@ryuenn3123/agentic-senior-core 1.9.2 → 1.9.4

package/.agent-context/marketplace/trust-tiers.json

@@ -0,0 +1,114 @@
+{
+  "schemaVersion": "trust-tiers-v1",
+  "version": "1.0.0",
+  "description": "Defines trust tiers for marketplace artifacts. Each tier sets the minimum evidence and quality thresholds required for acceptance.",
+  "tiers": {
+    "verified": {
+      "displayName": "Verified",
+      "description": "Meets all quality gates, has complete evidence bundles, and is actively maintained. Ready for production use.",
+      "badge": "verified",
+      "minimumScore": 85,
+      "requirements": {
+        "hasReadme": true,
+        "hasTests": true,
+        "hasEvidence": true,
+        "hasCompatManifest": true,
+        "hasChangelog": true,
+        "minDocScore": 80,
+        "minTestScore": 80,
+        "minEvidenceScore": 80,
+        "minMaintenanceScore": 80,
+        "maxDaysSinceUpdate": 90,
+        "forbiddenContentClean": true
+      }
+    },
+    "community": {
+      "displayName": "Community",
+      "description": "Has basic documentation and some evidence. Functional but may lack comprehensive test coverage or recent maintenance.",
+      "badge": "community",
+      "minimumScore": 50,
+      "requirements": {
+        "hasReadme": true,
+        "hasTests": false,
+        "hasEvidence": false,
+        "hasCompatManifest": false,
+        "hasChangelog": false,
+        "minDocScore": 50,
+        "minTestScore": 0,
+        "minEvidenceScore": 0,
+        "minMaintenanceScore": 0,
+        "maxDaysSinceUpdate": 365,
+        "forbiddenContentClean": true
+      }
+    },
+    "experimental": {
+      "displayName": "Experimental",
+      "description": "Newly submitted or under development. No quality guarantees. Use at own risk.",
+      "badge": "experimental",
+      "minimumScore": 0,
+      "requirements": {
+        "hasReadme": true,
+        "hasTests": false,
+        "hasEvidence": false,
+        "hasCompatManifest": false,
+        "hasChangelog": false,
+        "minDocScore": 0,
+        "minTestScore": 0,
+        "minEvidenceScore": 0,
+        "minMaintenanceScore": 0,
+        "maxDaysSinceUpdate": null,
+        "forbiddenContentClean": true
+      }
+    }
+  },
+  "scorecard": {
+    "description": "Weighted scorecard used to calculate the trust score of marketplace artifacts. Total weight sums to 100.",
+    "dimensions": {
+      "documentation": {
+        "weight": 25,
+        "description": "Quality and completeness of documentation. Checks README, inline docs, usage examples, and API descriptions.",
+        "gates": [
+          "README.md exists and is non-empty",
+          "Contains usage examples or getting started section",
+          "Contains API or configuration reference",
+          "Contains license declaration",
+          "No placeholder or TODO-only content"
+        ]
+      },
+      "tests": {
+        "weight": 25,
+        "description": "Test coverage and quality. Checks for test files, pass rate, and coverage of core functionality.",
+        "gates": [
+          "At least one test file exists",
+          "Tests pass without errors",
+          "Core functions have corresponding tests",
+          "No skipped or TODO tests in critical paths",
+          "Test command is documented"
+        ]
+      },
+      "evidence": {
+        "weight": 25,
+        "description": "Completeness of evidence bundles. Checks for compatibility manifests, SBOM excerpts, and validation reports.",
+        "gates": [
+          "Evidence bundle directory exists",
+          "Compatibility manifest is present",
+          "Validation report is present",
+          "SBOM excerpt or dependency list is present",
+          "Evidence files are not stale (updated within maxDaysSinceUpdate)"
+        ]
+      },
+      "maintenance": {
+        "weight": 25,
+        "description": "Maintenance activity and health. Checks for recent updates, changelog entries, and responsiveness.",
+        "gates": [
+          "Last update within maxDaysSinceUpdate threshold",
+          "CHANGELOG.md exists with recent entries",
+          "No known security vulnerabilities in dependencies",
+          "Version follows semantic versioning",
+          "Owner or maintainer is declared"
+        ]
+      }
+    },
+    "totalWeight": 100
+  }
+}

package/.agent-context/review-checklists/marketplace-acceptance.md

@@ -0,0 +1,60 @@
+# Marketplace Acceptance Checklist
+
+Use this checklist to evaluate marketplace artifact submissions. Every gate must be verified before assigning a trust tier.
+
+## Tier Assignment Rule
+
+- **Verified**: all 20 gates pass, composite score >= 85
+- **Community**: gates 1-4 pass, composite score >= 50
+- **Experimental**: gate 1 passes, composite score >= 0
+- **Rejected**: gate 1 fails or forbidden content detected
+
+## Documentation (25%)
+
+- [ ] 1. README.md exists and contains at least 200 characters of non-boilerplate content
+- [ ] 2. README includes a usage example or getting-started section
+- [ ] 3. README includes an API or configuration reference
+- [ ] 4. License declaration is present (LICENSE file or header)
+- [ ] 5. No placeholder-only content (no files that are entirely TODO or stub)
+
+## Tests (25%)
+
+- [ ] 6. At least one test file exists in a recognized test directory
+- [ ] 7. All tests pass without errors when executed
+- [ ] 8. Core exported functions have corresponding test cases
+- [ ] 9. No skipped or disabled tests in critical code paths
+- [ ] 10. Test execution command is documented in README or package metadata
+
+## Evidence (25%)
+
+- [ ] 11. Evidence bundle directory exists at artifact root (e.g. `evidence/` or `.evidence/`)
+- [ ] 12. Compatibility manifest is present declaring supported runtimes and IDE versions
+- [ ] 13. Validation report from the most recent CI run is present
+- [ ] 14. Dependency list or SBOM excerpt is present
+- [ ] 15. Evidence files are current (updated within the tier's maxDaysSinceUpdate threshold)
+
+## Maintenance (25%)
+
+- [ ] 16. Last meaningful update is within the tier's maxDaysSinceUpdate threshold
+- [ ] 17. CHANGELOG.md exists with at least one entry for the current major version
+- [ ] 18. No known critical or high-severity vulnerabilities in direct dependencies
+- [ ] 19. Version follows semantic versioning (MAJOR.MINOR.PATCH)
+- [ ] 20. Owner or maintainer is declared in package metadata or README
+
+## Security (Mandatory, All Tiers)
+
+- [ ] Forbidden content scan passes (no hardcoded secrets, API keys, or private paths)
+- [ ] No `eval()` or dynamic code execution in published assets
+- [ ] No network calls to undeclared external endpoints
+
+## Scoring Notes
+
+Composite score is calculated as:
+
+```
+score = (doc_score * 0.25) + (test_score * 0.25) + (evidence_score * 0.25) + (maintenance_score * 0.25)
+```
+
+Each dimension score is: (gates_passed / total_gates_in_dimension) * 100
+
+Tier thresholds are defined in `.agent-context/marketplace/trust-tiers.json`.

package/.agent-context/rules/security.md

@@ -236,10 +236,11 @@ coverage/
 .nyc_output/
 *.lcov
 
-# ── Runtime Data ──
+# ── Runtime & Backup Data ──
 *.pid
 *.seed
 *.pid.lock
+.agentic-backup/
 
 # ── Secrets & Keys ──
 *.pem

package/.agent-context/state/onboarding-report.json

@@ -1,19 +1,14 @@
 {
-  "cliVersion": "1.9.2",
-  "generatedAt": "2026-04-08T01:58:51.014Z",
-  "operationMode": "init",
+  "cliVersion": "1.9.4",
+  "generatedAt": "2026-04-08T03:01:45.024Z",
+  "operationMode": "upgrade",
   "selectedProfile": "beginner",
   "selectedProfilePack": null,
-  "selectedPreset": "frontend-web",
   "selectedStack": "typescript.md",
   "selectedBlueprint": "api-nextjs.md",
   "ciGuardrailsEnabled": true,
-  "setupDurationMs": 16396,
-  "selectedSkillDomains": [
-    "frontend",
-    "fullstack",
-    "cli"
-  ],
+  "setupDurationMs": 605,
+  "selectedSkillDomains": [],
   "autoDetection": {
     "recommendedStack": "typescript.md",
     "recommendedBlueprint": "api-nextjs.md",

package/.cursorrules

@@ -1,7 +1,7 @@
 # AGENTIC-SENIOR-CORE DYNAMIC GOVERNANCE RULESET
 
-Generated by Agentic-Senior-Core CLI v1.9.2
-Timestamp: 2026-04-08T01:58:51.011Z
+Generated by Agentic-Senior-Core CLI v1.9.4
+Timestamp: 2026-04-08T03:01:44.455Z
 Selected profile: beginner
 Selected policy file: .agent-context/policies/llm-judge-threshold.json
 
@@ -2278,10 +2278,11 @@ coverage/
 .nyc_output/
 *.lcov
 
-# ── Runtime Data ──
+# ── Runtime & Backup Data ──
 *.pid
 *.seed
 *.pid.lock
+.agentic-backup/
 
 # ── Secrets & Keys ──
 *.pem

package/.windsurfrules

@@ -1,7 +1,7 @@
 # AGENTIC-SENIOR-CORE DYNAMIC GOVERNANCE RULESET
 
-Generated by Agentic-Senior-Core CLI v1.9.2
-Timestamp: 2026-04-08T01:58:51.011Z
+Generated by Agentic-Senior-Core CLI v1.9.4
+Timestamp: 2026-04-08T03:01:44.455Z
 Selected profile: beginner
 Selected policy file: .agent-context/policies/llm-judge-threshold.json
 
@@ -2278,10 +2278,11 @@ coverage/
 .nyc_output/
 *.lcov
 
-# ── Runtime Data ──
+# ── Runtime & Backup Data ──
 *.pid
 *.seed
 *.pid.lock
+.agentic-backup/
 
 # ── Secrets & Keys ──
 *.pem

package/bin/agentic-senior-core.js

@@ -10,6 +10,7 @@ import { exit } from 'node:process';
 import { CLI_VERSION } from '../lib/cli/constants.mjs';
 import { printUsage } from '../lib/cli/utils.mjs';
 import { runLaunchCommand } from '../lib/cli/commands/launch.mjs';
+import { runRollbackCommand } from '../lib/cli/commands/rollback.mjs';
 import { runInitCommand, parseInitArguments } from '../lib/cli/commands/init.mjs';
 import { runUpgradeCommand, parseUpgradeArguments } from '../lib/cli/commands/upgrade.mjs';
 import { runSkillCommand } from '../lib/cli/skill-selector.mjs';
@@ -50,6 +51,11 @@ async function main() {
     return;
   }
 
+  if (commandArgument === 'rollback') {
+    await runRollbackCommand(commandArguments);
+    return;
+  }
+
   console.error(`Unknown command: ${commandArgument}`);
   printUsage();
   exit(1);

package/lib/cli/backup.mjs

@@ -0,0 +1,126 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import crypto from 'node:crypto';
+import { pathExists, ensureDirectory } from './utils.mjs';
+
+const BACKUP_DIR_NAME = '.agentic-backup';
+
+/**
+ * Calculates a SHA-256 hash of a file's contents.
+ */
+async function hashFile(filePath) {
+  const fileBuffer = await fs.readFile(filePath);
+  const hashSum = crypto.createHash('sha256');
+  hashSum.update(fileBuffer);
+  return hashSum.digest('hex');
+}
+
+/**
+ * Helper to get all files in a directory recursively.
+ */
+async function getFilesInDirectory(dirPath) {
+  const files = [];
+  try {
+    const entries = await fs.readdir(dirPath, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.name === '.git' || entry.name === 'node_modules' || entry.name === BACKUP_DIR_NAME) {
+        continue;
+      }
+      const fullPath = path.join(dirPath, entry.name);
+      if (entry.isDirectory()) {
+        const nestedFiles = await getFilesInDirectory(fullPath);
+        files.push(...nestedFiles);
+      } else {
+        files.push(fullPath);
+      }
+    }
+  } catch (error) {
+    if (error.code !== 'ENOENT') {
+      throw error;
+    }
+  }
+  return files;
+}
+
+/**
+ * Creates a backup of specific paths in the target directory.
+ * Currently backs up: .cursorrules, .windsurfrules, and the entire .agent-context directory.
+ * @param {string} targetDirectoryPath 
+ */
+export async function createBackup(targetDirectoryPath) {
+  const startTime = Date.now();
+  const backupRoot = path.join(targetDirectoryPath, BACKUP_DIR_NAME);
+  const objectsDir = path.join(backupRoot, 'objects');
+  
+  await ensureDirectory(objectsDir);
+
+  const pathsToTrack = [
+    path.join(targetDirectoryPath, '.cursorrules'),
+    path.join(targetDirectoryPath, '.windsurfrules'),
+    path.join(targetDirectoryPath, '.agent-context')
+  ];
+
+  const resolvedFilesToTrack = [];
+  
+  for (const trackPath of pathsToTrack) {
+    try {
+      const stats = await fs.stat(trackPath);
+      if (stats.isDirectory()) {
+         const nested = await getFilesInDirectory(trackPath);
+         resolvedFilesToTrack.push(...nested);
+      } else if (stats.isFile()) {
+         resolvedFilesToTrack.push(trackPath);
+      }
+    } catch (err) {
+      if (err.code !== 'ENOENT') {
+         throw err;
+      }
+      // If it doesn't exist, we track it as missing so that a rollback knows to delete it
+      // if it gets created during the run. Wait, tracking everything that doesn't exist 
+      // is infinite. We should record the paths we intend to write to as "absent" state.
+      resolvedFilesToTrack.push(trackPath); 
+    }
+  }
+
+  const manifest = {
+    timestamp: new Date().toISOString(),
+    files: {}
+  };
+
+  for (const filePath of resolvedFilesToTrack) {
+    const relativePath = path.relative(targetDirectoryPath, filePath);
+    // Ignore any backup operations within the backup directory itself
+    if (relativePath.startsWith(BACKUP_DIR_NAME)) continue;
+
+    if (await pathExists(filePath)) {
+      // File exists: hash and backup
+      const fileHash = await hashFile(filePath);
+      const destObjectPath = path.join(objectsDir, fileHash);
+      
+      if (!(await pathExists(destObjectPath))) {
+          await fs.copyFile(filePath, destObjectPath);
+      }
+
+      const stats = await fs.stat(filePath);
+      manifest.files[relativePath] = {
+         action: 'restore',
+         hash: fileHash,
+         mtimeMs: stats.mtimeMs
+      };
+    } else {
+      // File did not exist before operation: must be deleted on rollback
+      manifest.files[relativePath] = {
+         action: 'delete'
+      };
+    }
+  }
+
+  const manifestPath = path.join(backupRoot, 'manifest.json');
+  await fs.writeFile(manifestPath, JSON.stringify(manifest, null, 2));
+
+  return {
+    manifestPath,
+    backupRoot,
+    durationMs: Date.now() - startTime
+  };
+}

package/lib/cli/commands/init.mjs

@@ -32,6 +32,9 @@ import { collectProfilePacks, findProfilePackByInput } from '../profile-packs.mj
 import { inferSkillDomainNamesFromSelection } from '../skill-selector.mjs';
 import { detectProjectContext, buildDetectionSummary, formatDetectionCandidates } from '../detector.mjs';
 import { compileDynamicContext, writeSelectedPolicy, writeOnboardingReport } from '../compiler.mjs';
+import { runPreflightChecks } from '../preflight.mjs';
+import { createBackup } from '../backup.mjs';
+import { performRollback } from '../rollback.mjs';
 
 export { REPO_ROOT } from '../constants.mjs';
 
@@ -142,6 +145,15 @@ export async function runInitCommand(targetDirectoryArgument, initOptions = {})
   const setupStartedAt = Date.now();
   await ensureDirectory(resolvedTargetDirectoryPath);
 
+  const preflightResult = await runPreflightChecks(resolvedTargetDirectoryPath, 'init');
+  if (!preflightResult.passed) {
+      console.error('\n[FATAL] Preflight checks failed. Initializing here would cause errors or data loss:');
+      console.error(JSON.stringify(preflightResult, null, 2));
+      throw new Error('Preflight checks failed.');
+  }
+
+  const backup = await createBackup(resolvedTargetDirectoryPath);
+
   const userInterface = createInterface({ input: stdin, output: stdout });
 
   try {
@@ -333,6 +345,19 @@ export async function runInitCommand(targetDirectoryArgument, initOptions = {})
     console.log('\nPlain-language summary:');
     console.log(`I prepared a ${selectedProfile.displayName.toLowerCase()} governance pack for a ${toTitleCase(selectedResolvedStackFileName)} project using the ${toTitleCase(selectedResolvedBlueprintFileName)} blueprint.`);
     console.log('Your AI tools will now receive one compiled rulebook plus the original source rules, and your review threshold is stored in .agent-context/policies/llm-judge-threshold.json.');
+  } catch (error) {
+    console.error('\n[FATAL] An error occurred during initialization. Attempting automatic rollback...');
+    try {
+        const rollbackReport = await performRollback(resolvedTargetDirectoryPath);
+        if (rollbackReport.success) {
+            console.error('[OK] Automatic rollback successful. The directory has been restored.');
+        } else {
+            console.error('[WARN] Automatic rollback completed with errors. You may need to manually clean up.');
+        }
+    } catch (rbError) {
+        console.error(`[FATAL] Automatic rollback failed: ${rbError.message}`);
+    }
+    throw error;
   } finally {
     userInterface.close();
   }

package/lib/cli/commands/rollback.mjs

@@ -0,0 +1,57 @@
+import path from 'node:path';
+import { performRollback } from '../rollback.mjs';
+import { ensureDirectory } from '../utils.mjs';
+
+/**
+ * Command module for `rollback`
+ */
+export async function runRollbackCommand(commandArguments) {
+  // Parse simple argument <targetDir>
+  const targetDirectoryArgument = commandArguments.length > 0 ? commandArguments[0] : null;
+
+  if (!targetDirectoryArgument) {
+    console.error('Usage: agentic-senior-core rollback <target-directory>');
+    process.exit(1);
+  }
+
+  const resolvedTargetDirectoryPath = path.resolve(targetDirectoryArgument);
+  
+  try {
+      await ensureDirectory(resolvedTargetDirectoryPath);
+  } catch (err) {
+      console.error(`[FATAL] Cannot access target directory: ${resolvedTargetDirectoryPath}`);
+      process.exit(1);
+  }
+
+  console.log(`Starting manual rollback for directory: ${resolvedTargetDirectoryPath} ...\n`);
+
+  try {
+      const report = await performRollback(resolvedTargetDirectoryPath);
+
+      if (report.success) {
+          console.log('[OK] Rollback successful.\n');
+      } else {
+          console.error('[WARN] Rollback completed with errors.\n');
+      }
+
+      console.log('Restored files:');
+      if (report.restoredFiles.length === 0) console.log('  (none)');
+      report.restoredFiles.forEach(f => console.log(`  + ${f}`));
+
+      console.log('\nDeleted (new) files:');
+      if (report.deletedFiles.length === 0) console.log('  (none)');
+      report.deletedFiles.forEach(f => console.log(`  - ${f}`));
+
+      if (report.errors.length > 0) {
+          console.error('\nErrors encountered:');
+          report.errors.forEach(e => console.error(`  ! ${e}`));
+      }
+
+      const exitCode = report.success ? 0 : 1;
+      process.exit(exitCode);
+  } catch (error) {
+      console.error('\n[FATAL] Rollback operation failed:');
+      console.error(error.message);
+      process.exit(1);
+  }
+}

package/lib/cli/commands/upgrade.mjs

@@ -32,6 +32,10 @@ import {
   loadOnboardingReportIfExists,
 } from '../compiler.mjs';
 
+import { runPreflightChecks } from '../preflight.mjs';
+import { createBackup } from '../backup.mjs';
+import { performRollback } from '../rollback.mjs';
+
 export function parseUpgradeArguments(commandArguments) {
   const parsedUpgradeOptions = {
     targetDirectory: '.',
@@ -68,6 +72,13 @@ export async function runUpgradeCommand(targetDirectoryArgument, upgradeOptions
   const setupStartedAt = Date.now();
   await ensureDirectory(resolvedTargetDirectoryPath);
 
+  const preflightResult = await runPreflightChecks(resolvedTargetDirectoryPath, 'upgrade');
+  if (!preflightResult.passed) {
+      console.error('\n[FATAL] Preflight checks failed. Upgrading here would cause errors or data loss:');
+      console.error(JSON.stringify(preflightResult, null, 2));
+      throw new Error('Preflight checks failed.');
+  }
+
   const userInterface = createInterface({ input: stdin, output: stdout });
 
   try {
@@ -138,27 +149,44 @@ export async function runUpgradeCommand(targetDirectoryArgument, upgradeOptions
       return;
     }
 
-    await fs.writeFile(currentRulesPath, plannedRulesContent, 'utf8');
-    await fs.writeFile(path.join(resolvedTargetDirectoryPath, '.windsurfrules'), plannedRulesContent, 'utf8');
-    await writeSelectedPolicy(resolvedTargetDirectoryPath, selectedProfileName);
-
-    const setupDurationMs = Date.now() - setupStartedAt;
-    await writeOnboardingReport({
-      targetDirectoryPath: resolvedTargetDirectoryPath,
-      selectedProfileName,
-      selectedProfilePack: existingOnboardingReport?.selectedProfilePack || null,
-      selectedStackFileName,
-      selectedBlueprintFileName,
-      includeCiGuardrails,
-      setupDurationMs,
-      projectDetection,
-      operationMode: 'upgrade',
-    });
-
-    console.log('\nUpgrade complete.');
-    console.log(`- Rules rewritten: ${isRulesContentChanged ? 'yes' : 'no (metadata refreshed)'}`);
-    console.log(`- Setup time: ${formatDuration(setupDurationMs)}`);
-    console.log('- Updated files: .cursorrules, .windsurfrules, .agent-context/state/onboarding-report.json');
+    const backup = await createBackup(resolvedTargetDirectoryPath);
+
+    try {
+      await fs.writeFile(currentRulesPath, plannedRulesContent, 'utf8');
+      await fs.writeFile(path.join(resolvedTargetDirectoryPath, '.windsurfrules'), plannedRulesContent, 'utf8');
+      await writeSelectedPolicy(resolvedTargetDirectoryPath, selectedProfileName);
+
+      const setupDurationMs = Date.now() - setupStartedAt;
+      await writeOnboardingReport({
+        targetDirectoryPath: resolvedTargetDirectoryPath,
+        selectedProfileName,
+        selectedProfilePack: existingOnboardingReport?.selectedProfilePack || null,
+        selectedStackFileName,
+        selectedBlueprintFileName,
+        includeCiGuardrails,
+        setupDurationMs,
+        projectDetection,
+        operationMode: 'upgrade',
+      });
+
+      console.log('\nUpgrade complete.');
+      console.log(`- Rules rewritten: ${isRulesContentChanged ? 'yes' : 'no (metadata refreshed)'}`);
+      console.log(`- Setup time: ${formatDuration(setupDurationMs)}`);
+      console.log('- Updated files: .cursorrules, .windsurfrules, .agent-context/state/onboarding-report.json');
+    } catch (error) {
+      console.error('\n[FATAL] An error occurred during upgrade. Attempting automatic rollback...');
+      try {
+          const rollbackReport = await performRollback(resolvedTargetDirectoryPath);
+          if (rollbackReport.success) {
+              console.error('[OK] Automatic rollback successful. The directory has been restored.');
+          } else {
+              console.error('[WARN] Automatic rollback completed with errors. You may need to manually clean up.');
+          }
+      } catch (rbError) {
+          console.error(`[FATAL] Automatic rollback failed: ${rbError.message}`);
+      }
+      throw error;
+    }
   } finally {
     userInterface.close();
   }

package/lib/cli/preflight.mjs

@@ -0,0 +1,97 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { constants } from 'node:fs';
+import { pathExists } from './utils.mjs';
+
+const MINIMUM_NODE_VERSION = 18;
+const MINIMUM_FREE_DISK_SPACE_MB = 5;
+
+export async function runPreflightChecks(targetDirectoryPath, operationMode) {
+  const result = {
+    passed: true,
+    checks: [],
+    errors: [],
+  };
+
+  // Check 1: Node Version
+  const nodeVersionString = process.version;
+  const majorVersion = parseInt(nodeVersionString.slice(1).split('.')[0], 10);
+  if (majorVersion >= MINIMUM_NODE_VERSION) {
+    result.checks.push(`Node.js version is compatible: ${nodeVersionString}`);
+  } else {
+    result.passed = false;
+    result.errors.push(`Node.js version ${nodeVersionString} is unsupported. Minimum required is v${MINIMUM_NODE_VERSION}.x`);
+  }
+
+  // Check 2: Write Permissions
+  try {
+    await fs.access(targetDirectoryPath, constants.W_OK);
+    result.checks.push(`Target directory is writable: ${targetDirectoryPath}`);
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+       // Target directory does not exist yet. Ensure its parent is writable so we can create it
+       const parentDir = path.dirname(targetDirectoryPath);
+       try {
+           await fs.access(parentDir, constants.W_OK);
+           result.checks.push(`Target parent directory is writable: ${parentDir}`);
+       } catch (parentErr) {
+           result.passed = false;
+           result.errors.push(`Target directory does not exist and parent is read-only: ${parentDir}`);
+       }
+    } else {
+        result.passed = false;
+        result.errors.push(`Target directory is read-only: ${targetDirectoryPath}`);
+    }
+  }
+
+  // Check 3: Disk Space
+  try {
+    const statfsString = typeof fs.statfs === 'function';
+    // Use fs.statfs if available (Node 18.15+)
+    if (statfsString) {
+        // If directory doesn't exist, check its parent
+        const pathToCheck = await pathExists(targetDirectoryPath) ? targetDirectoryPath : path.dirname(targetDirectoryPath);
+        const diskStats = await fs.statfs(pathToCheck);
+        // diskStats.bavail is free blocks available to unprivileged user
+        // diskStats.bsize is block size
+        const freeBytes = Number(diskStats.bavail) * Number(diskStats.bsize);
+        const freeMb = freeBytes / (1024 * 1024);
+        
+        if (freeMb >= MINIMUM_FREE_DISK_SPACE_MB) {
+             result.checks.push(`Sufficient free disk space available: ${freeMb.toFixed(2)} MB`);
+        } else {
+             result.passed = false;
+             result.errors.push(`Insufficient free disk space. Required: ${MINIMUM_FREE_DISK_SPACE_MB} MB, Available: ${freeMb.toFixed(2)} MB`);
+        }
+    } else {
+        result.checks.push('Skipping disk space check (fs.statfs requires Node.js v18.15+)');
+    }
+  } catch (error) {
+     result.checks.push(`Skipping disk space check due to standard library limitation: ${error.message}`);
+  }
+
+  // Check 4: Conflicting Files
+  if (operationMode === 'init') {
+      const potentiallyConflictingPaths = [
+          path.join(targetDirectoryPath, '.cursorrules'),
+          path.join(targetDirectoryPath, '.windsurfrules'),
+          path.join(targetDirectoryPath, '.agent-context'),
+      ];
+
+      const conflictingFound = [];
+      for (const conflictPath of potentiallyConflictingPaths) {
+          if (await pathExists(conflictPath)) {
+              conflictingFound.push(path.basename(conflictPath));
+          }
+      }
+
+      if (conflictingFound.length > 0) {
+           result.passed = false;
+           result.errors.push(`Conflicting governance files already exist during init: ${conflictingFound.join(', ')}. Use upgrade instead.`);
+      } else {
+           result.checks.push('No conflicting governance files found.');
+      }
+  }
+
+  return result;
+}

package/lib/cli/rollback.mjs

@@ -0,0 +1,67 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { pathExists, ensureDirectory } from './utils.mjs';
+
+const BACKUP_DIR_NAME = '.agentic-backup';
+
+/**
+ * Performs a rollback of a target directory using the backup manifest.
+ * @param {string} targetDirectoryPath 
+ */
+export async function performRollback(targetDirectoryPath) {
+  const startTime = Date.now();
+  const backupRoot = path.join(targetDirectoryPath, BACKUP_DIR_NAME);
+  const manifestPath = path.join(backupRoot, 'manifest.json');
+  const objectsDir = path.join(backupRoot, 'objects');
+
+  if (!(await pathExists(manifestPath))) {
+      throw new Error(`Rollback failed: Backup manifest not found at ${manifestPath}`);
+  }
+
+  const manifestData = JSON.parse(await fs.readFile(manifestPath, 'utf8'));
+  const report = {
+      restoredFiles: [],
+      deletedFiles: [],
+      errors: []
+  };
+
+  for (const [relativePath, fileManifest] of Object.entries(manifestData.files)) {
+      const destinationPath = path.join(targetDirectoryPath, relativePath);
+
+      if (fileManifest.action === 'restore') {
+          const sourceObjectPath = path.join(objectsDir, fileManifest.hash);
+          if (!(await pathExists(sourceObjectPath))) {
+              report.errors.push(`Missing backup object for file: ${relativePath} (Expected hash: ${fileManifest.hash})`);
+              continue;
+          }
+
+          try {
+             await ensureDirectory(path.dirname(destinationPath));
+             await fs.copyFile(sourceObjectPath, destinationPath);
+             report.restoredFiles.push(relativePath);
+          } catch (err) {
+             report.errors.push(`Failed to restore ${relativePath}: ${err.message}`);
+          }
+      } else if (fileManifest.action === 'delete') {
+          // File did not exist before, but might exist now
+          if (await pathExists(destinationPath)) {
+              try {
+                  const stats = await fs.stat(destinationPath);
+                  if (stats.isDirectory()) {
+                      await fs.rm(destinationPath, { recursive: true, force: true });
+                  } else {
+                      await fs.unlink(destinationPath);
+                  }
+                  report.deletedFiles.push(relativePath);
+              } catch (err) {
+                  report.errors.push(`Failed to delete dynamically added file ${relativePath}: ${err.message}`);
+              }
+          }
+      }
+  }
+
+  report.durationMs = Date.now() - startTime;
+  report.success = report.errors.length === 0;
+
+  return report;
+}

package/lib/cli/utils.mjs

@@ -27,6 +27,7 @@ export function printUsage() {
   console.log('  agentic-senior-core launch');
   console.log('  agentic-senior-core init [target-directory] [--preset <name>] [--profile <beginner|balanced|strict>] [--profile-pack <name>] [--stack <name>] [--blueprint <name>] [--ci <true|false>] [--newbie]');
   console.log('  agentic-senior-core upgrade [target-directory] [--dry-run] [--yes]');
+  console.log('  agentic-senior-core rollback [target-directory]');
   console.log('  agentic-senior-core skill [domain] [--tier <standard|advance|expert|above>] [--json]');
   console.log('  agentic-senior-core --version');
   console.log('');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ryuenn3123/agentic-senior-core",
-  "version": "1.9.2",
+  "version": "1.9.4",
   "type": "module",
   "description": "Force your AI Agent to code like a Staff Engineer, not a Junior.",
   "bin": {
@@ -51,4 +51,4 @@
     "validate": "node ./scripts/validate.mjs",
     "test": "node --test ./tests/cli-smoke.test.mjs ./tests/llm-judge.test.mjs ./tests/enterprise-ops.test.mjs ./tests/skill-tier-gate.test.mjs"
   }
-}
+}

package/scripts/validate.mjs

@@ -137,6 +137,7 @@ async function validateRequiredFiles() {
     'tests/enterprise-ops.test.mjs',
     'LICENSE',
     '.gitignore',
+    '.agent-context/marketplace/trust-tiers.json',
   ];
 
   for (const requiredFilePath of requiredFiles) {
@@ -218,6 +219,7 @@ async function validateRuleFiles() {
     'review-checklists/security-audit.md',
     'review-checklists/performance-audit.md',
     'review-checklists/architecture-review.md',
+    'review-checklists/marketplace-acceptance.md',
     'skills/README.md',
     'skills/frontend/README.md',
     'skills/backend/README.md',
@@ -596,6 +598,65 @@ async function validateMcpConfiguration() {
   }
 }
 
+async function validateTrustTierSchema() {
+  console.log('\nChecking marketplace trust tier schema...');
+
+  const trustTierPath = join(AGENT_CONTEXT_DIR, 'marketplace', 'trust-tiers.json');
+  const trustTierContent = await readTextFile(trustTierPath);
+  const trustTierSchema = JSON.parse(trustTierContent);
+
+  const expectedTierNames = ['verified', 'community', 'experimental'];
+  for (const expectedTierName of expectedTierNames) {
+    if (trustTierSchema.tiers?.[expectedTierName]) {
+      pass(`Trust tier "${expectedTierName}" is defined`);
+    } else {
+      fail(`Trust tier "${expectedTierName}" is missing from trust-tiers.json`);
+    }
+  }
+
+  const scorecardDimensions = trustTierSchema.scorecard?.dimensions;
+  if (!scorecardDimensions || typeof scorecardDimensions !== 'object') {
+    fail('Trust tier scorecard must define dimensions');
+    return;
+  }
+
+  const dimensionNames = Object.keys(scorecardDimensions);
+  let totalWeight = 0;
+
+  for (const dimensionName of dimensionNames) {
+    const dimensionWeight = scorecardDimensions[dimensionName].weight;
+    if (typeof dimensionWeight !== 'number' || dimensionWeight <= 0) {
+      fail(`Scorecard dimension "${dimensionName}" must have a positive weight`);
+      continue;
+    }
+    totalWeight += dimensionWeight;
+    pass(`Scorecard dimension "${dimensionName}" weight: ${dimensionWeight}`);
+  }
+
+  if (totalWeight === 100) {
+    pass(`Scorecard weights sum to 100`);
+  } else {
+    fail(`Scorecard weights must sum to 100 (got ${totalWeight})`);
+  }
+
+  for (const dimensionName of dimensionNames) {
+    const gates = scorecardDimensions[dimensionName].gates;
+    if (!Array.isArray(gates) || gates.length === 0) {
+      fail(`Scorecard dimension "${dimensionName}" must define at least one gate`);
+      continue;
+    }
+    pass(`Scorecard dimension "${dimensionName}" has ${gates.length} gates`);
+  }
+
+  for (const [tierName, tierDefinition] of Object.entries(trustTierSchema.tiers)) {
+    if (typeof tierDefinition.minimumScore !== 'number') {
+      fail(`Tier "${tierName}" must define a numeric minimumScore`);
+      continue;
+    }
+    pass(`Tier "${tierName}" minimumScore: ${tierDefinition.minimumScore}`);
+  }
+}
+
 async function main() {
   console.log('===============================================');
   console.log('  Agentic-Senior-Core Repository Validator');
@@ -613,6 +674,7 @@ async function main() {
   await validateVersionConsistency();
   await validateDocumentationFlow();
   await validateMcpConfiguration();
+  await validateTrustTierSchema();
 
   console.log('\n===============================================');
   console.log('  RESULTS');