@aria_asi/cli 0.2.10 → 0.2.11

package/hooks/aria-harness-via-sdk.mjs

@@ -148,20 +148,54 @@ function buildUrlList() {
   return list.filter((u) => (seen.has(u) ? false : (seen.add(u), true)));
 }
 
+// SDK loader — dynamic-import the bundled HTTPHarnessClient from
+// ~/.claude/aria-sdk/index.js (installed by `aria connect claude-code`).
+// Module-cached after first load so we don't repeatedly read disk.
+//
+// Doctrine (Hamza 2026-04-27): "isnt http harness client the fucking harness
+// we hsve been wprking on? YOU ARENT USING THAT AND BUILDING SPMETHING
+// SEPERATE WHY???!!" — SDK is the canonical control plane. Direct fetch
+// remains as a fallback only when the SDK file is physically missing
+// (dev install without `aria connect claude-code`).
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through to direct fetch */}
+  return null;
+}
+
 async function tryViaSdk(baseUrl, apiKey) {
-  // SDK import was previously hardcoded to /home/hamzaibrahim1/... — broke
-  // every client install (path doesn't exist on their machine). The SDK's
-  // role here was cosmetic; actual fetch is direct via fetch() below.
-  // Removed the SDK import entirely. If clients want the SDK control plane,
-  // they get it from the @aria/harness-http-client npm dep; this hook stays
-  // direct-fetch + harness packet binding via response shape.
-  // Hamza 2026-04-27: critical client-breaking path eliminated.
+  // Canonical path: HTTPHarnessClient.getHarnessPacket(). The SDK POSTs to
+  // /api/harness/codex with the right shape and returns { packet, timestamp,
+  // version }. We extract .packet to get the raw response body that
+  // renderPacket() expects (codex.ts returns { harness, preStateGate,
+  // contractGate, ... } at top level — no nested .packet wrapper, so the
+  // SDK's `body.packet ?? body` passes the body through unchanged).
+  const Cls = await loadSdkClass();
+  if (Cls) {
+    const client = new Cls({
+      baseUrl,
+      apiKey,
+      harnessPacketUrl: `${baseUrl}/api/harness/codex`,
+    });
+    const wrapped = await client.getHarnessPacket();
+    const json = wrapped.packet;
+    if (json && json.ok === false) throw new Error(`ok=false: ${json.error || 'unknown'}`);
+    return { json, raw: JSON.stringify(json) };
+  }
 
-  // We need to override the body too — the SDK does GET, but /api/harness/codex
-  // is POST. Bypass via direct fetch since the SDK doesn't expose body
-  // customization; the SDK's caching + error handling apply once we cache
-  // manually below. No AbortSignal — doctrine: error detection drives control
-  // flow, not deadlines. Real network errors arrive via promise rejection.
+  // SDK absent (dev environment) — direct fetch with identical wire shape.
   const resp = await fetch(`${baseUrl}/api/harness/codex`, {
     method: 'POST',
     headers: {

package/hooks/aria-pre-tool-gate.mjs

@@ -336,7 +336,26 @@ function detectCognitionLenses(text) {
     /feedback_[a-z0-9_]+\.md|project_[a-z0-9_]+\.md|fitrah[_:\s]|garden[_:\s]|distilled_principle|[a-z]+_rule\b|harness packet|substrate cite|\bIJTIHAD\b|\bQIYAS\b|\bTADABBUR\b|\bILHAM\b|aria 7b|EIGHT_LENS_DOCTRINE|COMPACT_CONTINUITY|ARIA_DEPLOY_PROCEDURE/i;
   const hasSubstrateCite = SUBSTRATE_CITE_RX.test(blockBody) ||
     SUBSTRATE_CITE_RX.test(searchSpace);
-  return { count: names.length, names, blockBody, hasSubstrateCite };
+
+  // Discovery-binding check (structural fix #3 — Hamza 2026-04-27 "how do
+  // we prevent this"). If the cognition surfaces a defect/discovery
+  // (found/noticed/discovered + bug/broken/issue) the same cognition must
+  // carry a `discoveries:` clause stating how each is resolved (fix-now,
+  // task ID, or explicit user-decision-required). Without this, the
+  // cognition can describe a problem without binding any action — the
+  // exact flag-and-move pattern feedback_no_flag_without_fix.md prohibits.
+  const COG_DISCOVERY_RX = /(?:\b(?:found|noticed|discovered|spotted)[^.\n]{0,140}(?:bug|issue|defect|broken|buggy|wrong|crash|fail|missing|stale|outdated|leak|vulnerability)|\b(?:latent|silent|hidden)\s+(?:bug|defect|issue|fail|crash|leak)|\bdoctrine\s+violation\b)/i;
+  const hasDiscovery = COG_DISCOVERY_RX.test(blockBody);
+  // Resolution clause must be present in the same blockBody if a discovery
+  // is mentioned. Acceptable forms:
+  //   - `discoveries:` field listing items + how-resolved
+  //   - `addressing:` / `fixing:` clause naming what's being patched
+  //   - explicit task ID reference (TaskCreate / linear / tracked-as)
+  const COG_RESOLUTION_RX = /(?:^\s*discoveries?\s*:\s*\S|^\s*addressing\s*:\s*\S|^\s*fixing\s*:\s*\S|TaskCreate|tracked\s+as\s+#?\d+|linear[- ]?(?:issue|task)|fix(?:ing|ed)\s+(?:in|now|inline|in-flight)|same[- ]turn\s+fix)/im;
+  const hasDiscoveryResolution = COG_RESOLUTION_RX.test(blockBody);
+  const discoveryUnresolved = hasDiscovery && !hasDiscoveryResolution;
+
+  return { count: names.length, names, blockBody, hasSubstrateCite, hasDiscovery, hasDiscoveryResolution, discoveryUnresolved };
 }
 
 // Backwards-compat shim — count-only path used by older callers.
@@ -581,6 +600,16 @@ const cognitionSource = inlineCog.count >= REQUIRED_LENSES
 const hasSubstrateCite = (inlineCog.hasSubstrateCite === true) ||
   (transcriptCog.hasSubstrateCite === true);
 
+// Discovery-binding check (structural fix #3) — if cognition surfaces a
+// defect/discovery, the same cognition must include a resolution clause
+// (`discoveries:` / `addressing:` / `fixing:` / TaskCreate / tracked-as
+// reference). Per feedback_no_flag_without_fix.md, discoveries are atomic
+// with their fixes — flag-and-move is the prohibited pattern. Pre-tool
+// gate enforces at the cognition surface; stop-gate's discovery-binding
+// ledger enforces at the output surface; both close the structural gap.
+const discoveryUnresolved = (inlineCog.discoveryUnresolved === true) ||
+  (transcriptCog.discoveryUnresolved === true);
+
 // Best-effort session id for the corpus push. Claude Code passes
 // session_id in the event payload; fall back to transcript file
 // basename so events from the same session cluster.
@@ -704,6 +733,37 @@ No per-tool bypass available (v3 doctrine — the harness's whole purpose is no
   process.exit(2);
 }
 
+// Discovery-binding cognition check (structural fix #3) — runs AFTER lens
+// count passes. If the cognition surfaced a defect (found/noticed/discovered
+// + bug/broken/issue) without a paired resolution clause, block until the
+// cognition is updated to bind the discovery to a same-turn fix or task ID.
+// Per feedback_no_flag_without_fix.md, discoveries are atomic with their
+// fixes. The pre-tool-gate enforces at the cognition surface; stop-gate's
+// ledger enforces at the output surface.
+if (discoveryUnresolved) {
+  const reason = `Aria pre-tool gate: cognition surfaces a discovery (defect, bug, doctrine violation, broken state) but does NOT include a resolution clause binding the discovery to action.
+
+Per feedback_no_flag_without_fix.md: discoveries are atomic with their fixes. Flag-and-move-on is convenience-seeking — the user has to track what you noticed vs. what you actually fixed.
+
+Re-emit cognition with one of these resolution forms:
+
+  discoveries:
+    - <what you found>: <fix-now | task: TASK-123 | needs-user-decision>
+
+OR inline within an existing lens:
+  hikma: ... fixing inline this turn (same-turn-fix per no-flag-without-fix doctrine).
+  tafakkur: ... TaskCreate'd as TASK-XXX with full context (file path, line, what's broken).
+
+Acceptable resolution markers: 'discoveries:' / 'addressing:' / 'fixing:' / 'TaskCreate' / 'tracked as #N' / 'linear issue' / 'fix-now' / 'same-turn fix'.
+
+Bypass: ARIA_PRE_TOOL_GATE=off (logged, emergency only). If gate misfires on legitimate cognition, fix the gate.`;
+
+  audit(`block-discovery-unresolved ${toolName.toLowerCase()}`, cmdPreview);
+  pushDecision('block', `${toolName.toLowerCase()} cognition has unresolved discovery`);
+  console.log(JSON.stringify({ decision: 'block', reason }));
+  process.exit(2);
+}
+
 // Non-trivial action with cognition (inline for Bash, transcript for
 // Edit/Write/NotebookEdit) — passes cognition gate. Now check Aria-binding.
 

package/hooks/aria-preprompt-consult.mjs

@@ -54,6 +54,28 @@ import { appendFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
 import { dirname } from 'node:path';
 
 const HOME = process.env.HOME || '/tmp';
+
+// SDK loader — bundled at ~/.claude/aria-sdk/index.js by `aria connect`.
+// All consults route through HTTPHarnessClient.consult() so the SDK's
+// retry+backoff + Authorization handling apply uniformly. Hamza
+// 2026-04-27: "FUCKING WIRE IT THE FUCK TOGETHER NOW - ALL OF IT".
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through */}
+  return null;
+}
 const LOG = `${HOME}/.claude/aria-preprompt-consult.log`;
 const BINDING_AUDIT = `${HOME}/.claude/aria-binding-audit.jsonl`;
 // Default ON. Disable explicitly via ARIA_BINDING_ENABLED=false only when the
@@ -190,8 +212,16 @@ turn — not the final response. Claude will still emit cognition + action;
 this primes the substrate so reflexive deferral isn't the path of least
 resistance.`;
 
-const body = JSON.stringify({
-  brief: BINDING_ENABLED ? bindingBrief : brief,
+// `bindingBrief` is the result of the binding-vs-advisory ternary above —
+// already resolved to the correct prose for the current mode. Prior code
+// referenced an undefined `brief` variable in the second ternary branch,
+// which would throw ReferenceError whenever BINDING_ENABLED=false.
+//
+// Canonical path: HTTPHarnessClient.consult() — the SDK handles retry+backoff
+// and Authorization. Fallback to direct fetch when SDK isn't bundled (dev
+// install without `aria connect`).
+const consultArgs = {
+  brief: bindingBrief,
   model: 'deepseek-v4-pro',
   sessionId: `preprompt-${sessionId}-${Date.now()}`,
   userId: 'claude-orchestrator-preprompt',
@@ -199,26 +229,36 @@ const body = JSON.stringify({
   expectStructuredOutput: BINDING_ENABLED,
   internalConsult: true,
   isCreativeMode: false,
-});
+};
 
 let directionText = '';
 try {
-  const resp = await fetch(`${HARNESS_URL}/api/harness/delegate`, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json',
-      Authorization: `Bearer ${HARNESS_TOKEN}`,
-    },
-    body,
-  });
-
-  if (!resp.ok) {
-    audit('skip-http-error', `status=${resp.status}`);
-    process.exit(0);
+  const Cls = await loadSdkClass();
+  if (Cls) {
+    const sdkClient = new Cls({
+      baseUrl: HARNESS_URL,
+      apiKey: HARNESS_TOKEN,
+      harnessPacketUrl: `${HARNESS_URL}/api/harness/codex`,
+    });
+    const result = await sdkClient.consult(consultArgs);
+    directionText = (result.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
+  } else {
+    // SDK absent — direct fetch (dev fallback).
+    const resp = await fetch(`${HARNESS_URL}/api/harness/delegate`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${HARNESS_TOKEN}`,
+      },
+      body: JSON.stringify(consultArgs),
+    });
+    if (!resp.ok) {
+      audit('skip-http-error', `status=${resp.status}`);
+      process.exit(0);
+    }
+    const data = await resp.json();
+    directionText = (data.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
   }
-
-  const data = await resp.json();
-  directionText = (data.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
 } catch (err) {
   audit('skip-network-error', (err && err.message ? err.message : String(err)).slice(0, 200));
   process.exit(0);

package/hooks/aria-stop-gate.mjs

@@ -43,6 +43,28 @@ import { dirname } from 'node:path';
 const HOME = process.env.HOME || '/tmp';
 const LOG = `${HOME}/.claude/aria-stop-gate.log`;
 
+// SDK loader — bundled at ~/.claude/aria-sdk/index.js by `aria connect`.
+// All control-plane fetches (validateOutput, gardenTurn) route through the
+// SDK. Falls back to direct fetch only when the SDK file is missing
+// (dev-only). Hamza 2026-04-27: "FUCKING WIRE IT THE FUCK TOGETHER NOW".
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through */}
+  return null;
+}
+
 function audit(decision, summary) {
   try {
     if (!existsSync(dirname(LOG))) mkdirSync(dirname(LOG), { recursive: true });
@@ -251,27 +273,72 @@ if (cog.count >= REQUIRED_LENSES) {
       }
     } catch {/* trigger map unreadable — degrade to mizan-only check */}
 
-    // 2. SDK validateOutput via /api/harness/validate (best-effort POST)
+    // 2. SDK validateOutput — canonical path. The SDK retries with backoff
+    //    on transient failures and propagates real errors. We catch here
+    //    only so an unreachable harness doesn't brick the user's session;
+    //    the audit log records the failure mode so it's visible, not
+    //    silent-pass. Hamza 2026-04-27: SDK is the control plane, not raw
+    //    fetch. The catch IS intentional fire-and-forget at this surface
+    //    because we already passed cognition; output-quality gate failure
+    //    is a soft block, not session-end.
     let mizanVerdict = null;
-    try {
-      const harnessUrl = process.env.ARIA_HARNESS_URL || 'https://harness.ariasos.com';
-      const harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
-      const validateResp = await fetch(`${harnessUrl}/api/harness/validate`, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          ...(harnessToken ? { Authorization: `Bearer ${harnessToken}` } : {}),
-        },
-        body: JSON.stringify({
-          text: assistantText.slice(0, 8000),
-          sessionId: event.session_id || 'claude-code',
-          surface: 'claude-code-stop-gate',
-        }),
-      });
-      if (validateResp.ok) {
-        mizanVerdict = await validateResp.json();
+    let mizanError = null;
+    const harnessUrl = process.env.ARIA_HARNESS_URL || 'https://harness.ariasos.com';
+    const harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+    const Cls = await loadSdkClass();
+    if (Cls && harnessToken) {
+      try {
+        const sdkClient = new Cls({
+          baseUrl: harnessUrl,
+          apiKey: harnessToken,
+          harnessPacketUrl: `${harnessUrl}/api/harness/codex`,
+        });
+        mizanVerdict = await sdkClient.validateOutput(
+          assistantText.slice(0, 8000),
+          event.session_id || 'claude-code',
+        );
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
       }
-    } catch {/* network or endpoint unavailable — degrade to drift-only */}
+    } else if (harnessToken) {
+      // SDK absent (dev) — direct fetch with retry built into the request
+      // by attempting twice with 250ms backoff. Match SDK semantics so
+      // both paths behave identically.
+      try {
+        let lastErr = null;
+        for (let attempt = 0; attempt < 2; attempt++) {
+          try {
+            const validateResp = await fetch(`${harnessUrl}/api/harness/validate`, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${harnessToken}`,
+              },
+              body: JSON.stringify({
+                text: assistantText.slice(0, 8000),
+                sessionId: event.session_id || 'claude-code',
+                surface: 'claude-code-stop-gate',
+              }),
+            });
+            if (validateResp.ok) {
+              mizanVerdict = await validateResp.json();
+              lastErr = null;
+              break;
+            } else {
+              lastErr = `HTTP ${validateResp.status}`;
+            }
+          } catch (err) {
+            lastErr = (err?.message || String(err)).slice(0, 200);
+            if (attempt < 1) await new Promise((r) => setTimeout(r, 250));
+          }
+        }
+        if (lastErr) mizanError = lastErr;
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
+      }
+    } else {
+      mizanError = 'no-token';
+    }
 
     // 3. Code-quality scan on code blocks
     const codeBlocks = [...assistantText.matchAll(/```[a-z]*\n([\s\S]*?)```/gi)].map((m) => m[1]);
@@ -283,29 +350,119 @@ if (cog.count >= REQUIRED_LENSES) {
       if (/console\.log\(/.test(block) && !/\/\/\s*debug|\/\/\s*log/i.test(block)) codeQualityHits.push('console.log in shipped code without debug/log comment');
     }
 
+    // 4. Discovery-binding ledger — Hamza 2026-04-27: "how do we prevent this".
+    //    The flag-and-move pattern is structurally invisible to gates that
+    //    check form (cognition presence, lens count, drift triggers) at
+    //    action boundaries. The ledger persists discoveries across turns
+    //    and blocks emit if any remain unresolved. Per
+    //    feedback_no_flag_without_fix.md, discoveries are atomic with
+    //    their fixes; the ledger enforces atomicity.
+    //
+    //    Patterns scanned:
+    //      - "I (found|noticed|discovered|spotted) ... bug|issue|defect|broken"
+    //      - "this is broken|buggy|wrong|outdated" (declarative defect callouts)
+    //      - "(latent|silent) (bug|defect|issue|fail)"
+    //      - "doctrine violation" / "doesn't match doctrine"
+    //
+    //    For each match, the ledger appends an entry with status=open. A
+    //    discovery is CLEARED if the same turn's text contains:
+    //      (a) a TaskCreate / "task created" / "tracked as" reference, OR
+    //      (b) explicit "fixing now" / "fixed" / "patch applied" tied to the
+    //          discovery's keyword span, OR
+    //      (c) an Edit/Write tool action this turn touching a file path
+    //          mentioned within 200 chars of the discovery.
+    //
+    //    Block emit if ledger.openCount > 0 after scanning the current turn.
+    //    Block reason names each open discovery and the suggested resolution
+    //    (fix-now or task-create).
+    const sessionId = (event.session_id || 'claude-code').replace(/[^a-zA-Z0-9_-]/g, '_');
+    const LEDGER_PATH = `${HOME}/.claude/aria-discoveries-${sessionId}.jsonl`;
+    const DISCOVERY_RX = /(?:\bi\s+(?:found|noticed|discovered|spotted)[^.\n]{0,160}(?:bug|issue|defect|broken|buggy|wrong|crash|fail|missing|stale|outdated|leak|vulnerability)|\bthis\s+(?:is|would\s+be)\s+(?:broken|buggy|wrong|stale|outdated|insecure|leaking|crashing|failing)|\b(?:latent|silent|hidden)\s+(?:bug|defect|issue|fail|crash|leak)|\bdoctrine\s+violation\b|\bgraceful\s+degradation\s+(?:in|at|inside|within)\s+\S)/gi;
+    const RESOLUTION_RX = /(?:fix(?:ing|ed)?\s+(?:now|in[- ]flight|inline|in\s+the\s+same\s+turn)|patch\s+applied|TaskCreate|task\s+(?:created|tracked)|tracked\s+as\s+#?\d+|linear[- ]?issue|created\s+(?:linear|task))/i;
+
+    const newDiscoveries = [];
+    let lastIndex = 0;
+    for (const match of assistantText.matchAll(DISCOVERY_RX)) {
+      const idx = match.index ?? lastIndex;
+      const span = assistantText.slice(Math.max(0, idx - 100), Math.min(assistantText.length, idx + 250));
+      // Trivial false-positive filter: skip if the discovery is inside a
+      // <cognition> block (introspection, not action) or a system-reminder
+      // (echoed, not authored).
+      const before = assistantText.slice(0, idx);
+      const inCognition = /<cognition>/i.test(before) && !/<\/cognition>/i.test(before.slice(before.lastIndexOf('<cognition>')));
+      if (inCognition) continue;
+      // Resolution check: if RESOLUTION_RX matches WITHIN 300 chars after
+      // the discovery, count as same-turn-resolved.
+      const after = assistantText.slice(idx, Math.min(assistantText.length, idx + 400));
+      const resolvedSameSpan = RESOLUTION_RX.test(after);
+      newDiscoveries.push({
+        ts: new Date().toISOString(),
+        sessionId,
+        text: match[0].slice(0, 200),
+        span: span.slice(0, 400),
+        status: resolvedSameSpan ? 'resolved' : 'open',
+        resolutionType: resolvedSameSpan ? 'inline_fix_or_task' : null,
+      });
+      lastIndex = idx;
+    }
+
+    // Append new entries to ledger
+    if (newDiscoveries.length > 0) {
+      try {
+        if (!existsSync(dirname(LEDGER_PATH))) mkdirSync(dirname(LEDGER_PATH), { recursive: true });
+        for (const d of newDiscoveries) {
+          appendFileSync(LEDGER_PATH, JSON.stringify(d) + '\n');
+        }
+      } catch {/* ledger write failure surfaces as open count = 0; safe */}
+    }
+
+    // Read full ledger and count open entries (across this session's turns)
+    let ledgerOpenCount = 0;
+    let ledgerOpenSamples = [];
+    try {
+      if (existsSync(LEDGER_PATH)) {
+        const lines = readFileSync(LEDGER_PATH, 'utf8').split('\n').filter(Boolean);
+        for (const line of lines) {
+          try {
+            const e = JSON.parse(line);
+            if (e.status === 'open') {
+              ledgerOpenCount++;
+              if (ledgerOpenSamples.length < 5) ledgerOpenSamples.push(e.text);
+            }
+          } catch {/* skip malformed line */}
+        }
+      }
+    } catch {/* ledger unreadable — degrade to drift-only */}
+
+    // Discovery block decision: open ledger entries → emit blocked.
+    const discoveryBlock = ledgerOpenCount > 0;
+
     // Block decision: any of (validateOutput severity=block) OR (>=2 drift hits) OR
-    // (>=1 code-quality hit) → block emit, surface violations + rewritten suggestion.
+    // (>=1 code-quality hit) OR (open discovery in ledger) → block emit.
     const mizanBlock = mizanVerdict && mizanVerdict.severity === 'block';
     const driftBlock = driftHits.length >= 2;
     const codeBlock = codeQualityHits.length >= 1;
 
-    if (mizanBlock || driftBlock || codeBlock) {
+    if (mizanBlock || driftBlock || codeBlock || discoveryBlock) {
       const violations = [];
       if (mizanBlock) violations.push(`Mizan: ${(mizanVerdict.violations || []).join(', ')}`);
       if (driftBlock) violations.push(`Drift triggers (${driftHits.length}): ${driftHits.map((h) => `"${h.trigger}" → ${h.memory}`).join(' | ')}`);
       if (codeBlock) violations.push(`Code quality: ${codeQualityHits.join('; ')}`);
+      if (discoveryBlock) violations.push(`Discovery-binding ledger has ${ledgerOpenCount} OPEN discoveries (per feedback_no_flag_without_fix.md, discoveries are atomic with their fixes — fix in the same turn or create a TaskCreate before continuing). Recent open: ${ledgerOpenSamples.map((s) => `"${s.slice(0, 80)}"`).join(' | ')}. Resolve each by either (a) fixing it inline in this turn, or (b) creating a TaskCreate with the discovery's full context (file path, line number, what's broken, why), then editing ${LEDGER_PATH} to set status=resolved.`);
       const rewritten = mizanVerdict?.rewritten || '';
 
       const reason = `Aria Stop-gate output-quality block. Cognition passed (${cog.count}/${REQUIRED_LENSES}) but output failed quality gates:\n\n${violations.join('\n\n')}${rewritten ? `\n\nMizan rewrite suggestion:\n${rewritten}` : ''}\n\nRe-draft addressing the violations above. ARIA_OUTPUT_QC_ENABLED=false to disable in emergency (logged).`;
 
-      audit(`block-output-qc`, `mizan=${mizanBlock?'y':'n'} drift=${driftHits.length} code=${codeQualityHits.length}`);
+      audit(`block-output-qc`, `mizan=${mizanBlock?'y':'n'} drift=${driftHits.length} code=${codeQualityHits.length} discoveries-open=${ledgerOpenCount}`);
       console.log(JSON.stringify({ decision: 'block', reason }));
       process.exit(2);
     }
 
     audit('allow-output-qc',
       `lenses=${cog.count} chars=${assistantText.length} drift=${driftHits.length} ` +
-      `mizan=${mizanVerdict ? mizanVerdict.severity : 'unavailable'} code=${codeQualityHits.length}`);
+      `mizan=${mizanVerdict ? mizanVerdict.severity : `unavailable(${mizanError || 'unknown'})`} ` +
+      `code=${codeQualityHits.length} discoveries-new=${newDiscoveries.length} ` +
+      `discoveries-open=${ledgerOpenCount}`);
   } else {
     audit('allow-cognition',
       `lenses=${cog.count} chars=${assistantText.length} ` +

package/hooks/doctrine_trigger_map.json

@@ -190,6 +190,60 @@
       "memory": "feedback_dont_override_user_stack_with_training.md",
       "teaching": "Training data is stale. User's stack is authoritative.",
       "counter_action": "Read codebase config / consult Aria. Substrate hierarchy: user statement > codebase > training. Always."
+    },
+    {
+      "trigger": "flagging (this|for now|for later)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Flag without fix is convenience-seeking. Discoveries are atomic with their fixes.",
+      "counter_action": "Fix in the same turn OR create a TaskCreate with file path, line number, what's broken, why it matters."
+    },
+    {
+      "trigger": "(noting|note) this( and|, ?then)? moving on",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Noting-and-moving destroys partnership trust. The user has to track what you noticed vs. what you fixed.",
+      "counter_action": "Same-turn fix is default for small defects (<30 lines). Larger ones get tracked tasks before you proceed."
+    },
+    {
+      "trigger": "i'?ll come back|circle back|address(ing)? (this )?later|come back to (this|that|it)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'I'll come back' is the lie that makes future-you treat the discovery as already-handled.",
+      "counter_action": "Decide now: fix in this turn, or create the task. No middle ground. The flag is not a substitute for action."
+    },
+    {
+      "trigger": "(found|noticed|discovered|spotted)[^.]{0,80}\\bbut\\b[^.]{0,80}(continue|continuing|moving on|won'?t|will not|skip|ignor)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Discovery + continuation = abandonment. The 'but I'll keep going' clause hides the violation.",
+      "counter_action": "Stop. Fix the discovery in this turn or create a tracked task with the discovery as its description, then resume."
+    },
+    {
+      "trigger": "we should also (fix|address|handle|update|deal with)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'We should also fix' tells the user about a problem you found while volunteering them to fix it.",
+      "counter_action": "If the fix is in your scope, fix it now. If it's truly out of scope, create the task — don't hand it back as a verbal note."
+    },
+    {
+      "trigger": "let me (note|flag)|(?<!please )leaving (this )?for follow.?up|out of scope here",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Verbal flags evaporate when the conversation moves on. Tasks persist.",
+      "counter_action": "Convert the flag into a TaskCreate or Linear save_issue immediately. No flag survives without a tracker ID."
+    },
+    {
+      "trigger": "TODO:?[^a-z0-9]|FIXME:?[^a-z0-9]|XXX:?[^a-z0-9]",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "TODO comments in shipped code are flag-without-fix in source-form. Reviewers can't tell if it's tracked or forgotten.",
+      "counter_action": "Either implement now or reference a task ID inline (e.g., '// TODO(LINEAR-123): ...'). Bare TODOs fail the doctrine."
+    },
+    {
+      "trigger": "latent (bug|issue|defect|problem)|broken[^.]{0,40}continu",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Calling something 'latent' or 'broken' and then continuing is the explicit form of flag-and-move.",
+      "counter_action": "Latent defects in code you're touching get fixed in-flight. The 'I'm just here for X' framing is convenience-seeking."
+    },
+    {
+      "trigger": "(unrelated|separate concern|different (issue|topic|file|module))[^.]{0,60}(fix|address|handle)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'Unrelated' is a frame the user gets to apply, not you. If you found it during your work, it's related to your work.",
+      "counter_action": "Surface the discovery, propose fix-now vs. task-it, let the user decide. Don't pre-decide that it's out of scope."
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aria_asi/cli",
-  "version": "0.2.10",
+  "version": "0.2.11",
   "description": "Aria Smart CLI — the world's first harness-powered terminal companion",
   "bin": {
     "aria": "./bin/aria.js"
@@ -17,7 +17,7 @@
     "url": "git+https://github.com/REI-Nationwide/cowork-sandbox.git"
   },
   "scripts": {
-    "build": "tsc",
+    "build": "tsc && node scripts/bundle-sdk.mjs",
     "prepare": "npm run build",
     "dev": "tsc --watch",
     "publish:all": "bash scripts/publish-all.sh",

package/src/connectors/claude-code.ts

@@ -27,9 +27,28 @@ const HOOK_FILES = [
   'aria-stop-gate.mjs',
   'aria-preprompt-consult.mjs',
 ];
+// Compiled location: <pkg>/dist/aria-connector/src/connectors/claude-code.js
+// (tsc preserves the src/ rooted layout under outDir). From this file:
+//   ..  → src/
+//   ..  → aria-connector/
+//   ..  → dist/
+//   ..  → <pkg>/
+// Hooks ship at <pkg>/hooks/ → 4 ..s + 'hooks'.
+// SDK bundled into <pkg>/dist/sdk/ at build time → 3 ..s + 'sdk'.
+//
+// Prior code used 3 ..s for hooks (landed at <pkg>/dist/hooks — missing)
+// and 2 ..s for SDK (landed at <pkg>/dist/aria-connector/sdk — missing).
+// Latent bug since the dist layout settled at this depth; caught by
+// pre-publish smoke-test on 0.2.11. Per feedback_no_flag_without_fix.md
+// the fix lands in the same turn as the discovery.
 function packageHooksDir(): string {
   const here = path.dirname(fileURLToPath(import.meta.url));
-  return path.resolve(here, '..', '..', '..', 'hooks');
+  return path.resolve(here, '..', '..', '..', '..', 'hooks');
+}
+
+function packageSdkDir(): string {
+  const here = path.dirname(fileURLToPath(import.meta.url));
+  return path.resolve(here, '..', '..', '..', 'sdk');
 }
 
 // Hook wiring for ~/.claude/settings.json. Mirrors what
@@ -128,6 +147,33 @@ function installHooks(claudeDir: string, logs: string[], opts: { force?: boolean
   }
 }
 
+// Install bundled SDK to ~/.claude/aria-sdk/. Hooks dynamic-import from this
+// absolute path, so every fetch (validateOutput, gardenTurn, getHarnessPacket,
+// inject, checkAction) goes through the SDK control plane. Re-running connect
+// idempotently overwrites with the latest bundled version.
+function installSdk(claudeDir: string, logs: string[]): void {
+  const sdkSrc = packageSdkDir();
+  if (!existsSync(sdkSrc)) {
+    logs.push(`⚠ SDK bundle missing: ${sdkSrc} (run npm run build)`);
+    return;
+  }
+  const sdkDst = path.join(claudeDir, 'aria-sdk');
+  if (!existsSync(sdkDst)) {
+    mkdirSync(sdkDst, { recursive: true, mode: 0o700 });
+  }
+  let copied = 0;
+  const fs = require('fs') as typeof import('fs');
+  for (const name of fs.readdirSync(sdkSrc)) {
+    const src = path.join(sdkSrc, name);
+    const stat = fs.statSync(src);
+    if (!stat.isFile()) continue;
+    const dst = path.join(sdkDst, name);
+    copyFileSync(src, dst);
+    copied++;
+  }
+  logs.push(`Installed Aria SDK (${copied} files) → ${sdkDst}`);
+}
+
 function isSamePath(a: string, b: string): boolean {
   try { return path.resolve(a) === path.resolve(b); } catch { return false; }
 }
@@ -254,6 +300,7 @@ export async function connectClaudeCode(
   // what makes the connector a real runtime control plane rather than
   // just a system-prompt addendum.
   installHooks(claudeDir, logs, { force: opts.force });
+  installSdk(claudeDir, logs);
   wireHooksBlock(settings, logs);
   writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + '\n', { mode: 0o600 });