ultimate-pi 0.18.1 → 0.19.1

package/.pi/extensions/policy-gate.ts

@@ -9,10 +9,8 @@
  */
 
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
-import {
-	evaluateContextModeMutation,
-	isMutatingBash,
-} from "../lib/harness-context-mode-policy.js";
+import { isHarnessAgtPolicyEnabled } from "../lib/agt/config.js";
+import { evaluateAgtHarnessToolCall } from "../lib/harness-agt-tool-guard.js";
 import { isHarnessProjectEnabled } from "../lib/harness-project-config.js";
 import {
 	extractWritePathFromToolInput,
@@ -32,7 +30,7 @@ import {
 	userVisiblePromptSlice,
 	validatePlanPacket,
 } from "../lib/harness-run-context.js";
-import { bootstrapHarnessSubprocessFromEnv } from "./lib/harness-subprocess-bootstrap.js";
+import { bootstrapHarnessSubprocessFromEnv } from "../lib/harness-subprocess-bootstrap.js";
 
 type HarnessPhase = "plan" | "execute" | "evaluate" | "adversary" | "merge";
 
@@ -61,6 +59,9 @@ const PHASE_ORDER: HarnessPhase[] = [
 	"merge",
 ];
 
+// @ts-expect-error pi extensions run as ESM
+const MODULE_URL = import.meta.url;
+
 const MUTATING_TOOLS = new Set(["write", "edit"]);
 
 function nowIso(): string {
@@ -250,6 +251,19 @@ export default function policyGate(pi: ExtensionAPI) {
 		const entries = ctx.sessionManager.getEntries();
 		const projectRoot = process.cwd();
 		const sessionId = ctx.sessionManager.getSessionId();
+
+		if (isHarnessAgtPolicyEnabled()) {
+			return evaluateAgtHarnessToolCall({
+				moduleUrl: MODULE_URL,
+				toolName: event.toolName,
+				toolInput: event.input as Record<string, unknown>,
+				policyState: state,
+				entries,
+				sessionId,
+				projectRoot,
+			});
+		}
+
 		const runCtx = getLatestRunContext(entries);
 
 		if (MUTATING_TOOLS.has(event.toolName)) {
@@ -274,6 +288,9 @@ export default function policyGate(pi: ExtensionAPI) {
 
 		if (event.toolName === "bash") {
 			const command = String(event.input.command ?? "");
+			const { isMutatingBash } = await import(
+				"../lib/harness-context-mode-policy.js"
+			);
 			if (!isMutatingBash(command)) return undefined;
 			if (state.aborted) {
 				return {
@@ -290,6 +307,9 @@ export default function policyGate(pi: ExtensionAPI) {
 			}
 		}
 
+		const { evaluateContextModeMutation } = await import(
+			"../lib/harness-context-mode-policy.js"
+		);
 		const ctxDecision = evaluateContextModeMutation(
 			event.toolName,
 			event.input as Record<string, unknown>,

package/.pi/extensions/sentrux-rules-sync.ts

@@ -4,8 +4,8 @@
 
 import { spawn } from "node:child_process";
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+import { resolveHarnessScript } from "../lib/harness-paths.js";
 import { isHarnessProjectEnabled } from "../lib/harness-project-config.js";
-import { resolveHarnessScript } from "./lib/harness-paths.js";
 
 function resolveSyncScript(): string {
 	return resolveHarnessScript(

package/.pi/extensions/subagent-governance.ts

@@ -0,0 +1,92 @@
+/**
+ * Subprocess governance bundle: AGT policy on all tool_call + harness submit_* tools.
+ * Loaded via `pi --no-extensions -e subagent-governance.ts` for every subagent spawn.
+ */
+
+import { join } from "node:path";
+import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+import {
+	getAgentKind,
+	harnessSubagentPhaseHint,
+} from "../lib/agents-policy.mjs";
+import { evaluateAgtToolCall } from "../lib/agt-tool-guard.js";
+import { claimSubagentGovernanceLoad } from "../lib/extension-load-guard.js";
+import { getHarnessPackageRoot } from "../lib/harness-paths.js";
+import { registerHarnessSubagentSubmitTools } from "../lib/harness-subagent-submit-register.js";
+
+// @ts-expect-error pi extensions run as ESM
+const MODULE_URL = import.meta.url;
+
+function policyStateFromEnv(packageRoot: string, projectRoot: string) {
+	const agentId = process.env.HARNESS_AGENT_ID?.trim() ?? "unknown";
+	const phase =
+		(process.env.HARNESS_SUBAGENT_PHASE_HINT?.trim() as
+			| "plan"
+			| "execute"
+			| "evaluate"
+			| "adversary"
+			| "merge") ??
+		(harnessSubagentPhaseHint(packageRoot, projectRoot, agentId) as
+			| "plan"
+			| "execute"
+			| "evaluate"
+			| "adversary"
+			| "merge"
+			| null) ??
+		"plan";
+	return {
+		phase,
+		approvedPlan: phase === "execute" || phase === "merge",
+		planId: process.env.HARNESS_PLAN_ID?.trim() || null,
+		aborted: false,
+		budgetBypass: false,
+	};
+}
+
+export function subagentGovernanceExtensionPath(packageRoot: string): string {
+	return join(packageRoot, ".pi", "extensions", "subagent-governance.ts");
+}
+
+/** @deprecated Use subagentGovernanceExtensionPath */
+export function harnessSubagentGovernanceExtensionPath(
+	packageRoot: string,
+): string {
+	return subagentGovernanceExtensionPath(packageRoot);
+}
+
+export default function subagentGovernance(pi: ExtensionAPI) {
+	if (!claimSubagentGovernanceLoad("subagent-governance", MODULE_URL)) return;
+	if (process.env.PI_HARNESS_SUBPROCESS !== "1") {
+		return;
+	}
+
+	const packageRoot = getHarnessPackageRoot(MODULE_URL);
+	const projectRoot = process.env.HARNESS_PROJECT_ROOT?.trim() || process.cwd();
+	const agentId = process.env.HARNESS_AGENT_ID?.trim() ?? "unknown";
+
+	if (agentId.startsWith("harness/")) {
+		registerHarnessSubagentSubmitTools(pi, packageRoot);
+		const kind = getAgentKind(packageRoot, projectRoot, agentId);
+		process.env.HARNESS_SUBAGENT_PHASE_HINT =
+			kind === "executor"
+				? "execute"
+				: kind === "evaluator"
+					? "evaluate"
+					: kind === "adversary"
+						? "adversary"
+						: "plan";
+	}
+
+	pi.on("tool_call", async (event, ctx) => {
+		const state = policyStateFromEnv(packageRoot, projectRoot);
+		return evaluateAgtToolCall({
+			moduleUrl: MODULE_URL,
+			toolName: event.toolName,
+			toolInput: (event.input ?? {}) as Record<string, unknown>,
+			policyState: state,
+			entries: ctx.sessionManager.getEntries(),
+			sessionId: ctx.sessionManager.getSessionId(),
+			projectRoot: ctx.cwd,
+		});
+	});
+}

package/.pi/extensions/trace-recorder.ts

@@ -10,6 +10,7 @@
 import { appendFile, mkdir, readFile, writeFile } from "node:fs/promises";
 import { join } from "node:path";
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+import { captureHarnessEvent } from "../lib/harness-posthog.js";
 import { isHarnessProjectEnabled } from "../lib/harness-project-config.js";
 import {
 	getLatestRunContext,
@@ -20,7 +21,6 @@ import {
 	phaseTraceFileName,
 	saveRunContextToDisk,
 } from "../lib/harness-run-context.js";
-import { captureHarnessEvent } from "./lib/harness-posthog.js";
 
 interface ToolSpan {
 	tool_call_id: string;

package/.pi/extensions/{ultimate-pi-vcc.ts → vcc-compaction.ts}

@@ -11,7 +11,7 @@
 
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
 import registerVcc from "../../vendor/pi-vcc/index.js";
-import { claimExtensionLoad } from "./lib/extension-load-guard.js";
+import { claimExtensionLoad } from "../lib/extension-load-guard.js";
 
 // @ts-expect-error pi extensions run as ESM
 const MODULE_URL = import.meta.url;

package/.pi/harness/README.md

@@ -8,7 +8,7 @@ Phase 1–2 scaffold for the Pi harness runtime surfaces.
 - `debates/` - debate round artifacts and consensus packets.
 - `docs/adrs/` - team-shared Architectural Decision Records ([index](docs/adrs/README.md)).
 - `evals/smoke/` - deterministic fixtures (no CI LLM).
-- `evolution/` - self-healing rules + meta-optimizer (JSONL-first).
+- `evolution/` - self-healing rules and chaos drills (JSONL-first).
 - `corpus/` - ingest notes for graphify/raw sources.
 - `sentrux/` - `architecture.manifest.json` source for `.sentrux/rules.toml` ([ADR 0009](docs/adrs/0009-sentrux-rules-lifecycle.md)).
 
@@ -31,7 +31,11 @@ manifest (`package.json`).
 
 - `harness-run-context.ts` - active run + plan injection; short commands without run/plan args
 - `harness-live-widget.ts` - footer status (current/next phase + plain-language status hint; no run id in UI)
-- `policy-gate.ts` - phase state machine + plan-before-mutate enforcement
+- `policy-gate.ts` - phase state machine; tool allow/deny via AGT `PolicyEngine` (YAML under `.pi/harness/policies/`, see [ADR 0046](docs/adrs/0046-agt-policy-engine.md))
+- `subagent-governance.ts` (alias `harness-subagent-governance.ts`) - subprocess AGT + `submit_*` for all subagents
+- **Agent tool SSOT:** `.pi/harness/agents.policy.yaml` (package) and optional `<project>/.pi/agents.policy.yaml` — not agent `.md` frontmatter ([ADR 0049](docs/adrs/0049-agents-policy-manifest.md))
+- **Project AGT rules:** `<project>/.pi/policies/*.yaml` merged after package policies
+- `agt-prompt-guard.ts` / `agt-kill-switch.ts` - PromptDefense + kill switch ([ADR 0047](docs/adrs/0047-agt-layered-security.md))
 - `budget-guard.ts` - hard-stop token budget checks + budget exhausted artifacts
 - `trace-recorder.ts` - append-only run traces + HarnessRunRecord + compact index
 - `harness-telemetry.ts` - PostHog `harness_*` domain events (dual layer with `@posthog/pi`)

package/.pi/harness/agents.manifest.json

@@ -1,8 +1,9 @@
 {
 	"schema_version": "1.0.0",
 	"package": "ultimate-pi",
-	"package_version": "0.18.0",
-	"generated_at": "2026-05-23T19:00:12.987Z",
+	"package_version": "0.19.0",
+	"generated_at": "2026-05-26T06:39:19.250Z",
+	"policy_sha256": "f0eb41bc6a877a237087e87762ce11908e93755a42d58f19d6573665b198665f",
 	"agents": {
 		"pi-pi/agent-expert": {
 			"path": ".pi/agents/pi-pi/agent-expert.md",
@@ -46,67 +47,87 @@
 		},
 		"harness/incident-recorder": {
 			"path": ".pi/agents/harness/incident-recorder.md",
-			"sha256": "d42fa45de1a2fe3842d075c6f319315266588942e314f1b650caabac39bdc29a"
-		},
-		"harness/meta-optimizer": {
-			"path": ".pi/agents/harness/meta-optimizer.md",
-			"sha256": "cbaab35367126796b7136389a02ab41b4fd1fe7098cf83be562d7b7493ccc297"
+			"sha256": "4efbdb9482b1038e2bd08cae9898aed9ef983903107ddab6c84d51436d5d3296"
 		},
 		"harness/sentrux-bootstrap": {
 			"path": ".pi/agents/harness/sentrux-bootstrap.md",
-			"sha256": "3a0b43b94386a7c541b8a806a37524a5e53f1c8049270db7a420680df5799eeb"
+			"sha256": "6132e83b400b6bc381841a09205eda00a2349ec127368f9d164631d73faadd1a"
 		},
 		"harness/sentrux-steward": {
 			"path": ".pi/agents/harness/sentrux-steward.md",
-			"sha256": "0e63175d817adc0d65876f5c24fb54e4882081caf939ff9c658afee51fc6889c"
+			"sha256": "d806cbf2c2e211c6b4c95e35893bc250c8a0fab6fae92190766eab16cd091d51"
 		},
 		"harness/trace-librarian": {
 			"path": ".pi/agents/harness/trace-librarian.md",
-			"sha256": "336b3f3f6141cef8750ab18d29bbe454caf26973830a86afe099d9e4ad8b0abe"
+			"sha256": "083ce6a3508bab2f5bc57e8ab13256c55fff58e0eac95cb6542bdd47fd02de65"
+		},
+		"harness/web-retrieval/web-answerer": {
+			"path": ".pi/agents/harness/web-retrieval/web-answerer.md",
+			"sha256": "c9876fb34aa6704c1a8eb9f4db4ada71c5a762790db411a1b01104a81745215d"
+		},
+		"harness/web-retrieval/web-criteria-verifier": {
+			"path": ".pi/agents/harness/web-retrieval/web-criteria-verifier.md",
+			"sha256": "bb0a9b514964f6f64ef539c1d766ff28ee23c4d9199dc4cae0f41b0fe7fdc860"
+		},
+		"harness/web-retrieval/web-gap-analyzer": {
+			"path": ".pi/agents/harness/web-retrieval/web-gap-analyzer.md",
+			"sha256": "f4487993f561c7141b22c79f9afff52986466c5b3af4f3ffb0e75e30a6da025a"
+		},
+		"harness/web-retrieval/web-query-expander-fast": {
+			"path": ".pi/agents/harness/web-retrieval/web-query-expander-fast.md",
+			"sha256": "161c5ce82e013af7aaec219b4ccb6b8c557bf5768f8e0c85b1d8f243056b015c"
+		},
+		"harness/web-retrieval/web-query-expander": {
+			"path": ".pi/agents/harness/web-retrieval/web-query-expander.md",
+			"sha256": "b522532e15759c747ff92198aa6db2624accd0998a4e0af4cb086617734f5ce7"
+		},
+		"harness/web-retrieval/web-summarizer": {
+			"path": ".pi/agents/harness/web-retrieval/web-summarizer.md",
+			"sha256": "0c25f814ded534f6d190cc50ff141306d26dba98eff2ad6d51b56e42c143861d"
 		},
 		"harness/running/executor": {
 			"path": ".pi/agents/harness/running/executor.md",
-			"sha256": "a48c37b2922b98fe20156367ae8c8fe761ae139153d402035a5aa35c9a14f106"
+			"sha256": "219c9307567acc95a9c1b1340f899fac860406fb2c2e84f51b4a8c3ba3a0e2ec"
 		},
 		"harness/reviewing/adversary": {
 			"path": ".pi/agents/harness/reviewing/adversary.md",
-			"sha256": "697ee7c784e8eb30ce96f4f16e9bb5f9cdcaae76a4a7083ace2fe4272e6d732f"
+			"sha256": "01ae05b38943c1d1fea373701dc060cc3a3f5125f2a03af468a6a1a877f1c83c"
 		},
 		"harness/reviewing/evaluator": {
 			"path": ".pi/agents/harness/reviewing/evaluator.md",
-			"sha256": "587ae14d6e91fd8af2b2842f568b9a1fa0b1d84fa6e18b4bc21c0ba2a9e62218"
+			"sha256": "5d6d34654d5c223e5549de9b7b0277b4e28745b2409545ecf3034bd0789c3fa3"
 		},
 		"harness/reviewing/tie-breaker": {
 			"path": ".pi/agents/harness/reviewing/tie-breaker.md",
-			"sha256": "1c54c1c3274291dea1ea8826563a7ad4fe1d9c4302984e907bfcd22cfc4f5eba"
+			"sha256": "80312a10772fde4bccc294a4ba7c470bf46d3054207393d2af42af277e5edad6"
 		},
 		"harness/planning/decompose": {
 			"path": ".pi/agents/harness/planning/decompose.md",
-			"sha256": "734eaa1bc87c337f6582c8f1c97baabf51e807731ab3c075c8960a9d207145e2"
+			"sha256": "944c7221b7bf8e15cd8cf324c3d5ae135c643c6387d8f611cf9128f9ea922963"
 		},
 		"harness/planning/execution-plan-author": {
 			"path": ".pi/agents/harness/planning/execution-plan-author.md",
-			"sha256": "55ece0f1ee14abd17fe7b3e478b548240f637eacbfc2a34758e98d3878dc82fd"
+			"sha256": "3b83edca1eb393941e04213c5cabe0e4b180e52df59169ba24904341a369ead5"
 		},
 		"harness/planning/hypothesis-validator": {
 			"path": ".pi/agents/harness/planning/hypothesis-validator.md",
-			"sha256": "20411e5d734b14b05ae11153133089e044f46784e5b4741712f608665bbf4376"
+			"sha256": "ee68aa5c04b903320116cfa21cea8f130199fd21e1fd1a8a747830bf53920fdb"
 		},
 		"harness/planning/hypothesis": {
 			"path": ".pi/agents/harness/planning/hypothesis.md",
-			"sha256": "bbb91ac0de39c9de4bf388f0cf926151b6b6a7771d2a0d01d1009a1860daef77"
+			"sha256": "c974f5381aa562589942e8d52b48bdace6663e10caed6bf5f2fb9ce11d84b0bc"
 		},
 		"harness/planning/implementation-researcher": {
 			"path": ".pi/agents/harness/planning/implementation-researcher.md",
-			"sha256": "d1bbaaf1e67ad98350319f973062f01a25ca70874c99cb335c99bec866da1f6d"
+			"sha256": "4559fc93ccf867ee199821a781cfd1b4a863e1f35ea8520d15ff389e61e17fd2"
 		},
 		"harness/planning/plan-adversary": {
 			"path": ".pi/agents/harness/planning/plan-adversary.md",
-			"sha256": "d9a953c0f8f900dc9a95816ada401955dafade7bf5907406cbe3bf3ba760c469"
+			"sha256": "305cfa6cd0d4e6493a2dad2f01d8cb0b0dddc06df11f871746f6da7124c9d16b"
 		},
 		"harness/planning/plan-evaluator": {
 			"path": ".pi/agents/harness/planning/plan-evaluator.md",
-			"sha256": "825f296c487d6aeacad5d320e155a3f23d0db6dea822fccc99a1305941a43da2"
+			"sha256": "1a6f465f4d400bcf32b9e82a1032ae789354f264af31c8d358b2a0dde7df81bf"
 		},
 		"harness/planning/plan-synthesizer": {
 			"path": ".pi/agents/harness/planning/plan-synthesizer.md",
@@ -114,19 +135,19 @@
 		},
 		"harness/planning/planning-context": {
 			"path": ".pi/agents/harness/planning/planning-context.md",
-			"sha256": "96a51d1f2daafc9eaa8869a06ede9d04fc9e19076d58a81041e346e4c81c8b08"
+			"sha256": "4427e3c50fe0970a753df458ee41fde93b8c9d4ee7034c7541df7a97e978b17e"
 		},
 		"harness/planning/review-integrator": {
 			"path": ".pi/agents/harness/planning/review-integrator.md",
-			"sha256": "bba385463ca8833654cd0dc80f666344332293fe86d7420d2c36755a3f9e743a"
+			"sha256": "3f60c41768cad24150718b4a415b9636b0df6892195986a90fc77e2d0a6be537"
 		},
 		"harness/planning/sprint-contract-auditor": {
 			"path": ".pi/agents/harness/planning/sprint-contract-auditor.md",
-			"sha256": "2321298529f70d03798d23346231c4c43ad4b7490a43f291430ca65b3ef93757"
+			"sha256": "402c585168c5510b5f22837d2fb157726b928fa59108a8580437ac6ac08d04f5"
 		},
 		"harness/planning/stack-researcher": {
 			"path": ".pi/agents/harness/planning/stack-researcher.md",
-			"sha256": "ce546ef3aca19da7f334f07cef8f510b79068bffeb7f276c428f3e6236bbe96b"
+			"sha256": "0f19febc96bc65fd22b2d3f1c3bbed02e021f7c8129a7bb21423ea29d8429d67"
 		}
 	}
 }

package/.pi/harness/agents.policy.yaml

@@ -0,0 +1,309 @@
+# Generated/maintained SSOT for harness agent tools (see ADR 0049).
+# Regenerate hints: node .pi/scripts/generate-agents-policy-yaml.mjs
+
+apiVersion: harness.toolkit/v1
+kinds:
+  planner:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  executor:
+    tools:
+      - read
+      - write
+      - edit
+      - bash
+      - grep
+      - find
+      - ls
+    extensions: true
+    read_only: false
+  evaluator:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  adversary:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  tie_breaker:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  trace:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  incident:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_batch_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+  other:
+    tools:
+      - read
+      - grep
+      - find
+      - ls
+      - ctx_read
+      - ctx_search
+      - ctx_execute
+      - ctx_tree
+    extensions: false
+    read_only: true
+agents:
+  harness/incident-recorder:
+    kind: incident
+    tools_add:
+      - submit_human_required
+    extensions: false
+    max_turns: 15
+    thinking: medium
+    submit_tool: submit_human_required
+  harness/sentrux-bootstrap:
+    kind: planner
+    tools_add:
+      - bash
+    extensions: true
+    max_turns: 12
+    thinking: low
+  harness/sentrux-steward:
+    kind: planner
+    tools_add:
+      - bash
+      - submit_sentrux_manifest_proposal
+    extensions: false
+    max_turns: 16
+    thinking: high
+    submit_tool: submit_sentrux_manifest_proposal
+  harness/trace-librarian:
+    kind: trace
+    tools_add:
+      - submit_human_required
+    extensions: false
+    max_turns: 20
+    thinking: medium
+    submit_tool: submit_human_required
+  harness/running/executor:
+    kind: executor
+    tools_add:
+      - submit_executor_handoff
+    extensions: true
+    max_turns: 20
+    thinking: medium
+    submit_tool: submit_executor_handoff
+  harness/reviewing/adversary:
+    kind: adversary
+    tools_add:
+      - submit_adversary_report
+    extensions: false
+    max_turns: 20
+    thinking: high
+    submit_tool: submit_adversary_report
+  harness/reviewing/evaluator:
+    kind: evaluator
+    tools_add:
+      - submit_eval_verdict
+    extensions: false
+    max_turns: 20
+    thinking: high
+    submit_tool: submit_eval_verdict
+  harness/reviewing/tie-breaker:
+    kind: tie_breaker
+    tools_add:
+      - submit_human_required
+    extensions: false
+    max_turns: 15
+    thinking: high
+    submit_tool: submit_human_required
+  harness/planning/decompose:
+    kind: planner
+    tools_add:
+      - bash
+      - submit_decomposition_brief
+      - submit_human_required
+    extensions: false
+    max_turns: 12
+    thinking: medium
+  harness/planning/execution-plan-author:
+    kind: planner
+    tools_add:
+      - submit_execution_plan_brief
+    extensions: false
+    max_turns: 18
+    thinking: high
+    submit_tool: submit_execution_plan_brief
+  harness/planning/hypothesis-validator:
+    kind: planner
+    tools_add:
+      - submit_hypothesis_validation
+    extensions: false
+    max_turns: 10
+    thinking: medium
+    submit_tool: submit_hypothesis_validation
+  harness/planning/hypothesis:
+    kind: planner
+    tools_add:
+      - bash
+      - submit_hypothesis_brief
+    extensions: false
+    max_turns: 14
+    thinking: medium
+    submit_tool: submit_hypothesis_brief
+  harness/web-retrieval/web-query-expander:
+    kind: other
+    extensions: false
+    max_turns: 8
+    thinking: low
+  harness/web-retrieval/web-query-expander-fast:
+    kind: other
+    extensions: false
+    max_turns: 5
+    thinking: off
+  harness/web-retrieval/web-gap-analyzer:
+    kind: other
+    extensions: false
+    max_turns: 8
+    thinking: low
+  harness/web-retrieval/web-answerer:
+    kind: other
+    extensions: false
+    max_turns: 12
+    thinking: medium
+  harness/web-retrieval/web-summarizer:
+    kind: other
+    extensions: false
+    max_turns: 6
+    thinking: low
+  harness/web-retrieval/web-criteria-verifier:
+    kind: other
+    extensions: false
+    max_turns: 14
+    thinking: medium
+  harness/planning/implementation-researcher:
+    kind: planner
+    tools_add:
+      - bash
+      - web_search
+      - web_fetch
+      - web_find_similar
+      - web_contents
+      - submit_implementation_research
+    extensions: false
+    max_turns: 14
+    thinking: medium
+    submit_tool: submit_implementation_research
+  harness/planning/plan-adversary:
+    kind: planner
+    tools_add:
+      - submit_adversary_brief
+    extensions: false
+    max_turns: 14
+    thinking: medium
+    submit_tool: submit_adversary_brief
+  harness/planning/plan-evaluator:
+    kind: planner
+    tools_add:
+      - submit_validation_turn
+    extensions: false
+    max_turns: 14
+    thinking: medium
+    submit_tool: submit_validation_turn
+  harness/planning/plan-synthesizer:
+    kind: planner
+    tools_add:
+      - submit_decomposition_brief
+      - submit_hypothesis_brief
+      - submit_execution_plan_brief
+    extensions: false
+  harness/planning/planning-context:
+    kind: planner
+    tools_add:
+      - bash
+      - submit_planning_context
+    extensions: false
+    max_turns: 12
+    thinking: low
+    submit_tool: submit_planning_context
+  harness/planning/review-integrator:
+    kind: planner
+    tools_add:
+      - submit_review_round_draft
+    extensions: false
+    max_turns: 12
+    thinking: medium
+    submit_tool: submit_review_round_draft
+  harness/planning/sprint-contract-auditor:
+    kind: planner
+    tools_add:
+      - submit_sprint_audit
+    extensions: false
+    max_turns: 12
+    thinking: medium
+    submit_tool: submit_sprint_audit
+  harness/planning/stack-researcher:
+    kind: planner
+    tools_add:
+      - bash
+      - web_search
+      - web_fetch
+      - web_find_similar
+      - web_contents
+      - submit_stack_brief
+    extensions: false
+    max_turns: 16
+    thinking: medium
+    submit_tool: submit_stack_brief

package/.pi/harness/docs/adrs/0030-inhouse-vcc-compaction.md

@@ -10,7 +10,7 @@ ultimate-pi depended on the npm package `@sting8k/pi-vcc` for deterministic, vie
 
 ## Decision
 
-1. Vendor [sting8k/pi-vcc](https://github.com/sting8k/pi-vcc) under `vendor/pi-vcc/` (refresh via `npm run vendor:sync-vcc`), following the same pattern as `vendor/pi-model-router`.
+1. Vendor [sting8k/pi-vcc](https://github.com/sting8k/pi-vcc) under `vendor/pi-vcc/` (refresh via `npm run vendor:sync-vcc`), following the pinned-vendor pattern documented in `THIRD_PARTY_NOTICES.md`.
 2. Load compaction through [`.pi/extensions/ultimate-pi-vcc.ts`](../../../extensions/ultimate-pi-vcc.ts).
 3. Remove `@sting8k/pi-vcc` from `package.json` dependencies and from `.pi/settings*.json` `packages` arrays.
 4. **Configuration is env-only** — no JSON config files (`PI_VCC_CONFIG_PATH` and `.pi/pi-vcc-config.json` are not used).