claudeos-core 2.1.0 → 2.2.0

package/bin/commands/init.js

@@ -495,14 +495,14 @@ async function runPass3Split(ctx) {
 
   // ═══ Stage 3b: CLAUDE.md + standard/ + .claude/rules/ ═══════════
   //
-  // 단일 배치 (도메인 ≤ 15): 기존 "3b" marker 유지 (backward-compatible).
-  // 다중 배치 (도메인 > 15): "3b-core" 먼저 실행 후 "3b-1", "3b-2", ...
+  // Single batch (domains ≤ 15): keep legacy "3b" marker (backward-compatible).
+  // Multi-batch (domains > 15): run "3b-core" first, then "3b-1", "3b-2", ...
   //
-  // 3b-core 분리 이유: 다중 배치의 첫 배치가 "CLAUDE.md + 공통 standard
-  // + 15 도메인"을 한 세션에 모두 처리하면 단일 스테이지 부하가 ~70-80
-  // 파일까지 치솟음. 관측된 overflow 임계(약 40 파일)보다 2배 가까이 큼.
-  // 공통 파일을 별도 스테이지로 빼서 각 스테이지가 ~50 파일 이하로
-  // 유지되도록 보장.
+  // Rationale for splitting 3b-core: if the first multi-batch stage handled
+  // "CLAUDE.md + common standards + 15 domains" in a single session, that
+  // single stage would hit ~70-80 files — close to 2x the observed overflow
+  // threshold (~40 files). Splitting the common files into their own stage
+  // keeps every stage under ~50 files.
   if (isBatched) {
     await runStage("3b-core", "core common files (CLAUDE.md + common standard + common rules)",
       buildStageCorePrompt("3b", batches),
@@ -522,16 +522,16 @@ async function runPass3Split(ctx) {
               problems.push("claudeos-core/standard/00.core/01.project-overview.md is empty");
             }
           }
-          // 3b-core는 공통 rules만 생성 — rules 카운트 검증은 3b-N에서.
+          // 3b-core generates only common rules — rules-count validation happens in 3b-N.
           return problems;
         },
       }
     );
   }
 
-  // 도메인별 배치 루프.
-  // 단일 배치: stageId "3b", 공통 파일 포함 (기존 동작).
-  // 다중 배치: stageId "3b-1", "3b-2", ..., 공통 파일은 3b-core에서 이미 처리됨.
+  // Per-domain batch loop.
+  // Single batch: stageId "3b", common files included (legacy behavior).
+  // Multi-batch: stageId "3b-1", "3b-2", ..., common files already handled in 3b-core.
   for (let bi = 0; bi < batches.length; bi++) {
     const batchDomains = batches[bi];
     const stageId = isBatched ? `3b-${bi + 1}` : "3b";
@@ -539,8 +539,8 @@ async function runPass3Split(ctx) {
       ? `domain batch ${bi + 1}/${batches.length} (${batchDomains.length} domains)`
       : "core files (CLAUDE.md + standard + rules)";
 
-    // 배치별 프롬프트: 원래 3b 헤더에 이번 배치에서만 처리할 도메인 목록 주입.
-    // 다중 배치에서는 모든 배치가 "도메인 특화 파일만" 생성 (공통 파일은 3b-core에서 처리됨).
+    // Per-batch prompt: inject into the original 3b header the list of domains scoped to this batch.
+    // In multi-batch mode every batch generates "domain-specific files only" (common files handled in 3b-core).
     const batchScopeNote = isBatched
       ? buildBatchScopeNote("3b", bi, batches.length, batchDomains)
       : "";
@@ -553,7 +553,7 @@ async function runPass3Split(ctx) {
       expectsStagedRules: true,
       validate: () => {
         const problems = [];
-        // 단일 배치: 공통 파일 검증 (3b-core가 없으므로 여기서 체크).
+        // Single batch: validate common files here (no 3b-core exists).
         if (!isBatched) {
           if (!fileExists(claudeMdPath)) {
             problems.push("CLAUDE.md was not created");
@@ -568,7 +568,7 @@ async function runPass3Split(ctx) {
             }
           }
         }
-        // 모든 배치에서 rules/ 생성 확인 (최소 1개는 staged-rules가 통과해야 함)
+        // For every batch, confirm rules/ was generated (at least one staged-rules move must succeed).
         const rulesDir = path.join(PROJECT_ROOT, ".claude/rules");
         const rulesCount = countFilesRecursive(rulesDir);
         if (rulesCount === 0) {
@@ -581,11 +581,11 @@ async function runPass3Split(ctx) {
 
   // ═══ Stage 3c: skills/ + guide/ ═══════════════════════════════
   //
-  // 단일 배치 (도메인 ≤ 15): 기존 "3c" marker 유지 (guide + skills 함께).
-  // 다중 배치 (도메인 > 15): "3c-core" 먼저 실행 후 "3c-1", "3c-2", ...
+  // Single batch (domains ≤ 15): keep legacy "3c" marker (guide + skills together).
+  // Multi-batch (domains > 15): run "3c-core" first, then "3c-1", "3c-2", ...
   //
-  // 3c-core 분리 이유: guide 9개 + 공통 skills는 도메인 수 무관하게 고정.
-  // 도메인 배치와 섞이면 첫 배치 부하가 다른 배치보다 커짐.
+  // Rationale for splitting 3c-core: the 9 guide files + common skills are fixed regardless of domain count.
+  // Mixing them into domain batches makes the first batch heavier than the others.
   if (isBatched) {
     await runStage("3c-core", "common guides and shared skills",
       buildStageCorePrompt("3c", batches),
@@ -604,16 +604,16 @@ async function runPass3Split(ctx) {
           for (const g of missingGuides) {
             problems.push(`claudeos-core/guide/${g} missing or empty`);
           }
-          // skills/ 최종 검증은 마지막 도메인 배치에서 수행.
+          // Final skills/ validation is performed in the last domain batch.
           return problems;
         },
       }
     );
   }
 
-  // 도메인별 skills 배치 루프.
-  // 단일 배치: guide + skills 함께 (기존 동작).
-  // 다중 배치: skills만, guide는 이미 3c-core에서 처리됨.
+  // Per-domain skills batch loop.
+  // Single batch: guide + skills together (legacy behavior).
+  // Multi-batch: skills only; guide was already handled in 3c-core.
   for (let bi = 0; bi < batches.length; bi++) {
     const batchDomains = batches[bi];
     const stageId = isBatched ? `3c-${bi + 1}` : "3c";
@@ -633,7 +633,7 @@ async function runPass3Split(ctx) {
       expectsStagedRules: true, // skills occasionally include rule files
       validate: () => {
         const problems = [];
-        // 단일 배치: guide 검증도 여기서 수행 (3c-core가 없으니까).
+        // Single batch: validate guide here as well (no 3c-core).
         if (!isBatched) {
           const guideDir = path.join(PROJECT_ROOT, "claudeos-core/guide");
           const missingGuides = EXPECTED_GUIDE_FILES.filter(g => {
@@ -647,7 +647,7 @@ async function runPass3Split(ctx) {
             problems.push(`claudeos-core/guide/${g} missing or empty`);
           }
         }
-        // Skills 최종 검증: 단일 배치 / 마지막 배치에서만 전체 검증.
+        // Final skills validation: full check only in the single-batch case or the last multi-batch.
         if (!isBatched || bi === batches.length - 1) {
           const { hasNonEmptyMdRecursive } = require("../../lib/expected-outputs");
           const skillsDir = path.join(PROJECT_ROOT, "claudeos-core/skills");
@@ -662,16 +662,16 @@ async function runPass3Split(ctx) {
 
   // ═══ Stage 3d: plan/ + database/ + mcp-guide/ ═════════════════
   //
-  // 3d는 원래 standard/rules/skills/guide 를 master plan 으로 집계하고
-  // database/mcp-guide stub 을 만들던 스테이지였다. 하지만 master plan 자체는
-  // Claude Code 런타임에서 읽히지 않는 도구 내부 백업/관리용 파일이었고,
-  // 도메인 수가 많아지면 단일 세션 집계에서 Prompt is too long 발생 원인이
-  // 됐다 (18 도메인 실측에서 3d-standard가 32 파일 집계 시점에 실패).
-  // master plan 생성을 중단하는 것이 안정성 측면에서 올바른
-  // 결정이며, 필요시 사용자가 직접 스크립트로 집계 가능하다.
+  // 3d used to aggregate standard/rules/skills/guide into a master plan
+  // and generate database/mcp-guide stubs. But the master plan itself was
+  // an internal backup/management file never loaded by Claude Code at runtime,
+  // and at high domain counts the single-session aggregation caused "Prompt is
+  // too long" failures (at 18 domains, 3d-standard failed at the 32-file mark).
+  // Dropping master plan generation is the correct call for stability, and
+  // users can aggregate manually with their own script when needed.
   //
-  // 결과적으로 3d는 aux 만 남음:
-  //   3d-aux → database/ + mcp-guide/ (프로젝트 특성 설명 stub)
+  // As a result, 3d only keeps the aux stage:
+  //   3d-aux → database/ + mcp-guide/ (project-specific stub descriptions)
 
   // 3d-aux: database/ + mcp-guide/ (absence is warning-level)
   await runStage("3d-aux", "aux docs (database + mcp-guide)",
@@ -690,10 +690,10 @@ async function runPass3Split(ctx) {
       `    Check disk space / permissions on ${GENERATED_DIR}/.`
     );
   }
-  // 총 스테이지 수 계산
-  // 3a (1) + 3b 계(단일 1 or core+N) + 3c 계(단일 1 or core+N) + 3d-aux (1)
-  // 단일 배치: 1 + 1 + 1 + 1 = 4
-  // 다중 배치: 1 + (1 + N) + (1 + N) + 1 = 2N + 4
+  // Total stage count
+  // 3a (1) + 3b (1 single or core+N) + 3c (1 single or core+N) + 3d-aux (1)
+  // Single batch: 1 + 1 + 1 + 1 = 4
+  // Multi-batch: 1 + (1 + N) + (1 + N) + 1 = 2N + 4
   const three3dStages = 1; // aux only (master plan aggregation removed)
   const totalStages = isBatched
     ? (1 + 1 + batches.length + 1 + batches.length + three3dStages)
@@ -791,6 +791,42 @@ async function cmdInit(parsedArgs) {
         wasFreshClean = true;
         log("  🔄 Previous results deleted (--force)\n");
       } else {
+        // v2.2.0 upgrade detection: if project was generated with older claudeos-core
+        // (pre-2.2.0), default "resume" mode will skip regeneration of existing files
+        // per Rule B idempotency, meaning v2.2.0 structural improvements will NOT be
+        // picked up. Detect this case by checking CLAUDE.md for v2.2.0 markers.
+        const claudeMd = path.join(PROJECT_ROOT, "CLAUDE.md");
+        if (fileExists(claudeMd)) {
+          try {
+            const content = fs.readFileSync(claudeMd, "utf-8");
+            // v2.2.0 scaffold enforces EXACTLY 8 top-level `##` sections.
+            // Pre-v2.2.0 CLAUDE.md files typically carry 9+ sections (extra
+            // "Rules Summary" / "Common Rules" / "Required to Observe"
+            // blocks that v2.2.0 forbids). Counting `^## ` headings is a
+            // language-independent heuristic that works across all 10
+            // supported output languages. False positive (an existing
+            // 8-section pre-v2.2.0 CLAUDE.md) is acceptable — the user
+            // simply won't see the upgrade warning and can still run
+            // `--force` manually.
+            const sectionCount = (content.match(/^## /gm) || []).length;
+            const hasV220Section8 = sectionCount === 8;
+            if (!hasV220Section8) {
+              log("\n  ⚠️  v2.2.0 upgrade detected");
+              log("  ─────────────────────────");
+              log("  Your existing CLAUDE.md was generated with an older claudeos-core version.");
+              log("  v2.2.0 introduces structural changes that the default 'resume' mode");
+              log("  CANNOT apply because existing files are preserved under Rule B (idempotency).");
+              log("");
+              log("  To fully adopt v2.2.0, choose one of:");
+              log("    1. Rerun with --force:   npx claudeos-core init --force");
+              log("       (overwrites generated files; your memory/ content is preserved)");
+              log("    2. Choose 'fresh' below  (equivalent to --force)");
+              log("");
+              log("  See CHANGELOG.md Migration section for full details.\n");
+            }
+          } catch (_) { /* Read error is non-fatal; proceed to resume prompt */ }
+        }
+
         const status = { pass1Done: existingPass1.length, pass2Done: pass2Exists };
         const mode = await selectResumeMode(lang, status);
         if (!mode) throw new InitError("Cancelled.");
@@ -1143,12 +1179,12 @@ async function cmdInit(parsedArgs) {
     }
   }
   if (fileExists(pass3Marker)) {
-    // v2.1.1: split-mode partial marker 보호.
-    // { mode: "split", groupsCompleted: [...], completedAt: undefined } 형태의
-    // 중간 진행 마커는 stale로 판정하면 안 됨. 3b까지만 완료된 정상 상태에서도
-    // guide/skills/plan이 비어있어서 기존 로직이 잘못 stale 판정하고 marker를
-    // 삭제하면, runPass3Split의 resume 로직이 완료된 스테이지를 못 읽고
-    // 3a부터 전체 재실행하게 됨 (correctness는 OK이지만 토큰 2배 낭비).
+    // v2.1.1: protect split-mode partial markers.
+    // An in-progress marker of the form { mode: "split", groupsCompleted: [...], completedAt: undefined }
+    // must NOT be treated as stale. When the pipeline has normally completed
+    // only through 3b, guide/skills/plan are empty, so the legacy check
+    // falsely flagged the marker as stale. Deleting it made runPass3Split
+    // lose track of completed stages and re-run from 3a (correct but wastes ~2x tokens).
     let markerIsSplitPartial = false;
     try {
       const parsed = JSON.parse(readFile(pass3Marker));
@@ -1158,7 +1194,7 @@ async function cmdInit(parsedArgs) {
         Array.isArray(parsed.groupsCompleted) &&
         !parsed.completedAt;
     } catch (_e) {
-      // malformed marker → stale check로 넘어감 (이전 동작 유지)
+      // malformed marker → fall through to the stale check (legacy behavior)
     }
 
     if (markerIsSplitPartial) {

package/content-validator/index.js

@@ -241,6 +241,11 @@ async function main() {
   }
 
   // ─── 6. claudeos-core/plan/** ──────────────────────────
+  // v2.1.0+ removed master plan generation; plan/ is optional and is not created
+  // during fresh init. If the directory exists (legacy projects, user-authored
+  // plan files), we still validate its contents. If it is absent, that is the
+  // expected state post-v2.1.0 — do not push a MISSING error (parallel to
+  // plan-validator / manifest-generator which were already updated in v2.1.0).
   console.log("  [6/9] claudeos-core/plan/...");
   if (fs.existsSync(PLAN_DIR)) {
     const planFiles = await glob("*.md", { cwd: PLAN_DIR, absolute: true });
@@ -261,7 +266,7 @@ async function main() {
     }
     console.log(`    ${planFiles.length} files checked`);
   } else {
-    errors.push({ file: "claudeos-core/plan/", type: "MISSING", msg: "plan directory not found" });
+    console.log("    ⏭️  plan/ not present (expected post-v2.1.0)");
   }
 
   // ─── 7. claudeos-core/database/** ──────────────────────

package/lib/env-parser.js

@@ -0,0 +1,317 @@
+/**
+ * env-parser.js — Parse .env* files for factual project configuration.
+ *
+ * WHY THIS EXISTS:
+ * claudeos-core's "LLMs guess, code confirms" principle requires that
+ * factual project data (ports, hosts, API targets) be extracted from
+ * declarative sources the project itself maintains, not guessed from
+ * framework defaults. `.env.example` is such a source — it's the
+ * canonical declaration of a project's runtime configuration surface.
+ *
+ * Historically, stack-detector only parsed .env for DATABASE_URL to
+ * identify the DB. Everything else (ports, hosts, API endpoints) fell
+ * back to hardcoded framework defaults (e.g., Vite → 5173), which
+ * silently produced wrong values whenever a project customized its
+ * configuration via .env. This utility closes that gap.
+ *
+ * SEARCH ORDER:
+ * `.env.example` is preferred over actual `.env` files because it is
+ * the shape-of-truth committed to VCS: developer-neutral, reflecting
+ * the project's intended configuration surface, not one contributor's
+ * local overrides.
+ */
+
+"use strict";
+
+const path = require("path");
+const { readFileSafe, existsSafe } = require("./safe-fs");
+
+// Search order: public-facing → developer-specific → runtime-specific.
+// .env.example is canonical because it's the committed, intended config.
+const ENV_FILE_ORDER = [
+  ".env.example",
+  ".env.local.example",
+  ".env.development.example",
+  ".env.sample",
+  ".env.template",
+  ".env",
+  ".env.local",
+  ".env.development",
+];
+
+// Port variable name conventions across frameworks.
+// Ordered by specificity — more specific wins when multiple are present.
+const PORT_VAR_KEYS = [
+  // Vite-specific common patterns
+  "VITE_PORT",
+  "VITE_DEV_PORT",
+  "VITE_DEV_SERVER_PORT",
+  "VITE_DESKTOP_PORT",
+  // Next.js
+  "NEXT_PUBLIC_PORT",
+  "NEXT_PORT",
+  // Nuxt
+  "NUXT_PORT",
+  "NUXT_PUBLIC_PORT",
+  // Angular
+  "NG_PORT",
+  "NG_DEV_PORT",
+  // Node / backend frameworks
+  "APP_PORT",
+  "SERVER_PORT",
+  "HTTP_PORT",
+  "DEV_PORT",
+  // Python
+  "FLASK_RUN_PORT",
+  "UVICORN_PORT",
+  "DJANGO_PORT",
+  // Generic last — lowest priority because "PORT" collides with too many things
+  "PORT",
+];
+
+// Host variable conventions.
+const HOST_VAR_KEYS = [
+  "VITE_DEV_HOST",
+  "VITE_HOST",
+  "NEXT_PUBLIC_HOST",
+  "NUXT_HOST",
+  "APP_HOST",
+  "SERVER_HOST",
+  "HTTP_HOST",
+  "HOST",
+];
+
+// API target / backend proxy conventions.
+const API_TARGET_VAR_KEYS = [
+  "VITE_API_TARGET",
+  "VITE_API_URL",
+  "VITE_API_BASE_URL",
+  "NEXT_PUBLIC_API_URL",
+  "NEXT_PUBLIC_API_BASE_URL",
+  "NUXT_PUBLIC_API_BASE",
+  "API_TARGET",
+  "API_URL",
+  "API_BASE_URL",
+  "BACKEND_URL",
+  "PROXY_TARGET",
+];
+
+/**
+ * Parse .env-style file content into a flat key-value object.
+ * Handles: KEY=VALUE, quoted values, inline comments, blank lines, export prefix.
+ * Does NOT expand ${VAR} interpolation — we keep raw declared values.
+ */
+function parseEnvContent(content) {
+  if (!content || typeof content !== "string") return {};
+  const result = {};
+  const lines = content.split(/\r?\n/);
+  for (const rawLine of lines) {
+    let line = rawLine.trim();
+    if (!line) continue;
+    if (line.startsWith("#")) continue;
+    // Strip `export` prefix (common in shell-sourced env files)
+    if (line.startsWith("export ")) line = line.slice(7).trim();
+    const eq = line.indexOf("=");
+    if (eq === -1) continue;
+    const key = line.slice(0, eq).trim();
+    if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) continue;
+    let value = line.slice(eq + 1).trim();
+    // Strip surrounding single or double quotes
+    if (
+      (value.startsWith('"') && value.endsWith('"') && value.length >= 2) ||
+      (value.startsWith("'") && value.endsWith("'") && value.length >= 2)
+    ) {
+      value = value.slice(1, -1);
+    } else {
+      // Strip inline comment (only on unquoted values)
+      const hashIdx = value.indexOf(" #");
+      if (hashIdx !== -1) value = value.slice(0, hashIdx).trim();
+    }
+    result[key] = value;
+  }
+  return result;
+}
+
+/**
+ * Locate the most authoritative env file in a project root.
+ * Returns the absolute path, or null if none found.
+ */
+function findPrimaryEnvFile(root) {
+  for (const name of ENV_FILE_ORDER) {
+    const p = path.join(root, name);
+    if (existsSafe(p)) return p;
+  }
+  return null;
+}
+
+/**
+ * Read and parse the primary env file. Returns { file, vars } or null.
+ */
+function readPrimaryEnv(root) {
+  const file = findPrimaryEnvFile(root);
+  if (!file) return null;
+  const content = readFileSafe(file);
+  if (!content) return null;
+  return {
+    file: path.basename(file),
+    vars: parseEnvContent(content),
+  };
+}
+
+/**
+ * Extract a port value from parsed env vars. Returns integer or null.
+ * First match by PORT_VAR_KEYS ordering wins.
+ */
+function extractPort(vars) {
+  if (!vars) return null;
+  for (const key of PORT_VAR_KEYS) {
+    if (key in vars) {
+      const n = parseInt(vars[key], 10);
+      if (!Number.isNaN(n) && n > 0 && n < 65536) return n;
+    }
+  }
+  return null;
+}
+
+/**
+ * Extract a host value from parsed env vars. Returns string or null.
+ */
+function extractHost(vars) {
+  if (!vars) return null;
+  for (const key of HOST_VAR_KEYS) {
+    if (key in vars && vars[key]) return vars[key];
+  }
+  return null;
+}
+
+/**
+ * Extract an API target URL from parsed env vars. Returns string or null.
+ */
+function extractApiTarget(vars) {
+  if (!vars) return null;
+  for (const key of API_TARGET_VAR_KEYS) {
+    if (key in vars && vars[key]) return vars[key];
+  }
+  return null;
+}
+
+/**
+ * Sensitive variable name patterns. env vars matching any of these patterns
+ * are redacted from the `vars` map returned to downstream consumers
+ * (stack-detector, prompt-generator, CLAUDE.md scaffold).
+ *
+ * Even though `.env.example` is conventionally a placeholder file committed
+ * to VCS (and should not contain real secrets), projects occasionally check
+ * in real values by mistake. claudeos-core piping those values into
+ * CLAUDE.md would amplify the leak — CLAUDE.md is committed, shared, and
+ * potentially published as part of open-source documentation.
+ *
+ * Redaction strategy:
+ *   - Matching keys are kept in the map so consumers can still detect
+ *     "this variable exists" (e.g., "project declares an API_KEY env var").
+ *   - Values are replaced with the sentinel string "***REDACTED***".
+ *   - extractPort / extractHost / extractApiTarget already scan only a
+ *     whitelist of config-relevant keys (PORT, HOST, API_TARGET, etc.)
+ *     so sensitive keys cannot leak through those paths regardless of
+ *     this filter.
+ *
+ * Patterns are case-insensitive substring matches against the variable name.
+ */
+const SENSITIVE_VAR_PATTERNS = [
+  /password/i,
+  /passwd/i,
+  /secret/i,
+  /api[_-]?key/i,
+  /access[_-]?key/i,
+  /private[_-]?key/i,
+  /auth[_-]?token/i,
+  /token/i,           // matches TOKEN, AUTH_TOKEN, GIT_TOKEN, NPM_TOKEN
+                      // (underscore is a word character in regex \b,
+                      // so \btoken\b fails to match "_TOKEN" suffix)
+  /credential/i,
+  /bearer/i,
+  /\bsalt\b/i,
+  /encryption[_-]?key/i,
+  /cert(ificate)?[_-]?key/i,
+  /secret[_-]?key/i,
+  /client[_-]?secret/i,
+  /session[_-]?secret/i,
+  /jwt[_-]?secret/i,
+];
+
+/**
+ * Returns true if the given env var name matches any sensitive pattern.
+ */
+function isSensitiveVarName(name) {
+  if (!name || typeof name !== "string") return false;
+  return SENSITIVE_VAR_PATTERNS.some(re => re.test(name));
+}
+
+/**
+ * Redacts sensitive values in an env vars map. Returns a new object;
+ * original is not mutated. Preserves keys so "variable exists" signal
+ * is kept, but replaces values with a sentinel string.
+ *
+ * Whitelist exception: DATABASE_URL is kept as-is because stack-detector's
+ * db-identification path has always used it and existing project-analysis
+ * consumers depend on reading it. (The DB URL contains credentials, but
+ * this has been the established behavior since v1.x and changing it would
+ * be a breaking change. Downstream consumers that write CLAUDE.md content
+ * from vars should still redact it at their layer.)
+ */
+function redactSensitiveVars(vars) {
+  if (!vars || typeof vars !== "object") return vars;
+  const out = {};
+  for (const [k, v] of Object.entries(vars)) {
+    if (k === "DATABASE_URL") {
+      out[k] = v;  // documented whitelist for stack-detector back-compat
+    } else if (isSensitiveVarName(k)) {
+      out[k] = "***REDACTED***";
+    } else {
+      out[k] = v;
+    }
+  }
+  return out;
+}
+
+/**
+ * Top-level convenience: read the project's env file and produce the
+ * stack.envInfo object consumed by project-analysis.json.
+ *
+ * Returns null when no env file exists (caller falls back to framework defaults).
+ *
+ * Sensitive variable values (passwords, secrets, tokens, API keys) are
+ * redacted in `vars` via redactSensitiveVars before being returned.
+ * extractPort/Host/ApiTarget use a whitelist of config-relevant keys so
+ * they are unaffected by redaction.
+ */
+function readStackEnvInfo(root) {
+  const primary = readPrimaryEnv(root);
+  if (!primary) return null;
+  const { file, vars } = primary;
+  return {
+    source: file,
+    vars: redactSensitiveVars(vars),
+    port: extractPort(vars),
+    host: extractHost(vars),
+    apiTarget: extractApiTarget(vars),
+  };
+}
+
+module.exports = {
+  parseEnvContent,
+  findPrimaryEnvFile,
+  readPrimaryEnv,
+  extractPort,
+  extractHost,
+  extractApiTarget,
+  readStackEnvInfo,
+  isSensitiveVarName,
+  redactSensitiveVars,
+  // Exported for test visibility:
+  ENV_FILE_ORDER,
+  PORT_VAR_KEYS,
+  HOST_VAR_KEYS,
+  API_TARGET_VAR_KEYS,
+  SENSITIVE_VAR_PATTERNS,
+};

package/lib/memory-scaffold.js

@@ -720,8 +720,10 @@ function appendClaudeMdL4Memory(claudeMdPath, { lang = "en" } = {}) {
   // Heading pattern: lines starting with `##` (or more) that contain `(L4)`.
   // Using a heading-scoped regex avoids false positives when the user has
   // written `(L4)` elsewhere in body text (e.g. "Layer 4 load balancer (L4)").
-  // The language-independent `(L4)` token still allows translated headings
-  // like `## 메모리 (L4)`, `## メモリ (L4)` to be recognised.
+  // The language-independent `(L4)` token still allows translated
+  // headings (in any of the 10 supported output languages) to be
+  // recognised — only the `(L4)` suffix is stable; the preceding
+  // "Memory" word varies per language.
   const MARKER_REGEX = /^#{2,}\s+.*\(L4\)/m;
   if (!existsSafe(claudeMdPath)) return false;
   const existing = readFileSafe(claudeMdPath);
@@ -980,7 +982,7 @@ function scaffoldDocWritingGuide(standardCoreDir, { overwrite = false, lang = "e
 // Pass 3c is expected to generate claudeos-core/skills/00.shared/MANIFEST.md,
 // but the stack pass3.md templates list it among generation targets without
 // marking it REQUIRED. On frontend-only or skill-sparse projects Claude may
-// omit it, leaving .claude/rules/50.sync/03.skills-sync.md (which names
+// omit it, leaving .claude/rules/50.sync/02.skills-sync.md (which names
 // MANIFEST.md as the single source of truth for skill registration) pointing
 // at a non-existent file. This gap-fill creates a minimal stub in Pass 4 if
 // the file is missing after Pass 3 completes — same contract as
@@ -988,7 +990,7 @@ function scaffoldDocWritingGuide(standardCoreDir, { overwrite = false, lang = "e
 const SKILLS_MANIFEST_STUB = `# Skill Registry
 
 _Single source of truth for registered skills in this project._
-_Referenced by: \`.claude/rules/50.sync/03.skills-sync.md\`_
+_Referenced by: \`.claude/rules/50.sync/02.skills-sync.md\`_
 
 ## How to register a skill
 
@@ -1005,7 +1007,7 @@ with its path, purpose, and the orchestrator file that invokes it.
 
 - When a skill file is added/renamed/deleted under \`claudeos-core/skills/\`,
   update this manifest in the same commit.
-- When this manifest is modified, \`.claude/rules/50.sync/03.skills-sync.md\`
+- When this manifest is modified, \`.claude/rules/50.sync/02.skills-sync.md\`
   is NOT modified — it references this file by path, not by content.
 `;
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claudeos-core",
-  "version": "2.1.0",
+  "version": "2.2.0",
   "description": "Auto-generate Claude Code documentation from your actual source code — Standards, Rules, Skills, and Guides tailored to your project",
   "main": "bin/cli.js",
   "bin": {