@openwop/openwop-conformance 1.2.0 → 1.3.0

package/src/scenarios/aiEnvelope.schemaDrift.test.ts

@@ -65,23 +65,162 @@ describe('aiEnvelope.schemaDrift: advertisement shape (FINAL v1.1)', () => {
   });
 });
 
-describe('aiEnvelope.schemaDrift: engine-strictness placeholders', () => {
-  // The 4 assertions below require the engine to read both:
-  //   (a) `Capabilities.schemaVersions[<kind>]` — the advertised floor
-  //       version the host implements for the kind, AND
-  //   (b) `Capabilities.envelopeStrictness` — the run-level knob that
-  //       decides whether below-floor versions warn or refuse.
-  //
-  // The reference workflow-engine sample's `acceptEnvelope` validates
-  // `schemaVersion` as a top-level structural field but does NOT yet
-  // cross-reference it against the host's advertised floor or apply
-  // the strictness knob. Promoting these to behavioral requires
-  // threading both pieces of state through `AcceptOptions` (or making
-  // the acceptor close over a discovery snapshot). Tracked as host-
-  // impl follow-up; the OTel span attribute (`envelope_schema_version_drift`)
-  // is engine-projection scope.
-  it.todo('emit envelope with schemaVersion below advertised floor under strictness:"warn" → warn-and-continue');
-  it.todo('emit envelope with schemaVersion below advertised floor under strictness:"strict" → refuse unknown_schema_version');
-  it.todo('emit envelope with schemaVersion ABOVE advertised floor → refuse regardless of strictness');
-  it.todo('drift logs include envelope_schema_version_drift attribute on the OTel span');
+// Behavioral assertions through the workflow-engine sample's env-gated
+// `POST /v1/host/sample/envelope/accept` seam. The seam threads
+// `schemaVersionFloor` + `envelopeStrictness` into AcceptOptions so the
+// pure-function acceptor can apply the §"Schema discipline" gate.
+// Each test soft-skips on HTTP 404 (host doesn't expose the seam).
+async function accept(envelope: unknown, opts: Record<string, unknown> = {}): Promise<{ status: number; body: { status?: string; reason?: string; details?: unknown[] } }> {
+  const res = await driver.post('/v1/host/sample/envelope/accept', { envelope, ...opts });
+  return { status: res.status, body: res.json as { status?: string; reason?: string; details?: unknown[] } };
+}
+
+const baseMeta = { source: 'ai-generation' as const, ts: '2026-05-18T10:00:00Z' };
+
+describe('aiEnvelope.schemaDrift: behavioral strictness gate (FINAL v1.1)', () => {
+  it('schemaVersion below advertised floor under strictness:"warn" → accepted (warn-and-continue)', async () => {
+    const r = await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 0, // below the v1 floor
+        envelopeId: 'env-drift-warn',
+        correlationId: 'r:n:0:driftwarn',
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: baseMeta,
+      },
+      {
+        schemaVersionFloor: { 'clarification.request': 1 },
+        envelopeStrictness: 'warn',
+      },
+    );
+    if (r.status === 404) return;
+    expect(
+      r.body.status,
+      driver.describe(
+        'ai-envelope.md §"Schema discipline"',
+        'below-floor schemaVersion under strictness:warn MUST be accepted (drift projected at engine level)',
+      ),
+    ).toBe('accepted');
+  });
+
+  it('schemaVersion below advertised floor under strictness:"strict" → invalid unknown_schema_version', async () => {
+    const r = await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 0,
+        envelopeId: 'env-drift-strict',
+        correlationId: 'r:n:0:driftstrict',
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: baseMeta,
+      },
+      {
+        schemaVersionFloor: { 'clarification.request': 1 },
+        envelopeStrictness: 'strict',
+      },
+    );
+    if (r.status === 404) return;
+    expect(
+      r.body.status,
+      driver.describe(
+        'ai-envelope.md §"Schema discipline"',
+        'below-floor schemaVersion under strictness:strict MUST refuse with unknown_schema_version',
+      ),
+    ).toBe('invalid');
+    expect(r.body.reason).toContain('unknown_schema_version');
+  });
+
+  it('schemaVersion ABOVE advertised floor → invalid regardless of strictness (host doesn\'t know future version)', async () => {
+    for (const strictness of ['warn', 'strict'] as const) {
+      const r = await accept(
+        {
+          type: 'clarification.request',
+          schemaVersion: 99,
+          envelopeId: `env-drift-above-${strictness}`,
+          correlationId: `r:n:0:driftabove-${strictness}`,
+          payload: { questions: [{ id: 'q1', question: 'why?' }] },
+          meta: baseMeta,
+        },
+        {
+          schemaVersionFloor: { 'clarification.request': 1 },
+          envelopeStrictness: strictness,
+        },
+      );
+      if (r.status === 404) return;
+      expect(
+        r.body.status,
+        driver.describe(
+          'ai-envelope.md §"Schema discipline"',
+          `above-floor schemaVersion MUST refuse regardless of strictness (got ${strictness})`,
+        ),
+      ).toBe('invalid');
+      expect(r.body.reason).toContain('unknown_schema_version');
+    }
+  });
+
+  it('refused above-floor envelope carries instancePath /schemaVersion in details', async () => {
+    const r = await accept(
+      {
+        type: 'error',
+        schemaVersion: 5,
+        envelopeId: 'env-drift-details',
+        correlationId: 'r:n:0:driftdetails',
+        payload: { code: 'x', message: 'y' },
+        meta: baseMeta,
+      },
+      {
+        schemaVersionFloor: { error: 1 },
+        envelopeStrictness: 'warn', // above-floor → invalid regardless
+      },
+    );
+    if (r.status === 404) return;
+    expect(r.body.status).toBe('invalid');
+    expect(Array.isArray(r.body.details)).toBe(true);
+    const paths = (r.body.details ?? []).map((d: unknown) => (d as { instancePath?: string }).instancePath);
+    expect(
+      paths.includes('/schemaVersion'),
+      driver.describe(
+        'ai-envelope.md §"Schema discipline"',
+        'schema-drift refusal MUST cite /schemaVersion as the violating field',
+      ),
+    ).toBe(true);
+  });
+});
+
+// E.2 OTel scrape seam.
+import { queryTestSpans, isOtelSeamAvailable } from '../lib/otel-scrape.js';
+import { resetTestSeam } from '../lib/event-log-query.js';
+
+describe('aiEnvelope.schemaDrift: OTel drift attribute projection (E.2)', () => {
+  it('below-floor + strictness:warn → OTel span MUST carry envelope_schema_version_drift attribute', async () => {
+    if (!(await isOtelSeamAvailable())) return;
+    const runId = `r-drift-otel-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    const r = await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 0, // below the v1 floor
+        envelopeId: 'env-drift-otel-1',
+        correlationId: `${runId}:n:0:drift-otel`,
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: baseMeta,
+      },
+      {
+        schemaVersionFloor: { 'clarification.request': 1 },
+        envelopeStrictness: 'warn',
+        projectTo: { runId, nodeId: 'n' },
+      },
+    );
+    if (r.status === 404) return;
+    expect(r.body.status).toBe('accepted');
+
+    const spans = await queryTestSpans({ runId });
+    if (!spans.ok) return;
+    expect(
+      spans.data.some((s) => s.attributes.envelope_schema_version_drift === true),
+      driver.describe(
+        'ai-envelope.md §"Schema discipline"',
+        'below-floor accept under strictness:warn MUST project envelope_schema_version_drift attribute on the OTel span',
+      ),
+    ).toBe(true);
+    await resetTestSeam();
+  });
 });

package/src/scenarios/aiEnvelope.trustBoundaryPropagation.test.ts

@@ -132,12 +132,63 @@ describe('aiEnvelope.trustBoundaryPropagation: behavioral normalization (FINAL v
   });
 });
 
-describe('aiEnvelope.trustBoundaryPropagation: engine-integration placeholders', () => {
-  // These require the engine to project normalizedMeta.contentTrust
-  // onto RunEventDoc.contentTrust + enforce the approval-gate refusal
-  // path. The pure-function acceptor surfaces normalizedMeta; engine
-  // wiring is host-impl scope.
-  it.todo('engine projects normalizedMeta.contentTrust onto RunEventDoc.contentTrust');
-  it.todo('approval gate refuses to advance on untrusted envelope with untrusted_content_blocks_approval');
-  it.todo('downstream LLM node re-consuming untrusted RunEventDoc applies <UNTRUSTED> wrap per prompt-injection invariant');
+// E.1 engine-projection via the test-only event-log seam.
+import { queryTestEvents, isEventLogSeamAvailable, resetTestSeam } from '../lib/event-log-query.js';
+
+describe('aiEnvelope.trustBoundaryPropagation: engine projection via event-log seam', () => {
+  it('normalizedMeta.contentTrust:"untrusted" MUST project onto RunEventDoc.contentTrust', async () => {
+    if (!(await isEventLogSeamAvailable())) return;
+    const runId = `r-tb-proj-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 1,
+        envelopeId: 'env-tb-proj-1',
+        correlationId: `${runId}:n:0:tb-proj`,
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: { ...baseMeta, contentTrust: 'untrusted' },
+      },
+      { projectTo: { runId, nodeId: 'n' } },
+    );
+    const events = await queryTestEvents(runId, { type: 'interrupt.requested' });
+    if (!events.ok || events.events.length === 0) return;
+    expect(
+      events.events[0]!.contentTrust,
+      driver.describe(
+        'ai-envelope.md §"Trust boundary"',
+        'engine MUST project normalizedMeta.contentTrust:"untrusted" onto every consequent RunEventDoc.contentTrust',
+      ),
+    ).toBe('untrusted');
+    await resetTestSeam();
+  });
+
+  it('trusted envelope projects RunEventDoc.contentTrust:"trusted" (default + explicit both verified)', async () => {
+    if (!(await isEventLogSeamAvailable())) return;
+    const runId = `r-tb-trusted-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 1,
+        envelopeId: 'env-tb-proj-trusted',
+        correlationId: `${runId}:n:0:tb-trusted`,
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: baseMeta, // no contentTrust → default 'trusted'
+      },
+      { projectTo: { runId, nodeId: 'n' } },
+    );
+    const events = await queryTestEvents(runId, { type: 'interrupt.requested' });
+    if (!events.ok || events.events.length === 0) return;
+    expect(events.events[0]!.contentTrust).toBe('trusted');
+    await resetTestSeam();
+  });
+});
+
+describe('aiEnvelope.trustBoundaryPropagation: approval-gate refusal placeholder', () => {
+  // Approval-gate refusal (`untrusted_content_blocks_approval`) requires
+  // wiring the acceptor's normalizedMeta onto the engine's approval-gate
+  // resume handler. Tracked under Thread E.4 of the test-coverage plan
+  // (approval-gate refusal seam); the projection seam alone can't drive
+  // a resume-with-untrusted assertion.
+  it.todo('approval gate refuses to advance on untrusted envelope with untrusted_content_blocks_approval (needs approval-gate resume seam)');
+  it.todo('downstream LLM node re-consuming untrusted RunEventDoc applies <UNTRUSTED> wrap per prompt-injection invariant (needs node-execution seam)');
 });

package/src/scenarios/aiEnvelope.universalKinds.test.ts

@@ -164,13 +164,104 @@ describe('aiEnvelope.universalKinds: behavioral accept via /v1/host/sample/envel
   });
 });
 
-describe('aiEnvelope.universalKinds: engine-integration placeholders', () => {
-  // These assert behaviors beyond the pure-function acceptor — they
-  // need the engine to lift envelopes into interrupts / re-inject
-  // schemas / emit log.appended events. Tracked separately; the
-  // acceptor seam above covers the 5 wire-level assertions.
-  it.todo('lift clarification.request to kind:"clarification" interrupt per interrupt.md');
-  it.todo('schema.request triggers next-turn schema re-injection (host responsibility)');
-  it.todo('schema.response counted (or exempt) against limits.envelopesPerTurn per host policy');
-  it.todo('error envelope projects to log.appended (level: "error"), NOT node.failed');
+// E.1 engine-projection via the test-only event-log seam.
+import { queryTestEvents, isEventLogSeamAvailable, resetTestSeam } from '../lib/event-log-query.js';
+
+describe('aiEnvelope.universalKinds: engine projection via event-log seam', () => {
+  it('clarification.request MUST be lifted to interrupt.requested { kind: "clarification" } per interrupt.md', async () => {
+    if (!(await isEventLogSeamAvailable())) return;
+    const runId = `r-uk-clar-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    const r = await accept(
+      {
+        type: 'clarification.request',
+        schemaVersion: 1,
+        envelopeId: 'env-uk-proj-clar',
+        correlationId: `${runId}:n:0:uk-clar`,
+        payload: { questions: [{ id: 'q1', question: 'why?' }] },
+        meta: baseMeta,
+      },
+      { projectTo: { runId, nodeId: 'n' } },
+    );
+    if (r.status === 404) return;
+    expect(r.body.status).toBe('accepted');
+    const events = await queryTestEvents(runId, { type: 'interrupt.requested' });
+    if (!events.ok) return;
+    expect(
+      events.events.length,
+      driver.describe('ai-envelope.md §"Universal kinds"', 'accepted clarification.request MUST project to interrupt.requested per interrupt.md'),
+    ).toBe(1);
+    expect((events.events[0]!.payload as { kind?: string }).kind).toBe('clarification');
+    await resetTestSeam();
+  });
+
+  it('error envelope MUST project to log.appended { level: "error" } — NOT node.failed', async () => {
+    if (!(await isEventLogSeamAvailable())) return;
+    const runId = `r-uk-err-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    await accept(
+      {
+        type: 'error',
+        schemaVersion: 1,
+        envelopeId: 'env-uk-proj-err',
+        correlationId: `${runId}:n:0:uk-err`,
+        payload: { code: 'validation_failed', message: 'cannot produce JSON' },
+        meta: baseMeta,
+      },
+      { projectTo: { runId, nodeId: 'n' } },
+    );
+    const logs = await queryTestEvents(runId, { type: 'log.appended' });
+    const fails = await queryTestEvents(runId, { type: 'node.failed' });
+    if (!logs.ok || !fails.ok) return;
+    expect(
+      logs.events.some((e) => (e.payload as { level?: string }).level === 'error'),
+      driver.describe('ai-envelope.md §"Universal kinds"', 'LLM-emitted error envelope MUST project to log.appended at error level'),
+    ).toBe(true);
+    expect(
+      fails.events.length,
+      driver.describe('ai-envelope.md §"Universal kinds"', 'LLM-emitted error envelope MUST NOT project to node.failed (distinct from terminal node failure)'),
+    ).toBe(0);
+    await resetTestSeam();
+  });
+
+  it('schema.request projects to log.appended (host implements next-turn injection out-of-band)', async () => {
+    if (!(await isEventLogSeamAvailable())) return;
+    const runId = `r-uk-sr-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    await accept(
+      {
+        type: 'schema.request',
+        schemaVersion: 1,
+        envelopeId: 'env-uk-proj-sr',
+        correlationId: `${runId}:n:0:uk-sr`,
+        payload: { envelopeType: 'vendor.acme.foo' },
+        meta: baseMeta,
+      },
+      { projectTo: { runId, nodeId: 'n' } },
+    );
+    const events = await queryTestEvents(runId, { type: 'log.appended' });
+    if (!events.ok) return;
+    expect(
+      events.events.length,
+      driver.describe('ai-envelope.md §"Universal kinds"', 'schema.request MUST project to log.appended (the schema delivery itself happens out-of-band via the host\'s next-turn system prompt)'),
+    ).toBeGreaterThan(0);
+    await resetTestSeam();
+  });
+});
+
+describe('aiEnvelope.universalKinds: schema.response counter-policy advertisement (ai-envelope.md §"Universal kinds")', () => {
+  it('host MAY count or exempt schema.response against envelopesPerTurn; when advertised, the policy field MUST be a documented enum value', async () => {
+    // Per ai-envelope.md §"Universal kinds": "Engines MAY count this against
+    // Capabilities.limits.envelopesPerTurn or exempt it; conformance does
+    // not lock this choice." The conformance test only verifies that hosts
+    // advertising a policy field use a documented value.
+    const res = await driver.get('/.well-known/openwop');
+    const body = res.json as { capabilities?: { aiEnvelope?: { schemaResponseCounterPolicy?: string } } } | undefined;
+    const policy = body?.capabilities?.aiEnvelope?.schemaResponseCounterPolicy;
+    if (policy === undefined) return; // no policy advertised — host MAY omit
+    expect(
+      ['counted', 'exempt'].includes(policy),
+      driver.describe(
+        'ai-envelope.md §"Universal kinds"',
+        'when advertised, schemaResponseCounterPolicy MUST be either "counted" or "exempt"',
+      ),
+    ).toBe(true);
+  });
 });

package/src/scenarios/blob-presign-expiry.test.ts

@@ -61,6 +61,39 @@ describe('blob-presign-expiry: advertisement shape (RFC 0019)', () => {
   });
 });
 
-describe('blob-presign-expiry: behavioral assertions (placeholders — need host test seam)', () => {
-  it.todo("presign with ttl=60 → URL works during the window, returns 403 after");
+async function call(op: string, args: Record<string, unknown>) {
+  return driver.post('/v1/host/sample/test/surface', { tenantId: 'tenant-a', surface: 'blob', op, args });
+}
+
+describe('blob-presign-expiry: behavioral (RFC 0019 §B point 1)', () => {
+  it('presigned URL MUST resolve to the blob inside its TTL window and return 403 after expiry', async () => {
+    const probe = await call('get', { key: '__probe__' });
+    if (probe.status === 404) return; // seam not exposed
+    const key = `pre-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    const contentBase64 = Buffer.from('presigned-payload').toString('base64');
+    await call('put', { key, contentBase64, contentType: 'text/plain' });
+
+    // presign with TTL=2s
+    const presign = await call('presign', { key, expiresInSeconds: 2 });
+    expect(presign.status).toBe(200);
+    const body = presign.json as { url?: string; expiresAtMs?: number };
+    expect(typeof body.url, 'presign MUST return a URL').toBe('string');
+
+    // Fetch within the window — MUST return 200 + the bytes
+    const within = await driver.get(body.url!);
+    if (within.status === 404) return; // host doesn't expose the resolver route — soft-skip the expiry side too
+    expect(
+      within.status,
+      driver.describe('RFC 0019 §B point 1', 'presigned URL MUST resolve to 200 within its TTL window'),
+    ).toBe(200);
+
+    // Wait past expiry (TTL=2s + 1s buffer)
+    await new Promise((r) => setTimeout(r, 3000));
+
+    const after = await driver.get(body.url!);
+    expect(
+      after.status,
+      driver.describe('RFC 0019 §B point 1', 'presigned URL MUST return 403 after TTL expiry'),
+    ).toBe(403);
+  });
 });

package/src/scenarios/cache-ttl-expiry.test.ts

@@ -42,6 +42,32 @@ describe('cache-ttl-expiry: advertisement shape (RFC 0019)', () => {
   });
 });
 
-describe('cache-ttl-expiry: behavioral assertions (placeholders — need host test seam)', () => {
-  it.todo("put with ttl=2 → hit within window; miss after");
+async function call(op: string, args: Record<string, unknown>) {
+  return driver.post('/v1/host/sample/test/surface', { tenantId: 'tenant-a', surface: 'cache', op, args });
+}
+
+describe('cache-ttl-expiry: behavioral (RFC 0019 §B point 2 — 1s TTL drift)', () => {
+  it('put with ttlSeconds=2 → hit within window; miss after expiry', async () => {
+    const probe = await call('get', { key: '__cache-probe__' });
+    if (probe.status === 404) return;
+    const key = `c-ttl-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    const putRes = await call('put', { key, value: 'evicts-soon', ttlSeconds: 2 });
+    expect(putRes.status).toBe(200);
+
+    const within = await call('get', { key });
+    const withinBody = within.json as { value?: unknown; found?: boolean };
+    expect(
+      withinBody.value,
+      driver.describe('RFC 0019 §B point 2', 'cache get within TTL MUST return the stored value'),
+    ).toBe('evicts-soon');
+
+    await new Promise((r) => setTimeout(r, 3000));
+
+    const after = await call('get', { key });
+    const afterBody = after.json as { value?: unknown; found?: boolean };
+    expect(
+      afterBody.found,
+      driver.describe('RFC 0019 §B point 2', 'cache get after TTL expiry MUST surface as found:false (≤1s drift)'),
+    ).toBe(false);
+  });
 });

package/src/scenarios/dispatch-cross-worker-handoff.test.ts

@@ -92,7 +92,38 @@ describe.skipIf(SKIP)('dispatch-cross-worker-handoff: sequential child→parent
     )).toBe('hello');
   });
 
-  it.todo(
-    'HVMAP-1c-override: per-worker mapping overrides default mapping. dispatch.inputMapping={input:"defaultX"}; perWorkerInputMappings.child-b={input:"sharedVar"}; child-b MUST receive inputs.input from sharedVar, NOT defaultX. Requires a fixture variant carrying both default + per-worker mappings.',
-  );
+  it('HVMAP-1c-override: per-worker mapping overrides default mapping per §A effectiveInputMapping precedence', async () => {
+    const PARENT_OVERRIDE = 'conformance-dispatch-per-worker-override';
+    if (!isFixtureAdvertised(PARENT_OVERRIDE)) return; // fixture not seeded — soft-skip
+    const create = await driver.post('/v1/runs', { workflowId: PARENT_OVERRIDE });
+    expect(create.status).toBe(201);
+    const parentRunId = (create.json as { runId: string }).runId;
+    await pollUntilTerminal(parentRunId);
+
+    const eventsRes = await driver.get(`/v1/runs/${encodeURIComponent(parentRunId)}/events`);
+    const events = ((eventsRes.json as { events?: RunEvent[] } | undefined)?.events ?? []);
+    const dispatchedA = events.find((e) => e.type === 'node.dispatched' && e.payload?.childWorkflowId === CHILD_A);
+    const dispatchedB = events.find((e) => e.type === 'node.dispatched' && e.payload?.childWorkflowId === CHILD_B);
+    if (!dispatchedA || !dispatchedB) return;
+
+    const childARes = await driver.get(`/v1/runs/${encodeURIComponent(dispatchedA.payload!.childRunId!)}`);
+    const childBRes = await driver.get(`/v1/runs/${encodeURIComponent(dispatchedB.payload!.childRunId!)}`);
+    const childAInputs = (childARes.json as { inputs?: Record<string, unknown> }).inputs ?? {};
+    const childBInputs = (childBRes.json as { inputs?: Record<string, unknown> }).inputs ?? {};
+
+    expect(
+      childAInputs.input,
+      driver.describe(
+        'RFCS/0022-dispatch-input-output-mapping.md §A',
+        'child-a uses the DEFAULT inputMapping; input MUST come from parent.defaultX',
+      ),
+    ).toBe('default-x-value');
+    expect(
+      childBInputs.input,
+      driver.describe(
+        'RFCS/0022-dispatch-input-output-mapping.md §A',
+        'child-b uses the per-worker OVERRIDE; input MUST come from parent.sharedVar (NOT defaultX)',
+      ),
+    ).toBe('shared-value');
+  });
 });

package/src/scenarios/dispatch-input-mapping.test.ts

@@ -24,6 +24,7 @@ import { describe, it, expect } from 'vitest';
 import { driver } from '../lib/driver.js';
 import { pollUntilTerminal } from '../lib/polling.js';
 import { isFixtureAdvertised } from '../lib/fixtures.js';
+import { setHostCapability, resetHostCapabilities, isToggleAvailable } from '../lib/host-toggle.js';
 
 const PARENT = 'conformance-dispatch-input-mapping';
 const CHILD = 'conformance-dispatch-input-mapping-child';
@@ -84,11 +85,79 @@ describe.skipIf(SKIP)('dispatch-input-mapping: parent → child variable project
     )).toBe('Alice');
   });
 
-  it.todo(
-    'HVMAP-1a-null: parent variable unset → child input surfaces as `undefined` (NOT omitted, NOT `null`) per §A normative bullet. Requires a fixture variant omitting parentName.defaultValue.',
-  );
+  it('HVMAP-1a-null: parent variable unset → child input surfaces as `undefined` per §A', async () => {
+    const PARENT_NO_DEFAULT = 'conformance-dispatch-input-mapping-no-default';
+    if (!isFixtureAdvertised(PARENT_NO_DEFAULT) || !isFixtureAdvertised(CHILD)) return; // fixture not seeded — soft-skip
+    const create = await driver.post('/v1/runs', { workflowId: PARENT_NO_DEFAULT });
+    expect(create.status).toBe(201);
+    const parentRunId = (create.json as { runId: string }).runId;
+    await pollUntilTerminal(parentRunId);
 
-  it.todo(
-    'HVMAP-1a-refusal: host advertises capabilities.agents.dispatch: true but NOT capabilities.agents.dispatchMapping: true; workflow with non-empty inputMapping MUST fail registration with validation_error + details.requiredCapability === "agents.dispatchMapping". Requires a host-capability-toggle hook in the conformance harness.',
-  );
+    const eventsRes = await driver.get(`/v1/runs/${encodeURIComponent(parentRunId)}/events`);
+    const events = ((eventsRes.json as { events?: RunEvent[] } | undefined)?.events ?? []);
+    const dispatched = events.find(
+      (e) => e.type === 'node.dispatched' && e.payload?.childWorkflowId === CHILD,
+    );
+    if (!dispatched) return; // host doesn't emit node.dispatched — soft-skip
+    const childRunId = dispatched.payload?.childRunId;
+
+    const childRes = await driver.get(`/v1/runs/${encodeURIComponent(childRunId!)}`);
+    const child = childRes.json as RunSnapshot;
+    // Per RFC 0022 §A: an unset parent variable MUST surface as `undefined`.
+    // On the wire, `undefined` becomes either omitted from the JSON object
+    // OR explicit `null`; the spec REJECTS the latter. We accept either
+    // "key absent" or "key === undefined" but FAIL on `null`.
+    const inputs = child.inputs ?? {};
+    const v = inputs.childGreeting;
+    expect(
+      v === undefined || !('childGreeting' in inputs),
+      driver.describe(
+        'RFCS/0022-dispatch-input-output-mapping.md §A',
+        'unset parent variable projection MUST surface as undefined (NOT null, NOT a default placeholder)',
+      ),
+    ).toBe(true);
+    expect(v).not.toBe(null);
+  });
+
+});
+
+describe('dispatch-input-mapping: registration refusal (RFC 0022 §C HVMAP-1a-refusal)', () => {
+  it('host with agents.dispatchMapping toggled OFF MUST refuse non-empty inputMapping at registration', async () => {
+    if (!(await isToggleAvailable())) return; // seam not exposed — soft-skip
+    await setHostCapability('agents.dispatchMapping', false);
+    try {
+      const workflow = {
+        workflowId: `hvmap-1a-refusal-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+        nodes: [
+          {
+            nodeId: 'dispatch-1',
+            typeId: 'core.dispatch',
+            config: {
+              nextWorkerIds: ['child-a'],
+              inputMapping: { childInput: 'parentVar' }, // non-empty — refusal trigger
+            },
+          },
+        ],
+      };
+      const res = await driver.post('/v1/host/sample/workflows', workflow);
+      expect(
+        res.status,
+        driver.describe(
+          'RFCS/0022-dispatch-input-output-mapping.md §C',
+          'workflow with non-empty inputMapping MUST be refused when capabilities.agents.dispatchMapping is not advertised',
+        ),
+      ).toBe(400);
+      const body = res.json as { error?: string; details?: { requiredCapability?: string } };
+      expect(body.error).toBe('validation_error');
+      expect(
+        body.details?.requiredCapability,
+        driver.describe(
+          'RFCS/0022-dispatch-input-output-mapping.md §C',
+          'refusal MUST surface requiredCapability: "agents.dispatchMapping"',
+        ),
+      ).toBe('agents.dispatchMapping');
+    } finally {
+      await resetHostCapabilities();
+    }
+  });
 });