cool-workflow 0.1.79 → 0.1.81

package/docs/launch/launch-kit.md

@@ -6,12 +6,74 @@ Everything leads with the 30-second `npx cool-workflow demo tamper` proof.
 
 ---
 
+## ✅ FINAL — Show HN (copy-paste ready)
+
+**Pre-flight (do these first):**
+1. Record the demo GIF: `vhs plugins/cool-workflow/docs/launch/demo.tape` → add it to the README hero (insert the GIF near the badges/intro).
+2. Confirm on a clean machine: `npx cool-workflow demo tamper` runs and prints `VERDICT: tamper-evidence holds ✓`.
+3. Post during US morning (HN traffic peak); reply to the first comment with the npm + provenance link.
+
+**Title** (exactly — HN strips most formatting):
+
+```
+Show HN: Cool Workflow – tamper-evident telemetry for agent pipelines (npx demo)
+```
+
+**URL field:** `https://github.com/coo1white/cool-workflow`
+
+**First comment (paste right after posting):**
+
+```
+I kept seeing agent-orchestration tools treat the model's self-reported token
+usage and results as ground truth. For anything auditable that's backwards — a
+control-plane that trusts unverified self-reports audits claims, not facts, and a
+forged "green" run looks identical to a real one.
+
+Cool Workflow takes the opposite stance. It DELEGATES model execution to whatever
+agent you configure (claude -p, codex exec, an HTTP endpoint) and never embeds a
+model SDK or holds an API key. What it owns is the audit trail: each agent hop's
+reported usage is signed (ed25519) and appended to a hash-chained ledger, so
+editing any record — or even recomputing its local hash to cover the edit — breaks
+the chain downstream. You re-verify a finished run offline — no telemetry service
+to trust or breach.
+
+30-second proof, no install:
+
+  npx cool-workflow demo tamper
+
+It builds a real signed ledger, forges it two ways (flip a verdict + re-seal its
+hash; inflate reported tokens + reuse the signature), and catches both offline with
+only the public key. On a real run, `cw telemetry verify <run>` re-proves the
+recorded ledger on disk — recomputing the chain so any later edit to a verdict or
+usage digest is caught; add `--pubkey <public.pem>` to re-run each attested hop's
+signature check offline too. I keep an
+honest trust-model doc (what it does and does NOT prove, incl. the single-keyholder
+ceiling): https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/trust-model.md
+
+Also: concurrent parallel() phases with declared collapse semantics (collect-all +
+kill-on-timeout — 16 agents with a forced hang/crash/dirty-return finish without
+deadlock and replay who-passed-who-failed), per-task output-schema gates, token
+budgets enforced against the host's recorded usage (opt-in gate fails closed on
+unattested telemetry), and a one-way executor boundary welded
+into the type system (a callable that could reach a model API fails `npm run
+build`). Zero runtime deps, BSD-2, published to npm with provenance. Ships generated
+plugin manifests for 5 agent platforms (claude, codex, agents, gemini, opencode);
+`npm run manifest:load-check` boots all five from one source of truth.
+
+It's early (v0.1.81) — I'd genuinely like to hear where the "delegate, prove,
+replay" model breaks down for your workflows.
+
+npm: https://www.npmjs.com/package/cool-workflow
+```
+
+---
+
 ## One-liner
 
 > Cool Workflow is an auditable control-plane for multi-agent workflows. It
 > *delegates* model execution — never embeds it — and makes every recorded agent
-> telemetry verdict tamper-evident: anyone can re-verify a run offline with only a
-> public key.
+> telemetry verdict tamper-evident: anyone can re-verify a run's integrity offline,
+> and check the ed25519 attribution with the public key alone.
 
 ## Elevator (2 sentences)
 
@@ -40,8 +102,8 @@ Everything leads with the 30-second `npx cool-workflow demo tamper` proof.
 > holds an API key. What it *does* own is the audit trail: each agent hop's reported
 > usage is signed (ed25519) and appended to a hash-chained ledger, so editing any
 > record — or even recomputing its local hash to cover the edit — breaks the chain
-> downstream. You can re-verify a finished run with only the public key, no network,
-> no trusted server.
+> downstream. You can re-verify a finished run offline — no network, no trusted
+> server.
 >
 > The 30-second proof, no install:
 >
@@ -50,18 +112,23 @@ Everything leads with the 30-second `npx cool-workflow demo tamper` proof.
 > ```
 >
 > It builds a real signed ledger, forges it two ways (flip a verdict + re-seal its
-> hash; inflate reported tokens + reuse the signature), and shows both forgeries
-> caught offline. On a real run, `cw telemetry verify <run>` does the same against
-> what's on disk.
+> hash; inflate reported tokens + reuse the signature), and catches both offline with
+> only the public key. On a real run, `cw telemetry verify <run>` re-proves the
+> recorded ledger on disk — recomputing the chain so any later edit to a verdict or
+> usage digest is caught; add `--pubkey <public.pem>` to re-run each attested hop's
+> signature check offline too. I keep an
+> honest [trust model & limitations](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/trust-model.md)
+> doc, including the single-keyholder ceiling.
 >
 > Other things it does: concurrent `parallel()` phases with declared collapse
 > semantics (collect-all + kill-on-timeout — 16 agents with a forced hang/crash/
 > dirty-return finish without deadlock and replay "who passed/who failed"), per-task
-> output-schema gates, token budgets enforced against attested usage, and a one-way
+> output-schema gates, token budgets enforced against the host's recorded usage
+> (an opt-in gate fails closed on unattested telemetry), and a one-way
 > executor boundary welded into the type system (a callable that could reach a model
 > API fails `npm run build`).
 >
-> Runs anywhere Node runs; `dist/` is committed; BSD-2. It's early (v0.1.79) and I'd
+> Runs anywhere Node runs; `dist/` is committed; BSD-2. It's early (v0.1.81) and I'd
 > genuinely like to hear where the "delegate, prove, replay" model breaks down for
 > your workflows.
 >
@@ -80,8 +147,9 @@ catches both offline with only the public key. A control-plane that delegates
 model execution but can still prove the bill is real.
 
 3/ Also: concurrent batches that don't deadlock when an agent hangs, schema-gated
-outputs, token budgets vs *attested* usage, and a red line (never call a model
-API) enforced at compile time. Zero deps, BSD-2.
+outputs, token budgets vs the host's recorded usage (attested-telemetry gate is
+opt-in), and a red line (never call a model API) enforced at compile time. Zero
+deps, BSD-2.
 → https://github.com/coo1white/cool-workflow
 
 ---
@@ -92,21 +160,32 @@ API) enforced at compile time. Zero deps, BSD-2.
   reported usage. The thing that *spends the money* is not the thing that *keeps
   the books* — the property auditors require everywhere except, so far, agent
   infra.
-- **Offline, public-key verification.** No telemetry service to trust or breach.
-  The record proves its own integrity; the verifier needs only the public key.
+- **Offline verification.** No telemetry service to trust or breach. The record
+  proves its own integrity offline — re-proving the chain needs no key at all — and
+  the ed25519 attribution checks against the public key alone.
 - **Replayable, not just logged.** CW breaks at dispatch and writes to disk, so a
   run replays deterministically — "who passed / who failed" is reconstructable, not
-  a scrollback of a fused process.
+  a scrollback of a fused process. A finished run is portable and self-proving:
+  `cw run inspect-archive <archive>` re-proves every file digest, the manifest, and
+  the whole-archive hash without importing it; `cw run import` then
+  `cw run verify-import <run-id>` restores it and re-proves the restored digests +
+  telemetry chain — a tampered archive is caught before it is trusted.
 - **Fail-closed by default where it counts.** Schema mismatch parks the hop;
   unverifiable usage can be refused (opt-in); an empty-capture result can't be
   presented as a clean commit.
+- **Cross-vendor, and it actually boots.** One source manifest
+  (`manifest/plugin.manifest.json`) generates Claude / Codex / Gemini / OpenCode /
+  agents adapters, and `npm run manifest:load-check` boots all five (184 tools each)
+  — the neutrality moat is executable, not aspirational.
 
 ## Assets to capture before posting
 
-- [ ] A terminal GIF of `npx cool-workflow demo tamper` (the ✗ DETECTED lines are
-      the hook) for the README top and the HN/tweet.
+- [ ] **Demo GIF** — reproducible, no manual screen-recording: `vhs
+      plugins/cool-workflow/docs/launch/demo.tape` → `docs/launch/demo-tamper.gif`,
+      then add it to the README hero (insert it near the badges/intro). The
+      ✗ DETECTED lines are the hook.
 - [ ] Confirm `npx cool-workflow demo tamper` works from a clean machine (no clone).
-- [ ] Pin the npm version badge / release in the first comment.
+- [ ] Pin the npm version badge / release + provenance link in the first comment.
 
 ## Channels
 

package/docs/launch/pre-launch-checklist.md

@@ -0,0 +1,53 @@
+# Pre-Launch Checklist — Cool Workflow Show HN
+
+Tick top to bottom; when it's done, post. The one non-negotiable gate is ②.
+Copy for the post itself lives in [launch-kit.md](launch-kit.md) (the **✅ FINAL**
+block).
+
+## ① Prepare assets (optional, recommended)
+
+- [ ] Install [vhs](https://github.com/charmbracelet/vhs) (`brew install vhs`).
+- [ ] Record the GIF: `vhs plugins/cool-workflow/docs/launch/demo.tape` →
+      `docs/launch/demo-tamper.gif`.
+- [ ] Add it to the README hero (insert
+      `![demo](plugins/cool-workflow/docs/launch/demo-tamper.gif)` near the badges/intro), commit + push.
+  > Shippable without the GIF — the README's text `✗ DETECTED` hook already stands;
+  > the GIF is upside, not a blocker.
+
+## ② Verify — the make-or-break gate (do not skip)
+
+- [ ] On a **clean machine / fresh terminal**: `npx cool-workflow demo tamper`
+      prints `VERDICT: tamper-evidence holds ✓`.
+  > Every click from HN runs this. One crash wastes that traffic. This is the only
+  > non-negotiable check.
+- [ ] Sanity: `npx cool-workflow quickstart architecture-review --repo . --question "risks?"`
+      → `status: blocked` with no agent configured (fails closed, no crash).
+- [ ] Resumable sanity: `cw quickstart architecture-review --resume` advances one step
+      then stops; `cw run resume <run-id> --drive` continues a stopped run — proving
+      runs break at dispatch and replay from disk.
+
+## ③ Post (US morning, ~9–11am ET is peak)
+
+- [ ] Open the **✅ FINAL** block in [launch-kit.md](launch-kit.md).
+- [ ] HN title: `Show HN: Cool Workflow – tamper-evident telemetry for agent pipelines (npx demo)`
+- [ ] URL field: `https://github.com/coo1white/cool-workflow`
+- [ ] Immediately after posting, paste the FINAL "first comment" as the first reply.
+
+## ④ First hour (decides the outcome)
+
+- [ ] Watch and reply fast — early engagement weighs most on HN.
+- [ ] On the "single key holder / no second party" critique (the audit flagged it
+      too): concede it honestly and frame it as exactly why you're looking for early
+      integration partners. **Turn the critique into an invitation; don't argue.**
+  > The canned, linkable answer is already written: [docs/trust-model.md](../trust-model.md)
+  > states the ceiling plainly (integrity ≠ source honesty; one party holding both
+  > roles; full local re-chain) and frames the partner ask. Link it; don't re-argue it.
+- [ ] No vote-rigging, no asking friends to upvote, no deleting critical comments —
+      HN's anti-abuse will sink the post.
+
+---
+
+### Go / no-go
+
+> If **② — `npx cool-workflow demo tamper` prints `✓` on a clean machine** — passes,
+> you can post. Everything else is upside.

package/docs/multi-agent-cli-mcp-surface.7.md

@@ -265,3 +265,11 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+## New Both-Surface Verbs (v0.1.81)
+
+v0.1.81 adds `audit verify` (`cw_audit_verify`) and `run inspect-archive` (`cw_run_inspect_archive`) — both declared once in the capability registry and exposed identically on the CLI and MCP, fail-closed (non-zero exit / `ok:false` on an unverified chain or a tampered archive).

package/docs/multi-agent-eval-replay-harness.7.md

@@ -302,3 +302,9 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to the multi-agent eval/replay harness in v0.1.81 (the multi-agent-eval module was carved into behavior-preserving siblings; replay output is byte-identical)._

package/docs/multi-agent-operator-ux.7.md

@@ -314,3 +314,9 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to the multi-agent operator UX surface in v0.1.81 (the operator-ux module was carved into behavior-preserving siblings; output is byte-identical)._

package/docs/multi-agent-trust-policy-audit.7.md

@@ -115,6 +115,32 @@ Human output includes stable panels:
 - Policy Violations
 - Next Action
 
+## Verify (fail-closed)
+
+`audit summary` embeds an `integrity` field but is a *reader* — it always exits 0,
+so it cannot gate a script. `audit verify` is the gate:
+
+```bash
+node scripts/cw.js audit verify <run-id>        # exit 1 if the chain is forged
+node scripts/cw.js audit verify <run-id> --json
+```
+
+It re-proves the run's trust-audit hash chain offline: it recomputes every event
+hash from genesis, checks `prevEventHash` linkage, and catches the unchained-event
+forgery (an `eventHash`-less line slipped into a chained log to be waved through as
+"legacy"). The JSON reports `present`, `verified`, `eventCount`, `chained`,
+`unchained`, `corruptLines`, and `failedChecks[]`.
+
+Exit-code contract (the peer of `telemetry verify`):
+
+- ANY **unverified** chain exits **1** — forged / edited / truncated / unchained-injected,
+  *and* a fully-corrupt log (every line unparseable, which reports `present:false` but
+  `verified:false`). The gate keys on `verified`, not `present`, so the most severe
+  tamper — garbling the whole log — cannot escape by looking "absent". So
+  `cw audit verify <run> && deploy` stops on tampering.
+- Only a truly **absent / empty** chain is `verified:true` / exit **0** — a run with
+  no audit log (or a blank one) has nothing to prove (no false-red).
+
 ## MCP
 
 MCP parity tools:
@@ -128,6 +154,7 @@ MCP parity tools:
 The older audit tools remain available:
 
 - `cw_audit_summary`
+- `cw_audit_verify` — fail-closed re-prove of the trust-audit hash chain (peer of `cw_telemetry_verify`)
 - `cw_audit_worker`
 - `cw_audit_provenance`
 - `cw_audit_attest`

package/docs/node-snapshot-diff-replay.7.md

@@ -135,3 +135,9 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to node-snapshot diff/replay in v0.1.81._

package/docs/observability-cost-accounting.7.md

@@ -194,3 +194,9 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to the observability + cost-accounting surface in v0.1.81 (the observability module was carved into behavior-preserving siblings; output is byte-identical)._

package/docs/project-index.md

@@ -1,15 +1,15 @@
 # Cool Workflow Project Index
 
-Generated from the current repository code on 2026-06-11 by `npm run sync:project-index`.
+Generated from the current repository code on 2026-06-14 by `npm run sync:project-index`.
 
 ## Snapshot
 
 - Package: `cool-workflow`
-- Version: `0.1.79`
+- Version: `0.1.81`
 - Source modules: `58`
-- Workflow apps: `6`
-- Docs: `46`
-- Smoke tests: `69`
+- Workflow apps: `7`
+- Docs: `49`
+- Smoke tests: `86`
 - Repository: https://github.com/coo1white/cool-workflow
 
 ## Architecture
@@ -82,9 +82,9 @@ multi-agent host -> topology -> blackboard/coordinator
 
 - [agent-config.ts](../src/agent-config.ts)
 - [capability-core.ts](../src/capability-core.ts)
-- [capability-dispatcher.ts](../src/capability-dispatcher.ts)
 - [capability-registry.ts](../src/capability-registry.ts)
 - [collaboration.ts](../src/collaboration.ts)
+- [compare.ts](../src/compare.ts)
 - [contract-migration.ts](../src/contract-migration.ts)
 - [drive.ts](../src/drive.ts)
 - [evidence-grounding.ts](../src/evidence-grounding.ts)
@@ -116,6 +116,7 @@ multi-agent host -> topology -> blackboard/coordinator
 | App | Type | Inputs | Sandbox | Source |
 | --- | --- | --- | --- | --- |
 | `architecture-review` - Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict. | canonical | `repo`, `question`, `invariant`, `focus` | `readonly` | [manifest](../apps/architecture-review/app.json) / [workflow](../apps/architecture-review/workflow.js) |
+| `architecture-review-fast` - Run a shorter architecture review with parallel map and assess phases for faster first results. | canonical | `repo`, `question`, `invariant`, `focus`, `sourceContext`, `sourceContextDigest` | `readonly` | [manifest](../apps/architecture-review-fast/app.json) / [workflow](../apps/architecture-review-fast/workflow.js) |
 | `end-to-end-golden-path` - Deterministic one-worker workflow app for proving the CW integration chain. | userland | `question` | `readonly` | [manifest](../apps/end-to-end-golden-path/app.json) / [workflow](../apps/end-to-end-golden-path/workflow.js) |
 | `pr-review-fix-ci` - Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence. | canonical | `repo`, `pr`, `branch`, `base`, `ci`, `mode` | `readonly`, `workspace-write` | [manifest](../apps/pr-review-fix-ci/app.json) / [workflow](../apps/pr-review-fix-ci/workflow.js) |
 | `release-cut` - Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification. | canonical | `repo`, `version`, `previousVersion`, `releaseBranch`, `dryRun` | `readonly`, `workspace-write` | [manifest](../apps/release-cut/app.json) / [workflow](../apps/release-cut/workflow.js) |
@@ -162,10 +163,13 @@ multi-agent host -> topology -> blackboard/coordinator
 - [SANDBOX-PROFILES(7)](sandbox-profiles.7.md)
 - [Scheduled Tasks](scheduled-tasks.md)
 - [Security / Trust Hardening](security-trust-hardening.7.md)
+- [Source Context Profiles](source-context-profiles.7.md)
 - [State Explosion Management](state-explosion-management.7.md)
 - [STATE-NODE(7)](state-node.7.md)
 - [Team Collaboration](team-collaboration.7.md)
+- [Trust Model & Limitations](trust-model.md)
 - [Unix-Inspired Workflow Principles](unix-principles.md)
+- [Vendor Manifest Loadability](vendor-manifest-loadability.7.md)
 - [VERIFIER-GATED-COMMIT(7)](verifier-gated-commit.7.md)
 - [Web / Desktop Workbench](web-desktop-workbench.7.md)
 - [WORKER-ISOLATION(7)](worker-isolation.7.md)
@@ -176,18 +180,23 @@ multi-agent host -> topology -> blackboard/coordinator
 Smoke tests mirror the public contracts. The high-signal suites are:
 
 - [agent-delegation-drive-smoke.js](../test/agent-delegation-drive-smoke.js)
+- [architecture-review-fast-automation-smoke.js](../test/architecture-review-fast-automation-smoke.js)
+- [architecture-review-fast-smoke.js](../test/architecture-review-fast-smoke.js)
 - [artifact-integrity-smoke.js](../test/artifact-integrity-smoke.js)
+- [audit-verify-smoke.js](../test/audit-verify-smoke.js)
 - [backend-registry-smoke.js](../test/backend-registry-smoke.js)
 - [block-unapproved-tag-smoke.js](../test/block-unapproved-tag-smoke.js)
 - [candidate-scoring-smoke.js](../test/candidate-scoring-smoke.js)
 - [canonical-workflow-apps-smoke.js](../test/canonical-workflow-apps-smoke.js)
 - [claude-p-agent-wrapper-smoke.js](../test/claude-p-agent-wrapper-smoke.js)
+- [cli-jsonmode-parity-smoke.js](../test/cli-jsonmode-parity-smoke.js)
 - [cli-mcp-parity-smoke.js](../test/cli-mcp-parity-smoke.js)
 - [concurrent-failure-semantics-smoke.js](../test/concurrent-failure-semantics-smoke.js)
 - [concurrent-workflow-dsl-smoke.js](../test/concurrent-workflow-dsl-smoke.js)
 - [contract-migration-tooling-smoke.js](../test/contract-migration-tooling-smoke.js)
 - [control-plane-scheduling-smoke.js](../test/control-plane-scheduling-smoke.js)
 - [coordinator-blackboard-smoke.js](../test/coordinator-blackboard-smoke.js)
+- [det-ids-b-smoke.js](../test/det-ids-b-smoke.js)
 - [dogfood-release-smoke.js](../test/dogfood-release-smoke.js)
 - [durable-atomic-write-smoke.js](../test/durable-atomic-write-smoke.js)
 - [end-to-end-demo-smoke.js](../test/end-to-end-demo-smoke.js)
@@ -197,6 +206,8 @@ Smoke tests mirror the public contracts. The high-signal suites are:
 - [evidence-adoption-reasoning-smoke.js](../test/evidence-adoption-reasoning-smoke.js)
 - [evidence-content-extraction-smoke.js](../test/evidence-content-extraction-smoke.js)
 - [execution-backends-smoke.js](../test/execution-backends-smoke.js)
+- [freebsd-audit-fixes-smoke.js](../test/freebsd-audit-fixes-smoke.js)
+- [h7-custom-profile-persist-smoke.js](../test/h7-custom-profile-persist-smoke.js)
 - [mcp-app-surface-smoke.js](../test/mcp-app-surface-smoke.js)
 - [multi-agent-cli-mcp-surface-smoke.js](../test/multi-agent-cli-mcp-surface-smoke.js)
 - [multi-agent-eval-replay-harness-smoke.js](../test/multi-agent-eval-replay-harness-smoke.js)
@@ -222,13 +233,20 @@ Smoke tests mirror the public contracts. The high-signal suites are:
 - [result-normalize-smoke.js](../test/result-normalize-smoke.js)
 - [robustness-hardening-smoke.js](../test/robustness-hardening-smoke.js)
 - [run-export-import-smoke.js](../test/run-export-import-smoke.js)
+- [run-export-restore-rerun-smoke.js](../test/run-export-restore-rerun-smoke.js)
+- [run-export-restore-resume-smoke.js](../test/run-export-restore-resume-smoke.js)
 - [run-fixture-compat-smoke.js](../test/run-fixture-compat-smoke.js)
+- [run-import-tamper-failclosed-smoke.js](../test/run-import-tamper-failclosed-smoke.js)
+- [run-inspect-archive-smoke.js](../test/run-inspect-archive-smoke.js)
 - [run-registry-control-plane-smoke.js](../test/run-registry-control-plane-smoke.js)
+- [run-resume-drive-smoke.js](../test/run-resume-drive-smoke.js)
 - [run-retention-reclamation-smoke.js](../test/run-retention-reclamation-smoke.js)
 - [sandbox-profile-smoke.js](../test/sandbox-profile-smoke.js)
+- [schedule-routine-daemon-smoke.js](../test/schedule-routine-daemon-smoke.js)
 - [schema-validation-smoke.js](../test/schema-validation-smoke.js)
 - [security-trust-hardening-smoke.js](../test/security-trust-hardening-smoke.js)
 - [self-audit-hardening-smoke.js](../test/self-audit-hardening-smoke.js)
+- [source-context-profile-smoke.js](../test/source-context-profile-smoke.js)
 - [state-explosion-management-smoke.js](../test/state-explosion-management-smoke.js)
 - [state-node-smoke.js](../test/state-node-smoke.js)
 - [tamper-evidence-demo-smoke.js](../test/tamper-evidence-demo-smoke.js)
@@ -238,8 +256,11 @@ Smoke tests mirror the public contracts. The high-signal suites are:
 - [telemetry-fail-closed-smoke.js](../test/telemetry-fail-closed-smoke.js)
 - [telemetry-ledger-smoke.js](../test/telemetry-ledger-smoke.js)
 - [telemetry-metrics-coverage-smoke.js](../test/telemetry-metrics-coverage-smoke.js)
+- [telemetry-verify-signatures-smoke.js](../test/telemetry-verify-signatures-smoke.js)
 - [token-budget-enforcement-smoke.js](../test/token-budget-enforcement-smoke.js)
+- [vendor-manifest-load-smoke.js](../test/vendor-manifest-load-smoke.js)
 - [verifier-gated-commit-smoke.js](../test/verifier-gated-commit-smoke.js)
+- [verify-import-audit-chain-smoke.js](../test/verify-import-audit-chain-smoke.js)
 - [web-desktop-workbench-smoke.js](../test/web-desktop-workbench-smoke.js)
 - [worker-isolation-smoke.js](../test/worker-isolation-smoke.js)
 - [worker-retry-count-smoke.js](../test/worker-retry-count-smoke.js)

package/docs/real-execution-backends.7.md

@@ -142,3 +142,9 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to the real execution backends in v0.1.81._

package/docs/release-and-migration.7.md

@@ -280,3 +280,11 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+## Migration Compatibility (v0.1.81)
+
+v0.1.81 is additive: every change is a new flag/verb/env (`audit verify`, `run inspect-archive`, `verify-import --strict`, `CW_REQUIRE_ARCHIVE_INTEGRITY`, `quickstart --resume`, `run resume --drive`) or an internal behavior-preserving carve. Run-state schema, existing outputs, files, and exit codes are byte-identical, so runs and archives from prior versions load and verify unchanged. No migration action is required.

package/docs/release-tooling.7.md

@@ -159,3 +159,9 @@ also get generated MCP manifests (`.gemini-plugin/`, `.opencode-plugin/`) so the
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+_No changes to the release-flow tooling in v0.1.81; this release was cut through the existing gate->review->tag flow._

package/docs/routines.md

@@ -41,6 +41,29 @@ Inspect events:
 node scripts/cw.js routine events
 ```
 
+## Long Architecture Reviews
+
+Use `architecture-review-fast` for the foreground user path, then schedule the
+full `architecture-review` app as background work when a deep audit should not
+block an interactive session:
+
+```bash
+node scripts/architecture-review-fast.js \
+  --repo /path/to/repo \
+  --question "Is this architecture sound?" \
+  --metrics \
+  --schedule-full
+```
+
+The wrapper creates a one-shot reminder schedule whose `workflowId` is
+`architecture-review`. The schedule prompt is policy. CW stores the schedule and
+records due events; the external agent host decides how to run the long review.
+The prompt includes the foreground fast run id, fast report path, source-context
+digest/profile, and asks the background agent to return the full review report
+path and digest.
+The `--metrics` flag is optional and reports foreground elapsed time plus
+agent-spawn and result-cache-hit counts for the fast run.
+
 ## Boundary
 
 CW v0.1.1 does not provide managed cloud infrastructure. It provides a local

package/docs/run-registry-control-plane.7.md

@@ -49,6 +49,13 @@ own `sourceFingerprint`, the covered `repos`, the `queue`, and lifecycle
 a `nextAction`. Every read re-derives records from source; the persisted index is
 only compared against, never trusted as the live status.
 
+During one index build, repo-level overlays (`archive.json` and
+`provenance.json`) are read once per repo and passed as an in-memory scan
+snapshot to each run record. This is a short-lived mechanism, not a persistent
+cache: the next registry command re-reads source state and overlays from disk, so
+freshness, fail-closed behavior, and output shape stay unchanged while large
+repos avoid repeated identical overlay reads.
+
 ## Lifecycle state machine
 
 Lifecycle is CLASSIFIED from existing state, never invented. `deriveLifecycle`
@@ -108,6 +115,14 @@ cwd — loads its durable state, and returns the next runnable tasks and next
 actions for the host to execute. Resume is read-only over source: it never
 mutates `state.json` and never un-archives a run.
 
+`run resume <run-id> --drive` (or `--once` for a single step) hands the resolved
+run straight to the existing agent-delegation drive loop — it re-plans nothing and
+picks up the pending/running tasks deterministically from durable state — and
+augments the result with the drive outcome under a `drive` field. The default (no
+`--drive`) payload and `nextActions` stay byte-identical. An unconfigured agent
+yields `drive.status="blocked"` (fail-closed, never a fabricated completion); CW
+delegates worker execution to your agent and never runs a model itself.
+
 ## Queue
 
 `queue add` appends a durable entry to `$CW_HOME/registry/queue.json` with an
@@ -136,6 +151,65 @@ in the repo's `registry/provenance.json`. The original failed run is PRESERVED
 for audit — the past is never overwritten. Rerunning a rerun increments
 `generation` and keeps `originRunId` pinned to the chain root.
 
+## Portable export, import, and restore verification
+
+`run export <run-id> --output PATH` writes a portable JSON archive for a run. The
+archive includes the run state plus run-local files, committed artifacts, audit
+overlays, telemetry ledger files, per-file sha256 digests, file sizes, and a
+manifest digest. External repo-local artifact paths referenced by the run are
+copied into the archive under `external-artifacts/` and recorded with their
+original `sourcePath`; the source run is never mutated.
+
+`run import PATH --target DIR` restores the archive under
+`DIR/.cw/runs/<run-id>/`, rebases paths to the target repo, writes an
+`import-manifest.json`, refreshes the target repo registry, and immediately runs
+the same verification used by `run verify-import`. Restored partial runs can be
+resumed from the target repo; restored failed runs remain discoverable from the
+home registry and can be rerun as new linked runs. The import does not alter the
+source repository or the source run.
+
+**Import-time refusal (fail-closed before any write).** Import verifies every
+file digest, every file size, the file count, and the manifest digest *before*
+creating the target run directory — so a tampered archive is refused with a
+non-zero exit and a single `cw:` stderr line, leaving nothing on disk (no partial
+restore). Set `CW_REQUIRE_ARCHIVE_INTEGRITY=1` to additionally refuse an archive
+whose top-level integrity block is *absent* — closing the legacy fail-open seam
+where a stripped-integrity archive imported unverified. Unset (the default) keeps
+legacy integrity-less archives byte-identical; the flag is mechanism, not policy.
+
+`run verify-import <run-id> [--cwd DIR]` re-reads the restore manifest, recomputes
+every restored file digest, checks the manifest digest, verifies the telemetry
+ledger when one was restored, and re-proves the **trust-audit hash chain** (the
+decisions / sandbox / commit-gate log, also restored under `audit/`). Missing
+manifests, digest mismatches, path escapes, unsupported archive schemas, unreadable
+files, telemetry-chain failures, or a forged audit chain (`trust-audit-invalid`)
+return explicit failed checks instead of a fabricated success. An archive with no
+audit log yields a passing `trust-audit` check (nothing to prove — no false-red).
+
+By default `verify-import` prints the result and exits 0 even when a check fails
+(it is a report). Pass `--strict` to make any failed restore check exit non-zero,
+so `cw run verify-import <run> --strict && restore` stops on a tampered archive.
+
+**Inspect an archive before restoring.** `run inspect-archive PATH [--json]`
+re-proves a portable archive's integrity *without writing anything* — contrast
+with `run import`, which validates as a side-effect of restoring a full
+`.cw/runs/<id>/` tree. It re-computes every embedded file's sha256 and size, the
+`integrity.fileCount` and manifest digest, and the whole-archive sha256, returning
+a structured `checks[]` — each failure names the offending `relativePath` with a
+`digest-mismatch` / `size-mismatch` / `manifest-digest-mismatch` /
+`file-count-mismatch` code. It never throws: an unreadable path, invalid JSON, or an
+unknown `schemaVersion` (`schemaSupported:false`) is reported as a check, not a
+stacktrace — stdout is always valid JSON, diagnostics go to stderr. It exits `1`
+when `ok:false`, so `cw run inspect-archive <path> && cw run import <path>` stops
+before importing a bad archive. It is a faithful preview of import: under
+`CW_REQUIRE_ARCHIVE_INTEGRITY=1` a stripped-integrity archive (which import would
+refuse) also inspects as `ok:false`; with the env unset (default) an absent integrity
+block is merely reported, not failed.
+
+MCP exposes the same mechanisms as `cw_run_export`, `cw_run_import`,
+`cw_run_verify_import`, and `cw_run_inspect_archive`; the CLI and MCP paths share
+the same runtime functions.
+
 ## Cross-repo history
 
 `history` reads a unified timeline of runs across all registered repos
@@ -151,10 +225,14 @@ node scripts/cw.js registry show [--scope repo|home] [--json]
 node scripts/cw.js run search [--app ID] [--status STATE] [--text Q] [--repo PATH] [--since ISO] [--until ISO] [--limit N] [--offset N] [--scope repo|home] [--json]
 node scripts/cw.js run list [--scope repo|home] [--json]
 node scripts/cw.js run show <run-id> [--scope repo|home] [--json]
-node scripts/cw.js run resume <run-id> [--limit N] [--json]
+node scripts/cw.js run resume <run-id> [--limit N] [--drive [--once]] [--json]
 node scripts/cw.js run archive <run-id> [--reason TEXT] [--unarchive]
 node scripts/cw.js run archive --older-than-days N [--state completed --state failed]
 node scripts/cw.js run rerun <run-id> [--reason TEXT]
+node scripts/cw.js run export <run-id> --output PATH
+node scripts/cw.js run import PATH --target DIR
+node scripts/cw.js run verify-import <run-id> [--cwd DIR]
+node scripts/cw.js run inspect-archive PATH [--json]
 node scripts/cw.js queue add [--app ID|--workflow ID|--runId ID] [--repo PATH] [--priority N] [--note TEXT]
 node scripts/cw.js queue list [--status STATE] [--repo PATH] [--json]
 node scripts/cw.js queue show <queue-id>
@@ -174,7 +252,8 @@ passes `npm run parity:check`:
 
 - `cw_registry_refresh`, `cw_registry_show`
 - `cw_run_search`, `cw_run_list`, `cw_run_show`, `cw_run_resume`,
-  `cw_run_archive`, `cw_run_rerun`
+  `cw_run_archive`, `cw_run_rerun`, `cw_run_export`, `cw_run_import`,
+  `cw_run_verify_import`
 - `cw_queue_add`, `cw_queue_list`, `cw_queue_drain`, `cw_queue_show`
 - `cw_history`
 
@@ -312,3 +391,11 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
 0.1.78
 
 0.1.79
+
+## Fast Architecture Review (v0.1.80)
+
+Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
+
+## Resume Drive, Inspect-Archive & Restore Re-Prove (v0.1.81)
+
+v0.1.81 adds `run resume <id> --drive/--once` (continue an interrupted run via the agent-drive loop; default resume stays read-only and byte-identical), `run inspect-archive PATH` (read-only archive integrity check that names any offending file without importing), and restore-time hardening: `verify-import` now re-proves the trust-audit chain on restore and gains `--strict`, and `CW_REQUIRE_ARCHIVE_INTEGRITY=1` refuses a stripped-integrity archive before any write.