@meetless/mla 0.1.4

package/dist/lib/rules/ce0-telemetry-project.js

@@ -0,0 +1,93 @@
+"use strict";
+// CE0 offline telemetry projection: the CE0 durable store -> the §6.4 analytics events the harness
+// measures precision/recall and outcome rates with. Pure: a store record in, an analytics
+// RecordInput out; no I/O, no clock (the `mla evidence ce0-emit-telemetry` sweep supplies the store
+// and the recorder supplies the envelope).
+//
+// Brutal honesty about scope. The CE0 store is a GRADING store, not a complete telemetry source, so
+// only the two events it honestly backs are projected:
+//
+//   memory_requirement_assessed   one per assessment row (the precision/recall denominator)
+//   evidence_obligation_finalized one per FINALIZED obligation row
+//
+// The other two §6.4 events are live-only and deliberately NOT projected here: a fabricated
+// latency_ms (evidence_consultation_completed) or per-hook duration (evidence_hook_health) has no
+// honest offline value, and zero would be a false measurement.
+//
+// work_type rides as an accurate "not recorded" constant (CE0 does not classify the turn), as does
+// the finalized event's answer_disposition (a human label set offline, never on the live obligation,
+// so null is honest here). The sampling_bucket is NOT a constant: every assessment row carries its
+// own deterministic bucket (R3 P0.9), projected verbatim so the offline unflagged-recall sample is
+// reconstructible. satisfied_by_sources is ALSO not a constant: the live obligation's
+// subjectSatisfaction is always [] (the runtime only records facts), so the projector recomputes the
+// proof set offline exactly as ce0-export does, then resolves each proof's consultation back to the
+// §1.6 source that initiated it. The recompute is bounded by the same frozen deadline the first Stop
+// claimed, so a late consultation can never manufacture an on-time source.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CE0_WORK_TYPE_UNKNOWN = void 0;
+exports.ce0TurnId = ce0TurnId;
+exports.projectAssessedEvent = projectAssessedEvent;
+exports.projectFinalizedEvent = projectFinalizedEvent;
+const ce0_store_1 = require("./ce0-store");
+const requirement_subject_1 = require("./requirement-subject");
+const ce0_telemetry_1 = require("./ce0-telemetry");
+/** CE0 does not classify the turn's work type. */
+exports.CE0_WORK_TYPE_UNKNOWN = "unknown";
+/** The CE0 turn coordinate carried in telemetry: the (session, sequence) pair the analytics side
+ * joins on. The assessment/obligation rows store both halves; this is their canonical rendering. */
+function ce0TurnId(sessionId, localTurnSequence) {
+    return `${sessionId}:${localTurnSequence}`;
+}
+/** Project one assessment row into a memory_requirement_assessed event. EVERY assessment is a
+ * telemetry fact (REQUIRED or not): the negative half is the precision/recall denominator. */
+function projectAssessedEvent(rec) {
+    return (0, ce0_telemetry_1.buildMemoryRequirementAssessedEvent)({
+        assessmentId: rec.assessmentId,
+        turnId: ce0TurnId(rec.sessionId, rec.localTurnSequence),
+        localTurnSequence: rec.localTurnSequence,
+        memoryRequirement: rec.requirement,
+        workType: exports.CE0_WORK_TYPE_UNKNOWN,
+        classifierVersion: rec.classifierVersion,
+        markerSetVersion: rec.markerSetVersion,
+        markersMatched: rec.markersMatched,
+        samplingBucket: rec.samplingBucket,
+    });
+}
+/**
+ * Recompute the distinct §1.6 sources that proved a required subject for this obligation, in
+ * canonical CONSULTATION_SOURCES order. The live subjectSatisfaction is always [] in CE0, so this
+ * mirrors ce0-export: map the turn's consultations onto the reducer input, take the eligible set
+ * bounded by the frozen deadline, recompute the proof set, then resolve each proof's consultation
+ * back to its source. Deduped (the tuple lists each source once) and stably ordered.
+ */
+function resolveSatisfiedSources(obl, consultations) {
+    const eligible = (0, requirement_subject_1.selectEligibleConsultations)(consultations.map(ce0_store_1.consultationRecordToReducerInput), obl.deadlineClaimedAt);
+    const proofs = (0, requirement_subject_1.recomputeSubjectSatisfaction)(obl.requiredSubjects, eligible);
+    const sourceById = new Map(consultations.map((c) => [c.consultationId, c.source]));
+    const proven = new Set();
+    for (const proof of proofs) {
+        const source = sourceById.get(proof.consultationId);
+        if (source)
+            proven.add(source);
+    }
+    return requirement_subject_1.CONSULTATION_SOURCES.filter((s) => proven.has(s));
+}
+/** Project one FINALIZED obligation row into an evidence_obligation_finalized event. The DB
+ * invariant ties FINALIZED to a non-null outcome, so a null outcome means the caller handed in a
+ * non-finalized row; reject it loudly rather than emit a malformed event. The turn's consultations
+ * are passed alongside the obligation so the projector can recompute which sources proved a subject
+ * (the live subjectSatisfaction is always [] in CE0). */
+function projectFinalizedEvent(obl, consultations) {
+    if (obl.outcome === null) {
+        throw new Error(`projectFinalizedEvent: obligation ${obl.obligationId} has no outcome (not FINALIZED)`);
+    }
+    return (0, ce0_telemetry_1.buildEvidenceObligationFinalizedEvent)({
+        obligationId: obl.obligationId,
+        localTurnSequence: obl.localTurnSequence,
+        ruleVersionId: obl.ruleVersionId,
+        stateVersion: obl.stateVersion,
+        outcome: obl.outcome,
+        satisfiedBySources: resolveSatisfiedSources(obl, consultations),
+        answerDisposition: null,
+    });
+}

package/dist/lib/rules/ce0-telemetry.js

@@ -0,0 +1,158 @@
+"use strict";
+// CE0 minimal telemetry: the EXACTLY four PostHog events the harness needs to measure
+// precision, recall, the consultation rate, and hook health
+// (notes/20260617-evidence-consultation-forcing-function-proposal.md §6.4, R3 P1.6):
+//
+//   memory_requirement_assessed      every classified turn (the precision/recall denominator)
+//   evidence_consultation_completed  every governed-memory consultation, keyed by the consultation
+//   evidence_obligation_finalized    emitted offline by the label importer (§2.3)
+//   evidence_hook_health             the latency/health watchdog
+//
+// These are PURE projections: a CE0 record -> the analytics RecordInput the recorder ships. No I/O,
+// no clock; the recorder supplies the envelope (workspace, session, run, trace, timestamps). The
+// privacy boundary (INV-POSTHOG-PII-1) holds field by field: ids, enums, counts, booleans,
+// durations, and hashes only. markersMatched is hashed here, never emitted verbatim.
+//
+// eventId strategy mirrors event-id.ts's server-recomputable family. ALL FOUR events carry a
+// deterministic id so a hook re-firing across processes dedupes on (businessKey, version): the
+// assessment on (assessmentId, 0), the consultation on (consultationId, 0), the finalization on
+// (obligationId, stateVersion), and the health watchdog on (hook + operationIdentity, 0). The health
+// event's operationIdentity is the stable per-hook coordinate the hook acted on (§6.4 P0.2), so a
+// retried hook hashes to the same id rather than minting a fresh CLI-origin id and double-counting.
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hashMarkerSet = hashMarkerSet;
+exports.buildMemoryRequirementAssessedEvent = buildMemoryRequirementAssessedEvent;
+exports.buildEvidenceConsultationCompletedEvent = buildEvidenceConsultationCompletedEvent;
+exports.buildEvidenceObligationFinalizedEvent = buildEvidenceObligationFinalizedEvent;
+exports.buildEvidenceHookHealthEvent = buildEvidenceHookHealthEvent;
+const crypto = __importStar(require("crypto"));
+const event_id_1 = require("../analytics/event-id");
+const envelope_1 = require("../analytics/envelope");
+const OBLIGATION_OUTCOME_SET = new Set(envelope_1.OBLIGATION_OUTCOME_LABELS);
+/** Hash a marker set to a stable hex digest. Order-independent (the SET, not the sequence, is the
+ * identity) and one-way, so the matched markers never leave the device as raw text (§6.4 privacy). */
+function hashMarkerSet(markers) {
+    const canonical = [...new Set(markers)].sort().join("\n");
+    return crypto.createHash("sha256").update(canonical).digest("hex");
+}
+/** One event per classified turn (REQUIRED or not). Without it the precision/recall denominator
+ * (the turns you did NOT flag) is unobservable. Carries no obligationId by design. */
+function buildMemoryRequirementAssessedEvent(input) {
+    return {
+        eventType: "memory_requirement_assessed",
+        eventId: (0, event_id_1.deterministicEventId)(input.assessmentId, 0),
+        payload: {
+            assessment_id: input.assessmentId,
+            turn_id: input.turnId,
+            local_turn_sequence: input.localTurnSequence,
+            memory_requirement: input.memoryRequirement,
+            work_type: input.workType,
+            classifier_version: input.classifierVersion,
+            marker_set_version: input.markerSetVersion,
+            markers_matched_hashed: hashMarkerSet(input.markersMatched),
+            sampling_bucket: input.samplingBucket,
+        },
+    };
+}
+/** One event per governed-memory consultation, keyed by the consultation (NOT the obligation). No
+ * FULL/PARTIAL/NONE coverage summary in CE0: coverage grading is offline (§1.6). `ruleVersionId` and
+ * `latencyMs` are optional (§6.4 P1.2 / P0.2) and carried only when the turn supplies them, mirroring
+ * the health event's optional `turnId`. */
+function buildEvidenceConsultationCompletedEvent(input) {
+    // §6.4 / P0.3: result is present IFF the consultation is COMPLETE.
+    const complete = input.execution === "COMPLETE";
+    if (complete !== (input.result !== null)) {
+        throw new Error(`evidence_consultation_completed: result must be present IFF execution is COMPLETE ` +
+            `(execution=${input.execution}, result=${input.result})`);
+    }
+    const payload = {
+        consultation_id: input.consultationId,
+        local_turn_sequence: input.localTurnSequence,
+        source: input.source,
+        execution: input.execution,
+        result: input.result,
+        delivered_to_answering_context: input.deliveredToAnsweringContext,
+    };
+    if (input.ruleVersionId !== undefined)
+        payload.rule_version_id = input.ruleVersionId;
+    if (input.latencyMs !== undefined)
+        payload.latency_ms = input.latencyMs;
+    return {
+        eventType: "evidence_consultation_completed",
+        eventId: (0, event_id_1.deterministicEventId)(input.consultationId, 0),
+        payload,
+    };
+}
+/** Emitted by the offline label importer (§2.3) when an obligation finalizes. Server-recomputable on
+ * (obligationId, stateVersion): a re-import at the same stateVersion dedupes; a later finalization
+ * (a new stateVersion) is a distinct row. */
+function buildEvidenceObligationFinalizedEvent(input) {
+    if (!OBLIGATION_OUTCOME_SET.has(input.outcome)) {
+        throw new Error(`evidence_obligation_finalized: outcome "${input.outcome}" is not a §6.4 ObligationOutcome`);
+    }
+    return {
+        eventType: "evidence_obligation_finalized",
+        eventId: (0, event_id_1.deterministicEventId)(input.obligationId, input.stateVersion),
+        payload: {
+            obligation_id: input.obligationId,
+            local_turn_sequence: input.localTurnSequence,
+            rule_version_id: input.ruleVersionId,
+            state_version: input.stateVersion,
+            outcome: input.outcome,
+            satisfied_by_sources: input.satisfiedBySources,
+            answer_disposition: input.answerDisposition,
+        },
+    };
+}
+/** The latency/health watchdog: one row per hook invocation. Keyed by (hook, operationIdentity) so a
+ * hook that re-fires across processes (a Stop continuation, a retry) re-appends the SAME deterministic
+ * eventId and the projection dedups it instead of double-counting (§6.4 P0.2). */
+function buildEvidenceHookHealthEvent(input) {
+    const payload = {
+        hook: input.hook,
+        operation_identity: input.operationIdentity,
+        duration_ms: input.durationMs,
+        failed: input.failed,
+        reason: input.reason,
+    };
+    if (input.turnId !== undefined)
+        payload.turn_id = input.turnId;
+    return {
+        eventType: "evidence_hook_health",
+        eventId: (0, event_id_1.deterministicEventId)(`${input.hook}:${input.operationIdentity}`, 0),
+        payload,
+    };
+}

package/dist/lib/rules/code-rule-registry.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCodeRule = getCodeRule;
+const canonical_json_1 = require("./canonical-json");
+const ce0_rule_1 = require("./ce0-rule");
+/** The closed registry, keyed by code-rule name. Adding a rule here is the only way to enroll one. */
+const CODE_RULES = {
+    [ce0_rule_1.CONSULT_EVIDENCE_RULE_ID]: {
+        ruleId: ce0_rule_1.CONSULT_EVIDENCE_RULE_ID,
+        serializedPayload: (0, canonical_json_1.canonicalize)(ce0_rule_1.CONSULT_EVIDENCE_RULE_PAYLOAD),
+        canonicalPayloadHash: ce0_rule_1.CONSULT_EVIDENCE_CANONICAL_PAYLOAD_HASH,
+    },
+};
+/** Resolve a code-rule by name; null when no such rule ships in source (never fabricates one). */
+function getCodeRule(name) {
+    return CODE_RULES[name] ?? null;
+}

package/dist/lib/rules/command-match.js

@@ -0,0 +1,185 @@
+"use strict";
+// COMMAND matcher: the pure tokenizer + classifier for the git/prisma rule class
+// (GAP2).
+//
+// The proposal declares Bash PATH enforcement out of v1 (§552-556 / §3167) because
+// a shell string is opaque: cp/mv/python/redirection/eval can perform an effect
+// without the literal tokens appearing, so you can never prove a command is SAFE
+// for a path rule. This module covers the decidable HALF the proposal left out:
+// the POSITIVE literal match. If the forbidden tokens (e.g. "git push") appear as
+// a contiguous run of unquoted, uncommented words, the command performs that
+// operation. Opacity can only ADD effects, never remove the literal one, so a
+// positive match is a sound VIOLATION.
+//
+// The asymmetry is deliberate and is the whole reason this matcher exists:
+//   forbidden token run present   -> MATCHES_FORBIDDEN -> VIOLATION
+//   no run found                  -> NO_MATCH          -> UNKNOWN (NOT compliant)
+//   non-string / no usable needle -> INDETERMINATE     -> UNKNOWN
+// There is NO command COMPLIANT. A non-match cannot prove the command will not push
+// (an alias, a wrapper script, eval, or $VAR expansion could), so the absence of
+// the run is UNKNOWN, never proof of compliance. That is the inverse of the CONTENT
+// matcher, whose field is fully observable and so CAN produce a real COMPLIANT.
+//
+// Soundness of a positive match rests on three tokenizer guarantees:
+//  1. quotes collapse a run into ONE token, so `echo "git push"` is not a match;
+//  2. a `#` at a word boundary starts a comment, so `ls # git push` is not a match;
+//  3. statement separators (newline, ; | &, parens) break a segment, so `git ;
+//     push` is two statements, not the `git push` invocation.
+// Known, ACCEPTED limitation: a command reached indirectly (an absolute path like
+// `/usr/bin/git push`, a subshell `(git push)` with no inner spaces, an alias) will
+// MISS. A miss is a false negative that degrades to UNKNOWN, which is the safe,
+// non-denying state. This matcher is OBSERVE-ONLY in this slice; it must never deny
+// until a tokenized pattern is human-attested, which is the safety valve for the
+// residual risk that a contrived redirect target places the tokens consecutively.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.tokenizeCommand = tokenizeCommand;
+exports.classifyCommand = classifyCommand;
+// Statement separators that break a token run. A forbidden sequence can never
+// match ACROSS one of these, so two adjacent statements cannot be read as a single
+// command invocation. Redirections (< >) are deliberately NOT here: they leave
+// their operator as its own token, which already breaks contiguity.
+const SEPARATORS = new Set([";", "|", "&", "(", ")", "\n"]);
+const DQUOTE_ESCAPABLE = new Set(['"', "\\", "$", "`", "\n"]);
+/**
+ * A deliberately small POSIX-ish tokenizer, scoped to what a SOUND positive match
+ * needs: single quotes (literal), double quotes (with the POSIX backslash escapes),
+ * backslash escaping and line continuation, `#` comments at a word boundary, and
+ * the statement separators above. It does not expand variables, globs, aliases, or
+ * substitutions: those only ever cause a MISS (UNKNOWN), never a false match.
+ */
+function tokenizeCommand(raw) {
+    const segments = [];
+    let segment = [];
+    let token = "";
+    let inToken = false;
+    const endToken = () => {
+        if (inToken) {
+            segment.push(token);
+            token = "";
+            inToken = false;
+        }
+    };
+    const endSegment = () => {
+        endToken();
+        if (segment.length > 0) {
+            segments.push(segment);
+            segment = [];
+        }
+    };
+    let i = 0;
+    while (i < raw.length) {
+        const c = raw[i];
+        if (c === "'") {
+            inToken = true;
+            i++;
+            while (i < raw.length && raw[i] !== "'") {
+                token += raw[i];
+                i++;
+            }
+            i++; // consume the closing quote (or run off the end on an unbalanced quote)
+            continue;
+        }
+        if (c === '"') {
+            inToken = true;
+            i++;
+            while (i < raw.length && raw[i] !== '"') {
+                if (raw[i] === "\\" && i + 1 < raw.length && DQUOTE_ESCAPABLE.has(raw[i + 1])) {
+                    token += raw[i + 1];
+                    i += 2;
+                    continue;
+                }
+                token += raw[i];
+                i++;
+            }
+            i++;
+            continue;
+        }
+        if (c === "\\") {
+            if (i + 1 < raw.length && raw[i + 1] === "\n") {
+                i += 2; // line continuation: both chars vanish
+                continue;
+            }
+            if (i + 1 < raw.length) {
+                token += raw[i + 1];
+                inToken = true;
+                i += 2;
+                continue;
+            }
+            token += c;
+            inToken = true;
+            i++;
+            continue;
+        }
+        // A hash starts a comment only at a word boundary (not mid-token), matching
+        // shell semantics: `abc#def` is one word, ` # ...` is a comment.
+        if (c === "#" && !inToken) {
+            while (i < raw.length && raw[i] !== "\n") {
+                i++;
+            }
+            continue;
+        }
+        if (c === " " || c === "\t" || c === "\r") {
+            endToken();
+            i++;
+            continue;
+        }
+        if (SEPARATORS.has(c)) {
+            endSegment();
+            i++;
+            continue;
+        }
+        token += c;
+        inToken = true;
+        i++;
+    }
+    endSegment();
+    return segments;
+}
+/** True iff `needle` occurs as a contiguous run inside `haystack`. */
+function containsRun(haystack, needle) {
+    if (needle.length === 0 || needle.length > haystack.length) {
+        return false;
+    }
+    for (let start = 0; start + needle.length <= haystack.length; start++) {
+        let all = true;
+        for (let k = 0; k < needle.length; k++) {
+            if (haystack[start + k] !== needle[k]) {
+                all = false;
+                break;
+            }
+        }
+        if (all) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Classify a candidate command string against a set of forbidden token sequences.
+ *
+ * INDETERMINATE when the value is not a string, or when no usable forbidden
+ * sequence remains after dropping sequences that are empty or contain an empty
+ * token (an empty token would degenerate matching). Otherwise MATCHES_FORBIDDEN
+ * iff some forbidden sequence is a contiguous run within some statement segment;
+ * NO_MATCH if none are. NO_MATCH is NOT compliance (see module header).
+ */
+function classifyCommand(rawCommand, forbiddenSequences) {
+    if (typeof rawCommand !== "string") {
+        return "INDETERMINATE";
+    }
+    const needles = forbiddenSequences.filter((seq) => Array.isArray(seq) &&
+        seq.length > 0 &&
+        seq.every((t) => typeof t === "string" && t.length > 0));
+    if (needles.length === 0) {
+        return "INDETERMINATE";
+    }
+    const segments = tokenizeCommand(rawCommand);
+    for (const segment of segments) {
+        for (const needle of needles) {
+            if (containsRun(segment, needle)) {
+                return "MATCHES_FORBIDDEN";
+            }
+        }
+    }
+    return "NO_MATCH";
+}

package/dist/lib/rules/consult-evidence-binding.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveConsultEvidenceRuleBinding = resolveConsultEvidenceRuleBinding;
+const ce0_rule_1 = require("./ce0-rule");
+const local_rule_version_repo_1 = require("./local-rule-version-repo");
+/**
+ * Resolve the consult-evidence obligation binding for a runtime scope. Returns the LIVE attested version's
+ * id + stored hash when one exists for the scope; otherwise the frozen compile-time identity (the unarmed
+ * measurement default). The two branches differ only in the version id unless a seed bump rotated the hash.
+ */
+function resolveConsultEvidenceRuleBinding(store, runtimeScopeId) {
+    const live = (0, local_rule_version_repo_1.getLiveLocalRuleVersion)(store, runtimeScopeId, ce0_rule_1.CONSULT_EVIDENCE_RULE_ID);
+    if (live) {
+        return {
+            ruleId: live.ruleId,
+            ruleVersionId: live.versionId,
+            canonicalPayloadHash: live.canonicalPayloadHash,
+            attested: true,
+        };
+    }
+    return {
+        ruleId: ce0_rule_1.CONSULT_EVIDENCE_RULE_ID,
+        ruleVersionId: ce0_rule_1.CONSULT_EVIDENCE_RULE_VERSION_ID,
+        canonicalPayloadHash: ce0_rule_1.CONSULT_EVIDENCE_CANONICAL_PAYLOAD_HASH,
+        attested: false,
+    };
+}

package/dist/lib/rules/consultation-capture-adapter.js

@@ -0,0 +1,193 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.classifyConsultationTool = classifyConsultationTool;
+exports.classifyRetrievalEnvelope = classifyRetrievalEnvelope;
+exports.parsePostToolUseInput = parsePostToolUseInput;
+exports.captureMemoryConsultation = captureMemoryConsultation;
+const crypto_1 = require("crypto");
+const ce0_store_1 = require("./ce0-store");
+const requirement_subject_1 = require("./requirement-subject");
+function isPlainObject(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function describeError(err) {
+    return err instanceof Error ? err.message : String(err);
+}
+function defaultNewId() {
+    return `con:${(0, crypto_1.randomUUID)()}`;
+}
+const CONSULTATION_TOOL_PATTERN = /(?:^|__)meetless__(retrieve_knowledge|kb_doc_detail|query)$/;
+/**
+ * Recognize the governed-memory pull surface from the real (double-prefixed) hook tool name,
+ * e.g. `mcp__meetless__meetless__retrieve_knowledge`. Returns null for everything else,
+ * including the verdict write and a same-named tool on a foreign server.
+ */
+function classifyConsultationTool(toolName) {
+    const match = CONSULTATION_TOOL_PATTERN.exec(toolName);
+    return match ? match[1] : null;
+}
+/** The subject text of a pull: the query for retrieve_knowledge / query, the document id
+ * for kb_doc_detail. Null (a missing or blank field) makes the event uncapturable. */
+function extractConsultationText(tool, toolInput) {
+    const field = tool === "kb_doc_detail" ? "document_id" : "query";
+    const value = toolInput[field];
+    return typeof value === "string" && value.trim().length > 0 ? value : null;
+}
+function extractResultPayload(response) {
+    const content = response.content;
+    if (!Array.isArray(content) || content.length === 0)
+        return null;
+    const first = content[0];
+    if (!isPlainObject(first) || typeof first.text !== "string")
+        return null;
+    try {
+        const parsed = JSON.parse(first.text);
+        return isPlainObject(parsed) ? parsed : null;
+    }
+    catch {
+        return null;
+    }
+}
+/** A clean empty governed result (count 0, or an empty candidates/results array) is a
+ * NO_MATCH; any other parseable success carries a result. kb_doc_detail and ask answers
+ * have no emptiness signal, so they read as RESULTS_RETURNED. */
+function payloadCarriesResults(payload) {
+    if (typeof payload.count === "number")
+        return payload.count > 0;
+    if (Array.isArray(payload.candidates))
+        return payload.candidates.length > 0;
+    if (Array.isArray(payload.results))
+        return payload.results.length > 0;
+    return true;
+}
+/**
+ * Classify the MCP CallToolResult envelope into the §1.6 execution / result pair. Only an
+ * explicit handler error is FAILED; a valid parseable response is COMPLETE (with a result
+ * subtype that is telemetry only and does not gate satisfaction); anything malformed,
+ * missing, or uncorrelatable is UNKNOWN. result is present iff COMPLETE.
+ */
+function classifyRetrievalEnvelope(toolResponse) {
+    if (!isPlainObject(toolResponse)) {
+        return { execution: "UNKNOWN" };
+    }
+    if (toolResponse.isError === true) {
+        return { execution: "FAILED" };
+    }
+    const payload = extractResultPayload(toolResponse);
+    if (payload === null) {
+        return { execution: "UNKNOWN" };
+    }
+    return {
+        execution: "COMPLETE",
+        result: payloadCarriesResults(payload) ? "RESULTS_RETURNED" : "NO_MATCH",
+    };
+}
+/**
+ * Parse and minimally validate the raw PostToolUse payload. Accepts either an already
+ * parsed object or the raw JSON string. Returns null for any shape that is not a usable
+ * PostToolUse event (a non-empty string tool_name and an object tool_input); the adapter
+ * maps that null to INFRA. The session coordinate is checked separately so its absence
+ * gets a distinct diagnostic.
+ */
+function parsePostToolUseInput(raw) {
+    let obj = raw;
+    if (typeof raw === "string") {
+        try {
+            obj = JSON.parse(raw);
+        }
+        catch {
+            return null;
+        }
+    }
+    if (!isPlainObject(obj))
+        return null;
+    const toolName = obj.tool_name;
+    if (typeof toolName !== "string" || toolName.length === 0)
+        return null;
+    if (!isPlainObject(obj.tool_input))
+        return null;
+    const str = (v) => (typeof v === "string" ? v : undefined);
+    return {
+        session_id: str(obj.session_id),
+        transcript_path: str(obj.transcript_path),
+        cwd: str(obj.cwd),
+        hook_event_name: str(obj.hook_event_name),
+        tool_name: toolName,
+        tool_input: obj.tool_input,
+        tool_response: obj.tool_response,
+    };
+}
+/**
+ * Capture one governed-memory consultation. Records a ConsultationAttempt fact under the
+ * turn's LocalTurnIdentity and returns an empty (injection-free) hook response.
+ */
+function captureMemoryConsultation(rawInput, config) {
+    const NO_INJECTION = {};
+    const parsed = parsePostToolUseInput(rawInput);
+    if (!parsed) {
+        return { response: NO_INJECTION, outcome: { kind: "INFRA", diagnostic: "malformed hook input" } };
+    }
+    const tool = classifyConsultationTool(parsed.tool_name);
+    if (!tool) {
+        return { response: NO_INJECTION, outcome: { kind: "NOT_APPLICABLE" } };
+    }
+    if (!parsed.session_id) {
+        return {
+            response: NO_INJECTION,
+            outcome: { kind: "INFRA", diagnostic: "missing session_id coordinate" },
+        };
+    }
+    const queryText = extractConsultationText(tool, parsed.tool_input);
+    if (queryText === null) {
+        return {
+            response: NO_INJECTION,
+            outcome: { kind: "INFRA", diagnostic: "missing consultation query" },
+        };
+    }
+    const identity = (0, ce0_store_1.resolveLatestTurnIdentity)(config.store, {
+        workspaceId: config.workspaceId,
+        sessionId: parsed.session_id,
+    });
+    if (!identity) {
+        return {
+            response: NO_INJECTION,
+            outcome: { kind: "INFRA", diagnostic: "no turn identity for session" },
+        };
+    }
+    const now = config.now ?? Date.now;
+    const newId = config.newId ?? defaultNewId;
+    const envelope = classifyRetrievalEnvelope(parsed.tool_response);
+    try {
+        const draft = {
+            consultationId: newId(),
+            workspaceId: config.workspaceId,
+            sessionId: parsed.session_id,
+            localTurnSequence: identity.localTurnSequence,
+            source: "AGENT_PULL",
+            consultationSubjects: [(0, requirement_subject_1.buildConsultationSubjectFromQuery)(queryText)],
+            execution: envelope.execution,
+            result: envelope.result ?? null,
+            deliveredToAnsweringContext: true,
+            createdAt: now(),
+        };
+        const rec = (0, ce0_store_1.appendConsultationAttempt)(config.store, draft);
+        return {
+            response: NO_INJECTION,
+            outcome: {
+                kind: "CAPTURED",
+                consultationId: rec.consultationId,
+                source: "AGENT_PULL",
+                execution: rec.execution,
+                result: rec.result,
+                localTurnSequence: rec.localTurnSequence,
+                orderingToken: rec.orderingToken,
+            },
+        };
+    }
+    catch (err) {
+        return {
+            response: NO_INJECTION,
+            outcome: { kind: "INFRA", diagnostic: `persistence failure: ${describeError(err)}` },
+        };
+    }
+}