Runtime critics and red team
What you'll find here
The two typed review-input contracts —
craik.runtime_critic_finding and craik.red_team_finding. Both are
reviewable signals, not authoritative decisions.
Reviewable signals until adjudicated.
Both contracts set authoritative to false. They become settled
only after an adjudication record accepts, rejects, revises, or defers
them.
Runtime critic findings
craik.runtime_critic_finding captures quality issues found before
accepting a major output, handoff, or memory write.
Unsupported claims
Policy violations
Scope drift
Missing validation
Stale evidence
Missing handoffs
Unredacted sensitive content
Risky memory writes
Preserved fields: severity · rationale · affected artifacts · evidence ids · proposed actions · review status · optional adjudication link.
Required evidence.
High and critical critic findings must include proposed actions. Findings about unsupported claims or stale evidence must include evidence ids.
Red-team findings
craik.red_team_finding captures adversarial review results for
high-risk work.
Prompt injection
Privilege escalation
Data exfiltration
Destructive action
Policy bypass
Memory poisoning
Adversarial input
Other attack paths
A blocker must be high or critical severity and must include proposed actions.
Authority boundary
Surface, don't settle.
Callers surface reviewable blockers before durable handoffs or memory promotion — but they do not treat finding text as settled fact without adjudication.