npm - agent-cli-runtime - Versions diffs - 0.1.0-alpha.2 → 0.1.0-alpha.3 - Mend

agent-cli-runtime 0.1.0-alpha.2 → 0.1.0-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/CHANGELOG.md +18 -3
package/README.md +4 -3
package/README.zh-CN.md +4 -3
package/dist/cli/main.js +0 -0
package/docs/compatibility.md +6 -6
package/docs/production-readiness.md +5 -5
package/docs/release-checklist.md +36 -24
package/docs/release-publish-runbook.md +34 -44
package/docs/release-report.md +36 -39
package/docs/ssot.md +11 -11
package/package.json +3 -2

package/CHANGELOG.md CHANGED Viewed

@@ -1,16 +1,31 @@
 # Changelog
-## 0.1.0-alpha.2 — publish-ready release candidate / dry-run stop point (not published)
+## 0.1.0-alpha.3 — corrective pre-alpha release
+- P7-5 alpha.3 corrective release:
+  - records that `0.1.0-alpha.2` was published but its immutable npm tarball kept stale pre-publish package docs;
+  - recommends `0.1.0-alpha.3` as the corrective pre-alpha release for package consumers;
+  - adds a packaged-docs verification gate that packs and unpacks the local tarball before publish;
+  - extends published verification so registry tarball docs are downloaded, unpacked, and checked instead of trusting later repository docs;
+  - keeps npm registry metadata and GitHub Releases authoritative for available versions and dist-tags;
+  - keeps `.release-evidence/`, run ids, artifact ids, digests, tarball shasums, integrity values, local temporary paths, raw logs, raw CLI output, prompts, and token-looking values out of packaged docs.
+## 0.1.0-alpha.2 — published pre-alpha release
+- P7-4 alpha.2 real publish and post-publish evidence:
+  - publishes `0.1.0-alpha.2` to npm with the `alpha` dist-tag;
+  - creates GitHub pre-release `v0.1.0-alpha.2`;
+  - verifies registry version, dist-tags, installed-package CLI smoke, and GitHub Release metadata;
+  - the published `0.1.0-alpha.2` npm tarball contains stale pre-publish package docs, so package consumers should use `0.1.0-alpha.3`;
+  - records post-publish evidence outside the npm package under `.release-evidence/`;
+  - keeps current-run ids, artifact ids, digests, tarball shasums, pack shasums, local temporary paths, raw logs, raw CLI output, prompts, and token-looking values out of packaged docs.
 - P7-3 alpha.2 publish dry-run evidence:
   - records fresh main release-candidate evidence for the exact alpha.2 publish target;
   - records downloaded artifact verification with `npm run release:verify -- --dir <normalized-downloaded-artifact-dir>`;
   - records local `npm publish --dry-run --ignore-scripts --tag alpha` evidence while keeping real npm publish and GitHub Release creation human-gated;
-  - keeps `0.1.0-alpha.2` unpublished until a maintainer separately authorizes a real npm publish;
   - keeps current-run ids, artifact ids, digests, tarball shasums, pack shasums, local temporary paths, raw logs, raw CLI output, prompts, and token-looking values out of packaged docs.
 - P7-1 alpha.2 package metadata preparation:
   - bumps package metadata to `0.1.0-alpha.2` while keeping the real npm registry state at the already published `0.1.0-alpha.1`;
-  - keeps `0.1.0-alpha.2` as a publish-ready release candidate only until a maintainer separately authorizes a real npm publish;
   - documents the human-controlled alpha.2 path: fresh release-candidate workflow, downloaded artifact verification with `npm run release:verify`, local `npm publish --dry-run --ignore-scripts --tag alpha`, then a separate explicit publish decision;
   - keeps current-run ids, artifact ids, digests, tarball shasums, pack shasums, local temporary paths, raw logs, raw CLI output, prompts, and token-looking values out of packaged docs.
 - P6 release-candidate gate consolidation:

package/README.md CHANGED Viewed

@@ -24,9 +24,10 @@ This repository is in **pre-alpha / developer preview**.
 Release boundary:
 - `agent-cli-runtime@0.1.0-alpha.1` is published on npm and has GitHub pre-release `v0.1.0-alpha.1`.
-- `agent-cli-runtime@0.1.0-alpha.2` is the current publish-ready release candidate in this repository with fresh main release-candidate evidence and local publish dry-run evidence; it is not published until a maintainer separately authorizes a real npm publish.
+- `agent-cli-runtime@0.1.0-alpha.2` is published on npm and has GitHub pre-release `v0.1.0-alpha.2`, but its immutable npm tarball contains stale pre-publish package docs.
+- `agent-cli-runtime@0.1.0-alpha.3` is the corrective pre-alpha release for package consumers.
 - `agent-cli-runtime@0.1.0-alpha.0` is deprecated because its immutable package docs shipped stale pre-publish state.
-- Current npm dist-tags are `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`; because there is no stable version yet, this is recorded as current pre-alpha registry state, not as a failed release.
+- npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags.
 - Release-candidate and post-alpha evidence keeps current-head release and downloaded artifact details outside the npm package under `.release-evidence/` or GitHub Release assets.
 - `createAgentRuntime` is the only runtime value export.
 - No background daemon, no API server, no WAL, no database, and no remote runtime mode are included in this pre-alpha track.
@@ -362,7 +363,7 @@ CI uses a Node.js 20/22/24 matrix for typecheck, lint, tests, build, production
 For local release-candidate confidence, run `npm run prepublish:check`. It combines typecheck, lint, tests, build, daemon embedding verification, runtime safety verification, offline real compatibility evidence verification, dogfood, production audit, package boundary checks, and a pack dry-run. The GitHub Actions `Release Candidate` workflow is manually triggered with `workflow_dispatch`, runs `npm ci`, `npm run ci`, `npm run dogfood`, and `npm run release:candidate -- --out-dir release-candidate`; the generated artifact set includes `agent-cli-runtime-tarball`, `agent-cli-runtime-pack-metadata`, `agent-cli-runtime-package-files`, `agent-cli-runtime-gate-evidence`, and `agent-cli-runtime-release-verification`.
-Version `0.1.0-alpha.1` is published to npm and has GitHub pre-release `v0.1.0-alpha.1`. Version `0.1.0-alpha.2` is the current publish-ready release candidate with fresh main release-candidate evidence and local `npm publish --dry-run --ignore-scripts --tag alpha` evidence; real publish and GitHub Release creation still require separate maintainer authorization. Version `0.1.0-alpha.0` is deprecated because its immutable tarball contains stale pre-publish status text. Current npm dist-tags are `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`, which is acceptable while only pre-alpha versions exist. Because release docs are included in the npm package, volatile current-run evidence must stay outside packaged docs under `.release-evidence/` or GitHub Release assets.
+Version `0.1.0-alpha.1` is published to npm and has GitHub pre-release `v0.1.0-alpha.1`. Version `0.1.0-alpha.2` is published to npm with the `alpha` dist-tag and has GitHub pre-release `v0.1.0-alpha.2`, but its immutable tarball contains stale pre-publish package docs. Version `0.1.0-alpha.3` is the corrective pre-alpha release for package consumers. Version `0.1.0-alpha.0` is deprecated because its immutable tarball contains stale pre-publish status text. npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags. Because release docs are included in the npm package, volatile current-run evidence must stay outside packaged docs under `.release-evidence/` or GitHub Release assets.
 Post-alpha verification:

package/README.zh-CN.md CHANGED Viewed

@@ -24,9 +24,10 @@ Agent CLI Runtime 是一个 adapter layer。它适合你在不想重新造一个
 发布边界说明：
 - `agent-cli-runtime@0.1.0-alpha.1` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.1`。
-- `agent-cli-runtime@0.1.0-alpha.2` 是当前仓库里的 publish-ready release candidate，已有 fresh main release-candidate evidence 和本地 publish dry-run evidence；除非 maintainer 另行明确授权真实 npm publish，否则它仍不发布。
+- `agent-cli-runtime@0.1.0-alpha.2` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.2`，但其不可变 npm tarball 内含过期的发布前 package docs。
+- `agent-cli-runtime@0.1.0-alpha.3` 是面向 package consumer 的 corrective pre-alpha release。
 - `agent-cli-runtime@0.1.0-alpha.0` 已 deprecate，原因是不可变 package docs 内含过期的发布前状态。
-- 当前 npm dist-tags 为 `alpha -> 0.1.0-alpha.1` 和 `latest -> 0.1.0-alpha.1`；由于目前没有 stable 版本，这被记录为 pre-alpha registry 现实状态，不当作发布失败。
+- 可用版本和 dist-tags 以 npm registry metadata 与 GitHub Releases 为准。
 - release-candidate 与 post-alpha evidence 将 current-head release 和下载 artifact 细节保存在 npm 包外的 `.release-evidence/` 或 GitHub Release assets 中。
 - `createAgentRuntime` 是当前公开的主要 value 入口，其他 adapter/parser/store 内部实现不对外承诺。
 - 这版不包含后台 daemon、API server、WAL、database 或 remote runtime 模式承诺。
@@ -360,7 +361,7 @@ CI 使用 Node.js 20/22/24 matrix 跑 typecheck、lint、tests、build、product
 本地 release-candidate 置信门禁使用 `npm run prepublish:check`。它会组合 typecheck、lint、tests、build、daemon embedding verification、runtime safety verification、offline real compatibility evidence verification、dogfood、production audit、package boundary check 和 pack dry-run。GitHub Actions 的 `Release Candidate` workflow 通过 `workflow_dispatch` 手动触发，执行 `npm ci`、`npm run ci`、`npm run dogfood` 和 `npm run release:candidate -- --out-dir release-candidate`；生成并上传 `agent-cli-runtime-tarball`、`agent-cli-runtime-pack-metadata`、`agent-cli-runtime-package-files`、`agent-cli-runtime-gate-evidence` 和 `agent-cli-runtime-release-verification`。
-`0.1.0-alpha.1` 已发布到 npm，并有 GitHub pre-release `v0.1.0-alpha.1`。`0.1.0-alpha.2` 是当前仓库里的 publish-ready release candidate，已有 fresh main release-candidate evidence 和本地 `npm publish --dry-run --ignore-scripts --tag alpha` evidence；真实 publish 和 GitHub Release 创建仍需要 maintainer 另行明确授权。`0.1.0-alpha.0` 已 deprecate，原因是该不可变 tarball 内含过期的发布前状态说明。当前 npm dist-tags 为 `alpha -> 0.1.0-alpha.1` 和 `latest -> 0.1.0-alpha.1`；在目前只有 pre-alpha 版本时，这是可接受的 registry 现实状态。由于 release docs 会进入 npm package，current-run 的易漂移证据必须留在包外的 `.release-evidence/` 或 GitHub Release assets 中。
+`0.1.0-alpha.1` 已发布到 npm，并有 GitHub pre-release `v0.1.0-alpha.1`。`0.1.0-alpha.2` 已发布到 npm，使用 `alpha` dist-tag，并创建了 GitHub pre-release `v0.1.0-alpha.2`，但其不可变 tarball 内含过期的发布前 package docs。`0.1.0-alpha.3` 是面向 package consumer 的 corrective pre-alpha release。`0.1.0-alpha.0` 已 deprecate，原因是该不可变 tarball 内含过期的发布前状态说明。可用版本和 dist-tags 以 npm registry metadata 与 GitHub Releases 为准。由于 release docs 会进入 npm package，current-run 的易漂移证据必须留在包外的 `.release-evidence/` 或 GitHub Release assets 中。
 post-alpha 验证：

package/dist/cli/main.js CHANGED Viewed

File without changes

package/docs/compatibility.md CHANGED Viewed

@@ -1,18 +1,18 @@
 # Agent CLI Compatibility Matrix
-Status: P6 offline compatibility gate integrated; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point
-Last updated: 2026-06-25
+Status: P6 offline compatibility gate integrated; `0.1.0-alpha.3` is the corrective pre-alpha release
+Last updated: 2026-06-26
-This matrix records the CLI versions and behaviors that have been verified with the current runtime. Real agent CLIs change quickly; treat this file as dated compatibility evidence, not a permanent guarantee. P3-6 added a reviewable opt-in real smoke evidence path while keeping default release gates on detection/profile certification only. P3-7 freezes the API / CLI schema inventory and versioning policy in [docs/api-schema-contract.md](./api-schema-contract.md). P6 integrates the offline real compatibility evidence verifier into prepublish and release-candidate evidence; it does not refresh real CLI evidence during normal release gates. P7-3 records `0.1.0-alpha.2` fresh main release-candidate evidence plus local `npm publish --dry-run --ignore-scripts --tag alpha` evidence, and P7-4 preserves that final publish lock boundary unless a maintainer separately authorizes a real npm publish and GitHub Release creation. `0.1.0-alpha.2` is not published; the current registry state remains `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`. Raw CLI output, tokens, full prompts, auth env values, private paths, local temporary paths, artifact ids, and artifact digests are not committed to packaged docs.
+This matrix records the CLI versions and behaviors that have been verified with the current runtime. Real agent CLIs change quickly; treat this file as dated compatibility evidence, not a permanent guarantee. P3-6 added a reviewable opt-in real smoke evidence path while keeping default release gates on detection/profile certification only. P3-7 freezes the API / CLI schema inventory and versioning policy in [docs/api-schema-contract.md](./api-schema-contract.md). P6 integrates the offline real compatibility evidence verifier into prepublish and release-candidate evidence; it does not refresh real CLI evidence during normal release gates. P7-5 marks `0.1.0-alpha.3` as the corrective pre-alpha release after the published `0.1.0-alpha.2` tarball shipped stale package docs from the pre-publish state. npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags. Raw CLI output, tokens, full prompts, auth env values, private paths, local temporary paths, artifact ids, and artifact digests are not committed to packaged docs.
 ## Evidence policy
-Current status is P6 offline compatibility gate integration carried into the alpha.2 publish-ready release-candidate path. P6-1 keeps the P3-6 real-smoke safety boundary, adds repo-only summarized evidence under `.release-evidence/p6-1-real-cli-compatibility.json`, and audits every built-in adapter `needsVerification` item against current local CLI preflight and opt-in smoke results. P6-2 adds `npm run compat:real:evidence:verify` as an offline drift gate for that file; it does not launch real CLI runs. P6-3 wires that verifier into `prepublish:check` and `release:candidate` evidence without running `npm run compat:real:evidence` or passing `--allow-real-run`. P6 remote run and artifact details are recorded under `.release-evidence/`, outside npm package contents. P7-3/P7-4 keep publish evidence dry-run-only until explicit maintainer authorization: local package checks and downloaded release artifacts can prove the final pre-publish lock, but they do not prove an npm registry mutation or a GitHub Release for `v0.1.0-alpha.2`. The release gate confirms `compat:real:evidence:verify` emits `agent-cli-runtime.realCompatibilityEvidenceVerification.v1`, verifies `agent-cli-runtime.realCompatibilityEvidence.v1`, and keeps diagnostics summarized as count/codes only.
+Current status is P6 offline compatibility gate integration carried into the alpha.3 corrective path. P6-1 keeps the P3-6 real-smoke safety boundary, adds repo-only summarized evidence under `.release-evidence/p6-1-real-cli-compatibility.json`, and audits every built-in adapter `needsVerification` item against current local CLI preflight and opt-in smoke results. P6-2 adds `npm run compat:real:evidence:verify` as an offline drift gate for that file; it does not launch real CLI runs. P6-3 wires that verifier into `prepublish:check` and `release:candidate` evidence without running `npm run compat:real:evidence` or passing `--allow-real-run`. P6 remote run and artifact details are recorded under `.release-evidence/`, outside npm package contents. P7-5 adds packaged-docs verification so local packed tarball docs and npm registry tarball docs are checked directly. The release gate confirms `compat:real:evidence:verify` emits `agent-cli-runtime.realCompatibilityEvidenceVerification.v1`, verifies `agent-cli-runtime.realCompatibilityEvidence.v1`, and keeps diagnostics summarized as count/codes only.
 - Current behavior is what is validated by `npm test` / typecheck / lint / build plus the current `npm pack`, package boundary, CLI JSON contract, and single-Node TypeScript consumer install-smoke checks.
 - CI behavior is matrixed for Node.js 20/22/24 except dogfood, which runs once on Node.js 22 to avoid duplicating the slower install smoke.
 - `npm test` uses Vitest's verbose reporter for contract coverage; slower installed-package gates and install smokes stay out of the Node.js matrix and run through single-Node release gates or explicit opt-in checks.
-- `npm run prepublish:check` is the local guard that combines typecheck, lint, tests, build, `daemon:verify`, `runtime:safety`, offline real compatibility evidence verification, dogfood, production audit, package boundary checks, and pack dry-run.
+- `npm run prepublish:check` is the local guard that combines typecheck, lint, tests, build, `daemon:verify`, `runtime:safety`, offline real compatibility evidence verification, dogfood, production audit, package boundary checks, packaged-docs verification, and pack dry-run.
 - `npm run release:candidate` creates local release-candidate artifacts including `gate-evidence.json`, and `npm run release:verify -- --dir <path>` validates local or downloaded artifacts with stable redacted JSON. `gate-evidence.json` records the compatibility verification gate as a redacted summary only: command, ok, verifier schema, verified evidence schema, and diagnostic count/codes.
 - `npm publish --dry-run --ignore-scripts --tag alpha` is a documented manual local dry-run check; it is not a remote CI gate.
 - `docs/release-publish-runbook.md` documents the future human alpha publish path, dist-tag verification, rollback/deprecation/unpublish boundary, 2FA, trusted publishing, provenance, and token strategy; no real publish is performed in P2-13.
@@ -20,7 +20,7 @@ Current status is P6 offline compatibility gate integration carried into the alp
 - `npm run dogfood` installs the tarball into a temporary consumer project, runs `tsc --noEmit`, then executes fake-CLI library run/goal/replay/diagnostics smoke through the installed package.
 - `npm run published:adapters:verify` installs the already published npm package from the npm registry into a temporary consumer and verifies built-in Codex, Claude, and OpenCode adapter detection, argv shape, stdin prompt transport, parser behavior, redaction, and per-adapter failure isolation with fake CLIs only.
 - CI runs `daemon:verify`, `runtime:safety`, and dogfood once in a single Node.js 22 release-gates job; the Node.js 20/22/24 matrix does not repeat installed-package gates. CI does not run `compat:real:evidence:verify` because that verifier depends on repo-only `.release-evidence/`, while dogfood remains an installed-package consumer gate.
-- Remote GitHub Actions release-candidate evidence is commit-specific and recorded outside the package under `.release-evidence/`; historical runs only prove their own `headSha` and must not be reused for alpha.2 publish evidence.
+- Remote GitHub Actions release-candidate evidence is commit-specific and recorded outside the package under `.release-evidence/`; historical runs only prove their own `headSha` and must not be reused for alpha.3 corrective release evidence.
 - Evidence modes are intentionally separate:
   - `fixtures`: offline parser contract fixtures; no real or fake CLI process is launched.
   - `fake`: temporary local fake CLIs through the real adapter argv/stdin/parser path; no network or real account is used.

package/docs/production-readiness.md CHANGED Viewed

@@ -1,13 +1,13 @@
 # Production Readiness
-Status: `0.1.0-alpha.1` published; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point
-Last updated: 2026-06-25
+Status: `0.1.0-alpha.3` corrective pre-alpha release
+Last updated: 2026-06-26
-This project is still **pre-alpha / developer preview**. Version `0.1.0-alpha.1` is published to npm and has GitHub pre-release `v0.1.0-alpha.1`.
+This project is still **pre-alpha / developer preview**. Version `0.1.0-alpha.3` is the corrective pre-alpha release for package consumers.
-Version `0.1.0-alpha.2` is the current publish-ready release candidate with fresh main release-candidate evidence and local publish dry-run evidence; it is not published until a maintainer separately authorizes a real npm publish. Version `0.1.0-alpha.0` is deprecated because that immutable tarball contains stale pre-publish status text. Current npm dist-tags are `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`, recorded as current pre-alpha registry state while no stable version exists. P3-1 froze daemon-ready execution-kernel contracts for embedders in [docs/daemon-ready-contract.md](./daemon-ready-contract.md); P3-7 freezes the API / CLI schema inventory and versioning policy in [docs/api-schema-contract.md](./api-schema-contract.md); P6 integrates the offline real compatibility evidence verifier into local prepublish and release-candidate evidence without launching authenticated real agent runs. Detailed run and artifact evidence for P6-4 through P7-3 is recorded outside the npm package under `.release-evidence/`.
+Version `0.1.0-alpha.2` was published with fresh main release-candidate evidence, real publish evidence, registry verification, installed-package CLI smoke, and GitHub Release verification, but its immutable npm tarball contains stale pre-publish package docs. Version `0.1.0-alpha.1` remains published as an earlier alpha and has GitHub pre-release `v0.1.0-alpha.1`. Version `0.1.0-alpha.0` is deprecated because that immutable tarball contains stale pre-publish status text. npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags. P3-1 froze daemon-ready execution-kernel contracts for embedders in [docs/daemon-ready-contract.md](./daemon-ready-contract.md); P3-7 freezes the API / CLI schema inventory and versioning policy in [docs/api-schema-contract.md](./api-schema-contract.md); P6 integrates the offline real compatibility evidence verifier into local prepublish and release-candidate evidence without launching authenticated real agent runs. Detailed run and artifact evidence for P6-4 through P7-5 is recorded outside the npm package under `.release-evidence/`.
-Volatile current-head evidence stays out of the npm package. Fresh run ids, artifact ids, artifact digests, tarball hashes, pack hashes, downloaded verification paths, raw logs, raw CLI output, full prompts, and token-looking values belong under `.release-evidence/` or durable GitHub Release assets. Packaged docs keep stable release rules, current post-alpha registry state, alpha.2 publish-ready release-candidate status, dry-run evidence boundary, and the human-gated boundary for any future publish. P5-1 adds a published-package daemon consumer harness for the already published `agent-cli-runtime@0.1.0-alpha.1`: it installs from the npm registry, uses fake CLIs only, and verifies daemon-style lifecycle coverage without touching local `dist/` or publishing a new version. The post-alpha path does not publish a new npm version, configure trusted publishing, claim provenance, or add daemon/API server/database/WAL/remote-worker/UI/telemetry/artifact layers.
+Volatile current-head evidence stays out of the npm package. Fresh run ids, artifact ids, artifact digests, tarball hashes, pack hashes, downloaded verification paths, raw logs, raw CLI output, full prompts, and token-looking values belong under `.release-evidence/` or durable GitHub Release assets. Packaged docs keep stable release rules, the alpha.2 stale package-docs incident, the alpha.3 corrective release boundary, package-docs verification, and the human-gated boundary for any registry mutation. P5-1 adds a published-package daemon consumer harness for the already published `agent-cli-runtime@0.1.0-alpha.1`: it installs from the npm registry, uses fake CLIs only, and verifies daemon-style lifecycle coverage without touching local `dist/` or publishing a new version. The post-alpha path does not configure trusted publishing, claim provenance, or add daemon/API server/database/WAL/remote-worker/UI/telemetry/artifact layers.
 ## Local-First Production Definition

package/docs/release-checklist.md CHANGED Viewed

@@ -1,33 +1,31 @@
 # Release Checklist (pre-alpha / developer preview)
-Status: `0.1.0-alpha.1` published; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point
-Last updated: 2026-06-25
-## P7-3 Alpha.2 Publish Dry-Run
-- [x] Confirm P7-2 has reached `origin/main` before creating the P7-3 branch.
-- [x] Prepare package metadata for `0.1.0-alpha.2` in `package.json` and `package-lock.json`.
-- [x] Keep `0.1.0-alpha.2` as a publish-ready release candidate only; do not describe it as published.
-- [x] Trigger fresh main release-candidate evidence for the exact commit selected for publish.
-- [x] Download all five artifacts and run `npm run release:verify -- --dir <normalized-artifact-dir>`.
-- [x] Run `npm publish --dry-run --ignore-scripts --tag alpha`.
-- [x] Record dry-run-only publish evidence in `.release-evidence/p7-3-alpha-2-publish.json`.
-- [x] Keep the current published npm version as `agent-cli-runtime@0.1.0-alpha.1`.
-- [x] Keep the current GitHub pre-release as `v0.1.0-alpha.1`.
-- [x] Keep current npm dist-tags documented as `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`.
-- [x] Keep `agent-cli-runtime@0.1.0-alpha.0` documented as deprecated due to stale immutable package docs.
-- [x] Keep volatile run ids, artifact ids, artifact digests, tarball hashes, pack hashes, local temporary paths, raw logs, raw CLI output, full prompts, and token-looking values outside packaged docs.
+Status: `0.1.0-alpha.3` corrective pre-alpha release
+Last updated: 2026-06-26
+## P7-5 Alpha.3 Corrective Release
+- [x] Prepare package metadata for `0.1.0-alpha.3` in `package.json` and `package-lock.json`.
+- [x] Record that `0.1.0-alpha.2` is published but its immutable npm tarball contains stale pre-publish package docs.
+- [x] Recommend `0.1.0-alpha.3` as the corrective pre-alpha release for package consumers.
+- [x] Keep `0.1.0-alpha.1` and GitHub pre-release `v0.1.0-alpha.1` documented as earlier alpha history.
+- [x] Keep `0.1.0-alpha.0` documented as deprecated because its immutable package docs shipped stale pre-publish state.
+- [x] Keep npm registry metadata and GitHub Releases as the source of truth for available versions and dist-tags.
+- [x] Add a local packaged-docs gate that runs an actual pack, unpacks the tarball, and scans the docs that enter the package.
+- [x] Add a published verification gate that downloads and unpacks `agent-cli-runtime@<version>` from the npm registry before accepting package-docs state.
 - [x] Keep `.release-evidence/` and `.reference/` outside npm package contents.
+- [x] Keep volatile run ids, artifact ids, artifact digests, tarball hashes, pack hashes, local temporary paths, raw logs, raw CLI output, full prompts, and token-looking values outside packaged docs.
 ## Local Verification
-Run these before treating alpha.2 as a local release candidate:
+Run these before treating a future alpha version as a local release candidate:
 ```bash
 npm test
 npm run typecheck
 npm run lint
 npm run package:check
+npm run package:docs:check
 npm run compat:real:evidence:verify
 npm run release:candidate -- --out-dir <tmp-dir>
 npm run release:verify -- --dir <tmp-dir>
@@ -44,6 +42,7 @@ Acceptance:
 - [x] `npm run typecheck` passes.
 - [x] `npm run lint` passes.
 - [x] `npm run package:check` passes and rejects `.release-evidence/` plus `.reference/` if they appear in pack metadata.
+- [x] `npm run package:docs:check` unpacks the local tarball and rejects stale publish-state claims for this version, dry-run stop wording, publish-ready candidate wording, and old current dist-tag claims.
 - [x] `npm run compat:real:evidence:verify` passes without launching authenticated real agent runs.
 - [x] `npm run release:candidate -- --out-dir <tmp-dir>` produces the five-artifact release-candidate set.
 - [x] `npm run release:verify -- --dir <tmp-dir>` passes with `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`, `ok: true`, and empty diagnostics.
@@ -56,16 +55,17 @@ Acceptance:
 ## Human Publish Gate
-Do not run a real publish without explicit maintainer authorization. Before any later publish:
+Do not run a real publish, deprecate an existing version, or create/modify a GitHub Release without explicit maintainer authorization. Before any later publish:
 - [ ] Trigger a fresh manual release-candidate workflow for the exact commit being considered.
 - [ ] Download all five artifacts into a local review directory.
 - [ ] Run `npm run release:verify -- --dir <normalized-artifact-dir>` on the downloaded artifacts.
 - [ ] Confirm the workflow head SHA equals the commit selected for publish.
 - [ ] Run `npm publish --dry-run --ignore-scripts --tag alpha`.
+- [ ] Run `npm run package:docs:check` and confirm it inspected the local packed tarball.
 - [ ] Obtain separate explicit maintainer authorization for the real publish.
 - [ ] Run real `npm publish --tag alpha` only after that authorization.
-- [ ] After publish, verify npm registry state and run the published package verification workflow.
+- [ ] After publish, verify npm registry state, run the published package verification workflow, and confirm registry tarball docs pass `agent-cli-runtime.packagedDocsVerification.v1`.
 ## Release-Candidate Artifact Contract
@@ -111,7 +111,19 @@ The package must not contain:
 - The package root value export remains `createAgentRuntime`.
 - The schema inventory and versioning policy live in [docs/api-schema-contract.md](./api-schema-contract.md).
 - The daemon/product shell embedding contract lives in [docs/daemon-ready-contract.md](./daemon-ready-contract.md).
-- `agent-cli-runtime.releaseVerification.v1` and `agent-cli-runtime.releaseGateEvidence.v1` are the release artifact schemas.
-- `real_run_skipped`, `auth_missing`, `unsupported_flag`, and `needs_verification` are evidence states, not success.
-- Frozen smoke/conformance classifications: `success`, `real_run_skipped`, `auth_missing`, `unavailable_executable`, `unsupported_flag`, `needs_verification`, `unexpected_output`, `cwd_mutated`, `timeout`, and `failed`.
-- This repository remains a local-first runtime/kernel and does not include a hosted daemon, control plane, API server, database/WAL, web UI, telemetry, or remote worker.
+- `agent-cli-runtime.releaseVerification.v1`, `agent-cli-runtime.releaseGateEvidence.v1`, and `agent-cli-runtime.packagedDocsVerification.v1` are release artifact schemas.
+## Schema Vocabulary
+Smoke and conformance classifications remain:
+- `success`
+- `real_run_skipped`
+- `auth_missing`
+- `unavailable_executable`
+- `unsupported_flag`
+- `needs_verification`
+- `unexpected_output`
+- `cwd_mutated`
+- `timeout`
+- `failed`

package/docs/release-publish-runbook.md CHANGED Viewed

@@ -1,11 +1,11 @@
 # Alpha Publish Readiness Runbook
-Status: `0.1.0-alpha.1` published; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point; real publish remains human-controlled
-Last updated: 2026-06-25
+Status: `0.1.0-alpha.3` corrective pre-alpha release; registry mutations remain human-controlled
+Last updated: 2026-06-26
-This runbook records the publish and registry boundary after `agent-cli-runtime@0.1.0-alpha.1` was published. `0.1.0-alpha.1` corrects the stale pre-publish status text shipped in immutable npm version `0.1.0-alpha.0`; `0.1.0-alpha.0` is now deprecated.
+This runbook records the publish and registry boundary for the alpha.3 corrective release line. `agent-cli-runtime@0.1.0-alpha.2` is published, but its immutable npm tarball contains stale pre-publish package docs. `agent-cli-runtime@0.1.0-alpha.3` is the corrective pre-alpha release for package consumers. npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags.
-`0.1.0-alpha.2` is a publish-ready release candidate with fresh main release-candidate evidence and local publish dry-run evidence. It is not published until a maintainer separately authorizes a real npm publish. This runbook does not create or commit npm credentials and does not configure trusted publishing. Current-head release-candidate run ids, artifact digests, tarball shasums, pack shasums, and local temporary paths are recorded outside the npm package under `.release-evidence/` or attached as GitHub Release assets; package docs keep only stable process rules, current post-alpha registry state, and the human-gated boundary for any future publish.
+This runbook does not create or commit npm credentials and does not configure trusted publishing. Current-head release-candidate run ids, artifact digests, tarball shasums, pack shasums, integrity values, and local temporary paths are recorded outside the npm package under `.release-evidence/` or attached as GitHub Release assets; package docs keep only stable process rules, the alpha.2 stale package-docs incident, the alpha.3 corrective boundary, and the human-gated boundary for registry mutations.
 ## Decision
@@ -14,30 +14,28 @@ Current state and future human gate:
 - Package metadata is ready for an alpha package page: `name`, `version`, `description`, `license`, `type`, `bin`, `main`, `types`, `exports`, `files`, `engines`, `repository`, `homepage`, `bugs`, `keywords`, and `publishConfig.tag` are present and intentional.
 - The package root value API remains `createAgentRuntime` only; public TypeScript types are exposed through the root declarations, not as runtime values.
 - The release-candidate workflow remains artifact-only: it creates and verifies the tarball but does not publish and does not require registry credentials.
-- Published package: `agent-cli-runtime@0.1.0-alpha.1`.
-- Candidate package metadata in this repository: `agent-cli-runtime@0.1.0-alpha.2`.
-- `0.1.0-alpha.2` is a publish-ready release candidate with dry-run publish evidence, not a published version.
-- GitHub pre-release: `v0.1.0-alpha.1`.
-- Deprecated package: `agent-cli-runtime@0.1.0-alpha.0`.
-- Current npm dist-tags: `alpha -> 0.1.0-alpha.1`, `latest -> 0.1.0-alpha.1`.
-- `latest -> 0.1.0-alpha.1` is recorded as current pre-alpha registry reality while there is no stable release; do not pretend it was removed.
-- Alpha.2 human-controlled publish path: use the fresh release-candidate workflow for the commit being considered, download all five artifacts, run `npm run release:verify -- --dir <normalized-artifact-dir>`, run `npm publish --dry-run --ignore-scripts --tag alpha`, then stop until a maintainer separately authorizes the real publish.
+- Corrective package line: `agent-cli-runtime@0.1.0-alpha.3`.
+- Stale-docs incident package: `agent-cli-runtime@0.1.0-alpha.2`.
+- Previous package: `agent-cli-runtime@0.1.0-alpha.1`.
+- Previous GitHub pre-release: `v0.1.0-alpha.1`.
+- `agent-cli-runtime@0.1.0-alpha.0` is deprecated because its immutable package docs shipped stale pre-publish state.
+- Future human-controlled publish path: use the fresh release-candidate workflow for the commit being considered, download all five artifacts, run `npm run release:verify -- --dir <normalized-artifact-dir>`, run `npm run package:docs:check`, run `npm publish --dry-run --ignore-scripts --tag alpha`, and require explicit maintainer authorization before any registry mutation.
 - Current-head evidence rule: trigger a fresh release-candidate workflow for the commit being considered, download all five artifacts, run `npm run release:verify -- --dir <normalized-artifact-dir>`, and record volatile run evidence under `.release-evidence/`.
-- Because this runbook and release report are included in the npm package, do not write current run ids, artifact digests, tarball shasums, or pack shasums into package docs.
+- Because this runbook and release report are included in the npm package, do not write current run ids, artifact digests, tarball shasums, integrity values, or pack shasums into package docs.
 - Before any future real publish, confirm the fresh release-candidate workflow head SHA matches the commit being published.
 - After any future real publish, run the manual published package verification workflow and download `agent-cli-runtime-published-verification`; it must pass `npm run published:verify:evidence -- --dir <downloaded-artifact-dir>`.
-- Historical P3-9 run `27943672095` only proves target SHA `65fac505ca3eb830a06d8656068cf4ed5f6dd46a`.
 - Do not reuse historical workflow runs as publish evidence for a later commit.
 ## Boundaries
 - Do not add npm tokens, GitHub tokens, registry credential environment variables, or private auth files.
-- Do not configure real npm trusted publishing during P2-13.
+- Do not configure real npm trusted publishing in this release line.
 - Do not add daemon, database, WAL, remote worker, web UI, telemetry, scheduler expansion, or package-root value exports.
+- Do not run `npm publish`, `npm deprecate`, or GitHub Release create/edit commands without explicit maintainer authorization.
 ## Future Pre-Publish Checks
-Run from the repository root on a clean `main` checkout before any future package version is published:
+Run from the repository root on a clean checkout before any future package version is published:
 ```bash
 git status --short
@@ -47,6 +45,7 @@ npm run lint
 npm test
 npm run build
 npm run package:check
+npm run package:docs:check
 tmp_dir="$(mktemp -d)"
 npm run release:candidate -- --out-dir "$tmp_dir"
 npm run release:verify -- --dir "$tmp_dir"
@@ -65,7 +64,7 @@ git rev-parse HEAD
 git rev-parse origin/main
 gh workflow run release-candidate.yml --ref main
 gh run view <current-release-candidate-run-id> --json headSha,status,conclusion,url,jobs
-npm view agent-cli-runtime@0.1.0-alpha.2 version --json
+npm view agent-cli-runtime@<next-version> version --json
 npm dist-tag ls agent-cli-runtime
 ```
@@ -75,9 +74,7 @@ The dry-run command is the required local npm publish simulation for this stage:
 npm publish --dry-run --ignore-scripts --tag alpha
 ```
-The command must report a dry run and must show `tag alpha`. If it reports `latest`, stop and fix the command or metadata before publishing.
-Dry-run stop point: stop after `npm publish --dry-run --ignore-scripts --tag alpha` until a maintainer separately authorizes the true publish of a new immutable version and fresh current-head release-candidate evidence has passed.
+The command must report a dry run and must show `tag alpha`. If it reports `latest`, fix the command or metadata before publishing.
 ## Human Confirmation Points
@@ -85,11 +82,11 @@ Before a future real publish, a maintainer must confirm:
 - The version is exactly the intended immutable npm version. A published `name@version` cannot be overwritten.
 - The release-candidate run head SHA matches the commit being published; historical runs are insufficient for later commits.
-- `npm pack --dry-run` and `npm publish --dry-run --ignore-scripts --tag alpha` show only expected files.
-- `.reference/`, `tests/`, fixtures, raw real CLI output, private paths, token-looking values, and repair backups are absent from the packed files.
+- `npm run package:docs:check`, `npm pack --dry-run`, and `npm publish --dry-run --ignore-scripts --tag alpha` show only expected files and release-state wording.
+- `.reference/`, `.release-evidence/`, `tests/`, fixtures, raw real CLI output, private paths, token-looking values, and repair backups are absent from the packed files.
 - `dist/index.js` runtime value exports remain limited to `createAgentRuntime`.
 - `dist/index.d.ts` exposes public types without re-exporting storage/parser/store internals as the package-root contract.
-- The alpha tag is intentional. If there is still no stable version and npm also points `latest` at the pre-alpha, document that exact post-publish state.
+- The alpha tag is intentional. If there is still no stable version and npm also points `latest` at a pre-alpha, document that exact post-publish state outside packaged docs or in stable package wording that names the registry as authoritative.
 - The npm account/package publishing policy is understood: 2FA or an approved token path is required by npm package settings.
 - The publisher accepts the provenance choice below and has the right npm package permissions.
@@ -116,8 +113,7 @@ If npm asks for a second factor, complete the interactive 2FA prompt or use the
 Immediately after any real publish:
 ```bash
-npm view agent-cli-runtime@0.1.0-alpha.1 version dist-tags --json
-npm view agent-cli-runtime@0.1.0-alpha.2 version dist-tags --json
+npm view agent-cli-runtime@0.1.0-alpha.3 version dist-tags --json
 npm dist-tag ls agent-cli-runtime
 npm run published:verify -- --out-dir published-verification
 npm run published:verify:evidence -- --dir published-verification
@@ -125,27 +121,23 @@ npm run published:verify:evidence -- --dir published-verification
 Expected result:
-- Before alpha.2 publish, `alpha` points to `0.1.0-alpha.1`.
-- After an authorized alpha.2 publish, `alpha` points to `0.1.0-alpha.2`.
-- `latest` is absent, points to a stable version, or is explicitly documented as pointing to the only published pre-alpha version if npm does not allow removing it.
+- `agent-cli-runtime@0.1.0-alpha.3` is the corrective package line.
+- Registry dist-tags match the maintainer's intended pre-alpha policy.
+- Published verification includes `agent-cli-runtime.packagedDocsVerification.v1` for the npm registry tarball.
 If the wrong tag is attached but the package version itself is acceptable, fix the tag rather than republishing the same version:
 ```bash
-npm dist-tag add agent-cli-runtime@0.1.0-alpha.1 alpha
-npm dist-tag add agent-cli-runtime@0.1.0-alpha.2 alpha
-npm dist-tag rm agent-cli-runtime latest
+npm dist-tag add agent-cli-runtime@0.1.0-alpha.3 alpha
 npm dist-tag ls agent-cli-runtime
 ```
-Only remove `latest` after confirming it points to the accidental alpha version.
 ## 2FA, Token, And Provenance Strategy
-P2-13 decision:
+Current decision:
-- Preferred future automated path: npm trusted publishing from a dedicated GitHub Actions publish workflow with a human approval gate. This is not configured in P2-13.
-- Preferred first alpha path if publishing manually: interactive local `npm publish --tag alpha` by a maintainer with 2FA enabled and no committed tokens.
+- Preferred future automated path: npm trusted publishing from a dedicated GitHub Actions publish workflow with a human approval gate. This is not configured here.
+- Preferred manual alpha path: interactive local `npm publish --tag alpha` by a maintainer with 2FA enabled and no committed tokens.
 - Avoid long-lived npm automation tokens for this package unless trusted publishing cannot be used and a maintainer explicitly accepts the rotation, scope, and audit trade-off.
 - Do not add registry credential environment variables to the existing `ci.yml` or `release-candidate.yml` workflows.
@@ -174,15 +166,15 @@ Useful official references:
 If dry-run fails:
-- Stop. Do not attempt a real publish.
-- Fix metadata, build output, package boundary, or auth state.
+- Stop before any registry mutation.
+- Fix metadata, build output, package boundary, package docs, or auth state.
 - Rerun the full pre-publish checks.
 If real publish fails before package creation:
 - Capture the redacted error class only.
 - Do not commit npm debug logs if they contain local paths, auth state, or registry session details.
-- Re-run `npm view agent-cli-runtime@0.1.0-alpha.2 version --json` before retrying to confirm the version was not created.
+- Re-run `npm view agent-cli-runtime@0.1.0-alpha.3 version --json` before retrying to confirm the version was not created.
 If real publish succeeds but post-publish checks fail:
@@ -192,15 +184,13 @@ If real publish succeeds but post-publish checks fail:
 - If the package is unsafe and still eligible under npm policy, consider unpublish only as an emergency path:
 ```bash
-npm unpublish agent-cli-runtime@0.1.0-alpha.1
-npm unpublish agent-cli-runtime@0.1.0-alpha.2
+npm unpublish agent-cli-runtime@0.1.0-alpha.3
 ```
 Unpublish has strict policy limits and cannot make the same `name@version` reusable. If unpublish is not allowed or would break consumers, prefer deprecation:
 ```bash
-npm deprecate agent-cli-runtime@0.1.0-alpha.1 "Do not use this alpha; upgrade to a later pre-release."
-npm deprecate agent-cli-runtime@0.1.0-alpha.2 "Do not use this alpha; upgrade to a later pre-release."
+npm deprecate agent-cli-runtime@0.1.0-alpha.3 "Do not use this alpha; upgrade to a later pre-release."
 ```
 ## Rollback Boundary
@@ -212,4 +202,4 @@ Rollback means one of these actions:
 - Unpublish only when npm policy allows it and a maintainer accepts the registry impact.
 - Publish a new corrected pre-release version.
-Rollback does not mean overwriting `agent-cli-runtime@0.1.0-alpha.1` or `agent-cli-runtime@0.1.0-alpha.2`; npm does not permit replacing an already published package version.
+Rollback does not mean overwriting `agent-cli-runtime@0.1.0-alpha.2` or `agent-cli-runtime@0.1.0-alpha.3`; npm does not permit replacing an already published package version.

package/docs/release-report.md CHANGED Viewed

@@ -1,57 +1,64 @@
-# Release Report: 0.1.0-alpha.2 Publish Dry-Run
+# Release Report: 0.1.0-alpha.3 Corrective Release
-Status: `0.1.0-alpha.1` published; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point
-Last updated: 2026-06-25
+Status: `0.1.0-alpha.3` corrective pre-alpha release
+Last updated: 2026-06-26
 This report is the packaged, stable release-state summary. Volatile release evidence such as current workflow run ids, artifact ids, artifact digests, tarball hashes, pack hashes, local temporary paths, command transcripts, raw logs, raw CLI output, prompt text, and token-looking values belongs outside the npm package under `.release-evidence/` or durable GitHub Release assets.
 ## Current State
-- Published npm package: `agent-cli-runtime@0.1.0-alpha.1`.
-- Published GitHub pre-release: `v0.1.0-alpha.1`.
+- Corrective package line: `agent-cli-runtime@0.1.0-alpha.3`.
+- `agent-cli-runtime@0.1.0-alpha.2` is published on npm and has GitHub pre-release `v0.1.0-alpha.2`, but its immutable npm tarball contains stale pre-publish package docs.
+- `agent-cli-runtime@0.1.0-alpha.1` remains an earlier published alpha with GitHub pre-release `v0.1.0-alpha.1`.
 - `agent-cli-runtime@0.1.0-alpha.0` is deprecated because its immutable package docs shipped stale pre-publish status text.
-- Candidate package metadata in this repository: `agent-cli-runtime@0.1.0-alpha.2`.
-- `0.1.0-alpha.2` has fresh main release-candidate evidence and local publish dry-run evidence.
-- `0.1.0-alpha.2` is not published and must not be described as published until a maintainer separately authorizes a real npm publish.
-- Current npm dist-tags remain `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`; while there is no stable version, this is recorded as current pre-alpha registry state rather than release failure evidence.
+- npm registry metadata and GitHub Releases are the source of truth for available versions and dist-tags.
+- `.release-evidence/` and `.reference/` stay outside npm package contents.
 ## Verdict
-`0.1.0-alpha.2` is ready to be treated as a publish-ready release candidate after fresh main release-candidate evidence, downloaded artifact verification, and local publish dry-run verification. It remains human-controlled:
+`0.1.0-alpha.3` is the corrective pre-alpha release for the stale alpha.2 package-docs incident. The release gate now verifies the docs that actually enter the tarball:
+- local `npm pack` is unpacked and scanned by `npm run package:docs:check`;
+- `npm run package:check` includes the packaged-docs check after the package boundary check;
+- `npm run prepublish:check` includes the packaged-docs check through `npm run package:check`;
+- post-publish verification downloads and unpacks the npm registry tarball before accepting package-docs state;
+- later repository docs are not treated as proof that an already published immutable tarball was fixed.
+The release remains local-first runtime/kernel scope:
-- no real `npm publish` is performed without explicit maintainer authorization;
-- no GitHub Release is created without explicit maintainer authorization;
 - no npm token, `NODE_AUTH_TOKEN`, trusted publishing setup, or publish workflow secret is added;
 - no authenticated real Codex/Claude/OpenCode run is launched by default gates;
-- `.release-evidence/` and `.reference/` stay outside npm package contents;
-- this package remains a local-first runtime/kernel, not a hosted daemon, control plane, API server, database/WAL, web UI, telemetry system, or remote worker.
+- no daemon, hosted control plane, API server, database/WAL, web UI, telemetry system, or remote worker is added.
-## P7-3 Alpha.2 Publish Dry-Run Flow
+## P7-5 Alpha.3 Corrective Flow
-The human-controlled alpha.2 path is:
+The alpha.3 pre-publish path uses:
 ```bash
+npm test
 npm run typecheck
 npm run lint
-npm test
 npm run package:check
-npm run compat:real:evidence:verify
-npm run release:candidate -- --out-dir <tmp-dir>
-npm run release:verify -- --dir <tmp-dir>
-npm pack --dry-run
+npm run package:docs:check
+npm run prepublish:check
 npm publish --dry-run --ignore-scripts --tag alpha
-node ./dist/cli/main.js agents --json
-node ./dist/cli/main.js doctor --json
+npm pack --dry-run
 git diff --check
 ```
-The dry-run command is the current stop point:
+The packaged-docs check runs an actual local pack and tarball extraction:
 ```bash
-npm publish --dry-run --ignore-scripts --tag alpha
+node ./scripts/check-packaged-docs.mjs
 ```
-It must show a dry run with `tag alpha`. A real publish requires a separate explicit maintainer authorization after fresh current-head release-candidate evidence passes.
+Published verification uses the registry package, not repo files:
+```bash
+node ./scripts/check-packaged-docs.mjs --package-spec agent-cli-runtime@0.1.0-alpha.3
+npm run published:verify -- --out-dir published-verification
+npm run published:verify:evidence -- --dir published-verification
+```
 ## Release-Candidate Artifacts
@@ -88,18 +95,7 @@ The npm package may include stable docs, examples, `dist/`, and the runtime entr
 - raw prompts or full command transcripts
 - token-looking values, Bearer values, or auth environment assignment values
-`npm run package:check`, `npm pack --dry-run`, and `npm run release:verify -- --dir <tmp-dir>` enforce this boundary.
-## P6 Evidence Boundary
-P6 added the offline real compatibility evidence verifier and proved that the release-candidate gate can carry compatibility evidence without launching authenticated real agent runs. The current packaged report records only the stable rule:
-- `compat:real:evidence:verify` is part of `prepublish:check` and `release:candidate`;
-- the verifier reads repo-only evidence under `.release-evidence/`;
-- `dogfood` and normal CI do not depend on repo-only compatibility evidence;
-- release gate summaries keep only command, ok state, schema versions, and redacted diagnostic count/codes.
-Detailed P6-4, P6-5, and P6-6 run/artifact summaries are repo-local evidence files under `.release-evidence/`. They are not package content and must not be copied into README or packaged docs.
+`npm run package:check`, `npm run package:docs:check`, `npm pack --dry-run`, and `npm run release:verify -- --dir <tmp-dir>` enforce this boundary.
 ## Schema And Compatibility Contracts
@@ -109,12 +105,13 @@ The API and CLI schema inventory, versioning policy, root export boundary, and f
 - `agent-cli-runtime.releaseGateEvidence.v1`
 - `agent-cli-runtime.realCompatibilityEvidenceVerification.v1`
 - `agent-cli-runtime.realCompatibilityEvidence.v1`
+- `agent-cli-runtime.packagedDocsVerification.v1`
+- `agent-cli-runtime.publishedVerification.v1`
 Skipped evidence is not success, `auth_missing` is not unavailable, and `needs_verification` must not be guessed into support.
 ## Known Risks
-- `0.1.0-alpha.2` is still unpublished; registry and GitHub Release post-publish verification can only run after explicit real publish authorization.
 - Real CLI behavior, auth state, model lists, and flags can drift after dated compatibility evidence.
 - npm dry-run output can vary by npm version and registry context, so the alpha dry-run remains a local manual safety gate rather than a required remote CI gate.
 - Trusted publishing and provenance are not configured. Any future provenance claim must match the actual publish path.

package/docs/ssot.md CHANGED Viewed

@@ -1,8 +1,8 @@
 # 本地 Coding Agent CLI Runtime SSOT
-状态：0.1.0-alpha.1 已发布；0.1.0-alpha.2 为 publish-ready release candidate；P7-3 dry-run publish evidence 保持包外记录
+状态：0.1.0-alpha.3 corrective pre-alpha release；P7-5 corrective evidence 保持包外记录
 负责人：local project
-最后更新：2026-06-25
+最后更新：2026-06-26
 主要语言：中文；API 名、CLI 名、模型名、协议名、错误码、代码标识符等技术关键词保留英文。
 本页同时记录了当前边界与历史里程碑；凡未以“当前”或“P3-1”明确标注者，均作为历史证据归档，不代表当前承诺 API。
@@ -23,13 +23,13 @@ Runtime 不重新实现 agent loop。模型调用、规划、工具执行、权
 从 OpenDesign 抽取的是 adapter/runtime 边界，而不是整套 OpenDesign daemon、design workspace、plugin system、media pipeline、web UI、artifact model 或 skill marketplace。
-当前已发布 npm 版本是 `0.1.0-alpha.1`。当前仓库版本 `0.1.0-alpha.2` 是 alpha.2 publish-ready release candidate：fresh main release-candidate evidence 与 `npm publish --dry-run --ignore-scripts --tag alpha` 均作为包外证据记录。真实 npm publish 和 GitHub Release 创建必须由 maintainer 另行明确授权。
+`0.1.0-alpha.3` 是面向 package consumer 的 corrective pre-alpha release。`0.1.0-alpha.2` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.2`，但其不可变 npm tarball 内含过期的发布前 package docs。可用版本和 dist-tags 以 npm registry metadata 与 GitHub Releases 为准。P7-5 corrective evidence、fresh release-candidate evidence、registry package-docs verification、installed-package smoke 和 GitHub Release verification 均作为包外证据记录。
 P3-11 current-head evidence boundary 继续约束 release-candidate 与 post-alpha evidence：易漂移发布证据必须留在包外，并且每个 workflow run 只证明自己的 `headSha`。Published verification 和 release-candidate run id、artifact metadata、target SHA、下载复验命令和 registry 摘要记录在 `.release-evidence/`，不写入 npm package。
 Current-head release-candidate 的易漂移证据必须移出 npm package：当前 run id、artifact metadata、tarball hash、pack hash、下载归一化路径和本地命令摘录写入 `.release-evidence/` 或作为 GitHub Release assets 长期保留，包内 README/docs 只保留稳定发布规则、artifact 名称、验证命令、dry-run 边界、人工发布门禁和历史证据的 historical-only 说明。`package:check` 与 `release:verify` 均拒绝 `.release-evidence/` 出现在 npm pack metadata 中。fresh release-candidate workflow 只证明它自己的 `headSha`；`npm publish --dry-run --ignore-scripts --tag alpha` 只是 dry-run，不是真实发布。
-`0.1.0-alpha.1` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.1`。`0.1.0-alpha.0` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.0`；该不可变 tarball 内含过期的发布前状态说明，所以 `0.1.0-alpha.0` 已 deprecate。当前 npm dist-tags 为 `alpha -> 0.1.0-alpha.1` 和 `latest -> 0.1.0-alpha.1`；由于当前只有 pre-alpha 版本，这被记录为 registry 现实状态，不当作发布失败。P4-1 post-alpha normalization 的规则是：registry 和 GitHub Release asset 分别证明各自 raw gzip artifact；两者 gzip hash 可以不同，但解包后的 `package/` 文件列表和内容必须一致，否则停止并报告 blocker。验证入口是 `npm run release:post-alpha:verify`、`npm run smoke:published` 和 `npm run release:verify -- --dir <downloaded-github-release-assets-dir>`。历史 workflow run 只证明各自的 `headSha`，不得作为后续 commit 的发布证据。P3-7 的 schema inventory、version bump policy、public root boundary 和 failure taxonomy 入口是 [docs/api-schema-contract.md](./api-schema-contract.md)。HTTP/API、auth、tenant/team、queue admission、remote worker、UI/artifact、telemetry、database/WAL 仍由上层负责。具体嵌入契约见 [docs/daemon-ready-contract.md](./daemon-ready-contract.md)。
+`0.1.0-alpha.2` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.2`，但其不可变 npm tarball 内含过期的发布前 package docs。`0.1.0-alpha.3` 是 corrective pre-alpha release。`0.1.0-alpha.1` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.1`。`0.1.0-alpha.0` 已发布到 npm，并创建了 GitHub pre-release `v0.1.0-alpha.0`；该不可变 tarball 内含过期的发布前状态说明，所以 `0.1.0-alpha.0` 已 deprecate。可用版本和 dist-tags 以 npm registry metadata 与 GitHub Releases 为准。P4-1 post-alpha normalization 的规则是：registry 和 GitHub Release asset 分别证明各自 raw gzip artifact；两者 gzip hash 可以不同，但解包后的 `package/` 文件列表和内容必须一致，否则停止并报告 blocker。验证入口是 `npm run release:post-alpha:verify`、`npm run smoke:published`、`npm run package:docs:check` 和 `npm run release:verify -- --dir <downloaded-github-release-assets-dir>`。历史 workflow run 只证明各自的 `headSha`，不得作为后续 commit 的发布证据。P3-7 的 schema inventory、version bump policy、public root boundary 和 failure taxonomy 入口是 [docs/api-schema-contract.md](./api-schema-contract.md)。HTTP/API、auth、tenant/team、queue admission、remote worker、UI/artifact、telemetry、database/WAL 仍由上层负责。具体嵌入契约见 [docs/daemon-ready-contract.md](./daemon-ready-contract.md)。
 P5-1 的 published-package daemon consumer harness 使用 `npm run published:daemon:verify`。该 gate 从 npm registry 安装 `agent-cli-runtime@0.1.0-alpha.1` 到临时 consumer project，不依赖本仓库源码 import、不使用本地 `dist/` 或 freshly packed tarball。consumer 进程只从 package root import `createAgentRuntime`，使用 fake Codex/Claude/OpenCode binaries 和独立临时 `storageDir`，覆盖 detect、run success、goal success、cancel、timeout、run/goal replay、writer active 时 read-only inspection、second-writer refusal、shutdown/reopen 和 stale owner recovery。输出 schema 固定为 `agent-runtime.publishedDaemonConsumer.v1`，必须包含 `packageSource: "npm-registry"`、`version`、`checks`、`diagnostics` 和 `noAuthenticatedRealRun`，且不得泄露 temp path、真实用户路径、token、raw secret 或完整 prompt。P5-1 不发布新 npm 版本、不引入 daemon server/HTTP/RPC/database/WAL/remote worker/queue service/UI/telemetry、不扩大 package root value exports，`createAgentRuntime` 仍是唯一 package-root value export。
@@ -45,7 +45,7 @@ P6-4 针对尚未合入 `origin/main` 的 P6-3 branch target 触发 fresh `.gith
 P6-5 在 P6-1 至 P6-4 合入 `main` 后触发 fresh `.github/workflows/release-candidate.yml`，下载五个 artifacts 后执行 `npm run release:verify -- --dir <normalized-downloaded-artifact-dir>`。下载的 `gate-evidence.json` 包含 `daemon:verify`、`runtime:safety` 和 `compat:real:evidence:verify`；compat gate 输出 schema 为 `agent-cli-runtime.realCompatibilityEvidenceVerification.v1`，被验证 evidence schema 为 `agent-cli-runtime.realCompatibilityEvidence.v1`，diagnostics 只有 count/codes 摘要。证据摘要记录在 `.release-evidence/p6-5-main-release-candidate.json`，属于 main-scoped evidence；它不发布 npm、不创建 npm token、不配置 trusted publishing、不执行 authenticated real agent run。
-P6-6 记录 P6-5 合并后的 main HEAD release-candidate artifact 可复验证据，摘要保存在 `.release-evidence/p6-6-main-head-release-candidate.json`。P6-6 证据只在包外，不改变 npm package 内容；P7-3 记录 `0.1.0-alpha.2` 的 fresh main release-candidate 与 dry-run publish evidence，摘要保存在 `.release-evidence/p7-3-alpha-2-publish.json`，并继续遵守同一边界。
+P6-6 记录 P6-5 合并后的 main HEAD release-candidate artifact 可复验证据，摘要保存在 `.release-evidence/p6-6-main-head-release-candidate.json`。P6-6 证据只在包外，不改变 npm package 内容；P7-4 记录 `0.1.0-alpha.2` 的 post-publish evidence，摘要保存在 `.release-evidence/p7-4-alpha-2-post-publish.json`；P7-5 记录 `0.1.0-alpha.3` corrective release evidence，摘要保存在 `.release-evidence/p7-5-alpha-3-corrective-release.json`，并继续遵守同一边界。
 ## 2. OpenDesign 参考基线
@@ -1135,7 +1135,7 @@ agent-runtime smoke --mode real --agent codex --allow-real-run --expect-text <sa
 - 2026-06-20 remote audit 触发了 `.github/workflows/release-candidate.yml` 的真实 `workflow_dispatch` run：run id <recorded outside package>，URL `https://github.com/iiwish/agent-cli-runtime/actions/runs/27869580048`，commit `2f8832119b4ebdb8393077052560589a398ebf56`，branch `main`，status/conclusion 为 `completed` / `success`。
 - 该 run 的 job `Build release candidate artifacts` 执行并通过 `npm ci`、`npm run ci`、`npm run dogfood`、`npm pack --json`、`npm run release:verify` 和四个 artifact upload step；workflow 没有执行 `npm publish`，没有要求 npm token，也没有传 `--allow-real-run`。
 - 下载并复验 artifacts：`agent-cli-runtime-tarball`、`agent-cli-runtime-pack-metadata`、`agent-cli-runtime-package-files`、`agent-cli-runtime-release-verification`。GitHub 下载目录按 artifact name 分层，因此临时归一化到同层 review dir 后执行 `npm run release:verify -- --dir <local-temp-dir>`。
-- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `145`、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size `187378` bytes、tarball sha256 <recorded outside package>、diagnostics empty。
+- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `145`、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size <recorded outside package>、tarball sha256 <recorded outside package>、diagnostics empty。
 - P2-12 仍不发布 npm，不要求 npm token，不执行 authenticated real agent run，不新增 daemon、database、WAL、remote worker、web UI、telemetry 或 package root value API；remote evidence 只证明 commit `2f8832119b4ebdb8393077052560589a398ebf56`，不能自动外推到后续提交。
 ### P2-13：Alpha Publish Readiness Decision
@@ -1197,7 +1197,7 @@ agent-runtime smoke --mode real --agent codex --allow-real-run --expect-text <sa
 - Job `Build release candidate artifacts` 在 `2026-06-22T05:56:53Z` 开始、`2026-06-22T05:57:58Z` 完成；`Run CI gate`、`Run dogfood gate without authenticated real runs`、`Create npm pack artifact and gate evidence without publishing` 及五个 upload artifact steps 均为 `success`。
 - GitHub API 返回五个 artifacts：`agent-cli-runtime-tarball` id <recorded outside package> size `206911` digest `sha256:<redacted>` expires `2026-07-06T05:57:52Z`；`agent-cli-runtime-pack-metadata` id <recorded outside package> size `1960` digest `sha256:<redacted>` expires `2026-07-06T05:57:53Z`；`agent-cli-runtime-package-files` id <recorded outside package> size `947` digest `sha256:<redacted>` expires `2026-07-06T05:57:54Z`；`agent-cli-runtime-gate-evidence` id <recorded outside package> size `443` digest `sha256:<redacted>` expires `2026-07-06T05:57:55Z`；`agent-cli-runtime-release-verification` id <recorded outside package> size `649` digest `sha256:<redacted>` expires `2026-07-06T05:57:56Z`。
 - 下载路径 `<local-temp-dir>` 按 artifact name 分目录；归一化到 `<local-temp-dir>` 后执行 `npm run release:verify -- --dir <local-temp-dir>`。
-- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `147`、review-time 本地 pack file count `147`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size `206662` bytes、tarball sha256 <recorded outside package>。
+- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `147`、review-time 本地 pack file count `147`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size <recorded outside package>、tarball sha256 <recorded outside package>。
 - `gate-evidence.json` 包含 `daemon:verify` 和 `runtime:safety`，两个 gate 的 `packageSource` 均为 `installed-tarball`，并记录 `noAuthenticatedRealRun: true`、`noNpmPublish: true`、`noNpmToken: true`。
 - 本地 sanity gate：`git diff --check`、`node ./dist/cli/main.js agents --json`、`node ./dist/cli/main.js doctor --json`、`node ./dist/cli/main.js conformance --mode real --agent all --json` 均通过；未带 `--allow-real-run`，Codex/OpenCode 为 `real_run_skipped`，Claude 为 `auth_missing`。
@@ -1220,7 +1220,7 @@ agent-runtime smoke --mode real --agent codex --allow-real-run --expect-text <sa
 - Job `Build release candidate artifacts` id <recorded outside package> 在 `2026-06-22T08:49:47Z` 开始、`2026-06-22T08:51:09Z` 完成；`Run CI gate`、`Run dogfood gate without authenticated real runs`、`Create npm pack artifact and gate evidence without publishing` 及五个 upload artifact steps 均为 `success`。
 - GitHub API 返回五个 artifacts：`agent-cli-runtime-tarball` id <recorded outside package> size `220040` digest `sha256:<redacted>` expires `2026-07-06T08:50:58Z`；`agent-cli-runtime-pack-metadata` id <recorded outside package> size `2011` digest `sha256:<redacted>` expires `2026-07-06T08:51:00Z`；`agent-cli-runtime-package-files` id <recorded outside package> size `963` digest `sha256:<redacted>` expires `2026-07-06T08:51:02Z`；`agent-cli-runtime-gate-evidence` id <recorded outside package> size `443` digest `sha256:<redacted>` expires `2026-07-06T08:51:03Z`；`agent-cli-runtime-release-verification` id <recorded outside package> size `649` digest `sha256:<redacted>` expires `2026-07-06T08:51:04Z`。
 - 下载路径 `<local-temp-dir>` 按 artifact name 分目录；归一化到 `<local-temp-dir>` 后执行 `npm run release:verify -- --dir <local-temp-dir>`。
-- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size `219786` bytes、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>。
+- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size <recorded outside package>、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>。
 - `gate-evidence.json` 包含 `daemon:verify` 和 `runtime:safety`，两个 gate 的 `packageSource` 均为 `installed-tarball`，并记录 `noAuthenticatedRealRun: true`、`noNpmPublish: true`、`noNpmToken: true`。
 - Package file list 151 项，无 `.reference/`、`tests/`、fixtures、raw real CLI output、private paths、token-looking values、Bearer values 或 auth env assignments。下载 artifacts 和 tarball 保留在 `<local-temp-dir>`，不进入仓库。
@@ -1233,10 +1233,10 @@ agent-runtime smoke --mode real --agent codex --allow-real-run --expect-text <sa
 - Job `Build release candidate artifacts` id <recorded outside package>，URL `https://github.com/iiwish/agent-cli-runtime/actions/runs/27945938663/job/82690587870`，在 `2026-06-22T10:22:18Z` 开始、`2026-06-22T10:23:33Z` 完成；`Run CI gate`、`Run dogfood gate without authenticated real runs`、`Create npm pack artifact and gate evidence without publishing` 及五个 upload artifact steps 均为 `success`。
 - GitHub API 返回五个 artifacts：`agent-cli-runtime-tarball` id <recorded outside package> size `225632` digest `sha256:<redacted>` expires `2026-07-06T10:23:22Z`；`agent-cli-runtime-pack-metadata` id <recorded outside package> size `1998` digest `sha256:<redacted>` expires `2026-07-06T10:23:24Z`；`agent-cli-runtime-package-files` id <recorded outside package> size `961` digest `sha256:<redacted>` expires `2026-07-06T10:23:25Z`；`agent-cli-runtime-gate-evidence` id <recorded outside package> size `443` digest `sha256:<redacted>` expires `2026-07-06T10:23:27Z`；`agent-cli-runtime-release-verification` id <recorded outside package> size `649` digest `sha256:<redacted>` expires `2026-07-06T10:23:28Z`。
 - 下载路径 `<local-temp-dir>` 按 artifact name 分目录；归一化到 `<local-temp-dir>` 后执行 `npm run release:verify -- --dir <local-temp-dir>`。
-- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size `225378` bytes、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>、integrity <recorded outside package>。
+- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size <recorded outside package>、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>、integrity <recorded outside package>。
 - `gate-evidence.json` 包含 `daemon:verify` 和 `runtime:safety`，两个 gate 的 `packageSource` 均为 `installed-tarball`，并记录 `noAuthenticatedRealRun: true`、`noNpmPublish: true`、`noNpmToken: true`。
 - Package file list 151 项，无 `.reference/`、`tests/`、fixture paths、raw real CLI output、private paths、token-looking values、Bearer values 或 auth env assignments。下载 artifacts 和 tarball 保留在 `<local-temp-dir>`，不进入仓库。
-- Human-gated publish packet 只记录未来发布路径；P3-10 的 stop point 是 `npm publish --dry-run --ignore-scripts --tag alpha`，真发布命令必须由用户后续单独明确授权后才可执行。
+- Human-gated publish packet 只记录未来发布路径；P3-10 在 `npm publish --dry-run --ignore-scripts --tag alpha` 后保持 human gate，真发布命令必须由用户后续单独明确授权后才可执行。
 - Release docs 包含在 `package.json` `files` 中；提交本 P3-10 packet 会改变 npm pack shasum。run `27945938663` 不能作为提交这些文档后的最终发布证据；真实发布前必须在提交后触发 fresh release-candidate workflow 并重新下载复验 artifacts。
 ### P3-9：Final Alpha Dry-Run & Evidence-Target Release Readiness Lock（historical）
@@ -1249,7 +1249,7 @@ agent-runtime smoke --mode real --agent codex --allow-real-run --expect-text <sa
 - Job `Build release candidate artifacts` id <recorded outside package> 在 `2026-06-22T09:40:45Z` 开始、`2026-06-22T09:41:58Z` 完成；`Run CI gate`、`Run dogfood gate without authenticated real runs`、`Create npm pack artifact and gate evidence without publishing` 及五个 upload artifact steps 均为 `success`。
 - GitHub API 返回五个 artifacts：`agent-cli-runtime-tarball` id <recorded outside package> size `224994` digest `sha256:<redacted>` expires `2026-07-06T09:41:51Z`；`agent-cli-runtime-pack-metadata` id <recorded outside package> size `2003` digest `sha256:<redacted>` expires `2026-07-06T09:41:52Z`；`agent-cli-runtime-package-files` id <recorded outside package> size `961` digest `sha256:<redacted>` expires `2026-07-06T09:41:53Z`；`agent-cli-runtime-gate-evidence` id <recorded outside package> size `444` digest `sha256:<redacted>` expires `2026-07-06T09:41:54Z`；`agent-cli-runtime-release-verification` id <recorded outside package> size `649` digest `sha256:<redacted>` expires `2026-07-06T09:41:55Z`。
 - 下载路径 `<local-temp-dir>` 按 artifact name 分目录；归一化到 `<local-temp-dir>` 后执行 `npm run release:verify -- --dir <local-temp-dir>`。
-- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size `224740` bytes、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>。
+- 下载 artifact 复验结果为 `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`、`ok: true`、package file count `151`、diagnostics empty、tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`、tarball size <recorded outside package>、tarball sha256 <recorded outside package>、npm pack shasum <recorded outside package>。
 - `gate-evidence.json` 包含 `daemon:verify` 和 `runtime:safety`，两个 gate 的 `packageSource` 均为 `installed-tarball`，并记录 `noAuthenticatedRealRun: true`、`noNpmPublish: true`、`noNpmToken: true`。
 - Package file list 151 项，无 `.reference/`、`tests/`、fixture paths、raw real CLI output、private paths、token-looking values、Bearer values 或 auth env assignments。下载 artifacts 和 tarball 保留在 `<local-temp-dir>`，不进入仓库。

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "agent-cli-runtime",
-  "version": "0.1.0-alpha.2",
+  "version": "0.1.0-alpha.3",
   "description": "Local-first TypeScript runtime for scheduling Codex CLI, Claude Code, OpenCode, and compatible coding-agent CLIs.",
   "type": "module",
   "license": "Apache-2.0",
@@ -52,7 +52,8 @@
     "compat:real:evidence:verify": "node ./scripts/verify-real-compatibility-evidence.mjs",
     "daemon:verify": "node ./scripts/verify-daemon-ready.mjs",
     "dogfood": "node ./scripts/dogfood.mjs",
-    "package:check": "node ./scripts/check-package-boundary.mjs",
+    "package:check": "node ./scripts/check-package-boundary.mjs && node ./scripts/check-packaged-docs.mjs",
+    "package:docs:check": "node ./scripts/check-packaged-docs.mjs",
     "prepublish:check": "npm run typecheck && npm run lint && npm test && npm run build && npm run daemon:verify && npm run runtime:safety && npm run compat:real:evidence:verify && npm run dogfood && npm audit --omit=dev && npm run package:check && npm pack --dry-run",
     "prepack": "npm run build",
     "published:adapters:verify": "node ./scripts/verify-published-adapters.mjs",