Audit JSON Severity Summary
`ana proof audit --json` returns active findings grouped by file but no severity or action summary. The terminal output shows `1 risk · 22 debt · 43 observation` — the JSON response doesn't. Learn keeps pulling severity counts from health's meta block (which includes closed/lesson findings) because audit JSON doesn't provide them. This produces wrong numbers in Learn's state summary. Same bug in 3 consecutive Learn sessions despite the template explicitly saying "use audit, not meta."
verdict PASSscore 18 / 18findings 5 (0 risk · 2 debt · 3 obs)duration 3h 7mrejection cycles 0shipped May 2, 2026surface cli
Pipeline timeline
Intent to proven code in 3h 7m across Think, Plan, Build, and Verify.
Think172m
Plan172m
Build10m
Verify5m
Assertion ledger
18 claims, each independently verified. Showing 8 — show all →
| ID | Says | Matcher | |
|---|---|---|---|
| A001 | Audit JSON includes a severity breakdown of active findings | verified | ok |
| A002 | Severity breakdown has the correct count for each level | verified | ok |
| A003 | Severity breakdown counts debt findings separately | verified | ok |
| A004 | Severity breakdown counts observation findings | verified | ok |
| A005 | Audit JSON includes an action breakdown of active findings | verified | ok |
| A006 | Action breakdown counts each suggested action correctly | verified | ok |
| A007 | Action breakdown counts monitor actions | verified | ok |
| A008 | Severity counts come from active findings only, not the full chain | verified | ok |
Findings 5 total
obspackages/cli/src/commands/proof.ts→ closed
Unknown severity/action values silently dropped from fixed-key objects — by_severity sum can be less than total_active
debtpackages/cli/tests/commands/proof.test.ts→ closed
A008 active-only test uses fixture with only active findings — no closed finding to prove exclusion
obspackages/cli/tests/commands/proof.test.ts→ closed
A013 meta block test uses toBeDefined() — verifies existence not value preservation
debtpackages/cli/tests/commands/proof.test.ts→ scope
5-finding fixture manually duplicated three times across test blocks instead of shared constant
obs→ closed
createAuditChain helper still never generates 'debt' severity — still present from Finding Enrichment Schema cycle
Integrity seal
scopesha256:06b74a7f05119...
contractsha256:c0bca7741c988...
plansha256:946904806311e...
specsha256:5a88546474924...
build-reportsha256:3c0311f2bf8b8...
build-datasha256:8d99c89720f87...
verify-reportsha256:58f23b6bf83fe...
verify-datasha256:238737f126945...
audit cmd$ ana proof audit audit-json-severity-summary → all hashes match