@t275005746/gse 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (228) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -5
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
  5. package/.github/workflows/validate-gse.yml +33 -33
  6. package/.gse/README.md +18 -18
  7. package/.gse/gse-development-protocol.md +50 -50
  8. package/.gse/project-profile.md +29 -29
  9. package/.gse/quality-gates.md +25 -25
  10. package/.gse/releases/public-registry-publication-npm.md +49 -0
  11. package/.gse/releases/public-release-owner-required.md +65 -65
  12. package/.gse/releases/public-security-contact-owner-required.md +45 -45
  13. package/.gse/state.json +147 -27
  14. package/CHANGELOG.md +31 -15
  15. package/CONTRIBUTING.md +64 -64
  16. package/LICENSE +21 -21
  17. package/README.md +14 -7
  18. package/README.zh-CN.md +14 -7
  19. package/SECURITY.md +41 -41
  20. package/SKILL.md +32 -12
  21. package/SUPPORT.md +38 -38
  22. package/assets/marketplace/README.md +7 -7
  23. package/assets/marketplace/gse-listing.json +75 -75
  24. package/assets/templates/acceptance-execution-packet.md +73 -73
  25. package/assets/templates/adr.md +14 -14
  26. package/assets/templates/change-brief.md +16 -16
  27. package/assets/templates/design.md +18 -18
  28. package/assets/templates/dispatch-packet.md +100 -92
  29. package/assets/templates/evidence.md +15 -9
  30. package/assets/templates/execution-quality-pack.md +65 -65
  31. package/assets/templates/goal-map.md +21 -21
  32. package/assets/templates/host-adapter.md +48 -48
  33. package/assets/templates/host-ui-invocation-record.md +42 -42
  34. package/assets/templates/incident-review.md +60 -60
  35. package/assets/templates/public-channel-publication-record.md +49 -49
  36. package/assets/templates/public-ci-run-record.md +53 -53
  37. package/assets/templates/public-release-record.md +65 -65
  38. package/assets/templates/public-repository-settings-record.md +59 -59
  39. package/assets/templates/public-security-contact-record.md +45 -45
  40. package/assets/templates/release-trust-record.md +32 -32
  41. package/assets/templates/review.md +18 -18
  42. package/assets/templates/role-fallback-packet.md +49 -0
  43. package/assets/templates/spec.md +16 -16
  44. package/assets/templates/target-adoption-evidence.md +29 -29
  45. package/assets/templates/tasks.md +17 -17
  46. package/assets/templates/update-release-acceptance-record.md +58 -58
  47. package/examples/README.md +22 -22
  48. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
  49. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
  50. package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
  51. package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
  52. package/examples/agent-runtime-host/.gse/tooling.md +5 -5
  53. package/examples/agent-runtime-host/.mcp.json +9 -9
  54. package/examples/agent-runtime-host/AGENTS.md +5 -5
  55. package/examples/agent-runtime-host/README.md +10 -10
  56. package/examples/agent-runtime-host/docs/model-routing.md +5 -5
  57. package/examples/cli-tool/.gse/project-profile.md +21 -21
  58. package/examples/cli-tool/AGENTS.md +5 -5
  59. package/examples/cli-tool/README.md +12 -12
  60. package/examples/cli-tool/package.json +21 -21
  61. package/examples/small-app/.env.example +2 -2
  62. package/examples/small-app/.github/workflows/ci.yml +8 -8
  63. package/examples/small-app/AGENTS.md +5 -5
  64. package/examples/small-app/README.md +12 -12
  65. package/examples/small-app/package.json +26 -26
  66. package/examples/small-app/playwright.config.ts +4 -4
  67. package/package.json +52 -44
  68. package/references/adoption-recipes.md +171 -171
  69. package/references/agent-roles.md +42 -21
  70. package/references/architecture-health.md +101 -101
  71. package/references/benchmark-audit.md +73 -73
  72. package/references/commands.md +74 -45
  73. package/references/community-channels.md +46 -46
  74. package/references/compatibility.md +70 -70
  75. package/references/design-basis.md +38 -38
  76. package/references/domain-model.md +129 -129
  77. package/references/domain-quality-gates.md +75 -75
  78. package/references/drift-audit.md +81 -80
  79. package/references/evidence-taxonomy.md +145 -108
  80. package/references/file-ownership.md +97 -93
  81. package/references/final-form-roadmap.md +201 -0
  82. package/references/final-readiness.md +84 -84
  83. package/references/forward-test.md +133 -133
  84. package/references/goal-map.md +36 -36
  85. package/references/host-adapters.md +129 -101
  86. package/references/learning-system.md +42 -26
  87. package/references/maintenance-cadence.md +51 -0
  88. package/references/marketplace-discovery.md +46 -46
  89. package/references/model-routing.md +103 -103
  90. package/references/open-source-defaults.md +39 -39
  91. package/references/operating-model.md +52 -52
  92. package/references/packaging.md +277 -277
  93. package/references/project-agent-workspace.md +89 -89
  94. package/references/project-bootstrap.md +122 -122
  95. package/references/project-guards.md +52 -0
  96. package/references/project-profile.md +57 -57
  97. package/references/public-release.md +174 -174
  98. package/references/quality-gates.md +96 -89
  99. package/references/recovery.md +176 -176
  100. package/references/release-trust.md +43 -43
  101. package/references/release.md +126 -126
  102. package/references/review.md +141 -141
  103. package/references/role-dispatch-fallback.md +54 -0
  104. package/references/router.md +90 -90
  105. package/references/spec-workflow.md +66 -66
  106. package/references/task-levels.md +81 -81
  107. package/references/tool-adapters.md +80 -70
  108. package/scripts/audit-acceptance-execution-packet.mjs +133 -133
  109. package/scripts/audit-adoption-recipes.mjs +99 -99
  110. package/scripts/audit-change-lifecycle.mjs +77 -77
  111. package/scripts/audit-change-system.mjs +134 -134
  112. package/scripts/audit-ci-readiness.mjs +107 -107
  113. package/scripts/audit-close-gate-hardening.mjs +188 -0
  114. package/scripts/audit-close-gate.mjs +448 -262
  115. package/scripts/audit-command-adapters.mjs +91 -91
  116. package/scripts/audit-command-execution.mjs +212 -199
  117. package/scripts/audit-commands.mjs +7 -5
  118. package/scripts/audit-compatibility.mjs +149 -149
  119. package/scripts/audit-completion-plan-drill.mjs +230 -0
  120. package/scripts/audit-completion-readiness.mjs +290 -287
  121. package/scripts/audit-continue-preflight.mjs +234 -0
  122. package/scripts/audit-distribution.mjs +251 -251
  123. package/scripts/audit-domain-quality-gates.mjs +108 -108
  124. package/scripts/audit-evidence-levels.mjs +217 -0
  125. package/scripts/audit-evidence-placeholders.mjs +126 -126
  126. package/scripts/audit-evidence-review-queue.mjs +206 -0
  127. package/scripts/audit-final-acceptance-packet.mjs +9 -9
  128. package/scripts/audit-final-form-progress-report.mjs +19 -18
  129. package/scripts/audit-final-form-roadmap.mjs +157 -0
  130. package/scripts/audit-final-form-stale-copy.mjs +2 -2
  131. package/scripts/audit-final-readiness-promotion.mjs +255 -255
  132. package/scripts/audit-final-readiness.mjs +226 -226
  133. package/scripts/audit-fixtures.mjs +154 -154
  134. package/scripts/audit-fresh-session-readiness.mjs +177 -177
  135. package/scripts/audit-host-capabilities.mjs +237 -0
  136. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
  137. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
  138. package/scripts/audit-host-runtime-invocations.mjs +254 -254
  139. package/scripts/audit-host-ui-invocation.mjs +132 -132
  140. package/scripts/audit-installed-sync.mjs +203 -0
  141. package/scripts/audit-learning-drift.mjs +292 -0
  142. package/scripts/audit-learning-promotion.mjs +351 -0
  143. package/scripts/audit-learning-system.mjs +24 -14
  144. package/scripts/audit-local-final-form-completion.mjs +11 -10
  145. package/scripts/audit-maintenance-cadence.mjs +139 -0
  146. package/scripts/audit-maintenance-snapshot.mjs +181 -0
  147. package/scripts/audit-marketplace-discovery.mjs +122 -122
  148. package/scripts/audit-npm-package-metadata.mjs +160 -154
  149. package/scripts/audit-npm-publish-dry-run.mjs +194 -166
  150. package/scripts/audit-npm-tarball-install.mjs +195 -189
  151. package/scripts/audit-open-source-defaults.mjs +92 -92
  152. package/scripts/audit-open-source-readiness.mjs +97 -97
  153. package/scripts/audit-owner-external-gate-kit.mjs +12 -11
  154. package/scripts/audit-project-guards.mjs +189 -0
  155. package/scripts/audit-project.mjs +144 -141
  156. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
  157. package/scripts/audit-public-acceptance-handoff.mjs +10 -10
  158. package/scripts/audit-public-acceptance-readiness.mjs +222 -222
  159. package/scripts/audit-public-channel-publication.mjs +248 -248
  160. package/scripts/audit-public-ci-run.mjs +184 -184
  161. package/scripts/audit-public-collaboration-templates.mjs +98 -98
  162. package/scripts/audit-public-external-gate-probe.mjs +206 -206
  163. package/scripts/audit-public-release-checklist.mjs +17 -15
  164. package/scripts/audit-public-release-decision.mjs +201 -201
  165. package/scripts/audit-public-release-metadata.mjs +176 -176
  166. package/scripts/audit-public-repository-settings.mjs +237 -237
  167. package/scripts/audit-public-security-contact.mjs +171 -171
  168. package/scripts/audit-readme-docs.mjs +6 -4
  169. package/scripts/audit-recovery-readiness.mjs +98 -98
  170. package/scripts/audit-release-bundle.mjs +13 -11
  171. package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
  172. package/scripts/audit-release-owner-action-plan.mjs +10 -10
  173. package/scripts/audit-release-readiness.mjs +106 -106
  174. package/scripts/audit-release-status-manifest.mjs +4 -4
  175. package/scripts/audit-release-trust.mjs +62 -62
  176. package/scripts/audit-remote-distribution.mjs +266 -266
  177. package/scripts/audit-roadmap-consistency.mjs +234 -230
  178. package/scripts/audit-role-dispatch-fallback.mjs +212 -0
  179. package/scripts/audit-session-sync.mjs +127 -0
  180. package/scripts/audit-signing.mjs +147 -147
  181. package/scripts/audit-state-freshness.mjs +20 -14
  182. package/scripts/audit-state-repair.mjs +360 -0
  183. package/scripts/audit-target-adoption-evidence.mjs +117 -117
  184. package/scripts/audit-target-hardening-drills.mjs +267 -0
  185. package/scripts/audit-target-project.mjs +507 -507
  186. package/scripts/audit-tool-fallback-policy.mjs +180 -0
  187. package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
  188. package/scripts/audit-update-release-acceptance.mjs +136 -136
  189. package/scripts/audit-v1-target-validation.mjs +269 -269
  190. package/scripts/audit-validation-profiles.mjs +125 -123
  191. package/scripts/backfill-evidence-levels.mjs +98 -0
  192. package/scripts/check-encoding.mjs +72 -0
  193. package/scripts/close-change.mjs +116 -116
  194. package/scripts/discover-project-profile.mjs +307 -307
  195. package/scripts/generate-command-adapter.mjs +231 -231
  196. package/scripts/generate-continue-packet.mjs +1214 -0
  197. package/scripts/generate-final-acceptance-packet.mjs +188 -173
  198. package/scripts/generate-final-form-progress-report.mjs +191 -189
  199. package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
  200. package/scripts/generate-maintenance-snapshot.mjs +216 -0
  201. package/scripts/generate-owner-external-gate-kit.mjs +295 -295
  202. package/scripts/generate-public-acceptance-handoff.mjs +168 -156
  203. package/scripts/generate-public-release-checklist.mjs +207 -207
  204. package/scripts/generate-release-bundle.mjs +505 -505
  205. package/scripts/generate-release-owner-action-plan.mjs +172 -171
  206. package/scripts/generate-release-status-manifest.mjs +199 -198
  207. package/scripts/generate-session-prompt.mjs +188 -188
  208. package/scripts/gse.mjs +67 -67
  209. package/scripts/init-change.mjs +265 -265
  210. package/scripts/init-project.mjs +793 -712
  211. package/scripts/install-gse.mjs +234 -234
  212. package/scripts/lib/evidence-placeholders.mjs +28 -28
  213. package/scripts/package-gse.mjs +174 -174
  214. package/scripts/probe-public-external-gates.mjs +167 -167
  215. package/scripts/record-host-invocation.mjs +151 -151
  216. package/scripts/record-learning.mjs +37 -8
  217. package/scripts/record-public-channel-publication.mjs +178 -178
  218. package/scripts/record-public-ci-run.mjs +180 -180
  219. package/scripts/record-public-release.mjs +175 -175
  220. package/scripts/record-public-repository-settings.mjs +209 -209
  221. package/scripts/record-public-security-contact.mjs +157 -157
  222. package/scripts/record-session-sync.mjs +87 -0
  223. package/scripts/run-gse-command.mjs +79 -47
  224. package/scripts/run-validation-profile.mjs +24 -5
  225. package/scripts/sign-gse-package.mjs +83 -83
  226. package/scripts/update-project-state.mjs +223 -223
  227. package/scripts/validate-gse.mjs +216 -0
  228. package/scripts/verify-gse-package.mjs +85 -85
@@ -0,0 +1,234 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import os from 'node:os'
4
+ import path from 'node:path'
5
+ import { spawnSync } from 'node:child_process'
6
+
7
+ const args = process.argv.slice(2)
8
+
9
+ function readArg(name, fallback = null) {
10
+ const index = args.indexOf(name)
11
+ if (index === -1) return fallback
12
+ return args[index + 1] ?? fallback
13
+ }
14
+
15
+ const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
16
+ const jsonOnly = args.includes('--json')
17
+
18
+ function run(script, commandArgs) {
19
+ const result = spawnSync(process.execPath, [path.join(root, 'scripts', script), ...commandArgs], {
20
+ cwd: root,
21
+ encoding: 'utf8',
22
+ windowsHide: true,
23
+ })
24
+ return {
25
+ command: [process.execPath, path.join(root, 'scripts', script), ...commandArgs].join(' '),
26
+ status: result.status ?? 1,
27
+ stdout: (result.stdout ?? '').trim(),
28
+ stderr: (result.stderr ?? '').trim(),
29
+ }
30
+ }
31
+
32
+ function parseJson(text) {
33
+ try {
34
+ return JSON.parse(text)
35
+ } catch {
36
+ return null
37
+ }
38
+ }
39
+
40
+ function check(id, label, ok, evidence, risk = '') {
41
+ return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
42
+ }
43
+
44
+ function fixture(invalidEvidence = false) {
45
+ const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'gse-continue-audit-'))
46
+ fs.mkdirSync(path.join(dir, '.gse', 'evidence'), { recursive: true })
47
+ fs.mkdirSync(path.join(dir, '.gse', 'maintenance'), { recursive: true })
48
+ fs.mkdirSync(path.join(dir, 'scripts'), { recursive: true })
49
+ fs.mkdirSync(path.join(dir, 'references'), { recursive: true })
50
+ fs.mkdirSync(path.join(dir, 'docs'), { recursive: true })
51
+ fs.writeFileSync(path.join(dir, '.gse', 'README.md'), '# GSE\n', 'utf8')
52
+ fs.writeFileSync(path.join(dir, '.gse', 'project-profile.md'), '# Project Profile\n\n- Product/system name: Continue Fixture\n', 'utf8')
53
+ fs.writeFileSync(path.join(dir, '.gse', 'goal-map.md'), '# Goal Map\n\n- Active slice: Continue fixture.\n- Next action: Run continue audit.\n', 'utf8')
54
+ fs.writeFileSync(path.join(dir, '.gse', 'quality-gates.md'), '# Quality Gates\n\n- Evidence required.\n', 'utf8')
55
+ fs.writeFileSync(path.join(dir, '.gse', 'session-sync.jsonl'), '', 'utf8')
56
+ fs.writeFileSync(path.join(dir, 'package.json'), JSON.stringify({ scripts: { 'check:encoding': 'node scripts/check-encoding.mjs' } }, null, 2) + '\n', 'utf8')
57
+ fs.writeFileSync(path.join(dir, 'scripts', 'run-gse-command.mjs'), '#!/usr/bin/env node\n', 'utf8')
58
+ fs.writeFileSync(path.join(dir, 'references', 'final-readiness.md'), '# Final Readiness\n', 'utf8')
59
+ fs.writeFileSync(path.join(dir, 'docs', 'productization-architecture.md'), '# Productization\n', 'utf8')
60
+ fs.writeFileSync(path.join(dir, '.gse', 'state.json'), JSON.stringify({
61
+ schemaVersion: 1,
62
+ projectName: 'continue-fixture',
63
+ mode: 'standard',
64
+ canonicalPlan: 'docs/productization-architecture.md',
65
+ phase: 'execute',
66
+ currentSlice: {
67
+ id: 'continue-fixture',
68
+ outcome: 'Continue fixture.',
69
+ status: 'planned',
70
+ nextAction: 'Run continue audit.',
71
+ },
72
+ toolStatuses: {
73
+ browser: 'unknown',
74
+ lsp: 'unknown',
75
+ mcp: 'unknown',
76
+ subagents: 'unknown',
77
+ ci: 'unknown',
78
+ },
79
+ lastEvidence: '.gse/evidence/2026-07-08.md',
80
+ residualRisks: ['risk one', 'risk two', 'risk three', 'risk four'],
81
+ riskArchive: [
82
+ {
83
+ archivedAt: '2026-07-08',
84
+ risk: 'archived risk',
85
+ resolution: 'fixture resolution',
86
+ },
87
+ ],
88
+ }, null, 2) + '\n', 'utf8')
89
+ fs.writeFileSync(
90
+ path.join(dir, '.gse', 'evidence', 'index.jsonl'),
91
+ invalidEvidence
92
+ ? '{"date":"2026-07-08"\n'
93
+ : JSON.stringify({
94
+ date: '2026-07-08',
95
+ recordType: 'slice',
96
+ status: 'verified',
97
+ evidenceLevel: 'verified-unit',
98
+ requiredEvidenceLevel: 'verified-unit',
99
+ summary: 'Continue fixture evidence.',
100
+ evidenceFile: '.gse/evidence/2026-07-08.md',
101
+ commands: ['fixture'],
102
+ nextAction: 'Run continue audit.',
103
+ }) + '\n',
104
+ 'utf8',
105
+ )
106
+ fs.writeFileSync(path.join(dir, '.gse', 'evidence', '2026-07-08.md'), '# Evidence\n', 'utf8')
107
+ fs.writeFileSync(path.join(dir, '.gse', 'maintenance', 'latest-maintenance-snapshot.json'), JSON.stringify({
108
+ schemaVersion: 1,
109
+ root: dir,
110
+ target: dir,
111
+ installedRoot: null,
112
+ generatedAt: '2026-07-08T00:00:00.000Z',
113
+ summary: {
114
+ status: 'passed',
115
+ passed: 9,
116
+ failed: 0,
117
+ total: 9,
118
+ installedSyncMode: 'package-only',
119
+ releaseBundleChecked: false,
120
+ },
121
+ workflows: {
122
+ maintenanceSnapshot: 'verified',
123
+ installedSync: 'package-only',
124
+ releaseBundleFreshness: 'skipped',
125
+ },
126
+ results: [],
127
+ }, null, 2) + '\n', 'utf8')
128
+ spawnSync('git', ['init'], { cwd: dir, encoding: 'utf8', windowsHide: true })
129
+ return dir
130
+ }
131
+
132
+ function verifiedSliceFixture() {
133
+ const dir = fixture(false)
134
+ const statePath = path.join(dir, '.gse', 'state.json')
135
+ const goalMapPath = path.join(dir, '.gse', 'goal-map.md')
136
+ const state = JSON.parse(fs.readFileSync(statePath, 'utf8'))
137
+ state.currentSlice.status = 'verified'
138
+ state.currentSlice.nextAction = 'Open the next fixture slice with a deliberately long machine-readable reason that should remain available to successor agents even when the display reason is compacted for the short entry prompt and JSON packet overview.'
139
+ state.residualRisks = [
140
+ 'A deliberately long actionable risk should become the first next-slice candidate when the current next action is only a meta instruction, because successor agents need concrete work instead of a process reminder.',
141
+ ]
142
+ fs.writeFileSync(statePath, JSON.stringify(state, null, 2) + '\n', 'utf8')
143
+ fs.writeFileSync(goalMapPath, '# Goal Map\n\n- Active slice: Continue fixture verified.\n- Next action: Open the next fixture slice with a deliberately long machine-readable reason that should remain available to successor agents even when the display reason is compacted for the short entry prompt and JSON packet overview.\n', 'utf8')
144
+ return dir
145
+ }
146
+
147
+ const validFixture = fixture(false)
148
+ const invalidFixture = fixture(true)
149
+ const verifiedFixture = verifiedSliceFixture()
150
+ const directValid = run('generate-continue-packet.mjs', ['--root', root, '--target', validFixture, '--json'])
151
+ const directInvalid = run('generate-continue-packet.mjs', ['--root', root, '--target', invalidFixture, '--json'])
152
+ const directVerified = run('generate-continue-packet.mjs', ['--root', root, '--target', verifiedFixture, '--json'])
153
+ const commandValid = run('run-gse-command.mjs', ['--root', root, '--target', validFixture, '--command', '/gse continue', '--json'])
154
+ const commandCompact = run('run-gse-command.mjs', ['--root', root, '--target', validFixture, '--command', '/gse continue', '--json', '--compact'])
155
+ const commandInvalid = run('run-gse-command.mjs', ['--root', root, '--target', invalidFixture, '--command', '/gse continue', '--json'])
156
+ const gseSelf = run('run-gse-command.mjs', ['--root', root, '--target', root, '--command', '/gse continue', '--json', '--compact'])
157
+
158
+ const validData = parseJson(directValid.stdout)
159
+ const invalidData = parseJson(directInvalid.stdout)
160
+ const verifiedData = parseJson(directVerified.stdout)
161
+ const commandValidData = parseJson(commandValid.stdout)
162
+ const commandCompactData = parseJson(commandCompact.stdout)
163
+ const commandInvalidData = parseJson(commandInvalid.stdout)
164
+ const gseSelfData = parseJson(gseSelf.stdout)
165
+ const runnerSource = fs.readFileSync(path.join(root, 'scripts', 'run-gse-command.mjs'), 'utf8')
166
+ const skillSource = fs.readFileSync(path.join(root, 'SKILL.md'), 'utf8')
167
+ const commandsSource = fs.readFileSync(path.join(root, 'references', 'commands.md'), 'utf8')
168
+ const promptLines = String(validData?.prompt ?? '').split(/\r?\n/).filter(Boolean)
169
+
170
+ const checks = [
171
+ check('CPF01', 'continue packet generator exists', fs.existsSync(path.join(root, 'scripts', 'generate-continue-packet.mjs')), 'scripts/generate-continue-packet.mjs'),
172
+ check('CPF02', '/gse continue routes through continue packet generator', runnerSource.includes("runNode('generate-continue-packet.mjs'") && runnerSource.includes("route: 'scripts/generate-continue-packet.mjs'"), 'scripts/run-gse-command.mjs'),
173
+ check('CPF03', 'valid fixture returns passed preflight and compact active-risk state', directValid.status === 0 && validData?.summary?.status === 'passed' && validData?.compactState?.riskCount === 4 && validData?.compactState?.activeRiskCount === 4 && validData?.compactState?.archivedRiskCount === 1 && validData?.compactState?.totalRiskCount === 5 && validData?.compactState?.topRisks?.length === 3, directValid.command),
174
+ check('CPF04', 'bad evidence index is a hard preflight failure', directInvalid.status !== 0 && invalidData?.summary?.status === 'failed' && invalidData?.preflight?.failures?.some((item) => item.id === 'CP03'), directInvalid.command),
175
+ check('CPF04b', 'bad evidence index returns concrete repair actions before implementation', directInvalid.status !== 0 && invalidData?.preflight?.failures?.some((item) => item.id === 'CP15') && invalidData?.compactState?.stateRepair?.repairActions?.some((item) => item.id === 'SR03'), directInvalid.command),
176
+ check('CPF05', 'portable /gse continue exposes structured preflight wrapper', commandValid.status === 0 && commandValidData?.execution?.command?.includes('generate-continue-packet.mjs') && commandValidData?.execution?.stdout?.includes('"compactState"'), commandValid.command),
177
+ check('CPF06', 'compact mode returns packet without wrapper diagnostics', commandCompact.status === 0 && commandCompactData?.compactState?.projectName === 'continue-fixture' && !commandCompact.stdout.includes('"execution"'), commandCompact.command),
178
+ check('CPF07', 'portable command fails when preflight has hard failures', commandInvalid.status !== 0 && commandInvalidData?.execution?.status !== 0 && commandInvalidData?.execution?.stdout?.includes('"status": "failed"'), commandInvalid.command),
179
+ check('CPF08', 'GSE self continue surfaces final acceptance status without treating optional host-native claims as blocked gates', gseSelf.status === 0 && ['passed', 'warning'].includes(gseSelfData?.summary?.status) && (gseSelfData?.compactState?.blockedGates?.length ?? 0) === 0 && gseSelfData?.ownerExternalGateSummary?.publicAccepted === 'verified', gseSelf.command),
180
+ check('CPF09', 'SKILL.md routes short continuation to hard preflight packet', skillSource.includes('generate-continue-packet.mjs') && skillSource.includes('Short continuation packet'), 'SKILL.md'),
181
+ check('CPF10', 'commands reference documents hard preflight semantics', commandsSource.includes('hard preflight') && commandsSource.includes('generate-continue-packet.mjs'), 'references/commands.md'),
182
+ check('CPF11b', 'continue packet surfaces historical evidence review queue', validData?.preflight?.checks?.some((item) => item.id === 'CP13') && validData?.compactState?.evidenceReviewQueue && typeof validData.compactState.evidenceReviewQueue.needsReview === 'number', 'compactState.evidenceReviewQueue'),
183
+ check('CPF11', 'continue packet surfaces state repair readiness', validData?.preflight?.checks?.some((item) => item.id === 'CP15') && validData?.compactState?.stateRepair?.status === 'clean', 'scripts/generate-continue-packet.mjs'),
184
+ check('CPF12', 'continue packet surfaces latest maintenance snapshot freshness', validData?.preflight?.checks?.some((item) => item.id === 'CP20') && validData?.compactState?.maintenanceSnapshot?.status === 'passed' && validData?.compactState?.maintenanceSnapshot?.installedSync === 'package-only', 'scripts/generate-continue-packet.mjs'),
185
+ check('CPF13', 'continue packet keeps owner/external records out of core workflow blockers', validData?.limits?.some((item) => item.includes('not GSE core workflow blockers')) && !validData?.limits?.some((item) => item.includes('block final acceptance')) && !fs.readFileSync(path.join(root, 'scripts', 'generate-continue-packet.mjs'), 'utf8').includes('Blocked final-acceptance gates'), 'scripts/generate-continue-packet.mjs'),
186
+ check('CPF14', 'continue packet exposes exact completion plan and close commands', Array.isArray(validData?.compactState?.completionPlan?.requiredCloseCommands) && validData.compactState.completionPlan.requiredCloseCommands.some((item) => item.includes('run-validation-profile.mjs')) && validData.compactState.completionPlan.requiredCloseCommands.some((item) => item.includes('/gse close')) && validData.compactState.completionPlan.requiredSteps.some((item) => item.includes('evidence/index.jsonl')), 'compactState.completionPlan'),
187
+ check('CPF15', 'continue packet activates conditional close commands from detected changed capability/docs/release files', validData?.compactState?.completionPlan?.conditionalCloseCommands?.some((item) => item.id === 'encoding' && item.active && item.command.includes('pnpm check:encoding')) && validData?.compactState?.completionPlan?.conditionalCloseCommands?.some((item) => item.id === 'installed-sync' && item.active && item.command.includes('audit-installed-sync.mjs')) && validData?.compactState?.completionPlan?.conditionalCloseCommands?.some((item) => item.id === 'release-bundle' && item.active && item.command.includes('generate-release-bundle.mjs')) && validData?.compactState?.completionPlan?.conditionalCloseCommands?.some((item) => item.id === 'session-sync' && item.active && item.command.includes('audit-session-sync.mjs')), 'compactState.completionPlan.conditionalCloseCommands'),
188
+ check('CPF16', 'continue packet exposes core/release/host-adapter gate taxonomy', validData?.compactState?.gateTaxonomy?.core?.blocking === true && validData?.compactState?.gateTaxonomy?.release?.scope?.includes('public release') && validData?.compactState?.gateTaxonomy?.hostAdapter?.scope?.includes('native slash-command') && validData?.compactState?.gateTaxonomy?.rule?.includes('block only the specific public, release, or host claim'), 'compactState.gateTaxonomy'),
189
+ check('CPF17', 'continue packet prompt is short-entry actionable instead of long-goal prose', promptLines.length <= 6 && validData?.prompt?.includes('GSE continue:') && validData?.prompt?.includes('Root:') && validData?.prompt?.includes('Slice:') && validData?.prompt?.includes('Next:') && validData?.prompt?.includes('Mode: continue-current-slice') && validData?.prompt?.includes('Do: one verifiable slice') && validData?.prompt?.includes('risks=4 active/1 archived') && !validData?.prompt?.includes('Run one verifiable slice, record evidence'), 'compact prompt line count and required action fields'),
190
+ check('CPF18', 'verified current slice switches short entry into open-next-slice mode', directVerified.status === 0 && verifiedData?.compactState?.nextSliceMode?.action === 'open-next-slice' && verifiedData?.compactState?.nextSliceMode?.currentSliceVerified === true && verifiedData?.prompt?.includes('Mode: open-next-slice'), directVerified.command),
191
+ check('CPF19', 'verified current slice exposes machine-readable next-slice candidates', directVerified.status === 0 && Array.isArray(verifiedData?.compactState?.nextSliceCandidates) && verifiedData.compactState.nextSliceCandidates.length >= 1 && verifiedData.compactState.nextSliceCandidates.every((item) => item.id && item.title && item.source && item.reason && item.fullReason && item.acceptanceHint && item.suggestedProfile), 'compactState.nextSliceCandidates'),
192
+ check('CPF20', 'unverified slice does not force next-slice candidates', directValid.status === 0 && validData?.compactState?.nextSliceMode?.action === 'continue-current-slice' && Array.isArray(validData?.compactState?.nextSliceCandidates) && validData.compactState.nextSliceCandidates.length === 0, 'compactState.nextSliceCandidates'),
193
+ check('CPF21', 'next-slice candidates do not claim native slash-command support', directVerified.status === 0 && !JSON.stringify(verifiedData?.compactState?.nextSliceCandidates ?? []).toLowerCase().includes('native slash-command'), 'compactState.nextSliceCandidates claim boundary'),
194
+ check('CPF22', 'next-slice candidates keep full machine reasons separate from short display reasons', directVerified.status === 0 && verifiedData?.compactState?.nextSliceCandidates?.every((item) => item.fullReason.length >= item.reason.length) && verifiedData?.compactState?.nextSliceCandidates?.some((item) => item.fullReason.length > item.reason.length), 'compactState.nextSliceCandidates.fullReason'),
195
+ check('CPF23', 'next-slice candidates prefer concrete gaps over meta open-next-slice reminders', directVerified.status === 0 && verifiedData?.compactState?.nextSliceCandidates?.[0]?.source === '.gse/state.json residualRisks' && !verifiedData.compactState.nextSliceCandidates[0].fullReason.toLowerCase().includes('open the next fixture slice'), 'compactState.nextSliceCandidates ranking'),
196
+ check('CPF24', 'next-slice candidates include structured action packets for short-entry takeover', directVerified.status === 0 && verifiedData?.compactState?.nextSliceCandidates?.every((item) => item.actionPacket?.candidateType && item.actionPacket?.outcomeHint && item.actionPacket?.scopeHint && item.actionPacket?.acceptanceHint && item.actionPacket?.evidenceHint && item.actionPacket?.riskHint && item.actionPacket?.nextActionHint && Array.isArray(item.actionPacket?.focusedChecks) && item.actionPacket.focusedChecks.length >= 1), 'compactState.nextSliceCandidates.actionPacket'),
197
+ check('CPF25', 'continue packet separates session sync evidence from target-session adoption', validData?.preflight?.checks?.some((item) => item.id === 'CP21') && validData?.compactState?.sessionSyncBoundary?.boundary === 'sync-records-do-not-prove-adoption' && validData?.compactState?.sessionSyncBoundary?.adoptionProven === false && validData?.compactState?.sessionSyncBoundary?.limits?.some((item) => item.includes('not target-session adoption')), 'compactState.sessionSyncBoundary'),
198
+ ]
199
+
200
+ fs.rmSync(validFixture, { recursive: true, force: true })
201
+ fs.rmSync(invalidFixture, { recursive: true, force: true })
202
+ fs.rmSync(verifiedFixture, { recursive: true, force: true })
203
+
204
+ const passed = checks.filter((item) => item.status === 'passed').length
205
+ const failed = checks.length - passed
206
+ const report = {
207
+ root,
208
+ generatedAt: new Date().toISOString(),
209
+ summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
210
+ workflows: {
211
+ continueHardPreflight: failed === 0 ? 'verified' : 'failed',
212
+ stateCompaction: failed === 0 ? 'verified' : 'failed',
213
+ ownerExternalGateBoundary: failed === 0 ? 'verified' : 'failed',
214
+ completionPlan: failed === 0 ? 'verified' : 'failed',
215
+ gateTaxonomy: failed === 0 ? 'verified' : 'failed',
216
+ shortEntryPrompt: failed === 0 ? 'verified' : 'failed',
217
+ nextSliceMode: failed === 0 ? 'verified' : 'failed',
218
+ nextSliceCandidates: failed === 0 ? 'verified' : 'failed',
219
+ nextSliceActionPackets: failed === 0 ? 'verified' : 'failed',
220
+ sessionSyncAdoptionBoundary: failed === 0 ? 'verified' : 'failed',
221
+ },
222
+ commands: [directValid.command, directInvalid.command, directVerified.command, commandValid.command, commandCompact.command, commandInvalid.command, gseSelf.command],
223
+ checks,
224
+ limits: [
225
+ 'This audit verifies portable /gse continue semantics and compact packet output.',
226
+ 'It does not prove native host slash-command execution.',
227
+ 'Owner/external records are surfaced as public/release/host-specific claim evidence, not GSE core workflow blockers.',
228
+ ],
229
+ }
230
+
231
+ if (jsonOnly) console.log(JSON.stringify(report, null, 2))
232
+ else console.log(JSON.stringify(report, null, 2))
233
+
234
+ if (failed > 0) process.exit(1)