solution-erp/.claude/workflows/runs/2026-06-18-harness-audit-invest/audit-synthesis.md

# AUDIT SYNTHESIS — Harness 8/9/10/10-refine + checklists + hmw (re-audit, honest nấc)

- **run-id:** 2026-06-18-harness-audit-invest · **wf:** wf_13868efb-ea7 · **date:** 2026-06-18 (S72)
- **method:** 4× investigator-codebase ∥. **Part B** returned StructuredOutput (full). **Part A FAILED** (no StructuredOutput after 2 nudges). **Part C / H8** truncated in notification tail. → em-main **SELF-GATE recovery** (ground-truth disk: glob/git/grep/read) per `feedback_agent_kill_recovery` — disclosed, valid review-branch (KHÔNG giấu).
- **baseline:** đo vs **CANONICAL spec** (ground-truth AI_INFRA broadcast). `cross-project-status.md` STALE (2026-05-22, RAG Layer A — KHÔNG phải harness 8-10) → KHÔNG dùng để "chứng minh sisters ahead"; honest.

## Verdict
SE đã landed **Harness-8** (all-inherit) + **Harness-9** (PART A memory + PART B adap-2wf) ở nấc tốt. NHƯNG **BEHIND Harness-10 FLAT refine**: SE đang ở run-trace SUBFOLDER cũ, 2 broadcast 06-18 mới nhất (checklist-v2 + h10-flat-detector-refine) UNADOPTED. Lệnh sleep-recovery (§J2 AI_INFRA) absent (by-design, anh muốn parity).

## Gap matrix (honest nấc)

### PART A — memory L2 (self-gated; auditor failed)
| # | gap | nấc thật | bằng chứng |
|---|---|---|---|
| A1 budget.json | ok | executed-file | `.claude/agent-memory/memory-budget.json` có per-tier cap + status |
| A2 seed-by-measure | ok | executed-file+runtime | `scripts/measure-agent-memory.ps1` + `seeded_date` re-measure S71 |
| A3 additive gist + distill-gen | ok | runtime | reviewer/inv `.gist.md` gen:2, impl-be gen:1, verbatim còn |
| A4 coverage-diff gate | ok | convention-met | practiced @curate S70/S71 |
| A5 _INDEX map | ok | executed-file | 4 sub có `archive/_INDEX.md` pointer-only |
| A6 pointer-resolve substring | ok | runtime | substring sha-keyed (S70 design) |
| A7 budget-audit @session-start §2.1.2 | ok | convention-met + runtime | trong session-start.md; chạy session này |
| **A8 sleep-compress command** | **missing** | none | SE KHÔNG có `/sleep-recovery-memory-l2` (AI_INFRA §J2-internal); SE nén ad-hoc @curate |
| A9 .ragignore | ok | executed-file | `.ragignore` tồn tại |
| watch | partial | — | frontend-designer 24.0KB + test-specialist 23.9KB sát cap, CHƯA có archive |

### PART B — adap 2-workflow (MANDATORY; from workflow)
| # | gap | nấc thật | note |
|---|---|---|---|
| B1 implement run-id | ok | runtime | S70 wf_a58e0d15-beb · S71 wf_e4e46725-231 |
| B2 review run-id ≠ implement | ok | runtime | S70 wf_9520d8cd-4fe · S71 wf_636bc95b-939 (self-gate disclosed khi reviewer no-StructuredOutput) |
| B2.5 reverse-findings | ok | runtime | 3 (S70) + 4 (S71) items |
| B3 email both run-ids + true-nấc | ok | runtime | 2 email outbox/ai_infra, hedged honest |
| **B4 short-confirm via review** | **partial** | convention-met | codified adap-apply.md:38, CHƯA có runtime instance |

### PART C + refine — run-trace (MANDATORY)
| # | gap | nấc thật | bằng chứng |
|---|---|---|---|
| **C1 FLAT structure** | **missing** | none | 5 run-folders đều SUBFOLDER (`sub-md/`+`harvest/`); canonical = flat |
| C2 scaffold-at-open run.md | ok | convention-met | S71 + audit run này có run.md @open |
| C3 git-tracked 2-level | ok | runtime | `git ls-files .claude/workflows/runs`=**22** · check-ignore exit=1 (NOT ignored) |
| C4 per-turn harvest | ok | convention-met | — |
| C5 3-layer anti-miss | ok | executed-file | runs/README + session-start orphan-scan + session-end gate |
| C6 ledger 2-beat + orphan | ok | executed-file | `_ledger.md` open/close, 0 orphan |
| C7 honest caveat | ok | convention-met | present |
| **C8 migration old→flat + dual-accept gate** | **missing** | none | chưa migrate; close-gate chưa dual-accept |
| **refine(a) hmw.js flat** | **missing** | none | `hmw.js:103/:109` còn `sub-md/` subdir |
| **refine(b) anti-bypass detector** | **N/A-tailored** | none | SE KHÔNG có detector. **Threat-model khác:** SE dùng Anthropic Workflow tool (KHÔNG có CLI-launcher để lách như hmw.js CLI) → "engine-bypass" gần như N/A; containment SE = git-diff + run-folder TRACKED + ledger orphan-scan (G-015). refine nói detector = "chuyện nội bộ mỗi dự án tự quyết" |

### Harness-8 + hmw
| # | gap | nấc thật | bằng chứng |
|---|---|---|---|
| H8 11/11 inherit | ok | runtime | H1 monitor confirm disk + `hmw.js:43` resolveModel all-inherit |
| hmw.js args.run/wave | ok | executed-file | `:19` `:92` accept args.run + legacy wave |
| **2 broadcast pending** | **missing** | none | checklist-v2 + h10-flat-detector-refine UNADOPTED |
| sleep §J2 scoping | n/a | — | AI_INFRA-internal, KHÔNG phải sister-obligation |

## Key honest findings (cho report AI_INFRA)
1. **hmw.js engine còn subfolder** (`:103/:109`) — flat migration phải sửa engine, không chỉ folder.
2. **5 run cũ giữ nguyên** (đừng rewrite history); new=flat; close-gate dual-accept (C8-A).
3. **Detector: SE tailored-out có lý-lẽ** — Workflow-tool ≠ CLI-launcher → no bypass surface; containment hiện hữu (git-diff + tracked + orphan-scan) đã phủ. KHÔNG cargo-cult. (Decision điểm — anh chốt build vs document.)
4. **B3 imprecision THẬT (S71):** report/email cite path tắt `runs/` + count "14" cũ; thật = `.claude/workflows/runs` (**22 file**). Folder commit thật; chỉ path-string + count sai → sửa ở report mới.
5. **checklist-v2 nấc-rubric** chưa dệt vào self-verify của SE.

## Fix plan → IMPLEMENT (next)
- **em-main cluster (single-writer, coherence):** hmw.js sub-md/→flat · runs/README + workflows/README flat · session-start/end flat + dual-accept gate · agents/README repoint + Upgrade S72 · _ledger gate note · keep 5 old runs (history).
- **agent (disjoint):** port `/sleep-recovery-memory-l2` tailored SE (A8).
- **detector (anh chốt):** document tailored-out (default) HOẶC build untracked-run detector nhẹ.
- **report fix:** correct path/count + B4-convention note.