@vibecheckai/cli 3.9.1 → 4.0.1

package/mcp-server/truth-firewall-tools.js

@@ -1,2183 +0,0 @@
-/**
- * Truth Firewall MCP Tools (Enhanced)
- *
- * Goals:
- * - Evidence-first outputs (file/line/snippet + stable hash)
- * - Policy-aware enforcement (strict/balanced/permissive)
- * - Project fingerprint invalidates stale claims
- * - Safe filesystem access (no path traversal)
- * - Patch verification with allowlist + timeouts
- * - Faster evidence search (optional ripgrep)
- */
-
-import fs from "fs/promises";
-import fssync from "fs";
-import path from "path";
-import crypto from "crypto";
-import { execSync, spawnSync } from "child_process";
-import { createRequire } from "module";
-
-// Route Truth v1 integration - AST-based route extraction (Fastify + Next.js)
-const require = createRequire(import.meta.url);
-const { RouteIndex, validateRouteExists: routeTruthValidate, canonicalizePath: routeTruthCanonicalize } = require("../bin/runners/lib/route-truth.js");
-
-// =============================================================================
-// TYPES (JSDoc for IDE support)
-// =============================================================================
-
-/**
- * @typedef {"strict" | "balanced" | "permissive"} PolicyName
- * @typedef {"true" | "false" | "unknown"} ClaimResultValue
- * @typedef {"high" | "medium" | "med" | "low" | number} ConfidenceLabel
- * 
- * @typedef {Object} EvidenceItem
- * @property {string} file
- * @property {number} [line] - start line
- * @property {string} [lines] - "12-18"
- * @property {string} [snippet]
- * @property {string} [hash]
- * @property {number} [confidence]
- * 
- * @typedef {Object} NormalizedEvidence
- * @property {string} file
- * @property {number} line
- * @property {string} [lines]
- * @property {string} snippet
- * @property {string} hash
- * @property {number} confidence
- * 
- * @typedef {Object} EnforcementDecisionAllowed
- * @property {true} allowed
- * @property {number} confidence
- * @property {string} [reason]
- * 
- * @typedef {Object} EnforcementDecisionBlocked
- * @property {false} allowed
- * @property {number} [confidence]
- * @property {string} reason
- * @property {string} [suggestion]
- * @property {string[]} [blockedActions]
- * 
- * @typedef {EnforcementDecisionAllowed | EnforcementDecisionBlocked} EnforcementDecision
- * 
- * @typedef {Object} ProjectFingerprint
- * @property {string} hash
- * @property {string} commitHash
- * @property {string[]} fileHashes
- * @property {string} generatedAt
- * 
- * @typedef {Object} ToolResponseMeta
- * @property {true} ok
- * @property {string} version
- * @property {ProjectFingerprint} projectFingerprint
- * @property {string} attribution
- * @property {string} generatedAt
- */
-
-// =============================================================================
-// TOOL DEFINITIONS
-// =============================================================================
-
-export const TRUTH_FIREWALL_TOOLS = [
-  {
-    name: "vibecheck.get_truthpack",
-    description: `📦 Get the Truth Pack — verified ground truth about this codebase.
-
-Returns evidence-backed facts about routes, auth, billing, env vars, and schema.
-Every claim should point to files/lines with confidence scores.
-
-Use this BEFORE making assertions about the repo.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        scope: {
-          type: "string",
-          enum: ["all", "routes", "auth", "billing", "env", "schema", "graph"],
-          default: "all",
-        },
-        refresh: { type: "boolean", default: false },
-      },
-    },
-  },
-
-  {
-    name: "vibecheck.validate_claim",
-    description: `🔍 TRUTH FIREWALL — Validate a claim before acting on it.
-
-Returns: true | false | unknown + enforcement decision
-Policy matters:
-- strict/balanced: unknown blocks dependent actions
-- permissive: unknown allowed (but flagged)
-
-Examples:
-  { "claim": "route_exists", "subject": { "method": "POST", "path": "/api/login" } }
-  { "claim": "env_var_exists", "subject": { "name": "STRIPE_SECRET_KEY" } }`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        claim: {
-          type: "string",
-          enum: [
-            "route_exists",
-            "route_guarded",
-            "env_var_exists",
-            "env_var_used",
-            "middleware_applied",
-            "auth_enforced",
-            "billing_gate_exists",
-            "file_exists",
-            "function_exists",
-            "model_exists",
-            "component_exists",
-          ],
-        },
-        subject: {
-          type: "object",
-          properties: {
-            method: { type: "string" },
-            path: { type: "string" },
-            name: { type: "string" },
-          },
-        },
-        expected: { type: "boolean", default: true },
-        policy: {
-          type: "string",
-          enum: ["strict", "balanced", "permissive"],
-          default: "strict",
-        },
-        refresh: {
-          type: "boolean",
-          default: false,
-          description: "Force refresh of underlying truthpack/contracts before verifying",
-        },
-      },
-      required: ["claim", "subject"],
-    },
-  },
-
-  {
-    name: "vibecheck.compile_context",
-    description: `🎯 Get minimal sufficient context for a task (not a token bomb).
-
-Returns relevant nodes, edges, evidence, and invariants.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        task: { type: "string" },
-        files: { type: "array", items: { type: "string" } },
-        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "balanced" },
-        maxItems: { type: "number", default: 50 },
-      },
-      required: ["task"],
-    },
-  },
-
-  {
-    name: "vibecheck.search_evidence",
-    description: `📎 Search for evidence in the codebase.
-
-Supports text mode or regex mode. Returns file/line/snippet + hashes.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        query: { type: "string" },
-        mode: { type: "string", enum: ["text", "regex"], default: "text" },
-        type: { type: "string", enum: ["route", "handler", "middleware", "component", "env_var", "model", "any"], default: "any" },
-        limit: { type: "number", default: 10 },
-        caseSensitive: { type: "boolean", default: false },
-        includeTests: { type: "boolean", default: false },
-      },
-      required: ["query"],
-    },
-  },
-
-  {
-    name: "vibecheck.find_counterexamples",
-    description: `🔴 FALSIFICATION — find counterexamples that disprove a claim.
-
-Use for auth, billing, security.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        claim: { type: "string", enum: ["auth_enforced", "billing_gate_exists", "route_guarded", "no_bypass"] },
-        subject: {
-          type: "object",
-          properties: { path: { type: "string" }, name: { type: "string" } },
-        },
-        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "strict" },
-      },
-      required: ["claim", "subject"],
-    },
-  },
-
-  {
-    name: "vibecheck.propose_patch",
-    description: `📝 Propose a proof-carrying patch.
-
-Patches must attach:
-- findings fixed
-- claim dependencies (validated)
-- verification commands
-
-Patches without proof are NOT eligible for auto-apply.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        diff: { type: "string" },
-        fixes: { type: "array", items: { type: "string" } },
-        claims: { type: "array", items: { type: "string" } },
-        verification: { type: "array", items: { type: "string" } },
-        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "strict" },
-        save: { type: "boolean", default: true },
-      },
-      required: ["diff", "fixes"],
-    },
-  },
-
-  {
-    name: "vibecheck.verify_patch",
-    description: `✅ Verify a patch meets requirements.
-
-Runs verification commands with allowlist + timeouts.
-Returns pass/fail and command output (truncated).`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        patchId: { type: "string", description: "Patch ID from propose_patch (optional)" },
-        diff: { type: "string", description: "If no patchId, provide diff text (not auto-applied)" },
-        commands: { type: "array", items: { type: "string" }, description: "Commands to run" },
-        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "strict" },
-        timeoutMs: { type: "number", default: 120000 },
-      },
-      required: ["commands"],
-    },
-  },
-
-  {
-    name: "vibecheck.check_invariants",
-    description: `⚖️ Check invariants (ship-killer rules).
-
-Examples:
-- No paid feature without server enforcement
-- No success UI without confirmed success
-- No silent catch in auth/billing`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        category: { type: "string", enum: ["all", "auth", "billing", "security", "ux", "api"], default: "all" },
-        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "strict" },
-      },
-    },
-  },
-
-  {
-    name: "vibecheck.add_assumption",
-    description: `⚠️ Log an assumption (budget enforced).`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        description: { type: "string" },
-        reason: { type: "string" },
-        verificationSteps: { type: "array", items: { type: "string" } },
-      },
-      required: ["description", "verificationSteps"],
-    },
-  },
-
-  {
-    name: "vibecheck.validate_plan",
-    description: `🛡️ Validate an AI plan against contracts (routes/env/auth/external).
-
-If validation fails: do NOT proceed.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        plan: { type: "string" },
-        strict: { type: "boolean", default: false },
-      },
-      required: ["plan"],
-    },
-  },
-
-  {
-    name: "vibecheck.check_drift",
-    description: `📊 Detect contract drift (routes/env/auth/external).`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        category: { type: "string", enum: ["all", "routes", "env", "auth", "external"], default: "all" },
-      },
-    },
-  },
-
-  {
-    name: "vibecheck.get_contracts",
-    description: `📜 Get contracts from .vibecheck/contracts/`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        type: { type: "string", enum: ["all", "routes", "env", "auth", "external"], default: "all" },
-      },
-    },
-  },
-];
-
-// =============================================================================
-// TOOL HANDLER
-// =============================================================================
-
-export async function handleTruthFirewallTool(toolName, args, projectPath = process.cwd()) {
-  switch (toolName) {
-    case "vibecheck.get_truthpack":
-      return wrapMcpResponse(await getTruthPack(projectPath, args), projectPath);
-
-    case "vibecheck.validate_claim":
-      return wrapMcpResponse(await validateClaim(projectPath, args), projectPath);
-
-    case "vibecheck.compile_context":
-      return wrapMcpResponse(await compileContext(projectPath, args), projectPath);
-
-    case "vibecheck.search_evidence":
-      return wrapMcpResponse(await searchEvidence(projectPath, args), projectPath);
-
-    case "vibecheck.find_counterexamples":
-      return wrapMcpResponse(await findCounterexamples(projectPath, args), projectPath);
-
-    case "vibecheck.propose_patch":
-      return wrapMcpResponse(await proposePatch(projectPath, args), projectPath);
-
-    case "vibecheck.verify_patch":
-      return wrapMcpResponse(await verifyPatch(projectPath, args), projectPath);
-
-    case "vibecheck.check_invariants":
-      return wrapMcpResponse(await checkInvariants(projectPath, args), projectPath);
-
-    case "vibecheck.add_assumption":
-      return wrapMcpResponse(await addAssumption(projectPath, args), projectPath);
-
-    case "vibecheck.validate_plan":
-      return wrapMcpResponse(await getPlanValidationResult(projectPath, args), projectPath);
-
-    case "vibecheck.check_drift":
-      return wrapMcpResponse(await checkDriftTool(projectPath, args), projectPath);
-
-    case "vibecheck.get_contracts":
-      return wrapMcpResponse(await getContractsTool(projectPath, args), projectPath);
-
-    default:
-      return wrapMcpResponse({ error: `Unknown tool: ${toolName}` }, projectPath);
-  }
-}
-
-// =============================================================================
-// STATE (Per-project aware)
-// =============================================================================
-
-/**
- * @typedef {Object} CachedClaim
- * @property {string} projectHash
- * @property {number} timestamp
- * @property {*} result
- */
-
-const state = {
-  truthPackByProject: new Map(),
-  assumptionsByProject: new Map(),
-  verifiedClaims: new Map(),
-  lastValidationByProject: new Map(),
-  routeIndexByProject: new Map(), // Route Truth v1 index cache
-  maxAssumptions: 2,
-};
-
-const MAX_EVIDENCE_SNIPPET = 240;
-const MAX_CMD_OUTPUT = 12_000;
-
-// =============================================================================
-// POLICY CONFIG
-// =============================================================================
-
-const POLICY_CONFIG = {
-  strict: {
-    minConfidence: 0.8,
-    allowUnknown: false,
-    requireValidation: true,
-    blockOnDrift: true,
-    validationTTL: 5 * 60 * 1000,
-  },
-  balanced: {
-    minConfidence: 0.6,
-    allowUnknown: false,
-    requireValidation: true,
-    blockOnDrift: false,
-    validationTTL: 10 * 60 * 1000,
-  },
-  permissive: {
-    minConfidence: 0.4,
-    allowUnknown: true,
-    requireValidation: false,
-    blockOnDrift: false,
-    validationTTL: 30 * 60 * 1000,
-  },
-};
-
-export function getPolicyConfig(policy = "strict") {
-  return POLICY_CONFIG[policy] || POLICY_CONFIG.strict;
-}
-
-function confidenceToScore(confidence) {
-  if (typeof confidence === "number") return confidence;
-  switch (confidence) {
-    case "high": return 0.9;
-    case "medium":
-    case "med": return 0.7;
-    case "low": return 0.5;
-    default: return 0.6;
-  }
-}
-
-// =============================================================================
-// SAFETY: PROJECT-ROOT SANDBOX
-// =============================================================================
-
-function safeProjectJoin(projectPath, rel) {
-  const root = path.resolve(projectPath);
-  const abs = path.resolve(root, rel);
-  if (!abs.startsWith(root + path.sep) && abs !== root) {
-    throw new Error(`Refusing to access path outside project root: ${rel}`);
-  }
-  return abs;
-}
-
-async function safeReadFile(projectPath, rel) {
-  const abs = safeProjectJoin(projectPath, rel);
-  return await fs.readFile(abs, "utf8");
-}
-
-// =============================================================================
-// EVIDENCE NORMALIZATION
-// =============================================================================
-
-function sha16(s) {
-  return crypto.createHash("sha256").update(s).digest("hex").slice(0, 16);
-}
-
-function parseLineRange(lines) {
-  if (typeof lines === "number") return { start: Math.max(1, lines), end: Math.max(1, lines) };
-  if (!lines) return { start: 1, end: 1 };
-  const s = String(lines).trim();
-  const m = s.match(/^(\d+)(?:\s*-\s*(\d+))?$/);
-  if (!m) return { start: 1, end: 1 };
-  const a = Number(m[1]);
-  const b = m[2] ? Number(m[2]) : a;
-  return { start: Math.max(1, a), end: Math.max(1, b) };
-}
-
-async function readSnippet(projectPath, file, lines) {
-  if (!file) return "";
-  try {
-    const content = await safeReadFile(projectPath, file);
-    const arr = content.split(/\r?\n/);
-    const { start, end } = parseLineRange(lines);
-    const s = Math.max(1, Math.min(arr.length, start));
-    const e = Math.max(s, Math.min(arr.length, end));
-    const snippet = arr.slice(s - 1, e).join("\n");
-    return snippet.slice(0, MAX_EVIDENCE_SNIPPET);
-  } catch {
-    return "";
-  }
-}
-
-async function normalizeEvidence(projectPath, evidence, fallback, confidence) {
-  const raw = Array.isArray(evidence) ? evidence : evidence ? [evidence] : [];
-  const out = [];
-
-  for (const item of raw) {
-    const file = item?.file || fallback?.file || "";
-    const rangeStr = item?.lines ?? item?.line ?? fallback?.line ?? 1;
-    const { start, end } = parseLineRange(rangeStr);
-    const snippet = (item?.snippet || (await readSnippet(projectPath, file, `${start}-${end}`)) || "").slice(0, MAX_EVIDENCE_SNIPPET);
-    const hash = item?.hash || sha16(`${file}:${start}:${snippet}`);
-
-    out.push({
-      file,
-      line: start,
-      lines: end !== start ? `${start}-${end}` : `${start}`,
-      snippet,
-      hash,
-      confidence: item?.confidence ?? confidenceToScore(confidence),
-    });
-  }
-
-  if (out.length === 0 && fallback?.file) {
-    const file = fallback.file;
-    const line = fallback.line || 1;
-    const snippet = await readSnippet(projectPath, file, line);
-    out.push({
-      file,
-      line,
-      lines: `${line}`,
-      snippet,
-      hash: sha16(`${file}:${line}:${snippet}`),
-      confidence: confidenceToScore(confidence),
-    });
-  }
-
-  return out;
-}
-
-// =============================================================================
-// POLICY ENFORCEMENT (FIXED)
-// =============================================================================
-
-/**
- * Correct confidence derivation (your original had precedence issues).
- */
-export function enforceClaimResult(result, policy = "strict") {
-  const config = getPolicyConfig(policy);
-
-  const derived =
-    result?.confidence !== undefined
-      ? confidenceToScore(result.confidence)
-      : (result?.result === "true" ? 0.9 : result?.result === "false" ? 0.9 : 0.3);
-
-  if (result.result === "unknown" && !config.allowUnknown) {
-    return {
-      allowed: false,
-      confidence: derived,
-      reason: `Unknown claims are not allowed in ${policy} mode`,
-      suggestion: "Use search_evidence / get_truthpack / refresh=true to gather proof.",
-      blockedActions: ["fix", "autopilot_apply", "propose_patch"],
-    };
-  }
-
-  if (derived < config.minConfidence) {
-    return {
-      allowed: false,
-      confidence: derived,
-      reason: `Confidence ${(derived * 100).toFixed(0)}% below ${policy} threshold ${(config.minConfidence * 100).toFixed(0)}%`,
-      suggestion: "Find more evidence or lower strictness (permissive policy).",
-    };
-  }
-
-  if (result.result === "false") {
-    return {
-      allowed: false,
-      confidence: derived,
-      reason: "Claim is disproven. Do not proceed with dependent actions.",
-    };
-  }
-
-  return { allowed: true, confidence: derived };
-}
-
-// =============================================================================
-// CLAIM VALIDATION WITH RACE CONDITION PROTECTION
-// 
-// SECURITY FIX: Previous implementation had a TOCTOU race condition:
-// 1. Thread A: hasRecentClaimValidation() returns true
-// 2. Thread B: invalidates the claim (file change, etc.)
-// 3. Thread A: proceeds with stale claim → invalid state
-// 
-// New implementation uses atomic check-and-consume pattern with per-project locks.
-// =============================================================================
-
-/**
- * Per-project validation locks to prevent concurrent operations
- * from using the same validation state.
- */
-const validationLocks = new Map(); // Map<projectPath, { locked: boolean, queue: Promise }>
-
-/**
- * Acquire a validation lock for a project (serializes validation checks).
- */
-function acquireValidationLock(projectPath) {
-  let lockState = validationLocks.get(projectPath);
-  if (!lockState) {
-    lockState = { locked: false, queue: Promise.resolve() };
-    validationLocks.set(projectPath, lockState);
-  }
-  
-  const acquirePromise = lockState.queue.then(() => {
-    lockState.locked = true;
-    return () => {
-      lockState.locked = false;
-    };
-  });
-  
-  lockState.queue = acquirePromise.catch(() => {});
-  return acquirePromise;
-}
-
-/**
- * Check claim validation freshness (basic check, no lock).
- * Use checkAndConsumeClaimValidation for atomic operations.
- */
-export function hasRecentClaimValidation(projectPath, policy = "strict") {
-  const last = state.lastValidationByProject.get(projectPath);
-  if (typeof last !== "number") return false;
-  const ttl = getPolicyConfig(policy).validationTTL;
-  return Date.now() - last <= ttl;
-}
-
-/**
- * Atomic check-and-consume claim validation.
- * 
- * SECURITY: Use this for operations that depend on claim validation.
- * It ensures no other operation can use the same validation state concurrently.
- * 
- * @param {string} projectPath - Project path
- * @param {string} policy - Policy name (strict/balanced/permissive)
- * @param {string} operationId - Unique ID for this operation (for audit)
- * @returns {Promise<{ valid: boolean, consumedAt?: number, reason?: string }>}
- */
-export async function checkAndConsumeClaimValidation(projectPath, policy = "strict", operationId = null) {
-  const release = await acquireValidationLock(projectPath);
-  
-  try {
-    const last = state.lastValidationByProject.get(projectPath);
-    const now = Date.now();
-    
-    if (typeof last !== "number") {
-      return { 
-        valid: false, 
-        reason: "No claim validation found for this project" 
-      };
-    }
-    
-    const ttl = getPolicyConfig(policy).validationTTL;
-    const age = now - last;
-    
-    if (age > ttl) {
-      return { 
-        valid: false, 
-        reason: `Claim validation expired (age: ${Math.round(age / 1000)}s, TTL: ${Math.round(ttl / 1000)}s)` 
-      };
-    }
-    
-    // Mark this validation as consumed by updating the timestamp
-    // This prevents replay/reuse of the same validation
-    state.lastValidationByProject.set(projectPath, now);
-    
-    return { 
-      valid: true, 
-      consumedAt: now,
-      operationId,
-    };
-    
-  } finally {
-    release();
-  }
-}
-
-// =============================================================================
-// FINGERPRINT + WRAPPER
-// =============================================================================
-
-function getCommitHash(projectPath) {
-  try {
-    return execSync("git rev-parse HEAD", { cwd: projectPath, encoding: "utf8" }).trim();
-  } catch {
-    return "unknown";
-  }
-}
-
-export function getProjectFingerprint(projectPath) {
-  const commitHash = getCommitHash(projectPath);
-  const keyFiles = [
-    "package.json",
-    "pnpm-lock.yaml",
-    "package-lock.json",
-    "yarn.lock",
-    "prisma/schema.prisma",
-    "next.config.js",
-    "next.config.ts",
-    ".vibecheck/contracts/routes.json",
-    ".vibecheck/contracts/env.json",
-    ".vibecheck/contracts/auth.json",
-    ".vibecheck/contracts/external.json",
-  ];
-
-  const fileHashes = [];
-  for (const rel of keyFiles) {
-    try {
-      const abs = safeProjectJoin(projectPath, rel);
-      if (!fssync.existsSync(abs)) continue;
-      const content = fssync.readFileSync(abs, "utf8");
-      fileHashes.push(`${rel}:${sha16(content)}`);
-    } catch { /* ignore */ }
-  }
-
-  const material = [commitHash, ...fileHashes].join("|");
-  return {
-    hash: sha16(material),
-    commitHash,
-    fileHashes,
-    generatedAt: new Date().toISOString(),
-  };
-}
-
-const CONTEXT_ATTRIBUTION = "🧠 Context enhanced by vibecheck";
-
-export function getContextAttribution() {
-  return CONTEXT_ATTRIBUTION;
-}
-
-export function wrapMcpResponse(data, projectPath) {
-  return {
-    ok: true,
-    version: "2.1.0",
-    projectFingerprint: getProjectFingerprint(projectPath),
-    attribution: CONTEXT_ATTRIBUTION,
-    generatedAt: new Date().toISOString(),
-    data,
-  };
-}
-
-// =============================================================================
-// IMPLEMENTATION: TRUTHPACK
-// =============================================================================
-
-async function getTruthPack(projectPath, args) {
-  const scope = args?.scope || "all";
-  const refresh = Boolean(args?.refresh);
-
-  if (refresh) {
-    // Also clear route index on refresh
-    state.routeIndexByProject.delete(projectPath);
-  }
-
-  if (!refresh && state.truthPackByProject.has(projectPath)) {
-    return filterTruthPack(state.truthPackByProject.get(projectPath), scope);
-  }
-
-  const truthPack = {
-    version: "2.0.0", // v2 with Route Truth v1 integration
-    generatedAt: new Date().toISOString(),
-    projectPath,
-    commitHash: getCommitHash(projectPath),
-    sections: {},
-    confidence: 0,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-
-  if (scope === "all" || scope === "routes") truthPack.sections.routes = await extractRoutes(projectPath, refresh);
-  if (scope === "all" || scope === "auth") truthPack.sections.auth = await extractAuth(projectPath);
-  if (scope === "all" || scope === "billing") truthPack.sections.billing = await extractBilling(projectPath);
-  if (scope === "all" || scope === "env") truthPack.sections.env = await extractEnv(projectPath);
-  if (scope === "all" || scope === "schema") truthPack.sections.schema = await extractSchema(projectPath);
-  if (scope === "all" || scope === "graph") truthPack.sections.graph = await extractGraph(projectPath);
-
-  const sections = Object.values(truthPack.sections);
-  truthPack.confidence = sections.length
-    ? sections.reduce((sum, s) => sum + (s?.confidence || 0), 0) / sections.length
-    : 0.4;
-
-  state.truthPackByProject.set(projectPath, truthPack);
-  return truthPack;
-}
-
-function filterTruthPack(pack, scope) {
-  if (scope === "all") return pack;
-  return { ...pack, sections: { [scope]: pack.sections?.[scope] } };
-}
-
-// =============================================================================
-// IMPLEMENTATION: validate_claim (policy-aware + fingerprint cache)
-// =============================================================================
-
-async function validateClaim(projectPath, args) {
-  const { claim, subject, expected = true, policy = "strict", refresh = false } = args || {};
-  const pol = policy || "strict";
-
-  if (refresh) {
-    // force refresh truthpack + route index for this project
-    state.truthPackByProject.delete(projectPath);
-    state.routeIndexByProject.delete(projectPath);
-  }
-
-  const fingerprint = getProjectFingerprint(projectPath);
-  const claimKey = { claim, subject, expected };
-  const claimId = `claim_${sha16(JSON.stringify(claimKey))}`;
-
-  // policy TTL cache + fingerprint invalidation
-  const cached = state.verifiedClaims.get(claimId);
-  if (cached && cached.projectHash === fingerprint.hash) {
-    const ttl = getPolicyConfig(pol).validationTTL;
-    if (Date.now() - cached.timestamp <= ttl) {
-      return { claimId, ...cached.result, cached: true };
-    }
-  }
-
-  let result = { result: "unknown", confidence: "low", evidence: [], nextSteps: [] };
-
-  try {
-    switch (claim) {
-      case "route_exists":
-        result = await verifyRouteExists(projectPath, subject, refresh);
-        break;
-
-      case "file_exists":
-        result = await verifyFileExists(projectPath, subject);
-        break;
-
-      case "env_var_exists":
-      case "env_var_used":
-        result = await verifyEnvVar(projectPath, subject, claim);
-        break;
-
-      case "auth_enforced":
-      case "route_guarded":
-        result = await verifyRouteGuarded(projectPath, subject);
-        break;
-
-      case "function_exists":
-      case "component_exists":
-      case "model_exists":
-        result = await verifyEntityExists(projectPath, subject, claim);
-        break;
-
-      default:
-        result = {
-          result: "unknown",
-          confidence: "low",
-          evidence: [],
-          nextSteps: [`Claim type "${claim}" not implemented. Use search_evidence.`],
-        };
-        break;
-    }
-  } catch (error) {
-    result = {
-      result: "unknown",
-      confidence: "low",
-      evidence: [],
-      nextSteps: [`Verification error: ${error?.message || String(error)}`],
-    };
-  }
-
-  // normalize evidence consistently
-  const normalized = await normalizeEvidence(
-    projectPath,
-    result.evidence,
-    { file: subject?.path || subject?.name, line: 1 },
-    result.confidence
-  );
-
-  // enforcement (policy-driven)
-  const enforcement = enforceClaimResult({ result: result.result, confidence: result.confidence }, pol);
-
-  // guidance
-  const nextSteps = Array.isArray(result.nextSteps) ? result.nextSteps : [];
-  if (result.result === "unknown") {
-    nextSteps.push("call vibecheck.search_evidence for proof", "call vibecheck.get_truthpack refresh=true");
-  }
-  if (result.result === "false" && expected === true) {
-    nextSteps.push("Claim expected true but evaluated false: check path/method/name canonicalization.");
-  }
-
-  const finalResult = {
-    claimId,
-    claim,
-    subject,
-    expected,
-    result: result.result,
-    confidence: result.confidence,
-    evidence: normalized,
-    enforcement,
-    nextSteps,
-    timestamp: new Date().toISOString(),
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-
-  state.verifiedClaims.set(claimId, { projectHash: fingerprint.hash, timestamp: Date.now(), result: finalResult });
-  state.lastValidationByProject.set(projectPath, Date.now());
-
-  return finalResult;
-}
-
-// =============================================================================
-// IMPLEMENTATION: compile_context
-// =============================================================================
-
-async function compileContext(projectPath, args) {
-  const { task, files = [], policy = "balanced", maxItems = 50 } = args || {};
-  const pol = policy || "balanced";
-
-  const domains = detectDomains(task);
-  const keywords = extractKeywords(task);
-  const truthPack = await getTruthPack(projectPath, { scope: "all", refresh: false });
-
-  const routesAll = truthPack.sections?.routes?.routes || [];
-  const relevantRoutes = routesAll.filter((r) => {
-    const hay = `${r.path || ""} ${r.file || ""}`.toLowerCase();
-    return keywords.some((k) => hay.includes(k));
-  });
-
-  const context = {
-    routes: relevantRoutes.slice(0, Math.max(0, maxItems)),
-    auth: domains.includes("auth") ? truthPack.sections?.auth : null,
-    billing: domains.includes("billing") ? truthPack.sections?.billing : null,
-    env: domains.includes("env") ? truthPack.sections?.env : null,
-    focusFiles: Array.isArray(files) ? files : [],
-  };
-
-  const invariants = getInvariantsForDomains(domains);
-  const tokenCount = estimateTokens(context);
-
-  return {
-    task,
-    policy: pol,
-    domains,
-    context,
-    invariants,
-    tokenCount,
-    warnings: generateContextWarnings(domains, pol, relevantRoutes.length),
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-// =============================================================================
-// IMPLEMENTATION: search_evidence (rg accel + safe scan)
-// =============================================================================
-
-function escapeRegex(s) {
-  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
-}
-
-function isTestFilePath(rel) {
-  return /(^|\/)(__tests__|test|tests|spec)\//i.test(rel) || /\.(test|spec)\.(ts|tsx|js|jsx)$/i.test(rel);
-}
-
-async function searchEvidence(projectPath, args) {
-  const {
-    query,
-    mode = "text",
-    type = "any",
-    limit = 10,
-    caseSensitive = false,
-    includeTests = false,
-  } = args || {};
-
-  const q = String(query || "").trim();
-  if (!q) return { query: q, count: 0, results: [], _attribution: CONTEXT_ATTRIBUTION };
-
-  // Try ripgrep for speed (optional)
-  const rgResults = tryRipgrep(projectPath, q, { mode, caseSensitive, limit, includeTests });
-  if (rgResults) {
-    return { query: q, count: rgResults.length, results: rgResults, engine: "ripgrep", _attribution: CONTEXT_ATTRIBUTION };
-  }
-
-  const files = await findSourceFiles(projectPath, { includeTests });
-  const flags = caseSensitive ? "g" : "gi";
-  const re = new RegExp(mode === "regex" ? q : escapeRegex(q), flags);
-
-  const results = [];
-  for (const fileAbs of files) {
-    const relPath = path.relative(projectPath, fileAbs).replace(/\\/g, "/");
-    if (!includeTests && isTestFilePath(relPath)) continue;
-
-    try {
-      const content = await fs.readFile(fileAbs, "utf8");
-      const lines = content.split(/\r?\n/);
-
-      for (let i = 0; i < lines.length; i++) {
-        if (re.test(lines[i])) {
-          const snippet = lines.slice(Math.max(0, i - 2), Math.min(lines.length, i + 3)).join("\n").slice(0, 320);
-          results.push({
-            file: relPath,
-            line: i + 1,
-            lines: `${i + 1}`,
-            snippet,
-            hash: sha16(`${relPath}:${i + 1}:${lines[i]}`),
-            confidence: 0.6,
-          });
-          if (results.length >= limit) break;
-        }
-        re.lastIndex = 0;
-      }
-
-      if (results.length >= limit) break;
-    } catch { /* ignore */ }
-  }
-
-  return { query: q, count: results.length, results, engine: "scan", _attribution: CONTEXT_ATTRIBUTION };
-}
-
-function tryRipgrep(projectPath, query, opts) {
-  try {
-    const rgArgs = ["-n", "--hidden", "--no-heading", "--color", "never"];
-    rgArgs.push("--glob", "!**/node_modules/**");
-    rgArgs.push("--glob", "!**/.next/**");
-    rgArgs.push("--glob", "!**/dist/**");
-    rgArgs.push("--glob", "!**/build/**");
-    rgArgs.push("--glob", "!**/coverage/**");
-    if (!opts.includeTests) {
-      rgArgs.push("--glob", "!**/__tests__/**");
-      rgArgs.push("--glob", "!**/tests/**");
-      rgArgs.push("--glob", "!**/*.test.*");
-      rgArgs.push("--glob", "!**/*.spec.*");
-    }
-    if (!opts.caseSensitive) rgArgs.push("-i");
-    if (opts.mode === "text") rgArgs.push("-F"); // fixed string
-    rgArgs.push("--max-count", String(Math.max(1, opts.limit)));
-    rgArgs.push(query);
-    rgArgs.push(".");
-
-    const out = spawnSync("rg", rgArgs, { cwd: projectPath, encoding: "utf8" });
-    if (out.error || out.status !== 0) return null;
-
-    const lines = String(out.stdout || "").split(/\r?\n/).filter(Boolean);
-    const results = lines.slice(0, opts.limit).map((l) => {
-      // format: file:line:match
-      const m = l.match(/^(.+?):(\d+):(.*)$/);
-      if (!m) return null;
-      const file = m[1].replace(/\\/g, "/");
-      const lineNum = Number(m[2]);
-      const text = m[3] || "";
-      return {
-        file,
-        line: lineNum,
-        lines: `${lineNum}`,
-        snippet: text.slice(0, 320),
-        hash: sha16(`${file}:${lineNum}:${text}`),
-        confidence: 0.65,
-      };
-    }).filter(Boolean);
-
-    return results;
-  } catch {
-    return null;
-  }
-}
-
-// =============================================================================
-// IMPLEMENTATION: find_counterexamples
-// =============================================================================
-
-async function findCounterexamples(projectPath, args) {
-  const { claim, subject, policy = "strict" } = args || {};
-  const pol = policy || "strict";
-
-  const counterexamples = [];
-
-  if (claim === "auth_enforced" || claim === "route_guarded") {
-    // Look for client-only guards (classic bypass)
-    const guardEvidence = await searchEvidence(projectPath, { query: "useEffect|client|localStorage|sessionStorage", mode: "regex", limit: 20 });
-    const middlewareEvidence = await searchEvidence(projectPath, { query: "middleware", mode: "text", limit: 10 });
-
-    if (guardEvidence.count > 0 && middlewareEvidence.count === 0) {
-      counterexamples.push({
-        type: "bypass_possible",
-        severity: "ship_killer",
-        description: "Auth appears client-only (no middleware/server guard evidence found).",
-        evidence: guardEvidence.results.slice(0, 3),
-      });
-    }
-  }
-
-  if (claim === "billing_gate_exists") {
-    const billingEvidence = await searchEvidence(projectPath, { query: "isPro|tier|plan|subscription|stripe", mode: "regex", limit: 20 });
-    for (const ev of billingEvidence.results) {
-      if (/localStorage|sessionStorage|client/i.test(ev.snippet)) {
-        counterexamples.push({
-          type: "bypass_possible",
-          severity: "ship_killer",
-          description: "Billing gate likely client-side (bypassable).",
-          evidence: ev,
-        });
-      }
-    }
-  }
-
-  return {
-    claim,
-    subject,
-    policy: pol,
-    counterexamples,
-    claimDemoted: counterexamples.length > 0,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-// =============================================================================
-// IMPLEMENTATION: propose_patch + verify_patch
-// =============================================================================
-
-function ensureDir(dirAbs) {
-  if (!fssync.existsSync(dirAbs)) fssync.mkdirSync(dirAbs, { recursive: true });
-}
-
-async function proposePatch(projectPath, args) {
-  const { diff, fixes, claims = [], verification = [], policy = "strict", save = true } = args || {};
-  const pol = policy || "strict";
-
-  const claimValidation = [];
-  for (const claimId of claims) {
-    const cached = state.verifiedClaims.get(claimId);
-    if (!cached) {
-      claimValidation.push({ claimId, valid: false, error: "Claim not verified" });
-      continue;
-    }
-    const res = cached.result;
-    if (res?.result === "unknown") claimValidation.push({ claimId, valid: false, error: "Claim is unknown" });
-    else if (res?.result === "false") claimValidation.push({ claimId, valid: false, error: "Claim is false" });
-    else claimValidation.push({ claimId, valid: true });
-  }
-
-  const allClaimsValid = claimValidation.every((c) => c.valid);
-  const patchId = `patch_${crypto.randomUUID().slice(0, 12)}`;
-
-  const patch = {
-    patchId,
-    diff: String(diff || "").slice(0, 50_000),
-    fixes: Array.isArray(fixes) ? fixes : [],
-    dependsOnClaims: Array.isArray(claims) ? claims : [],
-    verification: (Array.isArray(verification) && verification.length > 0) ? verification : ["vibecheck ship", "pnpm test"],
-    createdAt: new Date().toISOString(),
-    eligible: allClaimsValid && (Array.isArray(fixes) && fixes.length > 0),
-    claimValidation,
-    policy: pol,
-  };
-
-  if (!patch.eligible) {
-    patch.blockers = claimValidation.filter((c) => !c.valid);
-    patch.message = "⚠️ Patch NOT eligible for auto-apply. Fix blockers first.";
-  }
-
-  if (save) {
-    try {
-      const dir = safeProjectJoin(projectPath, ".vibecheck/patches");
-      ensureDir(dir);
-      const out = path.join(dir, `${patchId}.json`);
-      await fs.writeFile(out, JSON.stringify(patch, null, 2), "utf8");
-      patch.savedTo = path.relative(projectPath, out).replace(/\\/g, "/");
-    } catch (e) {
-      patch.saveError = e?.message || String(e);
-    }
-  }
-
-  return patch;
-}
-
-/**
- * Validate command against strict allowlist.
- * 
- * SECURITY FIX: Previous allowlist was too permissive, allowing arbitrary code execution:
- * - "node -e 'require(\"child_process\").exec(\"rm -rf /\")'" would pass
- * - "npm exec malicious-package" would pass
- * - "pnpm dlx evil-tool" would pass
- * 
- * New allowlist only permits specific safe subcommands.
- */
-function commandAllowlisted(cmd) {
-  const trimmed = cmd.trim();
-  
-  // Reject commands with shell metacharacters that could enable injection
-  // These are dangerous even in "safe" commands: ; | & $ ` \ ( ) { } < > \n
-  if (/[;|&$`\\(){}<>\n]/.test(trimmed)) {
-    return false;
-  }
-  
-  // Reject commands that use flags commonly used for code execution
-  if (/\s-[eEc]\s|\s--eval\s|\s--exec\s/i.test(trimmed)) {
-    return false;
-  }
-  
-  // Strict allowlist: only specific commands with specific safe subcommands
-  const strictAllow = [
-    // Vibecheck CLI - only specific safe commands
-    /^vibecheck\s+(ship|scan|ctx|lint|status)\b/,
-    /^vibecheck\s+--help\b/,
-    /^vibecheck\s+--version\b/,
-    
-    // Package managers - only test/build/lint (no exec, dlx, or install scripts)
-    /^pnpm\s+(test|build|lint|typecheck|check|run\s+(test|build|lint|typecheck))\b/,
-    /^npm\s+(test|run\s+(test|build|lint|typecheck))\b/,
-    /^yarn\s+(test|build|lint|typecheck|run\s+(test|build|lint|typecheck))\b/,
-    /^bun\s+(test|run\s+(test|build|lint))\b/,
-    
-    // TypeScript compiler - only type checking (no emit)
-    /^tsc\s+(--noEmit|--build)\b/,
-    /^tsc$/,  // Default tsc with no args is safe
-    
-    // Linters - safe read-only operations
-    /^eslint\s+/,  // ESLint with any args (read-only)
-    /^eslint$/,
-    
-    // Test runners - only run tests
-    /^vitest\s*(run|--run)?\b/,
-    /^vitest$/,
-    /^jest\s*(--ci|--coverage|--passWithNoTests)?\b/,
-    /^jest$/,
-    
-    // Playwright - only test mode (no codegen which opens browsers)
-    /^playwright\s+test\b/,
-    /^npx\s+playwright\s+test\b/,
-  ];
-  
-  return strictAllow.some((re) => re.test(trimmed));
-}
-
-async function verifyPatch(projectPath, args) {
-  const { patchId, diff, commands, policy = "strict", timeoutMs = 120000 } = args || {};
-  const pol = policy || "strict";
-
-  let patch = null;
-  if (patchId) {
-    try {
-      const abs = safeProjectJoin(projectPath, `.vibecheck/patches/${patchId}.json`);
-      const content = await fs.readFile(abs, "utf8");
-      patch = JSON.parse(content);
-    } catch (error) {
-      // Invalid JSON or file not found - treat as no patch
-      patch = null;
-    }
-  }
-
-  // NOTE: This does NOT auto-apply diff. It only runs verification commands.
-  // Auto-apply should be a separate tool with explicit guardrails.
-  const cmds = Array.isArray(commands) ? commands : [];
-  const results = [];
-
-  for (const cmd of cmds) {
-    if (!commandAllowlisted(cmd)) {
-      results.push({ cmd, ok: false, blocked: true, reason: "Command not allowlisted" });
-      continue;
-    }
-    const started = Date.now();
-    const out = spawnSync(cmd, {
-      cwd: projectPath,
-      shell: true,
-      encoding: "utf8",
-      timeout: Math.max(1000, Number(timeoutMs) || 120000),
-      maxBuffer: 1024 * 1024 * 5,
-    });
-
-    const stdout = String(out.stdout || "").slice(0, MAX_CMD_OUTPUT);
-    const stderr = String(out.stderr || "").slice(0, MAX_CMD_OUTPUT);
-
-    results.push({
-      cmd,
-      ok: out.status === 0 && !out.error,
-      status: out.status,
-      durationMs: Date.now() - started,
-      stdout,
-      stderr,
-      error: out.error ? String(out.error.message || out.error) : null,
-    });
-  }
-
-  const pass = results.every((r) => r.ok);
-
-  return {
-    patchId: patch?.patchId || patchId || null,
-    hasPatchRecord: !!patch,
-    policy: pol,
-    pass,
-    results,
-    note: "verify_patch runs commands only. Applying diffs should be explicit + guarded.",
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-// =============================================================================
-// IMPLEMENTATION: invariants
-// =============================================================================
-
-async function checkInvariants(projectPath, args) {
-  const { category = "all", policy = "strict" } = args || {};
-  const pol = policy || "strict";
-
-  const shipKillers = [];
-  const warnings = [];
-
-  // 1) Silent catches in auth/billing/middleware are ship killers
-  const silentCatches = await searchEvidence(projectPath, {
-    query: String.raw`catch\s*\(\s*\w*\s*\)\s*\{\s*(?:\}|\/\/|console\.log|return\s*;|return\s*null\s*;)`,
-    mode: "regex",
-    limit: 50,
-  });
-
-  for (const ev of silentCatches.results) {
-    if (/auth|billing|middleware|payment/i.test(ev.file)) {
-      shipKillers.push({
-        invariant: "security_no_silent_catch",
-        rule: "No silent catch in auth/billing/middleware",
-        evidence: ev,
-      });
-    }
-  }
-
-  // 2) Hardcoded secrets (ship killer)
-  const secrets = await searchEvidence(projectPath, {
-    query: String.raw`(sk_live_|AKIA[0-9A-Z]{16}|AIza[0-9A-Za-z\-_]{35}|xox[baprs]-[0-9A-Za-z\-]{10,})`,
-    mode: "regex",
-    limit: 20,
-  });
-
-  for (const ev of secrets.results) {
-    if (!/\.example|\.test\.|\.spec\./i.test(ev.file)) {
-      shipKillers.push({
-        invariant: "security_no_exposed_secrets",
-        rule: "No hardcoded secrets or API keys",
-        evidence: ev,
-      });
-    }
-  }
-
-  // 3) “Success UI without confirmed success” (warning by default)
-  const fakeSuccess = await searchEvidence(projectPath, {
-    query: String.raw`toast\.(success|info)|setSuccess\s*\(|"success"|success:\s*true`,
-    mode: "regex",
-    limit: 30,
-  });
-
-  for (const ev of fakeSuccess.results) {
-    // This is heuristic: you’ll tighten it by correlating with network calls later.
-    warnings.push({
-      invariant: "ux_no_fake_success",
-      rule: "Success UI should be tied to confirmed success (network/response)",
-      evidence: ev,
-    });
-  }
-
-  const passed = shipKillers.length === 0;
-  return {
-    policy: pol,
-    category,
-    passed,
-    shipKillers,
-    warnings,
-    summary: passed ? "✅ Invariants pass" : `❌ ${shipKillers.length} ship killers found`,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-// =============================================================================
-// IMPLEMENTATION: assumptions
-// =============================================================================
-
-async function addAssumption(projectPath, args) {
-  const { description, reason, verificationSteps } = args || {};
-
-  const list = state.assumptionsByProject.get(projectPath) || [];
-  if (list.length >= state.maxAssumptions) {
-    return {
-      error: `Assumption budget exceeded (${list.length}/${state.maxAssumptions})`,
-      message: "⚠️ Verify or delete assumptions. Don’t stack guesses.",
-      currentAssumptions: list,
-      _attribution: CONTEXT_ATTRIBUTION,
-    };
-  }
-
-  const assumption = {
-    id: `assumption_${Date.now()}_${crypto.randomUUID().slice(0, 6)}`,
-    description: String(description || ""),
-    reason: reason ? String(reason) : "",
-    verificationSteps: Array.isArray(verificationSteps) ? verificationSteps : [],
-    madeAt: new Date().toISOString(),
-    verified: false,
-  };
-
-  list.push(assumption);
-  state.assumptionsByProject.set(projectPath, list);
-
-  return {
-    assumption,
-    budget: { used: list.length, max: state.maxAssumptions, remaining: state.maxAssumptions - list.length },
-    warning: list.length >= state.maxAssumptions ? "⚠️ Assumption limit reached." : null,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-// =============================================================================
-// PLAN VALIDATION & DRIFT
-// =============================================================================
-
-async function getPlanValidationResult(projectPath, args) {
-  const { plan, strict = false } = args || {};
-
-  const contracts = await loadContractsFromDisk(projectPath);
-  if (!contracts || Object.keys(contracts).length === 0) {
-    return {
-      valid: true,
-      warning: 'No contracts found. Run "vibecheck ctx sync" to generate contracts.',
-      violations: [],
-      warnings: [],
-      suggestions: ['Generate contracts with: vibecheck ctx sync'],
-      _attribution: CONTEXT_ATTRIBUTION,
-    };
-  }
-
-  const actions = parsePlanActions(plan);
-
-  const violations = [];
-  const warnings = [];
-  const suggestions = [];
-
-  // routes
-  if (contracts.routes && actions.routes.length > 0) {
-    const contractRoutes = (contracts.routes.routes || []).map((r) => ({
-      method: String(r.method || "*").toUpperCase(),
-      path: canonicalizePath(String(r.path || "")),
-    }));
-
-    for (const r of actions.routes) {
-      const wanted = { method: String(r.method || "GET").toUpperCase(), path: canonicalizePath(r.path) };
-      const exists = contractRoutes.some((cr) => (cr.method === "*" || cr.method === wanted.method) && matchesParameterizedPath(cr.path, wanted.path));
-      if (!exists) {
-        violations.push({
-          type: "invented_route",
-          severity: "BLOCK",
-          route: wanted.path,
-          method: wanted.method,
-          message: `Plan references route ${wanted.method} ${wanted.path} not in routes contract`,
-        });
-      }
-    }
-  }
-
-  // env vars
-  if (contracts.env && actions.envVars.length > 0) {
-    const contractVars = new Set((contracts.env.vars || []).map((v) => v.name));
-    for (const v of actions.envVars) {
-      if (!contractVars.has(v)) {
-        warnings.push({
-          type: "undeclared_env",
-          severity: "WARN",
-          name: v,
-          message: `Plan uses env var ${v} not declared in env contract`,
-          suggestion: "Add to .vibecheck/contracts/env.json and .env.example",
-        });
-      }
-    }
-  }
-
-  // external services
-  if (contracts.external && actions.externalCalls.length > 0) {
-    const contractServices = new Set((contracts.external.services || []).map((s) => s.name));
-    for (const call of actions.externalCalls) {
-      if (!contractServices.has(call.service)) {
-        warnings.push({
-          type: "undeclared_service",
-          severity: "WARN",
-          service: call.service,
-          message: `Plan uses ${call.service} not declared in external contract`,
-          suggestion: "Add to .vibecheck/contracts/external.json",
-        });
-      }
-    }
-  }
-
-  const valid = violations.length === 0 && (!strict || warnings.length === 0);
-
-  return {
-    valid,
-    violations,
-    warnings,
-    suggestions,
-    parsedActions: actions,
-    contractsLoaded: Object.keys(contracts),
-    message: valid ? "✅ Plan validated" : `❌ Plan invalid: ${violations.length} violations, ${warnings.length} warnings`,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-async function checkDriftTool(projectPath, args) {
-  const category = args?.category || "all";
-
-  const contracts = await loadContractsFromDisk(projectPath);
-  if (!contracts || Object.keys(contracts).length === 0) {
-    return { hasDrift: false, message: 'No contracts found. Run "vibecheck ctx sync".', findings: [], _attribution: CONTEXT_ATTRIBUTION };
-  }
-
-  const truthpack = await buildCurrentTruthpack(projectPath);
-  const findings = [];
-
-  if (category === "all" || category === "routes") findings.push(...detectRouteDrift(contracts.routes, truthpack));
-  if (category === "all" || category === "env") findings.push(...detectEnvDrift(contracts.env, truthpack));
-  if (category === "all" || category === "auth") findings.push(...detectAuthDrift(contracts.auth, truthpack));
-
-  const blocks = findings.filter((f) => f.severity === "BLOCK");
-  const warns = findings.filter((f) => f.severity === "WARN");
-
-  return {
-    hasDrift: findings.length > 0,
-    verdict: blocks.length > 0 ? "BLOCK" : warns.length > 0 ? "WARN" : "PASS",
-    summary: { blocks: blocks.length, warns: warns.length, total: findings.length },
-    findings,
-    message: findings.length === 0 ? "✅ No drift detected" : `⚠️ Drift detected: ${blocks.length} blocks, ${warns.length} warnings`,
-    _attribution: CONTEXT_ATTRIBUTION,
-  };
-}
-
-async function getContractsTool(projectPath, args) {
-  const type = args?.type || "all";
-  const contracts = await loadContractsFromDisk(projectPath);
-
-  if (!contracts || Object.keys(contracts).length === 0) {
-    return { found: false, message: 'No contracts found. Run "vibecheck ctx sync".', contracts: {}, _attribution: CONTEXT_ATTRIBUTION };
-  }
-
-  if (type === "all") {
-    return {
-      found: true,
-      contracts,
-      summary: {
-        routes: contracts.routes?.routes?.length || 0,
-        envVars: contracts.env?.vars?.length || 0,
-        authPatterns: contracts.auth?.protectedPatterns?.length || 0,
-        services: contracts.external?.services?.length || 0,
-      },
-      _attribution: CONTEXT_ATTRIBUTION,
-    };
-  }
-
-  return { found: !!contracts[type], contracts: { [type]: contracts[type] }, _attribution: CONTEXT_ATTRIBUTION };
-}
-
-async function loadContractsFromDisk(projectPath) {
-  const contractDir = safeProjectJoin(projectPath, ".vibecheck/contracts");
-  const contracts = {};
-
-  const files = {
-    routes: "routes.json",
-    env: "env.json",
-    auth: "auth.json",
-    external: "external.json",
-  };
-
-  for (const [key, file] of Object.entries(files)) {
-    try {
-      const abs = path.join(contractDir, file);
-      const content = await fs.readFile(abs, "utf8");
-      contracts[key] = JSON.parse(content);
-    } catch (error) {
-      // Invalid JSON or file not found - skip this contract
-      // ignore
-    }
-  }
-
-  return contracts;
-}
-
-// =============================================================================
-// PARSING HELPERS
-// =============================================================================
-
-function canonicalizePath(p) {
-  let s = String(p || "").trim();
-  if (!s.startsWith("/")) s = "/" + s;
-  s = s.replace(/\/+/g, "/");
-  if (s.length > 1) s = s.replace(/\/$/, "");
-  return s;
-}
-
-function dedupe(arr, keyFn) {
-  const seen = new Set();
-  const out = [];
-  for (const item of arr) {
-    const k = keyFn(item);
-    if (seen.has(k)) continue;
-    seen.add(k);
-    out.push(item);
-  }
-  return out;
-}
-
-function parsePlanActions(plan) {
-  const actions = {
-    routes: [],
-    envVars: [],
-    authAssumptions: [],
-    externalCalls: [],
-  };
-
-  const planText = typeof plan === "string" ? plan : JSON.stringify(plan);
-
-  // routes
-  const routePatterns = [
-    /(?:GET|POST|PUT|PATCH|DELETE)\s+([/][^\s"'`]+)/gi,
-    /\/api\/[a-z0-9/_-]+/gi,
-  ];
-
-  for (const pattern of routePatterns) {
-    let match;
-    while ((match = pattern.exec(planText)) !== null) {
-      const p = (match[1] || match[0]).replace(/['"`]/g, "");
-      if (p.startsWith("/")) {
-        actions.routes.push({ path: canonicalizePath(p), method: inferMethodFromText(match[0]) });
-      }
-    }
-  }
-
-  actions.routes = dedupe(actions.routes, (r) => `${r.method}:${r.path}`);
-
-  // env vars
-  const envPatterns = [
-    /process\.env\.([A-Z_][A-Z0-9_]*)/g,
-    /import\.meta\.env\.([A-Z_][A-Z0-9_]*)/g,
-  ];
-  for (const pattern of envPatterns) {
-    let match;
-    while ((match = pattern.exec(planText)) !== null) actions.envVars.push(match[1]);
-  }
-  actions.envVars = dedupe(actions.envVars, (v) => v);
-
-  // auth assumptions
-  if (/(authenticated|logged in|auth required|protected)/i.test(planText)) actions.authAssumptions.push({ type: "requires_auth" });
-  if (/(public|no auth|unauthenticated)/i.test(planText)) actions.authAssumptions.push({ type: "no_auth" });
-
-  // external services
-  const services = [
-    { re: /stripe\./i, service: "stripe" },
-    { re: /github\./i, service: "github" },
-    { re: /sendgrid\./i, service: "sendgrid" },
-    { re: /twilio\./i, service: "twilio" },
-    { re: /supabase\./i, service: "supabase" },
-  ];
-  for (const s of services) {
-    if (s.re.test(planText)) actions.externalCalls.push({ service: s.service });
-  }
-  actions.externalCalls = dedupe(actions.externalCalls, (c) => c.service);
-
-  return actions;
-}
-
-function inferMethodFromText(text) {
-  const upper = String(text || "").toUpperCase();
-  if (upper.includes("POST")) return "POST";
-  if (upper.includes("PUT")) return "PUT";
-  if (upper.includes("PATCH")) return "PATCH";
-  if (upper.includes("DELETE")) return "DELETE";
-  return "GET";
-}
-
-function matchesParameterizedPath(pattern, actual) {
-  const pParts = canonicalizePath(pattern).split("/").filter(Boolean);
-  const aParts = canonicalizePath(actual).split("/").filter(Boolean);
-  if (pParts.length !== aParts.length) return false;
-
-  for (let i = 0; i < pParts.length; i++) {
-    const p = pParts[i];
-    if (p.startsWith(":") || p.startsWith("*") || p.startsWith("[")) continue;
-    if (p !== aParts[i]) return false;
-  }
-  return true;
-}
-
-// =============================================================================
-// DRIFT DETECTORS (improved: added removals)
-// =============================================================================
-
-async function buildCurrentTruthpack(projectPath, refresh = false) {
-  const routes = await extractRoutes(projectPath, refresh);
-  const env = await extractEnv(projectPath);
-  const auth = await extractAuth(projectPath);
-
-  return {
-    routes: {
-      server: routes.routes || [],
-      gaps: routes.gaps || [],
-      engine: routes.engine,
-    },
-    env: { vars: env.used || [], declared: (env.declared || []).map((d) => d.name) },
-    auth: { nextMatcherPatterns: auth?.nextMatcherPatterns || [] },
-  };
-}
-
-function detectRouteDrift(routeContract, truthpack) {
-  const findings = [];
-  if (!routeContract?.routes) return findings;
-
-  // Use Route Truth v1 canonicalization for consistency
-  const canonicalize = routeTruthCanonicalize || canonicalizePath;
-
-  const contractSet = new Set(routeContract.routes.map((r) => `${String(r.method || "*").toUpperCase()}_${canonicalize(r.path)}`));
-  const server = truthpack?.routes?.server || [];
-  const serverSet = new Set(server.map((r) => `${String(r.method || "*").toUpperCase()}_${canonicalize(r.path)}`));
-  const gaps = truthpack?.routes?.gaps || [];
-
-  // new routes (in code, not in contract)
-  for (const key of serverSet) {
-    if (!contractSet.has(key)) {
-      const [method, routePath] = key.split("_");
-      const routeInfo = server.find((r) => canonicalize(r.path) === routePath && String(r.method || "*").toUpperCase() === method);
-
-      findings.push({
-        type: "new_route_not_in_contract",
-        severity: "BLOCK",
-        title: `New route not in contract: ${method} ${routePath}`,
-        message: "Route exists in code but not synced to routes contract.",
-        file: routeInfo?.file,
-        framework: routeInfo?.framework,
-      });
-    }
-  }
-
-  // removed routes (in contract, not in code)
-  for (const key of contractSet) {
-    if (!serverSet.has(key)) {
-      const hasGaps = gaps.length > 0;
-      findings.push({
-        type: "contract_route_missing_in_code",
-        severity: hasGaps ? "WARN" : "WARN", // Demote if gaps exist
-        title: `Contract route missing in code: ${key.replace("_", " ")}`,
-        message: hasGaps
-          ? "Contract lists a route not detected in code. Note: some plugins couldn't be resolved."
-          : "Contract lists a route not detected in code (stale contract?).",
-        mayBeExtractorGap: hasGaps,
-      });
-    }
-  }
-
-  // Report gaps as info
-  if (gaps.length > 0) {
-    findings.push({
-      type: "extractor_gaps",
-      severity: "INFO",
-      title: `Route extractor has ${gaps.length} unresolved module(s)`,
-      message: "Some Fastify plugins or imports couldn't be resolved - routes may be incomplete.",
-      gaps: gaps.slice(0, 5), // Limit to first 5
-    });
-  }
-
-  return findings;
-}
-
-function detectEnvDrift(envContract, truthpack) {
-  const findings = [];
-  if (!envContract?.vars) return findings;
-
-  const contractVars = new Set(envContract.vars.map((v) => v.name));
-  const usedVars = new Set((truthpack?.env?.vars || []).map((v) => v.name));
-
-  for (const name of usedVars) {
-    if (!contractVars.has(name)) {
-      findings.push({
-        type: "new_env_not_in_contract",
-        severity: "WARN",
-        title: `Env var used but not in contract: ${name}`,
-        message: "Env var used in code but not declared in contracts.",
-      });
-    }
-  }
-
-  for (const name of contractVars) {
-    if (!usedVars.has(name)) {
-      findings.push({
-        type: "contract_env_unused",
-        severity: "WARN",
-        title: `Env var in contract appears unused: ${name}`,
-        message: "Contract env var not detected in usage (stale contract or extractor gap).",
-      });
-    }
-  }
-
-  return findings;
-}
-
-function detectAuthDrift(authContract, truthpack) {
-  const findings = [];
-  if (!authContract?.protectedPatterns) return findings;
-
-  const contract = new Set(authContract.protectedPatterns);
-  const current = new Set(truthpack?.auth?.nextMatcherPatterns || []);
-
-  for (const pattern of current) {
-    if (!contract.has(pattern)) {
-      findings.push({
-        type: "new_auth_pattern",
-        severity: "BLOCK",
-        title: `New auth pattern not in contract: ${pattern}`,
-        message: "Auth matcher/pattern changed but contracts not updated.",
-      });
-    }
-  }
-
-  return findings;
-}
-
-// =============================================================================
-// DOMAIN HELPERS
-// =============================================================================
-
-function detectDomains(task) {
-  const domains = [];
-  const t = String(task || "");
-  if (/auth|login|logout|session|password/i.test(t)) domains.push("auth");
-  if (/billing|payment|stripe|subscription/i.test(t)) domains.push("billing");
-  if (/env|secret|config/i.test(t)) domains.push("env");
-  if (/route|api|endpoint/i.test(t)) domains.push("api");
-  if (/component|button|ui|form/i.test(t)) domains.push("ui");
-  return domains.length ? domains : ["general"];
-}
-
-function extractKeywords(task) {
-  return String(task || "")
-    .toLowerCase()
-    .replace(/[^a-z0-9\s/_-]/g, " ")
-    .split(/\s+/)
-    .filter((w) => w.length > 2)
-    .slice(0, 40);
-}
-
-function getInvariantsForDomains(domains) {
-  const invariants = [];
-  if (domains.includes("auth")) invariants.push("No protected route without server middleware");
-  if (domains.includes("billing")) invariants.push("No paid feature without server-side enforcement");
-  invariants.push("No success UI without confirmed success");
-  invariants.push("No invented routes/env vars/functions in plans");
-  return invariants;
-}
-
-function estimateTokens(context) {
-  let tokens = 0;
-  if (context?.routes) tokens += context.routes.length * 50;
-  if (context?.auth) tokens += 220;
-  if (context?.billing) tokens += 220;
-  if (context?.env) tokens += 180;
-  return tokens;
-}
-
-function generateContextWarnings(domains, policy, routeCount) {
-  const warnings = [];
-  if (domains.includes("auth") || domains.includes("billing")) warnings.push("High-stakes domain: verify claims before edits.");
-  if (routeCount > 50 && policy === "strict") warnings.push("Large route surface: narrow task or specify files.");
-  return warnings;
-}
-
-// =============================================================================
-// SOURCE FILE DISCOVERY (safe + bounded)
-// =============================================================================
-
-async function findSourceFiles(projectPath, opts) {
-  const files = [];
-  const ignoreDirs = new Set(["node_modules", "dist", "build", ".git", ".next", "coverage", "out"]);
-
-  async function walk(dirAbs) {
-    let entries = [];
-    try {
-      entries = await fs.readdir(dirAbs, { withFileTypes: true });
-    } catch {
-      return;
-    }
-
-    for (const entry of entries) {
-      const full = path.join(dirAbs, entry.name);
-      if (entry.isDirectory()) {
-        if (ignoreDirs.has(entry.name) || entry.name.startsWith(".")) continue;
-        await walk(full);
-      } else if (entry.isFile()) {
-        if (!/\.(ts|tsx|js|jsx)$/.test(entry.name)) continue;
-        const rel = path.relative(projectPath, full).replace(/\\/g, "/");
-        if (!opts?.includeTests && isTestFilePath(rel)) continue;
-        files.push(full);
-        if (files.length > 2500) return; // hard cap
-      }
-    }
-  }
-
-  await walk(path.resolve(projectPath));
-  return files;
-}
-
-// =============================================================================
-// ROUTE TRUTH V1 INTEGRATION (AST-based, follows Fastify register prefixes + Next.js app/pages)
-// =============================================================================
-
-/**
- * Get or build the Route Truth v1 index for a project.
- * This is the SINGLE SOURCE OF TRUTH for route reality.
- */
-async function getRouteIndex(projectPath, refresh = false) {
-  if (!refresh && state.routeIndexByProject.has(projectPath)) {
-    return state.routeIndexByProject.get(projectPath);
-  }
-
-  const index = new RouteIndex();
-  await index.build(projectPath);
-  state.routeIndexByProject.set(projectPath, index);
-  return index;
-}
-
-/**
- * Extract routes using Route Truth v1 (AST-based).
- * - Fastify: follows register() prefixes, resolves relative plugin imports
- * - Next.js: App Router (route.ts exports) + Pages Router (/pages/api/**)
- * - Proper path canonicalization (dynamic segments, splats)
- */
-async function extractRoutes(projectPath, refresh = false) {
-  const index = await getRouteIndex(projectPath, refresh);
-  const routeMap = index.getRouteMap();
-
-  // Transform to truthpack format
-  const routes = (routeMap.server || []).map((r) => ({
-    method: r.method,
-    path: r.path,
-    file: r.handler,
-    line: r.evidence?.[0]?.lines?.split("-")[0] || 1,
-    framework: r.framework,
-    routerType: r.routerType,
-    confidence: r.confidence === "high" ? 0.95 : r.confidence === "med" ? 0.8 : 0.6,
-    evidence: r.evidence,
-  }));
-
-  const gaps = routeMap.gaps || [];
-  const hasGaps = gaps.length > 0;
-
-  return {
-    count: routes.length,
-    routes,
-    gaps,
-    confidence: hasGaps ? 0.7 : (routes.length > 0 ? 0.95 : 0.3),
-    engine: "route-truth-v1",
-    _note: hasGaps
-      ? `⚠️ ${gaps.length} unresolved plugins/modules - some routes may be missing`
-      : "AST-based extraction (Fastify register prefixes + Next.js app/pages)",
-  };
-}
-
-async function extractAuth(projectPath) {
-  // TODO: parse Next middleware matcher for real; this is evidence-based heuristics
-  const evidence = await searchEvidence(projectPath, { query: "middleware|auth|authenticate|authorize|jwt|session", mode: "regex", limit: 30 });
-  return {
-    count: evidence.count,
-    indicators: evidence.results,
-    nextMatcherPatterns: [],
-    confidence: evidence.count > 5 ? 0.8 : 0.4,
-  };
-}
-
-async function extractBilling(projectPath) {
-  const evidence = await searchEvidence(projectPath, { query: "stripe|billing|payment|subscription|checkout|tier|isPro", mode: "regex", limit: 25 });
-  return { count: evidence.count, indicators: evidence.results, confidence: evidence.count > 3 ? 0.75 : 0.3 };
-}
-
-async function extractEnv(projectPath) {
-  const declared = [];
-  const used = [];
-
-  // .env.example declarations
-  try {
-    const content = await safeReadFile(projectPath, ".env.example");
-    const lines = content.split(/\r?\n/);
-    for (let i = 0; i < lines.length; i++) {
-      const m = lines[i].match(/^([A-Z][A-Z0-9_]*)=/);
-      if (m) declared.push({ name: m[1], line: i + 1 });
-    }
-  } catch { /* ignore */ }
-
-  // usage
-  const usage = await searchEvidence(projectPath, { query: "process\\.env\\.([A-Z][A-Z0-9_]*)", mode: "regex", limit: 200, includeTests: false });
-  for (const ev of usage.results) {
-    const m = ev.snippet.match(/process\.env\.([A-Z][A-Z0-9_]*)/);
-    if (m) used.push({ name: m[1], file: ev.file, line: ev.line });
-  }
-
-  const declaredNames = new Set(declared.map((d) => d.name));
-  const usedNames = new Set(used.map((u) => u.name));
-
-  return {
-    declared,
-    used,
-    mismatches: {
-      undeclared: Array.from(usedNames).filter((n) => !declaredNames.has(n)),
-      unused: Array.from(declaredNames).filter((n) => !usedNames.has(n)),
-    },
-    confidence: 0.8,
-  };
-}
-
-async function extractSchema(projectPath) {
-  const schemas = [];
-  try {
-    const content = await safeReadFile(projectPath, "prisma/schema.prisma");
-    const models = content.matchAll(/model\s+(\w+)\s*\{/g);
-    for (const m of models) schemas.push({ type: "prisma_model", name: m[1] });
-  } catch { /* ignore */ }
-  return { count: schemas.length, schemas, confidence: schemas.length > 0 ? 0.9 : 0.3 };
-}
-
-async function extractGraph(_projectPath) {
-  return { nodes: [], edges: [], message: "Graph extraction not implemented in this module." };
-}
-
-// =============================================================================
-// CLAIM VERIFIERS (tightened)
-// =============================================================================
-
-/**
- * Verify route_exists claim using Route Truth v1 index.
- * This uses proper AST-based route detection with:
- * - Fastify register() prefix resolution
- * - Next.js App/Pages router support
- * - Parameterized path matching (:id, *slug)
- * - Closest route suggestions on miss
- */
-async function verifyRouteExists(projectPath, subject, refresh = false) {
-  const index = await getRouteIndex(projectPath, refresh);
-
-  const claim = {
-    method: subject?.method || "*",
-    path: subject?.path,
-  };
-
-  // Use Route Truth v1 validation (handles parameterized matching, gaps, etc.)
-  const result = await routeTruthValidate(claim, projectPath, index);
-
-  if (result.result === "true") {
-    const matched = result.matchedRoute;
-    return {
-      result: "true",
-      confidence: result.confidence === "high" ? "high" : result.confidence === "med" ? "medium" : "low",
-      evidence: (matched?.evidence || []).map((e) => ({
-        file: e.file,
-        lines: e.lines,
-        snippet: "",
-        hash: e.snippetHash || sha16(`${e.file}:${e.lines}`),
-      })),
-      matchedRoute: {
-        method: matched?.method,
-        path: matched?.path,
-        file: matched?.handler,
-        framework: matched?.framework,
-      },
-    };
-  }
-
-  if (result.result === "unknown") {
-    // Has gaps (unresolved plugins) - can't be certain
-    return {
-      result: "unknown",
-      confidence: "low",
-      evidence: [],
-      gaps: result.gaps,
-      closestRoutes: (result.closestRoutes || []).map((r) => ({
-        method: r.method,
-        path: r.path,
-        file: r.handler,
-      })),
-      nextSteps: result.nextSteps || [
-        "Some plugins/modules could not be resolved",
-        "Route may exist but extractor couldn't follow import chain",
-      ],
-    };
-  }
-
-  // result === "false" - route definitely doesn't exist
-  const closest = (result.closestRoutes || []).map((r) => ({
-    method: r.method,
-    path: r.path,
-    file: r.handler,
-  }));
-
-  return {
-    result: "false",
-    confidence: "high",
-    evidence: [],
-    closestRoutes: closest,
-    nextSteps: result.nextSteps || (closest.length
-      ? [`Route not found. Did you mean: ${closest.map((r) => `${r.method} ${r.path}`).join(", ")}?`]
-      : ["Route not found. No similar routes detected."]),
-  };
-}
-
-async function verifyFileExists(projectPath, subject) {
-  const rel = String(subject?.path || subject?.name || "");
-  if (!rel) return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["Missing subject.path"] };
-  try {
-    const abs = safeProjectJoin(projectPath, rel);
-    await fs.access(abs);
-    return { result: "true", confidence: "high", evidence: [{ file: rel, lines: "1", hash: sha16(rel) }] };
-  } catch {
-    return { result: "false", confidence: "high", evidence: [] };
-  }
-}
-
-async function verifyEnvVar(projectPath, subject, claim) {
-  const env = await extractEnv(projectPath);
-  const name = String(subject?.name || "");
-  if (!name) return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["Missing subject.name"] };
-
-  const declared = env.declared?.find((d) => d.name === name);
-  const used = (env.used || []).filter((u) => u.name === name);
-
-  if (claim === "env_var_exists") {
-    if (declared) {
-      return { result: "true", confidence: "high", evidence: [{ file: ".env.example", lines: `${declared.line}`, hash: sha16(`${name}:${declared.line}`) }] };
-    }
-    // "exists" might be in real env, but contract says no -> unknown
-    return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["Not declared in .env.example / contract"] };
-  }
-
-  // env_var_used
-  if (used.length > 0) {
-    return {
-      result: "true",
-      confidence: "high",
-      evidence: used.map((u) => ({ file: u.file, lines: `${u.line}`, hash: sha16(`${u.file}:${u.line}:${name}`) })),
-    };
-  }
-
-  return { result: "false", confidence: "high", evidence: [] };
-}
-
-async function verifyRouteGuarded(projectPath, subject) {
-  const routePath = canonicalizePath(String(subject?.path || ""));
-  if (!routePath) return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["Missing subject.path"] };
-
-  // heuristic: route mentioned near middleware/auth patterns
-  const evidence = await searchEvidence(projectPath, {
-    query: String.raw`(middleware|auth|authorize|session).*(\Q${routePath}\E)|\Q${routePath}\E.*(middleware|auth|authorize|session)`.replace(/\Q|\E/g, ""),
-    mode: "regex",
-    limit: 10,
-  });
-
-  if (evidence.count > 0) {
-    return {
-      result: "true",
-      confidence: "med",
-      evidence: evidence.results.map((e) => ({ file: e.file, lines: `${e.line}`, hash: e.hash, snippet: e.snippet })),
-    };
-  }
-
-  return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["No guard evidence found (may still exist; extractor is heuristic)"] };
-}
-
-async function verifyEntityExists(projectPath, subject, _claim) {
-  const name = String(subject?.name || "");
-  if (!name) return { result: "unknown", confidence: "low", evidence: [], nextSteps: ["Missing subject.name"] };
-
-  const evidence = await searchEvidence(projectPath, { query: name, mode: "text", limit: 8 });
-  if (evidence.count > 0) {
-    return {
-      result: "true",
-      confidence: "med",
-      evidence: evidence.results.map((e) => ({ file: e.file, lines: `${e.line}`, hash: e.hash, snippet: e.snippet })),
-    };
-  }
-
-  return { result: "unknown", confidence: "low", evidence: [] };
-}
-
-// =============================================================================
-// EXPORTS
-// =============================================================================
-
-export {
-  getRouteIndex,      // Route Truth v1 index - single source of truth for routes
-  extractRoutes,      // Route extraction via Route Truth v1
-};
-
-export default {
-  TRUTH_FIREWALL_TOOLS,
-  handleTruthFirewallTool,
-  hasRecentClaimValidation,
-  enforceClaimResult,
-  getPolicyConfig,
-  getProjectFingerprint,
-  wrapMcpResponse,
-  getContextAttribution,
-  getRouteIndex,      // Also on default export
-  CONTEXT_ATTRIBUTION,
-};