@wooojin/forgen 0.3.0 → 0.3.2

package/dist/hooks/pre-tool-use.js

@@ -334,10 +334,16 @@ async function main() {
             log.debug('compound reflection check 실패', e);
         }
         // 활성 모드 리마인더 (10회 호출당 1회 — 결정적 카운터 기반)
-        const reminders = getActiveReminders();
-        if (reminders.length > 0 && shouldShowReminderIO()) {
-            console.log(approveWithWarning(`<compound-reminder>\n${reminders.join('\n')}\n</compound-reminder>`));
-            return;
+        // P0-4 fix (2026-04-20): 과거에는 getActiveReminders()로 STATE_DIR을 먼저
+        // readdir + N회 readFileSync한 뒤에야 shouldShowReminderIO 카운터를 체크했다.
+        // 그래서 "리마인더를 보여줄 호출이 아닌" 90%에서도 디렉터리 스캔이 발생.
+        // 이제 shouldShowReminderIO를 먼저 체크해 표시 회차일 때만 스캔한다.
+        if (shouldShowReminderIO()) {
+            const reminders = getActiveReminders();
+            if (reminders.length > 0) {
+                console.log(approveWithWarning(`<compound-reminder>\n${reminders.join('\n')}\n</compound-reminder>`));
+                return;
+            }
         }
         console.log(approve());
     }

package/dist/hooks/secret-filter.js

@@ -16,6 +16,12 @@ export const SECRET_PATTERNS = [
     { name: 'Password', pattern: /(password|passwd|pwd)\s*[=:]\s*["']?[^\s"']{8,}/i },
     { name: 'Private Key', pattern: /-----BEGIN (RSA |EC |DSA )?PRIVATE KEY-----/ },
     { name: 'Connection String', pattern: /(mongodb|postgres|mysql|redis):\/\/\w+:[^@]+@/ },
+    // 2026-04-21 follow-up audit #B: vendor-specific prefixes the generic
+    // `(sk|pk|api-key)[_-]` pattern does NOT match. Real-world leaks
+    // overwhelmingly use these formats.
+    { name: 'GitHub Token', pattern: /\b(ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9]{36,}\b/ },
+    { name: 'Google API Key', pattern: /\bAIza[0-9A-Za-z_-]{35}\b/ },
+    { name: 'Slack Token', pattern: /\bxox[abpors]-[A-Za-z0-9-]{10,}/ },
 ];
 /** 텍스트에서 민감 정보 패턴 감지 (순수 함수) */
 export function detectSecrets(text) {

package/dist/hooks/session-recovery.js

@@ -378,7 +378,6 @@ async function main() {
         // v1: regex 기반 패턴 학습(prompt-learner) 제거. Evidence 기반으로 전환됨.
         // Compound v3: Run lifecycle check once per day
         try {
-            const lifecycleModulePath = path.join(path.dirname(fileURLToPath(import.meta.url)), '..', 'engine', 'compound-lifecycle.js');
             const lastLifecyclePath = path.join(STATE_DIR, 'last-lifecycle.json');
             let shouldRun = true;
             try {
@@ -390,13 +389,22 @@ async function main() {
             }
             catch { /* last-lifecycle.json parse failure — run lifecycle check anyway */ }
             if (shouldRun) {
-                // B-4: detached background spawn으로 분리 — hook timeout 초과 방지
+                // B-4: detached background spawn — hook timeout 초과 방지.
+                //
+                // Audit fix #5 (2026-04-21): prior invocation interpolated
+                // `sessionId` into a `-e` template literal
+                //   `import('${path}').then(m => m.runLifecycleCheck('${sessionId}'))`
+                // which created a code-injection surface (a crafted sessionId
+                // could break out of the single quotes and execute arbitrary JS
+                // under the user's Claude-Code privileges). The runner was moved
+                // to a dedicated script file and the id is now passed via argv —
+                // no shell, no eval, no interpolation.
+                const runnerPath = path.join(path.dirname(fileURLToPath(import.meta.url)), 'internal', 'run-lifecycle-check.js');
                 const { spawn: spawnLifecycle } = await import('node:child_process');
-                const lifecycleRunner = spawnLifecycle('node', [
-                    '--input-type=module',
-                    '-e',
-                    `import('${lifecycleModulePath.replace(/\\/g, '/')}').then(m => m.runLifecycleCheck('${sessionId}'))`,
-                ], { detached: true, stdio: 'ignore' });
+                const lifecycleRunner = spawnLifecycle('node', [runnerPath, sessionId], {
+                    detached: true,
+                    stdio: 'ignore',
+                });
                 lifecycleRunner.unref();
                 const { atomicWriteJSON: writeJSON } = await import('./shared/atomic-write.js');
                 writeJSON(lastLifecyclePath, { lastRun: new Date().toISOString() });

package/dist/hooks/shared/hook-response.d.ts

@@ -29,8 +29,6 @@ export declare function approveWithWarning(warning: string): string;
 export declare function deny(reason: string): string;
 /** 사용자 확인 요청 (PreToolUse 전용) */
 export declare function ask(reason: string): string;
-/** fail-open: 에러 시 안전하게 통과 */
-export declare function failOpen(): string;
 /**
  * fail-open with error tracking: 에러 시 안전하게 통과하되, 실패 정보를 기록.
  * forgen doctor의 Hook Health 섹션에서 실패 이력을 표시할 수 있도록 JSONL 로그에 기록.

package/dist/hooks/shared/hook-response.js

@@ -14,8 +14,8 @@
  *   모델에 컨텍스트를 주입하려면 반드시 additionalContext를 사용해야 함.
  */
 import * as fs from 'node:fs';
-import * as os from 'node:os';
 import * as path from 'node:path';
+import { STATE_DIR } from '../../core/paths.js';
 /** 통과 응답 (컨텍스트 없음, 모든 이벤트 공통) */
 export function approve() {
     return JSON.stringify({ continue: true });
@@ -59,10 +59,6 @@ export function ask(reason) {
         },
     });
 }
-/** fail-open: 에러 시 안전하게 통과 */
-export function failOpen() {
-    return JSON.stringify({ continue: true });
-}
 /**
  * fail-open with error tracking: 에러 시 안전하게 통과하되, 실패 정보를 기록.
  * forgen doctor의 Hook Health 섹션에서 실패 이력을 표시할 수 있도록 JSONL 로그에 기록.
@@ -71,9 +67,8 @@ export function failOpen() {
  */
 export function failOpenWithTracking(hookName) {
     try {
-        const stateDir = path.join(os.homedir(), '.forgen', 'state');
-        fs.mkdirSync(stateDir, { recursive: true });
-        const logPath = path.join(stateDir, 'hook-errors.jsonl');
+        fs.mkdirSync(STATE_DIR, { recursive: true });
+        const logPath = path.join(STATE_DIR, 'hook-errors.jsonl');
         const entry = JSON.stringify({ hook: hookName, at: Date.now() });
         fs.appendFileSync(logPath, entry + '\n');
     }

package/dist/hooks/shared/hook-timing.js

@@ -9,13 +9,22 @@ import * as path from 'node:path';
 import { STATE_DIR } from '../../core/paths.js';
 const TIMING_LOG = path.join(STATE_DIR, 'hook-timing.jsonl');
 const MAX_LINES = 500;
+// P0-2 fix (2026-04-20): rotate를 size gate로 보호. 이전에는 매 hook 완료마다
+// full-file read + length split + write까지 실행해 steady-state(500줄 근처)에서
+// 매 tool call당 ~40KB의 불필요 I/O가 발생했다. statSync 한 번으로 크기만 보고
+// threshold 이하면 read/write 둘 다 skip한다. threshold는 ~80바이트/엔트리 기준
+// MAX_LINES × 1.5 여유를 둠.
+const ROTATE_SIZE_BYTES = MAX_LINES * 80 * 2; // ~80KB
 export function recordHookTiming(hookName, durationMs, event) {
     try {
         fs.mkdirSync(STATE_DIR, { recursive: true });
         const entry = JSON.stringify({ hook: hookName, ms: durationMs, event, at: Date.now() });
         fs.appendFileSync(TIMING_LOG, entry + '\n');
-        // Rotate if too large
+        // Rotate if too large — size-gated (statSync only, skip read/write 대부분의 호출)
         try {
+            const size = fs.statSync(TIMING_LOG).size;
+            if (size < ROTATE_SIZE_BYTES)
+                return;
             const content = fs.readFileSync(TIMING_LOG, 'utf-8');
             const lines = content.trim().split('\n');
             if (lines.length > MAX_LINES) {

package/dist/hooks/solution-injector.d.ts

@@ -7,6 +7,27 @@
  *
  * knowledge-comes-to-you 원칙: 필요한 지식은 찾아와야 한다
  */
+/**
+ * Minimum relevance thresholds by fitness state (2026-04-21 gate sweep).
+ *
+ * Motivation: a flat 0.3 floor gave 100% precision but 60% recall on a
+ * synthetic 40-query workload — 10 legitimate matches that scored
+ * 0.25-0.30 were blocked alongside noise. A pure 0.25 floor pushed recall
+ * to 84% but stripped noise protection for unverified solutions.
+ *
+ * Champion-aware solution: trust graduates more. Solutions whose fitness
+ * classification is `champion` or `active` (accept/correct ratio has
+ * survived ≥5 injections under the v0.3.2 gates) earn a lower 0.25
+ * injection floor; everything else stays at 0.3. On the sweep this hit
+ * precision 95.5% / recall 84% / off-topic specificity 100% — best
+ * trade in the variant set.
+ *
+ * If fitness data is unavailable (fresh install, empty outcomes/),
+ * every solution falls into the default 0.3 bucket — identical to the
+ * pre-0.3.2 gate. No cold-start regression.
+ */
+export declare const MIN_INJECT_RELEVANCE = 0.3;
+export declare const MIN_INJECT_RELEVANCE_TRUSTED = 0.25;
 interface SessionCacheCommitResult {
     /**
      * commit 상태:

package/dist/hooks/solution-injector.js

@@ -28,7 +28,29 @@ import { writeSignal } from './shared/plugin-signal.js';
 import { approve, approveWithContext, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
 import { recordHookTiming } from './shared/hook-timing.js';
+import { appendPending, flushAccept } from '../engine/solution-outcomes.js';
 const MAX_SOLUTIONS_PER_SESSION = 10;
+/**
+ * Minimum relevance thresholds by fitness state (2026-04-21 gate sweep).
+ *
+ * Motivation: a flat 0.3 floor gave 100% precision but 60% recall on a
+ * synthetic 40-query workload — 10 legitimate matches that scored
+ * 0.25-0.30 were blocked alongside noise. A pure 0.25 floor pushed recall
+ * to 84% but stripped noise protection for unverified solutions.
+ *
+ * Champion-aware solution: trust graduates more. Solutions whose fitness
+ * classification is `champion` or `active` (accept/correct ratio has
+ * survived ≥5 injections under the v0.3.2 gates) earn a lower 0.25
+ * injection floor; everything else stays at 0.3. On the sweep this hit
+ * precision 95.5% / recall 84% / off-topic specificity 100% — best
+ * trade in the variant set.
+ *
+ * If fitness data is unavailable (fresh install, empty outcomes/),
+ * every solution falls into the default 0.3 bucket — identical to the
+ * pre-0.3.2 gate. No cold-start regression.
+ */
+export const MIN_INJECT_RELEVANCE = 0.3;
+export const MIN_INJECT_RELEVANCE_TRUSTED = 0.25;
 /** 세션별 이미 주입된 솔루션 추적 (중복 방지) */
 function getSessionCachePath(sessionId) {
     return path.join(STATE_DIR, `solution-cache-${sanitizeId(sessionId)}.json`);
@@ -298,12 +320,50 @@ async function main() {
             console.log(approve());
             return;
         }
-        // 어댑티브 프롬프트당 솔루션 수 제한, experiment는 1개 제한
+        // 어댑티브 프롬프트당 솔루션 수 제한, experiment는 1개 제한.
+        // 2026-04-21: MIN_INJECT_RELEVANCE 게이트 추가. 과거 0.15~0.21짜리 저신뢰 매칭이
+        // 거의 모든 세션에 주입되어 error 귀속의 80%를 차지했음.
+        //
+        // 2026-04-21 (precision audit follow-up): 단일 태그 매칭은 주입 차단.
+        // ~/.forgen/state/match-eval-log.jsonl 7406 queries 분석 결과, top-1의
+        // 33.5%가 "forgen", "type", "file" 같은 공통 단어 한 개로 매칭되어 희귀
+        // 태그 BM25 boost로 0.5~0.8 점수를 받고 사용자 컨텍스트를 오염시켰다.
+        // Matcher는 top-5 recall 유지를 위해 permissive 하게 두고 (bootstrap eval
+        // 호환), 주입 직전에만 엄격히:
+        //   - identifier match ≥ 1 (함수/파일 이름 리터럴 매칭 — 강한 신호) OR
+        //   - matched tags ≥ 2 (의도 교차점 2개 이상)
+        // 둘 중 하나를 만족해야 주입.
+        // 2026-04-21 (champion-aware gate): fitness 상태가 champion/active인 솔루션은
+        // 검증된 신호가 있으므로 임계값 0.25로 완화. draft/underperform 은 0.3 그대로.
+        // Fitness 데이터가 없으면 전체 default 0.3 (cold-start 회귀 없음).
+        // Gate sweep 결과: precision 95.5% / recall 84% / off-topic specificity 100%.
+        const fitnessStateMap = new Map();
+        try {
+            const { computeFitness } = await import('../engine/solution-fitness.js');
+            for (const r of computeFitness()) {
+                fitnessStateMap.set(r.solution, r.state);
+            }
+        }
+        catch (e) {
+            log.debug('fitness state load 실패 — default 0.3 적용', e);
+        }
+        function minRelevanceFor(name) {
+            const state = fitnessStateMap.get(name);
+            return (state === 'champion' || state === 'active')
+                ? MIN_INJECT_RELEVANCE_TRUSTED
+                : MIN_INJECT_RELEVANCE;
+        }
         let experimentCount = 0;
         const toInject = [];
         for (const sol of matches) {
             if (injected.has(sol.name))
                 continue;
+            if (sol.relevance < minRelevanceFor(sol.name))
+                continue;
+            const idMatches = sol.matchedIdentifiers?.length ?? 0;
+            const tagMatches = Math.max(0, sol.matchedTags.length - idMatches);
+            if (idMatches < 1 && tagMatches < 2)
+                continue;
             if (sol.status === 'experiment') {
                 if (experimentCount >= 1)
                     continue;
@@ -451,6 +511,25 @@ async function main() {
         catch (e) {
             log.debug('plugin signal 기록 실패', e);
         }
+        // Outcome tracking (Phase 1): flush previous pending as `accept` (silence
+        // = consent), then record this round's injections as new pending. Both
+        // calls are fail-open — a tracking crash must not block injection.
+        try {
+            flushAccept(sessionId);
+        }
+        catch (e) {
+            log.debug('outcome flushAccept 실패', e);
+        }
+        try {
+            appendPending(sessionId, effectiveToInject.map((sol) => ({
+                solution: sol.name,
+                match_score: sol.relevance,
+                injected_chars: (summaries.get(sol.name) ?? sol.name).length,
+            })));
+        }
+        catch (e) {
+            log.debug('outcome appendPending 실패', e);
+        }
         console.log(approveWithContext(fullInjection, 'UserPromptSubmit'));
     }
     finally {

package/dist/mcp/solution-reader.d.ts

@@ -53,6 +53,8 @@ export interface SolutionDetail {
 }
 export interface SolutionStats {
     total: number;
+    retiredCount: number;
+    extractionPrecision: number | null;
     byStatus: Record<SolutionStatus, number>;
     byType: Record<SolutionType, number>;
     byScope: Record<'me' | 'team' | 'project' | 'universal', number>;

package/dist/mcp/solution-reader.js

@@ -18,7 +18,7 @@ import * as path from 'node:path';
 import { ME_SOLUTIONS, PACKS_DIR } from '../core/paths.js';
 import { logMatchDecision } from '../engine/match-eval-log.js';
 import { maskBlockedTokens } from '../engine/phrase-blocklist.js';
-import { expandCompoundTags, expandQueryBigrams, extractTags, parseSolutionV3, } from '../engine/solution-format.js';
+import { expandCompoundTags, expandQueryBigrams, extractTags, parseFrontmatterOnly, parseSolutionV3, } from '../engine/solution-format.js';
 import { getOrBuildIndex } from '../engine/solution-index.js';
 import { calculateRelevance, shouldRejectByR4T3Rules } from '../engine/solution-matcher.js';
 import { mutateSolutionFile } from '../engine/solution-writer.js';
@@ -257,8 +257,30 @@ export function readSolution(name, options) {
 export function getSolutionStats(options) {
     const dirs = options?.dirs ?? defaultSolutionDirs();
     const index = getOrBuildIndex(dirs);
+    // retired 카운트: 인덱스에서 제외되므로 디렉토리를 직접 스캔
+    let retiredCount = 0;
+    for (const { dir } of dirs) {
+        if (!fs.existsSync(dir))
+            continue;
+        try {
+            const files = fs.readdirSync(dir).filter((f) => f.endsWith('.md'));
+            for (const file of files) {
+                try {
+                    const content = fs.readFileSync(path.join(dir, file), 'utf-8');
+                    const fm = parseFrontmatterOnly(content);
+                    if (fm?.status === 'retired')
+                        retiredCount++;
+                }
+                catch { /* ignore */ }
+            }
+        }
+        catch { /* ignore */ }
+    }
+    // extractionPrecision: verified+mature / (total active + retired)
     const stats = {
         total: index.entries.length,
+        retiredCount,
+        extractionPrecision: null,
         // retired는 인덱스에서 제외되므로 항상 0 (solution-index.ts:73)
         byStatus: { experiment: 0, candidate: 0, verified: 0, mature: 0, retired: 0 },
         byType: {
@@ -279,5 +301,10 @@ export function getSolutionStats(options) {
         if (entry.scope in stats.byScope)
             stats.byScope[entry.scope]++;
     }
+    const highConfidence = stats.byStatus.verified + stats.byStatus.mature;
+    const denominator = index.entries.length + retiredCount;
+    if (denominator > 0) {
+        stats.extractionPrecision = Math.round((highConfidence / denominator) * 100);
+    }
     return stats;
 }

package/dist/mcp/tools.js

@@ -158,7 +158,10 @@ export function registerTools(server) {
             dirs: defaultSolutionDirs(getCwd()),
         });
         const lines = [
-            `Total solutions: ${stats.total}`,
+            `Total solutions: ${stats.total} active + ${stats.retiredCount} retired`,
+            stats.extractionPrecision !== null
+                ? `Extraction precision: ${stats.extractionPrecision}%`
+                : '',
             '',
             'By status:',
             ...Object.entries(stats.byStatus)
@@ -174,7 +177,7 @@ export function registerTools(server) {
             ...Object.entries(stats.byScope)
                 .filter(([, count]) => count > 0)
                 .map(([scope, count]) => `  ${scope}: ${count}`),
-        ];
+        ].filter((l) => l !== undefined);
         return {
             content: [{
                     type: 'text',
@@ -273,6 +276,14 @@ export function registerTools(server) {
                 target,
                 axis_hint: axis_hint,
             });
+            // Outcome tracking (Phase 1): attribute this correction to any
+            // pending injections in the session. Fail-open — attribution is a
+            // best-effort signal, never block the correction record itself.
+            try {
+                const { attributeCorrection } = await import('../engine/solution-outcomes.js');
+                attributeCorrection(effectiveSessionId);
+            }
+            catch { /* ignore */ }
             const lines = [
                 `Evidence recorded: ${result.evidence_event_id}`,
             ];

package/dist/preset/preset-manager.js

@@ -76,8 +76,18 @@ export function computeEffectiveTrust(desired, runtime) {
         };
     }
     if (runtimeRank > desiredRank) {
-        // runtime > desired → 조용히 진행, effective만 상향
-        return { effective: runtimeTrust, warning: null };
+        // runtime > desired → 에스컬레이션.
+        //
+        // Audit fix #3 (2026-04-21): 이전에는 `warning: null`로 조용히 진행했다.
+        // 사용자가 `가드레일 우선`을 선택했는데 runtime에서 `--dangerously-skip-
+        // permissions`가 주입되면 effective가 `완전 신뢰 실행`로 무경고 상승해
+        // audit 로그와 대시보드가 실제 실행 신뢰도와 어긋났다. 이제는 상승 이유를
+        // warning으로 반환해 session state에 기록하고 사용자에게 표시한다.
+        return {
+            effective: runtimeTrust,
+            warning: `Trust 상승: desired=${desired}, runtime=${runtimeTrust} (${runtime.permission_mode}) ` +
+                `— runtime 권한이 더 관대합니다. --dangerously-skip-permissions나 config가 이번 세션을 덮어썼습니다.`,
+        };
     }
     return { effective: desired, warning: null };
 }

package/dist/store/evidence-store.js

@@ -7,11 +7,11 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import * as crypto from 'node:crypto';
-import { V1_EVIDENCE_DIR } from '../core/paths.js';
+import { ME_BEHAVIOR } from '../core/paths.js';
 import { atomicWriteJSON, safeReadJSON } from '../hooks/shared/atomic-write.js';
 import { createRule, saveRule, loadActiveRules } from './rule-store.js';
 function evidencePath(evidenceId) {
-    return path.join(V1_EVIDENCE_DIR, `${evidenceId}.json`);
+    return path.join(ME_BEHAVIOR, `${evidenceId}.json`);
 }
 export function createEvidence(params) {
     return {
@@ -34,13 +34,13 @@ export function loadEvidence(evidenceId) {
     return safeReadJSON(evidencePath(evidenceId), null);
 }
 export function loadAllEvidence() {
-    if (!fs.existsSync(V1_EVIDENCE_DIR))
+    if (!fs.existsSync(ME_BEHAVIOR))
         return [];
     const items = [];
-    for (const file of fs.readdirSync(V1_EVIDENCE_DIR)) {
+    for (const file of fs.readdirSync(ME_BEHAVIOR)) {
         if (!file.endsWith('.json'))
             continue;
-        const ev = safeReadJSON(path.join(V1_EVIDENCE_DIR, file), null);
+        const ev = safeReadJSON(path.join(ME_BEHAVIOR, file), null);
         if (ev)
             items.push(ev);
     }

package/dist/store/profile-store.d.ts

@@ -7,6 +7,15 @@
 import type { Profile, QualityPack, AutonomyPack, JudgmentPack, CommunicationPack, TrustPolicy } from './types.js';
 export declare function createProfile(userId: string, qualityPack: QualityPack, autonomyPack: AutonomyPack, trustPolicy: TrustPolicy, trustSource: Profile['trust_preferences']['source'], judgmentPack?: JudgmentPack, communicationPack?: CommunicationPack): Profile;
 export declare function loadProfile(): Profile | null;
+export declare function loadProfileRaw(): unknown;
 export declare function saveProfile(profile: Profile): void;
+/**
+ * File existence probe. NOTE: this returns `true` even if the on-disk
+ * file is legacy/invalid — callers that need "valid v1 profile present"
+ * should combine this with `loadProfile() !== null`. The raw existence
+ * check is kept for bootstrap logic that explicitly differentiates
+ * "file exists but legacy" from "no file at all" (e.g. to decide
+ * whether to run `runLegacyCutover`).
+ */
 export declare function profileExists(): boolean;
 export declare function isV1Profile(data: unknown): data is Profile;

package/dist/store/profile-store.js

@@ -5,7 +5,7 @@
  * Authoritative schema: docs/plans/2026-04-03-forgen-data-model-storage-spec.md §2
  */
 import * as fs from 'node:fs';
-import { V1_PROFILE } from '../core/paths.js';
+import { FORGE_PROFILE } from '../core/paths.js';
 import { atomicWriteJSON, safeReadJSON } from '../hooks/shared/atomic-write.js';
 import { qualityCentroid, autonomyCentroid, judgmentCentroid, communicationCentroid, } from '../preset/facet-catalog.js';
 const MODEL_VERSION = '2.0';
@@ -36,14 +36,35 @@ export function createProfile(userId, qualityPack, autonomyPack, trustPolicy, tr
     };
 }
 export function loadProfile() {
-    return safeReadJSON(V1_PROFILE, null);
+    const raw = safeReadJSON(FORGE_PROFILE, null);
+    if (raw === null)
+        return null;
+    // Audit fix #6 (2026-04-21): 이전에는 disk 내용을 그대로 Profile로
+    // 타입 단언해 반환 → legacy-shaped JSON (model_version 없음 / 1.x / 잘못된 모양)
+    // 이 downstream으로 흘러들어가 facets/trust_preferences 접근 시 undefined
+    // 참조가 되었다. isV1Profile 가드를 통과한 경우에만 반환, 아니면 null로
+    // 취급하여 v1-bootstrap이 cutover 흐름을 재실행하게 한다.
+    if (!isV1Profile(raw))
+        return null;
+    return raw;
+}
+export function loadProfileRaw() {
+    return safeReadJSON(FORGE_PROFILE, null);
 }
 export function saveProfile(profile) {
     profile.metadata.updated_at = new Date().toISOString();
-    atomicWriteJSON(V1_PROFILE, profile, { pretty: true });
+    atomicWriteJSON(FORGE_PROFILE, profile, { pretty: true });
 }
+/**
+ * File existence probe. NOTE: this returns `true` even if the on-disk
+ * file is legacy/invalid — callers that need "valid v1 profile present"
+ * should combine this with `loadProfile() !== null`. The raw existence
+ * check is kept for bootstrap logic that explicitly differentiates
+ * "file exists but legacy" from "no file at all" (e.g. to decide
+ * whether to run `runLegacyCutover`).
+ */
 export function profileExists() {
-    return fs.existsSync(V1_PROFILE);
+    return fs.existsSync(FORGE_PROFILE);
 }
 export function isV1Profile(data) {
     if (!data || typeof data !== 'object')

package/dist/store/rule-store.js

@@ -7,10 +7,10 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import * as crypto from 'node:crypto';
-import { V1_RULES_DIR } from '../core/paths.js';
+import { ME_RULES } from '../core/paths.js';
 import { atomicWriteJSON, safeReadJSON } from '../hooks/shared/atomic-write.js';
 function rulePath(ruleId) {
-    return path.join(V1_RULES_DIR, `${ruleId}.json`);
+    return path.join(ME_RULES, `${ruleId}.json`);
 }
 export function createRule(params) {
     const now = new Date().toISOString();
@@ -37,13 +37,13 @@ export function loadRule(ruleId) {
     return safeReadJSON(rulePath(ruleId), null);
 }
 export function loadAllRules() {
-    if (!fs.existsSync(V1_RULES_DIR))
+    if (!fs.existsSync(ME_RULES))
         return [];
     const rules = [];
-    for (const file of fs.readdirSync(V1_RULES_DIR)) {
+    for (const file of fs.readdirSync(ME_RULES)) {
         if (!file.endsWith('.json'))
             continue;
-        const rule = safeReadJSON(path.join(V1_RULES_DIR, file), null);
+        const rule = safeReadJSON(path.join(ME_RULES, file), null);
         if (rule)
             rules.push(rule);
     }
@@ -65,13 +65,13 @@ export function updateRuleStatus(ruleId, status) {
  * 이전 세션의 임시 규칙이 새 세션에서 영향을 미치지 않도록 정리.
  */
 export function cleanupStaleSessionRules(_currentSessionId) {
-    if (!fs.existsSync(V1_RULES_DIR))
+    if (!fs.existsSync(ME_RULES))
         return 0;
     let cleaned = 0;
-    for (const file of fs.readdirSync(V1_RULES_DIR)) {
+    for (const file of fs.readdirSync(ME_RULES)) {
         if (!file.endsWith('.json'))
             continue;
-        const filePath = path.join(V1_RULES_DIR, file);
+        const filePath = path.join(ME_RULES, file);
         const rule = safeReadJSON(filePath, null);
         if (rule && rule.scope === 'session' && rule.status === 'active') {
             rule.status = 'suppressed';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wooojin/forgen",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "preferGlobal": true,
   "main": "dist/lib.js",
   "types": "./dist/lib.d.ts",

package/plugin.json

@@ -1,7 +1,7 @@
 {
   "$schema": "https://claude.ai/schemas/claude-plugin.json",
   "name": "forgen",
-  "version": "5.1.2",
+  "version": "0.3.2",
   "description": "Claude Code harness — the more you use Claude, the better it gets",
   "author": {
     "name": "jang-ujin",
@@ -10,7 +10,12 @@
   "repository": "https://github.com/wooo-jin/forgen",
   "homepage": "https://github.com/wooo-jin/forgen",
   "license": "MIT",
-  "keywords": ["claude-code", "harness", "personalization", "forge"],
+  "keywords": [
+    "claude-code",
+    "harness",
+    "personalization",
+    "forge"
+  ],
   "skills": "./skills/",
   "agents": "agents/",
   "statusLine": {