@aikdna/kdna-cli 0.19.3 → 0.20.1

package/LICENSE

@@ -187,7 +187,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2026 KDNA Contributors
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

package/README.md

@@ -1,19 +1,27 @@
 # @aikdna/kdna-cli
 
-> **KDNA Ecosystem:** [`kdna`](https://github.com/aikdna/kdna) — the protocol. [KDNAChat](https://github.com/AhaSparkCoach/kdnachat) — the consumption client. [KDNaStudio](https://github.com/AhaSparkCoach/kdnastudio) — the authoring tool. [KDNAWork](https://github.com/AhaSparkCoach/kdnawork) — the workbench. **You are here → kdna-cli** — the toolchain. [Registry](https://github.com/aikdna/kdna-registry) — the catalog.
+[![npm](https://img.shields.io/npm/v/@aikdna/kdna-cli)](https://www.npmjs.com/package/@aikdna/kdna-cli) [![CI](https://github.com/aikdna/kdna-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/aikdna/kdna-cli/actions/workflows/ci.yml) [![License](https://img.shields.io/badge/license-Apache%202.0-blue)](LICENSE)
 
-**Role**: kdna-cli is the **runtime control plane** — the official reference implementation for domain validation, loading, packaging, comparison, and agent-facing runtime workflows. It bridges Studio output to Chat/Work consumption.
+> **KDNA Ecosystem:** [`kdna`](https://github.com/aikdna/kdna) — the protocol. [KDNAChat](https://github.com/aikdna/kdnachat) — the consumption client. [KDNA Studio](https://github.com/aikdna/kdnastudio) — the authoring tool. [KDNAWork](https://github.com/aikdna/kdnawork) — the workbench. **You are here → kdna-cli** — the toolchain. [Registry](https://github.com/aikdna/kdna-registry) — the catalog.
 
-**KDNA CLI is the official open-source reference implementation for KDNA validation, loading, packaging, comparison, registry access, and agent-facing runtime workflows.**
+**Role**: kdna-cli is the **runtime control plane** — the official reference implementation for asset validation, loading, installation, comparison, publishing, and agent-facing runtime workflows. It bridges Studio output to Chat/Work consumption.
+
+**KDNA CLI is the official open-source reference implementation for KDNA verification, loading, installation, comparison, registry access, publishing, and agent-facing runtime workflows.**
 
 It is the runtime control plane for loading, validating, composing, testing, and governing domain judgment for AI agents.
 
-KDNA CLI 是 KDNA 验证、加载、打包、比较、注册表访问和 Agent 运行时工作流的官方开源参考实现，也是 AI Agent 加载、验证、组合、测试和治理领域判断的运行控制平面。
+KDNA CLI 是 KDNA 验证、加载、安装、比较、注册表访问、发布和 Agent 运行时工作流的官方开源参考实现，也是 AI Agent 加载、验证、组合、测试和治理领域判断的运行控制平面。
 
 The CLI is how a KDNA domain judgment package becomes usable by agents. It installs KDNA domains, verifies their structure and trust metadata, loads them into agent-readable form, compares judgment paths with and without KDNA, and records traces for audit.
 
 KDNA CLI 让一个领域判断资产真正被 Agent 使用。它负责安装 KDNA、验证结构与信任信息、把 KDNA 转换成 Agent 可加载的形式、对比加载前后的判断路径，并记录可审计的使用痕迹。
 
+A `.kdna` asset is not created by writing JSON files. It is compiled by a
+Studio-compatible authoring pipeline that performs human confirmation,
+validation, canonicalization, identity generation, digest computation, signing,
+optional encryption, and provenance recording. kdna-cli verifies and publishes
+existing assets; it does not author trusted KDNA.
+
 Part of the [KDNA](https://github.com/aikdna/kdna) ecosystem.
 
 ## Install
@@ -47,20 +55,21 @@ kdna doctor --agents
 
 ## All Commands by Role
 
-### Domain Authoring
-
-| Command                            | Status       | Description                                     |
-| ---------------------------------- | ------------ | ----------------------------------------------- |
-| `kdna init <name>`                 | Beta         | Scaffold a new domain from template             |
-| `kdna dev validate <path>`         | Stable       | Validate a non-canonical dev source directory   |
-| `kdna dev pack <path>`             | Beta         | Build a dev source directory into a .kdna asset |
-| `kdna dev unpack <file>`           | Beta         | Unpack .kdna into a dev source directory        |
-| `kdna dev inspect <path>`          | Beta         | Inspect a non-canonical dev source directory    |
-| `kdna dev card <path>`             | Beta         | Display KDNA Card from a dev source directory   |
-| `kdna inspect <file.kdna>`         | Beta         | Inspect a .kdna asset                           |
-| `kdna publish <path>`              | Experimental | Pack + sign + publish to registry               |
-| `kdna publish --check <path>`      | Experimental | Quality gate check only                         |
-| `kdna version bump <level> [path]` | Beta         | Bump domain version                             |
+### Dev Source Utilities
+
+| Command                            | Status       | Description                                                                 |
+| ---------------------------------- | ------------ | --------------------------------------------------------------------------- |
+| `kdna init <name>`                 | Deprecated   | Alias for `kdna dev scaffold`; creates a non-canonical dev source workspace |
+| `kdna dev scaffold <name>`         | Beta         | Scaffold a non-canonical dev source workspace                               |
+| `kdna dev validate <path>`         | Stable       | Validate a non-canonical dev source directory                               |
+| `kdna dev pack <path>`             | Beta         | Build a dev-only non-trusted `.kdna` bundle                                 |
+| `kdna dev unpack <file>`           | Beta         | Unpack .kdna into a dev source directory                                    |
+| `kdna dev inspect <path>`          | Beta         | Inspect a non-canonical dev source directory                                |
+| `kdna dev card <path>`             | Beta         | Display KDNA Card from a dev source directory                               |
+| `kdna inspect <file.kdna>`         | Beta         | Inspect a .kdna asset                                                       |
+| `kdna publish <file.kdna>`         | Experimental | Publish an existing Studio-compiled `.kdna` asset                           |
+| `kdna publish --check <path>`      | Experimental | Dev source readiness check only; does not publish                           |
+| `kdna version bump <level> [path]` | Beta         | Bump domain version                                                         |
 
 ### Agent Runtime
 
@@ -98,6 +107,11 @@ kdna doctor --agents
 
 ### License & Authorization
 
+Licensed asset loading (`kdna install`, `kdna load`, `kdna verify`) requires a
+valid local activation. Full RFC-0008 conformance across JS Core, Swift Core,
+and CLI is tracked via cross-language test vectors in the
+[kdna](https://github.com/aikdna/kdna) conformance suite.
+
 | Command                                                     | Status       | Description                                                    |
 | ----------------------------------------------------------- | ------------ | -------------------------------------------------------------- |
 | `kdna license generate <domain> --to <email>`               | Experimental | Generate signed license                                        |
@@ -165,7 +179,7 @@ The minimum valid `.kdna` asset requires these internal entries:
 
 Each KDNA judgment file must include `meta.version`, `meta.domain`, `meta.created`, `meta.purpose`, and `meta.load_condition`.
 
-Source directories are dev-only authoring workspaces. Public install, inspect, verify, load, compare, and agent-facing commands consume `.kdna` assets or installed asset names, not source directories.
+Source directories are dev-only authoring workspaces. Public install, inspect, verify, load, compare, publish, and agent-facing commands consume `.kdna` assets or installed asset names, not source directories. To create a trusted `.kdna`, use KDNA Studio or a Studio-compatible compiler that records authoring provenance, Human Lock evidence, compiler metadata, and asset digest.
 
 ---
 
@@ -240,15 +254,15 @@ kdna license verify --json <file>
 
 ## Product Matrix
 
-| Layer        | Product                 | Responsibility                                              |
-| ------------ | ----------------------- | ----------------------------------------------------------- |
-| Protocol     | KDNA SPEC               | Define judgment asset format                                |
-| Core Library | @aikdna/kdna-core       | load / validate / compose / render                          |
-| Runtime      | @aikdna/kdna-cli        | Agent runtime + compile + verify + test + publish + license |
-| Authoring    | KDNA Studio             | Human-led judgment production                               |
-| Consumption  | KDNAChat                | Load, use, compare                                          |
-| Governance   | KDNA Governance Console | Approve, release, audit                                     |
-| Distribution | Registry                | Discover, install, license, distribute                      |
+| Layer        | Product                 | Responsibility                                                                |
+| ------------ | ----------------------- | ----------------------------------------------------------------------------- |
+| Protocol     | KDNA SPEC               | Define judgment asset format                                                  |
+| Core Library | @aikdna/kdna-core       | load / validate / compose / render                                            |
+| Runtime      | @aikdna/kdna-cli        | install / verify / load / compare / publish existing assets / license / trace |
+| Authoring    | KDNA Studio             | author / lock / compile / export / sign / encrypt                             |
+| Consumption  | KDNAChat                | Load, use, compare                                                            |
+| Governance   | KDNA Governance Console | Approve, release, audit                                                       |
+| Distribution | Registry                | Discover, install, license, distribute                                        |
 
 ## Development
 

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aikdna/kdna-cli",
-  "version": "0.19.3",
-  "description": "KDNA CLI — create, validate, install, and manage domain judgment packages for AI agents.",
+  "version": "0.20.1",
+  "description": "KDNA CLI — runtime control plane for verifying, installing, loading, comparing, publishing, and auditing existing .kdna assets.",
   "type": "commonjs",
   "bin": {
     "kdna": "src/cli.js",
@@ -48,11 +48,12 @@
     "node": ">=18"
   },
   "dependencies": {
-    "@aikdna/kdna-core": "^0.6.0"
+    "@aikdna/kdna-core": "^0.8.0"
   },
   "optionalDependencies": {
     "ajv": "^8.17.1",
-    "ajv-formats": "^3.0.1"
+    "ajv-formats": "^3.0.1",
+    "cbor-x": "^1.6.4"
   },
   "devDependencies": {
     "@eslint/js": "^9.39.0",

package/skills/kdna-loader/SKILL.md

@@ -295,7 +295,9 @@ Otherwise, stay silent about the loading mechanics.
 
 - Not a list of available KDNA domains (those are installed `.kdna` assets, discovered on demand)
 - Not a registry browser (use `kdna list --available` CLI)
-- Not a domain creator (use `kdna init <name>` CLI)
+- Not a domain creator. Agents may draft judgment proposals, but trusted `.kdna`
+  assets must be Human Locked and compiled by KDNA Studio or a
+  Studio-compatible compiler.
 - Not an auto-loader that runs on every request — you decide per
   request whether the task needs KDNA at all
 

package/src/capsule-verify.js

@@ -0,0 +1,70 @@
+// KDNA Capsule Verification — trust chain validation for agent consumption
+// Ensures agents receive verified, tamper-proof context capsules.
+const crypto = require('crypto');
+const { execFileSync } = require('child_process');
+
+function verifyCapsule(capsulePath, options = {}) {
+  const raw = require('fs').readFileSync(capsulePath, 'utf8');
+  let capsule;
+  try {
+    capsule = JSON.parse(raw);
+  } catch {
+    return { valid: false, error: 'Invalid capsule JSON' };
+  }
+
+  const errors = [];
+  const warnings = [];
+
+  // 1. Structural checks
+  if (capsule.type !== 'kdna.context.capsule') errors.push('Missing capsule type marker');
+  if (!capsule.domain) errors.push('Missing domain identifier');
+  if (!capsule.asset_digest) errors.push('Missing asset digest');
+  if (!capsule.signature) errors.push('Missing signature block');
+
+  // 2. Signature verification
+  if (capsule.signature && !capsule.signature.verified) {
+    errors.push('Capsule signature not verified — asset may be tampered');
+  }
+
+  // 3. Digest integrity
+  if (capsule.asset_digest && capsule.domain) {
+    try {
+      const kdnaHome =
+        process.env.KDNA_HOME || require('path').join(require('os').homedir(), '.kdna');
+      const packagesDir = require('path').join(
+        kdnaHome,
+        'packages',
+        capsule.domain.replace('@', '').replace('/', '-'),
+      );
+      // Check if the installed asset matches the capsule's claimed digest
+      const result = execFileSync('kdna', ['verify', capsule.domain, '--structure'], {
+        encoding: 'utf8',
+        timeout: 15000,
+        stdio: ['ignore', 'pipe', 'pipe'],
+      });
+      if (!result.includes('valid')) {
+        warnings.push('Could not verify installed asset against capsule digest');
+      }
+    } catch {
+      warnings.push('Could not run kdna verify to cross-check capsule digest');
+    }
+  }
+
+  // 4. Trace metadata
+  if (capsule.trace) {
+    if (!capsule.trace.schema_valid)
+      warnings.push('Schema validation was not performed during load');
+    if (!capsule.trace.signature_valid)
+      warnings.push('Asset signature was not verified during load');
+    if (!capsule.trace.loaded_at) warnings.push('Missing load timestamp');
+  }
+
+  return {
+    valid: errors.length === 0,
+    errors,
+    warnings,
+    capsule,
+  };
+}
+
+module.exports = { verifyCapsule };

package/src/cli.js

@@ -35,14 +35,9 @@ const {
   cmdLicenseActivate,
   cmdLicenseSync,
 } = require('./cmds/license');
+const { cmdProtect, cmdUnlock, cmdRecover } = require('./cmds/protect');
 const { cmdPreview, cmdProject, cmdEval, cmdExport, cmdDemo } = require('./cmds/legacy');
-const {
-  cmdStudioScaffold,
-  cmdCardsValidate,
-  cmdLockVerify,
-  cmdStudioCompile,
-  cmdStudioReadiness,
-} = require('./cmds/studio');
+const { cmdCardsValidate, cmdLockVerify } = require('./cmds/studio');
 const { cmdTestRun, cmdTestImport } = require('./cmds/test');
 const { cmdChangelog } = require('./cmds/changelog');
 const {
@@ -55,6 +50,8 @@ const {
 } = require('./cmds/governance');
 const { cmdBadgeCompute, cmdRegistryAudit } = require('./cmds/badge');
 const { cmdExplain } = require('./cmds/explain');
+const { cmdWorkpack } = require('./cmds/workpack');
+const { cmdProtocol } = require('./cmds/protocol');
 
 // ─── Main ─────────────────────────────────────────────────────────────
 
@@ -74,27 +71,26 @@ function showHelp() {
 
 Usage: kdna <command> [options]
 
-Domain Authoring:
-  init <name>                      Scaffold a new domain from template
+Dev Source Utilities (non-canonical):
+  init <name>                      Deprecated alias for dev scaffold
+  dev scaffold <name>              Scaffold a non-canonical dev source workspace
   dev validate <path>              Validate a dev source directory
-  dev pack <path>                  Build a dev source directory into .kdna
+  dev pack <path>                  Build a dev-only non-trusted .kdna bundle
   dev unpack <file>                Unpack .kdna into a dev source directory
   dev inspect <path>               Inspect a dev source directory
   dev card <path>                  Display KDNA Card from a dev source directory
   inspect <file.kdna>              Inspect a .kdna asset
   card <file.kdna> [--locale zh-CN] Display KDNA Card from a .kdna asset
   explain <name>                   Natural language summary: axioms, terms, scenarios
-  publish <path>                   Pack + sign + publish
-  publish --check <path>           Quality gate check only
+  publish <file.kdna>              Publish an existing Studio-compiled .kdna asset
+  publish --check <path>           Dev source readiness check only
   version bump <level> [path]      Bump domain version
   version bump --suggest [path]     Suggest version bump level
 
-Studio Integration (Phase 1):
-  studio scaffold <name>           Create Studio project + card templates
-  cards validate <project.json>    Validate Judgment Cards structure
-  lock verify <project.json>       Verify Human Lock status
-  studio compile <project.json>    Compile locked cards into KDNA domain
-  studio readiness <project.json>  Generate domain readiness card
+Studio Authoring Boundary (dev-preview only — use standalone kdna-studio for trusted authoring):
+  cards validate <project.json>    Dev-only card structure check
+  lock verify <project.json>       Dev-only Human Lock status check
+  studio                           Removed. Trusted KDNA authoring: npm install -g @aikdna/kdna-studio-cli
 
 Agent Runtime:
   route "<task>" [--json] [--discover]  5-Gate 7-State routing decision
@@ -125,6 +121,17 @@ Cluster Composition:
   cluster conflicts <path> --input Detect inter-domain conflicts
   cluster graph <path>             Output domain relationship graph (DOT/JSON)
 
+Work Pack (reusable AI work capabilities):
+  workpack init <name> [--domain]     Scaffold a new Work Pack from template
+  workpack validate <path>            Schema validation + structural completeness (L0→L1)
+  workpack validate <path> --json   Machine-readable validation output
+  workpack inspect <path>           Show Work Pack structure, KDNA refs, skills, gates
+  workpack inspect <path> --json    Machine-readable inspection output
+  workpack explain <path>           Natural-language explanation of what the Work Pack does
+  workpack plan <path> [--input]    Dry-run execution plan — what WOULD happen
+  workpack run <path> --input <f>   Execute Work Pack (--dry-run for simulation)
+  workpack report <session-id>      Display session report
+
 Governance & Release (Phase 6):
   proposal create --from-test <run> --domain <path>  Create improvement proposal
   proposal validate <proposal.json>   Validate proposal structure
@@ -139,11 +146,11 @@ Governance & Release (Phase 6):
 Quality & Distribution (Phase 7):
   badge compute <domain>              Compute quality badge (draft/tested/trusted)
   registry audit --scope <@scope>     Audit registry scope health
-  package <domain> --format=kdna      Package domain as distributable asset
 
 Registry & Distribution:
   install <name>                   Install domain from registry
   install <file.kdna>              Install a local .kdna asset
+  install <file.kdna> --trusted    Install with mandatory trust verification
   remove <name>                    Uninstall a domain
   update <name>                    Update installed domain
   info <name>                      Show domain metadata and trust status
@@ -175,6 +182,11 @@ License & Authorization:
   license show <license.json>              Display license details
   license status [domain] [--json]         Show installed license activation status
 
+Protected Assets (RFC-0009):
+  protect <file.kdna> --out <file.kdna> [--entries <list>]  Encrypt entries with password
+  unlock <file.kdna> [--profile compact|index|full]         Decrypt and load protected asset
+  recover <file.kdna> --out <file.kdna> [--code-stdin]       Reset password with recovery code
+
 Flags:
   --json                           Structured JSON output (machine-readable)
   --quiet                          Suppress non-error output
@@ -216,6 +228,11 @@ switch (cmd) {
       cmdPack(target, output);
       break;
     }
+    if (sub === 'scaffold') {
+      const { cmdInit } = require('./init');
+      cmdInit(args[2], { devScaffold: true });
+      break;
+    }
     if (sub === 'unpack') {
       const target = args[2];
       if (!target) error('Usage: kdna dev unpack <file.kdna>');
@@ -278,11 +295,10 @@ switch (cmd) {
         domainId = args[i];
       }
     }
-    if (!domainId) error('Usage: kdna install <domain-id|file.kdna>');
+    if (!domainId) error('Usage: kdna install <domain-id|file.kdna> [--trusted]');
 
     const { cmdInstallExtended } = require('./install');
     if (fromGit) {
-      // Legacy --from-git: treat as github: URL
       const url = fromGit.replace(/^https:\/\/github\.com\//, '').replace(/\.git$/, '');
       cmdInstallExtended(`github:${url}`, args);
     } else {
@@ -507,6 +523,14 @@ switch (cmd) {
     cmdCluster(args);
     break;
   }
+  case 'workpack': {
+    cmdWorkpack(args);
+    break;
+  }
+  case 'protocol': {
+    cmdProtocol(args);
+    break;
+  }
   case 'doctor': {
     cmdDoctor(args);
     break;
@@ -554,13 +578,28 @@ switch (cmd) {
     }
     break;
   }
+  case 'protect': {
+    const rest = args.slice(1);
+    cmdProtect(rest);
+    break;
+  }
+  case 'unlock': {
+    const rest = args.slice(1);
+    cmdUnlock(rest);
+    break;
+  }
+  case 'recover': {
+    const rest = args.slice(1);
+    cmdRecover(rest);
+    break;
+  }
   case 'identity': {
     cmdIdentity(args);
     break;
   }
   case 'init': {
     const { cmdInit } = require('./init');
-    cmdInit(args[1]);
+    cmdInit(args[1], { deprecatedAlias: true });
     break;
   }
   case 'publish': {
@@ -576,10 +615,10 @@ switch (cmd) {
       if (!target) {
         error(
           'Usage:\n' +
-            '  kdna publish <path>                      Pack + sign, output patch JSON\n' +
-            '  kdna publish <path> --release-tag <tag> --repo <owner/name>\n' +
+            '  kdna publish <file.kdna>                 Publish existing asset, output patch JSON\n' +
+            '  kdna publish <file.kdna> --release-tag <tag> --repo <owner/name>\n' +
             '                                           ...also upload to GitHub Release\n' +
-            '  kdna publish --check <path>              Quality gate only',
+            '  kdna publish --check <path>              Dev source readiness check only',
         );
       }
       cmdPublish(target, args);
@@ -621,28 +660,14 @@ switch (cmd) {
     break;
   }
   case 'studio': {
-    const sub = args[1];
-    if (sub === 'scaffold') {
-      const target = args.filter((a) => !a.startsWith('--'))[2];
-      if (!target) error('Usage: kdna studio scaffold <name> [--type=cluster] [--minimal]');
-      cmdStudioScaffold(target, args);
-    } else if (sub === 'compile') {
-      const target = args.filter((a) => !a.startsWith('--'))[2];
-      if (!target) error('Usage: kdna studio compile <studio.project.json> [--out <dir>]');
-      cmdStudioCompile(target, args);
-    } else if (sub === 'readiness') {
-      const target = args.filter((a) => !a.startsWith('--'))[2];
-      if (!target) error('Usage: kdna studio readiness <studio.project.json>');
-      cmdStudioReadiness(target, args);
-    } else {
-      error(
-        'Usage:\n' +
-          '  kdna studio scaffold <name> [--type=cluster] [--minimal]\n' +
-          '  kdna studio compile <studio.project.json> [--out <dir>]\n' +
-          '  kdna studio readiness <studio.project.json>',
-        EXIT.INPUT_ERROR,
-      );
-    }
+    error(
+      'kdna studio has been removed from the runtime CLI.\n' +
+        'Trusted KDNA authoring belongs to the standalone Studio CLI:\n' +
+        '  npm install -g @aikdna/kdna-studio-cli\n' +
+        '  kdna-studio create <project>\n' +
+        '  kdna-studio export <project> --out <file.kdna> --sign',
+      EXIT.INPUT_ERROR,
+    );
     break;
   }
   default:

package/src/cmds/_common.js

@@ -53,17 +53,18 @@ function usage() {
 
 Usage:
 
-  --- Domain authors ---
-  kdna init <name>              Scaffold a new KDNA domain from template
+  --- Dev source utilities (non-canonical) ---
+  kdna init <name>              Deprecated alias for kdna dev scaffold <name>
+  kdna dev scaffold <name>      Scaffold a non-canonical dev source workspace
   kdna dev validate <path>      Validate a dev source directory
-  kdna dev pack <path>          Build a dev source directory into .kdna
+  kdna dev pack <path>          Build a dev-only non-trusted .kdna bundle
   kdna dev unpack <path>        Unpack .kdna into a dev source directory
   kdna dev inspect <path>       Inspect a dev source directory
   kdna dev card <path>          Display KDNA Card from a dev source directory
   kdna inspect <file.kdna>      Inspect a .kdna asset
-  kdna publish <path>           Pack + sign a dev source directory
-  kdna publish <path> --release-tag <tag> --repo <o/r>   ...also upload to GitHub
-  kdna publish --check <path>   Run quality gate only (no pack/upload)
+  kdna publish <file.kdna>      Publish an existing Studio-compiled .kdna asset
+  kdna publish <file.kdna> --release-tag <tag> --repo <o/r>   ...also upload to GitHub
+  kdna publish --check <path>   Run dev source readiness checks only
   kdna version bump <patch|minor|major> [path]   Bump domain version
   kdna cluster lint <path>      Validate a cluster manifest
 
@@ -109,8 +110,8 @@ Examples:
   kdna install writing
   kdna verify @aikdna/writing
   kdna available
-  kdna init my_domain
-  kdna publish ./my_domain --release-tag v0.1.0 --repo yourname/kdna-my_domain`);
+  kdna dev scaffold my_domain
+  kdna publish ./dist/my_domain.kdna --release-tag v0.1.0 --repo yourname/kdna-my_domain`);
 }
 
 // Exit codes — semantic exit codes for all KDNA CLI commands
@@ -168,6 +169,62 @@ function loadRegistry() {
   return loadCanonicalRegistry({ allowNetwork: true });
 }
 
+/**
+ * Prompt for a password interactively without echoing to the terminal.
+ * Reads from stdin pipe if non-interactive.
+ */
+function promptPassword(question) {
+  const tty = require('tty');
+
+  // Non-interactive: read from stdin pipe
+  if (!tty.isatty(process.stdin.fd)) {
+    const data = fs.readFileSync(0, 'utf8').trim();
+    return data;
+  }
+
+  process.stdout.write(question);
+  const stdin = process.stdin;
+  const wasRaw = stdin.isRaw;
+
+  if (stdin.setRawMode) {
+    stdin.setRawMode(true);
+  }
+  stdin.resume();
+
+  let password = '';
+  const buffer = Buffer.alloc(1);
+
+  while (true) {
+    fs.readSync(stdin.fd, buffer, 0, 1);
+    const ch = buffer[0];
+    if (ch === 0x0d || ch === 0x0a) {
+      process.stdout.write('\n');
+      break;
+    }
+    if (ch === 0x03) {
+      // Ctrl+C
+      if (stdin.setRawMode) stdin.setRawMode(!!wasRaw);
+      stdin.pause();
+      process.exit(130);
+    }
+    if (ch === 0x7f) {
+      // Backspace
+      if (password.length > 0) {
+        password = password.slice(0, -1);
+        process.stdout.write('\b \b');
+      }
+      continue;
+    }
+    password += String.fromCharCode(ch);
+  }
+
+  if (stdin.setRawMode) {
+    stdin.setRawMode(!!wasRaw);
+  }
+  stdin.pause();
+  return password;
+}
+
 module.exports = {
   EXIT,
   USER_KDNA_DIR,
@@ -185,4 +242,5 @@ module.exports = {
   selfCheckText,
   isYesNoSelfCheck,
   loadRegistry,
+  promptPassword,
 };

package/src/cmds/domain.js

@@ -213,6 +213,9 @@ function cmdPack(dir, outputDir) {
   if (!core) error('KDNA_Core.json not found or invalid');
   if (!pat) error('KDNA_Patterns.json not found or invalid');
 
+  console.warn('Warning: kdna dev pack creates a dev-only non-trusted .kdna bundle.');
+  console.warn('Use KDNA Studio compile/export to create a trusted canonical .kdna asset.');
+
   // Human Lock Gate — check judgment-class cards before packing
   const { checkHumanLock } = require('../publish');
   const hl = checkHumanLock(abs);
@@ -328,11 +331,18 @@ with zipfile.ZipFile(out, 'w', zipfile.ZIP_DEFLATED) as zf:
     error(`Cannot create ZIP.\n${hints[platform] || 'Install python3 or zip command.'}`);
   }
 
-  const fileCount = manifest.file_count || 0;
+  // Count KDNA domain files from actual filesystem, not manifest (which may be stale)
+  const fileCount = [...KDNA_DOMAIN_FILES].filter((f) => fs.existsSync(path.join(abs, f))).length;
+  // Update manifest file_count to match reality
+  if (manifest.file_count !== fileCount) {
+    manifest.file_count = fileCount;
+    writeJson(path.join(abs, 'kdna.json'), manifest);
+  }
   console.log(`✓ Packed: ${outPath}`);
   console.log(`  Domain: ${domainName} v${manifest.version}`);
   console.log(`  Files: ${fileCount} KDNA JSONs`);
   console.log(`  Container: ZIP (DEFLATE)`);
+  console.log(`  Trust: dev-only bundle; not registry-trusted`);
 }
 
 // #22: Node.js-native ZIP creator (zero dependencies, fallback when python3/zip unavailable)
@@ -527,6 +537,7 @@ function inspectKdnaFile(filePath, jsonMode = false) {
       status: m.status || 'experimental',
       access: m.access || 'open',
       author: m.author?.name || null,
+      authoring: m.authoring || null,
       license: m.license?.type || null,
       created: m.created || c.meta?.created || null,
       description: m.description || c.meta?.purpose || null,
@@ -558,6 +569,14 @@ function inspectKdnaFile(filePath, jsonMode = false) {
   console.log(`  Status:      ${m.status || 'experimental'}`);
   console.log(`  Access:      ${m.access || 'open'}`);
   console.log(`  Author:      ${m.author?.name || '?'}`);
+  if (m.authoring) {
+    console.log(
+      `  Authoring:   ${m.authoring.created_by || '?'} via ${m.authoring.compiler || m.authoring.authoring_tool || '?'}`,
+    );
+    console.log(
+      `  Human Lock:  ${m.authoring.human_confirmed ? 'confirmed' : 'unconfirmed'} (${m.authoring.human_lock_count ?? 0})`,
+    );
+  }
   console.log(`  License:     ${m.license?.type || '?'}`);
   console.log(`  Created:     ${m.created || c.meta?.created || '?'}`);
   console.log(`  Description: ${m.description || c.meta?.purpose || '?'}`);

package/src/cmds/governance.js

@@ -246,7 +246,7 @@ function cmdLockCard(args = []) {
   const projectPath = path.resolve('studio.project.json');
   if (!fs.existsSync(projectPath)) {
     error(
-      'No studio.project.json found in current directory. Run: kdna studio scaffold',
+      'No studio.project.json found in current directory. Run: kdna-studio create',
       EXIT.INPUT_ERROR,
     );
   }