W16: close CRITICAL/HIGH findings, integrate metadata gate, complete audit summaries (W16.1-W16.6)

- W16.1 (曹武): F-11.7-1 CLOSED — confirmed W12.4 fix, corrupt binary eliminated - W16.2 (孙宇): F-11.1-1 FIXED — context_plugin.cpp try/catch on set_max_tokens + on_shutdown - W16.3 (陈风): F-11.1-2 CLOSED — confirmed W12.1 fix, strdup OOM protection already in place - W16.4 (胡桐): Integrate check_agents_metadata into refresh_status.py as pre-gate (error→exit 1) - W16.5 (周岩): Add Findings Summary to W13.3 network audit, register 3 findings - W16.6 (赵码): Add Findings Summary to W13.1+W13.2 AI audits, register 8 findings (4 already W14-fixed) Build 0 error, ctest 4/4 pass, metadata check 0 error 0 warning. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 18:45:03 +08:00
parent f010af6c07
commit 6f492489c6
13 changed files with 179 additions and 24 deletions
--- a/scripts/refresh_status.py
+++ b/scripts/refresh_status.py
@@ -25,6 +25,15 @@ for _stream in (sys.stdout, sys.stderr):
    except Exception:
        pass

+# Metadata integrity checks (W16.4: import from check_agents_metadata as pre-gate)
+from check_agents_metadata import (
+    check_yaml_parse,
+    check_rating_range,
+    check_group_refs,
+    check_member_refs,
+    check_duplicate_ids,
+)
+

 # =============================================================================
 # Path resolution
@@ -389,6 +398,39 @@ def main():
        print(f'ERROR: agents/ directory not found at {agents_dir}', file=sys.stderr)
        sys.exit(1)

+    # ---- Metadata integrity pre-check (W16.4) ----
+    check_suites = [
+        ('C1', 'YAML parse',       check_yaml_parse),
+        ('C2', 'rating range',     check_rating_range),
+        ('C3', 'group refs',       check_group_refs),
+        ('C4', 'member refs',      check_member_refs),
+        ('C5', 'duplicate IDs',    check_duplicate_ids),
+    ]
+
+    all_findings = []
+    for code, label, fn in check_suites:
+        findings = fn(agents_dir)
+        all_findings.extend((code, label, f) for f in findings)
+
+    errors = [f for f in all_findings if f[2][0] == 'error']
+    warnings = [f for f in all_findings if f[2][0] == 'warn']
+
+    if errors:
+        for code, label, (sev, filepath, msg) in errors:
+            print(f'[{code}] ERROR: {filepath}: {msg}', file=sys.stderr)
+        for code, label, (sev, filepath, msg) in warnings:
+            print(f'[{code}] WARN: {filepath}: {msg}', file=sys.stderr)
+        print(f'\nMetadata check FAILED: {len(errors)} errors, {len(warnings)} warnings. '
+              f'Fix errors before generating STATUS.md.', file=sys.stderr)
+        sys.exit(1)
+    elif warnings:
+        for code, label, (sev, filepath, msg) in warnings:
+            print(f'[{code}] WARN: {filepath}: {msg}', file=sys.stderr)
+        print(f'Metadata check: {len(warnings)} warning(s) found. '
+              f'Proceeding with STATUS.md generation.', file=sys.stderr)
+    else:
+        print('OK: All 5 metadata checks passed.', file=sys.stderr)
+
    # ---- Scan profiles ----
    profiles = []
    for child in sorted(agents_dir.iterdir()):