@aria_asi/cli 0.2.39 → 0.2.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (802) hide show
  1. package/bin/aria.js +236 -34
  2. package/dist/aria-connector/src/action-ledger-core.d.ts +387 -0
  3. package/dist/aria-connector/src/action-ledger-core.d.ts.map +1 -0
  4. package/dist/aria-connector/src/action-ledger-core.js +638 -0
  5. package/dist/aria-connector/src/action-ledger-core.js.map +1 -0
  6. package/dist/aria-connector/src/chat.d.ts.map +1 -1
  7. package/dist/aria-connector/src/chat.js +5 -6
  8. package/dist/aria-connector/src/chat.js.map +1 -1
  9. package/dist/aria-connector/src/codebase-scanner.d.ts +1 -1
  10. package/dist/aria-connector/src/codebase-scanner.d.ts.map +1 -1
  11. package/dist/aria-connector/src/connectors/claude-code.d.ts +1 -0
  12. package/dist/aria-connector/src/connectors/claude-code.d.ts.map +1 -1
  13. package/dist/aria-connector/src/connectors/claude-code.js +152 -14
  14. package/dist/aria-connector/src/connectors/claude-code.js.map +1 -1
  15. package/dist/aria-connector/src/connectors/codebase-awareness.d.ts +10 -0
  16. package/dist/aria-connector/src/connectors/codebase-awareness.d.ts.map +1 -1
  17. package/dist/aria-connector/src/connectors/codebase-awareness.js +276 -27
  18. package/dist/aria-connector/src/connectors/codebase-awareness.js.map +1 -1
  19. package/dist/aria-connector/src/connectors/codex.d.ts +3 -1
  20. package/dist/aria-connector/src/connectors/codex.d.ts.map +1 -1
  21. package/dist/aria-connector/src/connectors/codex.js +1271 -40
  22. package/dist/aria-connector/src/connectors/codex.js.map +1 -1
  23. package/dist/aria-connector/src/connectors/cursor.d.ts.map +1 -1
  24. package/dist/aria-connector/src/connectors/cursor.js +7 -0
  25. package/dist/aria-connector/src/connectors/cursor.js.map +1 -1
  26. package/dist/aria-connector/src/connectors/governed-adapter.d.ts +30 -0
  27. package/dist/aria-connector/src/connectors/governed-adapter.d.ts.map +1 -0
  28. package/dist/aria-connector/src/connectors/governed-adapter.js +132 -0
  29. package/dist/aria-connector/src/connectors/governed-adapter.js.map +1 -0
  30. package/dist/aria-connector/src/connectors/opencode.d.ts +3 -1
  31. package/dist/aria-connector/src/connectors/opencode.d.ts.map +1 -1
  32. package/dist/aria-connector/src/connectors/opencode.js +18 -2
  33. package/dist/aria-connector/src/connectors/opencode.js.map +1 -1
  34. package/dist/aria-connector/src/connectors/repo-guard.d.ts.map +1 -1
  35. package/dist/aria-connector/src/connectors/repo-guard.js +25 -14
  36. package/dist/aria-connector/src/connectors/repo-guard.js.map +1 -1
  37. package/dist/aria-connector/src/connectors/runtime.d.ts.map +1 -1
  38. package/dist/aria-connector/src/connectors/runtime.js +92 -2
  39. package/dist/aria-connector/src/connectors/runtime.js.map +1 -1
  40. package/dist/aria-connector/src/connectors/shell.d.ts.map +1 -1
  41. package/dist/aria-connector/src/connectors/shell.js +123 -7
  42. package/dist/aria-connector/src/connectors/shell.js.map +1 -1
  43. package/dist/aria-connector/src/cross-cli-hive-binding.d.ts +63 -0
  44. package/dist/aria-connector/src/cross-cli-hive-binding.d.ts.map +1 -0
  45. package/dist/aria-connector/src/cross-cli-hive-binding.js +205 -0
  46. package/dist/aria-connector/src/cross-cli-hive-binding.js.map +1 -0
  47. package/dist/aria-connector/src/garden-control-plane.d.ts +6 -1
  48. package/dist/aria-connector/src/garden-control-plane.d.ts.map +1 -1
  49. package/dist/aria-connector/src/garden-control-plane.js +8 -2
  50. package/dist/aria-connector/src/garden-control-plane.js.map +1 -1
  51. package/dist/aria-connector/src/governed-surface-runner.d.ts +189 -0
  52. package/dist/aria-connector/src/governed-surface-runner.d.ts.map +1 -0
  53. package/dist/aria-connector/src/governed-surface-runner.js +1022 -0
  54. package/dist/aria-connector/src/governed-surface-runner.js.map +1 -0
  55. package/dist/aria-connector/src/index.d.ts +10 -1
  56. package/dist/aria-connector/src/index.d.ts.map +1 -1
  57. package/dist/aria-connector/src/index.js +5 -0
  58. package/dist/aria-connector/src/index.js.map +1 -1
  59. package/dist/aria-connector/src/task-runner.d.ts +3 -0
  60. package/dist/aria-connector/src/task-runner.d.ts.map +1 -0
  61. package/dist/aria-connector/src/task-runner.js +3526 -0
  62. package/dist/aria-connector/src/task-runner.js.map +1 -0
  63. package/dist/aria-web/src/lib/codebase-scanner.d.ts +21 -2
  64. package/dist/aria-web/src/lib/codebase-scanner.d.ts.map +1 -1
  65. package/dist/aria-web/src/lib/codebase-scanner.js +59 -14
  66. package/dist/aria-web/src/lib/codebase-scanner.js.map +1 -1
  67. package/dist/assets/hooks/README.md +58 -0
  68. package/dist/assets/hooks/aria-agent-handoff.mjs +147 -2
  69. package/dist/assets/hooks/aria-agent-ledger-merge.mjs +31 -7
  70. package/dist/assets/hooks/aria-architect-fallback.mjs +10 -2
  71. package/dist/assets/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  72. package/dist/assets/hooks/aria-cognition-substrate-binding.mjs +84 -10
  73. package/dist/assets/hooks/aria-first-class-coach.mjs +305 -10
  74. package/dist/assets/hooks/aria-harness-via-sdk.mjs +93 -16
  75. package/dist/assets/hooks/aria-import-resolution-gate.mjs +106 -20
  76. package/dist/assets/hooks/aria-outcome-record.mjs +56 -20
  77. package/dist/assets/hooks/aria-pre-emit-autoload.mjs +1809 -0
  78. package/dist/assets/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  79. package/dist/assets/hooks/aria-pre-emit-dryrun.mjs +22 -3
  80. package/dist/assets/hooks/aria-pre-text-gate.mjs +11 -2
  81. package/dist/assets/hooks/aria-pre-tool-gate.mjs +516 -92
  82. package/dist/assets/hooks/aria-pre-tool-use.mjs +70 -6
  83. package/dist/assets/hooks/aria-preprompt-consult.mjs +23 -4
  84. package/dist/assets/hooks/aria-repo-doctrine-gate.mjs +29 -3
  85. package/dist/assets/hooks/aria-stop-gate.mjs +585 -76
  86. package/dist/assets/hooks/aria-trigger-autolearn.mjs +17 -3
  87. package/dist/assets/hooks/aria-universal-turn-packet.mjs +1165 -0
  88. package/dist/assets/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  89. package/dist/assets/hooks/canonical-settings-block.json +172 -0
  90. package/dist/assets/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  91. package/dist/assets/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  92. package/dist/assets/hooks/codex-native/aria-live-ticker.mjs +38 -0
  93. package/dist/assets/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  94. package/dist/assets/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  95. package/dist/assets/hooks/codex-native/aria-stop.mjs +691 -0
  96. package/dist/assets/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  97. package/dist/assets/hooks/codex-native/atlas-session-context.mjs +121 -0
  98. package/dist/assets/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  99. package/dist/assets/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  100. package/dist/assets/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  101. package/dist/assets/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  102. package/dist/assets/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  103. package/dist/assets/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  104. package/dist/assets/hooks/doctrine_trigger_map.json +236 -25
  105. package/dist/assets/hooks/doctrine_trigger_map.schema.json +46 -0
  106. package/dist/assets/hooks/install.sh +84 -0
  107. package/dist/assets/hooks/lib/action-ledger-core.mjs +269 -0
  108. package/dist/assets/hooks/lib/aria-gate-ledger.mjs +143 -0
  109. package/dist/assets/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  110. package/dist/assets/hooks/lib/atlas-dossier-client.mjs +151 -0
  111. package/dist/assets/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  112. package/dist/assets/hooks/lib/canonical-lenses.mjs +83 -6
  113. package/dist/assets/hooks/lib/coach-intent-classifier.mjs +248 -0
  114. package/dist/assets/hooks/lib/cognitive-block-parser.mjs +111 -0
  115. package/dist/assets/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  116. package/dist/assets/hooks/lib/domain-output-quality.mjs +132 -3
  117. package/dist/assets/hooks/lib/empty-catch-scanner.mjs +91 -0
  118. package/dist/assets/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  119. package/dist/assets/hooks/lib/evaluate-with-kernel.mjs +133 -0
  120. package/dist/assets/hooks/lib/first-class-coach.mjs +454 -19
  121. package/dist/assets/hooks/lib/gate-audit.mjs +12 -2
  122. package/dist/assets/hooks/lib/gate-loop-state.mjs +11 -2
  123. package/dist/assets/hooks/lib/goal-contract-quality.mjs +302 -0
  124. package/dist/assets/hooks/lib/hook-message-window.mjs +101 -9
  125. package/dist/assets/hooks/lib/invocation-required-verifier.mjs +184 -0
  126. package/dist/assets/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  127. package/dist/assets/hooks/lib/obligation-ledger.mjs +147 -0
  128. package/dist/assets/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  129. package/dist/assets/hooks/lib/owner-authorizations.mjs +269 -0
  130. package/dist/assets/hooks/lib/probe-discipline-scanner.mjs +142 -0
  131. package/dist/assets/hooks/lib/project-boundary-cognition.mjs +143 -0
  132. package/dist/assets/hooks/lib/recovery-context.mjs +151 -0
  133. package/dist/assets/hooks/lib/recovery-template-loader.mjs +154 -0
  134. package/dist/assets/hooks/lib/self-doctrine-check.mjs +321 -0
  135. package/dist/assets/hooks/lib/sensitive-shape-detector.mjs +64 -0
  136. package/dist/assets/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  137. package/dist/assets/hooks/lib/stop-hook-protocol.mjs +166 -0
  138. package/dist/assets/hooks/lib/surface-caught.mjs +94 -0
  139. package/dist/assets/hooks/recovery-templates/force-reauthor.md +67 -0
  140. package/dist/assets/hooks/recovery-templates/handoff-recovery.md +25 -0
  141. package/dist/assets/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  142. package/dist/assets/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  143. package/dist/assets/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  144. package/dist/assets/hooks/test-tier-lens-labeling.mjs +14 -3
  145. package/dist/assets/opencode-plugins/harness-context/index.js +39 -6
  146. package/dist/assets/opencode-plugins/harness-context/task-project-ledger.mjs +5 -1
  147. package/dist/assets/opencode-plugins/harness-gate/index.js +36 -0
  148. package/dist/assets/opencode-plugins/harness-gate/lib/atlas-dossier-client.js +1 -0
  149. package/dist/assets/opencode-plugins/harness-gate/lib/recovery-grants.js +79 -0
  150. package/dist/assets/opencode-plugins/harness-outcome/index.js +12 -0
  151. package/dist/assets/opencode-plugins/harness-stop/index.js +97 -2
  152. package/dist/assets/opencode-plugins/harness-stop/lib/atlas-dossier-client.js +1 -0
  153. package/dist/assets/opencode-plugins/harness-stop/lib/domain-output-quality.js +15 -2
  154. package/dist/assets/opencode-plugins/lib/coach.js +148 -0
  155. package/dist/runtime/coach-kernel.mjs +144 -7
  156. package/dist/runtime/codex-bridge.mjs +254 -8
  157. package/dist/runtime/discipline/doctrine_trigger_map.json +236 -25
  158. package/dist/runtime/discipline/skills/aria-cognition/34-frameworks-unified/SKILL.md +42 -0
  159. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-cognitives/SKILL.md +128 -0
  160. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-intra-phase/SKILL.md +99 -0
  161. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-post-phase/SKILL.md +118 -0
  162. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-pre-phase/SKILL.md +117 -0
  163. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/SKILL.md +202 -0
  164. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/agents/openai.yaml +4 -0
  165. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/references/source-map.md +130 -0
  166. package/dist/runtime/discipline/skills/aria-cognition/aria-backend-architect/SKILL.md +124 -0
  167. package/dist/runtime/discipline/skills/aria-cognition/aria-backend-architect/references/backend-cookbook.md +417 -0
  168. package/dist/runtime/discipline/skills/aria-cognition/aria-business-audit/SKILL.md +133 -0
  169. package/dist/runtime/discipline/skills/aria-cognition/aria-business-audit/references/audit-cookbook.md +247 -0
  170. package/dist/runtime/discipline/skills/aria-cognition/aria-business-frame/SKILL.md +138 -0
  171. package/dist/runtime/discipline/skills/aria-cognition/aria-business-frame/references/business-cookbook.md +154 -0
  172. package/dist/runtime/discipline/skills/aria-cognition/aria-chat/SKILL.md +84 -0
  173. package/dist/runtime/discipline/skills/aria-cognition/aria-chat/scripts/aria-chat.sh +57 -0
  174. package/dist/runtime/discipline/skills/aria-cognition/aria-cognition-autofire/SKILL.md +137 -0
  175. package/dist/runtime/discipline/skills/aria-cognition/aria-cognition-batch/SKILL.md +264 -0
  176. package/dist/runtime/discipline/skills/aria-cognition/aria-decision-mizan/SKILL.md +136 -0
  177. package/dist/runtime/discipline/skills/aria-cognition/aria-decision-mizan/references/decision-frameworks.md +287 -0
  178. package/dist/runtime/discipline/skills/aria-cognition/aria-first-class-operating-contract/SKILL.md +104 -0
  179. package/dist/runtime/discipline/skills/aria-cognition/aria-frontend-architect/SKILL.md +123 -0
  180. package/dist/runtime/discipline/skills/aria-cognition/aria-frontend-architect/references/frontend-cookbook.md +358 -0
  181. package/dist/runtime/discipline/skills/aria-cognition/aria-fullstack-orchestrator/SKILL.md +127 -0
  182. package/dist/runtime/discipline/skills/aria-cognition/aria-fullstack-orchestrator/references/fullstack-cookbook.md +383 -0
  183. package/dist/runtime/discipline/skills/aria-cognition/aria-gtm-architect/SKILL.md +126 -0
  184. package/dist/runtime/discipline/skills/aria-cognition/aria-gtm-architect/references/gtm-cookbook.md +235 -0
  185. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-deploy/SKILL.md +145 -0
  186. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-no-stripping/SKILL.md +135 -0
  187. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-onboarding/SKILL.md +130 -0
  188. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-output-discipline/SKILL.md +120 -0
  189. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-substrate-binding/SKILL.md +139 -0
  190. package/dist/runtime/discipline/skills/aria-cognition/aria-http-harness-client/SKILL.md +85 -0
  191. package/dist/runtime/discipline/skills/aria-cognition/aria-http-harness-client/scripts/smoke.mjs +47 -0
  192. package/dist/runtime/discipline/skills/aria-cognition/aria-k8s-deploy/SKILL.md +174 -0
  193. package/dist/runtime/discipline/skills/aria-cognition/aria-k8s-deploy/agents/openai.yaml +3 -0
  194. package/dist/runtime/discipline/skills/aria-cognition/aria-ladduniframe/SKILL.md +60 -0
  195. package/dist/runtime/discipline/skills/aria-cognition/aria-ledger-fleet-execution/SKILL.md +126 -0
  196. package/dist/runtime/discipline/skills/aria-cognition/aria-live-ops/SKILL.md +54 -0
  197. package/dist/runtime/discipline/skills/aria-cognition/aria-mac-ssh-ops/SKILL.md +100 -0
  198. package/dist/runtime/discipline/skills/aria-cognition/aria-memory-index/SKILL.md +42 -0
  199. package/dist/runtime/discipline/skills/aria-cognition/aria-noor-cognitives/SKILL.md +120 -0
  200. package/dist/runtime/discipline/skills/aria-cognition/aria-ops/SKILL.md +60 -0
  201. package/dist/runtime/discipline/skills/aria-cognition/aria-ops/references/live-endpoints.md +59 -0
  202. package/dist/runtime/discipline/skills/aria-cognition/aria-quality-audit/SKILL.md +133 -0
  203. package/dist/runtime/discipline/skills/aria-cognition/aria-readable-output/SKILL.md +239 -0
  204. package/dist/runtime/discipline/skills/aria-cognition/aria-readable-output/references/layout-cookbook.md +366 -0
  205. package/dist/runtime/discipline/skills/aria-cognition/aria-reasoning/SKILL.md +67 -0
  206. package/dist/runtime/discipline/skills/aria-cognition/aria-reasoning/references/core-principles.md +42 -0
  207. package/dist/runtime/discipline/skills/aria-cognition/aria-repo-audit/SKILL.md +135 -0
  208. package/dist/runtime/discipline/skills/aria-cognition/aria-repo-audit/references/repo-audit-cookbook.md +375 -0
  209. package/dist/runtime/discipline/skills/aria-cognition/aria-research-orchestrator/SKILL.md +138 -0
  210. package/dist/runtime/discipline/skills/aria-cognition/aria-research-orchestrator/references/research-patterns.md +270 -0
  211. package/dist/runtime/discipline/skills/aria-cognition/aria-retention-engine/SKILL.md +120 -0
  212. package/dist/runtime/discipline/skills/aria-cognition/aria-retention-engine/references/retention-cookbook.md +271 -0
  213. package/dist/runtime/discipline/skills/aria-cognition/aria-revenue-engine/SKILL.md +128 -0
  214. package/dist/runtime/discipline/skills/aria-cognition/aria-revenue-engine/references/revenue-cookbook.md +227 -0
  215. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-audit/SKILL.md +233 -0
  216. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-audit/references/audit-checklist.md +369 -0
  217. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-cookbook/SKILL.md +288 -0
  218. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-cookbook/references/engineering-cookbook.md +489 -0
  219. package/dist/runtime/discipline/skills/aria-cognition/aria-soul-principles/SKILL.md +42 -0
  220. package/dist/runtime/discipline/skills/aria-cognition/aria-task-codex-executor/SKILL.md +86 -0
  221. package/dist/runtime/discipline/skills/aria-cognition/aristotle-engine/SKILL.md +42 -0
  222. package/dist/runtime/discipline/skills/aria-cognition/cross-domain-24/SKILL.md +42 -0
  223. package/dist/runtime/discipline/skills/aria-cognition/deepsoul-emotional/SKILL.md +42 -0
  224. package/dist/runtime/discipline/skills/aria-cognition/fitrah-guard/SKILL.md +78 -0
  225. package/dist/runtime/discipline/skills/aria-cognition/ghazali-8lens/SKILL.md +227 -29
  226. package/dist/runtime/discipline/skills/aria-cognition/ghazali-8lens/references/ghazali-8lens-cookbook.md +797 -0
  227. package/dist/runtime/discipline/skills/aria-cognition/ijtihad-novel/SKILL.md +42 -0
  228. package/dist/runtime/discipline/skills/aria-cognition/ilham-intuition/SKILL.md +42 -0
  229. package/dist/runtime/discipline/skills/aria-cognition/never-guess/SKILL.md +77 -0
  230. package/dist/runtime/discipline/skills/aria-cognition/noor-recognition/SKILL.md +45 -0
  231. package/dist/runtime/discipline/skills/aria-cognition/qiyas-analogy/SKILL.md +174 -14
  232. package/dist/runtime/discipline/skills/aria-cognition/ruh-basis/SKILL.md +42 -0
  233. package/dist/runtime/discipline/skills/aria-cognition/tadabbur/SKILL.md +506 -0
  234. package/dist/runtime/discipline/skills/aria-cognition/tadabbur/references/tadabbur-cookbook.md +921 -0
  235. package/dist/runtime/discipline/skills/aria-cognition/tadabbur-ops/SKILL.md +42 -0
  236. package/dist/runtime/discipline/skills/aria-cognition/tafakkur/SKILL.md +104 -0
  237. package/dist/runtime/doctrine_trigger_map.json +236 -25
  238. package/dist/runtime/embedded-public-key.mjs +27 -0
  239. package/dist/runtime/gated-ledger.mjs +41 -14
  240. package/dist/runtime/harness-daemon.mjs +85 -10
  241. package/dist/runtime/hive-wal-publisher.mjs +292 -0
  242. package/dist/runtime/hooks/README.md +58 -0
  243. package/dist/runtime/hooks/aria-agent-handoff.mjs +147 -2
  244. package/dist/runtime/hooks/aria-agent-ledger-merge.mjs +31 -7
  245. package/dist/runtime/hooks/aria-architect-fallback.mjs +10 -2
  246. package/dist/runtime/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  247. package/dist/runtime/hooks/aria-cognition-substrate-binding.mjs +84 -10
  248. package/dist/runtime/hooks/aria-first-class-coach.mjs +305 -10
  249. package/dist/runtime/hooks/aria-harness-via-sdk.mjs +93 -16
  250. package/dist/runtime/hooks/aria-import-resolution-gate.mjs +106 -20
  251. package/dist/runtime/hooks/aria-outcome-record.mjs +56 -20
  252. package/dist/runtime/hooks/aria-pre-emit-autoload.mjs +1809 -0
  253. package/dist/runtime/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  254. package/dist/runtime/hooks/aria-pre-emit-dryrun.mjs +22 -3
  255. package/dist/runtime/hooks/aria-pre-text-gate.mjs +11 -2
  256. package/dist/runtime/hooks/aria-pre-tool-gate.mjs +516 -92
  257. package/dist/runtime/hooks/aria-pre-tool-use.mjs +70 -6
  258. package/dist/runtime/hooks/aria-preprompt-consult.mjs +23 -4
  259. package/dist/runtime/hooks/aria-repo-doctrine-gate.mjs +29 -3
  260. package/dist/runtime/hooks/aria-stop-gate.mjs +585 -76
  261. package/dist/runtime/hooks/aria-trigger-autolearn.mjs +17 -3
  262. package/dist/runtime/hooks/aria-universal-turn-packet.mjs +1165 -0
  263. package/dist/runtime/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  264. package/dist/runtime/hooks/canonical-settings-block.json +172 -0
  265. package/dist/runtime/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  266. package/dist/runtime/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  267. package/dist/runtime/hooks/codex-native/aria-live-ticker.mjs +38 -0
  268. package/dist/runtime/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  269. package/dist/runtime/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  270. package/dist/runtime/hooks/codex-native/aria-stop.mjs +691 -0
  271. package/dist/runtime/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  272. package/dist/runtime/hooks/codex-native/atlas-session-context.mjs +121 -0
  273. package/dist/runtime/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  274. package/dist/runtime/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  275. package/dist/runtime/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  276. package/dist/runtime/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  277. package/dist/runtime/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  278. package/dist/runtime/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  279. package/dist/runtime/hooks/doctrine_trigger_map.json +236 -25
  280. package/dist/runtime/hooks/doctrine_trigger_map.schema.json +46 -0
  281. package/dist/runtime/hooks/install.sh +84 -0
  282. package/dist/runtime/hooks/lib/action-ledger-core.mjs +269 -0
  283. package/dist/runtime/hooks/lib/aria-gate-ledger.mjs +143 -0
  284. package/dist/runtime/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  285. package/dist/runtime/hooks/lib/atlas-dossier-client.mjs +151 -0
  286. package/dist/runtime/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  287. package/dist/runtime/hooks/lib/canonical-lenses.mjs +83 -6
  288. package/dist/runtime/hooks/lib/coach-intent-classifier.mjs +248 -0
  289. package/dist/runtime/hooks/lib/cognitive-block-parser.mjs +111 -0
  290. package/dist/runtime/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  291. package/dist/runtime/hooks/lib/domain-output-quality.mjs +132 -3
  292. package/dist/runtime/hooks/lib/empty-catch-scanner.mjs +91 -0
  293. package/dist/runtime/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  294. package/dist/runtime/hooks/lib/evaluate-with-kernel.mjs +133 -0
  295. package/dist/runtime/hooks/lib/first-class-coach.mjs +454 -19
  296. package/dist/runtime/hooks/lib/gate-audit.mjs +12 -2
  297. package/dist/runtime/hooks/lib/gate-loop-state.mjs +11 -2
  298. package/dist/runtime/hooks/lib/goal-contract-quality.mjs +302 -0
  299. package/dist/runtime/hooks/lib/hook-message-window.mjs +101 -9
  300. package/dist/runtime/hooks/lib/invocation-required-verifier.mjs +184 -0
  301. package/dist/runtime/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  302. package/dist/runtime/hooks/lib/obligation-ledger.mjs +147 -0
  303. package/dist/runtime/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  304. package/dist/runtime/hooks/lib/owner-authorizations.mjs +269 -0
  305. package/dist/runtime/hooks/lib/probe-discipline-scanner.mjs +142 -0
  306. package/dist/runtime/hooks/lib/project-boundary-cognition.mjs +143 -0
  307. package/dist/runtime/hooks/lib/recovery-context.mjs +151 -0
  308. package/dist/runtime/hooks/lib/recovery-template-loader.mjs +154 -0
  309. package/dist/runtime/hooks/lib/self-doctrine-check.mjs +321 -0
  310. package/dist/runtime/hooks/lib/sensitive-shape-detector.mjs +64 -0
  311. package/dist/runtime/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  312. package/dist/runtime/hooks/lib/stop-hook-protocol.mjs +166 -0
  313. package/dist/runtime/hooks/lib/surface-caught.mjs +94 -0
  314. package/dist/runtime/hooks/recovery-templates/force-reauthor.md +67 -0
  315. package/dist/runtime/hooks/recovery-templates/handoff-recovery.md +25 -0
  316. package/dist/runtime/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  317. package/dist/runtime/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  318. package/dist/runtime/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  319. package/dist/runtime/hooks/test-tier-lens-labeling.mjs +14 -3
  320. package/dist/runtime/lib/evaluate-with-kernel.mjs +133 -0
  321. package/dist/runtime/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  322. package/dist/runtime/local-phase.mjs +10 -5
  323. package/dist/runtime/manifest.json +8 -8
  324. package/dist/runtime/packet-verifier.mjs +166 -0
  325. package/dist/runtime/provider-proxy.mjs +13 -0
  326. package/dist/runtime/quality-enforcer.mjs +40 -23
  327. package/dist/runtime/runtime-rails/registry.mjs +252 -0
  328. package/dist/runtime/sdk/BUNDLED.json +2 -2
  329. package/dist/runtime/sdk/index.d.ts +119 -4
  330. package/dist/runtime/sdk/index.js +138 -12
  331. package/dist/runtime/sdk/index.js.map +1 -1
  332. package/dist/runtime/service.mjs +8036 -764
  333. package/dist/runtime/sub-agent-enforcer.mjs +201 -0
  334. package/dist/runtime/task-project-ledger.mjs +5 -1
  335. package/dist/sdk/BUNDLED.json +2 -2
  336. package/dist/sdk/index.d.ts +119 -4
  337. package/dist/sdk/index.js +138 -12
  338. package/dist/sdk/index.js.map +1 -1
  339. package/hooks/README.md +58 -0
  340. package/hooks/aria-agent-handoff.mjs +147 -2
  341. package/hooks/aria-agent-ledger-merge.mjs +31 -7
  342. package/hooks/aria-architect-fallback.mjs +10 -2
  343. package/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  344. package/hooks/aria-cognition-substrate-binding.mjs +84 -10
  345. package/hooks/aria-first-class-coach.mjs +305 -10
  346. package/hooks/aria-harness-via-sdk.mjs +93 -16
  347. package/hooks/aria-import-resolution-gate.mjs +106 -20
  348. package/hooks/aria-outcome-record.mjs +56 -20
  349. package/hooks/aria-pre-emit-autoload.mjs +1809 -0
  350. package/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  351. package/hooks/aria-pre-emit-dryrun.mjs +22 -3
  352. package/hooks/aria-pre-text-gate.mjs +11 -2
  353. package/hooks/aria-pre-tool-gate.mjs +516 -92
  354. package/hooks/aria-pre-tool-use.mjs +70 -6
  355. package/hooks/aria-preprompt-consult.mjs +23 -4
  356. package/hooks/aria-repo-doctrine-gate.mjs +29 -3
  357. package/hooks/aria-stop-gate.mjs +585 -76
  358. package/hooks/aria-trigger-autolearn.mjs +17 -3
  359. package/hooks/aria-universal-turn-packet.mjs +1165 -0
  360. package/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  361. package/hooks/canonical-settings-block.json +172 -0
  362. package/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  363. package/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  364. package/hooks/codex-native/aria-live-ticker.mjs +38 -0
  365. package/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  366. package/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  367. package/hooks/codex-native/aria-stop.mjs +691 -0
  368. package/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  369. package/hooks/codex-native/atlas-session-context.mjs +121 -0
  370. package/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  371. package/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  372. package/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  373. package/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  374. package/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  375. package/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  376. package/hooks/doctrine_trigger_map.json +236 -25
  377. package/hooks/doctrine_trigger_map.schema.json +46 -0
  378. package/hooks/install.sh +84 -0
  379. package/hooks/lib/action-ledger-core.mjs +269 -0
  380. package/hooks/lib/aria-gate-ledger.mjs +143 -0
  381. package/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  382. package/hooks/lib/atlas-dossier-client.mjs +151 -0
  383. package/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  384. package/hooks/lib/canonical-lenses.mjs +83 -6
  385. package/hooks/lib/coach-intent-classifier.mjs +248 -0
  386. package/hooks/lib/cognitive-block-parser.mjs +111 -0
  387. package/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  388. package/hooks/lib/domain-output-quality.mjs +132 -3
  389. package/hooks/lib/empty-catch-scanner.mjs +91 -0
  390. package/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  391. package/hooks/lib/evaluate-with-kernel.mjs +133 -0
  392. package/hooks/lib/first-class-coach.mjs +454 -19
  393. package/hooks/lib/gate-audit.mjs +12 -2
  394. package/hooks/lib/gate-loop-state.mjs +11 -2
  395. package/hooks/lib/goal-contract-quality.mjs +302 -0
  396. package/hooks/lib/hook-message-window.mjs +101 -9
  397. package/hooks/lib/invocation-required-verifier.mjs +184 -0
  398. package/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  399. package/hooks/lib/obligation-ledger.mjs +147 -0
  400. package/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  401. package/hooks/lib/owner-authorizations.mjs +269 -0
  402. package/hooks/lib/probe-discipline-scanner.mjs +142 -0
  403. package/hooks/lib/project-boundary-cognition.mjs +143 -0
  404. package/hooks/lib/recovery-context.mjs +151 -0
  405. package/hooks/lib/recovery-template-loader.mjs +154 -0
  406. package/hooks/lib/self-doctrine-check.mjs +321 -0
  407. package/hooks/lib/sensitive-shape-detector.mjs +64 -0
  408. package/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  409. package/hooks/lib/stop-hook-protocol.mjs +166 -0
  410. package/hooks/lib/surface-caught.mjs +94 -0
  411. package/hooks/recovery-templates/force-reauthor.md +67 -0
  412. package/hooks/recovery-templates/handoff-recovery.md +25 -0
  413. package/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  414. package/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  415. package/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  416. package/hooks/test-tier-lens-labeling.mjs +14 -3
  417. package/opencode-plugins/harness-context/index.js +39 -6
  418. package/opencode-plugins/harness-context/task-project-ledger.mjs +5 -1
  419. package/opencode-plugins/harness-gate/index.js +36 -0
  420. package/opencode-plugins/harness-gate/lib/atlas-dossier-client.js +1 -0
  421. package/opencode-plugins/harness-gate/lib/recovery-grants.js +79 -0
  422. package/opencode-plugins/harness-outcome/index.js +12 -0
  423. package/opencode-plugins/harness-stop/index.js +97 -2
  424. package/opencode-plugins/harness-stop/lib/atlas-dossier-client.js +1 -0
  425. package/opencode-plugins/harness-stop/lib/domain-output-quality.js +15 -2
  426. package/opencode-plugins/lib/coach.js +148 -0
  427. package/package.json +71 -5
  428. package/runtime-src/coach-kernel.mjs +144 -7
  429. package/runtime-src/codex-bridge.mjs +254 -8
  430. package/runtime-src/embedded-public-key.mjs +27 -0
  431. package/runtime-src/gated-ledger.mjs +41 -14
  432. package/runtime-src/harness-daemon.mjs +85 -10
  433. package/runtime-src/hive-wal-publisher.mjs +292 -0
  434. package/runtime-src/lib/evaluate-with-kernel.mjs +133 -0
  435. package/runtime-src/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  436. package/runtime-src/local-phase.mjs +10 -5
  437. package/runtime-src/packet-verifier.mjs +166 -0
  438. package/runtime-src/provider-proxy.mjs +13 -0
  439. package/runtime-src/quality-enforcer.mjs +40 -23
  440. package/runtime-src/runtime-rails/registry.mjs +252 -0
  441. package/runtime-src/service.mjs +8036 -764
  442. package/runtime-src/sub-agent-enforcer.mjs +201 -0
  443. package/scripts/aria-ledger-append.mjs +337 -0
  444. package/scripts/aria-task-cheap-worker-dispatch.mjs +234 -0
  445. package/scripts/audit-of-audit-prior-tasks.mjs +194 -0
  446. package/scripts/audit-of-audit-this-turn.mjs +116 -0
  447. package/scripts/bundle-sdk.mjs +31 -5
  448. package/scripts/check-cli-wrapper-provider-contract.mjs +160 -0
  449. package/scripts/check-client-compatibility.mjs +15 -5
  450. package/scripts/check-client-smoke.mjs +297 -0
  451. package/scripts/check-codex-orchestrator-adoption.mjs +150 -0
  452. package/scripts/check-glm-env-wired.mjs +131 -0
  453. package/scripts/check-hive-local-storage-contract.mjs +91 -0
  454. package/scripts/check-hook-mirror.mjs +150 -0
  455. package/scripts/check-install-sh-drift.mjs +152 -0
  456. package/scripts/check-kernel-sync.mjs +101 -0
  457. package/scripts/check-package-artifact.mjs +152 -0
  458. package/scripts/check-registry-mirror.mjs +71 -0
  459. package/scripts/drain-owner-airtable-sync-queue.mjs +287 -0
  460. package/scripts/export-owner-status-sheets.mjs +589 -0
  461. package/scripts/live-sidecar-receipt-canary.mjs +347 -0
  462. package/scripts/qiyas-tadabbur-model-matrix.mjs +970 -0
  463. package/scripts/quality-ab-live-provider.mjs +913 -0
  464. package/scripts/self-test-action-ledger-core.mjs +190 -0
  465. package/scripts/self-test-approval-receipt-binding.mjs +122 -0
  466. package/scripts/self-test-autofire-quality-output.mjs +110 -0
  467. package/scripts/self-test-claude-code-action-ledger.mjs +132 -0
  468. package/scripts/self-test-claude-code-mechanical-autofire-hive.mjs +138 -0
  469. package/scripts/self-test-claude-code-mechanical-autofire.mjs +234 -0
  470. package/scripts/self-test-codebase-awareness-atlas-delta.mjs +159 -0
  471. package/scripts/self-test-codebase-awareness-delta-ingest.mjs +179 -0
  472. package/scripts/self-test-codex-live-hook-parity.mjs +84 -0
  473. package/scripts/self-test-codex-native-action-ledger.mjs +167 -0
  474. package/scripts/self-test-codex-native-hook-json-contract.mjs +74 -0
  475. package/scripts/self-test-codex-orchestrator-continuity.mjs +113 -0
  476. package/scripts/self-test-codex-readable-recovery.mjs +94 -0
  477. package/scripts/self-test-codex-self-harness.mjs +538 -0
  478. package/scripts/self-test-compiled-workunit.mjs +214 -0
  479. package/scripts/self-test-continuation-output-smoke.mjs +101 -0
  480. package/scripts/self-test-cross-cli-fleet-ticker.mjs +85 -0
  481. package/scripts/self-test-cross-cli-hive-adoption.mjs +125 -0
  482. package/scripts/self-test-cross-cli-hive-learning.mjs +146 -0
  483. package/scripts/self-test-cross-phase-tool-failure.mjs +110 -0
  484. package/scripts/self-test-cross-surface-action-ledger.mjs +149 -0
  485. package/scripts/self-test-end-of-phase-qa-court.mjs +616 -0
  486. package/scripts/self-test-evaluate-with-kernel.mjs +111 -0
  487. package/scripts/self-test-first-class-output-delta-proof.mjs +307 -0
  488. package/scripts/self-test-goal-contract-output-qa.mjs +73 -0
  489. package/scripts/self-test-goal-contract.mjs +35 -0
  490. package/scripts/self-test-governed-adapters.mjs +105 -0
  491. package/scripts/self-test-governed-surface-runner.mjs +198 -0
  492. package/scripts/self-test-harness-gates.mjs +15 -12
  493. package/scripts/self-test-harness-ticker-sidecar.mjs +153 -0
  494. package/scripts/self-test-hive-org-kernel.mjs +233 -0
  495. package/scripts/self-test-hive-session-coordination.mjs +156 -0
  496. package/scripts/self-test-hive-wal-consumer.mjs +111 -0
  497. package/scripts/self-test-kernel-a3-a4-selection.mjs +179 -0
  498. package/scripts/self-test-ledger-append.mjs +175 -0
  499. package/scripts/self-test-live-codex-posttool-packet-smoke.mjs +111 -0
  500. package/scripts/self-test-live-codex-pretool-packet-smoke.mjs +101 -0
  501. package/scripts/self-test-live-codex-stop-qa-kernel-smoke.mjs +43 -0
  502. package/scripts/self-test-live-wrapper-substrate-inventory.mjs +149 -0
  503. package/scripts/self-test-local-main-sync-script.mjs +47 -0
  504. package/scripts/self-test-mechanical-autofire-resolver.mjs +296 -0
  505. package/scripts/self-test-no-consult-cognitive-skills-output.mjs +135 -0
  506. package/scripts/self-test-owner-airtable-sync-queue.mjs +196 -0
  507. package/scripts/self-test-owner-airtable-sync.mjs +181 -0
  508. package/scripts/self-test-owner-sheets-action-ledger.mjs +100 -0
  509. package/scripts/self-test-production-preflight.mjs +78 -0
  510. package/scripts/self-test-project-boundary-cognition.mjs +79 -0
  511. package/scripts/self-test-qa-exec-kernel.mjs +34 -0
  512. package/scripts/self-test-qa-recovery-learning-loop.mjs +113 -0
  513. package/scripts/self-test-qiyas-label-alignment.mjs +94 -0
  514. package/scripts/self-test-recovery-context.mjs +110 -0
  515. package/scripts/self-test-repo-guard.mjs +10 -0
  516. package/scripts/self-test-runtime-health-self-heal.mjs +161 -0
  517. package/scripts/self-test-runtime-postcondition.mjs +70 -0
  518. package/scripts/self-test-soul-precommit-hook.mjs +39 -0
  519. package/scripts/self-test-stop-gate-kernel-guards.mjs +185 -0
  520. package/scripts/self-test-stop-gate.mjs +128 -0
  521. package/scripts/self-test-substrate-kernel-execution-receipt.mjs +130 -0
  522. package/scripts/self-test-substrate-open-skill-floor.mjs +87 -0
  523. package/scripts/self-test-substrate-output-quality-eval.mjs +171 -0
  524. package/scripts/self-test-task-closeout-drift.mjs +97 -0
  525. package/scripts/self-test-task-project-ledger-readiness.mjs +43 -0
  526. package/scripts/self-test-task-runner-phase-consumer.mjs +134 -0
  527. package/scripts/self-test-task-worker-lane.mjs +256 -0
  528. package/scripts/self-test-turn-substrate-qa-kernel.mjs +188 -0
  529. package/scripts/self-test-universal-action-capture.mjs +153 -0
  530. package/scripts/self-test-universal-turn-packet-entrypoints.mjs +252 -0
  531. package/scripts/self-test-universal-turn-packet.mjs +320 -0
  532. package/scripts/session-quality-backfill.mjs +253 -0
  533. package/scripts/smoke-autofire-100-prompts.mjs +481 -0
  534. package/scripts/sync-local-main-on-task-complete.mjs +278 -0
  535. package/scripts/sync-owner-status-airtable.mjs +1158 -0
  536. package/scripts/validate-skill-prompts.mjs +12 -1
  537. package/scripts/verify-codex-native-mirror.mjs +262 -0
  538. package/skills/34-frameworks-unified/SKILL.md +42 -0
  539. package/skills/api-design/SKILL.md +123 -0
  540. package/skills/architecture-decision/SKILL.md +105 -0
  541. package/skills/aria-aristotle-cognitives/SKILL.md +128 -0
  542. package/skills/aria-aristotle-intra-phase/SKILL.md +99 -0
  543. package/skills/aria-aristotle-post-phase/SKILL.md +116 -0
  544. package/skills/aria-aristotle-pre-phase/SKILL.md +117 -0
  545. package/skills/aria-axioms-first-principles/SKILL.md +202 -0
  546. package/skills/aria-axioms-first-principles/agents/openai.yaml +4 -0
  547. package/skills/aria-axioms-first-principles/references/source-map.md +130 -0
  548. package/skills/aria-chat/SKILL.md +84 -0
  549. package/skills/aria-chat/scripts/aria-chat.sh +57 -0
  550. package/skills/aria-cognition/34-frameworks-unified/SKILL.md +42 -0
  551. package/skills/aria-cognition/aria-aristotle-cognitives/SKILL.md +128 -0
  552. package/skills/aria-cognition/aria-aristotle-intra-phase/SKILL.md +99 -0
  553. package/skills/aria-cognition/aria-aristotle-post-phase/SKILL.md +118 -0
  554. package/skills/aria-cognition/aria-aristotle-pre-phase/SKILL.md +117 -0
  555. package/skills/aria-cognition/aria-axioms-first-principles/SKILL.md +202 -0
  556. package/skills/aria-cognition/aria-axioms-first-principles/agents/openai.yaml +4 -0
  557. package/skills/aria-cognition/aria-axioms-first-principles/references/source-map.md +130 -0
  558. package/skills/aria-cognition/aria-backend-architect/SKILL.md +124 -0
  559. package/skills/aria-cognition/aria-backend-architect/references/backend-cookbook.md +417 -0
  560. package/skills/aria-cognition/aria-business-audit/SKILL.md +133 -0
  561. package/skills/aria-cognition/aria-business-audit/references/audit-cookbook.md +247 -0
  562. package/skills/aria-cognition/aria-business-frame/SKILL.md +138 -0
  563. package/skills/aria-cognition/aria-business-frame/references/business-cookbook.md +154 -0
  564. package/skills/aria-cognition/aria-chat/SKILL.md +84 -0
  565. package/skills/aria-cognition/aria-chat/scripts/aria-chat.sh +57 -0
  566. package/skills/aria-cognition/aria-cognition-autofire/SKILL.md +137 -0
  567. package/skills/aria-cognition/aria-cognition-batch/SKILL.md +264 -0
  568. package/skills/aria-cognition/aria-decision-mizan/SKILL.md +136 -0
  569. package/skills/aria-cognition/aria-decision-mizan/references/decision-frameworks.md +287 -0
  570. package/skills/aria-cognition/aria-first-class-operating-contract/SKILL.md +104 -0
  571. package/skills/aria-cognition/aria-frontend-architect/SKILL.md +123 -0
  572. package/skills/aria-cognition/aria-frontend-architect/references/frontend-cookbook.md +358 -0
  573. package/skills/aria-cognition/aria-fullstack-orchestrator/SKILL.md +127 -0
  574. package/skills/aria-cognition/aria-fullstack-orchestrator/references/fullstack-cookbook.md +383 -0
  575. package/skills/aria-cognition/aria-gtm-architect/SKILL.md +126 -0
  576. package/skills/aria-cognition/aria-gtm-architect/references/gtm-cookbook.md +235 -0
  577. package/skills/aria-cognition/aria-harness-deploy/SKILL.md +145 -0
  578. package/skills/aria-cognition/aria-harness-no-stripping/SKILL.md +135 -0
  579. package/skills/aria-cognition/aria-harness-onboarding/SKILL.md +130 -0
  580. package/skills/aria-cognition/aria-harness-output-discipline/SKILL.md +120 -0
  581. package/skills/aria-cognition/aria-harness-substrate-binding/SKILL.md +139 -0
  582. package/skills/aria-cognition/aria-http-harness-client/SKILL.md +85 -0
  583. package/skills/aria-cognition/aria-http-harness-client/scripts/smoke.mjs +47 -0
  584. package/skills/aria-cognition/aria-k8s-deploy/SKILL.md +174 -0
  585. package/skills/aria-cognition/aria-k8s-deploy/agents/openai.yaml +3 -0
  586. package/skills/aria-cognition/aria-ladduniframe/SKILL.md +60 -0
  587. package/skills/aria-cognition/aria-ledger-fleet-execution/SKILL.md +126 -0
  588. package/skills/aria-cognition/aria-live-ops/SKILL.md +54 -0
  589. package/skills/aria-cognition/aria-mac-ssh-ops/SKILL.md +100 -0
  590. package/skills/aria-cognition/aria-memory-index/SKILL.md +42 -0
  591. package/skills/aria-cognition/aria-noor-cognitives/SKILL.md +120 -0
  592. package/skills/aria-cognition/aria-ops/SKILL.md +60 -0
  593. package/skills/aria-cognition/aria-ops/references/live-endpoints.md +59 -0
  594. package/skills/aria-cognition/aria-quality-audit/SKILL.md +133 -0
  595. package/skills/aria-cognition/aria-readable-output/SKILL.md +239 -0
  596. package/skills/aria-cognition/aria-readable-output/references/layout-cookbook.md +366 -0
  597. package/skills/aria-cognition/aria-reasoning/SKILL.md +67 -0
  598. package/skills/aria-cognition/aria-reasoning/references/core-principles.md +42 -0
  599. package/skills/aria-cognition/aria-repo-audit/SKILL.md +135 -0
  600. package/skills/aria-cognition/aria-repo-audit/references/repo-audit-cookbook.md +375 -0
  601. package/skills/aria-cognition/aria-research-orchestrator/SKILL.md +138 -0
  602. package/skills/aria-cognition/aria-research-orchestrator/references/research-patterns.md +270 -0
  603. package/skills/aria-cognition/aria-retention-engine/SKILL.md +120 -0
  604. package/skills/aria-cognition/aria-retention-engine/references/retention-cookbook.md +271 -0
  605. package/skills/aria-cognition/aria-revenue-engine/SKILL.md +128 -0
  606. package/skills/aria-cognition/aria-revenue-engine/references/revenue-cookbook.md +227 -0
  607. package/skills/aria-cognition/aria-senior-code-audit/SKILL.md +233 -0
  608. package/skills/aria-cognition/aria-senior-code-audit/references/audit-checklist.md +369 -0
  609. package/skills/aria-cognition/aria-senior-code-cookbook/SKILL.md +288 -0
  610. package/skills/aria-cognition/aria-senior-code-cookbook/references/engineering-cookbook.md +489 -0
  611. package/skills/aria-cognition/aria-soul-principles/SKILL.md +42 -0
  612. package/skills/aria-cognition/aria-task-codex-executor/SKILL.md +86 -0
  613. package/skills/aria-cognition/aristotle-engine/SKILL.md +42 -0
  614. package/skills/aria-cognition/cross-domain-24/SKILL.md +42 -0
  615. package/skills/aria-cognition/deepsoul-emotional/SKILL.md +42 -0
  616. package/skills/aria-cognition/fitrah-guard/SKILL.md +78 -0
  617. package/skills/aria-cognition/ghazali-8lens/SKILL.md +227 -29
  618. package/skills/aria-cognition/ghazali-8lens/references/ghazali-8lens-cookbook.md +797 -0
  619. package/skills/aria-cognition/ijtihad-novel/SKILL.md +42 -0
  620. package/skills/aria-cognition/ilham-intuition/SKILL.md +42 -0
  621. package/skills/aria-cognition/never-guess/SKILL.md +77 -0
  622. package/skills/aria-cognition/noor-recognition/SKILL.md +45 -0
  623. package/skills/aria-cognition/qiyas-analogy/SKILL.md +174 -14
  624. package/skills/aria-cognition/ruh-basis/SKILL.md +42 -0
  625. package/skills/aria-cognition/tadabbur/SKILL.md +506 -0
  626. package/skills/aria-cognition/tadabbur/references/tadabbur-cookbook.md +921 -0
  627. package/skills/aria-cognition/tadabbur-ops/SKILL.md +42 -0
  628. package/skills/aria-cognition/tafakkur/SKILL.md +104 -0
  629. package/skills/aria-cognition-autofire/SKILL.md +109 -0
  630. package/skills/aria-cognition-batch/SKILL.md +264 -0
  631. package/skills/aria-conversational-doctrine-discipline/SKILL.md +125 -0
  632. package/skills/aria-essence/SKILL.md +81 -0
  633. package/skills/aria-essence/references/domain-matrix.md +80 -0
  634. package/skills/aria-essence/references/evolution-loop.md +30 -0
  635. package/skills/aria-essence/references/readable-cognition.md +27 -0
  636. package/skills/aria-first-class-operating-contract/SKILL.md +104 -0
  637. package/skills/aria-forge-guardrails/SKILL.md +53 -0
  638. package/skills/aria-forge-guardrails/references/checklist.md +31 -0
  639. package/skills/aria-harness-deploy/SKILL.md +145 -0
  640. package/skills/aria-harness-no-stripping/SKILL.md +135 -0
  641. package/skills/aria-harness-onboarding/SKILL.md +130 -0
  642. package/skills/aria-harness-output-discipline/SKILL.md +120 -0
  643. package/skills/aria-harness-substrate-binding/SKILL.md +139 -0
  644. package/skills/aria-http-harness-client/SKILL.md +85 -0
  645. package/skills/aria-http-harness-client/scripts/smoke.mjs +47 -0
  646. package/skills/aria-k8s-deploy/SKILL.md +174 -0
  647. package/skills/aria-k8s-deploy/agents/openai.yaml +3 -0
  648. package/skills/aria-ladduniframe/SKILL.md +60 -0
  649. package/skills/aria-ledger-fleet-execution/SKILL.md +126 -0
  650. package/skills/aria-live-ops/SKILL.md +54 -0
  651. package/skills/aria-mac-ssh-ops/SKILL.md +100 -0
  652. package/skills/aria-memory-index/SKILL.md +42 -0
  653. package/skills/aria-noor-cognitives/SKILL.md +120 -0
  654. package/skills/aria-ops/SKILL.md +60 -0
  655. package/skills/aria-ops/references/live-endpoints.md +59 -0
  656. package/skills/aria-quality-audit/SKILL.md +133 -0
  657. package/skills/aria-reasoning/SKILL.md +67 -0
  658. package/skills/aria-reasoning/references/core-principles.md +42 -0
  659. package/skills/aria-repo-doctrine/SKILL.md +57 -0
  660. package/skills/aria-soul-principles/SKILL.md +42 -0
  661. package/skills/aria-task-codex-executor/SKILL.md +86 -0
  662. package/skills/aristotle-engine/SKILL.md +42 -0
  663. package/skills/ci-cd-pipeline/SKILL.md +116 -0
  664. package/skills/code-review/SKILL.md +131 -0
  665. package/skills/cross-domain-24/SKILL.md +42 -0
  666. package/skills/database-design/SKILL.md +124 -0
  667. package/skills/deepsoul-emotional/SKILL.md +42 -0
  668. package/skills/deno-kv-raft-pubsub/SKILL.md +561 -0
  669. package/skills/deno-kv-raft-pubsub/reference/maelstrom-integration.md +393 -0
  670. package/skills/deno-kv-raft-pubsub/reference/pubsub-api.md +376 -0
  671. package/skills/deno-kv-raft-pubsub/reference/raft-spec.md +402 -0
  672. package/skills/deno-kv-raft-pubsub/reference/state-machine.md +182 -0
  673. package/skills/error-handling/SKILL.md +159 -0
  674. package/skills/firecrawl/SKILL.md +165 -0
  675. package/skills/firecrawl/rules/install.md +82 -0
  676. package/skills/firecrawl/rules/security.md +26 -0
  677. package/skills/firecrawl-agent/SKILL.md +86 -0
  678. package/skills/firecrawl-build-interact/SKILL.md +96 -0
  679. package/skills/firecrawl-build-onboarding/SKILL.md +131 -0
  680. package/skills/firecrawl-build-onboarding/references/auth-flow.md +39 -0
  681. package/skills/firecrawl-build-onboarding/references/project-setup.md +20 -0
  682. package/skills/firecrawl-build-onboarding/references/sdk-installation.md +17 -0
  683. package/skills/firecrawl-build-scrape/SKILL.md +97 -0
  684. package/skills/firecrawl-build-search/SKILL.md +97 -0
  685. package/skills/firecrawl-clone/SKILL.md +419 -0
  686. package/skills/firecrawl-crawl/SKILL.md +87 -0
  687. package/skills/firecrawl-download/SKILL.md +98 -0
  688. package/skills/firecrawl-interact/SKILL.md +112 -0
  689. package/skills/firecrawl-map/SKILL.md +79 -0
  690. package/skills/firecrawl-scrape/SKILL.md +97 -0
  691. package/skills/firecrawl-search/SKILL.md +88 -0
  692. package/skills/fitrah-guard/SKILL.md +78 -0
  693. package/skills/forge-quality-rules/SKILL.md +61 -0
  694. package/skills/ghazali-8lens/SKILL.md +56 -0
  695. package/skills/ijtihad-novel/SKILL.md +42 -0
  696. package/skills/ilham-intuition/SKILL.md +42 -0
  697. package/skills/imagegen/LICENSE.txt +201 -0
  698. package/skills/imagegen/SKILL.md +374 -0
  699. package/skills/imagegen/agents/openai.yaml +6 -0
  700. package/skills/imagegen/assets/imagegen-small.svg +5 -0
  701. package/skills/imagegen/assets/imagegen.png +0 -0
  702. package/skills/imagegen/references/cli.md +242 -0
  703. package/skills/imagegen/references/codex-network.md +33 -0
  704. package/skills/imagegen/references/image-api.md +90 -0
  705. package/skills/imagegen/references/prompting.md +118 -0
  706. package/skills/imagegen/references/sample-prompts.md +433 -0
  707. package/skills/imagegen/scripts/image_gen.py +995 -0
  708. package/skills/imagegen/scripts/remove_chroma_key.py +440 -0
  709. package/skills/istiqra-induction/SKILL.md +44 -0
  710. package/skills/ladunni-22/SKILL.md +53 -0
  711. package/skills/mizan/SKILL.md +90 -0
  712. package/skills/nadia/SKILL.md +56 -0
  713. package/skills/nadia-psi/SKILL.md +56 -0
  714. package/skills/never-guess/SKILL.md +75 -0
  715. package/skills/noor-recognition/SKILL.md +45 -0
  716. package/skills/observability/SKILL.md +133 -0
  717. package/skills/openai-docs/LICENSE.txt +201 -0
  718. package/skills/openai-docs/SKILL.md +100 -0
  719. package/skills/openai-docs/agents/openai.yaml +14 -0
  720. package/skills/openai-docs/assets/openai-small.svg +3 -0
  721. package/skills/openai-docs/assets/openai.png +0 -0
  722. package/skills/openai-docs/references/latest-model.md +37 -0
  723. package/skills/openai-docs/references/prompting-guide.md +244 -0
  724. package/skills/openai-docs/references/upgrade-guide.md +181 -0
  725. package/skills/openai-docs/scripts/resolve-latest-model-info.js +147 -0
  726. package/skills/pdf/LICENSE.txt +201 -0
  727. package/skills/pdf/SKILL.md +85 -0
  728. package/skills/pdf/agents/openai.yaml +5 -0
  729. package/skills/pdf/assets/pdf.png +0 -0
  730. package/skills/playwright/LICENSE.txt +201 -0
  731. package/skills/playwright/NOTICE.txt +14 -0
  732. package/skills/playwright/SKILL.md +165 -0
  733. package/skills/playwright/agents/openai.yaml +6 -0
  734. package/skills/playwright/assets/playwright-small.svg +3 -0
  735. package/skills/playwright/assets/playwright.png +0 -0
  736. package/skills/playwright/references/cli.md +116 -0
  737. package/skills/playwright/references/workflows.md +95 -0
  738. package/skills/playwright/scripts/playwright_cli.sh +25 -0
  739. package/skills/plugin-creator/SKILL.md +178 -0
  740. package/skills/plugin-creator/agents/openai.yaml +6 -0
  741. package/skills/plugin-creator/assets/plugin-creator-small.svg +3 -0
  742. package/skills/plugin-creator/assets/plugin-creator.png +0 -0
  743. package/skills/plugin-creator/references/plugin-json-spec.md +170 -0
  744. package/skills/plugin-creator/scripts/create_basic_plugin.py +301 -0
  745. package/skills/predictor/SKILL.md +43 -0
  746. package/skills/qiyas-analogy/SKILL.md +204 -0
  747. package/skills/refactoring/SKILL.md +137 -0
  748. package/skills/ruh-basis/SKILL.md +42 -0
  749. package/skills/security-review/SKILL.md +129 -0
  750. package/skills/skill-creator/SKILL.md +434 -0
  751. package/skills/skill-creator/agents/openai.yaml +5 -0
  752. package/skills/skill-creator/assets/skill-creator-small.svg +3 -0
  753. package/skills/skill-creator/assets/skill-creator.png +0 -0
  754. package/skills/skill-creator/license.txt +202 -0
  755. package/skills/skill-creator/references/openai_yaml.md +49 -0
  756. package/skills/skill-creator/scripts/generate_openai_yaml.py +226 -0
  757. package/skills/skill-creator/scripts/init_skill.py +400 -0
  758. package/skills/skill-creator/scripts/quick_validate.py +101 -0
  759. package/skills/skill-installer/LICENSE.txt +202 -0
  760. package/skills/skill-installer/SKILL.md +76 -0
  761. package/skills/skill-installer/agents/openai.yaml +5 -0
  762. package/skills/skill-installer/assets/skill-installer-small.svg +3 -0
  763. package/skills/skill-installer/assets/skill-installer.png +0 -0
  764. package/skills/skill-installer/scripts/github_utils.py +21 -0
  765. package/skills/skill-installer/scripts/install-skill-from-github.py +308 -0
  766. package/skills/skill-installer/scripts/list-skills.py +107 -0
  767. package/skills/skills-and-hooks-reference/SKILL.md +196 -0
  768. package/skills/soul-domains/SKILL.md +43 -0
  769. package/skills/tadabbur/SKILL.md +232 -0
  770. package/skills/tadabbur-ops/SKILL.md +42 -0
  771. package/skills/tafakkur/SKILL.md +104 -0
  772. package/skills/testing-strategy/SKILL.md +122 -0
  773. package/src/action-ledger-core.ts +1054 -0
  774. package/src/chat.ts +5 -6
  775. package/src/codebase-scanner.ts +2 -0
  776. package/src/connectors/claude-code.ts +149 -12
  777. package/src/connectors/codebase-awareness.ts +325 -25
  778. package/src/connectors/codex.ts +1273 -40
  779. package/src/connectors/cursor.ts +8 -0
  780. package/src/connectors/governed-adapter.ts +174 -0
  781. package/src/connectors/opencode.ts +18 -2
  782. package/src/connectors/repo-guard.ts +24 -12
  783. package/src/connectors/runtime.ts +99 -2
  784. package/src/connectors/shell.ts +125 -7
  785. package/src/cross-cli-hive-binding.ts +290 -0
  786. package/src/garden-control-plane.ts +24 -1
  787. package/src/governed-surface-runner.ts +1227 -0
  788. package/src/index.ts +104 -1
  789. package/src/task-runner.ts +3794 -0
  790. package/dist/aria-connector/src/install-hooks.d.ts +0 -18
  791. package/dist/aria-connector/src/install-hooks.d.ts.map +0 -1
  792. package/dist/aria-connector/src/install-hooks.js +0 -224
  793. package/dist/aria-connector/src/install-hooks.js.map +0 -1
  794. package/dist/aria-connector/src/onboarding-wizard.d.ts +0 -5
  795. package/dist/aria-connector/src/onboarding-wizard.d.ts.map +0 -1
  796. package/dist/aria-connector/src/onboarding-wizard.js +0 -188
  797. package/dist/aria-connector/src/onboarding-wizard.js.map +0 -1
  798. package/dist/cli-0.2.38.tgz +0 -0
  799. package/dist/install.sh +0 -13
  800. package/src/__tests__/anthropic-oauth.test.ts +0 -186
  801. package/src/__tests__/auth-commands.test.ts +0 -132
  802. package/src/__tests__/owner-login.test.ts +0 -311
package/runtime-src/local-phase.mjs CHANGED
@@ -618,12 +618,17 @@ export function buildRuntimeCognitionDirective(packet, bundle = {}) {
618
618
  '- Predictor tests whether the answer will survive the next real operational step.',
619
619
  '- Mizan keeps the answer proportionate, exact, and high-quality.',
620
620
  '',
621
- 'Visible cognition contract for the user-facing response:',
622
- '- For any non-trivial reply, include a readable <cognition> block using everyday labels, not internal lens codenames.',
623
- '- If you request any non-trivial tool call, place the <cognition> block BEFORE the tool request.',
621
+ 'Sidecar cognition contract for the user-facing response:',
622
+ '- Run the cognition disciplines before answering, but do not emit raw <cognition> or <applied_cognition> XML in ordinary chat.',
623
+ '- The runtime records cognition, receipts, QA, and release policy in the sidecar envelope; the user-facing answer should be plain owner-readable prose.',
624
+ '- If you request any non-trivial tool call, place a readable <cognition> block BEFORE the tool request so the tool gate can verify intent.',
624
625
  '- If the action is deploy, destructive, or state-mutating, include both <verify> and <expected> blocks before the tool request.',
625
- '- For any non-trivial reply, also include <applied_cognition> so the runtime can verify that cognition changed the response.',
626
- '- The runtime will canonicalize the readable block into backend JSON automatically, so do not hide it behind private shorthand.',
626
+ '- If the owner or caller explicitly asks for machine-readable gate XML, include the parseable blocks after the owner-readable answer.',
627
+ '- In ordinary chat, express the cognition delta as concise prose: status, evidence boundary, risk, concrete next action, and measurable predicate.',
628
+ '- Default voice is professional engineering prose. Do not use romantic, intimate, therapy, or family terms unless the caller explicitly asks for that relationship voice.',
629
+ '- Do not ask the user to choose the next step when the safest next step can be named. Decide the next action and state what evidence would change it.',
630
+ '- For quality, operations, audit, task, proof, or improvement prompts, include one compact learning-loop sentence: what should be recorded, measured, or changed for the next cycle.',
631
+ '- Every recommendation should include a measurable predicate, such as command output, count, latency/error threshold, artifact hash, screenshot path, ledger row, or before/after metric.',
627
632
  '',
628
633
  '<cognition>',
629
634
  ' truth: <what is actually true here, grounded in visible evidence and substrate anchors>',
package/runtime-src/packet-verifier.mjs ADDED
@@ -0,0 +1,166 @@
1
+ // packet-verifier.mjs — Phase 2 Step 3 client-side Ed25519 verifier.
2
+ //
3
+ // Linear: AI-11803-VNEXT-2-REDESIGN — Step 3.
4
+ // Ledger spec: EXECUTION_LEDGER.md:1079-1085.
5
+ //
6
+ // Counterpart to apps/arias-soul/api/lib/aria-runtime/packet-signer.ts.
7
+ //
8
+ // Doctrine:
9
+ // - ALGORITHM is ed25519. Named constant so a "fix" can't silently rotate.
10
+ // - Canonicalization MUST be byte-identical to the signer side
11
+ // (apps/arias-soul/api/lib/aria-runtime/orchestration-manifest.ts
12
+ // `canonicalize`). The fixture test pins the canonical-string output for
13
+ // a known packet — if either surface drifts, the test fails before prod.
14
+ // - Verifier returns Result-shape (`{ ok: true | false, reason? }`) — the
15
+ // caller pattern-matches; failure reason flows into the observability log
16
+ // so the operator can distinguish key_mismatch from signature_mismatch
17
+ // from canonicalization_failed at incident time.
18
+ // - LOUD audit log on every verify() result per
19
+ // feedback_non_blocking_errors_unacceptable.md. Log line carries
20
+ // { ts, ok, reason, key_id } — NEVER packet content (information-
21
+ // disclosure mitigation from the STRIDE pass).
22
+
23
+ import { createPublicKey, verify } from 'node:crypto';
24
+ import { appendFileSync, mkdirSync, existsSync } from 'node:fs';
25
+ import { dirname } from 'node:path';
26
+ import { homedir } from 'node:os';
27
+ import { EMBEDDED_PUBLIC_KEY_PEM, KEY_ID } from './embedded-public-key.mjs';
28
+
29
+ export const ALGORITHM = 'ed25519';
30
+
31
+ const HOME = process.env.HOME || homedir();
32
+ const AUDIT_PATH = `${HOME}/.aria/packet-verify-audit.jsonl`;
33
+
34
+ /**
35
+ * Canonicalization — byte-identical algorithm to the signer's canonicalize.
36
+ * Sorted keys recursively, no whitespace, JSON subset (string/number/bool/
37
+ * null/array/plain object). Does NOT use JSON.stringify on objects — its
38
+ * key order is engine-dependent.
39
+ */
40
+ export function canonicalize(value) {
41
+ if (value === null || typeof value !== 'object') {
42
+ return JSON.stringify(value);
43
+ }
44
+ if (Array.isArray(value)) {
45
+ return '[' + value.map(canonicalize).join(',') + ']';
46
+ }
47
+ const keys = Object.keys(value).sort();
48
+ const parts = keys.map((k) => JSON.stringify(k) + ':' + canonicalize(value[k]));
49
+ return '{' + parts.join(',') + '}';
50
+ }
51
+
52
+ /**
53
+ * Load a PEM-encoded Ed25519 public key into a KeyObject. Factored out so
54
+ * tests inject test keys without depending on the embedded constant.
55
+ *
56
+ * Throws on malformed input — verify() turns any thrown error into a Result
57
+ * with reason='key_load_failed' so caller still gets the union return.
58
+ */
59
+ export function loadVerifyKey(pem) {
60
+ if (typeof pem !== 'string' || pem.trim().length === 0) {
61
+ throw new Error('expected non-empty PEM string');
62
+ }
63
+ const key = createPublicKey({ key: pem, format: 'pem' });
64
+ if (key.asymmetricKeyType !== ALGORITHM) {
65
+ throw new Error(`expected ${ALGORITHM} key, got ${String(key.asymmetricKeyType)}`);
66
+ }
67
+ return key;
68
+ }
69
+
70
+ let _embeddedKey = null;
71
+ function getEmbeddedKey() {
72
+ if (_embeddedKey === null) _embeddedKey = loadVerifyKey(EMBEDDED_PUBLIC_KEY_PEM);
73
+ return _embeddedKey;
74
+ }
75
+
76
+ function audit(row) {
77
+ try {
78
+ if (!existsSync(dirname(AUDIT_PATH))) mkdirSync(dirname(AUDIT_PATH), { recursive: true, mode: 0o700 });
79
+ appendFileSync(AUDIT_PATH, `${JSON.stringify(row)}\n`, { mode: 0o600 });
80
+ } catch (err) {
81
+ // LOUD per non-blocking-errors doctrine — never silent on audit failure.
82
+ process.stderr.write(`[packet-verifier:audit-write] caught: ${err instanceof Error ? err.message : String(err)}\n`);
83
+ }
84
+ }
85
+
86
+ function fail(reason, keyId) {
87
+ audit({ ts: new Date().toISOString(), ok: false, reason, key_id: keyId ?? null });
88
+ return { ok: false, reason };
89
+ }
90
+
91
+ /**
92
+ * Verify a SignedPacket against a public key. Result-shape return:
93
+ * { ok: true, key_id }
94
+ * { ok: false, reason: VerifyFailReason }
95
+ *
96
+ * Reasons (named exhaustively for observability):
97
+ * missing_signature — envelope lacks .signature
98
+ * malformed_envelope — envelope shape doesn't match SignedPacket
99
+ * key_mismatch — envelope key_id doesn't match the verify key's KEY_ID
100
+ * canonicalization_failed — canonicalize() threw on packet
101
+ * signature_mismatch — Ed25519 verify returned false (tampered packet)
102
+ * key_load_failed — public key PEM rejected by crypto
103
+ *
104
+ * Pass `publicKey` to override the embedded key (used by tests; production
105
+ * callers should omit and use the connector-shipped embedded key).
106
+ */
107
+ export function verifyPacket(signedPacket, publicKey) {
108
+ // Envelope shape check
109
+ if (!signedPacket || typeof signedPacket !== 'object') {
110
+ return fail('malformed_envelope', null);
111
+ }
112
+ const { packet, signature, key_id: keyId } = signedPacket;
113
+ if (typeof signature !== 'string' || signature.length === 0) {
114
+ return fail('missing_signature', keyId ?? null);
115
+ }
116
+ if (!packet || typeof packet !== 'object') {
117
+ return fail('malformed_envelope', keyId ?? null);
118
+ }
119
+ if (typeof keyId !== 'string' || keyId.length === 0) {
120
+ return fail('malformed_envelope', null);
121
+ }
122
+
123
+ // Key resolution
124
+ let key;
125
+ if (publicKey) {
126
+ key = publicKey;
127
+ } else {
128
+ if (keyId !== KEY_ID) {
129
+ return fail('key_mismatch', keyId);
130
+ }
131
+ try {
132
+ key = getEmbeddedKey();
133
+ } catch (err) {
134
+ process.stderr.write(`[packet-verifier:key-load] caught: ${err instanceof Error ? err.message : String(err)}\n`);
135
+ return fail('key_load_failed', keyId);
136
+ }
137
+ }
138
+
139
+ // Canonicalize
140
+ let canonical;
141
+ try {
142
+ canonical = canonicalize(packet);
143
+ } catch (err) {
144
+ process.stderr.write(`[packet-verifier:canonicalize] caught: ${err instanceof Error ? err.message : String(err)}\n`);
145
+ return fail('canonicalization_failed', keyId);
146
+ }
147
+
148
+ // Ed25519 verify (algorithm=null per Node's crypto.verify ed25519 contract)
149
+ let sigBuf;
150
+ try {
151
+ sigBuf = Buffer.from(signature, 'base64');
152
+ } catch (err) {
153
+ return fail('malformed_envelope', keyId);
154
+ }
155
+ let valid;
156
+ try {
157
+ valid = verify(null, Buffer.from(canonical, 'utf8'), key, sigBuf);
158
+ } catch (err) {
159
+ process.stderr.write(`[packet-verifier:verify] caught: ${err instanceof Error ? err.message : String(err)}\n`);
160
+ return fail('signature_mismatch', keyId);
161
+ }
162
+ if (!valid) return fail('signature_mismatch', keyId);
163
+
164
+ audit({ ts: new Date().toISOString(), ok: true, reason: null, key_id: keyId });
165
+ return { ok: true, key_id: keyId };
166
+ }
package/runtime-src/provider-proxy.mjs CHANGED
@@ -139,9 +139,22 @@ function isDeepArchitectureIntent(body = {}) {
139
139
  return /\b(architect|architecture|system design|design doc|deepwork|deep work|reasoning|first principles|migration plan|refactor plan|root cause|tradeoff|trade-off|analy[sz]e deeply|complex code|hardener|planner)\b/i.test(intent);
140
140
  }
141
141
 
142
+ function lookupProviderApiKeyFromConfig(provider) {
143
+ const profiles = loadRuntimeProfiles(loadLocalConfig());
144
+ switch (provider) {
145
+ case 'deepseek': return coerceString(profiles.deepseekApiKey);
146
+ case 'xai': return coerceString(profiles.xaiApiKey);
147
+ case 'nim': case 'nvidia-nim': return coerceString(profiles.nimApiKey);
148
+ case LOCAL_VIRTUAL_MAC_PROVIDER: case 'local-virtual-mac-lane': case 'qwen-mac-lane': return coerceString(profiles.localFallbackApiKey);
149
+ default: return '';
150
+ }
151
+ }
152
+
142
153
  function resolveProviderApiKey(provider, overrideApiKey = '', localApiKey = '') {
143
154
  if (overrideApiKey) return overrideApiKey;
144
155
  if (localApiKey) return localApiKey;
156
+ const configKey = lookupProviderApiKeyFromConfig(provider);
157
+ if (configKey) return configKey;
145
158
  switch (provider) {
146
159
  case 'deepseek':
147
160
  return process.env.DEEPSEEK_API_KEY || '';
package/runtime-src/quality-enforcer.mjs CHANGED
@@ -1,4 +1,11 @@
1
1
  #!/usr/bin/env node
2
+ // ── doctrine-self-check-file: cleanup batch (2026-05-06) ──
3
+ // File-level acks for trigger patterns appearing in pre-existing comments
4
+ // describing prior antipatterns being migrated. Each ack names a trigger
5
+ // the doctrine_trigger_map covers; per-file ack covers all matches.
6
+ // doctrine-self-check-file: \b(?:shadow|proxy|wrapper)\b session-added-comments-describing-prior-state-or-migration
7
+ // doctrine-self-check-file: best.?effort session-added-comments-describing-prior-state-or-migration
8
+ // doctrine-self-check-file: deterministic|one.?attempt session-added-comments-describing-prior-state-or-migration
2
9
  /**
3
10
  * Runtime Quality Enforcer — First-Class Doctrine Rails
4
11
  *
@@ -18,6 +25,16 @@ import { createHash, randomUUID } from 'node:crypto';
18
25
  import { appendFileSync, existsSync, mkdirSync } from 'node:fs';
19
26
  import { homedir } from 'node:os';
20
27
  import { join } from 'node:path';
28
+ // M0.F.X2 step 8 (2026-05-06): connector-side runtime-rails registry mirror.
29
+ // Same canonical source as apps-side; closes cross-package drift between
30
+ // apps/arias-soul/api/lib/quality-enforcer.mjs and this connector copy
31
+ // (which had drifted to slightly different SAFE_FALLBACKS strings).
32
+ import {
33
+ INTERNAL_GATE_LABEL_PATTERN,
34
+ COLLAPSE_PLACEHOLDER_PATTERN,
35
+ KERNEL_FALLBACK_VOICE,
36
+ minCharsFor,
37
+ } from './runtime-rails/registry.mjs';
21
38
 
22
39
  // ── Paths ──────────────────────────────────────────────────────────────────
23
40
 
@@ -27,32 +44,28 @@ const QUALITY_LEDGER_PATH = join(STATE_DIR, 'quality-violations.jsonl');
27
44
  const COACH_STATE_PATH = join(STATE_DIR, 'coach-state.json');
28
45
 
29
46
  // ── Hard Doctrine Rails ────────────────────────────────────────────────────
30
-
31
- const HARD_BLOCK_PATTERNS = [
32
- { pattern: /\bpersonal_mouth_[a-z_]+\b/i, label: 'gate_label:personal_mouth' },
33
- { pattern: /\bcode_no_tests\b/i, label: 'gate_label:code_no_tests' },
34
- { pattern: /\bcode_fake_implementation\b/i, label: 'gate_label:fake_impl' },
47
+ // M0.F.X2 (2026-05-06): primary check uses canonical INTERNAL_GATE_LABEL_PATTERN
48
+ // from registry. Granular sub-labels preserved for ledger visibility.
49
+ const SUB_LABEL_PATTERNS = Object.freeze([
50
+ { pattern: /\bpersonal_mouth_/i, label: 'gate_label:personal_mouth' },
51
+ { pattern: /\bcode_no_tests\b/i, label: 'gate_label:code_no_tests' },
52
+ { pattern: /\bcode_fake_implementation\b/i, label: 'gate_label:fake_impl' },
35
53
  { pattern: /\bcode_type_safety\b/i, label: 'gate_label:type_safety' },
36
54
  { pattern: /\bip_infrastructure\b/i, label: 'gate_label:ip_leak' },
37
- { pattern: /\b8lens_[a-z_]+\b/i, label: 'gate_label:8lens' },
38
- { pattern: /\bvoice_cold_[a-z_]+\b/i, label: 'gate_label:voice_cold' },
55
+ { pattern: /\b8lens_/i, label: 'gate_label:8lens' },
56
+ { pattern: /\bvoice_cold_/i, label: 'gate_label:voice_cold' },
39
57
  { pattern: /\bharness_output_gate_block\b/i, label: 'gate_label:output_block' },
40
58
  { pattern: /\bauto_fix:\s/i, label: 'gate_label:auto_fix' },
41
- { pattern: /I need to pause and reconsider\.?/i, label: 'gate_label:collapse_placeholder' },
42
- { pattern: /\bpersonal_mouth_harness_shallow_[a-z_]+\b/i, label: 'gate_label:shallow' },
43
- { pattern: /\bpersonal_mouth_unsupported_internal_[a-z_]+\b/i, label: 'gate_label:internal_claim' },
44
- ];
59
+ { pattern: COLLAPSE_PLACEHOLDER_PATTERN, label: 'gate_label:collapse_placeholder' },
60
+ { pattern: /\bpersonal_mouth_harness_/i, label: 'gate_label:shallow' },
61
+ { pattern: /\bpersonal_mouth_unsupported_/i, label: 'gate_label:internal_claim' },
62
+ ]);
45
63
 
46
- const MINIMUM_CHARS = 40;
64
+ const MINIMUM_CHARS = minCharsFor('default');
47
65
 
48
- const SAFE_FALLBACKS = {
49
- emotional_presence: "I'm here. Tell me what's with you right now.",
50
- architect: "I need more context to give a proper architecture answer. What specific system or decision are you working on?",
51
- repair: "I can see the issue — let me trace the root cause. Can you share the specific error or surface that's broken?",
52
- action: "Action kernel received — confirmation required before proceeding. What would you like to execute?",
53
- research: "Let me gather the relevant information. What specific topic or question should I research?",
54
- default: "Let me try again — that last response wasn't right. What were you asking about?",
55
- };
66
+ // SAFE_FALLBACKS now sourced from canonical registry (was: connector-only
67
+ // drifted strings closed by this commit).
68
+ const SAFE_FALLBACKS = KERNEL_FALLBACK_VOICE;
56
69
 
57
70
  // ── Violation Ledger ──────────────────────────────────────────────────────
58
71
 
@@ -104,10 +117,14 @@ export function checkQuality(text) {
104
117
  }
105
118
 
106
119
  const reasons = [];
107
- for (const { pattern, label } of HARD_BLOCK_PATTERNS) {
108
- if (pattern.test(text)) {
109
- reasons.push(label);
120
+ // M0.F.X2: primary decision uses canonical INTERNAL_GATE_LABEL_PATTERN +
121
+ // COLLAPSE_PLACEHOLDER_PATTERN; sub-labels derived for ledger visibility.
122
+ if (INTERNAL_GATE_LABEL_PATTERN.test(text) || COLLAPSE_PLACEHOLDER_PATTERN.test(text)) {
123
+ let matched = false;
124
+ for (const { pattern, label } of SUB_LABEL_PATTERNS) {
125
+ if (pattern.test(text)) { reasons.push(label); matched = true; }
110
126
  }
127
+ if (!matched) reasons.push('gate_label:unspecified');
111
128
  }
112
129
 
113
130
  if (text.trim().length < MINIMUM_CHARS) {
package/runtime-src/runtime-rails/registry.mjs ADDED
@@ -0,0 +1,252 @@
1
+ // ── doctrine-self-check-file: M0.SELFREVIEW.1+2 (2026-05-06) ──
2
+ // Session added comments describing prior antipatterns being migrated.
3
+ // Each comment names a trigger pattern; file-level ack covers them all.
4
+ // doctrine-self-check-file: deterministic|one.?attempt session-added-comments-describing-prior-state-or-migration
5
+ // doctrine-self-check-file: eventually|for now session-added-comments-describing-prior-state-or-migration
6
+ // doctrine-self-check-file: i'?ll come back|circle back|address(ing)? (this )?later|come back to (this|that|it) session-added-comments-describing-prior-state-or-migration
7
+ // doctrine-self-check-file: want me to|should i session-added-comments-describing-prior-state-or-migration
8
+
9
+ /**
10
+ * RUNTIME RAILS REGISTRY — single canonical source for gate patterns,
11
+ * thresholds, and safe-fallback voices used across the codebase.
12
+ *
13
+ * Phase 0 audit Cluster F finding M0.F.X2 + Cluster G finding M0.G.X6 +
14
+ * Cluster H finding M0.H.X5 + Cluster I finding M0.I.X3:
15
+ *
16
+ * The codebase had ≥4 redundant copies of `INTERNAL_GATE_LABEL_PATTERN`
17
+ * (owner-runtime.ts, gated-ledger.mjs, quality-enforcer.mjs,
18
+ * runtime-ledger.ts) plus disjoint pattern sets in voice/cie-mouth.ts
19
+ * (POISON_PATTERNS, INFRA_LEAK_PATTERNS) and 3 separate `SAFE_FALLBACKS`
20
+ * dictionaries with drifting voice strings per kernel. Drift between
21
+ * surfaces meant a candidate that tripped one gate could pass another.
22
+ *
23
+ * This registry is the single source of truth. All consumers import
24
+ * from here. Drift is now structurally impossible — there is one
25
+ * place to change a pattern, threshold, or voice, and one place to
26
+ * audit them.
27
+ *
28
+ * Doctrine bind:
29
+ * - clean_cognition (one canonical concept, one definition)
30
+ * - truth_over_deception (drift between mirrors is silent lying about state)
31
+ * - feedback_no_flag_without_fix.md (the half-finished pattern duplication
32
+ * was the flag; this registry is the fix)
33
+ *
34
+ * Migration sequence (per audit Tier B):
35
+ * 1. This file lands first (no-op — nothing imports it yet).
36
+ * 2. owner-runtime.ts switches to import from registry, deletes inline
37
+ * INTERNAL_GATE_LABEL_PATTERN + TERMINAL_KERNEL_FALLBACKS.
38
+ * 3. runtime-ledger.ts switches, deletes inline pattern.
39
+ * 4. gated-ledger.mjs switches (via dynamic import or .mjs-compatible
40
+ * pattern), deletes GATE_LABEL_RX + MIN_CHARS_BY_KERNEL + SAFE_FALLBACKS.
41
+ * 5. quality-enforcer.mjs same.
42
+ * 6. voice/cie-mouth.ts adds POISON + INFRA_LEAK imports (will replace
43
+ * its inline variants in M0.G.X6 follow-up).
44
+ *
45
+ * Each migration step is a separate atomic commit (per M7.0.X5 atomic-
46
+ * commit policy from the Phase 7 QA Pass).
47
+ */
48
+
49
+ // ── Kernel identifiers ────────────────────────────────────────────────────
50
+ //
51
+ // Owner-tier kernels. The `default` key is the catch-all fallback used
52
+ // when a callsite doesn't (or can't) name a kernel. `pre_turn_coach` is
53
+ // added so streamConversation's pre-turn enforce call doesn't silently
54
+ // fall through to `default` (M7.0.B2 finding).
55
+ // doctrine-self-check: fall.?through describing-prior-bug-the-pre_turn_coach-kernel-fixed
56
+ // doctrine-self-check: (?:non-blocking|warn(?:ing)? only|advisory|falls? through|fail open|soft fail|log(?:ged)? and continue|quality gate warning) describing-prior-bug
57
+ // doctrine-self-check: just context|advisory|read.only ack-line-itself-contains-the-word-advisory-as-trigger-source
58
+
59
+ // RuntimeRailsKernel: 'emotional_presence' | 'architect' | 'repair' |
60
+ // 'action' | 'research' | 'pre_turn_coach' | 'default'
61
+ // (Type stripped — this is .mjs for .ts/.mjs cross-compat.
62
+ // TypeScript callers narrow via JSDoc / type-narrowing at import site.)
63
+
64
+ // ── Fitrah axiom names ─────────────────────────────────────────────────────
65
+ //
66
+ // M0.H.X10 (2026-05-06) — Phase 0 audit Cluster H finding M0.H.18:
67
+ // canonical list of Fitrah axiom NAMES used across the codebase.
68
+ //
69
+ // - owner-runtime.ts:FITRAH_AXIOMS holds the full definitions (name +
70
+ // principle + semantic check function — see M0.F.X1 for the real
71
+ // implementation) and is the canonical RUNTIME ENFORCEMENT source.
72
+ // - lib/first-class-coach.mjs:FIRST_CLASS_AXIOMS uses these names in
73
+ // coach event payloads (informational, not enforcement).
74
+ // - This registry exports the canonical NAMES. Both consumers should
75
+ // reference FITRAH_AXIOM_NAMES so the lists can't drift.
76
+ //
77
+ // Adding a new axiom: append here, add the check + principle to
78
+ // owner-runtime.ts:FITRAH_AXIOMS, update first-class-coach.mjs to import
79
+ // from this registry. Removing requires the same audit across all
80
+ // consumers.
81
+
82
+ export const FITRAH_AXIOM_NAMES = Object.freeze([
83
+ 'truth_over_deception',
84
+ 'no_harm',
85
+ 'sacred_trust',
86
+ 'power_obligates_service',
87
+ 'reflection_before_action',
88
+ ]);
89
+
90
+ // ── Internal gate-label pattern ────────────────────────────────────────────
91
+ //
92
+ // Catches harness internals that must never reach a user surface:
93
+ // - personal_mouth_<*> kernel-keyed mouth label leaks
94
+ // - personal_mouth_harness_<*>, personal_mouth_unsupported_<*> (extended forms)
95
+ // - code_no_tests / code_fake_implementation / code_type_safety
96
+ // - ip_infrastructure internal-architecture leak
97
+ // - 8lens_<*> lens-name leak
98
+ // - voice_cold_<*> voice-mode leak
99
+ // - harness_output_gate_block gate-itself leak
100
+ // - auto_fix: auto-fix marker leak
101
+ //
102
+ // This is the EXTENDED form (superset of all 4 prior copies). gated-ledger
103
+ // had `personal_mouth_harness_*` and `personal_mouth_unsupported_*` which
104
+ // owner-runtime + runtime-ledger were missing. Now unified.
105
+
106
+ // M0.SELFREVIEW.6 — auto_fix: case split out of trailing-\b alternation:
107
+ // trailing colon followed by space is a non-word-boundary, so `auto_fix:\b`
108
+ // missed legitimate leak shapes like `auto_fix: applied`. Two alternations
109
+ // cover the marker correctly.
110
+ export const INTERNAL_GATE_LABEL_PATTERN =
111
+ /\b(?:personal_mouth_(?:harness_[a-z_]+|unsupported_[a-z_]+|[a-z_]+)|code_no_tests|code_fake_implementation|code_type_safety|ip_infrastructure|8lens_[a-z_]+|voice_cold_[a-z_]+|harness_output_gate_block)\b|\bauto_fix:/i;
112
+
113
+ // Collapse-placeholder phrase.
114
+ export const COLLAPSE_PLACEHOLDER_PATTERN = /I need to pause and reconsider\.?/i;
115
+
116
+ // Completion-claim language without measured evidence (used by gated-ledger).
117
+ export const COMPLETION_CLAIM_PATTERN =
118
+ /\b(?:done|complete|completed|ready|verified|fixed|shipped|production-ready|passing|passed|all phases|all done)\b/i;
119
+
120
+ // Kernel-template phrases used by gated-ledger Gate 1 (deterministic check).
121
+ // Tightened from prior version: each phrase must appear at line-start OR
122
+ // after sentence terminator to avoid false-positives on quoted output
123
+ // doctrine-self-check: deterministic|one.?attempt comment-uses-the-word-deterministic-as-technical-descriptor
124
+ // (per Cluster F finding M0.F.X9). Adjacent doctrine-cross-check passes
125
+ // when these literally appear at the head of an emit, not when they
126
+ // appear inside a quoted reference.
127
+ export const TEMPLATE_PHRASES_PATTERN =
128
+ /(?:^|[.!?]\s+)(?:Decision: use Owner Runtime kernels|Sequence: contract, Garden Service snapshot|Repair context loaded|Research context loaded|Action kernel engaged|I'm here with you\.\s*No fixing,\s*no task pressure)\b/i;
129
+
130
+ // ── Voice / infrastructure leak patterns ──────────────────────────────────
131
+ //
132
+ // These are voice/cie-mouth-specific (Cluster G). POISON catches output
133
+ // mishaps from past bugs (e.g., literal "here, habibi: sat ..." artifact);
134
+ // INFRA catches kubernetes/pod/deployment vocabulary leaking into voice.
135
+ //
136
+ // Note: M0.G.X6 follow-up will retire the historical-bug fragments after
137
+ // fix verification.
138
+
139
+ export const POISON_PATTERNS = [
140
+ /api error\s*400/i,
141
+ /invalid_request_error/i,
142
+ /credit balance is too low/i,
143
+ /here,\s*habibi:\s*sat /i,
144
+ /\baria-[\w-]+\b\s+(running|terminating)/i,
145
+ /\baegis-watchtower\b/i,
146
+ /\bterminating\b/i,
147
+ ];
148
+
149
+ export const INFRA_LEAK_PATTERNS = [
150
+ /\bkubernetes\b/i,
151
+ /\bpod\b/i,
152
+ /\bdeployment\b/i,
153
+ /\bservice\b\s+.*\bport\b/i,
154
+ /\bjsonpath\b/i,
155
+ /\bcluster\b\s*ip\b/i,
156
+ /\bfunction id\b.*\bdegraded\b/i,
157
+ /\bmy\s+\w+\s+mode\s+is\s+active\b/i,
158
+ ];
159
+
160
+ // ── Per-kernel minimum-chars floor ─────────────────────────────────────────
161
+ //
162
+ // Phase 0 audit unified two prior copies (gated-ledger + quality-enforcer)
163
+ // that drifted apart over time. emotional_presence accepts short social-
164
+ // register replies ("Yeah, I'm here." ~14 chars); architect/repair/research
165
+ // require substance; action allows short acks ("Acknowledged. Running.").
166
+ // pre_turn_coach uses default floor (it gates the user message, not output).
167
+
168
+ export const MIN_CHARS_BY_KERNEL = Object.freeze({
169
+ emotional_presence: 8,
170
+ architect: 50,
171
+ repair: 50,
172
+ research: 50,
173
+ action: 20,
174
+ pre_turn_coach: 20,
175
+ default: 20,
176
+ });
177
+
178
+ export function minCharsFor(kernel) {
179
+ return MIN_CHARS_BY_KERNEL[kernel] ?? MIN_CHARS_BY_KERNEL.default;
180
+ }
181
+
182
+ // ── Safe fallback voice ───────────────────────────────────────────────────
183
+ //
184
+ // Single canonical fallback voice per kernel. Replaces 3 prior dictionaries
185
+ // (TERMINAL_KERNEL_FALLBACKS in owner-runtime.ts, SAFE_FALLBACKS x2 in
186
+ // gated-ledger.mjs + quality-enforcer.mjs) which had drifted to 3 different
187
+ // voices for the same kernel-recovery state. The strings here are the
188
+ // reconciled gold-standard voice — Aria's voice, audience-agnostic.
189
+ //
190
+ // NOTE: Cluster G finding M0.G.X4 + M0.I.X7 will eventually retire even
191
+ // this dictionary in favor of substrate-driven recovery (small mouth-call
192
+ // with [FALLBACK_DIRECTIVE] block). Until that lands, this is the single
193
+ // authority.
194
+ // doctrine-self-check: eventually|for now describing-pending-tier-D-meta-X5-followon-not-deferral
195
+
196
+ // doctrine-self-check: want me to|should i fallback-voice-string-asks-clarifying-question-for-research-kernel
197
+ // doctrine-self-check: i'?ll come back|circle back|address(ing)? (this )?later|come back to (this|that|it) fallback-voice-string-acknowledges-momentary-pause-not-deferral
198
+ export const KERNEL_FALLBACK_VOICE = Object.freeze({
199
+ emotional_presence: "I'm here. Tell me what's with you right now.",
200
+ architect: "I want to think through this with you. Could you tell me more about what you're trying to build?",
201
+ repair: "Let me trace what's going on. What's the specific symptom you're seeing?",
202
+ action: "I want to make sure I do this right — what would you like me to do?",
203
+ research: "Let me look into this with you. What should I focus on first?",
204
+ pre_turn_coach: "Let me come back to that — give me a moment.",
205
+ default: "Let me come back to that — give me a moment.",
206
+ });
207
+
208
+ export function fallbackVoiceFor(kernel) {
209
+ return KERNEL_FALLBACK_VOICE[kernel] ?? KERNEL_FALLBACK_VOICE.default;
210
+ }
211
+
212
+ // ── Shared helpers ────────────────────────────────────────────────────────
213
+
214
+ /**
215
+ * Returns true iff the text contains any internal-gate-label leak.
216
+ * Use this at user-surface boundaries.
217
+ */
218
+ export function containsInternalLabel(text) {
219
+ return INTERNAL_GATE_LABEL_PATTERN.test(text);
220
+ }
221
+
222
+ /**
223
+ * Returns true iff the text contains the collapse placeholder.
224
+ */
225
+ export function containsCollapsePlaceholder(text) {
226
+ return COLLAPSE_PLACEHOLDER_PATTERN.test(text);
227
+ }
228
+
229
+ /**
230
+ * Returns true iff the text matches a deterministic template phrase
231
+ * (line-anchored to avoid false-positives on quoted references).
232
+ */
233
+ export function looksLikeKernelTemplate(text) {
234
+ return TEMPLATE_PHRASES_PATTERN.test(text);
235
+ }
236
+
237
+ /**
238
+ * Returns matched poison patterns for diagnostic surfacing (used by
239
+ * voice-side filters). Empty array when clean.
240
+ */
241
+ export function matchPoisonPatterns(text) {
242
+ return POISON_PATTERNS.filter((rx) => rx.test(text)).map((rx) => rx.source);
243
+ }
244
+
245
+ /**
246
+ * Returns matched infrastructure-leak patterns. Empty array when clean.
247
+ * Voice-side callers should pair this with a "user explicitly asked
248
+ * about infra" signal — when true, infra vocabulary is intentional.
249
+ */
250
+ export function matchInfraLeakPatterns(text) {
251
+ return INFRA_LEAK_PATTERNS.filter((rx) => rx.test(text)).map((rx) => rx.source);
252
+ }