Skip to content

Quarantine structural instruction reads#310

Merged
clkao merged 2 commits into
nextfrom
spacedock-ensign/sweep-guard-reader-axis-invert
Jun 6, 2026
Merged

Quarantine structural instruction reads#310
clkao merged 2 commits into
nextfrom
spacedock-ensign/sweep-guard-reader-axis-invert

Conversation

@clkao
Copy link
Copy Markdown
Collaborator

@clkao clkao commented Jun 6, 2026

Summary

  • removes the old markNonAC/markCodeBoundInvariant permission-slip model and legacy prose/code-bound instruction-surface lints
  • keeps only structural instruction-file reads in internal/contractlint behind a thin boundary guard
  • documents the no-prose-grep/no-code-bound-as-behavior-substitute policy in the contractlint package and workflow README

Validation

  • go test ./internal/contractlint = 11 passed
  • go test ./internal/hostneutrality ./skills/integration ./internal/contractlint = 20 passed
  • spacedock status --workflow-dir docs/dev --validate = VALID
  • post-rebase go test ./... = 1117 passed in 16 packages
  • post-rebase go test ./... -race = 1117 passed in 16 packages

Rebase note

Rebased onto origin/next after #300. The only conflict was skills/integration/skill_surface_test.go: #300 added more legacy markNonAC Pi instruction prose lints to a file this branch deletes. Resolved by preserving the delete because those checks belong to the class this task removes or quarantines.

Workflow state: docs/dev/.spacedock-state/sweep-guard-reader-axis-invert/index.md.

clkao and others added 2 commits June 5, 2026 21:03
@clkao @claude
test: net-remove the AC-3 sweep reader-axis taint machinery
93cc2d1 
The reader-axis taint-FLOW layer (instructionTaintedNames/Fields,
readsTaintedField, lvalueName, isStringyType, the transitive reader
fixpoint, and the name-taint branches of exprInstructionTainted) plus
the reader-axis planted-control tests (TestSweepDetectsEvasionShapes /
TestHostneutralitySweepDetectsEvasionShapes and the assertRedThenGreen
helpers, the multi-hop fixpoint cases) are removed. The sweep keeps the
match-axis core: the named-reader allowlist, the recognized path-ident
allowlist, the direct-read predicate (a read sink whose path arg carries
a recognized instruction literal/segment/var, or a WalkDir .md collector)
and the mutation control. A per-package go/ast scan structurally cannot
see a cross-package read or a path built in another file, so the reader
axis is documented as detached-adversarial-audit-backstopped (sweep
docstrings + the validation-stage policy), not statically guarded.

Per-file net-negative: HN 731->407 (-324), integration 794->430 (-364).
Offline go test ./... green (1164 passed); workflow contract VALID.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@clkao
test: quarantine structural instruction reads
de652c0
clkao added a commit that referenced this pull request Jun 6, 2026
@clkao
pr: 4q open #310
fcb6a2e
@clkao clkao merged commit 3007d82 into next Jun 6, 2026
2 of 5 checks passed
clkao added a commit that referenced this pull request Jun 6, 2026
@clkao
mod-block: 4q cleared after #310
c38e59d
clkao added a commit that referenced this pull request Jun 6, 2026
@clkao
complete: 4q passed via #310
9b6fb36
@clkao clkao deleted the spacedock-ensign/sweep-guard-reader-axis-invert branch June 6, 2026 04:10
@clkao clkao mentioned this pull request Jun 6, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@clkao