Why: tier rules forbidding @PRE/@POST on C2 cause agents to either
remove useful documentation or generate audit noise. Both outcomes are
worse than having slightly richer metadata.
Changed:
- Tier table in all 4 agent prompts: removed 'Forbidden' column,
replaced with 'descriptive signal, NOT gatekeeper'
- All tags (@PRE/@POST/@RATIONALE/@REJECTED) welcomed at any tier
- semantics-core: complexity table collapsed to descriptive
- qa-tester: removed tier-based reject rules from P1 and Phase 1
Hard rules preserved: CONTRACT-FIRST, ANCHOR SAFETY, FRACTAL LIMIT,
RESURRECTION BAN. Everything else is descriptive intent.
- Sidebar.svelte: defer healthStore.refresh() until feature flags confirm
health_monitor is enabled; skip entirely when disabled
- health.js: remove throw error from catch block — log and return null
instead, preventing 'Uncaught (in promise)' on expected 404
- test_report_audit_immutability.py: fix mock assertions —
audit_service uses logger.reason/reflect/explore, not logger.info
- HealthStore and Sidebar now produce zero network noise when
FEATURES__HEALTH_MONITOR=false
- Add mask_api_key() and is_masked_or_placeholder() to llm_provider service
- Return masked keys in all provider CRUD endpoints
- Reject masked/placeholder keys in fetch_models and test_provider_config
- Show masked key with Change button in ProviderConfig.svelte edit form
- Exclude masked keys from fetch-models, test, and submit payloads on frontend
- Update semantics-core skill with clarified complexity tier rules
- Switch agent modes from subagent to all