Shared memory and context tools for agentic work.
Code Rooms
{
"schema": "m1nd-bug-hunt-audit-result-v0",
"round_id": "bughunt-humanize-20260514T021500Z",
"lane_id": "audit-03",
"started_at": "2026-05-14T02:46:44Z",
"finished_at": "2026-05-14T02:54:53Z",
"repo_path": "/Users/kle1nz/m1nd/.m1nd-field-workspaces/bughunt-humanize-20260514T021500Z/audit-03/humanize",
"findings": [
"title": "clamp labels exact boundary values as out of range",
"severity": "high",
"file": "src/humanize/number.py",
"symbol": "clamp",
"cause": "The floor and ceil checks use <= and >= even though the docstring and argument text describe clamping only when the value is smaller than floor or larger than ceil.",
"impact": "Values exactly equal to a configured threshold get misleading '<' or '>' tokens, so boundary-safe values are reported as under/over the limit.",
"evidence": [
"src/humanize/number.py:473 documents clamp(0.99, format='{:.0%}', ceil=0.99) as '99%'",
"src/humanize/number.py:509 uses value <= floor and src/humanize/number.py:512 uses value >= ceil",
"doctest on humanize.number reports clamp(0.99, format='{:.0%}', ceil=0.99): expected '99%', got '>99%'",
"focused probe returned clamp(0.01, floor=0.01) -> '<0.01'"
],
"reproduction_or_test": "uv run python - <<'PY'\nimport doctest, humanize.number\nprint(doctest.testmod(humanize.number))\nPY",
"confidence": "high"
},
"title": "intcomma does not add thousands separators to negative numbers",
"severity": "medium",
"symbol": "intcomma",
"cause": "After conversion, the grouping loop applies a regex anchored to a digit at the start of the string, so values beginning with '-' never match.",
"impact": "Negative integers, floats, and numeric strings are returned without grouping, producing inconsistent formatting for balances, deltas, and signed quantities.",
"src/humanize/number.py:167 stores the signed string form in orig",
"src/humanize/number.py:172 only matches ^(\\d+)(\\d{3})",
"focused probe returned intcomma(-1234567) -> '-1234567'",
"focused probe returned intcomma('-1234567.89') -> '-1234567.89'",
"tests/test_number.py covers positive intcomma values and non-finite values but no negative intcomma case"
"reproduction_or_test": "uv run python - <<'PY'\nimport humanize\nprint(humanize.intcomma(-1234567))\nprint(humanize.intcomma('-1234567.89'))\nPY",
"title": "fractional corrupts signs for negative fractions",
"symbol": "fractional",
"cause": "The function truncates with int(number), then removes the numerator sign for proper fractions and leaves a negative numerator beside a negative whole part for mixed fractions.",
"impact": "Negative fractional values are either converted to positive values or rendered as awkward invalid-looking mixed fractions, changing the represented quantity.",
"src/humanize/number.py:370 uses int(number), which truncates -0.25 to 0",
"src/humanize/number.py:379-380 applies abs(numerator) when there is no whole part",
"src/humanize/number.py:382 emits the signed numerator directly for mixed numbers",
"focused probe returned fractional(-0.25) -> '1/4'",
"focused probe returned fractional(-1.25) -> '-1 -1/4'",
"tests/test_number.py covers positive fractional values and non-finite values but no negative fractional case"
"reproduction_or_test": "uv run python - <<'PY'\nimport humanize\nprint(humanize.fractional(-0.25))\nprint(humanize.fractional(-1.25))\nPY",
"title": "non-finite numeric time inputs raise OverflowError instead of falling back",
"file": "src/humanize/time.py",
"symbol": "naturaldelta / naturaltime / _date_and_delta",
"cause": "naturaldelta catches ValueError and TypeError around int(value) and datetime.timedelta construction, while _date_and_delta catches ValueError and TypeError around round(value); neither catches OverflowError from float infinity.",
"impact": "Public time humanizers crash on math.inf instead of returning the input string or a controlled non-finite representation, despite nearby tests asserting graceful behavior for string 'NaN'.",
"src/humanize/time.py:148-153 catches ValueError and TypeError but not OverflowError",
"src/humanize/time.py:86-91 catches ValueError and TypeError but not OverflowError",
"src/humanize/time.py:112-116 says values that cannot be converted are returned unchanged",
"focused probe returned naturaldelta(math.inf) !! OverflowError: cannot convert float infinity to integer",
"focused probe returned naturaltime(math.inf) !! OverflowError: cannot convert float infinity to integer",
"tests/test_time.py covers the string 'NaN' path but no float('inf') or float('nan') path"
"reproduction_or_test": "uv run python - <<'PY'\nimport math, humanize\nfor fn in (humanize.naturaldelta, humanize.naturaltime):\n try:\n print(fn.__name__, fn(math.inf))\n except Exception as exc:\n print(fn.__name__, type(exc).__name__, exc)\nPY",
"title": "naturalsize mishandles NaN and infinity",
"severity": "low",
"file": "src/humanize/filesize.py",
"symbol": "naturalsize",
"cause": "The function converts input to float and proceeds into integer/logarithm formatting without checking math.isfinite.",
"impact": "NaN raises ValueError, while infinity is formatted as a finite maximum suffix value such as 'inf QB', which is not a meaningful filesize.",
"src/humanize/filesize.py:90 converts value with float(value)",
"src/humanize/filesize.py:96-101 converts abs_bytes through integer/log suffix selection with no finite guard",
"focused probe returned naturalsize(math.nan) !! ValueError: cannot convert float NaN to integer",
"focused probe returned naturalsize(math.inf) -> 'inf QB'",
"tests/test_filesize.py has no non-finite filesize cases"
"reproduction_or_test": "uv run python - <<'PY'\nimport math, humanize\nfor value in (math.nan, math.inf):\n try:\n print(value, humanize.naturalsize(value))\n except Exception as exc:\n print(value, type(exc).__name__, exc)\nPY",
"title": "natural_list renders an empty list as the literal string None",
"file": "src/humanize/lists.py",
"symbol": "natural_list",
"cause": "The zero-length branch returns the literal string 'None' instead of an empty natural list representation.",
"impact": "Empty collections in UI or reports are rendered as if the value were None or the text item 'None', which can mislead callers and users.",
"src/humanize/lists.py:31-32 returns 'None' when len(items) == 0",
"src/humanize/lists.py:25-29 describes producing a string with commas and 'and', not a sentinel value",
"focused probe returned natural_list([]) -> 'None'",
"tests/test_lists.py covers one, two, and three items but no empty list"
"reproduction_or_test": "uv run python - <<'PY'\nimport humanize\nprint(humanize.natural_list([]))\nPY",
"confidence": "medium"
}
"commands_run": [
"sed -n '1,260p' /Users/kle1nz/m1nd/docs/benchmarks/bug-hunt-rounds/bughunt-humanize-20260514T021500Z/lane-prompts/audit-03.md",
"python3 /Users/kle1nz/.codex/skills/m1nd-operator/scripts/probe_m1nd.py tools",
"python3 /Users/kle1nz/.codex/skills/m1nd-operator/scripts/probe_m1nd.py run ... trust_selftest/session_handshake",
"python3 /Users/kle1nz/.codex/skills/m1nd-operator/scripts/probe_m1nd.py run ... ingest/audit/search/seek/recovery/doctor/impact/validate_plan/surgical_context_v2",
"find . -maxdepth 2 -type f | sort | sed 's#^./##' | head -200",
"sed -n ... src/humanize/{number.py,filesize.py,lists.py,time.py,i18n.py,__init__.py}",
"sed -n ... tests/test_{number.py,filesize.py,lists.py,time.py}",
"sed -n ... docs/{number.md,filesize.md,lists.md,time.md}",
"uv run --extra tests pytest -q",
"uv run python - <<'PY' ... focused behavior probe ... PY",
"uv run python - <<'PY' import doctest, humanize.number; print(doctest.testmod(humanize.number)) PY",
"git status --short"
"tests_run": [
"command": "uv run --extra tests pytest -q",
"result": "685 passed, 69 skipped in 0.61s"
"command": "uv run python - <<'PY' ... focused behavior probe ... PY",
"result": "Confirmed current outputs/errors for negative intcomma, clamp equality, negative fractional, non-finite time/filesize, and empty natural_list."
"command": "uv run python - <<'PY' import doctest, humanize.number; print(doctest.testmod(humanize.number)) PY",
"result": "1 doctest failure: clamp exact ceil example expected '99%' and got '>99%'."
"m1nd_usage": [
"tools: live probe helper exposed 96 m1nd tools.",
"trust_selftest: reported needs_ingest for the assigned workspace, no wrong-workspace binding.",
"session_handshake(scope): reported needs_ingest before ingest.",
"ingest: parsed the assigned repo, creating 216 nodes and 224 edges on the successful runs.",
"audit(path, profile=auto): succeeded after one schema retry; oriented repo shape but reported external graph artifacts from probe side effects.",
"search(combined scoped symbol query): returned zero candidates with recovery payload; recorded as retrieval_needs_recovery.",
"seek(intent query): returned relevant source/test nodes including number.py, filesize.py, and time.py, but also carried recovery guidance.",
"recovery_playbook for blocked search and triaging seek: classified stale_binding_suspected / scope-normalization risk and advised direct file truth.",
"doctor for search and seek observations: graph populated, no wrong workspace, stale_binding_suspected/scope-normalization possible.",
"exact symbol search without scope after ingest: full_trust and matched intcomma, fractional, clamp, natural_list, naturaltime, naturaldelta, naturaldate, naturalsize, and metric neighborhoods.",
"impact: first target-based calls failed schema validation; retried with node_id for intcomma, clamp, fractional, naturaldelta and got empty one-hop blast radius.",
"validate_plan: first plan string failed schema validation; retried with actions for focused regression tests and received medium risk.",
"surgical_context_v2: first target-based calls failed schema validation; retried with file_path for number.py, time.py, and filesize.py and got ready_to_edit context."
"files_inspected": [
"src/humanize/number.py",
"src/humanize/filesize.py",
"src/humanize/lists.py",
"src/humanize/time.py",
"src/humanize/i18n.py",
"src/humanize/__init__.py",
"tests/test_number.py",
"tests/test_filesize.py",
"tests/test_lists.py",
"tests/test_time.py",
"docs/number.md",
"docs/filesize.md",
"docs/lists.md",
"docs/time.md",
"pyproject.toml"
"final_notes": "No code fixes or commits were made. The audit wrote this result JSON and appended the assigned event JSONL. m1nd probe ingest also created graph_snapshot.json, ingest_roots.json, and plasticity_state.json inside the assigned local repo workspace; git status otherwise showed no tracked source changes. Findings are based on direct code reads and runtime probes, not m1nd output alone.",
"agent_testimony": "I followed the prompt's m1nd card first. Live native MCP tools were not exposed, so I used the probe helper with isolated runtime, ingested the exact workspace, handled recovery guidance when scoped retrieval looked blocked, then grounded the report in source lines, existing tests, the full pytest suite, a doctest run, and a focused runtime probe. The m1nd surface helped point to the right files, but direct execution produced the decisive evidence.",