@ps-neko/nekowork 0.1.0-alpha.0

package/docs/SECURITY.md

@@ -0,0 +1,79 @@
+# Security Model
+
+NEKOWORK is local-first by default. The safest path is to let provider CLIs manage their own local login sessions instead of passing long-lived API keys through the harness.
+
+## Delegated CLI Auth
+
+Default live provider calls use local CLI sessions:
+
+- Claude: `claude` CLI session
+- Codex: `codex` CLI session
+- Gemini: `gemini` CLI session
+
+The harness calls these CLIs as local processes and does not need to store LLM provider API keys.
+
+## API Key Guard
+
+Before delegated provider calls, NEKOWORK blocks common long-lived API key environment variables by default:
+
+- `ANTHROPIC_API_KEY`
+- `OPENAI_API_KEY`
+- `GEMINI_API_KEY`
+- `GOOGLE_API_KEY`
+
+Use `HARNESS_AUTH_ALLOW_ENV_OVERRIDE=1` only when a metered API-key path is intentional.
+
+## CLI Path Trust
+
+Provider CLIs should resolve from user/global install locations, not from the current project workspace. This prevents a repository-local `claude`, `codex`, or `gemini` shim from hijacking delegated auth.
+
+If a local test shim is intentional, opt in explicitly with provider-specific environment variables such as:
+
+```bash
+HARNESS_CODEX_ALLOW_WORKSPACE_BIN=1
+HARNESS_CLAUDE_ALLOW_WORKSPACE_BIN=1
+HARNESS_GEMINI_ALLOW_WORKSPACE_BIN=1
+```
+
+## Git Mutation Guard
+
+Read-only or handoff-mode provider runs are checked after execution. Unexpected workspace mutations are blocked unless an explicit provider-specific override is set.
+
+This is especially important for Codex read-only review, because the Codex sandbox should not be treated as the only security boundary.
+
+## MCP Supply Chain
+
+MCP stdio servers must use exact SemVer pins. HTTP MCP servers must use HTTPS.
+
+The `security-hardening` gate checks MCP pins, workflow permissions, job timeouts, dependency specs, OIDC policy, and package-lock presence:
+
+```bash
+npm run security:hardening
+```
+
+## Human Gates
+
+Automation stops for high-risk conditions:
+
+- critical severity
+- repeated fix rounds
+- large blast radius
+- explicit security-sensitive review paths
+
+The goal is not fully autonomous shipping. The goal is a local workflow that preserves independent review and human control.
+
+## Audit And Redaction
+
+Audit records are designed to redact common token fields. Do not commit secrets, `.env` files, private keys, or provider tokens to the repository.
+
+Run the standard release gates before publishing or tagging:
+
+```bash
+npm run lint
+npm test
+npm audit --audit-level=moderate
+node scripts/repair.js --check
+node scripts/sync-claude-md.js --check
+node scripts/build-codemaps.js --check
+npm run security:hardening
+```

package/docs/SETUP.md

@@ -0,0 +1,142 @@
+# Setup
+
+Start with [QUICKSTART.md](QUICKSTART.md) if this is your first run. This page is the deeper contributor setup guide.
+
+NEKOWORK `0.1.0-alpha.0` is prepared as a public alpha candidate but is not published to npm yet. Use a source checkout, submodule, or local repository integration until npm owner auth is available and the alpha is published.
+
+## Requirements
+
+- Node.js 22+
+- npm
+- git
+- Optional: Claude Code CLI, Codex CLI, Gemini CLI
+- Optional for Rust runtime: Rust toolchain and platform build tools
+
+## Source Checkout
+
+```bash
+git clone https://github.com/Ps-Neko/NEKOWORK.git harness
+cd harness
+npm ci
+node scripts/cli.js doctor --quick
+npm run lint
+npm test
+```
+
+## Local Generated Outputs
+
+Preview the catalog:
+
+```bash
+node scripts/install-plan.js --list
+node scripts/install-plan.js --profile developer
+```
+
+Apply generated harness outputs locally:
+
+```bash
+node scripts/install-apply.js --profile developer
+```
+
+Check freshness:
+
+```bash
+node scripts/repair.js --check
+node scripts/sync-claude-md.js --check
+node scripts/build-codemaps.js --check
+```
+
+## Live Provider Setup
+
+Mock mode is the default and requires no provider login. Live mode delegates to local CLI sessions.
+
+### Claude
+
+```bash
+claude auth status
+npm run verify:claude
+```
+
+The default Claude runner uses the local Claude Code CLI session. `ANTHROPIC_API_KEY` is not required.
+
+### Codex
+
+```bash
+npm install -g @openai/codex
+codex login
+codex login status
+npm run verify:codex
+```
+
+### Gemini
+
+```bash
+gemini
+npm run verify:gemini
+node scripts/cli.js doctor --quick --gemini-smoke
+```
+
+Gemini CLI does not expose the same non-interactive auth-status contract as Claude/Codex. Plain `doctor` checks installation and warns that auth was not checked; `doctor --gemini-smoke` runs the explicit live smoke and will fail if headless Gemini auth is not ready.
+
+## API Key Overrides
+
+Unset long-lived provider API keys for delegated local CLI auth:
+
+```bash
+unset ANTHROPIC_API_KEY
+unset OPENAI_API_KEY
+unset GEMINI_API_KEY
+unset GOOGLE_API_KEY
+```
+
+PowerShell:
+
+```powershell
+Remove-Item Env:ANTHROPIC_API_KEY -ErrorAction SilentlyContinue
+Remove-Item Env:OPENAI_API_KEY -ErrorAction SilentlyContinue
+Remove-Item Env:GEMINI_API_KEY -ErrorAction SilentlyContinue
+Remove-Item Env:GOOGLE_API_KEY -ErrorAction SilentlyContinue
+```
+
+Use `HARNESS_AUTH_ALLOW_ENV_OVERRIDE=1` only when a metered API-key path is intentional.
+
+## GitHub Auth
+
+GitHub OAuth helpers are optional:
+
+```bash
+npm run auth:github:login
+npm run auth:github:status
+npm run auth:github:logout
+```
+
+Workflow file pushes may require a token with `workflow` scope. The local harness does not need this for mock review or source checkout usage.
+
+## Rust Runtime
+
+The Rust runtime is optional for 0.0.3:
+
+```bash
+npm run verify:runtime
+```
+
+The Node CLI remains the primary user path.
+
+## Troubleshooting
+
+`npm ci` fails:
+
+- Confirm `node -v` is 22 or newer.
+- Check proxy and registry settings in `.npmrc`.
+
+`doctor` reports stale generated files:
+
+- Run `node scripts/repair.js`.
+- Run `node scripts/sync-claude-md.js`.
+- Run `node scripts/build-codemaps.js`.
+
+`--live` fails:
+
+- Run `node scripts/cli.js doctor --quick`.
+- Confirm provider CLI login.
+- Unset API key environment variables unless intentionally opted in.

package/docs/WHY-NEKOWORK.md

@@ -0,0 +1,64 @@
+# Why NEKOWORK
+
+NEKOWORK is not another Claude Code power pack. It is a local-first verification harness that turns AI-generated work into auditable, gated, explicitly applied changes.
+
+## Position
+
+```text
+Superpowers teaches the agent discipline.
+Everything Claude Code gives the agent a broad operating environment.
+GStack turns the agent into a startup-style team.
+OMC makes the agent run more autonomously.
+NEKOWORK makes the agent prove, gate, and apply safely.
+```
+
+NEKOWORK can absorb useful ideas from those systems, but only as capabilities. The architecture stays fixed around:
+
+```text
+Claude work -> Codex verification -> Human Gate -> explicit apply
+```
+
+## Comparison
+
+| Pattern | Strong At | NEKOWORK Answer |
+|---|---|---|
+| Large agent catalog | Many roles, skills, and commands | Keep catalogs selective; make verification the product |
+| Discipline workflow | TDD, planning, debugging, review method | Add `quality` profile, evidence policy, and strict quality gates |
+| Team simulation | Many specialists thinking in parallel | Keep `team` read-only and preserve one executor for writes |
+| Autopilot UX | Fast one-command execution | Use `run` as the compact safe wrapper: `work -> verify -> ship` |
+| Cross-tool setup | Many harness surfaces | Project one source catalog into Claude, Codex, Cursor, Gemini, and OpenCode |
+
+## What NEKOWORK Optimizes For
+
+- Local delegated auth, not static API keys by default.
+- Inspectable session artifacts and handoffs.
+- Read-only multi-agent thinking.
+- Single-executor mutation.
+- Independent Codex verification.
+- Human Gate for risky changes.
+- `apply` only after verified `SHIP_READY` live-work diffs.
+
+## What NEKOWORK Does Not Optimize For
+
+- Being the largest agent catalog.
+- Magic-keyword automatic activation.
+- Bypassing review to maximize speed.
+- Publishing, deploying, or pushing without human control.
+
+## Default Pitch
+
+English:
+
+```text
+NEKOWORK is a local-first AI development quality runtime.
+It makes AI-generated changes prove themselves through independent verification,
+Human Gate decisions, and explicit apply control.
+```
+
+Korean:
+
+```text
+NEKOWORK는 AI 개발을 위한 로컬 우선 품질 런타임입니다.
+AI가 만든 변경을 독립 검증, Human Gate, 명시적 apply를 거쳐
+감사 가능한 변경으로 통과시킵니다.
+```

package/docs/case-studies/README.md

@@ -0,0 +1,16 @@
+# Case Studies
+
+This directory records NEKOWORK runs against real projects or production-like fixtures.
+
+Case studies must keep the NEKOWORK invariants visible:
+
+- no automatic publish, deploy, push, or PR
+- read-only team or planning phases unless explicitly scoped
+- one executor for write phases
+- Codex verification before ship readiness
+- Human Gate when risk policy requires it
+- explicit apply only after verified readiness
+
+## Current Case Studies
+
+- [sindresorhus/is-plain-obj](SINDRESORHUS-IS-PLAIN-OBJ.md): third-party public npm package, quality-profile run, strict quality no-ship evidence.

package/docs/case-studies/SINDRESORHUS-IS-PLAIN-OBJ.md

@@ -0,0 +1,141 @@
+# Case Study: sindresorhus/is-plain-obj
+
+Status date: 2026-05-07
+
+Target repository:
+
+```text
+https://github.com/sindresorhus/is-plain-obj
+```
+
+Target commit:
+
+```text
+97f38e8836f86a642cce98fc6ab3058bc36df181
+```
+
+Package:
+
+```text
+is-plain-obj@4.1.0
+license: MIT
+purpose: Check if a value is a plain object
+```
+
+## Why This Target
+
+This is a small third-party Node package with a clear public API, local tests, and a permissive license. It is useful as a first real external case study because the expected blast radius is small and the test command is explicit.
+
+This case study does not create an upstream PR. It proves that NEKOWORK can run against a real external codebase, record session evidence, and refuse ship readiness when strict quality evidence is incomplete.
+
+## Commands Run
+
+From a temporary clone of the target:
+
+```bash
+git clone --depth=1 https://github.com/sindresorhus/is-plain-obj.git <target>
+cd <target>
+npm install
+npm test
+```
+
+From the NEKOWORK checkout:
+
+```bash
+node scripts/cli.js doctor --quick --project-root <target> --json
+node scripts/portability/simulate-port.js <target> --profile developer --json
+node scripts/cli.js ask "assess is-plain-obj plain object boundary coverage" --profile quality --session nekowork-is-plain-obj-case --project-root <target> --json
+node scripts/cli.js run "assess is-plain-obj plain object boundary coverage" --profile quality --strict-quality --session nekowork-is-plain-obj-case --project-root <target> --json
+node scripts/cli.js gate status --session nekowork-is-plain-obj-case --project-root <target> --json
+```
+
+## Target Test Result
+
+```text
+npm install
+-> found 0 vulnerabilities
+
+npm test
+-> xo && ava && tsd
+-> 1 test passed
+```
+
+## NEKOWORK Result
+
+Doctor:
+
+```text
+summary: WARN
+pass: 6
+warn: 1
+fail: 0
+warning: Gemini CLI auth was not checked non-interactively
+```
+
+Portability preflight:
+
+```text
+strategy: submodule
+conflicts: none
+profile: developer
+component_count: 43
+```
+
+Run summary:
+
+```json
+{
+  "sessionId": "nekowork-is-plain-obj-case",
+  "profile": "quality",
+  "strict_quality": true,
+  "strict_quality_blocked": true,
+  "verify_verdict": "approve_with_fixes",
+  "ship_ready": false,
+  "no_ship": true,
+  "human_gate": false,
+  "apply_requested": false,
+  "applied": false,
+  "target_project_mutated": false
+}
+```
+
+Verify summary:
+
+```text
+quality_warnings:
+- AC-001 lacks explicit verification evidence
+- AC-002 lacks explicit verification evidence
+- AC-003 lacks explicit verification evidence
+
+acceptance_coverage:
+- AC-001: missing
+- AC-002: missing
+- AC-003: missing
+```
+
+Gate status:
+
+```text
+status: clear
+humanGate: false
+```
+
+Git status in the target after the run:
+
+```text
+?? .harness/
+```
+
+Only NEKOWORK session evidence was written. No package source files were modified and no apply step was requested.
+
+## Interpretation
+
+This is the expected safe result for a strict-quality external run using mock providers:
+
+- The target project's own tests passed.
+- NEKOWORK created inspectable evidence under `.harness/state/sessions/`.
+- `strict-quality` refused ship readiness because acceptance evidence was not explicit enough.
+- Human Gate was not required because the task was low risk.
+- No target project source mutation, PR, publish, deploy, or apply occurred.
+
+The value of this case study is not that NEKOWORK changed the package. The value is that NEKOWORK treated a real third-party project as a controlled target and produced a no-ship decision when quality evidence was incomplete.

package/docs/dev-log/2026-04-29-p1-recovery.md

@@ -0,0 +1,142 @@
+# Dev-log — 2026-04-29 P1 회수 세션
+
+> Week 1~4 마감 후 AUDIT 의 P1 항목 + 일부 P2 를 한 세션 (4 시간) 안에 회수.
+> 본 문서는 사후 기록. 의사결정·발견된 이슈·다음 후속을 정리한다.
+
+## 1. 진입 상황
+
+`docs/AUDIT.md` (2026-04-29 작성 시점) 기준 부채:
+
+- 빈 디렉터리 6개: `docs/CODEMAPS/`, `rules/{common,typescript,python}/`, `tests/{integration,e2e}/`
+- 미구현 스크립트 9개: `validate-{agents,skills,hooks,manifests}.js`, `build-{cursor,gemini,opencode}.js`, `sync-claude-md.js`, `repair.js`
+- stub 메시지 흔적: `cli.js` / `mcp-server.js` / `pre-bash-dispatcher.js` / `daemon/wait.js` / `orchestrators/ralph.js` / `ci/catalog.js` 의 "Day N" 잔존
+- `install-apply` 의 `source_sha256: "0".repeat(64)` placeholder
+- ARCHITECTURE.md 가 stub (50줄, 18절 매핑만)
+
+## 2. 처리 순서 (실행 순)
+
+| # | 항목 | 산출 | 시간(추정) |
+|---|---|---|---|
+| 1 | `scripts/sync-claude-md.js` | 마커 자동 갱신 + version 주입 + dry-run/check | 30분 |
+| 2 | `scripts/repair.js` | install-state sha256 비교 + 변경분 재빌드 | 30분 |
+| 3 | `scripts/build-{cursor,gemini,opencode}.js` | 3 빌더, 각 80~150줄 | 60분 |
+| 4 | `scripts/ci/validate-{agents,skills,hooks,manifests}.js` | ajv + frontmatter + 그래프 무결성 | 30분 |
+| 5 | `rules/{common,typescript,python}/` 콘텐츠 | 8 파일 (common 3 + ts 3 + py 2) | 60분 |
+| 6 | `docs/ARCHITECTURE.md` 18절 본문 | 528줄, ASCII 다이어그램 + 8계층 + 라우팅 + Codex Loop + 12-item Bar | 60~90분 |
+| 7 | stub 메시지 정리 | 6 파일에서 "Day N" 흔적 제거. `package.json` lint/test 실 매핑 | 10분 |
+| 8 | `install-apply` sha256 실값화 | `sha256OfDir` + `sha256OfCatalog` 추가 | 20분 |
+| 9 | `scripts/build-codemaps.js` (보너스) | 디렉터리 트리 + export 추출. 9 영역 자동 산출 | 60분 |
+| 10 | `tests/integration/build-pipeline.test.js` | 격리 sandbox + 풀체인 10 케이스 | 60분 |
+| 11 | `tests/e2e/review-cycle.test.js` | demo-review 시뮬 7 케이스 + CLI 검증 | 60~90분 |
+| 12 | AUDIT 갱신 + dev-log 추가 | 본 문서 + AUDIT §1~5, §7, §8 갱신 | 30분 |
+
+## 3. 이번 세션의 의사결정
+
+### 3.1 "## 자동 갱신 영역" 헤딩과 마커 위치
+
+처음 sync-claude-md 실행 시 기존 CLAUDE.md 의 `## 빌드 후 확인` 블록이 마커 바깥(원본 상태)에 있던 것을 인지 못 하고 자동 영역에도 똑같이 생성 → 중복.
+
+**결정**: 자동 영역에서 `## 빌드 후 확인` 빼고, 사용자 작성 영역으로 유지. 사유: 빌드 후 확인 명령은 카탈로그가 바뀌어도 안 바뀌는 정적 가이드. 자동 갱신 대상 아님.
+
+### 3.2 install-apply 의 5 빌더 일괄 실행
+
+기존 `install-apply.js` 는 `['claude', 'codex']` 하드코딩. 새 빌더 3개를 추가했지만 install 흐름이 안 잡으면 의미 없음.
+
+**결정**: `agent.yaml.harnesses[].name` 을 그대로 사용. 매니페스트 단일 진실 원본 원칙과 일치.
+
+### 3.3 sha256 의 의미 분리
+
+스키마는 `source_sha256` 과 `targets[].sha256` 둘 다 정의. 둘의 의미가 다름.
+
+**결정**:
+- `source_sha256` = 카탈로그 입력 전체의 단일 해시 (`agent.yaml + agents/ + skills/ + commands/ + hooks/ + manifests/`). 모든 빌더에 동일.
+- `targets[].sha256` = 출력 디렉터리 (`.claude/`, `.codex/`, ...) 의 해시. 빌더별로 다름.
+
+repair 는 `targets[].sha256` 만 비교 (출력 변조 / 누락 검출).
+
+### 3.4 e2e 테스트의 "auth 자동 활성"
+
+`demo-review.js` 는 `isAuthChange = true` 하드코딩. 따라서 항상 codex-challenge 활성.
+
+**결정**: 회귀 안전성을 위해 본 동작을 명시 검증하는 케이스를 추가. 사양 변경(`isAuthChange` 가 진짜 path 검사로 바뀌면) 시 본 테스트가 알람.
+
+### 3.5 codemaps 의 보너스 추가
+
+원래 P2 였지만 build-codemaps 가 build-{claude,codex,...} 패턴과 동질 → 같은 세션 안에 끼워 넣음. 별도 npm 스크립트 (`npm run build:codemaps`) 만 추가, install 흐름엔 안 묶음 (선택적).
+
+## 4. 발견된 마찰
+
+| 마찰 | 회수 방안 |
+|---|---|
+| sandbox 카피 시 `node_modules` symlink 권한 부족 가능 (Windows) | 폴백으로 cp. 첫 실행 느림 (~5초) — 수용. |
+| `node --test tests/unit/` 디렉터리 호출 | 글로브 명시 (`tests/unit/*.test.js`) 로 우회. `npm test` 가 표준 진입점이 됨. |
+| `read-only` 가 sandbox 영역인지 헷갈림 | agent frontmatter 의 `sandbox: read-only` 와 OS sandbox 는 별개. CLAUDE.md 에 주석 추가 필요 (다음 세션). |
+
+## 5. 검증
+
+```
+node --test tests/unit/*.test.js tests/integration/*.test.js tests/e2e/*.test.js
+  → 73/73 PASS, duration ~3.4 s
+
+npm run lint
+  → catalog + validate:all 모두 통과 (경고 4건은 사실, 오류 0)
+
+node scripts/repair.js --check
+  → 모든 하네스 정합
+
+node scripts/sync-claude-md.js --check
+  → CLAUDE.md 자동 영역 동기화 OK
+
+node scripts/build-codemaps.js --check
+  → 모든 codemap 최신 상태
+```
+
+## 6. 다음 세션 진입 후보
+
+`docs/AUDIT.md §5` 갱신본 참조. 요약:
+
+- **P0** (사용자 동의 필요): Anthropic SDK live 1회, GitHub push, 사내 PoC 결합.
+- **P2** (외부 의존): Rust 컴파일, Codex/Gemini CLI live 검증, GitHub Actions 실 동작.
+- **P3** (사내 임팩트): 사용자 명시 사내 프로젝트에 풀 결합.
+
+## 7. 산출 파일 목록
+
+```
+신규
+  scripts/sync-claude-md.js
+  scripts/repair.js
+  scripts/build-cursor.js
+  scripts/build-gemini.js
+  scripts/build-opencode.js
+  scripts/build-codemaps.js
+  scripts/ci/validate-agents.js
+  scripts/ci/validate-skills.js
+  scripts/ci/validate-hooks.js
+  scripts/ci/validate-manifests.js
+  rules/common/coding-style.md
+  rules/common/testing.md
+  rules/common/security.md
+  rules/typescript/coding-style.md
+  rules/typescript/testing.md
+  rules/typescript/security.md
+  rules/python/coding-style.md
+  rules/python/testing.md
+  tests/integration/build-pipeline.test.js
+  tests/e2e/review-cycle.test.js
+  docs/CODEMAPS/{README,scripts,agents,skills,hooks,manifests,schemas,bridge,rules,tests}.md
+  docs/dev-log/2026-04-29-p1-recovery.md  ← 본 문서
+
+수정
+  scripts/install-apply.js  (5 빌더 + sha256 실값)
+  scripts/cli.js  (Day N 메시지 정리)
+  scripts/ci/catalog.js  (Day 2/3 흔적)
+  scripts/daemon/wait.js  (Day 8/9 흔적)
+  scripts/orchestrators/ralph.js  (Day 9 흔적)
+  bridge/mcp-server.js  (Day 4/5 흔적)
+  hooks/scripts/pre-bash-dispatcher.js  (Day 3/5 흔적)
+  package.json  (lint/test 실 매핑 + test:* 분리 + build:codemaps)
+  CLAUDE.md  (자동 영역 마커 정합 + 컨텐츠 갱신)
+  .claude/CLAUDE.md  (동일)
+  docs/ARCHITECTURE.md  (stub 50줄 → 풀 528줄)
+  docs/AUDIT.md  (P1 회수 반영)
+```

package/docs/dev-log/2026-04-29-week1-4.md

@@ -0,0 +1,81 @@
+# WORKING-CONTEXT
+
+> 현재 스프린트의 액티브 메모리. 스프린트가 끝나면 archive 또는 docs 로 옮긴다. CHANGELOG 가 아니라 working memory.
+> Last updated: 2026-04-29
+
+## Purpose
+
+차세대 통합 AI 개발 에이전트 하네스 HARNESS 의 부트스트랩. ECC + OMC + claude-led-codex-review 의 통합 설계를 코드로 옮긴다.
+
+## Current Truth
+
+- Day 1 진행 중. 위치: `D:\claude\harness\`.
+- 인접 사내 프로젝트는 다루지 않는다 (사용자 룰).
+- 기술 스택: Node 22 + TypeScript strict, 추후 Rust(runtime/) TUI.
+- 한국어 응답 강제. 사용자 글로벌 룰 우선.
+
+## Current Constraints
+
+- 4시간 풀 사이클로 Day 1 완료 목표.
+- MVP 카탈로그: 11 agents, 5 skills, 4 hooks, 6 modules.
+- 184 스킬 풀 카탈로그 채택 안 함 (progressive 확장).
+- tmux 기반 team 런타임은 Q2 (Windows 환경 마찰).
+
+## Active Queues
+
+### In Progress
+- Day 1: 골격 + 거버넌스 + 매니페스트 + 스키마 + plan stub.
+
+### Next
+- Day 2: agents/ 11 frontmatter, skills/claude-led-codex-review/SKILL.md, codex-reviewer 페르소나.
+- Day 3: hooks/hooks.json + 4훅 stub, scripts/build-claude.js.
+- Day 4: bridge/mcp-server.cjs 최소 4도구.
+- Day 5: gateguard-fact-force + quality-gate 실 구현.
+
+## Open PR Classification
+
+(없음 — Day 1)
+
+## Interfaces
+
+- CLI: `harness <verb> <args>`
+- MCP: `mcp__harness__<tool>` (단일 게이트웨이)
+- Hooks: PreToolUse / PostToolUse / PreCompact / Stop / UserPromptSubmit / SessionStart
+
+## Update Rule
+
+이 파일은 **현재 스프린트만** 디테일하게 유지한다. 끝난 작업은 `docs/CHANGELOG.md` 로 옮긴다. 1주 이상 갱신 안 되면 archive 후보.
+
+## Latest Execution Notes
+
+- 2026-04-29 **Week 1 풀 진행 완료**.
+  - Day 1: 골격 + 거버넌스 6 + agent.yaml + manifests + schemas 10 + install plan stub.
+  - Day 2: agents 11 + skills 5 + commands 1 (catalog warnings 0).
+  - Day 3: hooks 5 + build-claude (22 components) + build-codex (config.toml + TOML agents).
+  - Day 4: MCP gateway (4도구, smoke PASS) + install-apply 풀체인.
+  - Day 5: gateguard 실 (importer/exports 정적 추출 + 답변 강제), quality-gate 실 (tsc/ruff 차단), demo-review 7단계 풀사이클 검증.
+  - 통계: 66 파일, 6,765 LOC. 137 packages 의존성.
+- 2026-04-29 **Day 6 완료**.
+  - 4 provider runner (mock/claude/codex/gemini) + dispatch + 7단계 orchestrator + cli wiring.
+  - mock 디폴트 (API 키 / Codex CLI 미보유 환경에서도 동작), --live 옵션으로 실 호출.
+  - sensitive path 자동 감지 (auth/crypto/payment/jwt 등) → 단계 6 자동 활성.
+  - round 한도 + critical 발견 → HUMAN_GATE 자동.
+  - node --test 5/5 PASS. harness review CLI 데모 OK.
+- 2026-04-29 **Week 2 완료**.
+  - Day 7: lib/{severity,router,costs}.js + MCP 3 신규 도구 (severity_classify, route_decide, cost_record) + harness costs CLI + routing.jsonl 자동 적층.
+  - Day 8: skills/ralph/SKILL.md + scripts/orchestrators/ralph.js (PRD AC 누적 PASS) + scripts/daemon/wait.js (start/stop/status). 명시 옵트인만 (자동 키워드 활성 OFF).
+  - Day 9-10: .github/workflows/{harness-review,harness-validate}.yml + docs/PORTING.md (사내 PoC 이식 가이드).
+  - 단위 테스트 24/24 PASS. 83 파일. 풀체인 동작 (review / ralph / costs / sessions / wait).
+- 2026-04-29 **Week 3 완료 (Day 11~15)**.
+  - Day 11: instincts 시스템 (record/list/promote/prune) + orchestrator 자동 누적 + CLI + 11/11 테스트.
+  - Day 12: simulate-port.js + 5/5 테스트 (외부 디렉터리 인용 제거).
+  - Day 13: claude/codex extractJson + buildPrompt export + 12/12 테스트.
+  - Day 14-15: CHANGELOG Week 3, WORKING-CONTEXT 갱신, 최종 회귀.
+  - 누적: 4 커밋, ~92 파일, ~10,500 LOC, 단위 테스트 52/52 PASS.
+- 2026-04-29 **Week 4 완료 (Day 16~20)**.
+  - Day 16: instincts.ready() + CLI + 4 신규 단위 테스트 (15/15 PASS).
+  - Day 17-18: Rust runtime 골격 — Cargo.toml + 5 .rs 파일 (529 LOC, 컴파일은 rustup 설치 후).
+  - Day 19: 사용자 D 선택 — 외부 환경 변경 보류, AUDIT 집중.
+  - Day 20: docs/AUDIT.md — Week 1~4 통합 검토 (18절 매핑, 8계층 매핑, 빠진 항목 / 부채 / P0~P3 우선순위).
+  - 누적: 5 커밋 예정, ~100 파일, ~12,000 LOC, 단위 테스트 56/56 PASS.
+- **세션 종료**. 다음 세션 P0: 실 LLM 호출 / PoC 결합 / GitHub push (사용자 명시 동의 시).