← Back to docs

// Trust model

Shipped vs generated artifacts

The release ships tools, docs, templates, and static baselines. Runtime artifacts are generated inside the consumer repository.

// boundary

What ships

The release package ships reusable tooling, agent integration templates, docs, schemas, validator scripts, Inspector source, and static baseline files.

It should not ship local runtime artifacts from another repository, private reports, cache folders, or generated state from release QA.

  • Tools and validators
  • Quick-Start.md and documentation
  • Agent integration templates
  • Inspector source and static baseline assets
  • Provider manifests for free/core memory adapters
Release packager PROOF LINK

Release packager

Defines what enters the release archive.

// runtime

What is generated after import

Routing bundles, trust reports, freshness records, repair queues, PR summaries, search indexes, metrics, and local Inspector snapshots are generated from the target repository after install.

That distinction keeps the public package clean while still letting each repository build its own evidence-backed state.

// technical notes

Related research notes