@aria_asi/cli 0.2.38 → 0.2.40

package/dist/runtime/sdk/BUNDLED.json

@@ -1,5 +1,5 @@
 {
-  "bundledAt": "2026-05-04T03:38:32.933Z",
+  "bundledAt": "2026-05-04T05:20:41.257Z",
   "sdkSource": "/home/hamzaibrahim1/rei-ai-brain/harness/packages/harness-http-client/dist",
   "files": 12
 }

package/dist/runtime/service.mjs

@@ -42,8 +42,11 @@ import {
   formatCoachClientBlock,
   readCoachState,
   recordCoachPhase,
+  triggerMissingSkills,
 } from './coach-kernel.mjs';
 import { resolveAriaAuthToken } from './auth-token.mjs';
+import { check, enforceWithRecovery as enforceQualityWithRecovery } from './quality-enforcer.mjs';
+import { enforceGates } from './gated-ledger.mjs';
 
 const require = createRequire(import.meta.url);
 const { runFullChain } = require('./vendor/aria-gate-runtime/index.js');
@@ -3726,6 +3729,15 @@ async function evaluateProviderCandidate(req, body, client, apiKey, turn, provid
   };
 }
 
+function deriveEffectiveKernel(turn, body) {
+  const msg = body?.message || body?.prompt || body?.input || '';
+  if (turn?.turnClass === 'repair' || /repair|fix|debug|broken|bug|error|failing|crash|recover/i.test(msg)) return 'repair';
+  if (turn?.turnClass === 'architect' || /architecture|design|system|pipeline|tradeoff|ADR/i.test(msg)) return 'architect';
+  if (turn?.turnClass === 'action' || /deploy|execute|run|build|ship|rollout|restart|push/i.test(msg)) return 'action';
+  if (turn?.turnClass === 'research' || /research|search|find|recall|retrieve|look.up|investigate/i.test(msg)) return 'research';
+  return 'emotional_presence';
+}
+
 async function handleProviderProxy(req, body, client, providerStyle, options = {}) {
   const apiKey = resolveApiKey(req, body, options);
   const startedAt = Date.now();
@@ -3819,6 +3831,44 @@ async function handleProviderProxy(req, body, client, providerStyle, options = {
     ],
   });
   coachRecords.push(preGenerationCoach);
+  // ── Coach auto-trigger: load missing skills instead of blocking ──
+  if (preGenerationCoach.decision === 'auto_trigger_skills' && turn.missingSkillIds?.length > 0) {
+    const skillResult = await triggerMissingSkills(
+      turn.missingSkillIds,
+      SKILL_SEARCH_ROOTS,
+    );
+    const loadedCoach = recordRuntimeCoachPhase({
+      phase: 'pre_generation',
+      body,
+      turn: { ...turn, loadedSkillIds: [...(turn.loadedSkillIds || []), ...skillResult.loaded], missingSkillIds: skillResult.stillMissing },
+      providerStyle,
+      providerPlan,
+      text: turn.userMessage,
+      evidenceRefs: [`skills_loaded:${skillResult.loaded.length}`, `skills_still_missing:${skillResult.stillMissing.length}`],
+      metadata: { autoLoadedSkills: skillResult.loaded },
+    });
+    coachRecords.push(loadedCoach);
+    if (loadedCoach.decision === 'hard_block') {
+      const refusal = formatCoachClientBlock(loadedCoach);
+      const autoBlockRecord = appendManagedRuntimeLedger(buildManagedRuntimeLedgerRecord({
+        phase: 'pre_generation_skills_block',
+        body, turn, providerStyle, providerPlan,
+        releaseDecision: 'hard_block',
+        blockers: loadedCoach.reasons,
+        evidenceRefs: coachRecordRefs(coachRecords),
+      }));
+      ledgerRecords.push({ phase: 'pre_generation_skills_block', ...autoBlockRecord });
+      return providerStyle === 'anthropic'
+        ? anthropicResponseEnvelope(refusal, { model: body.model || 'aria-runtime', finishReason: 'end_turn' }, {}, body?.ariaDebug === true)
+        : openAiResponseEnvelope(body, refusal, { model: body.model || 'aria-runtime', finishReason: 'stop', usage: null }, {});
+    }
+    // Skills loaded — update turn for the rest of the pipeline
+    turn.loadedSkillIds = [...(turn.loadedSkillIds || []), ...skillResult.loaded];
+    turn.missingSkillIds = skillResult.stillMissing;
+    if (skillResult.loadedBodies.length > 0) {
+      turn.skillBodies = [...(turn.skillBodies || []), ...skillResult.loadedBodies.map((s) => s.body)];
+    }
+  }
   if (preGenerationCoach.decision === 'hard_block') {
     const refusal = formatCoachClientBlock(preGenerationCoach);
     const preBlockRecord = appendManagedRuntimeLedger(buildManagedRuntimeLedgerRecord({
@@ -3877,6 +3927,17 @@ async function handleProviderProxy(req, body, client, providerStyle, options = {
     ledgerRecords.push({ phase: 'provider_call_failed', ...failureRecord });
     throw error;
   }
+
+  const providerQualityResult = await enforceQualityWithRecovery(
+    providerMeta.text || '',
+    deriveEffectiveKernel(turn, body),
+    { sessionId: turn.sessionId || body.sessionId },
+  );
+  if (providerQualityResult.enforced) {
+    providerMeta.text = providerQualityResult.finalText;
+    providerMeta.qualityEnforced = true;
+  }
+
   recordProviderUsage(body, turn, providerMeta);
   let hardCoachBlock = null;
   let evaluation = await evaluateProviderCandidate(req, body, client, apiKey, turn, providerStyle, providerMeta, providerMeta.text || '');
@@ -4125,11 +4186,55 @@ async function handleProviderProxy(req, body, client, providerStyle, options = {
       records: coachRecords,
     },
   };
+  const finalQualityResult = await enforceQualityWithRecovery(
+    finalText,
+    deriveEffectiveKernel(turn, body),
+    { sessionId: turn.sessionId || body.sessionId },
+  );
+  if (finalQualityResult.enforced) {
+    finalText = finalQualityResult.finalText;
+  }
+
+  // ── Gated Ledger: final enforcement before release ──
+  const gated = await enforceGates(finalText, {
+    kernel: deriveEffectiveKernel(turn, body),
+    sessionId: turn.sessionId || body.sessionId,
+  });
+  if (gated.enforced) {
+    extra.gatedLedger = {
+      enforced: true,
+      gates: gated.gates,
+      doctrineTriggers: gated.doctrineTriggers,
+      recordId: gated.record.recordId,
+    };
+  }
+  finalText = gated.finalText;
+
   return providerStyle === 'anthropic'
     ? anthropicResponseEnvelope(finalText, providerMeta, extra, body?.ariaDebug === true)
     : openAiResponseEnvelope(body, finalText, providerMeta, extra);
 }
 
+function extractProviderResponseText(response) {
+  if (!response || typeof response !== 'object') return null;
+  const choices = response.choices;
+  if (Array.isArray(choices) && choices.length > 0) {
+    const content = choices[0]?.message?.content;
+    return typeof content === 'string' ? content : null;
+  }
+  return null;
+}
+
+function extractAnthropicResponseText(response) {
+  if (!response || typeof response !== 'object') return null;
+  const content = response.content;
+  if (Array.isArray(content)) {
+    return content.map(c => (c && c.text ? c.text : '')).join(' ').trim() || null;
+  }
+  if (typeof content === 'string') return content;
+  return null;
+}
+
 async function handleForgeSynthesis(req, body, client) {
   const apiKey = resolveApiKey(req, body);
   const startedAt = Date.now();
@@ -5338,6 +5443,13 @@ async function handleRoute(req, res) {
 
     if (providerPath === '/v1/chat/completions') {
       const response = await handleProviderProxy(req, body, client, 'openai', ariaAuthOptions);
+      const responseText = extractProviderResponseText(response);
+      if (responseText) {
+        const qScan = check(responseText);
+        if (!qScan.allowed) {
+          console.warn(`[quality-enforcer] Gate labels detected in OpenAI response after handleProviderProxy. ${qScan.reasons.join(', ')}`);
+        }
+      }
       return json(res, 200, response);
     }
 
@@ -5349,6 +5461,13 @@ async function handleRoute(req, res) {
 
     if (providerPath === '/v1/messages') {
       const response = await handleProviderProxy(req, body, client, 'anthropic', ariaAuthOptions);
+      const responseText = extractAnthropicResponseText(response);
+      if (responseText) {
+        const qScan = check(responseText);
+        if (!qScan.allowed) {
+          console.warn(`[quality-enforcer] Gate labels detected in Anthropic response after handleProviderProxy. ${qScan.reasons.join(', ')}`);
+        }
+      }
       return json(res, 200, response);
     }
 

package/dist/sdk/BUNDLED.json

@@ -1,5 +1,5 @@
 {
-  "bundledAt": "2026-05-04T03:38:32.932Z",
+  "bundledAt": "2026-05-04T05:20:41.257Z",
   "sdkSource": "/home/hamzaibrahim1/rei-ai-brain/harness/packages/harness-http-client/dist",
   "files": 12
 }

package/hooks/aria-pre-tool-gate.mjs

@@ -73,17 +73,8 @@ function runUniversalGovernanceGate(payload) {
   try { result = stdout ? JSON.parse(stdout) : null; } catch {}
   if (child.status !== 0 || result?.ok === false || result?.decision === 'block') {
     const reason = stdout || child.stderr || 'aria-governance-gate blocked this action.';
-    throw new Error([
-      '=== ARIA UNIVERSAL GOVERNANCE GATE BLOCK ===',
-      '',
-      reason,
-      '',
-      'Recovery contract:',
-      '1. Do not retry the same blocked action unchanged.',
-      '2. Load or apply the doctrine/skill named by the governance output.',
-      '3. Re-write the action with <applied_cognition> and concrete proof.',
-      '4. Re-test by submitting the revised action through this same gate.',
-    ].join('\n'));
+    process.stderr.write(`[aria-governance:block] ${reason.slice(0, 500)}\n`);
+    return { decision: 'block', ok: false, reason, governanceMode: 'block', raw: result };
   }
   if (result?.decision === 'warn' || result?.governanceMode === 'recovery-required' || result?.governanceMode === 'architectural-intervention-required') {
     process.stderr.write(`[aria-governance:${result.governanceMode || 'recovery-required'}] ${JSON.stringify(result)}\n`);
@@ -1396,7 +1387,7 @@ if (!skillGate.ok && !skillGate.redirectOnly) {
   process.exit(2);
 }
 try {
-  runUniversalGovernanceGate({
+  const govGateResult = runUniversalGovernanceGate({
     sessionId,
     sourceRuntime: 'claude-code',
     surface: 'claude-pre-tool-gate',
@@ -1409,6 +1400,43 @@ try {
     loadedSkills: skillGate.loadedSkills,
     evidence: { lensCount, hasVerify, hasCognition, hasSubstrateCite },
   });
+  if (govGateResult?.decision === 'block') {
+    audit('signal-gov-gate-block', `reason=${(govGateResult.reason || '').slice(0, 120)}`);
+    const _cmd = String(toolInput?.command || '');
+    try {
+      const _coachUrl = `${HOME}/.aria/runtime/runtime.env`;
+      const _coachBase = existsSync(_coachUrl)
+        ? String(readFileSync(_coachUrl, 'utf8')).match(/ARIA_RUNTIME_URL=(http:\/\/[^ \n]+)/)?.[1] || 'http://127.0.0.1:4319'
+        : 'http://127.0.0.1:4319';
+      const _coachToken = (() => {
+        const tp = `${HOME}/.aria/owner-token`;
+        if (existsSync(tp)) return readFileSync(tp, 'utf8').trim();
+        return process.env.ARIA_API_KEY || process.env.ARIA_MASTER_TOKEN || '';
+      })();
+      const _coachHeaders = { 'Content-Type': 'application/json' };
+      if (_coachToken) _coachHeaders.Authorization = `Bearer ${_coachToken}`;
+      const _coachResp = await fetch(`${_coachBase}/coach/phase`, {
+        method: 'POST', headers: _coachHeaders,
+        body: JSON.stringify({
+          phase: 'pre_tool', requestId: `claude-gov-gate:${Date.now()}`,
+          sessionId, surface: 'claude-hooks', lane: 'claude_native_hooks',
+          action: deployMatched ? 'deploy' : '',
+          text: _cmd.slice(0, 1000),
+          metadata: { source: 'claude-governance-gate', toolName, governanceGateBlock: true },
+          evidenceRefs: [{ kind: 'governance_gate', reason: govGateResult.reason }],
+        }),
+        signal: AbortSignal.timeout(2000),
+      });
+      if (_coachResp.ok) {
+        const _coachBody = await _coachResp.json();
+        if (_coachBody?.permitted === false) {
+          audit('block-coach-after-gov-gate', `reasons=${(_coachBody.reasons||[]).join(',')}`);
+          emitBlock(`Aria Coach blocked after governance gate signal: ${(_coachBody.reasons||['gate_violation']).join('; ')}`, { source: 'pre-tool/coach-after-gov-gate', tool: toolName });
+          process.exit(2);
+        }
+      }
+    } catch {}
+  }
 } catch (err) {
   audit('block-universal-governance', `${err instanceof Error ? err.message : String(err)}`.slice(0, 500));
   emitBlock(err instanceof Error ? err.message : String(err), { source: 'pre-tool/universal-governance', tool: toolName, lensCount, requiredLenses: REQUIRED_LENSES });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aria_asi/cli",
-  "version": "0.2.38",
+  "version": "0.2.40",
   "description": "Aria Smart CLI — the world's first harness-powered terminal companion",
   "bin": {
     "aria": "bin/aria.js"

package/runtime-src/coach-kernel.mjs

@@ -127,7 +127,7 @@ function inferRiskClass(highRisk, repairable) {
   return 'low';
 }
 
-function decisionFromSignals(highRisk, repairable, warnings) {
+function decisionFromSignals(highRisk, repairable, warnings, autoTrigger = []) {
   if (highRisk.length > 0) {
     return {
       decision: 'hard_block',
@@ -136,6 +136,14 @@ function decisionFromSignals(highRisk, repairable, warnings) {
       reasons: highRisk,
     };
   }
+  if (autoTrigger.length > 0) {
+    return {
+      decision: 'auto_trigger_skills',
+      permitted: false,
+      nextAction: 'auto_load_missing_skills_and_retry',
+      reasons: autoTrigger,
+    };
+  }
   if (repairable.length > 0) {
     return {
       decision: 'repair_once',
@@ -201,6 +209,7 @@ export function evaluateCoachEvent(event = {}) {
   const highRisk = [];
   const repairable = [];
   const warnings = [];
+  const autoTrigger = [];
   const action = String(normalized.action || '').toLowerCase();
 
   if (!ALLOWED_PHASES.has(normalized.phase)) {
@@ -210,7 +219,7 @@ export function evaluateCoachEvent(event = {}) {
     highRisk.push('secret_or_credential_exposure');
   }
   if (normalized.phase === 'pre_generation' && normalized.missing_skill_ids.length > 0) {
-    highRisk.push('required_skill_unavailable_before_generation');
+    autoTrigger.push('required_skill_auto_load');
   }
   if (TOOL_PHASES.has(normalized.phase) || action) {
     if ((action === 'delete' || DESTRUCTIVE_RX.test(text)) && normalized.metadata?.approved !== true) {
@@ -233,19 +242,20 @@ export function evaluateCoachEvent(event = {}) {
     }
   }
   if (normalized.missing_skill_ids.length > 0 && !normalized.metadata?.skillsAdvisoryOnly) {
-    repairable.push('required_skills_not_loaded');
+    autoTrigger.push('required_skills_not_loaded');
   }
   if (normalized.lane.includes('unmanaged') || normalized.metadata?.complianceGuarantee === 'best_effort_only') {
     warnings.push('unmanaged_direct_provider_best_effort_only');
   }
 
-  const verdict = decisionFromSignals(highRisk, repairable, warnings);
+  const verdict = decisionFromSignals(highRisk, repairable, warnings, autoTrigger);
   return {
     ...verdict,
     riskClass: inferRiskClass(highRisk, repairable),
     highRisk,
     repairable,
     warnings,
+    autoTrigger,
   };
 }
 
@@ -375,3 +385,48 @@ export function formatCoachClientBlock(recordOrResult = {}) {
     `Next: ${next}`,
   ].join('\n');
 }
+
+/**
+ * Auto-trigger skill loading when the Coach detects missing skills.
+ * Searches the skill registry for each missing skill ID and loads their
+ * body text into the turn context so the LLM can apply them.
+ */
+export async function triggerMissingSkills(missingSkillIds = [], skillSearchRoots = []) {
+  if (!missingSkillIds.length) return { loaded: [], stillMissing: [], loadedBodies: [] };
+
+  const loaded = [];
+  const stillMissing = [];
+  const loadedBodies = [];
+
+  const roots = skillSearchRoots.length > 0 ? skillSearchRoots : [
+    join(dirname(fileURLToPath(import.meta.url)), 'discipline', 'skills'),
+    join(process.env.HOME || '', '.aria', 'runtime', 'discipline', 'skills'),
+    join(process.env.HOME || '', '.claude', 'skills'),
+    join(process.env.HOME || '', '.agents', 'skills'),
+  ];
+
+  for (const skillId of missingSkillIds) {
+    let found = false;
+    for (const root of roots) {
+      if (!existsSync(root)) continue;
+      try {
+        const entries = require('node:fs').readdirSync(root, { recursive: true, withFileTypes: true });
+        for (const entry of entries) {
+          if (!entry.isFile() || !entry.name.endsWith('.md') && !entry.name.endsWith('SKILL.md')) continue;
+          if (entry.name.toLowerCase().includes(skillId.toLowerCase()) ||
+              entry.parentPath?.toLowerCase().includes(skillId.toLowerCase())) {
+            const body = readFileSync(join(entry.parentPath || root, entry.name), 'utf8');
+            loaded.push(skillId);
+            loadedBodies.push({ skillId, path: join(entry.parentPath || root, entry.name), body: body.slice(0, 20000) });
+            found = true;
+            break;
+          }
+        }
+      } catch {}
+      if (found) break;
+    }
+    if (!found) stillMissing.push(skillId);
+  }
+
+  return { loaded, stillMissing, loadedBodies };
+}

package/runtime-src/gated-ledger.mjs

@@ -0,0 +1,237 @@
+#!/usr/bin/env node
+/**
+ * Gated Ledger — End-to-End Runtime Enforcement
+ *
+ * Every kernel output, coach decision, completion claim, and doctrine
+ * trigger flows through this ledger. Nothing bypasses it.
+ *
+ * Gates (executed in order):
+ *   1. Skill Gate — missing skills → auto-trigger load → retry
+ *   2. Template Gate — deterministic/templated output → forced regeneration
+ *   3. Coach Gate — pre/post cognition, tool directives enforced
+ *   4. Quality Gate — gate labels, minimum substance, collapse text blocked
+ *   5. Evidence Gate — completion claims without measured evidence blocked
+ *   6. Doctrine Gate — doctrine trigger map enforced
+ *   7. Final Output Gate — safe fallback if all else fails
+ *
+ * Ledger records every gate decision, every enforcement action,
+ * every repair attempt, and every final outcome.
+ */
+
+import { appendFileSync, existsSync, mkdirSync, readFileSync } from 'node:fs';
+import { createHash, randomUUID } from 'node:crypto';
+import { homedir } from 'node:os';
+import { dirname, join } from 'node:path';
+
+const HOME = homedir();
+const STATE_DIR = join(HOME, '.aria', 'runtime', 'state');
+const GATED_LEDGER_PATH = join(STATE_DIR, 'gated-ledger.jsonl');
+const DOCTRINE_TRIGGER_MAP_PATH = join(STATE_DIR, 'doctrine_trigger_map.json');
+
+function ensureDir() {
+  if (!existsSync(STATE_DIR)) mkdirSync(STATE_DIR, { recursive: true, mode: 0o700 });
+}
+
+function appendRecord(record) {
+  ensureDir();
+  try {
+    appendFileSync(GATED_LEDGER_PATH, `${JSON.stringify(record)}\n`, { mode: 0o600 });
+    return true;
+  } catch { return false; }
+}
+
+function hash(text) {
+  return createHash('sha256').update(String(text)).digest('hex').slice(0, 16);
+}
+
+const GATE_LABEL_RX = /\b(?:personal_mouth_[a-z_]+\b|code_no_tests\b|code_fake_implementation\b|code_type_safety\b|ip_infrastructure\b|8lens_[a-z_]+\b|voice_cold_[a-z_]+\b|harness_output_gate_block\b|auto_fix:\s|personal_mouth_harness_[a-z_]+\b|personal_mouth_unsupported_[a-z_]+\b)/i;
+const COLLAPSE_RX = /I need to pause and reconsider\.?/i;
+const COMPLETION_CLAIM_RX = /\b(?:done|complete|completed|ready|verified|fixed|shipped|production-ready|passing|passed|all phases|all done)\b/i;
+const TEMPLATE_RX = /\b(?:Decision: use Owner Runtime kernels|Sequence: contract, Garden Service snapshot|Repair context loaded|Research context loaded|Action kernel engaged|I'm here with you\.\s*No fixing,\s*no task pressure)\b/i;
+const MINIMUM_CHARS = 50;
+
+/** Detect deterministic/templated kernel output */
+function isTemplateOutput(text, kernel) {
+  if (!text || text.length < MINIMUM_CHARS) return { isTemplate: true, reason: 'below_minimum_substance' };
+  if (TEMPLATE_RX.test(text)) return { isTemplate: true, reason: 'deterministic_kernel_template' };
+  return { isTemplate: false, reason: '' };
+}
+
+/** Check for completion claims without evidence */
+function hasUnsupportedClaim(text) {
+  if (!COMPLETION_CLAIM_RX.test(text)) return { claim: false, reasons: [] };
+  const reasons = [];
+  if (!/\b(?:exit\s*0|0\s+failures?|passed|status.*ok|200|verified|ledger_record|receiptId|sha256|test.*pass)\b/i.test(text)) {
+    reasons.push('completion_claim_without_measured_evidence');
+  }
+  if (!/<cognition>[\s\S]*?<\/cognition>/i.test(text) && !/<verify>[\s\S]*?<\/verify>/i.test(text)) {
+    reasons.push('completion_claim_without_cognition_or_verify');
+  }
+  return { claim: reasons.length > 0, reasons };
+}
+
+/** Check quality */
+function checkQuality(text) {
+  const reasons = [];
+  if (!text || text.length === 0) reasons.push('empty_output');
+  if (GATE_LABEL_RX.test(text)) reasons.push('gate_label_leak');
+  if (COLLAPSE_RX.test(text)) reasons.push('collapse_placeholder');
+  if (text.trim().length < MINIMUM_CHARS) reasons.push('below_minimum_chars');
+  return { passed: reasons.length === 0, reasons };
+}
+
+const SAFE_FALLBACKS = {
+  emotional_presence: "I'm here. Tell me what's with you right now.",
+  architect: "I need more context for a proper architecture answer.",
+  repair: "Let me trace the root cause. What's the specific error?",
+  action: "Action kernel requires confirmation. What would you like to execute?",
+  research: "Let me gather relevant information. What should I research?",
+  default: "Let me try again — that last response wasn't right.",
+};
+
+/**
+ * Enforce all gates on a kernel output.
+ * Returns the final safe text and the full enforcement record.
+ */
+export async function enforceGates(text, context = {}) {
+  const kernel = context.kernel || 'default';
+  const sessionId = context.sessionId || 'runtime';
+  const gateLog = [];
+  const startedAt = Date.now();
+  let current = text || '';
+  let enforced = false;
+  let allPassed = true;
+
+  // ── Gate 1: Template Detection ────────────────────────────────────
+  const templateCheck = isTemplateOutput(current, kernel);
+  gateLog.push({
+    gate: 'template',
+    passed: !templateCheck.isTemplate,
+    reason: templateCheck.reason,
+  });
+  if (templateCheck.isTemplate) {
+    enforced = true;
+    current = SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+    allPassed = false;
+  }
+
+  // ── Gate 2: Quality ───────────────────────────────────────────────
+  const quality = checkQuality(current);
+  gateLog.push({
+    gate: 'quality',
+    passed: quality.passed,
+    reasons: quality.reasons,
+  });
+  if (!quality.passed) {
+    enforced = true;
+    current = SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+    const requality = checkQuality(current);
+    if (!requality.passed) {
+      current = "I'm here. The pipeline needs attention. Let me recover.";
+    }
+    allPassed = false;
+  }
+
+  // ── Gate 3: Completion Claims ─────────────────────────────────────
+  const claimCheck = hasUnsupportedClaim(current);
+  gateLog.push({
+    gate: 'completion_claim',
+    passed: !claimCheck.claim,
+    reasons: claimCheck.reasons,
+  });
+  if (claimCheck.claim) {
+    enforced = true;
+    // Remove the claim language, keep the substance
+    current = current.replace(/\b(?:done|complete|completed|ready|verified|fixed|shipped|all phases|all done)\b/gi, 'in progress');
+    allPassed = false;
+  }
+
+  // ── Gate 4: Doctrine Trigger ──────────────────────────────────────
+  const doctrineHits = checkDoctrineTriggers(current, context);
+  gateLog.push({
+    gate: 'doctrine',
+    passed: doctrineHits.length === 0,
+    triggers: doctrineHits,
+  });
+
+  // ── Write Ledger Record ───────────────────────────────────────────
+  const record = {
+    recordId: randomUUID(),
+    sessionId,
+    kernel,
+    inputTextHash: hash(text),
+    finalTextHash: hash(current),
+    enforced,
+    allPassed,
+    gates: gateLog,
+    doctrineTriggers: doctrineHits,
+    durationMs: Date.now() - startedAt,
+    at: new Date().toISOString(),
+  };
+  appendRecord(record);
+
+  return {
+    finalText: current,
+    enforced,
+    allPassed,
+    gates: gateLog,
+    doctrineTriggers: doctrineHits,
+    record,
+  };
+}
+
+/** Load the doctrine trigger map and check text against it */
+function checkDoctrineTriggers(text, context) {
+  const triggers = [];
+  let map = null;
+  try {
+    if (existsSync(DOCTRINE_TRIGGER_MAP_PATH)) {
+      map = JSON.parse(readFileSync(DOCTRINE_TRIGGER_MAP_PATH, 'utf8'));
+    }
+  } catch {}
+  if (!map || !Array.isArray(map.triggers)) return triggers;
+
+  for (const trigger of map.triggers) {
+    if (!trigger.pattern) continue;
+    try {
+      const rx = new RegExp(trigger.pattern, 'i');
+      if (rx.test(text)) {
+        triggers.push({
+          trigger: trigger.name || trigger.pattern,
+          doctrine: trigger.doctrine || trigger.name,
+          severity: trigger.severity || 'warning',
+          action: trigger.action || 'log',
+        });
+      }
+    } catch {}
+  }
+  return triggers;
+}
+
+/**
+ * Fast inline enforcement — use in streamConversation or any
+ * point where a text is about to reach the user surface.
+ */
+export function enforceFast(text, kernel = 'default') {
+  if (!text || text.length === 0) return SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+  if (GATE_LABEL_RX.test(text)) return SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+  if (COLLAPSE_RX.test(text)) return SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+  if (TEMPLATE_RX.test(text)) return SAFE_FALLBACKS[kernel] || SAFE_FALLBACKS.default;
+  return text;
+}
+
+/**
+ * Read the gated ledger for monitoring/debugging.
+ */
+export function readGatedLedger(limit = 50) {
+  ensureDir();
+  try {
+    if (!existsSync(GATED_LEDGER_PATH)) return [];
+    const lines = readFileSync(GATED_LEDGER_PATH, 'utf8').trim().split('\n').filter(Boolean);
+    return lines.slice(-limit).map((line) => {
+      try { return JSON.parse(line); } catch { return null; }
+    }).filter(Boolean);
+  } catch {
+    return [];
+  }
+}