ultimate-pi 0.18.0 → 0.18.1

package/.pi/lib/harness-ui-state.ts

@@ -375,8 +375,6 @@ export const HARNESS_PHASE_ORDER: readonly HarnessPhase[] = [
 	"plan",
 	"execute",
 	"evaluate",
-	"adversary",
-	"merge",
 ] as const;
 
 export function formatHarnessPhaseLabel(phase: HarnessPhase): string {
@@ -384,13 +382,11 @@ export function formatHarnessPhaseLabel(phase: HarnessPhase): string {
 		case "plan":
 			return "plan";
 		case "execute":
-			return "build";
+			return "run";
 		case "evaluate":
-			return "eval";
 		case "adversary":
-			return "review";
 		case "merge":
-			return "merge";
+			return "review";
 	}
 }
 
@@ -400,6 +396,25 @@ export function nextHarnessPhase(phase: HarnessPhase): HarnessPhase | null {
 	return HARNESS_PHASE_ORDER[index + 1] ?? null;
 }
 
+function mainPhaseCommandForStatus(state: HarnessUiState): string | null {
+	const command = state.nextRecommendedCommand;
+	if (!command) return null;
+	const normalized = command.toLowerCase();
+
+	if (normalized.includes("/harness-plan")) {
+		return normalized.includes("revise")
+			? "/harness-plan (mode: revise)"
+			: "/harness-plan";
+	}
+	if (normalized.includes("/harness-review")) return "/harness-review";
+	if (normalized.includes("/harness-run-status")) {
+		return state.phase === "execute" ? "/harness-review" : null;
+	}
+	if (normalized.includes("/harness-run")) return "/harness-run";
+	if (normalized.includes("/harness-steer")) return "/harness-run";
+	return null;
+}
+
 function truncateStatusCommand(command: string, maxLen = 40): string {
 	if (command.length <= maxLen) return command;
 	return `${command.slice(0, maxLen - 3)}...`;
@@ -430,9 +445,10 @@ export function deriveHarnessStatusHint(state: HarnessUiState): {
 	) {
 		return { text: "Waiting for your input", severity: "warning" };
 	}
-	if (state.nextRecommendedCommand) {
+	const mainPhaseCommand = mainPhaseCommandForStatus(state);
+	if (mainPhaseCommand) {
 		return {
-			text: `Next: ${truncateStatusCommand(state.nextRecommendedCommand)}`,
+			text: `Next: ${truncateStatusCommand(mainPhaseCommand)}`,
 			severity: "accent",
 		};
 	}
@@ -450,13 +466,12 @@ export function deriveHarnessStatusHint(state: HarnessUiState): {
 	}
 	switch (state.phase) {
 		case "execute":
-			return { text: "Implementing changes", severity: "accent" };
+			return { text: "Running changes", severity: "accent" };
 		case "evaluate":
-			return { text: "Running checks", severity: "accent" };
 		case "adversary":
-			return { text: "Review gate", severity: "accent" };
+			return { text: "Reviewing changes", severity: "accent" };
 		case "merge":
-			return { text: "Ready to finish", severity: "accent" };
+			return { text: "Review complete", severity: "accent" };
 		default:
 			return { text: "Planning", severity: "muted" };
 	}

package/.pi/prompts/harness-auto.md

@@ -21,7 +21,7 @@ If task missing:
 Follow **harness-plan** performance rules (`subagent` with `agentScope: "both"`). Use parallel `tasks` only for Phase 3.5 research (≤2 lanes) when subprocesses are needed. Never parallelize decompose∥hypothesis or debate lanes — precheck enforces this.
 
 1. **Plan** — follow `/harness-plan` (context → lakes/synthesis or sequential framing → research → plan-verify → `approve_plan()` + `create_plan()`). One approval.
-2. **Execute** — `harness/executor` with `executor_strategy` from packet (default `single_pass` for low/med).
+2. **Execute** — `harness/running/executor` with `executor_strategy` from packet (default `single_pass` for low/med).
 3. **Review** — always **`/harness-review`** after execute (no benchmark fail-fast).
 4. **Steer loop** — while `review-outcome.remediation_class === implementation_gap` and `steer_attempt < HARNESS_STEER_MAX_ATTEMPTS`: `/harness-steer` → `/harness-review` (tiered adversary on attempts 2+).
 5. **Parent** — apply locked strict gates; commit/PR only when `remediation_class: pass`.
@@ -50,7 +50,7 @@ Block commit/PR if any fails: plan gate, execution in scope, evaluator pass, adv
 - `--quick` reduces breadth (skips semantic coverage in planning context, post-run adversary, tie-breaker), never core safety gates on plan approval or evaluator.
 - High risk/ambiguity → stop and recommend manual `/harness-plan` with `ask_user`.
 - Interrupt: `/harness-abort [reason]` then `/harness-plan`.
-- Artifact refs under active run dir; `/harness-run-status` or `/harness-trace-last` for handoff.
+- Artifact refs under active run dir; use `/harness-trace` for handoff and forensics.
 
 ## Completion
 

package/.pi/prompts/harness-critic.md

@@ -5,6 +5,6 @@ argument-hint: "[--run <run-id>] [--trace <trace-ref>] [--risk low|med|high]"
 
 # harness-critic
 
-**This command is deprecated.** Run **`/harness-review`** instead — Phase 4 runs `harness/adversary` after benchmark and policy verdict pass (skip with `--quick`).
+**This command is deprecated.** Run **`/harness-review`** instead — Phase 4 runs `harness/reviewing/adversary` after benchmark and policy verdict pass (skip with `--quick`).
 
 If you must continue this turn only: forward to `/harness-review` with the same `$ARGUMENTS` (omit `--quick` if you need adversary). Do not spawn adversary in isolation unless the user explicitly requested adversary-only review.

package/.pi/prompts/harness-plan.md

@@ -26,8 +26,6 @@ Subagents persist artifacts via scoped **`submit_*`** tools (deterministic YAML
 - `harness/planning/sprint-contract-auditor` (DoD auditor)
 - `harness/planning/review-integrator` (recorder / integration PM)
 
-Legacy (deprecated, ADR 0041): `scout-graphify`, `scout-structure`, `scout-semantic` — do not spawn by default.
-
 Read **harness-debate-plan** skill before Review Gate rounds.
 
 ## Team topology (spawn laws)
@@ -72,16 +70,16 @@ Do **not** run `ccc index` or `ccc search --refresh`. The harness runs increment
 3. Use `ccc search` for semantic implementation matches (unless `--quick` — set `coverage.semantic.status: skipped`).
 4. Write `artifacts/planning-context.yaml` via `write_harness_yaml` with `schema_version: "1.0.0"`, `status`, `summary`, `coverage` (architecture + structure required; semantic per risk/quick), `findings`, `evidence_refs`, `open_questions`.
 
-**Optional subprocess:** Spawn **at most one** `harness/planning/planning-context` when the brief is large or you need context isolation. Do **not** spawn legacy `scout-*` agents in parallel by default.
+**Optional subprocess:** Spawn **at most one** `harness/planning/planning-context` when the brief is large or you need context isolation.
 
-Gate: `harness_artifact_ready({ paths: ["artifacts/planning-context.yaml"] })` (legacy trio of `scout-*.yaml` still accepted for one release — see ADR 0041).
+Gate: `harness_artifact_ready({ paths: ["artifacts/planning-context.yaml"] })`.
 
 ## Phase 2a — WBS / scope decomposition (sequential)
 
 **Practice:** PMBOK scope / WBS; Berkun — how the team divides work.
 
 ```
-subagent({ agentScope: "both", agent: "harness/planning/decompose", task: "<HarnessSpawnContext + path to planning-context.yaml or legacy scout artifacts>" })
+subagent({ agentScope: "both", agent: "harness/planning/decompose", task: "<HarnessSpawnContext + path to planning-context.yaml>" })
 ```
 
 Gate: `harness_artifact_ready({ paths: ["artifacts/decomposition.yaml"] })`.

package/.pi/prompts/harness-review.md

@@ -13,9 +13,9 @@ Read **harness-orchestration** and **harness-review** skills before spawning.
 
 ## Allowed subagents
 
-- `harness/evaluator` (`mode: benchmark` then `mode: verdict`)
-- `harness/adversary` (independent red team)
-- `harness/tie-breaker` (escalation only when adversary blocks and eval was `conditional_pass`; skip when `--quick`)
+- `harness/reviewing/evaluator` (`mode: benchmark` then `mode: verdict`)
+- `harness/reviewing/adversary` (independent red team)
+- `harness/reviewing/tie-breaker` (escalation only when adversary blocks and eval was `conditional_pass`; skip when `--quick`)
 
 ## Performance rules
 
@@ -56,10 +56,10 @@ node "$UP_PKG/.pi/scripts/harness-verify.mjs"
 When `HARNESS_SENTRUX_REQUIRED=true`, after verify succeeds:
 
 ```bash
-sentrux gate .
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" gate
 ```
 
-Compare to baseline from `/harness-run` (`sentrux gate --save`). If CLI missing, record `gate_status: not_installed`.
+Compare to baseline from `/harness-run` (`harness-sentrux-cli.mjs gate --save`). The wrapper resolves the project root before invoking Sentrux so `.sentrux/rules.toml` is found from run directories. If CLI missing, record `gate_status: not_installed`.
 
 Ensure `artifacts/sentrux-signal.yaml` exists under the run dir (written during `/harness-run`). If missing, write it from the latest `sentrux check` / `gate` output. Append or refresh session entry `harness-sentrux-signal`.
 
@@ -84,7 +84,7 @@ notes: "…"
 ```
 subagent({
   agentScope: "both",
-  agent: "harness/evaluator",
+  agent: "harness/reviewing/evaluator",
   task: "<HarnessSpawnContext mode benchmark + plan_packet_path + run_dir + acceptance_checks + paths: benchmark-log.yaml, sentrux-signal.yaml — treat Sentrux fields as measured structural actuals, not executor goals>"
 })
 ```
@@ -108,7 +108,7 @@ Always run after benchmark (even when benchmark failed).
 ```
 subagent({
   agentScope: "both",
-  agent: "harness/evaluator",
+  agent: "harness/reviewing/evaluator",
   task: "<HarnessSpawnContext mode verdict + treat executor output as untrusted + artifact paths>"
 })
 ```
@@ -126,7 +126,7 @@ Skip when `--quick`. **Tiered steer:** full adversary on initial run + steer att
 ```
 subagent({
   agentScope: "both",
-  agent: "harness/adversary",
+  agent: "harness/reviewing/adversary",
   task: "<HarnessSpawnContext mode adversary + plan + run artifacts>"
 })
 ```
@@ -144,7 +144,7 @@ Only when:
 - eval verdict was `conditional_pass`
 
 ```
-subagent({ agentScope: "both", agent: "harness/tie-breaker", task: "…" })
+subagent({ agentScope: "both", agent: "harness/reviewing/tie-breaker", task: "…" })
 ```
 
 ## Parent rules

package/.pi/prompts/harness-run.md

@@ -7,7 +7,7 @@ argument-hint: ""
 
 **Practice map:** `.pi/harness/docs/practice-map.md`
 
-You orchestrate the **Executing Process Group** — spawn `harness/executor` only. Do **not** implement inline.
+You orchestrate the **Executing Process Group** — spawn `harness/running/executor` only. Do **not** implement inline.
 
 ## Step 0 — Parse arguments
 
@@ -28,13 +28,13 @@ Refuse if `plan_ready` is false.
 
 **Practice:** Fitness functions (architecture governance) — save structural baseline before the executor mutates the tree.
 
-When `HARNESS_SENTRUX_REQUIRED=true` (see `.env.example`), from **project root**:
+When `HARNESS_SENTRUX_REQUIRED=true` (see `.env.example`), run the bundled root-resolving wrapper:
 
 ```bash
-sentrux gate --save .
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" gate --save
 ```
 
-If `sentrux` is not installed, note `gate_baseline: skipped` in run notes and continue (harness-verify may still pass rules-sync checks).
+The wrapper passes the resolved project root explicitly so Sentrux can find `.sentrux/rules.toml` even if the active shell is under `.pi/harness/runs/*`. If `sentrux` is not installed, note `gate_baseline: skipped` in run notes and continue (harness-verify may still pass rules-sync checks).
 
 Do **not** ask the executor to optimize Sentrux metrics — observation is for `/harness-review` only.
 
@@ -48,7 +48,7 @@ Do **not** ask the executor to optimize Sentrux metrics — observation is for `
 4. Spawn (max **1** agent per call):
 
 ```
-subagent({ agentScope: "both", agent: "harness/executor", task: "<HarnessSpawnContext + handoff + critical path hint>" })
+subagent({ agentScope: "both", agent: "harness/running/executor", task: "<HarnessSpawnContext + handoff + critical path hint>" })
 ```
 
 5. Parse subprocess output JSON (`execution_status`, validations, rollback refs) from tool result text.
@@ -61,8 +61,8 @@ subagent({ agentScope: "both", agent: "harness/executor", task: "<HarnessSpawnCo
 After executor subprocess completes:
 
 ```bash
-sentrux check .
-sentrux gate .
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" check
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" gate
 ```
 
 - If `sentrux check` exits non-zero or `gate` reports degradation → set `execution_status: scope_drift` (or `blocked` if unrecoverable); parent runs **`/harness-review`** next (not immediate replan).

package/.pi/prompts/harness-setup.md

@@ -387,11 +387,11 @@ Manual override: **`/router profile auto`** or **`/router profile opencode-go`**
 
 ## Step 3.6 — Harness agents (package-resolved)
 
-`harness-subagents` loads agents from the installed **`ultimate-pi`** package (`$UP_PKG/.pi/agents/**`) with namespaced ids (`harness/executor`, `harness/planning/scout-graphify`, `pi-pi/agent-expert`). **Do not copy** agents into the project unless you want a deliberate override.
+`harness-subagents` loads agents from the installed **`ultimate-pi`** package (`$UP_PKG/.pi/agents/**`) with namespaced ids (`harness/running/executor`, `harness/reviewing/evaluator`, `pi-pi/agent-expert`). **Do not copy** agents into the project unless you want a deliberate override.
 
 **Slash commands are orchestrators:** `/harness-plan`, `/harness-run`, etc. spawn `harness/*` agents via the `Agent` tool — bootstrap stays **script-first**; only optionally spawn `harness/sentrux-bootstrap` for Sentrux (see Step 4.2).
 
-Optional per-repo overrides: place `.md` files at the **same relative path** (e.g. `.pi/agents/harness/planning/scout-graphify.md` overrides the package scout).
+Optional per-repo overrides: place `.md` files at the **same relative path** (e.g. `.pi/agents/harness/running/executor.md` overrides the package executor).
 
 Verify manifest drift after `pi update ultimate-pi`:
 
@@ -531,18 +531,19 @@ node "$UP_PKG/.pi/scripts/harness-sentrux-bootstrap.mjs" --force
 | `harness-sentrux-bootstrap.mjs` (no flags) | `/harness-setup`, first install, re-run safe |
 | `harness-sentrux-bootstrap.mjs --force` | Manifest layers/boundaries/constraints changed |
 | `sentrux-rules-sync.mjs --check` | CI / harness-verify drift only |
+| `harness-sentrux-cli.mjs check` / `gate` | Root-resolving Sentrux checks from harness run dirs |
 | `/harness-sentrux-sync` | Interactive re-sync from pi |
 
 `harness-seed-project-contracts.mjs` (Step 0.5) may copy `architecture.manifest.json` early; bootstrap still personalizes `project` on first seed and writes `rules.toml`.
 
 Verify rules:
 ```bash
-sentrux check . && echo "✓ sentrux rules pass" || echo "✗ sentrux check failed"
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" check && echo "✓ sentrux rules pass" || echo "✗ sentrux check failed"
 ```
 
 Set up structural regression baseline (optional):
 ```bash
-sentrux gate --save . 2>/dev/null || echo "Baseline will be saved on first gate run"
+node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" gate --save 2>/dev/null || echo "Baseline will be saved on first gate run"
 ```
 
 ### 4.3 — Project AGENTS.md

package/.pi/prompts/harness-steer.md

@@ -19,8 +19,8 @@ Thin orchestrator for the **steer loop** (ADR 0044). Run only after `/harness-re
 2. Update `artifacts/steer-state.yaml` (`attempt`, `max_attempts`, `active: true`).
 3. Set policy phase to **execute** before spawning executor (required for mutating tools).
 4. One `ask_user` steer gate unless `run-context.steer_approved` is already true.
-5. Spawn **`harness/executor`** with `HarnessSpawnContext.mode: repair` and `repair_brief_path: artifacts/repair-brief.yaml`.
-6. Optional: `sentrux gate --save .` after repair to refresh baseline (ADR 0044).
+5. Spawn **`harness/running/executor`** with `HarnessSpawnContext.mode: repair` and `repair_brief_path: artifacts/repair-brief.yaml`.
+6. Optional: `node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" gate --save` after repair to refresh baseline (ADR 0044).
 7. `next_command`: **`/harness-review`** (always re-verify; tiered adversary on attempts 2+ per practice-map).
 
 ## Forbidden

package/.pi/scripts/README.md

@@ -27,6 +27,7 @@ From **Typescript extensions**, use `resolveHarnessScript()` / `getHarnessPackag
 | Sentrux rules bootstrap (harness-setup) | `node "$UP_PKG/.pi/scripts/harness-sentrux-bootstrap.mjs"` |
 | Sentrux rules re-sync after manifest edit | `node "$UP_PKG/.pi/scripts/harness-sentrux-bootstrap.mjs" --force` or `/harness-sentrux-sync` |
 | Sentrux rules drift check (CI) | `node "$UP_PKG/.pi/scripts/sentrux-rules-sync.mjs" --check` |
+| Sentrux run/review check or gate (root-resolving) | `node "$UP_PKG/.pi/scripts/harness-sentrux-cli.mjs" check` / `gate [--save]` |
 | Resolve package root (`UP_PKG`) | `node "$UP_PKG/.pi/scripts/harness-resolve-up-pkg.mjs"` |
 | Model-router config (Pi auth) | `node "$UP_PKG/.pi/scripts/harness-generate-model-router.mjs"` |
 | Project `.env` (append-only) | `node "$UP_PKG/.pi/scripts/harness-sync-env.mjs"` (`--create-missing` after user confirms) |

package/.pi/scripts/graphify-kb-updater.mjs

@@ -20,6 +20,7 @@ const DEFAULT_RAW_DIR = "raw/graphify-kb-updates";
 const DEFAULT_DATA_DIR = "data";
 const DEFAULT_GRAPH_DIR = "graphify-out";
 const REQUIRED_RIGHTS = ["license", "access", "approved_by", "approved_at"];
+const REQUIRED_PROVENANCE = ["origin", "locator"];
 const RISKY_KINDS = new Set(["book", "transcript", "youtube"]);
 
 function parseArgs(argv) {
@@ -92,6 +93,8 @@ function loadConfig(args) {
 		allowlist: (cfg.allowlist ?? []).map((entry) => typeof entry === "string" ? { domain: entry, approved: true } : entry),
 		reviewQueue: cfg.review_queue ?? [],
 		articleQueries: cfg.article_queries ?? [],
+		repoSources: cfg.repo_sources ?? [],
+		releaseFeeds: cfg.release_feeds ?? [],
 		paperFeeds: cfg.paper_feeds ?? [],
 		localBooks: cfg.local_books ?? [{ path: "data/books" }],
 		localTranscripts: cfg.local_transcripts ?? [{ path: "data/youtube-transcripts" }],
@@ -130,6 +133,11 @@ function hasRightsApproval(candidate) {
 	return Boolean(r && REQUIRED_RIGHTS.every((k) => typeof r[k] === "string" && r[k].trim()));
 }
 
+function hasCompleteProvenance(candidate) {
+	const p = candidate.provenance;
+	return Boolean(p && REQUIRED_PROVENANCE.every((k) => typeof p[k] === "string" && p[k].trim()));
+}
+
 function urlDomain(url) {
 	try { return new URL(url).hostname.replace(/^www\./, ""); } catch { return ""; }
 }
@@ -138,6 +146,14 @@ function allowlistEntry(cfg, domain) {
 	return cfg.allowlist.find((entry) => entry.domain === domain || domain.endsWith(`.${entry.domain}`));
 }
 
+function allowlistEntryAllows(entry, kind) {
+	return Boolean(entry?.approved === true && (!Array.isArray(entry.allowed_source_classes) || entry.allowed_source_classes.includes(kind)));
+}
+
+function allowlistAllows(candidate) {
+	return Boolean(candidate.allowlist_state.allowed && candidate.allowlist_state.approved && (!Array.isArray(candidate.allowlist_state.allowed_source_classes) || candidate.allowlist_state.allowed_source_classes.includes(candidate.kind)));
+}
+
 function competitorLabels(cfg, candidate) {
 	const haystack = `${candidate.title ?? ""} ${candidate.url ?? ""} ${candidate.path ?? ""}`.toLowerCase();
 	const labels = [];
@@ -163,7 +179,7 @@ function normalizeCandidate(cfg, raw) {
 		risk_class: raw.risk_class ?? taxonomy.risk_class ?? (RISKY_KINDS.has(raw.kind) ? "high" : "medium"),
 		provenance: raw.provenance ?? { origin: raw.source_type, discovered_by: "graphify-kb-updater", locator: raw.url ?? raw.path ?? raw.query ?? null },
 		rights_access: raw.rights_access ?? null,
-		allowlist_state: allow ? { allowed: true, domain: allow.domain, approved: allow.approved === true, approved_by: allow.approved_by ?? null, approved_at: allow.approved_at ?? null } : { allowed: false },
+		allowlist_state: allow ? { allowed: true, domain: allow.domain, approved: allow.approved === true, approved_by: allow.approved_by ?? null, approved_at: allow.approved_at ?? null, allowed_source_classes: allow.allowed_source_classes ?? null } : { allowed: false },
 		approval_state: raw.approved === true ? "approved" : "not_approved",
 	};
 	candidate.competitor_labels = raw.competitor_labels ?? competitorLabels(cfg, candidate);
@@ -175,12 +191,27 @@ function normalizeCandidate(cfg, raw) {
 function discoverCandidates(cfg, args) {
 	const candidates = [];
 	for (const query of cfg.articleQueries) candidates.push({ kind: "article", source_type: "web_search_query", title: query, query, review_required: true, promotion_policy: "stage_only" });
+	for (const repo of cfg.repoSources) {
+		const kind = "repo";
+		const domain = urlDomain(repo.url);
+		const allow = allowlistEntry(cfg, domain);
+		const explicit = cfg.autoPromoteAllowlist && allowlistEntryAllows(allow, kind) && repo.approved === true;
+		candidates.push({ ...repo, kind, source_type: "repo_metadata", domain, review_required: !explicit, promotion_policy: explicit ? "allowlist_auto_promote" : "manual_review", rights_access: repo.rights_access ?? null, provenance: repo.provenance });
+	}
+	for (const release of cfg.releaseFeeds) {
+		const kind = "release";
+		const domain = urlDomain(release.url);
+		const allow = allowlistEntry(cfg, domain);
+		const explicit = cfg.autoPromoteAllowlist && allowlistEntryAllows(allow, kind) && release.approved === true;
+		candidates.push({ ...release, kind, source_type: "release_metadata", domain, review_required: !explicit, promotion_policy: explicit ? "allowlist_auto_promote" : "manual_review", rights_access: release.rights_access ?? null, provenance: release.provenance });
+	}
 	for (const feed of cfg.paperFeeds) candidates.push({ kind: "paper", source_type: "feed", title: feed.title ?? feed.url, url: feed.url, rights_access: feed.rights_access ?? null, review_required: true, promotion_policy: "stage_only", provenance: feed.provenance });
 	for (const entry of cfg.reviewQueue) {
+		const kind = entry.kind ?? "article";
 		const domain = urlDomain(entry.url);
 		const allow = allowlistEntry(cfg, domain);
-		const explicit = cfg.autoPromoteAllowlist && allow?.approved === true && entry.approved === true;
-		candidates.push({ ...entry, kind: entry.kind ?? "article", source_type: "review_queue", domain, review_required: !explicit, promotion_policy: explicit ? "allowlist_auto_promote" : "manual_review", rights_access: entry.rights_access ?? null });
+		const explicit = cfg.autoPromoteAllowlist && allowlistEntryAllows(allow, kind) && entry.approved === true;
+		candidates.push({ ...entry, kind, source_type: "review_queue", domain, review_required: !explicit, promotion_policy: explicit ? "allowlist_auto_promote" : "manual_review", rights_access: entry.rights_access ?? null });
 	}
 	for (const spec of cfg.localBooks) for (const file of walkFiles(resolve(ROOT, spec.path), [".md", ".txt", ".pdf"], spec.max_files ?? 50)) candidates.push({ kind: "book", source_type: "local_file", title: basename(file), path: rel(file), rights_access: rightsFromSidecar(file), review_required: true, promotion_policy: "manual_review" });
 	for (const spec of cfg.localTranscripts) for (const file of walkFiles(resolve(ROOT, spec.path), [".md", ".txt", ".vtt"], spec.max_files ?? 80)) candidates.push({ kind: "transcript", source_type: "local_file", title: basename(file), path: rel(file), rights_access: rightsFromSidecar(file), review_required: true, promotion_policy: "manual_review" });
@@ -208,10 +239,11 @@ function sourceBody(candidate) {
 }
 
 function promotionAllowed(candidate) {
+	if (!hasCompleteProvenance(candidate)) return { ok: false, reason: "missing_complete_provenance" };
 	if (!hasRightsApproval(candidate)) return { ok: false, reason: "missing_rights_access_approval" };
 	if (RISKY_KINDS.has(candidate.kind) && candidate.approved !== true) return { ok: false, reason: "manual_approval_required" };
-	if (candidate.source_type === "review_queue" && candidate.promotion_policy === "allowlist_auto_promote" && candidate.allowlist_state.allowed && candidate.allowlist_state.approved) return { ok: true };
-	return candidate.approved === true ? { ok: true } : { ok: false, reason: "manual_approval_required" };
+	if (candidate.promotion_policy === "allowlist_auto_promote" && candidate.approved === true && allowlistAllows(candidate)) return { ok: true, reason: "allowlist_auto_promote" };
+	return candidate.approved === true ? { ok: true, reason: "manual_approved" } : { ok: false, reason: "manual_approval_required" };
 }
 
 function promote(candidate, args) {
@@ -267,15 +299,19 @@ function pilotMetrics(summary) {
 function schedulerSmoke() {
 	const service = readFileSync(resolve(ROOT, ".pi/harness/corpus/systemd/graphify-kb-updater.service"), "utf8");
 	const timer = readFileSync(resolve(ROOT, ".pi/harness/corpus/systemd/graphify-kb-updater.timer"), "utf8");
+	const envTemplate = readFileSync(resolve(ROOT, ".pi/harness/corpus/systemd/graphify-kb-updater.env.template"), "utf8");
 	const cron = readFileSync(resolve(ROOT, ".pi/harness/corpus/cron.example"), "utf8");
+	const graphifyArgs = envTemplate.match(/^GRAPHIFY_KB_ARGS=(.+)$/m)?.[1] ?? "";
 	const checks = {
 		systemd_daily: /OnCalendar=\*-\*-\*\s+08:30:00|OnCalendar=daily/i.test(timer),
 		cron_daily: /^30\s+8\s+\*\s+\*\s+\*/m.test(cron),
 		bounded_timeout: /timeout 45m/.test(service) && /timeout 45m/.test(cron),
 		locked_no_overlap: /flock -n/.test(service) && /flock -n/.test(cron),
 		explicit_env: /EnvironmentFile/.test(service) && /UP_ROOT/.test(cron),
+		working_directory: /WorkingDirectory=\$\{UP_ROOT\}/.test(service),
 		logged: /StandardOutput=append/.test(service) && /HARNESS_GRAPHIFY_KB_LOG/.test(cron),
-		refresh_intent: /--refresh-graph/.test(cron),
+		refresh_intent: /--refresh-graph/.test(cron) && /--refresh-graph/.test(graphifyArgs),
+		graphify_kb_args_template: /--apply/.test(graphifyArgs) && /--pilot-report/.test(graphifyArgs) && !/[;&|`$<>]/.test(graphifyArgs),
 	};
 	const ok = Object.values(checks).every(Boolean);
 	console.log(JSON.stringify({ ok, checks }, null, 2));
@@ -305,8 +341,8 @@ function main() {
 		}
 		if (contentChanged) changedExisting++;
 		const gate = promotionAllowed(c);
-		registry.candidates[c.id] = { ...(prior ?? {}), ...c, first_seen_at: prior?.first_seen_at ?? runAt, last_seen_at: runAt, status: gate.ok ? "promotable" : "review_required", block_reason: gate.reason ?? null, content_state: contentChanged ? "changed" : "new" };
-		if (!gate.ok) { blocked.push({ id: c.id, title: c.title, reason: gate.reason, allowlist_state: c.allowlist_state, category: c.category, competitor_labels: c.competitor_labels }); continue; }
+		registry.candidates[c.id] = { ...(prior ?? {}), ...c, first_seen_at: prior?.first_seen_at ?? runAt, last_seen_at: runAt, status: gate.ok ? "promotable" : "review_required", decision: gate.ok ? gate.reason : "stage_for_review", block_reason: gate.ok ? null : gate.reason, next_action: gate.ok ? "promote_on_apply" : "manual_review_required", content_state: contentChanged ? "changed" : "new" };
+		if (!gate.ok) { blocked.push({ id: c.id, title: c.title, kind: c.kind, source_type: c.source_type, reason: gate.reason, next_action: "manual_review_required", allowlist_state: c.allowlist_state, category: c.category, competitor_labels: c.competitor_labels }); continue; }
 		planned.push(c);
 	}
 
@@ -326,6 +362,7 @@ function main() {
 
 	const graph = refreshGraph(args, promoted);
 	const stale = registry.runs.at?.(-1)?.run_id ? [] : ["no_prior_apply_run_recorded"];
+	const reviewQueue = blocked.map((b) => ({ id: b.id, title: b.title, kind: b.kind, reason: b.reason, next_action: b.next_action })).slice(0, 50);
 	const summary = {
 		run_id: `kb-${Date.now()}`,
 		last_run_at: runAt,
@@ -335,6 +372,7 @@ function main() {
 		promoted_count: promoted,
 		duplicate_skips: duplicates,
 		blocked_count: blocked.length,
+		staged_count: blocked.length,
 		skipped_count: skipped.length,
 		failure_count: failed,
 		changed_existing_count: changedExisting,
@@ -344,6 +382,8 @@ function main() {
 		graph,
 		exit_status: failed || graph.ok === false ? 1 : 0,
 		promoted: promotedRefs,
+		review_queue_count: reviewQueue.length,
+		review_queue: reviewQueue,
 		blocked: blocked.slice(0, 50),
 		skipped: skipped.slice(0, 50),
 		config: rel(cfg.path),

package/.pi/scripts/harness-agents-manifest.mjs

@@ -84,7 +84,7 @@ async function main() {
 	const built = buildManifest(packageFiles, name, version);
 
 	if (mode === "write") {
-		await writeFile(MANIFEST_PATH, `${JSON.stringify(built, null, 2)}\n`, "utf-8");
+		await writeFile(MANIFEST_PATH, `${JSON.stringify(built, null, "\t")}\n`, "utf-8");
 		console.log(
 			`Wrote ${MANIFEST_PATH} (${Object.keys(built.agents).length} agents)`,
 		);

package/.pi/scripts/harness-project-toggle.mjs

@@ -0,0 +1,129 @@
+#!/usr/bin/env node
+/**
+ * Toggle per-project harness governance — writes `.pi/harness/project.json`.
+ *
+ * Usage:
+ *   node harness-project-toggle.mjs status [--project-root DIR]
+ *   node harness-project-toggle.mjs enable [--project-root DIR]
+ *   node harness-project-toggle.mjs disable [--project-root DIR]
+ */
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+
+const CONFIG_BASENAME = "project.json";
+
+function parseArgs(argv) {
+	const args = [...argv];
+	let projectRoot = process.cwd();
+	const positional = [];
+	for (let i = 0; i < args.length; i++) {
+		const arg = args[i];
+		if (arg === "--project-root" && args[i + 1]) {
+			projectRoot = args[++i];
+			continue;
+		}
+		positional.push(arg);
+	}
+	return { projectRoot, action: positional[0] ?? "status" };
+}
+
+function configPath(projectRoot) {
+	return join(projectRoot, ".pi", "harness", CONFIG_BASENAME);
+}
+
+function envOverrideEnabled() {
+	const raw = process.env.HARNESS_ENABLED?.trim().toLowerCase();
+	if (!raw) return null;
+	if (raw === "0" || raw === "false" || raw === "no") return false;
+	if (raw === "1" || raw === "true" || raw === "yes") return true;
+	return null;
+}
+
+function readConfig(projectRoot) {
+	const fromEnv = envOverrideEnabled();
+	if (fromEnv !== null) {
+		return {
+			schema_version: "1.0.0",
+			enabled: fromEnv,
+			source: "env:HARNESS_ENABLED",
+		};
+	}
+
+	const path = configPath(projectRoot);
+	if (!existsSync(path)) {
+		return {
+			schema_version: "1.0.0",
+			enabled: true,
+			source: "default",
+		};
+	}
+
+	try {
+		const raw = JSON.parse(readFileSync(path, "utf8"));
+		if (typeof raw.enabled === "boolean") {
+			return {
+				schema_version: "1.0.0",
+				enabled: raw.enabled,
+				updated_at: raw.updated_at,
+				source: path,
+			};
+		}
+	} catch {
+		// fall through
+	}
+
+	return {
+		schema_version: "1.0.0",
+		enabled: true,
+		source: "default-corrupt-file",
+	};
+}
+
+function writeConfig(projectRoot, enabled) {
+	const path = configPath(projectRoot);
+	mkdirSync(dirname(path), { recursive: true });
+	const payload = {
+		schema_version: "1.0.0",
+		enabled,
+		updated_at: new Date().toISOString(),
+	};
+	writeFileSync(path, `${JSON.stringify(payload, null, "\t")}\n`, "utf8");
+	return { ...payload, path };
+}
+
+function main() {
+	const { projectRoot, action } = parseArgs(process.argv.slice(2));
+	if (!["status", "enable", "disable"].includes(action)) {
+		console.error(
+			"Usage: harness-project-toggle.mjs <status|enable|disable> [--project-root DIR]",
+		);
+		process.exit(1);
+	}
+
+	if (action === "status") {
+		const config = readConfig(projectRoot);
+		console.log(JSON.stringify({ ok: true, projectRoot, ...config }, null, 2));
+		return;
+	}
+
+	const enabled = action === "enable";
+	const written = writeConfig(projectRoot, enabled);
+	console.log(
+		JSON.stringify(
+			{
+				ok: true,
+				projectRoot,
+				enabled: written.enabled,
+				path: written.path,
+				updated_at: written.updated_at,
+				reload_required: true,
+			},
+			null,
+			2,
+		),
+	);
+}
+
+main();