@ps-neko/nekowork 0.1.0-alpha.0

package/docs/examples/GITHUB-ACTIONS-HARDENING.md

@@ -0,0 +1,86 @@
+# GitHub Actions Hardening Example
+
+This example shows how NEKOWORK handles deploy-sensitive CI workflow work.
+
+The checked-in standalone target project lives at:
+
+```text
+examples/github-actions-hardening/
+```
+
+It includes a hardened validation workflow, a local YAML-based hardening check, and case-study artifacts under `case-study/`.
+
+## Request
+
+```text
+Harden a GitHub Actions validation workflow without adding deploy or publish behavior.
+```
+
+## Recommended Flow
+
+```bash
+node scripts/cli.js ask "harden GitHub Actions validation workflow" --session actions-hardening
+node scripts/cli.js plan "harden GitHub Actions validation workflow" --session actions-hardening
+node scripts/cli.js team "harden GitHub Actions validation workflow" --workers planner,security,test --no-write --session actions-hardening
+node scripts/cli.js work "implement hardened GitHub Actions validation workflow" --single-executor --session actions-hardening
+node scripts/cli.js verify "verify hardened GitHub Actions validation workflow" --secure --session actions-hardening
+node scripts/cli.js gate status --session actions-hardening
+```
+
+## Expected Policy Behavior
+
+The task should classify as:
+
+```text
+risk=high
+tags=deploy
+requiresCodexChallenge=true
+requiresHumanGate=true
+```
+
+That means:
+
+- `ask` confirms deploy/publish/cloud credentials are out of scope.
+- `team` remains read-only.
+- `work` uses one executor and records acceptance criteria.
+- `verify --secure` runs Codex review and Codex challenge.
+- `ship` stays blocked until the human explicitly approves or blocks.
+
+## Local Evidence
+
+Inside the example project:
+
+```bash
+npm test
+```
+
+Expected output:
+
+```text
+github-actions-hardening checks passed
+```
+
+The local check verifies:
+
+- no `pull_request_target`
+- no package publish
+- no static secrets
+- no cloud credential setup
+- read-only permissions
+- pinned non-floating action refs
+- bounded job timeout
+
+## Example Gate Resolution
+
+Approve only after confirming the workflow remains validation-only:
+
+```bash
+node scripts/cli.js gate approve --session actions-hardening --reason "Confirmed validation-only hardened workflow."
+node scripts/cli.js ship "prepare GitHub Actions hardening ship readiness" --require-clean-gates --session actions-hardening
+```
+
+If deploy, publish, or broad permission behavior appears:
+
+```bash
+node scripts/cli.js gate block --session actions-hardening --reason "Workflow hardening boundary is not proven."
+```

package/docs/examples/QUALITY-LIFECYCLE-SMOKE.md

@@ -0,0 +1,32 @@
+# Quality Lifecycle Smoke
+
+`examples/quality-lifecycle-smoke` is a small case-study target for the NEKOWORK quality profile.
+
+It demonstrates this path:
+
+```text
+ask --profile quality
+  -> plan
+  -> team
+  -> work --profile quality
+  -> verify --profile quality --strict-quality
+  -> ship
+```
+
+The example is intentionally small. Its purpose is to show the quality-runtime evidence shape:
+
+- `ask` records quality questions and the quality checklist.
+- `work` remains single-executor.
+- `verify` requires evidence-based findings for high/critical issues.
+- `verify-summary.json` can carry structured `acceptance_coverage`.
+- `--strict-quality` can convert unresolved quality warnings into a fix-required verification verdict.
+- `ship` remains readiness only; `apply` is still explicit.
+
+Run the local check:
+
+```bash
+cd examples/quality-lifecycle-smoke
+npm test
+```
+
+This example is not a substitute for a named third-party external project case study. It is a checked-in fixture that proves the quality lifecycle contract is inspectable.

package/docs/examples/TRADING-DASHBOARD-MOCK.md

@@ -0,0 +1,65 @@
+# Trading Dashboard Mock Example
+
+This example shows how NEKOWORK handles a financial UI request without treating it like a normal low-risk mockup.
+
+The checked-in standalone target project lives at:
+
+```text
+examples/trading-dashboard-mock/
+```
+
+It includes a static dashboard, local fixture data, a zero-dependency mock-boundary test, and case-study artifacts under `case-study/`.
+
+## Request
+
+```text
+Build a trading dashboard mockup. It must use mock data only and must not place real orders.
+```
+
+## Recommended Flow
+
+```bash
+node scripts/cli.js ask "stock trading dashboard mockup with mock-only orders" --session trading-demo
+node scripts/cli.js plan "stock trading dashboard mockup with mock-only orders" --session trading-demo
+node scripts/cli.js team "stock trading dashboard mockup with mock-only orders" --workers planner,product,security,test --no-write --session trading-demo
+node scripts/cli.js work "implement the planned trading dashboard mockup" --single-executor --session trading-demo
+node scripts/cli.js verify "verify the trading dashboard mockup stays mock-only" --session trading-demo
+node scripts/cli.js gate status --session trading-demo
+```
+
+## Expected Policy Behavior
+
+The task should classify as:
+
+```text
+risk=high
+tags=financial,product-ui
+requiresCodexChallenge=true
+requiresHumanGate=true
+```
+
+That means:
+
+- `ask` asks whether all broker/order/payment behavior must stay mock-only.
+- `team` remains read-only.
+- `work` uses one executor and records acceptance criteria.
+- `verify` runs Codex review and Codex challenge.
+- `verify` writes `HUMAN_GATE` even if Codex approves, because financial automation needs human confirmation.
+- `ship` stays blocked until the human explicitly approves or blocks.
+
+## Example Gate Resolution
+
+Approve only after confirming that no real broker, payment, order, or account code is present:
+
+```bash
+node scripts/cli.js gate approve --session trading-demo --reason "Confirmed mock-only data and no real order execution."
+node scripts/cli.js ship "prepare trading dashboard mock ship readiness" --require-clean-gates --session trading-demo
+```
+
+If any real-money behavior is present:
+
+```bash
+node scripts/cli.js gate block --session trading-demo --reason "Real order/payment behavior is not allowed in this mock cycle."
+```
+
+`apply` remains separate and should only run after `SHIP_READY` exists for a live-work diff.

package/docs/workflows-stash/README.md

@@ -0,0 +1,32 @@
+# Workflows Stash
+
+> 첫 push 당시 OAuth 토큰의 `workflow` 스코프 부족으로 `.github/workflows/` 가 reject 되어 임시 보관소.
+> 정책상 본 디렉터리는 일시적이며, 토큰 갱신 또는 웹 UI 업로드 후 본 디렉터리는 삭제할 수 있다.
+
+## 재 등록 절차 (택일)
+
+### A. GitHub 웹 UI 업로드 (가장 단순)
+
+1. https://github.com/Ps-Neko/NEKOWORK 접속
+2. `Add file` → `Create new file`
+3. 파일명: `.github/workflows/harness-review.yml`
+4. 내용: 본 디렉터리의 `harness-review.yml` 그대로 복사 / 붙여넣기
+5. Commit (직접 main 또는 PR)
+6. `harness-validate.yml` 도 동일
+
+### B. 토큰 갱신 후 push
+
+```bash
+gh auth refresh -s workflow             # 브라우저 동의 필요
+mkdir -p .github/workflows
+cp docs/workflows-stash/harness-review.yml .github/workflows/
+cp docs/workflows-stash/harness-validate.yml .github/workflows/
+git add .github/workflows/
+git commit -m "ci: GitHub Actions 복원"
+git push
+```
+
+## 무엇이 보관됐나
+
+- `harness-review.yml` — PR 자동 7단계 + 핸드오프 PR 코멘트 + 아티팩트 업로드
+- `harness-validate.yml` — push/PR 시 매니페스트 + 단위 테스트

package/docs/workflows-stash/harness-review.yml

@@ -0,0 +1,166 @@
+name: harness-review
+
+# claude-led-codex-review 7단계 풀사이클을 PR 에 자동 적용.
+# - dry-run (mock provider) 디폴트: API 키 / Codex CLI 미설정 환경에서도 동작
+# - live 는 self-hosted CLI 세션 또는 HARNESS_CLAUDE_RUNNER=sdk + secret opt-in 일 때만 사용
+# - sensitive path 자동 감지 → --secure
+# - critical 발견 / round ≥ 3 → 워크플로우 실패 + PR 코멘트
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+  workflow_dispatch:
+    inputs:
+      task:
+        description: '리뷰 task 설명'
+        required: false
+        default: ''
+      secure:
+        description: '단계 6 codex-challenge 강제'
+        required: false
+        default: 'auto'
+        type: choice
+        options: [auto, on, off]
+      live:
+        description: '실 LLM 호출 (시크릿 필요)'
+        required: false
+        default: 'false'
+        type: choice
+        options: ['false', 'true']
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  review:
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+
+    env:
+      HARNESS_HOOK_GATEGUARD: '1'
+      HARNESS_HOOK_QUALITY_GATE: '1'
+      HARNESS_HOOK_PRE_BASH: '0'           # CI 에서는 bash 게이트 사용 안 함
+      HARNESS_HOOK_PERSISTENT_MODE: '0'    # CI 에서는 영속 모드 OFF
+
+    steps:
+      - name: Checkout (full history)
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node 22
+        uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: npm install
+        run: npm ci --no-audit --no-fund
+
+      - name: Validate catalog
+        run: |
+          node scripts/install-plan.js --profile core --verbose
+          node scripts/ci/catalog.js
+          node scripts/ci/check-markers.js
+
+      - name: Compute task / secure / live
+        id: opts
+        run: |
+          TASK="${{ github.event.inputs.task }}"
+          if [ -z "$TASK" ] && [ -n "${{ github.event.pull_request.title }}" ]; then
+            TASK="${{ github.event.pull_request.title }}"
+          fi
+          if [ -z "$TASK" ]; then
+            TASK="자동: ${{ github.event_name }} ${{ github.ref }}"
+          fi
+          echo "task=$TASK" >> "$GITHUB_OUTPUT"
+
+          SECURE="${{ github.event.inputs.secure || 'auto' }}"
+          SECURE_FLAG=""
+          if [ "$SECURE" = "on" ]; then SECURE_FLAG="--secure"; fi
+          # auto: orchestrator 가 sensitive path 자동 감지
+          echo "secure_flag=$SECURE_FLAG" >> "$GITHUB_OUTPUT"
+
+          LIVE="${{ github.event.inputs.live || 'false' }}"
+          LIVE_FLAG=""
+          if [ "$LIVE" = "true" ] && [ -n "${{ secrets.ANTHROPIC_API_KEY }}" ]; then
+            LIVE_FLAG="--live"
+          fi
+          echo "live_flag=$LIVE_FLAG" >> "$GITHUB_OUTPUT"
+
+      - name: Run review
+        id: review
+        env:
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+          HARNESS_CLAUDE_RUNNER: ${{ steps.opts.outputs.live_flag && 'sdk' || '' }}
+        run: |
+          set +e
+          node scripts/cli.js review "${{ steps.opts.outputs.task }}" \
+            ${{ steps.opts.outputs.secure_flag }} \
+            ${{ steps.opts.outputs.live_flag }} \
+            --no-ship \
+            --session "ci-${{ github.run_id }}-${{ github.run_attempt }}"
+          CODE=$?
+          echo "exit=$CODE" >> "$GITHUB_OUTPUT"
+          # exit 3 = HUMAN_GATE
+          # 그 외 0 외 코드는 일반 실패
+          if [ "$CODE" = "0" ]; then echo "verdict=approve" >> "$GITHUB_OUTPUT";
+          elif [ "$CODE" = "3" ]; then echo "verdict=human_gate" >> "$GITHUB_OUTPUT";
+          else echo "verdict=error" >> "$GITHUB_OUTPUT"; fi
+          exit 0
+
+      - name: Collect handoffs
+        if: always()
+        run: |
+          SESSION_DIR=".harness/state/sessions/ci-${{ github.run_id }}-${{ github.run_attempt }}"
+          if [ -d "$SESSION_DIR/handoffs" ]; then
+            echo "## Handoffs"
+            ls "$SESSION_DIR/handoffs"
+            echo ""
+            for f in "$SESSION_DIR"/handoffs/*.md; do
+              echo "----"
+              cat "$f"
+            done > /tmp/handoffs.md
+          fi
+
+      - name: Upload artifacts
+        if: always()
+        uses: actions/upload-artifact@v6
+        with:
+          name: harness-handoffs-${{ github.run_id }}
+          path: .harness/state/sessions/ci-${{ github.run_id }}-*/
+          retention-days: 14
+
+      - name: Comment on PR
+        if: github.event_name == 'pull_request'
+        uses: actions/github-script@v8
+        with:
+          script: |
+            const fs = require('fs');
+            const sessionDir = `.harness/state/sessions/ci-${context.runId}-${context.runAttempt}`;
+            let body = `### HARNESS review (${{ steps.review.outputs.verdict }})\n\n`;
+            body += `세션: \`ci-${context.runId}-${context.runAttempt}\`\n`;
+            body += `exit: \`${{ steps.review.outputs.exit }}\`\n\n`;
+            try {
+              const handoffs = fs.readdirSync(`${sessionDir}/handoffs`).filter(f => f.endsWith('.md')).sort();
+              body += `핸드오프 ${handoffs.length}개:\n`;
+              for (const f of handoffs) body += `- \`${f}\`\n`;
+              const last = handoffs.filter(f => f.includes('codex-review') || f.includes('codex-challenge')).pop();
+              if (last) {
+                const text = fs.readFileSync(`${sessionDir}/handoffs/${last}`, 'utf8');
+                body += `\n<details><summary>${last}</summary>\n\n${text}\n</details>\n`;
+              }
+            } catch (e) { body += `(핸드오프 디렉터리 없음: ${e.message})\n`; }
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body,
+            });
+
+      - name: Fail on human gate / error
+        if: steps.review.outputs.verdict != 'approve'
+        run: |
+          echo "review verdict: ${{ steps.review.outputs.verdict }}"
+          exit 1

package/docs/workflows-stash/harness-validate.yml

@@ -0,0 +1,48 @@
+name: harness-validate
+
+# 매 push / PR 마다 매니페스트·카탈로그·테스트 빠른 검증. 5분 이내 완료 목표.
+
+on:
+  push:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          cache: 'npm'
+      - run: npm ci --no-audit --no-fund
+
+      - name: 매니페스트·카탈로그 검증
+        run: |
+          node scripts/install-plan.js --profile core --verbose
+          node scripts/install-plan.js --profile developer
+          node scripts/install-plan.js --profile security
+          node scripts/install-plan.js --profile research
+          node scripts/install-plan.js --profile full
+          node scripts/ci/catalog.js
+          node scripts/ci/check-markers.js
+
+      - name: 단위 테스트
+        run: |
+          npm test
+
+      - name: 의존성 감사
+        run: npm audit --audit-level=moderate
+
+      - name: 빌드 산출물
+        run: |
+          node scripts/build-claude.js
+          node scripts/build-codex.js
+          node scripts/build-cursor.js
+          node scripts/build-gemini.js
+          node scripts/build-opencode.js
+          node scripts/build-codemaps.js --check

package/examples/github-actions-hardening/.github/workflows/hardened-validate.yml

@@ -0,0 +1,38 @@
+name: hardened-validate
+
+on:
+  pull_request:
+    branches: [main]
+  push:
+    branches: [main]
+
+permissions:
+  contents: read
+
+concurrency:
+  group: hardened-validate-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    permissions:
+      contents: read
+      actions: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+
+      - name: Install
+        run: npm ci
+
+      - name: Test
+        run: npm test

package/examples/github-actions-hardening/README.md

@@ -0,0 +1,31 @@
+# GitHub Actions Hardening Project
+
+This is a small standalone repository fixture used as a NEKOWORK case-study target.
+
+It demonstrates a hardened CI workflow:
+
+- read-only default token permissions
+- explicit job permissions
+- pinned action versions
+- no `pull_request_target`
+- no deploy or publish step
+- job timeout
+- no static cloud credentials
+
+## Test
+
+```bash
+npm test
+```
+
+The test verifies the workflow hardening boundary.
+
+## NEKOWORK Case Study
+
+See [case-study/TASK.md](case-study/TASK.md) for the workflow evidence:
+
+```text
+ask -> plan -> team -> work -> verify -> gate -> ship
+```
+
+The important product rule is that CI/security changes are deploy-sensitive. They require Codex verification and may require Human Gate before ship readiness.

package/examples/github-actions-hardening/case-study/ASK.md

@@ -0,0 +1,26 @@
+# Ask
+
+Expected question-gate outcome:
+
+```text
+risk=high
+tags=deploy
+requiresCodexChallenge=true
+requiresHumanGate=true
+```
+
+## Blocking Questions
+
+1. Is this workflow allowed to deploy or publish?
+2. What token permissions are required?
+3. Are cloud credentials or repository secrets in scope?
+4. Which event triggers are allowed?
+5. What evidence proves the workflow is hardened?
+
+## Draft Success Criteria
+
+1. Workflow uses read-only default permissions.
+2. Jobs use the minimum explicit permissions required.
+3. Actions use pinned non-floating refs.
+4. Workflow avoids `pull_request_target`, secrets, deploy, and publish behavior.
+5. Local check validates the hardening boundary.

package/examples/github-actions-hardening/case-study/GATE_STATUS.md

@@ -0,0 +1,28 @@
+# Gate Status
+
+## Expected Status Before Approval
+
+```text
+status=open
+reason=risk policy requires human gate (deploy)
+```
+
+## Human Review Checklist
+
+- Workflow does not deploy or publish.
+- Permissions are read-only.
+- Action refs are pinned and non-floating.
+- No secrets or cloud credential setup exists.
+- Local hardening check passes.
+
+## Approve Command
+
+```bash
+node ../../scripts/cli.js gate approve --project-root . --session actions-hardening --reason "Confirmed validation-only hardened workflow."
+```
+
+## Block Command
+
+```bash
+node ../../scripts/cli.js gate block --project-root . --session actions-hardening --reason "Workflow hardening boundary is not proven."
+```

package/examples/github-actions-hardening/case-study/PLAN.md

@@ -0,0 +1,25 @@
+# Plan
+
+## Implementation
+
+1. Add `.github/workflows/hardened-validate.yml`.
+2. Use `push` and `pull_request` events only.
+3. Set top-level `permissions: contents: read`.
+4. Set explicit job permissions.
+5. Use pinned action versions.
+6. Disable checkout credential persistence.
+7. Add a local `scripts/check.mjs` hardening validator.
+
+## Acceptance Criteria
+
+| ID | Criteria |
+|---|---|
+| AC-001 | Workflow validates on push and pull request only. |
+| AC-002 | Top-level and job permissions are read-only. |
+| AC-003 | Actions avoid floating refs. |
+| AC-004 | No secrets, cloud credentials, deploy, or publish steps exist. |
+| AC-005 | `npm test` validates the workflow boundary. |
+
+## Human Gate
+
+Human approval is required before claiming ship readiness because CI workflow changes can affect release, deploy, and repository trust boundaries.

package/examples/github-actions-hardening/case-study/SHIP_READY.md

@@ -0,0 +1,21 @@
+# Ship Ready
+
+This case study is ship-ready only after Human Gate approval.
+
+## Required Evidence
+
+- Work handoff exists.
+- Codex verification exists.
+- Risk policy was evaluated.
+- Human Gate was approved.
+- `npm test` passed inside this fixture.
+
+## Ship Command
+
+```bash
+node ../../scripts/cli.js ship "prepare GitHub Actions hardening ship readiness" --project-root . --session actions-hardening --require-clean-gates
+```
+
+## Apply Policy
+
+This fixture is already present in the repository. In a live-work session, `apply` would remain explicit and would require `SHIP_READY`.

package/examples/github-actions-hardening/case-study/TASK.md

@@ -0,0 +1,30 @@
+# Task
+
+Harden a GitHub Actions validation workflow without adding deploy or publish behavior.
+
+## Scope
+
+- Create a minimal CI workflow.
+- Restrict GitHub token permissions.
+- Pin action versions.
+- Add a job timeout.
+- Avoid secret, cloud credential, release, or deploy steps.
+
+## Non-Goals
+
+- No production deploy.
+- No package publish.
+- No cloud credential setup.
+- No `pull_request_target`.
+- No write-scoped token permissions.
+
+## Recommended NEKOWORK Flow
+
+```bash
+node ../../scripts/cli.js ask "harden GitHub Actions validation workflow" --project-root . --session actions-hardening
+node ../../scripts/cli.js plan "harden GitHub Actions validation workflow" --project-root . --session actions-hardening
+node ../../scripts/cli.js team "harden GitHub Actions validation workflow" --workers planner,security,test --no-write --project-root . --session actions-hardening
+node ../../scripts/cli.js work "implement hardened GitHub Actions validation workflow" --single-executor --project-root . --session actions-hardening
+node ../../scripts/cli.js verify "verify hardened GitHub Actions validation workflow" --secure --project-root . --session actions-hardening
+node ../../scripts/cli.js gate status --project-root . --session actions-hardening
+```

package/examples/github-actions-hardening/case-study/TEAM_HANDOFFS.md

@@ -0,0 +1,37 @@
+# Team Handoffs
+
+## Planner
+
+Decided: Keep the workflow narrow: install and test only.
+
+Rejected: Release, deploy, publish, cache mutation, and environment promotion.
+
+Risks: CI workflows can accidentally grant token write scope or expose secrets.
+
+Files: `.github/workflows/hardened-validate.yml`, `scripts/check.mjs`
+
+Remaining: Verify permissions and action refs.
+
+## Security
+
+Decided: Use read-only permissions, no secrets, no cloud credentials, and no `pull_request_target`.
+
+Rejected: Static cloud secrets, broad token scopes, floating action refs.
+
+Risks: Future edits may add `id-token: write`, `contents: write`, or secret access.
+
+Files: `.github/workflows/hardened-validate.yml`, `scripts/check.mjs`
+
+Remaining: Human Gate stays required for deploy-sensitive workflow changes.
+
+## Test
+
+Decided: Use a local YAML parser check to validate the workflow contract.
+
+Rejected: Live GitHub Actions execution for this small case-study fixture.
+
+Risks: Static checks do not prove every marketplace action's internals.
+
+Files: `scripts/check.mjs`, `package.json`
+
+Remaining: Run `npm test`.