@ps-neko/nekowork 0.1.0-alpha.0

package/scripts/lib/instincts.js

@@ -0,0 +1,194 @@
+// continuous-learning-v2 인스팅트 시스템.
+// 매 review 사이클 후 발견된 패턴 (라우팅 결정 + 이슈 카테고리 + verdict 흐름) 을
+// 신뢰도 점수와 함께 ~/.harness/instincts/<id>.json 으로 영속.
+// 임계 도달 시 사용자에게 "스킬 후보화" 제안.
+
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+import crypto from 'node:crypto';
+
+const PROMOTE_THRESHOLD = Number(process.env.HARNESS_INSTINCT_PROMOTE_THRESHOLD || 3);
+const PRUNE_DAYS = Number(process.env.HARNESS_INSTINCT_PRUNE_DAYS || 30);
+
+function home() { return process.env.HARNESS_HOME || path.join(os.homedir(), '.harness'); }
+function dir() { return path.join(home(), 'instincts'); }
+
+function patternId(p) {
+  const norm = JSON.stringify({ kind: p.kind, key: p.key });
+  return crypto.createHash('sha1').update(norm).digest('hex').slice(0, 12);
+}
+
+/**
+ * 인스팅트 1건 기록 또는 카운트 증가.
+ * @param {object} p
+ * @param {string} p.kind            - 'routing' | 'issue-pattern' | 'fix-flow' | 'sensitive-path'
+ * @param {string} p.key             - 패턴 고유 키 (사람이 읽을 수 있는 짧은 문자열)
+ * @param {string} [p.summary]       - 1줄 요약
+ * @param {object} [p.evidence]      - 자유 형식 증거 (sessionId, files, severity 등)
+ * @param {string} [p.scope]         - 'global' | 'project'
+ * @returns {object} 갱신된 instinct
+ */
+export function record(p) {
+  const home_ = dir();
+  fs.mkdirSync(home_, { recursive: true });
+  const id = patternId(p);
+  const file = path.join(home_, `${id}.json`);
+
+  let inst;
+  if (fs.existsSync(file)) {
+    inst = JSON.parse(fs.readFileSync(file, 'utf8'));
+  } else {
+    inst = {
+      id,
+      kind: p.kind,
+      key: p.key,
+      summary: p.summary || '',
+      scope: p.scope || 'global',
+      first_seen: new Date().toISOString(),
+      last_seen: new Date().toISOString(),
+      count: 0,
+      confidence: 0,
+      evidence: [],
+      promoted: false,
+    };
+  }
+  inst.count += 1;
+  inst.last_seen = new Date().toISOString();
+  if (p.evidence) {
+    inst.evidence.push({ ts: inst.last_seen, ...p.evidence });
+    if (inst.evidence.length > 20) inst.evidence = inst.evidence.slice(-20);
+  }
+  if (p.summary && !inst.summary) inst.summary = p.summary;
+  // 신뢰도: count 기반 단순 척도. 임계 PROMOTE_THRESHOLD 도달 = 1.0.
+  inst.confidence = Math.min(1, inst.count / PROMOTE_THRESHOLD);
+  fs.writeFileSync(file, JSON.stringify(inst, null, 2));
+  return inst;
+}
+
+export function list({ kind, scope, minConfidence = 0, since = 'all' } = {}) {
+  const d = dir();
+  if (!fs.existsSync(d)) return [];
+  const cutoff = parseSince(since);
+  const rows = [];
+  for (const f of fs.readdirSync(d)) {
+    if (!f.endsWith('.json')) continue;
+    try {
+      const inst = JSON.parse(fs.readFileSync(path.join(d, f), 'utf8'));
+      if (kind && inst.kind !== kind) continue;
+      if (scope && inst.scope !== scope) continue;
+      if (inst.confidence < minConfidence) continue;
+      if (cutoff && new Date(inst.last_seen).getTime() < cutoff) continue;
+      rows.push(inst);
+    } catch { /* skip malformed */ }
+  }
+  return rows.sort((a, b) => b.confidence - a.confidence || b.count - a.count);
+}
+
+export function get(id) {
+  const f = path.join(dir(), `${id}.json`);
+  return fs.existsSync(f) ? JSON.parse(fs.readFileSync(f, 'utf8')) : null;
+}
+
+/**
+ * 인스팅트 → 스킬 후보 마크. 실제 스킬 파일 생성은 안 함 (사용자 명시 필요).
+ */
+export function promote(id) {
+  const inst = get(id);
+  if (!inst) throw new Error(`instinct not found: ${id}`);
+  if (inst.confidence < 1) {
+    throw new Error(`confidence ${inst.confidence} < 1 (count ${inst.count}/${PROMOTE_THRESHOLD}). 더 누적 후 promote.`);
+  }
+  inst.promoted = true;
+  inst.promoted_at = new Date().toISOString();
+  fs.writeFileSync(path.join(dir(), `${id}.json`), JSON.stringify(inst, null, 2));
+  return inst;
+}
+
+/**
+ * 자동 promote 후보 판정.
+ * 기준 (모두 만족):
+ *   1. confidence >= 1.0 (count >= threshold)
+ *   2. last_seen 이 maxStaleDays 이내
+ *   3. evidence 다양성 점수 >= minDiversity (서로 다른 sessionId 비율)
+ *   4. 아직 promoted 안 됨
+ *
+ * 출력: { ready: [...], blocked: [...with reason] }
+ * 실 promote 는 사용자 명시 호출 (사용자 룰: 확인 후 실행).
+ */
+export function ready({
+  maxStaleDays = 14,
+  minDiversity = 0.5,
+  kind,
+  scope,
+} = {}) {
+  const now = Date.now();
+  const all = list({ kind, scope });
+  const result = { ready: [], blocked: [] };
+  for (const inst of all) {
+    if (inst.promoted) {
+      result.blocked.push({ id: inst.id, key: inst.key, reason: 'already_promoted' });
+      continue;
+    }
+    if (inst.confidence < 1) {
+      result.blocked.push({ id: inst.id, key: inst.key, reason: `confidence ${inst.confidence.toFixed(2)} < 1` });
+      continue;
+    }
+    const ageDays = (now - new Date(inst.last_seen).getTime()) / 86_400_000;
+    if (ageDays > maxStaleDays) {
+      result.blocked.push({ id: inst.id, key: inst.key, reason: `stale ${ageDays.toFixed(1)}d > ${maxStaleDays}` });
+      continue;
+    }
+    const diversity = computeDiversity(inst);
+    if (diversity < minDiversity) {
+      result.blocked.push({ id: inst.id, key: inst.key, reason: `diversity ${diversity.toFixed(2)} < ${minDiversity}` });
+      continue;
+    }
+    result.ready.push({
+      id: inst.id, key: inst.key, kind: inst.kind, count: inst.count,
+      diversity: Number(diversity.toFixed(2)),
+      last_seen: inst.last_seen, summary: inst.summary,
+    });
+  }
+  return result;
+}
+
+/** evidence 의 sessionId 다양성 = 고유 session 수 / 총 evidence 수. 0 ~ 1. */
+function computeDiversity(inst) {
+  const ev = inst.evidence || [];
+  if (ev.length === 0) return 0;
+  const sessions = new Set();
+  for (const e of ev) if (e.sessionId) sessions.add(e.sessionId);
+  if (sessions.size === 0) return 0;
+  return sessions.size / ev.length;
+}
+
+export function prune({ olderDays = PRUNE_DAYS, dryRun = false } = {}) {
+  const d = dir();
+  if (!fs.existsSync(d)) return { removed: [], kept: 0 };
+  const cutoff = Date.now() - olderDays * 86_400_000;
+  const removed = [], kept = [];
+  for (const f of fs.readdirSync(d)) {
+    if (!f.endsWith('.json')) continue;
+    const fp = path.join(d, f);
+    try {
+      const inst = JSON.parse(fs.readFileSync(fp, 'utf8'));
+      const lastTs = new Date(inst.last_seen).getTime();
+      if (!inst.promoted && lastTs < cutoff && inst.confidence < 1) {
+        if (!dryRun) fs.unlinkSync(fp);
+        removed.push({ id: inst.id, kind: inst.kind, key: inst.key, last_seen: inst.last_seen });
+      } else {
+        kept.push(inst.id);
+      }
+    } catch { /* skip */ }
+  }
+  return { removed, kept: kept.length, dry_run: !!dryRun };
+}
+
+function parseSince(s) {
+  if (!s || s === 'all') return 0;
+  const m = String(s).match(/^(\d+)\s*([smhd])$/);
+  if (!m) return 0;
+  const mult = { s: 1000, m: 60_000, h: 3_600_000, d: 86_400_000 }[m[2]] || 86_400_000;
+  return Date.now() - Number(m[1]) * mult;
+}

package/scripts/lib/keychain.js

@@ -0,0 +1,85 @@
+// scripts/lib/keychain.js
+// OS keychain wrapper (@napi-rs/keyring sync API).
+// macOS Keychain / Windows Credential Manager / Linux Secret Service.
+// 패키지 미설치 또는 native module 로드 실패 시 _mod = null → token-vault 가 file fallback.
+// 자세한 정책은 docs/AUTH-MIGRATION.md.
+
+const SERVICE = 'harness';
+
+let _mod = null;
+let _attempted = false;
+
+async function load() {
+  if (_attempted) return _mod;
+  _attempted = true;
+  try {
+    _mod = await import('@napi-rs/keyring');
+  } catch {
+    _mod = null;
+  }
+  return _mod;
+}
+
+function isNotFound(err) {
+  const m = String(err?.message || err || '');
+  return /no.*entry|not.*found|specified.*item|element not found|no password|no such/i.test(m);
+}
+
+export async function isAvailable() {
+  // 환경에서 명시적으로 비활성 (CI / 강제 file fallback 검증).
+  if (process.env.HARNESS_KEYCHAIN_DISABLED === '1') return false;
+  const k = await load();
+  if (!k) return false;
+  // 실제 OS keychain 이 응답하는지 probe.
+  try {
+    const e = new k.Entry(SERVICE, '__harness_probe__');
+    try { e.getPassword(); }
+    catch (err) {
+      // not-found 는 정상. 그 외 platform error 는 미가용으로 간주.
+      if (!isNotFound(err)) return false;
+    }
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+export async function set(provider, value) {
+  const k = await load();
+  if (!k) throw new Error('@napi-rs/keyring 미설치 (npm install @napi-rs/keyring).');
+  new k.Entry(SERVICE, provider).setPassword(value);
+}
+
+export async function get(provider) {
+  const k = await load();
+  if (!k) throw new Error('@napi-rs/keyring 미설치.');
+  try {
+    const v = new k.Entry(SERVICE, provider).getPassword();
+    return v ?? null;
+  } catch (err) {
+    if (isNotFound(err)) return null;
+    throw err;
+  }
+}
+
+export async function remove(provider) {
+  const k = await load();
+  if (!k) throw new Error('@napi-rs/keyring 미설치.');
+  try {
+    return new k.Entry(SERVICE, provider).deletePassword();
+  } catch (err) {
+    if (isNotFound(err)) return false;
+    throw err;
+  }
+}
+
+export async function list() {
+  const k = await load();
+  if (!k) return [];
+  try {
+    const creds = k.findCredentials(SERVICE) || [];
+    return creds.map((c) => c.account).filter((a) => a !== '__harness_probe__');
+  } catch {
+    return [];
+  }
+}

package/scripts/lib/profile-policy.js

@@ -0,0 +1,134 @@
+const EVIDENCE_PROFILES = new Set(['quality', 'security']);
+const QUALITY_PROFILES = new Set(['quality']);
+const PRODUCT_PROFILES = new Set(['product']);
+
+export function normalizeProfileName(profile) {
+  const value = String(profile || '').trim().toLowerCase();
+  return value || null;
+}
+
+export function profilePolicy(profile) {
+  const name = normalizeProfileName(profile);
+  return {
+    profile: name,
+    evidenceWarningRequired: EVIDENCE_PROFILES.has(name),
+    acceptanceCoverageWarning: QUALITY_PROFILES.has(name),
+    strictQualitySupported: EVIDENCE_PROFILES.has(name) || QUALITY_PROFILES.has(name),
+    productChecklistRequired: PRODUCT_PROFILES.has(name),
+    checklist: buildQualityChecklist(name),
+  };
+}
+
+export function buildQualityChecklist(profile) {
+  const name = normalizeProfileName(profile);
+  if (name === 'quality') {
+    return [
+      'brainstorm before work',
+      'test-first plan',
+      'systematic debugging path',
+      'acceptance criteria coverage evidence',
+      'evidence-based review findings',
+      'verification before completion',
+      'quality gate before ship/apply',
+    ];
+  }
+  if (name === 'security') {
+    return [
+      'security boundary identified',
+      'sensitive files reviewed',
+      'evidence-based critical/high findings',
+      'Codex challenge for sensitive work',
+      'Human Gate on critical findings',
+    ];
+  }
+  if (name === 'product') {
+    return [
+      'target user identified',
+      'MVP scope defined',
+      'non-goals protected',
+      'launch/readiness risk identified',
+      'QA acceptance criteria defined',
+      'UX confusion risk checked',
+    ];
+  }
+  return [];
+}
+
+export function evidenceFieldWarnings(handoffs = [], profile) {
+  const policy = profilePolicy(profile);
+  if (!policy.evidenceWarningRequired) return [];
+
+  const warnings = [];
+  for (const handoff of handoffs.filter(Boolean)) {
+    for (const issue of handoff.issues || []) {
+      if (!shouldRequireEvidence(issue)) continue;
+      const missing = [];
+      if (!issue.claim) missing.push('claim');
+      if (!issue.evidence) missing.push('evidence');
+      if (!issue.required_fix && !issue.suggested_fix) missing.push('required_fix');
+      if (typeof issue.confidence !== 'number') missing.push('confidence');
+      if (typeof issue.gate_required !== 'boolean') missing.push('gate_required');
+      if (missing.length) {
+        warnings.push(`${handoff.stage || 'handoff'} issue "${issue.summary || issue.claim || 'unnamed'}" missing ${missing.join(', ')}`);
+      }
+    }
+  }
+  return warnings;
+}
+
+export function acceptanceCoverageWarnings(criteria = [], handoffs = [], profile) {
+  return acceptanceCoverage(criteria, handoffs, profile)
+    .filter(row => row.status === 'missing')
+    .map(row => `${row.id || 'AC'} lacks explicit verification evidence`);
+}
+
+export function acceptanceCoverage(criteria = [], handoffs = [], profile) {
+  const policy = profilePolicy(profile);
+  if (!policy.acceptanceCoverageWarning) return [];
+
+  const evidence = collectEvidence(handoffs);
+
+  return (criteria || [])
+    .filter(ac => ac?.id || ac?.desc)
+    .map(ac => {
+      const id = String(ac.id || '').trim();
+      const desc = String(ac.desc || '').trim();
+      const match = findCoverageMatch({ id, desc }, evidence);
+      return {
+        id: id || 'AC',
+        desc: desc || '',
+        status: match ? 'covered' : 'missing',
+        evidence: match?.evidence || 'No explicit verification evidence found in Codex review/challenge handoffs.',
+        source: match?.source || 'quality-warning',
+      };
+    });
+}
+
+function shouldRequireEvidence(issue = {}) {
+  return ['critical', 'high'].includes(issue.severity) || issue.gate_required === true;
+}
+
+function collectEvidence(handoffs = []) {
+  const rows = [];
+  for (const handoff of handoffs.filter(Boolean)) {
+    const source = handoff.stage || 'handoff';
+    for (const value of [handoff.decided, handoff.rejected, handoff.risks, handoff.remaining]) {
+      if (value) rows.push({ source, evidence: String(value) });
+    }
+    for (const issue of handoff.issues || []) {
+      for (const value of [issue.summary, issue.claim, issue.evidence, issue.why, issue.required_fix, issue.suggested_fix]) {
+        if (value) rows.push({ source, evidence: String(value) });
+      }
+    }
+  }
+  return rows;
+}
+
+function findCoverageMatch(ac, evidenceRows) {
+  const id = ac.id.toLowerCase();
+  const desc = ac.desc.toLowerCase();
+  return evidenceRows.find(row => {
+    const evidence = row.evidence.toLowerCase();
+    return (id && evidence.includes(id)) || (desc && evidence.includes(desc));
+  }) || null;
+}

package/scripts/lib/profile-safety.js

@@ -0,0 +1,81 @@
+export const CORE_PROFILE_MODULES = [
+  'rules-core',
+  'agents-core',
+  'hooks-runtime',
+  'platform-configs',
+];
+
+const FORBIDDEN_TRUE_DEFAULTS = [
+  'bypass_human_gate',
+  'disable_human_gate',
+  'disable_codex_review',
+  'disable_codex_verification',
+  'skip_codex_review',
+  'skip_human_gate',
+  'no_codex',
+  'no_human_gate',
+  'unsafe_apply',
+  'auto_publish',
+  'auto_deploy',
+];
+
+const FORBIDDEN_FALSE_DEFAULTS = [
+  'human_gate_on_critical',
+  'require_codex_verification',
+  'codex_review_required',
+  'human_gate_required',
+];
+
+const FORBIDDEN_MUTATION_POLICIES = new Set([
+  'parallel_write',
+  'multi_executor',
+  'unrestricted',
+  'direct_write',
+  'bypass_review',
+]);
+
+const FORBIDDEN_NETWORK_POLICIES = new Set([
+  'allow',
+  'full',
+  'unrestricted',
+]);
+
+export function validateProfileSafety(profilesDoc = {}) {
+  const errors = [];
+  const warnings = [];
+  const profiles = profilesDoc.profiles || {};
+
+  for (const [profileName, profile] of Object.entries(profiles)) {
+    const modules = new Set(profile.modules || []);
+    for (const required of CORE_PROFILE_MODULES) {
+      if (!modules.has(required)) {
+        errors.push(`profile "${profileName}" must include core safety module "${required}"`);
+      }
+    }
+
+    const defaults = profile.defaults || {};
+    for (const key of FORBIDDEN_TRUE_DEFAULTS) {
+      if (defaults[key] === true) {
+        errors.push(`profile "${profileName}" cannot set defaults.${key}=true`);
+      }
+    }
+    for (const key of FORBIDDEN_FALSE_DEFAULTS) {
+      if (defaults[key] === false) {
+        errors.push(`profile "${profileName}" cannot set defaults.${key}=false`);
+      }
+    }
+
+    if (FORBIDDEN_MUTATION_POLICIES.has(String(defaults.mutation_policy || '').toLowerCase())) {
+      errors.push(`profile "${profileName}" cannot weaken mutation_policy to "${defaults.mutation_policy}"`);
+    }
+    if (FORBIDDEN_NETWORK_POLICIES.has(String(defaults.outbound_network || '').toLowerCase())) {
+      errors.push(`profile "${profileName}" cannot set outbound_network to "${defaults.outbound_network}"`);
+    }
+
+    if (profileName === 'security' && defaults.human_gate_on_critical !== true) {
+      warnings.push('profile "security" should keep defaults.human_gate_on_critical=true');
+    }
+  }
+
+  return { errors, warnings };
+}

package/scripts/lib/risk-classifier.js

@@ -0,0 +1,145 @@
+import { riskLevel } from './severity.js';
+
+function words(patterns) {
+  return new RegExp(patterns.join('|'), 'i');
+}
+
+export const SENSITIVE_PATTERNS = [
+  /\bauth\b/i,
+  /\bcrypto\b/i,
+  /\bpayment\b/i,
+  /\bsession\b/i,
+  /\bpermission\b/i,
+  /\boauth\b/i,
+  /\bjwt\b/i,
+  /\bpassword\b/i,
+  /\bsecret\b/i,
+  /\btoken\b/i,
+  /\bapikey\b/i,
+  /\bapi[-_]key\b/i,
+  /\bcert\b/i,
+  /\btls\b/i,
+  /\bssl\b/i,
+  /\bmtls\b/i,
+  /\bcsrf\b/i,
+  /\bcors\b/i,
+  /\bxss\b/i,
+  /\bwebhook\b/i,
+];
+
+const RISK_TAGS = [
+  {
+    tag: 'security',
+    level: 'high',
+    challenge: true,
+    humanGate: false,
+    patterns: [
+      ...SENSITIVE_PATTERNS,
+      words(['\\uC778\\uC99D', '\\uBCF4\\uC548', '\\uD1A0\\uD070', '\\uBE44\\uBC00\\uBC88\\uD638']),
+    ],
+  },
+  {
+    tag: 'financial',
+    level: 'high',
+    challenge: true,
+    humanGate: true,
+    patterns: [
+      /\b(stock|trading|trade|broker|order|buy|sell|portfolio|payment|billing|invoice|checkout|refund)\b/i,
+      words(['\\uC8FC\\uC2DD', '\\uD2B8\\uB808\\uC774\\uB529', '\\uB9E4\\uC218', '\\uB9E4\\uB3C4', '\\uC8FC\\uBB38', '\\uACB0\\uC81C', '\\uD658\\uBD88']),
+    ],
+  },
+  {
+    tag: 'deploy',
+    level: 'high',
+    challenge: true,
+    humanGate: true,
+    patterns: [
+      /\b(deploy|release|production|prod|ci\/cd|github actions|workflow|terraform|kubernetes|k8s|cloud)\b/i,
+      words(['\\uBC30\\uD3EC', '\\uB9B4\\uB9AC\\uC2A4', '\\uC6B4\\uC601']),
+    ],
+  },
+  {
+    tag: 'data',
+    level: 'high',
+    challenge: true,
+    humanGate: false,
+    patterns: [
+      /\b(database|migration|schema|delete|truncate|backup|restore|pii|personal data|destructive)\b/i,
+      words(['\\uB370\\uC774\\uD130', '\\uB9C8\\uC774\\uADF8\\uB808\\uC774\\uC158', '\\uC0AD\\uC81C', '\\uAC1C\\uC778\\uC815\\uBCF4']),
+    ],
+  },
+  {
+    tag: 'product-ui',
+    level: 'low',
+    challenge: false,
+    humanGate: false,
+    patterns: [
+      /\b(ui|ux|frontend|react|component|dashboard|mockup|wireframe|prototype|accessibility)\b/i,
+      words(['\\uD654\\uBA74', '\\uBAA9\\uC5C5', '\\uB300\\uC2DC\\uBCF4\\uB4DC', '\\uD504\\uB860\\uD2B8']),
+    ],
+  },
+];
+
+const LEVEL_SCORE = { low: 0, medium: 1, high: 2, critical: 3 };
+const SCORE_LEVEL = ['low', 'medium', 'high', 'critical'];
+
+export function classifyRisk(input = {}) {
+  const task = input.task || '';
+  const files = input.files || [];
+  const issues = input.issues || [];
+  const haystack = [task, ...files].join('\n');
+  const tags = [];
+  let score = LEVEL_SCORE[riskLevel(files, task)] ?? 0;
+  let requiresCodexChallenge = false;
+  let requiresHumanGate = false;
+
+  for (const spec of RISK_TAGS) {
+    if (spec.patterns.some(re => re.test(haystack))) {
+      tags.push(spec.tag);
+      score = Math.max(score, LEVEL_SCORE[spec.level] ?? 0);
+      requiresCodexChallenge = requiresCodexChallenge || spec.challenge;
+      requiresHumanGate = requiresHumanGate || spec.humanGate;
+    }
+  }
+
+  if (issues.some(i => i?.severity === 'critical')) {
+    score = Math.max(score, LEVEL_SCORE.critical);
+    requiresHumanGate = true;
+  }
+  if (issues.some(i => i?.verdict === 'block')) {
+    requiresHumanGate = true;
+  }
+
+  const risk = SCORE_LEVEL[score] || 'low';
+  if (risk === 'critical') requiresHumanGate = true;
+
+  return {
+    risk,
+    tags: [...new Set(tags)],
+    requiresCodexChallenge,
+    requiresHumanGate,
+    sensitive: requiresCodexChallenge || requiresHumanGate,
+  };
+}
+
+export function isSensitiveWork(input = {}) {
+  return classifyRisk(input).sensitive;
+}
+
+export function gateReasonFromFindings(handoffs = []) {
+  for (const h of handoffs.filter(Boolean)) {
+    if (h.verdict === 'block') return `${h.stage} returned block`;
+    if ((h.issues || []).some(i => i.severity === 'critical')) return `${h.stage} reported critical issue`;
+  }
+  return null;
+}
+
+export function humanGatePolicy(input = {}) {
+  const classification = classifyRisk(input);
+  return {
+    ...classification,
+    reason: classification.requiresHumanGate
+      ? `risk=${classification.risk}; tags=${classification.tags.join(',') || 'none'}`
+      : null,
+  };
+}