forgeos 0.1.0-alpha.27 → 0.1.0-alpha.29

package/AGENTS.md

@@ -1,4 +1,4 @@
-// @forge-generated generator=0.1.0-alpha.27 input=6c5ffcc15b409d33158dc8e5a5c4684c2d59b0e31e7c9064bdb6dacbe95ac874 content=0d493cf0e41b71cb652d5e0e1b0c1f83d2a1281b748321f0b00f0773ba93074e
+// @forge-generated generator=0.1.0-alpha.29 input=25d84ce77a02f5c4ce49fa082fa968608c9859594d5876886344276ca0c27523 content=0d493cf0e41b71cb652d5e0e1b0c1f83d2a1281b748321f0b00f0773ba93074e
 # AGENTS.md
 
 <!-- forge-generated:start -->

package/CHANGELOG.md

@@ -1,5 +1,23 @@
 # forgeos
 
+## 0.1.0-alpha.29
+
+### Patch Changes
+
+- Add the first WorkOS/AuthKit adapter and local auth metadata tooling.
+
+  - Add `forge add auth workos`, generated WorkOS seed/config/docs, AuthKit routes, webhook handling, JWT/OIDC claim mapping, and permission-derived Forge policies.
+  - Add `forge authmd generate` and `forge authmd check`, including `/auth.md` and OAuth protected-resource metadata served by `forge dev`.
+  - Add a local WorkOS/FGA testkit, resource-graph helpers, cross-tenant guards, FGA cache/fallback telemetry, and mock multi-tenant regression coverage.
+  - Teach Forge auth and policies to understand permission claims alongside roles.
+  - Add `forge version --json` as a command alias and capture local helper table reads in the generated agent contract/capability map.
+
+## 0.1.0-alpha.28
+
+### Patch Changes
+
+- Accept visible Codex hook canaries as sufficient for local editing while reporting native Codex provenance separately through `nativeTrustStatus`.
+
 ## 0.1.0-alpha.27
 
 ### Patch Changes

package/docs/changelog.md

@@ -6,6 +6,35 @@ The canonical source file in the repository is `CHANGELOG.md`.
 
 ## Unreleased
 
+## 0.1.0-alpha.29
+
+- Added the first WorkOS/AuthKit adapter surface: `forge add auth workos`
+  generates local AuthKit wiring, `.env.example`, `workos-seed.yml`, demo
+  organizations, roles, permissions, redirect/CORS/webhook hints, JWT/OIDC
+  claim mapping, and permission-derived Forge policies.
+- Added `forge authmd generate` and `forge authmd check`, including
+  `public/auth.md`, OAuth protected-resource metadata, command/policy/tenant
+  requirements, approval metadata, and `forge dev` serving for `/auth.md` and
+  `/.well-known/oauth-protected-resource`.
+- Added local WorkOS/FGA scaffolding without requiring real WorkOS credentials:
+  resource graph helpers, cross-tenant guards, FGA check cache/fallback
+  telemetry, a mock WorkOS testkit, and Acme/Globex multi-tenant regression
+  coverage.
+- Taught Forge auth and policies to evaluate permission claims alongside
+  roles, including dev-header permission simulation.
+- Added `forge version --json` as a command alias and improved the generated
+  agent contract/capability map so table reads performed by imported local
+  helpers are captured.
+
+## 0.1.0-alpha.28
+
+- Accepted visible Codex hook canaries as sufficient for local editing while
+  reporting native Codex provenance separately through `nativeTrustStatus`, so
+  `waiting-for-user-trust` no longer implies missing user approval when the
+  canary path is already working.
+- Added regression coverage and docs for the split between hook approval,
+  canary readiness, and trusted native Codex signal proof.
+
 ## 0.1.0-alpha.27
 
 - Stabilized the `forge add convex` loop: integration docs/testkits are now

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "forgeos",
-  "version": "0.1.0-alpha.27",
+  "version": "0.1.0-alpha.29",
   "description": "Agent-native application framework and compiler for building Forge apps without a mandatory dashboard.",
   "type": "module",
   "license": "MIT",

package/src/forge/_generated/releaseManifest.json

@@ -1 +1 @@
-{"defaultProvider":"local","diagnostics":[],"env":{"deployEnv":"FORGE_DEPLOY_ENV","deployId":"FORGE_DEPLOY_ID","publicReleaseId":"NEXT_PUBLIC_FORGE_RELEASE_ID","releaseId":"FORGE_RELEASE_ID"},"gitSha":"unknown","optionalProviders":["local","sentry-compatible","sentry","glitchtip","bugsink","otel","custom"],"packageName":"forgeos","packageVersion":"0.1.0-alpha.27","releaseId":"forgeos@0.1.0-alpha.27+unknown","schemaVersion":"0.1.0"}
+{"defaultProvider":"local","diagnostics":[],"env":{"deployEnv":"FORGE_DEPLOY_ENV","deployId":"FORGE_DEPLOY_ID","publicReleaseId":"NEXT_PUBLIC_FORGE_RELEASE_ID","releaseId":"FORGE_RELEASE_ID"},"gitSha":"unknown","optionalProviders":["local","sentry-compatible","sentry","glitchtip","bugsink","otel","custom"],"packageName":"forgeos","packageVersion":"0.1.0-alpha.29","releaseId":"forgeos@0.1.0-alpha.29+unknown","schemaVersion":"0.1.0"}

package/src/forge/_generated/releaseManifest.ts

@@ -1,4 +1,4 @@
-// @forge-generated generator=0.1.0-alpha.27 input=6c5ffcc15b409d33158dc8e5a5c4684c2d59b0e31e7c9064bdb6dacbe95ac874 content=3a34de2474ecf200ab734c0a01f9dd2c6a780af76bd650d3238c8b46313542b3
+// @forge-generated generator=0.1.0-alpha.29 input=25d84ce77a02f5c4ce49fa082fa968608c9859594d5876886344276ca0c27523 content=ace6a64b0efd317e17fff6fb883bd20137bde066cbee7c2a304be18b90a20fd0
 export const releaseManifest = {
   "defaultProvider": "local",
   "diagnostics": [],
@@ -19,7 +19,7 @@ export const releaseManifest = {
     "custom"
   ],
   "packageName": "forgeos",
-  "packageVersion": "0.1.0-alpha.27",
-  "releaseId": "forgeos@0.1.0-alpha.27+unknown",
+  "packageVersion": "0.1.0-alpha.29",
+  "releaseId": "forgeos@0.1.0-alpha.29+unknown",
   "schemaVersion": "0.1.0"
 } as const;

package/src/forge/agent-adapters/index.ts

@@ -987,27 +987,50 @@ function hookApprovalStatusFor(
   target: AgentAdapterTarget,
   installed: boolean,
   nativeSignals: number,
+  observableSignals = 0,
   memoryReadable = true,
-): "not-required" | "waiting-for-user-trust" | "trusted" | "memory-unavailable" {
+): "not-required" | "waiting-for-user-trust" | "accepted" | "trusted" | "memory-unavailable" {
   if (target !== "codex" || !installed) {
     return "not-required";
   }
   if (!memoryReadable) {
     return "memory-unavailable";
   }
-  return nativeSignals > 0 ? "trusted" : "waiting-for-user-trust";
+  if (nativeSignals > 0) {
+    return "trusted";
+  }
+  return observableSignals > 0 ? "accepted" : "waiting-for-user-trust";
+}
+
+function hookNativeTrustStatusFor(
+  target: AgentAdapterTarget,
+  installed: boolean,
+  nativeSignals: number,
+  memoryReadable = true,
+): "not-required" | "waiting-for-native-signal" | "trusted" | "memory-unavailable" {
+  if (target !== "codex" || !installed) {
+    return "not-required";
+  }
+  if (!memoryReadable) {
+    return "memory-unavailable";
+  }
+  return nativeSignals > 0 ? "trusted" : "waiting-for-native-signal";
 }
 
 function codexHookApprovalMessage(
   approvalStatus: ReturnType<typeof hookApprovalStatusFor>,
+  nativeTrustStatus: ReturnType<typeof hookNativeTrustStatusFor>,
   canarySignals = 0,
 ): string {
   if (approvalStatus === "waiting-for-user-trust") {
     if (canarySignals > 0) {
-      return "ForgeOS can see the Codex smoke canary, but has not seen a normal trusted Codex hook event yet; continue or send one Codex message in this workspace";
+      return "ForgeOS can see the Codex smoke canary; hook approval is accepted, but trusted native Codex signal proof is still pending";
     }
     return "ForgeOS has not seen a trusted native Codex hook signal yet; approve the Codex Desktop hook prompt if shown, then continue a Codex session in this workspace";
   }
+  if (approvalStatus === "accepted" && nativeTrustStatus === "waiting-for-native-signal") {
+    return "Codex hook approval is accepted for local editing; ForgeOS is still waiting for a trusted native Codex signal for stronger provenance";
+  }
   if (approvalStatus === "trusted") {
     return "Codex Desktop hook trust is confirmed by a native hook signal";
   }
@@ -1286,6 +1309,7 @@ async function readAgentHookStatus(options: AgentCommandOptions): Promise<AgentH
       canarySignals: 0,
       approvalRequired: false,
       approvalStatus: "not-required",
+      nativeTrustStatus: "not-required",
       checks: [{ name: "target", ok: false, message: diag.message }],
       nextActions: ["forge agent list-targets --json"],
       diagnostics: [diag],
@@ -1321,9 +1345,10 @@ async function readAgentHookStatus(options: AgentCommandOptions): Promise<AgentH
   const nativeSignals = nativeEvents.length + (queuedHooks?.nativeSignals ?? 0);
   const canarySignals = canaryEvents.length + (queuedHooks?.canarySignals ?? 0);
   const visibleHookSignals = visibleInMemory || queuedEvents > 0;
-  const approvalStatus = hookApprovalStatusFor(target, installed, nativeSignals, deltaWritable);
+  const observableSignals = Math.max(usefulSignals, canarySignals);
+  const approvalStatus = hookApprovalStatusFor(target, installed, nativeSignals, observableSignals, deltaWritable);
+  const nativeTrustStatus = hookNativeTrustStatusFor(target, installed, nativeSignals, deltaWritable);
   const approvalRequired = approvalStatus === "waiting-for-user-trust";
-  const trustedHookSignals = target === "codex" ? nativeSignals > 0 : true;
   const codexHookInspection = installTarget === "codex"
     ? inspectCodexHookCommands(options.workspaceRoot)
     : undefined;
@@ -1340,7 +1365,7 @@ async function readAgentHookStatus(options: AgentCommandOptions): Promise<AgentH
   const usesLightweightRunner = codexHookInspection?.usesLightweightRunner === true;
   const hookCommandHealthy = installTarget !== "codex" || (usesLightweightRunner && !usesLegacyForgeCli);
   const hookVersionHealthy = installTarget !== "codex" || !usesLightweightRunner || codexVersionMatch?.matches === true;
-  const ok = installed && bridgeWritable && deltaWritable && visibleHookSignals && usefulSignals > 0 && trustedHookSignals && !approvalRequired && hookCommandHealthy && hookVersionHealthy;
+  const ok = installed && bridgeWritable && deltaWritable && visibleHookSignals && usefulSignals > 0 && !approvalRequired && hookCommandHealthy && hookVersionHealthy;
   const nextActions = ok
     ? uniqueCommands([
         ...(queuedEvents > 0 ? [`forge agent ingest ${source} --file .forge/agent/events.ndjson --json`] : []),
@@ -1374,6 +1399,7 @@ async function readAgentHookStatus(options: AgentCommandOptions): Promise<AgentH
     canarySignals,
     approvalRequired,
     approvalStatus,
+    nativeTrustStatus,
     workspaceRoot: memory.workspaceRoot,
     ignoredOutOfWorkspaceEvents: memory.ignoredOutOfWorkspaceEvents,
     ...(lastAgentSignal(memory.events) ? { lastSignal: lastAgentSignal(memory.events) } : {}),
@@ -1435,28 +1461,29 @@ async function readAgentHookStatus(options: AgentCommandOptions): Promise<AgentH
       },
       {
         name: "native-hook-signal",
-        ok: target !== "codex" || !deltaWritable || nativeSignals > 0,
+        ok: target !== "codex" || !deltaWritable || nativeSignals > 0 || approvalStatus === "accepted",
         message: target !== "codex"
           ? "native Codex hook approval is not required for this target"
           : !deltaWritable
             ? "trusted Codex native hook signals cannot be verified until Agent Memory is readable"
           : nativeSignals > 0
             ? `${nativeSignals} trusted Codex native hook signal(s) visible or queued`
-            : "Codex has not emitted a trusted native hook signal yet",
+            : "hook approval is accepted, but Codex has not emitted a trusted native hook signal yet",
         evidence: {
           nativeSignals,
           canarySignals,
           queuedNativeSignals: queuedHooks?.nativeSignals ?? 0,
           queuedCanarySignals: queuedHooks?.canarySignals ?? 0,
           memoryReadable: deltaWritable,
+          nativeTrustStatus,
           trustBoundary: target === "codex" ? "codex-desktop-hook-approval" : "not-required",
         },
       },
       {
         name: "codex-hook-approval",
         ok: !approvalRequired && approvalStatus !== "memory-unavailable",
-        message: codexHookApprovalMessage(approvalStatus, canarySignals),
-        evidence: { approvalStatus, approvalRequired },
+        message: codexHookApprovalMessage(approvalStatus, nativeTrustStatus, canarySignals),
+        evidence: { approvalStatus, approvalRequired, nativeTrustStatus },
       },
       ...(installTarget === "codex"
         ? [
@@ -1556,7 +1583,15 @@ export async function runAgentDoctor(options: AgentCommandOptions): Promise<Agen
   const adapterState = check.missing.length > 0 ? "missing" : check.stale.length > 0 ? "stale" : "ready";
   const installed = !installTarget || hookFiles.missing.length === 0;
   const memoryReadable = memoryDiagnostics.length === 0;
-  const approvalStatus = hookApprovalStatusFor(target, Boolean(installTarget && installed), nativeSignals, memoryReadable);
+  const observableSignals = Math.max(usefulSignals, canarySignals);
+  const approvalStatus = hookApprovalStatusFor(
+    target,
+    Boolean(installTarget && installed),
+    nativeSignals,
+    observableSignals,
+    memoryReadable,
+  );
+  const nativeTrustStatus = hookNativeTrustStatusFor(target, Boolean(installTarget && installed), nativeSignals, memoryReadable);
   const approvalRequired = approvalStatus === "waiting-for-user-trust";
   const hookBridgeState = !installTarget
     ? "not-supported"
@@ -1635,28 +1670,29 @@ export async function runAgentDoctor(options: AgentCommandOptions): Promise<Agen
     },
     {
       name: "native-hook-signal",
-      ok: !installTarget || target !== "codex" || !memoryReadable || nativeSignals > 0,
+      ok: !installTarget || target !== "codex" || !memoryReadable || nativeSignals > 0 || approvalStatus === "accepted",
       message: !installTarget || target !== "codex"
         ? "native Codex hook approval is not required for this target"
         : !memoryReadable
           ? "trusted Codex native hook signals cannot be verified until Agent Memory is readable"
         : nativeSignals > 0
           ? `${nativeSignals} trusted Codex native hook signal(s) visible or queued`
-          : "Codex has not emitted a trusted native hook signal yet",
+          : "hook approval is accepted, but Codex has not emitted a trusted native hook signal yet",
       evidence: {
         nativeSignals,
         canarySignals,
         queuedNativeSignals: queuedHooks?.nativeSignals ?? 0,
         queuedCanarySignals: queuedHooks?.canarySignals ?? 0,
         memoryReadable,
+        nativeTrustStatus,
         trustBoundary: target === "codex" ? "codex-desktop-hook-approval" : "not-required",
       },
     },
     {
       name: "codex-hook-approval",
       ok: !approvalRequired && approvalStatus !== "memory-unavailable",
-      message: codexHookApprovalMessage(approvalStatus, canarySignals),
-      evidence: { approvalStatus, approvalRequired },
+      message: codexHookApprovalMessage(approvalStatus, nativeTrustStatus, canarySignals),
+      evidence: { approvalStatus, approvalRequired, nativeTrustStatus },
     },
     { name: "secret-scan", ok: !check.diagnostics.some((diag) => diag.code === FORGE_AGENT_SECRET_LEAK) },
   ];
@@ -1683,6 +1719,7 @@ export async function runAgentDoctor(options: AgentCommandOptions): Promise<Agen
       hookBridge: hookBridgeState,
       approvalRequired,
       approvalStatus,
+      nativeTrustStatus,
       recentEvents: recentEvents.length,
       queuedEvents,
       usefulSignals,
@@ -1832,7 +1869,7 @@ export async function runAgentOnboard(options: AgentCommandOptions): Promise<Age
           name: "hook-smoke",
           ok: hookSmoke.ok,
           message: hookSmoke.approvalRequired
-            ? `${target} hook files and canary are visible, but Codex Desktop still needs user trust approval`
+            ? `${target} hook files are installed, but no accepted hook signal is visible yet`
             : hookSmoke.ok
               ? `${target} hooks recorded a useful canary signal`
               : `${target} hooks did not prove memory visibility`,
@@ -1854,6 +1891,8 @@ export async function runAgentOnboard(options: AgentCommandOptions): Promise<Age
               ? "Codex hook trust cannot be verified until Agent Memory is readable"
             : doctor.summary.approvalStatus === "trusted"
               ? "Codex hook trust is confirmed by a native hook signal"
+            : doctor.summary.approvalStatus === "accepted"
+              ? "Codex hook approval is accepted; trusted native signal proof is still pending"
               : "hook approval is not required for this target",
         }]
       : []),
@@ -1899,6 +1938,7 @@ export async function runAgentOnboard(options: AgentCommandOptions): Promise<Age
       hookBridge: doctor.summary.hookBridge,
       approvalRequired: doctor.summary.approvalRequired,
       approvalStatus: doctor.summary.approvalStatus,
+      nativeTrustStatus: doctor.summary.nativeTrustStatus,
       memorySignals: doctor.summary.usefulSignals,
       nativeSignals: doctor.summary.nativeSignals,
       canarySignals: doctor.summary.canarySignals,
@@ -1956,6 +1996,7 @@ export async function runAgentHooksSmoke(options: AgentCommandOptions): Promise<
       canarySignals: 0,
       approvalRequired: false,
       approvalStatus: "not-required",
+      nativeTrustStatus: "not-required",
       checks: [{ name: "target", ok: false, message: diag.message }],
       nextActions: ["forge agent list-targets --json"],
       diagnostics: [diag],
@@ -2060,7 +2101,7 @@ export async function runAgentHooksSmoke(options: AgentCommandOptions): Promise<
     {
       name: "codex-hook-approval",
       ok: status.approvalStatus !== "memory-unavailable",
-      message: codexHookApprovalMessage(status.approvalStatus, status.canarySignals),
+      message: codexHookApprovalMessage(status.approvalStatus, status.nativeTrustStatus, status.canarySignals),
     },
     ...(installTarget === "codex"
       ? [
@@ -2110,7 +2151,7 @@ export async function runAgentHooksSmoke(options: AgentCommandOptions): Promise<
       ? [createDiagnostic({
           severity: "warning",
           code: "FORGE_AGENT_HOOK_APPROVAL_REQUIRED",
-          message: "Codex Desktop has installed hook files, but ForgeOS has not seen a trusted native hook signal yet. Approve the hook prompt if Codex shows one, then continue a Codex session in this workspace.",
+          message: "Codex Desktop hook approval is still pending because ForgeOS has not seen a canary, useful hook event, or trusted native hook signal yet. Approve the hook prompt if Codex shows one, then continue a Codex session in this workspace.",
           suggestedCommands: hookApprovalNextActions(target, status.canarySignals),
         })]
       : []),
@@ -2147,6 +2188,7 @@ export async function runAgentHooksSmoke(options: AgentCommandOptions): Promise<
     canarySignals: status.canarySignals,
     approvalRequired: status.approvalRequired,
     approvalStatus: status.approvalStatus,
+    nativeTrustStatus: status.nativeTrustStatus,
     ...(canaryEvent ? { lastSignal: lastAgentSignal([canaryEvent]) } : status.lastSignal ? { lastSignal: status.lastSignal } : {}),
     ...(hookRunnerProbe ? { hookRunnerProbe } : {}),
     canary: {
@@ -2309,6 +2351,7 @@ export function formatAgentHuman(result: Awaited<ReturnType<typeof runAgentComma
       `ready to edit: ${result.readyToEdit ? "yes" : "no"}`,
       `hook bridge: ${result.summary.hookBridge}`,
       `hook approval: ${result.summary.approvalStatus}`,
+      `native trust: ${result.summary.nativeTrustStatus}`,
       `generated fresh: ${result.summary.generatedFresh ? "yes" : "no"}`,
       `generated changed: ${result.summary.generatedChangedFiles}`,
       `changed files: ${result.summary.changedFiles}`,
@@ -2326,6 +2369,7 @@ export function formatAgentHuman(result: Awaited<ReturnType<typeof runAgentComma
       `trusted native ready: ${smoke.trustedNativeReady ? "yes" : "no"}`,
       `readiness level: ${smoke.readinessLevel}`,
       `approval: ${smoke.approvalStatus}`,
+      `native trust: ${smoke.nativeTrustStatus}`,
       `native signals: ${smoke.nativeSignals}`,
       `canary signals: ${smoke.canarySignals}`,
       ...smoke.checks.map((check) => `${check.ok ? "OK" : "FAIL"} ${check.name}${check.message ? `: ${check.message}` : ""}`),
@@ -2362,6 +2406,7 @@ export function formatAgentHuman(result: Awaited<ReturnType<typeof runAgentComma
       `native signals: ${result.nativeSignals}`,
       `canary signals: ${result.canarySignals}`,
       `approval: ${result.approvalStatus}`,
+      `native trust: ${result.nativeTrustStatus}`,
       ...("recentEvents" in result ? [`recent events: ${result.recentEvents}`] : []),
       ...("queuedEvents" in result ? [`queued events: ${result.queuedEvents ?? 0}`] : []),
       ...(result.lastSignal ? [`last signal: ${result.lastSignal.kind}${result.lastSignal.summary ? ` - ${result.lastSignal.summary}` : ""}`] : []),

package/src/forge/agent-adapters/types.ts

@@ -140,7 +140,8 @@ export interface AgentPrintContextResult {
 }
 
 export type AgentHookBridgeState = "ready" | "missing" | "not-supported" | "waiting-for-user-trust" | "memory-unavailable";
-export type AgentHookApprovalStatus = "not-required" | "waiting-for-user-trust" | "trusted" | "memory-unavailable";
+export type AgentHookApprovalStatus = "not-required" | "waiting-for-user-trust" | "accepted" | "trusted" | "memory-unavailable";
+export type AgentHookNativeTrustStatus = "not-required" | "waiting-for-native-signal" | "trusted" | "memory-unavailable";
 export type AgentHookReadinessLevel = "none" | "canary" | "trusted-native";
 
 export interface AgentDoctorResult {
@@ -151,6 +152,7 @@ export interface AgentDoctorResult {
     hookBridge: AgentHookBridgeState;
     approvalRequired: boolean;
     approvalStatus: AgentHookApprovalStatus;
+    nativeTrustStatus: AgentHookNativeTrustStatus;
     recentEvents: number;
     queuedEvents?: number;
     usefulSignals: number;
@@ -193,6 +195,7 @@ export interface AgentOnboardResult {
     hookBridge: AgentHookBridgeState;
     approvalRequired: boolean;
     approvalStatus: AgentHookApprovalStatus;
+    nativeTrustStatus: AgentHookNativeTrustStatus;
     memorySignals: number;
     nativeSignals: number;
     canarySignals: number;
@@ -239,6 +242,7 @@ export interface AgentHooksSmokeResult {
   canarySignals: number;
   approvalRequired: boolean;
   approvalStatus: AgentHookApprovalStatus;
+  nativeTrustStatus: AgentHookNativeTrustStatus;
   lastSignal?: {
     kind: string;
     summary?: string;
@@ -285,6 +289,7 @@ export interface AgentHooksStatusResult {
   canarySignals: number;
   approvalRequired: boolean;
   approvalStatus: AgentHookApprovalStatus;
+  nativeTrustStatus: AgentHookNativeTrustStatus;
   lastSignal?: {
     kind: string;
     summary?: string;

package/src/forge/cli/auth.ts

@@ -4,10 +4,11 @@ import {
   FORGE_AUTH_INVALID_AUDIENCE,
   FORGE_AUTH_JWKS_FAILED,
 } from "../compiler/diagnostics/codes.ts";
-import { loadAuthConfigFromEnv } from "../runtime/auth/config.ts";
+import { loadAuthConfigFromEnv, type AuthClaimsMapping } from "../runtime/auth/config.ts";
 import { mapClaimsToAuthContext } from "../runtime/auth/claims.ts";
 import { ForgeAuthError } from "../runtime/auth/errors.ts";
 import { verifyJwtToken } from "../runtime/auth/verifier.ts";
+import { loadSecretRegistry } from "../runtime/secrets/check.ts";
 
 export type AuthSubcommand = "check" | "config" | "decode" | "test-token" | "jwks" | "prove";
 
@@ -26,9 +27,42 @@ export interface AuthCommandResult {
   exitCode: 0 | 1;
 }
 
+function detectWorkOS(workspaceRoot: string, claims: AuthClaimsMapping) {
+  const secretRegistry = loadSecretRegistry(workspaceRoot);
+  const secretNames = new Set((secretRegistry?.secrets ?? []).map((secret) => secret.name));
+  const detected =
+    secretNames.has("WORKOS_API_KEY") ||
+    secretNames.has("WORKOS_CLIENT_ID") ||
+    claims.tenantId === "organization_id";
+  const expectedClaims = {
+    userId: "sub",
+    email: "email",
+    tenantId: "organization_id",
+    role: "role",
+    roles: "roles",
+    permissions: "permissions",
+  };
+  const claimStatus = Object.entries(expectedClaims).map(([name, expected]) => ({
+    name,
+    expected,
+    actual: claims[name as keyof AuthClaimsMapping],
+    ok: claims[name as keyof AuthClaimsMapping] === expected,
+  }));
+  return {
+    detected,
+    requiredSecretsRegistered: ["WORKOS_API_KEY", "WORKOS_CLIENT_ID", "WORKOS_COOKIE_PASSWORD"].every((name) =>
+      secretNames.has(name)
+    ),
+    webhookSecretRegistered: secretNames.has("WORKOS_WEBHOOK_SECRET"),
+    expectedClaims,
+    claimStatus,
+  };
+}
+
 function validateConfig(workspaceRoot: string): AuthCommandResult {
   const config = loadAuthConfigFromEnv(workspaceRoot);
   const errors: { code: string; message: string }[] = [];
+  const workos = detectWorkOS(workspaceRoot, config.claims);
 
   if ((config.mode === "jwt" || config.mode === "oidc") && !config.issuer) {
     errors.push({
@@ -60,6 +94,7 @@ function validateConfig(workspaceRoot: string): AuthCommandResult {
       algorithms: config.algorithms,
       claims: config.claims,
       requiresTenant: config.requiresTenant,
+      workos,
       errors,
     },
     error: errors[0],
@@ -69,6 +104,7 @@ function validateConfig(workspaceRoot: string): AuthCommandResult {
 
 function publicConfig(workspaceRoot: string): AuthCommandResult {
   const config = loadAuthConfigFromEnv(workspaceRoot);
+  const workos = detectWorkOS(workspaceRoot, config.claims);
   return {
     ok: true,
     mode: config.mode,
@@ -80,6 +116,7 @@ function publicConfig(workspaceRoot: string): AuthCommandResult {
       algorithms: config.algorithms,
       claims: config.claims,
       requiresTenant: config.requiresTenant,
+      workos,
     },
     exitCode: 0,
   };
@@ -166,7 +203,9 @@ export async function runAuthCommand(
   if (options.subcommand === "prove") {
     const checked = validateConfig(options.workspaceRoot);
     const config = loadAuthConfigFromEnv(options.workspaceRoot);
+    const workos = detectWorkOS(options.workspaceRoot, config.claims);
     const productionMode = config.mode === "jwt" || config.mode === "oidc";
+    const workosClaimsOk = workos.claimStatus.every((claim) => claim.ok);
     return {
       ok: checked.ok,
       mode: config.mode,
@@ -191,7 +230,23 @@ export async function runAuthCommand(
             status: checked.ok ? "passed" : "failed",
             evidence: checked.data,
           },
+          {
+            id: "INV-WORKOS-001",
+            name: "WorkOS adapter claim mapping is explicit when WorkOS is present",
+            status: !workos.detected ? "not-applicable" : workosClaimsOk ? "passed" : "failed",
+            evidence: workos.claimStatus,
+          },
+          {
+            id: "INV-WORKOS-002",
+            name: "WorkOS required secret names are registered without values",
+            status: !workos.detected ? "not-applicable" : workos.requiredSecretsRegistered ? "passed" : "failed",
+            evidence: {
+              required: ["WORKOS_API_KEY", "WORKOS_CLIENT_ID", "WORKOS_COOKIE_PASSWORD"],
+              webhookSecretRegistered: workos.webhookSecretRegistered,
+            },
+          },
         ],
+        workos,
         checkedAt: "deterministic",
       },
       error: checked.error,