fix: add dev shell and pi sdk regressions

Author: NathanFlurry

CLAUDE.md

@@ -79,6 +79,14 @@
 - check GitHub Actions test/typecheck status per commit to identify when a failure first appeared
 - do not use `contract` in test filenames; use names like `suite`, `behavior`, `parity`, `integration`, or `policy` instead
 
+## Dev Shell
+
+- `packages/dev-shell/` is the canonical interactive sandbox for manual validation of the runtime surface
+- VERY IMPORTANT: the dev shell must never use host-backed command overrides or host-binary fallbacks for manual validation; if a tool is present there, it must run through the sandbox-native runtime path
+- if a tested tool does not yet have a real sandbox-native path, leave it unavailable in the dev shell and track the gap instead of silently routing to the host
+- when adding a new tested CLI tool or runtime surface, update `packages/dev-shell/` in the same change so developers can reproduce and inspect it interactively inside the sandbox
+- keep the dev shell honest with focused end-to-end coverage, including at least one interactive PTY/TUI path that runs entirely inside the sandbox
+
 ## GitHub Issues
 
 - when fixing a bug or implementation gap tracked by a GitHub issue, close the issue in the same PR using `gh issue close <number> --comment "Fixed in <commit-hash>"`

docs/kernel/interactive-shell.mdx

@@ -94,14 +94,16 @@ This is the fastest way to drop into a kernel shell from Node.js. It handles:
 
 ### CLI entry point
 
-The repository includes a ready-made CLI at `scripts/shell.ts`:
+The repository includes a ready-made developer shell in `packages/dev-shell/`:
 
 ```bash
-npx tsx scripts/shell.ts
-npx tsx scripts/shell.ts --no-node          # WasmVM only
-npx tsx scripts/shell.ts --wasm-path ./path  # Custom WASM binary
+just dev-shell
+just dev-shell --work-dir /tmp/demo
+pnpm --filter @secure-exec/dev-shell dev-shell -- --work-dir .
 ```
 
+It boots a sandbox-only developer shell for manual testing: WasmVM shell commands, `node`/`npm`/`npx`, `python`/`python3`, host network access, repo credentials from `~/misc/env.txt`, and sandbox-native tool integrations such as Pi when those paths are implemented. The dev shell must not silently fall back to host-backed command overrides.
+
 ## PTY internals
 
 Under the hood, `openShell()` allocates a PTY master/slave pair, spawns the shell with the slave as its stdin/stdout/stderr, and pumps master reads to `onData`.

justfile

@@ -1,5 +1,9 @@
-dev-shell:
-	npx tsx scripts/shell.ts
+set positional-arguments := true
+
+dev-shell *args:
+	#!/usr/bin/env bash
+	set -euo pipefail
+	pnpm --filter @secure-exec/dev-shell dev-shell -- "$@"
 
 dev-docs:
 	cd docs && npx mintlify dev
@@ -12,4 +16,3 @@ build-website:
 
 release *args:
 	npx tsx scripts/release.ts {{args}}
-

packages/core/src/kernel/kernel.ts

@@ -470,16 +470,11 @@ class KernelImpl implements Kernel {
 				?? ((data: Uint8Array) => { stdout.write(data); });
 			shell.onData = outputHandler;
 
-			// Handle terminal resize
-			onResize = () => {
-				shell.resize(stdout.columns || 80, stdout.rows || 24);
-			};
-			if (stdout.isTTY) stdout.on("resize", onResize);
-
-			// Set initial terminal size
-			if (stdout.isTTY) {
-				shell.resize(stdout.columns || 80, stdout.rows || 24);
-			}
+			// PTY resize forwarding is currently unsafe for Wasm shell sessions:
+			// an early resize can terminate the shell before the first prompt.
+			// Keep interactive stdin/stdout working and leave resize disabled
+			// until the PTY/SIGWINCH path is fixed end-to-end.
+			onResize = undefined;
 
 			return await shell.wait();
 		} finally {

packages/dev-shell/.pi/agent/auth.json

@@ -0,0 +1 @@
+{}

packages/dev-shell/.pi/agent/sessions/----/2026-03-27T19-56-55-811Z_2420a4e0-8506-48fa-94a7-b122ccec0358.jsonl

@@ -0,0 +1,5 @@
+{"type":"session","version":3,"id":"2420a4e0-8506-48fa-94a7-b122ccec0358","timestamp":"2026-03-27T19:56:55.811Z","cwd":"/"}
+{"type":"model_change","id":"f0b78351","parentId":null,"timestamp":"2026-03-27T19:56:55.811Z","provider":"anthropic","modelId":"claude-opus-4-6"}
+{"type":"thinking_level_change","id":"df319e21","parentId":"f0b78351","timestamp":"2026-03-27T19:56:55.811Z","thinkingLevel":"medium"}
+{"type":"message","id":"a2cdc96a","parentId":"df319e21","timestamp":"2026-03-27T19:56:55.811Z","message":{"role":"user","content":[{"type":"text","text":"ls"}],"timestamp":1774641415811}}
+{"type":"message","id":"c7776098","parentId":"a2cdc96a","timestamp":"2026-03-27T19:56:55.811Z","message":{"role":"assistant","content":[{"type":"toolCall","id":"toolu_01CEG1hrfFttsHMjw3iVRZuG","name":"bash","arguments":{"command":"ls"}}],"api":"anthropic-messages","provider":"anthropic","model":"claude-opus-4-6","usage":{"input":1715,"output":52,"cacheRead":0,"cacheWrite":0,"totalTokens":1767,"cost":{"input":0.008575000000000001,"output":0.0013000000000000002,"cacheRead":0,"cacheWrite":0,"total":0.009875000000000002}},"stopReason":"toolUse","timestamp":1774641415811,"responseId":"msg_01KaHZgLjwafcHXVuohGiFP7"}}

packages/dev-shell/.pi/agent/sessions/----/2026-03-27T19-59-00-699Z_0a3c0bd9-d5f9-4bc1-8ead-18a3db472dfb.jsonl

@@ -0,0 +1,7 @@
+{"type":"session","version":3,"id":"0a3c0bd9-d5f9-4bc1-8ead-18a3db472dfb","timestamp":"2026-03-27T19:59:00.699Z","cwd":"/"}
+{"type":"model_change","id":"e1afbc28","parentId":null,"timestamp":"2026-03-27T19:59:00.699Z","provider":"anthropic","modelId":"claude-opus-4-6"}
+{"type":"thinking_level_change","id":"f32b3117","parentId":"e1afbc28","timestamp":"2026-03-27T19:59:00.699Z","thinkingLevel":"medium"}
+{"type":"message","id":"7e743c86","parentId":"f32b3117","timestamp":"2026-03-27T19:59:00.699Z","message":{"role":"user","content":[{"type":"text","text":"hello?"}],"timestamp":1774641540699}}
+{"type":"message","id":"47896b95","parentId":"7e743c86","timestamp":"2026-03-27T19:59:00.699Z","message":{"role":"assistant","content":[{"type":"thinking","thinking":"The user is just saying hello.","thinkingSignature":"EtkBClkIDBgCKkDz1y/N/yiy1zUVggdL2b+UK1QGHr1WC45+3KwGWkUR/9JaaRa2g2il6FKG0A4ZlKzWtSSvsR7If/jU0mInALW2Mg9jbGF1ZGUtb3B1cy00LTY4ABIM79O70RfgxMiBhn/MGgz5WS0AEpwTlDB7fMoiMJuxOKKKJRDUs6mbgTKr6EQoxt8laGZlo3jwNPwTYizgiPrLPI5EOsOkybfGgIICuyouYQrpssgZiq3Q3YR4dosbrQUsJWi0nmzqZ8Q5EQGtHRRBm+5CztzfNklW3+225BgB"},{"type":"text","text":"Hello! 👋 How can I help you today?"}],"api":"anthropic-messages","provider":"anthropic","model":"claude-opus-4-6","usage":{"input":1716,"output":39,"cacheRead":0,"cacheWrite":0,"totalTokens":1755,"cost":{"input":0.00858,"output":0.0009750000000000001,"cacheRead":0,"cacheWrite":0,"total":0.009555000000000001}},"stopReason":"stop","timestamp":1774641540699,"responseId":"msg_01AC4VXngdsrdqrDDbpXPcAt"}}
+{"type":"message","id":"e6a6ce9f","parentId":"47896b95","timestamp":"2026-03-27T19:59:00.699Z","message":{"role":"user","content":[{"type":"text","text":"list files"}],"timestamp":1774641540699}}
+{"type":"message","id":"81fb95e1","parentId":"e6a6ce9f","timestamp":"2026-03-27T19:59:00.699Z","message":{"role":"assistant","content":[{"type":"toolCall","id":"toolu_01EqGqGReE8qqhktqzpGpm6f","name":"bash","arguments":{"command":"ls"}}],"api":"anthropic-messages","provider":"anthropic","model":"claude-opus-4-6","usage":{"input":1759,"output":52,"cacheRead":0,"cacheWrite":0,"totalTokens":1811,"cost":{"input":0.008795,"output":0.0013000000000000002,"cacheRead":0,"cacheWrite":0,"total":0.010095000000000002}},"stopReason":"toolUse","timestamp":1774641540699,"responseId":"msg_01DAVEKHSr567uj4hmTreEcg"}}

packages/dev-shell/.pi/agent/settings.json

@@ -0,0 +1,3 @@
+{
+  "lastChangelogVersion": "0.60.0"
+}

packages/dev-shell/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "@secure-exec/dev-shell",
+  "private": true,
+  "type": "module",
+  "bin": {
+    "secure-exec-dev-shell": "./dist/shell.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "check-types": "tsc --noEmit",
+    "dev-shell": "tsx src/shell.ts",
+    "test": "vitest run"
+  },
+  "dependencies": {
+    "@secure-exec/core": "workspace:*",
+    "@secure-exec/nodejs": "workspace:*",
+    "@secure-exec/python": "workspace:*",
+    "@secure-exec/wasmvm": "workspace:*",
+    "pyodide": "^0.28.3"
+  },
+  "devDependencies": {
+    "@types/node": "^22.10.2",
+    "@xterm/headless": "^6.0.0",
+    "tsx": "^4.19.2",
+    "typescript": "^5.7.2",
+    "vitest": "^2.1.8"
+  }
+}

packages/dev-shell/src/index.ts

@@ -0,0 +1,3 @@
+export type { DevShellKernelResult, DevShellOptions } from "./kernel.js";
+export { createDevShellKernel } from "./kernel.js";
+export { collectShellEnv, resolveWorkspacePaths } from "./shared.js";