cool-workflow 0.1.79 → 0.1.81

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "cool-workflow",
   "description": "Auditable workflow control-plane and orchestration runtime: TypeScript dispatch, evidence-gated verification, state commits, scheduling, routines, multi-agent coordination, and MCP. Delegates execution to external agents — never runs models.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": {
     "name": "COOLWHITE LLC"
   },

package/.codex-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "cool-workflow",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "description": "Auditable workflow control-plane and orchestration runtime: TypeScript dispatch, evidence-gated verification, state commits, scheduling, routines, multi-agent coordination, and MCP. Delegates execution to external agents — never runs models.",
   "author": {
     "name": "COOLWHITE LLC"

package/README.md

@@ -263,6 +263,40 @@ write paths, command execution, network access, and environment exposure. CW
 stores and validates the policy, while the agent host enforces OS/process
 runtime controls. See [docs/sandbox-profiles.7.md](docs/sandbox-profiles.7.md).
 
+## Quickstart
+
+**30-second proof, no install** — see that a recorded telemetry verdict can't be forged:
+
+```bash
+npx cool-workflow demo tamper
+# builds a signed ed25519 ledger, forges it 2 ways, both caught offline
+# -> VERDICT: tamper-evidence holds ✓
+```
+
+**Try a real run** — no clone needed; drive an architecture review with your own agent:
+
+```bash
+npx cool-workflow quickstart architecture-review --repo /path/to/repo \
+  --question "Is this architecture sound?" --agent-command builtin:claude
+```
+
+CW DELEGATES worker execution to your own agent. With no `--agent-command` (or
+`CW_AGENT_COMMAND`) the drive fails closed (status `blocked`) — it never fabricates a
+result. `--agent-command builtin:claude` resolves to a bundled read-only `claude -p`
+wrapper (needs `claude` on your PATH).
+
+**Re-prove a finished run, offline** (`cw` is the installed bin; or `npx cool-workflow <cmd>`):
+
+```bash
+cw telemetry verify <run-id>                  # re-checks the hash-chained ledger
+cw telemetry verify <run-id> --pubkey pub.pem # also re-runs ed25519 signature checks
+cw audit verify <run-id>                      # re-proves the trust-audit hash chain
+```
+
+More: `cw quickstart <app> --preview` (read-only dry run), `cw run resume <run-id> --drive`
+(continue an interrupted run), `cw run inspect-archive <archive>` (integrity-check a
+portable run archive without importing it).
+
 ## Structure
 
 ```text
@@ -300,6 +334,10 @@ cool-workflow
 
 ## Commands
 
+Installed via npm, the bin is `cw` (alias `cool-workflow`): e.g. `cw list`,
+`cw quickstart …`. From a cloned source checkout, before `npm run build`, use the
+equivalent `node scripts/cw.js <cmd>` form shown in the examples below.
+
 List bundled workflows:
 
 ```bash
@@ -619,7 +657,7 @@ Replaces the linear migration chain with a BFS graph path resolver (`findMigrati
 
 ## Vendor-Adapter Registry (v0.1.47)
 
-Data-driven manifest generation: vendor JSON shapes extracted from `gen-manifests.js` into declarative templates in `plugin.manifest.json`. A `_resolveTemplate()` engine resolves `{{path.to.field}}` markers. Adding a new AI platform is pure data.
+Data-driven manifest generation: vendor JSON shapes extracted from `gen-manifests.js` into declarative templates in `plugin.manifest.json`. A `_resolveTemplate()` engine resolves `{{path.to.field}}` markers. Adding a new AI platform is pure data. Cross-vendor is proven by boot, not just by generation: `npm run manifest:load-check` (`node test/vendor-manifest-load-smoke.js`) loads every generated manifest (claude, codex, agents, gemini, opencode) and asserts each exposes the full tool surface (184 tools).
 
 ## P2 Fixes (v0.1.48)
 
@@ -649,8 +687,18 @@ The orchestration vision landed in one release, all reviewer-gated:
 
 `--agent-command builtin:claude` resolves to a bundled read-only claude wrapper that completes workers with a real agent; the cross-directory quickstart crash is fixed; missing optional inputs no longer leak `{{name}}` into prompts. Published to npm (`cool-workflow`, bins `cw`/`cool-workflow`) with LICENSE and metadata. Live dogfood proof committed under `docs/dogfood/`.
 
-## Tamper-evidence demo (on main, ships next)
+## Tamper-evidence demo (v0.1.79)
 
-`cw demo tamper` — a hermetic, one-command proof that a recorded telemetry verdict cannot be forged undetected: it builds a real ed25519-signed ledger, forges it at the ledger layer (verdict flip + recomputed local hash → the chain still breaks) and the signature layer (inflated tokens, reused signature → ed25519 rejects), all verified offline with only the public key. `cw telemetry verify <run>` is the operator-facing half (`cw_telemetry_verify` on MCP).
+`cw demo tamper` — a hermetic, one-command proof that a recorded telemetry verdict cannot be forged undetected: it builds a real ed25519-signed ledger, forges it at the ledger layer (verdict flip + recomputed local hash → the chain still breaks) and the signature layer (inflated tokens, reused signature → ed25519 rejects), all verified offline with only the public key. `cw telemetry verify <run>` (`cw_telemetry_verify` on MCP) is the operator-facing re-proof: by default it recomputes the hash chain on disk so any later edit to a recorded verdict or usage digest is caught; add `--pubkey <pem-or-path>` to re-run each `attested` hop's ed25519 signature check against the stored raw usage too. What this does and does **not** prove — including the single-keyholder ceiling — is documented honestly in [Trust Model & Limitations](docs/trust-model.md); read it before relying on a green verdict.
+
+## Opt-in live agent output during a drive (on main, ships next)
+
+Set `CW_AGENT_STREAM=1` to see each worker's live agent trace. The bundled claude wrapper (`builtin:claude` / `scripts/agents/claude-p-agent.js`) keeps the legacy `--output-format json` path by default; only the opt-in path runs claude in `--output-format stream-json` and renders a concise human trace (tool uses, assistant text, per-turn summaries) to **stderr**. CW core forwards that stderr to the operator's terminal only when `CW_AGENT_STREAM=1`, CW's own stderr is a TTY, and `CW_NO_STREAM` is not set; piped/CI runs stay silent (Rule of Silence). Core only forwards the stream, never parses it — vendor-specific rendering is the wrapper's concern (policy), not the kernel's (mechanism).
 
 v0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_This documentation tracks Cool Workflow v0.1.81. See [CHANGELOG](../../CHANGELOG.md) for the release notes._

package/apps/architecture-review/app.json

@@ -3,7 +3,7 @@
   "id": "architecture-review",
   "title": "Architecture Review",
   "summary": "Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": "COOLWHITE LLC",
   "inputs": [
     {

package/apps/architecture-review-fast/app.json

@@ -0,0 +1,64 @@
+{
+  "schemaVersion": 1,
+  "id": "architecture-review-fast",
+  "title": "Architecture Review Fast",
+  "summary": "Run a shorter architecture review with parallel map and assess phases for faster first results.",
+  "version": "0.1.81",
+  "author": "COOLWHITE LLC",
+  "inputs": [
+    {
+      "name": "repo",
+      "type": "path",
+      "required": true,
+      "description": "Repository path to inspect."
+    },
+    {
+      "name": "question",
+      "type": "string",
+      "required": true,
+      "description": "Architecture question or decision to review."
+    },
+    {
+      "name": "invariant",
+      "type": "string",
+      "repeated": true,
+      "description": "Invariant that must remain true."
+    },
+    {
+      "name": "focus",
+      "type": "string",
+      "description": "Optional subsystem, risk area, or file path to emphasize.",
+      "default": "the highest-risk runtime and operator paths"
+    },
+    {
+      "name": "sourceContext",
+      "type": "path",
+      "description": "Optional JSONL source context file generated by scripts/source-context.js export.",
+      "default": ""
+    },
+    {
+      "name": "sourceContextDigest",
+      "type": "string",
+      "description": "Optional digest or cache key for the supplied source context.",
+      "default": ""
+    }
+  ],
+  "sandboxProfiles": [
+    "readonly"
+  ],
+  "compatibility": {
+    "minVersion": "0.1.79",
+    "workflowSchemaVersion": 1,
+    "notes": "Opt-in fast architecture review app; the full architecture-review app remains unchanged."
+  },
+  "metadata": {
+    "canonical": true,
+    "domain": "software-architecture",
+    "mode": "fast",
+    "fullReviewApp": "architecture-review",
+    "maintainedAs": "official-userland"
+  },
+  "workflow": {
+    "entrypoint": "workflow.js"
+  }
+}

package/apps/architecture-review-fast/workflow.js

@@ -0,0 +1,153 @@
+const FAST_MODEL = modelHint("CW_ARCHITECTURE_REVIEW_FAST_MODEL");
+const STRONG_MODEL = modelHint("CW_ARCHITECTURE_REVIEW_STRONG_MODEL");
+
+module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
+  const inputs = [
+    input("repo", {
+      type: "path",
+      required: true,
+      description: "Repository path to inspect."
+    }),
+    input("question", {
+      type: "string",
+      required: true,
+      description: "Architecture question or decision to review."
+    }),
+    input("invariant", {
+      type: "string",
+      repeated: true,
+      description: "Invariant that must remain true."
+    }),
+    input("focus", {
+      type: "string",
+      description: "Optional subsystem, risk area, or file path to emphasize.",
+      default: "the highest-risk runtime and operator paths"
+    }),
+    input("sourceContext", {
+      type: "path",
+      description: "Optional JSONL source context file generated by scripts/source-context.js export.",
+      default: ""
+    }),
+    input("sourceContextDigest", {
+      type: "string",
+      description: "Optional digest or cache key for the supplied source context.",
+      default: ""
+    })
+  ];
+
+  return workflow({
+    id: "architecture-review-fast",
+    title: "Architecture Review Fast",
+    summary: "Run a shorter architecture review with parallel map and assess phases for faster first results.",
+    limits: {
+      maxAgents: 12,
+      maxConcurrentAgents: 4
+    },
+    inputs,
+    sandboxProfiles: ["readonly"],
+    metadata: {
+      mode: "fast",
+      fullReviewApp: "architecture-review"
+    },
+    phases: [
+      parallel("Map", [
+        agent(
+          "map:runtime-surface",
+          [
+            "Fast-map the runtime architecture in {{repo}} for {{question}}.",
+            contextInstruction(),
+            "Focus: {{focus}}. Invariants: {{invariant}}.",
+            "Return the primary entrypoints, state stores, execution paths, and the exact files or commands inspected."
+          ].join(" "),
+          fastOptions("Runtime surface mapper", { resultCache: sourceContextResultCache() })
+        ),
+        agent(
+          "map:operator-surface",
+          [
+            "Fast-map operator, CI, deployment, test, release, and background-job surfaces in {{repo}} for {{question}}.",
+            contextInstruction(),
+            "Focus: {{focus}}. Return concrete files, scripts, configs, missing areas, and candidate runtime bottlenecks."
+          ].join(" "),
+          fastOptions("Operator surface mapper", { resultCache: sourceContextResultCache() })
+        )
+      ]),
+      parallel("Assess", [
+        agent(
+          "assess:risks",
+          [
+            "Assess the fast map for real P0/P1/P2 architecture and correctness risks.",
+            "Separate confirmed risks, conditional risks, non-issues, and unknowns.",
+            "Tie every important claim to inspected evidence and the invariants {{invariant}}."
+          ].join(" "),
+          fastOptions("Risk assessor", { resultCache: sourceContextResultCache({ includeCompletedResults: "previous-phases" }) })
+        ),
+        agent(
+          "assess:runtime-speed",
+          [
+            "Assess runtime speed and user-wait risk for {{question}}.",
+            "Look for serial agent work, repeated repository scanning, missing cache keys, oversized prompts, and long foreground jobs.",
+            "Recommend mechanisms that preserve POLA, stdout/stderr discipline, and zero runtime dependencies."
+          ].join(" "),
+          fastOptions("Runtime speed assessor", { resultCache: sourceContextResultCache({ includeCompletedResults: "previous-phases" }) })
+        )
+      ]),
+      phase("Verify", [
+        agent(
+          "verify:p0-p2-risks",
+          [
+            "Re-open evidence for every candidate P0/P1/P2 risk from the fast assessment.",
+            "Confirm real risks, downgrade unsupported claims, and list exact file paths, commands, logs, or unknowns.",
+            "The cw:result evidence array must cite durable locators."
+          ].join(" "),
+          strongOptions("Evidence verifier", { requiresEvidence: true })
+        )
+      ]),
+      phase("Verdict", [
+        artifact(
+          "verdict:fast-synthesis",
+          [
+            "Synthesize a fast architecture verdict for {{question}}.",
+            "Include a short answer, compact architecture map, ranked risks, speed recommendations, non-issues, and evidence links.",
+            "State when the full architecture-review app should be scheduled as a background routine.",
+            "The cw:result evidence array must support the final verdict."
+          ].join(" "),
+          strongOptions("Fast verdict synthesizer", { requiresEvidence: true })
+        )
+      ])
+    ]
+  });
+};
+
+function fastOptions(label, extra) {
+  return taskOptions(label, FAST_MODEL, extra);
+}
+
+function strongOptions(label, extra) {
+  return taskOptions(label, STRONG_MODEL, extra);
+}
+
+function taskOptions(label, model, extra) {
+  return {
+    label,
+    sandboxProfileId: "readonly",
+    ...(model ? { model } : {}),
+    ...(extra || {})
+  };
+}
+
+function modelHint(name) {
+  const value = String(process.env[name] || "").trim();
+  return value || undefined;
+}
+
+function contextInstruction() {
+  return [
+    "If {{sourceContext}} is non-empty, read that JSONL source context first and treat {{sourceContextDigest}} as its cache/digest hint.",
+    "If the supplied context is missing, unreadable, or obviously stale, say so explicitly instead of guessing.",
+    "If no source context is supplied, inspect {{repo}} directly."
+  ].join(" ");
+}
+
+function sourceContextResultCache(extra) {
+  return { mode: "read-write", keyInput: "sourceContextDigest", ...(extra || {}) };
+}

package/apps/end-to-end-golden-path/app.json

@@ -3,7 +3,7 @@
   "id": "end-to-end-golden-path",
   "title": "End-to-End Golden Path",
   "summary": "Deterministic one-worker workflow app for proving the CW integration chain.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": "COOLWHITE LLC",
   "inputs": [
     {

package/apps/pr-review-fix-ci/app.json

@@ -3,7 +3,7 @@
   "id": "pr-review-fix-ci",
   "title": "PR Review Fix CI",
   "summary": "Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": "COOLWHITE LLC",
   "inputs": [
     {

package/apps/release-cut/app.json

@@ -3,7 +3,7 @@
   "id": "release-cut",
   "title": "Release Cut",
   "summary": "Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": "COOLWHITE LLC",
   "inputs": [
     {

package/apps/research-synthesis/app.json

@@ -3,7 +3,7 @@
   "id": "research-synthesis",
   "title": "Research Synthesis",
   "summary": "Split a research question into claims, investigate sources, cross-check evidence, verify claims, and synthesize a concise answer.",
-  "version": "0.1.79",
+  "version": "0.1.81",
   "author": "COOLWHITE LLC",
   "inputs": [
     {

package/dist/agent-config.js

@@ -139,18 +139,30 @@ function agentConfigFromArgs(args) {
 // npx/global install, where $(pwd)-relative paths don't exist) can configure a
 // WORKING agent without knowing where the package landed on disk:
 //   --agent-command builtin:claude   (or CW_AGENT_COMMAND=builtin:claude)
-// resolves to the packaged claude wrapper invocation. Still pure config — the
-// template is an out-of-process delegation script; CW never calls a model API.
-const BUILTIN_AGENT_TEMPLATES = {
-    claude: `node ${node_path_1.default.join(__dirname, "..", "scripts", "agents", "claude-p-agent.js")} {{input}} {{result}}`
-};
+// resolves to the packaged wrapper invocation. Still pure config — the template
+// is an out-of-process delegation script; CW never calls a model API.
+//
+// The builtin set is DATA, not a kernel TS literal (FreeBSD-audit L15): it lives
+// in scripts/agents/builtin-templates.json (vendor name -> wrapper script name).
+// Adding a vendor is a content/distribution step (drop a wrapper + a JSON line),
+// not a kernel edit — keeping CW vendor-agnostic at the source level.
+function builtinAgentTemplates() {
+    const agentsDir = node_path_1.default.join(__dirname, "..", "scripts", "agents");
+    const manifest = JSON.parse(node_fs_1.default.readFileSync(node_path_1.default.join(agentsDir, "builtin-templates.json"), "utf8"));
+    const out = {};
+    for (const [name, script] of Object.entries(manifest.templates || {})) {
+        out[name] = `node ${node_path_1.default.join(agentsDir, script)} {{input}} {{result}}`;
+    }
+    return out;
+}
 function expandBuiltinAgentCommand(command) {
     if (!command || !command.startsWith("builtin:"))
         return command;
     const name = command.slice("builtin:".length).trim();
-    const template = BUILTIN_AGENT_TEMPLATES[name];
+    const templates = builtinAgentTemplates();
+    const template = templates[name];
     if (!template) {
-        throw new Error(`Unknown builtin agent template "${name}" — available: ${Object.keys(BUILTIN_AGENT_TEMPLATES).join(", ")}`);
+        throw new Error(`Unknown builtin agent template "${name}" — available: ${Object.keys(templates).join(", ")}`);
     }
     return template;
 }
@@ -200,6 +212,8 @@ function setAgentConfigFile(patch, env = process.env) {
         endpoint: firstDefined(incoming.endpoint, current.endpoint),
         model: firstDefined(incoming.model, current.model),
         timeoutMs: firstDefined(incoming.timeoutMs, current.timeoutMs),
+        attestPublicKey: firstDefined(incoming.attestPublicKey, current.attestPublicKey),
+        requireAttestedTelemetry: firstDefined(incoming.requireAttestedTelemetry, current.requireAttestedTelemetry),
         source: "file"
     };
     const stored = redacted(merged);

package/dist/candidate-scoring.js

@@ -20,7 +20,14 @@ const state_1 = require("./state");
 const state_node_1 = require("./state-node");
 const trust_audit_1 = require("./trust-audit");
 const collaboration_1 = require("./collaboration");
+const compare_1 = require("./compare");
 exports.CANDIDATE_SCHEMA_VERSION = 1;
+/** Verdict thresholds on a score's normalized value [0,1], declared once so the
+ *  numbers carry intent instead of being buried as literals in verdictFor(). A
+ *  normalized score at-or-above PASS is "pass"; at-or-above WARN (but below
+ *  PASS) is "warn"; anything lower is "fail". Same numbers as before. */
+const VERDICT_PASS_THRESHOLD = 0.7;
+const VERDICT_WARN_THRESHOLD = 0.4;
 function createCandidateScoring(options = {}) {
     return {
         registerCandidate: (run, input) => registerCandidate(run, input, options),
@@ -39,7 +46,7 @@ function registerCandidate(run, input, options = {}) {
     if (existing)
         return existing;
     const now = new Date().toISOString();
-    const id = input.id || createCandidateId(input.kind || "manual", input.workerId || input.taskId || input.resultNodeId);
+    const id = input.id || createCandidateId(run, input.kind || "manual", input.workerId || input.taskId || input.resultNodeId);
     const candidate = {
         schemaVersion: exports.CANDIDATE_SCHEMA_VERSION,
         id,
@@ -109,7 +116,7 @@ function getCandidate(run, candidateId) {
 }
 function scoreCandidate(run, candidateId, input, options = {}) {
     const candidate = requireCandidate(run, candidateId);
-    const scoreId = input.id || createScoreId(candidateId);
+    const scoreId = input.id || createScoreId(candidate);
     const evidence = (0, trust_audit_1.normalizeEvidence)(run, input.evidence || [], {
         source: "operator-recorded",
         candidateId,
@@ -279,7 +286,7 @@ function selectCandidate(run, candidateId, options = {}, scoringOptions = {}) {
     const now = new Date().toISOString();
     const selection = {
         schemaVersion: exports.CANDIDATE_SCHEMA_VERSION,
-        id: createSelectionId(candidateId),
+        id: createSelectionId(run, candidateId),
         runId: run.id,
         candidateId,
         selectedAt: now,
@@ -558,16 +565,16 @@ function inferCandidateKind(input) {
     return "manual";
 }
 function bestScore(scores) {
-    return [...scores].sort((left, right) => right.normalized - left.normalized || left.createdAt.localeCompare(right.createdAt))[0];
+    return [...scores].sort((left, right) => right.normalized - left.normalized || (0, compare_1.compareBytes)(left.createdAt, right.createdAt))[0];
 }
 function compareRows(left, right, policy) {
     const byScore = right.normalized - left.normalized;
     if (byScore !== 0)
         return byScore;
     if (policy.tieBreaker === "candidateId")
-        return left.candidate.id.localeCompare(right.candidate.id);
-    const byCreated = left.candidate.createdAt.localeCompare(right.candidate.createdAt);
-    return byCreated || left.candidate.id.localeCompare(right.candidate.id);
+        return (0, compare_1.compareBytes)(left.candidate.id, right.candidate.id);
+    const byCreated = (0, compare_1.compareBytes)(left.candidate.createdAt, right.candidate.createdAt);
+    return byCreated || (0, compare_1.compareBytes)(left.candidate.id, right.candidate.id);
 }
 function detectTies(candidates) {
     const groups = new Map();
@@ -578,10 +585,15 @@ function detectTies(candidates) {
     return Array.from(groups.values()).filter((group) => group.length > 1);
 }
 function mergePolicy(policy = {}) {
+    // NOTE: `policy.criteria` (string[]) is intentionally NOT carried here. A
+    // whole-repo grep shows it has no read points — scoring reads each score's
+    // own `input.criteria` (Record<string, number>), not this list. Emitting a
+    // default `criteria: []` advertised a guarantee the code never honored and
+    // could silently drift, so it is dropped. The field stays OPTIONAL on
+    // CandidateScoringPolicy / CandidateRanking.policy for forward-compat input.
     return {
         id: policy.id || "cw.candidate.default",
         title: policy.title || "Default Candidate Scoring",
-        criteria: policy.criteria || [],
         requireEvidence: policy.requireEvidence ?? true,
         requireVerifierGate: policy.requireVerifierGate ?? true,
         minNormalized: policy.minNormalized,
@@ -591,9 +603,9 @@ function mergePolicy(policy = {}) {
 function verdictFor(normalized, policy) {
     if (policy.minNormalized !== undefined && normalized < policy.minNormalized)
         return "fail";
-    if (normalized >= 0.7)
+    if (normalized >= VERDICT_PASS_THRESHOLD)
         return "pass";
-    if (normalized >= 0.4)
+    if (normalized >= VERDICT_WARN_THRESHOLD)
         return "warn";
     return "fail";
 }
@@ -616,18 +628,26 @@ function indexPath(run) {
 function rankingPath(run) {
     return node_path_1.default.join(candidateRoot(run), "ranking.json");
 }
-function createCandidateId(kind, seed) {
-    const stamp = new Date().toISOString().replace(/[-:]/g, "").replace(/\..+/, "Z");
-    const suffix = Math.random().toString(36).slice(2, 8);
-    return `candidate-${(0, state_1.safeFileName)(kind)}-${seed ? `${(0, state_1.safeFileName)(seed)}-` : ""}${stamp}-${suffix}`;
-}
-function createScoreId(candidateId) {
-    const stamp = new Date().toISOString().replace(/[-:]/g, "").replace(/\..+/, "Z");
-    return `score-${(0, state_1.safeFileName)(candidateId)}-${stamp}-${Math.random().toString(36).slice(2, 8)}`;
-}
-function createSelectionId(candidateId) {
-    const stamp = new Date().toISOString().replace(/[-:]/g, "").replace(/\..+/, "Z");
-    return `selection-${(0, state_1.safeFileName)(candidateId)}-${stamp}-${Math.random().toString(36).slice(2, 8)}`;
+// Deterministic candidate id (FreeBSD-audit L12/L13): the candidate's POSITION in
+// the run's candidate set, qualified by kind + seed (a stable worker/task/result
+// id) for readability. No wall-clock stamp, no PRNG suffix — re-running the same
+// workflow mints byte-identical candidate ids, keeping fingerprints replay-stable.
+function createCandidateId(run, kind, seed) {
+    const seq = (run.candidates || []).length + 1;
+    return `candidate-${(0, state_1.safeFileName)(kind)}-${seed ? `${(0, state_1.safeFileName)(seed)}-` : ""}${String(seq).padStart(4, "0")}`;
+}
+// Deterministic score id (FreeBSD-audit L12/L13): the score's POSITION within its
+// candidate's score list. Scores only ever append, so the sequence is unique per
+// candidate and stable across replays.
+function createScoreId(candidate) {
+    const seq = (candidate.scores || []).length + 1;
+    return `score-${(0, state_1.safeFileName)(candidate.id)}-${String(seq).padStart(4, "0")}`;
+}
+// Deterministic selection id (FreeBSD-audit L12/L13): the selection's POSITION in
+// the run's append-only selection log. No clock, no PRNG.
+function createSelectionId(run, candidateId) {
+    const seq = (run.candidateSelections || []).length + 1;
+    return `selection-${(0, state_1.safeFileName)(candidateId)}-${String(seq).padStart(4, "0")}`;
 }
 function shouldPersist(options) {
     return options.persist !== false;