kc-beta 0.7.5 → 0.8.3

package/src/agent/llm-client.js

@@ -32,6 +32,16 @@ export class LLMClient {
     this.baseUrl = baseUrl.replace(/\/+$/, "");
     this.authType = authType;
     this.apiFormat = apiFormat;
+    // v0.8.2 P14-A: request-level timeout for fetch. SiliconFlow GLM-5.1
+    // streams hung 8h+ overnight in E2E #12 with no HTTP-level cutoff.
+    // 10 min ceiling (configurable via KC_LLM_REQUEST_TIMEOUT_MS) lets the
+    // marathon driver's `error: terminated` → recovery path kick in within
+    // minutes instead of hours when the upstream stalls a request without
+    // closing the TCP connection.
+    const envTimeout = parseInt(process.env.KC_LLM_REQUEST_TIMEOUT_MS || "0", 10);
+    this.requestTimeoutMs = Number.isFinite(envTimeout) && envTimeout > 0
+      ? envTimeout
+      : 10 * 60 * 1000;
   }
 
   /**
@@ -196,10 +206,15 @@ export class LLMClient {
     let resp;
     try {
       resp = await withRetry(async () => {
+        // v0.8.2 P14-A: AbortSignal.timeout for stream connect + per-chunk
+        // forward progress. Hung streams (SiliconFlow GLM-5.1 overnight,
+        // E2E #12) abort within requestTimeoutMs and surface as an error
+        // event the marathon driver can recover from.
         const r = await fetch(this._getEndpoint(), {
           method: "POST",
           headers: this._buildHeaders(),
           body: JSON.stringify(body),
+          signal: AbortSignal.timeout(this.requestTimeoutMs),
         });
         if (!r.ok) {
           const text = await r.text();
@@ -215,7 +230,13 @@ export class LLMClient {
       // A8: Any pre-stream failure (network, auth, 4xx/5xx after retry) is
       // tagged and re-thrown. Engine's outer catch sees exactly one tagged
       // error event.
-      if (!err.streamTermination) err.streamTermination = "connect_error";
+      // v0.8.2 P14-A: AbortError from AbortSignal.timeout marks request_timeout
+      // distinctly so audits can count these vs. generic connect errors.
+      if (err.name === "TimeoutError" || err.name === "AbortError") {
+        err.streamTermination = "request_timeout";
+      } else if (!err.streamTermination) {
+        err.streamTermination = "connect_error";
+      }
       throw err;
     }
 
@@ -256,10 +277,12 @@ export class LLMClient {
     const body = this._buildNonStreamBody({ model, messages, maxTokens });
 
     const resp = await withRetry(async () => {
+      // v0.8.2 P14-A: same request-level timeout as streamChat for symmetry.
       const r = await fetch(this._getEndpoint(), {
         method: "POST",
         headers: this._buildHeaders(),
         body: JSON.stringify(body),
+        signal: AbortSignal.timeout(this.requestTimeoutMs),
       });
       if (!r.ok) {
         const text = await r.text();

package/src/agent/pipelines/_advance-hints.js

@@ -0,0 +1,92 @@
+// v0.8 P0-E: prescriptive refusal hints for phase_advance gate failures.
+//
+// 资管 + 贷款 v0.7.5 audits both observed the force-bypass pattern:
+// engine refuses phase_advance with `engineCounts: workflowsTested: 0/14`,
+// agent does ~3 min of cleanup, then forces past anyway. Cleanup happens
+// (signal IS being consumed) but force always wins because the descriptive
+// "exit criteria not met" hint doesn't tell the agent WHAT to write.
+//
+// v0.8 P0-E replaces the descriptive hint with a prescriptive one. The
+// hint text below derives from the same artifact paths + filename patterns
+// that _milestone-derive.js walks, so the agent's instructions match what
+// the engine will check next turn.
+//
+// Design contract (matches v0.8 design doc Q20 user lean):
+//   - Single shared helper here; engine.js + phase-advance.js both call it.
+//   - Each hint is one or two concrete sentences naming a path, a filename
+//     pattern, and a script to run (where applicable).
+//   - Hint output is plain text, suitable to drop into a tool result.
+//
+// To extend: edit the per-phase hint generators below. Keep the artifact
+// paths in sync with the corresponding derive function in _milestone-derive.js.
+
+/**
+ * Build a prescriptive refusal hint for a phase_advance gate failure.
+ *
+ * @param {string} fromPhase — the phase the agent is trying to leave
+ * @param {object} engineCounts — raw engine counts (or null)
+ * @param {string} [engineCountsLine] — formatted summary string from _buildEngineCountsBlock
+ * @returns {string} a multi-line hint suitable for the LLM tool result
+ */
+export function getPrescriptiveHint(fromPhase, engineCounts, engineCountsLine = "") {
+  const header = engineCountsLine
+    ? `Engine telemetry: ${engineCountsLine}\n\n`
+    : "";
+
+  const hint = HINTS_BY_PHASE[fromPhase];
+  if (!hint) {
+    return header + "Check the system prompt's phase state block for missing milestones. The engine derives milestones from filesystem facts.";
+  }
+  return header + hint;
+}
+
+const HINTS_BY_PHASE = {
+  bootstrap:
+    "To advance to rule_extraction:\n" +
+    "  • Verify <workspace>/source_docs/ contains the regulation file(s) you're extracting rules from.\n" +
+    "  • Verify <workspace>/samples/ contains at least one sample document for testing.\n" +
+    "  • Ensure AGENT.md exists at workspace root with project context filled in.\n" +
+    "Engine reads filesystem facts; no need to call any 'mark bootstrap complete' tool — just produce the artifacts.",
+
+  rule_extraction:
+    "To advance to skill_authoring:\n" +
+    "  • For each rule in the source regulation, write an entry to rules/catalog.json with {id, source_ref, falsifiability_statement, applicable_sections}.\n" +
+    "  • Use rule_catalog tool (operation: 'write') for catalog entries; engine derives `rulesExtracted` from this file.\n" +
+    "  • For chunk traceability: each catalog entry should reference its source chunk via applicable_sections.\n" +
+    "  • Write rule_skills/coverage_report.md or rules/coverage_report.md to mark coverageAudited=true (a per-rule × per-section table).",
+
+  skill_authoring:
+    "To advance to skill_testing:\n" +
+    "  • For each rule_id in rules/catalog.json, create rule_skills/<rule_id>/SKILL.md (uppercase! engine path-match is case-sensitive on Linux).\n" +
+    "  • Each SKILL.md needs frontmatter (id, name, description) + a body describing verification logic.\n" +
+    "  • Pair each SKILL.md with rule_skills/<rule_id>/check.py — substantive logic, NOT a 'return NOT_APPLICABLE' stub. If logic lives in workflows/, check.py must import + call the workflow.\n" +
+    "  • For grouped skills covering multiple rules, frontmatter MUST include `source_rules: [R001, R005, ...]` so engine credits each rule_id.\n" +
+    "  • Engine counts `rulesCovered` from rule_skills/ walk; aim for catalog.json's full rule list.",
+
+  skill_testing:
+    "To advance to distillation:\n" +
+    "  • For each rule_id, write test results to output/results/skill_test_round<N>.json or output/results/<rule_id>_<sample>.json.\n" +
+    "  • Each test result needs `verdict` (PASS/FAIL/NOT_APPLICABLE) plus per-rule accuracy.\n" +
+    "  • Engine counts `skillsTested` from these files. Aim for ≥1 result per rule, with ≥90% accuracy on labeled samples.\n" +
+    "  • If a rule consistently fails, iterate the SKILL.md + check.py before advancing (this is the evolution-loop pattern).",
+
+  distillation:
+    "To advance to production_qc:\n" +
+    "  • For each rule_id, write workflows/<rule_id>/workflow_v1.py (regex-only or hybrid regex+worker_llm).\n" +
+    "  • Each workflow.py needs a `verify(document_text, config)` function returning {verdict, evidence, confidence, ...}.\n" +
+    "  • Engine counts `workflowsCreated` from workflows/<rule_id>/workflow_v*.py walk.\n" +
+    "  • Run scripts/v1_regression.py (or equivalent) to populate output/results/v1_regression.json — engine counts `workflowsTested` from this.\n" +
+    "  • For grouped workflows (one workflow covering multiple rules), declare `source_rules: [...]` in workflow's docstring or sidecar config.",
+
+  production_qc:
+    "To advance to finalization:\n" +
+    "  • Write output/results/production_qc_results.json (preferred shape: {results: {<rule_id>: {<doc_id>: {verdict, evidence, confidence}}}}).\n" +
+    "  • OR write output/qc/review_<batch>.json with `documents_reviewed: N` for each batch — engine sums across files.\n" +
+    "  • Engine counts `batchesProcessed` and `documentsReviewed`. Each batch should cover the full doc set OR a meaningful sample.\n" +
+    "  • If accuracy is below threshold, run evolution-loop on the failing rules before advancing.",
+
+  finalization:
+    "(Finalization is the terminal phase — no forward advance.)",
+};
+
+export default getPrescriptiveHint;

package/src/agent/pipelines/_milestone-derive.js

@@ -80,6 +80,22 @@ function readJsonSafe(p) {
   try { return JSON.parse(fs.readFileSync(p, "utf-8")); } catch { return null; }
 }
 
+// v0.8 P1-A: find the first existing file from a list of candidate relative
+// paths. Returns the absolute path of the first match, or null. Used for
+// "agent-might-have-written-it-anywhere" lookups where conventions vary.
+//
+// 资管 v0.7.5 wrote rule_skills/coverage_report.md; 贷款 v0.7.5 wrote
+// output/coverage_report.md or similar. Each derive function previously
+// hardcoded its own short list — extracting this helper keeps additions
+// centralized.
+function findFileAcrossKnownPaths(workspaceCwd, relPaths) {
+  for (const rel of relPaths) {
+    const abs = path.join(workspaceCwd, rel);
+    if (fileExists(abs)) return abs;
+  }
+  return null;
+}
+
 function readFileSafe(p) {
   try { return fs.readFileSync(p, "utf-8"); } catch { return ""; }
 }
@@ -140,13 +156,33 @@ function sha256OfFile(p) {
   } catch { return null; }
 }
 
-// Normalize a rule id like "R14" / "r014" / "R0014" to canonical "R014".
+// Normalize a rule id to a canonical form for dedup + comparison.
+// Accepts two shapes:
+//   Bare-numeric: "R14" / "r014" / "R0014" → "R014"
+//   Compound:    "R01-01" / "R01_01" / "R001-005" → "R001-005"
+//                (zero-pads the major part to 3 digits; preserves the
+//                 minor part numerically; uses dash separator canonically)
 // Returns null for non-matching strings (e.g., thematic skill names like
-// "account_identity" — those stay as-is via the second branch).
-function canonicalRuleId(s) {
+// "account_identity" — those stay as-is and don't get credited via this
+// path; their credit comes from frontmatter `source_rules:` instead).
+//
+// v0.8.3 P20-B2: compound form added. E2E #13 资管 used `R01-01`..`R07-01`
+// naturally following the regulation's subsection numbering; v0.8.2's
+// bare-only regex returned null for all 15 dirs → `rulesCovered: 0/15`
+// → engine refused natural skill_testing advance.
+export function canonicalRuleId(s) {
   if (typeof s !== "string") return null;
-  const m = s.match(/^R0*(\d+)$/i);
-  if (m) return `R${String(parseInt(m[1], 10)).padStart(3, "0")}`;
+  const trimmed = s.trim();
+  // Compound form: R01-01, R01_01, R001-005, etc.
+  const compound = trimmed.match(/^R0*(\d+)[-_](\d+)$/i);
+  if (compound) {
+    const major = String(parseInt(compound[1], 10)).padStart(3, "0");
+    const minor = String(parseInt(compound[2], 10)).padStart(2, "0");
+    return `R${major}-${minor}`;
+  }
+  // Bare-numeric form
+  const bare = trimmed.match(/^R0*(\d+)$/i);
+  if (bare) return `R${String(parseInt(bare[1], 10)).padStart(3, "0")}`;
   return null;
 }
 
@@ -177,9 +213,16 @@ export function deriveRuleExtractionMilestones(workspace) {
 
   // rulesExtracted: every rule object across every JSON file in rules/
   // that has a non-empty `id` field. catalog.json is canonical but agents
-  // sometimes fan out to per-rule files (E2E #5 DS).
+  // sometimes fan out to per-rule files (E2E #5 DS) — or write SIBLING
+  // files with the same IDs plus additional metadata (E2E #13 资管's
+  // `rules/difficulty.json` added judgment-type classifications and
+  // doubled the count from 15 → 30 because the engine pushed IDs without
+  // dedup). v0.8.3 P20-B1: dedup by ID across all rules/*.json files.
+  // First-seen wins for chunk-ref counting (catalog.json is read first
+  // by alphabetical / fs order in most cases).
   const rulesExtracted = [];
   const rulesWithChunkRefs = [];
+  const seenIds = new Set();
   if (dirExists(rulesDir)) {
     for (const e of listChildFiles(rulesDir)) {
       if (!e.name.endsWith(".json")) continue;
@@ -188,8 +231,21 @@ export function deriveRuleExtractionMilestones(workspace) {
       const items = Array.isArray(data) ? data : (data.rules || []);
       for (const r of items) {
         if (r && typeof r.id === "string" && r.id.length) {
+          if (seenIds.has(r.id)) continue; // v0.8.3 P20-B1 dedup
+          seenIds.add(r.id);
           rulesExtracted.push(r.id);
-          if (Array.isArray(r.source_chunk_ids) && r.source_chunk_ids.length > 0) {
+          // v0.8.2 P13-C: accept any of three field names for chunk
+          // references. Engine historically looked only for
+          // `source_chunk_ids`, but 贷款 v0.8.1 + 资管 v0.8.1 catalogs
+          // wrote `chunk_ids` (the shorter form agents naturally pick
+          // from the rule-extraction skill examples). `chunk_refs` is
+          // a legacy alias from older audit docs. Any non-empty match
+          // counts.
+          const chunks = (Array.isArray(r.source_chunk_ids) && r.source_chunk_ids)
+            || (Array.isArray(r.chunk_ids) && r.chunk_ids)
+            || (Array.isArray(r.chunk_refs) && r.chunk_refs)
+            || null;
+          if (chunks && chunks.length > 0) {
             rulesWithChunkRefs.push(r.id);
           }
         }
@@ -197,15 +253,18 @@ export function deriveRuleExtractionMilestones(workspace) {
     }
   }
 
-  // coverageAudited: presence of rules/coverage_audit.{md,json} OR a
-  // rules/coverage_report.md / output/coverage_report.md. Loose criterion
-  // because agents pick different conventions; the spirit is "did the
+  // coverageAudited: presence of any coverage audit/report doc. Loose
+  // criterion — agents pick different conventions; the spirit is "did the
   // agent produce a coverage doc" not "did they put it in this exact file".
-  const coverageAudited =
-    fileExists(path.join(rulesDir, "coverage_audit.md")) ||
-    fileExists(path.join(rulesDir, "coverage_audit.json")) ||
-    fileExists(path.join(rulesDir, "coverage_report.md")) ||
-    fileExists(path.join(cwd, "output", "coverage_report.md"));
+  // v0.8 P1-A: use the same findFileAcrossKnownPaths helper as finalization.
+  const coverageAudited = !!findFileAcrossKnownPaths(cwd, [
+    path.join("rules", "coverage_audit.md"),
+    path.join("rules", "coverage_audit.json"),
+    path.join("rules", "coverage_report.md"),
+    path.join("output", "coverage_report.md"),
+    path.join("rule_skills", "coverage_report.md"),       // v0.8 P1-A
+    path.join("output", "qc", "coverage_report.md"),
+  ]);
 
   return {
     rulesExtracted,
@@ -312,15 +371,121 @@ export function deriveSkillAuthoringMilestones(workspace) {
         }
       } catch { /* best-effort */ }
     }
+
+    // v0.8.2 P13-D: also credit rule_ids declared in rule_mapping.json.
+    // 资管 v0.8.1 wrote 6 thematic-overlay dirs (R01_periodic_report,
+    // R02_custodian_core, etc.) each containing a rule_mapping.json that
+    // maps rule_ids to engine-level check function names. The dirs have
+    // no own check.py because the actual implementation lives in
+    // workspace-root verify_v*.py. Without recognizing rule_mapping.json,
+    // the engine treats them as orphan dirs.
+    //
+    // Rule-id formats in the wild include both bare-numeric (R01, R027)
+    // and compound (R01-05, R02-08). canonicalRuleId() only handles the
+    // bare form, so we accept either canonicalized form OR a raw key
+    // that looks like a rule id (matches R\d+ optionally followed by
+    // `-` or `_` and more digits).
+    try {
+      const mappingPath = path.join(skillPath, "rule_mapping.json");
+      if (fileExists(mappingPath)) {
+        const mapping = readJsonSafe(mappingPath);
+        if (mapping && typeof mapping === "object" && !Array.isArray(mapping)) {
+          for (const key of Object.keys(mapping)) {
+            const canon = canonicalRuleId(key);
+            if (canon) {
+              ruleIdsCovered.add(canon);
+            } else if (/^R0*\d+[-_]?\d*$/i.test(key.trim())) {
+              // Compound form like "R01-05" — preserve as-is
+              ruleIdsCovered.add(key.trim());
+            }
+          }
+        }
+      }
+    } catch { /* best-effort */ }
   }
 
+  // v0.8 P2-F (item 22): count stub-shaped check.py files. Pairs with
+  // v0.8 P2-A teaching about the inverse-stub anti-pattern. Surfaces
+  // a ratio that downstream code (skill-authoring exitCriteriaMet)
+  // can choose to enforce via env flag.
+  const checkPyAudit = _auditCheckPyShapes(skillsDir);
+
   return {
     skillsAuthored,
     skillsWithScripts,
     ruleIdsCovered: [...ruleIdsCovered],
+    checkPyTotal: checkPyAudit.total,
+    checkPyStubCount: checkPyAudit.stubFiles.length,
+    checkPyStubFiles: checkPyAudit.stubFiles,
+    checkPyStubRatio: checkPyAudit.total > 0
+      ? +(checkPyAudit.stubFiles.length / checkPyAudit.total).toFixed(3)
+      : 0,
   };
 }
 
+// v0.8 P2-F: walk rule_skills/<id>/ for check_*.py and check each for
+// stub-shape patterns. Returns {total, stubFiles}. Patterns recognized
+// as stubs (per v0.7.x audit findings):
+//   - returns literal `"verdict": "NOT_APPLICABLE"` (资管 v0.7.5 variant)
+//   - returns literal `"pass": null` (v0.7.0 legacy)
+//   - returns literal `"method": "stub"`
+//   - AND none of: workflow import, >20 non-comment lines.
+// Substantive signals override the stub-return signal (a check.py that
+// imports + delegates to a workflow but happens to return NOT_APPLICABLE
+// for some sub-path is not a stub).
+function _auditCheckPyShapes(skillsDir) {
+  const stubFiles = [];
+  let total = 0;
+  if (!dirExists(skillsDir)) return { total, stubFiles };
+
+  for (const dirEntry of listChildDirs(skillsDir)) {
+    if (dirEntry.name.startsWith("__")) continue;
+    const skillPath = path.join(skillsDir, dirEntry.name);
+    const scripts = findCheckScripts(skillPath);
+    for (const scriptPath of scripts) {
+      total++;
+      if (_isCheckPyStubShaped(scriptPath)) {
+        stubFiles.push(path.relative(skillsDir, scriptPath));
+      }
+    }
+  }
+  return { total, stubFiles };
+}
+
+function _isCheckPyStubShaped(scriptPath) {
+  let content;
+  try { content = fs.readFileSync(scriptPath, "utf-8"); }
+  catch { return false; }
+
+  // Substantive signal 1: imports a workflow (direct delegation)
+  if (/from\s+workflows[.\w]+\s+import|^import\s+workflows\./m.test(content)) {
+    return false;
+  }
+
+  // Stub return patterns. A check.py is a stub if it ALWAYS returns one
+  // of these regardless of input. We detect "always returns" by checking
+  // that the file has no other verdict literal — no PASS, FAIL, WARNING
+  // returns elsewhere. A scaffold with 30+ lines but a single
+  // NOT_APPLICABLE return path (like 资管 v0.7.5's 14 check.py files) is
+  // still a stub by behavior — line count is unreliable.
+  const stubReturn1 = /return\s+\{[^}]*["']verdict["']\s*:\s*["']NOT_APPLICABLE["']/m.test(content);
+  const stubReturn2 = /return\s+\{[^}]*["']pass["']\s*:\s*None/m.test(content);
+  const stubReturn3 = /return\s+\{[^}]*["']method["']\s*:\s*["']stub["']/m.test(content);
+  const hasStubReturn = stubReturn1 || stubReturn2 || stubReturn3;
+
+  if (!hasStubReturn) return false;
+
+  // If we find ANY other verdict (PASS, FAIL, WARNING), the file is doing
+  // real branching even if one path returns NOT_APPLICABLE — not a stub.
+  const hasOtherVerdict =
+    /["']verdict["']\s*:\s*["']PASS["']/m.test(content) ||
+    /["']verdict["']\s*:\s*["']FAIL["']/m.test(content) ||
+    /["']verdict["']\s*:\s*["']WARNING["']/m.test(content) ||
+    /\bmake_result\b/.test(content); // common helper that produces non-stub returns
+
+  return !hasOtherVerdict;
+}
+
 // ───────────────────────────────────────────────────────────────────
 // skill_testing
 // ───────────────────────────────────────────────────────────────────
@@ -613,10 +778,45 @@ export function deriveProductionQcMilestones(workspace) {
     }
   }
 
+  // v0.8 P1-A: per-doc QC review files at output/qc/reviews/doc_*.json
+  // (贷款 v0.7.5 shape). Each file is a single review object with
+  // {review_id, document, verdict}. Engine previously skipped these
+  // because they don't match the batch heuristic, causing
+  // `documents_reviewed: 0` despite 16 docs on disk.
+  const perDocReviewsDir = path.join(outputDir, "qc", "reviews");
+  if (dirExists(perDocReviewsDir)) {
+    for (const e of listChildFiles(perDocReviewsDir)) {
+      if (!e.name.endsWith(".json")) continue;
+      const data = readJsonSafe(path.join(perDocReviewsDir, e.name));
+      if (!data || typeof data !== "object" || !data.verdict) continue;
+      // Document identifier: prefer explicit fields, fall back to filename
+      const docKey = data.document || data.doc || data.file || data.path || e.name.replace(/\.json$/, "");
+      documentsReviewedSet.add(String(docKey));
+    }
+  }
+
+  // v0.8 P1-A: also read numeric `documents_reviewed: N` from any
+  // top-level batch file (贷款 review_001.json declares 16 directly).
+  // We use this only when the doc set is smaller than the claim — agents
+  // sometimes write summary batches without enumerating individual docs.
+  let declaredDocCount = 0;
+  for (const dir of candidateDirs) {
+    if (!dirExists(dir)) continue;
+    for (const e of listChildFiles(dir)) {
+      if (!e.name.endsWith(".json")) continue;
+      const data = readJsonSafe(path.join(dir, e.name));
+      if (!data || typeof data !== "object") continue;
+      const n = Number(data.documents_reviewed);
+      if (Number.isFinite(n) && n > declaredDocCount) declaredDocCount = n;
+    }
+  }
+  const documentsReviewed = Math.max(documentsReviewedSet.size, declaredDocCount);
+
   return {
     batchesProcessed,
-    documentsReviewed: documentsReviewedSet.size,
+    documentsReviewed,
     documentsReviewedKeys: [...documentsReviewedSet], // for describeState detail
+    documentsReviewedDeclared: declaredDocCount > documentsReviewedSet.size ? declaredDocCount : 0,
   };
 }
 
@@ -658,10 +858,18 @@ export function deriveFinalizationMilestones(workspace) {
     }
   }
 
-  // coverageReportWritten: rules/coverage_report.md OR output/coverage_report.md.
-  const coverageReportWritten =
-    fileExists(path.join(cwd, "rules", "coverage_report.md")) ||
-    fileExists(path.join(cwd, "output", "coverage_report.md"));
+  // coverageReportWritten: accept multiple known agent-write locations.
+  // v0.8 P1-A: added rule_skills/coverage_report.md (资管 v0.7.5 wrote here)
+  // and coverage_audit.md variants (贷款 v0.7.5 wrote rules/coverage_audit.md).
+  // The "coverage doc" concept covers both report-style + audit-style files.
+  const coverageReportWritten = !!findFileAcrossKnownPaths(cwd, [
+    path.join("rules", "coverage_report.md"),
+    path.join("rules", "coverage_audit.md"),                // 贷款 v0.7.5
+    path.join("rules", "coverage_audit.json"),
+    path.join("output", "coverage_report.md"),
+    path.join("rule_skills", "coverage_report.md"),         // 资管 v0.7.5
+    path.join("output", "qc", "coverage_report.md"),        // future-proofing
+  ]);
 
   // finalDashboardWritten: at least one dashboards/*.html that is NOT a
   // duplicate of any other. DS + GLM both shipped byte-identical
@@ -694,11 +902,108 @@ export function deriveFinalizationMilestones(workspace) {
     }
   }
 
+  // v0.8 P0-D: stale-release detection. SOFT gate — surfaces a warning,
+  // doesn't refuse phase advance. 资管 audit § 9.1 finding 11 found both
+  // release bundles snapped BEFORE the user's "更激进 worker LLM" prompt
+  // drove 14 hybrid workflow_v2.py builds, but neither was re-released.
+  // We detect by comparing the most-recent release manifest's created_at
+  // against the mtimes of workflows/ and rule_skills/.
+  const staleRelease = _detectStaleRelease(cwd);
+
   return {
     readmeWritten,
     coverageReportWritten,
     finalDashboardWritten,
     dashboardDuplicatesDetected,
+    releaseIsStale: staleRelease.isStale,
+    staleReleaseDetail: staleRelease.detail,
+  };
+}
+
+// v0.8 P0-D: detect whether workflows/ or rule_skills/ contain files
+// modified after the most-recent release manifest was written. Returns
+// {isStale: bool, detail: {releaseTs?, releasePath?, newerFiles?: [...]}}.
+// SOFT semantics — the milestone is informational; phase advance still
+// works. The agent + downstream tooling (e2e-audit) decides what to do.
+function _detectStaleRelease(cwd) {
+  const releasesRoot = path.join(cwd, "output", "releases");
+  if (!dirExists(releasesRoot)) return { isStale: false, detail: null };
+
+  // Find most-recent release manifest (by created_at OR fs mtime as fallback).
+  let latestRelease = null; // {path, createdAt: Date}
+  for (const e of listChildDirs(releasesRoot)) {
+    const manifestPath = path.join(releasesRoot, e.name, "manifest.json");
+    try {
+      const stat = fs.statSync(manifestPath);
+      if (!stat.isFile()) continue;
+      let createdAt = stat.mtime;
+      try {
+        const m = JSON.parse(fs.readFileSync(manifestPath, "utf-8"));
+        if (m?.created_at) {
+          const parsed = new Date(m.created_at);
+          if (!Number.isNaN(parsed.getTime())) createdAt = parsed;
+        }
+      } catch { /* fall back to mtime */ }
+      if (!latestRelease || createdAt > latestRelease.createdAt) {
+        latestRelease = { path: manifestPath, createdAt, slug: e.name };
+      }
+    } catch { /* skip */ }
+  }
+
+  if (!latestRelease) return { isStale: false, detail: null };
+
+  // Walk workflows/ and rule_skills/ for files newer than latestRelease.createdAt.
+  // Cap to first 10 newer-than-release matches to bound report size.
+  const newerFiles = [];
+  const cutoff = latestRelease.createdAt.getTime();
+  const SCAN_DIRS = ["workflows", "rule_skills"];
+  for (const sub of SCAN_DIRS) {
+    const root = path.join(cwd, sub);
+    if (!dirExists(root)) continue;
+    const stack = [root];
+    while (stack.length && newerFiles.length < 10) {
+      const d = stack.pop();
+      let entries;
+      try { entries = fs.readdirSync(d, { withFileTypes: true }); } catch { continue; }
+      for (const ent of entries) {
+        if (ent.name.startsWith(".") || ent.name === "__pycache__" || ent.name === "node_modules") continue;
+        const p = path.join(d, ent.name);
+        if (ent.isDirectory()) { stack.push(p); continue; }
+        if (!ent.isFile()) continue;
+        // Care about workflow_v*.py + check.py + SKILL.md/skill.md only —
+        // not __pycache__, not test artifacts, not .json.
+        if (!/(workflow_v\d+\.py|check\.py|SKILL\.md|skill\.md)$/.test(ent.name)) continue;
+        try {
+          const st = fs.statSync(p);
+          if (st.mtimeMs > cutoff) {
+            newerFiles.push({
+              path: path.relative(cwd, p),
+              mtime: new Date(st.mtimeMs).toISOString(),
+            });
+            if (newerFiles.length >= 10) break;
+          }
+        } catch { /* skip */ }
+      }
+    }
+  }
+
+  if (newerFiles.length === 0) return { isStale: false, detail: null };
+
+  // SOFT: accept_stale_release marker bypasses the warning. Agents that
+  // intentionally accept the older release write this file.
+  const acceptPath = path.join(cwd, "output", "releases", latestRelease.slug, ".accept_stale_release");
+  if (fileExists(acceptPath)) return { isStale: false, detail: { acceptedAt: latestRelease.slug } };
+
+  return {
+    isStale: true,
+    detail: {
+      releasePath: path.relative(cwd, latestRelease.path),
+      releaseSlug: latestRelease.slug,
+      releaseCreatedAt: latestRelease.createdAt.toISOString(),
+      newerFiles,
+      totalNewerCount: newerFiles.length,
+      hint: "Workspace artifacts modified after release was built. Either re-run the release tool or write .accept_stale_release into the release dir to acknowledge.",
+    },
   };
 }
 

package/src/agent/pipelines/skill-authoring.js

@@ -3,7 +3,7 @@ import path from "node:path";
 import { Phase, PipelineEvent } from "./index.js";
 import { Pipeline } from "./base.js";
 import { SkillValidator } from "../skill-validator.js";
-import { deriveSkillAuthoringMilestones } from "./_milestone-derive.js";
+import { deriveSkillAuthoringMilestones, canonicalRuleId } from "./_milestone-derive.js";
 
 export class SkillAuthoringPipeline extends Pipeline {
   /**
@@ -37,14 +37,31 @@ export class SkillAuthoringPipeline extends Pipeline {
   }
 
   _loadRules() {
+    // v0.8.3 P20-B1+B2: dedup rule IDs across all rules/*.json files AND
+    // canonicalize them so the rulesCovered comparison against
+    // ruleIdsCovered (which now goes through canonicalRuleId) works for
+    // BOTH bare-numeric (R14) AND compound (R01-01, R02-03) forms.
+    // E2E #13 资管 used compound IDs + wrote a sibling difficulty.json;
+    // the raw-string + no-dedup pre-v0.8.3 path produced rulesCovered:
+    // 0/30 (compound IDs unmatched + double-counted).
     this.totalRules = [];
+    const seen = new Set();
     const rulesDir = path.join(this._workspace.cwd, "rules");
     if (!fs.existsSync(rulesDir)) return;
     for (const f of fs.readdirSync(rulesDir).filter((f) => f.endsWith(".json"))) {
       try {
         const data = JSON.parse(fs.readFileSync(path.join(rulesDir, f), "utf-8"));
         const rules = Array.isArray(data) ? data : (data.rules || []);
-        for (const r of rules) { if (r.id) this.totalRules.push(r.id); }
+        for (const r of rules) {
+          if (!r || !r.id) continue;
+          // Canonicalize to match ruleIdsCovered which is built from
+          // canonicalRuleId() output. If canonicalRuleId returns null
+          // (non-rule-shaped string), preserve the raw trimmed string.
+          const canon = canonicalRuleId(r.id) || String(r.id).trim();
+          if (seen.has(canon)) continue;
+          seen.add(canon);
+          this.totalRules.push(canon);
+        }
       } catch { /* skip */ }
     }
   }
@@ -59,6 +76,10 @@ export class SkillAuthoringPipeline extends Pipeline {
     this.skillsAuthored = [...m.skillsAuthored];
     this.skillsWithScripts = [...m.skillsWithScripts];
     this.ruleIdsCovered = new Set(m.ruleIdsCovered);
+    // v0.8 P2-F (item 22): stub-shape audit for check.py files.
+    this._checkPyStubRatio = m.checkPyStubRatio || 0;
+    this._checkPyStubFiles = m.checkPyStubFiles || [];
+    this._checkPyTotal = m.checkPyTotal || 0;
   }
 
   // v0.7.0 A1: ruleId extraction moved to _milestone-derive.js
@@ -228,7 +249,32 @@ export class SkillAuthoringPipeline extends Pipeline {
     this._validationFailures = v.failures;
     this._validationSkipped = v.skipped;
     if (!v.ok) return false;
-    return this.skillsWithScripts.length >= Math.max(1, this.skillsAuthored.length * 0.5);
+    if (this.skillsWithScripts.length < Math.max(1, this.skillsAuthored.length * 0.5)) {
+      return false;
+    }
+
+    // v0.8 P2-F (item 22): optional enforcement of check.py substantiveness.
+    // SOFT-by-default — the stub ratio is always computed (visible in
+    // describeState / events) but only blocks phase advance if
+    // KC_ENFORCE_CHECK_PY_SUBSTANTIVE=1 is set. Default-off because
+    // the heuristic may over-fire on legitimate scaffolds; v0.8 ships
+    // the detection + reporting, v0.8.x revisits enforcement after audit
+    // data shows whether the signal is reliable.
+    const enforce = process.env.KC_ENFORCE_CHECK_PY_SUBSTANTIVE === "1";
+    if (enforce && this._checkPyTotal > 0 && this._checkPyStubRatio > 0.5) {
+      this._validationFailures = this._validationFailures || [];
+      this._validationFailures.push({
+        file: "<check_py_substantiveness>",
+        reason:
+          `${this._checkPyStubCount || this._checkPyStubFiles.length}/${this._checkPyTotal} check.py files are stub-shaped ` +
+          `(return NOT_APPLICABLE / pass:null with no workflow import + ≤20 lines). ` +
+          `Examples: ${this._checkPyStubFiles.slice(0, 3).join(", ")}${this._checkPyStubFiles.length > 3 ? "..." : ""}. ` +
+          `See skill-authoring SKILL.md anti-pattern section. ` +
+          `Set KC_ENFORCE_CHECK_PY_SUBSTANTIVE=0 to bypass this gate if intentional.`,
+      });
+      return false;
+    }
+    return true;
   }
 
   /**