[Task] Add LLM stream failure diagnostics v2 to session exports

[Astro-Han]

Goal

Add structured LLM stream failure diagnostics to PawWork session exports so the next stream failure can be attributed to the correct boundary instead of requiring per-incident guesswork.

When this task is done, a failed assistant turn should tell us whether the failure most likely came from local cancellation, PawWork's stream watchdog, SDK / transport stream reading, provider / gateway closure, or an unknown boundary with enough evidence to continue investigation.

This is a diagnostic foundation task, not a user-visible behavior fix.

Scope

In scope:

• Extend the existing llm_trace / session export diagnostics with a schema-versioned v2 shape or compatible v1 extension.
• Capture a compact stream phase timeline: request creation, SDK stream returned, watchdog armed, first event, first provider-progress event, last provider-progress event, failure/completion.
• Capture watchdog configuration and state: connectTimeoutMs, streamTimeoutMs, provider-progress state, and timeout/failure phase.
• Capture a sanitized error fingerprint for stream failures: constructor name, error name, message, code, cause name/message/code, and at most a safe stack/module hint.
• Capture abort state at failure time: whether the LLM abort signal was already aborted, plus any available abort provenance.
• Capture safe provider correlation data when available, such as request id / response id / non-sensitive response headers.
• Keep exports safe: do not include auth headers, cookies, prompt text, tool args, raw provider response body, or arbitrary URLs.
• Preserve current runtime behavior. This task should improve diagnosis only.

Out of scope:

• Translating terminated into user-facing copy.
• Changing retry behavior or timeout policy.
• Reworking the full watchdog architecture.
• Recording every stream chunk or provider packet.
• Building a general observability or telemetry platform.
• Provider-specific error taxonomy beyond safe raw fingerprints and phase classification.

Relevant files or context

Related issues / PRs:

• [Bug] Raw terminated from upstream stream close leaks to assistant message without translation #754 — raw terminated leaks from an upstream / transport stream close; current logs prove the symptom but not the failing boundary.
• [Bug] 30s LLM connect timeout aborts OpenAI reasoning streams (post-#729 residual) #755 — 30s first-provider-progress timeout; current counters were useful but lacked timeout policy and phase detail.
• [Bug] First-turn tool execution aborted without recorded source — model stops, user must resend #721 — first-turn Tool execution aborted; PR fix: preserve abort interrupt provenance #710 improved abort provenance and showed the value of targeted diagnostics.
• PR fix: preserve abort interrupt provenance #710 — preserved abort interrupt provenance for exported-session debugging.
• PR fix(config): gate Instance dispose on actual config change #722 — removed a known no-op config write trigger for scope-driven aborts.
• PR fix: defer LLM stream connect timeout to after HTTP request is sent #729 — deferred the LLM stream connect timeout until after the HTTP request is sent.

Likely files:

• packages/opencode/src/session/llm.ts
• packages/opencode/src/session/llm-trace/types.ts
• packages/opencode/src/session/llm-trace/recorder.ts
• packages/opencode/src/session/processor.ts
• packages/opencode/src/session/export.ts
• packages/opencode/src/session/message-v2.ts
• packages/opencode/test/session/llm.test.ts
• packages/opencode/test/session/export.test.ts

Observed gap from #754's second reproduction:

• The export shows UnknownError with data.message = "terminated" and flags.stream_error = true.
• The trace proves provider progress happened before failure.
• The trace does not show whether the abort signal was already aborted, whether a watchdog fired, what raw error class/code/cause was thrown by undici/SDK, or whether provider request correlation is available.

Verification

• Add focused unit tests for stream failure diagnostics on:
  • connect timeout before first provider-progress event;
  • mid-stream external iterator error after provider progress;
  • local abort / interrupt path if currently observable in the test surface.
• Add export tests proving diagnostics are included and sanitized.
• Add regression tests ensuring sensitive data is not exported: auth headers, cookies, raw prompt text, raw tool args, and response bodies.
• Run targeted checks, likely:
  • bun --cwd packages/opencode test test/session/llm.test.ts test/session/export.test.ts --timeout 30000
  • bun --cwd packages/opencode typecheck
  • git diff --check

Execution mode

Investigate and propose a plan first — the agent must post the plan as an issue comment and wait for an explicit "approved" comment before writing code or opening a PR.

[Astro-Han]

Lightweight design: LLM Stream Failure Diagnostics V6

Review status

Scheme name: LLM Stream Failure Diagnostics V6.

Final scheme-review status: no P0/P1 scheme blockers. V6 folds in the last useful review deltas: overlap classification precedence, safe-at-capture diagnostics, raw iterator/provider error fingerprint timing, reviewed-key-only provider correlation, explicit legacy v1 counter semantics, confidence derivation, silent-stream type docs, and monotonic-duration testability.

This ends the abstract scheme-review loop. The next review should be against a real implementation PR diff using this comment as the acceptance checklist, not another broad GPT Pro design pass.

This is still not a merge decision for any future PR. An implementation PR must prove safe snapshot creation before persistence, dual-path export sanitizer coverage, raw error capture timing before adapter flattening, overlap classification truth-table behavior, abort provenance race handling, provider correlation fallback, retry/attempt consistency across v1 counters and nested stream diagnostics, monotonic duration behavior, unchanged silent-timeout behavior, targeted tests, typecheck, CI, and git diff --check.

This comment is the V6 design draft. The implementation payload can still use nested stream.schema_version = 2; V6 is the design-review version, not necessarily the exported nested schema number.

Design goal

Give every failed LLM stream turn enough structured evidence to answer the first debugging question:

Which boundary surfaced the failure: local abort, PawWork watchdog, SDK / transport read, provider / gateway, or unknown?

This design deliberately keeps the PR diagnostic-only. It must not change retry policy, timeout values, user-facing copy, or stream consumption behavior.

Current state

Existing llm_trace summaries already record useful counters:

• provider/model/agent/variant;
• request summary such as streaming, tool count, reasoning capability, and safe generation options;
• stream event counters;
• stored part counters;
• token totals;
• flags such as stream_error and aborted.

That was enough to distinguish #754 from #755:

• [Bug] 30s LLM connect timeout aborts OpenAI reasoning streams (post-#729 residual) #755: no provider-progress events before the 30s watchdog error.
• [Bug] Raw terminated from upstream stream close leaks to assistant message without translation #754: provider progress existed before raw terminated surfaced.

But it was not enough to identify #754's failing boundary because the export did not preserve a safe error fingerprint, abort-signal state, watchdog phase, last-progress timing, provider correlation identifiers, or whether local cancellation was already in flight.

Proposed shape

Add a schema-versioned stream diagnostics object under each assistant message trace as llm_trace.stream. Keep the existing top-level v1 llm_trace fields and llm_trace.schema_version = 1 readable for older tooling; the nested stream.schema_version = 2 versions only the new stream diagnostics object. Do not introduce a parallel llm_trace_v2 top-level field unless implementation proves the nested shape cannot work.

Suggested fields:

type LLMStreamDiagnosticsV2 = {
  schema_version: 2
  attempt?: {
    attempt_index?: number
    // attempt_id is optional and should only be present if a real stable source exists.
    // Do not fabricate ID semantics; terminal-attempt-only may use attempt_index + note.
    attempt_id?: string
    terminal_attempt?: boolean
    note?: "terminal_attempt_only" | "per_attempt_recorded"
  }
  // Describes the legacy top-level v1 counters (`stream_events`, `tokens`, `flags`).
  // It is separate from nested stream attempt semantics so old readers do not infer
  // that v1 counters necessarily describe the same attempt as `llm_trace.stream`.
  legacy_v1_counters?: "terminal_attempt" | "aggregate"
  timeline: {
    // Collector/request creation time, not necessarily the same as top-level assistant trace created_at.
    collector_created_at: number
    sdk_stream_returned_at?: number
    watchdog_armed_at?: number
    first_event_at?: number
    first_provider_progress_at?: number
    last_event_at?: number
    last_provider_progress_at?: number
    completed_at?: number
    failed_at?: number
    durations_ms?: {
      created_to_sdk_stream_returned?: number
      watchdog_armed_to_first_event?: number
      watchdog_armed_to_first_provider_progress?: number
      first_to_last_provider_progress?: number
      last_provider_progress_to_failure?: number
      total?: number
    }
  }
  watchdog: {
    connect_timeout_ms: number
    stream_timeout_ms: number
    provider_progressed: boolean
    phase_at_end: "before_first_provider_progress" | "between_provider_events" | "completed" | "unknown"
    fired: boolean
    fired_phase?: "connect" | "silent_stream"
  }
  abort: {
    signal_aborted_at_error?: boolean
    provenance_source?: string
    provenance_reason?: string
    provenance_mode?: "soft" | "hard"
    provenance_recorded_at?: number
    provenance_missing?: boolean
  }
  error?: {
    // Observation boundary / surfaced failure boundary, not final root cause.
    boundary: "watchdog" | "local_abort" | "sdk_transport" | "provider_stream" | "unknown"
    confidence?: "low" | "medium" | "high"
    evidence?: Array<
      | "watchdog_fired"
      | "watchdog_error"
      | "abort_signal_aborted"
      | "abort_provenance_present"
      | "abort_provenance_missing"
      | "provider_error_event"
      | "iterator_error"
      | "provider_progress_seen"
      | "request_id_present"
      | "provider_correlation_unavailable"
    >
    constructor_name?: string
    name?: string
    message?: string
    code?: string
    cause_constructor_name?: string
    cause_name?: string
    cause_message?: string
    cause_code?: string
    stack_hint?: string
  }
  provider?: {
    request_id?: string
    response_id?: string
    status_code?: number
    safe_headers?: Record<string, string>
    unavailable_reason?: string
  }
}

The exact names can change during implementation, but the diagnostic questions must stay covered. boundary is an observation boundary / surfaced failure boundary, not a final root-cause verdict. It is always best-effort; supporting fields must remain available so future readers do not treat the classification as a proven root cause.

Data flow

1. LLM.stream() creates a per-stream diagnostic collector at the same boundary where the watchdog request object is created.
2. The collector records phase timestamps during:
   • request object creation;
   • SDK run() return / streamText() result availability;
   • watchdog arming;
   • every observed stream event, but only as counters/timestamps, not raw chunk payloads;
   • watchdog timeout firing;
   • iterator error / completion.
3. The collector records safe fingerprints only. It must not store raw headers, raw response bodies, full stacks, prompt text, tool args, arbitrary URLs, local paths, auth material, cookies, or token-like strings, even transiently in the assistant diagnostics object.
4. The implementation must save the safe failure snapshot before cleanup/finalize can collapse the evidence into only streamError / aborted booleans. Add recorder APIs such as recordStreamFailure(error, context), recordProviderErrorEvent(event, context), recordWatchdogFired(context), and recordAbortState(context) instead of relying only on finalize() inputs.
5. failOnTimeout(), async iterator next() catch points, provider error-event handling, and SessionProcessor.halt(e) must call the recorder while the original error/context is still available.
6. SessionProcessor finalization merges the stream diagnostics into the existing trace before persisting the assistant message.
7. SessionExport includes the new object and sanitizes string/header fields through an explicit export-level whitelist/redaction path. The same sanitizer must run for both top-level diagnostics.llm_traces and the session tree copy at session.messages[].info.diagnostics.llm_trace.

Acceptance blocker: safe snapshot before persistence

The assistant message persists diagnostics.llm_trace; therefore export sanitization cannot be the only privacy boundary. The recorder/provider-correlation capture stage must build a sanitized, bounded snapshot before persistence.

Rules:

• recordStreamFailure, provider correlation capture, and any provider error-event capture must apply allowlisting, redaction, and size caps before values are stored in the trace.
• Export sanitization is defense-in-depth, not the first place secrets are removed.
• Tests must construct stream diagnostics containing secret headers, prompt text, tool args, raw body, URL, full stack, and local path, then assert all three places are safe:
  1. persisted assistant diagnostics;
  2. top-level exported diagnostics.llm_traces;
  3. session tree exported session.messages[].info.diagnostics.llm_trace.

Acceptance blocker: capture raw error fingerprint before adapter flattening

The current stream adapter may convert non-Error thrown values into new Error(String(e)). That can erase useful structured evidence such as code, cause, constructor name, or provider metadata.

Implementation must record the raw-but-sanitized fingerprint before or at the same layer as adapter conversion:

• failOnTimeout wrapper / async iterator next() catch;
• provider explicit error-event handling;
• any path that sees the original thrown value before Effect/AI SDK conversion flattens it.

Verification must include at least these samples:

• non-Error object with code-like fields;
• Error with cause and code;
• provider error event.

The exported/persisted safe snapshot should preserve sanitized constructor/name/message/code/cause fields where available.

Boundary classification rules

Classification is best-effort and must not overclaim:

• watchdog: PawWork-created timeout error fired.
• local_abort: abort signal was already aborted and abort provenance exists.
• sdk_transport: the failure surfaced while the client/SDK/transport reader was consuming the stream, but this does not prove the SDK caused the failure. Examples may include undici TypeError("terminated"), which may still be an upstream/gateway/network closure surfaced locally. Do not hard-code this as the only case.
• provider_stream: provider emitted an explicit stream error event or safe provider metadata indicates upstream failure.
• unknown: insufficient evidence or ambiguous overlap between local abort, SDK transport, and provider stream signals. If provider explicit stream error and iterator thrown error both appear, classify conservatively as provider_stream only when provider evidence is strong; otherwise use unknown with low confidence.

For ambiguous cases, prefer unknown with evidence over a confident-looking but unsupported classification. This diagnostic PR must not close #754 / #755 / #721 by itself.

Overlap classification precedence — acceptance blocker

Abort signal state is not sufficient evidence of local user/app abort because the watchdog path also calls ctrl.abort(). Classification must apply overlap precedence before assigning boundary/confidence.

Initial truth table:

Evidence overlap	Boundary	Confidence	Notes
watchdog_fired + watchdog_error	watchdog	high	Watchdog wins even if the watchdog later aborted the request signal.
abort_signal_aborted + abort_provenance_present, no watchdog error	local_abort	high	User/app cancellation provenance is required for high confidence.
abort_signal_aborted + abort_provenance_missing + iterator_error	unknown	low or medium	Do not infer local abort from signal state alone.
provider_error_event + iterator_error, strong provider evidence	provider_stream	high or medium	Provider evidence must be explicit and safe.
provider_error_event + iterator_error, weak/ambiguous provider evidence	unknown	low	Avoid overclaiming when the iterator error may be transport/local.
provider_progress_seen + generic terminated, no request id/provider event	sdk_transport or unknown	low or medium	Surfaced in transport reader, but root cause remains unproven.

Tests must include watchdog+abort, local abort+iterator error, provider event+iterator error, and generic terminated samples. Unsupported high-confidence conclusions are failures.

Confidence derivation rules

confidence should be derived from evidence, not set ad hoc. Implement this as a small tested helper, e.g. classifyBoundary(evidence, context), rather than scattering confidence choices across recorder call sites.

Initial rules:

• watchdog can be high only when the PawWork watchdog fired and the emitted error is the watchdog error.
• local_abort can be high only when the abort signal is aborted and abort provenance is present.
• local_abort with an aborted signal but missing provenance should be at most medium, often low if timing is ambiguous.
• provider_stream can be high only when there is an explicit provider error event or stable safe provider failure metadata.
• sdk_transport without provider correlation or provider error metadata should be at most medium, and often low for generic messages such as terminated.
• ambiguous provider error + iterator error, or overlapping abort + iterator error, should default to unknown / low unless stronger evidence exists.

Tests must include ambiguous samples that do not produce high-confidence conclusions.

Provider correlation rules

Do not copy or traverse provider metadata wholesale. Provider correlation must read only explicit reviewed keys and emit only the reviewed safe output shape:

• request_id
• response_id
• status_code
• exact-allowlisted safe_headers
• unavailable_reason

If the AI SDK or provider metadata cannot supply stable request/response ids through reviewed safe keys, record provider.unavailable_reason instead of fake empty ids. Tests must include provider metadata containing raw body, arbitrary URL, local path, and token-like values and prove none of them enter stream diagnostics.

Sanitizer placement — acceptance blocker

The stream diagnostics may appear twice in one export:

1. Top-level diagnostics.llm_traces, collected for easier debugging.
2. The session tree assistant message copy at session.messages[].info.diagnostics.llm_trace.

Implement one shared sanitizeLLMTrace / sanitizeStreamDiagnostics path and call it in both places. Do not sanitize only the top-level diagnostics object. Prefer recording only safe fingerprints in the recorder, then apply export sanitization as defense-in-depth.

Verification must construct a trace containing secret headers, prompt text, tool args, raw response body, URL, full stack, and local path, then assert neither export location contains those values.

Sanitization rules — acceptance blocker

The stream diagnostics object must be wired into export-level sanitizer/whitelist handling. v1 trace safety does not imply stream-diagnostics safety because the new object introduces error messages, causes, headers, and stack hints.

Keep:

• low-cardinality names and codes;
• compact error messages only after redaction;
• safe provider correlation ids;
• known-safe response headers such as request id headers.

Drop or redact:

• auth headers, cookies, API keys, tokens;
• prompt text and tool arguments;
• full response body;
• arbitrary URLs;
• full stack traces with local paths;
• local filesystem paths embedded in stack/error strings.

Header handling must use an exact normalized allowlist, not wildcard or fuzzy matching. Start with a small table of known-safe correlation headers, for example:

• x-request-id
• request-id
• x-correlation-id
• x-trace-id
• traceparent only if value passes the sanitizer and size cap
• provider-specific request/response id headers only after explicit review

Never preserve authorization, cookie, set-cookie, x-api-key, token-bearing query strings, or arbitrary provider headers. Header values must pass maximum length, character-set, URL, and token redaction checks before export.

Size caps

The implementation must enforce small explicit caps before storing or exporting stream diagnostics:

• error.message and cause_message: cap at 512 or 1024 characters after redaction.
• stack_hint: keep only a short module/function hint, not a full stack.
• error.evidence: bounded enum array, max 8 entries.
• provider.safe_headers: exact allowlist, bounded count, bounded value length.

Tests should include body-like long messages, full stacks, local paths, URLs, and token-like values to prove persisted diagnostics and export remain controlled.

Retry / attempt semantics

SessionProcessor already has retry behavior. A future retryable stream failure could otherwise mix multiple attempts into one assistant-message trace.

The first implementation must choose and document one of these two contracts:

1. Terminal attempt only: stream diagnostics record only the final attempt and mark this explicitly, e.g. attempt.note = "terminal_attempt_only". This may use attempt_index plus terminal_attempt; omit attempt_id unless there is a real stable source.
2. Per-attempt records: stream diagnostics contain a bounded array of attempts with attempt indexes.

Terminal-attempt-only is acceptable for the first PR if clearly documented and tested. Do not silently mix fields from multiple attempts into one timeline, and do not fabricate attempt ID semantics. The contract must cover both the nested llm_trace.stream object and the legacy top-level v1 counters (stream_events, tokens, flags). Either all v1 counters also represent the terminal attempt, or legacy_v1_counters = "aggregate" must make the aggregate semantics explicit so old readers do not assume they describe the nested terminal attempt.

Required retry test shape:

• first attempt has provider progress;
• terminal attempt fails or succeeds;
• assertions prove v1 counters and nested stream attempt notes/flags follow the chosen contract.

Silent-stream non-error truth table

Post-progress silent-stream timeout is currently a body-cancel / success-drain path, not a user-visible assistant failure. V6 keeps that behavior. The expected diagnostic truth table is:

• watchdog.fired = true
• watchdog.fired_phase = "silent_stream"
• watchdog.provider_progressed = true
• timeline.completed_at may be present
• timeline.failed_at and error may be absent
• assistant message should not become user-visible failure solely because this timeout fired

The schema/type docs or a checked fixture must explicitly preserve that watchdog.fired = true can be valid while error is absent. Future maintainers must not infer that every watchdog fire is a user-visible failure.

If aborting the provider body later causes an iterator error, classify conservatively as unknown / low confidence unless stronger provider or local-abort evidence exists.

Timeline semantics

Absolute timestamps are useful for session export correlation. Relative durations are useful for comparing phase gaps across logs. Durations must be derived from a monotonic clock, not wall-clock deltas, so system time jumps cannot produce negative or misleading phase durations.

Implementation should capture both a wall-clock anchor for exported *_at fields and a monotonic anchor for durations_ms. Tests should assert monotonic ordering / non-negative durations, not exact millisecond values.

If the integration test surface cannot reliably mock wall-clock rollback, factor timeline/duration derivation into a small helper with injectable clocks and cover rollback at helper/unit-test level.

Tests

Recommended targeted tests:

1. Connect-timeout path records:
   • watchdog.fired = true;
   • fired_phase = "connect";
   • no provider progress;
   • boundary watchdog;
   • high confidence only when the PawWork watchdog error is the surfaced error.
2. Mid-stream external iterator error records:
   • first/last provider progress timestamps;
   • watchdog.fired = false;
   • constructor/name/message/code/cause fields when present;
   • last_provider_progress_at is preserved;
   • boundary is best-effort and not watchdog.
3. Raw error fingerprint capture before adapter flattening:
   • non-Error object;
   • Error with cause and code;
   • provider error event;
   • persisted/exported snapshot retains sanitized fields instead of only new Error(String(e)) output.
4. Local abort path records:
   • signal_aborted_at_error = true;
   • available provenance, or provenance_missing = true;
   • confidence follows the signal/provenance rules.
5. Overlap truth-table cases cover watchdog+abort, local abort+iterator error, provider event+iterator error, and generic terminated samples without unsupported high-confidence classification.
6. Post-progress silent-stream timeout path follows the V6 non-error truth table: provider_progressed = true, fired_phase = "silent_stream", behavior remains success-drain (Exit.isFailure(exit) === false), and no user-visible watchdog failure is introduced. If aborting the provider body later produces an iterator error, classify conservatively as unknown / low confidence rather than turning it into a user-visible watchdog failure.
7. Ambiguous error sample records boundary = "unknown" or low confidence rather than overclassifying.
8. Safe snapshot before persistence proves sensitive values are absent from persisted assistant diagnostics before export:
   • auth headers;
   • cookies;
   • API keys / tokens;
   • prompt text;
   • tool args;
   • response body;
   • arbitrary URL;
   • full stack / local path.
9. Export sanitization proves the same sensitive values are absent or redacted from both top-level diagnostics and session tree assistant diagnostics.
10. Exact allowlisted safe request-id / trace-id provider correlation survives sanitization, while dangerous header names, token-like values, URL values, and overlong values are removed or redacted.
11. Provider metadata samples with raw body, arbitrary URL, local path, and token-like values do not enter stream diagnostics.
12. Backward compatibility proves old llm_trace summary fields still exist, top-level llm_trace.schema_version remains readable, and missing llm_trace.stream remains valid.
13. Retry/attempt behavior is explicit and covers both legacy v1 counters and nested stream diagnostics: either terminal-attempt-only is marked consistently, or per-attempt records are separated / v1 counters are marked aggregate with legacy_v1_counters = "aggregate".
14. Provider correlation fallback records provider.unavailable_reason when AI SDK metadata cannot provide stable request/response ids; do not emit fake empty correlation ids.
15. Duration tests prove wall-clock rollback does not produce negative durations_ms; helper-level injectable-clock tests are acceptable if full integration tests cannot mock clocks.

Non-goals

• Do not change retry behavior.
• Do not raise or lower timeouts.
• Do not translate raw error strings in the UI.
• Do not record every stream chunk.
• Do not add provider-specific fixups in this PR.
• Do not turn the current post-progress silent-stream timeout behavior into a user-visible failure unless a separate behavior PR explicitly changes that contract.
• Do not close [Bug] Raw terminated from upstream stream close leaks to assistant message without translation #754 / [Bug] 30s LLM connect timeout aborts OpenAI reasoning streams (post-#729 residual) #755 / [Bug] First-turn tool execution aborted without recorded source — model stops, user must resend #721 from this PR unless a later reproduction proves the behavior itself is fixed elsewhere.

Open implementation questions

• Can the current AI SDK surface request / response ids in fullStream events, or do we need a narrower provider.unavailable_reason placeholder for now?
• Where should abort provenance be read from so local abort classification does not race with prompt onInterrupt writes and processor cleanup/finalize merging?
• When provider explicit error event and iterator thrown error both appear, what exact evidence threshold classifies as provider_stream rather than unknown?

Recommended PR boundary

One focused diagnostic PR is acceptable if it stays under this boundary:

• schema + recorder changes;
• LLM stream collector changes;
• raw error fingerprint capture before adapter flattening;
• processor/export persistence;
• safe-at-capture snapshot + export sanitizer/whitelist coverage;
• reviewed-key-only provider correlation;
• tests for timing, monotonic durations, failure snapshot, persisted assistant diagnostic safety, abort provenance, overlap classification, ambiguity, post-progress silent timeout behavior preservation, provider fallback, retry/attempt semantics for both v1 and nested fields, backward compatibility, confidence derivation, and dual-path sanitization.

If app-side abort caller source requires broad UI call-site changes, split it into a second PR after this stream diagnostics PR.

Required implementation verification

Before claiming the implementation PR is ready:

• targeted tests pass;
• typecheck passes;
• git diff --check passes;
• CI is green or any CI exception is explicitly named with evidence.

[Astro-Han]

Closed as completed by PR #771. The LLM stream diagnostics V6 work landed in dev with nested stream diagnostics, safe-at-capture/export sanitization, watchdog/abort/provider evidence, and targeted verification. Remaining behavior fixes for #721/#754/#755 stay tracked separately.