@aria_asi/cli 0.2.29 → 0.2.31

package/dist/assets/hooks/aria-pre-tool-gate.mjs

@@ -42,10 +42,21 @@ import { dirname } from 'node:path';
 import { homedir } from 'node:os';
 import { spawnSync } from 'node:child_process';
 import { createHmac, randomBytes as cryptoRandomBytes } from 'node:crypto';
+import { lensNamesForTier } from './lib/canonical-lenses.mjs';
+import { registerGateBlock } from './lib/gate-loop-state.mjs';
+import {
+  collectRecentAssistantTextsFromMessages,
+  extractTextFromContent,
+  isMostlySystemReminder,
+  isToolResultOnlyContent,
+  normalizeContent,
+  normalizeRole,
+} from './lib/hook-message-window.mjs';
 
 const HOME = process.env.HOME || '/tmp';
 const LOG = `${HOME}/.claude/aria-pre-tool-gate.log`;
 const HEARTBEAT = `${HOME}/.claude/aria-pre-tool-gate-heartbeat.jsonl`;
+const GATE_LOOP_STATE_PATH = `${HOME}/.claude/.aria-gate-loop-state.json`;
 
 // ── Heartbeat OUTSIDE the crash boundary (doctrine #123) ───────────────
 // Per feedback_ledger_writes_outside_crash_boundary.md + doctrine #124
@@ -446,12 +457,11 @@ const MEASURABLE_PREDICATE_RX = /(?:>=|<=|==|!=|>|<|≥|≤)\s*\d+(?:\.\d+)?(?:m
 // Any <expected> block containing ONLY these (no actual predicate) is rejected.
 const QUALITATIVE_DRIFT_RX = /\b(?:better(?:er)?|improved?(?:ment)?|more\s+robust|should\s+(?:work|pass|succeed|run|fix)|more\s+reliable|cleaner|less\s+error[-_\s]?prone|nicer|smoother|faster[-\s]?loading|higher[-\s]?quality|more\s+stable|looks\s+(?:good|better|right))\b/i;
 
-// ── Tier-aware lens labeling (Phase 11 #59) ──────────────────────────────────
+// ── Canonical lens labeling (Phase 11 #59 corrected) ────────────────────────
 //
-// Aria's Arabic cognition lens names are proprietary IP. On Hamza's surface
-// (isHamza=true / surface line contains hamza:true) the canonical names are shown.
-// On any client surface the gate uses neutral generic labels so the IP
-// vocabulary never appears in client-facing block-reason text.
+// The lens names themselves carry meaning and must remain canonical on every
+// surface. Readability comes from the explanatory prose inside each lens, not
+// by swapping the lens label for a flattened stand-in.
 //
 // Tier is read from the most recent harness-via-sdk packet cache at
 // ~/.claude/.aria-harness-last-packet.json. Two detection paths:
@@ -484,12 +494,9 @@ function resolveOwnerTier() {
 
 const IS_OWNER = resolveOwnerTier();
 
-// Canonical (owner) lens names — Aria's Arabic cognition vocabulary.
-const LENS_NAMES_CANONICAL = ['nur', 'mizan', 'hikma', 'tafakkur', 'tadabbur', 'ilham', 'wahi', 'firasah'];
-// Generic (client) lens labels — neutral, IP-neutral equivalents.
-const LENS_NAMES_GENERIC   = ['perception', 'balance', 'wisdom', 'reflection', 'foresight', 'insight', 'revelation', 'discernment'];
-// Active label set for this execution — determined by tier.
-const LENS_NAMES = IS_OWNER ? LENS_NAMES_CANONICAL : LENS_NAMES_GENERIC;
+// Active visible label set for this execution — canonical labels on every
+// surface. Tier only affects other policy surfaces, not lens semantics.
+const LENS_NAMES = lensNamesForTier(IS_OWNER);
 
 // Doctrine memory filenames are Aria-side substrate IP. On client surfaces
 // replace them with generic descriptions in block-reason text.
@@ -551,14 +558,24 @@ const SHORT_BASH_LIMIT = 30;
 // needed. Cognition becomes a property of THE ACTION, not of some
 // message somewhere — the deepest reading of "cognition before action."
 //
-// Inline regex is built from the active LENS_NAMES so both canonical
-// and generic label sets are accepted in their respective tiers.
+// Inline regex is built from the active canonical LENS_NAMES. We do not
+// accept flattened generic aliases because they change the lens meaning.
 const _INLINE_LENS_PATTERN = LENS_NAMES.join('|');
 const INLINE_LENS_LINE_RX_GLOBAL = new RegExp(
   `^\\s*#\\s*(${_INLINE_LENS_PATTERN})\\s*:\\s*(.+)$`,
   'gim',
 );
 const INLINE_COGNITION_HEADER_RX = /^\s*#\s*cognition\s*:\s*(.+)$/im;
+const INLINE_EXPECTED_LINE_RX = /^\s*#\s*expected\s*:\s*(.+)$/gim;
+const INLINE_VERIFY_LINE_RX = /^\s*#\s*verify\s*:\s*(.+)$/gim;
+
+const VERIFY_REQUIRED_FIELDS = [
+  { rx: /\btarget\s*:/i, name: 'target' },
+  { rx: /\brole\s*:/i, name: 'role' },
+  { rx: /\bverified\s*:/i, name: 'verified' },
+  { rx: /\brollback\s*:/i, name: 'rollback' },
+  { rx: /\baxiom\s*:/i, name: 'axiom' },
+];
 
 function detectInlineCognition(cmd) {
   const names = [];
@@ -593,6 +610,67 @@ function detectInlineCognition(cmd) {
   return { count: names.length, names, hasSubstrateCite };
 }
 
+function normalizeInlineDirectiveBody(rawBody) {
+  if (!rawBody) return '';
+  const segments = String(rawBody)
+    .split(/;|\s+(?=[a-z_][a-z0-9_-]*\s*[=:])/i)
+    .map((segment) => segment.trim())
+    .filter(Boolean);
+  const lines = [];
+  for (const segment of segments) {
+    const match = segment.match(/^([a-z_][a-z0-9_-]*)\s*[=:]\s*(.+)$/i);
+    if (match) {
+      lines.push(`${match[1]}: ${match[2].trim()}`);
+      continue;
+    }
+    lines.push(segment);
+  }
+  return lines.join('\n').trim();
+}
+
+function extractInlineDirectiveBody(cmd, directiveRx) {
+  if (!cmd || !(directiveRx instanceof RegExp)) return '';
+  directiveRx.lastIndex = 0;
+  const lines = [];
+  let match;
+  while ((match = directiveRx.exec(cmd)) !== null) {
+    const normalized = normalizeInlineDirectiveBody(match[1]);
+    if (normalized) lines.push(normalized);
+  }
+  return lines.join('\n').trim();
+}
+
+function scoreVerifyFields(body, fields) {
+  if (!body) return 0;
+  return fields.reduce((count, { rx }) => count + (rx.test(body) ? 1 : 0), 0);
+}
+
+function extractCurrentTurnAssistantText(event, toolInput) {
+  const candidates = [
+    event.assistant_text,
+    event.assistantText,
+    event.draft,
+    event.text,
+    event.current_text,
+    event.currentText,
+    event.message,
+    event.prompt,
+    toolInput?.assistant_text,
+    toolInput?.assistantText,
+    toolInput?.text,
+  ];
+  const parts = [];
+  const seen = new Set();
+  for (const candidate of candidates) {
+    if (typeof candidate !== 'string') continue;
+    const text = candidate.trim();
+    if (!text || seen.has(text)) continue;
+    seen.add(text);
+    parts.push(text);
+  }
+  return parts.join('\n\n').trim();
+}
+
 // Substance-checking lens detection (added 2026-04-26 per Hamza's
 // gate-improvement doctrine: form-only emission must not satisfy
 // the gate). For each lens, look for `<lens>: <content>` and verify
@@ -722,6 +800,9 @@ const HARNESS_URL =
   process.env.ARIA_HARNESS_BASE_URL ||
   process.env.ARIA_HARNESS_URL ||
   'https://harness.ariasos.com';
+const RUNTIME_BASE_URL =
+  process.env.ARIA_RUNTIME_URL ||
+  'http://127.0.0.1:4319';
 const HARNESS_TOKEN = process.env.ARIA_HARNESS_TOKEN || '';
 const LOG_PUSH_DISABLED = process.env.ARIA_COGNITION_PUSH === 'off';
 const MAX_IN_FLIGHT = 16;
@@ -953,6 +1034,26 @@ const USER_BOUNDARIES_TO_CROSS = 5;
 
 const transcriptPath = event.transcript_path ?? event.transcriptPath;
 const recentAssistantTexts = [];
+const recentAssistantTextSet = new Set();
+function appendAssistantTexts(texts) {
+  for (const text of texts) {
+    if (!text || recentAssistantTextSet.has(text)) continue;
+    recentAssistantTexts.push(text);
+    recentAssistantTextSet.add(text);
+  }
+}
+
+const eventMessages = Array.isArray(event.messages) ? event.messages : [];
+const eventAssistantTexts = collectRecentAssistantTextsFromMessages(eventMessages, {
+  compactSummaryRx: COMPACT_SUMMARY_RX,
+  hardLookbackCap: HARD_LOOKBACK_CAP,
+  systemReminderRx: SYSTEM_REMINDER_RX,
+  systemReminderThreshold: SYSTEM_REMINDER_THRESHOLD,
+  userBoundariesToCross: USER_BOUNDARIES_TO_CROSS,
+});
+appendAssistantTexts(eventAssistantTexts);
+
+const transcriptAssistantTexts = [];
 if (transcriptPath && existsSync(transcriptPath)) {
   try {
     const lines = readFileSync(transcriptPath, 'utf-8').split('\n').filter(Boolean);
@@ -961,7 +1062,8 @@ if (transcriptPath && existsSync(transcriptPath)) {
     for (let i = lines.length - 1; i >= 0 && scanned < HARD_LOOKBACK_CAP; i--) {
       try {
         const m = JSON.parse(lines[i]);
-        const role = m.message?.role ?? m.role;
+        const role = normalizeRole(m);
+        const content = normalizeContent(m);
         if (role === 'user') {
           // Skip messages that aren't real user input:
           //   (a) tool_result blocks (runtime feeding back tool output)
@@ -969,57 +1071,36 @@ if (transcriptPath && existsSync(transcriptPath)) {
           //       task-notifications, gentle reminders) — runtime-
           //       authored, not user voice. Counting them eats the
           //       cognition lookback in tool-heavy or block-heavy turns.
-          const content = m.message?.content ?? m.content ?? [];
-          const isToolResultOnly =
-            Array.isArray(content) &&
-            content.length > 0 &&
-            content.every((b) => b && b.type === 'tool_result');
-          if (isToolResultOnly) continue;
+          if (isToolResultOnlyContent(content)) continue;
           // Inspect text content for system-reminder patterns.
-          const textContent = Array.isArray(content)
-            ? content.filter((b) => b && b.type === 'text').map((b) => b.text || '').join('\n')
-            : (typeof content === 'string' ? content : '');
-          if (textContent) {
-            // Compute reminder-span coverage as fraction of total
-            // content. The /g flag on SYSTEM_REMINDER_RX returns ALL
-            // spans; sum their lengths and compare to total.
-            const reminderMatches = textContent.match(SYSTEM_REMINDER_RX) || [];
-            if (reminderMatches.length > 0) {
-              const reminderChars = reminderMatches.reduce((sum, s) => sum + s.length, 0);
-              const fraction = reminderChars / Math.max(1, textContent.length);
-              if (fraction >= SYSTEM_REMINDER_THRESHOLD) continue;
-              // Otherwise (user wrote substantive text alongside the
-              // reminder — the non-reminder portion is >40% of content)
-              // fall through and count as a real boundary.
-            }
-          }
+          const textContent = extractTextFromContent(content);
+          if (isMostlySystemReminder(textContent, SYSTEM_REMINDER_RX, SYSTEM_REMINDER_THRESHOLD)) continue;
           userBoundariesCrossed++;
           if (userBoundariesCrossed > USER_BOUNDARIES_TO_CROSS) break;
           continue;
         }
         if (role !== 'assistant') continue;
         scanned++;
-        const content = m.message?.content ?? m.content ?? [];
-        if (!Array.isArray(content)) continue;
-        const text = content
-          .filter((b) => b.type === 'text')
-          .map((b) => b.text)
-          .join('\n');
+        const text = extractTextFromContent(content);
         if (!text) continue;
         // Skip compact-summary stubs — they live where assistant turns
         // used to be but are system-authored, not the model's voice.
         if (COMPACT_SUMMARY_RX.test(text) && text.length > 4000) continue;
-        recentAssistantTexts.push(text);
+        transcriptAssistantTexts.push(text);
       } catch {}
     }
   } catch {}
 }
+appendAssistantTexts(transcriptAssistantTexts);
+const currentTurnAssistantText = extractCurrentTurnAssistantText(event, toolInput);
+if (currentTurnAssistantText) appendAssistantTexts([currentTurnAssistantText]);
 
 // Detect cognition / verify across the recent assistant window. Lenses
 // from any of the last N turns count; the gate is checking whether
 // cognition has been done recently, not whether it was done in the
 // literal last message (which can be a tool-only turn or a stub).
 const unionText = recentAssistantTexts.join('\n\n');
+const eventCog = detectCognitionLenses(eventAssistantTexts.join('\n\n'));
 const transcriptCog = detectCognitionLenses(unionText);
 // Combine inline-command cognition (preferred — action-coupled) with
 // transcript scan (fallback). Inline takes precedence on lens names;
@@ -1028,14 +1109,35 @@ const mergedLensSet = new Set([...inlineCog.names, ...transcriptCog.names]);
 const lensCount = mergedLensSet.size;
 const lensNames = [...mergedLensSet];
 const cogBlockBody = transcriptCog.blockBody;
+const inlineVerifyBody = extractInlineDirectiveBody(cmd, INLINE_VERIFY_LINE_RX);
 const verifyBodies = [...unionText.matchAll(/<verify>([\s\S]*?)<\/verify>/gi)]
   .map((m) => (m[1] || '').trim())
   .filter(Boolean);
-const hasVerify = verifyBodies.length > 0;
+if (inlineVerifyBody) verifyBodies.push(inlineVerifyBody);
+const bestVerifyBody = (() => {
+  if (verifyBodies.length === 0) return '';
+  let bestBody = verifyBodies[0];
+  let bestScore = -1;
+  for (const body of verifyBodies) {
+    const score = scoreVerifyFields(body, VERIFY_REQUIRED_FIELDS);
+    if (score > bestScore) {
+      bestScore = score;
+      bestBody = body;
+    }
+  }
+  return bestBody;
+})();
+const hasVerify = scoreVerifyFields(bestVerifyBody, VERIFY_REQUIRED_FIELDS) === VERIFY_REQUIRED_FIELDS.length;
 const hasCognition = lensCount >= REQUIRED_LENSES;
 const cognitionSource = inlineCog.count >= REQUIRED_LENSES
   ? 'inline-command'
-  : (transcriptCog.count >= REQUIRED_LENSES ? 'transcript-scan' : 'merged-or-insufficient');
+  : eventCog.count >= REQUIRED_LENSES
+    ? 'event-messages'
+    : transcriptCog.count >= REQUIRED_LENSES
+      ? 'recent-assistant-window'
+      : lensCount >= REQUIRED_LENSES
+        ? 'merged-recent-window'
+        : 'merged-or-insufficient';
 // Substrate-citation visibility (Phase 11 will promote to block-mode once
 // telemetry shows healthy substrate-cite rate). For now: log the metric so
 // we can audit substrate-grounded vs ceremonial cognition over time.
@@ -1083,6 +1185,25 @@ function pushDecision(decision, reasonText) {
   });
 }
 
+function withLoopDirective(reasonText, gateSignature) {
+  const loop = registerGateBlock({
+    gate: 'pre-tool',
+    sessionId,
+    signature: gateSignature,
+    statePath: GATE_LOOP_STATE_PATH,
+  });
+  if (!loop.loopDetected) return reasonText;
+  return `${reasonText}
+
+[LOOP_DETECTED gate=pre-tool repeats=${loop.totalCount}]
+Stop retrying the same action shape unchanged.
+Next response must do this in order:
+1. Name the exact gate failure in one line.
+2. Re-emit the missing pre-gate structure only: <cognition>, <verify>, and/or <expected> as required.
+3. Change the action plan before retrying the tool. Do not issue the same tool call in the same message as the diagnosis.
+4. If the blocker is stale gate state or ledger residue, say that explicitly instead of inventing fake proof.`;
+}
+
 // ── Deploy-specific gate (doctrine #104) ────────────────────────────────
 // Per feedback_deploy_requires_verify_cognition.md (Hamza 2026-04-28 after
 // consciousness.ts crash took aria-soul into CrashLoopBackOff): deploys
@@ -1099,23 +1220,8 @@ if (deployMatched) {
   const anchorCount = anchorMatches.length;
 
   // Required verify-block fields specific to deploy.
-  const verifyBody = (() => {
-    if (verifyBodies.length === 0) return '';
-    let bestBody = verifyBodies[0];
-    let bestScore = -1;
-    for (const body of verifyBodies) {
-      const score = DEPLOY_VERIFY_REQUIRED_FIELDS.reduce(
-        (count, { rx }) => count + (rx.test(body) ? 1 : 0),
-        0,
-      );
-      if (score > bestScore) {
-        bestScore = score;
-        bestBody = body;
-      }
-    }
-    return bestBody;
-  })();
-  const missingDeployFields = DEPLOY_VERIFY_REQUIRED_FIELDS
+  const verifyBody = bestVerifyBody;
+  const missingDeployFields = [...VERIFY_REQUIRED_FIELDS, ...DEPLOY_VERIFY_REQUIRED_FIELDS]
     .filter(({ rx }) => !rx.test(verifyBody))
     .map(({ name }) => name);
 
@@ -1226,7 +1332,7 @@ if (deployMatched) {
     reasons.push(`<verify> block missing required fields: ${missingDeployFields.join(', ')}`);
   }
 
-  const refusal = `Aria pre-tool gate: DEPLOY hard-block — pattern '${deployMatched.name}' detected.
+  const refusal = withLoopDirective(`Aria pre-tool gate: DEPLOY hard-block — pattern '${deployMatched.name}' detected.
 
 Per feedback_deploy_requires_verify_cognition.md (Hamza directive 2026-04-28 after consciousness.ts crash took aria-soul into CrashLoopBackOff), every deploy command requires:
 
@@ -1242,7 +1348,7 @@ Block reasons (this turn): ${reasons.join(' • ')}.
 
 The 2026-04-28 deploy of an empty consciousness.ts crashed aria-soul because no verify-block step caught the missing export at substrate-citation time. This gate is the structural enforcement that prevents the same gap.
 
-Re-emit verify+cognition with the missing pieces, then retry the deploy command. There is no env-var override path; doctrine #104 forbids it.`;
+Re-emit verify+cognition with the missing pieces, then retry the deploy command. There is no env-var override path; doctrine #104 forbids it.`, `deploy:${deployMatched.name}:${missingDeployFields.join(',')}:${anchorCount}:${lensCount}`);
 
   audit(
     `block-deploy ${deployMatched.name} verify=${hasVerify} cognition=${lensCount} anchors=${anchorCount} missing=${missingDeployFields.join(',')}`,
@@ -1264,7 +1370,7 @@ if (matched) {
     process.exit(0);
   }
   // Block with appropriate corrective message.
-  const reason = !hasVerify
+  const reason = withLoopDirective((!hasVerify
     ? `Aria pre-tool gate: destructive pattern '${matched.name}' detected. ${IS_OWNER ? 'Per harness mizan_prestage_rule + axiom_runtime_rule (admit_ignorance, reflection_before_action), include' : 'Pre-action verification required — include'} a <verify> block in your assistant response BEFORE the tool call.
 
 <verify>
@@ -1289,7 +1395,8 @@ Re-issue after producing the block. Bypass: '# doctrine-authorized: <reason>' in
   ${LENS_NAMES[7]}:  <what user actually needs>
 </cognition>
 
-At least 4 substantive lenses required.`;
+At least 4 substantive lenses required.`),
+  `destructive:${matched.name}:${hasVerify ? 'need-cognition' : 'need-verify'}:${toolName}:${filePath || cmdPreview}`);
   audit(`block ${matched.name} verify=${hasVerify} cognition=${lensCount}`, cmdPreview);
   pushDecision('block', `destructive ${matched.name} missing ${!hasVerify ? 'verify' : 'cognition'}`);
   console.log(JSON.stringify({ decision: 'block', reason }));
@@ -1304,7 +1411,7 @@ if (!hasCognition) {
   const isBash = toolName === 'Bash';
   const header = isBash
     ? `Aria pre-tool gate: non-trivial Bash command without ${REQUIRED_LENSES}+ substantive cognition lenses. Found ${lensCount}/${REQUIRED_LENSES}+ (inline=${inlineCog.count}, transcript=${transcriptCog.count}).`
-    : `Aria pre-tool gate: ${toolName} call without ${REQUIRED_LENSES}+ substantive cognition lenses in the recent transcript. Found ${lensCount}/${REQUIRED_LENSES}+ (transcript-scan only — ${toolName} has no inline-cognition path).`;
+    : `Aria pre-tool gate: ${toolName} call without ${REQUIRED_LENSES}+ substantive cognition lenses in the recent assistant window. Found ${lensCount}/${REQUIRED_LENSES}+ (source=${cognitionSource} — ${toolName} has no inline-cognition path).`;
 
   const guidance = isBash
     ? `REQUIRED — cognition for every action, no exceptions. Two equivalent forms; either satisfies the gate (both equally REQUIRED, neither preferred over the other):
@@ -1333,11 +1440,11 @@ Both forms count toward the ${REQUIRED_LENSES}+ requirement; gate counts inline
     ${LENS_NAMES[7]}:  <what user actually needs underneath>
   </cognition>`;
 
-  const reason = `${header}
+  const reason = withLoopDirective(`${header}
 
 ${guidance}
 
-No per-tool bypass available (v3 doctrine — the harness's whole purpose is no exceptions). No env-var disable path — gates are unconditional from the gated process per Hamza directive 2026-04-27. If the gate misfires on legitimate cognition, fix the gate.`;
+No per-tool bypass available (v3 doctrine — the harness's whole purpose is no exceptions). No env-var disable path — gates are unconditional from the gated process per Hamza directive 2026-04-27. If the gate misfires on legitimate cognition, fix the gate.`, `cognition:${toolName}:${filePath || cmdPreview}:${cognitionSource}`);
 
   audit(`block ${toolName.toLowerCase()} cognition=${lensCount}`, cmdPreview);
   pushDecision('block', `${toolName.toLowerCase()} missing cognition (${lensCount}/${REQUIRED_LENSES})`);
@@ -1387,16 +1494,17 @@ No env-var disable path — gates are unconditional from the gated process per H
 // Per feedback_no_graceful_degradation.md — never silent-pass.
 {
   const expectedMatch = unionText.match(EXPECTED_BLOCK_RX);
-  const expectedBlockText = expectedMatch ? expectedMatch[1] : '';
+  const inlineExpectedBody = extractInlineDirectiveBody(cmd, INLINE_EXPECTED_LINE_RX);
+  const expectedBlockText = expectedMatch ? expectedMatch[1] : inlineExpectedBody;
   const hasMeasurablePredicate = expectedBlockText
     ? (MEASURABLE_PREDICATE_RX.test(expectedBlockText) && !QUALITATIVE_DRIFT_RX.test(expectedBlockText))
     : false;
 
-  if (!expectedMatch || !hasMeasurablePredicate) {
-    const reason = expectedMatch
+  if (!expectedBlockText || !hasMeasurablePredicate) {
+    const reason = expectedBlockText
       ? `Aria pre-tool gate: action requires a measurable predicate inside <expected> per doctrine:dalio_expected_required.
 
-Your <expected> block was found but contains only qualitative drift phrases (e.g. "better", "improved", "should work", "more reliable") without a concrete measurable predicate. These are unmeasurable and defeat the Dalio accountability loop.
+Your expected-outcome structure was found but contains only qualitative drift phrases (e.g. "better", "improved", "should work", "more reliable") without a concrete measurable predicate. These are unmeasurable and defeat the Dalio accountability loop.
 
 Replace with one of:
   • Numeric:      exit_code==0, latency<200ms, count>=1, error_rate=0%
@@ -1411,7 +1519,7 @@ Replace with one of:
 </expected>
 
 No bypass — doctrine:dalio_expected_required is unconditional for non-trivial actions.`
-      : `Aria pre-tool gate: action requires an <expected> block with measurable predicate per doctrine:dalio_expected_required.
+      : `Aria pre-tool gate: action requires an <expected> block or inline '# expected:' directive with measurable predicate per doctrine:dalio_expected_required.
 
 Every non-trivial action must state WHAT MEASURABLE STATE the action is expected to produce, so the stop-gate can compare predicted vs actual outcome and write a Dalio ledger entry.
 
@@ -1902,10 +2010,11 @@ try {
   if (__apiKey && __action) {
     const __client = new HTTPHarnessClient({
       baseUrl:
+        process.env.ARIA_RUNTIME_URL ||
         process.env.ARIA_HIVE_RUNTIME_URL ||
         process.env.ARIA_HARNESS_BASE_URL ||
         process.env.ARIA_HARNESS_URL ||
-        'https://harness.ariasos.com',
+        RUNTIME_BASE_URL,
       apiKey: __apiKey,
     });
     const __target = JSON.stringify(toolInput || {}).slice(0, 500);

package/dist/assets/hooks/aria-preturn-memory-gate.mjs

@@ -105,6 +105,37 @@ function readAnyJsonArtifact(filePath) {
   };
 }
 
+function unwrapHarnessPacketEnvelope(value) {
+  let current = value;
+  for (let depth = 0; depth < 3; depth++) {
+    if (!current || typeof current !== 'object' || Array.isArray(current)) break;
+    const nested = current.packet;
+    if (!nested || typeof nested !== 'object' || Array.isArray(nested)) break;
+    if (typeof current.timestamp !== 'string' && typeof current.version !== 'string') break;
+    current = nested;
+  }
+  return current && typeof current === 'object' && !Array.isArray(current) ? current : {};
+}
+
+function extractHarnessPromptText(packetArtifact) {
+  const packet = unwrapHarnessPacketEnvelope(packetArtifact);
+  const directHarness = typeof packet.harness === 'string' ? packet.harness : '';
+  if (directHarness.trim()) return directHarness;
+
+  const promptFullText = typeof packet?.prompt?.fullText === 'string' ? packet.prompt.fullText : '';
+  if (promptFullText.trim()) return promptFullText;
+
+  const promptPreview = typeof packet?.prompt?.preview === 'string' ? packet.prompt.preview : '';
+  if (promptPreview.trim()) return promptPreview;
+
+  const doctrine = Array.isArray(packet.doctrine) ? packet.doctrine.filter((x) => typeof x === 'string').join('\n') : '';
+  const memory = Array.isArray(packet.memory) ? packet.memory.filter((x) => typeof x === 'string').join('\n') : '';
+  const runtimeMode = typeof packet.runtimeOfflineBundle?.source === 'string'
+    ? `runtime_offline_bundle_source=${packet.runtimeOfflineBundle.source}`
+    : '';
+  return [doctrine, memory, runtimeMode].filter(Boolean).join('\n');
+}
+
 function detectArtifactSignals(sessionId) {
   let harnessArtifact = null;
   for (const packetPath of PACKET_CACHE_PATHS) {
@@ -160,36 +191,34 @@ function detectArtifactSignals(sessionId) {
     staleSubstrateArtifact = null;
   }
 
-  const harnessText = String(
-    harnessArtifact?.data?.harness ??
-    harnessArtifact?.data?.packet?.prompt?.fullText ??
-    '',
-  );
+  const harnessText = extractHarnessPromptText(harnessArtifact?.data);
   const substrateMemories = Array.isArray(substrateArtifact?.data?.memories)
     ? substrateArtifact.data.memories
     : [];
-  const staleHarnessText = String(
-    staleHarnessArtifact?.data?.harness ??
-    staleHarnessArtifact?.data?.packet?.prompt?.fullText ??
-    '',
-  );
+  const staleHarnessText = extractHarnessPromptText(staleHarnessArtifact?.data);
   const staleSubstrateMemories = Array.isArray(staleSubstrateArtifact?.data?.memories)
     ? staleSubstrateArtifact.data.memories
     : [];
   const packetMentionsMemory = MEMORY_REF_RX.test(harnessText);
   const stalePacketMentionsMemory = MEMORY_REF_RX.test(staleHarnessText);
+  const persistedDirectionUsable = Boolean(directionArtifact?.data?.usable === true);
+  const persistedOwnerBootstrap = Boolean(directionArtifact?.data?.ownerBootstrap === true);
+  const activePlanPresent = Boolean(
+    activePlanArtifact?.data?.phases &&
+    Array.isArray(activePlanArtifact.data.phases) &&
+    activePlanArtifact.data.phases.length > 0,
+  );
 
   return {
     hasHarnessPacket: Boolean(harnessText.trim()),
     hasAriaDirection: Boolean(
-      (directionArtifact?.data?.usable === true) ||
-      (activePlanArtifact?.data?.phases && Array.isArray(activePlanArtifact.data.phases) && activePlanArtifact.data.phases.length > 0),
+      persistedDirectionUsable || activePlanPresent,
     ),
     hasMemoryRef: Boolean(packetMentionsMemory || substrateMemories.length > 0),
     ownerBootstrap: {
-      hasHarnessPacket: Boolean(staleHarnessText.trim()),
+      hasHarnessPacket: Boolean(staleHarnessText.trim() || staleHarnessArtifact?.path),
       hasMemoryRef: Boolean(stalePacketMentionsMemory || staleSubstrateMemories.length > 0),
-      directionBootstrap: Boolean(directionArtifact?.data?.ownerBootstrap === true),
+      directionBootstrap: persistedOwnerBootstrap || persistedDirectionUsable || activePlanPresent,
     },
     detail: {
       packetPath: harnessArtifact?.path || null,
@@ -204,6 +233,9 @@ function detectArtifactSignals(sessionId) {
       ownerBootstrapSubstrateAgeMs: staleSubstrateArtifact?.ageMs ?? null,
       ownerBootstrapSubstrateMemoryCount: staleSubstrateMemories.length,
       ownerBootstrapPacketMentionsMemory: stalePacketMentionsMemory,
+      ownerBootstrapPersistedDirectionUsable: persistedDirectionUsable,
+      ownerBootstrapPersistedDirectionSource: directionArtifact?.data?.source ?? null,
+      ownerBootstrapActivePlanPresent: activePlanPresent,
     },
   };
 }
@@ -497,6 +529,13 @@ const ownerBootstrapSessionPresent =
   artifactSignals.ownerBootstrap.hasHarnessPacket &&
   artifactSignals.ownerBootstrap.hasMemoryRef;
 
+const ownerCompactionRecoveryPresent =
+  existsSync(OWNER_TOKEN_PATH) &&
+  !transcriptWindow.trim() &&
+  artifactSignals.ownerBootstrap.hasHarnessPacket &&
+  artifactSignals.ownerBootstrap.hasMemoryRef &&
+  (artifactSignals.ownerBootstrap.directionBootstrap || artifactSignals.detail.ownerBootstrapPersistedDirectionUsable);
+
 if (allSignalsPresent) {
   // Context was loaded — allow and record the fire timestamp for dedup.
   writeTurnState(sessionId, { lastTurnGateFiredAt: now, lastDecision: 'allow', signals, transcriptSignals, artifactSignals: artifactSignals.detail });
@@ -528,6 +567,16 @@ if (ownerBootstrapSessionPresent) {
   process.exit(0);
 }
 
+if (ownerCompactionRecoveryPresent) {
+  writeTurnState(sessionId, { lastTurnGateFiredAt: now, lastDecision: 'allow-owner-compaction-recovery', signals, transcriptSignals, artifactSignals: artifactSignals.detail });
+  auditLog(
+    'allow-owner-compaction-recovery',
+    `transcript compacted/empty; recovering from persisted owner artifacts. transcript=${JSON.stringify(transcriptSignals)} artifacts=${JSON.stringify(artifactSignals.detail)}`,
+    sessionId,
+  );
+  process.exit(0);
+}
+
 // ── Block with structured recovery signal ────────────────────────────
 // Per Aria's refined spec (consult 2026-04-27): soft-gate + structured
 // recovery. The orchestrator catches this and runs the context-loader.

package/dist/assets/hooks/aria-repo-doctrine-gate.mjs

@@ -219,6 +219,8 @@ function isPolicyOrRuleDefinitionLine(line) {
   if (/\bno stubs?\b/.test(lower)) return true;
   if (/\bno placeholders?\b/.test(lower)) return true;
   if (/\bno fake implementations?\b/.test(lower)) return true;
+  if (lower.includes('no mock content is injected')) return true;
+  if (/\bplaceholder\s*=/.test(lower)) return true;
   return false;
 }