fix(p6-standard-names): scorecard transparency for domain_verbs; trim platform verbs

CLAUDE.md

@@ -142,14 +142,20 @@ deliberate commit, not a build-time artifact; the matrix is citable from outside
 
 ## Scorecard JSON fields
 
-`src/scorecard/mod.rs` emits `schema_version: "0.5"`. The schema evolves additively during the `0.x` pre-launch window;
+`src/scorecard/mod.rs` emits `schema_version: "0.8"`. The schema evolves additively during the `0.x` pre-launch window;
 consumers feature-detect each addition rather than pinning exact shape. Cumulative history:
 
 - `0.2`: `coverage_summary` (three-way `{must, should, may} × {total, verified}` counts), `audience`, `audit_profile`.
 - `0.3`: `spec_version` (vendored agentnative-spec version, sourced by `build.rs` from `src/principles/spec/VERSION`).
 - `0.4`: four top-level objects making the scorecard self-describing: `tool`, `anc`, `run`, `target`.
 - `0.5`: `badge` block surfacing agent-native badge eligibility, embed snippet, and badge/scorecard URLs derived from
   the live run.
+- `0.6`: 7-status taxonomy (`opt_out` and `n_a` added to `status`), matching counters in `summary`, `tier` on each
+  result, one result per requirement row instead of per-`audit_id`, antecedent propagation for conditional rows.
+- `0.7`: reserved bump for the role-based JSON-error-envelope validator reframe (PR #79). Shape unchanged from `0.6`.
+- `0.8`: optional `using_domain_verbs: bool` and `domain_match_count: usize` on each result row, populated when
+  `p6-standard-names` Passes via per-CLI `.anc.toml [p6] domain_verbs` recognition; Pass evidence string is populated
+  with the built-in vs domain ratio. Fields are absent (not `null`) from rows that did not consult `domain_verbs`.
 
 Existing field semantics:
 
@@ -202,10 +208,29 @@ Existing field semantics:
   appends a post-summary hint via `BadgeInfo::text_hint()` when `eligible`; the same `tool.name` is used for the slug so
   the JSON `embed_markdown` and the printed hint can never disagree.
 
+`0.8` addition (`MitigationInfo` carrier on `AuditResult`):
+
+- `MitigationInfo { using_domain_verbs, domain_match_count, domain_match_examples, builtin_match_count, subcommand_total
+  }` is attached to an `AuditResult` when the audit's verdict was assisted by a documented per-CLI opt-in. Today's only
+  producer is `src/audits/behavioral/standard_names.rs`: when `p6-standard-names` Passes because one or more subcommands
+  were recognized via `.anc.toml [p6] domain_verbs` (rather than the built-in `STANDARD_VERBS` list), the audit fills
+  `MitigationInfo` with the bifurcated match counts and the first `DOMAIN_MATCH_EXAMPLES_LIMIT` (5) matched domain-verb
+  names in encounter order.
+- `AuditResultView` surfaces two top-level fields derived from the carrier: `using_domain_verbs: Option<bool>` and
+  `domain_match_count: Option<usize>`. Both use `skip_serializing_if = "Option::is_none"` so they are absent from rows
+  that did not consult `domain_verbs`. The Pass row's `evidence` field is populated (rather than `null`) via
+  `format_pass_evidence(&mitigation)`; rows without mitigation keep the historical `evidence: null` on Pass.
+- The carrier shape is deliberately not audit-specific. Future audits that admit per-CLI mitigation (suppression profile
+  assistance, conditional-applicability config) can populate `MitigationInfo` with the same fields rather than growing
+  parallel typed carriers. The semantic contract is "this verdict depended on a self-declared opt-in; here is what
+  assisted."
+
 Always-present null contract: `tool.version`, `tool.binary`, `target.path`, `target.command` serialize as JSON `null`
 when not applicable, never as missing keys. Consumers can access these paths unconditionally. The exception is
 `audience_reason`, which uses `skip_serializing_if = "Option::is_none"`; its absence carries information (audience has a
-label).
+label). The `0.8` `using_domain_verbs` / `domain_match_count` fields follow the `audience_reason` pattern (absent when
+not applicable) — *not* the `tool.version` always-present-null pattern — because their absence is itself the signal that
+no mitigation was needed.
 
 Consumers (notably the site's `/score/<tool>` page) must feature-detect the new fields, since pre-`0.4` scorecards lack
 the four metadata blocks; pre-`0.5` scorecards lack `badge`. The site's `agentnative-site/registry.yaml` will eventually

schema/scorecard.schema.json

@@ -1,6 +1,6 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "$id": "https://anc.dev/scorecard-v0.7.schema.json",
+  "$id": "https://anc.dev/scorecard-v0.8.schema.json",
   "title": "agentnative scorecard",
   "description": "JSON Schema for `anc audit --output json` scorecards (schema version 0.7). Schema 0.7 introduces the 7-status taxonomy (`opt_out` and `n_a` added to `status`, with matching counters in `summary`), per-row emission (one result per requirement-row instead of per audit_id; `tier` and `audit_id` fields added to each result), and antecedent propagation for conditional requirements. See docs/plans/2026-05-21-001-feat-scorecard-fairness-taxonomy-plan.md in the agentnative-site repo for the full taxonomy rationale.",
   "type": "object",
@@ -23,7 +23,7 @@
     "schema_version": {
       "type": "string",
       "description": "Scorecard schema version. Pre-launch additive — consumers feature-detect new fields rather than pin to an exact value.",
-      "examples": ["0.7"]
+      "examples": ["0.8"]
     },
     "results": {
       "type": "array",
@@ -214,7 +214,7 @@
   },
   "examples": [
     {
-      "schema_version": "0.7",
+      "schema_version": "0.8",
       "results": [
         {
           "id": "p1-must-no-interactive",

src/audits/behavioral/about_long_about.rs

@@ -66,6 +66,7 @@ impl Audit for AboutLongAboutAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/actionable_errors.rs

@@ -69,6 +69,7 @@ impl Audit for ActionableErrorsAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/auto_verbosity.rs

@@ -79,6 +79,7 @@ impl Audit for AutoVerbosityAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Low,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/bad_args.rs

@@ -55,6 +55,7 @@ impl Audit for BadArgsAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/bundle_install.rs

@@ -54,6 +54,7 @@ impl Audit for BundleInstallAudit {
                 layer: self.layer(),
                 status: AuditStatus::Pass,
                 confidence: Confidence::High,
+                mitigation: None,
             });
         }
 
@@ -69,6 +70,7 @@ impl Audit for BundleInstallAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/bundle_update.rs

@@ -49,6 +49,7 @@ impl Audit for BundleUpdateAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/color_flag.rs

@@ -48,6 +48,7 @@ impl Audit for ColorFlagAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/consistent_envelope.rs

@@ -82,6 +82,7 @@ impl Audit for ConsistentEnvelopeAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/consistent_naming.rs

@@ -132,6 +132,7 @@ impl Audit for ConsistentNamingAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/cursor_pagination.rs

@@ -52,6 +52,7 @@ impl Audit for CursorPaginationAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/defaults_in_help.rs

@@ -50,6 +50,7 @@ impl Audit for DefaultsInHelpAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/env_hints.rs

@@ -53,6 +53,7 @@ impl Audit for EnvHintsAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/examples_subcommand.rs

@@ -48,6 +48,7 @@ impl Audit for ExamplesSubcommandAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/flag_existence.rs

@@ -84,6 +84,7 @@ impl Audit for FlagExistenceAudit {
                         .into(),
                 ),
                 confidence: Confidence::High,
+                mitigation: None,
             });
         }
 
@@ -113,6 +114,7 @@ impl Audit for FlagExistenceAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/force_yes.rs

@@ -74,6 +74,7 @@ impl Audit for ForceYesAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/help.rs

@@ -64,6 +64,7 @@ impl Audit for HelpAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/install_all.rs

@@ -51,6 +51,7 @@ impl Audit for InstallAllAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/json_aliases.rs

@@ -53,6 +53,7 @@ impl Audit for JsonAliasesAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/json_error_output.rs

@@ -66,6 +66,7 @@ impl Audit for JsonErrorOutputAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/json_errors.rs

@@ -261,6 +261,7 @@ impl Audit for JsonErrorsAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/json_output.rs

@@ -60,6 +60,7 @@ impl Audit for JsonOutputAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/limit_flag.rs

@@ -53,6 +53,7 @@ impl Audit for LimitFlagAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/mod.rs

@@ -35,7 +35,7 @@ mod rich_tui;
 mod schema_print;
 mod secret_non_leaky_path;
 mod sigpipe;
-mod standard_names;
+pub(crate) mod standard_names;
 mod stdin_input;
 mod structured_exit_codes;
 mod subcommand_examples;

src/audits/behavioral/more_formats.rs

@@ -54,6 +54,7 @@ impl Audit for MoreFormatsAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/no_color.rs

@@ -56,6 +56,7 @@ impl Audit for NoColorBehavioralAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/no_pager_behavioral.rs

@@ -57,6 +57,7 @@ impl Audit for NoPagerBehavioralAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/non_interactive.rs

@@ -107,6 +107,7 @@ impl Audit for NonInteractiveAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/paired_examples.rs

@@ -69,6 +69,7 @@ impl Audit for PairedExamplesAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/quiet.rs

@@ -53,6 +53,7 @@ impl Audit for QuietAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/raw_flag.rs

@@ -48,6 +48,7 @@ impl Audit for RawFlagAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/read_write_distinction.rs

@@ -61,6 +61,7 @@ impl Audit for ReadWriteDistinctionAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/rich_tui.rs

@@ -65,6 +65,7 @@ impl Audit for RichTuiAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/schema_print.rs

@@ -76,6 +76,7 @@ impl Audit for SchemaPrintAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/secret_non_leaky_path.rs

@@ -85,6 +85,7 @@ impl Audit for SecretNonLeakyPathAudit {
             layer: self.layer(),
             status,
             confidence: Confidence::Medium,
+            mitigation: None,
         })
     }
 }

src/audits/behavioral/sigpipe.rs

@@ -49,6 +49,7 @@ impl Audit for SigpipeAudit {
             layer: AuditLayer::Behavioral,
             status,
             confidence: Confidence::High,
+            mitigation: None,
         })
     }
 }