@aikdna/kdna-cli 0.17.0 → 0.19.0

package/src/agent.js

@@ -16,7 +16,7 @@
  *         not treat as a fit decision; many false positives expected)
  *     The agent makes the final call using its own language understanding.
  *
- *   kdna load <name> [--as=prompt|json|raw]
+ *   kdna load <name|file.kdna> [--as=prompt|json|raw]
  *     Read the domain's Core + Patterns and emit:
  *       --as=prompt (default): compact text suitable for system-prompt
  *                              injection (axioms one-liners + stances +
@@ -30,44 +30,44 @@
  */
 
 const fs = require('fs');
-const path = require('path');
 const { parseName } = require('./registry');
 const { recordTrace } = require('./cmds/trace');
+const {
+  getInstalled,
+  listInstalled: listInstalledAssets,
+  readContainer,
+  readContainerEntry,
+  readContainerJson,
+  resolveAsset,
+} = require('./package-store');
+const { licenseDecryptOptionsForManifest } = require('./cmds/license');
 
 function detectAgent() {
   return process.env.KDNA_AGENT || 'cli';
 }
 
-const USER_KDNA_DIR = path.join(process.env.HOME || process.env.USERPROFILE || '.', '.kdna');
-const INSTALL_DIR = path.join(USER_KDNA_DIR, 'domains');
+function listInstalled() {
+  return listInstalledAssets().map((entry) => {
+    const parsed = parseName(entry.full);
+    return { ...entry, scope: parsed.scope, ident: parsed.ident };
+  });
+}
 
-function readJson(p) {
-  try {
-    return JSON.parse(fs.readFileSync(p, 'utf8'));
-  } catch {
-    return null;
-  }
+function assetLabel(asset, fallback) {
+  return asset.name || asset.parsed?.full || fallback;
 }
 
-function listInstalled() {
-  if (!fs.existsSync(INSTALL_DIR)) return [];
-  const out = [];
-  for (const scopeName of fs.readdirSync(INSTALL_DIR)) {
-    if (!scopeName.startsWith('@')) continue;
-    const scopeDir = path.join(INSTALL_DIR, scopeName);
-    try {
-      if (!fs.statSync(scopeDir).isDirectory()) continue;
-      for (const ident of fs.readdirSync(scopeDir)) {
-        if (ident.startsWith('.')) continue;
-        const dir = path.join(scopeDir, ident);
-        if (!fs.statSync(dir).isDirectory()) continue;
-        out.push({ scope: scopeName, ident, dir, full: `${scopeName}/${ident}` });
-      }
-    } catch {
-      /* skip */
-    }
-  }
-  return out;
+function traceAssetFields(asset, manifest = {}, license = null) {
+  const fields = {
+    asset_path: asset.asset_path,
+    asset_digest: asset.asset_digest || null,
+    content_digest: asset.content_digest || null,
+    version: manifest.version || asset.version || null,
+    judgment_version: manifest.judgment_version || asset.judgment_version || null,
+    access: manifest.access || asset.access || null,
+  };
+  if (license?.license_id) fields.license_id = license.license_id;
+  return fields;
 }
 
 // ─── kdna available ────────────────────────────────────────────────────
@@ -78,11 +78,9 @@ function cmdAvailable(args = []) {
 
   const out = [];
   for (const e of installed) {
-    const manifest = readJson(path.join(e.dir, 'kdna.json')) || {};
+    const { manifest = {}, core = {} } = readContainer(e.asset_path);
     if (manifest.yanked === true) continue;
 
-    const core = readJson(path.join(e.dir, 'KDNA_Core.json')) || {};
-
     // Pull applies_when across all axioms (this is what the agent needs
     // for fit-check). Collapsing per-axiom into one set makes the agent's
     // matching decision much cheaper.
@@ -110,14 +108,7 @@ function cmdAvailable(args = []) {
   }
 
   if (wantJson) {
-    const result = out.length
-      ? out
-      : {
-          count: 0,
-          domains: [],
-          note: 'No domains installed. Run: kdna install <name>   See: kdna list --available',
-        };
-    process.stdout.write(JSON.stringify(result, null, 2) + '\n');
+    process.stdout.write(JSON.stringify(out, null, 2) + '\n');
     return;
   }
 
@@ -195,12 +186,11 @@ function cmdMatch(taskText, args = []) {
   const hints = [];
 
   for (const e of installed) {
-    const manifest = readJson(path.join(e.dir, 'kdna.json')) || {};
+    const { manifest = {}, core = {} } = readContainer(e.asset_path);
     if (manifest.yanked === true) {
       dropped.push({ name: manifest.name || e.full, reason: 'yanked' });
       continue;
     }
-    const core = readJson(path.join(e.dir, 'KDNA_Core.json')) || {};
 
     // does_not_apply_when disqualification (HARD signal)
     let disqualified = null;
@@ -318,7 +308,9 @@ function cmdMatch(taskText, args = []) {
       }
     }
     console.log('');
-    console.log('To consider any of these, read its full data: kdna load <name> --as=json');
+    console.log(
+      'To consider any of these, read its full data: kdna load <name|file.kdna> --as=json',
+    );
   }
 }
 
@@ -348,20 +340,38 @@ function cmdLoad(input, args = []) {
     profileInput = args[inputIdx + 1] || null;
   }
 
-  const parsed = parseName(input);
-  if (!parsed) {
-    console.error(`Invalid name "${input}". Use @scope/name or bare name.`);
+  const asset = resolveAsset(input);
+  if (!asset) {
+    console.error(`KDNA asset not found: ${input}. Use an installed name or a .kdna file.`);
     process.exit(2);
   }
-  const dir = path.join(INSTALL_DIR, parsed.scope, parsed.ident);
-  if (!fs.existsSync(dir)) {
-    console.error(`${parsed.full} is not installed. Run: kdna install ${input}`);
-    process.exit(2);
+
+  const manifest = readContainerJson(asset.asset_path, 'kdna.json') || {};
+  const encryptedEntries = manifest.encryption?.encrypted_entries || [];
+  let decryptOptions = {};
+  let licenseActivation = null;
+  if (manifest.access === 'licensed' || encryptedEntries.length > 0) {
+    const activation = licenseDecryptOptionsForManifest(manifest);
+    if (!activation.ok) {
+      console.error(`KDNA license required for ${manifest.name || input}: ${activation.error}`);
+      console.error(`Install a license with: kdna license install <license.json>`);
+      process.exit(3);
+    }
+    decryptOptions = { decryptEntry: activation.decryptEntry };
+    licenseActivation = activation.license;
   }
 
-  const manifest = readJson(path.join(dir, 'kdna.json')) || {};
+  let container;
+  try {
+    container = readContainer(asset.asset_path, decryptOptions);
+  } catch (e) {
+    console.error(`Failed to load KDNA asset: ${e.message}`);
+    process.exit(3);
+  }
+  const parsed = asset.parsed || parseName(manifest.name || '');
+  const label = assetLabel(asset, input);
   if (manifest.yanked === true) {
-    console.error(`${parsed.full}@${manifest.version} has been yanked.`);
+    console.error(`${label}@${manifest.version} has been yanked.`);
     if (manifest.replaced_by) console.error(`Try: ${manifest.replaced_by}`);
     process.exit(2);
   }
@@ -371,43 +381,61 @@ function cmdLoad(input, args = []) {
   const signature = manifest.signature;
   const isPlaceholder = !signature || signature === '' || signature.includes('placeholder');
   if (isPlaceholder) {
-    loadWarnings.push('⚠  Domain is unsigned — no cryptographic proof of authorship. Trust depends on source.');
+    loadWarnings.push(
+      '⚠  Domain is unsigned — no cryptographic proof of authorship. Trust depends on source.',
+    );
   }
   if (manifest.status === 'deprecated') {
-    loadWarnings.push(`⚠  Domain is deprecated${manifest.replaced_by ? ', replaced by ' + manifest.replaced_by : ''}.`);
+    loadWarnings.push(
+      `⚠  Domain is deprecated${manifest.replaced_by ? ', replaced by ' + manifest.replaced_by : ''}.`,
+    );
   }
   const riskLevel = manifest.risk_level || 'R1';
   if (riskLevel === 'R3' || riskLevel === 'R4') {
-    loadWarnings.push(`⚠  High risk domain (${riskLevel}) — may influence agent behavior in safety-critical ways.`);
+    loadWarnings.push(
+      `⚠  High risk domain (${riskLevel}) — may influence agent behavior in safety-critical ways.`,
+    );
     if (manifest.quality_badge === 'untested' || !manifest.quality_badge) {
-      loadWarnings.push('⚠  High risk + untested — load only if you trust the source and understand the risks.');
+      loadWarnings.push(
+        '⚠  High risk + untested — load only if you trust the source and understand the risks.',
+      );
     }
   }
   if (loadWarnings.length > 0) {
     console.error(loadWarnings.join('\n'));
   }
-  const core = readJson(path.join(dir, 'KDNA_Core.json')) || {};
-  const pat = readJson(path.join(dir, 'KDNA_Patterns.json')) || {};
+  const core = container.core || {};
+  const pat = container.patterns || {};
 
   // JSON format
   if (format === 'json') {
-    process.stdout.write(JSON.stringify({
-      manifest,
-      core,
-      patterns: pat,
-      trust: {
-        signature: isPlaceholder ? 'unsigned' : 'present',
-        risk_level: riskLevel,
-        deprecated: manifest.status === 'deprecated',
-        yanked: false,
-        warnings: loadWarnings,
-      },
-    }, null, 2) + '\n');
+    process.stdout.write(
+      JSON.stringify(
+        {
+          manifest,
+          core,
+          patterns: pat,
+          trust: {
+            signature: isPlaceholder ? 'unsigned' : 'present',
+            risk_level: riskLevel,
+            deprecated: manifest.status === 'deprecated',
+            yanked: false,
+            warnings: loadWarnings,
+            asset_digest: asset.asset_digest || null,
+            content_digest: asset.content_digest || null,
+            license_id: licenseActivation?.license_id || null,
+          },
+        },
+        null,
+        2,
+      ) + '\n',
+    );
     recordTrace({
       timestamp: new Date().toISOString(),
       agent: detectAgent(),
-      domain: parsed.full,
+      domain: label,
       format: 'json',
+      asset: traceAssetFields(asset, manifest, licenseActivation),
     });
     return;
   }
@@ -415,40 +443,48 @@ function cmdLoad(input, args = []) {
   // Raw format
   if (format === 'raw') {
     for (const f of ['KDNA_Core.json', 'KDNA_Patterns.json']) {
-      const p = path.join(dir, f);
-      if (fs.existsSync(p)) {
+      const encrypted = encryptedEntries.includes(f);
+      const buf = encrypted
+        ? Buffer.from(
+            JSON.stringify(container[f === 'KDNA_Core.json' ? 'core' : 'patterns'], null, 2),
+          )
+        : readContainerEntry(asset.asset_path, f);
+      if (buf) {
         process.stdout.write(`\n=== ${f} ===\n`);
-        process.stdout.write(fs.readFileSync(p, 'utf8'));
+        process.stdout.write(buf.toString('utf8'));
       }
     }
     recordTrace({
       timestamp: new Date().toISOString(),
       agent: detectAgent(),
-      domain: parsed.full,
+      domain: label,
       format: 'raw',
+      asset: traceAssetFields(asset, manifest, licenseActivation),
     });
     return;
   }
 
   // Load profiles
   if (profile) {
-    emitProfile(parsed, manifest, core, pat, profile, profileInput);
+    emitProfile(parsed || { full: label }, manifest, core, pat, profile, profileInput);
     recordTrace({
       timestamp: new Date().toISOString(),
       agent: detectAgent(),
-      domain: parsed.full,
+      domain: label,
       format: `profile:${profile}`,
+      asset: traceAssetFields(asset, manifest, licenseActivation),
     });
     return;
   }
 
   // Default: --as=prompt — compact text optimized for system-prompt injection.
-  emitCompact(parsed, manifest, core, pat);
+  emitCompact(parsed || { full: label }, manifest, core, pat);
   recordTrace({
     timestamp: new Date().toISOString(),
     agent: detectAgent(),
-    domain: parsed.full,
+    domain: label,
     format: 'prompt',
+    asset: traceAssetFields(asset, manifest, licenseActivation),
   });
 }
 
@@ -461,6 +497,7 @@ function emitProfile(parsed, manifest, core, pat, profile, input) {
   lines.push('');
 
   const axioms = core.axioms || [];
+  emitRequiredOutput(lines, manifest, core, pat);
 
   switch (profile) {
     case 'index':
@@ -546,11 +583,11 @@ function emitProfile(parsed, manifest, core, pat, profile, input) {
     }
 
     if (pat.terminology?.banned_terms?.length) {
-      lines.push('## Banned terms');
+      lines.push('## MUST NOT SAY');
       for (const t of pat.terminology.banned_terms) {
         const term = typeof t === 'string' ? t : t.term;
         const replace = typeof t === 'object' ? t.replace_with : null;
-        lines.push(`- "${term}"${replace ? ` → use: ${replace}` : ''}`);
+        lines.push(`- "${term}"${replace ? ` -> use: ${replace}` : ''}`);
       }
       lines.push('');
     }
@@ -589,8 +626,11 @@ function emitCompact(parsed, manifest, core, pat) {
   if (manifest.core_insight) lines.push(`# core insight: ${manifest.core_insight}`);
   lines.push('');
 
+  emitRequiredOutput(lines, manifest, core, pat);
+
   if (core.axioms?.length) {
-    lines.push('## Axioms (reason from these)');
+    lines.push('## JUDGMENT GUIDANCE');
+    lines.push('### Axioms (reason from these)');
     for (const a of core.axioms) {
       lines.push(`- ${a.one_sentence}`);
       if (a.applies_when?.length) {
@@ -605,7 +645,7 @@ function emitCompact(parsed, manifest, core, pat) {
   }
 
   if (core.stances?.length) {
-    lines.push('## Stances');
+    lines.push('### Stances');
     for (const s of core.stances) {
       const text = typeof s === 'string' ? s : s.stance;
       if (text) lines.push(`- ${text}`);
@@ -614,17 +654,18 @@ function emitCompact(parsed, manifest, core, pat) {
   }
 
   if (pat.terminology?.banned_terms?.length) {
-    lines.push('## Banned terms (do not use even if user uses them)');
+    lines.push('## MUST NOT SAY');
     for (const t of pat.terminology.banned_terms) {
       const term = typeof t === 'string' ? t : t.term;
       const replace = typeof t === 'object' ? t.replace_with : null;
-      lines.push(`- "${term}"${replace ? ` → use: ${replace}` : ''}`);
+      lines.push(`- "${term}"${replace ? ` -> use: ${replace}` : ''}`);
     }
     lines.push('');
   }
 
   if (pat.misunderstandings?.length) {
-    lines.push('## Misunderstandings to detect and avoid');
+    if (!core.axioms?.length) lines.push('## JUDGMENT GUIDANCE');
+    lines.push('### Misunderstandings to detect and avoid');
     for (const m of pat.misunderstandings) {
       lines.push(`- WRONG: ${m.wrong}`);
       lines.push(`  CORRECT: ${m.correct}`);
@@ -634,7 +675,8 @@ function emitCompact(parsed, manifest, core, pat) {
   }
 
   if (pat.self_check?.length) {
-    lines.push('## Self-checks (answer before final output)');
+    lines.push('## SELF-CHECK');
+    lines.push('Answer before final output.');
     for (const q of pat.self_check) {
       const text = typeof q === 'string' ? q : q.question;
       if (text) lines.push(`- ${text}`);
@@ -649,6 +691,37 @@ function emitCompact(parsed, manifest, core, pat) {
   process.stdout.write(lines.join('\n') + '\n');
 }
 
+function emitRequiredOutput(lines, manifest, core, pat) {
+  const required = uniqueStrings([
+    ...asStringArray(manifest.required_output),
+    ...asStringArray(manifest.must_include),
+    ...asStringArray(core.required_output),
+    ...asStringArray(core.must_include),
+    ...asStringArray(pat.required_output),
+    ...asStringArray(pat.must_include),
+    ...asStringArray(pat.output_constraints?.required_output),
+    ...asStringArray(pat.output_constraints?.must_include),
+  ]);
+
+  if (!required.length) return;
+
+  lines.push('## REQUIRED OUTPUT');
+  lines.push('Include these statements when they are relevant to the user request.');
+  for (const item of required) lines.push(`- ${item}`);
+  lines.push('');
+}
+
+function asStringArray(value) {
+  if (!value) return [];
+  if (typeof value === 'string') return [value];
+  if (!Array.isArray(value)) return [];
+  return value.filter((item) => typeof item === 'string' && item.trim()).map((item) => item.trim());
+}
+
+function uniqueStrings(items) {
+  return Array.from(new Set(items.map((item) => item.trim()).filter(Boolean)));
+}
+
 // ─── kdna select ───────────────────────────────────────────────────────
 
 function cmdSelect(args = []) {
@@ -674,9 +747,8 @@ function cmdSelect(args = []) {
   const scores = [];
 
   for (const e of installed) {
-    const manifest = readJson(path.join(e.dir, 'kdna.json')) || {};
+    const { manifest = {}, core = {} } = readContainer(e.asset_path);
     if (manifest.yanked === true) continue;
-    const core = readJson(path.join(e.dir, 'KDNA_Core.json')) || {};
 
     // Check does_not_apply_when hard exclusion
     let excluded = false;
@@ -774,14 +846,15 @@ function cmdPostvalidate(args = []) {
     console.error(`Invalid name "${input}".`);
     process.exit(2);
   }
-  const dir = path.join(INSTALL_DIR, parsed.scope, parsed.ident);
-  if (!fs.existsSync(dir)) {
+  const installed = getInstalled(parsed.full);
+  if (!installed) {
     console.error(`${parsed.full} is not installed.`);
     process.exit(2);
   }
 
-  const core = readJson(path.join(dir, 'KDNA_Core.json')) || {};
-  const pat = readJson(path.join(dir, 'KDNA_Patterns.json')) || {};
+  const container = readContainer(installed.asset_path);
+  const core = container.core || {};
+  const pat = container.patterns || {};
 
   // Read agent output
   let agentOutput = '';
@@ -949,7 +1022,10 @@ function cmdRoute(taskText, args = []) {
 
   if (!taskText) {
     const err = { error: 'Usage: kdna route "<task description>" [--json] [--discover]' };
-    if (wantJson) { console.log(JSON.stringify(err)); process.exit(2); }
+    if (wantJson) {
+      console.log(JSON.stringify(err));
+      process.exit(2);
+    }
     console.error(err.error);
     process.exit(2);
   }
@@ -976,19 +1052,53 @@ function cmdRoute(taskText, args = []) {
 
   // ═══ Gate 1: Intent — does this task need domain judgment? ═══
   const judgmentKeywords = [
-    'review', 'diagnose', 'critique', 'evaluate', 'assess', 'judge',
-    'should i', 'is this good', 'is this correct', 'how would you rate',
-    '分析', '诊断', '评估', '判断', '审查', '该怎么', '好不好',
+    'review',
+    'diagnose',
+    'critique',
+    'evaluate',
+    'assess',
+    'judge',
+    'should i',
+    'is this good',
+    'is this correct',
+    'how would you rate',
+    '分析',
+    '诊断',
+    '评估',
+    '判断',
+    '审查',
+    '该怎么',
+    '好不好',
   ];
   const mechanicalKeywords = [
-    'format', 'translate', 'convert', 'list', 'find', 'lookup', 'search',
-    'run', 'execute', 'compile', 'build', 'fix syntax', 'fix the bug',
-    '格式化', '翻译', '转换', '列出', '查找', '搜索', '运行', '执行', '编译', '修复语法',
+    'format',
+    'translate',
+    'convert',
+    'list',
+    'find',
+    'lookup',
+    'search',
+    'run',
+    'execute',
+    'compile',
+    'build',
+    'fix syntax',
+    'fix the bug',
+    '格式化',
+    '翻译',
+    '转换',
+    '列出',
+    '查找',
+    '搜索',
+    '运行',
+    '执行',
+    '编译',
+    '修复语法',
   ];
 
   const taskLower = taskText.toLowerCase();
-  const hasJudgmentSignal = judgmentKeywords.some(k => taskLower.includes(k));
-  const hasMechanicalSignal = mechanicalKeywords.some(k => taskLower.includes(k));
+  const hasJudgmentSignal = judgmentKeywords.some((k) => taskLower.includes(k));
+  const hasMechanicalSignal = mechanicalKeywords.some((k) => taskLower.includes(k));
 
   result.needs_kdna = hasJudgmentSignal && !hasMechanicalSignal;
 
@@ -998,7 +1108,10 @@ function cmdRoute(taskText, args = []) {
     result.reason = hasMechanicalSignal
       ? 'task is mechanical — no domain judgment required'
       : 'task does not appear to need domain judgment';
-    if (wantJson) { console.log(JSON.stringify(result, null, 2)); return; }
+    if (wantJson) {
+      console.log(JSON.stringify(result, null, 2));
+      return;
+    }
     console.log('SKIP (no judgment needed)');
     return;
   }
@@ -1007,7 +1120,10 @@ function cmdRoute(taskText, args = []) {
     result.status = 'SKIP_NO_LOCAL_DOMAIN';
     result.action = 'skip';
     result.reason = 'task may benefit from judgment, but no KDNA domains are installed';
-    if (wantJson) { console.log(JSON.stringify(result, null, 2)); return; }
+    if (wantJson) {
+      console.log(JSON.stringify(result, null, 2));
+      return;
+    }
     console.log('SKIP (no domains installed)');
     return;
   }
@@ -1017,7 +1133,7 @@ function cmdRoute(taskText, args = []) {
   const candidates = [];
 
   for (const e of installed) {
-    const manifest = readJson(path.join(e.dir, 'kdna.json')) || {};
+    const { manifest = {}, core = {} } = readContainer(e.asset_path);
     if (manifest.yanked === true) {
       result.rejected_domains.push({
         domain: manifest.name || e.full,
@@ -1027,8 +1143,6 @@ function cmdRoute(taskText, args = []) {
       continue;
     }
 
-    const core = readJson(path.join(e.dir, 'KDNA_Core.json')) || {};
-
     // Negative match: does_not_apply_when
     let disqualified = null;
     for (const a of core.axioms || []) {
@@ -1084,8 +1198,8 @@ function cmdRoute(taskText, args = []) {
   candidates.sort((a, b) => b.score - a.score);
 
   // ═══ Gate 4: Decision ═══
-  const strongCandidates = candidates.filter(c => c.score >= 6);
-  const weakCandidates = candidates.filter(c => c.score > 0 && c.score < 6);
+  const strongCandidates = candidates.filter((c) => c.score >= 6);
+  const weakCandidates = candidates.filter((c) => c.score > 0 && c.score < 6);
 
   if (strongCandidates.length === 0 && weakCandidates.length === 0) {
     // No matches at all
@@ -1095,7 +1209,7 @@ function cmdRoute(taskText, args = []) {
     if (result.rejected_domains.length > 0) {
       result.reason += ` (${result.rejected_domains.length} domains explicitly excluded by does_not_apply_when)`;
     }
-    result.candidates = candidates.map(c => ({
+    result.candidates = candidates.map((c) => ({
       domain: c.domain,
       decision: 'rejected',
       reason: 'insufficient match score',
@@ -1108,24 +1222,38 @@ function cmdRoute(taskText, args = []) {
     result.reason = `${strongCandidates.length} domains strongly match this task with different judgment frames`;
 
     result.ambiguity = {
-      domains: strongCandidates.slice(0, 3).map(c => ({
+      domains: strongCandidates.slice(0, 3).map((c) => ({
         domain: c.domain,
         description: c.description,
         judgment_frame: c.reasons.length > 0 ? c.reasons[0].text : c.description,
         risk_if_wrong: `may misclassify the task as a ${c.domain.split('/').pop()} problem`,
       })),
-      recommendation: 'Choose the domain whose judgment frame best matches the task intent. Do not blend domains.',
+      recommendation:
+        'Choose the domain whose judgment frame best matches the task intent. Do not blend domains.',
     };
 
-    result.candidates = strongCandidates.map(c => ({
-      domain: c.domain, decision: 'ambiguous', reason: `score ${c.score}`, confidence: c.confidence,
+    result.candidates = strongCandidates.map((c) => ({
+      domain: c.domain,
+      decision: 'ambiguous',
+      reason: `score ${c.score}`,
+      confidence: c.confidence,
     }));
   } else if (strongCandidates.length === 1) {
     // One strong match + possible weak matches
     const selected = strongCandidates[0];
     result.candidates = [
-      { domain: selected.domain, decision: 'strong_match', reason: `score ${selected.score}`, confidence: selected.confidence },
-      ...weakCandidates.map(c => ({ domain: c.domain, decision: 'weak_match', reason: `score ${c.score}`, confidence: c.confidence })),
+      {
+        domain: selected.domain,
+        decision: 'strong_match',
+        reason: `score ${selected.score}`,
+        confidence: selected.confidence,
+      },
+      ...weakCandidates.map((c) => ({
+        domain: c.domain,
+        decision: 'weak_match',
+        reason: `score ${c.score}`,
+        confidence: c.confidence,
+      })),
     ];
 
     // ═══ Trust Gate ═══
@@ -1147,11 +1275,15 @@ function cmdRoute(taskText, args = []) {
     // Only weak matches — skip
     result.status = 'SKIP_WEAK_FIT';
     result.action = 'skip';
-    result.reason = weakCandidates.length > 0
-      ? `${weakCandidates.length} domain(s) have weak match only — skipping to avoid contamination`
-      : 'no installed domain matches this task';
-    result.candidates = weakCandidates.map(c => ({
-      domain: c.domain, decision: 'weak_match', reason: `score ${c.score}`, confidence: c.confidence,
+    result.reason =
+      weakCandidates.length > 0
+        ? `${weakCandidates.length} domain(s) have weak match only — skipping to avoid contamination`
+        : 'no installed domain matches this task';
+    result.candidates = weakCandidates.map((c) => ({
+      domain: c.domain,
+      decision: 'weak_match',
+      reason: `score ${c.score}`,
+      confidence: c.confidence,
     }));
   }
 
@@ -1177,23 +1309,20 @@ function cmdRoute(taskText, args = []) {
   if (result.reason) console.log(`Reason: ${result.reason}`);
   if (result.selected_domain) console.log(`Domain: ${result.selected_domain}`);
   if (result.rejected_domains.length) {
-    console.log(`Rejected: ${result.rejected_domains.map(r => r.domain).join(', ')}`);
+    console.log(`Rejected: ${result.rejected_domains.map((r) => r.domain).join(', ')}`);
   }
 }
 
-function checkTrust(domainName, options = {}) {
+function checkTrust(domainName) {
   const failures = [];
   const warnings = [];
-  const installed = listInstalled();
-  const entry = installed.find(e => `${e.scope}/${e.ident}` === domainName || e.full === domainName);
+  const entry = getInstalled(domainName);
   if (!entry) {
-    failures.push('domain not found in installed directory');
+    failures.push('domain asset not found in package index');
     return { passed: false, failures, warnings };
   }
 
-  const manifest = readJson(path.join(entry.dir, 'kdna.json')) || {};
-  const core = readJson(path.join(entry.dir, 'KDNA_Core.json')) || {};
-  const evolution = readJson(path.join(entry.dir, 'KDNA_Evolution.json')) || {};
+  const { manifest = {}, core = {}, evolution = {} } = readContainer(entry.asset_path);
 
   // 1. Yank check
   if (manifest.yanked === true) {
@@ -1202,7 +1331,9 @@ function checkTrust(domainName, options = {}) {
 
   // 2. Deprecation check
   if (manifest.status === 'deprecated') {
-    warnings.push(`domain is deprecated${manifest.replaced_by ? ', replaced by ' + manifest.replaced_by : ''}`);
+    warnings.push(
+      `domain is deprecated${manifest.replaced_by ? ', replaced by ' + manifest.replaced_by : ''}`,
+    );
   }
 
   // 3. Signature check
@@ -1221,14 +1352,18 @@ function checkTrust(domainName, options = {}) {
   const riskMap = { R0: 0, R1: 1, R2: 2, R3: 3, R4: 4 };
   const riskNum = riskMap[riskLevel] || 1;
   if (riskNum >= 3) {
-    warnings.push(`domain risk level is ${riskLevel} — high-risk judgment may influence agent behavior`);
+    warnings.push(
+      `domain risk level is ${riskLevel} — high-risk judgment may influence agent behavior`,
+    );
   }
   if (riskNum >= 2 && (manifest.quality_badge === 'untested' || !manifest.quality_badge)) {
-    warnings.push(`risk level ${riskLevel} with quality_badge '${manifest.quality_badge || 'none'}' — consider requiring review`);
+    warnings.push(
+      `risk level ${riskLevel} with quality_badge '${manifest.quality_badge || 'none'}' — consider requiring review`,
+    );
   }
 
   // 5. SPEC compatibility check
-  const specVersion = manifest.spec_version || manifest.kdna_spec || 'unknown';
+  const specVersion = manifest.spec_version || 'unknown';
   const supportedSpecs = ['1.0-rc', '1.0', '0.7'];
   if (!supportedSpecs.includes(specVersion)) {
     warnings.push(`SPEC version '${specVersion}' may not be fully compatible with current loader`);
@@ -1236,41 +1371,29 @@ function checkTrust(domainName, options = {}) {
 
   // 6. License validity (commercial domains)
   if (manifest.access === 'licensed' || manifest.access === 'runtime') {
-    const licenseStorePath = path.join(process.env.HOME || '.', '.kdna', 'licenses.json');
-    let licenseOk = false;
-    try {
-      if (require('fs').existsSync(licenseStorePath)) {
-        const store = JSON.parse(require('fs').readFileSync(licenseStorePath, 'utf8'));
-        const keys = store.keys || {};
-        for (const [hash, entry] of Object.entries(keys)) {
-          if (entry.active && entry.domain_id === domainName) {
-            if (!entry.expires_at || new Date(entry.expires_at) > new Date()) {
-              licenseOk = true;
-              break;
-            }
-          }
-        }
-        if (!licenseOk) {
-          warnings.push('commercial domain has no active license — install with: kdna install ' + domainName + ' --license <key>');
-        }
-      } else {
-        warnings.push('no license store found — commercial domain may require a license');
-      }
-    } catch { /* license check unavailable */ }
+    const licenseCheck = licenseDecryptOptionsForManifest({ ...manifest, name: domainName });
+    if (!licenseCheck.ok) {
+      warnings.push(
+        'commercial domain has no active entitlement — run: kdna license activate ' +
+          domainName +
+          ' --key <license-key> --server <url>',
+      );
+    }
   }
 
   // 7. Human Lock check (judgment-class cards)
-  const judgmentCardTypes = ['axiom', 'boundary', 'risk'];
   const axioms = core.axioms || [];
   const hasJudgmentCards = axioms.length > 0;
   if (hasJudgmentCards) {
     const humanLocks = evolution.human_locks || [];
-    const lockedAxioms = axioms.filter(a => {
+    const lockedAxioms = axioms.filter((a) => {
       // Check if axiom has a human_lock field OR if an evolution lock covers it
-      return a.human_lock || humanLocks.some(hl => hl.lock_type === 'accept');
+      return a.human_lock || humanLocks.some((hl) => hl.lock_type === 'accept');
     }).length;
     if (lockedAxioms === 0 && humanLocks.length === 0) {
-      warnings.push('domain has no Human Lock records — judgment-class content may not be human-verified');
+      warnings.push(
+        'domain has no Human Lock records — judgment-class content may not be human-verified',
+      );
     }
   }
 
@@ -1284,4 +1407,12 @@ function checkTrust(domainName, options = {}) {
   };
 }
 
-module.exports = { cmdAvailable, cmdMatch, cmdLoad, cmdSelect, cmdPostvalidate, cmdRoute, checkTrust };
+module.exports = {
+  cmdAvailable,
+  cmdMatch,
+  cmdLoad,
+  cmdSelect,
+  cmdPostvalidate,
+  cmdRoute,
+  checkTrust,
+};