mindforge-cc 11.2.0 → 11.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (213) hide show
  1. package/.mindforge/config.json +3 -2
  2. package/.mindforge/imported-agents.jsonl +154 -0
  3. package/CHANGELOG.md +80 -1
  4. package/MINDFORGE.md +5 -5
  5. package/README.md +1 -1
  6. package/bin/autonomous/mesh-self-healer.js +101 -28
  7. package/bin/browser/regression-writer.js +45 -3
  8. package/bin/browser/session-manager.js +21 -17
  9. package/bin/engine/logic-drift-detector.js +14 -6
  10. package/bin/engine/logic-validator.js +155 -25
  11. package/bin/engine/orbital-guardian.js +56 -10
  12. package/bin/engine/reason-source-aligner.js +19 -6
  13. package/bin/engine/remediation-engine.js +1 -1
  14. package/bin/engine/self-corrective-synthesizer.js +1 -1
  15. package/bin/engine/sre-manager.js +33 -6
  16. package/bin/governance/policy-engine.js +17 -4
  17. package/bin/governance/ztai-archiver.js +74 -9
  18. package/bin/governance/ztai-manager.js +3 -3
  19. package/bin/installer-core.js +126 -3
  20. package/bin/memory/eis-client.js +45 -4
  21. package/bin/memory/vector-hub.js +32 -0
  22. package/bin/review/finding-synthesizer.js +35 -6
  23. package/bin/security/trust-boundaries.js +96 -4
  24. package/bin/security/trust-gate-hook.js +13 -3
  25. package/bin/skill-registry.js +31 -20
  26. package/bin/spawn-agent.js +80 -1
  27. package/bin/sre/shadow-mirror.js +90 -40
  28. package/bin/utils/append-queue.js +12 -0
  29. package/bin/utils/file-io.js +4 -45
  30. package/bin/utils/version-check.js +21 -5
  31. package/bin/wizard/theme.js +4 -3
  32. package/package.json +3 -1
  33. package/subagents/.claude-plugin/marketplace.json +93 -0
  34. package/subagents/categories/01-core-development/.claude-plugin/plugin.json +24 -0
  35. package/subagents/categories/01-core-development/README.md +146 -0
  36. package/subagents/categories/01-core-development/api-designer-cc.md +237 -0
  37. package/subagents/categories/01-core-development/backend-developer.md +222 -0
  38. package/subagents/categories/01-core-development/design-bridge.md +129 -0
  39. package/subagents/categories/01-core-development/electron-pro.md +240 -0
  40. package/subagents/categories/01-core-development/frontend-developer.md +133 -0
  41. package/subagents/categories/01-core-development/fullstack-developer.md +235 -0
  42. package/subagents/categories/01-core-development/graphql-architect.md +238 -0
  43. package/subagents/categories/01-core-development/microservices-architect.md +239 -0
  44. package/subagents/categories/01-core-development/mobile-developer.md +283 -0
  45. package/subagents/categories/01-core-development/ui-designer.md +174 -0
  46. package/subagents/categories/01-core-development/websocket-engineer.md +150 -0
  47. package/subagents/categories/02-language-specialists/.claude-plugin/plugin.json +43 -0
  48. package/subagents/categories/02-language-specialists/README.md +245 -0
  49. package/subagents/categories/02-language-specialists/angular-architect.md +287 -0
  50. package/subagents/categories/02-language-specialists/cpp-pro.md +277 -0
  51. package/subagents/categories/02-language-specialists/csharp-developer.md +287 -0
  52. package/subagents/categories/02-language-specialists/django-developer.md +287 -0
  53. package/subagents/categories/02-language-specialists/dotnet-core-expert.md +287 -0
  54. package/subagents/categories/02-language-specialists/dotnet-framework-48-expert.md +306 -0
  55. package/subagents/categories/02-language-specialists/elixir-expert.md +311 -0
  56. package/subagents/categories/02-language-specialists/expo-react-native-expert.md +268 -0
  57. package/subagents/categories/02-language-specialists/fastapi-developer.md +287 -0
  58. package/subagents/categories/02-language-specialists/flutter-expert.md +287 -0
  59. package/subagents/categories/02-language-specialists/golang-pro.md +277 -0
  60. package/subagents/categories/02-language-specialists/java-architect.md +287 -0
  61. package/subagents/categories/02-language-specialists/javascript-pro.md +277 -0
  62. package/subagents/categories/02-language-specialists/kotlin-specialist.md +287 -0
  63. package/subagents/categories/02-language-specialists/laravel-specialist.md +287 -0
  64. package/subagents/categories/02-language-specialists/nextjs-developer.md +287 -0
  65. package/subagents/categories/02-language-specialists/node-specialist.md +124 -0
  66. package/subagents/categories/02-language-specialists/php-pro.md +287 -0
  67. package/subagents/categories/02-language-specialists/powershell-51-expert.md +59 -0
  68. package/subagents/categories/02-language-specialists/powershell-7-expert.md +57 -0
  69. package/subagents/categories/02-language-specialists/python-pro.md +277 -0
  70. package/subagents/categories/02-language-specialists/rails-expert.md +358 -0
  71. package/subagents/categories/02-language-specialists/react-specialist-cc.md +287 -0
  72. package/subagents/categories/02-language-specialists/rust-engineer.md +287 -0
  73. package/subagents/categories/02-language-specialists/spring-boot-engineer.md +287 -0
  74. package/subagents/categories/02-language-specialists/sql-pro.md +287 -0
  75. package/subagents/categories/02-language-specialists/swift-expert.md +287 -0
  76. package/subagents/categories/02-language-specialists/symfony-specialist.md +354 -0
  77. package/subagents/categories/02-language-specialists/typescript-pro.md +277 -0
  78. package/subagents/categories/02-language-specialists/vue-expert.md +287 -0
  79. package/subagents/categories/03-infrastructure/.claude-plugin/plugin.json +29 -0
  80. package/subagents/categories/03-infrastructure/README.md +170 -0
  81. package/subagents/categories/03-infrastructure/azure-infra-engineer.md +53 -0
  82. package/subagents/categories/03-infrastructure/cloud-architect-cc.md +277 -0
  83. package/subagents/categories/03-infrastructure/database-administrator.md +287 -0
  84. package/subagents/categories/03-infrastructure/deployment-engineer.md +287 -0
  85. package/subagents/categories/03-infrastructure/devops-engineer-cc.md +287 -0
  86. package/subagents/categories/03-infrastructure/devops-incident-responder.md +287 -0
  87. package/subagents/categories/03-infrastructure/docker-expert.md +278 -0
  88. package/subagents/categories/03-infrastructure/incident-responder.md +287 -0
  89. package/subagents/categories/03-infrastructure/kubernetes-specialist.md +287 -0
  90. package/subagents/categories/03-infrastructure/network-engineer.md +287 -0
  91. package/subagents/categories/03-infrastructure/platform-engineer-cc.md +287 -0
  92. package/subagents/categories/03-infrastructure/security-engineer.md +277 -0
  93. package/subagents/categories/03-infrastructure/sre-engineer.md +287 -0
  94. package/subagents/categories/03-infrastructure/terraform-engineer.md +287 -0
  95. package/subagents/categories/03-infrastructure/terragrunt-expert.md +307 -0
  96. package/subagents/categories/03-infrastructure/windows-infra-admin.md +52 -0
  97. package/subagents/categories/04-quality-security/.claude-plugin/plugin.json +30 -0
  98. package/subagents/categories/04-quality-security/README.md +175 -0
  99. package/subagents/categories/04-quality-security/accessibility-tester-cc.md +277 -0
  100. package/subagents/categories/04-quality-security/ad-security-reviewer.md +56 -0
  101. package/subagents/categories/04-quality-security/ai-writing-auditor.md +77 -0
  102. package/subagents/categories/04-quality-security/architect-reviewer.md +287 -0
  103. package/subagents/categories/04-quality-security/chaos-engineer-cc.md +277 -0
  104. package/subagents/categories/04-quality-security/code-reviewer.md +287 -0
  105. package/subagents/categories/04-quality-security/compliance-auditor-cc.md +277 -0
  106. package/subagents/categories/04-quality-security/debugger-cc.md +287 -0
  107. package/subagents/categories/04-quality-security/error-detective.md +287 -0
  108. package/subagents/categories/04-quality-security/gdpr-ccpa-compliance.md +98 -0
  109. package/subagents/categories/04-quality-security/penetration-tester.md +287 -0
  110. package/subagents/categories/04-quality-security/performance-engineer.md +287 -0
  111. package/subagents/categories/04-quality-security/powershell-security-hardening.md +54 -0
  112. package/subagents/categories/04-quality-security/qa-expert.md +287 -0
  113. package/subagents/categories/04-quality-security/security-auditor.md +287 -0
  114. package/subagents/categories/04-quality-security/test-automator.md +287 -0
  115. package/subagents/categories/04-quality-security/ui-ux-tester.md +234 -0
  116. package/subagents/categories/05-data-ai/.claude-plugin/plugin.json +26 -0
  117. package/subagents/categories/05-data-ai/README.md +153 -0
  118. package/subagents/categories/05-data-ai/ai-engineer.md +287 -0
  119. package/subagents/categories/05-data-ai/data-analyst.md +277 -0
  120. package/subagents/categories/05-data-ai/data-engineer-cc.md +287 -0
  121. package/subagents/categories/05-data-ai/data-scientist.md +287 -0
  122. package/subagents/categories/05-data-ai/database-optimizer.md +287 -0
  123. package/subagents/categories/05-data-ai/llm-architect.md +287 -0
  124. package/subagents/categories/05-data-ai/machine-learning-engineer.md +277 -0
  125. package/subagents/categories/05-data-ai/ml-engineer-cc.md +287 -0
  126. package/subagents/categories/05-data-ai/mlops-engineer.md +287 -0
  127. package/subagents/categories/05-data-ai/nlp-engineer.md +287 -0
  128. package/subagents/categories/05-data-ai/postgres-pro.md +287 -0
  129. package/subagents/categories/05-data-ai/prompt-engineer-cc.md +287 -0
  130. package/subagents/categories/05-data-ai/reinforcement-learning-engineer.md +277 -0
  131. package/subagents/categories/06-developer-experience/.claude-plugin/plugin.json +28 -0
  132. package/subagents/categories/06-developer-experience/README.md +157 -0
  133. package/subagents/categories/06-developer-experience/build-engineer-cc.md +286 -0
  134. package/subagents/categories/06-developer-experience/cli-developer.md +286 -0
  135. package/subagents/categories/06-developer-experience/dependency-manager.md +286 -0
  136. package/subagents/categories/06-developer-experience/documentation-engineer.md +276 -0
  137. package/subagents/categories/06-developer-experience/dx-optimizer.md +286 -0
  138. package/subagents/categories/06-developer-experience/git-workflow-manager.md +286 -0
  139. package/subagents/categories/06-developer-experience/legacy-modernizer.md +286 -0
  140. package/subagents/categories/06-developer-experience/mcp-developer.md +275 -0
  141. package/subagents/categories/06-developer-experience/powershell-module-architect.md +58 -0
  142. package/subagents/categories/06-developer-experience/powershell-ui-architect.md +135 -0
  143. package/subagents/categories/06-developer-experience/readme-generator.md +238 -0
  144. package/subagents/categories/06-developer-experience/refactoring-specialist.md +286 -0
  145. package/subagents/categories/06-developer-experience/slack-expert.md +232 -0
  146. package/subagents/categories/06-developer-experience/tooling-engineer.md +286 -0
  147. package/subagents/categories/06-developer-experience/visual-asset-generator.md +34 -0
  148. package/subagents/categories/07-specialized-domains/.claude-plugin/plugin.json +27 -0
  149. package/subagents/categories/07-specialized-domains/README.md +161 -0
  150. package/subagents/categories/07-specialized-domains/api-documenter.md +277 -0
  151. package/subagents/categories/07-specialized-domains/blockchain-developer.md +287 -0
  152. package/subagents/categories/07-specialized-domains/embedded-systems.md +287 -0
  153. package/subagents/categories/07-specialized-domains/fintech-engineer.md +287 -0
  154. package/subagents/categories/07-specialized-domains/game-developer.md +287 -0
  155. package/subagents/categories/07-specialized-domains/healthcare-admin.md +199 -0
  156. package/subagents/categories/07-specialized-domains/hipaa-compliance.md +112 -0
  157. package/subagents/categories/07-specialized-domains/iot-engineer.md +287 -0
  158. package/subagents/categories/07-specialized-domains/m365-admin.md +48 -0
  159. package/subagents/categories/07-specialized-domains/mobile-app-developer.md +287 -0
  160. package/subagents/categories/07-specialized-domains/payment-integration.md +287 -0
  161. package/subagents/categories/07-specialized-domains/quant-analyst.md +287 -0
  162. package/subagents/categories/07-specialized-domains/risk-manager.md +287 -0
  163. package/subagents/categories/07-specialized-domains/seo-specialist-cc.md +184 -0
  164. package/subagents/categories/08-business-product/.claude-plugin/plugin.json +29 -0
  165. package/subagents/categories/08-business-product/README.md +160 -0
  166. package/subagents/categories/08-business-product/assumption-mapping.md +77 -0
  167. package/subagents/categories/08-business-product/backlog-grooming.md +88 -0
  168. package/subagents/categories/08-business-product/business-analyst-cc.md +287 -0
  169. package/subagents/categories/08-business-product/content-marketer.md +287 -0
  170. package/subagents/categories/08-business-product/content-quality-editor.md +55 -0
  171. package/subagents/categories/08-business-product/customer-success-manager.md +287 -0
  172. package/subagents/categories/08-business-product/growth-loops.md +91 -0
  173. package/subagents/categories/08-business-product/legal-advisor.md +287 -0
  174. package/subagents/categories/08-business-product/license-engineer.md +295 -0
  175. package/subagents/categories/08-business-product/product-manager-cc.md +287 -0
  176. package/subagents/categories/08-business-product/project-manager.md +287 -0
  177. package/subagents/categories/08-business-product/sales-engineer.md +287 -0
  178. package/subagents/categories/08-business-product/scrum-master.md +287 -0
  179. package/subagents/categories/08-business-product/technical-writer.md +287 -0
  180. package/subagents/categories/08-business-product/ux-researcher.md +287 -0
  181. package/subagents/categories/08-business-product/wordpress-master.md +316 -0
  182. package/subagents/categories/09-meta-orchestration/.claude-plugin/plugin.json +24 -0
  183. package/subagents/categories/09-meta-orchestration/README.md +140 -0
  184. package/subagents/categories/09-meta-orchestration/agent-installer.md +97 -0
  185. package/subagents/categories/09-meta-orchestration/agent-organizer.md +287 -0
  186. package/subagents/categories/09-meta-orchestration/codebase-orchestrator.md +249 -0
  187. package/subagents/categories/09-meta-orchestration/context-manager.md +287 -0
  188. package/subagents/categories/09-meta-orchestration/error-coordinator.md +287 -0
  189. package/subagents/categories/09-meta-orchestration/it-ops-orchestrator.md +60 -0
  190. package/subagents/categories/09-meta-orchestration/knowledge-synthesizer.md +287 -0
  191. package/subagents/categories/09-meta-orchestration/multi-agent-coordinator.md +287 -0
  192. package/subagents/categories/09-meta-orchestration/performance-monitor.md +287 -0
  193. package/subagents/categories/09-meta-orchestration/task-distributor.md +287 -0
  194. package/subagents/categories/09-meta-orchestration/workflow-orchestrator.md +287 -0
  195. package/subagents/categories/10-research-analysis/.claude-plugin/plugin.json +24 -0
  196. package/subagents/categories/10-research-analysis/README.md +141 -0
  197. package/subagents/categories/10-research-analysis/ab-test-analysis.md +101 -0
  198. package/subagents/categories/10-research-analysis/cohort-analysis.md +100 -0
  199. package/subagents/categories/10-research-analysis/competitive-analyst.md +287 -0
  200. package/subagents/categories/10-research-analysis/data-researcher.md +287 -0
  201. package/subagents/categories/10-research-analysis/first-principles-thinking.md +100 -0
  202. package/subagents/categories/10-research-analysis/market-researcher.md +287 -0
  203. package/subagents/categories/10-research-analysis/project-idea-validator.md +269 -0
  204. package/subagents/categories/10-research-analysis/research-analyst.md +287 -0
  205. package/subagents/categories/10-research-analysis/scientific-literature-researcher.md +151 -0
  206. package/subagents/categories/10-research-analysis/search-specialist.md +287 -0
  207. package/subagents/categories/10-research-analysis/trend-analyst.md +287 -0
  208. package/subagents/tools/subagent-catalog/README.md +58 -0
  209. package/subagents/tools/subagent-catalog/config.sh +94 -0
  210. package/subagents/tools/subagent-catalog/fetch.md +82 -0
  211. package/subagents/tools/subagent-catalog/invalidate.md +47 -0
  212. package/subagents/tools/subagent-catalog/list.md +54 -0
  213. package/subagents/tools/subagent-catalog/search.md +58 -0
@@ -10,12 +10,54 @@ function write(bug, phaseNum) {
10
10
  const dir = path.join(process.cwd(), 'tests', 'regression');
11
11
  fs.mkdirSync(dir, { recursive: true });
12
12
  const name = `phase${phaseNum}-${bug.surface.replace(/\//g, '-').slice(1) || 'home'}.test.ts`;
13
+
14
+ // Embed the bug's surface and failure signal as safely-escaped JS string
15
+ // literals. JSON.stringify escapes quotes, backticks and ${...} so a
16
+ // freeform bug.error cannot break out of the generated source.
17
+ const surfaceLit = JSON.stringify(bug.surface);
18
+ const errorLit = JSON.stringify(bug.error);
19
+
20
+ // The generated test reproduces the original failure conditions and asserts
21
+ // the page no longer exhibits THIS bug's signal — it is NOT a body-visibility
22
+ // tautology that passes for any page.
13
23
  const content = `
14
24
  import { test, expect } from '@playwright/test';
15
25
 
16
- test('Regression: ${bug.surface} [${bug.error}]', async ({ page }) => {
17
- await page.goto('${bug.surface}');
18
- // TODO: Add more specific assertions based on the bug
26
+ // Regression guard for the bug originally observed on ${bug.surface}:
27
+ // ${String(bug.error).replace(/[\r\n]+/g, ' ')}
28
+ // This test fails again if that failure signal re-appears (console error,
29
+ // page text, or a >=400 HTTP status on the affected surface).
30
+ const SURFACE = ${surfaceLit};
31
+ const BUG_SIGNAL = ${errorLit};
32
+
33
+ test('Regression: ' + SURFACE + ' [' + BUG_SIGNAL + ']', async ({ page }) => {
34
+ const consoleErrors: string[] = [];
35
+ page.on('console', (msg) => {
36
+ if (msg.type() === 'error') consoleErrors.push(msg.text());
37
+ });
38
+ page.on('pageerror', (err) => consoleErrors.push(String(err)));
39
+
40
+ const response = await page.goto(SURFACE);
41
+
42
+ // 1. The affected surface must load without the original HTTP failure.
43
+ if (response) {
44
+ expect(response.status(), 'surface re-returned a failing HTTP status').toBeLessThan(400);
45
+ }
46
+
47
+ // 2. The specific failure signal must not re-appear in the console.
48
+ expect(
49
+ consoleErrors.some((line) => line.includes(BUG_SIGNAL)),
50
+ 'console re-emitted the original error: ' + BUG_SIGNAL
51
+ ).toBeFalsy();
52
+
53
+ // 3. ...nor be surfaced in the rendered page text.
54
+ const bodyText = await page.textContent('body');
55
+ expect(
56
+ (bodyText || '').includes(BUG_SIGNAL),
57
+ 'page re-rendered the original error: ' + BUG_SIGNAL
58
+ ).toBeFalsy();
59
+
60
+ // 4. Smoke check: the page actually rendered something.
19
61
  expect(await page.isVisible('body')).toBeTruthy();
20
62
  });
21
63
  `;
@@ -7,7 +7,6 @@
7
7
 
8
8
  const fs = require('fs');
9
9
  const path = require('path');
10
- const os = require('os');
11
10
 
12
11
  const SESSIONS_DIR = path.join(process.cwd(), '.mindforge', 'browser', 'sessions');
13
12
  const ensureDir = () => fs.mkdirSync(SESSIONS_DIR, { recursive: true });
@@ -71,23 +70,28 @@ async function loadSession(name, context) {
71
70
  return { cookiesLoaded };
72
71
  }
73
72
 
73
+ /**
74
+ * Import cookies/sessions directly from a native browser profile.
75
+ *
76
+ * NOT IMPLEMENTED: native browser cookie DB import was removed together with
77
+ * the `better-sqlite3` dependency (the project now uses sql.js / WASM). Browser
78
+ * cookie stores are SQLite databases, and decoding them required that native
79
+ * backend. Rather than silently returning an empty array — which would lie about
80
+ * capability and let callers mistake "no cookies imported" for success — this
81
+ * method throws so the missing capability is explicit.
82
+ *
83
+ * To populate a session, capture cookies live via a browser context and use
84
+ * `saveSession` / `loadSession` instead.
85
+ *
86
+ * @param {string} source - Browser identifier (chrome, arc, brave, edge).
87
+ * @throws {Error} Always — native browser cookie import is not implemented.
88
+ */
74
89
  function importFromBrowser(source) {
75
- const home = os.homedir();
76
- const paths = {
77
- chrome: `${home}/Library/Application Support/Google/Chrome/Default/Cookies`,
78
- arc: `${home}/Library/Application Support/Arc/User Data/Default/Cookies`,
79
- brave: `${home}/Library/Application Support/BraveSoftware/Brave-Browser/Default/Cookies`,
80
- edge: `${home}/Library/Application Support/Microsoft Edge/Default/Cookies`,
81
- };
82
-
83
- const p = paths[source.toLowerCase()];
84
- if (!p || !fs.existsSync(p)) {
85
- throw new Error(`Cookie file for ${source} not found at ${p}`);
86
- }
87
-
88
- // Real SQLite parsing would happen here via better-sqlite3 if installed.
89
- // This is a placeholder for the logic specified in the roadmap.
90
- return [];
90
+ throw new Error(
91
+ `importFromBrowser not implemented for "${source}": the native browser ` +
92
+ 'cookie-DB backend (better-sqlite3) was removed project-wide. ' +
93
+ 'Capture cookies live via a browser context and use saveSession/loadSession instead.'
94
+ );
91
95
  }
92
96
 
93
97
  module.exports = { saveSession, loadSession, importFromBrowser };
@@ -1,9 +1,15 @@
1
1
  /**
2
- * MindForge v6.1.0-alpha — Neural Drift Remediation (NDR)
3
- * Component: Logic Drift Detector (Pillar X)
4
- *
5
- * Analyzes reasoning traces for "Semantic Decay" (repeated failure patterns,
6
- * hallucination-like markers, or mission drift).
2
+ * MindForge v6.1.0-alpha — Logic Drift Detector (Pillar X)
3
+ *
4
+ * HEURISTIC drift detector. Despite the "Pillar X" product naming, this
5
+ * component does NOT use a neural network, embeddings, or any learned model.
6
+ * It scores reasoning traces using pure keyword/ratio heuristics:
7
+ * - unique-word-to-total ratio (proxy for "rambling")
8
+ * - max word-repetition count (proxy for circular reasoning)
9
+ * - presence of a small hardcoded list of contradiction phrases
10
+ *
11
+ * Flags "Semantic Decay" (repeated failure patterns, contradiction markers,
12
+ * or mission drift) heuristically. No model inference is performed.
7
13
  */
8
14
  'use strict';
9
15
 
@@ -48,7 +54,9 @@ class LogicDriftDetector {
48
54
  }
49
55
 
50
56
  /**
51
- * Internal Heuristic: Detects low semantic density (rambling).
57
+ * Internal Heuristic: approximates "rambling" via a unique-keyword-to-word
58
+ * ratio. NOTE: this is NOT a semantic/embedding measure — "density" here is
59
+ * a plain lexical ratio, not model-derived semantic similarity.
52
60
  */
53
61
  _calculateSemanticDensity(thought) {
54
62
  const words = thought.split(/\s+/).length;
@@ -1,67 +1,197 @@
1
1
  /**
2
2
  * MindForge v7 — Neural Drift Remediation (NDR)
3
3
  * Component: Logic Validator
4
- *
4
+ *
5
5
  * Performs high-level semantic validation on agent reasoning traces.
6
- * Supports Local Model (Ollama) integration and Self-Reflective Heuristics.
6
+ *
7
+ * Strategy: real-when-available, else honest heuristic.
8
+ * - By DEFAULT this validator uses a local Self-Reflective Heuristic
9
+ * (`_reflectiveHeuristic`). This is the standard path and runs everywhere,
10
+ * with no external dependency.
11
+ * - OPTIONALLY, if a local Ollama model is actually reachable at the
12
+ * configured endpoint, validation is upgraded to a real model call
13
+ * (`_modelValidation`). Reachability is determined by a real, fail-fast
14
+ * network probe — never a hardcoded flag. When Ollama is absent (the
15
+ * normal case) the probe fails fast and we fall back to the heuristic.
16
+ *
17
+ * The return shape is stable: { is_valid, confidence, critique, method }.
18
+ * Consumers (nexus-tracer) read `is_valid` and `critique`.
7
19
  */
8
20
  'use strict';
9
21
 
10
22
  const configManager = require('../governance/config-manager');
11
23
 
24
+ // Fail-fast budget for the reachability probe and the model call. Ollama is
25
+ // usually absent, so this must time out quickly to avoid hanging CI/production.
26
+ const PROBE_TIMEOUT_MS = 400;
27
+ const MODEL_TIMEOUT_MS = 4000;
28
+
12
29
  class LogicValidator {
13
30
  constructor() {
14
31
  this.endpoint = configManager.get('governance.local_model_endpoint', 'localhost:11434');
15
- this.isModelAvailable = false; // Simulated check result
32
+ this.model = configManager.get('governance.local_model_name', 'llama3');
33
+ // Reflects reality: set by probeModel(), not hardcoded. Unknown until probed.
34
+ this.isModelAvailable = false;
35
+ this._probed = false;
36
+ }
37
+
38
+ /**
39
+ * Normalises the configured endpoint into a base URL (adds scheme if absent).
40
+ * @returns {string}
41
+ */
42
+ _baseUrl() {
43
+ const ep = String(this.endpoint || 'localhost:11434').trim();
44
+ return /^https?:\/\//i.test(ep) ? ep.replace(/\/+$/, '') : `http://${ep.replace(/\/+$/, '')}`;
45
+ }
46
+
47
+ /**
48
+ * Resets cached probe state (used by tests to re-probe after changing endpoint).
49
+ */
50
+ resetProbe() {
51
+ this._probed = false;
52
+ this.isModelAvailable = false;
53
+ }
54
+
55
+ /**
56
+ * Real, fail-fast reachability check for a local Ollama instance.
57
+ * Performs a short GET to the Ollama tags endpoint. On ANY error or timeout
58
+ * (the normal case when Ollama is absent) it resolves `false` — never throws,
59
+ * never hangs. Sets `this.isModelAvailable` from the actual result.
60
+ * @returns {Promise<boolean>}
61
+ */
62
+ async probeModel() {
63
+ let reachable = false;
64
+ try {
65
+ const res = await fetch(`${this._baseUrl()}/api/tags`, {
66
+ method: 'GET',
67
+ signal: AbortSignal.timeout(PROBE_TIMEOUT_MS)
68
+ });
69
+ reachable = res.ok;
70
+ } catch {
71
+ // ECONNREFUSED / timeout / DNS / abort — Ollama not reachable. Stay quiet.
72
+ reachable = false;
73
+ }
74
+ this.isModelAvailable = reachable;
75
+ this._probed = true;
76
+ return reachable;
16
77
  }
17
78
 
18
79
  /**
19
80
  * Validates a reasoning trace using the best available method.
81
+ * Probes for a local model on first call (lazy); falls back to the heuristic
82
+ * when unreachable.
20
83
  * @param {string} thought - The agent's thought string
21
84
  * @param {Object} context - Optional metadata (span attributes, etc.)
22
85
  */
23
86
  async validate(thought, context = {}) {
24
- console.log(`[LogicValidator] Validating trace segment (Length: ${thought.length})`);
87
+ const spanTag = context && context.span_id ? ` span=${context.span_id}` : '';
88
+ console.log(`[LogicValidator] Validating trace segment (Length: ${thought.length})${spanTag}`);
89
+
90
+ if (!this._probed) {
91
+ await this.probeModel();
92
+ }
25
93
 
26
- // In a real v7 deployment, we would perform an asynchronous fetch to Ollama/Llama-CPP
27
- // For this simulation, we simulate a "Reflective Heuristic" analysis.
28
-
29
94
  if (this.isModelAvailable) {
30
- return this._modelValidation(thought, context);
31
- } else {
32
- return this._reflectiveHeuristic(thought, context);
95
+ try {
96
+ return await this._modelValidation(thought);
97
+ } catch {
98
+ // Model became unreachable mid-flight — degrade honestly to heuristic.
99
+ this.isModelAvailable = false;
100
+ return this._reflectiveHeuristic(thought);
101
+ }
33
102
  }
103
+ return this._reflectiveHeuristic(thought);
34
104
  }
35
105
 
36
106
  /**
37
- * Simulated Local Model Validation logic.
107
+ * Real Local Model Validation via Ollama's /api/generate.
108
+ * Asks the model whether the thought is logical and grounded, then derives a
109
+ * real is_valid/confidence from the response — no fabricated fixed values.
38
110
  */
39
- async _modelValidation(thought, context) {
40
- // Mocking an LLM callback: "Is this thought logical and grounded?"
41
- const result = {
42
- is_valid: true,
43
- confidence: 0.98,
44
- critique: 'Logic is consistent with project goals.',
45
- method: 'Ollama/Llama-3-8B'
111
+ async _modelValidation(thought) {
112
+ const prompt =
113
+ 'You are a reasoning-trace auditor. Decide whether the following agent ' +
114
+ 'thought is logical and grounded (consistent, on-task, no self-contradiction).\n' +
115
+ 'Reply with ONLY a JSON object: {"valid": <true|false>, "confidence": <0..1>, ' +
116
+ '"critique": "<short reason>"}.\n\n' +
117
+ `Thought: """${thought}"""`;
118
+
119
+ const res = await fetch(`${this._baseUrl()}/api/generate`, {
120
+ method: 'POST',
121
+ headers: { 'Content-Type': 'application/json' },
122
+ body: JSON.stringify({ model: this.model, prompt, stream: false }),
123
+ signal: AbortSignal.timeout(MODEL_TIMEOUT_MS)
124
+ });
125
+
126
+ if (!res.ok) {
127
+ throw new Error(`Ollama responded ${res.status}`);
128
+ }
129
+
130
+ const payload = await res.json();
131
+ const parsed = this._parseModelResponse(payload && payload.response);
132
+
133
+ return {
134
+ is_valid: parsed.valid,
135
+ confidence: parsed.confidence,
136
+ critique: parsed.critique,
137
+ method: `ollama:${this.model}`
138
+ };
139
+ }
140
+
141
+ /**
142
+ * Robustly parses the model's textual response into a verdict. Falls back to
143
+ * conservative defaults derived from the raw text when JSON is unavailable —
144
+ * never invents a fixed high-confidence pass.
145
+ * @param {string} raw
146
+ */
147
+ _parseModelResponse(raw) {
148
+ const text = String(raw || '');
149
+ const match = text.match(/\{[\s\S]*\}/);
150
+ if (match) {
151
+ try {
152
+ const obj = JSON.parse(match[0]);
153
+ const valid = obj.valid === true || obj.valid === 'true';
154
+ let confidence = Number(obj.confidence);
155
+ if (!Number.isFinite(confidence)) confidence = valid ? 0.6 : 0.4;
156
+ confidence = Math.min(1, Math.max(0, confidence));
157
+ const critique = typeof obj.critique === 'string' && obj.critique.trim()
158
+ ? obj.critique.trim()
159
+ : (valid ? 'Model judged the thought logical and grounded.'
160
+ : 'Model flagged the thought as illogical or ungrounded.');
161
+ return { valid, confidence, critique };
162
+ } catch {
163
+ // fall through to text heuristic below
164
+ }
165
+ }
166
+
167
+ // No parseable JSON: derive a conservative verdict from the raw text.
168
+ const lowered = text.toLowerCase();
169
+ const valid = !/(invalid|illogical|not\s+grounded|inconsistent|"valid"\s*:\s*false)/.test(lowered)
170
+ && /(valid|logical|grounded|consistent)/.test(lowered);
171
+ return {
172
+ valid,
173
+ confidence: valid ? 0.55 : 0.45,
174
+ critique: 'Model response was unstructured; verdict derived from text.'
46
175
  };
47
- return result;
48
176
  }
49
177
 
50
178
  /**
51
- * Advanced "Reflective Heuristic" which is more intensive than the DriftDetector.
179
+ * Local Self-Reflective Heuristic the default validation path. More
180
+ * intensive than the DriftDetector; uses self-doubt and goal-misalignment
181
+ * markers. Honestly labelled as a heuristic (no model is involved here).
52
182
  */
53
- async _reflectiveHeuristic(thought, context) {
54
- const t = thought.toLowerCase();
55
-
183
+ async _reflectiveHeuristic(thought) {
184
+ const t = String(thought || '').toLowerCase();
185
+
56
186
  // Check for "Self-Doubt" markers that might indicate drift
57
187
  const doubtMarkers = ['i am not sure', 'maybe i should wait', 'actually, i forgot', 'i will instead try to just'];
58
188
  const doubtCount = doubtMarkers.filter(m => t.includes(m)).length;
59
189
 
60
- // Check for "Goal Misalignment" (Simulated)
190
+ // Check for "Goal Misalignment"
61
191
  const goalMismatch = t.includes('ignoring current goal') || t.includes('outside scope');
62
192
 
63
193
  const score = 1.0 - (doubtCount * 0.2) - (goalMismatch ? 0.5 : 0);
64
-
194
+
65
195
  return {
66
196
  is_valid: score > 0.6,
67
197
  confidence: parseFloat(score.toFixed(2)),
@@ -35,26 +35,43 @@ class OrbitalGuardian {
35
35
  throw new Error(`[ORBITAL-GUARDIAN] DID ${did} has insufficient Trust Tier for Orbital Attestation.`);
36
36
  }
37
37
 
38
- // 1. Sign the attestation payload using the Hardware Enclave provider
39
- const attestationPayload = await ztaiManager.signData(did, JSON.stringify({
38
+ // 1. Build the EXACT canonical message and sign it with the agent's key.
39
+ // UC-22: this canonical string is persisted verbatim alongside the DID so
40
+ // verify() can re-verify the signature later. We must store the precise
41
+ // bytes that were signed — recomputing them (e.g. with a fresh timestamp)
42
+ // would never verify — so capture the message once, here, and reuse it.
43
+ const signedMessage = JSON.stringify({
40
44
  requestId,
41
45
  payload,
42
46
  timestamp: new Date().toISOString()
43
- }));
47
+ });
48
+ const signature = await ztaiManager.signData(did, signedMessage);
44
49
 
45
50
  const attestation = {
46
51
  id: `att_${crypto.randomBytes(4).toString('hex')}`,
47
52
  request_id: requestId,
48
53
  status: 'APPROVED',
49
- attestation_payload: attestationPayload,
54
+ did,
55
+ signed_message: signedMessage,
56
+ attestation_payload: signature,
50
57
  timestamp: new Date().toISOString()
51
58
  };
52
59
 
53
- // 2. Persist to SQLite (Source of truth for v8 Governance Dashboard)
60
+ // 2. Persist to SQLite (Source of truth for v8 Governance Dashboard).
61
+ // did + signed_message + signature together let verify() re-check the
62
+ // cryptographic signature; status='APPROVED' alone is NOT trusted.
54
63
  vectorHub.run(
55
- `INSERT INTO attestations (id, request_id, status, attestation_payload, timestamp)
56
- VALUES (?, ?, ?, ?, ?)`,
57
- [attestation.id, attestation.request_id, attestation.status, attestation.attestation_payload, attestation.timestamp]
64
+ `INSERT INTO attestations (id, request_id, status, did, signed_message, attestation_payload, timestamp)
65
+ VALUES (?, ?, ?, ?, ?, ?, ?)`,
66
+ [
67
+ attestation.id,
68
+ attestation.request_id,
69
+ attestation.status,
70
+ attestation.did,
71
+ attestation.signed_message,
72
+ attestation.attestation_payload,
73
+ attestation.timestamp
74
+ ]
58
75
  );
59
76
 
60
77
  console.log(`[ORBITAL-GUARDIAN] Attestation SUCCESS: ${attestation.id}`);
@@ -63,9 +80,16 @@ class OrbitalGuardian {
63
80
 
64
81
  /**
65
82
  * Verifies if a request has a valid hardware bypass.
83
+ *
84
+ * UC-22 (audit finding #2): an APPROVED row is NOT trusted on its own. The
85
+ * stored signature is re-verified against the signer's registered public key
86
+ * over the EXACT canonical message that attest() signed. Anyone who forges an
87
+ * APPROVED row but cannot produce a valid signature is rejected. The check is
88
+ * fail-closed: a missing field, an unregistered/revoked DID, or any thrown
89
+ * error all resolve to { verified:false }.
66
90
  */
67
91
  async verify(requestId) {
68
- if (!requestId) return { verified: false };
92
+ if (!requestId) return { verified: false, reason: 'missing requestId' };
69
93
  await this.ensureInit();
70
94
 
71
95
  const results = vectorHub.query(
@@ -74,7 +98,29 @@ class OrbitalGuardian {
74
98
  );
75
99
 
76
100
  const record = results[0];
77
- if (!record) return { verified: false };
101
+ if (!record) return { verified: false, reason: 'no APPROVED attestation found' };
102
+
103
+ // Re-verify the cryptographic signature. Without a DID, the canonical signed
104
+ // message, AND a signature we cannot prove the row was produced by attest().
105
+ if (!record.did || !record.signed_message || !record.attestation_payload) {
106
+ return { verified: false, reason: 'attestation missing signature material' };
107
+ }
108
+
109
+ let signatureValid = false;
110
+ try {
111
+ signatureValid = ztaiManager.verifySignature(
112
+ record.did,
113
+ record.signed_message,
114
+ record.attestation_payload
115
+ );
116
+ } catch (err) {
117
+ // Unregistered/revoked DID or malformed signature → fail closed.
118
+ return { verified: false, reason: `signature verification error: ${err.message}` };
119
+ }
120
+
121
+ if (!signatureValid) {
122
+ return { verified: false, reason: 'signature verification failed' };
123
+ }
78
124
 
79
125
  return {
80
126
  verified: true,
@@ -45,7 +45,17 @@ class ReasonSourceAligner {
45
45
  * @returns {Object} - Alignment results.
46
46
  */
47
47
  checkAlignment(thought) {
48
- if (!this.initialized) return { score: 1.0, reason: 'uninitialized' }; // Fail-safe stable
48
+ // Fail-safe stable: when no requirements are loaded we CANNOT assess
49
+ // alignment, so we honestly decline rather than assert perfect alignment.
50
+ // Returning the SAME shape as the normal branch means the sole caller
51
+ // (auto-runner.checkMissionFidelity) reads a real boolean instead of
52
+ // `undefined`, so the mission-fidelity gate is no longer silently disabled.
53
+ // is_aligned:false is the safe direction — the caller only injects a
54
+ // correction when is_aligned is truthy, so an honest "can't assess" simply
55
+ // does nothing (no false correction, no silent shape mismatch).
56
+ if (!this.initialized) {
57
+ return { is_aligned: false, best_match_id: null, confidence: 0, status: 'uninitialized' };
58
+ }
49
59
 
50
60
  const alignmentScores = this.registry.map(req => {
51
61
  const score = this._calculateSimilarity(thought, req.summary + ' ' + req.description);
@@ -58,6 +68,7 @@ class ReasonSourceAligner {
58
68
  is_aligned: bestMatch ? bestMatch.score > 0.25 : false, // Sparse mapping allowed
59
69
  best_match_id: bestMatch ? bestMatch.id : null,
60
70
  confidence: bestMatch ? parseFloat(bestMatch.score.toFixed(4)) : 0,
71
+ status: 'assessed',
61
72
  };
62
73
  }
63
74
 
@@ -82,19 +93,21 @@ class ReasonSourceAligner {
82
93
  }
83
94
 
84
95
  /**
85
- * Similarity Heuristic (Keyword-based overlap)
96
+ * Keyword-based overlap heuristic (Jaccard similarity).
97
+ * NOTE: This is a token-overlap heuristic, NOT semantic embeddings.
98
+ * Returns |A ∩ B| / |A ∪ B| in [0, 1].
86
99
  */
87
100
  _calculateSimilarity(a, b) {
88
101
  const getTokens = (str) => new Set(str.toLowerCase().replace(/[^\w\s]/g, '').split(/\s+/).filter(t => t.length > 3));
89
102
  const tokensA = getTokens(a);
90
103
  const tokensB = getTokens(b);
91
-
104
+
92
105
  if (tokensA.size === 0 || tokensB.size === 0) return 0;
93
-
106
+
94
107
  const intersection = new Set([...tokensA].filter(x => tokensB.has(x)));
95
108
  const union = new Set([...tokensA, ...tokensB]);
96
-
97
- return intersection.size / tokensA.size; // Weighted by thought coverage
109
+
110
+ return intersection.size / union.size; // Jaccard: overlap over combined vocabulary
98
111
  }
99
112
 
100
113
  /**
@@ -1,5 +1,5 @@
1
1
  /**
2
- * MindForge v11.1.0 — Neural Drift Remediation (NDR)
2
+ * MindForge v11.2.0 — Neural Drift Remediation (NDR)
3
3
  * Component: Remediation Engine (Pillar X)
4
4
  *
5
5
  * Triggers corrective actions when logic drift or reasoning
@@ -1,5 +1,5 @@
1
1
  /**
2
- * MindForge v11.1.0 — Self-Corrective Synthesis (SCS)
2
+ * MindForge v11.2.0 — Self-Corrective Synthesis (SCS)
3
3
  * Component: Self-Corrective Synthesizer (Pillar XII)
4
4
  *
5
5
  * Analyzes mission drift and logic stagnation to synthesize
@@ -47,12 +47,22 @@ class SREManager {
47
47
  }
48
48
 
49
49
  /**
50
- * Sanitizes a thought chain and generates a ZK-Proof Compliance Certificate.
51
- * Ensures that sensitive IP or "zero-visibility" thoughts are isolated while proving audit-eligibility.
50
+ * Sanitizes a thought chain and generates an HMAC integrity certificate.
51
+ *
52
+ * IMPORTANT — HONEST LABELING: This is NOT a zero-knowledge proof. The
53
+ * artifact is an HMAC-SHA256 tag computed with a process-local shared secret
54
+ * (EPHEMERAL_ENCLAVE_KEY). It provides tamper-evidence/integrity over the
55
+ * proof payload, but:
56
+ * - any party holding the key can forge it (symmetric MAC, not asymmetric),
57
+ * - the payload carries the plaintext sha256(thoughtChain) digest, so it is
58
+ * not "zero-visibility".
59
+ * The enclave is simulated (no hardware TEE). Consumers must treat the
60
+ * returned object as an integrity tag, not a cryptographic ZK proof.
61
+ *
52
62
  * @param {string} thoughtChain - The raw agentic thought chain.
53
63
  * @param {string} enclaveId - The active enclave ID.
54
64
  * @param {Object} policyResult - Whether the content passed internal policy checks.
55
- * @returns {Object} - ZK-Proof compliance certificate.
65
+ * @returns {Object} - HMAC integrity certificate (simulated enclave).
56
66
  */
57
67
  sanitizeThoughtChain(thoughtChain, enclaveId, policyResult = { passed: true }) {
58
68
  if (!this.activeEnclaves.has(enclaveId)) {
@@ -64,7 +74,7 @@ class SREManager {
64
74
  const prevHash = enclaveData.cumulativeHash;
65
75
  const digest = crypto.createHash('sha256').update(thoughtChain).digest('hex');
66
76
 
67
- // Generate a simulated ZK-Proof Compliance Certificate
77
+ // Generate a simulated-enclave HMAC integrity certificate (NOT a ZK proof)
68
78
  const proofPayload = {
69
79
  enclaveId: enclaveId,
70
80
  digest: digest,
@@ -85,19 +95,36 @@ class SREManager {
85
95
 
86
96
  const certificate = {
87
97
  status: 'SRE-ISOLATED',
98
+ // Honest labeling: this is a symmetric HMAC integrity tag, not a ZK proof.
99
+ type: 'hmac-integrity-certificate',
100
+ method: 'hmac-sha256-integrity',
101
+ simulated: true,
102
+ zeroKnowledge: false,
103
+ disclosure: 'HMAC integrity tag (simulated enclave; NOT a zero-knowledge proof). '
104
+ + 'Forgeable by any holder of the shared enclave key; payload carries the plaintext sha256(thought) digest.',
88
105
  proof: proofPayload,
89
106
  signature: signature,
90
107
  proofHash: proofHash,
91
108
  verificationDid: SYSTEM_DID,
92
- message: `[SRE-ZK-PROOF] Confidential reasoning (sha256:${digest.substring(0, 8)}...) verified by Enclave Auditor.`
109
+ message: `[SRE-HMAC] HMAC integrity tag for confidential reasoning (sha256:${digest.substring(0, 8)}...) `
110
+ + 'in simulated enclave — NOT a zero-knowledge proof.'
93
111
  };
94
112
 
95
113
  return certificate;
96
114
  }
97
115
 
98
116
  /**
99
- * Verifies an SRE Compliance Certificate without seeing the original content.
117
+ * Verifies an SRE integrity certificate's HMAC tag and policy flag.
118
+ *
119
+ * NOTE — HONEST LABELING: this recomputes the HMAC-SHA256 tag using the
120
+ * shared enclave key and compares it. It is symmetric MAC verification, NOT
121
+ * zero-knowledge verification. The method name is retained for API
122
+ * compatibility with existing callers; see verifyIntegrityCertificate alias.
100
123
  */
124
+ verifyIntegrityCertificate(certificate) {
125
+ return this.verifyZKProof(certificate);
126
+ }
127
+
101
128
  verifyZKProof(certificate) {
102
129
  if (certificate.status !== 'SRE-ISOLATED') return false;
103
130
 
@@ -92,10 +92,14 @@ class PolicyEngine {
92
92
  return verdict;
93
93
  }
94
94
 
95
- // [ENTERPRISE] Tier 3 Reasoning/PQ Proof Bypass
95
+ // [ENTERPRISE] Tier 3 Sovereign Proof Bypass (fail-closed).
96
+ // A blast-radius override demands a CRYPTOGRAPHIC proof. Only a
97
+ // pq_proof verified via verifyZKProof may authorize the bypass.
98
+ // intent.reasoning_proof is free-form text validated nowhere, so it
99
+ // MUST NOT, on its own, grant an override (UC-22 authz bypass fix).
96
100
  if (intent.tier >= 3 && (intent.reasoning_proof || intent.pq_proof)) {
97
101
  const quantumCrypto = require('./quantum-crypto');
98
- let isProofValid = true;
102
+ let isProofValid = false; // fail-closed: deny unless a real proof verifies
99
103
 
100
104
  if (intent.pq_proof) {
101
105
  const zkResult = quantumCrypto.verifyZKProof(intent.pq_proof, intent.id);
@@ -106,12 +110,21 @@ class PolicyEngine {
106
110
  }
107
111
 
108
112
  if (isProofValid) {
109
- console.log(`[APO-BYPASS] [${requestId}] Tier 3 'Sovereign Proof' verified (${intent.pq_proof ? 'ZK-PQ' : 'Standard'}). Overriding Blast Radius limit.`);
113
+ console.log(`[APO-BYPASS] [${requestId}] Tier 3 'Sovereign Proof' verified (ZK-PQ). Overriding Blast Radius limit.`);
110
114
  // Continue to permit check
111
- } else {
115
+ } else if (intent.pq_proof) {
112
116
  verdict = { verdict: 'DENY', reason: 'ZK proof verification failed. Configure a verifier module or provide a valid proof.', requestId };
113
117
  this.logAudit(intent, impactScore, verdict);
114
118
  return verdict;
119
+ } else {
120
+ // Only a reasoning_proof was supplied — not a cryptographic proof.
121
+ verdict = {
122
+ verdict: 'DENY',
123
+ reason: 'reasoning_proof is not a cryptographic proof; provide a valid pq_proof / Sovereign Proof for blast-radius override.',
124
+ requestId
125
+ };
126
+ this.logAudit(intent, impactScore, verdict);
127
+ return verdict;
115
128
  }
116
129
  } else {
117
130
  verdict = {