@a5c-ai/agent-catalog 0.1.0

package/README.md

@@ -0,0 +1,117 @@
+# @a5c-ai/agent-catalog
+
+`@a5c-ai/agent-catalog` is a public package for the shared agent ontology, discovery catalog, packaged evidence shards, and graph-backed helper APIs used across the Babysitter toolchain.
+
+The package is published through the central `release.yml` and `staging-publish.yml` workflows. `main` publishes production releases, and `staging` publishes prerelease builds with the `staging` dist-tag.
+
+## What ships
+
+The published workspace surface is defined by `package.json`:
+
+- package root export: compiled runtime helpers from `dist/index.js` and `dist/index.d.ts`
+- `./graph` and `./graph/*`: the source-of-truth ontology YAML under `graph/`
+- `./evidence` and `./evidence/*`: generated evidence shards under `evidence/ontology-evidence/`
+- `./docs` and `./docs/*`: shipped package docs under `docs/`
+- packaged files: `README.md`, `dist/`, `graph/`, `docs/`, and `evidence/`
+
+Anything outside that list is maintained in the repo only and is not part of the installed package contract.
+
+## Usage
+
+Import runtime helpers from the package root when you need graph-backed metadata, discovery snapshots, UI projections, or evidence lookups:
+
+```ts
+import {
+  getCatalogDiscoverySnapshot,
+  getOntologyEvidenceSnapshot,
+  getUiAgentOntologyList,
+  resolveCatalogGraphAssetPath,
+  resolveCatalogEvidenceAssetPath,
+} from "@a5c-ai/agent-catalog";
+
+const graphPath = resolveCatalogGraphAssetPath("agent-catalog.graph.yaml");
+const evidencePath = resolveCatalogEvidenceAssetPath("ontology-evidence", "manifest.json");
+
+const discovery = getCatalogDiscoverySnapshot();
+const evidence = getOntologyEvidenceSnapshot();
+const agents = getUiAgentOntologyList();
+```
+
+Use exported asset subpaths when you need the raw packaged files:
+
+```ts
+const graphEntrypoint = require.resolve("@a5c-ai/agent-catalog/graph/agent-catalog.graph.yaml");
+const evidenceManifest = require.resolve("@a5c-ai/agent-catalog/evidence/ontology-evidence/manifest.json");
+const docsEntrypoint = require.resolve("@a5c-ai/agent-catalog/docs/ontology-evidence.md");
+```
+
+Downstream consumers should not reconstruct repo paths from `process.cwd()` or assume a monorepo checkout. Use the exported helpers and subpaths instead.
+
+## Package surface
+
+The package surface is intentionally split by concern:
+
+- graph access: `getCatalogGraph()`, `getGraphDocument()`, `getOntologySchema()`, and the `./graph` asset export
+- evidence access: `getOntologyEvidenceManifest()`, `getOntologyEvidenceSnapshot()`, evidence and claim lookup helpers, and the `./evidence` asset export
+- discovery access: `getCatalogDiscoverySnapshot()`, `refreshCatalogDiscoverySnapshot()`, search helpers, and `listCatalog*` discovery collections
+- SDK-facing projections: fallback harness metadata, host detection rules, plugin targets, package/process topology, and UI-oriented agent views
+- asset resolution: `resolveCatalogAssetPath()`, `resolveCatalogGraphAssetPath()`, and `resolveCatalogEvidenceAssetPath()`
+
+For a deeper graph/evidence walkthrough, see [`docs/ontology-evidence.md`](./docs/ontology-evidence.md).
+
+## Source of truth and generated assets
+
+- `graph/` is the editable source of truth for the ontology, relations, package/process metadata, and evidence nodes.
+- `graph/agent-catalog.graph.yaml` is the root graph document entrypoint used by validators and packaged asset consumers.
+- `evidence/ontology-evidence/` is generated from the graph evidence nodes for installed-package consumption.
+- `dist/discovery-snapshot.json` is generated during build for runtime discovery helpers; it is part of the compiled runtime, not an editable source file.
+- `docs/ontology-evidence.md` is the shipped deep-dive for graph/evidence conventions.
+
+When graph structure or evidence claims change, update the YAML inputs first, then regenerate derived artifacts.
+
+## Docs taxonomy
+
+- `README.md`: package contract, usage, lifecycle policy, and taxonomy index
+- `docs/ontology-evidence.md`: shipped deep-dive for graph layout, evidence policy, and refresh workflow
+- `protocol.pseudocode.task.md`: internal planning scaffolding kept in the package root for repo context only; it is not in `files`, is not exported from `package.json`, and is not part of the shipped package surface
+
+## Lifecycle policy
+
+- The package must stay publishable: it ships with `publishConfig.access = public`, includes this README in `files`, and is owned by the central publish workflows.
+- `npm run ci:test --workspace=@a5c-ai/agent-catalog` is the release-equivalent contract for this workspace. It covers build output, graph validation, evidence freshness, package contract tests, and the publish lifecycle policy check.
+- `release.yml` and `staging-publish.yml` version, pack, and publish this package alongside the SDK, hooks-mux, agent-mux, and plugin compiler surfaces that consume it.
+
+## Downstream compatibility
+
+- Public and monorepo consumers may depend on the package's documented exports and packaged graph/evidence assets.
+- Breaking changes to exported APIs, graph documents, evidence layout, or generated discovery data require a semver-major release and must keep downstream consumer contract tests green in the same change.
+- Workspace consumers in this repo should still be updated in lockstep whenever a change would otherwise break their install, build, or runtime assumptions.
+
+## Expected validation
+
+Run this workspace command before landing changes that affect graph data, generated evidence, exports, packaged docs, or downstream consumers:
+
+```bash
+npm run ci:test --workspace=@a5c-ai/agent-catalog
+```
+
+For evidence-only refresh work, the package-local sequence is:
+
+```bash
+npm run generate:evidence --workspace=@a5c-ai/agent-catalog
+npm run validate:graph --workspace=@a5c-ai/agent-catalog
+npm run validate:evidence:freshness --workspace=@a5c-ai/agent-catalog
+```
+
+## CI contract matrix
+
+`npm run test:agent-catalog-contracts` is the enforced downstream compatibility matrix for `@a5c-ai/agent-catalog` in CI. It currently covers these consumer surfaces:
+
+- package export and packaged-asset contract: `packages/agent-catalog/src/catalog.test.ts`, `packages/agent-catalog/src/discovery.contract.test.ts`, `packages/agent-catalog/src/sdk.contract.test.ts`, `packages/agent-catalog/src/discovery.packaged.test.ts`
+- catalog API integration: `packages/catalog/src/app/api/agents/route.contract.test.ts`, `packages/catalog/src/app/api/agents/[slug]/route.contract.test.ts`, `packages/catalog/src/app/api/catalog-integration.contract.test.ts`
+- SDK fallback metadata integration: `packages/sdk/src/harness/amuxFallbackMetadata.contract.test.ts`
+- hooks-mux discovery integration: `packages/hooks-mux/core/src/discovery/__tests__/detector.contract.test.ts`
+- agent-mux integration: `packages/agent-mux/core/tests/host-detection.contract.test.ts`, `packages/agent-mux/core/tests/invocation.contract.test.ts`
+- agent-plugins-mux integration: `packages/agent-plugins-mux/src/__tests__/targets.contract.test.ts`
+
+If a new consumer family or route starts importing `@a5c-ai/agent-catalog`, update this matrix and add its contract test to `test:agent-catalog-contracts` in the same change.

package/docs/ontology-evidence.md

@@ -0,0 +1,82 @@
+# Agent Catalog Graph And Evidence
+
+`packages/agent-catalog/graph` is the source of truth for the shared agent ontology. This file is the shipped deep-dive for graph and evidence conventions. For the broader package contract and docs taxonomy, start with [`../README.md`](../README.md).
+
+## Docs taxonomy
+
+- `README.md` is the package contract and the index for usage, exported surfaces, lifecycle policy, and file taxonomy.
+- `docs/ontology-evidence.md` is the shipped reference for graph layout, evidence policy, packaged asset access, and refresh workflow.
+- `protocol.pseudocode.task.md` remains an internal planning artifact in the package root. It is maintained in-repo for authoring context only and is not part of the shipped package surface because it is outside `package.json` `files` and `exports`.
+
+## Layout
+
+- `agent-catalog.graph.yaml`
+  - root graph document entrypoint used by validators and wrappers; imports can point at YAML files or directories
+- `schema/ontology-schema.yaml`
+  - allowed node kinds, edge kinds, and required attributes
+- `nodes/agents`, `nodes/providers`
+  - product/version splits instead of single mixed node files
+- `nodes/capabilities`, `nodes/hooks-and-plugins`, `nodes/runtime-semantics`
+  - large conceptual areas split into stable subdocuments
+- `nodes/processes-and-packages`, `nodes/evidence`
+  - process/package/CI and evidence/claim surfaces split into smaller docs
+- `edges/relations`
+  - relation-family documents such as identity, runtime, capabilities, hooks/plugins, provenance, and evolution
+
+## Modeled concepts
+
+- product/version splits for agents, model providers, and models
+- transport protocols vs transport runtimes
+- capabilities vs capability-support records
+- hook surfaces vs hook mappings
+- plugin targets vs plugin artifacts
+- discovery signals, session semantics, lifecycle semantics, paths, process descriptors, package surfaces, CI surfaces, claims, and evidence sources
+
+## Graph and evidence conventions
+
+- graph YAML under `graph/` is the editable source of truth
+- `evidence/ontology-evidence/` is a derived directory export of evidence-source and claim nodes for easier installed-package consumption
+- `manifest.json` lists the shard files; runtime helpers assemble them through `getOntologyEvidenceSnapshot()`
+- the shard files are grouped into small batches by evidence domain so the derived export does not regress back into a single monolith
+- packaged docs are intentionally narrow: only `docs/` is shipped, while planning artifacts at the package root stay internal-only
+
+## Evidence policy
+
+- repo-backed claims come from SDK fallback metadata, hooks-mux discovery, agent-mux host detection, agent-plugins-mux targets, transport-mux protocol/provider docs, and existing catalog/process surfaces
+- web-backed claims are limited to first-party vendor docs already referenced by the graph evidence nodes
+- vendor-backed evidence is currently defined as `kindLabel: web` plus `trustLevel: official-web`
+- every vendor-backed `EvidenceSource` must declare:
+  - `reviewOwner`: internal owner responsible for refresh
+  - `reviewedAt`: the last explicit review timestamp
+  - `freshnessWindowDays`: maximum allowed age for that review before CI fails
+- the graph root policy caps `freshnessWindowDays` at 45 days and defines the machine-checkable selector and reachability rules used by CI
+- every `Claim` now carries explicit provenance semantics:
+  - `provenanceKind`: `repo-observation`, `vendor-documentation`, or `vendor-inference`
+  - `evidenceStrength`: `corroborated`, `partial`, or `inferred`
+  - `unresolvedGaps`: required markers for any vendor claim that is not fully corroborated
+- capability-support quality is derived from `supported_by_claim` edges rather than raw evidence IDs alone, so externally asserted capabilities can be separated into strongly corroborated support versus weaker vendor-doc inference
+- corroborated external capability assertions are expected to include at least one corroborated vendor claim backed by multiple first-party evidence sources; weaker assertions must keep explicit gap markers
+
+## Package asset access
+
+Downstream consumers should use the package's exported graph, evidence, and docs subpaths instead of rebuilding paths from `process.cwd()` or repository layout.
+
+- raw graph entrypoint: `require.resolve("@a5c-ai/agent-catalog/graph/agent-catalog.graph.yaml")`
+- raw evidence manifest: `require.resolve("@a5c-ai/agent-catalog/evidence/ontology-evidence/manifest.json")`
+- raw docs entrypoint: `require.resolve("@a5c-ai/agent-catalog/docs/ontology-evidence.md")`
+- runtime helpers exported by the package:
+  - `resolveCatalogGraphAssetPath("agent-catalog.graph.yaml")`
+  - `resolveCatalogEvidenceAssetPath("ontology-evidence", "manifest.json")`
+
+The package runtime uses the same resolver path for graph and evidence assets in both monorepo-source and installed-package usage.
+
+## Refresh workflow
+
+1. Update the relevant YAML source under `packages/agent-catalog/graph/nodes/evidence/`.
+2. Re-check the vendor page, then update `capturedAt`, `reviewedAt`, `locator`, and any affected claims or `unresolvedGaps`.
+3. Run `npm run generate:evidence --workspace=@a5c-ai/agent-catalog`.
+4. Run `npm run validate:graph --workspace=@a5c-ai/agent-catalog`.
+5. Run `npm run validate:evidence:freshness --workspace=@a5c-ai/agent-catalog`.
+6. Before landing a change, run `npm run ci:test --workspace=@a5c-ai/agent-catalog`.
+
+`validate:evidence:freshness` fails when vendor-backed evidence is stale, missing review metadata, no longer reachable, or no longer meets the corroboration/gap rules for vendor claims. For offline local work, set `AGENT_CATALOG_SKIP_VENDOR_WEB_CHECK=1` to skip the remote HTTP reachability pass; CI should not use that escape hatch.

package/evidence/ontology-evidence/claims/catalog-processes-and-packaging.json

@@ -0,0 +1,89 @@
+{
+  "kind": "EvidenceShard",
+  "entryKind": "claims",
+  "group": "catalog-processes-and-packaging",
+  "generatedAt": "2026-04-24T00:00:00.000Z",
+  "entries": [
+    {
+      "id": "claim:repo-agent-catalog-package",
+      "kind": "Claim",
+      "claimId": "repo-agent-catalog-package",
+      "statement": "agent-catalog is the shared workspace package for graph-backed ontology, wrappers, and CI/version validation.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-agent-catalog-package"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-agent-mux-model-catalog",
+      "kind": "Claim",
+      "claimId": "repo-agent-mux-model-catalog",
+      "statement": "Agent-mux already ships a model-catalog process, so the new ontology can assimilate process discovery beyond the old packages/catalog browser.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-agent-mux-model-catalog"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-babysitter-agent-cli",
+      "kind": "Claim",
+      "claimId": "repo-babysitter-agent-cli",
+      "statement": "babysitter-agent exposes create-run and resume flows plus harness invocation, daemon, observer, and MCP server commands.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-babysitter-agent-package",
+        "repo-babysitter-agent-cli"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-babysitter-agent-package",
+      "kind": "Claim",
+      "claimId": "repo-babysitter-agent-package",
+      "statement": "babysitter-agent is an optional a5c.ai runtime CLI package published separately from the SDK.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-babysitter-agent-package"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-process-catalog",
+      "kind": "Claim",
+      "claimId": "repo-process-catalog",
+      "statement": "The current catalog process is a Next.js application that browses processes, skills, domains, specializations, and agents through indexed API routes.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-process-catalog"
+      ],
+      "unresolvedGaps": []
+    }
+  ]
+}

package/evidence/ontology-evidence/claims/plugins-hooks-discovery.json

@@ -0,0 +1,136 @@
+{
+  "kind": "EvidenceShard",
+  "entryKind": "claims",
+  "group": "plugins-hooks-discovery",
+  "generatedAt": "2026-04-24T00:00:00.000Z",
+  "entries": [
+    {
+      "id": "claim:repo-codex-windows-hooks",
+      "kind": "Claim",
+      "claimId": "repo-codex-windows-hooks",
+      "statement": "The Codex plugin documents a version-specific lifecycle nuance: Windows hooks require Codex CLI 0.119.0 or newer.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-codex-windows-hooks"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-hooks-detector",
+      "kind": "Claim",
+      "claimId": "repo-hooks-detector",
+      "statement": "Hooks-mux uses ordered detection rules with confidence levels and env-signal conditions for harness auto-detection.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-hooks-detector"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-claude",
+      "kind": "Claim",
+      "claimId": "repo-target-claude",
+      "statement": "Claude Code exposes a plugin.json target with native markdown commands and named hooks including SessionStart, Stop, and tool hooks.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-claude"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-codex",
+      "kind": "Claim",
+      "claimId": "repo-target-codex",
+      "statement": "Codex is modeled as a package.json target with derived skills and shell-hook registration.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-codex"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-copilot",
+      "kind": "Claim",
+      "claimId": "repo-target-copilot",
+      "statement": "GitHub Copilot maps session lifecycle and user-prompt hook names and derives skills from command surfaces.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-copilot"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-cursor",
+      "kind": "Claim",
+      "claimId": "repo-target-cursor",
+      "statement": "Cursor is modeled with sessionStart and stop hooks, markdown commands, and derived skills.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-cursor"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-gemini",
+      "kind": "Claim",
+      "claimId": "repo-target-gemini",
+      "statement": "Gemini CLI exposes SessionStart and AfterAgent hooks and ships a multi-file manifest surface.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-gemini"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-target-index",
+      "kind": "Claim",
+      "claimId": "repo-target-index",
+      "statement": "Agent-plugins-mux centralizes supported plugin targets and canonical-to-native hook-name mappings.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-target-index"
+      ],
+      "unresolvedGaps": []
+    }
+  ]
+}

package/evidence/ontology-evidence/claims/runtime-core.json

@@ -0,0 +1,113 @@
+{
+  "kind": "EvidenceShard",
+  "entryKind": "claims",
+  "group": "runtime-core",
+  "generatedAt": "2026-04-24T00:00:00.000Z",
+  "entries": [
+    {
+      "id": "claim:repo-agent-mux-host",
+      "kind": "Claim",
+      "claimId": "repo-agent-mux-host",
+      "statement": "Agent-mux maintains host-harness env signal precedence plus metadata extraction for session and run identifiers.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-agent-mux-host"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-sdk-fallback",
+      "kind": "Claim",
+      "claimId": "repo-sdk-fallback",
+      "statement": "Static fallback metadata defines per-harness host env signals, orchestration capabilities, and the shared session directory.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-sdk-fallback"
+      ],
+      "unresolvedGaps": []
+    },
+    {
+      "id": "claim:repo-transport-mux-architecture",
+      "kind": "Claim",
+      "claimId": "repo-transport-mux-architecture",
+      "statement": "transport-mux architecture documents the protocol/provider seam and normalized route/auth contracts, but downstream runtime truth depends on the migration scorecard remaining green.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "scorecard-gated",
+      "evidenceIds": [
+        "repo-transport-mux-architecture",
+        "repo-transport-mux-scorecard"
+      ],
+      "unresolvedGaps": [
+        "Architecture docs alone are not sufficient runtime truth if scorecard:migration goes red."
+      ]
+    },
+    {
+      "id": "claim:repo-transport-mux-migration",
+      "kind": "Claim",
+      "claimId": "repo-transport-mux-migration",
+      "statement": "transport-mux migration records the amux-proxy cutover state and preserves the external contract, but downstream runtime truth stays provisional until the migration scorecard is green.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "scorecard-gated",
+      "evidenceIds": [
+        "repo-transport-mux-migration",
+        "repo-transport-mux-scorecard"
+      ],
+      "unresolvedGaps": [
+        "Migration docs describe cutover intent and state; use the scorecard to determine whether runtime truth is active."
+      ]
+    },
+    {
+      "id": "claim:repo-transport-mux-readme",
+      "kind": "Claim",
+      "claimId": "repo-transport-mux-readme",
+      "statement": "transport-mux README documents the harness-facing protocol split and exposed amux-proxy transport ids, but those runtime assertions stay provisional unless the migration scorecard is green.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "scorecard-gated",
+      "evidenceIds": [
+        "repo-transport-mux-readme",
+        "repo-transport-mux-scorecard"
+      ],
+      "unresolvedGaps": [
+        "Treat transport-mux README runtime claims as provisional whenever scorecard:migration is not green."
+      ]
+    },
+    {
+      "id": "claim:repo-transport-mux-scorecard",
+      "kind": "Claim",
+      "claimId": "repo-transport-mux-scorecard",
+      "statement": "transport-mux runtime and release truth is active only while the migration scorecard remains green; otherwise doc-derived downstream catalog assertions must be treated as provisional.",
+      "subjectKind": "catalog",
+      "subjectId": "graph:agent-catalog",
+      "confidence": "high",
+      "provenanceKind": "repo-observation",
+      "evidenceStrength": "corroborated",
+      "status": "current",
+      "evidenceIds": [
+        "repo-transport-mux-scorecard"
+      ],
+      "unresolvedGaps": []
+    }
+  ]
+}