Fix missing PII redaction in task checkpoints and doctor condense

Author: peyton-alt

cmd/entire/cli/strategy/auto_commit.go

@@ -503,6 +503,7 @@ func (s *AutoCommitStrategy) GetSessionInfo() (*SessionInfo, error) {
 // 1. Commit code changes to active branch (no trailers - clean history)
 // 2. Commit task metadata to entire/checkpoints/v1 branch with checkpoint format
 func (s *AutoCommitStrategy) SaveTaskCheckpoint(ctx TaskCheckpointContext) error {
+	EnsureRedactionConfigured()
 	repo, err := OpenRepository()
 	if err != nil {
 		return fmt.Errorf("failed to open git repository: %w", err)

cmd/entire/cli/strategy/manual_commit_condensation.go

@@ -648,6 +648,7 @@ func generateContextFromPrompts(prompts []string) []byte {
 // CondenseSessionByID force-condenses a session by its ID and cleans up.
 // This is used by "entire doctor" to salvage stuck sessions.
 func (s *ManualCommitStrategy) CondenseSessionByID(sessionID string) error {
+	EnsureRedactionConfigured()
 	ctx := logging.WithComponent(context.Background(), "condense-by-id")
 
 	// Load session state

cmd/entire/cli/strategy/manual_commit_git.go

@@ -167,6 +167,7 @@ func (s *ManualCommitStrategy) SaveChanges(ctx SaveContext) error {
 // SaveTaskCheckpoint saves a task checkpoint to the shadow branch.
 // Uses checkpoint.GitStore.WriteTemporaryTask for git operations.
 func (s *ManualCommitStrategy) SaveTaskCheckpoint(ctx TaskCheckpointContext) error {
+	EnsureRedactionConfigured()
 	repo, err := OpenRepository()
 	if err != nil {
 		return fmt.Errorf("failed to open git repository: %w", err)

redact/pii.go

@@ -76,8 +76,8 @@ type builtinPIIPattern struct {
 // builtinPIIPatterns returns the default PII detection patterns.
 func builtinPIIPatterns() []builtinPIIPattern {
 	return []builtinPIIPattern{
-		// Email: standard format
-		{PIIEmail, "EMAIL", `[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}`},
+		// Email: standard format with word boundaries to reduce false positives
+		{PIIEmail, "EMAIL", `\b[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}\b`},
 		// Phone: US formats (xxx-xxx-xxxx, (xxx) xxx-xxxx, +1xxxxxxxxxx, etc.)
 		{PIIPhone, "PHONE", `(?:\+?1[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}`},
 		// Address: US street address patterns (123 Main St, 456 Elm Avenue, etc.)

redact/redact.go

@@ -45,6 +45,7 @@ type region struct{ start, end int }
 // Empty label = secret (produces "REDACTED"). Non-empty = PII (produces "[REDACTED_<LABEL>]").
 type taggedRegion struct {
 	region
+
 	label string
 }