feat(v4): audit two-dimension model — Native Health + dotforge Adoption

.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "dotforge",
-  "version": "3.0.4",
+  "version": "4.0.0",
   "description": "Behavior governance for Claude Code — declarative runtime policies on tool calls (search-first, no-destructive-git, verify-before-done, …) compiled to PreToolUse hooks, plus configuration governance: 18 skills, 7 agents, 16 stacks, audit scoring, practices pipeline.",
   "author": {
     "name": "Luis Eiman",

.claude/rules/domain/native-vs-dotforge-boundary.md

@@ -0,0 +1,48 @@
+---
+globs: docs/v4/*.md, behaviors/*, stacks/*, skills/*, .claude/rules/domain/*.md
+description: Native-first boundary — what dotforge keeps vs cedes to native Claude Code, and the method for deciding
+domain: dotforge-meta
+last_verified: 2026-06-03
+---
+
+# Native vs dotforge Boundary
+
+## Governing principle
+
+If Claude Code resolves it natively, ADOPT the native solution. dotforge only owns
+what natively has no equivalent. Scope shrinks as Claude Code grows — that is correct.
+
+## Method (mandatory before any scope decision)
+
+Verify the CURRENT native state against official docs (code.claude.com/docs,
+anthropics/claude-code) BEFORE classifying. A scope call on stale assumptions is wrong
+by default — this is why `/forge watch` (keeping domain rules current) is the INPUT that
+makes boundary decisions correct, not meta-work. Never cede a capability without
+confirming the native feature actually covers the real case.
+
+## Classification (verified 2026-06-03)
+
+KEEP — no native equivalent:
+- **Domain rules** — curated encyclopedia of CC internals + business domain. Core asset.
+- **Cross-project propagation with merge** — `forge:section` markers + `/forge sync`.
+  Native symlinks/global CLAUDE.md only COPY, never merge per-project customization.
+- **Behaviors v3** — 5-level escalation + session state + auditable override.
+  `hookify` is a binary warn/block wrapper; no native behavior-governance spec exists.
+  KEEP pending validation that production projects actually consult `overrides.log`.
+- **Registry + audit cross-project** — REORIENT: audit must measure good use of NATIVE
+  features (auto-memory active, sandbox set, deny rules present, /init run), not presence
+  of dotforge machinery.
+
+CEDE — native covers it:
+- Individual learning capture → native auto-memory (per-project, `~/.claude/projects/<p>/memory/`)
+- Identical shared rules (no merge needed) → native symlinks in `.claude/rules/` + global CLAUDE.md
+- Workflows / orchestration → `/workflows`, Agent Teams, `/deep-research` (already ceded v4)
+- Base CLAUDE.md generation → `/init`
+- One-shot code review → `/code-review --comment/--fix`
+- Model routing as a system → `/effort` (keep only as documentation)
+
+## Anti-pattern
+
+Building atop native internals that may change (compiled hooks depend on the hook API
+shape). Every breaking upstream change forces a re-tune. Keep the native-dependent
+surface minimal and validate delta demand before expanding it.

.github/workflows/audit.yml

@@ -1,5 +1,10 @@
 name: dotforge audit score
 
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+
 on:
   pull_request:
     branches: [main]
@@ -43,29 +48,45 @@ jobs:
         with:
           script: |
             const result = JSON.parse(process.env.AUDIT_RESULT);
-            const score  = result.score;
+            const score  = result.native_health ?? result.score;
             const level  = result.level;
+            const adoption = result.forge_adoption ?? 0;
+            const adoptionLabel = result.adoption_label ?? 'None';
             const cap    = result.security_cap ? '\n> ⚠️ **Security cap applied** — settings.json or block-destructive missing.' : '';
 
             const emoji = score >= 9 ? '🟢' : score >= 7 ? '🟡' : score >= 5 ? '🟠' : '🔴';
 
-            const itemRows = Object.entries(result.items).map(([key, v]) => {
+            const itemRows = Object.entries(result.native_health_items).map(([key, v]) => {
               const num  = key.split('_')[0];
               const name = key.split('_').slice(1).join('_');
               const icon = v.score === 0 ? '❌' : v.score === 1 ? '⚠️' : '✅';
               return `| ${num} | ${name} | ${icon} ${v.score} | ${v.note} |`;
             }).join('\n');
 
+            const adoptionRows = Object.entries(result.adoption_items || {}).map(([key, v]) => {
+              const num  = key.split('_')[0];
+              const name = key.split('_').slice(1).join('_');
+              const icon = v.score === 0 ? '—' : '✅';
+              return `| ${num} | ${name} | ${icon} ${v.score} | ${v.note} |`;
+            }).join('\n');
+
             const body = [
-              `## ${emoji} dotforge Audit Score: **${score}/10** (${level})${cap}`,
+              `## ${emoji} dotforge Native Health: **${score}/10** (${level})${cap}`,
+              `dotforge Adoption: **${adoption}/5** (${adoptionLabel}) — _informational, does not affect Native Health_`,
               '',
-              `| Obligatorio | ${result.score_obligatorio}/10 | Recomendado | ${result.score_recomendado}/7 |`,
+              `| Obligatorio | ${result.score_obligatorio}/10 | Recomendado | ${result.score_recomendado}/10 |`,
               '|---|---|---|---|',
               '',
+              '### Dimension A — Native Health',
               '| # | Item | Score | Note |',
               '|---|---|---|---|',
               itemRows,
               '',
+              '### Dimension B — dotforge Adoption (informational)',
+              '| # | Item | Score | Note |',
+              '|---|---|---|---|',
+              adoptionRows,
+              '',
               '_Score computed by `audit/score.sh` — mechanical checks only. Run `/forge audit` for full semantic evaluation._',
             ].join('\n');
 

CLAUDE.md

@@ -73,7 +73,7 @@ Seven subagent definitions in `agents/`: researcher (read-only exploration), arc
 
 ### Audit System
 
-`audit/checklist.md` defines 15 items (5 obligatory scored 0-2, 10 recommended scored 0-1). `audit/scoring.md` normalizes to a 10-point scale. Security-critical items (settings.json, block-destructive hook) cap the score at 6.0 if missing. Registry in `registry/projects.yml` tracks scores across managed projects.
+Two-dimension model (v4.x). **Dimension A — Native Health** (`score`, 0-10): 5 obligatory items (0-2) + 10 recommended (0-1), normalized as `obligatory*0.7 + recommended*0.3`. Security-critical items (settings.json, block-destructive hook) cap it at 6.0 if missing. Measures good use of native Claude Code (auto-memory as index, permission cascade, attribution, sandbox, deny rules). **Dimension B — dotforge Adoption** (`forge_adoption`, 0-5): behaviors/workflows/override-loop/domain-rules/sync-recency. **Informational — does NOT affect Native Health.** A native-first project scoring B=0 with A=10 is a desirable outcome (see `.claude/rules/domain/native-vs-dotforge-boundary.md`). `audit/checklist.md` + `audit/scoring.md` are the source of truth; registry in `registry/projects.yml` tracks both across managed projects.
 
 ### Integrations
 

README.md

@@ -39,7 +39,7 @@ For people and teams managing more than one Claude Code project.
 - **`scripts/process-override-log.sh`** — bash script that processes `.forge/audit/overrides.log` and auto-creates `practices/inbox/auto-override-*.md` for behaviors overridden ≥3 times in 30 days. Idempotent. 10/10 tests green. Cost: 0 LLM calls, pure bash.
 - **`session-start-process-overrides.sh`** wired in `SessionStart` (template + self-hosting) — auto-captures frequent overrides as practices on every session start.
 - **`scripts/migrate-v3-to-v4.sh`** — safe migration script with mandatory `--dry-run`, atomic backup, `--rollback`. See [`docs/v4/MIGRATION-V3-TO-V4.md`](docs/v4/MIGRATION-V3-TO-V4.md).
-- **Audit checklist items 16-17** — workflow availability + override loop active. Score impact: v3-perfect projects report ~9.5/10 v4 until migrated.
+- **Audit two-dimension model** — **Native Health** (0-10: native Claude Code usage + security) + **dotforge Adoption** (0-5: informational, does not affect the score). Behaviors / workflows / override-loop moved to the non-penalizing Adoption dimension — native-first projects no longer lose points for skipping dotforge machinery. New Native-Health items: auto-memory hygiene, permission cascade, attribution.
 - **`domain/workflow-economics.md`** (new domain rule) — documents v4 PoC cost-quality findings. Decision matrix: when workflow vs skill. Token economy principles. **TL;DR: workflows are 4-25x more expensive than bash skills for recurring work — use only as on-demand escalation, not as default refactor.**
 - **`workflows/watch.js`** ships as REFERENCE implementation, NOT promoted to `/forge watch` default. The bash skill remains the production tool.
 
@@ -213,7 +213,7 @@ dotforge/
 ├── mcp/            # MCP server templates (github, postgres, supabase, redis, slack)
 ├── behaviors/      # v3 declarative policies (index.yaml + one dir per behavior)
 ├── scripts/        # v3 runtime, compiler, and /forge behavior CLI
-├── audit/          # Checklist (15 items) + scoring normalized to 10
+├── audit/          # Native Health (15 items, 0-10) + dotforge Adoption (5 items, informational)
 ├── practices/      # Pipeline: inbox → evaluating → active → deprecated
 ├── global/         # Global ~/.claude/ management (CLAUDE.md, settings, sync.sh)
 ├── registry/       # Project tracking with scores and history