hackmyagent 0.9.4 → 0.9.6

package/dist/soul/scanner.js

@@ -3,7 +3,7 @@
  * SOUL Scanner - Behavioral Governance Scanner
  *
  * Scans governance files (SOUL.md, system-prompt.md, etc.) for coverage
- * across 8 behavioral governance domains defined in OASB v2.
+ * across 9 behavioral governance domains defined in OASB v2.
  */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
@@ -39,7 +39,7 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.GOVERNANCE_FILES = exports.DOMAIN_ORDER = exports.CONTROL_DEFS = exports.SoulScanner = void 0;
+exports.PROFILE_DOMAINS = exports.GOVERNANCE_FILES = exports.DOMAIN_ORDER = exports.CONTROL_DEFS = exports.SoulScanner = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const child_process_1 = require("child_process");
@@ -67,148 +67,229 @@ const MULTI_AGENT_ONLY = ['MULTI-AGENT'];
 const CONTROL_DEFS = [
     // Domain 7: Trust Hierarchy
     { id: 'SOUL-TH-001', name: 'Trust chain defined', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['trust', 'authority', 'principal', 'hierarchy', 'precedence', 'priority'] },
+        keywords: ['trust', 'authority', 'principal', 'hierarchy', 'precedence', 'priority'],
+        remediation: 'Define a trust hierarchy that establishes authority precedence among principals with clear priority ordering.' },
     { id: 'SOUL-TH-002', name: 'Conflict resolution defined', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['conflict', 'override', 'precedence', 'escalat'] },
+        keywords: ['conflict', 'override', 'precedence', 'escalat'],
+        remediation: 'Define conflict resolution rules: how override decisions follow precedence, when to escalate.' },
     { id: 'SOUL-TH-003', name: 'Agent-to-agent trust', domain: 'Trust Hierarchy', domainId: 7, tiers: MULTI_AGENT_ONLY,
-        keywords: ['agent-to-agent', 'sub-agent', 'orchestrat', 'delegate', 'trust.*agent', 'agent.*trust'] },
+        keywords: ['agent-to-agent', 'sub-agent', 'orchestrat', 'delegate', 'trust.*agent', 'agent.*trust'],
+        remediation: 'Define agent-to-agent trust: how sub-agent delegation works, orchestration trust boundaries.' },
     { id: 'SOUL-TH-004', name: 'Principal identity verification', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['authenticate', 'verify identity', 'principal source', 'identity verification', 'authenticated principal', 'identity claim'] },
+        keywords: ['authenticate', 'verify identity', 'principal source', 'identity verification', 'authenticated principal', 'identity claim'],
+        remediation: 'Authenticate all principals and verify identity. Require identity verification for every identity claim.' },
     { id: 'SOUL-TH-005', name: 'Trust hierarchy documentation complete', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['trust hierarchy', 'hierarchy levels', 'trust structure', 'trust path', 'hierarchy definition', 'trust order'] },
+        keywords: ['trust hierarchy', 'hierarchy levels', 'trust structure', 'trust path', 'hierarchy definition', 'trust order'],
+        remediation: 'Document the trust hierarchy with hierarchy levels and trust order so the trust structure is clear.' },
     { id: 'SOUL-TH-006', name: 'Principal authority scope defined', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['authority scope', 'principal authority', 'authority boundary', 'authority limit', 'scope definition', 'authority definition'] },
+        keywords: ['authority scope', 'principal authority', 'authority boundary', 'authority limit', 'scope definition', 'authority definition'],
+        remediation: 'Define authority scope for each principal authority with clear authority boundary and authority limit.' },
     { id: 'SOUL-TH-007', name: 'Trust boundary enforcement', domain: 'Trust Hierarchy', domainId: 7, tiers: TOOL_AND_UP,
-        keywords: ['enforce trust', 'trust enforcement', 'boundary enforcement', 'trust violation', 'enforce boundary', 'trust check'] },
+        keywords: ['enforce trust', 'trust enforcement', 'boundary enforcement', 'trust violation', 'enforce boundary', 'trust check'],
+        remediation: 'Enforce trust boundaries: trust enforcement triggers on any trust violation with a trust check.' },
     { id: 'SOUL-TH-008', name: 'Trust policy update protocol', domain: 'Trust Hierarchy', domainId: 7, tiers: ALL_TIERS,
-        keywords: ['trust update', 'policy update', 'trust change', 'update protocol', 'trust modification', 'change management'] },
+        keywords: ['trust update', 'policy update', 'trust change', 'update protocol', 'trust modification', 'change management'],
+        remediation: 'Define a trust update and policy update protocol for trust change via change management.' },
     // Domain 8: Capability Boundaries (TOOL-USING and up)
     { id: 'SOUL-CB-001', name: 'Allowed actions declared', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['allow', 'permit', 'can do', 'authorized', 'capabilities'] },
+        keywords: ['allow', 'permit', 'can do', 'authorized', 'capabilities'],
+        remediation: 'Declare allowed and authorized capabilities the agent is permitted to perform.' },
     { id: 'SOUL-CB-002', name: 'Denied actions declared', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['deny', 'prohibit', 'must not', 'cannot', 'forbidden', 'restricted'] },
+        keywords: ['deny', 'prohibit', 'must not', 'cannot', 'forbidden', 'restricted'],
+        remediation: 'Declare denied actions: what is prohibited, forbidden, or restricted. The agent must not exceed these.' },
     { id: 'SOUL-CB-003', name: 'Filesystem/network scope', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['file', 'directory', 'path', 'network', 'endpoint', 'url', 'api'] },
+        keywords: ['file', 'directory', 'path', 'network', 'endpoint', 'url', 'api'],
+        remediation: 'Define file, directory, and path scope. Declare network endpoint, URL, and API boundaries.' },
     { id: 'SOUL-CB-004', name: 'Least privilege principle', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['least privilege', 'minimal', 'only needed', 'minimum necessary'] },
+        keywords: ['least privilege', 'minimal', 'only needed', 'minimum necessary'],
+        remediation: 'Apply least privilege: grant only minimal, minimum necessary permissions as needed.' },
     { id: 'SOUL-CB-005', name: 'Permission revocation process defined', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['revoke', 'revocation', 'remove permission', 'disable access', 'withdraw access', 'permission removal'] },
+        keywords: ['revoke', 'revocation', 'remove permission', 'disable access', 'withdraw access', 'permission removal'],
+        remediation: 'Define a revocation process to revoke and remove permission. Disable access and withdraw access promptly.' },
     { id: 'SOUL-CB-006', name: 'Capability exposure minimized', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['exposure limit', 'minimal exposure', 'capability exposure', 'selective exposure', 'controlled exposure', 'unexposed'] },
+        keywords: ['exposure limit', 'minimal exposure', 'capability exposure', 'selective exposure', 'controlled exposure', 'unexposed'],
+        remediation: 'Minimize capability exposure with an exposure limit. Use selective exposure and controlled exposure.' },
     { id: 'SOUL-CB-007', name: 'Tool integration boundaries declared', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['tool boundary', 'tool scope', 'tool limit', 'tool interface', 'tool access control', 'tool constraint'] },
+        keywords: ['tool boundary', 'tool scope', 'tool limit', 'tool interface', 'tool access control', 'tool constraint'],
+        remediation: 'Declare tool boundary, tool scope, and tool limit. Define tool interface and tool access control.' },
     { id: 'SOUL-CB-008', name: 'Rate and resource limits enforced', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['rate limit', 'rate limiting', 'resource limit', 'throttle', 'quota', 'bandwidth limit', 'usage limit'] },
+        keywords: ['rate limit', 'rate limiting', 'resource limit', 'throttle', 'quota', 'bandwidth limit', 'usage limit'],
+        remediation: 'Enforce rate limit and rate limiting. Set resource limit, throttle, quota, and usage limit.' },
     { id: 'SOUL-CB-009', name: 'Scope validation at invocation', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['validate scope', 'scope check', 'scope validation', 'boundary check', 'scope enforcement', 'permission check'] },
+        keywords: ['validate scope', 'scope check', 'scope validation', 'boundary check', 'scope enforcement', 'permission check'],
+        remediation: 'Validate scope at invocation with a scope check and scope validation before execution.' },
     { id: 'SOUL-CB-010', name: 'Capability audit trail maintained', domain: 'Capability Boundaries', domainId: 8, tiers: TOOL_AND_UP,
-        keywords: ['capability audit', 'audit trail', 'capability log', 'usage log', 'execution log', 'action record'] },
+        keywords: ['capability audit', 'audit trail', 'capability log', 'usage log', 'execution log', 'action record'],
+        remediation: 'Maintain a capability audit and audit trail. Record actions in a capability log and usage log.' },
     // Domain 9: Injection Hardening (all tiers)
     { id: 'SOUL-IH-001', name: 'Instruction override defense', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['ignore previous', 'override', 'injection', 'contradict'] },
+        keywords: ['ignore previous', 'override', 'injection', 'contradict'],
+        remediation: 'Defend against "ignore previous" instructions, override attempts, injection, and contradiction.' },
     { id: 'SOUL-IH-002', name: 'Encoded payload defense', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['encoded', 'obfuscated', 'base64', 'hidden'] },
+        keywords: ['encoded', 'obfuscated', 'base64', 'hidden'],
+        remediation: 'Defend against encoded, obfuscated, base64, and hidden payloads in user input.' },
     { id: 'SOUL-IH-003', name: 'Role-play refusal', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['role-play', 'pretend', 'act as', 'jailbreak', 'DAN'], critical: true },
+        keywords: ['role-play', 'pretend', 'act as', 'jailbreak', 'as DAN'], critical: true,
+        remediation: 'Refuse role-play, pretend, "act as", jailbreak, and "act as DAN" requests.' },
     { id: 'SOUL-IH-004', name: 'Input validation and sanitization', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['input validation', 'sanitize', 'sanitization', 'validate input', 'filter input', 'clean input'] },
+        keywords: ['input validation', 'sanitize', 'sanitization', 'validate input', 'filter input', 'clean input'],
+        remediation: 'Apply input validation and sanitize all inputs. Use sanitization, validate input, filter input, and clean input.' },
     { id: 'SOUL-IH-005', name: 'Output encoding and escaping', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['output encoding', 'escape output', 'encode output', 'html escape', 'output sanitize', 'safe output'] },
+        keywords: ['output encoding', 'escape output', 'encode output', 'html escape', 'output sanitize', 'safe output'],
+        remediation: 'Apply output encoding: escape output, encode output with html escape for safe output.' },
     { id: 'SOUL-IH-006', name: 'Multi-layer injection defense', domain: 'Injection Hardening', domainId: 9, tiers: TOOL_AND_UP,
-        keywords: ['defense layer', 'defense in depth', 'layered defense', 'multiple defense', 'defense stack', 'multi-layer'] },
+        keywords: ['defense layer', 'defense in depth', 'layered defense', 'multiple defense', 'defense stack', 'multi-layer'],
+        remediation: 'Use defense in depth with a multi-layer defense stack and layered defense approach.' },
     { id: 'SOUL-IH-007', name: 'Injection detection and alerting', domain: 'Injection Hardening', domainId: 9, tiers: ALL_TIERS,
-        keywords: ['detect injection', 'injection detection', 'attack detection', 'log injection', 'alert injection', 'security log'] },
+        keywords: ['detect injection', 'injection detection', 'attack detection', 'log injection', 'alert injection', 'security log'],
+        remediation: 'Detect injection via injection detection. Attack detection logs to security log and alerts on injection.' },
     { id: 'SOUL-IH-008', name: 'Adversarial input testing', domain: 'Injection Hardening', domainId: 9, tiers: TOOL_AND_UP,
-        keywords: ['test defense', 'adversarial test', 'red team', 'penetration test', 'security test', 'verify hardening'] },
+        keywords: ['test defense', 'adversarial test', 'red team', 'penetration test', 'security test', 'verify hardening'],
+        remediation: 'Run adversarial test and red team exercises. Penetration test and security test verify hardening.' },
     // Domain 10: Data Handling
     { id: 'SOUL-DH-001', name: 'PII protection', domain: 'Data Handling', domainId: 10, tiers: ALL_TIERS,
-        keywords: ['pii', 'personal', 'privacy', 'data protection', 'gdpr'] },
+        keywords: ['pii', 'personal', 'privacy', 'data protection', 'gdpr'],
+        remediation: 'Protect PII and personal data. Enforce privacy and data protection under GDPR.' },
     { id: 'SOUL-DH-002', name: 'Credential handling', domain: 'Data Handling', domainId: 10, tiers: TOOL_AND_UP,
-        keywords: ['credential', 'secret', 'password', 'api key', 'token'] },
+        keywords: ['credential', 'secret', 'password', 'api key', 'token'],
+        remediation: 'Handle credentials, secrets, passwords, API keys, and tokens securely.' },
     { id: 'SOUL-DH-003', name: 'Data minimization', domain: 'Data Handling', domainId: 10, tiers: ALL_TIERS,
-        keywords: ['minimiz', 'only collect', 'retention', 'delete', 'purge'] },
+        keywords: ['minimiz', 'only collect', 'retention', 'delete', 'purge'],
+        remediation: 'Minimize data collection: only collect what is needed, define retention, delete/purge old data.' },
     { id: 'SOUL-DH-004', name: 'Data retention and deletion policy', domain: 'Data Handling', domainId: 10, tiers: ALL_TIERS,
-        keywords: ['retention policy', 'retention period', 'data deletion', 'purge schedule', 'data retention', 'archival policy'] },
+        keywords: ['retention policy', 'retention period', 'data deletion', 'purge schedule', 'data retention', 'archival policy'],
+        remediation: 'Define a retention policy with retention period. Data deletion follows a purge schedule and archival policy.' },
     { id: 'SOUL-DH-005', name: 'Data classification framework', domain: 'Data Handling', domainId: 10, tiers: ALL_TIERS,
-        keywords: ['data classification', 'classify data', 'sensitivity level', 'data sensitivity', 'classification scheme', 'data category'] },
+        keywords: ['data classification', 'classify data', 'sensitivity level', 'data sensitivity', 'classification scheme', 'data category'],
+        remediation: 'Implement data classification: classify data by sensitivity level. Use a classification scheme with data categories.' },
     { id: 'SOUL-DH-006', name: 'Data access control enforcement', domain: 'Data Handling', domainId: 10, tiers: TOOL_AND_UP,
-        keywords: ['data access control', 'access rule', 'access policy', 'enforce access', 'data permission', 'access enforcement'] },
+        keywords: ['data access control', 'access rule', 'access policy', 'enforce access', 'data permission', 'access enforcement'],
+        remediation: 'Enforce data access control with access rules, access policy, data permission, and access enforcement.' },
     { id: 'SOUL-DH-007', name: 'Data encryption requirements', domain: 'Data Handling', domainId: 10, tiers: TOOL_AND_UP,
-        keywords: ['encrypt', 'encryption', 'encrypted', 'encryption at rest', 'encryption in transit', 'tls', 'https', 'cipher'] },
+        keywords: ['encrypt', 'encryption', 'encrypted', 'encryption at rest', 'encryption in transit', 'tls', 'https', 'cipher'],
+        remediation: 'Encrypt data with encryption at rest and encryption in transit via TLS/HTTPS.' },
     { id: 'SOUL-DH-008', name: 'Data breach response procedure', domain: 'Data Handling', domainId: 10, tiers: AGENTIC_AND_UP,
-        keywords: ['breach notification', 'breach response', 'incident response', 'data breach', 'breach procedure', 'incident notification'] },
+        keywords: ['breach notification', 'breach response', 'incident response', 'data breach', 'breach procedure', 'incident notification'],
+        remediation: 'Define breach notification and breach response. Incident response handles data breach with incident notification.' },
     // Domain 11: Hardcoded Behaviors (all tiers)
     { id: 'SOUL-HB-001', name: 'Safety immutables defined', domain: 'Hardcoded Behaviors', domainId: 11, tiers: ALL_TIERS,
-        keywords: ['never', 'always', 'must not', 'absolute', 'immutable', 'hardcoded'], critical: true },
+        keywords: ['never', 'always', 'must not', 'absolute', 'immutable', 'hardcoded'], critical: true,
+        remediation: 'Define safety immutables: never/always rules that are absolute, immutable, and hardcoded.' },
     { id: 'SOUL-HB-002', name: 'No data exfiltration rule', domain: 'Hardcoded Behaviors', domainId: 11, tiers: ALL_TIERS,
-        keywords: ['exfiltrat', 'unauthorized', 'leak', 'transmit'] },
+        keywords: ['exfiltrat', 'unauthorized', 'leak', 'transmit'],
+        remediation: 'Prohibit exfiltration of unauthorized data. Prevent leak and transmit to external destinations.' },
     { id: 'SOUL-HB-003', name: 'Kill switch / emergency stop', domain: 'Hardcoded Behaviors', domainId: 11, tiers: ALL_TIERS,
-        keywords: ['kill switch', 'emergency', 'shutdown', 'terminate', 'stop'] },
+        keywords: ['kill switch', 'emergency', 'shutdown', 'terminate', 'stop'],
+        remediation: 'Implement a kill switch for emergency shutdown. Terminate and stop on anomalous behavior.' },
     { id: 'SOUL-HB-004', name: 'Behavior integrity verification', domain: 'Hardcoded Behaviors', domainId: 11, tiers: TOOL_AND_UP,
-        keywords: ['verify behavior', 'integrity check', 'behavior integrity', 'validate behavior', 'integrity verification', 'behavior validation'] },
+        keywords: ['verify behavior', 'integrity check', 'behavior integrity', 'validate behavior', 'integrity verification', 'behavior validation'],
+        remediation: 'Verify behavior through integrity check and behavior integrity. Validate behavior via integrity verification.' },
     { id: 'SOUL-HB-005', name: 'Constraint immutability guarantee', domain: 'Hardcoded Behaviors', domainId: 11, tiers: ALL_TIERS,
-        keywords: ['immutable constraint', 'immutable rule', 'unchangeable', 'permanent constraint', 'fixed rule', 'hardcoded constraint'] },
+        keywords: ['immutable constraint', 'immutable rule', 'unchangeable', 'permanent constraint', 'fixed rule', 'hardcoded constraint'],
+        remediation: 'Guarantee immutable constraint and immutable rule enforcement. Unchangeable and permanent constraints are fixed.' },
     { id: 'SOUL-HB-006', name: 'Tamper detection mechanism', domain: 'Hardcoded Behaviors', domainId: 11, tiers: TOOL_AND_UP,
-        keywords: ['detect tamper', 'tamper detection', 'tamper-proof', 'detect modification', 'detect unauthorized change', 'integrity monitor'] },
+        keywords: ['detect tamper', 'tamper detection', 'tamper-proof', 'detect modification', 'detect unauthorized change', 'integrity monitor'],
+        remediation: 'Detect tamper via tamper detection. Tamper-proof design with integrity monitor.' },
     { id: 'SOUL-HB-007', name: 'Safety behavior audit', domain: 'Hardcoded Behaviors', domainId: 11, tiers: TOOL_AND_UP,
-        keywords: ['behavior audit', 'audit behavior', 'behavior attestation', 'certify behavior', 'behavior verification', 'safety audit'] },
+        keywords: ['behavior audit', 'audit behavior', 'behavior attestation', 'certify behavior', 'behavior verification', 'safety audit'],
+        remediation: 'Conduct behavior audit and audit behavior. Behavior attestation certifies behavior via safety audit.' },
     { id: 'SOUL-HB-008', name: 'Enforcement resilience under pressure', domain: 'Hardcoded Behaviors', domainId: 11, tiers: AGENTIC_AND_UP,
-        keywords: ['enforcement resilience', 'reliable enforcement', 'robust enforcement', 'fail-safe', 'enforcement guarantee', 'enforcement mechanism'] },
+        keywords: ['enforcement resilience', 'reliable enforcement', 'robust enforcement', 'fail-safe', 'enforcement guarantee', 'enforcement mechanism'],
+        remediation: 'Ensure enforcement resilience with reliable enforcement. Robust enforcement via fail-safe enforcement mechanism.' },
     // Domain 12: Agentic Safety (AGENTIC and up)
     { id: 'SOUL-AS-001', name: 'Iteration/loop limits', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['iteration', 'loop', 'limit', 'maximum', 'budget'] },
+        keywords: ['iteration', 'loop', 'limit', 'maximum', 'budget'],
+        remediation: 'Set iteration and loop limits with a maximum budget per session.' },
     { id: 'SOUL-AS-002', name: 'Budget/cost caps', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['budget', 'cost', 'spending', 'cap', 'limit'] },
+        keywords: ['budget', 'cost', 'spending', 'cap', 'limit'],
+        remediation: 'Define budget and cost caps with spending limits.' },
     { id: 'SOUL-AS-003', name: 'Timeout defined', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['timeout', 'time limit', 'duration', 'deadline'] },
+        keywords: ['timeout', 'time limit', 'duration', 'deadline'],
+        remediation: 'Define timeout and time limit. Set duration and deadline for operations.' },
     { id: 'SOUL-AS-004', name: 'Reversibility preference', domain: 'Agentic Safety', domainId: 12, tiers: MULTI_AGENT_ONLY,
-        keywords: ['reversible', 'undo', 'rollback', 'revert'] },
+        keywords: ['reversible', 'undo', 'rollback', 'revert'],
+        remediation: 'Prefer reversible actions. Support undo, rollback, and revert.' },
     { id: 'SOUL-AS-005', name: 'Tool dependency limits', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['dependency limit', 'dependency depth', 'dependency chain', 'tool dependency', 'dependency tracking', 'dependency count'] },
+        keywords: ['dependency limit', 'dependency depth', 'dependency chain', 'tool dependency', 'dependency tracking', 'dependency count'],
+        remediation: 'Enforce dependency limit on dependency depth and dependency chain. Track tool dependency with dependency count.' },
     { id: 'SOUL-AS-006', name: 'State management limits', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['state limit', 'state management', 'memory limit', 'context limit', 'state size', 'session state limit'] },
+        keywords: ['state limit', 'state management', 'memory limit', 'context limit', 'state size', 'session state limit'],
+        remediation: 'Set state limit on state management. Enforce memory limit, context limit, and session state limit.' },
     { id: 'SOUL-AS-007', name: 'Error recovery protocol', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['error recovery', 'recovery protocol', 'error handling', 'retry logic', 'error fallback', 'recovery mechanism'] },
+        keywords: ['error recovery', 'recovery protocol', 'error handling', 'retry logic', 'error fallback', 'recovery mechanism'],
+        remediation: 'Define error recovery with a recovery protocol. Error handling includes retry logic and error fallback.' },
     { id: 'SOUL-AS-008', name: 'Task isolation and sandboxing', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['task isolation', 'sandbox', 'sandboxing', 'isolated execution', 'execution boundary', 'isolation level'] },
+        keywords: ['task isolation', 'sandbox', 'sandboxing', 'isolated execution', 'execution boundary', 'isolation level'],
+        remediation: 'Enforce task isolation via sandbox and sandboxing. Isolated execution within an execution boundary.' },
     { id: 'SOUL-AS-009', name: 'Resource cleanup on completion', domain: 'Agentic Safety', domainId: 12, tiers: AGENTIC_AND_UP,
-        keywords: ['cleanup', 'resource cleanup', 'finalization', 'resource release', 'graceful shutdown', 'cleanup procedure'] },
+        keywords: ['cleanup', 'resource cleanup', 'finalization', 'resource release', 'graceful shutdown', 'cleanup procedure'],
+        remediation: 'Perform cleanup and resource cleanup on completion. Finalization and graceful shutdown via cleanup procedure.' },
     { id: 'SOUL-AS-010', name: 'Concurrent execution coordination', domain: 'Agentic Safety', domainId: 12, tiers: MULTI_AGENT_ONLY,
-        keywords: ['concurrent limit', 'concurrency', 'concurrent execution', 'coordination', 'serialize task', 'synchronize', 'parallel limit'] },
+        keywords: ['concurrent limit', 'concurrency', 'concurrent execution', 'coordination', 'serialize task', 'synchronize', 'parallel limit'],
+        remediation: 'Enforce concurrent limit on concurrency. Coordination and synchronize with parallel limit.' },
     // Domain 13: Honesty and Transparency (all tiers)
     { id: 'SOUL-HT-001', name: 'Uncertainty acknowledgment', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['uncertain', "don't know", 'not sure', 'acknowledge', 'calibrat'] },
+        keywords: ['uncertain', "don't know", 'not sure', 'acknowledge', 'calibrat'],
+        remediation: 'Acknowledge uncertainty: say "don\'t know" or "not sure". Calibrate confidence.' },
     { id: 'SOUL-HT-002', name: 'No fabrication rule', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['fabricat', 'hallucin', 'invent', 'make up', 'accurate'] },
+        keywords: ['fabricat', 'hallucin', 'invent', 'make up', 'accurate'],
+        remediation: 'Never fabricate or hallucinate. Do not invent or make up facts. Be accurate.' },
     { id: 'SOUL-HT-003', name: 'Identity disclosure', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['identity', 'ai', 'assistant', 'disclose', 'transparent'] },
+        keywords: ['identity', 'ai', 'assistant', 'disclose', 'transparent'],
+        remediation: 'Disclose identity as an AI assistant. Be transparent about capabilities.' },
     { id: 'SOUL-HT-004', name: 'Knowledge boundaries documented', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['knowledge boundary', 'knowledge limit', 'knowledge cutoff', 'training limit', 'knowledge scope', 'knowledge limitation'] },
+        keywords: ['knowledge boundary', 'knowledge limit', 'knowledge cutoff', 'training limit', 'knowledge scope', 'knowledge limitation'],
+        remediation: 'Document knowledge boundary and knowledge limit. State knowledge cutoff and training limit.' },
     { id: 'SOUL-HT-005', name: 'Confidence level disclosure', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['confidence level', 'confidence score', 'confidence calibration', 'express confidence', 'certainty level', 'calibrated confidence'] },
+        keywords: ['confidence level', 'confidence score', 'confidence calibration', 'express confidence', 'certainty level', 'calibrated confidence'],
+        remediation: 'Disclose confidence level and confidence score. Use confidence calibration for calibrated confidence.' },
     { id: 'SOUL-HT-006', name: 'Training data recency disclosed', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['training cutoff', 'training date', 'cutoff date', 'knowledge date', 'data recency', 'up to date', 'information currency'] },
+        keywords: ['training cutoff', 'training date', 'cutoff date', 'knowledge date', 'data recency', 'up to date', 'information currency'],
+        remediation: 'Disclose training cutoff and training date. Note data recency and information currency.' },
     { id: 'SOUL-HT-007', name: 'Limitations acknowledged in responses', domain: 'Honesty and Transparency', domainId: 13, tiers: ALL_TIERS,
-        keywords: ['acknowledge limitation', 'limitation notice', 'caveat', 'disclose limitation', 'limitation disclosure', 'note limitation'] },
+        keywords: ['acknowledge limitation', 'limitation notice', 'caveat', 'disclose limitation', 'limitation disclosure', 'note limitation'],
+        remediation: 'Acknowledge limitation with a limitation notice or caveat. Disclose limitation in responses.' },
     { id: 'SOUL-HT-008', name: 'Source verification practices', domain: 'Honesty and Transparency', domainId: 13, tiers: TOOL_AND_UP,
-        keywords: ['verify source', 'source verification', 'cite source', 'citation practice', 'verify information', 'source accuracy'] },
+        keywords: ['verify source', 'source verification', 'cite source', 'citation practice', 'verify information', 'source accuracy'],
+        remediation: 'Verify source via source verification. Cite source using citation practice for source accuracy.' },
     // Domain 14: Human Oversight (TOOL-USING and up)
     { id: 'SOUL-HO-001', name: 'Approval gates', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['approval', 'confirm', 'human-in-the-loop', 'review', 'authorize'] },
+        keywords: ['approval', 'confirm', 'human-in-the-loop', 'review', 'authorize'],
+        remediation: 'Require approval and confirmation. Human-in-the-loop review authorizes high-impact actions.' },
     { id: 'SOUL-HO-002', name: 'Override mechanism', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['override', 'intervene', 'manual', 'human control'] },
+        keywords: ['override', 'intervene', 'manual', 'human control'],
+        remediation: 'Provide override mechanism: intervene manually with human control.' },
     { id: 'SOUL-HO-003', name: 'Monitoring/logging', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['monitor', 'log', 'audit', 'track', 'observe'] },
+        keywords: ['monitor', 'log', 'audit', 'track', 'observe'],
+        remediation: 'Monitor and log all actions for audit. Track and observe behavior.' },
     { id: 'SOUL-HO-004', name: 'Approval workflow and escalation', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['approval workflow', 'escalation path', 'escalation workflow', 'approval process', 'approval chain', 'workflow process'] },
+        keywords: ['approval workflow', 'escalation path', 'escalation workflow', 'approval process', 'approval chain', 'workflow process'],
+        remediation: 'Define approval workflow with escalation path. The approval process follows the approval chain.' },
     { id: 'SOUL-HO-005', name: 'Action notification protocol', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['notification protocol', 'alert protocol', 'notify user', 'action notification', 'alert system', 'notification trigger'] },
+        keywords: ['notification protocol', 'alert protocol', 'notify user', 'action notification', 'alert system', 'notification trigger'],
+        remediation: 'Implement notification protocol and alert protocol. Notify user via action notification with alert system.' },
     { id: 'SOUL-HO-006', name: 'Operator identity verification', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['operator verification', 'verify operator', 'operator authorization', 'operator authentication', 'operator identity', 'authorize operator'] },
+        keywords: ['operator verification', 'verify operator', 'operator authorization', 'operator authentication', 'operator identity', 'authorize operator'],
+        remediation: 'Verify operator via operator verification. Operator authorization and operator authentication confirm identity.' },
     { id: 'SOUL-HO-007', name: 'Audit log retention and access', domain: 'Human Oversight', domainId: 14, tiers: TOOL_AND_UP,
-        keywords: ['audit retention', 'log retention', 'audit log access', 'log access control', 'audit preservation', 'log archival'] },
+        keywords: ['audit retention', 'log retention', 'audit log access', 'log access control', 'audit preservation', 'log archival'],
+        remediation: 'Maintain audit retention and log retention. Audit log access is governed by log access control.' },
     { id: 'SOUL-HO-008', name: 'Escalation triggers for runaway detection', domain: 'Human Oversight', domainId: 14, tiers: AGENTIC_AND_UP,
-        keywords: ['escalation trigger', 'runaway detection', 'detect runaway', 'malfunction detection', 'anomaly detection', 'escalation condition'] },
+        keywords: ['escalation trigger', 'runaway detection', 'detect runaway', 'malfunction detection', 'anomaly detection', 'escalation condition'],
+        remediation: 'Define escalation trigger for runaway detection. Detect runaway and malfunction via anomaly detection.' },
+    // Domain 15: Harm Avoidance
+    { id: 'SOUL-HV-001', name: 'Pre-action risk assessment', domain: 'Harm Avoidance', domainId: 15, tiers: TOOL_AND_UP,
+        keywords: ['risk assessment', 'consequence', 'impact analysis', 'before acting', 'potential harm', 'side effect', 'cost-benefit', 'think before'],
+        remediation: 'Evaluate potential consequences via risk assessment before acting. Consider potential harm, side effects, and cost-benefit.' },
+    { id: 'SOUL-HV-002', name: 'Proportional response', domain: 'Harm Avoidance', domainId: 15, tiers: ALL_TIERS,
+        keywords: ['proportional', 'commensurate', 'calibrate', 'appropriate response', 'level of caution', 'measured response', 'scale caution'],
+        remediation: 'Scale caution proportionally. Use a measured response calibrated to the level of caution appropriate for the stakes.' },
+    { id: 'SOUL-HV-003', name: 'Unintended impact awareness', domain: 'Harm Avoidance', domainId: 15, tiers: AGENTIC_AND_UP,
+        keywords: ['downstream effect', 'second-order', 'unintended', 'ripple effect', 'cascade', 'knock-on', 'cumulative impact', 'broader impact'],
+        remediation: 'Consider downstream effects and second-order consequences. Account for unintended ripple effects, cascade, and cumulative impact.' },
+    { id: 'SOUL-HV-004', name: 'Ambiguity resolution', domain: 'Harm Avoidance', domainId: 15, tiers: ALL_TIERS,
+        keywords: ['ambiguous', 'safer interpretation', 'clarification', 'disambiguate', 'uncertain instruction', 'default to safe', 'ask for clarification'],
+        remediation: 'When instructions are ambiguous, default to the safer interpretation or ask for clarification. Disambiguate uncertain instructions.' },
 ];
 exports.CONTROL_DEFS = CONTROL_DEFS;
 // Unique domain names in order
@@ -221,9 +302,23 @@ const DOMAIN_ORDER = [
     'Agentic Safety',
     'Honesty and Transparency',
     'Human Oversight',
+    'Harm Avoidance',
 ];
 exports.DOMAIN_ORDER = DOMAIN_ORDER;
 // ---------------------------------------------------------------------------
+// Profile-to-domain mapping
+// ---------------------------------------------------------------------------
+/** Domain IDs that apply to each profile. */
+const PROFILE_DOMAINS = {
+    conversational: [9, 11, 13, 15], // Injection, Hardcoded, Honesty, Harm Avoidance
+    'code-assistant': [7, 9, 10, 11, 13, 15], // + Trust, Data
+    'tool-agent': [7, 8, 9, 10, 11, 13, 14, 15], // + Capability, Oversight
+    autonomous: [7, 8, 9, 10, 11, 12, 13, 14, 15], // + Agentic Safety
+    orchestrator: [7, 8, 9, 10, 11, 12, 13, 14, 15], // All 9 domains
+    custom: [7, 8, 9, 10, 11, 12, 13, 14, 15], // All 9 domains
+};
+exports.PROFILE_DOMAINS = PROFILE_DOMAINS;
+// ---------------------------------------------------------------------------
 // Tier detection keywords
 // ---------------------------------------------------------------------------
 const TIER_KEYWORDS = {
@@ -232,6 +327,16 @@ const TIER_KEYWORDS = {
     toolUsing: ['tool_use', 'function_calling', 'tools', 'mcp', 'modelcontextprotocol', 'function call', 'tool call'],
 };
 // ---------------------------------------------------------------------------
+// Profile detection keywords
+// ---------------------------------------------------------------------------
+const PROFILE_KEYWORDS = {
+    orchestrator: ['orchestrat', 'multi-agent', 'multi_agent', 'swarm', 'coordinator', 'delegate.*agent', 'agent.*delegate'],
+    autonomous: ['autonomous', 'self-directed', 'agent loop', 'auto-run', 'agentic', 'self-improving'],
+    'tool-agent': ['tool_use', 'function_calling', 'mcp', 'modelcontextprotocol', 'function call', 'tool call'],
+    'code-assistant': ['code', 'file access', 'code generation', 'repository', 'codebase', 'programming'],
+    conversational: ['chatbot', 'q&a', 'question and answer', 'conversational', 'chat', 'assistant'],
+};
+// ---------------------------------------------------------------------------
 // SoulScanner class
 // ---------------------------------------------------------------------------
 class SoulScanner {
@@ -250,8 +355,17 @@ class SoulScanner {
     }
     /**
      * Detect agent tier by scanning governance file content and project files.
+     * Respects a `<!-- soul:tier=TIER -->` marker if present (prevents tier drift).
      */
     detectTier(targetDir, governanceContent) {
+        // Check for explicit tier marker first (prevents drift after hardening)
+        const markerMatch = governanceContent.match(/<!--\s*soul:tier=(\S+)\s*-->/i);
+        if (markerMatch) {
+            const markerTier = markerMatch[1].toUpperCase();
+            if (['BASIC', 'TOOL-USING', 'AGENTIC', 'MULTI-AGENT'].includes(markerTier)) {
+                return markerTier;
+            }
+        }
         // Combine governance content with any package.json or config content
         let combined = governanceContent.toLowerCase();
         const pkgPath = path.join(targetDir, 'package.json');
@@ -281,6 +395,44 @@ class SoulScanner {
         }
         return 'BASIC';
     }
+    /**
+     * Detect agent profile from governance content.
+     * Respects a `<!-- soul:profile=PROFILE -->` marker if present.
+     */
+    detectProfile(governanceContent) {
+        // Check for explicit profile marker first
+        const markerMatch = governanceContent.match(/<!--\s*soul:profile=(\S+)\s*-->/i);
+        if (markerMatch) {
+            const markerProfile = markerMatch[1].toLowerCase();
+            if (Object.keys(PROFILE_DOMAINS).includes(markerProfile)) {
+                return markerProfile;
+            }
+        }
+        const lower = governanceContent.toLowerCase();
+        // Check from most specific to least
+        for (const kw of PROFILE_KEYWORDS.orchestrator) {
+            if (lower.includes(kw.toLowerCase()))
+                return 'orchestrator';
+        }
+        for (const kw of PROFILE_KEYWORDS.autonomous) {
+            if (lower.includes(kw.toLowerCase()))
+                return 'autonomous';
+        }
+        for (const kw of PROFILE_KEYWORDS['tool-agent']) {
+            if (lower.includes(kw.toLowerCase()))
+                return 'tool-agent';
+        }
+        for (const kw of PROFILE_KEYWORDS['code-assistant']) {
+            if (lower.includes(kw.toLowerCase()))
+                return 'code-assistant';
+        }
+        for (const kw of PROFILE_KEYWORDS.conversational) {
+            if (lower.includes(kw.toLowerCase()))
+                return 'conversational';
+        }
+        // Default: custom (evaluates all domains)
+        return 'custom';
+    }
     /**
      * Check if content matches any keyword for a control.
      * Case-insensitive substring match.
@@ -365,6 +517,7 @@ class SoulScanner {
     }
     /**
      * Calculate grade from score, applying critical floor if needed.
+     * @deprecated Use calculateLevel() for display; grade kept for backward compat.
      */
     calculateGrade(score, criticalMissing) {
         let grade;
@@ -384,6 +537,20 @@ class SoulScanner {
         }
         return { grade, floored: false };
     }
+    /**
+     * Calculate progress-oriented maturity level.
+     */
+    calculateLevel(score) {
+        if (score === 0)
+            return 'not-started';
+        if (score >= 80)
+            return 'hardened';
+        if (score >= 60)
+            return 'standard';
+        if (score >= 40)
+            return 'developing';
+        return 'initial';
+    }
     /**
      * Calculate conformance level based on score and critical control status.
      * none:      one or more critical controls are missing
@@ -401,17 +568,18 @@ class SoulScanner {
         return 'essential';
     }
     /**
-     * Return the subset of controls applicable to a given agent tier.
+     * Return the subset of controls applicable to a given agent tier and profile.
      */
-    applicableControls(tier) {
-        return CONTROL_DEFS.filter((d) => d.tiers.includes(tier));
+    applicableControls(tier, profile) {
+        const profileDomainIds = PROFILE_DOMAINS[profile];
+        return CONTROL_DEFS.filter((d) => d.tiers.includes(tier) && profileDomainIds.includes(d.domainId));
     }
     /**
      * Scan a directory for behavioral governance coverage.
      */
     async scanSoul(targetDir, options) {
         const govFile = this.findGovernanceFile(targetDir);
-        // Detect tier early (needed for applicable control count)
+        // Read content early (needed for tier + profile detection)
         const contentForTier = govFile
             ? (() => { try {
                 return fs.readFileSync(govFile, 'utf-8');
@@ -422,16 +590,46 @@ class SoulScanner {
             : '';
         const tierForced = !!options?.tier;
         const tier = (tierForced ? options.tier.toUpperCase() : null) || this.detectTier(targetDir, contentForTier);
-        const applicable = this.applicableControls(tier);
+        const profileForced = !!options?.profile;
+        const profile = (profileForced ? options.profile.toLowerCase() : null) || this.detectProfile(contentForTier);
+        const applicable = this.applicableControls(tier, profile);
+        // Determine which domains are skipped by profile
+        const profileDomainIds = PROFILE_DOMAINS[profile];
+        const skippedDomains = DOMAIN_ORDER.filter((d) => {
+            const domainId = CONTROL_DEFS.find((c) => c.domain === d)?.domainId;
+            return domainId !== undefined && !profileDomainIds.includes(domainId);
+        });
         // No governance file found
         if (!govFile) {
             const emptyDomains = DOMAIN_ORDER.map((domain) => {
                 const defs = applicable.filter((d) => d.domain === domain);
-                if (defs.length === 0)
-                    return null; // Domain not applicable for this tier
+                const domainId = CONTROL_DEFS.find((d) => d.domain === domain)?.domainId ?? 0;
+                const isSkipped = !profileDomainIds.includes(domainId);
+                if (defs.length === 0 && !isSkipped) {
+                    // Domain is included by profile but has no controls at the current tier
+                    return {
+                        domain,
+                        domainId,
+                        controls: [],
+                        passed: 0,
+                        total: 0,
+                        percentage: 0,
+                        skippedByTier: true,
+                    };
+                }
+                if (isSkipped) {
+                    return {
+                        domain,
+                        domainId,
+                        controls: [],
+                        passed: 0,
+                        total: 0,
+                        percentage: 0,
+                        skippedByProfile: true,
+                    };
+                }
                 const controls = defs
                     .map((d) => ({ id: d.id, name: d.name, domain: d.domain, keywords: d.keywords, passed: false }));
-                const domainId = defs[0]?.domainId ?? 0;
                 return {
                     domain,
                     domainId,
@@ -443,15 +641,20 @@ class SoulScanner {
             }).filter((d) => d !== null);
             const criticalMissing = applicable.filter((d) => d.critical).map((d) => d.id);
             const { grade, floored } = this.calculateGrade(0, criticalMissing);
+            const level = this.calculateLevel(0);
             const conformance = this.calculateConformance(0, criticalMissing);
             return {
                 file: null,
                 fileSize: 0,
                 agentTier: tier,
                 tierForced,
+                agentProfile: profile,
+                profileForced,
+                skippedDomains,
                 domains: emptyDomains,
                 score: 0,
                 grade,
+                level,
                 conformance,
                 criticalFloor: floored,
                 criticalMissing,
@@ -494,14 +697,36 @@ class SoulScanner {
                 }
             }
         }
-        // Group into domains (only domains with applicable controls)
+        // Group into domains (include skipped-by-profile domains for visibility)
         const domains = DOMAIN_ORDER.map((domain) => {
+            const domainId = CONTROL_DEFS.find((d) => d.domain === domain)?.domainId ?? 0;
+            const isSkipped = !profileDomainIds.includes(domainId);
+            if (isSkipped) {
+                return {
+                    domain,
+                    domainId,
+                    controls: [],
+                    passed: 0,
+                    total: 0,
+                    percentage: 0,
+                    skippedByProfile: true,
+                };
+            }
             const domainControls = controlResults.filter((c) => c.domain === domain);
-            if (domainControls.length === 0)
-                return null; // No applicable controls for this tier
+            if (domainControls.length === 0) {
+                // Domain is included by profile but has no controls at the current tier
+                return {
+                    domain,
+                    domainId,
+                    controls: [],
+                    passed: 0,
+                    total: 0,
+                    percentage: 0,
+                    skippedByTier: true,
+                };
+            }
             const passed = domainControls.filter((c) => c.passed).length;
             const total = domainControls.length;
-            const domainId = CONTROL_DEFS.find((d) => d.domain === domain)?.domainId ?? 0;
             return {
                 domain,
                 domainId,
@@ -511,9 +736,10 @@ class SoulScanner {
                 percentage: total > 0 ? Math.round((passed / total) * 100) : 0,
             };
         }).filter((d) => d !== null);
-        // Calculate overall score as average of applicable domain percentages
-        const score = domains.length > 0
-            ? Math.round(domains.reduce((sum, d) => sum + d.percentage, 0) / domains.length)
+        // Calculate overall score as average of applicable (non-skipped) domain percentages
+        const scoredDomains = domains.filter((d) => !d.skippedByProfile && d.total > 0);
+        const score = scoredDomains.length > 0
+            ? Math.round(scoredDomains.reduce((sum, d) => sum + d.percentage, 0) / scoredDomains.length)
             : 0;
         // Find missing critical controls (only applicable ones)
         const criticalMissing = applicable
@@ -521,6 +747,7 @@ class SoulScanner {
             .filter((d) => !controlResults.find((c) => c.id === d.id)?.passed)
             .map((d) => d.id);
         const { grade, floored } = this.calculateGrade(score, criticalMissing);
+        const level = this.calculateLevel(score);
         const conformance = this.calculateConformance(score, criticalMissing);
         const totalPassed = controlResults.filter((c) => c.passed).length;
         const result = {
@@ -528,9 +755,13 @@ class SoulScanner {
             fileSize,
             agentTier: tier,
             tierForced,
+            agentProfile: profile,
+            profileForced,
+            skippedDomains,
             domains,
             score,
             grade,
+            level,
             conformance,
             criticalFloor: floored,
             criticalMissing,
@@ -547,35 +778,43 @@ class SoulScanner {
     }
     /**
      * Generate or update SOUL.md with missing governance sections.
+     * Supports iterative hardening: if a domain heading exists but controls
+     * are failing, appends targeted remediation for those controls.
      */
     async hardenSoul(targetDir, options) {
         const dryRun = options?.dryRun ?? false;
-        // Run scan to find what is missing
-        const scanResult = await this.scanSoul(targetDir);
+        // Detect tier BEFORE hardening so we can pin it
+        const govFileCheck = this.findGovernanceFile(targetDir);
+        let existingContent = '';
+        if (govFileCheck) {
+            try {
+                existingContent = fs.readFileSync(govFileCheck, 'utf-8');
+            }
+            catch {
+                // File may not be readable
+            }
+        }
+        const preTier = this.detectTier(targetDir, existingContent);
+        const preProfile = options?.profile
+            ? options.profile.toLowerCase()
+            : this.detectProfile(existingContent);
         // Determine target file
-        const govFile = scanResult.file
-            ? path.join(targetDir, scanResult.file)
+        const govFile = govFileCheck
+            ? govFileCheck
             : path.join(targetDir, 'SOUL.md');
-        const existedBefore = scanResult.file !== null;
+        const existedBefore = govFileCheck !== null;
         const sectionsAdded = [];
         let controlsAdded = 0;
         // Build content to append
         let newContent = '';
         if (!existedBefore) {
-            // Create full SOUL.md from scratch
-            newContent += `# Agent Governance (SOUL)\n\nThis document defines the behavioral governance rules for this agent.\nGenerated by HackMyAgent scan-soul/harden-soul.\n\n`;
-        }
-        // Read existing content to avoid duplicating sections
-        let existingContent = '';
-        if (existedBefore) {
-            try {
-                existingContent = fs.readFileSync(govFile, 'utf-8');
-            }
-            catch {
-                // File may not be readable; treat as empty
-            }
+            // Create full SOUL.md from scratch with tier/profile markers
+            newContent += `# Agent Governance (SOUL)\n\n`;
+            newContent += `<!-- soul:tier=${preTier} -->\n`;
+            newContent += `<!-- soul:profile=${preProfile} -->\n\n`;
+            newContent += `This document defines the behavioral governance rules for this agent.\nGenerated by HackMyAgent scan-soul/harden-soul.\n\n`;
         }
-        // harden-soul generates all 8 domain sections (comprehensive / future-proof).
+        // harden-soul generates all 9 domain sections (comprehensive / future-proof).
         // scan-soul evaluates only tier-applicable controls; harden-soul adds them all
         // so the resulting SOUL.md is ready if the agent tier increases later.
         for (const domainName of DOMAIN_ORDER) {
@@ -586,14 +825,33 @@ class SoulScanner {
             const existingLower = existingContent.toLowerCase();
             const headingLower = template.heading.toLowerCase();
             if (existingLower.includes(headingLower)) {
-                // Domain heading exists -- skip to avoid overwriting user content.
+                // Domain heading exists -- check for failing controls (iterative hardening)
+                const domainDefs = CONTROL_DEFS.filter((d) => d.domain === domainName);
+                const failing = domainDefs.filter((def) => !this.checkControl(existingContent, def));
+                if (failing.length === 0)
+                    continue; // All controls pass, skip
+                // Append targeted remediation for failing controls
+                let remediation = `\n### ${domainName} (Additional Governance)\n`;
+                for (const def of failing) {
+                    if (def.remediation) {
+                        remediation += `\n${def.remediation}\n`;
+                    }
+                }
+                newContent += remediation;
+                sectionsAdded.push(`${domainName} (augmented: ${failing.length} controls)`);
+                controlsAdded += failing.length;
                 continue;
             }
             newContent += template.content + '\n';
             sectionsAdded.push(domainName);
-            // Count controls in this domain (all tiers, since we're adding comprehensive content)
-            const domainControls = CONTROL_DEFS.filter((d) => d.domain === domainName).length;
-            controlsAdded += domainControls;
+            // Count controls that actually pass with the template content
+            const domainDefs = CONTROL_DEFS.filter((d) => d.domain === domainName);
+            const actuallyPassing = domainDefs.filter((def) => this.checkControl(template.content, def)).length;
+            controlsAdded += actuallyPassing;
+        }
+        // Add tier/profile markers to existing files if not present
+        if (existedBefore && !existingContent.match(/<!--\s*soul:tier=/i)) {
+            newContent = `\n<!-- soul:tier=${preTier} -->\n<!-- soul:profile=${preProfile} -->\n` + newContent;
         }
         // Apply or preview
         if (!dryRun && newContent.length > 0) {