diff --git a/openviking/crypto/encryptor.py b/openviking/crypto/encryptor.py
index ca6609ebb..cf99a78e3 100644
--- a/openviking/crypto/encryptor.py
+++ b/openviking/crypto/encryptor.py
@@ -108,14 +108,16 @@ async def decrypt(self, account_id: str, ciphertext: bytes) -> bytes:
         Returns:
             Decrypted plaintext content
         """
-        # 1. Check magic number
-        if len(ciphertext) < MAGIC_LENGTH:
-            raise InvalidMagicError("Ciphertext too short")
-
+        # 1. Check magic number (check prefix first, before length)
+        #    This ensures plaintext files (including empty/short ones) are
+        #    returned as-is instead of raising "Ciphertext too short".
         if not ciphertext.startswith(MAGIC):
             # Unencrypted file, return directly
             return ciphertext
 
+        if len(ciphertext) < MAGIC_LENGTH:
+            raise InvalidMagicError("Ciphertext too short")
+
         try:
             # 2. Parse Envelope
             (
diff --git a/openviking/utils/summarizer.py b/openviking/utils/summarizer.py
index 805b7a3d2..dbc496a31 100644
--- a/openviking/utils/summarizer.py
+++ b/openviking/utils/summarizer.py
@@ -55,7 +55,7 @@ async def summarize(
         enqueued_count = 0
 
         telemetry = get_current_telemetry()
-        for uri, temp_uri in zip(resource_uris, temp_uris):
+        for uri, temp_uri in zip(resource_uris, temp_uris, strict=True):
             # Determine context_type based on URI
             context_type = "resource"
             if uri.startswith("viking://memory/"):