job-forge 2.14.14 → 2.14.15

package/README.md

@@ -76,7 +76,7 @@ JobForge turns opencode into a full job search command center. Instead of manual
 | **Durable Batch Orchestration** | `batch-runner.sh` uses `@razroo/iso-orchestrator` for resumable bundle execution, bounded fan-out, mutexed state writes, and workflow records in `.jobforge-runs/`. |
 | **Pipeline Integrity** | Automated merge, dedup, status normalization, health checks |
 | **Cost-Aware Agent Routing** | Three subagents (`@general-free`, `@general-paid`, `@glm-minimal`) with per-task tool surfaces. On OpenCode, JobForge pins all tiers to `opencode-go/deepseek-v4-flash` so application runs avoid overloaded free-model pools. See [Subagent Routing in AGENTS.md](AGENTS.md) for the task-to-agent mapping. |
-| **Trace + Telemetry** | `job-forge trace:*` exposes local OpenCode transcripts, and `job-forge telemetry:*` summarizes runs, child outcomes, provider errors, and pending tracker TSVs. |
+| **Trace + Telemetry + Guard** | `job-forge trace:*` exposes local OpenCode transcripts, `job-forge telemetry:*` summarizes runs, and `job-forge guard:*` audits deterministic JobForge policy rules with `@razroo/iso-guard`. |
 | **Token Cost Visibility** | `job-forge tokens --days 1` for per-session breakdown; `job-forge session-report --since-minutes 60 --log` to flag sessions over budget and append history to `data/token-usage.tsv`. Auto-logged after every batch run. |
 
 ## Usage

package/bin/create-job-forge.mjs

@@ -117,6 +117,8 @@ const consumerPkg = {
     'telemetry:status': 'job-forge telemetry:status',
     'telemetry:show': 'job-forge telemetry:show',
     'telemetry:watch': 'job-forge telemetry:watch',
+    'guard:audit': 'job-forge guard:audit',
+    'guard:explain': 'job-forge guard:explain',
     // One command to pull the latest harness and any locally-pinned MCP
     // packages. npm update is a no-op on packages not in package.json, so
     // listing @razroo/gmail-mcp + @geometra/mcp is safe for consumers that

package/bin/job-forge.mjs

@@ -19,6 +19,7 @@
  *   tokens         Run scripts/token-usage-report.mjs
  *   trace:*        Inspect local agent transcripts via iso-trace
  *   telemetry:*    Summarize JobForge pipeline status from traces + tracker files
+ *   guard:*        Audit JobForge trace policy with iso-guard
  *   sync           Re-run the harness symlink sync (bin/sync.mjs)
  *   help, --help   Show this message
  */
@@ -68,6 +69,11 @@ const telemetryAliases = {
   'telemetry:watch': 'watch',
 };
 
+const guardAliases = {
+  'guard:audit': 'audit',
+  'guard:explain': 'explain',
+};
+
 const [, , cmd, ...rest] = process.argv;
 
 function printHelp() {
@@ -92,6 +98,8 @@ Commands:
   telemetry:status  Show latest JobForge run + pending tracker state
   telemetry:show ID Show one run with child sessions, provider errors, next actions
   telemetry:watch   Watch latest run status
+  guard:audit        Audit latest/local trace policy with iso-guard
+  guard:explain      Show the active iso-guard policy
   sync           Re-create harness symlinks in the current project
 
 Deterministic helpers (prefer these over LLM-derived values):
@@ -118,6 +126,8 @@ Pass --help after a command to see its own flags, e.g.:
   job-forge trace:show ses_...
   job-forge telemetry:status
   job-forge telemetry:show ses_...
+  job-forge guard:audit
+  job-forge guard:explain
 
 Project directory resolves to $JOB_FORGE_PROJECT or cwd.`);
 }
@@ -157,6 +167,21 @@ if (cmd === 'telemetry' || telemetryAliases[cmd]) {
   process.exit(result.status ?? 1);
 }
 
+if (cmd === 'guard' || guardAliases[cmd]) {
+  const guardArgs = cmd === 'guard'
+    ? (rest.length === 0 ? ['help'] : rest)
+    : [guardAliases[cmd], ...rest];
+
+  const scriptPath = join(PKG_ROOT, 'scripts/guard.mjs');
+  const result = spawnSync(process.execPath, [scriptPath, ...guardArgs], {
+    stdio: 'inherit',
+    cwd: PROJECT_DIR,
+    env: process.env,
+  });
+
+  process.exit(result.status ?? 1);
+}
+
 const rel = commands[cmd];
 if (!rel) {
   console.error(`Unknown command: ${cmd}\n`);

package/docs/ARCHITECTURE.md

@@ -209,6 +209,7 @@ Scripts maintain data consistency. In a consumer project they're invoked via the
 | `scripts/token-usage-report.mjs` | `npx job-forge tokens` | Per-session opencode token/cost report from the SQLite DB |
 | `scripts/trace.mjs` | `npx job-forge trace:list` / `trace:stats` / `trace:show` | Local transcript observability via `@razroo/iso-trace`; common commands default to OpenCode sessions for the consumer project |
 | `scripts/telemetry.mjs` | `npx job-forge telemetry:status` / `telemetry:show` | JobForge operational telemetry derived from OpenCode traces plus tracker TSV state |
+| `scripts/guard.mjs` | `npx job-forge guard:audit` / `guard:explain` | Deterministic `@razroo/iso-guard` policy audits over local OpenCode traces |
 | `tracker-lib.mjs` | _(library)_ | Shared helpers for reading/writing day-based tracker files — imported by merge/dedup/verify/normalize |
 | `bin/sync.mjs` | `npx job-forge sync` | Creates the harness symlinks in a consumer project (also runs as `postinstall`) |
 | `bin/create-job-forge.mjs` | `npx create-job-forge <dir>` | Scaffolds a new personal project |

package/docs/CUSTOMIZATION.md

@@ -125,6 +125,18 @@ npx job-forge telemetry:watch
 
 Telemetry is also local-only and passive. It reads OpenCode's SQLite DB and files under `batch/tracker-additions/`; agents do not need to remember to emit custom events.
 
+## JobForge guard audits
+
+Guard audits run deterministic `@razroo/iso-guard` policies over the same local OpenCode traces. The default policy lives at `templates/guards/jobforge-baseline.yaml` and checks rules that are reliable from transcript data, including max two task dispatches per assistant message, no task-status polling via `task`, no raw proxy configuration in task prompts, and no child session task recursion.
+
+```bash
+npx job-forge guard:audit
+npx job-forge guard:audit <session-id-or-prefix>
+npx job-forge guard:explain
+```
+
+Use `--policy <path>` to audit with a custom policy. This does not add prompt, token, or MCP overhead; JobForge converts local trace rows into guard events inside the CLI process.
+
 **Where Claude Code writes JSONL:** `~/.claude/projects/<encoded-cwd>/*.jsonl`.
 
 **Direct CLI fallback:** `npx -y @razroo/iso-trace@latest stats --source "$HOME/.claude/projects/<encoded-dir>/<session>.jsonl"`

package/docs/README.md

@@ -31,7 +31,7 @@ The harness exposes a single CLI (`job-forge`) installed as a `bin` entry. In a
 
 | What you need | Where to read |
 |---------------|---------------|
-| Full command list (`verify`, `merge`, `dedup`, `normalize`, `pdf`, `sync-check`, `tokens`, `sync`). | [SETUP.md — Tracker and scripts (terminal)](SETUP.md#tracker-and-scripts-terminal). |
+| Full command list (`verify`, `merge`, `dedup`, `normalize`, `pdf`, `sync-check`, `tokens`, `trace`, `telemetry`, `guard`, `sync`). | [SETUP.md — Tracker and scripts (terminal)](SETUP.md#tracker-and-scripts-terminal). |
 | What each harness `.mjs` script does. | [ARCHITECTURE.md — Pipeline integrity](ARCHITECTURE.md#pipeline-integrity) and the scripts table underneath. |
 | Batch runner, TSV layout, and `batch/tracker-additions/` merge flow. | [batch/README.md](../batch/README.md). |
 | PR gate for harness contributions (`npm run verify` + `npm run build:dashboard`). | [CONTRIBUTING.md — Development](../CONTRIBUTING.md#development). |

package/docs/SETUP.md

@@ -136,6 +136,8 @@ From your project root, these commands maintain the tracker and pipeline checks.
 | List recent JobForge runs with outcomes/issues | `npx job-forge telemetry:list` | `npm run telemetry:list` |
 | Show latest run status + pending TSVs | `npx job-forge telemetry:status` | `npm run telemetry:status` |
 | Show one JobForge run by session id/prefix | `npx job-forge telemetry:show <id>` | `npm run telemetry:show -- <id>` |
+| Audit latest JobForge trace policy | `npx job-forge guard:audit` | `npm run guard:audit` |
+| Show the active guard policy | `npx job-forge guard:explain` | `npm run guard:explain` |
 | Re-create harness symlinks | `npx job-forge sync` | `npm run sync` |
 | Build optional dashboard TUI (Go on `PATH`) | `(cd node_modules/job-forge/dashboard && go build .)` | `npm run build:dashboard` (harness repo only) |
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "job-forge",
-  "version": "2.14.14",
+  "version": "2.14.15",
   "description": "AI-powered job search pipeline built on opencode",
   "type": "module",
   "bin": {
@@ -25,6 +25,8 @@
     "telemetry:status": "node bin/job-forge.mjs telemetry:status",
     "telemetry:show": "node bin/job-forge.mjs telemetry:show",
     "telemetry:watch": "node bin/job-forge.mjs telemetry:watch",
+    "guard:audit": "node bin/job-forge.mjs guard:audit",
+    "guard:explain": "node bin/job-forge.mjs guard:explain",
     "plan": "iso plan .",
     "lint:agentmd": "agentmd lint iso/instructions.md",
     "lint:modes": "isolint lint modes/",
@@ -89,6 +91,7 @@
     "node": ">=20.6.0"
   },
   "dependencies": {
+    "@razroo/iso-guard": "^0.1.0",
     "@razroo/iso-orchestrator": "^0.1.0",
     "@razroo/iso-trace": "^0.4.0",
     "playwright": "^1.58.1"

package/scripts/guard.mjs

@@ -0,0 +1,404 @@
+#!/usr/bin/env node
+
+import { spawnSync } from 'child_process';
+import { existsSync } from 'fs';
+import { dirname, join, relative, resolve } from 'path';
+import { fileURLToPath } from 'url';
+import { audit, formatAuditResult, formatPolicyExplanation, loadPolicy, resultFails } from '@razroo/iso-guard';
+import { defaultOpenCodeDbPath, findSessionById, parseSinceCutoff } from '@razroo/iso-trace';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const PKG_ROOT = resolve(__dirname, '..');
+const PROJECT_DIR = process.env.JOB_FORGE_PROJECT || process.cwd();
+const DEFAULT_SINCE = '24h';
+
+const USAGE = `job-forge guard - deterministic JobForge policy audits over local OpenCode traces
+
+Usage:
+  job-forge guard:audit [latest|<id-or-prefix>] [--since 24h] [--cwd <dir>] [--policy <path>] [--json] [--fail-on error|warn|off] [--root-only]
+  job-forge guard:explain [--policy <path>] [--json]
+
+The default policy is templates/guards/jobforge-baseline.yaml. Guard audits are
+local-only and passive: JobForge converts OpenCode SQLite rows into iso-guard
+events and never asks agents or MCPs to emit extra telemetry.`;
+
+const [cmd = 'help', ...args] = process.argv.slice(2);
+
+function defaultPolicyPath() {
+  return join(PKG_ROOT, 'templates/guards/jobforge-baseline.yaml');
+}
+
+function parseArgs(rawArgs, { allowSession = false } = {}) {
+  const opts = {
+    since: DEFAULT_SINCE,
+    cwd: PROJECT_DIR,
+    policy: defaultPolicyPath(),
+    json: false,
+    failOn: 'error',
+    includeChildren: true,
+  };
+  const positional = [];
+
+  for (let i = 0; i < rawArgs.length; i++) {
+    const arg = rawArgs[i];
+    if (arg === '--since') {
+      opts.since = valueAfter(rawArgs, ++i, '--since');
+    } else if (arg.startsWith('--since=')) {
+      opts.since = arg.slice('--since='.length);
+    } else if (arg === '--cwd') {
+      opts.cwd = valueAfter(rawArgs, ++i, '--cwd');
+    } else if (arg.startsWith('--cwd=')) {
+      opts.cwd = arg.slice('--cwd='.length);
+    } else if (arg === '--policy') {
+      opts.policy = valueAfter(rawArgs, ++i, '--policy');
+    } else if (arg.startsWith('--policy=')) {
+      opts.policy = arg.slice('--policy='.length);
+    } else if (arg === '--fail-on') {
+      opts.failOn = valueAfter(rawArgs, ++i, '--fail-on');
+    } else if (arg.startsWith('--fail-on=')) {
+      opts.failOn = arg.slice('--fail-on='.length);
+    } else if (arg === '--json') {
+      opts.json = true;
+    } else if (arg === '--root-only') {
+      opts.includeChildren = false;
+    } else if (arg === '--help' || arg === '-h') {
+      opts.help = true;
+    } else if (arg.startsWith('--')) {
+      opts.error = `unknown flag "${arg}"`;
+    } else if (allowSession) {
+      positional.push(arg);
+    } else {
+      opts.error = `unexpected argument "${arg}"`;
+    }
+  }
+
+  opts.cwd = resolve(opts.cwd || PROJECT_DIR);
+  opts.policy = resolve(opts.policy || defaultPolicyPath());
+  if (!['error', 'warn', 'off'].includes(opts.failOn)) {
+    opts.error = '--fail-on must be one of: error, warn, off';
+  }
+  return { opts, positional };
+}
+
+function valueAfter(values, index, flag) {
+  const value = values[index];
+  if (!value || value.startsWith('--')) throw new Error(`${flag} requires a value`);
+  return value;
+}
+
+function queryOpenCodeDb(dbPath, sql) {
+  const result = spawnSync('sqlite3', ['-json', dbPath, sql], {
+    encoding: 'utf8',
+    maxBuffer: 32 * 1024 * 1024,
+  });
+  if ((result.status ?? 0) !== 0) {
+    const detail = result.stderr?.trim() || result.stdout?.trim() || `exit ${result.status ?? 1}`;
+    throw new Error(`job-forge guard: sqlite3 query failed: ${detail}`);
+  }
+  return JSON.parse(result.stdout || '[]');
+}
+
+function sqlString(value) {
+  return `'${String(value).replaceAll("'", "''")}'`;
+}
+
+function msToIso(ms) {
+  return new Date(Number(ms)).toISOString();
+}
+
+function discoverSessions(opts, { includeAllForShow = false } = {}) {
+  const dbPath = defaultOpenCodeDbPath();
+  if (!existsSync(dbPath)) return [];
+
+  const where = [
+    's.time_archived is null',
+    `s.directory = ${sqlString(opts.cwd)}`,
+  ];
+  const sinceMs = includeAllForShow ? undefined : parseSinceCutoff(opts.since);
+  if (sinceMs !== undefined) where.push(`s.time_created >= ${Number(sinceMs)}`);
+
+  const rows = queryOpenCodeDb(dbPath, [
+    'select',
+    '  s.id,',
+    '  s.parent_id,',
+    '  s.title,',
+    '  s.directory,',
+    '  s.time_created,',
+    '  s.time_updated,',
+    '  (select count(*) from message m where m.session_id = s.id) as turn_count,',
+    '  (',
+    '    (select coalesce(sum(length(data)), 0) from message m where m.session_id = s.id) +',
+    '    (select coalesce(sum(length(data)), 0) from part p where p.session_id = s.id)',
+    '  ) as size_bytes',
+    'from session s',
+    `where ${where.join(' and ')}`,
+    'order by s.time_updated desc',
+  ].join(' '));
+
+  return rows.map((row) => ({
+    id: row.id,
+    parentId: row.parent_id || null,
+    title: row.title || '',
+    cwd: row.directory,
+    startedAt: msToIso(row.time_created),
+    startedAtMs: Number(row.time_created),
+    endedAt: msToIso(row.time_updated),
+    endedAtMs: Number(row.time_updated),
+    turnCount: row.turn_count ?? 0,
+    sizeBytes: row.size_bytes ?? 0,
+  }));
+}
+
+function loadRows(sessionId) {
+  const dbPath = defaultOpenCodeDbPath();
+  const id = sqlString(sessionId);
+  return {
+    messages: queryOpenCodeDb(dbPath, `select id, time_created, data from message where session_id = ${id} order by time_created, id`),
+    parts: queryOpenCodeDb(dbPath, `select id, message_id, time_created, data from part where session_id = ${id} order by time_created, id`),
+  };
+}
+
+function parseJson(raw) {
+  try {
+    return JSON.parse(raw || '{}');
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return { __parseError: message, __raw: raw || '' };
+  }
+}
+
+function selectSession(refs, positional) {
+  const requested = positional[0];
+  if (!requested || requested === 'latest') {
+    return refs.find((ref) => !ref.parentId) || refs[0] || null;
+  }
+  return findSessionById(refs, requested);
+}
+
+function sessionsForAudit(selected, allSessions, includeChildren) {
+  if (!includeChildren) return [selected];
+  const children = allSessions
+    .filter((candidate) => candidate.parentId === selected.id)
+    .sort((a, b) => a.startedAtMs - b.startedAtMs);
+  return [selected, ...children];
+}
+
+function buildGuardEvents(sessions) {
+  const events = [];
+  const rootId = sessions[0]?.id;
+
+  for (const session of sessions) {
+    const rows = loadRows(session.id);
+    const messages = rows.messages.map((row) => ({ row, data: parseJson(row.data) }));
+    const messageById = new Map(messages.map((message) => [message.row.id, message.data]));
+    let requestIndex = 0;
+
+    for (const row of rows.parts) {
+      const data = parseJson(row.data);
+      const message = messageById.get(row.message_id) || {};
+      const role = message.role || 'unknown';
+      const at = msToIso(row.time_created);
+      const base = {
+        sessionId: session.id,
+        sessionTitle: session.title,
+        parentId: session.parentId,
+        isChildSession: session.id !== rootId,
+        role,
+        messageId: row.message_id,
+        sessionMessageId: `${session.id}:${row.message_id}`,
+        partId: row.id,
+        requestIndex,
+      };
+
+      if (data.type === 'text') {
+        if (role === 'user') requestIndex += 1;
+        events.push({
+          type: 'message',
+          name: role,
+          at,
+          source: `opencode:${session.id}`,
+          text: data.text || '',
+          data: { ...base, requestIndex },
+        });
+        continue;
+      }
+
+      if (data.type === 'tool') {
+        const input = objectOrEmpty(data.state?.input);
+        const metadata = objectOrEmpty(data.state?.metadata);
+        const toolName = data.tool || 'unknown';
+        const text = toolText(toolName, input, metadata, data.state);
+        const toolEvent = {
+          type: 'tool_call',
+          name: toolName,
+          at,
+          source: `opencode:${session.id}`,
+          text,
+          data: {
+            ...base,
+            tool: toolName,
+            status: stringValue(data.state?.status),
+            input,
+            metadata,
+          },
+        };
+        events.push(toolEvent);
+        events.push(...derivedToolEvents(toolEvent));
+      }
+    }
+  }
+
+  return events
+    .sort((a, b) => String(a.at || '').localeCompare(String(b.at || '')))
+    .map((event, index) => ({ ...event, index }));
+}
+
+function derivedToolEvents(event) {
+  const text = event.text || '';
+  const events = [];
+  if (runsCommand(text, /\b(npx\s+)?job-forge\s+merge\b|\bnpm\s+run\s+merge\b/)) {
+    events.push(derivedToolEvent(event, 'job-forge-merge'));
+  }
+  if (runsCommand(text, /\b(npx\s+)?job-forge\s+verify\b|\bnpm\s+run\s+verify\b/)) {
+    events.push(derivedToolEvent(event, 'job-forge-verify'));
+  }
+  if (runsCommand(text, /\bgeometra_disconnect\b/)) {
+    events.push(derivedToolEvent(event, 'geometra_disconnect'));
+  }
+  if (runsCommand(text, /\bgeometra_list_sessions\b/)) {
+    events.push(derivedToolEvent(event, 'geometra_list_sessions'));
+  }
+  return events;
+}
+
+function derivedToolEvent(event, name) {
+  return {
+    ...event,
+    name,
+    data: {
+      ...(event.data || {}),
+      derivedFrom: event.name,
+    },
+  };
+}
+
+function runsCommand(text, pattern) {
+  return /(^|[\s"])(bash|shell|exec|command|terminal|run_command)\b/i.test(text) && pattern.test(text);
+}
+
+function toolText(toolName, input, metadata, state) {
+  const fragments = [toolName, safeJson(input), safeJson(metadata)];
+  if (state?.output && typeof state.output === 'string') fragments.push(state.output);
+  return fragments.filter(Boolean).join('\n');
+}
+
+function objectOrEmpty(value) {
+  return value && typeof value === 'object' && !Array.isArray(value) ? value : {};
+}
+
+function stringValue(value) {
+  return typeof value === 'string' ? value : value == null ? '' : String(value);
+}
+
+function safeJson(value) {
+  try {
+    return JSON.stringify(value);
+  } catch {
+    return '';
+  }
+}
+
+function printablePath(path) {
+  const rel = relative(PROJECT_DIR, path);
+  return rel && !rel.startsWith('..') ? rel : path;
+}
+
+function printAudit({ selected, includedSessions, policy, result }) {
+  const children = includedSessions.length - 1;
+  console.log(`session: ${selected.id}${selected.title ? ` (${selected.title})` : ''}`);
+  if (children > 0) console.log(`children: ${children}`);
+  console.log(`policy:  ${printablePath(policy.sourcePath || defaultPolicyPath())}`);
+  console.log(formatAuditResult(result));
+}
+
+async function main() {
+  if (cmd === 'help' || cmd === '--help' || cmd === '-h') {
+    console.log(USAGE);
+    return 0;
+  }
+
+  if (cmd === 'explain') {
+    const { opts } = parseArgs(args);
+    if (opts.help) {
+      console.log(USAGE);
+      return 0;
+    }
+    if (opts.error) {
+      console.error(`job-forge guard:explain: ${opts.error}`);
+      return 2;
+    }
+    const policy = loadPolicy(opts.policy);
+    if (opts.json) {
+      console.log(JSON.stringify(policy, null, 2));
+    } else {
+      console.log(formatPolicyExplanation(policy));
+    }
+    return 0;
+  }
+
+  if (cmd === 'audit') {
+    const { opts, positional } = parseArgs(args, { allowSession: true });
+    if (opts.help) {
+      console.log(USAGE);
+      return 0;
+    }
+    if (opts.error) {
+      console.error(`job-forge guard:audit: ${opts.error}`);
+      return 2;
+    }
+    const refs = discoverSessions(opts, { includeAllForShow: Boolean(positional[0] && positional[0] !== 'latest') });
+    if (refs.length === 0) {
+      console.error('job-forge guard:audit: no OpenCode sessions found for this project');
+      return 2;
+    }
+    const selected = selectSession(refs, positional);
+    if (!selected) {
+      console.error(`job-forge guard:audit: no OpenCode session matches "${positional[0]}"`);
+      return 2;
+    }
+    const includedSessions = sessionsForAudit(selected, refs, opts.includeChildren);
+    const policy = loadPolicy(opts.policy);
+    const events = buildGuardEvents(includedSessions);
+    const result = audit(policy, events);
+
+    if (opts.json) {
+      console.log(JSON.stringify({
+        session: selected,
+        includedSessions: includedSessions.map((session) => ({
+          id: session.id,
+          parentId: session.parentId,
+          title: session.title,
+          startedAt: session.startedAt,
+          endedAt: session.endedAt,
+        })),
+        policy: policy.sourcePath,
+        result,
+      }, null, 2));
+    } else {
+      printAudit({ selected, includedSessions, policy, result });
+    }
+    return resultFails(result, opts.failOn) ? 1 : 0;
+  }
+
+  console.error(`job-forge guard: unknown command "${cmd}"`);
+  console.error(USAGE);
+  return 2;
+}
+
+main()
+  .then((code) => process.exit(code))
+  .catch((error) => {
+    const message = error instanceof Error ? error.message : String(error);
+    console.error(message);
+    process.exit(1);
+  });

package/templates/guards/jobforge-baseline.yaml

@@ -0,0 +1,50 @@
+version: 1
+rules:
+  - id: JF-H1
+    type: max-per-group
+    severity: error
+    description: Do not dispatch more than two task subagents from one assistant message.
+    match:
+      type: tool_call
+      name: task
+    groupBy: sessionMessageId
+    max: 2
+
+  - id: JF-H5b
+    type: forbid-text
+    severity: error
+    description: Do not use task to poll task/session status.
+    match:
+      type: tool_call
+      name: task
+    patterns:
+      - source: '"task_id"\s*:'
+      - source: '\b(return your final outcome now|report your current status|current status|still working|still running)\b'
+        flags: i
+      - source: '\b(check|poll|fetch|ask)\b.{0,80}\b(task|session)\b.{0,60}\b(status|state|result|outcome)\b'
+        flags: i
+
+  - id: JF-H5-child-no-task
+    type: forbid-text
+    severity: error
+    description: Child/subagent sessions must not spawn more task subagents.
+    match:
+      type: tool_call
+      name: task
+      fields:
+        isChildSession: true
+    patterns:
+      - source: '[\s\S]'
+
+  - id: JF-H8
+    type: forbid-text
+    severity: error
+    description: Task prompts must not inline proxy configuration or proxy credentials.
+    match:
+      type: tool_call
+      name: task
+    patterns:
+      - source: '\bproxy\s*:\s*\{'
+        flags: i
+      - source: '\bproxy[_.-]?(server|username|password|bypass)\b\s*[:=]'
+        flags: i