percolation-inversion-compiler-ts 0.4.5 → 0.5.0

package/dist/sqot_controller/index.d.ts

@@ -0,0 +1,8 @@
+type JsonRecord = Record<string, unknown>;
+declare function diagnoseQueueOccupation(graph: JsonRecord, attentionBudget?: number): JsonRecord;
+declare function diagnoseSalienceObstruction(graph: JsonRecord): JsonRecord;
+declare function buildQueueRebalancePlan(graph: JsonRecord): JsonRecord;
+declare function buildPacketQuarantineDecisions(graph: JsonRecord): JsonRecord;
+declare function checkDiagnosticReserve(graph: JsonRecord, attentionBudget?: number): JsonRecord;
+
+export { buildPacketQuarantineDecisions, buildQueueRebalancePlan, checkDiagnosticReserve, diagnoseQueueOccupation, diagnoseSalienceObstruction };

package/dist/sqot_controller/index.js

@@ -0,0 +1,141 @@
+// src/sqot_controller/index.ts
+function record(value) {
+  return value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+}
+function records(value) {
+  return Array.isArray(value) ? value.filter((item) => Boolean(record(item))) : [];
+}
+function strings(value) {
+  if (Array.isArray(value)) return value.map(String).sort();
+  if (value === void 0 || value === null) return [];
+  return [String(value)];
+}
+function graphNodes(graph) {
+  return records(graph.nodes);
+}
+function candidateNodes(graph) {
+  return graphNodes(graph).filter(
+    (node) => record(node.contribution)?.positive_contribution !== true
+  );
+}
+function diagnoseQueueOccupation(graph, attentionBudget = 1) {
+  const nodes = graphNodes(graph);
+  const candidates = candidateNodes(graph);
+  const occupied = nodes.length === 0 ? 0 : candidates.length / nodes.length;
+  return {
+    accepted: true,
+    attention_budget_ledger: {
+      attention_budget: attentionBudget,
+      occupied,
+      occupied_by_candidate_only: candidates.length,
+      settled: false
+    },
+    candidate_only_count: candidates.length,
+    execution_authority_granted: false,
+    graph_id: String(graph.graph_id ?? ""),
+    queue_occupation: occupied,
+    report_id: "queue-occupation-report",
+    settled: false,
+    verification_queue_pressure: {
+      missing_obligation_count: Number(
+        record(graph.residual_summary)?.missing_obligation_count ?? 0
+      ),
+      pressure: occupied,
+      settled: false
+    },
+    workflow_usable: true
+  };
+}
+function diagnoseSalienceObstruction(graph) {
+  const blocked = graphNodes(graph).filter(
+    (node) => strings(record(node.eligibility)?.blockers).some(
+      (blocker) => [
+        "candidate-only",
+        "salience-obstruction",
+        "stale",
+        "raw-external-volume"
+      ].includes(blocker)
+    )
+  );
+  return {
+    accepted: true,
+    blocked_packet_ids: blocked.map((node) => String(node.node_id)),
+    execution_authority_granted: false,
+    graph_id: String(graph.graph_id ?? ""),
+    obstruction_count: blocked.length,
+    reasons: [
+      "salience obstruction is diagnostic and does not mutate queue state"
+    ],
+    report_id: "salience-obstruction-diagnosis",
+    settled: false,
+    workflow_usable: true
+  };
+}
+function buildQueueRebalancePlan(graph) {
+  const actions = graphNodes(graph).map((node) => {
+    const blockers = strings(record(node.eligibility)?.blockers);
+    const action = blockers.length > 0 ? "preserve_residual" : "inspect";
+    return {
+      action,
+      applied: false,
+      deletes_packet: false,
+      node_id: String(node.node_id ?? ""),
+      reasons: blockers,
+      settled: false
+    };
+  });
+  return {
+    accepted: true,
+    actions,
+    applied_action_count: 0,
+    execution_authority_granted: false,
+    graph_id: String(graph.graph_id ?? ""),
+    plan_id: "queue-rebalance-plan",
+    recommended_action_count: actions.length,
+    settled: false,
+    workflow_usable: true
+  };
+}
+function buildPacketQuarantineDecisions(graph) {
+  const decisions = candidateNodes(graph).map((node) => ({
+    applied: false,
+    decision: "quarantine",
+    deletes_packet: false,
+    node_id: String(node.node_id ?? ""),
+    reasons: strings(record(node.eligibility)?.blockers),
+    reversible: true,
+    settled: false
+  }));
+  return {
+    accepted: true,
+    applied: false,
+    deletes_packets: false,
+    execution_authority_granted: false,
+    quarantine_decisions: decisions,
+    settled: false,
+    workflow_usable: true
+  };
+}
+function checkDiagnosticReserve(graph, attentionBudget = 1) {
+  const queue = diagnoseQueueOccupation(graph, attentionBudget);
+  const occupied = Number(queue.queue_occupation ?? 0);
+  const reserveFraction = Math.max(0, 1 - occupied);
+  return {
+    accepted: true,
+    diagnostic_reserve_available: reserveFraction > 0.1,
+    execution_authority_granted: false,
+    minimum_reserve_fraction: 0.1,
+    reasons: reserveFraction > 0.1 ? ["diagnostic reserve remains available"] : ["diagnostic reserve is below threshold"],
+    report_id: "diagnostic-reserve-report",
+    reserve_fraction: reserveFraction,
+    settled: false,
+    workflow_usable: true
+  };
+}
+export {
+  buildPacketQuarantineDecisions,
+  buildQueueRebalancePlan,
+  checkDiagnosticReserve,
+  diagnoseQueueOccupation,
+  diagnoseSalienceObstruction
+};

package/dist/trc_adapter/index.d.ts

@@ -0,0 +1,6 @@
+type JsonRecord = Record<string, unknown>;
+declare function adaptTrcTrace(input: JsonRecord): JsonRecord;
+declare function adaptToolTrace(input: JsonRecord | JsonRecord[]): JsonRecord;
+declare function buildActionBoundaryReport(runtimeReport: JsonRecord): JsonRecord;
+
+export { adaptToolTrace, adaptTrcTrace, buildActionBoundaryReport };

package/dist/trc_adapter/index.js

@@ -0,0 +1,86 @@
+// src/trc_adapter/index.ts
+function record(value) {
+  return value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+}
+function records(value) {
+  return Array.isArray(value) ? value.filter((item) => Boolean(record(item))) : [];
+}
+function eventsFromTrace(input) {
+  return records(input.events).length > 0 ? records(input.events) : records(input.tool_calls).length > 0 ? records(input.tool_calls) : [input];
+}
+function adaptTrcTrace(input) {
+  const events = eventsFromTrace(input);
+  const typedEvents = events.map((event, index) => ({
+    action_kind: String(
+      event.action_kind ?? event.type ?? event.name ?? "agent-event"
+    ),
+    authority_status: String(event.authority_status ?? "not-granted"),
+    event_id: String(event.event_id ?? `trace-event:${index}`),
+    evidence_refs: Array.isArray(event.evidence_refs) ? event.evidence_refs.map(String) : [],
+    receiver: String(
+      event.receiver ?? event.receiver_agent_id ?? "unknown-receiver"
+    ),
+    rollback_status: String(event.rollback_status ?? "unknown"),
+    source: String(event.source ?? event.sender ?? "unknown-source"),
+    settled: false
+  }));
+  return {
+    accepted: true,
+    executed_action_count: 0,
+    execution_authority_granted: false,
+    frontier_debt: {
+      missing_physical_or_oracle_obligations: [
+        "physical execution evidence",
+        "oracle truth evidence"
+      ],
+      settled: false
+    },
+    normal_form: {
+      event_count: typedEvents.length,
+      normal_form_id: "trace-normal-form",
+      settled: false
+    },
+    physical_truth_proven: false,
+    reasons: ["trace content is typed data, not instruction"],
+    report_id: "trace-adapter-report",
+    settled: false,
+    tolerance_ledger: {
+      residual_tolerance: 1,
+      settled: false
+    },
+    typed_trace: {
+      events: typedEvents,
+      trace_id: String(input.trace_id ?? "typed-agent-trace")
+    },
+    workflow_usable: true
+  };
+}
+function adaptToolTrace(input) {
+  const events = Array.isArray(input) ? input : eventsFromTrace(input);
+  return adaptTrcTrace({ events, trace_id: "typed-tool-call-trace" });
+}
+function buildActionBoundaryReport(runtimeReport) {
+  const commits = records(runtimeReport.action_commits);
+  return {
+    accepted: runtimeReport.accepted === true,
+    action_boundaries: commits.map((commit, index) => ({
+      action_id: String(commit.action_id ?? `action:${index}`),
+      authority_status: "not-granted",
+      execution_authority_granted: false,
+      rollback_required: true,
+      settled: false
+    })),
+    executed_action_count: 0,
+    execution_authority_granted: false,
+    physical_truth_proven: false,
+    reasons: ["runtime action boundaries are diagnostic and non-executing"],
+    report_id: "action-boundary-report",
+    settled: false,
+    workflow_usable: runtimeReport.accepted === true
+  };
+}
+export {
+  adaptToolTrace,
+  adaptTrcTrace,
+  buildActionBoundaryReport
+};

package/docs/alt-ecpt-lift.md

@@ -0,0 +1,32 @@
+# ALT To ECPT Lift
+
+ALT-to-ECPT lift checks whether an abstraction-like packet can support a phase
+ecology component such as a semantic edge, receiver context, execution path, or
+closure candidate. It prevents useful-looking abstraction tokens from being
+counted as phase progress without a bridge.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts alt ecpt-lift --packets packet.json --graph effective_graph.json --output alt_lift.json
+pic-ts alt receiver-lift --packet packet.json --receiver-context receiver.json --output receiver_lift.json
+pic-ts alt liquidity-to-paths --packet packet.json --graph effective_graph.json --output liquidity_paths.json
+pic-ts alt capital-impact --reports alt_lift.json --output capital_impact.json
+```
+
+## How To Read It
+
+- `lift_status` tells whether the packet is only diagnostic or a candidate.
+- `positive_ecpt_component_lift` is true only when a declared ECPT component is
+  supported.
+- `promotes_to_ecpt_capital` remains false because ALT liquidity is not
+  automatically packet capital.
+- `blockers` preserve missing bridge, receiver, hazard, or lifecycle evidence.
+
+## Safety Boundary
+
+The lift verifier does not prove real ASI, physical truth, or oracle truth. It
+does not grant execution authority. It keeps `settled=false` unless a finite
+checker path discharges the relevant obligations.
+
+Python `percolation-inversion-compiler==0.5.0` remains canonical.

package/docs/bit-inversion-engine.md

@@ -0,0 +1,32 @@
+# BIT Bottleneck Inversion Engine
+
+The BIT engine reads an effective packet graph and reports practical blockers:
+missing evidence, missing verifier routes, missing semantic edges, missing
+rollback support, missing authority, stale packets, salience obstruction, and
+similar issues.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts bit diagnose --graph effective_graph.json --output bottlenecks.json
+pic-ts bit invert --bottlenecks bottlenecks.json --output inversion_candidates.json
+pic-ts bit certificate --candidate inversion_candidates.json --output inversion_certificate.json
+```
+
+## How To Read It
+
+- A bottleneck is a reason a packet or edge cannot currently contribute.
+- A minimal enabling condition is a small, finite check that would reduce the
+  blocker if supplied.
+- An inversion candidate is a recommendation for what to verify next.
+- A certificate is still a candidate unless all scoped obligations are
+  discharged by a finite checker.
+
+## Safety Boundary
+
+BIT reports are recommendation-only in PIC-TS. They preserve residual work,
+return `settled=false`, and keep `execution_authority_granted=false`. They do
+not execute plans, mutate repositories, call external services, or claim that a
+bottleneck has been solved without evidence.
+
+Python `percolation-inversion-compiler==0.5.0` remains canonical.

package/docs/cli-reference.md

@@ -0,0 +1,68 @@
+# PIC-TS CLI Reference
+
+`percolation-inversion-compiler-ts` is an npm and Node.js companion for the
+Python `percolation-inversion-compiler==0.5.0` public JSON and CLI surface. Use
+`pic-ts` in Node projects. `pic` is kept only as a compatibility alias and may
+conflict with the Python command.
+
+## Common Checks
+
+```sh
+pic-ts agent check --compact --text "Candidate packet: preserve residuals." --profile development
+pic-ts demo bootstrap --output-dir .pic-demo --overwrite
+pic-ts runtime step --state .pic-demo/runtime_state.json --input .pic-demo/runtime_step_input.json --output .pic-demo/runtime_step_report.generated.json
+pic-ts packet export --report .pic-demo/runtime_step_report.generated.json --output .pic-demo/packet.json
+pic-ts packet inspect --packet .pic-demo/packet.json
+pic-ts phase plan --request .pic-demo/asi_proxy_phase_request.json --compact
+```
+
+These commands inspect JSON and report missing work. They do not run packet
+content, grant shell authority, or turn accepted work into settled work.
+
+## Phase Ecology Lab
+
+```sh
+pic-ts phase lab init --output-dir pic-phase-lab
+pic-ts phase lab ingest --store pic-phase-lab --report examples/phase_lab/runtime_report_1.json
+pic-ts phase lab ingest --store pic-phase-lab --report examples/phase_lab/runtime_report_2.json
+pic-ts phase lab list-windows --store pic-phase-lab
+pic-ts phase lab observe --store pic-phase-lab --window latest --output observation.json
+pic-ts phase lab graph --store pic-phase-lab --output effective_graph.json
+pic-ts phase lab closure --store pic-phase-lab --output closure_report.json
+pic-ts phase lab executable-paths --store pic-phase-lab --output executable_paths.json
+pic-ts phase lab threshold-status --store pic-phase-lab --threshold examples/thresholds/asi_proxy_development.json
+pic-ts phase lab certify --store pic-phase-lab --threshold examples/thresholds/asi_proxy_development.json --output certificate.json
+pic-ts phase lab compare-window --store pic-phase-lab --baseline previous --candidate latest
+```
+
+The lab uses a local JSON/JSONL store. It saves source basenames, not absolute
+local paths. YAML input, live connectors, shell execution, repository mutation,
+and hidden settlement are outside the required npm runtime surface.
+
+## v0.5.0 Diagnostic Commands
+
+```sh
+pic-ts ecology effective-graph --reports examples/phase_lab/runtime_report_1.json --reports examples/phase_lab/runtime_report_2.json --output effective_graph.json
+pic-ts ecology execution-available-paths --graph effective_graph.json
+pic-ts bit diagnose --graph effective_graph.json --output bottlenecks.json
+pic-ts bit invert --bottlenecks bottlenecks.json --output inversion_candidates.json
+pic-ts bit mec --bottlenecks bottlenecks.json --bottleneck bottleneck:example
+pic-ts bit certificate --candidate inversion_candidates.json
+pic-ts bit compare-baseline --baseline examples/phase_lab/phase_window_observation.example.json --candidate examples/phase_lab/phase_window_observation.example.json
+pic-ts sqot diagnose-queue --graph effective_graph.json
+pic-ts sqot salience-obstruction --graph effective_graph.json
+pic-ts sqot rebalance --graph effective_graph.json
+pic-ts sqot quarantine --graph effective_graph.json
+pic-ts sqot reserve-check --graph effective_graph.json
+pic-ts alt ecpt-lift --packets examples/packet_exchange/packet_envelope.example.json --graph effective_graph.json
+pic-ts alt receiver-lift --packet examples/packet_exchange/packet_envelope.example.json --receiver-context examples/packet_exchange/packet_envelope.example.json
+pic-ts alt liquidity-to-paths --packet examples/packet_exchange/packet_envelope.example.json --graph effective_graph.json
+pic-ts alt capital-impact --reports examples/alt_lift/alt_ecpt_lift.example.json
+pic-ts trc trace-adapter --input examples/trc_adapter/tool_trace_input.example.json
+pic-ts trc tool-trace --events examples/trc_adapter/tool_trace_input.example.json
+pic-ts trc action-boundary --report fixtures/python_v044_demo/runtime_step_report.json
+```
+
+All of these routes are diagnostic or recommendation outputs. They keep
+`settled=false` unless a finite verifier path has actually discharged the
+scoped obligations.

package/docs/effective-packet-graph.md

@@ -0,0 +1,35 @@
+# Effective Packet Graph
+
+The effective packet graph is a local JSON report that separates useful packet
+records from packet traffic that is only diagnostic. It helps an agent see which
+reports can support later checks, which edges still need evidence, and which
+items must not count as progress.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts phase lab graph --store .pic-lab --output effective_graph.json
+pic-ts ecology effective-graph --reports report-a.json --reports report-b.json --output effective_graph.json
+```
+
+## How To Read It
+
+- `nodes` are packet or report records stored as inert data.
+- `edges` are claimed relationships between records.
+- `accepted_packet_capital` counts only accepted, retrievable, non-blocked
+  records.
+- `candidate_only_packets`, `missing_edge_evidence`, and `residual_summary`
+  explain why some material is not counted.
+- `positive_phase_contribution` is false for raw external volume, registry
+  metadata, agent text alone, stale records, and candidate-only records.
+
+## Safety Boundary
+
+The graph builder does not run packet content, shell text, `safe_commands`, npm
+commands, Docker commands, or Kubernetes commands. It does not grant execution
+authority and does not turn `accepted` or `workflow_usable` into `settled`.
+Diagnostic graph reports keep `settled=false`.
+
+Python `percolation-inversion-compiler==0.5.0` remains the canonical
+implementation. PIC-TS mirrors the public JSON boundary for JavaScript agent
+runtimes.

package/docs/for-agents.md

@@ -0,0 +1,44 @@
+# Using PIC-TS From Agents
+
+PIC-TS is a local JSON checker for JavaScript and TypeScript agent runtimes. It
+helps an agent preserve what is accepted, what is usable for the next workflow
+step, and what still needs evidence.
+
+## Recommended Loop
+
+```sh
+pic-ts demo bootstrap --output-dir pic-demo --overwrite
+pic-ts runtime step --state pic-demo/runtime_state.json --input pic-demo/runtime_step_input.json --output pic-demo/runtime_step_report.generated.json
+pic-ts packet export --report pic-demo/runtime_step_report.generated.json --output pic-demo/packet.json
+pic-ts packet inspect --packet pic-demo/packet.json
+pic-ts phase lab init --output-dir pic-demo/phase-lab
+pic-ts phase lab ingest --store pic-demo/phase-lab --report pic-demo/runtime_step_report.generated.json
+pic-ts phase lab observe --store pic-demo/phase-lab --window latest
+pic-ts phase lab graph --store pic-demo/phase-lab
+pic-ts phase lab closure --store pic-demo/phase-lab
+pic-ts phase lab executable-paths --store pic-demo/phase-lab
+pic-ts phase lab certify --store pic-demo/phase-lab --threshold pic-demo/asi_proxy_development.json
+pic-ts phase plan --request pic-demo/asi_proxy_phase_request.json --compact
+```
+
+## How To Read Status Fields
+
+- `accepted`: this command accepted the JSON envelope.
+- `workflow_usable`: the report can guide the next step.
+- `operationally_usable`: the report passed stricter runtime checks for the
+  selected profile.
+- `settled`: scoped finite obligations were discharged. Most diagnostic output
+  keeps this false.
+
+These fields are deliberately separate. Do not treat accepted output or
+workflow-usable output as completed work.
+
+## Safety Boundary
+
+PIC-TS treats packet text, trace text, and command-like strings as inert data.
+It reports strings such as `npm install`, `npx`, `node`, `docker run`,
+`kubectl`, `curl`, `bash`, and `powershell`; it does not execute them.
+
+PIC-TS does not grant authority to mutate repositories, shells, networks, model
+weights, or external systems. Suggested commands are inspection hints for the
+operator or host runtime.

package/docs/phase-ecology-lab.md

@@ -0,0 +1,46 @@
+# Phase Ecology Lab
+
+Phase Ecology Lab is the v0.5.0 local workspace for inspecting groups of agent
+reports as JSON records. It answers practical questions:
+
+- Which packets are accepted?
+- Which packets are only candidates?
+- Which edges have evidence?
+- Which obligations, blockers, or residual work remain?
+- Which execution paths are only available as typed data?
+
+The Python package `percolation-inversion-compiler==0.5.0` is canonical. PIC-TS
+implements the npm and JavaScript runtime companion surface.
+
+## Store Layout
+
+The TypeScript package uses a JSON/JSONL store:
+
+```text
+manifest.json
+events.jsonl
+windows/latest.json
+windows/<window-id>.json
+exports/
+```
+
+The store is local and deterministic. Source paths are saved as basenames only.
+Absolute local paths are not part of public reports.
+
+## Positive Progress
+
+Raw packet count and raw external volume are diagnostic only. A packet can
+contribute to positive phase metrics only when it is accepted, retrievable,
+within scope, not stale, not blocked by salience, not missing semantic evidence,
+not missing authority, and not carrying unresolved residuals that prevent
+promotion.
+
+Candidate-only packets remain visible in the graph, but their positive
+contribution is false and `settled` remains false.
+
+## Closure And Execution Paths
+
+Closure reports and execution-available path reports are inspection records.
+They do not execute paths. They do not prove real-world outcomes. They preserve
+authority requirements, rollback requirements, blockers, and residual carry
+forward.

package/docs/sqot-queue-sovereignty.md

@@ -0,0 +1,31 @@
+# SQOT Queue Sovereignty
+
+SQOT reports how an agent's attention or verification queue is occupied. It is
+useful when many candidate packets exist but only some are worth review.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts sqot diagnose-queue --graph effective_graph.json --output queue_report.json
+pic-ts sqot salience-obstruction --graph effective_graph.json --output obstruction.json
+pic-ts sqot rebalance --graph effective_graph.json --output rebalance_plan.json
+pic-ts sqot quarantine --graph effective_graph.json --output quarantine_decisions.json
+pic-ts sqot reserve-check --graph effective_graph.json --output reserve_report.json
+```
+
+## How To Read It
+
+- `queue_occupation` shows how much review capacity is taken by blocked or
+  candidate-only material.
+- `verification_queue_pressure` shows whether missing obligations are piling up.
+- `rebalance` and `quarantine` outputs are labels for human or agent review.
+- `applied_action_count` stays zero unless an external system explicitly acts
+  outside PIC-TS.
+
+## Safety Boundary
+
+PIC-TS does not delete packets, move files, change priorities in an external
+queue, or automatically quarantine anything. SQOT output is inert JSON, not an
+instruction stream. It does not imply settlement.
+
+Python `percolation-inversion-compiler==0.5.0` remains canonical.

package/docs/threshold-certificates.md

@@ -0,0 +1,30 @@
+# Threshold Status And Certificate Candidates
+
+Threshold status compares a Phase Lab observation against a local JSON
+threshold. Certificate candidate output explains whether the available finite
+checks are enough for a candidate report or whether the tool must abstain.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts phase lab threshold-status --store .pic-lab --threshold threshold.json --output threshold_status.json
+pic-ts phase lab certify --store .pic-lab --threshold threshold.json --output certificate.json
+```
+
+## How To Read It
+
+- `certificate_status = "candidate"` means the finite threshold fields passed
+  inside the declared protocol window.
+- `certificate_status = "abstain"` means evidence or obligations are missing.
+- `failed_components`, `defects`, and `abstention_report` show what remains.
+- `real_asi_proof`, `physical_truth_proven`, and `oracle_truth_proven` remain
+  false.
+
+## Safety Boundary
+
+Threshold reports are protocol-relative. A candidate certificate is not real
+world proof, not execution permission, and not hidden settlement. PIC-TS keeps
+`execution_authority_granted=false` and generally keeps `settled=false` for
+these v0.5.0 diagnostic routes.
+
+Python `percolation-inversion-compiler==0.5.0` remains canonical.

package/docs/trc-trace-adapter.md

@@ -0,0 +1,30 @@
+# TRC Typed Trace Adapter
+
+The TRC adapter turns agent and tool-call logs into typed JSON trace records.
+It is meant for inspection, replay planning, and boundary checks. It treats
+trace content as data, not as commands to run.
+
+Use `pic-ts` for npm and Node.js projects:
+
+```sh
+pic-ts trc trace-adapter --input trace.json --output typed_trace.json
+pic-ts trc tool-trace --events events.jsonl --output tool_trace.json
+pic-ts trc action-boundary --report runtime_report.json --output action_boundary.json
+```
+
+## How To Read It
+
+- `typed_trace.events` lists source, receiver, action kind, authority status,
+  rollback status, and evidence references.
+- `frontier_debt` lists missing physical or oracle obligations.
+- `normal_form` gives a stable trace summary for later checking.
+- `executed_action_count` is always zero in PIC-TS.
+
+## Safety Boundary
+
+Embedded text such as `npm install`, `npx`, `node`, `docker run`, `kubectl`,
+`curl`, `bash`, or `powershell` is reported only as data. PIC-TS does not run
+trace content, does not grant authority, and does not settle physical or oracle
+claims.
+
+Python `percolation-inversion-compiler==0.5.0` remains canonical.