more audit work

src/__Libraries/StellaOps.Provcache/AGENTS.md

@@ -0,0 +1,28 @@
+# Provcache Core Library Charter
+
+## Mission
+- Provide core provenance cache primitives (VeriKey, DecisionDigest, chunking, invalidation, export/import).
+
+## Responsibilities
+- Keep cache keys, digests, and proof bundles deterministic (sorted inputs, invariant formatting, canonical JSON where required).
+- Enforce safe lazy evidence fetching (allowlisted schemes/hosts, timeouts, cancellation).
+- Maintain offline/air-gap compatibility and avoid network use unless explicitly configured.
+- Use injected TimeProvider/IGuidProvider for deterministic IDs and timestamps.
+
+## Required Reading
+- docs/modules/prov-cache/architecture.md
+- docs/modules/prov-cache/README.md
+- docs/modules/prov-cache/oci-attestation-verification.md
+- docs/modules/platform/architecture-overview.md
+
+## Working Directory & Scope
+- Primary: src/__Libraries/StellaOps.Provcache
+
+## Testing Expectations
+- Unit tests for VeriKey/DecisionDigest generation, chunking, merkle roots, and time window bucketing.
+- Tests for lazy fetcher allowlists, timeouts, and cancellation handling.
+- Tests for proof bundle signing, verification, and canonical JSON outputs.
+
+## Working Agreement
+- Update sprint status in docs/implplan/SPRINT_*.md and local TASKS.md.
+- Keep outputs deterministic and ASCII-only in comments and logs.

src/__Libraries/StellaOps.Provcache/TASKS.md

@@ -0,0 +1,10 @@
+# Provcache Core Task Board
+
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/permament/SPRINT_20251229_049_BE_csproj_audit_maint_tests.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| AUDIT-0101-M | DONE | Revalidated 2026-01-08; maintainability audit for Provcache core. |
+| AUDIT-0101-T | DONE | Revalidated 2026-01-08; test coverage audit for Provcache core. |
+| AUDIT-0101-A | TODO | Pending approval (revalidated 2026-01-08). |