v2.2.0 - Community scripts, TOML source of truth, hardened validation

What's new in v2.2.0

5 new scripts closing community-requested issues

Issue #3 - Hard gate state files (genesis_state.py)
Phase 5 and Phase 6 gates are now machine-readable state files, not prose wishes.
Claude writes .genesis/phase-5-confirmed.json and .genesis/tests-passing.json before proceeding.

Issue #4 - Automated eval validation (eval_runner --mode validate)
Schema check on test_queries.json wired into CI. Catches eval drift before it ships.

Issue #5 - Single source of truth for folder structures (references/folder-structures.toml)
scaffold_generator.py now loads all 8 language/tier scaffold definitions from TOML. Removes 140-line hardcoded dict. Two sources can no longer drift.

Issue #6 - Mitigation coverage check (pitfall_coverage_check.py)
Mechanizes Phase 6 Step 6.5. Parses PITFALLS.md, walks src/, reports which mitigations are present in code and which are missing.

Issue #7 - genesis check command (genesis_subcommands.py)
Queries OSV.dev for CVEs against deps found in RESEARCH.md. Scans CI workflows for outdated action pins. JSON output with critical/warnings/info.

Security and robustness fixes

• scaffold_generator.py: path traversal via --name blocked with full input validation
• vault.py: atomic index write prevents partial corruption on crash
• drift_detector.py: baseline corruption recovery, bullet-list ADR parser, --help flag
• SonarCloud: 7 hotspots resolved with NOSONAR annotations on safe usages

Infrastructure

• Dependabot: all 4 GitHub Actions updated to latest major versions
• Branch protection: 5 required status checks on main
• 12 GitHub topics (was 8)

---

Install

# Claude Code
claude skills install maioio/genesis-architect

# Then use
genesis init "your project idea"

Full documentation: README