feat: blast radius preflight gate via charter blast

[stackbilt-admin]

Motivation

Autonomous task runners are powerful but unconstrained: a task that says "refactor dispatch.ts" might touch 1 file or 127 files, and the runner has no way to tell before burning turns on execution. Catastrophic changes sail through auto_safe pipelines and ship to production.

Charter CLI 0.10.0 ships charter blast, a zero-dependency reverse-dependency-graph analyzer that answers "if I change this file, what else transitively imports it?" in subsecond time. This issue proposes integrating it as a preflight gate in the taskrunner.

Proposal

Add a compute_blast_radius() helper that:

1. Extracts file paths from the task prompt (reusing the same regex as adjust_max_turns_for_loc).
2. Filters to files that actually exist in the target repo.
3. Runs charter blast <files> --format json with a configurable timeout.
4. Classifies severity on a 4-level ladder:
   • low: 0–4 affected files
   • medium: 5–19 affected files
   • high: 20–49 affected files (adds warning)
   • critical: 50+ affected files (gate fires)

Add an execution gate after preflight:

if [[ "$blast_severity" = "critical" && "$authority" = "auto_safe" ]]; then
  log "│  ⚠ GATE: blast radius critical — downgrading auto_safe → proposed"
  mark_completed "$task_id" 0 <(echo "TASK_BLOCKED: blast_radius_critical — ${blast_affected} files affected")
  return 0
fi

Graceful degradation

• Opt out entirely: CC_DISABLE_BLAST=1
• If charter isn't installed: helper returns empty, nothing happens
• If prompt has no file paths: no-op
• Tunable thresholds: CC_BLAST_WARN (default 20), CC_BLAST_BLOCK (default 50), CC_BLAST_TIMEOUT (default 60s)

Real-world validation

Tested on a 263-file Cloudflare Worker codebase:

Seed file	Affected	Severity	Gate
version.ts (leaf)	2	low	no
chat-session.ts (DO)	1	low	no
dispatch.ts (orchestrator)	72	critical	fires
types.ts (central types)	127	critical	fires

The gate correctly distinguished leaf modules from architectural hubs without any manual tagging.

Why this belongs in OSS

• It's a general autonomous-agent safety pattern, not Stackbilt-specific
• charter blast is itself OSS and zero-dependency (Apache-2.0)
• The integration is ~80 lines of bash, all optional
• Every autonomous runner would benefit from blast-radius awareness before burning tokens on a refactor that was going to break the world

Schema addition

Preflight JSON gains an optional blast_radius field:

{
  "blast_radius": {
    "seeds": ["src/kernel/dispatch.ts"],
    "affected": 72,
    "severity": "critical",
    "hot_file": true,
    "top_hot_files": [
      {"file": "src/types.ts", "importers": 65},
      {"file": "src/kernel/dispatch.ts", "importers": 45}
    ]
  }
}

Reference implementation

The AEGIS-internal fork has this landed in scripts/taskrunner.sh as of the commit adding the self-improvement gate. Happy to extract and submit as a PR against OSS taskrunner.sh + plugin/taskrunner.sh if there's interest.

Related

• Depends on: @stackbilt/cli 0.10.0 (for charter blast)
• Complements: fix: branch conflict — check remote refs, not just local #14 (branch cleanup), fix: server-side classifier should recognize max_turns_exceeded #15 (max_turns), and the fingerprint injection via charter surface that already landed in main