SCIBASE-AI · AlonePenguin · Jun 1, 2026
diff --git a/enterprise-style-package-provenance-guard/README.md b/enterprise-style-package-provenance-guard/README.md
@@ -0,0 +1,18 @@
+# Enterprise Style Package Provenance Guard
+
+This module adds a focused Enterprise Tooling export-pipeline guard for journal and funder formatting plugins. It validates synthetic style packages before institution-scale JATS, DOCX, or LaTeX exports are released.
+
+The guard checks approved plugin versions, required export-format coverage, template checksum parity, citation-style parity, DOI/ORCID/version-history preservation, validation recency, reviewer signoff, generated output provenance digests, and private field leakage in style previews.
+
+## Commands
+
+```bash
+npm run check
+npm test
+npm run demo
+npm run verify-video
+```
+
+`npm run demo` writes reviewer artifacts to `reports/`, including JSON packets, a Markdown report, an SVG summary, and a short H.264 MP4 demo.
+
+Synthetic data only. No live repositories, journal systems, funder portals, credentials, private manuscripts, external APIs, payment systems, or payout-account settings are used.
diff --git a/enterprise-style-package-provenance-guard/demo.js b/enterprise-style-package-provenance-guard/demo.js
@@ -0,0 +1,50 @@
+const fs = require("node:fs");
+const path = require("node:path");
+const { evaluateStylePackage, renderMarkdownReport, renderSvgSummary } = require("./index");
+const { cleanPacket, riskyPacket } = require("./sample-data");
+
+const reportsDir = path.join(__dirname, "reports");
+fs.mkdirSync(reportsDir, { recursive: true });
+
+const cleanEvaluation = evaluateStylePackage(cleanPacket);
+const riskyEvaluation = evaluateStylePackage(riskyPacket);
+
+fs.writeFileSync(
+  path.join(reportsDir, "clean-style-package.json"),
+  `${JSON.stringify({ input: cleanPacket, evaluation: cleanEvaluation }, null, 2)}\n`
+);
+fs.writeFileSync(
+  path.join(reportsDir, "risky-style-package.json"),
+  `${JSON.stringify({ input: riskyPacket, evaluation: riskyEvaluation }, null, 2)}\n`
+);
+fs.writeFileSync(
+  path.join(reportsDir, "style-package-provenance-report.md"),
+  renderMarkdownReport(riskyPacket, riskyEvaluation)
+);
+fs.writeFileSync(
+  path.join(reportsDir, "summary.svg"),
+  renderSvgSummary(riskyEvaluation)
+);
+fs.writeFileSync(
+  path.join(reportsDir, "demo-script.txt"),
+  [
+    "Enterprise style package provenance guard demo",
+    "",
+    `Clean packet decision: ${cleanEvaluation.summary.decision}`,
+    `Clean audit digest: ${cleanEvaluation.summary.auditDigest}`,
+    "",
+    `Risky packet decision: ${riskyEvaluation.summary.decision}`,
+    `Risky finding count: ${riskyEvaluation.summary.findingCount}`,
+    `Risky audit digest: ${riskyEvaluation.summary.auditDigest}`,
+    "",
+    "The risky packet demonstrates a formatting plugin drift before JATS/DOCX/LaTeX export: unapproved plugin version, missing formats, checksum drift, citation mismatch, stale validation, missing signoff, metadata preservation gaps, and private preview-field leakage.",
+    ""
+  ].join("\n")
+);
+
+console.log(JSON.stringify({
+  cleanDecision: cleanEvaluation.summary.decision,
+  riskyDecision: riskyEvaluation.summary.decision,
+  riskyFindings: riskyEvaluation.summary.findingCount,
+  report: "reports/style-package-provenance-report.md"
+}, null, 2));