Harden git commit calls
Two fixes on the same files. First: git commit messages are constructed via template literals and passed through the shell — user-controlled text in `--reason` can break commits or theoretically execute code. Replace all 5 `execSync` git commit calls with `spawnSync` so message content is never shell-interpreted. Second: the `work complete` output has a nudge block that re-reads the entire proof_chain.json to decide whether to show a recommendation. The nudge is the wrong design — it's a one-shot discoverability hack with an arbitrary threshold, not a data-driven signal. Remove it entirely and replace the chain output line with a cleaner format that includes the per-run finding delta.
Pipeline timeline
Intent to proven code in 39m across Think, Plan, Build, and Verify.
Assertion ledger
15 claims, each independently verified. Showing 8 — show all →
| ID | Says | Matcher | |
|---|---|---|---|
| A001 | Proof close commits use safe argument passing instead of shell interpolation | verified | ok |
| A002 | Artifact save commits use safe argument passing instead of shell interpolation | verified | ok |
| A003 | Work complete commits use safe argument passing instead of shell interpolation | verified | ok |
| A004 | Commit messages with special characters and newlines produce correct git commits | verified | ok |
| A005 | Failed commits still show error messages and exit the process | verified | ok |
| A006 | Proof chain stats include the count of new findings from the latest run | verified | ok |
| A007 | New findings count comes from the current entry's findings | verified | ok |
| A008 | Completion output shows satisfied count without the word covered | verified | ok |