == name)
                .collect();
-            Ok(render_skills_report_json(&matched))
+            // #706: return typed error when named skill is not found instead of silent empty list
            if matched.is_empty() {
                return Ok(json!({
                    "kind": "skills",
                    "action": "show",
                    "status": "error",
                    "error_kind": "skill_not_found",
                    "message": format!("skill '{}' not found", name),
                    "requested": name,
                    // #761: hint so callers know how to enumerate available skills
                    "hint": "Run `claw skills list` to see available skills.",
                }));
            }
            Ok(render_skills_report_json_with_action(&matched, "show"))
        }
        Some("install") => Ok(render_skills_usage_json(Some("install"))),
        Some(args) if args.starts_with("install ") => {
@@ -2806,7 +2943,11 @@ fn render_mcp_report_json_for(
                        runtime_config.mcp().get(server_name),
                    );
                    if let Some(map) = value.as_object_mut() {
-                        map.insert("status".to_string(), Value::String("ok".to_string()));
+                        // Only override status to "ok" if the server was found;
                        // render_mcp_server_report_json already sets status:"error" for not-found.
                        if map.get("found") == Some(&Value::Bool(true)) {
                            map.insert("status".to_string(), Value::String("ok".to_string()));
                        }
                        map.insert("config_load_error".to_string(), Value::Null);
                    }
                    Ok(value)
@@ -3236,7 +3377,12 @@ fn resolve_skill_install_source(source: &str, cwd: &Path) -> std::io::Result<Ski
    } else {
        cwd.join(candidate)
    };
-    let source = fs::canonicalize(&source)?;
+    let source = fs::canonicalize(&source).map_err(|e| {
        std::io::Error::new(
            e.kind(),
            format!("skill source '{}' not found: {e}", source.display()),
        )
    })?;
    if source.is_dir() {
        let prompt_path = source.join("SKILL.md");
@@ -3412,6 +3558,7 @@ fn load_agents_from_roots(
                reasoning_effort: parse_toml_string(&contents, "model_reasoning_effort"),
                source: *source,
                shadowed_by: None,
                path: Some(entry.path()),
            });
        }
        root_agents.sort_by(|left, right| left.name.cmp(&right.name));
@@ -3456,6 +3603,7 @@ fn load_skills_from_roots(roots: &[SkillRoot]) -> std::io::Result<Vec<SkillSumma
                        source: root.source,
                        shadowed_by: None,
                        origin: root.origin,
                        path: Some(entry.path()),
                    });
                }
                SkillOrigin::LegacyCommandsDir => {
@@ -3487,6 +3635,7 @@ fn load_skills_from_roots(roots: &[SkillRoot]) -> std::io::Result<Vec<SkillSumma
                        source: root.source,
                        shadowed_by: None,
                        origin: root.origin,
                        path: Some(markdown_path),
                    });
                }
            }
@@ -3619,6 +3768,14 @@ fn render_agents_report(agents: &[AgentSummary]) -> String {
 }
 fn render_agents_report_json(cwd: &Path, agents: &[AgentSummary]) -> Value {
    render_agents_report_json_with_action(cwd, agents, "list")
 }
 fn render_agents_report_json_with_action(
    cwd: &Path,
    agents: &[AgentSummary],
    action: &str,
 ) -> Value {
    let active = agents
        .iter()
        .filter(|agent| agent.shadowed_by.is_none())
@@ -3626,7 +3783,7 @@ fn render_agents_report_json(cwd: &Path, agents: &[AgentSummary]) -> Value {
    json!({
        "kind": "agents",
        "status": "ok",
-        "action": "list",
+        "action": action,
        "working_directory": cwd.display().to_string(),
        "count": agents.len(),
        "summary": {
@@ -3701,7 +3858,7 @@ fn render_skills_report(skills: &[SkillSummary]) -> String {
    lines.join("\n").trim_end().to_string()
 }
-fn render_skills_report_json(skills: &[SkillSummary]) -> Value {
+fn render_skills_report_json_with_action(skills: &[SkillSummary], action: &str) -> Value {
    let active = skills
        .iter()
        .filter(|skill| skill.shadowed_by.is_none())
@@ -3709,7 +3866,7 @@ fn render_skills_report_json(skills: &[SkillSummary]) -> Value {
    json!({
        "kind": "skills",
        "status": "ok",
-        "action": "list",
+        "action": action,
        "summary": {
            "total": skills.len(),
            "active": active,
@@ -3743,6 +3900,7 @@ fn render_skill_install_report(skill: &InstalledSkill) -> String {
 fn render_skill_install_report_json(skill: &InstalledSkill) -> Value {
    json!({
        "kind": "skills",
        "status": "ok",
        "action": "install",
        "result": "installed",
        "invocation_name": &skill.invocation_name,
@@ -3886,6 +4044,7 @@ fn render_mcp_server_report_json(
        Some(server) => json!({
            "kind": "mcp",
            "action": "show",
            "status": "ok",
            "working_directory": cwd.display().to_string(),
            "found": true,
            "server": mcp_server_json(server_name, server),
@@ -3893,10 +4052,14 @@ fn render_mcp_server_report_json(
        None => json!({
            "kind": "mcp",
            "action": "show",
            "status": "error",
            "error_kind": "server_not_found",
            "working_directory": cwd.display().to_string(),
            "found": false,
            "server_name": server_name,
            "message": format!("server `{server_name}` is not configured"),
            // #761: hint so callers know how to enumerate configured MCP servers
            "hint": "Run `claw mcp list` to see configured servers.",
        }),
    }
 }
@@ -4004,11 +4167,18 @@ fn render_mcp_usage(unexpected: Option<&str>) -> String {
 }
 fn render_mcp_usage_json(unexpected: Option<&str>) -> Value {
    // #748: add error_kind when unexpected is set, matching agents/plugins unknown-subcommand shape.
    let error_kind: Value = if unexpected.is_some() {
        json!("unknown_mcp_action")
    } else {
        Value::Null
    };
    json!({
        "kind": "mcp",
        "action": "help",
        "ok": unexpected.is_none(),
        "status": if unexpected.is_some() { "error" } else { "ok" },
        "error_kind": error_kind,
        "usage": {
            "slash_command": "/mcp [list|show <server>|help]",
            "direct_cli": "claw mcp [list|show <server>|help]",
@@ -4109,9 +4279,17 @@ fn definition_source_id(source: DefinitionSource) -> &'static str {
 }
 fn definition_source_json(source: DefinitionSource) -> Value {
    definition_source_json_with_detail(source, None)
 }
 fn definition_source_json_with_detail(
    source: DefinitionSource,
    detail_label: Option<&'static str>,
 ) -> Value {
    json!({
        "id": definition_source_id(source),
        "label": source.label(),
        "detail_label": detail_label,
    })
 }
@@ -4124,6 +4302,8 @@ fn agent_summary_json(agent: &AgentSummary) -> Value {
        "source": definition_source_json(agent.source),
        "active": agent.shadowed_by.is_none(),
        "shadowed_by": agent.shadowed_by.map(definition_source_json),
        // #728: expose on-disk path so callers can inspect the agent file directly
        "path": agent.path.as_ref().map(|p| p.display().to_string()),
    })
 }
@@ -4145,10 +4325,12 @@ fn skill_summary_json(skill: &SkillSummary) -> Value {
    json!({
        "name": &skill.name,
        "description": &skill.description,
-        "source": definition_source_json(skill.source),
+        "source": definition_source_json_with_detail(skill.source, skill.origin.detail_label()),
        "origin": skill_origin_json(skill.origin),
        "active": skill.shadowed_by.is_none(),
        "shadowed_by": skill.shadowed_by.map(definition_source_json),
        // #729: path parity with agent_summary_json
        "path": skill.path.as_ref().map(|p| p.display().to_string()),
    })
 }
@@ -5312,6 +5494,7 @@ mod tests {
        assert_eq!(report["kind"], "agents");
        assert_eq!(report["action"], "list");
        assert_eq!(report["status"], "ok");
        assert_eq!(report["working_directory"], workspace.display().to_string());
        assert_eq!(report["count"], 3);
        assert_eq!(report["summary"]["active"], 2);
@@ -5327,15 +5510,26 @@ mod tests {
        let help = handle_agents_slash_command_json(Some("help"), &workspace).expect("agents help");
        assert_eq!(help["kind"], "agents");
        assert_eq!(help["action"], "help");
        assert_eq!(help["status"], "ok");
        assert_eq!(help["usage"]["direct_cli"], "claw agents [list|help]");
-        // Unknown agents subcommands now return Err so CLI layer can exit 1.
+        // `show <name>` is now valid. Known agent returns ok with matching entry.
-        let unexpected_err = handle_agents_slash_command_json(Some("show planner"), &workspace);
+        let show_planner = handle_agents_slash_command_json(Some("show planner"), &workspace)
            .expect("show planner should return Ok");
        assert_eq!(show_planner["status"], "ok");
        let show_agents = show_planner["agents"].as_array().expect("agents array");
        assert_eq!(show_agents.len(), 1, "show by exact name returns one entry");
        assert_eq!(show_agents[0]["name"], "planner");
        // Missing agent returns Ok(json error) with error_kind:agent_not_found.
        let show_missing =
            handle_agents_slash_command_json(Some("show nonexistent-xyz"), &workspace)
                .expect("show missing agent should return Ok");
        assert_eq!(show_missing["status"], "error");
        assert_eq!(show_missing["error_kind"], "agent_not_found");
        assert_eq!(show_missing["requested"], "nonexistent-xyz");
        // Truly unknown subcommands still Err.
        let unexpected_err = handle_agents_slash_command_json(Some("frobnicate"), &workspace);
        assert!(unexpected_err.is_err());
        assert!(unexpected_err
            .unwrap_err()
            .to_string()
            .contains("show planner"));
        let _ = fs::remove_dir_all(workspace);
        let _ = fs::remove_dir_all(user_home);
@@ -5436,22 +5630,36 @@ mod tests {
                origin: SkillOrigin::SkillsDir,
            },
        ];
-        let report = super::render_skills_report_json(
+        let report = super::render_skills_report_json_with_action(
            &load_skills_from_roots(&roots).expect("skills should load"),
            "list",
        );
        assert_eq!(report["kind"], "skills");
        assert_eq!(report["action"], "list");
        assert_eq!(report["status"], "ok");
        assert_eq!(report["summary"]["active"], 3);
        assert_eq!(report["summary"]["shadowed"], 1);
        assert_eq!(report["skills"][0]["name"], "plan");
        assert_eq!(report["skills"][0]["source"]["id"], "project_claw");
        assert_eq!(report["skills"][0]["source"]["label"], "Project roots");
        assert_eq!(
            report["skills"][0]["source"]["detail_label"],
            serde_json::Value::Null
        );
        assert_eq!(report["skills"][1]["name"], "deploy");
        assert_eq!(report["skills"][1]["source"]["id"], "project_claw");
        assert_eq!(report["skills"][1]["source"]["label"], "Project roots");
        assert_eq!(
            report["skills"][1]["source"]["detail_label"],
            "legacy /commands"
        );
        assert_eq!(report["skills"][1]["origin"]["id"], "legacy_commands_dir");
        assert_eq!(report["skills"][3]["shadowed_by"]["id"], "project_claw");
        let help = handle_skills_slash_command_json(Some("help"), &workspace).expect("skills help");
        assert_eq!(help["kind"], "skills");
        assert_eq!(help["action"], "help");
        assert_eq!(help["status"], "ok");
        assert_eq!(help["usage"]["aliases"][0], "/skill");
        assert_eq!(
            help["usage"]["direct_cli"],
@@ -5473,14 +5681,23 @@ mod tests {
        assert!(agents_help
            .contains("Sources          .claw/agents, ~/.claw/agents, $CLAW_CONFIG_HOME/agents"));
-        // Unknown agents subcommands now return Err (typed error) instead of Ok+help text
+        // `show <name>` is now valid. For an agent that doesn't exist it returns Err(NotFound).
-        // so that the CLI layer can exit 1. The error message names the unexpected input.
+        let agents_show_missing = super::handle_agents_slash_command(Some("show planner"), &cwd);
-        let agents_unexpected_err = super::handle_agents_slash_command(Some("show planner"), &cwd);
+        assert!(
-        assert!(agents_unexpected_err.is_err());
+            agents_show_missing.is_err(),
-        assert!(agents_unexpected_err
+            "show of a missing agent should Err"
-            .unwrap_err()
+        );
-            .to_string()
+        assert_eq!(
-            .contains("show planner"));
+            agents_show_missing.unwrap_err().kind(),
            std::io::ErrorKind::NotFound
        );
        // Truly unknown subcommands still Err with InvalidInput.
        let agents_unknown_err = super::handle_agents_slash_command(Some("frobnicate"), &cwd);
        assert!(agents_unknown_err.is_err());
        assert_eq!(
            agents_unknown_err.unwrap_err().kind(),
            std::io::ErrorKind::InvalidInput
        );
        let skills_help =
            super::handle_skills_slash_command(Some("--help"), &cwd).expect("skills help");
@@ -5516,6 +5733,7 @@ mod tests {
        let sources = skills_help_json["usage"]["sources"]
            .as_array()
            .expect("skills help sources");
        assert_eq!(skills_help_json["status"], "ok");
        assert_eq!(skills_help_json["usage"]["aliases"][0], "/skill");
        assert!(sources.iter().any(|value| value == ".omc/skills"));
        assert!(sources.iter().any(|value| value == ".agents/skills"));
@@ -5901,6 +6119,13 @@ mod tests {
        assert!(report.contains("Invoke as        $help"));
        assert!(report.contains(&install_root.display().to_string()));
        let json_report = super::render_skill_install_report_json(&installed);
        assert_eq!(json_report["kind"], "skills");
        assert_eq!(json_report["action"], "install");
        assert_eq!(json_report["status"], "ok");
        assert_eq!(json_report["invocation_name"], "help");
        assert_eq!(json_report["invoke_as"], "$help");
        let roots = vec![SkillRoot {
            source: DefinitionSource::UserCodexHome,
            path: install_root.clone(),
--- a/rust/crates/runtime/src/conversation.rs
+++ b/rust/crates/runtime/src/conversation.rs
@@ -342,6 +342,7 @@ where
        let mut tool_results = Vec::new();
        let mut prompt_cache_events = Vec::new();
        let mut iterations = 0;
        let mut auto_compaction = None;
        loop {
            iterations += 1;
@@ -397,6 +398,12 @@ where
                .map_err(|error| RuntimeError::new(error.to_string()))?;
            assistant_messages.push(assistant_message);
            // Run auto-compaction check before next API call, including on the terminal
            // (no-tool) iteration, to prevent unbounded session growth (#3106).
            if let Some(compaction) = self.maybe_auto_compact() {
                auto_compaction = Some(compaction);
            }
            if pending_tool_uses.is_empty() {
                break;
            }
@@ -503,8 +510,6 @@ where
            }
        }
        let auto_compaction = self.maybe_auto_compact();
        let summary = TurnSummary {
            assistant_messages,
            tool_results,
--- a/rust/crates/runtime/src/session.rs
+++ b/rust/crates/runtime/src/session.rs
@@ -413,6 +413,7 @@ impl Session {
            .get("created_at_ms")
            .map(|value| required_u64_from_value(value, "created_at_ms"))
            .transpose()?
            .or_else(|| parse_created_at_ms_from_session_id(&session_id))
            .unwrap_or(now);
        let updated_at_ms = object
            .get("updated_at_ms")
@@ -500,7 +501,10 @@ impl Session {
                "session_meta" => {
                    version = required_u32(object, "version")?;
                    session_id = Some(required_string(object, "session_id")?);
-                    created_at_ms = Some(required_u64(object, "created_at_ms")?);
+                    created_at_ms = object
                        .get("created_at_ms")
                        .map(|value| required_u64_from_value(value, "created_at_ms"))
                        .transpose()?;
                    updated_at_ms = Some(required_u64(object, "updated_at_ms")?);
                    fork = object.get("fork").map(SessionFork::from_json).transpose()?;
                    workspace_root = object
@@ -543,11 +547,15 @@ impl Session {
        }
        let now = current_time_millis();
        let session_id = session_id.unwrap_or_else(generate_session_id);
        let created_at_ms = created_at_ms
            .or_else(|| parse_created_at_ms_from_session_id(&session_id))
            .unwrap_or(now);
        Ok(Self {
            version,
-            session_id: session_id.unwrap_or_else(generate_session_id),
+            session_id,
-            created_at_ms: created_at_ms.unwrap_or(now),
+            created_at_ms,
-            updated_at_ms: updated_at_ms.unwrap_or(created_at_ms.unwrap_or(now)),
+            updated_at_ms: updated_at_ms.unwrap_or(created_at_ms),
            messages,
            compaction,
            fork,
@@ -1291,6 +1299,15 @@ fn current_time_millis() -> u64 {
    }
 }
 pub(crate) fn parse_created_at_ms_from_session_id(session_id: &str) -> Option<u64> {
    let timestamp_and_suffix = session_id.strip_prefix("session-")?;
    let (timestamp, suffix) = timestamp_and_suffix.split_once('-')?;
    if suffix.is_empty() {
        return None;
    }
    timestamp.parse::<u64>().ok()
 }
 fn generate_session_id() -> String {
    let millis = current_time_millis();
    let counter = SESSION_ID_COUNTER.fetch_add(1, Ordering::Relaxed);
@@ -1380,8 +1397,9 @@ fn cleanup_rotated_logs(path: &Path) -> Result<(), SessionError> {
 #[cfg(test)]
 mod tests {
    use super::{
-        cleanup_rotated_logs, current_time_millis, rotate_session_file_if_needed, ContentBlock,
+        cleanup_rotated_logs, current_time_millis, parse_created_at_ms_from_session_id,
-        ConversationMessage, MessageRole, Session, SessionFork,
+        rotate_session_file_if_needed, ContentBlock, ConversationMessage, MessageRole, Session,
        SessionFork,
    };
    use crate::json::JsonValue;
    use crate::usage::TokenUsage;
@@ -1502,6 +1520,44 @@ mod tests {
        assert!(!restored.session_id.is_empty());
    }
    #[test]
    fn created_at_parser_requires_full_session_id_shape() {
        assert_eq!(
            parse_created_at_ms_from_session_id("session-1743724800123-0"),
            Some(1_743_724_800_123)
        );
        assert_eq!(
            parse_created_at_ms_from_session_id("session-1743724800123"),
            None
        );
        assert_eq!(
            parse_created_at_ms_from_session_id("session-1743724800123-"),
            None
        );
        assert_eq!(
            parse_created_at_ms_from_session_id("other-1743724800123-0"),
            None
        );
    }
    #[test]
    fn loads_legacy_jsonl_created_at_from_session_id_when_meta_omits_it() {
        let path = temp_session_path("legacy-jsonl-created-at");
        fs::write(
            &path,
            r#"{"type":"session_meta","version":3,"session_id":"session-1743724800123-0","updated_at_ms":1743724800456}
 "#,
        )
        .expect("legacy jsonl should write");
        let restored = Session::load_from_path(&path).expect("legacy jsonl should load");
        fs::remove_file(&path).expect("temp file should be removable");
        assert_eq!(restored.session_id, "session-1743724800123-0");
        assert_eq!(restored.created_at_ms, 1_743_724_800_123);
        assert_eq!(restored.updated_at_ms, 1_743_724_800_456);
    }
    #[test]
    fn appends_messages_to_persisted_jsonl_session() {
        let path = temp_session_path("append");
--- a/rust/crates/runtime/src/session_control.rs
+++ b/rust/crates/runtime/src/session_control.rs
@@ -5,7 +5,7 @@ use std::fs;
 use std::path::{Path, PathBuf};
 use std::time::UNIX_EPOCH;
-use crate::session::{Session, SessionError};
+use crate::session::{parse_created_at_ms_from_session_id, Session, SessionError};
 /// Per-worktree session store that namespaces on-disk session files by
 /// workspace fingerprint so that parallel `opencode serve` instances never
@@ -345,6 +345,9 @@ impl SessionStore {
                .and_then(|time| time.duration_since(UNIX_EPOCH).ok())
                .map(|duration| duration.as_millis())
                .unwrap_or_default();
            let fallback_id = session_id_from_path(&path).unwrap_or_else(|| "unknown".to_string());
            let fallback_created_at_ms =
                parse_created_at_ms_from_session_id(&fallback_id).unwrap_or(0);
            let summary = match Session::load_from_path(&path) {
                Ok(session) => {
                    if self.validate_loaded_session(&path, &session).is_err() {
@@ -353,6 +356,7 @@ impl SessionStore {
                    ManagedSessionSummary {
                        id: session.session_id,
                        path,
                        created_at_ms: session.created_at_ms,
                        updated_at_ms: session.updated_at_ms,
                        modified_epoch_millis,
                        message_count: session.messages.len(),
@@ -367,12 +371,9 @@ impl SessionStore {
                    }
                }
                Err(_) => ManagedSessionSummary {
-                    id: path
+                    id: fallback_id,
                        .file_stem()
                        .and_then(|value| value.to_str())
                        .unwrap_or("unknown")
                        .to_string(),
                    path,
                    created_at_ms: fallback_created_at_ms,
                    updated_at_ms: 0,
                    modified_epoch_millis,
                    message_count: 0,
@@ -409,10 +410,14 @@ impl SessionStore {
                .and_then(|time| time.duration_since(UNIX_EPOCH).ok())
                .map(|duration| duration.as_millis())
                .unwrap_or_default();
            let fallback_id = session_id_from_path(&path).unwrap_or_else(|| "unknown".to_string());
            let fallback_created_at_ms =
                parse_created_at_ms_from_session_id(&fallback_id).unwrap_or(0);
            let summary = match Session::load_from_path(&path) {
                Ok(session) => ManagedSessionSummary {
                    id: session.session_id,
                    path,
                    created_at_ms: session.created_at_ms,
                    updated_at_ms: session.updated_at_ms,
                    modified_epoch_millis,
                    message_count: session.messages.len(),
@@ -426,12 +431,9 @@ impl SessionStore {
                        .and_then(|fork| fork.branch_name.clone()),
                },
                Err(_) => ManagedSessionSummary {
-                    id: path
+                    id: fallback_id,
                        .file_stem()
                        .and_then(|value| value.to_str())
                        .unwrap_or("unknown")
                        .to_string(),
                    path,
                    created_at_ms: fallback_created_at_ms,
                    updated_at_ms: 0,
                    modified_epoch_millis,
                    message_count: 0,
@@ -483,6 +485,7 @@ pub struct SessionHandle {
 pub struct ManagedSessionSummary {
    pub id: String,
    pub path: PathBuf,
    pub created_at_ms: u64,
    pub updated_at_ms: u64,
    pub modified_epoch_millis: u128,
    pub message_count: usize,
@@ -810,6 +813,7 @@ mod tests {
            ManagedSessionSummary {
                id: "older-file-newer-session".to_string(),
                path: PathBuf::from("/tmp/older"),
                created_at_ms: 100,
                updated_at_ms: 200,
                modified_epoch_millis: 100,
                message_count: 2,
@@ -819,6 +823,7 @@ mod tests {
            ManagedSessionSummary {
                id: "newer-file-older-session".to_string(),
                path: PathBuf::from("/tmp/newer"),
                created_at_ms: 50,
                updated_at_ms: 100,
                modified_epoch_millis: 200,
                message_count: 1,
--- a/rust/crates/runtime/src/worker_boot.rs
+++ b/rust/crates/runtime/src/worker_boot.rs
@@ -1193,7 +1193,7 @@ fn git_tracks_path(cwd: &Path, path: &str) -> bool {
 fn git_metadata_path(cwd: &Path) -> Option<PathBuf> {
    let output = Command::new("git")
-        .args(["rev-parse", "--git-path", "."])
+        .args(["rev-parse", "--git-dir"])
        .current_dir(cwd)
        .output()
        .ok()?;
@@ -1214,17 +1214,27 @@ fn git_metadata_path(cwd: &Path) -> Option<PathBuf> {
 fn path_is_writable(path: &Path) -> bool {
    let probe_dir = if path.is_dir() {
-        path.to_path_buf()
+        path
    } else {
-        path.parent().unwrap_or(path).to_path_buf()
+        path.parent().unwrap_or(path)
    };
-    let probe = probe_dir.join(format!(".claw-write-probe-{}", now_secs()));
+    std::fs::metadata(probe_dir)
-    std::fs::OpenOptions::new()
+        .ok()
-        .write(true)
+        .filter(std::fs::Metadata::is_dir)
-        .create_new(true)
+        .is_some_and(|metadata| metadata_allows_directory_writes(&metadata))
-        .open(&probe)
+}
-        .and_then(|_| std::fs::remove_file(&probe))
+
-        .is_ok()
+#[cfg(unix)]
 fn metadata_allows_directory_writes(metadata: &std::fs::Metadata) -> bool {
    use std::os::unix::fs::PermissionsExt;
    let mode = metadata.permissions().mode();
    mode & 0o222 != 0 && mode & 0o111 != 0
 }
 #[cfg(not(unix))]
 fn metadata_allows_directory_writes(metadata: &std::fs::Metadata) -> bool {
    !metadata.permissions().readonly()
 }
 fn detect_trust_prompt(lowered: &str) -> bool {
@@ -1627,6 +1637,56 @@ mod tests {
        }));
    }
    #[cfg(unix)]
    #[test]
    fn startup_preflight_warns_when_git_metadata_is_not_writable() {
        use std::os::unix::fs::PermissionsExt;
        let tmp = tempfile::tempdir().expect("tempdir");
        let worktree = tmp.path().join("worktree");
        let git_dir = tmp.path().join("external-gitdir");
        fs::create_dir_all(&worktree).expect("worktree dir");
        fs::create_dir_all(git_dir.join("objects")).expect("objects dir");
        fs::create_dir_all(git_dir.join("refs/heads")).expect("refs dir");
        fs::write(git_dir.join("HEAD"), "ref: refs/heads/main\n").expect("HEAD");
        fs::write(
            worktree.join(".git"),
            format!("gitdir: {}\n", git_dir.display()),
        )
        .expect(".git file");
        let original_permissions = fs::metadata(&git_dir)
            .expect("gitdir metadata")
            .permissions();
        let mut read_only_permissions = original_permissions.clone();
        read_only_permissions.set_mode(0o555);
        fs::set_permissions(&git_dir, read_only_permissions).expect("make gitdir read-only");
        let warnings = startup_preflight_warnings(&worktree, "Audit repository.");
        let registry = WorkerRegistry::new();
        let worker = registry.create(&worktree.display().to_string(), &[], true);
        let observed = registry
            .observe_startup_preflight(&worker.worker_id, "Audit repository.")
            .expect("preflight should run");
        fs::set_permissions(&git_dir, original_permissions).expect("restore gitdir permissions");
        assert!(warnings.iter().any(|warning| {
            warning.kind == WorkerStartupPreflightWarningKind::GitMetadataNotWritable
                && warning.path.as_deref() == Some(git_dir.to_string_lossy().as_ref())
        }));
        assert!(observed.events.iter().any(|event| {
            matches!(
                &event.payload,
                Some(WorkerEventPayload::StartupPreflightWarning {
                    kind: WorkerStartupPreflightWarningKind::GitMetadataNotWritable,
                    path: Some(path),
                    ..
                }) if path == git_dir.to_string_lossy().as_ref()
            )
        }));
    }
    #[test]
    fn startup_preflight_records_structured_warning_event() {
        let tmp = tempfile::tempdir().expect("tempdir");
--- a/rust/crates/rusty-claude-cli/src/init.rs
+++ b/rust/crates/rusty-claude-cli/src/init.rs
@@ -381,11 +381,16 @@ mod tests {
    use std::time::{SystemTime, UNIX_EPOCH};
    fn temp_dir() -> std::path::PathBuf {
        use std::sync::atomic::{AtomicU64, Ordering};
        static COUNTER: AtomicU64 = AtomicU64::new(0);
        let id = COUNTER.fetch_add(1, Ordering::Relaxed);
        let nanos = SystemTime::now()
            .duration_since(UNIX_EPOCH)
            .expect("time should be after epoch")
            .as_nanos();
-        std::env::temp_dir().join(format!("rusty-claude-init-{nanos}"))
+        // Combine counter + nanoseconds so parallel tests in the same process
        // never collide even if two calls land in the same nanosecond (#707).
        std::env::temp_dir().join(format!("rusty-claude-init-{nanos}-{id}"))
    }
    #[test]
--- a/rust/crates/rusty-claude-cli/src/main.rs
+++ b/rust/crates/rusty-claude-cli/src/main.rs
--- a/rust/crates/rusty-claude-cli/tests/compact_output.rs
+++ b/rust/crates/rusty-claude-cli/tests/compact_output.rs
@@ -2,9 +2,9 @@
 use std::fs;
 use std::path::PathBuf;
-use std::process::{Command, Output};
+use std::process::{Command, Output, Stdio};
 use std::sync::atomic::{AtomicU64, Ordering};
-use std::time::{SystemTime, UNIX_EPOCH};
+use std::time::{Duration, Instant, SystemTime, UNIX_EPOCH};
 use mock_anthropic_service::{MockAnthropicService, SCENARIO_PREFIX};
 use serde_json::Value;
@@ -245,6 +245,94 @@ stderr:
    fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed");
 }
 #[test]
 fn compact_subcommand_json_help_fails_fast_when_stdin_closed() {
    let workspace = unique_temp_dir("compact-nontty-json-help");
    let config_home = workspace.join("config-home");
    let home = workspace.join("home");
    fs::create_dir_all(&workspace).expect("workspace should exist");
    fs::create_dir_all(&config_home).expect("config home should exist");
    fs::create_dir_all(&home).expect("home should exist");
    let output = run_claw_closed_stdin_with_timeout(
        &workspace,
        &config_home,
        &home,
        &["compact", "--output-format", "json", "--help"],
        Duration::from_secs(2),
    );
    assert!(
        !output.status.success(),
        "compact json help should fail non-zero"
    );
    assert!(
        output.stdout.is_empty(),
        "compact json help should not start a prompt/spinner on stdout: {}",
        String::from_utf8_lossy(&output.stdout)
    );
    let stderr = String::from_utf8(output.stderr).expect("stderr should be utf8");
    let parsed: Value = serde_json::from_str(stderr.trim()).expect("stderr should be JSON error");
    assert_eq!(parsed["status"], "error");
    assert_eq!(parsed["error_kind"], "interactive_only");
    assert_eq!(parsed["action"], "abort");
    assert!(
        parsed["message"]
            .as_str()
            .unwrap_or_default()
            .contains("claw compact"),
        "message should name compact: {parsed}"
    );
    // #749: hint must be non-empty (was null before fix — same class as #738/#745/#746)
    let hint = parsed["hint"].as_str().unwrap_or("");
    assert!(
        !hint.is_empty(),
        "compact interactive-only JSON must have non-empty hint (#749); got: {parsed}"
    );
    assert!(
        hint.contains("/compact") || hint.contains("--resume"),
        "hint should mention /compact or --resume: {hint}"
    );
    fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed");
 }
 #[test]
 fn compact_subcommand_text_fails_fast_when_stdin_closed() {
    let workspace = unique_temp_dir("compact-nontty-text");
    let config_home = workspace.join("config-home");
    let home = workspace.join("home");
    fs::create_dir_all(&workspace).expect("workspace should exist");
    fs::create_dir_all(&config_home).expect("config home should exist");
    fs::create_dir_all(&home).expect("home should exist");
    let output = run_claw_closed_stdin_with_timeout(
        &workspace,
        &config_home,
        &home,
        &["compact"],
        Duration::from_secs(2),
    );
    assert!(
        !output.status.success(),
        "compact text should fail non-zero"
    );
    assert!(
        output.stdout.is_empty(),
        "compact text should not start a prompt/spinner on stdout: {}",
        String::from_utf8_lossy(&output.stdout)
    );
    let stderr = String::from_utf8(output.stderr).expect("stderr should be utf8");
    assert!(
        stderr.contains("[error-kind: interactive_only]"),
        "{stderr}"
    );
    assert!(stderr.contains("claw compact"), "{stderr}");
    fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed");
 }
 fn run_claw(
    cwd: &std::path::Path,
    config_home: &std::path::Path,
@@ -266,6 +354,48 @@ fn run_claw(
    command.output().expect("claw should launch")
 }
 fn run_claw_closed_stdin_with_timeout(
    cwd: &std::path::Path,
    config_home: &std::path::Path,
    home: &std::path::Path,
    args: &[&str],
    timeout: Duration,
 ) -> Output {
    let mut child = Command::new(env!("CARGO_BIN_EXE_claw"))
        .current_dir(cwd)
        .env_clear()
        .env("CLAW_CONFIG_HOME", config_home)
        .env("HOME", home)
        .env("NO_COLOR", "1")
        .env("PATH", "/usr/bin:/bin")
        .stdin(Stdio::null())
        .stdout(Stdio::piped())
        .stderr(Stdio::piped())
        .args(args)
        .spawn()
        .expect("claw should launch");
    let start = Instant::now();
    loop {
        if child.try_wait().expect("try_wait should succeed").is_some() {
            return child.wait_with_output().expect("output should collect");
        }
        if start.elapsed() > timeout {
            let _ = child.kill();
            let output = child
                .wait_with_output()
                .expect("killed output should collect");
            panic!(
                "claw did not exit within {:?}\nstdout:\n{}\nstderr:\n{}",
                timeout,
                String::from_utf8_lossy(&output.stdout),
                String::from_utf8_lossy(&output.stderr)
            );
        }
        std::thread::sleep(Duration::from_millis(10));
    }
 }
 fn unique_temp_dir(label: &str) -> PathBuf {
    let millis = SystemTime::now()
        .duration_since(UNIX_EPOCH)
--- a/rust/crates/rusty-claude-cli/tests/output_format_contract.rs
+++ b/rust/crates/rusty-claude-cli/tests/output_format_contract.rs
--- a/rust/crates/rusty-claude-cli/tests/resume_slash_commands.rs
+++ b/rust/crates/rusty-claude-cli/tests/resume_slash_commands.rs
@@ -523,7 +523,14 @@ fn resumed_stub_command_emits_not_implemented_json() {
    assert!(!output.status.success());
    let stderr = String::from_utf8(output.stderr).expect("utf8");
    let parsed: Value = serde_json::from_str(stderr.trim()).expect("should be json");
-    assert_eq!(parsed["type"], "error");
+    assert_eq!(
        parsed["status"], "error",
        "stub command should emit status:error"
    );
    assert_eq!(
        parsed["kind"], "unsupported_command",
        "stub command should emit kind:unsupported_command"
    );
    assert!(
        parsed["error"]
            .as_str()
--- a/scripts/roadmap-check-ids.sh
+++ b/scripts/roadmap-check-ids.sh
@@ -0,0 +1,72 @@
 #!/usr/bin/env bash
 # roadmap-check-ids.sh — fail when helper-era ROADMAP item ids are duplicated.
 # Usage: scripts/roadmap-check-ids.sh [--min-id N] [path/to/ROADMAP.md]
 #
 # By default this validates ids >= 723, the point where ROADMAP appends started
 # using scripts/roadmap-next-id.sh. Earlier ROADMAP content contains historical
 # numbered lists and already-landed duplicate low ids, so the default guard is
 # intentionally scoped to new helper-era append collisions. Use --min-id 1 for a
 # strict whole-file audit after legacy numbering is cleaned up.
 set -euo pipefail
 MIN_ID=723
 ROADMAP="ROADMAP.md"
 while [[ $# -gt 0 ]]; do
  case "$1" in
    --min-id)
      if [[ $# -lt 2 || ! "$2" =~ ^[0-9]+$ ]]; then
        echo "error: --min-id requires a non-negative integer" >&2
        exit 2
      fi
      MIN_ID="$2"
      shift 2
      ;;
    --help|-h)
      sed -n '2,9p' "$0" | sed 's/^# //; s/^#//'
      exit 0
      ;;
    --*)
      echo "error: unknown option: $1" >&2
      exit 2
      ;;
    *)
      ROADMAP="$1"
      shift
      ;;
  esac
 done
 if [[ ! -f "$ROADMAP" ]]; then
  echo "error: ROADMAP not found at $ROADMAP" >&2
  exit 1
 fi
 awk -v min_id="$MIN_ID" -v path="$ROADMAP" '
  /^[0-9]+\./ {
    id = $0
    sub(/\..*/, "", id)
    id += 0
    if (id >= min_id) {
      count[id]++
      lines[id] = lines[id] (lines[id] ? ", " : "") FNR
    }
  }
  END {
    for (id in count) {
      if (count[id] > 1) {
        duplicate_count++
        duplicate_ids[duplicate_count] = id
      }
    }
    if (duplicate_count) {
      print "error: duplicate ROADMAP numeric id(s) in " path " (min id " min_id "):" > "/dev/stderr"
      for (i = 1; i <= duplicate_count; i++) {
        id = duplicate_ids[i]
        print "  - " id " at line(s) " lines[id] > "/dev/stderr"
      }
      exit 1
    }
    print "roadmap id check passed: no duplicate ids >= " min_id " in " path
  }
 ' "$ROADMAP"
--- a/scripts/roadmap-next-id.sh
+++ b/scripts/roadmap-next-id.sh
@@ -0,0 +1,57 @@
 #!/usr/bin/env bash
 # roadmap-next-id.sh — print the next available ROADMAP item id.
 # Usage: scripts/roadmap-next-id.sh [path/to/ROADMAP.md]
 #
 # Designed to be used before appending a new entry so that concurrent
 # dogfood claws do not accidentally reuse the same id:
 #
 #   NEXT=$(scripts/roadmap-next-id.sh)
 #   cat >> ROADMAP.md << EOF
 #   ${NEXT}. **...description...**
 #   EOF
 #
 # The script first validates helper-era ids with roadmap-check-ids.sh, then
 # reads the highest numeric id prefix from ROADMAP.md and prints highest+1. It
 # does not lock the file; callers working in parallel should git-pull
 # immediately before appending, run scripts/roadmap-check-ids.sh before push,
 # and resolve any append collision at git-push time.
 set -euo pipefail
 ROADMAP="${1:-ROADMAP.md}"
 SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"
 CHECKER="$SCRIPT_DIR/roadmap-check-ids.sh"
 if [[ ! -f "$ROADMAP" ]]; then
  echo "error: ROADMAP not found at $ROADMAP" >&2
  exit 1
 fi
 if [[ ! -f "$CHECKER" || ! -r "$CHECKER" ]]; then
  echo "error: required ROADMAP id checker not found or not readable at $CHECKER" >&2
  echo "error: refusing to print a next id without duplicate-id validation" >&2
  exit 1
 fi
 if ! checker_output="$(bash "$CHECKER" "$ROADMAP" 2>&1)"; then
  printf '%s\n' "$checker_output" >&2
  exit 1
 fi
 # Find the highest leading integer from lines that start with a number + '.'.
 highest=$(awk '
  /^[0-9]+\./ {
    id = $0
    sub(/\..*/, "", id)
    id += 0
    if (id > highest) {
      highest = id
    }
  }
  END { print highest + 0 }
 ' "$ROADMAP")
 if [[ "$highest" -eq 0 ]]; then
  echo 1
 else
  echo $(( highest + 1 ))
 fi
--- a/tests/test_pre_push_hook_contract.py
+++ b/tests/test_pre_push_hook_contract.py
@@ -0,0 +1,45 @@
 from __future__ import annotations
 import os
 import subprocess
 import unittest
 from pathlib import Path
 REPO_ROOT = Path(__file__).resolve().parents[1]
 PRE_PUSH_HOOK = REPO_ROOT / '.github' / 'hooks' / 'pre-push'
 class PrePushHookContractTests(unittest.TestCase):
    def test_skip_escape_hatch_exits_successfully_with_stderr_notice(self) -> None:
        env = os.environ.copy()
        env['SKIP_CLAW_PRE_PUSH_BUILD'] = '1'
        result = subprocess.run(
            ['bash', str(PRE_PUSH_HOOK)],
            cwd=REPO_ROOT,
            env=env,
            check=True,
            capture_output=True,
            text=True,
        )
        self.assertEqual('', result.stdout)
        self.assertIn('SKIP_CLAW_PRE_PUSH_BUILD=1', result.stderr)
        self.assertIn('skipping cargo workspace build', result.stderr)
    def test_default_build_gate_uses_workspace_locked_cargo_build(self) -> None:
        hook = PRE_PUSH_HOOK.read_text()
        self.assertIn(
            'cargo build --manifest-path rust/Cargo.toml --workspace --locked',
            hook,
        )
        self.assertIn(
            'build_cmd=(cargo build --manifest-path rust/Cargo.toml --workspace --locked)',
            hook,
        )
 if __name__ == '__main__':
    unittest.main()
--- a/tests/test_roadmap_helpers.py
+++ b/tests/test_roadmap_helpers.py
@@ -0,0 +1,67 @@
 from __future__ import annotations
 import shutil
 import subprocess
 import tempfile
 import unittest
 from pathlib import Path
 REPO_ROOT = Path(__file__).resolve().parents[1]
 NEXT_ID = REPO_ROOT / 'scripts' / 'roadmap-next-id.sh'
 def run_next_id(roadmap: Path, script: Path = NEXT_ID) -> subprocess.CompletedProcess[str]:
    return subprocess.run(
        ['bash', str(script), str(roadmap)],
        cwd=REPO_ROOT,
        capture_output=True,
        text=True,
        check=False,
    )
 class RoadmapHelperTests(unittest.TestCase):
    def test_roadmap_next_id_prints_only_next_id_after_duplicate_check(self) -> None:
        with tempfile.TemporaryDirectory() as temp_dir:
            roadmap = Path(temp_dir) / 'ROADMAP.md'
            roadmap.write_text('721. old\n723. helper era\n724. guard\n')
            result = run_next_id(roadmap)
        self.assertEqual(0, result.returncode)
        self.assertEqual('725\n', result.stdout)
        self.assertEqual('', result.stderr)
    def test_roadmap_next_id_fails_fast_on_helper_era_duplicate(self) -> None:
        with tempfile.TemporaryDirectory() as temp_dir:
            roadmap = Path(temp_dir) / 'ROADMAP.md'
            roadmap.write_text('722. legacy\n999. first\n999. duplicate\n')
            result = run_next_id(roadmap)
        self.assertNotEqual(0, result.returncode)
        self.assertEqual('', result.stdout)
        self.assertIn('duplicate ROADMAP numeric id(s)', result.stderr)
        self.assertIn('999', result.stderr)
        self.assertNotIn('1000', result.stdout)
    def test_roadmap_next_id_fails_closed_when_checker_is_unavailable(self) -> None:
        with tempfile.TemporaryDirectory() as temp_dir:
            script_dir = Path(temp_dir) / 'scripts'
            script_dir.mkdir()
            copied_next_id = script_dir / 'roadmap-next-id.sh'
            shutil.copy2(NEXT_ID, copied_next_id)
            roadmap = Path(temp_dir) / 'ROADMAP.md'
            roadmap.write_text('724. guard\n')
            result = run_next_id(roadmap, copied_next_id)
        self.assertNotEqual(0, result.returncode)
        self.assertEqual('', result.stdout)
        self.assertIn('required ROADMAP id checker not found or not readable', result.stderr)
        self.assertIn('refusing to print a next id', result.stderr)
 if __name__ == '__main__':
    unittest.main()