@triedotdev/mcp 1.0.166 → 1.0.167

package/dist/{chunk-HOGKPDZA.js → chunk-LQIMKE3P.js}

@@ -1,54 +1,51 @@
+import {
+  CodebaseIndex
+} from "./chunk-Q5EKA5YA.js";
 import {
   getChatStore
 } from "./chunk-JVMBCWKS.js";
 import {
   getTrieAgent
-} from "./chunk-JNUOW2JS.js";
+} from "./chunk-4MXH2ZPT.js";
 import {
   parseGoalViolation
 } from "./chunk-WCN7S3EI.js";
-import {
-  CodebaseIndex
-} from "./chunk-Q5EKA5YA.js";
 import {
   getOutputManager
-} from "./chunk-VR4VWXXU.js";
+} from "./chunk-G2TGF6TR.js";
 import {
   getInsightStore
 } from "./chunk-T63OHG4Q.js";
 import {
   LearningEngine,
   formatFriendlyError,
-  getLastCheckpoint,
   isTrieInitialized,
-  listCheckpoints,
   perceiveCurrentChanges,
-  reasonAboutChangesHumanReadable,
-  saveCheckpoint
-} from "./chunk-LG5CBK6A.js";
+  reasonAboutChangesHumanReadable
+} from "./chunk-YZ6Y2H3P.js";
 import {
   measureInitialGoalValue
-} from "./chunk-ZKKKLRZZ.js";
+} from "./chunk-5BRRRTN6.js";
 import {
   exportToJson
 } from "./chunk-OBQ74FOU.js";
 import {
   loadConfig,
   saveConfig
-} from "./chunk-GDWA3CH3.js";
+} from "./chunk-XPZZFPBZ.js";
 import {
   IncidentIndex
 } from "./chunk-TN5WEKWI.js";
 import {
   findCrossProjectPatterns
-} from "./chunk-TQOO6A4G.js";
+} from "./chunk-7WITSO22.js";
 import {
   ContextGraph
 } from "./chunk-VUL52BQL.js";
 import {
   TieredStorage,
   getStorage
-} from "./chunk-LR5M4RTN.js";
+} from "./chunk-575YT2SD.js";
 import {
   getKeyFromKeychain,
   isAIAvailable,
@@ -57,25 +54,27 @@ import {
   setAPIKey
 } from "./chunk-FQ45QP5A.js";
 import {
+  getRecentIssues,
   storeIssues
-} from "./chunk-S36IO3EE.js";
+} from "./chunk-XE6KQRKZ.js";
+import {
+  generateKeyPair,
+  getLedgerBlocks,
+  getPublicKey,
+  hasSigningKey,
+  saveKeyPair
+} from "./chunk-ZJF5FTBX.js";
 import {
   getProjectState
 } from "./chunk-GTKYBOXL.js";
+import {
+  atomicWriteJSON
+} from "./chunk-43X6JBEM.js";
 import {
   getAutonomyConfig,
   loadAutonomyConfig,
   saveAutonomyConfig
 } from "./chunk-ME2OERF5.js";
-import {
-  generateKeyPair,
-  getChangedFilesSinceTimestamp,
-  getGitChangedFiles,
-  getLedgerBlocks,
-  getPublicKey,
-  hasSigningKey,
-  saveKeyPair
-} from "./chunk-MVVPJ73K.js";
 import {
   getTrieDirectory,
   getWorkingDirectory
@@ -83,6 +82,10 @@ import {
 import {
   isInteractiveMode
 } from "./chunk-KDHN2ZQE.js";
+import {
+  getChangedFilesSinceTimestamp,
+  getGitChangedFiles
+} from "./chunk-2HF65EHQ.js";
 
 // src/utils/streaming.ts
 var shouldSuppressConsole = () => isInteractiveMode();
@@ -2060,7 +2063,7 @@ function AgentView() {
       const { getInsightStore: getInsightStore2 } = await import("./insight-store-EC4PLSAW.js");
       const store = getInsightStore2(workDir);
       await store.dismissInsight(insight.id);
-      const { getStorage: getStorage2 } = await import("./tiered-storage-OP74NPJY.js");
+      const { getStorage: getStorage2 } = await import("./tiered-storage-Z3YCR465.js");
       const storage = getStorage2(workDir);
       await storage.dismissNudge(insight.id).catch(() => {
       });
@@ -2072,7 +2075,7 @@ function AgentView() {
   const clearAllNudges = useCallback(async () => {
     try {
       const workDir = getWorkingDirectory(void 0, true);
-      const { getStorage: getStorage2 } = await import("./tiered-storage-OP74NPJY.js");
+      const { getStorage: getStorage2 } = await import("./tiered-storage-Z3YCR465.js");
       const storage = getStorage2(workDir);
       await storage.clearAllNudges();
       dispatch({ type: "CLEAR_ALL_INSIGHTS" });
@@ -2446,7 +2449,7 @@ function GoalsView() {
       dispatch({ type: "SET_GOAL_SCANNING", goalId, progress: "Starting scan..." });
       dispatch({ type: "ADD_ACTIVITY", message: `Scanning goal: ${goalSummary.description}...` });
       dispatch({ type: "SET_GOAL_SCANNING", goalId, progress: "Loading goal configuration..." });
-      const { checkFilesForGoalViolations } = await import("./goal-validator-6Y5CDEMJ.js");
+      const { checkFilesForGoalViolations } = await import("./goal-validator-ULKIBDPX.js");
       const agentState = getProjectState(workDir);
       await agentState.load();
       const fullGoal = agentState.getAllGoals().find((g) => g.id === goalId);
@@ -2721,7 +2724,7 @@ function HypothesesView() {
       dispatch({ type: "SET_HYPOTHESIS_SCANNING", hypothesisId: hypoId, progress: "Gathering evidence..." });
       dispatch({ type: "ADD_ACTIVITY", message: `Testing hypothesis: ${hypo.statement}` });
       dispatch({ type: "SHOW_NOTIFICATION", message: `Gathering evidence for hypothesis...`, severity: "info", autoHideMs: 3e3 });
-      const { gatherEvidenceForHypothesis } = await import("./hypothesis-UKPGOYY2.js");
+      const { gatherEvidenceForHypothesis } = await import("./hypothesis-7BFFT5JY.js");
       const evidence = await gatherEvidenceForHypothesis(hypoId, workDir, signal);
       scanAbortRef.current = null;
       dispatch({ type: "SET_HYPOTHESIS_SCANNING", hypothesisId: null, progress: "" });
@@ -6477,7 +6480,7 @@ ${"\u2501".repeat(60)}
 
 `;
     if (pendingFixes.size === 0) {
-      output += `No pending fixes. Run \`trie_scan\` first to detect issues.
+      output += `No pending fixes. Run \`trie watch\` or \`trie check\` first to detect issues.
 `;
       return { content: [{ type: "text", text: output }] };
     }
@@ -6602,9 +6605,9 @@ function getPendingFixes() {
 }
 async function loadPendingFixesFromMemory() {
   try {
-    const { getRecentIssues } = await import("./issue-store-UZAPI5DU.js");
+    const { getRecentIssues: getRecentIssues2 } = await import("./issue-store-ZIRP23EP.js");
     pendingFixes.clear();
-    const recentIssues = await getRecentIssues({ limit: 50, includeResolved: false });
+    const recentIssues = await getRecentIssues2({ limit: 50, includeResolved: false });
     for (const storedIssue of recentIssues) {
       const fix = {
         id: storedIssue.id,
@@ -6905,8 +6908,8 @@ var TrieCloudFixTool = class {
     if (pending.length === 0) {
       try {
         console.log("Loading issues from memory...");
-        const { getRecentIssues } = await import("./issue-store-UZAPI5DU.js");
-        const recentIssues = await getRecentIssues({ limit: 50, includeResolved: false });
+        const { getRecentIssues: getRecentIssues2 } = await import("./issue-store-ZIRP23EP.js");
+        const recentIssues = await getRecentIssues2({ limit: 50, includeResolved: false });
         console.log(`Found ${recentIssues.length} recent issues in memory`);
         const memoryIssues = recentIssues.map((storedIssue) => ({
           id: storedIssue.id,
@@ -7211,7 +7214,7 @@ var TrieGetNudgesTool = class {
       return {
         content: [{
           type: "text",
-          text: "No unresolved nudges (goal violations) found. Run trie scan to detect new issues."
+          text: "No unresolved nudges (goal violations) found. Run `trie watch` to detect issues as you code."
         }]
       };
     }
@@ -7505,64 +7508,6 @@ var TrieQueryLedgerBlocksTool = class {
   }
 };
 
-// src/tools/checkpoint.ts
-async function handleCheckpointTool(input) {
-  const workDir = getWorkingDirectory(void 0, true);
-  switch (input.action) {
-    case "save": {
-      const saveOptions = {
-        files: input.files || [],
-        workDir,
-        createdBy: "mcp"
-      };
-      if (input.message !== void 0) {
-        saveOptions.message = input.message;
-      }
-      if (input.notes !== void 0) {
-        saveOptions.notes = input.notes;
-      }
-      const checkpoint = await saveCheckpoint(saveOptions);
-      return `# Checkpoint Saved
-
-**ID:** ${checkpoint.id}
-**Time:** ${checkpoint.timestamp}
-${checkpoint.message ? `**Message:** ${checkpoint.message}` : ""}
-${checkpoint.notes ? `**Notes:** ${checkpoint.notes}` : ""}
-${checkpoint.files.length > 0 ? `**Files:** ${checkpoint.files.join(", ")}` : ""}
-
-Context saved to \`.trie/\`. This checkpoint will be visible in other tools (Cursor, Claude Code, CLI).`;
-    }
-    case "list": {
-      const checkpoints = await listCheckpoints(workDir);
-      if (checkpoints.length === 0) {
-        return 'No checkpoints yet. Use `trie_checkpoint action="save"` to create one.';
-      }
-      const lines = ["# Recent Checkpoints", ""];
-      for (const cp of checkpoints.slice(-10).reverse()) {
-        const date = new Date(cp.timestamp).toLocaleString();
-        lines.push(`- **${cp.id}** (${date}): ${cp.message || "(no message)"}`);
-      }
-      return lines.join("\n");
-    }
-    case "last": {
-      const checkpoint = await getLastCheckpoint(workDir);
-      if (!checkpoint) {
-        return 'No checkpoints yet. Use `trie_checkpoint action="save"` to create one.';
-      }
-      return `# Last Checkpoint
-
-**ID:** ${checkpoint.id}
-**Time:** ${new Date(checkpoint.timestamp).toLocaleString()}
-${checkpoint.message ? `**Message:** ${checkpoint.message}` : ""}
-${checkpoint.notes ? `**Notes:** ${checkpoint.notes}` : ""}
-${checkpoint.files.length > 0 ? `**Files:** ${checkpoint.files.join(", ")}` : ""}
-**Created by:** ${checkpoint.createdBy}`;
-    }
-    default:
-      return "Unknown action. Use: save, list, or last";
-  }
-}
-
 // src/tools/pipeline.ts
 var TriePipelineTool = class {
   async execute(input) {
@@ -8245,7 +8190,7 @@ var CHAT_TOOLS = [
   },
   {
     name: "trie_get_pipeline",
-    description: "Get current pipeline status: open PRs, active Linear tickets, open GitHub issues, and Trie scan issues not yet tracked in any ticket or PR. Use when the user asks about the status of work, what PRs are open, or what tickets are in progress.",
+    description: "Get current pipeline status: open PRs, active Linear tickets, open GitHub issues, and Trie issues not yet tracked in any ticket or PR. Use when the user asks about the status of work, what PRs are open, or what tickets are in progress.",
     input_schema: {
       type: "object",
       properties: {
@@ -8258,20 +8203,6 @@ var CHAT_TOOLS = [
       }
     }
   },
-  {
-    name: "trie_checkpoint",
-    description: "Save a work checkpoint, list recent checkpoints, or get the last one.",
-    input_schema: {
-      type: "object",
-      properties: {
-        action: { type: "string", enum: ["save", "list", "last"], description: "What to do" },
-        message: { type: "string", description: "Checkpoint message (for save)" },
-        notes: { type: "string", description: "Additional notes (for save)" },
-        files: { type: "array", items: { type: "string" }, description: "Files to associate (for save)" }
-      },
-      required: ["action"]
-    }
-  },
   {
     name: "trie_add_goal",
     description: "Create a new goal for the user to track. Use when the user asks to set, add, or create a goal.",
@@ -8518,10 +8449,6 @@ async function executeTool(name, input, onProgress) {
         const result = await pipelineTool.execute(pipelineArgs);
         return textFromResult(result);
       }
-      case "trie_checkpoint": {
-        const result = await handleCheckpointTool(input);
-        return result;
-      }
       case "trie_add_goal": {
         const desc = String(input.description || "").trim();
         if (!desc) return "Goal description is required.";
@@ -8760,7 +8687,7 @@ ${truncated}`;
         const goalId = input.goalId ? String(input.goalId).trim() : void 0;
         try {
           onProgress?.("Loading goals...");
-          const { getActiveGoals } = await import("./goal-validator-6Y5CDEMJ.js");
+          const { getActiveGoals } = await import("./goal-validator-ULKIBDPX.js");
           const agentState = getProjectState(directory);
           await agentState.load();
           const allGoals = await getActiveGoals(directory);
@@ -8769,7 +8696,7 @@ ${truncated}`;
             return goalId ? `No active goal found with ID: ${goalId}` : "No active goals to check. Add goals in the Goals view first.";
           }
           onProgress?.("Scanning codebase for violations...");
-          const { analyzeFilesRapidly } = await import("./fast-analyzer-NJQO3TFD.js");
+          const { analyzeFilesRapidly } = await import("./fast-analyzer-XXYMOXRK.js");
           const analysisOptions = {
             maxFiles: 50,
             enableSmartBatching: true
@@ -8783,7 +8710,7 @@ ${truncated}`;
             const cacheInfo2 = analysisResult.cacheHitRatio > 0 ? ` (${Math.round(analysisResult.cacheHitRatio * 100)}% cache hit, ${analysisResult.timeMs}ms)` : ` (${analysisResult.timeMs}ms)`;
             return `\u2713 Scan complete! No violations found for ${goalsToCheck.length} goal(s).${cacheInfo2}`;
           }
-          const { storeIssues: storeIssues2 } = await import("./issue-store-UZAPI5DU.js");
+          const { storeIssues: storeIssues2 } = await import("./issue-store-ZIRP23EP.js");
           const { basename: basename2 } = await import("path");
           const issuesToStore = violations.map((v, i) => ({
             id: `goal-violation-${Date.now()}-${i}`,
@@ -8862,7 +8789,7 @@ ${truncated}`;
         }
         try {
           onProgress?.("Gathering evidence for hypothesis...");
-          const { gatherEvidenceForHypothesis } = await import("./hypothesis-UKPGOYY2.js");
+          const { gatherEvidenceForHypothesis } = await import("./hypothesis-7BFFT5JY.js");
           const evidence = await gatherEvidenceForHypothesis(hypothesisId, directory);
           if (evidence.length === 0) {
             return `No evidence found for this hypothesis yet. The codebase may not have enough data to validate it \u2014 try running trie_scan_for_goal_violations first to populate issues, or add more context.`;
@@ -8953,7 +8880,7 @@ async function buildContext(workDir, dashboardState) {
     console.error("Failed to load project state:", error);
   }
   try {
-    const { getLedgerBlocks: getLedgerBlocks2 } = await import("./ledger-CNFCJKHX.js");
+    const { getLedgerBlocks: getLedgerBlocks2 } = await import("./ledger-TWZTGDFA.js");
     const blocks = await getLedgerBlocks2(workDir);
     const allEntries = blocks.flatMap((b) => b.entries);
     const recentEntries = allEntries.filter((e) => e.status !== "false-positive" && e.issue).slice(-20);
@@ -9052,7 +8979,6 @@ var SYSTEM_PROMPT = `You are Trie, a code assistant embedded in a terminal TUI.
 - Create and manage goals and hypotheses
 - Propose fixes for goal violations (requires user confirmation before spawning Claude Code)
 - Run AI-powered scans to detect goal violations across the entire codebase
-- Save work checkpoints
 
 **AUTONOMOUS AWARENESS:**
 - The project context includes "Recent issues from ledger" \u2014 these are patterns you should AVOID in new code
@@ -9823,7 +9749,7 @@ ${content}
       fixedContent = fixedContent.replace(/^```\w*\n?/, "").replace(/\n?```$/, "");
     }
     await writeFile2(fullPath, fixedContent, "utf-8");
-    const { recordGoalViolationFixed, getActiveGoals } = await import("./goal-validator-6Y5CDEMJ.js");
+    const { recordGoalViolationFixed, getActiveGoals } = await import("./goal-validator-ULKIBDPX.js");
     const goals = await getActiveGoals(projectPath);
     const matchedGoal = goals.find((g) => g.description === fix.goalDescription);
     if (matchedGoal) {
@@ -9939,7 +9865,7 @@ function DashboardApp({ onReady }) {
   const loadPersistedNudges = useCallback7(async () => {
     try {
       const workDir = getWorkingDirectory(void 0, true);
-      const { getStorage: getStorage2 } = await import("./tiered-storage-OP74NPJY.js");
+      const { getStorage: getStorage2 } = await import("./tiered-storage-Z3YCR465.js");
       const storage = getStorage2(workDir);
       await storage.initialize();
       const nudges = await storage.queryNudges({ resolved: false, limit: 50 });
@@ -10208,9 +10134,9 @@ var InteractiveDashboard = class {
 };
 
 // src/tools/watch.ts
-import { watch, existsSync as existsSync6, readFileSync as readFileSync2 } from "fs";
-import { stat, readFile as readFile5 } from "fs/promises";
-import { join as join4, extname as extname3, basename } from "path";
+import { watch, existsSync as existsSync7, readFileSync as readFileSync2 } from "fs";
+import { stat, readFile as readFile6 } from "fs/promises";
+import { join as join5, extname as extname3, basename } from "path";
 import { createHash as createHash3 } from "crypto";
 
 // src/agent/signal-summarizer.ts
@@ -10452,6 +10378,528 @@ function getSignalSummarizer(projectPath) {
   return summarizer;
 }
 
+// src/compliance/false-negative-detector.ts
+import { join as join4 } from "path";
+import { readFile as readFile5 } from "fs/promises";
+import { existsSync as existsSync6 } from "fs";
+var FalseNegativeDetector = class {
+  workDir;
+  alertsPath;
+  coveragePath;
+  constructor(workDir) {
+    this.workDir = workDir || getWorkingDirectory(void 0, true);
+    const memoryDir = join4(getTrieDirectory(this.workDir), "memory");
+    this.alertsPath = join4(memoryDir, "false-negative-alerts.json");
+    this.coveragePath = join4(memoryDir, "compliance-coverage.json");
+  }
+  /**
+   * Run continuous validation checks
+   */
+  async runValidation(complianceFrameworks) {
+    const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+    const alerts = [];
+    const coverageGaps = [];
+    const recommendations = [];
+    try {
+      const crossValidationAlerts = await this.performCrossValidation(complianceFrameworks);
+      alerts.push(...crossValidationAlerts);
+      const patternDriftAlerts = await this.detectPatternDrift();
+      alerts.push(...patternDriftAlerts);
+      const coverageAnalysis = await this.analyzeCoverageGaps(complianceFrameworks);
+      coverageGaps.push(...coverageAnalysis.gaps);
+      alerts.push(...coverageAnalysis.alerts);
+      const auditTrailAlerts = await this.validateAuditTrails(complianceFrameworks);
+      alerts.push(...auditTrailAlerts);
+      recommendations.push(...await this.generateRecommendations(alerts, coverageGaps));
+      await this.storeAlerts(alerts);
+      return {
+        valid: alerts.filter((a) => a.severity === "critical" || a.severity === "high").length === 0,
+        alerts,
+        coverageGaps,
+        recommendations,
+        validationTimestamp: timestamp
+      };
+    } catch (error) {
+      const criticalAlert = {
+        id: `validation-failure-${Date.now()}`,
+        timestamp,
+        type: "compliance_gap",
+        severity: "critical",
+        description: `False negative validation failed: ${error instanceof Error ? error.message : "Unknown error"}`,
+        affectedFiles: [],
+        complianceFrameworks,
+        suggestedAction: "Investigate validation system failure and restore monitoring",
+        confidence: 100,
+        context: { riskScore: 100 }
+      };
+      return {
+        valid: false,
+        alerts: [criticalAlert],
+        coverageGaps: ["validation-system"],
+        recommendations: ["Fix validation system immediately"],
+        validationTimestamp: timestamp
+      };
+    }
+  }
+  /**
+   * Cross-validate current detections against historical patterns
+   */
+  async performCrossValidation(frameworks) {
+    const alerts = [];
+    const blocks = await getLedgerBlocks(this.workDir);
+    const recentIssues = await getRecentIssues({ workDir: this.workDir, limit: 100 });
+    const historicalDetectionRates = this.calculateHistoricalDetectionRates(blocks, frameworks);
+    const currentDetectionRate = this.calculateCurrentDetectionRate(recentIssues, frameworks);
+    for (const framework of frameworks) {
+      const historical = historicalDetectionRates.get(framework) || 0;
+      const current = currentDetectionRate.get(framework) || 0;
+      const dropThreshold = 0.3;
+      if (historical > 0 && (historical - current) / historical > dropThreshold) {
+        alerts.push({
+          id: `detection-drop-${framework}-${Date.now()}`,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+          type: "missing_detection",
+          severity: current === 0 ? "critical" : "high",
+          description: `${framework} detection rate dropped ${Math.round((historical - current) / historical * 100)}% from historical average`,
+          affectedFiles: [],
+          complianceFrameworks: [framework],
+          suggestedAction: "Review detection rules and validate scanning coverage",
+          confidence: 85,
+          context: {
+            expectedDetection: `${historical.toFixed(2)} issues per scan`,
+            actualDetection: `${current.toFixed(2)} issues per scan`,
+            riskScore: current === 0 ? 100 : 70
+          }
+        });
+      }
+    }
+    return alerts;
+  }
+  /**
+   * Detect if detection patterns are drifting unexpectedly
+   */
+  async detectPatternDrift() {
+    const alerts = [];
+    const blocks = await getLedgerBlocks(this.workDir);
+    const patternStability = this.analyzePatternStability(blocks);
+    for (const [pattern, stability] of Array.from(patternStability.entries())) {
+      if (stability < 0.7) {
+        alerts.push({
+          id: `pattern-drift-${pattern.replace(/[^a-zA-Z0-9]/g, "-")}-${Date.now()}`,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+          type: "pattern_drift",
+          severity: stability < 0.5 ? "high" : "medium",
+          description: `Detection pattern '${pattern}' showing instability (${Math.round(stability * 100)}% stable)`,
+          affectedFiles: [],
+          complianceFrameworks: this.inferComplianceFrameworks(pattern),
+          suggestedAction: "Review and stabilize detection pattern or investigate environmental changes",
+          confidence: Math.round((1 - stability) * 100),
+          context: {
+            riskScore: Math.round((1 - stability) * 80),
+            lastValidated: this.getLastPatternValidation(pattern)
+          }
+        });
+      }
+    }
+    return alerts;
+  }
+  /**
+   * Analyze coverage gaps in compliance monitoring
+   */
+  async analyzeCoverageGaps(frameworks) {
+    const gaps = [];
+    const alerts = [];
+    const requiredControls = this.getRequiredControls(frameworks);
+    const currentCoverage = await this.getCurrentCoverage();
+    for (const [framework, controls] of Array.from(requiredControls.entries())) {
+      const coveredControls = currentCoverage.get(framework) || /* @__PURE__ */ new Set();
+      const missingControls = controls.filter((control) => !coveredControls.has(control));
+      if (missingControls.length > 0) {
+        gaps.push(...missingControls.map((c) => `${framework}:${c}`));
+        const criticalControls = this.getCriticalControls(framework, missingControls);
+        if (criticalControls.length > 0) {
+          alerts.push({
+            id: `coverage-gap-${framework}-${Date.now()}`,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+            type: "coverage_hole",
+            severity: "critical",
+            description: `Missing critical ${framework} controls: ${criticalControls.join(", ")}`,
+            affectedFiles: [],
+            complianceFrameworks: [framework],
+            suggestedAction: "Implement monitoring for missing critical controls immediately",
+            confidence: 100,
+            context: {
+              riskScore: 95,
+              expectedDetection: `Controls: ${controls.join(", ")}`,
+              actualDetection: `Missing: ${criticalControls.join(", ")}`
+            }
+          });
+        }
+      }
+    }
+    return { gaps, alerts };
+  }
+  /**
+   * Validate that audit trails are complete and tamper-evident
+   */
+  async validateAuditTrails(frameworks) {
+    const alerts = [];
+    const blocks = await getLedgerBlocks(this.workDir);
+    const auditGaps = this.findAuditTrailGaps(blocks, frameworks);
+    for (const gap of auditGaps) {
+      alerts.push({
+        id: `audit-gap-${gap.type}-${Date.now()}`,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        type: "compliance_gap",
+        severity: gap.critical ? "critical" : "high",
+        description: `Audit trail gap: ${gap.description}`,
+        affectedFiles: gap.affectedFiles,
+        complianceFrameworks: gap.frameworks,
+        suggestedAction: gap.remediation,
+        confidence: 95,
+        context: {
+          riskScore: gap.critical ? 90 : 60,
+          lastValidated: gap.lastSeen
+        }
+      });
+    }
+    const integrityIssues = await this.validateCryptographicIntegrity(blocks);
+    for (const issue of integrityIssues) {
+      alerts.push({
+        id: `integrity-${issue.type}-${Date.now()}`,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        type: "compliance_gap",
+        severity: "critical",
+        description: `Audit trail integrity compromised: ${issue.description}`,
+        affectedFiles: [],
+        complianceFrameworks: frameworks,
+        suggestedAction: "Investigate potential tampering and restore audit trail integrity",
+        confidence: 100,
+        context: { riskScore: 100 }
+      });
+    }
+    return alerts;
+  }
+  /**
+   * Generate actionable recommendations based on findings
+   */
+  async generateRecommendations(alerts, gaps) {
+    const recommendations = [];
+    const alertsByType = alerts.reduce((acc, alert) => {
+      if (!acc[alert.type]) acc[alert.type] = [];
+      acc[alert.type].push(alert);
+      return acc;
+    }, {});
+    if (alertsByType.missing_detection?.length > 0) {
+      recommendations.push("Increase detection frequency and review agent configurations");
+      recommendations.push("Implement additional cross-validation mechanisms");
+    }
+    if (alertsByType.pattern_drift?.length > 0) {
+      recommendations.push("Stabilize detection patterns through improved training data");
+      recommendations.push("Implement pattern validation checkpoints");
+    }
+    if (alertsByType.coverage_hole?.length > 0) {
+      recommendations.push("Expand compliance monitoring coverage to include missing controls");
+      recommendations.push("Implement automated compliance mapping validation");
+    }
+    if (alertsByType.compliance_gap?.length > 0) {
+      recommendations.push("Strengthen audit trail generation and validation processes");
+      recommendations.push("Implement real-time compliance monitoring dashboards");
+    }
+    if (gaps.length > 0) {
+      recommendations.push(`Address ${gaps.length} compliance coverage gaps immediately`);
+      recommendations.push("Implement automated gap detection and remediation");
+    }
+    const criticalAlerts = alerts.filter((a) => a.severity === "critical");
+    if (criticalAlerts.length > 0) {
+      recommendations.push(`URGENT: ${criticalAlerts.length} critical compliance issues require immediate attention`);
+    }
+    return recommendations;
+  }
+  /**
+   * Store alerts for trending and historical analysis
+   */
+  async storeAlerts(alerts) {
+    if (alerts.length === 0) return;
+    try {
+      let existingAlerts = [];
+      if (existsSync6(this.alertsPath)) {
+        const content = await readFile5(this.alertsPath, "utf-8");
+        existingAlerts = JSON.parse(content);
+      }
+      const ninetyDaysAgo = /* @__PURE__ */ new Date();
+      ninetyDaysAgo.setDate(ninetyDaysAgo.getDate() - 90);
+      const recentAlerts = existingAlerts.filter(
+        (alert) => new Date(alert.timestamp) > ninetyDaysAgo
+      );
+      const allAlerts = [...recentAlerts, ...alerts];
+      await atomicWriteJSON(this.alertsPath, allAlerts);
+    } catch (error) {
+      console.error("Failed to store false negative alerts:", error);
+    }
+  }
+  // Helper methods for calculations and analysis
+  calculateHistoricalDetectionRates(blocks, frameworks) {
+    const rates = /* @__PURE__ */ new Map();
+    const thirtyDaysAgo = /* @__PURE__ */ new Date();
+    thirtyDaysAgo.setDate(thirtyDaysAgo.getDate() - 30);
+    const recentBlocks = blocks.filter(
+      (block) => new Date(block.date) > thirtyDaysAgo
+    );
+    for (const framework of frameworks) {
+      let totalDetections = 0;
+      let blockCount = 0;
+      for (const block of recentBlocks) {
+        const frameworkDetections = block.entries.filter(
+          (entry) => entry.context?.complianceViolations?.includes(framework) || this.inferFrameworkFromEntry(entry) === framework
+        ).length;
+        totalDetections += frameworkDetections;
+        blockCount++;
+      }
+      rates.set(framework, blockCount > 0 ? totalDetections / blockCount : 0);
+    }
+    return rates;
+  }
+  calculateCurrentDetectionRate(issues, frameworks) {
+    const rates = /* @__PURE__ */ new Map();
+    const oneDayAgo = /* @__PURE__ */ new Date();
+    oneDayAgo.setDate(oneDayAgo.getDate() - 1);
+    const recentIssues = issues.filter(
+      (issue) => new Date(issue.timestamp) > oneDayAgo
+    );
+    for (const framework of frameworks) {
+      const frameworkIssues = recentIssues.filter(
+        (issue) => this.inferFrameworkFromIssue(issue) === framework
+      );
+      rates.set(framework, frameworkIssues.length);
+    }
+    return rates;
+  }
+  analyzePatternStability(blocks) {
+    const stability = /* @__PURE__ */ new Map();
+    const patterns = this.extractDetectionPatterns(blocks);
+    for (const [pattern, occurrences] of Array.from(patterns.entries())) {
+      const mean = occurrences.reduce((a, b) => a + b, 0) / occurrences.length;
+      const variance = occurrences.reduce((acc, val) => acc + Math.pow(val - mean, 2), 0) / occurrences.length;
+      const stdDev = Math.sqrt(variance);
+      const cv = mean > 0 ? stdDev / mean : 1;
+      stability.set(pattern, Math.max(0, 1 - cv));
+    }
+    return stability;
+  }
+  extractDetectionPatterns(blocks) {
+    const patterns = /* @__PURE__ */ new Map();
+    const weeklyData = /* @__PURE__ */ new Map();
+    for (const block of blocks) {
+      const weekKey = this.getWeekKey(new Date(block.date));
+      if (!weeklyData.has(weekKey)) {
+        weeklyData.set(weekKey, /* @__PURE__ */ new Map());
+      }
+      const weekData = weeklyData.get(weekKey);
+      for (const entry of block.entries) {
+        const pattern = `${entry.agent}:${entry.severity}`;
+        weekData.set(pattern, (weekData.get(pattern) || 0) + 1);
+      }
+    }
+    const allWeeks = Array.from(weeklyData.keys()).sort();
+    const allPatterns = /* @__PURE__ */ new Set();
+    for (const weekData of Array.from(weeklyData.values())) {
+      for (const pattern of Array.from(weekData.keys())) {
+        allPatterns.add(pattern);
+      }
+    }
+    for (const pattern of Array.from(allPatterns)) {
+      const timeSeries = [];
+      for (const week of allWeeks) {
+        const weekData = weeklyData.get(week);
+        timeSeries.push(weekData.get(pattern) || 0);
+      }
+      patterns.set(pattern, timeSeries);
+    }
+    return patterns;
+  }
+  getWeekKey(date) {
+    const year = date.getFullYear();
+    const week = Math.floor((date.getTime() - new Date(year, 0, 1).getTime()) / (7 * 24 * 60 * 60 * 1e3));
+    return `${year}-W${week.toString().padStart(2, "0")}`;
+  }
+  getRequiredControls(frameworks) {
+    const controls = /* @__PURE__ */ new Map();
+    const frameworkControls = {
+      SOC2: ["access-control", "data-encryption", "audit-logging", "incident-response"],
+      GDPR: ["data-protection", "consent-management", "data-breach-notification", "privacy-by-design"],
+      HIPAA: ["phi-protection", "access-controls", "audit-controls", "transmission-security"],
+      "ISO27001": ["information-security-policy", "risk-management", "access-control", "cryptography"],
+      "PCI-DSS": ["cardholder-data-protection", "secure-networks", "vulnerability-management", "access-control"],
+      SOX: ["financial-reporting-controls", "segregation-of-duties", "audit-trail", "change-management"],
+      ICFR: ["control-environment", "risk-assessment", "control-activities", "monitoring"],
+      "FDA21CFR11": ["electronic-records", "electronic-signatures", "audit-trail", "system-validation"],
+      GLBA: ["customer-information-protection", "access-control", "disposal-procedures", "incident-response"],
+      FFIEC: ["authentication", "access-control", "encryption", "incident-response"],
+      FINRA: ["recordkeeping", "supervision", "reporting", "compliance-monitoring"]
+    };
+    for (const framework of frameworks) {
+      const frameworkKey = framework;
+      if (frameworkControls[frameworkKey]) {
+        controls.set(framework, frameworkControls[frameworkKey]);
+      }
+    }
+    return controls;
+  }
+  async getCurrentCoverage() {
+    const coverage = /* @__PURE__ */ new Map();
+    try {
+      const blocks = await getLedgerBlocks(this.workDir);
+      for (const block of blocks) {
+        for (const entry of block.entries) {
+          const frameworks = entry.context?.complianceViolations || [this.inferFrameworkFromEntry(entry)].filter(Boolean);
+          for (const framework of frameworks) {
+            if (!coverage.has(framework)) {
+              coverage.set(framework, /* @__PURE__ */ new Set());
+            }
+            const control = this.inferControlFromEntry(entry);
+            if (control) {
+              coverage.get(framework).add(control);
+            }
+          }
+        }
+      }
+    } catch (error) {
+      console.error("Failed to calculate current coverage:", error);
+    }
+    return coverage;
+  }
+  getCriticalControls(framework, missingControls) {
+    const criticalControlsByFramework = {
+      SOC2: /* @__PURE__ */ new Set(["access-control", "audit-logging"]),
+      GDPR: /* @__PURE__ */ new Set(["data-protection", "consent-management"]),
+      HIPAA: /* @__PURE__ */ new Set(["phi-protection", "access-controls"]),
+      "ISO27001": /* @__PURE__ */ new Set(["information-security-policy", "access-control"]),
+      "PCI-DSS": /* @__PURE__ */ new Set(["cardholder-data-protection", "secure-networks"]),
+      SOX: /* @__PURE__ */ new Set(["financial-reporting-controls", "audit-trail"]),
+      ICFR: /* @__PURE__ */ new Set(["control-environment", "monitoring"]),
+      "FDA21CFR11": /* @__PURE__ */ new Set(["electronic-records", "audit-trail"]),
+      GLBA: /* @__PURE__ */ new Set(["customer-information-protection"]),
+      FFIEC: /* @__PURE__ */ new Set(["authentication", "encryption"]),
+      FINRA: /* @__PURE__ */ new Set(["recordkeeping", "compliance-monitoring"])
+    };
+    const criticalControls = criticalControlsByFramework[framework] || /* @__PURE__ */ new Set();
+    return missingControls.filter((control) => criticalControls.has(control));
+  }
+  findAuditTrailGaps(blocks, frameworks) {
+    const gaps = [];
+    const unsignedEntries = blocks.flatMap(
+      (block) => block.entries.filter((entry) => !entry.signature)
+    );
+    if (unsignedEntries.length > 0) {
+      gaps.push({
+        type: "missing-signatures",
+        description: `${unsignedEntries.length} audit entries lack cryptographic signatures`,
+        critical: true,
+        affectedFiles: Array.from(new Set(unsignedEntries.map((e) => e.file))),
+        frameworks,
+        remediation: "Enable cryptographic signing for all audit entries"
+      });
+    }
+    const sortedBlocks = blocks.sort((a, b) => a.date.localeCompare(b.date));
+    for (let i = 1; i < sortedBlocks.length; i++) {
+      const prevDate = new Date(sortedBlocks[i - 1].date);
+      const currDate = new Date(sortedBlocks[i].date);
+      const daysDiff = (currDate.getTime() - prevDate.getTime()) / (1e3 * 60 * 60 * 24);
+      if (daysDiff > 7) {
+        gaps.push({
+          type: "temporal-gap",
+          description: `${Math.floor(daysDiff)} day gap in audit trail between ${prevDate.toISOString().slice(0, 10)} and ${currDate.toISOString().slice(0, 10)}`,
+          critical: daysDiff > 30,
+          affectedFiles: [],
+          frameworks,
+          remediation: "Investigate cause of audit trail gap and ensure continuous monitoring",
+          lastSeen: prevDate.toISOString()
+        });
+      }
+    }
+    return gaps;
+  }
+  async validateCryptographicIntegrity(blocks) {
+    const issues = [];
+    for (let i = 1; i < blocks.length; i++) {
+      const prevBlock = blocks[i - 1];
+      const currBlock = blocks[i];
+      if (currBlock.previousHash !== prevBlock.blockHash) {
+        issues.push({
+          type: "chain-break",
+          description: `Block chain integrity compromised at block ${i}: expected ${prevBlock.blockHash}, got ${currBlock.previousHash}`
+        });
+      }
+    }
+    for (const block of blocks) {
+      if (block.entries.length > 0 && !block.merkleRoot) {
+        issues.push({
+          type: "missing-merkle",
+          description: `Block ${block.date} missing merkle root for ${block.entries.length} entries`
+        });
+      }
+    }
+    return issues;
+  }
+  // Framework inference helpers
+  inferComplianceFrameworks(pattern) {
+    const frameworks = [];
+    if (pattern.includes("security") || pattern.includes("auth")) {
+      frameworks.push("SOC2", "ISO27001");
+    }
+    if (pattern.includes("privacy") || pattern.includes("pii")) {
+      frameworks.push("GDPR", "CCPA");
+    }
+    if (pattern.includes("health") || pattern.includes("phi")) {
+      frameworks.push("HIPAA");
+    }
+    if (pattern.includes("payment") || pattern.includes("card")) {
+      frameworks.push("PCI-DSS");
+    }
+    if (pattern.includes("financial") || pattern.includes("audit")) {
+      frameworks.push("SOX", "ICFR");
+    }
+    return frameworks.length > 0 ? frameworks : ["SOC2"];
+  }
+  inferFrameworkFromEntry(entry) {
+    if (entry.context?.complianceViolations?.length) {
+      return entry.context.complianceViolations[0];
+    }
+    const content = `${entry.issue} ${entry.fix} ${entry.file}`.toLowerCase();
+    if (content.includes("phi") || content.includes("health")) return "HIPAA";
+    if (content.includes("pii") || content.includes("personal")) return "GDPR";
+    if (content.includes("payment") || content.includes("card")) return "PCI-DSS";
+    if (content.includes("financial")) return "SOX";
+    return "SOC2";
+  }
+  inferFrameworkFromIssue(issue) {
+    const content = `${issue.issue} ${issue.fix} ${issue.file}`.toLowerCase();
+    if (content.includes("phi") || content.includes("health")) return "HIPAA";
+    if (content.includes("pii") || content.includes("personal")) return "GDPR";
+    if (content.includes("payment") || content.includes("card")) return "PCI-DSS";
+    if (content.includes("financial")) return "SOX";
+    return "SOC2";
+  }
+  inferControlFromEntry(entry) {
+    const content = `${entry.issue} ${entry.fix} ${entry.agent}`.toLowerCase();
+    if (content.includes("access") || content.includes("auth")) return "access-control";
+    if (content.includes("encrypt") || content.includes("crypto")) return "data-encryption";
+    if (content.includes("audit") || content.includes("log")) return "audit-logging";
+    if (content.includes("incident") || content.includes("response")) return "incident-response";
+    if (content.includes("privacy") || content.includes("consent")) return "consent-management";
+    if (content.includes("protection") || content.includes("security")) return "data-protection";
+    return null;
+  }
+  getLastPatternValidation(pattern) {
+    return new Date(Date.now() - 24 * 60 * 60 * 1e3).toISOString();
+  }
+};
+async function runFalseNegativeValidation(complianceFrameworks, workDir) {
+  const detector = new FalseNegativeDetector(workDir);
+  return detector.runValidation(complianceFrameworks);
+}
+
 // src/tools/watch.ts
 var WATCH_EXTENSIONS = /* @__PURE__ */ new Set([
   ".ts",
@@ -10714,7 +11162,7 @@ Your Trie agent is now autonomously watching and learning from your codebase.
     return parts.some((p) => SKIP_DIRS.has(p) || p.startsWith(".") && p !== ".");
   }
   async watchDirectory(dir, debounceMs) {
-    if (!existsSync6(dir)) return;
+    if (!existsSync7(dir)) return;
     try {
       const dirStat = await stat(dir);
       if (!dirStat.isDirectory()) return;
@@ -10723,8 +11171,8 @@ Your Trie agent is now autonomously watching and learning from your codebase.
         if (this.shouldSkipPath(filename)) return;
         const ext = extname3(filename).toLowerCase();
         if (!WATCH_EXTENSIONS.has(ext)) return;
-        const fullPath = join4(dir, filename);
-        if (!existsSync6(fullPath)) return;
+        const fullPath = join5(dir, filename);
+        if (!existsSync7(fullPath)) return;
         this.state.pendingFiles.add(fullPath);
         if (this.state.scanDebounceTimer) {
           clearTimeout(this.state.scanDebounceTimer);
@@ -10755,8 +11203,8 @@ Your Trie agent is now autonomously watching and learning from your codebase.
    * Watch .trie/context.json for incident changes
    */
   async watchContextGraph(directory) {
-    const contextPath = join4(getTrieDirectory(directory), "context.json");
-    if (!existsSync6(contextPath)) {
+    const contextPath = join5(getTrieDirectory(directory), "context.json");
+    if (!existsSync7(contextPath)) {
       console.debug("[Watch] No context.json found, skipping incident watcher");
       return;
     }
@@ -10837,7 +11285,7 @@ Detected changes in ${files.length} file(s):`);
           const fileContents = await Promise.all(
             files.map(async (file) => {
               try {
-                const content = await readFile5(file, "utf-8");
+                const content = await readFile6(file, "utf-8");
                 return { file, content };
               } catch {
                 return null;
@@ -10919,7 +11367,7 @@ ${f.content.slice(0, 1e3)}`
   }
   isQuiet() {
     const projectPath = this.watchedDirectory || getWorkingDirectory(void 0, true);
-    const quietPath = join4(getTrieDirectory(projectPath), "quiet.json");
+    const quietPath = join5(getTrieDirectory(projectPath), "quiet.json");
     try {
       const raw = readFileSync2(quietPath, "utf-8");
       const data = JSON.parse(raw);
@@ -10936,8 +11384,8 @@ ${f.content.slice(0, 1e3)}`
   async checkAndGenerateHypotheses(projectPath) {
     if (!isAIAvailable()) return;
     try {
-      const { getHypothesisEngine } = await import("./hypothesis-UKPGOYY2.js");
-      const { getOutputManager: getOutputManager2 } = await import("./output-manager-JNMEAXFO.js");
+      const { getHypothesisEngine } = await import("./hypothesis-7BFFT5JY.js");
+      const { getOutputManager: getOutputManager2 } = await import("./output-manager-RVJ37XKA.js");
       const hypothesisEngine = getHypothesisEngine(projectPath);
       const recentIssues = Array.from(this.state.issueCache.values()).flat();
       const patterns = [];
@@ -11001,7 +11449,7 @@ ${f.content.slice(0, 1e3)}`
    */
   async discoverPatternsFromIssues(projectPath) {
     try {
-      const { searchIssues } = await import("./issue-store-UZAPI5DU.js");
+      const { searchIssues } = await import("./issue-store-ZIRP23EP.js");
       const allIssues = await searchIssues("", {
         workDir: projectPath,
         limit: 1e3,
@@ -11103,7 +11551,7 @@ ${f.content.slice(0, 1e3)}`
     if (lastClean && Date.now() - lastClean < this.cleanFileCooldownMs) {
       return 0;
     }
-    const fileNode = await graph.getNode("file", join4(projectPath, file));
+    const fileNode = await graph.getNode("file", join5(projectPath, file));
     if (!fileNode) return score;
     const data = fileNode.data;
     const riskScores = { critical: 10, high: 6, medium: 2, low: 1 };
@@ -11162,7 +11610,7 @@ ${f.content.slice(0, 1e3)}`
       if (remaining < 500) return;
       try {
         const graph = new ContextGraph(projectPath);
-        const { getActiveGoals, recordGoalViolationCaught } = await import("./goal-validator-6Y5CDEMJ.js");
+        const { getActiveGoals, recordGoalViolationCaught } = await import("./goal-validator-ULKIBDPX.js");
         console.debug("[AI Watcher] Loading active goals...");
         const activeGoals = await getActiveGoals(projectPath);
         const hasGoals = activeGoals.length > 0;
@@ -11191,7 +11639,7 @@ ${f.content.slice(0, 1e3)}`
         const fileContents = await Promise.all(
           filesToScan.map(async ({ file, relativePath }) => {
             try {
-              const content = await readFile5(file, "utf-8");
+              const content = await readFile6(file, "utf-8");
               return { path: relativePath, content: content.slice(0, charLimit) };
             } catch {
               return null;
@@ -11359,7 +11807,7 @@ ${filesBlock}`,
             fixChangeId: null,
             reportedVia: "detected"
           });
-          const filePath = join4(projectPath, issue.file);
+          const filePath = join5(projectPath, issue.file);
           const fileNode = await graph.getNode("file", filePath);
           if (fileNode) {
             await graph.addEdge(fileNode.id, incident.id, "affects");
@@ -11417,7 +11865,7 @@ ${filesBlock}`,
     const projectPath = this.watchedDirectory || getWorkingDirectory(void 0, true);
     console.debug("[Initial Hypothesis] Starting initial hypothesis generation", { projectPath });
     try {
-      const { getHypothesisEngine } = await import("./hypothesis-UKPGOYY2.js");
+      const { getHypothesisEngine } = await import("./hypothesis-7BFFT5JY.js");
       const hypothesisEngine = getHypothesisEngine(projectPath);
       console.debug("[Initial Hypothesis] Running AI-powered hypothesis generation...");
       const generated = await hypothesisEngine.generateHypothesesWithAI({
@@ -11431,7 +11879,7 @@ ${filesBlock}`,
         hypotheses: generated.map((h) => ({ statement: h.statement, confidence: h.confidence }))
       });
       if (generated.length > 0) {
-        const { getOutputManager: getOutputManager2 } = await import("./output-manager-JNMEAXFO.js");
+        const { getOutputManager: getOutputManager2 } = await import("./output-manager-RVJ37XKA.js");
         const outputManager = getOutputManager2();
         for (const hypothesis of generated.slice(0, 2)) {
           const message = `[Initial Hypothesis] "${hypothesis.statement}" (${Math.round(hypothesis.confidence * 100)}% confidence)`;
@@ -11475,7 +11923,7 @@ ${filesBlock}`,
     const projectPath = this.watchedDirectory || getWorkingDirectory(void 0, true);
     console.debug("[Initial Scan] Starting initial goal compliance scan", { projectPath });
     try {
-      const { getActiveGoals, recordGoalViolationCaught } = await import("./goal-validator-6Y5CDEMJ.js");
+      const { getActiveGoals, recordGoalViolationCaught } = await import("./goal-validator-ULKIBDPX.js");
       const activeGoals = await getActiveGoals(projectPath);
       console.debug("[Initial Scan] Loaded goals for initial scan:", {
         goalCount: activeGoals.length,
@@ -11491,7 +11939,7 @@ ${filesBlock}`,
       const recentFiles = /* @__PURE__ */ new Set();
       const uncommittedFiles = await getGitChangedFiles(projectPath);
       if (uncommittedFiles) {
-        uncommittedFiles.forEach((f) => recentFiles.add(join4(projectPath, f)));
+        uncommittedFiles.forEach((f) => recentFiles.add(join5(projectPath, f)));
       }
       const oneDayAgo = Date.now() - 24 * 60 * 60 * 1e3;
       const recentChanges = await getChangedFilesSinceTimestamp(projectPath, oneDayAgo);
@@ -11500,7 +11948,7 @@ ${filesBlock}`,
       }
       const filesToCheck = Array.from(recentFiles).filter((file) => {
         const ext = extname3(file).toLowerCase();
-        return WATCH_EXTENSIONS.has(ext) && existsSync6(file);
+        return WATCH_EXTENSIONS.has(ext) && existsSync7(file);
       });
       console.debug("[Initial Scan] Files discovered for initial scan:", {
         totalRecentFiles: recentFiles.size,
@@ -11522,7 +11970,7 @@ ${filesBlock}`,
       const fileContents = await Promise.all(
         filesToScan.map(async (file) => {
           try {
-            const content = await readFile5(file, "utf-8");
+            const content = await readFile6(file, "utf-8");
             const relativePath = file.replace(projectPath + "/", "");
             return { path: relativePath, content: content.slice(0, maxCharsPerFile) };
           } catch {
@@ -11618,11 +12066,12 @@ ${filesBlock}`,
           this.streamingManager.reportLedgerUpdate(issuesToStore.length, "goal-violation");
         }
       }
-      const { resolveGoalViolation } = await import("./issue-store-UZAPI5DU.js");
-      const { recordGoalViolationFixed } = await import("./goal-validator-6Y5CDEMJ.js");
+      await this.runComplianceValidation(projectPath);
+      const { resolveGoalViolation } = await import("./issue-store-ZIRP23EP.js");
+      const { recordGoalViolationFixed } = await import("./goal-validator-ULKIBDPX.js");
       const scannedFiles = new Set(valid.map((f) => f.path));
       const filesWithViolations = new Set(issuesToStore.map((i) => i.file));
-      for (const scannedFile of scannedFiles) {
+      for (const scannedFile of Array.from(scannedFiles)) {
         if (!filesWithViolations.has(scannedFile)) {
           for (const goal of activeGoals) {
             const resolvedCount = await resolveGoalViolation(scannedFile, goal.description, projectPath);
@@ -11658,7 +12107,7 @@ ${filesBlock}`,
       const graph = new ContextGraph(projectPath);
       if (hasLinear) {
         try {
-          const { LinearIngester } = await import("./linear-ingester-PLES2BRS.js");
+          const { LinearIngester } = await import("./linear-ingester-XXPAZZRW.js");
           const ingester = new LinearIngester(projectPath, graph);
           await ingester.syncTickets();
           if (!isInteractiveMode()) {
@@ -11672,7 +12121,7 @@ ${filesBlock}`,
       }
       if (hasGithub) {
         try {
-          const { GitHubIngester } = await import("./github-ingester-TFBDUDIY.js");
+          const { GitHubIngester } = await import("./github-ingester-ZOKK6GRS.js");
           const ingester = new GitHubIngester(graph);
           const token = await ingester.getApiToken();
           const repoInfo = ingester.getRepoInfo(projectPath);
@@ -11772,7 +12221,7 @@ Use \`trie_watch start\` to begin autonomous scanning.`
     ).join("\n");
     let agencyStatus = "";
     try {
-      const { getTrieAgent: getTrieAgent2 } = await import("./trie-agent-6SWUHCVO.js");
+      const { getTrieAgent: getTrieAgent2 } = await import("./trie-agent-3YDPEGHJ.js");
       const trieAgent = getTrieAgent2(this.watchedDirectory || getWorkingDirectory(void 0, true));
       await trieAgent.initialize();
       const status = await trieAgent.getAgencyStatus();
@@ -11945,7 +12394,7 @@ To get a full report, run \`trie watch\` on your codebase.`
       console.debug("[Watch] resolveNudgesForMissingFiles failed:", e);
     }
     try {
-      const { getActiveGoals } = await import("./goal-validator-6Y5CDEMJ.js");
+      const { getActiveGoals } = await import("./goal-validator-ULKIBDPX.js");
       const { getProjectState: getProjectState2 } = await import("./project-state-AHPA77SM.js");
       const projectState = getProjectState2(directory);
       await projectState.load();
@@ -11968,6 +12417,85 @@ To get a full report, run \`trie watch\` on your codebase.`
       console.log(`[Watch] \u2713 Cleaned up ${totalResolved} stale nudge(s)`);
     }
   }
+  /**
+   * Run compliance validation to detect false negatives
+   */
+  async runComplianceValidation(projectPath) {
+    try {
+      const config = await loadConfig(projectPath);
+      const complianceFrameworks = config?.compliance?.standards || ["SOC2"];
+      if (!config?.compliance?.falseNegativeDetection?.enabled) {
+        return;
+      }
+      const samplingRate = config?.compliance?.falseNegativeDetection?.samplingRate || 0.1;
+      if (Math.random() > samplingRate) {
+        return;
+      }
+      console.log(`[Watch] Running compliance validation for frameworks: ${complianceFrameworks.join(", ")}`);
+      const validation = await runFalseNegativeValidation(complianceFrameworks, projectPath);
+      const criticalAlerts = validation.alerts.filter((a) => a.severity === "critical");
+      if (criticalAlerts.length > 0) {
+        console.error(`[Watch] \u26A0\uFE0F  ${criticalAlerts.length} critical compliance alert(s) detected:`);
+        for (const alert of criticalAlerts) {
+          console.error(`  - ${alert.type}: ${alert.description}`);
+          console.error(`    Action: ${alert.suggestedAction}`);
+        }
+        const complianceIssues = criticalAlerts.map((alert) => ({
+          id: alert.id,
+          hash: createHash3("sha256").update(`${alert.id}-${alert.timestamp}`).digest("hex"),
+          file: "compliance-validation",
+          line: 1,
+          agent: "compliance-validator",
+          issue: alert.description,
+          fix: alert.suggestedAction,
+          severity: alert.severity,
+          timestamp: alert.timestamp,
+          category: "compliance",
+          confidence: alert.confidence,
+          autoFixable: false
+        }));
+        await storeIssues(complianceIssues, basename(projectPath), projectPath);
+        if (this.streamingManager) {
+          this.streamingManager.reportLedgerUpdate(complianceIssues.length, "incident");
+        }
+      }
+      const highAlerts = validation.alerts.filter((a) => a.severity === "high");
+      if (highAlerts.length > 0) {
+        console.warn(`[Watch] \u26A0\uFE0F  ${highAlerts.length} high-priority compliance alert(s) detected`);
+      }
+      if (validation.coverageGaps.length > 0) {
+        console.warn(`[Watch] \u26A0\uFE0F  ${validation.coverageGaps.length} compliance coverage gap(s) detected`);
+      }
+      if (validation.recommendations.length > 0 && criticalAlerts.length === 0) {
+        console.log(`[Watch] \u{1F4A1} ${validation.recommendations.length} compliance recommendation(s) available`);
+      }
+      if (validation.valid) {
+        console.log("[Watch] \u2713 Compliance validation passed");
+      }
+    } catch (error) {
+      console.error("[Watch] Compliance validation failed:", error);
+      if (error instanceof Error) {
+        const validationFailure = [{
+          id: `compliance-validation-error-${Date.now()}`,
+          hash: createHash3("sha256").update(`validation-error-${Date.now()}`).digest("hex"),
+          file: "compliance-validation",
+          line: 1,
+          agent: "compliance-validator",
+          issue: `Compliance validation system failure: ${error.message}`,
+          fix: "Investigate and restore compliance validation system",
+          severity: "critical",
+          timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+          category: "compliance",
+          confidence: 100,
+          autoFixable: false
+        }];
+        await storeIssues(validationFailure, basename(projectPath), projectPath);
+        if (this.streamingManager) {
+          this.streamingManager.reportLedgerUpdate(1, "incident");
+        }
+      }
+    }
+  }
 };
 
 export {
@@ -11988,10 +12516,9 @@ export {
   TrieGetNudgesTool,
   TrieQueryContextTool,
   TrieQueryLedgerBlocksTool,
-  handleCheckpointTool,
   TriePipelineTool,
   GitHubBranchesTool,
   InteractiveDashboard,
   TrieWatchTool
 };
-//# sourceMappingURL=chunk-HOGKPDZA.js.map
+//# sourceMappingURL=chunk-LQIMKE3P.js.map