@hongmaple0820/scale-engine 0.48.0 → 0.49.0

package/dist/review/LlmJudge.js

@@ -0,0 +1,167 @@
+// SCALE Engine — LLM-as-Judge (P1.4)
+// Independent, advisory check of whether a diff actually satisfies the Spec's
+// declared outcome / verificationSurface. The verdict is written into the
+// review record as *advisory* evidence (decision K1): it never participates in
+// the pass/fail decision and never blocks ship.
+//
+// Like ReflexionEngine, the judge runs an env-gated LLM when SCALE_LOCAL_MODEL
+// is configured and otherwise falls back to a deterministic heuristic, so the
+// default developer + CI flow stays offline, free and reproducible.
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { logger } from '../core/logger.js';
+import { JsonLlmClient } from './JsonLlmClient.js';
+const DEFAULT_PROMPT = {
+    id: 'spec-conformance',
+    version: 'v1',
+    system: 'You are an independent code-review judge. Decide only whether the diff actually achieves the stated outcome and exercises every declared verification surface. ' +
+        'You are advisory: do not approve work that lacks evidence. Output strict JSON only.',
+    rubric: 'pass = every verification surface is plausibly addressed by the diff and no critical/high review finding contradicts the outcome. ' +
+        'fail = the diff clearly does not achieve the outcome or leaves a declared surface unaddressed. ' +
+        'uncertain = evidence is insufficient to decide.',
+    createdAt: 0,
+};
+/**
+ * Loads/persists the versioned judge prompt under `.scale/judges/<id>.json`
+ * (decision L1) so the rubric is auditable and can drift independently of code.
+ */
+export class JudgePromptStore {
+    constructor(scaleDir = process.env.SCALE_DIR ?? '.scale') {
+        this.dir = join(scaleDir, 'judges');
+    }
+    load(id = DEFAULT_PROMPT.id) {
+        const file = join(this.dir, `${id}.json`);
+        if (existsSync(file)) {
+            try {
+                return JSON.parse(readFileSync(file, 'utf-8'));
+            }
+            catch {
+                logger.warn({ file }, 'JudgePromptStore: corrupt prompt file, using bundled default');
+            }
+        }
+        else if (id === DEFAULT_PROMPT.id) {
+            this.write({ ...DEFAULT_PROMPT, createdAt: Date.now() });
+        }
+        return { ...DEFAULT_PROMPT, createdAt: DEFAULT_PROMPT.createdAt || Date.now() };
+    }
+    write(record) {
+        if (!existsSync(this.dir))
+            mkdirSync(this.dir, { recursive: true });
+        writeFileSync(join(this.dir, `${record.id}.json`), JSON.stringify(record, null, 2), 'utf-8');
+    }
+}
+export class LlmJudge {
+    constructor(client = new JsonLlmClient(), promptStore = new JudgePromptStore()) {
+        this.client = client;
+        this.promptStore = promptStore;
+    }
+    async judge(input) {
+        const prompt = this.promptStore.load();
+        const promptVersion = `${prompt.id}.${prompt.version}`;
+        if (!this.client.isEnabled()) {
+            return this.heuristicVerdict(input, promptVersion);
+        }
+        try {
+            const { data, modelUsed } = await this.client.completeJson({
+                system: `${prompt.system}\n\nRubric: ${prompt.rubric}`,
+                user: this.buildUserPrompt(input),
+            });
+            return {
+                decision: normalizeDecision(data.decision),
+                confidence: clampConfidence(data.confidence),
+                rationale: (data.rationale ?? '').slice(0, 1000) || 'No rationale provided.',
+                unmetSurfaces: Array.isArray(data.unmetSurfaces) ? data.unmetSurfaces.slice(0, 50) : [],
+                modelUsed,
+                promptVersion,
+                advisory: true,
+                createdAt: Date.now(),
+            };
+        }
+        catch (err) {
+            logger.warn({ err }, 'LlmJudge: LLM call failed, falling back to heuristic');
+            return this.heuristicVerdict(input, promptVersion);
+        }
+    }
+    buildUserPrompt(input) {
+        return [
+            `Outcome: ${input.outcome ?? '(not declared)'}`,
+            '',
+            'Verification surfaces (each must be addressed):',
+            ...(input.verificationSurface.length ? input.verificationSurface.map(s => `- ${s}`) : ['- (none declared)']),
+            '',
+            'Review findings:',
+            `critical=${input.reviewFindings.critical} high=${input.reviewFindings.high} medium=${input.reviewFindings.medium} low=${input.reviewFindings.low}`,
+            '',
+            'Diff summary:',
+            input.diffSummary.slice(0, 6000) || '(empty diff)',
+            '',
+            'Output JSON: { "decision": "pass|fail|uncertain", "confidence": 0.0-1.0, "rationale": "...", "unmetSurfaces": ["..."] }',
+        ].join('\n');
+    }
+    /**
+     * Deterministic fallback: a surface is "unmet" when none of its significant
+     * tokens appear in the diff summary; any unmet surface or any critical/high
+     * review finding turns the advisory verdict negative.
+     */
+    heuristicVerdict(input, promptVersion) {
+        const haystack = input.diffSummary.toLowerCase();
+        const unmetSurfaces = input.verificationSurface.filter(surface => !surfaceMentioned(surface, haystack));
+        const blockingFindings = input.reviewFindings.critical + input.reviewFindings.high;
+        let decision;
+        let confidence;
+        let rationale;
+        if (blockingFindings > 0) {
+            decision = 'fail';
+            confidence = 0.6;
+            rationale = `${blockingFindings} critical/high review finding(s) contradict a "done" claim.`;
+        }
+        else if (input.verificationSurface.length === 0) {
+            decision = 'uncertain';
+            confidence = 0.3;
+            rationale = 'No verification surface declared; cannot judge conformance from the diff alone.';
+        }
+        else if (unmetSurfaces.length > 0) {
+            decision = 'uncertain';
+            confidence = 0.4;
+            rationale = `${unmetSurfaces.length}/${input.verificationSurface.length} verification surface(s) have no matching evidence in the diff.`;
+        }
+        else {
+            decision = 'pass';
+            confidence = 0.5;
+            rationale = 'All declared verification surfaces appear in the diff and no critical/high findings were raised.';
+        }
+        return {
+            decision,
+            confidence,
+            rationale,
+            unmetSurfaces,
+            modelUsed: 'heuristic',
+            promptVersion,
+            advisory: true,
+            createdAt: Date.now(),
+        };
+    }
+}
+function surfaceMentioned(surface, haystackLower) {
+    const tokens = surface
+        .toLowerCase()
+        .split(/[^a-z0-9]+/i)
+        .filter(token => token.length >= 4);
+    if (tokens.length === 0)
+        return haystackLower.includes(surface.toLowerCase());
+    return tokens.some(token => haystackLower.includes(token));
+}
+function normalizeDecision(value) {
+    const normalized = (value ?? '').toLowerCase();
+    if (normalized === 'pass')
+        return 'pass';
+    if (normalized === 'fail')
+        return 'fail';
+    return 'uncertain';
+}
+function clampConfidence(value) {
+    if (typeof value !== 'number' || Number.isNaN(value))
+        return 0.5;
+    return Math.max(0, Math.min(1, value));
+}
+//# sourceMappingURL=LlmJudge.js.map

package/dist/review/LlmJudge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LlmJudge.js","sourceRoot":"","sources":["../../src/review/LlmJudge.ts"],"names":[],"mappings":"AAAA,qCAAqC;AACrC,8EAA8E;AAC9E,0EAA0E;AAC1E,+EAA+E;AAC/E,gDAAgD;AAChD,EAAE;AACF,+EAA+E;AAC/E,8EAA8E;AAC9E,oEAAoE;AAEpE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAC5E,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAqClD,MAAM,cAAc,GAAsB;IACxC,EAAE,EAAE,kBAAkB;IACtB,OAAO,EAAE,IAAI;IACb,MAAM,EACJ,iKAAiK;QACjK,qFAAqF;IACvF,MAAM,EACJ,oIAAoI;QACpI,iGAAiG;QACjG,iDAAiD;IACnD,SAAS,EAAE,CAAC;CACb,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,gBAAgB;IAG3B,YAAY,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,QAAQ;QACtD,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IACrC,CAAC;IAED,IAAI,CAAC,EAAE,GAAG,cAAc,CAAC,EAAE;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;QACzC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,IAAI,CAAC;gBACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAsB,CAAA;YACrE,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,8DAA8D,CAAC,CAAA;YACvF,CAAC;QACH,CAAC;aAAM,IAAI,EAAE,KAAK,cAAc,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,cAAc,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;QAC1D,CAAC;QACD,OAAO,EAAE,GAAG,cAAc,EAAE,SAAS,EAAE,cAAc,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAA;IACjF,CAAC;IAEO,KAAK,CAAC,MAAyB;QACrC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACnE,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;IAC9F,CAAC;CACF;AAED,MAAM,OAAO,QAAQ;IACnB,YACmB,SAAwB,IAAI,aAAa,EAAE,EAC3C,cAAgC,IAAI,gBAAgB,EAAE;QADtD,WAAM,GAAN,MAAM,CAAqC;QAC3C,gBAAW,GAAX,WAAW,CAA2C;IACtE,CAAC;IAEJ,KAAK,CAAC,KAAK,CAAC,KAAiB;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAA;QACtC,MAAM,aAAa,GAAG,GAAG,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAA;QAEtD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,aAAa,CAAC,CAAA;QACpD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAKvD;gBACD,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,eAAe,MAAM,CAAC,MAAM,EAAE;gBACtD,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC;aAClC,CAAC,CAAA;YACF,OAAO;gBACL,QAAQ,EAAE,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAC1C,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC;gBAC5C,SAAS,EAAE,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,wBAAwB;gBAC5E,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;gBACvF,SAAS;gBACT,aAAa;gBACb,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,sDAAsD,CAAC,CAAA;YAC5E,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,aAAa,CAAC,CAAA;QACpD,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,KAAiB;QACvC,OAAO;YACL,YAAY,KAAK,CAAC,OAAO,IAAI,gBAAgB,EAAE;YAC/C,EAAE;YACF,iDAAiD;YACjD,GAAG,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC;YAC5G,EAAE;YACF,kBAAkB;YAClB,YAAY,KAAK,CAAC,cAAc,CAAC,QAAQ,SAAS,KAAK,CAAC,cAAc,CAAC,IAAI,WAAW,KAAK,CAAC,cAAc,CAAC,MAAM,QAAQ,KAAK,CAAC,cAAc,CAAC,GAAG,EAAE;YACnJ,EAAE;YACF,eAAe;YACf,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,cAAc;YAClD,EAAE;YACF,yHAAyH;SAC1H,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACd,CAAC;IAED;;;;OAIG;IACK,gBAAgB,CAAC,KAAiB,EAAE,aAAqB;QAC/D,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,WAAW,EAAE,CAAA;QAChD,MAAM,aAAa,GAAG,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAA;QACvG,MAAM,gBAAgB,GAAG,KAAK,CAAC,cAAc,CAAC,QAAQ,GAAG,KAAK,CAAC,cAAc,CAAC,IAAI,CAAA;QAElF,IAAI,QAAuB,CAAA;QAC3B,IAAI,UAAkB,CAAA;QACtB,IAAI,SAAiB,CAAA;QACrB,IAAI,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACzB,QAAQ,GAAG,MAAM,CAAA;YACjB,UAAU,GAAG,GAAG,CAAA;YAChB,SAAS,GAAG,GAAG,gBAAgB,6DAA6D,CAAA;QAC9F,CAAC;aAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,QAAQ,GAAG,WAAW,CAAA;YACtB,UAAU,GAAG,GAAG,CAAA;YAChB,SAAS,GAAG,iFAAiF,CAAA;QAC/F,CAAC;aAAM,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,QAAQ,GAAG,WAAW,CAAA;YACtB,UAAU,GAAG,GAAG,CAAA;YAChB,SAAS,GAAG,GAAG,aAAa,CAAC,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,iEAAiE,CAAA;QAC1I,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,MAAM,CAAA;YACjB,UAAU,GAAG,GAAG,CAAA;YAChB,SAAS,GAAG,kGAAkG,CAAA;QAChH,CAAC;QAED,OAAO;YACL,QAAQ;YACR,UAAU;YACV,SAAS;YACT,aAAa;YACb,SAAS,EAAE,WAAW;YACtB,aAAa;YACb,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAA;IACH,CAAC;CACF;AAED,SAAS,gBAAgB,CAAC,OAAe,EAAE,aAAqB;IAC9D,MAAM,MAAM,GAAG,OAAO;SACnB,WAAW,EAAE;SACb,KAAK,CAAC,aAAa,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CAAA;IACrC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAA;IAC7E,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAyB;IAClD,MAAM,UAAU,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAA;IAC9C,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,MAAM,CAAA;IACxC,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,MAAM,CAAA;IACxC,OAAO,WAAW,CAAA;AACpB,CAAC;AAED,SAAS,eAAe,CAAC,KAAyB;IAChD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC;QAAE,OAAO,GAAG,CAAA;IAChE,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAA;AACxC,CAAC"}

package/dist/version.d.ts

@@ -1,3 +1,3 @@
-export declare const FALLBACK_SCALE_ENGINE_VERSION = "0.48.0";
+export declare const FALLBACK_SCALE_ENGINE_VERSION = "0.49.0";
 export declare function getScaleEngineVersion(): string;
 export declare const SCALE_ENGINE_VERSION: string;

package/dist/version.js

@@ -1,5 +1,5 @@
 import { readFileSync } from 'node:fs';
-export const FALLBACK_SCALE_ENGINE_VERSION = '0.48.0';
+export const FALLBACK_SCALE_ENGINE_VERSION = '0.49.0';
 export function getScaleEngineVersion() {
     try {
         const packageJson = JSON.parse(readFileSync(new URL('../package.json', import.meta.url), 'utf-8'));

package/dist/workflow/BoundaryEnforcement.d.ts

@@ -0,0 +1,60 @@
+import type { SpecBoundaries } from '../artifact/types.js';
+import { isEnforcedProfile } from './ProfileEnforcement.js';
+export type BoundaryViolationKind = 'forbidden-touched' | 'outside-allowed';
+export interface BoundaryViolation {
+    /** Repo-relative path of the offending changed file. */
+    file: string;
+    kind: BoundaryViolationKind;
+    /** For `forbidden-touched`: the forbidden glob that matched. */
+    matchedGlob?: string;
+}
+export interface BoundaryEnforcementReport {
+    declaredAllowed: number;
+    declaredForbidden: number;
+    changedFiles: number;
+    violations: BoundaryViolation[];
+    /** `true` under default/auto (warn only); `false` under an enforced profile. */
+    advisory: boolean;
+}
+export interface ConstraintCoverageReport {
+    declared: number;
+    covered: number;
+    /** Constraints with no verificationSurface token overlap. */
+    uncovered: string[];
+    advisory: boolean;
+}
+/**
+ * Profiles in which boundary/constraint findings hard-block Task completion
+ * (decision E1, shared with G23). `default`/`auto` stay advisory; a profile
+ * whose name is or ends with `full`/`ci`/`strict` enforces.
+ */
+export declare function isEnforcedBoundaryProfile(profileName: string | undefined): boolean;
+export { isEnforcedProfile };
+/**
+ * Does a (normalised) changed-file path match a boundary glob?
+ * Supports exact paths, bare directory prefixes (`src` ⇒ `src/**`) and globs.
+ */
+export declare function pathMatchesGlob(file: string, glob: string): boolean;
+/**
+ * Compare the changed-file set against a Spec's executional boundaries.
+ * Returns `undefined` when there is nothing to enforce (no boundaries, or
+ * neither `files` nor `forbidden` declared).
+ */
+export declare function evaluateBoundaries(changedFiles: Array<string | undefined | null> | undefined, boundaries: SpecBoundaries | undefined, enforced?: boolean): BoundaryEnforcementReport | undefined;
+/**
+ * Check that every declared constraint is guarded by some verificationSurface
+ * item. Returns `undefined` when no constraints are declared.
+ */
+export declare function evaluateConstraints(constraints: string[] | undefined, verificationSurface: string[] | undefined, enforced?: boolean): ConstraintCoverageReport | undefined;
+/**
+ * Count the findings that block Task completion under an enforced profile:
+ * every boundary violation plus every unguarded constraint. Returns 0 when both
+ * reports are clean or undefined. The caller decides whether to act on the
+ * count based on the active profile (advisory reports are not blocked even when
+ * this count is non-zero).
+ */
+export declare function countBoundaryBlockers(boundary: BoundaryEnforcementReport | undefined, constraint: ConstraintCoverageReport | undefined): number;
+/** Render boundary warning lines (empty when there is nothing to warn about). */
+export declare function formatBoundaryWarnings(report: BoundaryEnforcementReport | undefined): string[];
+/** Render constraint-coverage warning lines (empty when fully covered). */
+export declare function formatConstraintWarnings(report: ConstraintCoverageReport | undefined): string[];

package/dist/workflow/BoundaryEnforcement.js

@@ -0,0 +1,182 @@
+// SCALE Engine - P0+ Boundary & Constraint enforcement
+//
+// Two checks layered on top of the P0 six-element Spec contract:
+//
+//  1. Boundary enforcement — compares the files a task actually changed against
+//     the Spec's executional `boundaries` (allowed `files` globs + explicitly
+//     `forbidden` globs). Touching a forbidden path, or editing a file outside
+//     the declared allow-list, is reported as a violation.
+//
+//  2. Constraint coverage — checks each declared `constraint` (an invariant that
+//     must not regress) against the Spec's `verificationSurface`. A constraint
+//     with no surface guarding it is a silent-regression risk.
+//
+// Enforcement is profile-gated (mirrors G23's E1 escalation): under `default`
+// and `auto` both checks are advisory — violations are surfaced as warnings and
+// recorded as evidence but never flip `passed` or block ship. Under an enforced
+// profile (`full`/`ci`/`strict`), the same findings are blocking: any boundary
+// violation or unguarded constraint stops Task completion. The `enforced` flag
+// threaded into the evaluators only sets the report's `advisory` mode; the
+// detection logic is identical, so a re-verify under `default` cannot silence a
+// finding, only downgrade how it is reported.
+import { isEnforcedProfile } from './ProfileEnforcement.js';
+/**
+ * Profiles in which boundary/constraint findings hard-block Task completion
+ * (decision E1, shared with G23). `default`/`auto` stay advisory; a profile
+ * whose name is or ends with `full`/`ci`/`strict` enforces.
+ */
+export function isEnforcedBoundaryProfile(profileName) {
+    return isEnforcedProfile(profileName);
+}
+export { isEnforcedProfile };
+function norm(value) {
+    return value.replace(/\\/g, '/').trim().toLowerCase();
+}
+/**
+ * Translate a minimatch-style glob to an anchored, full-path RegExp.
+ * `**` matches across `/`, `*` matches within a segment, `?` matches one
+ * non-`/` char. All other regex metacharacters are escaped.
+ */
+function globToRegExp(glob) {
+    const body = glob
+        .replace(/[.+^${}()|[\]\\]/g, '\\$&') // escape specials, leaving * and ?
+        .replace(/\*\*/g, '\u0000') // globstar placeholder
+        .replace(/\*/g, '[^/]*')
+        .replace(/\u0000/g, '.*')
+        .replace(/\?/g, '[^/]');
+    return new RegExp(`^${body}$`);
+}
+/**
+ * Does a (normalised) changed-file path match a boundary glob?
+ * Supports exact paths, bare directory prefixes (`src` ⇒ `src/**`) and globs.
+ */
+export function pathMatchesGlob(file, glob) {
+    const f = norm(file);
+    const g = norm(glob);
+    if (!f || !g)
+        return false;
+    if (f === g)
+        return true;
+    // Bare directory (no wildcards) acts as a recursive prefix.
+    if (!/[*?]/.test(g)) {
+        const dir = g.endsWith('/') ? g : `${g}/`;
+        if (f.startsWith(dir))
+            return true;
+    }
+    try {
+        return globToRegExp(g).test(f);
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Compare the changed-file set against a Spec's executional boundaries.
+ * Returns `undefined` when there is nothing to enforce (no boundaries, or
+ * neither `files` nor `forbidden` declared).
+ */
+export function evaluateBoundaries(changedFiles, boundaries, enforced = false) {
+    if (!boundaries)
+        return undefined;
+    const allowed = (boundaries.files ?? []).map(norm).filter(Boolean);
+    const forbidden = (boundaries.forbidden ?? []).map(norm).filter(Boolean);
+    if (allowed.length === 0 && forbidden.length === 0)
+        return undefined;
+    const files = [...new Set((changedFiles ?? []).map(f => norm(f ?? '')).filter(Boolean))];
+    const violations = [];
+    for (const file of files) {
+        const hitForbidden = forbidden.find(glob => pathMatchesGlob(file, glob));
+        if (hitForbidden) {
+            violations.push({ file, kind: 'forbidden-touched', matchedGlob: hitForbidden });
+            continue;
+        }
+        if (allowed.length > 0 && !allowed.some(glob => pathMatchesGlob(file, glob))) {
+            violations.push({ file, kind: 'outside-allowed' });
+        }
+    }
+    return {
+        declaredAllowed: allowed.length,
+        declaredForbidden: forbidden.length,
+        changedFiles: files.length,
+        violations,
+        advisory: !enforced,
+    };
+}
+function significantTokens(value) {
+    return [
+        ...new Set(norm(value)
+            .split(/[^a-z0-9]+/)
+            .filter(token => token.length >= 4)),
+    ];
+}
+/**
+ * A constraint is "covered" when at least one of its significant tokens appears
+ * in some verificationSurface item — i.e. there is a declared check that could
+ * catch a regression of that invariant.
+ */
+function constraintCovered(constraint, surfaces) {
+    const tokens = significantTokens(constraint);
+    if (tokens.length === 0)
+        return false;
+    return surfaces.some(surface => tokens.some(token => surface.includes(token)));
+}
+/**
+ * Check that every declared constraint is guarded by some verificationSurface
+ * item. Returns `undefined` when no constraints are declared.
+ */
+export function evaluateConstraints(constraints, verificationSurface, enforced = false) {
+    const declared = (constraints ?? []).map(c => c.trim()).filter(Boolean);
+    if (declared.length === 0)
+        return undefined;
+    const surfaces = (verificationSurface ?? []).map(norm).filter(Boolean);
+    const uncovered = declared.filter(constraint => !constraintCovered(constraint, surfaces));
+    return {
+        declared: declared.length,
+        covered: declared.length - uncovered.length,
+        uncovered,
+        advisory: !enforced,
+    };
+}
+/**
+ * Count the findings that block Task completion under an enforced profile:
+ * every boundary violation plus every unguarded constraint. Returns 0 when both
+ * reports are clean or undefined. The caller decides whether to act on the
+ * count based on the active profile (advisory reports are not blocked even when
+ * this count is non-zero).
+ */
+export function countBoundaryBlockers(boundary, constraint) {
+    return (boundary?.violations.length ?? 0) + (constraint?.uncovered.length ?? 0);
+}
+/** Render boundary warning lines (empty when there is nothing to warn about). */
+export function formatBoundaryWarnings(report) {
+    if (!report || report.violations.length === 0)
+        return [];
+    const tag = report.advisory ? '[WARN]' : '[BLOCKER]';
+    const mode = report.advisory ? 'advisory, not blocking' : 'blocking under enforced profile';
+    const lines = [
+        `${tag} boundary enforcement: ${report.violations.length} violation(s) (${mode})`,
+    ];
+    for (const v of report.violations) {
+        lines.push(v.kind === 'forbidden-touched'
+            ? `   [FORBIDDEN] ${v.file} (matched ${v.matchedGlob})`
+            : `   [OUTSIDE-ALLOWED] ${v.file}`);
+    }
+    lines.push('   Keep edits inside the Spec boundaries (or widen them in the Spec).');
+    return lines;
+}
+/** Render constraint-coverage warning lines (empty when fully covered). */
+export function formatConstraintWarnings(report) {
+    if (!report || report.uncovered.length === 0)
+        return [];
+    const tag = report.advisory ? '[WARN]' : '[BLOCKER]';
+    const mode = report.advisory ? 'advisory, not blocking' : 'blocking under enforced profile';
+    const lines = [
+        `${tag} constraint coverage: ${report.covered}/${report.declared} guarded by verificationSurface (${mode})`,
+    ];
+    for (const constraint of report.uncovered) {
+        lines.push(`   [UNGUARDED] ${constraint}`);
+    }
+    lines.push('   Add a verificationSurface item that would catch a regression of each constraint.');
+    return lines;
+}
+//# sourceMappingURL=BoundaryEnforcement.js.map

package/dist/workflow/BoundaryEnforcement.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"BoundaryEnforcement.js","sourceRoot":"","sources":["../../src/workflow/BoundaryEnforcement.ts"],"names":[],"mappings":"AAAA,uDAAuD;AACvD,EAAE;AACF,iEAAiE;AACjE,EAAE;AACF,gFAAgF;AAChF,8EAA8E;AAC9E,+EAA+E;AAC/E,2DAA2D;AAC3D,EAAE;AACF,iFAAiF;AACjF,+EAA+E;AAC/E,+DAA+D;AAC/D,EAAE;AACF,8EAA8E;AAC9E,gFAAgF;AAChF,gFAAgF;AAChF,+EAA+E;AAC/E,+EAA+E;AAC/E,2EAA2E;AAC3E,gFAAgF;AAChF,8CAA8C;AAG9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAA;AA6B3D;;;;GAIG;AACH,MAAM,UAAU,yBAAyB,CAAC,WAA+B;IACvE,OAAO,iBAAiB,CAAC,WAAW,CAAC,CAAA;AACvC,CAAC;AAED,OAAO,EAAE,iBAAiB,EAAE,CAAA;AAE5B,SAAS,IAAI,CAAC,KAAa;IACzB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;AACvD,CAAC;AAED;;;;GAIG;AACH,SAAS,YAAY,CAAC,IAAY;IAChC,MAAM,IAAI,GAAG,IAAI;SACd,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,mCAAmC;SACxE,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,uBAAuB;SAClD,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;SACvB,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC;SACxB,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;IACzB,OAAO,IAAI,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,CAAA;AAChC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,IAAY;IACxD,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAA;IACpB,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAA;IACpB,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC;QAAE,OAAO,KAAK,CAAA;IAC1B,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IACxB,4DAA4D;IAC5D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAA;QACzC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;IACpC,CAAC;IACD,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAChC,YAA0D,EAC1D,UAAsC,EACtC,QAAQ,GAAG,KAAK;IAEhB,IAAI,CAAC,UAAU;QAAE,OAAO,SAAS,CAAA;IACjC,MAAM,OAAO,GAAG,CAAC,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAClE,MAAM,SAAS,GAAG,CAAC,UAAU,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IACxE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAA;IAEpE,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;IACxF,MAAM,UAAU,GAAwB,EAAE,CAAA;IAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAA;QACxE,IAAI,YAAY,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,mBAAmB,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;YAC/E,SAAQ;QACV,CAAC;QACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;YAC7E,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAA;QACpD,CAAC;IACH,CAAC;IAED,OAAO;QACL,eAAe,EAAE,OAAO,CAAC,MAAM;QAC/B,iBAAiB,EAAE,SAAS,CAAC,MAAM;QACnC,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,UAAU;QACV,QAAQ,EAAE,CAAC,QAAQ;KACpB,CAAA;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACtC,OAAO;QACL,GAAG,IAAI,GAAG,CACR,IAAI,CAAC,KAAK,CAAC;aACR,KAAK,CAAC,YAAY,CAAC;aACnB,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CACtC;KACF,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,UAAkB,EAAE,QAAkB;IAC/D,MAAM,MAAM,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAA;IAC5C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IACrC,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AAChF,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,WAAiC,EACjC,mBAAyC,EACzC,QAAQ,GAAG,KAAK;IAEhB,MAAM,QAAQ,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IACvE,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAA;IAC3C,MAAM,QAAQ,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IACtE,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,iBAAiB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAA;IACzF,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,MAAM;QACzB,OAAO,EAAE,QAAQ,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM;QAC3C,SAAS;QACT,QAAQ,EAAE,CAAC,QAAQ;KACpB,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAA+C,EAC/C,UAAgD;IAEhD,OAAO,CAAC,QAAQ,EAAE,UAAU,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,CAAA;AACjF,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,sBAAsB,CAAC,MAA6C;IAClF,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAA;IACpD,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iCAAiC,CAAA;IAC3F,MAAM,KAAK,GAAG;QACZ,GAAG,GAAG,0BAA0B,MAAM,CAAC,UAAU,CAAC,MAAM,kBAAkB,IAAI,GAAG;KAClF,CAAA;IACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAClC,KAAK,CAAC,IAAI,CACR,CAAC,CAAC,IAAI,KAAK,mBAAmB;YAC5B,CAAC,CAAC,kBAAkB,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,WAAW,GAAG;YACvD,CAAC,CAAC,wBAAwB,CAAC,CAAC,IAAI,EAAE,CACrC,CAAA;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,uEAAuE,CAAC,CAAA;IACnF,OAAO,KAAK,CAAA;AACd,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,wBAAwB,CAAC,MAA4C;IACnF,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IACvD,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAA;IACpD,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iCAAiC,CAAA;IAC3F,MAAM,KAAK,GAAG;QACZ,GAAG,GAAG,yBAAyB,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,QAAQ,oCAAoC,IAAI,GAAG;KAC5G,CAAA;IACD,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QAC1C,KAAK,CAAC,IAAI,CAAC,kBAAkB,UAAU,EAAE,CAAC,CAAA;IAC5C,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,qFAAqF,CAAC,CAAA;IACjG,OAAO,KAAK,CAAA;AACd,CAAC"}

package/dist/workflow/EngineeringStandards.js

@@ -1,5 +1,6 @@
 import { appendFileSync, existsSync, mkdirSync, readdirSync, readFileSync, statSync, writeFileSync } from 'node:fs';
 import { extname, isAbsolute, join, relative, resolve, sep } from 'node:path';
+import { createAstConfirmer } from '../guardrails/ast/confirmers.js';
 const DEFAULT_SOURCE_DIRECTORIES = ['src', 'app', 'packages', 'services', 'cmd', 'internal', 'pkg'];
 const DEFAULT_IGNORED_DIRECTORIES = [
     '.git',
@@ -379,6 +380,11 @@ function scanFile(projectDir, absolutePath, policy, frameworks) {
     const content = readFileSync(absolutePath, 'utf-8');
     const lines = content.split(/\r?\n/);
     const findings = [];
+    // AST confirmation layer (P1.1): parse once per file so the regex pre-filter
+    // hits below can be confirmed against the real AST. null = parse failed, in
+    // which case every confirmer falls back to the raw regex result.
+    const ext = extname(absolutePath);
+    const astConfirmer = createAstConfirmer(content, { jsx: ext === '.tsx' || ext === '.jsx' });
     if (lines.length > policy.maxFileLines) {
         findings.push({
             severity: 'warn',
@@ -397,12 +403,12 @@ function scanFile(projectDir, absolutePath, policy, frameworks) {
         if (startedInsideTemplateLiteral || isNonExecutablePatternLine(line))
             continue;
         const lineNumber = index + 1;
-        findings.push(...scanLine(path, line, lineNumber, policy, frameworks));
+        findings.push(...scanLine(path, line, lineNumber, policy, frameworks, astConfirmer));
     }
-    findings.push(...findEmptyCatchBlocks(path, lines));
+    findings.push(...findEmptyCatchBlocks(path, lines, astConfirmer));
     return dedupeFindings(findings);
 }
-function scanLine(path, line, lineNumber, policy, frameworks) {
+function scanLine(path, line, lineNumber, policy, frameworks, ast) {
     const findings = [];
     const sensitiveMatcher = sensitiveFieldPattern(policy);
     const evidence = line.trim().slice(0, 160);
@@ -467,7 +473,7 @@ function scanLine(path, line, lineNumber, policy, frameworks) {
             fix: 'Use text rendering or sanitize trusted HTML with an approved sanitizer.',
         });
     }
-    if (/\beval\s*\(|new\s+Function\s*\(/.test(line)) {
+    if (/\beval\s*\(|new\s+Function\s*\(/.test(line) && (!ast || ast.hasUnsafeCodeExecution(lineNumber))) {
         findings.push({
             severity: 'fail',
             category: 'security',
@@ -479,7 +485,7 @@ function scanLine(path, line, lineNumber, policy, frameworks) {
             fix: 'Replace eval or Function with a typed parser, dispatch table, or safe interpreter.',
         });
     }
-    if (/^\s*(?:\/\/|\/\*)\s*@ts-ignore\b/.test(line)) {
+    if (/^\s*(?:\/\/|\/\*)\s*@ts-ignore\b/.test(line) && (!ast || ast.hasTsIgnore(lineNumber))) {
         findings.push({
             severity: 'fail',
             category: 'code-quality',
@@ -491,7 +497,7 @@ function scanLine(path, line, lineNumber, policy, frameworks) {
             fix: 'Fix the type boundary or use a narrow typed adapter with a documented reason.',
         });
     }
-    if (/\bas\s+any\b|:\s*any\b|<any\b|Array<any>|Promise<any>|Record<[^>]+,\s*any>/.test(line)) {
+    if (/\bas\s+any\b|:\s*any\b|<any\b|Array<any>|Promise<any>|Record<[^>]+,\s*any>/.test(line) && (!ast || ast.hasAnyType(lineNumber))) {
         findings.push({
             severity: 'warn',
             category: 'code-quality',
@@ -529,12 +535,16 @@ function scanLine(path, line, lineNumber, policy, frameworks) {
     }
     return findings;
 }
-function findEmptyCatchBlocks(path, lines) {
+function findEmptyCatchBlocks(path, lines, ast) {
     const findings = [];
+    // AST confirmation: only emit when the catch block genuinely has zero
+    // statements. Falls back to the regex result when the file did not parse.
+    const confirm = (line) => !ast || ast.hasEmptyCatch(line);
     for (let index = 0; index < lines.length; index += 1) {
         const line = lines[index];
         if (/catch\s*(?:\([^)]*\))?\s*\{\s*(?:\/\*.*?\*\/|\/\/.*)?\s*\}/.test(line)) {
-            findings.push(emptyCatchFinding(path, index + 1, line));
+            if (confirm(index + 1))
+                findings.push(emptyCatchFinding(path, index + 1, line));
             continue;
         }
         if (!/catch\s*(?:\([^)]*\))?\s*\{\s*$/.test(line))
@@ -543,7 +553,7 @@ function findEmptyCatchBlocks(path, lines) {
             const trimmed = next.trim();
             if (trimmed === '' || trimmed.startsWith('//') || trimmed.startsWith('/*') || trimmed.startsWith('*'))
                 continue;
-            if (/^}\s*[),;]?$/.test(trimmed))
+            if (/^}\s*[),;]?$/.test(trimmed) && confirm(index + 1))
                 findings.push(emptyCatchFinding(path, index + 1, line));
             break;
         }