@harness-engineering/cli 1.8.0 → 1.8.1

package/dist/agents/skills/gemini-cli/check-mechanical-constraints/SKILL.md

@@ -0,0 +1,191 @@
+# Check Mechanical Constraints
+
+> Run all mechanical constraint checks: linter rules, boundary schemas, and forbidden imports. These are automated, enforceable rules — if it can be checked by a machine, it must be.
+
+## When to Use
+
+- Before every commit (ideally via pre-commit hook)
+- Before submitting a pull request for review
+- After any code generation or automated refactoring
+- When `on_pre_commit` or `on_validate` triggers fire
+- After resolving merge conflicts (constraints may have been silently violated)
+- NOT as a substitute for code review — mechanical constraints catch structural issues, not logic errors
+- NOT when only editing non-code files (docs, config) unless those files have their own schema constraints
+
+## Process
+
+### Phase 1: Run All Checks
+
+1. **Run `harness validate`** to check project-wide constraints: file structure, naming conventions, required files, and configuration validity.
+
+2. **Run `harness linter validate`** to check all linter rules: code style, import restrictions, forbidden patterns, and boundary schemas.
+
+3. **Run `harness check-deps`** to check architectural layer boundaries. This is included here because dependency violations are mechanical — they can be detected purely from import statements and the constraint config.
+
+4. **Capture all output.** Combine results from all three commands into a single violation list for triage.
+
+### Phase 2: Categorize Violations by Severity
+
+Organize violations into three tiers:
+
+**Tier 1 — Errors (must fix before commit):**
+
+- Forbidden imports (importing banned modules)
+- Layer boundary violations (importing across architectural boundaries)
+- Schema violations (config files that do not match required schema)
+- Missing required files (every package must have index.ts, etc.)
+
+**Tier 2 — Warnings (must fix before merge):**
+
+- Naming convention violations (wrong casing, wrong prefix)
+- Import ordering issues
+- Unused exports detected by linter
+- Documentation file references that do not resolve
+
+**Tier 3 — Info (fix when convenient):**
+
+- Style suggestions (formatting that does not affect behavior)
+- Complexity warnings (functions exceeding thresholds)
+- Minor inconsistencies with project conventions
+
+### Phase 3: Auto-Fix Where Safe
+
+Some violations can be fixed automatically without risk:
+
+- **Import ordering** — reorder imports to match the configured convention. This never changes behavior.
+- **Formatting** — apply the project's formatter (prettier, etc.). Pure whitespace and style changes.
+- **Simple forbidden imports** — when a forbidden import has a known replacement (e.g., `import lodash` to `import lodash-es`), apply the substitution.
+- **Missing trailing commas, semicolons** — mechanical formatting fixes.
+
+**Rules for auto-fix:**
+
+- ONLY auto-fix violations that cannot change runtime behavior
+- Run the test suite after auto-fixing to confirm nothing broke
+- Present the auto-fix diff to the user for awareness (do not silently change code)
+- If unsure whether a fix is safe, do NOT auto-fix — report it for manual resolution
+
+### Phase 4: Report Remaining Violations
+
+For each violation that was not auto-fixed, report:
+
+1. **File and line number** — exact location of the violation
+2. **Rule name** — which constraint was violated
+3. **What it protects against** — why this rule exists (see reference below)
+4. **How to fix** — specific guidance for resolving this type of violation
+5. **Severity tier** — whether it blocks commit, merge, or is informational
+
+## What Each Constraint Type Protects Against
+
+### Forbidden Imports
+
+**Protects against:** Implementation detail leakage and unwanted coupling. When a library is forbidden in a layer, it is because using it there would create a dependency that makes the layer harder to test, replace, or maintain. Example: forbidding `fs` in the UI layer ensures UI code never directly accesses the filesystem.
+
+### Layer Boundaries
+
+**Protects against:** Architectural erosion. Without enforced boundaries, codebases gradually become a tangle where everything depends on everything. Layer boundaries ensure changes in one area do not ripple unpredictably through the whole system.
+
+### Boundary Schemas
+
+**Protects against:** Configuration drift and invalid state. When config files must match a schema, you catch invalid configurations at lint time rather than at runtime. This prevents deployment failures and hard-to-debug runtime errors.
+
+### Naming Conventions
+
+**Protects against:** Cognitive overhead and inconsistency. Consistent naming means developers (human and AI) can predict file locations, function names, and module structure without searching. It also ensures automated tools that rely on naming patterns continue to work.
+
+### Required File Rules
+
+**Protects against:** Incomplete modules. When every package must have an `index.ts` or every component must have a test file, you ensure that the project structure remains complete and navigable.
+
+### Import Ordering
+
+**Protects against:** Merge conflicts and readability issues. Consistent import ordering reduces git conflicts when multiple developers add imports to the same file. It also makes imports scannable at a glance.
+
+## Harness Integration
+
+- **`harness validate`** — Project-wide structural validation. Checks file structure, naming conventions, required files, and configuration schemas.
+- **`harness validate --json`** — Machine-readable output for parsing and categorization.
+- **`harness linter validate`** — Runs all configured linter rules. Checks code patterns, import restrictions, and style conventions.
+- **`harness check-deps`** — Architectural boundary enforcement. Checks all imports against the layer model.
+- **`harness check-deps --json`** — Machine-readable dependency check output.
+
+## Success Criteria
+
+- All three commands (`harness validate`, `harness linter validate`, `harness check-deps`) pass with zero errors
+- All Tier 1 violations are resolved before any commit
+- All Tier 2 violations are resolved before any merge to main
+- Auto-fixed changes are verified by running the test suite
+- No violations are suppressed without explicit team approval and a documented reason
+
+## Examples
+
+### Example: Forbidden import detected
+
+**Violation:**
+
+```
+ERROR [forbidden-import] src/components/Dashboard.tsx:3
+  Import 'pg' is forbidden in layer 'ui'
+  Rule: ui layer must not import database drivers
+```
+
+**What it protects against:** The UI layer importing a PostgreSQL driver means UI code could execute raw SQL queries, bypassing the service and repository layers entirely. This breaks testability (tests need a real database) and security (SQL injection risk from UI layer).
+
+**Fix:** Remove the direct database call. Add the needed query to the appropriate repository, expose it through the service layer, and call the service from the UI component.
+
+### Example: Auto-fixable import ordering
+
+**Violation:**
+
+```
+WARNING [import-order] src/services/auth-service.ts:1-8
+  Imports are not in the configured order
+  Expected: builtin -> external -> internal -> relative
+  Found: relative -> external -> builtin
+```
+
+**Auto-fix applied:**
+
+```typescript
+// BEFORE
+import { hashPassword } from './utils';
+import bcrypt from 'bcrypt';
+import { createHash } from 'crypto';
+
+// AFTER (auto-fixed)
+import { createHash } from 'crypto';
+import bcrypt from 'bcrypt';
+import { hashPassword } from './utils';
+```
+
+Tests re-run: all passing. No behavioral change.
+
+### Example: Schema violation in config
+
+**Violation:**
+
+```
+ERROR [schema-violation] harness.config.json:24
+  Property 'layers[2].allowedImports' must be an array of strings
+  Found: number (42)
+  Schema: harness-config-schema.json#/properties/layers/items/properties/allowedImports
+```
+
+**What it protects against:** An invalid config means `harness check-deps` will either crash or silently skip validation. The layer constraints would not be enforced, allowing violations to slip through undetected.
+
+**Fix:** Correct the config value to be a valid string array: `"allowedImports": ["@shared/types", "@shared/utils"]`.
+
+## Gates
+
+These are hard stops. Mechanical constraints are non-negotiable.
+
+- **No commits with Tier 1 violations.** Errors must be resolved before the code is committed. No exceptions.
+- **No merges with Tier 2 violations.** Warnings must be resolved before merging to the main branch.
+- **No suppressing rules without documentation.** If a rule must be disabled for a specific line or file, the suppression comment must explain WHY (not just disable the rule).
+- **No auto-fix without test verification.** Every auto-fix must be followed by a test run to confirm no behavioral change.
+
+## Escalation
+
+- **When a rule seems wrong for the project:** Rules are configured in `harness.config.json` and linter configs. If a rule does not fit, propose a config change with justification. Do not disable the rule inline.
+- **When a violation cannot be fixed without a larger refactor:** Document the violation, create a task for the refactor, and get team approval for a temporary inline suppression with a TODO linking to the task.
+- **When auto-fix produces unexpected changes:** Undo the auto-fix, report the issue, and fix manually. Auto-fix tools are not infallible.
+- **When multiple constraints conflict:** The stricter constraint wins. If `harness validate` says a file is required but `harness linter validate` says its contents violate a rule, fix the contents to satisfy both. Escalate if truly irreconcilable.

package/dist/agents/skills/gemini-cli/check-mechanical-constraints/skill.yaml

@@ -0,0 +1,32 @@
+name: check-mechanical-constraints
+version: "1.0.0"
+description: Run all mechanical constraint checks (context validation + architecture)
+cognitive_mode: meticulous-verifier
+triggers:
+  - manual
+  - on_pr
+platforms:
+  - claude-code
+  - gemini-cli
+tools:
+  - Bash
+  - Read
+  - Glob
+cli:
+  command: harness skill run check-mechanical-constraints
+  args:
+    - name: path
+      description: Project root path
+      required: false
+mcp:
+  tool: run_skill
+  input:
+    skill: check-mechanical-constraints
+    path: string
+type: rigid
+state:
+  persistent: false
+  files: []
+depends_on:
+  - validate-context-engineering
+  - enforce-architecture

package/dist/agents/skills/gemini-cli/cleanup-dead-code/SKILL.md

@@ -0,0 +1,245 @@
+# Cleanup Dead Code
+
+> Entropy analysis and safe cleanup. Find unused exports, dead files, and pattern violations — then remove them without breaking anything.
+
+## When to Use
+
+- After a major refactoring or feature removal
+- When the codebase feels "heavy" — too many files, unclear what is used
+- As a periodic hygiene task (monthly or per-quarter)
+- When `on_entropy_check` triggers fire
+- After deleting a feature flag and its associated code paths
+- When `harness cleanup` reports growing entropy in the project health dashboard
+- NOT during active feature development — dead code cleanup is a separate, focused task
+- NOT when tests are failing — fix tests first, then clean up
+- NOT under time pressure — dead code removal requires careful verification
+
+## Process
+
+### Phase 1: Analyze — Run Entropy Report
+
+1. **Run `harness cleanup`** to generate a full entropy report. This analyzes:
+   - **Dead exports** — functions, classes, and constants that are exported but never imported anywhere
+   - **Unused files** — files that are not imported by any other file in the project
+   - **Pattern violations** — code that violates established project patterns (e.g., a service file without a corresponding test file)
+   - **Orphaned dependencies** — npm packages listed in package.json but never imported
+
+2. **Run `harness cleanup --type dead-code --json`** for machine-readable output focused specifically on unused code.
+
+3. **Review the report summary.** Note the total count and distribution. A few dead exports are normal; dozens suggest accumulated entropy from incomplete refactorings.
+
+### Graph-Enhanced Context (when available)
+
+When a knowledge graph exists at `.harness/graph/`, use graph queries for faster, more accurate dead code detection:
+
+- `query_graph` — perform graph reachability analysis from entry point nodes to identify truly unreachable code
+- `get_relationships` — distinguish dynamic imports from genuinely unused code by checking edge types
+
+Graph reachability reduces false positives compared to static analysis alone, since it traces the full transitive import graph including re-exports. Fall back to file-based commands if no graph is available.
+
+### Phase 2: Categorize — Safe vs. Needs Review
+
+**Safe to auto-fix (remove without further analysis):**
+
+- Exports that are not imported anywhere AND not referenced in any config file
+- Files that are not imported anywhere AND have no side effects (no top-level execution)
+- Dead exports (non-public, zero importers) -- remove `export` keyword or delete entirely if zero internal callers
+- Commented-out code blocks -- delete commented block (dead by definition, code is in git history)
+- Orphaned npm dependencies -- remove from package.json (probably safe; needs install+test verification)
+- Unused local variables and imports within a file (linter can catch these)
+
+**Needs human review before removal:**
+
+- Exports that APPEAR unused but might be consumed dynamically (see "What NOT to Delete" below)
+- Files that appear unused but are entry points (CLI scripts, test fixtures, config files)
+- Code that is only used in specific build configurations or environments
+- Exports from a public package — external consumers may depend on them
+
+### Phase 3: Apply Safe Fixes
+
+For each item categorized as safe:
+
+1. **Remove the dead code.** Delete the export, function, file, or import.
+
+2. **Run `harness fix-drift`** to update any documentation references that pointed to the deleted code.
+
+3. **Run the full test suite.** All tests must pass. If any test fails:
+   - **STOP.** The code was not actually dead — something depends on it.
+   - **Undo the deletion immediately.**
+   - **Reclassify** the item as "needs human review" and investigate the hidden dependency.
+
+4. **Run `harness validate` and `harness check-deps`.** Both must pass.
+
+5. **Commit the cleanup.** Group related removals into logical commits (e.g., "remove unused shipping utilities" not "delete dead code").
+
+**New fix types:**
+
+- **Dead exports (non-public):** Use `apply_fixes` with `fixTypes: ['dead-exports']`. The tool removes the `export` keyword. If the function/class has zero internal callers too, delete the entire declaration.
+- **Commented-out code:** Use `apply_fixes` with `fixTypes: ['commented-code']`. The tool deletes commented-out code blocks. This is cosmetic and only needs lint verification.
+- **Orphaned dependencies:** Use `apply_fixes` with `fixTypes: ['orphaned-deps']`. The tool removes the dep from package.json. **Must run `pnpm install && pnpm test` after** to verify nothing breaks.
+
+### Phase 3.5: Convergence Loop (Standalone)
+
+When running standalone (not through the orchestrator), apply a single-concern convergence loop:
+
+1. **Re-run detection.** After applying all safe fixes, run `harness cleanup --type dead-code` again.
+2. **Check if issue count decreased.** Compare the new count to the previous count.
+3. **If decreased: loop.** New dead code may have been exposed by the fixes (e.g., removing a dead export made a file fully unused). Go back to Phase 2 (Categorize) with the new report.
+4. **If unchanged: stop.** No more cascading fixes are possible. Proceed to Phase 4 (Report).
+5. **Maximum iterations: 5.** To prevent infinite loops, stop after 5 convergence cycles regardless.
+
+**Why convergence matters:** Removing dead code can create more dead code. For example:
+
+- Removing a dead export may make all remaining exports in a file dead, making the file itself dead.
+- Removing a dead file removes its imports, which may make other files' exports dead.
+- Removing an orphaned dep may cause lint warnings that reveal unused imports.
+
+### Phase 4: Report Remaining Items
+
+### Graph Refresh
+
+If a knowledge graph exists at `.harness/graph/`, refresh it after code changes to keep graph queries accurate:
+
+```
+harness scan [path]
+```
+
+Dead code removal changes graph topology — skipping this step means subsequent graph queries (impact analysis, dependency health, test advisor) may return stale results.
+
+For items that need human review, report:
+
+1. **What it is** — file path, export name, what it does
+2. **Why it appears dead** — no static imports found
+3. **Why it might not be dead** — dynamic import patterns, external consumers, test utilities
+4. **Recommended action** — delete with confidence, delete with caution, or keep
+
+## What NOT to Delete
+
+These patterns make code APPEAR dead when it is actually in use:
+
+### Dynamically imported modules
+
+```typescript
+// This import won't show up in static analysis
+const module = await import(`./plugins/${pluginName}`);
+```
+
+Files in a `plugins/` directory may appear unused but are loaded dynamically at runtime. Check for `import()` calls, `require()` with variables, and glob-based loading patterns.
+
+### Test utilities and fixtures
+
+```typescript
+// test-helpers.ts — only imported by test files
+export function createMockUser() { ... }
+```
+
+Test utility files may appear unused if the analysis excludes test files. Verify that `harness cleanup` includes test files in its import graph.
+
+### Type-only exports
+
+```typescript
+// Only used as a type, never as a value
+export interface UserConfig { ... }
+```
+
+Some analysis tools miss type-only imports (`import type { UserConfig }`). Verify before deleting any exported interface or type alias.
+
+### Package entry points
+
+```typescript
+// index.ts — re-exports for external consumers
+export { createClient } from './client';
+```
+
+The entry point of a package re-exports things for external consumers. These exports may have zero internal imports but are the public API.
+
+### Side-effect files
+
+```typescript
+// polyfills.ts — imported for side effects, not for exports
+import './polyfills';
+```
+
+Some files are imported for their side effects (polyfills, global registrations, CSS). They have no exports but are not dead.
+
+### Environment-specific code
+
+```typescript
+// Only used when FEATURE_FLAG_X is enabled
+if (process.env.FEATURE_FLAG_X) {
+  const handler = require('./experimental-handler');
+}
+```
+
+Code behind feature flags or environment checks may appear dead in the default configuration.
+
+## Harness Integration
+
+- **`harness cleanup`** — Full entropy analysis. Reports dead exports, unused files, pattern violations, and orphaned dependencies.
+- **`harness cleanup --type dead-code`** — Focused analysis on unused code specifically.
+- **`harness cleanup --type dead-code --json`** — Machine-readable output for automation.
+- **`harness fix-drift`** — Update documentation after removing dead code. Ensures deleted items are not still referenced in docs.
+- **`harness validate`** — Run after cleanup to verify project structure remains valid.
+- **`harness check-deps`** — Run after cleanup to verify no dependency violations were introduced.
+
+## Success Criteria
+
+- `harness cleanup` reports zero dead exports and zero unused files (or all remaining items are documented as intentional)
+- All tests pass after every deletion
+- `harness validate` and `harness check-deps` pass after cleanup
+- Documentation references to deleted code are updated or removed
+- No dynamically-imported, type-only, or side-effect code was accidentally deleted
+- Each cleanup commit is atomic and has a descriptive message explaining what was removed and why
+
+## Examples
+
+### Example: Removing unused utility functions
+
+**Entropy report:**
+
+```
+DEAD EXPORT: src/utils/string-helpers.ts
+  - capitalizeFirst() — 0 imports found
+  - truncateWithEllipsis() — 0 imports found
+  - slugify() — 3 imports found (ACTIVE, not dead)
+```
+
+**Action:** Remove `capitalizeFirst` and `truncateWithEllipsis` from the file. Keep `slugify`. Run tests — all pass. Commit: "remove unused capitalizeFirst and truncateWithEllipsis from string-helpers"
+
+### Example: Detecting a false positive
+
+**Entropy report:**
+
+```
+UNUSED FILE: src/plugins/markdown-renderer.ts
+  - 0 static imports found
+  - File contains: export default class MarkdownRenderer
+```
+
+**Investigation:** Check for dynamic imports:
+
+```typescript
+// src/plugins/index.ts
+const renderer = await import(`./${format}-renderer`);
+```
+
+**Result:** False positive. The file is loaded dynamically based on the `format` variable. Mark as intentional and add a comment in the file explaining the dynamic loading pattern.
+
+### Example: Orphaned npm dependency
+
+**Entropy report:**
+
+```
+ORPHANED DEPENDENCY: moment (package.json)
+  - 0 imports of 'moment' found in src/
+  - Last imported in commit abc123 (removed 3 months ago)
+```
+
+**Action:** Remove `moment` from package.json dependencies. Run `npm install` to update lockfile. Run tests — all pass. Commit: "remove unused moment dependency"
+
+## Escalation
+
+- **When removing code causes unexpected test failures:** The code has a hidden dependency. Undo the deletion, investigate the dependency chain, and document the finding. The code is not dead — it is just hard to trace.
+- **When the entropy report is very large (>50 items):** Do not attempt to clean everything at once. Pick the highest-confidence dead code (files with zero imports, no dynamic patterns) and clean those first. Schedule the rest across multiple sessions.
+- **When you are unsure if an export is used externally:** Check if the code is in a published package. If so, removing an export is a breaking change. Deprecate first, then remove in a major version.
+- **When dead code is tangled with live code in the same file:** Extract the live code first (using harness-refactoring), then delete the remaining dead code. Do not try to surgically remove dead code from a complex file in one step.

package/dist/agents/skills/gemini-cli/cleanup-dead-code/skill.yaml

@@ -0,0 +1,33 @@
+name: cleanup-dead-code
+version: "1.1.0"
+description: Detect and auto-fix dead code including dead exports, commented-out code, and orphaned dependencies
+cognitive_mode: diagnostic-investigator
+triggers:
+  - manual
+platforms:
+  - claude-code
+  - gemini-cli
+tools:
+  - Bash
+  - Read
+  - Glob
+  - Grep
+cli:
+  command: harness skill run cleanup-dead-code
+  args:
+    - name: path
+      description: Project root path
+      required: false
+    - name: fix
+      description: Enable auto-fix with convergence loop
+      required: false
+mcp:
+  tool: run_skill
+  input:
+    skill: cleanup-dead-code
+    path: string
+type: flexible
+state:
+  persistent: false
+  files: []
+depends_on: []

package/dist/agents/skills/gemini-cli/detect-doc-drift/SKILL.md

@@ -0,0 +1,179 @@
+# Detect Doc Drift
+
+> Detect documentation that has drifted from code. Find stale docs before they mislead developers and AI agents.
+
+## When to Use
+
+- After completing a feature, bug fix, or refactoring
+- During code review — check if the changed files have associated docs that need updating
+- As a periodic hygiene check (weekly or per-sprint)
+- When `on_post_feature` or `on_doc_check` triggers fire
+- When onboarding reveals confusion caused by outdated documentation
+- NOT during active development — wait until the code is stable before checking docs
+- NOT for writing new documentation from scratch (use align-documentation instead)
+
+## Process
+
+### Phase 1: Scan — Run Drift Detection
+
+1. **Run `harness check-docs`** to identify all documentation issues. Capture the full output.
+
+2. **Run `harness cleanup --type drift`** for a deeper analysis that cross-references code changes against documentation references.
+
+3. **Optionally, run `git diff` against a baseline** (last release, last sprint, etc.) to identify which code files changed. This helps prioritize — docs for recently changed files are most likely to be drifted.
+
+### Graph-Enhanced Context (when available)
+
+When a knowledge graph exists at `.harness/graph/`, use graph queries for faster, more accurate drift detection:
+
+- `query_graph` — find `documents` edges where the target code node has changed since the doc node was last updated
+
+When a graph is available, drift is simply stale edges: doc-to-code edges where the code side has been modified more recently than the doc side. This replaces regex pattern matching and catches semantic drift that text search misses. Fall back to file-based commands if no graph is available.
+
+### Pipeline Context (when orchestrated)
+
+When invoked by `harness-docs-pipeline`, check for a `pipeline` field in `.harness/handoff.json`:
+
+- If `pipeline` field exists: read `DocPipelineContext` from it
+  - Use `pipeline.exclusions` to skip findings that were already addressed in a previous phase
+  - Write `DriftFinding[]` results back to `pipeline.driftFindings` in handoff.json
+  - This enables the orchestrator to track findings across phases and avoid double-counting
+- If `pipeline` field does not exist: behave exactly as today (standalone mode)
+
+No changes to the skill's interface or output format — the pipeline field is purely additive.
+
+### Phase 2: Identify — Classify Drift Types
+
+Categorize each finding into one of these drift types:
+
+**Renamed but not updated:**
+A function, class, variable, or file was renamed in code, but documentation still references the old name. This is the most common type of drift.
+
+- Example: `calculateShipping()` was renamed to `computeShippingCost()`, but AGENTS.md and three inline comments still say `calculateShipping`.
+
+**New code with no docs:**
+A new module, function, or API was added but no documentation entry exists. This is not "drift" in the strict sense but a gap that grows into drift over time.
+
+- Example: `src/services/notification-service.ts` was added two sprints ago. It has 5 public exports. No AGENTS.md section, no doc page, no inline doc comments beyond basic JSDoc.
+
+**Deleted code still referenced:**
+A file, function, or feature was removed, but documentation still describes it as if it exists. This actively misleads readers.
+
+- Example: `src/utils/legacy-parser.ts` was deleted. The architecture doc still includes it in the data flow diagram. AGENTS.md still warns about its quirks.
+
+**Changed behavior not reflected:**
+A function's signature, return type, error handling, or side effects changed, but the documentation describes the old behavior.
+
+- Example: `createUser()` now throws `ValidationError` instead of returning `null` on invalid input. The API docs still say "returns null if validation fails."
+
+**Moved code with stale paths:**
+A file or module was moved to a different directory, but documentation references the old path.
+
+- Example: `src/helpers/format.ts` was moved to `src/utils/format.ts`. Three doc files and AGENTS.md reference the old path.
+
+### Phase 3: Prioritize — Rank by Impact
+
+Not all drift is equally harmful. Prioritize fixes:
+
+**Critical (fix immediately):**
+
+- Public API documentation that describes wrong behavior — external consumers will write broken code
+- AGENTS.md sections that reference deleted files — AI agents will hallucinate about non-existent code
+- README getting-started guides with wrong commands — new developers cannot onboard
+
+**High (fix before next release):**
+
+- Internal API docs with wrong signatures — developers waste time debugging
+- Architecture docs with stale diagrams — wrong mental models lead to wrong decisions
+- Frequently accessed docs with broken links — high-traffic pages with dead ends
+
+**Medium (fix in next sprint):**
+
+- Internal docs for stable code — low change rate means low confusion rate
+- Comments in rarely modified files — few people read them
+- Edge case documentation — affects few users
+
+**Low (fix when convenient):**
+
+- Stylistic inconsistencies in docs (capitalization, formatting)
+- Redundant documentation that says the same thing in multiple places
+- Historical notes that are outdated but clearly marked as historical
+
+### Phase 4: Report — Generate Actionable Output
+
+For each drift finding, provide:
+
+1. **File and line number** of the drifted documentation
+2. **The specific stale content** (quote the exact text that is wrong)
+3. **What changed in code** (the commit, file, and nature of the change)
+4. **Suggested fix** (the replacement text or action needed)
+5. **Priority tier** (Critical / High / Medium / Low)
+
+Group findings by documentation file so that fixes can be applied file-by-file.
+
+## Harness Integration
+
+- **`harness check-docs`** — Primary tool. Scans all documentation files for broken references, stale paths, and missing entries.
+- **`harness cleanup --type drift`** — Deeper analysis that cross-references git history with documentation references to detect semantic drift.
+- **`harness cleanup --type drift --json`** — Machine-readable output for automated pipelines.
+- **`harness fix-drift`** — Auto-fix simple drift issues after review (use align-documentation skill for applying fixes).
+
+## Success Criteria
+
+- `harness check-docs` reports zero errors
+- All file paths referenced in documentation resolve to existing files
+- All function/class names referenced in documentation match current code
+- All API documentation matches current function signatures and behavior
+- No documentation references deleted files, functions, or features
+- Drift findings are prioritized and assigned to the appropriate fix cycle
+
+## Examples
+
+### Example: Renamed function detected
+
+**Drift finding:**
+
+```
+DRIFT: Renamed reference detected
+  Doc: AGENTS.md:47
+  Stale text: "Use `calculateShipping()` to compute shipping costs"
+  Code change: calculateShipping renamed to computeShippingCost (commit a1b2c3d)
+  File: src/services/shipping.ts:24
+  Priority: High
+  Suggested fix: Replace `calculateShipping()` with `computeShippingCost()`
+```
+
+### Example: Deleted file still documented
+
+**Drift finding:**
+
+```
+DRIFT: Reference to deleted file
+  Doc: docs/architecture.md:112
+  Stale text: "The legacy parser (src/utils/legacy-parser.ts) handles XML input"
+  Code change: File deleted in commit d4e5f6g, functionality merged into unified-parser.ts
+  Priority: Critical
+  Suggested fix: Update section to reference unified-parser.ts, remove legacy parser description
+```
+
+### Example: New module with no documentation
+
+**Drift finding:**
+
+```
+GAP: Undocumented module
+  File: src/services/notification-service.ts
+  Created: commit h7i8j9k (3 weeks ago)
+  Public exports: NotificationService, NotificationType, sendNotification
+  Imported by: 4 modules
+  Documentation references: 0
+  Priority: High
+  Suggested fix: Add AGENTS.md section describing purpose, constraints, and public API
+```
+
+## Escalation
+
+- **When drift is extensive (>30 findings):** Do not try to fix everything. Focus on Critical and High priority items. Create a tracking issue for the remaining items and schedule them across sprints.
+- **When you cannot determine the correct replacement text:** The code change may have been complex. Check the commit message and PR description for context. If still unclear, flag the finding for the original author to resolve.
+- **When documentation is in a format you cannot parse:** Some docs may be in wiki pages, Confluence, or other external systems. Report the finding with a link and flag it for manual review.
+- **When drift reveals a deeper problem (code changed but nobody knew):** This suggests a process gap. Recommend adding `harness check-docs` to the CI pipeline or pre-merge hooks to catch drift at the source.