@windyroad/risk-scorer 0.2.0-preview.62 → 0.2.1-preview.68

package/agents/pipeline.md

@@ -98,18 +98,35 @@ Assess whether each action is risk-reducing, risk-neutral, or risk-increasing. I
 
 For live incidents (outage, security, information disclosure), include `RISK_BYPASS: incident`.
 
-## Downstream Back-Pressure
+## Below-Appetite Output Rule (ADR-013 Rule 5)
 
-- **Commit**: If adding this commit would push the push queue risk >= 5, warn.
-- **Push**: If pushing would push the release queue risk >= 5, warn.
+When ALL cumulative scores are within appetite (≤ 4 per RISK-POLICY.md), your output MUST contain ONLY:
+1. The Pipeline Risk Report structure (layers, risk items, summary table)
+2. `RISK_SCORES: commit=N push=N release=N`
+3. `RISK_BYPASS: reducing` (if applicable)
 
-## Confidential Information Disclosure
+Do NOT emit: "Suggested Actions", "Your call:", advisory warnings, back-pressure notes, or any prose that implies the user needs to make a decision. Policy-authorised releases proceed silently.
 
-Check diffs for business metrics (revenue, user counts, pricing, traffic volumes). Flag as a standalone risk if found.
+## Above-Appetite Remediations
+
+When ANY cumulative score exceeds appetite (> 4), emit a structured `RISK_REMEDIATIONS:` block after the `RISK_SCORES:` line. This gives the calling skill machine-readable input for structured decision prompts.
+
+Format:
+```
+RISK_REMEDIATIONS:
+- R1 | <description of remediation> | <files affected>
+- R2 | <description of remediation> | <files affected>
+```
+
+Include downstream back-pressure in the remediation list:
+- **Commit**: If adding this commit would push the push queue risk >= 5, include a remediation to split the commit.
+- **Push**: If pushing would push the release queue risk >= 5, include a remediation to release first.
 
-## Suggested Actions
+Do NOT emit free-text "Your call:" or "consider splitting" prose. The structured `RISK_REMEDIATIONS:` block is the only output for above-appetite guidance.
 
-If any cumulative risk >= 5, suggest specific actions referencing which layer is driving the risk.
+## Confidential Information Disclosure
+
+Check diffs for business metrics (revenue, user counts, pricing, traffic volumes). Flag as a standalone risk if found.
 
 ## Report History
 

package/agents/plan.md

@@ -22,8 +22,8 @@ You are the Risk Scorer in plan review mode. Assess both the plan's own risk AND
 
 ## Verdict Logic
 
-- **PASS** if both the plan's own residual risk AND projected release risk are within appetite
-- **FAIL** if either exceeds appetite — explain which and what the plan should include
+- **PASS** if both the plan's own residual risk AND projected release risk are within appetite. Do NOT emit advisory prose, suggestions, or "consider" recommendations on PASS — the plan is policy-authorised (ADR-013 Rule 5).
+- **FAIL** if either exceeds appetite — emit a structured `RISK_REMEDIATIONS:` block (see below) explaining which dimension failed and what the plan should include.
 
 ## Output Format
 
@@ -49,6 +49,14 @@ You are the Risk Scorer in plan review mode. Assess both the plan's own risk AND
 
 End your report with `RISK_VERDICT: PASS` or `RISK_VERDICT: FAIL` on its own line. A PostToolUse hook reads this and writes the marker files — do NOT write files yourself.
 
+On FAIL, emit a structured `RISK_REMEDIATIONS:` block after the verdict:
+```
+RISK_REMEDIATIONS:
+- R1 | <description of what the plan must add/change> | <affected area>
+```
+
+Do NOT emit free-text "consider" or "you should" prose. The structured block is the only output for above-appetite guidance.
+
 ## Control Discovery
 
 For each control claimed to reduce risk:

package/agents/wip.md

@@ -45,15 +45,25 @@ Always provide the cumulative risk picture:
 - [specific guidance based on current pipeline state]
 ```
 
-If cumulative risk is **within appetite** (< 5): provide the assessment and say "Continue." The verdict is CONTINUE.
+### Below-Appetite Rule (ADR-013 Rule 5)
 
-If cumulative risk **exceeds appetite** (>= 5): provide specific risk-reducing suggestions:
-- "Commit your current changes to move WIP forward"
-- "Write tests for [risk item from report]" — name the specific risk and test file
-- "The release report flags [X] — address it before adding more changes"
-- "Push your commits to get CI feedback"
+If cumulative risk is **within appetite** (< 5): provide the assessment table and verdict only. Do NOT emit advisory prose, recommendations, or suggestions. The verdict is `RISK_VERDICT: CONTINUE`.
 
-The verdict is PAUSE. This blocks the next edit until the risk is addressed.
+### Above-Appetite Remediations
+
+If cumulative risk **exceeds appetite** (>= 5): provide the assessment table, then emit a structured `RISK_REMEDIATIONS:` block with specific risk-reducing actions:
+
+```
+RISK_REMEDIATIONS:
+- R1 | Commit current changes to move WIP forward | <uncommitted files>
+- R2 | Write tests for <risk item from report> | <test file to create/extend>
+- R3 | Address release report risk <X> before adding more changes | <affected files>
+- R4 | Push commits to get CI feedback | N/A
+```
+
+Do NOT emit free-text suggestions as prose. The structured block is the only output for above-appetite guidance.
+
+The verdict is `RISK_VERDICT: PAUSE`. This blocks the next edit until the risk is addressed.
 
 ## Control Discovery
 

package/hooks/test/risk-score-mark.bats

@@ -1,28 +1,101 @@
 #!/usr/bin/env bats
 
-# Tests for risk-score-mark.sh subagent pattern matching
+# Tests for risk-score-mark.sh — verifies the PostToolUse:Agent hook
+# parses risk-scorer agent output and writes the right files into
+# the session-scoped risk dir.
+#
+# Per ADR-005 (P011): behavioural assertions are functional — they
+# pipe mock hook input to the script and assert on side-effects, not
+# on what the source happens to contain. The four "echo X | grep X"
+# tautologies that previously lived here have been removed (they
+# always passed regardless of hook behaviour).
 
 setup() {
   SCRIPT_DIR="$(cd "$(dirname "$BATS_TEST_FILENAME")/.." && pwd)"
+  HOOK="$SCRIPT_DIR/risk-score-mark.sh"
+  ORIG_DIR="$PWD"
+  TEST_DIR=$(mktemp -d)
+  cd "$TEST_DIR"
+  TMPDIR="$TEST_DIR/tmp"
+  export TMPDIR
+  mkdir -p "$TMPDIR"
+  SESSION_ID="test-session-$$"
+  RDIR="$TMPDIR/claude-risk-${SESSION_ID}"
 }
 
-@test "pattern matches colon-style: wr-risk-scorer:pipeline" {
-  echo "wr-risk-scorer:pipeline" | grep -qE 'risk-scorer.pipeline'
+teardown() {
+  cd "$ORIG_DIR"
+  rm -rf "$TEST_DIR"
 }
 
-@test "pattern matches colon-style: wr-risk-scorer:plan" {
-  echo "wr-risk-scorer:plan" | grep -qE 'risk-scorer.plan'
+# Helper: build the PostToolUse:Agent JSON envelope and pipe it to the hook.
+# AGENT_OUTPUT is wrapped in tool_response.content[0].text to match the
+# real Claude Code PostToolUse hook payload shape.
+run_hook() {
+  local subagent="$1"
+  local agent_output="$2"
+  python3 -c "
+import json, sys
+print(json.dumps({
+  'tool_name': 'Agent',
+  'session_id': '${SESSION_ID}',
+  'tool_input': {'subagent_type': '${subagent}'},
+  'tool_response': {'content': [{'type': 'text', 'text': sys.stdin.read()}]}
+}))" <<<"$agent_output" | bash "$HOOK"
 }
 
-@test "pattern matches colon-style: wr-risk-scorer:wip" {
-  echo "wr-risk-scorer:wip" | grep -qE 'risk-scorer.wip'
+# --- Pipeline scorer: writes commit/push/release score files ---
+
+@test "pipeline: writes commit/push/release scores from RISK_SCORES line" {
+  run_hook "wr-risk-scorer:pipeline" "Header text
+RISK_SCORES: commit=2 push=3 release=1
+Trailing text"
+  [ "$(cat "$RDIR/commit")" = "2" ]
+  [ "$(cat "$RDIR/push")" = "3" ]
+  [ "$(cat "$RDIR/release")" = "1" ]
+}
+
+@test "pipeline: writes reducing bypass markers when RISK_BYPASS: reducing" {
+  run_hook "wr-risk-scorer:pipeline" "RISK_SCORES: commit=2 push=2 release=0
+RISK_BYPASS: reducing"
+  [ -f "$RDIR/reducing-commit" ]
+  [ -f "$RDIR/reducing-push" ]
+  [ -f "$RDIR/reducing-release" ]
+}
+
+@test "pipeline: writes incident bypass marker when RISK_BYPASS: incident" {
+  run_hook "wr-risk-scorer:pipeline" "RISK_SCORES: commit=10 push=10 release=10
+RISK_BYPASS: incident"
+  [ -f "$RDIR/incident-release" ]
+}
+
+@test "pipeline: writes nothing when output has no RISK_SCORES line" {
+  run_hook "wr-risk-scorer:pipeline" "No score line in this output"
+  [ ! -f "$RDIR/commit" ]
+  [ ! -f "$RDIR/push" ]
+  [ ! -f "$RDIR/release" ]
 }
 
-@test "pattern matches colon-style: wr-risk-scorer:policy" {
-  echo "wr-risk-scorer:policy" | grep -qE 'risk-scorer.policy'
+# --- Plan scorer: writes plan-reviewed marker on PASS only ---
+
+@test "plan: writes plan-reviewed marker on RISK_VERDICT: PASS" {
+  run_hook "wr-risk-scorer:plan" "RISK_VERDICT: PASS"
+  [ -f "$RDIR/plan-reviewed" ]
+}
+
+@test "plan: does NOT write plan-reviewed marker on RISK_VERDICT: FAIL" {
+  run_hook "wr-risk-scorer:plan" "RISK_VERDICT: FAIL"
+  [ ! -f "$RDIR/plan-reviewed" ]
+}
+
+# --- Subagent routing: case guard ignores non-risk-scorer agents ---
+
+@test "case guard: skips unrelated agent without writing files" {
+  run_hook "wr-architect:agent" "RISK_SCORES: commit=99 push=99 release=99"
+  [ ! -f "$RDIR/commit" ]
 }
 
-@test "case guard matches wr-risk-scorer:pipeline" {
+@test "case guard: matches wr-risk-scorer:pipeline subagent" {
   SUBAGENT="wr-risk-scorer:pipeline"
   case "$SUBAGENT" in
     *risk-scorer*) true ;;
@@ -30,7 +103,7 @@ setup() {
   esac
 }
 
-@test "case guard does NOT match unrelated agent" {
+@test "case guard: does NOT match wr-architect:agent" {
   SUBAGENT="wr-architect:agent"
   case "$SUBAGENT" in
     *risk-scorer*) false ;;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/risk-scorer",
-  "version": "0.2.0-preview.62",
+  "version": "0.2.1-preview.68",
   "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
   "bin": {
     "windyroad-risk-scorer": "./bin/install.mjs"