This roadmap is the durable repo mirror for the active Linear project:
https://linear.app/itomarkets/project/ecc-platform-roadmap-52b328ee03e1
Linear issue creation is available again in the Ito Markets workspace. The live execution truth is split across:
- the Linear project documents, issue lanes, dependencies, and milestones;
- this repo document;
- merged PR evidence;
- handoffs under
~/.cluster-swarm/handoffs/.
The May 19 release/growth execution map lives at
docs/releases/2.0.0/ecc-2-hypergrowth-release-command-center.md.
It is the operator surface for the final ECC 2.0 repo identity, video suite,
partner/sponsor funnel, consulting/talk funnel, and social launch plan.
- The tracked platform audit is still green on May 20 with 0 open PRs,
0 open issues, 0 discussion maintainer-touch gaps, 0 answerable Q&A gaps,
0 conflicting PRs, and 0 blocking dirty files across
affaan-m/ECC,affaan-m/agentshield,affaan-m/JARVIS,ECC-Tools/ECC-Tools, andECC-Tools/ECC-website. - The new #2015 setup-location Q&A was answered and marked accepted. The
answer keeps install guidance conservative: do not install into
C:\; use a normal workspace, install theecc@eccClaude plugin once, copy only needed rule folders when using manual rules, and avoid stacking plugin plus full manual install. - ECC-Tools PRs #80-#88 landed the next hosted-platform batch: runtime receipts now require failure reasons; AgentShield fleet approval IDs survive hosted security review and render into comments/check-runs; Linear follow-up sync reuses deterministic external IDs; hosted AgentShield remediation items sync to Linear; hosted job observability events are emitted for queued, completed, blocked, failed, and budget-blocked states; and both hosted job status comments and hosted depth-plan check-runs read back recent observability/budget events. PR #88 adds the authenticated observability API readback for operator dashboards and production smoke tests.
- AgentShield PR #94 landed the next cross-harness adapter slice: Zed and
VS Code are first-class adapter detections,
.zed/settings.jsonand.zed/tasks.jsonare discoverable scan inputs, and.zed/setup.mjsnow trips the same AI-tool persistence IOC rule as.vscode/setup.mjs. - AgentShield PR #95 cleared the remaining default-branch Dependabot alert by
moving transitive
brace-expansion5.x lockfile entries to5.0.6; the post-merge Dependabot open-alert API now returns[], and localnpm audit --audit-level=moderatereturns 0 vulnerabilities. - ECC PR #2019 merged the Marketplace Pro selected-target release-gate sync
into this repo as
30f60710d4e0424fc70d9bbdc105009db141d9d8. The post-merge main CI run26135974576completed green across lint, coverage, security, validation, and the full OS/package-manager matrix. - ECC PR #2020 merged the selected-target announcement-gate mirror as
c2471fe5c535310f8a8008c9ed7ea9f6757b33f2. The post-merge main CI run26136949698completed green across lint, coverage, security, validation, and the full OS/package-manager matrix. - ECC-Tools PR #90 added the selected-target official announcement gate for
billing:announcement-gate -- --select-ready-target; safe production preflight no longer requires a raw GitHub login and now blocks only on the local/internalINTERNAL_API_SECRETinput before live execution. - ECC-Tools PR #91 added
--env-filesupport to both billing gate scripts so ignored local operator credential files can supplyINTERNAL_API_SECRET, Cloudflare auth, Wrangler auth mode, or target fallbacks without printing secret contents. Verify, Security Audit, and Workers Builds passed before merge as72119a1, and main CI run26137280847completed successfully after merge. - ECC-Tools PR #92 added a non-breaking
INTERNAL_OPERATOR_API_SECRETbearer accepted by privileged internal API routes without rotating the existingINTERNAL_API_SECRET; Verify, Security Audit, and Workers Builds passed before merge as18d80197be779619283e0b37e2952bac53819a07, and the merged Worker was deployed toapi.ecc.tools. - The May 20 live native-payments gate now passes: the vault-backed Wrangler
readback selected a ready Marketplace Pro target with fingerprint
e953a74209fe, both key families present, webhook evidence ready, 0 KV blockers, and the officialnpm run billing:announcement-gate -- --select-ready-targetreturnedannouncementGateReady: true, 0 required actions, 0 blockers, and audit summary 6 pass / 1 warn / 0 fail through the new operator bearer path. - ECC-Tools PR #93 recorded that live billing evidence in the app launch
checklist and distribution roadmap as
d3d62df83fa075660fa4530c3e0edc311a4355fe; public native-payments copy is no longer blocked by billing evidence, but publication timing remains behind the final release, plugin, live URL, and owner-approval gates. - Linear ITO-54 and the ECC Platform Roadmap now have the May 20 ECC-Tools
hosted observability update comments
74dcc101-3be5-4173-be13-62b80d54f569and348ea8f5-2a2d-46d9-a0fe-ed99653e7fe5, after earlier PR #84/#85 comments recorded remediation sync and hosted observability events. PR #88 is recorded in Linear comments291e2a4b-06e3-4672-a057-cdb141478161andb2d35de0-ca49-44cb-982a-ddec229e7691; AgentShield #94 is recorded in ITO-49 commentfaed69dd-35f5-469d-acb5-ddde6a70d6a1and project comment70187c1e-d481-4181-b418-09bd65d54b5e; AgentShield #95 is recorded in ITO-49 comment371fc3e4-611f-4d20-a23f-67db1260b418, ITO-57 commentbd06e252-15c1-4256-b667-caa3f64f5968, and project comment22c2c388-2fd1-4dea-a939-6141f40c9a21. - Linear ITO-61 and the ECC Platform Roadmap now have the May 20 Marketplace
Pro release-gate comments
467d148a-712a-4777-aad9-95593e9f1739and7642ee9c-3107-400c-a229-53e2895a8914, recording ECC-Tools #89, ECC #2019, the green post-merge CI run, and the remaining internal bearer-token gate. The repo mirror now also records ECC-Tools #90 and #91 as the selected-target announcement gate and billing gate env-file operator-path follow-up.
- The public repo identity is now
affaan-m/ECC; release, package, plugin, workflow, and launch-copy surfaces should use that URL for current public links. - The late May 19 queue drain added the deterministic
release:approval-gateon ECCmain, merged ECC-Tools billing-announcement redaction hardening, and cleared the JARVIS Dependabot/deploy repair tail. The tracked platform audit is now green with 0 open PRs, 0 open issues, and 0 discussion gaps across all five tracked repos, but release/publication actions remain owner and live-URL gated. - The ECC 2.0 release story should lead with the product shape directly:
harness-native operator system, reusable skills/rules/hooks/MCP conventions,
ecc2/alpha control plane, Hermes as optional operator shell, and ECC Tools Pro/Sponsors/consulting as the business surface. - Copy should avoid presenting this as a repo rename or config-pack migration. The release proof should show the system through install flow, cross-harness demos, security evidence, hosted product evidence, and the video suite.
As of 2026-05-20:
- GitHub queues are clean across
affaan-m/ECC,affaan-m/agentshield,affaan-m/JARVIS,ECC-Tools/ECC-Tools, andECC-Tools/ECC-website: the latestplatform-auditsweep found 0 open PRs, 0 open issues, 0 discussion maintainer-touch gaps, 0 answerable Q&A missing accepted answers, and 0 blocking dirty files. The currentscripts/work-items.js list --jsonoutput also reportstotalCount: 0, so there are no open or blocked local work items in the SQLite bridge. - Owner-wide queue cleanup is also inside the requested budget:
docs/releases/2.0.0-rc.1/owner-queue-cleanup-2026-05-18.mdrecords the livegh searchsweep that closed 24 stale dependency-bot PRs and 72 stale legacy payments/0EM roadmap issues, then closed the 9 remaining stale, generated, conflicting, or test/noise PRs and the 5 remaining legacy, outreach, or placeholder issues. The broaderaffaan-mowner namespace is now at 0 open PRs and 0 open issues by livegh search. Archived repos touched during closure were restored to archived state. - GitHub discussions are current across those tracked repos:
affaan-m/ECChas 60 total discussions and 0 without maintainer touch after the May 19 #2003 AURA integration proposal was routed as an external-adapter proposal, not core wallet/escrow coupling, and the May 20 #2015 setup-location Q&A was answered and accepted; AgentShield, JARVIS, ECC Tools, and the ECC Tools website have discussions disabled or 0 total discussions.docs/architecture/discussion-response-playbook.mdnow supplies the ITO-59 response categories, public templates, security-escalation path, and readback rules for future discussion batches. - The current Linear roadmap contains 16 issue lanes (
ITO-44throughITO-59) and five milestones: Security and Access Baseline, ECC 2.0 Preview and Publication, AgentShield Enterprise Iteration, ECC Tools Next-Level Platform, and Legacy Audit and Salvage. - Linear live sync is current for the May 19 PR #2002 merge and discussion
batch: the ECC platform project has the post-PR #2002 sync document
ecc-may-19-post-pr-2002-sync-64cef8f668e0, project commenta6411e3a-8c8e-4a58-adba-687e77d4c543, and issue comments on ITO-44, ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56. ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56 were moved to In Progress because those lanes now have current implementation/evidence and remaining gate/readback work. ITO-57 still has the May 18 emergency supply-chain refresh comment (3fe5b2b7-c4fe-401c-a317-b40d72119cb3). Linear project status updates are disabled in this workspace, so project documents and comments are the supported external status surface. - The latest May 18 merge batch on
mainincludes PR #1970 workflow-security validator bypass fixes, PR #1971 metrics bridge cost-reporting and warning de-dup fixes, PR #1972uncloudskill activation structure, PR #1976 OpenAI/AstraFlow provider response guards, ECC-Tools Wrangler OAuth billing readback mirror evidence, the04d4d819defensive-deny IOC scanner hardening recheck,7911af4arelease OIDC publishing-scope hardening,97567a91release workflow line-ending normalization, and release evidence with a refreshed operator dashboard. docs/releases/2.0.0-rc.1/publication-evidence-2026-05-19.mdrecords the current May 19 queue-zero state, canonical ECC identity merge, release video suite gate, partner/sponsor/talk outreach pack, owner approval packet (owner-approval-packet-2026-05-19.md), current preview-pack smoke digesteebb8a66c33e, local 2568-test suite, PR #2001 merge and GitHub Actions run26102500291success, PR #2002's owner-approval dashboard gate refresh and GitHub Actions run26103853507, PR #2004's Linear readiness evidence sync and GitHub Actions run26105012698, plus PR #2005's post-PR #2004 evidence refresh and GitHub Actions run26106321921, PR #2008's supply-chain evidence gate fix and GitHub Actions run26108473648, post-PR #2006 main CI run26109953093, and PR #2009's project-registry hygiene GitHub Actions run26111313938, post-PR #2009 main CI run26111946778, post-PR #2011 GateGuard main CI run26113695068, and post-PR #2013 release-approval-gate main CI run26128749863. The late May 19 sync target also includes ECC-Tools PR #79 billing-announcement redaction hardening and JARVIS PR #15 / PR #16 queue/deploy repair, with JARVIS main CI, CodeQL, and Deploy green after the workflow repair. The Linear external project status surface now has both the post-PR #2002 sync document and the late-pass documentecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f, plus project commentd42bf0e2-7a8e-4934-9f3f-e281498ee805. The supply-chain gate now also records the@types/node@25.7.0pin andbrace-expansionlock refresh needed for current npm audit/signature verification.- The May 20 ECC-Tools hosted-platform pass extends that evidence with PR #80
through PR #88, all merged after green GitHub Verify/Security Audit/Workers
Builds checks. Local validation for the final depth-plan observability slice
passed the focused hosted depth-plan route test, the full route suite
(89/89), typecheck, lint, full ECC-Tools Vitest suite (683/683), and
git diff --check. PR #88 additionally exposes authenticated hosted observability readback at/api/analysis/observabilityfor operator dashboards and production smoke tests; its local verification passed typecheck, lint, the full ECC-Tools Vitest suite (686/686), andgit diff --check. - AgentShield PR #94 adds Zed and VS Code to the first-class adapter registry
after local verification with typecheck, lint, the focused core scanner/rule
tests, full
npm test(1822 tests),npm run build, andgit diff --check. GitHub checks passed across GitGuardian, scan suite, self-scan, self-scan examples, Node 18/20/22 CI, CodeRabbit, and Cubic after rerunning a transient GitHub artifact-upload failure. - AgentShield PR #95 resolves Dependabot #20 /
GHSA-jxxr-4gwj-5jf2/CVE-2026-45149by updating the vulnerablebrace-expansion5.x transitive lockfile entries to5.0.6. Local validation passednpm audit --audit-level=moderate, typecheck, lint, fullnpm test(1822 tests), build, and whitespace checks; GitHub checks passed across Verify Node 18/20/22, self-scan, self-scan examples, Test GitHub Action, GitGuardian, CodeRabbit, and Cubic. docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-20.mdregenerates the ITO-44 prompt-to-artifact dashboard from live platform audit evidence: PR queue, issue queue, discussion queue, local worktree gate, dashboard generation, and supply-chain loop are current; the dashboard now also tracks the$1,728/moto$10,000/mohypergrowth baseline, release video-suite lane, partner/sponsor/talk outbound pack, and owner approval packet; publication, plugin, billing, AgentShield, ECC Tools, Linear release gate sync, and final outbound approval remain the next work.docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.mdrecords the May 17 queue-zero state, Japanese localization merge, Dependabot TypeScript and Node type merges, post-merge ja-JP lint repair, Mini Shai-Hulud/TanStack local protection recheck, npm audit/signature checks, current operator dashboard, and GitHub CI success for99dd6ac0.docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.mdrecords the queue, discussion, Linear roadmap, ECC Tools access, Mini Shai-Hulud/TanStack full-campaign follow-up, scheduled supply-chain watch coverage, no-lifecycle CI install hardening, GitHub Actions cache purge, AgentShield #85 registry-signature verification, AgentShield #86 evidence-pack CI provenance, AgentShield #87 plugin-cache runtime-confidence classification, AgentShield #88 evidence-pack inspect/readback, AgentShield #89 evidence-pack fleet routing, AgentShield #90 fleet review items, AgentShield #91 checksum-backed policy export, AgentShield #92 checksum-verified policy promotion, ECC-Tools #75 billing-gate tightening, ECC-Tools #76 AgentShield fleet-summary consumption, ECC-Tools #77 hosted finding evidence paths, ECC-Tools #78 harness policy-route linking, PR #1947 supply-chain protection, and May 16 release-evidence refresh.npm run harness:audit -- --format jsonreports 80/80 on currentmain.npm run observability:readyreports 21/21 readiness on currentmain, including the GitHub/Linear/handoff/roadmap progress-sync contract.- GitHub CI run
26017368895completed successfully for04d4d81938b20ac2bac1f0025145ab77d6a59f5f, including Validate Components, Coverage, Lint, Security Scan, and the full Node/package-manager matrix. - Supply-Chain Watch run
26009825837completed successfully for3b7e0ba30a027ffd3319c2f145c63076c296d80a, including no-lifecycle install, npm audit/signature verification, scanner fixtures, advisory-source fixtures, IOC/advisory artifact generation, and workflow-security validation. - PR #1846 merged as
797f283036904128bb1b348ae62019eb9f08cf39and made npm registry signature verification a durable workflow-security gate: workflows that runnpm auditnow neednpm audit signatures. - PR #1848 merged as
cbecf5689d8d1bd5915e7031697a1d56aac538f2and addeddocs/security/supply-chain-incident-response.md, plus a workflow-security validator rule blockingpull_request_targetworkflows from restoring or saving shared dependency caches. - PR #1940 merged as
6951b8d5d29d13cac6b89b461104ad03838553deand added a scheduled supply-chain watch workflow that emits a durable IOC report. - PR #1941 merged as
f7035b5644ffc857879b71c39353b2141f17c3f0and hardened CI dependency installs against lifecycle-hook compromise by disabling package manager lifecycle scripts, removing Actions dependency cache use, and adding validator coverage so those patterns cannot be reintroduced silently. - PR #1850 merged as
248673271455e9dc85b8add2a6ab76107b718639and removed shell access from read-only analyzer agents and zh-CN copies, reducing AgentShield high findings on that surface without changing operator agents. - PR #1851 merged as
209abd403b7eaa968c6d4fa67be82e04b55706d6and madepersist-credentials: falsemandatory foractions/checkoutin workflows with write permissions. - PR #1860 merged as
c2762dd5691a33aaa7f84a0a4901a5bab7980fc8and closed #1859 by adding the Ruby/Rails language pack surface, install aliases, selective-install components, and focused install-manifest executor tests. - AgentShield PR #78 merged as
1b19a985d6ae1346244089a78806a7d5eaaf270eand hardened the release workflow withpersist-credentials: falseplusnpm ci --ignore-scriptsin the write/id-token release path. - AgentShield PR #79 merged as
86a823c5f2c35ee97e6ecf6f99e9ac301d54119aand moved baseline/watch/remediation fingerprints to a shared hashed evidence fingerprint helper. New baselines omit raw finding evidence while older raw-evidence baselines remain comparable. - AgentShield PR #80 merged as
8ed379d1de067b25640ac6273aa4d9f8e6735d43and added prioritized corpus accuracy recommendations to failed corpus gates, mapping misses by category, missing rule, and config ID so enterprise scanner-regression work has an actionable improvement plan. - AgentShield PR #81 merged as
6583884e74ba2e896942113e1ce3146230e6fb76and added ordered remediation workflow phases to remediation plans, routing safe auto-fixes, manual review, and verification through stable finding fingerprints without copying raw evidence. - AgentShield PR #82 merged as
51336ba074ad5e9fed2c0aa3237422be22147e76and expanded the built-in attack corpus with an env proxy hijack scenario covering proxy/runtime mutation, env-token exfiltration, DNS exfiltration, credential-store access, and clipboard access. - AgentShield PR #87 merged as
26bb44650663816d07180e0d20c1895e431a326cand added installed Claude plugin-cache runtime confidence. Cached plugin findings now emitruntimeConfidence: plugin-cache, non-secret score impact stays at the intended0.5x, repository-local non-Claudeplugins/cachepaths are not downgraded, and cached hook implementations no longer appear as active top-levelhook-code. - AgentShield PR #88 merged as
65ed6e2a87545dc99d962b58413f49096a4d70ecand addedagentshield evidence-pack inspectfor downstream consumers. Evidence-pack bundles now have compact JSON/text readback for report score, finding counts, runtime confidence, policy, baseline, supply-chain, CI context, remediation phases, and malformed artifact errors without manually opening every bundle file. - AgentShield PR #89 merged as
521ada9091bb6d818511ab8589ae675b920c106aand addedagentshield evidence-pack fleet <dirs...> [--json]for downstream fleet routing. Multiple verified evidence packs now aggregate into ready, security-blocker, policy-review, baseline-regression, supply-chain-review, and invalid routes with finding, policy, baseline, supply-chain, and remediation totals. - JARVIS PR #13 merged as
127efabbfb5033ae53d7a53e1546aa3c33d6f962and hardened CI/deploy workflows with npm registry signature verification, disabled persisted checkout credentials in write-permission jobs, and pinned the Vercel CLI install instead of usinglatest. - ECC-Tools PR #53 merged as
99018e943d03f024de8c9d278c91f66393d4f1eeand added npm registry signature verification before the existing production dependency audit in CI. - ECC-Tools PR #54 merged as
05df89721f49c1e19d8502c545e26f5694806998and made/ecc-tools followups sync-lineartrack copy-ready PR drafts in the Linear/project backlog whenopen-pr-draftsis not used, preserving useful stale-PR salvage work without opening extra PR shells. - ECC-Tools PR #55 merged as
5d8c112cce4794cfa089d5b0ea661ba87a178be1and added analysis-depth readiness to/ecc-tools analyzecomments, separating commit-history-only repos from evidence-backed and deep-ready repos using CI/CD, security, harness, reference/eval, AI routing/cost-control, and team handoff evidence. - ECC-Tools PR #56 merged as
5b729c88641eafe80f65364bab3fc74d0270f57band added the authenticated/api/analysis/depth-plancontract that maps analysis-depth readiness into concrete hosted jobs for CI diagnostics, security evidence review, harness compatibility, reference-set evaluation, AI routing/cost review, and team backlog routing. - ECC-Tools PR #57 merged as
4cc61112a4cc9feec7b07af09321f360e34af6a4and added the first executable hosted analysis job:/api/analysis/jobs/ci-diagnosticsnow gates on CI/CD readiness, inspects workflow/test-runner/failure-evidence artifacts, returns CI hardening findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #58 merged as
ce09dd8d9b46f65c6b88dc4f48cfb6b6227ae0bfand added the second executable hosted analysis job:/api/analysis/jobs/security-evidence-reviewnow gates on security-evidence readiness, inspects capped AgentShield evidence-pack, policy, baseline, SBOM, SARIF, and security-scan artifacts, returns supply-chain evidence findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #59 merged as
505b372dbd8f75f996d9e2ed079effd30cec5ba5and added the third executable hosted analysis job:/api/analysis/jobs/harness-compatibility-auditnow gates on harness-config readiness, inspects capped Claude, Codex, OpenCode, MCP, plugin, and cross-harness documentation artifacts, excludes local secret-bearing config paths from fetches, returns portability findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #60 merged as
b75e0a49ba5672b1ec9a2a4880ddcfa2d07dc557and added the fourth executable hosted analysis job:/api/analysis/jobs/reference-set-evaluationnow gates on reference-evidence readiness, evaluates analyzer corpus, RAG/evaluator, PR salvage/review, harness, security, and CI failure-mode evidence, excludes obvious secret-bearing fixture paths from fetches, returns reference coverage findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #61 merged as
7b01b67cae0b80774b311cb515b7eca0aa038c65and added the fifth executable hosted analysis job:/api/analysis/jobs/ai-routing-cost-reviewnow gates on AI routing/cost readiness, evaluates model routing, token budget, usage-limit, rate-limit, billing/entitlement, cost-regression, and cost-policy evidence, excludes obvious secret-bearing paths from fetches, returns cost-control findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #62 merged as
781d6733e56f7556edb43fb96bdfb00b1f0a3aa6and added the sixth executable hosted analysis job:/api/analysis/jobs/team-backlog-routingnow gates on team handoff/project tracking readiness, evaluates roadmap, runbook, handoff, release-plan, issue-template, ownership, project-tracker, backlog, and follow-up evidence, excludes obvious secret-bearing paths from fetches, returns team-routing findings and next actions, and charges usage only after successful execution. - ECC-Tools PR #63 merged as
fb9e4c5ceb9ccde50da74c7a69c3fa4bd321fc07and made the hosted execution plan operator-visible on queued PR analysis: the queue now publishes a non-blockingECC Tools / Hosted Depth Plancheck-run on the PR head SHA with ready/blocked hosted executor commands and next action text, while keeping check-run publication best-effort so bundle generation and analysis comments are not blocked. - ECC-Tools PR #64 merged as
72020ef94db94840812977ea7ac37e9344036668and added PR-facing hosted job dispatch controls:/ecc-tools analyze --job ...comments now queue hosted jobs against the PR head SHA, execute them through the existing hosted readiness/evidence gates, post artifacts/findings/next actions back to the PR, and scope idempotency keys by job id so hosted jobs do not collide with bundle analysis. - ECC-Tools PR #65 merged as
bacd4adf6a3a629e8d403865456d15f127baaf4eand added hosted job result history/check-run summaries: queued hosted jobs now cache both the latest result and immutable run records for completed or blocked runs, then publish a non-blocking per-job check-run on the PR head SHA with artifacts, findings, readiness blockers, and next actions. - ECC-Tools PR #66 merged as
4e1db48252d068ea5dcf4308b0bc11b0dfe0c9ceand added a read-only hosted status command:/ecc-tools analyze --job statusnow reads the #65 latest-result cache for the current PR head and posts a compact completed/blocked/not-run table with the next hosted job command, without queueing work or billing usage. - ECC-Tools PR #67 merged as
f20e6bec2b0bf49e4cc36e08b7285c795973b73dand made the hosted depth-plan check-run status-aware: queued PR analysis now reads the #65/#66 latest-result cache when publishingECC Tools / Hosted Depth Plan, includes the latest hosted run status in the plan table, and recommends the next unrun ready job before reruns. - ECC-Tools PR #68 merged as
2cde524b5ef8f34ab7bb1af973248fe4be4359f8and added deterministic hosted promotion readiness: opened/synchronized PRs now publish a non-blockingECC Tools / Hosted Promotion Readinesscheck-run that compares changed files against the checked-in evaluator/RAG corpus, warns on missing hosted-job promotion evidence, and can be disabled withPR_HOSTED_PROMOTION_READINESS_CHECK_MODE=off. - ECC-Tools PR #69 merged as
d0112dac7cef807ae27def41f057682ef0772cceand extended hosted promotion readiness with deterministic output scoring: the check now reads cached completed hosted job results for the current PR head, scores their artifacts and findings against evaluator/RAG corpus expectations, and treats matching hosted artifacts as promotion evidence before reporting a gap. - ECC-Tools PR #70 merged as
7001d805ac981fe220b4575159f469fbea9dbb76and added retrieval planning for hosted promotion: the check now emits ranked retrieval candidates from cached hosted artifacts, hosted findings, expected evidence paths, and changed source paths, plus a model prompt seed that tells the later hosted judge not to promote from changed paths alone. - ECC-Tools PR #71 merged as
d41e59ff00fe1bd0b0c96386e56bc5269d7b9c15and added the first model-backed hosted promotion judge contract: the check now emits a provider-neutralhosted-promotion-judge.v1request contract and fails closed unless hosted retrieval evidence, entitlement, remaining budget, and provider configuration are present. It still does not make live model calls. - ECC-Tools PR #72 merged as
973bc51e5436dd279ae5a890cce9811485eef0b5and executes the hosted promotion model judge behind explicit gates:PR_HOSTED_PROMOTION_MODEL_JUDGE_MODE=executenow calls the configured provider only after hosted retrieval evidence, entitlement, budget, provider, and executor gates pass; the check remains non-blocking, strict-JSON-only, and rejects uncited or non-hosted model output without echoing raw responses. - ECC-Tools commit
05d4e8296e37ba72e471beaa23ea4c81eb2aa31fadds operator-readable audit traces to hosted promotion model judging: check-runs now render a deterministic request fingerprint and allowed-citation count alongside the accepted decision, without exposing raw provider output. - ECC-Tools PR #73 merged as
7d0538c9354e18adbfc72ef00d858949a817fa48and added a fail-closed native-payments announcement gate to/api/billing/readiness: public payment claims now requireannouncementGate.ready === truefrom a Marketplace-managed test account before launch copy can move past release review. - ECC-Tools commit
91a441b92342b842832ac28b018ee46f0c4a906faddsnpm run billing:announcement-gate -- --preflightso operators can verify the Marketplace test account, internal API token presence, and billing-readiness endpoint before making the privileged readback call. - ECC-Tools commit
eb6941290b2fa70db01a51084e9e79a160238468recorded the first live production readback state: Cloudflare Worker secret names includeINTERNAL_API_SECRET, but no Marketplace-managed account could pass the announcement gate yet. - ECC-Tools commit
95d0bec69dbcf364ed084e983a40d0a94d443d16adds repeatable aggregate production KV readback withnpm run billing:kv-readback: the latest API-authenticated run found 253account-billing:*records and 253billing-state:*records, but 0 Marketplace-managed Probilling-state:*records, so native-payments copy remains blocked until--require-readyand the official internal announcement gate pass. - ECC-Tools commit
285967807ea7b5eb3146bc984fb2229db67d4290requires GitHub Marketplace webhook provenance on Pro billing-state records before native-payments announcement readiness can pass. The CI run26013559229succeeded for the pushed head. - ECC-Tools commit
42653f9140c232961280d961ed76a6142433cfa1addsnpm run billing:kv-readback -- --wranglerso operators can run the aggregate production KV readback through an authenticated Wrangler OAuth session instead of requiring a separate Cloudflare API token/global key. CI run26016223013succeeded, and the latest live readback found 253account-billing:*records and 253billing-state:*records with 194 marketplace/free states, 59 Stripe/pro states, 0 Marketplace Pro states, 0 ready-like Marketplace Pro states, and 0 parse failures. Native-payments copy remains blocked until a real Marketplace-managed Pro webhook creates billing-state provenance and--require-readyplus the official internal announcement gate pass. - ECC-Tools commit
632e059e51b6e1297ba118807c8b5b2adbac74ceadds target account billing readback withnpm run billing:kv-readback -- --account <github-login> --require-ready. The report redacts the account login and raw KV keys, emits only a stable fingerprint plus sanitized readiness booleans, and now requires bothaccount-billing:<login>andbilling-state:<login>before a target Marketplace Pro test account can pass the native-payments announcement readback gate. CI run26018941515succeeded. The 2026-05-18 live recheck split out Linear ITO-61 for the target-account blocker. - ECC-Tools commit
d5f60dbadds sanitized Marketplace-source provenance counts tonpm run billing:kv-readback, includingmarketplaceSourceRecords,marketplaceSourceWithWebhookEvidence,marketplaceSourceWithoutWebhookEvidence,byMarketplacePlanName, andbyMarketplaceEventAction. The 2026-05-18 live Wrangler OAuth readback now works and found 256 account-billing records, 256 billing-state records, 197 Marketplace-source records, 59 Stripe-source records, 53 Pro records, 0 Marketplace Pro records, 4 Marketplace webhook-provenance records, allOpen Sourcepurchases, and 193 Marketplace-source records without webhook provenance. Native-payments copy remains blocked by Linear ITO-61 until a real Marketplace-managed Pro webhook creates target account provenance andbilling:kv-readback -- --wrangler --wrangler-bin ./node_modules/.bin/wrangler --account <github-login> --require-readyplus the official internal announcement gate pass. - ECC-Tools commit
13cd3fcnormalizes billing-state key casing so Marketplace webhook writes and announcement readbacks agree on GitHub login case; current-head CI26037611421passed. The code-side readback hardening remains green, but it does not create live Marketplace Pro state. - ECC-Tools commit
69ca535surfaces hosted team-learning feedback controls: harness compatibility and team-backlog routing now show retention days, deletion route/SLA, and opt-out route before adaptive recommendations are routed into team-owned queues. Linear ITO-52 is Done with CI26054455434. - ECC-Tools commit
e56fc1aupdates the lockfile forbrace-expansion@5.0.6and fixed Dependabot alert 44 for CVE-2026-45149; GitHub API reportedstate: fixedat2026-05-18T19:10:15Zand current-head CI26054671308passed. - ECC-Tools PR #89 merged as
512bca6b99cdaa67058a6aa9a4e7e7f0b1d9873aand addsnpm run billing:kv-readback -- --select-ready-target --require-readyso operators can prove a ready Marketplace Pro account without passing or printing the login. The 2026-05-20 production Wrangler OAuth readback found ready-like Marketplace Pro records with webhook provenance and 0 parse failures. The selected target report printed only a stable fingerprint, confirmed both key families,marketplacesource,protier, seat ready, webhook evidence ready, automatic overage disabled, and 0 blockers. The old "no Marketplace-managed Pro target billing-state" blocker is cleared. Linear commentf14ed2fe-a219-470c-8119-63429e197027records the redacted readback counts. - ECC-Tools PR #90 merged as
16a5bb33ee5ce7c31d2ad8d041e5afac03308f05after Verify, Security Audit, and Workers Builds passed. It adds the selected-target official announcement gate through/api/billing/readiness?selectReadyTarget=1andnpm run billing:announcement-gate -- --select-ready-target, so operators no longer need to pass or print a raw GitHub login for the official native-payments gate. The 2026-05-20 safe production preflight requested a selected ready target and narrowed the remaining blocker to the missing local/internalINTERNAL_API_SECRETbearer token. Native-payments copy remains blocked until that token path is available and the livebilling:announcement-gate -- --select-ready-targetcall passes. - ECC-Tools PR #91 merged as
72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05after Verify, Security Audit, and Workers Builds passed. It adds the billing gate env-file operator path with--env-filesupport for the announcement gate and KV readback scripts, plus sentinel tests proving loaded secrets and account logins are not printed. - ECC-Tools PR #92 merged as
18d80197be779619283e0b37e2952bac53819a07after Verify, Security Audit, and Workers Builds passed. It adds the optionalINTERNAL_OPERATOR_API_SECRETrecovery bearer so operators can run privileged internal readiness gates without replacing the primaryINTERNAL_API_SECRET; the merged Worker was deployed toapi.ecc.toolsbefore the live gate run. - ECC-Tools PR #93 merged as
d3d62df83fa075660fa4530c3e0edc311a4355feafter Verify, Security Audit, and Workers Builds passed. It records the live 2026-05-20 billing evidence in the app launch checklist and roadmap: selected ready Marketplace Pro target, fingerprinte953a74209fe, 0 KV blockers, preflight ready,announcementGateReady: true, 0 required actions, 0 blockers, and audit summary 6 pass / 1 warn / 0 fail. Native-payments copy is no longer blocked by billing evidence, but final announcement timing still requires the release, plugin, live URL, and owner-approval gates. - Handoff
ecc-supply-chain-audit-20260513-0645.mdunder~/.cluster-swarm/handoffs/records the May 13 supply-chain sweep: no active lockfile/manifest hit for TanStack/Mini Shai-Hulud indicators; npm audit/signature checks clean across active npm lockfiles;cargo auditclean forecc2; trunkpip-auditclean; JARVIS backend pinned-graph Python audit clean under the supported Python 3.12 target. - PR #1861 validation refreshed
node scripts/harness-audit.js --format jsonat 70/70 andnpm run observability:readyat 21/21. - PR #1862 updated this roadmap after the JARVIS backend Python audit was re-run against the supported Python 3.12 pinned graph.
docs/architecture/harness-adapter-compliance.mdmaps Claude Code, Codex, OpenCode, Cursor, Gemini, Zed-adjacent, dmux, Orca, Superset, Ghast, and terminal-only support to install paths, verification commands, and risk notes.npm run harness:adapters -- --checkvalidates that the public adapter matrix still matches the source data inscripts/lib/harness-adapter-compliance.js.docs/releases/2.0.0-rc.1/publication-readiness.mdgates GitHub release, npm dist-tag, Claude plugin, Codex plugin, OpenCode package, billing, and announcement publication on fresh evidence fields.docs/releases/2.0.0-rc.1/naming-and-publication-matrix.mdrecords the rc.1 naming decision: ship as Everything Claude Code (ECC), keepecc-universalfor npm, keepeccfor Claude/Codex plugin slugs, and defer any broader repo/package rename until after the release pipeline is proven.docs/releases/2.0.0-rc.1/publication-evidence-2026-05-12.mdrecords the dry-run publication evidence pass: npm pack/publish dry-runs, temp install smoke, Claude plugin validation/tag preflight, Codex marketplace CLI shape, OpenCode build, and the remaining approval-gated release blockers.docs/releases/2.0.0-rc.1/publication-evidence-2026-05-13.mdrecords the release-readiness evidence refresh: 70/70 harness audit, adapter compliance PASS, 16/16 observability readiness, 2376/2376 root Node tests, markdownlint, release-surface and npm publish-surface tests, and 462/462ecc2Rust tests.docs/releases/2.0.0-rc.1/publication-evidence-2026-05-13-post-hardening.mdrecords the post-hardening release-readiness refresh after PR #1850 and PR #1851: 70/70 harness audit, adapter compliance PASS, 18/18 observability readiness, 2380/2380 root Node tests, markdownlint, release-surface and npm publish-surface tests, 462/462ecc2Rust tests, npm audit/signature checks, Rust advisory audit, and TanStack/Mini Shai-Hulud IOC checks.- A detached clean worktree at
bfacf37715b39655cbc2c48f12f2a35c67cb0253verified Claude plugin tag dry-run without--force, local marketplace discovery, temp-home local install, enabled plugin listing, and clean uninstall forecc@ecc2.0.0-rc.1. docs/architecture/evaluator-rag-prototype.mdandexamples/evaluator-rag-prototype/define the first read-only self-improving harness prototype: scenario specs, traces, reports, candidate playbooks, verifier results, accepted maintainer-salvage, billing-readiness, CI-failure-diagnosis, and harness-config-quality candidates, plus the AgentShield policy-exception scenario and rejected unsafe candidates.- The npm package surface now excludes Python bytecode/cache artifacts through
package
filesnegation rules and a publish-surface regression test. docs/legacy-artifact-inventory.mdrecords that no_legacy-documents-*directories exist in the current checkout, inventories the two sibling workspace-level_legacy-documents-*repos as sanitized extraction sources, and classifieslegacy-command-shims/as an opt-in archive/no-action surface.docs/stale-pr-salvage-ledger.mdrecords stale PR salvage outcomes, skipped PRs, superseded work, and the remaining #1687, #1609, #1563, #1564, and #1565 translator/manual review tail now attached to Linear ITO-55.- AgentShield PR #53 reduced two context-rule false positives and closed the remaining AgentShield issues.
- AgentShield PR #55 added GitHub Action organization-policy enforcement with
policy/fail-on-policyinputs,policy-status/policy-violationsoutputs, job-summary evidence, and policy violation annotations. - AgentShield PR #56 added SARIF/code-scanning output for organization-policy
violations as
agentshield-policy/*results. - AgentShield PR #57 added OSS, team, enterprise, regulated,
high-risk-hooks/MCP, and CI-enforcement policy-pack presets plus
agentshield policy init --pack. - AgentShield PR #58 added MCP package provenance fields and report-level counts for npm vs git, pinned vs unpinned, known-good, and registry-backed supply-chain evidence.
- AgentShield PR #59 added self-contained HTML executive summaries with risk posture, critical/high priority findings, category exposure, README/API docs, built-CLI smoke validation, and 1,704-test coverage.
- AgentShield PR #60 added category-level built-in corpus benchmark output,
a
readyForRegressionGatesignal, terminal--corpuscategory coverage, README/API docs, built-CLI smoke validation, and 1,705-test coverage. - AgentShield PR #61 cleared the remaining Dependabot security/bugfix PR with
a lockfile-only
postcss8.5.6 -> 8.5.14 bump after local typecheck, full tests, lint, build, and remote self-scan/action verification. - AgentShield PR #62 added organization-policy exception lifecycle audit evidence: active, expiring-soon, and expired exception counts; owner, ticket, scope, expiry, and days-until-expiry reporting; terminal output and GitHub Action job-summary evidence; README docs; rebuilt action bundles; and 1,708-test validation.
- AgentShield PR #63 exposed baseline drift in the GitHub Action with
baseline/save-baselineinputs, baseline drift outputs, job-summary evidence, regression annotations, README/API docs, rebuilt action bundles, and green remote action/self-scan/Node verification. - AgentShield PR #64 added the first-class
agentshield baseline writeCLI command with severity filtering, JSON metadata output, README/API docs, rebuilt CLI bundle, local TDD coverage, and green remote action/self-scan/Node verification. - AgentShield PR #65 pinned workflow actions for release/security CI hardening.
- AgentShield PR #66 disabled cache use in the release publish job so release publication does not depend on mutable restored build state.
- AgentShield PR #67 added the first portable enterprise evidence-pack bundle:
agentshield scan --evidence-pack <dir>writes deterministic manifest, README, JSON, HTML, SARIF, policy-evaluation, baseline-comparison, and supply-chain artifacts with default redaction andnot-runmarkers for optional policy/baseline evidence. - AgentShield PR #68 hardened evidence-pack redaction for enterprise credential families including GitHub fine-grained PATs, GitLab PATs, npm tokens, Linear API keys, Stripe keys, Google API keys, Hugging Face tokens, Vercel tokens, AWS access key IDs, and JWT-shaped credentials.
- AgentShield PR #69 added the deterministic harness adapter registry. Scan reports now surface local marker evidence for Claude Code, OpenCode, Codex, Gemini, dmux, generic terminal agents, and project-local templates in JSON, markdown, terminal, and HTML outputs.
- AgentShield PDF-export decision: defer a native PDF writer for now. The self-contained HTML executive report remains the exportable buyer artifact and can be printed to PDF when needed; native PDF generation should wait for explicit enterprise/compliance demand or a print-fidelity gap in the HTML report.
docs/architecture/agentshield-enterprise-research-roadmap.mdidentifies the next AgentShield enterprise signal: move from scanner/report/policy gate to a team control plane with baseline drift, evidence packs, multi-harness adapters, corpus accuracy gates, remediation routing, threat intelligence, and ECC-Tools/GitHub App integration.- ECC PR #1778 recovered the useful stale #1413 network/homelab architect-agent concepts.
- ECC-Tools PR #26 added cost/token-risk predictive follow-ups for AI routing, Claude/model calls, usage limits, quota, and analysis-budget changes that lack budget, quota, rate-limit, or cost validation evidence.
- ECC-Tools PR #27 added the non-blocking
ECC Tools / PR Risk Taxonomycheck-run for Security Evidence, Harness Drift, Install Manifest Integrity, CI/CD Recommendation, Cost/Token Risk, and Agent Config Review buckets. - ECC-Tools PR #28 added billing readiness audit checks for plan limits, entitlements, Marketplace plan shape, subscription source, seats, and overage metering.
- ECC-Tools PR #29 added deterministic Reference Set Validation signals for analyzer, skill, agent, command, and harness-guidance changes that lack eval, golden trace, benchmark, or reference-set evidence.
- ECC-Tools PR #30 capped follow-up generation to three new GitHub issues and one draft PR per run, then emits the remaining deterministic findings as a project sync backlog for Linear/status tracking without flooding trackers.
- ECC-Tools PR #31 added review follow-up signals to analysis completion comments for outstanding change requests, unresolved or outdated review threads, and review activity without an explicit approval.
- ECC-Tools PR #32 added CI failure-mode predictive follow-ups for workflow and test-runner changes that lack failure fixtures, captured logs, troubleshooting notes, dry-run evidence, or regression coverage.
- ECC-Tools PR #33 added harness-config quality predictive follow-ups for MCP, plugin, agent, hook, command, and harness config changes that lack harness audit, adapter matrix, cross-harness docs, or compatibility regression evidence.
- ECC-Tools PR #34 added skill-quality predictive follow-ups and a Skill Quality PR-risk bucket for skill, agent, command, and rule guidance changes that lack examples, validation, eval, or reference evidence.
- ECC-Tools PR #35 added RAG/evaluator predictive follow-ups and a RAG/Evaluator Evidence PR-risk bucket for retrieval, embedding, ranking, and evaluator changes that lack reference-set comparison, golden trace, benchmark, fixture, or eval-run evidence.
- ECC-Tools PR #36 added deep-analyzer predictive follow-ups, a Deep Analyzer Evidence PR-risk bucket, and a Linear-ready project sync backlog table for deferred follow-up work.
- ECC-Tools PR #37 added a maintained analyzer corpus fixture, corpus validation tests, and co-located analyzer reference-set evidence recognition for future predictive follow-ups and PR-risk taxonomy checks.
- ECC-Tools PR #38 added PR review/stale-salvage predictive follow-ups, a PR Review/Salvage Evidence taxonomy bucket, and maintained corpus fixtures for stale-closure salvage, reviewer-thread, and reopen-flow evidence.
- ECC-Tools PR #39 added opt-in native Linear GraphQL sync for deferred
follow-up backlog items, preserving GitHub object caps while creating or
reusing Linear issues when
LINEAR_API_KEYandLINEAR_TEAM_IDare configured. - ECC-Tools PR #40 added a checked-in evaluator/RAG corpus contract covering stale-PR salvage, billing readiness, CI failure diagnosis, harness config quality, AgentShield policy exceptions, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison evidence, with each scenario exercising missing-evidence and evidence-backed diffs.
- ECC-Tools PR #41 hardened supply-chain dependencies.
- ECC-Tools PR #42 added AgentShield evidence-pack gap prediction and routed missing policy/baseline/allowlist/suppression/supply-chain evidence into the PR-risk taxonomy, follow-up drafts, and Linear-ready backlog table.
- ECC-Tools PR #43 recognized the concrete AgentShield #67 evidence-pack
artifact contract so canonical bundle files now satisfy the taxonomy and
generated follow-up PRs point maintainers at
agentshield scan --evidence-pack <dir>. - ECC-Tools PR #55 added the first hosted/deeper-analysis readiness signal: analysis comments now classify a repo as commit-history-only, evidence-backed, or deep-ready before routing work into CI, AgentShield, harness, reference-set, RAG/evaluator, AI-routing, cost-control, and Linear/project-tracking lanes.
- ECC-Tools PR #56 turned that signal into a hosted execution-plan contract:
/api/analysis/depth-planreturns ready/blocked jobs and next action text without charging analysis usage or creating bundle PRs. - ECC-Tools PR #57 implemented the first job-specific hosted executor:
/api/analysis/jobs/ci-diagnosticsreuses the depth-readiness gate, internal API auth, installation ownership, repo-access billing checks, capped workflow file reads, and usage accounting to return concrete CI hardening findings. - ECC-Tools PR #58 implemented the second job-specific hosted executor:
/api/analysis/jobs/security-evidence-reviewapplies the same hosted gates to AgentShield evidence-pack, policy, baseline, SBOM, SARIF, and security scanner artifacts. - ECC-Tools PR #59 implemented the third job-specific hosted executor:
/api/analysis/jobs/harness-compatibility-auditapplies the same hosted gates to Claude, Codex, OpenCode, MCP, plugin, and cross-harness evidence while avoiding local secret-bearing harness config fetches. - ECC-Tools PR #60 implemented the fourth job-specific hosted executor:
/api/analysis/jobs/reference-set-evaluationapplies the same hosted gates to analyzer corpus, RAG/evaluator, PR salvage, harness, security, and CI failure-mode reference evidence while avoiding obvious secret-bearing fixture fetches. - ECC-Tools PR #61 implemented the fifth job-specific hosted executor:
/api/analysis/jobs/ai-routing-cost-reviewapplies the same hosted gates to model-routing, token-budget, usage-limit, rate-limit, billing/entitlement, cost-regression, and cost-policy evidence while avoiding obvious secret-bearing path fetches. - ECC-Tools PR #62 implemented the sixth job-specific hosted executor:
/api/analysis/jobs/team-backlog-routingapplies the same hosted gates to roadmap, runbook, handoff, release-plan, issue-template, ownership, project-tracker, backlog, and follow-up evidence while avoiding obvious secret-bearing path fetches. - ECC-Tools PR #63 publishes the hosted depth-plan check-run after queued PR analysis completes, making the six hosted executor commands visible on the PR head SHA without turning the check into a merge blocker.
- ECC-Tools PR #64 wires those commands into the queue: maintainers can comment
/ecc-tools analyze --job ci-diagnostics,security-evidence,harness-compatibility,reference-set-evaluation,ai-routing-cost, orteam-backlogon a PR and receive hosted job results in a PR comment. - ECC-Tools PR #65 persists completed and blocked hosted job results to the
analysis cache for 30 days and publishes non-blocking
ECC Tools / Hosted Job: ...check-runs so maintainers can scan hosted outcomes from the PR checks surface instead of rereading older comments. - ECC-Tools PR #66 exposes the cached results from PR comments with
/ecc-tools analyze --job status, summarizing completed, blocked, and not-yet-run hosted jobs for the PR head and recommending the next hosted job command. - ECC-Tools PR #67 feeds those cached results back into the hosted depth-plan check-run so queued analysis recommends the next unrun ready hosted job from cache state instead of repeating the static readiness order.
- ECC-Tools PR #68 adds the first evaluator-backed hosted promotion gate: opened/synchronized PRs get a non-blocking Hosted Promotion Readiness check-run that turns the evaluator/RAG corpus into warnings when changed files match fixture scenarios without their expected evidence artifacts.
- ECC-Tools PR #69 extends that gate to score cached completed hosted job outputs for the current PR head, so hosted artifacts can satisfy corpus evidence expectations before the check reports a promotion gap.
- ECC-Tools PR #76 consumes AgentShield PR #89 fleet output in hosted security
review:
agentshield-evidence/fleet-summary.jsonis now classified asevidence-pack-fleet, invalid packs and security-blocker routes become high-severity hosted findings, and policy, baseline, and supply-chain routes produce owner-ready review findings. - ECC-Tools PR #77 merged as
31fd883b3f0cee135aee4839b01d34855b7867f6and adds anEvidencecolumn to hosted job PR comments and check-run details, surfacing up to three source evidence paths for each finding so AgentShield fleet-derived findings point operators back to the exact bundle artifact. - ECC-Tools PR #78 merged as
0d4eb949aa56f56da88e6654273a22ffb95983a1and links AgentShield fleet routes into hosted harness compatibility review: fleet summaries are collected as harness evidence, target paths are mapped to Claude, Codex, OpenCode, MCP, plugin, and cross-harness owners, and routed findings carry source evidence paths for operator review. - ECC-Tools PR #79 merged as
67ee247ae1b7b50ecc1261ed5d62d65cc8390da8and redacts billing announcement gate account output: the billing preflight and live readback now print stable account fingerprints and sanitized readiness booleans instead of raw account logins or KV key names. - ECC-Tools PR #80 merged as
4efc8cc858022f84c844690f3298633b081c4398and requires runtime receipt failure reasons before harness runtime receipts can count as hosted observability evidence. - ECC-Tools PR #81 merged as
1fbf635f492284f75ba7166c029c39eb8cc15794and preserves AgentShield fleet approval IDs through hosted security review so policy-promotion follow-ups keep owner-review identity stable. - ECC-Tools PR #82 merged as
7a7b4d096a176ae80b3a2076c09d45601e36013aand renders AgentShield fleet approval IDs in hosted comments and check-runs, giving operators a direct bridge from hosted security review back to AgentShield policy-promotion review items. - ECC-Tools PR #83 merged as
b6b107f33961bef18a85fb619f3a976eb5d752ddand makes Linear follow-up sync reuse deterministic external IDs before title fallback, preventing duplicate deferred backlog issues during repeated/ecc-tools followups sync-linearruns. - ECC-Tools PR #84 merged as
73bac7058071c55cb30c6b8ac6db779b3660c02cand syncs hosted AgentShield remediation items to Linear when the workspace token/team are configured; hosted result comments now include created/reused Linear remediation links. - ECC-Tools PR #85 merged as
1637e0f2bfa0a889387f2c20675680ccc5528123and emits hosted job observability events for queued, completed, blocked, failed, and budget-blocked states intoANALYSIS_CACHE, including budget snapshots and result counts. - ECC-Tools PR #86 merged as
5a9e94d3ff860307c3e7fd9fd065f0de2bd633ddand reads recent hosted observability events in/ecc-tools analyze --job status, so status comments show budget snapshots, blocked results, and budget-blocked outcomes alongside latest job runs. - ECC-Tools PR #87 merged as
508fbc02b63cf1fcb5af2f3624608fa66e53b5d4and adds the same hosted observability readback to hosted depth-plan check-runs, keeping the PR check surface aligned with status comments. - ECC-Tools PR #88 merged as
c836ac3fb24ed7e2ae38cd61e41c9651ac9c00f8and exposes authenticated hosted observability API readback at/api/analysis/observability, summarizing recent hosted events by event type and job while skipping malformed stale KV records. The deployment runbook now includes the production smoke command for operator/dashboard readback. - AgentShield PR #90 merged as
6d1c57c92000541d65a3b6bc366f0322d7d0daccand adds durable fleetreviewItems:agentshield evidence-pack fleet --jsonnow returns owner-ready review items with route, severity, repository/target context, source evidence paths, reason, and recommendation; the text CLI prints the same routed follow-up list for operators. - AgentShield PR #91 merged as
73e1e3586dc4513a462e39c9799f75eea104e110and adds durable policy pack export:agentshield policy exportwrites one JSON policy per selected pack plus a checksum-backedmanifest.json, with pack selection, owners, name prefixes, and JSON output for branch-protection review or downstream policy promotion. - AgentShield PR #92 merged as
e7e259dc6212b63a8e03a253ca6b8c1e3c2abff7and adds the protected promotion gate for those bundles:agentshield policy promoteverifies the export manifest and selected policy SHA-256 digest, rejects tampered policy JSON, requires explicit pack selection for multi-pack manifests, and supports dry-run JSON review before writing the active.agentshield/policy.json. - AgentShield PR #94 merged as
4caee27acfadb50a4cd024e738b5c3cbd4b0bb03and adds editor-native adapter coverage for Zed and VS Code. Zed.zed/settings.json,.zed/tasks.json, and.zedhook-code files are now scan inputs, adapter reports expose Zed MCP/tool-permission/task metadata and VS Code workspace/task/extension metadata, and.zed/setup.mjsis covered by the AI-tool persistence IOC rule. - AgentShield PR #95 merged as
25d91f0002214c408da4ceaac7def20bad40ca10and clears thebrace-expansionDependabot alert. The lockfile now resolves the vulnerable transitive 5.x copies to5.0.6; the remaining 1.x copy is outside the advisory range. - AgentShield main commit
87aec47fb55d04ea28d494852d4f664c268c5601extends policy promotion with durablereviewItemsfor manifest digest evidence, policy-owner approval, protected rollout PR handoff, and runtime smoke testing. Local validation passednpm run typecheck,npm run lint, andnpm test; GitHub Actions run25985170621completed successfully across Node 18, 20, and 22 plus self-scan examples, and the sibling AgentShield Self-Scan/Test GitHub Action runs also completed successfully. - AgentShield main commit
28d08c7f9961eaa54804b26e6352d23b64ae2776adds package-manager hardening drift detection for.npmrc,.pnpmrc,.yarnrc,.yarnrc.yml,pnpm-workspace.yaml, andpnpm-workspace.yml, including plaintext registry credential detection, explicit lifecycle-script enablement, and missing or weak release-age cooldown findings. Local validation passed focused rule/scanner tests,npm run typecheck,npm run lint,npm run build, fullnpm test -- --run, andgit diff --check; GitHub Actions run25986170958completed successfully, and the sibling AgentShield Self-Scan and Test GitHub Action runs passed. - AgentShield main commit
659f569190f85f6f0808353e096d66c0a6d7817eupdates all workflow action pins to current SHA-pinnedactions/checkout@v6.0.2andactions/setup-node@v6.4.0; GitHub Actions run25986221319completed successfully and the prior Node 20 action-runtime deprecation annotation was gone from the final CI watch output. - AgentShield main commit
ee585cdcorrects package-manager hardening guidance after local verification showed npm10.9.4rejectsmin-release-age: npm configs are now scanned for lifecycle/token drift and unsupported release-age keys, while enforceable cooldown findings stay on pnpmminimumReleaseAge/minimum-release-ageand YarnnpmMinimalAgeGate. Local validation passed package-manager/scanner tests,npm run typecheck,npm run lint,npm run build, andgit diff --check; GitHub Actions run25986719058, Test GitHub Action run25986719054, and AgentShield Self-Scan run25986719066completed successfully. - AgentShield main commit
1124535345d7040242ecd3803f65bcd4dcaf6ec2exposes package-manager hardening through the GitHub Action so CI/hosted consumers can route registry credential, lifecycle-script, and release-age gate drift separately from generic finding counts. Local validation passed focused action tests,npm run typecheck,npm run lint,npm run build, fullnpm test, andgit diff --check; GitHub Actions CI run25994354007, Test GitHub Action run25994354011, and AgentShield Self-Scan run25994354026completed successfully. - ECC PR #1803 landed the contributor Quarkus handling branch after maintainer
cleanup, current-
mainalignment, full local validation, and preservation of the author's removal of incomplete ja-JP and zh-CN Quarkus translations. - ECC PR #1812 salvaged useful Django reviewer, Django build resolver, and Django Celery guidance from stale PR #1310 through a maintainer-owned branch with source credit, catalog sync, and full local/remote validation.
- ECC PR #1813 expanded the stale PR salvage ledger with source-to-salvage mappings for #1325, #1414, #1478, #1504, and #1603, confirming those useful stale contributions were already preserved through later maintainer PRs.
- ECC PR #1815 salvaged the useful stale #1304 cost-tracking and #1232 skill-scout work into current command/skill conventions with current catalog sync and full local/remote validation.
- ECC PR #1816 salvaged the useful stale #1659 frontend design guidance into
canonical ECC skill layout while preserving the guardrail that the official
Anthropic
frontend-designskill remains externally sourced. - ECC PR #1817 salvaged the useful stale #1658 code-reviewer false-positive guardrails, adding proof gates for HIGH/CRITICAL findings, common false-positive exclusions, and a regression test.
- ECC PR #1818 recorded the May 12 stale-salvage gap pass, classifying already present work, skipped work, and translator/manual-review leftovers.
- Keep public PRs and issues below 20, with zero as the preferred release-lane target.
- Maintain 80/80 harness audit and 21/21 observability readiness after every GA-readiness batch.
- Do not publish release or social announcements until the GitHub release, npm/package state, billing state, and plugin submission surfaces are verified with fresh evidence.
- Do not treat closed stale PRs as discarded. Pair each cleanup batch with a salvage pass: inspect the closed diffs, port useful compatible work on maintainer-owned branches, and credit the source PR.
- Use Linear project documents/comments for project-level updates because project status updates are disabled in this workspace; create or update issues when a lane needs a durable execution owner.
This table keeps the long operator prompt tied to concrete artifacts. A status is not complete unless the evidence column exists and has been freshly verified.
| Prompt requirement | Required artifact or gate | Current evidence | Status |
|---|---|---|---|
| Keep public PRs below 20 | Repo-family PR recheck | 0 open PRs across ECC, AgentShield, JARVIS, ECC-Tools/ECC-Tools, and ECC-Tools/ECC-website on the late 2026-05-19 platform audit after merging ECC PR #2013, ECC-Tools PR #79, JARVIS PR #15, and JARVIS PR #16 |
Complete |
| Keep public issues below 20 | Repo-family issue recheck | 0 open issues across ECC, AgentShield, JARVIS, ECC-Tools/ECC-Tools, and ECC-Tools/ECC-website on 2026-05-19 after the live platform audit refresh |
Complete |
| Manage repository discussions | Repo-family discussion recheck plus response playbook | Platform audit reports 0 discussion maintainer-touch gaps and 0 answerable Q&A missing accepted answers; trunk has 59 total discussions after #2003 was routed with a maintainer response; docs/architecture/discussion-response-playbook.md distinguishes support, maintainer coordination, stale/concluded, release, informational, and security-sensitive response paths |
Complete |
| Manage PR discussions | PR review/comment closure plus merge/close state | ECC #1990-#2013 merged through the harness audit, canonical identity, release video suite, growth outreach, evidence refresh, visual QA, suite-count, owner-approval packet, owner-approval dashboard gate, Linear readiness evidence, supply-chain evidence gate, per-project Claude Code adapter, continuous-learning project-registry hygiene, GateGuard quoted git introspection, and deterministic release-approval gate batch; ECC-Tools #79 and JARVIS #15/#16 also merged; no open tracked PRs remain | Complete |
| Salvage useful stale work | docs/stale-pr-salvage-ledger.md plus docs/legacy-artifact-inventory.md |
Ledger records salvaged, superseded, skipped, and manual-review tails; #1815-#1818 added cost tracking, skill scout, frontend design guidance, code-reviewer false-positive guardrails, and the May 12 gap pass; #1687, #1609, #1563, #1564, and #1565 localization tails are attached to Linear ITO-55 for language-owner review and no automatic import remains release-blocking | Complete; repeat legacy scan before release |
| ECC 2.0 preview pack ready | Release docs, quickstart, publication readiness, release notes | docs/releases/2.0.0-rc.1/ and readiness docs are in-tree; May 19/20 evidence records queue-zero state, canonical ECC identity, release video suite, growth outreach pack, owner approval packet, local 2568-test suite, PR #2001 merge and GitHub Actions run 26102500291, PR #2002 owner-approval dashboard gate refresh and GitHub Actions run 26103853507, PR #2004 Linear readiness evidence sync and GitHub Actions run 26105012698, PR #2008 supply-chain evidence gate CI run 26108473648, post-PR #2006 main CI run 26109953093, PR #2009 project-registry hygiene GitHub Actions run 26111313938, post-PR #2009 main CI run 26111946778, post-PR #2011 GateGuard main CI run 26113695068, post-PR #2013 release-approval main CI run 26128749863, post-PR #2019 main CI run 26135974576, post-PR #2020 main CI run 26136949698, ECC-Tools #91 main CI run 26137280847, May 20 operator dashboard, owner-approval-packet-2026-05-19.md, release-approval-gate.js, and preview-pack smoke digest eebb8a66c33e |
Needs final release approval |
| Hermes specialized skills included safely | Hermes setup/import docs and sanitized skill surface | Hermes setup and import playbook are public; secrets stay local | Needs final release review |
| Naming and rename readiness | Naming matrix across package/plugin/docs/social surfaces | docs/releases/2.0.0-rc.1/naming-and-publication-matrix.md records current package, repo, Claude plugin, Codex plugin, OpenCode, and npm availability evidence |
Complete for rc.1; post-rc rename remains future work |
| Claude and Codex plugin publication | Contact/submission path with required artifacts and status | Publication readiness, naming matrix, and May 12 dry-run evidence document plugin validation, clean-checkout Claude tag/install smoke, and Codex marketplace CLI shape | Needs explicit approval for real tag/push and marketplace submission |
| Articles, tweets, and announcements | X thread, LinkedIn copy, GitHub release copy, push checklist, partner/sponsor/talk pack | Draft launch collateral and approval-gated outreach copy exist under rc.1 release docs | Needs URL-backed refresh and human approval before posting or sending |
| AgentShield enterprise iteration | Policy gates, SARIF, packs, provenance, corpus, HTML reports, exception lifecycle audit, baseline drift Action/CLI surfaces, evidence-pack redaction, harness adapter registry, editor-native Zed/VS Code adapter coverage, Dependabot alert closure, enterprise research roadmap, supply-chain hardened release path, CI-safe baseline fingerprints, corpus accuracy recommendations, remediation workflow phases, env proxy hijack corpus coverage, Mini Shai-Hulud full-campaign package IOCs, CI-provenance evidence packs, plugin-cache runtime-confidence triage, evidence-pack consumer readback, fleet-level evidence-pack routing, fleet review items, fleet review ticket payloads, checksum-backed policy export, checksum-verified policy promotion, policy promotion review items, package-manager hardening drift detection, npm age-gate guidance correction, workflow action-runtime pin refresh, package-manager hardening Action outputs, policy-promotion Action outputs, ECC-Tools hosted consumption of promotion Action outputs, ECC-Tools operator-visible promotion output values, and ECC-Tools hosted promotion judge audit traces | PRs #53, #55-#64, #67-#69, #78-#92, #94, and #95 landed with test evidence, ECC-Tools #76 consumes the fleet-summary output in hosted security review, #77 surfaces source evidence paths in hosted finding output, and #78 links fleet routes to harness owner review; AgentShield #91 adds agentshield policy export bundles for branch-protection review and downstream promotion; AgentShield #92 adds agentshield policy promote with digest verification, tamper rejection, explicit pack selection, dry-run review, and JSON output before writing active policy; AgentShield #94 adds Zed/VS Code adapter detection, .zed/settings.json and .zed/tasks.json scan discovery, and .zed/setup.mjs AI-tool persistence IOC coverage; AgentShield #95 clears the brace-expansion Dependabot alert with a patched lockfile and 0 open Dependabot alerts after merge; AgentShield commit 87aec47 adds reviewItems for digest evidence, owner review, protected rollout PR handoff, and runtime smoke testing with green local and remote CI; AgentShield commit 28d08c7 adds package-manager hardening drift detection for plaintext registry credentials, lifecycle-script enablement, and weak pnpm/Yarn release-age cooldowns with green local and remote CI; AgentShield commit 659f569 refreshes all workflow action runtime pins to SHA-pinned checkout v6.0.2 and setup-node v6.4.0 with green remote CI and no remaining action-runtime deprecation annotation; AgentShield commit ee585cd corrects npm release-age guidance by flagging unsupported npm age keys and keeping enforceable cooldown findings on pnpm/Yarn with green local and remote CI; AgentShield commit 1124535 exposes package-manager hardening status/count outputs and a redacted job-summary section for registry credentials, lifecycle scripts, and release-age gates with green local and remote CI; AgentShield commit 1593925 exposes policy-promotion status/count/digest outputs plus job-summary review items for owner approval, protected rollout, and runtime smoke, and marks runtime smoke verified when the same Action job scans with the promoted policy; AgentShield commit 840952a adds Linear/operator-ready fleet review ticket payloads and expands current Mini Shai-Hulud IOC breadcrumbs with green local and remote CI; ECC-Tools commit 8658951 routes those policy-promotion Action outputs into hosted security review findings and Hosted Promotion Readiness scoring; ECC-Tools commit 16c537f renders policy-promotion status, pack, review item count, action-required count, and digest in hosted security job comments/check-runs; ECC-Tools commit 05d4e82 renders hosted promotion judge request fingerprints and allowed-citation counts without raw provider output; native PDF export deferred in favor of self-contained HTML plus print-to-PDF until explicit enterprise demand appears; docs/architecture/agentshield-enterprise-research-roadmap.md now has baseline drift, evidence-pack bundle, redaction, adapter-registry, supply-chain hardening, hashed baseline fingerprints, corpus accuracy recommendation, remediation workflow, env proxy hijack corpus, Mini Shai-Hulud full-campaign package-table, ci-context.json provenance, plugin-cache confidence, evidence-pack inspect readback, evidence-pack fleet routing, fleet reviewItems, fleet review ticket payloads, policy export, policy promotion, policy promotion reviewItems, package-manager hardening Action outputs, policy-promotion Action outputs, hosted consumption of promotion Action outputs, operator-visible promotion output values, hosted promotion judge audit traces, editor-native adapter coverage, and Dependabot closure landed |
Next workflow automation should deepen live operator approval/readback after Marketplace/payment gates |
| ECC Tools next-level app | Billing audit, PR checks, deep analyzer, sync backlog, evaluator/RAG corpus, hosted promotion judge audit trace, native-payments readback, ready Marketplace Pro target selection, selected-target announcement gate, billing gate env-file operator path, hosted observability, AgentShield fleet-summary hosted routing, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output hosted telemetry, and operator-visible promotion output values | PRs #26-#43 plus #53-#93 landed with test evidence across hosted analysis, hosted promotion readiness, model-judge execution, native-payments announcement gating, AgentShield evidence consumption, hosted remediation/Linear sync, hosted observability readback, ready Marketplace Pro target selection, selected-target official announcement gating, and env-file operator loading; ECC-Tools #89 merged as 512bca6 after Verify, Security Audit, and Workers Builds passed, and the 2026-05-20 production Wrangler OAuth readback found ready-like Marketplace Pro records with webhook provenance, selected a target with both key families, and reported 0 blockers without printing the login; ECC-Tools #90 merged as 16a5bb3 after Verify, Security Audit, and Workers Builds passed, and production preflight now requests /api/billing/readiness?selectReadyTarget=1 without a raw login; ECC-Tools #91 merged as 72119a1 with --env-file support for ignored local billing credentials and sentinel no-secret/no-login output tests; ECC-Tools #92 merged as 18d8019, deployed the non-breaking INTERNAL_OPERATOR_API_SECRET path to api.ecc.tools, and the 2026-05-20 live selected-target gate returned announcementGateReady: true with 0 required actions and 0 blockers; ECC-Tools #93 merged as d3d62df to record the live billing evidence in the app launch checklist and roadmap |
Repeat KV readback and selected-target announcement gate immediately before launch; keep native-payments copy behind final release, plugin, live URL, and owner-approval gates |
| GitGuardian/Dependabot/CodeRabbit-style checks | Non-blocking taxonomy, deterministic follow-up checks, and local supply-chain gates | ECC-Tools risk taxonomy check plus follow-up signals landed, including Skill Quality, Deep Analyzer Evidence, Analyzer Corpus Evidence, RAG/Evaluator Evidence, PR Review/Salvage Evidence, and AgentShield evidence-pack evidence; #1846 added npm registry signature gates; #1848 added the supply-chain incident-response playbook and pull_request_target cache-poisoning validator guard; #1851 added the privileged checkout credential-persistence guard; AgentShield #78, JARVIS #13, and ECC-Tools #53 applied the same hardening outside trunk |
Current supply-chain gate complete; deeper hosted review features remain future |
| Harness-agnostic learning system | Audit, adapter matrix, observability, traces, promotion loop | Audit/adapters/observability gates plus docs/architecture/evaluator-rag-prototype.md, examples/evaluator-rag-prototype/, and ECC-Tools PR #40 define read-only stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison scenarios with trace, report, playbook, verifier, and predictive-check artifacts; ECC-Tools PRs #68-#72 now turn that corpus into a deterministic PR check-run gate with cached hosted-output scoring, ranked retrieval candidates, a model prompt seed, a fail-closed hosted model-judge request contract, and opt-in live model execution behind strict hosted-evidence gates |
Deterministic hosted PR check, cached output scoring, retrieval planning, judge contract, and gated model execution integrated |
| Linear roadmap is detailed | Linear project document/comments plus repo mirror | Repo mirror exists and issue creation works again; the May 19 sync adds post-PR #2002 document ecc-may-19-post-pr-2002-sync-64cef8f668e0, project comment a6411e3a-8c8e-4a58-adba-687e77d4c543, ITO-44/47/48/49/51/54/56 issue comments, and In Progress state for ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56; the late-pass batch adds document ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f, project comment d42bf0e2-7a8e-4934-9f3f-e281498ee805, and ITO-44/50/54/56/61 comments for PR #2013, ECC-Tools #79, and JARVIS #15/#16 because project status updates are disabled in the workspace |
Needs recurring document/comment updates after each significant merge batch |
| Flow separation and progress tracking | Flow lanes with owner artifacts and update cadence | This roadmap defines lanes below and docs/architecture/progress-sync-contract.md makes GitHub/Linear/handoff/roadmap sync part of the readiness gate |
Active |
| Realtime Linear sync | Project documents/comments plus issue comments for lane updates | ECC-Tools #39 implements opt-in Linear API sync for deferred follow-up backlog items, and ECC-Tools #54 adds copy-ready PR drafts to that backlog when draft PR shells are not opened; docs/architecture/progress-sync-contract.md defines the local file-backed realtime boundary; May 18 and May 19 live connector comments were posted to the ECC platform project and lane issues after project status updates returned disabled |
Needs workspace config/product rollout for hosted issue sync |
| Observability for self-use | Local readiness gate, traces, status snapshots, HUD/status contract, risk ledger, progress-sync contract | npm run observability:ready reports 21/21 |
Complete for local gate |
| Proper release and notifications | Release tag, npm publish state, plugin state, social posts | Publication readiness gate exists with May 12 dry-run and May 13 readiness evidence | Not complete; approval/live URLs required |
Until Linear issue capacity is cleared, this document is the durable execution
ledger and Linear receives project status updates only. The sync contract lives
at docs/architecture/progress-sync-contract.md. When capacity is available,
each lane below should become a small set of Linear issues linked back to the
repo evidence and merge commits.
| Lane | Source of truth | Next tracked artifact | Update cadence |
|---|---|---|---|
| Queue hygiene and salvage | GitHub PR/issue state, salvage ledger | Append ledger entries for any future stale closures | Every cleanup batch |
| Release and publication | rc.1 release docs, publication readiness doc | Naming matrix and plugin submission/contact checklist | Before any tag |
| Harness OS core | Audit, adapter matrix, observability docs, ecc2/ |
HUD/session-control acceptance spec | Weekly until GA |
| Evaluation and RAG | Reference-set validation, harness audit, traces, ECC-Tools corpus | Read-only evaluator/RAG prototype plus stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison fixtures; ECC-Tools #68 publishes the corpus as a hosted promotion readiness check-run, #69 scores cached hosted job outputs against the same corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 adds a fail-closed hosted model-judge request contract, and #72 executes that judge only when explicitly enabled and backed by hosted retrieval citations; ECC-Tools 16c537f surfaces policy-promotion Action output values in hosted security comments/checks; ECC-Tools 05d4e82 adds hosted model-judge audit traces with request fingerprints and allowed-citation counts |
Marketplace Pro billing-state verification with webhook provenance |
| AgentShield enterprise | AgentShield PR evidence and roadmap notes | Fleet routing landed in #89 after evidence-pack inspect/readback shipped in #88; #90 emits fleet reviewItems; #91 exports checksum-backed policy bundles; #92 promotes checksum-verified policies from those bundles into active policy files; #94 adds Zed and VS Code adapter detection, Zed project scan discovery, and .zed/setup.mjs persistence IOC coverage; #95 closes the brace-expansion Dependabot alert with 0 open alerts after merge; AgentShield 87aec47 adds policy promotion reviewItems; 28d08c7 adds package-manager hardening drift detection; 659f569 refreshes workflow action runtime pins; ee585cd corrects unsupported npm release-age guidance and keeps enforceable cooldown findings on pnpm/Yarn; 1124535 exposes package-manager hardening Action outputs for CI/hosted routing; 1593925 exposes policy-promotion Action outputs and runtime-smoke job-summary evidence; 840952a adds fleet review ticket payloads and current Mini Shai-Hulud IOC breadcrumbs; ECC-Tools #76 consumes fleet summaries, #77 surfaces source evidence paths in hosted findings, #78 links fleet routes to harness owners, ECC-Tools 8658951 consumes policy-promotion Action outputs, and ECC-Tools 16c537f renders operator-visible output values |
Deepen live operator approval/readback after Marketplace/payment gates |
| ECC Tools app | ECC-Tools PR evidence, billing audit, risk taxonomy, evaluator/RAG corpus | ECC-Tools #53 published the supply-chain workflow hardening branch, #54 tracks copy-ready PR drafts in the Linear/project backlog, #55 classifies analysis-depth readiness, #56 exposes the hosted execution plan, #57 executes the first hosted CI diagnostics job, #58 executes the hosted security evidence review job, #59 executes the hosted harness compatibility audit, #60 executes the hosted reference-set evaluation, #61 executes the hosted AI routing/cost review, #62 executes hosted team backlog routing, #63 publishes the hosted depth-plan check-run, #64 dispatches hosted jobs from PR comments, #65 persists hosted result history/check-runs, #66 exposes hosted job status from PR comments, #67 makes depth-plan recommendations cache-aware, #68 publishes hosted promotion readiness from the evaluator/RAG corpus, #69 scores cached hosted job outputs against that corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 emits the gated hosted-promotion-judge.v1 contract without live model calls, #72 adds opt-in live model-judge execution behind hosted-evidence and strict JSON/citation gates, #73 adds a fail-closed native-payments announcementGate to billing readiness, #74 adds npm run billing:announcement-gate for operator verification, #75 tightens the billing announcement gate for live Marketplace readback, #76 routes AgentShield fleet-summary evidence into hosted security findings, #77 adds source evidence paths to hosted finding output, #78 links AgentShield fleet target paths to hosted harness owner findings, 8658951 routes AgentShield policy-promotion Action outputs into hosted security review and promotion readiness, 16c537f renders policy-promotion status/pack/count/digest values in hosted security comments/checks, 05d4e82 renders hosted promotion judge request fingerprints plus allowed-citation audit traces, 91a441b adds billing announcement preflight output for required readback inputs, eb69412 records the initial production readback state, 95d0bec adds aggregate billing:kv-readback evidence, 2859678 requires Marketplace webhook provenance in billing readiness, 42653f9 adds Wrangler OAuth readback with live aggregate production counts, 632e059 adds sanitized target-account billing readback for the exact Marketplace test account, ECC-Tools #89 adds selected-ready-target KV readback, ECC-Tools #90 adds selected-target official announcement gating without raw login input, and ECC-Tools #91 adds --env-file support for ignored local billing credentials without printing secrets or logins |
Obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate |
| Linear progress | Linear project status updates, docs/architecture/progress-sync-contract.md, generated operator:dashboard output, and this mirror |
Status update with queue/evidence/missing gates | Every significant merge batch |
The project status update should always include:
- Current public PR and issue counts.
- Merged evidence since the previous update.
- Deferred or blocked items with the reason.
- The next one or two implementation slices.
- Any release or publication gate that is still not evidence-backed.
The GA roadmap is informed by these reference surfaces:
stablyai/orcaandsuperset-sh/supersetfor worktree-native parallel agent UX, review loops, and workspace presets.standardagents/dmuxandaidenybai/ghastfor terminal/worktree multiplexing, session grouping, and lifecycle hooks.jarrodwatts/claude-hudfor always-visible status, tool, agent, todo, and context telemetry.stanford-iris-lab/meta-harnessandgreyhaven-ai/autocontextfor evaluation-driven harness improvement, traces, playbooks, and promotion loops.NousResearch/hermes-agentfor operator shell, gateway, memory, skills, and multi-platform command patterns.anthropics/claude-code, activesst/opencode/anomalyco/opencode, Zed, Codex, Cursor, Gemini, and terminal-only workflows for adapter expectations.
The output of this reference work should be concrete ECC deltas, not a second strategy memo.
Target: 2026-05-24
Acceptance:
- Naming matrix covers product name, npm package, Claude plugin, Codex plugin, OpenCode package, marketplace metadata, docs, and migration copy.
- GitHub release, npm dist-tag, plugin publication, and announcement gates are mapped to fresh command evidence.
- Release notes, migration guide, known issues, quickstart, X thread, LinkedIn post, and GitHub release copy are ready but not posted before release URLs exist.
- Plugin publication/contact paths for Claude and Codex are documented with owner, required artifacts, and submission status.
Target: 2026-05-31
Acceptance:
- Adapter matrix covers Claude Code, Codex, OpenCode, Cursor, Gemini, Zed-adjacent surfaces, dmux, Orca, Superset, Ghast, and terminal-only use.
- Each adapter has supported assets, unsupported surfaces, install path, verification command, and risk notes.
- Harness audit remains 80/80 and gains a public onramp that explains how teams use the scorecard.
- Reference findings are converted into concrete adapter, observability, or operator-surface deltas.
Target: 2026-06-07
Acceptance:
- Observability readiness remains 21/21 and is backed by JSONL traces, status snapshots, risk ledger, and exportable handoff contracts.
- HUD/status model covers context, tool calls, active agents, todos, checks, cost, risk, and queue state.
- Worktree/session controls cover create, resume, status, stop, diff, PR, merge queue, and conflict queue.
- Linear/GitHub/handoff sync model is explicit enough for real-time progress tracking.
Target: 2026-06-10
Acceptance:
- Scenario specs, verifier contracts, traces, playbooks, and regression gates are documented and at least one read-only prototype exists.
- The loop separates observation, proposal, verification, and promotion.
- Team and individual setups can be scored and improved without blindly mutating configs.
- RAG/reference-set design covers vetted ECC patterns, team history, CI failures, diffs, review outcomes, and harness config quality.
Target: 2026-06-14
Acceptance:
- Formal policy schema and evaluation output exist for org baselines, exceptions, owners, expiration, severity, audit trails, expiring-soon visibility, and expired-exception enforcement.
- SARIF/code-scanning output is implemented and tested.
- GitHub Action policy gates expose organization policy status and violation counts for branch-protection and CI evidence.
- Policy packs are defined for OSS, team, enterprise, regulated, high-risk hooks/MCP, and CI enforcement.
- Supply-chain intelligence covers MCP package provenance and has an extension path for npm/pip reputation, CVEs, typosquats, and dependency risk.
- Prompt-injection corpus and regression benchmark are ready for continuous rule hardening with category-level coverage and regression-gate output.
- Enterprise reports include JSON plus self-contained HTML executive output with risk posture, priority findings, category exposure, and policy-exception lifecycle evidence in terminal/CI summaries.
- Native PDF export is not a GA blocker unless an enterprise/compliance workflow requires a generated PDF file instead of the self-contained HTML report and browser print-to-PDF path.
Target: 2026-06-21
Acceptance:
- Native GitHub Marketplace billing announcement is backed by verified implementation and docs.
- Internal billing readiness audit covers plan limits, seats, entitlement mapping, Marketplace plan shape, subscription state, overage hooks, and failure modes.
- Deep analyzer covers diff patterns, CI/CD workflows, dependency/security surface, PR review behavior, failure history, harness config, skill quality, dedicated analyzer corpus evidence, co-located analyzer reference sets, PR review/stale-salvage evidence, RAG/evaluator comparison, and reference-set validation.
- PR check suite taxonomy includes Security Evidence, Harness Drift, Install Manifest Integrity, CI/CD Recommendation, Cost/Token Risk, Reference Set Validation, Deep Analyzer Evidence, RAG/Evaluator Evidence, PR Review/Salvage Evidence, Skill Quality, and Agent Config Review.
- Evaluator/RAG billing readiness fixture
examples/evaluator-rag-prototype/billing-marketplace-readiness/records the read-only claim-verification path for Marketplace, App, subscription, seat, entitlement, and plan language before launch copy can treat those claims as live. - Cost/token-risk predictive follow-ups flag AI routing, model-call, usage, quota, and budget changes when budget evidence is missing.
- Reference-set validation follow-ups flag analyzer, skill, agent, command, and harness-guidance changes that lack eval, golden trace, benchmark, or maintained reference-set evidence.
- Deep-analyzer follow-ups flag repository, commit, architecture, pattern, and analysis-pipeline changes that lack analyzer corpus, snapshot, fixture, or benchmark evidence.
- Analyzer corpus evidence includes maintained fixtures and tests for current
architecture and commit analyzer outputs, plus co-located
src/analyzers/{fixtures,goldens,reference-sets,benchmarks,evals}/evidence paths. - RAG/evaluator follow-ups flag retrieval, embedding, ranking, and evaluator changes that lack reference-set comparison, golden trace, benchmark, fixture, or eval-run evidence.
- Evaluator/RAG corpus contract mirrors the local prototype scenarios into ECC-Tools fixtures and tests for stale-PR salvage, billing readiness, CI failure diagnosis, harness config quality, AgentShield policy exceptions, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison.
- PR review/stale-salvage follow-ups flag review, triage, stale-closure, and pull-request automation changes that lack stale-salvage fixtures, reviewer-thread cases, or reopen-flow reference evidence.
- PR analysis comments summarize review follow-up signals for requested changes, unresolved or outdated review threads, and missing approvals.
- CI failure-mode predictive follow-ups flag workflow and test-runner changes that lack failure fixtures, captured logs, troubleshooting notes, dry-run evidence, or regression coverage.
- Harness-config quality predictive follow-ups flag MCP, plugin, agent, hook, command, and harness config changes that lack audit, adapter matrix, cross-harness doc, or compatibility regression evidence.
- Linear sync maps deferred backlog findings to Linear issues without flooding GitHub, creates or reuses exact-title Linear issues when configured, and reports skipped sync when credentials or team configuration are absent.
- Linear/project backlog sync includes copy-ready PR drafts when
/ecc-tools followups sync-linearis used withoutopen-pr-drafts, so stale-PR salvage work remains tracked without opening extra PR shells. - Follow-up generation caps automatic GitHub object creation and keeps overflow findings in a copy-ready project sync backlog.
Target: 2026-06-15
Acceptance:
- Legacy directories and orphaned handoffs are inventoried.
- Each useful artifact is marked landed, Linear/project-tracked, salvage branch, or archive/no-action.
- Workspace-level legacy repos are mined only through sanitized maintainer branches; raw context, secrets, personal paths, local settings, and private drafts are never imported wholesale.
- Stale PR salvage policy stays in force: close stale/conflicted PRs first, record a salvage ledger item, then port useful compatible content on maintainer branches with attribution.
- #1687 localization leftovers are handled only by translator/manual review, not blind cherry-pick.
- Continue the AgentShield enterprise control-plane sequence from
docs/architecture/agentshield-enterprise-research-roadmap.md: PR #63 shipped GitHub Action baseline outputs and job-summary evidence; PR #64 shipped first-class baseline snapshot creation throughagentshield baseline write; PR #67 shipped the evidence-pack bundle; PR #68 hardened evidence-pack redaction; PR #69 shipped the multi-harness adapter registry; PR #78 hardened the release workflow for the current supply-chain incident class; PR #79 moved baseline/watch/remediation fingerprints to hashed evidence and stopped writing raw evidence into new baselines; PR #80 added prioritized corpus accuracy recommendations for failed regression gates; PR #81 added ordered remediation workflow phases; PR #82 expanded corpus coverage for env proxy hijacks and out-of-band exfiltration; PRs #83-#85 hardened Mini Shai-Hulud IOC coverage and release-path supply-chain verification; PR #86 added whitelistedci-context.jsonworkflow, commit, run, and runtime provenance to evidence packs; PR #87 classified installed Claude plugin caches separately from active top-level runtime config, including cached hook implementations; PR #88 addedagentshield evidence-pack inspectJSON/text readback for downstream consumers; PR #89 addedagentshield evidence-pack fleetsummary/routing across multiple inspected bundles; ECC-Tools PRs #42/#43 now route and recognize evidence packs; ECC-Tools PR #76 consumes fleet summaries in hosted security review; ECC-Tools PR #77 surfaces source evidence paths in hosted PR comments and check-runs; ECC-Tools PR #78 links AgentShield fleet target paths into hosted harness owner findings; and AgentShield PR #90 emits fleetreviewItemswith source evidence paths and owner-ready recommendations; AgentShield PR #91 exports checksum-backed policy bundles for branch-protection review and downstream policy promotion; AgentShield PR #92 promotes checksum-verified policy bundles into active policy files with dry-run JSON review; AgentShield commit87aec47adds policy promotionreviewItemsfor digest evidence, owner-review, protected-rollout PR handoff, and runtime smoke testing; AgentShield commit28d08c7adds package-manager hardening drift detection; AgentShield commit659f569clears the action-runtime deprecation warnings with current SHA-pinned v6 actions; AgentShield commitee585cdcorrects npm release-age guidance so unsupported npm age keys are findings while enforceable cooldown findings stay on pnpm/Yarn; AgentShield commit1124535exposes package-manager hardening Action outputs for registry credentials, lifecycle-script drift, and release-age gate drift; and AgentShield commit1593925exposes policy-promotion Action outputs for owner approval, protected rollout, digest evidence, and runtime-smoke review items, ECC-Tools commit8658951consumes those outputs in hosted security review and Hosted Promotion Readiness scoring, and ECC-Tools commit16c537frenders promotion status, pack, review item count, remaining action count, and digest in hosted security comments/check-runs. AgentShield commit840952aadds Linear/operator-ready fleet review ticket payloads and expands current Mini Shai-Hulud IOC breadcrumbs, with green local and remote CI. AgentShield commit4e36aabhardens CI package installs after the expanded Mini Shai-Hulud refresh, with CI, Test GitHub Action, Self-Scan, and Dependabot Update workflows green. ECC-Tools commit05d4e82adds hosted promotion judge audit traces with deterministic request fingerprints and allowed-citation counts, without exposing raw provider output. ECC-Tools commit91a441badds a billing announcement preflight command for checking Marketplace readback inputs before privileged API calls. ECC-Tools commit2859678requires Marketplace webhook provenance in billing-state before native-payments announcement readiness can pass. ECC-Tools commit42653f9adds Wrangler OAuth KV readback and confirms the current blocker is not Cloudflare read access; it is the absence of a ready-like Marketplace Pro billing-state record with webhook provenance. ECC-Tools commit632e059adds sanitized target-account readback, and PRs #89/#90/#91 move the final operator path to selected-target readback, selected-target announcement gating, and ignored env-file credential loading without printing account logins or raw KV key names. ECC-Tools PR #79 redacts the billing announcement gate account output; PR #80 requires failure reasons in runtime receipts; PRs #81/#82 preserve and render AgentShield fleet approval IDs; PR #83 makes Linear follow-up sync idempotent by external ID; PR #84 syncs hosted AgentShield remediation items into Linear; PR #85 emits hosted job observability events including budget-blocked outcomes; PRs #86/#87 read those events back into hosted status comments and hosted depth-plan check-runs; and PR #88 exposes authenticated hosted observability API readback for operator dashboards. - Run
npm run billing:announcement-gate -- --preflight --select-ready-target, adding--env-file /path/to/ecc-tools.envwhen the local bearer token is stored in an ignored operator file, then run the same command without--preflightand requireannouncementGate.ready === truebefore any native GitHub payments announcement. - Enable/configure the merged Linear backlog sync path after workspace issue capacity clears or the Linear workspace is upgraded, then verify PR-draft salvage items land in the expected project.
- Use the ECC-Tools evaluator/RAG corpus as the promotion gate before adding deeper hosted retrieval, vector storage, or automated check-run promotion.