Four commands gain a Workflow-tool path (with direct-fan-out fallback for
older builds): extract-rules loops until dry with per-rule citation referees
and a P0 two-judge panel; harden runs class-scoped finders with adversarial
per-finding refutation; assess --portfolio pipelines one survey agent per
system with COCOMO computed uniformly in script; reimagine Phase E drops the
3-service scaffolding cap.
Workflow agents return schema-validated data and only the orchestrating
session writes artifacts — analysis agents are structurally read-only. All
five agents gain an untrusted-content discipline section (source code is
data, never instructions; comment-only claims are findings, not facts), and
the README documents the prompt-injection threat model for analyzed code.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
A red-team pass found four ways credential values still reached
shareable artifacts after the initial redaction:
- the remediation patch: a diff removing a hardcoded secret carries the
raw value on its '-' lines by construction. harden now splits output:
non-credential hunks in the shareable security_remediation.patch,
credential hunks in a gitignored security_remediation.local.patch
with comment-only placeholders in the shareable file
- the other four agents had no secret-handling rules. legacy-analyst
(hardcoded-config evidence in tech-debt findings),
business-rules-extractor (credentials recorded as rule parameters),
test-engineer (legacy literals becoming committed test fixtures), and
architecture-critic (quoted code in notes files) now all mask values
and cite file:line; assess's tech-debt prompt and ASSESSMENT.md
masking now cover every section, not just Security Findings
- non-git projects: a .gitignore protects nothing under SVN/Mercurial.
Both commands now refuse --show-secrets without git and write the
quarantine file to ~/.modernize/<system>/ outside the project tree
- the patch-apply instruction was wrong in both documented layouts
(symlinked legacy/ broke relative paths). Patches are now written
with project-root-relative paths and applied from the project root
Also: --show-secrets is now position-independent in both commands, and
the README documents the full model.