v1.101.0 — Spiral SEED environment gate

Pre-dispatch validation gate for the SEED seam (#575 item 3).

Mirrors existing _pre_check_implementation / _pre_check_review which validate post-conditions for later phases — the SEED seam had no counterpart.

Catches (before discovery dispatches expensive LLM calls):

• CWD not inside a git work tree (hard-fail)
• grimoires/loa/ missing from CWD — the cycle-084 CWD-mismatch class (hard-fail)
• Cycle dir or parent not writable (hard-fail)
• $SEED_CONTEXT path missing / empty / unreadable (warn; strict mode promotes to error)

Empirical justification: cycle-084 reviewer subprocess ran in .loa/ submodule CWD instead of main repo; catchable pre-dispatch rather than as a confusing mid-cycle "grimoires/loa/prd.md not found" error.

Strict mode: SPIRAL_PRE_CHECK_SEED_STRICT=true promotes warnings to errors (useful for CI).

14 new BATS tests (tests/unit/spiral-pre-check-seed.bats).

PR #594 · closes #575 item 3.

v1.99.2 — Spiral SEED failure-ingestion

Prior-cycle failure events fold into next cycle's discovery context.

Autopoietic-loop closure at the SEED seam (#575 item 2). When the prior spiral cycle's flight-recorder contains load-bearing failure events (circuit breakers, stuck BB findings, auto-escalations, exhausted review fix-loops, budget overruns), the next cycle's _phase_discovery now folds a short markdown summary into the PRD prompt so the model designs around observed failure modes.

Feature flag:
spiral:
seed:
include_flight_recorder: true # default false — safe rollout

Or env var: SPIRAL_SEED_INCLUDE_FLIGHT_RECORDER=true.

Helpers (in spiral-evidence.sh): _find_prior_cycle, _summarize_prior_cycle_failures, _build_seed_failure_prelude.

Tests: 20 new BATS (tests/unit/spiral-seed-ingestion.bats) — 20/20 pass.

PR #592 · closes #575 item 2 · feature gated default-off.

See CHANGELOG for full text.

v1.99.1 — Kaironic termination docs

Documentation pass naming kaironic termination publicly as a differentiator.

• .claude/skills/spiraling/SKILL.md Stopping Conditions section distinguishes chronos (wall-clock caps) from kaironic (signal-exhaustion) termination; marks flatline_convergence as the kaironic condition
• README.md Spiral Autopoietic Orchestrator section adds a paragraph-length explainer

PR #591 · closes #575 item 5 · docs-only, no behavior change.

See CHANGELOG for full text.

v1.99.0 — Spiral observability dashboard

Default-on metrics emission. See CHANGELOG entry.

Highlights:

• _emit_dashboard_snapshot at each phase boundary → <cycle-dir>/dashboard.jsonl + <cycle-dir>/dashboard-latest.json
• Schema spiral.dashboard.v1 (totals + per_phase rollup)
• cmd_status enhanced with pretty "Metrics" + "Per-phase" blocks
• 18 new BATS tests

PR #589 · closes #569 · fail-safe (instrumentation cannot break pipeline).

v1.98.0 — Bridgebuilder persona discovery + resolution trace

Persona DX flags. See CHANGELOG entry.

Highlights:

• --list-personas — enumerate built-in packs with H1 titles
• --show-persona-resolution — trace the 5-level cascade (active/shadow/skip/missing)

PR #588 · closes #396 · 631/631 tests pass.

v1.97.1 — Bridgebuilder OpenAI codex routing fix

Patch release — restore multi-model Bridgebuilder quality gate

Fixes a defect that degraded the 3-model kaironic Bridgebuilder review to effectively single-model. On PR #583, only Gemini succeeded; Anthropic returned 400 (billing exhaustion — separate UX issue) and OpenAI returned 404.

Root cause (#585)

The TypeScript Bridgebuilder adapter at .claude/skills/bridgebuilder-review/resources/adapters/openai.ts hardcoded /v1/chat/completions for all OpenAI models. Codex variants (gpt-5.3-codex and future codex* models) require /v1/responses — calling the chat endpoint returns:

"This is not a chat model and thus not supported in the v1/chat/completions endpoint."

The Python adapter at .claude/adapters/loa_cheval/providers/openai_adapter.py (used by Flatline/Hounfour) already had the correct routing split. This PR ports that pattern to the TypeScript adapter.

Fix (#586)

• Add isCodexModel() detection (case-insensitive /codex/i)
• Route codex models to https://api.openai.com/v1/responses
• Build Responses-shaped body: {model, input: \"<system>\\n\\n---\\n\\n<user>\", stream: true}
• Parse Responses SSE events: response.output_text.delta for content, response.completed for usage, response.created for model fallback
• Non-codex models continue on /chat/completions with existing body + parser

Test coverage

8 new tests added (5 routing + 3 hardening per Gemini 2.5 Pro HIGH finding on the fix PR itself):

• codex model → /v1/responses URL
• non-codex model → /v1/chat/completions URL
• codex body shape (input, not messages)
• Responses SSE parsing (content via response.output_text.delta, usage via response.completed)
• case-insensitive codex detection
• reasoning deltas don't leak into content (only output_text.delta accumulates)
• 4xx error envelopes surface as INVALID_REQUEST
• 5xx retries with backoff

617/617 tests pass (609 existing + 8 new).

Self-verified

Ran multi-model Bridgebuilder against PR #586 itself — all 3 models succeeded: Anthropic (claude-opus-4-7) ✓ + OpenAI (gpt-5.3-codex) ✓ + Gemini (gemini-2.5-pro) ✓, 8 findings produced.

Not addressed (separate follow-up)

The Anthropic 400 in the original run was billing exhaustion ("Your credit balance is too low"), not a code bug. The adapter surfaces this as a generic "API 400" which is a UX issue — worth a separate PR to parse the Anthropic error envelope and report a clearer "credits exhausted" message.

Commits

• 84e6472 — fix(bridgebuilder): route OpenAI codex models to /responses endpoint (#585) (#586)

---

🤖 Generated with Claude Code

v1.97.0 — cycle-088 — Framework Boundary + Spiral Hardening + Adapter Generator

Consolidation release rolling up 14 PRs that shipped as auto-patches between v1.94.1 and v1.96.5.

Themes

Theme	Summary
Framework boundary fixes	agent: Plan write-capability bug (#553), stale version markers (#554), classifier regex missing cycle-NNN (#550)
CI green restoration	Shell Tests 5-cluster triage (#549)
Spiral recovery hardening	REVIEW→IMPL fix-loop + --resume --force (#545/#546 MVP), SPIRAL_TASK export (#568), configurable planning timeouts (#570)
Model adapter evolution (vision-011)	YAML → bash generator (#548), phantom Gemini 3 prune + forward-compat (#573/#574)
Shell safety infrastructure	stash_with_guard + stash-safety rule (#555), tripwire untracked detection (#563)
RFC / design	RFC-061 v3.1 polycentric calibration pack (#556)
Cycle-closing Flatline fixes	simstim --mode hitl docs drift (#579), red-team grounding fail-closed (#582)

PRs

#558, #559, #560, #562, #564, #565, #566, #567, #571, #576, #577, #578, #581, #583

Deferred / Follow-up

• #582 Option A — red-team domain extractor rewrite (TF-IDF + first paragraph)
• #546 full scope — spiral.seed.from_cycle_id artifact-copy preflight
• #548 remaining — T-PRE / T-CROSS / T-GREP committed test scripts + migration playbook
• #556 implementation — polycentric pack directory scaffold, profile YAMLs, golden corpus, LLM-judge harness
• Gemini 3 re-enablement — pending Google v1beta confirmation

See CHANGELOG.md for full per-PR detail.

Known Infrastructure Issue

The post-merge workflow classifier (.github/workflows/post-merge.yml) still carries the narrow pre-#560 regex that didn't match this cycle PR title, so the automation produced a patch bump (v1.96.6). This v1.97.0 tag + release was promoted manually on top of the same commit. The workflow file needs a manual edit per issue #561 (OAuth scope limitation) to use the extracted classify-pr-type.sh shared classifier.

---

🤖 Generated with Claude Code

v1.94.0 — enforce Phase 2.5 at COMPLETED marker write

v1.94.0 — Adversarial Review Enforcement Gate

Closes the silent-skip failure mode in the Flatline Protocol Phase 2.5 adversarial review. Before this release, reviewing-code and auditing-security skills executing inline (as the primary agent rather than a subagent) could skip the cross-model dissenter step under token pressure while still writing the COMPLETED marker and marking sprints APPROVED — with no trajectory entry signalling the omission.

Added

Adversarial review enforcement gate (PreToolUse:Write hook at .claude/hooks/safety/adversarial-review-gate.sh)

Blocks */COMPLETED marker writes when flatline_protocol.{code_review,security_audit}.enabled: true but the corresponding adversarial-{review,audit}.json artefact is missing or structurally invalid.

• Structural validation — artefact must parse as JSON and contain .metadata.type + .metadata.model. These fields are written by adversarial-review.sh on every code path (clean, api_failure, malformed_response, skipped_by_config), so legitimate runs always satisfy the gate. touch artefact.json and empty-JSON placeholders do not.
• CWD-independent config resolution — walks upward from the sprint directory to locate .loa.config.yaml. PreToolUse hooks don't pin CWD, so a bare ./ lookup silently missed from subagents and worktrees.
• Fail-open on infrastructure faults (missing yq, jq parse errors, malformed config) with stderr warning so the degraded state is observable.
• Fails closed when .loa.config.yaml cannot be resolved at all — an unresolvable config means enforcement can't be evaluated, which is exactly the silent-skip mode the gate exists to block.
• Trajectory visibility — adversarial-review.sh now emits a trajectory entry with outcome skipped_by_config when disabled rather than exiting silently.
• Emergency override — LOA_ADVERSARIAL_REVIEW_ENFORCE=false preserved for break-glass; LOA_CONFIG_PATH_OVERRIDE for tests.

Test coverage

.claude/tests/adversarial-review-gate.test.sh — 11 cases, all passing:

• block/allow on missing vs. valid artefact
• structural bypass rejection (empty file, incomplete metadata)
• config-disabled allow path
• gate-scope narrowing (non-Write, non-COMPLETED)
• opt-out env var
• yq-missing fail-open with stderr warning
• walk-up config discovery from neutral CWD
• unresolvable-config fail-closed

Fixed

• Stale gpt-5.2 test assertion in tests/unit/gpt-review-hook.bats — updated to gpt-5.3-codex to match the current dissenter default.

Review trail

This PR was reviewed by Bridgebuilder with the security persona (single-pass + enrichment, 1 HIGH / 3 MEDIUM / 3 LOW findings). GATE-01, GATE-02, GATE-03, GATE-04, GATE-05, SKILL-01 addressed. TRAJ-01 deferred (LOW/0.3 confidence). A follow-up post-merge comment surfaced the CWD / fail-closed hole in the initial implementation, which was folded into the same PR before merge — an in-protocol demonstration that the review loop catches real bypasses when actually run.

Source

• PR: #552
• Merge: e8040402

---

Generated by Loa Post-Merge Automation + manual enrichment

v1.93.0 — Opus 4.7 Top-Review Migration

Opus 4.7 Top-Review Migration (cycle-082)

Retargets the opus alias from claude-opus-4-6 → claude-opus-4-7 across all adapters and review-critical subsystems.

Changed

• opus alias retargeted across bash, Python, TypeScript, and YAML adapters — Flatline Protocol primary, Bridgebuilder enriched review, red-team adapter, spiral advisor all now route to Opus 4.7.
• Pricing: identical to 4.6 ($5/$25 per Mtok input/output) — no cost-ledger or budget impact.
• Sonnet 4.6 executor unchanged — spiral-harness default remains.

Backward Compatibility

• anthropic:claude-opus-4-6 registry entry retained in .claude/defaults/model-config.yaml + .claude/data/model-permissions.yaml as a pinnable fallback
• Operators who want exact 4.6 behavior pin it via .loa.config.yaml:

  hounfour:
    aliases:
      opus: "anthropic:claude-opus-4-6"

• Bash adapter layer retargets legacy IDs (4.5, 4.1, 4.0 and 4.6 itself) to 4.7 per PR #207 precedent — operators relying on legacy aliases for historical baselines must pin the canonical provider-prefixed form

Rollback

• git revert 4602840 — atomic, no state-mutation dependencies
• Operator-level override: pin 4.6 in local config (no maintainer action required)

Review Artifacts

• PRD + SDD + Sprint went through 3 rounds of Flatline (Opus 4.6 + GPT-5.3-codex + Gemini 2.5 Pro) + 1 Bridgebuilder design review + 1 Red Team pass
• Kaironic Bridgebuilder review on PR (bridge-20260417-028ebc): 10 findings, 2 pre-merge fixes applied (trust_scopes assertions, vision PR refs)
• T-SMOKE live-model-ID gate: adapter verified routing opus → claude-opus-4-7, full-confidence Flatline run against 4.7 endpoint (not degraded)

Deferred to Follow-up

• vision-010: formal review-quality benchmark harness
• vision-011: auto-generate bash adapter maps from .claude/defaults/model-config.yaml (would eliminate hand-sync drift class)
• vision-012: role-based alias naming (top-review-anthropic vs opus)

Evidence

• Tests: 17 new BATS alias tests (cycle-082 four-map invariant + YAML retarget), 31 trust_scopes tests (3 new), 38 flatline-readiness tests all green
• Python: 539/540 tests green (1 pre-existing gpt-5.2 failure unrelated to this migration — tracked for follow-up)

PR: #547 (squash-merged as 4602840)
Prior cycle WIP preserved: branch wip/review-pipeline-hardening @ 5d00df1

🤖 Generated with Claude Code

v1.92.0 — Shell Hardening & QoL Cycle

Shell Hardening & QoL Cycle

8 PRs (#537–#544) addressing 6 tracked issues plus 2 codebase-wide QoL improvements. Eliminated three classes of shell bugs, added two lint detectors for ongoing prevention, and closed all open spiral-harness reliability bugs.

Highlights

• 3 bug classes eliminated: stdout pollution, arithmetic exit under set -e, budget boundary >= vs >
• 2 lint detectors added: lint-grep-c-fallback.sh (133 sites), lint-arithmetic-increment.sh (158 sites fixed)
• 135 tests passing across all modified subsystems
• 8 issues closed, 3 updated with narrowed scope

Fixed

PR	Issue	Fix
#537	#514	Spiral stdout pollution — one-line redirect + 3 BATS tests
#538	#515	Budget boundary — audit reserve + strict-greater + raised default
#539	#531	Shell-lint rule — grep -c fallback detector
#540	#530	Secret pattern false positives — narrowed regex + 14 BATS tests
#541	QoL	(( var++ )) fix — 158 sites across 26 scripts + lint detector
#542	QoL	vision-lib.sh — 7 grep -c → awk conversions
#543	#528	Red team submodule — SCRIPT_DIR template paths + 106-line BATS
#544	#516	Harness silent exit — ERR trap + guarded _record_action + 112-line BATS

Issue Tracker

• Closed: #514, #515, #516, #528, #530, #531, #509, #247
• Updated: #443 (freeform passive runtime), #396 (persona DX), #310 (pack→persona mapping)
• Open: 12 remaining (features/RFCs)

Full Changelog: v1.91.7...v1.92.0