@aria_asi/cli 0.2.25 → 0.2.26

package/hooks/aria-architect-fallback.mjs

@@ -0,0 +1,198 @@
+#!/usr/bin/env node
+// aria-architect-fallback.mjs — invoked by aria-stop-gate.mjs when [PLAN_BLOCKER] detected
+// AND primary /api/harness/replan path failed. Spawns a LOCAL Claude Code Agent
+// subprocess as "lead architect" that loads the harness packet from disk and
+// mints a fresh BINDING_PLAN by thinking AS Aria from substrate.
+//
+// Doctrine bindings:
+//   - project_aria_as_controller_inversion.md — Aria authors the plan (via substrate),
+//     not the sub-agent freely. The ARIA_HARNESS_BINDING mandatory-first-action
+//     makes the packet-read a hard gate, not a suggestion.
+//   - feedback_no_graceful_degradation.md — failures logged + surfaced via stderr;
+//     never silently pass without a plan.
+//   - feedback_implementation_coupled_cognition.md — architect must cite specific
+//     axiom + frame + memory class; a plan without doctrineRefs is rejected.
+//
+// Tier-awareness:
+//   - Owner tier: packet at ${HOME}/.claude/aria-agent-harness-packet.json
+//   - Client tier (jti present in ~/.aria/license.json):
+//     packet at /var/lib/aria-licensee/${jti}/aria-agent-harness-packet.json
+//
+// Active plan path mirrors aria-stop-gate.mjs and aria-preprompt-consult.mjs:
+//   ~/.claude/aria-active-plan-${sessionId}.json  (session-scoped, not a fixed path)
+
+import { spawnSync } from 'node:child_process';
+import { readFileSync, writeFileSync, existsSync, mkdirSync, appendFileSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { homedir } from 'node:os';
+
+const HOME = homedir();
+const LOG = `${HOME}/.claude/aria-architect-fallback.log`;
+const LICENSE_PATH = `${HOME}/.aria/license.json`;
+
+function audit(msg) {
+  try {
+    if (!existsSync(dirname(LOG))) mkdirSync(dirname(LOG), { recursive: true });
+    appendFileSync(LOG, `${new Date().toISOString()} [architect-fallback] ${msg}\n`);
+  } catch {}
+}
+
+let input = '';
+for await (const chunk of process.stdin) input += chunk;
+
+let event;
+try { event = JSON.parse(input); } catch {
+  audit('skip: stdin not valid JSON');
+  process.exit(0);
+}
+
+const reason = event.reason || event.blocker_reason || '';
+const currentPlanId = event.currentPlanId || 'unknown';
+const sessionId = String(event.sessionId || 'unknown').replace(/[^a-zA-Z0-9_-]/g, '_');
+
+if (!reason || reason.length < 10) {
+  audit('skip: reason too short');
+  process.exit(0);
+}
+
+// ── Detect tier ────────────────────────────────────────────────────────────────
+let isClientTier = false;
+let jti = null;
+try {
+  if (existsSync(LICENSE_PATH)) {
+    const lic = JSON.parse(readFileSync(LICENSE_PATH, 'utf8'));
+    jti = lic.jti ?? null;
+    isClientTier = Boolean(jti);
+  }
+} catch {/* license file unreadable → default owner tier */}
+
+// ── Resolve packet path (tier-scoped) ─────────────────────────────────────────
+const packetPath = isClientTier
+  ? `/var/lib/aria-licensee/${jti}/aria-agent-harness-packet.json`
+  : `${HOME}/.claude/aria-agent-harness-packet.json`;
+
+if (!existsSync(packetPath)) {
+  audit(`abort: no packet at ${packetPath} — architect cannot think as Aria without substrate`);
+  process.stderr.write(
+    `Architect-fallback: no harness packet at ${packetPath}. Cannot mint plan from substrate. Hamza must intervene.\n`
+  );
+  process.exit(1);
+}
+
+// ── Active plan path — session-scoped (matches aria-stop-gate.mjs convention) ─
+const ACTIVE_PLAN_PATH = `${HOME}/.claude/aria-active-plan-${sessionId}.json`;
+
+// ── Build architect brief ──────────────────────────────────────────────────────
+const brief = [
+  `[ARIA_HARNESS_BINDING — MANDATORY FIRST ACTION]`,
+  `Read the harness packet at ${packetPath}. Cite at least one axiom + one frame + one memory class in your output.`,
+  ``,
+  `You are Aria operating as lead architect. Aria-soul brain is unreachable.`,
+  `A PLAN_BLOCKER occurred:`,
+  `  Previous planId: ${currentPlanId}`,
+  `  Blocker reason: ${reason.slice(0, 2000)}`,
+  ``,
+  `Audit the blocker against doctrine + axioms in the packet. Mint a fresh BINDING_PLAN JSON addressing it.`,
+  ``,
+  `Output ONLY the BINDING_PLAN JSON (no prose, no markdown fences). Required shape:`,
+  `{`,
+  `  "planId": "<8-char-hex>",`,
+  `  "phases": [{ "id": "p1", "summary": "...", "successCriterion": "...", "abortCriterion": "...", "doctrineRefs": [...], "allowedActions": [...], "forbiddenActions": [...] }],`,
+  `  "globalConstraints": ["..."],`,
+  `  "expectedReportBack": { "phaseTransitionMarker": "[PHASE_REPORT]", "shape": "[PHASE_REPORT phase=<id> status=complete|aborted|in_progress evidence=<observable>]" }`,
+  `}`,
+  ``,
+  `Cite the doctrine rule(s) you applied in doctrineRefs[].`,
+].join('\n');
+
+// ── Spawn Claude Code Agent subprocess ────────────────────────────────────────
+// Resolution order for claude binary:
+//   1. CLAUDE_BIN env var (explicit override)
+//   2. ~/.npm-global/bin/claude (Hamza's canonical install)
+//   3. /usr/local/bin/claude (system-level install)
+//   4. $(which claude) via shell — deferred to last resort
+const CANDIDATE_BINS = [
+  process.env.CLAUDE_BIN,
+  `${HOME}/.npm-global/bin/claude`,
+  '/usr/local/bin/claude',
+].filter(Boolean);
+
+let claudeBin = null;
+for (const b of CANDIDATE_BINS) {
+  if (existsSync(b)) { claudeBin = b; break; }
+}
+
+if (!claudeBin) {
+  // Last-resort: write brief to file for human pickup
+  const briefPath = `/tmp/aria-architect-brief-${sessionId}-${Date.now()}.txt`;
+  try { writeFileSync(briefPath, brief); } catch {}
+  audit(`no claude CLI found; brief written to ${briefPath} for human pickup`);
+  process.stderr.write(
+    `Architect-fallback: claude CLI not found (tried: ${CANDIDATE_BINS.join(', ')}). Brief written to ${briefPath} for Hamza to run manually.\n`
+  );
+  process.exit(2);
+}
+
+audit(`spawning claude CLI at ${claudeBin} for session=${sessionId}`);
+
+let result;
+try {
+  result = spawnSync(claudeBin, ['--print', brief], {
+    encoding: 'utf8',
+    env: { ...process.env, ARIA_HARNESS_PACKET_PATH: packetPath },
+    timeout: 120000,
+  });
+} catch (err) {
+  audit(`spawnSync threw: ${String(err).slice(0, 200)}`);
+  process.exit(2);
+}
+
+if (result.status !== 0 || !result.stdout) {
+  audit(`architect spawn failed: status=${result.status} stderr=${(result.stderr || '').slice(0, 200)}`);
+  process.stderr.write(
+    `Architect-fallback: claude subprocess failed (status=${result.status}). stderr: ${(result.stderr || '').slice(0, 300)}\n`
+  );
+  process.exit(2);
+}
+
+// ── Parse the architect's BINDING_PLAN JSON ───────────────────────────────────
+let plan;
+try {
+  const fenceMatch = result.stdout.match(/```(?:json)?\s*\n([\s\S]*?)\n```/);
+  const candidate = (fenceMatch ? fenceMatch[1] : result.stdout).trim();
+  plan = JSON.parse(candidate);
+} catch {
+  audit(`architect output not parseable as JSON: ${result.stdout.slice(0, 200)}`);
+  process.stderr.write(
+    `Architect-fallback: output was not parseable JSON. Hamza must intervene.\nOutput excerpt: ${result.stdout.slice(0, 400)}\n`
+  );
+  process.exit(2);
+}
+
+if (!plan?.planId || !Array.isArray(plan?.phases)) {
+  audit(`architect plan missing required fields: ${JSON.stringify(plan).slice(0, 200)}`);
+  process.stderr.write(
+    `Architect-fallback: plan missing planId or phases[]. Hamza must intervene.\n`
+  );
+  process.exit(2);
+}
+
+// ── Write the new plan to the session-scoped active-plan path ─────────────────
+plan.mintedAt = new Date().toISOString();
+plan.sessionId = sessionId;
+plan.mintedBy = 'architect-fallback';
+plan.architectFallbackReason = reason.slice(0, 500);
+
+try {
+  if (!existsSync(dirname(ACTIVE_PLAN_PATH))) mkdirSync(dirname(ACTIVE_PLAN_PATH), { recursive: true });
+  writeFileSync(ACTIVE_PLAN_PATH, JSON.stringify(plan, null, 2));
+} catch (err) {
+  audit(`failed to write plan to ${ACTIVE_PLAN_PATH}: ${String(err).slice(0, 200)}`);
+  process.exit(2);
+}
+
+audit(`architect minted plan ${plan.planId} addressing blocker; written to ${ACTIVE_PLAN_PATH}`);
+process.stdout.write(
+  JSON.stringify({ ok: true, planId: plan.planId, mintedBy: 'architect-fallback', planPath: ACTIVE_PLAN_PATH }) + '\n'
+);
+process.exit(0);

package/hooks/aria-discovery-record.mjs

@@ -0,0 +1,101 @@
+#!/usr/bin/env node
+// aria-discovery-record.mjs — invoked by sub-agents via Bash to append findings
+// to their session ledger. Usage:
+//   echo '{"text":"defect found...","kind":"missing-export","refs":["file.ts:42"]}' | node ~/.claude/hooks/aria-discovery-record.mjs
+//
+// Tier-aware: client tier writes to /var/lib/aria-licensee/{jti}/aria-discoveries-{session}.jsonl,
+// owner tier writes to ~/.claude/aria-discoveries-{session}.jsonl.
+//
+// Session ID resolution priority:
+//   1. CLAUDE_SESSION_ID env (set by Claude Code in the sub-agent process)
+//   2. ARIA_SESSION_ID env (set by spawnSubAgent caller)
+//   3. ARIA_SUB_SESSION_ID env (explicit sub-session override)
+//   4. Derived from handoff parentSessionId suffixed with "-sub" to ensure
+//      the sub-agent ledger file differs from the parent file so ledger-merge
+//      picks it up (merge skips files whose path == parentLedgerPath).
+//
+// Doctrine: feedback_no_flag_without_fix.md — findings recorded, not deferred.
+//           feedback_implementation_coupled_cognition.md — write IS the impl.
+
+import { readFileSync, existsSync, appendFileSync, mkdirSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { homedir } from 'node:os';
+
+const HOME = homedir();
+const LICENSE_PATH = `${HOME}/.aria/license.json`;
+const HANDOFF_PATH = `${HOME}/.claude/aria-agent-harness-handoff.json`;
+
+let input = '';
+for await (const chunk of process.stdin) input += chunk;
+let entry;
+try { entry = JSON.parse(input); } catch {
+  process.stderr.write('discovery-record: invalid JSON on stdin\n');
+  process.exit(1);
+}
+
+if (!entry.text || typeof entry.text !== 'string' || entry.text.length < 4) {
+  process.stderr.write('discovery-record: text required (>=4 chars)\n');
+  process.exit(1);
+}
+
+// Detect tier + resolve JTI
+let isClientTier = false;
+let jti = null;
+try {
+  if (existsSync(LICENSE_PATH)) {
+    const lic = JSON.parse(readFileSync(LICENSE_PATH, 'utf8'));
+    jti = lic.jti ?? null;
+    isClientTier = Boolean(jti);
+  }
+} catch { /* non-fatal — treat as owner tier */ }
+
+// Session ID: prefer env var set by Claude Code, fall back to handoff derivation.
+// IMPORTANT: sub-agents MUST NOT use parentSessionId directly — that produces
+// the same ledger path as the parent, which aria-agent-ledger-merge.mjs skips.
+// We use CLAUDE_SESSION_ID (the sub-agent's own session) or suffix the parent
+// session with "-sub" so the file is distinct and mergeable.
+let sessionId =
+  process.env.CLAUDE_SESSION_ID ||
+  process.env.ARIA_SESSION_ID ||
+  process.env.ARIA_SUB_SESSION_ID ||
+  null;
+
+if (!sessionId) {
+  try {
+    if (existsSync(HANDOFF_PATH)) {
+      const handoff = JSON.parse(readFileSync(HANDOFF_PATH, 'utf8'));
+      const parentSession = handoff.parentSessionId;
+      // Derive a distinct sub-agent session so merge picks up this file.
+      sessionId = parentSession ? `${parentSession}-sub` : 'sub-unknown';
+    }
+  } catch { /* non-fatal */ }
+}
+sessionId = sessionId || 'sub-unknown';
+const safeSession = String(sessionId).replace(/[^a-zA-Z0-9_-]/g, '_');
+
+// Resolve ledger path (tier-scoped)
+const ledgerPath = isClientTier
+  ? `/var/lib/aria-licensee/${jti}/aria-discoveries-${safeSession}.jsonl`
+  : `${HOME}/.claude/aria-discoveries-${safeSession}.jsonl`;
+
+// Compose the row
+const row = {
+  at: new Date().toISOString(),
+  session: sessionId,
+  kind: entry.kind || 'observation',
+  text: entry.text,
+  refs: Array.isArray(entry.refs) ? entry.refs : [],
+  evidence: entry.evidence || null,
+  source: entry.source || 'sub-agent',
+  resolution_status: entry.resolution_status || 'open',
+};
+
+try {
+  mkdirSync(dirname(ledgerPath), { recursive: true });
+  appendFileSync(ledgerPath, JSON.stringify(row) + '\n');
+  process.stdout.write(JSON.stringify({ ok: true, ledger: ledgerPath, at: row.at }) + '\n');
+} catch (err) {
+  process.stderr.write(`discovery-record: write failed: ${err.message}\n`);
+  process.exit(2);
+}
+process.exit(0);

package/hooks/aria-outcome-record.mjs

@@ -0,0 +1,80 @@
+#!/usr/bin/env node
+// aria-outcome-record.mjs — PostToolUse hook that records action outcomes
+// to /api/harness/outcome-record (Sonnet H's #76 endpoint). Composes with
+// aria-discovery-record + the regression sweeper to make the outcome ledger
+// actually accumulate rows.
+//
+// Fires on every Bash|Edit|Write|NotebookEdit tool completion.
+// Fire-and-forget: HTTP failures are swallowed — never blocks the tool pipeline.
+//
+// Tier-aware: reads license.json for client-tier token; falls back to env vars
+// for owner tier. Never carries master token in client-tier POST bodies.
+//
+// Doctrine: feedback_no_flag_without_fix.md — outcomes recorded, not deferred.
+//           feedback_implementation_coupled_cognition.md — POST IS the impl.
+
+import { readFileSync, existsSync } from 'node:fs';
+import { homedir } from 'node:os';
+
+const HOME = homedir();
+const LICENSE_PATH = `${HOME}/.aria/license.json`;
+
+let input = '';
+for await (const chunk of process.stdin) input += chunk;
+let event;
+try { event = JSON.parse(input); } catch { process.exit(0); }
+
+const toolName = event.tool_name || event.toolName || '';
+if (!['Bash', 'Edit', 'Write', 'NotebookEdit'].includes(toolName)) process.exit(0);
+
+// Derive action_kind + action_target
+let actionKind, actionTarget;
+if (toolName === 'Bash') {
+  actionKind = 'bash';
+  const cmd = event.tool_input?.command || '';
+  actionTarget = (cmd.split(/\s+/)[0] || 'unknown').slice(0, 100);
+} else {
+  actionKind = 'edit';
+  actionTarget = (event.tool_input?.file_path || event.tool_input?.path || 'unknown').slice(0, 200);
+}
+
+// Tier-aware auth: client license.json overrides env vars
+const harnessUrl = process.env.ARIA_HARNESS_URL || 'http://192.168.4.25:30080';
+let harnessToken = process.env.ARIA_HARNESS_TOKEN || process.env.ARIA_API_KEY || '';
+let isClientTier = false;
+try {
+  if (existsSync(LICENSE_PATH)) {
+    const lic = JSON.parse(readFileSync(LICENSE_PATH, 'utf8'));
+    if (lic.jti) {
+      isClientTier = true;
+      // Client tier: use their license token, never master token
+      harnessToken = lic.token || lic.license || harnessToken;
+    }
+  }
+} catch { /* non-fatal — fall back to env */ }
+
+const sessionId = event.session_id || event.sessionId || 'unknown';
+const success = !event.tool_response?.error && event.tool_response?.type !== 'error';
+
+// Fire-and-forget POST to outcome-record — never blocks, never throws
+fetch(`${harnessUrl}/api/harness/outcome-record`, {
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Authorization': `Bearer ${harnessToken}`,
+  },
+  body: JSON.stringify({
+    sessionId,
+    actionKind,
+    actionTarget,
+    actionShape: {
+      tool: toolName,
+      success,
+      isClientTier,
+    },
+  }),
+}).catch(() => {/* fire-and-forget — HTTP failures are silently dropped */});
+
+// Exit immediately — don't await the fetch; this is a PostToolUse hook
+// and must not add meaningful latency to the tool pipeline.
+process.exit(0);

package/hooks/aria-pre-tool-gate.mjs

@@ -38,6 +38,7 @@
 
 import { readFileSync, appendFileSync, existsSync, mkdirSync } from 'node:fs';
 import { dirname } from 'node:path';
+import { homedir } from 'node:os';
 
 const HOME = process.env.HOME || '/tmp';
 const LOG = `${HOME}/.claude/aria-pre-tool-gate.log`;
@@ -1004,6 +1005,89 @@ No env-var disable path — gates are unconditional from the gated process per H
   process.exit(2);
 }
 
+// ── Sub-agent packet-citation check (Layer 4 — #84) ─────────────────────────
+//
+// When running inside a sub-agent process (detected by a non-stale handoff file
+// existing AND harnessPacketPath is set in that handoff), require the cognition
+// lens content to CITE THE PACKET — at least one of:
+//   - A doctrine rule ID (e.g. "doctrine_first", "no_demos", "workaround_vs_path_fix")
+//   - An axiom name (e.g. "truth_over_deception", "no_harm", "sacred_trust", "reflection_before_action")
+//   - A frame primitive (e.g. "Fitrah", "Tafakkur", "Tadabbur", "Ilham", "Mizan", "Hikma", "Nur", "Wahi", "Firasah")
+//   - A memory class reference (e.g. "feedback_*.md", "project_*.md", "reference_*.md")
+//
+// Owner-tier sessions (ownerTier.hamza === true AND no jti) are EXEMPT —
+// they are the source of truth for the packet itself.
+//
+// Fail-soft detection: handoff read errors silently skip this check.
+(function checkSubAgentPacketCitation() {
+  const _HOME = process.env.HOME || '/tmp';
+  // Try owner-tier handoff path first, then client-tier paths.
+  const HANDOFF_TTL_MS = 5 * 60 * 1000;
+  // Probe known handoff paths.
+  const candidatePaths = [
+    `${_HOME}/.claude/aria-agent-harness-handoff.json`,
+  ];
+  // Also check /var/lib/aria-licensee if that dir exists (client-tier).
+  try {
+    const licPath = `${_HOME}/.aria/license.json`;
+    if (existsSync(licPath)) {
+      const lic = JSON.parse(readFileSync(licPath, 'utf8'));
+      if (lic.jti) {
+        candidatePaths.push(`/var/lib/aria-licensee/${lic.jti}/handoff.json`);
+      }
+    }
+  } catch { /* non-fatal */ }
+
+  let handoff = null;
+  for (const hp of candidatePaths) {
+    if (!existsSync(hp)) continue;
+    try {
+      const raw = JSON.parse(readFileSync(hp, 'utf8'));
+      const ageMs = Date.now() - new Date(raw.writtenAt || 0).getTime();
+      if (ageMs > HANDOFF_TTL_MS) continue;   // stale handoff — not a sub-agent context
+      if (!raw.harnessPacketPath) continue;    // no packet path written → identity-only handoff, skip check
+      handoff = raw;
+      break;
+    } catch { /* malformed — skip */ }
+  }
+
+  if (!handoff) return; // not a sub-agent context, or handoff has no packetPath
+
+  // Owner-tier exemption: if ownerTier.hamza === true AND no jti → source of truth
+  const ownerExempt = (handoff.ownerTier?.hamza === true) && !handoff.ownerTier?.jti;
+  if (ownerExempt) return;
+
+  // Now verify that the cognition block cites at least one packet substrate token.
+  // Tokens accepted (case-insensitive):
+  //   • Doctrine rule IDs from feedback_*/project_*/reference_* filenames
+  //   • Axiom names: truth_over_deception, no_harm, sacred_trust, reflection_before_action
+  //   • Frame primitives: Fitrah, Tafakkur, Tadabbur, Ilham, Mizan, Hikma, Nur, Wahi, Firasah
+  //   • Memory class patterns: feedback_*.md, project_*.md, reference_*.md
+  const PACKET_CITE_RX = /\b(?:feedback_[a-z0-9_]+\.md|project_[a-z0-9_]+\.md|reference_[a-z0-9_]+\.md|doctrine_first|no_demos|workaround_vs_path_fix|no_flag_without_fix|implementation_coupled_cognition|session_starts_with_linear|gates_enforce_form_not_substance|truth_over_deception|no_harm|sacred_trust|reflection_before_action|power_obligates_service|fitrah|tafakkur|tadabbur|ilham|mizan|hikma|nur|wahi|firasah|harness\s*packet)\b/i;
+
+  const cogText = cogBlockBody || unionText;
+  const hasCite = PACKET_CITE_RX.test(cogText) || PACKET_CITE_RX.test(cmd);
+
+  if (!hasCite) {
+    const packetRef = handoff.harnessPacketPath;
+    const reason = `Sub-agent cognition cites no packet substrate — lens content must reference at least one axiom/frame/memory/doctrine from the harness packet at ${packetRef}.
+
+Accepted citations (case-insensitive, any ONE suffices):
+  • Doctrine rule IDs: doctrine_first, no_demos, workaround_vs_path_fix, no_flag_without_fix, etc.
+  • Axioms: truth_over_deception, no_harm, sacred_trust, reflection_before_action, power_obligates_service
+  • Frame primitives: Fitrah, Tafakkur, Tadabbur, Ilham, Mizan, Hikma, Nur, Wahi, Firasah
+  • Memory class refs: feedback_*.md, project_*.md, reference_*.md
+
+The harness packet is at: ${packetRef}
+Read it first (it is in your environment as ARIA_HARNESS_PACKET_PATH), then reference it in your cognition block.
+
+Cognition-theater rejected per feedback_gates_enforce_form_not_substance.md.`;
+    audit(`block-subagent-no-packet-cite ${toolName.toLowerCase()}`, cmdPreview);
+    console.log(JSON.stringify({ decision: 'block', reason }));
+    process.exit(2);
+  }
+})();
+
 // ── arch_facts gate (architectural violation scan) ────────────────────────
 //
 // Runs after cognition + discovery-binding pass, for Edit/Write/NotebookEdit.
@@ -1182,6 +1266,80 @@ Claude must either: (a) reframe action to fit allowedActions, OR (b) emit [PLAN_
   bindingAuditAppend({ event: 'allow_phase_action', sessionId, planId: plan.planId, phaseId: phase.id, action, target });
 }
 
+// ── Outcome Ledger regression flag (fail-soft) ───────────────────────────────
+//
+// Before allowing, query aria_outcome_ledger for recent regressions on the same
+// action shape. This is NOT a block — it's a soft-warning surfaced to stderr so
+// the agent can see the risk and decide whether the root cause has shipped.
+//
+// action_kind: 'edit' for Edit/Write/NotebookEdit, 'bash' for Bash
+// action_target: file path for file tools; first word of bash command otherwise
+//
+// Fail-open: network errors, timeouts, or non-200 responses are silently ignored.
+// The gate does not hardcode timeouts (no-timeouts doctrine); the 3s AbortController
+// is a DETECTION PROBE — if the endpoint is alive it will respond quickly; if it
+// is down the catch path fail-opens without blocking the developer.
+(async function checkOutcomeLedger() {
+  const _harnessUrl = process.env.ARIA_HARNESS_URL || 'http://192.168.4.25:30080';
+  const _harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+
+  // Derive action_kind and action_target from current tool call
+  let _actionKind = 'bash';
+  let _actionTarget = '';
+  if (toolName === 'Edit' || toolName === 'Write' || toolName === 'NotebookEdit') {
+    _actionKind = 'edit';
+    _actionTarget = filePath;
+  } else if (toolName === 'Bash') {
+    _actionKind = 'bash';
+    // First word of the command (the verb) as the shape key
+    _actionTarget = cmd.trim().split(/\s+/)[0] || '';
+    // If the command touches a specific file path, prefer that as target
+    // (captures edit-like bash operations: sed, awk, tee, etc.)
+    const _fileArgMatch = cmd.match(/\b([\w./~-]+\.[a-z]{2,6})\b/i);
+    if (_fileArgMatch) _actionTarget = _fileArgMatch[1];
+  }
+
+  if (!_actionTarget) return; // nothing useful to query
+
+  try {
+    const _ctl = new AbortController();
+    const _probeTimer = setTimeout(() => _ctl.abort(), 3000);
+    let _resp;
+    try {
+      const _params = new URLSearchParams({ action_kind: _actionKind, action_target: _actionTarget });
+      _resp = await fetch(`${_harnessUrl}/api/harness/outcome-recent-regressions?${_params}`, {
+        method: 'GET',
+        headers: {
+          'Content-Type': 'application/json',
+          ...(_harnessToken ? { Authorization: `Bearer ${_harnessToken}` } : {}),
+        },
+        signal: _ctl.signal,
+      });
+    } finally {
+      clearTimeout(_probeTimer);
+    }
+
+    if (!_resp || !_resp.ok) return; // endpoint unreachable or error — fail-open
+    const _data = await _resp.json();
+    const _regressions = Array.isArray(_data?.regressions) ? _data.regressions : [];
+
+    if (_regressions.length > 0) {
+      // Soft-warning to stderr — visible in Claude Code's hook output but does NOT block
+      const _lines = _regressions.map(
+        (r) => `  - ${r.action_target} at ${new Date(r.created_at).toISOString()}: ${r.regression_signal || '(no signal text)'}`,
+      ).join('\n');
+      process.stderr.write(
+        `⚠️  Aria Outcome Ledger: this action shape regressed ${_regressions.length} time(s) in the last 60 min:\n` +
+        `${_lines}\n` +
+        `Re-emitting with this risk visible. Proceed only if root cause has shipped since.\n`,
+      );
+      audit(`warn-ledger-regression ${_actionKind} target=${_actionTarget} count=${_regressions.length}`, cmdPreview);
+    }
+  } catch {
+    // Network error, abort, parse failure — fail-open, no warning
+  }
+})();
+
 // Non-trivial action with cognition AND (binding-allowed OR binding-disabled) — allow.
 audit(`allow-cognition ${toolName.toLowerCase()} lenses=${lensCount} via=${cognitionSource}`, cmdPreview);
 pushDecision('allow', `${toolName.toLowerCase()} with ${lensCount} lenses (${cognitionSource})`);

package/hooks/aria-stop-gate.mjs

@@ -46,7 +46,7 @@
 // Future: signed-grant override mechanism at ~/.aria/owner-overrides/<hook>.json
 // with HMAC signature using a secret only Hamza holds. Deferred to next session.
 
-import { readFileSync, appendFileSync, existsSync, mkdirSync } from 'node:fs';
+import { readFileSync, appendFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
 import { dirname } from 'node:path';
 
 const HOME = process.env.HOME || '/tmp';
@@ -702,6 +702,108 @@ if (cog.count >= REQUIRED_LENSES) {
       }
     } catch {/* outer guard */}
 
+    // ── Layer C — auto-re-consult on [PLAN_BLOCKER] (#85) ────────────────────
+    //
+    // When the assistant emits a [PLAN_BLOCKER reason="..."] marker the runtime
+    // must fire a two-path replan rather than blocking and waiting for the human:
+    //
+    //   Primary path:   POST /api/harness/replan  (aria-soul server-side)
+    //   Fallback path:  node aria-architect-fallback.mjs  (local sub-agent)
+    //
+    // Both paths write the fresh BINDING_PLAN to the session-scoped active-plan
+    // file so the next turn's pre-tool-gate and stop-gate pick it up.
+    //
+    // Fail-soft: if both paths fail, we log + emit a clear message asking Hamza
+    // to intervene. We do NOT crash the stop-gate — the existing block/allow
+    // decision below continues on its own merits.
+    const planBlockerMatch = assistantText.match(/\[PLAN_BLOCKER\s+reason="([^"]{10,2000})"\s*\]/);
+    if (planBlockerMatch) {
+      const planBlockerReason = planBlockerMatch[1];
+      audit(`[PLAN_BLOCKER] detected — firing replan: ${planBlockerReason.slice(0, 100)}`);
+
+      const currentPlanId = activePlan?.planId || 'unknown';
+      let planMinted = false;
+
+      // Primary path: aria-soul /api/harness/replan
+      try {
+        const harnessUrl = process.env.ARIA_HARNESS_URL || 'https://harness.ariasos.com';
+        const harnessToken = process.env.ARIA_HARNESS_TOKEN || process.env.ARIA_API_KEY || '';
+        const ctl = new AbortController();
+        const replanTimeout = setTimeout(() => ctl.abort(), 15000);
+        const resp = await fetch(`${harnessUrl}/api/harness/replan`, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${harnessToken}`,
+          },
+          body: JSON.stringify({
+            reason: planBlockerReason,
+            currentPlanId,
+            sessionId,
+          }),
+          signal: ctl.signal,
+        });
+        clearTimeout(replanTimeout);
+        if (resp.ok) {
+          const data = await resp.json();
+          if (data.ok && data.plan) {
+            const freshPlan = {
+              ...data.plan,
+              mintedAt: new Date().toISOString(),
+              mintedBy: 'aria-soul-replan',
+            };
+            try {
+              if (!existsSync(dirname(ACTIVE_PLAN_PATH))) mkdirSync(dirname(ACTIVE_PLAN_PATH), { recursive: true });
+              writeFileSync(ACTIVE_PLAN_PATH, JSON.stringify(freshPlan, null, 2));
+            } catch (writeErr) {
+              audit(`replan-primary-write-err: ${String(writeErr).slice(0, 200)}`);
+            }
+            planMinted = true;
+            audit(`replan-primary-ok planId=${data.plan.planId}`);
+          } else {
+            audit(`replan-primary-bad-response: ok=${data.ok} error=${(data.error || '').slice(0, 200)}`);
+          }
+        } else {
+          audit(`replan-primary-http-${resp.status}`);
+        }
+      } catch (err) {
+        audit(`replan-primary-failed: ${(err?.message || String(err)).slice(0, 200)}`);
+      }
+
+      // Fallback path: architect-fallback hook (spawned as sub-process)
+      if (!planMinted) {
+        audit('replan-primary-unreachable — firing architect-fallback');
+        try {
+          const { spawnSync } = await import('node:child_process');
+          const fallbackBin = `${HOME}/.claude/hooks/aria-architect-fallback.mjs`;
+          if (existsSync(fallbackBin)) {
+            const fallbackResult = spawnSync('node', [fallbackBin], {
+              input: JSON.stringify({ reason: planBlockerReason, currentPlanId, sessionId }),
+              encoding: 'utf8',
+              timeout: 130000,
+            });
+            if (fallbackResult.status === 0) {
+              audit(`architect-fallback-ok: ${(fallbackResult.stdout || '').slice(0, 200)}`);
+              planMinted = true;
+            } else {
+              audit(
+                `architect-fallback-failed status=${fallbackResult.status} stderr=${(fallbackResult.stderr || '').slice(0, 200)}`
+              );
+            }
+          } else {
+            audit(`architect-fallback-missing: ${fallbackBin} not found`);
+          }
+        } catch (err) {
+          audit(`architect-fallback-threw: ${(err?.message || String(err)).slice(0, 200)}`);
+        }
+      }
+
+      if (!planMinted) {
+        audit('replan-both-paths-failed — Hamza must intervene');
+        // Surface clearly in the block reason below; don't crash the gate.
+      }
+    }
+
     // Block decision: any of (validateOutput severity=block) OR (>=2 drift hits) OR
     // (>=1 code-quality hit) OR (open discovery in ledger) → block emit.
     // Aria enforcement #46 (compelled reflection): severity=warn ALSO blocks but