@neuroverseos/governance 0.6.1 → 0.7.0

package/dist/radiant/index.cjs

@@ -1,7 +1,9 @@
 "use strict";
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -15,6 +17,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/radiant/index.ts
@@ -24,11 +34,13 @@ __export(radiant_exports, {
   DEFAULT_SIGNAL_EXTRACTORS: () => DEFAULT_SIGNAL_EXTRACTORS,
   LENSES: () => LENSES,
   RADIANT_PACKAGE_VERSION: () => RADIANT_PACKAGE_VERSION,
+  auditGovernance: () => auditGovernance,
   aukiBuilderLens: () => aukiBuilderLens,
   checkForbiddenPhrases: () => checkForbiddenPhrases,
   classifyActorDomain: () => classifyActorDomain,
   classifyEvents: () => classifyEvents,
   composeSystemPrompt: () => composeSystemPrompt,
+  computePersistence: () => computePersistence,
   createAnthropicAI: () => createAnthropicAI,
   createMockAI: () => createMockAI,
   createMockGitHubAdapter: () => createMockGitHubAdapter,
@@ -36,6 +48,7 @@ __export(radiant_exports, {
   extractSignals: () => extractSignals,
   fetchGitHubActivity: () => fetchGitHubActivity,
   formatExocortexForPrompt: () => formatExocortexForPrompt,
+  formatPriorReadsForPrompt: () => formatPriorReadsForPrompt,
   formatScope: () => formatScope,
   getLens: () => getLens,
   interpretPatterns: () => interpretPatterns,
@@ -43,6 +56,7 @@ __export(radiant_exports, {
   isScored: () => isScored,
   isSentinel: () => isSentinel,
   listLenses: () => listLenses,
+  loadPriorReads: () => loadPriorReads,
   parseRepoScope: () => parseRepoScope,
   presenceAverage: () => presenceAverage,
   readExocortex: () => readExocortex,
@@ -52,7 +66,9 @@ __export(radiant_exports, {
   scoreLife: () => scoreLife,
   scoreNeuroVerse: () => scoreNeuroVerse,
   summarizeExocortex: () => summarizeExocortex,
-  think: () => think
+  think: () => think,
+  updateKnowledge: () => updateKnowledge,
+  writeRead: () => writeRead
 });
 module.exports = __toCommonJS(radiant_exports);
 
@@ -1212,7 +1228,7 @@ Only recommend a move when the evidence actually calls for one.
     }
   ],
   "meaning": "3-5 sentences. Weave the patterns into ONE strategic thesis. Compress. The reader should finish this paragraph and understand the one thing that matters most in this read. Plain English \u2014 no system jargon.",
-  "move": "1-3 direct imperatives, OR explicit 'nothing to act on' if the read is healthy. Do not fabricate urgency. Examples: 'Force cross-module ownership this sprint.' / 'Nothing's broken. Keep shipping.' / 'If you want future reads to track this pattern by name, add a line to your strategy file.'"
+  "move": "1-3 direct imperatives, OR explicit 'nothing to act on' if the read is healthy. Do not fabricate urgency. When a candidate pattern has high confidence (>0.6), tell the reader EXACTLY where to declare it: 'If you want Radiant to track [pattern_name] over time, add it to auki-strategy.worldmodel.md under Evolution Layer \u2192 Drift Behaviors (or Aligned Behaviors if it is positive). If you don't, Radiant will rediscover it from scratch next run.' Be specific about the file and section \u2014 don't make them guess."
 }
 \`\`\`
 
@@ -1368,6 +1384,27 @@ Lens:   ${input.lens.name}`
     `  Composite:                 ${formatScore(input.scores.R)}`
   ].join("\n");
   sections.push(alignBlock);
+  if (input.governance && input.governance.totalEvents > 0) {
+    const gov = input.governance;
+    const govLines = ["GOVERNANCE", "", `  ${gov.summary}`];
+    const showSide = (label, side) => {
+      if (side.allow + side.modify + side.block === 0) return;
+      govLines.push("");
+      govLines.push(`  ${label}:`);
+      govLines.push(`    ${side.allow} ALLOW \xB7 ${side.modify} MODIFY \xB7 ${side.block} BLOCK`);
+      for (const d of side.details.slice(0, 3)) {
+        const reason = d.reason ? ` \u2192 ${d.reason}` : "";
+        govLines.push(`    ${d.status}: ${d.eventId}${reason}`);
+      }
+      if (side.details.length > 3) {
+        govLines.push(`    ... and ${side.details.length - 3} more`);
+      }
+    };
+    showSide("Human side", gov.human);
+    showSide("AI side", gov.cyber);
+    showSide("Human\u2013AI joint", gov.joint);
+    sections.push(govLines.join("\n"));
+  }
   sections.push(renderDepth(input.priorReadCount ?? 0, input.windowDays));
   return sections.join("\n\n");
 }
@@ -1531,6 +1568,1481 @@ function serializeYAML(obj, indent = 0) {
 `;
 }
 
+// src/engine/text-utils.ts
+function normalizeEventText(event) {
+  return [
+    event.intent,
+    event.tool ?? "",
+    event.scope ?? ""
+  ].join(" ").toLowerCase();
+}
+function extractKeywords(text, minLength = 3) {
+  return text.toLowerCase().split(/\s+/).filter((w) => w.length > minLength);
+}
+function matchesAllKeywords(eventText, ruleText) {
+  const keywords = extractKeywords(ruleText);
+  if (keywords.length === 0) return false;
+  return keywords.every((kw) => eventText.includes(kw));
+}
+function matchesKeywordThreshold(eventText, ruleText, threshold = 0.5) {
+  const keywords = extractKeywords(ruleText);
+  if (keywords.length === 0) return false;
+  const matched = keywords.filter((kw) => eventText.includes(kw));
+  return matched.length >= Math.ceil(keywords.length * threshold);
+}
+function tokenSimilarity(a, b) {
+  const tokensA = new Set(a.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  const tokensB = new Set(b.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  if (tokensA.size === 0 || tokensB.size === 0) return 0;
+  let intersection = 0;
+  for (const t of tokensA) {
+    if (tokensB.has(t)) intersection++;
+  }
+  const union = (/* @__PURE__ */ new Set([...tokensA, ...tokensB])).size;
+  return union > 0 ? intersection / union : 0;
+}
+
+// src/engine/plan-engine.ts
+function keywordMatch(eventText, step) {
+  const stepText = [
+    step.label,
+    step.description ?? "",
+    ...step.tags ?? []
+  ].join(" ");
+  return matchesKeywordThreshold(eventText, stepText, 0.5);
+}
+function tokenSimilarity2(a, b) {
+  return tokenSimilarity(a, b);
+}
+function findMatchingStep(eventText, event, steps) {
+  const pendingOrActive = steps.filter((s) => s.status === "pending" || s.status === "active");
+  if (pendingOrActive.length === 0) {
+    return { matched: null, closest: null, closestScore: 0 };
+  }
+  for (const step of pendingOrActive) {
+    if (keywordMatch(eventText, step)) {
+      if (step.tools && event.tool && !step.tools.includes(event.tool)) {
+        continue;
+      }
+      return { matched: step, closest: step, closestScore: 1 };
+    }
+  }
+  const intentText = [event.intent, event.tool ?? "", event.scope ?? ""].join(" ");
+  let bestStep = null;
+  let bestScore = 0;
+  for (const step of pendingOrActive) {
+    const stepText = [step.label, step.description ?? "", ...step.tags ?? []].join(" ");
+    const score = tokenSimilarity2(intentText, stepText);
+    if (score > bestScore) {
+      bestScore = score;
+      bestStep = step;
+    }
+  }
+  const SIMILARITY_THRESHOLD = 0.35;
+  if (bestScore >= SIMILARITY_THRESHOLD && bestStep) {
+    if (bestStep.tools && event.tool && !bestStep.tools.includes(event.tool)) {
+      return { matched: null, closest: bestStep, closestScore: bestScore };
+    }
+    return { matched: bestStep, closest: bestStep, closestScore: bestScore };
+  }
+  return { matched: null, closest: bestStep, closestScore: bestScore };
+}
+function isSequenceValid(step, plan) {
+  if (!plan.sequential) return true;
+  if (!step.requires || step.requires.length === 0) return true;
+  return step.requires.every((reqId) => {
+    const reqStep = plan.steps.find((s) => s.id === reqId);
+    return reqStep?.status === "completed";
+  });
+}
+function checkConstraints(event, eventText, constraints) {
+  const checks = [];
+  for (const constraint of constraints) {
+    if (constraint.type === "approval") {
+      if (constraint.trigger && eventText.includes(constraint.trigger.substring(0, 10).toLowerCase())) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      const keywords = constraint.description.toLowerCase().split(/\s+/).filter((w) => w.length > 3);
+      const relevant = keywords.some((kw) => eventText.includes(kw));
+      if (relevant) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      checks.push({ constraintId: constraint.id, passed: true });
+      continue;
+    }
+    if (constraint.type === "scope" && constraint.trigger) {
+      const keywords = extractKeywords(constraint.trigger);
+      const violated = keywords.length > 0 && keywords.every((kw) => eventText.includes(kw));
+      checks.push({
+        constraintId: constraint.id,
+        passed: !violated,
+        reason: violated ? constraint.description : void 0
+      });
+      if (violated) {
+        return { violated: constraint, checks };
+      }
+      continue;
+    }
+    checks.push({ constraintId: constraint.id, passed: true });
+  }
+  return { violated: null, checks };
+}
+function getPlanProgress(plan) {
+  const completed = plan.steps.filter((s) => s.status === "completed").length;
+  const total = plan.steps.length;
+  return {
+    completed,
+    total,
+    percentage: total > 0 ? Math.round(completed / total * 100) : 0
+  };
+}
+function evaluatePlan(event, plan) {
+  const progress = getPlanProgress(plan);
+  if (plan.expires_at) {
+    const expiresAt = new Date(plan.expires_at).getTime();
+    if (Date.now() > expiresAt) {
+      return {
+        allowed: true,
+        status: "PLAN_COMPLETE",
+        reason: "Plan has expired.",
+        progress
+      };
+    }
+  }
+  if (progress.completed === progress.total) {
+    return {
+      allowed: true,
+      status: "PLAN_COMPLETE",
+      reason: "All plan steps are completed.",
+      progress
+    };
+  }
+  const eventText = normalizeEventText(event);
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  if (!matched) {
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: "Action does not match any plan step.",
+      closestStep: closest?.label,
+      similarityScore: closestScore,
+      progress
+    };
+  }
+  if (!isSequenceValid(matched, plan)) {
+    const pendingDeps = (matched.requires ?? []).filter((reqId) => plan.steps.find((s) => s.id === reqId)?.status !== "completed").join(", ");
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: `Step "${matched.label}" requires completion of: ${pendingDeps}`,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  const { violated } = checkConstraints(event, eventText, plan.constraints);
+  if (violated) {
+    return {
+      allowed: false,
+      status: "CONSTRAINT_VIOLATED",
+      reason: violated.description,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  return {
+    allowed: true,
+    status: "ON_PLAN",
+    reason: `Matches step: ${matched.label}`,
+    matchedStep: matched.id,
+    progress
+  };
+}
+function buildPlanCheck(event, plan, verdict) {
+  const eventText = normalizeEventText(event);
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  const { checks: constraintChecks } = checkConstraints(event, eventText, plan.constraints);
+  const progress = getPlanProgress(plan);
+  return {
+    planId: plan.plan_id,
+    matched: !!matched,
+    matchedStepId: matched?.id,
+    matchedStepLabel: matched?.label,
+    closestStepId: !matched ? closest?.id : void 0,
+    closestStepLabel: !matched ? closest?.label : void 0,
+    similarityScore: !matched ? closestScore : void 0,
+    sequenceValid: matched ? isSequenceValid(matched, plan) : void 0,
+    constraintsChecked: constraintChecks,
+    progress: { completed: progress.completed, total: progress.total }
+  };
+}
+
+// src/engine/guard-engine.ts
+var PROMPT_INJECTION_PATTERNS = [
+  // Instruction override
+  { pattern: /ignore\s+(previous|all|prior|above)\s+(instructions?|rules?)/i, label: "ignore-instructions" },
+  { pattern: /disregard\s+(your|the)\s+(rules|constraints)/i, label: "disregard-rules" },
+  { pattern: /new\s+instructions?:/i, label: "new-instructions" },
+  // Identity manipulation
+  { pattern: /you\s+are\s+now/i, label: "identity-override" },
+  { pattern: /new\s+persona/i, label: "new-persona" },
+  { pattern: /act\s+as\s+if/i, label: "act-as-if" },
+  { pattern: /pretend\s+(you|to\s+be|you\s+are\s+unrestricted)/i, label: "pretend-to-be" },
+  // Context reset
+  { pattern: /forget\s+(everything|all|your)/i, label: "forget-context" },
+  { pattern: /system\s*:\s*override/i, label: "system-override" },
+  // Constraint bypass
+  { pattern: /override\s+(your|the)\s+(programming|constraints)/i, label: "override-constraints" },
+  { pattern: /bypass\s+(your|the)\s+(filters|constraints|rules)/i, label: "bypass-filters" },
+  // Prompt extraction
+  { pattern: /system\s+prompt/i, label: "system-prompt-probe" },
+  { pattern: /reveal\s+your\s+(instructions?|prompt|rules)/i, label: "reveal-instructions" },
+  // Known jailbreak terms
+  { pattern: /jailbreak/i, label: "jailbreak" },
+  { pattern: /DAN\s+mode/i, label: "dan-mode" },
+  { pattern: /developer\s+mode/i, label: "developer-mode" }
+];
+var EXECUTION_CLAIM_PATTERNS = [
+  { pattern: /I have (executed|completed|performed|done|made|created|sent|deleted|modified|updated)/i, label: "claim-i-have" },
+  { pattern: /Successfully (created|deleted|modified|updated|sent|executed|performed)/i, label: "claim-successfully" },
+  { pattern: /The file has been/i, label: "claim-file-modified" },
+  { pattern: /I've made the changes/i, label: "claim-made-changes" },
+  { pattern: /I('ve| have) (sent|posted|submitted|uploaded|downloaded)/i, label: "claim-sent" },
+  { pattern: /Your (email|message|file|request) has been (sent|submitted)/i, label: "claim-your-sent" },
+  { pattern: /Transaction complete/i, label: "claim-transaction" },
+  { pattern: /Order placed/i, label: "claim-order" },
+  { pattern: /Payment processed/i, label: "claim-payment" }
+];
+var EXECUTION_INTENT_PATTERNS = [
+  { pattern: /^(execute|run|perform|do this)/i, label: "intent-execute" },
+  { pattern: /^(create|write|delete|modify) (a |the )?(file|folder|document)/i, label: "intent-file-ops" },
+  { pattern: /^(send|post|submit) (a |an |the )?(email|message|tweet|post)/i, label: "intent-send" },
+  { pattern: /^(search|look up|browse) (the )?web/i, label: "intent-web-search" },
+  { pattern: /^(make|call|invoke) (a |an )?(api|http|rest) (call|request)/i, label: "intent-api-call" },
+  { pattern: /^(buy|purchase|order|pay|transfer|send money)/i, label: "intent-financial" },
+  { pattern: /^(book|schedule|reserve)/i, label: "intent-booking" },
+  { pattern: /^(download|upload|save to|export to)/i, label: "intent-transfer" }
+];
+var SCOPE_ESCAPE_PATTERNS = [
+  { pattern: /\.\.\//, label: "parent-traversal" },
+  { pattern: /^\/(?!home|project|workspace)/i, label: "absolute-path-outside-safe" },
+  { pattern: /~\//, label: "home-directory" },
+  { pattern: /\/etc\//i, label: "system-config" },
+  { pattern: /\/usr\//i, label: "system-binaries" },
+  { pattern: /\/var\//i, label: "system-variable-data" }
+];
+var NEUTRAL_MESSAGES = {
+  "prompt-injection": "This input contains patterns that could alter agent behavior.",
+  "scope-escape": "This action would affect resources outside the declared scope.",
+  "execution-claim": "This response claims to have performed an action.",
+  "execution-intent": "This input requests execution in a thinking-only environment.",
+  "delete": "This action would remove files. Confirmation needed.",
+  "write-external": "This action would write outside the project folder.",
+  "network-mutate": "This action would send data to an external service.",
+  "credential-access": "This action would access stored credentials."
+};
+function levelRequiresConfirmation(level, actionType) {
+  if (level === "strict") return true;
+  if (level === "standard") {
+    return actionType === "delete" || actionType === "credential-access";
+  }
+  return false;
+}
+function isExternalScope(scope) {
+  const internalPatterns = [
+    /^\.?\/?src\//i,
+    /^\.?\/?lib\//i,
+    /^\.?\/?app\//i,
+    /^\.?\/?components\//i,
+    /^\.?\/?pages\//i,
+    /^\.?\/?public\//i,
+    /^\.?\/?assets\//i,
+    /^\.\//
+  ];
+  return !internalPatterns.some((p) => p.test(scope));
+}
+var MAX_INPUT_LENGTH = 1e5;
+function evaluateGuard(event, world, options = {}) {
+  const startTime = performance.now();
+  const level = options.level ?? "standard";
+  const includeTrace = options.trace ?? false;
+  if (!event.intent || typeof event.intent !== "string") {
+    return {
+      status: "BLOCK",
+      reason: "GuardEvent.intent is required and must be a string",
+      ruleId: "safety-input-validation",
+      evidence: {
+        worldId: world.world?.world_id ?? "",
+        worldName: world.world?.name ?? "",
+        worldVersion: world.world?.version ?? "",
+        evaluatedAt: Date.now(),
+        invariantsSatisfied: 0,
+        invariantsTotal: 0,
+        guardsMatched: [],
+        rulesMatched: [],
+        enforcementLevel: level
+      }
+    };
+  }
+  const inputLength = event.intent.length + (event.tool?.length ?? 0) + (event.scope?.length ?? 0) + (event.payload ? JSON.stringify(event.payload).length : 0);
+  if (inputLength > MAX_INPUT_LENGTH) {
+    return {
+      status: "BLOCK",
+      reason: `Input exceeds maximum allowed length (${MAX_INPUT_LENGTH} characters)`,
+      ruleId: "safety-input-length",
+      evidence: {
+        worldId: world.world?.world_id ?? "",
+        worldName: world.world?.name ?? "",
+        worldVersion: world.world?.version ?? "",
+        evaluatedAt: Date.now(),
+        invariantsSatisfied: 0,
+        invariantsTotal: 0,
+        guardsMatched: [],
+        rulesMatched: [],
+        enforcementLevel: level
+      }
+    };
+  }
+  const eventText = normalizeEventText(event);
+  const invariantChecks = [];
+  const safetyChecks = [];
+  let planCheckResult;
+  const roleChecks = [];
+  const guardChecks = [];
+  const kernelRuleChecks = [];
+  const levelChecks = [];
+  let decidingLayer = "default-allow";
+  let decidingId;
+  const guardsMatched = [];
+  const rulesMatched = [];
+  if (options.emergencyOverride) {
+    checkInvariantCoverage(world, invariantChecks);
+    return buildVerdict(
+      "ALLOW",
+      void 0,
+      "emergency-override",
+      "Emergency override active \u2014 all governance rules suspended. Platform constraints still apply.",
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        "session-allowlist",
+        "emergency-override",
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  checkInvariantCoverage(world, invariantChecks);
+  if (event.roleId && options.agentStates) {
+    const agentState = options.agentStates.get(event.roleId);
+    if (agentState && agentState.cooldownRemaining > 0) {
+      decidingLayer = "safety";
+      decidingId = `penalize-cooldown-${event.roleId}`;
+      const verdict = buildVerdict(
+        "PENALIZE",
+        `Agent "${event.roleId}" is frozen for ${agentState.cooldownRemaining} more round(s) due to prior penalty.`,
+        `penalize-cooldown-${event.roleId}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0
+      );
+      verdict.intentRecord = {
+        originalIntent: event.intent,
+        finalAction: "blocked (agent frozen)",
+        enforcement: "PENALIZE",
+        consequence: { type: "freeze", rounds: agentState.cooldownRemaining, description: "Agent still in cooldown from prior penalty" }
+      };
+      return verdict;
+    }
+  }
+  if (options.sessionAllowlist) {
+    const key = eventToAllowlistKey(event);
+    if (options.sessionAllowlist.has(key)) {
+      decidingLayer = "session-allowlist";
+      decidingId = `allowlist:${key}`;
+      return buildVerdict(
+        "ALLOW",
+        void 0,
+        `allowlist:${key}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+    }
+  }
+  const safetyVerdict = checkSafety(event, eventText, safetyChecks);
+  if (safetyVerdict) {
+    decidingLayer = "safety";
+    decidingId = safetyVerdict.ruleId;
+    return buildVerdict(
+      safetyVerdict.status,
+      safetyVerdict.reason,
+      safetyVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  if (options.plan) {
+    const planVerdict = evaluatePlan(event, options.plan);
+    planCheckResult = buildPlanCheck(event, options.plan, planVerdict);
+    if (!planVerdict.allowed && planVerdict.status !== "PLAN_COMPLETE") {
+      decidingLayer = "plan-enforcement";
+      decidingId = `plan-${options.plan.plan_id}`;
+      const planStatus = planVerdict.status === "CONSTRAINT_VIOLATED" ? "PAUSE" : "BLOCK";
+      let reason = planVerdict.reason ?? "Action blocked by plan.";
+      if (planVerdict.status === "OFF_PLAN" && planVerdict.closestStep) {
+        reason += ` Closest step: "${planVerdict.closestStep}" (similarity: ${(planVerdict.similarityScore ?? 0).toFixed(2)})`;
+      }
+      return buildVerdict(
+        planStatus,
+        reason,
+        `plan-${options.plan.plan_id}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+    }
+  }
+  const roleVerdict = checkRoleRules(event, eventText, world, roleChecks);
+  if (roleVerdict) {
+    decidingLayer = "role";
+    decidingId = roleVerdict.ruleId;
+    return buildVerdict(
+      roleVerdict.status,
+      roleVerdict.reason,
+      roleVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const guardVerdict = checkGuards(event, eventText, world, guardChecks, guardsMatched);
+  if (guardVerdict) {
+    if (guardVerdict.status !== "ALLOW") {
+      decidingLayer = "guard";
+      decidingId = guardVerdict.ruleId;
+      const intentRecord = {
+        originalIntent: event.intent,
+        finalAction: guardVerdict.status === "MODIFY" ? guardVerdict.modifiedTo ?? "modified" : guardVerdict.status === "PENALIZE" ? "blocked + penalized" : guardVerdict.status === "REWARD" ? event.intent : guardVerdict.status === "NEUTRAL" ? event.intent : guardVerdict.status === "BLOCK" ? "blocked" : "paused",
+        ruleApplied: guardVerdict.ruleId,
+        enforcement: guardVerdict.status,
+        modifiedTo: guardVerdict.modifiedTo,
+        consequence: guardVerdict.consequence,
+        reward: guardVerdict.reward
+      };
+      const verdict = buildVerdict(
+        guardVerdict.status,
+        guardVerdict.reason,
+        guardVerdict.ruleId,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+      verdict.intentRecord = intentRecord;
+      if (guardVerdict.consequence) verdict.consequence = guardVerdict.consequence;
+      if (guardVerdict.reward) verdict.reward = guardVerdict.reward;
+      return verdict;
+    }
+  }
+  const kernelVerdict = checkKernelRules(eventText, world, kernelRuleChecks, rulesMatched);
+  if (kernelVerdict) {
+    decidingLayer = "kernel-rule";
+    decidingId = kernelVerdict.ruleId;
+    return buildVerdict(
+      kernelVerdict.status,
+      kernelVerdict.reason,
+      kernelVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const levelVerdict = checkLevelConstraints(event, level, levelChecks);
+  if (levelVerdict) {
+    decidingLayer = "level-constraint";
+    decidingId = levelVerdict.ruleId;
+    return buildVerdict(
+      levelVerdict.status,
+      levelVerdict.reason,
+      levelVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const warning = guardVerdict?.warning;
+  return buildVerdict(
+    "ALLOW",
+    void 0,
+    void 0,
+    warning,
+    world,
+    level,
+    invariantChecks,
+    guardsMatched,
+    rulesMatched,
+    includeTrace ? buildTrace(
+      invariantChecks,
+      safetyChecks,
+      planCheckResult,
+      roleChecks,
+      guardChecks,
+      kernelRuleChecks,
+      levelChecks,
+      decidingLayer,
+      decidingId,
+      startTime
+    ) : void 0,
+    event.intent
+  );
+}
+function checkInvariantCoverage(world, checks) {
+  const invariants = world.invariants ?? [];
+  const guards = world.guards?.guards ?? [];
+  for (const invariant of invariants) {
+    const coveringGuard = guards.find(
+      (g) => g.invariant_ref === invariant.id && g.immutable
+    );
+    checks.push({
+      invariantId: invariant.id,
+      label: invariant.label,
+      hasGuardCoverage: !!coveringGuard,
+      coveringGuardId: coveringGuard?.id
+    });
+  }
+}
+function checkSafety(event, eventText, checks) {
+  const textToCheck = event.intent + (event.payload ? JSON.stringify(event.payload) : "");
+  for (const { pattern, label } of PROMPT_INJECTION_PATTERNS) {
+    const triggered = pattern.test(textToCheck);
+    checks.push({
+      checkType: "prompt-injection",
+      triggered,
+      matchedPattern: triggered ? label : void 0
+    });
+    if (triggered) {
+      for (const remaining of PROMPT_INJECTION_PATTERNS.filter((p) => p.label !== label)) {
+        checks.push({
+          checkType: "prompt-injection",
+          triggered: remaining.pattern.test(textToCheck),
+          matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
+        });
+      }
+      return {
+        status: "PAUSE",
+        reason: NEUTRAL_MESSAGES["prompt-injection"],
+        ruleId: `safety-injection-${label}`
+      };
+    }
+  }
+  const scopeToCheck = event.scope ?? event.intent;
+  for (const { pattern, label } of SCOPE_ESCAPE_PATTERNS) {
+    const triggered = pattern.test(scopeToCheck);
+    checks.push({
+      checkType: "scope-escape",
+      triggered,
+      matchedPattern: triggered ? label : void 0
+    });
+    if (triggered) {
+      for (const remaining of SCOPE_ESCAPE_PATTERNS.filter((p) => p.label !== label)) {
+        checks.push({
+          checkType: "scope-escape",
+          triggered: remaining.pattern.test(scopeToCheck),
+          matchedPattern: remaining.pattern.test(scopeToCheck) ? remaining.label : void 0
+        });
+      }
+      return {
+        status: "PAUSE",
+        reason: NEUTRAL_MESSAGES["scope-escape"],
+        ruleId: `safety-scope-${label}`
+      };
+    }
+  }
+  if (event.direction === "output") {
+    for (const { pattern, label } of EXECUTION_CLAIM_PATTERNS) {
+      const triggered = pattern.test(textToCheck);
+      checks.push({
+        checkType: "execution-claim",
+        triggered,
+        matchedPattern: triggered ? label : void 0
+      });
+      if (triggered) {
+        for (const remaining of EXECUTION_CLAIM_PATTERNS.filter((p) => p.label !== label)) {
+          checks.push({
+            checkType: "execution-claim",
+            triggered: remaining.pattern.test(textToCheck),
+            matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
+          });
+        }
+        return {
+          status: "PAUSE",
+          reason: NEUTRAL_MESSAGES["execution-claim"],
+          ruleId: `safety-execution-claim-${label}`
+        };
+      }
+    }
+  }
+  if (event.direction === "input") {
+    const intentTrimmed = event.intent.trim();
+    for (const { pattern, label } of EXECUTION_INTENT_PATTERNS) {
+      const triggered = pattern.test(intentTrimmed);
+      checks.push({
+        checkType: "execution-intent",
+        triggered,
+        matchedPattern: triggered ? label : void 0
+      });
+      if (triggered) {
+        for (const remaining of EXECUTION_INTENT_PATTERNS.filter((p) => p.label !== label)) {
+          checks.push({
+            checkType: "execution-intent",
+            triggered: remaining.pattern.test(intentTrimmed),
+            matchedPattern: remaining.pattern.test(intentTrimmed) ? remaining.label : void 0
+          });
+        }
+        return {
+          status: "PAUSE",
+          reason: NEUTRAL_MESSAGES["execution-intent"],
+          ruleId: `safety-execution-intent-${label}`
+        };
+      }
+    }
+  }
+  return null;
+}
+function checkRoleRules(event, eventText, world, checks) {
+  if (!event.roleId || !world.roles) return null;
+  const role = world.roles.roles.find((r) => r.id === event.roleId);
+  if (!role) return null;
+  if (role.requiresApproval) {
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule: "All actions require approval",
+      ruleType: "requiresApproval",
+      matched: true
+    });
+    return {
+      status: "PAUSE",
+      reason: `Role "${role.name}" requires approval for all actions.`,
+      ruleId: `role-${role.id}-requires-approval`
+    };
+  }
+  for (const rule of role.cannotDo) {
+    const matched = matchesKeywords(eventText, rule);
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule,
+      ruleType: "cannotDo",
+      matched
+    });
+    if (matched) {
+      return {
+        status: "BLOCK",
+        reason: `Role "${role.name}" cannot: ${rule}`,
+        ruleId: `role-${role.id}-cannotdo`
+      };
+    }
+  }
+  for (const rule of role.canDo) {
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule,
+      ruleType: "canDo",
+      matched: matchesKeywords(eventText, rule)
+    });
+  }
+  return null;
+}
+function checkGuards(event, eventText, world, checks, guardsMatched) {
+  if (!world.guards) return null;
+  const guardsConfig = world.guards;
+  let warnResult = null;
+  const compiledPatterns = /* @__PURE__ */ new Map();
+  for (const [key, def] of Object.entries(guardsConfig.intent_vocabulary)) {
+    try {
+      compiledPatterns.set(key, new RegExp(def.pattern, "i"));
+    } catch {
+    }
+  }
+  const eventTool = (event.tool ?? "").toLowerCase();
+  for (const guard of guardsConfig.guards) {
+    if (guard.appliesTo && guard.appliesTo.length > 0) {
+      const normalizedAppliesTo = guard.appliesTo.map((t) => t.toLowerCase());
+      if (!normalizedAppliesTo.includes(eventTool)) {
+        continue;
+      }
+    }
+    const enabled = guard.immutable || guard.default_enabled !== false;
+    const matchedPatterns = [];
+    for (const patternKey of guard.intent_patterns) {
+      const regex = compiledPatterns.get(patternKey);
+      if (regex?.test(eventText)) {
+        matchedPatterns.push(patternKey);
+      }
+    }
+    const matched = matchedPatterns.length > 0 && enabled;
+    let roleGated = false;
+    if (matched && guard.required_roles && guard.required_roles.length > 0 && event.roleId && guard.required_roles.includes(event.roleId)) {
+      roleGated = true;
+    }
+    checks.push({
+      guardId: guard.id,
+      label: guard.label,
+      category: guard.category,
+      enabled,
+      matched: matched && !roleGated,
+      enforcement: guard.enforcement,
+      matchedPatterns,
+      roleGated
+    });
+    if (!matched || roleGated) continue;
+    guardsMatched.push(guard.id);
+    const actionMode = guard.player_modes?.action ?? guard.enforcement;
+    const reason = guard.redirect ? `${guard.description} \u2014 ${guard.redirect}` : guard.description;
+    if (actionMode === "block") {
+      return { status: "BLOCK", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "pause") {
+      return { status: "PAUSE", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "penalize") {
+      const consequence = guard.consequence ? { ...guard.consequence } : { type: "freeze", rounds: 1, description: `Penalized for violating: ${guard.label}` };
+      return { status: "PENALIZE", reason, ruleId: `guard-${guard.id}`, consequence };
+    }
+    if (actionMode === "reward") {
+      const reward = guard.reward ? { ...guard.reward } : { type: "boost_influence", magnitude: 0.1, description: `Rewarded for: ${guard.label}` };
+      return { status: "REWARD", reason, ruleId: `guard-${guard.id}`, reward };
+    }
+    if (actionMode === "modify") {
+      const modifiedTo = guard.modify_to ?? guard.redirect ?? "hold";
+      return { status: "MODIFY", reason: `${reason} \u2192 Modified to: ${modifiedTo}`, ruleId: `guard-${guard.id}`, modifiedTo };
+    }
+    if (actionMode === "neutral") {
+      return { status: "NEUTRAL", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "warn" && !warnResult) {
+      warnResult = { status: "ALLOW", warning: reason, ruleId: `guard-${guard.id}` };
+    }
+  }
+  return warnResult;
+}
+function checkKernelRules(eventText, world, checks, rulesMatched) {
+  if (!world.kernel) return null;
+  const forbidden = world.kernel.input_boundaries?.forbidden_patterns ?? [];
+  const output = world.kernel.output_boundaries?.forbidden_patterns ?? [];
+  for (const rule of forbidden) {
+    let matched = false;
+    let matchMethod = "none";
+    if (rule.pattern) {
+      try {
+        matched = new RegExp(rule.pattern, "i").test(eventText);
+        matchMethod = "pattern";
+      } catch {
+      }
+    }
+    if (!matched && rule.reason) {
+      matched = matchesKeywords(eventText, rule.reason);
+      if (matched) matchMethod = "keyword";
+    }
+    checks.push({
+      ruleId: rule.id,
+      text: rule.reason,
+      category: "forbidden",
+      matched,
+      matchMethod
+    });
+    if (matched) {
+      rulesMatched.push(rule.id);
+      if (rule.action === "BLOCK") {
+        return {
+          status: "BLOCK",
+          reason: rule.reason,
+          ruleId: `kernel-${rule.id}`
+        };
+      }
+    }
+  }
+  return null;
+}
+function checkLevelConstraints(event, level, checks) {
+  if (level === "basic") return null;
+  const intent = event.intent.toLowerCase();
+  const tool = (event.tool ?? "").toLowerCase();
+  const isDelete = intent.includes("delete") || intent.includes("remove") || intent.includes("rm ") || tool === "delete";
+  const deleteTriggered = isDelete && levelRequiresConfirmation(level, "delete");
+  checks.push({
+    checkType: "delete",
+    level,
+    triggered: deleteTriggered,
+    reason: deleteTriggered ? NEUTRAL_MESSAGES["delete"] : void 0
+  });
+  if (deleteTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["delete"], ruleId: "level-delete-check" };
+  }
+  const isExternal = event.scope ? isExternalScope(event.scope) : false;
+  const externalTriggered = isExternal && levelRequiresConfirmation(level, "write-external");
+  checks.push({
+    checkType: "write-external",
+    level,
+    triggered: externalTriggered,
+    reason: externalTriggered ? NEUTRAL_MESSAGES["write-external"] : void 0
+  });
+  if (externalTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["write-external"], ruleId: "level-external-write-check" };
+  }
+  const isNetwork = tool === "http" || tool === "fetch" || tool === "request" || intent.includes("post ") || intent.includes("sending");
+  const networkTriggered = isNetwork && levelRequiresConfirmation(level, "network-mutate");
+  checks.push({
+    checkType: "network-mutate",
+    level,
+    triggered: networkTriggered,
+    reason: networkTriggered ? NEUTRAL_MESSAGES["network-mutate"] : void 0
+  });
+  if (networkTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["network-mutate"], ruleId: "level-network-mutate-check" };
+  }
+  const isCredential = intent.includes("credential") || intent.includes("password") || intent.includes("secret") || intent.includes("api key") || intent.includes("token");
+  const credentialTriggered = isCredential && levelRequiresConfirmation(level, "credential-access");
+  checks.push({
+    checkType: "credential-access",
+    level,
+    triggered: credentialTriggered,
+    reason: credentialTriggered ? NEUTRAL_MESSAGES["credential-access"] : void 0
+  });
+  if (credentialTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["credential-access"], ruleId: "level-credential-check" };
+  }
+  const irreversibleTriggered = !!event.irreversible && level !== "basic";
+  checks.push({
+    checkType: "irreversible",
+    level,
+    triggered: irreversibleTriggered,
+    reason: irreversibleTriggered ? "This action is marked as irreversible." : void 0
+  });
+  if (irreversibleTriggered) {
+    return {
+      status: "PAUSE",
+      reason: "This action is marked as irreversible.",
+      ruleId: "level-irreversible-check"
+    };
+  }
+  return null;
+}
+function matchesKeywords(eventText, ruleText) {
+  return matchesAllKeywords(eventText, ruleText);
+}
+function eventToAllowlistKey(event) {
+  return `${(event.tool ?? "*").toLowerCase()}::${event.intent.toLowerCase().trim()}`;
+}
+function buildTrace(invariantChecks, safetyChecks, planCheck, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
+  const trace = {
+    invariantChecks,
+    safetyChecks,
+    roleChecks,
+    guardChecks,
+    kernelRuleChecks,
+    levelChecks,
+    precedenceResolution: {
+      decidingLayer,
+      decidingId,
+      strategy: "first-match-wins",
+      chainOrder: [
+        "invariant-coverage",
+        "session-allowlist",
+        "safety-injection",
+        "safety-scope-escape",
+        "safety-execution-claim",
+        "safety-execution-intent",
+        "plan-enforcement",
+        "role-rules",
+        "declarative-guards",
+        "kernel-rules",
+        "level-constraints",
+        "default-allow"
+      ]
+    },
+    durationMs: performance.now() - startTime
+  };
+  if (planCheck) {
+    trace.planCheck = planCheck;
+  }
+  return trace;
+}
+function buildVerdict(status, reason, ruleId, warning, world, level, invariantChecks, guardsMatched, rulesMatched, trace, eventIntent) {
+  const evidence = {
+    worldId: world.world.world_id,
+    worldName: world.world.name,
+    worldVersion: world.world.version,
+    evaluatedAt: Date.now(),
+    invariantsSatisfied: invariantChecks.filter((c) => c.hasGuardCoverage).length,
+    invariantsTotal: invariantChecks.length,
+    guardsMatched,
+    rulesMatched,
+    enforcementLevel: level
+  };
+  const verdict = {
+    status,
+    evidence
+  };
+  if (reason) verdict.reason = reason;
+  if (ruleId) verdict.ruleId = ruleId;
+  if (warning) verdict.warning = warning;
+  if (trace) verdict.trace = trace;
+  verdict.event = verdictToEvent(status, eventIntent);
+  return verdict;
+}
+function verdictToEvent(status, intent) {
+  const statusEventMap = {
+    ALLOW: "action_allowed",
+    BLOCK: "action_blocked",
+    PAUSE: "action_paused",
+    MODIFY: "action_modified",
+    PENALIZE: "action_penalized",
+    REWARD: "action_rewarded",
+    NEUTRAL: "action_neutral"
+  };
+  return {
+    type: intent || statusEventMap[status] || "unknown_action",
+    actor: "agent",
+    source: "guard",
+    timestamp: Date.now(),
+    guardStatus: status
+  };
+}
+
+// src/loader/world-loader.ts
+async function loadWorldFromDirectory(dirPath) {
+  const { readFile } = await import("fs/promises");
+  const { join: join3 } = await import("path");
+  const { readdirSync: readdirSync2 } = await import("fs");
+  async function readJson(filename) {
+    const filePath = join3(dirPath, filename);
+    try {
+      const content = await readFile(filePath, "utf-8");
+      return JSON.parse(content);
+    } catch (err) {
+      if (err instanceof Error && "code" in err && err.code === "ENOENT") {
+        return void 0;
+      }
+      process.stderr.write(
+        `[neuroverse] Warning: Failed to read ${filename}: ${err instanceof Error ? err.message : String(err)}
+`
+      );
+      return void 0;
+    }
+  }
+  const worldJson = await readJson("world.json");
+  if (!worldJson) {
+    throw new Error(`Cannot read world.json in ${dirPath}`);
+  }
+  const invariantsJson = await readJson("invariants.json");
+  const assumptionsJson = await readJson("assumptions.json");
+  const stateSchemaJson = await readJson("state-schema.json");
+  const gatesJson = await readJson("gates.json");
+  const outcomesJson = await readJson("outcomes.json");
+  const guardsJson = await readJson("guards.json");
+  const rolesJson = await readJson("roles.json");
+  const kernelJson = await readJson("kernel.json");
+  const metadataJson = await readJson("metadata.json");
+  const rules = [];
+  try {
+    const rulesDir = join3(dirPath, "rules");
+    const ruleFiles = readdirSync2(rulesDir).filter((f) => f.endsWith(".json")).sort();
+    for (const file of ruleFiles) {
+      try {
+        const content = await readFile(join3(rulesDir, file), "utf-8");
+        rules.push(JSON.parse(content));
+      } catch (err) {
+        process.stderr.write(
+          `[neuroverse] Warning: Failed to parse rule ${file}: ${err instanceof Error ? err.message : String(err)}
+`
+        );
+      }
+    }
+  } catch (err) {
+    if (!(err instanceof Error && "code" in err && err.code === "ENOENT")) {
+      process.stderr.write(
+        `[neuroverse] Warning: Failed to read rules directory: ${err instanceof Error ? err.message : String(err)}
+`
+      );
+    }
+  }
+  return {
+    world: worldJson,
+    invariants: invariantsJson?.invariants ?? [],
+    assumptions: assumptionsJson ?? { profiles: {}, parameter_definitions: {} },
+    stateSchema: stateSchemaJson ?? { variables: {}, presets: {} },
+    rules,
+    gates: gatesJson ?? {
+      viability_classification: [],
+      structural_override: { description: "", enforcement: "mandatory" },
+      sustainability_threshold: 0,
+      collapse_visual: { background: "", text: "", border: "", label: "" }
+    },
+    outcomes: outcomesJson ?? {
+      computed_outcomes: [],
+      comparison_layout: { primary_card: "", status_badge: "", structural_indicators: [] }
+    },
+    guards: guardsJson,
+    roles: rolesJson,
+    kernel: kernelJson,
+    metadata: metadataJson ?? {
+      format_version: "1.0.0",
+      created_at: "",
+      last_modified: "",
+      authoring_method: "manual-authoring"
+    }
+  };
+}
+async function loadWorld(worldPath) {
+  const { stat } = await import("fs/promises");
+  const info = await stat(worldPath);
+  if (info.isDirectory()) {
+    return loadWorldFromDirectory(worldPath);
+  }
+  throw new Error(`Cannot load world from: ${worldPath} \u2014 expected a directory`);
+}
+
+// src/radiant/core/governance.ts
+async function auditGovernance(events, worldPath) {
+  let world;
+  try {
+    world = await loadWorld(worldPath);
+  } catch {
+    return emptyAudit(events.length, "Could not load compiled worldmodel for governance audit.");
+  }
+  const verdicts = [];
+  for (const ce of events) {
+    const intent = ce.event.content?.slice(0, 500) || ce.event.kind || "activity";
+    const scope = ce.event.metadata?.scope || void 0;
+    try {
+      const result = evaluateGuard(
+        {
+          intent,
+          scope,
+          actionCategory: mapKindToCategory(ce.event.kind)
+        },
+        world
+      );
+      verdicts.push({
+        eventId: ce.event.id,
+        domain: ce.domain,
+        status: result.status,
+        reason: result.reason,
+        ruleId: result.ruleId,
+        warning: result.warning
+      });
+    } catch {
+      verdicts.push({
+        eventId: ce.event.id,
+        domain: ce.domain,
+        status: "ALLOW",
+        reason: "guard evaluation skipped (error)"
+      });
+    }
+  }
+  const human = bucketVerdicts(verdicts.filter((v) => v.domain === "life"));
+  const cyber = bucketVerdicts(verdicts.filter((v) => v.domain === "cyber"));
+  const joint = bucketVerdicts(verdicts.filter((v) => v.domain === "joint"));
+  const summary = buildSummary(human, cyber, joint, events.length);
+  return {
+    totalEvents: events.length,
+    human,
+    cyber,
+    joint,
+    summary
+  };
+}
+function bucketVerdicts(verdicts) {
+  const nonAllow = verdicts.filter((v) => v.status !== "ALLOW");
+  return {
+    allow: verdicts.filter((v) => v.status === "ALLOW").length,
+    modify: verdicts.filter((v) => v.status === "MODIFY").length,
+    block: verdicts.filter((v) => v.status === "BLOCK").length,
+    details: nonAllow
+  };
+}
+function buildSummary(human, cyber, joint, total) {
+  const humanTriggered = human.modify + human.block;
+  const cyberTriggered = cyber.modify + cyber.block;
+  const jointTriggered = joint.modify + joint.block;
+  const totalTriggered = humanTriggered + cyberTriggered + jointTriggered;
+  if (totalTriggered === 0) {
+    return `${total} events evaluated. All passed. The cocoon held \u2014 no governance triggered.`;
+  }
+  const parts = [];
+  parts.push(`${total} events evaluated. ${totalTriggered} triggered governance.`);
+  if (humanTriggered > 0) {
+    parts.push(`Human side: ${humanTriggered} (${human.block} blocked, ${human.modify} modified).`);
+  }
+  if (cyberTriggered > 0) {
+    parts.push(`AI side: ${cyberTriggered} (${cyber.block} blocked, ${cyber.modify} modified).`);
+  }
+  if (jointTriggered > 0) {
+    parts.push(`Joint work: ${jointTriggered} (${joint.block} blocked, ${joint.modify} modified).`);
+  }
+  if (humanTriggered > 0 && cyberTriggered > 0) {
+    const ratio = humanTriggered / cyberTriggered;
+    if (ratio > 2) {
+      parts.push("Human side is testing the frame more than AI. Either the worldmodel needs calibrating for human workflows, or humans are genuinely drifting.");
+    } else if (ratio < 0.5) {
+      parts.push("AI side is testing the frame more than humans. Check whether the AI's output patterns match the declared invariants.");
+    } else {
+      parts.push("Roughly balanced between human and AI \u2014 both sides are testing the frame.");
+    }
+  }
+  return parts.join(" ");
+}
+function mapKindToCategory(kind) {
+  if (!kind) return "other";
+  if (kind.includes("commit") || kind.includes("merge")) return "write";
+  if (kind.includes("review") || kind.includes("comment")) return "read";
+  return "other";
+}
+function emptyAudit(total, reason) {
+  return {
+    totalEvents: total,
+    human: { allow: 0, modify: 0, block: 0, details: [] },
+    cyber: { allow: 0, modify: 0, block: 0, details: [] },
+    joint: { allow: 0, modify: 0, block: 0, details: [] },
+    summary: reason
+  };
+}
+
+// src/radiant/memory/palace.ts
+var import_fs2 = require("fs");
+var import_path2 = require("path");
+function writeRead(exocortexDir, frontmatter, text) {
+  const dir = (0, import_path2.resolve)(exocortexDir, "radiant", "reads");
+  (0, import_fs2.mkdirSync)(dir, { recursive: true });
+  const date = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+  const filename = `${date}.md`;
+  const filepath = (0, import_path2.join)(dir, filename);
+  const content = `${frontmatter}
+
+${text}
+`;
+  (0, import_fs2.writeFileSync)(filepath, content, "utf-8");
+  return filepath;
+}
+function updateKnowledge(exocortexDir, persistence, options) {
+  const dir = (0, import_path2.resolve)(exocortexDir, "radiant");
+  (0, import_fs2.mkdirSync)(dir, { recursive: true });
+  const filepath = (0, import_path2.join)(dir, "knowledge.md");
+  const totalReads = options?.totalReads ?? 0;
+  const existingUntriggered = loadUntriggeredCounts(filepath);
+  const lines = [
+    "# Radiant \u2014 Accumulated Behavioral Knowledge",
+    "",
+    `Last updated: ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]}`,
+    `Total reads: ${totalReads}`,
+    "",
+    "---",
+    "",
+    "## Evolution proposals",
+    ""
+  ];
+  const addCandidates = persistence.filter((p) => p.occurrences >= 3);
+  if (addCandidates.length > 0) {
+    lines.push("### Consider adding");
+    lines.push("");
+    lines.push("These candidate patterns keep recurring. They are not yet in the worldmodel.");
+    lines.push("If they represent real behavioral patterns worth tracking, add them.");
+    lines.push("If they were temporary, dismiss them.");
+    lines.push("");
+    for (const p of addCandidates) {
+      lines.push(
+        `- **${p.name}** \u2014 observed ${p.occurrences} times (${p.dates.join(", ")}). Add to auki-strategy.worldmodel.md \u2192 Evolution Layer \u2192 Drift Behaviors (if concerning) or Aligned Behaviors (if healthy).`
+      );
+    }
+    lines.push("");
+  }
+  if (options?.declaredItems && options.declaredItems.length > 0) {
+    const triggered = new Set(options.triggeredItems ?? []);
+    const removeCandidates = [];
+    for (const item of options.declaredItems) {
+      if (!triggered.has(item.name)) {
+        const prior = existingUntriggered.get(item.name) ?? 0;
+        const count = prior + 1;
+        existingUntriggered.set(item.name, count);
+        if (count >= 4) {
+          removeCandidates.push({ item, weeksSilent: count });
+        }
+      } else {
+        existingUntriggered.set(item.name, 0);
+      }
+    }
+    if (removeCandidates.length > 0) {
+      lines.push("### Consider removing");
+      lines.push("");
+      lines.push("These items are declared in the worldmodel but haven't triggered in multiple reads.");
+      lines.push("Either the team has internalized them (the rule is redundant) or they haven't been tested.");
+      lines.push("A lean worldmodel with 5 sharp invariants is stronger than a bloated one with 20.");
+      lines.push("");
+      for (const { item, weeksSilent } of removeCandidates) {
+        lines.push(
+          `- **${item.name}** (${item.type}) \u2014 hasn't triggered in ${weeksSilent} reads. Internalized or untested? Review whether it still earns its place.`
+        );
+      }
+      lines.push("");
+    }
+  }
+  if (options?.triggeredItems && options.triggeredItems.length > 0) {
+    lines.push("### Keep (recently active)");
+    lines.push("");
+    lines.push("These worldmodel items triggered governance in the most recent read. They're earning their place.");
+    lines.push("");
+    for (const name of options.triggeredItems) {
+      lines.push(`- **${name}** \u2014 triggered this read. Holding.`);
+    }
+    lines.push("");
+  }
+  lines.push("---");
+  lines.push("");
+  lines.push("## Pattern persistence (all observed)");
+  lines.push("");
+  for (const p of persistence) {
+    const status = p.occurrences >= 4 ? "**persistent**" : p.occurrences >= 2 ? "recurring" : "observed once";
+    lines.push(`### ${p.name}`);
+    lines.push(`- Status: ${status}`);
+    lines.push(`- Observed ${p.occurrences} time${p.occurrences > 1 ? "s" : ""}: ${p.dates.join(", ")}`);
+    lines.push("");
+  }
+  lines.push("---");
+  lines.push("");
+  lines.push("<!-- untriggered_counts (machine-readable, do not edit)");
+  for (const [name, count] of existingUntriggered.entries()) {
+    lines.push(`${name}=${count}`);
+  }
+  lines.push("-->");
+  (0, import_fs2.writeFileSync)(filepath, lines.join("\n"), "utf-8");
+  return filepath;
+}
+function loadUntriggeredCounts(filepath) {
+  const counts = /* @__PURE__ */ new Map();
+  if (!(0, import_fs2.existsSync)(filepath)) return counts;
+  try {
+    const content = (0, import_fs2.readFileSync)(filepath, "utf-8");
+    const match = content.match(
+      /<!-- untriggered_counts[\s\S]*?-->/
+    );
+    if (match) {
+      const lines = match[0].split("\n");
+      for (const line of lines) {
+        const eq = line.match(/^([^=]+)=(\d+)$/);
+        if (eq) {
+          counts.set(eq[1], parseInt(eq[2], 10));
+        }
+      }
+    }
+  } catch {
+  }
+  return counts;
+}
+function loadPriorReads(exocortexDir) {
+  const dir = (0, import_path2.resolve)(exocortexDir, "radiant", "reads");
+  if (!(0, import_fs2.existsSync)(dir)) return [];
+  const files = (0, import_fs2.readdirSync)(dir).filter((f) => f.endsWith(".md")).sort();
+  const reads = [];
+  for (const filename of files) {
+    const filepath = (0, import_path2.join)(dir, filename);
+    const content = (0, import_fs2.readFileSync)(filepath, "utf-8");
+    const date = filename.replace(".md", "");
+    const fmMatch = content.match(/^---\n([\s\S]*?)\n---/);
+    const frontmatter = fmMatch ? fmMatch[1] : "";
+    const patternNames = [];
+    const nameMatches = frontmatter.matchAll(/- name: ["']?([^"'\n]+)["']?/g);
+    for (const m of nameMatches) {
+      patternNames.push(m[1].trim());
+    }
+    reads.push({ date, filename, patternNames, frontmatter });
+  }
+  return reads;
+}
+function computePersistence(priorReads, currentPatternNames) {
+  const allPatterns = /* @__PURE__ */ new Map();
+  for (const read of priorReads) {
+    for (const name of read.patternNames) {
+      const dates = allPatterns.get(name) ?? [];
+      if (!dates.includes(read.date)) dates.push(read.date);
+      allPatterns.set(name, dates);
+    }
+  }
+  const today = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+  for (const name of currentPatternNames) {
+    const dates = allPatterns.get(name) ?? [];
+    if (!dates.includes(today)) dates.push(today);
+    allPatterns.set(name, dates);
+  }
+  return Array.from(allPatterns.entries()).map(([name, dates]) => ({
+    name,
+    occurrences: dates.length,
+    dates: dates.sort()
+  })).sort((a, b) => b.occurrences - a.occurrences);
+}
+function formatPriorReadsForPrompt(priorReads) {
+  if (priorReads.length === 0) return "";
+  const lines = [
+    "## Prior Radiant reads (history)",
+    "",
+    `Radiant has run ${priorReads.length} time${priorReads.length > 1 ? "s" : ""} before on this scope.`,
+    "If you see patterns that appeared in prior reads, note their persistence.",
+    "Patterns that recur across 3+ reads are strong candidates for declaration in the strategy file.",
+    ""
+  ];
+  for (const read of priorReads.slice(-4)) {
+    lines.push(`### Read from ${read.date}`);
+    if (read.patternNames.length > 0) {
+      lines.push(`Patterns observed: ${read.patternNames.join(", ")}`);
+    } else {
+      lines.push("No patterns extracted from frontmatter.");
+    }
+    lines.push("");
+  }
+  return lines.join("\n");
+}
+
 // src/radiant/commands/think.ts
 async function think(input) {
   const lens = resolveLens(input.lensId);
@@ -1568,10 +3080,15 @@ async function emergent(input) {
   const windowDays = input.windowDays ?? 14;
   let statedIntent;
   let exocortexContext;
+  let priorReadContext = "";
   if (input.exocortexPath) {
     exocortexContext = readExocortex(input.exocortexPath);
     const formatted = formatExocortexForPrompt(exocortexContext);
     if (formatted) statedIntent = formatted;
+    const priorReads = loadPriorReads(input.exocortexPath);
+    if (priorReads.length > 0) {
+      priorReadContext = formatPriorReadsForPrompt(priorReads);
+    }
   }
   const events = await fetchGitHubActivity(input.scope, input.githubToken, {
     windowDays
@@ -1586,11 +3103,18 @@ async function emergent(input) {
     lens,
     ai: input.ai,
     canonicalPatterns: input.canonicalPatterns,
-    statedIntent
+    statedIntent: statedIntent ? statedIntent + (priorReadContext ? "\n\n" + priorReadContext : "") : priorReadContext || void 0
   });
   const rewrittenPatterns = patterns.map((p) => lens.rewrite(p));
   const allDescriptions = rewrittenPatterns.map((p) => p.description).join("\n");
   const voiceViolations = checkForbiddenPhrases(lens, allDescriptions);
+  let governance;
+  if (input.worldPath) {
+    try {
+      governance = await auditGovernance(classified, input.worldPath);
+    } catch {
+    }
+  }
   const rendered = render({
     scope: input.scope,
     windowDays,
@@ -1600,8 +3124,27 @@ async function emergent(input) {
     scores,
     lens,
     meaning: meaning || void 0,
-    move: move || void 0
+    move: move || void 0,
+    governance
   });
+  if (input.exocortexPath) {
+    try {
+      const readPath = writeRead(input.exocortexPath, rendered.frontmatter, rendered.text);
+      const priorReads = loadPriorReads(input.exocortexPath);
+      const currentPatternNames = rewrittenPatterns.map((p) => p.name);
+      const persistence = computePersistence(priorReads, currentPatternNames);
+      const triggeredItems = governance ? [
+        ...governance.human.details.map((d) => d.ruleId).filter(Boolean),
+        ...governance.cyber.details.map((d) => d.ruleId).filter(Boolean),
+        ...governance.joint.details.map((d) => d.ruleId).filter(Boolean)
+      ] : [];
+      updateKnowledge(input.exocortexPath, persistence, {
+        triggeredItems,
+        totalReads: priorReads.length + 1
+      });
+    } catch {
+    }
+  }
   return {
     text: rendered.text,
     frontmatter: rendered.frontmatter,
@@ -1668,11 +3211,13 @@ var RADIANT_PACKAGE_VERSION = "0.0.0";
   DEFAULT_SIGNAL_EXTRACTORS,
   LENSES,
   RADIANT_PACKAGE_VERSION,
+  auditGovernance,
   aukiBuilderLens,
   checkForbiddenPhrases,
   classifyActorDomain,
   classifyEvents,
   composeSystemPrompt,
+  computePersistence,
   createAnthropicAI,
   createMockAI,
   createMockGitHubAdapter,
@@ -1680,6 +3225,7 @@ var RADIANT_PACKAGE_VERSION = "0.0.0";
   extractSignals,
   fetchGitHubActivity,
   formatExocortexForPrompt,
+  formatPriorReadsForPrompt,
   formatScope,
   getLens,
   interpretPatterns,
@@ -1687,6 +3233,7 @@ var RADIANT_PACKAGE_VERSION = "0.0.0";
   isScored,
   isSentinel,
   listLenses,
+  loadPriorReads,
   parseRepoScope,
   presenceAverage,
   readExocortex,
@@ -1696,5 +3243,7 @@ var RADIANT_PACKAGE_VERSION = "0.0.0";
   scoreLife,
   scoreNeuroVerse,
   summarizeExocortex,
-  think
+  think,
+  updateKnowledge,
+  writeRead
 });