@wooojin/forgen 0.3.1 → 0.4.0

package/dist/engine/classify-enforce-cli.js

@@ -0,0 +1,61 @@
+/**
+ * CLI handler for `forgen classify-enforce [--apply] [--force]`.
+ *
+ * 기본: dry-run — 각 rule 의 제안만 출력. 변경 없음.
+ * --apply: 제안을 rule 파일에 저장 (enforce_via 미설정 rule 만).
+ * --force: enforce_via 가 이미 있어도 덮어쓴다.
+ */
+import { loadAllRules, saveRule } from '../store/rule-store.js';
+import { classifyAll, applyProposal } from './enforce-classifier.js';
+export async function handleClassifyEnforce(args) {
+    const apply = args.includes('--apply');
+    const force = args.includes('--force');
+    const rules = loadAllRules();
+    if (rules.length === 0) {
+        console.log('\n  No rules in ~/.forgen/me/rules. Nothing to classify.\n');
+        return;
+    }
+    const proposals = classifyAll(rules);
+    let saved = 0;
+    let skipped = 0;
+    let alreadySet = 0;
+    console.log(`\n  Enforce Classifier — ${rules.length} rule(s) scanned\n`);
+    for (let i = 0; i < proposals.length; i++) {
+        const p = proposals[i];
+        const rule = rules[i];
+        const marker = p.current_enforce_via ? '↻' : '+';
+        console.log(`  ${marker} ${p.rule_id.slice(0, 8)}  "${p.trigger_preview}"`);
+        console.log(`     strength=${rule.strength}  status=${rule.status}`);
+        for (const spec of p.proposed) {
+            const vparts = [spec.verifier?.kind ?? 'none'];
+            if (spec.drift_key)
+                vparts.push(`drift_key=${spec.drift_key}`);
+            console.log(`     → Mech-${spec.mech} @ ${spec.hook}  verifier=${vparts.join(' ')}`);
+        }
+        for (const reason of p.reasoning) {
+            console.log(`       · ${reason}`);
+        }
+        if (apply) {
+            if (p.current_enforce_via && p.current_enforce_via.length > 0 && !force) {
+                alreadySet += 1;
+                console.log('       (skipped — enforce_via already set; use --force to overwrite)');
+            }
+            else {
+                const updated = applyProposal(rule, p, { force });
+                saveRule(updated);
+                saved += 1;
+                console.log('       (saved)');
+            }
+        }
+        else {
+            skipped += 1;
+        }
+        console.log('');
+    }
+    if (apply) {
+        console.log(`  Summary: saved=${saved}  already-set=${alreadySet}  total=${rules.length}\n`);
+    }
+    else {
+        console.log(`  Summary: ${skipped} proposal(s) previewed.  Run with --apply to save.\n`);
+    }
+}

package/dist/engine/compound-cli.d.ts

@@ -20,5 +20,30 @@ export declare function removeSolution(name: string): void;
 export declare function cleanStaleSolutions(): void;
 /** Retag all solutions using improved extractTags */
 export declare function retagSolutions(): void;
-/** Rollback auto-extracted solutions since a given date */
-export declare function rollbackSolutions(sinceDate: string): void;
+/** Result of a rollback operation — used by tests and callers that need counts. */
+export interface RollbackCliResult {
+    archived: string[];
+    archiveDir: string | null;
+    skipped: string[];
+    errors: string[];
+    dryRun: boolean;
+}
+/**
+ * Rollback auto-extracted solutions created since a given date.
+ *
+ * Invariant (2026-04-20, feedback_core_loop_invariant):
+ *   rollback은 **archive 이동**만 수행한다. `fs.unlinkSync`로 솔루션 파일을
+ *   영구 삭제하지 않는다. 실수로 rollback을 실행해도 `~/.forgen/lab/archived/
+ *   rollback-{ts}/`에서 복구할 수 있어야 한다. (과거 `unlinkSync` 경로는
+ *   time-bounded rollback이 "되돌리기 불가 영구 삭제"로 동작하던 버그였다.)
+ *
+ * 필터 기준:
+ *   - category === 'solution'만 대상 (rule은 제외)
+ *   - reflected > 0 OR sessions > 0인 것은 유지 (사용된 솔루션 보호)
+ *   - created >= since 인 것만 대상
+ *
+ * dryRun=true면 아무 파일도 건드리지 않고 대상 목록만 반환.
+ */
+export declare function rollbackSolutions(sinceDate: string, opts?: {
+    dryRun?: boolean;
+}): RollbackCliResult;

package/dist/engine/compound-cli.js

@@ -2,7 +2,7 @@ import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { extractTags, parseFrontmatterOnly, parseSolutionV3 } from './solution-format.js';
 import { mutateSolutionFile } from './solution-writer.js';
-import { ME_SOLUTIONS, ME_RULES } from '../core/paths.js';
+import { ARCHIVED_DIR, ME_SOLUTIONS, ME_RULES } from '../core/paths.js';
 /** Scan saved compound entries and return summaries */
 function scanEntries() {
     const summaries = [];
@@ -78,7 +78,17 @@ export function listSolutions() {
             console.log(`      ${entry.name} [${entry.category}]  (${entry.confidence.toFixed(2)})  ${evStr}  [${entry.tags.slice(0, 3).join(', ')}]`);
         }
     }
-    console.log(`\n  Total: ${total} entries\n`);
+    // retired 카운트: scanEntries는 모든 상태를 포함하므로 직접 계산
+    const retiredCount = entries.filter(e => e.status === 'retired').length;
+    const activeCount = total - retiredCount;
+    const highConfidence = entries.filter(e => e.status === 'verified' || e.status === 'mature').length;
+    const denominator = total;
+    const precision = denominator > 0 ? Math.round((highConfidence / denominator) * 100) : null;
+    console.log(`\n  Total: ${activeCount} active + ${retiredCount} retired`);
+    if (precision !== null) {
+        console.log(`  Extraction precision: ${precision}%`);
+    }
+    console.log();
 }
 /** Inspect a single saved entry in detail */
 export function inspectSolution(name) {
@@ -218,33 +228,76 @@ export function retagSolutions() {
     }
     console.log(`\n  Retagged ${retagged}/${entries.length} solutions.\n`);
 }
-/** Rollback auto-extracted solutions since a given date */
-export function rollbackSolutions(sinceDate) {
+/**
+ * Rollback auto-extracted solutions created since a given date.
+ *
+ * Invariant (2026-04-20, feedback_core_loop_invariant):
+ *   rollback은 **archive 이동**만 수행한다. `fs.unlinkSync`로 솔루션 파일을
+ *   영구 삭제하지 않는다. 실수로 rollback을 실행해도 `~/.forgen/lab/archived/
+ *   rollback-{ts}/`에서 복구할 수 있어야 한다. (과거 `unlinkSync` 경로는
+ *   time-bounded rollback이 "되돌리기 불가 영구 삭제"로 동작하던 버그였다.)
+ *
+ * 필터 기준:
+ *   - category === 'solution'만 대상 (rule은 제외)
+ *   - reflected > 0 OR sessions > 0인 것은 유지 (사용된 솔루션 보호)
+ *   - created >= since 인 것만 대상
+ *
+ * dryRun=true면 아무 파일도 건드리지 않고 대상 목록만 반환.
+ */
+export function rollbackSolutions(sinceDate, opts = {}) {
+    const result = {
+        archived: [],
+        archiveDir: null,
+        skipped: [],
+        errors: [],
+        dryRun: !!opts.dryRun,
+    };
     const since = new Date(sinceDate);
     if (Number.isNaN(since.getTime())) {
         console.log(`\n  Invalid date: ${sinceDate}\n`);
-        return;
+        result.errors.push(`invalid-date:${sinceDate}`);
+        return result;
     }
     const solutions = scanEntries().filter((entry) => entry.category === 'solution');
-    const toRemove = solutions.filter((solution) => {
+    const toRollback = solutions.filter((solution) => {
         if (solution.evidence.reflected > 0 || solution.evidence.sessions > 0)
-            return false; // keep used ones
+            return false;
         const created = new Date(solution.created);
         return created >= since;
     });
-    if (toRemove.length === 0) {
+    if (toRollback.length === 0) {
         console.log(`\n  No solutions to rollback since ${sinceDate}.\n`);
-        return;
+        return result;
     }
-    console.log(`\n  Rolling back ${toRemove.length} solutions since ${sinceDate}:\n`);
-    for (const sol of toRemove) {
+    if (opts.dryRun) {
+        console.log(`\n  [dry-run] ${toRollback.length} solutions would be archived since ${sinceDate}:\n`);
+        for (const sol of toRollback) {
+            console.log(`    Would archive: ${sol.name}`);
+            result.skipped.push(sol.filePath);
+        }
+        console.log(`\n  Re-run without --dry-run to archive them.\n`);
+        return result;
+    }
+    const archiveDir = path.join(ARCHIVED_DIR, `rollback-${Date.now()}`);
+    result.archiveDir = archiveDir;
+    console.log(`\n  Rolling back ${toRollback.length} solutions since ${sinceDate} → ${archiveDir}:\n`);
+    for (const sol of toRollback) {
         try {
-            fs.unlinkSync(sol.filePath);
-            console.log(`    Removed: ${sol.name}`);
+            fs.mkdirSync(archiveDir, { recursive: true });
+            // 원본 경로 정보를 destName에 보존 — 복원 시 원위치 판별용.
+            // 예: "solutions__my-pattern.md"
+            const originDir = path.basename(path.dirname(sol.filePath));
+            const destName = `${originDir}__${path.basename(sol.filePath)}`;
+            fs.renameSync(sol.filePath, path.join(archiveDir, destName));
+            console.log(`    Archived: ${sol.name}`);
+            result.archived.push(sol.filePath);
         }
-        catch {
-            console.log(`    Failed: ${sol.name}`);
+        catch (e) {
+            const msg = e instanceof Error ? e.message : String(e);
+            console.log(`    Failed: ${sol.name} — ${msg}`);
+            result.errors.push(`${sol.filePath}: ${msg}`);
         }
     }
-    console.log();
+    console.log(`\n  ${result.archived.length}/${toRollback.length} archived. Restore from ${archiveDir} if needed.\n`);
+    return result;
 }

package/dist/engine/compound-export.d.ts

@@ -7,6 +7,21 @@
  * Export creates a tar.gz archive; Import extracts it while skipping existing
  * files to prevent accidental overwrites.
  */
+/**
+ * Test-friendly containment check (exported for unit tests).
+ *
+ * Audit fix (2026-04-21, follow-up #A): prior guard
+ * `realDest.startsWith(ME_DIR)` was a naive prefix match. A path like
+ * `/home/u/.forgen/me-evil/x.md` starts with `/home/u/.forgen/me` and
+ * bypassed the check — even though it's a sibling, not a child, of
+ * ME_DIR. Fix: compare with `parent + path.sep` so `/home/u/.forgen/me/`
+ * cannot prefix-match `/home/u/.forgen/me-evil/...`.
+ *
+ * @param parentWithSep absolute canonical parent path that INCLUDES a
+ *   trailing `path.sep` (precomputed by caller once per archive).
+ * @param candidate any path string (will be resolved lexically).
+ */
+export declare function isPathInside(parentWithSep: string, candidate: string): boolean;
 export interface ExportResult {
     outputPath: string;
     counts: Record<string, number>;

package/dist/engine/compound-export.js

@@ -14,6 +14,24 @@ import { execFileSync } from 'node:child_process';
 import { ME_DIR } from '../core/paths.js';
 /** Directories within ME_DIR to include in the archive. */
 const KNOWLEDGE_DIRS = ['solutions', 'rules', 'behavior'];
+/**
+ * Test-friendly containment check (exported for unit tests).
+ *
+ * Audit fix (2026-04-21, follow-up #A): prior guard
+ * `realDest.startsWith(ME_DIR)` was a naive prefix match. A path like
+ * `/home/u/.forgen/me-evil/x.md` starts with `/home/u/.forgen/me` and
+ * bypassed the check — even though it's a sibling, not a child, of
+ * ME_DIR. Fix: compare with `parent + path.sep` so `/home/u/.forgen/me/`
+ * cannot prefix-match `/home/u/.forgen/me-evil/...`.
+ *
+ * @param parentWithSep absolute canonical parent path that INCLUDES a
+ *   trailing `path.sep` (precomputed by caller once per archive).
+ * @param candidate any path string (will be resolved lexically).
+ */
+export function isPathInside(parentWithSep, candidate) {
+    const resolved = path.resolve(candidate) + path.sep;
+    return resolved.startsWith(parentWithSep) && resolved !== parentWithSep;
+}
 /**
  * Count .md files in a directory (non-recursive).
  * Returns 0 if the directory does not exist.
@@ -92,12 +110,21 @@ export function importKnowledge(archivePath) {
             stdio: ['pipe', 'pipe', 'pipe'],
         });
         const result = { imported: 0, skipped: 0, details: [] };
+        // Audit fix (2026-04-21, follow-up #A): prior check
+        // `realDest.startsWith(ME_DIR)` was a broken prefix guard. An archive
+        // entry `../me-evil/payload.md` resolves to a sibling directory path
+        // that still startsWith ME_DIR (prefix collision) and bypasses the
+        // check. Fix: compare lexically resolved paths with an explicit
+        // `path.sep` suffix so `.../me-evil` can never masquerade as
+        // `.../me/...`. Both source and destination are validated — a
+        // malformed archive must neither read from outside tmpDir nor write
+        // outside ME_DIR.
+        const meDirCanon = path.resolve(ME_DIR) + path.sep;
+        const tmpDirCanon = path.resolve(tmpDir) + path.sep;
         for (const relFile of archiveFiles) {
-            const srcPath = path.join(tmpDir, relFile);
-            const destPath = path.join(ME_DIR, relFile);
-            // Security: ensure the dest path stays within ME_DIR
-            const realDest = path.resolve(destPath);
-            if (!realDest.startsWith(ME_DIR)) {
+            const srcPath = path.resolve(path.join(tmpDir, relFile));
+            const destPath = path.resolve(path.join(ME_DIR, relFile));
+            if (!isPathInside(meDirCanon, destPath) || !isPathInside(tmpDirCanon, srcPath)) {
                 result.skipped++;
                 result.details.push({ file: relFile, action: 'skipped' });
                 continue;

package/dist/engine/compound-loop.js

@@ -324,11 +324,12 @@ export async function handleCompound(args) {
         const sinceIdx = args.indexOf('--since');
         const since = sinceIdx !== -1 ? args[sinceIdx + 1] : undefined;
         if (!since) {
-            console.log('  Usage: forgen compound rollback --since 2026-03-20\n');
+            console.log('  Usage: forgen compound rollback --since YYYY-MM-DD [--dry-run]\n');
             return;
         }
+        const dryRun = args.includes('--dry-run');
         const { rollbackSolutions } = await import('./compound-cli.js');
-        rollbackSolutions(since);
+        rollbackSolutions(since, { dryRun });
         return;
     }
     // --- explicit interactive command ---

package/dist/engine/enforce-classifier.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Forgen — Enforce Classifier (ADR-001 §Migration)
+ *
+ * 기존 Rule 에 `enforce_via: EnforceSpec[]` 이 없을 때, trigger/policy 자연어
+ * 패턴과 strength 조합으로 mech(A/B/C) 와 hook 을 자동 제안한다.
+ *
+ * 휴리스틱 (ADR-001 §Migration heuristics):
+ *   - trigger/policy 에 `rm|force|DROP|credentials|\.env` → Mech-A PreToolUse + tool_arg_regex
+ *   - trigger/policy 에 `완료|complete|done|e2e|mock|verify` → Mech-A Stop + artifact_check
+ *   - strength ∈ {strong, hard} + 문체/응답 맥락 → Mech-B UserPromptSubmit + self_check_prompt
+ *   - 그 외 soft/default → Mech-C (drift 측정)
+ *
+ * 설계 원칙:
+ *   - pure: classify(rule) 는 부수효과 없음. CLI 에서만 save 가 발생.
+ *   - 미리 존재하는 enforce_via 는 덮어쓰지 않음 (`force=false` 기본).
+ *   - 신규 제안은 reason 주석(문자열) 과 함께 반환해 사용자 리뷰 가능.
+ */
+import type { Rule, EnforceSpec } from '../store/types.js';
+export interface EnforceProposal {
+    rule_id: string;
+    trigger_preview: string;
+    current_enforce_via: EnforceSpec[] | null;
+    proposed: EnforceSpec[];
+    reasoning: string[];
+}
+export declare function classify(rule: Rule): EnforceProposal;
+export declare function classifyAll(rules: Rule[]): EnforceProposal[];
+/** 제안을 적용해 새 Rule 을 반환 (pure). 이미 enforce_via 가 있으면 force=false 에서 건너뜀. */
+export declare function applyProposal(rule: Rule, proposal: EnforceProposal, options?: {
+    force?: boolean;
+}): Rule;

package/dist/engine/enforce-classifier.js

@@ -0,0 +1,123 @@
+/**
+ * Forgen — Enforce Classifier (ADR-001 §Migration)
+ *
+ * 기존 Rule 에 `enforce_via: EnforceSpec[]` 이 없을 때, trigger/policy 자연어
+ * 패턴과 strength 조합으로 mech(A/B/C) 와 hook 을 자동 제안한다.
+ *
+ * 휴리스틱 (ADR-001 §Migration heuristics):
+ *   - trigger/policy 에 `rm|force|DROP|credentials|\.env` → Mech-A PreToolUse + tool_arg_regex
+ *   - trigger/policy 에 `완료|complete|done|e2e|mock|verify` → Mech-A Stop + artifact_check
+ *   - strength ∈ {strong, hard} + 문체/응답 맥락 → Mech-B UserPromptSubmit + self_check_prompt
+ *   - 그 외 soft/default → Mech-C (drift 측정)
+ *
+ * 설계 원칙:
+ *   - pure: classify(rule) 는 부수효과 없음. CLI 에서만 save 가 발생.
+ *   - 미리 존재하는 enforce_via 는 덮어쓰지 않음 (`force=false` 기본).
+ *   - 신규 제안은 reason 주석(문자열) 과 함께 반환해 사용자 리뷰 가능.
+ */
+const DESTRUCTIVE_PATTERN = /\b(rm\s+-rf|rm\s+-fr|force|DROP\s+TABLE|credentials|\.env|sudo|mkfs|dd\s+if=)/i;
+const COMPLETION_PATTERN = /(완료|complete|done|ready|shipped|finished|e2e|mock|verify|검증|배포)/i;
+const STYLE_PATTERN = /(문체|응답|설명|톤|어투|장황|간결|verbose|tone|style)/i;
+// R6-F2: shared single source of truth — stop-guard 와 동일 regex 재사용.
+import { DEFAULT_STOP_TRIGGER_RE as STOP_COMPLETION_TRIGGER, DEFAULT_STOP_EXCLUDE_RE as STOP_COMPLETION_EXCLUDE, MOCK_TRIGGER_RE as STOP_MOCK_TRIGGER, MOCK_EXCLUDE_RE as STOP_MOCK_EXCLUDE, } from '../hooks/shared/stop-triggers.js';
+export function classify(rule) {
+    const reasoning = [];
+    const proposed = [];
+    const text = `${rule.trigger}\n${rule.policy}`;
+    const isDestructive = DESTRUCTIVE_PATTERN.test(text);
+    const isCompletion = COMPLETION_PATTERN.test(text);
+    const isStyle = STYLE_PATTERN.test(text);
+    const isStrong = rule.strength === 'strong' || rule.strength === 'hard';
+    // Mech-A PreToolUse — 파괴적 명령 패턴.
+    // 이전에는 DESTRUCTIVE_PATTERN.source 를 다시 .match() 하여 alternation 의 첫 리터럴
+    // ("credentials") 만 반환하는 버그가 있었음. 이제 rule 텍스트에서 실제 매칭된 구문을
+    // 뽑아 그 구문에 맞는 runtime regex 로 변환.
+    if (isDestructive) {
+        const matched = text.match(DESTRUCTIVE_PATTERN);
+        const matchedLiteral = matched?.[0] ?? '';
+        // 안전을 위해 매칭된 literal 을 공백 보존 + escape 해서 runtime regex 로 재구성.
+        // 예: "rm -rf" → "rm\s+-rf" (공백 유연); "DROP TABLE" → "DROP\s+TABLE"; ".env" → "\.env"
+        const pattern = matchedLiteral
+            ? matchedLiteral
+                .replace(/[.*+?^${}()|[\]\\]/g, '\\$&') // escape regex metachar
+                .replace(/\s+/g, '\\s+') // 공백 하나 이상
+            : 'rm\\s+-rf'; // fallback
+        proposed.push({
+            mech: 'A',
+            hook: 'PreToolUse',
+            verifier: {
+                kind: 'tool_arg_regex',
+                params: { pattern, requires_flag: 'user_confirmed' },
+            },
+            block_message: `${rule.rule_id.slice(0, 8)}: ${rule.policy.slice(0, 80)}`,
+        });
+        reasoning.push(`destructive literal "${matchedLiteral}" → Mech-A PreToolUse+tool_arg_regex ${pattern}`);
+    }
+    // Mech-A Stop — 완료 선언 + 증거 요구 (destructive 와 독립적으로 평가: 하나의 rule 이 둘 다 해당 가능)
+    if (isCompletion) {
+        const mockAsProof = /mock|stub|fake/i.test(text);
+        // 증거 파일 경로는 v0.4.0 최종 구현에서 rule.policy 에서 추출; 지금은 default 사용
+        proposed.push({
+            mech: 'A',
+            hook: 'Stop',
+            verifier: {
+                kind: 'artifact_check',
+                params: { path: '.forgen/state/e2e-result.json', max_age_s: 3600 },
+            },
+            block_message: `${rule.rule_id.slice(0, 8)}: ${rule.policy.slice(0, 120)}`,
+            trigger_keywords_regex: mockAsProof ? STOP_MOCK_TRIGGER : STOP_COMPLETION_TRIGGER,
+            trigger_exclude_regex: mockAsProof ? STOP_MOCK_EXCLUDE : STOP_COMPLETION_EXCLUDE,
+            system_tag: `rule:${rule.rule_id.slice(0, 8)} — ${mockAsProof ? 'no-mock-as-proof' : 'e2e-before-done'}`,
+        });
+        reasoning.push(mockAsProof
+            ? 'completion + mock keyword → Mech-A Stop+artifact_check (mock trigger)'
+            : 'completion keyword → Mech-A Stop+artifact_check (completion trigger)');
+    }
+    // Mech-B — 문체/응답 관련 또는 strong/hard 정책이지만 기계 판정 어려운 경우
+    if ((isStyle || (isStrong && !isDestructive && !isCompletion))) {
+        proposed.push({
+            mech: 'B',
+            hook: 'Stop',
+            verifier: {
+                kind: 'self_check_prompt',
+                params: {
+                    question: `직전 응답이 다음 규칙을 위반했는지 자가점검하라: "${rule.policy.slice(0, 120)}". 위반 시 구체적 근거와 함께 수정해 재응답하라.`,
+                },
+            },
+            trigger_keywords_regex: STOP_COMPLETION_TRIGGER,
+            trigger_exclude_regex: STOP_COMPLETION_EXCLUDE,
+            system_tag: `rule:${rule.rule_id.slice(0, 8)} — style-check`,
+        });
+        reasoning.push(isStyle ? 'style/tone keyword → Mech-B Stop+self_check_prompt' : 'strong/hard strength + non-mechanical → Mech-B Stop+self_check_prompt');
+    }
+    // 잔여 — drift measure only (Mech-C)
+    if (proposed.length === 0) {
+        proposed.push({
+            mech: 'C',
+            hook: 'PostToolUse',
+            drift_key: `rule.${rule.rule_id.slice(0, 8)}`,
+        });
+        reasoning.push('no direct enforcement pattern → Mech-C drift measurement');
+    }
+    return {
+        rule_id: rule.rule_id,
+        trigger_preview: rule.trigger.slice(0, 60),
+        current_enforce_via: rule.enforce_via ?? null,
+        proposed,
+        reasoning,
+    };
+}
+export function classifyAll(rules) {
+    return rules.map(classify);
+}
+/** 제안을 적용해 새 Rule 을 반환 (pure). 이미 enforce_via 가 있으면 force=false 에서 건너뜀. */
+export function applyProposal(rule, proposal, options = {}) {
+    if (rule.enforce_via && rule.enforce_via.length > 0 && !options.force) {
+        return rule;
+    }
+    return {
+        ...rule,
+        enforce_via: proposal.proposed,
+        updated_at: new Date().toISOString(),
+    };
+}

package/dist/engine/learn-cli.js

@@ -1,3 +1,4 @@
+import * as fs from 'node:fs';
 import * as path from 'node:path';
 import * as os from 'node:os';
 import { fixupSolutions } from './solution-fixup.js';
@@ -6,6 +7,8 @@ import { computeFitness } from './solution-fitness.js';
 import { buildWeaknessReport, saveWeaknessReport } from './solution-weakness.js';
 import { listCandidates, promoteCandidate, rollbackSince } from './solution-candidate.js';
 const ME_SOLUTIONS = path.join(os.homedir(), '.forgen', 'me', 'solutions');
+const STATE_DIR = path.join(os.homedir(), '.forgen', 'state');
+const OUTCOMES_DIR = path.join(STATE_DIR, 'outcomes');
 export async function handleLearn(args) {
     const sub = args[0];
     if (sub === 'fix-up')
@@ -16,6 +19,8 @@ export async function handleLearn(args) {
         return runFitness(args.slice(1));
     if (sub === 'evolve')
         return runEvolve(args.slice(1));
+    if (sub === 'reset-outcomes')
+        return runResetOutcomes(args.slice(1));
     printUsage();
 }
 function printUsage() {
@@ -28,8 +33,55 @@ function printUsage() {
     forgen learn fitness [--json]         Show per-solution fitness (accept/correct/error ratios)
     forgen learn evolve [--save|--rollback <ts>|--promote <name>]
                                           Phase 4 evolution: weakness report + candidate lifecycle
+    forgen learn reset-outcomes [--apply] Archive pre-audit outcome history (dry-run by default).
+                                          Use after upgrading from <0.3.2 to start fitness fresh
+                                          under the new attribution gates. Old data is preserved
+                                          at ~/.forgen/state/outcomes.archive-<ts>/ (never deleted).
 `);
 }
+/**
+ * Archive the outcomes directory to a timestamped sibling so fitness
+ * computation starts fresh under v0.3.2's corrected attribution gates
+ * (match_score≥0.3, lag≤5min, top-3, single-tag rejection). Pre-0.3.2
+ * outcomes were recorded with blanket error-attribution on every tool
+ * failure in the session window, producing a 91% global error rate even
+ * for solutions that weren't actually causing the failures.
+ *
+ * Archive, never delete — users who want to audit their pre-0.3.2
+ * history can still read `outcomes.archive-<ts>/*.jsonl`.
+ */
+function runResetOutcomes(args) {
+    const apply = args.includes('--apply');
+    if (!fs.existsSync(OUTCOMES_DIR)) {
+        console.log(`\n  No outcomes directory yet — nothing to reset.\n`);
+        return;
+    }
+    const files = fs.readdirSync(OUTCOMES_DIR).filter((f) => f.endsWith('.jsonl'));
+    if (files.length === 0) {
+        console.log(`\n  Outcomes directory is empty — nothing to reset.\n`);
+        return;
+    }
+    let totalLines = 0;
+    for (const f of files) {
+        try {
+            totalLines += fs.readFileSync(path.join(OUTCOMES_DIR, f), 'utf-8').split('\n').filter(Boolean).length;
+        }
+        catch { /* ignore */ }
+    }
+    console.log(`\n  Outcomes snapshot: ${files.length} session files, ${totalLines} events.`);
+    if (!apply) {
+        console.log(`\n  Dry-run. Re-run with --apply to archive:`);
+        console.log(`    mv ~/.forgen/state/outcomes  →  ~/.forgen/state/outcomes.archive-<ts>`);
+        console.log(`    new empty ~/.forgen/state/outcomes/\n`);
+        return;
+    }
+    const archivePath = `${OUTCOMES_DIR}.archive-${Date.now()}`;
+    fs.renameSync(OUTCOMES_DIR, archivePath);
+    fs.mkdirSync(OUTCOMES_DIR, { recursive: true });
+    console.log(`\n  ✓ Archived to ${archivePath}`);
+    console.log(`  ✓ Fresh ${OUTCOMES_DIR} created.`);
+    console.log(`\n  Next fitness snapshot reflects v0.3.2 attribution gates only.\n`);
+}
 function runFixUp(args) {
     const apply = args.includes('--apply');
     const result = fixupSolutions(ME_SOLUTIONS, { dryRun: !apply });

package/dist/engine/lifecycle/bypass-detector.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Bypass detector — T3 signal source.
+ *
+ * Rule.policy 자연어에서 "피해야 할 패턴" 을 추출하고, Write/Edit/Bash 도구
+ * 출력에서 해당 패턴을 찾아 BypassEntry 후보로 반환한다.
+ *
+ * Heuristic:
+ *   1) "use X not Y" / "use X instead of Y" / "X over Y" → bypass = Y
+ *   2) "avoid X" / "don't use X" / "never use X" / "do not use X" → bypass = X
+ *   3) Korean: "X 말라" / "X 금지" / "X 하지 않" → bypass = X
+ *   4) 그 외: 빈 배열 (탐지 불가).
+ *
+ * 반환된 패턴은 escape 된 정규식 문자열 — caller 가 `new RegExp(p)` 로 사용.
+ */
+import type { Rule } from '../../store/types.js';
+export declare function extractBypassPatterns(rule: Rule): string[];
+export interface BypassScanInput {
+    rules: Rule[];
+    tool_name: string;
+    tool_output: string;
+    session_id: string;
+}
+export interface BypassCandidate {
+    rule_id: string;
+    session_id: string;
+    tool: string;
+    pattern_preview: string;
+    matched: string;
+}
+/**
+ * Pure — rules + tool output 으로 bypass candidates 추출.
+ * 같은 rule/pattern 이 여러 번 매칭돼도 한 번만 기록.
+ */
+export declare function scanForBypass(input: BypassScanInput): BypassCandidate[];

package/dist/engine/lifecycle/bypass-detector.js

@@ -0,0 +1,82 @@
+/**
+ * Bypass detector — T3 signal source.
+ *
+ * Rule.policy 자연어에서 "피해야 할 패턴" 을 추출하고, Write/Edit/Bash 도구
+ * 출력에서 해당 패턴을 찾아 BypassEntry 후보로 반환한다.
+ *
+ * Heuristic:
+ *   1) "use X not Y" / "use X instead of Y" / "X over Y" → bypass = Y
+ *   2) "avoid X" / "don't use X" / "never use X" / "do not use X" → bypass = X
+ *   3) Korean: "X 말라" / "X 금지" / "X 하지 않" → bypass = X
+ *   4) 그 외: 빈 배열 (탐지 불가).
+ *
+ * 반환된 패턴은 escape 된 정규식 문자열 — caller 가 `new RegExp(p)` 로 사용.
+ */
+function escapeRegex(s) {
+    return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+/**
+ * Trim punctuation 많이 붙은 자연어 표현을 "검색용 토큰" 으로 정규화.
+ * Leading `.` 는 유지 — `.then`, `.mock` 같은 메서드 참조가 의도된 매칭 대상.
+ * Trailing `()` 는 제거 — `.then()` 을 `.then` 으로 정규화해 `.then(x=>...)` 에 매치.
+ */
+function trimPunct(s) {
+    let out = s;
+    // Strip trailing "()" once (natural-language shorthand for method calls)
+    if (out.endsWith('()'))
+        out = out.slice(0, -2);
+    // Strip other leading/trailing punctuation, preserving leading `.`
+    out = out.replace(/^[,;:!?"'`(]+|[.,;:!?"'`)]+$/g, '');
+    return out;
+}
+export function extractBypassPatterns(rule) {
+    const patterns = [];
+    const p = rule.policy;
+    // use X not Y / use X instead of Y / use X over Y
+    // X, Y may contain dots (e.g., ".then()", "vi.mock"). Strip trailing punctuation.
+    const useNot = p.match(/\b(?:use|prefer|choose)\s+(\S+?)\s+(?:not|instead\s+of|over|rather\s+than)\s+(\S+)/i);
+    if (useNot)
+        patterns.push(escapeRegex(trimPunct(useNot[2])));
+    // avoid X / don't use X / never use X / do not use X
+    const avoid = p.match(/\b(?:avoid|don'?t\s+use|never\s+use|do\s+not\s+use)\s+(\S+)/i);
+    if (avoid)
+        patterns.push(escapeRegex(trimPunct(avoid[1])));
+    // Korean: "X 말라" / "X 금지" / "X 하지 마"
+    const ko = p.match(/(\S+)\s*(?:말라|금지|하지\s*마|쓰지\s*마)/);
+    if (ko)
+        patterns.push(escapeRegex(trimPunct(ko[1])));
+    // Dedupe + filter trivial
+    return [...new Set(patterns)].filter((pat) => pat.length >= 2);
+}
+/**
+ * Pure — rules + tool output 으로 bypass candidates 추출.
+ * 같은 rule/pattern 이 여러 번 매칭돼도 한 번만 기록.
+ */
+export function scanForBypass(input) {
+    const { rules, tool_name, tool_output, session_id } = input;
+    const candidates = [];
+    const reported = new Set(); // rule_id|pattern
+    for (const rule of rules) {
+        if (rule.status !== 'active')
+            continue;
+        const patterns = extractBypassPatterns(rule);
+        for (const pat of patterns) {
+            const re = new RegExp(pat, 'i');
+            const m = tool_output.match(re);
+            if (!m)
+                continue;
+            const key = `${rule.rule_id}|${pat}`;
+            if (reported.has(key))
+                continue;
+            reported.add(key);
+            candidates.push({
+                rule_id: rule.rule_id,
+                session_id,
+                tool: tool_name,
+                pattern_preview: pat.slice(0, 40),
+                matched: m[0].slice(0, 40),
+            });
+        }
+    }
+    return candidates;
+}

package/dist/engine/lifecycle/lifecycle-cli.d.ts

@@ -0,0 +1,7 @@
+/**
+ * CLI handler for `forgen lifecycle-scan`.
+ *
+ * 전체 lifecycle 트리거(T1~T5 + Meta) 를 쓴 집계 데이터 기반으로 실행.
+ * default dry-run, --apply 시 rule 파일에 상태 전이 반영.
+ */
+export declare function handleLifecycleScan(args: string[]): Promise<void>;