@aria_asi/cli 0.2.32 → 0.2.34

package/opencode-plugins/harness-stop/lib/skill-autoload-gate.js

@@ -0,0 +1,14 @@
+import { existsSync, mkdirSync, readdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { tmpdir } from 'node:os';
+const RECEIPT_ROOT = process.env.ARIA_SKILL_RECEIPT_DIR || join(tmpdir(), 'aria-skill-receipts');
+const ALIASES = new Map([['deploy', 'aria-harness-deploy'], ['output', 'aria-harness-output-discipline'], ['repo', 'aria-repo-doctrine'], ['forge', 'aria-forge-guardrails']]);
+const RX = { deploy: /deploy-service\.sh|kubectl\s+(?:apply|set|rollout|delete|scale)|helm\s+upgrade|terraform\s+apply|docker\s+push/i, mutationTool: /^(?:edit|write|notebookedit|patch|apply_patch)$/i, mutation: /apply_patch|write file|edit file|modify|delete file|migration|handler|route|runtime|hook|plugin|\btest\b|smoke script/i, strip: /remove|delete|strip|drop|omit|disable|bypass|skip|stub|mock|fake|placeholder|temporary|quick scaffold|band-aid/i, readiness: /production-ready|ready for production|works in general|general readiness|client packages?|npm packages?|SDKs?|runtimes?|harnesses?|release-ready|ship-ready/i, narrow: /single flow|one flow|narrow e2e|covered flow|specific path|widget flow/i, completion: /done|complete|completed|ready|verified|fixed|shipped|implemented|production-ready/i, badProof: /but|except|caveat|remaining|not yet|still|separate|later|blocked|skipped|unresolved|follow-up|failed|failing|error|red|not run|could not verify|untested|no proof|missing proof|without proof/i, advisory: /non-blocking|warning only|warn only|advisory|fall through|falls through|fail open|soft fail|logged and continue|quality gate warning/i, success: /(?:verified|passed|success|successful|green|ok)\s*[:=\-].{0,120}(?:npm|node|playwright|jest|vitest|build|test|lint|typecheck|curl|kubectl|self-test|e2e|probe|smoke)|(?:npm|node|playwright|jest|vitest|build|test|lint|typecheck|curl|kubectl).{0,120}(?:passed|success|successful|green|exit\s*0)/i, resubmit: /re-?submission|resubmit/i, rewrite: /re-?write|rewrite|fix/i, retest: /re-?test|retest|rerun/i, aria: /ARIA console|Aria console|\/chat|aria-pipeline-mcp|aria_chat|escalat(?:e|ion).{0,80}ARIA/i };
+function normalizeSkillName(skill) { return ALIASES.get(String(skill || '').trim()) || String(skill || '').trim(); }
+function sessionDir(sessionId) { return join(RECEIPT_ROOT, encodeURIComponent(String(sessionId || 'unknown'))); }
+function readReceiptSkills(sessionId) { const dir = sessionDir(sessionId); if (!existsSync(dir)) return new Set(); const skills = new Set(); for (const name of readdirSync(dir)) { if (!name.endsWith('.json')) continue; try { const receipt = JSON.parse(readFileSync(join(dir, name), 'utf8')); if (receipt?.skill) skills.add(normalizeSkillName(receipt.skill)); } catch {} } return skills; }
+function readInlineSkills(text) { const skills = new Set(); const value = String(text || ''); for (const match of value.matchAll(/<skill_content\s+name=["']([^"']+)["']/gi)) skills.add(normalizeSkillName(match[1])); return skills; }
+export function recordSkillLoaded({ sessionId, skill, surface = 'unknown', metadata = {} } = {}) { const normalized = normalizeSkillName(skill); if (!normalized) throw new Error('recordSkillLoaded requires a skill name'); const dir = sessionDir(sessionId); mkdirSync(dir, { recursive: true }); const receipt = { skill: normalized, surface, metadata, recordedAt: new Date().toISOString() }; writeFileSync(join(dir, `${encodeURIComponent(normalized)}.json`), `${JSON.stringify(receipt, null, 2)}\n`); return receipt; }
+export function classifyRequiredSkills({ text = '', action = '', toolName = '', filePath = '', isDeploy = false, isMutation = false, isOutputCloseout = false } = {}) { const combined = [text, action, toolName, filePath].filter(Boolean).join('\n'); const required = new Set(); const reasons = []; const recoveryMissing = []; if (isDeploy || RX.deploy.test(combined)) { required.add('aria-harness-deploy'); required.add('aria-forge-guardrails'); reasons.push('deploy/shared-infrastructure action requires fail-closed deploy and forge guardrails'); } if (isMutation || RX.mutationTool.test(toolName)) { required.add('aria-repo-doctrine'); reasons.push('repository/runtime mutation requires repo doctrine'); } if (RX.strip.test(combined)) { required.add('aria-harness-no-stripping'); reasons.push('strip/remove/bypass language requires no-stripping gate'); } if (isOutputCloseout && RX.completion.test(combined)) { required.add('aria-harness-output-discipline'); reasons.push('owner-facing completion/readiness claim requires output discipline'); if (!RX.success.test(combined)) recoveryMissing.push('successful proof from a concrete command/probe'); } if (RX.readiness.test(combined)) { required.add('architecture-decision'); required.add('testing-strategy'); required.add('aria-forge-guardrails'); required.add('aria-harness-output-discipline'); reasons.push('broad production/package/SDK/runtime readiness claim requires architecture, testing, and forge guardrails'); } if (RX.readiness.test(combined) && RX.narrow.test(combined)) { required.add('testing-strategy'); required.add('aria-forge-guardrails'); reasons.push('narrow e2e proof cannot support broad readiness claim without readiness-matrix discipline'); } if (RX.completion.test(combined) && RX.badProof.test(combined)) { required.add('aria-harness-output-discipline'); required.add('aria-forge-guardrails'); reasons.push('completion claim with unresolved or failed proof requires recovery cycle'); if (!RX.resubmit.test(combined)) recoveryMissing.push('re-submission'); if (!RX.rewrite.test(combined)) recoveryMissing.push('re-write'); if (!RX.retest.test(combined)) recoveryMissing.push('re-test'); if (!RX.aria.test(combined)) recoveryMissing.push('ARIA console escalation'); } if (RX.advisory.test(combined)) { required.add('aria-forge-guardrails'); required.add('aria-harness-output-discipline'); reasons.push('advisory/fail-open gate language requires fail-closed hardening discipline'); } return { requiredSkills: [...required].sort(), reasons, recoveryMissing }; }
+export function evaluateSkillGate(options = {}) { const classified = classifyRequiredSkills(options); const text = [options.text, options.action].filter(Boolean).join('\n'); const loaded = new Set([...readReceiptSkills(options.sessionId), ...readInlineSkills(text)]); const missingSkills = classified.requiredSkills.filter((skill) => !loaded.has(skill)); const recoveryMissing = classified.recoveryMissing || []; return { ok: missingSkills.length === 0 && recoveryMissing.length === 0, surface: options.surface || 'unknown', sessionId: options.sessionId || 'unknown', requiredSkills: classified.requiredSkills, loadedSkills: [...loaded].sort(), missingSkills, recoveryMissing, reasons: classified.reasons, autoLoadAvailable: options.autoLoadAvailable === true }; }
+export function formatSkillGateBlock(result = {}) { const missing = Array.isArray(result.missingSkills) ? result.missingSkills : []; const recovery = Array.isArray(result.recoveryMissing) ? result.recoveryMissing : []; const reasons = Array.isArray(result.reasons) ? result.reasons : []; return ['=== ARIA SKILL AUTOLOAD GATE BLOCK ===', `surface: ${result.surface || 'unknown'}`, `missing_skills: ${missing.length ? missing.join(', ') : '(none)'}`, `missing_recovery_cycle: ${recovery.length ? recovery.join(', ') : '(none)'}`, `required_skills: ${(result.requiredSkills || []).join(', ') || '(none)'}`, reasons.length ? `reasons: ${reasons.join(' | ')}` : 'reasons: no classifier reason recorded', 'counter_action: re-submit, re-write, re-test, and escalate through ARIA console until successful proof exists. Do not downgrade this to an advisory warning.'].join('\n'); }

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@aria_asi/cli",
-  "version": "0.2.32",
-  "description": "Aria Smart CLI \u2014 the world's first harness-powered terminal companion",
+  "version": "0.2.34",
+  "description": "Aria Smart CLI — the world's first harness-powered terminal companion",
   "bin": {
-    "aria": "./bin/aria.js"
+    "aria": "bin/aria.js"
   },
   "main": "./dist/aria-connector/src/index.js",
   "types": "./dist/aria-connector/src/index.d.ts",
@@ -18,7 +18,8 @@
   },
   "scripts": {
     "build": "tsc && node scripts/bundle-sdk.mjs",
-    "check:hooks": "node scripts/validate-hook-contracts.mjs",
+    "check:hooks": "node scripts/validate-hook-contracts.mjs && node scripts/self-test-harness-gates.mjs",
+    "self-test:gates": "node scripts/self-test-harness-gates.mjs",
     "check:skills": "node scripts/validate-skill-prompts.mjs",
     "prepare": "npm run build",
     "dev": "tsc --watch",
@@ -50,5 +51,11 @@
     "node": ">=20.0.0"
   },
   "license": "UNLICENSED",
-  "private": false
+  "private": false,
+  "keywords": [],
+  "author": "",
+  "bugs": {
+    "url": "https://github.com/REI-Nationwide/cowork-sandbox/issues"
+  },
+  "homepage": "https://github.com/REI-Nationwide/cowork-sandbox#readme"
 }

package/runtime-src/codex-bridge.mjs

@@ -1,10 +1,12 @@
 #!/usr/bin/env node
 
 import { appendFileSync, existsSync, mkdirSync, readFileSync } from 'node:fs';
+import { createHash, randomUUID } from 'node:crypto';
 import { homedir } from 'node:os';
 import { delimiter, dirname, resolve } from 'node:path';
 import { spawn, spawnSync } from 'node:child_process';
 import { createRequire } from 'node:module';
+import { evaluateSkillGate, formatSkillGateBlock } from './hooks/lib/skill-autoload-gate.mjs';
 
 const require = createRequire(import.meta.url);
 const { WebSocketServer, WebSocket } = require('ws');
@@ -75,6 +77,24 @@ function sleep(ms) {
   return new Promise((resolvePromise) => setTimeout(resolvePromise, ms));
 }
 
+function stableEvidenceString(value) {
+  if (typeof value === 'string') return value;
+  try { return JSON.stringify(value); } catch { return String(value); }
+}
+
+function makeEvidenceRef(kind, value, metadata = {}) {
+  const raw = stableEvidenceString(value);
+  const sha256 = createHash('sha256').update(raw).digest('hex');
+  return {
+    evidenceId: `ev_${sha256.slice(0, 16)}`,
+    kind,
+    at: new Date().toISOString(),
+    sha256,
+    preview: raw.slice(0, 500),
+    metadata,
+  };
+}
+
 function readRuntimeToken() {
   const envToken = process.env.ARIA_HARNESS_TOKEN || process.env.ARIA_API_KEY || process.env.OPENAI_API_KEY || process.env.ARIA_MASTER_TOKEN;
   if (envToken) return envToken;
@@ -123,9 +143,10 @@ function ensureTurnState(threadId, turnId) {
       userText: '',
       preReceiptId: null,
       agentText: '',
-      bufferedAgentNotifications: [],
-      firstAgentItemId: null,
-    };
+        bufferedAgentNotifications: [],
+        firstAgentItemId: null,
+        traceId: `trace_${randomUUID()}`,
+      };
     turnState.set(key, state);
   }
   return state;
@@ -186,6 +207,16 @@ async function validateTurnText(threadId, turnId) {
   if (!text) {
     return { ok: false, reason: 'No assistant text exists for this turn yet. Codex must emit readable cognition before action.' };
   }
+  const skillGate = evaluateSkillGate({
+    sessionId: `codex:${threadId}:${turnId}`,
+    surface: 'codex-bridge-output',
+    text: [state.userText, text].join('\n'),
+    isOutputCloseout: true,
+    autoLoadAvailable: false,
+  });
+  if (!skillGate.ok) {
+    return { ok: false, reason: formatSkillGateBlock(skillGate), result: { skillGate } };
+  }
   const result = await postRuntime('/validate-output', {
     text,
     sessionId: `codex:${threadId}:${turnId}`,
@@ -198,6 +229,7 @@ async function validateTurnText(threadId, turnId) {
       stage: 'codex-turn',
       actor: 'codex-bridge',
       system: 'codex-bridge',
+      traceId: state.traceId,
     },
   });
   const pass = result?.pass === true && result?.validation?.passed !== false;
@@ -210,11 +242,29 @@ async function validateTurnText(threadId, turnId) {
       };
 }
 
-async function checkActionAgainstRuntime(action, target, threadId, turnId) {
+async function checkActionAgainstRuntime(action, target, threadId, turnId, metadata = {}) {
+  const state = ensureTurnState(threadId, turnId);
+  const skillGate = evaluateSkillGate({
+    sessionId: `codex:${threadId}:${turnId}`,
+    surface: 'codex-bridge-action',
+    text: target,
+    action: target,
+    toolName: action,
+    isDeploy: action === 'deploy',
+    isMutation: action === 'write',
+    autoLoadAvailable: false,
+  });
+  if (!skillGate.ok) {
+    return { ok: false, reason: formatSkillGateBlock(skillGate), result: { skillGate } };
+  }
   const result = await postRuntime('/check-action', {
     action,
     target,
     sessionId: `codex:${threadId}:${turnId}`,
+    actor: 'codex',
+    roleProfile: process.env.CODEX_ARIA_ROLE_PROFILE || process.env.ARIA_ROLE_PROFILE || null,
+    verifyText: state.agentText || '',
+    ...metadata,
   });
   if (result?.allowed === false) {
     return {
@@ -244,6 +294,8 @@ async function recordMizanPre(threadId, turnId) {
         surface: 'codex-bridge',
         platform: 'codex',
         userText: state.userText,
+        traceId: state.traceId,
+        evidenceRefs: [makeEvidenceRef('user_input', state.userText, { threadId, turnId, traceId: state.traceId })],
       },
     });
     state.preReceiptId = result?.receipt?.receiptId || null;
@@ -262,6 +314,8 @@ async function recordMizanPost(threadId, turnId, pass, summary) {
       evidence: {
         validated_output: pass,
         bridge: 'codex',
+        trace_id: state.traceId,
+        output_ref: makeEvidenceRef('assistant_output', state.agentText || summary, { threadId, turnId, traceId: state.traceId }),
       },
       context: {
         sessionId: `codex:${threadId}:${turnId}`,
@@ -269,6 +323,7 @@ async function recordMizanPost(threadId, turnId, pass, summary) {
         platform: 'codex',
         userText: state.userText,
         summary,
+        traceId: state.traceId,
       },
     });
   } catch (error) {
@@ -285,6 +340,8 @@ async function recordMizanPost(threadId, turnId, pass, summary) {
       details: {
         threadId,
         turnId,
+        traceId: state.traceId,
+        outputRef: makeEvidenceRef('assistant_output', state.agentText || summary, { threadId, turnId, traceId: state.traceId }),
       },
     });
   } catch (error) {
@@ -336,7 +393,9 @@ async function handleApprovalRequest(upstream, downstream, message) {
       cwd: params.cwd || null,
       commandActions: params.commandActions || params.parsedCmd || null,
     }).slice(0, 1500);
-    const actionCheck = await checkActionAgainstRuntime(action, target, threadId, turnId);
+    const actionCheck = await checkActionAgainstRuntime(action, target, threadId, turnId, {
+      requireVerify: action === 'delete' || action === 'deploy',
+    });
     if (!actionCheck.ok) {
       const reason = `Aria runtime denied ${action}: ${actionCheck.reason}`;
       upstream.send(JSON.stringify(makeGuardianWarning(threadId, reason)));
@@ -360,8 +419,9 @@ async function handleApprovalRequest(upstream, downstream, message) {
   }
 
   if (method === 'item/fileChange/requestApproval' || method === 'applyPatchApproval') {
-    const target = params.grantRoot || params.reason || params.itemId || 'file-change';
-    const actionCheck = await checkActionAgainstRuntime('write', String(target), threadId, turnId);
+    const target = params.grantRoot || params.path || params.filePath || params.reason || params.itemId || 'file-change';
+    const files = [params.path, params.filePath, params.grantRoot].filter((value) => typeof value === 'string' && value.trim());
+    const actionCheck = await checkActionAgainstRuntime('write', String(target), threadId, turnId, { files });
     if (!actionCheck.ok) {
       const reason = `Aria runtime denied file change: ${actionCheck.reason}`;
       upstream.send(JSON.stringify(makeGuardianWarning(threadId, reason)));
@@ -390,7 +450,10 @@ async function handleApprovalRequest(upstream, downstream, message) {
       permissions: params.permissions || null,
       reason: params.reason || null,
     }).slice(0, 1500);
-    const actionCheck = await checkActionAgainstRuntime('write', target, threadId, turnId);
+    const files = Array.isArray(params.permissions?.fileSystem?.entries)
+      ? params.permissions.fileSystem.entries.filter((value) => typeof value === 'string' && value.trim())
+      : [];
+    const actionCheck = await checkActionAgainstRuntime('write', target, threadId, turnId, { files });
     if (!actionCheck.ok) {
       const reason = `Aria runtime denied permissions request: ${actionCheck.reason}`;
       upstream.send(JSON.stringify(makeGuardianWarning(threadId, reason)));

package/runtime-src/harness-daemon.mjs

@@ -1,6 +1,7 @@
 #!/usr/bin/env node
 
 import { createServer } from 'node:http';
+import { createHash } from 'node:crypto';
 import { createRequire } from 'node:module';
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
 import { fileURLToPath } from 'node:url';
@@ -35,6 +36,7 @@ const LOCAL_FIRST_PRINCIPLE = 'Truth over deception. No harm. Sacred trust. Powe
 
 let cachedPacketEnvelope = loadCachedPacketEnvelope();
 let refreshInFlight = null;
+let refreshInFlightKey = '';
 let lastRefreshError = null;
 let lastRefreshStartedAt = null;
 let lastRefreshCompletedAt = cachedPacketEnvelope?.timestamp || null;
@@ -99,6 +101,46 @@ function sanitizePacketEnvelope(raw) {
   };
 }
 
+function stableIdentityValue(value) {
+  return String(value || '').trim().toLowerCase();
+}
+
+function requestCacheKey(body = {}, apiKey = '') {
+  const identity = {
+    stage: stableIdentityValue(body.stage || body.packetRequest?.stage),
+    actor: stableIdentityValue(body.actor || body.packetRequest?.actor),
+    system: stableIdentityValue(body.system || body.packetRequest?.system),
+    platform: stableIdentityValue(body.platform || body.packetRequest?.platform),
+    roleProfile: stableIdentityValue(body.roleProfile || body.role_profile || body.packetRequest?.roleProfile || body.packetRequest?.role_profile),
+    token: apiKey ? createHash('sha256').update(apiKey).digest('hex').slice(0, 16) : '',
+  };
+  return createHash('sha256').update(JSON.stringify(identity)).digest('hex');
+}
+
+function extractPacketField(packet, field) {
+  if (!packet || typeof packet !== 'object') return '';
+  const direct = packet[field];
+  if (typeof direct === 'string' && direct.trim()) return stableIdentityValue(direct);
+  for (const source of [packet.adapter, packet.harness]) {
+    if (typeof source !== 'string') continue;
+    const match = source.match(new RegExp(`(?:^|\\n)\\s*${field}\\s*=\\s*([^\\n\\s]+)`, 'i'));
+    if (match?.[1]) return stableIdentityValue(match[1]);
+  }
+  return '';
+}
+
+function cachedPacketMatchesRequest(envelope, body = {}) {
+  const packet = envelope?.packet;
+  if (!packet || typeof packet !== 'object') return false;
+  for (const field of ['stage', 'actor', 'system']) {
+    const expected = stableIdentityValue(body[field] || body.packetRequest?.[field]);
+    if (!expected) continue;
+    const actual = extractPacketField(packet, field);
+    if (actual && actual !== expected) return false;
+  }
+  return true;
+}
+
 function loadCachedPacketEnvelope() {
   const candidates = [LOCAL_PACKET_CACHE_PATH, ...LEGACY_PACKET_CACHE_CANDIDATES];
   for (const candidate of candidates) {
@@ -220,10 +262,15 @@ async function fetchJsonWithRetry(url, init, attempts = 3) {
 }
 
 async function refreshPacket(body = {}, apiKey = '') {
-  if (refreshInFlight) return refreshInFlight;
+  const cacheKey = requestCacheKey(body, apiKey);
+  if (refreshInFlight && refreshInFlightKey === cacheKey) return refreshInFlight;
+  if (refreshInFlight) {
+    await refreshInFlight.catch(() => {});
+  }
   if (isLoopedUpstream(UPSTREAM_HARNESS_URL)) {
     throw new Error(`upstream harness URL loops back to local daemon: ${UPSTREAM_HARNESS_URL}`);
   }
+  refreshInFlightKey = cacheKey;
   lastRefreshStartedAt = new Date().toISOString();
   lastRefreshError = null;
   refreshInFlight = (async () => {
@@ -258,6 +305,7 @@ async function refreshPacket(body = {}, apiKey = '') {
     throw error;
   } finally {
     refreshInFlight = null;
+    refreshInFlightKey = '';
   }
 }
 
@@ -268,7 +316,7 @@ function queuePacketRefresh(body, apiKey) {
 }
 
 async function resolvePacketEnvelope(packetRequest = {}, apiKey = '', message = '') {
-  if (cachedPacketEnvelope) {
+  if (cachedPacketEnvelope && cachedPacketMatchesRequest(cachedPacketEnvelope, packetRequest)) {
     queuePacketRefresh(packetRequest, apiKey);
     return cachedPacketEnvelope;
   }