npm - soloforge - Versions diffs - 1.3.0 → 1.3.2 - Mend

soloforge 1.3.0 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (165) hide show

package/dist/adapters/claude_code/tools.js CHANGED Viewed

@@ -78,6 +78,11 @@ const lazyTechnologyDecision = createLazy(() => import("../../engine/technology_
 const lazyDetailDiscipline = createLazy(() => import("../../engine/detail_discipline.js"));
 const lazyFirstPrinciples = createLazy(() => import("../../engine/first_principles.js"));
 const lazyBrainstormContract = createLazy(() => import("../../engine/brainstorm_contract.js"));
+const lazyArchitectureWorkshop = createLazy(() => import("../../engine/architecture_decision_workshop.js"));
+const lazyDesignArtifactPack = createLazy(() => import("../../engine/design_artifact_pack.js"));
+const lazyStandardAssetContract = createLazy(() => import("../../engine/standard_asset_contract.js"));
+const lazyTemplateVisibility = createLazy(() => import("../../engine/template_asset_visibility.js"));
+const lazyDecisionWorkshop = createLazy(() => import("../../engine/decision_workshop.js"));
 // ── Zod Schema 定义 ──
 const ClassifySchema = {
     intent: z.string().describe("开发者意图描述"),
@@ -87,6 +92,9 @@ const ExpandSchema = {
     task_id: z.string().describe("sf_classify 返回的任务 ID"),
     clarification_answers: z.array(z.string()).optional().describe("对澄清问题的回答"),
     input_material_confirmations: z.array(z.string()).optional().describe("已确认安全的输入材料路径列表"),
+    architecture_decision_workshop: z.unknown().optional().describe("架构设计前已讨论并确认的六域决策记录"),
+    decision_workshop: z.unknown().optional().describe("通用决策研讨合同（技术选型/数据迁移/安全策略/部署/重构/第三方集成等）"),
+    design_artifact_pack: z.unknown().optional().describe("设计产物包路径映射或已复验状态"),
 };
 const VerifySchema = {
     task_id: z.string().describe("任务 ID"),
@@ -135,6 +143,24 @@ const RecordVerificationExecutionSchema = {
         evidence_id: z.string().describe("执行证据 ID"),
     })).describe("真实执行记录列表"),
 };
+const AcceptSchema = {
+    task_id: z.string().describe("任务 ID"),
+    confirm: z.boolean().describe("用户显式确认验收结果，必须为 true"),
+    confirmed_by: z.string().describe("执行确认的用户或审批者标识"),
+    confirmation_ref: z.string().describe("可审计的用户确认引用"),
+    acceptance_notes: z.string().describe("验收备注或不适用理由"),
+    run_mode: z.enum(["manual_review", "not_applicable"]).describe("验收模式"),
+    final_access: z.object({
+        frontend_urls: z.array(z.string()),
+        backend_urls: z.array(z.string()),
+        docs_or_swagger_urls: z.array(z.string()),
+        start_commands: z.array(z.string()),
+        stop_commands: z.array(z.string()),
+        running_status: z.string(),
+        manual_review_steps_zh: z.array(z.string()),
+        known_limits_zh: z.array(z.string()),
+    }).optional().describe("manual_review 模式下的真实本地访问证据"),
+};
 const DeliverSchema = {
     task_id: z.string().describe("任务 ID"),
     changed_files: z.array(z.string()).optional().describe("变更文件列表（不传则使用任务记录中的文件）"),
@@ -218,7 +244,7 @@ export function checkWriteToolPlanGate(params) {
 }
 /**
  * 施工指令契约门 — 写操作前检查施工指令完整性。
- * 问题五十八: 通过引擎模块函数真实消费。
+ * 通过引擎模块函数真实消费。
  * 调用链 1: registerInstructionIssueCandidate（无契约时创建候选 draft）
  * 调用链 2: enforceInstructionBeforeImplementation → checkInstructionCompleteness → validateInstructionContract
  */
@@ -245,7 +271,7 @@ export async function checkInstructionContractGate(params) {
     if (!instruction)
         return { allowed: true };
     // 消费 enforceInstructionBeforeImplementation（链式消费 checkInstructionCompleteness + validateInstructionContract）
-    const result = instrModule.enforceInstructionBeforeImplementation(instruction, params.toolName);
+    const result = await instrModule.enforceInstructionBeforeImplementation(instruction, params.toolName);
     // Draft 状态不阻断 — 仅在 confirmed/executing/blocked 状态时强制
     if (instruction.status === "draft") {
         return { allowed: true, findings: result.allowed ? [] : [result.reason_zh] };
@@ -260,9 +286,25 @@ export async function checkInstructionContractGate(params) {
     }
     return { allowed: true };
 }
+/**
+ * 设计产物编码门 — 依赖设计包的任务，在真实复验完成前不得写入业务实现。
+ * 仅阻断文件/配置/外部交付写入；任务状态、设计文档复验和讨论本身仍可推进。
+ */
+export function checkDesignArtifactWriteGate(params) {
+    const implementationWrite = params.sideEffects.some((effect) => ["file_write", "config_write", "external_write", "git_commit", "git_push", "pr_create"].includes(effect));
+    if (!implementationWrite || !params.ctx?.design_artifact_pack)
+        return { allowed: true };
+    if (params.ctx.design_artifact_pack.status === "implementation_ready")
+        return { allowed: true };
+    return {
+        allowed: false,
+        diagnostic_code: "SF-DESIGN-PACK-NOT-READY",
+        reason: `工具 ${params.toolName} 依赖的设计产物包状态为 ${params.ctx.design_artifact_pack.status}，未完成真实复验，不得写入实现或交付`,
+    };
+}
 /**
  * 架构设计门 — 架构设计类任务膨胀前执行 reviewArchitectureDesign。
- * 问题四十九: Architecture Design Contract enforcement。
+ * Architecture Design Contract enforcement。
  */
 export async function checkArchitectureDesignGate(params) {
     const route = params.route;
@@ -287,9 +329,33 @@ export async function checkArchitectureDesignGate(params) {
     }
     return { allowed: true };
 }
+/**
+ * 架构决策研讨门 — 正式架构设计前六域决策必须闭合。
+ * 与是否存在施工指令契约无关，架构设计路由必经此门。
+ */
+export async function checkArchitectureDecisionWorkshopGate(params) {
+    const workshopModule = await lazyArchitectureWorkshop();
+    if (!workshopModule.requiresArchitectureDecisionWorkshop(params.workflowIntent, params.ctx.intent)) {
+        return { allowed: true };
+    }
+    const existing = params.ctx.architecture_decision_workshop;
+    const contract = existing ?? workshopModule.createArchitectureDecisionWorkshop(params.ctx.task_id, params.projectContext ?? "new_system");
+    if (params.projectContext === "existing_system" && contract.project_context !== "existing_system") {
+        contract.project_context = "existing_system";
+    }
+    const evaluatedContract = workshopModule.applyArchitectureWorkshopGate(contract) ?? contract;
+    const gate = workshopModule.evaluateArchitectureDecisionWorkshop(evaluatedContract);
+    params.ctx.architecture_decision_workshop = evaluatedContract;
+    return {
+        allowed: gate.allowed,
+        findings: gate.blocking_findings,
+        next_domain: gate.next_domain,
+        contract: evaluatedContract,
+    };
+}
 /**
  * 现有系统分析门 — 现有项目编码前必须先做分析。
- * 问题五十: Existing System Analysis Contract enforcement。
+ * Existing System Analysis Contract enforcement。
  */
 export async function checkExistingSystemAnalysisGate(params) {
     const archModule = await lazyExistingSystemAnalysis();
@@ -306,7 +372,7 @@ export async function checkExistingSystemAnalysisGate(params) {
 }
 /**
  * 编码就绪门 — 编码前必须有测试计划 + 验收标准。
- * 问题五十一: Coding Readiness / Test-First enforcement。
+ * Coding Readiness / Test-First enforcement。
  */
 export async function checkCodingReadinessGate(params) {
     if (!params.ctx)
@@ -331,7 +397,7 @@ export async function checkCodingReadinessGate(params) {
 }
 /**
  * 本地验收门 — 前端/全栈交付前必须有本地访问证据。
- * 问题五十二: Local Docker / Browser Acceptance enforcement。
+ * Local Docker / Browser Acceptance enforcement。
  */
 export async function checkLocalAcceptanceGate(params) {
     const acceptanceModule = await lazyLocalAcceptance();
@@ -353,6 +419,21 @@ export async function checkLocalAcceptanceGate(params) {
             required_but_missing: ["local_acceptance_evidence", "final_access_url"],
         };
     }
+    if (evidence.run_mode === "not_applicable") {
+        return {
+            allowed: false,
+            reason_zh: "该项目需要本地验收，不得以 not_applicable 代替真实访问证据",
+            required_but_missing: ["manual_review", "final_access_url"],
+        };
+    }
+    const finalAccessResult = acceptanceModule.validateFinalAccess(evidence.final_access, requirement.run_mode);
+    if (!finalAccessResult.passed) {
+        return {
+            allowed: false,
+            reason_zh: `本地验收证据不完整: ${finalAccessResult.blocking_reasons.join("; ")}`,
+            required_but_missing: ["validated_final_access"],
+        };
+    }
     return { allowed: true };
 }
 // ── S4 触发判定函数 ──
@@ -441,7 +522,7 @@ export function requiresBrainstorm(ctx, route) {
 }
 /**
  * 技术选型决策门 — 高影响技术决策需用户确认。
- * 问题十六: Decision Sovereignty enforcement。
+ * Decision Sovereignty enforcement。
  * 不依赖 hasInstructionContract — 触发由 requiresDecisionSovereignty 判定。
  */
 export async function checkDecisionSovereigntyGate(params) {
@@ -481,7 +562,7 @@ export async function checkDecisionSovereigntyGate(params) {
 }
 /**
  * 细节纪律门 — 复杂任务缺关键细节维度时阻断。
- * 问题二十六: Detail Discipline enforcement。
+ * Detail Discipline enforcement。
  * 不依赖 hasInstructionContract — 触发由 requiresDetailDiscipline 判定。
  */
 export async function checkDetailDisciplineGate(params) {
@@ -506,7 +587,7 @@ export async function checkDetailDisciplineGate(params) {
 }
 /**
  * 第一性原理门 — 高影响任务需目标/约束/本质问题/权衡。
- * 问题二十七: First Principles enforcement。
+ * First Principles enforcement。
  * 不依赖 hasInstructionContract — 触发由 requiresFirstPrinciples 判定。
  */
 export async function checkFirstPrinciplesGate(params) {
@@ -529,7 +610,7 @@ export async function checkFirstPrinciplesGate(params) {
 }
 /**
  * 脑暴/方案探索门 — 不确定项需多方案+推荐理由+用户确认。
- * 问题四十一-brainstorm: Brainstorm Contract enforcement。
+ * Brainstorm Contract enforcement。
  * 不依赖 hasInstructionContract — 触发由 requiresBrainstorm 判定。
  */
 export async function checkBrainstormGate(params) {
@@ -740,12 +821,14 @@ export async function registerTools(server, deps) {
     }
     /** State precheck: validate task status before contract guard */
     const STATE_PRECHECKS = {
+        sf_accept: ["executing", "verifying", "retrying"],
         sf_verify: ["executing", "retrying"],
         sf_record_verification_execution: ["verifying", "executing"],
         sf_learn: ["verifying", "executing"],
         sf_expand: ["classifying", "expanding", "clarifying"],
     };
     const STATE_ERROR_LABELS = {
+        sf_accept: "不可验收",
         sf_verify: "不可验证",
         sf_record_verification_execution: "不可录入验证结果",
         sf_learn: "不可学习",
@@ -956,6 +1039,35 @@ export async function registerTools(server, deps) {
                     };
                 }
             }
+            // 问题六十二: MCP 写入路径同样必须消费设计产物包状态，不能绕开 CLI hook。
+            if (hasWriteEffect && taskId) {
+                const designWriteGate = checkDesignArtifactWriteGate({ ctx, toolName: name, sideEffects: effectiveSideEffects });
+                if (!designWriteGate.allowed) {
+                    const designViolation = {
+                        invocation_id: invocationId, tool_name: name,
+                        violation_type: "guard_blocked", severity: "hard_fail",
+                        reason: designWriteGate.reason ?? "设计产物包未达到实现就绪状态",
+                        recovery: "仅可继续补充设计资产并执行 sf_verify 真实复验；通过前不得写入业务实现",
+                    };
+                    const designTrace = createToolTrace({
+                        tool_name: name, invocation_id: invocationId, task_id: taskId,
+                        actual_side_effects: effectiveSideEffects,
+                        next_allowed_tools: contract.default_next_tools,
+                        forbidden_tools: contract.forbidden_next_tools,
+                        authorization, bypass,
+                    });
+                    await taskContext.setToolTrace(taskId, designTrace, [designViolation]);
+                    return {
+                        content: [{ type: "text", text: JSON.stringify({
+                                    error: designViolation.reason,
+                                    violation: designViolation,
+                                    diagnostic_code: designWriteGate.diagnostic_code,
+                                    recovery: designViolation.recovery,
+                                }) }],
+                        isError: true,
+                    };
+                }
+            }
             // 合同验证
             const lastTrace = ctx?.last_tool_trace;
             // 为动态工具构建有效的合同覆盖（如 sf_status cancel）
@@ -1017,13 +1129,19 @@ export async function registerTools(server, deps) {
                 // 从 { result } 模式中提取数据
                 const data = raw?.result !== undefined ? raw.result : raw;
                 const hasError = !!(data && typeof data === "object" && "error" in data);
-                // 构建 trace
+                const recoveryNextTools = hasError && Array.isArray(data.recovery_next_tools)
+                    ? data.recovery_next_tools
+                    : contract.default_next_tools;
+                const recoveryForbiddenTools = hasError && Array.isArray(data.recovery_forbidden_tools)
+                    ? data.recovery_forbidden_tools
+                    : contract.forbidden_next_tools;
+                // 构建 trace；失败处理器可显式开放修复重验路径
                 const trace = createToolTrace({
                     tool_name: name, invocation_id: invocationId, task_id: taskId,
                     workflow_id: ctx?.expansion?.workflow_trace?.workflow_id,
                     actual_side_effects: effectiveSideEffects,
-                    next_allowed_tools: contract.default_next_tools,
-                    forbidden_tools: contract.forbidden_next_tools,
+                    next_allowed_tools: recoveryNextTools,
+                    forbidden_tools: recoveryForbiddenTools,
                     authorization, bypass,
                 });
                 // 将 trace 写入 TaskContext
@@ -1034,8 +1152,8 @@ export async function registerTools(server, deps) {
                 const response = {
                     ...data,
                     tool_trace: trace,
-                    next_allowed_tools: contract.default_next_tools,
-                    forbidden_tools: contract.forbidden_next_tools,
+                    next_allowed_tools: recoveryNextTools,
+                    forbidden_tools: recoveryForbiddenTools,
                 };
                 // 基于状态的回退: 在响应中暴露降级 workflow
                 if (authorization.reason === "task in valid state for tool") {
@@ -1168,9 +1286,22 @@ export async function registerTools(server, deps) {
         if (!ctx || !ctx.classification) {
             return { result: { error: "任务不存在或尚未分类，请先调用 sf_classify" } };
         }
+        if (args.architecture_decision_workshop) {
+            ctx.architecture_decision_workshop = args.architecture_decision_workshop;
+        }
+        if (args.decision_workshop) {
+            ctx.decision_workshop = args.decision_workshop;
+        }
+        if (args.design_artifact_pack) {
+            ctx.design_artifact_pack = args.design_artifact_pack;
+        }
+        if (args.architecture_decision_workshop || args.decision_workshop || args.design_artifact_pack) {
+            await taskContext.save(ctx);
+        }
         // 状态守卫：classifying/expanding/clarifying → expanding
         if (ctx.status === "classifying" || ctx.status === "clarifying") {
             await taskContext.updateStatus(args.task_id, "expanding");
+            ctx.status = "expanding";
         }
         else if (ctx.status !== "expanding") {
             return {
@@ -1247,7 +1378,202 @@ export async function registerTools(server, deps) {
             gateway.endTask();
         }
         expansion.task_id = args.task_id;
-        // 问题四十九/五十: 架构设计 Contract + 现有系统分析门 — 仅在有施工指令契约时强制执行
+        const projectRoot = fss.realpathSync(projectPath);
+        const referencedMaterialPaths = new Set((expansion.input_materials ?? [])
+            .map((material) => material.path_or_ref)
+            .filter((materialPath) => typeof materialPath === "string" && materialPath.length > 0)
+            .map((materialPath) => path.resolve(projectRoot, materialPath)));
+        const confirmedProjectSourcePaths = (args.input_material_confirmations ?? [])
+            .map((materialPath) => path.resolve(projectRoot, materialPath))
+            .filter((absolutePath) => absolutePath === projectRoot || absolutePath.startsWith(`${projectRoot}${path.sep}`))
+            .filter((absolutePath) => referencedMaterialPaths.has(absolutePath))
+            .filter((absolutePath) => {
+            try {
+                return fss.statSync(absolutePath).isFile()
+                    && fss.realpathSync(absolutePath).startsWith(`${projectRoot}${path.sep}`);
+            }
+            catch {
+                return false;
+            }
+        });
+        const registerConfirmedProjectSources = (registry) => {
+            for (const absolutePath of confirmedProjectSourcePaths) {
+                const sourceRef = path.relative(projectRoot, absolutePath);
+                registry.register({
+                    source_type: "project_file",
+                    evidence_role: "project_source_file",
+                    authority: "authoritative",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "confirmed_input_material",
+                    description: `已确认项目输入材料: ${sourceRef}`,
+                    source_ref: sourceRef,
+                });
+            }
+        };
+        const workflowIntent = ctx.route_decision?.workflow_intent ?? ctx.classification.route_decision?.workflow_intent;
+        // 问题六十: 高风险项目事实声明先过证据门，避免后续架构研讨门遮蔽无证据问题。
+        {
+            const evRoute = ctx.route_decision?.route ?? ctx.classification?.route_decision?.route;
+            const evWorkflowIntent = ctx.route_decision?.workflow_intent ?? ctx.classification?.route_decision?.workflow_intent;
+            const evRisk = (await import("../../engine/evidence_grounding_contract.js")).assessTaskRisk(ctx.classification?.task_type, evRoute, ctx.intent);
+            const isArchitectureContext = evWorkflowIntent === "architecture_design"
+                || evWorkflowIntent === "existing_system_gap_analysis"
+                || evRoute === "artifact_generation"
+                || /架构|architecture|系统设计|技术方案|现有系统|差距分析|gap.?analysis/i.test(ctx.intent ?? "");
+            if (isArchitectureContext && (evRisk === "high" || evRisk === "critical")) {
+                const { createEvidenceGroundingSystem } = await import("../../engine/evidence_grounding_contract.js");
+                const evg = createEvidenceGroundingSystem();
+                evg.registry.register({
+                    source_type: "task_context",
+                    evidence_role: "classification",
+                    authority: "authoritative",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "classification",
+                    description: "任务分类结果",
+                    source_ref: `task:${args.task_id}`,
+                });
+                if (knowledgeIndex) {
+                    const { project } = knowledgeIndex.getAllEntries();
+                    for (const entry of project) {
+                        if (entry.status !== "active")
+                            continue;
+                        evg.registry.register({
+                            source_type: "knowledge_asset",
+                            evidence_role: "template_guidance",
+                            authority: "trusted",
+                            freshness: "current",
+                            permission: "allowed",
+                            scope: entry.scope?.join(",") ?? "knowledge",
+                            description: entry.name,
+                            source_ref: entry.file_path,
+                        });
+                    }
+                }
+                const tdc = ctx?.technology_decision_contract;
+                if (tdc?.human_gate_evidence) {
+                    evg.registry.register({
+                        source_type: "user_confirmation",
+                        evidence_role: "user_confirmation",
+                        authority: "authoritative",
+                        freshness: "current",
+                        permission: "allowed",
+                        scope: "technology_decision",
+                        description: `技术决策确认: ${tdc.decision_scope ?? "general"}`,
+                        source_ref: `decision:${tdc.decision_id ?? args.task_id}`,
+                    });
+                }
+                registerConfirmedProjectSources(evg.registry);
+                const evClaims = [
+                    {
+                        id: "claim-expand-0",
+                        category: "user_confirmation",
+                        claim_text: "任务路由和执行范围已确认",
+                        evidence_ids: evg.registry.query({ source_type: "task_context" }).map((e) => e.id),
+                        is_uncertain: false,
+                        risk_level: evRisk,
+                    },
+                    {
+                        id: "claim-expand-1",
+                        category: "architecture",
+                        claim_text: "技术方案基于现有系统分析",
+                        evidence_ids: evg.registry.query({}).filter((e) => e.evidence_role && e.evidence_role !== "template_guidance" && e.evidence_role !== "classification").map((e) => e.id),
+                        is_uncertain: false,
+                        risk_level: evRisk,
+                    },
+                ];
+                const evMatrix = evg.builder.buildContext(evClaims, {
+                    target_claims: evClaims.map((c) => c.claim_text),
+                    source_types: [],
+                    keywords: [],
+                    max_results: 10,
+                });
+                evMatrix.task_id = args.task_id;
+                const evGate = evg.gate.evaluate(evMatrix, evRisk);
+                await taskContext.setEvidenceGroundingResult(args.task_id, {
+                    evidence_matrix: evMatrix,
+                    evidence_gate_result: evGate,
+                    unsupported_claims: evGate.unsupported_claims,
+                    conflict_resolutions: evMatrix.conflicts,
+                });
+                if (!evGate.allowed) {
+                    return {
+                        result: {
+                            error: `证据驱动门禁阻断: ${evGate.reason_zh}`,
+                            diagnostic_code: evGate.diagnostic_code,
+                            reason_zh: evGate.reason_zh,
+                            unsupported_claims: evGate.unsupported_claims,
+                            missing_evidence: evGate.missing_evidence,
+                            status: "blocked",
+                            recovery: "请提供项目文件、命令输出或其他权威证据支撑关键声明后重新 sf_expand",
+                        },
+                    };
+                }
+            }
+        }
+        // 问题六十一: 架构设计前的六域研讨门独立执行，不得被施工指令契约有无绕过。
+        const existingSourceRoot = ["src", "backend", "frontend", "apps", "services"].some((candidate) => fss.existsSync(path.join(projectPath, candidate)));
+        const existingManifest = ["package.json", "pom.xml", "build.gradle", "settings.gradle"].some((candidate) => fss.existsSync(path.join(projectPath, candidate)));
+        const detectedArchitectureContext = existingSourceRoot && existingManifest
+            ? "existing_system"
+            : (!existingSourceRoot && !existingManifest ? "empty_project" : "new_system");
+        const workshopGate = await checkArchitectureDecisionWorkshopGate({
+            ctx,
+            workflowIntent,
+            projectContext: detectedArchitectureContext,
+        });
+        await taskContext.save(ctx);
+        if (!workshopGate.allowed) {
+            return {
+                result: {
+                    error: "架构设计前必须先完成六类架构决策研讨与用户确认",
+                    status: "awaiting_confirmation",
+                    architecture_decision_workshop: workshopGate.contract,
+                    blocking_findings: workshopGate.findings,
+                    next_domain: workshopGate.next_domain,
+                    recovery: "请从当前待讨论域开始，提供候选方案、推荐理由、风险和用户确认后重新调用 sf_expand",
+                },
+            };
+        }
+        // 六域决策闭合后创建设计产物生命周期；正式设计与后续实现必须以其复验结果为准。
+        if (workflowIntent === "architecture_design" && !ctx.design_artifact_pack) {
+            const designModule = await lazyDesignArtifactPack();
+            ctx.design_artifact_pack = designModule.createDesignArtifactPack(args.task_id);
+            ctx.design_artifact_pack.status = "awaiting_decisions";
+            ctx.design_artifact_pack.decision_workshop_ref = `task:${args.task_id}:architecture_decision_workshop`;
+            ctx.design_artifact_pack.user_confirmation_ref = ctx.architecture_decision_workshop?.document_output_confirmation_ref;
+            await taskContext.save(ctx);
+        }
+        // 问题六十一（通用）: 可组合决策包门禁
+        const dwModule = await lazyDecisionWorkshop();
+        const packMatch = dwModule.matchDecisionPacks({
+            workflow_intent: workflowIntent,
+            intent: ctx.intent,
+            task_type: ctx.classification?.task_type,
+        });
+        // 过滤掉架构（架构由上面的专用子包处理）
+        const nonArchPacks = packMatch.packs.filter((p) => p !== "architecture");
+        if (nonArchPacks.length > 0) {
+            const dwContract = ctx.decision_workshop ?? dwModule.createDecisionWorkshop(args.task_id, nonArchPacks, detectedArchitectureContext, packMatch.reasons.join("；"));
+            const dwGate = dwModule.evaluateDecisionWorkshop(dwContract);
+            ctx.decision_workshop = dwModule.applyDecisionWorkshopGate(dwContract);
+            await taskContext.save(ctx);
+            if (!dwGate.allowed) {
+                return {
+                    result: {
+                        error: `${packMatch.reasons.join("；")}，必须先完成决策研讨与用户确认`,
+                        status: "awaiting_confirmation",
+                        decision_workshop: ctx.decision_workshop,
+                        blocking_findings: dwGate.blocking_findings,
+                        next_domain: dwGate.next_domain,
+                        activated_packs: nonArchPacks,
+                        recovery: "请从当前待讨论域开始，提供候选方案、推荐理由、风险和用户确认后重新调用 sf_expand",
+                    },
+                };
+            }
+        }
+        // 问题四十九/五十: 已有架构合同或现有系统证据的进一步审查。
         const expansionRoute = expansion.workflow_trace
             ? expansion.workflow_trace?.route
             : undefined;
@@ -1361,7 +1687,125 @@ export async function registerTools(server, deps) {
             advisories.h1_advisory = h1Warning;
         if (h4LockWarning)
             advisories.h4_advisory = h4LockWarning;
-        // 配置优先级警告
+        // 问题六十：证据驱动门禁 — 高风险任务必须阻断无证据声明
+        const _evRoute = ctx.route_decision?.route ?? ctx.classification?.route_decision?.route;
+        const _evRisk = (await import("../../engine/evidence_grounding_contract.js")).assessTaskRisk(ctx.classification?.task_type, _evRoute, ctx.intent);
+        if (_evRisk === "high" || _evRisk === "critical") {
+            const { createEvidenceGroundingSystem } = await import("../../engine/evidence_grounding_contract.js");
+            const _evg = createEvidenceGroundingSystem();
+            if (ctx.classification) {
+                _evg.registry.register({
+                    source_type: "task_context",
+                    evidence_role: "classification",
+                    authority: "authoritative",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "classification",
+                    description: "任务分类结果",
+                    source_ref: `task:${args.task_id}`,
+                });
+            }
+            // 注册知识索引中的项目知识作为证据（仅项目级，不含全局通用规则）
+            // 所有知识索引条目都是 template_guidance 角色，不得支撑项目事实声明
+            if (knowledgeIndex) {
+                const { project } = knowledgeIndex.getAllEntries();
+                for (const entry of project) {
+                    if (entry.status !== "active")
+                        continue;
+                    _evg.registry.register({
+                        source_type: "knowledge_asset",
+                        evidence_role: "template_guidance",
+                        authority: "trusted",
+                        freshness: "current",
+                        permission: "allowed",
+                        scope: entry.scope?.join(",") ?? "knowledge",
+                        description: entry.name,
+                        source_ref: entry.file_path,
+                    });
+                }
+            }
+            // 技术决策契约含 human_gate_evidence → 注册为 user_confirmation（真实项目证据）
+            const _tdc = ctx?.technology_decision_contract;
+            if (_tdc?.human_gate_evidence) {
+                _evg.registry.register({
+                    source_type: "user_confirmation",
+                    evidence_role: "user_confirmation",
+                    authority: "authoritative",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "technology_decision",
+                    description: `技术决策确认: ${_tdc.decision_scope ?? "general"}`,
+                    source_ref: `decision:${_tdc.decision_id ?? args.task_id}`,
+                });
+            }
+            registerConfirmedProjectSources(_evg.registry);
+            const _evClaims = [
+                {
+                    id: "claim-expand-0",
+                    category: "user_confirmation",
+                    claim_text: "任务路由和执行范围已确认",
+                    evidence_ids: _evg.registry.query({ source_type: "task_context" }).map((e) => e.id),
+                    is_uncertain: false,
+                    risk_level: _evRisk,
+                },
+            ];
+            // 只在架构设计/现有系统分析场景生成 architecture claim
+            const _evWorkflowIntent = ctx.route_decision?.workflow_intent ?? ctx.classification?.route_decision?.workflow_intent;
+            const _evIntentText = (ctx.intent ?? "").toLowerCase();
+            const _isArchitectureContext = _evWorkflowIntent === "architecture_design"
+                || _evWorkflowIntent === "existing_system_gap_analysis"
+                || _evRoute === "artifact_generation"
+                || /架构|architecture|系统设计|技术方案|现有系统|差距分析|gap.?analysis/i.test(_evIntentText);
+            if (_isArchitectureContext) {
+                _evClaims.push({
+                    id: "claim-expand-1",
+                    category: "architecture",
+                    claim_text: "技术方案基于现有系统分析",
+                    evidence_ids: _evg.registry.query({}).filter((e) => e.evidence_role && e.evidence_role !== "template_guidance" && e.evidence_role !== "classification").map((e) => e.id),
+                    is_uncertain: false,
+                    risk_level: _evRisk,
+                });
+            }
+            const _evVerify = _evg.verifier.verify(_evClaims, _evRisk);
+            const _evMatrix = _evg.builder.buildContext(_evClaims, {
+                target_claims: _evClaims.map((c) => c.claim_text),
+                source_types: [], keywords: [], max_results: 10,
+            });
+            _evMatrix.task_id = args.task_id;
+            const _evGate = _evg.gate.evaluate(_evMatrix, _evRisk);
+            // 写回 TaskContext（blocked 也保存）
+            await taskContext.setEvidenceGroundingResult(args.task_id, {
+                evidence_matrix: _evMatrix,
+                evidence_gate_result: _evGate,
+                unsupported_claims: _evGate.unsupported_claims,
+                conflict_resolutions: _evMatrix.conflicts,
+            });
+            if (!_evGate.allowed) {
+                return {
+                    result: {
+                        error: `证据驱动门禁阻断: ${_evGate.reason_zh}`,
+                        diagnostic_code: _evGate.diagnostic_code,
+                        reason_zh: _evGate.reason_zh,
+                        unsupported_claims: _evGate.unsupported_claims,
+                        missing_evidence: _evGate.missing_evidence,
+                        status: "blocked",
+                        recovery: "请提供项目文件、命令输出或其他权威证据支撑关键声明后重新 sf_expand",
+                    },
+                };
+            }
+            if (_evGate.requires_user_confirmation.length > 0) {
+                advisories.evidence_advisory = {
+                    level: "requires_confirmation",
+                    items: _evGate.requires_user_confirmation,
+                    diagnostic_code: _evGate.diagnostic_code,
+                };
+            }
+        }
+        else {
+            // 低风险通用问答：标注为通用建议
+            advisories.evidence_advisory = "通用建议，非项目事实；证据驱动门禁低风险放行";
+        }
+        // 配置优先级警告
         if (expansion.config_resolution_reports && expansion.config_resolution_reports.length > 0) {
             const configWarnings = expansion.config_resolution_reports
                 .filter(r => r.conflicts.length > 0)
@@ -1428,6 +1872,111 @@ export async function registerTools(server, deps) {
                 result: { error: "任务不存在" },
             };
         }
+        // 问题六十二: 设计产物验证必须读取用户项目真实文件，不接受占位合同自证通过。
+        const verifyWorkflowIntent = ctx.route_decision?.workflow_intent ?? ctx.classification?.route_decision?.workflow_intent;
+        const touchesDesignArtifacts = args.changed_files.some((file) => /docs\/architecture\/|docs\/api\/|openapi|db\/(?:migrations|schema)|架构设计|数据库设计|API接口规格/i.test(file));
+        if (verifyWorkflowIntent === "architecture_design" || touchesDesignArtifacts) {
+            const designModule = await lazyDesignArtifactPack();
+            const designPack = ctx.design_artifact_pack ?? designModule.createDesignArtifactPack(args.task_id);
+            const designVerification = designModule.verifyDesignArtifactPack(projectPath, designPack);
+            ctx.design_artifact_pack = {
+                ...designPack,
+                status: designVerification.status,
+                findings: designVerification.findings,
+                baseline_hashes: designVerification.hashes,
+                verified_at: new Date().toISOString(),
+            };
+            await taskContext.save(ctx);
+            if (!designVerification.passed) {
+                return {
+                    result: {
+                        error: "设计产物包复验未通过，不得继续生成编码或交付结论",
+                        status: "blocked",
+                        diagnostic_code: "SF-DESIGN-PACK-VERIFY-FAILED",
+                        design_artifact_findings: designVerification.findings,
+                        checked_files: designVerification.checked_files,
+                        recovery: "修复设计产物、补充用户确认并重新执行 sf_verify；不得只提交报告绕过缺口",
+                    },
+                };
+            }
+        }
+        // 问题六十三: 模板契约验证 — 按文件逐一匹配契约并校验
+        const sacModule = await lazyStandardAssetContract();
+        const formalArtifactContract = sacModule.matchTemplateContract({
+            output_artifact_kind: ctx.artifact_output?.kind,
+            workflow_intent: verifyWorkflowIntent,
+            route_decision: ctx.route_decision?.workflow_intent,
+        });
+        if (formalArtifactContract || !sacModule.isLowRiskTask({
+            route_decision: verifyWorkflowIntent ?? ctx.classification?.route_decision?.workflow_intent,
+            workflow_intent: verifyWorkflowIntent,
+            changed_files: args.changed_files,
+        })) {
+            for (const changedFile of args.changed_files) {
+                const absFile = path.join(projectPath, changedFile);
+                if (!fss.existsSync(absFile) || !/\.md$/.test(changedFile))
+                    continue;
+                // 按实际文件路径匹配契约（不再使用 changed_files[0] 的契约校验全部文件）
+                const perFileContract = sacModule.matchTemplateContract({
+                    output_artifact_kind: ctx.artifact_output?.kind,
+                    workflow_intent: verifyWorkflowIntent,
+                    route_decision: ctx.route_decision?.workflow_intent,
+                    file_path: changedFile,
+                });
+                if (!perFileContract)
+                    continue;
+                const content = fss.readFileSync(absFile, "utf-8");
+                // 草稿阻断下游消费 — 不再静默跳过
+                if (sacModule.isDraftDocument(content)) {
+                    ctx.repair_reverify_directive = {
+                        contract_id: perFileContract.asset_id,
+                        file_path: changedFile,
+                        status: "draft_blocked",
+                        repair_suggestion: `文件 ${changedFile} 仍为草稿状态，草稿不可用于实现。请完善内容后重新验证。`,
+                        blocked: true,
+                    };
+                    await taskContext.save(ctx);
+                    return {
+                        result: {
+                            error: `草稿文件 ${changedFile} 不可用于实现，需完善后重新验证`,
+                            status: "blocked",
+                            diagnostic_code: "SF-CONTRACT-DRAFT",
+                            template_contract_id: perFileContract.asset_id,
+                            recovery: "完善草稿内容后重新执行 sf_verify",
+                        },
+                    };
+                }
+                const contractResult = sacModule.verifyOutputAgainstContract(perFileContract, content, projectPath);
+                if (!contractResult.passed) {
+                    const repairDirective = sacModule.createRepairReverifyDirective(perFileContract, contractResult);
+                    ctx.repair_reverify_directive = {
+                        contract_id: perFileContract.asset_id,
+                        file_path: changedFile,
+                        status: "repair_required",
+                        repair_suggestion: repairDirective.repair_suggestion,
+                        blocked: true,
+                    };
+                    await taskContext.save(ctx);
+                    return {
+                        result: {
+                            error: `文件 ${changedFile} 模板契约验证未通过，进入修复重验闭环`,
+                            status: "blocked",
+                            diagnostic_code: "SF-CONTRACT-0003",
+                            template_contract_id: perFileContract.asset_id,
+                            missing_fields: contractResult.missing_fields,
+                            messages: contractResult.messages,
+                            repair_suggestion: repairDirective.repair_suggestion,
+                            recovery: "修复文档缺口后重新执行 sf_verify；不得只报告不修复",
+                        },
+                    };
+                }
+            }
+            // 全部契约验证通过 — 清零修复重验指令
+            if (ctx.repair_reverify_directive) {
+                delete ctx.repair_reverify_directive;
+                await taskContext.save(ctx);
+            }
+        }
         // RouteDecision 合同验证 — 无条件，在状态预检之前
         const rdFromCtx = ctx.route_decision ?? ctx.classification?.route_decision ?? null;
         const wtFromCtx = ctx.workflow_trace ?? ctx.expansion?.workflow_trace ?? null;
@@ -1580,6 +2129,82 @@ export async function registerTools(server, deps) {
         // 附加验证契约引用到返回结果
         verifyPayload.verification_plan = vPlan;
         verifyPayload.verification_result = vResult;
+        // 问题六十：验证结论必须经过 FactClaimVerifier，不得把计划当结果
+        {
+            const { createEvidenceGroundingSystem, assessTaskRisk } = await import("../../engine/evidence_grounding_contract.js");
+            const _vRoute = ctx.route_decision?.route ?? ctx.classification?.route_decision?.route;
+            const _vRisk = assessTaskRisk(ctx.classification?.task_type, _vRoute, ctx.intent);
+            if (_vRisk !== "low") {
+                const _veg = createEvidenceGroundingSystem();
+                // 只有真实执行结果才能作为 validation_result 证据
+                const _hasRealPassed = ctx.verification_result && ctx.verification_result.status === "passed";
+                if (_hasRealPassed) {
+                    _veg.registry.register({
+                        source_type: "validation_result",
+                        authority: "authoritative",
+                        freshness: "current",
+                        permission: "allowed",
+                        scope: "verification",
+                        description: `验证状态: ${ctx.verification_result.status}`,
+                        source_ref: `verification:${args.task_id}`,
+                    });
+                }
+                // 验证计划注册为 task_context，不冒充 validation_result
+                _veg.registry.register({
+                    source_type: "task_context",
+                    authority: "supporting",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "verification_plan",
+                    description: `验证计划: ${vPlan ? "已生成" : "未生成"}`,
+                    source_ref: `verification-plan:${args.task_id}`,
+                });
+                if (args.changed_files.length > 0) {
+                    _veg.registry.register({
+                        source_type: "project_file",
+                        authority: "authoritative",
+                        freshness: "current",
+                        permission: "allowed",
+                        scope: "changed_files",
+                        description: `变更文件: ${args.changed_files.join(", ")}`,
+                        source_ref: `files:${args.changed_files.join(",")}`,
+                    });
+                }
+                const _vClaims = [{
+                        id: "claim-verify-1",
+                        category: "validation_result",
+                        claim_text: "验证结果基于真实命令执行",
+                        evidence_ids: _veg.registry.query({ source_type: "validation_result" }).map((e) => e.id),
+                        is_uncertain: false,
+                        risk_level: _vRisk,
+                    }];
+                const _vVerResult = _veg.verifier.verify(_vClaims, _vRisk);
+                const _vMatrix = _veg.builder.buildContext(_vClaims, {
+                    target_claims: _vClaims.map((c) => c.claim_text),
+                    source_types: [], keywords: [], max_results: 10,
+                });
+                _vMatrix.task_id = args.task_id;
+                const _vGate = _veg.gate.evaluate(_vMatrix, _vRisk);
+                // 写回 TaskContext
+                await taskContext.setEvidenceGroundingResult(args.task_id, {
+                    evidence_matrix: _vMatrix,
+                    evidence_gate_result: _vGate,
+                    unsupported_claims: _vGate.unsupported_claims,
+                    conflict_resolutions: _vMatrix.conflicts,
+                });
+                if (_vVerResult.unsupported.length > 0) {
+                    // 高风险：只有 plan 无 result → 写入 payload（不用 verifyExtras）
+                    verifyPayload._evidence_status = "not_verified";
+                    verifyPayload._evidence_reason = "验证结论需真实命令执行结果支撑，验证计划不能当作验证结果。请通过 sf_record_verification_execution 录入真实验证结果。";
+                    if (_vRisk === "high" || _vRisk === "critical") {
+                        verifyPayload._evidence_blocked = true;
+                    }
+                    else {
+                        verifyPayload._evidence_advisory = "验证结论需真实命令执行结果支撑，验证计划不能当作验证结果";
+                    }
+                }
+            }
+        }
         // 验证后核心体验评估
         try {
             const hasVerificationEvidence = (verifyResult.checks?.build?.length ?? 0) > 0 || (verifyResult.checks?.tests?.length ?? 0) > 0;
@@ -2044,6 +2669,103 @@ export async function registerTools(server, deps) {
         };
     });
     // ── sf_deliver: 自动提交、推送、创建 PR ──
+    // ── sf_accept: 记录任务验收证据（本地验收 + 产物确认） ──
+    registerSafeTool("sf_accept", "记录任务验收证据，解除 sf_deliver 的本地验收门和产物确认门", AcceptSchema, async (args) => {
+        const ctx = await taskContext.load(args.task_id);
+        if (!ctx) {
+            return { result: { error: "任务不存在" } };
+        }
+        const runMode = args.run_mode;
+        const notes = String(args.acceptance_notes ?? "").trim();
+        const confirmedBy = String(args.confirmed_by ?? "").trim();
+        const confirmationRef = String(args.confirmation_ref ?? "").trim();
+        if (args.confirm !== true || !confirmedBy || !confirmationRef || !notes) {
+            return {
+                result: {
+                    error: "验收必须包含显式确认、确认者、可审计确认引用和验收说明",
+                    diagnostic_code: "SF-ACCEPT-CONFIRMATION-REQUIRED",
+                    recovery_next_tools: ["sf_accept", "sf_status"],
+                    recovery_forbidden_tools: ["sf_deliver", "sf_scaffold", "sf_classify", "sf_expand"],
+                },
+            };
+        }
+        const currentVerification = ctx.verification_result ?? ctx.batch2_verification_result;
+        if (currentVerification?.status !== "passed") {
+            return {
+                result: {
+                    error: "验收前必须已有真实执行并通过的 verification_result",
+                    diagnostic_code: "SF-ACCEPT-VERIFICATION-REQUIRED",
+                    recovery_next_tools: ["sf_verify", "sf_record_verification_execution", "sf_status"],
+                    recovery_forbidden_tools: ["sf_deliver", "sf_scaffold", "sf_classify", "sf_expand"],
+                },
+            };
+        }
+        const evidenceRef = `acceptance:user_confirmation:${confirmationRef}`;
+        if (runMode === "manual_review") {
+            const acceptanceModule = await lazyLocalAcceptance();
+            if (!args.final_access) {
+                return {
+                    result: {
+                        error: "manual_review 验收缺少 final_access 真实访问证据",
+                        diagnostic_code: "SF-ACCEPT-FINAL-ACCESS-REQUIRED",
+                        recovery_next_tools: ["sf_accept", "sf_status"],
+                        recovery_forbidden_tools: ["sf_deliver", "sf_scaffold", "sf_classify", "sf_expand"],
+                    },
+                };
+            }
+            const finalAccessResult = acceptanceModule.validateFinalAccess(args.final_access, "local_dev_server");
+            if (!finalAccessResult.passed) {
+                return {
+                    result: {
+                        error: `manual_review 验收证据不完整: ${finalAccessResult.blocking_reasons.join("; ")}`,
+                        diagnostic_code: "SF-ACCEPT-FINAL-ACCESS-INVALID",
+                        recovery_next_tools: ["sf_accept", "sf_status"],
+                        recovery_forbidden_tools: ["sf_deliver", "sf_scaffold", "sf_classify", "sf_expand"],
+                    },
+                };
+            }
+        }
+        // 设置本地验收证据
+        ctx.local_acceptance_evidence = {
+            status: runMode === "manual_review" ? "passed" : "not_applicable",
+            run_mode: runMode,
+            confirmed_by: confirmedBy,
+            confirmation_ref: confirmationRef,
+            final_access: args.final_access ?? {
+                frontend_urls: [],
+                backend_urls: [],
+                docs_or_swagger_urls: [],
+                start_commands: [],
+                stop_commands: [],
+                running_status: "not_started",
+                manual_review_steps_zh: [notes],
+                known_limits_zh: [],
+            },
+            evidence_refs: [evidenceRef],
+        };
+        await taskContext.save(ctx);
+        let updatedCtx = ctx;
+        // 产物确认必须经过统一生命周期校验，不直接改写 status。
+        if (ctx.artifact_output && ctx.artifact_output.status === "verified") {
+            updatedCtx = await taskContext.updateArtifactStatus(args.task_id, {
+                status: "accepted",
+                evidenceRef,
+                hasAcceptance: true,
+            }) ?? ctx;
+        }
+        return {
+            result: {
+                task_id: args.task_id,
+                acceptance_status: "passed",
+                run_mode: runMode,
+                evidence_ref: evidenceRef,
+                artifact_transition: updatedCtx.artifact_output
+                    ? `${updatedCtx.artifact_output.status}`
+                    : "no_artifact",
+            },
+        };
+    });
+    // ── sf_deliver: 自动提交、推送、创建 PR ──
     registerSafeTool("sf_deliver", "验收后自动提交代码、推送、创建 PR 和生成变更日志", DeliverSchema, async (args) => {
         const ctx = await taskContext.load(args.task_id);
         if (!ctx) {
@@ -2056,6 +2778,19 @@ export async function registerTools(server, deps) {
         const h4DeliverWarning = !deliverIntegrity.clean
             ? { warning: `H4 advisory: ${deliverIntegrity.message}`, dirty_files: deliverIntegrity.dirty_files }
             : undefined;
+        // 模板契约修复指令优先于通用产物状态提示，确保客户端获得可执行的修复重验路径。
+        if (ctx.repair_reverify_directive) {
+            return {
+                result: {
+                    error: "存在未清零的模板契约修复指令，需完成修复重验后才能交付",
+                    diagnostic_code: "SF-CONTRACT-0003",
+                    repair_directive: ctx.repair_reverify_directive,
+                    recovery: "修复文档缺口后重新执行 sf_verify，验证通过后 repair_reverify_directive 自动清零",
+                    recovery_next_tools: ["sf_learn", "sf_verify", "sf_status"],
+                    recovery_forbidden_tools: ["sf_deliver", "sf_scaffold", "sf_classify", "sf_expand"],
+                },
+            };
+        }
         // 产物状态门控: deliver 需要产物状态为 accepted 且有证据
         if (ctx.artifact_output) {
             const status = ctx.artifact_output.status;
@@ -2091,6 +2826,17 @@ export async function registerTools(server, deps) {
                 }
             }
         }
+        // 问题六十二: 依赖设计产物的任务只有 implementation_ready 后才可交付。
+        if (ctx.design_artifact_pack && ctx.design_artifact_pack.status !== "implementation_ready") {
+            return {
+                result: {
+                    error: `设计产物包状态为 ${ctx.design_artifact_pack.status}，未达到 implementation_ready，不得交付`,
+                    diagnostic_code: "SF-DESIGN-PACK-NOT-READY",
+                    findings: ctx.design_artifact_pack.findings,
+                    recovery: "请完成设计产物真实复验并修复所有阻断项后重新交付",
+                },
+            };
+        }
         // 交付 lease 互斥检查
         const leaseModule = await lazyWorkspaceLease();
         const deliverLease = leaseModule.acquireLease(args.task_id, "delivery", [projectPath]);
@@ -2126,6 +2872,7 @@ export async function registerTools(server, deps) {
         const metricsData = await (await lazyObservability()).collectDeliveryMetricSamples(taskContext.getStateDir());
         // acceptanceConfig: 从项目配置推断 project_run_mode
         const projectHasFrontend = config.tech_stack.frontend.lang && config.tech_stack.frontend.lang !== "none";
+        const projectHasBackend = config.tech_stack.backend.lang && config.tech_stack.backend.lang !== "none";
         const readinessReport = drModule.evaluateDeliveryReadiness(args.task_id, currentVResult, guardFindings, true, // scope_check — 已在 sf_verify 写入护栏中检查
         deliverLease.conflicts.length === 0, // lease_check — 无冲突即通过
         true, // privacy_check — 已在任务创建时脱敏
@@ -2155,7 +2902,7 @@ export async function registerTools(server, deps) {
             const localAcceptanceGate = await checkLocalAcceptanceGate({
                 ctx,
                 hasFrontend: !!projectHasFrontend,
-                hasBackend: !!config.tech_stack,
+                hasBackend: !!projectHasBackend,
                 hasDockerCompose: false,
                 hasDockerfile: false,
             });
@@ -2173,12 +2920,74 @@ export async function registerTools(server, deps) {
                 };
             }
         }
+        // 问题六十：交付结论必须经过 UnsupportedClaimGate
+        {
+            const { createEvidenceGroundingSystem, assessTaskRisk } = await import("../../engine/evidence_grounding_contract.js");
+            const _dRoute = ctx.route_decision?.route ?? ctx.classification?.route_decision?.route;
+            const _dRisk = assessTaskRisk(ctx.classification?.task_type, _dRoute, ctx.intent);
+            if (_dRisk !== "low") {
+                const _deg = createEvidenceGroundingSystem();
+                // 注册验证结果和交付上下文
+                if (currentVResult) {
+                    _deg.registry.register({
+                        source_type: "validation_result",
+                        authority: "authoritative",
+                        freshness: "current",
+                        permission: "allowed",
+                        scope: "verification",
+                        description: `验证状态: ${currentVResult.status}`,
+                        source_ref: `verification:${args.task_id}`,
+                    });
+                }
+                _deg.registry.register({
+                    source_type: "task_context",
+                    authority: "authoritative",
+                    freshness: "current",
+                    permission: "allowed",
+                    scope: "delivery",
+                    description: "交付上下文",
+                    source_ref: `task:${args.task_id}`,
+                });
+                const _dClaims = [
+                    {
+                        id: "claim-deliver-1",
+                        category: "release_status",
+                        claim_text: "交付基于真实验证结果",
+                        evidence_ids: _deg.registry.query({ source_type: "validation_result" }).map((e) => e.id),
+                        is_uncertain: false,
+                        risk_level: _dRisk,
+                    },
+                ];
+                const _dMatrix = _deg.builder.buildContext(_dClaims, { target_claims: ["交付验证"], source_types: ["validation_result", "task_context"], keywords: ["验证", "交付"], max_results: 10 });
+                _dMatrix.task_id = args.task_id;
+                const _dGateResult = _deg.gate.evaluate(_dMatrix, _dRisk);
+                // 写回 TaskContext（blocked 也保存）
+                await taskContext.setEvidenceGroundingResult(args.task_id, {
+                    evidence_matrix: _dMatrix,
+                    evidence_gate_result: _dGateResult,
+                    unsupported_claims: _dGateResult.unsupported_claims,
+                    conflict_resolutions: _dMatrix.conflicts,
+                });
+                if (!_dGateResult.allowed) {
+                    if (deliverLease.lease) {
+                        leaseModule.releaseLease(deliverLease.lease.lease_id);
+                    }
+                    return {
+                        result: {
+                            error: `证据驱动门禁未通过: ${_dGateResult.reason_zh}`,
+                            diagnostic_code: _dGateResult.diagnostic_code,
+                            unsupported_claims: _dGateResult.unsupported_claims,
+                        },
+                    };
+                }
+            }
+        }
         // 交付前检查 false completion（通过提取的主链路函数）
         const cepNfcResult = await assessCepBeforeDelivery({
             task_id: args.task_id,
             verification_passed: currentVResult?.status === "passed",
             build_passed: (currentVResult?.passed_commands ?? 0) > 0,
-            browser_acceptance_passed: ctx.artifact_output?.status === "verified" || ctx.artifact_output === undefined,
+            browser_acceptance_passed: ctx.artifact_output?.status === "accepted" || ctx.artifact_output === undefined,
             guard_passed: guardFindings.length === 0 || guardFindings.every((f) => f.severity !== "hard_fail"),
             evidence_sufficient: (currentVResult?.evidence_ids?.length ?? 0) > 0,
             current_status: ctx.status === "done" ? "completed" : ctx.status,