From a9c62adf22d8b5befdb9497ad53d81963533bea2 Mon Sep 17 00:00:00 2001
From: Jeremy <jeremy@fluxlabs.net>
Date: Tue, 7 Apr 2026 13:50:49 -0500
Subject: [PATCH] fix(gsd): address remaining adversarial review findings for
 wave 3

1. hasImplementationArtifacts "unknown" now blocks completion instead of
   warn-and-proceed. Both auto-dispatch.ts and auto-recovery.ts updated
   to treat "unknown" as a stop condition, preventing milestone completion
   when git status cannot be verified.

2. Audit log SAFE_KEYS allowlist expanded to include "id", "error", and
   "count" fields. SPLIT BRAIN logError entries now persist the entity ID
   and rollback error details to audit-log.jsonl for triage/repair.
---
 src/resources/extensions/gsd/auto-dispatch.ts   | 6 +++++-
 src/resources/extensions/gsd/auto-recovery.ts   | 3 ++-
 src/resources/extensions/gsd/workflow-logger.ts | 2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/resources/extensions/gsd/auto-dispatch.ts b/src/resources/extensions/gsd/auto-dispatch.ts
index d848888f3..d09fccebb 100644
--- a/src/resources/extensions/gsd/auto-dispatch.ts
+++ b/src/resources/extensions/gsd/auto-dispatch.ts
@@ -776,7 +776,11 @@ export const DISPATCH_RULES: DispatchRule[] = [
         };
       }
       if (artifactCheck === "unknown") {
-        logWarning("dispatch", `Implementation artifact check inconclusive for ${mid} — proceeding with caution`);
+        return {
+          action: "stop",
+          reason: `Cannot verify implementation artifacts for milestone ${mid}: git check was inconclusive. Resolve git issues and retry.`,
+          level: "error",
+        };
       }
 
       // Verification class compliance: if operational verification was planned,
diff --git a/src/resources/extensions/gsd/auto-recovery.ts b/src/resources/extensions/gsd/auto-recovery.ts
index eec761bf0..d5cf6f040 100644
--- a/src/resources/extensions/gsd/auto-recovery.ts
+++ b/src/resources/extensions/gsd/auto-recovery.ts
@@ -393,7 +393,8 @@ export function verifyExpectedArtifact(
   // A milestone with only .gsd/ plan files and zero implementation code is
   // not genuinely complete — the LLM wrote plan files but skipped actual work.
   if (unitType === "complete-milestone") {
-    if (hasImplementationArtifacts(base) === "absent") return false;
+    const artifactResult = hasImplementationArtifacts(base);
+    if (artifactResult === "absent" || artifactResult === "unknown") return false;
   }
 
   return true;
diff --git a/src/resources/extensions/gsd/workflow-logger.ts b/src/resources/extensions/gsd/workflow-logger.ts
index 77960f7ca..e4d62b39b 100644
--- a/src/resources/extensions/gsd/workflow-logger.ts
+++ b/src/resources/extensions/gsd/workflow-logger.ts
@@ -295,7 +295,7 @@ function _sanitizeForAudit(entry: LogEntry): LogEntry {
   };
   if (entry.context) {
     // Allowlist: only persist known-safe structured keys
-    const SAFE_KEYS = new Set(["fn", "tool", "mid", "sid", "tid", "worktree"]);
+    const SAFE_KEYS = new Set(["fn", "tool", "mid", "sid", "tid", "worktree", "id", "error", "count"]);
     const filtered: Record<string, string> = {};
     for (const [k, v] of Object.entries(entry.context)) {
       if (SAFE_KEYS.has(k)) {