@trac3er/oh-my-god 2.0.4 → 2.0.7

package/runtime/contract_compiler.py

@@ -3,14 +3,22 @@ from __future__ import annotations
 
 import hashlib
 import asyncio
+import importlib
 import json
 import os
 from pathlib import Path
+import re
 import shutil
+import subprocess
+import sys
+import tempfile
 from typing import Any, Iterable
+from urllib.parse import urlparse
+import zipfile
 
 import yaml
 
+from runtime.asset_loader import resolve_asset, resolve_assets
 from runtime.adoption import (
     CANONICAL_MARKETPLACE_ID,
     CANONICAL_PACKAGE_NAME,
@@ -27,10 +35,32 @@ SUPPORTED_HOSTS = ("claude", "codex")
 SUPPORTED_CHANNELS = ("public", "enterprise")
 DEFAULT_REQUIRED_BUNDLES = (
     "control-plane",
+    "plan-council",
+    "claim-judge",
+    "test-intent-lock",
+    "proof-gate",
     "hook-governor",
     "mcp-fabric",
     "lsp-pack",
     "secure-worktree-pipeline",
+    "security-check",
+    "api-twin",
+    "preflight",
+    "robotics",
+    "vision",
+    "algorithms",
+    "health",
+    "tracebank",
+    "eval-gate",
+    "delta-classifier",
+    "incident-replay",
+    "data-lineage",
+    "remote-supervisor",
+)
+REQUIRED_ADVANCED_PLUGIN_ARTIFACTS = (
+    "bundle/plugins/advanced/plugin.json",
+    "bundle/plugins/advanced/commands/OMG:deep-plan.md",
+    "bundle/plugins/advanced/commands/OMG:security-review.md",
 )
 REQUIRED_DOC_TOKENS = (
     "execution_contract",
@@ -56,6 +86,237 @@ REQUIRED_BUNDLE_FIELDS = (
     "execution_contract",
     "channel_overrides",
 )
+REQUIRED_POLICY_MODEL_FIELDS = (
+    "trust_tiers",
+    "tool_policies",
+    "protected_paths",
+    "evidence_contract",
+    "host_rules",
+)
+REQUIRED_CLAUDE_HOOK_EVENTS = (
+    "UserPromptSubmit",
+    "PreToolUse",
+    "PostToolUse",
+    "PostToolUseFailure",
+    "InstructionsLoaded",
+)
+REQUIRED_CLAUDE_SUBAGENT_NAMES = ("security-reviewer", "release-manager")
+REQUIRED_CODEX_AGENTS_SECTIONS = (
+    "## Build & Test",
+    "## Protected Paths",
+    "## Evidence Contract",
+    "## Required Skills",
+    "## Web Search Policy",
+    "## Approval Constraints",
+)
+REQUIRED_CODEX_OUTPUTS = (
+    "AGENTS.fragment.md",
+    "codex-rules.md",
+    "codex-mcp.toml",
+)
+
+
+def _ensure_list(
+    *,
+    bundle_id: str,
+    path: str,
+    value: Any,
+    errors: list[str],
+    min_items: int = 1,
+) -> list[Any]:
+    if not isinstance(value, list):
+        errors.append(f"{bundle_id}: {path} must be a list")
+        return []
+    if len(value) < min_items:
+        errors.append(f"{bundle_id}: {path} must contain at least {min_items} item(s)")
+    return value
+
+
+def _ensure_dict(*, bundle_id: str, path: str, value: Any, errors: list[str]) -> dict[str, Any]:
+    if not isinstance(value, dict):
+        errors.append(f"{bundle_id}: {path} must be an object")
+        return {}
+    return value
+
+
+def _validate_host_rule(
+    *,
+    bundle_id: str,
+    host_name: str,
+    host_rule: Any,
+    required_fields: tuple[str, ...],
+    errors: list[str],
+) -> None:
+    path = f"policy_model.host_rules.{host_name}"
+    host_payload = _ensure_dict(bundle_id=bundle_id, path=path, value=host_rule, errors=errors)
+    if not host_payload:
+        return
+    for field in required_fields:
+        if field not in host_payload:
+            errors.append(f"{bundle_id}: malformed host_rules entry for {host_name}: missing '{field}'")
+            continue
+        _ensure_list(
+            bundle_id=bundle_id,
+            path=f"{path}.{field}",
+            value=host_payload[field],
+            errors=errors,
+            min_items=1,
+        )
+
+
+def _validate_policy_model(bundle_id: str, policy_model: Any) -> list[str]:
+    errors: list[str] = []
+    payload = _ensure_dict(bundle_id=bundle_id, path="policy_model", value=policy_model, errors=errors)
+    if not payload:
+        return errors
+
+    for field in REQUIRED_POLICY_MODEL_FIELDS:
+        if field not in payload:
+            errors.append(f"{bundle_id}: policy_model missing field {field}")
+
+    tier_names: set[str] = set()
+    for index, tier in enumerate(
+        _ensure_list(
+            bundle_id=bundle_id,
+            path="policy_model.trust_tiers",
+            value=payload.get("trust_tiers", []),
+            errors=errors,
+        )
+    ):
+        tier_payload = _ensure_dict(
+            bundle_id=bundle_id,
+            path=f"policy_model.trust_tiers[{index}]",
+            value=tier,
+            errors=errors,
+        )
+        if not tier_payload:
+            continue
+        for field in ("name", "level", "label", "allowed_sources"):
+            if field not in tier_payload:
+                errors.append(f"{bundle_id}: policy_model.trust_tiers[{index}] missing field {field}")
+        if isinstance(tier_payload.get("name"), str) and tier_payload["name"].strip():
+            tier_names.add(tier_payload["name"].strip())
+        if "allowed_sources" in tier_payload:
+            _ensure_list(
+                bundle_id=bundle_id,
+                path=f"policy_model.trust_tiers[{index}].allowed_sources",
+                value=tier_payload.get("allowed_sources"),
+                errors=errors,
+                min_items=1,
+            )
+
+    for index, tool in enumerate(
+        _ensure_list(
+            bundle_id=bundle_id,
+            path="policy_model.tool_policies",
+            value=payload.get("tool_policies", []),
+            errors=errors,
+        )
+    ):
+        tool_payload = _ensure_dict(
+            bundle_id=bundle_id,
+            path=f"policy_model.tool_policies[{index}]",
+            value=tool,
+            errors=errors,
+        )
+        if not tool_payload:
+            continue
+        for field in ("tool_name", "allowed_tiers", "requires_approval"):
+            if field not in tool_payload:
+                errors.append(f"{bundle_id}: policy_model.tool_policies[{index}] missing field {field}")
+        allowed_tiers = _ensure_list(
+            bundle_id=bundle_id,
+            path=f"policy_model.tool_policies[{index}].allowed_tiers",
+            value=tool_payload.get("allowed_tiers", []),
+            errors=errors,
+            min_items=1,
+        )
+        if tier_names:
+            unknown_tiers = sorted(
+                tier_name
+                for tier_name in allowed_tiers
+                if isinstance(tier_name, str) and tier_name not in tier_names
+            )
+            if unknown_tiers:
+                errors.append(
+                    f"{bundle_id}: policy_model.tool_policies[{index}] references unknown tiers {unknown_tiers}"
+                )
+
+    for index, item in enumerate(
+        _ensure_list(
+            bundle_id=bundle_id,
+            path="policy_model.protected_paths",
+            value=payload.get("protected_paths", []),
+            errors=errors,
+        )
+    ):
+        path_payload = _ensure_dict(
+            bundle_id=bundle_id,
+            path=f"policy_model.protected_paths[{index}]",
+            value=item,
+            errors=errors,
+        )
+        if not path_payload:
+            continue
+        for field in ("path_pattern", "required_tier"):
+            if field not in path_payload:
+                errors.append(f"{bundle_id}: policy_model.protected_paths[{index}] missing field {field}")
+        required_tier = path_payload.get("required_tier")
+        if tier_names and isinstance(required_tier, str) and required_tier not in tier_names:
+            errors.append(
+                f"{bundle_id}: policy_model.protected_paths[{index}] references unknown tier '{required_tier}'"
+            )
+
+    evidence_contract = _ensure_dict(
+        bundle_id=bundle_id,
+        path="policy_model.evidence_contract",
+        value=payload.get("evidence_contract", {}),
+        errors=errors,
+    )
+    for field in ("timestamp", "executor", "trace_id", "lineage"):
+        if field not in evidence_contract:
+            errors.append(f"{bundle_id}: policy_model.evidence_contract missing field {field}")
+
+    host_rules = _ensure_dict(
+        bundle_id=bundle_id,
+        path="policy_model.host_rules",
+        value=payload.get("host_rules", {}),
+        errors=errors,
+    )
+    _validate_host_rule(
+        bundle_id=bundle_id,
+        host_name="claude",
+        host_rule=host_rules.get("claude"),
+        required_fields=("compilation_targets", "hooks", "subagents", "skills"),
+        errors=errors,
+    )
+    _validate_host_rule(
+        bundle_id=bundle_id,
+        host_name="codex",
+        host_rule=host_rules.get("codex"),
+        required_fields=("compilation_targets", "skills", "agents_fragments", "rules", "automations"),
+        errors=errors,
+    )
+    return errors
+
+
+def _policy_model_for_bundle(bundles: Iterable[dict[str, Any]], bundle_id: str) -> dict[str, Any] | None:
+    for bundle in bundles:
+        if str(bundle.get("id", "")) == bundle_id and isinstance(bundle.get("policy_model"), dict):
+            return dict(bundle["policy_model"])
+    return None
+
+
+def _policy_protected_paths(policy_model: dict[str, Any] | None, *, channel: str) -> list[str]:
+    if not policy_model:
+        return _protected_paths_for_channel(channel)
+    values: list[str] = []
+    for item in policy_model.get("protected_paths", []):
+        if isinstance(item, dict):
+            pattern = str(item.get("path_pattern", "")).strip()
+            if pattern:
+                values.append(pattern)
+    return values or _protected_paths_for_channel(channel)
 
 
 def _resolve_root(root_dir: str | Path | None) -> Path:
@@ -96,24 +357,36 @@ def _sha256_file(path: Path) -> str:
 
 
 def load_contract_doc(root_dir: str | Path | None = None) -> str:
-    root = _resolve_root(root_dir)
-    return (root / CONTRACT_DOC_PATH).read_text(encoding="utf-8")
+    if root_dir is not None:
+        root = _resolve_root(root_dir)
+        candidate = root / CONTRACT_DOC_PATH
+        if candidate.exists():
+            return candidate.read_text(encoding="utf-8")
+    return resolve_asset(CONTRACT_DOC_PATH).read_text(encoding="utf-8")
 
 
 def load_contract_schema(root_dir: str | Path | None = None) -> dict[str, Any]:
-    root = _resolve_root(root_dir)
-    return _load_json(root / SCHEMA_PATH)
+    if root_dir is not None:
+        root = _resolve_root(root_dir)
+        candidate = root / SCHEMA_PATH
+        if candidate.exists():
+            return _load_json(candidate)
+    return _load_json(resolve_asset(SCHEMA_PATH))
 
 
 def load_contract_bundles(root_dir: str | Path | None = None) -> list[dict[str, Any]]:
     root = _resolve_root(root_dir)
     bundles: list[dict[str, Any]] = []
-    for path in sorted((root / BUNDLES_DIR).glob("*.yaml")):
+    paths = sorted((root / BUNDLES_DIR).glob("*.yaml")) if (root / BUNDLES_DIR).exists() else resolve_assets(BUNDLES_DIR, suffix=".yaml")
+    for path in paths:
         parsed = yaml.safe_load(path.read_text(encoding="utf-8"))
         if not isinstance(parsed, dict):
             raise ValueError(f"Expected mapping bundle manifest in {path}")
         bundle = dict(parsed)
-        bundle["_path"] = str(path.relative_to(root))
+        try:
+            bundle["_path"] = str(path.relative_to(root))
+        except ValueError:
+            bundle["_path"] = str(Path(BUNDLES_DIR) / path.name)
         bundles.append(bundle)
     return bundles
 
@@ -133,34 +406,30 @@ def validate_contract_registry(root_dir: str | Path | None = None) -> dict[str,
     root = _resolve_root(root_dir)
     errors: list[str] = []
 
-    doc_path = root / CONTRACT_DOC_PATH
-    schema_path = root / SCHEMA_PATH
-    bundles_path = root / BUNDLES_DIR
-
-    if not doc_path.exists():
+    try:
+        doc_text = load_contract_doc(root)
+    except FileNotFoundError:
         errors.append(f"missing contract doc: {CONTRACT_DOC_PATH}")
         doc_text = ""
     else:
-        doc_text = doc_path.read_text(encoding="utf-8")
         for token in REQUIRED_DOC_TOKENS:
             if token not in doc_text:
                 errors.append(f"contract doc missing token: {token}")
         if CANONICAL_VERSION not in doc_text:
             errors.append(f"contract doc missing version: {CANONICAL_VERSION}")
 
-    if not schema_path.exists():
+    try:
+        schema_payload = load_contract_schema(root)
+    except FileNotFoundError:
         errors.append(f"missing contract schema: {SCHEMA_PATH}")
         schema_payload: dict[str, Any] = {}
     else:
-        schema_payload = _load_json(schema_path)
         if str(schema_payload.get("version", "")) != CANONICAL_VERSION:
             errors.append(f"contract schema version drift: {schema_payload.get('version')!r}")
 
-    if not bundles_path.exists():
+    bundles = load_contract_bundles(root)
+    if not bundles:
         errors.append(f"missing bundles directory: {BUNDLES_DIR}")
-        bundles: list[dict[str, Any]] = []
-    else:
-        bundles = load_contract_bundles(root)
 
     bundle_ids = set()
     bundle_summaries: list[dict[str, Any]] = []
@@ -185,6 +454,8 @@ def validate_contract_registry(root_dir: str | Path | None = None) -> dict[str,
             bad_hosts = [host for host in hosts if host not in SUPPORTED_HOSTS]
             if bad_hosts:
                 errors.append(f"{bundle_id}: unsupported hosts {bad_hosts}")
+        if "policy_model" in bundle:
+            errors.extend(_validate_policy_model(bundle_id, bundle.get("policy_model")))
 
     missing_bundles = [bundle_id for bundle_id in DEFAULT_REQUIRED_BUNDLES if bundle_id not in bundle_ids]
     for bundle_id in missing_bundles:
@@ -208,40 +479,43 @@ def validate_contract_registry(root_dir: str | Path | None = None) -> dict[str,
 def _copy_contract_inputs(root: Path, output_root: Path) -> list[Path]:
     copied: list[Path] = []
     for rel_path in [CONTRACT_DOC_PATH, SCHEMA_PATH]:
-        src = root / rel_path
+        src = resolve_asset(rel_path)
         dst = output_root / rel_path
         _write_text(dst, src.read_text(encoding="utf-8"))
         copied.append(dst)
-    for path in sorted((root / BUNDLES_DIR).glob("*.yaml")):
-        rel_path = path.relative_to(root)
+    for bundle in load_contract_bundles(root):
+        rel_path = Path(str(bundle["_path"]))
+        src = resolve_asset(rel_path)
         dst = output_root / rel_path
-        _write_text(dst, path.read_text(encoding="utf-8"))
+        _write_text(dst, src.read_text(encoding="utf-8"))
+        copied.append(dst)
+
+    # Copy advanced plugin artifacts (plugin.json + all command markdown files)
+    advanced_plugin_json = Path("plugins") / "advanced" / "plugin.json"
+    try:
+        src = resolve_asset(advanced_plugin_json)
+        dst = output_root / advanced_plugin_json
+        _write_text(dst, src.read_text(encoding="utf-8"))
+        copied.append(dst)
+    except FileNotFoundError:
+        pass
+
+    advanced_commands = resolve_assets(Path("plugins") / "advanced" / "commands", suffix=".md")
+    for src in advanced_commands:
+        rel = Path("plugins") / "advanced" / "commands" / src.name
+        dst = output_root / rel
+        _write_text(dst, src.read_text(encoding="utf-8"))
         copied.append(dst)
+
     return copied
 
 
 def _base_mcp_servers() -> dict[str, Any]:
     return {
-        "context7": {
-            "command": "npx",
-            "args": ["@upstash/context7-mcp@2.1.3"],
-        },
         "filesystem": {
             "command": "npx",
             "args": ["@modelcontextprotocol/server-filesystem@2026.1.14", "."],
         },
-        "websearch": {
-            "command": "npx",
-            "args": ["@zhafron/mcp-web-search@1.2.2"],
-        },
-        "chrome-devtools": {
-            "command": "npx",
-            "args": ["chrome-devtools-mcp@0.19.0"],
-        },
-        "omg-memory": {
-            "type": "http",
-            "url": "http://127.0.0.1:8765/mcp",
-        },
         "omg-control": {
             "command": "python3",
             "args": ["-m", "runtime.omg_mcp_server"],
@@ -279,7 +553,7 @@ def _build_claude_marketplace() -> dict[str, Any]:
         "description": "Marketplace metadata for the OMG Claude plugin",
         "owner": {"name": "trac3er00"},
         "metadata": {
-            "description": "OMG - Oh-My-God for Claude Code",
+            "description": "OMG - Oh-My-God for Claude Code and supported agent hosts",
             "version": CANONICAL_VERSION,
             "homepage": CANONICAL_REPO_URL,
             "repository": CANONICAL_REPO_URL,
@@ -287,7 +561,7 @@ def _build_claude_marketplace() -> dict[str, Any]:
         "plugins": [
             {
                 "name": CANONICAL_PLUGIN_ID,
-                "description": "OMG plugin layer for Claude Code with native setup, orchestration, and interop.",
+        "description": "OMG plugin layer for Claude Code and supported agent hosts with native setup, orchestration, and interop.",
                 "version": CANONICAL_VERSION,
                 "source": "./",
                 "author": {"name": "trac3er00"},
@@ -348,12 +622,166 @@ def _protected_paths_for_channel(channel: str) -> list[str]:
     return paths
 
 
+def _default_claude_hook_registrations() -> dict[str, list[dict[str, Any]]]:
+    """Default OMG hook registrations for each required Claude event."""
+    return {
+        "UserPromptSubmit": [
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/user-prompt-submit.py"',
+                        "timeout": 10,
+                    }
+                ],
+            }
+        ],
+        "PreToolUse": [
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/firewall.py"',
+                        "timeout": 10,
+                    }
+                ],
+                "matcher": "Bash",
+            },
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/secret-guard.py"',
+                        "timeout": 10,
+                    }
+                ],
+                "matcher": "Read|Write|Edit|MultiEdit",
+            },
+        ],
+        "PostToolUse": [
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/tool-ledger.py"',
+                        "timeout": 10,
+                    }
+                ],
+                "matcher": "Write|Edit|MultiEdit",
+            },
+        ],
+        "PostToolUseFailure": [
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/post-tool-failure.py"',
+                    }
+                ],
+            }
+        ],
+        "InstructionsLoaded": [
+            {
+                "hooks": [
+                    {
+                        "type": "command",
+                        "command": 'python3 "$HOME/.claude/hooks/instructions-loaded.py"',
+                        "timeout": 10,
+                    }
+                ],
+            }
+        ],
+    }
+
+
+def _build_claude_subagents(protected_paths: list[str]) -> list[dict[str, Any]]:
+    """Build narrow-tool Claude subagent definitions. No bypassPermissions allowed."""
+    return [
+        {
+            "name": "security-reviewer",
+            "description": "Read-only security review subagent with scoped tool access.",
+            "tools": [
+                "Read",
+                "Grep",
+                "Glob",
+                "Bash(grep *)",
+                "Bash(find *)",
+                "Bash(git log *)",
+                "Bash(git diff *)",
+            ],
+            "bypassPermissions": False,
+        },
+        {
+            "name": "release-manager",
+            "description": "Release management subagent with write access governed by protected-path policy.",
+            "tools": [
+                "Read",
+                "Write",
+                "Edit",
+                "Grep",
+                "Glob",
+                "Bash(git *)",
+                "Bash(python3 scripts/omg.py *)",
+            ],
+            "bypassPermissions": False,
+            "protectedPaths": protected_paths,
+        },
+    ]
+
+
+def _build_claude_skills(policy_model: dict[str, Any] | None) -> list[dict[str, Any]]:
+    """Build Claude skill definitions from the policy model host_rules."""
+    skill_refs: list[str] = []
+    if isinstance(policy_model, dict):
+        host_rules = policy_model.get("host_rules", {})
+        if isinstance(host_rules, dict):
+            claude_rules = host_rules.get("claude", {})
+            if isinstance(claude_rules, dict):
+                skill_refs = [str(s) for s in claude_rules.get("skills", []) if str(s).strip()]
+    skills: list[dict[str, Any]] = []
+    for ref in skill_refs:
+        skills.append({"name": ref, "source": f".agents/skills/{ref}/"})
+    return skills
+
+
+def _validate_compiled_claude_output(output_root: Path) -> list[str]:
+    """Validate compiled Claude settings.json contains required hooks and subagents."""
+    settings_path = output_root / "settings.json"
+    if not settings_path.exists():
+        return ["claude: missing compiled settings.json"]
+
+    settings = _load_json(settings_path)
+    errors: list[str] = []
+
+    hooks = settings.get("hooks", {})
+    for event in REQUIRED_CLAUDE_HOOK_EVENTS:
+        if event not in hooks or not hooks[event]:
+            errors.append(f"claude: missing required hook event '{event}'")
+
+    omg = settings.get("_omg", {})
+    generated = omg.get("generated", {})
+    subagents = generated.get("subagents", [])
+    subagent_names = {sa.get("name") for sa in subagents if isinstance(sa, dict)}
+    for name in REQUIRED_CLAUDE_SUBAGENT_NAMES:
+        if name not in subagent_names:
+            errors.append(f"claude: missing required subagent '{name}'")
+
+    for sa in subagents:
+        if isinstance(sa, dict) and sa.get("bypassPermissions"):
+            errors.append(
+                f"claude: subagent '{sa.get('name', '<unknown>')}' has bypassPermissions enabled"
+            )
+
+    return errors
+
+
 def _compile_claude_outputs(
     *,
     root: Path,
     output_root: Path,
     bundles: list[dict[str, Any]],
     channel: str,
+    policy_model: dict[str, Any] | None,
 ) -> list[Path]:
     artifacts: list[Path] = []
 
@@ -368,17 +796,32 @@ def _compile_claude_outputs(
     artifacts.append(output_root / ".mcp.json")
 
     settings_path = root / "settings.json"
+    if not settings_path.exists():
+        settings_path = resolve_asset("settings.json")
     settings = _load_json(settings_path)
     hook_bundle = _bundle_map(bundles)["hook-governor"]
-    settings["hooks"] = _compile_hook_settings(hook_bundle)
+    compiled_hooks = _compile_hook_settings(hook_bundle)
+    defaults = _default_claude_hook_registrations()
+    for event in REQUIRED_CLAUDE_HOOK_EVENTS:
+        if event not in compiled_hooks or not compiled_hooks[event]:
+            compiled_hooks[event] = defaults[event]
+    settings["hooks"] = compiled_hooks
+
+    protected_paths = _policy_protected_paths(policy_model, channel=channel)
+    subagents = _build_claude_subagents(protected_paths)
+    skills = _build_claude_skills(policy_model)
+
     omg_settings = dict(settings.get("_omg", {}))
     omg_settings["_version"] = CANONICAL_VERSION
     omg_settings["generated"] = {
         "contract_version": CANONICAL_VERSION,
         "channel": channel,
         "required_bundles": list(DEFAULT_REQUIRED_BUNDLES),
-        "protected_paths": _protected_paths_for_channel(channel),
+        "protected_paths": protected_paths,
         "emulated_events": list(hook_bundle.get("lifecycle_hooks", {}).get("emulated", [])),
+        "policy_model": policy_model or {},
+        "subagents": subagents,
+        "skills": skills,
     }
     settings["_omg"] = omg_settings
     _write_json(output_root / "settings.json", settings)
@@ -429,25 +872,251 @@ def _render_openai_yaml(bundle: dict[str, Any], channel: str) -> str:
     return "\n".join(lines) + "\n"
 
 
+def _codex_skill_refs(policy_model: dict[str, Any] | None) -> list[str]:
+    """Extract skill references from policy_model.host_rules.codex.skills."""
+    if not isinstance(policy_model, dict):
+        return []
+    host_rules = policy_model.get("host_rules", {})
+    if not isinstance(host_rules, dict):
+        return []
+    codex_rules = host_rules.get("codex", {})
+    if not isinstance(codex_rules, dict):
+        return []
+    return [str(s) for s in codex_rules.get("skills", []) if str(s).strip()]
+
+
+def _codex_evidence_fields(policy_model: dict[str, Any] | None) -> list[str]:
+    """Extract required evidence contract fields from the policy model."""
+    if not isinstance(policy_model, dict):
+        return []
+    ec = policy_model.get("evidence_contract", {})
+    if not isinstance(ec, dict):
+        return []
+    return sorted(ec.keys())
+
+
+def _codex_protected_planning_skills(bundles: Iterable[dict[str, Any]]) -> list[str]:
+    protected: list[str] = []
+    for bundle in bundles:
+        if "codex" not in bundle.get("hosts", []):
+            continue
+        if str(bundle.get("kind", "")).strip().lower() != "planning":
+            continue
+        invocation = bundle.get("invocation_policy", {})
+        if not isinstance(invocation, dict):
+            continue
+        if invocation.get("allow_implicit_invocation") is False:
+            protected.append(f"omg/{bundle['id']}")
+    return sorted(set(protected))
+
+
+def _render_codex_agents_fragment(
+    *,
+    channel: str,
+    protected_paths: list[str],
+    codex_rules: list[str],
+    codex_automations: list[str],
+    codex_skills: list[str],
+    evidence_fields: list[str],
+    protected_planning_skills: list[str],
+) -> str:
+    """Render a comprehensive AGENTS.fragment.md for Codex host."""
+    sections: list[str] = []
+
+    # Header
+    sections.append(f"# OMG Codex Governance (channel: {channel})\n")
+
+    # Build & Test
+    sections.append("## Build & Test\n")
+    sections.append("```bash")
+    sections.append("python3 -m pytest tests -q")
+    sections.append("python3 scripts/omg.py contract validate")
+    sections.append(f"python3 scripts/omg.py contract compile --host codex --channel {channel}")
+    sections.append("```\n")
+
+    # Protected Paths
+    sections.append("## Protected Paths\n")
+    sections.append("The following paths require tier-gated review before mutation:\n")
+    for path in protected_paths:
+        sections.append(f"- `{path}`")
+    sections.append("")
+
+    # Evidence Contract
+    sections.append("## Evidence Contract\n")
+    sections.append("Every production action must emit evidence containing these fields:\n")
+    if evidence_fields:
+        for field in evidence_fields:
+            sections.append(f"- `{field}`")
+    else:
+        sections.append("- `timestamp`")
+        sections.append("- `executor`")
+        sections.append("- `trace_id`")
+        sections.append("- `lineage`")
+    sections.append("")
+
+    # Required Skills
+    sections.append("## Required Skills\n")
+    if codex_skills:
+        for skill in codex_skills:
+            sections.append(f"- `{skill}`")
+    else:
+        sections.append("- `omg/control-plane`")
+    sections.append("")
+
+    sections.append("## Protected Planning Surface\n")
+    if protected_planning_skills:
+        sections.append("Council planning skills are protected and explicit-invocation only:")
+        sections.append("")
+        for skill in protected_planning_skills:
+            sections.append(f"- `{skill}`")
+    else:
+        sections.append("- No protected planning skills configured.")
+    sections.append("")
+
+    # Web Search Policy
+    sections.append("## Web Search Policy\n")
+    sections.append("- Prefer cached results over live network requests.")
+    sections.append("- Do NOT initiate live web searches unless explicitly instructed.")
+    sections.append("- Use `context7` or local documentation before external lookups.")
+    sections.append("- Set `cached_web_search: prefer_cached` as the default.\n")
+
+    # Approval Constraints
+    sections.append("## Approval Constraints\n")
+    sections.append("- Destructive file operations require explicit user approval.")
+    sections.append("- `git push --force` and branch deletions require explicit approval.")
+    sections.append("- Production deployments require explicit approval.")
+    sections.append("- Mutations to protected paths require tier-gated approval.\n")
+
+    # Rules & Automations (compact summary)
+    sections.append("## Rules & Automations\n")
+    rules_str = ", ".join(codex_rules) if codex_rules else "protected_paths, explicit_invocation"
+    auto_str = ", ".join(codex_automations) if codex_automations else "contract-compile"
+    sections.append(f"- Rules: `{rules_str}`")
+    sections.append(f"- Automations: `{auto_str}`")
+    sections.append("- Require explicit invocation for protected production planning skills.")
+    sections.append("")
+
+    return "\n".join(sections)
+
+
+def _render_codex_rules(
+    *,
+    channel: str,
+    protected_paths: list[str],
+    codex_skills: list[str],
+    protected_planning_skills: list[str],
+) -> str:
+    """Render a codex-rules.md config fragment encoding defaults."""
+    lines: list[str] = []
+    lines.append(f"# OMG Codex Rules (channel: {channel})\n")
+
+    lines.append("## Defaults\n")
+    lines.append("- `cached_web_search: prefer_cached`")
+    lines.append("- `live_network: deny_by_default`")
+    lines.append("- `destructive_approval: required`\n")
+
+    lines.append("## Protected Paths\n")
+    for path in protected_paths:
+        lines.append(f"- `{path}`")
+    lines.append("")
+
+    lines.append("## Required Skills\n")
+    for skill in (codex_skills or ["omg/control-plane"]):
+        lines.append(f"- `{skill}`")
+    lines.append("")
+
+    lines.append("## Protected Planning Surface\n")
+    if protected_planning_skills:
+        for skill in protected_planning_skills:
+            lines.append(f"- `{skill}` (explicit invocation only)")
+    else:
+        lines.append("- none")
+    lines.append("")
+
+    lines.append("## Approval Matrix\n")
+    lines.append("| Action | Approval Required |")
+    lines.append("|--------|------------------|")
+    lines.append("| Read / Grep | No |")
+    lines.append("| Write to protected paths | Yes |")
+    lines.append("| Bash (python3:*) | Yes (balanced+ tier) |")
+    lines.append("| git push --force | Yes |")
+    lines.append("| Production deploy | Yes |")
+    lines.append("")
+
+    return "\n".join(lines)
+
+
+def _validate_compiled_codex_output(output_root: Path) -> list[str]:
+    """Validate compiled Codex output contains required AGENTS sections and artifacts."""
+    errors: list[str] = []
+    shared_dir = output_root / ".agents" / "skills" / "omg"
+
+    for required_file in REQUIRED_CODEX_OUTPUTS:
+        path = shared_dir / required_file
+        if not path.exists():
+            errors.append(f"codex: missing required output '{required_file}'")
+
+    agents_path = shared_dir / "AGENTS.fragment.md"
+    if agents_path.exists():
+        content = agents_path.read_text(encoding="utf-8")
+        for section in REQUIRED_CODEX_AGENTS_SECTIONS:
+            if section not in content:
+                errors.append(f"codex: AGENTS.fragment.md missing required section '{section}'")
+    else:
+        errors.append("codex: cannot validate AGENTS.fragment.md — file missing")
+
+    return errors
+
+
 def _compile_codex_outputs(
     *,
     output_root: Path,
     bundles: list[dict[str, Any]],
     channel: str,
+    policy_model: dict[str, Any] | None,
 ) -> list[Path]:
     artifacts: list[Path] = []
     shared_dir = output_root / ".agents" / "skills" / "omg"
     shared_dir.mkdir(parents=True, exist_ok=True)
 
-    rules_fragment = (
-        "# OMG Codex Protection Rules\n\n"
-        f"- Channel: `{channel}`\n"
-        "- Protect `.omg/`, `.agents/`, `.codex/`, and `.claude/` from unreviewed mutation.\n"
-        "- Require explicit invocation for production-control-plane skills.\n"
+    protected_paths = _policy_protected_paths(policy_model, channel=channel)
+    codex_rules: list[str] = []
+    codex_automations: list[str] = []
+    if isinstance(policy_model, dict):
+        host_rules = policy_model.get("host_rules", {})
+        if isinstance(host_rules, dict):
+            codex_policy = host_rules.get("codex", {})
+            if isinstance(codex_policy, dict):
+                codex_rules = [str(item) for item in codex_policy.get("rules", []) if str(item).strip()]
+                codex_automations = [
+                    str(item) for item in codex_policy.get("automations", []) if str(item).strip()
+                ]
+
+    codex_skills = _codex_skill_refs(policy_model)
+    evidence_fields = _codex_evidence_fields(policy_model)
+    protected_planning_skills = _codex_protected_planning_skills(bundles)
+
+    agents_fragment = _render_codex_agents_fragment(
+        channel=channel,
+        protected_paths=protected_paths,
+        codex_rules=codex_rules,
+        codex_automations=codex_automations,
+        codex_skills=codex_skills,
+        evidence_fields=evidence_fields,
+        protected_planning_skills=protected_planning_skills,
     )
-    _write_text(shared_dir / "AGENTS.fragment.md", rules_fragment)
+    _write_text(shared_dir / "AGENTS.fragment.md", agents_fragment)
     artifacts.append(shared_dir / "AGENTS.fragment.md")
 
+    rules_content = _render_codex_rules(
+        channel=channel,
+        protected_paths=protected_paths,
+        codex_skills=codex_skills,
+        protected_planning_skills=protected_planning_skills,
+    )
+    _write_text(shared_dir / "codex-rules.md", rules_content)
+    artifacts.append(shared_dir / "codex-rules.md")
+
     from runtime.mcp_config_writers import write_codex_mcp_stdio_config
 
     codex_mcp_path = shared_dir / "codex-mcp.toml"
@@ -551,12 +1220,48 @@ def compile_contract_outputs(
         }
 
     bundles = load_contract_bundles(root)
+    policy_model = _policy_model_for_bundle(bundles, "control-plane")
     artifacts = _copy_contract_inputs(root, output)
 
     if "claude" in selected_hosts:
-        artifacts.extend(_compile_claude_outputs(root=root, output_root=output, bundles=bundles, channel=channel))
+        artifacts.extend(
+            _compile_claude_outputs(
+                root=root,
+                output_root=output,
+                bundles=bundles,
+                channel=channel,
+                policy_model=policy_model,
+            )
+        )
+        claude_errors = _validate_compiled_claude_output(output)
+        if claude_errors:
+            return {
+                "schema": "OmgContractCompileResult",
+                "status": "error",
+                "channel": channel,
+                "hosts": selected_hosts,
+                "errors": claude_errors,
+                "artifacts": [],
+            }
     if "codex" in selected_hosts:
-        artifacts.extend(_compile_codex_outputs(output_root=output, bundles=bundles, channel=channel))
+        artifacts.extend(
+            _compile_codex_outputs(
+                output_root=output,
+                bundles=bundles,
+                channel=channel,
+                policy_model=policy_model,
+            )
+        )
+        codex_errors = _validate_compiled_codex_output(output)
+        if codex_errors:
+            return {
+                "schema": "OmgContractCompileResult",
+                "status": "error",
+                "channel": channel,
+                "hosts": selected_hosts,
+                "errors": codex_errors,
+                "artifacts": [],
+            }
 
     bundled_artifacts = _copy_release_bundle(output_root=output, channel=channel, artifacts=artifacts)
     manifest_path = _build_dist_manifest(output, channel=channel, artifacts=bundled_artifacts)
@@ -619,6 +1324,294 @@ def _check_mcp_fabric() -> dict[str, Any]:
     }
 
 
+def _check_version_identity_drift(root: Path) -> dict[str, Any]:
+    """Check version/identity drift across all public surface files.
+    
+    Returns a dict with:
+    - status: "ok" or "error"
+    - blockers: list of named blockers for each mismatch
+    - drift_details: dict mapping file paths to their found versions
+    """
+    canonical_version = CANONICAL_VERSION
+    blockers: list[str] = []
+    drift_details: dict[str, str] = {}
+    
+    # Files to check with their JSON paths to extract version
+    files_to_check = [
+        ("package.json", ["version"]),
+        ("pyproject.toml", None),  # Special case: extract from version = "X.Y.Z"
+        ("settings.json", ["_omg", "_version"]),
+        (".claude-plugin/plugin.json", ["version"]),
+        (".claude-plugin/marketplace.json", ["version"]),
+        ("plugins/core/plugin.json", ["version"]),
+        ("plugins/advanced/plugin.json", ["version"]),
+        ("CHANGELOG.md", None),  # Special case: check for version in header
+    ]
+    
+    for file_path, json_path in files_to_check:
+        full_path = root / file_path
+        if not full_path.exists():
+            blockers.append(f"version_drift: missing file {file_path}")
+            continue
+        
+        found_version = None
+        
+        try:
+            if file_path == "pyproject.toml":
+                # Extract from version = "X.Y.Z"
+                content = full_path.read_text(encoding="utf-8")
+                for line in content.split("\n"):
+                    if line.startswith("version = "):
+                        found_version = line.split('"')[1]
+                        break
+            elif file_path == "CHANGELOG.md":
+                # Extract from "## X.Y.Z -" header (skip "Unreleased" section)
+                content = full_path.read_text(encoding="utf-8")
+                for line in content.split("\n"):
+                    if line.startswith("## ") and " - " in line:
+                        version_str = line.split(" - ")[0].replace("## ", "").strip()
+                        if version_str.lower() != "unreleased":
+                            found_version = version_str
+                            break
+            else:
+                # JSON file: use json_path to navigate
+                data = _load_json(full_path)
+                current = data
+                if json_path:
+                    for key in json_path:
+                        current = current.get(key)
+                        if current is None:
+                            break
+                found_version = current
+        except Exception as e:
+            blockers.append(f"version_drift: failed to parse {file_path}: {e}")
+            continue
+        
+        if found_version is None:
+            blockers.append(f"version_drift: could not extract version from {file_path}")
+        elif str(found_version) != canonical_version:
+            blockers.append(
+                f"version_drift: {file_path} has version {found_version}, expected {canonical_version}"
+            )
+            drift_details[file_path] = str(found_version)
+        else:
+            drift_details[file_path] = str(found_version)
+    
+    return {
+        "status": "ok" if not blockers else "error",
+        "canonical_version": canonical_version,
+        "blockers": blockers,
+        "drift_details": drift_details,
+    }
+
+
+def _check_doctor_output(output_root: Path) -> dict[str, Any]:
+    evidence_dir = output_root / ".omg" / "evidence"
+    doctor_path = evidence_dir / "doctor.json"
+    if not doctor_path.exists():
+        return {
+            "status": "error",
+            "path": "",
+            "doctor": {},
+            "blockers": ["doctor_check_missing: missing .omg/evidence/doctor.json"],
+        }
+    try:
+        payload = _load_json(doctor_path)
+    except Exception as exc:
+        return {
+            "status": "error",
+            "path": str(doctor_path.relative_to(output_root)),
+            "doctor": {},
+            "blockers": [f"doctor_check_missing: invalid doctor output ({exc})"],
+        }
+
+    blockers: list[str] = []
+    if payload.get("schema") != "DoctorResult":
+        blockers.append("doctor_check_missing: doctor evidence schema mismatch")
+    if payload.get("status") != "pass":
+        blockers.append("doctor_check_missing: doctor status is not pass")
+    checks = payload.get("checks", [])
+    if not isinstance(checks, list) or not checks:
+        blockers.append("doctor_check_missing: doctor checks missing")
+
+    return {
+        "status": "ok" if not blockers else "error",
+        "path": str(doctor_path.relative_to(output_root)),
+        "doctor": payload,
+        "blockers": blockers,
+    }
+
+
+def _check_proof_surface(root: Path) -> dict[str, Any]:
+    proof_path = root / "docs" / "proof.md"
+    if not proof_path.exists():
+        return {
+            "status": "error",
+            "path": "docs/proof.md",
+            "blockers": ["prose_only_proof: docs/proof.md missing"],
+        }
+
+    content = proof_path.read_text(encoding="utf-8")
+    lowered = content.lower()
+    hardcoded_counts = bool(
+        re.search(r"\b\d+\s*/\s*\d+\b", lowered)
+        or re.search(r"\b\d+\s+(tests?|checks?|providers?)\s+(passed|pass|green|successful)\b", lowered)
+        or re.search(r"\ball\s+tests?\s+passed\b", lowered)
+    )
+    artifact_refs = (
+        ".omg/evidence/",
+        ".omg/tracebank/",
+        ".omg/evals/",
+        ".omg/lineage/",
+    )
+    has_artifact_refs = any(token in content for token in artifact_refs)
+
+    blockers: list[str] = []
+    if hardcoded_counts and not has_artifact_refs:
+        blockers.append("prose_only_proof: hardcoded proof counts without machine artifact references")
+
+    return {
+        "status": "ok" if not blockers else "error",
+        "path": str(proof_path.relative_to(root)),
+        "hardcoded_counts": hardcoded_counts,
+        "has_artifact_refs": has_artifact_refs,
+        "blockers": blockers,
+    }
+
+
+def _is_loopback_hostname(hostname: str) -> bool:
+    lowered = hostname.strip().lower()
+    return lowered in {"localhost", "127.0.0.1", "::1"}
+
+
+def _collect_http_urls(line: str) -> list[str]:
+    return re.findall(r"https?://[^\s)\]>'\"]+", line)
+
+
+def _check_same_machine_scope(root: Path, output_root: Path) -> dict[str, Any]:
+    blockers: list[str] = []
+    scanned: list[str] = []
+
+    for rel_path in ("README.md", "docs/proof.md", "OMG_COMPAT_CONTRACT.md"):
+        path = root / rel_path
+        if not path.exists():
+            continue
+        scanned.append(rel_path)
+        for line in path.read_text(encoding="utf-8").splitlines():
+            if "production" not in line.lower():
+                continue
+            for url in _collect_http_urls(line):
+                parsed = urlparse(url)
+                if parsed.scheme != "http":
+                    continue
+                host = parsed.hostname or ""
+                if host and not _is_loopback_hostname(host):
+                    blockers.append(
+                        f"same_machine_scope_violation: {rel_path} claims production over non-loopback HTTP ({url})"
+                    )
+
+    mcp_path = output_root / ".mcp.json"
+    if mcp_path.exists():
+        scanned.append(str(mcp_path.relative_to(output_root)))
+        mcp_payload = _load_json(mcp_path)
+        servers = mcp_payload.get("mcpServers", {})
+        if isinstance(servers, dict):
+            for server_name, server_cfg in servers.items():
+                if not isinstance(server_cfg, dict):
+                    continue
+                for key in ("url", "httpUrl"):
+                    raw_url = str(server_cfg.get(key, "")).strip()
+                    if not raw_url:
+                        continue
+                    parsed = urlparse(raw_url)
+                    if parsed.scheme != "http":
+                        continue
+                    host = parsed.hostname or ""
+                    if host and not _is_loopback_hostname(host):
+                        blockers.append(
+                            "same_machine_scope_violation: "
+                            f".mcp.json server '{server_name}' uses non-loopback HTTP endpoint ({raw_url})"
+                        )
+
+    return {
+        "status": "ok" if not blockers else "error",
+        "scanned": scanned,
+        "blockers": blockers,
+    }
+
+
+def _check_provider_host_parity(output_root: Path, providers: dict[str, dict[str, Any]]) -> dict[str, Any]:
+    blockers: list[str] = []
+    required_for_provider = {
+        "claude": (
+            output_root / "settings.json",
+            output_root / ".claude-plugin" / "plugin.json",
+        ),
+        "codex": (
+            output_root / ".agents" / "skills" / "omg" / "AGENTS.fragment.md",
+            output_root / ".agents" / "skills" / "omg" / "codex-mcp.toml",
+        ),
+    }
+    for provider, status in providers.items():
+        if not status.get("ready"):
+            continue
+        for required_path in required_for_provider.get(provider, ()):
+            if not required_path.exists():
+                blockers.append(
+                    "provider_host_parity: "
+                    f"provider '{provider}' ready but host artifact missing {required_path.relative_to(output_root)}"
+                )
+    return {
+        "status": "ok" if not blockers else "error",
+        "blockers": blockers,
+    }
+
+
+def _has_waiver(risk: dict[str, Any]) -> bool:
+    return bool(
+        risk.get("waived")
+        or risk.get("waiver")
+        or risk.get("waiver_id")
+        or risk.get("waiver_evidence")
+    )
+
+
+def _check_high_risk_security_waivers(payload: dict[str, Any]) -> list[str]:
+    blockers: list[str] = []
+    unresolved = payload.get("unresolved_risks", [])
+    if isinstance(unresolved, list):
+        for item in unresolved:
+            if isinstance(item, dict):
+                severity = str(item.get("severity") or item.get("risk_level") or "").lower()
+                if severity in {"high", "critical"} and not _has_waiver(item):
+                    blockers.append("security_blocker_unwaived: unresolved high-risk item without waiver evidence")
+                    break
+            elif isinstance(item, str):
+                lowered = item.lower()
+                is_high = "high" in lowered or "critical" in lowered
+                waived = "waiv" in lowered
+                if is_high and not waived:
+                    blockers.append("security_blocker_unwaived: unresolved high-risk item without waiver evidence")
+                    break
+
+    scans = payload.get("security_scans", [])
+    if isinstance(scans, list):
+        for scan in scans:
+            if not isinstance(scan, dict):
+                continue
+            findings = scan.get("findings", [])
+            if not isinstance(findings, list):
+                continue
+            for finding in findings:
+                if not isinstance(finding, dict):
+                    continue
+                severity = str(finding.get("severity", "")).lower()
+                if severity in {"high", "critical"} and not _has_waiver(finding):
+                    blockers.append("security_blocker_unwaived: high-risk security finding without waiver evidence")
+                    return blockers
+    return blockers
+
+
 def build_release_readiness(
     *,
     root_dir: str | Path | None = None,
@@ -655,6 +1648,10 @@ def build_release_readiness(
                 continue
             if _sha256_file(artifact_path) != expected_sha:
                 manifest_errors.append(f"{required_channel}: sha mismatch for {rel_path}")
+        manifest_paths = {str(a.get("path", "")) for a in manifest.get("artifacts", []) if isinstance(a, dict)}
+        for req_path in REQUIRED_ADVANCED_PLUGIN_ARTIFACTS:
+            if req_path not in manifest_paths:
+                manifest_errors.append(f"{required_channel}: advanced_plugin_missing {req_path}")
         if manifest_errors:
             blockers.extend(manifest_errors)
         manifest["integrity_errors"] = manifest_errors
@@ -673,12 +1670,71 @@ def build_release_readiness(
         blockers.append(f"missing compiled outputs: {', '.join(missing_outputs)}")
     checks["compiled_outputs"] = {"missing": missing_outputs}
 
+    required_bundle_outputs: list[Path] = []
+    for bundle_id in DEFAULT_REQUIRED_BUNDLES:
+        required_bundle_outputs.extend(
+            [
+                output / ".agents" / "skills" / "omg" / bundle_id / "SKILL.md",
+                output / ".agents" / "skills" / "omg" / bundle_id / "openai.yaml",
+            ]
+        )
+    missing_bundle_outputs = [str(path.relative_to(output)) for path in required_bundle_outputs if not path.exists()]
+    if missing_bundle_outputs:
+        blockers.append(f"missing bundle outputs: {', '.join(missing_bundle_outputs)}")
+    checks["bundle_outputs"] = {"missing": missing_bundle_outputs}
+
+    evidence_check = _check_recent_evidence(output)
+    checks["evidence"] = evidence_check
+    blockers.extend(evidence_check.get("blockers", []))
+
+    doctor_check = _check_doctor_output(output)
+    checks["doctor"] = doctor_check
+    blockers.extend(doctor_check.get("blockers", []))
+
+    eval_check = _check_eval_gate(output)
+    checks["eval_gate"] = eval_check
+    blockers.extend(eval_check.get("blockers", []))
+
+    proof_chain_check = _check_proof_chain(output)
+    checks["proof_chain"] = proof_chain_check
+    blockers.extend(proof_chain_check.get("blockers", []))
+
+    security_blockers = [
+        blocker
+        for blocker in evidence_check.get("blockers", [])
+        if isinstance(blocker, str) and blocker.startswith("security_blocker_unwaived:")
+    ]
+    checks["security_blocker_unwaived"] = {
+        "status": "ok" if not security_blockers else "error",
+        "blockers": security_blockers,
+    }
+
+    proof_surface_check = _check_proof_surface(root)
+    checks["proof_surface"] = proof_surface_check
+    blockers.extend(proof_surface_check.get("blockers", []))
+
+    same_machine_scope = _check_same_machine_scope(root, output)
+    checks["same_machine_scope"] = same_machine_scope
+    blockers.extend(same_machine_scope.get("blockers", []))
+
+    package_check = _check_packaged_install_smoke(root)
+    checks["package_smoke"] = package_check
+    blockers.extend(package_check.get("blockers", []))
+
+    version_drift_check = _check_version_identity_drift(root)
+    checks["version_identity_drift"] = version_drift_check
+    blockers.extend(version_drift_check.get("blockers", []))
+
     providers = _provider_statuses()
     checks["providers"] = providers
     for provider_name, status in providers.items():
         if not status.get("ready"):
             blockers.append(f"provider not ready: {provider_name}")
 
+    provider_parity = _check_provider_host_parity(output, providers)
+    checks["provider_host_parity"] = provider_parity
+    blockers.extend(provider_parity.get("blockers", []))
+
     worktree_ready = shutil.which("git") is not None and (root / ".git").exists()
     checks["worktree"] = {"ready": worktree_ready}
     if not worktree_ready:
@@ -696,3 +1752,167 @@ def build_release_readiness(
         "blockers": blockers,
         "checks": checks,
     }
+
+
+def _check_recent_evidence(output_root: Path) -> dict[str, Any]:
+    evidence_dir = output_root / ".omg" / "evidence"
+    if not evidence_dir.exists():
+        return {"status": "missing", "blockers": []}
+
+    evidence_files = sorted(path for path in evidence_dir.glob("*.json") if path.is_file())
+    if not evidence_files:
+        return {"status": "missing", "blockers": []}
+
+    evidence_payloads: list[tuple[Path, dict[str, Any]]] = []
+    for path in evidence_files:
+        try:
+            payload = _load_json(path)
+        except Exception:
+            continue
+        if payload.get("schema") == "EvidencePack":
+            evidence_payloads.append((path, payload))
+
+    if not evidence_payloads:
+        return {"status": "missing", "blockers": []}
+
+    evidence_path, payload = evidence_payloads[-1]
+    blockers: list[str] = []
+    if not payload.get("security_scans"):
+        blockers.append("cosmetic evidence: security_scans is empty")
+    if not payload.get("provenance"):
+        blockers.append("cosmetic evidence: provenance is empty")
+    if not payload.get("timestamp") and not payload.get("created_at"):
+        blockers.append("missing_attribution: evidence missing timestamp")
+    if not payload.get("executor"):
+        blockers.append("missing_attribution: evidence missing executor")
+    if not payload.get("environment"):
+        blockers.append("missing_attribution: evidence missing environment")
+    if not payload.get("trace_ids"):
+        blockers.append("missing trace ids in evidence")
+    if not payload.get("trace_id") and not payload.get("trace_ids"):
+        blockers.append("missing trace_id in evidence")
+    if not payload.get("lineage"):
+        blockers.append("missing lineage in evidence")
+    tests = payload.get("tests", [])
+    if isinstance(tests, list):
+        for item in tests:
+            if isinstance(item, dict) and item.get("name") == "worker_implementation" and not item.get("passed", False):
+                blockers.append("simulated worker evidence detected")
+                break
+    blockers.extend(_check_test_intent_claims(payload))
+    blockers.extend(_check_high_risk_security_waivers(payload))
+    return {
+        "status": "ok" if not blockers else "error",
+        "evidence_file": str(evidence_path.relative_to(output_root)),
+        "blockers": blockers,
+    }
+
+
+def _check_test_intent_claims(payload: dict[str, Any]) -> list[str]:
+    test_delta = payload.get("test_delta")
+    claims = payload.get("claims", [])
+    if not isinstance(claims, list):
+        return []
+
+    from runtime.test_intent_lock import evaluate_test_delta
+
+    blockers: list[str] = []
+    guarded_claims = {"tests passed", "tests_passed", "bug fixed", "bug_fixed"}
+    for claim in claims:
+        if not isinstance(claim, dict):
+            continue
+        claim_type = str(claim.get("claim_type", "")).strip().lower()
+        if claim_type not in guarded_claims:
+            continue
+        delta = claim.get("test_delta")
+        if not isinstance(delta, dict):
+            delta = test_delta if isinstance(test_delta, dict) else None
+        if not isinstance(delta, dict):
+            blockers.append(f"test_intent_lock_missing_delta: claim '{claim_type}' requires test_delta evidence")
+            continue
+        result = evaluate_test_delta(delta)
+        if result.get("verdict") != "pass":
+            reasons = result.get("reasons", [])
+            reason_text = "; ".join(str(item) for item in reasons if str(item).strip())
+            suffix = f": {reason_text}" if reason_text else ""
+            blockers.append(f"test_intent_lock_blocked: claim '{claim_type}'{suffix}")
+    return blockers
+
+
+def _check_eval_gate(output_root: Path) -> dict[str, Any]:
+    latest_path = output_root / ".omg" / "evals" / "latest.json"
+    if not latest_path.exists():
+        return {"status": "missing", "blockers": []}
+    payload = _load_json(latest_path)
+    blockers: list[str] = []
+    if payload.get("status") != "ok" or bool(payload.get("summary", {}).get("regressed")):
+        blockers.append("eval regression detected")
+    return {
+        "status": "ok" if not blockers else "error",
+        "path": str(latest_path.relative_to(output_root)),
+        "blockers": blockers,
+    }
+
+
+def _check_proof_chain(output_root: Path) -> dict[str, Any]:
+    chain_module = importlib.import_module("runtime.proof_chain")
+    gate_module = importlib.import_module("runtime.proof_gate")
+
+    gate_input = chain_module.build_proof_gate_input(str(output_root))
+    chain = gate_input.get("proof_chain", {}) if isinstance(gate_input, dict) else {}
+    chain_status = str(chain.get("status", "error"))
+    raw_blockers = chain.get("blockers", [])
+    blockers = [f"proof_chain_linkage: {item}" for item in raw_blockers] if isinstance(raw_blockers, list) else ["proof_chain_linkage: invalid blockers"]
+    if chain_status == "ok":
+        blockers = []
+
+    proof_gate = gate_module.evaluate_proof_gate(gate_input if isinstance(gate_input, dict) else {})
+    if str(proof_gate.get("verdict", "fail")) != "pass":
+        gate_blockers = proof_gate.get("blockers", [])
+        if isinstance(gate_blockers, list) and gate_blockers:
+            blockers.extend(f"proof_gate_blocked: {item}" for item in gate_blockers)
+        else:
+            blockers.append("proof_gate_blocked: verdict_fail")
+
+    return {
+        "status": "ok" if not blockers else "error",
+        "proof_chain": chain,
+        "proof_gate": proof_gate,
+        "blockers": blockers,
+    }
+
+
+def _check_packaged_install_smoke(root: Path) -> dict[str, Any]:
+    blockers: list[str] = []
+    with tempfile.TemporaryDirectory(prefix="omg-wheel-") as tmp_dir:
+        proc = subprocess.run(
+            [sys.executable, "-m", "pip", "wheel", ".", "--no-deps", "-w", tmp_dir],
+            cwd=str(root),
+            capture_output=True,
+            text=True,
+            check=False,
+            timeout=120,
+        )
+        if proc.returncode != 0:
+            return {
+                "status": "error",
+                "blockers": ["package smoke failed to build wheel"],
+                "stdout": proc.stdout,
+                "stderr": proc.stderr,
+            }
+        wheels = sorted(Path(tmp_dir).glob("*.whl"))
+        if not wheels:
+            return {"status": "error", "blockers": ["package smoke did not produce a wheel"]}
+        with zipfile.ZipFile(wheels[-1]) as archive:
+            names = set(archive.namelist())
+        required_suffixes = (
+            "control_plane/service.py",
+            "registry/verify_artifact.py",
+            "plugins/dephealth/cve_scanner.py",
+            "OMG_COMPAT_CONTRACT.md",
+            ".agents/skills/omg/security-check/SKILL.md",
+        )
+        for suffix in required_suffixes:
+            if not any(name.endswith(suffix) for name in names):
+                blockers.append(f"package parity missing {suffix}")
+    return {"status": "ok" if not blockers else "error", "blockers": blockers}