cfa-kernel 0.1.0__py3-none-any.whl

cfa/validation/runtime.py

@@ -0,0 +1,285 @@
+"""
+CFA Runtime Validation
+======================
+Post-execution behavioral validation.
+
+Validates sandbox execution results against:
+- Cardinality bounds (rows output within expected range)
+- Cost ceiling (actual DBU vs declared maximum)
+- Schema contract (output columns match expectation)
+- Null ratio thresholds (per-column null limits)
+- Shuffle size limits (data movement budget)
+
+Produces Runtime Faults (FaultFamily.RUNTIME) — never throws exceptions.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import Any
+
+from cfa.sandbox import ExecutionMetrics, SandboxOutcome, SandboxResult
+from cfa.types import (
+    Fault,
+    FaultFamily,
+    FaultSeverity,
+    PolicyAction,
+    StateSignature,
+)
+
+# ── Thresholds ──────────────────────────────────────────────────────────────
+
+
+@dataclass(frozen=True)
+class RuntimeThresholds:
+    """Configurable thresholds for runtime validation."""
+
+    max_null_ratio: float = 0.10          # 10% null per column
+    max_shuffle_mb: float = 500.0         # 500 MB shuffle budget
+    min_rows: int = 0                     # minimum expected rows (0 = no check)
+    max_rows: int = 0                     # maximum expected rows (0 = no check)
+    max_cost_dbu: float | None = None     # cost ceiling (overridden by signature)
+    required_output_columns: tuple[str, ...] = ()
+    forbidden_output_columns: tuple[str, ...] = ()
+
+
+# ── Runtime Validation Result ───────────────────────────────────────────────
+
+
+@dataclass
+class RuntimeValidationResult:
+    """Result of runtime behavioral validation."""
+
+    passed: bool = True
+    faults: list[Fault] = field(default_factory=list)
+    checks_performed: int = 0
+    metrics_snapshot: dict[str, Any] = field(default_factory=dict)
+
+    @property
+    def fault_codes(self) -> list[str]:
+        return [f.code for f in self.faults]
+
+    def add_fault(self, fault: Fault) -> None:
+        self.faults.append(fault)
+        if fault.severity in (FaultSeverity.HIGH, FaultSeverity.CRITICAL):
+            self.passed = False
+
+
+# ── Runtime Validator ───────────────────────────────────────────────────────
+
+
+class RuntimeValidator:
+    """
+    Validates SandboxResult metrics against thresholds and signature constraints.
+
+    Called after sandbox execution completes (or partially completes).
+    Produces RUNTIME faults that feed back into the decision engine.
+    """
+
+    def __init__(self, thresholds: RuntimeThresholds | None = None) -> None:
+        self.thresholds = thresholds or RuntimeThresholds()
+
+    def validate(
+        self,
+        sandbox_result: SandboxResult,
+        signature: StateSignature,
+        schema_contract: dict[str, Any] | None = None,
+    ) -> RuntimeValidationResult:
+        result = RuntimeValidationResult()
+        metrics = sandbox_result.aggregate_metrics
+
+        # Snapshot metrics for audit
+        result.metrics_snapshot = {
+            "rows_output": metrics.rows_output,
+            "shuffle_mb": metrics.shuffle_mb,
+            "cost_dbu": metrics.cost_dbu,
+            "duration_seconds": metrics.duration_seconds,
+            "null_counts": dict(metrics.null_counts),
+            "output_schema": list(metrics.output_schema),
+        }
+
+        # Skip validation if sandbox panicked (environmental fault already captured)
+        if sandbox_result.outcome == SandboxOutcome.PANIC:
+            result.checks_performed = 0
+            return result
+
+        # ── Check 1: Cardinality ────────────────────────────────────────
+        self._check_cardinality(metrics, result)
+
+        # ── Check 2: Cost ceiling ───────────────────────────────────────
+        self._check_cost(metrics, signature, result)
+
+        # ── Check 3: Null ratio ─────────────────────────────────────────
+        self._check_null_ratio(metrics, result)
+
+        # ── Check 4: Shuffle budget ─────────────────────────────────────
+        self._check_shuffle(metrics, result)
+
+        # ── Check 5: Schema contract ────────────────────────────────────
+        self._check_schema(metrics, schema_contract, result)
+
+        # ── Check 6: Output columns from signature ──────────────────────
+        self._check_output_columns(metrics, result)
+
+        return result
+
+    def _check_cardinality(self, metrics: ExecutionMetrics, result: RuntimeValidationResult) -> None:
+        result.checks_performed += 1
+
+        if self.thresholds.min_rows > 0 and metrics.rows_output < self.thresholds.min_rows:
+            result.add_fault(Fault(
+                code="RUNTIME_CARDINALITY_BELOW_MINIMUM",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.HIGH,
+                stage="runtime_validation",
+                message=(
+                    f"Output rows ({metrics.rows_output}) below minimum "
+                    f"threshold ({self.thresholds.min_rows})."
+                ),
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+        if self.thresholds.max_rows > 0 and metrics.rows_output > self.thresholds.max_rows:
+            result.add_fault(Fault(
+                code="RUNTIME_CARDINALITY_ABOVE_MAXIMUM",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.HIGH,
+                stage="runtime_validation",
+                message=(
+                    f"Output rows ({metrics.rows_output}) above maximum "
+                    f"threshold ({self.thresholds.max_rows})."
+                ),
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+    def _check_cost(
+        self, metrics: ExecutionMetrics, signature: StateSignature, result: RuntimeValidationResult
+    ) -> None:
+        result.checks_performed += 1
+
+        # Signature ceiling takes precedence over threshold default
+        ceiling = signature.constraints.max_cost_dbu or self.thresholds.max_cost_dbu
+        if ceiling is not None and metrics.cost_dbu > ceiling:
+            result.add_fault(Fault(
+                code="RUNTIME_COST_CEILING_EXCEEDED",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.CRITICAL,
+                stage="runtime_validation",
+                message=(
+                    f"Execution cost ({metrics.cost_dbu:.2f} DBU) exceeds "
+                    f"ceiling ({ceiling:.2f} DBU)."
+                ),
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+    def _check_null_ratio(self, metrics: ExecutionMetrics, result: RuntimeValidationResult) -> None:
+        result.checks_performed += 1
+
+        if metrics.rows_output == 0:
+            return
+
+        for column, count in metrics.null_counts.items():
+            ratio = count / metrics.rows_output
+            if ratio > self.thresholds.max_null_ratio:
+                result.add_fault(Fault(
+                    code=f"RUNTIME_NULL_RATIO_EXCEEDED_{column.upper()}",
+                    family=FaultFamily.RUNTIME,
+                    severity=FaultSeverity.WARNING,
+                    stage="runtime_validation",
+                    message=(
+                        f"Column '{column}' null ratio ({ratio:.2%}) exceeds "
+                        f"threshold ({self.thresholds.max_null_ratio:.2%})."
+                    ),
+                    mandatory_action=PolicyAction.APPROVE,
+                    detected_before_execution=False,
+                ))
+
+    def _check_shuffle(self, metrics: ExecutionMetrics, result: RuntimeValidationResult) -> None:
+        result.checks_performed += 1
+
+        if metrics.shuffle_mb > self.thresholds.max_shuffle_mb:
+            result.add_fault(Fault(
+                code="RUNTIME_SHUFFLE_BUDGET_EXCEEDED",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.HIGH,
+                stage="runtime_validation",
+                message=(
+                    f"Shuffle size ({metrics.shuffle_mb:.1f} MB) exceeds "
+                    f"budget ({self.thresholds.max_shuffle_mb:.1f} MB)."
+                ),
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+    def _check_schema(
+        self,
+        metrics: ExecutionMetrics,
+        schema_contract: dict[str, Any] | None,
+        result: RuntimeValidationResult,
+    ) -> None:
+        if not schema_contract:
+            return
+
+        result.checks_performed += 1
+
+        required = set(schema_contract.get("required_columns", []))
+        forbidden = set(schema_contract.get("forbidden_columns", []))
+        actual = set(metrics.output_schema)
+
+        missing = required - actual
+        if missing:
+            result.add_fault(Fault(
+                code="RUNTIME_SCHEMA_MISSING_COLUMNS",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.HIGH,
+                stage="runtime_validation",
+                message=f"Output missing required columns: {sorted(missing)}.",
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+        leaked = forbidden & actual
+        if leaked:
+            result.add_fault(Fault(
+                code="RUNTIME_SCHEMA_FORBIDDEN_COLUMNS",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.CRITICAL,
+                stage="runtime_validation",
+                message=f"Output contains forbidden columns: {sorted(leaked)}.",
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+    def _check_output_columns(self, metrics: ExecutionMetrics, result: RuntimeValidationResult) -> None:
+        if not self.thresholds.required_output_columns and not self.thresholds.forbidden_output_columns:
+            return
+
+        result.checks_performed += 1
+        actual = set(metrics.output_schema)
+
+        missing = set(self.thresholds.required_output_columns) - actual
+        if missing:
+            result.add_fault(Fault(
+                code="RUNTIME_MISSING_REQUIRED_OUTPUT_COLUMNS",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.HIGH,
+                stage="runtime_validation",
+                message=f"Output missing required columns: {sorted(missing)}.",
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))
+
+        leaked = set(self.thresholds.forbidden_output_columns) & actual
+        if leaked:
+            result.add_fault(Fault(
+                code="RUNTIME_FORBIDDEN_OUTPUT_COLUMNS",
+                family=FaultFamily.RUNTIME,
+                severity=FaultSeverity.CRITICAL,
+                stage="runtime_validation",
+                message=f"Output contains forbidden columns: {sorted(leaked)}.",
+                mandatory_action=PolicyAction.BLOCK,
+                detected_before_execution=False,
+            ))

cfa/validation/signature.py

@@ -0,0 +1,146 @@
+"""StateSignature validation utilities.
+
+Validation is intentionally separate from ``StateSignature.from_dict`` so legacy
+internal callers can keep deserializing permissively while CLI/API boundaries can
+enforce a strict contract for external systems.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import Any
+
+from cfa.types import DatasetClassification, TargetLayer
+
+_LAYERS = {layer.value for layer in TargetLayer}
+_CLASSIFICATIONS = {classification.value for classification in DatasetClassification}
+
+
+@dataclass(frozen=True)
+class SignatureValidationIssue:
+    path: str
+    message: str
+
+
+@dataclass(frozen=True)
+class SignatureValidationResult:
+    valid: bool
+    issues: list[SignatureValidationIssue] = field(default_factory=list)
+
+    @property
+    def messages(self) -> list[str]:
+        return [f"{i.path}: {i.message}" for i in self.issues]
+
+
+def unwrap_signature_data(data: dict[str, Any]) -> dict[str, Any]:
+    """Accept common wrappers used by APIs and CLI payloads."""
+    if isinstance(data, dict):
+        wrapped = data.get("signature", data.get("state_signature"))
+        if isinstance(wrapped, dict):
+            return wrapped
+    return data
+
+
+def validate_signature_data(
+    data: dict[str, Any] | None,
+    *,
+    require_datasets: bool = False,
+) -> SignatureValidationResult:
+    issues: list[SignatureValidationIssue] = []
+
+    if data is None:
+        return SignatureValidationResult(
+            valid=False,
+            issues=[SignatureValidationIssue("signature", "file is empty")],
+        )
+    if not isinstance(data, dict):
+        return SignatureValidationResult(
+            valid=False,
+            issues=[SignatureValidationIssue("signature", "must be an object")],
+        )
+
+    sig = unwrap_signature_data(data)
+    if not isinstance(sig, dict):
+        return SignatureValidationResult(
+            valid=False,
+            issues=[SignatureValidationIssue("signature", "must be an object")],
+        )
+
+    _require_non_empty_string(sig, "domain", issues)
+    _require_non_empty_string(sig, "intent", issues)
+
+    target_layer = sig.get("target_layer")
+    if target_layer not in _LAYERS:
+        issues.append(SignatureValidationIssue("target_layer", f"must be one of {sorted(_LAYERS)}"))
+
+    datasets = sig.get("datasets")
+    if datasets is None:
+        if require_datasets:
+            issues.append(SignatureValidationIssue("datasets", "is required"))
+    elif not isinstance(datasets, list):
+        issues.append(SignatureValidationIssue("datasets", "must be a list"))
+    elif require_datasets and not datasets:
+        issues.append(SignatureValidationIssue("datasets", "must contain at least one dataset"))
+    elif isinstance(datasets, list):
+        for idx, dataset in enumerate(datasets):
+            base = f"datasets[{idx}]"
+            if not isinstance(dataset, dict):
+                issues.append(SignatureValidationIssue(base, "must be an object"))
+                continue
+            _require_non_empty_string(dataset, f"{base}.name", issues, key="name")
+            classification = dataset.get("classification", "internal")
+            if classification not in _CLASSIFICATIONS:
+                issues.append(SignatureValidationIssue(f"{base}.classification", f"must be one of {sorted(_CLASSIFICATIONS)}"))
+            size_gb = dataset.get("size_gb", 0.0)
+            if not isinstance(size_gb, (int, float)) or isinstance(size_gb, bool) or size_gb < 0:
+                issues.append(SignatureValidationIssue(f"{base}.size_gb", "must be a non-negative number"))
+            pii_columns = dataset.get("pii_columns", [])
+            if not isinstance(pii_columns, list):
+                issues.append(SignatureValidationIssue(f"{base}.pii_columns", "must be a list of strings"))
+            elif any(not isinstance(col, str) or not col.strip() for col in pii_columns):
+                issues.append(SignatureValidationIssue(f"{base}.pii_columns", "must contain only non-empty strings"))
+            partition_column = dataset.get("partition_column")
+            if partition_column is not None and not isinstance(partition_column, str):
+                issues.append(SignatureValidationIssue(f"{base}.partition_column", "must be a string or null"))
+
+    constraints = sig.get("constraints", {})
+    if not isinstance(constraints, dict):
+        issues.append(SignatureValidationIssue("constraints", "must be an object"))
+    else:
+        for key in ("no_pii_raw", "merge_key_required", "enforce_types"):
+            if key in constraints and not isinstance(constraints[key], bool):
+                issues.append(SignatureValidationIssue(f"constraints.{key}", "must be a boolean"))
+        partition_by = constraints.get("partition_by", [])
+        if not isinstance(partition_by, list):
+            issues.append(SignatureValidationIssue("constraints.partition_by", "must be a list of strings"))
+        elif any(not isinstance(col, str) or not col.strip() for col in partition_by):
+            issues.append(SignatureValidationIssue("constraints.partition_by", "must contain only non-empty strings"))
+        max_cost = constraints.get("max_cost_dbu")
+        if max_cost is not None and (not isinstance(max_cost, (int, float)) or isinstance(max_cost, bool) or max_cost < 0):
+            issues.append(SignatureValidationIssue("constraints.max_cost_dbu", "must be a non-negative number or null"))
+        custom = constraints.get("custom", {})
+        if custom is not None and not isinstance(custom, dict):
+            issues.append(SignatureValidationIssue("constraints.custom", "must be an object"))
+
+    ctx = sig.get("execution_context")
+    if not isinstance(ctx, dict):
+        issues.append(SignatureValidationIssue("execution_context", "is required and must be an object"))
+    else:
+        _require_non_empty_string(ctx, "execution_context.policy_bundle_version", issues, key="policy_bundle_version")
+        _require_non_empty_string(ctx, "execution_context.catalog_snapshot_version", issues, key="catalog_snapshot_version")
+        _require_non_empty_string(ctx, "execution_context.context_registry_version_id", issues, key="context_registry_version_id")
+
+    return SignatureValidationResult(valid=not issues, issues=issues)
+
+
+def _require_non_empty_string(
+    data: dict[str, Any],
+    path: str,
+    issues: list[SignatureValidationIssue],
+    *,
+    key: str | None = None,
+) -> None:
+    lookup = key or path
+    value = data.get(lookup)
+    if not isinstance(value, str) or not value.strip():
+        issues.append(SignatureValidationIssue(path, "is required and must be a non-empty string"))

cfa/validation/static.py

@@ -0,0 +1,252 @@
+"""
+CFA Static Validation
+=====================
+Analyzes generated code BEFORE execution.
+Detects violations that can be identified without running the job.
+
+Belongs to the Static Safety Faults family (Invariant I6).
+
+Checks:
+1. Forbidden tokens (backend-declared)
+2. Required patterns (filter(), merge()) based on Signature constraints
+3. Schema contract (expected columns, forbidden columns)
+
+Forbidden tokens are declared by each backend via ``BackendCapabilities``.
+New backends automatically bring their own validation rules — no central registry.
+"""
+
+from __future__ import annotations
+
+import re
+from dataclasses import dataclass, field
+from typing import Any
+
+from cfa.core.codegen import GeneratedCode
+from cfa.types import (
+    Fault,
+    FaultFamily,
+    FaultSeverity,
+    PolicyAction,
+    StateSignature,
+)
+
+# ── Validation Result ────────────────────────────────────────────────────────
+
+
+@dataclass
+class StaticValidationResult:
+    """Result of static code analysis."""
+
+    passed: bool
+    faults: list[Fault] = field(default_factory=list)
+    warnings: list[Fault] = field(default_factory=list)
+    checks_performed: int = 0
+
+    @property
+    def fault_codes(self) -> list[str]:
+        return [f.code for f in self.faults]
+
+    @property
+    def is_blocked(self) -> bool:
+        return not self.passed
+
+
+# ── Validation Rules ─────────────────────────────────────────────────────────
+
+
+@dataclass(frozen=True)
+class ForbiddenToken:
+    """A pattern that must not appear in generated code.
+
+    Declared by each backend in its ``BackendCapabilities.forbidden_tokens``.
+    """
+
+    pattern: str
+    fault_code: str
+    severity: FaultSeverity
+    message: str
+    is_regex: bool = False
+
+
+@dataclass(frozen=True)
+class RequiredPattern:
+    pattern: str
+    fault_code: str
+    message: str
+    condition_description: str
+    is_regex: bool = False
+
+
+# ── Static Validator ─────────────────────────────────────────────────────────
+
+
+class StaticValidator:
+    """Analyzes generated code before execution.
+
+    Forbidden tokens come from the backend that generated the code,
+    queried via ``backend.get_capabilities().forbidden_tokens``.
+
+    If no backend is provided, a minimal set of common-sense defaults
+    is used (``import os``, ``import subprocess``).
+    """
+
+    _MINIMAL_FORBIDDEN: list[ForbiddenToken] = (
+        ForbiddenToken("import os", "STATIC_FORBIDDEN_IMPORT_OS",
+                       FaultSeverity.CRITICAL, "os module import forbidden."),
+        ForbiddenToken("import subprocess", "STATIC_FORBIDDEN_IMPORT_SUBPROCESS",
+                       FaultSeverity.CRITICAL, "subprocess module import forbidden."),
+    )
+
+    def __init__(
+        self,
+        forbidden_tokens: list[ForbiddenToken] | None = None,
+    ) -> None:
+        self._explicit_tokens = forbidden_tokens
+
+    def validate(
+        self,
+        code: GeneratedCode,
+        signature: StateSignature,
+        schema_contract: dict[str, Any] | None = None,
+        *,
+        backend: Any | None = None,
+    ) -> StaticValidationResult:
+        faults: list[Fault] = []
+        checks = 0
+
+        # 1. Forbidden tokens (from backend or explicit override or minimal defaults)
+        checks += 1
+        tokens = self._resolve_tokens(code, backend)
+        faults.extend(self._check_forbidden_tokens(code.code, tokens))
+
+        # 2. Raw PII references
+        checks += 1
+        faults.extend(self._check_pii_references(code.code, signature))
+
+        # 3. Required patterns
+        checks += 1
+        faults.extend(self._check_required_patterns(code.code, signature, language=code.language))
+
+        # 4. Schema contract
+        if schema_contract:
+            checks += 1
+            faults.extend(self._check_schema_contract(code.code, schema_contract))
+
+        blocking = [f for f in faults if f.severity in (FaultSeverity.CRITICAL, FaultSeverity.HIGH)]
+        non_blocking = [f for f in faults if f.severity in (FaultSeverity.WARNING, FaultSeverity.INFO)]
+
+        return StaticValidationResult(
+            passed=len(blocking) == 0,
+            faults=blocking,
+            warnings=non_blocking,
+            checks_performed=checks,
+        )
+
+    def _resolve_tokens(
+        self, code: GeneratedCode, backend: Any | None
+    ) -> list[ForbiddenToken]:
+        if self._explicit_tokens is not None:
+            return self._explicit_tokens
+        if backend is not None and hasattr(backend, "get_capabilities"):
+            return list(backend.get_capabilities().forbidden_tokens)
+        return list(self._MINIMAL_FORBIDDEN)
+
+    # ── Private checks ────────────────────────────────────────────────────
+
+    def _check_forbidden_tokens(
+        self, src: str, tokens: list[ForbiddenToken]
+    ) -> list[Fault]:
+        faults: list[Fault] = []
+        for token in tokens:
+            found = bool(re.search(token.pattern, src, re.IGNORECASE)) if token.is_regex else token.pattern in src
+            if found:
+                faults.append(Fault(
+                    code=token.fault_code,
+                    family=FaultFamily.STATIC,
+                    severity=token.severity,
+                    stage="static_validation",
+                    message=token.message,
+                    mandatory_action=PolicyAction.BLOCK,
+                ))
+        return faults
+
+    def _check_pii_references(self, src: str, signature: StateSignature) -> list[Fault]:
+        faults: list[Fault] = []
+        if not signature.constraints.no_pii_raw:
+            return faults
+
+        for ds in signature.datasets:
+            for col in ds.pii_columns:
+                pattern = rf'F\.col\(\s*"{re.escape(col)}"\s*\)'
+                matches = list(re.finditer(pattern, src))
+                for match in matches:
+                    context_start = max(0, match.start() - 50)
+                    context = src[context_start:match.end() + 30]
+                    if "sha2(" in context or ".drop(" in context:
+                        continue
+                    faults.append(Fault(
+                        code=f"STATIC_RAW_PII_REFERENCE_{col.upper()}",
+                        family=FaultFamily.STATIC,
+                        severity=FaultSeverity.CRITICAL,
+                        stage="static_validation",
+                        message=f"Raw PII column '{col}' referenced without anonymization context.",
+                        mandatory_action=PolicyAction.BLOCK,
+                    ))
+        return faults
+
+    def _check_required_patterns(self, src: str, signature: StateSignature, *, language: str = "") -> list[Fault]:
+        faults: list[Fault] = []
+        is_sql = language == "sql"
+
+        # Partition filter
+        if signature.constraints.partition_by:
+            has_filter = (
+                ".filter(" in src or ".where(" in src
+                or (is_sql and bool(re.search(r"\bWHERE\b", src, re.IGNORECASE)))
+            )
+            if not has_filter:
+                faults.append(Fault(
+                    code="STATIC_MISSING_PARTITION_FILTER",
+                    family=FaultFamily.STATIC,
+                    severity=FaultSeverity.HIGH,
+                    stage="static_validation",
+                    message="Partition filter required but not found in code.",
+                    mandatory_action=PolicyAction.BLOCK,
+                    remediation=("Add a filter/WHERE clause on the temporal column.",),
+                ))
+
+        # Merge operation for Silver/Gold
+        if signature.writes_to_protected_layer and signature.constraints.merge_key_required:
+            has_merge = (
+                "merge(" in src.lower()
+                or "mergebuilder" in src.lower()
+                or "DeltaTable" in src
+                or (is_sql and bool(re.search(r"\bMERGE\s+INTO\b", src, re.IGNORECASE)))
+            )
+            if not has_merge:
+                faults.append(Fault(
+                    code="STATIC_MISSING_MERGE_OPERATION",
+                    family=FaultFamily.STATIC,
+                    severity=FaultSeverity.HIGH,
+                    stage="static_validation",
+                    message="Merge operation required for Silver/Gold write but not found.",
+                    mandatory_action=PolicyAction.BLOCK,
+                    remediation=("Use MERGE INTO or DeltaTable.merge() instead of append.",),
+                ))
+
+        return faults
+
+    def _check_schema_contract(self, src: str, contract: dict[str, Any]) -> list[Fault]:
+        faults: list[Fault] = []
+        forbidden_cols = contract.get("forbidden_columns", [])
+        for col in forbidden_cols:
+            if re.search(rf'\b{re.escape(col)}\b', src):
+                faults.append(Fault(
+                    code=f"STATIC_FORBIDDEN_COLUMN_{col.upper()}",
+                    family=FaultFamily.STATIC,
+                    severity=FaultSeverity.CRITICAL,
+                    stage="static_validation",
+                    message=f"Forbidden column '{col}' detected in output.",
+                    mandatory_action=PolicyAction.BLOCK,
+                ))
+        return faults