mishkan-harness 0.1.0

package/payload/mishkan/templates/settings.json

@@ -0,0 +1,12 @@
+{
+  "_comment": "MISHKAN project-level settings template. Seeded by /mishkan-init into <project>/.claude/settings.json. Committed. Default-deny: agents get explicit allow via their frontmatter tools: field. Hooks are inherited from the user-level ~/.claude/settings.json.",
+  "permissions": {
+    "defaultMode": "auto",
+    "deny": [
+      "Bash(git push:*)",
+      "Bash(ssh:*)",
+      "Bash(sudo:*)",
+      "Bash(docker exec:*)"
+    ]
+  }
+}

package/payload/mishkan/templates/settings.local.json

@@ -0,0 +1,6 @@
+{
+  "_comment": "MISHKAN project-level local overrides. Seeded by /mishkan-init into <project>/.claude/settings.local.json. GITIGNORED. Y4NN's per-project local allow-list goes here.",
+  "permissions": {
+    "allow": []
+  }
+}

package/payload/mishkan/templates/sprint-state.schema.json

@@ -0,0 +1,47 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "mishkan://templates/sprint-state.schema.json",
+  "title": "MISHKAN Sprint State",
+  "description": "Project sprint state, loaded on session resume. Lives in project ./CLAUDE.md frontmatter or a sidecar; mirrored to Cognee.",
+  "type": "object",
+  "additionalProperties": false,
+  "required": ["project", "sprint", "mode", "tasks", "blockers"],
+  "properties": {
+    "project": { "type": "string" },
+    "cognee_namespace": { "type": "string", "description": "Cognee project graph ID" },
+    "sprint": { "type": "string", "pattern": "^S[0-9]+$" },
+    "milestone": { "type": "string", "pattern": "^M[0-9]+$" },
+    "mode": { "type": "string", "enum": ["exploration", "execution"] },
+    "tasks": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "additionalProperties": false,
+        "required": ["id", "description", "status"],
+        "properties": {
+          "id": { "type": "string", "pattern": "^T-[0-9]+$" },
+          "description": { "type": "string" },
+          "status": { "type": "string", "enum": ["pending", "in_progress", "blocked", "completed"] },
+          "team": { "type": "string" },
+          "agent": { "type": "string" }
+        }
+      }
+    },
+    "blockers": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "additionalProperties": false,
+        "required": ["task", "reason"],
+        "properties": {
+          "task": { "type": "string" },
+          "reason": { "type": "string" },
+          "raised_by": { "type": "string" },
+          "severity": { "type": "string", "enum": ["low", "medium", "high", "critical"] }
+        }
+      }
+    },
+    "open_flags": { "type": "array", "items": { "type": "string" } },
+    "last_updated": { "type": "string", "format": "date-time" }
+  }
+}

package/payload/mishkan/templates/team-report.schema.json

@@ -0,0 +1,50 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "mishkan://templates/team-report.schema.json",
+  "title": "MISHKAN Team Reporter Milestone Output",
+  "description": "Structured summary surfaced by a Team Reporter at milestone (design §15).",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "team",
+    "sprint",
+    "milestone",
+    "tasks_completed",
+    "tasks_in_progress",
+    "tasks_blocked",
+    "research_calls",
+    "decisions_made",
+    "security_findings",
+    "cognee_writes",
+    "flags"
+  ],
+  "properties": {
+    "team": { "type": "string" },
+    "sprint": { "type": "string", "pattern": "^S[0-9]+$" },
+    "milestone": { "type": "string", "pattern": "^M[0-9]+$" },
+    "reporter": { "type": "string", "description": "Reporter agent alias" },
+    "tasks_completed": { "type": "array", "items": { "type": "string" } },
+    "tasks_in_progress": { "type": "array", "items": { "type": "string" } },
+    "tasks_blocked": { "type": "array", "items": { "type": "string" } },
+    "research_calls": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["resolved", "partial", "blocked", "library_hits"],
+      "properties": {
+        "resolved": { "type": "integer", "minimum": 0 },
+        "partial": { "type": "integer", "minimum": 0 },
+        "blocked": { "type": "integer", "minimum": 0 },
+        "library_hits": { "type": "integer", "minimum": 0 }
+      }
+    },
+    "decisions_made": { "type": "array", "items": { "type": "string" } },
+    "security_findings": { "type": "array", "items": { "type": "string" } },
+    "cognee_writes": { "type": "integer", "minimum": 0 },
+    "flags": {
+      "type": "array",
+      "items": { "type": "string" },
+      "description": "Items needing Nehemiah/Bezalel attention"
+    },
+    "timestamp": { "type": "string", "format": "date-time" }
+  }
+}

package/payload/mishkan/templates/user-CLAUDE.md

@@ -0,0 +1,62 @@
+# MISHKAN — User-Level Harness Identity
+
+> מִשְׁכָּן — *dwelling place*. The persistent place where engineering work lives.
+> This file installs to `~/.claude/CLAUDE.md`. It loads on every session.
+> Keep it lean — detailed standards live in the rules files it points to.
+
+You are operating inside **MISHKAN**, a personal virtual software engineering
+organisation built around one engineer. Who that engineer is — their identity,
+stack, standards, and how they work — is defined in
+`~/.claude/mishkan/profile.md`. Load it as canonical context.
+
+## Default mode
+
+Sessions start in **exploration mode**: free conversation. **Nehemiah** (PM) and
+**Bezalel** (CTO) lead. Other agents are available on demand and do not interject
+unless called. No structure is imposed until intent is clear or `/mishkan-init`
+runs. Shift to **execution mode** when a spec converges or a project initialises.
+
+## The non-negotiables
+
+> Full detail in two layers: `~/.claude/rules/y4nn-standards.md` (harness-maintained
+> defaults) and `~/.claude/rules/engineer-standards.md` (your customizable layer,
+> which overrides the defaults on conflict). The digest below is drawn from them.
+
+- **Asymmetric AI delegation.** Generative work (UI, config, boilerplate) may be
+  done freely. Stateful operations — `git push`, SSH to production, `docker exec`
+  on production, `sudo`, schema migration execution, log forensics execution —
+  are **never executed by AI**. Analyse; Y4NN runs.
+- **Sequence before implementation.** PRD → SRS → CONTRACT → ARCHITECTURE →
+  MODELING → implementation. Never skip to code without prior spec artifacts.
+- **Verify before fix.** No guess-based reasoning. Exact stacktrace / status /
+  log line before any proposed solution. Two root causes on non-trivial failures.
+- **Durable solutions only.** No workarounds. If it won't work in production from
+  landing, it does not land.
+- **No scope expansion.** The fix is the fix. Refactoring is a separate scoped
+  decision. The approved plan is the scope contract.
+- **No fabricated facts.** State uncertainty explicitly; invoke the research
+  pipeline when unknown.
+- **Explanations before implementation.** Surface trade-offs; gate on approval
+  for consequential decisions.
+- **Stop pending actions immediately when Y4NN speaks** mid-task.
+- **Commit format:** `type(scope) short description` + 5–15 line body. No emojis.
+  No `Co-Authored-By`. Lowercase subject. No terminating period.
+- **Language:** English for all artifacts, code, commands. Do not imitate French.
+
+## Layout
+
+- Agents: `~/.claude/mishkan/agents/` (45 agents — orchestration, research, 6 teams)
+- Rules: `~/.claude/rules/y4nn-standards.md` + `~/.claude/mishkan/rules/`
+- Skills: `~/.claude/mishkan/skills/`
+- Commands: `/mishkan-init`, `/mishkan-resume`, `/sprint-close`, `/promote`, `/sefer-pull`
+- Engineer profile: `~/.claude/mishkan/profile.md` (runtime copy of the canonical `docs/engineer/profile.md`; loaded as engineer context)
+- Knowledge graph: Cognee (local Docker), grows through working sessions
+
+## Routing
+
+Everything routes through Nehemiah (scope, delivery, sprint state) and Bezalel
+(technical standards, architecture, quality bar). Team Leads coordinate within
+teams. QA and Team Reporters are structurally separate from the agents producing
+work — no agent judges its own output.
+
+<!-- Project-specific state is injected below by ./CLAUDE.md when a project is initialised. -->

package/payload/mishkan/workflows/README.md

@@ -0,0 +1,88 @@
+# MISHKAN workflows
+
+Seven dynamic-workflow scripts that codify the orchestrations where
+parallel scale + repeatability justify a script. Each maps to one or
+more of the nine canonical workflow patterns from
+[Anthropic's reference](https://code.claude.com/docs/en/workflows) and the
+[community patterns catalogue](https://github.com/ray-amjad/claude-code-workflow-creator/blob/main/references/patterns.md).
+
+These run from the **main session only** (subagents cannot invoke
+`Workflow`). Skills wire the invocation paths.
+
+## Catalogue
+
+| Script | Pattern combo | Real problem it solves | When to invoke |
+|---|---|---|---|
+| [`mishkan-sprint-close.js`](mishkan-sprint-close.js) | barrier `parallel()` + aggregator | The six Team Reporters need to emit at once and Nehemiah needs the complete set to surface cross-team handoffs | At `/sprint-close` |
+| [`mishkan-deep-research.js`](mishkan-deep-research.js) | pipeline + adversarial verify + barrier | The research pipeline's six stages with 3-vote refute per finding; replaces sequential Task delegation when false-confident answers are costly | Any unknown where verification matters |
+| [`mishkan-codebase-audit.js`](mishkan-codebase-audit.js) | multi-modal sweep + fan-out + dedup + adversarial verify | Bug / security / hardening / perf / a11y / contract sweep across a whole project; one auditor lens per file class | Periodic audits; pre-release reviews; post-incident hardening |
+| [`mishkan-migration-wave.js`](mishkan-migration-wave.js) | pipeline (find → transform → review → verify) + worktree isolation + judge panel on review | Refactors / framework swaps / contract renames across many files; per-file independence with 2-reviewer accept gate | Refactors, deprecations, framework swaps |
+| [`mishkan-architecture-panel.js`](mishkan-architecture-panel.js) | judge panel + impact-fanout + synthesis | Architecture decisions with a wide answer space; 3 Nathan runs from cost/scale/simplicity priors; Zadok+Phinehas+Shallum score; Bezalel synthesises | High-leverage architecture decisions |
+| [`mishkan-release-readiness.js`](mishkan-release-readiness.js) | barrier `parallel()` + structured pass/fail + nested workflow | Pre-deploy gate: tests + security + dependency + SLO + pipeline shape, all at once → single go/no-go | Before every staging-to-prod deploy |
+| [`mishkan-init.js`](mishkan-init.js) | pipeline with overlap (PRD → SRS → CONTRACT+ARCH in parallel → THREAT+C4 in parallel → settle) | Cut project init from hours to minutes without violating the sequence rule | Once per project at `/mishkan-init` |
+
+## The patterns each script uses
+
+| Pattern | Used by |
+|---|---|
+| Fan-out → synthesize | `codebase-audit`, `release-readiness`, `architecture-panel` |
+| Pipeline (overlapping) | `deep-research`, `migration-wave`, `init` |
+| Barrier `parallel()` | `sprint-close`, `release-readiness`, `architecture-panel` (Vote stage) |
+| Adversarial verification (3-vote refute) | `deep-research`, `codebase-audit` |
+| Judge panel | `architecture-panel`, `migration-wave` (2-reviewer accept) |
+| Nested workflow | `release-readiness` → `codebase-audit` |
+| Loop-until-X | — (mechanism inside scripts when needed; no top-level loop workflows yet) |
+
+## Cost discipline
+
+Workflows are expensive. The community baseline is **3–6 workflows per
+production team**. Seven is the working ceiling — adding more
+typically means the new use case is better served by Task delegation
+or a skill.
+
+Cost expectations per run (subagent-tokens, rough orders of
+magnitude):
+
+| Script | Typical cost | Notes |
+|---|---|---|
+| `mishkan-sprint-close` | low | 6 reporters; bounded by team count |
+| `mishkan-deep-research` | medium | 6 stages × per-sub-question fan-out; verify multiplies |
+| `mishkan-codebase-audit` | high | `files × lenses` audits, plus 3-vote per finding |
+| `mishkan-migration-wave` | very high | `files × (1 transformer + N reviewers + verify)`; the Bun-shape |
+| `mishkan-architecture-panel` | medium | 3 proposals × 3 reviewers + synthesis |
+| `mishkan-release-readiness` | low-medium | 7–8 parallel checks; nested audit if enabled |
+| `mishkan-init` | medium | 6 artefacts pipelined |
+
+Run on a small slice first (one directory; one phase) before
+committing to a full wave.
+
+## Where these get invoked from
+
+The Skills that wire main-session invocation paths:
+
+- `nehemiah-pm-craft` — `mishkan-sprint-close`, `mishkan-release-readiness`
+- `bezalel-cto-craft` — `mishkan-architecture-panel`, `mishkan-release-readiness`
+- `phinehas-cto-craft` (via `team-lead-craft`) — `mishkan-codebase-audit`
+- `eliashib-cto-craft` (via `team-lead-craft`) — `mishkan-release-readiness`
+- `jehoshaphat-cto-craft` (via `team-lead-craft`) — `mishkan-init`
+- The research pipeline agents reach the deep-research workflow via the orchestrator path
+
+## Adding a workflow
+
+Don't, unless:
+
+1. The task runs ≥ 10 times per quarter (justifies codification).
+2. The parallel agent count is ≥ 6 (justifies the workflow runtime over Task delegation).
+3. The repeatability is real (same orchestration each time, just different inputs).
+
+Otherwise: Task fan-out from the main session is the right answer.
+The seven workflows above were picked precisely because each clears
+all three bars.
+
+## Constraints (reminders)
+
+- Workflows are main-session-only.
+- Nesting limit: one level. `release-readiness` can call `codebase-audit`; `codebase-audit` cannot call another workflow.
+- Concurrency cap: `min(16, cpu-2)` per run; shared across nested.
+- Cap of 1,000 agents per run (Anthropic platform limit).
+- Date/random functions disabled inside scripts. Pass timestamps via `args` if needed.

package/payload/mishkan/workflows/mishkan-architecture-panel.js

@@ -0,0 +1,156 @@
+// mishkan-architecture-panel — judge panel for architecture decisions.
+//
+// Draft three independent architecture proposals from different priors
+// (cost-first, scale-first, simplicity-first), have impact-checker
+// specialists (Zadok contract, Phinehas threat, Shallum data) score each
+// in parallel, synthesise the winner while grafting the runners-up best
+// ideas. This is the "hard plan drafted from several angles" pattern
+// Anthropic names as a canonical workflow use case.
+//
+// Patterns: judge panel (3 independent proposals → independent scoring) +
+// fan-out (parallel impact reviews) + synthesis.
+//
+// Args: {
+//   decision: "<one sentence: what is being decided>",
+//   context:  "<paragraph: forces, constraints, horizon, current state>",
+//   horizon:  "3-months" | "12-months" | "3-years"
+// }
+
+export const meta = {
+  name: 'mishkan-architecture-panel',
+  description: 'Judge panel for an architecture decision: 3 Nathan runs from different priors propose alternatives; Zadok/Phinehas/Shallum score impact in parallel; main session synthesises the winner.',
+  whenToUse: 'High-leverage architecture decisions where the answer space is genuinely wide (service boundaries, consistency model, data ownership, contract evolution shape). Skip for decisions with a known single best answer.',
+  phases: [
+    { title: 'Draft',     detail: '3 parallel Nathan runs with distinct priors' },
+    { title: 'Impact',    detail: 'Zadok / Phinehas / Shallum score each proposal' },
+    { title: 'Vote',      detail: 'rank proposals by impact-score sum + Bezalel sanity' },
+    { title: 'Synthesise',detail: 'main session writes the chosen architecture, grafting runner-up insights' },
+  ],
+}
+
+if (!args?.decision || !args?.context) {
+  throw new Error('mishkan-architecture-panel requires: { decision, context, horizon? }')
+}
+
+const HORIZON = args.horizon || '12-months'
+
+const PROPOSAL_SCHEMA = {
+  type: 'object',
+  required: ['title', 'shape', 'rationale', 'trade_offs', 'out_of_scope'],
+  properties: {
+    title:        { type: 'string' },
+    shape:        { type: 'string', description: 'one paragraph; the bounded contexts, service boundaries, data ownership, consistency story' },
+    rationale:    { type: 'string' },
+    trade_offs:   {
+      type: 'object',
+      required: ['accepts', 'gives_up'],
+      properties: {
+        accepts:  { type: 'string' },
+        gives_up: { type: 'string' },
+      },
+    },
+    out_of_scope: { type: 'array', items: { type: 'string' }, minItems: 3 },
+    confidence:   { enum: ['high', 'medium', 'low'] },
+  },
+}
+
+const IMPACT_SCHEMA = {
+  type: 'object',
+  required: ['proposal_title', 'reviewer', 'score', 'concerns', 'unblockers'],
+  properties: {
+    proposal_title: { type: 'string' },
+    reviewer:       { type: 'string' },
+    score:          { type: 'integer', minimum: 0, maximum: 10 },
+    concerns:       { type: 'array', items: { type: 'string' } },
+    unblockers:     { type: 'array', items: { type: 'string' } },
+  },
+}
+
+// --- Stage 1: Three Nathan runs with distinct priors ------------------
+phase('Draft')
+const PRIORS = [
+  { key: 'cost',       prior: 'Optimise for lowest delivery cost and lowest operational complexity. Favour fewer services, fewer external dependencies, simpler consistency models.' },
+  { key: 'scale',      prior: 'Optimise for horizon-stretching scale. Assume traffic 100× current; assume team grows 5×. Favour bounded contexts that survive Conway-Law re-org.' },
+  { key: 'simplicity', prior: 'Optimise for legibility and reversibility. Favour the shape an engineer can reconstruct in an afternoon; reject anything where the failure mode is hidden.' },
+]
+
+const proposals = await parallel(PRIORS.map(({ key, prior }) => () => agent(
+  `Act as Nathan. Apply nathan-architecture-craft. Propose an architecture for: ${args.decision}. ` +
+  `Context: ${args.context}. Horizon: ${HORIZON}. ` +
+  `Your specific prior for this proposal: ${prior} ` +
+  `Commit fully to this prior. Name the force-tension your proposal resolves. List three out-of-scope items.`,
+  { label: `nathan:${key}`, phase: 'Draft', agentType: 'nathan', schema: PROPOSAL_SCHEMA }
+)))
+
+const valid = proposals.filter(Boolean)
+if (valid.length < 2) {
+  return { outcome: 'blocked', reason: 'fewer than 2 proposals survived', proposals: valid }
+}
+log(`Drafted ${valid.length} proposals: ${valid.map(p => p.title).join(' / ')}`)
+
+// --- Stage 2: Impact review — Zadok / Phinehas / Shallum on each ------
+phase('Impact')
+const IMPACT_REVIEWERS = ['zadok', 'phinehas', 'shallum']
+const impactTasks = []
+for (const proposal of valid) {
+  for (const reviewer of IMPACT_REVIEWERS) {
+    impactTasks.push({ proposal, reviewer })
+  }
+}
+
+const impacts = await parallel(impactTasks.map(({ proposal, reviewer }) => () => agent(
+  `Act as ${reviewer}. Apply your craft skill. Score this architecture proposal on a 0-10 scale ` +
+  `from your specialty perspective. Then list concerns and unblockers. ` +
+  `Proposal: ${JSON.stringify(proposal)}.`,
+  {
+    label: `impact:${reviewer}:${proposal.title.slice(0, 24)}`,
+    phase: 'Impact',
+    agentType: reviewer,
+    schema: IMPACT_SCHEMA,
+  }
+)))
+
+// --- Stage 3: Aggregate scores per proposal ---------------------------
+phase('Vote')
+const scoresByProposal = {}
+for (const i of impacts.filter(Boolean)) {
+  const key = i.proposal_title
+  scoresByProposal[key] = scoresByProposal[key] || { total: 0, reviews: [] }
+  scoresByProposal[key].total += i.score
+  scoresByProposal[key].reviews.push(i)
+}
+
+const ranked = valid
+  .map(p => ({
+    proposal: p,
+    total_score: (scoresByProposal[p.title]?.total) || 0,
+    reviews:     scoresByProposal[p.title]?.reviews || [],
+  }))
+  .sort((a, b) => b.total_score - a.total_score)
+
+const winner = ranked[0]
+const runners_up = ranked.slice(1)
+log(`Winner: "${winner.proposal.title}" (${winner.total_score} pts). Runners-up: ${runners_up.map(r => `"${r.proposal.title}" (${r.total_score})`).join(', ')}`)
+
+// --- Stage 4: Synthesise — Bezalel writes the final architecture -----
+phase('Synthesise')
+const synthesis = await agent(
+  `Act as Bezalel. Synthesise the final architecture for: ${args.decision}. ` +
+  `The chosen base is "${winner.proposal.title}" (top-scored, ${winner.total_score} points). ` +
+  `Chosen proposal: ${JSON.stringify(winner.proposal)}. ` +
+  `Impact reviews of the winner: ${JSON.stringify(winner.reviews)}. ` +
+  `Runners-up to consider grafting from: ${JSON.stringify(runners_up.map(r => r.proposal))}. ` +
+  `Produce the final architecture in MADR-shaped sections: Context, Decision Drivers, Considered Options ` +
+  `(name all three with their scores), Decision Outcome (name the force the choice resolves), Consequences ` +
+  `(Positive/Negative/Neutral), Out of Scope (three items minimum), Open Questions.`,
+  { label: 'bezalel:synthesise', phase: 'Synthesise', agentType: 'bezalel' }
+)
+
+return {
+  decision: args.decision,
+  winner: winner.proposal.title,
+  ranked_proposals: ranked.map(r => ({ title: r.proposal.title, score: r.total_score })),
+  final_architecture: synthesis,
+  all_proposals: valid,
+  all_impacts: impacts.filter(Boolean),
+}

package/payload/mishkan/workflows/mishkan-codebase-audit.js

@@ -0,0 +1,188 @@
+// mishkan-codebase-audit — fan-out + adversarial verify across a codebase.
+//
+// The MISHKAN-shaped equivalent of the "codebase-wide bug sweep" and
+// "security audit" use cases Anthropic documents. Spawns the right
+// auditor per file-class in parallel, then 3-vote adversarially verifies
+// each finding to drop confident hallucinations before reporting.
+//
+// Patterns: multi-modal sweep (one auditor lens per file class) +
+// fan-out + adversarial verify (2/3-refute kills) + barrier (dedup before
+// the verify stage so duplicate findings across auditors merge first).
+//
+// Args: {
+//   project_root: "/path/to/project",
+//   lenses: ["security", "bugs", "perf", "a11y", "contract"]  // pick subset
+//   target_glob: "src/**/*.{ts,tsx,py,php}"  // optional; default: src/**
+//   max_files: 200                            // cap for cost control
+// }
+
+export const meta = {
+  name: 'mishkan-codebase-audit',
+  description: 'Multi-lens sweep across a codebase. Per-file findings from the relevant Mishmar / Yasad / Panim specialists, then 3-vote adversarial verify before surfacing.',
+  whenToUse: 'Periodic project-wide audits, pre-release reviews, post-incident hardening passes. Not for routine PR review (use mishkan-release-readiness or Task delegation).',
+  phases: [
+    { title: 'Discover', detail: 'enumerate files matching target_glob' },
+    { title: 'Audit',    detail: 'one auditor per lens, parallel per file' },
+    { title: 'Dedup',    detail: 'merge findings hitting the same file:line across lenses' },
+    { title: 'Verify',   detail: '3-vote adversarial; 2/3 refute → drop' },
+    { title: 'Report',   detail: 'aggregate by severity + anchor' },
+  ],
+}
+
+if (!args?.project_root || !args?.lenses || args.lenses.length === 0) {
+  throw new Error('mishkan-codebase-audit requires args: { project_root, lenses: [...], target_glob?, max_files? }')
+}
+
+const MAX_FILES = args.max_files || 200
+const GLOB = args.target_glob || 'src/**/*'
+
+// Each lens maps to the right auditor agent and anchor vocabulary.
+const LENSES = {
+  security: { agent: 'ira',      anchor: 'OWASP / CWE',                craft: 'ira-code-security-craft' },
+  bugs:     { agent: 'uriah',    anchor: 'CONTRACT invariants / tests', craft: 'qa-evaluation-craft' },
+  perf:     { agent: 'shallum',  anchor: 'EXPLAIN / Core Web Vitals',   craft: 'shallum-database-craft' },
+  a11y:     { agent: 'asaph',    anchor: 'WCAG 2.2 SC',                 craft: 'asaph-a11y-seo-craft' },
+  contract: { agent: 'zadok',    anchor: 'CONTRACT.md',                 craft: 'zadok-contract-craft' },
+  surface:  { agent: 'joab',     anchor: 'OWASP API Top 10',            craft: 'joab-app-security-craft' },
+}
+
+const FINDING_SCHEMA = {
+  type: 'object',
+  required: ['location', 'severity', 'rule_violated', 'remediation', 'lens'],
+  properties: {
+    location:      { type: 'string', description: 'file:line or file:line-range' },
+    severity:      { enum: ['critical', 'high', 'medium', 'low'] },
+    rule_violated: { type: 'string' },
+    remediation:   { type: 'string' },
+    lens:          { type: 'string' },
+    confidence:    { enum: ['high', 'medium', 'low'] },
+  },
+}
+
+const FINDINGS_LIST_SCHEMA = {
+  type: 'object',
+  required: ['findings'],
+  properties: {
+    findings: { type: 'array', items: FINDING_SCHEMA },
+  },
+}
+
+const VERDICT_SCHEMA = {
+  type: 'object',
+  required: ['refuted', 'reason'],
+  properties: { refuted: { type: 'boolean' }, reason: { type: 'string' } },
+}
+
+// --- Stage 1: Discover -------------------------------------------------
+phase('Discover')
+const discovery = await agent(
+  `List files under ${args.project_root} matching glob ${JSON.stringify(GLOB)}. ` +
+  `Return up to ${MAX_FILES} files; if more match, prefer files modified most recently. ` +
+  `Output a JSON array of relative paths.`,
+  {
+    label: 'discover:files',
+    phase: 'Discover',
+    agentType: 'Explore',
+    schema: { type: 'object', required: ['files'], properties: { files: { type: 'array', items: { type: 'string' } } } },
+  }
+)
+
+const files = (discovery?.files || []).slice(0, MAX_FILES)
+log(`${files.length} files in scope across ${args.lenses.length} lenses → ${files.length * args.lenses.length} audit calls`)
+
+if (files.length === 0) {
+  return { findings: [], stats: { files: 0, lenses: args.lenses }, note: 'no files matched' }
+}
+
+// --- Stage 2: Audit ----------------------------------------------------
+// Pipeline by file: each file goes through all selected lenses in parallel;
+// audits land into the dedup barrier as they arrive.
+phase('Audit')
+const auditTasks = []
+for (const file of files) {
+  for (const lensName of args.lenses) {
+    const lens = LENSES[lensName]
+    if (!lens) continue
+    auditTasks.push({ file, lensName, lens })
+  }
+}
+
+const rawFindings = await parallel(auditTasks.map(({ file, lensName, lens }) => () =>
+  agent(
+    `Act as ${lens.agent}. Apply ${lens.craft}. Audit ${args.project_root}/${file} for ${lensName} issues. ` +
+    `Anchor every finding to ${lens.anchor}. Anchorless findings are not raised. ` +
+    `Return a (possibly empty) findings list — empty is a valid outcome.`,
+    {
+      label: `${lens.agent}:${lensName}:${file.slice(-32)}`,
+      phase: 'Audit',
+      agentType: lens.agent,
+      schema: FINDINGS_LIST_SCHEMA,
+    }
+  )
+))
+
+const allFindings = rawFindings
+  .filter(Boolean)
+  .flatMap(r => r.findings || [])
+  .map((f, i) => ({ ...f, _id: i }))
+
+log(`Audit produced ${allFindings.length} raw findings`)
+
+// --- Stage 3: Dedup ----------------------------------------------------
+// Two lenses can flag the same file:line for related reasons. Merge by
+// (file:line, anchor) — keep the highest-severity version, append cross-lens
+// note.
+phase('Dedup')
+const key = (f) => `${f.location}::${(f.rule_violated || '').slice(0, 40)}`
+const grouped = {}
+for (const f of allFindings) {
+  const k = key(f)
+  if (!grouped[k]) { grouped[k] = { ...f, lenses: [f.lens] }; continue }
+  grouped[k].lenses.push(f.lens)
+  const sevOrder = { critical: 0, high: 1, medium: 2, low: 3 }
+  if (sevOrder[f.severity] < sevOrder[grouped[k].severity]) {
+    grouped[k].severity = f.severity
+    grouped[k].rule_violated = f.rule_violated
+    grouped[k].remediation = f.remediation
+  }
+}
+const deduped = Object.values(grouped)
+log(`After dedup: ${deduped.length} unique findings (collapsed ${allFindings.length - deduped.length})`)
+
+// --- Stage 4: Adversarial verify --------------------------------------
+// 3 independent skeptics per finding; 2/3 refute → drop.
+phase('Verify')
+const verified = await parallel(deduped.map((f) => async () => {
+  const votes = await parallel([0, 1, 2].map((v) => () => agent(
+    `Adversarial verifier ${v + 1}/3. Try to REFUTE this audit finding. Default to refuted=true if uncertain. ` +
+    `Read ${args.project_root}/${f.location.split(':')[0]} to confirm. Finding: ${JSON.stringify(f)}. ` +
+    `Refute if: (a) the anchor does not actually apply at this location, (b) the failure mode is not concretely ` +
+    `describable, or (c) the remediation does not address the named anchor.`,
+    { label: `verify:${f.location.slice(-32)}:v${v + 1}`, phase: 'Verify',
+      agentType: 'hushai', schema: VERDICT_SCHEMA }
+  )))
+  const refuted = votes.filter(Boolean).filter(v => v.refuted).length
+  return refuted >= 2 ? null : f
+}))
+
+const confirmed = verified.filter(Boolean)
+const killed = deduped.length - confirmed.length
+log(`Verify: ${confirmed.length} confirmed, ${killed} refuted by adversarial vote`)
+
+// --- Stage 5: Report --------------------------------------------------
+phase('Report')
+const bySeverity = { critical: [], high: [], medium: [], low: [] }
+for (const f of confirmed) (bySeverity[f.severity] || bySeverity.low).push(f)
+
+return {
+  findings_by_severity: bySeverity,
+  totals: {
+    files_audited: files.length,
+    lenses: args.lenses,
+    raw_findings: allFindings.length,
+    after_dedup: deduped.length,
+    after_verify: confirmed.length,
+    refuted_by_verify: killed,
+  },
+  next_actions: confirmed.filter(f => f.severity === 'critical' || f.severity === 'high'),
+}