@harness-engineering/core 0.14.0 → 0.16.0

package/dist/index.js

@@ -45,6 +45,7 @@ __export(index_exports, {
   BlueprintGenerator: () => BlueprintGenerator,
   BundleConstraintsSchema: () => BundleConstraintsSchema,
   BundleSchema: () => BundleSchema,
+  CACHE_TTL_MS: () => CACHE_TTL_MS,
   COMPLIANCE_DESCRIPTOR: () => COMPLIANCE_DESCRIPTOR,
   CategoryBaselineSchema: () => CategoryBaselineSchema,
   CategoryRegressionSchema: () => CategoryRegressionSchema,
@@ -62,7 +63,9 @@ __export(index_exports, {
   DEFAULT_SECURITY_CONFIG: () => DEFAULT_SECURITY_CONFIG,
   DEFAULT_STATE: () => DEFAULT_STATE,
   DEFAULT_STREAM_INDEX: () => DEFAULT_STREAM_INDEX,
+  DESTRUCTIVE_BASH: () => DESTRUCTIVE_BASH,
   DepDepthCollector: () => DepDepthCollector,
+  EXTENSION_MAP: () => EXTENSION_MAP,
   EmitInteractionInputSchema: () => EmitInteractionInputSchema,
   EntropyAnalyzer: () => EntropyAnalyzer,
   EntropyConfigSchema: () => EntropyConfigSchema,
@@ -75,6 +78,7 @@ __export(index_exports, {
   HandoffSchema: () => HandoffSchema,
   HarnessStateSchema: () => HarnessStateSchema,
   InteractionTypeSchema: () => InteractionTypeSchema,
+  LITELLM_PRICING_URL: () => LITELLM_PRICING_URL,
   LayerViolationCollector: () => LayerViolationCollector,
   LockfilePackageSchema: () => LockfilePackageSchema,
   LockfileSchema: () => LockfileSchema,
@@ -91,12 +95,14 @@ __export(index_exports, {
   RegressionDetector: () => RegressionDetector,
   RuleRegistry: () => RuleRegistry,
   SECURITY_DESCRIPTOR: () => SECURITY_DESCRIPTOR,
+  STALENESS_WARNING_DAYS: () => STALENESS_WARNING_DAYS,
   SecurityConfigSchema: () => SecurityConfigSchema,
   SecurityScanner: () => SecurityScanner,
   SharableBoundaryConfigSchema: () => SharableBoundaryConfigSchema,
   SharableForbiddenImportSchema: () => SharableForbiddenImportSchema,
   SharableLayerSchema: () => SharableLayerSchema,
   SharableSecurityRulesSchema: () => SharableSecurityRulesSchema,
+  SkillEventSchema: () => SkillEventSchema,
   StreamIndexSchema: () => StreamIndexSchema,
   StreamInfoSchema: () => StreamInfoSchema,
   ThresholdConfigSchema: () => ThresholdConfigSchema,
@@ -105,6 +111,9 @@ __export(index_exports, {
   VERSION: () => VERSION,
   ViolationSchema: () => ViolationSchema,
   addProvenance: () => addProvenance,
+  agentConfigRules: () => agentConfigRules,
+  aggregateByDay: () => aggregateByDay,
+  aggregateBySession: () => aggregateBySession,
   analyzeDiff: () => analyzeDiff,
   analyzeLearningPatterns: () => analyzeLearningPatterns,
   appendFailure: () => appendFailure,
@@ -112,6 +121,7 @@ __export(index_exports, {
   appendSessionEntry: () => appendSessionEntry,
   applyFixes: () => applyFixes,
   applyHotspotDowngrade: () => applyHotspotDowngrade,
+  applySyncChanges: () => applySyncChanges,
   archMatchers: () => archMatchers,
   archModule: () => archModule,
   architecture: () => architecture,
@@ -122,16 +132,23 @@ __export(index_exports, {
   buildDependencyGraph: () => buildDependencyGraph,
   buildExclusionSet: () => buildExclusionSet,
   buildSnapshot: () => buildSnapshot,
+  calculateCost: () => calculateCost,
   checkDocCoverage: () => checkDocCoverage,
   checkEligibility: () => checkEligibility,
   checkEvidenceCoverage: () => checkEvidenceCoverage,
+  checkTaint: () => checkTaint,
   classifyFinding: () => classifyFinding,
+  clearEventHashCache: () => clearEventHashCache,
   clearFailuresCache: () => clearFailuresCache,
   clearLearningsCache: () => clearLearningsCache,
+  clearTaint: () => clearTaint,
+  computeOverallSeverity: () => computeOverallSeverity,
+  computeScanExitCode: () => computeScanExitCode,
   configureFeedback: () => configureFeedback,
   constraintRuleId: () => constraintRuleId,
   contextBudget: () => contextBudget,
   contextFilter: () => contextFilter,
+  countLearningEntries: () => countLearningEntries,
   createBoundaryValidator: () => createBoundaryValidator,
   createCommentedCodeFixes: () => createCommentedCodeFixes,
   createError: () => createError,
@@ -155,66 +172,95 @@ __export(index_exports, {
   detectCouplingViolations: () => detectCouplingViolations,
   detectDeadCode: () => detectDeadCode,
   detectDocDrift: () => detectDocDrift,
+  detectLanguage: () => detectLanguage,
   detectPatternViolations: () => detectPatternViolations,
   detectSizeBudgetViolations: () => detectSizeBudgetViolations,
   detectStack: () => detectStack,
   detectStaleConstraints: () => detectStaleConstraints,
   determineAssessment: () => determineAssessment,
   diff: () => diff,
+  emitEvent: () => emitEvent,
   executeWorkflow: () => executeWorkflow,
   expressRules: () => expressRules,
   extractBundle: () => extractBundle,
+  extractIndexEntry: () => extractIndexEntry,
   extractMarkdownLinks: () => extractMarkdownLinks,
   extractSections: () => extractSections,
   fanOutReview: () => fanOutReview,
+  formatEventTimeline: () => formatEventTimeline,
   formatFindingBlock: () => formatFindingBlock,
   formatGitHubComment: () => formatGitHubComment,
   formatGitHubSummary: () => formatGitHubSummary,
+  formatOutline: () => formatOutline,
   formatTerminalOutput: () => formatTerminalOutput,
   generateAgentsMap: () => generateAgentsMap,
   generateSuggestions: () => generateSuggestions,
   getActionEmitter: () => getActionEmitter,
   getExitCode: () => getExitCode,
   getFeedbackConfig: () => getFeedbackConfig,
+  getInjectionPatterns: () => getInjectionPatterns,
+  getModelPrice: () => getModelPrice,
+  getOutline: () => getOutline,
+  getParser: () => getParser,
   getPhaseCategories: () => getPhaseCategories,
   getStreamForBranch: () => getStreamForBranch,
+  getTaintFilePath: () => getTaintFilePath,
   getUpdateNotification: () => getUpdateNotification,
   goRules: () => goRules,
   injectionRules: () => injectionRules,
+  insecureDefaultsRules: () => insecureDefaultsRules,
+  isDuplicateFinding: () => isDuplicateFinding,
   isSmallSuggestion: () => isSmallSuggestion,
   isUpdateCheckEnabled: () => isUpdateCheckEnabled,
   listActiveSessions: () => listActiveSessions,
   listStreams: () => listStreams,
+  listTaintedSessions: () => listTaintedSessions,
   loadBudgetedLearnings: () => loadBudgetedLearnings,
+  loadEvents: () => loadEvents,
   loadFailures: () => loadFailures,
   loadHandoff: () => loadHandoff,
+  loadIndexEntries: () => loadIndexEntries,
+  loadPricingData: () => loadPricingData,
   loadRelevantLearnings: () => loadRelevantLearnings,
   loadSessionSummary: () => loadSessionSummary,
   loadState: () => loadState,
   loadStreamIndex: () => loadStreamIndex,
   logAgentAction: () => logAgentAction,
+  mapInjectionFindings: () => mapInjectionFindings,
+  mapSecurityFindings: () => mapSecurityFindings,
+  mapSecuritySeverity: () => mapSecuritySeverity,
+  mcpRules: () => mcpRules,
   migrateToStreams: () => migrateToStreams,
   networkRules: () => networkRules,
   nodeRules: () => nodeRules,
+  parseCCRecords: () => parseCCRecords,
   parseDateFromEntry: () => parseDateFromEntry,
   parseDiff: () => parseDiff,
+  parseFile: () => parseFile,
+  parseFrontmatter: () => parseFrontmatter,
+  parseHarnessIgnore: () => parseHarnessIgnore,
+  parseLiteLLMData: () => parseLiteLLMData,
   parseManifest: () => parseManifest,
   parseRoadmap: () => parseRoadmap,
   parseSecurityConfig: () => parseSecurityConfig,
   parseSize: () => parseSize,
   pathTraversalRules: () => pathTraversalRules,
   previewFix: () => previewFix,
+  promoteSessionLearnings: () => promoteSessionLearnings,
   pruneLearnings: () => pruneLearnings,
   reactRules: () => reactRules,
   readCheckState: () => readCheckState,
+  readCostRecords: () => readCostRecords,
   readLockfile: () => readLockfile,
   readSessionSection: () => readSessionSection,
   readSessionSections: () => readSessionSections,
+  readTaint: () => readTaint,
   removeContributions: () => removeContributions,
   removeProvenance: () => removeProvenance,
   requestMultiplePeerReviews: () => requestMultiplePeerReviews,
   requestPeerReview: () => requestPeerReview,
   resetFeedbackConfig: () => resetFeedbackConfig,
+  resetParserCache: () => resetParserCache,
   resolveFileToLayer: () => resolveFileToLayer,
   resolveModelTier: () => resolveModelTier,
   resolveRuleSeverity: () => resolveRuleSeverity,
@@ -235,10 +281,13 @@ __export(index_exports, {
   saveHandoff: () => saveHandoff,
   saveState: () => saveState,
   saveStreamIndex: () => saveStreamIndex,
+  scanForInjection: () => scanForInjection,
   scopeContext: () => scopeContext,
+  searchSymbols: () => searchSymbols,
   secretRules: () => secretRules,
   serializeRoadmap: () => serializeRoadmap,
   setActiveStream: () => setActiveStream,
+  sharpEdgesRules: () => sharpEdgesRules,
   shouldRunCheck: () => shouldRunCheck,
   spawnBackgroundCheck: () => spawnBackgroundCheck,
   syncConstraintNodes: () => syncConstraintNodes,
@@ -246,6 +295,8 @@ __export(index_exports, {
   tagUncitedFindings: () => tagUncitedFindings,
   touchStream: () => touchStream,
   trackAction: () => trackAction,
+  unfoldRange: () => unfoldRange,
+  unfoldSymbol: () => unfoldSymbol,
   updateSessionEntryStatus: () => updateSessionEntryStatus,
   updateSessionIndex: () => updateSessionIndex,
   validateAgentsMap: () => validateAgentsMap,
@@ -261,6 +312,7 @@ __export(index_exports, {
   writeConfig: () => writeConfig,
   writeLockfile: () => writeLockfile,
   writeSessionSummary: () => writeSessionSummary,
+  writeTaint: () => writeTaint,
   xssRules: () => xssRules
 });
 module.exports = __toCommonJS(index_exports);
@@ -284,17 +336,17 @@ var import_node_path = require("path");
 var import_glob = require("glob");
 var accessAsync = (0, import_util.promisify)(import_fs.access);
 var readFileAsync = (0, import_util.promisify)(import_fs.readFile);
-async function fileExists(path22) {
+async function fileExists(path26) {
   try {
-    await accessAsync(path22, import_fs.constants.F_OK);
+    await accessAsync(path26, import_fs.constants.F_OK);
     return true;
   } catch {
     return false;
   }
 }
-async function readFileContent(path22) {
+async function readFileContent(path26) {
   try {
-    const content = await readFileAsync(path22, "utf-8");
+    const content = await readFileAsync(path26, "utf-8");
     return (0, import_types.Ok)(content);
   } catch (error) {
     return (0, import_types.Err)(error);
@@ -345,15 +397,15 @@ function validateConfig(data, schema) {
   let message = "Configuration validation failed";
   const suggestions = [];
   if (firstError) {
-    const path22 = firstError.path.join(".");
-    const pathDisplay = path22 ? ` at "${path22}"` : "";
+    const path26 = firstError.path.join(".");
+    const pathDisplay = path26 ? ` at "${path26}"` : "";
     if (firstError.code === "invalid_type") {
       const received = firstError.received;
       const expected = firstError.expected;
       if (received === "undefined") {
         code = "MISSING_FIELD";
         message = `Missing required field${pathDisplay}: ${firstError.message}`;
-        suggestions.push(`Field "${path22}" is required and must be of type "${expected}"`);
+        suggestions.push(`Field "${path26}" is required and must be of type "${expected}"`);
       } else {
         code = "INVALID_TYPE";
         message = `Invalid type${pathDisplay}: ${firstError.message}`;
@@ -569,27 +621,27 @@ function extractSections(content) {
   }
   return sections.map((section) => buildAgentMapSection(section, lines));
 }
-function isExternalLink(path22) {
-  return path22.startsWith("http://") || path22.startsWith("https://") || path22.startsWith("#") || path22.startsWith("mailto:");
+function isExternalLink(path26) {
+  return path26.startsWith("http://") || path26.startsWith("https://") || path26.startsWith("#") || path26.startsWith("mailto:");
 }
 function resolveLinkPath(linkPath, baseDir) {
   return linkPath.startsWith(".") ? (0, import_path.join)(baseDir, linkPath) : linkPath;
 }
-async function validateAgentsMap(path22 = "./AGENTS.md") {
-  const contentResult = await readFileContent(path22);
+async function validateAgentsMap(path26 = "./AGENTS.md") {
+  const contentResult = await readFileContent(path26);
   if (!contentResult.ok) {
     return (0, import_types.Err)(
       createError(
         "PARSE_ERROR",
         `Failed to read AGENTS.md: ${contentResult.error.message}`,
-        { path: path22 },
+        { path: path26 },
         ["Ensure the file exists", "Check file permissions"]
       )
     );
   }
   const content = contentResult.value;
   const sections = extractSections(content);
-  const baseDir = (0, import_path.dirname)(path22);
+  const baseDir = (0, import_path.dirname)(path26);
   const sectionTitles = sections.map((s) => s.title);
   const missingSections = REQUIRED_SECTIONS.filter(
     (required) => !sectionTitles.some((title) => title.toLowerCase().includes(required.toLowerCase()))
@@ -730,8 +782,8 @@ async function checkDocCoverage(domain, options = {}) {
 
 // src/context/knowledge-map.ts
 var import_path3 = require("path");
-function suggestFix(path22, existingFiles) {
-  const targetName = (0, import_path3.basename)(path22).toLowerCase();
+function suggestFix(path26, existingFiles) {
+  const targetName = (0, import_path3.basename)(path26).toLowerCase();
   const similar = existingFiles.find((file) => {
     const fileName = (0, import_path3.basename)(file).toLowerCase();
     return fileName.includes(targetName) || targetName.includes(fileName);
@@ -739,7 +791,7 @@ function suggestFix(path22, existingFiles) {
   if (similar) {
     return `Did you mean "${similar}"?`;
   }
-  return `Create the file "${path22}" or remove the link`;
+  return `Create the file "${path26}" or remove the link`;
 }
 async function validateKnowledgeMap(rootDir = process.cwd()) {
   const agentsPath = (0, import_path3.join)(rootDir, "AGENTS.md");
@@ -1345,8 +1397,8 @@ function createBoundaryValidator(schema, name) {
         return (0, import_types.Ok)(result.data);
       }
       const suggestions = result.error.issues.map((issue) => {
-        const path22 = issue.path.join(".");
-        return path22 ? `${path22}: ${issue.message}` : issue.message;
+        const path26 = issue.path.join(".");
+        return path26 ? `${path26}: ${issue.message}` : issue.message;
       });
       return (0, import_types.Err)(
         createError(
@@ -1978,11 +2030,11 @@ function processExportListSpecifiers(exportDecl, exports2) {
 var TypeScriptParser = class {
   name = "typescript";
   extensions = [".ts", ".tsx", ".mts", ".cts"];
-  async parseFile(path22) {
-    const contentResult = await readFileContent(path22);
+  async parseFile(path26) {
+    const contentResult = await readFileContent(path26);
     if (!contentResult.ok) {
       return (0, import_types.Err)(
-        createParseError("NOT_FOUND", `File not found: ${path22}`, { path: path22 }, [
+        createParseError("NOT_FOUND", `File not found: ${path26}`, { path: path26 }, [
           "Check that the file exists",
           "Verify the path is correct"
         ])
@@ -1992,7 +2044,7 @@ var TypeScriptParser = class {
       const ast = (0, import_typescript_estree.parse)(contentResult.value, {
         loc: true,
         range: true,
-        jsx: path22.endsWith(".tsx"),
+        jsx: path26.endsWith(".tsx"),
         errorOnUnknownASTType: false
       });
       return (0, import_types.Ok)({
@@ -2003,7 +2055,7 @@ var TypeScriptParser = class {
     } catch (e) {
       const error = e;
       return (0, import_types.Err)(
-        createParseError("SYNTAX_ERROR", `Failed to parse ${path22}: ${error.message}`, { path: path22 }, [
+        createParseError("SYNTAX_ERROR", `Failed to parse ${path26}: ${error.message}`, { path: path26 }, [
           "Check for syntax errors in the file",
           "Ensure valid TypeScript syntax"
         ])
@@ -2188,22 +2240,22 @@ function extractInlineRefs(content) {
   }
   return refs;
 }
-async function parseDocumentationFile(path22) {
-  const contentResult = await readFileContent(path22);
+async function parseDocumentationFile(path26) {
+  const contentResult = await readFileContent(path26);
   if (!contentResult.ok) {
     return (0, import_types.Err)(
       createEntropyError(
         "PARSE_ERROR",
-        `Failed to read documentation file: ${path22}`,
-        { file: path22 },
+        `Failed to read documentation file: ${path26}`,
+        { file: path26 },
         ["Check that the file exists"]
       )
     );
   }
   const content = contentResult.value;
-  const type = path22.endsWith(".md") ? "markdown" : "text";
+  const type = path26.endsWith(".md") ? "markdown" : "text";
   return (0, import_types.Ok)({
-    path: path22,
+    path: path26,
     type,
     content,
     codeBlocks: extractCodeBlocks(content),
@@ -6868,6 +6920,8 @@ var SESSION_INDEX_FILE = "index.md";
 var SUMMARY_FILE = "summary.md";
 var SESSION_STATE_FILE = "session-state.json";
 var ARCHIVE_DIR = "archive";
+var CONTENT_HASHES_FILE = "content-hashes.json";
+var EVENTS_FILE = "events.jsonl";
 
 // src/state/stream-resolver.ts
 var STREAMS_DIR = "streams";
@@ -7210,6 +7264,85 @@ async function saveState(projectPath, state, stream, session) {
 // src/state/learnings.ts
 var fs9 = __toESM(require("fs"));
 var path6 = __toESM(require("path"));
+var crypto = __toESM(require("crypto"));
+function parseFrontmatter(line) {
+  const match = line.match(/^<!--\s+hash:([a-f0-9]+)(?:\s+tags:([^\s]+))?\s+-->/);
+  if (!match) return null;
+  const hash = match[1];
+  const tags = match[2] ? match[2].split(",").filter(Boolean) : [];
+  return { hash, tags };
+}
+function computeEntryHash(text) {
+  return crypto.createHash("sha256").update(text).digest("hex").slice(0, 8);
+}
+function normalizeLearningContent(text) {
+  let normalized = text;
+  normalized = normalized.replace(/\d{4}-\d{2}-\d{2}/g, "");
+  normalized = normalized.replace(/\[skill:[^\]]*\]/g, "");
+  normalized = normalized.replace(/\[outcome:[^\]]*\]/g, "");
+  normalized = normalized.replace(/^[\s]*[-*]\s+/gm, "");
+  normalized = normalized.replace(/\*\*/g, "");
+  normalized = normalized.replace(/:\s*/g, " ");
+  normalized = normalized.toLowerCase();
+  normalized = normalized.replace(/\s+/g, " ").trim();
+  return normalized;
+}
+function computeContentHash(text) {
+  return crypto.createHash("sha256").update(text).digest("hex").slice(0, 16);
+}
+function loadContentHashes(stateDir) {
+  const hashesPath = path6.join(stateDir, CONTENT_HASHES_FILE);
+  if (!fs9.existsSync(hashesPath)) return {};
+  try {
+    const raw = fs9.readFileSync(hashesPath, "utf-8");
+    const parsed = JSON.parse(raw);
+    if (typeof parsed !== "object" || parsed === null || Array.isArray(parsed)) return {};
+    return parsed;
+  } catch {
+    return {};
+  }
+}
+function saveContentHashes(stateDir, index) {
+  const hashesPath = path6.join(stateDir, CONTENT_HASHES_FILE);
+  fs9.writeFileSync(hashesPath, JSON.stringify(index, null, 2) + "\n");
+}
+function rebuildContentHashes(stateDir) {
+  const learningsPath = path6.join(stateDir, LEARNINGS_FILE);
+  if (!fs9.existsSync(learningsPath)) return {};
+  const content = fs9.readFileSync(learningsPath, "utf-8");
+  const lines = content.split("\n");
+  const index = {};
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const isDatedBullet = /^- \*\*\d{4}-\d{2}-\d{2}/.test(line);
+    if (isDatedBullet) {
+      const learningMatch = line.match(/:\*\*\s*(.+)$/);
+      if (learningMatch?.[1]) {
+        const normalized = normalizeLearningContent(learningMatch[1]);
+        const hash = computeContentHash(normalized);
+        const dateMatch = line.match(/(\d{4}-\d{2}-\d{2})/);
+        index[hash] = { date: dateMatch?.[1] ?? "", line: i + 1 };
+      }
+    }
+  }
+  saveContentHashes(stateDir, index);
+  return index;
+}
+function extractIndexEntry(entry) {
+  const lines = entry.split("\n");
+  const summary = lines[0] ?? entry;
+  const tags = [];
+  const skillMatch = entry.match(/\[skill:([^\]]+)\]/);
+  if (skillMatch?.[1]) tags.push(skillMatch[1]);
+  const outcomeMatch = entry.match(/\[outcome:([^\]]+)\]/);
+  if (outcomeMatch?.[1]) tags.push(outcomeMatch[1]);
+  return {
+    hash: computeEntryHash(entry),
+    tags,
+    summary,
+    fullText: entry
+  };
+}
 var learningsCacheMap = /* @__PURE__ */ new Map();
 function clearLearningsCache() {
   learningsCacheMap.clear();
@@ -7221,27 +7354,55 @@ async function appendLearning(projectPath, learning, skillName, outcome, stream,
     const stateDir = dirResult.value;
     const learningsPath = path6.join(stateDir, LEARNINGS_FILE);
     fs9.mkdirSync(stateDir, { recursive: true });
+    const normalizedContent = normalizeLearningContent(learning);
+    const contentHash = computeContentHash(normalizedContent);
+    const hashesPath = path6.join(stateDir, CONTENT_HASHES_FILE);
+    let contentHashes;
+    if (fs9.existsSync(hashesPath)) {
+      contentHashes = loadContentHashes(stateDir);
+      if (Object.keys(contentHashes).length === 0 && fs9.existsSync(learningsPath)) {
+        contentHashes = rebuildContentHashes(stateDir);
+      }
+    } else if (fs9.existsSync(learningsPath)) {
+      contentHashes = rebuildContentHashes(stateDir);
+    } else {
+      contentHashes = {};
+    }
+    if (contentHashes[contentHash]) {
+      return (0, import_types.Ok)(void 0);
+    }
     const timestamp = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
-    let entry;
+    const fmTags = [];
+    if (skillName) fmTags.push(skillName);
+    if (outcome) fmTags.push(outcome);
+    let bulletLine;
     if (skillName && outcome) {
-      entry = `
-- **${timestamp} [skill:${skillName}] [outcome:${outcome}]:** ${learning}
-`;
+      bulletLine = `- **${timestamp} [skill:${skillName}] [outcome:${outcome}]:** ${learning}`;
     } else if (skillName) {
-      entry = `
-- **${timestamp} [skill:${skillName}]:** ${learning}
-`;
+      bulletLine = `- **${timestamp} [skill:${skillName}]:** ${learning}`;
     } else {
-      entry = `
-- **${timestamp}:** ${learning}
-`;
+      bulletLine = `- **${timestamp}:** ${learning}`;
     }
+    const hash = crypto.createHash("sha256").update(bulletLine).digest("hex").slice(0, 8);
+    const tagsStr = fmTags.length > 0 ? ` tags:${fmTags.join(",")}` : "";
+    const frontmatter = `<!-- hash:${hash}${tagsStr} -->`;
+    const entry = `
+${frontmatter}
+${bulletLine}
+`;
+    let existingLineCount;
     if (!fs9.existsSync(learningsPath)) {
       fs9.writeFileSync(learningsPath, `# Learnings
 ${entry}`);
+      existingLineCount = 1;
     } else {
+      const existingContent = fs9.readFileSync(learningsPath, "utf-8");
+      existingLineCount = existingContent.split("\n").length;
       fs9.appendFileSync(learningsPath, entry);
     }
+    const bulletLine_lineNum = existingLineCount + 2;
+    contentHashes[contentHash] = { date: timestamp ?? "", line: bulletLine_lineNum };
+    saveContentHashes(stateDir, contentHashes);
     learningsCacheMap.delete(learningsPath);
     return (0, import_types.Ok)(void 0);
   } catch (error) {
@@ -7289,7 +7450,30 @@ function analyzeLearningPatterns(entries) {
   return patterns.sort((a, b) => b.count - a.count);
 }
 async function loadBudgetedLearnings(projectPath, options) {
-  const { intent, tokenBudget = 1e3, skill, session, stream } = options;
+  const { intent, tokenBudget = 1e3, skill, session, stream, depth = "summary" } = options;
+  if (depth === "index") {
+    const indexEntries = [];
+    if (session) {
+      const sessionResult = await loadIndexEntries(projectPath, skill, stream, session);
+      if (sessionResult.ok) indexEntries.push(...sessionResult.value);
+    }
+    const globalResult2 = await loadIndexEntries(projectPath, skill, stream);
+    if (globalResult2.ok) {
+      const sessionHashes = new Set(indexEntries.map((e) => e.hash));
+      const uniqueGlobal = globalResult2.value.filter((e) => !sessionHashes.has(e.hash));
+      indexEntries.push(...uniqueGlobal);
+    }
+    const budgeted2 = [];
+    let totalTokens2 = 0;
+    for (const entry of indexEntries) {
+      const separator = budgeted2.length > 0 ? "\n" : "";
+      const entryCost = estimateTokens(entry.summary + separator);
+      if (totalTokens2 + entryCost > tokenBudget) break;
+      budgeted2.push(entry.summary);
+      totalTokens2 += entryCost;
+    }
+    return (0, import_types.Ok)(budgeted2);
+  }
   const sortByRecencyAndRelevance = (entries) => {
     return [...entries].sort((a, b) => {
       const dateA = parseDateFromEntry(a) ?? "0000-00-00";
@@ -7308,7 +7492,9 @@ async function loadBudgetedLearnings(projectPath, options) {
   }
   const globalResult = await loadRelevantLearnings(projectPath, skill, stream);
   if (globalResult.ok) {
-    allEntries.push(...sortByRecencyAndRelevance(globalResult.value));
+    const sessionSet = new Set(allEntries.map((e) => e.trim()));
+    const uniqueGlobal = globalResult.value.filter((e) => !sessionSet.has(e.trim()));
+    allEntries.push(...sortByRecencyAndRelevance(uniqueGlobal));
   }
   const budgeted = [];
   let totalTokens = 0;
@@ -7321,6 +7507,68 @@ async function loadBudgetedLearnings(projectPath, options) {
   }
   return (0, import_types.Ok)(budgeted);
 }
+async function loadIndexEntries(projectPath, skillName, stream, session) {
+  try {
+    const dirResult = await getStateDir(projectPath, stream, session);
+    if (!dirResult.ok) return dirResult;
+    const stateDir = dirResult.value;
+    const learningsPath = path6.join(stateDir, LEARNINGS_FILE);
+    if (!fs9.existsSync(learningsPath)) {
+      return (0, import_types.Ok)([]);
+    }
+    const content = fs9.readFileSync(learningsPath, "utf-8");
+    const lines = content.split("\n");
+    const indexEntries = [];
+    let pendingFrontmatter = null;
+    let currentBlock = [];
+    for (const line of lines) {
+      if (line.startsWith("# ")) continue;
+      const fm = parseFrontmatter(line);
+      if (fm) {
+        pendingFrontmatter = fm;
+        continue;
+      }
+      const isDatedBullet = /^- \*\*\d{4}-\d{2}-\d{2}/.test(line);
+      const isHeading = /^## \d{4}-\d{2}-\d{2}/.test(line);
+      if (isDatedBullet || isHeading) {
+        if (pendingFrontmatter) {
+          indexEntries.push({
+            hash: pendingFrontmatter.hash,
+            tags: pendingFrontmatter.tags,
+            summary: line,
+            fullText: ""
+            // Placeholder — full text not loaded in index mode
+          });
+          pendingFrontmatter = null;
+        } else {
+          const idx = extractIndexEntry(line);
+          indexEntries.push({
+            hash: idx.hash,
+            tags: idx.tags,
+            summary: line,
+            fullText: ""
+          });
+        }
+        currentBlock = [line];
+      } else if (line.trim() !== "" && currentBlock.length > 0) {
+        currentBlock.push(line);
+      }
+    }
+    if (skillName) {
+      const filtered = indexEntries.filter(
+        (e) => e.tags.includes(skillName) || e.summary.includes(`[skill:${skillName}]`)
+      );
+      return (0, import_types.Ok)(filtered);
+    }
+    return (0, import_types.Ok)(indexEntries);
+  } catch (error) {
+    return (0, import_types.Err)(
+      new Error(
+        `Failed to load index entries: ${error instanceof Error ? error.message : String(error)}`
+      )
+    );
+  }
+}
 async function loadRelevantLearnings(projectPath, skillName, stream, session) {
   try {
     const dirResult = await getStateDir(projectPath, stream, session);
@@ -7343,6 +7591,7 @@ async function loadRelevantLearnings(projectPath, skillName, stream, session) {
       let currentBlock = [];
       for (const line of lines) {
         if (line.startsWith("# ")) continue;
+        if (/^<!--\s+hash:[a-f0-9]+/.test(line)) continue;
         const isDatedBullet = /^- \*\*\d{4}-\d{2}-\d{2}/.test(line);
         const isHeading = /^## \d{4}-\d{2}-\d{2}/.test(line);
         if (isDatedBullet || isHeading) {
@@ -7452,6 +7701,68 @@ async function pruneLearnings(projectPath, stream) {
     );
   }
 }
+var PROMOTABLE_OUTCOMES = ["gotcha", "decision", "observation"];
+function isGeneralizable(entry) {
+  for (const outcome of PROMOTABLE_OUTCOMES) {
+    if (entry.includes(`[outcome:${outcome}]`)) return true;
+  }
+  return false;
+}
+async function promoteSessionLearnings(projectPath, sessionSlug, stream) {
+  try {
+    const sessionResult = await loadRelevantLearnings(projectPath, void 0, stream, sessionSlug);
+    if (!sessionResult.ok) return sessionResult;
+    const sessionEntries = sessionResult.value;
+    if (sessionEntries.length === 0) {
+      return (0, import_types.Ok)({ promoted: 0, skipped: 0 });
+    }
+    const toPromote = [];
+    let skipped = 0;
+    for (const entry of sessionEntries) {
+      if (isGeneralizable(entry)) {
+        toPromote.push(entry);
+      } else {
+        skipped++;
+      }
+    }
+    if (toPromote.length === 0) {
+      return (0, import_types.Ok)({ promoted: 0, skipped });
+    }
+    const dirResult = await getStateDir(projectPath, stream);
+    if (!dirResult.ok) return dirResult;
+    const stateDir = dirResult.value;
+    const globalPath = path6.join(stateDir, LEARNINGS_FILE);
+    const existingGlobal = fs9.existsSync(globalPath) ? fs9.readFileSync(globalPath, "utf-8") : "";
+    const newEntries = toPromote.filter((entry) => !existingGlobal.includes(entry.trim()));
+    if (newEntries.length === 0) {
+      return (0, import_types.Ok)({ promoted: 0, skipped: skipped + toPromote.length });
+    }
+    const promotedContent = newEntries.join("\n\n") + "\n";
+    if (!existingGlobal) {
+      fs9.writeFileSync(globalPath, `# Learnings
+
+${promotedContent}`);
+    } else {
+      fs9.appendFileSync(globalPath, "\n\n" + promotedContent);
+    }
+    learningsCacheMap.delete(globalPath);
+    return (0, import_types.Ok)({
+      promoted: newEntries.length,
+      skipped: skipped + (toPromote.length - newEntries.length)
+    });
+  } catch (error) {
+    return (0, import_types.Err)(
+      new Error(
+        `Failed to promote session learnings: ${error instanceof Error ? error.message : String(error)}`
+      )
+    );
+  }
+}
+async function countLearningEntries(projectPath, stream) {
+  const loadResult = await loadRelevantLearnings(projectPath, void 0, stream);
+  if (!loadResult.ok) return 0;
+  return loadResult.value.length;
+}
 
 // src/state/failures.ts
 var fs10 = __toESM(require("fs"));
@@ -7913,6 +8224,151 @@ async function archiveSession(projectPath, sessionSlug) {
   }
 }
 
+// src/state/events.ts
+var fs16 = __toESM(require("fs"));
+var path13 = __toESM(require("path"));
+var import_zod6 = require("zod");
+var SkillEventSchema = import_zod6.z.object({
+  timestamp: import_zod6.z.string(),
+  skill: import_zod6.z.string(),
+  session: import_zod6.z.string().optional(),
+  type: import_zod6.z.enum(["phase_transition", "decision", "gate_result", "handoff", "error", "checkpoint"]),
+  summary: import_zod6.z.string(),
+  data: import_zod6.z.record(import_zod6.z.unknown()).optional(),
+  refs: import_zod6.z.array(import_zod6.z.string()).optional(),
+  contentHash: import_zod6.z.string().optional()
+});
+function computeEventHash(event, session) {
+  const identity = `${event.skill}|${event.type}|${event.summary}|${session ?? ""}`;
+  return computeContentHash(identity);
+}
+var knownHashesCache = /* @__PURE__ */ new Map();
+function loadKnownHashes(eventsPath) {
+  const cached = knownHashesCache.get(eventsPath);
+  if (cached) return cached;
+  const hashes = /* @__PURE__ */ new Set();
+  if (fs16.existsSync(eventsPath)) {
+    const content = fs16.readFileSync(eventsPath, "utf-8");
+    const lines = content.split("\n").filter((line) => line.trim() !== "");
+    for (const line of lines) {
+      try {
+        const existing = JSON.parse(line);
+        if (existing.contentHash) {
+          hashes.add(existing.contentHash);
+        }
+      } catch {
+      }
+    }
+  }
+  knownHashesCache.set(eventsPath, hashes);
+  return hashes;
+}
+function clearEventHashCache() {
+  knownHashesCache.clear();
+}
+async function emitEvent(projectPath, event, options) {
+  try {
+    const dirResult = await getStateDir(projectPath, options?.stream, options?.session);
+    if (!dirResult.ok) return dirResult;
+    const stateDir = dirResult.value;
+    const eventsPath = path13.join(stateDir, EVENTS_FILE);
+    fs16.mkdirSync(stateDir, { recursive: true });
+    const contentHash = computeEventHash(event, options?.session);
+    const knownHashes = loadKnownHashes(eventsPath);
+    if (knownHashes.has(contentHash)) {
+      return (0, import_types.Ok)({ written: false, reason: "duplicate" });
+    }
+    const fullEvent = {
+      ...event,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      contentHash
+    };
+    if (options?.session) {
+      fullEvent.session = options.session;
+    }
+    fs16.appendFileSync(eventsPath, JSON.stringify(fullEvent) + "\n");
+    knownHashes.add(contentHash);
+    return (0, import_types.Ok)({ written: true });
+  } catch (error) {
+    return (0, import_types.Err)(
+      new Error(`Failed to emit event: ${error instanceof Error ? error.message : String(error)}`)
+    );
+  }
+}
+async function loadEvents(projectPath, options) {
+  try {
+    const dirResult = await getStateDir(projectPath, options?.stream, options?.session);
+    if (!dirResult.ok) return dirResult;
+    const stateDir = dirResult.value;
+    const eventsPath = path13.join(stateDir, EVENTS_FILE);
+    if (!fs16.existsSync(eventsPath)) {
+      return (0, import_types.Ok)([]);
+    }
+    const content = fs16.readFileSync(eventsPath, "utf-8");
+    const lines = content.split("\n").filter((line) => line.trim() !== "");
+    const events = [];
+    for (const line of lines) {
+      try {
+        const parsed = JSON.parse(line);
+        const result = SkillEventSchema.safeParse(parsed);
+        if (result.success) {
+          events.push(result.data);
+        }
+      } catch {
+      }
+    }
+    return (0, import_types.Ok)(events);
+  } catch (error) {
+    return (0, import_types.Err)(
+      new Error(`Failed to load events: ${error instanceof Error ? error.message : String(error)}`)
+    );
+  }
+}
+function formatPhaseTransition(event) {
+  const data = event.data;
+  const suffix = data?.taskCount ? ` (${data.taskCount} tasks)` : "";
+  return `phase: ${data?.from ?? "?"} -> ${data?.to ?? "?"}${suffix}`;
+}
+function formatGateResult(event) {
+  const data = event.data;
+  const status = data?.passed ? "passed" : "failed";
+  const checks = data?.checks?.map((c) => `${c.name} ${c.passed ? "Y" : "N"}`).join(", ");
+  return checks ? `gate: ${status} (${checks})` : `gate: ${status}`;
+}
+function formatHandoffDetail(event) {
+  const data = event.data;
+  const direction = data?.toSkill ? ` -> ${data.toSkill}` : "";
+  return `handoff: ${event.summary}${direction}`;
+}
+var EVENT_FORMATTERS = {
+  phase_transition: formatPhaseTransition,
+  gate_result: formatGateResult,
+  decision: (event) => `decision: ${event.summary}`,
+  handoff: formatHandoffDetail,
+  error: (event) => `error: ${event.summary}`,
+  checkpoint: (event) => `checkpoint: ${event.summary}`
+};
+function formatEventTimeline(events, limit = 20) {
+  if (events.length === 0) return "";
+  const recent = events.slice(-limit);
+  return recent.map((event) => {
+    const time = formatTime(event.timestamp);
+    const formatter = EVENT_FORMATTERS[event.type];
+    const detail = formatter ? formatter(event) : event.summary;
+    return `- ${time} [${event.skill}] ${detail}`;
+  }).join("\n");
+}
+function formatTime(timestamp) {
+  try {
+    const date = new Date(timestamp);
+    const hours = String(date.getHours()).padStart(2, "0");
+    const minutes = String(date.getMinutes()).padStart(2, "0");
+    return `${hours}:${minutes}`;
+  } catch {
+    return "??:??";
+  }
+}
+
 // src/workflow/runner.ts
 async function executeWorkflow(workflow, executor) {
   const stepResults = [];
@@ -8062,7 +8518,8 @@ async function runMultiTurnPipeline(initialContext, turnExecutor, options) {
 }
 
 // src/security/scanner.ts
-var fs17 = __toESM(require("fs/promises"));
+var fs18 = __toESM(require("fs/promises"));
+var import_minimatch5 = require("minimatch");
 
 // src/security/rules/registry.ts
 var RuleRegistry = class {
@@ -8093,7 +8550,7 @@ var RuleRegistry = class {
 };
 
 // src/security/config.ts
-var import_zod6 = require("zod");
+var import_zod7 = require("zod");
 
 // src/security/types.ts
 var DEFAULT_SECURITY_CONFIG = {
@@ -8104,19 +8561,19 @@ var DEFAULT_SECURITY_CONFIG = {
 };
 
 // src/security/config.ts
-var RuleOverrideSchema = import_zod6.z.enum(["off", "error", "warning", "info"]);
-var SecurityConfigSchema = import_zod6.z.object({
-  enabled: import_zod6.z.boolean().default(true),
-  strict: import_zod6.z.boolean().default(false),
-  rules: import_zod6.z.record(import_zod6.z.string(), RuleOverrideSchema).optional().default({}),
-  exclude: import_zod6.z.array(import_zod6.z.string()).optional().default(["**/node_modules/**", "**/dist/**", "**/*.test.ts", "**/fixtures/**"]),
-  external: import_zod6.z.object({
-    semgrep: import_zod6.z.object({
-      enabled: import_zod6.z.union([import_zod6.z.literal("auto"), import_zod6.z.boolean()]).default("auto"),
-      rulesets: import_zod6.z.array(import_zod6.z.string()).optional()
+var RuleOverrideSchema = import_zod7.z.enum(["off", "error", "warning", "info"]);
+var SecurityConfigSchema = import_zod7.z.object({
+  enabled: import_zod7.z.boolean().default(true),
+  strict: import_zod7.z.boolean().default(false),
+  rules: import_zod7.z.record(import_zod7.z.string(), RuleOverrideSchema).optional().default({}),
+  exclude: import_zod7.z.array(import_zod7.z.string()).optional().default(["**/node_modules/**", "**/dist/**", "**/*.test.ts", "**/fixtures/**"]),
+  external: import_zod7.z.object({
+    semgrep: import_zod7.z.object({
+      enabled: import_zod7.z.union([import_zod7.z.literal("auto"), import_zod7.z.boolean()]).default("auto"),
+      rulesets: import_zod7.z.array(import_zod7.z.string()).optional()
     }).optional(),
-    gitleaks: import_zod6.z.object({
-      enabled: import_zod6.z.union([import_zod6.z.literal("auto"), import_zod6.z.boolean()]).default("auto")
+    gitleaks: import_zod7.z.object({
+      enabled: import_zod7.z.union([import_zod7.z.literal("auto"), import_zod7.z.boolean()]).default("auto")
     }).optional()
   }).optional()
 });
@@ -8149,15 +8606,15 @@ function resolveRuleSeverity(ruleId, defaultSeverity, overrides, strict) {
 }
 
 // src/security/stack-detector.ts
-var fs16 = __toESM(require("fs"));
-var path13 = __toESM(require("path"));
+var fs17 = __toESM(require("fs"));
+var path14 = __toESM(require("path"));
 function detectStack(projectRoot) {
   const stacks = [];
-  const pkgJsonPath = path13.join(projectRoot, "package.json");
-  if (fs16.existsSync(pkgJsonPath)) {
+  const pkgJsonPath = path14.join(projectRoot, "package.json");
+  if (fs17.existsSync(pkgJsonPath)) {
     stacks.push("node");
     try {
-      const pkgJson = JSON.parse(fs16.readFileSync(pkgJsonPath, "utf-8"));
+      const pkgJson = JSON.parse(fs17.readFileSync(pkgJsonPath, "utf-8"));
       const allDeps = {
         ...pkgJson.dependencies,
         ...pkgJson.devDependencies
@@ -8172,13 +8629,13 @@ function detectStack(projectRoot) {
     } catch {
     }
   }
-  const goModPath = path13.join(projectRoot, "go.mod");
-  if (fs16.existsSync(goModPath)) {
+  const goModPath = path14.join(projectRoot, "go.mod");
+  if (fs17.existsSync(goModPath)) {
     stacks.push("go");
   }
-  const requirementsPath = path13.join(projectRoot, "requirements.txt");
-  const pyprojectPath = path13.join(projectRoot, "pyproject.toml");
-  if (fs16.existsSync(requirementsPath) || fs16.existsSync(pyprojectPath)) {
+  const requirementsPath = path14.join(projectRoot, "requirements.txt");
+  const pyprojectPath = path14.join(projectRoot, "pyproject.toml");
+  if (fs17.existsSync(requirementsPath) || fs17.existsSync(pyprojectPath)) {
     stacks.push("python");
   }
   return stacks;
@@ -8242,6 +8699,72 @@ var secretRules = [
     message: "Hardcoded JWT token detected",
     remediation: "Tokens should be fetched at runtime, not embedded in source",
     references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-006",
+    name: "Anthropic API Key",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/sk-ant-api\d{2}-[A-Za-z0-9_-]{20,}/],
+    message: "Hardcoded Anthropic API key detected",
+    remediation: "Use environment variables: process.env.ANTHROPIC_API_KEY",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-007",
+    name: "OpenAI API Key",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/sk-proj-[A-Za-z0-9_-]{20,}/],
+    message: "Hardcoded OpenAI API key detected",
+    remediation: "Use environment variables: process.env.OPENAI_API_KEY",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-008",
+    name: "Google API Key",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/AIza[A-Za-z0-9_-]{35}/],
+    message: "Hardcoded Google API key detected",
+    remediation: "Use environment variables or a secrets manager for Google API keys",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-009",
+    name: "GitHub Personal Access Token",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/gh[pous]_[A-Za-z0-9_]{36,}/],
+    message: "Hardcoded GitHub personal access token detected",
+    remediation: "Use environment variables: process.env.GITHUB_TOKEN",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-010",
+    name: "Stripe Live Key",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/\b[spr]k_live_[A-Za-z0-9]{24,}/],
+    message: "Hardcoded Stripe live key detected",
+    remediation: "Use environment variables for Stripe keys; never commit live keys",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-SEC-011",
+    name: "Database Connection String with Credentials",
+    category: "secrets",
+    severity: "error",
+    confidence: "high",
+    patterns: [/(?:postgres|mysql|mongodb|redis|amqp|mssql)(?:\+\w+)?:\/\/[^/\s:]+:[^@/\s]+@/i],
+    message: "Database connection string with embedded credentials detected",
+    remediation: "Use environment variables for connection strings; separate credentials from URIs",
+    references: ["CWE-798"]
   }
 ];
 
@@ -8428,6 +8951,360 @@ var deserializationRules = [
   }
 ];
 
+// src/security/rules/agent-config.ts
+var agentConfigRules = [
+  {
+    id: "SEC-AGT-001",
+    name: "Hidden Unicode Characters",
+    category: "agent-config",
+    severity: "error",
+    confidence: "high",
+    patterns: [/\u200B|\u200C|\u200D|\uFEFF|\u2060/],
+    fileGlob: "**/CLAUDE.md,**/AGENTS.md,**/*.yaml",
+    message: "Hidden zero-width Unicode characters detected in agent configuration",
+    remediation: "Remove invisible Unicode characters; they may hide malicious instructions",
+    references: ["CWE-116"]
+  },
+  {
+    id: "SEC-AGT-002",
+    name: "URL Execution Directives",
+    category: "agent-config",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [/\b(?:curl|wget)\s+\S+/i, /\bfetch\s*\(/i],
+    fileGlob: "**/CLAUDE.md,**/AGENTS.md",
+    message: "URL execution directive found in agent configuration",
+    remediation: "Avoid instructing agents to download and execute remote content",
+    references: ["CWE-94"]
+  },
+  {
+    id: "SEC-AGT-003",
+    name: "Wildcard Tool Permissions",
+    category: "agent-config",
+    severity: "warning",
+    confidence: "high",
+    patterns: [/(?:Bash|Write|Edit)\s*\(\s*\*\s*\)/],
+    fileGlob: "**/.claude/**,**/settings*.json",
+    message: "Wildcard tool permissions grant unrestricted access",
+    remediation: "Scope tool permissions to specific patterns instead of wildcards",
+    references: ["CWE-250"]
+  },
+  {
+    id: "SEC-AGT-004",
+    name: "Auto-approve Patterns",
+    category: "agent-config",
+    severity: "warning",
+    confidence: "high",
+    patterns: [/\bautoApprove\b/i, /\bauto_approve\b/i],
+    fileGlob: "**/.claude/**,**/.mcp.json",
+    message: "Auto-approve configuration bypasses human review of tool calls",
+    remediation: "Review auto-approved tools carefully; prefer explicit approval for destructive operations",
+    references: ["CWE-862"]
+  },
+  {
+    id: "SEC-AGT-005",
+    name: "Prompt Injection Surface",
+    category: "agent-config",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [/\$\{[^}]*\}/, /\{\{[^}]*\}\}/],
+    fileGlob: "**/skill.yaml",
+    message: "Template interpolation syntax in skill YAML may enable prompt injection",
+    remediation: "Avoid dynamic interpolation in skill descriptions; use static text",
+    references: ["CWE-94"]
+  },
+  {
+    id: "SEC-AGT-006",
+    name: "Permission Bypass Flags",
+    category: "agent-config",
+    severity: "error",
+    confidence: "high",
+    patterns: [/--dangerously-skip-permissions/, /--no-verify/],
+    fileGlob: "**/CLAUDE.md,**/AGENTS.md,**/.claude/**",
+    message: "Permission bypass flag detected in agent configuration",
+    remediation: "Remove flags that bypass safety checks; they undermine enforcement",
+    references: ["CWE-863"]
+  },
+  {
+    id: "SEC-AGT-007",
+    name: "Hook Injection Surface",
+    category: "agent-config",
+    severity: "error",
+    confidence: "low",
+    patterns: [/\$\(/, /`[^`]+`/, /\s&&\s/, /\s\|\|\s/],
+    fileGlob: "**/settings*.json,**/hooks.json",
+    message: "Shell metacharacters in hook commands may enable command injection",
+    remediation: "Use simple, single-command hooks without shell operators; chain logic inside the script",
+    references: ["CWE-78"]
+  }
+];
+
+// src/security/rules/mcp.ts
+var mcpRules = [
+  {
+    id: "SEC-MCP-001",
+    name: "Hardcoded MCP Secrets",
+    category: "mcp",
+    severity: "error",
+    confidence: "medium",
+    patterns: [/(?:API_KEY|SECRET|TOKEN|PASSWORD|CREDENTIAL)\s*["']?\s*:\s*["'][^"']{8,}["']/i],
+    fileGlob: "**/.mcp.json",
+    message: "Hardcoded secret detected in MCP server configuration",
+    remediation: "Use environment variable references instead of inline secrets in .mcp.json",
+    references: ["CWE-798"]
+  },
+  {
+    id: "SEC-MCP-002",
+    name: "Shell Injection in MCP Args",
+    category: "mcp",
+    severity: "error",
+    confidence: "medium",
+    patterns: [/\$\(/, /`[^`]+`/],
+    fileGlob: "**/.mcp.json",
+    message: "Shell metacharacters detected in MCP server arguments",
+    remediation: "Use literal argument values; avoid shell interpolation in MCP args",
+    references: ["CWE-78"]
+  },
+  {
+    id: "SEC-MCP-003",
+    name: "Network Exposure",
+    category: "mcp",
+    severity: "warning",
+    confidence: "high",
+    patterns: [/0\.0\.0\.0/, /["']\*["']\s*:\s*\d/, /host["']?\s*:\s*["']\*["']/i],
+    fileGlob: "**/.mcp.json",
+    message: "MCP server binding to all network interfaces (0.0.0.0 or wildcard *)",
+    remediation: "Bind to 127.0.0.1 or localhost to restrict access to local machine",
+    references: ["CWE-668"]
+  },
+  {
+    id: "SEC-MCP-004",
+    name: "Typosquatting Vector",
+    category: "mcp",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [/\bnpx\s+(?:-y|--yes)\b/],
+    fileGlob: "**/.mcp.json",
+    message: "npx -y auto-installs packages without confirmation, enabling typosquatting",
+    remediation: "Pin exact package versions or install packages explicitly before use",
+    references: ["CWE-427"]
+  },
+  {
+    id: "SEC-MCP-005",
+    name: "Unencrypted Transport",
+    category: "mcp",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [/http:\/\/(?!localhost\b|127\.0\.0\.1\b)/],
+    fileGlob: "**/.mcp.json",
+    message: "Unencrypted HTTP transport detected for MCP server connection",
+    remediation: "Use https:// for all non-localhost MCP server connections",
+    references: ["CWE-319"]
+  }
+];
+
+// src/security/rules/insecure-defaults.ts
+var insecureDefaultsRules = [
+  {
+    id: "SEC-DEF-001",
+    name: "Security-Sensitive Fallback to Hardcoded Default",
+    category: "insecure-defaults",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [
+      /(?:SECRET|KEY|TOKEN|PASSWORD|SALT|PEPPER|SIGNING|ENCRYPTION|AUTH|JWT|SESSION).*(?:\|\||\?\?)\s*['"][^'"]+['"]/i
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "Security-sensitive variable falls back to a hardcoded default when env var is missing",
+    remediation: "Throw an error if the env var is missing instead of falling back to a default. Use a startup validation check.",
+    references: ["CWE-1188"]
+  },
+  {
+    id: "SEC-DEF-002",
+    name: "TLS/SSL Disabled by Default",
+    category: "insecure-defaults",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [
+      /(?:tls|ssl|https|secure)\s*(?:=|:)\s*(?:false|config\??\.\w+\s*(?:\?\?|&&|\|\|)\s*false)/i
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs,go,py}",
+    message: "Security feature defaults to disabled; missing configuration degrades to insecure mode",
+    remediation: "Default security features to enabled (true). Require explicit opt-out, not opt-in.",
+    references: ["CWE-1188"]
+  },
+  {
+    id: "SEC-DEF-003",
+    name: "Swallowed Authentication/Authorization Error",
+    category: "insecure-defaults",
+    severity: "warning",
+    confidence: "low",
+    patterns: [
+      // Matches single-line empty catch: catch(e) { } or catch(e) { // ignore }
+      // Note: multi-line catch blocks are handled by AI review, not this rule
+      /catch\s*\([^)]*\)\s*\{\s*(?:\/\/\s*(?:ignore|skip|noop|todo)\b.*)?\s*\}/
+    ],
+    fileGlob: "**/*auth*.{ts,js,mjs,cjs},**/*session*.{ts,js,mjs,cjs},**/*token*.{ts,js,mjs,cjs}",
+    message: "Single-line empty catch block in authentication/authorization code may silently allow unauthorized access. Note: multi-line empty catch blocks are detected by AI review, not this mechanical rule.",
+    remediation: "Re-throw the error or return an explicit denial. Never silently swallow auth errors.",
+    references: ["CWE-754", "CWE-390"]
+  },
+  {
+    id: "SEC-DEF-004",
+    name: "Permissive CORS Fallback",
+    category: "insecure-defaults",
+    severity: "warning",
+    confidence: "medium",
+    patterns: [
+      /(?:origin|cors)\s*(?:=|:)\s*(?:config|options|env)\??\.\w+\s*(?:\?\?|\|\|)\s*['"]\*/
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "CORS origin falls back to wildcard (*) when configuration is missing",
+    remediation: "Default to a restrictive origin list. Require explicit configuration for permissive CORS.",
+    references: ["CWE-942"]
+  },
+  {
+    id: "SEC-DEF-005",
+    name: "Rate Limiting Disabled by Default",
+    category: "insecure-defaults",
+    severity: "info",
+    confidence: "low",
+    patterns: [
+      /(?:rateLimit|rateLimiting|throttle)\s*(?:=|:)\s*(?:config|options|env)\??\.\w+\s*(?:\?\?|\|\|)\s*(?:false|0|null|undefined)/i
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "Rate limiting defaults to disabled when configuration is missing",
+    remediation: "Default to a sensible rate limit. Require explicit opt-out for disabling.",
+    references: ["CWE-770"]
+  }
+];
+
+// src/security/rules/sharp-edges.ts
+var sharpEdgesRules = [
+  // --- Deprecated Crypto APIs ---
+  {
+    id: "SEC-EDGE-001",
+    name: "Deprecated createCipher API",
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [/crypto\.createCipher\s*\(/],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "crypto.createCipher is deprecated \u2014 uses weak key derivation (no IV)",
+    remediation: "Use crypto.createCipheriv with a random IV and proper key derivation (scrypt/pbkdf2)",
+    references: ["CWE-327"]
+  },
+  {
+    id: "SEC-EDGE-002",
+    name: "Deprecated createDecipher API",
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [/crypto\.createDecipher\s*\(/],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "crypto.createDecipher is deprecated \u2014 uses weak key derivation (no IV)",
+    remediation: "Use crypto.createDecipheriv with the same IV used for encryption",
+    references: ["CWE-327"]
+  },
+  {
+    id: "SEC-EDGE-003",
+    name: "ECB Mode Selection",
+    category: "sharp-edges",
+    severity: "warning",
+    confidence: "high",
+    patterns: [/-ecb['"]/],
+    fileGlob: "**/*.{ts,js,mjs,cjs,go,py}",
+    message: "ECB mode does not provide semantic security \u2014 identical plaintext blocks produce identical ciphertext",
+    remediation: "Use CBC, CTR, or GCM mode instead of ECB",
+    references: ["CWE-327"]
+  },
+  // --- Unsafe Deserialization ---
+  {
+    id: "SEC-EDGE-004",
+    name: "yaml.load Without Safe Loader",
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [
+      /yaml\.load\s*\(/
+      // Python: yaml.load() without SafeLoader
+    ],
+    fileGlob: "**/*.py",
+    message: "yaml.load() executes arbitrary Python objects \u2014 use yaml.safe_load() instead",
+    remediation: "Replace yaml.load() with yaml.safe_load() or yaml.load(data, Loader=SafeLoader). Note: this rule will flag yaml.load(data, Loader=SafeLoader) \u2014 suppress with # harness-ignore SEC-EDGE-004: safe usage with SafeLoader",
+    references: ["CWE-502"]
+  },
+  {
+    id: "SEC-EDGE-005",
+    name: "Pickle/Marshal Deserialization",
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [/pickle\.loads?\s*\(/, /marshal\.loads?\s*\(/],
+    fileGlob: "**/*.py",
+    message: "pickle/marshal deserialization executes arbitrary code \u2014 never use on untrusted data",
+    remediation: "Use JSON, MessagePack, or Protocol Buffers for untrusted data serialization",
+    references: ["CWE-502"]
+  },
+  // --- TOCTOU (Time-of-Check to Time-of-Use) ---
+  {
+    id: "SEC-EDGE-006",
+    name: "Check-Then-Act File Operation",
+    category: "sharp-edges",
+    severity: "warning",
+    confidence: "medium",
+    // Patterns use .{0,N} since scanner matches single lines only (no multiline mode)
+    patterns: [
+      /(?:existsSync|accessSync|statSync)\s*\([^)]+\).{0,50}(?:readFileSync|writeFileSync|unlinkSync|mkdirSync)\s*\(/
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "Check-then-act pattern on filesystem is vulnerable to TOCTOU race conditions",
+    remediation: "Use the operation directly and handle ENOENT/EEXIST errors instead of checking first",
+    references: ["CWE-367"]
+  },
+  {
+    id: "SEC-EDGE-007",
+    name: "Check-Then-Act File Operation (Async)",
+    category: "sharp-edges",
+    severity: "warning",
+    confidence: "medium",
+    // Uses .{0,N} since scanner matches single lines only (no multiline mode)
+    patterns: [/(?:access|stat)\s*\([^)]+\).{0,80}(?:readFile|writeFile|unlink|mkdir)\s*\(/],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: "Async check-then-act pattern on filesystem is vulnerable to TOCTOU race conditions",
+    remediation: "Use the operation directly with try/catch instead of checking existence first",
+    references: ["CWE-367"]
+  },
+  // --- Stringly-Typed Security ---
+  {
+    id: "SEC-EDGE-008",
+    name: 'JWT Algorithm "none"',
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [
+      /algorithm[s]?\s*[:=]\s*\[?\s*['"]none['"]/i,
+      /alg(?:orithm)?\s*[:=]\s*['"]none['"]/i
+    ],
+    fileGlob: "**/*.{ts,js,mjs,cjs}",
+    message: 'JWT "none" algorithm disables signature verification entirely',
+    remediation: 'Specify an explicit algorithm (e.g., "HS256", "RS256") and set algorithms allowlist in verify options',
+    references: ["CWE-345"]
+  },
+  {
+    id: "SEC-EDGE-009",
+    name: "DES/RC4 Algorithm Selection",
+    category: "sharp-edges",
+    severity: "error",
+    confidence: "high",
+    patterns: [/['"]\s*(?:des|des-ede|des-ede3|des3|rc4|rc2|blowfish)\s*['"]/i],
+    fileGlob: "**/*.{ts,js,mjs,cjs,go,py}",
+    message: "Weak/deprecated cipher algorithm selected \u2014 DES, RC4, RC2, and Blowfish are broken or deprecated",
+    remediation: "Use AES-256-GCM or ChaCha20-Poly1305",
+    references: ["CWE-327"]
+  }
+];
+
 // src/security/rules/stack/node.ts
 var nodeRules = [
   {
@@ -8541,6 +9418,14 @@ var goRules = [
 ];
 
 // src/security/scanner.ts
+function parseHarnessIgnore(line, ruleId) {
+  if (!line.includes("harness-ignore")) return null;
+  if (!line.includes(ruleId)) return null;
+  const match = line.match(/(?:\/\/|#)\s*harness-ignore\s+(SEC-[A-Z]+-\d+)(?::\s*(.+))?/);
+  if (match?.[1] !== ruleId) return null;
+  const text = match[2]?.trim();
+  return { ruleId, justification: text || null };
+}
 var SecurityScanner = class {
   registry;
   config;
@@ -8555,7 +9440,11 @@ var SecurityScanner = class {
       ...cryptoRules,
       ...pathTraversalRules,
       ...networkRules,
-      ...deserializationRules
+      ...deserializationRules,
+      ...agentConfigRules,
+      ...mcpRules,
+      ...insecureDefaultsRules,
+      ...sharpEdgesRules
     ]);
     this.registry.registerAll([...nodeRules, ...expressRules, ...reactRules, ...goRules]);
     this.activeRules = this.registry.getAll();
@@ -8564,11 +9453,40 @@ var SecurityScanner = class {
     const stacks = detectStack(projectRoot);
     this.activeRules = this.registry.getForStacks(stacks.length > 0 ? stacks : []);
   }
+  /**
+   * Scan raw content against all active rules. Note: this method does NOT apply
+   * fileGlob filtering — every active rule is evaluated regardless of filePath.
+   * If you are scanning a specific file and want fileGlob-based rule filtering,
+   * use {@link scanFile} instead.
+   */
   scanContent(content, filePath, startLine = 1) {
     if (!this.config.enabled) return [];
-    const findings = [];
     const lines = content.split("\n");
-    for (const rule of this.activeRules) {
+    return this.scanLinesWithRules(lines, this.activeRules, filePath, startLine);
+  }
+  async scanFile(filePath) {
+    if (!this.config.enabled) return [];
+    const content = await fs18.readFile(filePath, "utf-8");
+    return this.scanContentForFile(content, filePath, 1);
+  }
+  scanContentForFile(content, filePath, startLine = 1) {
+    if (!this.config.enabled) return [];
+    const lines = content.split("\n");
+    const applicableRules = this.activeRules.filter((rule) => {
+      if (!rule.fileGlob) return true;
+      const globs = rule.fileGlob.split(",").map((g) => g.trim());
+      return globs.some((glob2) => (0, import_minimatch5.minimatch)(filePath, glob2, { dot: true }));
+    });
+    return this.scanLinesWithRules(lines, applicableRules, filePath, startLine);
+  }
+  /**
+   * Core scanning loop shared by scanContent and scanContentForFile.
+   * Evaluates each rule against each line, handling suppression (FP gate)
+   * and pattern matching uniformly.
+   */
+  scanLinesWithRules(lines, rules, filePath, startLine) {
+    const findings = [];
+    for (const rule of rules) {
       const resolved = resolveRuleSeverity(
         rule.id,
         rule.severity,
@@ -8578,7 +9496,25 @@ var SecurityScanner = class {
       if (resolved === "off") continue;
       for (let i = 0; i < lines.length; i++) {
         const line = lines[i] ?? "";
-        if (line.includes("harness-ignore") && line.includes(rule.id)) continue;
+        const suppressionMatch = parseHarnessIgnore(line, rule.id);
+        if (suppressionMatch) {
+          if (!suppressionMatch.justification) {
+            findings.push({
+              ruleId: rule.id,
+              ruleName: rule.name,
+              category: rule.category,
+              severity: this.config.strict ? "error" : "warning",
+              confidence: "high",
+              file: filePath,
+              line: startLine + i,
+              match: line.trim(),
+              context: line,
+              message: `Suppression of ${rule.id} requires justification: // harness-ignore ${rule.id}: <reason>`,
+              remediation: `Add justification after colon: // harness-ignore ${rule.id}: false positive because ...`
+            });
+          }
+          continue;
+        }
         for (const pattern of rule.patterns) {
           pattern.lastIndex = 0;
           if (pattern.test(line)) {
@@ -8603,11 +9539,6 @@ var SecurityScanner = class {
     }
     return findings;
   }
-  async scanFile(filePath) {
-    if (!this.config.enabled) return [];
-    const content = await fs17.readFile(filePath, "utf-8");
-    return this.scanContent(content, filePath, 1);
-  }
   async scanFiles(filePaths) {
     const allFindings = [];
     let scannedCount = 0;
@@ -8627,10 +9558,418 @@ var SecurityScanner = class {
       coverage: "baseline"
     };
   }
-};
+};
+
+// src/security/injection-patterns.ts
+var hiddenUnicodePatterns = [
+  {
+    ruleId: "INJ-UNI-001",
+    severity: "high",
+    category: "hidden-unicode",
+    description: "Zero-width characters that can hide malicious instructions",
+    // eslint-disable-next-line no-misleading-character-class -- intentional: regex detects zero-width chars for security scanning
+    pattern: /[\u200B\u200C\u200D\uFEFF\u2060]/
+  },
+  {
+    ruleId: "INJ-UNI-002",
+    severity: "high",
+    category: "hidden-unicode",
+    description: "RTL/LTR override characters that can disguise text direction",
+    pattern: /[\u202A-\u202E\u2066-\u2069]/
+  }
+];
+var reRolingPatterns = [
+  {
+    ruleId: "INJ-REROL-001",
+    severity: "high",
+    category: "explicit-re-roling",
+    description: "Instruction to ignore/disregard/forget previous instructions",
+    pattern: /(?:ignore|disregard|forget)\s+(?:all\s+)?(?:previous|prior|above|earlier)\s+(?:instructions?|prompts?|context|rules?|guidelines?)/i
+  },
+  {
+    ruleId: "INJ-REROL-002",
+    severity: "high",
+    category: "explicit-re-roling",
+    description: "Attempt to reassign the AI role",
+    pattern: /you\s+are\s+now\s+(?:a\s+|an\s+)?(?:new\s+)?(?:helpful\s+)?(?:my\s+)?(?:\w+\s+)?(?:assistant|agent|AI|bot|chatbot|system|persona)\b/i
+  },
+  {
+    ruleId: "INJ-REROL-003",
+    severity: "high",
+    category: "explicit-re-roling",
+    description: "Direct instruction override attempt",
+    pattern: /(?:new\s+)?(?:system\s+)?(?:instruction|directive|role|persona)\s*[:=]\s*/i
+  }
+];
+var permissionEscalationPatterns = [
+  {
+    ruleId: "INJ-PERM-001",
+    severity: "high",
+    category: "permission-escalation",
+    description: "Attempt to enable all tools or grant unrestricted access",
+    pattern: /(?:allow|enable|grant)\s+all\s+(?:tools?|permissions?|access)/i
+  },
+  {
+    ruleId: "INJ-PERM-002",
+    severity: "high",
+    category: "permission-escalation",
+    description: "Attempt to disable safety or security features",
+    pattern: /(?:disable|turn\s+off|remove|bypass)\s+(?:all\s+)?(?:safety|security|restrictions?|guardrails?|protections?|checks?)/i
+  },
+  {
+    ruleId: "INJ-PERM-003",
+    severity: "high",
+    category: "permission-escalation",
+    description: "Auto-approve directive that bypasses human review",
+    pattern: /(?:auto[- ]?approve|--no-verify|--dangerously-skip-permissions)/i
+  }
+];
+var encodedPayloadPatterns = [
+  {
+    ruleId: "INJ-ENC-001",
+    severity: "high",
+    category: "encoded-payloads",
+    description: "Base64-encoded string long enough to contain instructions (>=28 chars)",
+    // Match base64 strings of 28+ chars (7+ groups of 4).
+    // Excludes JWT tokens (eyJ prefix) and Bearer-prefixed tokens.
+    pattern: /(?<!Bearer\s)(?<![:])(?<![A-Za-z0-9/])(?!eyJ)(?:[A-Za-z0-9+/]{4}){7,}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?(?![A-Za-z0-9/])/
+  },
+  {
+    ruleId: "INJ-ENC-002",
+    severity: "high",
+    category: "encoded-payloads",
+    description: "Hex-encoded string long enough to contain directives (>=20 hex chars)",
+    // Excludes hash-prefixed hex (sha256:, sha512:, md5:, etc.) and hex preceded by 0x.
+    // Note: 40-char git SHA hashes (e.g. in `git log` output) may match — downstream
+    // callers should filter matches of exactly 40 hex chars if scanning git output.
+    pattern: /(?<![:x])(?<![A-Fa-f0-9])(?:[0-9a-fA-F]{2}){10,}(?![A-Fa-f0-9])/
+  }
+];
+var indirectInjectionPatterns = [
+  {
+    ruleId: "INJ-IND-001",
+    severity: "medium",
+    category: "indirect-injection",
+    description: "Instruction to influence future responses",
+    pattern: /(?:when\s+the\s+user\s+asks|if\s+(?:the\s+user|someone|anyone)\s+asks)\s*,?\s*(?:say|respond|reply|answer|tell)/i
+  },
+  {
+    ruleId: "INJ-IND-002",
+    severity: "medium",
+    category: "indirect-injection",
+    description: "Directive to include content in responses",
+    pattern: /(?:include|insert|add|embed|put)\s+(?:this|the\s+following)\s+(?:in|into|to)\s+(?:your|the)\s+(?:response|output|reply|answer)/i
+  },
+  {
+    ruleId: "INJ-IND-003",
+    severity: "medium",
+    category: "indirect-injection",
+    description: "Standing instruction to always respond a certain way",
+    pattern: /always\s+(?:respond|reply|answer|say|output)\s+(?:with|that|by)/i
+  }
+];
+var contextManipulationPatterns = [
+  {
+    ruleId: "INJ-CTX-001",
+    severity: "medium",
+    category: "context-manipulation",
+    description: "Claim about system prompt content",
+    pattern: /(?:the\s+)?(?:system\s+prompt|system\s+message|hidden\s+instructions?)\s+(?:says?|tells?|instructs?|contains?|is)/i
+  },
+  {
+    ruleId: "INJ-CTX-002",
+    severity: "medium",
+    category: "context-manipulation",
+    description: "Claim about AI instructions",
+    pattern: /your\s+(?:instructions?|directives?|guidelines?|rules?)\s+(?:are|say|tell|state)/i
+  },
+  {
+    ruleId: "INJ-CTX-003",
+    severity: "medium",
+    category: "context-manipulation",
+    description: "Fake XML/HTML system or instruction tags",
+    // Case-sensitive: only match lowercase tags to avoid false positives on
+    // React components like <User>, <Context>, <Role> etc.
+    pattern: /<\/?(?:system|instruction|prompt|role|context|tool_call|function_call|assistant|human|user)[^>]*>/
+  },
+  {
+    ruleId: "INJ-CTX-004",
+    severity: "medium",
+    category: "context-manipulation",
+    description: "Fake JSON role assignment mimicking chat format",
+    pattern: /[{,]\s*"role"\s*:\s*"(?:system|assistant|function)"/i
+  }
+];
+var socialEngineeringPatterns = [
+  {
+    ruleId: "INJ-SOC-001",
+    severity: "medium",
+    category: "social-engineering",
+    description: "Urgency pressure to bypass checks",
+    pattern: /(?:this\s+is\s+(?:very\s+)?urgent|this\s+is\s+(?:an?\s+)?emergency|do\s+(?:this|it)\s+(?:now|immediately))\b/i
+  },
+  {
+    ruleId: "INJ-SOC-002",
+    severity: "medium",
+    category: "social-engineering",
+    description: "False authority claim",
+    pattern: /(?:the\s+)?(?:admin|administrator|manager|CEO|CTO|owner|supervisor)\s+(?:authorized|approved|said|told|confirmed|requested)/i
+  },
+  {
+    ruleId: "INJ-SOC-003",
+    severity: "medium",
+    category: "social-engineering",
+    description: "Testing pretext to bypass safety",
+    pattern: /(?:for\s+testing\s+purposes?|this\s+is\s+(?:just\s+)?a\s+test|in\s+test\s+mode)\b/i
+  }
+];
+var suspiciousPatterns = [
+  {
+    ruleId: "INJ-SUS-001",
+    severity: "low",
+    category: "suspicious-patterns",
+    description: "Excessive consecutive whitespace (>10 chars) mid-line that may hide content",
+    // Only match whitespace runs not at the start of a line (indentation is normal)
+    pattern: /\S\s{11,}/
+  },
+  {
+    ruleId: "INJ-SUS-002",
+    severity: "low",
+    category: "suspicious-patterns",
+    description: "Repeated delimiters (>5) that may indicate obfuscation",
+    pattern: /([|;,=\-_~`])\1{5,}/
+  },
+  {
+    ruleId: "INJ-SUS-003",
+    severity: "low",
+    category: "suspicious-patterns",
+    description: "Mathematical alphanumeric symbols used as Latin character substitutes",
+    // Mathematical bold/italic/script Unicode ranges (U+1D400-U+1D7FF)
+    pattern: /[\uD835][\uDC00-\uDFFF]/
+  }
+];
+var ALL_PATTERNS = [
+  ...hiddenUnicodePatterns,
+  ...reRolingPatterns,
+  ...permissionEscalationPatterns,
+  ...encodedPayloadPatterns,
+  ...indirectInjectionPatterns,
+  ...contextManipulationPatterns,
+  ...socialEngineeringPatterns,
+  ...suspiciousPatterns
+];
+function scanForInjection(text) {
+  const findings = [];
+  const lines = text.split("\n");
+  for (let lineIdx = 0; lineIdx < lines.length; lineIdx++) {
+    const line = lines[lineIdx];
+    for (const rule of ALL_PATTERNS) {
+      if (rule.pattern.test(line)) {
+        findings.push({
+          severity: rule.severity,
+          ruleId: rule.ruleId,
+          match: line.trim(),
+          line: lineIdx + 1
+        });
+      }
+    }
+  }
+  const severityOrder = {
+    high: 0,
+    medium: 1,
+    low: 2
+  };
+  findings.sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
+  return findings;
+}
+function getInjectionPatterns() {
+  return ALL_PATTERNS;
+}
+var DESTRUCTIVE_BASH = [
+  /\bgit\s+push\b/,
+  /\bgit\s+commit\b/,
+  /\brm\s+-rf?\b/,
+  /\brm\s+-r\b/
+];
+
+// src/security/taint.ts
+var import_node_fs4 = require("fs");
+var import_node_path7 = require("path");
+var TAINT_DURATION_MS = 30 * 60 * 1e3;
+var DEFAULT_SESSION_ID = "default";
+function getTaintFilePath(projectRoot, sessionId) {
+  const id = sessionId || DEFAULT_SESSION_ID;
+  return (0, import_node_path7.join)(projectRoot, ".harness", `session-taint-${id}.json`);
+}
+function readTaint(projectRoot, sessionId) {
+  const filePath = getTaintFilePath(projectRoot, sessionId);
+  let content;
+  try {
+    content = (0, import_node_fs4.readFileSync)(filePath, "utf8");
+  } catch {
+    return null;
+  }
+  let state;
+  try {
+    state = JSON.parse(content);
+  } catch {
+    try {
+      (0, import_node_fs4.unlinkSync)(filePath);
+    } catch {
+    }
+    return null;
+  }
+  if (!state.sessionId || !state.taintedAt || !state.expiresAt || !state.findings) {
+    try {
+      (0, import_node_fs4.unlinkSync)(filePath);
+    } catch {
+    }
+    return null;
+  }
+  return state;
+}
+function checkTaint(projectRoot, sessionId) {
+  const state = readTaint(projectRoot, sessionId);
+  if (!state) {
+    return { tainted: false, expired: false, state: null };
+  }
+  const now = /* @__PURE__ */ new Date();
+  const expiresAt = new Date(state.expiresAt);
+  if (now >= expiresAt) {
+    const filePath = getTaintFilePath(projectRoot, sessionId);
+    try {
+      (0, import_node_fs4.unlinkSync)(filePath);
+    } catch {
+    }
+    return { tainted: false, expired: true, state };
+  }
+  return { tainted: true, expired: false, state };
+}
+function writeTaint(projectRoot, sessionId, reason, findings, source) {
+  const id = sessionId || DEFAULT_SESSION_ID;
+  const filePath = getTaintFilePath(projectRoot, id);
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const dir = (0, import_node_path7.dirname)(filePath);
+  (0, import_node_fs4.mkdirSync)(dir, { recursive: true });
+  const existing = readTaint(projectRoot, id);
+  const maxSeverity = findings.some((f) => f.severity === "high") ? "high" : "medium";
+  const taintFindings = findings.map((f) => ({
+    ruleId: f.ruleId,
+    severity: f.severity,
+    match: f.match,
+    source,
+    detectedAt: now
+  }));
+  const state = {
+    sessionId: id,
+    taintedAt: existing?.taintedAt || now,
+    expiresAt: new Date(Date.now() + TAINT_DURATION_MS).toISOString(),
+    reason,
+    severity: existing?.severity === "high" || maxSeverity === "high" ? "high" : "medium",
+    findings: [...existing?.findings || [], ...taintFindings]
+  };
+  (0, import_node_fs4.writeFileSync)(filePath, JSON.stringify(state, null, 2) + "\n");
+  return state;
+}
+function clearTaint(projectRoot, sessionId) {
+  if (sessionId) {
+    const filePath = getTaintFilePath(projectRoot, sessionId);
+    try {
+      (0, import_node_fs4.unlinkSync)(filePath);
+      return 1;
+    } catch {
+      return 0;
+    }
+  }
+  const harnessDir = (0, import_node_path7.join)(projectRoot, ".harness");
+  let count = 0;
+  try {
+    const files = (0, import_node_fs4.readdirSync)(harnessDir);
+    for (const file of files) {
+      if (file.startsWith("session-taint-") && file.endsWith(".json")) {
+        try {
+          (0, import_node_fs4.unlinkSync)((0, import_node_path7.join)(harnessDir, file));
+          count++;
+        } catch {
+        }
+      }
+    }
+  } catch {
+  }
+  return count;
+}
+function listTaintedSessions(projectRoot) {
+  const harnessDir = (0, import_node_path7.join)(projectRoot, ".harness");
+  const sessions = [];
+  try {
+    const files = (0, import_node_fs4.readdirSync)(harnessDir);
+    for (const file of files) {
+      if (file.startsWith("session-taint-") && file.endsWith(".json")) {
+        const sessionId = file.replace("session-taint-", "").replace(".json", "");
+        const result = checkTaint(projectRoot, sessionId);
+        if (result.tainted) {
+          sessions.push(sessionId);
+        }
+      }
+    }
+  } catch {
+  }
+  return sessions;
+}
+
+// src/security/scan-config-shared.ts
+function mapSecuritySeverity(severity) {
+  if (severity === "error") return "high";
+  if (severity === "warning") return "medium";
+  return "low";
+}
+function computeOverallSeverity(findings) {
+  if (findings.length === 0) return "clean";
+  if (findings.some((f) => f.severity === "high")) return "high";
+  if (findings.some((f) => f.severity === "medium")) return "medium";
+  return "low";
+}
+function computeScanExitCode(results) {
+  for (const r of results) {
+    if (r.overallSeverity === "high") return 2;
+  }
+  for (const r of results) {
+    if (r.overallSeverity === "medium") return 1;
+  }
+  return 0;
+}
+function mapInjectionFindings(injectionFindings) {
+  return injectionFindings.map((f) => ({
+    ruleId: f.ruleId,
+    severity: f.severity,
+    message: `Injection pattern detected: ${f.ruleId}`,
+    match: f.match,
+    ...f.line !== void 0 ? { line: f.line } : {}
+  }));
+}
+function isDuplicateFinding(existing, secFinding) {
+  return existing.some(
+    (e) => e.line === secFinding.line && e.match === secFinding.match.trim() && e.ruleId.split("-")[0] === secFinding.ruleId.split("-")[0]
+  );
+}
+function mapSecurityFindings(secFindings, existing) {
+  const result = [];
+  for (const f of secFindings) {
+    if (!isDuplicateFinding(existing, f)) {
+      result.push({
+        ruleId: f.ruleId,
+        severity: mapSecuritySeverity(f.severity),
+        message: f.message,
+        match: f.match,
+        ...f.line !== void 0 ? { line: f.line } : {}
+      });
+    }
+  }
+  return result;
+}
 
 // src/ci/check-orchestrator.ts
-var path14 = __toESM(require("path"));
+var path15 = __toESM(require("path"));
 var ALL_CHECKS = [
   "validate",
   "deps",
@@ -8643,7 +9982,7 @@ var ALL_CHECKS = [
 ];
 async function runValidateCheck(projectRoot, config) {
   const issues = [];
-  const agentsPath = path14.join(projectRoot, config.agentsMapPath ?? "AGENTS.md");
+  const agentsPath = path15.join(projectRoot, config.agentsMapPath ?? "AGENTS.md");
   const result = await validateAgentsMap(agentsPath);
   if (!result.ok) {
     issues.push({ severity: "error", message: result.error.message });
@@ -8700,7 +10039,7 @@ async function runDepsCheck(projectRoot, config) {
 }
 async function runDocsCheck(projectRoot, config) {
   const issues = [];
-  const docsDir = path14.join(projectRoot, config.docsDir ?? "docs");
+  const docsDir = path15.join(projectRoot, config.docsDir ?? "docs");
   const entropyConfig = config.entropy || {};
   const result = await checkDocCoverage("project", {
     docsDir,
@@ -8812,7 +10151,7 @@ async function runPerfCheck(projectRoot, config) {
     if (perfReport.complexity) {
       for (const v of perfReport.complexity.violations) {
         issues.push({
-          severity: v.severity === "info" ? "warning" : v.severity,
+          severity: "warning",
           message: `[Tier ${v.tier}] ${v.metric}: ${v.function} in ${v.file} (${v.value} > ${v.threshold})`,
           file: v.file,
           line: v.line
@@ -8978,7 +10317,7 @@ async function runCIChecks(input) {
 }
 
 // src/review/mechanical-checks.ts
-var path15 = __toESM(require("path"));
+var path16 = __toESM(require("path"));
 async function runMechanicalChecks(options) {
   const { projectRoot, config, skip = [], changedFiles } = options;
   const findings = [];
@@ -8990,7 +10329,7 @@ async function runMechanicalChecks(options) {
   };
   if (!skip.includes("validate")) {
     try {
-      const agentsPath = path15.join(projectRoot, config.agentsMapPath ?? "AGENTS.md");
+      const agentsPath = path16.join(projectRoot, config.agentsMapPath ?? "AGENTS.md");
       const result = await validateAgentsMap(agentsPath);
       if (!result.ok) {
         statuses.validate = "fail";
@@ -9027,7 +10366,7 @@ async function runMechanicalChecks(options) {
       statuses.validate = "fail";
       findings.push({
         tool: "validate",
-        file: path15.join(projectRoot, "AGENTS.md"),
+        file: path16.join(projectRoot, "AGENTS.md"),
         message: err instanceof Error ? err.message : String(err),
         severity: "error"
       });
@@ -9091,7 +10430,7 @@ async function runMechanicalChecks(options) {
       (async () => {
         const localFindings = [];
         try {
-          const docsDir = path15.join(projectRoot, config.docsDir ?? "docs");
+          const docsDir = path16.join(projectRoot, config.docsDir ?? "docs");
           const result = await checkDocCoverage("project", { docsDir });
           if (!result.ok) {
             statuses["check-docs"] = "warn";
@@ -9118,7 +10457,7 @@ async function runMechanicalChecks(options) {
           statuses["check-docs"] = "warn";
           localFindings.push({
             tool: "check-docs",
-            file: path15.join(projectRoot, "docs"),
+            file: path16.join(projectRoot, "docs"),
             message: err instanceof Error ? err.message : String(err),
             severity: "warning"
           });
@@ -9266,7 +10605,7 @@ function detectChangeType(commitMessage, diff2) {
 }
 
 // src/review/context-scoper.ts
-var path16 = __toESM(require("path"));
+var path17 = __toESM(require("path"));
 var ALL_DOMAINS = ["compliance", "bug", "security", "architecture"];
 var SECURITY_PATTERNS = /auth|crypto|password|secret|token|session|cookie|hash|encrypt|decrypt|sql|shell|exec|eval/i;
 function computeContextBudget(diffLines) {
@@ -9274,18 +10613,18 @@ function computeContextBudget(diffLines) {
   return diffLines;
 }
 function isWithinProject(absPath, projectRoot) {
-  const resolvedRoot = path16.resolve(projectRoot) + path16.sep;
-  const resolvedPath = path16.resolve(absPath);
-  return resolvedPath.startsWith(resolvedRoot) || resolvedPath === path16.resolve(projectRoot);
+  const resolvedRoot = path17.resolve(projectRoot) + path17.sep;
+  const resolvedPath = path17.resolve(absPath);
+  return resolvedPath.startsWith(resolvedRoot) || resolvedPath === path17.resolve(projectRoot);
 }
 async function readContextFile(projectRoot, filePath, reason) {
-  const absPath = path16.isAbsolute(filePath) ? filePath : path16.join(projectRoot, filePath);
+  const absPath = path17.isAbsolute(filePath) ? filePath : path17.join(projectRoot, filePath);
   if (!isWithinProject(absPath, projectRoot)) return null;
   const result = await readFileContent(absPath);
   if (!result.ok) return null;
   const content = result.value;
   const lines = content.split("\n").length;
-  const relPath = path16.isAbsolute(filePath) ? relativePosix(projectRoot, filePath) : filePath;
+  const relPath = path17.isAbsolute(filePath) ? relativePosix(projectRoot, filePath) : filePath;
   return { path: relPath, content, reason, lines };
 }
 function extractImportSources2(content) {
@@ -9300,18 +10639,18 @@ function extractImportSources2(content) {
 }
 async function resolveImportPath2(projectRoot, fromFile, importSource) {
   if (!importSource.startsWith(".")) return null;
-  const fromDir = path16.dirname(path16.join(projectRoot, fromFile));
-  const basePath = path16.resolve(fromDir, importSource);
+  const fromDir = path17.dirname(path17.join(projectRoot, fromFile));
+  const basePath = path17.resolve(fromDir, importSource);
   if (!isWithinProject(basePath, projectRoot)) return null;
   const relBase = relativePosix(projectRoot, basePath);
   const candidates = [
     relBase + ".ts",
     relBase + ".tsx",
     relBase + ".mts",
-    path16.join(relBase, "index.ts")
+    path17.join(relBase, "index.ts")
   ];
   for (const candidate of candidates) {
-    const absCandidate = path16.join(projectRoot, candidate);
+    const absCandidate = path17.join(projectRoot, candidate);
     if (await fileExists(absCandidate)) {
       return candidate;
     }
@@ -9319,7 +10658,7 @@ async function resolveImportPath2(projectRoot, fromFile, importSource) {
   return null;
 }
 async function findTestFiles(projectRoot, sourceFile) {
-  const baseName = path16.basename(sourceFile, path16.extname(sourceFile));
+  const baseName = path17.basename(sourceFile, path17.extname(sourceFile));
   const pattern = `**/${baseName}.{test,spec}.{ts,tsx,mts}`;
   const results = await findFiles(pattern, projectRoot);
   return results.map((f) => relativePosix(projectRoot, f));
@@ -10128,7 +11467,7 @@ async function fanOutReview(options) {
 }
 
 // src/review/validate-findings.ts
-var path17 = __toESM(require("path"));
+var path18 = __toESM(require("path"));
 var DOWNGRADE_MAP = {
   critical: "important",
   important: "suggestion",
@@ -10149,7 +11488,7 @@ function normalizePath(filePath, projectRoot) {
   let normalized = filePath;
   normalized = normalized.replace(/\\/g, "/");
   const normalizedRoot = projectRoot.replace(/\\/g, "/");
-  if (path17.isAbsolute(normalized)) {
+  if (path18.isAbsolute(normalized)) {
     const root = normalizedRoot.endsWith("/") ? normalizedRoot : normalizedRoot + "/";
     if (normalized.startsWith(root)) {
       normalized = normalized.slice(root.length);
@@ -10174,12 +11513,12 @@ function followImportChain(fromFile, fileContents, maxDepth = 2) {
     while ((match = importRegex.exec(content)) !== null) {
       const importPath = match[1];
       if (!importPath.startsWith(".")) continue;
-      const dir = path17.dirname(current.file);
-      let resolved = path17.join(dir, importPath).replace(/\\/g, "/");
+      const dir = path18.dirname(current.file);
+      let resolved = path18.join(dir, importPath).replace(/\\/g, "/");
       if (!resolved.match(/\.(ts|tsx|js|jsx)$/)) {
         resolved += ".ts";
       }
-      resolved = path17.normalize(resolved).replace(/\\/g, "/");
+      resolved = path18.normalize(resolved).replace(/\\/g, "/");
       if (!visited.has(resolved) && current.depth + 1 <= maxDepth) {
         queue.push({ file: resolved, depth: current.depth + 1 });
       }
@@ -10196,7 +11535,7 @@ async function validateFindings(options) {
     if (exclusionSet.isExcluded(normalizedFile, finding.lineRange) || exclusionSet.isExcluded(finding.file, finding.lineRange)) {
       continue;
     }
-    const absoluteFile = path17.isAbsolute(finding.file) ? finding.file : path17.join(projectRoot, finding.file).replace(/\\/g, "/");
+    const absoluteFile = path18.isAbsolute(finding.file) ? finding.file : path18.join(projectRoot, finding.file).replace(/\\/g, "/");
     if (exclusionSet.isExcluded(absoluteFile, finding.lineRange)) {
       continue;
     }
@@ -10824,7 +12163,7 @@ function parseRoadmap(markdown) {
   if (!fmMatch) {
     return (0, import_types19.Err)(new Error("Missing or malformed YAML frontmatter"));
   }
-  const fmResult = parseFrontmatter(fmMatch[1]);
+  const fmResult = parseFrontmatter2(fmMatch[1]);
   if (!fmResult.ok) return fmResult;
   const body = markdown.slice(fmMatch[0].length);
   const milestonesResult = parseMilestones(body);
@@ -10834,7 +12173,7 @@ function parseRoadmap(markdown) {
     milestones: milestonesResult.value
   });
 }
-function parseFrontmatter(raw) {
+function parseFrontmatter2(raw) {
   const lines = raw.split("\n");
   const map = /* @__PURE__ */ new Map();
   for (const line of lines) {
@@ -11000,8 +12339,8 @@ function serializeFeature(feature) {
 }
 
 // src/roadmap/sync.ts
-var fs18 = __toESM(require("fs"));
-var path18 = __toESM(require("path"));
+var fs19 = __toESM(require("fs"));
+var path19 = __toESM(require("path"));
 var import_types20 = require("@harness-engineering/types");
 function inferStatus(feature, projectPath, allFeatures) {
   if (feature.blockedBy.length > 0) {
@@ -11016,10 +12355,10 @@ function inferStatus(feature, projectPath, allFeatures) {
   const featuresWithPlans = allFeatures.filter((f) => f.plans.length > 0);
   const useRootState = featuresWithPlans.length <= 1;
   if (useRootState) {
-    const rootStatePath = path18.join(projectPath, ".harness", "state.json");
-    if (fs18.existsSync(rootStatePath)) {
+    const rootStatePath = path19.join(projectPath, ".harness", "state.json");
+    if (fs19.existsSync(rootStatePath)) {
       try {
-        const raw = fs18.readFileSync(rootStatePath, "utf-8");
+        const raw = fs19.readFileSync(rootStatePath, "utf-8");
         const state = JSON.parse(raw);
         if (state.progress) {
           for (const status of Object.values(state.progress)) {
@@ -11030,16 +12369,16 @@ function inferStatus(feature, projectPath, allFeatures) {
       }
     }
   }
-  const sessionsDir = path18.join(projectPath, ".harness", "sessions");
-  if (fs18.existsSync(sessionsDir)) {
+  const sessionsDir = path19.join(projectPath, ".harness", "sessions");
+  if (fs19.existsSync(sessionsDir)) {
     try {
-      const sessionDirs = fs18.readdirSync(sessionsDir, { withFileTypes: true });
+      const sessionDirs = fs19.readdirSync(sessionsDir, { withFileTypes: true });
       for (const entry of sessionDirs) {
         if (!entry.isDirectory()) continue;
-        const autopilotPath = path18.join(sessionsDir, entry.name, "autopilot-state.json");
-        if (!fs18.existsSync(autopilotPath)) continue;
+        const autopilotPath = path19.join(sessionsDir, entry.name, "autopilot-state.json");
+        if (!fs19.existsSync(autopilotPath)) continue;
         try {
-          const raw = fs18.readFileSync(autopilotPath, "utf-8");
+          const raw = fs19.readFileSync(autopilotPath, "utf-8");
           const autopilot = JSON.parse(raw);
           if (!autopilot.phases) continue;
           const linkedPhases = autopilot.phases.filter(
@@ -11069,17 +12408,26 @@ function inferStatus(feature, projectPath, allFeatures) {
   if (anyStarted) return "in-progress";
   return null;
 }
+var STATUS_RANK = {
+  backlog: 0,
+  planned: 1,
+  blocked: 1,
+  // lateral to planned — sync can move to/from blocked freely
+  "in-progress": 2,
+  done: 3
+};
+function isRegression(from, to) {
+  return STATUS_RANK[to] < STATUS_RANK[from];
+}
 function syncRoadmap(options) {
   const { projectPath, roadmap, forceSync } = options;
-  const isManuallyEdited = new Date(roadmap.frontmatter.lastManualEdit) > new Date(roadmap.frontmatter.lastSynced);
-  const skipOverride = isManuallyEdited && !forceSync;
   const allFeatures = roadmap.milestones.flatMap((m) => m.features);
   const changes = [];
   for (const feature of allFeatures) {
-    if (skipOverride) continue;
     const inferred = inferStatus(feature, projectPath, allFeatures);
     if (inferred === null) continue;
     if (inferred === feature.status) continue;
+    if (!forceSync && isRegression(feature.status, inferred)) continue;
     changes.push({
       feature: feature.name,
       from: feature.status,
@@ -11088,48 +12436,60 @@ function syncRoadmap(options) {
   }
   return (0, import_types20.Ok)(changes);
 }
+function applySyncChanges(roadmap, changes) {
+  for (const change of changes) {
+    for (const m of roadmap.milestones) {
+      const feature = m.features.find((f) => f.name.toLowerCase() === change.feature.toLowerCase());
+      if (feature) {
+        feature.status = change.to;
+        break;
+      }
+    }
+  }
+  roadmap.frontmatter.lastSynced = (/* @__PURE__ */ new Date()).toISOString();
+}
 
 // src/interaction/types.ts
-var import_zod7 = require("zod");
-var InteractionTypeSchema = import_zod7.z.enum(["question", "confirmation", "transition"]);
-var QuestionSchema = import_zod7.z.object({
-  text: import_zod7.z.string(),
-  options: import_zod7.z.array(import_zod7.z.string()).optional(),
-  default: import_zod7.z.string().optional()
+var import_zod8 = require("zod");
+var InteractionTypeSchema = import_zod8.z.enum(["question", "confirmation", "transition"]);
+var QuestionSchema = import_zod8.z.object({
+  text: import_zod8.z.string(),
+  options: import_zod8.z.array(import_zod8.z.string()).optional(),
+  default: import_zod8.z.string().optional()
 });
-var ConfirmationSchema = import_zod7.z.object({
-  text: import_zod7.z.string(),
-  context: import_zod7.z.string()
+var ConfirmationSchema = import_zod8.z.object({
+  text: import_zod8.z.string(),
+  context: import_zod8.z.string()
 });
-var TransitionSchema = import_zod7.z.object({
-  completedPhase: import_zod7.z.string(),
-  suggestedNext: import_zod7.z.string(),
-  reason: import_zod7.z.string(),
-  artifacts: import_zod7.z.array(import_zod7.z.string()),
-  requiresConfirmation: import_zod7.z.boolean(),
-  summary: import_zod7.z.string()
+var TransitionSchema = import_zod8.z.object({
+  completedPhase: import_zod8.z.string(),
+  suggestedNext: import_zod8.z.string(),
+  reason: import_zod8.z.string(),
+  artifacts: import_zod8.z.array(import_zod8.z.string()),
+  requiresConfirmation: import_zod8.z.boolean(),
+  summary: import_zod8.z.string()
 });
-var EmitInteractionInputSchema = import_zod7.z.object({
-  path: import_zod7.z.string(),
+var EmitInteractionInputSchema = import_zod8.z.object({
+  path: import_zod8.z.string(),
   type: InteractionTypeSchema,
-  stream: import_zod7.z.string().optional(),
+  stream: import_zod8.z.string().optional(),
   question: QuestionSchema.optional(),
   confirmation: ConfirmationSchema.optional(),
   transition: TransitionSchema.optional()
 });
 
 // src/blueprint/scanner.ts
-var fs19 = __toESM(require("fs/promises"));
-var path19 = __toESM(require("path"));
+var fs20 = __toESM(require("fs/promises"));
+var path20 = __toESM(require("path"));
 var ProjectScanner = class {
   constructor(rootDir) {
     this.rootDir = rootDir;
   }
   async scan() {
-    let projectName = path19.basename(this.rootDir);
+    let projectName = path20.basename(this.rootDir);
     try {
-      const pkgPath = path19.join(this.rootDir, "package.json");
-      const pkgRaw = await fs19.readFile(pkgPath, "utf-8");
+      const pkgPath = path20.join(this.rootDir, "package.json");
+      const pkgRaw = await fs20.readFile(pkgPath, "utf-8");
       const pkg = JSON.parse(pkgRaw);
       if (pkg.name) projectName = pkg.name;
     } catch {
@@ -11170,8 +12530,8 @@ var ProjectScanner = class {
 };
 
 // src/blueprint/generator.ts
-var fs20 = __toESM(require("fs/promises"));
-var path20 = __toESM(require("path"));
+var fs21 = __toESM(require("fs/promises"));
+var path21 = __toESM(require("path"));
 var ejs = __toESM(require("ejs"));
 
 // src/blueprint/templates.ts
@@ -11255,19 +12615,19 @@ var BlueprintGenerator = class {
       styles: STYLES,
       scripts: SCRIPTS
     });
-    await fs20.mkdir(options.outputDir, { recursive: true });
-    await fs20.writeFile(path20.join(options.outputDir, "index.html"), html);
+    await fs21.mkdir(options.outputDir, { recursive: true });
+    await fs21.writeFile(path21.join(options.outputDir, "index.html"), html);
   }
 };
 
 // src/update-checker.ts
-var fs21 = __toESM(require("fs"));
-var path21 = __toESM(require("path"));
+var fs22 = __toESM(require("fs"));
+var path22 = __toESM(require("path"));
 var os = __toESM(require("os"));
 var import_child_process3 = require("child_process");
 function getStatePath() {
   const home = process.env["HOME"] || os.homedir();
-  return path21.join(home, ".harness", "update-check.json");
+  return path22.join(home, ".harness", "update-check.json");
 }
 function isUpdateCheckEnabled(configInterval) {
   if (process.env["HARNESS_NO_UPDATE_CHECK"] === "1") return false;
@@ -11280,7 +12640,7 @@ function shouldRunCheck(state, intervalMs) {
 }
 function readCheckState() {
   try {
-    const raw = fs21.readFileSync(getStatePath(), "utf-8");
+    const raw = fs22.readFileSync(getStatePath(), "utf-8");
     const parsed = JSON.parse(raw);
     if (typeof parsed === "object" && parsed !== null && "lastCheckTime" in parsed && typeof parsed.lastCheckTime === "number" && "currentVersion" in parsed && typeof parsed.currentVersion === "string") {
       const state = parsed;
@@ -11297,7 +12657,7 @@ function readCheckState() {
 }
 function spawnBackgroundCheck(currentVersion) {
   const statePath = getStatePath();
-  const stateDir = path21.dirname(statePath);
+  const stateDir = path22.dirname(statePath);
   const script = `
 const { execSync } = require('child_process');
 const fs = require('fs');
@@ -11350,8 +12710,894 @@ function getUpdateNotification(currentVersion) {
 Run "harness update" to upgrade.`;
 }
 
+// src/code-nav/types.ts
+var EXTENSION_MAP = {
+  ".ts": "typescript",
+  ".tsx": "typescript",
+  ".mts": "typescript",
+  ".cts": "typescript",
+  ".js": "javascript",
+  ".jsx": "javascript",
+  ".mjs": "javascript",
+  ".cjs": "javascript",
+  ".py": "python"
+};
+function detectLanguage(filePath) {
+  const ext = filePath.slice(filePath.lastIndexOf("."));
+  return EXTENSION_MAP[ext] ?? null;
+}
+
+// src/code-nav/parser.ts
+var import_web_tree_sitter = __toESM(require("web-tree-sitter"));
+var import_meta = {};
+var parserCache = /* @__PURE__ */ new Map();
+var initialized = false;
+var GRAMMAR_MAP = {
+  typescript: "tree-sitter-typescript",
+  javascript: "tree-sitter-javascript",
+  python: "tree-sitter-python"
+};
+async function ensureInit() {
+  if (!initialized) {
+    await import_web_tree_sitter.default.init();
+    initialized = true;
+  }
+}
+async function resolveWasmPath(grammarName) {
+  const { createRequire } = await import("module");
+  const require2 = createRequire(import_meta.url ?? __filename);
+  const pkgPath = require2.resolve("tree-sitter-wasms/package.json");
+  const path26 = await import("path");
+  const pkgDir = path26.dirname(pkgPath);
+  return path26.join(pkgDir, "out", `${grammarName}.wasm`);
+}
+async function loadLanguage(lang) {
+  const grammarName = GRAMMAR_MAP[lang];
+  const wasmPath = await resolveWasmPath(grammarName);
+  return import_web_tree_sitter.default.Language.load(wasmPath);
+}
+async function getParser(lang) {
+  const cached = parserCache.get(lang);
+  if (cached) return cached;
+  await ensureInit();
+  const parser = new import_web_tree_sitter.default();
+  const language = await loadLanguage(lang);
+  parser.setLanguage(language);
+  parserCache.set(lang, parser);
+  return parser;
+}
+async function parseFile(filePath) {
+  const lang = detectLanguage(filePath);
+  if (!lang) {
+    return (0, import_types.Err)({
+      code: "UNSUPPORTED_LANGUAGE",
+      message: `Unsupported file extension: ${filePath}`
+    });
+  }
+  const contentResult = await readFileContent(filePath);
+  if (!contentResult.ok) {
+    return (0, import_types.Err)({
+      code: "FILE_NOT_FOUND",
+      message: `Cannot read file: ${filePath}`
+    });
+  }
+  try {
+    const parser = await getParser(lang);
+    const tree = parser.parse(contentResult.value);
+    return (0, import_types.Ok)({ tree, language: lang, source: contentResult.value, filePath });
+  } catch (e) {
+    return (0, import_types.Err)({
+      code: "PARSE_FAILED",
+      message: `Tree-sitter parse failed for ${filePath}: ${e.message}`
+    });
+  }
+}
+function resetParserCache() {
+  parserCache.clear();
+  initialized = false;
+}
+
+// src/code-nav/outline.ts
+var TOP_LEVEL_TYPES = {
+  typescript: {
+    function_declaration: "function",
+    class_declaration: "class",
+    interface_declaration: "interface",
+    type_alias_declaration: "type",
+    lexical_declaration: "variable",
+    variable_declaration: "variable",
+    export_statement: "export",
+    import_statement: "import",
+    enum_declaration: "type"
+  },
+  javascript: {
+    function_declaration: "function",
+    class_declaration: "class",
+    lexical_declaration: "variable",
+    variable_declaration: "variable",
+    export_statement: "export",
+    import_statement: "import"
+  },
+  python: {
+    function_definition: "function",
+    class_definition: "class",
+    assignment: "variable",
+    import_statement: "import",
+    import_from_statement: "import"
+  }
+};
+var METHOD_TYPES = {
+  typescript: ["method_definition", "public_field_definition"],
+  javascript: ["method_definition"],
+  python: ["function_definition"]
+};
+var IDENTIFIER_TYPES = /* @__PURE__ */ new Set(["identifier", "property_identifier", "type_identifier"]);
+function findIdentifier(node) {
+  return node.childForFieldName("name") ?? node.children.find((c) => IDENTIFIER_TYPES.has(c.type)) ?? null;
+}
+function getVariableDeclarationName(node) {
+  const declarator = node.children.find((c) => c.type === "variable_declarator");
+  if (!declarator) return null;
+  const id = findIdentifier(declarator);
+  return id?.text ?? null;
+}
+function getExportName(node, source) {
+  const decl = node.children.find(
+    (c) => c.type !== "export" && c.type !== "default" && c.type !== "comment"
+  );
+  return decl ? getNodeName(decl, source) : "<anonymous>";
+}
+function getAssignmentName(node) {
+  const left = node.childForFieldName("left") ?? node.children[0];
+  return left?.text ?? "<anonymous>";
+}
+function getNodeName(node, source) {
+  const id = findIdentifier(node);
+  if (id) return id.text;
+  const isVarDecl = node.type === "lexical_declaration" || node.type === "variable_declaration";
+  if (isVarDecl) return getVariableDeclarationName(node) ?? "<anonymous>";
+  if (node.type === "export_statement") return getExportName(node, source);
+  if (node.type === "assignment") return getAssignmentName(node);
+  return "<anonymous>";
+}
+function getSignature(node, source) {
+  const startLine = node.startPosition.row;
+  const lines = source.split("\n");
+  return (lines[startLine] ?? "").trim();
+}
+function extractMethods(classNode, language, source, filePath) {
+  const methodTypes = METHOD_TYPES[language] ?? [];
+  const body = classNode.childForFieldName("body") ?? classNode.children.find((c) => c.type === "class_body" || c.type === "block");
+  if (!body) return [];
+  return body.children.filter((child) => methodTypes.includes(child.type)).map((child) => ({
+    name: getNodeName(child, source),
+    kind: "method",
+    file: filePath,
+    line: child.startPosition.row + 1,
+    endLine: child.endPosition.row + 1,
+    signature: getSignature(child, source)
+  }));
+}
+function nodeToSymbol(node, kind, source, filePath) {
+  return {
+    name: getNodeName(node, source),
+    kind,
+    file: filePath,
+    line: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    signature: getSignature(node, source)
+  };
+}
+function processExportStatement(child, topLevelTypes, lang, source, filePath) {
+  const declaration = child.children.find(
+    (c) => c.type !== "export" && c.type !== "default" && c.type !== ";" && c.type !== "comment"
+  );
+  const kind = declaration ? topLevelTypes[declaration.type] : void 0;
+  if (declaration && kind) {
+    const sym = nodeToSymbol(child, kind, source, filePath);
+    sym.name = getNodeName(declaration, source);
+    if (kind === "class") {
+      sym.children = extractMethods(declaration, lang, source, filePath);
+    }
+    return sym;
+  }
+  return nodeToSymbol(child, "export", source, filePath);
+}
+function extractSymbols(rootNode, lang, source, filePath) {
+  const symbols = [];
+  const topLevelTypes = TOP_LEVEL_TYPES[lang] ?? {};
+  for (const child of rootNode.children) {
+    if (child.type === "export_statement") {
+      symbols.push(processExportStatement(child, topLevelTypes, lang, source, filePath));
+      continue;
+    }
+    const kind = topLevelTypes[child.type];
+    if (!kind || kind === "import") continue;
+    const sym = nodeToSymbol(child, kind, source, filePath);
+    if (kind === "class") {
+      sym.children = extractMethods(child, lang, source, filePath);
+    }
+    symbols.push(sym);
+  }
+  return symbols;
+}
+function buildFailedResult(filePath, lang) {
+  return { file: filePath, language: lang, totalLines: 0, symbols: [], error: "[parse-failed]" };
+}
+async function getOutline(filePath) {
+  const lang = detectLanguage(filePath);
+  if (!lang) return buildFailedResult(filePath, "unknown");
+  const result = await parseFile(filePath);
+  if (!result.ok) return buildFailedResult(filePath, lang);
+  const { tree, source } = result.value;
+  const totalLines = source.split("\n").length;
+  const symbols = extractSymbols(tree.rootNode, lang, source, filePath);
+  return { file: filePath, language: lang, totalLines, symbols };
+}
+function formatOutline(outline) {
+  if (outline.error) {
+    return `${outline.file} ${outline.error}`;
+  }
+  const lines = [`${outline.file} (${outline.totalLines} lines)`];
+  const last = outline.symbols.length - 1;
+  outline.symbols.forEach((sym, i) => {
+    const prefix = i === last ? "\u2514\u2500\u2500" : "\u251C\u2500\u2500";
+    lines.push(`${prefix} ${sym.signature}    :${sym.line}`);
+    if (sym.children) {
+      const childLast = sym.children.length - 1;
+      sym.children.forEach((child, j) => {
+        const childConnector = i === last ? "    " : "\u2502   ";
+        const childPrefix = j === childLast ? "\u2514\u2500\u2500" : "\u251C\u2500\u2500";
+        lines.push(`${childConnector}${childPrefix} ${child.signature}    :${child.line}`);
+      });
+    }
+  });
+  return lines.join("\n");
+}
+
+// src/code-nav/search.ts
+function buildGlob(directory, fileGlob) {
+  const dir = directory.replaceAll("\\", "/");
+  if (fileGlob) {
+    return `${dir}/**/${fileGlob}`;
+  }
+  const exts = Object.keys(EXTENSION_MAP).map((e) => e.slice(1));
+  return `${dir}/**/*.{${exts.join(",")}}`;
+}
+function matchesQuery(name, query) {
+  return name.toLowerCase().includes(query.toLowerCase());
+}
+function flattenSymbols(symbols) {
+  const flat = [];
+  for (const sym of symbols) {
+    flat.push(sym);
+    if (sym.children) {
+      flat.push(...sym.children);
+    }
+  }
+  return flat;
+}
+async function searchSymbols(query, directory, fileGlob) {
+  const pattern = buildGlob(directory, fileGlob);
+  let files;
+  try {
+    files = await findFiles(pattern, directory);
+  } catch {
+    files = [];
+  }
+  const matches = [];
+  const skipped = [];
+  for (const file of files) {
+    const lang = detectLanguage(file);
+    if (!lang) {
+      skipped.push(file);
+      continue;
+    }
+    const outline = await getOutline(file);
+    if (outline.error) {
+      skipped.push(file);
+      continue;
+    }
+    const allSymbols = flattenSymbols(outline.symbols);
+    for (const sym of allSymbols) {
+      if (matchesQuery(sym.name, query)) {
+        matches.push({
+          symbol: sym,
+          context: sym.signature
+        });
+      }
+    }
+  }
+  return { query, matches, skipped };
+}
+
+// src/code-nav/unfold.ts
+function findSymbolInList(symbols, name) {
+  for (const sym of symbols) {
+    if (sym.name === name) return sym;
+    if (sym.children) {
+      const found = findSymbolInList(sym.children, name);
+      if (found) return found;
+    }
+  }
+  return null;
+}
+function extractLines(source, startLine, endLine) {
+  const lines = source.split("\n");
+  const start = Math.max(0, startLine - 1);
+  const end = Math.min(lines.length, endLine);
+  return lines.slice(start, end).join("\n");
+}
+function buildFallbackResult(filePath, symbolName, content, language) {
+  const totalLines = content ? content.split("\n").length : 0;
+  return {
+    file: filePath,
+    symbolName,
+    startLine: content ? 1 : 0,
+    endLine: totalLines,
+    content,
+    language,
+    fallback: true,
+    warning: "[fallback: raw content]"
+  };
+}
+async function readContentSafe(filePath) {
+  const result = await readFileContent(filePath);
+  return result.ok ? result.value : "";
+}
+async function unfoldSymbol(filePath, symbolName) {
+  const lang = detectLanguage(filePath);
+  if (!lang) {
+    const content2 = await readContentSafe(filePath);
+    return buildFallbackResult(filePath, symbolName, content2, "unknown");
+  }
+  const outline = await getOutline(filePath);
+  if (outline.error) {
+    const content2 = await readContentSafe(filePath);
+    return buildFallbackResult(filePath, symbolName, content2, lang);
+  }
+  const symbol = findSymbolInList(outline.symbols, symbolName);
+  if (!symbol) {
+    const content2 = await readContentSafe(filePath);
+    return buildFallbackResult(filePath, symbolName, content2, lang);
+  }
+  const parseResult = await parseFile(filePath);
+  if (!parseResult.ok) {
+    const content2 = await readContentSafe(filePath);
+    return {
+      ...buildFallbackResult(
+        filePath,
+        symbolName,
+        extractLines(content2, symbol.line, symbol.endLine),
+        lang
+      ),
+      startLine: symbol.line,
+      endLine: symbol.endLine
+    };
+  }
+  const content = extractLines(parseResult.value.source, symbol.line, symbol.endLine);
+  return {
+    file: filePath,
+    symbolName,
+    startLine: symbol.line,
+    endLine: symbol.endLine,
+    content,
+    language: lang,
+    fallback: false
+  };
+}
+async function unfoldRange(filePath, startLine, endLine) {
+  const lang = detectLanguage(filePath) ?? "unknown";
+  const contentResult = await readFileContent(filePath);
+  if (!contentResult.ok) {
+    return {
+      file: filePath,
+      startLine: 0,
+      endLine: 0,
+      content: "",
+      language: lang,
+      fallback: true,
+      warning: "[fallback: raw content]"
+    };
+  }
+  const totalLines = contentResult.value.split("\n").length;
+  const clampedEnd = Math.min(endLine, totalLines);
+  const content = extractLines(contentResult.value, startLine, clampedEnd);
+  return {
+    file: filePath,
+    startLine,
+    endLine: clampedEnd,
+    content,
+    language: lang,
+    fallback: false
+  };
+}
+
+// src/pricing/pricing.ts
+var TOKENS_PER_MILLION = 1e6;
+function parseLiteLLMData(raw) {
+  const dataset = /* @__PURE__ */ new Map();
+  for (const [modelName, entry] of Object.entries(raw)) {
+    if (modelName === "sample_spec") continue;
+    if (entry.mode && entry.mode !== "chat") continue;
+    const inputCost = entry.input_cost_per_token;
+    const outputCost = entry.output_cost_per_token;
+    if (inputCost == null || outputCost == null) continue;
+    const pricing = {
+      inputPer1M: inputCost * TOKENS_PER_MILLION,
+      outputPer1M: outputCost * TOKENS_PER_MILLION
+    };
+    if (entry.cache_read_input_token_cost != null) {
+      pricing.cacheReadPer1M = entry.cache_read_input_token_cost * TOKENS_PER_MILLION;
+    }
+    if (entry.cache_creation_input_token_cost != null) {
+      pricing.cacheWritePer1M = entry.cache_creation_input_token_cost * TOKENS_PER_MILLION;
+    }
+    dataset.set(modelName, pricing);
+  }
+  return dataset;
+}
+function getModelPrice(model, dataset) {
+  if (!model) {
+    console.warn("[harness pricing] No model specified \u2014 cannot look up pricing.");
+    return null;
+  }
+  const pricing = dataset.get(model);
+  if (!pricing) {
+    console.warn(
+      `[harness pricing] No pricing data for model "${model}". Consider updating pricing data.`
+    );
+    return null;
+  }
+  return pricing;
+}
+
+// src/pricing/cache.ts
+var fs23 = __toESM(require("fs/promises"));
+var path23 = __toESM(require("path"));
+
+// src/pricing/fallback.json
+var fallback_default = {
+  _generatedAt: "2026-03-31",
+  _source: "https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json",
+  models: {
+    "claude-opus-4-20250514": {
+      inputPer1M: 15,
+      outputPer1M: 75,
+      cacheReadPer1M: 1.5,
+      cacheWritePer1M: 18.75
+    },
+    "claude-sonnet-4-20250514": {
+      inputPer1M: 3,
+      outputPer1M: 15,
+      cacheReadPer1M: 0.3,
+      cacheWritePer1M: 3.75
+    },
+    "claude-3-5-haiku-20241022": {
+      inputPer1M: 0.8,
+      outputPer1M: 4,
+      cacheReadPer1M: 0.08,
+      cacheWritePer1M: 1
+    },
+    "gpt-4o": {
+      inputPer1M: 2.5,
+      outputPer1M: 10,
+      cacheReadPer1M: 1.25
+    },
+    "gpt-4o-mini": {
+      inputPer1M: 0.15,
+      outputPer1M: 0.6,
+      cacheReadPer1M: 0.075
+    },
+    "gemini-2.0-flash": {
+      inputPer1M: 0.1,
+      outputPer1M: 0.4,
+      cacheReadPer1M: 0.025
+    },
+    "gemini-2.5-pro": {
+      inputPer1M: 1.25,
+      outputPer1M: 10,
+      cacheReadPer1M: 0.3125
+    }
+  }
+};
+
+// src/pricing/cache.ts
+var LITELLM_PRICING_URL = "https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json";
+var CACHE_TTL_MS = 24 * 60 * 60 * 1e3;
+var STALENESS_WARNING_DAYS = 7;
+function getCachePath(projectRoot) {
+  return path23.join(projectRoot, ".harness", "cache", "pricing.json");
+}
+function getStalenessMarkerPath(projectRoot) {
+  return path23.join(projectRoot, ".harness", "cache", "staleness-marker.json");
+}
+async function readDiskCache(projectRoot) {
+  try {
+    const raw = await fs23.readFile(getCachePath(projectRoot), "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+async function writeDiskCache(projectRoot, data) {
+  const cachePath = getCachePath(projectRoot);
+  await fs23.mkdir(path23.dirname(cachePath), { recursive: true });
+  await fs23.writeFile(cachePath, JSON.stringify(data, null, 2));
+}
+async function fetchFromNetwork() {
+  try {
+    const response = await fetch(LITELLM_PRICING_URL);
+    if (!response.ok) return null;
+    const data = await response.json();
+    if (typeof data !== "object" || data === null || Array.isArray(data)) return null;
+    return {
+      fetchedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      data
+    };
+  } catch {
+    return null;
+  }
+}
+function loadFallbackDataset() {
+  const fb = fallback_default;
+  const dataset = /* @__PURE__ */ new Map();
+  for (const [model, pricing] of Object.entries(fb.models)) {
+    dataset.set(model, pricing);
+  }
+  return dataset;
+}
+async function checkAndWarnStaleness(projectRoot) {
+  const markerPath = getStalenessMarkerPath(projectRoot);
+  try {
+    const raw = await fs23.readFile(markerPath, "utf-8");
+    const marker = JSON.parse(raw);
+    const firstUse = new Date(marker.firstFallbackUse).getTime();
+    const now = Date.now();
+    const daysSinceFirstUse = (now - firstUse) / (24 * 60 * 60 * 1e3);
+    if (daysSinceFirstUse > STALENESS_WARNING_DAYS) {
+      console.warn(
+        `[harness pricing] Pricing data is stale \u2014 using bundled fallback for ${Math.floor(daysSinceFirstUse)} days. Connect to the internet to refresh pricing data.`
+      );
+    }
+  } catch {
+    try {
+      await fs23.mkdir(path23.dirname(markerPath), { recursive: true });
+      await fs23.writeFile(
+        markerPath,
+        JSON.stringify({ firstFallbackUse: (/* @__PURE__ */ new Date()).toISOString() })
+      );
+    } catch {
+    }
+  }
+}
+async function clearStalenessMarker(projectRoot) {
+  try {
+    await fs23.unlink(getStalenessMarkerPath(projectRoot));
+  } catch {
+  }
+}
+async function loadPricingData(projectRoot) {
+  const cache = await readDiskCache(projectRoot);
+  if (cache) {
+    const cacheAge = Date.now() - new Date(cache.fetchedAt).getTime();
+    if (cacheAge < CACHE_TTL_MS) {
+      await clearStalenessMarker(projectRoot);
+      return parseLiteLLMData(cache.data);
+    }
+  }
+  const fetched = await fetchFromNetwork();
+  if (fetched) {
+    await writeDiskCache(projectRoot, fetched);
+    await clearStalenessMarker(projectRoot);
+    return parseLiteLLMData(fetched.data);
+  }
+  if (cache) {
+    return parseLiteLLMData(cache.data);
+  }
+  await checkAndWarnStaleness(projectRoot);
+  return loadFallbackDataset();
+}
+
+// src/pricing/calculator.ts
+var MICRODOLLARS_PER_DOLLAR = 1e6;
+var TOKENS_PER_MILLION2 = 1e6;
+function calculateCost(record, dataset) {
+  if (!record.model) return null;
+  const pricing = getModelPrice(record.model, dataset);
+  if (!pricing) return null;
+  let costUSD = 0;
+  costUSD += record.tokens.inputTokens / TOKENS_PER_MILLION2 * pricing.inputPer1M;
+  costUSD += record.tokens.outputTokens / TOKENS_PER_MILLION2 * pricing.outputPer1M;
+  if (record.cacheReadTokens != null && pricing.cacheReadPer1M != null) {
+    costUSD += record.cacheReadTokens / TOKENS_PER_MILLION2 * pricing.cacheReadPer1M;
+  }
+  if (record.cacheCreationTokens != null && pricing.cacheWritePer1M != null) {
+    costUSD += record.cacheCreationTokens / TOKENS_PER_MILLION2 * pricing.cacheWritePer1M;
+  }
+  return Math.round(costUSD * MICRODOLLARS_PER_DOLLAR);
+}
+
+// src/usage/aggregator.ts
+function aggregateBySession(records) {
+  if (records.length === 0) return [];
+  const sessionMap = /* @__PURE__ */ new Map();
+  for (const record of records) {
+    const tagged = record;
+    const id = record.sessionId;
+    if (!sessionMap.has(id)) {
+      sessionMap.set(id, { harnessRecords: [], ccRecords: [], allRecords: [] });
+    }
+    const bucket = sessionMap.get(id);
+    if (tagged._source === "claude-code") {
+      bucket.ccRecords.push(tagged);
+    } else {
+      bucket.harnessRecords.push(tagged);
+    }
+    bucket.allRecords.push(tagged);
+  }
+  const results = [];
+  for (const [sessionId, bucket] of sessionMap) {
+    const hasHarness = bucket.harnessRecords.length > 0;
+    const hasCC = bucket.ccRecords.length > 0;
+    const isMerged = hasHarness && hasCC;
+    const tokenSource = hasHarness ? bucket.harnessRecords : bucket.ccRecords;
+    const tokens = { inputTokens: 0, outputTokens: 0, totalTokens: 0 };
+    let cacheCreation;
+    let cacheRead;
+    let costMicroUSD = 0;
+    let model;
+    for (const r of tokenSource) {
+      tokens.inputTokens += r.tokens.inputTokens;
+      tokens.outputTokens += r.tokens.outputTokens;
+      tokens.totalTokens += r.tokens.totalTokens;
+      if (r.cacheCreationTokens != null) {
+        cacheCreation = (cacheCreation ?? 0) + r.cacheCreationTokens;
+      }
+      if (r.cacheReadTokens != null) {
+        cacheRead = (cacheRead ?? 0) + r.cacheReadTokens;
+      }
+      if (r.costMicroUSD != null && costMicroUSD != null) {
+        costMicroUSD += r.costMicroUSD;
+      } else if (r.costMicroUSD == null) {
+        costMicroUSD = null;
+      }
+      if (!model && r.model) {
+        model = r.model;
+      }
+    }
+    if (!model && hasCC) {
+      for (const r of bucket.ccRecords) {
+        if (r.model) {
+          model = r.model;
+          break;
+        }
+      }
+    }
+    const timestamps = bucket.allRecords.map((r) => r.timestamp).sort();
+    const source = isMerged ? "merged" : hasCC ? "claude-code" : "harness";
+    const session = {
+      sessionId,
+      firstTimestamp: timestamps[0] ?? "",
+      lastTimestamp: timestamps[timestamps.length - 1] ?? "",
+      tokens,
+      costMicroUSD,
+      source
+    };
+    if (model) session.model = model;
+    if (cacheCreation != null) session.cacheCreationTokens = cacheCreation;
+    if (cacheRead != null) session.cacheReadTokens = cacheRead;
+    results.push(session);
+  }
+  results.sort((a, b) => b.firstTimestamp.localeCompare(a.firstTimestamp));
+  return results;
+}
+function aggregateByDay(records) {
+  if (records.length === 0) return [];
+  const dayMap = /* @__PURE__ */ new Map();
+  for (const record of records) {
+    const date = record.timestamp.slice(0, 10);
+    if (!dayMap.has(date)) {
+      dayMap.set(date, {
+        sessions: /* @__PURE__ */ new Set(),
+        tokens: { inputTokens: 0, outputTokens: 0, totalTokens: 0 },
+        costMicroUSD: 0,
+        models: /* @__PURE__ */ new Set()
+      });
+    }
+    const day = dayMap.get(date);
+    day.sessions.add(record.sessionId);
+    day.tokens.inputTokens += record.tokens.inputTokens;
+    day.tokens.outputTokens += record.tokens.outputTokens;
+    day.tokens.totalTokens += record.tokens.totalTokens;
+    if (record.cacheCreationTokens != null) {
+      day.cacheCreation = (day.cacheCreation ?? 0) + record.cacheCreationTokens;
+    }
+    if (record.cacheReadTokens != null) {
+      day.cacheRead = (day.cacheRead ?? 0) + record.cacheReadTokens;
+    }
+    if (record.costMicroUSD != null && day.costMicroUSD != null) {
+      day.costMicroUSD += record.costMicroUSD;
+    } else if (record.costMicroUSD == null) {
+      day.costMicroUSD = null;
+    }
+    if (record.model) {
+      day.models.add(record.model);
+    }
+  }
+  const results = [];
+  for (const [date, day] of dayMap) {
+    const entry = {
+      date,
+      sessionCount: day.sessions.size,
+      tokens: day.tokens,
+      costMicroUSD: day.costMicroUSD,
+      models: Array.from(day.models).sort()
+    };
+    if (day.cacheCreation != null) entry.cacheCreationTokens = day.cacheCreation;
+    if (day.cacheRead != null) entry.cacheReadTokens = day.cacheRead;
+    results.push(entry);
+  }
+  results.sort((a, b) => b.date.localeCompare(a.date));
+  return results;
+}
+
+// src/usage/jsonl-reader.ts
+var fs24 = __toESM(require("fs"));
+var path24 = __toESM(require("path"));
+function parseLine(line, lineNumber) {
+  let entry;
+  try {
+    entry = JSON.parse(line);
+  } catch {
+    console.warn(`[harness usage] Skipping malformed JSONL line ${lineNumber}`);
+    return null;
+  }
+  const tokenUsage = entry.token_usage;
+  if (!tokenUsage || typeof tokenUsage !== "object") {
+    console.warn(
+      `[harness usage] Skipping malformed JSONL line ${lineNumber}: missing token_usage`
+    );
+    return null;
+  }
+  const inputTokens = tokenUsage.input_tokens ?? 0;
+  const outputTokens = tokenUsage.output_tokens ?? 0;
+  const record = {
+    sessionId: entry.session_id ?? "unknown",
+    timestamp: entry.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
+    tokens: {
+      inputTokens,
+      outputTokens,
+      totalTokens: inputTokens + outputTokens
+    }
+  };
+  if (entry.cache_creation_tokens != null) {
+    record.cacheCreationTokens = entry.cache_creation_tokens;
+  }
+  if (entry.cache_read_tokens != null) {
+    record.cacheReadTokens = entry.cache_read_tokens;
+  }
+  if (entry.model != null) {
+    record.model = entry.model;
+  }
+  return record;
+}
+function readCostRecords(projectRoot) {
+  const costsFile = path24.join(projectRoot, ".harness", "metrics", "costs.jsonl");
+  let raw;
+  try {
+    raw = fs24.readFileSync(costsFile, "utf-8");
+  } catch {
+    return [];
+  }
+  const records = [];
+  const lines = raw.split("\n");
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i]?.trim();
+    if (!line) continue;
+    const record = parseLine(line, i + 1);
+    if (record) {
+      records.push(record);
+    }
+  }
+  return records;
+}
+
+// src/usage/cc-parser.ts
+var fs25 = __toESM(require("fs"));
+var path25 = __toESM(require("path"));
+var os2 = __toESM(require("os"));
+function extractUsage(entry) {
+  if (entry.type !== "assistant") return null;
+  const message = entry.message;
+  if (!message || typeof message !== "object") return null;
+  const usage = message.usage;
+  return usage && typeof usage === "object" && !Array.isArray(usage) ? usage : null;
+}
+function buildRecord(entry, usage) {
+  const inputTokens = Number(usage.input_tokens) || 0;
+  const outputTokens = Number(usage.output_tokens) || 0;
+  const message = entry.message;
+  const record = {
+    sessionId: entry.sessionId ?? "unknown",
+    timestamp: entry.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
+    tokens: { inputTokens, outputTokens, totalTokens: inputTokens + outputTokens },
+    _source: "claude-code"
+  };
+  const model = message.model;
+  if (model) record.model = model;
+  const cacheCreate = usage.cache_creation_input_tokens;
+  const cacheRead = usage.cache_read_input_tokens;
+  if (typeof cacheCreate === "number" && cacheCreate > 0) record.cacheCreationTokens = cacheCreate;
+  if (typeof cacheRead === "number" && cacheRead > 0) record.cacheReadTokens = cacheRead;
+  return record;
+}
+function parseCCLine(line, filePath, lineNumber) {
+  let entry;
+  try {
+    entry = JSON.parse(line);
+  } catch {
+    console.warn(
+      `[harness usage] Skipping malformed CC JSONL line ${lineNumber} in ${path25.basename(filePath)}`
+    );
+    return null;
+  }
+  const usage = extractUsage(entry);
+  if (!usage) return null;
+  return {
+    record: buildRecord(entry, usage),
+    requestId: entry.requestId ?? null
+  };
+}
+function readCCFile(filePath) {
+  let raw;
+  try {
+    raw = fs25.readFileSync(filePath, "utf-8");
+  } catch {
+    return [];
+  }
+  const byRequestId = /* @__PURE__ */ new Map();
+  const noRequestId = [];
+  const lines = raw.split("\n");
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i]?.trim();
+    if (!line) continue;
+    const parsed = parseCCLine(line, filePath, i + 1);
+    if (!parsed) continue;
+    if (parsed.requestId) {
+      byRequestId.set(parsed.requestId, parsed.record);
+    } else {
+      noRequestId.push(parsed.record);
+    }
+  }
+  return [...byRequestId.values(), ...noRequestId];
+}
+function parseCCRecords() {
+  const homeDir = process.env.HOME ?? os2.homedir();
+  const projectsDir = path25.join(homeDir, ".claude", "projects");
+  let projectDirs;
+  try {
+    projectDirs = fs25.readdirSync(projectsDir, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => path25.join(projectsDir, d.name));
+  } catch {
+    return [];
+  }
+  const records = [];
+  for (const dir of projectDirs) {
+    let files;
+    try {
+      files = fs25.readdirSync(dir).filter((f) => f.endsWith(".jsonl")).map((f) => path25.join(dir, f));
+    } catch {
+      continue;
+    }
+    for (const file of files) {
+      records.push(...readCCFile(file));
+    }
+  }
+  return records;
+}
+
 // src/index.ts
-var VERSION = "0.14.0";
+var VERSION = "0.15.0";
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AGENT_DESCRIPTORS,
@@ -11368,6 +13614,7 @@ var VERSION = "0.14.0";
   BlueprintGenerator,
   BundleConstraintsSchema,
   BundleSchema,
+  CACHE_TTL_MS,
   COMPLIANCE_DESCRIPTOR,
   CategoryBaselineSchema,
   CategoryRegressionSchema,
@@ -11385,7 +13632,9 @@ var VERSION = "0.14.0";
   DEFAULT_SECURITY_CONFIG,
   DEFAULT_STATE,
   DEFAULT_STREAM_INDEX,
+  DESTRUCTIVE_BASH,
   DepDepthCollector,
+  EXTENSION_MAP,
   EmitInteractionInputSchema,
   EntropyAnalyzer,
   EntropyConfigSchema,
@@ -11398,6 +13647,7 @@ var VERSION = "0.14.0";
   HandoffSchema,
   HarnessStateSchema,
   InteractionTypeSchema,
+  LITELLM_PRICING_URL,
   LayerViolationCollector,
   LockfilePackageSchema,
   LockfileSchema,
@@ -11414,12 +13664,14 @@ var VERSION = "0.14.0";
   RegressionDetector,
   RuleRegistry,
   SECURITY_DESCRIPTOR,
+  STALENESS_WARNING_DAYS,
   SecurityConfigSchema,
   SecurityScanner,
   SharableBoundaryConfigSchema,
   SharableForbiddenImportSchema,
   SharableLayerSchema,
   SharableSecurityRulesSchema,
+  SkillEventSchema,
   StreamIndexSchema,
   StreamInfoSchema,
   ThresholdConfigSchema,
@@ -11428,6 +13680,9 @@ var VERSION = "0.14.0";
   VERSION,
   ViolationSchema,
   addProvenance,
+  agentConfigRules,
+  aggregateByDay,
+  aggregateBySession,
   analyzeDiff,
   analyzeLearningPatterns,
   appendFailure,
@@ -11435,6 +13690,7 @@ var VERSION = "0.14.0";
   appendSessionEntry,
   applyFixes,
   applyHotspotDowngrade,
+  applySyncChanges,
   archMatchers,
   archModule,
   architecture,
@@ -11445,16 +13701,23 @@ var VERSION = "0.14.0";
   buildDependencyGraph,
   buildExclusionSet,
   buildSnapshot,
+  calculateCost,
   checkDocCoverage,
   checkEligibility,
   checkEvidenceCoverage,
+  checkTaint,
   classifyFinding,
+  clearEventHashCache,
   clearFailuresCache,
   clearLearningsCache,
+  clearTaint,
+  computeOverallSeverity,
+  computeScanExitCode,
   configureFeedback,
   constraintRuleId,
   contextBudget,
   contextFilter,
+  countLearningEntries,
   createBoundaryValidator,
   createCommentedCodeFixes,
   createError,
@@ -11478,66 +13741,95 @@ var VERSION = "0.14.0";
   detectCouplingViolations,
   detectDeadCode,
   detectDocDrift,
+  detectLanguage,
   detectPatternViolations,
   detectSizeBudgetViolations,
   detectStack,
   detectStaleConstraints,
   determineAssessment,
   diff,
+  emitEvent,
   executeWorkflow,
   expressRules,
   extractBundle,
+  extractIndexEntry,
   extractMarkdownLinks,
   extractSections,
   fanOutReview,
+  formatEventTimeline,
   formatFindingBlock,
   formatGitHubComment,
   formatGitHubSummary,
+  formatOutline,
   formatTerminalOutput,
   generateAgentsMap,
   generateSuggestions,
   getActionEmitter,
   getExitCode,
   getFeedbackConfig,
+  getInjectionPatterns,
+  getModelPrice,
+  getOutline,
+  getParser,
   getPhaseCategories,
   getStreamForBranch,
+  getTaintFilePath,
   getUpdateNotification,
   goRules,
   injectionRules,
+  insecureDefaultsRules,
+  isDuplicateFinding,
   isSmallSuggestion,
   isUpdateCheckEnabled,
   listActiveSessions,
   listStreams,
+  listTaintedSessions,
   loadBudgetedLearnings,
+  loadEvents,
   loadFailures,
   loadHandoff,
+  loadIndexEntries,
+  loadPricingData,
   loadRelevantLearnings,
   loadSessionSummary,
   loadState,
   loadStreamIndex,
   logAgentAction,
+  mapInjectionFindings,
+  mapSecurityFindings,
+  mapSecuritySeverity,
+  mcpRules,
   migrateToStreams,
   networkRules,
   nodeRules,
+  parseCCRecords,
   parseDateFromEntry,
   parseDiff,
+  parseFile,
+  parseFrontmatter,
+  parseHarnessIgnore,
+  parseLiteLLMData,
   parseManifest,
   parseRoadmap,
   parseSecurityConfig,
   parseSize,
   pathTraversalRules,
   previewFix,
+  promoteSessionLearnings,
   pruneLearnings,
   reactRules,
   readCheckState,
+  readCostRecords,
   readLockfile,
   readSessionSection,
   readSessionSections,
+  readTaint,
   removeContributions,
   removeProvenance,
   requestMultiplePeerReviews,
   requestPeerReview,
   resetFeedbackConfig,
+  resetParserCache,
   resolveFileToLayer,
   resolveModelTier,
   resolveRuleSeverity,
@@ -11558,10 +13850,13 @@ var VERSION = "0.14.0";
   saveHandoff,
   saveState,
   saveStreamIndex,
+  scanForInjection,
   scopeContext,
+  searchSymbols,
   secretRules,
   serializeRoadmap,
   setActiveStream,
+  sharpEdgesRules,
   shouldRunCheck,
   spawnBackgroundCheck,
   syncConstraintNodes,
@@ -11569,6 +13864,8 @@ var VERSION = "0.14.0";
   tagUncitedFindings,
   touchStream,
   trackAction,
+  unfoldRange,
+  unfoldSymbol,
   updateSessionEntryStatus,
   updateSessionIndex,
   validateAgentsMap,
@@ -11584,6 +13881,7 @@ var VERSION = "0.14.0";
   writeConfig,
   writeLockfile,
   writeSessionSummary,
+  writeTaint,
   xssRules,
   ...require("@harness-engineering/types")
 });