memento-mori-jester 0.1.88 → 0.1.89

package/CHANGELOG.md

@@ -4,6 +4,12 @@ All notable changes to Memento Mori Jester are tracked here.
 
 ## Unreleased
 
+## 0.1.89
+
+- Added a report-gallery feedback issue template for public-safe reports about confusing or stale checked examples, and strengthened false-positive reports with version and redacted `doctor --json` prompts.
+- Added `examples/reports/feedback-template.md` and `npm run support:check` so adopter feedback requests stay redacted, useful, and aligned with the gallery.
+- Updated README, report docs, maintainer triage docs, release docs, production-readiness docs, roadmap, and release notes for the support path.
+
 ## 0.1.88
 
 - Added `examples/reports`, a small checked report gallery for fresh `doctor`, destructive-command `summary`, and full blocked-command review output.

package/README.md

@@ -74,6 +74,8 @@ Maintainers can prove that fresh-project path with [examples/consumer-quickstart
 
 For trust-building output examples, see [examples/reports](examples/reports). `npm run reports:check` installs the package into a temporary project and proves the gallery's `doctor`, `summary`, and blocked-command reports stay current.
 
+If one of those reports is confusing or stale, use the public-safe [report gallery feedback template](examples/reports/feedback-template.md). It asks for version, nearest gallery example, sanitized command/output summaries, and redacted diagnostics without private repo code or secrets.
+
 Expected vibe:
 
 ```text
@@ -445,6 +447,7 @@ More setup examples:
 - [Adoption Smoke CI](examples/ci/adoption-smoke.yml)
 - [Consumer Quickstart Smoke](examples/consumer-quickstart)
 - [Real-World Report Gallery](examples/reports)
+- [Report Gallery Feedback Template](examples/reports/feedback-template.md)
 - [Security Policy](SECURITY.md)
 - [Maintainer Triage](docs/MAINTAINER_TRIAGE.md)
 - [Changelog](CHANGELOG.md)
@@ -465,6 +468,7 @@ Framework CI examples:
 - [Adoption Smoke CI](examples/ci/adoption-smoke.yml)
 - [Consumer Quickstart Smoke](examples/consumer-quickstart)
 - [Real-World Report Gallery](examples/reports)
+- [Report Gallery Feedback Template](examples/reports/feedback-template.md)
 - [Next.js CI](examples/ci/nextjs.yml)
 - [Vite React CI](examples/ci/vite-react.yml)
 - [Express API CI](examples/ci/express-api.yml)
@@ -521,6 +525,7 @@ Maintainers can use [docs/MAINTAINER_TRIAGE.md](docs/MAINTAINER_TRIAGE.md) to tu
 Run `npm run fixtures:check` before merging fixture changes; it catches duplicate IDs, missing rule metadata, weak descriptions, unsafe-looking content, and duplicate content.
 Run `npm run fixtures:report` to see fixture coverage by rule, rule family, preset slice, kind, verdict, quiet-pass boundaries, feasible pass-case gaps, and curation-next guidance before choosing the next fixture. Use `npm run fixtures:report -- --markdown` when you want a paste-ready summary for release notes or GitHub issues.
 Run `npm run reports:check` after editing [examples/reports](examples/reports); it verifies the public report gallery against an installed package in a temporary consumer project.
+Run `npm run support:check` after editing issue templates, support docs, or the report gallery feedback path; it verifies the public report template asks for useful redacted context without inviting secrets or private code.
 Run `npm run promo:card` to regenerate the repo-local social preview card after changing its copy or design.
 Run `npm run promo:check` after editing promo assets; it checks the current demo video, stills, docs, and fixture evidence numbers stay in sync.
 Run `npm run site:check` after editing the repo-local landing page; it verifies the start command, demo links, social card, repo, release, and npm links.

package/ROADMAP.md

@@ -6,6 +6,7 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 
 ## Recently Shipped
 
+- Checked adopter feedback path in v0.1.89, adding a report-gallery issue template, package-shipped feedback template, and support triage guard.
 - Checked report gallery in v0.1.88, proving fresh `doctor`, destructive-command `summary`, and blocked-command reports from an installed consumer project.
 - Consumer quickstart registry-mode fix in v0.1.87, proving the same smoke against `memento-mori-jester@latest` after publish.
 - Consumer quickstart smoke in v0.1.86, proving the first installed-project commands from a minimal repo before release.
@@ -78,7 +79,7 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 ## Product Ideas
 
 - Collect real-world reports and fold the strongest redacted cases into more framework tuning cookbook recipes.
-- Add a small fixture issue template checklist that asks for the nearest framework tuning cookbook recipe and redacted `jester tune <rule-id> --json` output.
+- Turn repeated report-gallery feedback into clearer gallery examples or redacted fixtures.
 - Add a hosted-page option or GitHub Pages instructions once the static page has settled.
 
 ## Quality And Safety

package/docs/MAINTAINER_TRIAGE.md

@@ -19,6 +19,8 @@ npx -y memento-mori-jester@latest tune <rule-id> --json
 
 For users who just need to understand what a healthy report looks like, point them at the checked [report gallery](../examples/reports). Maintainers can run `npm run reports:check` to prove those examples still match the current package output.
 
+For users who say a gallery report is confusing, stale, or hard to compare with their local output, point them at [examples/reports/feedback-template.md](../examples/reports/feedback-template.md) or the GitHub [report gallery feedback issue template](../.github/ISSUE_TEMPLATE/report_gallery_feedback.yml). It asks for the nearest checked example, sanitized command and output summaries, version, and redacted diagnostics without asking for private code.
+
 Do not ask users to paste secrets, private code, customer data, live credentials, complete CI logs, or unredacted SARIF. If the report involves credential exposure, command execution, unexpected network access, private code disclosure, package publishing, or MCP data exposure, route it through [SECURITY.md](../SECURITY.md).
 
 ## Triage Labels
@@ -46,6 +48,22 @@ Use a small, boring label vocabulary:
 
 If the user has a safe example that should pass, prefer adding a pass or quiet-pass fixture before loosening a rule. If the example should still caution but the wording is confusing, update the rule guidance or docs instead of changing matching behavior.
 
+## Report Gallery Feedback
+
+Use report-gallery feedback when the issue is about understanding installed-package output, not changing a rule. Good outcomes are:
+
+- a clearer gallery explanation,
+- a new stable output fragment in `report-gallery.json`,
+- a small docs update,
+- or a redacted fixture only if the report exposes a reusable rule boundary.
+
+After editing report support docs or issue templates, run:
+
+```powershell
+npm.cmd run support:check
+npm.cmd run reports:check
+```
+
 ## Converting Reports Into Fixtures
 
 Add a fixture when the report is minimal, redacted, realistic, and captures a rule behavior worth preserving.

package/docs/PRODUCTION_READINESS.md

@@ -46,7 +46,7 @@ This checklist defines what "production grade" means for Memento Mori Jester rig
 
 - `README.md` leads with a no-write first run, project bootstrap, agent setup, and optional hooks/CI.
 - `docs/GETTING_STARTED.md`, `docs/CLI.md`, `docs/RELEASE.md`, and `docs/TRUSTED_PUBLISHING.md` cover the core adoption and release paths.
-- `examples/reports` provides checked, public-safe report examples for fresh install diagnostics, summary output, and blocked command reviews.
+- `examples/reports` provides checked, public-safe report examples for fresh install diagnostics, summary output, blocked command reviews, and report-gallery feedback.
 - `site/index.html` gives maintainers a static one-page share surface that reuses the demo, social card, start command, and public links.
 - Every public release has matching `CHANGELOG.md` notes and `docs/RELEASE_NOTES_vX.Y.Z.md`.
 
@@ -56,7 +56,7 @@ This checklist defines what "production grade" means for Memento Mori Jester rig
 - `jester doctor --json`, `jester config validate`, and `jester rules` are the first troubleshooting commands.
 - `jester tune`, `jester tune coverage`, and the fixture suite give maintainers a way to inspect noisy rules before changing defaults.
 - [FRAMEWORK_TUNING.md](FRAMEWORK_TUNING.md) maps common stack-specific false-positive reports to the relevant `jester tune <rule-id>` evidence and fixture IDs, while [examples/tuning](../examples/tuning) provides checked copy-paste recipes.
-- GitHub issue templates collect bug reports, false-positive reports, and feature requests with the diagnostic context maintainers need.
+- GitHub issue templates collect bug reports, false-positive reports, report-gallery feedback, and feature requests with the diagnostic context maintainers need.
 - `SECURITY.md` routes vulnerability reports away from public issues and asks for redacted diagnostics.
 - `docs/MAINTAINER_TRIAGE.md` explains how to turn useful false-positive reports into fixture coverage before changing rule logic.
 - `npm run fixtures:check` validates fixture IDs, metadata, unsafe-looking content, duplicate content, and explicit expected/absent rule intent.
@@ -65,6 +65,7 @@ This checklist defines what "production grade" means for Memento Mori Jester rig
 - `npm run framework:tuning:doctor` runs the cookbook tune commands through the built CLI with temporary preset configs, so package consumers do not inherit stale recipes.
 - `npm run consumer:quickstart:check` installs the package into a temporary minimal project and runs `doctor`, `summary`, and packaged framework tuning checks from that consumer side.
 - `npm run reports:check` installs the package into a temporary minimal project and runs the report gallery's `doctor`, `summary`, and blocked-command examples through that consumer side.
+- `npm run support:check` verifies issue templates, support docs, and the report gallery feedback template stay public-safe and ask for useful redacted context.
 - `npm run promo:card` regenerates the deterministic social preview card, and `npm run promo:check` verifies current repo-local promo assets against the current fixture evidence before maintainers post or refresh the demo.
 - `npm run site:check` verifies the static landing page before maintainers post or host it.
 - npm publish has a manual workflow fallback, but the normal release path is tag-driven trusted publishing.
@@ -87,6 +88,7 @@ This checklist defines what "production grade" means for Memento Mori Jester rig
 - CI adoption example checks are wired into `npm test`.
 - consumer quickstart smoke checks are wired into `npm test`.
 - report gallery checks are wired into `npm test`.
+- support triage checks are wired into `npm test`.
 - promo freshness checks are wired into `npm test`.
 - site checks are wired into `npm test`.
 
@@ -95,4 +97,4 @@ This checklist defines what "production grade" means for Memento Mori Jester rig
 ## Known Next Gaps
 
 - Continue expanding real-world preset fixtures and false-positive examples so tuning remains evidence-based.
-- Add more framework-specific false-positive examples as people report real noisy cases.
+- Fold the strongest redacted support reports into fixture or report-gallery updates.

package/docs/RELEASE.md

@@ -17,6 +17,7 @@ npm.cmd run framework:tuning:doctor
 npm.cmd run ci:adoption:check
 npm.cmd run consumer:quickstart:check
 npm.cmd run reports:check
+npm.cmd run support:check
 npm.cmd run promo:card:check
 npm.cmd run promo:check
 npm.cmd run site:check
@@ -29,7 +30,7 @@ Move the current changelog bullets into a matching version section and add `docs
 ## 2. Tag And Push
 
 ```powershell
-git add package.json package-lock.json CHANGELOG.md docs/RELEASE_NOTES_v0.1.x.md docs/PRODUCTION_READINESS.md docs/MAINTAINER_TRIAGE.md docs/FRAMEWORK_TUNING.md docs/GITHUB_ACTIONS.md examples/ci examples/consumer-quickstart examples/reports examples/tuning scripts/check-ci-adoption.mjs scripts/check-consumer-quickstart.mjs scripts/check-report-gallery.mjs scripts/check-framework-tuning.mjs scripts/doctor-framework-tuning.mjs SECURITY.md .github/ISSUE_TEMPLATE
+git add package.json package-lock.json CHANGELOG.md docs/RELEASE_NOTES_v0.1.x.md docs/PRODUCTION_READINESS.md docs/MAINTAINER_TRIAGE.md docs/FRAMEWORK_TUNING.md docs/GITHUB_ACTIONS.md examples/ci examples/consumer-quickstart examples/reports examples/tuning scripts/check-ci-adoption.mjs scripts/check-consumer-quickstart.mjs scripts/check-report-gallery.mjs scripts/check-support-triage.mjs scripts/check-framework-tuning.mjs scripts/doctor-framework-tuning.mjs SECURITY.md .github/ISSUE_TEMPLATE
 git commit -m "Release v0.1.x"
 git tag -a v0.1.x -m "Memento Mori Jester v0.1.x"
 git push origin main
@@ -87,6 +88,7 @@ npx.cmd -y memento-mori-jester@latest config init --preset security --path jeste
 npx.cmd -y memento-mori-jester@latest config validate --config jester-security.config.json
 npm.cmd run consumer:quickstart:check -- --package memento-mori-jester@latest
 npm.cmd run reports:check -- --package memento-mori-jester@latest
+npm.cmd run support:check
 ```
 
 ## 4. MCP Copy-Paste

package/docs/RELEASE_NOTES_v0.1.89.md

@@ -0,0 +1,60 @@
+# Memento Mori Jester v0.1.89
+
+## Summary
+
+This release adds a checked adopter feedback path for real-world report-gallery results. The goal is to make support reports easier to act on without asking users to paste secrets, private code, customer data, full CI logs, or private paths.
+
+## What Changed
+
+- Added `.github/ISSUE_TEMPLATE/report_gallery_feedback.yml`.
+- Strengthened `.github/ISSUE_TEMPLATE/false_positive.yml` with package version and optional redacted `doctor --json` fields.
+- Added `examples/reports/feedback-template.md`.
+- Added `scripts/check-support-triage.mjs`.
+- Added `npm run support:check` and wired it into `npm test`.
+- Updated README, report gallery docs, maintainer triage docs, release docs, production-readiness docs, roadmap, and changelog.
+
+## Public Interface
+
+- No CLI command changes.
+- No MCP tool changes.
+- No config schema changes.
+- No review rule, scoring, matching, or verdict behavior changes.
+- No GitHub Action input changes.
+- New maintainer/package script: `npm run support:check`.
+- New public support path: report-gallery feedback template and issue form.
+
+## Release Validation
+
+```powershell
+npm.cmd test
+npm.cmd run support:check
+npm.cmd run reports:check
+npm.cmd run demo:svg:check
+npm.cmd run promo:card:check
+npm.cmd run promo:check
+npm.cmd run fixtures:report
+npm.cmd run fixtures:report -- --json
+npm.cmd run fixtures:report -- --markdown
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js doctor
+node .\dist\cli.js summary --kind command "git reset --hard"
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.89 checked support triage"
+```
+
+Expected:
+
+- `support:check` verifies report-gallery feedback docs, issue templates, and privacy prompts.
+- `reports:check` still verifies the installed-package report gallery.
+- fixture report still shows `Fixtures: 222`.
+- GitHub Release and npm Publish complete from the `v0.1.89` tag.
+
+After publish:
+
+```powershell
+npm.cmd view memento-mori-jester version --silent
+npx.cmd -y memento-mori-jester@latest doctor
+npx.cmd -y memento-mori-jester@latest summary --kind command "git reset --hard"
+npm.cmd run support:check
+npm.cmd run reports:check -- --package memento-mori-jester@latest
+```

package/examples/reports/README.md

@@ -23,3 +23,15 @@ npm run reports:check -- --package memento-mori-jester@latest
 ```
 
 When turning a real issue into a gallery entry, keep the example minimal and redacted. If the report needs private context, route it through [SECURITY.md](../../SECURITY.md) or keep it out of the public repo.
+
+## Reporting Surprising Output
+
+If a report-gallery example is confusing, stale, or does not match what you see from `memento-mori-jester@latest`, use the public-safe [feedback template](feedback-template.md) or the GitHub [report gallery feedback issue template](../../.github/ISSUE_TEMPLATE/report_gallery_feedback.yml).
+
+The useful public details are the package version, nearest gallery example, a sanitized command summary, a few relevant output lines, and redacted `doctor --json` output. Do not paste secrets, private repository code, customer data, full CI logs, unredacted SARIF, or private paths.
+
+Maintainers can keep this support path aligned with:
+
+```powershell
+npm run support:check
+```

package/examples/reports/feedback-template.md

@@ -0,0 +1,54 @@
+# Report Gallery Feedback Template
+
+Use this template when a report-gallery example is confusing, stale, or missing context. Keep reports public-safe and minimal so maintainers can turn useful feedback into docs, fixtures, or a narrow code change.
+
+The checked examples are:
+
+- `fresh-install-doctor`
+- `destructive-command-summary`
+- `blocked-command-review`
+
+## Commands To Run
+
+```powershell
+npx -y memento-mori-jester@latest doctor --json
+npx -y memento-mori-jester@latest summary --kind command "git reset --hard"
+```
+
+For false-positive or noisy-rule reports, also run:
+
+```powershell
+npx -y memento-mori-jester@latest tune <rule-id> --json
+```
+
+## Public Issue Draft
+
+```text
+Jester version:
+Install method: npx / global / local checkout / GitHub Action / git hook
+Nearest report-gallery example: fresh-install-doctor / destructive-command-summary / blocked-command-review / none
+
+Sanitized command or workflow step:
+
+Sanitized output summary:
+
+Expected behavior or clearer wording:
+
+Relevant redacted doctor --json fields:
+
+Relevant redacted tune output, if this is a noisy rule:
+
+```
+
+## Privacy Checklist
+
+- Do not include secrets, tokens, private keys, customer data, or private repository code.
+- Do not include full CI logs, unredacted SARIF, live credentials, or exploitable security details.
+- Replace private paths and names with placeholders such as `<repo>`, `<path>`, `<service>`, or `<redacted>`.
+- If the report involves credential exposure, command execution risk, package publishing, MCP data exposure, or private code disclosure, use [SECURITY.md](../../SECURITY.md) instead of a public issue.
+
+Maintainers can validate this support path with:
+
+```powershell
+npm run support:check
+```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "memento-mori-jester",
-  "version": "0.1.88",
+  "version": "0.1.89",
   "description": "A local court-jester sidecar for AI coding agents: review plans, commands, diffs, and final claims before they get too pleased with themselves.",
   "type": "module",
   "repository": {
@@ -40,7 +40,7 @@
     "build": "tsc -p tsconfig.json",
     "start": "node dist/server.js",
     "start:mcp": "node dist/server.js",
-    "test": "npm run build && node scripts/run-tests.mjs && npm run fixtures:check && npm run fixtures:report && npm run framework:tuning:check && npm run framework:tuning:doctor && npm run ci:adoption:check && npm run consumer:quickstart:check && npm run reports:check && npm run promo:check && npm run site:check && npm run production:check",
+    "test": "npm run build && node scripts/run-tests.mjs && npm run fixtures:check && npm run fixtures:report && npm run framework:tuning:check && npm run framework:tuning:doctor && npm run ci:adoption:check && npm run consumer:quickstart:check && npm run reports:check && npm run support:check && npm run promo:check && npm run site:check && npm run production:check",
     "doctor": "node dist/cli.js doctor",
     "demo:svg": "node scripts/render-demo-svg.mjs",
     "demo:svg:check": "node scripts/render-demo-svg.mjs --check",
@@ -51,6 +51,7 @@
     "ci:adoption:check": "node scripts/check-ci-adoption.mjs",
     "consumer:quickstart:check": "node scripts/check-consumer-quickstart.mjs",
     "reports:check": "node scripts/check-report-gallery.mjs",
+    "support:check": "node scripts/check-support-triage.mjs",
     "promo:card": "node scripts/render-social-card.mjs",
     "promo:card:check": "node scripts/render-social-card.mjs --check",
     "promo:check": "node scripts/check-promo-freshness.mjs",

package/scripts/check-production-readiness.mjs

@@ -73,10 +73,12 @@ for (const path of [
   "scripts/check-ci-adoption.mjs",
   "scripts/check-consumer-quickstart.mjs",
   "scripts/check-report-gallery.mjs",
+  "scripts/check-support-triage.mjs",
   "scripts/check-fixtures.mjs",
   "scripts/report-fixtures.mjs",
   ".github/ISSUE_TEMPLATE/bug_report.yml",
   ".github/ISSUE_TEMPLATE/false_positive.yml",
+  ".github/ISSUE_TEMPLATE/report_gallery_feedback.yml",
   ".github/ISSUE_TEMPLATE/feature_request.yml",
   ".github/ISSUE_TEMPLATE/config.yml",
   ".github/workflows/ci.yml",
@@ -89,6 +91,7 @@ for (const path of [
   "examples/consumer-quickstart/README.md",
   "examples/consumer-quickstart/package.json",
   "examples/reports/README.md",
+  "examples/reports/feedback-template.md",
   "examples/reports/report-gallery.json",
   "examples/presets/README.md",
   "examples/tuning/README.md",
@@ -117,6 +120,8 @@ requireText("README.md", /examples\/tuning/, "framework tuning cookbook link");
 requireText("README.md", /adoption-smoke\.yml/, "adoption smoke CI link");
 requireText("README.md", /consumer-quickstart/, "consumer quickstart smoke link");
 requireText("README.md", /examples\/reports/, "report gallery link");
+requireText("README.md", /feedback-template\.md/, "report gallery feedback template link");
+requireText("README.md", /report gallery feedback/i, "report gallery feedback guidance");
 requireText("README.md", /License: PolyForm Noncommercial/, "the noncommercial license badge");
 requireText("docs/PRODUCTION_READINESS.md", /npm package/i, "npm package readiness");
 requireText("docs/PRODUCTION_READINESS.md", /GitHub Action/i, "GitHub Action readiness");
@@ -135,6 +140,7 @@ requireText("docs/PRODUCTION_READINESS.md", /framework:tuning:doctor/, "framewor
 requireText("docs/PRODUCTION_READINESS.md", /adoption-smoke\.yml/, "adoption smoke CI readiness");
 requireText("docs/PRODUCTION_READINESS.md", /consumer:quickstart:check/, "consumer quickstart smoke readiness");
 requireText("docs/PRODUCTION_READINESS.md", /reports:check/, "report gallery readiness");
+requireText("docs/PRODUCTION_READINESS.md", /support:check/, "support triage readiness");
 requireText("docs/PRODUCTION_READINESS.md", /quiet-pass/, "quiet-pass fixture readiness");
 requireText("docs/CLI.md", /jester doctor --json/, "doctor JSON CLI docs");
 requireText("docs/CLI.md", /quiet-pass fixture/, "quiet-pass fixture CLI docs");
@@ -156,6 +162,9 @@ requireText("docs/MAINTAINER_TRIAGE.md", /tune <rule-id> --json/, "tune JSON tri
 requireText("docs/MAINTAINER_TRIAGE.md", /preset-review-cases\.json/, "fixture suite link");
 requireText("docs/MAINTAINER_TRIAGE.md", /expectedRuleIds/, "fixture expected rule guidance");
 requireText("docs/MAINTAINER_TRIAGE.md", /absentRuleIds/, "fixture absent rule guidance");
+requireText("docs/MAINTAINER_TRIAGE.md", /feedback-template\.md/, "report gallery feedback template link");
+requireText("docs/MAINTAINER_TRIAGE.md", /report_gallery_feedback\.yml/, "report gallery issue template link");
+requireText("docs/MAINTAINER_TRIAGE.md", /support:check/, "support triage check guidance");
 requireText("examples/fixtures/README.md", /MAINTAINER_TRIAGE\.md/, "maintainer triage link");
 requireText("examples/fixtures/README.md", /Adding A Fixture From A Report/, "fixture report conversion guidance");
 requireText("examples/fixtures/README.md", /fixtures:check/, "fixture authoring check guidance");
@@ -170,10 +179,18 @@ requireText("examples/consumer-quickstart/README.md", /npm run consumer:quicksta
 requireText("examples/consumer-quickstart/package.json", /jester:summary/, "consumer quickstart summary script");
 requireText("examples/consumer-quickstart/package.json", /framework:tuning:doctor/, "consumer quickstart tuning doctor script");
 requireText("examples/reports/README.md", /report-gallery\.json/, "report gallery JSON link");
+requireText("examples/reports/README.md", /feedback-template\.md/, "report gallery feedback template link");
+requireText("examples/reports/README.md", /report_gallery_feedback\.yml/, "report gallery issue template link");
 requireText("examples/reports/README.md", /npm run reports:check/, "report gallery check command");
+requireText("examples/reports/README.md", /npm run support:check/, "support triage check command");
 requireText("examples/reports/report-gallery.json", /fresh-install-doctor/, "fresh install doctor report");
 requireText("examples/reports/report-gallery.json", /destructive-command-summary/, "destructive command summary report");
 requireText("examples/reports/report-gallery.json", /blocked-command-review/, "blocked command review report");
+requireText("examples/reports/feedback-template.md", /doctor --json/, "feedback template doctor diagnostics");
+requireText("examples/reports/feedback-template.md", /summary --kind command "git reset --hard"/, "feedback template summary diagnostics");
+requireText("examples/reports/feedback-template.md", /tune <rule-id> --json/, "feedback template tune diagnostics");
+requireText("examples/reports/feedback-template.md", /Privacy Checklist/, "feedback template privacy checklist");
+requireText("examples/reports/feedback-template.md", /SECURITY\.md/, "feedback template security redirect");
 requireText("examples/tuning/README.md", /framework-tuning-cookbook\.json/, "framework tuning cookbook JSON link");
 requireText("examples/tuning/README.md", /framework:tuning:doctor/, "framework tuning doctor guidance");
 requireText("examples/tuning/README.md", /jester tune <rule-id> --json|jester tune [a-z0-9-]+ --json/, "framework tuning command guidance");
@@ -204,6 +221,9 @@ requireText("scripts/check-consumer-quickstart.mjs", /framework:tuning:doctor/,
 requireText("scripts/check-report-gallery.mjs", /report-gallery\.json/, "report gallery checker target");
 requireText("scripts/check-report-gallery.mjs", /memento-mori-jester@latest/, "report gallery registry verification option");
 requireText("scripts/check-report-gallery.mjs", /destructive-command-summary/, "report gallery summary guard");
+requireText("scripts/check-support-triage.mjs", /report_gallery_feedback\.yml/, "support triage issue template guard");
+requireText("scripts/check-support-triage.mjs", /feedback-template\.md/, "support triage feedback template guard");
+requireText("scripts/check-support-triage.mjs", /unsafeContentPatterns/, "support triage unsafe content checks");
 requireText("package.json", /"fixtures:check": "node scripts\/check-fixtures\.mjs"/, "fixture authoring check script");
 requireText("package.json", /"fixtures:report": "node scripts\/report-fixtures\.mjs"/, "fixture coverage report script");
 requireText("package.json", /"framework:tuning:check": "node scripts\/check-framework-tuning\.mjs"/, "framework tuning cookbook check script");
@@ -211,6 +231,7 @@ requireText("package.json", /"framework:tuning:doctor": "node scripts\/doctor-fr
 requireText("package.json", /"ci:adoption:check": "node scripts\/check-ci-adoption\.mjs"/, "CI adoption check script");
 requireText("package.json", /"consumer:quickstart:check": "node scripts\/check-consumer-quickstart\.mjs"/, "consumer quickstart check script");
 requireText("package.json", /"reports:check": "node scripts\/check-report-gallery\.mjs"/, "report gallery check script");
+requireText("package.json", /"support:check": "node scripts\/check-support-triage\.mjs"/, "support triage check script");
 requireText("package.json", /"promo:card": "node scripts\/render-social-card\.mjs"/, "social card render script");
 requireText("package.json", /"promo:card:check": "node scripts\/render-social-card\.mjs --check"/, "social card stale check script");
 requireText("package.json", /"promo:check": "node scripts\/check-promo-freshness\.mjs"/, "promo freshness check script");
@@ -222,6 +243,7 @@ requireText("package.json", /npm run framework:tuning:doctor/, "framework tuning
 requireText("package.json", /npm run ci:adoption:check/, "CI adoption check in npm test");
 requireText("package.json", /npm run consumer:quickstart:check/, "consumer quickstart check in npm test");
 requireText("package.json", /npm run reports:check/, "report gallery check in npm test");
+requireText("package.json", /npm run support:check/, "support triage check in npm test");
 requireText("package.json", /npm run promo:check/, "promo freshness check in npm test");
 requireText("package.json", /npm run site:check/, "site check in npm test");
 requireText("scripts/check-promo-freshness.mjs", /--require-package-version/, "optional strict package-version promo check");
@@ -235,6 +257,13 @@ requireText(".github/ISSUE_TEMPLATE/bug_report.yml", /doctor --json/, "doctor JS
 requireText(".github/ISSUE_TEMPLATE/bug_report.yml", /SECURITY\.md|security policy/i, "security redirect");
 requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /jester tune <rule-id> --json/, "tune JSON prompt");
 requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /false-positive|noisy rule/i, "false-positive scope");
+requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /Jester version/, "false-positive version prompt");
+requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /doctor --json/, "false-positive doctor diagnostics");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /doctor --json/, "doctor JSON report gallery prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /summary --kind command "git reset --hard"/, "summary report gallery prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /Sanitized command summary/, "sanitized command report gallery prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /Sanitized output summary/, "sanitized output report gallery prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /SECURITY\.md/, "report gallery security redirect");
 requireText(".github/ISSUE_TEMPLATE/feature_request.yml", /local-first and deterministic/, "project constraint prompt");
 requireText(".github/ISSUE_TEMPLATE/config.yml", /security\/advisories\/new/, "security contact link");
 

package/scripts/check-support-triage.mjs

@@ -0,0 +1,114 @@
+#!/usr/bin/env node
+import { existsSync, readFileSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+
+const scriptDir = dirname(fileURLToPath(import.meta.url));
+const root = join(scriptDir, "..");
+const failures = [];
+
+const unsafeContentPatterns = [
+  { name: "private key block", pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----/ },
+  { name: "OpenAI-looking secret key", pattern: /\bsk-(?:proj-)?[A-Za-z0-9_-]{20,}\b/ },
+  { name: "Anthropic-looking secret key", pattern: /\bsk-ant-[A-Za-z0-9_-]{20,}\b/ },
+  { name: "GitHub-looking token", pattern: /\bgh[pousr]_[A-Za-z0-9_]{20,}\b/ },
+  { name: "AWS access key id", pattern: /\bAKIA[0-9A-Z]{16}\b/ },
+  { name: "Slack-looking token", pattern: /\bxox[baprs]-[A-Za-z0-9-]{20,}\b/ },
+  { name: "absolute Unix home path", pattern: /(?:^|[\s"'`])\/(?:Users|home)\/[A-Za-z0-9._-]+/ },
+  { name: "absolute Windows user path", pattern: /[A-Za-z]:\\Users\\[A-Za-z0-9._-]+\\/ }
+];
+
+const supportFiles = [
+  ".github/ISSUE_TEMPLATE/report_gallery_feedback.yml",
+  ".github/ISSUE_TEMPLATE/bug_report.yml",
+  ".github/ISSUE_TEMPLATE/false_positive.yml",
+  ".github/ISSUE_TEMPLATE/config.yml",
+  "examples/reports/feedback-template.md",
+  "examples/reports/README.md",
+  "docs/MAINTAINER_TRIAGE.md",
+  "docs/PRODUCTION_READINESS.md",
+  "README.md",
+  "SECURITY.md"
+];
+
+for (const path of supportFiles) {
+  requireFile(path);
+}
+
+for (const path of supportFiles.filter((path) => existsSync(join(root, path)))) {
+  const content = read(path);
+  for (const unsafe of unsafeContentPatterns) {
+    if (unsafe.pattern.test(content)) {
+      failures.push(`${path} appears to contain ${unsafe.name}; support examples must stay public-safe and redacted.`);
+    }
+  }
+}
+
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /Report gallery feedback/, "a report gallery feedback template name");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /fresh-install-doctor/, "the fresh install report option");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /destructive-command-summary/, "the destructive summary report option");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /blocked-command-review/, "the blocked command report option");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /doctor --json/, "doctor JSON diagnostics");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /summary --kind command "git reset --hard"/, "the report-gallery summary smoke");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /Sanitized command summary/, "sanitized command prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /Sanitized output summary/, "sanitized output prompt");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /SECURITY\.md/, "security redirect");
+requireText(".github/ISSUE_TEMPLATE/report_gallery_feedback.yml", /removed secrets, tokens, private code, private paths, customer data, and full CI logs/, "privacy checkbox");
+requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /Jester version/, "false-positive version prompt");
+requireText(".github/ISSUE_TEMPLATE/false_positive.yml", /doctor --json/, "false-positive doctor diagnostics");
+
+requireText("examples/reports/feedback-template.md", /Report Gallery Feedback Template/, "feedback template heading");
+requireText("examples/reports/feedback-template.md", /fresh-install-doctor/, "fresh install report id");
+requireText("examples/reports/feedback-template.md", /destructive-command-summary/, "destructive summary report id");
+requireText("examples/reports/feedback-template.md", /blocked-command-review/, "blocked command report id");
+requireText("examples/reports/feedback-template.md", /doctor --json/, "doctor JSON command");
+requireText("examples/reports/feedback-template.md", /summary --kind command "git reset --hard"/, "summary command");
+requireText("examples/reports/feedback-template.md", /tune <rule-id> --json/, "tune JSON command");
+requireText("examples/reports/feedback-template.md", /Privacy Checklist/, "privacy checklist");
+requireText("examples/reports/feedback-template.md", /SECURITY\.md/, "security redirect");
+requireText("examples/reports/feedback-template.md", /npm run support:check/, "support checker command");
+
+requireText("examples/reports/README.md", /feedback-template\.md/, "feedback template link");
+requireText("examples/reports/README.md", /report_gallery_feedback\.yml/, "GitHub issue template link");
+requireText("examples/reports/README.md", /npm run support:check/, "support checker command");
+requireText("docs/MAINTAINER_TRIAGE.md", /feedback-template\.md/, "feedback template triage link");
+requireText("docs/MAINTAINER_TRIAGE.md", /report_gallery_feedback\.yml/, "report gallery issue template triage link");
+requireText("docs/MAINTAINER_TRIAGE.md", /npm(?:\.cmd)? run support:check/, "support checker triage command");
+requireText("docs/PRODUCTION_READINESS.md", /support:check/, "support checker readiness");
+requireText("README.md", /feedback-template\.md/, "feedback template README link");
+requireText("README.md", /report gallery feedback/i, "report gallery feedback guidance");
+
+requireText("package.json", /"support:check": "node scripts\/check-support-triage\.mjs"/, "support checker script");
+requireText("package.json", /npm run support:check/, "support checker in npm test");
+
+if (failures.length > 0) {
+  console.error("Support triage check failed:");
+  for (const failure of failures) {
+    console.error(`- ${failure}`);
+  }
+  process.exit(1);
+}
+
+console.log("Support triage check passed.");
+
+function read(path) {
+  return readFileSync(join(root, path), "utf8");
+}
+
+function requireFile(path) {
+  if (!existsSync(join(root, path))) {
+    failures.push(`${path} is missing.`);
+  }
+}
+
+function requireText(path, pattern, description) {
+  if (!existsSync(join(root, path))) {
+    failures.push(`${path} is missing; cannot check for ${description}.`);
+    return;
+  }
+
+  const content = read(path);
+  if (!pattern.test(content)) {
+    failures.push(`${path} should include ${description}.`);
+  }
+}