The new appendChunk / finalizeStream functions and the maxOutputBytes cap are entirely untested — src/utils/__tests__/command.test.ts has no test that exercises large output, truncation, the [output truncated after N bytes] message, or the XCODEBUILDMCP_MAX_OUTPUT_BYTES env-var path. Consider adding unit tests that verify: (1) output below the cap is returned verbatim, (2) output at or above the cap is truncated with the expected message, and (3) the env-var override is respected.

Also found at:

• src/utils/command.ts:76

The core fix introduced by this PR (buffer accumulation, truncation cap, appendChunk, finalizeStream, XCODEBUILDMCP_MAX_OUTPUT_BYTES) has no corresponding tests in src/utils/__tests__/command.test.ts, leaving the crash-prevention logic unverified.

In the catch block, Buffer.concat(chunks, totalBytes) is called a second time with identical arguments; if the caught error originated from Buffer.concat rather than .toString('utf8') (e.g. a Node.js internal error or corrupted chunk), the catch block throws the same error, escaping settle() into the childProcess.once('close', …) event handler as an uncaught exception — the exact crash mode this PR aims to prevent.

Replace 1 * 1024 * 1024 with 1024 * 1024 — multiplying by 1 is a no-op that adds visual noise and is inconsistent with the 64 * 1024 * 1024 pattern used for the same unit on line 77.

The two attachStream callbacks (lines 287–330) are structurally identical — extract a shared helper (e.g. makeChunkHandler) to eliminate the duplication.