instar 1.2.69 → 1.2.70

package/dist/core/installCodexHooks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"installCodexHooks.d.ts","sourceRoot":"","sources":["../../src/core/installCodexHooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAKH,oFAAoF;AACpF,eAAO,MAAM,uBAAuB,0BAA0B,CAAC;AAE/D,UAAU,gBAAgB;IACxB,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AACD,UAAU,cAAc;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,gBAAgB,EAAE,CAAC;CAC3B;AAMD,2FAA2F;AAC3F,wBAAgB,0BAA0B,CACxC,UAAU,EAAE,MAAM,GACjB,MAAM,CAAC,MAAM,EAAE,cAAc,EAAE,CAAC,CA4ClC;AAQD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAwB5D"}
+{"version":3,"file":"installCodexHooks.d.ts","sourceRoot":"","sources":["../../src/core/installCodexHooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAKH,oFAAoF;AACpF,eAAO,MAAM,uBAAuB,0BAA0B,CAAC;AAE/D,UAAU,gBAAgB;IACxB,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AACD,UAAU,cAAc;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,gBAAgB,EAAE,CAAC;CAC3B;AAMD,2FAA2F;AAC3F,wBAAgB,0BAA0B,CACxC,UAAU,EAAE,MAAM,GACjB,MAAM,CAAC,MAAM,EAAE,cAAc,EAAE,CAAC,CAiDlC;AAQD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAwB5D"}

package/dist/core/installCodexHooks.js

@@ -66,9 +66,14 @@ export function buildInstarCodexHookGroups(projectDir) {
         PermissionRequest: [
             { matcher: '.*', hooks: [node('external-operation-gate.js')] },
         ],
-        // End-of-turn review: coherence/tone + deferral detection.
+        // End-of-turn review: coherence/tone + deferral + scope-coherence checkpoint.
+        // All three are framework-neutral (read stdin, POST to the local server). Codex
+        // honors `{decision:"block", reason}` on Stop (verified in the 0.133 binary's
+        // StopCommandOutputWire) — the same grounding-pause semantics as Claude, NOT a
+        // hard termination. scope-coherence defaults to `approve` and self-throttles
+        // (depth threshold + 30-min cooldown), so it can't loop an autonomous Codex run.
         Stop: [
-            { matcher: '', hooks: [{ ...node('response-review.js'), timeout: 10000 }, node('deferral-detector.js')] },
+            { matcher: '', hooks: [{ ...node('response-review.js'), timeout: 10000 }, node('deferral-detector.js'), node('scope-coherence-checkpoint.js')] },
         ],
         // Identity/context injection.
         SessionStart: [

package/dist/core/installCodexHooks.js.map

@@ -1 +1 @@
-{"version":3,"file":"installCodexHooks.js","sourceRoot":"","sources":["../../src/core/installCodexHooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,oFAAoF;AACpF,MAAM,CAAC,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;AAgB/D,2FAA2F;AAC3F,MAAM,UAAU,0BAA0B,CACxC,UAAkB;IAElB,MAAM,IAAI,GAAG,CAAC,MAAc,EAAoB,EAAE,CAAC,CAAC;QAClD,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,uBAAuB,EAAE,MAAM,CAAC,EAAE;QACzE,OAAO,EAAE,IAAI;KACd,CAAC,CAAC;IACH,MAAM,EAAE,GAAG,CAAC,MAAc,EAAoB,EAAE,CAAC,CAAC;QAChD,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,uBAAuB,EAAE,MAAM,CAAC,EAAE;QACzE,OAAO,EAAE,IAAI;KACd,CAAC,CAAC;IAEH,OAAO;QACL,8EAA8E;QAC9E,0EAA0E;QAC1E,wEAAwE;QACxE,gFAAgF;QAChF,gFAAgF;QAChF,6EAA6E;QAC7E,oFAAoF;QACpF,gFAAgF;QAChF,gFAAgF;QAChF,kFAAkF;QAClF,2BAA2B;QAC3B,UAAU,EAAE;YACV,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,4BAA4B,CAAC,EAAE,IAAI,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,+BAA+B,CAAC,CAAC,EAAE;SACtI;QACD,mEAAmE;QACnE,2EAA2E;QAC3E,iBAAiB,EAAE;YACjB,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC,EAAE;SAC/D;QACD,2DAA2D;QAC3D,IAAI,EAAE;YACJ,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,oBAAoB,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,CAAC,sBAAsB,CAAC,CAAC,EAAE;SAC1G;QACD,8BAA8B;QAC9B,YAAY,EAAE;YACZ,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC,EAAE;SACjD;QACD,gBAAgB,EAAE;YAChB,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,2BAA2B,CAAC,CAAC,EAAE;SAC1D;KACF,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAqB;IAC/C,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CACpF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACjD,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAEpD,IAAI,MAAM,GAAqB,EAAE,CAAC;IAClC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;YAC/D,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,MAAM,GAAG,MAA0B,CAAC;QAChF,CAAC;QAAC,MAAM,CAAC;YACP,qDAAqD;QACvD,CAAC;IACH,CAAC;IACD,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;IAEvD,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,UAAU,EAAE,GAAG,YAAY,CAAC,CAAC;IAClD,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACpE,OAAO,SAAS,CAAC;AACnB,CAAC"}
+{"version":3,"file":"installCodexHooks.js","sourceRoot":"","sources":["../../src/core/installCodexHooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,oFAAoF;AACpF,MAAM,CAAC,MAAM,uBAAuB,GAAG,uBAAuB,CAAC;AAgB/D,2FAA2F;AAC3F,MAAM,UAAU,0BAA0B,CACxC,UAAkB;IAElB,MAAM,IAAI,GAAG,CAAC,MAAc,EAAoB,EAAE,CAAC,CAAC;QAClD,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,uBAAuB,EAAE,MAAM,CAAC,EAAE;QACzE,OAAO,EAAE,IAAI;KACd,CAAC,CAAC;IACH,MAAM,EAAE,GAAG,CAAC,MAAc,EAAoB,EAAE,CAAC,CAAC;QAChD,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,uBAAuB,EAAE,MAAM,CAAC,EAAE;QACzE,OAAO,EAAE,IAAI;KACd,CAAC,CAAC;IAEH,OAAO;QACL,8EAA8E;QAC9E,0EAA0E;QAC1E,wEAAwE;QACxE,gFAAgF;QAChF,gFAAgF;QAChF,6EAA6E;QAC7E,oFAAoF;QACpF,gFAAgF;QAChF,gFAAgF;QAChF,kFAAkF;QAClF,2BAA2B;QAC3B,UAAU,EAAE;YACV,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,4BAA4B,CAAC,EAAE,IAAI,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,+BAA+B,CAAC,CAAC,EAAE;SACtI;QACD,mEAAmE;QACnE,2EAA2E;QAC3E,iBAAiB,EAAE;YACjB,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC,EAAE;SAC/D;QACD,8EAA8E;QAC9E,gFAAgF;QAChF,8EAA8E;QAC9E,+EAA+E;QAC/E,6EAA6E;QAC7E,iFAAiF;QACjF,IAAI,EAAE;YACJ,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,oBAAoB,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,CAAC,sBAAsB,CAAC,EAAE,IAAI,CAAC,+BAA+B,CAAC,CAAC,EAAE;SACjJ;QACD,8BAA8B;QAC9B,YAAY,EAAE;YACZ,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC,EAAE;SACjD;QACD,gBAAgB,EAAE;YAChB,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,2BAA2B,CAAC,CAAC,EAAE;SAC1D;KACF,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAqB;IAC/C,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CACpF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACjD,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAEpD,IAAI,MAAM,GAAqB,EAAE,CAAC;IAClC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;YAC/D,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,MAAM,GAAG,MAA0B,CAAC;QAChF,CAAC;QAAC,MAAM,CAAC;YACP,qDAAqD;QACvD,CAAC;IACH,CAAC;IACD,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;IAEvD,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,UAAU,EAAE,GAAG,YAAY,CAAC,CAAC;IAClD,CAAC;IAED,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACpE,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/providers/adapters/openai-codex/canary/codexHookContractCanary.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Codex hook-contract canary.
+ *
+ * The Codex enforcement layer (installCodexHooks → .codex/hooks.json) rests on
+ * a handful of load-bearing, empirically-won assumptions about Codex's hook
+ * contract. Two of them were silent-failure bugs we already paid for live
+ * (see docs/specs/codex-enforcement-hook-layer.md §P5c):
+ *   1. The PreToolUse `matcher` is a REGEX against the tool name — a bare `*`
+ *      matches NOTHING, so the guard silently never fires. It must be `.*`.
+ *   2. Codex's shell tool is `exec_command` and carries the command in
+ *      `tool_input.cmd` (not Claude's `tool_input.command`); the guard shim
+ *      reads both.
+ * If a future Codex version renames the hook events, drops PreToolUse, or
+ * changes the deny mechanism, the gates would silently no-op again — "looks
+ * installed, blocks nothing." This canary fails loudly instead.
+ *
+ * Two layers:
+ *   (A) DETERMINISTIC invariant lock (always runs, env-independent): asserts
+ *       buildInstarCodexHookGroups still emits the load-bearing shape — `.*`
+ *       matcher, dangerous-command-guard on PreToolUse, the full Stop review
+ *       trio. A refactor that regresses any of these fails the canary in CI.
+ *   (B) BEST-EFFORT live-binary contract check: if a codex binary is
+ *       resolvable on this host, read its embedded hook-event schema and
+ *       assert the events instar depends on (PreToolUse, PermissionRequest,
+ *       Stop, SessionStart, UserPromptSubmit) are still present. No binary →
+ *       status 'skip' for layer B (NOT fail — most hosts/CI have no codex).
+ *
+ * RULE 3.1 RATIONALE
+ *   Criticality: critical — a silent no-op guard is a false sense of safety on
+ *                Codex's main destructive surface (shell/exec).
+ *   Frequency:   startup/CI canary (deterministic layer is a unit-test drift lock;
+ *                binary layer is best-effort per host).
+ *   Stability:   semi-stable — Codex changes hook vocabulary across minor versions.
+ *   Fallback:    none — failure is a code-fix surface, surfaced via DegradationReporter.
+ *   Verdict:     deterministic structural assertion (A) + version-tolerant
+ *                binary-schema probe (B); no LLM fallback needed.
+ */
+/** Hook events instar's enforcement layer registers and depends on. */
+export declare const REQUIRED_CODEX_HOOK_EVENTS: readonly ["PreToolUse", "PermissionRequest", "Stop", "SessionStart", "UserPromptSubmit"];
+export interface CodexHookContractCanaryResult {
+    status: 'pass' | 'fail' | 'skip';
+    message: string;
+    details: {
+        /** Layer A — deterministic invariant lock. */
+        matcherIsRegex: boolean;
+        dangerousGuardOnPreToolUse: boolean;
+        stopReviewTrioWired: boolean;
+        /** Layer B — live-binary probe. */
+        binaryProbed: boolean;
+        binaryPath?: string;
+        missingEventsInBinary: string[];
+        failures: string[];
+    };
+}
+/**
+ * Resolve a codex binary path, best-effort. Returns null if none found —
+ * the binary layer is then skipped, not failed.
+ */
+export declare function resolveCodexBinaryForCanary(): string | null;
+/**
+ * Run the canary. Layer A is synchronous and always meaningful. Layer B
+ * probes a codex binary if one resolves; otherwise that layer is skipped.
+ */
+export declare function runCodexHookContractCanary(): CodexHookContractCanaryResult;
+//# sourceMappingURL=codexHookContractCanary.d.ts.map

package/dist/providers/adapters/openai-codex/canary/codexHookContractCanary.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"codexHookContractCanary.d.ts","sourceRoot":"","sources":["../../../../../src/providers/adapters/openai-codex/canary/codexHookContractCanary.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAQH,uEAAuE;AACvE,eAAO,MAAM,0BAA0B,0FAM7B,CAAC;AAEX,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE;QACP,8CAA8C;QAC9C,cAAc,EAAE,OAAO,CAAC;QACxB,0BAA0B,EAAE,OAAO,CAAC;QACpC,mBAAmB,EAAE,OAAO,CAAC;QAC7B,mCAAmC;QACnC,YAAY,EAAE,OAAO,CAAC;QACtB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,qBAAqB,EAAE,MAAM,EAAE,CAAC;QAChC,QAAQ,EAAE,MAAM,EAAE,CAAC;KACpB,CAAC;CACH;AAID;;;GAGG;AACH,wBAAgB,2BAA2B,IAAI,MAAM,GAAG,IAAI,CAqB3D;AAkBD;;;GAGG;AACH,wBAAgB,0BAA0B,IAAI,6BAA6B,CAqF1E"}

package/dist/providers/adapters/openai-codex/canary/codexHookContractCanary.js

@@ -0,0 +1,178 @@
+/**
+ * Codex hook-contract canary.
+ *
+ * The Codex enforcement layer (installCodexHooks → .codex/hooks.json) rests on
+ * a handful of load-bearing, empirically-won assumptions about Codex's hook
+ * contract. Two of them were silent-failure bugs we already paid for live
+ * (see docs/specs/codex-enforcement-hook-layer.md §P5c):
+ *   1. The PreToolUse `matcher` is a REGEX against the tool name — a bare `*`
+ *      matches NOTHING, so the guard silently never fires. It must be `.*`.
+ *   2. Codex's shell tool is `exec_command` and carries the command in
+ *      `tool_input.cmd` (not Claude's `tool_input.command`); the guard shim
+ *      reads both.
+ * If a future Codex version renames the hook events, drops PreToolUse, or
+ * changes the deny mechanism, the gates would silently no-op again — "looks
+ * installed, blocks nothing." This canary fails loudly instead.
+ *
+ * Two layers:
+ *   (A) DETERMINISTIC invariant lock (always runs, env-independent): asserts
+ *       buildInstarCodexHookGroups still emits the load-bearing shape — `.*`
+ *       matcher, dangerous-command-guard on PreToolUse, the full Stop review
+ *       trio. A refactor that regresses any of these fails the canary in CI.
+ *   (B) BEST-EFFORT live-binary contract check: if a codex binary is
+ *       resolvable on this host, read its embedded hook-event schema and
+ *       assert the events instar depends on (PreToolUse, PermissionRequest,
+ *       Stop, SessionStart, UserPromptSubmit) are still present. No binary →
+ *       status 'skip' for layer B (NOT fail — most hosts/CI have no codex).
+ *
+ * RULE 3.1 RATIONALE
+ *   Criticality: critical — a silent no-op guard is a false sense of safety on
+ *                Codex's main destructive surface (shell/exec).
+ *   Frequency:   startup/CI canary (deterministic layer is a unit-test drift lock;
+ *                binary layer is best-effort per host).
+ *   Stability:   semi-stable — Codex changes hook vocabulary across minor versions.
+ *   Fallback:    none — failure is a code-fix surface, surfaced via DegradationReporter.
+ *   Verdict:     deterministic structural assertion (A) + version-tolerant
+ *                binary-schema probe (B); no LLM fallback needed.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+import { execFileSync } from 'node:child_process';
+import { buildInstarCodexHookGroups } from '../../../../core/installCodexHooks.js';
+/** Hook events instar's enforcement layer registers and depends on. */
+export const REQUIRED_CODEX_HOOK_EVENTS = [
+    'PreToolUse',
+    'PermissionRequest',
+    'Stop',
+    'SessionStart',
+    'UserPromptSubmit',
+];
+const PROBE_PROJECT_DIR = '/tmp/__codex_hook_canary__';
+/**
+ * Resolve a codex binary path, best-effort. Returns null if none found —
+ * the binary layer is then skipped, not failed.
+ */
+export function resolveCodexBinaryForCanary() {
+    // 1. asdf shim / PATH lookup (the host's real, doc-matching codex).
+    for (const probe of ['codex']) {
+        try {
+            const out = execFileSync('which', [probe], { encoding: 'utf-8', stdio: ['ignore', 'pipe', 'ignore'] }).trim();
+            if (out && fs.existsSync(out))
+                return out;
+        }
+        catch {
+            /* not on PATH */
+        }
+    }
+    // 2. Known npm-global vendor locations (asdf node installs).
+    const home = os.homedir();
+    const candidates = [
+        '/usr/local/bin/codex',
+        '/opt/homebrew/bin/codex',
+        path.join(home, '.asdf', 'shims', 'codex'),
+    ];
+    for (const c of candidates) {
+        if (fs.existsSync(c))
+            return c;
+    }
+    return null;
+}
+/**
+ * Read a (possibly large) binary and test whether its embedded hook-event
+ * schema enumerates the given event name. We look for the quoted event name
+ * adjacent to the schema's hook-event vocabulary rather than anywhere in the
+ * file, to avoid coincidental matches. Tolerant: returns true on match.
+ */
+function binaryDeclaresEvent(binaryText, event) {
+    // The schema serializes events as `"const": "PreToolUse"` (HookSpecificOutput
+    // wires) and as enum members `"PreToolUse"` inside HookEventNameWire. Either
+    // form proves the event is part of the contract.
+    return (binaryText.includes(`"const": "${event}"`) ||
+        binaryText.includes(`"${event}"`));
+}
+/**
+ * Run the canary. Layer A is synchronous and always meaningful. Layer B
+ * probes a codex binary if one resolves; otherwise that layer is skipped.
+ */
+export function runCodexHookContractCanary() {
+    const failures = [];
+    // ---- Layer A: deterministic invariant lock ----
+    const groups = buildInstarCodexHookGroups(PROBE_PROJECT_DIR);
+    const preMatcher = groups.PreToolUse?.[0]?.matcher;
+    const matcherIsRegex = preMatcher === '.*';
+    if (!matcherIsRegex) {
+        failures.push(`PreToolUse matcher is '${preMatcher}', expected '.*' (a bare '*' matches nothing — gate would silently never fire)`);
+    }
+    const preCommands = (groups.PreToolUse?.[0]?.hooks ?? []).map((h) => h.command);
+    const dangerousGuardOnPreToolUse = preCommands.some((c) => c.includes('dangerous-command-guard.sh'));
+    if (!dangerousGuardOnPreToolUse) {
+        failures.push('dangerous-command-guard.sh missing from PreToolUse — Codex shell/exec would pass ungated');
+    }
+    const stopCommands = (groups.Stop?.[0]?.hooks ?? []).map((h) => h.command);
+    const stopReviewTrioWired = stopCommands.some((c) => c.includes('response-review.js')) &&
+        stopCommands.some((c) => c.includes('deferral-detector.js')) &&
+        stopCommands.some((c) => c.includes('scope-coherence-checkpoint.js'));
+    if (!stopReviewTrioWired) {
+        failures.push('Stop review trio incomplete — expected response-review + deferral-detector + scope-coherence-checkpoint');
+    }
+    // ---- Layer B: best-effort live-binary contract probe ----
+    const binaryPath = resolveCodexBinaryForCanary();
+    let binaryProbed = false;
+    const missingEventsInBinary = [];
+    if (binaryPath) {
+        try {
+            const text = fs.readFileSync(binaryPath, 'latin1');
+            // Sanity: only treat it as a probe if the binary actually carries the
+            // hook schema (resolves the "wrong binary" / shim-script case gracefully).
+            const looksLikeCodexHooks = text.includes('hook_event_name') || text.includes('HookEventNameWire');
+            if (looksLikeCodexHooks) {
+                binaryProbed = true;
+                for (const ev of REQUIRED_CODEX_HOOK_EVENTS) {
+                    if (!binaryDeclaresEvent(text, ev))
+                        missingEventsInBinary.push(ev);
+                }
+                if (missingEventsInBinary.length > 0) {
+                    failures.push(`codex binary (${binaryPath}) no longer declares hook events: ${missingEventsInBinary.join(', ')} — the enforcement layer would not fire`);
+                }
+            }
+            // If it doesn't look like a hooks-capable codex (e.g. a shim wrapper or
+            // an old version), leave binaryProbed=false → layer B skipped, not failed.
+        }
+        catch {
+            // Unreadable binary → skip layer B rather than fail.
+        }
+    }
+    const layerASolid = matcherIsRegex && dangerousGuardOnPreToolUse && stopReviewTrioWired;
+    let status;
+    let message;
+    if (failures.length > 0) {
+        status = 'fail';
+        message = `codex hook-contract canary: FAILED — ${failures.join('; ')}`;
+    }
+    else if (!binaryProbed) {
+        // Layer A passed but no codex binary to confirm the live contract.
+        status = 'skip';
+        message = layerASolid
+            ? 'codex hook-contract canary: invariants intact (no codex binary on host — live-contract probe skipped)'
+            : 'codex hook-contract canary: invariants intact';
+    }
+    else {
+        status = 'pass';
+        message = `codex hook-contract canary: invariants intact + binary (${binaryPath}) declares all required hook events`;
+    }
+    return {
+        status,
+        message,
+        details: {
+            matcherIsRegex,
+            dangerousGuardOnPreToolUse,
+            stopReviewTrioWired,
+            binaryProbed,
+            binaryPath: binaryPath ?? undefined,
+            missingEventsInBinary,
+            failures,
+        },
+    };
+}
+//# sourceMappingURL=codexHookContractCanary.js.map

package/dist/providers/adapters/openai-codex/canary/codexHookContractCanary.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"codexHookContractCanary.js","sourceRoot":"","sources":["../../../../../src/providers/adapters/openai-codex/canary/codexHookContractCanary.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,0BAA0B,EAAE,MAAM,uCAAuC,CAAC;AAEnF,uEAAuE;AACvE,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,YAAY;IACZ,mBAAmB;IACnB,MAAM;IACN,cAAc;IACd,kBAAkB;CACV,CAAC;AAkBX,MAAM,iBAAiB,GAAG,4BAA4B,CAAC;AAEvD;;;GAGG;AACH,MAAM,UAAU,2BAA2B;IACzC,oEAAoE;IACpE,KAAK,MAAM,KAAK,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9G,IAAI,GAAG,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,OAAO,GAAG,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,iBAAiB;QACnB,CAAC;IACH,CAAC;IACD,6DAA6D;IAC7D,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAC1B,MAAM,UAAU,GAAG;QACjB,sBAAsB;QACtB,yBAAyB;QACzB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KAC3C,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;YAAE,OAAO,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,UAAkB,EAAE,KAAa;IAC5D,8EAA8E;IAC9E,6EAA6E;IAC7E,iDAAiD;IACjD,OAAO,CACL,UAAU,CAAC,QAAQ,CAAC,aAAa,KAAK,GAAG,CAAC;QAC1C,UAAU,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG,CAAC,CAClC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,kDAAkD;IAClD,MAAM,MAAM,GAAG,0BAA0B,CAAC,iBAAiB,CAAC,CAAC;IAE7D,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC;IACnD,MAAM,cAAc,GAAG,UAAU,KAAK,IAAI,CAAC;IAC3C,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,QAAQ,CAAC,IAAI,CAAC,0BAA0B,UAAU,gFAAgF,CAAC,CAAC;IACtI,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAChF,MAAM,0BAA0B,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAC,CAAC;IACrG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC,0FAA0F,CAAC,CAAC;IAC5G,CAAC;IAED,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,mBAAmB,GACvB,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QAC1D,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;QAC5D,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,+BAA+B,CAAC,CAAC,CAAC;IACxE,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC,yGAAyG,CAAC,CAAC;IAC3H,CAAC;IAED,4DAA4D;IAC5D,MAAM,UAAU,GAAG,2BAA2B,EAAE,CAAC;IACjD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,MAAM,qBAAqB,GAAa,EAAE,CAAC;IAE3C,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACnD,sEAAsE;YACtE,2EAA2E;YAC3E,MAAM,mBAAmB,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;YACnG,IAAI,mBAAmB,EAAE,CAAC;gBACxB,YAAY,GAAG,IAAI,CAAC;gBACpB,KAAK,MAAM,EAAE,IAAI,0BAA0B,EAAE,CAAC;oBAC5C,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,EAAE,CAAC;wBAAE,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACrE,CAAC;gBACD,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,UAAU,qCAAqC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;gBAC3J,CAAC;YACH,CAAC;YACD,wEAAwE;YACxE,2EAA2E;QAC7E,CAAC;QAAC,MAAM,CAAC;YACP,qDAAqD;QACvD,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,IAAI,0BAA0B,IAAI,mBAAmB,CAAC;IACxF,IAAI,MAA+C,CAAC;IACpD,IAAI,OAAe,CAAC;IAEpB,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,GAAG,MAAM,CAAC;QAChB,OAAO,GAAG,wCAAwC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;IAC1E,CAAC;SAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACzB,mEAAmE;QACnE,MAAM,GAAG,MAAM,CAAC;QAChB,OAAO,GAAG,WAAW;YACnB,CAAC,CAAC,uGAAuG;YACzG,CAAC,CAAC,+CAA+C,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,MAAM,CAAC;QAChB,OAAO,GAAG,2DAA2D,UAAU,qCAAqC,CAAC;IACvH,CAAC;IAED,OAAO;QACL,MAAM;QACN,OAAO;QACP,OAAO,EAAE;YACP,cAAc;YACd,0BAA0B;YAC1B,mBAAmB;YACnB,YAAY;YACZ,UAAU,EAAE,UAAU,IAAI,SAAS;YACnC,qBAAqB;YACrB,QAAQ;SACT;KACF,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "instar",
-  "version": "1.2.69",
+  "version": "1.2.70",
   "description": "Coherence infrastructure for self-evolving AI agents — on the Claude Code or Codex subscription you already have.",
   "type": "module",
   "main": "dist/index.js",

package/src/data/builtin-manifest.json

@@ -1,8 +1,8 @@
 {
   "$schema": "./builtin-manifest.schema.json",
   "schemaVersion": 1,
-  "generatedAt": "2026-05-25T03:15:08.421Z",
-  "instarVersion": "1.2.69",
+  "generatedAt": "2026-05-25T03:32:30.612Z",
+  "instarVersion": "1.2.70",
   "entryCount": 191,
   "entries": {
     "hook:session-start": {

package/upgrades/1.2.70.md

@@ -0,0 +1,72 @@
+# Upgrade Guide — vNEXT
+
+<!-- bump: patch -->
+<!-- patch = bug fixes, refactors, test additions, doc updates -->
+
+## What Changed
+
+Two pieces of Codex-parity hardening on the enforcement-hook layer, both within
+the approved spec (`docs/specs/codex-enforcement-hook-layer.md`):
+
+1. **Scope-coherence checkpoint now runs on Codex.** `installCodexHooks` wires
+   `scope-coherence-checkpoint.js` into Codex's `Stop` event, joining the
+   `response-review` + `deferral-detector` pair already there. This completes the
+   spec §4.1 Stop mapping ("deferral / scope checkpoint → Stop") — previously only
+   deferral was wired. The script is framework-neutral (reads stdin, POSTs to the
+   local server) and Codex honors `{decision:"block", reason}` on `Stop` (verified
+   in the 0.133 binary's `StopCommandOutputWire`), so it gives Codex agents the same
+   structural "zoom out and re-read scope" grounding pause Claude agents get — not a
+   hard termination. It defaults to approve and self-throttles (depth threshold +
+   30-minute cooldown), so it cannot loop an autonomous run. Existing Codex agents
+   pick it up on update: the script already ships via always-overwrite migration and
+   `migrateHooks` re-runs `installCodexHooks` for codex-cli agents.
+
+2. **A hook-contract drift canary** (`codexHookContractCanary.ts`). Layer A is an
+   env-independent invariant lock: it asserts the Codex hook config still has the
+   load-bearing shape that two earlier live silent-no-op bugs taught us to protect —
+   the `.*` tool matcher (a bare `*` matches nothing), `dangerous-command-guard` on
+   PreToolUse, and the full Stop review trio. A refactor that regresses any of these
+   fails CI. Layer B is best-effort: when a real codex binary is resolvable, it reads
+   the binary's embedded hook-event schema and confirms the events instar depends on
+   are still declared (catching real Codex-side contract drift). No binary present →
+   the binary layer skips rather than fails.
+
+Also recorded honestly: a WIP that would have wired compaction-recovery to Codex's
+`PostCompact` event was set aside after verifying against the 0.133 binary schema
+that `PostCompact` has no `additionalContext` field — the only channel that
+re-injects context into the model. It would have installed a hook that does nothing.
+Codex compaction-recovery parity needs a different mechanism and is tracked.
+
+## What to Tell Your User
+
+- **Codex agents now get the same scope-grounding check Claude agents have**: "When
+  I've been heads-down implementing for a long stretch, I now get a structural nudge
+  to step back and re-check I'm building the right thing — on the Codex engine too,
+  not just on Claude."
+- **A watchdog for the Codex safety guards**: "There's now an automatic check that
+  notices if the Codex safety guards ever stop firing or if Codex changes its format
+  underneath us — so a guard can't silently turn into a no-op without us catching it."
+- Nothing for you to do — both ship automatically on update.
+
+## Summary of New Capabilities
+
+| Capability | How to Use |
+|-----------|-----------|
+| Scope-coherence checkpoint on Codex Stop | Automatic (installed via init + update migration) |
+| Codex hook-contract drift canary | Automatic (CI invariant lock; best-effort binary probe) |
+
+## Evidence
+
+- **Codex Stop schema honors `decision:block`**: verified directly against the
+  codex-cli 0.133.0 binary — `strings` shows `StopCommandOutputWire` plus the error
+  string `"Stop hook returned decision:block without a non-empty reason"`, confirming
+  the block-with-reason contract the scope-coherence script relies on.
+- **PostCompact cannot re-inject context** (why that WIP was dropped): the binary's
+  `post-compact.command.output` schema enumerates only `continue/stopReason/`
+  `suppressOutput/systemMessage` — no `additionalContext`. Only the `SessionStart`
+  and `UserPromptSubmit` output wires carry `additionalContext`, and `SessionStart`
+  triggers are `startup/resume/clear` (no `compact`). Verified by extracting the
+  embedded JSON schema from the binary.
+- **Tests**: `installCodexHooks.test.ts` 8 green (incl. new Stop-trio assertion);
+  `codexHookContractCanary.test.ts` 6 green (layer-A invariants always asserted;
+  layer-B skip-not-fail with no binary). `tsc` clean.

package/upgrades/side-effects/codex-parity-canary-scope-coherence.md

@@ -0,0 +1,34 @@
+# Side-Effects Review: Codex parity — Stop scope-coherence + hook-contract canary (P6)
+
+## Change
+Two changes to the Codex enforcement layer, both within the approved spec (`docs/specs/codex-enforcement-hook-layer.md`):
+
+1. **`installCodexHooks.ts`** — added `scope-coherence-checkpoint.js` to the Codex `Stop` event, alongside the existing `response-review.js` + `deferral-detector.js`. Completes the spec §4.1 mapping ("deferral / scope checkpoint → Stop"), which previously wired only deferral.
+2. **`codexHookContractCanary.ts`** (new) — the P6 hook-contract drift canary. Two layers: (A) a deterministic, env-independent invariant lock asserting `buildInstarCodexHookGroups` still emits the load-bearing shape (`.*` matcher, `dangerous-command-guard` on PreToolUse, the full Stop review trio); (B) a best-effort probe of a resolvable codex binary's embedded hook-event schema, asserting the events instar depends on are still declared.
+
+## Why
+- **Scope-coherence on Stop**: the spec intends it; without it, Codex agents drift deep into implementation without the structural zoom-out that Claude agents get. The script is framework-neutral (reads stdin, POSTs to the local server) and Codex honors `{decision:'block', reason}` on Stop (verified in the 0.133 binary's `StopCommandOutputWire`). Same grounding-pause semantics as Claude — not a hard termination.
+- **Canary**: P5c paid for two silent-no-op bugs live (a `*` matcher that matched nothing; the `cmd` vs `command` field). Layer A is the regression lock against that exact class — a refactor that regresses any invariant fails CI. Layer B catches real Codex-side drift (renamed/dropped hook events) when a binary is present.
+
+## Scope / blast radius
+- `scope-coherence-checkpoint.js` already ships to all agents via always-overwrite migration (`PostUpdateMigrator` line ~1698) and `installCodexHooks` is called from `migrateHooks` gated on codex-cli (line ~1655) — so existing Codex agents pick up the new Stop wiring on update (migration parity satisfied, no new migration needed). `validateHookReferences` guards against a dangling reference.
+- The canary is invoked only from its unit test (the established pattern for the existing Codex canaries — CI drift lock), so it adds zero runtime cost on the hot path.
+
+## Signal vs Authority
+- Unchanged. scope-coherence is a low-context Stop-trigger that routes to the server; it never holds blocking authority of its own beyond the existing grounding-pause. The canary is pure verification — no authority, no runtime gating.
+
+## Over-block / autonomy risk
+- scope-coherence defaults to `approve` and self-throttles (depth threshold + 30-min cooldown), so it cannot loop an autonomous Codex run. The deferral-detector already runs on Codex Stop the same way (proven-compatible precedent).
+
+## Honesty note — PostCompact NOT shipped
+- A WIP that wired `compaction-recovery.sh` to Codex's `PostCompact` event was set aside this session after verifying (against the 0.133 binary schema) that `PostCompact` exposes only `continue/stopReason/suppressOutput/systemMessage` — no `additionalContext`, the only field that re-injects context. Only `SessionStart`/`UserPromptSubmit` carry it, and Codex's `SessionStart` triggers are `startup/resume/clear` (no `compact`). So that wiring would have installed a hook that cannot re-inject identity — dead on arrival. Compaction-recovery parity on Codex needs a different mechanism; tracked, not shipped.
+
+## Rollback
+- Revert the one-line `Stop` array edit + delete the canary module + test. No data migration, no config change.
+
+## Tests
+- `installCodexHooks.test.ts`: +1 test asserting the full Stop review trio (response-review + deferral + scope-coherence). 8 green.
+- `codexHookContractCanary.test.ts`: 6 tests — layer-A invariants always asserted; layer-B skip-not-fail when no binary; binary-probed branch asserts all required events. Green.
+
+## Publish
+- Feature branch `echo/codex-parity-audit`. Targets a patch release on merge.