sneakoscope 4.0.13 → 4.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (898) hide show
  1. package/README.md +19 -2
  2. package/config/codex-releases/rust-v0.142.0.json +39 -0
  3. package/crates/sks-core/Cargo.lock +1 -1
  4. package/crates/sks-core/Cargo.toml +1 -1
  5. package/crates/sks-core/src/main.rs +1 -1
  6. package/dist/bin/sks.js +1 -1
  7. package/dist/cli/global-mode-router.js +2 -1
  8. package/dist/commands/codex.js +15 -1
  9. package/dist/core/codex-adapter.js +7 -12
  10. package/dist/core/codex-compat/codex-compat-report.js +11 -1
  11. package/dist/core/codex-compat/codex-release-manifest.js +66 -0
  12. package/dist/core/codex-compat/codex-version-policy.js +5 -4
  13. package/dist/core/codex-compat/codex-version.js +5 -2
  14. package/dist/core/codex-control/codex-0142-capability.js +243 -0
  15. package/dist/core/codex-control/codex-app-server-v2-client.js +211 -0
  16. package/dist/core/codex-control/codex-sdk-adapter.js +37 -7
  17. package/dist/core/codex-control/codex-sdk-capability.js +2 -1
  18. package/dist/core/codex-control/codex-sdk-config-policy.js +16 -0
  19. package/dist/core/codex-control/codex-sdk-env-policy.js +29 -5
  20. package/dist/core/codex-control/codex-thread-registry.js +110 -19
  21. package/dist/core/codex-runtime/resolve-codex-runtime.js +102 -0
  22. package/dist/core/commands/mad-sks-command.js +3 -0
  23. package/dist/core/fsx.js +1 -1
  24. package/dist/core/providers/glm/bench/glm-bench-model-lock-proof.js +32 -3
  25. package/dist/core/providers/glm/bench/glm-benchmark-runner.js +29 -5
  26. package/dist/core/providers/glm/bench/glm-benchmark-types.js +1 -1
  27. package/dist/core/providers/glm/naruto/glm-naruto-critical-path.js +51 -0
  28. package/dist/core/providers/glm/naruto/glm-naruto-final-seal.js +9 -2
  29. package/dist/core/providers/glm/naruto/glm-naruto-orchestrator.js +101 -15
  30. package/dist/core/providers/glm/naruto/glm-naruto-parallelism-summary.js +55 -0
  31. package/dist/core/providers/glm/naruto/glm-naruto-requirement-coverage.js +92 -0
  32. package/dist/core/providers/glm/naruto/glm-naruto-requirement-ledger.js +42 -0
  33. package/dist/core/providers/glm/naruto/glm-naruto-stage-scheduler.js +85 -0
  34. package/dist/core/providers/glm/naruto/glm-naruto-task-size-classifier.js +12 -0
  35. package/dist/core/providers/glm/naruto/glm-naruto-trace.js +4 -0
  36. package/dist/core/providers/glm/naruto/glm-naruto-verifier-output.js +5 -0
  37. package/dist/core/providers/glm/naruto/glm-naruto-worker-pool.js +130 -44
  38. package/dist/core/providers/glm/naruto/glm-naruto-worker-runtime.js +6 -2
  39. package/dist/core/release/gate-manifest.js +24 -1
  40. package/dist/core/release/gate-pack-manifest.js +6 -6
  41. package/dist/core/release/release-gate-affected-selector.js +24 -0
  42. package/dist/core/routes/model-mode-router.js +44 -0
  43. package/dist/core/routes.js +1 -1
  44. package/dist/core/version.js +1 -1
  45. package/dist/scripts/agent-ast-aware-work-graph-check.js +25 -0
  46. package/dist/scripts/agent-backfill-replenishment-check.js +13 -0
  47. package/dist/scripts/agent-backfill-route-blackbox.js +5 -0
  48. package/dist/scripts/agent-background-terminals-check.js +16 -0
  49. package/dist/scripts/agent-cleanup-command-ux-check.js +12 -0
  50. package/dist/scripts/agent-cleanup-executor-check.js +53 -0
  51. package/dist/scripts/agent-cleanup-executor-v2-check.js +39 -0
  52. package/dist/scripts/agent-cli-options-to-task-graph-check.js +5 -0
  53. package/dist/scripts/agent-codex-app-cockpit-check.js +91 -0
  54. package/dist/scripts/agent-codex-child-overlap-check.js +21 -0
  55. package/dist/scripts/agent-dynamic-cockpit-check.js +10 -0
  56. package/dist/scripts/agent-dynamic-pool-check.js +13 -0
  57. package/dist/scripts/agent-dynamic-pool-route-blackbox.js +5 -0
  58. package/dist/scripts/agent-fast-mode-default-check.js +79 -0
  59. package/dist/scripts/agent-fast-mode-worker-propagation-check.js +7 -0
  60. package/dist/scripts/agent-follow-up-work-schema-check.js +80 -0
  61. package/dist/scripts/agent-goal-mode-propagation-check.js +9 -0
  62. package/dist/scripts/agent-intelligent-work-graph-check.js +29 -0
  63. package/dist/scripts/agent-janitor-check.js +79 -0
  64. package/dist/scripts/agent-main-no-scout-check.js +11 -0
  65. package/dist/scripts/agent-message-bus-reader-check.js +19 -0
  66. package/dist/scripts/agent-model-authored-patch-envelope-check.js +15 -0
  67. package/dist/scripts/agent-multi-project-isolation-check.js +86 -0
  68. package/dist/scripts/agent-native-cli-session-proof-check.js +7 -0
  69. package/dist/scripts/agent-native-cli-session-swarm-10-check.js +7 -0
  70. package/dist/scripts/agent-native-cli-session-swarm-20-check.js +7 -0
  71. package/dist/scripts/agent-native-cli-session-swarm-check.js +7 -0
  72. package/dist/scripts/agent-no-subagent-scaling-check.js +7 -0
  73. package/dist/scripts/agent-official-subagent-helper-policy-check.js +71 -0
  74. package/dist/scripts/agent-parallel-write-blackbox.js +56 -0
  75. package/dist/scripts/agent-parallel-write-kernel-check.js +103 -0
  76. package/dist/scripts/agent-patch-conflict-rebase-check.js +198 -0
  77. package/dist/scripts/agent-patch-envelope-extraction-check.js +17 -0
  78. package/dist/scripts/agent-patch-proof-check.js +41 -0
  79. package/dist/scripts/agent-patch-proof-runtime-check.js +63 -0
  80. package/dist/scripts/agent-patch-queue-runtime-check.js +36 -0
  81. package/dist/scripts/agent-patch-rollback-check.js +38 -0
  82. package/dist/scripts/agent-patch-rollback-dag-check.js +14 -0
  83. package/dist/scripts/agent-patch-swarm-route-blackbox.js +10 -0
  84. package/dist/scripts/agent-patch-swarm-runtime-check.js +10 -0
  85. package/dist/scripts/agent-patch-swarm-runtime-truth-check.js +76 -0
  86. package/dist/scripts/agent-patch-transaction-journal-check.js +57 -0
  87. package/dist/scripts/agent-patch-verification-dag-check.js +14 -0
  88. package/dist/scripts/agent-proof-contract-reconciled-check.js +5 -0
  89. package/dist/scripts/agent-real-codex-dynamic-smoke-check.js +166 -0
  90. package/dist/scripts/agent-real-codex-dynamic-smoke-v2-check.js +14 -0
  91. package/dist/scripts/agent-real-codex-in-zellij-worker-pane-check.js +227 -0
  92. package/dist/scripts/agent-real-codex-parallel-workers-10-check.js +5 -0
  93. package/dist/scripts/agent-real-codex-parallel-workers-20-check.js +5 -0
  94. package/dist/scripts/agent-real-codex-parallel-workers-5-check.js +5 -0
  95. package/dist/scripts/agent-real-codex-parallel-workers-check.js +5 -0
  96. package/dist/scripts/agent-role-config-repair-check.js +33 -0
  97. package/dist/scripts/agent-rollback-command-check.js +86 -0
  98. package/dist/scripts/agent-route-truth-backfill-check.js +5 -0
  99. package/dist/scripts/agent-scheduler-proof-check.js +13 -0
  100. package/dist/scripts/agent-scheduler-proof-hardening-check.js +22 -0
  101. package/dist/scripts/agent-session-generation-check.js +21 -0
  102. package/dist/scripts/agent-slot-pane-binding-proof-check.js +64 -0
  103. package/dist/scripts/agent-slot-telemetry-wiring-check.js +11 -0
  104. package/dist/scripts/agent-source-intelligence-propagation-check.js +9 -0
  105. package/dist/scripts/agent-strategy-to-lease-wiring-check.js +32 -0
  106. package/dist/scripts/agent-strategy-to-patch-strict-check.js +54 -0
  107. package/dist/scripts/agent-task-graph-expansion-check.js +14 -0
  108. package/dist/scripts/agent-terminal-generations-check.js +23 -0
  109. package/dist/scripts/agent-visual-consistency-check.js +9 -0
  110. package/dist/scripts/agent-wiki-context-proof-check.js +62 -0
  111. package/dist/scripts/agent-worker-backend-router-check.js +63 -0
  112. package/dist/scripts/agent-worker-scout-limited-check.js +17 -0
  113. package/dist/scripts/agent-zellij-dynamic-backfill-panes-check.js +34 -0
  114. package/dist/scripts/agent-zellij-runtime-check.js +85 -0
  115. package/dist/scripts/all-feature-deep-completion-check.js +31 -0
  116. package/dist/scripts/appshots-capability-check.js +18 -0
  117. package/dist/scripts/appshots-evidence-check.js +48 -0
  118. package/dist/scripts/appshots-operator-policy-check.js +25 -0
  119. package/dist/scripts/appshots-privacy-safety-check.js +48 -0
  120. package/dist/scripts/appshots-source-intelligence-check.js +53 -0
  121. package/dist/scripts/appshots-thread-attachment-discovery-check.js +87 -0
  122. package/dist/scripts/appshots-triwiki-voxel-check.js +46 -0
  123. package/dist/scripts/architecture-guard-check.js +55 -0
  124. package/dist/scripts/brand-neutrality-generated-artifacts-check.js +161 -0
  125. package/dist/scripts/brand-neutrality-rename-map-check.js +4 -0
  126. package/dist/scripts/brand-neutrality-zero-leakage-blackbox.js +4 -0
  127. package/dist/scripts/brand-neutrality-zero-leakage-check.js +4 -0
  128. package/dist/scripts/build-once-runner-blackbox.js +34 -0
  129. package/dist/scripts/build-once-runner-check.js +8 -0
  130. package/dist/scripts/certificate-sla-check.js +9 -0
  131. package/dist/scripts/changelog-check.js +47 -0
  132. package/dist/scripts/changelog-loop-productionization-check.js +3 -0
  133. package/dist/scripts/cli-check-tiers-check.js +10 -0
  134. package/dist/scripts/cli-five-minute-task-check.js +6 -0
  135. package/dist/scripts/codex-0-133-official-compat-report.js +53 -0
  136. package/dist/scripts/codex-0-134-official-compat-report.js +110 -0
  137. package/dist/scripts/codex-0-134-runner-truth-check.js +66 -0
  138. package/dist/scripts/codex-0-135-compat-check.js +57 -0
  139. package/dist/scripts/codex-0-136-compat-check.js +30 -0
  140. package/dist/scripts/codex-0-137-compat-check.js +27 -0
  141. package/dist/scripts/codex-0138-capability-artifact-check.js +15 -0
  142. package/dist/scripts/codex-0138-capability-check.js +11 -0
  143. package/dist/scripts/codex-0138-doctor-check.js +15 -0
  144. package/dist/scripts/codex-0138-feature-probes-check.js +12 -0
  145. package/dist/scripts/codex-0139-capability-check.js +26 -0
  146. package/dist/scripts/codex-0139-code-mode-web-search-check.js +25 -0
  147. package/dist/scripts/codex-0139-code-mode-web-search-real-check.js +10 -0
  148. package/dist/scripts/codex-0139-doctor-env-real-check.js +10 -0
  149. package/dist/scripts/codex-0139-doctor-env-redaction-check.js +18 -0
  150. package/dist/scripts/codex-0139-feature-probes-check.js +30 -0
  151. package/dist/scripts/codex-0139-image-path-real-check.js +10 -0
  152. package/dist/scripts/codex-0139-interrupt-agent-check.js +14 -0
  153. package/dist/scripts/codex-0139-interrupt-agent-real-check.js +8 -0
  154. package/dist/scripts/codex-0139-marketplace-source-check.js +13 -0
  155. package/dist/scripts/codex-0139-plugin-cache-real-check.js +10 -0
  156. package/dist/scripts/codex-0139-plugin-marketplace-real-check.js +10 -0
  157. package/dist/scripts/codex-0139-real-probe-summary-check.js +14 -0
  158. package/dist/scripts/codex-0139-real-probes-check.js +37 -0
  159. package/dist/scripts/codex-0139-rich-tool-schema-check.js +12 -0
  160. package/dist/scripts/codex-0139-rich-tool-schema-real-check.js +10 -0
  161. package/dist/scripts/codex-0139-sandbox-profile-alias-check.js +13 -0
  162. package/dist/scripts/codex-0139-sandbox-profile-alias-real-check.js +10 -0
  163. package/dist/scripts/codex-0139-sandbox-proxy-real-check.js +10 -0
  164. package/dist/scripts/codex-0140-bedrock-managed-auth-check.js +4 -0
  165. package/dist/scripts/codex-0140-capability-check.js +15 -0
  166. package/dist/scripts/codex-0140-deep-probes-check.js +40 -0
  167. package/dist/scripts/codex-0140-feature-probes-check.js +24 -0
  168. package/dist/scripts/codex-0140-goal-attachment-preservation-check.js +8 -0
  169. package/dist/scripts/codex-0140-goal-attachment-roundtrip-check.js +9 -0
  170. package/dist/scripts/codex-0140-import-check.js +4 -0
  171. package/dist/scripts/codex-0140-integration-blackbox.js +13 -0
  172. package/dist/scripts/codex-0140-large-repo-performance-check.js +4 -0
  173. package/dist/scripts/codex-0140-mcp-reliability-check.js +4 -0
  174. package/dist/scripts/codex-0140-non-tty-interrupt-check.js +4 -0
  175. package/dist/scripts/codex-0140-real-probes-check.js +9 -0
  176. package/dist/scripts/codex-0140-session-delete-check.js +4 -0
  177. package/dist/scripts/codex-0140-sqlite-recovery-check.js +4 -0
  178. package/dist/scripts/codex-0140-unified-mentions-check.js +4 -0
  179. package/dist/scripts/codex-0140-usage-check.js +4 -0
  180. package/dist/scripts/codex-0140-usage-real-parser-check.js +17 -0
  181. package/dist/scripts/codex-0141-capability-check.js +17 -0
  182. package/dist/scripts/codex-0142-app-server-v2-check.js +46 -0
  183. package/dist/scripts/codex-0142-binary-identity-check.js +17 -0
  184. package/dist/scripts/codex-0142-capability-check.js +21 -0
  185. package/dist/scripts/codex-0142-manifest-check.js +21 -0
  186. package/dist/scripts/codex-0142-policy-check.js +32 -0
  187. package/dist/scripts/codex-0142-thread-store-check.js +54 -0
  188. package/dist/scripts/codex-account-usage-autodiscovery-check.js +22 -0
  189. package/dist/scripts/codex-account-usage-check.js +9 -0
  190. package/dist/scripts/codex-agent-role-rich-content-check.js +4 -0
  191. package/dist/scripts/codex-agent-role-sync-check.js +4 -0
  192. package/dist/scripts/codex-agent-type-blackbox.js +4 -0
  193. package/dist/scripts/codex-agent-type-probe-check.js +4 -0
  194. package/dist/scripts/codex-agent-type-routing-check.js +4 -0
  195. package/dist/scripts/codex-app-execution-profile-check.js +4 -0
  196. package/dist/scripts/codex-app-fast-ui-preservation-check.js +32 -0
  197. package/dist/scripts/codex-app-handoff-check.js +25 -0
  198. package/dist/scripts/codex-app-handoff-launch-check.js +25 -0
  199. package/dist/scripts/codex-app-harness-blackbox.js +4 -0
  200. package/dist/scripts/codex-app-harness-matrix-check.js +4 -0
  201. package/dist/scripts/codex-app-launcher-check.js +17 -0
  202. package/dist/scripts/codex-app-provider-badge-check.js +37 -0
  203. package/dist/scripts/codex-app-skill-agent-blackbox.js +4 -0
  204. package/dist/scripts/codex-app-type-safety-check.js +4 -0
  205. package/dist/scripts/codex-app-ui-clobber-guard-check.js +22 -0
  206. package/dist/scripts/codex-app-ui-preservation-check.js +96 -0
  207. package/dist/scripts/codex-control-all-pipelines-check.js +37 -0
  208. package/dist/scripts/codex-control-capability-check.js +10 -0
  209. package/dist/scripts/codex-control-empty-result-retry-check.js +43 -0
  210. package/dist/scripts/codex-control-event-stream-ledger-check.js +10 -0
  211. package/dist/scripts/codex-control-keepalive-no-cot-leak-check.js +14 -0
  212. package/dist/scripts/codex-control-no-legacy-fallback-check.js +31 -0
  213. package/dist/scripts/codex-control-side-effect-scope-check.js +26 -0
  214. package/dist/scripts/codex-control-stream-idle-watchdog-check.js +18 -0
  215. package/dist/scripts/codex-control-structured-output-check.js +11 -0
  216. package/dist/scripts/codex-control-thread-registry-check.js +11 -0
  217. package/dist/scripts/codex-control-tool-call-sequence-repair-check.js +14 -0
  218. package/dist/scripts/codex-effort-auto-discovery-check.js +17 -0
  219. package/dist/scripts/codex-effort-order-check.js +9 -0
  220. package/dist/scripts/codex-environment-scoped-approvals-check.js +10 -0
  221. package/dist/scripts/codex-exec-output-schema-actual-syntax-check.js +33 -0
  222. package/dist/scripts/codex-fast-mode-profile-propagation-check.js +14 -0
  223. package/dist/scripts/codex-history-search-check.js +19 -0
  224. package/dist/scripts/codex-hook-approval-blackbox.js +4 -0
  225. package/dist/scripts/codex-hook-approval-matrix-check.js +4 -0
  226. package/dist/scripts/codex-hook-approval-probe-check.js +4 -0
  227. package/dist/scripts/codex-hook-lifecycle-check.js +4 -0
  228. package/dist/scripts/codex-hook-semantic-check.js +15 -0
  229. package/dist/scripts/codex-hook-strict-subset-check.js +61 -0
  230. package/dist/scripts/codex-init-deep-check.js +4 -0
  231. package/dist/scripts/codex-init-deep-directory-local-blackbox.js +4 -0
  232. package/dist/scripts/codex-init-deep-managed-agents-check.js +4 -0
  233. package/dist/scripts/codex-lb-config-toml-safety-check.js +85 -0
  234. package/dist/scripts/codex-lb-persistence-truth-check.js +96 -0
  235. package/dist/scripts/codex-lb-setup-fixture-check.js +91 -0
  236. package/dist/scripts/codex-lb-setup-truthfulness-check.js +84 -0
  237. package/dist/scripts/codex-legacy-profile-consumers-removed-check.js +24 -0
  238. package/dist/scripts/codex-managed-proxy-env-check.js +17 -0
  239. package/dist/scripts/codex-model-metadata-check.js +10 -0
  240. package/dist/scripts/codex-native-agent-role-content-check.js +27 -0
  241. package/dist/scripts/codex-native-broker-read-only-check.js +44 -0
  242. package/dist/scripts/codex-native-feature-broker-blackbox.js +4 -0
  243. package/dist/scripts/codex-native-feature-broker-check.js +4 -0
  244. package/dist/scripts/codex-native-harness-compat-check.js +4 -0
  245. package/dist/scripts/codex-native-hook-lifecycle-proof-check.js +4 -0
  246. package/dist/scripts/codex-native-interop-policy-check.js +4 -0
  247. package/dist/scripts/codex-native-invocation-defaults-check.js +4 -0
  248. package/dist/scripts/codex-native-invocation-router-check.js +4 -0
  249. package/dist/scripts/codex-native-pattern-analysis-blackbox.js +4 -0
  250. package/dist/scripts/codex-native-pattern-analysis-check.js +4 -0
  251. package/dist/scripts/codex-native-read-repair-split-blackbox.js +55 -0
  252. package/dist/scripts/codex-native-reference-cache-blackbox.js +41 -0
  253. package/dist/scripts/codex-native-reference-cache-check.js +23 -0
  254. package/dist/scripts/codex-native-reference-evidence-check.js +4 -0
  255. package/dist/scripts/codex-native-repair-transaction-check.js +45 -0
  256. package/dist/scripts/codex-native-route-map-check.js +4 -0
  257. package/dist/scripts/codex-native-skill-content-check.js +24 -0
  258. package/dist/scripts/codex-output-schema-fixture-check.js +25 -0
  259. package/dist/scripts/codex-permission-profiles-check.js +36 -0
  260. package/dist/scripts/codex-plugin-app-template-policy-check.js +11 -0
  261. package/dist/scripts/codex-plugin-cache-check.js +15 -0
  262. package/dist/scripts/codex-plugin-diff-check.js +16 -0
  263. package/dist/scripts/codex-plugin-inventory-check.js +15 -0
  264. package/dist/scripts/codex-plugin-json-check.js +10 -0
  265. package/dist/scripts/codex-plugin-list-json-check.js +8 -0
  266. package/dist/scripts/codex-plugin-parallel-detail-fetch-check.js +12 -0
  267. package/dist/scripts/codex-profile-primary-check.js +13 -0
  268. package/dist/scripts/codex-project-config-policy-splitter-check.js +51 -0
  269. package/dist/scripts/codex-resume-cwd-truth-check.js +17 -0
  270. package/dist/scripts/codex-sdk-all-pipelines-check.js +33 -0
  271. package/dist/scripts/codex-sdk-backend-router-check.js +65 -0
  272. package/dist/scripts/codex-sdk-capability-check.js +11 -0
  273. package/dist/scripts/codex-sdk-core-skill-pipeline-check.js +9 -0
  274. package/dist/scripts/codex-sdk-dfix-pipeline-check.js +9 -0
  275. package/dist/scripts/codex-sdk-event-stream-ledger-check.js +9 -0
  276. package/dist/scripts/codex-sdk-no-legacy-fallback-check.js +33 -0
  277. package/dist/scripts/codex-sdk-qa-pipeline-check.js +8 -0
  278. package/dist/scripts/codex-sdk-real-smoke-check.js +39 -0
  279. package/dist/scripts/codex-sdk-release-review-pipeline-check.js +13 -0
  280. package/dist/scripts/codex-sdk-research-pipeline-check.js +47 -0
  281. package/dist/scripts/codex-sdk-sandbox-policy-check.js +21 -0
  282. package/dist/scripts/codex-sdk-structured-output-check.js +10 -0
  283. package/dist/scripts/codex-sdk-team-naruto-agent-pipeline-check.js +12 -0
  284. package/dist/scripts/codex-sdk-thread-registry-check.js +11 -0
  285. package/dist/scripts/codex-sdk-ux-ppt-review-pipeline-check.js +9 -0
  286. package/dist/scripts/codex-sdk-version-compat-check.js +10 -0
  287. package/dist/scripts/codex-sdk-zellij-pane-binding-check.js +13 -0
  288. package/dist/scripts/codex-skill-rich-content-check.js +4 -0
  289. package/dist/scripts/codex-skill-sync-check.js +4 -0
  290. package/dist/scripts/codex-thread-runtime-choice-check.js +10 -0
  291. package/dist/scripts/codex-web-adapter-check.js +12 -0
  292. package/dist/scripts/computer-use-live-evidence-check.js +55 -0
  293. package/dist/scripts/computer-use-live-optional-check.js +32 -0
  294. package/dist/scripts/computer-use-policy-check.js +69 -0
  295. package/dist/scripts/computer-use-visual-route-fixture-check.js +37 -0
  296. package/dist/scripts/config-managed-merge-callsite-coverage-check.js +200 -0
  297. package/dist/scripts/context7-evidence-dedupe-check.js +54 -0
  298. package/dist/scripts/core-skill-card-schema-check.js +61 -0
  299. package/dist/scripts/core-skill-deployment-snapshot-check.js +54 -0
  300. package/dist/scripts/core-skill-heldout-validation-check.js +49 -0
  301. package/dist/scripts/core-skill-immutable-sync-check.js +18 -0
  302. package/dist/scripts/core-skill-integrity-blackbox.js +32 -0
  303. package/dist/scripts/core-skill-manifest-check.js +15 -0
  304. package/dist/scripts/core-skill-no-drift-check.js +24 -0
  305. package/dist/scripts/core-skill-no-inference-optimizer-check.js +75 -0
  306. package/dist/scripts/core-skill-patch-check.js +79 -0
  307. package/dist/scripts/core-skill-promotion-side-effect-ledger-check.js +64 -0
  308. package/dist/scripts/core-skill-rollout-scoring-check.js +72 -0
  309. package/dist/scripts/core-skill-route-runtime-integration-check.js +49 -0
  310. package/dist/scripts/core-skill-trainer-check.js +116 -0
  311. package/dist/scripts/dfix-fast-blackbox-check.js +37 -0
  312. package/dist/scripts/dfix-fast-kernel-check.js +26 -0
  313. package/dist/scripts/dfix-fixture-check.js +6 -0
  314. package/dist/scripts/dfix-parallel-write-blackbox.js +48 -0
  315. package/dist/scripts/dfix-patch-handoff-check.js +13 -0
  316. package/dist/scripts/dfix-patch-swarm-route-blackbox.js +10 -0
  317. package/dist/scripts/dfix-performance-check.js +15 -0
  318. package/dist/scripts/dfix-verification-check.js +9 -0
  319. package/dist/scripts/dfix-verification-recommendation-check.js +15 -0
  320. package/dist/scripts/docs-brand-neutrality-check.js +4 -0
  321. package/dist/scripts/docs-codex-0139-wording-check.js +21 -0
  322. package/dist/scripts/docs-loop-productionization-check.js +3 -0
  323. package/dist/scripts/docs-loop-runtime-check.js +3 -0
  324. package/dist/scripts/docs-truthfulness-check.js +61 -0
  325. package/dist/scripts/doctor-codex-0138-fix-check.js +10 -0
  326. package/dist/scripts/doctor-codex-0139-real-probes-check.js +25 -0
  327. package/dist/scripts/doctor-codex-app-harness-check.js +4 -0
  328. package/dist/scripts/doctor-codex-doctor-parity-check.js +17 -0
  329. package/dist/scripts/doctor-codex-native-readiness-ux-check.js +29 -0
  330. package/dist/scripts/doctor-codex-native-repair-actions-check.js +24 -0
  331. package/dist/scripts/doctor-codex-startup-repair-check.js +103 -0
  332. package/dist/scripts/doctor-context7-mcp-repair-blackbox.js +16 -0
  333. package/dist/scripts/doctor-context7-mcp-repair-check.js +11 -0
  334. package/dist/scripts/doctor-context7-repair-check.js +47 -0
  335. package/dist/scripts/doctor-dirty-plan-check.js +9 -0
  336. package/dist/scripts/doctor-dirty-repair-blackbox.js +22 -0
  337. package/dist/scripts/doctor-dirty-repair-check.js +8 -0
  338. package/dist/scripts/doctor-dirty-semantic-blackbox.js +8 -0
  339. package/dist/scripts/doctor-dirty-semantic-check.js +7 -0
  340. package/dist/scripts/doctor-fix-production-blackbox.js +26 -0
  341. package/dist/scripts/doctor-fix-proves-codex-read-check.js +102 -0
  342. package/dist/scripts/doctor-fix-recovers-corrupted-config-check.js +122 -0
  343. package/dist/scripts/doctor-fixes-codex-app-fast-ui-check.js +44 -0
  344. package/dist/scripts/doctor-native-capability-repair-blackbox.js +39 -0
  345. package/dist/scripts/doctor-native-capability-repair-check.js +10 -0
  346. package/dist/scripts/doctor-native-repair-output-check.js +18 -0
  347. package/dist/scripts/doctor-startup-config-repair-blackbox.js +13 -0
  348. package/dist/scripts/doctor-startup-config-repair-check.js +10 -0
  349. package/dist/scripts/doctor-supabase-mcp-repair-blackbox.js +14 -0
  350. package/dist/scripts/doctor-supabase-mcp-repair-check.js +12 -0
  351. package/dist/scripts/doctor-transaction-engine-blackbox.js +28 -0
  352. package/dist/scripts/doctor-transaction-engine-check.js +31 -0
  353. package/dist/scripts/doctor-zellij-fix-blackbox.js +4 -0
  354. package/dist/scripts/doctor-zellij-fix-output-check.js +4 -0
  355. package/dist/scripts/doctor-zellij-no-homebrew-blackbox.js +4 -0
  356. package/dist/scripts/doctor-zellij-repair-check.js +4 -0
  357. package/dist/scripts/doctor-zellij-upgrade-blackbox.js +4 -0
  358. package/dist/scripts/evidence-fixture-check.js +26 -0
  359. package/dist/scripts/evidence-flagship-coverage-check.js +55 -0
  360. package/dist/scripts/fake-real-proof-policy-v2-check.js +27 -0
  361. package/dist/scripts/fake-vs-real-proof-policy-check.js +14 -0
  362. package/dist/scripts/fast-codex-service-tier-proof-check.js +42 -0
  363. package/dist/scripts/flagship-proof-graph-v2-check.js +48 -0
  364. package/dist/scripts/flagship-proof-graph-v3-check.js +67 -0
  365. package/dist/scripts/flagship-proof-graph-v4-check.js +61 -0
  366. package/dist/scripts/gate-pack-fixture-cache-check.js +9 -0
  367. package/dist/scripts/gate-pack-manifest-check.js +9 -0
  368. package/dist/scripts/gate-pack-runner-blackbox.js +27 -0
  369. package/dist/scripts/gate-pack-runner-check.js +6 -0
  370. package/dist/scripts/gate-pack-v2-blackbox.js +18 -0
  371. package/dist/scripts/git-precommit-fixture-check.js +41 -0
  372. package/dist/scripts/git-worktree-batch-allocation-check.js +10 -0
  373. package/dist/scripts/git-worktree-cache-performance-check.js +25 -0
  374. package/dist/scripts/git-worktree-capability-check.js +27 -0
  375. package/dist/scripts/git-worktree-checkpoint-check.js +20 -0
  376. package/dist/scripts/git-worktree-cleanup-check.js +27 -0
  377. package/dist/scripts/git-worktree-cross-rebase-check.js +41 -0
  378. package/dist/scripts/git-worktree-diff-envelope-check.js +17 -0
  379. package/dist/scripts/git-worktree-diff-export-check.js +43 -0
  380. package/dist/scripts/git-worktree-dirty-lock-check.js +17 -0
  381. package/dist/scripts/git-worktree-dirty-main-detection-check.js +14 -0
  382. package/dist/scripts/git-worktree-integration-primary-check.js +24 -0
  383. package/dist/scripts/git-worktree-integration-primary-runtime-check.js +20 -0
  384. package/dist/scripts/git-worktree-manager-check.js +37 -0
  385. package/dist/scripts/git-worktree-manifest-append-check.js +18 -0
  386. package/dist/scripts/git-worktree-merge-queue-check.js +31 -0
  387. package/dist/scripts/git-worktree-pool-performance-check.js +20 -0
  388. package/dist/scripts/git-worktree-prewarm-runtime-check.js +7 -0
  389. package/dist/scripts/git-worktree-untracked-diff-check.js +18 -0
  390. package/dist/scripts/goal-artifact-compat-check.js +3 -0
  391. package/dist/scripts/goal-legacy-runtime-escape-check.js +3 -0
  392. package/dist/scripts/goal-loop-compat-check.js +3 -0
  393. package/dist/scripts/goal-loop-runtime-default-check.js +3 -0
  394. package/dist/scripts/goal-mode-official-default-check.js +12 -0
  395. package/dist/scripts/gpt-final-arbiter-check.js +63 -0
  396. package/dist/scripts/gpt-final-arbiter-performance-check.js +36 -0
  397. package/dist/scripts/gpt-image-2-request-validator-check.js +35 -0
  398. package/dist/scripts/hooks-0.134-context-parity-check.js +20 -0
  399. package/dist/scripts/hooks-actual-parity-check.js +17 -0
  400. package/dist/scripts/hooks-actual-parity-v2-check.js +21 -0
  401. package/dist/scripts/hooks-latest-schema-check.js +20 -0
  402. package/dist/scripts/hooks-managed-install-fixture-check.js +21 -0
  403. package/dist/scripts/hooks-official-hash-oracle-check.js +35 -0
  404. package/dist/scripts/hooks-official-hash-parity-check.js +17 -0
  405. package/dist/scripts/hooks-subagent-events-check.js +17 -0
  406. package/dist/scripts/hooks-trust-state-check.js +14 -0
  407. package/dist/scripts/image-artifact-path-contract-check.js +14 -0
  408. package/dist/scripts/image-artifact-registry-check.js +14 -0
  409. package/dist/scripts/image-fidelity-fixture-check.js +24 -0
  410. package/dist/scripts/image-followup-edit-path-check.js +14 -0
  411. package/dist/scripts/image-generation-path-handoff-check.js +8 -0
  412. package/dist/scripts/image-global-path-contract-check.js +38 -0
  413. package/dist/scripts/imagegen-capability-check.js +30 -0
  414. package/dist/scripts/imagegen-real-smoke-check.js +155 -0
  415. package/dist/scripts/init-deep-backup-retention-check.js +37 -0
  416. package/dist/scripts/init-deep-memory-scope-safety-check.js +23 -0
  417. package/dist/scripts/install-update-preserves-config-check.js +172 -0
  418. package/dist/scripts/json-schema-recursive-check.js +78 -0
  419. package/dist/scripts/legacy-gate-inventory-check.js +49 -0
  420. package/dist/scripts/legacy-gate-purge-check.js +7 -0
  421. package/dist/scripts/legacy-multiagent-removal-check.js +85 -0
  422. package/dist/scripts/legacy-purge-final-check.js +5 -0
  423. package/dist/scripts/legacy-strong-inventory-check.js +43 -0
  424. package/dist/scripts/legacy-upgrade-matrix-check.js +300 -0
  425. package/dist/scripts/local-collab-all-pipelines-final-gpt-check.js +21 -0
  426. package/dist/scripts/local-collab-gpt-final-availability-check.js +58 -0
  427. package/dist/scripts/local-collab-no-local-only-final-check.js +27 -0
  428. package/dist/scripts/local-collab-policy-check.js +17 -0
  429. package/dist/scripts/local-collab-worktree-gpt-final-apply-policy-check.js +63 -0
  430. package/dist/scripts/local-llm-all-pipelines-check.js +11 -0
  431. package/dist/scripts/local-llm-cache-performance-check.js +10 -0
  432. package/dist/scripts/local-llm-capability-check.js +14 -0
  433. package/dist/scripts/local-llm-smoke-check.js +32 -0
  434. package/dist/scripts/local-llm-structured-output-check.js +11 -0
  435. package/dist/scripts/local-llm-throughput-check.js +10 -0
  436. package/dist/scripts/local-llm-tool-call-repair-check.js +10 -0
  437. package/dist/scripts/local-llm-warmup-check.js +11 -0
  438. package/dist/scripts/loop-artifact-paths-check.js +3 -0
  439. package/dist/scripts/loop-blocker-check.js +15 -0
  440. package/dist/scripts/loop-cli-check.js +3 -0
  441. package/dist/scripts/loop-cli-registry-check.js +3 -0
  442. package/dist/scripts/loop-collision-blackbox.js +3 -0
  443. package/dist/scripts/loop-concurrency-budget-check.js +3 -0
  444. package/dist/scripts/loop-concurrency-budget-runtime-check.js +3 -0
  445. package/dist/scripts/loop-concurrency-oversubscription-blackbox.js +3 -0
  446. package/dist/scripts/loop-continuation-enforcer-check.js +4 -0
  447. package/dist/scripts/loop-decomposer-check.js +3 -0
  448. package/dist/scripts/loop-directive-check-lib.js +388 -0
  449. package/dist/scripts/loop-execution-profile-routing-check.js +4 -0
  450. package/dist/scripts/loop-final-arbiter-contract-check.js +3 -0
  451. package/dist/scripts/loop-fixture-policy-check.js +3 -0
  452. package/dist/scripts/loop-fixture-production-misuse-blackbox.js +3 -0
  453. package/dist/scripts/loop-fixture-safety-check.js +3 -0
  454. package/dist/scripts/loop-gate-fixture-guard-check.js +3 -0
  455. package/dist/scripts/loop-gate-ladder-check.js +3 -0
  456. package/dist/scripts/loop-gate-runner-check.js +3 -0
  457. package/dist/scripts/loop-gate-selector-check.js +3 -0
  458. package/dist/scripts/loop-gpt-final-contract-crossref-check.js +3 -0
  459. package/dist/scripts/loop-gpt-final-fixture-guard-check.js +3 -0
  460. package/dist/scripts/loop-gpt-final-gate-contract-check.js +3 -0
  461. package/dist/scripts/loop-hardening-check-lib.js +289 -0
  462. package/dist/scripts/loop-integration-finalizer-check.js +3 -0
  463. package/dist/scripts/loop-integration-merge-strategy-check.js +3 -0
  464. package/dist/scripts/loop-interrupt-registry-check.js +3 -0
  465. package/dist/scripts/loop-kill-interrupt-real-blackbox.js +3 -0
  466. package/dist/scripts/loop-lease-check.js +3 -0
  467. package/dist/scripts/loop-merge-strategy-blackbox.js +3 -0
  468. package/dist/scripts/loop-merge-strategy-check.js +3 -0
  469. package/dist/scripts/loop-mesh-production-e2e-blackbox.js +3 -0
  470. package/dist/scripts/loop-mutation-ledger-check.js +3 -0
  471. package/dist/scripts/loop-observability-check.js +3 -0
  472. package/dist/scripts/loop-owner-inference-check.js +3 -0
  473. package/dist/scripts/loop-planner-check.js +3 -0
  474. package/dist/scripts/loop-planner-project-memory-check.js +4 -0
  475. package/dist/scripts/loop-planner-project-memory-deep-check.js +4 -0
  476. package/dist/scripts/loop-proof-check.js +3 -0
  477. package/dist/scripts/loop-proof-summary-cli-check.js +3 -0
  478. package/dist/scripts/loop-risk-classifier-check.js +3 -0
  479. package/dist/scripts/loop-runtime-check.js +3 -0
  480. package/dist/scripts/loop-scheduler-check.js +3 -0
  481. package/dist/scripts/loop-schema-check.js +3 -0
  482. package/dist/scripts/loop-side-effect-blackbox.js +3 -0
  483. package/dist/scripts/loop-side-effect-final-arbiter-check.js +3 -0
  484. package/dist/scripts/loop-side-effect-scanner-check.js +3 -0
  485. package/dist/scripts/loop-state-check.js +3 -0
  486. package/dist/scripts/loop-status-proof-ux-check.js +3 -0
  487. package/dist/scripts/loop-worker-fixture-guard-check.js +3 -0
  488. package/dist/scripts/loop-worker-handle-registration-check.js +3 -0
  489. package/dist/scripts/loop-worker-interrupt-check.js +3 -0
  490. package/dist/scripts/loop-worktree-policy-check.js +3 -0
  491. package/dist/scripts/loop-zellij-ui-check.js +3 -0
  492. package/dist/scripts/mad-db-capability-check.js +15 -0
  493. package/dist/scripts/mad-db-command-check.js +13 -0
  494. package/dist/scripts/mad-db-ledger-check.js +7 -0
  495. package/dist/scripts/mad-db-lifecycle-hook-decision-check.js +17 -0
  496. package/dist/scripts/mad-db-mad-command-check.js +100 -0
  497. package/dist/scripts/mad-db-mcp-result-lifecycle-check.js +30 -0
  498. package/dist/scripts/mad-db-one-cycle-bounded-check.js +27 -0
  499. package/dist/scripts/mad-db-one-cycle-consumption-check.js +16 -0
  500. package/dist/scripts/mad-db-operation-lifecycle-blackbox.js +29 -0
  501. package/dist/scripts/mad-db-operation-lifecycle-ledger-check.js +17 -0
  502. package/dist/scripts/mad-db-priority-resolver-check.js +20 -0
  503. package/dist/scripts/mad-db-safety-conflict-matrix-check.js +22 -0
  504. package/dist/scripts/mad-preflight-blocks-unreadable-config-check.js +66 -0
  505. package/dist/scripts/mad-sks-actual-executor-blackbox.js +5 -0
  506. package/dist/scripts/mad-sks-app-ui-no-mutation-check.js +92 -0
  507. package/dist/scripts/mad-sks-audit-proof-check.js +34 -0
  508. package/dist/scripts/mad-sks-db-executor-check.js +5 -0
  509. package/dist/scripts/mad-sks-executor-proof-graph-check.js +5 -0
  510. package/dist/scripts/mad-sks-fast-mode-propagation-check.js +24 -0
  511. package/dist/scripts/mad-sks-file-write-executor-check.js +5 -0
  512. package/dist/scripts/mad-sks-immutable-harness-check.js +36 -0
  513. package/dist/scripts/mad-sks-no-harness-modification-check.js +25 -0
  514. package/dist/scripts/mad-sks-package-executor-check.js +5 -0
  515. package/dist/scripts/mad-sks-permission-model-check.js +22 -0
  516. package/dist/scripts/mad-sks-rollback-apply-check.js +5 -0
  517. package/dist/scripts/mad-sks-service-executor-check.js +5 -0
  518. package/dist/scripts/mad-sks-shell-executor-check.js +5 -0
  519. package/dist/scripts/mad-sks-write-guard-check.js +28 -0
  520. package/dist/scripts/mad-sks-zellij-default-pane-worker-check.js +37 -0
  521. package/dist/scripts/mad-sks-zellij-launch-check.js +102 -0
  522. package/dist/scripts/mad-zellij-headless-fallback-blackbox.js +4 -0
  523. package/dist/scripts/mad-zellij-no-contradictory-output-check.js +4 -0
  524. package/dist/scripts/mad-zellij-self-heal-blackbox.js +4 -0
  525. package/dist/scripts/mad-zellij-self-heal-check.js +4 -0
  526. package/dist/scripts/managed-config-merge-check.js +24 -0
  527. package/dist/scripts/mcp-0-134-modernization-check.js +55 -0
  528. package/dist/scripts/mcp-plugin-inventory-check.js +12 -0
  529. package/dist/scripts/mcp-readonly-concurrency-check.js +17 -0
  530. package/dist/scripts/mcp-readonly-runtime-scheduler-check.js +20 -0
  531. package/dist/scripts/mcp-tool-naming-parity-check.js +16 -0
  532. package/dist/scripts/memory-summary-rebuild-check.js +22 -0
  533. package/dist/scripts/model-call-concurrency-check.js +15 -0
  534. package/dist/scripts/mutation-callsite-coverage-check.js +180 -0
  535. package/dist/scripts/naruto-active-pool-check.js +39 -0
  536. package/dist/scripts/naruto-actual-worker-control-plane-check.js +56 -0
  537. package/dist/scripts/naruto-allocation-policy-check.js +33 -0
  538. package/dist/scripts/naruto-allocation-runtime-wiring-check.js +92 -0
  539. package/dist/scripts/naruto-concurrency-governor-check.js +53 -0
  540. package/dist/scripts/naruto-extreme-parallelism-check.js +22 -0
  541. package/dist/scripts/naruto-extreme-parallelism-real-check.js +43 -0
  542. package/dist/scripts/naruto-gpt-final-pack-check.js +34 -0
  543. package/dist/scripts/naruto-loop-maker-checker-check.js +3 -0
  544. package/dist/scripts/naruto-loop-mesh-blackbox.js +3 -0
  545. package/dist/scripts/naruto-loop-mesh-check.js +3 -0
  546. package/dist/scripts/naruto-loop-worker-router-check.js +3 -0
  547. package/dist/scripts/naruto-orchestrator-runtime-source-check.js +70 -0
  548. package/dist/scripts/naruto-parallel-gate-consistency-check.js +8 -0
  549. package/dist/scripts/naruto-parallel-patch-apply-check.js +41 -0
  550. package/dist/scripts/naruto-parallel-runtime-proof-check.js +9 -0
  551. package/dist/scripts/naruto-parallelism-mode-check.js +12 -0
  552. package/dist/scripts/naruto-parallelism-ux-check.js +8 -0
  553. package/dist/scripts/naruto-proof-message-summary-check.js +9 -0
  554. package/dist/scripts/naruto-proof-zellij-stacked-summary-check.js +47 -0
  555. package/dist/scripts/naruto-readonly-routing-check.js +119 -0
  556. package/dist/scripts/naruto-real-active-pool-check.js +39 -0
  557. package/dist/scripts/naruto-real-active-pool-runtime-check.js +55 -0
  558. package/dist/scripts/naruto-real-parallelism-blackbox.js +294 -0
  559. package/dist/scripts/naruto-rebalance-policy-check.js +41 -0
  560. package/dist/scripts/naruto-role-distribution-check.js +23 -0
  561. package/dist/scripts/naruto-shadow-clone-swarm-check.js +164 -0
  562. package/dist/scripts/naruto-ssot-default-check.js +9 -0
  563. package/dist/scripts/naruto-ssot-gate-aliases-check.js +10 -0
  564. package/dist/scripts/naruto-ssot-pipeline-default-check.js +11 -0
  565. package/dist/scripts/naruto-ssot-route-normalization-check.js +9 -0
  566. package/dist/scripts/naruto-ssot-routing-check.js +13 -0
  567. package/dist/scripts/naruto-verification-pool-check.js +36 -0
  568. package/dist/scripts/naruto-visible-vs-active-workers-check.js +10 -0
  569. package/dist/scripts/naruto-work-graph-check.js +24 -0
  570. package/dist/scripts/naruto-worktree-coding-blackbox.js +29 -0
  571. package/dist/scripts/naruto-worktree-coding-check.js +44 -0
  572. package/dist/scripts/naruto-worktree-gpt-final-check.js +45 -0
  573. package/dist/scripts/naruto-worktree-zellij-ui-check.js +28 -0
  574. package/dist/scripts/naruto-zellij-dynamic-right-column-check.js +48 -0
  575. package/dist/scripts/naruto-zellij-massive-ui-check.js +23 -0
  576. package/dist/scripts/native-app-screenshot-repair-check.js +11 -0
  577. package/dist/scripts/native-capability-postcheck-check.js +16 -0
  578. package/dist/scripts/native-capability-repair-check.js +15 -0
  579. package/dist/scripts/native-capability-repair-matrix-check.js +10 -0
  580. package/dist/scripts/native-chrome-web-review-repair-check.js +10 -0
  581. package/dist/scripts/native-computer-use-repair-check.js +10 -0
  582. package/dist/scripts/native-image-generation-repair-check.js +9 -0
  583. package/dist/scripts/native-swarm-heartbeat-does-not-serialize-launch-check.js +8 -0
  584. package/dist/scripts/native-swarm-process-spawn-proof-check.js +7 -0
  585. package/dist/scripts/native-swarm-zellij-does-not-block-workers-check.js +11 -0
  586. package/dist/scripts/no-ts-nocheck-core-check.js +4 -0
  587. package/dist/scripts/no-ts-nocheck-release-scripts-check.js +4 -0
  588. package/dist/scripts/non-recursive-pipeline-check.js +68 -0
  589. package/dist/scripts/npm-publish-performance-check.js +65 -0
  590. package/dist/scripts/official-docs-compat-report.js +304 -0
  591. package/dist/scripts/orphan-gate-detection-check.js +53 -0
  592. package/dist/scripts/orphan-purge-final-check.js +5 -0
  593. package/dist/scripts/orphan-strong-detection-check.js +12 -0
  594. package/dist/scripts/package-published-contract-check.js +46 -0
  595. package/dist/scripts/packlist-performance-check.js +83 -0
  596. package/dist/scripts/parallel-claim-enforcement-check.js +21 -0
  597. package/dist/scripts/parallel-missing-pid-rejection-check.js +55 -0
  598. package/dist/scripts/parallel-runtime-proof-check.js +23 -0
  599. package/dist/scripts/parallel-runtime-proof-events-check.js +13 -0
  600. package/dist/scripts/parallel-runtime-real-blackbox.js +44 -0
  601. package/dist/scripts/parallel-strict-pid-proof-check.js +54 -0
  602. package/dist/scripts/parallel-verification-engine-check.js +85 -0
  603. package/dist/scripts/pipeline-codex-0140-integration-check.js +30 -0
  604. package/dist/scripts/pipeline-codex-native-doctor-mad-routing-check.js +4 -0
  605. package/dist/scripts/pipeline-codex-native-doctor-mad-routing-real-blackbox.js +77 -0
  606. package/dist/scripts/pipeline-codex-native-e2e-blackbox.js +13 -0
  607. package/dist/scripts/pipeline-codex-native-image-routing-check.js +4 -0
  608. package/dist/scripts/pipeline-codex-native-image-routing-real-blackbox.js +50 -0
  609. package/dist/scripts/pipeline-codex-native-loop-routing-check.js +4 -0
  610. package/dist/scripts/pipeline-codex-native-loop-routing-real-blackbox.js +74 -0
  611. package/dist/scripts/pipeline-codex-native-qa-routing-check.js +4 -0
  612. package/dist/scripts/pipeline-codex-native-qa-routing-real-blackbox.js +51 -0
  613. package/dist/scripts/pipeline-codex-native-research-routing-check.js +4 -0
  614. package/dist/scripts/pipeline-codex-native-research-routing-real-blackbox.js +45 -0
  615. package/dist/scripts/pipeline-execution-profile-routing-blackbox.js +4 -0
  616. package/dist/scripts/pipeline-five-minute-sla-check.js +7 -0
  617. package/dist/scripts/postinstall-safe-side-effects-check.js +65 -0
  618. package/dist/scripts/ppt-full-e2e-artifact-graph-check.js +40 -0
  619. package/dist/scripts/ppt-full-e2e-blackbox-check.js +109 -0
  620. package/dist/scripts/ppt-image-voxel-relations-check.js +9 -0
  621. package/dist/scripts/ppt-imagegen-blackbox-check.js +46 -0
  622. package/dist/scripts/ppt-imagegen-review-fixture-check.js +6 -0
  623. package/dist/scripts/ppt-issue-extraction-fixture-check.js +7 -0
  624. package/dist/scripts/ppt-no-mock-as-real-check.js +8 -0
  625. package/dist/scripts/ppt-no-text-fallback-check.js +7 -0
  626. package/dist/scripts/ppt-proof-trust-fixture-check.js +10 -0
  627. package/dist/scripts/ppt-real-export-adapter-check.js +13 -0
  628. package/dist/scripts/ppt-real-imagegen-smoke-check.js +42 -0
  629. package/dist/scripts/ppt-real-imagegen-wiring-check.js +16 -0
  630. package/dist/scripts/ppt-reexport-rereview-check.js +19 -0
  631. package/dist/scripts/ppt-slide-export-fixture-check.js +7 -0
  632. package/dist/scripts/prepublish-fast-check.js +128 -0
  633. package/dist/scripts/priority-full-closure-check.js +12 -0
  634. package/dist/scripts/probe-memoization-check.js +11 -0
  635. package/dist/scripts/product-design-auto-install-check.js +119 -0
  636. package/dist/scripts/product-design-plugin-routing-check.js +101 -0
  637. package/dist/scripts/project-skill-dedupe-blackbox.js +36 -0
  638. package/dist/scripts/project-skill-dedupe-check.js +16 -0
  639. package/dist/scripts/prompt-placeholder-guard-check.js +33 -0
  640. package/dist/scripts/proof-root-cause-policy-check.js +70 -0
  641. package/dist/scripts/provider-badge-context-check.js +26 -0
  642. package/dist/scripts/provider-context-config-toml-check.js +63 -0
  643. package/dist/scripts/python-codex-sdk-all-pipelines-check.js +47 -0
  644. package/dist/scripts/python-codex-sdk-capability-check.js +75 -0
  645. package/dist/scripts/python-codex-sdk-sandbox-policy-check.js +10 -0
  646. package/dist/scripts/python-codex-sdk-stream-bridge-check.js +12 -0
  647. package/dist/scripts/python-tools-smoke-check.js +71 -0
  648. package/dist/scripts/qa-actual-route-backfill-check.js +5 -0
  649. package/dist/scripts/qa-backfill-route-blackbox.js +5 -0
  650. package/dist/scripts/qa-loop-app-handoff-capability-check.js +9 -0
  651. package/dist/scripts/qa-loop-app-handoff-check.js +9 -0
  652. package/dist/scripts/qa-loop-app-handoff-cli-check.js +8 -0
  653. package/dist/scripts/qa-loop-app-handoff-confirmation-check.js +24 -0
  654. package/dist/scripts/qa-loop-app-handoff-gate-lifecycle-check.js +44 -0
  655. package/dist/scripts/qa-loop-app-handoff-launch-check.js +7 -0
  656. package/dist/scripts/qa-loop-app-handoff-status-lifecycle-check.js +7 -0
  657. package/dist/scripts/qa-loop-budget-policy-check.js +8 -0
  658. package/dist/scripts/qa-loop-effort-escalation-check.js +9 -0
  659. package/dist/scripts/qa-loop-execution-profile-routing-check.js +4 -0
  660. package/dist/scripts/qa-loop-image-path-exposure-check.js +9 -0
  661. package/dist/scripts/qa-loop-image-path-prompt-injection-check.js +8 -0
  662. package/dist/scripts/qa-patch-swarm-route-blackbox.js +10 -0
  663. package/dist/scripts/readme-architecture-imagegen-official-check.js +448 -0
  664. package/dist/scripts/release-affected-selector-check.js +41 -0
  665. package/dist/scripts/release-aggressive-resource-governor-check.js +25 -0
  666. package/dist/scripts/release-batch-runner-check.js +6 -0
  667. package/dist/scripts/release-cache-bridge-check.js +23 -0
  668. package/dist/scripts/release-cache-glob-hashing-check.js +42 -0
  669. package/dist/scripts/release-cache-input-classifier-check.js +13 -0
  670. package/dist/scripts/release-cache-neutralization-report-check.js +13 -0
  671. package/dist/scripts/release-cache-version-neutral-fixture-check.js +65 -0
  672. package/dist/scripts/release-check-stamp.js +2 -1
  673. package/dist/scripts/release-dag-full-coverage-check.js +428 -0
  674. package/dist/scripts/release-dist-freshness-check.js +8 -0
  675. package/dist/scripts/release-dynamic-performance-check.js +110 -0
  676. package/dist/scripts/release-dynamic-presets-check.js +20 -0
  677. package/dist/scripts/release-full-parallelism-blackbox.js +41 -0
  678. package/dist/scripts/release-gate-batch-runner-check.js +43 -0
  679. package/dist/scripts/release-gate-budget-check.js +36 -0
  680. package/dist/scripts/release-gate-dag-runner-check.js +107 -0
  681. package/dist/scripts/release-gate-script-parity-check.js +117 -0
  682. package/dist/scripts/release-metadata-1-11-check.js +37 -0
  683. package/dist/scripts/release-metadata-1-12-check.js +48 -0
  684. package/dist/scripts/release-metadata-1-13-check.js +53 -0
  685. package/dist/scripts/release-metadata-1-14-check.js +63 -0
  686. package/dist/scripts/release-metadata-1-16-check.js +81 -0
  687. package/dist/scripts/release-metadata-1-17-check.js +51 -0
  688. package/dist/scripts/release-metadata-1-19-check.js +376 -0
  689. package/dist/scripts/release-metadata-check.js +7 -0
  690. package/dist/scripts/release-native-agent-fixture-check.js +41 -0
  691. package/dist/scripts/release-parallel-check.js +375 -0
  692. package/dist/scripts/release-parallel-full-coverage-check.js +13 -0
  693. package/dist/scripts/release-parallel-speed-budget-check.js +91 -0
  694. package/dist/scripts/release-proof-truth-check.js +14 -0
  695. package/dist/scripts/release-provenance-check.js +143 -0
  696. package/dist/scripts/release-readiness-report.js +1231 -0
  697. package/dist/scripts/release-real-check.js +338 -0
  698. package/dist/scripts/release-registry-check.js +353 -0
  699. package/dist/scripts/release-runtime-truth-matrix-check.js +47 -0
  700. package/dist/scripts/release-script-type-safety-check.js +4 -0
  701. package/dist/scripts/release-speed-summary-check.js +20 -0
  702. package/dist/scripts/release-stability-report-check.js +99 -0
  703. package/dist/scripts/release-triwiki-first-runner-blackbox.js +44 -0
  704. package/dist/scripts/release-triwiki-first-runner-check.js +9 -0
  705. package/dist/scripts/release-version-truth-check.js +134 -0
  706. package/dist/scripts/release-wiring-3110-blackbox.js +27 -0
  707. package/dist/scripts/release-wiring-3112-blackbox.js +17 -0
  708. package/dist/scripts/release-wiring-3113-blackbox.js +17 -0
  709. package/dist/scripts/research-actual-route-backfill-check.js +5 -0
  710. package/dist/scripts/research-backfill-route-blackbox.js +5 -0
  711. package/dist/scripts/research-blueprint-densifier-check.js +21 -0
  712. package/dist/scripts/research-claim-builder-check.js +19 -0
  713. package/dist/scripts/research-complete-package-fixture-check.js +29 -0
  714. package/dist/scripts/research-execution-profile-routing-check.js +4 -0
  715. package/dist/scripts/research-final-reviewer-blackbox.js +70 -0
  716. package/dist/scripts/research-handoff-consumability-check.js +23 -0
  717. package/dist/scripts/research-parallel-source-shards-check.js +22 -0
  718. package/dist/scripts/research-quality-gate-check.js +112 -0
  719. package/dist/scripts/research-real-cycle-no-legacy-final-md-check.js +14 -0
  720. package/dist/scripts/research-real-synthesis-no-deterministic-renderer-check.js +14 -0
  721. package/dist/scripts/research-repetition-detector-check.js +19 -0
  722. package/dist/scripts/research-short-report-rejection-check.js +46 -0
  723. package/dist/scripts/research-source-ledger-merge-check.js +26 -0
  724. package/dist/scripts/research-stage-cycle-runtime-blackbox.js +40 -0
  725. package/dist/scripts/research-synthesis-prompt-contract-check.js +36 -0
  726. package/dist/scripts/research-synthesis-writer-blackbox.js +24 -0
  727. package/dist/scripts/research-synthesis-writer-check.js +26 -0
  728. package/dist/scripts/research-template-report-rejection-check.js +56 -0
  729. package/dist/scripts/research-ultra-stability-report.js +45 -0
  730. package/dist/scripts/responses-retry-policy-centralized-check.js +19 -0
  731. package/dist/scripts/retention-cleanup-safety-check.js +155 -0
  732. package/dist/scripts/route-blackbox-realism-check.js +21 -0
  733. package/dist/scripts/route-proof-artifact-structure-check.js +145 -0
  734. package/dist/scripts/runtime-dist-parity-check.js +78 -0
  735. package/dist/scripts/runtime-no-mjs-scripts-check.js +45 -0
  736. package/dist/scripts/runtime-no-src-mjs-check.js +32 -0
  737. package/dist/scripts/runtime-no-tmux-check.js +114 -0
  738. package/dist/scripts/runtime-proof-summary-check.js +58 -0
  739. package/dist/scripts/runtime-proof-summary-cli-check.js +51 -0
  740. package/dist/scripts/runtime-proof-summary-messages-check.js +37 -0
  741. package/dist/scripts/runtime-proof-zellij-stacked-summary-check.js +58 -0
  742. package/dist/scripts/runtime-ts-python-boundary-check.js +59 -0
  743. package/dist/scripts/runtime-ts-rust-boundary-check.js +74 -0
  744. package/dist/scripts/runtime-ts-source-of-truth-check.js +55 -0
  745. package/dist/scripts/safety-check.js +23 -0
  746. package/dist/scripts/scheduler-batch-dispatch-check.js +17 -0
  747. package/dist/scripts/scheduler-critical-path-check.js +9 -0
  748. package/dist/scripts/scheduler-extreme-parallel-check.js +7 -0
  749. package/dist/scripts/scheduler-no-false-pending-block-check.js +7 -0
  750. package/dist/scripts/scheduler-parallel-proof-consistency-check.js +65 -0
  751. package/dist/scripts/scheduler-resource-budget-check.js +7 -0
  752. package/dist/scripts/scheduler-resource-claim-blackbox.js +24 -0
  753. package/dist/scripts/scheduler-utilization-integral-check.js +105 -0
  754. package/dist/scripts/scheduler-utilization-proof-check.js +8 -0
  755. package/dist/scripts/secret-line-rollback-check.js +35 -0
  756. package/dist/scripts/secret-preservation-check.js +11 -0
  757. package/dist/scripts/secret-preservation-guard-check.js +37 -0
  758. package/dist/scripts/shared-memory-fixture-check.js +27 -0
  759. package/dist/scripts/side-effect-runtime-report-check.js +19 -0
  760. package/dist/scripts/side-effect-zero-gate-check.js +226 -0
  761. package/dist/scripts/skill-name-canonicalizer-check.js +9 -0
  762. package/dist/scripts/skill-registry-ledger-check.js +14 -0
  763. package/dist/scripts/skill-sync-atomic-check.js +35 -0
  764. package/dist/scripts/sks-1-11-fixture-check.js +130 -0
  765. package/dist/scripts/sks-1-12-real-execution-check-lib.js +27 -0
  766. package/dist/scripts/sks-3-1-4-directive-check-lib.js +212 -0
  767. package/dist/scripts/sks-3-1-5-directive-check-lib.js +318 -0
  768. package/dist/scripts/sks-3-1-6-directive-check-lib.js +522 -0
  769. package/dist/scripts/sks-3-1-7-directive-check-lib.js +58 -0
  770. package/dist/scripts/sks-3-1-8-check-lib.js +30 -0
  771. package/dist/scripts/sks-3110-all-feature-regression-blackbox.js +116 -0
  772. package/dist/scripts/sks-3112-all-feature-regression-blackbox.js +29 -0
  773. package/dist/scripts/sks-3113-all-feature-regression-blackbox.js +17 -0
  774. package/dist/scripts/sks-400-all-feature-regression-blackbox.js +21 -0
  775. package/dist/scripts/sks-400-extreme-parallel-blackbox.js +8 -0
  776. package/dist/scripts/sks-400-five-minute-blackbox.js +9 -0
  777. package/dist/scripts/sks-400-legacy-purge-blackbox.js +8 -0
  778. package/dist/scripts/sks-401-all-feature-regression-blackbox.js +46 -0
  779. package/dist/scripts/sks-401-five-minute-actual-blackbox.js +23 -0
  780. package/dist/scripts/sks-402-all-feature-regression-blackbox.js +9 -0
  781. package/dist/scripts/sks-402-five-minute-real-blackbox.js +22 -0
  782. package/dist/scripts/sksd-daemon-check.js +9 -0
  783. package/dist/scripts/sksd-warm-cache-blackbox.js +12 -0
  784. package/dist/scripts/source-intelligence-all-modes-check.js +32 -0
  785. package/dist/scripts/source-intelligence-policy-check.js +13 -0
  786. package/dist/scripts/strategy-adhd-orchestrating-gate-check.js +22 -0
  787. package/dist/scripts/strategy-file-ownership-plan-check.js +18 -0
  788. package/dist/scripts/strategy-parallel-modification-plan-check.js +19 -0
  789. package/dist/scripts/strategy-verification-rollback-dag-check.js +19 -0
  790. package/dist/scripts/supabase-secret-preservation-blackbox.js +29 -0
  791. package/dist/scripts/team-actual-route-backfill-check.js +5 -0
  792. package/dist/scripts/team-alias-to-naruto-check.js +7 -0
  793. package/dist/scripts/team-backfill-route-blackbox.js +5 -0
  794. package/dist/scripts/team-legacy-create-removed-check.js +12 -0
  795. package/dist/scripts/team-parallel-write-blackbox.js +55 -0
  796. package/dist/scripts/team-patch-swarm-route-blackbox.js +10 -0
  797. package/dist/scripts/terminal-keyboard-enhancement-safety-check.js +12 -0
  798. package/dist/scripts/terminal-tui-output-stability-check.js +35 -0
  799. package/dist/scripts/test-no-orphan-dist-imports-check.js +73 -0
  800. package/dist/scripts/triwiki-affected-graph-blackbox.js +28 -0
  801. package/dist/scripts/triwiki-affected-graph-check.js +10 -0
  802. package/dist/scripts/triwiki-cache-key-check.js +9 -0
  803. package/dist/scripts/triwiki-gate-impact-map-check.js +8 -0
  804. package/dist/scripts/triwiki-module-card-check.js +7 -0
  805. package/dist/scripts/triwiki-proof-bank-blackbox.js +30 -0
  806. package/dist/scripts/triwiki-proof-bank-check.js +7 -0
  807. package/dist/scripts/triwiki-proof-bank-lock-blackbox.js +7 -0
  808. package/dist/scripts/triwiki-proof-card-check.js +23 -0
  809. package/dist/scripts/triwiki-stale-proof-rejection-check.js +25 -0
  810. package/dist/scripts/trust-fixture-check.js +33 -0
  811. package/dist/scripts/type-surface-codex-app-check.js +4 -0
  812. package/dist/scripts/typescript-migration-report.js +78 -0
  813. package/dist/scripts/ultra-router-auto-router-check.js +33 -0
  814. package/dist/scripts/ultra-router-classification-check.js +28 -0
  815. package/dist/scripts/update-gate-removed-check.js +9 -0
  816. package/dist/scripts/update-mad-zellij-notice-check.js +9 -0
  817. package/dist/scripts/update-notice-check.js +10 -0
  818. package/dist/scripts/update-preserves-supabase-keys-blackbox.js +27 -0
  819. package/dist/scripts/update-secret-migration-journal-check.js +8 -0
  820. package/dist/scripts/update-secret-preservation-guard-check.js +10 -0
  821. package/dist/scripts/ux-patch-swarm-route-blackbox.js +10 -0
  822. package/dist/scripts/ux-ppt-structured-extraction-check.js +21 -0
  823. package/dist/scripts/ux-review-extract-real-callouts-fixture-check.js +8 -0
  824. package/dist/scripts/ux-review-extract-wires-real-extractor-check.js +15 -0
  825. package/dist/scripts/ux-review-generate-callouts-fixture-check.js +9 -0
  826. package/dist/scripts/ux-review-image-voxel-relations-check.js +31 -0
  827. package/dist/scripts/ux-review-imagegen-blackbox-check.js +67 -0
  828. package/dist/scripts/ux-review-no-fake-callouts-check.js +8 -0
  829. package/dist/scripts/ux-review-no-text-fallback-check.js +25 -0
  830. package/dist/scripts/ux-review-patch-diff-recheck-check.js +20 -0
  831. package/dist/scripts/ux-review-patch-handoff-fixture-check.js +8 -0
  832. package/dist/scripts/ux-review-real-imagegen-smoke-check.js +31 -0
  833. package/dist/scripts/ux-review-real-loop-fixture-check.js +24 -0
  834. package/dist/scripts/ux-review-recapture-recheck-fixture-check.js +8 -0
  835. package/dist/scripts/ux-review-run-wires-imagegen-check.js +11 -0
  836. package/dist/scripts/worker-pane-communication-contract-check.js +54 -0
  837. package/dist/scripts/wrongness-fixture-check.js +65 -0
  838. package/dist/scripts/xai-mcp-capability-check.js +14 -0
  839. package/dist/scripts/zellij-capability-check.js +15 -0
  840. package/dist/scripts/zellij-dashboard-pane-check.js +70 -0
  841. package/dist/scripts/zellij-developer-controls-check.js +20 -0
  842. package/dist/scripts/zellij-doctor-readiness-check.js +63 -0
  843. package/dist/scripts/zellij-dynamic-pane-lifecycle-check.js +21 -0
  844. package/dist/scripts/zellij-fake-adapter-check.js +33 -0
  845. package/dist/scripts/zellij-first-slot-down-stack-check.js +21 -0
  846. package/dist/scripts/zellij-first-slot-down-stack-real-check.js +349 -0
  847. package/dist/scripts/zellij-homebrew-policy-check.js +4 -0
  848. package/dist/scripts/zellij-initial-main-only-blackbox.js +28 -0
  849. package/dist/scripts/zellij-lane-renderer-check.js +80 -0
  850. package/dist/scripts/zellij-launch-command-truth-check.js +75 -0
  851. package/dist/scripts/zellij-layout-valid-check.js +90 -0
  852. package/dist/scripts/zellij-pane-creation-lock-metrics-check.js +12 -0
  853. package/dist/scripts/zellij-pane-lock-concurrency-blackbox.js +80 -0
  854. package/dist/scripts/zellij-pane-lock-does-not-block-worker-check.js +14 -0
  855. package/dist/scripts/zellij-pane-lock-open-worker-integration-blackbox.js +137 -0
  856. package/dist/scripts/zellij-pane-proof-check.js +59 -0
  857. package/dist/scripts/zellij-qa-app-handoff-status-check.js +9 -0
  858. package/dist/scripts/zellij-real-session-cleanup-check.js +21 -0
  859. package/dist/scripts/zellij-real-session-heartbeat-check.js +49 -0
  860. package/dist/scripts/zellij-real-session-launch-check.js +57 -0
  861. package/dist/scripts/zellij-right-column-headless-overflow-check.js +22 -0
  862. package/dist/scripts/zellij-right-column-manager-check.js +27 -0
  863. package/dist/scripts/zellij-screen-proof-check.js +45 -0
  864. package/dist/scripts/zellij-self-heal-check.js +4 -0
  865. package/dist/scripts/zellij-self-heal-dry-run-check.js +4 -0
  866. package/dist/scripts/zellij-self-heal-status-contract-check.js +4 -0
  867. package/dist/scripts/zellij-self-heal-typed-blackbox.js +4 -0
  868. package/dist/scripts/zellij-slot-column-anchor-check.js +66 -0
  869. package/dist/scripts/zellij-slot-column-anchor-telemetry-check.js +9 -0
  870. package/dist/scripts/zellij-slot-only-ui-check.js +31 -0
  871. package/dist/scripts/zellij-slot-pane-renderer-check.js +150 -0
  872. package/dist/scripts/zellij-slot-pane-stale-detection-check.js +74 -0
  873. package/dist/scripts/zellij-slot-pane-telemetry-renderer-check.js +11 -0
  874. package/dist/scripts/zellij-slot-renderer-proof-semantics-check.js +59 -0
  875. package/dist/scripts/zellij-slot-telemetry-check.js +39 -0
  876. package/dist/scripts/zellij-slot-telemetry-incremental-check.js +48 -0
  877. package/dist/scripts/zellij-slot-telemetry-live-flush-check.js +57 -0
  878. package/dist/scripts/zellij-slot-telemetry-performance-check.js +34 -0
  879. package/dist/scripts/zellij-slot-telemetry-real-blackbox.js +20 -0
  880. package/dist/scripts/zellij-slot-telemetry-renderer-check.js +10 -0
  881. package/dist/scripts/zellij-slot-telemetry-runtime-check.js +23 -0
  882. package/dist/scripts/zellij-spawn-on-demand-layout-check.js +40 -0
  883. package/dist/scripts/zellij-stacked-capability-routing-check.js +11 -0
  884. package/dist/scripts/zellij-stacked-fallback-integration-blackbox.js +81 -0
  885. package/dist/scripts/zellij-stacked-version-matrix-check.js +31 -0
  886. package/dist/scripts/zellij-stacked-version-parser-check.js +21 -0
  887. package/dist/scripts/zellij-ui-design-check.js +105 -0
  888. package/dist/scripts/zellij-update-missing-self-heal-check.js +4 -0
  889. package/dist/scripts/zellij-update-prompt-matrix-check.js +18 -0
  890. package/dist/scripts/zellij-update-prompt-mode-check.js +20 -0
  891. package/dist/scripts/zellij-update-prompt-safety-check.js +10 -0
  892. package/dist/scripts/zellij-worker-pane-manager-check.js +109 -0
  893. package/dist/scripts/zellij-worker-pane-manager-single-owner-check.js +47 -0
  894. package/dist/scripts/zellij-worker-pane-real-ui-blackbox.js +202 -0
  895. package/dist/scripts/zellij-worker-pane-spawn-order-check.js +35 -0
  896. package/package.json +17 -7
  897. package/schemas/codex/app-server-0.142/codex_app_server_protocol.v2.schemas.json +18447 -0
  898. package/schemas/codex-release-manifest.schema.json +44 -0
@@ -0,0 +1,102 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs/promises';
4
+ import path from 'node:path';
5
+ import { pathToFileURL } from 'node:url';
6
+ import { ensureDistFresh, root } from './lib/ensure-dist-fresh.js';
7
+ const freshness = ensureDistFresh({ rebuild: true });
8
+ if (!freshness.ok)
9
+ fail('dist_not_fresh', { freshness });
10
+ const mod = await import(pathToFileURL(path.join(root, 'dist', 'core', 'zellij', 'zellij-launcher.js')).href);
11
+ const report = await mod.launchMadZellijUi(['--workspace', 'sks-mad-check'], {
12
+ root,
13
+ missionId: 'M-zellij-launch-check',
14
+ ledgerRoot: path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'agents'),
15
+ dryRun: true,
16
+ codexArgs: ['--profile', 'sks-mad-high', '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast', '-c', 'model_provider="codex-lb"'],
17
+ launchEnv: { SKS_MAD_SKS_TARGET_ROOT: root, SKS_PROTECTED_CORE_POLICY: path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'mad-sks-protected-core-policy.json') }
18
+ });
19
+ const paneProofExists = await fs.access(path.join(root, '.sneakoscope', 'missions', 'M-zellij-launch-check', 'zellij-pane-proof.json')).then(() => true).catch(() => false);
20
+ const layoutText = await fs.readFile(report.layout_path, 'utf8');
21
+ const installHelpers = await fs.readFile(path.join(root, 'src', 'cli', 'install-helpers.ts'), 'utf8');
22
+ const madCommand = await fs.readFile(path.join(root, 'src', 'core', 'commands', 'mad-sks-command.ts'), 'utf8');
23
+ const installSafetyOk = !installHelpers.includes("--from-postinstall', '--install-scope', 'global', '--force', '--yes")
24
+ && installHelpers.includes('SKS_POSTINSTALL_AUTO_INSTALL_CLI_TOOLS')
25
+ && installHelpers.includes('(zellijRepair as any).error || zellij.blockers[0]')
26
+ && installHelpers.includes('Codex CLI is missing. Install latest Codex CLI');
27
+ const consoleDetailOk = madCommand.includes("['stderr_tail'")
28
+ && madCommand.includes("['stdout_tail'")
29
+ && madCommand.includes('report: ${launch.report_path}');
30
+ const autoAttachOk = madCommand.includes('shouldAutoAttachZellij(args)')
31
+ && madCommand.includes('attachZellijSessionInteractive(launch.session_name')
32
+ && madCommand.includes("list.includes('--no-attach')")
33
+ && madCommand.includes("list.includes('--json')")
34
+ && madCommand.includes('process.env.ZELLIJ')
35
+ && madCommand.includes("list.includes('--attach')")
36
+ && madCommand.includes('process.stdout.isTTY && process.stdin.isTTY');
37
+ const nativeSwarmOk = madCommand.includes('startMadNativeSwarm(')
38
+ && madCommand.includes('stripMadLaunchOnlyArgs(args, { includeGlmFlags: glmMadLaunch })')
39
+ && madCommand.includes('function madLaunchValueFlags(includeGlmFlags = false)')
40
+ && madCommand.includes("route: '$MAD-SKS'")
41
+ && madCommand.includes("route_command: 'sks --mad native swarm'")
42
+ && madCommand.includes("same_mission_ledger: true")
43
+ && madCommand.includes('slotCount: 0')
44
+ && madCommand.includes('zellijSessionName: launch.session_name')
45
+ && madCommand.includes('mad_sks.native_swarm_started');
46
+ const codexPaneChecks = {
47
+ main_pane_kind: report.main_pane_kind === 'codex_interactive',
48
+ report_enabled: report.codex_pane?.enabled === true,
49
+ report_no_alt_screen_arg: report.codex_pane.args.includes('--no-alt-screen'),
50
+ report_profile_arg: report.codex_pane.args.includes('--profile') && report.codex_pane.args.includes('sks-mad-high'),
51
+ report_sandbox_arg: report.codex_pane.args.includes('--sandbox') && report.codex_pane.args.includes('danger-full-access'),
52
+ report_approval_arg: report.codex_pane.args.includes('--ask-for-approval') && report.codex_pane.args.includes('never'),
53
+ report_service_tier_arg: report.codex_pane.args.includes('service_tier=fast'),
54
+ report_provider_arg: report.codex_pane.args.some((arg) => /model_provider=.*codex-lb/.test(arg)),
55
+ report_target_env: report.codex_pane.launch_env_keys.includes('SKS_MAD_SKS_TARGET_ROOT'),
56
+ report_policy_env: report.codex_pane.launch_env_keys.includes('SKS_PROTECTED_CORE_POLICY'),
57
+ layout_orchestrator_pane: layoutText.includes('pane name="orchestrator" command="sh"'),
58
+ layout_codex_exec: /exec\s+'?codex'?/.test(layoutText),
59
+ layout_no_alt_screen_arg: layoutText.includes('--no-alt-screen'),
60
+ layout_profile_arg: layoutText.includes('--profile') && layoutText.includes('sks-mad-high'),
61
+ layout_sandbox_arg: layoutText.includes('--sandbox') && layoutText.includes('danger-full-access'),
62
+ layout_approval_arg: layoutText.includes('--ask-for-approval') && layoutText.includes('never'),
63
+ layout_service_tier_arg: layoutText.includes('service_tier=fast'),
64
+ layout_provider_arg: /model_provider=.*codex-lb/.test(layoutText),
65
+ layout_not_status_shell: !layoutText.includes('sks status --json || true; exec')
66
+ };
67
+ const codexPaneOk = Object.values(codexPaneChecks).every(Boolean);
68
+ const clipboardCliOk = report.launch_command.includes('--copy-command')
69
+ && report.launch_command.includes('pbcopy')
70
+ && report.launch_command.includes('--copy-on-select')
71
+ && report.launch_command.includes('true')
72
+ && report.launch_command.includes('--mouse-mode')
73
+ && report.launch_command[report.launch_command.indexOf('--mouse-mode') + 1] === 'true'
74
+ && report.clipboard_mouse_mode === true
75
+ && !report.launch_command.includes('--copy-clipboard');
76
+ const ok = report.kind === 'mad'
77
+ && report.layout_artifact
78
+ && report.layout_path
79
+ && report.pane_proof_path
80
+ && paneProofExists
81
+ && Array.isArray(report.launch_command)
82
+ && report.launch_command.join(' ').includes('attach --create-background')
83
+ && report.launch_command.includes('--default-layout')
84
+ && !report.launch_command.includes('--layout')
85
+ && !JSON.stringify(report).includes('tmux attach')
86
+ && installSafetyOk
87
+ && consoleDetailOk
88
+ && autoAttachOk
89
+ && nativeSwarmOk
90
+ && clipboardCliOk
91
+ && codexPaneOk;
92
+ const gate = { schema: 'sks.mad-sks-zellij-launch-check.v1', ok, install_safety_ok: installSafetyOk, console_detail_ok: consoleDetailOk, auto_attach_ok: autoAttachOk, native_swarm_ok: nativeSwarmOk, clipboard_cli_ok: clipboardCliOk, codex_pane_ok: codexPaneOk, codex_pane_checks: codexPaneChecks, report };
93
+ await writeMadZellijLaunchGate(gate);
94
+ emit(gate);
95
+ async function writeMadZellijLaunchGate(gate) {
96
+ await fs.mkdir(path.join(root, '.sneakoscope', 'reports'), { recursive: true });
97
+ await fs.writeFile(path.join(root, '.sneakoscope', 'reports', 'mad-sks-zellij-launch.json'), `${JSON.stringify(gate, null, 2)}\n`);
98
+ }
99
+ function emit(report) { console.log(JSON.stringify(report, null, 2)); if (!report.ok)
100
+ process.exitCode = 1; }
101
+ function fail(blocker, detail) { emit({ schema: 'sks.mad-sks-zellij-launch-check.v1', ok: false, blockers: [blocker], detail }); process.exit(1); }
102
+ //# sourceMappingURL=mad-sks-zellij-launch-check.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective314Gate } from './sks-3-1-4-directive-check-lib.js';
3
+ await runDirective314Gate('mad:zellij-headless-fallback-blackbox');
4
+ //# sourceMappingURL=mad-zellij-headless-fallback-blackbox.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective314Gate } from './sks-3-1-4-directive-check-lib.js';
3
+ await runDirective314Gate('mad:zellij-no-contradictory-output');
4
+ //# sourceMappingURL=mad-zellij-no-contradictory-output-check.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective314Gate } from './sks-3-1-4-directive-check-lib.js';
3
+ await runDirective314Gate('mad:zellij-self-heal-blackbox');
4
+ //# sourceMappingURL=mad-zellij-self-heal-blackbox.js.map
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env node
2
+ import { runDirective314Gate } from './sks-3-1-4-directive-check-lib.js';
3
+ await runDirective314Gate('mad:zellij-self-heal');
4
+ //# sourceMappingURL=mad-zellij-self-heal-check.js.map
@@ -0,0 +1,24 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs/promises';
3
+ import path from 'node:path';
4
+ import { assertGate, emitGate, makeTempRoot, writeText } from './sks-3-1-8-check-lib.js';
5
+ import { writeManagedEnvConfig, writeManagedJsonConfig, writeManagedTomlConfig } from '../core/config/managed-config-merge.js';
6
+ const root = await makeTempRoot('sks-managed-merge-');
7
+ const envFile = path.join(root, '.env.local');
8
+ await writeText(envFile, 'NEXT_PUBLIC_SUPABASE_ANON_KEY=keep-me\n');
9
+ await writeManagedEnvConfig(envFile, await fs.readFile(envFile, 'utf8'), ['SKS_MANAGED=1', 'NEXT_PUBLIC_SUPABASE_ANON_KEY=replace-me']);
10
+ const envText = await fs.readFile(envFile, 'utf8');
11
+ const tomlFile = path.join(root, '.codex', 'config.toml');
12
+ const toml = await writeManagedTomlConfig(tomlFile, '[mcp.supabase]\n# keep this comment\ntoken = "keep-token"\nunknown = "keep-unknown"\n', ['[mcp.supabase]\nurl = "https://example.supabase.co"']);
13
+ const tomlAgain = await writeManagedTomlConfig(tomlFile, await fs.readFile(tomlFile, 'utf8'), ['[mcp.supabase]\nurl = "https://example.supabase.co"']);
14
+ const jsonFile = path.join(root, '.sneakoscope', 'config.json');
15
+ const json = await writeManagedJsonConfig(jsonFile, { supabase: { anon_key: 'keep-json', service_role_key: 'keep-service' }, mcp: { supabase: { token: 'keep-token-json' } } }, { supabase: { anon_key: 'replace-json', service_role_key: 'replace-service', url: 'x' }, mcp: { supabase: { token: 'replace-token-json', url: 'y' } } });
16
+ const jsonText = await fs.readFile(jsonFile, 'utf8');
17
+ const tomlText = await fs.readFile(tomlFile, 'utf8');
18
+ assertGate(envText.includes('keep-me') && !envText.includes('replace-me'), 'env merge must preserve protected secret line', envText);
19
+ assertGate(tomlText.includes('# keep this comment') && tomlText.includes('unknown = "keep-unknown"') && tomlText.includes('token = "keep-token"'), 'toml merge must preserve comments, unknown keys, and secret-bearing lines', tomlText);
20
+ assertGate(jsonText.includes('keep-json') && jsonText.includes('keep-service') && jsonText.includes('keep-token-json') && !jsonText.includes('replace-json') && !jsonText.includes('replace-service') && !jsonText.includes('replace-token-json'), 'json merge must preserve nested protected secret values', jsonText);
21
+ assertGate(toml.preserved_secret_lines_sha256.length > 0 && tomlAgain.changed === false, 'toml merge must report secret line hashes and be idempotent', { toml, tomlAgain });
22
+ assertGate(toml.ok && json.ok, 'managed config merge results must be ok', { toml, json });
23
+ emitGate('config:managed-merge');
24
+ //# sourceMappingURL=managed-config-merge-check.js.map
@@ -0,0 +1,55 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs';
4
+ import path from 'node:path';
5
+ import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
6
+ const mod = await importDist('core/mcp/mcp-0-134-policy.js');
7
+ const policy = mod.detectMcp0134PolicyFromConfig([
8
+ {
9
+ path: 'fixture.json',
10
+ text: JSON.stringify({
11
+ mcp_servers: {
12
+ docs: {
13
+ transport: 'streamable_http',
14
+ env: { DOCS_TOKEN: 'x' },
15
+ oauth: { client_id: 'fixture' }
16
+ }
17
+ }
18
+ })
19
+ },
20
+ {
21
+ path: 'fixture.toml',
22
+ text: '[mcp_servers.docs_toml]\ntransport = "streamable_http"\n[mcp_servers.docs_toml.env]\nDOCS_TOKEN = "x"\n[mcp_servers.docs_toml.oauth]\nclient_id = "fixture"\n'
23
+ }
24
+ ]);
25
+ const readOnly = mod.classifyMcpToolForConcurrency({ name: 'docs_search', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
26
+ const destructive = mod.classifyMcpToolForConcurrency({ name: 'docs_delete', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
27
+ const camelCaseDestructive = mod.classifyMcpToolForConcurrency({ name: 'writeFile', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
28
+ const namespacedDestructive = mod.classifyMcpToolForConcurrency({ name: 'filesystem.writeFile', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
29
+ const compacted = mod.compactMcpToolSchema({ type: 'object', properties: { item: { $ref: '#/$defs/Item' } }, $defs: { Item: { type: 'string' } }, description: 'x'.repeat(10000) }, 512);
30
+ const compactedDefinitions = mod.compactMcpToolSchema({ type: 'object', properties: { item: { $ref: '#/definitions/Item' } }, definitions: { Item: { type: 'string' } }, description: 'x'.repeat(10000) }, 512);
31
+ const report = {
32
+ schema: 'sks.mcp-0.134-modernization-check.v1',
33
+ ok: true,
34
+ policy,
35
+ readOnly,
36
+ destructive,
37
+ camelCaseDestructive,
38
+ namespacedDestructive,
39
+ compacted,
40
+ compactedDefinitions
41
+ };
42
+ assertGate(policy.per_server_environment_supported === true, 'MCP 0.134 policy must detect per-server env targeting', report);
43
+ assertGate(policy.streamable_http_oauth_supported === true, 'MCP 0.134 policy must detect streamable HTTP OAuth', report);
44
+ assertGate(policy.servers.some((server) => server.name === 'docs_toml' && server.environment_keys.includes('DOCS_TOKEN')), 'MCP 0.134 policy must detect nested TOML per-server env tables', report);
45
+ assertGate(readOnly.concurrency === 'candidate_parallel_readonly', 'readOnlyHint safe tool should be candidate parallel readonly', report);
46
+ assertGate(destructive.concurrency === 'serial_required', 'destructive readOnlyHint tool must remain serial', report);
47
+ assertGate(camelCaseDestructive.concurrency === 'serial_required', 'camelCase destructive readOnlyHint tool must remain serial', report);
48
+ assertGate(namespacedDestructive.concurrency === 'serial_required', 'namespaced destructive readOnlyHint tool must remain serial', report);
49
+ assertGate(compacted.preserved_ref_defs === true, 'schema compaction must preserve $ref/$defs evidence', report);
50
+ assertGate(compactedDefinitions.schema.definitions?.Item?.type === 'string', 'schema compaction must preserve definitions refs without moving them to $defs', report);
51
+ const out = path.join(root, '.sneakoscope', 'reports', 'mcp-0-134-modernization.json');
52
+ fs.mkdirSync(path.dirname(out), { recursive: true });
53
+ fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
54
+ emitGate('mcp:0.134-modernization', { servers: policy.servers.length });
55
+ //# sourceMappingURL=mcp-0-134-modernization-check.js.map
@@ -0,0 +1,12 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
4
+ process.env.SKS_CODEX_0138_FAKE = '1';
5
+ process.env.SKS_CODEX_PLUGIN_JSON_FAKE = '1';
6
+ const pluginMod = await importDist('core/codex-plugins/codex-plugin-json.js');
7
+ const mcpMod = await importDist('core/mcp/mcp-plugin-inventory.js');
8
+ const inventory = await pluginMod.buildCodexPluginInventory();
9
+ const candidates = mcpMod.buildMcpPluginServerCandidates(inventory);
10
+ assertGate(candidates.candidate_only === true && candidates.candidates.every((candidate) => candidate.auto_enable === false && candidate.destructive_tools_auto_enabled === false), 'remote MCP plugin inventory must be candidate-only and non-destructive by default', candidates);
11
+ emitGate('mcp:plugin-inventory', { candidates: candidates.candidates.length });
12
+ //# sourceMappingURL=mcp-plugin-inventory-check.js.map
@@ -0,0 +1,17 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs';
4
+ import path from 'node:path';
5
+ import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
6
+ const mod = await importDist('core/mcp/mcp-0-134-policy.js');
7
+ const readOnly = mod.classifyMcpToolForConcurrency({ name: 'search_docs', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
8
+ const destructive = mod.classifyMcpToolForConcurrency({ name: 'delete_docs', annotations: { readOnlyHint: true }, inputSchema: { type: 'object' } });
9
+ const report = { schema: 'sks.mcp-readonly-concurrency-check.v1', ok: readOnly.concurrency === 'candidate_parallel_readonly' && destructive.concurrency === 'serial_required', readOnly, destructive };
10
+ const out = path.join(root, '.sneakoscope', 'reports', 'mcp-readonly-concurrency.json');
11
+ fs.mkdirSync(path.dirname(out), { recursive: true });
12
+ fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
13
+ assertGate(readOnly.concurrency === 'candidate_parallel_readonly', 'readOnlyHint non-destructive tools may be parallel candidates', report);
14
+ assertGate(destructive.concurrency === 'serial_required', 'destructive tools remain serial even with readOnlyHint', report);
15
+ assertGate(readOnly.advisory_only === true, 'readOnlyHint must remain advisory only', report);
16
+ emitGate('mcp:readonly-concurrency', { read_only: readOnly.concurrency, destructive: destructive.concurrency });
17
+ //# sourceMappingURL=mcp-readonly-concurrency-check.js.map
@@ -0,0 +1,20 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs';
4
+ import path from 'node:path';
5
+ import { assertGate, emitGate, importDist, root } from './sks-1-18-gate-lib.js';
6
+ const mod = await importDist('core/mcp/mcp-0-134-policy.js');
7
+ const proof = await mod.proveMcpReadOnlyRuntimeScheduler();
8
+ const report = { schema: 'sks.mcp-readonly-runtime-scheduler-check.v1', ok: proof.ok, proof };
9
+ const out = path.join(root, '.sneakoscope', 'reports', 'mcp-readonly-runtime-scheduler.json');
10
+ fs.mkdirSync(path.dirname(out), { recursive: true });
11
+ fs.writeFileSync(out, `${JSON.stringify(report, null, 2)}\n`);
12
+ assertGate(proof.read_only_parallel === true, 'readOnlyHint fixtures must overlap at runtime', report);
13
+ assertGate(proof.write_serial === true, 'write-capable MCP fixtures must be serialized', report);
14
+ assertGate(proof.destructive_false_positive_blocked === true, 'destructive readOnlyHint false positive must be blocked', report);
15
+ assertGate(proof.tools.every((row) => Number.isFinite(row.started_at_ms) && Number.isFinite(row.ended_at_ms)), 'MCP scheduler proof must include timestamps', report);
16
+ assertGate(proof.ok === true, 'MCP runtime scheduler proof must be blocker-free', report);
17
+ assertGate(proof.overlap_evidence.length >= 1, 'MCP scheduler proof must include actual overlap evidence rows', report);
18
+ assertGate(proof.tools.filter((row) => row.scheduled_mode === 'parallel_readonly_batch').length >= 3, 'MCP scheduler proof must use at least three read-only tools', report);
19
+ emitGate('mcp:readonly-runtime-scheduler', { overlaps: proof.overlap_evidence.length });
20
+ //# sourceMappingURL=mcp-readonly-runtime-scheduler-check.js.map
@@ -0,0 +1,16 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import path from 'node:path';
4
+ import { pathToFileURL } from 'node:url';
5
+ import { ensureDistFresh, root } from './lib/ensure-dist-fresh.js';
6
+ const freshness = ensureDistFresh({ rebuild: true });
7
+ if (!freshness.ok)
8
+ fail('dist_not_fresh', { freshness });
9
+ const mod = await import(pathToFileURL(path.join(root, 'dist', 'core', 'mcp', 'mcp-tool-name-normalizer.js')).href);
10
+ const report = mod.normalizeMcpToolInventory([{ server: 'github', name: 'search issues' }, { server: 'github', name: 'search_issues' }]);
11
+ const ok = report.ok && report.collision_count === 1 && report.normalized.every((row) => row.normalized_name.includes('github'));
12
+ emit({ schema: 'sks.mcp-tool-naming-parity-check.v1', ok, report });
13
+ function emit(report) { console.log(JSON.stringify(report, null, 2)); if (!report.ok)
14
+ process.exitCode = 1; }
15
+ function fail(blocker, detail) { emit({ schema: 'sks.mcp-tool-naming-parity-check.v1', ok: false, blockers: [blocker], detail }); process.exit(1); }
16
+ //# sourceMappingURL=mcp-tool-naming-parity-check.js.map
@@ -0,0 +1,22 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import assert from 'node:assert/strict';
4
+ import fs from 'node:fs/promises';
5
+ import { spawnSync } from 'node:child_process';
6
+ import path from 'node:path';
7
+ const root = process.cwd();
8
+ const wiki = spawnSync(process.execPath, [path.join(root, 'dist/bin/sks.js'), 'wiki', 'rebuild-summary', '--json'], {
9
+ cwd: root,
10
+ encoding: 'utf8',
11
+ env: { ...process.env, SKS_SKIP_NPM_FRESHNESS_CHECK: '1', CI: 'true' },
12
+ timeout: 60_000
13
+ });
14
+ assert.equal(wiki.status, 0, wiki.stderr || wiki.stdout);
15
+ const summary = JSON.parse(wiki.stdout);
16
+ assert.equal(summary.schema, 'sks.memory-summary.v2');
17
+ assert.equal(summary.summaries.triwiki.schema_version, 2);
18
+ assert.equal(summary.summaries.wrongness.schema_version, 2);
19
+ await fs.rm(path.join(root, '.sneakoscope/wiki/memory-summary.json'), { force: true });
20
+ await fs.rm(path.join(root, '.sneakoscope/wiki/memory-summary.md'), { force: true });
21
+ console.log(JSON.stringify({ schema: 'sks.memory-summary-rebuild-check.v1', ok: true, summary: summary.summaries }, null, 2));
22
+ //# sourceMappingURL=memory-summary-rebuild-check.js.map
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs/promises';
4
+ import os from 'node:os';
5
+ import path from 'node:path';
6
+ import { withModelCallSlot } from '../core/codex-control/model-call-concurrency.js';
7
+ import { writeParallelRuntimeProof } from '../core/agents/parallel-runtime-proof.js';
8
+ import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
9
+ const missionId = 'M-model-call-concurrency';
10
+ const ledgerRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'sks-model-call-'));
11
+ await Promise.all(Array.from({ length: 8 }, (_, i) => withModelCallSlot({ root: ledgerRoot, missionId, provider: 'codex-sdk', budget: 3, slotId: `slot-${i}`, generationIndex: 1, sessionId: `s-${i}`, backend: 'codex-sdk' }, () => new Promise((resolve) => setTimeout(resolve, 80)))));
12
+ const proof = await writeParallelRuntimeProof(ledgerRoot, missionId, { requestedWorkers: 1, targetActiveSlots: 1, minActiveWorkers: 0, minSpeedupRatio: 0 });
13
+ assertGate(proof.max_observed_model_calls <= 3 && proof.unique_model_call_ids === 8, 'model-call semaphore did not enforce/record concurrency', proof);
14
+ emitGate('model-call:concurrency', proof);
15
+ //# sourceMappingURL=model-call-concurrency-check.js.map
@@ -0,0 +1,180 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ // Repo-wide risky mutation callsite gate. Every raw mutation must be either a
4
+ // guarded call or an external allowlist entry with a concrete function/symbol and
5
+ // reason. The allowlist is intentionally data, not code, so unused/stale entries
6
+ // fail the release gate.
7
+ import fs from 'node:fs';
8
+ import path from 'node:path';
9
+ import { assertGate, emitGate, root } from './sks-1-18-gate-lib.js';
10
+ const allowlistPath = path.join(root, 'safety-mutation-allowlist.json');
11
+ const allowlist = readAllowlist();
12
+ const allowlistHits = new Set();
13
+ const scanFiles = listScanFiles();
14
+ const covered = [];
15
+ const allowlisted = [];
16
+ const uncovered = [];
17
+ const GUARD_CALL = /\bguarded(WriteFile|Rm|Rename|Chmod|Xattr|Chflags|GlobalCodexConfigWrite|ProcessKill|PackageInstall|SkillSnapshotPromotion|Apply)\(/;
18
+ const RISKY = [
19
+ { kind: 'write_file', token: 'fs.writeFile', re: /\bfs\.writeFile\(/ },
20
+ { kind: 'write_file', token: 'fs.promises.writeFile', re: /\bfs\.promises\.writeFile\(/ },
21
+ { kind: 'write_file', token: 'fsp.writeFile', re: /\bfsp\.writeFile\(/ },
22
+ { kind: 'write_file', token: 'writeFileSync', re: /\b(?:fs\.)?writeFileSync\(/ },
23
+ { kind: 'rm', token: 'fs.rm', re: /\bfs\.rm\(/ },
24
+ { kind: 'rm', token: 'fsp.rm', re: /\bfsp\.rm\(/ },
25
+ { kind: 'rm', token: 'rmSync', re: /\b(?:fs\.)?rmSync\(/ },
26
+ { kind: 'unlink', token: 'unlink', re: /\b(?:fs\.|fsp\.)?unlink\(/ },
27
+ { kind: 'unlink', token: 'unlinkSync', re: /\b(?:fs\.)?unlinkSync\(/ },
28
+ { kind: 'rename', token: 'rename', re: /\b(?:fs\.|fsp\.)?rename\(/ },
29
+ { kind: 'rename', token: 'renameSync', re: /\b(?:fs\.)?renameSync\(/ },
30
+ { kind: 'chmod', token: 'chmod', re: /\b(?:fs\.|fsp\.)?chmod\(/ },
31
+ { kind: 'chmod', token: 'chmodSync', re: /\b(?:fs\.)?chmodSync\(/ },
32
+ { kind: 'process_kill', token: 'process.kill', re: /\bprocess\.kill\(/ },
33
+ { kind: 'package_install', token: 'runProcess(npm/brew)', re: /runProcess\(\s*(?:npmBin|['"](?:npm|brew)['"])/ },
34
+ { kind: 'package_install', token: 'spawn(npm install)', re: /\bspawn(?:Sync)?\(\s*['"]npm['"][\s\S]{0,80}(?:install|i)\b/ },
35
+ { kind: 'xattr', token: 'xattr', re: /runProcess\(\s*['"]xattr['"]/ },
36
+ { kind: 'chflags', token: 'chflags', re: /runProcess\(\s*['"]chflags['"]/ },
37
+ { kind: 'codex_home_write', token: 'codex config write', re: /(?:~\/\.codex|CODEX_HOME|auth\.json|config\.toml)/ }
38
+ ];
39
+ for (const rel of scanFiles) {
40
+ const text = fs.readFileSync(path.join(root, rel), 'utf8');
41
+ const lines = text.split('\n');
42
+ let currentSymbol = 'module';
43
+ for (let i = 0; i < lines.length; i += 1) {
44
+ const line = lines[i];
45
+ currentSymbol = symbolFromLine(line) || currentSymbol;
46
+ if (isIgnoredLine(line))
47
+ continue;
48
+ if (GUARD_CALL.test(line)) {
49
+ covered.push({ file: rel, line: i + 1, symbol: currentSymbol, kind: 'guarded_call', snippet: snippet(line) });
50
+ }
51
+ for (const risky of RISKY) {
52
+ if (!risky.re.test(line))
53
+ continue;
54
+ if (risky.kind === 'package_install' && !packageMutationOnLine(line))
55
+ continue;
56
+ if (risky.kind === 'codex_home_write' && !codexHomeMutationOnLine(line))
57
+ continue;
58
+ if (risky.kind === 'process_kill' && processKillIsLivenessProbe(line))
59
+ continue;
60
+ const entry = { file: rel, line: i + 1, symbol: currentSymbol, kind: risky.kind, token: risky.token, snippet: snippet(line) };
61
+ const allow = findAllow(entry);
62
+ if (allow) {
63
+ allowlistHits.add(allow.id);
64
+ allowlisted.push({ ...entry, reason: allow.reason });
65
+ }
66
+ else {
67
+ uncovered.push(entry);
68
+ }
69
+ }
70
+ }
71
+ }
72
+ const unused_allowlist = allowlist.filter((entry) => !allowlistHits.has(entry.id)).map(({ id, file, symbol, token, reason }) => ({ id, file, symbol, token, reason }));
73
+ const blanket_allowlist = allowlist.filter((entry) => !entry.symbol || entry.symbol === '*' || !entry.token || entry.token === '*');
74
+ const ok = uncovered.length === 0 && unused_allowlist.length === 0 && blanket_allowlist.length === 0;
75
+ const report = {
76
+ schema: 'sks.mutation-callsite-coverage.v2',
77
+ ok,
78
+ repo_wide: true,
79
+ allowlist_path: 'safety-mutation-allowlist.json',
80
+ scanned_file_count: scanFiles.length,
81
+ covered,
82
+ allowlisted,
83
+ uncovered,
84
+ unused_allowlist,
85
+ blanket_allowlist
86
+ };
87
+ const reportDir = path.join(root, '.sneakoscope', 'reports');
88
+ fs.mkdirSync(reportDir, { recursive: true });
89
+ fs.writeFileSync(path.join(reportDir, 'mutation-callsite-coverage.json'), `${JSON.stringify(report, null, 2)}\n`);
90
+ assertGate(ok, 'repo-wide risky mutation call sites must be guarded or allowlisted-with-reason', {
91
+ scanned_file_count: scanFiles.length,
92
+ uncovered,
93
+ unused_allowlist,
94
+ blanket_allowlist
95
+ });
96
+ emitGate('safety:mutation-callsite-coverage', {
97
+ scanned_file_count: scanFiles.length,
98
+ covered: covered.length,
99
+ allowlisted: allowlisted.length,
100
+ uncovered: uncovered.length
101
+ });
102
+ function readAllowlist() {
103
+ const raw = JSON.parse(fs.readFileSync(allowlistPath, 'utf8'));
104
+ assertGate(raw.schema === 'sks.safety-mutation-allowlist.v1', 'mutation allowlist schema mismatch', raw);
105
+ assertGate(Array.isArray(raw.entries), 'mutation allowlist entries must be an array', raw);
106
+ return raw.entries.map((entry, index) => {
107
+ for (const key of ['file', 'symbol', 'token', 'reason']) {
108
+ assertGate(typeof entry[key] === 'string' && entry[key].trim().length > 0, `allowlist entry missing ${key}`, { index, entry });
109
+ }
110
+ assertGate(entry.reason.length >= 12, 'allowlist reason must be concrete', { index, entry });
111
+ return { ...entry, id: `${entry.file}:${entry.symbol}:${entry.token}:${index}` };
112
+ });
113
+ }
114
+ function listScanFiles() {
115
+ const files = [];
116
+ walk(path.join(root, 'src'), (file) => {
117
+ const relative = rel(file);
118
+ if (relative.startsWith('src/scripts/'))
119
+ return;
120
+ if (file.endsWith('.ts'))
121
+ files.push(relative);
122
+ });
123
+ walk(path.join(root, 'src', 'scripts'), (file) => {
124
+ if (!file.endsWith('.ts'))
125
+ return;
126
+ const base = path.basename(file);
127
+ if (/(install|publish|release|doctor|codex|zellij|migration)/i.test(base))
128
+ files.push(rel(file));
129
+ });
130
+ return files.sort();
131
+ }
132
+ function walk(dir, visit) {
133
+ let entries = [];
134
+ try {
135
+ entries = fs.readdirSync(dir, { withFileTypes: true });
136
+ }
137
+ catch {
138
+ return;
139
+ }
140
+ for (const entry of entries) {
141
+ const file = path.join(dir, entry.name);
142
+ if (entry.isDirectory()) {
143
+ if (!['node_modules', 'dist', 'target'].includes(entry.name))
144
+ walk(file, visit);
145
+ }
146
+ else if (entry.isFile()) {
147
+ visit(file);
148
+ }
149
+ }
150
+ }
151
+ function findAllow(entry) {
152
+ return allowlist.find((allow) => entry.file === allow.file && entry.symbol === allow.symbol && entry.token === allow.token);
153
+ }
154
+ function symbolFromLine(line) {
155
+ const match = line.match(/(?:export\s+)?(?:async\s+)?function\s+([A-Za-z0-9_$]+)/)
156
+ || line.match(/(?:const|let|var)\s+([A-Za-z0-9_$]+)\s*=\s*(?:async\s*)?\(/)
157
+ || line.match(/class\s+([A-Za-z0-9_$]+)/);
158
+ return match?.[1] || null;
159
+ }
160
+ function isIgnoredLine(line) {
161
+ const trimmed = line.trim();
162
+ return !trimmed || trimmed.startsWith('//') || trimmed.startsWith('*') || trimmed.startsWith('/*');
163
+ }
164
+ function packageMutationOnLine(line) {
165
+ return /\b(?:install|i|add|uninstall|remove|publish)\b/.test(line);
166
+ }
167
+ function processKillIsLivenessProbe(line) {
168
+ return /\bprocess\.kill\([^,\n]+,\s*0\s*\)/.test(line);
169
+ }
170
+ function codexHomeMutationOnLine(line) {
171
+ return /\b(?:writeTextAtomic|writeJsonAtomic|writeFileSync|fs\.writeFile|fs\.promises\.writeFile|fsp\.writeFile|fs\.rm|fsp\.rm|fs\.rename|fsp\.rename|fs\.chmod|fsp\.chmod|copyFile|open)\b/.test(line)
172
+ && /(?:~\/\.codex|CODEX_HOME|codexHome|codexLbHome|auth\.json|config\.toml)/.test(line);
173
+ }
174
+ function snippet(line) {
175
+ return line.trim().slice(0, 160);
176
+ }
177
+ function rel(file) {
178
+ return path.relative(root, file).split(path.sep).join('/');
179
+ }
180
+ //# sourceMappingURL=mutation-callsite-coverage-check.js.map
@@ -0,0 +1,39 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import { assertGate, emitGate, importDist } from './sks-1-18-gate-lib.js';
4
+ const workGraph = await importDist('core/naruto/naruto-work-graph.js');
5
+ const governorMod = await importDist('core/naruto/naruto-concurrency-governor.js');
6
+ const activePool = await importDist('core/naruto/naruto-active-pool.js');
7
+ const graph = workGraph.buildNarutoWorkGraph({ requestedClones: 20, totalWorkItems: 20, writeCapable: true, maxActiveWorkers: 5 });
8
+ const governor = governorMod.decideNarutoConcurrency({
9
+ requestedClones: 20,
10
+ totalWorkItems: 20,
11
+ pendingWorkQueueSize: 20,
12
+ backend: 'fake',
13
+ hardware: { remoteApiRateLimitBudget: 5, fileDescriptorLimit: 4096, freeMemoryBytes: 8 * 1024 * 1024 * 1024, totalMemoryBytes: 16 * 1024 * 1024 * 1024 }
14
+ });
15
+ const report = activePool.simulateNarutoActivePool({ graph, governor: { ...governor, safe_active_workers: 5 } });
16
+ assertGate(report.ok === true, 'active pool must drain cleanly', report);
17
+ assertGate(report.max_observed_active_workers <= 5, 'active pool must never exceed safe cap', report);
18
+ assertGate(report.max_observed_write_lease_conflicts === 0, 'active pool must never run overlapping write leases concurrently', report);
19
+ assertGate(report.completed_count >= graph.total_work_items, 'active pool must complete all base work items', report);
20
+ assertGate(report.refill_events >= 5, 'active pool must refill slots as work drains', report);
21
+ assertGate(report.duplicate_execution_count === 0, 'active pool must not duplicate work without retry', report);
22
+ const sameLeaseGraph = workGraph.buildNarutoWorkGraph({
23
+ requestedClones: 10,
24
+ totalWorkItems: 10,
25
+ writeCapable: true,
26
+ targetPaths: ['src/shared-fixture.ts'],
27
+ maxActiveWorkers: 5
28
+ });
29
+ const sameLeaseReport = activePool.simulateNarutoActivePool({ graph: sameLeaseGraph, governor: { ...governor, safe_active_workers: 5 } });
30
+ assertGate(sameLeaseReport.ok === true, 'same-file work graph must drain without overlapping write leases', sameLeaseReport);
31
+ assertGate(sameLeaseReport.max_observed_write_lease_conflicts === 0, 'same-file write items must be serialized or interleaved with read-only work only', sameLeaseReport);
32
+ emitGate('naruto:active-pool', {
33
+ safe_active_workers: report.safe_active_workers,
34
+ completed_count: report.completed_count,
35
+ refill_events: report.refill_events,
36
+ max_observed_active_workers: report.max_observed_active_workers,
37
+ same_lease_max_write_conflicts: sameLeaseReport.max_observed_write_lease_conflicts
38
+ });
39
+ //# sourceMappingURL=naruto-active-pool-check.js.map
@@ -0,0 +1,56 @@
1
+ #!/usr/bin/env node
2
+ // @ts-nocheck
3
+ import fs from 'node:fs';
4
+ import os from 'node:os';
5
+ import path from 'node:path';
6
+ import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
7
+ import { buildNarutoWorkGraph } from '../core/naruto/naruto-work-graph.js';
8
+ import { collectActualNarutoWorker, spawnActualNarutoWorker } from '../core/naruto/naruto-real-worker-runtime.js';
9
+ import { narutoCommand } from '../core/commands/naruto-command.js';
10
+ process.env.SKS_CODEX_SDK_FAKE = '1';
11
+ const root = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-naruto-actual-worker-'));
12
+ const graph = buildNarutoWorkGraph({ requestedClones: 1, totalWorkItems: 1, readonly: true, writeCapable: false });
13
+ const item = graph.work_items[0];
14
+ const handle = await spawnActualNarutoWorker({
15
+ root,
16
+ missionId: `M-naruto-actual-worker-${process.pid}`,
17
+ item,
18
+ placement: { placement: 'headless', visible_index: null, reason: 'check' },
19
+ backend: 'fake',
20
+ visiblePaneCap: 0
21
+ });
22
+ const collected = await collectActualNarutoWorker(handle);
23
+ const result = JSON.parse(fs.readFileSync(path.join(handle.worker_artifact_dir, 'worker-result.json'), 'utf8'));
24
+ const fullRoute = await narutoCommand([
25
+ 'run',
26
+ 'Naruto actual worker full command control plane check',
27
+ '--json',
28
+ '--backend',
29
+ 'fake',
30
+ '--backend-explicit',
31
+ '--clones',
32
+ '2',
33
+ '--work-items',
34
+ '2',
35
+ '--readonly',
36
+ '--no-open-zellij',
37
+ '--smoke'
38
+ ]);
39
+ const missionRoot = path.join(process.cwd(), '.sneakoscope', 'missions', fullRoute.mission_id || '', 'agents', 'naruto-real-workers');
40
+ const fullWorkerResults = fs.existsSync(missionRoot)
41
+ ? fs.readdirSync(missionRoot).map((name) => {
42
+ const file = path.join(missionRoot, name, 'worker-result.json');
43
+ return fs.existsSync(file) ? JSON.parse(fs.readFileSync(file, 'utf8')) : null;
44
+ }).filter(Boolean)
45
+ : [];
46
+ const ok = collected.ok === true
47
+ && result.ok === true
48
+ && result.control_plane_result?.worker_result_path
49
+ && result.control_plane_result?.structured_output_valid === true
50
+ && fullRoute.active_pool?.real_runtime?.runtime_source_of_truth === 'pre_run_smoke_only'
51
+ && fullRoute.runtime_source_of_truth === 'agent-orchestrator-scheduler'
52
+ && fullWorkerResults.length >= 1
53
+ && fullWorkerResults.every((row) => row.control_plane_result?.structured_output_valid === true);
54
+ assertGate(ok, 'Naruto actual worker must call Codex Control Plane directly and through the explicit full-route smoke path', { collected, result, fullRoute, fullWorkerResults });
55
+ emitGate('naruto:actual-worker-control-plane', { collected, result, full_route_mission_id: fullRoute.mission_id, full_worker_result_count: fullWorkerResults.length });
56
+ //# sourceMappingURL=naruto-actual-worker-control-plane-check.js.map
@@ -0,0 +1,33 @@
1
+ #!/usr/bin/env node
2
+ import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
3
+ import { allocateNarutoTasksToWorkers, chooseNarutoTaskOwner } from '../core/naruto/naruto-allocation-policy.js';
4
+ const base = {
5
+ kind: 'implementation',
6
+ title: 'impl',
7
+ target_paths: ['src/core/naruto/runtime.ts'],
8
+ readonly_paths: [],
9
+ write_paths: ['src/core/naruto/runtime.ts'],
10
+ required_role: 'implementer',
11
+ write_allowed: true,
12
+ verification_required: true,
13
+ dependencies: [],
14
+ can_run_in_parallel_with: [],
15
+ conflicts_with: [],
16
+ estimated_cost: { tokens: 1, latency_ms: 1, cpu_weight: 1, memory_mb: 1, gpu_weight: 0 },
17
+ lease_requirements: [{ path: 'src/core/naruto/runtime.ts', kind: 'write' }],
18
+ acceptance: { requires_patch_envelope: true, requires_verification: true, requires_gpt_final: true }
19
+ };
20
+ const workers = [
21
+ { id: 'w1', role: 'implementer', lane: 'src/core' },
22
+ { id: 'w2', role: 'verifier', lane: 'src/scripts' }
23
+ ];
24
+ const decision = chooseNarutoTaskOwner({ ...base, id: 'T1' }, workers);
25
+ const blocked = chooseNarutoTaskOwner({ ...base, id: 'T2', dependencies: ['T0'] }, workers);
26
+ const assignments = allocateNarutoTasksToWorkers([{ ...base, id: 'T1' }, { ...base, id: 'T2', required_role: 'verifier' }], workers);
27
+ const ok = decision.owner === 'w1'
28
+ && decision.score >= 24
29
+ && blocked.score === Number.NEGATIVE_INFINITY
30
+ && assignments.length === 2;
31
+ assertGate(ok, 'Naruto allocation policy must score role/lane overlap and block incomplete dependencies with -Infinity', { decision, blocked, assignments });
32
+ emitGate('naruto:allocation-policy', { decision, blocked, assignments });
33
+ //# sourceMappingURL=naruto-allocation-policy-check.js.map