feat(sparkctl): add SPARK Evidence Packet v1

.agents/skills/codex-token-saving/SKILL.md

@@ -0,0 +1,44 @@
+# Skill: Codex Token-Saving Workflow
+
+## Purpose
+Reduce context waste and avoid repo-drift during Codex Desktop work.
+
+## Use this skill when
+- Starting a new Codex Desktop session.
+- Working under token limits.
+- Deep-diving a large repo.
+
+## Operating mode
+- Do not scan the entire repo blindly.
+- Start with local instructions and manifests.
+- Use targeted `rg` searches.
+- Read only files relevant to the current phase.
+- Produce compact summaries.
+- Avoid rereading large files.
+- Batch validation after coherent edits.
+
+## Standard phase pattern
+1. Bootstrap workspace.
+2. Read instructions.
+3. Build compact repo map.
+4. Identify smallest safe change.
+5. Ask for approval if in plan mode.
+6. Implement focused change.
+7. Validate.
+8. Report exact files and command results.
+
+## Useful search terms for CompText
+- `canonical_json`
+- `sha256_hex`
+- `package`
+- `artifact`
+- `manifest`
+- `goal`
+- `policy`
+- `review`
+- `provider`
+- `boundary`
+- `handoff`
+- `roundtrip`
+- `SPARK`
+- `claim`

.agents/skills/comptext-governance/SKILL.md

@@ -0,0 +1,57 @@
+# Skill: CompText Governance
+
+## Purpose
+Preserve the CompText product contract during any code, UI, CLI, documentation, or artifact work.
+
+## Use this skill when
+- Working on CompText Gateway, comptext-cli, comptext-sparkctl, Context Governor, or related docs.
+- Changing pipeline, provider, review, artifact, or safety logic.
+- Preparing material for reviewers, SPARK, public sector, or enterprise stakeholders.
+
+## Product contract
+CompText is a deterministic Context Pack / proposal-gated evidence workflow.
+
+Core line:
+Models are providers. Context is the product.
+
+Canonical pipeline:
+Source / GitHub URL → Goal → Inspect → Context Pack → Policy Gate → Provider Boundary → Untrusted Proposal → Human Review → Artifacts
+
+## Required boundaries
+- Provider output is untrusted until reviewed.
+- Proposals are never auto-applied.
+- Policy Gate decides whether provider calls are allowed.
+- Human Review is the approval boundary.
+- Artifacts preserve the evidence trail.
+- GitHub/source repos remain read-only unless explicitly approved.
+
+## Allowed claims
+- deterministic context infrastructure
+- bounded inspection
+- proposal-gated workflow
+- review boundary
+- evidence trail
+- provider-agnostic boundary
+- artifact manifest
+- local integrity anchor if actually implemented
+- SHA-256 hash of canonical JSON if actually computed
+
+## Blocked claims
+- production-ready
+- certified
+- EU AI Act compliant
+- legally compliant
+- forensic proof or forensic certainty
+- solved hallucinations
+- guaranteed correctness
+- guaranteed replay validity for arbitrary inputs
+- autonomous enterprise agent
+- autonomous approval
+- universal AI memory
+
+## Checklist before final answer
+- Did the change preserve Goal → Context Pack → Policy Gate → Review → Artifacts?
+- Is provider output clearly untrusted?
+- Are claims bounded and review-safe?
+- Are artifacts/data honest and not faked?
+- Are source repos/GitHub writes blocked unless explicitly approved?

.agents/skills/reviewer-final-report/SKILL.md

@@ -0,0 +1,27 @@
+# Skill: Reviewer Final Report
+
+## Purpose
+Ensure every Codex Desktop run ends with an auditable, reviewer-grade report.
+
+## Required final report sections
+1. Working folder path.
+2. Repository root path.
+3. Instructions/skills read.
+4. MCP/connectors/plugins used or skipped.
+5. Git remote status showing push disabled.
+6. Files changed.
+7. Artifact contract improvements.
+8. Goal support improvements.
+9. Policy/review/provider-boundary improvements.
+10. SPARK alignment improvements.
+11. Validation commands and exact results.
+12. Remaining risks.
+13. Final ZIP path if created.
+14. Next safe action.
+
+## Reporting rules
+- Do not hide failed commands.
+- Distinguish implemented vs documented vs future work.
+- Do not inflate claims.
+- Mention any assumptions.
+- Keep the final report compact but complete.

.agents/skills/rust-canonical-artifacts/SKILL.md

@@ -0,0 +1,36 @@
+# Skill: Rust Canonical Artifacts
+
+## Purpose
+Keep Rust artifact packaging deterministic, testable, and honest.
+
+## Use this skill when
+- Editing Rust package/codec/serialization code.
+- Working on `canonical_json`, `sha256_hex`, manifests, or roundtrip tests.
+
+## Determinism rules
+- Canonical serialization must be stable across runs.
+- Avoid map iteration order unless explicitly sorted/canonicalized.
+- Avoid nondeterministic timestamps in hash inputs unless intentionally part of the schema and tested.
+- Avoid platform-specific path separators inside canonical hashes unless normalized.
+- Hash only canonical bytes/string, not pretty-printed or debug output.
+
+## Hash rules
+- Never display `sha256` unless actually computed.
+- Never call a placeholder hash an integrity anchor.
+- If a hash is optional, represent missing hash explicitly.
+- If docs mention SHA-256, say “over canonical JSON” only when implemented.
+
+## Rust quality rules
+- Prefer typed structs/enums over loose strings for contract-critical fields.
+- Use serde derives consistently.
+- Keep backwards compatibility if an existing package format exists.
+- Add tests before broad refactors.
+- Keep changes small.
+
+## Validation
+Prefer:
+- `cargo fmt --check`
+- `cargo test`
+- `cargo clippy --all-targets --all-features -- -D warnings`
+
+If clippy fails on pre-existing warnings, report honestly and fix only safe issues.

.agents/skills/security-readonly-boundaries/SKILL.md

@@ -0,0 +1,42 @@
+# Skill: Security and Read-Only Boundaries
+
+## Purpose
+Prevent unsafe actions while working with Codex Desktop, GitHub, MCP/connectors, and local repositories.
+
+## Use this skill when
+- GitHub plugin is enabled.
+- Codex Security plugin is enabled.
+- Any MCP/connector is available.
+- Working on CompText source repos or hackathon deliverables.
+
+## Hard restrictions
+- Do not push.
+- Do not deploy.
+- Do not create PRs.
+- Do not create issues.
+- Do not create remote branches.
+- Do not create tokens.
+- Do not write secrets.
+- Do not paste secrets into code, docs, prompts, or tests.
+- Do not install unofficial Codex UI/Android/remote-control packages.
+
+## Git safety
+After cloning, run:
+`git remote set-url --push origin DISABLED`
+
+Then show:
+`git remote -v`
+
+Treat GitHub as read-only even if credentials allow writes.
+
+## MCP / connector rules
+- Use MCP/connectors only for read-only context unless explicitly approved.
+- Prefer local cloned files as source of truth.
+- Do not use connectors to mutate GitHub or deployments.
+- Do not rely on hidden external state for deterministic validation.
+
+## Network/tooling caution
+- Do not add provider calls for sparkctl.
+- Do not add shell execution features to the product.
+- Do not add arbitrary filesystem readers.
+- Do not expose private provider keys to frontend/runtime output.

.agents/skills/spark-hackathon-alignment/SKILL.md

@@ -0,0 +1,35 @@
+# Skill: SPARK Hackathon Alignment
+
+## Purpose
+Align CompText work with SPARK / Safe & Stable positioning without overclaiming.
+
+## Use this skill when
+- Preparing hackathon material.
+- Writing README, demo, pitch, or docs for SPARK.
+- Adding evidence/review functionality.
+
+## Positioning
+SPARK stands for “Schnellere Planung und Realisierung durch KI”.
+CompText should be positioned as the review, policy, and evidence boundary for AI-assisted workflows.
+
+## Good framing
+- Safe and stable AI workflows need reviewable context, provider boundaries, and evidence artifacts.
+- CompText does not replace human review; it preserves a reviewable trail.
+- sparkctl packages the artifact/evidence layer.
+- Provider output is an untrusted proposal until reviewed.
+
+## Avoid
+- automated approval
+- legal review replacement
+- compliance certification
+- production-ready government deployment claims
+- forensic proof
+- live public-sector data processing claims
+
+## Demo object
+Prefer a concrete “SPARK Evidence Packet v1” over vague dashboard features.
+
+Minimum demo story:
+1. Goal: Assess a module/workflow for safe and stable use.
+2. Policy Gate: ALLOW / REVIEW_NEEDED / BLOCK with reasons.
+3. Evidence Packet: preserves goal, context, proposal, review, claim hygiene, and manifest.

.agents/skills/sparkctl-evidence-packet/SKILL.md

@@ -0,0 +1,63 @@
+# Skill: sparkctl Evidence Packet
+
+## Purpose
+Guide `comptext-sparkctl` work toward a SPARK Evidence Packet v1: a deterministic, reviewable artifact package for CompText.
+
+## Use this skill when
+- Working in `ProfRandom92/comptext-sparkctl`.
+- Modifying artifact/package/codec/manifest/roundtrip code.
+- Preparing SPARK Safe & Stable hackathon material.
+
+## Target artifact
+SPARK Evidence Packet v1 should contain, as data fields or manifest sections:
+- `schema_version`
+- `package_id` or `local_id`
+- `goal`
+- `source_summary`
+- `context_pack_ref` or `context_pack_summary`
+- `policy_result`
+- `provider_boundary_status`
+- `untrusted_proposal`
+- `human_review_decision`
+- `claim_hygiene`
+- `artifact_manifest`
+- `canonical_hash` only if computed from canonical JSON
+- `warnings` / `limitations`
+
+## Enums
+Policy Gate result:
+- `ALLOW`
+- `REVIEW_NEEDED`
+- `BLOCK`
+
+Provider Boundary status:
+- `DEMO`
+- `UNAVAILABLE`
+- `AVAILABLE`
+- `BLOCKED_BY_POLICY`
+
+Human Review decision:
+- `PASS`
+- `NOTES`
+- `BLOCKED`
+
+## Rules
+- Goal informs packaging and review criteria.
+- Goal never bypasses Policy Gate.
+- Goal never authorizes auto-apply.
+- Provider output is untrusted until reviewed.
+- Human Review is the approval boundary.
+- Artifacts preserve the evidence trail.
+- Do not fake hashes.
+- If a hash is shown, compute it from canonical JSON.
+
+## Tests to prefer
+- canonical JSON deterministic output
+- SHA-256 stable for known canonical input
+- package roundtrip verify
+- goal included in manifest
+- policy result included
+- provider boundary status included
+- review decision included
+- claim hygiene included
+- SPARK Evidence Packet demo validates

AGENTS.md

@@ -1,15 +1,34 @@
-# Agent Instruction Manual — Antigravity × CompText v7
+# CompText Agent Rules
 
-Welcome, Agent. You are pair programming inside the isolated SPARK Hackathon sandbox.
+This repository is part of CompText.
 
-> [!IMPORTANT]
-> **First Step:** You MUST read [.agent/skills/00_project_system.md](file:///.agent/skills/00_project_system.md) before performing any file reads, writes, edits, or terminal command executions.
+CompText is a deterministic Context Pack / proposal-gated evidence workflow, not a generic AI dashboard, not an agent memory product, and not an autonomous deployment agent.
 
-## Protocol Highlights
+Core line:
+Models are providers. Context is the product.
 
-1. **Read Guidelines First:** Open [.agent/skills/00_project_system.md](file:///.agent/skills/00_project_system.md) and choose the specific specialized skill matching your target task.
-2. **Keep Changes Scoped:** Work only within the allowed write paths for the current approved phase. Never modify existing Python core, benchmarks, reports, or the original repository `README.md`.
-3. **Phase-Gate Compliance:** Follow the `Implementation -> Audit -> Snapshot` loop. Do NOT advance to a new phase without explicit user approval.
-4. **Cargo Restrictions:** You have permission to run `cargo fmt`, `cargo check`, `cargo test`, `cargo clippy`, and `cargo run` inside `agy7rust/` only. Active entry points: `sparkctl` (legacy compatibility checks) and `agy-ct` (production workflow orchestrator writing to untracked `reports/latest.json`).
-5. **No Network or Git Remotes:** Web/network calls, git remote modifications, git fetch, git pull, or git push are strictly forbidden unless explicitly approved.
-6. **Structured Output:** All step results must be reported using the structured phase block format.
+Pipeline:
+Source / GitHub URL → Goal → Inspect → Context Pack → Policy Gate → Provider Boundary → Untrusted Proposal → Human Review → Artifacts
+
+Hard rules:
+- Treat GitHub as read-only unless the human explicitly asks otherwise.
+- Do not push, deploy, create PRs, create issues, or create remote branches.
+- Do not expose secrets.
+- Do not fake hashes.
+- Do not claim production-ready, EU AI Act compliance, legal certification, forensic proof, guaranteed correctness, or autonomous approval.
+- Provider output is untrusted until reviewed.
+- Proposals are never auto-applied.
+- Human review is the approval boundary.
+- Artifacts preserve the evidence trail.
+- Keep changes scoped and reviewable.
+- Do not modify root `README.md` unless the human explicitly approves it.
+- Do not commit `reports/latest.json`.
+- Do not commit `reports/performance_baseline.json` when it is only validation churn.
+- Run cargo commands only inside `agy7rust/` unless the human explicitly approves otherwise.
+
+Before editing:
+1. Read AGENTS.md.
+2. Read `.agents/skills/**/SKILL.md` relevant to the task.
+3. If `.agent/skills/00_project_system.md` exists, read it too.
+4. Build a compact repo map.
+5. Stop for approval if the user asked for plan mode.

agy7rust/src/bin/sparkctl.rs

@@ -22,6 +22,16 @@ enum Commands {
     ContextAll,
     #[command(about = "Run complete end-to-end demo pipeline (compress, build, render, validate)")]
     SparkDemo,
+    #[command(about = "Write a deterministic SPARK Evidence Packet v1 demo envelope")]
+    SparkEvidenceDemo {
+        #[arg(short = 'o', long = "output")]
+        output: String,
+    },
+    #[command(about = "Validate a SPARK Evidence Packet v1 envelope")]
+    SparkEvidenceValidate {
+        #[arg(short = 'i', long = "input")]
+        input: String,
+    },
     #[command(about = "Verify local repository handoff readiness")]
     HandoffCheck,
 }
@@ -42,6 +52,12 @@ fn main() -> Result<()> {
         Commands::SparkDemo => {
             sparkctl::spark_demo::run_spark_demo()?;
         }
+        Commands::SparkEvidenceDemo { output } => {
+            sparkctl::spark_evidence::run_spark_evidence_demo(output)?;
+        }
+        Commands::SparkEvidenceValidate { input } => {
+            sparkctl::spark_evidence::run_spark_evidence_validate(input)?;
+        }
         Commands::HandoffCheck => {
             sparkctl::handoff_check::run_handoff_check()?;
         }