@jaimevalasek/aioson 1.21.7 → 1.22.0

package/src/commands/live.js

@@ -1569,58 +1569,63 @@ async function runLiveStart({ args, options = {}, logger, t }) {
   }
 }
 
-async function runRuntimeEmit({ args, options = {}, logger, t }) {
-  const targetDir = resolveTargetDir(args);
-  const agentName = normalizeAgentHandle(requireOption(options, 'agent', t));
-  const eventType = String(options.type || 'note').trim() || 'note';
-  const now = new Date().toISOString();
-  const refs = parseRefs(options.refs);
-  const planStep = options['plan-step'] ? String(options['plan-step']).trim() : null;
-  const summary = truncateMessage(
-    options.summary || options.message || options.title || `${eventType} emitted by ${agentName}`
-  );
-  const meta = parseJsonOption(options.meta);
-  const payload = meta && typeof meta === 'object' ? { ...meta } : {};
-  if (refs.length > 0) payload.refs = refs;
-  if (planStep) payload.plan_step = planStep;
-
-  let liveHandle;
-  if (await runtimeStoreExists(targetDir)) {
-    try {
-      liveHandle = await requireActiveLiveContext(targetDir, agentName, t, {
-        limit: options.limit
-      });
-    } catch (err) {
-      const noActive = t('live.no_active_session', { agent: agentName });
-      const notActive = t('live.session_not_active', { agent: agentName });
-      if (err && !(err.message === noActive || err.message === notActive)) {
-        throw err;
-      }
-    }
-  }
-
-  if (!liveHandle) {
-    const standalone = await emitStandaloneRuntimeEvent({
-      targetDir,
-      agentName,
-      eventType,
-      summary,
-      payload,
-      options,
-      now
-    });
-    if (!options.json) {
-      logger.log(`runtime:emit — ${agentName} | standalone event logged | run: ${standalone.runKey} (${standalone.dbPath})`);
-    }
-    return standalone;
-  }
-
-  const { db, dbPath, runtimeDir, context } = liveHandle;
-
-  try {
-    const state = context.state || createLiveState(targetDir, context.run, context.task, {
-      sessionKey: context.sessionKey,
-      activeAgent: context.agentName,
+async function runRuntimeEmit({ args, options = {}, logger, t }) {
+  const targetDir = resolveTargetDir(args);
+  const agentName = normalizeAgentHandle(requireOption(options, 'agent', t));
+  const eventType = String(options.type || 'note').trim() || 'note';
+  const now = new Date().toISOString();
+  const refs = parseRefs(options.refs);
+  const planStep = options['plan-step'] ? String(options['plan-step']).trim() : null;
+  const summary = truncateMessage(
+    options.summary || options.message || options.title || `${eventType} emitted by ${agentName}`
+  );
+  const meta = parseJsonOption(options.meta);
+  const payload = meta && typeof meta === 'object' ? { ...meta } : {};
+  if (refs.length > 0) payload.refs = refs;
+  if (planStep) payload.plan_step = planStep;
+
+  let liveHandle;
+  if (await runtimeStoreExists(targetDir)) {
+    try {
+      liveHandle = await requireActiveLiveContext(targetDir, agentName, t, {
+        limit: options.limit
+      });
+    } catch (err) {
+      const noActive = t('live.no_active_session', { agent: agentName });
+      const notActive = t('live.session_not_active', { agent: agentName });
+      if (err && !(err.message === noActive || err.message === notActive)) {
+        throw err;
+      }
+    }
+  }
+
+  if (!liveHandle) {
+    const standalone = await emitStandaloneRuntimeEvent({
+      targetDir,
+      agentName,
+      eventType,
+      summary,
+      payload,
+      options,
+      now
+    });
+    if (!options.json) {
+      logger.log(t('live.standalone_event_recorded', {
+        agent: agentName,
+        eventType,
+        runKey: standalone.runKey,
+        dbPath: standalone.dbPath
+      }));
+    }
+    return standalone;
+  }
+
+  const { db, dbPath, runtimeDir, context } = liveHandle;
+
+  try {
+    const state = context.state || createLiveState(targetDir, context.run, context.task, {
+      sessionKey: context.sessionKey,
+      activeAgent: context.agentName,
       projectPath: targetDir
     });
 
@@ -1758,69 +1763,69 @@ async function runRuntimeEmit({ args, options = {}, logger, t }) {
     };
   } finally {
     db.close();
-  }
-}
-
-async function emitStandaloneRuntimeEvent({
-  targetDir,
-  agentName,
-  eventType,
-  summary,
-  payload,
-  options = {},
-  now
-}) {
-  const { db, dbPath } = await openRuntimeDb(targetDir);
-  try {
-    const taskKey = startTask(db, {
-      title: options.title ? String(options.title).trim() : `runtime:emit ${agentName}`,
-      goal: summary,
-      status: 'completed',
-      createdBy: agentName,
-      taskKind: 'runtime_event',
-      metaJson: {
-        mode: 'standalone',
-        reason: 'no_active_live_session'
-      }
-    });
-    const runKey = startRun(db, {
-      taskKey,
-      agentName,
-      agentKind: 'official',
-      source: 'direct',
-      title: options.title ? String(options.title).trim() : `runtime:emit ${agentName}`,
-      status: 'completed',
-      summary,
-      eventType,
-      phase: 'direct',
-      message: summary,
-      payload: Object.keys(payload).length > 0 ? {
-        ...payload,
-        standalone: true,
-        reason: 'no_active_live_session'
-      } : {
-        standalone: true,
-        reason: 'no_active_live_session'
-      }
-    });
-
-    return {
-      ok: true,
-      targetDir,
-      dbPath,
-      agent: agentName,
-      eventType,
-      sessionKey: null,
-      runKey,
-      taskKey,
-      currentTask: null,
-      open: false,
-      standalone: true
-    };
-  } finally {
-    db.close();
-  }
-}
+  }
+}
+
+async function emitStandaloneRuntimeEvent({
+  targetDir,
+  agentName,
+  eventType,
+  summary,
+  payload,
+  options = {},
+  now
+}) {
+  const { db, dbPath } = await openRuntimeDb(targetDir);
+  try {
+    const taskKey = startTask(db, {
+      title: options.title ? String(options.title).trim() : `runtime:emit ${agentName}`,
+      goal: summary,
+      status: 'completed',
+      createdBy: agentName,
+      taskKind: 'runtime_event',
+      metaJson: {
+        mode: 'standalone',
+        reason: 'no_active_live_session'
+      }
+    });
+    const runKey = startRun(db, {
+      taskKey,
+      agentName,
+      agentKind: 'official',
+      source: 'direct',
+      title: options.title ? String(options.title).trim() : `runtime:emit ${agentName}`,
+      status: 'completed',
+      summary,
+      eventType,
+      phase: 'direct',
+      message: summary,
+      payload: Object.keys(payload).length > 0 ? {
+        ...payload,
+        standalone: true,
+        reason: 'no_active_live_session'
+      } : {
+        standalone: true,
+        reason: 'no_active_live_session'
+      }
+    });
+
+    return {
+      ok: true,
+      targetDir,
+      dbPath,
+      agent: agentName,
+      eventType,
+      sessionKey: null,
+      runKey,
+      taskKey,
+      currentTask: null,
+      open: false,
+      standalone: true
+    };
+  } finally {
+    db.close();
+  }
+}
 
 
 async function runLiveHandoff({ args, options = {}, logger, t }) {

package/src/commands/parallel-doctor.js

@@ -528,7 +528,8 @@ function buildChecks(context, state, prerequisites, workersOption, force, analys
 }
 
 async function applyParallelFixes(targetDir, context, state, options) {
-  const dryRun = Boolean(options.dryRun);
+  // accept both --dry-run (kebab, as the parser stores it) and --dryRun (camel)
+  const dryRun = Boolean(options.dryRun || options['dry-run']);
   const generatedAt = new Date().toISOString();
   const projectName =
     String((context.data && context.data.project_name) || '').trim() || path.basename(targetDir) || 'project';

package/src/commands/pulse-update.js

@@ -45,9 +45,9 @@ async function runPulseUpdate({ args, options = {}, logger }) {
   // Extract existing recent_activity lines (keep last 2 to add 1 new = 3 total)
   const existingActivities = [];
   if (existing) {
-    const activityMatch = existing.match(/## Recent Activity\n([\s\S]*?)(?=\n##|\s*$)/);
+    const activityMatch = existing.match(/## Recent Activity\r?\n([\s\S]*?)(?=\r?\n##|\s*$)/);
     if (activityMatch) {
-      const lines = activityMatch[1].split('\n').filter((l) => l.trim().startsWith('-'));
+      const lines = activityMatch[1].split(/\r?\n/).filter((l) => l.trim().startsWith('-'));
       existingActivities.push(...lines.slice(-2));
     }
   }

package/src/commands/scan-project.js

@@ -355,7 +355,13 @@ async function callOpenAICompatible(baseUrl, apiKey, model, prompt) {
   }
 
   const data = JSON.parse(text);
-  return data.choices[0].message.content;
+  const content = data && data.choices && data.choices[0] && data.choices[0].message
+    ? data.choices[0].message.content
+    : undefined;
+  if (typeof content !== 'string') {
+    throw new Error(`Unexpected LLM response shape: ${String(text).slice(0, 300)}`);
+  }
+  return content;
 }
 
 async function callAnthropic(apiKey, model, prompt) {
@@ -365,7 +371,11 @@ async function callAnthropic(apiKey, model, prompt) {
     { model, max_tokens: 4096, messages: [{ role: 'user', content: prompt }] }
   );
   const data = JSON.parse(text);
-  return data.content[0].text;
+  const content = data && data.content && data.content[0] ? data.content[0].text : undefined;
+  if (typeof content !== 'string') {
+    throw new Error(`Unexpected Anthropic response shape: ${String(text).slice(0, 300)}`);
+  }
+  return content;
 }
 
 async function callLLM(providerName, providerCfg, prompt) {

package/src/commands/self-implement-loop.js

@@ -26,6 +26,15 @@ const fsp = require('node:fs/promises');
 const bus = require('../squad/intra-bus');
 const stateManager = require('../squad/state-manager');
 const { createCircuitBreaker } = require('../harness/circuit-breaker');
+const { validateContract, resolveContract } = require('../harness/contract-schema');
+const { captureBaseline, computeChangedSet, captureDiffPatch } = require('../harness/git-baseline');
+const { checkScope, checkDiffLimits, buildRollbackFeedback } = require('../harness/scope-guard');
+const { estimateTokens, startRunBudget, recordAttemptTokens, checkBudget, buildBudgetSummary } = require('../harness/budget-guard');
+const { writeAttemptArtifacts } = require('../harness/attempt-artifacts');
+const { emitGuardEvent } = require('../harness/guard-events');
+const { detectGates, createGate, enterHumanGate, resolveGateState, pendingGates, loadGates } = require('../harness/human-gate');
+const { runCriteria, registerFailureSignatures, startRunSignatures } = require('../harness/criteria-runner');
+const { findActiveContract } = require('../harness/active-contract');
 
 // ─── Agent execution ─────────────────────────────────────────────────────────
 
@@ -127,6 +136,195 @@ async function criteriaOnlyVerify(projectDir, artifactPath, criteria) {
   };
 }
 
+// ─── Loop Guardrails (loop-guardrails) ───────────────────────────────────────
+
+/**
+ * Hook pós-attempt na ordem D5: (1) artifacts → (2) scope guard + re-hash D2 →
+ * (3) diff limits → (4) human gates (Fase 2) → (5) criteria (Fase 2) →
+ * (6) budget/runtime. Registrar primeiro, julgar depois.
+ *
+ * Retorna { blocked, reason, feedback, issues } — `blocked` encerra o run;
+ * `feedback` injeta instrução de rollback e segue para a próxima iteração.
+ */
+async function runPostAttemptGuards({ targetDir, guards, cb, logger, attempt, agentOutput }) {
+  const { resolved, planDir } = guards;
+  const slug = resolved.feature;
+
+  // (1) registrar sempre, mesmo em falha
+  let changed = { files: [], rehashViolations: [] };
+  let diffPatch = '';
+  if (guards.baseline) {
+    try {
+      changed = computeChangedSet(targetDir, guards.baseline);
+      diffPatch = captureDiffPatch(targetDir);
+    } catch { /* git indisponível neste attempt — artifacts parciais */ }
+  }
+  writeAttemptArtifacts(planDir, attempt, { changedFiles: changed.files, diffPatch });
+
+  // tokens da tentativa acumulam sempre — o gasto já ocorreu (D3)
+  recordAttemptTokens(cb.progress, estimateTokens(agentOutput));
+
+  const outcome = { blocked: false, reason: null, feedback: null, issues: [] };
+
+  // (2) scope guard + re-hash D2 (REQ-4/5/6)
+  if (guards.baseline) {
+    const scope = checkScope({
+      changedFiles: changed.files,
+      rehashViolations: changed.rehashViolations,
+      allowedGlobs: resolved.allowed_files,
+      forbiddenGlobs: resolved.forbidden_files
+    });
+    if (!scope.ok) {
+      guards.scopeViolationCount += 1;
+      const fileList = scope.violations.map((v) => v.path);
+      logger.log(`  ✗ Scope violation (${fileList.length} file(s)): ${fileList.slice(0, 5).join(', ')}`);
+      await emitGuardEvent(targetDir, {
+        eventType: 'scope_violation',
+        message: `scope violation on attempt ${attempt}`,
+        payload: { slug, attempt, violations: scope.violations }
+      });
+      if (guards.scopeViolationCount >= 2) {
+        // reincidência abre o circuito e escala para humano (REQ-6)
+        cb.progress.circuit_state = 'OPEN';
+        cb.progress.status = 'circuit_open';
+        cb.progress.last_error = `scope_violation_repeat: ${fileList.slice(0, 3).join(', ')}`;
+        await cb._save();
+        outcome.blocked = true;
+        outcome.reason = 'scope_violation_repeat';
+        return outcome;
+      }
+      outcome.reason = 'scope_violation';
+      outcome.feedback = buildRollbackFeedback(scope.violations);
+      outcome.issues = [{ message: outcome.feedback }];
+    }
+  }
+
+  // (3) diff limits (REQ-10) — não julga se a tentativa já vai para rollback
+  if (!outcome.feedback) {
+    const limits = checkDiffLimits({
+      changedFiles: changed.files,
+      diffPatch,
+      maxChangedFiles: resolved.governor.max_changed_files ?? null,
+      maxDiffLines: resolved.governor.max_diff_lines ?? null
+    });
+    if (!limits.ok) {
+      const detail = limits.exceeded.map((e) => `${e.limit}: ${e.actual} > ${e.max}`).join('; ');
+      logger.log(`  ✗ Diff limit exceeded — ${detail}`);
+      await emitGuardEvent(targetDir, {
+        eventType: 'diff_limit_exceeded',
+        message: `diff limits exceeded on attempt ${attempt} (${detail})`,
+        payload: { slug, attempt, exceeded: limits.exceeded }
+      });
+      outcome.blocked = true;
+      outcome.reason = 'diff_limit_exceeded';
+    }
+  }
+
+  // (4) human gates (REQ-12, D4) — violação de escopo precede gate: arquivo
+  // fora do escopo merece rollback, não aprovação humana
+  if (!outcome.feedback && !outcome.blocked && guards.baseline) {
+    const detections = detectGates({
+      changedFiles: changed.files,
+      requiredFor: resolved.human_gate.required_for,
+      themePaths: resolved.human_gate.theme_paths,
+      existingGates: loadGates(planDir),
+      runId: cb.progress.budget ? cb.progress.budget.run_id : null
+    });
+    if (detections.length > 0) {
+      const created = [];
+      for (const detection of detections) {
+        const gate = createGate(planDir, {
+          theme: detection.theme,
+          attempt,
+          triggeredBy: detection.triggeredBy,
+          diffSummary: `${detection.triggeredBy.length} file(s): ${detection.triggeredBy.slice(0, 3).join(', ')}`,
+          runId: cb.progress.budget ? cb.progress.budget.run_id : null
+        });
+        created.push(gate);
+        await emitGuardEvent(targetDir, {
+          eventType: 'human_gate_requested',
+          message: `human gate ${gate.id} requested on attempt ${attempt}`,
+          payload: { slug, attempt, gate_id: gate.id, theme: gate.theme, triggered_by: gate.triggered_by }
+        });
+      }
+      enterHumanGate(cb.progress, created.map((g) => g.id));
+      await cb._save();
+      logger.log(`  ✗ Human gate requerido (${created.length}):`);
+      for (const gate of created) {
+        logger.log(`    - ${gate.id} [${gate.theme}] — ${gate.diff_summary}`);
+        logger.log(`      aioson harness:approve . --slug=${slug} --gate=${gate.id}`);
+      }
+      outcome.blocked = true;
+      outcome.reason = 'human_gate_pending';
+    }
+  }
+
+  // (5) criteria checks (REQ-16/17, D7) — pulado se a tentativa já vai para
+  // rollback ou gate (processo encerra)
+  if (!outcome.feedback && !outcome.blocked) {
+    const checks = await runCriteria({ criteria: resolved.criteria, cwd: targetDir });
+    if (checks.length > 0) {
+      writeAttemptArtifacts(planDir, attempt, { checks });
+      const failed = checks.filter((c) => !c.ok);
+      for (const check of failed) {
+        await emitGuardEvent(targetDir, {
+          eventType: 'criteria_check_failed',
+          message: `criterion ${check.id} failed on attempt ${attempt} (exit ${check.exitCode}${check.timedOut ? ', timeout' : ''})`,
+          payload: { slug, attempt, criterion_id: check.id, exit_code: check.exitCode, timed_out: check.timedOut, signature: check.signature }
+        });
+      }
+      const repeats = registerFailureSignatures(cb.progress, failed);
+      if (repeats.length > 0) {
+        // mesma assinatura 2x no run (EC-13) → para e escala para humano
+        cb.progress.circuit_state = 'OPEN';
+        cb.progress.status = 'circuit_open';
+        cb.progress.last_error = `failure_signature_repeat: ${repeats.map((r) => r.criterion_id).join(', ')}`;
+        await cb._save();
+        for (const repeat of repeats) {
+          await emitGuardEvent(targetDir, {
+            eventType: 'failure_signature_repeat',
+            message: `criterion ${repeat.criterion_id} failed twice with the same signature in this run`,
+            payload: { slug, attempt, criterion_id: repeat.criterion_id, signature: repeat.signature }
+          });
+        }
+        logger.log(`  ✗ Mesma falha 2x no run (${repeats.map((r) => r.criterion_id).join(', ')}) — escalando para humano`);
+        outcome.blocked = true;
+        outcome.reason = 'failure_signature_repeat';
+      } else if (failed.length > 0) {
+        logger.log(`  ✗ Criteria checks falharam: ${failed.map((c) => c.id).join(', ')}`);
+        outcome.reason = 'criteria_check_failed';
+        outcome.feedback = failed
+          .map((c) => `Criterion ${c.id} failed (exit ${c.exitCode}${c.timedOut ? ', timeout' : ''}): ${(c.stderr || c.stdout || '').split('\n').find((l) => l.trim()) || 'no output'}`)
+          .join('\n');
+        outcome.issues = [{ message: outcome.feedback }];
+      }
+    }
+  }
+
+  // (6) budget/runtime (REQ-7/8, EC-11) — sempre avaliado e persistido
+  const budget = checkBudget(cb.progress, {
+    costCeilingTokens: resolved.governor.cost_ceiling_tokens ?? null,
+    maxRuntimeMinutes: resolved.governor.max_runtime_minutes ?? null
+  });
+  for (const event of budget.events) {
+    logger.log(`  ${event.type === 'budget_warning' ? '⚠' : '✗'} ${event.message}`);
+    await emitGuardEvent(targetDir, {
+      eventType: event.type,
+      message: event.message,
+      payload: { slug, attempt, ...event.payload },
+      tokenCount: cb.progress.budget.tokens_estimated
+    });
+  }
+  await cb._save();
+  if (budget.pause && !outcome.blocked) {
+    logger.log(buildBudgetSummary(cb.progress, { maxIterations: resolved.governor.max_steps }));
+    outcome.blocked = true;
+    outcome.reason = budget.events.find((e) => e.type !== 'budget_warning')?.type || 'budget_exceeded';
+  }
+
+  return outcome;
+}
+
 // ─── Public API ──────────────────────────────────────────────────────────────
 
 /**
@@ -156,19 +354,29 @@ async function runSelfLoop({ args, options = {}, logger }) {
     if (fs.existsSync(autoPath)) contractPath = autoPath;
   }
 
+  // C-01 (QA 2026-06-09): sem --contract e sem --spec, descobre o contrato
+  // ATIVO em disco (mesma heurística do git:guard). O happy path do PRD e a
+  // retomada instruída por harness:approve/budget-guard re-entram sem flags —
+  // um contrato ativo nunca pode ficar silenciosamente fora do loop (REQ-1).
+  if (!contractPath) {
+    try {
+      const active = findActiveContract(targetDir);
+      if (active) contractPath = active.contractPath;
+    } catch { /* best-effort: descoberta nunca derruba o loop */ }
+  }
+
   if (contractPath && fs.existsSync(contractPath)) {
     const progressPath = path.join(path.dirname(contractPath), 'progress.json');
     cb = createCircuitBreaker(contractPath, progressPath);
     await cb.load();
     logger.log(`[Harness] Contract loaded: ${path.relative(targetDir, contractPath)}`);
+  } else {
+    logger.log('[Harness] guardrails inactive — no harness contract loaded');
   }
 
-  // Set max iterations: Contract policy takes precedence over flag
+  // Teto de iterações pela flag; o contrato (governor EFETIVO) sobrescreve no
+  // preflight dos guards, após validação de schema (C-02 / REQ-19).
   let maxIterations = Math.min(Math.max(Number(options['max-iterations'] || 3), 1), 5);
-  if (cb && cb.contract && cb.contract.governor && cb.contract.governor.max_steps > 0) {
-    maxIterations = cb.contract.governor.max_steps;
-    logger.log(`[Harness] Max iterations set by contract: ${maxIterations}`);
-  }
 
   if (!task) {
     logger.error('Error: --task is required');
@@ -178,6 +386,74 @@ async function runSelfLoop({ args, options = {}, logger }) {
   const sessionId = randomUUID();
   const feedbackHistory = [];
 
+  // Loop Guardrails — preflight (REQ-1/2 + D3): valida o schema do contrato,
+  // captura o baseline git e zera o orçamento do run. Sem contrato = sem
+  // guards (retrocompat REQ-11).
+  let guards = null;
+  if (cb) {
+    const schemaResult = validateContract(cb.contract);
+    if (!schemaResult.ok) {
+      logger.log(`── Harness Block ──────────────────────────────────────────`);
+      for (const err of schemaResult.errors) {
+        logger.log(`  ✗ contract schema invalid: ${err.field} — ${err.reason}`);
+      }
+      await emitGuardEvent(targetDir, {
+        eventType: 'contract_invalid',
+        message: 'harness-contract.json failed schema validation',
+        payload: { slug: (cb.contract && cb.contract.feature) || null, errors: schemaResult.errors }
+      });
+      return { ok: false, iterations: 0, verdict: 'BLOCKED', reason: 'contract_schema_invalid', errors: schemaResult.errors };
+    }
+    for (const warning of schemaResult.warnings) {
+      logger.log(`  ⚠ contract: ${warning.field} — ${warning.reason}`);
+    }
+
+    const resolved = resolveContract(cb.contract);
+    const planDir = path.dirname(contractPath);
+
+    // C-02 (REQ-19): o breaker (check/recordError) e o teto de iterações leem
+    // `contract.governor` — injeta o governor EFETIVO (presets do contract_mode
+    // aplicados) para que `builder`/`autopilot` valham fora de budget/diff.
+    cb.contract.governor = resolved.governor;
+    if (resolved.governor && resolved.governor.max_steps > 0) {
+      maxIterations = resolved.governor.max_steps;
+      logger.log(`[Harness] Max iterations set by contract: ${maxIterations}`);
+    }
+
+    // (EC-9) gates pendentes de run anterior são REAPRESENTADOS antes de
+    // qualquer detecção nova; aprovação prévia restaura a retomada (REQ-15)
+    resolveGateState(cb.progress, planDir);
+    const pendingFromBefore = pendingGates(planDir);
+    if (pendingFromBefore.length > 0) {
+      enterHumanGate(cb.progress, pendingFromBefore.map((g) => g.id));
+      await cb._save();
+      logger.log(`── Harness Block ──────────────────────────────────────────`);
+      logger.log(`  ✗ Human gate pendente (${pendingFromBefore.length}):`);
+      for (const gate of pendingFromBefore) {
+        logger.log(`    - ${gate.id} [${gate.theme}] attempt ${gate.attempt} — ${gate.diff_summary || (gate.triggered_by || []).join(', ')}`);
+        logger.log(`      aioson harness:approve . --slug=${resolved.feature} --gate=${gate.id}`);
+        logger.log(`      aioson harness:reject . --slug=${resolved.feature} --gate=${gate.id} --reason="..."`);
+      }
+      return { ok: false, iterations: 0, verdict: 'BLOCKED', reason: 'human_gate_pending', gates: pendingFromBefore.map((g) => g.id) };
+    }
+
+    let baseline = null;
+    try {
+      const captured = captureBaseline(targetDir, planDir, { forbiddenGlobs: resolved.forbidden_files });
+      baseline = captured.baseline;
+      for (const warning of captured.warnings) {
+        logger.log(`  ⚠ baseline: ${warning.path} — ${warning.reason}`);
+      }
+    } catch (err) {
+      logger.log(`  ⚠ scope guard inactive for this run: git baseline unavailable (${String(err.message || err).slice(0, 80)})`);
+    }
+
+    startRunBudget(cb.progress, sessionId);
+    startRunSignatures(cb.progress); // D7: assinaturas de falha são por run
+    await cb._save();
+    guards = { resolved, planDir, baseline, scopeViolationCount: 0 };
+  }
+
   logger.log(`Self-implement loop: @${agent} — "${task.slice(0, 60)}${task.length > 60 ? '...' : ''}"`);
   logger.log(`Max iterations: ${maxIterations}`);
   if (spec) logger.log(`Spec: ${spec}`);
@@ -223,6 +499,30 @@ async function runSelfLoop({ args, options = {}, logger }) {
     logger.log('  Verifying...');
     const verifyResult = await runVerification(targetDir, spec, artifact, criteria);
 
+    // Loop Guardrails — hook pós-attempt (ordem D5). Roda ANTES de aceitar o
+    // sucesso: violação de escopo em tentativa "verde" ainda bloqueia.
+    if (guards) {
+      const guardOutcome = await runPostAttemptGuards({
+        targetDir,
+        guards,
+        cb,
+        logger,
+        attempt: iteration,
+        agentOutput: agentResult.output
+      });
+      if (guardOutcome.blocked) {
+        logger.log(`── Harness Block ──────────────────────────────────────────`);
+        logger.log(`  ✗ Loop paused by guardrail: ${guardOutcome.reason}`);
+        return { ok: false, iterations: iteration, verdict: 'BLOCKED', reason: guardOutcome.reason, feedback: feedbackHistory };
+      }
+      if (guardOutcome.feedback) {
+        const guardVerdict = guardOutcome.reason === 'scope_violation' ? 'SCOPE_VIOLATION' : 'CRITERIA_FAILED';
+        feedbackHistory.push({ iteration, verdict: guardVerdict, issues: guardOutcome.issues });
+        await cb.recordError(guardOutcome.reason);
+        continue;
+      }
+    }
+
     // Record on bus
     if (squad) {
       await bus.post(targetDir, squad, sessionId, {