Structural, behavioral, and orchestration validation fixtures for the ControlFlow multi-agent system. These scenarios verify schema compliance, agent contracts, and orchestration behavior without executing live agents.
- Schema compliance for agent output contracts.
- Consistency under repeated runs.
- Robustness under paraphrases and naming drift.
- Predictability via correct
ABSTAINbehavior. - Safety via mandatory human approval gates for high-risk actions.
- Failure taxonomy routing (
transient,fixable,needs_replan,escalate). model_unavailablerouting throughretry_budgets.model_unavailable_max.- Wave-based execution ordering and batch approval: one approval per ordinary wave, with per-phase approval for destructive/high-risk or FAILED/BLOCKED phases.
- Agent-specific contracts (PlatformEngineer rollback, BrowserTester health-first and harness-based execution, TechnicalWriter parity).
- Clarification triggering via
askQuestionsfor enumerated ambiguity classes. - Tool routing compliance (MCP usage when third-party docs are needed).
NEEDS_INPUTrouting from subagents through Orchestrator to user viaaskQuestions.- Semantic risk coverage — Planner
risk_reviewarray contains all 7 categories exactly once in every plan output. - Adversarial plan review — PlanAuditor, AssumptionVerifier, and ExecutabilityVerifier contracts.
- CodeReviewer final-review novelty filtering via injected
prior_phase_findings[], not self-sourcedplans/artifacts/reads. - Complexity-aware pipeline routing (TRIVIAL / SMALL / MEDIUM / LARGE).
- Prompt behavior contract — behavioral invariant regression across Planner, Researcher, CodeMapper, CoreImplementer, CodeReviewer, TechnicalWriter, AssumptionVerifier, PlanAuditor, and shared policy.
- Orchestration handoff discipline — PLAN_REVIEW gating, delegation routing, escalation thresholds.
- Runtime-policy enum hardening for batch approval and final-review tiers.
- F7 complexity tier validation for Planner scenarios.
- F8 reference integrity scanning for core documentation paths.
- Plan artifact lifecycle vocabulary:
persisted_artifact,revision_mode: in_place_update,new_artifact_supersession_requires_revision_of, and Planner replan payload metadata assertions. - Independent read-only edit-tool denylist enforcement for review, discovery, research, and verification-only agents.
- Cursor Project Rule validation for
.cursor/rules/**/*.mdcfrontmatter bounds, activation metadata, line budget, and configured canonical references. - Cursor plugin validation for
.cursor/skills/**/SKILL.mdand.cursor/agents/*.mdperevals/scenarios/cursor-plugin/contracts.
High-level grouping (see full ### Passes table below for all intermediate sub-passes):
- Pass 1: Schema ingestion and compilation with Ajv 2020-12 using
strict: falseandallErrors: true. - Pass 2:
scenarios/structural hydration and mapping (includes Pass 3a, 3b, 3c, 3d, 4b). - Pass 3: Cross-scenario structural regression testing.
- Pass 3e: Cursor Project Rule validation for
.mdcrule metadata and canonical references. - Pass 3f: Cursor plugin validation for project skills and subagents.
- Pass 4: P.A.R.T section-order enforcement and (Pass 4b) clarification-trigger and tool-routing rule checks.
- Pass 5: Skill library registration and path resolution.
- Pass 6: Synthetic rename negative-path checks against
governance/rename-allowlist.json. - Pass 7/7b/7c: Memory architecture, memory discipline, and tutorial parity checks.
- Pass 8-14: Drift, governance, final-review coupling, and canonical source matrix checks.
- Separate harnesses in
npm test: prompt behavior, orchestration handoff, drift detection, NOTES.md drift, archive script, and fingerprint regression checks.
Run npm test to see the current total.
- Hydrate each scenario fixture and verify its referenced agent and schema contract.
- Validate fixture payloads, expected fields, and negative cases against matching schemas in
schemas/. - Check structural and behavioral invariants through deterministic local harnesses.
- Record drift in gate-event expectations, abstention decisions, and cross-file contracts.
persisted_artifactmeans Planner saved a markdown plan artifact before chat handoff. The saved artifact may be a new file or the supplied active path for an in-place update.revision_mode: in_place_updatemeans Orchestrator suppliesactive_plan_path,trace_id, review-loopiteration_index, andrevision_reason; Planner persists changes to that sameplan_path.new_artifact_supersession_requires_revision_ofmeans a new superseding plan artifact must setrevision_ofto the priorexisting_plan_path.planner_replan_payload_trace_id_requiredmeans Planner replan/update dispatches require payload-leveltrace_idfor cross-agent correlation.planner_replan_payload_iteration_index_requiredmeans Planner PLAN_REVIEW replan/update dispatches require review-loopiteration_indexas payload data.
Base Planner delegation payloads keep compatibility with initial-create and legacy bare dispatch fixtures: revision_mode and trace_id are not required unconditionally. Conditional enforcement applies to in_place_update and new_artifact_supersession payloads.
scenarios/consistency-repeatability.jsonscenarios/robustness-paraphrase.jsonscenarios/predictability-abstain.jsonscenarios/safety-approval-gate.jsonscenarios/planner-schema-output.jsonscenarios/orchestrator-phase-verification.json
scenarios/core-implementer-contract.json— CoreImplementer execution contractscenarios/ui-implementer-contract.json— UIImplementer execution contractscenarios/platform-engineer-contract.json— PlatformEngineer execution contractscenarios/technical-writer-contract.json— TechnicalWriter execution contractscenarios/browser-tester-contract.json— BrowserTester execution contractscenarios/executability-verifier-contract.json— ExecutabilityVerifier execution contractscenarios/assumption-verifier-contract.json— AssumptionVerifier execution contractscenarios/code-reviewer-contract.json— CodeReviewer verdict contractscenarios/code-mapper-contract.json— CodeMapper discovery contractscenarios/implementer-role-differentiation.json— Implementer role uniqueness guard
scenarios/wave-execution.jsonscenarios/failure-retry.jsonscenarios/orchestrator-todo-orchestration.jsonscenarios/orchestrator-phase-executor-routing.jsonscenarios/orchestrator-retry-backoff.jsonscenarios/complexity-gate-routing.jsonscenarios/orchestrator-high-risk-review-override.json— HIGH-impact risk_review override routingscenarios/orchestrator-state-runtime-consistency.json— State machine vs runtime-policy tier alignment
scenarios/clarification-askquestions.jsonscenarios/clarification-schema-fragment.jsonscenarios/skills-mcp-routing.jsonscenarios/agent-triggering-quality.jsonscenarios/needs-input-routing.jsonscenarios/planner-ambiguity-plus-schema.json
scenarios/plan-auditor-contract.json— PlanAuditor contractscenarios/plan-auditor-adversarial-detection.json— PlanAuditor defect detectionscenarios/plan-auditor-replan-loop.json— PlanAuditor revision iterationscenarios/orchestrator-plan-auditor-integration.json— Orchestrator ↔ PlanAuditor integrationscenarios/assumption-verifier-contract.json— AssumptionVerifier contractscenarios/assumption-verifier-mirage-detection.json— AssumptionVerifier mirage detectionscenarios/executability-verifier-contract.json— ExecutabilityVerifier contractscenarios/executability-verifier-executability.json— ExecutabilityVerifier walkthroughscenarios/iterative-review-convergence.json— Review loop convergence
scenarios/planner-large-data-risk-discovery.json— Semantic risk discoveryscenarios/planner-mermaid-output.json— Mermaid diagram generationscenarios/planner-idea-interview-trigger.json— Idea interview activationscenarios/planner-idea-interview-bypass.json— Idea interview bypassscenarios/behavioral-plan-quality.json— Plan quality behavioral checksscenarios/planner-terminal-status-artifacts.json— ABSTAIN and REPLAN_REQUIRED artifact creationscenarios/planner-complexity-classification.json— Complexity tier classification (TRIVIAL/SMALL/MEDIUM/LARGE)scenarios/planner-orchestrator-handoff.json— Planner→Orchestrator plan handoff disciplinescenarios/planner-reviewed-flow-routing.json— Handoff plan enters PLAN_REVIEW gate
tests/prompt-behavior-contract.test.mjs— Planner, Researcher, CodeMapper, CoreImplementer, CodeReviewer, BrowserTester, TechnicalWriter, AssumptionVerifier, PlanAuditor, ExecutabilityVerifier, and shared policy behavioral invariants.tests/orchestration-handoff-contract.test.mjs— Orchestrator PLAN_REVIEW gating, delegation routing, failure handling, phase verification, batch approval, and final-review payload discipline.tests/drift-detection.test.mjs,tests/notes-md-drift.test.mjs,tests/archive-script.test.mjs, andtests/fingerprint.test.mjs— drift helper, NOTES.md, archive, and fingerprint regressions.
The validate.mjs harness runs structural checks against schemas, agent prompts, and eval fixtures. It compiles schemas with Ajv 2020-12 using strict: false and allErrors: true. It includes stronger structural scenario-integrity checks to detect prompt masking and schema collisions, while still running completely offline without executing live agents.
cd evals
npm installnpm test| Pass | What it checks |
|---|---|
| 1 — Schema Validity | All schemas/*.schema.json compile under Ajv JSON Schema 2020-12 with strict: false; validates live runtime policy plus runtime-policy, Planner risk_review, AssumptionVerifier, and ExecutabilityVerifier fixtures. |
| 2 — Scenario Integrity | All evals/scenarios/*.json have the required identity fields and point to real agent files. Planner scenarios must assert risk_review_present: true and complexity_tier_present: true. Planner terminal-status scenarios (ABSTAIN / REPLAN_REQUIRED) must assert persisted_artifact: true. |
| 3 — Reference Integrity | All backtick schema/doc references inside *.agent.md resolve to existing files. |
| 3a — F7/F8 Enforcement | F7: all Planner scenarios assert complexity_tier_present explicitly on every input (no vacuous pass). F8: internal markdown links and backtick code references in README.md and docs/agent-engineering/*.md resolve to files under the known top-level directories. |
| 3b — Required Artifacts | Shared repo-local dependencies like .github/copilot-instructions.md, plans/project-context.md, and governance docs exist. |
| 3c — Tool Grant Consistency | Every agent frontmatter tools: list matches the repository's canonical least-privilege tool set. |
| 3c.1 — Read-Only Edit-Tool Denylist | PlanAuditor, AssumptionVerifier, ExecutabilityVerifier, CodeMapper, Researcher, and CodeReviewer must not gain edit, edit/createFile, edit/editFiles, or any other edit/ tool in frontmatter or governance/tool-grants.json, even if both surfaces drift consistently. |
| 3d — Agent Grant Consistency | Every agent frontmatter agents: list matches governance/agent-grants.json. |
| 3e — Cursor Rule Validation | Every .cursor/rules/**/*.mdc file starts with line-1 ---, has a later closing ---, includes at least one of alwaysApply, description, or globs, stays within the 500-line budget, and satisfies configured canonical-reference checks from evals/scenarios/cursor-rules/cursor-rules-contract.json. |
| 3f — Cursor Plugin Validation | Every configured .cursor/skills/**/SKILL.md and .cursor/agents/*.md entry in evals/scenarios/cursor-plugin/ has valid frontmatter (name, description), line budgets, and expected readonly flags for audit/research agents. |
| 4 — P.A.R.T Section Order | Every *.agent.md preserves ## Prompt → ## Archive → ## Resources → ## Tools ordering. |
| 4b — Clarification Triggers & Tool Routing | Every agent either has a ### Clarification section, delegates via NEEDS_INPUT, or is an ABSTAIN-only role (§5). Agents with external tools must have a ### Tool Routing section (§6). |
| 5 — Skill Library | Every file in skills/patterns/ is registered in skills/index.md and every index entry resolves to a real file. |
| 6 — Synthetic Rename Negative-Path Checks | Structural guard checks: stale target_agent, stale expected.schema, and stale nested agent references are correctly rejected. |
| 7 — Memory Architecture References | Required memory docs/templates exist; NOTES.md remains within budget and passes style anti-pattern checks. |
| 7b — Memory Discipline Contracts | Runtime memory taxonomy, session-notes template sections, and repo-memory hygiene checklist anchors are present. |
| 7c — Tutorial Parity | Tutorial parity allowlist is installed and, when active, validates in-scope EN/RU chapter heading alignment. |
| 8-10 — Drift Detection | Roster/schema alignment, agent resource schema references, and cross-plan file-overlap coordination checks. |
| 12 — Governance Policy Assertions | Runtime policy invariants for tool-output spill, session telemetry, model-routing hints, compaction, memory promotion order, and CodeReviewer security mode. |
| 13 — Final Review Coupling | review_scope=final coupling between CodeReviewer prompt behavior and schema fields, including injected context expectations. |
| 14 — Canonical Source Matrix | Ensures plans/project-context.md keeps the Canonical Source Matrix heading. |
| 15 — Tool Labels / Pattern Budget / Doc Counts / Generation Parity | Runs the existing live-tree drift checks for registry tool-count labels, skill-pattern line budgets, allowlisted documentation totals, and no-delta Codex generation parity. |
| 16 — Selective Plugin-Core Portability | Validates core-portability-matrix.json: unique invariant IDs, allowed dispositions, evidence paths, and declared semantic anchors without requiring byte parity with core prose. |
| Harness | What it checks |
|---|---|
tests/prompt-behavior-contract.test.mjs |
Behavioral invariants across Planner, Researcher, CodeMapper, CoreImplementer, CodeReviewer, BrowserTester, TechnicalWriter, AssumptionVerifier, PlanAuditor, ExecutabilityVerifier, and shared policy. |
tests/orchestration-handoff-contract.test.mjs |
Orchestrator PLAN_REVIEW gating, complexity-aware routing, review loop convergence, failure classification routing, phase verification, todo lifecycle, trace propagation, batch approval, and final-review payload discipline. |
tests/drift-detection.test.mjs |
Negative-path coverage for drift-check helper functions and runtime-policy schema enforcement. |
tests/notes-md-drift.test.mjs |
NOTES.md style anti-pattern detection. |
tests/archive-script.test.mjs |
Task-episodic archive script behavior against isolated fixture trees. |
tests/fingerprint.test.mjs |
Structural fingerprint invalidation for nested scenario fixtures. |
tests/cursor-rules.test.mjs |
Cursor .mdc parser regressions for valid frontmatter, missing closing delimiters, and missing activation metadata. |
tests/report-health.test.mjs |
Operator health report helpers and smoke generation against isolated fixture trees. |
tests/capability-matrix.test.mjs |
Capability-matrix reconciliation of tool grants, agent frontmatter, and project context. |
tests/skill-discoverability.test.mjs |
Protects skill metadata discoverability and ensures skills remain accurately referenced. |
npm run health runs report-health.mjs, an offline read-only CLI that prints a concise project status report covering:
- the canonical validation command (
cd evals && npm test) - current
git status --porcelaingrouped by repository surface (agents, schemas, governance, evals, docs, skills, plans/artifacts, plans, other) NOTES.mdactive objective, blockers, pending lines, and line count- plan files grouped by
**Status:**value plus a count of plan files without an explicit status - session outcome hygiene metrics against the latest
plans/session-outcomes.mdentry - traceability index coverage, confirming behavior of the pattern rooted at
plans/templates/traceability-index-template.yaml(with sample atplans/artifacts/repo-health-traceability/traceability-index.yaml) - artifact directory count plus a warning when the active-objective plan slug has no matching
plans/artifacts/<slug>directory
The CLI uses Node stdlib only, performs no network calls, executes no live agents, and writes nothing.
npm run capability-matrix executes evals/capability-matrix.mjs, a CLI tool that reconciles tool grants, agent frontmatter, and project context (plans/project-context.md), surfacing structural drift flags if they fall out of sync. This behavior is protected by evals/tests/capability-matrix.test.mjs.
Skill discoverability is safeguarded by evals/tests/skill-discoverability.test.mjs, which protects the path resolution and indexing that allow Planner and Orchestrator to route skills correctly.
When authoring plans, a strict format rule applies: in Files: bullets, backtick only the actual create/modify/move target paths. Pass 10 explicitly parses these backticked paths to compute file-overlap risk.
To coordinate overlaps securely, the orchestrator relies on cross-plan overlap anchor-map artifacts generated during Phase 0 (e.g., plans/artifacts/repo-health-traceability/cross-plan-overlap-anchor-map.yaml and plans/artifacts/runtime-model-resolver/cross-plan-overlap-anchor-map.yaml). These maps enforce a strict coordination-only scope, documenting overlapping areas without inadvertently authorizing capability or tool executions.
0— all checks passed.1— one or more checks failed.
validate.mjs maintains a success-only warm cache at evals/.cache/validate-cache.json. On a cold run that passes all structural checks the harness writes an aggregate fingerprint to the cache file. On a subsequent run it computes the same fingerprint and, if it matches, exits immediately with ✅ without re-executing any pass.
What the fingerprint covers (conservative invalidation): Both harness files (drift-checks.mjs and validate.mjs), evals/package.json, evals/package-lock.json, all schemas/*.schema.json, all evals/scenarios/*.json, all *.agent.md root files, the required governance and artifact files consumed by the harness (.github/copilot-instructions.md, plans/project-context.md, docs/agent-engineering/ policy files, governance/*.json), and skills/index.md plus all skills/patterns/*.md files. The fingerprint also recursively covers nested scenario directories including runtime-policy, tutorial-parity, planner, assumption-verifier, and executability-verifier so that fixture changes correctly invalidate the warm cache.
Note: computeStructuralFingerprint is exported from evals/drift-checks.mjs (not validate.mjs) so that tests/fingerprint.test.mjs can import and exercise it without triggering validate.mjs side effects (all-pass execution + process.exit calls).
The tutorial-parity check (Pass 7c) is driven by evals/scenarios/tutorial-parity/allowlist.json. The allowlist supports an optional _chapters_in_scope field (array of .md basenames). When set, only those chapter pairs are validated; all other chapter pairs are skipped. This enables incremental activation — start with one chapter, then extend the array as additional chapters are translated and aliased.
Example:
{ "_chapters_in_scope": ["14-evals.md"] }The heading_aliases dict maps EN heading text → RU heading text. A RU-only heading is acceptable if it equals the alias of a corresponding EN heading. Heading entries are positionally aligned (16 H2 headings → 16 alias entries for chapter 14).
Cache safety rules:
- Only successful (all-pass) runs are cached. A failing run never writes to the cache.
- Any cache read, parse, or write failure falls back silently to a full cold run.
- Touching any file in the fingerprint set invalidates the cache on the next run.
Timing guidance: Measure node validate.mjs cold then immediately warm to observe the structural cache benefit. Use npm test only as a non-regression gate — it also runs behavioral, orchestration-handoff, drift, NOTES.md, archive, and fingerprint suites, which are not cached and carry additional overhead beyond the structural passes.
The cache file is excluded from version control via .gitignore.
- The harness validates structural consistency, not live model behavior.
- It does not prove that an agent uses every granted tool correctly at runtime.
- It does not execute Copilot agents or assert semantic quality of freeform prose.