qualia-framework 6.2.10 → 6.4.0

package/bin/harness-eval.js

@@ -0,0 +1,296 @@
+#!/usr/bin/env node
+// Qualia harness eval — deterministic project scoring + evidence artifact.
+//
+// This is the mechanical layer above trust-score and contract-runner. It writes
+// one JSON/Markdown artifact that can be attached to reports, snapshots, and
+// state transitions instead of relying on a prose "looks good" verdict.
+
+const fs = require("fs");
+const path = require("path");
+const { spawnSync } = require("child_process");
+const pc = require("./plan-contract.js");
+const contractRunner = require("./contract-runner.js");
+const trust = require("./trust-score.js");
+
+function parseArgs(argv) {
+  const args = { cwd: process.cwd() };
+  for (let i = 2; i < argv.length; i++) {
+    const a = argv[i];
+    if (a === "--json") args.json = true;
+    else if (a === "--run") args.run = true;
+    else if (a === "--write") args.write = true;
+    else if (a === "--no-write") args.no_write = true;
+    else if (a === "--phase") args.phase = Number(argv[++i]);
+    else if (a.startsWith("--phase=")) args.phase = Number(a.slice("--phase=".length));
+    else if (a === "--cwd") args.cwd = argv[++i];
+    else if (a.startsWith("--cwd=")) args.cwd = a.slice("--cwd=".length);
+  }
+  return args;
+}
+
+function readJson(file, fallback = null) {
+  try { return JSON.parse(fs.readFileSync(file, "utf8")); } catch { return fallback; }
+}
+
+function readText(file, fallback = "") {
+  try { return fs.readFileSync(file, "utf8"); } catch { return fallback; }
+}
+
+function rel(root, file) {
+  return path.relative(root, file).replace(/\\/g, "/");
+}
+
+function stateCheck(cwd) {
+  const r = spawnSync(process.execPath, [path.join(__dirname, "state.js"), "check"], {
+    cwd,
+    encoding: "utf8",
+    stdio: ["ignore", "pipe", "pipe"],
+    timeout: 5000,
+  });
+  const parsed = readJsonFromString(r.stdout);
+  return {
+    ok: r.status === 0 && parsed && parsed.ok === true,
+    status: r.status,
+    stdout: r.stdout,
+    stderr: r.stderr,
+    parsed,
+  };
+}
+
+function readJsonFromString(text) {
+  try { return JSON.parse(text); } catch { return null; }
+}
+
+function latestEval(cwd) {
+  const dir = path.join(cwd, ".planning", "evals");
+  try {
+    const files = fs.readdirSync(dir)
+      .filter((f) => /^harness-eval-.*\.json$/.test(f))
+      .map((f) => path.join(dir, f))
+      .sort();
+    if (!files.length) return null;
+    return readJson(files[files.length - 1], null);
+  } catch {
+    return null;
+  }
+}
+
+function addCheck(checks, name, weight, status, evidence, data) {
+  checks.push({
+    name,
+    weight,
+    status,
+    score: status === "pass" || status === "not_applicable" ? weight : status === "warn" ? Math.floor(weight / 2) : 0,
+    evidence,
+    ...(data && typeof data === "object" ? data : {}),
+  });
+}
+
+function verificationVerdict(text) {
+  if (!text) return "";
+  const explicit = text.match(/^result:\s*(PASS|FAIL)$/im);
+  if (explicit) return explicit[1].toLowerCase();
+  const md = text.match(/\bVerdict\b.*\b(PASS|FAIL)\b/i);
+  if (md) return md[1].toLowerCase();
+  if (/PHASE\s+PASS|ALL\s+CRITERIA\s+PASSED/i.test(text)) return "pass";
+  if (/PHASE\s+FAIL|FAILED\s+CRITERIA|GAPS\s+FOUND/i.test(text)) return "fail";
+  return "";
+}
+
+function writeArtifacts(cwd, result) {
+  const dir = path.join(cwd, ".planning", "evals");
+  fs.mkdirSync(dir, { recursive: true });
+  const stamp = result.generated_at.replace(/[:.]/g, "-");
+  const jsonPath = path.join(dir, `harness-eval-${stamp}.json`);
+  const mdPath = path.join(dir, `harness-eval-${stamp}.md`);
+  fs.writeFileSync(jsonPath, JSON.stringify(result, null, 2) + "\n");
+  const lines = [
+    `# Harness Eval`,
+    ``,
+    `**Generated:** ${result.generated_at}`,
+    `**Phase:** ${result.phase || "n/a"}`,
+    `**Status:** ${result.status}`,
+    `**Score:** ${result.score}/100`,
+    ``,
+    `## Checks`,
+    ``,
+    `| Check | Status | Score | Evidence |`,
+    `|---|---:|---:|---|`,
+    ...result.checks.map((c) => `| ${c.name} | ${c.status} | ${c.score}/${c.weight} | ${String(c.evidence || "").replace(/\|/g, "\\|")} |`),
+    ``,
+  ];
+  fs.writeFileSync(mdPath, lines.join("\n"));
+  result.artifacts = {
+    json: rel(cwd, jsonPath),
+    markdown: rel(cwd, mdPath),
+  };
+  fs.writeFileSync(jsonPath, JSON.stringify(result, null, 2) + "\n");
+  return result.artifacts;
+}
+
+function buildHarnessEval(options = {}) {
+  const cwd = path.resolve(options.cwd || process.cwd());
+  const planning = path.join(cwd, ".planning");
+  const generatedAt = options.now || new Date().toISOString();
+  const checks = [];
+
+  const state = stateCheck(cwd);
+  if (!fs.existsSync(planning)) {
+    addCheck(checks, "planning_state", 15, "fail", "No .planning directory; run /qualia-new");
+    return finalize({ cwd, generatedAt, phase: options.phase || 0, checks, statusOverride: "FAIL" }, options);
+  }
+
+  const tracking = readJson(path.join(planning, "tracking.json"), {});
+  const phase = Number(options.phase || state.parsed?.phase || tracking.phase || 0);
+  addCheck(
+    checks,
+    "planning_state",
+    15,
+    state.ok ? "pass" : "fail",
+    state.ok ? "state.js check returned ok" : "state.js check failed",
+    { state: state.parsed || null }
+  );
+
+  const ledgerResult = (() => {
+    try {
+      const stateLedger = require("./state-ledger.js");
+      return stateLedger.validate(cwd);
+    } catch (e) {
+      return { ok: false, errors: [e.message] };
+    }
+  })();
+  addCheck(
+    checks,
+    "state_ledger",
+    10,
+    ledgerResult.ok ? "pass" : "fail",
+    ledgerResult.ok ? `${ledgerResult.count || 0} hash-chained event(s)` : (ledgerResult.errors || []).join("; ")
+  );
+
+  const planPath = path.join(planning, `phase-${phase}-plan.md`);
+  const contractPath = path.join(planning, `phase-${phase}-contract.json`);
+  const hasPlan = fs.existsSync(planPath);
+  const hasContract = fs.existsSync(contractPath);
+  let loadedContract = null;
+
+  if (!hasPlan && !hasContract) {
+    addCheck(checks, "plan_contract", 20, "not_applicable", `No current phase plan/contract for phase ${phase}`);
+  } else if (!hasContract) {
+    addCheck(checks, "plan_contract", 20, "fail", `Missing ${rel(cwd, contractPath)}`);
+  } else {
+    const loaded = pc.readContractFile(contractPath);
+    loadedContract = loaded.ok ? loaded.contract : null;
+    const errors = loaded.ok ? pc.validate(loaded.contract) : [loaded.message || loaded.error];
+    const drift = hasPlan ? pc.checkDrift(contractPath, planPath) : { ok: true, drift: false };
+    const ok = loaded.ok && errors.length === 0 && !(drift.ok && drift.drift);
+    addCheck(
+      checks,
+      "plan_contract",
+      20,
+      ok ? "pass" : "fail",
+      ok ? `${rel(cwd, contractPath)} valid and in sync` : [...errors, drift.drift ? "contract drifted from plan" : ""].filter(Boolean).join("; "),
+      { contract: rel(cwd, contractPath) }
+    );
+  }
+
+  const evidencePath = path.join(planning, "evidence", `phase-${phase}-contract-run.json`);
+  let evidence = readJson(evidencePath, null);
+  if (loadedContract && options.run) {
+    evidence = contractRunner.runContract(loadedContract, { cwd });
+  }
+  if (!loadedContract) {
+    addCheck(checks, "machine_evidence", 20, "not_applicable", "No contract to execute");
+  } else if (evidence && evidence.ok === true) {
+    addCheck(checks, "machine_evidence", 20, "pass", `${rel(cwd, evidencePath)} passed ${evidence.checked || 0} check(s)`);
+  } else {
+    addCheck(
+      checks,
+      "machine_evidence",
+      20,
+      "fail",
+      evidence ? `${evidence.failed || "unknown"} failing machine check(s)` : `Missing ${rel(cwd, evidencePath)}`
+    );
+  }
+
+  const verificationPath = path.join(planning, `phase-${phase}-verification.md`);
+  const verification = readText(verificationPath, "");
+  const ieCount = (verification.match(/INSUFFICIENT EVIDENCE/g) || []).length;
+  const verdict = verificationVerdict(verification);
+  if (!verification) {
+    addCheck(checks, "verification_report", 15, "fail", `Missing ${rel(cwd, verificationPath)}`);
+  } else if (ieCount > 0) {
+    addCheck(checks, "verification_report", 15, "fail", `${ieCount} insufficient-evidence marker(s)`);
+  } else if (verdict === "pass" || verdict === "fail") {
+    addCheck(checks, "verification_report", 15, verdict === "pass" ? "pass" : "warn", `${rel(cwd, verificationPath)} verdict=${verdict}`);
+  } else {
+    addCheck(checks, "verification_report", 15, "warn", `${rel(cwd, verificationPath)} has no machine-readable verdict`);
+  }
+
+  const trustScore = trust.buildTrustScore(cwd);
+  addCheck(
+    checks,
+    "framework_trust_score",
+    10,
+    trustScore.status === "FAIL" ? "fail" : trustScore.status === "DEGRADED" ? "warn" : "pass",
+    `trust-score=${trustScore.score}/100 status=${trustScore.status}`,
+    { trust_score: trustScore.score }
+  );
+
+  const hasErpId = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(tracking.erp_project_id || "");
+  const hasProjectKey = !!(tracking.project_id || tracking.project);
+  addCheck(
+    checks,
+    "erp_linkage",
+    10,
+    hasErpId ? "pass" : hasProjectKey ? "warn" : "fail",
+    hasErpId ? "tracking.json has erp_project_id UUID" : hasProjectKey ? "project key exists, ERP UUID missing" : "missing project/project_id for ERP correlation"
+  );
+
+  return finalize({ cwd, generatedAt, phase, checks }, options);
+}
+
+function finalize(base, options) {
+  const score = Math.max(0, Math.min(100, base.checks.reduce((n, c) => n + (c.score || 0), 0)));
+  const failed = base.checks.filter((c) => c.status === "fail").length;
+  const warned = base.checks.filter((c) => c.status === "warn").length;
+  const status = base.statusOverride || (failed ? "FAIL" : score >= 85 ? "PASS" : warned ? "WARN" : "PASS");
+  const result = {
+    ok: status !== "FAIL",
+    status,
+    score,
+    phase: base.phase,
+    generated_at: base.generatedAt,
+    checks: base.checks,
+  };
+  if (options.write && !options.no_write && fs.existsSync(path.join(base.cwd, ".planning"))) {
+    writeArtifacts(base.cwd, result);
+  }
+  return result;
+}
+
+function printHuman(result) {
+  console.log(`Harness eval: ${result.score}/100 (${result.status})`);
+  for (const c of result.checks) {
+    console.log(`${c.name}: ${c.status} (${c.score}/${c.weight}) — ${c.evidence}`);
+  }
+  if (result.artifacts) {
+    console.log(`Artifacts: ${result.artifacts.json}, ${result.artifacts.markdown}`);
+  }
+}
+
+function main(argv) {
+  const args = parseArgs(argv);
+  const result = buildHarnessEval(args);
+  if (args.json) console.log(JSON.stringify(result, null, 2));
+  else printHuman(result);
+  return result.ok ? 0 : 1;
+}
+
+module.exports = {
+  buildHarnessEval,
+  latestEval,
+  verificationVerdict,
+};
+
+if (require.main === module) process.exit(main(process.argv));
+

package/bin/install.js

@@ -5,6 +5,7 @@ const path = require("path");
 const fs = require("fs");
 const ui = require("./qualia-ui.js");
 const { RUNTIME_BIN_SCRIPTS, binFiles } = require("./runtime-manifest.js");
+const { ACTIVE_SKILLS, RETIRED_SKILLS } = require("./command-surface.js");
 const { renderText } = require("./host-adapters.js");
 
 // ─── Colors (kept for legacy log lines; new sections route through qualia-ui) ─
@@ -49,7 +50,7 @@ const installStart = Date.now();
 
 // ─── Team codes ──────────────────────────────────────────
 const DEFAULT_TEAM = {
-  "QS-FAWZI-01": {
+  "QS-FAWZI-11": {
     name: "Fawzi Goussous",
     role: "OWNER",
     description: "Company owner. Full access. Can push to main, approve deploys, edit secrets.",
@@ -275,11 +276,7 @@ function renderCodexAgentToml(markdown, filenameFallback) {
 // Pruned from BOTH ~/.claude/skills/ and ~/.codex/skills/ on every install run
 // so the active surface matches what the framework currently ships.
 const DEPRECATED_SKILLS = [
-  "qualia-task",         // v5.7.0 — folded into qualia-feature
-  "qualia-quick",        // v5.7.0 — folded into qualia-feature
-  "qualia-polish-loop",  // v5.8.0 — folded into qualia-polish --loop
-  "qualia-design",       // v4 wave 2 — folded into scope-adaptive qualia-polish
-  "qualia-prd",          // v5.8.0 — surface cleanup
+  ...RETIRED_SKILLS,
 ];
 
 function pruneDeprecatedSkills(baseDir) {
@@ -491,8 +488,8 @@ function targetLabel(t) {
 }
 
 // ─── Resolve team code (tolerates case + O/0 typo in suffix) ─
-// Accepts "qs-fawzi-01", "QS-FAWZI-01", "QS-FAWZI-O1" (letter O in the
-// numeric suffix), and returns the canonical key if found, else null.
+// Accepts lowercase codes and common letter-O typos in numeric suffixes,
+// then returns the canonical key if found, else null.
 // Only normalizes O→0 in the segment AFTER the last dash — "QS-MOAYAD-03"
 // contains a real "O" in the name and must not be mangled.
 function resolveTeamCode(input) {
@@ -521,7 +518,7 @@ async function main() {
   if (!member) {
     console.log("");
     log(`${RED}✗${RESET} Invalid code: "${rawCode}". Get your install code from Fawzi.`);
-    log(`${DIM}  Tip: codes use digit zero, not letter O. Format: QS-NAME-01${RESET}`);
+    log(`${DIM}  Tip: codes use digit zero, not letter O. Format: QS-NAME-##${RESET}`);
     console.log("");
     process.exit(1);
   }
@@ -549,9 +546,7 @@ async function main() {
 
   // ─── Skills ──────────────────────────────────────────
   const skillsDir = path.join(FRAMEWORK_DIR, "skills");
-  const skills = fs
-    .readdirSync(skillsDir)
-    .filter((d) => fs.statSync(path.join(skillsDir, d)).isDirectory());
+  const skills = ACTIVE_SKILLS.filter((d) => fs.existsSync(path.join(skillsDir, d, "SKILL.md")));
 
   printSection("Skills");
   const claudePruned = pruneDeprecatedSkills(CLAUDE_DIR);
@@ -666,12 +661,18 @@ async function main() {
   } catch {}
   // Purge deprecated hooks from existing installs on upgrade.
   // - block-env-edit.js (v3.2.0): team now has full read/write on .env*.
-  // - pre-compact.js (v6.2.0): bot-committed STATE.md + tracking.json on
-  //   context compaction for ERP visibility. ERP never read tracking.json
-  //   from git, and state.js already provides crash-safe atomic writes with
-  //   a write-ahead journal (state.js:36-64) — the bot commit added no
-  //   durability, just history noise.
-  const DEPRECATED_HOOKS = ["block-env-edit.js", "pre-compact.js"];
+  //
+  // Note: pre-compact.js was removed in v6.2.0 (it bot-committed STATE.md +
+  // tracking.json, which added no durability over state.js's atomic writes
+  // + journal). v6.3.2 reintroduces pre-compact.js but with a fundamentally
+  // different mechanism — it writes a markdown SIDECAR to
+  // .planning/.compaction-snapshot.md (no git, no state.js writes) so the
+  // next session can see what was in flight when compaction wiped context.
+  // Safe to ship as a fresh install; the v6.2.0 stripping logic in cli.js
+  // doctor remains, but only strips the OLD legacy command (which our v2
+  // hook does not match — different content, same filename is fine because
+  // install always overwrites).
+  const DEPRECATED_HOOKS = ["block-env-edit.js"];
   for (const f of DEPRECATED_HOOKS) {
     const p = path.join(hooksDest, f);
     try { if (fs.existsSync(p)) fs.unlinkSync(p); } catch {}
@@ -868,7 +869,7 @@ Recurring issues and their solutions.
 ## Install code "Invalid" — user typed letter O instead of digit 0
 **Symptom:** \`npx qualia-framework install\` rejects \`QS-NAME-O1\` (letter O in suffix).
 **Cause:** Team codes use digit zero (\`-01\`, \`-02\`, etc.), not letter O.
-**Fix:** Since v2.8.1, install.js auto-normalizes: \`QS-FAWZI-O1\` → \`QS-FAWZI-01\`. The normalization only touches the segment after the last dash, so \`QS-MOAYAD-03\` (real O in name) is preserved.
+**Fix:** Since v2.8.1, install.js auto-normalizes: \`QS-HASAN-O2\` → \`QS-HASAN-02\`. The normalization only touches the segment after the last dash, so \`QS-MOAYAD-03\` (real O in name) is preserved.
 **Framework version:** Fixed in v2.8.1.
 
 ---
@@ -1061,6 +1062,7 @@ Client-specific preferences, design choices, and requirements. Loaded by \`/qual
     "session-start.js", "auto-update.js", "branch-guard.js", "pre-push.js",
     "pre-deploy-gate.js", "migration-guard.js", "pre-compact.js",
     "git-guardrails.js", "stop-session-log.js",
+    "fawzi-approval-guard.js",
     // v5.0 — insights-driven destructive-op + wrong-account guards
     "vercel-account-guard.js", "env-empty-guard.js", "supabase-destructive-guard.js",
   ]);
@@ -1086,6 +1088,7 @@ Client-specific preferences, design choices, and requirements. Loaded by \`/qual
         hooks: [
           { type: "command", command: nodeCmd("auto-update.js"), timeout: 5 },
           { type: "command", command: nodeCmd("git-guardrails.js"), timeout: 5, statusMessage: "⬢ Checking git safety..." },
+          { type: "command", command: nodeCmd("fawzi-approval-guard.js"), timeout: 5 },
           { type: "command", if: "Bash(git push*)", command: nodeCmd("branch-guard.js"), timeout: 5, statusMessage: "⬢ Checking branch permissions..." },
           { type: "command", if: "Bash(git push*)", command: nodeCmd("pre-push.js"), timeout: 15, statusMessage: "⬢ Syncing tracking..." },
           { type: "command", if: "Bash(vercel --prod*)", command: nodeCmd("pre-deploy-gate.js"), timeout: 180, statusMessage: "⬢ Running quality gates..." },
@@ -1098,15 +1101,25 @@ Client-specific preferences, design choices, and requirements. Loaded by \`/qual
       {
         matcher: "Edit|Write",
         hooks: [
+          { type: "command", command: nodeCmd("fawzi-approval-guard.js"), timeout: 5 },
           { type: "command", if: "Edit(*migration*)|Write(*migration*)|Edit(*.sql)|Write(*.sql)", command: nodeCmd("migration-guard.js"), timeout: 10, statusMessage: "⬢ Checking migration safety..." },
         ],
       },
     ],
-    // v6.2.0: PreCompact intentionally empty. The qualiaHooks loop in the
-    // settings.json merge below still iterates over this key, so legacy
-    // Qualia-owned pre-compact.js entries get stripped from existing user
-    // settings on upgrade. Nothing new is wired in.
-    PreCompact: [],
+    // v6.3.2: PreCompact reintroduced with a NEW mechanism. The old hook
+    // (removed in v6.2.0) bot-committed STATE.md + tracking.json. This v2
+    // hook writes a markdown SIDECAR to .planning/.compaction-snapshot.md
+    // (no git, no state.js writes). The qualiaHooks loop below still
+    // iterates over this key, so any leftover legacy pre-compact.js wiring
+    // is replaced by the new one cleanly.
+    PreCompact: [
+      {
+        matcher: ".*",
+        hooks: [
+          { type: "command", command: nodeCmd("pre-compact.js"), timeout: 10 },
+        ],
+      },
+    ],
     Stop: [
       {
         matcher: ".*",
@@ -1171,7 +1184,7 @@ Client-specific preferences, design choices, and requirements. Loaded by \`/qual
   fs.writeFileSync(settingsTmp, JSON.stringify(settings, null, 2));
   fs.renameSync(settingsTmp, settingsPath);
 
-  ok("Hooks: session-start, auto-update, branch-guard, pre-push, migration-guard, deploy-gate, git-guardrails, stop-session-log, vercel-account-guard, env-empty-guard, supabase-destructive-guard");
+  ok("Hooks: session-start, auto-update, branch-guard, pre-push, migration-guard, deploy-gate, git-guardrails, stop-session-log, fawzi-approval-guard, vercel-account-guard, env-empty-guard, supabase-destructive-guard");
   ok("Status line + spinner configured");
   ok("Environment variables + permissions");
 
@@ -1208,10 +1221,7 @@ function printSummary({ member, target, claudeInstalled }) {
     const hooksSource = path.join(FRAMEWORK_DIR, "hooks");
     const rulesDir = path.join(FRAMEWORK_DIR, "rules");
     const tmplDir = path.join(FRAMEWORK_DIR, "templates");
-    const skillsDir = path.join(FRAMEWORK_DIR, "skills");
-    const skillCount = fs
-      .readdirSync(skillsDir)
-      .filter((d) => fs.statSync(path.join(skillsDir, d)).isDirectory()).length;
+    const skillCount = ACTIVE_SKILLS.length;
     const agentCount = fs.readdirSync(agentsDir).filter((f) => f.endsWith(".md")).length;
     const hookCount = fs.readdirSync(hooksSource).length;
     const ruleCount = fs.readdirSync(rulesDir).length;
@@ -1450,9 +1460,9 @@ async function installCodex(member, target) {
     const skillsDest = path.join(CODEX_DIR, "skills");
     const codexPruned = pruneDeprecatedSkills(CODEX_DIR);
     for (const name of codexPruned) ok(`pruned deprecated: ${name}`);
-    for (const skill of fs.readdirSync(skillsSrc)) {
+    for (const skill of ACTIVE_SKILLS) {
       const src = path.join(skillsSrc, skill);
-      if (!fs.statSync(src).isDirectory()) continue;
+      if (!fs.existsSync(src) || !fs.statSync(src).isDirectory()) continue;
       copyTreeTransform(src, path.join(skillsDest, skill), codexText);
     }
     ok("skills/");
@@ -1529,6 +1539,7 @@ async function installCodex(member, target) {
             hooks: [
               { type: "command", command: nodeCmd("auto-update.js"), timeout: 5, statusMessage: "Qualia update check..." },
               { type: "command", command: nodeCmd("git-guardrails.js"), timeout: 5, statusMessage: "Qualia git safety..." },
+              { type: "command", command: nodeCmd("fawzi-approval-guard.js"), timeout: 5 },
               { type: "command", command: nodeCmd("branch-guard.js"), timeout: 5 },
               { type: "command", command: nodeCmd("pre-push.js"), timeout: 15 },
               { type: "command", command: nodeCmd("pre-deploy-gate.js"), timeout: 180 },
@@ -1540,6 +1551,7 @@ async function installCodex(member, target) {
           {
             matcher: "Edit|Write",
             hooks: [
+              { type: "command", command: nodeCmd("fawzi-approval-guard.js"), timeout: 5 },
               { type: "command", command: nodeCmd("migration-guard.js"), timeout: 10 },
             ],
           },

package/bin/knowledge-flush.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 // ~/.claude/bin/knowledge-flush.js — non-interactive memory-layer flush.
 //
-// Wraps `/qualia-flush` so it can run from cron (or systemd timer, or any
-// CI/scheduled job) without an interactive Claude Code session. Closes the
+// Runs the Qualia memory flush prompt from cron (or systemd timer, or any
+// CI/scheduled job) without installing a separate slash command. Closes the
 // memory loop end-to-end:
 //
 //   Stop hook (auto, every turn) → <install-home>/knowledge/daily-log/{date}.md
 //   THIS SCRIPT (weekly cron)    → spawns the installed agent CLI
-//   /qualia-flush                 → promotes raw → curated tier
+//   flush prompt                 → promotes raw → curated tier
 //   bin/knowledge.js (every spawn) → reads index.md → reaches the right file
 //
 // Usage:
@@ -86,10 +86,9 @@ function which(cmd) {
   return null;
 }
 
-// Pass-through args (so `--days 14`, `--dry-run`, `--project X` all reach the
-// skill). We don't parse them ourselves — the skill is the source of truth
-// for argument semantics. We only use `--days` locally to short-circuit when
-// the daily-log is genuinely empty.
+// Pass-through args (so `--days 14`, `--dry-run`, `--project X` are visible to
+// the agent prompt). We only parse `--days` locally to short-circuit when the
+// daily-log is genuinely empty.
 const argv = process.argv.slice(2);
 const flagIdx = argv.indexOf("--days");
 const days = flagIdx >= 0 ? parseInt(argv[flagIdx + 1], 10) || 7 : 7;
@@ -128,9 +127,21 @@ if (!dailyLogHasRecentEntries(days)) {
 
 // ── Run ──────────────────────────────────────────────────
 // `claude -p "<prompt>"` and `codex exec "<prompt>"` run a single
-// non-interactive turn. The skill body invocation matches what the user would
-// type at the prompt.
-const prompt = `/qualia-flush ${argv.join(" ")}`.trim();
+// non-interactive turn. Keep the prompt self-contained so no separate flush
+// slash command needs to be installed.
+const argsText = argv.join(" ").trim() || "(none)";
+const prompt = [
+  "Run the Qualia memory flush.",
+  "",
+  `Arguments: ${argsText}`,
+  `Install home: ${QUALIA_HOME}`,
+  "",
+  "Read recent markdown files from knowledge/daily-log under the install home.",
+  "Promote recurring patterns, decisions, fixes, and client preferences into the curated knowledge tier using bin/knowledge.js append.",
+  "Do not promote one-off noise. If --dry-run is present, report planned promotions without writing.",
+  "If --project NAME is present, limit promotions to that project.",
+  "Finish with one line starting exactly: ⬢ Flushed daily-log",
+].join("\n");
 
 const cliArgs = IS_CODEX_INSTALL ? ["exec", prompt] : ["-p", prompt];
 const result = spawnSync(agentBin, cliArgs, {

package/bin/knowledge.js

@@ -79,7 +79,7 @@ function readSafe(p) {
 //   3. Path with "/" → treat as relative to knowledge dir (concepts/foo)
 //   4. Bare name → look in top-level first; if missing, search known
 //      subdirectories (concepts/, daily-log/) for an exact match. This
-//      means /qualia-flush can write to concepts/voice-agent-call-state.md
+//      means the memory flush can write to concepts/voice-agent-call-state.md
 //      and skills can later run `knowledge.js load voice-agent-call-state`
 //      without knowing it lives in a subdirectory.
 function resolveFile(name) {