memento-mori-jester 0.1.56 → 0.1.58

package/CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to Memento Mori Jester are tracked here.
 
 ## Unreleased
 
+## 0.1.58
+
+- Added quiet-pass fixtures for thin custom, configured sensitive-domain, and preset blocked-command rules.
+- Updated fixture-report regression coverage so thin preset/config-derived rules cannot silently lose quiet-pass coverage.
+- Refreshed demo and fixture docs with the expanded 112-fixture corpus.
+
+## 0.1.57
+
+- Added web, API, infra, and AI preset fixture coverage across the remaining plan, command, and final review-kind gaps.
+- Updated fixture-report regression coverage so every preset now has plan, command, diff, and final examples.
+- Refreshed fixture and demo docs with the expanded 90-fixture corpus.
+
 ## 0.1.56
 
 - Added node, python, and security preset fixture coverage across plan, command, diff, and final review kinds.

package/ROADMAP.md

@@ -6,6 +6,8 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 
 ## Recently Shipped
 
+- Quiet-pass boundaries for thin custom/preset rules in v0.1.58 so preset blocked commands, sensitive-domain checks, and custom stack rules now have safe near-miss examples.
+- Completed preset-kind fixture coverage in v0.1.57 so `default`, `node`, `python`, `web`, `api`, `infra`, `ai`, and `security` now all have plan, command, diff, and final examples.
 - Node, python, and security preset-kind fixture coverage in v0.1.56 so those preset slices now have plan, command, diff, and final examples.
 - Targeted quiet-pass fixture batch in v0.1.55 for noisy high-signal rules, plus quiet-pass evidence in `jester tune` and `npm run fixtures:report`.
 - Fixture coverage report generator in v0.1.54 for rule, preset, review-kind, verdict, and pass-case gaps.
@@ -45,8 +47,8 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 
 ## Product Ideas
 
+- Add quiet-pass boundaries for remaining sparse built-in and structural rules such as `missing-verification-step`, `confidence-theater`, `ts-ignore`, `large-removal`, and `wildcard-file-operation`.
 - Add more framework-specific false-positive examples from real reports so tuning guidance keeps getting sharper.
-- Add preset/kind fixture batches for the remaining web, api, infra, and ai coverage gaps.
 
 ## Quality And Safety
 

package/docs/DEMO.md

@@ -192,8 +192,8 @@ Project config: none loaded
 Fixture tuning evidence:
 Support: limited
 Confidence: medium
-Total fixtures checked: 80
-Weighted fixtures checked: 152.6
+Total fixtures checked: 112
+Weighted fixtures checked: 210.9
 Matching fixtures: 9
 Weighted matches: 19
 Expected-match weight: 16
@@ -202,7 +202,7 @@ Edge-case matches: 0
 Quiet-pass fixtures: 5
 Quiet-pass weight: 3.6
 By kind: command 0, plan 4, diff 4, final 1
-Fixture coverage: 9/80 (12.5% weighted)
+Fixture coverage: 9/112 (9.0% weighted)
 By verdict: pass 0, caution 3, block 6
 Matched fixture samples:
   infra-public-ingress-block: Public ingress should block in low-risk-tolerance infra repos.
@@ -353,7 +353,7 @@ Preset packs:
 
 ## 13. Review Fixtures
 
-The fixture suite in `examples/fixtures/preset-review-cases.json` captures small real-usage examples with expected `pass`, `caution`, or `block` verdicts. It also includes quiet-pass `absentRuleIds` examples that prove noisy rules stay silent for safe near-misses, plus stack-specific coverage for node, python, and security preset surfaces. These examples are run by `npm test`, so preset tuning changes stay visible.
+The fixture suite in `examples/fixtures/preset-review-cases.json` captures small real-usage examples with expected `pass`, `caution`, or `block` verdicts. It also includes quiet-pass `absentRuleIds` examples that prove noisy rules stay silent for safe near-misses, stack-specific coverage for every built-in preset, and quiet-pass boundaries for thin custom/preset rules. These examples are run by `npm test`, so preset tuning changes stay visible.
 
 Maintainers can use `docs/MAINTAINER_TRIAGE.md` to turn useful false-positive reports into redacted fixture cases.
 

package/docs/RELEASE_NOTES_v0.1.57.md

@@ -0,0 +1,48 @@
+# Memento Mori Jester v0.1.57
+
+This release completes the preset-kind fixture grid left after v0.1.56. Every built-in preset now has plan, command, diff, and final review examples in the fixture suite.
+
+## Changes
+
+- Added 10 preset fixtures:
+  - web plan, command, and final cases,
+  - API plan, command, and final cases,
+  - infra plan and final cases,
+  - AI command and final cases.
+- Covered stack-specific rules such as:
+  - `custom-web-unsafe-html-injection`
+  - `custom-web-public-secret-name`
+  - `custom-api-webhook-signature-disabled`
+  - `blocked-command-prisma-migrate-reset-force`
+  - `custom-infra-iam-wildcard-permission`
+  - `custom-ai-public-provider-key`
+  - `custom-ai-evals-skipped`
+- Updated fixture report regression tests so any future preset-kind gap is caught directly.
+- Refreshed demo and fixture docs for the 90-fixture corpus.
+
+## Public Interface Changes
+
+- No CLI command, MCP tool, config schema, GitHub Action, release workflow, rule matching, or verdict behavior changed.
+- Fixture evidence changes are data-only: `jester tune` and `fixtures:report` now have fuller preset-backed examples to report.
+
+## Release Validation
+
+```powershell
+npm.cmd test
+npm.cmd run demo:svg:check
+npm.cmd run fixtures:report
+npm.cmd run fixtures:report -- --json
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js tune risky-domain --no-config
+node .\dist\cli.js tune coverage --no-config
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.57 remaining preset fixture coverage"
+```
+
+## Post-Release Smoke
+
+```powershell
+npm.cmd view memento-mori-jester version --silent
+npx.cmd -y memento-mori-jester@latest doctor --no-config
+npx.cmd -y memento-mori-jester@latest tune coverage --no-config
+```

package/docs/RELEASE_NOTES_v0.1.58.md

@@ -0,0 +1,39 @@
+# Memento Mori Jester v0.1.58
+
+This release adds quiet-pass evidence for thin preset/config-derived rules. The goal is better tuning guidance: maintainers can now see safe near-misses for many custom preset rules, configured sensitive-domain checks, and preset blocked commands instead of only seeing examples where those rules fire.
+
+## Changes
+
+- Added 22 quiet-pass fixtures covering safe near-misses for:
+  - preset blocked commands such as forced npm publish, Terraform destroy, Prisma reset, broad chmod, and break-system pip installs,
+  - configured sensitive-domain checks such as CORS, IAM, postinstall, session, webhook, eval, and public secret wording,
+  - custom stack rules across node, python, web, API, infra, AI, and security presets.
+- Updated fixture-report regression coverage so thin custom/config-derived rules cannot silently return to zero quiet-pass coverage.
+- Refreshed demo and fixture docs for the 112-fixture corpus.
+
+## Public Interface Changes
+
+- No CLI command, MCP tool, config schema, GitHub Action, release workflow, rule matching, or verdict behavior changed.
+- Fixture evidence changes are data-only: `jester tune` and `fixtures:report` now have more safe near-miss evidence to report.
+
+## Release Validation
+
+```powershell
+npm.cmd test
+npm.cmd run demo:svg:check
+npm.cmd run fixtures:report
+npm.cmd run fixtures:report -- --json
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js tune risky-domain --no-config
+node .\dist\cli.js tune coverage --no-config
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.58 quiet-pass precision fixtures"
+```
+
+## Post-Release Smoke
+
+```powershell
+npm.cmd view memento-mori-jester version --silent
+npx.cmd -y memento-mori-jester@latest doctor --no-config
+npx.cmd -y memento-mori-jester@latest tune coverage --no-config
+```

package/examples/fixtures/README.md

@@ -9,11 +9,12 @@ Maintainer triage guidance lives in [docs/MAINTAINER_TRIAGE.md](../../docs/MAINT
 ## What They Cover
 
 - Documentation-only diffs that should stay quiet.
-- Node, Python, and security preset plan/command/diff/final coverage.
+- Plan, command, diff, and final coverage for every built-in preset.
 - Web preset client-exposed key and browser-storage risks.
-- API preset CORS and raw SQL risks.
-- Infra preset public exposure risks.
+- API preset CORS, raw SQL, webhook, and migration-command risks.
+- Infra preset public exposure, IAM wildcard, and destructive command risks.
 - AI preset eval-skipping and model-output execution risks.
+- Quiet-pass boundaries for thin custom, configured sensitive-domain, and preset blocked-command rules.
 - Fixture metadata like `weight` and `edgeCase` to support precision-weighted tuning evidence.
 
 ## Local Check

package/examples/fixtures/preset-review-cases.json

@@ -42,6 +42,45 @@
       "configured-sensitive-domain-session"
     ]
   },
+  {
+    "id": "web-unsafe-html-plan-block",
+    "preset": "web",
+    "kind": "plan",
+    "description": "Unsafe HTML injection planning should cover the web preset plan surface.",
+    "content": "Add dangerouslySetInnerHTML for trusted CMS snippets after running an XSS smoke test.",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-web-unsafe-html-injection",
+      "configured-sensitive-domain-dangerouslysetinnerhtml",
+      "configured-sensitive-domain-innerhtml"
+    ]
+  },
+  {
+    "id": "web-public-secret-command-block",
+    "preset": "web",
+    "kind": "command",
+    "description": "Client-exposed public secret names should also block on command review surfaces.",
+    "content": "echo NEXT_PUBLIC_PAYMENT_SECRET_KEY",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-web-public-secret-name"
+    ]
+  },
+  {
+    "id": "web-final-route-copy-pass",
+    "preset": "web",
+    "kind": "final",
+    "description": "A verified web final answer should give the web preset a quiet final case.",
+    "content": "Updated route copy and ran npm test.",
+    "expectedVerdict": "pass",
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "done-without-evidence"
+    ]
+  },
   {
     "id": "api-docs-only-auth-pass",
     "preset": "api",
@@ -82,6 +121,44 @@
       "custom-api-raw-sql-user-input"
     ]
   },
+  {
+    "id": "api-webhook-signature-plan-block",
+    "preset": "api",
+    "kind": "plan",
+    "description": "Webhook signature bypass planning should cover the API preset plan surface.",
+    "content": "Disable webhook signature verification for the replay endpoint after adding a provider replay smoke test.",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-api-webhook-signature-disabled",
+      "configured-sensitive-domain-webhook"
+    ]
+  },
+  {
+    "id": "api-migrate-reset-command-block",
+    "preset": "api",
+    "kind": "command",
+    "description": "Destructive Prisma reset commands should block through the API preset.",
+    "content": "prisma migrate reset --force",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "blocked-command-prisma-migrate-reset-force"
+    ]
+  },
+  {
+    "id": "api-final-endpoint-notes-pass",
+    "preset": "api",
+    "kind": "final",
+    "description": "A verified API final answer should give the API preset a quiet final case.",
+    "content": "Updated endpoint notes and ran npm test.",
+    "expectedVerdict": "pass",
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "done-without-evidence"
+    ]
+  },
   {
     "id": "infra-public-ingress-block",
     "preset": "infra",
@@ -107,6 +184,32 @@
       "blocked-command-terraform-destroy"
     ]
   },
+  {
+    "id": "infra-iam-wildcard-plan-block",
+    "preset": "infra",
+    "kind": "plan",
+    "description": "IAM wildcard planning should cover the infra preset plan surface.",
+    "content": "Change the IAM policy to allow Action * after reviewing the rollout plan and rollback note.",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-infra-iam-wildcard-permission",
+      "configured-sensitive-domain-iam"
+    ]
+  },
+  {
+    "id": "infra-final-chart-notes-pass",
+    "preset": "infra",
+    "kind": "final",
+    "description": "A verified infra final answer should give the infra preset a quiet final case.",
+    "content": "Updated chart notes and ran npm test.",
+    "expectedVerdict": "pass",
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "done-without-evidence"
+    ]
+  },
   {
     "id": "ai-docs-only-transcript-pass",
     "preset": "ai",
@@ -149,6 +252,31 @@
       "custom-ai-model-output-execution"
     ]
   },
+  {
+    "id": "ai-public-key-command-block",
+    "preset": "ai",
+    "kind": "command",
+    "description": "Client-exposed AI provider key names should also block on command review surfaces.",
+    "content": "echo NEXT_PUBLIC_GEMINI_API_TOKEN",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-ai-public-provider-key"
+    ]
+  },
+  {
+    "id": "ai-evals-skipped-final-block",
+    "preset": "ai",
+    "kind": "final",
+    "description": "Skipping evals in final answers should cover the AI preset final surface.",
+    "content": "Skip evals for the prompt update after manual review.",
+    "expectedVerdict": "block",
+    "weight": 2,
+    "expectedRuleIds": [
+      "custom-ai-evals-skipped",
+      "configured-sensitive-domain-eval"
+    ]
+  },
   {
     "id": "sec-secret-material-openai",
     "preset": "default",
@@ -1011,5 +1139,307 @@
       "risky-domain",
       "done-without-evidence"
     ]
+  },
+  {
+    "id": "sec-chmod-narrow-command-pass",
+    "preset": "security",
+    "kind": "command",
+    "description": "Narrow chmod commands should not trip security preset blocked-command rules.",
+    "content": "chmod -R 755 ./public-assets",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-chmod-r-777",
+      "chmod-777",
+      "configured-sensitive-domain-secrets"
+    ]
+  },
+  {
+    "id": "node-pack-dry-run-command-pass",
+    "preset": "node",
+    "kind": "command",
+    "description": "Package dry runs should not be mistaken for forced npm publishing.",
+    "content": "npm pack --dry-run",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-npm-publish-force",
+      "configured-sensitive-domain-npm-publish"
+    ]
+  },
+  {
+    "id": "python-normal-pip-install-command-pass",
+    "preset": "python",
+    "kind": "command",
+    "description": "Normal pip installs should not trip the break-system-packages command rule.",
+    "content": "pip install django",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-pip-install-break-system-packages"
+    ]
+  },
+  {
+    "id": "api-prisma-status-command-pass",
+    "preset": "api",
+    "kind": "command",
+    "description": "Prisma status checks should not be mistaken for destructive migration resets.",
+    "content": "prisma migrate status",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-prisma-migrate-reset-force"
+    ]
+  },
+  {
+    "id": "infra-harmless-command-pass",
+    "preset": "infra",
+    "kind": "command",
+    "description": "Harmless shell commands in infra repos should not trip destroy-command checks.",
+    "content": "pwd",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "blocked-command-terraform-destroy"
+    ]
+  },
+  {
+    "id": "web-public-nonsecret-command-pass",
+    "preset": "web",
+    "kind": "command",
+    "description": "Public non-secret frontend variable names should not trip secret-name checks.",
+    "content": "echo NEXT_PUBLIC_FEATURE_FLAG",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-public-secret-name"
+    ]
+  },
+  {
+    "id": "ai-public-model-command-pass",
+    "preset": "ai",
+    "kind": "command",
+    "description": "Public non-secret AI model names should not trip provider-key checks.",
+    "content": "echo NEXT_PUBLIC_MODEL_NAME",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-public-provider-key"
+    ]
+  },
+  {
+    "id": "node-posttest-script-diff-pass",
+    "preset": "node",
+    "kind": "diff",
+    "description": "Non-install package lifecycle scripts should not trip node install-script checks.",
+    "content": "diff --git a/package.json b/package.json\n--- a/package.json\n+++ b/package.json\n@@ -3,6 +3,7 @@\n   \"scripts\": {\n+    \"posttest\": \"node scripts/check.js\",\n     \"test\": \"node --test\"\n   }\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "package-install-script",
+      "custom-node-install-script-change",
+      "configured-sensitive-domain-postinstall"
+    ]
+  },
+  {
+    "id": "node-development-env-plan-pass",
+    "preset": "node",
+    "kind": "plan",
+    "description": "Development-mode Node plans should not trip production-mode checks.",
+    "content": "Run NODE_ENV=development for the local smoke test.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-node-env-production-change",
+      "configured-sensitive-domain-production"
+    ]
+  },
+  {
+    "id": "python-json-loader-plan-pass",
+    "preset": "python",
+    "kind": "plan",
+    "description": "JSON loader plans should not be mistaken for Python pickle deserialization.",
+    "content": "Use json.loads for fixture data after running pytest.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-python-pickle-load"
+    ]
+  },
+  {
+    "id": "python-literal-eval-diff-pass",
+    "preset": "python",
+    "kind": "diff",
+    "description": "Python literal_eval usage should not be mistaken for raw eval execution.",
+    "content": "diff --git a/src/loader.py b/src/loader.py\n--- a/src/loader.py\n+++ b/src/loader.py\n@@ -1 +1,2 @@\n+value = ast.literal_eval(raw_value)\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-python-eval-exec"
+    ]
+  },
+  {
+    "id": "web-safe-render-plan-pass",
+    "preset": "web",
+    "kind": "plan",
+    "description": "Plain-text rendering plans should not trip web HTML injection checks.",
+    "content": "Render CMS snippets as plain text after an XSS smoke test.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-unsafe-html-injection",
+      "configured-sensitive-domain-dangerouslysetinnerhtml",
+      "configured-sensitive-domain-innerhtml"
+    ]
+  },
+  {
+    "id": "web-theme-storage-diff-pass",
+    "preset": "web",
+    "kind": "diff",
+    "description": "Non-sensitive browser preference storage should not trip token-storage checks.",
+    "content": "diff --git a/src/preferences.ts b/src/preferences.ts\n--- a/src/preferences.ts\n+++ b/src/preferences.ts\n@@ -1 +1,2 @@\n+localStorage.setItem(\"theme\", theme);\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-web-storage-sensitive-value",
+      "configured-sensitive-domain-session"
+    ]
+  },
+  {
+    "id": "api-origin-header-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Specific API origin headers should not trip wildcard-origin checks.",
+    "content": "diff --git a/src/headers.ts b/src/headers.ts\n--- a/src/headers.ts\n+++ b/src/headers.ts\n@@ -1 +1,2 @@\n+response.setHeader(\"Access-Control-Allow-Origin\", trustedOrigin);\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-broad-cors",
+      "configured-sensitive-domain-cors"
+    ]
+  },
+  {
+    "id": "sec-origin-header-pass",
+    "preset": "security",
+    "kind": "diff",
+    "description": "Specific security origin headers should not trip wildcard-origin checks.",
+    "content": "diff --git a/src/headers.ts b/src/headers.ts\n--- a/src/headers.ts\n+++ b/src/headers.ts\n@@ -1 +1,2 @@\n+response.setHeader(\"Access-Control-Allow-Origin\", trustedOrigin);\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-broad-cors",
+      "configured-sensitive-domain-cors"
+    ]
+  },
+  {
+    "id": "api-parameterized-query-diff-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Parameterized API queries should not trip raw user-input SQL checks.",
+    "content": "diff --git a/src/users.ts b/src/users.ts\n--- a/src/users.ts\n+++ b/src/users.ts\n@@ -1 +1,2 @@\n+db.query(\"select * from users where id = $1\", [validatedId]);\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-raw-sql-user-input"
+    ]
+  },
+  {
+    "id": "api-webhook-docs-pass",
+    "preset": "api",
+    "kind": "diff",
+    "description": "Docs about verifying webhook signatures should not trip disabled-webhook checks.",
+    "content": "diff --git a/docs/API.md b/docs/API.md\n--- a/docs/API.md\n+++ b/docs/API.md\n@@ -1 +1,2 @@\n+Document verifying webhook signatures before parsing provider events.\n",
+    "expectedVerdict": "pass",
+    "edgeCase": true,
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-api-webhook-signature-disabled",
+      "configured-sensitive-domain-webhook"
+    ]
+  },
+  {
+    "id": "infra-iam-docs-pass",
+    "preset": "infra",
+    "kind": "diff",
+    "description": "Docs about narrowing IAM policies should not trip wildcard-permission checks.",
+    "content": "diff --git a/docs/INFRA.md b/docs/INFRA.md\n--- a/docs/INFRA.md\n+++ b/docs/INFRA.md\n@@ -1 +1,2 @@\n+Document narrowing IAM policies to named actions and resources.\n",
+    "expectedVerdict": "pass",
+    "edgeCase": true,
+    "weight": 1,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-infra-iam-wildcard-permission",
+      "configured-sensitive-domain-iam"
+    ]
+  },
+  {
+    "id": "infra-private-network-diff-pass",
+    "preset": "infra",
+    "kind": "diff",
+    "description": "Private network ranges should not trip public exposure checks.",
+    "content": "diff --git a/infra/network.tf b/infra/network.tf\n--- a/infra/network.tf\n+++ b/infra/network.tf\n@@ -1 +1,2 @@\n+cidr_blocks = [\"10.0.0.0/8\"]\n",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-infra-public-exposure"
+    ]
+  },
+  {
+    "id": "ai-schema-output-plan-pass",
+    "preset": "ai",
+    "kind": "plan",
+    "description": "Schema parsing plans should not trip model-output execution checks.",
+    "content": "Parse modelOutputJson into a schema before using it.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-model-output-execution"
+    ]
+  },
+  {
+    "id": "ai-model-checks-final-pass",
+    "preset": "ai",
+    "kind": "final",
+    "description": "Running model checks should not trip AI eval-skipping checks.",
+    "content": "Ran model checks for the prompt update.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-ai-evals-skipped",
+      "configured-sensitive-domain-eval"
+    ]
+  },
+  {
+    "id": "sec-tls-verification-plan-pass",
+    "preset": "security",
+    "kind": "plan",
+    "description": "Keeping TLS verification enabled should not trip insecure-TLS checks.",
+    "content": "Keep TLS verification on while testing the certificate fixture.",
+    "expectedVerdict": "pass",
+    "weight": 2,
+    "expectedRuleIds": [],
+    "absentRuleIds": [
+      "custom-insecure-tls-disabled"
+    ]
   }
 ]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "memento-mori-jester",
-  "version": "0.1.56",
+  "version": "0.1.58",
   "description": "A local court-jester sidecar for AI coding agents: review plans, commands, diffs, and final claims before they get too pleased with themselves.",
   "type": "module",
   "repository": {