@kodevibe/harness 0.11.3 → 0.11.4

package/README.ko.md

@@ -409,7 +409,7 @@ Bootstrap이 `docs/crew/`, `docs/PM/`, `docs/Analyst/`, `docs/ARB/`에서 crew
 
 ## 로드맵
 
-kode:harness는 현재 **v0.11.2** — v0.11의 proof-first와 uninstall safety 기반 위에 deterministic source-repo guardrail과 manifest-sealed R10 model benchmark workflow를 추가했습니다.
+kode:harness는 현재 **v0.11.4** — v0.11 proof-first 기반 위에 R16 recovery hardening(거짓 clean state-check claim, surface-specific Story Contract, reviewer dependency evidence, dirty wrap-up guard)을 추가했습니다.
 
 | 단계 | 버전 | 상태 | 초점 |
 |------|------|------|------|
@@ -425,7 +425,9 @@ kode:harness는 현재 **v0.11.2** — v0.11의 proof-first와 uninstall safety
 | **Confidence Loop** | v0.10.0 | ✅ 완료 | Goal Card, Quiet Navigator, Evidence-Gated Progress Board, Proof Ledger, QA/content 회귀 테스트 |
 | **Proof-First Enforcement** | v0.11.0 | ✅ 완료 | Mandatory Proof Plan, lead proof blocker, reviewer proof blocker, state-check Proof Ledger coverage |
 | **Uninstall Safety** | v0.11.1 | ✅ 완료 | Manifest 기반 uninstall, state 기본 보존, shared owner 복원, purge cleanup |
-| **Deterministic Release Guard** | v0.11.2 | ✅ 현재 | R1-R10 guard scripts, package-boundary scan, dependency-map scan, R10 manifest-sealed bench workflow |
+| **Deterministic Release Guard** | v0.11.2 | ✅ 완료 | R1-R10 guard scripts, package-boundary scan, dependency-map scan, R10 manifest-sealed bench workflow |
+| **Experiment Hardening** | v0.11.3 | ✅ 완료 | R15 Recent Changes integrity, Wave Scope boundary drift checks, enum/filter coverage honesty |
+| **Recovery Hardening** | v0.11.4 | ✅ 현재 | R16 false PASS claim guard, surface-specific Story Contract checks, reviewer dependency evidence, dirty wrap-up guard |
 | **Docs Bridge** | v0.11.1 | 🧪 Experimental | Project Docs Hub Index, docs-bridge 스킬, visibility 경계를 가진 로컬 docs hub 인덱스 |
 | **Safety & Branding** | v0.9.6 | ✅ 완료 | init overwrite 백업, 배포 파일 pm 네이밍 정리, LICENSE 브랜딩 정리 |
 | **Validation** | v1.0 | 🔜 다음 | 실사용 검증, 사용자 피드백 수집 |

package/README.md

@@ -389,7 +389,7 @@ It adds a Project Docs Hub Index to `project-brief.md` with each local source, r
 
 ## Roadmap
 
-kode:harness is at **v0.11.3** — adds R15 experiment hardening for section integrity, Wave Scope drift, and filter coverage honesty on top of the v0.11 proof-first and deterministic release guard foundation.
+kode:harness is at **v0.11.4** — adds R16 recovery hardening for false clean state-check claims, surface-specific Story Contracts, reviewer dependency evidence, and dirty wrap-up truthfulness on top of the v0.11 proof-first and deterministic release guard foundation.
 
 | Phase | Version | Status | Focus |
 |---|---|---|---|
@@ -406,7 +406,8 @@ kode:harness is at **v0.11.3** — adds R15 experiment hardening for section int
 | **Proof-First Enforcement** | v0.11.0 | ✅ Complete | Mandatory Proof Plan, lead proof blockers, reviewer proof blockers, state-check Proof Ledger coverage |
 | **Uninstall Safety** | v0.11.1 | ✅ Complete | Manifest-based uninstall, default state preservation, shared owner restore, purge cleanup |
 | **Deterministic Release Guard** | v0.11.2 | ✅ Complete | R1-R10 guard scripts, package-boundary scan, dependency-map scan, R10 manifest-sealed bench workflow |
-| **Experiment Hardening** | v0.11.3 | ✅ Current | R15 Recent Changes integrity, Wave Scope boundary drift checks, enum/filter coverage honesty, R15 bench scenarios |
+| **Experiment Hardening** | v0.11.3 | ✅ Complete | R15 Recent Changes integrity, Wave Scope boundary drift checks, enum/filter coverage honesty, R15 bench scenarios |
+| **Recovery Hardening** | v0.11.4 | ✅ Current | R16 false PASS claim guard, surface-specific Story Contract checks, reviewer dependency evidence, dirty wrap-up guard |
 | **Docs Bridge** | v0.11.1 | 🧪 Experimental | Project Docs Hub Index, docs-bridge skill, local docs hub index with visibility boundaries |
 | **Safety & Branding** | v0.9.6 | ✅ Done | init overwrite backups, shipped pm naming cleanup, LICENSE branding cleanup |
 | **Validation** | v1.0 | 🔜 Next | Real-world project adoption, user feedback collection |

package/harness/agents/lead.md

@@ -157,6 +157,7 @@ When a Story contains multiple Tasks/Waves (from breakdown):
   - Only allowed files changed → continue.
   - Extra files changed → output `[SCOPE-DRIFT: WAVE_BOUNDARY]`, record the extra files, and ask whether the Wave should be collapsed/approved before proceeding.
 - Record a mini Proof Ledger row inline: Evidence, Result, Command / Observation
+- For semantic contracts with "always/every/all/항상", include public surfaces in the Wave proof target (for example: `create/list/get/resolve` return paths). A test that covers only one return path is partial proof.
 - Only after verification passes, prompt: "Wave {N} 완료 (tests pass). Wave {N+1}로 넘어갈까요?"
 - If tests fail → output `[BLOCKER: WAVE_PROOF_FAILING]`, fix within the current Wave, and do NOT advance.
 - This prevents context overload from modifying too many modules simultaneously

package/harness/agents/pm.md

@@ -42,24 +42,22 @@ One of:
 
 ### Step 0: State File Readiness
 
-Before proceeding, verify that required state files have content (not just TODO placeholders):
+Before proceeding, verify required state files have content:
 - `docs/project-brief.md` — Must have Vision and Goals filled
 - `docs/features.md` — Must have at least one feature row
 - `docs/dependency-map.md` — Must have at least one module row (for existing projects)
 
-If ALL files are empty/placeholder-only → **Stop and run the `setup` skill first.** Report: "State files are empty. Running setup to onboard this project."
-If `docs/project-brief.md` alone is empty → **Stop.** Without Vision/Goals, pm cannot check Non-Goals or provide direction guard. Run `setup` first.
+If ALL files are empty/placeholder-only → **Stop and run `setup` first.**
+If `docs/project-brief.md` alone is empty → **Stop.** Without Vision/Goals, pm cannot provide direction guard.
 
 > Step 0 runs BEFORE Step 1. If Step 0 stops (empty brief), Step 1 never executes. When Step 0 passes, Step 1 reads the now-confirmed non-empty project-brief.md for detailed content.
 
 ### Step 0.5: Load Agent Memory
 
 Read `docs/agent-memory/pm.md` for past learnings:
-- Estimation accuracy from previous sprints (did Wave estimates match reality?)
-- Architecture patterns that worked or failed in this project
-- Repeated planning mistakes to avoid
+- estimation accuracy, architecture patterns, repeated planning mistakes
 
-Apply these insights when creating the implementation plan. If the memory file is empty or contains only placeholders, skip this step.
+Apply these when planning. If memory is empty/placeholders only, skip.
 
 ### Step 0.7: Roadmap Draft
 

package/harness/agents/reviewer.md

@@ -36,17 +36,15 @@ Before reviewing, verify that required state files exist and are not empty:
 - `docs/failure-patterns.md` — Must exist (needed for Step 5 cross-check)
 - `docs/project-state.md` — Must have current Sprint info (needed for scope check)
 
-If state files are empty/placeholder-only → Warn: "State files are not filled. Review will proceed but scope check and failure pattern cross-check will be limited. Consider running `setup` skill."
-If `docs/failure-patterns.md` is empty, FP-cross-check (Step 5) will be skipped. This increases risk of recurring bugs.
+If state files are empty/placeholder-only → warn that scope and FP checks are limited; suggest `setup`.
+If `docs/failure-patterns.md` is empty, skip FP cross-check.
 
 ### Step 0.5: Load Agent Memory
 
 Read `docs/agent-memory/reviewer.md` for past learnings:
-- Frequently missed review items in this project
-- Common code patterns that caused issues
-- Review statistics (pass rate, common failure categories)
+- missed review items, risky code patterns, review statistics
 
-Pay extra attention to items flagged in past reviews. If the memory file is empty or contains only placeholders, skip this step.
+If memory is empty/placeholders only, skip.
 
 ### Input
 
@@ -68,11 +66,11 @@ Changed file list (user-provided or from `git diff --name-only`)
 **Step 2.2: Acceptance Contract Gate**
 
 If `docs/project-state.md` has `## Story Contracts` rows for the Story:
-1. Review each row before code-quality review.
-2. Compare assertion vs code, tests, API/UI output, and proof.
-3. Output **Story Contract Review**: `Contract | Status | Evidence`.
-4. `FAIL`, `NOT_PROVEN`, blank Proof Status, or `needs-user-confirmation` blocks `DONE` and commit guidance.
-5. Wrong-contract tests fail.
+1. Compare each row against code, tests, API/UI, and proof.
+2. Output **Story Contract Review**: `Contract | Status | Evidence`.
+3. `FAIL`, `NOT_PROVEN`, blank Proof Status, or `needs-user-confirmation` blocks `DONE`.
+4. Wrong-contract tests fail.
+5. **R16 surface rule**: `always/every/all/항상` contracts must name/prove relevant public paths, e.g. `create/list/get/resolve`. Missing surfaces → `[CONTRACT-GAP: SURFACE_UNSPECIFIED]`.
 
 <!-- CREW_MODE_START -->
 **Step 2.5: CI Standards Compliance (🟣 Pipeline only)**
@@ -123,10 +121,9 @@ Record the result as a **Proof Ledger** entry. Keep it short:
 If state files are in scope, write/request Proof Ledger / Evidence Summary immediately after proof passes.
 
 **Step 4: Security Check (secure skill)**
-- [ ] No credentials, .env, or temp files in staging (FP-004)
-- [ ] No hardcoded API keys or passwords
-- [ ] No injection vulnerabilities (SQL, XSS)
+- [ ] No credentials, hardcoded secrets, injection risks, or temp files
 - [ ] Evaluator artifacts require approval (`harness-owner: evaluator` → `harness-edit-approved`)
+- [ ] **R16 scope/dependency evidence**: For "no external deps/auth/persistence", cite `package.json` and actual `require`/`import` lines. Do not name absent modules; hallucinated deps block `DONE`.
 
 **Step 5: Failure Pattern Cross-Check**
 - Compare current changes against all FP-NNN items in docs/failure-patterns.md
@@ -176,6 +173,8 @@ After running state-check, also verify:
 - [ ] **docs/failure-patterns.md**: If a bug was fixed that matched a pattern, was frequency incremented?
 - [ ] **docs/project-brief.md**: If a technology or architectural decision was made, is it in Decision Log?
 - [ ] **docs/agent-memory/*.md**: If an agent (reviewer/pm/lead) was used this session, was its memory updated by the wrap-up skill?
+- [ ] **R16 guard evidence**: Run/request the guard command and include its exact summary. Any guard error forbids `DONE`/`DONE_WITH_CONCERNS`:
+  `HARNESS_GUARD_ROOT="$PWD" node /path/to/k-harness/scripts/harness-guard.js docs/project-state.md`
 
 For each missing update: flag as `[STATE-AUDIT]` in the output and provide the exact update that should be made.
 **Severity**:
@@ -205,6 +204,8 @@ When review result is DONE or DONE_WITH_CONCERNS (no blockers):
 
 If review is BLOCKED → do NOT suggest commit. Fix first.
 
+Before commit guidance, run `git status --short`; do not imply a commit exists unless `git log --oneline -1` confirms it.
+
 ### Output Format
 
 ```

package/harness/skills/setup.md

@@ -61,10 +61,8 @@ Use `--overwrite` only to reset corrupted state after backup; then rerun setup t
      - `sprint-manager.md` → should be renamed to `lead.md`
      - `navigator.md` → should be renamed to `lead.md`
      - `builder.md` → should be renamed to `pm.md`
-   - For each legacy file found:
-     - If the new name does NOT exist → offer to rename: `mv {legacy}.md {new}.md` (preserves history)
-     - If BOTH exist → ask the user which to keep, or merge contents into the new name and delete the legacy
-   - Confirm with the user before renaming. Record the migration in `docs/project-state.md` Recent Changes.
+   - For each legacy file: offer rename if the new name is absent; if both exist, ask whether to keep or merge.
+   - Confirm before renaming and record the migration in Recent Changes.
 
 **Do NOT modify any code files in this phase.**
 

package/harness/skills/state-check.md

@@ -174,6 +174,18 @@ If `docs/project-brief.md` maps one FR/KPI/ARB row to multiple Story IDs, requir
 
 This catches wrap-up corruption where `## Recent Changes` is inserted in the middle of `FR-008 Durable UI Evidence` and steals the remaining proof content.
 
+### Check 14: Self-Verify Claim Integrity (R16)
+
+If `docs/project-state.md` or the caller output claims `state-check PASS`, `0 FAIL`, `0 WARN`, or `guard no issues`, the claim must be backed by deterministic evidence:
+
+1. Prefer running the installed guard command:
+   `HARNESS_GUARD_ROOT="$PWD" node /path/to/k-harness/scripts/harness-guard.js docs/project-state.md`
+2. If CLI execution is unavailable, do not claim `0 FAIL, 0 WARN`; say `manual state-check only`.
+3. FAIL if any markdown/state/contract/handoff/env-seal issue is visible while the file claims clean self-verify.
+4. FAIL if the guard output is summarized but not shown.
+
+This catches reports such as "state-check PASS: 0 FAIL, 0 WARN" when a Proof Ledger table is malformed or Environment Seal is missing.
+
 ## Output Format
 
 ```
@@ -213,6 +225,10 @@ This catches wrap-up corruption where `## Recent Changes` is inserted in the mid
 ### Check 13: Recent Changes Section Integrity
 - Recent Changes contains only changelog entries / {M} misplaced evidence lines
 
+### Check 14: Self-Verify Claim Integrity
+- Guard output: shown / missing
+- Clean PASS claim matches deterministic result: yes/no
+
 <!-- CREW_MODE_START -->
 ### Check 6: Validation Tracker (🟣)
 - {N} FR references checked / {M} drifted
@@ -252,7 +268,7 @@ When invoked by another agent (pm/reviewer/wrap-up), control returns to the call
 
 - Do NOT invent data. Read the files and report exactly what you find.
 - Do NOT modify state files in this skill — diagnosis only. Caller decides remediation.
-- Do NOT run shell scripts. All checks are markdown-described file reads + comparisons.
+- Do NOT invent deterministic results. If a guard CLI is available, run it; otherwise mark clean PASS claims as manual-only, not `0 FAIL, 0 WARN`.
 - If a check cannot be performed (e.g., `docs/` missing entirely), report it as FAIL and stop — further checks are meaningless.
 
 ## Anti-patterns

package/harness/skills/wrap-up.md

@@ -27,8 +27,7 @@ This is kode:harness's memory mechanism — without it, the same mistakes repeat
 ### Step 1: Review Session Activity
 
 1. Scan recent git changes: `git log --oneline -10` and `git diff --stat HEAD~3`
-2. Identify what was accomplished in this session
-3. Identify any errors, failures, or unexpected issues that occurred
+2. Identify accomplishments and unexpected issues
 
 **Edge Case: Zero-Change Session**
 If `git diff --stat` shows no changes and `git log` shows no new commits this session:
@@ -141,6 +140,22 @@ For each issue/error that occurred in this session:
 
 > **Self-check**: New modules are registered in `docs/dependency-map.md`; state-check is PASS/WARN.
 
+#### Step 5.5b: Guard Evidence (R16) ⚠️ MANDATORY
+
+Before saying `state-check PASS`, `0 FAIL`, `0 WARN`, `STATUS: DONE`, or `Session Learn Complete`, run and quote one guard summary:
+
+```bash
+HARNESS_GUARD_ROOT="$PWD" node /path/to/k-harness/scripts/harness-guard.js docs/project-state.md
+```
+
+or installed script:
+
+```bash
+npm run harness:guard:wrap-up
+```
+
+Rules: paste the exact guard summary. Errors block `STATUS: DONE`; warnings must be listed. Never write `0 FAIL, 0 WARN` unless guard says no issues.
+
 ### Step 5.55: Refresh Project Docs Hub Index (if applicable)
 
 Run only if user used/requested `docs-bridge`, or Project Docs Hub Index has real rows.
@@ -182,6 +197,16 @@ State file 변경사항을 커밋합니다. Learn 실행 결과가 커밋되지
 
 > **Self-check**: `git status`에 docs/ 아래 unstaged 파일이 없어야 합니다.
 
+#### Step 5.65b: Dirty Worktree Truth (R16) ⚠️ MANDATORY
+
+Run:
+
+```bash
+git status --short
+```
+
+Rules: paste exact `git status --short` or `clean`. Dirty `src/`, `test/`, `public/`, or app files mean work is not fully committed. If they remain by policy, report `Session End: DIRTY WORKTREE`.
+
 ### Step 5.7: Git Push Check (session end)
 
 Before ending the session, check for unpushed commits:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kodevibe/harness",
-  "version": "0.11.3",
+  "version": "0.11.4",
   "description": "kode:harness — harness engineering for keeping every developer's AI aligned on one project direction.",
   "keywords": [
     "llm",

package/src/guard.js

@@ -21,6 +21,8 @@
 //   R13 checkSmokeEvidence — browser/manual proof must leave durable evidence
 //   R14 checkScopeSplitApproval — FR/KPI/ARB split mappings need approval
 //   R15 checkRecentChangesIntegrity — wrap-up must not corrupt state sections
+//   R16 checkSelfVerifyClaim — claimed PASS must match deterministic guard
+//   R16 checkReviewerAuditEvidence — scope audits must cite real deps/imports
 //
 // Severity: 'error' blocks the commit (exit 1). 'warn' is informational.
 
@@ -285,6 +287,8 @@ function checkStateFile(content) {
 
 const STORY_CONTRACT_PASS = /✅|pass(?:ed)?|proven|verified|reviewed|done|ok/i;
 const STORY_CONTRACT_NOT_PROVEN = /❌|fail(?:ed)?|not[_ -]?proven|not[_ -]?verified|pending|todo|tbd|blank|needs[_ -]?user[_ -]?confirmation|needs[_ -]?confirmation|⬜|🚫|blocked/i;
+const STORY_CONTRACT_ALWAYS = /\balways\b|\bevery\b|\ball\b|항상|모든|전체/i;
+const STORY_CONTRACT_SURFACE = /\b(create|list|get|resolve|update|delete|api|ui|endpoint|route|public\s+surface|return\s+path)\b|생성|목록|조회|해결|수정|삭제|반환면|공개\s*표면/i;
 
 /**
  * Semantic Story Contract gate. This is intentionally project-agnostic:
@@ -363,12 +367,56 @@ function checkStoryContracts(input = {}) {
           message: `Story ${id} is done but Story Contract "${contract}" is not proven (status: ${status || 'blank'}). Prove every contract row before Done (R11).`,
         });
       }
+      const assertionText = Object.values(row).filter((v) => typeof v === 'string').join(' ');
+      if (STORY_CONTRACT_ALWAYS.test(assertionText)) {
+        const surfaceMatches = assertionText.match(new RegExp(STORY_CONTRACT_SURFACE.source, 'gi')) || [];
+        const uniqueSurfaces = new Set(surfaceMatches.map((s) => s.toLowerCase()));
+        if (uniqueSurfaces.size < 2) {
+          violations.push({
+            check: 'story-contract',
+            severity: 'error',
+            line: 0,
+            message: `Story ${id} contract "${contract}" uses an always/every assertion but does not enumerate public surfaces (e.g. create/list/get/resolve/API/UI). R16 requires surface-specific proof so one return path cannot drift.`,
+          });
+        }
+      }
     }
   }
 
   return violations;
 }
 
+// ─── Self-Verify Claim Gate (R16) ───────────────────────────────────
+
+const CLEAN_SELF_VERIFY_CLAIM = /\b(?:state-check|harness-guard|guard)\b[\s\S]{0,80}\bPASS\b|\b0\s+FAIL\b[\s,;/|]*\b0\s+WARN\b|\b0\s+error\(s\)\b[\s,;/|]*\b0\s+warning\(s\)\b/i;
+
+/**
+ * Catch the Experiment #6 failure mode: a state file claims state-check/guard
+ * passed cleanly while deterministic checks still find errors or warnings.
+ *
+ * @param {string} content project-state.md
+ * @param {Array} deterministicViolations violations found for the same file
+ * @returns {Array}
+ */
+function checkSelfVerifyClaim(content, deterministicViolations = []) {
+  const visible = stripHtmlComments(content);
+  if (!CLEAN_SELF_VERIFY_CLAIM.test(visible)) return [];
+
+  const relevant = deterministicViolations
+    .filter((v) => v.check !== 'self-verify-claim')
+    .filter((v) => v.severity === 'error' || v.severity === 'warn');
+  if (relevant.length === 0) return [];
+
+  const errors = relevant.filter((v) => v.severity === 'error').length;
+  const warnings = relevant.filter((v) => v.severity === 'warn').length;
+  return [{
+    check: 'self-verify-claim',
+    severity: 'error',
+    line: 0,
+    message: `State file claims clean self-verify/PASS, but deterministic guard found ${errors} error(s) and ${warnings} warning(s). Paste/fix the real guard output before reporting DONE (R16).`,
+  }];
+}
+
 // ─── Reviewer Handoff Gate (R3) ──────────────────────────────────────
 
 /**
@@ -786,6 +834,109 @@ function checkEvaluatorArtifact(content, filename = '') {
   }];
 }
 
+// ─── Reviewer Audit Evidence Gate (R16) ─────────────────────────────
+
+const REVIEWER_AUDIT_MODULE_LINE = /^\s*[-*]?\s*(?:\*\*)?(?:Verified modules|Verified imports|Dependencies verified|검증(?:된)?\s*(?:모듈|의존성)|확인(?:된)?\s*(?:모듈|의존성))(?:\*\*)?\s*:/im;
+const REVIEWER_AUDIT_IGNORE = new Set([
+  'project',
+  'project-local',
+  'local',
+  'internal',
+  'built-in',
+  'builtin',
+  'node',
+  'none',
+  'n/a',
+]);
+
+function packageNamesFromJson(packageJson = '') {
+  if (!packageJson.trim()) return new Set();
+  try {
+    const pkg = JSON.parse(packageJson);
+    return new Set([
+      ...Object.keys(pkg.dependencies || {}),
+      ...Object.keys(pkg.devDependencies || {}),
+      ...Object.keys(pkg.peerDependencies || {}),
+      ...Object.keys(pkg.optionalDependencies || {}),
+    ]);
+  } catch {
+    return new Set();
+  }
+}
+
+function moduleNamesFromSourceFiles(sourceFiles = []) {
+  const names = new Set();
+  for (const { file = '', content = '' } of sourceFiles) {
+    const base = file.split(/[\\/]/).pop() || '';
+    if (base.includes('.')) names.add(base.replace(/\.[^.]+$/, ''));
+    const requireRe = /\brequire\(\s*['"]([^'"]+)['"]\s*\)/g;
+    const importRe = /\bfrom\s+['"]([^'"]+)['"]/g;
+    for (const re of [requireRe, importRe]) {
+      let match;
+      while ((match = re.exec(content)) !== null) {
+        const spec = match[1];
+        if (spec.startsWith('.')) {
+          const local = spec.split('/').pop();
+          if (local) names.add(local.replace(/\.[^.]+$/, ''));
+          continue;
+        }
+        names.add(spec.split('/')[0]);
+      }
+    }
+  }
+  return names;
+}
+
+function extractAuditModuleNames(content) {
+  const names = new Set();
+  const lines = content.split('\n');
+  for (const line of lines) {
+    if (!REVIEWER_AUDIT_MODULE_LINE.test(line)) continue;
+    const codeNames = [...line.matchAll(/`([^`]+)`/g)].map((m) => m[1]);
+    const source = codeNames.length > 0 ? codeNames.join(',') : line.split(':').slice(1).join(':');
+    for (const raw of source.split(/[,\s/]+/)) {
+      const token = raw.replace(/^[`"'(*\-\s]+|[`"',.)*\s]+$/g, '');
+      if (!token || token.length < 2) continue;
+      if (!/^[A-Za-z][A-Za-z0-9_.:-]*$/.test(token)) continue;
+      if (REVIEWER_AUDIT_IGNORE.has(token.toLowerCase())) continue;
+      names.add(token.replace(/^node:/, ''));
+    }
+  }
+  return [...names];
+}
+
+/**
+ * Reviewer scope audits are allowed to be judgmental, but dependency evidence
+ * must be grounded in package.json or actual require/import lines. This catches
+ * hallucinated modules such as "express" in a Node http-only project.
+ *
+ * @param {string} content reviewer.md
+ * @param {{packageJson?: string, sourceFiles?: Array<{file:string, content:string}>, filename?: string}} context
+ * @returns {Array}
+ */
+function checkReviewerAuditEvidence(content, { packageJson = '', sourceFiles = [], filename = '' } = {}) {
+  const asserted = extractAuditModuleNames(content);
+  if (asserted.length === 0) return [];
+
+  const builtins = new Set(require('module').builtinModules.map((name) => name.replace(/^node:/, '')));
+  const deps = packageNamesFromJson(packageJson);
+  const sourceNames = moduleNamesFromSourceFiles(sourceFiles);
+  const allowed = new Set([...builtins, ...deps, ...sourceNames]);
+
+  const violations = [];
+  for (const name of asserted) {
+    const normalized = name.replace(/^node:/, '');
+    if (allowed.has(normalized)) continue;
+    violations.push({
+      check: 'reviewer-audit',
+      severity: 'error',
+      line: 0,
+      message: `${filename ? filename + ': ' : ''}reviewer audit cites "${name}" as a verified module/dependency, but it is not in package.json or actual require/import lines (R16). Cite exact evidence or remove it.`,
+    });
+  }
+  return violations;
+}
+
 // ─── Markdown lint (R6 / L3-8) ───────────────────────────────────────
 
 /**
@@ -929,6 +1080,10 @@ function isProjectBriefFile(file) {
   return /(?:^|\/)(?:docs|\.harness)\/project-brief\.md$/.test(file);
 }
 
+function isReviewerMemoryFile(file) {
+  return /(?:^|\/)(?:docs|\.harness)\/agent-memory\/reviewer\.md$/.test(file);
+}
+
 function isScannableForSecrets(file) {
   return /\.(js|ts|jsx|tsx|json|jsonc|ya?ml|env|sh|py|java|md|properties|toml)$/i.test(file)
     && !/\.lock$/.test(file);
@@ -939,6 +1094,35 @@ function isPublicPackageFile(file) {
   return PUBLIC_PACKAGE_PATHS.some((re) => re.test(normalized));
 }
 
+function sourceFilesForAudit(cwd) {
+  const files = [];
+  const roots = ['src', 'lib', 'app', 'server.js', 'index.js'];
+  const addFile = (rel) => {
+    const abs = path.join(cwd, rel);
+    if (!fs.existsSync(abs) || !fs.statSync(abs).isFile()) return;
+    if (!/\.(?:js|mjs|cjs|ts|tsx|jsx)$/.test(rel)) return;
+    files.push({ file: rel, content: fs.readFileSync(abs, 'utf8') });
+  };
+  const walkSource = (relDir) => {
+    const absDir = path.join(cwd, relDir);
+    if (!fs.existsSync(absDir) || !fs.statSync(absDir).isDirectory()) return;
+    for (const name of fs.readdirSync(absDir)) {
+      if (name.startsWith('.') || name === 'node_modules') continue;
+      const rel = path.join(relDir, name);
+      const abs = path.join(cwd, rel);
+      if (fs.statSync(abs).isDirectory()) walkSource(rel);
+      else addFile(rel);
+    }
+  };
+  for (const root of roots) {
+    const abs = path.join(cwd, root);
+    if (!fs.existsSync(abs)) continue;
+    if (fs.statSync(abs).isDirectory()) walkSource(root);
+    else addFile(root);
+  }
+  return files;
+}
+
 /**
  * Run all guard checks over a set of files.
  * @param {{files: string[], cwd?: string}} opts
@@ -954,6 +1138,7 @@ function runGuard({ files, cwd = process.cwd() }) {
     const content = fs.readFileSync(abs, 'utf8');
     const rel = path.relative(cwd, abs);
     scanned++;
+    const beforeFile = all.length;
 
     if (isScannableForSecrets(file)) {
       all.push(...scanSecrets(content, rel));
@@ -979,10 +1164,19 @@ function runGuard({ files, cwd = process.cwd() }) {
       if (STATE_LINE_LIMITS[base]) {
         all.push(...lintLineLimit(content, STATE_LINE_LIMITS[base], rel));
       }
+      all.push(...checkSelfVerifyClaim(content, all.slice(beforeFile)));
     }
     if (isProjectBriefFile(file)) {
       all.push(...checkScopeSplitApproval({ projectBrief: content }));
     }
+    if (isReviewerMemoryFile(file)) {
+      const pkgPath = path.join(cwd, 'package.json');
+      all.push(...checkReviewerAuditEvidence(content, {
+        filename: rel,
+        packageJson: fs.existsSync(pkgPath) ? fs.readFileSync(pkgPath, 'utf8') : '',
+        sourceFiles: sourceFilesForAudit(cwd),
+      }));
+    }
   }
 
   const errorCount = all.filter((v) => v.severity === 'error').length;
@@ -999,11 +1193,13 @@ module.exports = {
   checkStateSync,
   checkScopeSplitApproval,
   checkRecentChangesIntegrity,
+  checkSelfVerifyClaim,
   checkIntegrationDoD,
   checkSmokeEvidence,
   checkEnvSeal,
   checkPublicBoundary,
   checkEvaluatorArtifact,
+  checkReviewerAuditEvidence,
   lintMarkdownTables,
   lintLineLimit,
   checkInstructionBudget,