chore(repo): add public metadata and CI

.github/workflows/ci.yml

@@ -0,0 +1,31 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  deterministic-tests:
+    runs-on: ubuntu-24.04
+    timeout-minutes: 20
+
+    steps:
+      - name: Checkout
+        # pinned from actions/checkout@v4
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
+        with:
+          fetch-depth: 0
+
+      - name: Tool versions
+        run: |
+          rustc --version
+          cargo --version
+          python3 --version
+
+      - name: Run deterministic tests
+        run: bash scripts/run-deterministic-tests.sh

Cargo.toml

@@ -3,6 +3,7 @@ name = "code-intel-kernel"
 version = "0.0.0"
 edition = "2021"
 description = "Local-first structural code intelligence kernel for agent evidence, repo maps, diagnostics, and typed memory."
+license = "MIT"
 publish = false
 
 [lib]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AI Engineering Lab - AgentOps Research
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -64,4 +64,16 @@ cargo test
 cargo clippy -- -D warnings
 ```
 
+The CI workflow runs the deterministic check bundle:
+
+```bash
+bash scripts/run-deterministic-tests.sh
+```
+
+## Security and License
+
+- Security reporting policy: `SECURITY.md`
+- Internal security notes: `docs/SECURITY.md`
+- License: MIT, see `LICENSE`
+
 The project is intentionally small and read-only first. Prefer explicit evidence and structured warnings over guesses.

SECURITY.md

@@ -0,0 +1,50 @@
+# Security policy
+
+Thanks for helping keep Code Intelligence Kernel and its users safe.
+
+This file is the public reporting policy.
+For internal trust-boundary notes and sensitive surfaces, see `docs/SECURITY.md`.
+
+## Supported versions
+
+Until Code Intelligence Kernel starts publishing an explicit support matrix, the
+**latest `main`** branch state and the **latest tagged release** are the primary
+supported lines for security fixes.
+
+Older releases may not receive patches.
+
+## Reporting a vulnerability
+
+Please **do not** open a public GitHub issue for suspected security problems.
+
+Instead:
+
+1. Use the private contact route listed on [skill7.dev](https://skill7.dev).
+2. Include the affected path, reproduction steps, impact, and any proposed fix.
+3. Share only the minimum reproduction needed to validate the issue.
+
+If you cannot reach maintainers privately, open a minimal public issue that asks
+for a private handoff **without** including exploit details, secrets, or proof of
+concept.
+
+## What to expect
+
+We will make a good-faith effort to:
+
+- acknowledge receipt within a reasonable time;
+- assess severity and affected versions;
+- coordinate remediation and disclosure timing where appropriate.
+
+## Scope reminders
+
+Security-sensitive areas include:
+
+- repository inspection and path-containment logic;
+- source slicing and LSP process boundaries;
+- Research Radar source collection and report normalization;
+- any change that widens what external providers or services receive.
+
+## Out of scope
+
+This policy is not a bug bounty program and does not create any right to
+compensation.

docs/SECURITY.md

@@ -0,0 +1,51 @@
+# Code Intelligence Kernel Security
+
+## Trust Boundaries
+
+- **Local deterministic boundary**: Rust CLI/library code under `src/`, fixture evaluation under `tests/`, and JSON contracts under `docs/`.
+- **Repository input boundary**: `inspect`, `impact`, `symbols`, `source-evidence`, and `source-context` read local repository files and must treat malformed or unsupported input as structured warnings.
+- **LSP process boundary**: `lsp-diagnostics` may start `rust-analyzer` and must keep requests read-only, bounded, path-contained, and unavailable-safe.
+- **Research Radar boundary**: `research-radar/bin/` may collect public-source metadata and must write only normalized reports/state, not raw payload dumps or runtime code.
+
+## Sensitive Surfaces
+
+| Surface | Why sensitive |
+| --- | --- |
+| `src/core/source_context.rs` | Returns source slices and enforces path containment, ignored paths, symlink, UTF-8, and size handling. |
+| `src/core/lsp_bridge.rs` | Starts and communicates with an external language-server process. |
+| `src/core/repo_graph.rs` | Reads manifests and workflow files from arbitrary repositories. |
+| `src/core/source_evidence.rs` | Assembles evidence candidates that downstream users could overinterpret as localization. |
+| `research-radar/bin/run_daily.py` | Performs public-source collection and records license/terms notes. |
+| `research-radar/bin/validate_reports.py` | Guards generated reports/state against raw payloads, oversized files, and obvious secret patterns. |
+| `.github/workflows/` | Controls automated validation on repository changes. |
+
+## Existing Controls
+
+- Runtime commands are read-only and must not mutate inspected repositories.
+- Missing evidence is represented explicitly instead of guessed.
+- `where-to-edit` remains `insufficient_evidence` until a dedicated localization gate passes.
+- SourceContext refuses path traversal, ignored/generated paths, symlinks, missing files, non-UTF8 files, and oversized slices with structured warnings.
+- LSP diagnostics has deterministic unavailable/path-safety eval cases and does not expose mutation-capable LSP methods.
+- Research Radar validation checks changed-path allowlists, JSON/JSONL validity, file size, and obvious secret patterns.
+
+## Secrets and Data Handling
+
+- Do not add real credentials, tokens, cookies, private keys, or sensitive PII to fixtures, reports, docs, prompts, or examples.
+- Do not commit raw external API payloads from Research Radar runs.
+- Do not widen external-service or provider data exposure without updating this document and the relevant contract docs.
+- Keep reports and diagnostics as evidence, not implementation triggers or edit instructions.
+
+## Security Review Triggers
+
+- Any change to path handling, ignored-path logic, symlink handling, or source slicing.
+- Any change to `src/core/lsp_bridge.rs` process lifecycle, timeout, request, or parsing behavior.
+- Any change that makes `where-to-edit`, SourceEvidence, SourceContext, or LSP output more localization-like.
+- Any change to Research Radar collection, validation, source config, or generated report/state boundaries.
+- Any CI workflow, dependency, install script, or public API change.
+
+## Minimum Security Evidence for Sensitive Changes
+
+- Add or update deterministic tests for security-relevant behavior changes.
+- Run the full deterministic test script before merge.
+- Update public contract docs when externally visible behavior changes.
+- Keep LSP, SourceContext, SourceEvidence, and Research Radar outputs explicit about limitations and missing evidence.

scripts/run-deterministic-tests.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+cargo fmt --check
+cargo test
+cargo clippy -- -D warnings
+cargo run --quiet -- eval-fixtures --json
+python3 research-radar/bin/validate_reports.py
+git diff --check

src/core/lsp_bridge.rs

@@ -527,10 +527,7 @@ fn wait_for_response(receiver: &mpsc::Receiver<Value>, id: u64, timeout: Duratio
 
 fn read_lsp_messages<R: Read>(reader: R, sender: mpsc::Sender<Value>) {
     let mut reader = BufReader::new(reader);
-    loop {
-        let Some(length) = read_content_length(&mut reader) else {
-            break;
-        };
+    while let Some(length) = read_content_length(&mut reader) {
         let mut body = vec![0; length];
         if reader.read_exact(&mut body).is_err() {
             break;