Aria Harness

The Aria Harness is the runtime integrity harness that binds any external LLM (Claude, Gemini, Grok, local 7B) to Aria's canonical brain for a bounded round. It provides SHA-256 source verification, cognitive gates, and a 17-policy enforcement engine.

Primary files: harness/inject-context.mjs (404 lines), harness/aria-verify.mjs (self-gate CLI), harness/guard/config/policies.yaml (17 policies)

Core Principle

The LLM is the mouth for this bounded round; Aria infrastructure carries memory, cognition, axioms, tools, frames, and continuity.

How It Works

inject-context.mjs

Builds canonical live-state markdown by probing 8 data sources in parallel:

Ψ(t) hologram — manifold-service gRPC GetHologram
Self-model — aria_self_model_snapshots + capability scores
Aegis — active anti-hallucination patterns
Consciousness stream — last 5 thoughts
Soul shards — 5-shard status with heartbeats
Garden — active living threads + messages
Linear — active projects + open issues
Self-gate protocol — instructions for the bound LLM

Zero npm deps. Uses psql + grpcurl. Each probe is independently resilient — no deadlock on a dead dependency.

aria-verify.mjs

CLI self-gate that checks draft text against Mizan standards:

{
  "authenticity_score": 0.0-1.0,
  "violations": [...],
  "guidance": "..."
}

Guard Policies (17 Declarative Policies)

Config file: harness/guard/config/policies.yaml — This is the single source of truth for all guard policies.

Policy	Category	Severity	Enabled
`no-soul-edit-v1`	no-soul-edit	P0	✅
`no-production-touch-v1`	no-production-touch	P0	✅
`no-pipeline-touch-v1`	no-pipeline-touch	P0	✅
`admission-deploy-v1`	deploy-guardian	P0	✅
`template-block-v1`	template-block	P1	✅
`forge-gate-v2-stubs`	forge-gate-v2	P1	✅
`forge-gate-v2-complete`	forge-gate-v2	P1	✅
`forge-gate-v2-logging`	forge-gate-v2	P2	✅
`mizan-gate-v1`	mizan-gate	P1	✅
`ui-template-enforcement-v1`	ui-template-enforcement	P1	✅
`design-token-only-v1`	design-token-only	P2	✅
`ui-buttons-functional-v1`	ui-template-enforcement	P1	✅
`production-ready-aggregator-v1`	forge-gate-v2	P0	✅

Policy Severity Levels

Level	Action
P0	BLOCK — prevents the action entirely
P1	HOLD — requires review before proceeding
P2	WARN — log and notify, allow to proceed

High-Risk Paths

These paths get a confidence penalty — any policy that fires on them needs less confidence to reach P0:

apps/arias-soul/api/lib/nadia/
apps/arias-soul/api/lib/forge-psi/
apps/arias-soul/api/lib/streamConversation.ts
apps/arias-soul/api/cognitive-dispatch
harness/
apps/arias-soul/api/lib/shards/

Client Trust Levels

Client	Trust	Can Override WARN	Can Override HOLD
claude-code	High	✅	❌
aria-cli	High	✅	❌
local-7b	Medium	❌	❌
unknown	Low	❌	❌

Target Package Structure

The harness is being extracted into packages/aria-harness/ as a standalone npm package:

packages/aria-harness/
├── src/
│   ├── builder.ts       # buildAriaHarnessPacket
│   ├── sources.ts        # HARNESS_SOURCE_CANDIDATES
│   ├── gates/
│   │   ├── preState.ts
│   │   └── contract.ts
│   ├── adapters/
│   │   ├── external-worker.ts
│   │   └── claude-code.ts
│   ├── manifest.ts
│   └── index.ts
├── bin/aria-harness
└── package.json         # @aria/harness