@trac3er/oh-my-god 2.2.3 → 2.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1047) hide show
  1. package/.claude-plugin/marketplace.json +3 -3
  2. package/.claude-plugin/plugin.json +1 -1
  3. package/.claude-plugin/scripts/install.sh +1 -1
  4. package/.gemini/settings.json +2 -2
  5. package/.kimi/mcp.json +2 -2
  6. package/CHANGELOG.md +14 -1
  7. package/CLI-ADAPTER-MAP.md +3 -3
  8. package/OMG-setup.sh +7 -6
  9. package/OMG_COMPAT_CONTRACT.md +1 -1
  10. package/README.md +4 -2
  11. package/artifacts/public/dist/public/manifest.json +2 -2
  12. package/commands/OMG:validate.md +1 -1
  13. package/dist/enterprise/manifest.json +2 -2
  14. package/dist/public/manifest.json +2 -2
  15. package/docs/install/github-app.md +8 -7
  16. package/hooks/_common.py +20 -6
  17. package/hooks/secret-guard.py +3 -2
  18. package/hooks/stop_dispatcher.py +20 -2
  19. package/hooks/terms-guard.py +96 -0
  20. package/hooks/test-validator.py +36 -4
  21. package/hud/omg-hud.mjs +1 -1
  22. package/package.json +1 -1
  23. package/plugins/advanced/plugin.json +1 -1
  24. package/plugins/core/plugin.json +1 -1
  25. package/pyproject.toml +1 -1
  26. package/registry/bundles/algorithms.yaml +1 -1
  27. package/registry/bundles/api-twin.yaml +1 -1
  28. package/registry/bundles/ast-pack.yaml +1 -1
  29. package/registry/bundles/claim-judge.yaml +1 -1
  30. package/registry/bundles/control-plane.yaml +1 -1
  31. package/registry/bundles/data-lineage.yaml +1 -1
  32. package/registry/bundles/delta-classifier.yaml +1 -1
  33. package/registry/bundles/eval-gate.yaml +1 -1
  34. package/registry/bundles/hash-edit.yaml +1 -1
  35. package/registry/bundles/health.yaml +1 -1
  36. package/registry/bundles/hook-governor.yaml +1 -1
  37. package/registry/bundles/incident-replay.yaml +1 -1
  38. package/registry/bundles/lsp-pack.yaml +1 -1
  39. package/registry/bundles/mcp-fabric.yaml +1 -1
  40. package/registry/bundles/plan-council.yaml +1 -1
  41. package/registry/bundles/preflight.yaml +1 -1
  42. package/registry/bundles/proof-gate.yaml +1 -1
  43. package/registry/bundles/remote-supervisor.yaml +1 -1
  44. package/registry/bundles/robotics.yaml +1 -1
  45. package/registry/bundles/secure-worktree-pipeline.yaml +1 -1
  46. package/registry/bundles/security-check.yaml +1 -1
  47. package/registry/bundles/terminal-lane.yaml +1 -1
  48. package/registry/bundles/test-intent-lock.yaml +1 -1
  49. package/registry/bundles/tracebank.yaml +1 -1
  50. package/registry/bundles/vision.yaml +1 -1
  51. package/registry/omg-capability.schema.json +1 -1
  52. package/runtime/adoption.py +3 -2
  53. package/runtime/compliance_governor.py +28 -2
  54. package/runtime/context_compiler.py +131 -0
  55. package/runtime/contract_compiler.py +120 -25
  56. package/runtime/delta_classifier.py +68 -0
  57. package/runtime/github_review_bot.py +2 -2
  58. package/runtime/github_review_formatter.py +14 -0
  59. package/runtime/mutation_gate.py +38 -9
  60. package/runtime/omg_compat_contract_snapshot.json +1 -1
  61. package/runtime/provider_parity_eval.py +109 -0
  62. package/runtime/test_intent_lock.py +24 -2
  63. package/scripts/omg.py +63 -6
  64. package/settings.json +13 -3
  65. package/artifacts/release/.agents/skills/omg/AGENTS.fragment.md +0 -75
  66. package/artifacts/release/.agents/skills/omg/algorithms/SKILL.md +0 -11
  67. package/artifacts/release/.agents/skills/omg/algorithms/openai.yaml +0 -11
  68. package/artifacts/release/.agents/skills/omg/api-twin/SKILL.md +0 -11
  69. package/artifacts/release/.agents/skills/omg/api-twin/openai.yaml +0 -12
  70. package/artifacts/release/.agents/skills/omg/ast-pack/SKILL.md +0 -11
  71. package/artifacts/release/.agents/skills/omg/ast-pack/openai.yaml +0 -12
  72. package/artifacts/release/.agents/skills/omg/claim-judge/SKILL.md +0 -11
  73. package/artifacts/release/.agents/skills/omg/claim-judge/openai.yaml +0 -13
  74. package/artifacts/release/.agents/skills/omg/codex-mcp.toml +0 -4
  75. package/artifacts/release/.agents/skills/omg/codex-rules.md +0 -38
  76. package/artifacts/release/.agents/skills/omg/control-plane/SKILL.md +0 -11
  77. package/artifacts/release/.agents/skills/omg/control-plane/openai.yaml +0 -14
  78. package/artifacts/release/.agents/skills/omg/data-lineage/SKILL.md +0 -11
  79. package/artifacts/release/.agents/skills/omg/data-lineage/openai.yaml +0 -12
  80. package/artifacts/release/.agents/skills/omg/delta-classifier/SKILL.md +0 -11
  81. package/artifacts/release/.agents/skills/omg/delta-classifier/openai.yaml +0 -12
  82. package/artifacts/release/.agents/skills/omg/eval-gate/SKILL.md +0 -11
  83. package/artifacts/release/.agents/skills/omg/eval-gate/openai.yaml +0 -12
  84. package/artifacts/release/.agents/skills/omg/hash-edit/SKILL.md +0 -11
  85. package/artifacts/release/.agents/skills/omg/hash-edit/openai.yaml +0 -11
  86. package/artifacts/release/.agents/skills/omg/health/SKILL.md +0 -11
  87. package/artifacts/release/.agents/skills/omg/health/openai.yaml +0 -11
  88. package/artifacts/release/.agents/skills/omg/hook-governor/SKILL.md +0 -11
  89. package/artifacts/release/.agents/skills/omg/hook-governor/openai.yaml +0 -11
  90. package/artifacts/release/.agents/skills/omg/incident-replay/SKILL.md +0 -11
  91. package/artifacts/release/.agents/skills/omg/incident-replay/openai.yaml +0 -12
  92. package/artifacts/release/.agents/skills/omg/lsp-pack/SKILL.md +0 -11
  93. package/artifacts/release/.agents/skills/omg/lsp-pack/openai.yaml +0 -12
  94. package/artifacts/release/.agents/skills/omg/mcp-fabric/SKILL.md +0 -11
  95. package/artifacts/release/.agents/skills/omg/mcp-fabric/openai.yaml +0 -13
  96. package/artifacts/release/.agents/skills/omg/plan-council/SKILL.md +0 -11
  97. package/artifacts/release/.agents/skills/omg/plan-council/openai.yaml +0 -12
  98. package/artifacts/release/.agents/skills/omg/preflight/SKILL.md +0 -11
  99. package/artifacts/release/.agents/skills/omg/preflight/openai.yaml +0 -12
  100. package/artifacts/release/.agents/skills/omg/proof-gate/SKILL.md +0 -11
  101. package/artifacts/release/.agents/skills/omg/proof-gate/openai.yaml +0 -13
  102. package/artifacts/release/.agents/skills/omg/remote-supervisor/SKILL.md +0 -11
  103. package/artifacts/release/.agents/skills/omg/remote-supervisor/openai.yaml +0 -12
  104. package/artifacts/release/.agents/skills/omg/robotics/SKILL.md +0 -11
  105. package/artifacts/release/.agents/skills/omg/robotics/openai.yaml +0 -11
  106. package/artifacts/release/.agents/skills/omg/secure-worktree-pipeline/SKILL.md +0 -11
  107. package/artifacts/release/.agents/skills/omg/secure-worktree-pipeline/openai.yaml +0 -12
  108. package/artifacts/release/.agents/skills/omg/security-check/SKILL.md +0 -11
  109. package/artifacts/release/.agents/skills/omg/security-check/openai.yaml +0 -13
  110. package/artifacts/release/.agents/skills/omg/terminal-lane/SKILL.md +0 -11
  111. package/artifacts/release/.agents/skills/omg/terminal-lane/openai.yaml +0 -11
  112. package/artifacts/release/.agents/skills/omg/test-intent-lock/SKILL.md +0 -11
  113. package/artifacts/release/.agents/skills/omg/test-intent-lock/openai.yaml +0 -13
  114. package/artifacts/release/.agents/skills/omg/tracebank/SKILL.md +0 -11
  115. package/artifacts/release/.agents/skills/omg/tracebank/openai.yaml +0 -12
  116. package/artifacts/release/.agents/skills/omg/vision/SKILL.md +0 -11
  117. package/artifacts/release/.agents/skills/omg/vision/openai.yaml +0 -11
  118. package/artifacts/release/.claude-plugin/marketplace.json +0 -36
  119. package/artifacts/release/.claude-plugin/mcp.json +0 -11
  120. package/artifacts/release/.claude-plugin/plugin.json +0 -23
  121. package/artifacts/release/.gemini/settings.json +0 -72
  122. package/artifacts/release/.kimi/mcp.json +0 -72
  123. package/artifacts/release/.mcp.json +0 -18
  124. package/artifacts/release/OMG_COMPAT_CONTRACT.md +0 -111
  125. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/AGENTS.fragment.md.minisig +0 -4
  126. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/AGENTS.fragment.md.statement.json +0 -35
  127. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/algorithms/SKILL.md.minisig +0 -4
  128. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/algorithms/SKILL.md.statement.json +0 -35
  129. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/algorithms/openai.yaml.minisig +0 -4
  130. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/algorithms/openai.yaml.statement.json +0 -35
  131. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/api-twin/SKILL.md.minisig +0 -4
  132. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/api-twin/SKILL.md.statement.json +0 -35
  133. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/api-twin/openai.yaml.minisig +0 -4
  134. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/api-twin/openai.yaml.statement.json +0 -35
  135. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/ast-pack/SKILL.md.minisig +0 -4
  136. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/ast-pack/SKILL.md.statement.json +0 -35
  137. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/ast-pack/openai.yaml.minisig +0 -4
  138. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/ast-pack/openai.yaml.statement.json +0 -35
  139. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/claim-judge/SKILL.md.minisig +0 -4
  140. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/claim-judge/SKILL.md.statement.json +0 -35
  141. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/claim-judge/openai.yaml.minisig +0 -4
  142. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/claim-judge/openai.yaml.statement.json +0 -35
  143. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/codex-mcp.toml.minisig +0 -4
  144. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/codex-mcp.toml.statement.json +0 -35
  145. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/codex-rules.md.minisig +0 -4
  146. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/codex-rules.md.statement.json +0 -35
  147. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/control-plane/SKILL.md.minisig +0 -4
  148. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/control-plane/SKILL.md.statement.json +0 -35
  149. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/control-plane/openai.yaml.minisig +0 -4
  150. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/control-plane/openai.yaml.statement.json +0 -35
  151. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/data-lineage/SKILL.md.minisig +0 -4
  152. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/data-lineage/SKILL.md.statement.json +0 -35
  153. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/data-lineage/openai.yaml.minisig +0 -4
  154. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/data-lineage/openai.yaml.statement.json +0 -35
  155. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/delta-classifier/SKILL.md.minisig +0 -4
  156. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/delta-classifier/SKILL.md.statement.json +0 -35
  157. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/delta-classifier/openai.yaml.minisig +0 -4
  158. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/delta-classifier/openai.yaml.statement.json +0 -35
  159. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/eval-gate/SKILL.md.minisig +0 -4
  160. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/eval-gate/SKILL.md.statement.json +0 -35
  161. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/eval-gate/openai.yaml.minisig +0 -4
  162. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/eval-gate/openai.yaml.statement.json +0 -35
  163. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hash-edit/SKILL.md.minisig +0 -4
  164. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hash-edit/SKILL.md.statement.json +0 -35
  165. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hash-edit/openai.yaml.minisig +0 -4
  166. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hash-edit/openai.yaml.statement.json +0 -35
  167. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/health/SKILL.md.minisig +0 -4
  168. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/health/SKILL.md.statement.json +0 -35
  169. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/health/openai.yaml.minisig +0 -4
  170. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/health/openai.yaml.statement.json +0 -35
  171. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hook-governor/SKILL.md.minisig +0 -4
  172. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hook-governor/SKILL.md.statement.json +0 -35
  173. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hook-governor/openai.yaml.minisig +0 -4
  174. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/hook-governor/openai.yaml.statement.json +0 -35
  175. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/incident-replay/SKILL.md.minisig +0 -4
  176. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/incident-replay/SKILL.md.statement.json +0 -35
  177. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/incident-replay/openai.yaml.minisig +0 -4
  178. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/incident-replay/openai.yaml.statement.json +0 -35
  179. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/lsp-pack/SKILL.md.minisig +0 -4
  180. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/lsp-pack/SKILL.md.statement.json +0 -35
  181. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/lsp-pack/openai.yaml.minisig +0 -4
  182. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/lsp-pack/openai.yaml.statement.json +0 -35
  183. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/mcp-fabric/SKILL.md.minisig +0 -4
  184. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/mcp-fabric/SKILL.md.statement.json +0 -35
  185. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/mcp-fabric/openai.yaml.minisig +0 -4
  186. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/mcp-fabric/openai.yaml.statement.json +0 -35
  187. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/plan-council/SKILL.md.minisig +0 -4
  188. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/plan-council/SKILL.md.statement.json +0 -35
  189. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/plan-council/openai.yaml.minisig +0 -4
  190. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/plan-council/openai.yaml.statement.json +0 -35
  191. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/preflight/SKILL.md.minisig +0 -4
  192. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/preflight/SKILL.md.statement.json +0 -35
  193. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/preflight/openai.yaml.minisig +0 -4
  194. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/preflight/openai.yaml.statement.json +0 -35
  195. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/proof-gate/SKILL.md.minisig +0 -4
  196. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/proof-gate/SKILL.md.statement.json +0 -35
  197. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/proof-gate/openai.yaml.minisig +0 -4
  198. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/proof-gate/openai.yaml.statement.json +0 -35
  199. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/remote-supervisor/SKILL.md.minisig +0 -4
  200. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/remote-supervisor/SKILL.md.statement.json +0 -35
  201. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/remote-supervisor/openai.yaml.minisig +0 -4
  202. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/remote-supervisor/openai.yaml.statement.json +0 -35
  203. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/robotics/SKILL.md.minisig +0 -4
  204. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/robotics/SKILL.md.statement.json +0 -35
  205. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/robotics/openai.yaml.minisig +0 -4
  206. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/robotics/openai.yaml.statement.json +0 -35
  207. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md.minisig +0 -4
  208. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md.statement.json +0 -35
  209. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml.minisig +0 -4
  210. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml.statement.json +0 -35
  211. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/security-check/SKILL.md.minisig +0 -4
  212. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/security-check/SKILL.md.statement.json +0 -35
  213. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/security-check/openai.yaml.minisig +0 -4
  214. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/security-check/openai.yaml.statement.json +0 -35
  215. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/terminal-lane/SKILL.md.minisig +0 -4
  216. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/terminal-lane/SKILL.md.statement.json +0 -35
  217. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/terminal-lane/openai.yaml.minisig +0 -4
  218. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/terminal-lane/openai.yaml.statement.json +0 -35
  219. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/test-intent-lock/SKILL.md.minisig +0 -4
  220. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/test-intent-lock/SKILL.md.statement.json +0 -35
  221. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/test-intent-lock/openai.yaml.minisig +0 -4
  222. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/test-intent-lock/openai.yaml.statement.json +0 -35
  223. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/tracebank/SKILL.md.minisig +0 -4
  224. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/tracebank/SKILL.md.statement.json +0 -35
  225. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/tracebank/openai.yaml.minisig +0 -4
  226. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/tracebank/openai.yaml.statement.json +0 -35
  227. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/vision/SKILL.md.minisig +0 -4
  228. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/vision/SKILL.md.statement.json +0 -35
  229. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/vision/openai.yaml.minisig +0 -4
  230. package/artifacts/release/dist/enterprise/attestations/bundle/.agents/skills/omg/vision/openai.yaml.statement.json +0 -35
  231. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/marketplace.json.minisig +0 -4
  232. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/marketplace.json.statement.json +0 -35
  233. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/mcp.json.minisig +0 -4
  234. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/mcp.json.statement.json +0 -35
  235. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/plugin.json.minisig +0 -4
  236. package/artifacts/release/dist/enterprise/attestations/bundle/.claude-plugin/plugin.json.statement.json +0 -35
  237. package/artifacts/release/dist/enterprise/attestations/bundle/.gemini/settings.json.minisig +0 -4
  238. package/artifacts/release/dist/enterprise/attestations/bundle/.gemini/settings.json.statement.json +0 -35
  239. package/artifacts/release/dist/enterprise/attestations/bundle/.kimi/mcp.json.minisig +0 -4
  240. package/artifacts/release/dist/enterprise/attestations/bundle/.kimi/mcp.json.statement.json +0 -35
  241. package/artifacts/release/dist/enterprise/attestations/bundle/.mcp.json.minisig +0 -4
  242. package/artifacts/release/dist/enterprise/attestations/bundle/.mcp.json.statement.json +0 -35
  243. package/artifacts/release/dist/enterprise/attestations/bundle/OMG_COMPAT_CONTRACT.md.minisig +0 -4
  244. package/artifacts/release/dist/enterprise/attestations/bundle/OMG_COMPAT_CONTRACT.md.statement.json +0 -35
  245. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:code-review.md.minisig +0 -4
  246. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:code-review.md.statement.json +0 -35
  247. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:deep-plan.md.minisig +0 -4
  248. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:deep-plan.md.statement.json +0 -35
  249. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:handoff.md.minisig +0 -4
  250. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:handoff.md.statement.json +0 -35
  251. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:learn.md.minisig +0 -4
  252. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:learn.md.statement.json +0 -35
  253. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:maintainer.md.minisig +0 -4
  254. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:maintainer.md.statement.json +0 -35
  255. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ralph-start.md.minisig +0 -4
  256. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ralph-start.md.statement.json +0 -35
  257. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ralph-stop.md.minisig +0 -4
  258. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ralph-stop.md.statement.json +0 -35
  259. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:security-review.md.minisig +0 -4
  260. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:security-review.md.statement.json +0 -35
  261. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:sequential-thinking.md.minisig +0 -4
  262. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:sequential-thinking.md.statement.json +0 -35
  263. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ship.md.minisig +0 -4
  264. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/commands/OMG:ship.md.statement.json +0 -35
  265. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/plugin.json.minisig +0 -4
  266. package/artifacts/release/dist/enterprise/attestations/bundle/plugins/advanced/plugin.json.statement.json +0 -35
  267. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/algorithms.yaml.minisig +0 -4
  268. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/algorithms.yaml.statement.json +0 -35
  269. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/api-twin.yaml.minisig +0 -4
  270. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/api-twin.yaml.statement.json +0 -35
  271. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/ast-pack.yaml.minisig +0 -4
  272. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/ast-pack.yaml.statement.json +0 -35
  273. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/claim-judge.yaml.minisig +0 -4
  274. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/claim-judge.yaml.statement.json +0 -35
  275. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/control-plane.yaml.minisig +0 -4
  276. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/control-plane.yaml.statement.json +0 -35
  277. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/data-lineage.yaml.minisig +0 -4
  278. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/data-lineage.yaml.statement.json +0 -35
  279. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/delta-classifier.yaml.minisig +0 -4
  280. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/delta-classifier.yaml.statement.json +0 -35
  281. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/eval-gate.yaml.minisig +0 -4
  282. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/eval-gate.yaml.statement.json +0 -35
  283. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/hash-edit.yaml.minisig +0 -4
  284. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/hash-edit.yaml.statement.json +0 -35
  285. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/health.yaml.minisig +0 -4
  286. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/health.yaml.statement.json +0 -35
  287. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/hook-governor.yaml.minisig +0 -4
  288. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/hook-governor.yaml.statement.json +0 -35
  289. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/incident-replay.yaml.minisig +0 -4
  290. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/incident-replay.yaml.statement.json +0 -35
  291. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/lsp-pack.yaml.minisig +0 -4
  292. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/lsp-pack.yaml.statement.json +0 -35
  293. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/mcp-fabric.yaml.minisig +0 -4
  294. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/mcp-fabric.yaml.statement.json +0 -35
  295. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/plan-council.yaml.minisig +0 -4
  296. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/plan-council.yaml.statement.json +0 -35
  297. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/preflight.yaml.minisig +0 -4
  298. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/preflight.yaml.statement.json +0 -35
  299. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/proof-gate.yaml.minisig +0 -4
  300. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/proof-gate.yaml.statement.json +0 -35
  301. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/remote-supervisor.yaml.minisig +0 -4
  302. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/remote-supervisor.yaml.statement.json +0 -35
  303. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/robotics.yaml.minisig +0 -4
  304. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/robotics.yaml.statement.json +0 -35
  305. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/secure-worktree-pipeline.yaml.minisig +0 -4
  306. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/secure-worktree-pipeline.yaml.statement.json +0 -35
  307. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/security-check.yaml.minisig +0 -4
  308. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/security-check.yaml.statement.json +0 -35
  309. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/terminal-lane.yaml.minisig +0 -4
  310. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/terminal-lane.yaml.statement.json +0 -35
  311. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/test-intent-lock.yaml.minisig +0 -4
  312. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/test-intent-lock.yaml.statement.json +0 -35
  313. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/tracebank.yaml.minisig +0 -4
  314. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/tracebank.yaml.statement.json +0 -35
  315. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/vision.yaml.minisig +0 -4
  316. package/artifacts/release/dist/enterprise/attestations/bundle/registry/bundles/vision.yaml.statement.json +0 -35
  317. package/artifacts/release/dist/enterprise/attestations/bundle/registry/omg-capability.schema.json.minisig +0 -4
  318. package/artifacts/release/dist/enterprise/attestations/bundle/registry/omg-capability.schema.json.statement.json +0 -35
  319. package/artifacts/release/dist/enterprise/attestations/bundle/settings.json.minisig +0 -4
  320. package/artifacts/release/dist/enterprise/attestations/bundle/settings.json.statement.json +0 -35
  321. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/AGENTS.fragment.md +0 -75
  322. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/algorithms/SKILL.md +0 -11
  323. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/algorithms/openai.yaml +0 -11
  324. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/api-twin/SKILL.md +0 -11
  325. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/api-twin/openai.yaml +0 -12
  326. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/ast-pack/SKILL.md +0 -11
  327. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/ast-pack/openai.yaml +0 -12
  328. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/claim-judge/SKILL.md +0 -11
  329. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/claim-judge/openai.yaml +0 -13
  330. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/codex-mcp.toml +0 -4
  331. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/codex-rules.md +0 -38
  332. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/control-plane/SKILL.md +0 -11
  333. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/control-plane/openai.yaml +0 -14
  334. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/data-lineage/SKILL.md +0 -11
  335. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/data-lineage/openai.yaml +0 -12
  336. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/delta-classifier/SKILL.md +0 -11
  337. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/delta-classifier/openai.yaml +0 -12
  338. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/eval-gate/SKILL.md +0 -11
  339. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/eval-gate/openai.yaml +0 -12
  340. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/hash-edit/SKILL.md +0 -11
  341. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/hash-edit/openai.yaml +0 -11
  342. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/health/SKILL.md +0 -11
  343. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/health/openai.yaml +0 -11
  344. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/hook-governor/SKILL.md +0 -11
  345. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/hook-governor/openai.yaml +0 -11
  346. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/incident-replay/SKILL.md +0 -11
  347. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/incident-replay/openai.yaml +0 -12
  348. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/lsp-pack/SKILL.md +0 -11
  349. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/lsp-pack/openai.yaml +0 -12
  350. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/mcp-fabric/SKILL.md +0 -11
  351. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/mcp-fabric/openai.yaml +0 -13
  352. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/plan-council/SKILL.md +0 -11
  353. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/plan-council/openai.yaml +0 -12
  354. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/preflight/SKILL.md +0 -11
  355. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/preflight/openai.yaml +0 -12
  356. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/proof-gate/SKILL.md +0 -11
  357. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/proof-gate/openai.yaml +0 -13
  358. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/remote-supervisor/SKILL.md +0 -11
  359. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/remote-supervisor/openai.yaml +0 -12
  360. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/robotics/SKILL.md +0 -11
  361. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/robotics/openai.yaml +0 -11
  362. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md +0 -11
  363. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml +0 -12
  364. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/security-check/SKILL.md +0 -11
  365. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/security-check/openai.yaml +0 -13
  366. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/terminal-lane/SKILL.md +0 -11
  367. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/terminal-lane/openai.yaml +0 -11
  368. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/test-intent-lock/SKILL.md +0 -11
  369. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/test-intent-lock/openai.yaml +0 -13
  370. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/tracebank/SKILL.md +0 -11
  371. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/tracebank/openai.yaml +0 -12
  372. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/vision/SKILL.md +0 -11
  373. package/artifacts/release/dist/enterprise/bundle/.agents/skills/omg/vision/openai.yaml +0 -11
  374. package/artifacts/release/dist/enterprise/bundle/.claude-plugin/marketplace.json +0 -36
  375. package/artifacts/release/dist/enterprise/bundle/.claude-plugin/mcp.json +0 -11
  376. package/artifacts/release/dist/enterprise/bundle/.claude-plugin/plugin.json +0 -23
  377. package/artifacts/release/dist/enterprise/bundle/.gemini/settings.json +0 -72
  378. package/artifacts/release/dist/enterprise/bundle/.kimi/mcp.json +0 -72
  379. package/artifacts/release/dist/enterprise/bundle/.mcp.json +0 -18
  380. package/artifacts/release/dist/enterprise/bundle/OMG_COMPAT_CONTRACT.md +0 -111
  381. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:code-review.md +0 -114
  382. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:deep-plan.md +0 -266
  383. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:handoff.md +0 -115
  384. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:learn.md +0 -110
  385. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:maintainer.md +0 -31
  386. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:ralph-start.md +0 -43
  387. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:ralph-stop.md +0 -23
  388. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:security-review.md +0 -16
  389. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:sequential-thinking.md +0 -20
  390. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/commands/OMG:ship.md +0 -46
  391. package/artifacts/release/dist/enterprise/bundle/plugins/advanced/plugin.json +0 -104
  392. package/artifacts/release/dist/enterprise/bundle/registry/bundles/algorithms.yaml +0 -45
  393. package/artifacts/release/dist/enterprise/bundle/registry/bundles/api-twin.yaml +0 -48
  394. package/artifacts/release/dist/enterprise/bundle/registry/bundles/ast-pack.yaml +0 -80
  395. package/artifacts/release/dist/enterprise/bundle/registry/bundles/claim-judge.yaml +0 -49
  396. package/artifacts/release/dist/enterprise/bundle/registry/bundles/control-plane.yaml +0 -192
  397. package/artifacts/release/dist/enterprise/bundle/registry/bundles/data-lineage.yaml +0 -47
  398. package/artifacts/release/dist/enterprise/bundle/registry/bundles/delta-classifier.yaml +0 -47
  399. package/artifacts/release/dist/enterprise/bundle/registry/bundles/eval-gate.yaml +0 -47
  400. package/artifacts/release/dist/enterprise/bundle/registry/bundles/hash-edit.yaml +0 -73
  401. package/artifacts/release/dist/enterprise/bundle/registry/bundles/health.yaml +0 -45
  402. package/artifacts/release/dist/enterprise/bundle/registry/bundles/hook-governor.yaml +0 -101
  403. package/artifacts/release/dist/enterprise/bundle/registry/bundles/incident-replay.yaml +0 -47
  404. package/artifacts/release/dist/enterprise/bundle/registry/bundles/lsp-pack.yaml +0 -80
  405. package/artifacts/release/dist/enterprise/bundle/registry/bundles/mcp-fabric.yaml +0 -53
  406. package/artifacts/release/dist/enterprise/bundle/registry/bundles/plan-council.yaml +0 -56
  407. package/artifacts/release/dist/enterprise/bundle/registry/bundles/preflight.yaml +0 -48
  408. package/artifacts/release/dist/enterprise/bundle/registry/bundles/proof-gate.yaml +0 -49
  409. package/artifacts/release/dist/enterprise/bundle/registry/bundles/remote-supervisor.yaml +0 -49
  410. package/artifacts/release/dist/enterprise/bundle/registry/bundles/robotics.yaml +0 -45
  411. package/artifacts/release/dist/enterprise/bundle/registry/bundles/secure-worktree-pipeline.yaml +0 -69
  412. package/artifacts/release/dist/enterprise/bundle/registry/bundles/security-check.yaml +0 -50
  413. package/artifacts/release/dist/enterprise/bundle/registry/bundles/terminal-lane.yaml +0 -61
  414. package/artifacts/release/dist/enterprise/bundle/registry/bundles/test-intent-lock.yaml +0 -49
  415. package/artifacts/release/dist/enterprise/bundle/registry/bundles/tracebank.yaml +0 -47
  416. package/artifacts/release/dist/enterprise/bundle/registry/bundles/vision.yaml +0 -45
  417. package/artifacts/release/dist/enterprise/bundle/registry/omg-capability.schema.json +0 -378
  418. package/artifacts/release/dist/enterprise/bundle/settings.json +0 -694
  419. package/artifacts/release/dist/enterprise/manifest.json +0 -1093
  420. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/AGENTS.fragment.md.minisig +0 -4
  421. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/AGENTS.fragment.md.statement.json +0 -35
  422. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/algorithms/SKILL.md.minisig +0 -4
  423. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/algorithms/SKILL.md.statement.json +0 -35
  424. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/algorithms/openai.yaml.minisig +0 -4
  425. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/algorithms/openai.yaml.statement.json +0 -35
  426. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/api-twin/SKILL.md.minisig +0 -4
  427. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/api-twin/SKILL.md.statement.json +0 -35
  428. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/api-twin/openai.yaml.minisig +0 -4
  429. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/api-twin/openai.yaml.statement.json +0 -35
  430. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/ast-pack/SKILL.md.minisig +0 -4
  431. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/ast-pack/SKILL.md.statement.json +0 -35
  432. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/ast-pack/openai.yaml.minisig +0 -4
  433. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/ast-pack/openai.yaml.statement.json +0 -35
  434. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/claim-judge/SKILL.md.minisig +0 -4
  435. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/claim-judge/SKILL.md.statement.json +0 -35
  436. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/claim-judge/openai.yaml.minisig +0 -4
  437. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/claim-judge/openai.yaml.statement.json +0 -35
  438. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/codex-mcp.toml.minisig +0 -4
  439. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/codex-mcp.toml.statement.json +0 -35
  440. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/codex-rules.md.minisig +0 -4
  441. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/codex-rules.md.statement.json +0 -35
  442. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/control-plane/SKILL.md.minisig +0 -4
  443. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/control-plane/SKILL.md.statement.json +0 -35
  444. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/control-plane/openai.yaml.minisig +0 -4
  445. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/control-plane/openai.yaml.statement.json +0 -35
  446. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/data-lineage/SKILL.md.minisig +0 -4
  447. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/data-lineage/SKILL.md.statement.json +0 -35
  448. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/data-lineage/openai.yaml.minisig +0 -4
  449. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/data-lineage/openai.yaml.statement.json +0 -35
  450. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/delta-classifier/SKILL.md.minisig +0 -4
  451. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/delta-classifier/SKILL.md.statement.json +0 -35
  452. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/delta-classifier/openai.yaml.minisig +0 -4
  453. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/delta-classifier/openai.yaml.statement.json +0 -35
  454. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/eval-gate/SKILL.md.minisig +0 -4
  455. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/eval-gate/SKILL.md.statement.json +0 -35
  456. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/eval-gate/openai.yaml.minisig +0 -4
  457. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/eval-gate/openai.yaml.statement.json +0 -35
  458. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hash-edit/SKILL.md.minisig +0 -4
  459. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hash-edit/SKILL.md.statement.json +0 -35
  460. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hash-edit/openai.yaml.minisig +0 -4
  461. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hash-edit/openai.yaml.statement.json +0 -35
  462. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/health/SKILL.md.minisig +0 -4
  463. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/health/SKILL.md.statement.json +0 -35
  464. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/health/openai.yaml.minisig +0 -4
  465. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/health/openai.yaml.statement.json +0 -35
  466. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hook-governor/SKILL.md.minisig +0 -4
  467. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hook-governor/SKILL.md.statement.json +0 -35
  468. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hook-governor/openai.yaml.minisig +0 -4
  469. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/hook-governor/openai.yaml.statement.json +0 -35
  470. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/incident-replay/SKILL.md.minisig +0 -4
  471. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/incident-replay/SKILL.md.statement.json +0 -35
  472. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/incident-replay/openai.yaml.minisig +0 -4
  473. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/incident-replay/openai.yaml.statement.json +0 -35
  474. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/lsp-pack/SKILL.md.minisig +0 -4
  475. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/lsp-pack/SKILL.md.statement.json +0 -35
  476. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/lsp-pack/openai.yaml.minisig +0 -4
  477. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/lsp-pack/openai.yaml.statement.json +0 -35
  478. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/mcp-fabric/SKILL.md.minisig +0 -4
  479. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/mcp-fabric/SKILL.md.statement.json +0 -35
  480. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/mcp-fabric/openai.yaml.minisig +0 -4
  481. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/mcp-fabric/openai.yaml.statement.json +0 -35
  482. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/plan-council/SKILL.md.minisig +0 -4
  483. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/plan-council/SKILL.md.statement.json +0 -35
  484. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/plan-council/openai.yaml.minisig +0 -4
  485. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/plan-council/openai.yaml.statement.json +0 -35
  486. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/preflight/SKILL.md.minisig +0 -4
  487. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/preflight/SKILL.md.statement.json +0 -35
  488. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/preflight/openai.yaml.minisig +0 -4
  489. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/preflight/openai.yaml.statement.json +0 -35
  490. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/proof-gate/SKILL.md.minisig +0 -4
  491. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/proof-gate/SKILL.md.statement.json +0 -35
  492. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/proof-gate/openai.yaml.minisig +0 -4
  493. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/proof-gate/openai.yaml.statement.json +0 -35
  494. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/remote-supervisor/SKILL.md.minisig +0 -4
  495. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/remote-supervisor/SKILL.md.statement.json +0 -35
  496. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/remote-supervisor/openai.yaml.minisig +0 -4
  497. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/remote-supervisor/openai.yaml.statement.json +0 -35
  498. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/robotics/SKILL.md.minisig +0 -4
  499. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/robotics/SKILL.md.statement.json +0 -35
  500. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/robotics/openai.yaml.minisig +0 -4
  501. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/robotics/openai.yaml.statement.json +0 -35
  502. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md.minisig +0 -4
  503. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md.statement.json +0 -35
  504. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml.minisig +0 -4
  505. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml.statement.json +0 -35
  506. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/security-check/SKILL.md.minisig +0 -4
  507. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/security-check/SKILL.md.statement.json +0 -35
  508. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/security-check/openai.yaml.minisig +0 -4
  509. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/security-check/openai.yaml.statement.json +0 -35
  510. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/terminal-lane/SKILL.md.minisig +0 -4
  511. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/terminal-lane/SKILL.md.statement.json +0 -35
  512. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/terminal-lane/openai.yaml.minisig +0 -4
  513. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/terminal-lane/openai.yaml.statement.json +0 -35
  514. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/test-intent-lock/SKILL.md.minisig +0 -4
  515. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/test-intent-lock/SKILL.md.statement.json +0 -35
  516. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/test-intent-lock/openai.yaml.minisig +0 -4
  517. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/test-intent-lock/openai.yaml.statement.json +0 -35
  518. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/tracebank/SKILL.md.minisig +0 -4
  519. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/tracebank/SKILL.md.statement.json +0 -35
  520. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/tracebank/openai.yaml.minisig +0 -4
  521. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/tracebank/openai.yaml.statement.json +0 -35
  522. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/vision/SKILL.md.minisig +0 -4
  523. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/vision/SKILL.md.statement.json +0 -35
  524. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/vision/openai.yaml.minisig +0 -4
  525. package/artifacts/release/dist/public/attestations/bundle/.agents/skills/omg/vision/openai.yaml.statement.json +0 -35
  526. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/marketplace.json.minisig +0 -4
  527. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/marketplace.json.statement.json +0 -35
  528. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/mcp.json.minisig +0 -4
  529. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/mcp.json.statement.json +0 -35
  530. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/plugin.json.minisig +0 -4
  531. package/artifacts/release/dist/public/attestations/bundle/.claude-plugin/plugin.json.statement.json +0 -35
  532. package/artifacts/release/dist/public/attestations/bundle/.gemini/settings.json.minisig +0 -4
  533. package/artifacts/release/dist/public/attestations/bundle/.gemini/settings.json.statement.json +0 -35
  534. package/artifacts/release/dist/public/attestations/bundle/.kimi/mcp.json.minisig +0 -4
  535. package/artifacts/release/dist/public/attestations/bundle/.kimi/mcp.json.statement.json +0 -35
  536. package/artifacts/release/dist/public/attestations/bundle/.mcp.json.minisig +0 -4
  537. package/artifacts/release/dist/public/attestations/bundle/.mcp.json.statement.json +0 -35
  538. package/artifacts/release/dist/public/attestations/bundle/OMG_COMPAT_CONTRACT.md.minisig +0 -4
  539. package/artifacts/release/dist/public/attestations/bundle/OMG_COMPAT_CONTRACT.md.statement.json +0 -35
  540. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:code-review.md.minisig +0 -4
  541. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:code-review.md.statement.json +0 -35
  542. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:deep-plan.md.minisig +0 -4
  543. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:deep-plan.md.statement.json +0 -35
  544. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:handoff.md.minisig +0 -4
  545. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:handoff.md.statement.json +0 -35
  546. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:learn.md.minisig +0 -4
  547. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:learn.md.statement.json +0 -35
  548. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:maintainer.md.minisig +0 -4
  549. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:maintainer.md.statement.json +0 -35
  550. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ralph-start.md.minisig +0 -4
  551. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ralph-start.md.statement.json +0 -35
  552. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ralph-stop.md.minisig +0 -4
  553. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ralph-stop.md.statement.json +0 -35
  554. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:security-review.md.minisig +0 -4
  555. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:security-review.md.statement.json +0 -35
  556. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:sequential-thinking.md.minisig +0 -4
  557. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:sequential-thinking.md.statement.json +0 -35
  558. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ship.md.minisig +0 -4
  559. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/commands/OMG:ship.md.statement.json +0 -35
  560. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/plugin.json.minisig +0 -4
  561. package/artifacts/release/dist/public/attestations/bundle/plugins/advanced/plugin.json.statement.json +0 -35
  562. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/algorithms.yaml.minisig +0 -4
  563. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/algorithms.yaml.statement.json +0 -35
  564. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/api-twin.yaml.minisig +0 -4
  565. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/api-twin.yaml.statement.json +0 -35
  566. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/ast-pack.yaml.minisig +0 -4
  567. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/ast-pack.yaml.statement.json +0 -35
  568. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/claim-judge.yaml.minisig +0 -4
  569. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/claim-judge.yaml.statement.json +0 -35
  570. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/control-plane.yaml.minisig +0 -4
  571. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/control-plane.yaml.statement.json +0 -35
  572. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/data-lineage.yaml.minisig +0 -4
  573. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/data-lineage.yaml.statement.json +0 -35
  574. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/delta-classifier.yaml.minisig +0 -4
  575. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/delta-classifier.yaml.statement.json +0 -35
  576. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/eval-gate.yaml.minisig +0 -4
  577. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/eval-gate.yaml.statement.json +0 -35
  578. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/hash-edit.yaml.minisig +0 -4
  579. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/hash-edit.yaml.statement.json +0 -35
  580. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/health.yaml.minisig +0 -4
  581. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/health.yaml.statement.json +0 -35
  582. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/hook-governor.yaml.minisig +0 -4
  583. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/hook-governor.yaml.statement.json +0 -35
  584. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/incident-replay.yaml.minisig +0 -4
  585. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/incident-replay.yaml.statement.json +0 -35
  586. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/lsp-pack.yaml.minisig +0 -4
  587. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/lsp-pack.yaml.statement.json +0 -35
  588. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/mcp-fabric.yaml.minisig +0 -4
  589. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/mcp-fabric.yaml.statement.json +0 -35
  590. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/plan-council.yaml.minisig +0 -4
  591. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/plan-council.yaml.statement.json +0 -35
  592. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/preflight.yaml.minisig +0 -4
  593. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/preflight.yaml.statement.json +0 -35
  594. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/proof-gate.yaml.minisig +0 -4
  595. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/proof-gate.yaml.statement.json +0 -35
  596. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/remote-supervisor.yaml.minisig +0 -4
  597. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/remote-supervisor.yaml.statement.json +0 -35
  598. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/robotics.yaml.minisig +0 -4
  599. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/robotics.yaml.statement.json +0 -35
  600. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/secure-worktree-pipeline.yaml.minisig +0 -4
  601. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/secure-worktree-pipeline.yaml.statement.json +0 -35
  602. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/security-check.yaml.minisig +0 -4
  603. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/security-check.yaml.statement.json +0 -35
  604. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/terminal-lane.yaml.minisig +0 -4
  605. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/terminal-lane.yaml.statement.json +0 -35
  606. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/test-intent-lock.yaml.minisig +0 -4
  607. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/test-intent-lock.yaml.statement.json +0 -35
  608. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/tracebank.yaml.minisig +0 -4
  609. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/tracebank.yaml.statement.json +0 -35
  610. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/vision.yaml.minisig +0 -4
  611. package/artifacts/release/dist/public/attestations/bundle/registry/bundles/vision.yaml.statement.json +0 -35
  612. package/artifacts/release/dist/public/attestations/bundle/registry/omg-capability.schema.json.minisig +0 -4
  613. package/artifacts/release/dist/public/attestations/bundle/registry/omg-capability.schema.json.statement.json +0 -35
  614. package/artifacts/release/dist/public/attestations/bundle/settings.json.minisig +0 -4
  615. package/artifacts/release/dist/public/attestations/bundle/settings.json.statement.json +0 -35
  616. package/artifacts/release/dist/public/bundle/.agents/skills/omg/AGENTS.fragment.md +0 -75
  617. package/artifacts/release/dist/public/bundle/.agents/skills/omg/algorithms/SKILL.md +0 -11
  618. package/artifacts/release/dist/public/bundle/.agents/skills/omg/algorithms/openai.yaml +0 -11
  619. package/artifacts/release/dist/public/bundle/.agents/skills/omg/api-twin/SKILL.md +0 -11
  620. package/artifacts/release/dist/public/bundle/.agents/skills/omg/api-twin/openai.yaml +0 -12
  621. package/artifacts/release/dist/public/bundle/.agents/skills/omg/ast-pack/SKILL.md +0 -11
  622. package/artifacts/release/dist/public/bundle/.agents/skills/omg/ast-pack/openai.yaml +0 -12
  623. package/artifacts/release/dist/public/bundle/.agents/skills/omg/claim-judge/SKILL.md +0 -11
  624. package/artifacts/release/dist/public/bundle/.agents/skills/omg/claim-judge/openai.yaml +0 -13
  625. package/artifacts/release/dist/public/bundle/.agents/skills/omg/codex-mcp.toml +0 -4
  626. package/artifacts/release/dist/public/bundle/.agents/skills/omg/codex-rules.md +0 -38
  627. package/artifacts/release/dist/public/bundle/.agents/skills/omg/control-plane/SKILL.md +0 -11
  628. package/artifacts/release/dist/public/bundle/.agents/skills/omg/control-plane/openai.yaml +0 -14
  629. package/artifacts/release/dist/public/bundle/.agents/skills/omg/data-lineage/SKILL.md +0 -11
  630. package/artifacts/release/dist/public/bundle/.agents/skills/omg/data-lineage/openai.yaml +0 -12
  631. package/artifacts/release/dist/public/bundle/.agents/skills/omg/delta-classifier/SKILL.md +0 -11
  632. package/artifacts/release/dist/public/bundle/.agents/skills/omg/delta-classifier/openai.yaml +0 -12
  633. package/artifacts/release/dist/public/bundle/.agents/skills/omg/eval-gate/SKILL.md +0 -11
  634. package/artifacts/release/dist/public/bundle/.agents/skills/omg/eval-gate/openai.yaml +0 -12
  635. package/artifacts/release/dist/public/bundle/.agents/skills/omg/hash-edit/SKILL.md +0 -11
  636. package/artifacts/release/dist/public/bundle/.agents/skills/omg/hash-edit/openai.yaml +0 -11
  637. package/artifacts/release/dist/public/bundle/.agents/skills/omg/health/SKILL.md +0 -11
  638. package/artifacts/release/dist/public/bundle/.agents/skills/omg/health/openai.yaml +0 -11
  639. package/artifacts/release/dist/public/bundle/.agents/skills/omg/hook-governor/SKILL.md +0 -11
  640. package/artifacts/release/dist/public/bundle/.agents/skills/omg/hook-governor/openai.yaml +0 -11
  641. package/artifacts/release/dist/public/bundle/.agents/skills/omg/incident-replay/SKILL.md +0 -11
  642. package/artifacts/release/dist/public/bundle/.agents/skills/omg/incident-replay/openai.yaml +0 -12
  643. package/artifacts/release/dist/public/bundle/.agents/skills/omg/lsp-pack/SKILL.md +0 -11
  644. package/artifacts/release/dist/public/bundle/.agents/skills/omg/lsp-pack/openai.yaml +0 -12
  645. package/artifacts/release/dist/public/bundle/.agents/skills/omg/mcp-fabric/SKILL.md +0 -11
  646. package/artifacts/release/dist/public/bundle/.agents/skills/omg/mcp-fabric/openai.yaml +0 -13
  647. package/artifacts/release/dist/public/bundle/.agents/skills/omg/plan-council/SKILL.md +0 -11
  648. package/artifacts/release/dist/public/bundle/.agents/skills/omg/plan-council/openai.yaml +0 -12
  649. package/artifacts/release/dist/public/bundle/.agents/skills/omg/preflight/SKILL.md +0 -11
  650. package/artifacts/release/dist/public/bundle/.agents/skills/omg/preflight/openai.yaml +0 -12
  651. package/artifacts/release/dist/public/bundle/.agents/skills/omg/proof-gate/SKILL.md +0 -11
  652. package/artifacts/release/dist/public/bundle/.agents/skills/omg/proof-gate/openai.yaml +0 -13
  653. package/artifacts/release/dist/public/bundle/.agents/skills/omg/remote-supervisor/SKILL.md +0 -11
  654. package/artifacts/release/dist/public/bundle/.agents/skills/omg/remote-supervisor/openai.yaml +0 -12
  655. package/artifacts/release/dist/public/bundle/.agents/skills/omg/robotics/SKILL.md +0 -11
  656. package/artifacts/release/dist/public/bundle/.agents/skills/omg/robotics/openai.yaml +0 -11
  657. package/artifacts/release/dist/public/bundle/.agents/skills/omg/secure-worktree-pipeline/SKILL.md +0 -11
  658. package/artifacts/release/dist/public/bundle/.agents/skills/omg/secure-worktree-pipeline/openai.yaml +0 -12
  659. package/artifacts/release/dist/public/bundle/.agents/skills/omg/security-check/SKILL.md +0 -11
  660. package/artifacts/release/dist/public/bundle/.agents/skills/omg/security-check/openai.yaml +0 -13
  661. package/artifacts/release/dist/public/bundle/.agents/skills/omg/terminal-lane/SKILL.md +0 -11
  662. package/artifacts/release/dist/public/bundle/.agents/skills/omg/terminal-lane/openai.yaml +0 -11
  663. package/artifacts/release/dist/public/bundle/.agents/skills/omg/test-intent-lock/SKILL.md +0 -11
  664. package/artifacts/release/dist/public/bundle/.agents/skills/omg/test-intent-lock/openai.yaml +0 -13
  665. package/artifacts/release/dist/public/bundle/.agents/skills/omg/tracebank/SKILL.md +0 -11
  666. package/artifacts/release/dist/public/bundle/.agents/skills/omg/tracebank/openai.yaml +0 -12
  667. package/artifacts/release/dist/public/bundle/.agents/skills/omg/vision/SKILL.md +0 -11
  668. package/artifacts/release/dist/public/bundle/.agents/skills/omg/vision/openai.yaml +0 -11
  669. package/artifacts/release/dist/public/bundle/.claude-plugin/marketplace.json +0 -36
  670. package/artifacts/release/dist/public/bundle/.claude-plugin/mcp.json +0 -11
  671. package/artifacts/release/dist/public/bundle/.claude-plugin/plugin.json +0 -23
  672. package/artifacts/release/dist/public/bundle/.gemini/settings.json +0 -72
  673. package/artifacts/release/dist/public/bundle/.kimi/mcp.json +0 -72
  674. package/artifacts/release/dist/public/bundle/.mcp.json +0 -18
  675. package/artifacts/release/dist/public/bundle/OMG_COMPAT_CONTRACT.md +0 -111
  676. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:code-review.md +0 -114
  677. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:deep-plan.md +0 -266
  678. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:handoff.md +0 -115
  679. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:learn.md +0 -110
  680. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:maintainer.md +0 -31
  681. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:ralph-start.md +0 -43
  682. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:ralph-stop.md +0 -23
  683. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:security-review.md +0 -16
  684. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:sequential-thinking.md +0 -20
  685. package/artifacts/release/dist/public/bundle/plugins/advanced/commands/OMG:ship.md +0 -46
  686. package/artifacts/release/dist/public/bundle/plugins/advanced/plugin.json +0 -104
  687. package/artifacts/release/dist/public/bundle/registry/bundles/algorithms.yaml +0 -45
  688. package/artifacts/release/dist/public/bundle/registry/bundles/api-twin.yaml +0 -48
  689. package/artifacts/release/dist/public/bundle/registry/bundles/ast-pack.yaml +0 -80
  690. package/artifacts/release/dist/public/bundle/registry/bundles/claim-judge.yaml +0 -49
  691. package/artifacts/release/dist/public/bundle/registry/bundles/control-plane.yaml +0 -192
  692. package/artifacts/release/dist/public/bundle/registry/bundles/data-lineage.yaml +0 -47
  693. package/artifacts/release/dist/public/bundle/registry/bundles/delta-classifier.yaml +0 -47
  694. package/artifacts/release/dist/public/bundle/registry/bundles/eval-gate.yaml +0 -47
  695. package/artifacts/release/dist/public/bundle/registry/bundles/hash-edit.yaml +0 -73
  696. package/artifacts/release/dist/public/bundle/registry/bundles/health.yaml +0 -45
  697. package/artifacts/release/dist/public/bundle/registry/bundles/hook-governor.yaml +0 -101
  698. package/artifacts/release/dist/public/bundle/registry/bundles/incident-replay.yaml +0 -47
  699. package/artifacts/release/dist/public/bundle/registry/bundles/lsp-pack.yaml +0 -80
  700. package/artifacts/release/dist/public/bundle/registry/bundles/mcp-fabric.yaml +0 -53
  701. package/artifacts/release/dist/public/bundle/registry/bundles/plan-council.yaml +0 -56
  702. package/artifacts/release/dist/public/bundle/registry/bundles/preflight.yaml +0 -48
  703. package/artifacts/release/dist/public/bundle/registry/bundles/proof-gate.yaml +0 -49
  704. package/artifacts/release/dist/public/bundle/registry/bundles/remote-supervisor.yaml +0 -49
  705. package/artifacts/release/dist/public/bundle/registry/bundles/robotics.yaml +0 -45
  706. package/artifacts/release/dist/public/bundle/registry/bundles/secure-worktree-pipeline.yaml +0 -69
  707. package/artifacts/release/dist/public/bundle/registry/bundles/security-check.yaml +0 -50
  708. package/artifacts/release/dist/public/bundle/registry/bundles/terminal-lane.yaml +0 -61
  709. package/artifacts/release/dist/public/bundle/registry/bundles/test-intent-lock.yaml +0 -49
  710. package/artifacts/release/dist/public/bundle/registry/bundles/tracebank.yaml +0 -47
  711. package/artifacts/release/dist/public/bundle/registry/bundles/vision.yaml +0 -45
  712. package/artifacts/release/dist/public/bundle/registry/omg-capability.schema.json +0 -378
  713. package/artifacts/release/dist/public/bundle/settings.json +0 -694
  714. package/artifacts/release/dist/public/manifest.json +0 -1093
  715. package/artifacts/release/evidence/music-omr-run-1.json +0 -16
  716. package/artifacts/release/plugins/advanced/commands/OMG:code-review.md +0 -114
  717. package/artifacts/release/plugins/advanced/commands/OMG:deep-plan.md +0 -266
  718. package/artifacts/release/plugins/advanced/commands/OMG:handoff.md +0 -115
  719. package/artifacts/release/plugins/advanced/commands/OMG:learn.md +0 -110
  720. package/artifacts/release/plugins/advanced/commands/OMG:maintainer.md +0 -31
  721. package/artifacts/release/plugins/advanced/commands/OMG:ralph-start.md +0 -43
  722. package/artifacts/release/plugins/advanced/commands/OMG:ralph-stop.md +0 -23
  723. package/artifacts/release/plugins/advanced/commands/OMG:security-review.md +0 -16
  724. package/artifacts/release/plugins/advanced/commands/OMG:sequential-thinking.md +0 -20
  725. package/artifacts/release/plugins/advanced/commands/OMG:ship.md +0 -46
  726. package/artifacts/release/plugins/advanced/plugin.json +0 -104
  727. package/artifacts/release/registry/bundles/algorithms.yaml +0 -45
  728. package/artifacts/release/registry/bundles/api-twin.yaml +0 -48
  729. package/artifacts/release/registry/bundles/ast-pack.yaml +0 -80
  730. package/artifacts/release/registry/bundles/claim-judge.yaml +0 -49
  731. package/artifacts/release/registry/bundles/control-plane.yaml +0 -192
  732. package/artifacts/release/registry/bundles/data-lineage.yaml +0 -47
  733. package/artifacts/release/registry/bundles/delta-classifier.yaml +0 -47
  734. package/artifacts/release/registry/bundles/eval-gate.yaml +0 -47
  735. package/artifacts/release/registry/bundles/hash-edit.yaml +0 -73
  736. package/artifacts/release/registry/bundles/health.yaml +0 -45
  737. package/artifacts/release/registry/bundles/hook-governor.yaml +0 -101
  738. package/artifacts/release/registry/bundles/incident-replay.yaml +0 -47
  739. package/artifacts/release/registry/bundles/lsp-pack.yaml +0 -80
  740. package/artifacts/release/registry/bundles/mcp-fabric.yaml +0 -53
  741. package/artifacts/release/registry/bundles/plan-council.yaml +0 -56
  742. package/artifacts/release/registry/bundles/preflight.yaml +0 -48
  743. package/artifacts/release/registry/bundles/proof-gate.yaml +0 -49
  744. package/artifacts/release/registry/bundles/remote-supervisor.yaml +0 -49
  745. package/artifacts/release/registry/bundles/robotics.yaml +0 -45
  746. package/artifacts/release/registry/bundles/secure-worktree-pipeline.yaml +0 -69
  747. package/artifacts/release/registry/bundles/security-check.yaml +0 -50
  748. package/artifacts/release/registry/bundles/terminal-lane.yaml +0 -61
  749. package/artifacts/release/registry/bundles/test-intent-lock.yaml +0 -49
  750. package/artifacts/release/registry/bundles/tracebank.yaml +0 -47
  751. package/artifacts/release/registry/bundles/vision.yaml +0 -45
  752. package/artifacts/release/registry/omg-capability.schema.json +0 -378
  753. package/artifacts/release/settings.json +0 -694
  754. package/build/lib/agents/__init__.py +0 -1
  755. package/build/lib/agents/designer.md +0 -67
  756. package/build/lib/agents/explore.md +0 -60
  757. package/build/lib/agents/model_roles.py +0 -196
  758. package/build/lib/agents/omg-api-builder.md +0 -23
  759. package/build/lib/agents/omg-architect-mode.md +0 -41
  760. package/build/lib/agents/omg-architect.md +0 -13
  761. package/build/lib/agents/omg-backend-engineer.md +0 -41
  762. package/build/lib/agents/omg-critic.md +0 -16
  763. package/build/lib/agents/omg-database-engineer.md +0 -41
  764. package/build/lib/agents/omg-escalation-router.md +0 -17
  765. package/build/lib/agents/omg-executor.md +0 -12
  766. package/build/lib/agents/omg-frontend-designer.md +0 -41
  767. package/build/lib/agents/omg-implement-mode.md +0 -49
  768. package/build/lib/agents/omg-infra-engineer.md +0 -41
  769. package/build/lib/agents/omg-qa-tester.md +0 -16
  770. package/build/lib/agents/omg-research-mode.md +0 -41
  771. package/build/lib/agents/omg-security-auditor.md +0 -41
  772. package/build/lib/agents/omg-testing-engineer.md +0 -41
  773. package/build/lib/agents/plan.md +0 -80
  774. package/build/lib/agents/quick_task.md +0 -64
  775. package/build/lib/agents/reviewer.md +0 -83
  776. package/build/lib/agents/task.md +0 -71
  777. package/build/lib/commands/OMG:ai-commit.md +0 -113
  778. package/build/lib/commands/OMG:api-twin.md +0 -22
  779. package/build/lib/commands/OMG:arch.md +0 -313
  780. package/build/lib/commands/OMG:browser.md +0 -29
  781. package/build/lib/commands/OMG:ccg.md +0 -22
  782. package/build/lib/commands/OMG:compat.md +0 -57
  783. package/build/lib/commands/OMG:cost.md +0 -181
  784. package/build/lib/commands/OMG:crazy.md +0 -125
  785. package/build/lib/commands/OMG:create-agent.md +0 -183
  786. package/build/lib/commands/OMG:deep-plan.md +0 -18
  787. package/build/lib/commands/OMG:deps.md +0 -248
  788. package/build/lib/commands/OMG:diagnose-plugins.md +0 -33
  789. package/build/lib/commands/OMG:doctor.md +0 -37
  790. package/build/lib/commands/OMG:domain-init.md +0 -11
  791. package/build/lib/commands/OMG:escalate.md +0 -52
  792. package/build/lib/commands/OMG:forge.md +0 -103
  793. package/build/lib/commands/OMG:health-check.md +0 -48
  794. package/build/lib/commands/OMG:init.md +0 -134
  795. package/build/lib/commands/OMG:issue.md +0 -56
  796. package/build/lib/commands/OMG:mode.md +0 -44
  797. package/build/lib/commands/OMG:playwright.md +0 -17
  798. package/build/lib/commands/OMG:preflight.md +0 -26
  799. package/build/lib/commands/OMG:preset.md +0 -49
  800. package/build/lib/commands/OMG:profile-review.md +0 -58
  801. package/build/lib/commands/OMG:project-init.md +0 -11
  802. package/build/lib/commands/OMG:ralph-start.md +0 -43
  803. package/build/lib/commands/OMG:ralph-stop.md +0 -23
  804. package/build/lib/commands/OMG:security-check.md +0 -28
  805. package/build/lib/commands/OMG:session-branch.md +0 -101
  806. package/build/lib/commands/OMG:session-fork.md +0 -57
  807. package/build/lib/commands/OMG:session-merge.md +0 -138
  808. package/build/lib/commands/OMG:setup.md +0 -82
  809. package/build/lib/commands/OMG:stats.md +0 -225
  810. package/build/lib/commands/OMG:teams.md +0 -54
  811. package/build/lib/commands/OMG:theme.md +0 -44
  812. package/build/lib/commands/OMG:validate.md +0 -59
  813. package/build/lib/commands/__init__.py +0 -1
  814. package/build/lib/control_plane/__init__.py +0 -2
  815. package/build/lib/control_plane/openapi.yaml +0 -277
  816. package/build/lib/control_plane/server.py +0 -155
  817. package/build/lib/control_plane/service.py +0 -456
  818. package/build/lib/hooks/__init__.py +0 -0
  819. package/build/lib/hooks/_agent_registry.py +0 -479
  820. package/build/lib/hooks/_analytics.py +0 -291
  821. package/build/lib/hooks/_budget.py +0 -31
  822. package/build/lib/hooks/_common.py +0 -647
  823. package/build/lib/hooks/_compression_optimizer.py +0 -119
  824. package/build/lib/hooks/_cost_ledger.py +0 -176
  825. package/build/lib/hooks/_learnings.py +0 -126
  826. package/build/lib/hooks/_memory.py +0 -103
  827. package/build/lib/hooks/_protected_context.py +0 -150
  828. package/build/lib/hooks/_token_counter.py +0 -221
  829. package/build/lib/hooks/branch_manager.py +0 -253
  830. package/build/lib/hooks/budget_governor.py +0 -257
  831. package/build/lib/hooks/circuit-breaker.py +0 -270
  832. package/build/lib/hooks/compression_feedback.py +0 -254
  833. package/build/lib/hooks/config-guard.py +0 -216
  834. package/build/lib/hooks/context_pressure.py +0 -119
  835. package/build/lib/hooks/credential_store.py +0 -970
  836. package/build/lib/hooks/fetch-rate-limits.py +0 -212
  837. package/build/lib/hooks/firewall.py +0 -301
  838. package/build/lib/hooks/hashline-formatter-bridge.py +0 -224
  839. package/build/lib/hooks/hashline-injector.py +0 -273
  840. package/build/lib/hooks/hashline-validator.py +0 -216
  841. package/build/lib/hooks/idle-detector.py +0 -95
  842. package/build/lib/hooks/instructions-loaded.py +0 -26
  843. package/build/lib/hooks/intentgate-keyword-detector.py +0 -200
  844. package/build/lib/hooks/magic-keyword-router.py +0 -195
  845. package/build/lib/hooks/policy_engine.py +0 -718
  846. package/build/lib/hooks/post-tool-failure.py +0 -19
  847. package/build/lib/hooks/post-write.py +0 -219
  848. package/build/lib/hooks/post_write.py +0 -46
  849. package/build/lib/hooks/pre-compact.py +0 -470
  850. package/build/lib/hooks/pre-tool-inject.py +0 -98
  851. package/build/lib/hooks/prompt-enhancer.py +0 -877
  852. package/build/lib/hooks/quality-runner.py +0 -191
  853. package/build/lib/hooks/query.py +0 -512
  854. package/build/lib/hooks/secret-guard.py +0 -99
  855. package/build/lib/hooks/secret_audit.py +0 -144
  856. package/build/lib/hooks/security_validators.py +0 -75
  857. package/build/lib/hooks/session-end-capture.py +0 -505
  858. package/build/lib/hooks/session-start.py +0 -259
  859. package/build/lib/hooks/setup_wizard.py +0 -1132
  860. package/build/lib/hooks/shadow_manager.py +0 -476
  861. package/build/lib/hooks/state_migration.py +0 -228
  862. package/build/lib/hooks/stop-gate.py +0 -7
  863. package/build/lib/hooks/stop_dispatcher.py +0 -1130
  864. package/build/lib/hooks/tdd-gate.py +0 -10
  865. package/build/lib/hooks/test-validator.py +0 -430
  866. package/build/lib/hooks/test_generator_hook.py +0 -123
  867. package/build/lib/hooks/todo-state-tracker.py +0 -114
  868. package/build/lib/hooks/tool-ledger.py +0 -165
  869. package/build/lib/hooks/trust_review.py +0 -585
  870. package/build/lib/hooks/user-prompt-submit.py +0 -12
  871. package/build/lib/plugins/README.md +0 -64
  872. package/build/lib/plugins/__init__.py +0 -1
  873. package/build/lib/plugins/advanced/commands/OMG:code-review.md +0 -114
  874. package/build/lib/plugins/advanced/commands/OMG:deep-plan.md +0 -266
  875. package/build/lib/plugins/advanced/commands/OMG:handoff.md +0 -115
  876. package/build/lib/plugins/advanced/commands/OMG:learn.md +0 -110
  877. package/build/lib/plugins/advanced/commands/OMG:maintainer.md +0 -31
  878. package/build/lib/plugins/advanced/commands/OMG:ralph-start.md +0 -43
  879. package/build/lib/plugins/advanced/commands/OMG:ralph-stop.md +0 -23
  880. package/build/lib/plugins/advanced/commands/OMG:security-review.md +0 -16
  881. package/build/lib/plugins/advanced/commands/OMG:sequential-thinking.md +0 -20
  882. package/build/lib/plugins/advanced/commands/OMG:ship.md +0 -46
  883. package/build/lib/plugins/advanced/plugin.json +0 -104
  884. package/build/lib/plugins/core/plugin.json +0 -199
  885. package/build/lib/plugins/dephealth/__init__.py +0 -0
  886. package/build/lib/plugins/dephealth/cve_scanner.py +0 -279
  887. package/build/lib/plugins/dephealth/license_checker.py +0 -135
  888. package/build/lib/plugins/dephealth/manifest_detector.py +0 -423
  889. package/build/lib/plugins/dephealth/vuln_analyzer.py +0 -176
  890. package/build/lib/plugins/testgen/__init__.py +0 -0
  891. package/build/lib/plugins/testgen/codamosa_engine.py +0 -402
  892. package/build/lib/plugins/testgen/edge_case_synthesizer.py +0 -184
  893. package/build/lib/plugins/testgen/framework_detector.py +0 -271
  894. package/build/lib/plugins/testgen/skeleton_generator.py +0 -219
  895. package/build/lib/plugins/viz/__init__.py +0 -0
  896. package/build/lib/plugins/viz/ast_parser.py +0 -139
  897. package/build/lib/plugins/viz/diagram_generator.py +0 -192
  898. package/build/lib/plugins/viz/graph_builder.py +0 -444
  899. package/build/lib/plugins/viz/native_parsers.py +0 -259
  900. package/build/lib/plugins/viz/regex_parser.py +0 -112
  901. package/build/lib/registry/__init__.py +0 -1
  902. package/build/lib/registry/approval_artifact.py +0 -236
  903. package/build/lib/registry/bundles/algorithms.yaml +0 -45
  904. package/build/lib/registry/bundles/api-twin.yaml +0 -48
  905. package/build/lib/registry/bundles/ast-pack.yaml +0 -80
  906. package/build/lib/registry/bundles/claim-judge.yaml +0 -49
  907. package/build/lib/registry/bundles/control-plane.yaml +0 -192
  908. package/build/lib/registry/bundles/data-lineage.yaml +0 -47
  909. package/build/lib/registry/bundles/delta-classifier.yaml +0 -47
  910. package/build/lib/registry/bundles/eval-gate.yaml +0 -47
  911. package/build/lib/registry/bundles/hash-edit.yaml +0 -73
  912. package/build/lib/registry/bundles/health.yaml +0 -45
  913. package/build/lib/registry/bundles/hook-governor.yaml +0 -101
  914. package/build/lib/registry/bundles/incident-replay.yaml +0 -47
  915. package/build/lib/registry/bundles/lsp-pack.yaml +0 -80
  916. package/build/lib/registry/bundles/mcp-fabric.yaml +0 -53
  917. package/build/lib/registry/bundles/plan-council.yaml +0 -56
  918. package/build/lib/registry/bundles/preflight.yaml +0 -48
  919. package/build/lib/registry/bundles/proof-gate.yaml +0 -49
  920. package/build/lib/registry/bundles/remote-supervisor.yaml +0 -49
  921. package/build/lib/registry/bundles/robotics.yaml +0 -45
  922. package/build/lib/registry/bundles/secure-worktree-pipeline.yaml +0 -69
  923. package/build/lib/registry/bundles/security-check.yaml +0 -50
  924. package/build/lib/registry/bundles/terminal-lane.yaml +0 -61
  925. package/build/lib/registry/bundles/test-intent-lock.yaml +0 -49
  926. package/build/lib/registry/bundles/tracebank.yaml +0 -47
  927. package/build/lib/registry/bundles/vision.yaml +0 -45
  928. package/build/lib/registry/omg-capability.schema.json +0 -378
  929. package/build/lib/registry/trusted_signers.json +0 -19
  930. package/build/lib/registry/verify_artifact.py +0 -493
  931. package/build/lib/runtime/__init__.py +0 -36
  932. package/build/lib/runtime/adapters/__init__.py +0 -13
  933. package/build/lib/runtime/adapters/claude.py +0 -63
  934. package/build/lib/runtime/adapters/gpt.py +0 -56
  935. package/build/lib/runtime/adapters/local.py +0 -56
  936. package/build/lib/runtime/adoption.py +0 -276
  937. package/build/lib/runtime/api_twin.py +0 -450
  938. package/build/lib/runtime/architecture_signal.py +0 -226
  939. package/build/lib/runtime/artifact_parsers.py +0 -161
  940. package/build/lib/runtime/asset_loader.py +0 -62
  941. package/build/lib/runtime/background_verification.py +0 -178
  942. package/build/lib/runtime/budget_envelopes.py +0 -358
  943. package/build/lib/runtime/business_workflow.py +0 -234
  944. package/build/lib/runtime/canonical_surface.py +0 -53
  945. package/build/lib/runtime/claim_judge.py +0 -648
  946. package/build/lib/runtime/cli_provider.py +0 -105
  947. package/build/lib/runtime/compat.py +0 -1515
  948. package/build/lib/runtime/complexity_scorer.py +0 -148
  949. package/build/lib/runtime/compliance_governor.py +0 -479
  950. package/build/lib/runtime/context_engine.py +0 -708
  951. package/build/lib/runtime/context_limits.py +0 -363
  952. package/build/lib/runtime/contract_compiler.py +0 -3202
  953. package/build/lib/runtime/custom_agent_loader.py +0 -366
  954. package/build/lib/runtime/data_lineage.py +0 -244
  955. package/build/lib/runtime/defense_state.py +0 -261
  956. package/build/lib/runtime/delta_classifier.py +0 -163
  957. package/build/lib/runtime/dispatcher.py +0 -47
  958. package/build/lib/runtime/domain_packs.py +0 -75
  959. package/build/lib/runtime/ecosystem.py +0 -371
  960. package/build/lib/runtime/equalizer.py +0 -265
  961. package/build/lib/runtime/eval_gate.py +0 -96
  962. package/build/lib/runtime/evidence_query.py +0 -303
  963. package/build/lib/runtime/evidence_registry.py +0 -16
  964. package/build/lib/runtime/evidence_requirements.py +0 -157
  965. package/build/lib/runtime/exec_kernel.py +0 -267
  966. package/build/lib/runtime/feature_registry.py +0 -109
  967. package/build/lib/runtime/forge_agents.py +0 -915
  968. package/build/lib/runtime/forge_contracts.py +0 -519
  969. package/build/lib/runtime/forge_domains.py +0 -68
  970. package/build/lib/runtime/forge_run_id.py +0 -86
  971. package/build/lib/runtime/github_integration.py +0 -255
  972. package/build/lib/runtime/github_review_bot.py +0 -290
  973. package/build/lib/runtime/github_review_contract.py +0 -65
  974. package/build/lib/runtime/github_review_formatter.py +0 -165
  975. package/build/lib/runtime/guide_assert.py +0 -135
  976. package/build/lib/runtime/hook_governor.py +0 -156
  977. package/build/lib/runtime/host_parity.py +0 -373
  978. package/build/lib/runtime/incident_replay.py +0 -310
  979. package/build/lib/runtime/interaction_journal.py +0 -503
  980. package/build/lib/runtime/issue_surface.py +0 -362
  981. package/build/lib/runtime/legacy_compat.py +0 -7
  982. package/build/lib/runtime/mcp_config_writers.py +0 -233
  983. package/build/lib/runtime/mcp_lifecycle.py +0 -175
  984. package/build/lib/runtime/mcp_memory_server.py +0 -220
  985. package/build/lib/runtime/memory_parsers/__init__.py +0 -0
  986. package/build/lib/runtime/memory_parsers/chatgpt_parser.py +0 -257
  987. package/build/lib/runtime/memory_parsers/claude_import.py +0 -107
  988. package/build/lib/runtime/memory_parsers/export.py +0 -97
  989. package/build/lib/runtime/memory_parsers/gemini_import.py +0 -91
  990. package/build/lib/runtime/memory_parsers/kimi_import.py +0 -91
  991. package/build/lib/runtime/memory_store.py +0 -1182
  992. package/build/lib/runtime/merge_writer.py +0 -408
  993. package/build/lib/runtime/music_omr_testbed.py +0 -333
  994. package/build/lib/runtime/mutation_gate.py +0 -258
  995. package/build/lib/runtime/omc_compat.py +0 -7
  996. package/build/lib/runtime/omg_browser_cli.py +0 -95
  997. package/build/lib/runtime/omg_compat_contract_snapshot.json +0 -916
  998. package/build/lib/runtime/omg_contract_snapshot.json +0 -916
  999. package/build/lib/runtime/omg_mcp_server.py +0 -304
  1000. package/build/lib/runtime/playwright_adapter.py +0 -39
  1001. package/build/lib/runtime/playwright_pack.py +0 -253
  1002. package/build/lib/runtime/plugin_diagnostics.py +0 -248
  1003. package/build/lib/runtime/plugin_interop.py +0 -1035
  1004. package/build/lib/runtime/preflight.py +0 -135
  1005. package/build/lib/runtime/profile_io.py +0 -328
  1006. package/build/lib/runtime/proof_chain.py +0 -472
  1007. package/build/lib/runtime/proof_gate.py +0 -442
  1008. package/build/lib/runtime/providers/__init__.py +0 -0
  1009. package/build/lib/runtime/providers/codex_provider.py +0 -127
  1010. package/build/lib/runtime/providers/gemini_provider.py +0 -141
  1011. package/build/lib/runtime/providers/kimi_provider.py +0 -166
  1012. package/build/lib/runtime/providers/opencode_provider.py +0 -99
  1013. package/build/lib/runtime/release_run_coordinator.py +0 -547
  1014. package/build/lib/runtime/release_surfaces.py +0 -313
  1015. package/build/lib/runtime/remote_supervisor.py +0 -79
  1016. package/build/lib/runtime/repro_pack.py +0 -398
  1017. package/build/lib/runtime/rollback_manifest.py +0 -136
  1018. package/build/lib/runtime/router_critics.py +0 -229
  1019. package/build/lib/runtime/router_executor.py +0 -142
  1020. package/build/lib/runtime/router_selector.py +0 -99
  1021. package/build/lib/runtime/runtime_contracts.py +0 -292
  1022. package/build/lib/runtime/runtime_profile.py +0 -133
  1023. package/build/lib/runtime/security_check.py +0 -1064
  1024. package/build/lib/runtime/session_health.py +0 -524
  1025. package/build/lib/runtime/skill_evolution.py +0 -221
  1026. package/build/lib/runtime/skill_registry.py +0 -53
  1027. package/build/lib/runtime/subagent_dispatcher.py +0 -604
  1028. package/build/lib/runtime/team_router.py +0 -1374
  1029. package/build/lib/runtime/test_intent_lock.py +0 -521
  1030. package/build/lib/runtime/tmux_session_manager.py +0 -172
  1031. package/build/lib/runtime/tool_fabric.py +0 -570
  1032. package/build/lib/runtime/tool_plan_gate.py +0 -452
  1033. package/build/lib/runtime/tracebank.py +0 -125
  1034. package/build/lib/runtime/untrusted_content.py +0 -307
  1035. package/build/lib/runtime/validate.py +0 -293
  1036. package/build/lib/runtime/verification_controller.py +0 -235
  1037. package/build/lib/runtime/verification_loop.py +0 -73
  1038. package/build/lib/runtime/vision_artifacts.py +0 -31
  1039. package/build/lib/runtime/vision_cache.py +0 -38
  1040. package/build/lib/runtime/vision_jobs.py +0 -89
  1041. package/build/lib/runtime/worker_watchdog.py +0 -482
  1042. package/dist/oh_my_god-2.1.4-py3-none-any.whl +0 -0
  1043. package/dist/oh_my_god-2.1.4.tar.gz +0 -0
  1044. package/dist/oh_my_god-2.1.7-py3-none-any.whl +0 -0
  1045. package/dist/oh_my_god-2.1.8-py3-none-any.whl +0 -0
  1046. package/dist/oh_my_god-2.1.9-py3-none-any.whl +0 -0
  1047. package/dist/oh_my_god-2.2.2-py3-none-any.whl +0 -0
package/build/lib/runtime/security_check.py DELETED
@@ -1,1064 +0,0 @@
1
- """Canonical OMG security check engine."""
2
- from __future__ import annotations
3
-
4
- import ast
5
- from collections import Counter
6
- from importlib import import_module
7
- from datetime import datetime, timezone
8
- from hashlib import sha256
9
- import json
10
- from pathlib import Path
11
- import re
12
- import shutil
13
- import subprocess
14
- from typing import Any
15
-
16
- from hooks.security_validators import ensure_path_within_dir
17
- from plugins.dephealth.cve_scanner import scan_for_cves
18
- from plugins.dephealth.license_checker import check_license_compatibility
19
- from plugins.dephealth.manifest_detector import detect_manifests
20
- from plugins.dephealth.vuln_analyzer import analyze_reachability
21
- from runtime.adoption import CANONICAL_VERSION
22
- from runtime.delta_classifier import classify_project_changes
23
- from runtime.tracebank import record_trace
24
-
25
-
26
- SEVERITY_ORDER = {
27
- "critical": 0,
28
- "high": 1,
29
- "medium": 2,
30
- "low": 3,
31
- }
32
-
33
- _PYTHON_AST_RULES: tuple[tuple[str, str, str, str], ...] = (
34
- ("B602", "subprocess-shell-true", "high", "Avoid shell=True in subprocess calls."),
35
- ("B307", "eval-use", "high", "Replace eval with explicit parsing."),
36
- ("B102", "exec-use", "high", "Replace exec with explicit control flow."),
37
- ("B301", "pickle-load", "high", "Avoid unsafe deserialization of pickle payloads."),
38
- )
39
-
40
- _SECRET_PATTERNS: tuple[tuple[str, re.Pattern[str], str, str], ...] = (
41
- ("SEC001", re.compile(r"AKIA[0-9A-Z]{16}"), "high", "AWS access key-like token detected."),
42
- ("SEC002", re.compile(r"-----BEGIN (?:RSA|EC|OPENSSH|DSA) PRIVATE KEY-----"), "critical", "Private key material detected."),
43
- (
44
- "SEC003",
45
- re.compile(r"(?i)(?:secret|api[_-]?key|token|password)\s*[:=]\s*['\"][A-Za-z0-9_\-\+/=]{12,}['\"]"),
46
- "high",
47
- "Hard-coded secret-like credential detected.",
48
- ),
49
- )
50
-
51
- _CONFIG_PATTERNS: tuple[tuple[str, re.Pattern[str], str, str], ...] = (
52
- ("CFG001", re.compile(r"0\.0\.0\.0/0"), "high", "Wildcard ingress rule detected."),
53
- ("CFG002", re.compile(r"(?i)verify\s*=\s*false"), "high", "TLS verification appears disabled."),
54
- ("CFG003", re.compile(r"(?i)(?:ssl_verify|verify_ssl)\s*[:=]\s*false"), "high", "TLS verification appears disabled."),
55
- ("CFG004", re.compile(r"(?i)allow_privilege_escalation\s*[:=]\s*true"), "high", "Privilege escalation enabled in runtime policy."),
56
- ("CFG005", re.compile(r"(?i)publicly_accessible\s*=\s*true"), "medium", "Publicly accessible infrastructure flag enabled."),
57
- )
58
-
59
- _CONFIG_FILE_HINTS = (
60
- ".tf",
61
- ".tfvars",
62
- ".yaml",
63
- ".yml",
64
- ".json",
65
- ".env",
66
- "dockerfile",
67
- "kustomization",
68
- "helm",
69
- "policy",
70
- "config",
71
- )
72
-
73
- _SBOM_ECOSYSTEM_PURL = {
74
- "npm": "npm",
75
- "PyPI": "pypi",
76
- "crates.io": "cargo",
77
- "Go": "golang",
78
- "RubyGems": "gem",
79
- }
80
-
81
-
82
- def run_security_check(
83
- *,
84
- project_dir: str,
85
- scope: str = ".",
86
- include_live_enrichment: bool = False,
87
- external_inputs: list[dict[str, Any]] | None = None,
88
- waivers: list[dict[str, Any] | str] | None = None,
89
- ) -> dict[str, Any]:
90
- scope_path = _resolve_scope(project_dir, scope)
91
- findings: list[dict[str, Any]] = []
92
- manifests = detect_manifests(str(scope_path))
93
- waiver_map = _normalize_waivers(waivers or [])
94
-
95
- findings.extend(_scan_python_ast(scope_path))
96
- findings.extend(_scan_secret_patterns(scope_path))
97
- findings.extend(_scan_config_and_iac(scope_path))
98
- findings.extend(_scan_dependency_health(scope_path, include_live_enrichment))
99
- findings = _finalize_findings(findings, waiver_map)
100
- findings.sort(key=lambda finding: (SEVERITY_ORDER.get(finding["severity"], 99), finding["id"]))
101
-
102
- severity_counts = Counter(finding["severity"] for finding in findings)
103
- source_counts = Counter(finding["source"] for finding in findings)
104
- relative_scope = _display_scope(project_dir, scope_path)
105
- delta = classify_project_changes(project_dir, touched_files=_delta_touched_files(project_dir, scope_path), goal="security check")
106
- evidence_requirements = _requirements_for_profile(delta.get("evidence_profile"))
107
- unresolved_high_risk = [
108
- finding
109
- for finding in findings
110
- if finding.get("severity") in {"critical", "high"} and not finding.get("waived", False)
111
- ]
112
- provenance = _build_provenance(
113
- scope=relative_scope,
114
- manifests=manifests.manifests,
115
- findings=findings,
116
- include_live_enrichment=include_live_enrichment,
117
- external_inputs=external_inputs or [],
118
- )
119
- trust_scores = _build_trust_scores(findings)
120
- generated_at = datetime.now(timezone.utc).isoformat()
121
- license_artifact = _build_license_artifact(
122
- project_dir=project_dir,
123
- scope_path=scope_path,
124
- manifests=manifests,
125
- generated_at=generated_at,
126
- )
127
- unresolved_risks = [
128
- {
129
- "finding_id": finding.get("finding_id"),
130
- "id": finding.get("id"),
131
- "severity": finding.get("severity"),
132
- "exploitability": finding.get("exploitability", "unknown"),
133
- "reachability": finding.get("reachability", "unknown"),
134
- "kev_listed": finding.get("kev_listed", False),
135
- "epss_score": finding.get("epss_score"),
136
- "waived": bool(finding.get("waived")),
137
- "waiver_justification": finding.get("waiver_justification", ""),
138
- "message": finding.get("message", ""),
139
- }
140
- for finding in findings
141
- if finding.get("severity") in {"critical", "high"}
142
- ]
143
- trace = record_trace(
144
- project_dir,
145
- trace_type="security-check",
146
- route="security-check",
147
- status="error" if unresolved_high_risk else "ok",
148
- plan={"scope": relative_scope, "delta_categories": delta["categories"]},
149
- verify={"finding_count": len(findings), "unresolved_high_risk_count": len(unresolved_high_risk)},
150
- failures=[finding["finding_id"] for finding in unresolved_high_risk],
151
- rejections=[],
152
- )
153
- artifacts = _write_evidence_artifacts(
154
- project_dir,
155
- scope=relative_scope,
156
- generated_at=generated_at,
157
- findings=findings,
158
- provenance=provenance,
159
- trust_scores=trust_scores,
160
- include_live_enrichment=include_live_enrichment,
161
- waivers=waivers or [],
162
- license_artifact=license_artifact,
163
- manifests=manifests,
164
- unresolved_risks=unresolved_risks,
165
- )
166
- return {
167
- "schema": "SecurityCheckResult",
168
- "status": "error" if unresolved_high_risk else "ok",
169
- "scope": relative_scope,
170
- "findings": findings,
171
- "waivers": {
172
- "requested": len(waivers or []),
173
- "applied": len([finding for finding in findings if finding.get("waived")]),
174
- },
175
- "release_blocked": bool(unresolved_high_risk),
176
- "unresolved_risks": unresolved_risks,
177
- "security_scans": [
178
- {
179
- "tool": "security-check",
180
- "path": artifacts["json_path"],
181
- "sarif_path": artifacts["sarif_path"],
182
- "sbom_path": artifacts["sbom_path"],
183
- "license_path": artifacts["license_path"],
184
- "findings": findings,
185
- }
186
- ],
187
- "summary": {
188
- "finding_count": len(findings),
189
- "unresolved_high_risk_count": len(unresolved_high_risk),
190
- "by_severity": dict(sorted(severity_counts.items())),
191
- "by_source": dict(sorted(source_counts.items())),
192
- "live_enrichment": include_live_enrichment,
193
- "scan_status": "completed",
194
- "manifest_count": len(manifests.manifests),
195
- "delta_categories": delta["categories"],
196
- "delta_evidence_profile": delta.get("evidence_profile"),
197
- "evidence_requirements": evidence_requirements,
198
- },
199
- "evidence_requirements": evidence_requirements,
200
- "provenance": provenance,
201
- "trust_scores": trust_scores,
202
- "license": license_artifact,
203
- "sbom": _build_sbom_payload(generated_at=generated_at, manifests=manifests),
204
- "evidence": {
205
- "path": artifacts["json_path"],
206
- "json_path": artifacts["json_path"],
207
- "sarif_path": artifacts["sarif_path"],
208
- "sbom_path": artifacts["sbom_path"],
209
- "license_path": artifacts["license_path"],
210
- },
211
- "trace": {"trace_id": trace["trace_id"], "path": trace["path"]},
212
- }
213
-
214
-
215
- def _requirements_for_profile(evidence_profile: str | None) -> list[str]:
216
- module = import_module("runtime.evidence_requirements")
217
- resolver = getattr(module, "requirements_for_profile", None)
218
- if callable(resolver):
219
- resolved = resolver(evidence_profile)
220
- if isinstance(resolved, (list, tuple, set)):
221
- return [str(item) for item in resolved]
222
- full = getattr(module, "FULL_REQUIREMENTS", [])
223
- return [str(item) for item in full]
224
-
225
-
226
- def security_check(
227
- *,
228
- project_dir: str,
229
- scope: str = ".",
230
- include_live_enrichment: bool = False,
231
- external_inputs: list[dict[str, Any]] | None = None,
232
- waivers: list[dict[str, Any] | str] | None = None,
233
- ) -> dict[str, Any]:
234
- return run_security_check(
235
- project_dir=project_dir,
236
- scope=scope,
237
- include_live_enrichment=include_live_enrichment,
238
- external_inputs=external_inputs,
239
- waivers=waivers,
240
- )
241
-
242
-
243
- def _resolve_scope(project_dir: str, scope: str) -> Path:
244
- if not scope:
245
- return Path(project_dir).resolve()
246
- candidate = Path(scope)
247
- if candidate.is_absolute():
248
- return candidate.resolve()
249
- base = Path(project_dir).resolve()
250
- resolved = Path(ensure_path_within_dir(base, base / candidate))
251
- return resolved
252
-
253
-
254
- def _display_scope(project_dir: str, scope_path: Path) -> str:
255
- base = Path(project_dir).resolve()
256
- try:
257
- return scope_path.relative_to(base).as_posix() or "."
258
- except ValueError:
259
- return str(scope_path)
260
-
261
-
262
- def _delta_touched_files(project_dir: str, scope_path: Path) -> list[str]:
263
- base = Path(project_dir).resolve()
264
- if scope_path.is_file():
265
- return [_display_scope(project_dir, scope_path)]
266
- touched: list[str] = []
267
- for path in sorted(scope_path.rglob("*")):
268
- if not path.is_file():
269
- continue
270
- try:
271
- rel = path.resolve().relative_to(base).as_posix()
272
- except ValueError:
273
- rel = str(path.resolve())
274
- touched.append(rel)
275
- if len(touched) >= 64:
276
- break
277
- return touched or [_display_scope(project_dir, scope_path)]
278
-
279
-
280
- def _scan_python_ast(scope_path: Path) -> list[dict[str, Any]]:
281
- findings: list[dict[str, Any]] = []
282
- for py_file in _iter_python_files(scope_path):
283
- try:
284
- source = py_file.read_text(encoding="utf-8")
285
- except OSError:
286
- continue
287
- findings.extend(_scan_python_file(py_file, source))
288
- findings.extend(_run_bandit_if_available(scope_path))
289
- findings.extend(_scan_semgrep(scope_path))
290
- return findings
291
-
292
-
293
- def run_semgrep_scan(project_dir: str, rules: str = "auto") -> dict[str, Any]:
294
- unavailable = {"status": "unavailable", "findings": [], "error": "semgrep not found"}
295
- if shutil.which("semgrep") is None:
296
- return unavailable
297
-
298
- cmd = ["semgrep", "--json", "--config", rules, project_dir]
299
- try:
300
- proc = subprocess.run(cmd, capture_output=True, text=True, check=False, timeout=60)
301
- except Exception:
302
- return unavailable
303
-
304
- if proc.returncode not in {0, 1}:
305
- return unavailable
306
-
307
- try:
308
- payload = json.loads(proc.stdout or "{}")
309
- except Exception:
310
- return unavailable
311
-
312
- findings: list[dict[str, Any]] = []
313
- for item in payload.get("results", []):
314
- extra = item.get("extra") if isinstance(item.get("extra"), dict) else {}
315
- start = item.get("start") if isinstance(item.get("start"), dict) else {}
316
- findings.append(
317
- {
318
- "severity": _normalize_semgrep_severity(str(extra.get("severity", "WARNING"))),
319
- "rule": str(item.get("check_id", "semgrep")),
320
- "path": str(item.get("path", "")),
321
- "line": _safe_int(start.get("line", 1), default=1),
322
- "message": str(extra.get("message", "Semgrep finding")),
323
- }
324
- )
325
- return {"status": "ok", "findings": findings, "error": ""}
326
-
327
-
328
- def _normalize_semgrep_severity(raw: str) -> str:
329
- lowered = raw.lower()
330
- if lowered in {"error", "critical"}:
331
- return "high"
332
- if lowered in {"warning", "warn"}:
333
- return "medium"
334
- if lowered in {"info", "note", "low"}:
335
- return "low"
336
- return _normalize_severity(lowered)
337
-
338
-
339
- def _scan_semgrep(scope_path: Path) -> list[dict[str, Any]]:
340
- result = run_semgrep_scan(str(scope_path))
341
- if result.get("status") != "ok":
342
- return []
343
-
344
- findings: list[dict[str, Any]] = []
345
- for item in result.get("findings", []):
346
- if not isinstance(item, dict):
347
- continue
348
- file_path = Path(str(item.get("path", "")))
349
- findings.append(
350
- _finding(
351
- rule_id=str(item.get("rule", "semgrep")),
352
- source_name="semgrep-ce",
353
- category="python_ast",
354
- severity=_normalize_severity(str(item.get("severity", "medium"))),
355
- path=file_path,
356
- line=_safe_int(item.get("line", 1), default=1),
357
- message=str(item.get("message", "Semgrep finding")),
358
- recommendation="Review Semgrep finding and apply the suggested remediation.",
359
- snippet="",
360
- )
361
- )
362
- return findings
363
-
364
-
365
- def _safe_int(value: Any, *, default: int) -> int:
366
- try:
367
- return int(value)
368
- except (TypeError, ValueError):
369
- return default
370
-
371
-
372
- def _scan_secret_patterns(scope_path: Path) -> list[dict[str, Any]]:
373
- findings: list[dict[str, Any]] = []
374
- for candidate in _iter_text_candidates(scope_path):
375
- try:
376
- source = candidate.read_text(encoding="utf-8")
377
- except (OSError, UnicodeDecodeError):
378
- continue
379
- for line_no, line in enumerate(source.splitlines(), start=1):
380
- for rule_id, pattern, severity, message in _SECRET_PATTERNS:
381
- if not pattern.search(line):
382
- continue
383
- findings.append(
384
- _finding(
385
- rule_id=rule_id,
386
- source_name="secret-scan",
387
- category="secret",
388
- severity=severity,
389
- path=candidate,
390
- line=line_no,
391
- message=message,
392
- recommendation="Move secrets to an approved secret manager or environment injection.",
393
- snippet=line.strip(),
394
- )
395
- )
396
- return findings
397
-
398
-
399
- def _scan_config_and_iac(scope_path: Path) -> list[dict[str, Any]]:
400
- findings: list[dict[str, Any]] = []
401
- for candidate in _iter_text_candidates(scope_path):
402
- lowered = candidate.name.lower()
403
- rel_lower = candidate.as_posix().lower()
404
- if not any(hint in lowered or hint in rel_lower for hint in _CONFIG_FILE_HINTS):
405
- continue
406
- try:
407
- source = candidate.read_text(encoding="utf-8")
408
- except (OSError, UnicodeDecodeError):
409
- continue
410
- for line_no, line in enumerate(source.splitlines(), start=1):
411
- for rule_id, pattern, severity, message in _CONFIG_PATTERNS:
412
- if not pattern.search(line):
413
- continue
414
- findings.append(
415
- _finding(
416
- rule_id=rule_id,
417
- source_name="config-scan",
418
- category="config",
419
- severity=severity,
420
- path=candidate,
421
- line=line_no,
422
- message=message,
423
- recommendation="Apply least-privilege defaults and tighten network/transport policy.",
424
- snippet=line.strip(),
425
- )
426
- )
427
- return findings
428
-
429
-
430
- def _iter_text_candidates(scope_path: Path) -> list[Path]:
431
- if scope_path.is_file():
432
- return [scope_path]
433
- if not scope_path.exists():
434
- return []
435
- candidates: list[Path] = []
436
- for path in sorted(scope_path.rglob("*")):
437
- if not path.is_file():
438
- continue
439
- try:
440
- size = path.stat().st_size
441
- except OSError:
442
- continue
443
- if size > 1_000_000:
444
- continue
445
- if ".git" in path.parts or ".omg" in path.parts or "build" in path.parts:
446
- continue
447
- candidates.append(path)
448
- return candidates
449
-
450
-
451
- def _iter_python_files(scope_path: Path) -> list[Path]:
452
- if scope_path.is_file():
453
- return [scope_path] if scope_path.suffix == ".py" else []
454
- if not scope_path.exists():
455
- return []
456
- return sorted(path for path in scope_path.rglob("*.py") if path.is_file())
457
-
458
-
459
- def _scan_python_file(path: Path, source: str) -> list[dict[str, Any]]:
460
- try:
461
- tree = ast.parse(source)
462
- except SyntaxError:
463
- return []
464
-
465
- findings: list[dict[str, Any]] = []
466
- for node in ast.walk(tree):
467
- if isinstance(node, ast.Call):
468
- findings.extend(_call_findings(path, node, source))
469
- return findings
470
-
471
-
472
- def _call_findings(path: Path, node: ast.Call, source: str) -> list[dict[str, Any]]:
473
- findings: list[dict[str, Any]] = []
474
- callee = _call_name(node.func)
475
- if callee in {"subprocess.run", "subprocess.Popen", "os.system"}:
476
- if any(keyword.arg == "shell" and isinstance(keyword.value, ast.Constant) and keyword.value.value is True for keyword in node.keywords):
477
- findings.append(
478
- _finding(
479
- rule_id="B602",
480
- source_name="bandit-lite",
481
- category="python_ast",
482
- severity="high",
483
- path=path,
484
- line=getattr(node, "lineno", 1),
485
- message="subprocess call uses shell=True",
486
- recommendation="Avoid shell=True in subprocess calls.",
487
- snippet=_source_line(source, getattr(node, "lineno", 1)),
488
- )
489
- )
490
- if callee == "eval":
491
- findings.append(
492
- _finding(
493
- rule_id="B307",
494
- source_name="bandit-lite",
495
- category="python_ast",
496
- severity="high",
497
- path=path,
498
- line=getattr(node, "lineno", 1),
499
- message="eval() detected",
500
- recommendation="Replace eval with explicit parsing.",
501
- snippet=_source_line(source, getattr(node, "lineno", 1)),
502
- )
503
- )
504
- if callee == "exec":
505
- findings.append(
506
- _finding(
507
- rule_id="B102",
508
- source_name="bandit-lite",
509
- category="python_ast",
510
- severity="high",
511
- path=path,
512
- line=getattr(node, "lineno", 1),
513
- message="exec() detected",
514
- recommendation="Replace exec with explicit control flow.",
515
- snippet=_source_line(source, getattr(node, "lineno", 1)),
516
- )
517
- )
518
- if callee in {"pickle.load", "pickle.loads"}:
519
- findings.append(
520
- _finding(
521
- rule_id="B301",
522
- source_name="bandit-lite",
523
- category="python_ast",
524
- severity="high",
525
- path=path,
526
- line=getattr(node, "lineno", 1),
527
- message="pickle deserialization detected",
528
- recommendation="Avoid unsafe deserialization of pickle payloads.",
529
- snippet=_source_line(source, getattr(node, "lineno", 1)),
530
- )
531
- )
532
- return findings
533
-
534
-
535
- def _call_name(func: ast.AST) -> str:
536
- if isinstance(func, ast.Name):
537
- return func.id
538
- if isinstance(func, ast.Attribute):
539
- prefix = _call_name(func.value)
540
- return f"{prefix}.{func.attr}" if prefix else func.attr
541
- return ""
542
-
543
-
544
- def _source_line(source: str, line: int) -> str:
545
- lines = source.splitlines()
546
- if 1 <= line <= len(lines):
547
- return lines[line - 1].strip()
548
- return ""
549
-
550
-
551
- def _run_bandit_if_available(scope_path: Path) -> list[dict[str, Any]]:
552
- if not _command_exists("bandit"):
553
- return []
554
-
555
- cmd = ["bandit", "-r", str(scope_path), "-f", "json"]
556
- proc = subprocess.run(cmd, capture_output=True, text=True, check=False, timeout=30)
557
- if proc.returncode not in {0, 1}:
558
- return []
559
- try:
560
- import json
561
-
562
- payload = json.loads(proc.stdout or "{}")
563
- except Exception:
564
- return []
565
-
566
- findings: list[dict[str, Any]] = []
567
- for item in payload.get("results", []):
568
- issue_severity = str(item.get("issue_severity", "LOW")).lower()
569
- findings.append(
570
- {
571
- "id": str(item.get("test_id", "bandit")),
572
- "source": "bandit",
573
- "category": "python_ast",
574
- "severity": "medium" if issue_severity == "medium" else ("critical" if issue_severity == "critical" else issue_severity),
575
- "exploitability": "unknown",
576
- "reachability": "unknown",
577
- "evidence": {
578
- "path": str(item.get("filename", "")),
579
- "line": int(item.get("line_number", 1)),
580
- "snippet": str(item.get("code", "")).strip(),
581
- },
582
- "recommendation": str(item.get("more_info", "")) or "Review Bandit finding and remediate.",
583
- "message": str(item.get("issue_text", "Bandit finding")),
584
- }
585
- )
586
- return findings
587
-
588
-
589
- def _command_exists(command: str) -> bool:
590
- return shutil.which(command) is not None
591
-
592
-
593
- def _scan_dependency_health(scope_path: Path, include_live_enrichment: bool) -> list[dict[str, Any]]:
594
- manifests = detect_manifests(str(scope_path))
595
- dependencies = [
596
- {
597
- "name": package.name,
598
- "version": _normalize_version(package.version),
599
- "ecosystem": _ecosystem_from_manifest(package.source_manifest),
600
- }
601
- for package in manifests.packages
602
- if package.name
603
- ]
604
- if not dependencies or not include_live_enrichment:
605
- return []
606
-
607
- osv_result = scan_for_cves(dependencies, str(scope_path))
608
- raw_results = osv_result.get("results", {})
609
- findings: list[dict[str, Any]] = []
610
- for dependency in dependencies:
611
- package_name = dependency["name"]
612
- for vuln in raw_results.get(package_name, []):
613
- reachability = analyze_reachability(
614
- {
615
- "package": package_name,
616
- "id": vuln.get("id", ""),
617
- "summary": vuln.get("summary", ""),
618
- "fixed_version": vuln.get("fixed_version", ""),
619
- },
620
- str(scope_path),
621
- )
622
- findings.append(
623
- {
624
- "id": str(vuln.get("id", "")),
625
- "source": "osv",
626
- "category": "dependency",
627
- "severity": _normalize_severity(str(vuln.get("severity", "unknown"))),
628
- "exploitability": _risk_to_exploitability(str(reachability.get("risk_level", ""))),
629
- "reachability": _normalize_reachability(str(reachability.get("reachability", "unknown"))),
630
- "kev_listed": reachability.get("kev_listed", False),
631
- "epss_score": reachability.get("epss_score"),
632
- "evidence": {
633
- "package": package_name,
634
- "version": dependency["version"],
635
- "fixed_version": str(vuln.get("fixed_version", "")),
636
- "summary": str(vuln.get("summary", "")),
637
- },
638
- "recommendation": reachability.get("recommendation", "Upgrade the dependency to a fixed version."),
639
- "message": str(vuln.get("summary", "")) or f"Known vulnerability in {package_name}",
640
- }
641
- )
642
- return findings
643
-
644
-
645
- def _risk_to_exploitability(risk_level: str) -> str:
646
- lowered = risk_level.lower()
647
- if lowered in {"critical", "high"}:
648
- return "high"
649
- if lowered == "medium":
650
- return "medium"
651
- if lowered == "low":
652
- return "low"
653
- return "unknown"
654
-
655
-
656
- def _normalize_reachability(raw: str) -> str:
657
- lowered = raw.lower()
658
- if lowered in {"reachable", "potentially_reachable", "potentially-reachable"}:
659
- return "reachable"
660
- if lowered == "unreachable":
661
- return "unreachable"
662
- return "unknown"
663
-
664
-
665
- def _normalize_version(version: str) -> str:
666
- normalized = (version or "").strip()
667
- for prefix in ("==", ">=", "<=", "~=", "^", ">"):
668
- if normalized.startswith(prefix):
669
- return normalized[len(prefix):].strip()
670
- return normalized
671
-
672
-
673
- def _ecosystem_from_manifest(manifest_path: str) -> str:
674
- suffix = Path(manifest_path).name
675
- return {
676
- "package.json": "npm",
677
- "requirements.txt": "PyPI",
678
- "pyproject.toml": "PyPI",
679
- "Cargo.toml": "crates.io",
680
- "go.mod": "Go",
681
- "Gemfile": "RubyGems",
682
- }.get(suffix, "npm")
683
-
684
-
685
- def _normalize_severity(raw: str) -> str:
686
- lowered = raw.lower()
687
- if "critical" in lowered:
688
- return "critical"
689
- if "high" in lowered:
690
- return "high"
691
- if "medium" in lowered or "moderate" in lowered:
692
- return "medium"
693
- if "low" in lowered:
694
- return "low"
695
- return "medium"
696
-
697
-
698
- def _finding(
699
- *,
700
- rule_id: str,
701
- source_name: str,
702
- category: str,
703
- severity: str,
704
- path: Path,
705
- line: int,
706
- message: str,
707
- recommendation: str,
708
- snippet: str,
709
- ) -> dict[str, Any]:
710
- exploitability = "high" if severity in {"critical", "high"} else ("medium" if severity == "medium" else "low")
711
- return {
712
- "id": rule_id,
713
- "source": source_name,
714
- "category": category,
715
- "severity": severity,
716
- "exploitability": exploitability,
717
- "reachability": "reachable",
718
- "evidence": {
719
- "path": str(path),
720
- "line": line,
721
- "snippet": snippet,
722
- },
723
- "recommendation": recommendation,
724
- "message": message,
725
- }
726
-
727
-
728
- def _normalize_waivers(waivers: list[dict[str, Any] | str]) -> dict[str, str]:
729
- normalized: dict[str, str] = {}
730
- for waiver in waivers:
731
- if isinstance(waiver, str):
732
- key = waiver.strip()
733
- if key:
734
- normalized[key] = "waived"
735
- continue
736
- if not isinstance(waiver, dict):
737
- continue
738
- target = str(waiver.get("finding_id") or waiver.get("id") or "").strip()
739
- if not target:
740
- continue
741
- justification = str(waiver.get("justification") or waiver.get("reason") or "waived").strip()
742
- normalized[target] = justification
743
- return normalized
744
-
745
-
746
- def _finding_instance_id(finding: dict[str, Any]) -> str:
747
- evidence = finding.get("evidence", {})
748
- base = "|".join(
749
- [
750
- str(finding.get("id", "")),
751
- str(evidence.get("path", "")),
752
- str(evidence.get("line", "")),
753
- str(finding.get("message", "")),
754
- ]
755
- )
756
- digest = sha256(base.encode("utf-8")).hexdigest()
757
- return f"{finding.get('id', 'SEC')}-{digest[:12]}"
758
-
759
-
760
- def _finalize_findings(findings: list[dict[str, Any]], waiver_map: dict[str, str]) -> list[dict[str, Any]]:
761
- finalized: list[dict[str, Any]] = []
762
- for finding in findings:
763
- item = dict(finding)
764
- item["severity"] = _normalize_severity(str(item.get("severity", "medium")))
765
- item.setdefault("exploitability", "unknown")
766
- item.setdefault("reachability", "unknown")
767
- item["exploitability"] = _normalize_exploitability(str(item.get("exploitability", "unknown")), item)
768
- item["reachability"] = _normalize_reachability(str(item.get("reachability", "unknown")))
769
- item["finding_id"] = _finding_instance_id(item)
770
- justification = waiver_map.get(item["finding_id"]) or waiver_map.get(str(item.get("id", "")))
771
- if justification:
772
- item["waived"] = True
773
- item["waiver_justification"] = justification
774
- else:
775
- item["waived"] = False
776
- finalized.append(item)
777
- return finalized
778
-
779
-
780
- def _normalize_exploitability(raw: str, finding: dict[str, Any]) -> str:
781
- lowered = raw.lower()
782
- if lowered in {"high", "medium", "low"}:
783
- return lowered
784
- category = str(finding.get("category", "")).lower()
785
- severity = str(finding.get("severity", "medium")).lower()
786
- if category in {"secret", "python_ast"}:
787
- return "high"
788
- if severity in {"critical", "high"}:
789
- return "high"
790
- if severity == "medium":
791
- return "medium"
792
- if severity == "low":
793
- return "low"
794
- return "unknown"
795
-
796
-
797
- def _build_provenance(
798
- *,
799
- scope: str,
800
- manifests: list[Any],
801
- findings: list[dict[str, Any]],
802
- include_live_enrichment: bool,
803
- external_inputs: list[dict[str, Any]],
804
- ) -> list[dict[str, Any]]:
805
- provenance = [
806
- {
807
- "source": "bandit-lite",
808
- "scope": scope,
809
- "mode": "static",
810
- "finding_count": len([finding for finding in findings if finding["source"] == "bandit-lite"]),
811
- },
812
- {
813
- "source": "manifest-detector",
814
- "scope": scope,
815
- "manifest_count": len(manifests),
816
- "mode": "live" if include_live_enrichment else "offline",
817
- },
818
- ]
819
- if include_live_enrichment:
820
- provenance.append(
821
- {
822
- "source": "osv",
823
- "scope": scope,
824
- "mode": "live-enrichment",
825
- }
826
- )
827
- if external_inputs:
828
- provenance.append(
829
- {
830
- "source": "external-content",
831
- "scope": scope,
832
- "mode": "zero-trust",
833
- "count": len(external_inputs),
834
- }
835
- )
836
- return provenance
837
-
838
-
839
- def _build_trust_scores(findings: list[dict[str, Any]]) -> dict[str, float]:
840
- if not findings:
841
- return {"overall": 1.0}
842
- weighted = 0.0
843
- for finding in findings:
844
- severity = finding.get("severity", "medium")
845
- weighted += {"critical": 0.4, "high": 0.25, "medium": 0.1, "low": 0.05}.get(str(severity), 0.1)
846
- overall = max(0.0, round(1.0 - min(weighted, 0.95), 3))
847
- return {"overall": overall}
848
-
849
-
850
- def _timestamp_slug() -> str:
851
- return datetime.now(timezone.utc).strftime("%Y%m%dT%H%M%SZ")
852
-
853
-
854
- def _build_sarif_payload(findings: list[dict[str, Any]]) -> dict[str, Any]:
855
- rules_by_id: dict[str, dict[str, Any]] = {}
856
- results: list[dict[str, Any]] = []
857
- for finding in findings:
858
- rule_id = str(finding.get("id", "OMG000"))
859
- if rule_id not in rules_by_id:
860
- rules_by_id[rule_id] = {
861
- "id": rule_id,
862
- "name": str(finding.get("category", "security")),
863
- "shortDescription": {"text": str(finding.get("message", "Security finding"))},
864
- "help": {"text": str(finding.get("recommendation", "Review finding and remediate."))},
865
- }
866
- evidence = finding.get("evidence", {})
867
- level = "warning"
868
- if finding.get("severity") in {"critical", "high"}:
869
- level = "error"
870
- elif finding.get("severity") == "low":
871
- level = "note"
872
- location = {
873
- "physicalLocation": {
874
- "artifactLocation": {"uri": str(evidence.get("path", ""))},
875
- "region": {"startLine": int(evidence.get("line", 1) or 1)},
876
- }
877
- }
878
- result_payload: dict[str, Any] = {
879
- "ruleId": rule_id,
880
- "level": level,
881
- "message": {"text": str(finding.get("message", "Security finding"))},
882
- "partialFingerprints": {
883
- "findingId": str(finding.get("finding_id", "")),
884
- },
885
- "properties": {
886
- "severity": str(finding.get("severity", "medium")),
887
- "exploitability": str(finding.get("exploitability", "unknown")),
888
- "reachability": str(finding.get("reachability", "unknown")),
889
- "waived": bool(finding.get("waived", False)),
890
- },
891
- "locations": [location],
892
- }
893
- if finding.get("waived"):
894
- result_payload["suppressions"] = [
895
- {
896
- "kind": "inSource",
897
- "justification": str(finding.get("waiver_justification", "waived")),
898
- }
899
- ]
900
- results.append(result_payload)
901
-
902
- return {
903
- "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
904
- "version": "2.1.0",
905
- "runs": [
906
- {
907
- "tool": {
908
- "driver": {
909
- "name": "omg-security-check",
910
- "version": CANONICAL_VERSION,
911
- "rules": [rules_by_id[key] for key in sorted(rules_by_id.keys())],
912
- }
913
- },
914
- "results": results,
915
- }
916
- ],
917
- }
918
-
919
-
920
- def _build_sbom_payload(*, generated_at: str, manifests: Any) -> dict[str, Any]:
921
- components: list[dict[str, Any]] = []
922
- for package in manifests.packages:
923
- version = _normalize_version(package.version)
924
- ecosystem = _ecosystem_from_manifest(package.source_manifest)
925
- purl_type = _SBOM_ECOSYSTEM_PURL.get(ecosystem, "generic")
926
- purl = f"pkg:{purl_type}/{package.name}"
927
- if version:
928
- purl = f"{purl}@{version}"
929
- component = {
930
- "type": "library",
931
- "name": package.name,
932
- "version": version,
933
- "purl": purl,
934
- }
935
- components.append(component)
936
- return {
937
- "bomFormat": "CycloneDX",
938
- "specVersion": "1.4",
939
- "version": 1,
940
- "metadata": {
941
- "timestamp": generated_at,
942
- "tools": [{"vendor": "OMG", "name": "omg-security-check", "version": CANONICAL_VERSION}],
943
- },
944
- "components": components,
945
- }
946
-
947
-
948
- def _build_license_artifact(*, project_dir: str, scope_path: Path, manifests: Any, generated_at: str) -> dict[str, Any]:
949
- project_license = _detect_project_license(project_dir=project_dir, scope_path=scope_path)
950
- dependencies = [{"name": package.name, "license": "UNKNOWN"} for package in manifests.packages]
951
- compatibility = check_license_compatibility(project_license, dependencies)
952
- packages_by_license: dict[str, list[str]] = {}
953
- for dependency in dependencies:
954
- package_name = str(dependency.get("name", "")).strip()
955
- if not package_name:
956
- continue
957
- spdx_id = str(dependency.get("license", "UNKNOWN") or "UNKNOWN").strip() or "UNKNOWN"
958
- packages_by_license.setdefault(spdx_id, []).append(package_name)
959
-
960
- licenses = [
961
- {
962
- "name": spdx_id,
963
- "spdx_id": spdx_id,
964
- "packages": sorted(packages),
965
- }
966
- for spdx_id, packages in sorted(packages_by_license.items())
967
- ]
968
-
969
- if not licenses:
970
- licenses = [{"name": project_license, "spdx_id": project_license, "packages": []}]
971
-
972
- return {
973
- "timestamp": generated_at,
974
- "licenses": licenses,
975
- "project_license": project_license,
976
- "compatibility": compatibility,
977
- }
978
-
979
-
980
- def _detect_project_license(*, project_dir: str, scope_path: Path) -> str:
981
- candidates = [scope_path / "package.json", Path(project_dir).resolve() / "package.json"]
982
- for candidate in candidates:
983
- if not candidate.exists():
984
- continue
985
- try:
986
- payload = json.loads(candidate.read_text(encoding="utf-8"))
987
- except (OSError, json.JSONDecodeError):
988
- continue
989
- if isinstance(payload, dict) and isinstance(payload.get("license"), str) and payload["license"].strip():
990
- return str(payload["license"]).strip()
991
- if (Path(project_dir).resolve() / "LICENSE").exists() or (Path(project_dir).resolve() / "LICENSE.md").exists():
992
- return "MIT"
993
- return "UNKNOWN"
994
-
995
-
996
- def _write_json_file(path: Path, payload: dict[str, Any]) -> None:
997
- path.parent.mkdir(parents=True, exist_ok=True)
998
- path.write_text(json.dumps(payload, indent=2, ensure_ascii=True) + "\n", encoding="utf-8")
999
-
1000
-
1001
- def _write_evidence_artifacts(
1002
- project_dir: str,
1003
- *,
1004
- scope: str,
1005
- generated_at: str,
1006
- findings: list[dict[str, Any]],
1007
- provenance: list[dict[str, Any]],
1008
- trust_scores: dict[str, float],
1009
- include_live_enrichment: bool,
1010
- waivers: list[dict[str, Any] | str],
1011
- license_artifact: dict[str, Any],
1012
- manifests: Any,
1013
- unresolved_risks: list[dict[str, Any]],
1014
- ) -> dict[str, str]:
1015
- stamp = _timestamp_slug()
1016
- evidence_dir = Path(project_dir) / ".omg" / "evidence"
1017
- evidence_dir.mkdir(parents=True, exist_ok=True)
1018
-
1019
- json_rel = Path(".omg") / "evidence" / f"security-{stamp}.json"
1020
- sarif_rel = Path(".omg") / "evidence" / f"security-{stamp}.sarif"
1021
- sbom_rel = Path(".omg") / "evidence" / f"sbom-{stamp}.cdx.json"
1022
- license_rel = Path(".omg") / "evidence" / f"license-{stamp}.json"
1023
-
1024
- unresolved_high_risk = [
1025
- finding
1026
- for finding in findings
1027
- if finding.get("severity") in {"critical", "high"} and not finding.get("waived", False)
1028
- ]
1029
-
1030
- payload = {
1031
- "schema": "SecurityCheckEvidence",
1032
- "generated_at": generated_at,
1033
- "scope": scope,
1034
- "scan_status": "completed",
1035
- "live_enrichment": include_live_enrichment,
1036
- "findings": findings,
1037
- "waivers": waivers,
1038
- "unresolved_high_risk": [finding.get("finding_id") for finding in unresolved_high_risk],
1039
- "unresolved_risks": unresolved_risks,
1040
- "security_scans": [
1041
- {
1042
- "tool": "security-check",
1043
- "path": json_rel.as_posix(),
1044
- "findings": findings,
1045
- }
1046
- ],
1047
- "provenance": provenance,
1048
- "trust_scores": trust_scores,
1049
- "artifacts": {
1050
- "sarif_path": sarif_rel.as_posix(),
1051
- "sbom_path": sbom_rel.as_posix(),
1052
- "license_path": license_rel.as_posix(),
1053
- },
1054
- }
1055
- _write_json_file(Path(project_dir) / json_rel, payload)
1056
- _write_json_file(Path(project_dir) / sarif_rel, _build_sarif_payload(findings))
1057
- _write_json_file(Path(project_dir) / sbom_rel, _build_sbom_payload(generated_at=generated_at, manifests=manifests))
1058
- _write_json_file(Path(project_dir) / license_rel, license_artifact)
1059
- return {
1060
- "json_path": json_rel.as_posix(),
1061
- "sarif_path": sarif_rel.as_posix(),
1062
- "sbom_path": sbom_rel.as_posix(),
1063
- "license_path": license_rel.as_posix(),
1064
- }