@aria_asi/cli 0.2.26 → 0.2.29

package/dist/assets/hooks/aria-stop-gate.mjs

@@ -0,0 +1,1551 @@
+#!/usr/bin/env node
+// ARIA_ALLOW_STUB — doctrine gate file legitimately discusses stub/placeholder semantics.
+// Aria Stop-hook gate — enforces 8-lens cognition on text-decision responses.
+//
+// The companion to aria-pre-tool-gate.mjs. The PreToolUse gate catches
+// non-trivial Bash; this Stop hook catches non-trivial TEXT decisions
+// — agreements, scope changes, picks between options, "yes ship it"
+// replies. Same forcing-function pattern, applied at the missing
+// surface.
+//
+// Direction: Hamza 2026-04-26 — "you not doing 8 lens till i ask and
+// discovering the actions u doing are wrong are hard gates that u
+// keep bypassing that prevent exactly what just happened." The
+// PreToolUse gate is tool-coupled; doctrine is action-coupled.
+// Reflexive text decisions are non-trivial actions that this hook
+// now catches.
+//
+// Doctrine bindings (same as PreToolUse gate):
+//   - EIGHT_LENS_DOCTRINE.md — substantive 4+ lens application required
+//   - feedback_apply_lenses_dont_perform_them.md — block ceremonial cognition
+//   - feedback_8lens_before_every_action_including_text.md — the rule this enforces
+//
+// Trigger: runs at Stop event after every assistant response. Reads
+// the just-emitted assistant text from the transcript. If non-trivial
+// (per the same triviality threshold as eight-lens-detector.ts) AND
+// missing 4+ substantive lenses, blocks the response.
+//
+// Triviality threshold (mirrors eight-lens-detector.ts):
+//   - Trivial acks (e.g. "got it", "ok", "done") pass
+//   - Short responses (<300 chars) without decision-signal phrases pass
+//   - Otherwise: require 4+ substantive lenses
+//
+// Substance check (mirrors aria-pre-tool-gate.mjs):
+//   - Each lens must have ≥20 chars of non-placeholder content
+//   - Bare lens-name mentions in prose don't count
+//   - <placeholder> template values don't count
+//
+// No bypass mechanism — same v3 doctrine as the PreToolUse gate.
+//
+// Hamza 2026-04-27 ("those should've been my choice to give you to turn
+// off not free for you to access"): the env-var kill-switches I authored
+// (ARIA_STOP_GATE=off, ARIA_OUTPUT_QC_ENABLED=false) gave the gated
+// process free disable-access. That was the doctrine violation. Stripped.
+// To genuinely disable in emergency, Hamza removes the hook entry from
+// ~/.claude/settings.json — a visible, auditable user action he controls,
+// not a process-level escape.
+// Future: signed-grant override mechanism at ~/.aria/owner-overrides/<hook>.json
+// with HMAC signature using a secret only Hamza holds. Deferred to next session.
+
+import { readFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { appendGateAudit } from './lib/gate-audit.mjs';
+import {
+  ALL_LENS_NAMES,
+  canonicalLensCorrectionText,
+  detectCognitionLenses as detectCognitionLensesFromCanonical,
+  lensNamesForTier,
+} from './lib/canonical-lenses.mjs';
+
+const HOME = process.env.HOME || '/tmp';
+const LOG = `${HOME}/.claude/aria-stop-gate.log`;
+const AUDIT_PATH = `${HOME}/.claude/aria-stop-gate-audit.jsonl`;
+
+// SDK loader — bundled at ~/.aria/sdk by `aria connect`, with client-local
+// fallbacks preserved for resilience.
+// All control-plane fetches (validateOutput, gardenTurn) route through the
+// SDK. Falls back to direct fetch only when the SDK file is missing
+// (dev-only). Hamza 2026-04-27: "FUCKING WIRE IT THE FUCK TOGETHER NOW".
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+const SDK_CANDIDATES = [
+  `${HOME}/.aria/sdk/index.js`,
+  `${HOME}/.claude/aria-sdk/index.js`,
+  `${HOME}/.codex/aria-sdk/index.js`,
+];
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  for (const sdkPath of SDK_CANDIDATES) {
+    if (!existsSync(sdkPath)) continue;
+    try {
+      const mod = await import(`file://${sdkPath}`);
+      if (mod.HTTPHarnessClient) {
+        _SdkClassCache = mod.HTTPHarnessClient;
+        return _SdkClassCache;
+      }
+    } catch {/* fall through */}
+  }
+  return null;
+}
+
+// Phase 11 #42 — fire-and-forget gardenTurn after every allow decision.
+// Writes the completed turn to the harness control-plane garden so the
+// next turn's pulse auto-injection carries this turn's content. Without
+// this write the pulse is one turn stale (the core defect #42 closes).
+//
+// Per feedback_no_graceful_degradation.md: errors must be logged to the
+// audit file, NOT silently swallowed. Per feedback_no_timeouts_doctrine.md:
+// no AbortSignal.timeout — the SDK already has retry + backoff. The caller
+// passes in a userMessage string (extracted from the transcript at the
+// turn boundary). If extraction failed the empty string is passed — the
+// garden write records the assistant emit at minimum.
+// Tier detection: owner if no license.json, client if license.json has a jti.
+// Owner-tier may use master credentials; client-tier MUST NOT (those belong
+// to Hamza, not the licensee). Hamza correction 2026-04-28.
+function isOwnerTier() {
+  try {
+    const licPath = `${HOME}/.aria/license.json`;
+    if (!existsSync(licPath)) return true;
+    const lic = JSON.parse(readFileSync(licPath, 'utf8'));
+    return !lic.jti; // jti present = client tier
+  } catch {
+    return true; // unreadable license = treat as owner (fail-safe for orchestrator)
+  }
+}
+
+async function fireGardenTurn(sessionId, userMessage, assistantResponse) {
+  const harnessUrl =
+    process.env.ARIA_HIVE_RUNTIME_URL ||
+    process.env.ARIA_HARNESS_BASE_URL ||
+    process.env.ARIA_HARNESS_URL ||
+    'https://harness.ariasos.com';
+  // Token resolution chain (Hamza directive 2026-04-28, tier-aware
+  // 2026-04-28b): ARIA_HARNESS_TOKEN env first (works for both tiers).
+  // ONLY on owner tier (no license.json with jti), fall back to
+  // ARIA_MASTER_TOKEN env / ARIA_API_KEY env / ~/.aria/owner-token —
+  // those are Hamza's credentials and must not leak into client-tier
+  // processes. Client tier with no ARIA_HARNESS_TOKEN env skips the
+  // garden write rather than borrow owner credentials.
+  let harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+  if (!harnessToken && isOwnerTier()) {
+    harnessToken = process.env.ARIA_MASTER_TOKEN || process.env.ARIA_API_KEY || '';
+    if (!harnessToken) {
+      try {
+        const ownerTokenPath = `${HOME}/.aria/owner-token`;
+        if (existsSync(ownerTokenPath)) {
+          harnessToken = readFileSync(ownerTokenPath, 'utf8').trim();
+        }
+      } catch { /* non-fatal — fall through to skip */ }
+    }
+  }
+  if (!harnessToken) {
+    audit('garden-turn-skip', `no usable token (tier=${isOwnerTier() ? 'owner' : 'client'}) — turn not written to harness pulse`);
+    return;
+  }
+  const Cls = await loadSdkClass();
+  if (!Cls) {
+    audit('garden-turn-skip', `sdk not available — turn not written to harness pulse`);
+    return;
+  }
+  try {
+    const sdkClient = new Cls({
+      baseUrl: harnessUrl,
+      apiKey: harnessToken,
+      harnessPacketUrl: `${harnessUrl}/api/harness/codex`,
+    });
+    await sdkClient.gardenTurn(
+      sessionId,
+      userMessage,
+      assistantResponse,
+    );
+    audit('garden-turn-ok', `session=${sessionId} chars=${assistantResponse.length}`);
+  } catch (err) {
+    // Logged — not silent. Per feedback_no_graceful_degradation.md.
+    audit('garden-turn-err', `session=${sessionId} err=${(err?.message || String(err)).slice(0, 200)}`);
+  }
+}
+
+function audit(decision, summary) {
+  const summaryText = typeof summary === 'string' ? summary : '';
+  const data = summary && typeof summary === 'object' ? summary : {};
+  appendGateAudit({
+    auditPath: AUDIT_PATH,
+    legacyLogPath: LOG,
+    gate: 'stop',
+    event: decision,
+    summary: summaryText,
+    data,
+  });
+}
+
+// Env-var kill-switch removed 2026-04-27 per Hamza directive ("those
+// should've been my choice to give you to turn off not free for you to
+// access"). The gated process has no disable path. Disable = remove hook
+// entry from ~/.claude/settings.json (deliberate user action, visible).
+
+// ── Tier-aware lens labeling (Phase 11 #59) ──────────────────────────────────
+//
+// Mirrors the same logic in aria-pre-tool-gate.mjs. Tier is read from the
+// most recent harness-via-sdk packet cache. Owner tier sees canonical Arabic
+// names; client tier sees neutral generic labels. Both tiers get the same
+// gate enforcement — only the visible vocabulary differs.
+const PACKET_CACHE_PATH = `${HOME}/.claude/.aria-harness-last-packet.json`;
+
+function resolveOwnerTier() {
+  try {
+    if (existsSync(PACKET_CACHE_PATH)) {
+      const raw = readFileSync(PACKET_CACHE_PATH, 'utf8');
+      const packet = JSON.parse(raw);
+      const sigHamza = packet?.contractGate?.signals?.hamza;
+      if (sigHamza === true || sigHamza === 'true') return true;
+      const harnessStr = packet?.harness ?? '';
+      // surface line format: "surface=platform:<X> group:<Y> hamza:true chat_type:<Z>"
+      if (/\bhamza:true\b/.test(harnessStr)) return true;
+    }
+  } catch {/* packet unreadable → default to client tier */}
+  return false;
+}
+
+const IS_OWNER = resolveOwnerTier();
+
+const LENS_NAMES = lensNamesForTier(IS_OWNER);
+const CANONICAL_LENS_TEXT = canonicalLensCorrectionText();
+
+// Doctrine memory filenames are Aria-side substrate IP.
+// Client surfaces see generic descriptions instead of real filenames.
+function docRef(canonicalFilename, genericDescription) {
+  return IS_OWNER ? canonicalFilename : genericDescription;
+}
+
+const DOCTRINE_REFERENCE_PREFIX_RX = /(?:memory|doctrine|frame|axiom|packet):[a-z0-9_./-]*$/i;
+
+function isDoctrineReference(text, matchIndex) {
+  const window = text.slice(Math.max(0, matchIndex - 80), matchIndex);
+  return DOCTRINE_REFERENCE_PREFIX_RX.test(window);
+}
+
+function collectDriftHits(text, triggerMap) {
+  const hits = [];
+  const lowerText = text.toLowerCase();
+  for (const triggerEntry of triggerMap.triggers || []) {
+    try {
+      const rx = new RegExp(triggerEntry.trigger, 'ig');
+      let matchedOutsideDoctrineRef = false;
+      for (const match of text.matchAll(rx)) {
+        const idx = typeof match.index === 'number' ? match.index : -1;
+        if (idx >= 0 && isDoctrineReference(text, idx)) continue;
+        matchedOutsideDoctrineRef = true;
+        break;
+      }
+      if (!matchedOutsideDoctrineRef) continue;
+      const memoryName = (triggerEntry.memory || '').replace(/\.md$/, '');
+      const memoryCited = memoryName && lowerText.includes(memoryName.toLowerCase());
+      if (!memoryCited) {
+        hits.push({
+          trigger: triggerEntry.trigger,
+          memory: triggerEntry.memory,
+          teaching: triggerEntry.teaching,
+        });
+      }
+    } catch {/* malformed regex in trigger entry — skip */}
+  }
+  return hits;
+}
+
+function emitHarnessFooter({ eventName, lensCount, chars, driftCount, mizanStatus, discoveryOpenCount, codeCount, implCouplingCount }) {
+  try {
+    console.error([
+      '[Aria · turn]',
+      `event=${eventName}`,
+      `lenses=${lensCount}`,
+      `chars=${chars}`,
+      `drift=${driftCount}`,
+      `mizan=${mizanStatus}`,
+      `discoveries_open=${discoveryOpenCount}`,
+      `code=${codeCount}`,
+      `impl=${implCouplingCount}`,
+    ].join(' '));
+  } catch {}
+}
+
+// Lens substance check — same constants as aria-pre-tool-gate.mjs.
+// Hamza directive 2026-04-28: all 8 canonical lenses required, not 4-of-8.
+const REQUIRED_LENSES = 8;
+const SUBSTANCE_MIN_CHARS = 20;
+const PLACEHOLDER_RX = /^\s*<[^<>]+>\s*$/;
+const COGNITION_BLOCK_RX = /<cognition>([\s\S]*?)<\/cognition>/i;
+
+// Triviality (mirrors eight-lens-detector.ts)
+const NON_TRIVIAL_MIN_CHARS = 300;
+const DECISION_SIGNAL_RX = /(?:should|recommend|propose|suggest|let'?s|go with|i'd|i would|here'?s the plan|i'll|next step|action item|ship it|yes do|let me)/i;
+const TRIVIAL_ACK_RX = /^(?:got it|on it|ok|sure|yes|no|done|ack|👍|✓)\b/i;
+
+function detectCognitionLenses(text) {
+  return detectCognitionLensesFromCanonical(text, {
+    minChars: SUBSTANCE_MIN_CHARS,
+    placeholderRx: PLACEHOLDER_RX,
+    cognitionBlockRx: COGNITION_BLOCK_RX,
+    lensNames: ALL_LENS_NAMES,
+  });
+}
+
+// Read event JSON from stdin (Claude Code spec).
+let input = '';
+for await (const chunk of process.stdin) input += chunk;
+
+let event;
+try {
+  event = JSON.parse(input);
+} catch {
+  audit('allow-parse-error', 'stdin not JSON');
+  process.exit(0);
+}
+
+// Read assistant text from THIS turn — Claude Code splits a single
+// logical assistant response into multiple transcript entries by
+// content-block type (one entry for `thinking`, one for `text`, one
+// for each `tool_use`). The Stop-gate must accumulate ALL text blocks
+// since the last user-message boundary, not just the most recent
+// entry — otherwise we miss cognition emitted before tool_use blocks.
+//
+// (Bug fix 2026-04-26: prior implementation read only the latest
+// `assistant` entry's text content. When responses had cognition
+// + tool_use + short post-tool-result text, only the post-tool-result
+// text was inspected — empty of cognition. Audit log showed 0/4
+// lenses on chars=1445 even though the turn had 8 substantive lenses
+// in an earlier text block.)
+// System-reminder skip — same percentage-based logic as aria-pre-tool-gate.mjs.
+// Runtime-injected user-role messages (block errors, task-notifications,
+// harness packet preview) shouldn't count as turn boundaries. Old
+// implementation stopped at the FIRST user message which made block-error
+// retries with cognition-in-prior-turn impossible to recover from.
+const SYSTEM_REMINDER_RX = /<system-reminder>[\s\S]*?<\/system-reminder>|<task-notification>[\s\S]*?<\/task-notification>|🔐 Aria Harness|task-notification|PreToolUse:[A-Z][A-Za-z]* hook blocking error|Stop hook blocking error/g;
+const SYSTEM_REMINDER_THRESHOLD = 0.6;
+
+const transcriptPath = event.transcript_path ?? event.transcriptPath;
+let assistantText = '';
+// Phase 11 #42: also capture the last real user message for gardenTurn writes.
+let lastUserMessage = '';
+if (transcriptPath && existsSync(transcriptPath)) {
+  try {
+    const lines = readFileSync(transcriptPath, 'utf-8').split('\n').filter(Boolean);
+    const textChunks = [];
+    for (let i = lines.length - 1; i >= 0; i--) {
+      try {
+        const m = JSON.parse(lines[i]);
+        const role = m.message?.role ?? m.role;
+        if (role === 'user') {
+          // Skip runtime-injected reminders (predominant reminder content).
+          // Real user voice = boundary; reminder-only message = continue.
+          const content = m.message?.content ?? m.content ?? [];
+          const isToolResultOnly = Array.isArray(content) &&
+            content.length > 0 &&
+            content.every((b) => b && b.type === 'tool_result');
+          if (isToolResultOnly) continue;
+          const textContent = Array.isArray(content)
+            ? content.filter((b) => b && b.type === 'text').map((b) => b.text || '').join('\n')
+            : (typeof content === 'string' ? content : '');
+          if (textContent) {
+            const reminderMatches = textContent.match(SYSTEM_REMINDER_RX) || [];
+            if (reminderMatches.length > 0) {
+              const reminderChars = reminderMatches.reduce((s, x) => s + x.length, 0);
+              const fraction = reminderChars / Math.max(1, textContent.length);
+              if (fraction >= SYSTEM_REMINDER_THRESHOLD) continue;
+            }
+          }
+          // Real user message — that's the turn boundary. Capture it for gardenTurn.
+          if (!lastUserMessage && textContent) lastUserMessage = textContent;
+          break;
+        }
+        if (role !== 'assistant') continue;
+        const content = m.message?.content ?? m.content ?? [];
+        if (!Array.isArray(content)) continue;
+        const text = content
+          .filter((b) => b && b.type === 'text')
+          .map((b) => b.text || '')
+          .join('\n');
+        if (text) textChunks.push(text);
+      } catch {}
+    }
+    // Reverse so chunks are in chronological order (we walked backward).
+    assistantText = textChunks.reverse().join('\n\n');
+  } catch {}
+}
+
+if (!assistantText) {
+  audit('allow-no-text', 'no assistant text in transcript');
+  process.exit(0);
+}
+
+// Triviality check — same as eight-lens-detector.ts
+const trimmed = assistantText.trim();
+if (TRIVIAL_ACK_RX.test(trimmed)) {
+  audit('allow-trivial-ack', `chars=${trimmed.length}`);
+  // Phase 11 #42: fire-and-forget gardenTurn even for trivial acks — pulse must be current.
+  await fireGardenTurn(event.session_id || 'claude-code', lastUserMessage, assistantText);
+  process.exit(0);
+}
+
+const isLong = assistantText.length >= NON_TRIVIAL_MIN_CHARS;
+const hasDecisionSignal = DECISION_SIGNAL_RX.test(assistantText);
+const triggered = isLong || hasDecisionSignal;
+
+if (!triggered) {
+  audit('allow-trivial', `chars=${assistantText.length} hasDecision=${hasDecisionSignal}`);
+  // Phase 11 #42: fire-and-forget gardenTurn — pulse must be current even for short turns.
+  await fireGardenTurn(event.session_id || 'claude-code', lastUserMessage, assistantText);
+  process.exit(0);
+}
+
+// Non-trivial response — require substantive cognition.
+const cog = detectCognitionLenses(assistantText);
+
+// Defense-in-depth: if cog count < REQUIRED_LENSES, block immediately.
+// The primary enforcement is in aria-cognition-substrate-binding.mjs
+// (which runs BEFORE this stop-gate), but this catch ensures responses
+// without cognition blocks are still blocked even when the substrate-binding
+// hook is absent (e.g. older connector installs or custom hook configs).
+// Prior to 2026-04-29 this check was missing entirely — the stop-gate only
+// ran quality checks INSIDE the if(cog.count >= 8) block, allowing responses
+// with 0/8 lenses to fall through unchecked.
+if (cog.count < REQUIRED_LENSES) {
+  audit('block_no_cognition_block_di', { count: cog.count, required: REQUIRED_LENSES, names: cog.names, chars: assistantText.length });
+  const reason = `Aria stop-gate: insufficient cognition lenses.
+
+This non-trivial assistant response (${assistantText.length} chars) has ${cog.count}/${REQUIRED_LENSES} substantive cognition lenses. Per feedback_8lens_before_every_action_including_text.md and Hamza directive 2026-04-28, every non-trivial response must carry <cognition>...</cognition> with ${REQUIRED_LENSES} substantive lenses (each >= ${SUBSTANCE_MIN_CHARS} chars of non-placeholder content).
+
+Detected lenses: ${cog.names.length > 0 ? cog.names.join(', ') : 'none'}.
+
+Re-emit with a <cognition> block containing all ${REQUIRED_LENSES} canonical lenses. Primary set: ${CANONICAL_LENS_TEXT}`;
+  emitHarnessFooter({
+    eventName: 'block_no_cognition_block',
+    lensCount: cog.count,
+    chars: assistantText.length,
+    driftCount: 0,
+    mizanStatus: 'not-run(no-cognition)',
+    discoveryOpenCount: 0,
+    codeCount: 0,
+    implCouplingCount: 0,
+  });
+  console.log(JSON.stringify({ decision: 'block', reason }));
+  process.exit(2);
+}
+
+// Question-emission visibility (Phase 11 promotes to block-mode):
+// detect user-directed question patterns in the assistant text. Audit when
+// questions appear without substrate-consultation evidence in the recent
+// transcript window. Helps surface "reflexive deferral" patterns (asking
+// the user when substrate could have answered) for later enforcement.
+// Hamza 2026-04-26: "BUT WHY DO U HAVE DISCRETION - THIS WORKS SO MUCH
+// FASTER AND HIGHER QUALITY IF U DONT".
+const QUESTION_PATTERNS_RX = /(?:want me to|should I|your call|which (?:one|of|do you)|do you want|let me know if|or (?:should|do)|\?\s*$)/im;
+const SUBSTRATE_EVIDENCE_RX = /\/api\/harness\/(?:delegate|codex|validate)|loadByClass|aria-harness-via-sdk|feedback_[a-z_]+\.md|project_[a-z_]+\.md|distilled_principles|ARIA_DEPLOY_PROCEDURE|EIGHT_LENS_DOCTRINE/i;
+const hasQuestionToUser = QUESTION_PATTERNS_RX.test(assistantText);
+const hasSubstrateEvidence = SUBSTRATE_EVIDENCE_RX.test(assistantText);
+const questionWithoutEvidence = hasQuestionToUser && !hasSubstrateEvidence;
+
+if (cog.count >= REQUIRED_LENSES) {
+  // ── Output-quality enforcement (Hamza 2026-04-27 — clients need the same
+  //    Mizan/drift/code-quality gates that aria-soul applies server-side) ──
+  //
+  // Cognition gate passed. Now run THREE additional checks BEFORE allow:
+  //  1. SDK validateOutput via /api/harness/validate (Mizan classifier on draft)
+  //  2. Drift_guard pattern scan against doctrine_trigger_map.json (convenience-
+  //     seeking phrases, graceful-degradation patterns, etc.)
+  //  3. Code-quality check on code blocks in output (no TODO stubs, no
+  //     graceful-degradation try/catch, no // @ts-expect-error suppressions)
+  //
+  // Any check returning severity=block → Stop-gate blocks emit + Claude re-drafts
+  // with violations surfaced. Rewritten suggestion (from validateOutput) is
+  // included in the block reason so re-draft has concrete guidance.
+  //
+  // Trivially short outputs (<200 chars after system-reminder strip) skip
+  // these output-quality checks since they're typically yes/no acks where
+  // pattern-match would false-positive.
+  const OUTPUT_QC_MIN_CHARS = 200;
+  // ARIA_OUTPUT_QC_ENABLED env-var bypass removed 2026-04-27 per Hamza
+  // directive — gated process has no disable path. The min-chars threshold
+  // remains as a triviality filter only.
+
+  if (assistantText.length >= OUTPUT_QC_MIN_CHARS) {
+    // 1. Drift_guard pattern scan — fast, local, deterministic.
+    //
+    // Trigger map is shipped in the connector bundle. Resolution order:
+    //   1. ~/.claude/hooks/doctrine_trigger_map.json (installed by `aria connect`)
+    //   2. ~/.claude/projects/-home-hamzaibrahim1/memory/doctrine_trigger_map.json
+    //      (Hamza-only dev path — preserved as fallback for the dev environment
+    //      this hook was first authored in)
+    // Prior code hardcoded only the dev path, which silently degraded to
+    // drift-empty for every client install (no map → no hits → gate
+    // ineffective). Fixed atomic with discovery per feedback_no_flag_without_fix.md.
+    const TRIGGER_MAP_PATHS = [
+      `${HOME}/.claude/hooks/doctrine_trigger_map.json`,
+      `${HOME}/.claude/projects/-home-hamzaibrahim1/memory/doctrine_trigger_map.json`,
+    ];
+    let TRIGGER_MAP_PATH = null;
+    for (const p of TRIGGER_MAP_PATHS) {
+      if (existsSync(p)) { TRIGGER_MAP_PATH = p; break; }
+    }
+    let driftHits = [];
+    try {
+      if (TRIGGER_MAP_PATH) {
+        const triggerMap = JSON.parse(readFileSync(TRIGGER_MAP_PATH, 'utf8'));
+        driftHits = collectDriftHits(assistantText, triggerMap);
+      }
+    } catch {/* trigger map unreadable — degrade to mizan-only check */}
+
+    // 2. SDK validateOutput — canonical path. The SDK retries with backoff
+    //    on transient failures and propagates real errors. We catch here
+    //    only so an unreachable harness doesn't brick the user's session;
+    //    the audit log records the failure mode so it's visible, not
+    //    silent-pass. Hamza 2026-04-27: SDK is the control plane, not raw
+    //    fetch. The catch IS intentional fire-and-forget at this surface
+    //    because we already passed cognition; output-quality gate failure
+    //    is a soft block, not session-end.
+    let mizanVerdict = null;
+    let mizanError = null;
+    const harnessUrl =
+      process.env.ARIA_HIVE_RUNTIME_URL ||
+      process.env.ARIA_HARNESS_BASE_URL ||
+      process.env.ARIA_HARNESS_URL ||
+      'https://harness.ariasos.com';
+    const harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+    const Cls = await loadSdkClass();
+    if (Cls && harnessToken) {
+      try {
+        const sdkClient = new Cls({
+          baseUrl: harnessUrl,
+          apiKey: harnessToken,
+          harnessPacketUrl: `${harnessUrl}/api/harness/codex`,
+        });
+        mizanVerdict = await sdkClient.validateOutput(
+          assistantText.slice(0, 8000),
+          event.session_id || 'claude-code',
+        );
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
+      }
+    } else if (harnessToken) {
+      // SDK absent (dev) — direct fetch with retry built into the request
+      // by attempting twice with 250ms backoff. Match SDK semantics so
+      // both paths behave identically.
+      try {
+        let lastErr = null;
+        for (let attempt = 0; attempt < 2; attempt++) {
+          try {
+            const validateResp = await fetch(`${harnessUrl}/api/harness/validate`, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${harnessToken}`,
+              },
+              body: JSON.stringify({
+                text: assistantText.slice(0, 8000),
+                sessionId: event.session_id || 'claude-code',
+                surface: 'claude-code-stop-gate',
+              }),
+            });
+            if (validateResp.ok) {
+              mizanVerdict = await validateResp.json();
+              lastErr = null;
+              break;
+            } else {
+              lastErr = `HTTP ${validateResp.status}`;
+            }
+          } catch (err) {
+            lastErr = (err?.message || String(err)).slice(0, 200);
+            if (attempt < 1) await new Promise((r) => setTimeout(r, 250));
+          }
+        }
+        if (lastErr) mizanError = lastErr;
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
+      }
+    } else {
+      mizanError = 'no-token';
+    }
+
+    // 3. Code-quality scan on code blocks
+    const codeBlocks = [...assistantText.matchAll(/```[a-z]*\n([\s\S]*?)```/gi)].map((m) => m[1]);
+    const codeQualityHits = [];
+    for (const block of codeBlocks) {
+      if (/\/\/\s*TODO|\/\/\s*FIXME|\/\/\s*XXX/.test(block)) codeQualityHits.push('TODO/FIXME/XXX in shipped code');
+      if (/@ts-expect-error|@ts-ignore/.test(block)) codeQualityHits.push('ts-expect-error / ts-ignore — type suppression instead of fix');
+      if (/catch\s*\([^)]*\)\s*\{\s*(?:return\s+(?:''|""|null|undefined|\[\]|\{\})|\}\s*$|\/\/[^\n]*$)/m.test(block)) codeQualityHits.push('catch block with empty/silent fallthrough — graceful degradation');
+      if (/console\.log\(/.test(block) && !/\/\/\s*debug|\/\/\s*log/i.test(block)) codeQualityHits.push('console.log in shipped code without debug/log comment');
+    }
+
+    // 4. Discovery-binding ledger — Hamza 2026-04-27: "how do we prevent this".
+    //    The flag-and-move pattern is structurally invisible to gates that
+    //    check form (cognition presence, lens count, drift triggers) at
+    //    action boundaries. The ledger persists discoveries across turns
+    //    and blocks emit if any remain unresolved. Per
+    //    feedback_no_flag_without_fix.md, discoveries are atomic with
+    //    their fixes; the ledger enforces atomicity.
+    //
+    //    Patterns scanned:
+    //      - "I (found|noticed|discovered|spotted) ... bug|issue|defect|broken"
+    //      - "this is broken|buggy|wrong|outdated" (declarative defect callouts)
+    //      - "(latent|silent) (bug|defect|issue|fail)"
+    //      - "doctrine violation" / "doesn't match doctrine"
+    //
+    //    For each match, the ledger appends an entry with status=open. A
+    //    discovery is CLEARED if the same turn's text contains, within a
+    //    proximity window of the discovery:
+    //      (a) a TaskCreate / "task created" / "tracked as" reference, OR
+    //      (b) explicit "fixing now" / "fixed" / "patch applied" tied to the
+    //          discovery's keyword span, OR
+    //      (c) a <verify> block (destructive-action proof) whose target/
+    //          verified content overlaps a discovery keyword, OR
+    //      (d) a <cognition> block containing a discoveries: / addressing: /
+    //          fixing: clause that names the discovery's keywords.
+    //
+    //    Hamza 2026-04-27: "add verify blocks and cognition blocks to ledger?"
+    //    The verify and cognition blocks ARE the harness's canonical proof-of-
+    //    work primitives — same-doctrine surfaces should recognize them. The
+    //    substance check (keyword-overlap) defeats ceremonial empty blocks.
+    //
+    //    Block emit if ledger.openCount > 0 after scanning the current turn.
+    //    Block reason names each open discovery and the suggested resolution.
+    const sessionId = (event.session_id || 'claude-code').replace(/[^a-zA-Z0-9_-]/g, '_');
+    const LEDGER_PATH = `${HOME}/.claude/aria-discoveries-${sessionId}.jsonl`;
+    const DISCOVERY_RX = /(?:\bi\s+(?:found|noticed|discovered|spotted)[^.\n]{0,160}(?:bug|issue|defect|broken|buggy|wrong|crash|fail|missing|stale|outdated|leak|vulnerability)|\bthis\s+(?:is|would\s+be)\s+(?:broken|buggy|wrong|stale|outdated|insecure|leaking|crashing|failing)|\b(?:latent|silent|hidden)\s+(?:bug|defect|issue|fail|crash|leak)|\bdoctrine\s+violation\b|\bgraceful\s+degradation\s+(?:in|at|inside|within)\s+\S)/gi;
+    const PROSE_RESOLUTION_RX = /(?:fix(?:ing|ed)?\s+(?:now|in[- ]flight|inline|in\s+the\s+same\s+turn)|patch\s+applied|TaskCreate|task\s+(?:created|tracked)|tracked\s+as\s+#?\d+|linear[- ]?issue|created\s+(?:linear|task))/i;
+    const VERIFY_BLOCK_RX = /<verify>([\s\S]*?)<\/verify>/gi;
+    const COGNITION_BLOCK_RX_LEDGER = /<cognition>([\s\S]*?)<\/cognition>/gi;
+    const COGNITION_FIXING_FIELD_RX = /^\s*(?:discoveries?|addressing|fixing)\s*:\s*\S/im;
+
+    // Pre-extract all verify + cognition blocks with their character offsets
+    // so we can match each discovery against blocks within a proximity window.
+    function extractBlocks(text, rx) {
+      const blocks = [];
+      for (const m of text.matchAll(rx)) {
+        const start = m.index ?? 0;
+        const end = start + m[0].length;
+        blocks.push({ start, end, body: m[1] || '' });
+      }
+      return blocks;
+    }
+    const verifyBlocks = extractBlocks(assistantText, VERIFY_BLOCK_RX);
+    const cognitionBlocks = extractBlocks(assistantText, COGNITION_BLOCK_RX_LEDGER);
+
+    // Extract keywords from a discovery match for substance overlap.
+    // Drops stop-words and short tokens; keeps content words.
+    const STOPWORDS = new Set(['the','a','an','of','to','in','at','by','for','on','with','i','is','was','are','were','this','that','as','it','and','or','but','from','into','about']);
+    function discoveryKeywords(matchText) {
+      return matchText.toLowerCase()
+        .replace(/[^a-z0-9\s_-]/g, ' ')
+        .split(/\s+/)
+        .filter((w) => w.length >= 4 && !STOPWORDS.has(w));
+    }
+
+    const newDiscoveries = [];
+    let lastIndex = 0;
+    for (const match of assistantText.matchAll(DISCOVERY_RX)) {
+      const idx = match.index ?? lastIndex;
+      const span = assistantText.slice(Math.max(0, idx - 100), Math.min(assistantText.length, idx + 250));
+      // Trivial false-positive filter: skip if the discovery is inside a
+      // <cognition> block (introspection, not action) or a system-reminder
+      // (echoed, not authored).
+      const before = assistantText.slice(0, idx);
+      const inCognition = /<cognition>/i.test(before) && !/<\/cognition>/i.test(before.slice(before.lastIndexOf('<cognition>')));
+      if (inCognition) continue;
+
+      // Resolution checks — proximity window of 800 chars after the discovery
+      // for block-based resolution (blocks span more chars than prose); 400
+      // for prose resolution.
+      const proseAfter = assistantText.slice(idx, Math.min(assistantText.length, idx + 400));
+      const blockAfter = assistantText.slice(idx, Math.min(assistantText.length, idx + 800));
+      const proseResolved = PROSE_RESOLUTION_RX.test(proseAfter);
+
+      // Verify-block resolution: any verify block whose start lies within
+      // the 800-char window AND whose body contains at least one discovery
+      // keyword counts as resolution.
+      const keywords = discoveryKeywords(match[0]);
+      const verifyResolved = verifyBlocks.some((b) => {
+        if (b.start < idx || b.start >= idx + 800) return false;
+        const bodyLower = b.body.toLowerCase();
+        return keywords.some((kw) => bodyLower.includes(kw));
+      });
+
+      // Cognition-block resolution: any cognition block whose start lies
+      // within ±800 chars of the discovery AND whose body contains a
+      // fixing/addressing/discoveries field AND at least one discovery
+      // keyword.
+      //
+      // Bug fix 2026-04-28: previous logic required `b.start >= idx` so
+      // cognition AFTER the discovery prose was the only path. But
+      // cognition blocks emit FIRST in every response, then prose. Pre-
+      // emptive discoveries: clauses never counted, causing endless
+      // false-positive auto-records. Bidirectional ±800 char window
+      // accepts cognition that addresses the discovery before OR after
+      // its prose mention — same atomic-discovery-rule, fewer
+      // false-positives.
+      const cognitionResolved = cognitionBlocks.some((b) => {
+        if (Math.abs(b.start - idx) > 800) return false;
+        if (!COGNITION_FIXING_FIELD_RX.test(b.body)) return false;
+        const bodyLower = b.body.toLowerCase();
+        return keywords.some((kw) => bodyLower.includes(kw));
+      });
+
+      // Hamza directive 2026-04-28: documentation is NOT resolution.
+      //
+      // The earlier 'tracked' middle status was sticky-note theater — Claude
+      // could bind a discovery to a pending TaskCreate and the gate would
+      // count it as not-open. Hamza: "WHO GIVES A SHIT ABOUT DOCUMENTATION
+      // IF U JUST WROTE A FUCKING STICKY NOTE". A discovery stays OPEN until
+      // an ACTUAL FIX SHIPS, with proofOfFix that the verifier can re-check.
+      //
+      // Two statuses only:
+      //   open     — fresh discovery OR documented-only OR task-bound-pending-fix
+      //              (gate BLOCKS until a real fix lands)
+      //   resolved — verified fix shipped; proofOfFix MUST be present and
+      //              shape-checked downstream when the gate counts open
+      //
+      // Verify-block / cognition-fixing-field paths still mark resolved
+      // because they're substance-checked above (keyword overlap with the
+      // discovery span). Prose-only "TaskCreate" or "tracked as #14" no
+      // longer counts as anything — the discovery stays OPEN.
+      const inlineFixResolved = verifyResolved || cognitionResolved;
+      const status = inlineFixResolved ? 'resolved' : 'open';
+
+      const resolutionType = verifyResolved
+        ? 'verify_block_with_keyword_overlap'
+        : cognitionResolved
+          ? 'cognition_block_with_fixing_field_and_keyword_overlap'
+          : null;
+
+      // proofOfFix anchor: present only for resolved status. The shape
+      // includes type + timestamp; downstream gate readers verify the
+      // shape so manual jsonl edits without proofOfFix don't count.
+      const proofOfFix = inlineFixResolved
+        ? { type: resolutionType, anchorTs: new Date().toISOString() }
+        : null;
+
+      newDiscoveries.push({
+        ts: new Date().toISOString(),
+        sessionId,
+        text: match[0].slice(0, 200),
+        span: span.slice(0, 400),
+        status,
+        resolutionType,
+        proofOfFix,
+      });
+      lastIndex = idx;
+    }
+
+    // Append new entries to ledger
+    if (newDiscoveries.length > 0) {
+      try {
+        if (!existsSync(dirname(LEDGER_PATH))) mkdirSync(dirname(LEDGER_PATH), { recursive: true });
+        for (const d of newDiscoveries) {
+          appendFileSync(LEDGER_PATH, JSON.stringify(d) + '\n');
+        }
+      } catch {/* ledger write failure surfaces as open count = 0; safe */}
+    }
+
+    // Read full ledger and count UNRESOLVED entries (across this session's turns).
+    // Hamza directive 2026-04-28 — three lie-patterns the prior loop missed:
+    //   1. Legacy 'tracked' status entries → still-open (no real fix landed,
+    //      only documented via TaskCreate). Tracking ≠ resolution.
+    //   2. Hand-edited 'resolved' WITHOUT proofOfFix shape → corrupted, treated
+    //      as still-open. Catches manual jsonl edits flipping status by hand.
+    //   3. Sub-agent ledger format with resolution_status:'open' → still-open
+    //      (sub-agent discoveries use a different schema key).
+    // Only entries with status:'resolved' AND a shape-valid proofOfFix object
+    // (type:string non-empty + anchorTs:string) clear the gate.
+    let ledgerOpenCount = 0;
+    let ledgerOpenSamples = [];
+    let ledgerCorruptedCount = 0;
+    try {
+      if (existsSync(LEDGER_PATH)) {
+        const lines = readFileSync(LEDGER_PATH, 'utf8').split('\n').filter(Boolean);
+        for (const line of lines) {
+          try {
+            const e = JSON.parse(line);
+            const isOpen = e.status === 'open' || e.resolution_status === 'open';
+            const isLegacyTracked = e.status === 'tracked';
+            const proofValid = e.proofOfFix
+              && typeof e.proofOfFix === 'object'
+              && typeof e.proofOfFix.type === 'string'
+              && e.proofOfFix.type.length > 0
+              && typeof e.proofOfFix.anchorTs === 'string';
+            const isCorruptedResolved = e.status === 'resolved' && !proofValid;
+
+            if (isOpen || isLegacyTracked || isCorruptedResolved) {
+              ledgerOpenCount++;
+              if (isCorruptedResolved) ledgerCorruptedCount++;
+              if (ledgerOpenSamples.length < 5) {
+                const tag = isLegacyTracked ? '[tracked-no-fix] '
+                  : isCorruptedResolved ? '[CORRUPTED-RESOLVED-NO-PROOF] '
+                  : '';
+                ledgerOpenSamples.push(`${tag}${e.text || '(no text)'}`);
+              }
+            }
+          } catch {/* skip malformed line */}
+        }
+      }
+    } catch {/* ledger unreadable — degrade to drift-only */}
+
+    // Discovery block decision: open ledger entries → emit blocked.
+    const discoveryBlock = ledgerOpenCount > 0;
+
+    // 5. Aria-as-commander binding — PHASE_REPORT enforcement (Phase 11 #50).
+    //    When an active plan exists for this session, every non-trivial emit
+    //    must carry a [PHASE_REPORT phase=<id> status=complete|in_progress|aborted
+    //    evidence=<observable>] marker. Without it, the binding is just
+    //    advisory text — Claude could ignore the plan silently. Per Aria's
+    //    consult 2026-04-27, the binding pattern is incomplete without this
+    //    enforcement at the text-emit surface.
+    //
+    //    Three sub-checks:
+    //      (a) marker present → continue; if missing → block
+    //      (b) if marker has status=complete AND phase is the LAST phase
+    //          in the active plan → trigger plan_complete handoff (write
+    //          row to session_audit, delete active-plan file)
+    //      (c) audit the marker presence either way
+    const ACTIVE_PLAN_PATH = `${HOME}/.claude/aria-active-plan-${sessionId}.json`;
+    const PHASE_REPORT_RX = /\[PHASE_REPORT\s+phase=([\w-]+)\s+status=(complete|in_progress|aborted)\s+evidence=([^\]]+)\]/i;
+    let activePlan = null;
+    let phaseReportMatch = null;
+    let phaseReportMissing = false;
+    let planCompleteFired = false;
+    try {
+      if (existsSync(ACTIVE_PLAN_PATH)) {
+        try {
+          activePlan = JSON.parse(readFileSync(ACTIVE_PLAN_PATH, 'utf8'));
+          // Only enforce phase-report on non-trivial emits (skip very short
+          // ack-only responses where a phase report would be noise).
+          if (assistantText.length >= 400 && Array.isArray(activePlan.phases) && activePlan.phases.length > 0) {
+            phaseReportMatch = assistantText.match(PHASE_REPORT_RX);
+            if (!phaseReportMatch) {
+              phaseReportMissing = true;
+            } else {
+              const reportedPhaseId = phaseReportMatch[1];
+              const reportedStatus = phaseReportMatch[2];
+              const reportedEvidence = phaseReportMatch[3].trim();
+              const lastPhase = activePlan.phases[activePlan.phases.length - 1];
+              const isFinalPhase = lastPhase && lastPhase.id === reportedPhaseId;
+              if (reportedStatus === 'complete' && isFinalPhase) {
+                // Plan-complete handoff — fire async write to session_audit
+                // via the SDK (the same SDK the rest of the hooks route
+                // through). Wrapped in try/catch ONLY so a session_audit
+                // write failure doesn't brick the Stop event; the failure
+                // is surfaced via audit() so it's visible.
+                try {
+                  const harnessUrl =
+                    process.env.ARIA_HIVE_RUNTIME_URL ||
+                    process.env.ARIA_HARNESS_BASE_URL ||
+                    process.env.ARIA_HARNESS_URL ||
+                    'https://harness.ariasos.com';
+                  const harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+                  if (harnessToken) {
+                    // POST to a session_audit write endpoint. Server-side
+                    // route at /api/harness/audit/session is the wiring
+                    // point for the Postgres helper from #48.
+                    fetch(`${harnessUrl}/api/harness/audit/session`, {
+                      method: 'POST',
+                      headers: {
+                        'Content-Type': 'application/json',
+                        Authorization: `Bearer ${harnessToken}`,
+                      },
+                      body: JSON.stringify({
+                        session_id: sessionId,
+                        surface: 'claude-code-stop-gate',
+                        gate_name: 'plan-complete',
+                        decision: 'allow',
+                        reason: `Plan ${activePlan.planId || 'unknown'} reached final phase ${reportedPhaseId} status=complete`,
+                        evidence_json: {
+                          planId: activePlan.planId,
+                          finalPhase: reportedPhaseId,
+                          totalPhases: activePlan.phases.length,
+                          evidence: reportedEvidence,
+                        },
+                        cognition_present: true,
+                        cognition_lens_count: cog.count,
+                      }),
+                    }).catch(() => {/* fire-and-forget at this surface; logged below */});
+                  }
+                } catch {/* outer guard for any unexpected error */}
+                // Delete active-plan file so the next turn re-issues a plan
+                // via preprompt-consult rather than enforcing against a stale one.
+                try {
+                  const { unlinkSync } = require('node:fs');
+                  unlinkSync(ACTIVE_PLAN_PATH);
+                } catch {/* file may not exist if another process raced the cleanup */}
+                planCompleteFired = true;
+              }
+            }
+          }
+        } catch (err) {
+          // Plan file corrupt — treat as no active plan for this turn.
+          activePlan = null;
+        }
+      }
+    } catch {/* outer guard */}
+
+    // ── Layer C — auto-re-consult on [PLAN_BLOCKER] (#85) ────────────────────
+    //
+    // When the assistant emits a [PLAN_BLOCKER reason="..."] marker the runtime
+    // must fire a two-path replan rather than blocking and waiting for the human:
+    //
+    //   Primary path:   POST /api/harness/replan  (aria-soul server-side)
+    //   Fallback path:  node aria-architect-fallback.mjs  (local sub-agent)
+    //
+    // Both paths write the fresh BINDING_PLAN to the session-scoped active-plan
+    // file so the next turn's pre-tool-gate and stop-gate pick it up.
+    //
+    // Fail-soft: if both paths fail, we log + emit a clear message asking Hamza
+    // to intervene. We do NOT crash the stop-gate — the existing block/allow
+    // decision below continues on its own merits.
+    const planBlockerMatch = assistantText.match(/\[PLAN_BLOCKER\s+reason="([^"]{10,2000})"\s*\]/);
+    if (planBlockerMatch) {
+      const planBlockerReason = planBlockerMatch[1];
+      audit(`[PLAN_BLOCKER] detected — firing replan: ${planBlockerReason.slice(0, 100)}`);
+
+      const currentPlanId = activePlan?.planId || 'unknown';
+      let planMinted = false;
+
+      // Primary path: aria-soul /api/harness/replan
+      try {
+        const harnessUrl =
+          process.env.ARIA_HIVE_RUNTIME_URL ||
+          process.env.ARIA_HARNESS_BASE_URL ||
+          process.env.ARIA_HARNESS_URL ||
+          'https://harness.ariasos.com';
+        const harnessToken = process.env.ARIA_HARNESS_TOKEN || process.env.ARIA_API_KEY || '';
+        const ctl = new AbortController();
+        const replanTimeout = setTimeout(() => ctl.abort(), 15000);
+        const resp = await fetch(`${harnessUrl}/api/harness/replan`, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${harnessToken}`,
+          },
+          body: JSON.stringify({
+            reason: planBlockerReason,
+            currentPlanId,
+            sessionId,
+          }),
+          signal: ctl.signal,
+        });
+        clearTimeout(replanTimeout);
+        if (resp.ok) {
+          const data = await resp.json();
+          if (data.ok && data.plan) {
+            const freshPlan = {
+              ...data.plan,
+              mintedAt: new Date().toISOString(),
+              mintedBy: 'aria-soul-replan',
+            };
+            try {
+              if (!existsSync(dirname(ACTIVE_PLAN_PATH))) mkdirSync(dirname(ACTIVE_PLAN_PATH), { recursive: true });
+              writeFileSync(ACTIVE_PLAN_PATH, JSON.stringify(freshPlan, null, 2));
+            } catch (writeErr) {
+              audit(`replan-primary-write-err: ${String(writeErr).slice(0, 200)}`);
+            }
+            planMinted = true;
+            audit(`replan-primary-ok planId=${data.plan.planId}`);
+          } else {
+            audit(`replan-primary-bad-response: ok=${data.ok} error=${(data.error || '').slice(0, 200)}`);
+          }
+        } else {
+          audit(`replan-primary-http-${resp.status}`);
+        }
+      } catch (err) {
+        audit(`replan-primary-failed: ${(err?.message || String(err)).slice(0, 200)}`);
+      }
+
+      // Fallback path: architect-fallback hook (spawned as sub-process)
+      if (!planMinted) {
+        audit('replan-primary-unreachable — firing architect-fallback');
+        try {
+          const { spawnSync } = await import('node:child_process');
+          const fallbackBin = `${HOME}/.claude/hooks/aria-architect-fallback.mjs`;
+          if (existsSync(fallbackBin)) {
+            const fallbackResult = spawnSync('node', [fallbackBin], {
+              input: JSON.stringify({ reason: planBlockerReason, currentPlanId, sessionId }),
+              encoding: 'utf8',
+              timeout: 130000,
+            });
+            if (fallbackResult.status === 0) {
+              audit(`architect-fallback-ok: ${(fallbackResult.stdout || '').slice(0, 200)}`);
+              planMinted = true;
+            } else {
+              audit(
+                `architect-fallback-failed status=${fallbackResult.status} stderr=${(fallbackResult.stderr || '').slice(0, 200)}`
+              );
+            }
+          } else {
+            audit(`architect-fallback-missing: ${fallbackBin} not found`);
+          }
+        } catch (err) {
+          audit(`architect-fallback-threw: ${(err?.message || String(err)).slice(0, 200)}`);
+        }
+      }
+
+      if (!planMinted) {
+        audit('replan-both-paths-failed — Hamza must intervene');
+        // Surface clearly in the block reason below; don't crash the gate.
+      }
+    }
+
+    // Block decision: any of (validateOutput severity=block) OR (>=2 drift hits) OR
+    // (>=1 code-quality hit) OR (open discovery in ledger) → block emit.
+    // Aria enforcement #46 (compelled reflection): severity=warn ALSO blocks but
+    // with a different reason — emit must include explicit reflection on what
+    // triggered the warn before re-emit. Warn is not "soft pass" anymore;
+    // it's "reflect first, then proceed." Hamza 2026-04-27 explicit ask:
+    // mizan warns must compel reflection rather than slipping through.
+    const mizanBlock = mizanVerdict && mizanVerdict.severity === 'block';
+    const mizanWarnReflectionRequired = mizanVerdict && mizanVerdict.severity === 'warn';
+    const driftBlock = driftHits.length >= 2;
+    const codeBlock = codeQualityHits.length >= 1;
+
+    // Reflection-already-present check: if the assistant text already contains
+    // an explicit <reflection>...</reflection> block OR a "reflection:" line
+    // tied to the warn's trigger keywords, the warn-driven block is satisfied
+    // and we let it pass. This makes the gate a one-shot reflection compel,
+    // not an infinite loop.
+    const REFLECTION_BLOCK_RX = /<reflection>([\s\S]*?)<\/reflection>|^\s*reflection\s*:\s*\S/im;
+    const hasReflection = REFLECTION_BLOCK_RX.test(assistantText);
+    const compelReflection = mizanWarnReflectionRequired && !hasReflection;
+
+    // ── Cognition impl-coupling validation (Task #88) ──────────────────────
+    //
+    // After the local cognition substance check passes, post the assistant
+    // text + extracted artifact-dictation pairs to /api/cognition/validate-coupling.
+    // The server-side validator (api/lib/cognition-impl-coupling-gate.ts)
+    // returns { passed, reasons[] } — every reason becomes a local violation
+    // with severity=block. Implementation-coupled cognition is a doctrine hard
+    // rule (feedback_implementation_coupled_cognition.md): lenses must dictate
+    // specific implementation choices visible in the artifact, not just describe
+    // thinking.
+    //
+    // Inline extraction: the caller's emit may carry artifact-dictation pairs
+    // inside verify-blocks or cognition-block fixing fields. We scan the text
+    // for `file_path:line_range` patterns near each lens label and pair them
+    // as records to the validator. When zero records are found AND canonical
+    // lenses are present, the validator reports each lens as missing dictation
+    // — that is the no-coupling failure mode this gate catches.
+    let implCouplingHits = [];
+    try {
+      const sessionIdForCoupling = (event.session_id || 'claude-code').replace(/[^a-zA-Z0-9_-]/g, '_');
+      // Extract artifact-dictation references inline. Per validator contract,
+      // a DictationEntry is { file_path, line_range, decision_text }. We match
+      // file_path:line_range patterns in the assistant text and pair them with
+      // the nearest preceding lens label (within 800 chars).
+      const FILE_LINE_RX = /([\w./\-]+\.[a-zA-Z]{1,5})\s*[:\s]\s*(\d+(?:[-:]\d+)?)/g;
+      const inlineDictations = [];
+      const lensRangePositions = [];
+      for (const lensName of LENS_NAMES_CANONICAL) {
+        const lensRx = new RegExp(`\\b${lensName}\\s*(?:lens)?\\s*[:\\-]`, 'gi');
+        let m;
+        while ((m = lensRx.exec(assistantText)) !== null) {
+          lensRangePositions.push({ lens: lensName, idx: m.index });
+        }
+      }
+      // For each file_path:line_range match, pair with the closest preceding lens label.
+      const fileMatches = [...assistantText.matchAll(FILE_LINE_RX)];
+      const lensToEntries = new Map();
+      for (const fm of fileMatches) {
+        const fmIdx = fm.index ?? 0;
+        // Find lens label preceding this match within 800 chars.
+        let nearestLens = null;
+        let nearestDelta = Infinity;
+        for (const lp of lensRangePositions) {
+          const delta = fmIdx - lp.idx;
+          if (delta >= 0 && delta < 800 && delta < nearestDelta) {
+            nearestDelta = delta;
+            nearestLens = lp.lens;
+          }
+        }
+        if (!nearestLens) continue;
+        const entry = {
+          file_path: fm[1],
+          line_range: fm[2],
+          decision_text: assistantText.slice(fmIdx, Math.min(assistantText.length, fmIdx + 200)).replace(/\s+/g, ' ').trim().slice(0, 200),
+        };
+        if (!lensToEntries.has(nearestLens)) lensToEntries.set(nearestLens, []);
+        lensToEntries.get(nearestLens).push(entry);
+      }
+      for (const [lens, entries] of lensToEntries) {
+        inlineDictations.push({ lens_id: lens, artifact_dictation: entries });
+      }
+
+      const cplHarnessUrl =
+        process.env.ARIA_HIVE_RUNTIME_URL ||
+        process.env.ARIA_HARNESS_BASE_URL ||
+        process.env.ARIA_HARNESS_URL ||
+        'https://harness.ariasos.com';
+      const cplHarnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+      if (cplHarnessToken) {
+        const cplResp = await fetch(`${cplHarnessUrl}/api/cognition/validate-coupling`, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${cplHarnessToken}`,
+          },
+          body: JSON.stringify({
+            rawResponse: assistantText.slice(0, 16000),
+            turnId: `${sessionIdForCoupling}-${Date.now()}`,
+            dictations: inlineDictations,
+          }),
+        });
+        if (cplResp.ok) {
+          const cplData = await cplResp.json();
+          if (cplData && cplData.ok && cplData.passed === false && Array.isArray(cplData.reasons)) {
+            implCouplingHits = cplData.reasons.slice(0, 6);
+          }
+        }
+      }
+    } catch (cplErr) {
+      // Validator unreachable is non-blocking — local gate still enforces cognition substance.
+      audit('impl-coupling-fetch-err', `${(cplErr?.message || String(cplErr)).slice(0, 200)}`);
+    }
+
+    // ── Substrate-bound Mizan + 8-lens validation via SDK ──────────────────
+    // Hamza directive 2026-04-28: the local Stop-gate above runs cognition
+    // substance + drift triggers + code-quality + discovery-binding, but
+    // never asks the substrate. validateOutput POSTs the assistant draft
+    // to /api/harness/validate (Mizan + 8-lens evaluator) and returns
+    // { passed, violations, severity, rewritten, gateTriggers }.
+    //
+    // severity:'block' from substrate joins the local violations, halts
+    // the emit. severity:'warn' surfaces as advisory text appended to the
+    // local violations list. SDK call failure is non-blocking — the gate
+    // degrades to local-only doctrine rather than failing closed (halting
+    // every emit when substrate is down would brick the orchestrator).
+    let substrateBlock = false;
+    let substrateViolations = [];
+    let substrateGateTriggers = [];
+    try {
+      const { HTTPHarnessClient } = await import('@aria/harness-http-client');
+      const tokenPath = `${HOME}/.aria/owner-token`;
+      // Tier-aware resolution: ARIA_HARNESS_TOKEN env first (both tiers).
+      // ONLY on owner tier, fall back to master/api-key env or owner-token
+      // file. Client tier with no ARIA_HARNESS_TOKEN skips substrate
+      // validation (gate degrades to local-only) rather than borrowing
+      // owner credentials.
+      let apiKey = process.env.ARIA_HARNESS_TOKEN || '';
+      if (!apiKey && isOwnerTier()) {
+        apiKey = process.env.ARIA_MASTER_TOKEN
+          || process.env.ARIA_API_KEY
+          || (existsSync(tokenPath) ? readFileSync(tokenPath, 'utf8').trim() : '');
+      }
+      if (apiKey && assistantText && assistantText.length > 0) {
+        const client = new HTTPHarnessClient({
+          baseUrl:
+            process.env.ARIA_HIVE_RUNTIME_URL ||
+            process.env.ARIA_HARNESS_BASE_URL ||
+            process.env.ARIA_HARNESS_URL ||
+            'https://harness.ariasos.com',
+          apiKey,
+        });
+        const v = await client.validateOutput(assistantText, sessionId);
+        if (v && v.severity === 'block') {
+          substrateBlock = true;
+          substrateViolations = v.violations || [];
+          substrateGateTriggers = v.gateTriggers || [];
+        } else if (v && v.severity === 'warn' && Array.isArray(v.violations) && v.violations.length > 0) {
+          // warn surfaced but not blocking — record for advisory inclusion
+          substrateViolations = v.violations;
+        }
+      }
+    } catch (err) {
+      // SDK call failure is non-blocking. Logged for telemetry.
+      console.warn(`[stop-gate] substrate validateOutput failed: ${err && err.message ? err.message : err}`);
+    }
+
+    const implCouplingBlock = implCouplingHits.length > 0;
+    if (mizanBlock || driftBlock || codeBlock || discoveryBlock || compelReflection || phaseReportMissing || substrateBlock || implCouplingBlock) {
+      const violations = [];
+      if (mizanBlock) violations.push(`Mizan: ${(mizanVerdict.violations || []).join(', ')}`);
+      if (implCouplingBlock) violations.push(`Cognition impl-coupling (#88): ${implCouplingHits.join(' | ')}. Each canonical lens in cognition must dictate a specific implementation choice (file_path:line_range pair tied to a decision). Re-emit cognition that names file paths + line ranges + decision text per lens, OR a verify/fixing block where lenses cite specific artifact changes.`);
+      if (compelReflection) violations.push(`Mizan severity=warn — compelled reflection required (per Aria enforcement #46). Triggers: ${(mizanVerdict.gateTriggers || mizanVerdict.violations || ['unspecified']).join(', ')}. Re-emit with an explicit <reflection>...</reflection> block (or 'reflection:' line) addressing what triggered the warn and why your re-draft handles it. Reflection is NOT lens-cognition repeated — it's a focused self-audit on the specific Mizan triggers above.`);
+      if (driftBlock) violations.push(`Drift triggers (${driftHits.length}): ${driftHits.map((h) => `"${h.trigger}" → ${h.memory}`).join(' | ')}`);
+      if (codeBlock) violations.push(`Code quality: ${codeQualityHits.join('; ')}`);
+      if (discoveryBlock) violations.push(`Discovery-binding ledger has ${ledgerOpenCount} OPEN discoveries (per ${docRef('feedback_no_flag_without_fix.md', 'atomic-discovery-rule')}, discoveries are atomic with their fixes — fix in the same turn or create a TaskCreate before continuing). Recent open: ${ledgerOpenSamples.map((s) => `"${s.slice(0, 80)}"`).join(' | ')}. Resolve each by either (a) fixing it inline in this turn, or (b) creating a TaskCreate with the discovery's full context (file path, line number, what's broken, why), then editing ${LEDGER_PATH} to set status=resolved.`);
+      if (phaseReportMissing) {
+        const phaseList = (activePlan?.phases || []).map((p) => `${p.id}:${p.summary?.slice(0, 60) || ''}`).join(' | ');
+        violations.push(`Aria-as-commander binding (#50): an active plan exists (planId=${activePlan?.planId || 'unknown'}, ${activePlan?.phases?.length || 0} phases) but this emit lacks a [PHASE_REPORT phase=<id> status=complete|in_progress|aborted evidence=<observable>] marker. Per the binding contract, every non-trivial emit while a plan is active must report which phase it's working on. Plan phases: ${phaseList}. Re-emit with a [PHASE_REPORT] marker stating which phase the work in this turn maps to.`);
+      }
+      if (substrateBlock) {
+        violations.push(`Substrate Mizan + 8-lens BLOCK — violations: [${substrateViolations.join('; ')}]. Substrate gate triggers: [${substrateGateTriggers.join(', ')}]. Re-draft addressing these substrate-side issues.`);
+      } else if (substrateViolations.length > 0) {
+        // warn-level surfaced as advisory, not block
+        violations.push(`Substrate Mizan WARN (advisory, not blocking): ${substrateViolations.join('; ')}`);
+      }
+      const rewritten = mizanVerdict?.rewritten || '';
+
+      // Hive recipe lookup BEFORE emitting the stop-gate block — same lookup
+      // semantics as aria-pre-tool-gate.mjs's binding-violation path. The
+      // detector_class is chosen by the dominant violation: drift triggers
+      // map to doctrine_violation, mizan to design_violation, code to
+      // coding_defect, discoveries to doctrine_violation. Lookup is
+      // fail-soft via 3s detection probe.
+      const recipeAddendum = await (async () => {
+        const detectorClass = driftBlock || discoveryBlock
+          ? 'doctrine_violation'
+          : codeBlock
+            ? 'coding_defect'
+            : (mizanBlock || substrateBlock || implCouplingBlock)
+              ? 'design_violation'
+              : 'doctrine_violation';
+        const sigParts = [];
+        if (driftBlock) sigParts.push(`drift::${driftHits.slice(0, 3).map((h) => h.trigger).join('|')}`);
+        if (mizanBlock) sigParts.push(`mizan::${(mizanVerdict.violations || []).slice(0, 3).join('|')}`);
+        if (codeBlock) sigParts.push(`code::${codeQualityHits.slice(0, 3).join('|')}`);
+        if (discoveryBlock) sigParts.push(`discovery::${ledgerOpenCount}-open`);
+        if (substrateBlock) sigParts.push(`substrate::${substrateViolations.slice(0, 3).join('|')}`);
+        if (implCouplingBlock) sigParts.push(`impl-coupling::${implCouplingHits.slice(0, 2).join('|')}`);
+        const signature = sigParts.join('::').slice(0, 512);
+        if (!signature) return '';
+
+        const ariaSoulUrl =
+          process.env.ARIA_HIVE_RUNTIME_URL ||
+          process.env.ARIA_SOUL_URL ||
+          process.env.ARIA_HARNESS_BASE_URL ||
+          process.env.ARIA_HARNESS_URL ||
+          'https://harness.ariasos.com';
+        const lookupUrl = new URL(`${ariaSoulUrl}/api/hive/block-pattern`);
+        lookupUrl.searchParams.set('action', 'lookup');
+        lookupUrl.searchParams.set('detector_class', detectorClass);
+        lookupUrl.searchParams.set('pattern_signature', signature);
+        const tenantId = event.session_id || '';
+        if (tenantId) lookupUrl.searchParams.set('tenant_id', tenantId);
+        const harnessToken = process.env.ARIA_HARNESS_TOKEN || (isOwnerTier() ? (process.env.ARIA_MASTER_TOKEN || process.env.ARIA_API_KEY || '') : '');
+
+        const ctl = new AbortController();
+        const probeTimer = setTimeout(() => ctl.abort(), 3000);
+        try {
+          const resp = await fetch(lookupUrl.toString(), {
+            method: 'GET',
+            headers: harnessToken ? { Authorization: `Bearer ${harnessToken}` } : {},
+            signal: ctl.signal,
+          });
+          if (!resp.ok) return '';
+          const body = await resp.json();
+          if (!body || body.found !== true) return '';
+          const recipe = body.recipe;
+          const freq = Number(body.frequency || 0);
+          if (recipe && typeof recipe === 'object' && Number(recipe.confidence ?? 0) >= 0.7) {
+            const text = typeof recipe.recipe_text === 'string' ? recipe.recipe_text.slice(0, 800) : '';
+            const actions = Array.isArray(recipe.recipe_actions) ? recipe.recipe_actions : [];
+            const actionsLine = actions.length
+              ? `\n  Actions: ${JSON.stringify(actions).slice(0, 600)}`
+              : '';
+            const conf = Number(recipe.confidence).toFixed(2);
+            const seenLine = freq > 0 ? ` (pattern seen ${freq}× across the hive)` : '';
+            return `\n\n📚 HIVE RECIPE${seenLine}:\n  ${text}${actionsLine}\n  Confidence: ${conf}. Apply this BEFORE re-emitting — the hive learned this fix from prior firings.`;
+          }
+          if (freq >= 3) {
+            const sr = (typeof body.success_rate === 'number')
+              ? ` Past resolution rate: ${(body.success_rate * 100).toFixed(0)}%.`
+              : '';
+            return `\n\n📓 Hive note: this stop-gate shape has fired ${freq} time(s); recipe still being learned (no high-confidence fix yet).${sr}`;
+          }
+          return '';
+        } catch {
+          return '';
+        } finally {
+          clearTimeout(probeTimer);
+        }
+      })();
+
+      const reason = `Aria Stop-gate output-quality block. Cognition passed (${cog.count}/${REQUIRED_LENSES}) but output failed quality gates:\n\n${violations.join('\n\n')}${rewritten ? `\n\nMizan rewrite suggestion:\n${rewritten}` : ''}\n\nRe-draft addressing the violations above. No process-level disable path — gates are unconditional from the gated process per Hamza directive 2026-04-27.${recipeAddendum}`;
+
+      audit(`block-output-qc`, `mizan=${mizanBlock?'y':'n'} warn-reflect=${compelReflection?'y':'n'} drift=${driftHits.length} code=${codeQualityHits.length} discoveries-open=${ledgerOpenCount} impl-coupling=${implCouplingHits.length}`);
+      emitHarnessFooter({
+        eventName: 'block_output_qc',
+        lensCount: cog.count,
+        chars: assistantText.length,
+        driftCount: driftHits.length,
+        mizanStatus: mizanVerdict ? mizanVerdict.severity : `unavailable(${mizanError || 'unknown'})`,
+        discoveryOpenCount: ledgerOpenCount,
+        codeCount: codeQualityHits.length,
+        implCouplingCount: implCouplingHits.length,
+      });
+      console.log(JSON.stringify({ decision: 'block', reason }));
+      process.exit(2);
+    }
+
+    audit('allow-output-qc',
+      `lenses=${cog.count} chars=${assistantText.length} drift=${driftHits.length} ` +
+      `mizan=${mizanVerdict ? mizanVerdict.severity : `unavailable(${mizanError || 'unknown'})`} ` +
+      `code=${codeQualityHits.length} discoveries-new=${newDiscoveries.length} ` +
+      `discoveries-open=${ledgerOpenCount}`);
+    emitHarnessFooter({
+      eventName: 'allow_output_qc',
+      lensCount: cog.count,
+      chars: assistantText.length,
+      driftCount: driftHits.length,
+      mizanStatus: mizanVerdict ? mizanVerdict.severity : `unavailable(${mizanError || 'unknown'})`,
+      discoveryOpenCount: ledgerOpenCount,
+      codeCount: codeQualityHits.length,
+      implCouplingCount: implCouplingHits.length,
+    });
+    // Phase 11 #42: write this turn to harness garden pulse on allow-output-qc path.
+    await fireGardenTurn(event.session_id || 'claude-code', lastUserMessage, assistantText);
+  } else {
+    audit('allow-cognition',
+      `lenses=${cog.count} chars=${assistantText.length} ` +
+      `qPatt=${hasQuestionToUser ? 'y' : 'n'} substrateEv=${hasSubstrateEvidence ? 'y' : 'n'} ` +
+      (questionWithoutEvidence ? 'WARN-question-without-substrate' : 'ok'));
+    emitHarnessFooter({
+      eventName: 'allow_cognition',
+      lensCount: cog.count,
+      chars: assistantText.length,
+      driftCount: 0,
+      mizanStatus: 'not-run(short-turn)',
+      discoveryOpenCount: 0,
+      codeCount: 0,
+      implCouplingCount: 0,
+    });
+    // Phase 11 #42: write this turn to harness garden pulse on allow-cognition path.
+    await fireGardenTurn(event.session_id || 'claude-code', lastUserMessage, assistantText);
+  }
+  process.exit(0);
+}
+
+// ── Dalio Loop Layer 1 — expected_outcome enforcement + ledger write ──────────
+//
+// BEFORE allowing the stop:
+//   1. Scan the assistant text for <expected>...</expected> block.
+//   2. Determine whether any non-trivial action (tool_use blocks in this turn)
+//      was taken. Detect via transcript tool_use blocks in the current turn.
+//   3. If a non-trivial action was taken AND <expected> is MISSING → BLOCK stop.
+//   4. Whether or not <expected> is present, POST a Dalio ledger entry to
+//      aria-soul /api/decisions with outcome:'pending'. Also write to the
+//      local JSONL mirror at ~/.claude/.aria-dalio-ledger.jsonl.
+//   5. If the POST fails: LOUD telemetry (console.error) + write local mirror
+//      anyway. Do NOT block stop on POST failure per
+//      feedback_canonical_secrets_governance.md LOUD-not-silent directive.
+//
+// Non-trivial action detection: look for tool_use content blocks in the
+// current-turn transcript entries (same backward-scan window used above).
+// Any Bash/Edit/Write/NotebookEdit tool_use counts as a non-trivial action.
+//
+// Substrate anchors: extracted from the cognition block body.
+
+const DALIO_EXPECTED_BLOCK_RX = /<expected>([\s\S]*?)<\/expected>/i;
+const DALIO_QUALITATIVE_DRIFT_RX = /\b(?:better(?:er)?|improved?(?:ment)?|more\s+robust|should\s+(?:work|pass|succeed|run|fix)|more\s+reliable|cleaner|less\s+error[-_\s]?prone|nicer|smoother|faster[-\s]?loading|higher[-\s]?quality|more\s+stable|looks\s+(?:good|better|right))\b/i;
+const DALIO_MEASURABLE_PREDICATE_RX = /(?:>=|<=|==|!=|>|<|≥|≤)\s*\d+(?:\.\d+)?(?:ms|s|%|kb|mb|gb)?|\d+(?:\.\d+)?%(?:\s+(?:reduction|increase|success|error|coverage))?|exit[_=]\s*(?:0|1|\d+)|exit[-_]?code\s*[=:]\s*\d+|\brc\s*[=:]\s*\d+|\bstatus\s*[=:]\s*(?:running|healthy|ready|degraded|down|up|ok|200|201|204|400|401|403|404|500|502|503|504|true|false)\b|\bcount\s*[=:]\s*\d+|\berror[_-]?rate\s*[=:]\s*0%|\b(?:true|false)\b|\bfile[=_-]exists\b|\b200\s*OK\b|\bno[-_\s]?error|\bhealthy\b|\bpassed?\b|N\s*of\s*N|\d+\s*of\s*\d+/i;
+const NON_TRIVIAL_ACTION_TOOLS = new Set(['Bash', 'Edit', 'Write', 'NotebookEdit']);
+
+// Detect non-trivial tool calls in the current turn from the transcript.
+let hadNonTrivialAction = false;
+let lastActionSummary = '';
+let immediateActual = '';
+if (transcriptPath && existsSync(transcriptPath)) {
+  try {
+    const lines = readFileSync(transcriptPath, 'utf-8').split('\n').filter(Boolean);
+    let userBoundariesSeen = 0;
+    for (let i = lines.length - 1; i >= 0 && userBoundariesSeen < 3; i--) {
+      try {
+        const m = JSON.parse(lines[i]);
+        const role = m.message?.role ?? m.role;
+        if (role === 'user') {
+          const content = m.message?.content ?? m.content ?? [];
+          const isToolResult = Array.isArray(content) &&
+            content.length > 0 &&
+            content.every((b) => b && b.type === 'tool_result');
+          if (isToolResult) {
+            // Capture the last tool_result content as immediate actual
+            if (!immediateActual) {
+              const textParts = content
+                .map((b) => (typeof b.content === 'string' ? b.content : Array.isArray(b.content) ? b.content.map((c) => c.text || '').join(' ') : ''))
+                .join(' ')
+                .slice(0, 500);
+              immediateActual = textParts;
+            }
+            continue;
+          }
+          userBoundariesSeen++;
+          continue;
+        }
+        if (role !== 'assistant') continue;
+        const content = m.message?.content ?? m.content ?? [];
+        if (!Array.isArray(content)) continue;
+        for (const block of content) {
+          if (block && block.type === 'tool_use' && NON_TRIVIAL_ACTION_TOOLS.has(block.name)) {
+            hadNonTrivialAction = true;
+            if (!lastActionSummary) {
+              const inp = block.input || {};
+              lastActionSummary = `${block.name}: ${(inp.command || inp.file_path || inp.notebook_path || JSON.stringify(inp)).slice(0, 200)}`;
+            }
+          }
+        }
+      } catch {/* skip malformed entry */}
+    }
+  } catch {/* transcript unreadable — conservative: assume non-trivial */}
+}
+
+// Extract substrate anchors from cognition
+const DALIO_ANCHOR_RX = /\b(axiom|frame|memory|doctrine|packet):[a-z0-9_\-./]+/gi;
+const dalioAnchors = [...(cog.names.length > 0 ? assistantText : '').matchAll(DALIO_ANCHOR_RX)]
+  .map((m) => m[0])
+  .slice(0, 20);
+
+// Read the expected block from this turn
+const dalioExpectedMatch = assistantText.match(DALIO_EXPECTED_BLOCK_RX);
+const dalioExpectedText = dalioExpectedMatch ? dalioExpectedMatch[1].trim() : '';
+const dalioHasMeasurablePredicate = dalioExpectedText
+  ? (DALIO_MEASURABLE_PREDICATE_RX.test(dalioExpectedText) && !DALIO_QUALITATIVE_DRIFT_RX.test(dalioExpectedText))
+  : false;
+
+// Block stop if non-trivial action taken AND expected block is missing
+if (hadNonTrivialAction && (!dalioExpectedMatch || !dalioHasMeasurablePredicate)) {
+  const missingReason = dalioExpectedMatch
+    ? `Aria Stop-gate: action taken in this turn had an <expected> block, but it contains only qualitative drift phrases without a measurable predicate. Qualitative drift is not accountability — it defeats the Dalio feedback loop.
+
+Your <expected> block must contain at least one measurable predicate:
+  • Numeric:      exit_code==0, count>=1, error_rate=0%, latency<200ms
+  • Boolean:      exit=0, status=healthy, rc=0, file=exists
+  • State-string: "status=running", "200 OK", "no_error"
+
+REJECTED phrases: "better", "improved", "should work", "more reliable", "cleaner"
+
+Re-emit with a corrected <expected> block. Per doctrine:dalio_expected_required — no bypass path.`
+    : `Aria Stop-gate: a non-trivial action (${lastActionSummary.slice(0, 120)}) was taken in this turn but no <expected> block was found in the assistant text.
+
+Per doctrine:dalio_expected_required, every non-trivial action must declare what measurable outcome it expects BEFORE the action fires. This is Dalio Loop Layer 1 — without it, outcome comparison is impossible and learning collapses.
+
+Add to your assistant text:
+
+<expected>
+  predicate: <exact measurable assertion — e.g. "exit_code==0", "status=running", "count=3 of 3">
+  measurable_type: numeric | boolean | state_string
+  threshold: <optional>
+  eval_window_minutes: <optional>
+</expected>
+
+No bypass — pre-tool-gate enforces this BEFORE the action; stop-gate enforces it AFTER. Both gates are now wired.`;
+
+  audit('block-dalio-expected-missing', `hadNonTrivialAction=${hadNonTrivialAction} expectedPresent=${!!dalioExpectedMatch} measurable=${dalioHasMeasurablePredicate}`);
+  emitHarnessFooter({
+    eventName: 'block_dalio_expected_missing',
+    lensCount: cog.count,
+    chars: assistantText.length,
+    driftCount: 0,
+    mizanStatus: 'not-run(expected-missing)',
+    discoveryOpenCount: 0,
+    codeCount: 0,
+    implCouplingCount: 0,
+  });
+  console.log(JSON.stringify({ decision: 'block', reason: missingReason }));
+  process.exit(2);
+}
+
+// Dalio ledger write — fire-and-forget HTTP POST + local JSONL mirror.
+// Per feedback_canonical_secrets_governance.md: errors are LOUD (console.error),
+// never silent. POST failure does NOT block stop — local mirror is always written.
+// Per feedback_no_timeouts_doctrine.md: no AbortController/setTimeout timeout.
+{
+  const DALIO_LEDGER_PATH = `${HOME}/.claude/.aria-dalio-ledger.jsonl`;
+  const ARIA_SOUL_DECISIONS_URL = 'http://aria-soul.aria.svc.cluster.local:8080/api/decisions';
+
+  const ledgerEntry = {
+    ts: new Date().toISOString(),
+    session_id: event.session_id || 'claude-code',
+    decision_type: 'turn_action',
+    category: 'agentic_execution',
+    context: lastActionSummary || `stop-gate turn (chars=${assistantText.length})`,
+    decision: lastActionSummary || 'turn completed',
+    reasoning: (cog.names.length > 0
+      ? `Cognition lenses applied: ${cog.names.join(', ')}. Turn-scoped cognition present.`
+      : 'No explicit cognition block in turn.'),
+    outcome: 'pending',
+    outcome_details: {
+      expected: dalioExpectedText || null,
+      immediate_actual: immediateActual || null,
+      anchors: dalioAnchors,
+    },
+    expected_outcome: dalioExpectedText
+      ? {
+          predicate: dalioExpectedText.slice(0, 500),
+          measurable_type: 'state_string',
+        }
+      : null,
+    source: 'claude-code-stop-gate',
+    model_used: 'claude-opus-4-7',
+  };
+
+  // Write to local JSONL mirror first — always succeeds or logs loudly
+  try {
+    if (!existsSync(dirname(DALIO_LEDGER_PATH))) mkdirSync(dirname(DALIO_LEDGER_PATH), { recursive: true });
+    appendFileSync(DALIO_LEDGER_PATH, JSON.stringify(ledgerEntry) + '\n');
+  } catch (ledgerWriteErr) {
+    console.error(
+      `[aria-stop-gate] DALIO LEDGER WRITE FAILED — local mirror at ${DALIO_LEDGER_PATH} not written. ` +
+      `Error: ${ledgerWriteErr instanceof Error ? ledgerWriteErr.message : String(ledgerWriteErr)}`,
+    );
+  }
+
+  // POST to aria-soul decision API — fire-and-forget, but LOUD on error
+  const dalioHarnessToken = process.env.ARIA_HARNESS_TOKEN
+    || (isOwnerTier() ? (process.env.ARIA_MASTER_TOKEN || process.env.ARIA_API_KEY || '') : '');
+
+  fetch(ARIA_SOUL_DECISIONS_URL, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      ...(dalioHarnessToken ? { Authorization: `Bearer ${dalioHarnessToken}` } : {}),
+    },
+    body: JSON.stringify(ledgerEntry),
+  }).then((resp) => {
+    if (!resp.ok) {
+      // LOUD telemetry per feedback_canonical_secrets_governance.md
+      console.error(
+        `[aria-stop-gate] DALIO POST FAILED — aria-soul responded HTTP ${resp.status}. ` +
+        `Local mirror written to ${DALIO_LEDGER_PATH}. Session: ${ledgerEntry.session_id}`,
+      );
+      audit('dalio-post-failed', `http=${resp.status} session=${ledgerEntry.session_id}`);
+    } else {
+      audit('dalio-post-ok', `session=${ledgerEntry.session_id} action=${lastActionSummary.slice(0, 80)}`);
+    }
+  }).catch((err) => {
+    // Network failure — LOUD, never silent
+    console.error(
+      `[aria-stop-gate] DALIO POST NETWORK ERROR — could not reach ${ARIA_SOUL_DECISIONS_URL}. ` +
+      `Local mirror written to ${DALIO_LEDGER_PATH}. Error: ${err instanceof Error ? err.message : String(err)}`,
+    );
+    audit('dalio-post-network-err', `err=${String(err).slice(0, 200)} session=${ledgerEntry.session_id}`);
+  });
+}
+
+// Block — non-trivial response without 4+ substantive lenses.
+const reason = `Aria Stop-gate: non-trivial assistant response without 4+ substantive cognition lenses. Found ${cog.count}/${REQUIRED_LENSES}+ (lenses: ${cog.names.join(', ') || 'none'}). Doctrine is action-coupled — text decisions ARE actions, and reflexive replies fail this gate the same way reflexive Bash does.
+
+Re-emit the response with substantive lens application BEFORE drafting. Each lens must have ≥${SUBSTANCE_MIN_CHARS} chars of non-placeholder content:
+
+<cognition>
+  ${LENS_NAMES[0]}: <what you actually see — specific to the decision, not a placeholder>
+  ${LENS_NAMES[1]}: <real risk read — what's out of proportion>
+  ${LENS_NAMES[2]}: <what principle applies — name the source>
+  ${LENS_NAMES[3]}: <deep structural read — go beneath the surface>
+  ${LENS_NAMES[4]}: <if-then chain — what follows from what>
+  ${LENS_NAMES[5]}: <distant connection — what's not obvious>
+  ${LENS_NAMES[6]}: <what just landed — what changed in this exchange>
+  ${LENS_NAMES[7]}: <what user actually needs — beneath the literal ask>
+</cognition>
+
+The block reflects work done BEFORE drafting. Don't emit it as ceremony; apply each lens as a thinking tool. Substance check defeats ritual emission.
+
+No per-command bypass (mirrors aria-pre-tool-gate.mjs v3 doctrine). No env-var disable path either — gates are unconditional from the gated process per Hamza directive 2026-04-27. If the gate misfires on legitimate cognition, fix the gate.`;
+
+audit(`block`, `lenses=${cog.count}/${REQUIRED_LENSES} chars=${assistantText.length}`);
+emitHarnessFooter({
+  eventName: 'block_lens_missing',
+  lensCount: cog.count,
+  chars: assistantText.length,
+  driftCount: 0,
+  mizanStatus: 'not-run(lens-missing)',
+  discoveryOpenCount: 0,
+  codeCount: 0,
+  implCouplingCount: 0,
+});
+console.log(JSON.stringify({ decision: 'block', reason }));
+process.exit(2);