[Queued] Resolve carried-forward milestones M027, M028, M029, M031, M032

[keithah]

Roadmap source: kodiai-roadmap.md

This umbrella issue intentionally folds the previously queued milestones into one backlog item instead of creating five separate GitHub issues.

Covered milestones

M029 — Wiki Generation Quality & Issue Cleanup (already queued)

• Phase: Phase 1 — Stop the Bleeding

Context already lives at .gsd/milestones/M029/M029-CONTEXT.md. This roadmap does not redefine the scope; it confirms M029 is the first milestone to execute.

Acceptance criteria snapshot

• buildVoicePreservingPrompt() in src/knowledge/wiki-voice-analyzer.ts bans meta-commentary ("I'll analyze...", "Let me first...", "Looking at...") with explicit negative exemplars.
• Post-generation content filter rejects any candidate whose top-level prose matches agent-reasoning heuristics; rejections are logged and never published.
• xbmc/wiki issue Phase 14: write-intent gating (deny-by-default) #5 junk comments are deleted by scripts/cleanup-wiki-issue.ts with dry-run support.
• Full re-run of scripts/generate-wiki-updates.ts followed by scripts/publish-wiki-updates.ts produces zero reasoning-prose outputs against a fixture corpus and against live xbmc evidence.
• verify:m029 (umbrella) and any remaining slice verifiers pass; forbidden-evidence defense rejects any reappearance of banned phrases.

Open follow-up

Promote from queued to active in QUEUE.md when execution begins (see M054/S01).

M028 — Wiki Modification-Only Publishing (already queued)

• Phase: Phase 1 — Stop the Bleeding

Context at .gsd/milestones/M028/M028-CONTEXT.md.

Acceptance criteria snapshot

• src/knowledge/wiki-update-types.ts replaces suggestion+rationale shape with a modification-only artifact: { kind: "replace-section" | "insert-section" | "full-page"; pagePath; before?; after; citations[]; }.
• src/knowledge/wiki-publisher.ts emits the new shape; WHY: / rationale framing is removed from every publish path.
• Existing published wiki comments are retrofitted or annotated by a one-shot scripts/retrofit-wiki-comments.ts, with fixture coverage.
• Hybrid section/full-page publishing is chosen by a stable heuristic (section diff size + citation density) with tests.
• verify:m028 umbrella script passes; slice verifiers preserve the modification-only contract as forbidden-evidence checks (any WHY: token in a publish payload is a hard fail).

M027 — Embedding Integrity & Timeout Hardening (already queued)

• Phase: Phase 1 — Stop the Bleeding

Context at .gsd/milestones/M027/M027-CONTEXT.md. All four slices already have verify:m027:s01..s04 wired; this milestone is unusual in that its verify scaffolding exists but the code work has not shipped.

Acceptance criteria snapshot

• Audit surfaces stale/missing embeddings across learning_memories, review_comments, wiki_pages, code_snippets, issues, issue_comments corpora, emitting row-level evidence.
• Online repair/backfill scripts (including scripts/embedding-comparison.ts and scripts/embedding-audit.ts) complete within their declared timeouts; root cause for current timeouts documented in a new .gsd/DECISIONS.md entry.
• Query-time retrieval confirmed to actually consult embeddings (not fall back silently) via a proof-surface log tag.
• verify:m027:s01..s04 all pass on a live dry-run against xbmc/xbmc.

M031 — Security Hardening (already queued)

• Phase: Phase 4 — Security Hardening

Context at .gsd/milestones/M031/M031-CONTEXT.md. Summary per QUEUE.md: "Defense-in-depth against credential exfiltration: agent env allowlist, git remote token sanitization, outgoing secret scan on all publish paths, prompt-level refusal instructions, CLAUDE.md security policy in workspace."

Roadmap-level delta

• Outgoing secret scan applies to every publish path, including src/jobs/gist-publisher.ts (tested in M057/S03), Slack relay (M052 surface), wiki publisher (M028 output), and mention publish-resolution.
• verify:m031 script (already exists in package.json) must pass. Today it is wired but M031 has not been executed; promote to active.
• D-M053-01 (no new Function() in src/) is reconfirmed here as an enforced invariant.

M032 — Agent Process Isolation (already queued)

• Phase: Phase 4 — Security Hardening

Context at .gsd/milestones/M032/M032-CONTEXT.md.

Roadmap-level delta:

• verify:m032 (already registered) passes.
• The /proc//environ attack path called out in the context doc is explicitly covered by a proof-surface check (script inspects the live ACA job's env; orchestrator env is not reachable).

---

Phase 5 — Long-Tail Cleanup

Theme: Lower-priority housekeeping that makes the next year of work easier but doesn't block anything shipping.

Sequencing rationale: Run last; tolerate partial completion. If time is short, M060 can be skipped entirely and re-planned when specific knowledge-subsystem regressions surface.

Milestone	Title	Slices
M059	Script Registry & Orphan Audit	S01, S02
M060	Knowledge Subsystem Test Backfill	S01, S02

[keithah]

Prioritization note:

• Start this umbrella first.
• Execute the carried-forward milestones in this order: M029 -> M028 -> M027.
• Keep M031 and M032 inside this umbrella deferred until [M056] Migration Rollback Completeness #95 (M056), [M057] Core Handler & Webhook Test Backfill #96 (M057), and [M058] CI Workflow Hardening #97 (M058) are complete, because those close the rollback, test-coverage, and CI-gate gaps the security/isolation work depends on.

This issue is intentionally compact: it carries the previously queued milestones without exploding the backlog into five separate issues.