sneakoscope 4.0.13 → 4.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (898) hide show
  1. package/README.md +19 -2
  2. package/config/codex-releases/rust-v0.142.0.json +39 -0
  3. package/crates/sks-core/Cargo.lock +1 -1
  4. package/crates/sks-core/Cargo.toml +1 -1
  5. package/crates/sks-core/src/main.rs +1 -1
  6. package/dist/bin/sks.js +1 -1
  7. package/dist/cli/global-mode-router.js +2 -1
  8. package/dist/commands/codex.js +15 -1
  9. package/dist/core/codex-adapter.js +7 -12
  10. package/dist/core/codex-compat/codex-compat-report.js +11 -1
  11. package/dist/core/codex-compat/codex-release-manifest.js +66 -0
  12. package/dist/core/codex-compat/codex-version-policy.js +5 -4
  13. package/dist/core/codex-compat/codex-version.js +5 -2
  14. package/dist/core/codex-control/codex-0142-capability.js +243 -0
  15. package/dist/core/codex-control/codex-app-server-v2-client.js +211 -0
  16. package/dist/core/codex-control/codex-sdk-adapter.js +37 -7
  17. package/dist/core/codex-control/codex-sdk-capability.js +2 -1
  18. package/dist/core/codex-control/codex-sdk-config-policy.js +16 -0
  19. package/dist/core/codex-control/codex-sdk-env-policy.js +29 -5
  20. package/dist/core/codex-control/codex-thread-registry.js +110 -19
  21. package/dist/core/codex-runtime/resolve-codex-runtime.js +102 -0
  22. package/dist/core/commands/mad-sks-command.js +3 -0
  23. package/dist/core/fsx.js +1 -1
  24. package/dist/core/providers/glm/bench/glm-bench-model-lock-proof.js +32 -3
  25. package/dist/core/providers/glm/bench/glm-benchmark-runner.js +29 -5
  26. package/dist/core/providers/glm/bench/glm-benchmark-types.js +1 -1
  27. package/dist/core/providers/glm/naruto/glm-naruto-critical-path.js +51 -0
  28. package/dist/core/providers/glm/naruto/glm-naruto-final-seal.js +9 -2
  29. package/dist/core/providers/glm/naruto/glm-naruto-orchestrator.js +101 -15
  30. package/dist/core/providers/glm/naruto/glm-naruto-parallelism-summary.js +55 -0
  31. package/dist/core/providers/glm/naruto/glm-naruto-requirement-coverage.js +92 -0
  32. package/dist/core/providers/glm/naruto/glm-naruto-requirement-ledger.js +42 -0
  33. package/dist/core/providers/glm/naruto/glm-naruto-stage-scheduler.js +85 -0
  34. package/dist/core/providers/glm/naruto/glm-naruto-task-size-classifier.js +12 -0
  35. package/dist/core/providers/glm/naruto/glm-naruto-trace.js +4 -0
  36. package/dist/core/providers/glm/naruto/glm-naruto-verifier-output.js +5 -0
  37. package/dist/core/providers/glm/naruto/glm-naruto-worker-pool.js +130 -44
  38. package/dist/core/providers/glm/naruto/glm-naruto-worker-runtime.js +6 -2
  39. package/dist/core/release/gate-manifest.js +24 -1
  40. package/dist/core/release/gate-pack-manifest.js +6 -6
  41. package/dist/core/release/release-gate-affected-selector.js +24 -0
  42. package/dist/core/routes/model-mode-router.js +44 -0
  43. package/dist/core/routes.js +1 -1
  44. package/dist/core/version.js +1 -1
  45. package/dist/scripts/agent-ast-aware-work-graph-check.js +25 -0
  46. package/dist/scripts/agent-backfill-replenishment-check.js +13 -0
  47. package/dist/scripts/agent-backfill-route-blackbox.js +5 -0
  48. package/dist/scripts/agent-background-terminals-check.js +16 -0
  49. package/dist/scripts/agent-cleanup-command-ux-check.js +12 -0
  50. package/dist/scripts/agent-cleanup-executor-check.js +53 -0
  51. package/dist/scripts/agent-cleanup-executor-v2-check.js +39 -0
  52. package/dist/scripts/agent-cli-options-to-task-graph-check.js +5 -0
  53. package/dist/scripts/agent-codex-app-cockpit-check.js +91 -0
  54. package/dist/scripts/agent-codex-child-overlap-check.js +21 -0
  55. package/dist/scripts/agent-dynamic-cockpit-check.js +10 -0
  56. package/dist/scripts/agent-dynamic-pool-check.js +13 -0
  57. package/dist/scripts/agent-dynamic-pool-route-blackbox.js +5 -0
  58. package/dist/scripts/agent-fast-mode-default-check.js +79 -0
  59. package/dist/scripts/agent-fast-mode-worker-propagation-check.js +7 -0
  60. package/dist/scripts/agent-follow-up-work-schema-check.js +80 -0
  61. package/dist/scripts/agent-goal-mode-propagation-check.js +9 -0
  62. package/dist/scripts/agent-intelligent-work-graph-check.js +29 -0
  63. package/dist/scripts/agent-janitor-check.js +79 -0
  64. package/dist/scripts/agent-main-no-scout-check.js +11 -0
  65. package/dist/scripts/agent-message-bus-reader-check.js +19 -0
  66. package/dist/scripts/agent-model-authored-patch-envelope-check.js +15 -0
  67. package/dist/scripts/agent-multi-project-isolation-check.js +86 -0
  68. package/dist/scripts/agent-native-cli-session-proof-check.js +7 -0
  69. package/dist/scripts/agent-native-cli-session-swarm-10-check.js +7 -0
  70. package/dist/scripts/agent-native-cli-session-swarm-20-check.js +7 -0
  71. package/dist/scripts/agent-native-cli-session-swarm-check.js +7 -0
  72. package/dist/scripts/agent-no-subagent-scaling-check.js +7 -0
  73. package/dist/scripts/agent-official-subagent-helper-policy-check.js +71 -0
  74. package/dist/scripts/agent-parallel-write-blackbox.js +56 -0
  75. package/dist/scripts/agent-parallel-write-kernel-check.js +103 -0
  76. package/dist/scripts/agent-patch-conflict-rebase-check.js +198 -0
  77. package/dist/scripts/agent-patch-envelope-extraction-check.js +17 -0
  78. package/dist/scripts/agent-patch-proof-check.js +41 -0
  79. package/dist/scripts/agent-patch-proof-runtime-check.js +63 -0
  80. package/dist/scripts/agent-patch-queue-runtime-check.js +36 -0
  81. package/dist/scripts/agent-patch-rollback-check.js +38 -0
  82. package/dist/scripts/agent-patch-rollback-dag-check.js +14 -0
  83. package/dist/scripts/agent-patch-swarm-route-blackbox.js +10 -0
  84. package/dist/scripts/agent-patch-swarm-runtime-check.js +10 -0
  85. package/dist/scripts/agent-patch-swarm-runtime-truth-check.js +76 -0
  86. package/dist/scripts/agent-patch-transaction-journal-check.js +57 -0
  87. package/dist/scripts/agent-patch-verification-dag-check.js +14 -0
  88. package/dist/scripts/agent-proof-contract-reconciled-check.js +5 -0
  89. package/dist/scripts/agent-real-codex-dynamic-smoke-check.js +166 -0
  90. package/dist/scripts/agent-real-codex-dynamic-smoke-v2-check.js +14 -0
  91. package/dist/scripts/agent-real-codex-in-zellij-worker-pane-check.js +227 -0
  92. package/dist/scripts/agent-real-codex-parallel-workers-10-check.js +5 -0
  93. package/dist/scripts/agent-real-codex-parallel-workers-20-check.js +5 -0
  94. package/dist/scripts/agent-real-codex-parallel-workers-5-check.js +5 -0
  95. package/dist/scripts/agent-real-codex-parallel-workers-check.js +5 -0
  96. package/dist/scripts/agent-role-config-repair-check.js +33 -0
  97. package/dist/scripts/agent-rollback-command-check.js +86 -0
  98. package/dist/scripts/agent-route-truth-backfill-check.js +5 -0
  99. package/dist/scripts/agent-scheduler-proof-check.js +13 -0
  100. package/dist/scripts/agent-scheduler-proof-hardening-check.js +22 -0
  101. package/dist/scripts/agent-session-generation-check.js +21 -0
  102. package/dist/scripts/agent-slot-pane-binding-proof-check.js +64 -0
  103. package/dist/scripts/agent-slot-telemetry-wiring-check.js +11 -0
  104. package/dist/scripts/agent-source-intelligence-propagation-check.js +9 -0
  105. package/dist/scripts/agent-strategy-to-lease-wiring-check.js +32 -0
  106. package/dist/scripts/agent-strategy-to-patch-strict-check.js +54 -0
  107. package/dist/scripts/agent-task-graph-expansion-check.js +14 -0
  108. package/dist/scripts/agent-terminal-generations-check.js +23 -0
  109. package/dist/scripts/agent-visual-consistency-check.js +9 -0
  110. package/dist/scripts/agent-wiki-context-proof-check.js +62 -0
  111. package/dist/scripts/agent-worker-backend-router-check.js +63 -0
  112. package/dist/scripts/agent-worker-scout-limited-check.js +17 -0
  113. package/dist/scripts/agent-zellij-dynamic-backfill-panes-check.js +34 -0
  114. package/dist/scripts/agent-zellij-runtime-check.js +85 -0
  115. package/dist/scripts/all-feature-deep-completion-check.js +31 -0
  116. package/dist/scripts/appshots-capability-check.js +18 -0
  117. package/dist/scripts/appshots-evidence-check.js +48 -0
  118. package/dist/scripts/appshots-operator-policy-check.js +25 -0
  119. package/dist/scripts/appshots-privacy-safety-check.js +48 -0
  120. package/dist/scripts/appshots-source-intelligence-check.js +53 -0
  121. package/dist/scripts/appshots-thread-attachment-discovery-check.js +87 -0
  122. package/dist/scripts/appshots-triwiki-voxel-check.js +46 -0
  123. package/dist/scripts/architecture-guard-check.js +55 -0
  124. package/dist/scripts/brand-neutrality-generated-artifacts-check.js +161 -0
  125. package/dist/scripts/brand-neutrality-rename-map-check.js +4 -0
  126. package/dist/scripts/brand-neutrality-zero-leakage-blackbox.js +4 -0
  127. package/dist/scripts/brand-neutrality-zero-leakage-check.js +4 -0
  128. package/dist/scripts/build-once-runner-blackbox.js +34 -0
  129. package/dist/scripts/build-once-runner-check.js +8 -0
  130. package/dist/scripts/certificate-sla-check.js +9 -0
  131. package/dist/scripts/changelog-check.js +47 -0
  132. package/dist/scripts/changelog-loop-productionization-check.js +3 -0
  133. package/dist/scripts/cli-check-tiers-check.js +10 -0
  134. package/dist/scripts/cli-five-minute-task-check.js +6 -0
  135. package/dist/scripts/codex-0-133-official-compat-report.js +53 -0
  136. package/dist/scripts/codex-0-134-official-compat-report.js +110 -0
  137. package/dist/scripts/codex-0-134-runner-truth-check.js +66 -0
  138. package/dist/scripts/codex-0-135-compat-check.js +57 -0
  139. package/dist/scripts/codex-0-136-compat-check.js +30 -0
  140. package/dist/scripts/codex-0-137-compat-check.js +27 -0
  141. package/dist/scripts/codex-0138-capability-artifact-check.js +15 -0
  142. package/dist/scripts/codex-0138-capability-check.js +11 -0
  143. package/dist/scripts/codex-0138-doctor-check.js +15 -0
  144. package/dist/scripts/codex-0138-feature-probes-check.js +12 -0
  145. package/dist/scripts/codex-0139-capability-check.js +26 -0
  146. package/dist/scripts/codex-0139-code-mode-web-search-check.js +25 -0
  147. package/dist/scripts/codex-0139-code-mode-web-search-real-check.js +10 -0
  148. package/dist/scripts/codex-0139-doctor-env-real-check.js +10 -0
  149. package/dist/scripts/codex-0139-doctor-env-redaction-check.js +18 -0
  150. package/dist/scripts/codex-0139-feature-probes-check.js +30 -0
  151. package/dist/scripts/codex-0139-image-path-real-check.js +10 -0
  152. package/dist/scripts/codex-0139-interrupt-agent-check.js +14 -0
  153. package/dist/scripts/codex-0139-interrupt-agent-real-check.js +8 -0
  154. package/dist/scripts/codex-0139-marketplace-source-check.js +13 -0
  155. package/dist/scripts/codex-0139-plugin-cache-real-check.js +10 -0
  156. package/dist/scripts/codex-0139-plugin-marketplace-real-check.js +10 -0
  157. package/dist/scripts/codex-0139-real-probe-summary-check.js +14 -0
  158. package/dist/scripts/codex-0139-real-probes-check.js +37 -0
  159. package/dist/scripts/codex-0139-rich-tool-schema-check.js +12 -0
  160. package/dist/scripts/codex-0139-rich-tool-schema-real-check.js +10 -0
  161. package/dist/scripts/codex-0139-sandbox-profile-alias-check.js +13 -0
  162. package/dist/scripts/codex-0139-sandbox-profile-alias-real-check.js +10 -0
  163. package/dist/scripts/codex-0139-sandbox-proxy-real-check.js +10 -0
  164. package/dist/scripts/codex-0140-bedrock-managed-auth-check.js +4 -0
  165. package/dist/scripts/codex-0140-capability-check.js +15 -0
  166. package/dist/scripts/codex-0140-deep-probes-check.js +40 -0
  167. package/dist/scripts/codex-0140-feature-probes-check.js +24 -0
  168. package/dist/scripts/codex-0140-goal-attachment-preservation-check.js +8 -0
  169. package/dist/scripts/codex-0140-goal-attachment-roundtrip-check.js +9 -0
  170. package/dist/scripts/codex-0140-import-check.js +4 -0
  171. package/dist/scripts/codex-0140-integration-blackbox.js +13 -0
  172. package/dist/scripts/codex-0140-large-repo-performance-check.js +4 -0
  173. package/dist/scripts/codex-0140-mcp-reliability-check.js +4 -0
  174. package/dist/scripts/codex-0140-non-tty-interrupt-check.js +4 -0
  175. package/dist/scripts/codex-0140-real-probes-check.js +9 -0
  176. package/dist/scripts/codex-0140-session-delete-check.js +4 -0
  177. package/dist/scripts/codex-0140-sqlite-recovery-check.js +4 -0
  178. package/dist/scripts/codex-0140-unified-mentions-check.js +4 -0
  179. package/dist/scripts/codex-0140-usage-check.js +4 -0
  180. package/dist/scripts/codex-0140-usage-real-parser-check.js +17 -0
  181. package/dist/scripts/codex-0141-capability-check.js +17 -0
  182. package/dist/scripts/codex-0142-app-server-v2-check.js +46 -0
  183. package/dist/scripts/codex-0142-binary-identity-check.js +17 -0
  184. package/dist/scripts/codex-0142-capability-check.js +21 -0
  185. package/dist/scripts/codex-0142-manifest-check.js +21 -0
  186. package/dist/scripts/codex-0142-policy-check.js +32 -0
  187. package/dist/scripts/codex-0142-thread-store-check.js +54 -0
  188. package/dist/scripts/codex-account-usage-autodiscovery-check.js +22 -0
  189. package/dist/scripts/codex-account-usage-check.js +9 -0
  190. package/dist/scripts/codex-agent-role-rich-content-check.js +4 -0
  191. package/dist/scripts/codex-agent-role-sync-check.js +4 -0
  192. package/dist/scripts/codex-agent-type-blackbox.js +4 -0
  193. package/dist/scripts/codex-agent-type-probe-check.js +4 -0
  194. package/dist/scripts/codex-agent-type-routing-check.js +4 -0
  195. package/dist/scripts/codex-app-execution-profile-check.js +4 -0
  196. package/dist/scripts/codex-app-fast-ui-preservation-check.js +32 -0
  197. package/dist/scripts/codex-app-handoff-check.js +25 -0
  198. package/dist/scripts/codex-app-handoff-launch-check.js +25 -0
  199. package/dist/scripts/codex-app-harness-blackbox.js +4 -0
  200. package/dist/scripts/codex-app-harness-matrix-check.js +4 -0
  201. package/dist/scripts/codex-app-launcher-check.js +17 -0
  202. package/dist/scripts/codex-app-provider-badge-check.js +37 -0
  203. package/dist/scripts/codex-app-skill-agent-blackbox.js +4 -0
  204. package/dist/scripts/codex-app-type-safety-check.js +4 -0
  205. package/dist/scripts/codex-app-ui-clobber-guard-check.js +22 -0
  206. package/dist/scripts/codex-app-ui-preservation-check.js +96 -0
  207. package/dist/scripts/codex-control-all-pipelines-check.js +37 -0
  208. package/dist/scripts/codex-control-capability-check.js +10 -0
  209. package/dist/scripts/codex-control-empty-result-retry-check.js +43 -0
  210. package/dist/scripts/codex-control-event-stream-ledger-check.js +10 -0
  211. package/dist/scripts/codex-control-keepalive-no-cot-leak-check.js +14 -0
  212. package/dist/scripts/codex-control-no-legacy-fallback-check.js +31 -0
  213. package/dist/scripts/codex-control-side-effect-scope-check.js +26 -0
  214. package/dist/scripts/codex-control-stream-idle-watchdog-check.js +18 -0
  215. package/dist/scripts/codex-control-structured-output-check.js +11 -0
  216. package/dist/scripts/codex-control-thread-registry-check.js +11 -0
  217. package/dist/scripts/codex-control-tool-call-sequence-repair-check.js +14 -0
  218. package/dist/scripts/codex-effort-auto-discovery-check.js +17 -0
  219. package/dist/scripts/codex-effort-order-check.js +9 -0
  220. package/dist/scripts/codex-environment-scoped-approvals-check.js +10 -0
  221. package/dist/scripts/codex-exec-output-schema-actual-syntax-check.js +33 -0
  222. package/dist/scripts/codex-fast-mode-profile-propagation-check.js +14 -0
  223. package/dist/scripts/codex-history-search-check.js +19 -0
  224. package/dist/scripts/codex-hook-approval-blackbox.js +4 -0
  225. package/dist/scripts/codex-hook-approval-matrix-check.js +4 -0
  226. package/dist/scripts/codex-hook-approval-probe-check.js +4 -0
  227. package/dist/scripts/codex-hook-lifecycle-check.js +4 -0
  228. package/dist/scripts/codex-hook-semantic-check.js +15 -0
  229. package/dist/scripts/codex-hook-strict-subset-check.js +61 -0
  230. package/dist/scripts/codex-init-deep-check.js +4 -0
  231. package/dist/scripts/codex-init-deep-directory-local-blackbox.js +4 -0
  232. package/dist/scripts/codex-init-deep-managed-agents-check.js +4 -0
  233. package/dist/scripts/codex-lb-config-toml-safety-check.js +85 -0
  234. package/dist/scripts/codex-lb-persistence-truth-check.js +96 -0
  235. package/dist/scripts/codex-lb-setup-fixture-check.js +91 -0
  236. package/dist/scripts/codex-lb-setup-truthfulness-check.js +84 -0
  237. package/dist/scripts/codex-legacy-profile-consumers-removed-check.js +24 -0
  238. package/dist/scripts/codex-managed-proxy-env-check.js +17 -0
  239. package/dist/scripts/codex-model-metadata-check.js +10 -0
  240. package/dist/scripts/codex-native-agent-role-content-check.js +27 -0
  241. package/dist/scripts/codex-native-broker-read-only-check.js +44 -0
  242. package/dist/scripts/codex-native-feature-broker-blackbox.js +4 -0
  243. package/dist/scripts/codex-native-feature-broker-check.js +4 -0
  244. package/dist/scripts/codex-native-harness-compat-check.js +4 -0
  245. package/dist/scripts/codex-native-hook-lifecycle-proof-check.js +4 -0
  246. package/dist/scripts/codex-native-interop-policy-check.js +4 -0
  247. package/dist/scripts/codex-native-invocation-defaults-check.js +4 -0
  248. package/dist/scripts/codex-native-invocation-router-check.js +4 -0
  249. package/dist/scripts/codex-native-pattern-analysis-blackbox.js +4 -0
  250. package/dist/scripts/codex-native-pattern-analysis-check.js +4 -0
  251. package/dist/scripts/codex-native-read-repair-split-blackbox.js +55 -0
  252. package/dist/scripts/codex-native-reference-cache-blackbox.js +41 -0
  253. package/dist/scripts/codex-native-reference-cache-check.js +23 -0
  254. package/dist/scripts/codex-native-reference-evidence-check.js +4 -0
  255. package/dist/scripts/codex-native-repair-transaction-check.js +45 -0
  256. package/dist/scripts/codex-native-route-map-check.js +4 -0
  257. package/dist/scripts/codex-native-skill-content-check.js +24 -0
  258. package/dist/scripts/codex-output-schema-fixture-check.js +25 -0
  259. package/dist/scripts/codex-permission-profiles-check.js +36 -0
  260. package/dist/scripts/codex-plugin-app-template-policy-check.js +11 -0
  261. package/dist/scripts/codex-plugin-cache-check.js +15 -0
  262. package/dist/scripts/codex-plugin-diff-check.js +16 -0
  263. package/dist/scripts/codex-plugin-inventory-check.js +15 -0
  264. package/dist/scripts/codex-plugin-json-check.js +10 -0
  265. package/dist/scripts/codex-plugin-list-json-check.js +8 -0
  266. package/dist/scripts/codex-plugin-parallel-detail-fetch-check.js +12 -0
  267. package/dist/scripts/codex-profile-primary-check.js +13 -0
  268. package/dist/scripts/codex-project-config-policy-splitter-check.js +51 -0
  269. package/dist/scripts/codex-resume-cwd-truth-check.js +17 -0
  270. package/dist/scripts/codex-sdk-all-pipelines-check.js +33 -0
  271. package/dist/scripts/codex-sdk-backend-router-check.js +65 -0
  272. package/dist/scripts/codex-sdk-capability-check.js +11 -0
  273. package/dist/scripts/codex-sdk-core-skill-pipeline-check.js +9 -0
  274. package/dist/scripts/codex-sdk-dfix-pipeline-check.js +9 -0
  275. package/dist/scripts/codex-sdk-event-stream-ledger-check.js +9 -0
  276. package/dist/scripts/codex-sdk-no-legacy-fallback-check.js +33 -0
  277. package/dist/scripts/codex-sdk-qa-pipeline-check.js +8 -0
  278. package/dist/scripts/codex-sdk-real-smoke-check.js +39 -0
  279. package/dist/scripts/codex-sdk-release-review-pipeline-check.js +13 -0
  280. package/dist/scripts/codex-sdk-research-pipeline-check.js +47 -0
  281. package/dist/scripts/codex-sdk-sandbox-policy-check.js +21 -0
  282. package/dist/scripts/codex-sdk-structured-output-check.js +10 -0
  283. package/dist/scripts/codex-sdk-team-naruto-agent-pipeline-check.js +12 -0
  284. package/dist/scripts/codex-sdk-thread-registry-check.js +11 -0
  285. package/dist/scripts/codex-sdk-ux-ppt-review-pipeline-check.js +9 -0
  286. package/dist/scripts/codex-sdk-version-compat-check.js +10 -0
  287. package/dist/scripts/codex-sdk-zellij-pane-binding-check.js +13 -0
  288. package/dist/scripts/codex-skill-rich-content-check.js +4 -0
  289. package/dist/scripts/codex-skill-sync-check.js +4 -0
  290. package/dist/scripts/codex-thread-runtime-choice-check.js +10 -0
  291. package/dist/scripts/codex-web-adapter-check.js +12 -0
  292. package/dist/scripts/computer-use-live-evidence-check.js +55 -0
  293. package/dist/scripts/computer-use-live-optional-check.js +32 -0
  294. package/dist/scripts/computer-use-policy-check.js +69 -0
  295. package/dist/scripts/computer-use-visual-route-fixture-check.js +37 -0
  296. package/dist/scripts/config-managed-merge-callsite-coverage-check.js +200 -0
  297. package/dist/scripts/context7-evidence-dedupe-check.js +54 -0
  298. package/dist/scripts/core-skill-card-schema-check.js +61 -0
  299. package/dist/scripts/core-skill-deployment-snapshot-check.js +54 -0
  300. package/dist/scripts/core-skill-heldout-validation-check.js +49 -0
  301. package/dist/scripts/core-skill-immutable-sync-check.js +18 -0
  302. package/dist/scripts/core-skill-integrity-blackbox.js +32 -0
  303. package/dist/scripts/core-skill-manifest-check.js +15 -0
  304. package/dist/scripts/core-skill-no-drift-check.js +24 -0
  305. package/dist/scripts/core-skill-no-inference-optimizer-check.js +75 -0
  306. package/dist/scripts/core-skill-patch-check.js +79 -0
  307. package/dist/scripts/core-skill-promotion-side-effect-ledger-check.js +64 -0
  308. package/dist/scripts/core-skill-rollout-scoring-check.js +72 -0
  309. package/dist/scripts/core-skill-route-runtime-integration-check.js +49 -0
  310. package/dist/scripts/core-skill-trainer-check.js +116 -0
  311. package/dist/scripts/dfix-fast-blackbox-check.js +37 -0
  312. package/dist/scripts/dfix-fast-kernel-check.js +26 -0
  313. package/dist/scripts/dfix-fixture-check.js +6 -0
  314. package/dist/scripts/dfix-parallel-write-blackbox.js +48 -0
  315. package/dist/scripts/dfix-patch-handoff-check.js +13 -0
  316. package/dist/scripts/dfix-patch-swarm-route-blackbox.js +10 -0
  317. package/dist/scripts/dfix-performance-check.js +15 -0
  318. package/dist/scripts/dfix-verification-check.js +9 -0
  319. package/dist/scripts/dfix-verification-recommendation-check.js +15 -0
  320. package/dist/scripts/docs-brand-neutrality-check.js +4 -0
  321. package/dist/scripts/docs-codex-0139-wording-check.js +21 -0
  322. package/dist/scripts/docs-loop-productionization-check.js +3 -0
  323. package/dist/scripts/docs-loop-runtime-check.js +3 -0
  324. package/dist/scripts/docs-truthfulness-check.js +61 -0
  325. package/dist/scripts/doctor-codex-0138-fix-check.js +10 -0
  326. package/dist/scripts/doctor-codex-0139-real-probes-check.js +25 -0
  327. package/dist/scripts/doctor-codex-app-harness-check.js +4 -0
  328. package/dist/scripts/doctor-codex-doctor-parity-check.js +17 -0
  329. package/dist/scripts/doctor-codex-native-readiness-ux-check.js +29 -0
  330. package/dist/scripts/doctor-codex-native-repair-actions-check.js +24 -0
  331. package/dist/scripts/doctor-codex-startup-repair-check.js +103 -0
  332. package/dist/scripts/doctor-context7-mcp-repair-blackbox.js +16 -0
  333. package/dist/scripts/doctor-context7-mcp-repair-check.js +11 -0
  334. package/dist/scripts/doctor-context7-repair-check.js +47 -0
  335. package/dist/scripts/doctor-dirty-plan-check.js +9 -0
  336. package/dist/scripts/doctor-dirty-repair-blackbox.js +22 -0
  337. package/dist/scripts/doctor-dirty-repair-check.js +8 -0
  338. package/dist/scripts/doctor-dirty-semantic-blackbox.js +8 -0
  339. package/dist/scripts/doctor-dirty-semantic-check.js +7 -0
  340. package/dist/scripts/doctor-fix-production-blackbox.js +26 -0
  341. package/dist/scripts/doctor-fix-proves-codex-read-check.js +102 -0
  342. package/dist/scripts/doctor-fix-recovers-corrupted-config-check.js +122 -0
  343. package/dist/scripts/doctor-fixes-codex-app-fast-ui-check.js +44 -0
  344. package/dist/scripts/doctor-native-capability-repair-blackbox.js +39 -0
  345. package/dist/scripts/doctor-native-capability-repair-check.js +10 -0
  346. package/dist/scripts/doctor-native-repair-output-check.js +18 -0
  347. package/dist/scripts/doctor-startup-config-repair-blackbox.js +13 -0
  348. package/dist/scripts/doctor-startup-config-repair-check.js +10 -0
  349. package/dist/scripts/doctor-supabase-mcp-repair-blackbox.js +14 -0
  350. package/dist/scripts/doctor-supabase-mcp-repair-check.js +12 -0
  351. package/dist/scripts/doctor-transaction-engine-blackbox.js +28 -0
  352. package/dist/scripts/doctor-transaction-engine-check.js +31 -0
  353. package/dist/scripts/doctor-zellij-fix-blackbox.js +4 -0
  354. package/dist/scripts/doctor-zellij-fix-output-check.js +4 -0
  355. package/dist/scripts/doctor-zellij-no-homebrew-blackbox.js +4 -0
  356. package/dist/scripts/doctor-zellij-repair-check.js +4 -0
  357. package/dist/scripts/doctor-zellij-upgrade-blackbox.js +4 -0
  358. package/dist/scripts/evidence-fixture-check.js +26 -0
  359. package/dist/scripts/evidence-flagship-coverage-check.js +55 -0
  360. package/dist/scripts/fake-real-proof-policy-v2-check.js +27 -0
  361. package/dist/scripts/fake-vs-real-proof-policy-check.js +14 -0
  362. package/dist/scripts/fast-codex-service-tier-proof-check.js +42 -0
  363. package/dist/scripts/flagship-proof-graph-v2-check.js +48 -0
  364. package/dist/scripts/flagship-proof-graph-v3-check.js +67 -0
  365. package/dist/scripts/flagship-proof-graph-v4-check.js +61 -0
  366. package/dist/scripts/gate-pack-fixture-cache-check.js +9 -0
  367. package/dist/scripts/gate-pack-manifest-check.js +9 -0
  368. package/dist/scripts/gate-pack-runner-blackbox.js +27 -0
  369. package/dist/scripts/gate-pack-runner-check.js +6 -0
  370. package/dist/scripts/gate-pack-v2-blackbox.js +18 -0
  371. package/dist/scripts/git-precommit-fixture-check.js +41 -0
  372. package/dist/scripts/git-worktree-batch-allocation-check.js +10 -0
  373. package/dist/scripts/git-worktree-cache-performance-check.js +25 -0
  374. package/dist/scripts/git-worktree-capability-check.js +27 -0
  375. package/dist/scripts/git-worktree-checkpoint-check.js +20 -0
  376. package/dist/scripts/git-worktree-cleanup-check.js +27 -0
  377. package/dist/scripts/git-worktree-cross-rebase-check.js +41 -0
  378. package/dist/scripts/git-worktree-diff-envelope-check.js +17 -0
  379. package/dist/scripts/git-worktree-diff-export-check.js +43 -0
  380. package/dist/scripts/git-worktree-dirty-lock-check.js +17 -0
  381. package/dist/scripts/git-worktree-dirty-main-detection-check.js +14 -0
  382. package/dist/scripts/git-worktree-integration-primary-check.js +24 -0
  383. package/dist/scripts/git-worktree-integration-primary-runtime-check.js +20 -0
  384. package/dist/scripts/git-worktree-manager-check.js +37 -0
  385. package/dist/scripts/git-worktree-manifest-append-check.js +18 -0
  386. package/dist/scripts/git-worktree-merge-queue-check.js +31 -0
  387. package/dist/scripts/git-worktree-pool-performance-check.js +20 -0
  388. package/dist/scripts/git-worktree-prewarm-runtime-check.js +7 -0
  389. package/dist/scripts/git-worktree-untracked-diff-check.js +18 -0
  390. package/dist/scripts/goal-artifact-compat-check.js +3 -0
  391. package/dist/scripts/goal-legacy-runtime-escape-check.js +3 -0
  392. package/dist/scripts/goal-loop-compat-check.js +3 -0
  393. package/dist/scripts/goal-loop-runtime-default-check.js +3 -0
  394. package/dist/scripts/goal-mode-official-default-check.js +12 -0
  395. package/dist/scripts/gpt-final-arbiter-check.js +63 -0
  396. package/dist/scripts/gpt-final-arbiter-performance-check.js +36 -0
  397. package/dist/scripts/gpt-image-2-request-validator-check.js +35 -0
  398. package/dist/scripts/hooks-0.134-context-parity-check.js +20 -0
  399. package/dist/scripts/hooks-actual-parity-check.js +17 -0
  400. package/dist/scripts/hooks-actual-parity-v2-check.js +21 -0
  401. package/dist/scripts/hooks-latest-schema-check.js +20 -0
  402. package/dist/scripts/hooks-managed-install-fixture-check.js +21 -0
  403. package/dist/scripts/hooks-official-hash-oracle-check.js +35 -0
  404. package/dist/scripts/hooks-official-hash-parity-check.js +17 -0
  405. package/dist/scripts/hooks-subagent-events-check.js +17 -0
  406. package/dist/scripts/hooks-trust-state-check.js +14 -0
  407. package/dist/scripts/image-artifact-path-contract-check.js +14 -0
  408. package/dist/scripts/image-artifact-registry-check.js +14 -0
  409. package/dist/scripts/image-fidelity-fixture-check.js +24 -0
  410. package/dist/scripts/image-followup-edit-path-check.js +14 -0
  411. package/dist/scripts/image-generation-path-handoff-check.js +8 -0
  412. package/dist/scripts/image-global-path-contract-check.js +38 -0
  413. package/dist/scripts/imagegen-capability-check.js +30 -0
  414. package/dist/scripts/imagegen-real-smoke-check.js +155 -0
  415. package/dist/scripts/init-deep-backup-retention-check.js +37 -0
  416. package/dist/scripts/init-deep-memory-scope-safety-check.js +23 -0
  417. package/dist/scripts/install-update-preserves-config-check.js +172 -0
  418. package/dist/scripts/json-schema-recursive-check.js +78 -0
  419. package/dist/scripts/legacy-gate-inventory-check.js +49 -0
  420. package/dist/scripts/legacy-gate-purge-check.js +7 -0
  421. package/dist/scripts/legacy-multiagent-removal-check.js +85 -0
  422. package/dist/scripts/legacy-purge-final-check.js +5 -0
  423. package/dist/scripts/legacy-strong-inventory-check.js +43 -0
  424. package/dist/scripts/legacy-upgrade-matrix-check.js +300 -0
  425. package/dist/scripts/local-collab-all-pipelines-final-gpt-check.js +21 -0
  426. package/dist/scripts/local-collab-gpt-final-availability-check.js +58 -0
  427. package/dist/scripts/local-collab-no-local-only-final-check.js +27 -0
  428. package/dist/scripts/local-collab-policy-check.js +17 -0
  429. package/dist/scripts/local-collab-worktree-gpt-final-apply-policy-check.js +63 -0
  430. package/dist/scripts/local-llm-all-pipelines-check.js +11 -0
  431. package/dist/scripts/local-llm-cache-performance-check.js +10 -0
  432. package/dist/scripts/local-llm-capability-check.js +14 -0
  433. package/dist/scripts/local-llm-smoke-check.js +32 -0
  434. package/dist/scripts/local-llm-structured-output-check.js +11 -0
  435. package/dist/scripts/local-llm-throughput-check.js +10 -0
  436. package/dist/scripts/local-llm-tool-call-repair-check.js +10 -0
  437. package/dist/scripts/local-llm-warmup-check.js +11 -0
  438. package/dist/scripts/loop-artifact-paths-check.js +3 -0
  439. package/dist/scripts/loop-blocker-check.js +15 -0
  440. package/dist/scripts/loop-cli-check.js +3 -0
  441. package/dist/scripts/loop-cli-registry-check.js +3 -0
  442. package/dist/scripts/loop-collision-blackbox.js +3 -0
  443. package/dist/scripts/loop-concurrency-budget-check.js +3 -0
  444. package/dist/scripts/loop-concurrency-budget-runtime-check.js +3 -0
  445. package/dist/scripts/loop-concurrency-oversubscription-blackbox.js +3 -0
  446. package/dist/scripts/loop-continuation-enforcer-check.js +4 -0
  447. package/dist/scripts/loop-decomposer-check.js +3 -0
  448. package/dist/scripts/loop-directive-check-lib.js +388 -0
  449. package/dist/scripts/loop-execution-profile-routing-check.js +4 -0
  450. package/dist/scripts/loop-final-arbiter-contract-check.js +3 -0
  451. package/dist/scripts/loop-fixture-policy-check.js +3 -0
  452. package/dist/scripts/loop-fixture-production-misuse-blackbox.js +3 -0
  453. package/dist/scripts/loop-fixture-safety-check.js +3 -0
  454. package/dist/scripts/loop-gate-fixture-guard-check.js +3 -0
  455. package/dist/scripts/loop-gate-ladder-check.js +3 -0
  456. package/dist/scripts/loop-gate-runner-check.js +3 -0
  457. package/dist/scripts/loop-gate-selector-check.js +3 -0
  458. package/dist/scripts/loop-gpt-final-contract-crossref-check.js +3 -0
  459. package/dist/scripts/loop-gpt-final-fixture-guard-check.js +3 -0
  460. package/dist/scripts/loop-gpt-final-gate-contract-check.js +3 -0
  461. package/dist/scripts/loop-hardening-check-lib.js +289 -0
  462. package/dist/scripts/loop-integration-finalizer-check.js +3 -0
  463. package/dist/scripts/loop-integration-merge-strategy-check.js +3 -0
  464. package/dist/scripts/loop-interrupt-registry-check.js +3 -0
  465. package/dist/scripts/loop-kill-interrupt-real-blackbox.js +3 -0
  466. package/dist/scripts/loop-lease-check.js +3 -0
  467. package/dist/scripts/loop-merge-strategy-blackbox.js +3 -0
  468. package/dist/scripts/loop-merge-strategy-check.js +3 -0
  469. package/dist/scripts/loop-mesh-production-e2e-blackbox.js +3 -0
  470. package/dist/scripts/loop-mutation-ledger-check.js +3 -0
  471. package/dist/scripts/loop-observability-check.js +3 -0
  472. package/dist/scripts/loop-owner-inference-check.js +3 -0
  473. package/dist/scripts/loop-planner-check.js +3 -0
  474. package/dist/scripts/loop-planner-project-memory-check.js +4 -0
  475. package/dist/scripts/loop-planner-project-memory-deep-check.js +4 -0
  476. package/dist/scripts/loop-proof-check.js +3 -0
  477. package/dist/scripts/loop-proof-summary-cli-check.js +3 -0
  478. package/dist/scripts/loop-risk-classifier-check.js +3 -0
  479. package/dist/scripts/loop-runtime-check.js +3 -0
  480. package/dist/scripts/loop-scheduler-check.js +3 -0
  481. package/dist/scripts/loop-schema-check.js +3 -0
  482. package/dist/scripts/loop-side-effect-blackbox.js +3 -0
  483. package/dist/scripts/loop-side-effect-final-arbiter-check.js +3 -0
  484. package/dist/scripts/loop-side-effect-scanner-check.js +3 -0
  485. package/dist/scripts/loop-state-check.js +3 -0
  486. package/dist/scripts/loop-status-proof-ux-check.js +3 -0
  487. package/dist/scripts/loop-worker-fixture-guard-check.js +3 -0
  488. package/dist/scripts/loop-worker-handle-registration-check.js +3 -0
  489. package/dist/scripts/loop-worker-interrupt-check.js +3 -0
  490. package/dist/scripts/loop-worktree-policy-check.js +3 -0
  491. package/dist/scripts/loop-zellij-ui-check.js +3 -0
  492. package/dist/scripts/mad-db-capability-check.js +15 -0
  493. package/dist/scripts/mad-db-command-check.js +13 -0
  494. package/dist/scripts/mad-db-ledger-check.js +7 -0
  495. package/dist/scripts/mad-db-lifecycle-hook-decision-check.js +17 -0
  496. package/dist/scripts/mad-db-mad-command-check.js +100 -0
  497. package/dist/scripts/mad-db-mcp-result-lifecycle-check.js +30 -0
  498. package/dist/scripts/mad-db-one-cycle-bounded-check.js +27 -0
  499. package/dist/scripts/mad-db-one-cycle-consumption-check.js +16 -0
  500. package/dist/scripts/mad-db-operation-lifecycle-blackbox.js +29 -0
  501. package/dist/scripts/mad-db-operation-lifecycle-ledger-check.js +17 -0
  502. package/dist/scripts/mad-db-priority-resolver-check.js +20 -0
  503. package/dist/scripts/mad-db-safety-conflict-matrix-check.js +22 -0
  504. package/dist/scripts/mad-preflight-blocks-unreadable-config-check.js +66 -0
  505. package/dist/scripts/mad-sks-actual-executor-blackbox.js +5 -0
  506. package/dist/scripts/mad-sks-app-ui-no-mutation-check.js +92 -0
  507. package/dist/scripts/mad-sks-audit-proof-check.js +34 -0
  508. package/dist/scripts/mad-sks-db-executor-check.js +5 -0
  509. package/dist/scripts/mad-sks-executor-proof-graph-check.js +5 -0
  510. package/dist/scripts/mad-sks-fast-mode-propagation-check.js +24 -0
  511. package/dist/scripts/mad-sks-file-write-executor-check.js +5 -0
  512. package/dist/scripts/mad-sks-immutable-harness-check.js +36 -0
  513. package/dist/scripts/mad-sks-no-harness-modification-check.js +25 -0
  514. package/dist/scripts/mad-sks-package-executor-check.js +5 -0
  515. package/dist/scripts/mad-sks-permission-model-check.js +22 -0
  516. package/dist/scripts/mad-sks-rollback-apply-check.js +5 -0
  517. package/dist/scripts/mad-sks-service-executor-check.js +5 -0
  518. package/dist/scripts/mad-sks-shell-executor-check.js +5 -0
  519. package/dist/scripts/mad-sks-write-guard-check.js +28 -0
  520. package/dist/scripts/mad-sks-zellij-default-pane-worker-check.js +37 -0
  521. package/dist/scripts/mad-sks-zellij-launch-check.js +102 -0
  522. package/dist/scripts/mad-zellij-headless-fallback-blackbox.js +4 -0
  523. package/dist/scripts/mad-zellij-no-contradictory-output-check.js +4 -0
  524. package/dist/scripts/mad-zellij-self-heal-blackbox.js +4 -0
  525. package/dist/scripts/mad-zellij-self-heal-check.js +4 -0
  526. package/dist/scripts/managed-config-merge-check.js +24 -0
  527. package/dist/scripts/mcp-0-134-modernization-check.js +55 -0
  528. package/dist/scripts/mcp-plugin-inventory-check.js +12 -0
  529. package/dist/scripts/mcp-readonly-concurrency-check.js +17 -0
  530. package/dist/scripts/mcp-readonly-runtime-scheduler-check.js +20 -0
  531. package/dist/scripts/mcp-tool-naming-parity-check.js +16 -0
  532. package/dist/scripts/memory-summary-rebuild-check.js +22 -0
  533. package/dist/scripts/model-call-concurrency-check.js +15 -0
  534. package/dist/scripts/mutation-callsite-coverage-check.js +180 -0
  535. package/dist/scripts/naruto-active-pool-check.js +39 -0
  536. package/dist/scripts/naruto-actual-worker-control-plane-check.js +56 -0
  537. package/dist/scripts/naruto-allocation-policy-check.js +33 -0
  538. package/dist/scripts/naruto-allocation-runtime-wiring-check.js +92 -0
  539. package/dist/scripts/naruto-concurrency-governor-check.js +53 -0
  540. package/dist/scripts/naruto-extreme-parallelism-check.js +22 -0
  541. package/dist/scripts/naruto-extreme-parallelism-real-check.js +43 -0
  542. package/dist/scripts/naruto-gpt-final-pack-check.js +34 -0
  543. package/dist/scripts/naruto-loop-maker-checker-check.js +3 -0
  544. package/dist/scripts/naruto-loop-mesh-blackbox.js +3 -0
  545. package/dist/scripts/naruto-loop-mesh-check.js +3 -0
  546. package/dist/scripts/naruto-loop-worker-router-check.js +3 -0
  547. package/dist/scripts/naruto-orchestrator-runtime-source-check.js +70 -0
  548. package/dist/scripts/naruto-parallel-gate-consistency-check.js +8 -0
  549. package/dist/scripts/naruto-parallel-patch-apply-check.js +41 -0
  550. package/dist/scripts/naruto-parallel-runtime-proof-check.js +9 -0
  551. package/dist/scripts/naruto-parallelism-mode-check.js +12 -0
  552. package/dist/scripts/naruto-parallelism-ux-check.js +8 -0
  553. package/dist/scripts/naruto-proof-message-summary-check.js +9 -0
  554. package/dist/scripts/naruto-proof-zellij-stacked-summary-check.js +47 -0
  555. package/dist/scripts/naruto-readonly-routing-check.js +119 -0
  556. package/dist/scripts/naruto-real-active-pool-check.js +39 -0
  557. package/dist/scripts/naruto-real-active-pool-runtime-check.js +55 -0
  558. package/dist/scripts/naruto-real-parallelism-blackbox.js +294 -0
  559. package/dist/scripts/naruto-rebalance-policy-check.js +41 -0
  560. package/dist/scripts/naruto-role-distribution-check.js +23 -0
  561. package/dist/scripts/naruto-shadow-clone-swarm-check.js +164 -0
  562. package/dist/scripts/naruto-ssot-default-check.js +9 -0
  563. package/dist/scripts/naruto-ssot-gate-aliases-check.js +10 -0
  564. package/dist/scripts/naruto-ssot-pipeline-default-check.js +11 -0
  565. package/dist/scripts/naruto-ssot-route-normalization-check.js +9 -0
  566. package/dist/scripts/naruto-ssot-routing-check.js +13 -0
  567. package/dist/scripts/naruto-verification-pool-check.js +36 -0
  568. package/dist/scripts/naruto-visible-vs-active-workers-check.js +10 -0
  569. package/dist/scripts/naruto-work-graph-check.js +24 -0
  570. package/dist/scripts/naruto-worktree-coding-blackbox.js +29 -0
  571. package/dist/scripts/naruto-worktree-coding-check.js +44 -0
  572. package/dist/scripts/naruto-worktree-gpt-final-check.js +45 -0
  573. package/dist/scripts/naruto-worktree-zellij-ui-check.js +28 -0
  574. package/dist/scripts/naruto-zellij-dynamic-right-column-check.js +48 -0
  575. package/dist/scripts/naruto-zellij-massive-ui-check.js +23 -0
  576. package/dist/scripts/native-app-screenshot-repair-check.js +11 -0
  577. package/dist/scripts/native-capability-postcheck-check.js +16 -0
  578. package/dist/scripts/native-capability-repair-check.js +15 -0
  579. package/dist/scripts/native-capability-repair-matrix-check.js +10 -0
  580. package/dist/scripts/native-chrome-web-review-repair-check.js +10 -0
  581. package/dist/scripts/native-computer-use-repair-check.js +10 -0
  582. package/dist/scripts/native-image-generation-repair-check.js +9 -0
  583. package/dist/scripts/native-swarm-heartbeat-does-not-serialize-launch-check.js +8 -0
  584. package/dist/scripts/native-swarm-process-spawn-proof-check.js +7 -0
  585. package/dist/scripts/native-swarm-zellij-does-not-block-workers-check.js +11 -0
  586. package/dist/scripts/no-ts-nocheck-core-check.js +4 -0
  587. package/dist/scripts/no-ts-nocheck-release-scripts-check.js +4 -0
  588. package/dist/scripts/non-recursive-pipeline-check.js +68 -0
  589. package/dist/scripts/npm-publish-performance-check.js +65 -0
  590. package/dist/scripts/official-docs-compat-report.js +304 -0
  591. package/dist/scripts/orphan-gate-detection-check.js +53 -0
  592. package/dist/scripts/orphan-purge-final-check.js +5 -0
  593. package/dist/scripts/orphan-strong-detection-check.js +12 -0
  594. package/dist/scripts/package-published-contract-check.js +46 -0
  595. package/dist/scripts/packlist-performance-check.js +83 -0
  596. package/dist/scripts/parallel-claim-enforcement-check.js +21 -0
  597. package/dist/scripts/parallel-missing-pid-rejection-check.js +55 -0
  598. package/dist/scripts/parallel-runtime-proof-check.js +23 -0
  599. package/dist/scripts/parallel-runtime-proof-events-check.js +13 -0
  600. package/dist/scripts/parallel-runtime-real-blackbox.js +44 -0
  601. package/dist/scripts/parallel-strict-pid-proof-check.js +54 -0
  602. package/dist/scripts/parallel-verification-engine-check.js +85 -0
  603. package/dist/scripts/pipeline-codex-0140-integration-check.js +30 -0
  604. package/dist/scripts/pipeline-codex-native-doctor-mad-routing-check.js +4 -0
  605. package/dist/scripts/pipeline-codex-native-doctor-mad-routing-real-blackbox.js +77 -0
  606. package/dist/scripts/pipeline-codex-native-e2e-blackbox.js +13 -0
  607. package/dist/scripts/pipeline-codex-native-image-routing-check.js +4 -0
  608. package/dist/scripts/pipeline-codex-native-image-routing-real-blackbox.js +50 -0
  609. package/dist/scripts/pipeline-codex-native-loop-routing-check.js +4 -0
  610. package/dist/scripts/pipeline-codex-native-loop-routing-real-blackbox.js +74 -0
  611. package/dist/scripts/pipeline-codex-native-qa-routing-check.js +4 -0
  612. package/dist/scripts/pipeline-codex-native-qa-routing-real-blackbox.js +51 -0
  613. package/dist/scripts/pipeline-codex-native-research-routing-check.js +4 -0
  614. package/dist/scripts/pipeline-codex-native-research-routing-real-blackbox.js +45 -0
  615. package/dist/scripts/pipeline-execution-profile-routing-blackbox.js +4 -0
  616. package/dist/scripts/pipeline-five-minute-sla-check.js +7 -0
  617. package/dist/scripts/postinstall-safe-side-effects-check.js +65 -0
  618. package/dist/scripts/ppt-full-e2e-artifact-graph-check.js +40 -0
  619. package/dist/scripts/ppt-full-e2e-blackbox-check.js +109 -0
  620. package/dist/scripts/ppt-image-voxel-relations-check.js +9 -0
  621. package/dist/scripts/ppt-imagegen-blackbox-check.js +46 -0
  622. package/dist/scripts/ppt-imagegen-review-fixture-check.js +6 -0
  623. package/dist/scripts/ppt-issue-extraction-fixture-check.js +7 -0
  624. package/dist/scripts/ppt-no-mock-as-real-check.js +8 -0
  625. package/dist/scripts/ppt-no-text-fallback-check.js +7 -0
  626. package/dist/scripts/ppt-proof-trust-fixture-check.js +10 -0
  627. package/dist/scripts/ppt-real-export-adapter-check.js +13 -0
  628. package/dist/scripts/ppt-real-imagegen-smoke-check.js +42 -0
  629. package/dist/scripts/ppt-real-imagegen-wiring-check.js +16 -0
  630. package/dist/scripts/ppt-reexport-rereview-check.js +19 -0
  631. package/dist/scripts/ppt-slide-export-fixture-check.js +7 -0
  632. package/dist/scripts/prepublish-fast-check.js +128 -0
  633. package/dist/scripts/priority-full-closure-check.js +12 -0
  634. package/dist/scripts/probe-memoization-check.js +11 -0
  635. package/dist/scripts/product-design-auto-install-check.js +119 -0
  636. package/dist/scripts/product-design-plugin-routing-check.js +101 -0
  637. package/dist/scripts/project-skill-dedupe-blackbox.js +36 -0
  638. package/dist/scripts/project-skill-dedupe-check.js +16 -0
  639. package/dist/scripts/prompt-placeholder-guard-check.js +33 -0
  640. package/dist/scripts/proof-root-cause-policy-check.js +70 -0
  641. package/dist/scripts/provider-badge-context-check.js +26 -0
  642. package/dist/scripts/provider-context-config-toml-check.js +63 -0
  643. package/dist/scripts/python-codex-sdk-all-pipelines-check.js +47 -0
  644. package/dist/scripts/python-codex-sdk-capability-check.js +75 -0
  645. package/dist/scripts/python-codex-sdk-sandbox-policy-check.js +10 -0
  646. package/dist/scripts/python-codex-sdk-stream-bridge-check.js +12 -0
  647. package/dist/scripts/python-tools-smoke-check.js +71 -0
  648. package/dist/scripts/qa-actual-route-backfill-check.js +5 -0
  649. package/dist/scripts/qa-backfill-route-blackbox.js +5 -0
  650. package/dist/scripts/qa-loop-app-handoff-capability-check.js +9 -0
  651. package/dist/scripts/qa-loop-app-handoff-check.js +9 -0
  652. package/dist/scripts/qa-loop-app-handoff-cli-check.js +8 -0
  653. package/dist/scripts/qa-loop-app-handoff-confirmation-check.js +24 -0
  654. package/dist/scripts/qa-loop-app-handoff-gate-lifecycle-check.js +44 -0
  655. package/dist/scripts/qa-loop-app-handoff-launch-check.js +7 -0
  656. package/dist/scripts/qa-loop-app-handoff-status-lifecycle-check.js +7 -0
  657. package/dist/scripts/qa-loop-budget-policy-check.js +8 -0
  658. package/dist/scripts/qa-loop-effort-escalation-check.js +9 -0
  659. package/dist/scripts/qa-loop-execution-profile-routing-check.js +4 -0
  660. package/dist/scripts/qa-loop-image-path-exposure-check.js +9 -0
  661. package/dist/scripts/qa-loop-image-path-prompt-injection-check.js +8 -0
  662. package/dist/scripts/qa-patch-swarm-route-blackbox.js +10 -0
  663. package/dist/scripts/readme-architecture-imagegen-official-check.js +448 -0
  664. package/dist/scripts/release-affected-selector-check.js +41 -0
  665. package/dist/scripts/release-aggressive-resource-governor-check.js +25 -0
  666. package/dist/scripts/release-batch-runner-check.js +6 -0
  667. package/dist/scripts/release-cache-bridge-check.js +23 -0
  668. package/dist/scripts/release-cache-glob-hashing-check.js +42 -0
  669. package/dist/scripts/release-cache-input-classifier-check.js +13 -0
  670. package/dist/scripts/release-cache-neutralization-report-check.js +13 -0
  671. package/dist/scripts/release-cache-version-neutral-fixture-check.js +65 -0
  672. package/dist/scripts/release-check-stamp.js +2 -1
  673. package/dist/scripts/release-dag-full-coverage-check.js +428 -0
  674. package/dist/scripts/release-dist-freshness-check.js +8 -0
  675. package/dist/scripts/release-dynamic-performance-check.js +110 -0
  676. package/dist/scripts/release-dynamic-presets-check.js +20 -0
  677. package/dist/scripts/release-full-parallelism-blackbox.js +41 -0
  678. package/dist/scripts/release-gate-batch-runner-check.js +43 -0
  679. package/dist/scripts/release-gate-budget-check.js +36 -0
  680. package/dist/scripts/release-gate-dag-runner-check.js +107 -0
  681. package/dist/scripts/release-gate-script-parity-check.js +117 -0
  682. package/dist/scripts/release-metadata-1-11-check.js +37 -0
  683. package/dist/scripts/release-metadata-1-12-check.js +48 -0
  684. package/dist/scripts/release-metadata-1-13-check.js +53 -0
  685. package/dist/scripts/release-metadata-1-14-check.js +63 -0
  686. package/dist/scripts/release-metadata-1-16-check.js +81 -0
  687. package/dist/scripts/release-metadata-1-17-check.js +51 -0
  688. package/dist/scripts/release-metadata-1-19-check.js +376 -0
  689. package/dist/scripts/release-metadata-check.js +7 -0
  690. package/dist/scripts/release-native-agent-fixture-check.js +41 -0
  691. package/dist/scripts/release-parallel-check.js +375 -0
  692. package/dist/scripts/release-parallel-full-coverage-check.js +13 -0
  693. package/dist/scripts/release-parallel-speed-budget-check.js +91 -0
  694. package/dist/scripts/release-proof-truth-check.js +14 -0
  695. package/dist/scripts/release-provenance-check.js +143 -0
  696. package/dist/scripts/release-readiness-report.js +1231 -0
  697. package/dist/scripts/release-real-check.js +338 -0
  698. package/dist/scripts/release-registry-check.js +353 -0
  699. package/dist/scripts/release-runtime-truth-matrix-check.js +47 -0
  700. package/dist/scripts/release-script-type-safety-check.js +4 -0
  701. package/dist/scripts/release-speed-summary-check.js +20 -0
  702. package/dist/scripts/release-stability-report-check.js +99 -0
  703. package/dist/scripts/release-triwiki-first-runner-blackbox.js +44 -0
  704. package/dist/scripts/release-triwiki-first-runner-check.js +9 -0
  705. package/dist/scripts/release-version-truth-check.js +134 -0
  706. package/dist/scripts/release-wiring-3110-blackbox.js +27 -0
  707. package/dist/scripts/release-wiring-3112-blackbox.js +17 -0
  708. package/dist/scripts/release-wiring-3113-blackbox.js +17 -0
  709. package/dist/scripts/research-actual-route-backfill-check.js +5 -0
  710. package/dist/scripts/research-backfill-route-blackbox.js +5 -0
  711. package/dist/scripts/research-blueprint-densifier-check.js +21 -0
  712. package/dist/scripts/research-claim-builder-check.js +19 -0
  713. package/dist/scripts/research-complete-package-fixture-check.js +29 -0
  714. package/dist/scripts/research-execution-profile-routing-check.js +4 -0
  715. package/dist/scripts/research-final-reviewer-blackbox.js +70 -0
  716. package/dist/scripts/research-handoff-consumability-check.js +23 -0
  717. package/dist/scripts/research-parallel-source-shards-check.js +22 -0
  718. package/dist/scripts/research-quality-gate-check.js +112 -0
  719. package/dist/scripts/research-real-cycle-no-legacy-final-md-check.js +14 -0
  720. package/dist/scripts/research-real-synthesis-no-deterministic-renderer-check.js +14 -0
  721. package/dist/scripts/research-repetition-detector-check.js +19 -0
  722. package/dist/scripts/research-short-report-rejection-check.js +46 -0
  723. package/dist/scripts/research-source-ledger-merge-check.js +26 -0
  724. package/dist/scripts/research-stage-cycle-runtime-blackbox.js +40 -0
  725. package/dist/scripts/research-synthesis-prompt-contract-check.js +36 -0
  726. package/dist/scripts/research-synthesis-writer-blackbox.js +24 -0
  727. package/dist/scripts/research-synthesis-writer-check.js +26 -0
  728. package/dist/scripts/research-template-report-rejection-check.js +56 -0
  729. package/dist/scripts/research-ultra-stability-report.js +45 -0
  730. package/dist/scripts/responses-retry-policy-centralized-check.js +19 -0
  731. package/dist/scripts/retention-cleanup-safety-check.js +155 -0
  732. package/dist/scripts/route-blackbox-realism-check.js +21 -0
  733. package/dist/scripts/route-proof-artifact-structure-check.js +145 -0
  734. package/dist/scripts/runtime-dist-parity-check.js +78 -0
  735. package/dist/scripts/runtime-no-mjs-scripts-check.js +45 -0
  736. package/dist/scripts/runtime-no-src-mjs-check.js +32 -0
  737. package/dist/scripts/runtime-no-tmux-check.js +114 -0
  738. package/dist/scripts/runtime-proof-summary-check.js +58 -0
  739. package/dist/scripts/runtime-proof-summary-cli-check.js +51 -0
  740. package/dist/scripts/runtime-proof-summary-messages-check.js +37 -0
  741. package/dist/scripts/runtime-proof-zellij-stacked-summary-check.js +58 -0
  742. package/dist/scripts/runtime-ts-python-boundary-check.js +59 -0
  743. package/dist/scripts/runtime-ts-rust-boundary-check.js +74 -0
  744. package/dist/scripts/runtime-ts-source-of-truth-check.js +55 -0
  745. package/dist/scripts/safety-check.js +23 -0
  746. package/dist/scripts/scheduler-batch-dispatch-check.js +17 -0
  747. package/dist/scripts/scheduler-critical-path-check.js +9 -0
  748. package/dist/scripts/scheduler-extreme-parallel-check.js +7 -0
  749. package/dist/scripts/scheduler-no-false-pending-block-check.js +7 -0
  750. package/dist/scripts/scheduler-parallel-proof-consistency-check.js +65 -0
  751. package/dist/scripts/scheduler-resource-budget-check.js +7 -0
  752. package/dist/scripts/scheduler-resource-claim-blackbox.js +24 -0
  753. package/dist/scripts/scheduler-utilization-integral-check.js +105 -0
  754. package/dist/scripts/scheduler-utilization-proof-check.js +8 -0
  755. package/dist/scripts/secret-line-rollback-check.js +35 -0
  756. package/dist/scripts/secret-preservation-check.js +11 -0
  757. package/dist/scripts/secret-preservation-guard-check.js +37 -0
  758. package/dist/scripts/shared-memory-fixture-check.js +27 -0
  759. package/dist/scripts/side-effect-runtime-report-check.js +19 -0
  760. package/dist/scripts/side-effect-zero-gate-check.js +226 -0
  761. package/dist/scripts/skill-name-canonicalizer-check.js +9 -0
  762. package/dist/scripts/skill-registry-ledger-check.js +14 -0
  763. package/dist/scripts/skill-sync-atomic-check.js +35 -0
  764. package/dist/scripts/sks-1-11-fixture-check.js +130 -0
  765. package/dist/scripts/sks-1-12-real-execution-check-lib.js +27 -0
  766. package/dist/scripts/sks-3-1-4-directive-check-lib.js +212 -0
  767. package/dist/scripts/sks-3-1-5-directive-check-lib.js +318 -0
  768. package/dist/scripts/sks-3-1-6-directive-check-lib.js +522 -0
  769. package/dist/scripts/sks-3-1-7-directive-check-lib.js +58 -0
  770. package/dist/scripts/sks-3-1-8-check-lib.js +30 -0
  771. package/dist/scripts/sks-3110-all-feature-regression-blackbox.js +116 -0
  772. package/dist/scripts/sks-3112-all-feature-regression-blackbox.js +29 -0
  773. package/dist/scripts/sks-3113-all-feature-regression-blackbox.js +17 -0
  774. package/dist/scripts/sks-400-all-feature-regression-blackbox.js +21 -0
  775. package/dist/scripts/sks-400-extreme-parallel-blackbox.js +8 -0
  776. package/dist/scripts/sks-400-five-minute-blackbox.js +9 -0
  777. package/dist/scripts/sks-400-legacy-purge-blackbox.js +8 -0
  778. package/dist/scripts/sks-401-all-feature-regression-blackbox.js +46 -0
  779. package/dist/scripts/sks-401-five-minute-actual-blackbox.js +23 -0
  780. package/dist/scripts/sks-402-all-feature-regression-blackbox.js +9 -0
  781. package/dist/scripts/sks-402-five-minute-real-blackbox.js +22 -0
  782. package/dist/scripts/sksd-daemon-check.js +9 -0
  783. package/dist/scripts/sksd-warm-cache-blackbox.js +12 -0
  784. package/dist/scripts/source-intelligence-all-modes-check.js +32 -0
  785. package/dist/scripts/source-intelligence-policy-check.js +13 -0
  786. package/dist/scripts/strategy-adhd-orchestrating-gate-check.js +22 -0
  787. package/dist/scripts/strategy-file-ownership-plan-check.js +18 -0
  788. package/dist/scripts/strategy-parallel-modification-plan-check.js +19 -0
  789. package/dist/scripts/strategy-verification-rollback-dag-check.js +19 -0
  790. package/dist/scripts/supabase-secret-preservation-blackbox.js +29 -0
  791. package/dist/scripts/team-actual-route-backfill-check.js +5 -0
  792. package/dist/scripts/team-alias-to-naruto-check.js +7 -0
  793. package/dist/scripts/team-backfill-route-blackbox.js +5 -0
  794. package/dist/scripts/team-legacy-create-removed-check.js +12 -0
  795. package/dist/scripts/team-parallel-write-blackbox.js +55 -0
  796. package/dist/scripts/team-patch-swarm-route-blackbox.js +10 -0
  797. package/dist/scripts/terminal-keyboard-enhancement-safety-check.js +12 -0
  798. package/dist/scripts/terminal-tui-output-stability-check.js +35 -0
  799. package/dist/scripts/test-no-orphan-dist-imports-check.js +73 -0
  800. package/dist/scripts/triwiki-affected-graph-blackbox.js +28 -0
  801. package/dist/scripts/triwiki-affected-graph-check.js +10 -0
  802. package/dist/scripts/triwiki-cache-key-check.js +9 -0
  803. package/dist/scripts/triwiki-gate-impact-map-check.js +8 -0
  804. package/dist/scripts/triwiki-module-card-check.js +7 -0
  805. package/dist/scripts/triwiki-proof-bank-blackbox.js +30 -0
  806. package/dist/scripts/triwiki-proof-bank-check.js +7 -0
  807. package/dist/scripts/triwiki-proof-bank-lock-blackbox.js +7 -0
  808. package/dist/scripts/triwiki-proof-card-check.js +23 -0
  809. package/dist/scripts/triwiki-stale-proof-rejection-check.js +25 -0
  810. package/dist/scripts/trust-fixture-check.js +33 -0
  811. package/dist/scripts/type-surface-codex-app-check.js +4 -0
  812. package/dist/scripts/typescript-migration-report.js +78 -0
  813. package/dist/scripts/ultra-router-auto-router-check.js +33 -0
  814. package/dist/scripts/ultra-router-classification-check.js +28 -0
  815. package/dist/scripts/update-gate-removed-check.js +9 -0
  816. package/dist/scripts/update-mad-zellij-notice-check.js +9 -0
  817. package/dist/scripts/update-notice-check.js +10 -0
  818. package/dist/scripts/update-preserves-supabase-keys-blackbox.js +27 -0
  819. package/dist/scripts/update-secret-migration-journal-check.js +8 -0
  820. package/dist/scripts/update-secret-preservation-guard-check.js +10 -0
  821. package/dist/scripts/ux-patch-swarm-route-blackbox.js +10 -0
  822. package/dist/scripts/ux-ppt-structured-extraction-check.js +21 -0
  823. package/dist/scripts/ux-review-extract-real-callouts-fixture-check.js +8 -0
  824. package/dist/scripts/ux-review-extract-wires-real-extractor-check.js +15 -0
  825. package/dist/scripts/ux-review-generate-callouts-fixture-check.js +9 -0
  826. package/dist/scripts/ux-review-image-voxel-relations-check.js +31 -0
  827. package/dist/scripts/ux-review-imagegen-blackbox-check.js +67 -0
  828. package/dist/scripts/ux-review-no-fake-callouts-check.js +8 -0
  829. package/dist/scripts/ux-review-no-text-fallback-check.js +25 -0
  830. package/dist/scripts/ux-review-patch-diff-recheck-check.js +20 -0
  831. package/dist/scripts/ux-review-patch-handoff-fixture-check.js +8 -0
  832. package/dist/scripts/ux-review-real-imagegen-smoke-check.js +31 -0
  833. package/dist/scripts/ux-review-real-loop-fixture-check.js +24 -0
  834. package/dist/scripts/ux-review-recapture-recheck-fixture-check.js +8 -0
  835. package/dist/scripts/ux-review-run-wires-imagegen-check.js +11 -0
  836. package/dist/scripts/worker-pane-communication-contract-check.js +54 -0
  837. package/dist/scripts/wrongness-fixture-check.js +65 -0
  838. package/dist/scripts/xai-mcp-capability-check.js +14 -0
  839. package/dist/scripts/zellij-capability-check.js +15 -0
  840. package/dist/scripts/zellij-dashboard-pane-check.js +70 -0
  841. package/dist/scripts/zellij-developer-controls-check.js +20 -0
  842. package/dist/scripts/zellij-doctor-readiness-check.js +63 -0
  843. package/dist/scripts/zellij-dynamic-pane-lifecycle-check.js +21 -0
  844. package/dist/scripts/zellij-fake-adapter-check.js +33 -0
  845. package/dist/scripts/zellij-first-slot-down-stack-check.js +21 -0
  846. package/dist/scripts/zellij-first-slot-down-stack-real-check.js +349 -0
  847. package/dist/scripts/zellij-homebrew-policy-check.js +4 -0
  848. package/dist/scripts/zellij-initial-main-only-blackbox.js +28 -0
  849. package/dist/scripts/zellij-lane-renderer-check.js +80 -0
  850. package/dist/scripts/zellij-launch-command-truth-check.js +75 -0
  851. package/dist/scripts/zellij-layout-valid-check.js +90 -0
  852. package/dist/scripts/zellij-pane-creation-lock-metrics-check.js +12 -0
  853. package/dist/scripts/zellij-pane-lock-concurrency-blackbox.js +80 -0
  854. package/dist/scripts/zellij-pane-lock-does-not-block-worker-check.js +14 -0
  855. package/dist/scripts/zellij-pane-lock-open-worker-integration-blackbox.js +137 -0
  856. package/dist/scripts/zellij-pane-proof-check.js +59 -0
  857. package/dist/scripts/zellij-qa-app-handoff-status-check.js +9 -0
  858. package/dist/scripts/zellij-real-session-cleanup-check.js +21 -0
  859. package/dist/scripts/zellij-real-session-heartbeat-check.js +49 -0
  860. package/dist/scripts/zellij-real-session-launch-check.js +57 -0
  861. package/dist/scripts/zellij-right-column-headless-overflow-check.js +22 -0
  862. package/dist/scripts/zellij-right-column-manager-check.js +27 -0
  863. package/dist/scripts/zellij-screen-proof-check.js +45 -0
  864. package/dist/scripts/zellij-self-heal-check.js +4 -0
  865. package/dist/scripts/zellij-self-heal-dry-run-check.js +4 -0
  866. package/dist/scripts/zellij-self-heal-status-contract-check.js +4 -0
  867. package/dist/scripts/zellij-self-heal-typed-blackbox.js +4 -0
  868. package/dist/scripts/zellij-slot-column-anchor-check.js +66 -0
  869. package/dist/scripts/zellij-slot-column-anchor-telemetry-check.js +9 -0
  870. package/dist/scripts/zellij-slot-only-ui-check.js +31 -0
  871. package/dist/scripts/zellij-slot-pane-renderer-check.js +150 -0
  872. package/dist/scripts/zellij-slot-pane-stale-detection-check.js +74 -0
  873. package/dist/scripts/zellij-slot-pane-telemetry-renderer-check.js +11 -0
  874. package/dist/scripts/zellij-slot-renderer-proof-semantics-check.js +59 -0
  875. package/dist/scripts/zellij-slot-telemetry-check.js +39 -0
  876. package/dist/scripts/zellij-slot-telemetry-incremental-check.js +48 -0
  877. package/dist/scripts/zellij-slot-telemetry-live-flush-check.js +57 -0
  878. package/dist/scripts/zellij-slot-telemetry-performance-check.js +34 -0
  879. package/dist/scripts/zellij-slot-telemetry-real-blackbox.js +20 -0
  880. package/dist/scripts/zellij-slot-telemetry-renderer-check.js +10 -0
  881. package/dist/scripts/zellij-slot-telemetry-runtime-check.js +23 -0
  882. package/dist/scripts/zellij-spawn-on-demand-layout-check.js +40 -0
  883. package/dist/scripts/zellij-stacked-capability-routing-check.js +11 -0
  884. package/dist/scripts/zellij-stacked-fallback-integration-blackbox.js +81 -0
  885. package/dist/scripts/zellij-stacked-version-matrix-check.js +31 -0
  886. package/dist/scripts/zellij-stacked-version-parser-check.js +21 -0
  887. package/dist/scripts/zellij-ui-design-check.js +105 -0
  888. package/dist/scripts/zellij-update-missing-self-heal-check.js +4 -0
  889. package/dist/scripts/zellij-update-prompt-matrix-check.js +18 -0
  890. package/dist/scripts/zellij-update-prompt-mode-check.js +20 -0
  891. package/dist/scripts/zellij-update-prompt-safety-check.js +10 -0
  892. package/dist/scripts/zellij-worker-pane-manager-check.js +109 -0
  893. package/dist/scripts/zellij-worker-pane-manager-single-owner-check.js +47 -0
  894. package/dist/scripts/zellij-worker-pane-real-ui-blackbox.js +202 -0
  895. package/dist/scripts/zellij-worker-pane-spawn-order-check.js +35 -0
  896. package/package.json +17 -7
  897. package/schemas/codex/app-server-0.142/codex_app_server_protocol.v2.schemas.json +18447 -0
  898. package/schemas/codex-release-manifest.schema.json +44 -0
@@ -0,0 +1,47 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs';
4
+ import os from 'node:os';
5
+ import path from 'node:path';
6
+ import { assertGate, emitGate, importDist, readText } from './lib/codex-sdk-gate-lib.js';
7
+ const researchCommand = readText('src/core/commands/research-command.ts');
8
+ assertGate(researchCommand.includes("backend: mock ? 'fake' : 'codex-sdk'"), 'Research pipeline must default native agents to codex-sdk');
9
+ assertGate(researchCommand.includes("flag(args, '--autoresearch') ? '$AutoResearch' : '$Research'"), 'Research/AutoResearch route selection missing');
10
+ assertGate(researchCommand.includes('narutoWorkGraph: researchWorkGraph'), 'Research pipeline must pass the stage-aware Naruto work graph');
11
+ assertGate(researchCommand.includes('readonly: true'), 'Research pipeline must force read-only native orchestration');
12
+ assertGate(researchCommand.includes('quality_metrics'), 'Research pipeline JSON output must include quality metrics');
13
+ assertGate(researchCommand.includes('const cycleResult = await runResearchCycle({'), 'Research default path must use runResearchCycle');
14
+ assertGate(researchCommand.includes('--legacy-research-cycle'), 'Legacy final.md loop must be opt-in only');
15
+ const researchCore = readText('src/core/research.ts');
16
+ assertGate(researchCore.includes('readResearchQualityContract'), 'Research gate must read research-quality-contract.json');
17
+ assertGate(researchCore.includes('claim_evidence_matrix_missing'), 'Research gate must require claim-evidence-matrix.json');
18
+ assertGate(researchCore.includes('research_final_review_not_approved'), 'Research gate must require final reviewer approval');
19
+ for (const [file, tokens] of Object.entries({
20
+ 'src/core/research/research-work-graph.ts': ['buildResearchWorkGraph', 'source_shard_academic_literature'],
21
+ 'src/core/research/research-cycle-runner.ts': ['runResearchCycle', 'Promise.race'],
22
+ 'src/core/research/research-final-reviewer.ts': ['runResearchCodexFinalReviewer'],
23
+ 'src/core/research/claim-evidence-matrix.ts': ['claim-evidence-matrix'],
24
+ 'src/core/research/implementation-blueprint.ts': ['implementation-blueprint'],
25
+ 'src/core/research/research-quality-contract.ts': ['research-quality-contract']
26
+ })) {
27
+ const text = readText(file);
28
+ for (const token of tokens)
29
+ assertGate(text.includes(token), `${file} missing token ${token}`);
30
+ }
31
+ const research = await importDist('core/research.js');
32
+ const fsx = await importDist('core/fsx.js');
33
+ const dirShort = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-codex-research-short-'));
34
+ const planShort = await research.writeResearchPlan(dirShort, 'codex sdk short rejection fixture', { missionId: 'M-CODEX-SHORT' });
35
+ await fsx.writeTextAtomic(path.join(dirShort, 'research-report.md'), `# Short Report\n\n${Array.from({ length: 300 }, (_unused, index) => `word${index}`).join(' ')}\n`);
36
+ await fsx.writeJsonAtomic(path.join(dirShort, 'source-ledger.json'), { schema_version: 1, web_search_passes: 1, source_layers: [], sources: [], counterevidence_sources: [], triangulation: { cross_layer_checks: [] }, citation_coverage: { all_key_claims_cited: false }, blockers: [] });
37
+ await fsx.writeJsonAtomic(path.join(dirShort, 'implementation-blueprint.json'), { schema: 'sks.research-implementation-blueprint.v1', sections: [] });
38
+ const shortGate = await research.evaluateResearchGate(dirShort);
39
+ assertGate(shortGate.passed === false, 'codex-sdk research pipeline must reject short report fixture', shortGate);
40
+ assertGate((shortGate.reasons || []).includes('research_report_too_short'), 'short rejection must include report length reason', shortGate);
41
+ const dirComplete = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-codex-research-complete-'));
42
+ const planComplete = await research.writeResearchPlan(dirComplete, 'codex sdk complete package fixture', { missionId: 'M-CODEX-COMPLETE' });
43
+ const completeGate = await research.writeMockResearchResult(dirComplete, planComplete);
44
+ assertGate(completeGate.passed === true, 'codex-sdk research pipeline must pass complete package fixture', completeGate);
45
+ assertGate(completeGate.metrics?.final_review_approved === true, 'complete package must include approved final review', completeGate.metrics);
46
+ emitGate('codex-sdk:research-pipeline', { route: '$Research', short_dir: dirShort, complete_dir: dirComplete });
47
+ //# sourceMappingURL=codex-sdk-research-pipeline-check.js.map
@@ -0,0 +1,21 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
4
+ const mod = await importDist('core/codex-control/codex-sdk-sandbox-policy.js');
5
+ const base = {
6
+ route: '$Agent',
7
+ missionId: 'M-sandbox',
8
+ cwd: process.cwd(),
9
+ prompt: 'sandbox fixture',
10
+ outputSchemaId: 'sks.agent-worker-result.v1',
11
+ outputSchema: {},
12
+ mutationLedgerRoot: process.cwd()
13
+ };
14
+ const readOnly = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'read-only', requestedScopeContract: { read_only: true } });
15
+ const workspace = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'workspace-write', requestedScopeContract: { read_only: false, allowed_paths: ['tmp'], write_paths: ['tmp'] } });
16
+ const fullBlocked = mod.mapCodexSdkSandboxPolicy({ ...base, sandboxPolicy: 'full-access', requestedScopeContract: { read_only: false } });
17
+ assertGate(readOnly.ok && readOnly.sandboxMode === 'read-only', 'read-only sandbox mapping failed', readOnly);
18
+ assertGate(workspace.ok && workspace.sandboxMode === 'workspace-write', 'workspace-write sandbox mapping failed', workspace);
19
+ assertGate(!fullBlocked.ok && fullBlocked.blockers.includes('codex_sdk_full_access_requires_explicit_mad_scope'), 'full-access must require explicit authorization', fullBlocked);
20
+ emitGate('codex-sdk:sandbox-policy', { read_only: readOnly.sandboxMode, workspace: workspace.sandboxMode, full_blockers: fullBlocked.blockers });
21
+ //# sourceMappingURL=codex-sdk-sandbox-policy-check.js.map
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
4
+ const fixture = await runFakeCodexSdkTaskFixture('structured-output');
5
+ assertGate(fixture.result.ok === true, 'Codex SDK fake run must pass', fixture.result);
6
+ assertGate(fixture.result.structuredOutputValid === true, 'structured output must validate', fixture.result);
7
+ assertGate(fixture.worker.backend === 'codex-sdk', 'worker backend must be codex-sdk', fixture.worker);
8
+ assertGate(fixture.worker.verification?.checks?.includes('sks.agent-worker-result.v1'), 'worker verification must reference output schema', fixture.worker);
9
+ emitGate('codex-sdk:structured-output', { output_schema_id: fixture.proof.output_schema_id, structured_output_valid: fixture.result.structuredOutputValid });
10
+ //# sourceMappingURL=codex-sdk-structured-output-check.js.map
@@ -0,0 +1,12 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
4
+ const team = readText('src/core/commands/team-command.ts');
5
+ const naruto = readText('src/core/commands/naruto-command.ts');
6
+ const agent = readText('src/core/agents/agent-command-surface.ts');
7
+ assertGate(team.includes('redirectTeamCreateToNaruto') && team.includes('narutoCommand'), 'Team create must redirect to Naruto codex-sdk SSOT');
8
+ assertGate(naruto.includes("backend: 'codex-sdk'"), 'Naruto help/defaults must expose codex-sdk');
9
+ assertGate(agent.includes("useLocalModel && !noOllama") && agent.includes("'local-llm'") && agent.includes("useOllamaProtocol && !noOllama"), 'Agent command surface must route --local-model to local-llm and --ollama to ollama explicitly');
10
+ assertGate(agent.includes('backendExplicit'), 'Agent command surface must preserve explicit backend/local-model intent');
11
+ emitGate('codex-sdk:team-naruto-agent-pipeline', { routes: ['$Team', '$Naruto', '$Agent'] });
12
+ //# sourceMappingURL=codex-sdk-team-naruto-agent-pipeline-check.js.map
@@ -0,0 +1,11 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
4
+ const fixture = await runFakeCodexSdkTaskFixture('thread-registry', { zellijPaneId: 'pane-42' });
5
+ const thread = fixture.registry.threads[0] || {};
6
+ assertGate(fixture.registry.thread_count === 1, 'thread registry must record one thread', fixture.registry);
7
+ assertGate(thread.sdk_thread_id === fixture.result.sdkThreadId, 'thread registry sdk_thread_id mismatch', { thread, result: fixture.result });
8
+ assertGate(thread.zellij_pane_id === 'pane-42', 'thread registry must link zellij pane id when present', thread);
9
+ assertGate(thread.output_schema_id === 'sks.agent-worker-result.v1', 'thread registry output schema mismatch', thread);
10
+ emitGate('codex-sdk:thread-registry', { thread_count: fixture.registry.thread_count, sdk_thread_id: thread.sdk_thread_id });
11
+ //# sourceMappingURL=codex-sdk-thread-registry-check.js.map
@@ -0,0 +1,9 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, packageScripts } from './lib/codex-sdk-gate-lib.js';
4
+ const scripts = packageScripts();
5
+ assertGate(Boolean(scripts['ux-review:imagegen-blackbox']), 'UX review imagegen blackbox gate missing');
6
+ assertGate(Boolean(scripts['ppt:imagegen-blackbox']), 'PPT imagegen blackbox gate missing');
7
+ assertGate(Boolean(scripts['ux-ppt:structured-extraction']), 'UX/PPT structured extraction gate missing');
8
+ emitGate('codex-sdk:ux-ppt-review-pipeline', { gates: ['ux-review:imagegen-blackbox', 'ppt:imagegen-blackbox', 'ux-ppt:structured-extraction'] });
9
+ //# sourceMappingURL=codex-sdk-ux-ppt-review-pipeline-check.js.map
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, readJson } from './sks-1-18-gate-lib.js';
4
+ const pkg = readJson('package.json');
5
+ const lock = readJson('package-lock.json');
6
+ const dep = pkg.dependencies?.['@openai/codex-sdk'];
7
+ const lockDep = lock.packages?.['node_modules/@openai/codex-sdk']?.version;
8
+ assertGate(dep === '0.142.0' && lockDep === '0.142.0', '@openai/codex-sdk must be pinned to 0.142.0 compatibility in package and lockfile', { dep, lockDep });
9
+ emitGate('codex-sdk:version-compat', { dependency: dep, lock_version: lockDep });
10
+ //# sourceMappingURL=codex-sdk-version-compat-check.js.map
@@ -0,0 +1,13 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, readText, runFakeCodexSdkTaskFixture } from './lib/codex-sdk-gate-lib.js';
4
+ const fixture = await runFakeCodexSdkTaskFixture('zellij-binding', { zellijPaneId: 'pane-999' });
5
+ const swarmSource = readText('src/core/agents/native-cli-session-swarm.ts');
6
+ const proofSource = readText('src/core/agents/agent-slot-pane-binding-proof.ts');
7
+ const managerSource = readText('src/core/zellij/zellij-worker-pane-manager.ts');
8
+ assertGate(fixture.proof.zellij_pane_id === 'pane-999', 'control proof must link zellij pane id', fixture.proof);
9
+ assertGate(swarmSource.includes('codex_sdk_thread_started'), 'swarm must emit SDK thread event');
10
+ assertGate(proofSource.includes('worker_codex_sdk') && proofSource.includes('slot_status_renderer'), 'slot-pane proof must accept worker command panes and compact slot renderer panes');
11
+ assertGate(managerSource.includes('slot_status_renderer') && managerSource.includes('worker_codex_sdk'), 'worker pane manager must distinguish slot renderer and worker command pane kinds');
12
+ emitGate('codex-sdk:zellij-pane-binding', { zellij_pane_id: fixture.proof.zellij_pane_id, sdk_thread_id: fixture.proof.sdk_thread_id });
13
+ //# sourceMappingURL=codex-sdk-zellij-pane-binding-check.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective315Gate } from './sks-3-1-5-directive-check-lib.js';
3
+ await runDirective315Gate('codex-app:skill-rich-content');
4
+ //# sourceMappingURL=codex-skill-rich-content-check.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective314Gate } from './sks-3-1-4-directive-check-lib.js';
3
+ await runDirective314Gate('codex-app:skill-sync');
4
+ //# sourceMappingURL=codex-skill-sync-check.js.map
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, readText } from './lib/codex-sdk-gate-lib.js';
4
+ const runner = readText('src/core/codex-control/codex-task-runner.ts');
5
+ const registry = readText('src/core/codex-control/codex-thread-registry.ts');
6
+ assertGate(runner.includes('backendPreference'), 'Codex task runner must carry backend/runtime preference');
7
+ assertGate(runner.includes('backend_family'), 'Codex task runner must persist backend family');
8
+ assertGate(registry.includes('recordCodexThread'), 'Codex thread registry missing');
9
+ emitGate('codex:thread-runtime-choice', { runtime_choice: 'backendPreference/backend_family' });
10
+ //# sourceMappingURL=codex-thread-runtime-choice-check.js.map
@@ -0,0 +1,12 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
4
+ const mod = await importDist('core/codex/codex-web-search-adapter.js');
5
+ const available = mod.detectCodexWebSearchCapability({ env: { SKS_CODEX_WEB_SEARCH_AVAILABLE: '1' } });
6
+ const offline = mod.detectCodexWebSearchCapability({ offline: true });
7
+ const evidence = await mod.runCodexWebSearch('fixture', { search: async () => [{ title: 'result', url: 'https://example.com' }], env: { SKS_CODEX_WEB_SEARCH_AVAILABLE: '1' } });
8
+ assertGate(available.available === true, 'Codex Web capability env detector must pass');
9
+ assertGate(offline.status === 'disabled_offline', 'offline mode must disable web search with reason');
10
+ assertGate(evidence.ok === true && evidence.normalized_results.length === 1, 'Codex Web adapter must normalize results');
11
+ emitGate('codex-web:adapter', { status: evidence.status, results: evidence.normalized_results.length });
12
+ //# sourceMappingURL=codex-web-adapter-check.js.map
@@ -0,0 +1,55 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { runProcess } from '../core/fsx.js';
4
+ const entry = './dist/bin/sks.js';
5
+ const probe = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--json'], {
6
+ env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
7
+ timeoutMs: 20_000,
8
+ maxOutputBytes: 256 * 1024
9
+ });
10
+ const real = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--real', '--capture-screenshot', '--json'], {
11
+ env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
12
+ timeoutMs: 20_000,
13
+ maxOutputBytes: 256 * 1024
14
+ });
15
+ const probeJson = parseJson(probe.stdout);
16
+ const realJson = parseJson(real.stdout);
17
+ const text = `${probe.stdout}\n${probe.stderr}\n${real.stdout}\n${real.stderr}`;
18
+ const forbidden = /mock.*live|fabricated|Computer Use blocked by safety policy|MAD-SKS disabled Computer Use/i.test(text);
19
+ const ok = probe.code === 0
20
+ && probeJson.schema === 'sks.computer-use-live-smoke.v2'
21
+ && probeJson.evidence_mode === 'probe_only'
22
+ && probeJson.mock === false
23
+ && realJson.schema === 'sks.computer-use-live-smoke.v2'
24
+ && ['probe_only', 'live_capture_attempted', 'live_capture_success', 'live_capture_blocked'].includes(realJson.evidence_mode)
25
+ && realJson.mock === false
26
+ && Boolean(realJson.live_evidence_path)
27
+ && forbidden === false;
28
+ console.log(JSON.stringify({
29
+ schema: 'sks.computer-use-live-evidence-check.v1',
30
+ ok,
31
+ probe: {
32
+ code: probe.code,
33
+ status: probeJson.status || null,
34
+ evidence_mode: probeJson.evidence_mode || null
35
+ },
36
+ real: {
37
+ code: real.code,
38
+ status: realJson.status || null,
39
+ evidence_mode: realJson.evidence_mode || null,
40
+ live_evidence_path: realJson.live_evidence_path || null,
41
+ image_voxel_linked: realJson.image_voxel_linked === true
42
+ },
43
+ forbidden_wording: forbidden
44
+ }, null, 2));
45
+ if (!ok)
46
+ process.exitCode = 1;
47
+ function parseJson(text) {
48
+ try {
49
+ return JSON.parse(text);
50
+ }
51
+ catch {
52
+ return {};
53
+ }
54
+ }
55
+ //# sourceMappingURL=computer-use-live-evidence-check.js.map
@@ -0,0 +1,32 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { runProcess } from '../core/fsx.js';
4
+ const entry = './dist/bin/sks.js';
5
+ const result = await runProcess(process.execPath, [entry, 'computer-use', 'smoke', '--json'], {
6
+ env: { ...process.env, CI: 'true', SKS_TEST_REAL_COMPUTER_USE: '' },
7
+ timeoutMs: 20_000,
8
+ maxOutputBytes: 256 * 1024
9
+ });
10
+ const text = `${result.stdout}\n${result.stderr}`;
11
+ let parsed = {};
12
+ try {
13
+ parsed = JSON.parse(result.stdout);
14
+ }
15
+ catch { }
16
+ const structuredStatus = ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown'].includes(parsed.status);
17
+ const ok = result.code === 0
18
+ && parsed.schema === 'sks.computer-use-live-smoke.v2'
19
+ && parsed.ok === true
20
+ && structuredStatus
21
+ && parsed.mock === false
22
+ && !/Computer Use blocked by safety policy|MAD-SKS disabled Computer Use|Computer Use access is unsafe/i.test(text);
23
+ console.log(JSON.stringify({
24
+ schema: 'sks.computer-use-live-optional-check.v1',
25
+ ok,
26
+ status: parsed.status || null,
27
+ mode: parsed.evidence_mode || parsed.mode || null,
28
+ structured_status: structuredStatus
29
+ }, null, 2));
30
+ if (!ok)
31
+ process.exitCode = 1;
32
+ //# sourceMappingURL=computer-use-live-optional-check.js.map
@@ -0,0 +1,69 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { runProcess } from '../core/fsx.js';
4
+ const entry = './dist/bin/sks.js';
5
+ const status = await runProcess(process.execPath, [entry, 'computer-use', 'status', '--json'], {
6
+ env: { ...process.env, CI: 'true' },
7
+ timeoutMs: 20_000,
8
+ maxOutputBytes: 256 * 1024
9
+ });
10
+ const text = `${status.stdout}\n${status.stderr}`;
11
+ const forbidden = [
12
+ /Computer Use blocked by safety policy/i,
13
+ /Computer Use access is unsafe/i,
14
+ /MAD-SKS disabled Computer Use/i,
15
+ /Computer Use 접근이 안전 정책상 차단/i
16
+ ].filter((pattern) => pattern.test(text)).map(String);
17
+ let parsed = {};
18
+ try {
19
+ parsed = JSON.parse(status.stdout);
20
+ }
21
+ catch { }
22
+ const allowedStatus = ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown'];
23
+ const ok = status.code === 0
24
+ && parsed.schema === 'sks.computer-use-status.v1'
25
+ && allowedStatus.includes(parsed.status)
26
+ && parsed.mad_sks_independent === true
27
+ && forbidden.length === 0;
28
+ console.log(JSON.stringify({
29
+ schema: 'sks.computer-use-policy-check.v1',
30
+ ok,
31
+ status_code: status.code,
32
+ computer_use_status: parsed.status || null,
33
+ forbidden
34
+ }, null, 2));
35
+ if (!ok && forbidden.length)
36
+ await recordComputerUseWrongness(forbidden);
37
+ if (!ok)
38
+ process.exitCode = 1;
39
+ async function recordComputerUseWrongness(forbidden) {
40
+ const { addWrongnessRecord } = await import('../core/triwiki-wrongness/wrongness-ledger.js');
41
+ await addWrongnessRecord(process.cwd(), {
42
+ route: '$Computer-Use',
43
+ wrongness_kind: 'computer_use_policy_misclassification',
44
+ severity: 'high',
45
+ claim: { text: `Computer Use was described with forbidden safety/MAD-SKS block wording: ${forbidden.join(', ')}` },
46
+ detected_by: {
47
+ source: 'computer_use_policy_check',
48
+ command: 'npm run computer-use:policy-check',
49
+ artifact: 'dist/scripts/computer-use-policy-check.js',
50
+ detail: forbidden.join(', ')
51
+ },
52
+ root_cause: {
53
+ category: 'route_policy_gap',
54
+ explanation: 'Computer Use is a Codex App/macOS capability check, not a MAD-SKS or generic SKS safety block.'
55
+ },
56
+ corrective_action: {
57
+ summary: 'Separate Computer Use availability from safety policy wording and rerun the policy fixture.',
58
+ required_evidence: ['npm run computer-use:policy-check'],
59
+ patch_status: 'pending'
60
+ },
61
+ avoidance_rule: {
62
+ text: 'Do not classify macOS Computer Use as MAD-SKS or generic SKS safety block.',
63
+ applies_to: ['computer-use', '$Computer-Use', '$QA-LOOP', '$Image-UX-Review'],
64
+ severity: 'high'
65
+ },
66
+ links: { tests: ['npm run computer-use:policy-check'], files: ['dist/scripts/computer-use-policy-check.js'] }
67
+ });
68
+ }
69
+ //# sourceMappingURL=computer-use-policy-check.js.map
@@ -0,0 +1,37 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { runProcess } from '../core/fsx.js';
4
+ const entry = './dist/bin/sks.js';
5
+ const routes = ['$Image-UX-Review', '$QA-LOOP', '$PPT', '$Computer-Use', '$From-Chat-IMG'];
6
+ const results = [];
7
+ for (const route of routes) {
8
+ const result = await runProcess(process.execPath, [entry, 'computer-use', 'require', '--route', route, '--json'], {
9
+ env: { ...process.env, CI: 'true' },
10
+ timeoutMs: 20_000,
11
+ maxOutputBytes: 256 * 1024
12
+ });
13
+ const text = `${result.stdout}\n${result.stderr}`;
14
+ let parsed = {};
15
+ try {
16
+ parsed = JSON.parse(result.stdout);
17
+ }
18
+ catch { }
19
+ results.push({
20
+ route,
21
+ code: result.code,
22
+ schema: parsed.schema || null,
23
+ status: parsed.status || null,
24
+ ok_or_structured_blocker: parsed.ok === true || ['available', 'codex_app_missing', 'macos_permission_missing', 'codex_app_capability_missing', 'external_capability_blocked', 'not_macos', 'unknown', 'web_verification_uses_chrome_extension'].includes(parsed.status),
25
+ no_forbidden_wording: !/Computer Use blocked by safety policy|MAD-SKS disabled Computer Use|Computer Use access is unsafe/i.test(text),
26
+ evidence_status: parsed.evidence?.status || null
27
+ });
28
+ }
29
+ const ok = results.every((row) => row.schema === 'sks.computer-use-require.v1' && row.ok_or_structured_blocker && row.no_forbidden_wording);
30
+ console.log(JSON.stringify({
31
+ schema: 'sks.computer-use-visual-route-fixture-check.v1',
32
+ ok,
33
+ results
34
+ }, null, 2));
35
+ if (!ok)
36
+ process.exitCode = 1;
37
+ //# sourceMappingURL=computer-use-visual-route-fixture-check.js.map
@@ -0,0 +1,200 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs';
3
+ import path from 'node:path';
4
+ import { assertGate, emitGate, root } from './sks-1-18-gate-lib.js';
5
+ const SCAN_DIRS = ['src/core', 'src/commands', 'src/cli'];
6
+ const WRITE_CALL = /\b(?:writeTextAtomic|writeJsonAtomic|fs\.writeFile|fsp\.writeFile|writeFileSync|copyFile)\s*\(/;
7
+ const PROTECTED_INDICATORS = [
8
+ ['codex-config-toml', /(?:config\.toml|generatedCodexConfigPath|codexLbConfigPath|\bconfigPath\b)/],
9
+ ['codex-auth-json', /(?:auth\.json|\bauthPath\b|codexAuthPath)/],
10
+ ['env-secret-file', /(?:(?:['"`][^'"`]*\.env[^'"`]*['"`])|sks-codex-lb\.env|\benvPath\b|status\.env_path|codexLbEnvPath)/],
11
+ ['mcp-json', /(?:mcp\.json|\bmcpPath\b|cursorMcpPath)/],
12
+ ['sneakoscope-config', /(?:\.sneakoscope\/config\.json|sneakoscopeConfigPath)/]
13
+ ];
14
+ const ALLOWLIST = [
15
+ {
16
+ file: 'src/core/config/managed-config-merge.ts',
17
+ pattern: /writeTextAtomic|fs\.writeFile/,
18
+ reason: 'central managed config merge writer preserves protected keys and secret line hashes',
19
+ expires: '3.2.0'
20
+ },
21
+ {
22
+ file: 'src/core/config/secret-preservation.ts',
23
+ pattern: /writeTextAtomic|writeJsonAtomic|fs\.writeFile/,
24
+ reason: 'secret preservation guard backup, rollback, and sanitized report writer',
25
+ expires: '3.2.0'
26
+ },
27
+ {
28
+ file: 'src/core/init.ts',
29
+ pattern: /generatedCodexConfigPath|\.codex['"], ['"]SNEAKOSCOPE\.md|hooksPath|mergeManagedHookTrustStateToml/,
30
+ reason: 'setup/init harness writes run through setup-command or doctor-fix secret preservation guard',
31
+ expires: '3.2.0'
32
+ },
33
+ {
34
+ file: 'src/commands/doctor.ts',
35
+ pattern: /backupProjectConfigBeforeFix|writeTextAtomic|fsp\.writeFile|config_backup_path/,
36
+ reason: 'doctor --fix wraps runDoctor in secret preservation guard before project config repair',
37
+ expires: '3.2.0'
38
+ },
39
+ {
40
+ file: 'src/core/doctor/doctor-context7-repair.ts',
41
+ pattern: /backupConfig|writeTextAtomic|CONTEXT7_REMOTE_URL/,
42
+ reason: 'doctor Context7 repair writes a backup before replacing only the local stdio Context7 MCP block with the remote endpoint',
43
+ expires: '3.2.0'
44
+ },
45
+ {
46
+ file: 'src/core/doctor/doctor-codex-startup-repair.ts',
47
+ pattern: /backupConfig|writeTextAtomic|doctor-codex-startup-repair/,
48
+ reason: 'doctor startup repair writes backups before fixing stale Codex agent config_file paths and removing only missing-command MCP blocks',
49
+ expires: '3.2.0'
50
+ },
51
+ {
52
+ file: 'src/core/auto-review.ts',
53
+ pattern: /writeTextAtomic|writeProfileConfig|configPath/,
54
+ reason: 'auto-review profile migration rewrites bounded Codex profile tables while preserving non-profile config text',
55
+ expires: '3.2.0'
56
+ },
57
+ {
58
+ file: 'src/cli/context7-command.ts',
59
+ pattern: /writeTextAtomic|configPath/,
60
+ reason: 'explicit context7 setup appends non-secret MCP config and preserves existing secret lines',
61
+ expires: '3.2.0'
62
+ },
63
+ {
64
+ file: 'src/cli/xai-command.ts',
65
+ pattern: /writeTextAtomic|configPath/,
66
+ reason: 'explicit xAI setup appends MCP config and references env var names rather than raw secret values',
67
+ expires: '3.2.0'
68
+ },
69
+ {
70
+ file: 'src/cli/install-helpers.ts',
71
+ pattern: /writeTextAtomic|writeJsonAtomic|envPath|authPath|configPath|codexLbEnvPath|codexLbConfigPath|codexAuthPath/,
72
+ reason: 'postinstall/codex-lb setup callsites are covered by setup/update/doctor secret preservation guard fixtures',
73
+ expires: '3.2.0'
74
+ },
75
+ {
76
+ file: 'src/core/codex/codex-config-eperm-repair.ts',
77
+ pattern: /writeTextAtomic|configPath/,
78
+ reason: 'doctor config repair runs inside doctor-fix secret preservation guard',
79
+ expires: '3.2.0'
80
+ },
81
+ {
82
+ file: 'src/core/codex/agent-config-file-repair.ts',
83
+ pattern: /writeTextAtomic|configPath|missingAgentConfigFiles/,
84
+ reason: 'agent config_file repair rewrites only the project .codex/config.toml agent config_file paths and is covered by doctor/setup secret preservation fixtures',
85
+ expires: '3.2.0'
86
+ },
87
+ {
88
+ file: 'src/core/codex/codex-project-config-policy.ts',
89
+ pattern: /writeTextAtomic|configPath/,
90
+ reason: 'project config policy splitter preserves existing protected config content',
91
+ expires: '3.2.0'
92
+ },
93
+ {
94
+ file: 'src/core/codex-app/codex-app-fast-ui-repair.ts',
95
+ pattern: /writeTextAtomic|configPath/,
96
+ reason: 'Codex App fast UI repair is invoked from guarded doctor/setup flows',
97
+ expires: '3.2.0'
98
+ },
99
+ {
100
+ file: 'src/core/codex-control/codex-task-runner.ts',
101
+ pattern: /ensurePythonCodexLbConfig|CODEX_LB_API_KEY|config\.toml/,
102
+ reason: 'Python Codex task runner writes an isolated CODEX_HOME provider config referencing env_key only',
103
+ expires: '3.2.0'
104
+ },
105
+ {
106
+ file: 'src/core/codex-lb/codex-lb-setup.ts',
107
+ pattern: /installCodexLbShellProfileSnippet|upsertManagedBlock|envPath/,
108
+ reason: 'codex-lb shell profile setup writes a managed source block pointing at an env file, not the raw key',
109
+ expires: '3.2.0'
110
+ },
111
+ {
112
+ file: 'src/core/migration/migration-transaction-journal.ts',
113
+ pattern: /writeJsonAtomic|writeTextAtomic/,
114
+ reason: 'migration journal writes hashes and rollback metadata, not raw secret config values',
115
+ expires: '3.2.0'
116
+ }
117
+ ];
118
+ const sources = listSourceFiles().map((file) => ({
119
+ file,
120
+ text: fs.readFileSync(path.join(root, file), 'utf8')
121
+ }));
122
+ const suspicious = findProtectedWriteCallsites(sources);
123
+ const uncovered = suspicious.filter((callsite) => !allowFor(callsite));
124
+ const negative = findProtectedWriteCallsites([{
125
+ file: 'fixture/unprotected-config-write.ts',
126
+ text: "await writeTextAtomic(path.join(root, '.codex', 'config.toml'), 'model = \"x\"\\n');\n"
127
+ }]);
128
+ const report = {
129
+ schema: 'sks.config-managed-merge-callsite-coverage.v1',
130
+ ok: uncovered.length === 0 && negative.length === 1 && !allowFor(negative[0]),
131
+ scanned_dirs: SCAN_DIRS,
132
+ protected_write_callsites: suspicious.length,
133
+ allowlist_entries: ALLOWLIST.map((entry) => ({
134
+ file: entry.file,
135
+ pattern: String(entry.pattern),
136
+ reason: entry.reason,
137
+ expires: entry.expires
138
+ })),
139
+ uncovered,
140
+ negative_fixture_detected: negative.length === 1,
141
+ generated_at: new Date().toISOString()
142
+ };
143
+ fs.mkdirSync(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
144
+ fs.writeFileSync(path.join(root, '.sneakoscope', 'reports', 'config-managed-merge-callsite-coverage.json'), `${JSON.stringify(report, null, 2)}\n`);
145
+ assertGate(report.ok, 'managed config merge callsite coverage failed', report);
146
+ emitGate('config:managed-merge-callsite-coverage', {
147
+ protected_write_callsites: suspicious.length,
148
+ allowlist_entries: ALLOWLIST.length
149
+ });
150
+ export function findProtectedWriteCallsites(files) {
151
+ const calls = [];
152
+ for (const sourceFile of files) {
153
+ const lines = sourceFile.text.split(/\r?\n/);
154
+ for (let index = 0; index < lines.length; index += 1) {
155
+ const line = lines[index] || '';
156
+ if (!WRITE_CALL.test(line))
157
+ continue;
158
+ const window = lines.slice(Math.max(0, index - 3), Math.min(lines.length, index + 4)).join('\n');
159
+ const indicators = PROTECTED_INDICATORS.filter(([, pattern]) => pattern.test(window)).map(([name]) => name);
160
+ if (!indicators.length)
161
+ continue;
162
+ calls.push({
163
+ file: sourceFile.file,
164
+ line: index + 1,
165
+ source: line.trim(),
166
+ window,
167
+ indicators
168
+ });
169
+ }
170
+ }
171
+ return calls;
172
+ }
173
+ function allowFor(callsite) {
174
+ if (!callsite)
175
+ return null;
176
+ const text = `${callsite.source}\n${callsite.window}`;
177
+ return ALLOWLIST.find((entry) => entry.file === callsite.file && entry.pattern.test(text)) || null;
178
+ }
179
+ function listSourceFiles() {
180
+ const files = [];
181
+ for (const dir of SCAN_DIRS)
182
+ collectTsFiles(path.join(root, dir), files);
183
+ return files.sort();
184
+ }
185
+ function collectTsFiles(dir, out) {
186
+ const rows = fs.readdirSync(dir, { withFileTypes: true });
187
+ for (const row of rows) {
188
+ const abs = path.join(dir, row.name);
189
+ const rel = path.relative(root, abs);
190
+ if (row.isDirectory()) {
191
+ if (row.name === 'scripts' || row.name === 'node_modules' || row.name === 'dist')
192
+ continue;
193
+ collectTsFiles(abs, out);
194
+ continue;
195
+ }
196
+ if (row.isFile() && row.name.endsWith('.ts'))
197
+ out.push(rel);
198
+ }
199
+ }
200
+ //# sourceMappingURL=config-managed-merge-callsite-coverage-check.js.map
@@ -0,0 +1,54 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs/promises';
4
+ import os from 'node:os';
5
+ import path from 'node:path';
6
+ import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
7
+ const mod = await importDist('core/pipeline-internals/runtime-core.js');
8
+ const root = await fs.mkdtemp(path.join(os.tmpdir(), 'sks-context7-evidence-'));
9
+ const missionId = 'M-context7-dedupe';
10
+ const missionDir = path.join(root, '.sneakoscope', 'missions', missionId);
11
+ await fs.mkdir(missionDir, { recursive: true });
12
+ const state = { mission_id: missionId };
13
+ const falsePositive = await mod.recordContext7Evidence(root, state, {
14
+ tool_name: 'update_plan',
15
+ tool_response: 'This ordinary planning output mentions Context7 resolve-library-id and query-docs.'
16
+ });
17
+ assertGate(falsePositive === null, 'ordinary tool output must not be recorded as Context7 evidence', falsePositive);
18
+ await mod.recordContext7Evidence(root, state, {
19
+ tool_name: 'resolve-library-id',
20
+ source: 'sks context7 evidence',
21
+ library: 'react',
22
+ library_id: '/react/react'
23
+ });
24
+ await mod.recordContext7Evidence(root, state, {
25
+ tool_name: 'resolve-library-id',
26
+ source: 'sks context7 evidence',
27
+ library: 'react',
28
+ library_id: '/react/react'
29
+ });
30
+ await mod.recordContext7Evidence(root, state, {
31
+ tool_name: 'query-docs',
32
+ source: 'sks context7 evidence',
33
+ library_id: '/react/react',
34
+ tool_input: { libraryId: '/react/react', query: 'hooks' }
35
+ });
36
+ await mod.recordContext7Evidence(root, state, {
37
+ tool_name: 'query-docs',
38
+ source: 'sks context7 evidence',
39
+ library_id: '/react/react',
40
+ tool_input: { libraryId: '/react/react', query: 'hooks' }
41
+ });
42
+ await mod.recordContext7Evidence(root, state, {
43
+ tool_name: 'query-docs',
44
+ source: 'sks context7 evidence',
45
+ library_id: '/react/react',
46
+ tool_input: { libraryId: '/react/react', query: 'server components' }
47
+ });
48
+ const evidenceFile = path.join(missionDir, 'context7-evidence.jsonl');
49
+ const lines = (await fs.readFile(evidenceFile, 'utf8')).split(/\n/).filter(Boolean);
50
+ const evidence = await mod.context7Evidence(root, state);
51
+ assertGate(lines.length === 3, 'duplicate Context7 evidence records must be collapsed without merging distinct queries', { lines });
52
+ assertGate(evidence.ok === true && evidence.resolve === true && evidence.docs === true && evidence.count === 3, 'deduped Context7 evidence must still satisfy docs gate', evidence);
53
+ emitGate('context7:evidence-dedupe', { records: lines.length, evidence });
54
+ //# sourceMappingURL=context7-evidence-dedupe-check.js.map