/spec Phase 4.5 rewrite:
- Phase 4.5a: in-conversation semantic content review (named-criticism,
customer complaints, unannounced strategy, NDA, codename bleed). Injection-
hardened (a body containing the SEMANTIC_REVIEW marker forces flagged).
Content-free audit trail to ~/.gstack/security/semantic-reviews.jsonl.
- Phase 4.5b: replaces the inline 7-regex prose with the shared gstack-redact
scan-at-sink (exact-byte temp file). Three enforcement points: pre-codex,
pre-issue (files via --body-file from the scanned file), pre-archive (D2:
sanitized body to the archive). --no-gate skips codex score only; redaction
always runs, no flag disables it.
/cso: renders the full generated taxonomy table as its canonical pattern catalog
(shared source), keeps its git-history archaeology (different use case).
lib/redact-audit-log.ts: 0600 append-only semantic-review trail (no body text).
Resolver gains compact-table + brief-block variants so /spec references the
catalog instead of inlining it (stays under the v1.47 size budget).
Tests: extended spec invariants (semantic pass, scan-at-sink, no-promotion),
audit-log, cso/spec alignment. All green; spec 1.050× / cso 1.046× baseline.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
scripts/resolvers/redact-doc.ts emits two placeholders, both derived from
lib/redact-patterns so skill docs never drift from the engine:
- {{REDACT_TAXONOMY_TABLE}} — 3-tier table for /spec + /cso (shared source).
- {{REDACT_INVOCATION_BLOCK:<sink>}} — the canonical scan-at-sink bash + prose
for one enforcement point (pre-codex/pre-issue/pre-archive/pre-pr-body/
pre-pr-title/pre-commit): which-bun probe, visibility resolution (local config
→ gh → glab → unknown), temp-file scan-at-sink, exit 3/2/0 branches, PII
auto-redact offer, guardrail-not-enforcement framing.
Registered in index.ts. 12 resolver tests. No SKILL.md churn yet (no template
references the placeholders until the per-skill wiring commits).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Garry Tan