@aria_asi/cli 0.2.40 → 0.2.41

package/src/connectors/codex.ts

@@ -18,6 +18,7 @@ import { connectShell } from './shell.js';
 import { installAriaCognitionSkills } from './cognitive-skills.js';
 import { syncDoctrineTriggerMap } from './doctrine-trigger-map.js';
 import { buildMustReadGuide, mustReadIntro } from './must-read.js';
+import { requireGovernedConnectorMutation } from './governed-adapter.js';
 
 function packageSdkDir(): string {
   const here = path.dirname(fileURLToPath(import.meta.url));
@@ -27,12 +28,23 @@ function packageSdkDir(): string {
 function packageTaskProjectLedgerHelperPath(): string {
   const here = path.dirname(fileURLToPath(import.meta.url));
   const candidates = [
+    path.resolve(here, '..', '..', 'opencode-plugins', 'harness-context', 'task-project-ledger.mjs'),
     path.resolve(here, '..', '..', '..', '..', 'opencode-plugins', 'harness-context', 'task-project-ledger.mjs'),
     path.resolve(here, '..', '..', '..', 'assets', 'opencode-plugins', 'harness-context', 'task-project-ledger.mjs'),
   ];
   return candidates.find((candidate) => existsSync(candidate)) || candidates[0];
 }
 
+function packageProjectBoundaryCognitionPath(): string {
+  const here = path.dirname(fileURLToPath(import.meta.url));
+  const candidates = [
+    path.resolve(here, '..', '..', 'hooks', 'lib', 'project-boundary-cognition.mjs'),
+    path.resolve(here, '..', '..', '..', '..', 'hooks', 'lib', 'project-boundary-cognition.mjs'),
+    path.resolve(here, '..', '..', '..', 'assets', 'hooks', 'lib', 'project-boundary-cognition.mjs'),
+  ];
+  return candidates.find((candidate) => existsSync(candidate)) || candidates[0];
+}
+
 function installSdk(codexDir: string, logs: string[]): void {
   const sdkSrc = packageSdkDir();
   if (!existsSync(sdkSrc)) {
@@ -97,7 +109,25 @@ function tomlString(value: string): string {
   return JSON.stringify(value);
 }
 
+function canonicalCodexHookPath(relativePath: string): string {
+  const here = path.dirname(fileURLToPath(import.meta.url));
+  const candidates = [
+    path.resolve(here, '..', '..', 'hooks', 'codex-native', relativePath),
+    path.resolve(here, '..', '..', '..', '..', 'hooks', 'codex-native', relativePath),
+  ];
+  return candidates.find((candidate) => existsSync(candidate)) || candidates[0];
+}
+
+function readCanonicalCodexHook(relativePath: string): string {
+  const hookPath = canonicalCodexHookPath(relativePath);
+  if (!existsSync(hookPath)) {
+    throw new Error(`Canonical Codex hook asset missing: ${hookPath}`);
+  }
+  return readFileSync(hookPath, 'utf8');
+}
+
 function buildCodexHookRuntimeClient(): string {
+  return readCanonicalCodexHook('lib/runtime-client.mjs');
   return `import { readFileSync, existsSync, mkdirSync, writeFileSync, unlinkSync } from 'node:fs';
 import { spawnSync } from 'node:child_process';
 import { createHash, randomUUID } from 'node:crypto';
@@ -169,6 +199,15 @@ export function inferSessionId(event) {
   return \`codex:\${threadId}:\${turnId}\`;
 }
 
+export function inferHiveThreadId(event = {}, sessionId = '') {
+  const threadId =
+    extractFirst(event, ['thread_id', 'threadId', 'conversation_id', 'conversationId']) ||
+    extractFirst(event?.metadata, ['thread_id', 'threadId', 'conversation_id', 'conversationId']);
+  if (threadId) return \`codex:\${threadId}\`;
+  const raw = sessionId || 'codex';
+  return \`codex:\${createHash('sha256').update(raw).digest('hex').slice(0, 16)}\`;
+}
+
 export function ensureTraceId(state = {}) {
   return typeof state.traceId === 'string' && state.traceId ? state.traceId : \`trace_\${randomUUID()}\`;
 }
@@ -276,7 +315,41 @@ export async function runtimePost(route, body = {}) {
   return response.json();
 }
 
+export async function runtimeGet(route) {
+  const token = readToken();
+  const headers = {};
+  if (token) headers.Authorization = \`Bearer \${token}\`;
+  const response = await fetch(\`\${DEFAULT_RUNTIME_URL}\${route}\`, {
+    method: 'GET',
+    headers,
+  });
+  if (!response.ok) {
+    const detail = await response.text().catch(() => response.statusText);
+    throw new Error(\`runtime \${route} failed (\${response.status}): \${detail}\`);
+  }
+  return response.json();
+}
+
+export function remoteCoachEnabled(env = process.env) {
+  return /^(?:1|true|yes|on)$/i.test(String(
+    env.ARIA_REMOTE_COACH_ENABLED ||
+    env.ARIA_RUNTIME_COACH_ENABLED ||
+    env.ARIA_COACH_REMOTE_ENABLED ||
+    ''
+  ));
+}
+
 export async function recordCoachPhase(phase, body = {}) {
+  if (!remoteCoachEnabled()) {
+    return {
+      ok: true,
+      skipped: true,
+      permitted: true,
+      decision: 'allow',
+      phase,
+      reasons: ['remote_coach_disabled'],
+    };
+  }
   try {
     return await runtimePost('/coach/phase', {
       phase,
@@ -294,17 +367,82 @@ export async function recordCoachPhase(phase, body = {}) {
   }
 }
 
+export async function ensurePreTurnMizanReceipt({ sessionId, traceId, state = {}, event = {}, action = '', target = '' } = {}) {
+  if (state?.preReceiptId) {
+    return { ok: true, state, healed: false };
+  }
+  const message = String(state?.userText || target || 'codex tool request').slice(0, 4000);
+  const packet = await getHarnessClient().getHarnessPacket({
+    sessionId,
+    platform: 'codex',
+    message,
+  });
+  const packetRef = makeEvidenceRef('harness_packet', packet, { sessionId, platform: 'codex', source: 'pre_tool_receipt_heal' });
+  const result = await runtimePost('/mizan/pre', {
+    sessionId,
+    packet,
+    packetRequest: {
+      sessionId,
+      platform: 'codex',
+      message,
+      stage: 'codex-pre-tool-receipt-heal',
+      actor: 'codex-hook',
+      system: 'codex-hook',
+    },
+    context: {
+      sessionId,
+      traceId,
+      surface: 'codex-hooks',
+      platform: 'codex',
+      userText: state?.userText || '',
+      action,
+      target,
+      event,
+      evidenceRefs: [packetRef],
+    },
+  });
+  const nextState = saveTurnState(sessionId, {
+    ...state,
+    traceId,
+    preReceiptId: result?.receipt?.receiptId || null,
+    packetTimestamp: packet?.timestamp || null,
+    packetRef,
+    preReceiptHealed: true,
+    preReceiptHealedAt: new Date().toISOString(),
+    lastEvent: 'PreToolUse',
+  });
+  return {
+    ok: Boolean(result?.receipt?.receiptId),
+    state: nextState,
+    healed: true,
+    receipt: result?.receipt || null,
+  };
+}
+
 export function classifyAction(event) {
   const toolName = String(event?.tool_name || event?.toolName || '').trim();
-  const toolCommand = String(
-    event?.tool_input?.command ??
-    event?.toolInput?.command ??
-    ''
-  ).trim();
-  const haystack = \`\${toolName}\\n\${toolCommand}\\n\${JSON.stringify(event)}\`;
-  if (/deploy|kubectl|docker\\s+push/i.test(haystack)) return 'deploy';
-  if (/\\brm\\b|delete|unlink|drop\\s+table/i.test(haystack)) return 'delete';
-  if (/build|test|tsc|jest|vitest|npm run|pnpm|yarn/i.test(haystack)) return 'build';
+  const toolInput = event?.tool_input || event?.toolInput || {};
+  const toolCommand = String(toolInput?.command ?? '').trim();
+  const lowerTool = toolName.toLowerCase();
+
+  if (/^(?:read|grep|glob|list_mcp_resources|list_mcp_resource_templates)$/i.test(toolName)) return 'read';
+  if (lowerTool.includes('apply_patch')) {
+    return /^\\*\\*\\* Begin Patch[\\s\\S]*^\\*\\*\\* Delete File:/m.test(toolCommand) ? 'delete' : 'write';
+  }
+  if (/^(?:edit|write|notebookedit)$/i.test(toolName) || toolInput?.file_path || toolInput?.notebook_path) {
+    return 'write';
+  }
+  if (/delete|destroy|drop|wipe|purge/i.test(toolName)) return 'delete';
+  if (/deploy|rollout|release/i.test(toolName)) return 'deploy';
+  if (/build|compile|test/i.test(toolName)) return 'build';
+  if (!toolCommand) return 'write';
+
+  if (/^(?:ls|cat|head|tail|grep|rg|sed\\s+-n|wc|find|tree|stat|file|ps|pgrep|du|df|env|printenv|date|pwd|which|type|whoami|id)\\b/.test(toolCommand)) return 'read';
+  if (/^git\\s+(?:status|log|diff|show|branch|remote|rev-parse|ls-tree|ls-files|stash\\s+list)\\b/.test(toolCommand)) return 'read';
+  if (/^(?:kubectl\\s+(?:get|describe|logs|top|version|api-resources)\\b|docker\\s+ps\\b)/.test(toolCommand)) return 'read';
+  if (/\\b(?:scripts\\/deploy-|kubectl\\s+(?:apply|set\\s+image|delete|patch|rollout|scale|drain|cordon)\\b|docker\\s+push\\b|helm\\s+(?:upgrade|install|rollback)\\b)/i.test(toolCommand)) return 'deploy';
+  if (/^(?:rm|rmdir|unlink|truncate)\\b|drop\\s+table|git\\s+(?:reset|clean)\\b/i.test(toolCommand)) return 'delete';
+  if (/\\b(?:npm|pnpm|yarn)\\s+(?:run\\s+)?(?:build|test|check|lint|typecheck)\\b|\\b(?:tsc|jest|vitest|eslint)\\b/i.test(toolCommand)) return 'build';
   return 'write';
 }
 
@@ -315,6 +453,104 @@ export function summarizeTarget(event) {
   }).slice(0, 4000);
 }
 
+function normalizeTouchedPath(value) {
+  const raw = String(value || '').trim();
+  if (!raw) return '';
+  return raw.replace(/\\\\/g, '/').replace(/\\/+/, '/');
+}
+
+function pushTouchedFile(files, value, intent = 'touch') {
+  const pathValue = normalizeTouchedPath(value);
+  if (!pathValue) return;
+  if (!files.some((file) => file.path === pathValue && file.intent === intent)) {
+    files.push({ path: pathValue, intent });
+  }
+}
+
+export function extractToolTouchedFiles(event, action = '') {
+  const files = [];
+  const toolName = String(event?.tool_name || event?.toolName || '').trim();
+  const toolInput = event?.tool_input || event?.toolInput || {};
+  const intent = action || classifyAction(event);
+  pushTouchedFile(files, toolInput?.file_path, intent);
+  pushTouchedFile(files, toolInput?.filePath, intent);
+  pushTouchedFile(files, toolInput?.path, intent);
+  pushTouchedFile(files, toolInput?.notebook_path, intent);
+  pushTouchedFile(files, toolInput?.notebookPath, intent);
+  if (Array.isArray(toolInput?.files)) toolInput.files.forEach((file) => pushTouchedFile(files, file, intent));
+  if (Array.isArray(toolInput?.targetFiles)) toolInput.targetFiles.forEach((file) => pushTouchedFile(files, file, intent));
+  const command = String(toolInput?.command || '');
+  if (/apply_patch/i.test(toolName) || /^\\*\\*\\* Begin Patch/m.test(command)) {
+    for (const match of command.matchAll(/^\\*\\*\\* (?:Update|Add|Delete) File: (.+)$/gm)) {
+      pushTouchedFile(files, match[1], intent);
+    }
+  }
+  return files.slice(0, 200);
+}
+
+export async function recordHiveFileTouch({ sessionId, threadId = null, event = 'tool_request', files = [], source = 'codex-hook', body = {} } = {}) {
+  if (!sessionId || !Array.isArray(files) || files.length === 0) {
+    return { ok: true, skipped: true, reason: 'no files to record' };
+  }
+  try {
+    return await runtimePost('/api/hive/file-touch', {
+      session_id: sessionId,
+      thread_id: threadId,
+      event,
+      files,
+      source,
+      body: {
+        cwd: process.cwd(),
+        ...body,
+      },
+    });
+  } catch (error) {
+    return {
+      ok: false,
+      skipped: false,
+      error: error instanceof Error ? error.message : String(error),
+    };
+  }
+}
+
+export async function recordHiveSessionLifecycle({
+  sessionId,
+  threadId = null,
+  event = 'heartbeat',
+  status = null,
+  intentSummary = null,
+  sourceArtifact = null,
+  fileClaims = [],
+  doNotTouch = [],
+  source = 'codex-hook',
+  body = {},
+} = {}) {
+  if (!sessionId) return { ok: true, skipped: true, reason: 'no session_id to record' };
+  try {
+    return await runtimePost('/api/hive/session-lifecycle', {
+      session_id: sessionId,
+      thread_id: threadId,
+      event,
+      status: status || event,
+      intent_summary: intentSummary || \`\${source} \${event}\`,
+      source_artifact: sourceArtifact,
+      file_claims: Array.isArray(fileClaims) ? fileClaims : [],
+      do_not_touch: Array.isArray(doNotTouch) ? doNotTouch : [],
+      body: {
+        cwd: process.cwd(),
+        source,
+        ...body,
+      },
+    });
+  } catch (error) {
+    return {
+      ok: false,
+      skipped: false,
+      error: error instanceof Error ? error.message : String(error),
+    };
+  }
+}
+
 export function extractUserText(event) {
   return extractText(
     event?.input ??
@@ -337,11 +573,495 @@ export function extractAssistantText(event) {
   );
 }
 
+export const ARIA_ALWAYS_ON_SKILLS = Object.freeze([
+  'aria-axioms-first-principles',
+  'aria-cognition-autofire',
+  'aria-first-class-operating-contract',
+  'aria-cognition-batch',
+  'aria-forge-guardrails',
+  'aria-harness-no-stripping',
+  'aria-harness-output-discipline',
+  'aria-quality-audit',
+  'aria-readable-output',
+  'aria-senior-code-audit',
+  'ghazali-8lens',
+  'mizan',
+  'never-guess',
+  'predictor',
+  'qiyas-analogy',
+  'tadabbur',
+  'aria-repo-doctrine',
+  'aria-senior-code-cookbook',
+  'aria-http-harness-client',
+  'aria-task-codex-executor',
+  'aria-decision-mizan',
+  'tadabbur-ops',
+  'aria-repo-audit',
+  'aria-backend-architect',
+  'aria-live-ops',
+  'aria-memory-index',
+  'aria-ops',
+]);
+
+export const ARIA_QIYAS_15_PERSPECTIVES = Object.freeze([
+  'Owner-Hamza-tomorrow',
+  'operator-client',
+  'investor',
+  'LLM-consumer',
+  'human-end-user',
+  'skeptic',
+  'compliance',
+  'engineering-quality',
+  'cognitive-load',
+  'scale',
+  'Islamic-scholar',
+  'clinical-scholar',
+  'red-team-attacker',
+  '1-week-future-self',
+  '1-year-future-self',
+]);
+
+export const ARIA_TADABBUR_12_STAGES = Object.freeze([
+  'EMBED',
+  'EXCAVATE',
+  'ROOT TRACE',
+  'MULTI-LENS',
+  'PATTERN',
+  'CONSEQUENCE',
+  'DWELLING',
+  'COLLAPSE',
+  'PRINCIPLE',
+  'INVERSION',
+  'PERSONAL',
+  'VOICE',
+]);
+
+export const ARIA_QA_AUTOFIRE_CYCLE = Object.freeze([
+  'qiyas_15_pass',
+  'tadabbur_full_canonical_12_stage',
+  'correct',
+  'enhance',
+  'harden',
+  'verify',
+]);
+
+export const ARIA_QA_METHOD_CONTRACT = Object.freeze({
+  qiyas: 'Qiyas means full Qiyas-15 only. Mini Qiyas is not acceptable for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+  tadabbur: 'Tadabbur means the full canonical 12-stage Tadabbur path for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+});
+
+export const UNIVERSAL_CONNECTOR_ACTUAL_GOAL =
+  'Wire extracted books, doctrines, skills, runtimes, primitives, mappings, CLIs, connectors, hooks, sidecars, and agent surfaces into the operating system so agent output improves automatically.';
+
+export const UNIVERSAL_CONNECTOR_HIGH_IMPACT_SKILLS = Object.freeze([
+  'ghazali-tauba-kca-repair-contract',
+  'ghazali-rights-before-balance-settlement',
+  'ghazali-delay-is-risk-auditor',
+  'ghazali-knowledge-condition-action-patience-bridge',
+  'ghazali-cause-means-tawakkal-mizan',
+  'ghazali-ultimate-cause-chain-tracer',
+  'ghazali-necessity-vs-attachment-mizan',
+  'ghazali-attachment-not-possession-auditor',
+  'ghazali-acquaintance-before-love-diagnoser',
+  'ghazali-love-cup-attachment-displacement-auditor',
+  'ghazali-knowledge-will-strength-action-chain',
+  'ghazali-means-do-not-cleanse-end-gate',
+  'ghazali-six-register-truthfulness-audit',
+  'ghazali-breath-capital-day-contract',
+  'ghazali-two-premise-action-transduction',
+  'ghazali-four-object-thought-ledger',
+  'ghazali-one-vice-one-replacement-register',
+  'ghazali-bounded-sign-observation',
+  'ghazali-three-question-intention-gate',
+  'ghazali-principal-profit-loss-muhasabah',
+  'ghazali-self-rebuke-false-narrative-interrogator',
+  'ghazali-death-remembrance-deception-breaker',
+  'ghazali-condition-specific-hope-fear-medicine',
+  'ghazali-fear-action-not-paralysis-gate',
+  'ghazali-hope-requires-cultivation-auditor',
+]);
+
+export const UNIVERSAL_CONNECTOR_REQUIRED_RUNTIMES = Object.freeze([
+  'tafakkur-transduction-runtime',
+  'six-stage-self-accounting-runtime',
+  'mortality-accounting-runtime',
+  'fear-hope-condition-regulation-runtime',
+  'intention-to-action-integrity-runtime',
+  'love-fruit-contentment-runtime',
+  'patience-gratitude-purpose-mizan-runtime',
+  'tauba-rights-repair-runtime',
+  'tawakkal-cause-mizan-runtime',
+  'zuhd-necessity-attachment-runtime',
+]);
+
+function includesAny(text = '', terms = []) {
+  const source = String(text || '').toLowerCase();
+  return terms.some((term) => source.includes(String(term).toLowerCase()));
+}
+
+function countIncluded(text = '', terms = []) {
+  const source = String(text || '').toLowerCase();
+  return terms.reduce((count, term) => count + (source.includes(String(term).toLowerCase()) ? 1 : 0), 0);
+}
+
+function continuationRequested(text = '') {
+  return includesAny(text, [
+    'continue',
+    'next phase',
+    'next step',
+    'next best',
+    'fire',
+    'skills',
+    'production',
+    'ready',
+    'what is left',
+    "what's left",
+    'how far',
+    'qa',
+    'ledger',
+    'autofire',
+    'wire',
+  ]);
+}
+
+function actualGoalHits(text = '') {
+  return countIncluded(text, [
+    'wire extracted',
+    'books',
+    'doctrines',
+    'skills',
+    'runtimes',
+    'primitives',
+    'mappings',
+    'connectors',
+    'hooks',
+    'sidecars',
+    'agent surfaces',
+    'output improves automatically',
+    'corpus',
+    'forced-selection',
+    'actual goal',
+  ]);
+}
+
+function supportMechanismHits(text = '') {
+  return countIncluded(text, ['receipt', 'gate', 'ledger', 'canary', 'drift check', 'phase ']);
+}
+
+export function buildUniversalConnectorGoalContract({ userText = '', phase = 'turn' } = {}) {
+  return {
+    id: 'universal-connector-corpus-runtime-goal-contract',
+    phase,
+    actualGoal: UNIVERSAL_CONNECTOR_ACTUAL_GOAL,
+    supportRule: 'Receipts, gates, ledgers, and canaries are support evidence only; they pass when they prove corpus-backed behavior changed action, QA, correction, verification, or learning.',
+    hardStopOnlyFor: ['secrets', 'destructive actions', 'deploy/publication boundary', 'owner-contradicted action', 'proven false completion risk'],
+    qaPacket: {
+      qiyas: 'Qiyas-15 over owner trust, operator value, engineering quality, cognitive load, scale, compliance, red-team, one-week future, and one-year future.',
+      tadabbur: 'Full consequence trace from current action to production behavior; reject motion that only improves receipts.',
+      mizan: 'Balance evidence, owner impact, throughput, and false-completion risk; repair low-risk misses before hard-blocking.',
+      ghazali8: 'Nur observed substrate, Mizan proportion, Hikma doctrine, Tafakkur structure, Tadabbur consequence, Ilham sensed drift, Wahi owner/corpus anchor, Firasah owner need.',
+      fitrah: 'Truth over deception, no harm, sacred trust, power obligates service, reflection before action.',
+    },
+    selectedSkills: [...UNIVERSAL_CONNECTOR_HIGH_IMPACT_SKILLS],
+    selectedRuntimes: [...UNIVERSAL_CONNECTOR_REQUIRED_RUNTIMES],
+    nextHighestImpactAction: 'Promote the sandbox corpus registry consumer into the real connector/hook forced-selection path, then run behavioral QA on actual Claude/Codex/OpenCode continuation prompts.',
+    continuation: continuationRequested(userText),
+  };
+}
+
+export function evaluateGoalContractOutput(text = '', { userText = '', goalContract = null } = {}) {
+  const source = String(text || '');
+  const contract = goalContract || buildUniversalConnectorGoalContract({ userText, phase: 'stop' });
+  const continuation = contract.continuation || continuationRequested(userText) || actualGoalHits(userText) > 0;
+  const blockers = [];
+  const warnings = [];
+  const repairs = [];
+  if (!continuation) return { pass: true, hardBlock: false, score: 1, blockers, warnings, repairs, contract };
+  const goalHits = actualGoalHits(source);
+  const supportHits = supportMechanismHits(source);
+  const hasEvidence = includesAny(source, ['verified', 'observed', 'evidence', 'smoke', 'test', 'audit', 'not production-ready', 'integration-ready', 'blocked', 'pending', 'unverified']);
+  const hasNextAction = includesAny(source, ['next highest', 'next best', 'next action', 'next step', 'continue by', 'promote the sandbox corpus', 'wire the registry', 'forced-selection']);
+  const hasQa = includesAny(source, ['qa', 'qiyas', 'tadabbur', 'mizan', 'ghazali', 'correct', 'enhance', 'harden', 'repair']);
+  if (goalHits === 0) {
+    warnings.push('goal-contract: output does not bind the turn to corpus-to-runtime wiring or automatic output improvement');
+    repairs.push('Name the actual goal or make the current action directly advance corpus registry, runtime, hook, connector, surface, or forced-selection wiring.');
+  }
+  if (!hasNextAction) {
+    warnings.push('goal-contract: continuation output does not name the next highest-impact action');
+    repairs.push('Add a concrete next action that advances real wiring or behavioral QA.');
+  }
+  if (!hasQa) {
+    warnings.push('goal-contract: QA/correction loop is missing from the visible state');
+    repairs.push('Add expected-vs-observed QA with correction, enhancement, hardening, or an explicit pass boundary.');
+  }
+  if (!hasEvidence) {
+    warnings.push('goal-contract: evidence boundary is missing');
+    repairs.push('State verified, blocked, pending, unverified, or the exact evidence class used before making status claims.');
+  }
+  if (supportHits >= 3 && supportHits > goalHits + 1) {
+    warnings.push('goal-contract: support mechanisms dominate the answer over the actual product goal');
+    repairs.push('Reframe receipts, gates, ledgers, and canaries as evidence only, then return to corpus-to-runtime wiring and output improvement.');
+  }
+  if (/\\bwhat would you like me to do next\\b|\\bhow would you like me to proceed\\b/i.test(source)) {
+    blockers.push('goal-contract: output asks the owner to choose the obvious continuation instead of naming the next highest-impact step');
+  }
+  if (/\\b(?:production ready|ready for production|release ready|promotion pass|complete|completed|done|verified|fixed)\\b/i.test(source) && !/\\b(?:not production-ready|not production ready|integration-ready|pending|blocked|unverified|bounded|evidence)\\b/i.test(source)) {
+    blockers.push('goal-contract: false completion or readiness claim without bounded evidence');
+  }
+  if (/\\b(?:\\/consult|consult api|consult response)\\b/i.test(source) && /\\b(?:quality source|core quality|dependency|required)\\b/i.test(source)) {
+    blockers.push('goal-contract: consult API is being treated as the core quality engine');
+  }
+  const score = [goalHits > 0, hasNextAction, hasQa, hasEvidence, !(supportHits >= 3 && supportHits > goalHits + 1), blockers.length === 0].filter(Boolean).length / 6;
+  return {
+    pass: blockers.length === 0 && score >= 0.67,
+    hardBlock: blockers.length > 0,
+    score,
+    blockers: [...new Set(blockers)],
+    warnings: [...new Set(warnings)],
+    repairs: [...new Set(repairs)],
+    nextHighestImpactAction: contract.nextHighestImpactAction,
+    selectedSkills: contract.selectedSkills,
+    selectedRuntimes: contract.selectedRuntimes,
+    contract,
+  };
+}
+
+export function inferRequiredAriaSkills(text = '') {
+  const raw = String(text || '');
+  const lower = raw.toLowerCase();
+  const required = new Set(ARIA_ALWAYS_ON_SKILLS);
+  const add = (skill) => required.add(skill);
+  const mentions = (skill) => new RegExp('(?:^|[^a-z0-9_-])\\\\$?' + skill.replace(/[.*+?^\${}()|[\\]\\\\]/g, '\\\\$&') + '(?:$|[^a-z0-9_-])', 'i').test(raw);
+
+  for (const skill of [
+    'aria-axioms-first-principles',
+    'aria-cognition-autofire',
+    'aria-first-class-operating-contract',
+    'aria-cognition-batch',
+    'aria-readable-output',
+    'tadabbur',
+    'qiyas-analogy',
+  ]) {
+    if (mentions(skill)) add(skill);
+  }
+
+  if (/\\b(?:aria|harness|garden|claude code|codex|opencode|skill|skills|hook|hooks|runtime|connector|sdk|gate|quality|qa|audit|completion claim)\\b/i.test(raw)) {
+    add('aria-cognition-autofire');
+    add('aria-readable-output');
+  }
+  if (/\\b(?:first class|first-class|world class|world-class|revolutionary upgrade|full upgrade|substrate os|not just a watcher|serious upgrade)\\b/i.test(raw)) {
+    add('aria-first-class-operating-contract');
+  }
+  if (/\\b(?:axiom|axioms|first principles?|fitrah|source trust|evidence threshold)\\b/i.test(raw)) {
+    add('aria-axioms-first-principles');
+  }
+  if (/\\b(?:full cognition|batch cognition|28\\+15|mizan plus tadabbur|rich cognitives|cognitive batch)\\b/i.test(raw)) {
+    add('aria-cognition-batch');
+  }
+  if (/\\b(?:tadabbur|taddabur|12-stage|heart filter|consequence reasoning|cookbook|deep reflection)\\b/i.test(lower)) {
+    add('tadabbur');
+  }
+  if (/\\b(?:qiyas|analogy|analogical|qiyas-15|structural analogy|asl|hukm|illah|furuq)\\b/i.test(lower)) {
+    add('qiyas-analogy');
+  }
+  if (/\\b(?:fire named skills|fire skills|use aria skills|named skills)\\b/i.test(lower)) {
+    add('aria-axioms-first-principles');
+    add('aria-cognition-autofire');
+    add('aria-cognition-batch');
+    add('aria-readable-output');
+    add('tadabbur');
+    add('qiyas-analogy');
+  }
+  if (/\\b(?:readable output|readability|owner surface|owner-facing|scannable|stop gate|closeout|final answer)\\b/i.test(lower)) {
+    add('aria-readable-output');
+  }
+  if (/\\b(?:backend|api|server|database|auth|queue|worker|service)\\b/i.test(lower)) {
+    add('aria-backend-architect');
+  }
+  if (/\\b(?:frontend|ui|ux|component|page|screen|css|layout)\\b/i.test(lower)) {
+    add('aria-frontend-architect');
+  }
+  if (/\\b(?:fullstack|end-to-end|e2e|web app|application)\\b/i.test(lower)) {
+    add('aria-fullstack-orchestrator');
+  }
+  if (/\\b(?:deploy|k8s|kubernetes|kubectl|cluster|infra|infrastructure|rollout)\\b/i.test(lower)) {
+    add('aria-live-ops');
+    add('aria-k8s-deploy');
+  }
+  if (/\\b(?:repo audit|repository audit|codebase audit|refactor|review)\\b/i.test(lower)) {
+    add('aria-repo-audit');
+  }
+  if (/\\b(?:research|diligence|sources|market|competitor|public sources)\\b/i.test(lower)) {
+    add('aria-research-orchestrator');
+  }
+  if (/\\b(?:business|pricing|gtm|go-to-market|revenue|retention|launch)\\b/i.test(lower)) {
+    add('aria-business-frame');
+    add('aria-gtm-architect');
+  }
+  if (required.size > 0 && /\\b(?:aria|harness|codex|claude|hook|gate|runtime|skill|cognition|coach)\\b/i.test(raw)) {
+    add('aria-readable-output');
+  }
+
+  return [...required].sort();
+}
+
+export function summarizeForcedSkillLoad(promptBuild = null) {
+  if (!promptBuild || typeof promptBuild !== 'object') return null;
+  const loadedCookbooks = Array.isArray(promptBuild.loadedCookbooks) ? promptBuild.loadedCookbooks : [];
+  const missingCookbooks = Array.isArray(promptBuild.missingCookbooks) ? promptBuild.missingCookbooks : [];
+  const receipt = promptBuild.skillExecutionReceipt && typeof promptBuild.skillExecutionReceipt === 'object'
+    ? promptBuild.skillExecutionReceipt
+    : null;
+  const substrateKernelExecution = receipt?.substrateKernelExecution && typeof receipt.substrateKernelExecution === 'object'
+    ? receipt.substrateKernelExecution
+    : null;
+  const executedSkillIds = Array.isArray(receipt?.executedSkillIds)
+    ? receipt.executedSkillIds
+    : Array.isArray(substrateKernelExecution?.executedSkillIds)
+      ? substrateKernelExecution.executedSkillIds
+      : [];
+  const executedOperatorIds = Array.isArray(receipt?.executedOperatorIds)
+    ? receipt.executedOperatorIds
+    : Array.isArray(substrateKernelExecution?.executedOperatorIds)
+      ? substrateKernelExecution.executedOperatorIds
+      : [];
+  return {
+    ok: promptBuild.ok === true,
+    requiredSkillIds: Array.isArray(promptBuild.requiredSkillIds) ? promptBuild.requiredSkillIds : [],
+    loadedSkillIds: Array.isArray(promptBuild.loadedSkillIds) ? promptBuild.loadedSkillIds : [],
+    missingSkillIds: Array.isArray(promptBuild.missingSkillIds) ? promptBuild.missingSkillIds : [],
+    loadedSkillHashes: Array.isArray(promptBuild.loadedSkillHashes) ? promptBuild.loadedSkillHashes : [],
+    loadedCookbooks: loadedCookbooks.map((entry) => ({
+      skillId: entry.skillId || null,
+      requestedBy: entry.requestedBy || null,
+      cookbookName: entry.cookbookName || null,
+      path: entry.path || null,
+      hash: entry.hash || null,
+      chars: entry.chars || null,
+    })),
+    missingCookbooks: missingCookbooks.map((entry) => ({
+      skillId: entry.skillId || null,
+      requestedBy: entry.requestedBy || null,
+      cookbookName: entry.cookbookName || null,
+      path: entry.path || null,
+    })),
+    skillExecutionMode: typeof promptBuild.skillExecutionMode === 'string' ? promptBuild.skillExecutionMode : null,
+    skillExecutionReceipt: receipt
+      ? {
+          ok: receipt.ok === true,
+          mode: receipt.mode || null,
+          firedSkillIds: executedSkillIds.length
+            ? executedSkillIds
+            : Array.isArray(receipt.firedSkillIds) ? receipt.firedSkillIds : [],
+          executedSkillIds,
+          executedOperatorCount: executedOperatorIds.length,
+          substrateKernelExecution: substrateKernelExecution
+            ? {
+                ok: substrateKernelExecution.ok === true,
+                mode: substrateKernelExecution.mode || null,
+                executedOperatorIdsHash: substrateKernelExecution.executedOperatorIdsHash || null,
+                executionHash: substrateKernelExecution.executionHash || null,
+              }
+            : null,
+          receiptHash: receipt.receiptHash || null,
+        }
+      : null,
+    promptSha256: promptBuild.prompt ? createHash('sha256').update(String(promptBuild.prompt)).digest('hex') : null,
+    promptChars: promptBuild.prompt ? String(promptBuild.prompt).length : 0,
+  };
+}
+
+export function forcedSkillLoadGaps(state = {}) {
+  const summary = state?.forcedSkillLoad || null;
+  const required = Array.isArray(state?.requiredSkills) ? state.requiredSkills : [];
+  if (required.length === 0) return [];
+  if (!summary) return ['forced runtime skill/cookbook context was not built'];
+  const gaps = [];
+  if (Array.isArray(summary.missingSkillIds) && summary.missingSkillIds.length > 0) {
+    gaps.push('missing skill ids: ' + summary.missingSkillIds.join(', '));
+  }
+  if (Array.isArray(summary.missingCookbooks) && summary.missingCookbooks.length > 0) {
+    gaps.push('missing cookbooks: ' + summary.missingCookbooks.map((entry) => entry.path || entry.cookbookName).join(', '));
+  }
+  if (summary.skillExecutionMode === 'mechanical-receipt') {
+    const receipt = summary.skillExecutionReceipt || {};
+    const fired = Array.isArray(receipt.executedSkillIds) && receipt.executedSkillIds.length
+      ? receipt.executedSkillIds
+      : Array.isArray(receipt.firedSkillIds) ? receipt.firedSkillIds : [];
+    const missingFired = required.filter((skill) => !fired.includes(skill));
+    if (receipt.ok !== true) gaps.push('mechanical skill execution receipt did not pass');
+    if (receipt.substrateKernelExecution?.ok !== true) gaps.push('substrate kernel execution receipt did not pass');
+    if (missingFired.length > 0) gaps.push('mechanical receipt missing fired skill ids: ' + missingFired.join(', '));
+    if (summary.promptChars > 75000) gaps.push('mechanical receipt prompt exceeds compact prompt budget');
+  }
+  if (required.includes('tadabbur')) {
+    const cookbookNames = new Set((summary.loadedCookbooks || []).map((entry) => entry.cookbookName).filter(Boolean));
+    if (!cookbookNames.has('tadabbur-cookbook.md')) gaps.push('tadabbur required but tadabbur-cookbook.md was not loaded');
+  }
+  return gaps;
+}
+
+export function requiresFullAriaCognition(userText = '', requiredSkills = []) {
+  const text = String(userText || '');
+  if (/\b(?:social|casual|small talk|quick reply)\b/i.test(text)) return false;
+  if (/\b(?:qiyas|tadabbur|taddabur|full cognition|architecture|runtime|code|coding|repo|hook|hooks|sdk|worker|workers|queue|ledger|qa|quality|audit|harness|connector|gate|skills?|cookbooks?|daemon|telemetry)\b/i.test(text)) {
+    return true;
+  }
+  return requiredSkills.includes('qiyas-analogy') || requiredSkills.includes('tadabbur');
+}
+
+function ownerVisibleText(text = '') {
+  return String(text || '')
+    .replace(new RegExp('<!--[\\\\s\\\\S]*?-->', 'g'), '')
+    .replace(new RegExp('<details\\\\b[\\\\s\\\\S]*?</details>', 'gi'), '')
+    .replace(new RegExp('<gate\\\\b[\\\\s\\\\S]*?</gate>', 'gi'), '')
+    .replace(new RegExp('<cognition\\\\b[\\\\s\\\\S]*?</cognition>', 'gi'), '')
+    .replace(new RegExp('<applied_cognition\\\\b[\\\\s\\\\S]*?</applied_cognition>', 'gi'), '');
+}
+
+export function fullCognitionMethodGaps({ state = {}, text = '' } = {}) {
+  const required = Array.isArray(state?.requiredSkills) ? state.requiredSkills : [];
+  const userText = state?.userText || '';
+  if (!requiresFullAriaCognition(userText, required)) return [];
+  const visible = ownerVisibleText(text);
+  const gaps = [];
+  const qiyasLabel = new RegExp('(^|\\\\n)\\\\s*qiyas_15_pass\\\\s*:', 'i');
+  const tadabburLabel = new RegExp('(^|\\\\n)\\\\s*tadabbur_full_canonical_12_stage\\\\s*:', 'i');
+  const tadabburStages = new RegExp('\\\\b(?:EMBED|EXCAVATE|ROOT TRACE|INTENT TRACE|CONTRACT TRACE|CONSEQUENCE|COLLAPSE|SEPARATE|VERIFY|RECORD|DECIDE|ACT)\\\\b', 'g');
+  if (qiyasLabel.test(visible) || (visible.match(/Owner-Hamza-(?:now|tomorrow|future)|Repo integrity|Deploy integrity|Scope discipline/g) || []).length >= 4) {
+    gaps.push('raw Qiyas method dump is on the owner surface; collapse it into the decision and keep method evidence off the visible answer');
+  }
+  if (tadabburLabel.test(visible) || (visible.match(tadabburStages) || []).length >= 4) {
+    gaps.push('raw Tadabbur stage dump is on the owner surface; collapse it into consequence-aware guidance and keep method evidence off the visible answer');
+  }
+  // Method coverage is proven by runtime skill-load state, not by forcing
+  // every Qiyas/Tadabbur label into the owner-visible answer.
+  if (new RegExp('<applied_cognition\\\\b', 'i').test(visible) || new RegExp('</applied_cognition>', 'i').test(visible)) {
+    gaps.push('raw applied_cognition XML is on the owner surface; summarize the decision delta in prose unless a gate explicitly asks for machine-readable XML');
+  }
+  return gaps;
+}
+
 function normalizeValidationIssue(issue) {
   const raw = String(issue || '').replace(/\\s+/g, ' ').trim();
   if (!raw) return '';
   if (/No <cognition>/i.test(raw)) return 'missing readable cognition block';
   if (/missing\\s+<applied_cognition>/i.test(raw)) return 'missing applied cognition contract';
+  if (/owner_facing_cognition_first|owner[- ]readable|Leading with <cognition>|gate surface/i.test(raw)) {
+    return 'owner-readable answer must come before gate XML; move <cognition>/<applied_cognition> after the headline, evidence, and next action';
+  }
+  if (/feedback_full_harness_binding_must_be_structural|just-context-I-read|SDK has primitives|just context|advisory|read[.-]?only/i.test(raw)) {
+    return 'structural harness binding requires executed SDK primitive evidence: name the validateOutput/checkAction/inject/gardenTurn/verifyClaim receipt, or state that no SDK primitive has run and make the next action the exact primitive call; avoid ambiguous "read-only" wording when you mean "no production writes were performed"';
+  }
+  if (/feedback_pretoolgate_covers_all_action_tools/i.test(raw)) {
+    return 'doctrine wording issue: requirements must not be framed as preferences, optional paths, or fallback layers';
+  }
+  if (/feedback_qa_binds_to_fix_not_question|QA finding has been emitted|Recovery Contract is BINDING/i.test(raw)) {
+    return 'QA finding requires A/B/C/D closure with evidence: fixed in turn, tracked task, scoped Mizan choice, or invalidated';
+  }
+  if (/feedback_no_premature_task_closeout|premature_task_closeout/i.test(raw)) {
+    return 'completion/readiness claim needs matching verification or bounded status';
+  }
   if (/qualitative_drift/i.test(raw)) return 'qualitative drift language needs a measurable predicate';
   if (/premature_task_closeout|feedback_no_premature_task_closeout|done\\|complete\\|completed\\|ready\\|verified\\|fixed/i.test(raw)) {
     return 'completion/readiness claim conflicts with unresolved blocker state';
@@ -369,26 +1089,36 @@ export function formatValidationFailure(result) {
 }
 
 export function isAriaControlBlock(text) {
-  return /^(?:ARIA CODEX RECOVERY CONTRACT|Aria runtime blocked final output for this Codex turn\\.|Aria stop gate blocked output:|Aria task\\/project ledger blocked output claim\\.|Aria stop hook failed closed:)/i.test(String(text || '').trim());
+  return /^(?:ARIA CODEX RECOVERY CONTRACT|Aria held this Codex output for re-authoring\\.|Aria runtime blocked final output for this Codex turn\\.|Aria stop gate blocked output:|Aria task\\/project ledger blocked output claim\\.|Aria stop hook failed closed:)/i.test(String(text || '').trim());
 }
 
 export function formatCodexRecoveryBlock({ surface = 'codex', reason = '', issues = [], next = '' } = {}) {
   const blockers = uniqueStrings([reason, ...issues]);
+  const hasStructuralHarnessBindingBlocker = blockers.some((item) => /structural harness binding/i.test(item));
+  const recoveryLines = hasStructuralHarnessBindingBlocker
+    ? [
+        '4. Structural harness binding blocker: do not repeat "SDK primitives" as prose.',
+        '5. In the owner answer, include one concrete line: SDK evidence: <primitive> <receipt/path/status> or SDK evidence: not run yet.',
+        '6. If not run yet, the next action must be the exact primitive call, for example validateOutput, checkAction, inject, gardenTurn, or verifyClaim.',
+        '7. Avoid ambiguous read-only wording; say no production writes were performed when that is the actual evidence.',
+      ]
+    : [
+        next || '4. Re-submit the corrected answer; if this blocker repeats twice, escalate with this block report.',
+      ];
   return [
-    'ARIA CODEX RECOVERY CONTRACT',
-    'surface: ' + surface,
-    'status: output held for re-authoring',
+    'Aria held this Codex output for re-authoring.',
+    '',
+    'Surface: ' + surface,
+    'Status: blocked before user release',
     '',
     'Observed blockers:',
     ...(blockers.length ? blockers.map((item) => '- ' + item) : ['- Aria validation failed.']),
     '',
-    'Recovery contract:',
-    '1. Do not retry the same blocked text.',
-    '2. Re-author the answer from the user request, not from this block report.',
-    '3. Include <cognition> and <applied_cognition> when the answer is non-trivial.',
-    '4. Use bounded status language when evidence is missing; do not use completion/readiness claims without proof.',
-    '5. Name a measurable verification predicate, or explicitly state that verification has not run.',
-    next || '6. Re-submit the corrected answer; if the same blocker repeats twice, escalate with this full recovery contract.',
+    'Rewrite shape:',
+    '1. Start with the owner-readable answer: status, evidence, next action.',
+    '2. Keep claims bounded unless verification evidence is present.',
+    '3. Put raw gate XML after the answer only when the gate explicitly requires it.',
+    ...recoveryLines,
   ].join('\\n');
 }
 
@@ -416,10 +1146,12 @@ export function runGovernanceGate(payload = {}) {
 }
 
 function buildCodexUserPromptHook(): string {
+  return readCanonicalCodexHook('aria-userprompt-submit.mjs');
   return `#!/usr/bin/env node
 import {
   getHarnessClient,
   inferSessionId,
+  inferHiveThreadId,
   inferUserId,
   ensureTraceId,
   extractUserText,
@@ -429,19 +1161,41 @@ import {
   recordCoachPhase,
   loadTurnState,
   saveTurnState,
+  inferRequiredAriaSkills,
+  summarizeForcedSkillLoad,
+  forcedSkillLoadGaps,
+  buildUniversalConnectorGoalContract,
   runGovernanceGate,
+  recordHiveSessionLifecycle,
   updateTaskProjectLedger,
   formatCodexRecoveryBlock,
   emitJson,
 } from './lib/runtime-client.mjs';
 
+const ARIA_QA_AUTOFIRE_CYCLE = Object.freeze([
+  'qiyas_15_pass',
+  'tadabbur_full_canonical_12_stage',
+  'correct',
+  'enhance',
+  'harden',
+  'verify',
+]);
+
+const ARIA_QA_METHOD_CONTRACT = Object.freeze({
+  qiyas: 'Qiyas means full Qiyas-15 only. Mini Qiyas is not acceptable for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+  tadabbur: 'Tadabbur means the full canonical 12-stage Tadabbur path for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+});
+
 const event = readEventFromStdin();
 const client = getHarnessClient();
 const userText = extractUserText(event);
 const sessionId = inferSessionId(event);
+const hiveThreadId = inferHiveThreadId(event, sessionId);
 const userId = inferUserId(event);
 const priorState = loadTurnState(sessionId);
 const traceId = ensureTraceId(priorState);
+const requiredSkills = inferRequiredAriaSkills(userText);
+const goalContract = buildUniversalConnectorGoalContract({ userText, phase: 'pre_prompt' });
 const ledgerResult = updateTaskProjectLedger({
   platform: 'codex',
   phase: 'pre_prompt_injection',
@@ -450,6 +1204,15 @@ const ledgerResult = updateTaskProjectLedger({
 });
 
 try {
+  const lifecycleStart = await recordHiveSessionLifecycle({
+    sessionId,
+    threadId: hiveThreadId,
+    event: 'turn_start',
+    status: 'active',
+    intentSummary: userText.slice(0, 240) || 'Codex session turn started',
+    source: 'codex-userprompt-hook',
+    body: { traceId, userId, goalContract },
+  });
   await recordCoachPhase('pre_turn', {
     requestId: traceId,
     sessionId,
@@ -488,20 +1251,81 @@ try {
       platform: 'codex',
       userText,
       userId,
+      goalContract,
       evidenceRefs: [packetRef],
     },
   });
+  let forcedSkillLoad = null;
+  if (requiredSkills.length > 0) {
+    try {
+      const promptBuild = await runtimePost('/build-system-prompt', {
+        sessionId,
+        message: userText || 'codex forced skill load',
+        requiredSkills,
+        metadata: {
+          source: 'codex-userprompt-submit',
+          cookbookMode: 'required-when-referenced',
+          skillExecutionMode: 'mechanical-receipt',
+          goalContract,
+        },
+        skillExecutionMode: 'mechanical-receipt',
+      });
+      forcedSkillLoad = summarizeForcedSkillLoad(promptBuild);
+      forcedSkillLoad.gaps = forcedSkillLoadGaps({ requiredSkills, forcedSkillLoad });
+    } catch (error) {
+      forcedSkillLoad = {
+        ok: false,
+        requiredSkillIds: requiredSkills,
+        loadedSkillIds: [],
+        missingSkillIds: [],
+        loadedSkillHashes: [],
+        loadedCookbooks: [],
+        missingCookbooks: [],
+        promptSha256: null,
+        promptChars: 0,
+        gaps: ['forced skill autofire runtime call failed: ' + (error instanceof Error ? error.message : String(error))],
+      };
+    }
+  }
   await recordCoachPhase('post_cognition', {
     requestId: traceId,
     sessionId,
     text: userText,
-    evidenceRefs: [packetRef, makeEvidenceRef('mizan_pre_receipt', result?.receipt || null, { sessionId, traceId })],
-    metadata: { source: 'codex-userprompt-hook', pre_receipt_id: result?.receipt?.receiptId || null },
+    evidenceRefs: [
+      packetRef,
+      makeEvidenceRef('mizan_pre_receipt', result?.receipt || null, { sessionId, traceId }),
+      ...(forcedSkillLoad ? [makeEvidenceRef('forced_skill_load', forcedSkillLoad, { sessionId, traceId })] : []),
+    ],
+    metadata: {
+      source: 'codex-userprompt-hook',
+      pre_receipt_id: result?.receipt?.receiptId || null,
+      requiredSkills,
+      forcedSkillLoad,
+      goalContract,
+      hiveThreadId,
+      lifecycleStart,
+      qaAutofire: {
+        mode: 'always-on-15',
+        phase: 'pre_turn',
+        correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+      },
+    },
   });
   saveTurnState(sessionId, {
     traceId,
     userId,
     userText,
+    requiredSkills,
+    forcedSkillLoad,
+    goalContract,
+    forcedSkillLoadEnforced: false,
+    forcedSkillAutofire: requiredSkills.length > 0,
+    hiveThreadId,
+    lifecycleStart,
+    qaAutofire: {
+      mode: 'always-on-15',
+      correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+    },
     preReceiptId: result?.receipt?.receiptId || null,
     taskProjectLedgerId: ledgerResult.ledger.ledgerId,
     packetTimestamp: packet?.timestamp || null,
@@ -522,9 +1346,18 @@ try {
 `;
 }
 
+function buildCodexLiveTickerHook(): string {
+  return readCanonicalCodexHook('aria-live-ticker.mjs');
+}
+
+function buildCodexHarnessTickerSidecar(): string {
+  return readCanonicalCodexHook('aria-harness-ticker-sidecar.mjs');
+}
+
 function buildCodexPreToolHook(): string {
+  return readCanonicalCodexHook('aria-pre-tool-use.mjs');
   return `#!/usr/bin/env node
-  import {
+import {
   inferSessionId,
   classifyAction,
   summarizeTarget,
@@ -532,30 +1365,86 @@ function buildCodexPreToolHook(): string {
   loadTurnState,
   makeEvidenceRef,
   recordCoachPhase,
+  ensurePreTurnMizanReceipt,
   runGovernanceGate,
   saveTurnState,
+  forcedSkillLoadGaps,
+  extractToolTouchedFiles,
+  recordHiveFileTouch,
+  recordHiveSessionLifecycle,
   formatCodexRecoveryBlock,
   emitJson,
 } from './lib/runtime-client.mjs';
 
+const ARIA_QA_AUTOFIRE_CYCLE = Object.freeze([
+  'qiyas_15_pass',
+  'tadabbur_full_canonical_12_stage',
+  'correct',
+  'enhance',
+  'harden',
+  'verify',
+]);
+
+const ARIA_QA_METHOD_CONTRACT = Object.freeze({
+  qiyas: 'Qiyas means full Qiyas-15 only. Mini Qiyas is not acceptable for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+  tadabbur: 'Tadabbur means the full canonical 12-stage Tadabbur path for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+});
+
 const event = readEventFromStdin();
 const sessionId = inferSessionId(event);
 const action = classifyAction(event);
 const target = summarizeTarget(event);
-const state = loadTurnState(sessionId);
+let state = loadTurnState(sessionId);
 
 try {
-  if (!state?.preReceiptId && !state?.userText) {
-    emitJson({
-      decision: 'block',
-      reason: formatCodexRecoveryBlock({
-        surface: 'codex-pre-tool',
-        reason: 'this turn has no pre-turn Mizan receipt',
-        next: '6. Re-submit the prompt so cognition is established before tool use, then request the tool again.',
-      }),
-    });
+  if (!state?.preReceiptId) {
+    try {
+      const healed = await ensurePreTurnMizanReceipt({
+        sessionId,
+        traceId: state?.traceId || sessionId,
+        state,
+        event,
+        action,
+        target,
+      });
+      state = healed.state || state;
+      if (!healed.ok) {
+        emitJson({
+          decision: 'block',
+          reason: 'Codex pre-tool gate could not mint a real Mizan pre-turn receipt from the mounted runtime. Runtime returned no receipt id; tool use is blocked until the runtime receipt path is healthy.',
+        });
+      }
+    } catch (error) {
+      emitJson({
+        decision: 'block',
+        reason: 'Codex pre-tool gate could not mint a real Mizan pre-turn receipt from the mounted runtime: ' + (error instanceof Error ? error.message : String(error)),
+      });
+    }
   }
+  const forcedSkillGaps = forcedSkillLoadGaps(state);
   const toolName = String(event?.tool_name || event?.toolName || '').trim() || null;
+  const touchedFiles = extractToolTouchedFiles(event, action);
+  const hiveThreadId = state?.hiveThreadId || null;
+  const hiveTouch = await recordHiveFileTouch({
+    sessionId,
+    threadId: hiveThreadId,
+    event: 'pre_tool',
+    files: touchedFiles,
+    source: 'codex-pre-tool-hook',
+    body: { action, toolName, target },
+  });
+  const hiveLifecycle = touchedFiles.length > 0
+    ? await recordHiveSessionLifecycle({
+        sessionId,
+        threadId: hiveThreadId,
+        event: 'tool_claim',
+        status: 'active',
+        intentSummary: \`Codex tool requested \${action}\${toolName ? ' via ' + toolName : ''}\`,
+        fileClaims: touchedFiles,
+        source: 'codex-pre-tool-hook',
+        body: { action, toolName, target },
+      })
+    : { ok: true, skipped: true, reason: 'no touched files' };
   const requestRef = makeEvidenceRef('codex_tool_request', { action, toolName, target }, { sessionId });
   const coach = await recordCoachPhase('pre_tool', {
     requestId: state?.traceId || sessionId,
@@ -564,7 +1453,22 @@ try {
     action,
     target,
     evidenceRefs: [requestRef],
-    metadata: { source: 'codex-pre-tool-hook', toolName, requireVerify: action === 'deploy' || action === 'delete' },
+    metadata: {
+      source: 'codex-pre-tool-hook',
+      toolName,
+      requireVerify: action === 'deploy' || action === 'delete',
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : [],
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      touchedFiles,
+      hiveTouch,
+      hiveLifecycle,
+      qaAutofire: {
+        mode: 'always-on-15',
+        phase: 'pre_tool',
+        correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+      },
+    },
   });
   if (coach?.permitted === false) {
     emitJson({
@@ -599,7 +1503,19 @@ try {
       action,
       target,
       evidenceRefs: [requestRef, gateRef],
-      metadata: { source: 'codex-pre-tool-hook', toolName, governanceGate: gateEvidence },
+      metadata: {
+        source: 'codex-pre-tool-hook',
+        toolName,
+        governanceGate: gateEvidence,
+        requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : [],
+        forcedSkillLoad: state?.forcedSkillLoad || null,
+        forcedSkillGaps,
+        qaAutofire: {
+          mode: 'always-on-15',
+          phase: 'pre_tool_gate_signal',
+          correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+        },
+      },
     });
     if (gateCoach?.permitted === false) {
       emitJson({
@@ -618,6 +1534,9 @@ try {
     action,
     toolName,
     target,
+    touchedFiles,
+    hiveTouch,
+    hiveLifecycle,
     evidenceRef: makeEvidenceRef('tool_request', { action, toolName, target }, { sessionId }),
   });
   saveTurnState(sessionId, {
@@ -638,6 +1557,7 @@ try {
 }
 
 function buildCodexPostToolHook(): string {
+  return readCanonicalCodexHook('aria-post-tool-use.mjs');
   return `#!/usr/bin/env node
 import {
   inferSessionId,
@@ -646,15 +1566,63 @@ import {
   makeEvidenceRef,
   recordCoachPhase,
   saveTurnState,
+  forcedSkillLoadGaps,
+  classifyAction,
+  extractToolTouchedFiles,
+  recordHiveFileTouch,
+  recordHiveSessionLifecycle,
   updateTaskProjectLedger,
 } from './lib/runtime-client.mjs';
 
+const ARIA_QA_AUTOFIRE_CYCLE = Object.freeze([
+  'qiyas_15_pass',
+  'tadabbur_full_canonical_12_stage',
+  'correct',
+  'enhance',
+  'harden',
+  'verify',
+]);
+
+const ARIA_QA_METHOD_CONTRACT = Object.freeze({
+  qiyas: 'Qiyas means full Qiyas-15 only. Mini Qiyas is not acceptable for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+  tadabbur: 'Tadabbur means the full canonical 12-stage Tadabbur path for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+});
+
 const event = readEventFromStdin();
 const sessionId = inferSessionId(event);
 const state = loadTurnState(sessionId);
 
 try {
   const toolResponse = JSON.stringify(event?.tool_response ?? event?.toolResponse ?? null).slice(0, 4000);
+  const action = classifyAction(event);
+  const touchedFiles = extractToolTouchedFiles(event, action);
+  const hiveThreadId = state?.hiveThreadId || null;
+  const hiveTouch = await recordHiveFileTouch({
+    sessionId,
+    threadId: hiveThreadId,
+    event: 'post_tool',
+    files: touchedFiles,
+    source: 'codex-post-tool-hook',
+    body: {
+      action,
+      toolName: event?.tool_name || event?.toolName || null,
+      success: !event?.error,
+    },
+  });
+  const hiveLifecycle = await recordHiveSessionLifecycle({
+    sessionId,
+    threadId: hiveThreadId,
+    event: event?.error ? 'tool_error' : 'tool_complete',
+    status: event?.error ? 'needs_review' : 'active',
+    intentSummary: event?.error ? 'Codex tool returned an error' : 'Codex tool completed',
+    fileClaims: touchedFiles,
+    source: 'codex-post-tool-hook',
+    body: {
+      action,
+      toolName: event?.tool_name || event?.toolName || null,
+      success: !event?.error,
+    },
+  });
   const evidenceRef = makeEvidenceRef('tool_response', event?.tool_response ?? event?.toolResponse ?? null, {
     sessionId,
     toolName: event?.tool_name || event?.toolName || null,
@@ -662,6 +1630,7 @@ try {
   const toolOutputs = Array.isArray(state?.toolOutputs) ? state.toolOutputs.slice(-24) : [];
   const verificationText = JSON.stringify(event).slice(0, 8000);
   const verification = !event?.error && /\\b(?:npm\\s+run\\s+(?:check|test|build|lint|typecheck)|(?:npx\\s+)?(?:jest|vitest|tsc|eslint)|check:|test:|build:|passed|exit\\s*0|0\\s*failures?)\\b/i.test(verificationText);
+  const forcedSkillGaps = forcedSkillLoadGaps(state);
   await recordCoachPhase('post_tool', {
     requestId: state?.traceId || sessionId,
     sessionId,
@@ -672,12 +1641,27 @@ try {
       toolName: event?.tool_name || event?.toolName || null,
       verification,
       error: event?.error || null,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : [],
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      touchedFiles,
+      hiveTouch,
+      hiveLifecycle,
+      qaAutofire: {
+        mode: 'always-on-15',
+        phase: 'post_tool',
+        correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+      },
     },
   });
   toolOutputs.push({
     at: new Date().toISOString(),
     toolName: event?.tool_name || event?.toolName || null,
     toolResponse,
+    action,
+    touchedFiles,
+    hiveTouch,
+    hiveLifecycle,
     evidenceRef,
   });
   saveTurnState(sessionId, {
@@ -693,6 +1677,14 @@ try {
       outcome_ref: evidenceRef,
       verification,
       commandResult: verification ? 'success' : '',
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : [],
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      qaAutofire: {
+        mode: 'always-on-15',
+        phase: 'post_tool',
+        correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+      },
     },
   });
   process.exit(0);
@@ -703,16 +1695,23 @@ try {
 }
 
 function buildCodexStopHook(): string {
+  return readCanonicalCodexHook('aria-stop.mjs');
   return `#!/usr/bin/env node
 import {
   inferSessionId,
   extractAssistantText,
   readEventFromStdin,
   runtimePost,
+  recordHiveSessionLifecycle,
   recordCoachPhase,
   loadTurnState,
   makeEvidenceRef,
   clearTurnState,
+  inferRequiredAriaSkills,
+  forcedSkillLoadGaps,
+  fullCognitionMethodGaps,
+  buildUniversalConnectorGoalContract,
+  evaluateGoalContractOutput,
   formatValidationFailure,
   formatCodexRecoveryBlock,
   isAriaControlBlock,
@@ -723,12 +1722,28 @@ import {
   emitJson,
 } from './lib/runtime-client.mjs';
 
+const ARIA_QA_AUTOFIRE_CYCLE = Object.freeze([
+  'qiyas_15_pass',
+  'tadabbur_full_canonical_12_stage',
+  'correct',
+  'enhance',
+  'harden',
+  'verify',
+]);
+
+const ARIA_QA_METHOD_CONTRACT = Object.freeze({
+  qiyas: 'Qiyas means full Qiyas-15 only. Mini Qiyas is not acceptable for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+  tadabbur: 'Tadabbur means the full canonical 12-stage Tadabbur path for architecture, runtime, code, QA, hook, SDK, worker, or harness work.',
+});
+
 const event = readEventFromStdin();
 const sessionId = inferSessionId(event);
 const state = loadTurnState(sessionId);
 const text = extractAssistantText(event);
+
 const outputRef = makeEvidenceRef('assistant_output', text, { sessionId, traceId: state?.traceId || null });
 const toolRefs = Array.isArray(state?.toolOutputs) ? state.toolOutputs.map((entry) => entry.evidenceRef).filter(Boolean) : [];
+const inferredRequiredSkills = inferRequiredAriaSkills(state?.userText || '');
 const ledgerResult = updateTaskProjectLedger({
   platform: 'codex',
   phase: 'stop',
@@ -744,12 +1759,60 @@ try {
     clearTurnState(sessionId);
     emitJson({ continue: true });
   }
+  const forcedSkillGaps = forcedSkillLoadGaps(state);
+  const cognitionMethodGaps = fullCognitionMethodGaps({ state, text });
+  if (cognitionMethodGaps.length > 0) {
+    emitJson({
+      decision: 'block',
+      reason: formatCodexRecoveryBlock({
+        surface: 'codex-stop-full-cognition-method',
+        reason: 'owner-facing output contains raw cognition method dump',
+        issues: cognitionMethodGaps,
+        next: '4. Re-author as a professional owner-readable closeout: one status line, 2-4 evidence bullets, concrete next action. Do not paste qiyas_15_pass, Tadabbur stages, or raw applied_cognition into the visible answer.',
+      }),
+    });
+  }
+  const qaAutofire = {
+    mode: 'always-on-15',
+    phase: 'stop',
+    correctionCycle: ARIA_QA_AUTOFIRE_CYCLE,
+    methodContract: ARIA_QA_METHOD_CONTRACT,
+  };
+  const goalContract = state?.goalContract || buildUniversalConnectorGoalContract({
+    userText: state?.userText || '',
+    phase: 'stop',
+  });
+  const goalQa = evaluateGoalContractOutput(text, {
+    userText: state?.userText || '',
+    goalContract,
+  });
+  if (goalQa.hardBlock) {
+    emitJson({
+      decision: 'block',
+      reason: formatCodexRecoveryBlock({
+        surface: 'codex-stop-goal-contract',
+        reason: 'active goal contract rejected drift or false completion risk',
+        issues: [...goalQa.blockers, ...goalQa.repairs],
+        next: '4. Re-author around the actual corpus-to-runtime wiring goal, name the next highest-impact action, include QA/correction/evidence, and keep receipts/gates as support only.',
+      }),
+    });
+  }
   const postGenerationCoach = await recordCoachPhase('post_generation', {
     requestId: state?.traceId || sessionId,
     sessionId,
     text,
     evidenceRefs: [outputRef],
-    metadata: { source: 'codex-stop-hook', requireCognitionBlock: false, requireAppliedCognition: false },
+    metadata: {
+      source: 'codex-stop-hook',
+      requireCognitionBlock: false,
+      requireAppliedCognition: false,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      goalContract,
+      goalQa,
+      qaAutofire: { ...qaAutofire, phase: 'post_generation' },
+    },
   });
   if (postGenerationCoach?.permitted === false) {
     emitJson({
@@ -813,7 +1876,18 @@ try {
     validation: validation?.validation || null,
     layer3: validation?.layer3 || null,
     evidenceRefs: [outputRef, makeEvidenceRef('runtime_validation', validation, { sessionId, traceId: state?.traceId || null }), ...(gateEvidence ? [makeEvidenceRef('governance_gate', gateEvidence, { sessionId })] : [])],
-    metadata: { source: 'codex-stop-hook', requireCognitionBlock: false, requireAppliedCognition: false, governanceGate: gateEvidence || null },
+    metadata: {
+      source: 'codex-stop-hook',
+      requireCognitionBlock: false,
+      requireAppliedCognition: false,
+      governanceGate: gateEvidence || null,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      goalContract,
+      goalQa,
+      qaAutofire: { ...qaAutofire, phase: 'pre_output' },
+    },
   });
   if (preOutputCoach?.permitted === false) {
     emitJson({
@@ -845,6 +1919,12 @@ try {
       trace_id: state?.traceId || null,
       output_ref: outputRef,
       tool_refs: toolRefs,
+      required_skills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forced_skill_load: state?.forcedSkillLoad || null,
+      forced_skill_gaps: forcedSkillGaps,
+      goal_contract: goalContract,
+      goal_qa: goalQa,
+      qa_autofire: { ...qaAutofire, phase: 'mizan_post' },
     },
     context: {
       sessionId,
@@ -865,7 +1945,17 @@ try {
       outputRef,
       makeEvidenceRef('mizan_post_receipt', post?.receipt || null, { sessionId, traceId: state?.traceId || null }),
     ],
-    metadata: { source: 'codex-stop-hook', requireCognitionBlock: false, requireAppliedCognition: false },
+    metadata: {
+      source: 'codex-stop-hook',
+      requireCognitionBlock: false,
+      requireAppliedCognition: false,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      goalContract,
+      goalQa,
+      qaAutofire: { ...qaAutofire, phase: 'post_output' },
+    },
   });
   await runtimePost('/decision/log', {
     session_id: sessionId,
@@ -886,6 +1976,12 @@ try {
       tool_count: Array.isArray(state?.tools) ? state.tools.length : 0,
       validation_severity: validation?.validation?.severity || 'pass',
       layer3_pass: validation?.layer3?.pass !== false,
+      required_skills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forced_skill_load: state?.forcedSkillLoad || null,
+      forced_skill_gaps: forcedSkillGaps,
+      goal_contract: goalContract,
+      goal_qa: goalQa,
+      qa_autofire: { ...qaAutofire, phase: 'decision_log' },
     },
   });
   if (typeof state?.userText === 'string' && state.userText.trim()) {
@@ -900,6 +1996,12 @@ try {
         decision_category: 'codex-hooks',
         trace_id: state?.traceId || null,
         output_ref: outputRef,
+        required_skills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+        forced_skill_load: state?.forcedSkillLoad || null,
+        forced_skill_gaps: forcedSkillGaps,
+        goal_contract: goalContract,
+        goal_qa: goalQa,
+        qa_autofire: { ...qaAutofire, phase: 'garden_turn' },
       },
     });
   }
@@ -912,6 +2014,12 @@ try {
       post_turn: true,
       output_ref: outputRef,
       verification: false,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      goalContract,
+      goalQa,
+      qaAutofire: { ...qaAutofire, phase: 'post_turn_ledger' },
     },
   });
   const releaseCoach = await recordCoachPhase('claim_or_release', {
@@ -927,6 +2035,12 @@ try {
       requireCognitionBlock: false,
       requireAppliedCognition: false,
       post_receipt_id: post?.receipt?.receiptId || null,
+      requiredSkills: Array.isArray(state?.requiredSkills) ? state.requiredSkills : inferredRequiredSkills,
+      forcedSkillLoad: state?.forcedSkillLoad || null,
+      forcedSkillGaps,
+      goalContract,
+      goalQa,
+      qaAutofire: { ...qaAutofire, phase: 'claim_or_release' },
     },
   });
   if (releaseCoach?.permitted === false) {
@@ -938,6 +2052,28 @@ try {
       }),
     });
   }
+  const touchedFileMap = new Map();
+  for (const entry of [...(Array.isArray(state?.tools) ? state.tools : []), ...(Array.isArray(state?.toolOutputs) ? state.toolOutputs : [])]) {
+    for (const file of Array.isArray(entry?.touchedFiles) ? entry.touchedFiles : []) {
+      if (file?.path && !touchedFileMap.has(file.path)) touchedFileMap.set(file.path, file);
+    }
+  }
+  await recordHiveSessionLifecycle({
+    sessionId,
+    threadId: state?.hiveThreadId || null,
+    event: 'turn_complete',
+    status: 'completed',
+    intentSummary: (state?.userText || text || 'Codex turn completed').slice(0, 240),
+    fileClaims: [...touchedFileMap.values()],
+    source: 'codex-stop-hook',
+    body: {
+      traceId: state?.traceId || null,
+      outputRef,
+      validationSeverity: validation?.validation?.severity || 'pass',
+      layer3Pass: validation?.layer3?.pass !== false,
+      goalQa,
+    },
+  });
   clearTurnState(sessionId);
   emitJson({ continue: true });
 } catch (error) {
@@ -955,7 +2091,11 @@ try {
 
 function buildCodexHooksToml(codexDir: string): string {
   const hooksDir = path.join(codexDir, 'hooks');
+  const configPath = path.join(codexDir, 'config.toml');
   const command = (name: string) => tomlString(`node ${path.join(hooksDir, name)}`);
+  const stateKey = (event: string, index: number) => tomlString(`${configPath}:${event}:${index}:0`);
+  const enabledState = (event: string, index: number) => `[hooks.state.${stateKey(event, index)}]
+enabled = true`;
   return `# BEGIN ARIA MANAGED HOOKS
 [hooks]
 managed_dir = ${tomlString(hooksDir)}
@@ -963,6 +2103,9 @@ managed_dir = ${tomlString(hooksDir)}
 [[hooks.UserPromptSubmit]]
 hooks = [{ type = "command", command = ${command('aria-userprompt-submit.mjs')} }]
 
+[[hooks.UserPromptSubmit]]
+hooks = [{ type = "command", command = ${command('aria-live-ticker.mjs')} }]
+
 [[hooks.PreToolUse]]
 matcher = ".*"
 hooks = [{ type = "command", command = ${command('aria-pre-tool-use.mjs')} }]
@@ -973,6 +2116,18 @@ hooks = [{ type = "command", command = ${command('aria-post-tool-use.mjs')} }]
 
 [[hooks.Stop]]
 hooks = [{ type = "command", command = ${command('aria-stop.mjs')} }]
+
+[hooks.state]
+
+${enabledState('user_prompt_submit', 0)}
+
+${enabledState('user_prompt_submit', 1)}
+
+${enabledState('pre_tool_use', 0)}
+
+${enabledState('post_tool_use', 0)}
+
+${enabledState('stop', 0)}
 # END ARIA MANAGED HOOKS
 `;
 }
@@ -995,14 +2150,21 @@ function installCodexHooksConfig(codexDir: string, logs: string[]): void {
 function installCodexHooks(codexDir: string, logs: string[]): void {
   const hooksDir = path.join(codexDir, 'hooks');
   mkdirSync(path.join(hooksDir, 'lib'), { recursive: true, mode: 0o755 });
+  mkdirSync(path.join(codexDir, 'lib'), { recursive: true, mode: 0o755 });
   const ledgerHelperSrc = packageTaskProjectLedgerHelperPath();
   if (!existsSync(ledgerHelperSrc)) {
     throw new Error(`Task/project ledger helper missing: ${ledgerHelperSrc}`);
   }
+  const projectBoundarySrc = packageProjectBoundaryCognitionPath();
+  if (!existsSync(projectBoundarySrc)) {
+    throw new Error(`Project boundary cognition helper missing: ${projectBoundarySrc}`);
+  }
 
   const files: Array<[string, string]> = [
     [path.join(hooksDir, 'lib', 'runtime-client.mjs'), buildCodexHookRuntimeClient()],
     [path.join(hooksDir, 'aria-userprompt-submit.mjs'), buildCodexUserPromptHook()],
+    [path.join(hooksDir, 'aria-live-ticker.mjs'), buildCodexLiveTickerHook()],
+    [path.join(hooksDir, 'aria-harness-ticker-sidecar.mjs'), buildCodexHarnessTickerSidecar()],
     [path.join(hooksDir, 'aria-pre-tool-use.mjs'), buildCodexPreToolHook()],
     [path.join(hooksDir, 'aria-post-tool-use.mjs'), buildCodexPostToolHook()],
     [path.join(hooksDir, 'aria-stop.mjs'), buildCodexStopHook()],
@@ -1014,6 +2176,8 @@ function installCodexHooks(codexDir: string, logs: string[]): void {
   }
   copyFileSync(ledgerHelperSrc, path.join(hooksDir, 'lib', 'task-project-ledger.mjs'));
   try { chmodSync(path.join(hooksDir, 'lib', 'task-project-ledger.mjs'), 0o755); } catch {}
+  copyFileSync(projectBoundarySrc, path.join(codexDir, 'lib', 'project-boundary-cognition.mjs'));
+  try { chmodSync(path.join(codexDir, 'lib', 'project-boundary-cognition.mjs'), 0o755); } catch {}
 
   logs.push(`Installed Codex native hooks → ${hooksDir}`);
   installCodexHooksConfig(codexDir, logs);
@@ -1134,10 +2298,19 @@ Lens roles for decisions:
 ## Structural Cognition Contract
 - Cognition is not accepted as proof by itself. It must change the next action, tool call, or output claim.
 - Each lens must affect work selection or artifact shape; do not write lenses after the decision is already made.
-- For every non-trivial output, include an \`<applied_cognition>\` block with \`decision_delta\`, \`dominant_domain\`, \`binds_to\`, \`expected_predicate\`, and \`artifact_change\`.
+- For every non-trivial output, applied cognition must change the answer, tool call, or claim boundary.
+- Owner-readable output comes first. Raw \`<applied_cognition>\` is required only when a gate or owner explicitly asks for machine-readable XML; otherwise fold the fields into concise prose.
 - Tool-bound cognition must name the exact tool/action it constrains and the measurable predicate that proves the action succeeded.
 - Deploy or destructive actions still require \`<verify>\` and \`<expected>\` blocks before execution.
 - If cognition did not change anything, stop and re-think; \`decision_delta: none\` is treated as performative.
+
+## Autofire Quality Continuation Contract
+- Actual goal: wire extracted books, doctrines, skills, runtimes, primitives, mappings, CLIs, connectors, and agent surfaces into the operating system so output improves automatically.
+- Receipts, gates, ledgers, and canaries are evidence, not the product. They pass only when they prove corpus-backed behavior changed the next action, QA, correction, verification, or learning loop.
+- For continuation work, name the next highest-quality, highest-impact step by default; do not make the owner ask for the obvious next action.
+- Forced QA is the ordinary gate: compare expected vs observed, name findings or explicit pass criteria, correct low-risk misses, verify with real evidence, and record Dalio-style lesson plus Reflexion-style next action.
+- Hard stops are reserved for secrets, destructive actions, deploy/publication boundaries, owner-contradicted actions, and proven false completion risk.
+- Final owner-facing output must be readable: status, evidence, QA/correction result, and next action. Do not dump lifecycle receipts or raw JSON unless the owner explicitly asks for raw receipt/debug evidence.
 `;
 }
 
@@ -1215,10 +2388,17 @@ function installAgentsMd(codexDir: string, config: AriaConfig, logs: string[]):
   logs.push(`Installed Codex must-read guide → ${mustReadPath}`);
 }
 
-export async function connectCodex(config: AriaConfig): Promise<string[]> {
+export async function connectCodex(config: AriaConfig, opts: { installWrapper?: boolean } = {}): Promise<string[]> {
   const logs: string[] = [];
   const codexDir = path.join(homedir(), '.codex');
 
+  await requireGovernedConnectorMutation({
+    surfaceId: 'codex',
+    action: 'install',
+    targetPath: codexDir,
+    reason: 'install Codex harness surface',
+  });
+
   if (!existsSync(codexDir)) {
     mkdirSync(codexDir, { recursive: true, mode: 0o700 });
     logs.push(`Created ${codexDir}`);
@@ -1231,6 +2411,10 @@ export async function connectCodex(config: AriaConfig): Promise<string[]> {
   installCodexHooks(codexDir, logs);
   installAriaCognitionSkills(codexDir, logs);
   syncDoctrineTriggerMap(logs);
-  logs.push(...await connectShell('codex', config));
+  if (opts.installWrapper === true) {
+    logs.push(...await connectShell('codex', config));
+  } else {
+    logs.push('Skipped Codex shell wrapper install; Codex direct login/default provider path remains untouched. Use aria connect --with-wrappers only when explicitly desired.');
+  }
   return logs;
 }