pumuki 6.3.46 → 6.3.48

package/docs/RELEASE_NOTES.md

@@ -5,6 +5,37 @@ Detailed commit history remains available through Git history (`git log` / `git
 
 ## 2026-03 (enterprise hardening updates)
 
+### 2026-03-05 (v6.3.48)
+
+- Anti-drift hardening for consumer validation flows:
+  - `pumuki watch` now applies manifest integrity guard and restores unexpected mutations to:
+    - `package.json`
+    - `package-lock.json`
+    - `pnpm-lock.yaml`
+    - `yarn.lock`
+  - If mutation is detected, watch blocks with `MANIFEST_MUTATION_DETECTED`.
+- Hook hardening parity:
+  - `pre-commit` / `pre-push` manifest guard now covers npm + pnpm + yarn lockfiles (not only npm).
+- Operational impact:
+  - avoids silent manifest/lockfile drift in consumers during validation loops unless upgrade is explicitly requested.
+- Validation evidence:
+  - `npx --yes tsx@4.21.0 --test integrations/lifecycle/__tests__/watch.test.ts integrations/git/__tests__/stageRunners.test.ts` (`38 pass / 0 fail`)
+  - `npm run -s typecheck` (`PASS`)
+  - consumer smoke (Flux, local core bin): `watch --once --json` with hashes unchanged for `package.json` / `pnpm-lock.yaml`.
+
+### 2026-03-05 (v6.3.47)
+
+- Manifest integrity hardening in hook stages (`PRE_COMMIT` / `PRE_PUSH`):
+  - Pumuki now snapshots `package.json` and `package-lock.json` before hook gate execution.
+  - If an unexpected mutation appears during the hook flow, Pumuki restores both files automatically and blocks with:
+    - `MANIFEST_MUTATION_DETECTED`
+- Operational impact:
+  - avoids silent consumer manifest drift while keeping explicit upgrade flows (`pumuki update --latest`) under developer control.
+- Validation evidence:
+  - `npx --yes tsx@4.21.0 --test integrations/git/__tests__/stageRunners.test.ts` (`32 pass / 0 fail`)
+  - `npm run -s typecheck` (`PASS`)
+  - consumer check with local bin in RuralGo: hashes of `package.json`/`package-lock.json` unchanged after `PRE_WRITE + pre-commit + pre-push`.
+
 ### 2026-03-05 (v6.3.46)
 
 - Paridad hook/watch en auto-remediación de skills coverage:

package/docs/seguimiento-activo-pumuki-saas-supermercados.md

@@ -2389,4 +2389,161 @@
     - `npm run -s typecheck` -> `PASS`.
     - smoke consumer Flux (binario local core): `watch --once --json` -> `version.driftFromRuntime=true` + `driftWarning` presente.
 
-- 🚧 PUMUKI-180: Cerrar rollout consumidor de `PUM-012` (release + update en Flux) y mover leyenda externa de `🚧` a `✅` con evidencia en `pnpm exec pumuki watch --json`.
+- ✅ PUMUKI-180: Cerrar rollout consumidor de `PUM-012` (release + update en Flux) y mover leyenda externa de `🚧` a `✅` con evidencia en `pnpm exec pumuki watch --json`.
+  - Resultado (2026-03-05):
+    - release publicado: `pumuki@6.3.46`.
+    - rollout en Flux:
+      - `pnpm add -Dw pumuki@latest`
+      - `pnpm exec pumuki watch --once --stage=PRE_COMMIT --scope=staged --json`
+    - contrato validado en consumer:
+      - `version.effective=6.3.46`
+      - `version.runtime=6.3.46`
+      - `version.driftFromRuntime=false`
+      - `lastTick.changedFiles[]` y `lastTick.evaluatedFiles[]` presentes.
+    - MD externo Flux actualizado:
+      - `PUM-012` -> `✅ Cerrado`
+      - backlog Flux queda `✅ 100% cerrado`.
+
+- ✅ PUMUKI-181: Ejecutar verificación post-release en SAAS y RuralGo (`status/doctor/watch`) y registrar únicamente hallazgos netos nuevos.
+  - Resultado (2026-03-05):
+    - verificación completa en `SAAS`:
+      - `status --json`: `packageVersion=6.3.46`, `lifecycleState.version=6.3.46`.
+      - `doctor --json`: `issues=[]`.
+      - `watch --once --json`: `version.effective=6.3.46`, `driftFromRuntime=false`, gate `ALLOW`.
+    - verificación completa en `R_GO`:
+      - `status --json`: `packageVersion=6.3.46`, `lifecycleState.version=6.3.46`.
+      - `doctor --json`: `issues=[]`.
+      - `watch --once --json`: `version.effective=6.3.46`, `driftFromRuntime=false`, gate `ALLOW`.
+    - contraste de backlog externo (solo señal neta):
+      - `SAAS`: `hasActionRequired=false`.
+      - `RuralGo`: `hasActionRequired=false`.
+    - no se registran hallazgos netos nuevos en esta pasada.
+  - Evidencia:
+    - `pnpm exec pumuki status --json` (SAAS).
+    - `pnpm exec pumuki doctor --json` (SAAS).
+    - `pnpm exec pumuki watch --once --stage=PRE_COMMIT --scope=staged --json` (SAAS).
+    - `npx --yes --package pumuki@latest pumuki status --json` (R_GO).
+    - `npx --yes --package pumuki@latest pumuki doctor --json` (R_GO).
+    - `npx --yes --package pumuki@latest pumuki watch --once --stage=PRE_COMMIT --scope=staged --json` (R_GO).
+    - `npm run -s validation:backlog-watch -- --file="/Users/juancarlosmerlosalbarracin/Developer/Projects/SAAS:APP_SUPERMERCADOS/docs/pumuki/PUMUKI_BUGS_MEJORAS.md" --repo=SwiftEnProfundidad/ast-intelligence-hooks --json --no-fail`.
+    - `npm run -s validation:backlog-watch -- --file="/Users/juancarlosmerlosalbarracin/Developer/Projects/R_GO/docs/technical/08-validation/refactor/pumuki-integration-feedback.md" --repo=SwiftEnProfundidad/ast-intelligence-hooks --json --no-fail`.
+
+- ✅ PUMUKI-182: Ejecutar ciclo de vigilancia activa post-6.3.46 en SAAS/RuralGo/Flux y abrir fix inmediato solo si aparece `has_action_required=true`.
+  - Resultado (2026-03-05):
+    - ciclo `tick` y `gate` ejecutado en flota completa (`SAAS`, `RuralGo`, `Flux`).
+    - estado consolidado:
+      - `targets=3`
+      - `entries_scanned_total=137`
+      - `non_closed_total=0`
+      - `has_action_required=false`
+    - no se abrió fix nuevo al no existir señal neta reproducible.
+  - Evidencia:
+    - `npm run -s validation:backlog-watch:tick`.
+    - `npm run -s validation:backlog-watch:gate`.
+
+- ✅ PUMUKI-183: Mantener vigilancia continua (tick/gate) y preparar corte de release solo cuando aparezca incidencia neta reproducible en consumers.
+  - Resultado (2026-03-05):
+    - nueva pasada operativa completada con `tick` y `gate` sobre `SAAS`, `RuralGo` y `Flux`.
+    - estado consolidado:
+      - `targets=3`
+      - `entries_scanned_total=137`
+      - `non_closed_total=0`
+      - `action_required_targets=0`
+      - `has_action_required=false`
+    - sin señal neta reproducible, no se abre fix nuevo ni corte de release.
+  - Evidencia:
+    - `npm run -s validation:backlog-watch:tick`.
+    - `npm run -s validation:backlog-watch:gate`.
+
+- ✅ PUMUKI-184: Mantener ciclo continuo de vigilancia multi-consumer (tick/gate) y ejecutar fix inmediato al primer `has_action_required=true` con actualización de leyenda en MD externo + MD interno.
+  - Resultado (2026-03-05):
+    - el ciclo `tick/gate` detectó señal neta reproducible:
+      - `targets=3`
+      - `entries_scanned_total=139`
+      - `non_closed_total=1`
+      - `has_action_required=true`
+      - origen: `RuralGo` -> `PUMUKI-INC-063` (`needs_issue`).
+    - trazabilidad inmediata ejecutada:
+      - issue upstream creada: `#720`.
+      - MD externo RuralGo actualizado con referencia de issue:
+        - fila resumen activa `PUMUKI-INC-063` -> incluye `issue #720`.
+        - entrada incremental `PUMUKI-INC-063` -> `🚧 REPORTED (#720)`.
+    - se mantiene disciplina de una sola task activa y se abre implementación técnica del fix.
+  - Evidencia:
+    - `npm run -s validation:backlog-watch:tick`.
+    - `npm run -s validation:backlog-watch:gate`.
+    - `gh issue create --repo SwiftEnProfundidad/ast-intelligence-hooks ...` -> `https://github.com/SwiftEnProfundidad/ast-intelligence-hooks/issues/720`.
+    - edición de `/Users/juancarlosmerlosalbarracin/Developer/Projects/R_GO/docs/technical/08-validation/refactor/pumuki-integration-feedback.md`.
+
+- ✅ PUMUKI-185: Implementar fix técnico de `#720` (no mutación de `package.json`/`package-lock.json` en hooks/gates sin upgrade explícito) con RED -> GREEN -> REFACTOR y cerrar trazabilidad en MD externo + interno.
+  - Resultado (2026-03-05):
+    - `integrations/git/stageRunners.ts` incorpora guard de integridad de manifests en hooks:
+      - snapshot previo de `package.json` + `package-lock.json`,
+      - detección de mutación inesperada tras gate,
+      - reversión automática al snapshot original,
+      - bloqueo explícito con código `MANIFEST_MUTATION_DETECTED`.
+    - comportamiento objetivo:
+      - los hooks no dejan side-effects en manifests del consumer sin comando explícito de upgrade.
+    - cobertura RED -> GREEN añadida:
+      - `runPreCommitStage bloquea y revierte mutación inesperada de manifests`.
+      - `runPrePushStage bloquea y revierte mutación inesperada de manifests`.
+  - Evidencia:
+    - `npx --yes tsx@4.21.0 --test integrations/git/__tests__/stageRunners.test.ts` -> `32 pass / 0 fail`.
+    - `npm run -s typecheck` -> `PASS`.
+    - issue de trazabilidad: `https://github.com/SwiftEnProfundidad/ast-intelligence-hooks/issues/720`.
+
+- ✅ PUMUKI-186: Validar fix `#720` en consumer real (RuralGo), actualizar estado del hallazgo `PUMUKI-INC-063` y cerrar issue/loop de vigilancia si `has_action_required=false`.
+  - Resultado (2026-03-05):
+    - validación ejecutada en RuralGo con binario local del core (incluye fix `#720`) sobre ciclo real:
+      - `pumuki sdd validate --stage=PRE_WRITE --json`
+      - `pumuki-pre-commit`
+      - `pumuki-pre-push`
+    - comprobación de integridad de manifests:
+      - `package.json`: hash sin cambios antes/después.
+      - `package-lock.json`: hash sin cambios antes/después.
+    - resultado funcional:
+      - `RC prewrite=0`, `RC precommit=0`, `RC prepush=0`.
+    - vigilancia consolidada:
+      - `validation:backlog-watch:tick` en verde (`has_action_required=false`).
+  - Evidencia:
+    - ejecución local fix en consumer RuralGo:
+      - `node /Users/juancarlosmerlosalbarracin/Developer/Projects/ast-intelligence-hooks/bin/pumuki.js sdd validate --stage=PRE_WRITE --json`
+      - `node /Users/juancarlosmerlosalbarracin/Developer/Projects/ast-intelligence-hooks/bin/pumuki-pre-commit.js`
+      - `PUMUKI_PRE_PUSH_STDIN=\"\" node /Users/juancarlosmerlosalbarracin/Developer/Projects/ast-intelligence-hooks/bin/pumuki-pre-push.js`
+    - verificación de hashes + estado:
+      - `shasum -a 256 package.json package-lock.json`
+      - `git status --short -- package.json package-lock.json`
+    - vigilancia:
+      - `npm run -s validation:backlog-watch:tick`.
+
+- ✅ PUMUKI-187: Publicar corte con fix `#720`, actualizar consumers a la versión publicada y mover `PUMUKI-INC-063` de `🚧 REPORTED` a `✅ FIXED` con referencia de issue/commit/release.
+  - Resultado (2026-03-05):
+    - release publicada: `pumuki@6.3.47`.
+    - rollout en consumers:
+      - `R_GO`: upgrade a `pumuki@6.3.47` (con `npm_config_engine_strict=false` por restricción de engines del consumer), `PRE_WRITE/PRE_COMMIT/PRE_PUSH` en `RC=0`.
+      - `SAAS`: upgrade a `pumuki@6.3.47`, validación local con binarios `node node_modules/pumuki/bin/*` (bloqueos existentes del repo por reglas/gate, no regresión de manifests).
+      - `Flux_training`: upgrade a `pumuki@6.3.47`, `PRE_WRITE/PRE_COMMIT` en `RC=0` y `PRE_PUSH` bloqueado por atomicidad del propio worktree (`changed_files=720`), sin mutación de manifests.
+    - verificación de no mutación de manifests:
+      - `R_GO`: `package.json` y `package-lock.json` sin cambios de hash antes/después de `validate + pre-commit + pre-push`.
+      - `SAAS`: `package.json` y `package-lock.json` sin cambios de hash antes/después de `validate + pre-commit + pre-push`.
+      - `Flux_training`: `package.json` y `pnpm-lock.yaml` sin cambios de hash antes/después de `validate + pre-commit + pre-push`.
+    - MD canónico RuralGo actualizado:
+      - `PUMUKI-INC-063` -> `✅ FIXED (#720, release 6.3.47)`.
+      - activos High reducidos a `PUMUKI-INC-064` como único foco.
+  - Evidencia:
+    - `npm publish --access public` -> `+ pumuki@6.3.47`.
+    - `npm ls pumuki --depth=0` (`R_GO`/`SAAS`) y `pnpm list -D pumuki --depth 0` (`Flux_training`) -> `6.3.47`.
+    - hashes before/after de manifests en los tres consumers.
+
+- ✅ PUMUKI-188: Cerrar trazabilidad de RuralGo tras validación de `PUMUKI-INC-064` y ajustar foco activo al siguiente hallazgo neto real.
+  - Resultado (2026-03-05):
+    - MD canónico RuralGo quedó 100% cerrado:
+      - `✅ Cerrados: 100`
+      - `🚧/⏳/⛔: 0`.
+    - `PUMUKI-INC-064` se consolidó en `✅ FIXED` con referencia de release `6.3.47` y evidencia de `PRE_PUSH=ALLOW` sin workaround manual de `skills.sources.json`/`skills.lock.json`.
+    - `issue #720` cerrada tras validación del fix de mutación de manifests.
+  - Evidencia:
+    - `sed -n '1,60p' /Users/.../R_GO/docs/.../pumuki-integration-feedback.md` (estado cerrado 100/0).
+    - `gh issue close 720 --repo SwiftEnProfundidad/ast-intelligence-hooks ...`.
+
+- 🚧 PUMUKI-189: Ejecutar siguiente bug prioritaria activa de Flux (`PUM-013`) sobre drift de dependencia en manifests durante validación y cerrar con fix + release + validación consumer.

package/integrations/git/stageRunners.ts

@@ -18,7 +18,8 @@ import {
   emitAuditSummaryNotificationFromEvidence,
   emitGateBlockedNotification,
 } from '../notifications/emitAuditSummaryNotification';
-import { readFileSync } from 'node:fs';
+import { existsSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
 import { readEvidence, readEvidenceResult } from '../evidence/readEvidence';
 import type { EvidenceReadResult } from '../evidence/readEvidence';
 import { ensureRuntimeArtifactsIgnored } from '../lifecycle/artifacts';
@@ -53,6 +54,8 @@ const BLOCKED_REMEDIATION_BY_CODE: Readonly<Record<string, string>> = {
   PRE_PUSH_UPSTREAM_MISSING: 'Ejecuta: git push --set-upstream origin <branch>',
   PRE_PUSH_UPSTREAM_MISALIGNED:
     'Alinea upstream con la rama actual: git branch --unset-upstream && git push --set-upstream origin <branch>',
+  MANIFEST_MUTATION_DETECTED:
+    'Los hooks/gates no deben modificar manifests. Revisa wiring y ejecuta upgrade explícito solo cuando aplique (por ejemplo: pumuki update --latest).',
 };
 
 const HOOK_POLICY_RECONCILE_CODES = new Set<string>([
@@ -238,6 +241,87 @@ const shouldRetryAfterPolicyReconcile = (params: {
 
 type HookStage = 'PRE_COMMIT' | 'PRE_PUSH';
 type HookPolicyTrace = NonNullable<ReturnType<typeof resolvePolicyForStage>['trace']>;
+const MANIFEST_GUARD_FILES = [
+  'package.json',
+  'package-lock.json',
+  'pnpm-lock.yaml',
+  'yarn.lock',
+] as const;
+
+type ManifestGuardEntry = {
+  relativePath: (typeof MANIFEST_GUARD_FILES)[number];
+  absolutePath: string;
+  existed: boolean;
+  contents: string;
+};
+
+const captureManifestGuardSnapshot = (repoRoot: string): Array<ManifestGuardEntry> =>
+  MANIFEST_GUARD_FILES.map((relativePath) => {
+    const absolutePath = join(repoRoot, relativePath);
+    const existed = existsSync(absolutePath);
+    return {
+      relativePath,
+      absolutePath,
+      existed,
+      contents: existed ? readFileSync(absolutePath, 'utf8') : '',
+    };
+  });
+
+const restoreManifestGuardSnapshot = (
+  snapshot: ReadonlyArray<ManifestGuardEntry>
+): Array<string> => {
+  const mutated: Array<string> = [];
+  for (const entry of snapshot) {
+    const existsNow = existsSync(entry.absolutePath);
+    if (entry.existed) {
+      if (!existsNow) {
+        writeFileSync(entry.absolutePath, entry.contents, 'utf8');
+        mutated.push(entry.relativePath);
+        continue;
+      }
+      const current = readFileSync(entry.absolutePath, 'utf8');
+      if (current !== entry.contents) {
+        writeFileSync(entry.absolutePath, entry.contents, 'utf8');
+        mutated.push(entry.relativePath);
+      }
+      continue;
+    }
+    if (existsNow) {
+      unlinkSync(entry.absolutePath);
+      mutated.push(entry.relativePath);
+    }
+  }
+  return Array.from(new Set(mutated));
+};
+
+const enforceManifestGuard = (params: {
+  dependencies: StageRunnerDependencies;
+  repoRoot: string;
+  stage: HookStage;
+  snapshot: ReadonlyArray<ManifestGuardEntry>;
+}): boolean => {
+  const mutated = restoreManifestGuardSnapshot(params.snapshot);
+  if (mutated.length === 0) {
+    return false;
+  }
+  const summary = mutated.join(', ');
+  process.stderr.write(
+    `[pumuki][manifest-guard] unexpected manifest mutation detected and reverted: ${summary}\n`
+  );
+  params.dependencies.notifyGateBlocked({
+    repoRoot: params.repoRoot,
+    stage: params.stage,
+    totalViolations: mutated.length,
+    causeCode: 'MANIFEST_MUTATION_DETECTED',
+    causeMessage:
+      `Unexpected manifest mutation detected during ${params.stage}: ${summary}. ` +
+      'Hooks/gates must not mutate consumer manifests without explicit upgrade command.',
+    remediation: BLOCKED_REMEDIATION_BY_CODE.MANIFEST_MUTATION_DETECTED
+      ?? DEFAULT_BLOCKED_REMEDIATION,
+  });
+  notifyAuditSummaryForStage(params.dependencies, params.stage);
+  return true;
+};
 
 const runHookGateAttempt = async (params: {
   dependencies: StageRunnerDependencies;
@@ -455,6 +539,7 @@ export async function runPreCommitStage(
 ): Promise<number> {
   const activeDependencies = getDependencies(dependencies);
   const repoRoot = activeDependencies.resolveRepoRoot();
+  const manifestSnapshot = captureManifestGuardSnapshot(repoRoot);
   activeDependencies.ensureRuntimeArtifactsIgnored(repoRoot);
   if (
     enforceGitAtomicityGate({
@@ -473,6 +558,16 @@ export async function runPreCommitStage(
       kind: 'staged',
     },
   });
+  if (
+    enforceManifestGuard({
+      dependencies: activeDependencies,
+      repoRoot,
+      stage: 'PRE_COMMIT',
+      snapshot: manifestSnapshot,
+    })
+  ) {
+    return 1;
+  }
   emitSuccessfulHookGateSummary({
     dependencies: activeDependencies,
     stage: 'PRE_COMMIT',
@@ -497,6 +592,7 @@ export async function runPrePushStage(
 ): Promise<number> {
   const activeDependencies = getDependencies(dependencies);
   const repoRoot = activeDependencies.resolveRepoRoot();
+  const manifestSnapshot = captureManifestGuardSnapshot(repoRoot);
   activeDependencies.ensureRuntimeArtifactsIgnored(repoRoot);
   const upstreamRef = activeDependencies.resolveUpstreamRef();
   if (!upstreamRef) {
@@ -535,6 +631,16 @@ export async function runPrePushStage(
           toRef: 'HEAD',
         },
       });
+      if (
+        enforceManifestGuard({
+          dependencies: activeDependencies,
+          repoRoot,
+          stage: 'PRE_PUSH',
+          snapshot: manifestSnapshot,
+        })
+      ) {
+        return 1;
+      }
       emitSuccessfulHookGateSummary({
         dependencies: activeDependencies,
         stage: 'PRE_PUSH',
@@ -554,6 +660,16 @@ export async function runPrePushStage(
           kind: 'workingTree',
         },
       });
+      if (
+        enforceManifestGuard({
+          dependencies: activeDependencies,
+          repoRoot,
+          stage: 'PRE_PUSH',
+          snapshot: manifestSnapshot,
+        })
+      ) {
+        return 1;
+      }
       emitSuccessfulHookGateSummary({
         dependencies: activeDependencies,
         stage: 'PRE_PUSH',
@@ -614,6 +730,16 @@ export async function runPrePushStage(
       toRef: 'HEAD',
     },
   });
+  if (
+    enforceManifestGuard({
+      dependencies: activeDependencies,
+      repoRoot,
+      stage: 'PRE_PUSH',
+      snapshot: manifestSnapshot,
+    })
+  ) {
+    return 1;
+  }
   emitSuccessfulHookGateSummary({
     dependencies: activeDependencies,
     stage: 'PRE_PUSH',

package/integrations/lifecycle/watch.ts

@@ -1,4 +1,6 @@
 import { createHash } from 'node:crypto';
+import { existsSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
 import { setTimeout as sleepTimer } from 'node:timers/promises';
 import { isSeverityAtLeast, type Severity } from '../../core/rules/Severity';
 import type { GateScope } from '../git/runPlatformGateFacts';
@@ -125,6 +127,8 @@ const BLOCKED_REMEDIATION_BY_CODE: Readonly<Record<string, string>> = {
   SDD_SESSION_INVALID: 'Refresca la sesión SDD y vuelve a intentar.',
   OPENSPEC_MISSING: 'Instala OpenSpec y reintenta la validación.',
   MCP_ENTERPRISE_RECEIPT_MISSING: 'Genera el receipt enterprise de MCP antes de continuar.',
+  MANIFEST_MUTATION_DETECTED:
+    'Validación no debe mutar package.json/lockfiles. Revisa wiring y realiza upgrades solo con comando explícito.',
 };
 
 const WATCH_POLICY_RECONCILE_CODES = new Set<string>([
@@ -142,6 +146,61 @@ const THRESHOLD_TO_SEVERITY: Record<LifecycleWatchSeverityThreshold, Severity> =
   low: 'INFO',
 };
 
+const WATCH_MANIFEST_GUARD_FILES = [
+  'package.json',
+  'package-lock.json',
+  'pnpm-lock.yaml',
+  'yarn.lock',
+] as const;
+
+type WatchManifestGuardEntry = {
+  relativePath: (typeof WATCH_MANIFEST_GUARD_FILES)[number];
+  absolutePath: string;
+  existed: boolean;
+  contents: string;
+};
+
+const captureWatchManifestGuardSnapshot = (
+  repoRoot: string
+): Array<WatchManifestGuardEntry> =>
+  WATCH_MANIFEST_GUARD_FILES.map((relativePath) => {
+    const absolutePath = join(repoRoot, relativePath);
+    const existed = existsSync(absolutePath);
+    return {
+      relativePath,
+      absolutePath,
+      existed,
+      contents: existed ? readFileSync(absolutePath, 'utf8') : '',
+    };
+  });
+
+const restoreWatchManifestGuardSnapshot = (
+  snapshot: ReadonlyArray<WatchManifestGuardEntry>
+): Array<string> => {
+  const mutated: Array<string> = [];
+  for (const entry of snapshot) {
+    const existsNow = existsSync(entry.absolutePath);
+    if (entry.existed) {
+      if (!existsNow) {
+        writeFileSync(entry.absolutePath, entry.contents, 'utf8');
+        mutated.push(entry.relativePath);
+        continue;
+      }
+      const current = readFileSync(entry.absolutePath, 'utf8');
+      if (current !== entry.contents) {
+        writeFileSync(entry.absolutePath, entry.contents, 'utf8');
+        mutated.push(entry.relativePath);
+      }
+      continue;
+    }
+    if (existsNow) {
+      unlinkSync(entry.absolutePath);
+      mutated.push(entry.relativePath);
+    }
+  }
+  return Array.from(new Set(mutated));
+};
+
 const toGateScope = (scope: LifecycleWatchScope): GateScope => {
   if (scope === 'staged') {
     return { kind: 'staged' };
@@ -322,21 +381,52 @@ export const runLifecycleWatch = async (
         gateOutcome: 'BLOCK' | 'WARN' | 'ALLOW' | 'NO_EVIDENCE';
         topCodes: ReadonlyArray<string>;
       }> => {
-        const gateExitCode = await activeDependencies.runPlatformGate({
+        const manifestSnapshot = captureWatchManifestGuardSnapshot(repoRoot);
+        let gateExitCode = await activeDependencies.runPlatformGate({
           policy: resolvedPolicy.policy,
           policyTrace: resolvedPolicy.trace,
           scope: gateScope,
           silent: true,
         });
         const evidence = activeDependencies.readEvidence(repoRoot);
-        const allFindings = evidence?.snapshot.findings ?? [];
-        const matchedFindings = allFindings.filter((finding) =>
+        const allFindingsBase = evidence?.snapshot.findings ?? [];
+        const matchedFindingsBase = allFindingsBase.filter((finding) =>
           isSeverityAtLeast(finding.severity, thresholdSeverity)
         );
+        const manifestMutations = restoreWatchManifestGuardSnapshot(manifestSnapshot);
+        const manifestMutationFinding: SnapshotFinding | null =
+          manifestMutations.length > 0
+            ? {
+                ruleId: 'governance.manifest.no-silent-mutation',
+                severity: 'ERROR',
+                code: 'MANIFEST_MUTATION_DETECTED',
+                message:
+                  `Unexpected manifest mutation detected during watch and reverted: ${manifestMutations.join(', ')}.`,
+                file: manifestMutations[0] ?? 'package.json',
+                matchedBy: 'LifecycleWatch',
+                source: 'skills.backend.runtime-hygiene',
+              }
+            : null;
+        const allFindings = manifestMutationFinding
+          ? [...allFindingsBase, manifestMutationFinding]
+          : allFindingsBase;
+        const matchedFindings = manifestMutationFinding
+          ? [...matchedFindingsBase, manifestMutationFinding]
+          : matchedFindingsBase;
         const rawGateOutcome =
           evidence?.snapshot.outcome ??
           (gateExitCode !== 0 ? 'BLOCK' : 'NO_EVIDENCE');
-        const gateOutcome = rawGateOutcome === 'PASS' ? 'ALLOW' : rawGateOutcome;
+        const gateOutcome = manifestMutationFinding
+          ? 'BLOCK'
+          : rawGateOutcome === 'PASS'
+            ? 'ALLOW'
+            : rawGateOutcome;
+        if (manifestMutationFinding) {
+          gateExitCode = 1;
+          process.stderr.write(
+            `[pumuki][watch-manifest-guard] unexpected manifest mutation detected and reverted: ${manifestMutations.join(', ')}\n`
+          );
+        }
         const topCodes = toTopCodes(matchedFindings);
         return {
           gateExitCode,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.46",
+  "version": "6.3.48",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {