@claude-flow/cli 3.12.0 → 3.12.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/.claude/helpers/auto-memory-hook.mjs +34 -4
  2. package/.claude/helpers/hook-handler.cjs +17 -13
  3. package/.claude/helpers/intelligence.cjs +16 -2
  4. package/README.md +7 -4
  5. package/dist/src/commands/daemon.d.ts.map +1 -1
  6. package/dist/src/commands/daemon.js +76 -7
  7. package/dist/src/commands/daemon.js.map +1 -1
  8. package/dist/src/commands/init.d.ts.map +1 -1
  9. package/dist/src/commands/init.js +24 -3
  10. package/dist/src/commands/init.js.map +1 -1
  11. package/dist/src/commands/security.d.ts.map +1 -1
  12. package/dist/src/commands/security.js +70 -12
  13. package/dist/src/commands/security.js.map +1 -1
  14. package/dist/tsconfig.tsbuildinfo +1 -1
  15. package/package.json +3 -2
  16. package/plugins/ruflo-metaharness/.claude-flow/data/pending-insights.jsonl +1 -0
  17. package/plugins/ruflo-metaharness/.claude-flow/neural/stats.json +6 -0
  18. package/plugins/ruflo-metaharness/.claude-plugin/plugin.json +32 -0
  19. package/plugins/ruflo-metaharness/README.md +64 -0
  20. package/plugins/ruflo-metaharness/agents/metaharness-architect.md +58 -0
  21. package/plugins/ruflo-metaharness/commands/ruflo-metaharness.md +46 -0
  22. package/plugins/ruflo-metaharness/scripts/_harness.mjs +261 -0
  23. package/plugins/ruflo-metaharness/scripts/_similarity.mjs +161 -0
  24. package/plugins/ruflo-metaharness/scripts/_spike-similarity.mjs +223 -0
  25. package/plugins/ruflo-metaharness/scripts/audit-list.mjs +158 -0
  26. package/plugins/ruflo-metaharness/scripts/audit-trend.mjs +272 -0
  27. package/plugins/ruflo-metaharness/scripts/bench-parse-mcp-scan.mjs +146 -0
  28. package/plugins/ruflo-metaharness/scripts/bench-recordpair-overhead.mjs +186 -0
  29. package/plugins/ruflo-metaharness/scripts/bench-similarity.mjs +177 -0
  30. package/plugins/ruflo-metaharness/scripts/drift-from-history.mjs +363 -0
  31. package/plugins/ruflo-metaharness/scripts/genome.mjs +80 -0
  32. package/plugins/ruflo-metaharness/scripts/mcp-scan.mjs +111 -0
  33. package/plugins/ruflo-metaharness/scripts/mint.mjs +119 -0
  34. package/plugins/ruflo-metaharness/scripts/oia-audit.mjs +228 -0
  35. package/plugins/ruflo-metaharness/scripts/router-parallel-analyze.mjs +250 -0
  36. package/plugins/ruflo-metaharness/scripts/score.mjs +92 -0
  37. package/plugins/ruflo-metaharness/scripts/similarity.mjs +158 -0
  38. package/plugins/ruflo-metaharness/scripts/smoke.sh +2268 -0
  39. package/plugins/ruflo-metaharness/scripts/test-graceful-degradation.mjs +141 -0
  40. package/plugins/ruflo-metaharness/scripts/test-mcp-tools.mjs +437 -0
  41. package/plugins/ruflo-metaharness/scripts/test-parallel-pipeline.mjs +204 -0
  42. package/plugins/ruflo-metaharness/scripts/test-pipeline-roundtrip.mjs +586 -0
  43. package/plugins/ruflo-metaharness/scripts/test-similarity.mjs +334 -0
  44. package/plugins/ruflo-metaharness/scripts/test-with-openrouter.mjs +229 -0
  45. package/plugins/ruflo-metaharness/scripts/threat-model.mjs +59 -0
  46. package/plugins/ruflo-metaharness/skills/harness-drift-from-history/SKILL.md +65 -0
  47. package/plugins/ruflo-metaharness/skills/harness-genome/SKILL.md +54 -0
  48. package/plugins/ruflo-metaharness/skills/harness-mcp-scan/SKILL.md +47 -0
  49. package/plugins/ruflo-metaharness/skills/harness-mint/SKILL.md +72 -0
  50. package/plugins/ruflo-metaharness/skills/harness-oia-audit/SKILL.md +79 -0
  51. package/plugins/ruflo-metaharness/skills/harness-score/SKILL.md +66 -0
  52. package/plugins/ruflo-metaharness/skills/harness-similarity/SKILL.md +67 -0
  53. package/plugins/ruflo-metaharness/skills/harness-threat-model/SKILL.md +39 -0
@@ -0,0 +1,65 @@
1
+ ---
2
+ name: harness-drift-from-history
3
+ description: One-command drift detection. Composes audit-list + oia-audit + audit-trend into a single primitive — finds the most recent audit in `metaharness-audit` namespace, runs a fresh audit against the current repo, diffs them via ADR-152 §3.1 similarity, and alerts when structural distance crosses `--threshold`. Iter 53 of ADR-150 deep integration.
4
+ argument-hint: "[--path .] [--baseline-since 7d] [--threshold 0.95] [--dry-run] [--format json|table]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ The natural ops question after running `oia-audit` weekly is "did anything drift?" Before this skill, the answer required a three-step sequence:
9
+
10
+ ```bash
11
+ npx ruflo metaharness audit-list --format json # → pick a key by hand
12
+ npx ruflo metaharness oia-audit --format json > /tmp/curr.json
13
+ npx ruflo metaharness audit-trend \
14
+ --baseline-key <picked-key> --current /tmp/curr.json \
15
+ --alert-on-distance-below 0.95
16
+ ```
17
+
18
+ This skill collapses it into one command:
19
+
20
+ ```bash
21
+ npx ruflo metaharness drift-from-history --threshold 0.95
22
+ ```
23
+
24
+ ## What it does
25
+
26
+ 1. Lists records from `metaharness-audit` namespace via audit-list.mjs
27
+ 2. Picks the most recent record by `startedAt` (or `--baseline-since 7d` skips anything newer than 7 days)
28
+ 3. Runs a fresh `oia-audit` against the current path
29
+ 4. Diffs the two via audit-trend, applying `--alert-on-distance-below ${threshold}`
30
+ 5. Returns the structured drift report
31
+
32
+ ## Architectural constraint inheritance (ADR-150)
33
+
34
+ | Constraint | How drift-from-history satisfies it |
35
+ |---|---|
36
+ | Removable | Pure subprocess composition over existing scripts — no new `@metaharness/*` import |
37
+ | Optional | If oia-audit reports `degraded:true`, this skill exits 3 with a degraded payload |
38
+ | Graceful | Empty audit history → exit 2 with hint to seed it; never crashes |
39
+ | CI-gate | Smoke step 17z16 anchors the dispatcher entry + subcommand listing |
40
+
41
+ ## Exit codes
42
+
43
+ - 0 — similarity ≥ threshold (or threshold not crossed)
44
+ - 1 — drift detected: similarity < threshold (alert fired)
45
+ - 2 — config error (no history, audit-list failed)
46
+ - 3 — upstream metaharness absent (degraded payload returned)
47
+
48
+ ## Example
49
+
50
+ ```bash
51
+ $ npx ruflo metaharness drift-from-history --threshold 0.95
52
+ # drift-from-history
53
+
54
+ Baseline: audit-2026-06-16T22-58-47-840Z
55
+ Current: 2026-06-16T23:05:02.231Z
56
+
57
+ Structural similarity: 1 (near-identical)
58
+ Distance: 0
59
+
60
+ ✓ similarity ≥ 0.95 — OK
61
+ ```
62
+
63
+ ## Implementation
64
+
65
+ [`scripts/drift-from-history.mjs`](../../scripts/drift-from-history.mjs)
@@ -0,0 +1,54 @@
1
+ ---
2
+ name: harness-genome
3
+ description: 7-section repo readiness report from `metaharness genome <path>`. Returns repo_type / agent_topology / risk_score / mcp_surface / test_confidence / publish_readiness. Pure-read; degrades gracefully (ADR-150).
4
+ argument-hint: "[--path .] [--alert-on-risk-above 0.5] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ Companion to `harness-score`. Where score is a 5-dimension numeric
9
+ scorecard, genome is a 7-section categorical/numeric report covering
10
+ repo type, agent topology recommendations, risk score (0-1), MCP
11
+ surface area, test confidence (0-1), and publish readiness (0-1).
12
+
13
+ ## Algorithm
14
+
15
+ Implementation: [`scripts/genome.mjs`](../../scripts/genome.mjs).
16
+
17
+ 1. Shell out to `npx metaharness genome <path> --json` (60s hard timeout).
18
+ 2. Parse the shape: `{ repo_type, agent_topology[], risk_score,
19
+ mcp_surface, test_confidence, publish_readiness }`.
20
+ 3. If `--alert-on-risk-above N`: exit 1 when `risk_score > N`.
21
+ 4. Output JSON (default) or markdown.
22
+
23
+ ## Phase-0 baseline (ruflo, measured 2026-06-16)
24
+
25
+ ```
26
+ {
27
+ "repo_type": "node_mcp_ci",
28
+ "agent_topology": ["maintainer", "tester", "security", "release"],
29
+ "risk_score": 0.27,
30
+ "mcp_surface": "remote",
31
+ "test_confidence": 0.8,
32
+ "publish_readiness": 0.9
33
+ }
34
+ ```
35
+
36
+ Ruflo's `risk_score: 0.27` is low (good). `publish_readiness: 0.9` is
37
+ high. The `mcp_surface: "remote"` reflects that ruflo's MCP servers are
38
+ hosted, not bundled.
39
+
40
+ ## When to use
41
+
42
+ - Pre-mint review: "before scaffolding a custom harness from this repo,
43
+ should we?" — genome answers it categorically.
44
+ - Drift detection: capture genome snapshots over time, diff via
45
+ cost-diff-style tooling to spot when `agent_topology` recommendations
46
+ drift away from a deliberate architecture choice.
47
+ - CI gate: `--alert-on-risk-above 0.5` fails the build when the repo's
48
+ risk profile crosses a threshold.
49
+
50
+ ## Pairs with
51
+
52
+ - `harness-score` — numeric readiness
53
+ - `harness-mcp-scan` — static MCP security findings
54
+ - `harness-threat-model` — enterprise-review-grade threat model
@@ -0,0 +1,47 @@
1
+ ---
2
+ name: harness-mcp-scan
3
+ description: Static security scan of a harness's declared MCP surface via `harness mcp-scan <path>`. Reads `.mcp/servers.json` + `.harness/claims.json`. Pure-read, no dispatch. Exits 1 on findings at or above `--fail-on` severity.
4
+ argument-hint: "[--path .] [--fail-on low|medium|high] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ Calls `harness mcp-scan` to enumerate every declared MCP server + tool
9
+ and flag policy / permission / dependency issues. Never executes any
10
+ tool; pure static analysis.
11
+
12
+ ## Algorithm
13
+
14
+ Implementation: [`scripts/mcp-scan.mjs`](../../scripts/mcp-scan.mjs).
15
+
16
+ 1. Shell `npx -p metaharness@latest harness mcp-scan <path> --json`.
17
+ 2. Parse `findings[]` with `{ severity, id, server, tool, message }`.
18
+ 3. `--fail-on <severity>`: exit 1 when any finding is at or above that
19
+ level. Default `high`.
20
+ 4. Output JSON (default) or markdown table.
21
+
22
+ ## Severity rank
23
+
24
+ | Severity | Rank |
25
+ |---|---:|
26
+ | low | 1 |
27
+ | medium | 2 |
28
+ | high | 3 |
29
+
30
+ `--fail-on high` (default) only fails on HIGH; `--fail-on medium` also
31
+ fails on MEDIUM; `--fail-on low` fails on any finding.
32
+
33
+ ## CI integration
34
+
35
+ ```yaml
36
+ - name: MCP static scan
37
+ run: node plugins/ruflo-metaharness/scripts/mcp-scan.mjs --fail-on high
38
+ ```
39
+
40
+ The exit code is the only thing CI watches; the JSON output goes to
41
+ artifacts for human review.
42
+
43
+ ## Graceful degradation
44
+
45
+ When `harness` binary is unavailable (no network, blocked registry),
46
+ emits structured `{ degraded: true, reason: 'metaharness-not-available' }`
47
+ and exits 0. Ruflo continues — ADR-150 architectural constraint.
@@ -0,0 +1,72 @@
1
+ ---
2
+ name: harness-mint
3
+ description: Scaffold a custom AI agent harness via `metaharness new <name> --template <id> --host <id>`. Defaults to DRY-RUN (no writes) unless --confirm is passed. Refuses to write to the calling repo root or anywhere inside it. Honors ADR-150 architectural constraint + ruflo's "destructive-action confirmation" pattern.
4
+ argument-hint: "--name <id> --template <vertical:coding|minimal|…> [--host claude-code|codex|…] [--target /abs/path] [--confirm] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ The one write-capable skill in the plugin. Every other skill is
9
+ pure-read. This one calls `metaharness new`, which writes a new
10
+ directory tree.
11
+
12
+ ## Safety (load-bearing)
13
+
14
+ 1. **Dry-run by default.** Without `--confirm`, the script prints what
15
+ it would do and exits 0 without touching disk.
16
+ 2. **Refuses project root.** If `--target` resolves to the current
17
+ working directory OR any path inside it, the script errors out with
18
+ exit 2. Target must be an absolute path OUTSIDE the calling repo
19
+ (default is a fresh `/tmp/ruflo-mint-<ts>-<name>/` dir).
20
+ 3. **Refuses existing target.** Won't overwrite — must scaffold into a
21
+ non-existent dir.
22
+ 4. **Subprocess + 60s timeout.** No library import, no in-process
23
+ execution. The mint stays sandboxed from ruflo's runtime.
24
+
25
+ ## Algorithm
26
+
27
+ Implementation: [`scripts/mint.mjs`](../../scripts/mint.mjs).
28
+
29
+ 1. Validate `--name`, `--template`. Default `--host` to `claude-code`.
30
+ 2. Resolve `--target` (default: temp dir).
31
+ 3. Run safety checks (no project-root writes; target must not exist).
32
+ 4. Without `--confirm`: emit dry-run plan, exit 0.
33
+ 5. With `--confirm`: shell `npx metaharness new <name> --template <id>
34
+ --host <id> --target <abs> --yes`.
35
+
36
+ ## Templates
37
+
38
+ `minimal`, `vertical:coding`, `vertical:devops`, `vertical:support`,
39
+ `vertical:legal`, `vertical:research`, `vertical:trading`, `vertical:health`,
40
+ `vertical:education`, `vertical:sales`, `vertical:business`,
41
+ `vertical:crm`, `vertical:marketing`, `vertical:advertising`,
42
+ `vertical:ai`, `vertical:agentics`, `vertical:ruview`, `vertical:gaming`,
43
+ `vertical:repo-maintainer`, `vertical:exotic`.
44
+
45
+ ## Hosts
46
+
47
+ `claude-code`, `codex`, `pi-dev`, `hermes`, `openclaw`, `rvm`,
48
+ `copilot`, `opencode`, `github-actions`.
49
+
50
+ ## Example dry-run
51
+
52
+ ```
53
+ $ node scripts/mint.mjs --name my-harness --template vertical:coding --host claude-code
54
+ # harness-mint (dry-run)
55
+
56
+ - action: metaharness new
57
+ - name: my-harness
58
+ - template: vertical:coding
59
+ - host: claude-code
60
+ - target: /tmp/ruflo-mint-1718560000-my-harness
61
+ - confirm: false
62
+ - willWrite: false
63
+
64
+ Re-run with `--confirm` to actually scaffold.
65
+ ```
66
+
67
+ ## Why dry-run by default
68
+
69
+ Ruflo's behavioral rules say "executing actions with care" — destructive
70
+ or repo-touching actions need confirmation. The dry-run output makes the
71
+ WHAT visible before the WHEN. A human sees `target`, decides, then
72
+ adds `--confirm` if happy.
@@ -0,0 +1,79 @@
1
+ ---
2
+ name: harness-oia-audit
3
+ description: Composite Phase-2 audit worker (ADR-150). Bundles harness oia-manifest + threat-model + mcp-scan into one timestamped audit record stored in the `metaharness-audit` memory namespace. Designed for cron-scheduled drift detection.
4
+ argument-hint: "[--path .] [--dry-run] [--alert-on-worst clean|low|medium|high] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ The 13th worker (ADR-150 Phase 2) — runs three MetaHarness static
9
+ surfaces in one shot, computes a composite worst-severity signal, and
10
+ persists the audit record to memory so drift over time is visible.
11
+
12
+ ## Algorithm
13
+
14
+ Implementation: [`scripts/oia-audit.mjs`](../../scripts/oia-audit.mjs).
15
+
16
+ 1. Run `harness oia-manifest <path>` — Open Infrastructure Architecture
17
+ layer alignment (L1-L9).
18
+ 2. Run `harness threat-model <path>` — categorized MCP-surface threat
19
+ report with `worst: clean|low|medium|high`.
20
+ 3. Run `harness mcp-scan <path>` — per-server/tool policy + permissions
21
+ + dep findings.
22
+ 4. Composite worst = `max(threatModel.worst, max(mcpScan.findings.severity))`.
23
+ 5. Persist payload to memory namespace `metaharness-audit` with key
24
+ `audit-<iso-timestamp>` (unless `--dry-run`).
25
+ 6. `--alert-on-worst <severity>`: exit 1 if composite worst ≥ threshold.
26
+
27
+ ## Graceful degradation
28
+
29
+ When ALL three components report `metaharness-not-available`, the script
30
+ emits the standard degraded payload and exits 0. When only some are
31
+ degraded, each individual component carries its own `degraded: true`
32
+ flag in the audit record — the audit still runs and persists what it
33
+ could gather.
34
+
35
+ ## CI / cron integration
36
+
37
+ Designed for weekly cron in `.github/workflows/`:
38
+
39
+ ```yaml
40
+ on:
41
+ schedule:
42
+ - cron: '17 4 * * 0' # Sundays at 04:17 UTC
43
+ jobs:
44
+ oia-audit:
45
+ runs-on: ubuntu-latest
46
+ steps:
47
+ - uses: actions/checkout@v4
48
+ - uses: actions/setup-node@v4
49
+ - run: node plugins/ruflo-metaharness/scripts/oia-audit.mjs --alert-on-worst high
50
+ ```
51
+
52
+ `--alert-on-worst high` fails the job on any HIGH-severity finding;
53
+ drift below HIGH is logged but doesn't block.
54
+
55
+ ## Memory namespace
56
+
57
+ Each audit run stores under `metaharness-audit:audit-<iso-ts>`. To list
58
+ recent audits:
59
+
60
+ ```bash
61
+ npx @claude-flow/cli@latest memory list --namespace metaharness-audit --limit 10
62
+ ```
63
+
64
+ To diff two audits (drift detection):
65
+
66
+ ```bash
67
+ A=$(npx ... memory retrieve --key audit-2026-06-01... --namespace metaharness-audit)
68
+ B=$(npx ... memory retrieve --key audit-2026-06-15... --namespace metaharness-audit)
69
+ # Compare composite.worst, components.threatModel.worst, etc.
70
+ ```
71
+
72
+ A future ADR can wire this into a dedicated `cost-diff`-style diff
73
+ viewer specifically for audit drift.
74
+
75
+ ## Pairs with
76
+
77
+ - `harness-threat-model` — the underlying threat-model component
78
+ - `harness-mcp-scan` — the underlying MCP-scan component
79
+ - `harness-score` + `harness-genome` — readiness metrics (orthogonal to audit)
@@ -0,0 +1,66 @@
1
+ ---
2
+ name: harness-score
3
+ description: 5-dimension harness readiness scorecard from `metaharness score <path>`. Returns harnessFit / compileConfidence / taskCoverage / toolSafety / memoryUsefulness + estCostPerRunUsd + scaffoldReady. Pure-read; subprocess invocation; degrades gracefully when MetaHarness is absent (ADR-150 architectural constraint).
4
+ argument-hint: "[--path .] [--alert-on-fit-below 70] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ Surfaces the upstream `metaharness score` CLI as a ruflo skill. Use when
9
+ Claude Code needs to assess whether a repo is ready for harness adoption
10
+ before recommending the user run `npx ruflo init` or `harness-mint`.
11
+
12
+ ## Algorithm
13
+
14
+ Implementation: [`scripts/score.mjs`](../../scripts/score.mjs).
15
+
16
+ 1. Shell out to `npx metaharness score <path> --json` (single subprocess,
17
+ 60s hard timeout).
18
+ 2. Parse the JSON shape: `{ harnessFit, compileConfidence, taskCoverage,
19
+ toolSafety, memoryUsefulness, estCostPerRunUsd, recommendedMode,
20
+ archetype, template, scaffoldReady, hardConstraints }`.
21
+ 3. If `--alert-on-fit-below N`: exit 1 when `harnessFit < N`.
22
+ 4. Output JSON (default) or markdown table.
23
+
24
+ ## Phase-0 baseline (ruflo's own scorecard, measured 2026-06-16)
25
+
26
+ | Dimension | Value |
27
+ |---|---:|
28
+ | harnessFit | 82/100 |
29
+ | compileConfidence | 100 |
30
+ | taskCoverage | 79 |
31
+ | toolSafety | 100 |
32
+ | memoryUsefulness | 40 |
33
+ | estCostPerRunUsd | $0.048 |
34
+ | recommendedMode | CLI + MCP |
35
+ | archetype | typescript-sdk-harness |
36
+ | template | vertical:coding |
37
+ | scaffoldReady | true |
38
+
39
+ Ruflo passes its own readiness check. `memoryUsefulness: 40` is the
40
+ weakest dimension — track this as a leading indicator for future memory
41
+ work in the AgentDB layer.
42
+
43
+ ## CI integration
44
+
45
+ ```bash
46
+ node plugins/ruflo-metaharness/scripts/score.mjs --alert-on-fit-below 70 --format json
47
+ ```
48
+
49
+ Exit 1 fails the build. Pair with `harness-genome` for the full
50
+ 7-section view.
51
+
52
+ ## Graceful degradation (ADR-150 architectural constraint rule #3)
53
+
54
+ When `metaharness` is not installed and `npx` can't fetch it (offline,
55
+ no network, registry unreachable), the script emits:
56
+
57
+ ```json
58
+ {
59
+ "degraded": true,
60
+ "reason": "metaharness-not-available",
61
+ "hint": "Install metaharness manually with `npm i -D metaharness` or run `npx metaharness@latest --version` to verify network access."
62
+ }
63
+ ```
64
+
65
+ and exits 0. Ruflo continues to function — this is the architectural
66
+ constraint in action.
@@ -0,0 +1,67 @@
1
+ ---
2
+ name: harness-similarity
3
+ description: ADR-152 — weighted similarity between two harness fingerprints (genome + score JSON). Returns overall score in [0,1] plus per-component breakdown (cosine over 9 numerics, categorical agreement over 4 enums, jaccard over agent_topology). Unblocks ADR-151 §3.2 Recommender, §3.3 Drift Detection, §3.5 Plugin Compat. Pure-TS, no `@metaharness/*` dep — preserves ADR-150's four architectural constraints.
4
+ argument-hint: "(--a a.json --b b.json | --a-key X --b-key Y) [--per-dimension] [--alert-below 0.5] [--format json|table]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ Surfaces the production similarity function from [`scripts/_similarity.mjs`](../../scripts/_similarity.mjs) as a callable skill. Use when an agent needs to:
9
+
10
+ - decide whether to fork an existing harness vs scaffold a new one
11
+ - rank candidate templates against a target repo's genome
12
+ - diff two harnesses produced by different teams to find duplicate work
13
+ - generate the confidence number that ADR-151 §3.2's Recommender wraps
14
+
15
+ ## Algorithm (from ADR-152 §Decision)
16
+
17
+ ```
18
+ overall = 0.60·cosine + 0.25·categorical + 0.15·jaccard
19
+ ```
20
+
21
+ - **cosine** — over a 9-dim numerical vector of normalized scorecard + genome dims
22
+ - **categorical** — fraction of 4 enum fields that match (`repo_type`, `archetype`, `template`, `recommendedMode`)
23
+ - **jaccard** — `|A ∩ B| / |A ∪ B|` over the `agent_topology[]` array
24
+
25
+ The 3-component design is load-bearing: numerical cosine alone is too coarse (the iter-35 spike showed LEGAL vs DEVOPS at cosine=0.97 despite being unrelated verticals). Categorical + jaccard pull the composite to the correct ordering.
26
+
27
+ ## Reference outputs (iter-35 spike fixtures)
28
+
29
+ | Pair | overall | cosine | categorical | jaccard |
30
+ |---|---:|---:|---:|---:|
31
+ | `LEGAL` × `LEGAL` (self) | 1.0000 | 1.0000 | 1.0000 | 1.0000 |
32
+ | `LEGAL` × `SUPPORT` | 0.8296 | 0.9987 | 0.7500 | 0.2857 |
33
+ | `LEGAL` × `DEVOPS` | 0.5840 | 0.9734 | 0.0000 | 0.0000 |
34
+
35
+ Both invariants from ADR-152 §"Smallest demonstrable spike" hold:
36
+ 1. `similarity(X, X) === 1` exactly
37
+ 2. `similarity(LEGAL, DEVOPS) < similarity(LEGAL, SUPPORT)` (vertical affinity)
38
+
39
+ ## Architectural constraint inheritance (ADR-150)
40
+
41
+ - **Removable** — pure-TS function, zero static `@metaharness/*` imports.
42
+ - **Optional** — no new dep in `package.json`.
43
+ - **Graceful** — malformed inputs emit `{ degraded: true, reason }` with exit code 2; never throws.
44
+ - **CI-gate** — smoke step 17y locks the contract: module exports, spike fixtures reproduce, CLI dispatcher entry registered, MCP tool registered.
45
+
46
+ ## Usage
47
+
48
+ ```bash
49
+ # File inputs
50
+ npx ruflo metaharness similarity --a a.json --b b.json
51
+
52
+ # Memory inputs (records persisted by oia-audit.mjs)
53
+ npx ruflo metaharness similarity --a-key harness-X --b-key harness-Y
54
+
55
+ # Per-dimension breakdown (used by ADR-151 §3.2 Recommender)
56
+ npx ruflo metaharness similarity --a a.json --b b.json --per-dimension
57
+
58
+ # Alert when too-dissimilar (used by ADR-151 §3.3 Drift Detection)
59
+ npx ruflo metaharness similarity --a a.json --b b.json --alert-below 0.5
60
+ ```
61
+
62
+ ## Implementation
63
+
64
+ Production module: [`scripts/_similarity.mjs`](../../scripts/_similarity.mjs)
65
+ CLI skill: [`scripts/similarity.mjs`](../../scripts/similarity.mjs)
66
+ MCP tool: `mcp__claude-flow__metaharness_similarity` (registered in `v3/@claude-flow/cli/src/mcp-tools/metaharness-tools.ts`)
67
+ Spike anchor: [`scripts/_spike-similarity.mjs`](../../scripts/_spike-similarity.mjs) (regression suite — invariants locked here)
@@ -0,0 +1,39 @@
1
+ ---
2
+ name: harness-threat-model
3
+ description: Enterprise-review-grade threat model from `harness threat-model <path>`. Categorizes MCP-surface threats; emits `worst: 'clean'|'low'|'medium'|'high'` + per-threat findings. Pure-read.
4
+ argument-hint: "[--path .] [--fail-on clean|low|medium|high] [--format table|json]"
5
+ allowed-tools: Bash
6
+ ---
7
+
8
+ The companion to `harness-mcp-scan` for enterprise security reviews.
9
+ Where mcp-scan is a per-server static lint, threat-model produces a
10
+ categorized report suitable for sharing with an InfoSec team.
11
+
12
+ ## Algorithm
13
+
14
+ Implementation: [`scripts/threat-model.mjs`](../../scripts/threat-model.mjs).
15
+
16
+ 1. Shell `npx -p metaharness@latest harness threat-model <path> --json`.
17
+ 2. Parse `{ worst, findings[] }`.
18
+ 3. `--fail-on <severity>`: exit 1 when `worst >= fail-on`. Default `high`.
19
+
20
+ ## Severity rank
21
+
22
+ | Severity | Rank |
23
+ |---|---:|
24
+ | clean | 0 |
25
+ | low | 1 |
26
+ | medium | 2 |
27
+ | high | 3 |
28
+
29
+ ## When to use
30
+
31
+ - Pre-launch review: include the JSON output in the release-readiness
32
+ packet sent to security.
33
+ - Periodic audit: schedule via the planned `oia-audit` background
34
+ worker (ADR-150 Phase 2) to detect MCP-surface drift.
35
+
36
+ ## Graceful degradation
37
+
38
+ Same pattern as the other skills: when `harness` is absent, emit
39
+ `{ degraded: true }` and exit 0. ADR-150 architectural constraint.