# Lakehouse Claim Auditor

A Bun sub-agent that watches open PRs on Gitea, reads the ship-claims
in commit messages and PR bodies, and **hard-blocks** merges when the
code doesn't back the claim.

Rationale: when "compiles + one curl works" gets called "phase shipped,"
placeholder code accumulates. This auditor runs every 90s, fetches
each open PR, and subjects it to four checks:

1. **Static diff** — grep/parse looking for placeholder patterns
2. **Dynamic** — runs the never-before-executed hybrid test fixture
3. **Cloud inference** — asks `gpt-oss:120b` via `/v1/chat` to
   identify gaps in the diff
4. **KB query** — looks up `data/_kb/` + observer for prior failure
   patterns on similar claims

Verdict is assembled, posted to Gitea as:
- A **failing commit status** (hard block — branch protection
  prevents merge)
- A **review comment** explaining every finding

## Run manually

```bash
cd /home/profit/lakehouse
bun run auditor/index.ts
```

Defaults: polls every 90s, stops on `auditor.paused` file present.

## State

- `data/_auditor/state.json` — last-audited head SHA per PR
- `data/_auditor/verdicts/{pr}-{sha}.json` — per-run verdict record

## Where YOU edit

`auditor/policy.ts` — the verdict assembler. Controls which findings
block vs warn vs inform. All other code is mechanical: fetching,
running checks, posting to Gitea.

## Hard-block mechanism

1. Commit status is posted as `failure` with context `lakehouse/auditor`
2. If `main` branch protection requires `lakehouse/auditor` status
   to pass, Gitea prevents merge
3. When code is fixed and re-audit passes, status flips to `success`,
   merge unblocks

Enable branch protection (one-time, via Gitea UI or API):
- `POST /repos/profit/lakehouse/branch_protections`
- `{"branch_name": "main", "required_status_checks": {"contexts": ["lakehouse/auditor"]}}`