feat: blast radius preflight gate via charter blast (#20)#22
Merged
stackbilt-admin merged 2 commits intomainfrom Apr 9, 2026
Merged
feat: blast radius preflight gate via charter blast (#20)#22stackbilt-admin merged 2 commits intomainfrom
stackbilt-admin merged 2 commits intomainfrom
Conversation
Adds an autonomous-safety gate to the taskrunner that refuses to execute
auto_safe tasks targeting architectural hubs.
How it works:
1. compute_blast_radius() — new helper that extracts file paths from
the task prompt via regex, filters to ones that exist in the target
repo, and runs `charter blast <files> --format json` with a
configurable timeout. Summarizes to {seeds, affected, severity,
hot_file, top_hot_files} with a 4-level severity ladder:
low 0-4 affected
medium 5-19 affected
high 20-49 affected
critical 50+ affected
2. Execution gate — right before mission brief assembly, check the
severity. If critical + auto_safe, log, mark the task failed with
TASK_BLOCKED: blast_radius_critical, and return. Claude is never
spawned, no turns burned, no wrong changes committed.
3. render_blast_warning() — for high/critical severities, injects a
## Blast Radius Warning section into the mission brief so the agent
knows the scope it's operating in. For low/medium severities the
section is empty.
Environment knobs:
CC_DISABLE_BLAST=1 — opt out entirely
CC_BLAST_WARN=<n> — high threshold (default: 20)
CC_BLAST_BLOCK=<n> — critical threshold (default: 50)
CC_BLAST_TIMEOUT=<sec> — charter blast timeout (default: 60)
Graceful degradation:
- Charter not installed → no-op, task runs as before
- No file paths in prompt → no-op
- charter blast fails/timeout → no-op, task runs as before
- authority != auto_safe → warning injected but task runs
Seed count is capped at 10 to prevent runaway prompts from exploding
the blast call.
Applied symmetrically to taskrunner.sh and plugin/taskrunner.sh.
Depends on @stackbilt/cli >= 0.10.0 (for `charter blast`).
Validated against a real 263-file TypeScript Worker codebase:
version.ts (leaf) → 5 affected, medium, no gate
chat-session.ts (isolated) → 1 affected, low, no gate
dispatch.ts (orchestrator) → 72 affected, CRITICAL, gate fires
types.ts (central types) → 127 affected, CRITICAL, gate fires
Closes #20.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a new "Charter Integration (optional)" section documenting both: - Project fingerprint via `charter surface` (shipped in 1.4.0, never docs'd) - Blast radius preflight gate via `charter blast` (this PR) Also adds the corresponding env vars to the Environment Variables table: - CC_DISABLE_FINGERPRINT, CC_FINGERPRINT_TIMEOUT (from 1.4.0/1.4.1) - CC_DISABLE_BLAST, CC_BLAST_WARN, CC_BLAST_BLOCK, CC_BLAST_TIMEOUT (this PR) Includes: - Severity ladder table (low/medium/high/critical) - Gate firing behavior + how operators unblock tasks - Sample mission brief warning section - Pointer to the charter CLI install command Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
stackbilt-admin
force-pushed
the
feat/blast-radius-preflight
branch
from
7eed3f8 to
04dbff2
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
auto_safetasks targeting architectural hubs.charter blast --format jsonon file paths extracted from the task prompt; classifies severity on a 4-level ladder; blocks execution when critical.## Blast Radius Warningsection into the mission brief so the agent understands scope even when the task is allowed to proceed.taskrunner.shandplugin/taskrunner.sh.Severity ladder
lowmediumhighcriticalEnvironment knobs
Graceful degradation
All of these are no-ops that let the task run as before:
CC_DISABLE_BLAST=1set.ts/.tsx/.js/.jsx/.mjs/.cjs)charter blastfails or times outHow the gate fires
Operator can still force execution by changing the task's
authoritytooperatorand re-queuing. The gate only refusesauto_safe.Real-world validation
Tested against a 263-file TypeScript Cloudflare Worker codebase:
version.ts(leaf)chat-session.ts(isolated DO)dispatch.ts(orchestrator)types.ts(central types)Also tested:
.tsfile that doesn't exist in repo → no-op, file filtered outSeed count cap
The helper caps seed files at 10 to prevent runaway prompts from exploding the blast call. If a prompt lists 47
.tsfiles, only the first 10 (after sort) are fed to charter.Prompt brief excerpt
When a high or critical severity fires, the mission brief looks like:
Test plan
bash -non bothtaskrunner.shandplugin/taskrunner.shblastcommand on PATH confirmed workingRelated
@stackbilt/cli >= 0.10.0🤖 Generated with Claude Code