@wooojin/forgen 0.3.1 → 0.4.0

package/dist/core/spawn.js

@@ -15,21 +15,96 @@ function findClaude() {
 function findRuntimeLauncher(runtime) {
     return runtime === 'codex' ? 'codex' : findClaude();
 }
-/**
- * 가장 최근 transcript 파일을 찾는다.
- * Claude Code는 세션 대화를 ~/.claude/projects/{sanitized-cwd}/{uuid}.jsonl에 저장.
- */
-function findLatestTranscript(cwd) {
+function transcriptProjectDir(cwd) {
     // Claude Code는 cwd의 /를 -로 치환하고 선행 -를 유지
     const sanitized = cwd.replace(/\//g, '-');
-    const projectDir = path.join(os.homedir(), '.claude', 'projects', sanitized);
-    if (!fs.existsSync(projectDir))
+    return path.join(os.homedir(), '.claude', 'projects', sanitized);
+}
+/** 스냅샷용 — 세션 시작 전 존재하는 transcript basename 집합. */
+function snapshotExistingTranscripts(cwd) {
+    const dir = transcriptProjectDir(cwd);
+    if (!fs.existsSync(dir))
+        return new Set();
+    try {
+        return new Set(fs.readdirSync(dir).filter((f) => f.endsWith('.jsonl')));
+    }
+    catch {
+        return new Set();
+    }
+}
+/**
+ * 세션 시작 후 새로 생성된 transcript 파일을 고른다.
+ *
+ * Audit fix #8 (2026-04-21): 이전 findLatestTranscript는 mtime 최신 파일을
+ * 선택했기에, 같은 cwd에서 동시에 두 세션이 돌면 더 늦게 시작된 세션의
+ * transcript가 두 세션의 exit 핸들러 모두에서 선택되어 transcript
+ * attribution이 섞였다. 이제는
+ *   1) 세션 시작 시점의 "이미 존재하던" 파일 스냅샷을 preSnapshot으로 전달받고
+ *   2) exit 시점에 스냅샷에 없던 새 파일만 후보로 보고
+ *   3) mtime이 세션 시작 시각 이후인 것 중 최신을 선택한다.
+ * 여전히 후보가 여러 개이면 (rare: 훅이 추가 파일을 쓴 경우) 가장 최근 수정본
+ * 을 고르되 debug 로그를 남긴다.
+ */
+function findSessionTranscript(cwd, sessionStartMs, preSnapshot) {
+    const dir = transcriptProjectDir(cwd);
+    if (!fs.existsSync(dir))
         return null;
-    const jsonlFiles = fs.readdirSync(projectDir)
-        .filter(f => f.endsWith('.jsonl'))
-        .map(f => ({ name: f, mtime: fs.statSync(path.join(projectDir, f)).mtimeMs }))
-        .sort((a, b) => b.mtime - a.mtime);
-    return jsonlFiles.length > 0 ? path.join(projectDir, jsonlFiles[0].name) : null;
+    let candidates;
+    try {
+        candidates = fs
+            .readdirSync(dir)
+            .filter((f) => f.endsWith('.jsonl') && !preSnapshot.has(f))
+            .map((f) => {
+            try {
+                return { name: f, mtime: fs.statSync(path.join(dir, f)).mtimeMs };
+            }
+            catch {
+                return null;
+            }
+        })
+            .filter((x) => x !== null && x.mtime >= sessionStartMs);
+    }
+    catch {
+        return null;
+    }
+    if (candidates.length === 0)
+        return null;
+    candidates.sort((a, b) => b.mtime - a.mtime);
+    if (candidates.length > 1) {
+        log.debug(`multiple new transcripts after session start — picking ${candidates[0].name} ` +
+            `(others: ${candidates.slice(1).map((c) => c.name).join(', ')})`);
+    }
+    return path.join(dir, candidates[0].name);
+}
+/**
+ * 사용자 메시지 수 카운트 (streaming).
+ *
+ * Audit fix #8 (2026-04-21): 이전에는 `fs.readFileSync(transcript, 'utf-8')`로
+ * 파일 전체를 메모리에 올렸다. 수백 MB 규모 transcript에서는 heap spike가
+ * 발생했고, 카운트 외엔 내용이 필요 없으니 streaming line-by-line로 충분하다.
+ */
+async function countUserMessages(transcriptPath) {
+    const { createInterface } = await import('node:readline');
+    const stream = fs.createReadStream(transcriptPath, { encoding: 'utf-8' });
+    const rl = createInterface({ input: stream, crlfDelay: Infinity });
+    let count = 0;
+    try {
+        for await (const line of rl) {
+            if (!line)
+                continue;
+            try {
+                const t = JSON.parse(line).type;
+                if (t === 'user' || t === 'queue-operation')
+                    count++;
+            }
+            catch { /* skip malformed */ }
+        }
+    }
+    finally {
+        rl.close();
+        stream.close();
+    }
+    return count;
 }
 /**
  * 세션 종료 후 자동 compound 추출 + USER.md 업데이트.
@@ -74,8 +149,10 @@ export async function spawnClaude(args, context, runtime = 'claude') {
         !cleanArgs.includes('--dangerously-skip-permissions')) {
         cleanArgs.unshift('--dangerously-skip-permissions');
     }
-    // 세션 시작 전 timestamp 기록 (종료 후 transcript 찾기 위해)
+    // 세션 시작 전 timestamp + 기존 transcript 스냅샷 기록 (종료 후 finder 용).
+    // Audit fix #8 (2026-04-21): 스냅샷으로 동시 세션 transcript 오선택을 차단.
     const sessionStartTime = Date.now();
+    const preSnapshot = snapshotExistingTranscripts(context.cwd);
     return new Promise((resolve, reject) => {
         const child = spawn(launcher, cleanArgs, {
             stdio: 'inherit',
@@ -102,37 +179,21 @@ export async function spawnClaude(args, context, runtime = 'claude') {
             }
             // 세션 종료 후 하네스 작업
             try {
-                const transcript = findLatestTranscript(context.cwd);
+                const transcript = findSessionTranscript(context.cwd, sessionStartTime, preSnapshot);
                 if (!transcript) {
-                    log.debug('transcript 파일을 찾을 수 없음');
+                    log.debug('이 세션에서 생성된 transcript를 찾을 수 없음 (snapshot diff)');
                 }
                 else {
-                    const stat = fs.statSync(transcript);
-                    // 이 세션에서 생성/수정된 transcript만
-                    if (stat.mtimeMs <= sessionStartTime) {
-                        log.debug(`transcript mtime(${stat.mtimeMs}) <= sessionStart(${sessionStartTime}), 건너뜀`);
+                    const sessionId = path.basename(transcript, '.jsonl');
+                    // 1. FTS5 인덱싱
+                    await indexTranscriptToFTS(context.cwd, transcript, sessionId);
+                    // 2. 자동 compound (10+ user 메시지인 경우만) — streaming line count
+                    const userMsgCount = await countUserMessages(transcript);
+                    if (userMsgCount >= 10) {
+                        await runAutoCompound(context.cwd, transcript, sessionId);
                     }
                     else {
-                        const sessionId = path.basename(transcript, '.jsonl');
-                        // 1. FTS5 인덱싱
-                        await indexTranscriptToFTS(context.cwd, transcript, sessionId);
-                        // 2. 자동 compound (10+ user 메시지인 경우만)
-                        const content = fs.readFileSync(transcript, 'utf-8');
-                        const userMsgCount = content.split('\n')
-                            .filter(l => { try {
-                            const t = JSON.parse(l).type;
-                            return t === 'user' || t === 'queue-operation';
-                        }
-                        catch {
-                            return false;
-                        } })
-                            .length;
-                        if (userMsgCount >= 10) {
-                            await runAutoCompound(context.cwd, transcript, sessionId);
-                        }
-                        else {
-                            console.log(`[forgen] 세션이 짧아 auto-compound 생략 (${userMsgCount} messages)`);
-                        }
+                        console.log(`[forgen] 세션이 짧아 auto-compound 생략 (${userMsgCount} messages)`);
                     }
                 }
             }

package/dist/core/state-gc.d.ts

@@ -0,0 +1,49 @@
+export interface PruneReport {
+    scanned: number;
+    pruned: number;
+    bytesFreed: number;
+    retentionDays: number;
+    dryRun: boolean;
+    /** First 20 pruned file basenames for user confirmation */
+    sample: string[];
+}
+export interface PruneOptions {
+    retentionMs?: number;
+    dryRun?: boolean;
+    /** Override the state directory. Used by tests. */
+    stateDir?: string;
+    /** Override the outcomes directory. Used by tests. */
+    outcomesDir?: string;
+    /** Current time for deterministic tests. Defaults to Date.now(). */
+    now?: number;
+}
+/**
+ * Prune session-scoped files older than `retentionMs` from the state and
+ * outcomes directories. Defaults to a dry-run so callers must opt-in to
+ * deletion via `dryRun: false`.
+ */
+export declare function pruneState(opts?: PruneOptions): PruneReport;
+/**
+ * ADR-002 T4 — daily rule decay scanner.
+ *
+ * `~/.forgen/me/rules` 전체를 훑어 `last_inject_at < now - decay_days` 인 active rule 을
+ * retire phase 로 전이시킨다. 실제 파일 삭제가 아니라 status='removed' + phase='retired'.
+ *
+ * 호출 지점: `forgen doctor --prune-state` 또는 `forgen lifecycle-scan --apply` 그리고
+ * 별도 cron/CI scheduler 에서도 호출 가능. dryRun=true 기본.
+ */
+export declare function runDailyT4Decay(opts?: {
+    decayDays?: number;
+    dryRun?: boolean;
+    now?: number;
+}): Promise<{
+    scanned: number;
+    retired: number;
+    sample: string[];
+    dryRun: boolean;
+}>;
+/**
+ * Count session-scoped files in STATE_DIR without deleting. Used by doctor
+ * to surface a warning when the directory is bloated.
+ */
+export declare function countSessionScopedFiles(stateDir?: string): number;

package/dist/core/state-gc.js

@@ -0,0 +1,163 @@
+/**
+ * State directory garbage collector.
+ *
+ * `~/.forgen/state/` accumulates per-session files that are never cleaned
+ * up (injection-cache, active-agents, checkpoint, modified-files,
+ * outcome-pending, permissions, skill-trigger, tool-state, etc.). A field
+ * audit on 2026-04-21 found one installation with 10,802 files in a single
+ * flat directory — SessionStart hook scans linearly on each session, and
+ * `ls` / `rsync` / backup tools all pay the cost.
+ *
+ * This module scans session-scoped files by filename prefix and prunes
+ * those older than a configurable retention window (default 7 days). The
+ * jsonl aggregate logs (hook-errors.jsonl, hook-timing.jsonl,
+ * implicit-feedback.jsonl, match-eval-log.jsonl, solution-quarantine.jsonl)
+ * are left alone — they are tracked append-only and handled by #5
+ * (log rotation).
+ */
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { STATE_DIR, OUTCOMES_DIR } from './paths.js';
+/** Filename prefixes that identify session-scoped ephemeral files. */
+const SESSION_SCOPED_PREFIXES = [
+    'active-agents-',
+    'checkpoint-',
+    'injection-cache-',
+    'modified-files-',
+    'outcome-pending-',
+    'permissions-',
+    'skill-trigger-',
+    'tool-state-',
+    'reminder-',
+    'context-',
+    'last-',
+];
+const DEFAULT_RETENTION_MS = 7 * 24 * 60 * 60 * 1000;
+function hasSessionPrefix(name) {
+    return SESSION_SCOPED_PREFIXES.some((pfx) => name.startsWith(pfx));
+}
+function pruneDir(dir, cutoff, dryRun, filter) {
+    const out = { scanned: 0, pruned: 0, bytes: 0, sample: [] };
+    if (!fs.existsSync(dir))
+        return out;
+    let entries;
+    try {
+        entries = fs.readdirSync(dir);
+    }
+    catch {
+        return out;
+    }
+    for (const name of entries) {
+        if (!filter(name))
+            continue;
+        const full = path.join(dir, name);
+        let stat;
+        try {
+            stat = fs.statSync(full);
+        }
+        catch {
+            continue;
+        }
+        if (!stat.isFile())
+            continue;
+        out.scanned++;
+        if (stat.mtimeMs >= cutoff)
+            continue;
+        if (!dryRun) {
+            try {
+                fs.unlinkSync(full);
+            }
+            catch {
+                continue;
+            }
+        }
+        out.pruned++;
+        out.bytes += stat.size;
+        if (out.sample.length < 20)
+            out.sample.push(name);
+    }
+    return out;
+}
+/**
+ * Prune session-scoped files older than `retentionMs` from the state and
+ * outcomes directories. Defaults to a dry-run so callers must opt-in to
+ * deletion via `dryRun: false`.
+ */
+export function pruneState(opts = {}) {
+    const retentionMs = opts.retentionMs ?? DEFAULT_RETENTION_MS;
+    const dryRun = opts.dryRun ?? true;
+    const stateDir = opts.stateDir ?? STATE_DIR;
+    const outcomesDir = opts.outcomesDir ?? OUTCOMES_DIR;
+    const now = opts.now ?? Date.now();
+    const cutoff = now - retentionMs;
+    const state = pruneDir(stateDir, cutoff, dryRun, hasSessionPrefix);
+    // outcomes/*.jsonl: one file per session, session-scoped by design.
+    // These compound over time exactly like state session files.
+    const outcomes = pruneDir(outcomesDir, cutoff, dryRun, (n) => n.endsWith('.jsonl'));
+    // ADR-002 block-count directory — session-scoped per rule. F-M block-count GC.
+    const blockCountDir = path.join(stateDir, 'enforcement', 'block-count');
+    const blockCounters = pruneDir(blockCountDir, cutoff, dryRun, (n) => n.endsWith('.json'));
+    return {
+        scanned: state.scanned + outcomes.scanned + blockCounters.scanned,
+        pruned: state.pruned + outcomes.pruned + blockCounters.pruned,
+        bytesFreed: state.bytes + outcomes.bytes + blockCounters.bytes,
+        retentionDays: Math.round(retentionMs / (24 * 60 * 60 * 1000)),
+        dryRun,
+        sample: [...state.sample, ...outcomes.sample, ...blockCounters.sample].slice(0, 20),
+    };
+}
+/**
+ * ADR-002 T4 — daily rule decay scanner.
+ *
+ * `~/.forgen/me/rules` 전체를 훑어 `last_inject_at < now - decay_days` 인 active rule 을
+ * retire phase 로 전이시킨다. 실제 파일 삭제가 아니라 status='removed' + phase='retired'.
+ *
+ * 호출 지점: `forgen doctor --prune-state` 또는 `forgen lifecycle-scan --apply` 그리고
+ * 별도 cron/CI scheduler 에서도 호출 가능. dryRun=true 기본.
+ */
+export async function runDailyT4Decay(opts = {}) {
+    const decayDays = opts.decayDays ?? 90;
+    const dryRun = opts.dryRun ?? true;
+    const now = opts.now ?? Date.now();
+    try {
+        const [{ loadAllRules, saveRule }, { detect: detectT4 }, { collectAllSignals }, { appendLifecycleEvents }, { foldEvents }] = await Promise.all([
+            import('../store/rule-store.js'),
+            import('../engine/lifecycle/trigger-t4-decay.js'),
+            import('../engine/lifecycle/signals.js'),
+            import('../engine/lifecycle/meta-reclassifier.js'),
+            import('../engine/lifecycle/orchestrator.js'),
+        ]);
+        const rules = loadAllRules();
+        const signals = collectAllSignals(rules, { now });
+        const events = detectT4({ rules, signals, decay_days: decayDays, ts: now });
+        const report = { scanned: rules.length, retired: events.length, sample: events.map((e) => e.rule_id.slice(0, 8)), dryRun };
+        if (!dryRun && events.length > 0) {
+            const folded = foldEvents(rules, events, now);
+            for (const [id, updated] of folded.entries()) {
+                const original = rules.find((r) => r.rule_id === id);
+                if (!original || updated === original)
+                    continue;
+                saveRule(updated);
+            }
+            appendLifecycleEvents(events, now);
+        }
+        return report;
+    }
+    catch {
+        return { scanned: 0, retired: 0, sample: [], dryRun };
+    }
+}
+/**
+ * Count session-scoped files in STATE_DIR without deleting. Used by doctor
+ * to surface a warning when the directory is bloated.
+ */
+export function countSessionScopedFiles(stateDir = STATE_DIR) {
+    if (!fs.existsSync(stateDir))
+        return 0;
+    try {
+        return fs.readdirSync(stateDir).filter(hasSessionPrefix).length;
+    }
+    catch {
+        return 0;
+    }
+}

package/dist/core/stats-cli.d.ts

@@ -0,0 +1,15 @@
+export interface StatsSnapshot {
+    activeRules: number;
+    suppressedRules: number;
+    correctionsTotal: number;
+    corrections7d: number;
+    blocks7d: number;
+    acks7d: number;
+    bypass7d: number;
+    drift7d: number;
+    retired7d: number;
+    lastExtraction: string;
+}
+export declare function computeStats(): StatsSnapshot;
+export declare function renderStats(s: StatsSnapshot): string;
+export declare function handleStats(_args: string[]): Promise<void>;

package/dist/core/stats-cli.js

@@ -0,0 +1,143 @@
+/**
+ * R9-PA1: `forgen stats` — 7-number single-screen dashboard.
+ *
+ * Pure aggregation over existing jsonl sources. No new telemetry; surfaces
+ * what forgen is *already* learning so users can verify the trust layer is
+ * working between Claude sessions.
+ */
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { loadAllRules } from '../store/rule-store.js';
+import { loadRecentEvidence } from '../store/evidence-store.js';
+const ENFORCEMENT_DIR = path.join(os.homedir(), '.forgen', 'state', 'enforcement');
+const LIFECYCLE_DIR = path.join(os.homedir(), '.forgen', 'state', 'lifecycle');
+const STATE_DIR = path.join(os.homedir(), '.forgen', 'state');
+const MS_PER_DAY = 24 * 60 * 60 * 1000;
+function readJsonl(p) {
+    if (!fs.existsSync(p))
+        return [];
+    const out = [];
+    for (const line of fs.readFileSync(p, 'utf-8').split('\n')) {
+        if (!line.trim())
+            continue;
+        try {
+            out.push(JSON.parse(line));
+        }
+        catch { /* skip malformed */ }
+    }
+    return out;
+}
+function countWithin(entries, days, tsKey = 'at') {
+    const cutoff = Date.now() - days * MS_PER_DAY;
+    let n = 0;
+    for (const e of entries) {
+        const raw = e[tsKey];
+        if (typeof raw !== 'string')
+            continue;
+        const t = Date.parse(raw);
+        if (Number.isFinite(t) && t >= cutoff)
+            n += 1;
+    }
+    return n;
+}
+function readLifecycleRetired(days) {
+    if (!fs.existsSync(LIFECYCLE_DIR))
+        return 0;
+    const cutoff = Date.now() - days * MS_PER_DAY;
+    let n = 0;
+    for (const f of fs.readdirSync(LIFECYCLE_DIR)) {
+        if (!f.endsWith('.jsonl'))
+            continue;
+        for (const entry of readJsonl(path.join(LIFECYCLE_DIR, f))) {
+            const action = entry.suggested_action;
+            const ts = typeof entry.ts === 'number' ? entry.ts : Date.parse(String(entry.ts ?? ''));
+            if (!Number.isFinite(ts) || ts < cutoff)
+                continue;
+            if (action === 'retire' || action === 'supersede')
+                n += 1;
+        }
+    }
+    return n;
+}
+function readLastExtraction() {
+    const p = path.join(STATE_DIR, 'last-extraction.json');
+    if (!fs.existsSync(p))
+        return 'never';
+    try {
+        const data = JSON.parse(fs.readFileSync(p, 'utf-8'));
+        const ts = data.timestamp ?? data.date;
+        if (!ts)
+            return 'never';
+        const diffDays = Math.floor((Date.now() - Date.parse(ts)) / MS_PER_DAY);
+        const dateStr = new Date(ts).toISOString().slice(0, 10);
+        if (diffDays === 0)
+            return `${dateStr} (today)`;
+        if (diffDays === 1)
+            return `${dateStr} (yesterday)`;
+        return `${dateStr} (${diffDays}d ago)`;
+    }
+    catch {
+        return 'unknown';
+    }
+}
+export function computeStats() {
+    const rules = loadAllRules();
+    const activeRules = rules.filter((r) => r.status === 'active').length;
+    const suppressedRules = rules.filter((r) => r.status === 'suppressed').length;
+    const evidence = loadRecentEvidence(500);
+    const corrections = evidence.filter((e) => e.type === 'explicit_correction');
+    const correctionsTotal = corrections.length;
+    const cutoff7d = Date.now() - 7 * MS_PER_DAY;
+    const corrections7d = corrections.filter((e) => Date.parse(e.timestamp) >= cutoff7d).length;
+    const violations = readJsonl(path.join(ENFORCEMENT_DIR, 'violations.jsonl'));
+    const bypass = readJsonl(path.join(ENFORCEMENT_DIR, 'bypass.jsonl'));
+    const drift = readJsonl(path.join(ENFORCEMENT_DIR, 'drift.jsonl'));
+    const acks = readJsonl(path.join(ENFORCEMENT_DIR, 'acknowledgments.jsonl'));
+    // R9-PA2: violations 는 'block' (stop-guard/post-tool) + 'deny' (pre-tool Mech-A)
+    // + 'correction' (user bypass audit) 혼재. 사용자 관점에서 "Block" 은 앞의 2종이며
+    // correction 은 제외해야 ack ratio 가 의미를 갖는다. legacy-undefined 엔트리도 포함.
+    const realBlocks = violations.filter((e) => e.kind === 'block' || e.kind === 'deny' || e.kind === undefined);
+    return {
+        activeRules,
+        suppressedRules,
+        correctionsTotal,
+        corrections7d,
+        blocks7d: countWithin(realBlocks, 7),
+        acks7d: countWithin(acks, 7),
+        bypass7d: countWithin(bypass, 7),
+        drift7d: countWithin(drift, 7),
+        retired7d: readLifecycleRetired(7),
+        lastExtraction: readLastExtraction(),
+    };
+}
+function padNum(n, width = 4) {
+    return String(n).padStart(width);
+}
+export function renderStats(s) {
+    const lines = [];
+    lines.push('');
+    lines.push('  forgen — trust layer status');
+    lines.push('  ───────────────────────────');
+    lines.push(`  Active rules          ${padNum(s.activeRules)}    (${s.suppressedRules} suppressed)`);
+    lines.push(`  Corrections (total)   ${padNum(s.correctionsTotal)}    (+${s.corrections7d} last 7d)`);
+    lines.push('');
+    lines.push('  Last 7 days');
+    // R9-PA2: ack rate = block→retract→pass 루프가 실제 작동한 비율.
+    const ackRateLabel = s.blocks7d > 0
+        ? `(${Math.round((s.acks7d / s.blocks7d) * 100)}% acknowledged)`
+        : '';
+    lines.push(`    Blocks              ${padNum(s.blocks7d)}    — times Claude was asked to retract ${ackRateLabel}`);
+    lines.push(`    Acknowledgments     ${padNum(s.acks7d)}    — block → retract → pass loops`);
+    lines.push(`    Bypass              ${padNum(s.bypass7d)}    — user overrides`);
+    lines.push(`    Drift events        ${padNum(s.drift7d)}    — stuck-loop force-approves`);
+    lines.push(`    Retired rules       ${padNum(s.retired7d)}    — superseded or timed out`);
+    lines.push('');
+    lines.push(`  Last extraction: ${s.lastExtraction}`);
+    lines.push('');
+    return lines.join('\n');
+}
+export async function handleStats(_args) {
+    const snap = computeStats();
+    console.log(renderStats(snap));
+}

package/dist/core/uninstall.d.ts

@@ -1,4 +1,5 @@
 /** forgen uninstall 메인 */
 export declare function handleUninstall(cwd: string, options: {
     force?: boolean;
+    purge?: boolean;
 }): Promise<void>;

package/dist/core/uninstall.js

@@ -118,11 +118,13 @@ function cleanSettings() {
         console.error('[forgen] Failed to parse settings.json — skipping.');
         return;
     }
-    // env에서 COMPOUND_ 접두어 키 제거
+    // Audit fix #7 (2026-04-21): env 정리가 `COMPOUND_` 접두어만 검사해서
+    // install이 주입한 `FORGEN_*` 키(예: FORGEN_HARNESS, FORGEN_CWD)가
+    // uninstall 후에도 settings.json에 영구 잔존했다. 이제 둘 다 정리.
     const env = settings.env;
     if (env) {
         for (const key of Object.keys(env)) {
-            if (key.startsWith('COMPOUND_'))
+            if (key.startsWith('COMPOUND_') || key.startsWith('FORGEN_'))
                 delete env[key];
         }
         if (Object.keys(env).length === 0) {
@@ -162,9 +164,15 @@ function cleanSettings() {
             delete settings.hooks;
         }
     }
-    // statusLine이 forgen status면 제거
+    // statusLine이 forgen이 설치한 command 중 하나면 제거.
+    //
+    // Audit fix #7 (2026-04-21): 이전 체크는 `'forgen status'`만 인식했지만
+    // 실제 install은 `settings-injector.ts:59`에서 `'forgen me'`를 주입한다.
+    // command 문자열이 `forgen`으로 시작하는 경우를 모두 forgen 소유로 보고
+    // 제거 — 사용자 커스텀 statusLine(예: `custom-cli ...`)은 건드리지 않음.
     const statusLine = settings.statusLine;
-    if (statusLine?.command === 'forgen status') {
+    if (typeof statusLine?.command === 'string' &&
+        /^forgen(\s|$)/.test(statusLine.command.trim())) {
         delete settings.statusLine;
     }
     // enabledPlugins에서 forgen@forgen-local 제거
@@ -283,8 +291,16 @@ export async function handleUninstall(cwd, options) {
     console.log('  4. Remove forgen block from CLAUDE.md');
     console.log('  5. Remove slash commands (~/.claude/commands/forgen/)');
     console.log('  6. Remove plugin artifacts (cache, installed_plugins.json, plugin directory)');
+    if (options.purge) {
+        console.log('  7. --purge: Delete ~/.forgen/ entirely (rules, me/, state/, solutions/, behavior/)');
+        console.log('     WARNING: this erases all accumulated corrections, rules, drift, and lifecycle history.');
+    }
+    else {
+        console.log('');
+        console.log('Note: ~/.forgen/ directory is preserved. Use --purge to also delete it.');
+        console.log('      (manual: rm -rf ~/.forgen)');
+    }
     console.log('');
-    console.log('Note: ~/.forgen/ directory is preserved (manual deletion: rm -rf ~/.forgen)\n');
     if (!options.force) {
         if (!process.stdin.isTTY) {
             console.error('[forgen] Use --force flag in non-interactive environments.');
@@ -303,5 +319,20 @@ export async function handleUninstall(cwd, options) {
     cleanClaudeMd(cwd);
     cleanSlashCommands();
     cleanPluginArtifacts();
+    if (options.purge) {
+        try {
+            const forgenHome = path.join(os.homedir(), '.forgen');
+            if (fs.existsSync(forgenHome)) {
+                fs.rmSync(forgenHome, { recursive: true, force: true });
+                console.log('  ✓ Deleted ~/.forgen/ (all rules, state, solutions, behavior)');
+            }
+            else {
+                console.log('  ✓ ~/.forgen/ already absent');
+            }
+        }
+        catch (e) {
+            console.log(`  ✗ ~/.forgen/ deletion failed: ${e.message}`);
+        }
+    }
     console.log('\n[forgen] Uninstall complete. Restart Claude Code for a clean state.\n');
 }

package/dist/core/v1-bootstrap.js

@@ -15,11 +15,11 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import * as crypto from 'node:crypto';
-import { FORGEN_HOME, V1_ME_DIR, V1_RULES_DIR, V1_EVIDENCE_DIR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_STATE_DIR, V1_RAW_LOGS_DIR, V1_SOLUTIONS_DIR } from './paths.js';
+import { FORGEN_HOME, ME_DIR, ME_RULES, ME_BEHAVIOR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, STATE_DIR, V1_RAW_LOGS_DIR, ME_SOLUTIONS } from './paths.js';
 import { checkLegacyProfile, runLegacyCutover } from './legacy-detector.js';
 import { detectRuntimeCapability } from './runtime-detector.js';
 import { loadProfile, profileExists } from '../store/profile-store.js';
-import { loadActiveRules, cleanupStaleSessionRules } from '../store/rule-store.js';
+import { loadActiveRules, cleanupStaleSessionRules, markRulesInjected } from '../store/rule-store.js';
 import { composeSession } from '../preset/preset-manager.js';
 import { renderRules, DEFAULT_CONTEXT } from '../renderer/rule-renderer.js';
 import { saveSessionState, loadRecentSessions } from '../store/session-state-store.js';
@@ -27,7 +27,7 @@ import { loadEvidenceBySession } from '../store/evidence-store.js';
 import { computeSessionSignals, detectMismatch } from '../forge/mismatch-detector.js';
 import { createRecommendation, saveRecommendation } from '../store/recommendation-store.js';
 // ── Directory Initialization ──
-const V1_DIRS = [FORGEN_HOME, V1_ME_DIR, V1_RULES_DIR, V1_EVIDENCE_DIR, V1_RECOMMENDATIONS_DIR, V1_STATE_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, V1_SOLUTIONS_DIR];
+const V1_DIRS = [FORGEN_HOME, ME_DIR, ME_RULES, ME_BEHAVIOR, V1_RECOMMENDATIONS_DIR, STATE_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, ME_SOLUTIONS];
 export function ensureV1Directories() {
     for (const dir of V1_DIRS) {
         fs.mkdirSync(dir, { recursive: true });
@@ -82,6 +82,14 @@ export function bootstrapV1Session() {
     // 6. Rule 렌더링
     const allRules = [...personalRules];
     const renderedRules = renderRules(allRules, session, profile, DEFAULT_CONTEXT);
+    // 6b. Inject tracking (ADR-002 Meta signal) — rendered rules count as injected.
+    // Fail-open: tracking failure must not block bootstrap.
+    try {
+        const injected = allRules.filter((r) => r.status === 'active').map((r) => r.rule_id);
+        if (injected.length > 0)
+            markRulesInjected(injected);
+    }
+    catch { /* ignore */ }
     // 7. Mismatch 감지 (최근 3세션 rolling)
     let mismatchResult = null;
     try {

package/dist/engine/classify-enforce-cli.d.ts

@@ -0,0 +1,8 @@
+/**
+ * CLI handler for `forgen classify-enforce [--apply] [--force]`.
+ *
+ * 기본: dry-run — 각 rule 의 제안만 출력. 변경 없음.
+ * --apply: 제안을 rule 파일에 저장 (enforce_via 미설정 rule 만).
+ * --force: enforce_via 가 이미 있어도 덮어쓴다.
+ */
+export declare function handleClassifyEnforce(args: string[]): Promise<void>;