@vextlabs/theron-cli 0.2.1 → 0.3.0

package/dist/verifiers/calc_gate.js

@@ -0,0 +1,112 @@
+// Calc-gate verifier — the deterministic teeth behind the numeric
+// methodology's "show the work" invariant.
+//
+// The throughline for finance / data / math (and the numeric trades —
+// trader / engineer / realtor) is: a number you COMPUTED must arrive with
+// the computation that produced it. A bare asserted result figure — "the
+// IRR is 14.3%", "the LTV/CAC is 3.2x", "the NPV is $1.24M", "the deflection
+// is 4.7mm" — with no derivation is the failure mode this gate catches. It
+// runs on the numeric profiles only.
+//
+// How it differs from arithmetic_recheck (the existing numeric kernel):
+//   - arithmetic_recheck takes an explicit "X op Y = Z" line and re-evaluates
+//     it — it catches WRONG math that's already shown.
+//   - calc_gate catches MISSING math: a derived headline figure asserted with
+//     no visible derivation at all. The two are complementary — recheck
+//     proves shown work is right; calc_gate proves the work was shown.
+//
+// How it works:
+//   1. Scan the output for a COMPUTED-RESULT assertion: a named computed
+//      quantity (IRR, NPV, ROI, LTV/CAC, margin, CAGR, payback, deflection,
+//      stress, mean, median, std dev, p-value, total, etc.) stated as a
+//      concrete value ("= 14.3%", "is $1.24M", "comes to 3.2x").
+//   2. If such a claim is present, check for DERIVATION evidence anywhere in
+//      the output: an arithmetic line (a + b = c), a formula, a fenced code/
+//      calc block, a python calculator call, a stated set of inputs, or a
+//      worked table. Any of these proves the number wasn't conjured.
+//   3. A computed figure asserted with NO derivation is a BLOCK — fed back so
+//      the model shows the steps before the number stands.
+//
+// Conservative by design: it only fires when a RESULT-NAMED quantity is
+// stated as a hard value. Round-number context ("we have ~10 customers"),
+// inputs the user gave ("at a 10% discount rate"), questions, and figures the
+// model explicitly flags as estimates/assumptions all pass. The guard below
+// keeps it off honest "rough estimate" language.
+const APPLIES_TO_PROFILES = new Set([
+    "finance",
+    "data",
+    "math",
+    "trader",
+    "engineer",
+    "realtor",
+]);
+// Only gate substantive outputs — a one-line "the total is 5" aside isn't a
+// derivation-worthy result.
+const MIN_LENGTH_TO_GATE = 160;
+// COMPUTED-RESULT assertion: a named, derived quantity stated as a concrete
+// value. The quantity name is what marks it as COMPUTED (you don't "measure"
+// an IRR, you compute it), so a bare value next to one of these names implies
+// a calculation must exist.
+const NAMED_RESULT = "irr|npv|roi|roic|roe|cagr|ltv\\s*/?\\s*cac|ltv|cac|payback(?:\\s+period)?|gross\\s+margin|net\\s+margin|ebitda|arr|mrr|burn\\s+rate|runway|wacc|dcf|cap\\s+rate|cash[- ]on[- ]cash|dscr|noi|break[- ]even|deflection|bending\\s+(?:moment|stress)|shear|torque|stress|strain|moment\\s+of\\s+inertia|resistance|voltage|current|the\\s+mean|the\\s+median|the\\s+average|std(?:\\.|\\s+dev)?|standard\\s+deviation|variance|p[- ]value|correlation|r\\^?2|r[- ]squared|the\\s+total|the\\s+sum|the\\s+result|the\\s+(?:projected|expected)\\s+\\w+";
+// A concrete value token: a number with optional currency/unit/percent/x.
+const VALUE = "[\\$€£]?-?\\d[\\d,]*(?:\\.\\d+)?\\s*(?:%|x|bps|mm|cm|m|kg|n|nm|kn|mpa|psi|v|a|ω|ohm|years?|months?|days?|k|m|b|bn|mn)?";
+const CLAIM_PATTERNS = [
+    // "the IRR is 14.3%", "NPV = $1.24M", "LTV/CAC comes to 3.2x"
+    new RegExp(`\\b(?:${NAMED_RESULT})\\b[^.\\n]{0,30}\\b(?:is|=|comes?\\s+(?:to|out\\s+to)|works?\\s+out\\s+to|equals?|totals?|of)\\b\\s*(?:approximately\\s+|roughly\\s+|about\\s+|~)?${VALUE}`, "i"),
+    // "= 14.3%" immediately following a named result within a tight window
+    new RegExp(`\\b(?:${NAMED_RESULT})\\b[^=\\n]{0,20}=\\s*${VALUE}`, "i"),
+];
+// GUARD: the model being honest that a figure is a rough estimate / placeholder
+// / illustrative, or asking for inputs, doesn't need a full derivation shown —
+// that's honest uncertainty, which we reward. Also guards values the user
+// themselves supplied as an input ("at your stated 10% rate").
+const GUARD = /\b(?:rough(?:ly)?\s+estimate|ballpark|placeholder|illustrative|for\s+example|let'?s\s+(?:say|assume)|hypothetical|order\s+of\s+magnitude|i\s+don'?t\s+have|i\s+can'?t\s+(?:compute|calculate)|need\s+(?:the|more)\s+(?:inputs?|data|numbers?)|what\s+(?:is|are)\s+your|you\s+(?:said|gave|specified|provided)|as\s+you\s+(?:stated|noted))\b/i;
+// DERIVATION evidence — proof the number came from a calculation.
+const DERIVATION_EVIDENCE = [
+    /[\$€£]?-?\d[\d,]*(?:\.\d+)?\s*[+\-*/×÷]\s*[\$€£]?-?\d[\d,]*(?:\.\d+)?/, // an arithmetic expression a op b
+    /=\s*[\$€£]?-?\d[\d,]*(?:\.\d+)?\s*[+\-*/×÷]/, // = a op b ...
+    /```[\s\S]*?```/, // a fenced calc / code block
+    /\bpython3?\b[^.\n]{0,40}\b(?:-c|print|=)/i, // a python calculator call
+    /\b(?:formula|equation|derivation|calculation|computed\s+as|worked\s+out|step\s*\d|step[- ]by[- ]step)\b/i,
+    /\b(?:where|given|inputs?|assumptions?)\b\s*[:\-][^.\n]{0,40}=/i, // a "given: x = ..., y = ..." inputs block
+    /\|\s*[-:]+\s*\|/, // a markdown table separator (a worked table)
+    /\b(?:sum|total|mean|average)\s*(?:of)?\s*\([^)]*[+,][^)]*\)/i, // sum(a, b, c) / mean(...)
+    /\(\s*[\$€£]?-?\d[\d,]*(?:\.\d+)?[^)]*[+\-*/×÷][^)]*\)/, // a parenthesized expression (a + b)
+];
+function anyMatch(patterns, text) {
+    return patterns.some((re) => re.test(text));
+}
+export const calcGateKernel = {
+    slug: "calc_gate",
+    describe: "Numeric domains: a computed result figure (IRR, NPV, margin, deflection, mean, …) must show the calculation/derivation, not just assert the number",
+    async run(ctx) {
+        if (!APPLIES_TO_PROFILES.has(ctx.profile))
+            return [];
+        const text = ctx.assistantText;
+        if (text.length < MIN_LENGTH_TO_GATE)
+            return [];
+        // Is there a named computed-result assertion at all?
+        const claimMatch = CLAIM_PATTERNS.map((re) => re.exec(text)).find(Boolean);
+        if (!claimMatch)
+            return [];
+        // Guard: rough estimate / user-supplied input / "I can't compute" — these
+        // don't need a derivation shown. Inspect a window around the match.
+        const idx = claimMatch.index ?? 0;
+        const window = text.slice(Math.max(0, idx - 90), idx + (claimMatch[0]?.length ?? 0) + 90);
+        if (GUARD.test(window))
+            return [];
+        // Does the output show the work anywhere?
+        if (anyMatch(DERIVATION_EVIDENCE, text))
+            return [];
+        return [
+            {
+                severity: "block",
+                kernel: "calc_gate",
+                message: `A computed figure ("${claimMatch[0].slice(0, 60).trim()}…") is asserted with no visible calculation. ` +
+                    `Per the methodology for numeric work: show the work — the arithmetic, formula, inputs, or a worked table that produces the number. ` +
+                    `A bare result the reader can't reproduce is a hypothesis, not an answer.`,
+            },
+        ];
+    },
+};
+//# sourceMappingURL=calc_gate.js.map

package/dist/verifiers/calc_gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"calc_gate.js","sourceRoot":"","sources":["../../src/verifiers/calc_gate.ts"],"names":[],"mappings":"AAAA,kEAAkE;AAClE,2CAA2C;AAC3C,EAAE;AACF,sEAAsE;AACtE,0EAA0E;AAC1E,yEAAyE;AACzE,6EAA6E;AAC7E,2EAA2E;AAC3E,qCAAqC;AACrC,EAAE;AACF,wEAAwE;AACxE,8EAA8E;AAC9E,uDAAuD;AACvD,8EAA8E;AAC9E,wEAAwE;AACxE,uEAAuE;AACvE,EAAE;AACF,gBAAgB;AAChB,yEAAyE;AACzE,4EAA4E;AAC5E,wEAAwE;AACxE,iEAAiE;AACjE,6EAA6E;AAC7E,6EAA6E;AAC7E,0EAA0E;AAC1E,qEAAqE;AACrE,8EAA8E;AAC9E,2DAA2D;AAC3D,EAAE;AACF,wEAAwE;AACxE,0EAA0E;AAC1E,8EAA8E;AAC9E,4EAA4E;AAC5E,iDAAiD;AAIjD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,SAAS;IACT,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,SAAS;CACV,CAAC,CAAC;AAEH,4EAA4E;AAC5E,4BAA4B;AAC5B,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAE/B,4EAA4E;AAC5E,6EAA6E;AAC7E,8EAA8E;AAC9E,4BAA4B;AAC5B,MAAM,YAAY,GAChB,ohBAAohB,CAAC;AAEvhB,0EAA0E;AAC1E,MAAM,KAAK,GAAG,wHAAwH,CAAC;AAEvI,MAAM,cAAc,GAAa;IAC/B,8DAA8D;IAC9D,IAAI,MAAM,CAAC,SAAS,YAAY,sJAAsJ,KAAK,EAAE,EAAE,GAAG,CAAC;IACnM,uEAAuE;IACvE,IAAI,MAAM,CAAC,SAAS,YAAY,yBAAyB,KAAK,EAAE,EAAE,GAAG,CAAC;CACvE,CAAC;AAEF,gFAAgF;AAChF,+EAA+E;AAC/E,0EAA0E;AAC1E,+DAA+D;AAC/D,MAAM,KAAK,GACT,+UAA+U,CAAC;AAElV,kEAAkE;AAClE,MAAM,mBAAmB,GAAa;IACpC,uEAAuE,EAAE,kCAAkC;IAC3G,6CAA6C,EAA2B,eAAe;IACvF,gBAAgB,EAAwD,6BAA6B;IACrG,2CAA2C,EAA6B,2BAA2B;IACnG,0GAA0G;IAC1G,gEAAgE,EAAS,2CAA2C;IACpH,iBAAiB,EAAuD,8CAA8C;IACtH,8DAA8D,EAAU,2BAA2B;IACnG,uDAAuD,EAAkB,qCAAqC;CAC/G,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAkB,EAAE,IAAY;IAChD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,CAAC,MAAM,cAAc,GAAa;IACtC,IAAI,EAAE,WAAW;IACjB,QAAQ,EACN,oJAAoJ;IACtJ,KAAK,CAAC,GAAG,CAAC,GAAoB;QAC5B,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,GAAG,kBAAkB;YAAE,OAAO,EAAE,CAAC;QAEhD,qDAAqD;QACrD,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,CAAC;QAE3B,0EAA0E;QAC1E,oEAAoE;QACpE,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC1F,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,EAAE,CAAC;QAElC,0CAA0C;QAC1C,IAAI,QAAQ,CAAC,mBAAmB,EAAE,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QAEnD,OAAO;YACL;gBACE,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,WAAW;gBACnB,OAAO,EACL,uBAAuB,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,+CAA+C;oBACvG,qIAAqI;oBACrI,0EAA0E;aAC7E;SACF,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/verifiers/citation_gate.d.ts

@@ -0,0 +1,2 @@
+import type { Verifier } from "./types.js";
+export declare const citationGateKernel: Verifier;

package/dist/verifiers/citation_gate.js

@@ -0,0 +1,130 @@
+// Citation-gate verifier — the deterministic teeth behind the
+// regulated/research methodology's "cite the source" invariant.
+//
+// The throughline across legal / medical / science / research / finance-fact
+// is: a stated FACT, PRECEDENT, or FIGURE must point at a source. Reciting a
+// statute, a holding, a clinical guideline, a study result, or a hard number
+// from memory — with nothing to verify it against — is the failure mode this
+// gate catches. It runs on the regulated + research profiles only.
+//
+// How it differs from citation_presence (the existing softer check):
+//   - citation_presence is a length-triggered "did you cite ANYTHING?" warn.
+//     It fires whenever a long output has zero citations.
+//   - citation_gate is CLAIM-triggered and BLOCKS. It only fires when the
+//     output actually ASSERTS a specific fact/precedent/figure (the sentence
+//     that needs a source), and then proves that sentence carries one. This
+//     is the harder gate: a 100-word answer that confidently states a holding
+//     with no cite is blocked even though it's under the presence threshold.
+//
+// How it works:
+//   1. Scan the output for ASSERTION language that introduces a verifiable
+//      fact: a ruled/held case, an approved/indicated drug, a study that
+//      "found"/"showed" a result, a statute that "requires", a figure stated
+//      as established ("the FDA approved", "the standard rate is 21%").
+//   2. If such a claim is present, check for a CITATION token anywhere a
+//      reader could chase it down: a statute § / a case name / a DOI / a
+//      named source / a URL / an inline (Author Year).
+//   3. A specific fact/precedent/figure claim WITHOUT a citation is a BLOCK
+//      — fed back so the model must attach the source before the claim
+//      stands.
+//
+// Conservative by design: it only fires on AFFIRMATIVE, specific assertions.
+// Hedged statements ("I don't have the cite handy"), questions, the model's
+// own disclaimers, and "I can't verify this" all pass. The negation/hedge
+// guard below keeps it from false-firing on honest uncertainty — which is
+// exactly the behavior we want to reward, not punish.
+const APPLIES_TO_PROFILES = new Set([
+    "legal",
+    "medical",
+    "research",
+    "academic",
+    "policy",
+    "science",
+    "finance",
+    "architect",
+    // education profile (slug `tutor`): teach only what you can source/derive —
+    // a confident factual/historical/scientific claim still needs a citation.
+    "tutor",
+]);
+// Only gate substantive outputs — a one-line "let me look that up" is not a
+// fact assertion that needs a cite.
+const MIN_LENGTH_TO_GATE = 180;
+// ASSERTION language: the model stating a specific, verifiable
+// fact / precedent / figure as established. Crafted to catch affirmative
+// regulated claims while ignoring intentions ("let me find the statute"),
+// questions, and the model's own uncertainty (handled by HEDGE_GUARD).
+const CLAIM_PATTERNS = [
+    // A court RULED / HELD / a case ESTABLISHED something — a precedent claim.
+    /\b(?:the\s+court|supreme\s+court|holding|precedent)\b[^.\n]{0,80}\b(?:held|ruled|found|established|decided|affirmed|reversed|struck\s+down|established\s+that)\b/i,
+    /\b(?:held|ruled|established|decided|affirmed|reversed)\b[^.\n]{0,60}\b(?:that|in|under|the\s+defendant|the\s+plaintiff)\b/i,
+    // A statute / regulation / standard REQUIRES / MANDATES / PROHIBITS — a legal-figure claim.
+    /\b(?:statute|regulation|law|code|rule|act|directive|the\s+IBC|the\s+ADA|HIPAA|GDPR|the\s+FDA|the\s+SEC|the\s+IRS)\b[^.\n]{0,80}\b(?:requires?|mandates?|prohibits?|specifies?|states?\s+that|sets?\s+(?:a|the)\s+limit|caps?)\b/i,
+    // A drug / treatment is APPROVED / INDICATED / CONTRAINDICATED — a clinical claim.
+    /\b(?:approved|indicated|contraindicated|first[- ]line|recommended\s+(?:dose|dosage)|the\s+guideline)\b[^.\n]{0,80}\b(?:for|in|by\s+the\s+FDA|treatment|patients?|is\s+\d)\b/i,
+    // A STUDY / TRIAL / META-ANALYSIS FOUND / SHOWED / DEMONSTRATED a result — a research-fact claim.
+    /\b(?:a\s+)?(?:study|trial|meta[- ]analysis|paper|the\s+research|rct|randomized\s+controlled\s+trial|systematic\s+review)\b[^.\n]{0,60}\b(?:found|showed|demonstrated|reported|concluded|established|revealed)\b/i,
+    // An established FIGURE stated as fact: "the standard rate is 21%", "mortality
+    // was 4.2%", "n = 1,204 patients", "the prevalence is 1 in 3,000".
+    /\b(?:the\s+(?:standard|statutory|federal|approved|recommended|established|baseline))\b[^.\n]{0,50}\b(?:rate|limit|threshold|dose|level|value|figure|percentage)\b[^.\n]{0,30}\bis\b[^.\n]{0,20}[\d$]/i,
+    /\b(?:mortality|incidence|prevalence|efficacy|sensitivity|specificity|the\s+rate|the\s+risk|survival)\b[^.\n]{0,40}\b(?:was|is|of)\b\s*[\d$][\d.,]*\s*%?/i,
+];
+// HEDGE / NEGATION guard: if the matched sentence reads as the model being
+// HONEST about not having the source, asking a question, or stating the
+// opposite, it's not a claim that needs proof — it's exactly the "state
+// uncertainty honestly" behavior we reward. Pass it cleanly.
+const HEDGE_GUARD = /\b(?:i\s+don'?t\s+have|i\s+can'?t\s+(?:find|locate|verify|confirm)|not\s+(?:sure|certain|aware|in\s+the)|unsure|unclear|no\s+(?:source|citation|record|study)|cannot\s+(?:cite|verify|confirm)|unverified|unsourced|i\s+believe|i\s+think|may\s+(?:be|have)|might\s+(?:be|have)|appears?\s+to|seems?\s+to|if\s+i\s+recall|as\s+far\s+as\s+i\s+know|point\s+me\s+at|do\s+you\s+have\s+the)\b/i;
+// CITATION tokens — anywhere the claim is anchored to something a reader can
+// chase. Reuses the recognized forms from citation_presence and adds DOI +
+// named-reporter + URL.
+const CITATION_EVIDENCE = [
+    /\[[^\]]*§[^\]]*\]/, // [Source §1.2(b)]
+    /§\s*\d/, // a bare § N citation
+    /\b\d+\s+[A-Z][A-Za-z.]+\s+\d+\b/, // reporter cite: 123 U.S. 456 / 410 F.3d 100
+    /\b[A-Z][A-Za-z.&'-]+\s+v\.?\s+[A-Z][A-Za-z.&'-]+/, // Case v. Name
+    /\b10\.\d{4,9}\/[-._;()/:A-Z0-9]+/i, // a DOI (10.xxxx/...)
+    /\bdoi:\s*\S+/i, // doi: ...
+    /\b(?:PMID|PMCID|NCT|arXiv)\s*:?\s*\d/i, // PubMed / trial / arXiv IDs
+    /\bhttps?:\/\/\S+/, // a URL
+    /\[[^\]]+\]\(\S+\)/, // a markdown link
+    /\[[A-Z][a-z]+(?:\s+et\s+al\.?)?\s+\d{4}\]/, // [Smith 2022]
+    /\([A-Z][a-z]+(?:\s+et\s+al\.?)?,?\s+\d{4}\)/, // (Smith, 2022)
+    /\b(?:USC|U\.S\.C\.|CFR|C\.F\.R\.|IBC|ADA|ISO|IEC|ASTM|NFPA)\s*§?\s*\d/i, // standard/code cite
+];
+function anyMatch(patterns, text) {
+    return patterns.some((re) => re.test(text));
+}
+export const citationGateKernel = {
+    slug: "citation_gate",
+    describe: "Regulated/research: a stated fact, precedent, or figure must carry a citation (statute §, case, DOI, source, or URL)",
+    async run(ctx) {
+        if (!APPLIES_TO_PROFILES.has(ctx.profile))
+            return [];
+        const text = ctx.assistantText;
+        if (text.length < MIN_LENGTH_TO_GATE)
+            return [];
+        // Is there an affirmative fact/precedent/figure assertion at all?
+        const claimMatch = CLAIM_PATTERNS.map((re) => re.exec(text)).find(Boolean);
+        if (!claimMatch)
+            return [];
+        // Hedge/negation guard: if the matched sentence is the model being honest
+        // about NOT having the source (or asking for it), don't gate it. Inspect
+        // a window around the match.
+        const idx = claimMatch.index ?? 0;
+        const window = text.slice(Math.max(0, idx - 90), idx + (claimMatch[0]?.length ?? 0) + 90);
+        if (HEDGE_GUARD.test(window))
+            return [];
+        // Does the output carry a citation the reader could chase down?
+        if (anyMatch(CITATION_EVIDENCE, text))
+            return [];
+        return [
+            {
+                severity: "block",
+                kernel: "citation_gate",
+                message: `A specific fact/precedent/figure ("${claimMatch[0].slice(0, 60).trim()}…") is stated with no citation. ` +
+                    `Per the methodology for regulated/research work: read the source and cite it (statute §, case name, DOI, named study, or URL) ` +
+                    `before asserting it. If you don't have the source, say so honestly instead of stating it as established.`,
+            },
+        ];
+    },
+};
+//# sourceMappingURL=citation_gate.js.map

package/dist/verifiers/citation_gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"citation_gate.js","sourceRoot":"","sources":["../../src/verifiers/citation_gate.ts"],"names":[],"mappings":"AAAA,8DAA8D;AAC9D,gEAAgE;AAChE,EAAE;AACF,6EAA6E;AAC7E,6EAA6E;AAC7E,6EAA6E;AAC7E,6EAA6E;AAC7E,mEAAmE;AACnE,EAAE;AACF,qEAAqE;AACrE,6EAA6E;AAC7E,0DAA0D;AAC1D,0EAA0E;AAC1E,6EAA6E;AAC7E,4EAA4E;AAC5E,8EAA8E;AAC9E,6EAA6E;AAC7E,EAAE;AACF,gBAAgB;AAChB,2EAA2E;AAC3E,yEAAyE;AACzE,6EAA6E;AAC7E,wEAAwE;AACxE,yEAAyE;AACzE,yEAAyE;AACzE,uDAAuD;AACvD,4EAA4E;AAC5E,uEAAuE;AACvE,eAAe;AACf,EAAE;AACF,6EAA6E;AAC7E,4EAA4E;AAC5E,0EAA0E;AAC1E,0EAA0E;AAC1E,sDAAsD;AAItD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,OAAO;IACP,SAAS;IACT,UAAU;IACV,UAAU;IACV,QAAQ;IACR,SAAS;IACT,SAAS;IACT,WAAW;IACX,4EAA4E;IAC5E,0EAA0E;IAC1E,OAAO;CACR,CAAC,CAAC;AAEH,4EAA4E;AAC5E,oCAAoC;AACpC,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAE/B,+DAA+D;AAC/D,yEAAyE;AACzE,0EAA0E;AAC1E,uEAAuE;AACvE,MAAM,cAAc,GAAa;IAC/B,2EAA2E;IAC3E,mKAAmK;IACnK,4HAA4H;IAC5H,4FAA4F;IAC5F,kOAAkO;IAClO,mFAAmF;IACnF,8KAA8K;IAC9K,kGAAkG;IAClG,kNAAkN;IAClN,+EAA+E;IAC/E,mEAAmE;IACnE,uMAAuM;IACvM,0JAA0J;CAC3J,CAAC;AAEF,2EAA2E;AAC3E,wEAAwE;AACxE,wEAAwE;AACxE,6DAA6D;AAC7D,MAAM,WAAW,GACf,8XAA8X,CAAC;AAEjY,6EAA6E;AAC7E,2EAA2E;AAC3E,wBAAwB;AACxB,MAAM,iBAAiB,GAAa;IAClC,mBAAmB,EAAkC,mBAAmB;IACxE,QAAQ,EAA6C,sBAAsB;IAC3E,iCAAiC,EAAoB,6CAA6C;IAClG,kDAAkD,EAAE,eAAe;IACnE,mCAAmC,EAAkB,sBAAsB;IAC3E,eAAe,EAAsC,WAAW;IAChE,uCAAuC,EAAc,6BAA6B;IAClF,kBAAkB,EAAmC,QAAQ;IAC7D,mBAAmB,EAAkC,kBAAkB;IACvE,2CAA2C,EAAU,eAAe;IACpE,6CAA6C,EAAQ,gBAAgB;IACrE,wEAAwE,EAAE,qBAAqB;CAChG,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAkB,EAAE,IAAY;IAChD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAa;IAC1C,IAAI,EAAE,eAAe;IACrB,QAAQ,EACN,sHAAsH;IACxH,KAAK,CAAC,GAAG,CAAC,GAAoB;QAC5B,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,GAAG,kBAAkB;YAAE,OAAO,EAAE,CAAC;QAEhD,kEAAkE;QAClE,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,CAAC;QAE3B,0EAA0E;QAC1E,yEAAyE;QACzE,6BAA6B;QAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC1F,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,EAAE,CAAC;QAExC,gEAAgE;QAChE,IAAI,QAAQ,CAAC,iBAAiB,EAAE,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QAEjD,OAAO;YACL;gBACE,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,eAAe;gBACvB,OAAO,EACL,sCAAsC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,kCAAkC;oBACzG,gIAAgI;oBAChI,0GAA0G;aAC7G;SACF,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/verifiers/evidence_gate.d.ts

@@ -0,0 +1,2 @@
+import type { Verifier } from "./types.js";
+export declare const evidenceGateKernel: Verifier;

package/dist/verifiers/evidence_gate.js

@@ -0,0 +1,108 @@
+// Evidence-gate verifier — the deterministic teeth behind the pentest /
+// security methodology's "confirm with evidence" invariant.
+//
+// The methodology says: NEVER claim a vulnerability without the exact
+// request that triggers it AND the response/error that proves it. This
+// kernel enforces that gate mechanically rather than trusting the model
+// to self-police. It runs on the `pentest` and `security` profiles only.
+//
+// How it works:
+//   1. Scan the output for VULN-CLAIM language ("SQL injection confirmed",
+//      "auth bypass found", "vulnerable to XSS", "IDOR present", etc.).
+//   2. If a claim is present, scan for EVIDENCE alongside it: a concrete
+//      request (curl / HTTP method + path / a payload string) AND a
+//      concrete observed response (status code, error string, extracted
+//      row, token contents, a fenced response block, etc.).
+//   3. A claim WITHOUT both halves of the evidence is a BLOCK — it gets
+//      fed back into the next turn so the model must go prove it (re-run
+//      the request, paste the response) before the finding stands.
+//
+// This is intentionally conservative: it only fires when the output
+// actually asserts a vulnerability. Recon, baselining, scoping, and
+// "I tested X and it's NOT vulnerable" never trip it. The point is to
+// stop unproven "found a critical SQLi" claims, not to slow down honest
+// investigation.
+const APPLIES_TO_PROFILES = new Set(["pentest", "security"]);
+// A claim is only gated if the output is substantive enough to be a
+// finding rather than a passing aside. Short "let me test for SQLi"
+// lines are not claims.
+const MIN_LENGTH_TO_GATE = 200;
+// VULN-CLAIM language: the model asserting a vulnerability EXISTS /
+// is confirmed / was exploited. Crafted to catch affirmative findings
+// while ignoring negative results ("not vulnerable") and intentions
+// ("let's test for SQLi"), which are handled by NEGATION_GUARD below.
+const CLAIM_PATTERNS = [
+    /\b(?:sql\s*injection|sqli|xss|cross[- ]site\s+scripting|csrf|ssrf|idor|bola|rce|remote\s+code\s+execution|auth(?:entication|orization)?\s+bypass|privilege\s+escalation|path\s+traversal|directory\s+traversal|lfi|rfi|xxe|open\s+redirect|insecure\s+deserialization|command\s+injection|broken\s+access\s+control)\b[^.\n]{0,80}\b(?:confirmed|found|present|exists?|works?|succeeds?|is\s+exploitable|vulnerab(?:le|ility)|triggered|exploited|verified)\b/i,
+    /\b(?:vulnerab(?:le|ility))\b[^.\n]{0,60}\b(?:to|confirmed|found|present)\b/i,
+    /\b(?:confirmed|verified|exploited|found)\b[^.\n]{0,40}\b(?:sql\s*injection|sqli|xss|csrf|ssrf|idor|bola|rce|auth(?:entication|orization)?\s+bypass|privilege\s+escalation|path\s+traversal|command\s+injection|access\s+control)\b/i,
+    // A structured finding header asserting severity — "Severity: Critical"
+    // / "**Critical**" alongside a finding implies a positive claim.
+    /\bseverity\b\s*[:\-]\s*(critical|high|medium|med|low)\b/i,
+];
+// Negation guard: if the matched sentence is a NEGATIVE result, it's not
+// a claim that needs proof. "/login is NOT vulnerable to SQLi" should
+// pass cleanly.
+const NEGATION_NEAR = /\b(not|isn'?t|wasn'?t|no\s+evidence|appears?\s+safe|does\s+not\s+appear|could\s+not|couldn'?t|unable\s+to|ruled\s+out|false\s+positive)\b/i;
+// EVIDENCE — a concrete REQUEST. The exact thing that was sent.
+const REQUEST_EVIDENCE = [
+    /\bcurl\b/i, // a curl invocation
+    /\b(GET|POST|PUT|DELETE|PATCH)\s+\/?\S/, // METHOD /path
+    /\?\w+=/, // a query param payload (?q=...)
+    /https?:\/\/\S+/, // a full URL under test
+    /\bpayload\b\s*[:\-]/i, // an explicit payload line
+    /['"`][^'"`\n]*(?:'|--|\bUNION\b|\bSELECT\b|<script|\.\.\/)[^'"`\n]*['"`]/i, // an injection string
+];
+// EVIDENCE — a concrete RESPONSE / observation that PROVES it.
+const RESPONSE_EVIDENCE = [
+    /\b(?:HTTP\/?\d?\.?\d?\s*)?(?:status\s*(?:code)?\s*[:=]?\s*)?\b(200|201|301|302|400|401|403|404|419|500|502|503)\b/,
+    /\b(?:SQLITE_ERROR|SQL\s*syntax|ORA-\d+|PG::|MySQLSyntaxError|near\s+["'][^"']*["']:\s*syntax\s+error|unterminated\s+(?:quoted\s+)?string|column\s+count|unrecognized\s+token)\b/i,
+    /\b(?:returned|returns|response(?:\s+(?:was|is|body))?|error(?:\s+(?:was|is|message))?|output(?:\s+(?:was|is))?)\b\s*[:\-]/i,
+    /```[\s\S]*?```/, // a fenced response/error block
+    /\b\d+\s+rows?\b/i, // "3 rows" — baseline/extract evidence
+    /\beyJ[A-Za-z0-9_-]{8,}/, // a JWT (header.payload...) inline
+    /\b(?:extracted|leaked|dumped|recovered)\b[^.\n]{0,40}\b(?:user|password|hash|token|email|row|record|column)\b/i,
+];
+function anyMatch(patterns, text) {
+    return patterns.some((re) => re.test(text));
+}
+export const evidenceGateKernel = {
+    slug: "evidence_gate",
+    describe: "Pentest/security: a vulnerability CLAIM must carry the exact request + the proving response/error",
+    async run(ctx) {
+        if (!APPLIES_TO_PROFILES.has(ctx.profile))
+            return [];
+        const text = ctx.assistantText;
+        if (text.length < MIN_LENGTH_TO_GATE)
+            return [];
+        // Is there an affirmative vulnerability claim at all?
+        const claimMatch = CLAIM_PATTERNS.map((re) => re.exec(text)).find(Boolean);
+        if (!claimMatch)
+            return [];
+        // Negation guard: if the matched claim sentence reads as a NEGATIVE
+        // result, it's not a finding that needs evidence. Inspect a window
+        // around the match.
+        const idx = claimMatch.index ?? 0;
+        const window = text.slice(Math.max(0, idx - 80), idx + (claimMatch[0]?.length ?? 0) + 80);
+        if (NEGATION_NEAR.test(window))
+            return [];
+        const hasRequest = anyMatch(REQUEST_EVIDENCE, text);
+        const hasResponse = anyMatch(RESPONSE_EVIDENCE, text);
+        if (hasRequest && hasResponse)
+            return [];
+        const missing = [];
+        if (!hasRequest)
+            missing.push("the exact request (curl / METHOD path / payload)");
+        if (!hasResponse)
+            missing.push("the proving response (status code, error, extracted data, or a fenced response block)");
+        return [
+            {
+                severity: "block",
+                kernel: "evidence_gate",
+                message: `Vulnerability claim ("${claimMatch[0].slice(0, 60).trim()}…") is missing ${missing.join(" and ")}. ` +
+                    `Per the methodology: never claim a vuln without the exact request AND the response/error that proves it. ` +
+                    `Re-run the request, paste both halves of the evidence, then restate the finding.`,
+            },
+        ];
+    },
+};
+//# sourceMappingURL=evidence_gate.js.map

package/dist/verifiers/evidence_gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evidence_gate.js","sourceRoot":"","sources":["../../src/verifiers/evidence_gate.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,4DAA4D;AAC5D,EAAE;AACF,sEAAsE;AACtE,uEAAuE;AACvE,wEAAwE;AACxE,yEAAyE;AACzE,EAAE;AACF,gBAAgB;AAChB,2EAA2E;AAC3E,wEAAwE;AACxE,yEAAyE;AACzE,oEAAoE;AACpE,wEAAwE;AACxE,4DAA4D;AAC5D,wEAAwE;AACxE,yEAAyE;AACzE,mEAAmE;AACnE,EAAE;AACF,oEAAoE;AACpE,oEAAoE;AACpE,sEAAsE;AACtE,wEAAwE;AACxE,iBAAiB;AAIjB,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC;AAE7D,oEAAoE;AACpE,oEAAoE;AACpE,wBAAwB;AACxB,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAE/B,oEAAoE;AACpE,sEAAsE;AACtE,oEAAoE;AACpE,sEAAsE;AACtE,MAAM,cAAc,GAAa;IAC/B,gcAAgc;IAChc,6EAA6E;IAC7E,qOAAqO;IACrO,wEAAwE;IACxE,iEAAiE;IACjE,0DAA0D;CAC3D,CAAC;AAEF,yEAAyE;AACzE,sEAAsE;AACtE,gBAAgB;AAChB,MAAM,aAAa,GAAG,4IAA4I,CAAC;AAEnK,gEAAgE;AAChE,MAAM,gBAAgB,GAAa;IACjC,WAAW,EAAoC,oBAAoB;IACnE,uCAAuC,EAAS,eAAe;IAC/D,QAAQ,EAAwC,iCAAiC;IACjF,gBAAgB,EAAgC,wBAAwB;IACxE,sBAAsB,EAA2B,2BAA2B;IAC5E,2EAA2E,EAAE,sBAAsB;CACpG,CAAC;AAEF,+DAA+D;AAC/D,MAAM,iBAAiB,GAAa;IAClC,mHAAmH;IACnH,kLAAkL;IAClL,4HAA4H;IAC5H,gBAAgB,EAAiC,gCAAgC;IACjF,kBAAkB,EAA8B,uCAAuC;IACvF,wBAAwB,EAAyB,mCAAmC;IACpF,gHAAgH;CACjH,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAkB,EAAE,IAAY;IAChD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAa;IAC1C,IAAI,EAAE,eAAe;IACrB,QAAQ,EACN,mGAAmG;IACrG,KAAK,CAAC,GAAG,CAAC,GAAoB;QAC5B,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,GAAG,kBAAkB;YAAE,OAAO,EAAE,CAAC;QAEhD,sDAAsD;QACtD,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,CAAC;QAE3B,oEAAoE;QACpE,mEAAmE;QACnE,oBAAoB;QACpB,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QAC1F,IAAI,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,EAAE,CAAC;QAE1C,MAAM,UAAU,GAAG,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;QACpD,MAAM,WAAW,GAAG,QAAQ,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC;QAEtD,IAAI,UAAU,IAAI,WAAW;YAAE,OAAO,EAAE,CAAC;QAEzC,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,CAAC,UAAU;YAAE,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;QAClF,IAAI,CAAC,WAAW;YAAE,OAAO,CAAC,IAAI,CAAC,uFAAuF,CAAC,CAAC;QAExH,OAAO;YACL;gBACE,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,eAAe;gBACvB,OAAO,EACL,yBAAyB,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,kBAAkB,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI;oBACrG,2GAA2G;oBAC3G,kFAAkF;aACrF;SACF,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/verifiers/index.js

@@ -19,6 +19,10 @@ import { emDashCheckKernel } from "./em_dash_check.js";
 import { aiIsmCheckKernel } from "./ai_ism_check.js";
 import { citationPresenceKernel } from "./citation_presence.js";
 import { arithmeticRecheckKernel } from "./arithmetic_recheck.js";
+import { evidenceGateKernel } from "./evidence_gate.js";
+import { citationGateKernel } from "./citation_gate.js";
+import { calcGateKernel } from "./calc_gate.js";
+import { sourceGateKernel } from "./source_gate.js";
 // Map slug → kernel. Profiles reference these via Profile.verifiers[].
 const REGISTRY = new Map();
 function register(v) { REGISTRY.set(v.slug, v); }
@@ -30,6 +34,10 @@ register(emDashCheckKernel);
 register(aiIsmCheckKernel);
 register(citationPresenceKernel);
 register(arithmeticRecheckKernel);
+register(evidenceGateKernel);
+register(citationGateKernel);
+register(calcGateKernel);
+register(sourceGateKernel);
 // Aliases for verifier slugs referenced in seeds.ts that share a kernel
 // (e.g. assumption_marked / advice_disclaimer / confidence_marked all
 // run via style_lint with a different config — the verifier reads the

package/dist/verifiers/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/verifiers/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,EAAE;AACF,sEAAsE;AACtE,mEAAmE;AACnE,8DAA8D;AAC9D,qEAAqE;AACrE,EAAE;AACF,gEAAgE;AAChE,iEAAiE;AACjE,EAAE;AACF,sEAAsE;AACtE,mEAAmE;AACnE,wCAAwC;AAExC,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAGlE,uEAAuE;AACvE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoB,CAAC;AAC7C,SAAS,QAAQ,CAAC,CAAW,IAAU,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAEjE,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,UAAU,CAAC,CAAC;AACrB,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,iBAAiB,CAAC,CAAC;AAC5B,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AAC3B,QAAQ,CAAC,sBAAsB,CAAC,CAAC;AACjC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;AAElC,wEAAwE;AACxE,sEAAsE;AACtE,sEAAsE;AACtE,iDAAiD;AACjD,KAAK,MAAM,KAAK,IAAI;IAClB,iBAAiB;IACjB,mBAAmB;IACnB,mBAAmB;IACnB,mBAAmB;IACnB,mBAAmB;IACnB,kBAAkB;IAClB,2BAA2B;IAC3B,YAAY;CACb,EAAE,CAAC;IACF,mEAAmE;IACnE,qEAAqE;IACrE,oEAAoE;IACpE,0CAA0C;IAC1C,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,GAAG,eAAe,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AAC3D,CAAC;AAID;;qEAEqE;AACrE,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,KAA2B,EAC3B,GAAoB;IAEpB,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,KAAK;SAClB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAC3B,MAAM,CAAC,CAAC,CAAC,EAAiB,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEpC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;gBAChC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;gBACV,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;aAC/E,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,0DAA0D;YAC1D,OAAO,CAAC;oBACN,QAAQ,EAAE,MAAe;oBACzB,MAAM,EAAE,CAAC,CAAC,IAAI;oBACd,OAAO,EAAE,qBAAqB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;iBACjF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CACH,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,eAAe,CAAC,MAAuB;IAKrD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IAClF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAC1D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC;IAC/B,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,QAAQ,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,OAAO,CAAC,CAAC;IACzD,OAAO;QACL,EAAE;QACF,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YAC7E,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,OAAO,KAAK,GAAG,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;QACpD,CAAC,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;0EAE0E;AAC1E,MAAM,UAAU,iBAAiB,CAAC,MAAuB;IACvD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,MAAM,CAAC,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;IAC9C,CAAC,CAAC,CAAC;IACH,OAAO;QACL,gEAAgE;QAChE,8FAA8F;QAC9F,GAAG,KAAK;QACR,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/verifiers/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,EAAE;AACF,sEAAsE;AACtE,mEAAmE;AACnE,8DAA8D;AAC9D,qEAAqE;AACrE,EAAE;AACF,gEAAgE;AAChE,iEAAiE;AACjE,EAAE;AACF,sEAAsE;AACtE,mEAAmE;AACnE,wCAAwC;AAExC,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGpD,uEAAuE;AACvE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoB,CAAC;AAC7C,SAAS,QAAQ,CAAC,CAAW,IAAU,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAEjE,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,UAAU,CAAC,CAAC;AACrB,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,eAAe,CAAC,CAAC;AAC1B,QAAQ,CAAC,iBAAiB,CAAC,CAAC;AAC5B,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AAC3B,QAAQ,CAAC,sBAAsB,CAAC,CAAC;AACjC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;AAClC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;AAC7B,QAAQ,CAAC,kBAAkB,CAAC,CAAC;AAC7B,QAAQ,CAAC,cAAc,CAAC,CAAC;AACzB,QAAQ,CAAC,gBAAgB,CAAC,CAAC;AAE3B,wEAAwE;AACxE,sEAAsE;AACtE,sEAAsE;AACtE,iDAAiD;AACjD,KAAK,MAAM,KAAK,IAAI;IAClB,iBAAiB;IACjB,mBAAmB;IACnB,mBAAmB;IACnB,mBAAmB;IACnB,mBAAmB;IACnB,kBAAkB;IAClB,2BAA2B;IAC3B,YAAY;CACb,EAAE,CAAC;IACF,mEAAmE;IACnE,qEAAqE;IACrE,oEAAoE;IACpE,0CAA0C;IAC1C,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,GAAG,eAAe,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AAC3D,CAAC;AAID;;qEAEqE;AACrE,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,KAA2B,EAC3B,GAAoB;IAEpB,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,KAAK;SAClB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAC3B,MAAM,CAAC,CAAC,CAAC,EAAiB,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEpC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;gBAChC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;gBACV,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;aAC/E,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,0DAA0D;YAC1D,OAAO,CAAC;oBACN,QAAQ,EAAE,MAAe;oBACzB,MAAM,EAAE,CAAC,CAAC,IAAI;oBACd,OAAO,EAAE,qBAAqB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;iBACjF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CACH,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,eAAe,CAAC,MAAuB;IAKrD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IAClF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAC1D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC;IAC/B,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,QAAQ,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,OAAO,CAAC,CAAC;IACzD,OAAO;QACL,EAAE;QACF,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxB,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YAC7E,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,OAAO,KAAK,GAAG,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;QACpD,CAAC,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;0EAE0E;AAC1E,MAAM,UAAU,iBAAiB,CAAC,MAAuB;IACvD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,MAAM,CAAC,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;IAC9C,CAAC,CAAC,CAAC;IACH,OAAO;QACL,gEAAgE;QAChE,8FAA8F;QAC9F,GAAG,KAAK;QACR,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}

package/dist/verifiers/source_gate.d.ts

@@ -0,0 +1,2 @@
+import type { Verifier } from "./types.js";
+export declare const sourceGateKernel: Verifier;

package/dist/verifiers/source_gate.js

@@ -0,0 +1,126 @@
+// Source-gate verifier — the soft teeth behind the "don't recite from
+// memory" move that runs across every Claude-quality domain.
+//
+// The throughline: when you assert a CANONICAL fact about a specific system,
+// spec, standard, API, config, or codebase — the kind of fact that has an
+// authoritative source you could open and read — you should have READ that
+// source this turn, not recited it from training memory (which drifts,
+// version-skews, and hallucinates exact signatures/flags/section numbers).
+// This is the cheapest, highest-leverage discipline in the whole set: read
+// the source before asserting.
+//
+// Unlike citation_gate (hard BLOCK on regulated facts) and calc_gate (hard
+// BLOCK on bare computed numbers), this one only WARNS. Canonical recall is
+// often fine — the model frequently does know the exact flag — and a hard
+// block here would be too noisy. The warn nudges the model (and the user)
+// toward "let me Read the actual file/spec to confirm" without halting the
+// loop.
+//
+// How it works:
+//   1. Scan the output for CANONICAL-RECALL language: a confident assertion
+//      about a specific named system/spec/standard's exact behavior — "the
+//      RFC says", "per the spec", "the default value is", "the flag is named",
+//      "section 4.2 of the standard", "the function signature is", "the env
+//      var is", "the config key is".
+//   2. Check whether the turn shows evidence the SOURCE was actually consulted:
+//      a Read/Grep tool ran on a relevant file (touchedFiles or a read marker
+//      in the text), a fenced quote FROM the source, a URL/cite, or explicit
+//      "I read/checked the source" language.
+//   3. A canonical-recall assertion with NO sign the source was read is a WARN
+//      — surfaced so the model self-corrects toward reading it, never blocking.
+//
+// Conservative by design: it only fires on assertions about a SPECIFIC named
+// source's exact contents, and the source-consulted evidence is generous
+// (reading ANY file this turn, quoting, or linking all count). General
+// explanations, opinions, and the model's own reasoning never trip it.
+// Broad set — the "read the source first" discipline is universal, but it's
+// most load-bearing where exact canonical detail matters: code/spec/standards
+// work and the research/regulated lanes. Writing/creative/therapy don't have a
+// "canonical source" to recite, so they're excluded to keep noise down.
+const APPLIES_TO_PROFILES = new Set([
+    "code",
+    "security",
+    "pentest",
+    "ops",
+    "engineer",
+    "architect",
+    "data",
+    "legal",
+    "research",
+    "academic",
+    "science",
+    "policy",
+    "medical",
+    // education profile (slug `tutor`): read the source before teaching it.
+    "tutor",
+    // strategy/design domains: a recommendation or design choice that recites a
+    // market "fact" / canonical pattern from memory should reference its source.
+    "design",
+    "business",
+    "product",
+]);
+const MIN_LENGTH_TO_GATE = 160;
+// CANONICAL-RECALL language: a confident assertion about a specific named
+// system/spec/standard's exact contents — the kind of thing you'd want to
+// open the source to confirm rather than recite.
+const CLAIM_PATTERNS = [
+    // "the RFC/spec/standard says/states/requires/defines ..."
+    /\b(?:the\s+)?(?:RFC\s*\d*|spec(?:ification)?|standard|protocol|the\s+docs?|documentation|the\s+manual|man\s+page|the\s+API\s+docs?)\b[^.\n]{0,40}\b(?:says?|states?|requires?|defines?|specifies?|mandates?|describes?|documents?)\b/i,
+    // "section/§ 4.2 of the standard ..." — a precise section reference asserted from memory
+    /\b(?:section|§|clause|article|chapter)\s*\d[\d.]*\b[^.\n]{0,30}\b(?:of\s+the|requires?|states?|says?|covers?|defines?)\b/i,
+    // "the default (value|setting|port|timeout) is X" — an exact canonical default
+    /\bthe\s+default\s+(?:value|setting|port|timeout|behavior|config(?:uration)?|option)\b[^.\n]{0,20}\bis\b/i,
+    // "the flag/env var/config key/parameter is named X" — exact identifier recall
+    /\b(?:the\s+)?(?:flag|env(?:ironment)?\s+var(?:iable)?|config(?:uration)?\s+(?:key|option|value)|parameter|argument|option|field|header|method|endpoint)\b[^.\n]{0,20}\b(?:is\s+(?:named|called)|is\s+`|defaults?\s+to|must\s+be|should\s+be|takes?)\b/i,
+    // "the function/signature/return type is ..." — exact API shape from memory
+    /\b(?:the\s+)?(?:function\s+signature|method\s+signature|return\s+type|the\s+signature|the\s+interface|the\s+schema|the\s+type)\b[^.\n]{0,20}\bis\b/i,
+    // "per the OWASP/ISO/IEEE/NIST/POSIX ... " naming a standards body's exact requirement
+    /\b(?:per|according\s+to|under)\s+(?:the\s+)?(?:OWASP|ISO|IEC|IEEE|NIST|POSIX|W3C|ECMA|ANSI|the\s+RFC)\b[^.\n]{0,40}\b(?:requires?|says?|states?|defines?|mandates?|category)\b/i,
+];
+// Source-consulted evidence — any sign the model actually opened the source
+// this turn rather than reciting it.
+const SOURCE_CONSULTED = [
+    /```[\s\S]*?```/, // a fenced quote FROM the source
+    /\bhttps?:\/\/\S+/, // a link to the source
+    /\[[^\]]+\]\(\S+\)/, // a markdown link
+    /\b(?:I\s+(?:read|checked|opened|grepped|searched|verified|confirmed)|reading|let\s+me\s+(?:read|check|grep|open))\b[^.\n]{0,40}\b(?:the\s+)?(?:file|source|spec|docs?|RFC|standard|code|config|man\s+page|repo)\b/i,
+    /\b(?:from|in|per)\s+(?:the\s+)?(?:file|source|repo|line\s+\d+|`[^`]+`)\b/i, // "from the file …" / "in `x.ts` line 12"
+    /\b[\w./-]+\.(?:ts|tsx|js|jsx|py|go|rs|java|c|cpp|h|json|ya?ml|toml|md|txt|conf|cfg|ini|sh)\b/i, // a concrete filename referenced
+    /\b(?:line|L)\s*\d+\b/i, // a line-number reference (read evidence)
+];
+function anyMatch(patterns, text) {
+    return patterns.some((re) => re.test(text));
+}
+export const sourceGateKernel = {
+    slug: "source_gate",
+    describe: "Canonical recall: an assertion about a specific system/spec/standard's exact contents should reference reading the source — warns when it recites from memory",
+    async run(ctx) {
+        if (!APPLIES_TO_PROFILES.has(ctx.profile))
+            return [];
+        const text = ctx.assistantText;
+        if (text.length < MIN_LENGTH_TO_GATE)
+            return [];
+        // Is there a canonical-recall assertion at all?
+        const claimMatch = CLAIM_PATTERNS.map((re) => re.exec(text)).find(Boolean);
+        if (!claimMatch)
+            return [];
+        // If the model READ a file this turn (Read/Edit on a real file), the
+        // source was consulted by definition — don't warn.
+        if (ctx.touchedFiles && ctx.touchedFiles.length > 0)
+            return [];
+        // Did the text itself show the source was consulted (quote / link /
+        // filename / "I read the file")?
+        if (anyMatch(SOURCE_CONSULTED, text))
+            return [];
+        return [
+            {
+                severity: "warn",
+                kernel: "source_gate",
+                message: `Canonical claim ("${claimMatch[0].slice(0, 60).trim()}…") was asserted with no sign the source was read. ` +
+                    `Don't recite specs/standards/signatures/defaults from memory — they drift and version-skew. ` +
+                    `Read the actual file/spec/docs and quote or cite it, or flag the claim as from-memory and unverified.`,
+            },
+        ];
+    },
+};
+//# sourceMappingURL=source_gate.js.map

package/dist/verifiers/source_gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"source_gate.js","sourceRoot":"","sources":["../../src/verifiers/source_gate.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,6DAA6D;AAC7D,EAAE;AACF,6EAA6E;AAC7E,0EAA0E;AAC1E,2EAA2E;AAC3E,uEAAuE;AACvE,2EAA2E;AAC3E,2EAA2E;AAC3E,+BAA+B;AAC/B,EAAE;AACF,2EAA2E;AAC3E,4EAA4E;AAC5E,0EAA0E;AAC1E,0EAA0E;AAC1E,2EAA2E;AAC3E,QAAQ;AACR,EAAE;AACF,gBAAgB;AAChB,4EAA4E;AAC5E,2EAA2E;AAC3E,+EAA+E;AAC/E,4EAA4E;AAC5E,qCAAqC;AACrC,gFAAgF;AAChF,8EAA8E;AAC9E,6EAA6E;AAC7E,6CAA6C;AAC7C,+EAA+E;AAC/E,gFAAgF;AAChF,EAAE;AACF,6EAA6E;AAC7E,yEAAyE;AACzE,uEAAuE;AACvE,uEAAuE;AAIvE,4EAA4E;AAC5E,8EAA8E;AAC9E,+EAA+E;AAC/E,wEAAwE;AACxE,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,MAAM;IACN,UAAU;IACV,SAAS;IACT,KAAK;IACL,UAAU;IACV,WAAW;IACX,MAAM;IACN,OAAO;IACP,UAAU;IACV,UAAU;IACV,SAAS;IACT,QAAQ;IACR,SAAS;IACT,wEAAwE;IACxE,OAAO;IACP,4EAA4E;IAC5E,6EAA6E;IAC7E,QAAQ;IACR,UAAU;IACV,SAAS;CACV,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAE/B,0EAA0E;AAC1E,0EAA0E;AAC1E,iDAAiD;AACjD,MAAM,cAAc,GAAa;IAC/B,2DAA2D;IAC3D,uOAAuO;IACvO,yFAAyF;IACzF,2HAA2H;IAC3H,+EAA+E;IAC/E,0GAA0G;IAC1G,+EAA+E;IAC/E,wPAAwP;IACxP,4EAA4E;IAC5E,qJAAqJ;IACrJ,uFAAuF;IACvF,iLAAiL;CAClL,CAAC;AAEF,4EAA4E;AAC5E,qCAAqC;AACrC,MAAM,gBAAgB,GAAa;IACjC,gBAAgB,EAA+C,iCAAiC;IAChG,kBAAkB,EAA6C,uBAAuB;IACtF,mBAAmB,EAA4C,kBAAkB;IACjF,oNAAoN;IACpN,2EAA2E,EAAE,0CAA0C;IACvH,+FAA+F,EAAE,iCAAiC;IAClI,uBAAuB,EAAwC,0CAA0C;CAC1G,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAkB,EAAE,IAAY;IAChD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAa;IACxC,IAAI,EAAE,aAAa;IACnB,QAAQ,EACN,+JAA+J;IACjK,KAAK,CAAC,GAAG,CAAC,GAAoB;QAC5B,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,GAAG,kBAAkB;YAAE,OAAO,EAAE,CAAC;QAEhD,gDAAgD;QAChD,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,CAAC;QAE3B,qEAAqE;QACrE,mDAAmD;QACnD,IAAI,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QAE/D,oEAAoE;QACpE,iCAAiC;QACjC,IAAI,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QAEhD,OAAO;YACL;gBACE,QAAQ,EAAE,MAAM;gBAChB,MAAM,EAAE,aAAa;gBACrB,OAAO,EACL,qBAAqB,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,qDAAqD;oBAC3G,8FAA8F;oBAC9F,uGAAuG;aAC1G;SACF,CAAC;IACJ,CAAC;CACF,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vextlabs/theron-cli",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "Theron CLI — an agentic coding assistant that verifies its own output. Runs an agentic tool loop in your terminal, then runs post-turn checks (types, tests, lint, arithmetic, citations) over the files it touched; blocking failures feed the next turn so it self-corrects. Across a 33-profile domain council. From Vext Labs.",
   "author": "Vext Labs Inc.",
   "license": "Apache-2.0",
@@ -29,7 +29,7 @@
     "build": "tsc -p .",
     "dev": "tsc -p . --watch",
     "start": "node ./bin/theron.js",
-    "test": "npm run build && node test/sweep.mjs",
+    "test": "npm run build && node test/sweep.mjs && node test/pentest.unit.test.mjs && node test/verifiers.unit.test.mjs",
     "test:integration": "npm run build && THERON_RUN_INTEGRATION=1 node test/integration.mjs",
     "prepublishOnly": "npm run build",
     "release": "npm version patch && npm publish",