@ps-neko/nekowork 0.1.0-alpha.10 → 0.1.0-alpha.12

package/AGENTS.md

@@ -28,7 +28,7 @@ fact_forcing: true|false  # PreToolUse 사실 조사 강제 여부
 - `commands/` 는 legacy slash-entry 호환 표면이다. 신규 추가 금지, 점진 마이그레이션.
 - `agents/` 는 페르소나 카탈로그다. 워크플로우는 `skills/` 에서 정의하고 에이전트는 `skills/` 가 호출한다.
 
-## 7단계 풀사이클 (claude-led-codex-review)
+## 7단계 풀사이클 (nekowork-full-cycle)
 
 | 단계 | 담당 | 입력 | 출력 |
 |---|---|---|---|

package/CLAUDE.md

@@ -8,13 +8,13 @@
 
 ## 자동 갱신 영역
 
-<!-- HARNESS:START version=0.1.0-alpha.10 -->
+<!-- HARNESS:START version=0.1.0-alpha.12 -->
 <!-- 이 영역은 scripts/sync-claude-md.js 가 자동 갱신한다. 직접 편집 금지. -->
 
 ## 카탈로그 요약
 
 - agents: 11
-- skills: 10
+- skills: 11
 - commands: 1 (legacy compat)
 - hooks: 5 (gateguard-fact-force, config-protection, quality-gate, pre-bash-dispatcher, persistent-mode)
 - packs: core, builder, productivity, team, debugging, maintenance, pr, catalog-plus, quality, security, frontend, testing, release, enterprise
@@ -93,7 +93,7 @@ nekowork costs --since=7d                   # 비용 추정
 
 ## 매직 키워드 → 스킬 (명시 옵트인만)
 
-자동 활성 키워드 감지는 **사용**하지 않는다. 사용자 룰("확인 후 실행") 우선. 모든 스킬은 슬래시 명령(`/claude-led-codex-review`) 또는 CLI(`nekowork review`) 로 명시 호출.
+자동 활성 키워드 감지는 **사용**하지 않는다. 사용자 룰("확인 후 실행") 우선. 모든 스킬은 슬래시 명령(`/nekowork-full-cycle`) 또는 CLI(`nekowork review`) 로 명시 호출.
 
 ## 핸드오프 5필드
 

package/README.ko.md

@@ -2,17 +2,17 @@
 
 [English](README.md) | [한국어](README.ko.md)
 
-AI 코드 변경을 위한 검증 기반 오토파일럿입니다.
+**AI 가 만든 코드, 검증 없이는 통과시키지 마세요.**
 
 [![validate](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml/badge.svg)](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml)
 
-AI가 만들고, Codex가 검증하고, 사람은 최종 적용 경계를 승인합니다.
-
-NEKOWORK는 AI가 계획, 수정, 검증, 제한된 재수정, 리포트 생성을 수행하도록 돕습니다. 하지만 최종 `apply`는 항상 사람이 명시적으로 실행해야 합니다.
+NEKOWORK 는 AI 가 생성한 코드를 위한 로컬 검증 게이트입니다. diff 를 분석하고, 결정적 위험 룰을 실행하고, 증거를 수집한 뒤, 머지 / 적용 가능 여부를 판정합니다 — auto-commit / auto-push 없이, LLM 판정에 의존하지 않고.
 
 > 이 문서는 한국어 요약본입니다. 전체 상세 설명과 모든 고급 옵션은 [English README](README.md)를 참고하세요.
 
-여기서 "검증됨"은 정답을 수학적으로 보증한다는 뜻이 아닙니다. 독립 리뷰, 테스트 evidence, 위험 정책, Human Gate, 명시적 apply 경계를 기록했다는 뜻입니다.
+여기서 "검증됨"은 정답을 수학적으로 보증한다는 뜻이 아닙니다. verdict 는 결정적 룰과 검증 결과만 결정합니다. 선택적 Codex 리뷰는 advisor 노트로만 기록되며 verdict 에 영향을 주지 않습니다.
+
+> 1.0 scope 와 로드맵: [docs/SCOPE-1.0.md](docs/SCOPE-1.0.md). 장기 비전 (검증 우선 AI 개발 공장): [docs/VISION.md](docs/VISION.md).
 
 ## 용어
 
@@ -25,12 +25,13 @@ NEKOWORK는 AI가 계획, 수정, 검증, 제한된 재수정, 리포트 생성
 ## 핵심 원칙
 
 ```text
-NEKOWORK = 검증 기반 오토파일럿 -> Codex 검증 -> Human Gate -> 명시적 apply
+NEKOWORK = diff -> 결정적 위험 룰 -> 검증 명령 -> 증거 -> 결정적 verdict -> REPORT -> Human Gate -> 명시적 apply
 ```
 
 ```text
-apply 전까지는 자율적으로.
-ship 전에는 독립 검증.
+증거 없으면 통과 없음.
+LLM 의견은 verdict 아님.
+테스트 없으면 PASS 아님 (INSUFFICIENT_EVIDENCE).
 경계에서는 사람이 통제.
 ```
 
@@ -50,42 +51,41 @@ NEKOWORK는 기본 흐름을 mock provider 모드로 확인할 수 있습니다.
 
 ## 30초 실행
 
-현재 npm alpha를 바로 실행할 수 있습니다.
+요구사항: Node.js 22+, npm, git. commit 이 하나 이상 있는 git repo.
 
 ```bash
 npx -y @ps-neko/nekowork@alpha check
-npx -y @ps-neko/nekowork@alpha start "fix failing tests safely" --session first-start
-npx -y @ps-neko/nekowork@alpha report --session latest
+npx -y @ps-neko/nekowork@alpha verify-pr
+cat REPORT.md
+cat .nekowork/decision.json
 ```
 
-먼저 실행 경로만 보고 싶다면:
+`check` 가 환경을 진단합니다. `verify-pr` 가 현재 working tree diff 를 결정적 위험 룰로 스캔하고, `.nekowork/evidence/` 에 증거를 남기고, 머지/적용 가능 여부를 판정합니다. 프로젝트 루트에 `REPORT.md` 와 `.nekowork/decision.json` 을 작성합니다.
 
-```bash
-npx -y @ps-neko/nekowork@alpha start "fix failing tests safely" --dry-run
-npx -y @ps-neko/nekowork@alpha auto "refactor this safely" --parallel-candidates 2 --dry-run
-```
+> **재현성 메모:** `npx @ps-neko/nekowork@alpha` 는 가장 최근 publish 된 alpha 로 resolve 됩니다. publish 된 alpha 는 `main` 보다 뒤일 수 있습니다. 재현 가능한 동작을 원하면 정확한 버전 (예: `@ps-neko/nekowork@0.1.0-alpha.11`) 을 핀하세요.
+
+Compatibility / legacy 명령 (`cockpit`, `start`, `ask`, `plan`, `team`, `work`, `verify`, `gate`, `ship`, `run`, `build`, `auto`, `pr-prep`, `report --session`, `apply --session`, `review`) 은 [docs/ADVANCED.md](docs/ADVANCED.md) 에 있습니다. 2.0 에서 제거 예정 ([docs/SCOPE-1.0.md](docs/SCOPE-1.0.md) Phased Cut).
 
 ## 한 명령. 하나의 차단된 위험.
 
+AI 가 작성한 변경에 `process.env.X || "fallback"` 이 들어가면:
+
 ```bash
-npx -y @ps-neko/nekowork@alpha auto "add OPENAI_API_KEY fallback for Codex auth"
+npx -y @ps-neko/nekowork@alpha verify-pr
 ```
 
-예시 출력:
+전형적 BLOCK 출력:
 
 ```text
-Risk: provider-auth / long-lived-secret
-Codex verdict: request_changes
-Human Gate: required
-Ship ready: false
-Applied: false
-
-Blocked because NEKOWORK defaults to delegated CLI auth and rejects long-lived provider API key paths unless the human explicitly opts in.
+=== verify-pr ===
+  verdict        : BLOCK
+  reason         : Hardcoded secret fallback detected (src/auth.ts:42)
+  merge_allowed  : false
+  apply_allowed  : false
+  risk_level     : CRITICAL
 ```
 
-설명: NEKOWORK는 delegated CLI auth를 기본값으로 두고, 장기 provider API key 경로는 사람이 명시적으로 선택하지 않는 한 거부합니다.
-
-이것이 NEKOWORK의 핵심입니다. 오토파일럿은 경계 전까지 계속 일할 수 있지만, 위험한 ship/apply 결정은 evidence와 사람의 승인 아래에 둡니다.
+NEKOWORK 의 핵심: AI 는 변경을 만들 수 있지만, 위험한 ship/apply 결정은 결정적 룰과 사람 승인 아래에 둡니다. LLM verdict 는 게이트를 통과할 수 없습니다.
 
 ## 왜 필요한가
 
@@ -189,10 +189,10 @@ NEKOWORK는 하나의 거대한 agent 묶음이 아니라, 일을 나누고 검
 ## 현재 alpha 상태
 
 - Package: `@ps-neko/nekowork`
-- Current alpha: `0.1.0-alpha.10` candidate
+- Current alpha: `0.1.0-alpha.11` (npm `@alpha` published 2026-05-16)
 - CLI: `nekowork`
 - Legacy/internal alias: `harness`
-- Tests: 359 pass
+- Tests: 501 pass
 - npm audit: 0 moderate+ issues
 - Fresh `npx @alpha` smoke: pass
 

package/README.md

@@ -2,15 +2,23 @@
 
 [English](README.md) | [한국어](README.ko.md)
 
-Verifies AI-made code changes before you apply them.
+**Don't merge AI code without verification.**
 
 [![validate](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml/badge.svg)](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml)
 
-Bring your coding agent. NEKOWORK proves the change before apply.
+<p align="center">
+  <a href="https://ps-neko.github.io/NEKOWORK/?fixture=sample-pr-001">
+    <img src="docs/assets/hero.gif" alt="NEKOWORK Verification Factory — Claude advisor 가 LGTM 한 코드를 NEKOWORK 결정적 규칙이 BLOCK 하는 12-station 시연" width="800" />
+  </a>
+  <br/>
+  <em>Claude said LGTM. NEKOWORK blocked.</em> &nbsp;·&nbsp; <a href="https://ps-neko.github.io/NEKOWORK/?fixture=sample-pr-001"><strong>Live demo →</strong></a>
+</p>
 
-NEKOWORK is a local safety gate for AI coding tools. It checks the diff, records evidence, requires a Human Gate for risky work, and only applies a verified change when you explicitly ask it to.
+NEKOWORK is a local verification gate for AI-generated code. It analyzes the diff, runs deterministic risk rules, collects evidence, and decides whether the change is safe to merge or apply — without auto-committing, auto-pushing, or trusting LLM verdicts.
 
-Note: "Verified" means independently reviewed with recorded evidence, not mathematically proven correctness. NEKOWORK combines Codex review, test evidence, risk policy, Human Gate, and explicit apply boundaries.
+Note: "Verified" means independently reviewed with recorded evidence — not mathematically proven correct. The verdict is decided by deterministic rules and check results. Optional Codex review is recorded as an advisor note only and never controls the verdict.
+
+> 1.0 scope and roadmap: [docs/SCOPE-1.0.md](docs/SCOPE-1.0.md). Long-term vision (Verification-first AI development factory): [docs/VISION.md](docs/VISION.md).
 
 Note: "ship" in NEKOWORK is a **readiness decision** (`SHIP_READY` or `NO_SHIP`), not a deployment. The `ship` step decides whether `apply` is allowed; it never commits, pushes, deploys, or publishes by itself.
 
@@ -18,79 +26,85 @@ Default path:
 
 ```bash
 npx -y @ps-neko/nekowork@alpha check
-npx -y @ps-neko/nekowork@alpha start "fix failing tests safely" --session first-start
-npx -y @ps-neko/nekowork@alpha report --session latest
+npx -y @ps-neko/nekowork@alpha verify-pr
+cat REPORT.md
+cat .nekowork/decision.json
 ```
 
-Every real `start` run puts the decision first:
+Every real `verify-pr` run puts the verdict first:
 
 ```text
-Verdict: BLOCKED
-Reason: preverify requires Human Gate for secret env fallback
-Human Gate: required
-Ship ready: false
-Apply allowed: false
+=== verify-pr ===
+  verdict        : BLOCK
+  reason         : Hardcoded secret fallback detected (src/auth.ts:42)
+  merge_allowed  : false
+  apply_allowed  : false
+  risk_level     : CRITICAL
 ```
 
-The machine-readable companion `decision.json` is shown in [Example Report](#example-report).
+The machine-readable companion `decision.json` and the full report are in [Example Report](#example-report).
 
 The evidence chain is intentionally narrow:
 
 ```text
-diff -> deterministic risk scan -> Codex verification -> decision.json -> REPORT.md -> Human Gate -> explicit apply
+diff -> deterministic risk rules -> available checks (detected, executed in a later alpha) -> evidence package -> deterministic decision -> REPORT.md -> Human Gate -> explicit apply
 ```
 
-No auto-commit. No auto-push. No surprise deploy. `apply` is explicit and requires verified ship-ready evidence.
+No auto-commit. No auto-push. No surprise deploy. `apply` is explicit; it requires a `decision.json` whose `apply_allowed` is `true`.
 
-Use `start` first. It is the safe beginner entrypoint and prints the final decision before detailed build output. Advanced controls are documented later.
+Bring your AI tool (Cursor / Claude Code / Codex). NEKOWORK starts after the diff is on disk. Advanced and legacy commands are documented in [docs/ADVANCED.md](docs/ADVANCED.md) and gated under Phased Cut (see [docs/SCOPE-1.0.md](docs/SCOPE-1.0.md)).
 
-**Public alpha evidence:** 359 tests / 0 moderate+ npm audit issues / fresh `npx @alpha` smoke / 10 case-study flows / 5 starter packs · [CI badge](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml) · [npm package](https://www.npmjs.com/package/@ps-neko/nekowork) · [terminal transcript](docs/DEMO.md#one-minute-terminal-transcript) · [full report example](docs/DEMO-REPORT.md) · [external run kit](docs/EXTERNAL-RUN.md) · [alpha feedback](https://github.com/Ps-Neko/NEKOWORK/issues/new?template=alpha-feedback.yml) · [roadmap](docs/ROADMAP.md)
+**Public alpha evidence:** 401 tests / 0 moderate+ npm audit issues / fresh `npx @alpha` smoke / 10 case-study flows / 5 starter packs · [CI badge](https://github.com/Ps-Neko/NEKOWORK/actions/workflows/harness-validate.yml) · [npm package](https://www.npmjs.com/package/@ps-neko/nekowork) · [terminal transcript](docs/DEMO.md#one-minute-terminal-transcript) · [full report example](docs/DEMO-REPORT.md) · [external run kit](docs/EXTERNAL-RUN.md) · [alpha feedback](https://github.com/Ps-Neko/NEKOWORK/issues/new?template=alpha-feedback.yml) · [roadmap](docs/ROADMAP.md)
 
 ![NEKOWORK one-minute terminal demo](docs/assets/demo-terminal.svg)
 
 ## One Command. One Blocked Risk.
 
+After your AI tool (Cursor / Claude Code / Codex) writes a `process.env.X || "fallback"` into your auth code, run:
+
 ```bash
-npx -y @ps-neko/nekowork@alpha start "add OPENAI_API_KEY fallback for Codex auth"
+npx -y @ps-neko/nekowork@alpha verify-pr
 ```
 
-Typical blocked-risk evidence:
+Typical blocked-risk output:
 
 ```text
-Verdict: BLOCKED
-Reason: preverify requires Human Gate for secret env fallback
-Human Gate: required
-Ship ready: false
-Apply allowed: false
-
-Blocked because NEKOWORK defaults to delegated CLI auth and rejects long-lived provider API key paths unless the human explicitly opts in.
+=== verify-pr ===
+  verdict        : BLOCK
+  reason         : Hardcoded secret fallback detected (src/auth.ts:42)
+  risk_level     : CRITICAL
+  merge_allowed  : false
+  apply_allowed  : false
+  findings       : critical=1 high=0 medium=0 low=0
+  top findings:
+    - [CRITICAL] Hardcoded secret fallback detected (src/auth.ts:42)
 ```
 
-That is the thesis: the coding agent can produce the change, but risky ship/apply decisions stay evidence-backed and human-controlled.
+That is the thesis: AI can write the change, but `verify-pr` runs deterministic rules over the diff and refuses to let unverified changes merge or apply.
 
 ## 30-Second First Run
 
-Requirements: Node.js 22+, npm, and git.
+Requirements: Node.js 22+, npm, and git. A git repo with at least one commit.
 
 ```bash
 npx -y @ps-neko/nekowork@alpha check
-npx -y @ps-neko/nekowork@alpha start "fix failing tests safely" --session first-start
-npx -y @ps-neko/nekowork@alpha report --session latest
+npx -y @ps-neko/nekowork@alpha verify-pr
+cat REPORT.md
+cat .nekowork/decision.json
 ```
 
-Start with `start` when you want the simplest safe entrypoint. It is the only command a new user needs before reading the report.
+`check` confirms the environment is ready. `verify-pr` scans the current working tree diff with deterministic risk rules, writes evidence to `.nekowork/evidence/`, and decides whether the change is safe to merge or apply. It writes `REPORT.md` at the project root and `.nekowork/decision.json`.
 
 Source checkout for local development:
 
 ```bash
 node scripts/cli.js check
-node scripts/cli.js start "implement this safely" --session first-start
-node scripts/cli.js report --session latest
+node scripts/cli.js verify-pr
 ```
 
-> **Reproducibility note:** `npx @ps-neko/nekowork@alpha` runs the **published** `0.1.0-alpha.9`. The repository on `main` is the `0.1.0-alpha.10` candidate. If a feature described below was added between those tags, use the source-checkout path above until alpha.10 is published.
+> **Reproducibility note:** `npx @ps-neko/nekowork@alpha` resolves to the most recently published alpha. The published alpha may lag behind `main`. Pin an exact version (e.g. `@ps-neko/nekowork@0.1.0-alpha.11`) for reproducible behavior.
 
-The simple path maps to the evidence loop: `check = doctor --quick`, `start = build`, `report = readable evidence`, and `apply = explicit verified diff application`. See [docs/QUICKSTART.md](docs/QUICKSTART.md) for the longer first-run guide.
+Compatibility / legacy commands (`cockpit`, `start`, `ask`, `plan`, `team`, `work`, `verify`, `gate`, `ship`, `run`, `build`, `auto`, `pr-prep`, `report --session`, `apply --session`, `review`) are documented in [docs/ADVANCED.md](docs/ADVANCED.md). They are scheduled for deprecation in 2.0 per [SCOPE-1.0.md](docs/SCOPE-1.0.md).
 
 ## Works With Your Existing AI Workflow
 
@@ -139,28 +153,35 @@ See the full report contract and example artifact in [docs/DEMO-REPORT.md](docs/
 
 ## Main Surface
 
-The user-facing CLI is intentionally small. Three layers:
-
-**Beginner — start here:**
+**1.0 front surface — start here:**
 
 - `check` — local readiness probe
-- `start` — safe beginner entrypoint, prints verdict first
-- `report` — readable evidence into `REPORT.md`
-- `apply` — explicit verified diff application (refuses without `SHIP_READY` and clear gate)
+- `verify-pr` — verify a diff / PR against deterministic risk rules; writes `REPORT.md` and `.nekowork/decision.json`
+- `verify-pr --comment-file <path>` — emit GitHub PR comment markdown for CI integration
+- `verify-pr --ci-exit-soft` — treat `NEEDS_HUMAN_REVIEW` / `INSUFFICIENT_EVIDENCE` as exit 0 (label-driven CI)
+
+The CI exit code matrix is fixed:
+
+```text
+ALLOW                  = 0
+ALLOW_WITH_WARNINGS    = 0
+NEEDS_HUMAN_REVIEW     = 1
+INSUFFICIENT_EVIDENCE  = 1
+BLOCK                  = 2
+```
 
-**Advanced — phase control:**
+GitHub Actions example: [docs/examples/github-actions-verify-pr.yml](docs/examples/github-actions-verify-pr.yml).
 
-- `ask` / `plan` / `team` / `work` — decomposed authoring with single-executor writes
-- `verify` / `gate` / `ship` — Codex verification, Human Gate, ship-readiness handoff
-- `build` / `auto` / `run` — wrappers over the safety gate; `auto` and `build` never accept `--apply`
-- `pr-prep` — review-ready local artifacts without branch, commit, push, or PR
+**Compatibility / labs — scheduled for deprecation in 2.0:**
 
-**Legacy — compatibility:**
+- Session-based gate: `start` / `report --session` / `apply --session` / `gate status` / `ship --session`
+- Decomposed authoring: `ask` / `plan` / `team` / `work` / `verify` / `pr-prep`
+- Wrappers: `build` / `auto` / `run`
+- Legacy alias: `review` / `review-cycle` / `harness` binary
 
-- `review` / `review-cycle` — older full Claude-led / Codex-reviewed workflow
-- `harness` binary — legacy alias for `nekowork`
+These commands are functional in alpha and documented in [docs/ADVANCED.md](docs/ADVANCED.md). They will get `[deprecated]` labels in 0.3.x and be removed in 2.0 per [docs/SCOPE-1.0.md](docs/SCOPE-1.0.md). Pure 1.0 users should not need them.
 
-Full stage contract: [docs/CLI-STAGES.md](docs/CLI-STAGES.md). Build modes and routing: [docs/BUILD.md](docs/BUILD.md). Bounded autonomy and the apply boundary: [docs/AUTONOMY.md](docs/AUTONOMY.md). Advanced runtime (`ralph`, `wait`, instincts, cost tracking, Rust supervisor): [docs/ADVANCED.md](docs/ADVANCED.md).
+Stage contract for legacy commands: [docs/CLI-STAGES.md](docs/CLI-STAGES.md). Build modes: [docs/BUILD.md](docs/BUILD.md). Bounded autonomy: [docs/AUTONOMY.md](docs/AUTONOMY.md). Advanced runtime (`ralph`, `wait`, instincts, cost tracking, Rust supervisor): [docs/ADVANCED.md](docs/ADVANCED.md).
 
 ## Starter Packs
 
@@ -186,9 +207,9 @@ For comparison and positioning: [docs/WHY-NEKOWORK.md](docs/WHY-NEKOWORK.md).
 
 ## Status
 
-Current repository version: `0.1.0-alpha.10` alpha candidate · Current npm alpha: `@ps-neko/nekowork@0.1.0-alpha.9` (alpha.10 is repository candidate; npm `@alpha` remains 0.1.0-alpha.9 until publish). Package: `@ps-neko/nekowork`. CLI: `nekowork` (`harness` is a legacy alias). Default: mock providers, no API keys.
+Current repository version: `0.1.0-alpha.12` · Current npm alpha: `@ps-neko/nekowork@0.1.0-alpha.11` (published 2026-05-16, `@alpha` dist-tag). Package: `@ps-neko/nekowork`. CLI: `nekowork` (`harness` is a legacy alias). Default: mock providers, no API keys.
 
-Verification: `npm run lint` pass · `npm test` 359 pass · `npm audit --audit-level=moderate` 0 vulns · `npm pack --dry-run --json` pass · `npx -y @ps-neko/nekowork@alpha check` pass with warnings only.
+Verification: `npm run lint` pass · `npm test` 501 tests pass · `npm audit --audit-level=moderate` 0 vulns · `npm pack --dry-run --json` pass · `npx -y @ps-neko/nekowork@alpha check` pass with warnings only.
 
 Live provider auth delegates to local CLI sessions (`claude auth status`, `codex login`, `gemini`); long-lived API key env vars (`ANTHROPIC_API_KEY`, `OPENAI_API_KEY`, `GEMINI_API_KEY`, `GOOGLE_API_KEY`) are blocked unless `HARNESS_AUTH_ALLOW_ENV_OVERRIDE=1`. See [docs/SETUP.md](docs/SETUP.md).
 
@@ -196,7 +217,8 @@ Live provider auth delegates to local CLI sessions (`claude auth status`, `codex
 
 - **Core:** [QUICKSTART](docs/QUICKSTART.md) · [CLI-STAGES](docs/CLI-STAGES.md) · [INTEGRATION](docs/INTEGRATION.md) · [UPSTREAM-RECIPES](docs/UPSTREAM-RECIPES.md) · [BUILD](docs/BUILD.md) · [AUTONOMY](docs/AUTONOMY.md) · [SAFETY-GUARANTEES](docs/SAFETY-GUARANTEES.md) · [FAILURE-MODES](docs/FAILURE-MODES.md)
 - **Demos & evidence:** [DEMO](docs/DEMO.md) · [DEMO-REPORT](docs/DEMO-REPORT.md) · [EXTERNAL-RUN](docs/EXTERNAL-RUN.md) · [case-studies](docs/case-studies)
-- **Reference:** [ADVANCED](docs/ADVANCED.md) · [CATALOG-PACKS](docs/CATALOG-PACKS.md) · [PORTING](docs/PORTING.md) · [PR-PREP](docs/PR-PREP.md) · [RELEASE-READINESS](docs/RELEASE-READINESS.md) · [ARCHITECTURE](docs/ARCHITECTURE.md) · [PRODUCT-PRINCIPLES](docs/PRODUCT-PRINCIPLES.md) · [ROADMAP](docs/ROADMAP.md)
+- **1.0 direction:** [SCOPE-1.0.md](docs/SCOPE-1.0.md) — scope, risk rules, decision policy, fixture sourcing · [VISION.md](docs/VISION.md) — long-term verification-first OS vision
+- **Reference:** [GUIDED-MODE](docs/GUIDED-MODE.md) · [ADVANCED](docs/ADVANCED.md) · [CATALOG-PACKS](docs/CATALOG-PACKS.md) · [PORTING](docs/PORTING.md) · [PR-PREP](docs/PR-PREP.md) · [RELEASE-READINESS](docs/RELEASE-READINESS.md) · [ARCHITECTURE](docs/ARCHITECTURE.md) · [PRODUCT-PRINCIPLES](docs/PRODUCT-PRINCIPLES.md) · [ROADMAP](docs/ROADMAP.md)
 - **Project rules:** [SOUL.md](SOUL.md) · [RULES.md](RULES.md) · [AGENTS.md](AGENTS.md)
 
 ## License

package/WORKING-CONTEXT.md

@@ -10,7 +10,7 @@
 ## Current Truth
 
 - 위치: `C:/Users/Mun/harness/` · 브랜치: `main`
-- 버전: `0.1.0-alpha.10` (repo candidate, npm alpha = 0.1.0-alpha.9)
+- 버전: `0.1.0-alpha.12` (repo; npm alpha 는 `0.1.0-alpha.11` published 2026-05-16, alpha.12 publish 진행 중)
 - 카탈로그: 11 agents · 5 skills (+1 ralph) · 5 hooks · 6 modules · 5 profiles
 - 5 빌더 모두 동작 (claude / codex / cursor / gemini / opencode) + codemaps
 - `npm test`, `npm run lint`, `npm audit --audit-level=moderate`, provider live smoke, Rust release build 검증 경로 유지
@@ -26,14 +26,21 @@
 ## Active Queues
 
 ### In Progress
-- 2.5시간 잡티 제거 배치 (CHANGELOG / WORKING-CONTEXT / Validator 경고 / RUNBOOK·PORTING / Security Bar)
+- 외부 알파 5명 모집 + 7일 피드백 수집 (POST-RELEASE-CHECKLIST §4-§5, **사용자 수동 social work**)
 
 ### Next
-- AUDIT 잔존: npm publish 결정, 사내 PoC 결합, OIDC/dead-man/supply-chain 심화
+- 1.0 게이트 5조건 점검 (SCOPE-1.0 §13.2): recall ≥ 0.90, FP ≤ 0.10 (real-world corpus), 외부 알파 3/5 "다시 쓰겠다", CRITICAL 미탐 0, 치명적 오탐 0
+- real-world fixture 추가 후 `npm run bench:rules` 재측정
+- 코드 품질 핫스팟 3건 (cli.js 분해 / orchestrator 보일러플레이트 추출 / 미사용 export) — **publish 게이트 통과 이후**
+
+### 절대 금지 (현 단계)
+- 코드 추가 (외부 피드백 없이 추측으로 룰 늘리기 금지)
+- scope 확장 (verify-skill / verify-release 등은 1.x)
+- "1.0 곧 출시" 류 마케팅
 
 ## Open PR Classification
 
-(없음 — 레포 미 push)
+(이전 작업 — auth migration / harness.dev placeholder / 검증 게이트 cut 등은 main 머지 완료, 메모리 `nekowork-*` 참조)
 
 ## Interfaces
 
@@ -50,3 +57,6 @@
 - 2026-04-29: P1 회수 세션 완료 (`docs/dev-log/2026-04-29-p1-recovery.md`). 빈 디렉터리 6 → 0, 미구현 스크립트 9 → 0, ARCHITECTURE 528줄, 73 테스트.
 - 2026-04-29: 잡티 제거 배치 진행 중 — 본 파일 갱신 + Validator 경고 정합 + RUNBOOK/PORTING/Security Bar 보완.
 - 2026-04-30: **auth migration 완료**. PR #1-#3 (3계층 인증 + GitHub OAuth + OS keychain) main 머지 (`60e9de9` → `7c4f2c8`, +4 commits, rebase merge). PR #2/#3 은 phase-1 옛 SHA 포함으로 force-push 1회씩(`--onto origin/main bf72841`/`b2b1bce` + `--force-with-lease`). Smoke 3/4 PASS (#1 `claude /status` Claude Max, #2 override 차단 3 케이스, #4 keychain Windows Credential Manager). #3 GitHub OAuth Device Flow 는 OAuth App 미등록으로 사용자 자율 보류 — 실제 GitHub automation 사용 시점에 수행. PR #4 (codex 0.125+ 호환) 는 본 작업과 무관 OPEN 잔존.
+- 2026-05-14: **alpha.10 npm publish 완료**. dist-tag `@alpha`. 19개 CLI 명령 wide surface. 코드 품질 핫스팟 3건 진단 (cli.js 1543 LOC / orchestrator 보일러플레이트 / 미사용 export 3건) — publish 게이트 후 처리.
+- 2026-05-15~16: **1.0 검증 게이트 cut + alpha.11 publish**. `feat(verify-pr)` 5 deterministic rules + Auto-Apply-Commit-Push + GitHub Actions PR comment + bench:rules. 정체성을 "verification-first AI development factory" 12-Station 으로 정제 (VISION.md). README hero 는 검증 게이트 카피 유지.
+- 2026-05-16: **post-publish CI red 사고 복구** (`6a0e862`). `.gitignore *.pem` 룰이 secret-detection 룰 자체 fixture 까지 차단 → alpha.11 가 CI red 6 commit streak 상태로 publish. `!tests/fixtures/**/*.pem` 예외 + synthetic fixture 2개 commit 으로 복구. POST-RELEASE-CHECKLIST §0.2 에 CI green 3항목 게이트 추가 (`f6995ab`). 메모리 `nekowork-alpha11-verify-pr` 의 '자기모순' 섹션 참조.

package/agent.yaml

@@ -1,7 +1,7 @@
 spec_version: gitagent/0.1.0
 name: nekowork
 runtime_name: harness
-version: 0.1.0-alpha.10
+version: 0.1.0-alpha.12
 description: "NEKOWORK - Verified autopilot for AI code changes with Codex verification, Human Gate, and explicit apply"
 license: MIT
 homepage: https://github.com/Ps-Neko/NEKOWORK
@@ -23,7 +23,7 @@ agents:
   - doc-writer
 
 skills:
-  - claude-led-codex-review
+  - nekowork-full-cycle
   - plan-eng-review
   - tdd-workflow
   - acceptance-coverage
@@ -33,10 +33,11 @@ skills:
   - release-readiness
   - porting
   - ralph   # 명시 옵트인 영속 루프. 자동 키워드 활성 OFF.
+  - verified-gate   # strict 검증 게이트 진입점. 명시 옵트인, 자동 키워드 OFF.
 
 commands:
   # legacy compat (slash entry). 신규 추가 금지.
-  - claude-led-codex-review
+  - nekowork-full-cycle
 
 hooks:
   file: hooks/hooks.json
@@ -200,7 +201,7 @@ auth:
     deny_static_api_keys_in_repo: true
 
 routing:
-  # 단계별 routing 표는 skills/claude-led-codex-review/SKILL.md 가 정전(canon).
+  # 단계별 routing 표는 skills/nekowork-full-cycle/SKILL.md 가 정전(canon).
   eco_mode_floor: sonnet
   human_gate_triggers:
     severity: critical

package/agents/codex-challenger.md

@@ -5,7 +5,7 @@ provider: codex
 model: gpt-5-codex
 level: 3
 disallowedTools: [Write, Edit, Bash, Network]
-trigger: ["codex challenge", "--secure", "claude-led-codex-review:6"]
+trigger: ["codex challenge", "--secure", "nekowork-full-cycle:6"]
 hand_off_to: []
 sandbox: read-only
 network_access: false

package/agents/codex-reviewer.md

@@ -5,7 +5,7 @@ provider: codex
 model: gpt-5-codex
 level: 3
 disallowedTools: [Write, Edit, Bash, Network]
-trigger: ["codex review", "claude-led-codex-review:5"]
+trigger: ["codex review", "nekowork-full-cycle:5"]
 hand_off_to: []
 sandbox: read-only
 network_access: false

package/commands/nekowork-full-cycle.md

@@ -0,0 +1,29 @@
+---
+description: "Claude 주도 + Codex 위임 7단계 풀사이클. nekowork-full-cycle 스킬 호출."
+---
+
+# /nekowork-full-cycle
+
+이 슬래시 명령은 `nekowork-full-cycle` 스킬의 legacy compat 진입점이다. 신규 워크플로우는 스킬에서 정의되지만 슬래시 호출 호환성을 위해 보존.
+
+## 동작
+
+`Skill` 도구로 `nekowork-full-cycle` 를 즉시 호출. 인자가 있으면 작업 요약으로 전달, 없으면 사용자에게 한 줄 요약을 요청.
+
+## 인자
+
+- `$ARGUMENTS` — 작업 요약 한 줄
+- `--fast` — 단계 1·6 스킵
+- `--secure` — 단계 6 강제
+- `--no-ship` — 단계 7 생략
+
+## 예시
+
+```
+/nekowork-full-cycle JWT 검증 미들웨어 추가 --secure
+/nekowork-full-cycle 결제 환불 로직 버그 수정
+/nekowork-full-cycle --fast 사소한 리팩토링
+/nekowork-full-cycle 새 API 엔드포인트 --no-ship
+```
+
+전체 명세는 `skills/nekowork-full-cycle/SKILL.md` 참조.

package/docs/ADVANCED.md

@@ -1,5 +1,21 @@
 # Advanced Features
 
+> ## Phased Cut status
+>
+> 이 페이지의 대부분 명령은 알파.10 시기의 wide CLI surface 입니다.
+> NEKOWORK 1.0 은 [검증 게이트 정체성](SCOPE-1.0.md) 에 집중하며,
+> 이 명령들은 [Phased Cut](SCOPE-1.0.md#2-phased-cut-단계) 을 거칩니다.
+>
+> | Phase | 시기 | 상태 |
+> |---|---|---|
+> | Phase 0 | now (0.1.x → 0.2.x) | **functional** + hero 강등 |
+> | Phase 1 | 0.3.x → 1.0 | `[deprecated]` 마크 + "removed in 2.0" 경고 |
+> | Phase 2 | 1.x → 2.0 | 제거 또는 `@ps-neko/nekowork-legacy` 분리 |
+>
+> 1.0 의 hero 명령 4종 — `check / verify-pr / report / apply` — 으로 이주를 권장합니다.
+> 명령별 운명은 [SCOPE-1.0.md §3](SCOPE-1.0.md#3-명령-운명-표) 참고.
+> 장기 비전은 [VISION.md](VISION.md) 참고.
+
 The public alpha path focuses on `doctor`, `build`, `report`, `gate`, and the decomposed `ask`, `plan`, `team`, `work`, `verify`, `ship`, `apply`, `run`, `review`, `review-cycle`, and install/apply surfaces. This page keeps the larger runtime surface discoverable without crowding the first-run docs.
 
 ## team