substrate-ai 0.20.3 → 0.20.5

package/dist/{health-BfeoutPu.js → health-DHLR9Iz1.js}

@@ -4,6 +4,7 @@ import { createRequire } from "module";
 import { dirname, join } from "path";
 import { readFile } from "fs/promises";
 import { EventEmitter } from "node:events";
+import { YAMLException, load } from "js-yaml";
 import { existsSync, promises, readFileSync } from "node:fs";
 import { spawn, spawnSync } from "node:child_process";
 import { dirname as dirname$1, join as join$1, resolve as resolve$1 } from "node:path";
@@ -2904,6 +2905,961 @@ function applyConfigToGraph(graph, options) {
 	graph.defaultMaxRetries = options.maxReviewCycles;
 }
 
+//#endregion
+//#region packages/sdlc/dist/verification/findings.js
+/**
+* VerificationFinding — structured per-issue payload emitted by verification checks.
+*
+* Replaces the ad-hoc "stuff everything into VerificationResult.details" pattern
+* that preceded it: every downstream consumer (retry prompts, run manifest,
+* post-run analysis) used to string-parse a free-form blob that the emitting
+* check never promised a schema for. With findings, each issue is an
+* addressable record the pipeline can act on individually.
+*
+* The {command, exitCode, stdoutTail, stderrTail} optional fields are reserved
+* primarily for Phase 2 runtime probes — they cost nothing on the current four
+* Tier A checks (which leave them undefined) but let probe output flow through
+* the same shape without a second refactor.
+*/
+const SEVERITY_PREFIX = {
+	error: "ERROR",
+	warn: "WARN",
+	info: "INFO"
+};
+/**
+* Render a list of findings into the multi-line human-readable string that
+* populates VerificationResult.details. One line per finding:
+*
+*   `${PREFIX} [${category}] ${message}`
+*
+* Checks that migrate to the findings-first pattern call this helper to derive
+* `details` from the findings they emit, guaranteeing the two stay in sync.
+*/
+function renderFindings(findings) {
+	if (findings.length === 0) return "";
+	return findings.map((f) => `${SEVERITY_PREFIX[f.severity]} [${f.category}] ${f.message}`).join("\n");
+}
+
+//#endregion
+//#region packages/sdlc/dist/verification/checks/phantom-review-check.js
+/**
+* Detects phantom reviews — dispatches that failed or produced no output but
+* were recorded as passing verdicts.
+*
+* AC1: dispatch failed (non-zero exit, timeout, crash) → fail
+* AC2: empty or null rawOutput → fail
+* AC3: schema_validation_failed error → fail
+* AC5: valid review (non-empty rawOutput, no dispatchFailed) → pass
+* AC6: name='phantom-review', tier='A'
+*/
+var PhantomReviewCheck = class {
+	name = "phantom-review";
+	tier = "A";
+	async run(context) {
+		const start = Date.now();
+		const review = context.reviewResult;
+		if (!review) return {
+			status: "pass",
+			details: "phantom-review: no review result in context — skipping check",
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+		if (review.dispatchFailed === true) {
+			const reason = review.error === "schema_validation_failed" ? "schema validation failed" : `dispatch failed${review.error ? ` — ${review.error}` : ""}`;
+			const findings = [{
+				category: "phantom-review",
+				severity: "error",
+				message: reason
+			}];
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		if (review.rawOutput !== void 0 && review.rawOutput.trim().length === 0) {
+			const findings = [{
+				category: "phantom-review",
+				severity: "error",
+				message: "empty review output"
+			}];
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		return {
+			status: "pass",
+			details: "phantom-review: review output is valid",
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+	}
+};
+
+//#endregion
+//#region packages/sdlc/dist/verification/checks/trivial-output-check.js
+/**
+* Default minimum output-token count a story must produce to be
+* considered non-trivial.  Configurable via trivialOutputThreshold config field.
+*/
+const DEFAULT_TRIVIAL_OUTPUT_THRESHOLD = 100;
+/**
+* Checks that a completed story dispatch produced at least `threshold` output
+* tokens.  Dispatches that produced fewer tokens are flagged as failures with
+* an actionable suggestion to re-run with increased maxTurns.
+*
+* AC1: fail when outputTokenCount < threshold.
+* AC2: details string includes "Re-run with increased maxTurns".
+* AC3: pass when outputTokenCount >= threshold.
+* AC4: threshold is configurable via trivialOutputThreshold config field.
+* AC5: warn (not fail) when outputTokenCount is undefined.
+* AC6: implements VerificationCheck with name='trivial-output', tier='A'.
+*/
+var TrivialOutputCheck = class {
+	name = "trivial-output";
+	tier = "A";
+	threshold;
+	constructor(config) {
+		this.threshold = config?.trivialOutputThreshold ?? DEFAULT_TRIVIAL_OUTPUT_THRESHOLD;
+	}
+	async run(context) {
+		const start = Date.now();
+		if (context.outputTokenCount === void 0) {
+			const findings = [{
+				category: "trivial-output",
+				severity: "warn",
+				message: "output token count unavailable — skipping check"
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const count = context.outputTokenCount;
+		if (count < this.threshold) {
+			const findings = [{
+				category: "trivial-output",
+				severity: "error",
+				message: `output token count ${count} is below threshold ${this.threshold} — Re-run with increased maxTurns`
+			}];
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		return {
+			status: "pass",
+			details: `output token count ${count} meets threshold ${this.threshold}`,
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+	}
+};
+
+//#endregion
+//#region packages/sdlc/dist/verification/checks/acceptance-criteria-evidence-check.js
+const EXPLICIT_AC_REF = /\bAC\s*:?\s*#?\s*(\d+)\b/gi;
+const NUMBERED_CRITERION = /^\s*(?:[-*]\s*)?(?:\[[ xX]\]\s*)?(\d+)[.)]\s+\S/;
+function normalizeAcId(value) {
+	const parsed = Number.parseInt(value, 10);
+	if (!Number.isFinite(parsed) || parsed <= 0) return void 0;
+	return `AC${parsed}`;
+}
+function sortAcIds(ids) {
+	return Array.from(ids).sort((a, b) => {
+		const aNum = Number.parseInt(a.replace(/^AC/i, ""), 10);
+		const bNum = Number.parseInt(b.replace(/^AC/i, ""), 10);
+		return aNum - bNum;
+	});
+}
+function addExplicitAcRefs(text, ids) {
+	EXPLICIT_AC_REF.lastIndex = 0;
+	let match;
+	while ((match = EXPLICIT_AC_REF.exec(text)) !== null) {
+		const id = normalizeAcId(match[1] ?? "");
+		if (id !== void 0) ids.add(id);
+	}
+}
+function extractAcceptanceSection(storyContent) {
+	const lines = storyContent.split(/\r?\n/);
+	const start = lines.findIndex((line) => /^##\s+Acceptance Criteria\s*$/i.test(line.trim()));
+	if (start === -1) return void 0;
+	let end = lines.length;
+	for (let i = start + 1; i < lines.length; i += 1) if (/^##\s+\S/.test(lines[i] ?? "")) {
+		end = i;
+		break;
+	}
+	return lines.slice(start + 1, end).join("\n");
+}
+/**
+* Extract normalized AC ids from story markdown.
+*
+* Supports the BMAD default format (`### AC1:`), explicit references such as
+* `AC: #1`, and plain numbered criteria inside the Acceptance Criteria section.
+*/
+function extractAcceptanceCriteriaIds(storyContent) {
+	const ids = new Set();
+	const acceptanceSection = extractAcceptanceSection(storyContent);
+	const textToScan = acceptanceSection ?? storyContent;
+	addExplicitAcRefs(textToScan, ids);
+	if (acceptanceSection !== void 0) for (const line of acceptanceSection.split(/\r?\n/)) {
+		const match = line.match(NUMBERED_CRITERION);
+		if (match?.[1] !== void 0) {
+			const id = normalizeAcId(match[1]);
+			if (id !== void 0) ids.add(id);
+		}
+	}
+	return sortAcIds(ids);
+}
+function extractClaimedAcceptanceCriteriaIds(values) {
+	const ids = new Set();
+	for (const value of values ?? []) {
+		addExplicitAcRefs(value, ids);
+		const bareNumber = value.trim().match(/^#?(\d+)\b/);
+		if (bareNumber?.[1] !== void 0) {
+			const id = normalizeAcId(bareNumber[1]);
+			if (id !== void 0) ids.add(id);
+		}
+	}
+	return sortAcIds(ids);
+}
+function normalizeTestOutcome(value) {
+	if (value === void 0) return void 0;
+	return value.toLowerCase().includes("fail") ? "fail" : "pass";
+}
+function formatIds(ids) {
+	return ids.join(", ");
+}
+var AcceptanceCriteriaEvidenceCheck = class {
+	name = "acceptance-criteria-evidence";
+	tier = "A";
+	async run(context) {
+		const start = Date.now();
+		const storyContent = context.storyContent?.trim();
+		if (!storyContent) {
+			const findings = [{
+				category: "ac-context-missing",
+				severity: "warn",
+				message: "story content unavailable - skipping AC evidence check"
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const expectedIds = extractAcceptanceCriteriaIds(storyContent);
+		if (expectedIds.length === 0) {
+			const findings = [{
+				category: "ac-context-missing",
+				severity: "warn",
+				message: "no numbered acceptance criteria found in story"
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const devResult = context.devStoryResult;
+		if (devResult === void 0) {
+			const findings = [{
+				category: "ac-context-missing",
+				severity: "warn",
+				message: `dev-story result unavailable for ${formatIds(expectedIds)}`
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const acFailures = devResult.ac_failures ?? [];
+		if (acFailures.length > 0) {
+			const findings = acFailures.map((failure) => ({
+				category: "ac-explicit-failure",
+				severity: "error",
+				message: `dev-story reported AC failure: ${failure}`
+			}));
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const testOutcome = normalizeTestOutcome(devResult.tests);
+		if (testOutcome === "fail") {
+			const findings = [{
+				category: "ac-test-failure",
+				severity: "error",
+				message: "dev-story reported failing tests"
+			}];
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		const claimedIds = new Set(extractClaimedAcceptanceCriteriaIds(devResult.ac_met));
+		const missingIds = expectedIds.filter((id) => !claimedIds.has(id));
+		if (missingIds.length > 0) {
+			const claimedSummary = formatIds(sortAcIds(claimedIds)) || "none";
+			const findings = missingIds.map((id) => ({
+				category: "ac-missing-evidence",
+				severity: "error",
+				message: `missing dev-story AC evidence for ${id} (expected ${formatIds(expectedIds)}, claimed ${claimedSummary})`
+			}));
+			return {
+				status: "fail",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		if (testOutcome === void 0) {
+			const findings = [{
+				category: "ac-test-outcome-missing",
+				severity: "warn",
+				message: `AC evidence covers ${formatIds(expectedIds)} but test outcome is unavailable`
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		return {
+			status: "pass",
+			details: `acceptance-criteria-evidence: AC evidence covers ${formatIds(expectedIds)}; tests=${testOutcome}`,
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+	}
+};
+
+//#endregion
+//#region packages/sdlc/dist/verification/checks/build-check.js
+/** Hard timeout for the build command in milliseconds (FR-V11). */
+const BUILD_CHECK_TIMEOUT_MS = 6e4;
+/** Maximum characters to include in details string from build output. */
+const MAX_OUTPUT_CHARS = 2e3;
+/** Per-stream tail size cap for structured findings (story 55-1 convention). */
+const TAIL_BYTES = 4 * 1024;
+/** Return the last N bytes of a UTF-8 string, sliced by string length for simplicity. */
+function tail$1(text, bytes = TAIL_BYTES) {
+	return text.length <= bytes ? text : text.slice(text.length - bytes);
+}
+/**
+* Detect the build command for a project based on files present in `workingDir`.
+*
+* Returns an empty string when no recognized build system is found, which
+* causes BuildCheck to return a 'warn' result without blocking the pipeline.
+*
+* NOTE: Do NOT import from src/modules/agent-dispatch/dispatcher-impl.ts —
+* that would create a circular dependency from packages/sdlc/ → monolith src/.
+* This function inlines the detection logic independently.
+*/
+function detectBuildCommand(workingDir) {
+	if (existsSync(join$1(workingDir, "turbo.json"))) return "turbo build";
+	if (existsSync(join$1(workingDir, "pnpm-lock.yaml"))) return "pnpm run build";
+	if (existsSync(join$1(workingDir, "yarn.lock"))) return "yarn build";
+	if (existsSync(join$1(workingDir, "bun.lockb"))) return "bun run build";
+	if (existsSync(join$1(workingDir, "package.json"))) return "npm run build";
+	const nonNodeMarkers = [
+		"pyproject.toml",
+		"poetry.lock",
+		"setup.py",
+		"Cargo.toml",
+		"go.mod"
+	];
+	for (const marker of nonNodeMarkers) if (existsSync(join$1(workingDir, marker))) return "";
+	return "";
+}
+/**
+* Runs the project's build command and returns pass/warn/fail based on exit code.
+*
+* AC1: exit code 0 → pass
+* AC2: non-zero exit code → fail with truncated output in details
+* AC3: timeout → kill process group, return fail with timeout message
+* AC4: no recognized build system → warn without blocking
+* AC5: explicit buildCommand override respected; empty string → warn (skip)
+* AC6: name === 'build', tier === 'A'
+*/
+var BuildCheck = class {
+	name = "build";
+	tier = "A";
+	async run(context) {
+		const start = Date.now();
+		const cmd = context.buildCommand !== void 0 ? context.buildCommand : detectBuildCommand(context.workingDir);
+		if (cmd === "") {
+			const findings = [{
+				category: "build-skip",
+				severity: "warn",
+				message: `no build command detected for project at ${context.workingDir}`
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings),
+				duration_ms: Date.now() - start,
+				findings
+			};
+		}
+		return new Promise((resolve$2) => {
+			const child = spawn(cmd, [], {
+				cwd: context.workingDir,
+				detached: true,
+				shell: true,
+				stdio: [
+					"ignore",
+					"pipe",
+					"pipe"
+				]
+			});
+			let stdout = "";
+			let stderr = "";
+			let output = "";
+			child.stdout?.on("data", (chunk) => {
+				const s = chunk.toString();
+				stdout += s;
+				output += s;
+			});
+			child.stderr?.on("data", (chunk) => {
+				const s = chunk.toString();
+				stderr += s;
+				output += s;
+			});
+			const timeoutHandle = setTimeout(() => {
+				try {
+					process.kill(-child.pid, "SIGKILL");
+				} catch {}
+				const duration = Date.now() - start;
+				const findings = [{
+					category: "build-timeout",
+					severity: "error",
+					message: `command exceeded ${BUILD_CHECK_TIMEOUT_MS}ms`,
+					command: cmd,
+					stdoutTail: tail$1(stdout),
+					stderrTail: tail$1(stderr),
+					durationMs: duration
+				}];
+				resolve$2({
+					status: "fail",
+					details: renderFindings(findings),
+					duration_ms: duration,
+					findings
+				});
+			}, BUILD_CHECK_TIMEOUT_MS);
+			child.on("close", (code) => {
+				clearTimeout(timeoutHandle);
+				const duration = Date.now() - start;
+				if (code === 0) resolve$2({
+					status: "pass",
+					details: "build passed",
+					duration_ms: duration,
+					findings: []
+				});
+				else {
+					const truncated = output.length > MAX_OUTPUT_CHARS ? output.slice(0, MAX_OUTPUT_CHARS) + "... (truncated)" : output;
+					const findings = [{
+						category: "build-error",
+						severity: "error",
+						message: `build failed (exit ${code}): ${truncated}`,
+						command: cmd,
+						...code !== null ? { exitCode: code } : {},
+						stdoutTail: tail$1(stdout),
+						stderrTail: tail$1(stderr),
+						durationMs: duration
+					}];
+					resolve$2({
+						status: "fail",
+						details: renderFindings(findings),
+						duration_ms: duration,
+						findings
+					});
+				}
+			});
+		});
+	}
+};
+
+//#endregion
+//#region packages/sdlc/dist/verification/probes/types.js
+/**
+* Execution sandbox for a runtime probe.
+*
+* - `host`: probe runs directly on the operator's machine. Explicit opt-in.
+*   Cheapest; most dangerous. Authors choosing `host` acknowledge the probe
+*   may touch host state (ports, systemd units, filesystem) and take
+*   responsibility for cleanup.
+* - `twin`: probe runs inside an ephemeral sandbox brokered by the Digital
+*   Twin subsystem (Epic 47). Twin integration is **deferred to Phase 3** —
+*   probes with `sandbox: twin` currently emit a `probe-deferred` warn
+*   finding rather than executing. Authors can declare twin-scoped probes
+*   today and they will execute transparently once Phase 3 lands.
+*/
+const RuntimeProbeSandboxSchema = z.enum(["host", "twin"]);
+/**
+* Default per-probe timeout in milliseconds. Matches the existing
+* BuildCheck ceiling (60 s) — deliberate, so probe timeouts are bounded
+* by the same policy the pipeline already uses for long-running checks.
+*/
+const DEFAULT_PROBE_TIMEOUT_MS = 6e4;
+/** Hard upper bound on per-probe stdout/stderr retention (≤ 4 KiB — the
+*  same convention as VerificationFinding.{stdoutTail,stderrTail}). */
+const PROBE_TAIL_BYTES = 4 * 1024;
+/**
+* Zod schema for one runtime probe declared in a story's
+* `## Runtime Probes` section.
+*
+* Required fields (`name`, `sandbox`, `command`) force authors to make
+* intent explicit — no silent defaults that could mask a miswritten probe.
+* Optional fields cover operational knobs with sensible fallbacks.
+*/
+const RuntimeProbeSchema = z.object({
+	name: z.string().min(1, "probe name is required"),
+	sandbox: RuntimeProbeSandboxSchema,
+	command: z.string().min(1, "probe command is required"),
+	timeout_ms: z.number().int().positive().optional(),
+	description: z.string().optional()
+});
+/** Zod schema for the full list (wrapping the per-probe schema). */
+const RuntimeProbeListSchema = z.array(RuntimeProbeSchema);
+
+//#endregion
+//#region packages/sdlc/dist/verification/probes/parser.js
+const SECTION_HEADING = /^##\s+Runtime\s+Probes\s*$/i;
+/**
+* Return the raw text of the story's `## Runtime Probes` section (excluding
+* the heading line itself), or `undefined` if the section is not present.
+*
+* The section ends at the next `##` heading or end-of-file. Sub-headings
+* (`###`, `####`) remain part of the section body.
+*/
+function extractRuntimeProbesSection(storyContent) {
+	const lines = storyContent.split(/\r?\n/);
+	const start = lines.findIndex((line) => SECTION_HEADING.test(line.trim()));
+	if (start === -1) return void 0;
+	let end = lines.length;
+	for (let i = start + 1; i < lines.length; i += 1) if (/^##\s+\S/.test(lines[i] ?? "")) {
+		end = i;
+		break;
+	}
+	return lines.slice(start + 1, end).join("\n");
+}
+/**
+* Extract the body of the first ```yaml (or ```yml) fenced block in the
+* given section text. Returns `undefined` if no yaml fence is present.
+*
+* The opening fence is recognized case-insensitively and may carry an
+* arbitrary trailing info string (e.g. ```yaml title=...). The closing
+* fence is any line whose first non-whitespace run is exactly three
+* backticks.
+*/
+function extractYamlFence(section) {
+	const lines = section.split(/\r?\n/);
+	let inside = false;
+	let collected;
+	for (const line of lines) {
+		if (!inside) {
+			if (/^\s*```\s*(yaml|yml)\b/i.test(line)) {
+				inside = true;
+				collected = [];
+			}
+			continue;
+		}
+		if (/^\s*```\s*$/.test(line)) return (collected ?? []).join("\n");
+		collected?.push(line);
+	}
+	return void 0;
+}
+/**
+* Parse the `## Runtime Probes` section of a story's markdown content.
+*
+* Outcomes:
+*   - section missing                                  → { kind: 'absent' }
+*   - section present, no yaml fence                   → { kind: 'invalid' }
+*   - section present, yaml fence malformed            → { kind: 'invalid' }
+*   - section present, yaml root is not a list         → { kind: 'invalid' }
+*   - section present, entry fails RuntimeProbeSchema  → { kind: 'invalid' }
+*   - section present, yaml valid, all entries valid   → { kind: 'parsed' }
+*
+* Duplicate names within a single story are surfaced as `invalid` so that
+* finding messages can unambiguously reference a probe by name.
+*/
+function parseRuntimeProbes(storyContent) {
+	const section = extractRuntimeProbesSection(storyContent);
+	if (section === void 0) return { kind: "absent" };
+	const yamlBody = extractYamlFence(section);
+	if (yamlBody === void 0) return {
+		kind: "invalid",
+		error: "## Runtime Probes section is present but contains no terminated ```yaml fenced block"
+	};
+	let parsed;
+	try {
+		parsed = load(yamlBody) ?? [];
+	} catch (err) {
+		const detail = err instanceof YAMLException ? err.message : String(err);
+		return {
+			kind: "invalid",
+			error: `YAML parse error: ${detail}`
+		};
+	}
+	if (!Array.isArray(parsed)) return {
+		kind: "invalid",
+		error: `probe block root must be a YAML list; got ${typeof parsed}`
+	};
+	const validation = RuntimeProbeListSchema.safeParse(parsed);
+	if (!validation.success) {
+		const first = validation.error.issues[0];
+		const path$1 = first?.path.join(".") ?? "";
+		const message = first?.message ?? "schema validation failed";
+		return {
+			kind: "invalid",
+			error: `probe list is malformed at ${path$1 || "<root>"}: ${message}`
+		};
+	}
+	const probes = validation.data;
+	const seen = new Set();
+	for (const probe of probes) {
+		if (seen.has(probe.name)) return {
+			kind: "invalid",
+			error: `duplicate probe name: ${probe.name}`
+		};
+		seen.add(probe.name);
+	}
+	return {
+		kind: "parsed",
+		probes
+	};
+}
+
+//#endregion
+//#region packages/sdlc/dist/verification/probes/executor.js
+/** Return the last N bytes of a UTF-8 string (sliced by length for simplicity). */
+function tail(text, bytes = PROBE_TAIL_BYTES) {
+	return text.length <= bytes ? text : text.slice(text.length - bytes);
+}
+/**
+* Execute one probe on the host and return a structured ProbeResult.
+*
+* Behavior notes:
+*   - The shell used is `/bin/sh -c '<probe.command>'` inside a detached
+*     process group (so the entire tree is killed on timeout).
+*   - stdout and stderr are captured independently; each is returned
+*     tailed to PROBE_TAIL_BYTES (≤ 4 KiB) so published tarballs of the
+*     run manifest stay small.
+*   - Timeout defaults to `probe.timeout_ms ?? DEFAULT_PROBE_TIMEOUT_MS`
+*     (60 s). When the timeout fires, the process group is SIGKILL'd and
+*     the returned result has `outcome: 'timeout'`, `exitCode` undefined.
+*   - Never throws. Spawn errors (e.g. exec format error) are returned as
+*     `outcome: 'fail'` with exitCode -1 and the error message captured on
+*     stderrTail, so the caller can emit a deterministic finding.
+*/
+function executeProbeOnHost(probe, options = {}) {
+	const timeoutMs = probe.timeout_ms ?? DEFAULT_PROBE_TIMEOUT_MS;
+	const cwd = options.cwd ?? process.cwd();
+	const env = options.env ?? process.env;
+	const start = Date.now();
+	return new Promise((resolve$2) => {
+		let stdout = "";
+		let stderr = "";
+		let settled = false;
+		const child = spawn(probe.command, [], {
+			cwd,
+			env,
+			detached: true,
+			shell: true,
+			stdio: [
+				"ignore",
+				"pipe",
+				"pipe"
+			]
+		});
+		const finalize = (result) => {
+			if (settled) return;
+			settled = true;
+			resolve$2(result);
+		};
+		child.on("error", (err) => {
+			finalize({
+				outcome: "fail",
+				command: probe.command,
+				exitCode: -1,
+				stdoutTail: tail(stdout),
+				stderrTail: tail(stderr + (stderr.length > 0 && !stderr.endsWith("\n") ? "\n" : "") + `spawn error: ${err.message}\n`),
+				durationMs: Date.now() - start
+			});
+		});
+		child.stdout?.on("data", (chunk) => {
+			stdout += chunk.toString();
+		});
+		child.stderr?.on("data", (chunk) => {
+			stderr += chunk.toString();
+		});
+		const timeoutHandle = setTimeout(() => {
+			try {
+				if (child.pid !== void 0) process.kill(-child.pid, "SIGKILL");
+			} catch {}
+			finalize({
+				outcome: "timeout",
+				command: probe.command,
+				stdoutTail: tail(stdout),
+				stderrTail: tail(stderr),
+				durationMs: Date.now() - start
+			});
+		}, timeoutMs);
+		child.on("close", (code) => {
+			clearTimeout(timeoutHandle);
+			const duration = Date.now() - start;
+			finalize({
+				outcome: code === 0 ? "pass" : "fail",
+				command: probe.command,
+				...code !== null ? { exitCode: code } : {},
+				stdoutTail: tail(stdout),
+				stderrTail: tail(stderr),
+				durationMs: duration
+			});
+		});
+	});
+}
+
+//#endregion
+//#region packages/sdlc/dist/verification/checks/runtime-probe-check.js
+const CATEGORY_PARSE = "runtime-probe-parse-error";
+const CATEGORY_SKIP = "runtime-probe-skip";
+const CATEGORY_DEFERRED = "runtime-probe-deferred";
+const CATEGORY_FAIL = "runtime-probe-fail";
+const CATEGORY_TIMEOUT = "runtime-probe-timeout";
+const defaultExecutors = { host: (probe) => executeProbeOnHost(probe, { cwd: process.cwd() }) };
+var RuntimeProbeCheck = class {
+	name = "runtime-probes";
+	tier = "A";
+	_executors;
+	constructor(executors) {
+		this._executors = {
+			...defaultExecutors,
+			...executors ?? {}
+		};
+	}
+	async run(context) {
+		const start = Date.now();
+		if (context.storyContent === void 0) {
+			const findings$1 = [{
+				category: CATEGORY_SKIP,
+				severity: "warn",
+				message: "story content unavailable — skipping runtime probe check"
+			}];
+			return {
+				status: "warn",
+				details: renderFindings(findings$1),
+				duration_ms: Date.now() - start,
+				findings: findings$1
+			};
+		}
+		const parsed = parseRuntimeProbes(context.storyContent);
+		if (parsed.kind === "absent") return {
+			status: "pass",
+			details: "runtime-probes: no ## Runtime Probes section declared — skipping",
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+		if (parsed.kind === "invalid") {
+			const findings$1 = [{
+				category: CATEGORY_PARSE,
+				severity: "error",
+				message: parsed.error
+			}];
+			return {
+				status: "fail",
+				details: renderFindings(findings$1),
+				duration_ms: Date.now() - start,
+				findings: findings$1
+			};
+		}
+		if (parsed.probes.length === 0) return {
+			status: "pass",
+			details: "runtime-probes: 0 probes declared — skipping",
+			duration_ms: Date.now() - start,
+			findings: []
+		};
+		const findings = [];
+		for (const probe of parsed.probes) {
+			if (probe.sandbox === "twin") {
+				findings.push({
+					category: CATEGORY_DEFERRED,
+					severity: "warn",
+					message: `probe "${probe.name}" uses sandbox=twin which is deferred until Phase 3 (Digital Twin integration); skipping`
+				});
+				continue;
+			}
+			const result = await this._executors.host(probe);
+			if (result.outcome === "pass") continue;
+			const category = result.outcome === "timeout" ? CATEGORY_TIMEOUT : CATEGORY_FAIL;
+			const descriptor = probe.description ? ` (${probe.description})` : "";
+			const message = result.outcome === "timeout" ? `probe "${probe.name}"${descriptor} timed out after ${result.durationMs}ms` : `probe "${probe.name}"${descriptor} failed with exit ${result.exitCode ?? "unknown"}`;
+			findings.push({
+				category,
+				severity: "error",
+				message,
+				command: result.command,
+				...result.exitCode !== void 0 ? { exitCode: result.exitCode } : {},
+				stdoutTail: result.stdoutTail,
+				stderrTail: result.stderrTail,
+				durationMs: result.durationMs
+			});
+		}
+		const status = findings.some((f) => f.severity === "error") ? "fail" : findings.some((f) => f.severity === "warn") ? "warn" : "pass";
+		return {
+			status,
+			details: findings.length > 0 ? renderFindings(findings) : `runtime-probes: ${parsed.probes.length} probe(s) passed`,
+			duration_ms: Date.now() - start,
+			findings
+		};
+	}
+};
+
+//#endregion
+//#region packages/sdlc/dist/verification/verification-pipeline.js
+/**
+* Compute the worst-case aggregate status across a list of check results.
+* Precedence: fail > warn > pass.
+*/
+function aggregateStatus(checks) {
+	let result = "pass";
+	for (const c of checks) {
+		if (c.status === "fail") return "fail";
+		if (c.status === "warn") result = "warn";
+	}
+	return result;
+}
+/**
+* Runs an ordered chain of VerificationCheck implementations after each story dispatch.
+*
+* Checks are stored in registration order. When `run()` is called with `tier: 'A'`
+* only Tier A checks execute; when called with `tier: 'B'` only Tier B checks execute.
+* (Story 51-5 will invoke both tiers at the appropriate orchestration points.)
+*/
+var VerificationPipeline = class {
+	_bus;
+	_checks = [];
+	/**
+	* @param bus    Typed event bus for emitting verification events.
+	* @param checks Optional initial list of checks to register at construction time.
+	*/
+	constructor(bus, checks = []) {
+		this._bus = bus;
+		for (const check of checks) this.register(check);
+	}
+	/**
+	* Register a VerificationCheck.
+	*
+	* Checks are stored in insertion order within their tier.
+	* Tier A checks always run before Tier B checks regardless of registration order.
+	*/
+	register(check) {
+		this._checks.push(check);
+	}
+	/**
+	* Execute all checks matching the specified tier sequentially.
+	*
+	* AC2: Tier A checks execute in registration order.
+	* AC4: Results are aggregated into a VerificationSummary.
+	* AC5: verification:check-complete and verification:story-complete events are emitted.
+	* AC6: Unhandled exceptions are caught and recorded as warn.
+	*
+	* @param context  Verification context for the story being verified.
+	* @param tier     Which tier of checks to execute ('A' | 'B'). Defaults to 'A'.
+	*/
+	async run(context, tier = "A") {
+		const pipelineStart = Date.now();
+		const checks = this._checks.filter((c) => c.tier === tier);
+		const checkResults = [];
+		for (const check of checks) {
+			const checkStart = Date.now();
+			let result;
+			try {
+				const runResult = await check.run(context);
+				result = {
+					checkName: check.name,
+					status: runResult.status,
+					details: runResult.details,
+					duration_ms: runResult.duration_ms,
+					...runResult.findings !== void 0 ? { findings: runResult.findings } : {}
+				};
+			} catch (err) {
+				const elapsed = Date.now() - checkStart;
+				const message = err instanceof Error ? err.message : String(err);
+				process.stderr.write(`[verification-pipeline] check "${check.name}" threw an unhandled exception: ${message}\n`);
+				result = {
+					checkName: check.name,
+					status: "warn",
+					details: message,
+					duration_ms: elapsed,
+					findings: [{
+						category: "check-exception",
+						severity: "warn",
+						message
+					}]
+				};
+			}
+			checkResults.push(result);
+			this._bus.emit("verification:check-complete", {
+				storyKey: context.storyKey,
+				checkName: result.checkName,
+				status: result.status,
+				details: result.details,
+				duration_ms: result.duration_ms
+			});
+		}
+		const summary = {
+			storyKey: context.storyKey,
+			checks: checkResults,
+			status: aggregateStatus(checkResults),
+			duration_ms: Date.now() - pipelineStart
+		};
+		this._bus.emit("verification:story-complete", summary);
+		return summary;
+	}
+};
+/**
+* Create a VerificationPipeline pre-loaded with the canonical check set.
+*
+* Canonical Tier A check order:
+*   1. PhantomReviewCheck — story 51-2  (runs first: unreviewed stories skipped)
+*   2. TrivialOutputCheck — story 51-3
+*   3. AcceptanceCriteriaEvidenceCheck
+*   4. BuildCheck         — story 51-4
+*   5. RuntimeProbeCheck  — Epic 55 Phase 2: runtime behavior gate; runs last
+*                           in Tier A because probes may depend on built artifacts
+*
+* @param bus    Typed event bus for verification events.
+* @param config Optional config (used to forward threshold to TrivialOutputCheck).
+*/
+function createDefaultVerificationPipeline(bus, config) {
+	const checks = [
+		new PhantomReviewCheck(),
+		new TrivialOutputCheck(config),
+		new AcceptanceCriteriaEvidenceCheck(),
+		new BuildCheck(),
+		new RuntimeProbeCheck()
+	];
+	return new VerificationPipeline(bus, checks);
+}
+
 //#endregion
 //#region packages/sdlc/dist/run-model/cli-flags.js
 /**
@@ -2928,6 +3884,27 @@ const CliFlagsSchema = z.object({
 //#endregion
 //#region packages/sdlc/dist/run-model/verification-result.js
 /**
+* Schema for a single structured verification finding (story 55-1 / 55-3).
+*
+* Mirrors the VerificationFinding interface in
+* packages/sdlc/src/verification/findings.ts without importing from that
+* module to keep run-model free of a dependency on verification.
+*/
+const StoredVerificationFindingSchema = z.object({
+	category: z.string(),
+	severity: z.enum([
+		"error",
+		"warn",
+		"info"
+	]),
+	message: z.string(),
+	command: z.string().optional(),
+	exitCode: z.number().int().optional(),
+	stdoutTail: z.string().optional(),
+	stderrTail: z.string().optional(),
+	durationMs: z.number().nonnegative().optional()
+});
+/**
 * Schema for a single per-check verification result stored in the manifest.
 *
 * Mirrors VerificationCheckResult from packages/sdlc/src/verification/types.ts
@@ -2941,7 +3918,8 @@ const StoredVerificationCheckResultSchema = z.object({
 		"fail"
 	]),
 	details: z.string(),
-	duration_ms: z.number().nonnegative()
+	duration_ms: z.number().nonnegative(),
+	findings: z.array(StoredVerificationFindingSchema).optional()
 });
 /**
 * Schema for the aggregated verification pipeline summary stored in the manifest.
@@ -4252,5 +5230,5 @@ function registerHealthCommand(program, _version = "0.0.0", projectRoot = proces
 }
 
 //#endregion
-export { BMAD_BASELINE_TOKENS_FULL, DEFAULT_STALL_THRESHOLD_SECONDS, DoltMergeConflict, FileStateStore, FindingsInjector, RunManifest, STOP_AFTER_VALID_PHASES, STORY_KEY_PATTERN$1 as STORY_KEY_PATTERN, SUBSTRATE_OWNED_SETTINGS_KEYS, SupervisorLock, VALID_PHASES, WorkGraphRepository, __commonJS, __require, __toESM, applyConfigToGraph, buildPipelineStatusOutput, createDatabaseAdapter$1 as createDatabaseAdapter, createGraphOrchestrator, createSdlcCodeReviewHandler, createSdlcCreateStoryHandler, createSdlcDevStoryHandler, createSdlcPhaseHandler, createStateStore, detectCycles, extractTargetFilesFromStoryContent, findPackageRoot, formatOutput, formatPipelineStatusHuman, formatPipelineSummary, formatTokenTelemetry, getAllDescendantPids, getAutoHealthData, getSubstrateDefaultSettings, inspectProcessTree, isOrchestratorProcessLine, parseDbTimestampAsUtc, registerHealthCommand, resolveBmadMethodSrcPath, resolveBmadMethodVersion, resolveGraphPath, resolveMainRepoRoot, resolveRunManifest, runHealthAction, validateStoryKey };
-//# sourceMappingURL=health-BfeoutPu.js.map
+export { BMAD_BASELINE_TOKENS_FULL, DEFAULT_STALL_THRESHOLD_SECONDS, DoltMergeConflict, FileStateStore, FindingsInjector, RunManifest, STOP_AFTER_VALID_PHASES, STORY_KEY_PATTERN$1 as STORY_KEY_PATTERN, SUBSTRATE_OWNED_SETTINGS_KEYS, SupervisorLock, VALID_PHASES, WorkGraphRepository, __commonJS, __require, __toESM, applyConfigToGraph, buildPipelineStatusOutput, createDatabaseAdapter$1 as createDatabaseAdapter, createDefaultVerificationPipeline, createGraphOrchestrator, createSdlcCodeReviewHandler, createSdlcCreateStoryHandler, createSdlcDevStoryHandler, createSdlcPhaseHandler, createStateStore, detectCycles, extractTargetFilesFromStoryContent, findPackageRoot, formatOutput, formatPipelineStatusHuman, formatPipelineSummary, formatTokenTelemetry, getAllDescendantPids, getAutoHealthData, getSubstrateDefaultSettings, inspectProcessTree, isOrchestratorProcessLine, parseDbTimestampAsUtc, registerHealthCommand, renderFindings, resolveBmadMethodSrcPath, resolveBmadMethodVersion, resolveGraphPath, resolveMainRepoRoot, resolveRunManifest, runHealthAction, validateStoryKey };
+//# sourceMappingURL=health-DHLR9Iz1.js.map