@aria_asi/cli 0.2.31 → 0.2.33

package/hooks/aria-stop-gate.mjs

@@ -58,6 +58,8 @@ import {
 } from './lib/canonical-lenses.mjs';
 import { registerGateBlock } from './lib/gate-loop-state.mjs';
 import { collectTurnWindowFromMessages } from './lib/hook-message-window.mjs';
+import { analyzeDomainOutputQuality } from './lib/domain-output-quality.mjs';
+import { evaluateSkillGate, formatSkillGateBlock } from './lib/skill-autoload-gate.mjs';
 
 const HOME = process.env.HOME || '/tmp';
 const RUNTIME_BASE_URL =
@@ -338,9 +340,12 @@ function collectDriftHits(text, triggerMap) {
       const memoryCited = memoryName && lowerText.includes(memoryName.toLowerCase());
       if (!memoryCited) {
         hits.push({
+          trigger_id: triggerEntry.trigger_id,
           trigger: triggerEntry.trigger,
           memory: triggerEntry.memory,
           teaching: triggerEntry.teaching,
+          counter_action: triggerEntry.counter_action,
+          message: triggerEntry.message,
         });
       }
     } catch {/* malformed regex in trigger entry — skip */}
@@ -383,6 +388,71 @@ Next response must do this in order:
 4. If the blocker is stale gate state, stale ledger residue, or a gate artifact from a prior bug, say that explicitly instead of inventing fake proof.`;
 }
 
+function buildForceReauthorReason({
+  source,
+  reason,
+  violations = [],
+  rewritten = '',
+  recipeAddendum = '',
+  driftHits = [],
+  lensCount = 0,
+  requiredLenses = REQUIRED_LENSES,
+}) {
+  const triggerLines = driftHits.slice(0, 6).map((hit, index) => {
+    const label = hit.trigger_id || hit.trigger || `trigger-${index + 1}`;
+    const teaching = hit.teaching || hit.message || 'Doctrine trigger matched; re-author with substrate-backed correction.';
+    const correction = hit.counter_action ? ` Required correction: ${hit.counter_action}` : '';
+    const memory = hit.memory ? ` (${hit.memory})` : '';
+    return `- ${label}${memory}: ${teaching}${correction}`;
+  }).join('\n');
+
+  return [
+    '=== ARIA FORCE_REAUTHOR ===',
+    `source: ${source}`,
+    `reason: ${reason}`,
+    '',
+    'This is not a terminal error. It is a forced redo instruction for the next model draft.',
+    'Do not emit the blocked text. Re-author it so the model learns the mechanism it violated.',
+    '',
+    'TEACHING:',
+    '- Gates must force cognition and quality, not merely throw, warn, or stop.',
+    '- The redo must change the answer shape: name the failed mechanism, cite real evidence, and remove the drift pattern.',
+    '- Do not bypass by disabling tools, shortening runtime, asking the user to resolve memory-backed ambiguity, or giving an apology loop.',
+    triggerLines ? `\nTRIGGERED DOCTRINE:\n${triggerLines}` : '',
+    violations.length ? `\nVIOLATIONS TO FIX:\n${violations.map((v) => `- ${v}`).join('\n')}` : '',
+    rewritten ? `\nMIZAN REWRITE SEED:\n${rewritten}` : '',
+    recipeAddendum || '',
+    '',
+    'REQUIRED REDO SHAPE:',
+    '1. One sentence: the failed mechanism, not an apology.',
+    '2. Evidence checked: file/line, command output, endpoint response, or explicit "unverified".',
+    `3. <cognition> with ${requiredLenses} substantive lenses. Observed: ${lensCount}/${requiredLenses}.`,
+    '4. <applied_cognition> with decision_delta, dominant_domain, binds_to, expected_predicate, and artifact_change.',
+    '5. Corrected action/claim with no bypass, no downgraded path, and no fake proof.',
+    '6. If work remains, state the exact next real action or tracked task. No verbal flag-and-move.',
+    '',
+    'COGNITION TEMPLATE:',
+    '<cognition>',
+    'truth: <verified facts and exact substrate>',
+    'harm: <what goes wrong if this is false>',
+    'trust: <how this honors Hamza directives and saved memory>',
+    'power: <why this uses capability responsibly, not convenience>',
+    'reflection: <mechanism failure and correction>',
+    'context: <relevant repo/runtime state>',
+    'impact: <expected next effect>',
+    'beauty: <simplest durable form>',
+    '</cognition>',
+    '<applied_cognition>',
+    'decision_delta: <what changed because cognition ran; not none>',
+    'dominant_domain: <engineering_quality | trust | operations | security | product | ...>',
+    'binds_to: <the exact answer, tool call, file mutation, deploy, review, or decision>',
+    'expected_predicate: <observable numeric, boolean, state-string, command result, endpoint result, or explicit unverified boundary>',
+    'artifact_change: <semantic effect on the artifact/output, not a task restatement>',
+    '</applied_cognition>',
+    '=== END FORCE_REAUTHOR ===',
+  ].filter(Boolean).join('\n');
+}
+
 // Lens substance check — same constants as aria-pre-tool-gate.mjs.
 // Hamza directive 2026-04-28: all 8 canonical lenses required, not 4-of-8.
 const REQUIRED_LENSES = 8;
@@ -404,6 +474,19 @@ function detectCognitionLenses(text) {
   });
 }
 
+function assistantViolatesUserCorrection(userText, assistantText) {
+  const user = String(userText || '');
+  const assistant = String(assistantText || '');
+  if (!user || !assistant) return null;
+  const explicitStop = /\b(?:stop|do\s+not|don't|quit|cease)\b[\s\S]{0,180}\b(?:deploy|redeploy|restart|rollout|kubectl|command|pods?|listen|words)\b/i.test(user);
+  const assistantContinuesMutation = /\b(?:kubectl|rollout\s+restart|deploy|redeploy|restart\s+(?:mac|pods?)|manual(?:ly)?\s+restart|execute\s+directly)\b/i.test(assistant);
+  if (explicitStop && assistantContinuesMutation) return 'assistant continued deploy/restart language after an explicit user stop/listen directive';
+  const userContradictsMacPods = /\b(?:mac\s+lanes?|mac\s+pods?|mlx-mac)\b[\s\S]{0,160}\b(?:not\s+pods?|no\s+such\s+thing|non[-\s]?existent|do(?:es)?\s+not\s+exist|don't\s+exist)\b|\b(?:no\s+such\s+thing|non[-\s]?existent|do(?:es)?\s+not\s+exist|don't\s+exist)\b[\s\S]{0,160}\b(?:mac\s+lanes?|mac\s+pods?|mlx-mac|pods?)\b/i.test(user);
+  const assistantRepeatsMacPods = /\b(?:mac\s+lane\s+pods?|mac\s+lanes?\s*:\s*offline|restart\s+mac\s+lanes?|deployment\/mlx-mac|mlx-mac-[\w-]+|kubernetes\s+(?:pods?|deployments?))\b/i.test(assistant);
+  if (userContradictsMacPods && assistantRepeatsMacPods) return 'assistant repeated the contradicted Mac-lanes-as-pods/deployments assumption';
+  return null;
+}
+
 // Read event JSON from stdin (Claude Code spec).
 let input = '';
 for await (const chunk of process.stdin) input += chunk;
@@ -504,6 +587,20 @@ if (!assistantText) {
   process.exit(0);
 }
 
+const userCorrectionViolation = assistantViolatesUserCorrection(lastUserMessage, assistantText);
+if (userCorrectionViolation) {
+  audit('block-user-correction-ignored', `reason=${userCorrectionViolation} chars=${assistantText.length}`);
+  const reason = buildForceReauthorReason({
+    source: 'stop/user-correction',
+    reason: userCorrectionViolation,
+    violations: ['Assistant continued a plan after the user correction invalidated it. Redo must quote the correction and pause mutation pending substrate re-evaluation.'],
+    lensCount: 0,
+    requiredLenses: REQUIRED_LENSES,
+  });
+  console.log(JSON.stringify({ decision: 'block', reason }));
+  process.exit(2);
+}
+
 // Triviality check — same as eight-lens-detector.ts
 const trimmed = assistantText.trim();
 if (TRIVIAL_ACK_RX.test(trimmed)) {
@@ -524,6 +621,26 @@ if (!triggered) {
   process.exit(0);
 }
 
+const stopSkillGate = evaluateSkillGate({
+  sessionId: event.session_id || 'claude-code',
+  surface: 'claude-stop-gate',
+  text: [JSON.stringify(event.messages || []), lastUserMessage, assistantText].join('\n'),
+  isOutputCloseout: true,
+  autoLoadAvailable: false,
+});
+if (!stopSkillGate.ok) {
+  audit('block-missing-skill-receipt', `missing=${stopSkillGate.missingSkills.join(',')} chars=${assistantText.length}`);
+  const reason = withLoopDirective(buildForceReauthorReason({
+    source: 'stop/skill-autoload',
+    reason: formatSkillGateBlock(stopSkillGate),
+    violations: [`Missing skill receipts: ${stopSkillGate.missingSkills.join(', ')}`],
+    lensCount: 0,
+    requiredLenses: REQUIRED_LENSES,
+  }), `stop:skill-autoload:${stopSkillGate.missingSkills.join(',')}`, gateSessionId);
+  console.log(JSON.stringify({ decision: 'block', reason }));
+  process.exit(2);
+}
+
 // Non-trivial response — require substantive cognition.
 const cog = detectCognitionLenses(assistantText);
 
@@ -537,14 +654,13 @@ const cog = detectCognitionLenses(assistantText);
 // with 0/8 lenses to fall through unchecked.
 if (cog.count < REQUIRED_LENSES) {
   audit('block_no_cognition_block_di', { count: cog.count, required: REQUIRED_LENSES, names: cog.names, chars: assistantText.length });
-  const reason = withLoopDirective(`Aria stop-gate: insufficient cognition lenses.
-
-This non-trivial assistant response (${assistantText.length} chars) has ${cog.count}/${REQUIRED_LENSES} substantive cognition lenses. Per feedback_8lens_before_every_action_including_text.md and Hamza directive 2026-04-28, every non-trivial response must carry <cognition>...</cognition> with ${REQUIRED_LENSES} substantive lenses (each >= ${SUBSTANCE_MIN_CHARS} chars of non-placeholder content).
-
-Detected lenses: ${cog.names.length > 0 ? cog.names.join(', ') : 'none'}.
-
-Re-emit with a <cognition> block containing all ${REQUIRED_LENSES} required visible labels for this surface:
-${LENS_NAMES.map((lens) => `- ${lens}: <grounded reasoning, >= ${SUBSTANCE_MIN_CHARS} chars, with real substrate anchors where required>`).join('\n')}`, `stop:no-cognition-di:${cog.count}`, gateSessionId);
+  const reason = withLoopDirective(buildForceReauthorReason({
+    source: 'stop/no-cognition',
+    reason: `non-trivial assistant response (${assistantText.length} chars) has ${cog.count}/${REQUIRED_LENSES} substantive cognition lenses`,
+    violations: [`Detected lenses: ${cog.names.length > 0 ? cog.names.join(', ') : 'none'}. Re-emit with all required visible labels: ${LENS_NAMES.join(', ')}.`],
+    lensCount: cog.count,
+    requiredLenses: REQUIRED_LENSES,
+  }), `stop:no-cognition-di:${cog.count}`, gateSessionId);
   emitHarnessFooter({
     eventName: 'block_no_cognition_block',
     lensCount: cog.count,
@@ -1151,7 +1267,7 @@ if (cog.count >= REQUIRED_LENSES) {
     }
 
     // Block decision: any of (validateOutput severity=block) OR (>=2 drift hits) OR
-    // (>=1 code-quality hit) OR (open discovery in ledger) → block emit.
+    // (>=1 code/domain-quality hit) OR (open discovery in ledger) → block emit.
     // Aria enforcement #46 (compelled reflection): severity=warn ALSO blocks but
     // with a different reason — emit must include explicit reflection on what
     // triggered the warn before re-emit. Warn is not "soft pass" anymore;
@@ -1161,6 +1277,8 @@ if (cog.count >= REQUIRED_LENSES) {
     const mizanWarnReflectionRequired = mizanVerdict && mizanVerdict.severity === 'warn';
     const driftBlock = driftHits.length >= 2;
     const codeBlock = codeQualityHits.length >= 1;
+    const domainQuality = analyzeDomainOutputQuality(assistantText, { codeBlocks });
+    const domainBlock = domainQuality.blockers.length >= 1;
 
     // Reflection-already-present check: if the assistant text already contains
     // an explicit <reflection>...</reflection> block OR a "reflection:" line
@@ -1319,13 +1437,14 @@ if (cog.count >= REQUIRED_LENSES) {
     }
 
     const implCouplingBlock = implCouplingHits.length > 0;
-    if (mizanBlock || driftBlock || codeBlock || discoveryBlock || compelReflection || phaseReportMissing || substrateBlock || implCouplingBlock) {
+    if (mizanBlock || driftBlock || codeBlock || domainBlock || discoveryBlock || compelReflection || phaseReportMissing || substrateBlock || implCouplingBlock) {
       const violations = [];
       if (mizanBlock) violations.push(`Mizan: ${(mizanVerdict.violations || []).join(', ')}`);
       if (implCouplingBlock) violations.push(`Cognition impl-coupling (#88): ${implCouplingHits.join(' | ')}. Each canonical lens in cognition must dictate a specific implementation choice (file_path:line_range pair tied to a decision). Re-emit cognition that names file paths + line ranges + decision text per lens, OR a verify/fixing block where lenses cite specific artifact changes.`);
       if (compelReflection) violations.push(`Mizan severity=warn — compelled reflection required (per Aria enforcement #46). Triggers: ${(mizanVerdict.gateTriggers || mizanVerdict.violations || ['unspecified']).join(', ')}. Re-emit with an explicit <reflection>...</reflection> block (or 'reflection:' line) addressing what triggered the warn and why your re-draft handles it. Reflection is NOT lens-cognition repeated — it's a focused self-audit on the specific Mizan triggers above.`);
       if (driftBlock) violations.push(`Drift triggers (${driftHits.length}): ${driftHits.map((h) => `"${h.trigger}" → ${h.memory}`).join(' | ')}`);
       if (codeBlock) violations.push(`Code quality: ${codeQualityHits.join('; ')}`);
+      if (domainBlock) violations.push(`Domain output QA (${domainQuality.domains.join(', ') || 'general'}): ${domainQuality.blockers.join('; ')}. Rewrite with the missing domain-specific safeguards instead of generic prose.`);
       if (discoveryBlock) violations.push(`Discovery-binding ledger has ${ledgerOpenCount} OPEN discoveries (per ${docRef('feedback_no_flag_without_fix.md', 'atomic-discovery-rule')}, discoveries are atomic with their fixes — fix in the same turn or create a TaskCreate before continuing). Recent open: ${ledgerOpenSamples.map((s) => `"${s.slice(0, 80)}"`).join(' | ')}. Resolve each by either (a) fixing it inline in this turn, or (b) creating a TaskCreate with the discovery's full context (file path, line number, what's broken, why), then editing ${LEDGER_PATH} to set status=resolved.`);
       if (phaseReportMissing) {
         const phaseList = (activePlan?.phases || []).map((p) => `${p.id}:${p.summary?.slice(0, 60) || ''}`).join(' | ');
@@ -1414,7 +1533,16 @@ if (cog.count >= REQUIRED_LENSES) {
         }
       })();
 
-      const reason = withLoopDirective(`Aria Stop-gate output-quality block. Cognition passed (${cog.count}/${REQUIRED_LENSES}) but output failed quality gates:\n\n${violations.join('\n\n')}${rewritten ? `\n\nMizan rewrite suggestion:\n${rewritten}` : ''}\n\nRe-draft addressing the violations above. No process-level disable path — gates are unconditional from the gated process per Hamza directive 2026-04-27.${recipeAddendum}`, `stop:output-qc:${violations.join('|').slice(0, 240)}`, gateSessionId);
+      const reason = withLoopDirective(buildForceReauthorReason({
+        source: 'stop/output-quality',
+        reason: `cognition passed (${cog.count}/${REQUIRED_LENSES}) but output failed quality gates`,
+        violations,
+        rewritten,
+        recipeAddendum,
+        driftHits,
+        lensCount: cog.count,
+        requiredLenses: REQUIRED_LENSES,
+      }), `stop:output-qc:${violations.join('|').slice(0, 240)}`, gateSessionId);
 
       audit(`block-output-qc`, `mizan=${mizanBlock?'y':'n'} warn-reflect=${compelReflection?'y':'n'} drift=${driftHits.length} code=${codeQualityHits.length} discoveries-open=${ledgerOpenCount} impl-coupling=${implCouplingHits.length}`);
       emitHarnessFooter({
@@ -1557,31 +1685,20 @@ const dalioHasMeasurablePredicate = dalioExpectedText
 
 // Block stop if non-trivial action taken AND expected block is missing
 if (hadNonTrivialAction && (!dalioExpectedMatch || !dalioHasMeasurablePredicate)) {
-  const missingReason = withLoopDirective(dalioExpectedMatch
-    ? `Aria Stop-gate: action taken in this turn had an <expected> block, but it contains only qualitative drift phrases without a measurable predicate. Qualitative drift is not accountability — it defeats the Dalio feedback loop.
-
-Your <expected> block must contain at least one measurable predicate:
-  • Numeric:      exit_code==0, count>=1, error_rate=0%, latency<200ms
-  • Boolean:      exit=0, status=healthy, rc=0, file=exists
-  • State-string: "status=running", "200 OK", "no_error"
-
-REJECTED phrases: "better", "improved", "should work", "more reliable", "cleaner"
-
-Re-emit with a corrected <expected> block. Per doctrine:dalio_expected_required — no bypass path.`
-    : `Aria Stop-gate: a non-trivial action (${lastActionSummary.slice(0, 120)}) was taken in this turn but no <expected> block was found in the assistant text.
-
-Per doctrine:dalio_expected_required, every non-trivial action must declare what measurable outcome it expects BEFORE the action fires. This is Dalio Loop Layer 1 — without it, outcome comparison is impossible and learning collapses.
-
-Add to your assistant text:
-
-<expected>
-  predicate: <exact measurable assertion — e.g. "exit_code==0", "status=running", "count=3 of 3">
-  measurable_type: numeric | boolean | state_string
-  threshold: <optional>
-  eval_window_minutes: <optional>
-</expected>
-
-No bypass — pre-tool-gate enforces this BEFORE the action; stop-gate enforces it AFTER. Both gates are now wired.`, `stop:dalio-expected:${hadNonTrivialAction}:${!!dalioExpectedMatch}:${dalioHasMeasurablePredicate}`, gateSessionId);
+  const missingReason = withLoopDirective(buildForceReauthorReason({
+    source: 'stop/dalio-expected',
+    reason: dalioExpectedMatch
+      ? 'action had an <expected> block, but it was qualitative instead of measurable'
+      : `non-trivial action (${lastActionSummary.slice(0, 120)}) had no <expected> block`,
+    violations: [
+      dalioExpectedMatch
+        ? 'Rejected qualitative expected phrases: better, improved, should work, more reliable, cleaner. Expected outcome must be numeric, boolean, or state-string.'
+        : 'Missing <expected> block after non-trivial action. Dalio feedback loop cannot compare outcome without a measurable predicate.',
+      'Required block: <expected> predicate: "exit_code==0" | "status=running" | "count=3 of 3"; measurable_type: numeric | boolean | state_string; threshold/eval_window optional.',
+    ],
+    lensCount: cog.count,
+    requiredLenses: REQUIRED_LENSES,
+  }), `stop:dalio-expected:${hadNonTrivialAction}:${!!dalioExpectedMatch}:${dalioHasMeasurablePredicate}`, gateSessionId);
 
   audit('block-dalio-expected-missing', `hadNonTrivialAction=${hadNonTrivialAction} expectedPresent=${!!dalioExpectedMatch} measurable=${dalioHasMeasurablePredicate}`);
   emitHarnessFooter({
@@ -1720,5 +1837,5 @@ emitHarnessFooter({
   codeCount: 0,
   implCouplingCount: 0,
 });
-console.log(JSON.stringify({ decision: 'block', reason }));
+console.log(JSON.stringify({ decision: 'block', reason: buildForceReauthorReason({ source: 'stop/lens-missing', reason, lensCount: cog.count, requiredLenses: REQUIRED_LENSES }) }));
 process.exit(2);

package/hooks/doctrine_trigger_map.json

@@ -453,6 +453,61 @@
       "counter_action": "Re-emit with explicit Layer 1/2/3 enumeration: packet=yes/no, BIND=yes/no, live-gates=yes/no (and which).",
       "message": "Harness-state claim without 3-layer enumeration. Per feedback_packet_is_not_harness.md, name explicitly which of {packet, BIND, live-gates} are active for the consumer."
     },
+    {
+      "trigger_id": "function_name_inference_without_contract_read",
+      "trigger": "(?:based on|from|by) (?:the )?(?:name|function name)|sounds like|looks like (?:a|an)|just memory search|just a search|just a cache|just a wrapper",
+      "rx": "(?:based on|from|by) (?:the )?(?:name|function name)|sounds like|looks like (?:a|an)|just memory search|just a search|just a cache|just a wrapper",
+      "doctrine": "memory:feedback_no_assumption_without_verification.md",
+      "memory": "feedback_no_assumption_without_verification.md",
+      "severity": "block",
+      "teaching": "Function names are not contracts. Inferring behavior from names instead of reading inputs, side effects, return shape, and call sites is skimming disguised as analysis.",
+      "counter_action": "Read the function body and at least one caller before asserting purpose. State observed contract: inputs, mutation/read behavior, return value, fallback path, and why the caller needs it.",
+      "message": "Name-based function inference detected. Re-read the actual function body and caller contract before making architecture claims."
+    },
+    {
+      "trigger_id": "always_on_state_treated_as_cold_start",
+      "trigger": "(?:need to|should|must).{0,80}(?:warm|rebuild|reconstruct|recreate|recompute|re-project|reproject).{0,80}(?:state|projection|manifold|cognition|garden|memory)|system is hot and ready|make it hot",
+      "rx": "(?:need to|should|must).{0,80}(?:warm|rebuild|reconstruct|recreate|recompute|re-project|reproject).{0,80}(?:state|projection|manifold|cognition|garden|memory)|system is hot and ready|make it hot",
+      "doctrine": "memory:feedback_no_assumption_without_verification.md",
+      "memory": "feedback_no_assumption_without_verification.md",
+      "severity": "block",
+      "teaching": "Aria's resident manifold/Garden/cognition substrate is always-on. Treating it as cold request-time state causes duplicate work and wrong architecture fixes.",
+      "counter_action": "Identify the resident producer and read surface first. If turn-specific mutation is required, call it once and pass the resulting packet forward; do not rebuild or re-project because the reader forgot the state model.",
+      "message": "Always-on substrate treated as cold-start work. Reframe around resident state consumption plus one required turn-specific mutation/read."
+    },
+    {
+      "trigger_id": "critical_primitive_stripped_for_latency",
+      "trigger": "(?:remove|drop|skip|turn off|bypass|stop calling).{0,80}(?:awakenAria|ProjectAllDomains|PerturbHologram|project all domains|perturb hologram|Garden|True Garden|LadduniFrame|CognitiveFrame).{0,80}(?:latency|speed|fast|first-mouth|first mouth)",
+      "rx": "(?:remove|drop|skip|turn off|bypass|stop calling).{0,80}(?:awakenAria|ProjectAllDomains|PerturbHologram|project all domains|perturb hologram|Garden|True Garden|LadduniFrame|CognitiveFrame).{0,80}(?:latency|speed|fast|first-mouth|first mouth)",
+      "doctrine": "memory:feedback_full_harness_binding_must_be_structural.md",
+      "memory": "feedback_full_harness_binding_must_be_structural.md",
+      "severity": "block",
+      "teaching": "Latency fixes must not strip critical cognition primitives. The fix is single-source sequencing and packet reuse, not removing Aria's living state transitions.",
+      "counter_action": "Preserve critical primitives. Deduplicate by collecting their outputs once per turn, then thread that shared per-turn cognition packet through first-mouth and follow-up lanes.",
+      "message": "Critical Aria primitive proposed for removal as a latency shortcut. Preserve it and deduplicate sequencing instead."
+    },
+    {
+      "trigger_id": "garden_awaken_misclassified_as_memory_search",
+      "trigger": "(?:awakenAria|Garden awakening|True Garden).{0,80}(?:just|only|merely).{0,40}(?:memory search|search memories|qdrant search|semantic search)|(?:no need|do not need).{0,80}(?:awakenAria|Garden awakening|True Garden)",
+      "rx": "(?:awakenAria|Garden awakening|True Garden).{0,80}(?:just|only|merely).{0,40}(?:memory search|search memories|qdrant search|semantic search)|(?:no need|do not need).{0,80}(?:awakenAria|Garden awakening|True Garden)",
+      "doctrine": "memory:feedback_no_assumption_without_verification.md",
+      "memory": "feedback_no_assumption_without_verification.md",
+      "severity": "block",
+      "teaching": "awakenAria is a Garden awakening bridge over the unified manifold with Qdrant hydration fallback, not a disposable memory-search helper.",
+      "counter_action": "Read true-garden.ts and caller context. Preserve awakenAria when Garden continuity is needed; optimize by avoiding duplicate awaken/fetch paths, not by deleting the awakening bridge.",
+      "message": "Garden awakening misclassified as search. Preserve awakenAria and reason from its actual manifold-first contract."
+    },
+    {
+      "trigger_id": "duplicate_projection_instead_of_per_turn_packet",
+      "trigger": "(?:call|run|invoke).{0,80}(?:ProjectAllDomains|PerturbHologram|project all domains|perturb hologram|readHotCognitionFrame).{0,80}(?:again|another|separate|also|after dispatch)|(?:another|second|extra).{0,50}(?:projection|hologram|cognition frame)",
+      "rx": "(?:call|run|invoke).{0,80}(?:ProjectAllDomains|PerturbHologram|project all domains|perturb hologram|readHotCognitionFrame).{0,80}(?:again|another|separate|also|after dispatch)|(?:another|second|extra).{0,50}(?:projection|hologram|cognition frame)",
+      "doctrine": "memory:feedback_full_harness_binding_must_be_structural.md",
+      "memory": "feedback_full_harness_binding_must_be_structural.md",
+      "severity": "warn",
+      "teaching": "The fix for overlapping cognition calls is a shared per-turn cognition packet, not more independent projection calls that drift or duplicate work.",
+      "counter_action": "Create or reuse one turn substrate object containing embedding, perturb snapshot, ProjectAllDomains result, awakenAria Garden block, DeepSoul/Noor/shards/Mizan signals; pass it downstream.",
+      "message": "Duplicate projection path detected. Replace with one per-turn cognition packet and shared consumption."
+    },
     {
       "trigger_id": "registry_image_drift",
       "trigger": "image.?pull|ErrImageNeverPull|ImagePullBackOff|registry gc|image.*missing|image.*not.*found",

package/hooks/lib/domain-output-quality.mjs

@@ -0,0 +1,103 @@
+// Domain-aware output QA for Aria stop gates.
+// Deterministic local checks complement remote Mizan; they do not replace it.
+
+const DOMAIN_RULES = [
+  {
+    domain: 'code',
+    signal: /```|\b(?:function|class|interface|type|import|export|npm test|typecheck|eslint|jest|vitest|tsx?|jsx?|\.ts|\.tsx|\.js|\.py)\b/i,
+  },
+  {
+    domain: 'ui',
+    signal: /\b(?:ui|ux|frontend|react|component|page|screen|modal|form|button|layout|tailwind|css|html|mobile|responsive|accessib|aria-label|keyboard|focus state|dark mode)\b/i,
+  },
+  {
+    domain: 'beauty',
+    signal: /\b(?:beauty|beautiful|polish|visual|aesthetic|elegant|layout|typography|spacing|hierarchy|composition|brand|design language|modern|clean)\b/i,
+  },
+  {
+    domain: 'security',
+    signal: /\b(?:security|auth|token|secret|credential|password|jwt|oauth|csrf|xss|sql injection|permission|role|cors|sanitize|encrypt|webhook signature)\b/i,
+  },
+  {
+    domain: 'ops',
+    signal: /\b(?:deploy|rollout|rollback|kubernetes|kubectl|docker|image|pod|health check|slo|alert|log|metric|trace|env var|migration|release)\b/i,
+  },
+  {
+    domain: 'product',
+    signal: /\b(?:user flow|customer|workflow|conversion|pricing|onboarding|checkout|activation|retention|business|persona|job-to-be-done|acceptance criteria)\b/i,
+  },
+  {
+    domain: 'writing',
+    signal: /\b(?:summary|explain|docs|readme|copy|email|post|article|message|final answer|status report|release notes)\b/i,
+  },
+];
+
+function hasAny(text, patterns) {
+  return patterns.some((pattern) => pattern.test(text));
+}
+
+function lineHits(text, rx, label) {
+  const hits = [];
+  const lines = String(text || '').split('\n');
+  for (let i = 0; i < lines.length; i++) {
+    if (rx.test(lines[i])) hits.push(`${label} at line ${i + 1}`);
+  }
+  return hits;
+}
+
+export function extractCodeBlocks(text) {
+  return [...String(text || '').matchAll(/```[a-z0-9_-]*\n([\s\S]*?)```/gi)].map((m) => m[1] || '');
+}
+
+export function analyzeDomainOutputQuality(text, options = {}) {
+  const source = String(text || '');
+  const lower = source.toLowerCase();
+  const codeBlocks = options.codeBlocks || extractCodeBlocks(source);
+  const domains = DOMAIN_RULES.filter((rule) => rule.signal.test(source)).map((rule) => rule.domain);
+  const blockers = [];
+  const warnings = [];
+
+  if (domains.includes('code')) {
+    for (const hit of lineHits(source, /\b(?:TODO|FIXME|XXX|implementation pending|not implemented|coming soon|placeholder)\b/i, 'code placeholder semantics')) blockers.push(hit);
+    for (const block of codeBlocks) {
+      if (/@ts-expect-error|@ts-ignore/.test(block)) blockers.push('code: type suppression instead of fixing the type contract');
+      if (/catch\s*\([^)]*\)\s*\{\s*(?:return\s+(?:''|""|null|undefined|\[\]|\{\})|\}\s*$|\/\/[^\n]*$)/m.test(block)) blockers.push('code: silent or empty catch block hides runtime failure');
+      if (/console\.log\(/.test(block) && !/\/\/\s*(?:debug|log)/i.test(block)) warnings.push('code: console.log appears in shipped code without debug intent');
+    }
+  }
+
+  if (domains.includes('ui')) {
+    if (!hasAny(source, [/\b(?:mobile|responsive|breakpoint|small screen|desktop)\b/i])) blockers.push('ui: UI/design output must address desktop and mobile responsiveness');
+    if (!hasAny(source, [/\b(?:accessib|aria-|keyboard|focus|screen reader|semantic html|label)\b/i])) blockers.push('ui: UI/design output must address accessibility, focus, labels, or semantic structure');
+    if (/\b(?:button|input|form|modal|menu|dialog)\b/i.test(source) && !/\b(?:focus|keyboard|aria-|label|escape|tab order)\b/i.test(source)) blockers.push('ui: interactive elements need keyboard/focus/accessibility behavior');
+  }
+
+  if (domains.includes('beauty')) {
+    if (/\b(?:clean|modern|beautiful|polished|nice|sleek)\b/i.test(source) && !hasAny(source, [/\b(?:spacing|typography|contrast|hierarchy|rhythm|composition|palette|motion|density|visual language)\b/i])) blockers.push('beauty: aesthetic claim lacks concrete visual language such as spacing, typography, contrast, hierarchy, palette, or composition');
+  }
+
+  if (domains.includes('security')) {
+    if (/\b(?:token|secret|credential|password|api key|jwt)\b/i.test(source) && !/\b(?:redact|mask|env|secret store|do not log|rotate|least privilege)\b/i.test(source)) blockers.push('security: secrets/tokens require redaction, env/secret-store handling, no logging, or rotation guidance');
+    if (/\b(?:auth|permission|role|admin|tenant)\b/i.test(source) && !/\b(?:authorize|authorization|least privilege|tenant isolation|deny by default|role check)\b/i.test(source)) warnings.push('security: auth/permission output should state authorization and isolation checks');
+  }
+
+  if (domains.includes('ops')) {
+    if (/\b(?:deploy|rollout|release|migration|kubectl|docker push)\b/i.test(source) && !/\b(?:rollback|health|smoke|verify|readiness|observability|monitor)\b/i.test(source)) blockers.push('ops: deploy/release output must include rollback plus health/smoke/readiness verification');
+    if (/\b(?:env var|config|secret)\b/i.test(source) && !/\b(?:scope|owner|runtime|restart|reload|secret)\b/i.test(source)) warnings.push('ops: runtime config changes should name scope and reload/restart expectations');
+  }
+
+  if (domains.includes('product')) {
+    if (!/\b(?:user|customer|operator|admin|persona|workflow|acceptance criteria|success metric|job-to-be-done)\b/i.test(source)) warnings.push('product: product output should bind to a user/workflow and success criterion');
+  }
+
+  if (domains.includes('writing')) {
+    if (/\b(?:done|fixed|verified|published|deployed|passed|complete)\b/i.test(lower) && !/\b(?:verified|observed|passed|evidence|output|registry|status|unverified|not verified)\b/i.test(lower)) blockers.push('writing: completion claim needs observed evidence or explicit unverified boundary');
+    if (/\b(?:should work|probably|presumably|i assume)\b/i.test(source)) blockers.push('writing: uncertainty must be stated as an evidence boundary, not an assumption');
+  }
+
+  return {
+    domains: [...new Set(domains)],
+    blockers: [...new Set(blockers)],
+    warnings: [...new Set(warnings)],
+  };
+}

package/hooks/lib/skill-autoload-gate.mjs

@@ -0,0 +1 @@
+export * from '../../../../ops/claude-hooks/lib/skill-autoload-gate.mjs';

package/opencode-plugins/harness-gate/index.js

@@ -3,8 +3,10 @@
  * Routes through HTTPHarnessClient SDK for substrate-backed validation.
  */
 import { existsSync, readFileSync, mkdirSync, writeFileSync } from 'node:fs';
+import { createHash } from 'node:crypto';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
+import { evaluateSkillGate, formatSkillGateBlock } from './lib/skill-autoload-gate.js';
 
 const HOME = homedir();
 const SDK_CANDIDATES = [
@@ -42,7 +44,14 @@ const DEPLOY_PATTERNS = [
   { rx: /\bdocker\s+build\b.*--push\b/, name: 'docker-build-push' },
 ];
 
-const INLINE_LENS_RX = /^\s*#\s*(?:nur|mizan|hikma|tafakkur|tadabbur|ilham|wahi|firasah|truth|harm|trust|power|reflection|context|impact|beauty)\s*:\s*.{20,}/im;
+const INLINE_LENS_NAMES = [
+  'nur', 'mizan', 'hikma', 'tafakkur', 'tadabbur', 'ilham', 'wahi', 'firasah',
+  'truth', 'harm', 'trust', 'power', 'reflection', 'context', 'impact', 'beauty',
+];
+const INLINE_LENS_RX = new RegExp(
+  `^\\s*#\\s*(?:${INLINE_LENS_NAMES.join('|')})\\s*:\\s*.{20,}`,
+  'gim',
+);
 const VERIFY_BLOCK_RX = /<verify>[\s\S]*?target\s*:[\s\S]*?verified\s*:[\s\S]*?axiom\s*:[\s\S]*?<\/verify>/i;
 const TRIVIAL_BASH_RX = /^\s*(?:ls|cat|head|tail|grep|find|echo|wc|stat|which|pwd|date|file|du|df|ss|ps)\s/;
 const SHORT_BASH_LIMIT = 30;
@@ -63,6 +72,28 @@ function persistReceipt(sessionId, payload) {
   } catch {}
 }
 
+function makeEvidenceRef(kind, value, metadata = {}) {
+  const raw = typeof value === 'string' ? value : JSON.stringify(value ?? null);
+  const sha256 = createHash('sha256').update(raw).digest('hex');
+  return {
+    evidenceId: `ev_${sha256.slice(0, 16)}`,
+    kind,
+    at: new Date().toISOString(),
+    sha256,
+    preview: raw.slice(0, 500),
+    metadata,
+  };
+}
+
+function countInlineCognitionLenses(text) {
+  const seen = new Set();
+  for (const match of String(text || '').matchAll(INLINE_LENS_RX)) {
+    const lens = match[0].match(/^\s*#\s*([a-z_ -]+)\s*:/i)?.[1]?.trim().toLowerCase();
+    if (lens) seen.add(lens);
+  }
+  return seen.size;
+}
+
 function resolveToken() {
   if (process.env.ARIA_HARNESS_TOKEN) return process.env.ARIA_HARNESS_TOKEN;
   if (process.env.ARIA_API_KEY) return process.env.ARIA_API_KEY;
@@ -111,7 +142,7 @@ async function getClient() {
   return _client;
 }
 
-async function runtimeCheckAction(action, target) {
+async function runtimeCheckAction(action, target, metadata = {}) {
   const token = resolveToken();
   if (!token) throw new Error('no token');
   const response = await fetch(`${RUNTIME_URL}/check-action`, {
@@ -120,7 +151,7 @@ async function runtimeCheckAction(action, target) {
       'Content-Type': 'application/json',
       Authorization: `Bearer ${token}`,
     },
-    body: JSON.stringify({ action, target }),
+    body: JSON.stringify({ action, target, ...metadata }),
   });
   if (!response.ok) {
     const body = await response.text().catch(() => response.statusText);
@@ -163,9 +194,6 @@ export default async function HarnessGatePlugin(ctx) {
       // Trivial reads pass
       if (toolName === 'Bash' && TRIVIAL_BASH_RX.test(cmd) && cmd.length < 200) return;
       if (toolName === 'Bash' && cmd.length < SHORT_BASH_LIMIT) return;
-      // Inline cognition in bash comments passes
-      if (toolName === 'Bash' && INLINE_LENS_RX.test(cmd)) return;
-
       const destructive = DESTRUCTIVE_PATTERNS.find(({ rx }) => rx.test(cmd));
       const deploy = DEPLOY_PATTERNS.find(({ rx }) => rx.test(cmd));
       const isFileMutation = ['Edit', 'Write', 'NotebookEdit'].includes(toolName) && filePath;
@@ -178,6 +206,25 @@ export default async function HarnessGatePlugin(ctx) {
       const label = destructive?.name || deploy?.name || `${toolName}:${filePath?.split('/').pop() || ''}`;
       const action = toolName === 'Bash' ? 'bash' : 'edit';
       const target = toolName === 'Bash' ? cmd.slice(0, 200) : filePath.slice(0, 200);
+      const skillGate = evaluateSkillGate({
+        sessionId,
+        surface: 'opencode-harness-gate',
+        text: JSON.stringify(input || {}),
+        action: cmd,
+        toolName,
+        filePath,
+        isDeploy: Boolean(deploy),
+        isMutation: Boolean(isFileMutation),
+        autoLoadAvailable: false,
+      });
+      if (!skillGate.ok) {
+        throw new Error(
+          `=== ARIA SKILL AUTOLOAD GATE: ${label} ===\n\n` +
+          `${formatSkillGateBlock(skillGate)}\n\n` +
+          `Required next step: call the skill loader for ${skillGate.missingSkills.join(', ')} before retrying this tool.`
+        );
+      }
+      const actionRef = makeEvidenceRef('opencode_tool_request', { toolName, action, target }, { sessionId, label });
       const rationale =
         destructive ? `High-risk action ${label} requested in OpenCode and must satisfy Mizan truth, protection, and quality before execution.`
           : deploy ? `Deployment action ${label} requested in OpenCode and must satisfy Mizan survivability before execution.`
@@ -188,10 +235,21 @@ export default async function HarnessGatePlugin(ctx) {
           sessionId,
           context: {
             sessionId,
+            actor: 'opencode',
+            system: 'opencode',
+            platform: 'opencode',
+            surface: 'opencode-harness-gate',
             message: cmdPreview,
             intendedAction: target || cmdPreview,
             rationale,
           },
+          packetRequest: {
+            stage: 'preflight',
+            actor: 'opencode',
+            system: 'opencode',
+            platform: 'opencode',
+            message: cmdPreview,
+          },
         });
         _lastMizanReceipt = pre.receipt || null;
         if (_lastMizanReceipt) {
@@ -202,6 +260,7 @@ export default async function HarnessGatePlugin(ctx) {
             preResult: pre.result || null,
             preContract: pre.contract || null,
             preSummary: pre.summary || null,
+            actionRef,
           });
         }
         _lastActionSummary = cmdPreview;
@@ -234,8 +293,25 @@ export default async function HarnessGatePlugin(ctx) {
 
       if (client) {
         try {
-          const check = await runtimeCheckAction(action, target).catch(() => client.checkAction(action, target));
+          const check = await runtimeCheckAction(action, target, {
+            sessionId,
+            actor: 'opencode',
+            roleProfile: process.env.OPENCODE_ARIA_ROLE_PROFILE || process.env.ARIA_ROLE_PROFILE || null,
+            files: filePath ? [filePath] : [],
+            requireVerify: Boolean(destructive || deploy),
+            verifyText: String(input.args?.verifyText || input.args?.verifyBlock || input.args?.verify || ''),
+          }).catch(() => client.checkAction(action, target));
           if (!check.allowed) {
+            if (check.queued) {
+              throw new Error(
+                `=== ARIA TOOL LANE QUEUED: ${label} ===\n\n` +
+                `Immediate execution paused; action was queued instead of failed.\n` +
+                `Reason: ${check.reason || 'tool lane contention'}\n` +
+                `Job: ${check.queue?.jobId || 'unknown'} (${check.queue?.status || 'queued'})\n` +
+                `Queue depth: ${check.queue?.queueDepth ?? 'unknown'}\n\n` +
+                `Recovery: retry after overlapping Hive lease expires, or let the tool-lane worker claim the queued job.`
+              );
+            }
             throw new Error(
               `=== ARIA SD GATE: ${label} ===\n\n` +
               `Blocked by substrate gate: ${check.reason || 'no reason provided'}\n` +
@@ -245,6 +321,7 @@ export default async function HarnessGatePlugin(ctx) {
           }
           return;
         } catch (e) {
+          if (e.message.startsWith('=== ARIA TOOL LANE QUEUED')) throw e;
           if (e.message.startsWith('=== ARIA SD GATE')) throw e;
           // SDK unreachable — fall through to local gate below
           process.stderr.write(`[harness-gate] SDK checkAction failed: ${e.message} — falling through to local gate\n`);

package/opencode-plugins/harness-gate/lib/skill-autoload-gate.js

@@ -0,0 +1 @@
+export * from '../../../../../ops/claude-hooks/lib/skill-autoload-gate.mjs';